From patchwork Thu Aug 15 23:15:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "H.J. Lu" X-Patchwork-Id: 1972983 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=NEqkAXzd; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WlLZZ4vcTz1yYl for ; Fri, 16 Aug 2024 09:15:34 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id BDD753858D28 for ; Thu, 15 Aug 2024 23:15:31 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from mail-oi1-x233.google.com (mail-oi1-x233.google.com [IPv6:2607:f8b0:4864:20::233]) by sourceware.org (Postfix) with ESMTPS id 02EC23858D28 for ; Thu, 15 Aug 2024 23:15:15 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 02EC23858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 02EC23858D28 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::233 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1723763717; cv=none; b=hZizIFO50+R3GEa9gJdtZY3rOC7PX5ZsAmg4oTmHmE2O596Kt+wKW0zuEhFhTKpa3HYXPmORFFkbLwFByVdl3hASfUssgCy1R6wRvLV4RTMEDrqWyMp6SVonhpb/CZiux4En/tJqr3n4uV2e7TwSvDMNm9kfdmGlmytq9Y1elxE= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1723763717; c=relaxed/simple; bh=/v/dTfGs7g7gKY3JfnPotyGkDLJKU7f2rP0I2j2zwOQ=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=lJRMT73wc/UFt72x+ni7QfQOkT8MQxzEGSeYzUKadjZ3nW+WNzW0xJp2451+M1X6FZEPa7gDZbMYnLUwcmqYMWG0NrgnHSNrT8J7P/Ng9EGhTZ5G7geji800oMobIIZ68hiaqpcaCKpeBzBCoEtkEs1BcMyVDPWDw0tWMFzsk1Q= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-oi1-x233.google.com with SMTP id 5614622812f47-3db23a60850so920358b6e.0 for ; Thu, 15 Aug 2024 16:15:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1723763714; x=1724368514; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=Pn+nafBj84vx/YJzssfKZ5zsSDU6tz2+p+ahG8r2x5M=; b=NEqkAXzdG+Poqc2d1c5WJukwl7ny1D/8fhyg8RDBaljFACHuf50JROv7kp2eCh1EaD Rk2v38C+ppkD9GZ9lbQreKwk4tDw3SyYOYh5z6hrqoeEJfWjfFuyYl1vz3zYFVIICW3+ jCnuDfCsl/MQ0rYC7PrI/xOjVHojhqIRoCxBxdVhsuawWRPTYtX2aqCC57EErYvAu4H0 22NsT5O1Kzm38MLKmAC6+3ow2+7UX9E6TQoD55FHsC9EYQ6rtkQcdOFoXCVPv4qcVSpK 5qkagxz5w/kwRYJ5Ya7OssbrjmBnSp2bN7SnlAY+ujEQ78yBPO7QoKazrL/mJAUGYD5s +1tw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723763714; x=1724368514; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Pn+nafBj84vx/YJzssfKZ5zsSDU6tz2+p+ahG8r2x5M=; b=UWqDCOHT1YLdhJIJgsDv6QMDIrvBn7P7wpdY14llXDnFUP2k3PCzMibGpsw4lHWZd7 3svk7Dfan6/P9ntT1++r+Oq6vBD/lqqZtG9XacDbpxfrgScUOCMM+IFhpSCBGnIrA36H G0EGhQRM63nFbyunjSOyxyEMirinFTih7fegFFNHx3NRVFRiftd21rq0GMFN6JMeHx4h hEHmgZB/dTzS5xhcP7kVMuXIAU4cWGuEOBb59lx8qLxpOLdFgKm8w9iuUPn/LSKOK3bC Eivoj92z+Wt9Ad0rnDZKPvnhKnz63rM4M9GVgpGrTrqzRdRUc8MdSKBTcBFoLSnSxxm+ t+4A== X-Gm-Message-State: AOJu0Yy72x0t9bFj2iaUCnvTI1Ln1EFKOaImPWSmJMyTJouOxf71Gp5m m9+4RXfr4EsKeA3/v/tEvRTq6yhUKUALdfasCE/IPdk9a5mrhHGcLlCrIldo X-Google-Smtp-Source: AGHT+IF2P+MtHvyRMptX9sjuGZCF1XAV+NYBD0yF7chOIdKUphkeRMQxtPC1H25Ogpw3X5rjDQajTg== X-Received: by 2002:a05:6808:13ca:b0:3db:2cf3:36e with SMTP id 5614622812f47-3dd3ad8c65emr1276896b6e.28.1723763713992; Thu, 15 Aug 2024 16:15:13 -0700 (PDT) Received: from gnu-tgl-3.localdomain ([172.56.169.70]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-7c6b6365aa5sm1474293a12.76.2024.08.15.16.15.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 15 Aug 2024 16:15:13 -0700 (PDT) Received: from gnu-tgl-3.. (localhost [IPv6:::1]) by gnu-tgl-3.localdomain (Postfix) with ESMTP id 68681C0190; Thu, 15 Aug 2024 16:15:12 -0700 (PDT) From: "H.J. Lu" To: libc-alpha@sourceware.org Cc: Andreas Schwab Subject: [COMMITTED 2.38/2.37] Fix name space violation in fortify wrappers (bug 32052) Date: Thu, 15 Aug 2024 16:15:10 -0700 Message-ID: <20240815231510.155617-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.46.0 MIME-Version: 1.0 X-Spam-Status: No, score=-3017.3 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_ABUSEAT, RCVD_IN_DNSWL_NONE, RCVD_IN_SBL_CSS, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org From: Andreas Schwab Rename the identifier sz to __sz everywhere. Fixes: a643f60c53 ("Make sure that the fortified function conditionals are constant") (cherry picked from commit 39ca997ab378990d5ac1aadbaa52aaf1db6d526f) (redone from scratch because of many conflicts) --- NEWS | 1 + libio/bits/stdio2.h | 40 +++++++++++++++---------------- socket/bits/socket2.h | 20 ++++++++-------- stdlib/bits/stdlib.h | 10 ++++---- wcsmbs/bits/wchar2.h | 56 +++++++++++++++++++++---------------------- 5 files changed, 64 insertions(+), 63 deletions(-) diff --git a/NEWS b/NEWS index ed2fe84fa0..15cda0b84d 100644 --- a/NEWS +++ b/NEWS @@ -102,6 +102,7 @@ The following bugs are resolved with this release: [31890] resolv: Allow short error responses to match any DNS query [31965] rseq extension mechanism does not work as intended [31968] mremap implementation in C does not handle arguments correctly + [32052] Name space violation in fortify wrappers Version 2.36 diff --git a/libio/bits/stdio2.h b/libio/bits/stdio2.h index b1e200e716..0fa261257c 100644 --- a/libio/bits/stdio2.h +++ b/libio/bits/stdio2.h @@ -208,12 +208,12 @@ extern char *__REDIRECT (__fgets_chk_warn, __fortify_function __wur __fortified_attr_access (__write_only__, 1, 2) char * fgets (char *__restrict __s, int __n, FILE *__restrict __stream) { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __fgets_alias (__s, __n, __stream); - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __fgets_chk_warn (__s, sz, __n, __stream); - return __fgets_chk (__s, sz, __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __fgets_chk_warn (__s, __sz, __n, __stream); + return __fgets_chk (__s, __sz, __n, __stream); } extern size_t __REDIRECT (__fread_alias, @@ -232,12 +232,12 @@ __fortify_function __wur size_t fread (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __stream) { - size_t sz = __glibc_objsize0 (__ptr); - if (__glibc_safe_or_unknown_len (__n, __size, sz)) + size_t __sz = __glibc_objsize0 (__ptr); + if (__glibc_safe_or_unknown_len (__n, __size, __sz)) return __fread_alias (__ptr, __size, __n, __stream); - if (__glibc_unsafe_len (__n, __size, sz)) - return __fread_chk_warn (__ptr, sz, __size, __n, __stream); - return __fread_chk (__ptr, sz, __size, __n, __stream); + if (__glibc_unsafe_len (__n, __size, __sz)) + return __fread_chk_warn (__ptr, __sz, __size, __n, __stream); + return __fread_chk (__ptr, __sz, __size, __n, __stream); } #ifdef __USE_GNU @@ -254,12 +254,12 @@ extern char *__REDIRECT (__fgets_unlocked_chk_warn, __fortify_function __wur __fortified_attr_access (__write_only__, 1, 2) char * fgets_unlocked (char *__restrict __s, int __n, FILE *__restrict __stream) { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __fgets_unlocked_alias (__s, __n, __stream); - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __fgets_unlocked_chk_warn (__s, sz, __n, __stream); - return __fgets_unlocked_chk (__s, sz, __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __fgets_unlocked_chk_warn (__s, __sz, __n, __stream); + return __fgets_unlocked_chk (__s, __sz, __n, __stream); } #endif @@ -281,8 +281,8 @@ __fortify_function __wur size_t fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, FILE *__restrict __stream) { - size_t sz = __glibc_objsize0 (__ptr); - if (__glibc_safe_or_unknown_len (__n, __size, sz)) + size_t __sz = __glibc_objsize0 (__ptr); + if (__glibc_safe_or_unknown_len (__n, __size, __sz)) { # ifdef __USE_EXTERN_INLINES if (__builtin_constant_p (__size) @@ -307,9 +307,9 @@ fread_unlocked (void *__restrict __ptr, size_t __size, size_t __n, # endif return __fread_unlocked_alias (__ptr, __size, __n, __stream); } - if (__glibc_unsafe_len (__n, __size, sz)) - return __fread_unlocked_chk_warn (__ptr, sz, __size, __n, __stream); - return __fread_unlocked_chk (__ptr, sz, __size, __n, __stream); + if (__glibc_unsafe_len (__n, __size, __sz)) + return __fread_unlocked_chk_warn (__ptr, __sz, __size, __n, __stream); + return __fread_unlocked_chk (__ptr, __sz, __size, __n, __stream); } #endif diff --git a/socket/bits/socket2.h b/socket/bits/socket2.h index 0aface5639..0b1cb015ce 100644 --- a/socket/bits/socket2.h +++ b/socket/bits/socket2.h @@ -33,12 +33,12 @@ extern ssize_t __REDIRECT (__recv_chk_warn, __fortify_function ssize_t recv (int __fd, void *__buf, size_t __n, int __flags) { - size_t sz = __glibc_objsize0 (__buf); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize0 (__buf); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __recv_alias (__fd, __buf, __n, __flags); - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __recv_chk_warn (__fd, __buf, __n, sz, __flags); - return __recv_chk (__fd, __buf, __n, sz, __flags); + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __recv_chk_warn (__fd, __buf, __n, __sz, __flags); + return __recv_chk (__fd, __buf, __n, __sz, __flags); } extern ssize_t __recvfrom_chk (int __fd, void *__restrict __buf, size_t __n, @@ -61,11 +61,11 @@ __fortify_function ssize_t recvfrom (int __fd, void *__restrict __buf, size_t __n, int __flags, __SOCKADDR_ARG __addr, socklen_t *__restrict __addr_len) { - size_t sz = __glibc_objsize0 (__buf); - if (__glibc_safe_or_unknown_len (__n, sizeof (char), sz)) + size_t __sz = __glibc_objsize0 (__buf); + if (__glibc_safe_or_unknown_len (__n, sizeof (char), __sz)) return __recvfrom_alias (__fd, __buf, __n, __flags, __addr, __addr_len); - if (__glibc_unsafe_len (__n, sizeof (char), sz)) - return __recvfrom_chk_warn (__fd, __buf, __n, sz, __flags, __addr, + if (__glibc_unsafe_len (__n, sizeof (char), __sz)) + return __recvfrom_chk_warn (__fd, __buf, __n, __sz, __flags, __addr, __addr_len); - return __recvfrom_chk (__fd, __buf, __n, sz, __flags, __addr, __addr_len); + return __recvfrom_chk (__fd, __buf, __n, __sz, __flags, __addr, __addr_len); } diff --git a/stdlib/bits/stdlib.h b/stdlib/bits/stdlib.h index de1c3b20f0..19f8bd5b52 100644 --- a/stdlib/bits/stdlib.h +++ b/stdlib/bits/stdlib.h @@ -36,16 +36,16 @@ extern char *__REDIRECT_NTH (__realpath_chk_warn, __fortify_function __wur char * __NTH (realpath (const char *__restrict __name, char *__restrict __resolved)) { - size_t sz = __glibc_objsize (__resolved); + size_t __sz = __glibc_objsize (__resolved); - if (sz == (size_t) -1) + if (__sz == (size_t) -1) return __realpath_alias (__name, __resolved); #if defined _LIBC_LIMITS_H_ && defined PATH_MAX - if (__glibc_unsafe_len (PATH_MAX, sizeof (char), sz)) - return __realpath_chk_warn (__name, __resolved, sz); + if (__glibc_unsafe_len (PATH_MAX, sizeof (char), __sz)) + return __realpath_chk_warn (__name, __resolved, __sz); #endif - return __realpath_chk (__name, __resolved, sz); + return __realpath_chk (__name, __resolved, __sz); } diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h index 3f110efe57..1181d36c24 100644 --- a/wcsmbs/bits/wchar2.h +++ b/wcsmbs/bits/wchar2.h @@ -107,9 +107,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscpy_alias, __fortify_function wchar_t * __NTH (wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcscpy_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcscpy_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcscpy_alias (__dest, __src); } @@ -121,9 +121,9 @@ extern wchar_t *__REDIRECT_NTH (__wcpcpy_alias, __fortify_function wchar_t * __NTH (wcpcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcpcpy_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcpcpy_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcpcpy_alias (__dest, __src); } @@ -177,9 +177,9 @@ extern wchar_t *__REDIRECT_NTH (__wcscat_alias, __fortify_function wchar_t * __NTH (wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcscat_chk (__dest, __src, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcscat_chk (__dest, __src, __sz / sizeof (wchar_t)); return __wcscat_alias (__dest, __src); } @@ -193,9 +193,9 @@ __fortify_function wchar_t * __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n)) { - size_t sz = __glibc_objsize (__dest); - if (sz != (size_t) -1) - return __wcsncat_chk (__dest, __src, __n, sz / sizeof (wchar_t)); + size_t __sz = __glibc_objsize (__dest); + if (__sz != (size_t) -1) + return __wcsncat_chk (__dest, __src, __n, __sz / sizeof (wchar_t)); return __wcsncat_alias (__dest, __src, __n); } @@ -211,10 +211,10 @@ __fortify_function int __NTH (swprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, ...)) { - size_t sz = __glibc_objsize (__s); - if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + size_t __sz = __glibc_objsize (__s); + if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __swprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); + __sz / sizeof (wchar_t), __fmt, __va_arg_pack ()); return __swprintf_alias (__s, __n, __fmt, __va_arg_pack ()); } #elif !defined __cplusplus @@ -236,10 +236,10 @@ __fortify_function int __NTH (vswprintf (wchar_t *__restrict __s, size_t __n, const wchar_t *__restrict __fmt, __gnuc_va_list __ap)) { - size_t sz = __glibc_objsize (__s); - if (sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) + size_t __sz = __glibc_objsize (__s); + if (__sz != (size_t) -1 || __USE_FORTIFY_LEVEL > 1) return __vswprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1, - sz / sizeof (wchar_t), __fmt, __ap); + __sz / sizeof (wchar_t), __fmt, __ap); return __vswprintf_alias (__s, __n, __fmt, __ap); } @@ -293,12 +293,12 @@ extern wchar_t *__REDIRECT (__fgetws_chk_warn, __fortify_function __wur wchar_t * fgetws (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) return __fgetws_alias (__s, __n, __stream); - if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) - return __fgetws_chk_warn (__s, sz / sizeof (wchar_t), __n, __stream); - return __fgetws_chk (__s, sz / sizeof (wchar_t), __n, __stream); + if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_chk_warn (__s, __sz / sizeof (wchar_t), __n, __stream); + return __fgetws_chk (__s, __sz / sizeof (wchar_t), __n, __stream); } #ifdef __USE_GNU @@ -316,13 +316,13 @@ extern wchar_t *__REDIRECT (__fgetws_unlocked_chk_warn, __fortify_function __wur wchar_t * fgetws_unlocked (wchar_t *__restrict __s, int __n, __FILE *__restrict __stream) { - size_t sz = __glibc_objsize (__s); - if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), sz)) + size_t __sz = __glibc_objsize (__s); + if (__glibc_safe_or_unknown_len (__n, sizeof (wchar_t), __sz)) return __fgetws_unlocked_alias (__s, __n, __stream); - if (__glibc_unsafe_len (__n, sizeof (wchar_t), sz)) - return __fgetws_unlocked_chk_warn (__s, sz / sizeof (wchar_t), __n, + if (__glibc_unsafe_len (__n, sizeof (wchar_t), __sz)) + return __fgetws_unlocked_chk_warn (__s, __sz / sizeof (wchar_t), __n, __stream); - return __fgetws_unlocked_chk (__s, sz / sizeof (wchar_t), __n, __stream); + return __fgetws_unlocked_chk (__s, __sz / sizeof (wchar_t), __n, __stream); } #endif