This is the mail archive of the libc-hacker@sourceware.org mailing list for the glibc project.
Note that libc-hacker is a closed list. You may look at the archives of this list, but subscription and posting are not open.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Hi! The following patch fortifies these 6 functions with -D_FORTIFY_SOURCE=2 to make sure %n in format string is only used if the format string is not writable. Tested on x86_64-linux and ppc-linux (the latter mainly to test the long double stuff). 2008-03-04 Jakub Jelinek <jakub@redhat.com> * include/stdio.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk): New prototypes. (__vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Likewise. Add libc_hidden_proto. * libio/obprintf.c (_IO_obstack_jumps): No longer static, add attribute_hidden. * libio/bits/stdio-ldbl.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Add __LDBL_REDIR_DECL. * libio/bits/stdio2.h (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): New prototypes. (asprintf, __asprintf, dprintf, obstack_printf, vasprintf, vdprintf, obstack_vprintf): New inlines. * debug/dprintf_chk.c: New file. * debug/vdprintf_chk.c: New file. * debug/asprintf_chk.c: New file. * debug/vasprintf_chk.c: New file. * debug/obprintf_chk.c: New file. * debug/tst-chk1.c (do_test): Add asprintf and obstack_printf tests. * debug/Versions (__asprintf_chk, __dprintf_chk, __obstack_printf_chk, __vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Export @@GLIBC_2.8. * debug/Makefile: Build asprintf_chk, vasprintf_chk, dprintf_chk, vdprintf_chk and obprintf_chk, set CFLAGS for them. * sysdeps/ieee754/ldbl-opt/nldbl-compat.c (__nldbl___vasprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): Add libc_hidden_proto. * sysdeps/ieee754/ldbl-opt/nldbl-compat.h (__nldbl___vasprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): New prototypes. * sysdeps/ieee754/ldbl-opt/Versions (__nldbl___asprintf_chk, __nldbl___vasprintf_chk, __nldbl___dprintf_chk, __nldbl___vdprintf_chk, __nldbl___obstack_printf_chk, __nldbl___obstack_vprintf_chk): Export @@GLIBC_2.8. * sysdeps/ieee754/ldbl-opt/Makefile (libnldbl-calls): Add asprintf_chk, vasprintf_chk, dprintf_chk, vdprintf_chk, obstack_printf_chk and obstack_vprintf_chk. * sysdeps/ieee754/ldbl-opt/nldbl-obstack_vprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-dprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-obstack_printf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-asprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-vdprintf_chk.c: New file. * sysdeps/ieee754/ldbl-opt/nldbl-vasprintf_chk.c: New file. --- libc/include/stdio.h.jj 2007-10-16 10:20:13.000000000 +0200 +++ libc/include/stdio.h 2008-03-04 12:58:36.000000000 +0100 @@ -41,6 +41,14 @@ extern int __vprintf_chk (int, const cha extern int __vfprintf_chk (FILE *, int, const char *, _G_va_list); extern char *__fgets_unlocked_chk (char *buf, size_t size, int n, FILE *fp); extern char *__fgets_chk (char *buf, size_t size, int n, FILE *fp); +extern int __asprintf_chk (char **, int, const char *, ...) __THROW; +extern int __vasprintf_chk (char **, int, const char *, _G_va_list) __THROW; +extern int __dprintf_chk (int, int, const char *, ...); +extern int __vdprintf_chk (int, int, const char *, _G_va_list); +extern int __obstack_printf_chk (struct obstack *, int, const char *, ...) + __THROW; +extern int __obstack_vprintf_chk (struct obstack *, int, const char *, + _G_va_list) __THROW; #endif extern int __isoc99_fscanf (FILE *__restrict __stream, @@ -149,6 +157,9 @@ libc_hidden_proto (__libc_fatal) libc_hidden_proto (__vsprintf_chk) libc_hidden_proto (__vsnprintf_chk) libc_hidden_proto (__vfprintf_chk) +libc_hidden_proto (__vasprintf_chk) +libc_hidden_proto (__vdprintf_chk) +libc_hidden_proto (__obstack_vprintf_chk) # if !defined NOT_IN_libc && defined SHARED && defined DO_VERSIONING \ && !defined NO_HIDDEN --- libc/libio/obprintf.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/libio/obprintf.c 2008-03-04 11:56:37.000000000 +0100 @@ -1,5 +1,5 @@ /* Print output of stream to given obstack. - Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006 + Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006,2008 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. @@ -95,7 +95,7 @@ _IO_obstack_xsputn (_IO_FILE *fp, const /* the jump table. */ -static const struct _IO_jump_t _IO_obstack_jumps = +const struct _IO_jump_t _IO_obstack_jumps attribute_hidden = { JUMP_INIT_DUMMY, JUMP_INIT(finish, NULL), --- libc/libio/bits/stdio-ldbl.h.jj 2007-09-18 21:24:15.000000000 +0200 +++ libc/libio/bits/stdio-ldbl.h 2008-03-04 12:23:55.000000000 +0100 @@ -1,5 +1,5 @@ /* -mlong-double-64 compatibility mode for stdio functions. - Copyright (C) 2006, 2007 Free Software Foundation, Inc. + Copyright (C) 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -85,5 +85,13 @@ __LDBL_REDIR_DECL (__fprintf_chk) __LDBL_REDIR_DECL (__printf_chk) __LDBL_REDIR_DECL (__vfprintf_chk) __LDBL_REDIR_DECL (__vprintf_chk) +# ifdef __USE_GNU +__LDBL_REDIR_DECL (__asprintf_chk) +__LDBL_REDIR_DECL (__vasprintf_chk) +__LDBL_REDIR_DECL (__dprintf_chk) +__LDBL_REDIR_DECL (__vdprintf_chk) +__LDBL_REDIR_DECL (__obstack_printf_chk) +__LDBL_REDIR_DECL (__obstack_vprintf_chk) +# endif # endif #endif --- libc/libio/bits/stdio2.h.jj 2007-09-29 20:51:56.000000000 +0200 +++ libc/libio/bits/stdio2.h 2008-03-04 14:17:02.000000000 +0100 @@ -1,5 +1,5 @@ /* Checking macros for stdio functions. - Copyright (C) 2004, 2005, 2007 Free Software Foundation, Inc. + Copyright (C) 2004, 2005, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -128,6 +128,93 @@ vfprintf (FILE *__restrict __stream, return __vfprintf_chk (__stream, __USE_FORTIFY_LEVEL - 1, __fmt, __ap); } +# ifdef __USE_GNU + +extern int __asprintf_chk (char **__restrict __ptr, int __flag, + __const char *__restrict __fmt, ...) + __THROW __attribute__ ((__format__ (__printf__, 3, 4))) __wur; +extern int __vasprintf_chk (char **__restrict __ptr, int __flag, + __const char *__restrict __fmt, _G_va_list __arg) + __THROW __attribute__ ((__format__ (__printf__, 3, 0))) __wur; +extern int __dprintf_chk (int __fd, int __flag, __const char *__restrict __fmt, + ...) __attribute__ ((__format__ (__printf__, 3, 4))); +extern int __vdprintf_chk (int __fd, int __flag, + __const char *__restrict __fmt, _G_va_list __arg) + __attribute__ ((__format__ (__printf__, 3, 0))); +extern int __obstack_printf_chk (struct obstack *__restrict __obstack, + int __flag, __const char *__restrict __format, + ...) + __THROW __attribute__ ((__format__ (__printf__, 3, 4))); +extern int __obstack_vprintf_chk (struct obstack *__restrict __obstack, + int __flag, + __const char *__restrict __format, + _G_va_list __args) + __THROW __attribute__ ((__format__ (__printf__, 3, 0))); + +# ifdef __va_arg_pack +__extern_always_inline int +__NTH (asprintf (char **__restrict __ptr, __const char *__restrict __fmt, ...)) +{ + return __asprintf_chk (__ptr, __USE_FORTIFY_LEVEL - 1, __fmt, + __va_arg_pack ()); +} + +__extern_always_inline int +__NTH (__asprintf (char **__restrict __ptr, __const char *__restrict __fmt, + ...)) +{ + return __asprintf_chk (__ptr, __USE_FORTIFY_LEVEL - 1, __fmt, + __va_arg_pack ()); +} + +__extern_always_inline int +dprintf (int __fd, __const char *__restrict __fmt, ...) +{ + return __dprintf_chk (__fd, __USE_FORTIFY_LEVEL - 1, __fmt, + __va_arg_pack ()); +} + +__extern_always_inline int +__NTH (obstack_printf (struct obstack *__restrict __obstack, + __const char *__restrict __fmt, ...)) +{ + return __obstack_printf_chk (__obstack, __USE_FORTIFY_LEVEL - 1, __fmt, + __va_arg_pack ()); +} +# elif !defined __cplusplus +# define asprintf(ptr, ...) \ + __asprintf_chk (ptr, __USE_FORTIFY_LEVEL - 1, __VA_ARGS__) +# define __asprintf(ptr, ...) \ + __asprintf_chk (ptr, __USE_FORTIFY_LEVEL - 1, __VA_ARGS__) +# define dprintf(fd, ...) \ + __dprintf_chk (fd, __USE_FORTIFY_LEVEL - 1, __VA_ARGS__) +# define obstack_printf(obstack, ...) \ + __obstack_printf_chk (obstack, __USE_FORTIFY_LEVEL - 1, __VA_ARGS__) +# endif + +__extern_always_inline int +__NTH (vasprintf (char **__restrict __ptr, __const char *__restrict __fmt, + _G_va_list __ap)) +{ + return __vasprintf_chk (__ptr, __USE_FORTIFY_LEVEL - 1, __fmt, __ap); +} + +__extern_always_inline int +vdprintf (int __fd, __const char *__restrict __fmt, _G_va_list __ap) +{ + return __vdprintf_chk (__fd, __USE_FORTIFY_LEVEL - 1, __fmt, __ap); +} + +__extern_always_inline int +__NTH (obstack_vprintf (struct obstack *__restrict __obstack, + __const char *__restrict __fmt, _G_va_list __ap)) +{ + return __obstack_vprintf_chk (__obstack, __USE_FORTIFY_LEVEL - 1, __fmt, + __ap); +} + +# endif + #endif extern char *__gets_chk (char *__str, size_t) __wur; --- libc/debug/dprintf_chk.c.jj 2008-03-04 11:51:31.000000000 +0100 +++ libc/debug/dprintf_chk.c 2008-03-04 13:22:54.000000000 +0100 @@ -0,0 +1,37 @@ +/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#include <libioP.h> +#include <stdarg.h> +#include <stdio.h> + + +/* Write formatted output to D, according to the format string FORMAT. */ +int +__dprintf_chk (int d, int flags, const char *format, ...) +{ + va_list arg; + int done; + + va_start (arg, format); + done = __vdprintf_chk (d, flags, format, arg); + va_end (arg); + + return done; +} --- libc/debug/vdprintf_chk.c.jj 2008-03-04 11:45:28.000000000 +0100 +++ libc/debug/vdprintf_chk.c 2008-03-04 14:07:43.000000000 +0100 @@ -0,0 +1,69 @@ +/* Copyright (C) 1995, 1997-2000, 2001, 2002, 2003, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. + + As a special exception, if you link the code in this file with + files compiled with a GNU compiler to produce an executable, + that does not cause the resulting executable to be covered by + the GNU Lesser General Public License. This exception does not + however invalidate any other reasons why the executable file + might be covered by the GNU Lesser General Public License. + This exception applies to code released by its copyright holders + in files containing the exception. */ + +#include <libioP.h> +#include <stdio_ext.h> + +int +__vdprintf_chk (int d, int flags, const char *format, va_list arg) +{ + struct _IO_FILE_plus tmpfil; + struct _IO_wide_data wd; + int done; + +#ifdef _IO_MTSAFE_IO + tmpfil.file._lock = NULL; +#endif + _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps); + _IO_JUMPS (&tmpfil) = &_IO_file_jumps; + INTUSE(_IO_file_init) (&tmpfil); +#if !_IO_UNIFIED_JUMPTABLES + tmpfil.vtable = NULL; +#endif + if (INTUSE(_IO_file_attach) (&tmpfil.file, d) == NULL) + { + INTUSE(_IO_un_link) (&tmpfil); + return EOF; + } + tmpfil.file._IO_file_flags = + (_IO_mask_flags (&tmpfil.file, _IO_NO_READS, + _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING) + | _IO_DELETE_DONT_CLOSE); + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY; + + done = INTUSE(_IO_vfprintf) (&tmpfil.file, format, arg); + + _IO_FINISH (&tmpfil.file); + + return done; +} +libc_hidden_def (__vdprintf_chk) --- libc/debug/asprintf_chk.c.jj 2008-03-04 11:23:43.000000000 +0100 +++ libc/debug/asprintf_chk.c 2008-03-04 13:23:03.000000000 +0100 @@ -0,0 +1,38 @@ +/* Copyright (C) 1991, 1995, 1997, 1998, 2004, 2006, 2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + +#include <libioP.h> +#include <stdarg.h> +#include <stdio.h> + + +/* Write formatted output from FORMAT to a string which is + allocated with malloc and stored in *STRING_PTR. */ +int +__asprintf_chk (char **result_ptr, int flags, const char *format, ...) +{ + va_list arg; + int done; + + va_start (arg, format); + done = __vasprintf_chk (result_ptr, flags, format, arg); + va_end (arg); + + return done; +} --- libc/debug/vasprintf_chk.c.jj 2008-03-04 11:17:47.000000000 +0100 +++ libc/debug/vasprintf_chk.c 2008-03-04 13:24:14.000000000 +0100 @@ -0,0 +1,97 @@ +/* Copyright (C) 1995,1997,1999-2002,2004,2006,2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. + + As a special exception, if you link the code in this file with + files compiled with a GNU compiler to produce an executable, + that does not cause the resulting executable to be covered by + the GNU Lesser General Public License. This exception does not + however invalidate any other reasons why the executable file + might be covered by the GNU Lesser General Public License. + This exception applies to code released by its copyright holders + in files containing the exception. */ + +#include <malloc.h> +#include <string.h> +#include <stdio.h> +#include <stdio_ext.h> +#include "../libio/libioP.h" +#include "../libio/strfile.h" + +int +__vasprintf_chk (char **result_ptr, int flags, const char *format, + va_list args) +{ + /* Initial size of the buffer to be used. Will be doubled each time an + overflow occurs. */ + const _IO_size_t init_string_size = 100; + char *string; + _IO_strfile sf; + int ret; + _IO_size_t needed; + _IO_size_t allocated; + /* No need to clear the memory here (unlike for open_memstream) since + we know we will never seek on the stream. */ + string = (char *) malloc (init_string_size); + if (string == NULL) + return -1; +#ifdef _IO_MTSAFE_IO + sf._sbf._f._lock = NULL; +#endif + _IO_no_init ((_IO_FILE *) &sf._sbf, _IO_USER_LOCK, -1, NULL, NULL); + _IO_JUMPS ((struct _IO_FILE_plus *) &sf._sbf) = &_IO_str_jumps; + _IO_str_init_static_internal (&sf, string, init_string_size, string); + sf._sbf._f._flags &= ~_IO_USER_BUF; + sf._s._allocate_buffer = (_IO_alloc_type) malloc; + sf._s._free_buffer = (_IO_free_type) free; + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + sf._sbf._f._flags2 |= _IO_FLAGS2_FORTIFY; + + ret = INTUSE(_IO_vfprintf) (&sf._sbf._f, format, args); + if (ret < 0) + { + free (sf._sbf._f._IO_buf_base); + return ret; + } + /* Only use realloc if the size we need is of the same (binary) + order of magnitude then the memory we allocated. */ + needed = sf._sbf._f._IO_write_ptr - sf._sbf._f._IO_write_base + 1; + allocated = sf._sbf._f._IO_write_end - sf._sbf._f._IO_write_base; + if ((allocated >> 1) <= needed) + *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed); + else + { + *result_ptr = (char *) malloc (needed); + if (*result_ptr != NULL) + { + memcpy (*result_ptr, sf._sbf._f._IO_buf_base, needed - 1); + free (sf._sbf._f._IO_buf_base); + } + else + /* We have no choice, use the buffer we already have. */ + *result_ptr = (char *) realloc (sf._sbf._f._IO_buf_base, needed); + } + if (*result_ptr == NULL) + *result_ptr = sf._sbf._f._IO_buf_base; + (*result_ptr)[needed - 1] = '\0'; + return ret; +} +libc_hidden_def (__vasprintf_chk) --- libc/debug/obprintf_chk.c.jj 2008-03-04 11:56:57.000000000 +0100 +++ libc/debug/obprintf_chk.c 2008-03-04 14:14:31.000000000 +0100 @@ -0,0 +1,117 @@ +/* Print output of stream to given obstack. + Copyright (C) 1996,1997,1999,2000,2001,2002,2003,2004,2005,2006,2008 + Free Software Foundation, Inc. + This file is part of the GNU C Library. + Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, write to the Free + Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA + 02111-1307 USA. */ + + +#include <stdlib.h> +#include <libioP.h> +#include "../libio/strfile.h" +#include <assert.h> +#include <string.h> +#include <errno.h> +#include <obstack.h> +#include <stdarg.h> +#include <stdio_ext.h> + + +struct _IO_obstack_file +{ + struct _IO_FILE_plus file; + struct obstack *obstack; +}; + +extern const struct _IO_jump_t _IO_obstack_jumps attribute_hidden; + +int +__obstack_vprintf_chk (struct obstack *obstack, int flags, const char *format, + va_list args) +{ + struct obstack_FILE + { + struct _IO_obstack_file ofile; + } new_f; + int result; + int size; + int room; + +#ifdef _IO_MTSAFE_IO + new_f.ofile.file.file._lock = NULL; +#endif + + _IO_no_init (&new_f.ofile.file.file, _IO_USER_LOCK, -1, NULL, NULL); + _IO_JUMPS (&new_f.ofile.file) = &_IO_obstack_jumps; + room = obstack_room (obstack); + size = obstack_object_size (obstack) + room; + if (size == 0) + { + /* We have to handle the allocation a bit different since the + `_IO_str_init_static' function would handle a size of zero + different from what we expect. */ + + /* Get more memory. */ + obstack_make_room (obstack, 64); + + /* Recompute how much room we have. */ + room = obstack_room (obstack); + size = room; + + assert (size != 0); + } + + _IO_str_init_static_internal ((struct _IO_strfile_ *) &new_f.ofile, + obstack_base (obstack), + size, obstack_next_free (obstack)); + /* Now allocate the rest of the current chunk. */ + assert (size == (new_f.ofile.file.file._IO_write_end + - new_f.ofile.file.file._IO_write_base)); + assert (new_f.ofile.file.file._IO_write_ptr + == (new_f.ofile.file.file._IO_write_base + + obstack_object_size (obstack))); + obstack_blank_fast (obstack, room); + + new_f.ofile.obstack = obstack; + + /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n + can only come from read-only format strings. */ + if (flags > 0) + new_f.ofile.file.file._flags2 |= _IO_FLAGS2_FORTIFY; + + result = INTUSE(_IO_vfprintf) (&new_f.ofile.file.file, format, args); + + /* Shrink the buffer to the space we really currently need. */ + obstack_blank_fast (obstack, (new_f.ofile.file.file._IO_write_ptr + - new_f.ofile.file.file._IO_write_end)); + + return result; +} +libc_hidden_def (__obstack_vprintf_chk) + + +int +__obstack_printf_chk (struct obstack *obstack, int flags, const char *format, + ...) +{ + int result; + va_list ap; + va_start (ap, format); + result = __obstack_vprintf_chk (obstack, flags, format, ap); + va_end (ap); + return result; +} --- libc/debug/tst-chk1.c.jj 2007-09-29 20:51:56.000000000 +0200 +++ libc/debug/tst-chk1.c 2008-03-04 15:12:56.000000000 +0100 @@ -1,4 +1,4 @@ -/* Copyright (C) 2004, 2005, 2006, 2007 Free Software Foundation, Inc. +/* Copyright (C) 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Jakub Jelinek <jakub@redhat.com>, 2004. @@ -20,6 +20,7 @@ #include <assert.h> #include <fcntl.h> #include <locale.h> +#include <obstack.h> #include <paths.h> #include <setjmp.h> #include <signal.h> @@ -31,6 +32,9 @@ #include <sys/socket.h> #include <sys/un.h> +#define obstack_chunk_alloc malloc +#define obstack_chunk_free free + char *temp_filename; static void do_prepare (void); static int do_test (void); @@ -705,6 +709,36 @@ do_test (void) if (fprintf (fp, buf2 + 4, str5) != 7) FAIL (); + char *my_ptr = NULL; + strcpy (buf2 + 2, "%n%s%n"); + /* When the format string is writable and contains %n, + with -D_FORTIFY_SOURCE=2 it causes __chk_fail. */ + CHK_FAIL2_START + if (asprintf (&my_ptr, buf2, str4, &n1, str5, &n1) != 14) + FAIL (); + else + free (my_ptr); + CHK_FAIL2_END + + struct obstack obs; + obstack_init (&obs); + CHK_FAIL2_START + if (obstack_printf (&obs, buf2, str4, &n1, str5, &n1) != 14) + FAIL (); + CHK_FAIL2_END + obstack_free (&obs, NULL); + + my_ptr = NULL; + if (asprintf (&my_ptr, "%s%n%s%n", str4, &n1, str5, &n1) != 14) + FAIL (); + else + free (my_ptr); + + obstack_init (&obs); + if (obstack_printf (&obs, "%s%n%s%n", str4, &n1, str5, &n1) != 14) + FAIL (); + obstack_free (&obs, NULL); + if (freopen (temp_filename, "r", stdin) == NULL) { puts ("could not open temporary file"); --- libc/debug/Versions.jj 2007-09-16 07:06:24.000000000 +0200 +++ libc/debug/Versions 2008-03-04 12:25:04.000000000 +0100 @@ -42,6 +42,10 @@ libc { GLIBC_2.7 { __fread_chk; __fread_unlocked_chk; } + GLIBC_2.8 { + __asprintf_chk; __vasprintf_chk; __dprintf_chk; __vdprintf_chk; + __obstack_printf_chk; __obstack_vprintf_chk; + } GLIBC_PRIVATE { __fortify_fail; } --- libc/debug/Makefile.jj 2007-09-15 17:18:46.000000000 +0200 +++ libc/debug/Makefile 2008-03-04 14:49:36.000000000 +0100 @@ -1,4 +1,4 @@ -# Copyright (C) 1998-2001,2004,2005,2006,2007 Free Software Foundation, Inc. +# Copyright (C) 1998-2001,2004-2008 Free Software Foundation, Inc. # This file is part of the GNU C Library. # The GNU C Library is free software; you can redistribute it and/or @@ -41,7 +41,8 @@ routines = backtrace backtracesyms back confstr_chk getgroups_chk ttyname_r_chk getlogin_r_chk \ gethostname_chk getdomainname_chk wcrtomb_chk mbsnrtowcs_chk \ wcsnrtombs_chk mbsrtowcs_chk wcsrtombs_chk mbstowcs_chk \ - wcstombs_chk \ + wcstombs_chk asprintf_chk vasprintf_chk dprintf_chk \ + vdprintf_chk obprintf_chk \ stack_chk_fail fortify_fail \ $(static-only-routines) static-only-routines := warning-nop stack_chk_fail_local @@ -51,6 +52,11 @@ CFLAGS-sprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-snprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-vsprintf_chk.c = -D_IO_MTSAFE_IO CFLAGS-vsnprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-asprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-vasprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-obprintf_chk.c = -D_IO_MTSAFE_IO +CFLAGS-dprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) +CFLAGS-vdprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-printf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-fprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) CFLAGS-vprintf_chk.c = -D_IO_MTSAFE_IO $(exceptions) --- libc/sysdeps/ieee754/ldbl-opt/nldbl-compat.c.jj 2007-09-18 21:24:15.000000000 +0200 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-compat.c 2008-03-04 13:20:33.000000000 +0100 @@ -1,5 +1,5 @@ /* *printf* family compatibility routines for IEEE double as long double - Copyright (C) 2006, 2007 Free Software Foundation, Inc. + Copyright (C) 2006, 2007, 2008 Free Software Foundation, Inc. This file is part of the GNU C Library. Contributed by Jakub Jelinek <jakub@cygnus.com>, 2006. @@ -48,6 +48,9 @@ libc_hidden_proto (__nldbl___vfprintf_ch libc_hidden_proto (__nldbl___vsyslog_chk) libc_hidden_proto (__nldbl___vsprintf_chk) libc_hidden_proto (__nldbl___vswprintf_chk) +libc_hidden_proto (__nldbl___vasprintf_chk) +libc_hidden_proto (__nldbl___vdprintf_chk) +libc_hidden_proto (__nldbl___obstack_vprintf_chk) libc_hidden_proto (__nldbl___vstrfmon) libc_hidden_proto (__nldbl___vstrfmon_l) libc_hidden_proto (__nldbl___isoc99_vsscanf) @@ -667,6 +670,86 @@ __nldbl___wprintf_chk (int flag, const w return done; } +int +attribute_compat_text_section +__nldbl___vasprintf_chk (char **ptr, int flag, const char *fmt, va_list arg) +{ + int res; + __no_long_double = 1; + res = __vasprintf_chk (ptr, flag, fmt, arg); + __no_long_double = 0; + return res; +} +libc_hidden_def (__nldbl___vasprintf_chk) + +int +attribute_compat_text_section +__nldbl___asprintf_chk (char **ptr, int flag, const char *fmt, ...) +{ + va_list arg; + int done; + + va_start (arg, fmt); + done = __nldbl___vasprintf_chk (ptr, flag, fmt, arg); + va_end (arg); + + return done; +} + +int +attribute_compat_text_section +__nldbl___vdprintf_chk (int d, int flag, const char *fmt, va_list arg) +{ + int res; + set_no_long_double (); + res = __vdprintf_chk (d, flag, fmt, arg); + clear_no_long_double (); + return res; +} +libc_hidden_def (__nldbl___vdprintf_chk) + +int +attribute_compat_text_section +__nldbl___dprintf_chk (int d, int flag, const char *fmt, ...) +{ + va_list arg; + int done; + + va_start (arg, fmt); + done = __nldbl___vdprintf_chk (d, flag, fmt, arg); + va_end (arg); + + return done; +} + +int +attribute_compat_text_section +__nldbl___obstack_vprintf_chk (struct obstack *obstack, int flag, + const char *fmt, va_list arg) +{ + int res; + __no_long_double = 1; + res = __obstack_vprintf_chk (obstack, flag, fmt, arg); + __no_long_double = 0; + return res; +} +libc_hidden_def (__nldbl___obstack_vprintf_chk) + +int +attribute_compat_text_section +__nldbl___obstack_printf_chk (struct obstack *obstack, int flag, + const char *fmt, ...) +{ + va_list arg; + int done; + + va_start (arg, fmt); + done = __nldbl___obstack_vprintf_chk (obstack, flag, fmt, arg); + va_end (arg); + + return done; +} + extern __typeof (printf_size) __printf_size; int --- libc/sysdeps/ieee754/ldbl-opt/nldbl-obstack_vprintf_chk.c.jj 2008-03-04 13:45:38.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-obstack_vprintf_chk.c 2008-03-04 13:46:35.000000000 +0100 @@ -0,0 +1,9 @@ +#include "nldbl-compat.h" + +int +attribute_hidden +__obstack_vprintf_chk (struct obstack *obstack, int flag, const char *fmt, + va_list ap) +{ + return __nldbl___obstack_vprintf_chk (obstack, flag, fmt, ap); +} --- libc/sysdeps/ieee754/ldbl-opt/nldbl-dprintf_chk.c.jj 2008-03-04 13:40:09.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-dprintf_chk.c 2008-03-04 13:40:32.000000000 +0100 @@ -0,0 +1,15 @@ +#include "nldbl-compat.h" + +attribute_hidden +int +__dprintf_chk (int d, int flag, const char *fmt, ...) +{ + va_list arg; + int done; + + va_start (arg, fmt); + done = __nldbl___vdprintf_chk (d, flag, fmt, arg); + va_end (arg); + + return done; +} --- libc/sysdeps/ieee754/ldbl-opt/nldbl-compat.h.jj 2007-09-18 21:24:15.000000000 +0200 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-compat.h 2008-03-04 13:06:31.000000000 +0100 @@ -93,6 +93,11 @@ extern int __nldbl___vsnprintf_chk (char extern int __nldbl___vswprintf_chk (wchar_t *__restrict, size_t, int, size_t, const wchar_t *__restrict, __gnuc_va_list) __THROW; +extern int __nldbl___vasprintf_chk (char **, int, const char *, _G_va_list) + __THROW; +extern int __nldbl___vdprintf_chk (int, int, const char *, _G_va_list); +extern int __nldbl___obstack_vprintf_chk (struct obstack *, int, const char *, + _G_va_list) __THROW; extern void __nldbl___vsyslog_chk (int, int, const char *, va_list); --- libc/sysdeps/ieee754/ldbl-opt/Versions.jj 2007-09-18 21:24:15.000000000 +0200 +++ libc/sysdeps/ieee754/ldbl-opt/Versions 2008-03-04 13:39:25.000000000 +0100 @@ -73,6 +73,11 @@ libc { __nldbl___isoc99_swscanf; __nldbl___isoc99_vwscanf; __nldbl___isoc99_vfwscanf; __nldbl___isoc99_vswscanf; } + GLIBC_2.8 { + __nldbl___asprintf_chk; __nldbl___vasprintf_chk; + __nldbl___dprintf_chk; __nldbl___vdprintf_chk; + __nldbl___obstack_printf_chk; __nldbl___obstack_vprintf_chk; + } } libm { NLDBL_VERSION { --- libc/sysdeps/ieee754/ldbl-opt/nldbl-obstack_printf_chk.c.jj 2008-03-04 13:45:35.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-obstack_printf_chk.c 2008-03-04 13:46:02.000000000 +0100 @@ -0,0 +1,13 @@ +#include "nldbl-compat.h" + +int +attribute_hidden +__obstack_printf_chk (struct obstack *obstack, int flag, const char *fmt, ...) +{ + int result; + va_list ap; + va_start (ap, fmt); + result = __nldbl___obstack_vprintf_chk (obstack, flag, fmt, ap); + va_end (ap); + return result; +} --- libc/sysdeps/ieee754/ldbl-opt/nldbl-asprintf_chk.c.jj 2008-03-04 13:42:32.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-asprintf_chk.c 2008-03-04 13:42:58.000000000 +0100 @@ -0,0 +1,15 @@ +#include "nldbl-compat.h" + +attribute_hidden +int +__asprintf_chk (char **string_ptr, int flag, const char *fmt, ...) +{ + va_list arg; + int done; + + va_start (arg, fmt); + done = __nldbl___vasprintf_chk (string_ptr, flag, fmt, arg); + va_end (arg); + + return done; +} --- libc/sysdeps/ieee754/ldbl-opt/nldbl-vdprintf_chk.c.jj 2008-03-04 13:40:52.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-vdprintf_chk.c 2008-03-04 13:41:11.000000000 +0100 @@ -0,0 +1,8 @@ +#include "nldbl-compat.h" + +int +attribute_hidden +__vdprintf_chk (int d, int flag, const char *fmt, va_list arg) +{ + return __nldbl___vdprintf_chk (d, flag, fmt, arg); +} --- libc/sysdeps/ieee754/ldbl-opt/Makefile.jj 2007-09-18 21:24:15.000000000 +0200 +++ libc/sysdeps/ieee754/ldbl-opt/Makefile 2008-03-04 13:48:05.000000000 +0100 @@ -20,7 +20,8 @@ libnldbl-calls = asprintf dprintf fprint fprintf_chk fwprintf_chk printf_chk snprintf_chk sprintf_chk \ swprintf_chk vfprintf_chk vfwprintf_chk vprintf_chk \ vsnprintf_chk vsprintf_chk vswprintf_chk vwprintf_chk \ - wprintf_chk \ + wprintf_chk asprintf_chk vasprintf_chk dprintf_chk \ + vdprintf_chk obstack_printf_chk obstack_vprintf_chk \ syslog syslog_chk vsyslog vsyslog_chk \ strfmon strfmon_l \ strtold strtold_l strtoldint wcstold wcstold_l wcstoldint \ --- libc/sysdeps/ieee754/ldbl-opt/nldbl-vasprintf_chk.c.jj 2008-03-04 13:46:58.000000000 +0100 +++ libc/sysdeps/ieee754/ldbl-opt/nldbl-vasprintf_chk.c 2008-03-04 13:47:22.000000000 +0100 @@ -0,0 +1,8 @@ +#include "nldbl-compat.h" + +int +attribute_hidden +__vasprintf_chk (char **result_ptr, int flag, const char *fmt, va_list ap) +{ + return __nldbl___vasprintf_chk (result_ptr, flag, fmt, ap); +} Jakub
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |