stdlib: Fix qsort memory leak if callback throws (BZ 32058)

If the input buffer exceeds the stack auxiliary buffer, qsort will
malloc a temporary one to call mergesort.  Since C++ standard does
allow the callback comparison function to throw [1], the glibc
implementation can potentially leak memory.

The fixes uses a pthread_cleanup_combined_push and
pthread_cleanup_combined_pop, so it can work with and without
exception enables.  The qsort code path that calls malloc now
requires some extra setup and a call to __pthread_cleanup_push
anmd __pthread_cleanup_pop (which should be ok since they just
setup some buffer state).

Checked on x86_64-linux-gnu.

[1] https://timsong-cpp.github.io/cppwp/n4950/alg.c.library#4

Reviewed-by: DJ Delorie <dj@redhat.com>

1 files changed, 4 insertions, 4 deletions

diff --git a/sysdeps/nptl/pthreadP.h b/sysdeps/nptl/pthreadP.h
index 2d620ed..8f25696 100644
--- a/sysdeps/nptl/pthreadP.h
+++ b/sysdeps/nptl/pthreadP.h
@@ -588,10 +588,10 @@ struct __pthread_cleanup_combined_frame
 
 /* Special cleanup macros which register cleanup both using
    __pthread_cleanup_{push,pop} and using cleanup attribute.  This is needed
-   for pthread_once, so that it supports both throwing exceptions from the
-   pthread_once callback (only cleanup attribute works there) and cancellation
-   of the thread running the callback if the callback or some routines it
-   calls don't have unwind information.  */
+   for pthread_once and qsort, so that it supports both throwing exceptions
+   from the pthread_once or caller sort function callback (only cleanup
+   attribute works there) and cancellation of the thread running the callback
+   if the callback or some routines it calls don't have unwind information.  */
 
 static __always_inline void
 __pthread_cleanup_combined_routine (struct __pthread_cleanup_combined_frame