Replace the libc environment with a thread-safe emulation

putenv(3) and friends aren't thread-safe regardless of how you slice
it; a global lock around all environment operations (like before)
keeps things safe as far as our own operations go, but we have
absolutely no control over what libc or a library dragged in by a
driver/NIF does -- they're free to call getenv(3) or putenv(3)
without honoring our lock.

This commit solves this by setting up an "emulated" environment which
can't be touched without going through our interfaces. Third-party
libraries can still shoot themselves in the foot but benign uses of
os:putenv/2 will no longer risk crashing the emulator.

1 files changed, 16 insertions, 2 deletions

diff --git a/erts/emulator/beam/io.c b/erts/emulator/beam/io.c
index 9933c8dda4..6158e9613a 100644
--- a/erts/emulator/beam/io.c
+++ b/erts/emulator/beam/io.c
@@ -7715,13 +7715,27 @@ int null_func(void)
 int
 erl_drv_putenv(const char *key, char *value)
 {
-    return erts_sys_putenv_raw((char*)key, value);
+    switch (erts_sys_explicit_8bit_putenv((char*)key, value)) {
+    case -1: /* Insufficient buffer space */
+        return 1;
+    case 1: /* Success */
+        return 0;
+    default: /* Not found */
+        return -1;
+    }
 }
 
 int
 erl_drv_getenv(const char *key, char *value, size_t *value_size)
 {
-    return erts_sys_getenv_raw((char*)key, value, value_size);
+    switch (erts_sys_explicit_8bit_getenv((char*)key, value, value_size)) {
+    case -1: /* Insufficient buffer space */
+        return 1;
+    case 1: /* Success */
+        return 0;
+    default: /* Not found */
+        return -1;
+    }
 }
 
 /* get heart_port