Merge branch '399-dlerror-thread-safety' into 'master'

gmodule: Add locking around dlerror() for some libc implementations Closes #399 See merge request GNOME/glib!2122
2025-02-27 04:32:15 +01:00 · 2021-05-28 10:02:59 +00:00 · 2021-05-28 10:02:59 +00:00 · 0d7f3e74e0
commit 0d7f3e74e0
parent 0c8740dc83 483843c282
1 changed files with 49 additions and 5 deletions
--- a/gmodule/gmodule-dl.c
+++ b/gmodule/gmodule-dl.c
@ -28,6 +28,7 @@
 #include "config.h"
 #include <dlfcn.h>
 #include <glib.h>
 /* Perl includes <nlist.h> and <link.h> instead of <dlfcn.h> on some systems? */
@ -73,11 +74,46 @@
 #endif	/* RTLD_GLOBAL */
-/* --- functions --- */
+/* According to POSIX.1-2001, dlerror() is not necessarily thread-safe
-static gchar*
+ * (see https://pubs.opengroup.org/onlinepubs/009695399/), and so must be
 * called within the same locked section as the dlopen()/dlsym() call which
 * may have caused an error.
 *
 * However, some libc implementations, such as glibc, implement dlerror() using
 * thread-local storage, so are thread-safe. As of early 2021:
 *  - glibc is thread-safe: https://github.com/bminor/glibc/blob/master/dlfcn/libc_dlerror_result.c
 *  - uclibc-ng is not thread-safe: https://cgit.uclibc-ng.org/cgi/cgit/uclibc-ng.git/tree/ldso/libdl/libdl.c?id=132decd2a043d0ccf799f42bf89f3ae0c11e95d5#n1075
 *  - Other libc implementations have not been checked, and no problems have
 *    been reported with them in 10 years, so default to assuming that they
 *    don’t need additional thread-safety from GLib
 */
 #if defined(__UCLIBC__)
 G_LOCK_DEFINE_STATIC (errors);
 #else
 #define DLERROR_IS_THREADSAFE 1
 #endif
 static void
 lock_dlerror (void)
 {
 #ifndef DLERROR_IS_THREADSAFE
  G_LOCK (errors);
 #endif
 }
 static void
 unlock_dlerror (void)
 {
 #ifndef DLERROR_IS_THREADSAFE
  G_UNLOCK (errors);
 #endif
 }
 /* This should be called with lock_dlerror() held */
 static const gchar *
 fetch_dlerror (gboolean replace_null)
 {
-  gchar *msg = dlerror ();
+  const gchar *msg = dlerror ();
  /* make sure we always return an error message != NULL, if
   * expected to do so. */
@ -95,10 +131,12 @@ _g_module_open (const gchar *file_name,
 {
  gpointer handle;
  lock_dlerror ();
  handle = dlopen (file_name,
 		   (bind_local ? 0 : RTLD_GLOBAL) | (bind_lazy ? RTLD_LAZY : RTLD_NOW));
  if (!handle)
    g_module_set_error (fetch_dlerror (TRUE));
  unlock_dlerror ();
  return handle;
 }
@ -119,6 +157,7 @@ _g_module_self (void)
   * always returns 'undefined symbol'. Only if RTLD_DEFAULT or 
   * NULL is given, dlsym returns an appropriate pointer.
   */
  lock_dlerror ();
 #if defined(__BIONIC__)
  handle = RTLD_DEFAULT;
 #else
@ -126,6 +165,7 @@ _g_module_self (void)
 #endif
  if (!handle)
    g_module_set_error (fetch_dlerror (TRUE));
  unlock_dlerror ();
  return handle;
 }
@ -137,8 +177,10 @@ _g_module_close (gpointer handle)
  if (handle != RTLD_DEFAULT)
 #endif
    {
      lock_dlerror ();
      if (dlclose (handle) != 0)
-	g_module_set_error (fetch_dlerror (TRUE));
+        g_module_set_error (fetch_dlerror (TRUE));
      unlock_dlerror ();
    }
 }
@ -147,13 +189,15 @@ _g_module_symbol (gpointer     handle,
 		  const gchar *symbol_name)
 {
  gpointer p;
-  gchar *msg;
+  const gchar *msg;
  lock_dlerror ();
  fetch_dlerror (FALSE);
  p = dlsym (handle, symbol_name);
  msg = fetch_dlerror (FALSE);
  if (msg)
    g_module_set_error (msg);
  unlock_dlerror ();
  return p;
 }