This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v3 6/7] Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
- From: Adhemerval Zanella <adhemerval dot zanella at linaro dot org>
- To: "Gabriel F. T. Gomes" <gabriel at inconstante dot eti dot br>
- Cc: libc-alpha at sourceware dot org
- Date: Tue, 4 Dec 2018 15:39:58 -0200
- Subject: Re: [PATCH v3 6/7] Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
- References: <20181115214449.19262-1-gabriel@inconstante.eti.br> <20181115214449.19262-7-gabriel@inconstante.eti.br> <878aa68c-1a30-69d6-ae01-4acd6d80ccaa@linaro.org> <20181204141946.26ba9107@tereshkova>
On 04/12/2018 14:19, Gabriel F. T. Gomes wrote:
> On Thu, 22 Nov 2018, Adhemerval Zanella wrote:
>
>> On 15/11/2018 19:44, Gabriel F. T. Gomes wrote:
>>> From: Zack Weinberg <zackw@panix.com>
>>
>> I don't recall exactly which patch was the one that actually fixes BZ#11319,
>> my previous indication was 'Add __v*printf_internal with flags arguments.'.
>> Could you recheck it please?
>
> Yes, sure. This patch fixes the bug, because of the following change...
>
>>> int
>>> -__vdprintf_chk (int d, int flags, const char *format, va_list arg)
>>> +__vdprintf_chk (int d, int flag, const char *format, va_list ap)
>>> {
>>> - struct _IO_FILE_plus tmpfil;
>>> - struct _IO_wide_data wd;
>>> - int done;
>>> -
>>> -#ifdef _IO_MTSAFE_IO
>>> - tmpfil.file._lock = NULL;
>>> -#endif
>>> - _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps);
>>> - _IO_JUMPS (&tmpfil) = &_IO_file_jumps;
>>> - _IO_new_file_init_internal (&tmpfil);
>>> - if (_IO_file_attach (&tmpfil.file, d) == NULL)
>>> - {
>>> - _IO_un_link (&tmpfil);
>>> - return EOF;
>>> - }
>>> - tmpfil.file._flags |= _IO_DELETE_DONT_CLOSE;
>>> -
>>> - _IO_mask_flags (&tmpfil.file, _IO_NO_READS,
>>> - _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING);
>>> -
>>> - /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
>>> + /* For flag > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
>>> can only come from read-only format strings. */
>>> - if (flags > 0)
>>> - tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY;
>>> -
>>> - done = __vfprintf_internal (&tmpfil.file, format, arg, 0);
>>> -
>>> - _IO_FINISH (&tmpfil.file);
>>> + unsigned int mode = (flag > 0) ? PRINTF_FORTIFY : 0;
>>>
>>> - return done;
>>> + return __vdprintf_internal (d, format, ap, mode);
>
> Notice that the call to __vfprintf_internal was replaced with a call to
> __vdprintf_internal, which has the check for EOF (lines 55 and 56 [1]).
>
> I wrote a test case to check this and I confirm that the problem is
> reproducible without this patch, but not with it. (I'll clean the test up
> and send to this list... Maybe it should get in to avoid regressions).
>
> [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=libio/iovdprintf.c;h=78a3a2bd159bfc8020d970cecadeaca6e2312a7b;hb=HEAD
>
Thanks for confirm it, could you attach the add the testcase as well?
I would prefer to push along with the patch itself, and there is no need
to send a new version for the whole set. Just update this one.