Fix environment traversal when an envvar value is empty

The condition when the value of an envvar is empty (not just '\0'),
the loop in tunables_init gets stuck infinitely because envp is not
incremented.  Fix that by always incrementing envp in the loop.

Added test case (tst-empty-env.c) verifies the fix when the source is
configured with --enable-hardcoded-path-in-tests, thanks Josh Stone for
providing the test case.  Verified on x86_64.

	* elf/dl-tunables (get_next_env): Always advance envp.
	* stdlib/tst-empty-env.c: New test case.
	* stdlib/Makefile (tests): Use it.

ChangeLog

@@ -1,3 +1,9 @@
+2017-01-19  Siddhesh Poyarekar  <siddhesh@sourceware.org>
+
+	* elf/dl-tunables (get_next_env): Always advance envp.
+	* stdlib/tst-empty-env.c: New test case.
+	* stdlib/Makefile (tests): Use it.
+
 2017-01-19  Joseph Myers  <joseph@codesourcery.com>
 
 	[BZ #21047]

elf/dl-tunables.c

@@ -80,7 +80,7 @@ get_next_env (char **envp, char **name, size_t *namelen, char **val)
 {
   while (envp != NULL && *envp != NULL)
     {
-      char *envline = *envp;
+      char *envline = *envp++;
       int len = 0;
 
       while (envline[len] != '\0' && envline[len] != '=')
@@ -94,7 +94,7 @@ get_next_env (char **envp, char **name, size_t *namelen, char **val)
       *namelen = len;
       *val = &envline[len + 1];
 
-      return ++envp;
+      return envp;
     }
 
   return NULL;

stdlib/Makefile

@@ -81,6 +81,9 @@ tests		:= tst-strtol tst-strtod testmb testrand testsort testdiv   \
 		   tst-quick_exit tst-thread-quick_exit tst-width	    \
 		   tst-width-stdint tst-strfrom tst-strfrom-locale \
 		   tst-getrandom
+ifeq ($(build-hardcoded-path-in-tests),yes)
+tests += tst-empty-env
+endif
 tests-static	:= tst-secure-getenv
 ifeq ($(have-cxx-thread_local),yes)
 CFLAGS-tst-quick_exit.o = -std=c++11

stdlib/tst-empty-env.c

@@ -0,0 +1,58 @@
+/* Test that passing a NULL value does not hang environment traversal in
+   tunables.
+   Copyright (C) 2017 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Lesser General Public
+   License as published by the Free Software Foundation; either
+   version 2.1 of the License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Lesser General Public License for more details.
+
+   You should have received a copy of the GNU Lesser General Public
+   License along with the GNU C Library; if not, see
+   <http://www.gnu.org/licenses/>.  */
+
+/* The test is useful only when the source is configured with
+   --enable-hardcoded-path-in-tests since otherwise the execve just picks up
+   the system dynamic linker.  */
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <unistd.h>
+#include <errno.h>
+
+static int
+do_test (int argc, char **argv)
+{
+  if (argc == 2)
+    return 0;
+
+  char envname[] = "FOOBAR";
+  char *filename = program_invocation_name;
+  char *newargv[] = {filename, filename, NULL};
+  char *newenviron[] = {envname, NULL};
+
+   /* This was reported in Fedora:
+
+      https://bugzilla.redhat.com/show_bug.cgi?id=1414589
+
+      If one of the environment variables has no value, then the environment
+      traversal must skip and also advance to the next environment entry.  The
+      bug in question would cause this test to hang in an infinite loop.  */
+  int ret = execve (filename, newargv, newenviron);
+
+  if (ret != 0)
+    printf ("execve failed: %m");
+
+  /* We will reach here only if we fail execve.  */
+  return 1;
+}
+
+#define TIMEOUT 3
+#define TEST_FUNCTION_ARGV do_test
+#include <support/test-driver.c>