From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <azanella@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1791)
	id 5BDB73857C44; Wed,  4 Oct 2023 19:28:54 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 5BDB73857C44
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1696447734;
	bh=xXl6NTxjAO1tPb56FRqgHLZS9cBSU+0HgiIgA/19O8c=;
	h=From:To:Subject:Date:From;
	b=NoDF+g0Kr9LLoSNTzt1nvR2XViA9KH3ssKn3c7WPPOtNH1ZN2tGFomtH+SkouaKwo
	 9VybRSrgvuYU7q915iVTzrtrJIeiEVur2g3ObStKTEGoKga+S2JwdV+aLyh7wAA0g5
	 qhEbYTDCce3w8BB5aZnvacLWEfeRBhaZNhcAiTxg=
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Adhemerval Zanella <azanella@sourceware.org>
To: glibc-cvs@sourceware.org
Subject: [glibc/azanella/tunables] elf: Do not process invalid tunable format
X-Act-Checkin: glibc
X-Git-Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
X-Git-Refname: refs/heads/azanella/tunables
X-Git-Oldrev: acf8710934f86f3a59e0e77ecdda37227934f50e
X-Git-Newrev: dde95b6c66dc99c82bccd7db31fad095cd2b31d5
Message-Id: <20231004192854.5BDB73857C44@sourceware.org>
Date: Wed,  4 Oct 2023 19:28:54 +0000 (GMT)
List-Id: <glibc-cvs.sourceware.org>

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dde95b6c66dc99c82bccd7db31fad095cd2b31d5

commit dde95b6c66dc99c82bccd7db31fad095cd2b31d5
Author: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date:   Wed Oct 4 09:29:49 2023 -0300

    elf: Do not process invalid tunable format
    
    Tunables string with with more than one '=' on its definition are
    parsed and enabled, and any subsequent '=' are ignored.  It means
    that tunables in the form 'tunable=tunable=value' or
    'tunable=value=value' are handled 'tunable=value'.  This inputs are
    most likely user input error, which should not be accepted.
    
    Checked on x86_64-linux-gnu.

Diff:
---
 elf/dl-tunables.c  |  6 ++++--
 elf/tst-tunables.c | 21 +++++++++++++++++++++
 2 files changed, 25 insertions(+), 2 deletions(-)

diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c
index 18ce0c0b27..9cd4c52568 100644
--- a/elf/dl-tunables.c
+++ b/elf/dl-tunables.c
@@ -194,10 +194,12 @@ parse_tunables (char *valstring)
 
       const char *value = p;
 
-      while (*p != ':' && *p != '\0')
+      while (*p != '=' && *p != ':' && *p != '\0')
 	p++;
 
-      if (*p == '\0')
+      if (*p == '=')
+	break;
+      else if (*p == '\0')
 	done = true;
       else
 	*p++ = '\0';
diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c
index ec1ec8462c..006ba965c0 100644
--- a/elf/tst-tunables.c
+++ b/elf/tst-tunables.c
@@ -136,12 +136,33 @@ static const struct test_t
     0,
     0,
   },
+  /* Ill-formatted tunables are ignored.  */
+  {
+    "glibc.malloc.check=2=2",
+    0,
+    0,
+    0,
+  },
   {
     "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096",
     0,
     0,
     0,
   },
+  /* If there is a ill-formatted key=value, everything after is also ignored.  */
+  {
+    "glibc.malloc.check=2=2:glibc.malloc.check=2",
+    0,
+    0,
+    0,
+  },
+  /* Valid tunables set before ill-formatted ones are set.  */
+  {
+    "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096=4096",
+    2,
+    0,
+    0,
+  }
 };
 
 static int