about summary refs log tree commit diff
path: root/debug/fortify_fail.c
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright dates with scripts/update-copyrights.Joseph Myers2020-01-011-1/+1
|
* Prefer https to http for gnu.org and fsf.org URLsPaul Eggert2019-09-071-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also, change sources.redhat.com to sourceware.org. This patch was automatically generated by running the following shell script, which uses GNU sed, and which avoids modifying files imported from upstream: sed -ri ' s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g ' \ $(find $(git ls-files) -prune -type f \ ! -name '*.po' \ ! -name 'ChangeLog*' \ ! -path COPYING ! -path COPYING.LIB \ ! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \ ! -path manual/texinfo.tex ! -path scripts/config.guess \ ! -path scripts/config.sub ! -path scripts/install-sh \ ! -path scripts/mkinstalldirs ! -path scripts/move-if-change \ ! -path INSTALL ! -path locale/programs/charmap-kw.h \ ! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \ ! '(' -name configure \ -execdir test -f configure.ac -o -f configure.in ';' ')' \ ! '(' -name preconfigure \ -execdir test -f preconfigure.ac ';' ')' \ -print) and then by running 'make dist-prepare' to regenerate files built from the altered files, and then executing the following to cleanup: chmod a+x sysdeps/unix/sysv/linux/riscv/configure # Omit irrelevant whitespace and comment-only changes, # perhaps from a slightly-different Autoconf version. git checkout -f \ sysdeps/csky/configure \ sysdeps/hppa/configure \ sysdeps/riscv/configure \ sysdeps/unix/sysv/linux/csky/configure # Omit changes that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines git checkout -f \ sysdeps/powerpc/powerpc64/ppc-mcount.S \ sysdeps/unix/sysv/linux/s390/s390-64/syscall.S # Omit change that caused a pre-commit check to fail like this: # remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
* Do not print backtraces on fatal glibc errorsFlorian Weimer2019-08-191-23/+3
| | | | | | | | | | | | | | | | | | | | If the process is in a bad state, we used to print backtraces in many cases. This is problematic because doing so could involve a lot of work, like loading libgcc_s using the dynamic linker, and this could itself be targeted by exploit writers. For example, if the crashing process was forked from a long-lived process, the addresses in the error message could be used to bypass ASLR. Commit ed421fca42fd9b4cab7c66e77894b8dd7ca57ed0 ("Avoid backtrace from __stack_chk_fail [BZ #12189]"), backtraces where no longer printed because backtrace_and_maps was always called with do_abort == 1. Rather than fixing this logic error, this change removes the backtrace functionality from the sources. With the prevalence of external crash handlers, it does not appear to be particularly useful. The crash handler may also destroy useful information for debugging. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Update copyright dates with scripts/update-copyrights.Joseph Myers2019-01-011-1/+1
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2018-01-011-1/+1
| | | | | | | * All files with FSF copyright notices: Update copyright dates using scripts/update-copyrights. * locale/programs/charmap-kw.h: Regenerated. * locale/programs/locfile-kw.h: Likewise.
* __fortify_fail: Remove internal_function attributeFlorian Weimer2017-08-131-2/+2
| | | | | __fortify_fail is called across DSO boundaries, so it should not use a non-standard calling convention.
* Avoid accessing corrupted stack from __stack_chk_fail [BZ #21752]H.J. Lu2017-07-241-4/+8
| | | | | | | | | | | | | | | | | __libc_argv[0] points to address on stack and __libc_secure_getenv accesses environment variables which are on stack. We should avoid accessing stack when stack is corrupted. This patch also renames function argument in __fortify_fail_abort from do_backtrace to need_backtrace to avoid confusion with do_backtrace from enum __libc_message_action. [BZ #21752] * debug/fortify_fail.c (__fortify_fail_abort): Don't pass down __libc_argv[0] if we aren't doing backtrace. Rename do_backtrace to need_backtrace. * sysdeps/posix/libc_fatal.c (__libc_message): Don't call __libc_secure_getenv if we aren't doing backtrace.
* Avoid backtrace from __stack_chk_fail [BZ #12189]H.J. Lu2017-07-111-2/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | __stack_chk_fail is called on corrupted stack. Stack backtrace is very unreliable against corrupted stack. __libc_message is changed to accept enum __libc_message_action and call BEFORE_ABORT only if action includes do_backtrace. __fortify_fail_abort is added to avoid backtrace from __stack_chk_fail. [BZ #12189] * debug/Makefile (CFLAGS-tst-ssp-1.c): New. (tests): Add tst-ssp-1 if -fstack-protector works. * debug/fortify_fail.c: Include <stdbool.h>. (_fortify_fail_abort): New function. (__fortify_fail): Call _fortify_fail_abort. (__fortify_fail_abort): Add a hidden definition. * debug/stack_chk_fail.c: Include <stdbool.h>. (__stack_chk_fail): Call __fortify_fail_abort, instead of __fortify_fail. * debug/tst-ssp-1.c: New file. * include/stdio.h (__libc_message_action): New enum. (__libc_message): Replace int with enum __libc_message_action. (__fortify_fail_abort): New hidden prototype. * malloc/malloc.c (malloc_printerr): Update __libc_message calls. * sysdeps/posix/libc_fatal.c (__libc_message): Replace int with enum __libc_message_action. Call BEFORE_ABORT only if action includes do_backtrace. (__libc_fatal): Update __libc_message call.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2017-01-011-1/+1
|
* Update copyright dates with scripts/update-copyrights.Joseph Myers2016-01-041-1/+1
|
* Convert miscellaneous function definitions to prototype style.Joseph Myers2015-10-201-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch converts various miscellaneous functions definitions in glibc, found with grep and not covered by my previous scripted conversions, from old-style K&R to prototype-style. These changes were made manually. This is not necessarily exhaustive as formatting variants may have prevented my grep from finding some such definitions. Regarding the changes to files from GMP, they may originally have been omitted when removing __STDC__ conditionals because of the files coming from another package, but (a) GMP no longer has __STDC__ conditionals there anyway and (b) we don't try to keep these files verbatim in sync with GMP (and there are licensing differences), so making the change to them in glibc seems reasonable. Tested for x86_64 and x86 (testsuite - this patch affects files containing assertions). * debug/fortify_fail.c (__fortify_fail): Convert to prototype-style function definition. Use internal_function. * libio/genops.c (save_for_backup): Convert to prototype-style function definition. * libio/wgenops.c (save_for_wbackup): Likewise. * login/grantpt.c (grantpt): Likewise. * login/ptsname.c (ptsname): Likewise. (__ptsname_r): Likewise. * login/unlockpt.c (unlockpt): Likewise. * mach/msgserver.c (__mach_msg_server): Likewise. * misc/efgcvt.c (__APPEND (FUNC_PREFIX, fcvt)): Likewise. (__APPEND (FUNC_PREFIX, ecvt)): Likewise. (__APPEND (FUNC_PREFIX, gcvt)): Likewise. * misc/efgcvt_r.c (__APPEND (FUNC_PREFIX, fcvt_r)): Likewise. (__APPEND (FUNC_PREFIX, ecvt_r)): Likewise. * nptl/cleanup_compat.c (_pthread_cleanup_push): Likewise. * nptl/cleanup_defer_compat.c (_pthread_cleanup_push_defer): Likewise. * nptl/libc_pthread_init.c (__libc_pthread_init): Likewise. Use internal_function. * nptl/pthread_atfork.c (__pthread_atfork): Convert to prototype-style function definition. * nptl/pthread_create.c (__pthread_create_2_1): Likewise. [SHLIB_COMPAT(libpthread, GLIBC_2_0, GLIBC_2_1)] (__pthread_create_2_0): Likewise. * nptl/pthread_key_create.c (__pthread_key_create): Likewise. * nptl/register-atfork.c (__register_atfork): Likewise. * posix/glob.c (glob): Likewise. * posix/regcomp.c (re_comp): Likewise. * posix/regexec.c (re_exec): Likewise. * stdlib/add_n.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/cmp.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/divmod_1.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/divrem.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/lshift.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/mod_1.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/mul.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/mul_n.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/rshift.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * stdlib/strtod.c (INTERNAL (STRTOF)): Convert to prototype-style function definition. (STRTOF): Likewise. * stdlib/strtod_l.c (__STRTOF): Likewise. * stdlib/strtol.c (INTERNAL (strtol)): Likewise. * stdlib/strtol_l.c (INTERNAL (__strtol_l)): Likewise. (__strtol_l): Likewise. * stdlib/sub_n.c [__STDC__]: Make code unconditional. [!__STDC__]: Remove conditional code. * string/memrchr.c (MEMRCHR): Convert to prototype-style function definition. * string/strcasecmp.c (LOCALE_PARAM_DECL): Remove macro. [USE_IN_EXTENDED_LOCALE_MODEL] (LOCALE_PARAM): Include argument type. (__strcasecmp): Convert to prototype-style function definition. * string/strncase.c (LOCALE_PARAM_DECL): Remove macro. [USE_IN_EXTENDED_LOCALE_MODEL] (LOCALE_PARAM): Include argument type. (__strncasecmp): Convert to prototype-style function definition. * sunrpc/pm_getport.c (__libc_rpc_getport): Likewise. * sunrpc/xdr.c (xdr_union): Likewise. * sunrpc/xdr_array.c (xdr_array): Likewise. * sunrpc/xdr_ref.c (xdr_reference): Likewise. * sysdeps/m68k/m680x0/fpu/s_atan.c (__CONCATX(__,FUNC)): Likewise. * sysdeps/m68k/m680x0/fpu/s_isinf.c (__CONCATX(__,FUNC)): Likewise. * sysdeps/m68k/m680x0/fpu/s_scalbn.c (__CONCATX(__scalbn,suffix): Likewise. * sysdeps/m68k/m680x0/fpu/s_sincos.c (CONCATX(__,FUNC)): Likewise. * sysdeps/unix/sysv/linux/i386/scandir64.c (__old_scandir64): Likewise. * time/strftime_l.c (LOCALE_PARAM_DECL): Remove macro. (LOCALE_PARAM_PROTO): Likewise. [_LIBC && USE_IN_EXTENDED_LOCALE_MODEL] (LOCALE_PARAM): Include argument type. (ut_argument_spec): Remove macro. (ut_argument_spec_iso): Rename to ut_argument_spec. (memcpy_lowcase): Use LOCALE_PARAM in declaration. Convert to prototype-style function definition. (memcpy_uppcase): Likewise. (__strftime_internal): Likewise. (my_strftime): Likewise. * time/strptime_l.c (LOCALE_PARAM_PROTO): Remove macro. (LOCALE_PARAM_DECL): Likewise. [_LIBC] (LOCALE_PARAM): Include argument type. (__strptime_internal): Convert to prototype-style function definition. (strptime): Likewise. * wcsmbs/wcscasecmp.c (LOCALE_PARAM_DECL): Remove macro. [USE_IN_EXTENDED_LOCALE_MODEL] (LOCALE_PARAM): Include argument type. (__wcscasecmp): Convert to prototype-style function definition. * wcsmbs/wcsncase.c (LOCALE_PARAM_DECL): Remove macro. [USE_IN_EXTENDED_LOCALE_MODEL] (LOCALE_PARAM): Include argument type. (__wcsncasecmp): Convert to prototype-style function definition.
* Update copyright dates with scripts/update-copyrights.Joseph Myers2015-01-021-1/+1
|
* Update copyright notices with scripts/update-copyrightsAllan McRae2014-01-011-1/+1
|
* Update copyright notices with scripts/update-copyrights.Joseph Myers2013-01-021-1/+1
|
* Replace FSF snail mail address with URLs.Paul Eggert2012-02-091-3/+2
|
* * rt/Versions (librt): Export __mq_open_2@@GLIBC_2.7.Ulrich Drepper2007-09-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * rt/Makefile (headers): Add bits/mqueue2.h. * rt/mqueue.h: Include bits/mqueue2.h if -D_FORTIFY_SOURCE=2, optimizing with GCC and __va_arg_pack_len is defined. * rt/bits/mqueue2.h: New file. * rt/mq_open.c (__mq_open): Renamed from mq_open. (mq_open): New strong_alias. (__mq_open_2): New function. * sysdeps/unix/sysv/linux/mq_open.c (__mq_open): Renamed from mq_open. (mq_open): New strong_alias. (__mq_open_2): New function. * debug/Versions (libc): Export __fortify_fail@@GLIBC_PRIVATE. * Versions.def (librt): Add GLIBC_2.7 version. * debug/fortify_fail.c (__fortify_fail): Add libc_hidden_def. * include/stdio.h (__fortify_fail): Add libc_hidden_proto. * misc/sys/cdefs.h (__errordecl, __va_arg_pack_len): Define. * io/fcntl.h: Include bits/fcntl2.h when __va_arg_pack_len is defined rather than when not C++. * io/bits/fcntl2.h (__open_alias, __open64_alias, __openat_alias, __openat64_alias): New redirects. (__open_too_many_args, __open_missing_mode, __open64_too_many_args, __open64_missing_mode, __openat_too_many_args, __openat_missing_mode, __openat64_too_many_args, __openat64_missing_mode): New __errordecls. (open, open64, openat, openat64): Rewrite as __extern_always_inline functions instead of function-like macros.
* * Makerules (sysd-rules): Define PTW for ptw-* files.Ulrich Drepper2007-05-241-0/+34
* Versions: Define GLIBC_2.7 for libc. * include/stdio.h: Declare __fortify_fail. * debug/fortify_fail.c: New file. * debug/Makefile (routines): Add fortify_fail. * debug/chk_fail.c: Use __fortify_fail. * debug/stack_chk_fail.c: Likewise. * io/Versions: Export __open_2, __open64_2, __openat_2, and __openat64_2 for GLIBC_2.7. * io/fcntl.h: When compiling with fortification, include bits/fcntl2.h. * io/open.c: Define *_2 variant of function which checks for O_CREAT and fails if necessary. * io/open64.c: Likewise. * io/openat.c: Likewise. * io/openat64.c: Likewise. * sysdeps/unix/sysv/linux/open64.c: Likewise. * sysdeps/unix/sysv/linux/openat.c: Likewise. * sysdeps/unix/sysv/linux/openat64.c: Likewise. * io/bits/fcntl2.h: New file. * include/fcntl.h: Declare __open_2, __open64_2, __openat_2, and __openat64_2. * include/bits/fcntl2.h: New file. * sysdeps/unix/sysv/linux/Makefile [subdir=io] (sysdep_routines): Add open_2. * sysdeps/unix/sysv/linux/open_2.c: New file.