Sun Apr 23 11:53:00 2023 UTC ()
dlopen(3): Read _rtld_objtail under the lock.

XXX pullup-8
XXX pullup-9
XXX pullup-10


(riastradh)
diff -r1.212 -r1.213 src/libexec/ld.elf_so/rtld.c
cvs diff -r1.212 -r1.213 src/libexec/ld.elf_so/rtld.c (expand / switch to unified diff)

--- src/libexec/ld.elf_so/rtld.c 2022/09/13 10:18:58 1.212
+++ src/libexec/ld.elf_so/rtld.c 2023/04/23 11:53:00 1.213
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: rtld.c,v 1.212 2022/09/13 10:18:58 riastradh Exp $ */ 1/* $NetBSD: rtld.c,v 1.213 2023/04/23 11:53:00 riastradh Exp $ */
2 2
3/* 3/*
4 * Copyright 1996 John D. Polstra. 4 * Copyright 1996 John D. Polstra.
5 * Copyright 1996 Matt Thomas <matt@3am-software.com> 5 * Copyright 1996 Matt Thomas <matt@3am-software.com>
6 * Copyright 2002 Charles M. Hannum <root@ihack.net> 6 * Copyright 2002 Charles M. Hannum <root@ihack.net>
7 * All rights reserved. 7 * All rights reserved.
8 * 8 *
9 * Redistribution and use in source and binary forms, with or without 9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions 10 * modification, are permitted provided that the following conditions
11 * are met: 11 * are met:
12 * 1. Redistributions of source code must retain the above copyright 12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer. 13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright 14 * 2. Redistributions in binary form must reproduce the above copyright
@@ -30,27 +30,27 @@ @@ -30,27 +30,27 @@
30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 30 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 31 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 32 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
33 */ 33 */
34 34
35/* 35/*
36 * Dynamic linker for ELF. 36 * Dynamic linker for ELF.
37 * 37 *
38 * John Polstra <jdp@polstra.com>. 38 * John Polstra <jdp@polstra.com>.
39 */ 39 */
40 40
41#include <sys/cdefs.h> 41#include <sys/cdefs.h>
42#ifndef lint 42#ifndef lint
43__RCSID("$NetBSD: rtld.c,v 1.212 2022/09/13 10:18:58 riastradh Exp $"); 43__RCSID("$NetBSD: rtld.c,v 1.213 2023/04/23 11:53:00 riastradh Exp $");
44#endif /* not lint */ 44#endif /* not lint */
45 45
46#include <sys/param.h> 46#include <sys/param.h>
47#include <sys/atomic.h> 47#include <sys/atomic.h>
48#include <sys/mman.h> 48#include <sys/mman.h>
49#include <err.h> 49#include <err.h>
50#include <errno.h> 50#include <errno.h>
51#include <fcntl.h> 51#include <fcntl.h>
52#include <lwp.h> 52#include <lwp.h>
53#include <stdarg.h> 53#include <stdarg.h>
54#include <stdio.h> 54#include <stdio.h>
55#include <stdlib.h> 55#include <stdlib.h>
56#include <string.h> 56#include <string.h>
@@ -1016,38 +1016,40 @@ __strong_alias(__dlerror,dlerror) @@ -1016,38 +1016,40 @@ __strong_alias(__dlerror,dlerror)
1016char * 1016char *
1017dlerror(void) 1017dlerror(void)
1018{ 1018{
1019 char *msg = error_message; 1019 char *msg = error_message;
1020 1020
1021 error_message = NULL; 1021 error_message = NULL;
1022 return msg; 1022 return msg;
1023} 1023}
1024 1024
1025__strong_alias(__dlopen,dlopen) 1025__strong_alias(__dlopen,dlopen)
1026void * 1026void *
1027dlopen(const char *name, int mode) 1027dlopen(const char *name, int mode)
1028{ 1028{
1029 Obj_Entry **old_obj_tail = _rtld_objtail; 1029 Obj_Entry **old_obj_tail;
1030 Obj_Entry *obj = NULL; 1030 Obj_Entry *obj = NULL;
1031 int flags = _RTLD_DLOPEN; 1031 int flags = _RTLD_DLOPEN;
1032 bool nodelete; 1032 bool nodelete;
1033 bool now; 1033 bool now;
1034 sigset_t mask; 1034 sigset_t mask;
1035 int result; 1035 int result;
1036 1036
1037 dbg(("dlopen of %s %d", name, mode)); 1037 dbg(("dlopen of %s %d", name, mode));
1038 1038
1039 _rtld_exclusive_enter(&mask); 1039 _rtld_exclusive_enter(&mask);
1040 1040
 1041 old_obj_tail = _rtld_objtail;
 1042
1041 flags |= (mode & RTLD_GLOBAL) ? _RTLD_GLOBAL : 0; 1043 flags |= (mode & RTLD_GLOBAL) ? _RTLD_GLOBAL : 0;
1042 flags |= (mode & RTLD_NOLOAD) ? _RTLD_NOLOAD : 0; 1044 flags |= (mode & RTLD_NOLOAD) ? _RTLD_NOLOAD : 0;
1043 1045
1044 nodelete = (mode & RTLD_NODELETE) ? true : false; 1046 nodelete = (mode & RTLD_NODELETE) ? true : false;
1045 now = ((mode & RTLD_MODEMASK) == RTLD_NOW) ? true : false; 1047 now = ((mode & RTLD_MODEMASK) == RTLD_NOW) ? true : false;
1046 1048
1047 _rtld_debug.r_state = RT_ADD; 1049 _rtld_debug.r_state = RT_ADD;
1048 _rtld_debug_state(); 1050 _rtld_debug_state();
1049 1051
1050 if (name == NULL) { 1052 if (name == NULL) {
1051 obj = _rtld_objmain; 1053 obj = _rtld_objmain;
1052 obj->refcount++; 1054 obj->refcount++;
1053 } else 1055 } else