From: Rich Felker Date: Sun, 11 Aug 2019 15:48:06 +0000 (-0400) Subject: ldso: fix calloc misuse allocating initial tls X-Git-Url: http://nsz.repo.hu/git/?a=commitdiff_plain;h=ffab43602b5900c86b7040abdda8ccf6cdec95f5;p=musl ldso: fix calloc misuse allocating initial tls this is analogous to commit 2f1f51ae7b2d78247568e7fdb8462f3c19e469a4, and should have been caught at the same time since it was right next to the code moved in that commit. between final stage 3 reloc_all and the jump to the main program's entry point, it is not valid to call any functions which may be interposed by the application; doing so results in execution of application code before ctors have run, and on fdpic archs, before the main program's fdpic self-fixups have taken place, which will produce runaway wrong execution. --- diff --git a/ldso/dynlink.c b/ldso/dynlink.c index d1edb131..93ef3633 100644 --- a/ldso/dynlink.c +++ b/ldso/dynlink.c @@ -1874,11 +1874,8 @@ void __dls3(size_t *sp) * code can see to perform. */ main_ctor_queue = queue_ctors(&app); - /* The main program must be relocated LAST since it may contin - * copy relocations which depend on libraries' relocations. */ - reloc_all(app.next); - reloc_all(&app); - + /* Initial TLS must also be allocated before final relocations + * might result in calloc being a call to application code. */ update_tls_size(); if (libc.tls_size > sizeof builtin_tls || tls_align > MIN_TLS_ALIGN) { void *initial_tls = calloc(libc.tls_size, 1); @@ -1902,6 +1899,11 @@ void __dls3(size_t *sp) } static_tls_cnt = tls_cnt; + /* The main program must be relocated LAST since it may contin + * copy relocations which depend on libraries' relocations. */ + reloc_all(app.next); + reloc_all(&app); + if (ldso_fail) _exit(127); if (ldd_mode) _exit(0);