libio: freopen of default streams crashes in old programs [BZ #24632]

As seen with very old i386 GCC binaries.

diff --git a/ChangeLog b/ChangeLog
index 865fcec..6efe9c4 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,11 @@
 2019-06-12  Florian Weimer  <fweimer@redhat.com>
 
+       [BZ #24632]
+       * libio/libioP.h (_IO_JUMPS_FUNC_UPDATE): New macro.
+       * libio/freopen.c (freopen): Use it.
+
+2019-06-12  Florian Weimer  <fweimer@redhat.com>
+
        Linux: Deprecate sysctl.
        * include/sysctl.h (__sysctl): Remove declaration.
        * scripts/check-installed-headers.sh (sys/sysctl.h): Disable

diff --git a/libio/freopen.c b/libio/freopen.c
index 17b0025..82e39f5 100644 (file)
--- a/libio/freopen.c
+++ b/libio/freopen.c
@@ -62,7 +62,7 @@ freopen (const char *filename, const char *mode, FILE *fp)
         to the old libio may be passed into shared C library and wind
         up here. */
       _IO_old_file_close_it (fp);
-      _IO_JUMPS_FILE_plus (fp) = &_IO_old_file_jumps;
+      _IO_JUMPS_FUNC_UPDATE (fp, &_IO_old_file_jumps);
       result = _IO_old_file_fopen (fp, gfilename, mode);
     }
   else

diff --git a/libio/libioP.h b/libio/libioP.h
index 66afaa8..afa46cc 100644 (file)
--- a/libio/libioP.h
+++ b/libio/libioP.h
@@ -108,9 +108,14 @@
   (IO_validate_vtable                                                   \
    (*(struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)      \
                             + (THIS)->_vtable_offset)))
+# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE)                           \
+  (*(const struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS) \
+                                 + (THIS)->_vtable_offset) = (VTABLE))
 # define _IO_vtable_offset(THIS) (THIS)->_vtable_offset
 #else
 # define _IO_JUMPS_FUNC(THIS) (IO_validate_vtable (_IO_JUMPS_FILE_plus (THIS)))
+# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE) \
+  (_IO_JUMPS_FILE_plus (THIS) = (VTABLE))
 # define _IO_vtable_offset(THIS) 0
 #endif
 #define _IO_WIDE_JUMPS_FUNC(THIS) _IO_WIDE_JUMPS(THIS)