Clear GL(dl_initfirst) when freeing its link_map memory [BZ# 25396]

We should clear GL(dl_initfirst) when freeing its link_map memory.

Tested on Fedora 31/x86-64 with CET.

Reviewed-by: Florian Weimer <fweimer@redhat.com>

diff --git a/elf/dl-close.c b/elf/dl-close.c
index 104c299209abe4953658b5772ea308fc194d3d47..73b2817bbf6059fe6dd171d803d068c1497fb86b 100644 (file)
--- a/elf/dl-close.c
+++ b/elf/dl-close.c
@@ -756,6 +756,10 @@ _dl_close_worker (struct link_map *map, bool force)
          if (imap->l_runpath_dirs.dirs != (void *) -1)
            free (imap->l_runpath_dirs.dirs);
 
+         /* Clear GL(dl_initfirst) when freeing its link_map memory.  */
+         if (imap == GL(dl_initfirst))
+           GL(dl_initfirst) = NULL;
+
          free (imap);
        }
     }