From ea083daf78600ba7d2e069f01cdba2746a2c5637 Mon Sep 17 00:00:00 2001 From: GNU Libc Maintainers Date: Sun, 25 Aug 2024 20:16:17 +0200 Subject: [PATCH] git-updates GIT update of https://sourceware.org/git/glibc.git/release/2.40/master from glibc-2.40 GIT update of https://sourceware.org/git/glibc.git/release/2.40/master from glibc-2.40 Gbp-Pq: Name git-updates.diff --- ADVISORIES | 2 + NEWS | 11 ++ advisories/GLIBC-SA-2023-0001 | 14 -- advisories/GLIBC-SA-2023-0002 | 15 -- advisories/GLIBC-SA-2023-0003 | 15 -- advisories/GLIBC-SA-2023-0004 | 16 -- advisories/GLIBC-SA-2023-0005 | 18 -- advisories/GLIBC-SA-2024-0001 | 15 -- advisories/GLIBC-SA-2024-0002 | 15 -- advisories/GLIBC-SA-2024-0003 | 13 -- advisories/GLIBC-SA-2024-0004 | 28 --- advisories/GLIBC-SA-2024-0005 | 22 --- advisories/GLIBC-SA-2024-0006 | 32 --- advisories/GLIBC-SA-2024-0007 | 28 --- advisories/GLIBC-SA-2024-0008 | 26 --- advisories/README | 77 -------- include/libc-internal.h | 3 + libio/bits/stdio2.h | 40 ++-- malloc/Makefile | 8 + .../tst-aligned-alloc-random-thread-cross.c | 19 ++ malloc/tst-aligned-alloc-random-thread.c | 145 ++++++++++++++ malloc/tst-aligned_alloc-lib.c | 39 ++-- misc/Makefile | 2 + misc/tst-mremap1.c | 46 +++++ misc/tst-mremap2.c | 54 ++++++ resolv/Makefile | 6 + resolv/res_send.c | 31 +-- resolv/tst-resolv-semi-failure.c | 133 +++++++++++++ resolv/tst-resolv-short-response.c | 126 ++++++++++++ socket/bits/socket2.h | 20 +- stdlib/bits/stdlib.h | 10 +- string/Makefile | 6 +- string/strerror_l.c | 35 ++-- string/strsignal.c | 36 ++-- string/test-Xncmp-nonarray.c | 183 ++++++++++++++++++ string/test-Xnlen-nonarray.c | 133 +++++++++++++ string/test-strchr.c | 65 ++++++- string/test-strncmp-nonarray.c | 4 + string/test-strnlen-nonarray.c | 4 + support/test-driver.c | 1 + sysdeps/generic/mremap-failure.h | 25 +++ sysdeps/unix/sysv/linux/Makefile | 1 + sysdeps/unix/sysv/linux/mremap-failure.h | 30 +++ sysdeps/unix/sysv/linux/mremap.c | 14 +- sysdeps/unix/sysv/linux/tst-linux-mremap1.c | 63 ++++++ sysdeps/unix/sysv/linux/x86_64/dl-cet.h | 6 +- .../unix/sysv/linux/x86_64/x32/arch-syscall.h | 1 + .../sysv/linux/x86_64/x32/fixup-asm-unistd.h | 4 + sysdeps/x86/cpu-tunables.c | 1 + sysdeps/x86_64/dl-machine.h | 27 +-- sysdeps/x86_64/multiarch/strchr-evex-base.S | 8 +- sysdeps/x86_64/x32/dl-machine.h | 76 -------- wcsmbs/Makefile | 5 + wcsmbs/bits/wchar2.h | 56 +++--- wcsmbs/test-wcsncmp-nonarray.c | 5 + wcsmbs/test-wcsnlen-nonarray.c | 5 + 56 files changed, 1274 insertions(+), 549 deletions(-) create mode 100644 ADVISORIES delete mode 100644 advisories/GLIBC-SA-2023-0001 delete mode 100644 advisories/GLIBC-SA-2023-0002 delete mode 100644 advisories/GLIBC-SA-2023-0003 delete mode 100644 advisories/GLIBC-SA-2023-0004 delete mode 100644 advisories/GLIBC-SA-2023-0005 delete mode 100644 advisories/GLIBC-SA-2024-0001 delete mode 100644 advisories/GLIBC-SA-2024-0002 delete mode 100644 advisories/GLIBC-SA-2024-0003 delete mode 100644 advisories/GLIBC-SA-2024-0004 delete mode 100644 advisories/GLIBC-SA-2024-0005 delete mode 100644 advisories/GLIBC-SA-2024-0006 delete mode 100644 advisories/GLIBC-SA-2024-0007 delete mode 100644 advisories/GLIBC-SA-2024-0008 delete mode 100644 advisories/README create mode 100644 malloc/tst-aligned-alloc-random-thread-cross.c create mode 100644 malloc/tst-aligned-alloc-random-thread.c create mode 100644 misc/tst-mremap1.c create mode 100644 misc/tst-mremap2.c create mode 100644 resolv/tst-resolv-semi-failure.c create mode 100644 resolv/tst-resolv-short-response.c create mode 100644 string/test-Xncmp-nonarray.c create mode 100644 string/test-Xnlen-nonarray.c create mode 100644 string/test-strncmp-nonarray.c create mode 100644 string/test-strnlen-nonarray.c create mode 100644 sysdeps/generic/mremap-failure.h create mode 100644 sysdeps/unix/sysv/linux/mremap-failure.h create mode 100644 sysdeps/unix/sysv/linux/tst-linux-mremap1.c delete mode 100644 sysdeps/x86_64/x32/dl-machine.h create mode 100644 wcsmbs/test-wcsncmp-nonarray.c create mode 100644 wcsmbs/test-wcsnlen-nonarray.c diff --git a/ADVISORIES b/ADVISORIES new file mode 100644 index 000000000..d4e33f2df --- /dev/null +++ b/ADVISORIES @@ -0,0 +1,2 @@ +For the GNU C Library Security Advisories, see the git master branch: +https://sourceware.org/git/?p=glibc.git;a=tree;f=advisories;hb=HEAD diff --git a/NEWS b/NEWS index 31281ac40..10a125bc6 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,17 @@ See the end for copying conditions. Please send GNU C library bug reports via using `glibc' in the "product" field. +Version 2.40.1 + +The following bugs are resolved with this release: + + [30081] resolv: Do not wait for non-existing second DNS response after error + [31968] mremap implementation in C does not handle arguments correctly + [31890] resolv: Allow short error responses to match any DNS query + [31968] mremap implementation in C does not handle arguments correctly + [32026] strerror/strsignal TLS not handled correctly for secondary namespaces + [32052] Name space violation in fortify wrappers + Version 2.40 Major new features: diff --git a/advisories/GLIBC-SA-2023-0001 b/advisories/GLIBC-SA-2023-0001 deleted file mode 100644 index 3d19c91b6..000000000 --- a/advisories/GLIBC-SA-2023-0001 +++ /dev/null @@ -1,14 +0,0 @@ -printf: incorrect output for integers with thousands separator and width field - -When the printf family of functions is called with a format specifier -that uses an (enable grouping) and a minimum width -specifier, the resulting output could be larger than reasonably expected -by a caller that computed a tight bound on the buffer size. The -resulting larger than expected output could result in a buffer overflow -in the printf family of functions. - -CVE-Id: CVE-2023-25139 -Public-Date: 2023-02-02 -Vulnerable-Commit: e88b9f0e5cc50cab57a299dc7efe1a4eb385161d (2.37) -Fix-Commit: c980549cc6a1c03c23cc2fe3e7b0fe626a0364b0 (2.38) -Fix-Commit: 07b9521fc6369d000216b96562ff7c0ed32a16c4 (2.37-4) diff --git a/advisories/GLIBC-SA-2023-0002 b/advisories/GLIBC-SA-2023-0002 deleted file mode 100644 index 5122669a6..000000000 --- a/advisories/GLIBC-SA-2023-0002 +++ /dev/null @@ -1,15 +0,0 @@ -getaddrinfo: Stack read overflow in no-aaaa mode - -If the system is configured in no-aaaa mode via /etc/resolv.conf, -getaddrinfo is called for the AF_UNSPEC address family, and a DNS -response is received over TCP that is larger than 2048 bytes, -getaddrinfo may potentially disclose stack contents via the returned -address data, or crash. - -CVE-Id: CVE-2023-4527 -Public-Date: 2023-09-12 -Vulnerable-Commit: f282cdbe7f436c75864e5640a409a10485e9abb2 (2.36) -Fix-Commit: bd77dd7e73e3530203be1c52c8a29d08270cb25d (2.39) -Fix-Commit: 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f (2.36-113) -Fix-Commit: b7529346025a130fee483d42178b5c118da971bb (2.37-38) -Fix-Commit: b25508dd774b617f99419bdc3cf2ace4560cd2d6 (2.38-19) diff --git a/advisories/GLIBC-SA-2023-0003 b/advisories/GLIBC-SA-2023-0003 deleted file mode 100644 index d3aef8034..000000000 --- a/advisories/GLIBC-SA-2023-0003 +++ /dev/null @@ -1,15 +0,0 @@ -getaddrinfo: Potential use-after-free - -When an NSS plugin only implements the _gethostbyname2_r and -_getcanonname_r callbacks, getaddrinfo could use memory that was freed -during buffer resizing, potentially causing a crash or read or write to -arbitrary memory. - -CVE-Id: CVE-2023-4806 -Public-Date: 2023-09-12 -Fix-Commit: 973fe93a5675c42798b2161c6f29c01b0e243994 (2.39) -Fix-Commit: e09ee267c03e3150c2c9ba28625ab130705a485e (2.34-420) -Fix-Commit: e3ccb230a961b4797510e6a1f5f21fd9021853e7 (2.35-270) -Fix-Commit: a9728f798ec7f05454c95637ee6581afaa9b487d (2.36-115) -Fix-Commit: 6529a7466c935f36e9006b854d6f4e1d4876f942 (2.37-39) -Fix-Commit: 00ae4f10b504bc4564e9f22f00907093f1ab9338 (2.38-20) diff --git a/advisories/GLIBC-SA-2023-0004 b/advisories/GLIBC-SA-2023-0004 deleted file mode 100644 index 5286a7aa5..000000000 --- a/advisories/GLIBC-SA-2023-0004 +++ /dev/null @@ -1,16 +0,0 @@ -tunables: local privilege escalation through buffer overflow - -If a tunable of the form NAME=NAME=VAL is passed in the environment of a -setuid program and NAME is valid, it may result in a buffer overflow, -which could be exploited to achieve escalated privileges. This flaw was -introduced in glibc 2.34. - -CVE-Id: CVE-2023-4911 -Public-Date: 2023-10-03 -Vulnerable-Commit: 2ed18c5b534d9e92fc006202a5af0df6b72e7aca (2.34) -Fix-Commit: 1056e5b4c3f2d90ed2b4a55f96add28da2f4c8fa (2.39) -Fix-Commit: dcc367f148bc92e7f3778a125f7a416b093964d9 (2.34-423) -Fix-Commit: c84018a05aec80f5ee6f682db0da1130b0196aef (2.35-274) -Fix-Commit: 22955ad85186ee05834e47e665056148ca07699c (2.36-118) -Fix-Commit: b4e23c75aea756b4bddc4abcf27a1c6dca8b6bd3 (2.37-45) -Fix-Commit: 750a45a783906a19591fb8ff6b7841470f1f5701 (2.38-27) diff --git a/advisories/GLIBC-SA-2023-0005 b/advisories/GLIBC-SA-2023-0005 deleted file mode 100644 index cc4eb90b8..000000000 --- a/advisories/GLIBC-SA-2023-0005 +++ /dev/null @@ -1,18 +0,0 @@ -getaddrinfo: DoS due to memory leak - -The fix for CVE-2023-4806 introduced a memory leak when an application -calls getaddrinfo for AF_INET6 with AI_CANONNAME, AI_ALL and AI_V4MAPPED -flags set. - -CVE-Id: CVE-2023-5156 -Public-Date: 2023-09-25 -Vulnerable-Commit: e09ee267c03e3150c2c9ba28625ab130705a485e (2.34-420) -Vulnerable-Commit: e3ccb230a961b4797510e6a1f5f21fd9021853e7 (2.35-270) -Vulnerable-Commit: a9728f798ec7f05454c95637ee6581afaa9b487d (2.36-115) -Vulnerable-Commit: 6529a7466c935f36e9006b854d6f4e1d4876f942 (2.37-39) -Vulnerable-Commit: 00ae4f10b504bc4564e9f22f00907093f1ab9338 (2.38-20) -Fix-Commit: 8006457ab7e1cd556b919f477348a96fe88f2e49 (2.34-421) -Fix-Commit: 17092c0311f954e6f3c010f73ce3a78c24ac279a (2.35-272) -Fix-Commit: 856bac55f98dc840e7c27cfa82262b933385de90 (2.36-116) -Fix-Commit: 4473d1b87d04b25cdd0e0354814eeaa421328268 (2.37-42) -Fix-Commit: 5ee59ca371b99984232d7584fe2b1a758b4421d3 (2.38-24) diff --git a/advisories/GLIBC-SA-2024-0001 b/advisories/GLIBC-SA-2024-0001 deleted file mode 100644 index 28931c75a..000000000 --- a/advisories/GLIBC-SA-2024-0001 +++ /dev/null @@ -1,15 +0,0 @@ -syslog: Heap buffer overflow in __vsyslog_internal - -__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER -containing a long program name failed to update the required buffer -size, leading to the allocation and overflow of a too-small buffer on -the heap. - -CVE-Id: CVE-2023-6246 -Public-Date: 2024-01-30 -Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37) -Fix-Commit: 6bd0e4efcc78f3c0115e5ea9739a1642807450da (2.39) -Fix-Commit: 23514c72b780f3da097ecf33a793b7ba9c2070d2 (2.38-42) -Fix-Commit: 97a4292aa4a2642e251472b878d0ec4c46a0e59a (2.37-57) -Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16) -Fix-Commit: d1a83b6767f68b3cb5b4b4ea2617254acd040c82 (2.36-126) diff --git a/advisories/GLIBC-SA-2024-0002 b/advisories/GLIBC-SA-2024-0002 deleted file mode 100644 index 940bfcf2f..000000000 --- a/advisories/GLIBC-SA-2024-0002 +++ /dev/null @@ -1,15 +0,0 @@ -syslog: Heap buffer overflow in __vsyslog_internal - -__vsyslog_internal used the return value of snprintf/vsnprintf to -calculate buffer sizes for memory allocation. If these functions (for -any reason) failed and returned -1, the resulting buffer would be too -small to hold output. - -CVE-Id: CVE-2023-6779 -Public-Date: 2024-01-30 -Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37) -Fix-Commit: 7e5a0c286da33159d47d0122007aac016f3e02cd (2.39) -Fix-Commit: d0338312aace5bbfef85e03055e1212dd0e49578 (2.38-43) -Fix-Commit: 67062eccd9a65d7fda9976a56aeaaf6c25a80214 (2.37-58) -Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16) -Fix-Commit: 2bc9d7c002bdac38b5c2a3f11b78e309d7765b83 (2.36-127) diff --git a/advisories/GLIBC-SA-2024-0003 b/advisories/GLIBC-SA-2024-0003 deleted file mode 100644 index b43a5150a..000000000 --- a/advisories/GLIBC-SA-2024-0003 +++ /dev/null @@ -1,13 +0,0 @@ -syslog: Integer overflow in __vsyslog_internal - -__vsyslog_internal calculated a buffer size by adding two integers, but -did not first check if the addition would overflow. - -CVE-Id: CVE-2023-6780 -Public-Date: 2024-01-30 -Vulnerable-Commit: 52a5be0df411ef3ff45c10c7c308cb92993d15b1 (2.37) -Fix-Commit: ddf542da94caf97ff43cc2875c88749880b7259b (2.39) -Fix-Commit: d37c2b20a4787463d192b32041c3406c2bd91de0 (2.38-44) -Fix-Commit: 2b58cba076e912961ceaa5fa58588e4b10f791c0 (2.37-59) -Vulnerable-Commit: b0e7888d1fa2dbd2d9e1645ec8c796abf78880b9 (2.36-16) -Fix-Commit: b9b7d6a27aa0632f334352fa400771115b3c69b7 (2.36-128) diff --git a/advisories/GLIBC-SA-2024-0004 b/advisories/GLIBC-SA-2024-0004 deleted file mode 100644 index 08df2b311..000000000 --- a/advisories/GLIBC-SA-2024-0004 +++ /dev/null @@ -1,28 +0,0 @@ -ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence - -The iconv() function in the GNU C Library versions 2.39 and older may -overflow the output buffer passed to it by up to 4 bytes when converting -strings to the ISO-2022-CN-EXT character set, which may be used to -crash an application or overwrite a neighbouring variable. - -ISO-2022-CN-EXT uses escape sequences to indicate character set changes -(as specified by RFC 1922). While the SOdesignation has the expected -bounds checks, neither SS2designation nor SS3designation have its; -allowing a write overflow of 1, 2, or 3 bytes with fixed values: -'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. - -CVE-Id: CVE-2024-2961 -Public-Date: 2024-04-17 -Vulnerable-Commit: 755104edc75c53f4a0e7440334e944ad3c6b32fc (2.1.93-169) -Fix-Commit: f9dc609e06b1136bb0408be9605ce7973a767ada (2.40) -Fix-Commit: 31da30f23cddd36db29d5b6a1c7619361b271fb4 (2.39-31) -Fix-Commit: e1135387deded5d73924f6ca20c72a35dc8e1bda (2.38-66) -Fix-Commit: 89ce64b269a897a7780e4c73a7412016381c6ecf (2.37-89) -Fix-Commit: 4ed98540a7fd19f458287e783ae59c41e64df7b5 (2.36-164) -Fix-Commit: 36280d1ce5e245aabefb877fe4d3c6cff95dabfa (2.35-315) -Fix-Commit: a8b0561db4b9847ebfbfec20075697d5492a363c (2.34-459) -Fix-Commit: ed4f16ff6bed3037266f1fa682ebd32a18fce29c (2.33-263) -Fix-Commit: 682ad4c8623e611a971839990ceef00346289cc9 (2.32-140) -Fix-Commit: 3703c32a8d304c1ee12126134ce69be965f38000 (2.31-154) - -Reported-By: Charles Fol diff --git a/advisories/GLIBC-SA-2024-0005 b/advisories/GLIBC-SA-2024-0005 deleted file mode 100644 index a59596610..000000000 --- a/advisories/GLIBC-SA-2024-0005 +++ /dev/null @@ -1,22 +0,0 @@ -nscd: Stack-based buffer overflow in netgroup cache - -If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted -by client requests then a subsequent client request for netgroup data -may result in a stack-based buffer overflow. This flaw was introduced -in glibc 2.15 when the cache was added to nscd. - -This vulnerability is only present in the nscd binary. - -CVE-Id: CVE-2024-33599 -Public-Date: 2024-04-23 -Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15) -Fix-Commit: 69c58d5ef9f584ea198bd00f7964d364d0e6b921 (2.31-155) -Fix-Commit: a77064893bfe8a701770e2f53a4d33805bc47a5a (2.32-141) -Fix-Commit: 5c75001a96abcd50cbdb74df24c3f013188d076e (2.33-264) -Fix-Commit: 52f73e5c4e29b14e79167272297977f360ae1e97 (2.34-460) -Fix-Commit: 7a95873543ce225376faf13bb71c43dea6d24f86 (2.35-316) -Fix-Commit: caa3151ca460bdd9330adeedd68c3112d97bffe4 (2.36-165) -Fix-Commit: f75c298e747b2b8b41b1c2f551c011a52c41bfd1 (2.37-91) -Fix-Commit: 5968aebb86164034b8f8421b4abab2f837a5bdaf (2.38-72) -Fix-Commit: 1263d583d2e28afb8be53f8d6922f0842036f35d (2.39-35) -Fix-Commit: 87801a8fd06db1d654eea3e4f7626ff476a9bdaa (2.40) diff --git a/advisories/GLIBC-SA-2024-0006 b/advisories/GLIBC-SA-2024-0006 deleted file mode 100644 index d44148d3d..000000000 --- a/advisories/GLIBC-SA-2024-0006 +++ /dev/null @@ -1,32 +0,0 @@ -nscd: Null pointer crash after notfound response - -If the Name Service Cache Daemon's (nscd) cache fails to add a not-found -netgroup response to the cache, the client request can result in a null -pointer dereference. This flaw was introduced in glibc 2.15 when the -cache was added to nscd. - -This vulnerability is only present in the nscd binary. - -CVE-Id: CVE-2024-33600 -Public-Date: 2024-04-24 -Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15) -Fix-Commit: b048a482f088e53144d26a61c390bed0210f49f2 (2.40) -Fix-Commit: 7835b00dbce53c3c87bbbb1754a95fb5e58187aa (2.40) -Fix-Commit: c99f886de54446cd4447db6b44be93dabbdc2f8b (2.39-37) -Fix-Commit: 5a508e0b508c8ad53bd0d2fb48fd71b242626341 (2.39-36) -Fix-Commit: 2ae9446c1b7a3064743b4a51c0bbae668ee43e4c (2.38-74) -Fix-Commit: 541ea5172aa658c4bd5c6c6d6fd13903c3d5bb0a (2.38-73) -Fix-Commit: a8070b31043c7585c36ba68a74298c4f7af075c3 (2.37-93) -Fix-Commit: 5eea50c4402e39588de98aa1d4469a79774703d4 (2.37-92) -Fix-Commit: f205b3af56740e3b014915b1bd3b162afe3407ef (2.36-167) -Fix-Commit: c34f470a615b136170abd16142da5dd0c024f7d1 (2.36-166) -Fix-Commit: bafadc589fbe21ae330e8c2af74db9da44a17660 (2.35-318) -Fix-Commit: 4370bef52b0f3f3652c6aa13d7a9bb3ac079746d (2.35-317) -Fix-Commit: 1f94122289a9bf7dba573f5d60327aaa2b85cf2e (2.34-462) -Fix-Commit: 966d6ac9e40222b84bb21674cc4f83c8d72a5a26 (2.34-461) -Fix-Commit: e3eef1b8fbdd3a7917af466ca9c4b7477251ca79 (2.33-266) -Fix-Commit: f20a8d696b13c6261b52a6434899121f8b19d5a7 (2.33-265) -Fix-Commit: be602180146de37582a3da3a0caa4b719645de9c (2.32-143) -Fix-Commit: 394eae338199078b7961b051c191539870742d7b (2.32-142) -Fix-Commit: 8d7949183760170c61e55def723c1d8050187874 (2.31-157) -Fix-Commit: 304ce5fe466c4762b21b36c26926a4657b59b53e (2.31-156) diff --git a/advisories/GLIBC-SA-2024-0007 b/advisories/GLIBC-SA-2024-0007 deleted file mode 100644 index b6928fa27..000000000 --- a/advisories/GLIBC-SA-2024-0007 +++ /dev/null @@ -1,28 +0,0 @@ -nscd: netgroup cache may terminate daemon on memory allocation failure - -The Name Service Cache Daemon's (nscd) netgroup cache uses xmalloc or -xrealloc and these functions may terminate the process due to a memory -allocation failure resulting in a denial of service to the clients. The -flaw was introduced in glibc 2.15 when the cache was added to nscd. - -This vulnerability is only present in the nscd binary. - -Subsequent refactoring of the netgroup cache only added more uses of -xmalloc and xrealloc. Uses of xmalloc and xrealloc in other parts of -nscd only occur during startup of the daemon and so are not affected by -client requests that could trigger an out of memory followed by -termination. - -CVE-Id: CVE-2024-33601 -Public-Date: 2024-04-24 -Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15) -Fix-Commit: c04a21e050d64a1193a6daab872bca2528bda44b (2.40) -Fix-Commit: a9a8d3eebb145779a18d90e3966009a1daa63cd8 (2.39-38) -Fix-Commit: 71af8ca864345d39b746d5cee84b94b430fad5db (2.38-75) -Fix-Commit: 6e106dc214d6a033a4e945d1c6cf58061f1c5f1f (2.37-94) -Fix-Commit: b6742463694b1dfdd5120b91ee21cf05d15ec2e2 (2.36-168) -Fix-Commit: 7a5864cac60e06000394128a5a2817b03542f5a3 (2.35-319) -Fix-Commit: 86f1d5f4129c373ac6fb6df5bcf38273838843cb (2.34-463) -Fix-Commit: 4d27d4b9a188786fc6a56745506cec2acfc51f83 (2.33-267) -Fix-Commit: 3ed195a8ec89da281e3c4bf887a13d281b72d8f4 (2.32-144) -Fix-Commit: bbf5a58ccb55679217f94de706164d15372fbbc0 (2.31-158) diff --git a/advisories/GLIBC-SA-2024-0008 b/advisories/GLIBC-SA-2024-0008 deleted file mode 100644 index d93e2a6f0..000000000 --- a/advisories/GLIBC-SA-2024-0008 +++ /dev/null @@ -1,26 +0,0 @@ -nscd: netgroup cache assumes NSS callback uses in-buffer strings - -The Name Service Cache Daemon's (nscd) netgroup cache can corrupt memory -when the NSS callback does not store all strings in the provided buffer. -The flaw was introduced in glibc 2.15 when the cache was added to nscd. - -This vulnerability is only present in the nscd binary. - -There is no guarantee from the NSS callback API that the returned -strings are all within the buffer. However, the netgroup cache code -assumes that the NSS callback uses in-buffer strings and if it doesn't -the buffer resizing logic could lead to potential memory corruption. - -CVE-Id: CVE-2024-33602 -Public-Date: 2024-04-24 -Vulnerable-Commit: 684ae515993269277448150a1ca70db3b94aa5bd (2.15) -Fix-Commit: c04a21e050d64a1193a6daab872bca2528bda44b (2.40) -Fix-Commit: a9a8d3eebb145779a18d90e3966009a1daa63cd8 (2.39-38) -Fix-Commit: 71af8ca864345d39b746d5cee84b94b430fad5db (2.38-75) -Fix-Commit: 6e106dc214d6a033a4e945d1c6cf58061f1c5f1f (2.37-94) -Fix-Commit: b6742463694b1dfdd5120b91ee21cf05d15ec2e2 (2.36-168) -Fix-Commit: 7a5864cac60e06000394128a5a2817b03542f5a3 (2.35-319) -Fix-Commit: 86f1d5f4129c373ac6fb6df5bcf38273838843cb (2.34-463) -Fix-Commit: 4d27d4b9a188786fc6a56745506cec2acfc51f83 (2.33-267) -Fix-Commit: 3ed195a8ec89da281e3c4bf887a13d281b72d8f4 (2.32-144) -Fix-Commit: bbf5a58ccb55679217f94de706164d15372fbbc0 (2.31-158) diff --git a/advisories/README b/advisories/README deleted file mode 100644 index b8f8a829c..000000000 --- a/advisories/README +++ /dev/null @@ -1,77 +0,0 @@ -GNU C Library Security Advisory Format -====================================== - -Security advisories in this directory follow a simple git commit log -format, with a heading and free-format description augmented with tags -to allow parsing key information. References to code changes are -specific to the glibc repository and follow a specific format: - - Tag-name: (release-version) - -The indicates a specific commit in the repository. The -release-version indicates the publicly consumable release in which this -commit is known to exist. The release-version is derived from the -git-describe format, (i.e. stripped out from glibc-2.34.NNN-gxxxx) and -is of the form 2.34-NNN. If the -NNN suffix is absent, it means that -the change is in that release tarball, otherwise the change is on the -release/2.YY/master branch and not in any released tarball. - -The following tags are currently being used: - -CVE-Id: -This is the CVE-Id assigned under the CVE Program -(https://www.cve.org/). - -Public-Date: -The date this issue became publicly known. - -Vulnerable-Commit: -The commit that introduced this vulnerability. There could be multiple -entries, one for each release branch in the glibc repository; the -release-version portion of this tag should tell you which branch this is -on. - -Fix-Commit: -The commit that fixed this vulnerability. There could be multiple -entries for each release branch in the glibc repository, indicating that -all of those commits contributed to fixing that issue in each of those -branches. - -Reported-By: -The entity that reported this issue. There could be multiple entries, one for -each reporter. - -Adding an Advisory ------------------- - -An advisory for a CVE needs to be added on the master branch in two steps: - -1. Add the text of the advisory without any Fix-Commit tags along with - the fix for the CVE. Add the Vulnerable-Commit tag, if applicable. - The advisories directory does not exist in release branches, so keep - the advisory text commit distinct from the code changes, to ease - backports. Ask for the GLIBC-SA advisory number from the security - team. - -2. Finish all backports on release branches and then back on the msater - branch, add all commit refs to the advisory using the Fix-Commit - tags. Don't bother adding the release-version subscript since the - next step will overwrite it. - -3. Run the process-advisories.sh script in the scripts directory on the - advisory: - - scripts/process-advisories.sh update GLIBC-SA-YYYY-NNNN - - (replace YYYY-NNNN with the actual advisory number). - -4. Verify the updated advisory and push the result. - -Getting a NEWS snippet from advisories --------------------------------------- - -Run: - - scripts/process-advisories.sh news - -and copy the content into the NEWS file. diff --git a/include/libc-internal.h b/include/libc-internal.h index 87ac59183..1ef43ffe6 100644 --- a/include/libc-internal.h +++ b/include/libc-internal.h @@ -53,6 +53,9 @@ extern __typeof (__profile_frequency) __profile_frequency attribute_hidden; is not for an audit module, not loaded via dlmopen, and not loaded via static dlopen either). */ extern _Bool __libc_initial attribute_hidden; +#else +/* The static libc is always the initial namespace. */ +# define __libc_initial ((_Bool) 1) #endif #endif /* _LIBC_INTERNAL */ diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h index 91a80dd7c..4b8bc35bd 100644 --- a/libio/bits/stdio2.h +++ b/libio/bits/stdio2.h @@ -308,14 +308,14 @@ fgets (__fortify_clang_overload_arg (char *, __restrict, __s), int __n, "fgets called with bigger size than length of " "destination buffer") { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __fgets_alias (__s, __n, __stream); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __fgets_chk_warn (__s, sz, __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __fgets_chk_warn (__s, __sz, __n, __stream); #endif - return __fgets_chk (__s, sz, __n, __stream); + return __fgets_chk (__s, __sz, __n, __stream); } __fortify_function __wur __nonnull ((4)) __attribute_overloadable__ size_t @@ -326,14 +326,14 @@ fread (__fortify_clang_overload_arg (void *, __restrict, __ptr), "fread called with bigger size * n than length " "of destination buffer") { - size_t sz = __glibc_objsize0 (__ptr); - if (__glibc_safe_or_unknown_len (__n, __size, sz)) + size_t __sz = __glibc_objsize0 (__ptr); + if (__glibc_safe_or_unknown_len (__n, __size, __sz)) return __fread_alias (__ptr, __size, __n, __stream); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, __size, sz)) - return __fread_chk_warn (__ptr, sz, __size, __n, __stream); + if (__glibc_unsafe_len (__n, __size, __sz)) + return __fread_chk_warn (__ptr, __sz, __size, __n, __stream); #endif - return __fread_chk (__ptr, sz, __size, __n, __stream); + return __fread_chk (__ptr, __sz, __size, __n, __stream); } #ifdef __USE_GNU @@ -345,14 +345,14 @@ fgets_unlocked (__fortify_clang_overload_arg (char *, __restrict, __s), "fgets called with bigger size than length of " "destination buffer") { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __fgets_unlocked_alias (__s, __n, __stream); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __fgets_unlocked_chk_warn (__s, sz, __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __fgets_unlocked_chk_warn (__s, __sz, __n, __stream); #endif - return __fgets_unlocked_chk (__s, sz, __n, __stream); + return __fgets_unlocked_chk (__s, __sz, __n, __stream); } #endif @@ -366,8 +366,8 @@ fread_unlocked (__fortify_clang_overload_arg0 (void *, __restrict, __ptr), "fread_unlocked called with bigger size * n than " "length of destination buffer") { - size_t sz = __glibc_objsize0 (__ptr); - if (__glibc_safe_or_unknown_len (__n, __size, sz)) + size_t __sz = __glibc_objsize0 (__ptr); + if (__glibc_safe_or_unknown_len (__n, __size, __sz)) { # ifdef __USE_EXTERN_INLINES if (__builtin_constant_p (__size) @@ -393,10 +393,10 @@ fread_unlocked (__fortify_clang_overload_arg0 (void *, __restrict, __ptr), return __fread_unlocked_alias (__ptr, __size, __n, __stream); } # if !__fortify_use_clang - if (__glibc_unsafe_len (__n, __size, sz)) - return __fread_unlocked_chk_warn (__ptr, sz, __size, __n, __stream); + if (__glibc_unsafe_len (__n, __size, __sz)) + return __fread_unlocked_chk_warn (__ptr, __sz, __size, __n, __stream); # endif - return __fread_unlocked_chk (__ptr, sz, __size, __n, __stream); + return __fread_unlocked_chk (__ptr, __sz, __size, __n, __stream); } #endif diff --git a/malloc/Makefile b/malloc/Makefile index 02aff1bd1..98d507a6e 100644 --- a/malloc/Makefile +++ b/malloc/Makefile @@ -28,6 +28,8 @@ tests := \ mallocbug \ tst-aligned-alloc \ tst-aligned-alloc-random \ + tst-aligned-alloc-random-thread \ + tst-aligned-alloc-random-thread-cross \ tst-alloc_buffer \ tst-calloc \ tst-free-errno \ @@ -151,6 +153,8 @@ ifeq ($(have-GLIBC_2.23)$(build-shared),yesyes) # the tests expect specific internal behavior that is changed due to linking to # libmcheck.a. tests-exclude-mcheck = \ + tst-aligned-alloc-random-thread \ + tst-aligned-alloc-random-thread-cross \ tst-compathooks-off \ tst-compathooks-on \ tst-malloc-backtrace \ @@ -415,7 +419,11 @@ $(objpfx)tst-mallocstate: $(objpfx)libc_malloc_debug.so $(objpfx)tst-mallocstate-malloc-check: $(objpfx)libc_malloc_debug.so $(objpfx)tst-aligned-alloc-random.out: $(objpfx)tst-aligned_alloc-lib.so +$(objpfx)tst-aligned-alloc-random-thread.out: $(objpfx)tst-aligned_alloc-lib.so +$(objpfx)tst-aligned-alloc-random-thread-cross.out: $(objpfx)tst-aligned_alloc-lib.so $(objpfx)tst-malloc-random.out: $(objpfx)tst-aligned_alloc-lib.so tst-aligned-alloc-random-ENV = LD_PRELOAD=$(objpfx)tst-aligned_alloc-lib.so +tst-aligned-alloc-random-thread-ENV = LD_PRELOAD=$(objpfx)tst-aligned_alloc-lib.so +tst-aligned-alloc-random-thread-cross-ENV = LD_PRELOAD=$(objpfx)tst-aligned_alloc-lib.so tst-malloc-random-ENV = LD_PRELOAD=$(objpfx)tst-aligned_alloc-lib.so diff --git a/malloc/tst-aligned-alloc-random-thread-cross.c b/malloc/tst-aligned-alloc-random-thread-cross.c new file mode 100644 index 000000000..360ecc56e --- /dev/null +++ b/malloc/tst-aligned-alloc-random-thread-cross.c @@ -0,0 +1,19 @@ +/* multi-threaded memory allocation and cross-thread deallocation test. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; see the file COPYING.LIB. If + not, see . */ +#define CROSS_THREAD_DEALLOC +#include "tst-aligned-alloc-random-thread.c" diff --git a/malloc/tst-aligned-alloc-random-thread.c b/malloc/tst-aligned-alloc-random-thread.c new file mode 100644 index 000000000..e95f79250 --- /dev/null +++ b/malloc/tst-aligned-alloc-random-thread.c @@ -0,0 +1,145 @@ +/* multi-threaded memory allocation/deallocation test. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public License as + published by the Free Software Foundation; either version 2.1 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; see the file COPYING.LIB. If + not, see . */ + +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#ifndef ITERATIONS +# define ITERATIONS 16 +#endif + +#ifndef NUM_THREADS +# define NUM_THREADS 8 +#endif + +#ifndef NUM_ALLOCATIONS +# define NUM_ALLOCATIONS 2048 +#endif + +static pthread_barrier_t barrier; + +__thread unsigned int seed; + +typedef struct +{ + int id; + pthread_t thread; +} thread; + +thread threads[NUM_THREADS]; + +void *allocations[NUM_THREADS][NUM_ALLOCATIONS]; + +void +run_thread_dealloc (int id) +{ + for (int i = 0; i < NUM_ALLOCATIONS; i++) + { + free (allocations[id][i]); + allocations[id][i] = NULL; + } +} + +void +run_thread_alloc (int id) +{ + size_t msb, size; + for (int i = 0; i < NUM_ALLOCATIONS; i++) + { + msb = 1 << rand_r (&seed) % 16; + size = msb + rand_r (&seed) % msb; + allocations[id][i] = malloc (size); + TEST_VERIFY_EXIT (allocations[id][i] != NULL); + } +} + +void * +run_allocations (void *arg) +{ + int id = *((int *) arg); + seed = time (NULL) + id; + + /* Stage 1: First half o the threads allocating memory and the second + * half waiting for them to finish + */ + if (id < NUM_THREADS / 2) + run_thread_alloc (id); + + xpthread_barrier_wait (&barrier); + + /* Stage 2: Half of the threads allocationg memory and the other + * half deallocating: + * - In the non cross-thread dealloc scenario the first half will be + * deallocating the memory allocated by themselves in stage 1 and the + * second half will be allocating memory. + * - In the cross-thread dealloc scenario the first half will continue + * to allocate memory and the second half will deallocate the memory + * allocated by the first half in stage 1. + */ + if (id < NUM_THREADS / 2) +#ifndef CROSS_THREAD_DEALLOC + run_thread_dealloc (id); +#else + run_thread_alloc (id + NUM_THREADS / 2); +#endif + else +#ifndef CROSS_THREAD_DEALLOC + run_thread_alloc (id); +#else + run_thread_dealloc (id - NUM_THREADS / 2); +#endif + + xpthread_barrier_wait (&barrier); + + // Stage 3: Second half of the threads deallocating and the first half + // waiting for them to finish. + if (id >= NUM_THREADS / 2) + run_thread_dealloc (id); + + return NULL; +} + +static int +do_test (void) +{ + xpthread_barrier_init (&barrier, NULL, NUM_THREADS); + + for (int i = 0; i < ITERATIONS; i++) + { + for (int t = 0; t < NUM_THREADS; t++) + { + threads[t].id = t; + threads[t].thread + = xpthread_create (NULL, run_allocations, &threads[t].id); + } + + for (int t = 0; t < NUM_THREADS; t++) + xpthread_join (threads[t].thread); + } + + return 0; +} + +#include diff --git a/malloc/tst-aligned_alloc-lib.c b/malloc/tst-aligned_alloc-lib.c index 0205df5ac..9ef1f839c 100644 --- a/malloc/tst-aligned_alloc-lib.c +++ b/malloc/tst-aligned_alloc-lib.c @@ -17,37 +17,38 @@ License along with the GNU C Library; see the file COPYING.LIB. If not, see . */ -#include #include #include +#include extern void *__libc_malloc (size_t size); extern void *__libc_calloc (size_t n, size_t size); +__thread unsigned int seed = 0; + int aligned_alloc_count = 0; int libc_malloc_count = 0; int libc_calloc_count = 0; -/* Get a random alignment value. Biased towards the smaller values. Must be - a power of 2. */ -static size_t get_random_alignment (void) -{ - size_t aligns[] = { - 1, 2, 4, 8, 16, 32, 64, 128, 256, 512, 1024, 2048, 4096, 8192, 16384 - }; - - return aligns[random () % array_length (aligns)]; -} - -static void *get_random_alloc (size_t size) +static void * +get_random_alloc (size_t size) { void *retval; size_t align; + struct timespec tp; + + if (seed == 0) + { + clock_gettime (CLOCK_REALTIME, &tp); + seed = tp.tv_nsec; + } - switch (random() % 3) - { + switch (rand_r (&seed) % 3) + { case 1: - align = get_random_alignment (); + /* Get a random alignment value. Biased towards the smaller + * values up to 16384. Must be a power of 2. */ + align = 1 << rand_r (&seed) % 15; retval = aligned_alloc (align, size); aligned_alloc_count++; break; @@ -59,13 +60,13 @@ static void *get_random_alloc (size_t size) retval = __libc_malloc (size); libc_malloc_count++; break; - } + } return retval; } - -void * __random_malloc (size_t size) +void * +__random_malloc (size_t size) { return get_random_alloc (size); } diff --git a/misc/Makefile b/misc/Makefile index 5d17c562f..7b7f8351b 100644 --- a/misc/Makefile +++ b/misc/Makefile @@ -257,6 +257,8 @@ tests := \ tst-mntent-blank-passno \ tst-mntent-escape \ tst-mntent2 \ + tst-mremap1 \ + tst-mremap2 \ tst-preadvwritev \ tst-preadvwritev2 \ tst-preadvwritev64 \ diff --git a/misc/tst-mremap1.c b/misc/tst-mremap1.c new file mode 100644 index 000000000..0469991a6 --- /dev/null +++ b/misc/tst-mremap1.c @@ -0,0 +1,46 @@ +/* Test mremap with MREMAP_MAYMOVE. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + size_t old_size = getpagesize (); + char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1); + old_addr[0] = 1; + old_addr[old_size - 1] = 2; + + /* Test MREMAP_MAYMOVE. */ + size_t new_size = old_size + old_size; + char *new_addr = mremap (old_addr, old_size, new_size, MREMAP_MAYMOVE); + TEST_VERIFY_EXIT (new_addr != MAP_FAILED); + new_addr[0] = 1; + new_addr[new_size - 1] = 2; + xmunmap (new_addr, new_size); + + return 0; +} + +#include diff --git a/misc/tst-mremap2.c b/misc/tst-mremap2.c new file mode 100644 index 000000000..45be7f036 --- /dev/null +++ b/misc/tst-mremap2.c @@ -0,0 +1,54 @@ +/* Test mremap with MREMAP_FIXED. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + size_t old_size = getpagesize (); + size_t new_size = old_size + old_size; + char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1); + old_addr[0] = 1; + old_addr[old_size - 1] = 2; + + char *fixed_addr = xmmap (NULL, new_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1); + fixed_addr[0] = 1; + fixed_addr[new_size - 1] = 2; + + /* Test MREMAP_FIXED. */ + char *new_addr = mremap (old_addr, old_size, new_size, + MREMAP_FIXED | MREMAP_MAYMOVE, + fixed_addr); + if (new_addr == MAP_FAILED) + return mremap_failure_exit (errno); + new_addr[0] = 1; + new_addr[new_size - 1] = 2; + xmunmap (new_addr, new_size); + + return 0; +} + +#include diff --git a/resolv/Makefile b/resolv/Makefile index 5f44f5896..abff7fc00 100644 --- a/resolv/Makefile +++ b/resolv/Makefile @@ -106,6 +106,8 @@ tests += \ tst-resolv-nondecimal \ tst-resolv-res_init-multi \ tst-resolv-search \ + tst-resolv-semi-failure \ + tst-resolv-short-response \ tst-resolv-trailing \ # This test calls __res_context_send directly, which is not exported @@ -299,6 +301,10 @@ $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-search: $(objpfx)libresolv.so $(shared-thread-library) +$(objpfx)tst-resolv-semi-failure: $(objpfx)libresolv.so \ + $(shared-thread-library) +$(objpfx)tst-resolv-short-response: $(objpfx)libresolv.so \ + $(shared-thread-library) $(objpfx)tst-resolv-trailing: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-threads: $(objpfx)libresolv.so $(shared-thread-library) $(objpfx)tst-resolv-txnid-collision: $(objpfx)libresolv.a \ diff --git a/resolv/res_send.c b/resolv/res_send.c index ea7cf192b..9c77613f3 100644 --- a/resolv/res_send.c +++ b/resolv/res_send.c @@ -1199,19 +1199,30 @@ send_dg(res_state statp, } /* Check for the correct header layout and a matching - question. */ + question. Some recursive resolvers send REFUSED + without copying back the question section + (producing a response that is only HFIXEDSZ bytes + long). Skip query matching in this case. */ + bool thisansp_error = (anhp->rcode == SERVFAIL || + anhp->rcode == NOTIMP || + anhp->rcode == REFUSED); + bool skip_query_match = (*thisresplenp == HFIXEDSZ + && ntohs (anhp->qdcount) == 0 + && thisansp_error); int matching_query = 0; /* Default to no matching query. */ if (!recvresp1 && anhp->id == hp->id - && __libc_res_queriesmatch (buf, buf + buflen, - *thisansp, - *thisansp + *thisanssizp)) + && (skip_query_match + || __libc_res_queriesmatch (buf, buf + buflen, + *thisansp, + *thisansp + *thisanssizp))) matching_query = 1; if (!recvresp2 && anhp->id == hp2->id - && __libc_res_queriesmatch (buf2, buf2 + buflen2, - *thisansp, - *thisansp + *thisanssizp)) + && (skip_query_match + || __libc_res_queriesmatch (buf2, buf2 + buflen2, + *thisansp, + *thisansp + *thisanssizp))) matching_query = 2; if (matching_query == 0) /* Spurious UDP packet. Drop it and continue @@ -1221,15 +1232,13 @@ send_dg(res_state statp, goto wait; } - if (anhp->rcode == SERVFAIL || - anhp->rcode == NOTIMP || - anhp->rcode == REFUSED) { + if (thisansp_error) { next_ns: if (recvresp1 || (buf2 != NULL && recvresp2)) { *resplen2 = 0; return resplen; } - if (buf2 != NULL) + if (buf2 != NULL && !single_request) { /* No data from the first reply. */ resplen = 0; diff --git a/resolv/tst-resolv-semi-failure.c b/resolv/tst-resolv-semi-failure.c new file mode 100644 index 000000000..aa9798b5a --- /dev/null +++ b/resolv/tst-resolv-semi-failure.c @@ -0,0 +1,133 @@ +/* Test parallel failure/success responses (bug 30081). + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +/* The rcode in the initial response. */ +static volatile int rcode; + +/* Whether to fail the initial A query (!fail_aaaa) or the initial + AAAA query (fail_aaaa). */ +static volatile bool fail_aaaa; + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + /* Handle the failing query. */ + if ((fail_aaaa && qtype == T_AAAA) && ctx->server_index == 0) + { + struct resolv_response_flags flags = {.rcode = rcode}; + resolv_response_init (b, flags); + return; + } + + /* Otherwise produce a response. */ + resolv_response_init (b, (struct resolv_response_flags) {}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, qtype, 0); + switch (qtype) + { + case T_A: + { + char ipv4[4] = {192, 0, 2, 17}; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + FAIL_EXIT1 ("unexpected TYPE%d query", qtype); + } + resolv_response_close_record (b); +} + +static void +check_one (void) +{ + + /* The buggy 1-second query timeout results in 30 seconds of delay, + which triggers are test timeout failure. */ + for (int i = 0; i < 30; ++i) + { + static const struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + }; + struct addrinfo *ai; + int ret = getaddrinfo ("www.example", "80", &hints, &ai); + const char *expected; + if (ret == 0 && ai->ai_next != NULL) + expected = ("address: STREAM/TCP 192.0.2.17 80\n" + "address: STREAM/TCP 2001:db8::1 80\n"); + else + /* Only one response because the AAAA lookup failure is + treated as an ignoreable error. */ + expected = "address: STREAM/TCP 192.0.2.17 80\n"; + check_addrinfo ("www.example", ai, ret, expected); + if (ret == 0) + freeaddrinfo (ai); + } +} + +static int +do_test (void) +{ + for (int do_single_lookup = 0; do_single_lookup < 2; ++do_single_lookup) + { + struct resolv_test *aux = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response, + }); + + if (do_single_lookup) + _res.options |= RES_SNGLKUP; + + for (int do_fail_aaaa = 0; do_fail_aaaa < 2; ++do_fail_aaaa) + { + fail_aaaa = do_fail_aaaa; + + rcode = 2; /* SERVFAIL. */ + check_one (); + + rcode = 4; /* NOTIMP. */ + check_one (); + + rcode = 5; /* REFUSED. */ + check_one (); + } + + resolv_test_end (aux); + } + + return 0; +} + +#include diff --git a/resolv/tst-resolv-short-response.c b/resolv/tst-resolv-short-response.c new file mode 100644 index 000000000..9b06b0c17 --- /dev/null +++ b/resolv/tst-resolv-short-response.c @@ -0,0 +1,126 @@ +/* Test for spurious timeouts with short 12-byte responses (bug 31890). + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +/* The rcode in the initial response. */ +static volatile int rcode; + +static void +response (const struct resolv_response_context *ctx, + struct resolv_response_builder *b, + const char *qname, uint16_t qclass, uint16_t qtype) +{ + switch (ctx->server_index) + { + case 0: + /* First server times out. */ + { + struct resolv_response_flags flags = {.rcode = rcode}; + resolv_response_init (b, flags); + } + break; + case 1: + /* Second server sends reply. */ + resolv_response_init (b, (struct resolv_response_flags) {}); + resolv_response_add_question (b, qname, qclass, qtype); + resolv_response_section (b, ns_s_an); + resolv_response_open_record (b, qname, qclass, qtype, 0); + switch (qtype) + { + case T_A: + { + char ipv4[4] = {192, 0, 2, 17}; + resolv_response_add_data (b, &ipv4, sizeof (ipv4)); + } + break; + case T_AAAA: + { + char ipv6[16] + = {0x20, 0x01, 0xd, 0xb8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1}; + resolv_response_add_data (b, &ipv6, sizeof (ipv6)); + } + break; + default: + FAIL_EXIT1 ("unexpected TYPE%d query", qtype); + } + resolv_response_close_record (b); + break; + default: + FAIL_EXIT1 ("unexpected query to server %d", ctx->server_index); + } +} + +static void +check_one (void) +{ + + /* The buggy 1-second query timeout results in 30 seconds of delay, + which triggers a test timeout failure. */ + for (int i = 0; i < 10; ++i) + { + check_hostent ("www.example", gethostbyname ("www.example"), + "name: www.example\n" + "address: 192.0.2.17\n"); + check_hostent ("www.example", gethostbyname2 ("www.example", AF_INET6), + "name: www.example\n" + "address: 2001:db8::1\n"); + static const struct addrinfo hints = + { + .ai_family = AF_UNSPEC, + .ai_socktype = SOCK_STREAM, + }; + struct addrinfo *ai; + int ret = getaddrinfo ("www.example", "80", &hints, &ai); + check_addrinfo ("www.example", ai, ret, + "address: STREAM/TCP 192.0.2.17 80\n" + "address: STREAM/TCP 2001:db8::1 80\n"); + if (ret == 0) + freeaddrinfo (ai); + } +} + +static int +do_test (void) +{ + struct resolv_test *aux = resolv_test_start + ((struct resolv_redirect_config) + { + .response_callback = response, + }); + + _res.options |= RES_SNGLKUP; + + rcode = 2; /* SERVFAIL. */ + check_one (); + + rcode = 4; /* NOTIMP. */ + check_one (); + + rcode = 5; /* REFUSED. */ + check_one (); + + resolv_test_end (aux); + + return 0; +} + +#include diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h index 04780f320..bd91647f3 100644 --- a/socket/bits/socket2.h +++ b/socket/bits/socket2.h @@ -37,14 +37,14 @@ recv (int __fd, __fortify_clang_overload_arg0 (void *, ,__buf), size_t __n, "recv called with bigger length than " "size of destination buffer") { - size_t sz = __glibc_objsize0 (__buf); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize0 (__buf); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __recv_alias (__fd, __buf, __n, __flags); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __recv_chk_warn (__fd, __buf, __n, sz, __flags); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __recv_chk_warn (__fd, __buf, __n, __sz, __flags); #endif - return __recv_chk (__fd, __buf, __n, sz, __flags); + return __recv_chk (__fd, __buf, __n, __sz, __flags); } extern ssize_t __recvfrom_chk (int __fd, void *__restrict __buf, size_t __n, @@ -71,13 +71,13 @@ recvfrom (int __fd, __fortify_clang_overload_arg0 (void *, __restrict, __buf), "recvfrom called with bigger length " "than size of destination buffer") { - size_t sz = __glibc_objsize0 (__buf); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize0 (__buf); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __recvfrom_chk_warn (__fd, __buf, __n, sz, __flags, __addr, + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __recvfrom_chk_warn (__fd, __buf, __n, __sz, __flags, __addr, __addr_len); #endif - return __recvfrom_chk (__fd, __buf, __n, sz, __flags, __addr, __addr_len); + return __recvfrom_chk (__fd, __buf, __n, __sz, __flags, __addr, __addr_len); } diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h index 1557b862b..9c78ecf45 100644 --- a/stdlib/bits/stdlib.h +++ b/stdlib/bits/stdlib.h @@ -43,16 +43,16 @@ __NTH (realpath (const char *__restrict __name, "bytes long buffer") #endif { - size_t sz = __glibc_objsize (__resolved); + size_t __sz = __glibc_objsize (__resolved); - if (sz == (size_t) -1) + if (__sz == (size_t) -1) return __realpath_alias (__name, __resolved); #if !__fortify_use_clang && defined _LIBC_LIMITS_H_ && defined PATH_MAX - if (__glibc_unsafe_len (PATH_MAX, sizeof (char), sz)) - return __realpath_chk_warn (__name, __resolved, sz); + if (__glibc_unsafe_len (PATH_MAX, sizeof (char), __sz)) + return __realpath_chk_warn (__name, __resolved, __sz); #endif - return __realpath_chk (__name, __resolved, sz); + return __realpath_chk (__name, __resolved, __sz); } diff --git a/string/Makefile b/string/Makefile index 8f31fa49e..1dff405c2 100644 --- a/string/Makefile +++ b/string/Makefile @@ -184,6 +184,7 @@ tests := \ test-strncpy \ test-strndup \ test-strnlen \ + test-strnlen-nonarray \ test-strpbrk \ test-strrchr \ test-strspn \ @@ -235,7 +236,10 @@ tests-unsupported += $(tests-translation) endif # This test allocates a lot of memory and can run for a long time. -xtests = tst-strcoll-overflow +xtests += tst-strcoll-overflow + +# This test runs for a long time. +xtests += test-strncmp-nonarray # This test needs libdl. ifeq (yes,$(build-shared)) diff --git a/string/strerror_l.c b/string/strerror_l.c index 15cce261e..70456e5bb 100644 --- a/string/strerror_l.c +++ b/string/strerror_l.c @@ -20,7 +20,7 @@ #include #include #include - +#include static const char * translate (const char *str, locale_t loc) @@ -31,6 +31,12 @@ translate (const char *str, locale_t loc) return res; } +static char * +unknown_error (locale_t loc) +{ + return (char *) translate ("Unknown error", loc); +} + /* Return a string describing the errno code in ERRNUM. */ char * @@ -40,18 +46,25 @@ __strerror_l (int errnum, locale_t loc) char *err = (char *) __get_errlist (errnum); if (__glibc_unlikely (err == NULL)) { - struct tls_internal_t *tls_internal = __glibc_tls_internal (); - free (tls_internal->strerror_l_buf); - if (__asprintf (&tls_internal->strerror_l_buf, "%s%d", - translate ("Unknown error ", loc), errnum) > 0) - err = tls_internal->strerror_l_buf; - else + if (__libc_initial) { - /* The memory was freed above. */ - tls_internal->strerror_l_buf = NULL; - /* Provide a fallback translation. */ - err = (char *) translate ("Unknown error", loc); + struct tls_internal_t *tls_internal = __glibc_tls_internal (); + free (tls_internal->strerror_l_buf); + if (__asprintf (&tls_internal->strerror_l_buf, "%s%d", + translate ("Unknown error ", loc), errnum) > 0) + err = tls_internal->strerror_l_buf; + else + { + /* The memory was freed above. */ + tls_internal->strerror_l_buf = NULL; + /* Provide a fallback translation. */ + err = unknown_error (loc); + } } + else + /* Secondary namespaces use a different malloc, so cannot + participate in the buffer management. */ + err = unknown_error (loc); } else err = (char *) translate (err, loc); diff --git a/string/strsignal.c b/string/strsignal.c index 311460156..d9b036546 100644 --- a/string/strsignal.c +++ b/string/strsignal.c @@ -21,6 +21,7 @@ #include #include #include +#include /* Return a string describing the meaning of the signal number SIGNUM. */ char * @@ -30,21 +31,28 @@ strsignal (int signum) if (desc != NULL) return _(desc); - struct tls_internal_t *tls_internal = __glibc_tls_internal (); - free (tls_internal->strsignal_buf); + if (__libc_initial) + { + struct tls_internal_t *tls_internal = __glibc_tls_internal (); + free (tls_internal->strsignal_buf); - int r; + int r; #ifdef SIGRTMIN - if (signum >= SIGRTMIN && signum <= SIGRTMAX) - r = __asprintf (&tls_internal->strsignal_buf, _("Real-time signal %d"), - signum - SIGRTMIN); - else + if (signum >= SIGRTMIN && signum <= SIGRTMAX) + r = __asprintf (&tls_internal->strsignal_buf, _("Real-time signal %d"), + signum - SIGRTMIN); + else #endif - r = __asprintf (&tls_internal->strsignal_buf, _("Unknown signal %d"), - signum); - - if (r == -1) - tls_internal->strsignal_buf = NULL; - - return tls_internal->strsignal_buf; + r = __asprintf (&tls_internal->strsignal_buf, _("Unknown signal %d"), + signum); + + if (r >= 0) + return tls_internal->strsignal_buf; + else + tls_internal->strsignal_buf = NULL; + } + /* Fall through on asprintf error, and for !__libc_initial: + secondary namespaces use a different malloc and cannot + participate in the buffer management. */ + return _("Unknown signal"); } diff --git a/string/test-Xncmp-nonarray.c b/string/test-Xncmp-nonarray.c new file mode 100644 index 000000000..9f3a3ca75 --- /dev/null +++ b/string/test-Xncmp-nonarray.c @@ -0,0 +1,183 @@ +/* Test non-array inputs to string comparison functions. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +/* This skeleton file is included from string/test-strncmp-nonarray.c and + wcsmbs/test-wcsncmp-nonarray.c to test that reading of the arrays stops + at the first null character. + + TEST_IDENTIFIER must be the test function identifier. TEST_NAME is + the same as a string. + + CHAR must be defined as the character type. */ + +#include +#include +#include +#include +#include +#include +#include + +/* Much shorter than test-Xnlen-nonarray.c because of deeply nested loops. */ +enum { buffer_length = 80 }; + +/* The test buffer layout follows what is described test-Xnlen-nonarray.c, + except that there two buffers, left and right. The variables + a_count, zero_count, start_offset are all duplicated. */ + +/* Return the maximum string length for a string that starts at + start_offset. */ +static int +string_length (int a_count, int start_offset) +{ + if (start_offset == buffer_length || start_offset >= a_count) + return 0; + else + return a_count - start_offset; +} + +/* This is the valid maximum length argument computation for + strnlen/wcsnlen. See text-Xnlen-nonarray.c. */ +static int +maximum_length (int start_offset, int zero_count) +{ + if (start_offset == buffer_length) + return 0; + else if (zero_count > 0) + /* Effectively unbounded, but we need to stop fairly low, + otherwise testing takes too long. */ + return buffer_length + 32; + else + return buffer_length - start_offset; +} + +typedef __typeof (TEST_IDENTIFIER) *proto_t; + +#define TEST_MAIN +#include "test-string.h" + +IMPL (TEST_IDENTIFIER, 1) + +static int +test_main (void) +{ + TEST_VERIFY_EXIT (sysconf (_SC_PAGESIZE) >= buffer_length); + test_init (); + + struct support_next_to_fault left_ntf + = support_next_to_fault_allocate (buffer_length * sizeof (CHAR)); + CHAR *left_buffer = (CHAR *) left_ntf.buffer; + struct support_next_to_fault right_ntf + = support_next_to_fault_allocate (buffer_length * sizeof (CHAR)); + CHAR *right_buffer = (CHAR *) right_ntf.buffer; + + FOR_EACH_IMPL (impl, 0) + { + printf ("info: testing %s\n", impl->name); + for (size_t i = 0; i < buffer_length; ++i) + left_buffer[i] = 'A'; + + for (int left_zero_count = 0; left_zero_count <= buffer_length; + ++left_zero_count) + { + if (left_zero_count > 0) + left_buffer[buffer_length - left_zero_count] = 0; + int left_a_count = buffer_length - left_zero_count; + for (size_t i = 0; i < buffer_length; ++i) + right_buffer[i] = 'A'; + for (int right_zero_count = 0; right_zero_count <= buffer_length; + ++right_zero_count) + { + if (right_zero_count > 0) + right_buffer[buffer_length - right_zero_count] = 0; + int right_a_count = buffer_length - right_zero_count; + for (int left_start_offset = 0; + left_start_offset <= buffer_length; + ++left_start_offset) + { + CHAR *left_start_pointer = left_buffer + left_start_offset; + int left_maxlen + = maximum_length (left_start_offset, left_zero_count); + int left_length + = string_length (left_a_count, left_start_offset); + for (int right_start_offset = 0; + right_start_offset <= buffer_length; + ++right_start_offset) + { + CHAR *right_start_pointer + = right_buffer + right_start_offset; + int right_maxlen + = maximum_length (right_start_offset, right_zero_count); + int right_length + = string_length (right_a_count, right_start_offset); + + /* Maximum length is modelled after strnlen/wcsnlen, + and must be valid for both pointer arguments at + the same time. */ + int maxlen = MIN (left_maxlen, right_maxlen); + + for (int length_argument = 0; length_argument <= maxlen; + ++length_argument) + { + if (test_verbose) + { + printf ("left: zero_count=%d" + " a_count=%d start_offset=%d\n", + left_zero_count, left_a_count, + left_start_offset); + printf ("right: zero_count=%d" + " a_count=%d start_offset=%d\n", + right_zero_count, right_a_count, + right_start_offset); + printf ("length argument: %d\n", + length_argument); + } + + /* Effective lengths bounded by length argument. + The effective length determines the + outcome of the comparison. */ + int left_effective + = MIN (left_length, length_argument); + int right_effective + = MIN (right_length, length_argument); + if (left_effective == right_effective) + TEST_COMPARE (CALL (impl, + left_start_pointer, + right_start_pointer, + length_argument), 0); + else if (left_effective < right_effective) + TEST_COMPARE (CALL (impl, + left_start_pointer, + right_start_pointer, + length_argument) < 0, 1); + else + TEST_COMPARE (CALL (impl, + left_start_pointer, + right_start_pointer, + length_argument) > 0, 1); + } + } + } + } + } + } + + return 0; +} + +#include diff --git a/string/test-Xnlen-nonarray.c b/string/test-Xnlen-nonarray.c new file mode 100644 index 000000000..499bef204 --- /dev/null +++ b/string/test-Xnlen-nonarray.c @@ -0,0 +1,133 @@ +/* Test non-array inputs to string length functions. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +/* This skeleton file is included from string/test-strnlen-nonarray.c + and wcsmbs/test-wcsnlen-nonarray.c to test that reading of the array + stops at the first null character. + + TEST_IDENTIFIER must be the test function identifier. TEST_NAME is + the same as a string. + + CHAR must be defined as the character type. */ + +#include +#include +#include +#include +#include +#include +#include + +typedef __typeof (TEST_IDENTIFIER) *proto_t; + +#define TEST_MAIN +#include "test-string.h" + +IMPL (TEST_IDENTIFIER, 1) + +static int +test_main (void) +{ + enum { buffer_length = 256 }; + TEST_VERIFY_EXIT (sysconf (_SC_PAGESIZE) >= buffer_length); + + test_init (); + + /* Buffer layout: There are a_count 'A' character followed by + zero_count null character, for a total of buffer_length + character: + + AAAAA...AAAAA 00000 ... 00000 (unmapped page follows) + \ / \ / + (a_count) (zero_count) + \___ (buffer_length) ___/ + ^ + | + start_offset + + The buffer length does not change, but a_count (and thus _zero) + and start_offset vary. + + If start_offset == buffer_length, only 0 is a valid length + argument. The result is 0. + + Otherwwise, if zero_count > 0 (if there a null characters in the + buffer), then any length argument is valid. If start_offset < + a_count (i.e., there is a non-null character at start_offset), the + result is the minimum of a_count - start_offset and the length + argument. Otherwise the result is 0. + + Otherwise, there are no null characters before the unmapped page. + The length argument must not be greater than buffer_length - + start_offset, and the result is the length argument. */ + + struct support_next_to_fault ntf + = support_next_to_fault_allocate (buffer_length * sizeof (CHAR)); + CHAR *buffer = (CHAR *) ntf.buffer; + + FOR_EACH_IMPL (impl, 0) + { + printf ("info: testing %s\n", impl->name); + for (size_t i = 0; i < buffer_length; ++i) + buffer[i] = 'A'; + + for (int zero_count = 0; zero_count <= buffer_length; ++zero_count) + { + if (zero_count > 0) + buffer[buffer_length - zero_count] = 0; + int a_count = buffer_length - zero_count; + for (int start_offset = 0; start_offset <= buffer_length; + ++start_offset) + { + CHAR *start_pointer = buffer + start_offset; + if (start_offset == buffer_length) + TEST_COMPARE (CALL (impl, buffer + start_offset, 0), 0); + else if (zero_count > 0) + for (int length_argument = 0; + length_argument <= 2 * buffer_length; + ++length_argument) + { + if (test_verbose) + printf ("zero_count=%d a_count=%d start_offset=%d" + " length_argument=%d\n", + zero_count, a_count, start_offset, + length_argument); + if (start_offset < a_count) + TEST_COMPARE (CALL (impl, start_pointer, length_argument), + MIN (a_count - start_offset, + length_argument)); + else + TEST_COMPARE (CALL (impl, start_pointer, length_argument), + 0); + } + else + for (int length_argument = 0; + length_argument <= buffer_length - start_offset; + ++length_argument) + TEST_COMPARE (CALL (impl, start_pointer, length_argument), + length_argument); + } + } + } + + support_next_to_fault_free (&ntf); + + return 0; +} + +#include diff --git a/string/test-strchr.c b/string/test-strchr.c index c795eac6f..72b17af68 100644 --- a/string/test-strchr.c +++ b/string/test-strchr.c @@ -255,6 +255,69 @@ check1 (void) check_result (impl, s, c, exp_result); } +static void +check2 (void) +{ + CHAR *s = (CHAR *) (buf1 + getpagesize () - 4 * sizeof (CHAR)); + CHAR *s_begin = (CHAR *) (buf1 + getpagesize () - 64); +#ifndef USE_FOR_STRCHRNUL + CHAR *exp_result = NULL; +#else + CHAR *exp_result = s + 1; +#endif + CHAR val = 0x12; + for (; s_begin != s; ++s_begin) + *s_begin = val; + + s[0] = val + 1; + s[1] = 0; + s[2] = val + 1; + s[3] = val + 1; + + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } + s[3] = val; + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } + exp_result = s; + s[0] = val; + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } + + s[3] = val + 1; + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } + + s[0] = val + 1; + s[1] = val + 1; + s[2] = val + 1; + s[3] = val + 1; + s[4] = val; + exp_result = s + 4; + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } + s[4] = 0; +#ifndef USE_FOR_STRCHRNUL + exp_result = NULL; +#else + exp_result = s + 4; +#endif + { + FOR_EACH_IMPL (impl, 0) + check_result (impl, s, val, exp_result); + } +} + int test_main (void) { @@ -263,7 +326,7 @@ test_main (void) test_init (); check1 (); - + check2 (); printf ("%20s", ""); FOR_EACH_IMPL (impl, 0) printf ("\t%s", impl->name); diff --git a/string/test-strncmp-nonarray.c b/string/test-strncmp-nonarray.c new file mode 100644 index 000000000..581e52d01 --- /dev/null +++ b/string/test-strncmp-nonarray.c @@ -0,0 +1,4 @@ +#define TEST_IDENTIFIER strncmp +#define TEST_NAME "strncmp" +typedef char CHAR; +#include "test-Xncmp-nonarray.c" diff --git a/string/test-strnlen-nonarray.c b/string/test-strnlen-nonarray.c new file mode 100644 index 000000000..0ad05756d --- /dev/null +++ b/string/test-strnlen-nonarray.c @@ -0,0 +1,4 @@ +#define TEST_IDENTIFIER strnlen +#define TEST_NAME "strnlen" +typedef char CHAR; +#include "test-Xnlen-nonarray.c" diff --git a/support/test-driver.c b/support/test-driver.c index f4c3e4d66..04ceebc08 100644 --- a/support/test-driver.c +++ b/support/test-driver.c @@ -155,6 +155,7 @@ main (int argc, char **argv) { CMDLINE_OPTIONS TEST_DEFAULT_OPTIONS + { 0, } }; test_config.options = &options; #endif diff --git a/sysdeps/generic/mremap-failure.h b/sysdeps/generic/mremap-failure.h new file mode 100644 index 000000000..bc0d47636 --- /dev/null +++ b/sysdeps/generic/mremap-failure.h @@ -0,0 +1,25 @@ +/* mremap failure handling. Generic version. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +/* Return exit value on mremap failure with errno ERR. */ + +static int +mremap_failure_exit (int err) +{ + return EXIT_FAILURE; +} diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile index 097b5a26f..59998c7af 100644 --- a/sysdeps/unix/sysv/linux/Makefile +++ b/sysdeps/unix/sysv/linux/Makefile @@ -206,6 +206,7 @@ tests += \ tst-getauxval \ tst-gettid \ tst-gettid-kill \ + tst-linux-mremap1 \ tst-memfd_create \ tst-misalign-clone \ tst-mlock2 \ diff --git a/sysdeps/unix/sysv/linux/mremap-failure.h b/sysdeps/unix/sysv/linux/mremap-failure.h new file mode 100644 index 000000000..c99ab30ca --- /dev/null +++ b/sysdeps/unix/sysv/linux/mremap-failure.h @@ -0,0 +1,30 @@ +/* mremap failure handling. Linux version. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Return exit value on mremap failure with errno ERR. */ + +static int +mremap_failure_exit (int err) +{ + if (err != EINVAL) + return EXIT_FAILURE; + + return EXIT_UNSUPPORTED; +} diff --git a/sysdeps/unix/sysv/linux/mremap.c b/sysdeps/unix/sysv/linux/mremap.c index 4f770799c..1ada5c1f4 100644 --- a/sysdeps/unix/sysv/linux/mremap.c +++ b/sysdeps/unix/sysv/linux/mremap.c @@ -20,6 +20,12 @@ #include #include #include +#include + +#define MREMAP_KNOWN_BITS \ + (MREMAP_MAYMOVE \ + | MREMAP_FIXED \ + | MREMAP_DONTUNMAP) void * __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) @@ -27,7 +33,13 @@ __mremap (void *addr, size_t old_len, size_t new_len, int flags, ...) va_list va; void *new_addr = NULL; - if (flags & MREMAP_FIXED) + if (flags & ~(MREMAP_KNOWN_BITS)) + { + __set_errno (EINVAL); + return MAP_FAILED; + } + + if (flags & (MREMAP_FIXED | MREMAP_DONTUNMAP)) { va_start (va, flags); new_addr = va_arg (va, void *); diff --git a/sysdeps/unix/sysv/linux/tst-linux-mremap1.c b/sysdeps/unix/sysv/linux/tst-linux-mremap1.c new file mode 100644 index 000000000..408e8af2a --- /dev/null +++ b/sysdeps/unix/sysv/linux/tst-linux-mremap1.c @@ -0,0 +1,63 @@ +/* Test mremap with MREMAP_DONTUNMAP. + Copyright (C) 2024 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + size_t old_size = getpagesize (); + size_t new_size = old_size; + char *old_addr = xmmap (NULL, old_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1); + old_addr[0] = 1; + old_addr[old_size - 1] = 2; + + /* Create an available 64-page mmap region. */ + size_t fixed_size = old_size * 64; + char *fixed_addr = xmmap (NULL, fixed_size, PROT_READ | PROT_WRITE, + MAP_PRIVATE | MAP_ANONYMOUS, -1); + xmunmap (fixed_addr, fixed_size); + + /* Add 3 * pagesize. */ + fixed_size += 3 * old_size; + + /* Test MREMAP_DONTUNMAP. It should return FIXED_ADDR created above. */ + char *new_addr = mremap (old_addr, old_size, new_size, + MREMAP_DONTUNMAP | MREMAP_MAYMOVE, + fixed_addr); + if (new_addr == MAP_FAILED) + return mremap_failure_exit (errno); + TEST_VERIFY_EXIT (fixed_addr == new_addr); + old_addr[0] = 3; + old_addr[old_size - 1] = 4; + new_addr[0] = 1; + new_addr[new_size - 1] = 2; + xmunmap (new_addr, new_size); + xmunmap (old_addr, old_size); + + return 0; +} + +#include diff --git a/sysdeps/unix/sysv/linux/x86_64/dl-cet.h b/sysdeps/unix/sysv/linux/x86_64/dl-cet.h index 1fe313340..b4f7e6c9c 100644 --- a/sysdeps/unix/sysv/linux/x86_64/dl-cet.h +++ b/sysdeps/unix/sysv/linux/x86_64/dl-cet.h @@ -92,9 +92,9 @@ dl_cet_ibt_enabled (void) # Pass GL(dl_x86_feature_1) to _dl_cet_setup_features.\n\ movl %edx, %edi\n\ # Align stack for the _dl_cet_setup_features call.\n\ - andq $-16, %rsp\n\ + and $-16, %" RSP_LP "\n\ call _dl_cet_setup_features\n\ # Restore %rax and %rsp from %r12 and %r13.\n\ - movq %r12, %rax\n\ - movq %r13, %rsp\n\ + mov %" R12_LP ", %" RAX_LP "\n\ + mov %" R13_LP ", %" RSP_LP "\n\ " diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h index 3040a47d7..df3e22236 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h +++ b/sysdeps/unix/sysv/linux/x86_64/x32/arch-syscall.h @@ -155,6 +155,7 @@ #define __NR_lsm_set_self_attr 1073742284 #define __NR_lstat 1073741830 #define __NR_madvise 1073741852 +#define __NR_map_shadow_stack 1073742277 #define __NR_mbind 1073742061 #define __NR_membarrier 1073742148 #define __NR_memfd_create 1073742143 diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/fixup-asm-unistd.h b/sysdeps/unix/sysv/linux/x86_64/x32/fixup-asm-unistd.h index 98124169e..47fa8af4c 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/fixup-asm-unistd.h +++ b/sysdeps/unix/sysv/linux/x86_64/x32/fixup-asm-unistd.h @@ -15,6 +15,10 @@ License along with the GNU C Library; if not, see . */ +#ifndef __NR_map_shadow_stack +# define __NR_map_shadow_stack 1073742277 +#endif + /* X32 uses the same 64-bit syscall interface for set_thread_area. */ #ifndef __NR_set_thread_area # define __NR_set_thread_area 1073742029 diff --git a/sysdeps/x86/cpu-tunables.c b/sysdeps/x86/cpu-tunables.c index ae9dcd618..ccc6b64dc 100644 --- a/sysdeps/x86/cpu-tunables.c +++ b/sysdeps/x86/cpu-tunables.c @@ -248,6 +248,7 @@ TUNABLE_CALLBACK (set_hwcaps) (tunable_val_t *valp) CHECK_GLIBC_IFUNC_PREFERRED_BOTH (n, cpu_features, Avoid_Non_Temporal_Memset, 25); } + break; case 26: { CHECK_GLIBC_IFUNC_PREFERRED_NEED_BOTH diff --git a/sysdeps/x86_64/dl-machine.h b/sysdeps/x86_64/dl-machine.h index a6de3793e..4f1295587 100644 --- a/sysdeps/x86_64/dl-machine.h +++ b/sysdeps/x86_64/dl-machine.h @@ -139,37 +139,37 @@ elf_machine_runtime_setup (struct link_map *l, struct r_scope_elem *scope[], .globl _start\n\ .globl _dl_start_user\n\ _start:\n\ - movq %rsp, %rdi\n\ + mov %" RSP_LP ", %" RDI_LP "\n\ call _dl_start\n\ _dl_start_user:\n\ # Save the user entry point address in %r12.\n\ - movq %rax, %r12\n\ + mov %" RAX_LP ", %" R12_LP "\n\ # Save %rsp value in %r13.\n\ - movq %rsp, %r13\n\ + mov %" RSP_LP ", % " R13_LP "\n\ "\ RTLD_START_ENABLE_X86_FEATURES \ "\ # Read the original argument count.\n\ - movq (%rsp), %rdx\n\ + mov (%rsp), %" RDX_LP "\n\ # Call _dl_init (struct link_map *main_map, int argc, char **argv, char **env)\n\ # argc -> rsi\n\ - movq %rdx, %rsi\n\ + mov %" RDX_LP ", %" RSI_LP "\n\ # And align stack for the _dl_init call. \n\ - andq $-16, %rsp\n\ + and $-16, %" RSP_LP "\n\ # _dl_loaded -> rdi\n\ - movq _rtld_local(%rip), %rdi\n\ + mov _rtld_local(%rip), %" RDI_LP "\n\ # env -> rcx\n\ - leaq 16(%r13,%rdx,8), %rcx\n\ + lea 2*" LP_SIZE "(%r13,%rdx," LP_SIZE "), %" RCX_LP "\n\ # argv -> rdx\n\ - leaq 8(%r13), %rdx\n\ + lea " LP_SIZE "(%r13), %" RDX_LP "\n\ # Clear %rbp to mark outermost frame obviously even for constructors.\n\ xorl %ebp, %ebp\n\ # Call the function to run the initializers.\n\ call _dl_init\n\ # Pass our finalizer function to the user in %rdx, as per ELF ABI.\n\ - leaq _dl_fini(%rip), %rdx\n\ + lea _dl_fini(%rip), %" RDX_LP "\n\ # And make sure %rsp points to argc stored on the stack.\n\ - movq %r13, %rsp\n\ + mov %" R13_LP ", %" RSP_LP "\n\ # Jump to the user's entry point.\n\ jmp *%r12\n\ .previous\n\ @@ -234,8 +234,13 @@ elf_machine_plt_value (struct link_map *map, const ElfW(Rela) *reloc, /* Names of the architecture-specific auditing callback functions. */ +#ifdef __LP64__ #define ARCH_LA_PLTENTER x86_64_gnu_pltenter #define ARCH_LA_PLTEXIT x86_64_gnu_pltexit +#else +#define ARCH_LA_PLTENTER x32_gnu_pltenter +#define ARCH_LA_PLTEXIT x32_gnu_pltexit +#endif #endif /* !dl_machine_h */ diff --git a/sysdeps/x86_64/multiarch/strchr-evex-base.S b/sysdeps/x86_64/multiarch/strchr-evex-base.S index 04e2c0e79..3a0b7c9d6 100644 --- a/sysdeps/x86_64/multiarch/strchr-evex-base.S +++ b/sysdeps/x86_64/multiarch/strchr-evex-base.S @@ -124,13 +124,13 @@ L(page_cross): VPCMPNE %VMM(1), %VMM(0), %k1 VPTEST %VMM(1), %VMM(1), %k0{%k1} KMOV %k0, %VRAX -# ifdef USE_AS_WCSCHR + sar %cl, %VRAX +#ifdef USE_AS_WCSCHR sub $VEC_MATCH_MASK, %VRAX -# else +#else inc %VRAX -# endif +#endif /* Ignore number of character for alignment adjustment. */ - shr %cl, %VRAX jz L(align_more) bsf %VRAX, %VRAX diff --git a/sysdeps/x86_64/x32/dl-machine.h b/sysdeps/x86_64/x32/dl-machine.h deleted file mode 100644 index c35cee926..000000000 --- a/sysdeps/x86_64/x32/dl-machine.h +++ /dev/null @@ -1,76 +0,0 @@ -/* Machine-dependent ELF dynamic relocation inline functions. x32 version. - Copyright (C) 2012-2024 Free Software Foundation, Inc. - This file is part of the GNU C Library. - - The GNU C Library is free software; you can redistribute it and/or - modify it under the terms of the GNU Lesser General Public - License as published by the Free Software Foundation; either - version 2.1 of the License, or (at your option) any later version. - - The GNU C Library is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public - License along with the GNU C Library; if not, see - . */ - -/* Must allow to be included more than once. - See #ifdef RESOLVE_MAP in sysdeps/x86_64/dl-machine.h. */ -#include - -#ifndef _X32_DL_MACHINE_H -#define _X32_DL_MACHINE_H - -#undef ARCH_LA_PLTENTER -#undef ARCH_LA_PLTEXIT -#undef RTLD_START - -/* Names of the architecture-specific auditing callback functions. */ -#define ARCH_LA_PLTENTER x32_gnu_pltenter -#define ARCH_LA_PLTEXIT x32_gnu_pltexit - -/* Initial entry point code for the dynamic linker. - The C function `_dl_start' is the real entry point; - its return value is the user program's entry point. */ -#define RTLD_START asm ("\n\ -.text\n\ - .p2align 4\n\ -.globl _start\n\ -.globl _dl_start_user\n\ -_start:\n\ - movl %esp, %edi\n\ - call _dl_start\n\ -_dl_start_user:\n\ - # Save the user entry point address in %r12.\n\ - movl %eax, %r12d\n\ - # Read the original argument count.\n\ - movl (%rsp), %edx\n\ - # Call _dl_init (struct link_map *main_map, int argc, char **argv, char **env)\n\ - # argc -> rsi\n\ - movl %edx, %esi\n\ - # Save %rsp value in %r13.\n\ - movl %esp, %r13d\n\ - # And align stack for the _dl_init call.\n\ - and $-16, %esp\n\ - # _dl_loaded -> rdi\n\ - movl _rtld_local(%rip), %edi\n\ - # env -> rcx\n\ - lea 8(%r13,%rdx,4), %ecx\n\ - # argv -> rdx\n\ - lea 4(%r13), %edx\n\ - # Clear %rbp to mark outermost frame obviously even for constructors.\n\ - xorl %ebp, %ebp\n\ - # Call the function to run the initializers.\n\ - call _dl_init\n\ - # Pass our finalizer function to the user in %rdx, as per ELF ABI.\n\ - lea _dl_fini(%rip), %edx\n\ - # And make sure %rsp points to argc stored on the stack.\n\ - movl %r13d, %esp\n\ - # Jump to the user's entry point.\n\ - jmp *%r12\n\ -.previous\n\ -"); - -#endif /* !_X32_DL_MACHINE_H */ diff --git a/wcsmbs/Makefile b/wcsmbs/Makefile index 1cddd8cc6..63adf0e8e 100644 --- a/wcsmbs/Makefile +++ b/wcsmbs/Makefile @@ -160,6 +160,7 @@ tests := \ test-wcsncmp \ test-wcsncpy \ test-wcsnlen \ + test-wcsnlen-nonarray \ test-wcspbrk \ test-wcsrchr \ test-wcsspn \ @@ -205,6 +206,10 @@ tests := \ wcsmbs-tst1 \ # tests +# This test runs for a long time. +xtests += test-wcsncmp-nonarray + + include ../Rules ifeq ($(run-built-tests),yes) diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h index 9fdff47ee..43c6b6302 100644 --- a/wcsmbs/bits/wchar2.h +++ b/wcsmbs/bits/wchar2.h @@ -74,9 +74,9 @@ __fortify_function __attribute_overloadable__ wchar_t * __NTH (wcscpy (__fortify_clang_overload_arg (wchar_t *, __restrict, __dest), const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcscpy_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcscpy_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcscpy_alias (__dest, __src); } @@ -84,9 +84,9 @@ __fortify_function __attribute_overloadable__ wchar_t * __NTH (wcpcpy (__fortify_clang_overload_arg (wchar_t *, __restrict, __dest), const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcpcpy_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcpcpy_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcpcpy_alias (__dest, __src); } @@ -118,9 +118,9 @@ __fortify_function __attribute_overloadable__ wchar_t * __NTH (wcscat (__fortify_clang_overload_arg (wchar_t *, __restrict, __dest), const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcscat_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcscat_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcscat_alias (__dest, __src); } @@ -128,9 +128,9 @@ __fortify_function __attribute_overloadable__ wchar_t * __NTH (wcsncat (__fortify_clang_overload_arg (wchar_t *, __restrict, __dest), const wchar_t *__restrict __src, size_t __n)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcsncat_chk (__dest, __src, __n, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcsncat_chk (__dest, __src, __n, __sz / sizeof (wchar_t)); return __wcsncat_alias (__dest, __src, __n); } @@ -170,10 +170,10 @@ __fortify_function int __NTH (swprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, ...)) { - size_t sz = __glibc_objsize (__s); - if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + size_t __sz = __glibc_objsize (__s); + if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); + __sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ()); } #elif __fortify_use_clang @@ -206,10 +206,10 @@ __fortify_function int __NTH (vswprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, __gnuc_va_list __ap)) { - size_t sz = __glibc_objsize (__s); - if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + size_t __sz = __glibc_objsize (__s); + if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __vswprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - sz / sizeof (wchar_t), __fmt, __ap); + __sz / sizeof (wchar_t), __fmt, __ap); return __vswprintf_alias (__s, __n, __fmt, __ap); } @@ -257,14 +257,14 @@ fgetws (__fortify_clang_overload_arg (wchar_t *, __restrict, __s), int __n, "fgetws called with length bigger " "than size of destination buffer") { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) return __fgetws_alias (__s, __n, __stream); #if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) - return __fgetws_chk_warn (__s, sz / sizeof (wchar_t), __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_chk_warn (__s, __sz / sizeof (wchar_t), __n, __stream); #endif - return __fgetws_chk (__s, sz / sizeof (wchar_t), __n, __stream); + return __fgetws_chk (__s, __sz / sizeof (wchar_t), __n, __stream); } #ifdef __USE_GNU @@ -275,15 +275,15 @@ fgetws_unlocked (__fortify_clang_overload_arg (wchar_t *, __restrict, __s), "fgetws_unlocked called with length bigger " "than size of destination buffer") { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) return __fgetws_unlocked_alias (__s, __n, __stream); # if !__fortify_use_clang - if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) - return __fgetws_unlocked_chk_warn (__s, sz / sizeof (wchar_t), __n, + if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_unlocked_chk_warn (__s, __sz / sizeof (wchar_t), __n, __stream); # endif - return __fgetws_unlocked_chk (__s, sz / sizeof (wchar_t), __n, __stream); + return __fgetws_unlocked_chk (__s, __sz / sizeof (wchar_t), __n, __stream); } #endif diff --git a/wcsmbs/test-wcsncmp-nonarray.c b/wcsmbs/test-wcsncmp-nonarray.c new file mode 100644 index 000000000..1ad9ebd8f --- /dev/null +++ b/wcsmbs/test-wcsncmp-nonarray.c @@ -0,0 +1,5 @@ +#include +#define TEST_IDENTIFIER wcsncmp +#define TEST_NAME "wcsncmp" +typedef wchar_t CHAR; +#include "../string/test-Xncmp-nonarray.c" diff --git a/wcsmbs/test-wcsnlen-nonarray.c b/wcsmbs/test-wcsnlen-nonarray.c new file mode 100644 index 000000000..a4b21fecd --- /dev/null +++ b/wcsmbs/test-wcsnlen-nonarray.c @@ -0,0 +1,5 @@ +#include +#define TEST_IDENTIFIER wcsnlen +#define TEST_NAME "wcsnlen" +typedef wchar_t CHAR; +#include "../string/test-Xnlen-nonarray.c" -- 2.30.2