system/3371: Incorrect function called via pointer when using dynamicly loaded code

From: <openbsd(at)codebunny.org>
Date: Sun Jul 27 2003 - 17:13:33 EDT

>Number: 3371
>Category: system
>Synopsis: incorrect function called from function pointer
>Confidential: yes
net
>Environment:
        

	System      : OpenBSD 3.3
	Architecture: OpenBSD.i386
	Machine     : i386

>Description:

A program dynamicly loads 2 (or more) objects. Within each module is a function of a particular name, which is 'private', i.e. the function is not declared in any included headers. If, within a module, the 'private' (I know, bad terminology) function is called via pointer, the function actually called will be the 'private' function in the first loaded module.

>How-To-Repeat:

See code below. When run the output should be "hello from two". Under 3.3 "hello from one" is output instead. Under Solaris and Linux this code produces "hello from two".

• one.c void hello(void) {

        printf("hello from one\n");

}

void start(void) {

        void (*func)(void);

        func = hello;

        func();

}

• two.c void hello(void) {

        printf("hello from two\n");

}

void start(void) {

        void (*func)(void);

        func = hello;

        func();

}

• main.c #include <dlfcn.h>

#define DL_PREFIX "_"

int main(void) {

	void *handleOne;
	void *handleTwo;

	void (*startOne)(void);
	void (*startTwo)(void);

	handleOne	= dlopen("./one.so", RTLD_LAZY);
	handleTwo	= dlopen("./two.so", RTLD_LAZY);

	startOne	= dlsym(handleOne, DL_PREFIX "start");
	startTwo	= dlsym(handleTwo, DL_PREFIX "start");

	startTwo();

	dlclose(handleOne);
	dlclose(handleTwo);

	exit(0);

}

• Makefile all: gcc -o dltest main.c gcc -shared -fPIC -o one.so one.c gcc -shared -fPIC -o two.so two.c

>Fix:

Don't use function pointers within dynamicly loaded modules. :o)

>Release-Note:
Received on Sun Jul 27 17:55:55 2003