This is the mail archive of the
glibc-cvs@sourceware.org
mailing list for the glibc project.
GNU C Library master sources branch, master, updated. glibc-2.14-534-gf3a6cc0
- From: schwab at sourceware dot org
- To: glibc-cvs at sourceware dot org
- Date: 30 Nov 2011 10:08:17 -0000
- Subject: GNU C Library master sources branch, master, updated. glibc-2.14-534-gf3a6cc0
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via f3a6cc0a560a17f32a3e90d2f20501a53cab6058 (commit)
via c5a0802a682dba23f92d47f0f99775aebfbe2539 (commit)
from 9d65ea3a9b83ac3961229ba296a7caf90abce68d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=f3a6cc0a560a17f32a3e90d2f20501a53cab6058
commit f3a6cc0a560a17f32a3e90d2f20501a53cab6058
Author: Andreas Schwab <schwab@redhat.com>
Date: Tue Nov 29 10:52:22 2011 +0100
Fix access after end of search string in regex matcher
diff --git a/ChangeLog b/ChangeLog
index 4744688..b1a9225 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,14 @@
+2011-11-29 Andreas Schwab <schwab@redhat.com>
+
+ * locale/weight.h (findidx): Add parameter len.
+ * locale/weightwc.h (findidx): Likewise.
+ * posix/fnmatch_loop.c (FCT): Adjust caller.
+ * posix/regcomp.c (build_equiv_class): Likewise.
+ * posix/regex_internal.h (re_string_elem_size_at): Likewise.
+ * posix/regexec.c (check_node_accept_bytes): Likewise.
+ * string/strcoll_l.c (STRCOLL): Likewise.
+ * string/strxfrm_l.c (STRXFRM): Likewise.
+
2011-11-28 Andreas Schwab <schwab@redhat.com>
* sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S: Handle
diff --git a/locale/weight.h b/locale/weight.h
index dc70a00..967e176 100644
--- a/locale/weight.h
+++ b/locale/weight.h
@@ -1,4 +1,4 @@
-/* Copyright (C) 1996,1997,1998,1999,2000,2003,2004 Free Software Foundation, Inc.
+/* Copyright (C) 1996,1997,1998,1999,2000,2003,2004,2011 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Written by Ulrich Drepper, <drepper@cygnus.com>.
@@ -20,7 +20,7 @@
/* Find index of weight. */
auto inline int32_t
__attribute ((always_inline))
-findidx (const unsigned char **cpp)
+findidx (const unsigned char **cpp, size_t len)
{
int_fast32_t i = table[*(*cpp)++];
const unsigned char *cp;
@@ -34,6 +34,7 @@ findidx (const unsigned char **cpp)
Search for the correct one. */
cp = &extra[-i];
usrc = *cpp;
+ --len;
while (1)
{
size_t nhere;
@@ -56,7 +57,7 @@ findidx (const unsigned char **cpp)
already. */
size_t cnt;
- for (cnt = 0; cnt < nhere; ++cnt)
+ for (cnt = 0; cnt < nhere && cnt < len; ++cnt)
if (cp[cnt] != usrc[cnt])
break;
@@ -79,13 +80,13 @@ findidx (const unsigned char **cpp)
size_t cnt;
size_t offset = 0;
- for (cnt = 0; cnt < nhere; ++cnt)
+ for (cnt = 0; cnt < nhere && cnt < len; ++cnt)
if (cp[cnt] != usrc[cnt])
break;
if (cnt != nhere)
{
- if (cp[cnt] > usrc[cnt])
+ if (cnt == len || cp[cnt] > usrc[cnt])
{
/* Cannot be in this range. */
cp += 2 * nhere;
diff --git a/locale/weightwc.h b/locale/weightwc.h
index 9ea1126..7862091 100644
--- a/locale/weightwc.h
+++ b/locale/weightwc.h
@@ -1,4 +1,4 @@
-/* Copyright (C) 1996-2001,2003,2004,2005,2007 Free Software Foundation, Inc.
+/* Copyright (C) 1996-2001,2003,2004,2005,2007,2011 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Written by Ulrich Drepper, <drepper@cygnus.com>.
@@ -20,7 +20,7 @@
/* Find index of weight. */
auto inline int32_t
__attribute ((always_inline))
-findidx (const wint_t **cpp)
+findidx (const wint_t **cpp, size_t len)
{
wint_t ch = *(*cpp)++;
int32_t i = __collidx_table_lookup ((const char *) table, ch);
@@ -32,6 +32,7 @@ findidx (const wint_t **cpp)
/* Oh well, more than one sequence starting with this byte.
Search for the correct one. */
const int32_t *cp = (const int32_t *) &extra[-i];
+ --len;
while (1)
{
size_t nhere;
@@ -54,7 +55,7 @@ findidx (const wint_t **cpp)
already. */
size_t cnt;
- for (cnt = 0; cnt < nhere; ++cnt)
+ for (cnt = 0; cnt < nhere && cnt < len; ++cnt)
if (cp[cnt] != usrc[cnt])
break;
@@ -75,7 +76,7 @@ findidx (const wint_t **cpp)
size_t cnt;
size_t offset;
- for (cnt = 0; cnt < nhere - 1; ++cnt)
+ for (cnt = 0; cnt < nhere - 1 && cnt < len; ++cnt)
if (cp[cnt] != usrc[cnt])
break;
diff --git a/posix/fnmatch_loop.c b/posix/fnmatch_loop.c
index 18a6667..72bd3ee 100644
--- a/posix/fnmatch_loop.c
+++ b/posix/fnmatch_loop.c
@@ -412,7 +412,7 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
_NL_CURRENT (LC_COLLATE, _NL_COLLATE_INDIRECTMB);
# endif
- idx = findidx (&cp);
+ idx = findidx (&cp, 1);
if (idx != 0)
{
/* We found a table entry. Now see whether the
@@ -422,7 +422,7 @@ FCT (pattern, string, string_end, no_leading_period, flags, ends, alloca_used)
int32_t idx2;
const UCHAR *np = (const UCHAR *) n;
- idx2 = findidx (&np);
+ idx2 = findidx (&np, string_end - n);
if (idx2 != 0
&& (idx >> 24) == (idx2 >> 24)
&& len == weights[idx2 & 0xffffff])
diff --git a/posix/regcomp.c b/posix/regcomp.c
index b238c08..34ee845 100644
--- a/posix/regcomp.c
+++ b/posix/regcomp.c
@@ -1,5 +1,5 @@
/* Extended regular expression matching and search library.
- Copyright (C) 2002-2007,2009,2010 Free Software Foundation, Inc.
+ Copyright (C) 2002-2007,2009,2010,2011 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Contributed by Isamu Hasegawa <isamu@yamato.ibm.com>.
@@ -3409,19 +3409,18 @@ build_equiv_class (bitset_t sbcset, const unsigned char *name)
_NL_COLLATE_EXTRAMB);
indirect = (const int32_t *) _NL_CURRENT (LC_COLLATE,
_NL_COLLATE_INDIRECTMB);
- idx1 = findidx (&cp);
- if (BE (idx1 == 0 || cp < name + strlen ((const char *) name), 0))
+ idx1 = findidx (&cp, -1);
+ if (BE (idx1 == 0 || *cp != '\0', 0))
/* This isn't a valid character. */
return REG_ECOLLATE;
/* Build single byte matcing table for this equivalence class. */
- char_buf[1] = (unsigned char) '\0';
len = weights[idx1 & 0xffffff];
for (ch = 0; ch < SBC_MAX; ++ch)
{
char_buf[0] = ch;
cp = char_buf;
- idx2 = findidx (&cp);
+ idx2 = findidx (&cp, 1);
/*
idx2 = table[ch];
*/
diff --git a/posix/regex_internal.h b/posix/regex_internal.h
index 74dd230..1e4e167 100644
--- a/posix/regex_internal.h
+++ b/posix/regex_internal.h
@@ -755,7 +755,7 @@ re_string_elem_size_at (const re_string_t *pstr, int idx)
indirect = (const int32_t *) _NL_CURRENT (LC_COLLATE,
_NL_COLLATE_INDIRECTMB);
p = pstr->mbs + idx;
- findidx (&p);
+ findidx (&p, pstr->len - idx);
return p - pstr->mbs - idx;
}
else
diff --git a/posix/regexec.c b/posix/regexec.c
index 9e0c565..3ea810b 100644
--- a/posix/regexec.c
+++ b/posix/regexec.c
@@ -3924,7 +3924,7 @@ check_node_accept_bytes (const re_dfa_t *dfa, int node_idx,
_NL_CURRENT (LC_COLLATE, _NL_COLLATE_EXTRAMB);
indirect = (const int32_t *)
_NL_CURRENT (LC_COLLATE, _NL_COLLATE_INDIRECTMB);
- int32_t idx = findidx (&cp);
+ int32_t idx = findidx (&cp, elem_len);
if (idx > 0)
for (i = 0; i < cset->nequiv_classes; ++i)
{
diff --git a/string/strcoll_l.c b/string/strcoll_l.c
index d8d1139..fb77d08 100644
--- a/string/strcoll_l.c
+++ b/string/strcoll_l.c
@@ -1,4 +1,4 @@
-/* Copyright (C) 1995-1997,2002,2004,2007,2010 Free Software Foundation, Inc.
+/* Copyright (C) 1995-1997,2002,2004,2007,2010,2011 Free Software Foundation, Inc.
This file is part of the GNU C Library.
Written by Ulrich Drepper <drepper@gnu.org>, 1995.
@@ -205,7 +205,7 @@ STRCOLL (s1, s2, l)
while (*us1 != L('\0'))
{
- int32_t tmp = findidx (&us1);
+ int32_t tmp = findidx (&us1, -1);
rule1arr[idx1max] = tmp >> 24;
idx1arr[idx1max] = tmp & 0xffffff;
idx1cnt = idx1max++;
@@ -267,7 +267,7 @@ STRCOLL (s1, s2, l)
while (*us2 != L('\0'))
{
- int32_t tmp = findidx (&us2);
+ int32_t tmp = findidx (&us2, -1);
rule2arr[idx2max] = tmp >> 24;
idx2arr[idx2max] = tmp & 0xffffff;
idx2cnt = idx2max++;
diff --git a/string/strxfrm_l.c b/string/strxfrm_l.c
index 220253c..b06556d 100644
--- a/string/strxfrm_l.c
+++ b/string/strxfrm_l.c
@@ -176,7 +176,7 @@ STRXFRM (STRING_TYPE *dest, const STRING_TYPE *src, size_t n, __locale_t l)
idxmax = 0;
do
{
- int32_t tmp = findidx (&usrc);
+ int32_t tmp = findidx (&usrc, -1);
rulearr[idxmax] = tmp >> 24;
idxarr[idxmax] = tmp & 0xffffff;
http://sources.redhat.com/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=c5a0802a682dba23f92d47f0f99775aebfbe2539
commit c5a0802a682dba23f92d47f0f99775aebfbe2539
Author: Andreas Schwab <schwab@redhat.com>
Date: Mon Nov 28 13:38:19 2011 +0100
Handle EAGAIN from FUTEX_WAIT_REQUEUE_PI
diff --git a/ChangeLog b/ChangeLog
index d9866de..4744688 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2011-11-28 Andreas Schwab <schwab@redhat.com>
+
+ * sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S: Handle
+ EAGAIN from FUTEX_WAIT_REQUEUE_PI.
+ * sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S: Likewise.
+
2011-11-17 Ulrich Drepper <drepper@gmail.com>
* Makefile.in: Remove CVSOPT handling.
diff --git a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S
index 53970d7..54590b7 100644
--- a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S
+++ b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_wait.S
@@ -134,6 +134,7 @@ __pthread_cond_wait:
cmpl $PI_BIT, %eax
jne 18f
+90:
movl $(FUTEX_WAIT_REQUEUE_PI|FUTEX_PRIVATE_FLAG), %ecx
movl %ebp, %edx
xorl %esi, %esi
@@ -147,6 +148,9 @@ __pthread_cond_wait:
sete 16(%esp)
je 19f
+ cmpl $-EAGAIN, %eax
+ je 91f
+
/* Normal and PI futexes dont mix. Use normal futex functions only
if the kernel does not support the PI futex functions. */
cmpl $-ENOSYS, %eax
@@ -391,6 +395,78 @@ __pthread_cond_wait:
#endif
call __lll_unlock_wake
jmp 11b
+
+91:
+.LcleanupSTART2:
+ /* FUTEX_WAIT_REQUEUE_PI returned EAGAIN. We need to
+ call it again. */
+
+ /* Get internal lock. */
+ movl $1, %edx
+ xorl %eax, %eax
+ LOCK
+#if cond_lock == 0
+ cmpxchgl %edx, (%ebx)
+#else
+ cmpxchgl %edx, cond_lock(%ebx)
+#endif
+ jz 92f
+
+#if cond_lock == 0
+ movl %ebx, %edx
+#else
+ leal cond_lock(%ebx), %edx
+#endif
+#if (LLL_SHARED-LLL_PRIVATE) > 255
+ xorl %ecx, %ecx
+#endif
+ cmpl $-1, dep_mutex(%ebx)
+ setne %cl
+ subl $1, %ecx
+ andl $(LLL_SHARED-LLL_PRIVATE), %ecx
+#if LLL_PRIVATE != 0
+ addl $LLL_PRIVATE, %ecx
+#endif
+ call __lll_lock_wait
+
+92:
+ /* Increment the cond_futex value again, so it can be used as a new
+ expected value. */
+ addl $1, cond_futex(%ebx)
+ movl cond_futex(%ebx), %ebp
+
+ /* Unlock. */
+ LOCK
+#if cond_lock == 0
+ subl $1, (%ebx)
+#else
+ subl $1, cond_lock(%ebx)
+#endif
+ je 93f
+#if cond_lock == 0
+ movl %ebx, %eax
+#else
+ leal cond_lock(%ebx), %eax
+#endif
+#if (LLL_SHARED-LLL_PRIVATE) > 255
+ xorl %ecx, %ecx
+#endif
+ cmpl $-1, dep_mutex(%ebx)
+ setne %cl
+ subl $1, %ecx
+ andl $(LLL_SHARED-LLL_PRIVATE), %ecx
+#if LLL_PRIVATE != 0
+ addl $LLL_PRIVATE, %ecx
+#endif
+ call __lll_unlock_wake
+
+93:
+ /* Set the rest of SYS_futex args for FUTEX_WAIT_REQUEUE_PI. */
+ xorl %ecx, %ecx
+ movl dep_mutex(%ebx), %edi
+ jmp 90b
+.LcleanupEND2:
+
.size __pthread_cond_wait, .-__pthread_cond_wait
versioned_symbol (libpthread, __pthread_cond_wait, pthread_cond_wait,
GLIBC_2_3_2)
@@ -563,6 +639,10 @@ __condvar_w_cleanup:
.long .LcleanupEND-.Lsub_cond_futex
.long __condvar_w_cleanup-.LSTARTCODE
.uleb128 0
+ .long .LcleanupSTART2-.LSTARTCODE
+ .long .LcleanupEND2-.LcleanupSTART2
+ .long __condvar_w_cleanup-.LSTARTCODE
+ .uleb128 0
.long .LcallUR-.LSTARTCODE
.long .LENDCODE-.LcallUR
.long 0
diff --git a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
index 7535baa..d837d15 100644
--- a/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
+++ b/nptl/sysdeps/unix/sysv/linux/x86_64/pthread_cond_wait.S
@@ -23,6 +23,7 @@
#include <lowlevelcond.h>
#include <tcb-offsets.h>
#include <pthread-pi-defines.h>
+#include <pthread-errnos.h>
#include <kernel-features.h>
@@ -133,11 +134,14 @@ __pthread_cond_wait:
cmpl $PI_BIT, %eax
jne 61f
+90:
movl $(FUTEX_WAIT_REQUEUE_PI|FUTEX_PRIVATE_FLAG), %esi
movl $SYS_futex, %eax
syscall
movl $1, %r8d
+ cmpq $-EAGAIN, %rax
+ je 91f
#ifdef __ASSUME_REQUEUE_PI
jmp 62f
#else
@@ -324,6 +328,70 @@ __pthread_cond_wait:
13: movq %r10, %rax
jmp 14b
+
+91:
+.LcleanupSTART2:
+ /* FUTEX_WAIT_REQUEUE_PI returned EAGAIN. We need to
+ call it again. */
+ movq 8(%rsp), %rdi
+
+ /* Get internal lock. */
+ movl $1, %esi
+ xorl %eax, %eax
+ LOCK
+#if cond_lock == 0
+ cmpxchgl %esi, (%rdi)
+#else
+ cmpxchgl %esi, cond_lock(%rdi)
+#endif
+ jz 92f
+
+#if cond_lock != 0
+ addq $cond_lock, %rdi
+#endif
+ cmpq $-1, dep_mutex-cond_lock(%rdi)
+ movl $LLL_PRIVATE, %eax
+ movl $LLL_SHARED, %esi
+ cmovne %eax, %esi
+ callq __lll_lock_wait
+#if cond_lock != 0
+ subq $cond_lock, %rdi
+#endif
+92:
+ /* Increment the cond_futex value again, so it can be used as a new
+ expected value. */
+ incl cond_futex(%rdi)
+ movl cond_futex(%rdi), %edx
+
+ /* Release internal lock. */
+ LOCK
+#if cond_lock == 0
+ decl (%rdi)
+#else
+ decl cond_lock(%rdi)
+#endif
+ jz 93f
+
+#if cond_lock != 0
+ addq $cond_lock, %rdi
+#endif
+ cmpq $-1, dep_mutex-cond_lock(%rdi)
+ movl $LLL_PRIVATE, %eax
+ movl $LLL_SHARED, %esi
+ cmovne %eax, %esi
+ /* The call preserves %rdx. */
+ callq __lll_unlock_wake
+#if cond_lock != 0
+ subq $cond_lock, %rdi
+#endif
+93:
+ /* Set the rest of SYS_futex args for FUTEX_WAIT_REQUEUE_PI. */
+ xorq %r10, %r10
+ movq dep_mutex(%rdi), %r8
+ leaq cond_futex(%rdi), %rdi
+ jmp 90b
+.LcleanupEND2:
+
.size __pthread_cond_wait, .-__pthread_cond_wait
versioned_symbol (libpthread, __pthread_cond_wait, pthread_cond_wait,
GLIBC_2_3_2)
@@ -476,11 +544,15 @@ __condvar_cleanup1:
.uleb128 .LcleanupSTART-.LSTARTCODE
.uleb128 .LcleanupEND-.LcleanupSTART
.uleb128 __condvar_cleanup1-.LSTARTCODE
- .uleb128 0
+ .uleb128 0
+ .uleb128 .LcleanupSTART2-.LSTARTCODE
+ .uleb128 .LcleanupEND2-.LcleanupSTART2
+ .uleb128 __condvar_cleanup1-.LSTARTCODE
+ .uleb128 0
.uleb128 .LcallUR-.LSTARTCODE
.uleb128 .LENDCODE-.LcallUR
.uleb128 0
- .uleb128 0
+ .uleb128 0
.Lcstend:
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 17 ++++
locale/weight.h | 11 ++-
locale/weightwc.h | 9 +-
.../unix/sysv/linux/i386/i486/pthread_cond_wait.S | 80 ++++++++++++++++++++
.../unix/sysv/linux/x86_64/pthread_cond_wait.S | 76 ++++++++++++++++++-
posix/fnmatch_loop.c | 4 +-
posix/regcomp.c | 9 +-
posix/regex_internal.h | 2 +-
posix/regexec.c | 2 +-
string/strcoll_l.c | 6 +-
string/strxfrm_l.c | 2 +-
11 files changed, 194 insertions(+), 24 deletions(-)
hooks/post-receive
--
GNU C Library master sources