summary refs log tree commit diff
Commit message (Collapse)AuthorAgeFilesLines
* Add renameat2 function [BZ #17662]Florian Weimer2018-07-0545-5/+400
| | | | | | | The implementation falls back to renameat if renameat2 is not available in the kernel (or in the kernel headers) and the flags argument is zero. Without kernel support, a non-zero argument returns EINVAL, not ENOSYS. This mirrors what the kernel does for invalid renameat2 flags.
* posix: Fix bug-regex33 after regex syncAdhemerval Zanella2018-07-042-3/+7
| | | | | | | | | | | On some platforms the inclusion of regex-internal.h in bug-regex33 testcase show a MAX redefinition if test-skeleton.c is include later. This patch fixes by removing regex-internal.h inclusion and using SBC_MAX value directly. Checked on aarch64-linux-gnu. * posix/bug-regex33.c: Fix build after regex sync.
* locale: XFAIL newlocale usage in static binary (Bug 23164)Carlos O'Donell2018-07-048-27/+176
| | | | | | | | | | | | | | There is a glibc optimization which allows for locale categories to be removed during static compilation. There have been various bugs for this support over the years, with bug 16915 being the most recent. The solution there was to emit a reference to all the categories to avoid any being removed. This fix, although it's in the generic __nl_langinfo_l function, doesn't appear to be enough to fix the case for a statically linked program that uses newlocale and nl_langinfo_l. This commit doesn't fix the problem, but it does add a XFAIL'd test case such that a fix can be applied against this and the XFAIL removed. It's not entirely clear that the problem is the same as that which was seen in bug 16915.
* testrun.sh: Implement --tool=strace, --tool=valgrindFlorian Weimer2018-07-047-23/+65
| | | | | | | | $(file …) appears to be the only convenient way to create files with newlines and make substitution variables. This needs make 4.0 (released in 2013), so update the requirement to match. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* posix: Sync gnulib regex implementationAdhemerval Zanella2018-07-0412-1161/+1609
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch syncs the regex implementation with gnulib (commit 0ee5212). Only two changes in GLIBC regex testing are required: 1. posix/bug-regex28.c: as previously discussed [1] the change of expected results on the pattern should be safe. 2. posix/PCRE.tests: the ERE (a)|\1 is malformed (in the sense that the \1 doesn't mean anything) and although current GLIBC accepts it has undefined behavior. This patch removes the specific test. This sync contains some patches from thread 'Regex: Make libc regex more usable outside GLIBC.' [2] which have been pushed upstream in gnulib. This patches also fixes some regex issues (BZ #23233, BZ #21163, BZ #18986, BZ #13762) and I did not add testcases for both #23233 and #13762 because I couldn't think a simple way to trigger the expected failure path to trigger them. Checked on x86_64-linux-gnu and i686-linux-gnu. [BZ #23233] [BZ #21163] [BZ #18986] [BZ #13762] * posix/Makefile (tests): Add bug-regex37 and bug-regex38. * posix/PCRE.tests: Remove invalid test. * posix/bug-regex28.c: Fix expected values for used syntax. * posix/bug-regex37.c: New file. * posix/bug-regex38.c: Likewise. * posix/regcomp.c: Sync with gnulib. * posix/regex.c: Likewise. * posix/regex.h: Likewise. * posix/regex_internal.c: Likewise. * posix/regex_internal.h: Likewise. * posix/regexec.c: Likewise. [1] https://sourceware.org/ml/libc-alpha/2017-12/msg00807.html [2] https://sourceware.org/ml/libc-alpha/2017-12/msg00237.html
* Bug 23308: Update to Unicode 11.0.0Mike FABIAN2018-07-0416-2375/+4372
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Unicode 11.0.0 Support: Character encoding, character type info, and transliteration tables are all updated to Unicode 11.0.0, using the generator scripts contributed by Mike FABIAN (Red Hat). Some info about the number of characters added: Total added characters in newly generated CHARMAP: 684 Total added characters in newly generated WIDTH: 119 alpha: Added 380 characters in new ctype which were not in old ctype combining: Added 56 characters in new ctype which were not in old ctype combining_level3: Added 37 characters in new ctype which were not in old ctype graph: Added 684 characters in new ctype which were not in old ctype lower: Added 82 characters in new ctype which were not in old ctype print: Added 684 characters in new ctype which were not in old ctype punct: Added 304 characters in new ctype which were not in old ctype tolower: Added 79 characters in new ctype which were not in old ctype totitle: Added 33 characters in new ctype which were not in old ctype toupper: Added 79 characters in new ctype which were not in old ctype upper: Added 79 characters in new ctype which were not in old ctype No characters were removed. [BZ #23308] * unicode-gen/Makefile (UNICODE_VERSION): Set to 11.0.0. * localedata/unicode-gen/DerivedCoreProperties.txt: Update to Unicode 11.0.0. * localedata/unicode-gen/EastAsianWidth.txt: likewise. * localedata/unicode-gen/PropList.txt: likewise. * localedata/unicode-gen/UnicodeData.txt: likewise. * localedata/charmaps/UTF-8: Regenerate. * localedata/locales/i18n_ctype: likewise. * localedata/locales/tr_TR: likewise. * localedata/locales/translit_circle: likewise. * localedata/locales/translit_cjk_compat: likewise. * localedata/locales/translit_combining: likewise. * localedata/locales/translit_compat: likewise. * localedata/locales/translit_font: likewise. * localedata/locales/translit_fraction: likewise.
* stdio-common/tst-printf.c: Remove part under a non-free license [BZ #23363]Florian Weimer2018-07-034-123/+9
| | | | | | The license does not allow modification. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Fix hurd expected fcntl versionAdhemerval Zanella2018-07-032-1/+5
| | | | | | | | | | | Different than Linux, hurd does not need the OFD locks fix from 06ab719d30b (since OFD locks are current Linux specific). This in turn allows hurd to not provide a fcntl compat symbol. Checked on a i686-gnu with check-abi. * sysdeps/mach/hurd/i386/libc.abilist [GLIBC_2.28] (fcntl): Remove symbol.
* ldbl-128ibm-compat: Add printf_sizeGabriel F. T. Gomes2018-07-029-2/+182
| | | | | | | | | | | | | | | | | | | | | Since the addition of the _Float128 API, strfromf128 and printf_size use __printf_fp to print _Float128 values. This is achieved by setting the 'is_binary128' member of the 'printf_info' structure to one. Now that the format of long double on powerpc64le is getting a third option, this mechanism is reused for long double values that have binary128 format (i.e.: when -mabi=ieeelongdouble). This patch adds __printf_sizeieee128 as an exported symbol, but doesn't provide redirections from printf_size, yet. All redirections will be installed in a future commit, once all other functions that print or read long double values with binary128 format are ready. In __printf_fp, when 'is_binary128' is one, the floating-point argument is treated as if it was of _Float128 type, regardless of the value of 'is_long_double', thus __printf_sizeieee128 sets 'is_binary128' to the same value of 'is_long_double'. Otherwise, double values would not be printed correctly. Tested for powerpc64le.
* Use uint32_t sign in single precision math error handling functionsSzabolcs Nagy2018-07-024-11/+27
| | | | | | | | | | | | | | | | | | | | | Ideally sign should be bool, but sometimes (e.g. in powf) it's more efficient to pass a non-zero value than 1 to indicate that the sign should be set. The fixed size int is less ambigous than unsigned long. * sysdeps/ieee754/flt-32/e_powf.c (__powf): Use uint32_t. (exp2f_inline): Likewise. * sysdeps/ieee754/flt-32/math_config.h (__math_oflowf): Likewise. (__math_uflowf): Likewise. (__math_may_uflowf): Likewise. (__math_divzerof): Likewise. (__math_invalidf): Likewise. * sysdeps/ieee754/flt-32/math_errf.c (xflowf): Likewise. (__math_oflowf): Likewise. (__math_uflowf): Likewise. (__math_may_uflowf): Likewise. (__math_divzerof): Likewise. (__math_invalidf): Likewise.
* libc: Extend __libc_freeres framework (Bug 23329).Carlos O'Donell2018-06-2926-53/+245
| | | | | | | | | | | | | | | | | | | | | | | | | The __libc_freeres framework does not extend to non-libc.so objects. This causes problems in general for valgrind and mtrace detecting unfreed objects in both libdl.so and libpthread.so. This change is a pre-requisite to properly moving the malloc hooks out of malloc since such a move now requires precise accounting of all allocated data before destructors are run. This commit adds a proper hook in libc.so.6 for both libdl.so and for libpthread.so, this ensures that shm-directory.c which uses freeit () to free memory is called properly. We also remove the nptl_freeres hook and fall back to using weak-ref-and-check idiom for a loaded libpthread.so, thus making this process similar for all DSOs. Lastly we follow best practice and use explicit free calls for both libdl.so and libpthread.so instead of the generic hook process which has undefined order. Tested on x86_64 with no regressions. Signed-off-by: DJ Delorie <dj@redhat.com> Signed-off-by: Carlos O'Donell <carlos@redhat.com>
* Add long double input for strfmon testRajalakshmi Srinivasaraghavan2018-06-302-10/+32
| | | | | | | This patch adds long double type inputs in strfmon_l test which will help in long double migration. Tested for powerpc64le.
* New locale: Lower Sorbian (dsb_DE) [BZ #23208]Michael Wolf2018-06-294-0/+261
| | | | | | [BZ #23208] * localedata/SUPPORTED (dsb_DE/UTF-8): New entry. * localedata/locales/dsb_DE: New file.
* hy_AM: Add alternative month names (bug 23140).Rafal Luzynski2018-06-293-13/+32
| | | | | | | | | | | | | This locale already contained correct data in mon array. Updated from CLDR to start the month names with the lowercase letters. alt_mon is a new import from CLDR. The change has been consulted off-list with a native speaker. [BZ #23140] * localedata/locales/hy_AM (mon): Synchronize with CLDR (lowercase, genitive case). (alt_mon): New entry, import from CLDR (nominative case).
* es_BO locale: Change LC_PAPER to en_US (bug 22996).Sylvain Lesage2018-06-292-1/+6
| | | | | [BZ #22996] * localedata/locales/es_BO (LC_PAPER): Change to “copy "en_US"”.
* aarch64,falkor: Use vector registers for memcpySiddhesh Poyarekar2018-06-292-72/+68
| | | | | | | | | | | Vector registers perform better than scalar register pairs for copying data so prefer them instead. This results in a time reduction of over 50% (i.e. 2x speed improvemnet) for some smaller sizes for memcpy-walk. Larger sizes show improvements of around 1% to 2%. memcpy-random shows a very small improvement, in the range of 1-2%. * sysdeps/aarch64/multiarch/memcpy_falkor.S (__memcpy_falkor): Use vector registers.
* aarch64,falkor: Use vector registers for memmoveSiddhesh Poyarekar2018-06-292-105/+93
| | | | | | | | | | | Vector registers perform much better for moves compared to pairs of registers on falkor, so use them instead. This results in a time reduction of up to 50% (i.e. 2x improvement) for a lot of the smaller sizes, i.e. up to 1K in memmove-walk. Improvements for larger sizes are smaller, at about 1%-2%. * sysdeps/aarch64/multiarch/memmove_falkor.S (__memcpy_falkor): Use vector registers.
* Document interaction with GCC built-ins in the Customizing PrintfMartin Sebor2018-06-292-4/+17
| | | | section of the manual.
* elf: Accept absolute (SHN_ABS) symbols whose value is zero [BZ #23307]Maciej W. Rozycki2018-06-296-2/+85
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We have this condition in `check_match' (in elf/dl-lookup.c): if (__glibc_unlikely ((sym->st_value == 0 /* No value. */ && stt != STT_TLS) || ELF_MACHINE_SYM_NO_MATCH (sym) || (type_class & (sym->st_shndx == SHN_UNDEF)))) return NULL; which causes all !STT_TLS symbols whose value is zero to be silently ignored in lookup. This may make sense for regular symbols, however not for absolute (SHN_ABS) ones, where zero is like any value, there's no special meaning attached to it. Consequently legitimate programs fail, for example taking the `elf/tst-absolute-sym' test case, substituting 0 for 0x55aa in `elf/tst-absolute-sym-lib.lds' and then trying to run the resulting program we get this: $ .../elf/tst-absolute-sym .../elf/tst-absolute-sym: symbol lookup error: .../elf/tst-absolute-sym-lib.so: undefined symbol: absolute $ even though the symbol clearly is there: $ readelf --dyn-syms .../elf/tst-absolute-sym-lib.so | grep '\babsolute\b' 7: 00000000 0 NOTYPE GLOBAL DEFAULT ABS absolute $ The check for the zero value has been there since forever or commit d66e34cd4234/08162fa88891 ("Implemented runtime dynamic linker to support ELF shared libraries.") dating back to May 2nd 1995, and the problem triggers regardless of commit e7feec374c63 ("elf: Correct absolute (SHN_ABS) symbol run-time calculation [BZ #19818]") being present or not. Fix the issue then, by permitting `sym->st_value' to be 0 for SHN_ABS symbols in lookup. [BZ #23307] * elf/dl-lookup.c (check_match): Do not reject a symbol whose `st_value' is 0 if `st_shndx' is SHN_ABS. * elf/tst-absolute-zero.c: New file. * elf/tst-absolute-zero-lib.c: New file. * elf/tst-absolute-zero-lib.lds: New file. * elf/Makefile (tests): Add `tst-absolute-zero'. (modules-names): Add `tst-absolute-zero-lib'. (LDLIBS-tst-absolute-zero-lib.so): New variable. ($(objpfx)tst-absolute-zero-lib.so): New dependency. ($(objpfx)tst-absolute-zero: New dependency.
* New configure option --disable-crypt.Zack Weinberg2018-06-2912-19/+123
| | | | | | | | Some Linux distributions are experimenting with a new, separately maintained and hopefully more agile implementation of the crypt API. To facilitate this, add a configure option which disables glibc's embedded libcrypt. When this option is given, libcrypt.* and crypt.h will not be built nor installed.
* manual: Revise crypt.texi.Zack Weinberg2018-06-2918-226/+426
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is a major rewrite of the description of 'crypt', 'getentropy', and 'getrandom'. A few highlights of the content changes: - Throughout the manual, public headers, and user-visible messages, I replaced the term "password" with "passphrase", the term "password database" with "user database", and the term "encrypt(ion)" with "(one-way) hashing" whenever it was applied to passphrases. I didn't bother making this change in internal code or tests. The use of the term "password" in ruserpass.c survives, because that refers to a keyword in netrc files, but it is adjusted to make this clearer. There is a note in crypt.texi explaining that they were traditionally called passwords but single words are not good enough anymore, and a note in users.texi explaining that actual passphrase hashes are found in a "shadow" database nowadays. - There is a new short introduction to the "Cryptographic Functions" section, explaining how we do not intend to be a general-purpose cryptography library, and cautioning that there _are_, or have been, legal restrictions on the use of cryptography in many countries, without getting into any kind of detail that we can't promise to keep up to date. - I added more detail about what a "one-way function" is, and why they are used to obscure passphrases for storage. I removed the paragraph saying that systems not connected to a network need no user authentication, because that's a pretty rare situation nowadays. (It still says "sometimes it is necessary" to authenticate the user, though.) - I added documentation for all of the hash functions that glibc actually supports, but not for the additional hash functions supported by libxcrypt. If we're going to keep this manual section around after the transition is more advanced, it would probably make sense to add them then. - There is much more detailed discussion of how to generate a salt, and the failure behavior for crypt is documented. (Returning an invalid hash on failure is what libxcrypt does; Solar Designer's notes say that this was done "for compatibility with old programs that assume crypt can never fail".) - As far as I can tell, the header 'crypt.h' is entirely a GNU invention, and never existed on any other Unix lineage. The function 'crypt', however, was in Issue 1 of the SVID and is now in the XSI component of POSIX. I tried to make all of the @standards annotations consistent with this, but I'm not sure I got them perfectly right. - The genpass.c example has been improved to use getentropy instead of the current time to generate the salt, and to use a SHA-256 hash instead of MD5. It uses more random bytes than is strictly necessary because I didn't want to complicate the code with proper base64 encoding. - The testpass.c example has three hardwired hashes now, to demonstrate that different one-way functions produce different hashes for the same input. It also demonstrates how DES hashing only pays attention to the first eight characters of the input. - There is new text explaining in more detail how a CSPRNG differs from a regular random number generator, and how getentropy/getrandom are not exactly a CSPRNG. I tried not to make specific falsifiable claims here. I also tried to make the blocking/cancellation/error behavior of both getentropy and getrandom clearer.
* manual: Reorganize crypt.texi.Zack Weinberg2018-06-293-119/+81
| | | | | | | | | | | | | | | | | | In preparation for a major revision of the documentation for crypt(_r), getentropy, and getrandom, reorganize crypt.texi. This patch does not change any text; it only deletes and moves text. The description of 'getpass' moves to terminal.texi, since all it does is read a password from the controlling terminal with echo disabled. The "Legal Problems" section of crypt.texi is dropped, and the introductory text is shifted down to the "Encrypting Passwords" section; the next patch will add some new introductory text. Also, it is no longer true that crypt.texi's top @node needs to have no pointers. That was a vestige of crypt/ being an add-on. (makeinfo itself doesn't need @node pointers anymore, but the scripts that assemble the libc manual's topmost node rely on each chapter-level node having them.)
* Disallow use of DES encryption functions in new programs.Zack Weinberg2018-06-2916-303/+142
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The functions encrypt, setkey, encrypt_r, setkey_r, cbc_crypt, ecb_crypt, and des_setparity should not be used in new programs, because they use the DES block cipher, which is unacceptably weak by modern standards. Demote all of them to compatibility symbols, and remove their prototypes from installed headers. cbc_crypt, ecb_crypt, and des_setparity were already compat symbols when glibc was configured with --disable-obsolete-rpc. POSIX requires encrypt and setkey to be available when _XOPEN_CRYPT is defined, so this change also removes the definition of X_OPEN_CRYPT from <unistd.h>. The entire "DES Encryption" section is dropped from the manual, as is the mention of AUTH_DES and FIPS 140-2 in the introduction to crypt.texi. The documentation of 'memfrob' cross-referenced the DES Encryption section, which is replaced by a hyperlink to libgcrypt, and while I was in there I spruced up the actual documentation of 'memfrob' and 'strfry' a little. It's still fairly jokey, because those functions _are_ jokes, but they do also have real use cases, so people trying to use them for real should have all the information they need. DES-based authentication for Sun RPC is also insecure and should be deprecated or even removed, but maybe that can be left as TI-RPC's problem.
* malloc: Update heap dumping/undumping comments [BZ #23351]Florian Weimer2018-06-293-52/+16
| | | | | | Also remove a few now-unused declarations and definitions. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* ast_ES: Add alternative month names (bug 23140).Rafal Luzynski2018-06-293-4/+26
| | | | | | | [BZ #23140] * localedata/locales/ast_ES (mon): Rename to... (alt_mon): This. (mon): Import from CLDR (genitive case).
* getifaddrs: Don't return ifa entries with NULL names [BZ #21812]Daniel Alvarez2018-06-292-0/+15
| | | | | | | | | | | | | | | A lookup operation in map_newlink could turn into an insert because of holes in the interface part of the map. This leads to incorrectly set the name of the interface to NULL when the interface is not present for the address being processed (most likely because the interface was added between the RTM_GETLINK and RTM_GETADDR calls to the kernel). When such changes are detected by the kernel, it'll mark the dump as "inconsistent" by setting NLM_F_DUMP_INTR flag on the next netlink message. This patch checks this condition and retries the whole operation. Hopes are that next time the interface corresponding to the address entry is present in the list and correct name is returned.
* Fix documentation build with old makeinfoSzabolcs Nagy2018-06-282-1/+5
| | | | | | With old makeinfo '@code {' fails because of the extra space. * manual/llio.texi: Remove spurious space.
* Use _STRUCT_TIMESPEC as guard in <bits/types/struct_timespec.h> [BZ #23349]Florian Weimer2018-06-282-2/+9
| | | | | | | | | | After commit d76d3703551a362b472c866b5b6089f66f8daa8e ("Fix missing timespec definition for sys/stat.h (BZ #21371)") in combination with kernel UAPI changes, GCC sanitizer builds start to fail due to a conflicting definition of struct timespec in <linux/time.h>. Use _STRUCT_TIMESPEC as the header file inclusion guard, which is already checked in the kernel header, to support including <linux/time.h> and <sys/stat.h> in the same translation unit.
* ldbl-128ibm-compat: Introduce ieee128 symbolsRajalakshmi Srinivasaraghavan2018-06-287-0/+118
| | | | | | | | | | | | | | | | This patch adds __*ieee128 symbols for strfrom, strtold, strtold_l, wcstold and wcstold_l functions. Redirection from *l to *ieee128 will be handled in separate patch once we start building these new files. 2018-06-28 Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com> * sysdeps/ieee754/ldbl-128ibm-compat/Versions: Add __strfromieee128, __strtoieee128, __strtoieee128_l,__wcstoieee128 and __wcstoieee128_l. * sysdeps/ieee754/ldbl-128ibm-compat/strfromf128.c: New file. * sysdeps/ieee754/ldbl-128ibm-compat/strtof128.c: New file. * sysdeps/ieee754/ldbl-128ibm-compat/strtof128_l.c: New file. * sysdeps/ieee754/ldbl-128ibm-compat/wcstof128.c: New file. * sysdeps/ieee754/ldbl-128ibm-compat/wcstof128_l.c: New file.
* nisplus: Correct pwent parsing issue and resulting build error [BZ #23266]Maciej W. Rozycki2018-06-272-2/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Copy and null-terminate NIS+ password file UID and GID entries whose length is non-zero and are not terminated, in addition to empty ones, fixing a bug and a compilation issue causing an error with GCC 8: nss_nisplus/nisplus-parser.c: In function '_nss_nisplus_parse_pwent': nss_nisplus/nisplus-parser.c:90:7: error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation] strncpy (first_unused, numstr, len); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ nss_nisplus/nisplus-parser.c:106:7: error: 'strncpy' destination unchanged after copying no bytes [-Werror=stringop-truncation] strncpy (first_unused, numstr, len); ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ introduced with commit ac05397075f6: commit ac05397075f621cfdbe1db527c96167a58b6d18e Author: Ulrich Drepper <drepper@redhat.com> Date: Sun Apr 30 07:01:26 2006 +0000 * nis/nss_nisplus/nisplus-parser.c: Minor optimizations and cleanups. Avoid copying data if it can be used in the old place. (no mailing list reference available). Obviously regardless of the recently added compiler diagnostics causing a build error this code has been long non-functional, so I guess NIS+ servers have been supplying strings that are non-empty and have already been null-terminated. Which in turn made it unnecessary to make a null-terminated copy, masking this bug. [BZ #23266] * nis/nss_nisplus/nisplus-parser.c (_nss_nisplus_parse_pwent): Copy and null-terminate entries that are not terminated, in addition to empty ones.
* Remove macros extend_alloca, extend_alloca_account [BZ #18023]Florian Weimer2018-06-273-41/+7
| | | | | The unused macro definition in posix/glob.c comes from gnulib and will have to be removed there.
* Remove nptl/sockperf.c.Joseph Myers2018-06-272-593/+4
| | | | | | | | | | | | This patch removes nptl/sockperf.c, an unused, x86-specific program with a hardcoded path in /tmp. If someone finds some of this code in future for adding a proper benchmark, that does not of course rule out adding it back in that form, but for now I think it's best to eliminate this code with the hardcoded /tmp path. Tested for x86_64. * nptl/sockperf.c: Remove file.
* _dl_map_object_deps: Use struct scratch_buffer [BZ #18023]Florian Weimer2018-06-272-12/+22
| | | | | | The function comment suggests that _dl_map_object_deps cannot use malloc, but it already allocates the l_initfini array on the heap, so the additional allocation should be acceptable.
* gethostid (Linux variant): Switch to struct scratch_buffer [BZ #18023]Florian Weimer2018-06-272-17/+37
| | | | | Previously, extend_alloca was used without alloca accounting, which could have been problematic with large NSS results.
* wordexp: Rewrite parse_tilde to use struct scratch_buffer [BZ #18023]Florian Weimer2018-06-272-17/+35
|
* Revert hurd errno.h changesAdhemerval Zanella2018-06-261-9/+0
| | | | Patch 06ab719d30b01 wrongly added mach errno.h changes.
* Fix hardcoded /tmp paths in testing (bug 13888).Joseph Myers2018-06-2611-18/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | As noted in bug 13888, and as I noted previously in <https://sourceware.org/ml/libc-alpha/2000-10/msg00111.html>, various tests used hardcoded paths in /tmp, so posing issues for simultaneous test runs from different build directories. This patch fixes such uses of hardcoded file names to put them in the build directory instead (in the case of stdio-common/bug5 the file names are changed as well, to avoid a conflict with the name bug5.out also used for the automatic test output redirection). It also fixes test-installation.pl likewise (that was using filenames with $$ in them rather than strictly hardcoded names, but that's still not good practice for temporary file naming). Note that my list of files changed is not identical to that in bug 13888. I added tst-spawn3.c and test-installation.pl, and removed some tests that seem to me (now) to create temporary files securely (simply using /tmp is not itself a problem if the temporary files are handled properly with mkstemp; I haven't checked whether those tests used to do things insecurely). conformtest is not changed because the makefiles always pass a --tmpdir option so the /tmp default is irrelevant, and for the same reason there is no actual problem with nptl/tst-umask1.c because again the makefiles always override the default. nptl/sockperf.c is ignored because there is no code to run it; probably that file should actually be removed. Some tests use the mktemp function, but I think they all use it in a way that *is* secure (for generating names for directories / sockets / fifos / symlinks, where the operation using the name will not follow symlinks and so there is no potential for a symlink attack on the account running the testsuite). Some tests use the tmpnam function to generate temporary file names. This is in principle insecure, but not addressed by this patch (I consider it a separate issue from the fully hardcoded paths). Tested for x86_64. [BZ #13888] * posix/Makefile (CFLAGS-tst-spawn3.c): New variable. * posix/tst-spawn3.c (do_test): Put tst-spwan3.pid in OBJPFX, not /tmp. * scripts/test-installation.pl: Put temporary files in build directory, not /tmp. * stdio-common/Makefile (CFLAGS-bug3.c): New variable. (CFLAGS-bug4.c): Likewise. (CFLAGS-bug5.c): Likewise. (CFLAGS-test-fseek.c): Likewise. (CFLAGS-test-popen.c): Likewise. (CFLAGS-test_rdwr.c): Likewise. * stdio-common/bug3.c (main): Put temporary file in OBJPFX, not /tmp. * stdio-common/bug4.c (main): Likewise. * stdio-common/bug5.c (main): Likewise. * stdio-common/test-fseek.c (TESTFILE): Likewise. * stdio-common/test-popen.c (do_test): Likewise. * stdio-common/test_rdwr.c (main): Likewise.
* In sem_open.c, pad was not initialized when __HAVE_64B_ATOMICS wasPatsy Franklin2018-06-262-2/+8
| | | | | | | | | | true. On some arches this caused valgrind to warn about uninitialized bytes when the struct was written to the file system. This patch moves the initialization of pad outside of the conditional. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Fix Linux fcntl OFD locks for non-LFS architectures (BZ#20251)Adhemerval Zanella2018-06-2651-35/+519
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch fixes the OFD ("file private") locks for architectures that support non-LFS flock definition (__USE_FILE_OFFSET64 not defined). The issue in this case is both F_OFD_{GETLK,SETLK,SETLKW} and F_{SET,GET}L{W}K64 expects a flock64 argument and when using old F_OFD_* flags with a non LFS flock argument the kernel might interpret the underlying data wrongly. Kernel idea originally was to avoid using such flags in non-LFS syscall, but since GLIBC uses fcntl with LFS semantic as default it is possible to provide the functionality and avoid the bogus struct kernel passing by adjusting the struct manually for the required flags. The idea follows other LFS interfaces that provide two symbols: 1. A new LFS fcntl64 is added on default ABI with the usual macros to select it for FILE_OFFSET_BITS=64. 2. The Linux non-LFS fcntl use a stack allocated struct flock64 for F_OFD_{GETLK,SETLK,SETLKW} copy the results on the user provided struct. 3. Keep a compat symbol with old broken semantic for architectures that do not define __OFF_T_MATCHES_OFF64_T. So for architectures which defines __USE_FILE_OFFSET64, fcntl64 will aliased to fcntl and no adjustment would be required. So to actually use F_OFD_* with LFS support the source must be built with LFS support (_FILE_OFFSET_BITS=64). Also F_OFD_SETLKW command is handled a cancellation point, as for F_SETLKW{64}. Checked on x86_64-linux-gnu and i686-linux-gnu. [BZ #20251] * NEWS: Mention fcntl64 addition. * csu/check_fds.c: Replace __fcntl_nocancel by __fcntl64_nocancel. * login/utmp_file.c: Likewise. * sysdeps/posix/fdopendir.c: Likewise. * sysdeps/posix/opendir.c: Likewise. * sysdeps/unix/pt-fcntl.c: Likewise. * include/fcntl.h (__libc_fcntl64, __fcntl64, __fcntl64_nocancel_adjusted): New prototype. (__fcntl_nocancel_adjusted): Remove prototype. * io/Makefile (routines): Add fcntl64. (CFLAGS-fcntl64.c): New rule. * io/Versions [GLIBC_2.28] (fcntl64): New symbol. [GLIBC_PRIVATE] (__libc_fcntl): Rename to __libc_fcntl64. * io/fcntl.h (fcntl64): Add prototype and redirect if __USE_FILE_OFFSET64 is defined. * io/fcntl64.c: New file. * manual/llio.text: Add a note for which commands fcntl acts a cancellation point. * nptl/Makefile (CFLAGS-fcntl64.c): New rule. * sysdeps/mach/hurd/fcntl.c: Alias fcntl to fcntl64 symbols. * sysdeps/mach/hurd/i386/libc.abilist [GLIBC_2.28] (fcntl, fcntl64): New symbols. * sysdeps/unix/sysv/linux/fcntl.c (__libc_fcntl): Fix F_GETLK64, F_OFD_GETLK, F_SETLK64, F_SETLKW64, F_OFD_SETLK, and F_OFD_SETLKW for non-LFS case. * sysdeps/unix/sysv/linux/fcntl64.c: New file. * sysdeps/unix/sysv/linux/fcntl_nocancel.c (__fcntl_nocancel): Rename to __fcntl64_nocancel. (__fcntl_nocancel_adjusted): Rename to __fcntl64_nocancel_adjusted. * sysdeps/unix/sysv/linux/not-cancel.h (__fcntl_nocancel): Rename to __fcntl64_nocancel. * sysdeps/unix/sysv/linux/tst-ofdlocks.c: New file. * sysdeps/unix/sysv/linux/tst-ofdlocks-compat.c: Likewise. * sysdeps/unix/sysv/linux/Makefile (tests): Add tst-ofdlocks. (tests-internal): Add tst-ofdlocks-compat. * sysdeps/unix/sysv/linux/aarch64/libc.abilist [GLIBC_2.28] (fcntl64): New symbol. * sysdeps/unix/sysv/linux/alpha/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/ia64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/powerpc/powerpc64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/powerpc/powerpc64/libc-le.abilist: Likewise. * sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/x86_64/64/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/arm/libc.abilist [GLIBC_2.28] (fcntl, fcntl64): Likewise. * sysdeps/unix/sysv/linux/hppa/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/i386/libc.abilis: Likewise. * sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/microblaze/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/nios2/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/sh/libc.abilist: Likewise. * sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist: Likewise.
* Run thread shutdown functions in an explicit orderFlorian Weimer2018-06-2614-46/+70
| | | | | | | This removes the __libc_thread_subfreeres hook in favor of explict calls. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* sunrpc: Remove always-defined _RPC_THREAD_SAFE_ macroFlorian Weimer2018-06-2614-69/+19
| | | | | | Header and C source file changes were generated using: unifdef -m -D_RPC_THREAD_SAFE_ include/rpc/rpc.h sunrpc/*.c
* libio: Add tst-vtables, tst-vtables-interposedFlorian Weimer2018-06-265-0/+586
|
* support: Add TEST_NO_SETVBUFFlorian Weimer2018-06-264-1/+14
| | | | | This is sometimes needed for testing stdio streams, where the setvbuf call in the test driver could interfere with the test.
* libio: Disable vtable validation in case of interposition [BZ #23313]Florian Weimer2018-06-262-0/+21
|
* nss_files: Use struct scratch_buffer instead of extend_alloca [BZ #18023]Florian Weimer2018-06-252-22/+16
|
* getent: Use dynarray in initgroups_keys [BZ #18023]Florian Weimer2018-06-252-10/+36
|
* _nss_nis_initgroups_dyn: Use struct scratch_buffer [BZ #18023]Florian Weimer2018-06-252-10/+23
| | | | Remove extend_alloca usage. Also adjusts the internal function get_uid.
* getgrent_next_nss (compat-initgroups): Remove alloca fallback [BZ #18023]Florian Weimer2018-06-252-25/+27
| | | | | | | | | | If the caller-supplied buffer is not large enough, fall back directly malloc. The previous __libc_use_alloca check was incorrect because it did not take into account that extend_alloca may fail to merge allocations, so it would underestimate the stack space being used by roughly a factor of two.
* nscd: Switch to struct scratch_buffer in adhstaiX [BZ #18023]Florian Weimer2018-06-252-34/+51
| | | | | | | | | | | | The pre-allocation of the three scratch buffers increased the initial stack size somewhat, but if retries are needed, the previous version used more stack space if extend_alloca could not merge allocations. Lack of alloca accounting also means could be problematic with extremely large NSS responses, too. [BZ #18023] * nscd/aicache.c (addhstaiX): Use struct scratch_buffer instead of extend_alloca.
* nscd: Use struct scratch_buffer, not extend_alloca in most caches [BZ #18023]Florian Weimer2018-06-255-152/+84
| | | | | | This replaces the ERANGE retry loops with loops which have heap fallback. Heap allocation might actually be required for extremely large NSS results.