From 55bc8a12773d51c0ef070dfbb2714d08801390f5 Mon Sep 17 00:00:00 2001
From: Wolfgang Walther <walther@technowledgy.de>
Date: Sun, 24 Mar 2024 17:12:45 +0100
Subject: [PATCH 1/5] Don't clobber LD_* environment variables

Our PS_USE_CLOBBER_ARGV code relocates the environment, which itself is
allowed, in order to steal the old space to make a bigger argv[0] for
ps/top to show, which is probably formally undefined behavior.

Unfortunately that corrupts musl's copy of LD_LIBRARY_PATH if set,
because it stashes a pointer to the initial value before main() begins.
It probably doesn't matter for installed servers but breaks the
regression tests.

Here we look out for variables named LD_* while computing how much space
to steal, so we can avoid clobbering them.  No change in behaviour if
not found, but otherwise you might potentially get ps status messages
truncated to a smaller size than before depending on the length of
preceding clobberable variables.  Musl does not define any compiler
symbols, so we do this for any Linux libc we don't know is safe.  The
truncation size shouldn't be too small or at least has an easy mitigation:
define a dummy variable.

Reported-by: Wolfgang Walther <walther@technowledgy.de>
Discussion: https://postgr.es/m/fddd1cd6-dc16-40a2-9eb5-d7fef2101488%40technowledgy.de
---
 src/backend/utils/misc/ps_status.c | 32 +++++++++++++++++++++++++++++-
 1 file changed, 31 insertions(+), 1 deletion(-)

diff --git a/src/backend/utils/misc/ps_status.c b/src/backend/utils/misc/ps_status.c
index 5d829e6e483..7532af17dbb 100644
--- a/src/backend/utils/misc/ps_status.c
+++ b/src/backend/utils/misc/ps_status.c
@@ -151,7 +151,37 @@ save_ps_display_args(int argc, char **argv)
 		for (i = 0; environ[i] != NULL; i++)
 		{
 			if (end_of_area + 1 == environ[i])
-				end_of_area = environ[i] + strlen(environ[i]);
+			{
+
+#if defined(__linux__) && (! defined(__GLIBC__) && ! defined(__UCLIBC__ ))
+				/*
+				 * The musl runtime linker stores pointers to variable values
+				 * which are defined in the process's environment. Therefore,
+				 * in these cases we cannot overwrite such variable values
+				 * when setting the process title or dynamic linking (dlopen)
+				 * might fail.  Here, we truncate the update of the process
+				 * title when either of two important dynamic linking
+				 * environment variables are set.  Musl does not define any
+				 * compiler symbols, so we have to do this for any Linux libc
+				 * we don't know is safe.
+				 */
+				if (strstr(environ[i], "LD_LIBRARY_PATH=") == environ[i] ||
+					strstr(environ[i], "LD_PRELOAD=") == environ[i])
+				{
+					/*
+					 * We can overwrite the name, but stop at the equals sign.
+					 * Future loops will not find contiguous space, but we
+					 * don't break early because we want to count the total
+					 * number.
+					 */
+					end_of_area = strchr(environ[i], '=');
+				}
+				else
+#endif
+				{
+					end_of_area = environ[i] + strlen(environ[i]);
+				}
+			}
 		}
 
 		ps_buffer = argv[0];
-- 
2.44.0