Correct buffer end pointer in IO_wdefault_doallocate (BZ #26874)
[glibc.git] / elf / dl-minimal.c
blob4e7f11aeabb70f2d50cf767bc54a3c5237574b57
1 /* Minimal replacements for basic facilities used in the dynamic linker.
2 Copyright (C) 1995-2021 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <errno.h>
20 #include <limits.h>
21 #include <stdio.h>
22 #include <string.h>
23 #include <tls.h>
24 #include <unistd.h>
25 #include <sys/mman.h>
26 #include <sys/param.h>
27 #include <sys/types.h>
28 #include <ldsodefs.h>
29 #include <dl-irel.h>
30 #include <dl-hash.h>
31 #include <dl-sym-post.h>
32 #include <_itoa.h>
33 #include <malloc/malloc-internal.h>
35 #include <assert.h>
37 /* The rtld startup code calls __rtld_malloc_init_stubs after the
38 first self-relocation to adjust the pointers to the minimal
39 implementation below. Before the final relocation,
40 __rtld_malloc_init_real is called to replace the pointers with the
41 real implementation. */
42 __typeof (calloc) *__rtld_calloc attribute_relro;
43 __typeof (free) *__rtld_free attribute_relro;
44 __typeof (malloc) *__rtld_malloc attribute_relro;
45 __typeof (realloc) *__rtld_realloc attribute_relro;
47 /* Defined below. */
48 static __typeof (calloc) rtld_calloc;
49 static __typeof (free) rtld_free;
50 static __typeof (malloc) rtld_malloc;
51 static __typeof (realloc) rtld_realloc;
53 void
54 __rtld_malloc_init_stubs (void)
56 __rtld_calloc = &rtld_calloc;
57 __rtld_free = &rtld_free;
58 __rtld_malloc = &rtld_malloc;
59 __rtld_realloc = &rtld_realloc;
62 bool
63 __rtld_malloc_is_complete (void)
65 /* The caller assumes that there is an active malloc. */
66 assert (__rtld_malloc != NULL);
67 return __rtld_malloc != &rtld_malloc;
70 /* Lookup NAME at VERSION in the scope of MATCH. */
71 static void *
72 lookup_malloc_symbol (struct link_map *main_map, const char *name,
73 struct r_found_version *version)
76 const ElfW(Sym) *ref = NULL;
77 lookup_t result = _dl_lookup_symbol_x (name, main_map, &ref,
78 main_map->l_scope,
79 version, 0, 0, NULL);
81 assert (ELFW(ST_TYPE) (ref->st_info) != STT_TLS);
82 void *value = DL_SYMBOL_ADDRESS (result, ref);
84 return _dl_sym_post (result, ref, value, 0, main_map);
87 void
88 __rtld_malloc_init_real (struct link_map *main_map)
90 /* We cannot use relocations and initializers for this because the
91 changes made by __rtld_malloc_init_stubs break REL-style
92 (non-RELA) relocations that depend on the previous pointer
93 contents. Also avoid direct relocation depedencies for the
94 malloc symbols so this function can be called before the final
95 rtld relocation (which enables RELRO, after which the pointer
96 variables cannot be written to). */
98 struct r_found_version version;
99 version.name = symbol_version_string (libc, GLIBC_2_0);
100 version.hidden = 0;
101 version.hash = _dl_elf_hash (version.name);
102 version.filename = NULL;
104 void *new_calloc = lookup_malloc_symbol (main_map, "calloc", &version);
105 void *new_free = lookup_malloc_symbol (main_map, "free", &version);
106 void *new_malloc = lookup_malloc_symbol (main_map, "malloc", &version);
107 void *new_realloc = lookup_malloc_symbol (main_map, "realloc", &version);
109 /* Update the pointers in one go, so that any internal allocations
110 performed by lookup_malloc_symbol see a consistent
111 implementation. */
112 __rtld_calloc = new_calloc;
113 __rtld_free = new_free;
114 __rtld_malloc = new_malloc;
115 __rtld_realloc = new_realloc;
118 /* Minimal malloc allocator for used during initial link. After the
119 initial link, a full malloc implementation is interposed, either
120 the one in libc, or a different one supplied by the user through
121 interposition. */
123 static void *alloc_ptr, *alloc_end, *alloc_last_block;
125 /* Allocate an aligned memory block. */
126 static void *
127 rtld_malloc (size_t n)
129 if (alloc_end == 0)
131 /* Consume any unused space in the last page of our data segment. */
132 extern int _end attribute_hidden;
133 alloc_ptr = &_end;
134 alloc_end = (void *) 0 + (((alloc_ptr - (void *) 0)
135 + GLRO(dl_pagesize) - 1)
136 & ~(GLRO(dl_pagesize) - 1));
139 /* Make sure the allocation pointer is ideally aligned. */
140 alloc_ptr = (void *) 0 + (((alloc_ptr - (void *) 0) + MALLOC_ALIGNMENT - 1)
141 & ~(MALLOC_ALIGNMENT - 1));
143 if (alloc_ptr + n >= alloc_end || n >= -(uintptr_t) alloc_ptr)
145 /* Insufficient space left; allocate another page plus one extra
146 page to reduce number of mmap calls. */
147 caddr_t page;
148 size_t nup = (n + GLRO(dl_pagesize) - 1) & ~(GLRO(dl_pagesize) - 1);
149 if (__glibc_unlikely (nup == 0 && n != 0))
150 return NULL;
151 nup += GLRO(dl_pagesize);
152 page = __mmap (0, nup, PROT_READ|PROT_WRITE,
153 MAP_ANON|MAP_PRIVATE, -1, 0);
154 if (page == MAP_FAILED)
155 return NULL;
156 if (page != alloc_end)
157 alloc_ptr = page;
158 alloc_end = page + nup;
161 alloc_last_block = (void *) alloc_ptr;
162 alloc_ptr += n;
163 return alloc_last_block;
166 /* We use this function occasionally since the real implementation may
167 be optimized when it can assume the memory it returns already is
168 set to NUL. */
169 static void *
170 rtld_calloc (size_t nmemb, size_t size)
172 /* New memory from the trivial malloc above is always already cleared.
173 (We make sure that's true in the rare occasion it might not be,
174 by clearing memory in free, below.) */
175 size_t bytes = nmemb * size;
177 #define HALF_SIZE_T (((size_t) 1) << (8 * sizeof (size_t) / 2))
178 if (__builtin_expect ((nmemb | size) >= HALF_SIZE_T, 0)
179 && size != 0 && bytes / size != nmemb)
180 return NULL;
182 return malloc (bytes);
185 /* This will rarely be called. */
186 void
187 rtld_free (void *ptr)
189 /* We can free only the last block allocated. */
190 if (ptr == alloc_last_block)
192 /* Since this is rare, we clear the freed block here
193 so that calloc can presume malloc returns cleared memory. */
194 memset (alloc_last_block, '\0', alloc_ptr - alloc_last_block);
195 alloc_ptr = alloc_last_block;
199 /* This is only called with the most recent block returned by malloc. */
200 void *
201 rtld_realloc (void *ptr, size_t n)
203 if (ptr == NULL)
204 return malloc (n);
205 assert (ptr == alloc_last_block);
206 size_t old_size = alloc_ptr - alloc_last_block;
207 alloc_ptr = alloc_last_block;
208 void *new = malloc (n);
209 return new != ptr ? memcpy (new, ptr, old_size) : new;
212 /* Avoid signal frobnication in setjmp/longjmp. Keeps things smaller. */
214 #include <setjmp.h>
216 int weak_function
217 __sigjmp_save (sigjmp_buf env, int savemask __attribute__ ((unused)))
219 env[0].__mask_was_saved = 0;
220 return 0;
223 /* Define our own version of the internal function used by strerror. We
224 only provide the messages for some common errors. This avoids pulling
225 in the whole error list. */
227 char * weak_function
228 __strerror_r (int errnum, char *buf, size_t buflen)
230 char *msg;
232 switch (errnum)
234 case ENOMEM:
235 msg = (char *) "Cannot allocate memory";
236 break;
237 case EINVAL:
238 msg = (char *) "Invalid argument";
239 break;
240 case ENOENT:
241 msg = (char *) "No such file or directory";
242 break;
243 case EPERM:
244 msg = (char *) "Operation not permitted";
245 break;
246 case EIO:
247 msg = (char *) "Input/output error";
248 break;
249 case EACCES:
250 msg = (char *) "Permission denied";
251 break;
252 default:
253 /* No need to check buffer size, all calls in the dynamic linker
254 provide enough space. */
255 buf[buflen - 1] = '\0';
256 msg = _itoa (errnum, buf + buflen - 1, 10, 0);
257 msg = memcpy (msg - (sizeof ("Error ") - 1), "Error ",
258 sizeof ("Error ") - 1);
259 break;
262 return msg;
265 void
266 __libc_fatal (const char *message)
268 _dl_fatal_printf ("%s", message);
270 rtld_hidden_def (__libc_fatal)
272 void
273 __attribute__ ((noreturn))
274 __chk_fail (void)
276 _exit (127);
278 rtld_hidden_def (__chk_fail)
280 #ifndef NDEBUG
281 /* Define (weakly) our own assert failure function which doesn't use stdio.
282 If we are linked into the user program (-ldl), the normal __assert_fail
283 defn can override this one. */
285 void weak_function
286 __assert_fail (const char *assertion,
287 const char *file, unsigned int line, const char *function)
289 _dl_fatal_printf ("\
290 Inconsistency detected by ld.so: %s: %u: %s%sAssertion `%s' failed!\n",
291 file, line, function ?: "", function ? ": " : "",
292 assertion);
295 # ifndef NO_RTLD_HIDDEN
296 rtld_hidden_weak (__assert_fail)
297 # endif
299 void weak_function
300 __assert_perror_fail (int errnum,
301 const char *file, unsigned int line,
302 const char *function)
304 char errbuf[400];
305 _dl_fatal_printf ("\
306 Inconsistency detected by ld.so: %s: %u: %s%sUnexpected error: %s.\n",
307 file, line, function ?: "", function ? ": " : "",
308 __strerror_r (errnum, errbuf, sizeof errbuf));
311 # ifndef NO_RTLD_HIDDEN
312 rtld_hidden_weak (__assert_perror_fail)
313 # endif
314 #endif
316 #undef _itoa
317 /* We always use _itoa instead of _itoa_word in ld.so since the former
318 also has to be present and it is never about speed when these
319 functions are used. */
320 char *
321 _itoa (unsigned long long int value, char *buflim, unsigned int base,
322 int upper_case)
324 assert (! upper_case);
327 *--buflim = _itoa_lower_digits[value % base];
328 while ((value /= base) != 0);
330 return buflim;
333 /* The '_itoa_lower_digits' variable in libc.so is able to handle bases
334 up to 36. We don't need this here. */
335 const char _itoa_lower_digits[16] = "0123456789abcdef";
336 rtld_hidden_data_def (_itoa_lower_digits)
338 /* The following is not a complete strsep implementation. It cannot
339 handle empty delimiter strings. But this isn't necessary for the
340 execution of ld.so. */
341 #undef strsep
342 #undef __strsep
343 char *
344 __strsep (char **stringp, const char *delim)
346 char *begin;
348 assert (delim[0] != '\0');
350 begin = *stringp;
351 if (begin != NULL)
353 char *end = begin;
355 while (*end != '\0' || (end = NULL))
357 const char *dp = delim;
360 if (*dp == *end)
361 break;
362 while (*++dp != '\0');
364 if (*dp != '\0')
366 *end++ = '\0';
367 break;
370 ++end;
373 *stringp = end;
376 return begin;
378 weak_alias (__strsep, strsep)
379 strong_alias (__strsep, __strsep_g)