about summary refs log tree commit diff
path: root/stdio-common
Commit message (Collapse)AuthorAgeFilesLines
* Update copyright dates with scripts/update-copyrightsPaul Eggert2024-01-01181-181/+181
|
* elf: Fix _dl_debug_vdprintf to work before self-relocationAdhemerval Zanella2023-11-212-0/+10
| | | | | | | | | | | | | The strlen might trigger and invalid GOT entry if it used before the process is self-relocated (for instance on dl-tunables if any error occurs). For i386, _dl_writev with PIE requires to use the old 'int $0x80' syscall mode because the calling the TLS register (gs) is not yet initialized. Checked on x86_64-linux-gnu. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* crypt: Remove libcrypt supportAdhemerval Zanella2023-10-301-2/+0
| | | | | | | | | | | | | | | | | | All the crypt related functions, cryptographic algorithms, and make requirements are removed, with only the exception of md5 implementation which is moved to locale folder since it is required by localedef for integrity protection (libc's locale-reading code does not check these, but localedef does generate them). Besides thec code itself, both internal documentation and the manual is also adjusted. This allows to remove both --enable-crypt and --enable-nss-crypt configure options. Checked with a build for all affected ABIs. Co-authored-by: Zack Weinberg <zack@owlfolio.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* C2x scanf %wN, %wfN supportJoseph Myers2023-09-284-0/+552
| | | | | | | | | ISO C2x defines scanf length modifiers wN (for intN_t / int_leastN_t / uintN_t / uint_leastN_t) and wfN (for int_fastN_t / uint_fastN_t). Add support for those length modifiers, similar to the printf support previously added. Tested for x86_64 and x86.
* fxprintf: Get rid of allocaJoe Simmons-Talbott2023-08-151-8/+6
| | | | | | | Use a scratch_buffer rather than alloca/malloc to avoid potential stack overflow. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* vfprintf-internal: Get rid of alloca.Joe Simmons-Talbott2023-08-012-1/+152
| | | | | | | | | Avoid potential stack overflow from unbounded alloca. Use the existing scratch_buffer instead. Add testcases to exercise the code as suggested by Adhemerval Zanella Netto. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* vfscanf-internal: Remove potentially unbounded allocasAdhemerval Zanella2023-07-063-17/+115
| | | | | | | | | | | Some locales define a list of mapping pairs of alternate digits and separators for input digits (to_inpunct). This require the scanf to create a list of all possible inputs for the optional type modifier 'I'. Checked on x86_64-linux-gnu. Reviewed-by: Joe Simmons-Talbott <josimmon@redhat.com>
* Exclude routines from fortificationFrédéric Bérat2023-07-051-1/+14
| | | | | | | | | | | | | | | | | Since the _FORTIFY_SOURCE feature uses some routines of Glibc, they need to be excluded from the fortification. On top of that: - some tests explicitly verify that some level of fortification works appropriately, we therefore shouldn't modify the level set for them. - some objects need to be build with optimization disabled, which prevents _FORTIFY_SOURCE to be used for them. Assembler files that implement architecture specific versions of the fortified routines were not excluded from _FORTIFY_SOURCE as there is no C header included that would impact their behavior. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* stdio-common: tests: Incorrect maxlen parameter for swprintfFrederic Berat2023-06-222-11/+12
| | | | | | | Few tests using swprintf are passing incorrect maxlen parameter. This triggers an abort when _FORTIFY_SOURCE is enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* C2x scanf %b supportJoseph Myers2023-06-192-4/+212
| | | | | | | | | | | | ISO C2x defines scanf %b for input of binary integers (with an optional 0b or 0B prefix). Implement such support, along with the corresponding SCNb* macros in <inttypes.h>. Unlike the support for binary integers with 0b or 0B prefix with scanf %i, this is supported in all versions of scanf (independent of the standards mode used for compilation), because there are no backwards compatibility concerns (%b wasn't previously a supported format) the way there were for %i. Tested for x86_64 and x86.
* C2x printf %wN, %wfN support (bug 24466)Joseph Myers2023-06-197-15/+799
| | | | | | | | | | | | | | | | | | ISO C2x defines printf length modifiers wN (for intN_t / int_leastN_t / uintN_t / uint_leastN_t) and wfN (for int_fastN_t / uint_fastN_t). Add support for those length modifiers (such a feature was previously requested in bug 24466). scanf support is to be added separately. GCC 13 has format checking support for these modifiers. When used with the support for registering format specifiers, these modifiers are translated to existing flags in struct printf_info, rather than trying to add some way of distinguishing them without breaking the printf_info ABI. C2x requires an error to be returned for unsupported values of N; this is implemented for printf-family functions, but the parse_printf_format interface doesn't support error returns, so such an error gets discarded by that function. Tested for x86_64 and x86.
* tests: replace fgets by xfgetsFrederic Berat2023-06-131-7/+4
| | | | | | With fortification enabled, fgets calls return result needs to be checked, has it gets the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* tests: replace fread by xfreadFrederic Berat2023-06-135-9/+20
| | | | | | With fortification enabled, fread calls return result needs to be checked, has it gets the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* tests: fix warn unused result on asprintf callsFrédéric Bérat2023-06-063-5/+8
| | | | | | | When enabling _FORTIFY_SOURCE, some functions now lead to warnings when their result is not checked. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* Fix a few more typos I missed in previous round -- BZ 25337Paul Pluzhnikov2023-06-021-1/+1
|
* Fix all the remaining misspellings -- BZ 25337Paul Pluzhnikov2023-06-026-10/+10
|
* tests: fix warn unused resultsFrédéric Bérat2023-06-013-8/+23
| | | | | | With fortification enabled, few function calls return result need to be checked, has they get the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* tests: replace ftruncate by xftruncateFrédéric Bérat2023-06-011-1/+2
| | | | | | | With fortification enabled, ftruncate calls return result needs to be checked, has it gets the __wur macro enabled. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* stdio-common: Adjust tests in MakefileCarlos O'Donell2023-05-186-22/+22
| | | | | | | | | Sort tests against updated scripts/sort-makefile-lines.py. No changes in generated code. No regressions on x86_64 and i686. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* stdio-common: Reformat Makefile.Carlos O'Donell2023-05-161-10/+20
| | | | | | | | | | Reflow Makefile. Sort using scripts/sort-makefile-lines.py. Code generation is changed as routines are linked in sorted order as expected. No regressions on x86_64 and i686.
* stdio-common: Fix building when !IS_IN (libc)Sergey Bugaev2023-04-031-0/+2
| | | | | | | | In this case, _itoa_word () is already defined inline in the header (see sysdeps/generic/_itoa.h), and the second definition causes an error. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Message-Id: <20230319151017.531737-11-bugaevc@gmail.com>
* libio: Remove the usage of __libc_IO_vtablesAdhemerval Zanella Netto2023-03-272-52/+4
| | | | | | | | | | | | | | Instead of using a special ELF section along with a linker script directive to put the IO vtables within the RELRO section, the libio vtables are all moved to an array marked as data.relro (so linker will place in the RELRO segment without the need of extra directives). To avoid static linking namespace issues and including all vtable referenced objects, all required function pointers are set to weak alias. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* libio: Do not autogenerate stdio_lim.hAdhemerval Zanella Netto2023-03-271-39/+0
| | | | | | | | | | | | | Instead define the required fields in system dependend files. The only system dependent definition is FILENAME_MAX, which should match POSIX PATH_MAX, and it is obtained from either kernel UAPI or mach headers. Currently set pre-defined value from current kernels. It avoids a circular dependendy when including stdio.h in gen-as-const-headers files. Checked on x86_64-linux-gnu and i686-linux-gnu Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* Move libc_freeres_ptrs and libc_subfreeres to hidden/weak functionsAdhemerval Zanella Netto2023-03-273-5/+10
| | | | | | | | | | | | | | | | | | | | They are both used by __libc_freeres to free all library malloc allocated resources to help tooling like mtrace or valgrind with memory leak tracking. The current scheme uses assembly markers and linker script entries to consolidate the free routine function pointers in the RELRO segment and to be freed buffers in BSS. This patch changes it to use specific free functions for libc_freeres_ptrs buffers and call the function pointer array directly with call_function_static_weak. It allows the removal of both the internal macros and the linker script sections. Checked on x86_64-linux-gnu, i686-linux-gnu, and aarch64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
* stdio-common: tests: don't double-define _FORTIFY_SOURCESam James2023-03-271-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Exactly the same as 35bcb08eaa953c9b8bef6ab2486dc4361e1f26c0. If using -D_FORITFY_SOURCE=3 (in my case, I've patched GCC to add =3 instead of =2 (we've done =2 for years in Gentoo)), building glibc tests will fail on tst-bz11319-fortify2 like: ``` <command-line>: error: "_FORTIFY_SOURCE" redefined [-Werror] <built-in>: note: this is the location of the previous definition cc1: all warnings being treated as errors ``` It's just because we're always setting -D_FORTIFY_SOURCE=2 rather than unsetting it first. If F_S is already 2, it's harmless, but if it's another value (say, 1, or 3), the compiler will bawk. (I'm not aware of a reason this couldn't be tested with =3, but the toolchain support is limited for that (too new), and we want to run the tests everywhere possible.) As Siddhesh noted previously, we could implement some fallback logic to determine the maximal F_S value supported by the toolchain, which is a bit easier now that autoconf-archive has been updated for F_S=3 (https://github.com/autoconf-archive/autoconf-archive/pull/269), but let's revisit this if it continues to crop up. Signed-off-by: Sam James <sam@gentoo.org> Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
* Update printf %b/%B C2x supportJoseph Myers2023-03-141-0/+53
| | | | | | | | | | | | | | | | WG14 recently accepted two additions to the printf/scanf %b/%B support: there are now PRIb* and SCNb* macros in <inttypes.h>, and printf %B is now an optional feature defined in normative text, instead of recommended practice, with corresponding PRIB* macros that can also be used to test whether that optional feature is supported. See N3072 items 14 and 15 for details (those changes were accepted, some other changes in that paper weren't). Add the corresponding PRI* macros to glibc and update one place in the manual referring to %B as recommended. (SCNb* should naturally be added at the same time as the corresponding scanf %b support.) Tested for x86_64 and x86.
* C2x scanf binary constant handlingJoseph Myers2023-03-0214-0/+530
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | C2x adds binary integer constants starting with 0b or 0B, and supports those constants for the %i scanf format (in addition to the %b format, which isn't yet implemented for scanf in glibc). Implement that scanf support for glibc. As with the strtol support, this is incompatible with previous C standard versions, in that such an input string starting with 0b or 0B was previously required to be parsed as 0 (with the rest of the input potentially matching subsequent parts of the scanf format string). Thus this patch adds 12 new __isoc23_* functions per long double format (12, 24 or 36 depending on how many long double formats the glibc configuration supports), with appropriate header redirection support (generally very closely following that for the __isoc99_* scanf functions - note that __GLIBC_USE (DEPRECATED_SCANF) takes precedence over __GLIBC_USE (C2X_STRTOL), so the case of GNU extensions to C89 continues to get old-style GNU %a and does not get this new feature). The function names would remain as __isoc23_* even if C2x ends up published in 2024 rather than 2023. When scanf %b support is added, I think it will be appropriate for all versions of scanf to follow C2x rules for inputs to the %b format (given that there are no compatibility concerns for a new format). Tested for x86_64 (full glibc testsuite). The first version was also tested for powerpc (32-bit) and powerpc64le (stdio-common/ and wcsmbs/ tests), and with build-many-glibcs.py.
* stdio: Do not ignore posix_spawn error on popen (BZ #29016)Adhemerval Zanella2023-02-142-0/+41
| | | | | | To correctly return error in case of default shell is not present. Checked on x86_64-linux-gnu.
* Account for grouping in printf width (bug 30068)Carlos O'Donell2023-02-063-5/+73
| | | | | | | | | This is a partial fix for mishandling of grouping when formatting integers. It properly computes the width in the presence of grouping characters when the width is larger than the number of significant digits. The precision related issue is documented in bug 23432. Co-authored-by: Andreas Schwab <schwab@suse.de>
* libio: Update number of written bytes in dprintf implementationFlorian Weimer2023-01-312-0/+46
| | | | | | | | | | | | The __printf_buffer_flush_dprintf function needs to record that the buffer has been written before reusing it. Without this accounting, dprintf always returns zero. Fixes commit 8ece45e4f586abd212d1c02d74d38ef681a45600 ("libio: Convert __vdprintf_internal to buffers"). Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
* Account for octal marker in %#o formatAndreas Schwab2023-01-303-0/+56
|
* Update copyright dates with scripts/update-copyrightsJoseph Myers2023-01-06162-162/+162
|
* libio: Convert __vswprintf_internal to buffers (bug 27857)Florian Weimer2022-12-191-0/+6
| | | | | | | Always null-terminate the buffer and set E2BIG if the buffer is too small. This fixes bug 27857. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* libio: Convert __obstack_vprintf_internal to buffers (bug 27124)Florian Weimer2022-12-191-0/+4
| | | | | | This fixes bug 27124 because the problematic built-in vtable is gone. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* libio: Convert __vdprintf_internal to buffersFlorian Weimer2022-12-191-0/+4
| | | | | | | | | The internal buffer size is set to 2048 bytes. This is less than the original BUFSIZ value used by buffered_vfprintf before the conversion, but it hopefully covers all cases where write boundaries matter. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* libio: Convert __vasprintf_internal to buffersFlorian Weimer2022-12-191-0/+4
| | | | | | | | | | The buffer resizing algorithm is slightly different. The initial buffer is on the stack, and small buffers are directly allocated on the heap using the exact required size. The overhead of the additional copy is compensated by the lowered setup cost for buffers compared to libio streams. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* libio: Convert __vsprintf_internal to buffersFlorian Weimer2022-12-191-0/+4
| | | | Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Add lock optimization to vfprintf and vfwprintfFlorian Weimer2022-12-191-0/+8
| | | | | | | After the rewrite and the implicit unbuffered streams handling, this is very straightforward to add. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Convert vfprintf and related functions to buffersFlorian Weimer2022-12-195-1135/+720
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | vfprintf is entangled with vfwprintf (of course), __printf_fp, __printf_fphex, __vstrfmon_l_internal, and the strfrom family of functions. The latter use the internal snprintf functionality, so vsnprintf is converted as well. The simples conversion is __printf_fphex, followed by __vstrfmon_l_internal and __printf_fp, and finally __vfprintf_internal and __vfwprintf_internal. __vsnprintf_internal and strfrom* are mostly consuming the new interfaces, so they are comparatively simple. __printf_fp is a public symbol, so the FILE *-based interface had to preserved. The __printf_fp rewrite does not change the actual binary-to-decimal conversion algorithm, and digits are still not emitted directly to the target buffer. However, the staging buffer now uses bytes instead of wide characters, and one buffer copy is eliminated. The changes are at least performance-neutral in my testing. Floating point printing and snprintf improved measurably, so that this Lua script for i=1,5000000 do print(i, i * math.pi) end runs about 5% faster for me. To preserve fprintf performance for a simple "%d" format, this commit has some logic changes under LABEL (unsigned_number) to avoid additional function calls. There are certainly some very easy performance improvements here: binary, octal and hexadecimal formatting can easily avoid the temporary work buffer (the number of digits can be computed ahead-of-time using one of the __builtin_clz* built-ins). Decimal formatting can use a specialized version of _itoa_word for base 10. The existing (inconsistent) width handling between strfmon and printf is preserved here. __print_fp_buffer_1 would have to use __translated_number_width to achieve ISO conformance for printf. Test expectations in libio/tst-vtables-common.c are adjusted because the internal staging buffer merges all virtual function calls into one. In general, stack buffer usage is greatly reduced, particularly for unbuffered input streams. __printf_fp can still use a large buffer in binary128 mode for %g, though. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Add __translated_number_widthFlorian Weimer2022-12-192-0/+43
| | | | | | | This function will be used to compute the width of a number after i18n digit translation. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Add __printf_function_invokeFlorian Weimer2022-12-194-0/+104
| | | | | | | | | And __wprintf_function_invoke. These functions will be used to to call registered printf specifier callbacks on printf buffers after vfprintf and vfwprintf have been converted to buffers. The new implementation avoids alloca/variable length arrays. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Introduce buffers for implementing printfFlorian Weimer2022-12-1927-0/+1241
| | | | | | | | | | | | | | | | | | | | | | | | | | These buffers will eventually be used instead of FILE * objects to implement printf functions. The multibyte buffer is struct __printf_buffer, the wide buffer is struct __wprintf_buffer. To enable writing type-generic code, the header files printf_buffer-char.h and printf_buffer-wchar_t.h define the Xprintf macro differently, enabling Xprintf (buffer) to stand for __printf_buffer and __wprintf_buffer as appropriate. For common cases, macros like Xprintf_buffer are provided as a more syntactically convenient shortcut. Buffer-specific flush callbacks are implemented with a switch statement instead of a function pointer, to avoid hardening issues similar to those of libio vtables. struct __printf_buffer_as_file is needed to support custom printf specifiers because the public interface for that requires passing a FILE *, which is why there is a trapdoor back from these buffers to FILE * streams. Since the immediate user of these interfaces knows when processing has finished, there is no flush callback for the end of processing, only a flush callback for the intermediate buffer flush. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* locale: Implement struct grouping_iteratorFlorian Weimer2022-12-194-1/+461
| | | | | | | The iterator allows grouping while scanning forward through the digits. This enables emitting digits as they are processed. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
* stdio-common: Add missing dependencies (bug 29780)Andreas Schwab2022-11-211-2/+4
| | | | | Handle all object suffixes for dependencies of errlist-data and siglist objects.
* configure: Use -Wno-ignored-attributes if compiler warns about multiple aliasesAdhemerval Zanella2022-11-011-0/+2
| | | | | | | | | clang emits an warning when a double alias redirection is used, to warn the the original symbol will be used even when weak definition is overridden. However, this is a common pattern for weak_alias, where multiple alias are set to same symbol. Reviewed-by: Fangrui Song <maskray@google.com>
* Fix missing NUL terminator in stdio-common/scanf13 testSzabolcs Nagy2022-10-281-0/+1
| | | | | | | | sscanf is only defined on nul terminated string input, but '\0' was missing in this test which caused _IO_str_init_static_internal to read OOB on the stack when computing the bounds of the string. Reviewed-by: Florian Weimer <fweimer@redhat.com>
* tst-sprintf-errno: Update Hurd message lengthSamuel Thibault2022-09-171-1/+1
| | | | | | | 03ad444e8e08 ("mach: Fix incoherency between perror and strerror") fixesd the output of error messages, but tst-sprintf-errno.c was still checking the old (erroneous) format length. This updates the expected output length according to the 03ad444e8e08 fix.
* tst-sprintf-errno: Update Hurd message outputSamuel Thibault2022-09-111-1/+1
| | | | | | | 03ad444e8e08 ("mach: Fix incoherency between perror and strerror") fixesd the output of error messages, but tst-sprintf-errno.c was still checking the old (erroneous) format. This updates the expected output according to the 03ad444e8e08 fix.
* errlist: add missing entry for EDEADLOCK (bug 29545)Andreas Schwab2022-09-081-0/+8
| | | | | | | Some architectures (mips, powerpc and sparc) define separate values for EDEADLOCK and EDEADLK. Readd the errlist entry for EDEADLOCK for those configurations. Also use the dependency files from generating the auxiliary errlist and siglist files.
* Add test for bug 29530Andreas Schwab2022-08-292-0/+41
| | | | | | | This tests for a bug that was introduced in commit edc1686af0 ("vfprintf: Reuse work_buffer in group_number") and fixed as a side effect of commit 6caddd34bd ("Remove most vfprintf width/precision-dependent allocations (bug 14231, bug 26211).").