This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v3 6/7] Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)



On 04/12/2018 14:19, Gabriel F. T. Gomes wrote:
> On Thu, 22 Nov 2018, Adhemerval Zanella wrote:
> 
>> On 15/11/2018 19:44, Gabriel F. T. Gomes wrote:
>>> From: Zack Weinberg <zackw@panix.com>
>>
>> I don't recall exactly which patch was the one that actually fixes BZ#11319,
>> my previous indication was 'Add __v*printf_internal with flags arguments.'.
>> Could you recheck it please?
> 
> Yes, sure.  This patch fixes the bug, because of the following change...
> 
>>>  int
>>> -__vdprintf_chk (int d, int flags, const char *format, va_list arg)
>>> +__vdprintf_chk (int d, int flag, const char *format, va_list ap)
>>>  {
>>> -  struct _IO_FILE_plus tmpfil;
>>> -  struct _IO_wide_data wd;
>>> -  int done;
>>> -
>>> -#ifdef _IO_MTSAFE_IO
>>> -  tmpfil.file._lock = NULL;
>>> -#endif
>>> -  _IO_no_init (&tmpfil.file, _IO_USER_LOCK, 0, &wd, &_IO_wfile_jumps);
>>> -  _IO_JUMPS (&tmpfil) = &_IO_file_jumps;
>>> -  _IO_new_file_init_internal (&tmpfil);
>>> -  if (_IO_file_attach (&tmpfil.file, d) == NULL)
>>> -    {
>>> -      _IO_un_link (&tmpfil);
>>> -      return EOF;
>>> -    }
>>> -  tmpfil.file._flags |= _IO_DELETE_DONT_CLOSE;
>>> -
>>> -  _IO_mask_flags (&tmpfil.file, _IO_NO_READS,
>>> -		  _IO_NO_READS+_IO_NO_WRITES+_IO_IS_APPENDING);
>>> -
>>> -  /* For flags > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
>>> +  /* For flag > 0 (i.e. __USE_FORTIFY_LEVEL > 1) request that %n
>>>       can only come from read-only format strings.  */
>>> -  if (flags > 0)
>>> -    tmpfil.file._flags2 |= _IO_FLAGS2_FORTIFY;
>>> -
>>> -  done = __vfprintf_internal (&tmpfil.file, format, arg, 0);
>>> -
>>> -  _IO_FINISH (&tmpfil.file);
>>> +  unsigned int mode = (flag > 0) ? PRINTF_FORTIFY : 0;
>>>  
>>> -  return done;
>>> +  return __vdprintf_internal (d, format, ap, mode);
> 
> Notice that the call to __vfprintf_internal was replaced with a call to
> __vdprintf_internal, which has the check for EOF (lines 55 and 56 [1]).
> 
> I wrote a test case to check this and I confirm that the problem is
> reproducible without this patch, but not with it.  (I'll clean the test up
> and send to this list...  Maybe it should get in to avoid regressions).
> 
> [1] https://sourceware.org/git/?p=glibc.git;a=blob;f=libio/iovdprintf.c;h=78a3a2bd159bfc8020d970cecadeaca6e2312a7b;hb=HEAD
> 

Thanks for confirm it, could you attach the add the testcase as well?
I would prefer to push along with the patch itself, and there is no need
to send a new version for the whole set. Just update this one.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]