From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bumble.birch.relay.mailchannels.net (bumble.birch.relay.mailchannels.net [23.83.209.25]) by sourceware.org (Postfix) with ESMTPS id E62413856DDC for ; Thu, 1 Jun 2023 16:56:35 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org E62413856DDC Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=gotplt.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 7C5B76C12BA; Thu, 1 Jun 2023 16:56:33 +0000 (UTC) Received: from pdx1-sub0-mail-a202.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 13CEB6C126E; Thu, 1 Jun 2023 16:56:33 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1685638593; a=rsa-sha256; cv=none; b=7AA7Uf6swOBHCUjB9sMA/S8L5sN6lODi6EBGPeJx9K4goNf8AupYg39sp21dscEgqZkXGk YjM5dsEbC0KHrAocLjqo4ykkWpsc7klL8nQsYC5V6L17b7cXxZ/AZgV3gYs8qWrfs1khtC CctT2OA0kephA7pdSz/MyCW4d5mrN29o3LWjmt8YOOqLm2x8Kz2NRQK77DLl/ozErVDNzw lClgF0wM+meOd+lHU18nFLqDzjrsEHEH28BruZfzFCJXCXl7oKAu0BAJ1nlVgs/lGlTRwC zurESpVsa8Er+pleaBouFnFPwBOoesYFfDecOHjvkielSiLoPS3FsEC3RelsHA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1685638593; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=0PJa7TmMFCpTjVYhGELzwnhy8Fi8sJPA6KXaW2q/B80=; b=6Mx6T9Valg91jU59z8spupu0AN+Jms1xY1fmgGcMEPZs8p/GWMiasuyZKkN4I7+hXTrNk3 CwtEG6bwoF4KLZGImXgXOFAUw+pkevEvRzpDpQNhjqSA4mrDmI/Y3JrOyzqseFPb+fRBTP /CnOUIXdyuncagCOgPFqNxPkGcd5ku+4Rpt+ZGYB/wWTK0Drh2WTftW1S8PyNodwPZsvuM pGdzAj1tQBP9IL9GFfG9h4C/N14PTUV3vEbVz+C1v1qPWBzJkOg3P/lxpMilCzOhRbFrr3 X6bsEuFzBHSnJtEhawfrGUvQ34Ef2M75eVHjaIJtNCdGh1PYUtigNM2hUtSyog== ARC-Authentication-Results: i=1; rspamd-6d9fc76ff9-nqm4d; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@gotplt.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Reign-Abortive: 660de49721294b05_1685638593317_3860142582 X-MC-Loop-Signature: 1685638593317:2810043624 X-MC-Ingress-Time: 1685638593317 Received: from pdx1-sub0-mail-a202.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.127.59.37 (trex/6.8.1); Thu, 01 Jun 2023 16:56:33 +0000 Received: from [192.168.0.182] (bras-vprn-toroon4834w-lp130-02-142-113-138-85.dsl.bell.ca [142.113.138.85]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a202.dreamhost.com (Postfix) with ESMTPSA id 4QXC2m3ZdHzCw; Thu, 1 Jun 2023 09:56:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gotplt.org; s=dreamhost; t=1685638592; bh=0PJa7TmMFCpTjVYhGELzwnhy8Fi8sJPA6KXaW2q/B80=; h=Date:Subject:To:From:Content-Type:Content-Transfer-Encoding; b=A9eBUrINePOtVzppvVUtirFBncXIQTk6/VNRrLXVXpjto+oo9lgr2weh/4UE7MXIH 3V7QkWQX2zjdfPA79VzpFv/Ljrwoh9eY2KA1rAloWuLugF/OVkPpDWHd0LujdgyWiu DGpMFzWHDilgTL5Z//SltIk1m00Fbb4xUqA1nGfx27I+qmWSWupaBGzD2G3wps5bmd JO4DT+Y5+DxFKw18+7UOB2M8c2T0XoVy+Hu+QifZdg3GcPQy/3mbnVT1fQVVxa3pT+ i3O2JAUuDYBrb5tvjdeuMUlX9X4EOuxcnDRr5ALp4sBiJmX2pw+EavgVNbpfcoUZmy opUfvhGi0tTvQ== Message-ID: <2cc72b2a-16cf-99b3-7c34-24bd70d850c4@gotplt.org> Date: Thu, 1 Jun 2023 12:56:31 -0400 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.10.0 Subject: Re: [PATCH v5 07/12] tests: replace system by xsystem Content-Language: en-US To: =?UTF-8?B?RnLDqWTDqXJpYyBCw6lyYXQ=?= , libc-alpha@sourceware.org References: <20230601142747.104444-1-fberat@redhat.com> <20230601142747.104444-5-fberat@redhat.com> From: Siddhesh Poyarekar In-Reply-To: <20230601142747.104444-5-fberat@redhat.com> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3037.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,KAM_SHORT,NICE_REPLY_A,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H5,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-06-01 10:27, Frédéric Bérat wrote: > With fortification enabled, system calls return result needs to be checked, > has it gets the __wur macro enabled. > --- > Changes since v4: > - Added more fail case in xsystem > - Clarify why some system calls should not use xsystem > > elf/tst-stackguard1.c | 3 ++- > libio/bug-mmap-fflush.c | 7 +++++-- > nptl/tst-cancel7.c | 3 ++- > nptl/tst-stackguard1.c | 3 ++- > nss/tst-nss-db-endpwent.c | 3 ++- > support/Makefile | 1 + > support/xstdlib.h | 31 +++++++++++++++++++++++++++++++ > support/xsystem.c | 37 +++++++++++++++++++++++++++++++++++++ > 8 files changed, 82 insertions(+), 6 deletions(-) > create mode 100644 support/xstdlib.h > create mode 100644 support/xsystem.c > > diff --git a/elf/tst-stackguard1.c b/elf/tst-stackguard1.c > index 2e65e36078..1919ae8682 100644 > --- a/elf/tst-stackguard1.c > +++ b/elf/tst-stackguard1.c > @@ -108,7 +108,8 @@ do_test (void) > dup2 (fds[1], 2); > close (fds[1]); > > - system (command); > + if (system (command)) {/* Should actually fail */} Please elaborate on why this should fail: if (system (command)) { /* This should actually fail because... */ } > + > exit (0); > } > > diff --git a/libio/bug-mmap-fflush.c b/libio/bug-mmap-fflush.c > index d8aa58985a..3f99222eef 100644 > --- a/libio/bug-mmap-fflush.c > +++ b/libio/bug-mmap-fflush.c > @@ -4,6 +4,7 @@ > #include > #include > > +#include > > static char *fname; > > @@ -35,14 +36,16 @@ do_test (void) > char buffer[1024]; > > snprintf (buffer, sizeof (buffer), "echo 'From foo@bar.com' > %s", fname); > - system (buffer); > + xsystem (buffer); > + > f = fopen (fname, "r"); > fseek (f, 0, SEEK_END); > o = ftello (f); > fseek (f, 0, SEEK_SET); > fflush (f); > snprintf (buffer, sizeof (buffer), "echo 'From bar@baz.edu' >> %s", fname); > - system (buffer); > + xsystem (buffer); > + > fseek (f, o, SEEK_SET); > if (fgets (buffer, 1024, f) == NULL) > exit (1); > diff --git a/nptl/tst-cancel7.c b/nptl/tst-cancel7.c > index 2835613a9b..0ecb7d025f 100644 > --- a/nptl/tst-cancel7.c > +++ b/nptl/tst-cancel7.c > @@ -27,6 +27,7 @@ > #include > #include > #include > +#include > #include > #include > > @@ -43,7 +44,7 @@ tf (void *arg) > { > char *cmd = xasprintf ("%s --direct --sem %s --pidfile %s", > command, semfilename, pidfilename); > - system (cmd); > + xsystem (cmd); > /* This call should never return. */ > return NULL; > } > diff --git a/nptl/tst-stackguard1.c b/nptl/tst-stackguard1.c > index 4ac57157e9..5ca719ed32 100644 > --- a/nptl/tst-stackguard1.c > +++ b/nptl/tst-stackguard1.c > @@ -140,7 +140,8 @@ do_test (void) > dup2 (fds[1], 2); > close (fds[1]); > > - system (command); > + if (system (command)) {/* Should actually fail */} > + > exit (0); > } > > diff --git a/nss/tst-nss-db-endpwent.c b/nss/tst-nss-db-endpwent.c > index 2b0fc1b064..4dba3fada6 100644 > --- a/nss/tst-nss-db-endpwent.c > +++ b/nss/tst-nss-db-endpwent.c > @@ -23,6 +23,7 @@ > > #include > #include > +#include > > /* It is entirely allowed to start with a getpwent call without > resetting the state of the service via a call to setpwent. > @@ -55,7 +56,7 @@ do_test (void) > > cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in", > support_bindir_prefix); > - system (cmd); > + xsystem (cmd); > free (cmd); > > try_it (); > diff --git a/support/Makefile b/support/Makefile > index c3d16d25b3..f51c2e03a8 100644 > --- a/support/Makefile > +++ b/support/Makefile > @@ -209,6 +209,7 @@ libsupport-routines = \ > xstrdup \ > xstrndup \ > xsymlink \ > + xsystem \ > xsysconf \ > xunlink \ > xuselocale \ > diff --git a/support/xstdlib.h b/support/xstdlib.h > new file mode 100644 > index 0000000000..58642e3542 > --- /dev/null > +++ b/support/xstdlib.h > @@ -0,0 +1,31 @@ > +/* Error-checking wrappers for stdlib functions. > + Copyright (C) 2016-2023 Free Software Foundation, Inc. Only 2023 here. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#ifndef SUPPORT_XSTDLIB_H > +#define SUPPORT_XSTDLIB_H > + > +#include > +#include > + > +__BEGIN_DECLS > + > +void xsystem (const char *cmd); > + > +__END_DECLS > + > +#endif /* SUPPORT_XSTDLIB_H */ > diff --git a/support/xsystem.c b/support/xsystem.c > new file mode 100644 > index 0000000000..efa26ed772 > --- /dev/null > +++ b/support/xsystem.c > @@ -0,0 +1,37 @@ > +/* Error-checking replacement for "system". > + Copyright (C) 2018-2023 Free Software Foundation, Inc. Likewise, only 2023. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > +#include > + > +#include > + > +void > +xsystem (const char *cmd) > +{ > + int ret = system (cmd); > + > + if (ret == 0 && cmd == NULL) > + FAIL_EXIT1 ("Unable to spawn a shell for NULL command"); > + > + if (ret == 127) > + FAIL_EXIT1 ("Child terminated with status 127"); > + > + if (ret < 0) > + FAIL_EXIT1 ("system (\"%s\")", cmd); > +}