This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug libc/11319] dprintf doesn't handle errors properly


https://sourceware.org/bugzilla/show_bug.cgi?id=11319

--- Comment #3 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  35caceb145ff23340edcd67dd813bfd95f1ff6e6 (commit)
       via  4e2f43f842ef5e253cc23383645adbaa03cedb86 (commit)
       via  124fc732c15ef37b7ee9db25b1e9f9b20c799623 (commit)
       via  698fb75b9ff5ae454a1344b5f9fafa0ca367c555 (commit)
       via  d91798b31ac79914c234c4da7f7e7396bde2d85c (commit)
       via  b87eb3f8feb826ac48463f598fc10476055bee5a (commit)
       via  349718d4d7841df46bcc36df9bc2baef4c40d6f5 (commit)
      from  72b8692d7e640eb85ea0fb7de6d5e797512691c1 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=35caceb145ff23340edcd67dd813bfd95f1ff6e6

commit 35caceb145ff23340edcd67dd813bfd95f1ff6e6
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:32:04 2018 -0500

    Use PRINTF_LDBL_IS_DBL instead of __ldbl_is_dbl.

    After all that prep work, nldbl-compat.c can now use PRINTF_LDBL_IS_DBL
    instead of __no_long_double to control the behavior of printf-like
    functions; this is the last thing we needed __no_long_double for, so it
    can go away entirely.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e2f43f842ef5e253cc23383645adbaa03cedb86

commit 4e2f43f842ef5e253cc23383645adbaa03cedb86
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:32:03 2018 -0500

    Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)

    The _chk variants of all of the printf functions become much simpler.
    This is the last thing that we needed _IO_acquire_lock_clear_flags2
    for, so it can go as well.  I took the opportunity to make the headers
    included and the names of all local variables consistent across all the
    affected files.

    Since we ultimately want to get rid of __no_long_double as well, it
    must be possible to get all of the nontrivial effects of the _chk
    functions by calling the _internal functions with appropriate flags.
    For most of the __(v)xprintf_chk functions, this is covered by
    PRINTF_FORTIFY plus some up-front argument checks that can be
    duplicated.  However, __(v)sprintf_chk installs a custom jump table so
    that it can crash instead of overflowing the output buffer.  This
    functionality is moved to __vsprintf_internal, which now has a
    'maxlen' argument like __vsnprintf_internal; to get the unsafe
    behavior of ordinary (v)sprintf, pass -1 for that argument.

    obstack_printf_chk and obstack_vprintf_chk are no longer in the same
    file.

    As a side-effect of the unification of both fortified and non-fortified
    vdprintf initialization, this patch fixes bug 11319 for __dprintf_chk
    and __vdprintf_chk, which was previously fixed only for dprintf and
    vdprintf by the commit

    commit 7ca890b88e6ab7624afb1742a9fffb37ad5b3fc3
    Author: Ulrich Drepper <drepper@redhat.com>
    Date:   Wed Feb 24 16:07:57 2010 -0800

        Fix reporting of I/O errors in *dprintf functions.

    This patch adds a test case to avoid regressions.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=124fc732c15ef37b7ee9db25b1e9f9b20c799623

commit 124fc732c15ef37b7ee9db25b1e9f9b20c799623
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:32:02 2018 -0500

    Add __vsyslog_internal, with same flags as __v*printf_internal.

    __nldbl___vsyslog_chk will ultimately want to pass PRINTF_LDBL_IS_DBL
    down to __vfprintf_internal *as well as* possibly setting PRINTF_FORTIFY.
    To make that possible, we need a __vsyslog_internal that takes the
    same flags as printf.  The code in misc/syslog.c does also get a
    little simpler.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=698fb75b9ff5ae454a1344b5f9fafa0ca367c555

commit 698fb75b9ff5ae454a1344b5f9fafa0ca367c555
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:32:01 2018 -0500

    Add __v*printf_internal with flags arguments

    There are a lot more printf variants than there are scanf variants,
    and the code for setting up and tearing down their custom FILE
    variants around the call to __vf(w)printf is more complicated and
    variable.  Therefore, I have added _internal versions of all the
    v*printf variants, rather than introducing helper routines so that
    they can all directly call __vf(w)printf_internal, as was done with
    scanf.

    As with the scanf changes, in this patch the _internal functions still
    look at the environmental mode bits and all callers pass 0 for the
    flags parameter.

    Several of the affected public functions had _IO_ name aliases that
    were not exported (but, in one case, appeared in libio.h anyway);
    I was originally planning to leave them as aliases to avoid having
    to touch internal callers, but it turns out ldbl_*_alias only work
    for exported symbols, so they've all been removed instead.  It also
    turns out there were hardly any internal callers.  _IO_vsprintf and
    _IO_vfprintf *are* exported, so those two stick around.

    Summary for the changes to each of the affected symbols:

      _IO_vfprintf, _IO_vsprintf:
        All internal calls removed, thus the internal declarations, as well
        as uses of libc_hidden_proto and libc_hidden_def, were also removed.
        The external symbol is now exposed via uses of ldbl_strong_alias
        to __vfprintf_internal and __vsprintf_internal, respectively.

      _IO_vasprintf, _IO_vdprintf, _IO_vsnprintf,
      _IO_vfwprintf, _IO_vswprintf,
      _IO_obstack_vprintf, _IO_obstack_printf:
        All internal calls removed, thus declaration in internal headers
        were also removed.  They were never exported, so there are no
        aliases tying them to the internal functions.  I.e.: entirely gone.

      __vsnprintf:
        Internal calls were always preceded by macros such as
          #define __vsnprintf _IO_vsnprintf, and
          #define __vsnprintf vsnprintf
        The macros were removed and their uses replaced with calls to the
        new internal function __vsnprintf_internal.  Since there were no
        internal calls, the internal declaration was also removed.  The
        external symbol is preserved with ldbl_weak_alias to ___vsnprintf.

      __vfwprintf:
        All internal calls converted into calls to __vfwprintf_internal,
        thus the internal declaration was removed.  The function is now a
        wrapper that calls __vfwprintf_internal.  The external symbol is
        preserved.

      __vswprintf:
        Similarly, but no external symbol.

      __vasprintf, __vdprintf, __vfprintf, __vsprintf:
        New internal wrappers.  Not exported.

      vasprintf, vdprintf, vfprintf, vsprintf, vsnprintf,
      vfwprintf, vswprintf,
      obstack_vprintf, obstack_printf:
        These functions used to be aliases to the respective _IO_* function,
        they are now aliases to their respective __* functions.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d91798b31ac79914c234c4da7f7e7396bde2d85c

commit d91798b31ac79914c234c4da7f7e7396bde2d85c
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:32:00 2018 -0500

    Use SCANF_LDBL_IS_DBL instead of __ldbl_is_dbl.

    Change the callers of __vfscanf_internal and __vfwscanf_internal that
    want to treat 'long double' as another name for 'double' (all of which
    happen to be in sysdeps/ieee754/ldbl-opt/nldbl-compat.c) to communicate
    this via the new flags argument, instead of the per-thread variable
    __no_long_double and its __ldbl_is_dbl wrapper macro.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b87eb3f8feb826ac48463f598fc10476055bee5a

commit b87eb3f8feb826ac48463f598fc10476055bee5a
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:31:59 2018 -0500

    Use SCANF_ISOC99_A instead of _IO_FLAGS2_SCANF_STD.

    Change the callers of __vfscanf_internal and __vfwscanf_internal that
    want C99-compliant behavior to communicate this via the new flags
    argument, rather than setting bits on the FILE object.  This also
    means these functions do not need to do their own locking.

    Tested for powerpc and powerpc64le.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=349718d4d7841df46bcc36df9bc2baef4c40d6f5

commit 349718d4d7841df46bcc36df9bc2baef4c40d6f5
Author: Zack Weinberg <zackw@panix.com>
Date:   Wed Mar 7 14:31:58 2018 -0500

    Add __vfscanf_internal and __vfwscanf_internal with flags arguments.

    There are two flags currently defined: SCANF_LDBL_IS_DBL is the mode
    used by __nldbl_ scanf variants, and SCANF_ISOC99_A is the mode used
    by __isoc99_ scanf variants.  In this patch, the new functions honor
    these flag bits if they're set, but they still also look at the
    corresponding bits of environmental state, and callers all pass zero.

    The new functions do *not* have the "errp" argument possessed by
    _IO_vfscanf and _IO_vfwscanf.  All internal callers passed NULL for
    that argument.  External callers could theoretically exist, so I
    preserved wrappers, but they are flagged as compat symbols and they
    don't preserve the three-way distinction among types of errors that
    was formerly exposed.  These functions probably should have been in
    the list of deprecated _IO_ symbols in 2.27 NEWS -- they're not just
    aliases for vfscanf and vfwscanf.

    (It was necessary to introduce ldbl_compat_symbol for _IO_vfscanf.
    Please check that part of the patch very carefully, I am still not
    confident I understand all of the details of ldbl-opt.)

    This patch also introduces helper inlines in libio/strfile.h that
    encapsulate the process of initializing an _IO_strfile object for
    reading.  This allows us to call __vfscanf_internal directly from
    sscanf, and __vfwscanf_internal directly from swscanf, without
    duplicating the initialization code.  (Previously, they called their
    v-counterparts, but that won't work if we want to control *both* C99
    mode and ldbl-is-dbl mode using the flags argument to__vfscanf_internal.)
    It's still a little awkward, especially for wide strfiles, but it's
    much better than what we had.

    Tested for powerpc and powerpc64le.

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                                |  349 ++++
 argp/argp-fmtstream.c                    |    3 +-
 argp/argp-help.c                         |    4 +-
 argp/argp-namefrob.h                     |    2 -
 debug/Makefile                           |    2 +-
 debug/asprintf_chk.c                     |   20 +-
 debug/dprintf_chk.c                      |   20 +-
 debug/fprintf_chk.c                      |   20 +-
 debug/fwprintf_chk.c                     |   20 +-
 debug/obprintf_chk.c                     |   96 +-
 debug/printf_chk.c                       |   20 +-
 debug/snprintf_chk.c                     |   24 +-
 debug/sprintf_chk.c                      |   25 +-
 debug/swprintf_chk.c                     |   27 +-
 debug/vasprintf_chk.c                    |   68 +-
 debug/vdprintf_chk.c                     |   37 +-
 debug/vfprintf_chk.c                     |   21 +-
 debug/vfwprintf_chk.c                    |   21 +-
 debug/vobprintf_chk.c                    |   31 +
 debug/vprintf_chk.c                      |   20 +-
 debug/vsnprintf_chk.c                    |   46 +-
 debug/vsprintf_chk.c                     |   69 +-
 debug/vswprintf_chk.c                    |   51 +-
 debug/vwprintf_chk.c                     |   21 +-
 debug/wprintf_chk.c                      |   21 +-
 hurd/vpprintf.c                          |    2 +-
 include/stdio.h                          |    8 -
 include/sys/syslog.h                     |   19 +-
 include/wchar.h                          |   12 -
 libio/fwprintf.c                         |    2 +-
 libio/iolibio.h                          |    8 -
 libio/iovdprintf.c                       |   13 +-
 libio/iovsprintf.c                       |   66 +-
 libio/iovsscanf.c                        |   12 +-
 libio/iovswscanf.c                       |   14 +-
 libio/libio.h                            |    8 -
 libio/libioP.h                           |   97 +-
 libio/obprintf.c                         |   19 +-
 libio/strfile.h                          |   33 +-
 libio/swprintf.c                         |    2 +-
 libio/swscanf.c                          |   10 +-
 libio/vasprintf.c                        |   20 +-
 libio/vscanf.c                           |    2 +-
 libio/vsnprintf.c                        |   16 +-
 libio/vswprintf.c                        |   16 +-
 libio/vwprintf.c                         |    2 +-
 libio/vwscanf.c                          |    2 +-
 libio/wprintf.c                          |    2 +-
 libio/wscanf.c                           |    2 +-
 misc/syslog.c                            |   36 +-
 stdio-common/Makefile                    |   10 +-
 stdio-common/Versions                    |    3 +
 stdio-common/asprintf.c                  |    6 +-
 stdio-common/dprintf.c                   |    5 +-
 stdio-common/fprintf.c                   |    2 +-
 stdio-common/fxprintf.c                  |    4 +-
 stdio-common/iovfscanf.c                 |   38 +
 stdio-common/iovfwscanf.c                |   38 +
 stdio-common/isoc99_fscanf.c             |    7 +-
 stdio-common/isoc99_scanf.c              |   12 +-
 stdio-common/isoc99_sscanf.c             |    8 +-
 stdio-common/isoc99_vfscanf.c            |    9 +-
 stdio-common/isoc99_vscanf.c             |    9 +-
 stdio-common/isoc99_vsscanf.c            |   16 +-
 stdio-common/printf.c                    |    3 +-
 stdio-common/scanf.c                     |    2 +-
 stdio-common/snprintf.c                  |    4 +-
 stdio-common/sprintf.c                   |    4 +-
 stdio-common/sscanf.c                    |   12 +-
 stdio-common/tst-bz11319-fortify2.c      |    1 +
 stdio-common/tst-bz11319.c               |   49 +
 stdio-common/vfprintf-internal.c         | 2358 +++++++++++++++++++++++
 stdio-common/vfprintf.c                  | 2351 +-----------------------
 stdio-common/vfscanf-internal.c          | 3043 ++++++++++++++++++++++++++++++
 stdio-common/vfscanf.c                   | 3042 +-----------------------------
 stdio-common/vfwprintf-internal.c        |    2 +
 stdio-common/vfwprintf.c                 |   28 +-
 stdio-common/vfwscanf-internal.c         |    2 +
 stdio-common/vfwscanf.c                  |   28 +-
 stdio-common/vprintf.c                   |    4 +-
 stdlib/strfrom-skeleton.c                |    2 +-
 sysdeps/generic/math_ldbl_opt.h          |    5 +-
 sysdeps/generic/stdio-lock.h             |    7 -
 sysdeps/ieee754/ldbl-opt/Makefile        |    2 +-
 sysdeps/ieee754/ldbl-opt/math_ldbl_opt.h |   13 +-
 sysdeps/ieee754/ldbl-opt/nldbl-compat.c  |  773 ++++----
 sysdeps/nptl/stdio-lock.h                |    7 -
 wcsmbs/isoc99_fwscanf.c                  |    7 +-
 wcsmbs/isoc99_swscanf.c                  |   11 +-
 wcsmbs/isoc99_vfwscanf.c                 |    9 +-
 wcsmbs/isoc99_vswscanf.c                 |   15 +-
 wcsmbs/isoc99_vwscanf.c                  |    9 +-
 wcsmbs/isoc99_wscanf.c                   |    7 +-
 93 files changed, 6841 insertions(+), 6587 deletions(-)
 create mode 100644 debug/vobprintf_chk.c
 create mode 100644 stdio-common/iovfscanf.c
 create mode 100644 stdio-common/iovfwscanf.c
 create mode 100644 stdio-common/tst-bz11319-fortify2.c
 create mode 100644 stdio-common/tst-bz11319.c
 create mode 100644 stdio-common/vfprintf-internal.c
 create mode 100644 stdio-common/vfscanf-internal.c
 create mode 100644 stdio-common/vfwprintf-internal.c
 create mode 100644 stdio-common/vfwscanf-internal.c

-- 
You are receiving this mail because:
You are on the CC list for the bug.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]