sourceware.org Git - glibc.git/commit

author	Florian Weimer <fweimer@redhat.com>
	Wed, 22 Jan 2025 12:48:56 +0000 (13:48 +0100)
committer	Florian Weimer <fweimer@redhat.com>
	Thu, 23 Jan 2025 16:43:15 +0000 (17:43 +0100)
commit	b62759db04b8ed7f829c06f1d7c3b8fb70616493
tree	ec0a519968d10625281774ffe06ed73ad0feaa6f	tree
parent	76c3f7f81b7b99fedbff6edc07cddff59e2ae6e2	commit \| diff

stdlib: Support malloc-managed environ arrays for compatibility

Some applications set environ to a heap-allocated pointer, call
setenv (expecting it to call realloc), free environ, and then
restore the original environ pointer.  This breaks after
commit 7a61e7f557a97ab597d6fca5e2d1f13f65685c61 ("stdlib: Make
getenv thread-safe in more cases") because after the setenv call,
the environ pointer does not point to the start of a heap allocation.
Instead, setenv creates a separate allocation and changes environ
to point into that.  This means that the free call in the application
results in heap corruption.

The interim approach was more compatible with other libcs because
it does not assume that the incoming environ pointer is allocated
as if by malloc (if it was written by the application).  However,
it seems to be more important to stay compatible with previous
glibc version: assume the incoming pointer is heap allocated,
and preserve this property after setenv calls.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

csu/init-first.c		diff \| blob \| blame \| history
csu/libc-start.c		diff \| blob \| blame \| history
include/unistd.h		diff \| blob \| blame \| history
posix/environ.c		diff \| blob \| blame \| history
stdlib/Makefile		diff \| blob \| blame \| history
stdlib/setenv.c		diff \| blob \| blame \| history
stdlib/tst-setenv-malloc.c	[new file with mode: 0644]	blob