Add finalization safety check to com_err

2020-03-26 10:20:02 -04:00 · 2020-03-26 10:20:02 -04:00 · dd7e9481aa
commit dd7e9481aa
parent 5c9732a545
2 changed files with 58 additions and 1 deletions
--- a/Add-finalization-safety-check-to-com_err.patch
+++ b/Add-finalization-safety-check-to-com_err.patch
@ -0,0 +1,53 @@
+From 7d375a59fb36cc5ef8dd87895b83e9dfccc57058 Mon Sep 17 00:00:00 2001
+From: Jiri Sasek <Jiri.Sasek@Oracle.COM>
+Date: Fri, 13 Mar 2020 19:02:58 +0100
+Subject: [PATCH] Add finalization safety check to com_err
+
+If the linker erroneously runs the libkrb5 finalizer after the
+libcom_err finalizer, the consequent remove_error_table() calls could
+crash due to accessing a destroyed mutex or an invalid et_list
+pointer.  Add an unsynchronized check on finalized in
+remove_error_table(), and set et_list to null in com_err_terminate()
+after destroying the list.
+
+[ghudson@mit.edu: minimized code hanges; rewrote comment and commit
+message]
+
+ticket: 8890 (new)
+(cherry picked from commit 9d654aa05e26bbf22f140abde3436afeff2fdf8d)
+---
+ src/util/et/error_message.c | 7 ++++++-
+ 1 file changed, 6 insertions(+), 1 deletion(-)
+
+diff --git a/src/util/et/error_message.c b/src/util/et/error_message.c
+index d7069a9df..7dc02a34e 100644
+--- a/src/util/et/error_message.c
+++ b/src/util/et/error_message.c
+@@ -26,7 +26,7 @@
+ 
+ static struct et_list *et_list;
+ static k5_mutex_t et_list_lock = K5_MUTEX_PARTIAL_INITIALIZER;
+-static int terminated = 0;      /* for debugging shlib fini sequence errors */
+static int terminated = 0;      /* for safety and finalization debugging */
+ 
+ MAKE_INIT_FUNCTION(com_err_initialize);
+ MAKE_FINI_FUNCTION(com_err_terminate);
+@@ -69,6 +69,7 @@ void com_err_terminate(void)
+         enext = e->next;
+         free(e);
+     }
+    et_list = NULL;
+     k5_mutex_unlock(&et_list_lock);
+     k5_mutex_destroy(&et_list_lock);
+     terminated = 1;
+@@ -280,6 +281,10 @@ remove_error_table(const struct error_table *et)
+ {
+     struct et_list **ep, *e;
+ 
+    /* Safety check in case libraries are finalized in the wrong order. */
+    if (terminated)
+        return ENOENT;
+
+     if (CALL_INIT_FUNCTION(com_err_initialize))
+         return 0;
+     k5_mutex_lock(&et_list_lock);
--- a/krb5.spec
+++ b/krb5.spec
@ -18,7 +18,7 @@ Summary: The Kerberos network authentication system
 Name: krb5
 Version: 1.18
 # for prerelease, should be e.g., 0.% {prerelease}.1% { ?dist } (without spaces)
-Release: 7%{?dist}
+Release: 8%{?dist}

 # rharwood has trust path to signing key and verifies on check-in
 Source0: https://web.mit.edu/kerberos/dist/krb5/1.18/krb5-%{version}%{prerelease}.tar.gz
@ -55,6 +55,7 @@ Patch9: Allow-certauth-modules-to-set-hw-authent-flag.patch
 Patch10: Allow-deletion-of-require_auth-with-LDAP-KDB.patch
 Patch11: Refresh-manually-acquired-creds-from-client-keytab.patch
 Patch12: Document-client-keytab-usage.patch
+Patch13: Add-finalization-safety-check-to-com_err.patch

 License: MIT
 URL: https://web.mit.edu/kerberos/www/
@ -632,6 +633,9 @@ exit 0
 %{_libdir}/libkadm5srv_mit.so.*

 %changelog
+* Thu Mar 26 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-8
+- Add finalization safety check to com_err
+
 * Fri Mar 20 2020 Robbie Harwood <rharwood@redhat.com> - 1.18-7
 - Add maximum openssl version in preparation for openssl 3