string: strerror, strsignal cannot use buffer after dlmopen (bug 32026) - mirror/glibc - mirror of git://sourceware.org/git/glibc.git

diff options

author	Florian Weimer <fweimer@redhat.com>	2024-08-19 15:48:03 +0200
committer	Florian Weimer <fweimer@redhat.com>	2024-08-19 15:48:03 +0200
commit	25a5eb4010df94b412c67db9e346029de316d06b (patch)
tree	342bf741c5b97eeb89406cc609ca030856d8aef2 /sysdeps/i386/stpcpy.S
parent	e7c14e542d8d858b824b5df4f4e3dc93695e6171 (diff)
download	glibc-25a5eb4010df94b412c67db9e346029de316d06b.tar.gz glibc-25a5eb4010df94b412c67db9e346029de316d06b.tar.xz glibc-25a5eb4010df94b412c67db9e346029de316d06b.zip

string: strerror, strsignal cannot use buffer after dlmopen (bug 32026)

Secondary namespaces have a different malloc.  Allocating the
buffer in one namespace and freeing it another results in
heap corruption.  Fix this by using a static string (potentially
translated) in secondary namespaces.  It would also be possible
to use the malloc from the initial namespace to manage the
buffer, but these functions would still not be safe to use in
auditors etc. because a call to strerror could still free a
buffer while it is used by the application.  Another approach
could use proper initial-exec TLS, duplicated in secondary
namespaces, but that would need a callback interface for freeing
libc resources in namespaces on thread exit, which does not exist
today.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>

Diffstat (limited to 'sysdeps/i386/stpcpy.S')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: