diff options
author | Patsy Franklin <pfrankli@redhat.com> | 2017-08-29 15:53:28 +0200 |
---|---|---|
committer | Florian Weimer <fweimer@redhat.com> | 2017-08-29 15:53:28 +0200 |
commit | 1cf1232cd4721dc155a5cf7d571e5b1dae506430 (patch) | |
tree | bb78b85294b07816b899e8ecac58b9bc5a41475a /iconv | |
parent | f11f2f6e145d6fc6b52f6b0733599f8b96595733 (diff) | |
download | glibc-1cf1232cd4721dc155a5cf7d571e5b1dae506430.zip glibc-1cf1232cd4721dc155a5cf7d571e5b1dae506430.tar.gz glibc-1cf1232cd4721dc155a5cf7d571e5b1dae506430.tar.bz2 |
gconv: Consistently mangle NULL function pointers [BZ #22025]
Not mangling NULL pointers is not safe because with very low
probability, a non-NULL function pointer can turn into a NULL pointer
after mangling.
Diffstat (limited to 'iconv')
-rw-r--r-- | iconv/gconv_cache.c | 11 | ||||
-rw-r--r-- | iconv/gconv_db.c | 41 | ||||
-rw-r--r-- | iconv/gconv_dl.c | 6 |
3 files changed, 23 insertions, 35 deletions
diff --git a/iconv/gconv_cache.c b/iconv/gconv_cache.c index d6a47de..7d2751a 100644 --- a/iconv/gconv_cache.c +++ b/iconv/gconv_cache.c @@ -207,17 +207,16 @@ find_module (const char *directory, const char *filename, result->__data = NULL; /* Call the init function. */ - if (result->__init_fct != NULL) - { - __gconv_init_fct init_fct = result->__init_fct; + __gconv_init_fct init_fct = result->__init_fct; #ifdef PTR_DEMANGLE - PTR_DEMANGLE (init_fct); + PTR_DEMANGLE (init_fct); #endif + if (init_fct != NULL) + { status = DL_CALL_FCT (init_fct, (result)); #ifdef PTR_MANGLE - if (result->__btowc_fct != NULL) - PTR_MANGLE (result->__btowc_fct); + PTR_MANGLE (result->__btowc_fct); #endif } } diff --git a/iconv/gconv_db.c b/iconv/gconv_db.c index 7893fad..b748467 100644 --- a/iconv/gconv_db.c +++ b/iconv/gconv_db.c @@ -179,16 +179,15 @@ free_derivation (void *p) size_t cnt; for (cnt = 0; cnt < deriv->nsteps; ++cnt) - if (deriv->steps[cnt].__counter > 0 - && deriv->steps[cnt].__end_fct != NULL) + if ((deriv->steps[cnt].__counter > 0) + && (deriv->steps[cnt].__shlib_handle != NULL)) { - assert (deriv->steps[cnt].__shlib_handle != NULL); - __gconv_end_fct end_fct = deriv->steps[cnt].__end_fct; #ifdef PTR_DEMANGLE PTR_DEMANGLE (end_fct); #endif - DL_CALL_FCT (end_fct, (&deriv->steps[cnt])); + if (end_fct != NULL) + DL_CALL_FCT (end_fct, (&deriv->steps[cnt])); } /* Free the name strings. */ @@ -212,16 +211,12 @@ __gconv_release_step (struct __gconv_step *step) if (step->__shlib_handle != NULL && --step->__counter == 0) { /* Call the destructor. */ - if (step->__end_fct != NULL) - { - assert (step->__shlib_handle != NULL); - - __gconv_end_fct end_fct = step->__end_fct; + __gconv_end_fct end_fct = step->__end_fct; #ifdef PTR_DEMANGLE - PTR_DEMANGLE (end_fct); + PTR_DEMANGLE (end_fct); #endif - DL_CALL_FCT (end_fct, (step)); - } + if (end_fct != NULL) + DL_CALL_FCT (end_fct, (step)); #ifndef STATIC_GCONV /* Release the loaded module. */ @@ -313,13 +308,11 @@ gen_steps (struct derivation_step *best, const char *toset, /* Call the init function. */ __gconv_init_fct init_fct = result[step_cnt].__init_fct; - if (init_fct != NULL) - { - assert (result[step_cnt].__shlib_handle != NULL); - # ifdef PTR_DEMANGLE - PTR_DEMANGLE (init_fct); + PTR_DEMANGLE (init_fct); # endif + if (init_fct != NULL) + { status = DL_CALL_FCT (init_fct, (&result[step_cnt])); if (__builtin_expect (status, __GCONV_OK) != __GCONV_OK) @@ -332,8 +325,7 @@ gen_steps (struct derivation_step *best, const char *toset, } # ifdef PTR_MANGLE - if (result[step_cnt].__btowc_fct != NULL) - PTR_MANGLE (result[step_cnt].__btowc_fct); + PTR_MANGLE (result[step_cnt].__btowc_fct); # endif } } @@ -415,16 +407,15 @@ increment_counter (struct __gconv_step *steps, size_t nsteps) /* Call the init function. */ __gconv_init_fct init_fct = step->__init_fct; - if (init_fct != NULL) - { #ifdef PTR_DEMANGLE - PTR_DEMANGLE (init_fct); + PTR_DEMANGLE (init_fct); #endif + if (init_fct != NULL) + { DL_CALL_FCT (init_fct, (step)); #ifdef PTR_MANGLE - if (step->__btowc_fct != NULL) - PTR_MANGLE (step->__btowc_fct); + PTR_MANGLE (step->__btowc_fct); #endif } } diff --git a/iconv/gconv_dl.c b/iconv/gconv_dl.c index 2418362..d7dbba9 100644 --- a/iconv/gconv_dl.c +++ b/iconv/gconv_dl.c @@ -131,10 +131,8 @@ __gconv_find_shlib (const char *name) #ifdef PTR_MANGLE PTR_MANGLE (found->fct); - if (found->init_fct != NULL) - PTR_MANGLE (found->init_fct); - if (found->end_fct != NULL) - PTR_MANGLE (found->end_fct); + PTR_MANGLE (found->init_fct); + PTR_MANGLE (found->end_fct); #endif /* We have succeeded in loading the shared object. */ |