Ivan Grokhotkov [Tue, 9 Jan 2018 06:07:25 +0000 (14:07 +0800)]
newlib: fvprintf: fix get_arg for !_MB_CAPABLE
Code path for _MB_CAPABLE scans for the '%' character and advances
'fmt' pointer past '%'. Code path for !_MB_CAPABLE leaved fmt pointing
to '%', which caused the state machine to go from START to DONE state
immediately.
Corinna Vinschen [Tue, 19 Dec 2017 17:58:06 +0000 (18:58 +0100)]
cygwin: block devices: fix file offset after short writes
When reading/writing block devices, Cygwin emulates Linux, providing
a byte-exact file position, albeit the underlying device drivers don't.
Unfortunately this only worked correctly for reading. The raw_write
method failed to revalidate the buffer after the read-modify-write
cycle in case len is not a multiple of the sector length. This in
turn resulted in lseek reporting a wrong file pointer.
Also, fix a condition for invalidating the buffer after writing from
a remaining read buffer.
Corinna Vinschen [Mon, 18 Dec 2017 19:17:51 +0000 (20:17 +0100)]
newlib: ftello{64}: Handle appending stream without fflushing
Neither upstream FreeBSD nor glibc ever call fflush from ftell
and friends. In border cases it has the tendency to return
wrong or unexpected values, for instance on block devices.
Martin Aberg [Sun, 17 Dec 2017 18:23:51 +0000 (19:23 +0100)]
newlib: Availability of _kill() in sys/signal.h
Make prototype of _kill() always visible when _COMPILING_NEWLIB is
defined. This makes <sys/signal.h> consistent with the use of
_COMPILING_NEWLIB in <sys/unistd.h>, <sys/times.h>, etc.
Corinna Vinschen [Sun, 10 Dec 2017 13:11:03 +0000 (14:11 +0100)]
cygwin: mmap: fix a fork failure with private, anonymous mappings
Rounddown incoming addr on a page boundary. Without this, we may end
up with a fork error for private, anonymous maps. The reason is, we
use VirtualAlloc in this case which will potentially overcommit if
addr is not on a page boundary. This isn't taken into account in
bookkeeping, but fixup_mmaps_after_fork will eventually stumble over
this when trying to reproduce the copy-on-write pages: VirtualQuery
returns a region reaching beyond the supposedly allocated address
range and from there it goes downhill.
Jon Turney [Tue, 5 Dec 2017 18:40:44 +0000 (18:40 +0000)]
makedoc: warn about some obsolete and deprecated commands
To follow up the thread starting at [1], since all uses of TRAD_SYNOPSIS
have been removed, and all uses of ANSI_SYNOPSIS have been renamed to
SYNOPSIS, we can now warn about the use of these.
Jon Turney [Mon, 4 Dec 2017 18:08:28 +0000 (18:08 +0000)]
makedoc: make errors visible
Discard QUICKREF sections, rather than writing them to stderr
Discard MATHREF sections, rather than discarding as an error
Pass NOTES sections through to texinfo, rather than discarding as an error
Don't redirect makedoc stderr to .ref file
Remove makedoc output on error
Remove .ref files from CLEANFILES
Regenerate Makefile.ins
Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
newlib: vfwscanf: fix negation bug in %[ conversion
Old BSD bug: While ^ is recognized and the set of matching characters
is negated, the code neglects to increment the pointer pointing to the
matching characters. Thus, on a negation expression like %[^xyz], the
matching doesn't only stop at x, y, or z, but incorrectly also on ^.
Fix this by setting the start pointer after recognizing the ^.
The width value keeps the maximum field width. This is the maximum
field width of the *input*. It's *never* to be used in conjunction
with the number of bytes or characters written to the output argument.
However, especially in vfwscanf, the code is partially taken from
NetBSD which erroneously subtracts the number of multibyte chars
written to the argument from the width variable, thus potentially
subtracting up to MB_CUR_MAX from width for a single character in
the input stream.
To make matters worse, the previous patch adding %m added basically
the same mistake for 'c' type input.
Corinna Vinschen [Thu, 30 Nov 2017 09:47:38 +0000 (10:47 +0100)]
cygwin: x86_64: implement mempcpy/wmempcpy in assembler
* change memcpy to internal _memcpy not setting the return value in %rax
* implement all memcpy-like functions as caller to _memcpy, setting %rax
to correct return value beforehand. This is possible because _memcpy
does not use %rax at all
Yaakov Selkowitz [Tue, 28 Nov 2017 05:49:18 +0000 (23:49 -0600)]
ssp: add Object Size Checking for unistd.h, part 1
The implementation is from NetBSD, with the addition of feature test macros
for readlink. glibc also wraps the following functions:
confstr, getdomainname, getgroups, gethostname, getlogin_r, getwd, pread,
readlinkat, ttyname_r.
Yaakov Selkowitz [Tue, 28 Nov 2017 05:24:16 +0000 (23:24 -0600)]
ssp: add Object Size Checking for stdio.h, part 1
The implementation is mostly from NetBSD, except for switching fgets to
pure inline, and the addition of fgets_unlocked, fread, and fread_unlocked
for parity with glibc. The following functions are also guarded in glibc:
asprintf, dprintf, fprintf, printf, vasprintf, vdprintf, vfprintf, vprintf.
Yaakov Selkowitz [Tue, 28 Nov 2017 05:07:10 +0000 (23:07 -0600)]
ssp: add Object Size Checking common code
The Object Size Checking (-D_FORTIFY_SOURCE=*) functionality provides
wrappers around functions suspectible to buffer overflows. While
independent from Stack Smashing Protection (-fstack-protector*), they
are often used and implemented together.
While GCC also provides an implementation in libssp, it is completely
broken (CVE-2016-4973, RHBZ#1324759) and seemingly unfixable, as there
is no reliable way for a preprocessor macro to trigger a link flag.
Therefore, adding this here is necessary to make it work.
Note that this does require building gcc with --disable-libssp and
gcc_cv_libc_provides_ssp=yes.
Yaakov Selkowitz [Tue, 28 Nov 2017 05:04:09 +0000 (23:04 -0600)]
ssp: add APIs for Stack Smashing Protection
Compiling with any of the -fstack-protector* flags requires the
__stack_chk_guard data import (which needs to be initialized) and the
__stack_chk_fail{,_local} functions. While GCC's own libssp can provide
these, it is better that we provide these ourselves. The implementation
is custom due to being OS-specific.
Corinna Vinschen [Wed, 29 Nov 2017 14:01:30 +0000 (15:01 +0100)]
newlib: [w]scanf: Fix behaviour on matching failure
The special handling of %\0 in [w]scanf is flawed. It's just a
matching failure and should be handled as such. scanf also
fakes an int input value on %X with X being an invalid conversion
char. This is also just a matching failure and should be handled
the same way as %\0.
There's no indication of the reason for this "disgusting
backwards compatibility hacks" in the logs, given this
code made it into newlib before setting up the CVS repo.
Just handle these cases identically as matching failures.
Yaakov Selkowitz [Tue, 28 Nov 2017 10:03:29 +0000 (04:03 -0600)]
cygwin: define _POSIX_TIMEOUTS
Since commit 8128f5482f2b1889e2336488e9d45a33c9972d11, we have all the
non-tracing functions listed in posixoptions(7). The tracing functions
are gated by their own option, and are obsolecent anyway.
git://sourceware.org / newlib-cygwin.git / log