krb5 commit: Add finalization safety check to com_err
Greg Hudson
ghudson at mit.edu
Thu Mar 26 00:24:20 EDT 2020
https://github.com/krb5/krb5/commit/9d654aa05e26bbf22f140abde3436afeff2fdf8d
commit 9d654aa05e26bbf22f140abde3436afeff2fdf8d
Author: Jiri Sasek <Jiri.Sasek at Oracle.COM>
Date: Fri Mar 13 19:02:58 2020 +0100
Add finalization safety check to com_err
If the linker erroneously runs the libkrb5 finalizer after the
libcom_err finalizer, the consequent remove_error_table() calls could
crash due to accessing a destroyed mutex or an invalid et_list
pointer. Add an unsynchronized check on finalized in
remove_error_table(), and set et_list to null in com_err_terminate()
after destroying the list.
[ghudson at mit.edu: minimized code hanges; rewrote comment and commit
message]
ticket: 8890 (new)
src/util/et/error_message.c | 7 ++++++-
1 files changed, 6 insertions(+), 1 deletions(-)
diff --git a/src/util/et/error_message.c b/src/util/et/error_message.c
index d7069a9..7dc02a3 100644
--- a/src/util/et/error_message.c
+++ b/src/util/et/error_message.c
@@ -26,7 +26,7 @@
static struct et_list *et_list;
static k5_mutex_t et_list_lock = K5_MUTEX_PARTIAL_INITIALIZER;
-static int terminated = 0; /* for debugging shlib fini sequence errors */
+static int terminated = 0; /* for safety and finalization debugging */
MAKE_INIT_FUNCTION(com_err_initialize);
MAKE_FINI_FUNCTION(com_err_terminate);
@@ -69,6 +69,7 @@ void com_err_terminate(void)
enext = e->next;
free(e);
}
+ et_list = NULL;
k5_mutex_unlock(&et_list_lock);
k5_mutex_destroy(&et_list_lock);
terminated = 1;
@@ -280,6 +281,10 @@ remove_error_table(const struct error_table *et)
{
struct et_list **ep, *e;
+ /* Safety check in case libraries are finalized in the wrong order. */
+ if (terminated)
+ return ENOENT;
+
if (CALL_INIT_FUNCTION(com_err_initialize))
return 0;
k5_mutex_lock(&et_list_lock);
More information about the cvs-krb5
mailing list