Zsh Mailing List Archive Messages sorted by: Reverse Date, Date, Thread, Author

Re: [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes

X-seq: zsh-workers 51828
From: Marcus Müller <marcus_zsh@xxxxxxxxxxx>
To: Philippe Troin <phil@xxxxxxxx>, Marcus Müller <marcus_zsh@xxxxxxxxxxx>, zsh-workers@xxxxxxx
Subject: Re: [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes
Date: Mon, 5 Jun 2023 21:35:42 +0200
Archived-at: <https://zsh.org/workers/51828>
In-reply-to: <027f2a491b638e2ffaf7766fe4adf29537c11fdf.camel@fifi.org>
List-id: <zsh-workers.zsh.org>
References: <afe7b7c7-0e47-26be-0d6d-7f7ca5891108@hostalia.de> <a9055641-4eb8-5d8f-229a-b38dbc63f706@hostalia.de> <027f2a491b638e2ffaf7766fe4adf29537c11fdf.camel@fifi.org>

Hi Phil,

thanks for the follow-up:

On 6/4/23 23:17, Philippe Troin wrote:

Interestingly:
    % zsh -f
    % echo $ZSH_VERSION
    5.9
    % rpm -q zsh
    zsh-5.9-5.fc38.x86_64
    % zmodload zsh/zftp
    zsh: failed to load module `zsh/zftp': /usr/lib64/zsh/5.9/zsh/zftp.so: undefined symbol: freehostent
    % autoload zfinit
    % zfinit
    % zmodload zsh/zftp

ah, ok, that's how it's supposed to work? Shouldn't the module then nottrigger some warning or specific error on load, before the dynamicloader runs and fails?

freehostent is defined in zsh/net/tcp:

    % nm --dynamic /usr/lib64/zsh/5.9/zsh/net/tcp.so| grep freehostent
    00000000000027c0 T freehostent


Hui. Looking into tcp.c:197, that function is

---

/**/
mod_export void
freehostent(UNUSED(struct hostent *ptr))
{
}

---

Why is that not calling `free`? Oh, very simple, because above, thecomment near the getipnodebyname implementation says:


---

/* note: this is not a complete implementation.  If ignores the flags,
   and does not provide the memory allocation of the standard interface.
   Each returned structure will overwrite the previous one. */

---

Ah, so we're exporting and thus overwriting a symbol that overwrites apointer by the name of an existing libc function with a "overridespotentially unowned memory" one?


That sounds a tad undesirable in the grander scheme of things :)

Since the only use of this function pair (zsh_getipnodebyname,freehostent) is to be used internally in zfinit'ed modules, and thenumber of internal consumers is zftp.c, could I propose we just rename`freehostent` to `zsh_freehostent`? That would sound less invasive, andwould at least send the next person not down the tracks looking for libcanachronisms (not blaming anyone but me for going down that road) ;-)

Since I think you're supposed to initialize zftp through zfinit, I do
not think this qualifies as a bug.

Hm, yeah, surprising to me, but probably documented somewhere well enough.

But the freehostent symbol in zsh/net/tcp.so feels a little funky.


I'd agree, see above

Cheers,
Marcus

Follow-Ups:
- Re: [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes
  - From: Bart Schaefer

References:
- [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes
  - From: Marcus Müller
- Re: [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes
  - From: Marcus Müller
- Re: [Bug] modules zsh/tcp, zsh/zftp unloadable, probably affecting most modern Linuxes
  - From: Philippe Troin

Messages sorted by: Reverse Date, Date, Thread, Author