From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 29750 invoked by alias); 17 Jul 2007 10:12:42 -0000 Received: (qmail 29734 invoked by uid 22791); 17 Jul 2007 10:12:42 -0000 X-Spam-Check-By: sourceware.org Received: from sunsite.ms.mff.cuni.cz (HELO sunsite.mff.cuni.cz) (195.113.15.26) by sourceware.org (qpsmtpd/0.31) with ESMTP; Tue, 17 Jul 2007 10:12:39 +0000 Received: from sunsite.mff.cuni.cz (localhost.localdomain [127.0.0.1]) by sunsite.mff.cuni.cz (8.13.8/8.13.8) with ESMTP id l6HAG61g011078; Tue, 17 Jul 2007 12:16:06 +0200 Received: (from jakub@localhost) by sunsite.mff.cuni.cz (8.13.8/8.13.8/Submit) id l6HAG6rY011073; Tue, 17 Jul 2007 12:16:06 +0200 Date: Tue, 17 Jul 2007 10:12:00 -0000 From: Jakub Jelinek To: Ulrich Drepper Cc: Glibc hackers Subject: [PATCH] Fix -D_FORTIFY_SOURCE=2 *printf cancellation Message-ID: <20070717101605.GU4603@sunsite.mff.cuni.cz> Reply-To: Jakub Jelinek Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.2i Mailing-List: contact libc-hacker-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: libc-hacker-owner@sourceware.org X-SW-Source: 2007-07/txt/msg00024.txt.bz2 Hi! If a __{,v}{,f}{,w}printf_chk call is cancelled, the FILE * stream will have sticky %n etc. security handling until another __{,v}{,f}{,w}printf_chk call returns. 2007-07-17 Jakub Jelinek * libio/libioP.h (_IO_acquire_lock_clear_flags2_fct): New function. * debug/vfwprintf_chk.c (__vfwprintf_chk): Use _IO_acquire_lock_clear_flags2 instead of _IO_acquire_lock. * debug/vprintf_chk.c (__vprintf_chk): Likewise. * debug/vwprintf_chk.c (__vwprintf_chk): Likewise. * debug/vfprintf_chk.c (__vfprintf_chk): Likewise. * debug/fwprintf_chk.c (__fwprintf_chk): Likewise. * debug/printf_chk.c (__printf_chk): Likewise. * debug/fprintf_chk.c (__fprintf_chk): Likewise. * debug/wprintf_chk.c (__wprintf_chk): Likewise. * sysdeps/pthread/bits/stdio-lock.h (_IO_acquire_lock_clear_flags2): Define. --- libc/nptl/sysdeps/pthread/bits/stdio-lock.h.jj 2003-11-05 00:43:10.000000000 +0100 +++ libc/nptl/sysdeps/pthread/bits/stdio-lock.h 2007-07-17 11:45:09.000000000 +0200 @@ -1,5 +1,5 @@ /* Thread package specific definitions of stream lock type. NPTL version. - Copyright (C) 2000, 2001, 2002, 2003 Free Software Foundation, Inc. + Copyright (C) 2000, 2001, 2002, 2003, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. The GNU C Library is free software; you can redistribute it and/or @@ -94,9 +94,15 @@ typedef struct { int lock; int cnt; void __attribute__((cleanup (_IO_acquire_lock_fct))) \ = (_fp); \ _IO_flockfile (_IO_acquire_lock_file); - +# define _IO_acquire_lock_clear_flags2(_fp) \ + do { \ + _IO_FILE *_IO_acquire_lock_file \ + __attribute__((cleanup (_IO_acquire_lock_clear_flags2_fct))) \ + = (_fp); \ + _IO_flockfile (_IO_acquire_lock_file); # else # define _IO_acquire_lock(_fp) _IO_acquire_lock_needs_exceptions_enabled +# define _IO_acquire_lock_clear_flags2(_fp) _IO_acquire_lock (_fp) # endif # define _IO_release_lock(_fp) ; } while (0) --- libc/libio/libioP.h.jj 2007-04-23 10:54:00.000000000 +0200 +++ libc/libio/libioP.h 2007-07-17 11:47:27.000000000 +0200 @@ -968,3 +968,13 @@ _IO_acquire_lock_fct (_IO_FILE **p) if ((fp->_flags & _IO_USER_LOCK) == 0) _IO_funlockfile (fp); } + +static inline void +__attribute__ ((__always_inline__)) +_IO_acquire_lock_clear_flags2_fct (_IO_FILE **p) +{ + _IO_FILE *fp = *p; + fp->_flags &= ~_IO_FLAGS2_FORTIFY; + if ((fp->_flags & _IO_USER_LOCK) == 0) + _IO_funlockfile (fp); +} --- libc/debug/vfwprintf_chk.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/debug/vfwprintf_chk.c 2007-07-17 11:50:12.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2006 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -28,7 +28,7 @@ __vfwprintf_chk (FILE *fp, int flag, con { int done; - _IO_acquire_lock (fp); + _IO_acquire_lock_clear_flags2 (fp); if (flag > 0) fp->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/vprintf_chk.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/debug/vprintf_chk.c 2007-07-17 11:50:25.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -28,7 +28,7 @@ ___vprintf_chk (int flag, const char *fo { int done; - _IO_acquire_lock (stdout); + _IO_acquire_lock_clear_flags2 (stdout); if (flag > 0) stdout->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/vwprintf_chk.c.jj 2005-07-15 12:24:22.000000000 +0200 +++ libc/debug/vwprintf_chk.c 2007-07-17 11:50:36.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -29,7 +29,7 @@ __vwprintf_chk (int flag, const wchar_t { int done; - _IO_acquire_lock (stdout); + _IO_acquire_lock_clear_flags2 (stdout); if (flag > 0) stdout->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/vfprintf_chk.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/debug/vfprintf_chk.c 2007-07-17 11:49:59.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2006 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -28,7 +28,7 @@ ___vfprintf_chk (FILE *fp, int flag, con { int done; - _IO_acquire_lock (fp); + _IO_acquire_lock_clear_flags2 (fp); if (flag > 0) fp->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/fwprintf_chk.c.jj 2005-07-15 12:22:12.000000000 +0200 +++ libc/debug/fwprintf_chk.c 2007-07-17 11:49:28.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -29,7 +29,7 @@ __fwprintf_chk (FILE *fp, int flag, cons va_list ap; int done; - _IO_acquire_lock (fp); + _IO_acquire_lock_clear_flags2 (fp); if (flag > 0) fp->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/printf_chk.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/debug/printf_chk.c 2007-07-17 11:49:47.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -29,7 +29,7 @@ ___printf_chk (int flag, const char *for va_list ap; int done; - _IO_acquire_lock (stdout); + _IO_acquire_lock_clear_flags2 (stdout); if (flag > 0) stdout->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/fprintf_chk.c.jj 2006-01-14 13:09:46.000000000 +0100 +++ libc/debug/fprintf_chk.c 2007-07-17 11:49:18.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2006, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -29,7 +29,7 @@ ___fprintf_chk (FILE *fp, int flag, cons va_list ap; int done; - _IO_acquire_lock (fp); + _IO_acquire_lock_clear_flags2 (fp); if (flag > 0) fp->_flags2 |= _IO_FLAGS2_FORTIFY; --- libc/debug/wprintf_chk.c.jj 2005-07-15 12:30:12.000000000 +0200 +++ libc/debug/wprintf_chk.c 2007-07-17 11:50:47.000000000 +0200 @@ -1,4 +1,4 @@ -/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005 +/* Copyright (C) 1991, 1995, 1996, 1997, 2001, 2004, 2005, 2007 Free Software Foundation, Inc. This file is part of the GNU C Library. @@ -30,7 +30,7 @@ __wprintf_chk (int flag, const wchar_t * va_list ap; int done; - _IO_acquire_lock (stdout); + _IO_acquire_lock_clear_flags2 (stdout); if (flag > 0) stdout->_flags2 |= _IO_FLAGS2_FORTIFY; Jakub