Closed
Bug 186201
Opened 22 years ago
Closed 22 years ago
unix_rand.c: RNG_SystemInfoForRNG should handle a null 'environ' pointer.
Categories
(NSS :: Libraries, defect, P1)
Tracking
(Not tracked)
RESOLVED
FIXED
3.8
People
(Reporter: wtc, Assigned: wtc)
Details
Attachments
(1 file)
882 bytes,
patch
|
Details | Diff | Splinter Review |
It was reported that on Solaris if the main executable is built in a certain way and loads the NSS shared library dynamically (with dlopen), NSS may see the global 'environ' variable as a null pointer. Here is the description I received on how this can happen: The scenario is we have a primary executable and several optional "plug-ins" (dynamic libraries). To avoid name collisions, we changed the build to link the primary [executable] with the RTLD_GROUP flag. After we made this change, the [plug-ins that use environ] started to crash because [they] couldn't locate environ, [...] I haven't done an experiment to confirm this, but since the fix for this crash is simple, I think we should just fix it. By the way, I did an experiment to fork and exec a process passing NULL as the 'envp' (third) argument to execve(). The child process got a non-NULL 'environ' array whose first element is a null pointer.
Assignee | ||
Comment 1•22 years ago
|
||
Assignee | ||
Updated•22 years ago
|
Status: NEW → ASSIGNED
Priority: -- → P1
Target Milestone: --- → 3.8
Assignee | ||
Comment 2•22 years ago
|
||
Fix checked into the tip of NSS.
Status: ASSIGNED → RESOLVED
Closed: 22 years ago
Resolution: --- → FIXED
You need to log in
before you can comment on or make changes to this bug.
Description
•