make dynamic linker accept : or \n as path separator

this allows /etc/ld-musl-$(ARCH).path to contain one path per line,
which is much more convenient for users than the :-delimited format,
which was a source of repeated and unnecessary confusion. for
simplicity, \n is also accepted in environment variables, though it
should probably not be used there.

at the same time, issues with overly long paths invoking UB or getting
truncated have been fixed. such issues should not have arisen with the
environment (which is size-limited) but could have been generated by a
path file larger than 2**31 bytes in length.

diff --git a/src/ldso/dynlink.c b/src/ldso/dynlink.c
index efbec8fbc28ca72e7dd3977597752e0513ae9cb4..dec9511125fcf40e37d71b3e836c8c84c0396a47 100644 (file)
--- a/src/ldso/dynlink.c
+++ b/src/ldso/dynlink.c
@@ -403,16 +403,16 @@ error:
        return 0;
 }
 
-static int path_open(const char *name, const char *search, char *buf, size_t buf_size)
+static int path_open(const char *name, const char *s, char *buf, size_t buf_size)
 {
-       const char *s=search, *z;
-       int l, fd;
+       size_t l;
+       int fd;
        for (;;) {
-               while (*s==':') s++;
-               if (!*s) return -1;
-               z = strchr(s, ':');
-               l = z ? z-s : strlen(s);
-               snprintf(buf, buf_size, "%.*s/%s", l, s, name);
+               s += strspn(s, ":\n");
+               l = strcspn(s, ":\n");
+               if (l-1 >= INT_MAX) return -1;
+               if (snprintf(buf, buf_size, "%.*s/%s", (int)l, s, name) >= buf_size)
+                       continue;
                if ((fd = open(buf, O_RDONLY|O_CLOEXEC))>=0) return fd;
                s += l;
        }