From c2a93792fc9799d0c2f07f260f52e533e3bd178e Mon Sep 17 00:00:00 2001
From: Ryan Prichard <rprichard@google.com>
Date: Mon, 20 Apr 2020 17:59:18 -0700
Subject: [PATCH] android_get_exported_namespace: acquire g_dl_mutex

android_get_exported_namespace searches g_exported_namespaces, which
isn't modified after process initialization, but it does the search
using a new std::string object, and the linker's malloc/free functions
aren't thread-safe. (They're protected by the same lock (g_dl_mutex) as
the rest of the linker's state.)

Bug: http://b/150372650
Test: bionic-unit-tests
Change-Id: Iafd12e5ab36ae61f0642aad59939f528d31bda16
---
 linker/dlfcn.cpp | 1 +
 1 file changed, 1 insertion(+)

diff --git a/linker/dlfcn.cpp b/linker/dlfcn.cpp
index 228e30a1a..255363f96 100644
--- a/linker/dlfcn.cpp
+++ b/linker/dlfcn.cpp
@@ -279,6 +279,7 @@ bool __loader_android_link_namespaces_all_libs(android_namespace_t* namespace_fr
 }
 
 android_namespace_t* __loader_android_get_exported_namespace(const char* name) {
+  ScopedPthreadMutexLocker locker(&g_dl_mutex);
   return get_exported_namespace(name);
 }