diff options
author | Zack Weinberg <zackw@panix.com> | 2018-03-07 14:32:03 -0500 |
---|---|---|
committer | Gabriel F. T. Gomes <gabriel@inconstante.eti.br> | 2018-12-05 18:15:43 -0200 |
commit | 4e2f43f842ef5e253cc23383645adbaa03cedb86 (patch) | |
tree | ca359423ba6ed4bb4d5ec247905a6ee13d456864 /stdio-common | |
parent | 124fc732c15ef37b7ee9db25b1e9f9b20c799623 (diff) | |
download | glibc-4e2f43f842ef5e253cc23383645adbaa03cedb86.tar.gz glibc-4e2f43f842ef5e253cc23383645adbaa03cedb86.tar.xz glibc-4e2f43f842ef5e253cc23383645adbaa03cedb86.zip |
Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
The _chk variants of all of the printf functions become much simpler. This is the last thing that we needed _IO_acquire_lock_clear_flags2 for, so it can go as well. I took the opportunity to make the headers included and the names of all local variables consistent across all the affected files. Since we ultimately want to get rid of __no_long_double as well, it must be possible to get all of the nontrivial effects of the _chk functions by calling the _internal functions with appropriate flags. For most of the __(v)xprintf_chk functions, this is covered by PRINTF_FORTIFY plus some up-front argument checks that can be duplicated. However, __(v)sprintf_chk installs a custom jump table so that it can crash instead of overflowing the output buffer. This functionality is moved to __vsprintf_internal, which now has a 'maxlen' argument like __vsnprintf_internal; to get the unsafe behavior of ordinary (v)sprintf, pass -1 for that argument. obstack_printf_chk and obstack_vprintf_chk are no longer in the same file. As a side-effect of the unification of both fortified and non-fortified vdprintf initialization, this patch fixes bug 11319 for __dprintf_chk and __vdprintf_chk, which was previously fixed only for dprintf and vdprintf by the commit commit 7ca890b88e6ab7624afb1742a9fffb37ad5b3fc3 Author: Ulrich Drepper <drepper@redhat.com> Date: Wed Feb 24 16:07:57 2010 -0800 Fix reporting of I/O errors in *dprintf functions. This patch adds a test case to avoid regressions. Tested for powerpc and powerpc64le.
Diffstat (limited to 'stdio-common')
-rw-r--r-- | stdio-common/Makefile | 6 | ||||
-rw-r--r-- | stdio-common/sprintf.c | 2 | ||||
-rw-r--r-- | stdio-common/tst-bz11319-fortify2.c | 1 | ||||
-rw-r--r-- | stdio-common/tst-bz11319.c | 49 | ||||
-rw-r--r-- | stdio-common/vfprintf-internal.c | 2 |
5 files changed, 56 insertions, 4 deletions
diff --git a/stdio-common/Makefile b/stdio-common/Makefile index 84bad1fafe..8978b3fb1f 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -64,7 +64,7 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ tst-vfprintf-user-type \ tst-vfprintf-mbs-prec \ tst-scanf-round \ - tst-renameat2 \ + tst-renameat2 tst-bz11319 tst-bz11319-fortify2 \ test-srcs = tst-unbputc tst-printf tst-printfsz-islongdouble @@ -164,6 +164,10 @@ CFLAGS-test_rdwr.c += -DOBJPFX=\"$(objpfx)\" # tst-gets.c tests a deprecated function. CFLAGS-tst-gets.c += -Wno-deprecated-declarations +# BZ #11319 was first fixed for regular vdprintf, then reopened because +# the fortified version had the same bug. +CFLAGS-tst-bz11319-fortify2.c += -D_FORTIFY_SOURCE=2 + CPPFLAGS += $(libio-mtsafe) $(objpfx)tst-setvbuf1.out: /dev/null $(objpfx)tst-setvbuf1 diff --git a/stdio-common/sprintf.c b/stdio-common/sprintf.c index 77423b292f..447faa4e25 100644 --- a/stdio-common/sprintf.c +++ b/stdio-common/sprintf.c @@ -27,7 +27,7 @@ __sprintf (char *s, const char *format, ...) int done; va_start (arg, format); - done = __vsprintf_internal (s, format, arg, 0); + done = __vsprintf_internal (s, -1, format, arg, 0); va_end (arg); return done; diff --git a/stdio-common/tst-bz11319-fortify2.c b/stdio-common/tst-bz11319-fortify2.c new file mode 100644 index 0000000000..a8df9a39bd --- /dev/null +++ b/stdio-common/tst-bz11319-fortify2.c @@ -0,0 +1 @@ +#include <tst-bz11319.c> diff --git a/stdio-common/tst-bz11319.c b/stdio-common/tst-bz11319.c new file mode 100644 index 0000000000..f986c39a66 --- /dev/null +++ b/stdio-common/tst-bz11319.c @@ -0,0 +1,49 @@ +/* Regression test for bug 11319. + Copyright (C) 2018 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <http://www.gnu.org/licenses/>. */ + +#define _GNU_SOURCE 1 + +#include <fcntl.h> +#include <stdio.h> +#include <stdlib.h> + +#include <support/check.h> +#include <support/temp_file.h> +#include <support/xunistd.h> + +static int +do_test (void) +{ + char *tempfile; + int fd; + + /* Create a temporary file and open it in read-only mode. */ + TEST_VERIFY_EXIT (create_temp_file ("tst-bz11319", &tempfile)); + fd = xopen (tempfile, O_RDONLY, 0660); + + /* Try and write to the temporary file to intentionally fail, then + check that dprintf (or __dprintf_chk) return EOF. */ + TEST_COMPARE (dprintf (fd, "%d", 0), EOF); + + xclose (fd); + free (tempfile); + + return 0; +} + +#include <support/test-driver.c> diff --git a/stdio-common/vfprintf-internal.c b/stdio-common/vfprintf-internal.c index b0c86e99bd..4cc4261ead 100644 --- a/stdio-common/vfprintf-internal.c +++ b/stdio-common/vfprintf-internal.c @@ -1283,8 +1283,6 @@ vfprintf (FILE *s, const CHAR_T *format, va_list ap, unsigned int mode_flags) /* Temporarily honor environmental settings. */ if (__ldbl_is_dbl) mode_flags |= PRINTF_LDBL_IS_DBL; - if (s->_flags2 & _IO_FLAGS2_FORTIFY) - mode_flags |= PRINTF_FORTIFY; /* Orient the stream. */ #ifdef ORIENT |