Message ID | 20230730192605.2423480-7-bugaevc@gmail.com |
---|---|
State | New |
Headers | show |
Series | fcntl fortification | expand |
On 30/07/23 16:26, Sergey Bugaev via Libc-alpha wrote: > This adds a runtime fortification function, __fcntl_2, similar to > __open_2, that checks at runtime whether the actual passed-in command in > fact requires a third argument, and aborts if so. > > The abilists have been modified with 'make update-all-abi'. > > Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> Look good, only a minor change below. > --- > > Compared to v3, now targeting GLIBC_2.39. > You can still drop this patch if you don't want it. > > debug/tst-fortify.c | 11 +++++++ > include/fcntl.h | 1 + > io/Makefile | 1 + > io/Versions | 3 ++ > io/bits/fcntl3.h | 4 ++- > io/fcntl_2.c | 33 +++++++++++++++++++ > manual/maint.texi | 10 +++--- > sysdeps/mach/hurd/i386/libc.abilist | 1 + > sysdeps/mach/hurd/x86_64/libc.abilist | 1 + > sysdeps/unix/sysv/linux/aarch64/libc.abilist | 1 + > sysdeps/unix/sysv/linux/alpha/libc.abilist | 1 + > sysdeps/unix/sysv/linux/arc/libc.abilist | 1 + > sysdeps/unix/sysv/linux/arm/be/libc.abilist | 1 + > sysdeps/unix/sysv/linux/arm/le/libc.abilist | 1 + > sysdeps/unix/sysv/linux/csky/libc.abilist | 1 + > sysdeps/unix/sysv/linux/hppa/libc.abilist | 1 + > sysdeps/unix/sysv/linux/i386/libc.abilist | 1 + > sysdeps/unix/sysv/linux/ia64/libc.abilist | 1 + > .../sysv/linux/loongarch/lp64/libc.abilist | 1 + > .../sysv/linux/m68k/coldfire/libc.abilist | 1 + > .../unix/sysv/linux/m68k/m680x0/libc.abilist | 1 + > .../sysv/linux/microblaze/be/libc.abilist | 1 + > .../sysv/linux/microblaze/le/libc.abilist | 1 + > .../sysv/linux/mips/mips32/fpu/libc.abilist | 1 + > .../sysv/linux/mips/mips32/nofpu/libc.abilist | 1 + > .../sysv/linux/mips/mips64/n32/libc.abilist | 1 + > .../sysv/linux/mips/mips64/n64/libc.abilist | 1 + > sysdeps/unix/sysv/linux/nios2/libc.abilist | 1 + > sysdeps/unix/sysv/linux/or1k/libc.abilist | 1 + > .../linux/powerpc/powerpc32/fpu/libc.abilist | 1 + > .../powerpc/powerpc32/nofpu/libc.abilist | 1 + > .../linux/powerpc/powerpc64/be/libc.abilist | 1 + > .../linux/powerpc/powerpc64/le/libc.abilist | 1 + > .../unix/sysv/linux/riscv/rv32/libc.abilist | 1 + > .../unix/sysv/linux/riscv/rv64/libc.abilist | 1 + > .../unix/sysv/linux/s390/s390-32/libc.abilist | 1 + > .../unix/sysv/linux/s390/s390-64/libc.abilist | 1 + > sysdeps/unix/sysv/linux/sh/be/libc.abilist | 1 + > sysdeps/unix/sysv/linux/sh/le/libc.abilist | 1 + > .../sysv/linux/sparc/sparc32/libc.abilist | 1 + > .../sysv/linux/sparc/sparc64/libc.abilist | 1 + > .../unix/sysv/linux/x86_64/64/libc.abilist | 1 + > .../unix/sysv/linux/x86_64/x32/libc.abilist | 1 + > 43 files changed, 94 insertions(+), 5 deletions(-) > create mode 100644 io/fcntl_2.c > > diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c > index 98654299..f076baee 100644 > --- a/debug/tst-fortify.c > +++ b/debug/tst-fortify.c > @@ -1915,6 +1915,12 @@ do_test (void) > } > #endif > > +#if __USE_FORTIFY_LEVEL >= 1 > + CHK_FAIL_START > + fcntl (STDIN_FILENO, hide_constant (F_SETFD)); > + CHK_FAIL_END > +#endif > + > #if defined (__USE_LARGEFILE64) || defined (__USE_TIME_BITS64) > /* Also check fcntl64 (). */ > res = fcntl64 (STDIN_FILENO, F_GETFD); > @@ -1979,6 +1985,11 @@ do_test (void) > } > #endif > > +# if __USE_FORTIFY_LEVEL >= 1 > + CHK_FAIL_START > + fcntl64 (STDIN_FILENO, hide_constant (F_SETFD)); > + CHK_FAIL_END > +# endif > #endif > > return ret; > diff --git a/include/fcntl.h b/include/fcntl.h > index be435047..cb86c5e7 100644 > --- a/include/fcntl.h > +++ b/include/fcntl.h > @@ -32,6 +32,7 @@ extern int __open64_2 (const char *__path, int __oflag); > extern int __openat_2 (int __fd, const char *__path, int __oflag); > extern int __openat64_2 (int __fd, const char *__path, int __oflag); > > +extern int __fcntl_2 (int __fd, int __cmd); > > #if IS_IN (rtld) > # include <dl-fcntl.h> > diff --git a/io/Makefile b/io/Makefile > index 0c43881f..7e08ed88 100644 > --- a/io/Makefile > +++ b/io/Makefile > @@ -72,6 +72,7 @@ routines := \ > fchownat \ > fcntl \ > fcntl64 \ > + fcntl_2 \ > file_change_detection \ > flock \ > fstat \ > diff --git a/io/Versions b/io/Versions > index 4e195408..bff2b7cf 100644 > --- a/io/Versions > +++ b/io/Versions > @@ -140,6 +140,9 @@ libc { > GLIBC_2.34 { > closefrom; > } > + GLIBC_2.39 { > + __fcntl_2; > + } > GLIBC_PRIVATE { > __libc_fcntl64; > __fcntl_nocancel; > diff --git a/io/bits/fcntl3.h b/io/bits/fcntl3.h > index 9016d37e..bb61f53c 100644 > --- a/io/bits/fcntl3.h > +++ b/io/bits/fcntl3.h > @@ -20,6 +20,8 @@ > # error "Never include <bits/fcntl3.h> directly; use <fcntl.h> instead." > #endif > > +extern int __fcntl_2 (int __fd, int __cmd); > + I think this should be marked as __THROW. > #ifndef __USE_TIME_BITS64 > > # ifndef __USE_FILE_OFFSET64 > @@ -437,7 +439,7 @@ __fortify_function int > __fcntl_2_inline (int __fd, int __cmd) > { > if (!__builtin_constant_p (__cmd)) > - return __fcntl_alias (__fd, __cmd); > + return __fcntl_2 (__fd, __cmd); > > if (__fcntl_requires_arg (__cmd)) > __fcntl_missing_arg (); > diff --git a/io/fcntl_2.c b/io/fcntl_2.c > new file mode 100644 > index 00000000..d9fd9c04 > --- /dev/null > +++ b/io/fcntl_2.c > @@ -0,0 +1,33 @@ > +/* _FORTIFY_SOURCE wrapper for fcntl. > + Copyright (C) 2013-2023 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + <https://www.gnu.org/licenses/>. */ > + > +/* Make sure to get __fcntl_requires_arg from bits/fcntl3.h */ > +#undef _FORTIFY_SOURCE > +#define _FORTIFY_SOURCE 1 > + > +#include <fcntl.h> > +#include <stdio.h> > + > +int > +__fcntl_2 (int fd, int cmd) > +{ > + if (__fcntl_requires_arg (cmd)) > + __fortify_fail ("invalid fcntl call: this cmd requires an argument"); > + > + return __libc_fcntl64 (fd, cmd); > +} > diff --git a/manual/maint.texi b/manual/maint.texi > index 11509def..9b24e5a0 100644 > --- a/manual/maint.texi > +++ b/manual/maint.texi > @@ -244,10 +244,11 @@ depending on the architecture, one may also see fortified variants have > the @code{_chkieee128} suffix or the @code{__nldbl___} prefix to their > names. > > -Another exception is the @code{open} family of functions, where their > -fortified replacements have the @code{__} prefix and a @code{_2} suffix. > -The @code{FD_SET}, @code{FD_CLR} and @code{FD_ISSET} macros use the > -@code{__fdelt_chk} function on fortification. > +Another exception is the @code{open} and @code{fcntl} families of > +functions, where their fortified 2-argument version replacements have the > +@code{__} prefix and a @code{_2} suffix. The @code{FD_SET}, @code{FD_CLR} > +and @code{FD_ISSET} macros use the @code{__fdelt_chk} function on > +fortification. > > The following functions and macros are fortified in @theglibc{}: > @c Generated using the following command: > @@ -256,6 +257,7 @@ The following functions and macros are fortified in @theglibc{}: > @c sort -u | grep ^__ | > @c grep -v -e ieee128 -e __nldbl -e align_cpy -e "fdelt_warn" | > @c sed 's/__fdelt_chk/@item @code{FD_SET}\n\n@item @code{FD_CLR}\n\n@item @code{FD_ISSET}\n/' | > +@c sed 's/__fcntl_2/@item @code{fcntl}\n\n@item @code{fcntl64}\n/' | > @c sed 's/__\(.*\)_\(chk\|2\)/@item @code{\1}\n/' > > @itemize @bullet Ok. > diff --git a/sysdeps/mach/hurd/i386/libc.abilist b/sysdeps/mach/hurd/i386/libc.abilist > index 74a9f427..9e74779c 100644 > --- a/sysdeps/mach/hurd/i386/libc.abilist > +++ b/sysdeps/mach/hurd/i386/libc.abilist > @@ -2334,6 +2334,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/mach/hurd/x86_64/libc.abilist b/sysdeps/mach/hurd/x86_64/libc.abilist > index 24db98d7..d9261ca1 100644 > --- a/sysdeps/mach/hurd/x86_64/libc.abilist > +++ b/sysdeps/mach/hurd/x86_64/libc.abilist > @@ -2114,6 +2114,7 @@ GLIBC_2.38 wprintf F > GLIBC_2.38 write F > GLIBC_2.38 writev F > GLIBC_2.38 wscanf F > +GLIBC_2.39 __fcntl_2 F > HURD_CTHREADS_0.3 __cthread_getspecific F > HURD_CTHREADS_0.3 __cthread_keycreate F > HURD_CTHREADS_0.3 __cthread_setspecific F > diff --git a/sysdeps/unix/sysv/linux/aarch64/libc.abilist b/sysdeps/unix/sysv/linux/aarch64/libc.abilist > index c49363e7..49103c3e 100644 > --- a/sysdeps/unix/sysv/linux/aarch64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/aarch64/libc.abilist > @@ -2673,3 +2673,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/alpha/libc.abilist b/sysdeps/unix/sysv/linux/alpha/libc.abilist > index d6b1dcaa..77acc615 100644 > --- a/sysdeps/unix/sysv/linux/alpha/libc.abilist > +++ b/sysdeps/unix/sysv/linux/alpha/libc.abilist > @@ -2782,6 +2782,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/arc/libc.abilist b/sysdeps/unix/sysv/linux/arc/libc.abilist > index dfe0c3f7..ef9acbdb 100644 > --- a/sysdeps/unix/sysv/linux/arc/libc.abilist > +++ b/sysdeps/unix/sysv/linux/arc/libc.abilist > @@ -2434,3 +2434,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/arm/be/libc.abilist b/sysdeps/unix/sysv/linux/arm/be/libc.abilist > index 6c75e5aa..df4efc55 100644 > --- a/sysdeps/unix/sysv/linux/arm/be/libc.abilist > +++ b/sysdeps/unix/sysv/linux/arm/be/libc.abilist > @@ -554,6 +554,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _Exit F > GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 > GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 > diff --git a/sysdeps/unix/sysv/linux/arm/le/libc.abilist b/sysdeps/unix/sysv/linux/arm/le/libc.abilist > index 03d6f7ae..bcdc2764 100644 > --- a/sysdeps/unix/sysv/linux/arm/le/libc.abilist > +++ b/sysdeps/unix/sysv/linux/arm/le/libc.abilist > @@ -551,6 +551,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _Exit F > GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 > GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 > diff --git a/sysdeps/unix/sysv/linux/csky/libc.abilist b/sysdeps/unix/sysv/linux/csky/libc.abilist > index d858c108..7013676f 100644 > --- a/sysdeps/unix/sysv/linux/csky/libc.abilist > +++ b/sysdeps/unix/sysv/linux/csky/libc.abilist > @@ -2710,3 +2710,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/hppa/libc.abilist b/sysdeps/unix/sysv/linux/hppa/libc.abilist > index 82a14f8a..8fc8e661 100644 > --- a/sysdeps/unix/sysv/linux/hppa/libc.abilist > +++ b/sysdeps/unix/sysv/linux/hppa/libc.abilist > @@ -2659,6 +2659,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/i386/libc.abilist b/sysdeps/unix/sysv/linux/i386/libc.abilist > index 1950b15d..ee837f3b 100644 > --- a/sysdeps/unix/sysv/linux/i386/libc.abilist > +++ b/sysdeps/unix/sysv/linux/i386/libc.abilist > @@ -2843,6 +2843,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/ia64/libc.abilist b/sysdeps/unix/sysv/linux/ia64/libc.abilist > index d0b9cb27..6b0ade18 100644 > --- a/sysdeps/unix/sysv/linux/ia64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/ia64/libc.abilist > @@ -2608,6 +2608,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist > index e760a631..99fe672d 100644 > --- a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist > @@ -2194,3 +2194,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist > index 35785a3d..4e24bf9a 100644 > --- a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist > +++ b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist > @@ -555,6 +555,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _Exit F > GLIBC_2.4 _IO_2_1_stderr_ D 0x98 > GLIBC_2.4 _IO_2_1_stdin_ D 0x98 > diff --git a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist > index 4ab2426e..ab53ab23 100644 > --- a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist > +++ b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist > @@ -2786,6 +2786,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist > index 38faa162..2b3149e7 100644 > --- a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist > +++ b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist > @@ -2759,3 +2759,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist > index 374d6589..5922edcb 100644 > --- a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist > +++ b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist > @@ -2756,3 +2756,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist > index fcc5e88e..768948b2 100644 > --- a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist > +++ b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist > @@ -2751,6 +2751,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist > index 01eb96cd..d0931261 100644 > --- a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist > +++ b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist > @@ -2749,6 +2749,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist > index a2748b7b..87b90cf4 100644 > --- a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist > +++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist > @@ -2757,6 +2757,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist > index 0ae7ba49..8b8fb90f 100644 > --- a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist > @@ -2659,6 +2659,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/nios2/libc.abilist b/sysdeps/unix/sysv/linux/nios2/libc.abilist > index 947495a0..706941fc 100644 > --- a/sysdeps/unix/sysv/linux/nios2/libc.abilist > +++ b/sysdeps/unix/sysv/linux/nios2/libc.abilist > @@ -2798,3 +2798,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/or1k/libc.abilist b/sysdeps/unix/sysv/linux/or1k/libc.abilist > index 115f1039..a5ef08f7 100644 > --- a/sysdeps/unix/sysv/linux/or1k/libc.abilist > +++ b/sysdeps/unix/sysv/linux/or1k/libc.abilist > @@ -2180,3 +2180,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist > index 19c4c325..c9795714 100644 > --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist > +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist > @@ -2825,6 +2825,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist > index 3e043c40..0402ce99 100644 > --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist > +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist > @@ -2858,6 +2858,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist > index e4f3a766..ea9d4d61 100644 > --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist > +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist > @@ -2579,6 +2579,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist > index dafe1c4a..67faa8f5 100644 > --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist > +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist > @@ -2893,3 +2893,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist > index b9740a1a..0f5c2079 100644 > --- a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist > +++ b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist > @@ -2436,3 +2436,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist > index e3b4656a..f18f3b0d 100644 > --- a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist > @@ -2636,3 +2636,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist > index 84cb7a50..d07a7539 100644 > --- a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist > +++ b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist > @@ -2823,6 +2823,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist > index 33df3b16..80e01cc6 100644 > --- a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist > @@ -2616,6 +2616,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/sh/be/libc.abilist b/sysdeps/unix/sysv/linux/sh/be/libc.abilist > index 94cbccd7..9961ef14 100644 > --- a/sysdeps/unix/sysv/linux/sh/be/libc.abilist > +++ b/sysdeps/unix/sysv/linux/sh/be/libc.abilist > @@ -2666,6 +2666,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/sh/le/libc.abilist b/sysdeps/unix/sysv/linux/sh/le/libc.abilist > index 3bb316a7..3c8a3da2 100644 > --- a/sysdeps/unix/sysv/linux/sh/le/libc.abilist > +++ b/sysdeps/unix/sysv/linux/sh/le/libc.abilist > @@ -2663,6 +2663,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist > index 6341b491..3cbd4543 100644 > --- a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist > +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist > @@ -2818,6 +2818,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 _IO_fprintf F > GLIBC_2.4 _IO_printf F > GLIBC_2.4 _IO_sprintf F > diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist > index 8ed1ea29..b3159408 100644 > --- a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist > @@ -2631,6 +2631,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist > index 57cfcc20..307e2a7c 100644 > --- a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist > +++ b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist > @@ -2582,6 +2582,7 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F > GLIBC_2.4 __confstr_chk F > GLIBC_2.4 __fgets_chk F > GLIBC_2.4 __fgets_unlocked_chk F > diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist > index 3f0a9f6d..1bb0cbde 100644 > --- a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist > +++ b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist > @@ -2688,3 +2688,4 @@ GLIBC_2.38 strlcat F > GLIBC_2.38 strlcpy F > GLIBC_2.38 wcslcat F > GLIBC_2.38 wcslcpy F > +GLIBC_2.39 __fcntl_2 F
diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c index 98654299..f076baee 100644 --- a/debug/tst-fortify.c +++ b/debug/tst-fortify.c @@ -1915,6 +1915,12 @@ do_test (void) } #endif +#if __USE_FORTIFY_LEVEL >= 1 + CHK_FAIL_START + fcntl (STDIN_FILENO, hide_constant (F_SETFD)); + CHK_FAIL_END +#endif + #if defined (__USE_LARGEFILE64) || defined (__USE_TIME_BITS64) /* Also check fcntl64 (). */ res = fcntl64 (STDIN_FILENO, F_GETFD); @@ -1979,6 +1985,11 @@ do_test (void) } #endif +# if __USE_FORTIFY_LEVEL >= 1 + CHK_FAIL_START + fcntl64 (STDIN_FILENO, hide_constant (F_SETFD)); + CHK_FAIL_END +# endif #endif return ret; diff --git a/include/fcntl.h b/include/fcntl.h index be435047..cb86c5e7 100644 --- a/include/fcntl.h +++ b/include/fcntl.h @@ -32,6 +32,7 @@ extern int __open64_2 (const char *__path, int __oflag); extern int __openat_2 (int __fd, const char *__path, int __oflag); extern int __openat64_2 (int __fd, const char *__path, int __oflag); +extern int __fcntl_2 (int __fd, int __cmd); #if IS_IN (rtld) # include <dl-fcntl.h> diff --git a/io/Makefile b/io/Makefile index 0c43881f..7e08ed88 100644 --- a/io/Makefile +++ b/io/Makefile @@ -72,6 +72,7 @@ routines := \ fchownat \ fcntl \ fcntl64 \ + fcntl_2 \ file_change_detection \ flock \ fstat \ diff --git a/io/Versions b/io/Versions index 4e195408..bff2b7cf 100644 --- a/io/Versions +++ b/io/Versions @@ -140,6 +140,9 @@ libc { GLIBC_2.34 { closefrom; } + GLIBC_2.39 { + __fcntl_2; + } GLIBC_PRIVATE { __libc_fcntl64; __fcntl_nocancel; diff --git a/io/bits/fcntl3.h b/io/bits/fcntl3.h index 9016d37e..bb61f53c 100644 --- a/io/bits/fcntl3.h +++ b/io/bits/fcntl3.h @@ -20,6 +20,8 @@ # error "Never include <bits/fcntl3.h> directly; use <fcntl.h> instead." #endif +extern int __fcntl_2 (int __fd, int __cmd); + #ifndef __USE_TIME_BITS64 # ifndef __USE_FILE_OFFSET64 @@ -437,7 +439,7 @@ __fortify_function int __fcntl_2_inline (int __fd, int __cmd) { if (!__builtin_constant_p (__cmd)) - return __fcntl_alias (__fd, __cmd); + return __fcntl_2 (__fd, __cmd); if (__fcntl_requires_arg (__cmd)) __fcntl_missing_arg (); diff --git a/io/fcntl_2.c b/io/fcntl_2.c new file mode 100644 index 00000000..d9fd9c04 --- /dev/null +++ b/io/fcntl_2.c @@ -0,0 +1,33 @@ +/* _FORTIFY_SOURCE wrapper for fcntl. + Copyright (C) 2013-2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + <https://www.gnu.org/licenses/>. */ + +/* Make sure to get __fcntl_requires_arg from bits/fcntl3.h */ +#undef _FORTIFY_SOURCE +#define _FORTIFY_SOURCE 1 + +#include <fcntl.h> +#include <stdio.h> + +int +__fcntl_2 (int fd, int cmd) +{ + if (__fcntl_requires_arg (cmd)) + __fortify_fail ("invalid fcntl call: this cmd requires an argument"); + + return __libc_fcntl64 (fd, cmd); +} diff --git a/manual/maint.texi b/manual/maint.texi index 11509def..9b24e5a0 100644 --- a/manual/maint.texi +++ b/manual/maint.texi @@ -244,10 +244,11 @@ depending on the architecture, one may also see fortified variants have the @code{_chkieee128} suffix or the @code{__nldbl___} prefix to their names. -Another exception is the @code{open} family of functions, where their -fortified replacements have the @code{__} prefix and a @code{_2} suffix. -The @code{FD_SET}, @code{FD_CLR} and @code{FD_ISSET} macros use the -@code{__fdelt_chk} function on fortification. +Another exception is the @code{open} and @code{fcntl} families of +functions, where their fortified 2-argument version replacements have the +@code{__} prefix and a @code{_2} suffix. The @code{FD_SET}, @code{FD_CLR} +and @code{FD_ISSET} macros use the @code{__fdelt_chk} function on +fortification. The following functions and macros are fortified in @theglibc{}: @c Generated using the following command: @@ -256,6 +257,7 @@ The following functions and macros are fortified in @theglibc{}: @c sort -u | grep ^__ | @c grep -v -e ieee128 -e __nldbl -e align_cpy -e "fdelt_warn" | @c sed 's/__fdelt_chk/@item @code{FD_SET}\n\n@item @code{FD_CLR}\n\n@item @code{FD_ISSET}\n/' | +@c sed 's/__fcntl_2/@item @code{fcntl}\n\n@item @code{fcntl64}\n/' | @c sed 's/__\(.*\)_\(chk\|2\)/@item @code{\1}\n/' @itemize @bullet diff --git a/sysdeps/mach/hurd/i386/libc.abilist b/sysdeps/mach/hurd/i386/libc.abilist index 74a9f427..9e74779c 100644 --- a/sysdeps/mach/hurd/i386/libc.abilist +++ b/sysdeps/mach/hurd/i386/libc.abilist @@ -2334,6 +2334,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/mach/hurd/x86_64/libc.abilist b/sysdeps/mach/hurd/x86_64/libc.abilist index 24db98d7..d9261ca1 100644 --- a/sysdeps/mach/hurd/x86_64/libc.abilist +++ b/sysdeps/mach/hurd/x86_64/libc.abilist @@ -2114,6 +2114,7 @@ GLIBC_2.38 wprintf F GLIBC_2.38 write F GLIBC_2.38 writev F GLIBC_2.38 wscanf F +GLIBC_2.39 __fcntl_2 F HURD_CTHREADS_0.3 __cthread_getspecific F HURD_CTHREADS_0.3 __cthread_keycreate F HURD_CTHREADS_0.3 __cthread_setspecific F diff --git a/sysdeps/unix/sysv/linux/aarch64/libc.abilist b/sysdeps/unix/sysv/linux/aarch64/libc.abilist index c49363e7..49103c3e 100644 --- a/sysdeps/unix/sysv/linux/aarch64/libc.abilist +++ b/sysdeps/unix/sysv/linux/aarch64/libc.abilist @@ -2673,3 +2673,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/alpha/libc.abilist b/sysdeps/unix/sysv/linux/alpha/libc.abilist index d6b1dcaa..77acc615 100644 --- a/sysdeps/unix/sysv/linux/alpha/libc.abilist +++ b/sysdeps/unix/sysv/linux/alpha/libc.abilist @@ -2782,6 +2782,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/arc/libc.abilist b/sysdeps/unix/sysv/linux/arc/libc.abilist index dfe0c3f7..ef9acbdb 100644 --- a/sysdeps/unix/sysv/linux/arc/libc.abilist +++ b/sysdeps/unix/sysv/linux/arc/libc.abilist @@ -2434,3 +2434,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/arm/be/libc.abilist b/sysdeps/unix/sysv/linux/arm/be/libc.abilist index 6c75e5aa..df4efc55 100644 --- a/sysdeps/unix/sysv/linux/arm/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/be/libc.abilist @@ -554,6 +554,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/arm/le/libc.abilist b/sysdeps/unix/sysv/linux/arm/le/libc.abilist index 03d6f7ae..bcdc2764 100644 --- a/sysdeps/unix/sysv/linux/arm/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/le/libc.abilist @@ -551,6 +551,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/csky/libc.abilist b/sysdeps/unix/sysv/linux/csky/libc.abilist index d858c108..7013676f 100644 --- a/sysdeps/unix/sysv/linux/csky/libc.abilist +++ b/sysdeps/unix/sysv/linux/csky/libc.abilist @@ -2710,3 +2710,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/hppa/libc.abilist b/sysdeps/unix/sysv/linux/hppa/libc.abilist index 82a14f8a..8fc8e661 100644 --- a/sysdeps/unix/sysv/linux/hppa/libc.abilist +++ b/sysdeps/unix/sysv/linux/hppa/libc.abilist @@ -2659,6 +2659,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/i386/libc.abilist b/sysdeps/unix/sysv/linux/i386/libc.abilist index 1950b15d..ee837f3b 100644 --- a/sysdeps/unix/sysv/linux/i386/libc.abilist +++ b/sysdeps/unix/sysv/linux/i386/libc.abilist @@ -2843,6 +2843,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/ia64/libc.abilist b/sysdeps/unix/sysv/linux/ia64/libc.abilist index d0b9cb27..6b0ade18 100644 --- a/sysdeps/unix/sysv/linux/ia64/libc.abilist +++ b/sysdeps/unix/sysv/linux/ia64/libc.abilist @@ -2608,6 +2608,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist index e760a631..99fe672d 100644 --- a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist +++ b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist @@ -2194,3 +2194,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist index 35785a3d..4e24bf9a 100644 --- a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist @@ -555,6 +555,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0x98 GLIBC_2.4 _IO_2_1_stdin_ D 0x98 diff --git a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist index 4ab2426e..ab53ab23 100644 --- a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist @@ -2786,6 +2786,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist index 38faa162..2b3149e7 100644 --- a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist @@ -2759,3 +2759,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist index 374d6589..5922edcb 100644 --- a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist @@ -2756,3 +2756,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist index fcc5e88e..768948b2 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist @@ -2751,6 +2751,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist index 01eb96cd..d0931261 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist @@ -2749,6 +2749,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist index a2748b7b..87b90cf4 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist @@ -2757,6 +2757,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist index 0ae7ba49..8b8fb90f 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist @@ -2659,6 +2659,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/nios2/libc.abilist b/sysdeps/unix/sysv/linux/nios2/libc.abilist index 947495a0..706941fc 100644 --- a/sysdeps/unix/sysv/linux/nios2/libc.abilist +++ b/sysdeps/unix/sysv/linux/nios2/libc.abilist @@ -2798,3 +2798,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/or1k/libc.abilist b/sysdeps/unix/sysv/linux/or1k/libc.abilist index 115f1039..a5ef08f7 100644 --- a/sysdeps/unix/sysv/linux/or1k/libc.abilist +++ b/sysdeps/unix/sysv/linux/or1k/libc.abilist @@ -2180,3 +2180,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist index 19c4c325..c9795714 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist @@ -2825,6 +2825,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist index 3e043c40..0402ce99 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist @@ -2858,6 +2858,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist index e4f3a766..ea9d4d61 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist @@ -2579,6 +2579,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist index dafe1c4a..67faa8f5 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist @@ -2893,3 +2893,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist index b9740a1a..0f5c2079 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist @@ -2436,3 +2436,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist index e3b4656a..f18f3b0d 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist @@ -2636,3 +2636,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist index 84cb7a50..d07a7539 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist @@ -2823,6 +2823,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist index 33df3b16..80e01cc6 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist @@ -2616,6 +2616,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sh/be/libc.abilist b/sysdeps/unix/sysv/linux/sh/be/libc.abilist index 94cbccd7..9961ef14 100644 --- a/sysdeps/unix/sysv/linux/sh/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/be/libc.abilist @@ -2666,6 +2666,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sh/le/libc.abilist b/sysdeps/unix/sysv/linux/sh/le/libc.abilist index 3bb316a7..3c8a3da2 100644 --- a/sysdeps/unix/sysv/linux/sh/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/le/libc.abilist @@ -2663,6 +2663,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist index 6341b491..3cbd4543 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist @@ -2818,6 +2818,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist index 8ed1ea29..b3159408 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist @@ -2631,6 +2631,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist index 57cfcc20..307e2a7c 100644 --- a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist @@ -2582,6 +2582,7 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist index 3f0a9f6d..1bb0cbde 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist @@ -2688,3 +2688,4 @@ GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F GLIBC_2.38 wcslcat F GLIBC_2.38 wcslcpy F +GLIBC_2.39 __fcntl_2 F
This adds a runtime fortification function, __fcntl_2, similar to __open_2, that checks at runtime whether the actual passed-in command in fact requires a third argument, and aborts if so. The abilists have been modified with 'make update-all-abi'. Signed-off-by: Sergey Bugaev <bugaevc@gmail.com> --- Compared to v3, now targeting GLIBC_2.39. You can still drop this patch if you don't want it. debug/tst-fortify.c | 11 +++++++ include/fcntl.h | 1 + io/Makefile | 1 + io/Versions | 3 ++ io/bits/fcntl3.h | 4 ++- io/fcntl_2.c | 33 +++++++++++++++++++ manual/maint.texi | 10 +++--- sysdeps/mach/hurd/i386/libc.abilist | 1 + sysdeps/mach/hurd/x86_64/libc.abilist | 1 + sysdeps/unix/sysv/linux/aarch64/libc.abilist | 1 + sysdeps/unix/sysv/linux/alpha/libc.abilist | 1 + sysdeps/unix/sysv/linux/arc/libc.abilist | 1 + sysdeps/unix/sysv/linux/arm/be/libc.abilist | 1 + sysdeps/unix/sysv/linux/arm/le/libc.abilist | 1 + sysdeps/unix/sysv/linux/csky/libc.abilist | 1 + sysdeps/unix/sysv/linux/hppa/libc.abilist | 1 + sysdeps/unix/sysv/linux/i386/libc.abilist | 1 + sysdeps/unix/sysv/linux/ia64/libc.abilist | 1 + .../sysv/linux/loongarch/lp64/libc.abilist | 1 + .../sysv/linux/m68k/coldfire/libc.abilist | 1 + .../unix/sysv/linux/m68k/m680x0/libc.abilist | 1 + .../sysv/linux/microblaze/be/libc.abilist | 1 + .../sysv/linux/microblaze/le/libc.abilist | 1 + .../sysv/linux/mips/mips32/fpu/libc.abilist | 1 + .../sysv/linux/mips/mips32/nofpu/libc.abilist | 1 + .../sysv/linux/mips/mips64/n32/libc.abilist | 1 + .../sysv/linux/mips/mips64/n64/libc.abilist | 1 + sysdeps/unix/sysv/linux/nios2/libc.abilist | 1 + sysdeps/unix/sysv/linux/or1k/libc.abilist | 1 + .../linux/powerpc/powerpc32/fpu/libc.abilist | 1 + .../powerpc/powerpc32/nofpu/libc.abilist | 1 + .../linux/powerpc/powerpc64/be/libc.abilist | 1 + .../linux/powerpc/powerpc64/le/libc.abilist | 1 + .../unix/sysv/linux/riscv/rv32/libc.abilist | 1 + .../unix/sysv/linux/riscv/rv64/libc.abilist | 1 + .../unix/sysv/linux/s390/s390-32/libc.abilist | 1 + .../unix/sysv/linux/s390/s390-64/libc.abilist | 1 + sysdeps/unix/sysv/linux/sh/be/libc.abilist | 1 + sysdeps/unix/sysv/linux/sh/le/libc.abilist | 1 + .../sysv/linux/sparc/sparc32/libc.abilist | 1 + .../sysv/linux/sparc/sparc64/libc.abilist | 1 + .../unix/sysv/linux/x86_64/64/libc.abilist | 1 + .../unix/sysv/linux/x86_64/x32/libc.abilist | 1 + 43 files changed, 94 insertions(+), 5 deletions(-) create mode 100644 io/fcntl_2.c