| Message ID | 20230614085207.232790-2-fberat@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | None | expand |
On 2023-06-14 04:52, Frédéric Bérat wrote: > With fortification enabled, system calls return result needs to be checked, > has it gets the __wur macro enabled. > --- > Changes since v7: > - sysdeps/pthread/tst-cancel7.c directly uses system instead of xsystem to > ensure clarity on what is actually wanted. > > elf/tst-stackguard1.c | 5 ++++- > libio/bug-mmap-fflush.c | 7 +++++-- > nptl/tst-cancel7.c | 3 ++- > nptl/tst-stackguard1.c | 4 +++- > nss/tst-nss-db-endpwent.c | 3 ++- > support/Makefile | 1 + > support/xstdlib.h | 31 +++++++++++++++++++++++++++++++ > support/xsystem.c | 37 +++++++++++++++++++++++++++++++++++++ > 8 files changed, 85 insertions(+), 6 deletions(-) > create mode 100644 support/xstdlib.h > create mode 100644 support/xsystem.c LGTM. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> > > diff --git a/elf/tst-stackguard1.c b/elf/tst-stackguard1.c > index 2e65e36078..e03b242e7e 100644 > --- a/elf/tst-stackguard1.c > +++ b/elf/tst-stackguard1.c > @@ -26,6 +26,8 @@ > #include <tls.h> > #include <unistd.h> > > +#include <support/xstdlib.h> > + > static const char *command; > static bool child; > static uintptr_t stack_chk_guard_copy; > @@ -108,7 +110,8 @@ do_test (void) > dup2 (fds[1], 2); > close (fds[1]); > > - system (command); > + xsystem (command); > + > exit (0); > } > > diff --git a/libio/bug-mmap-fflush.c b/libio/bug-mmap-fflush.c > index d8aa58985a..3f99222eef 100644 > --- a/libio/bug-mmap-fflush.c > +++ b/libio/bug-mmap-fflush.c > @@ -4,6 +4,7 @@ > #include <stdlib.h> > #include <string.h> > > +#include <support/xstdlib.h> > > static char *fname; > > @@ -35,14 +36,16 @@ do_test (void) > char buffer[1024]; > > snprintf (buffer, sizeof (buffer), "echo 'From foo@bar.com' > %s", fname); > - system (buffer); > + xsystem (buffer); > + > f = fopen (fname, "r"); > fseek (f, 0, SEEK_END); > o = ftello (f); > fseek (f, 0, SEEK_SET); > fflush (f); > snprintf (buffer, sizeof (buffer), "echo 'From bar@baz.edu' >> %s", fname); > - system (buffer); > + xsystem (buffer); > + > fseek (f, o, SEEK_SET); > if (fgets (buffer, 1024, f) == NULL) > exit (1); > diff --git a/nptl/tst-cancel7.c b/nptl/tst-cancel7.c > index 2835613a9b..ef9e11ce58 100644 > --- a/nptl/tst-cancel7.c > +++ b/nptl/tst-cancel7.c > @@ -43,7 +43,8 @@ tf (void *arg) > { > char *cmd = xasprintf ("%s --direct --sem %s --pidfile %s", > command, semfilename, pidfilename); > - system (cmd); > + if (system (cmd)) > + FAIL_EXIT1("system call unexpectedly returned"); > /* This call should never return. */ > return NULL; > } > diff --git a/nptl/tst-stackguard1.c b/nptl/tst-stackguard1.c > index 4ac57157e9..7308b9d37a 100644 > --- a/nptl/tst-stackguard1.c > +++ b/nptl/tst-stackguard1.c > @@ -28,6 +28,7 @@ > #include <unistd.h> > > #include <support/xunistd.h> > +#include <support/xstdlib.h> > > static const char *command; > static bool child; > @@ -140,7 +141,8 @@ do_test (void) > dup2 (fds[1], 2); > close (fds[1]); > > - system (command); > + xsystem (command); > + > exit (0); > } > > diff --git a/nss/tst-nss-db-endpwent.c b/nss/tst-nss-db-endpwent.c > index 2b0fc1b064..4dba3fada6 100644 > --- a/nss/tst-nss-db-endpwent.c > +++ b/nss/tst-nss-db-endpwent.c > @@ -23,6 +23,7 @@ > > #include <support/support.h> > #include <support/check.h> > +#include <support/xstdlib.h> > > /* It is entirely allowed to start with a getpwent call without > resetting the state of the service via a call to setpwent. > @@ -55,7 +56,7 @@ do_test (void) > > cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in", > support_bindir_prefix); > - system (cmd); > + xsystem (cmd); > free (cmd); > > try_it (); > diff --git a/support/Makefile b/support/Makefile > index 5939e53469..c81e3c928c 100644 > --- a/support/Makefile > +++ b/support/Makefile > @@ -212,6 +212,7 @@ libsupport-routines = \ > xstrndup \ > xsymlink \ > xsysconf \ > + xsystem \ > xunlink \ > xuselocale \ > xwaitpid \ > diff --git a/support/xstdlib.h b/support/xstdlib.h > new file mode 100644 > index 0000000000..db5a5b9d4f > --- /dev/null > +++ b/support/xstdlib.h > @@ -0,0 +1,31 @@ > +/* Error-checking wrappers for stdlib functions. > + Copyright (C) 2023 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + <https://www.gnu.org/licenses/>. */ > + > +#ifndef SUPPORT_XSTDLIB_H > +#define SUPPORT_XSTDLIB_H > + > +#include <stdlib.h> > +#include <sys/cdefs.h> > + > +__BEGIN_DECLS > + > +void xsystem (const char *cmd); > + > +__END_DECLS > + > +#endif /* SUPPORT_XSTDLIB_H */ > diff --git a/support/xsystem.c b/support/xsystem.c > new file mode 100644 > index 0000000000..1f558953bc > --- /dev/null > +++ b/support/xsystem.c > @@ -0,0 +1,37 @@ > +/* Error-checking replacement for "system". > + Copyright (C) 2023 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + <https://www.gnu.org/licenses/>. */ > + > +#include <support/support.h> > +#include <support/check.h> > + > +#include <support/xstdlib.h> > + > +void > +xsystem (const char *cmd) > +{ > + int ret = system (cmd); > + > + if (ret == 0 && cmd == NULL) > + FAIL_EXIT1 ("Unable to spawn a shell for NULL command"); > + > + if (ret == 127) > + FAIL_EXIT1 ("Child terminated with status 127"); > + > + if (ret < 0) > + FAIL_EXIT1 ("system (\"%s\")", cmd); > +}
diff --git a/elf/tst-stackguard1.c b/elf/tst-stackguard1.c index 2e65e36078..e03b242e7e 100644 --- a/elf/tst-stackguard1.c +++ b/elf/tst-stackguard1.c @@ -26,6 +26,8 @@ #include <tls.h> #include <unistd.h> +#include <support/xstdlib.h> + static const char *command; static bool child; static uintptr_t stack_chk_guard_copy; @@ -108,7 +110,8 @@ do_test (void) dup2 (fds[1], 2); close (fds[1]); - system (command); + xsystem (command); + exit (0); } diff --git a/libio/bug-mmap-fflush.c b/libio/bug-mmap-fflush.c index d8aa58985a..3f99222eef 100644 --- a/libio/bug-mmap-fflush.c +++ b/libio/bug-mmap-fflush.c @@ -4,6 +4,7 @@ #include <stdlib.h> #include <string.h> +#include <support/xstdlib.h> static char *fname; @@ -35,14 +36,16 @@ do_test (void) char buffer[1024]; snprintf (buffer, sizeof (buffer), "echo 'From foo@bar.com' > %s", fname); - system (buffer); + xsystem (buffer); + f = fopen (fname, "r"); fseek (f, 0, SEEK_END); o = ftello (f); fseek (f, 0, SEEK_SET); fflush (f); snprintf (buffer, sizeof (buffer), "echo 'From bar@baz.edu' >> %s", fname); - system (buffer); + xsystem (buffer); + fseek (f, o, SEEK_SET); if (fgets (buffer, 1024, f) == NULL) exit (1); diff --git a/nptl/tst-cancel7.c b/nptl/tst-cancel7.c index 2835613a9b..ef9e11ce58 100644 --- a/nptl/tst-cancel7.c +++ b/nptl/tst-cancel7.c @@ -43,7 +43,8 @@ tf (void *arg) { char *cmd = xasprintf ("%s --direct --sem %s --pidfile %s", command, semfilename, pidfilename); - system (cmd); + if (system (cmd)) + FAIL_EXIT1("system call unexpectedly returned"); /* This call should never return. */ return NULL; } diff --git a/nptl/tst-stackguard1.c b/nptl/tst-stackguard1.c index 4ac57157e9..7308b9d37a 100644 --- a/nptl/tst-stackguard1.c +++ b/nptl/tst-stackguard1.c @@ -28,6 +28,7 @@ #include <unistd.h> #include <support/xunistd.h> +#include <support/xstdlib.h> static const char *command; static bool child; @@ -140,7 +141,8 @@ do_test (void) dup2 (fds[1], 2); close (fds[1]); - system (command); + xsystem (command); + exit (0); } diff --git a/nss/tst-nss-db-endpwent.c b/nss/tst-nss-db-endpwent.c index 2b0fc1b064..4dba3fada6 100644 --- a/nss/tst-nss-db-endpwent.c +++ b/nss/tst-nss-db-endpwent.c @@ -23,6 +23,7 @@ #include <support/support.h> #include <support/check.h> +#include <support/xstdlib.h> /* It is entirely allowed to start with a getpwent call without resetting the state of the service via a call to setpwent. @@ -55,7 +56,7 @@ do_test (void) cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in", support_bindir_prefix); - system (cmd); + xsystem (cmd); free (cmd); try_it (); diff --git a/support/Makefile b/support/Makefile index 5939e53469..c81e3c928c 100644 --- a/support/Makefile +++ b/support/Makefile @@ -212,6 +212,7 @@ libsupport-routines = \ xstrndup \ xsymlink \ xsysconf \ + xsystem \ xunlink \ xuselocale \ xwaitpid \ diff --git a/support/xstdlib.h b/support/xstdlib.h new file mode 100644 index 0000000000..db5a5b9d4f --- /dev/null +++ b/support/xstdlib.h @@ -0,0 +1,31 @@ +/* Error-checking wrappers for stdlib functions. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +#ifndef SUPPORT_XSTDLIB_H +#define SUPPORT_XSTDLIB_H + +#include <stdlib.h> +#include <sys/cdefs.h> + +__BEGIN_DECLS + +void xsystem (const char *cmd); + +__END_DECLS + +#endif /* SUPPORT_XSTDLIB_H */ diff --git a/support/xsystem.c b/support/xsystem.c new file mode 100644 index 0000000000..1f558953bc --- /dev/null +++ b/support/xsystem.c @@ -0,0 +1,37 @@ +/* Error-checking replacement for "system". + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +#include <support/support.h> +#include <support/check.h> + +#include <support/xstdlib.h> + +void +xsystem (const char *cmd) +{ + int ret = system (cmd); + + if (ret == 0 && cmd == NULL) + FAIL_EXIT1 ("Unable to spawn a shell for NULL command"); + + if (ret == 127) + FAIL_EXIT1 ("Child terminated with status 127"); + + if (ret < 0) + FAIL_EXIT1 ("system (\"%s\")", cmd); +}