Prevent crash in execve() if env is NULL

[coloredstderr/coloredstderr.git] / src / coloredstderr.c

diff --git a/src/coloredstderr.c b/src/coloredstderr.c
index e6f1f6aab30999a2ecb55b017dfe4ae171658e95..9161fc34f3deff694dba52eb07923fdde19bc4c2 100644 (file)
--- a/src/coloredstderr.c
+++ b/src/coloredstderr.c
@@ -2,7 +2,7 @@
  * Hook output functions (like printf(3)) with LD_PRELOAD to color stderr (or
  * other file descriptors).
  *
- * Copyright (C) 2013  Simon Ruderich
+ * Copyright (C) 2013-2018  Simon Ruderich
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -30,6 +30,10 @@
 # define NDEBUG
 #endif
 
+#ifndef TLS
+# define TLS
+#endif
+
 #include <assert.h>
 #include <errno.h>
 #include <fcntl.h>
@@ -85,8 +89,8 @@ static int used_fds_set_by_user;
  * If so don't print the pre/post string for the recursive calls. This is
  * necessary on some systems (e.g. FreeBSD 9.1) which call multiple hooked
  * functions while printing a string (e.g. a FILE * and a fd hook function is
- * called). */
-static int handle_recursive;
+ * called). This is not thread-safe if TLS is not available. */
+static TLS int handle_recursive;
 
 
 #include "constants.h"
@@ -322,7 +326,7 @@ HOOK_FILE2(int, __overflow, f, _IO_FILE *, f, int, ch)
 /* Same for FreeBSD's libc. However it's more aggressive: The inline writing
  * and __swbuf() are also used for normal output (e.g. putc()). Writing to
  * stderr is still fine; it always calls __swbuf() as stderr is always
- * unbufferd. */
+ * unbuffered. */
 #ifdef HAVE___SWBUF
 HOOK_FILE2(int, __swbuf, f, int, c, FILE *, f)
 #endif
@@ -371,7 +375,7 @@ static void error_vararg(int status, int errnum,
     if (error_one_per_line
             && filename != NULL && linenum != 0
             && filename == last_filename && linenum == last_linenum) {
-        return;
+        goto out;
     }
     last_filename = filename;
     last_linenum  = linenum;
@@ -404,6 +408,7 @@ static void error_vararg(int status, int errnum,
 
     fprintf(stderr, "\n");
 
+out:
     if (status != 0) {
         exit(status);
     }
@@ -529,11 +534,12 @@ pid_t vfork(void) {
      * isn't allowed to perform any memory-modifications before the exec()
      * (except the pid_t result variable of vfork()).
      *
-     * As some programs don't adhere to the standard (e.g. the "child" closes
-     * or dups a descriptor before the exec()) and this breaks our tracking of
-     * file descriptors (e.g. it gets closed in the parent as well), we just
-     * fork() instead. This is in compliance with the POSIX standard and as
-     * most systems use copy-on-write anyway not a performance issue. */
+     * As we have to store changes to the file descriptors in memory (e.g. the
+     * "child" closes or dups a descriptor before the exec()) and this
+     * modifies the parent as well due to the semantics of vfork() - thus
+     * breaking the requirements of vfork(), we just use fork instead(). This
+     * is in compliance with the POSIX standard and as most systems use
+     * copy-on-write anyway not a performance issue. */
     return fork();
 }
 #endif
@@ -548,6 +554,11 @@ pid_t vfork(void) {
 HOOK_FUNC_DEF3(int, execve, char const *, filename, char * const *, argv, char * const *, env) {
     DLSYM_FUNCTION(real_execve, "execve");
 
+    char * const fake_env[] = {NULL};
+    if (env == NULL) {
+        env = fake_env;
+    }
+
     /* Count environment variables. */
     size_t count = 0;
     char * const *x = env;