From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qk1-x735.google.com (mail-qk1-x735.google.com [IPv6:2607:f8b0:4864:20::735]) by sourceware.org (Postfix) with ESMTPS id A8F913857C7F for ; Thu, 22 Apr 2021 21:36:18 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org A8F913857C7F Received: by mail-qk1-x735.google.com with SMTP id d19so12177727qkk.12 for ; Thu, 22 Apr 2021 14:36:18 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:from:to:cc:references:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=0ZbquLNmpoAbBEq1uqjjo//3PRqQ01MgTtmQowf5WXo=; b=RGnFIPYMg3Ge9/EauNnuFWZ0QJWt40WtIUZvSKKU4iDe/hJ2+f30EfEhFpxrbgDZb1 3Fq/8iRZ0buWcRacMWc84bsKJVpgt3y4ySJK8PQJ0KvyaxHwQaYUHBoAmwDkvU7jUqli XIxe5S4MRsjxZgEJE6cxo2jYx5tyLd619XZvYYnwOYshTM+DM2x53WfdLE+Q+YJPiQD2 FzeXE9eI4INzItktRhFjVto23lXGacgoHaldfZBAtjjXWv7pgtDCHyLymOxat+pFIfsP W37pnTuoP5jDA3JjfkIQjSGhfU1Ykq/fOpHLnvBTt2LHdVEUuIbkMrKCASzRzyxnadcj YFuQ== X-Gm-Message-State: AOAM5336EQRxTqXso+Fg62QPHTnG3gA19NcCayV+FiOCLdAYhR5/mrBi 1ueLKfnrvz/7ieEPefyb5oNBYYcTq3U= X-Google-Smtp-Source: ABdhPJxPNBIsScekT3ryf/4yC0MQYEpKJbPVKPcTRZ9OBnFSdubCC9+H+FTplx7UV39BAMDuD/Gn9Q== X-Received: by 2002:a37:b484:: with SMTP id d126mr828071qkf.207.1619127378091; Thu, 22 Apr 2021 14:36:18 -0700 (PDT) Received: from [192.168.0.41] (71-218-14-121.hlrn.qwest.net. [71.218.14.121]) by smtp.gmail.com with ESMTPSA id b26sm2996578qtr.28.2021.04.22.14.36.17 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 22 Apr 2021 14:36:17 -0700 (PDT) Subject: Ping 4: [PATCH] more out of bounds checking improvements From: Martin Sebor To: Joseph Myers Cc: Florian Weimer , GNU C Library References: <176ba75f-4299-073f-8319-66dbf9fe3f42@gmail.com> <62e88e46-112f-b5e3-81a5-82732bd8cc28@gmail.com> <42c63456-4775-1c55-7e16-8fefa3275f56@gmail.com> Message-ID: <970238f5-d849-78c7-75af-a4a92e2595f5@gmail.com> Date: Thu, 22 Apr 2021 15:36:16 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.2.2 MIME-Version: 1.0 In-Reply-To: <42c63456-4775-1c55-7e16-8fefa3275f56@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3.0 required=5.0 tests=BAYES_00, BODY_8BITS, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Apr 2021 21:36:20 -0000 Florian reminded me that this patch (first posted on 10/26 last year) is still outstanding so I'd like to try to ping it again. Florian and Joseph provided some initial comments but not a formal approval. Martin On 1/10/21 1:44 PM, Martin Sebor wrote: > Ping: still looking for an approval of the patch below before > tomorrow's freeze: > https://sourceware.org/pipermail/libc-alpha/2020-December/120586.html > > On 1/4/21 8:54 AM, Martin Sebor wrote: >> Joseph or anyone else: is the patch below okay to commit?  I'd like >> to include it in the upcoming release. >> >> https://sourceware.org/pipermail/libc-alpha/2020-December/120586.html >> >> On 12/18/20 9:56 AM, Martin Sebor wrote: >>> Ping: Does the last patch look good enough to commit? >>> https://sourceware.org/pipermail/libc-alpha/2020-December/120586.html >>> >>> On 12/9/20 2:46 PM, Martin Sebor wrote: >>>> On 10/26/20 10:08 AM, Joseph Myers wrote: >>>>> On Mon, 26 Oct 2020, Martin Sebor via Libc-alpha wrote: >>>>> >>>>>> The patch introduces the _L_tmpnam macro to avoid polluting >>>>>> the POSIX namespace with L_tmpnam when the latter is >>>>>> only supposed to be defined in .  This in turn causes >>>>>> the a number of POSIX conformance test failures that I haven't >>>>>> been able to figure how to deal with and need some help with. >>>>>> >>>>>> In file included from ../include/unistd.h:2, >>>>>>                   from /tmp/tmpzm39v4n3/test.c:1: >>>>>> ../posix/unistd.h:1159:32: error: ‘_L_ctermid’ undeclared here >>>>>> (not in a >>>>>> function) >>>>>>   extern char *ctermid (char __s[_L_ctermid]) __THROW >>>>>>                                  ^~~~~~~~~~ >>>>>> >>>>>> I expected adding the new macros to stdio-common/stdio_lim.h.in >>>>>> would do the trick but clearly something else is needed and I'm >>>>>> at a lost as to what that might be.  I haven't been able to find >>>>> >>>>> doesn't include , and you're making >>>>> use _L_ctermid, and you're only defining _L_ctermid in >>>>> .  You need to define it in a header that >>>>> includes - which also needs to be one whose contents are >>>>> namespace-clean >>>>> for inclusion in (which isn't). >>>>> >>>>> The obvious way would be to have a new installed (i.e. add to >>>>> "headers" in >>>>> the relevant Makefile) header for the new macros that can be >>>>> included in >>>>> both and .  Suggestion: the existing scheme for >>>>> automatic generation of bits/stdio_lim.h is overly complicated, it >>>>> would >>>>> be better to use sysdeps headers in the normal way like for other >>>>> bits/ >>>>> headers where the values may depend on the glibc configuration (and >>>>> then >>>>> to have testcases that verify consistently of OPEN_MAX and >>>>> FOPEN_MAX / of >>>>> PATH_MAX and FILENAME_MAX, when both are defined). >>>> >>>> I don't know enough about the Glibc build infrastructure to >>>> understand your suggestion but either approach sounds more involved >>>> than I have cycles for so I propose the scaled patch instead, without >>>> the ctermid and cuserid changes (and without the nonnull attribute >>>> on readv/writev(*)).  Hopefully someone with more experience with >>>> the existing scheme will find a way to define the two macros and >>>> make use of them to enable the detection for these two functions >>>> as well. >>>> >>>> Martin >>>> >>>> [*] I'll submit that patch separately. >>> >> >