You need to sign in or sign up before continuing.
- 23 5月, 2020 1 次提交
-
-
由 Rich Felker 提交于
since the backend for LOCK() skips locking if single-threaded, it's unsafe to make the process appear single-threaded before the last use of lock. this fixes potential unsynchronized access to a linked list via __dl_thread_cleanup.
-
- 22 5月, 2020 2 次提交
-
-
由 Rich Felker 提交于
signal 7 is SIGEMT on Linux mips* ABI according to the man pages and kernel. it's not clear where the wrong name came from but it dates back to original mips commit.
-
由 Rich Felker 提交于
presently all archs define SIGSTKFLT but this is not correct. change strsignal as a prerequisite for fixing that.
-
- 20 5月, 2020 2 次提交
-
-
由 Rich Felker 提交于
the internal __res_msend returns 0 on timeout without having obtained any conclusive answer, but in this case has not filled in meaningful anslen. res_send wrongly treated that as success, but returned a zero answer length. any reasonable caller would eventually end up treating that as an error when attempting to parse/validate it, but it should just be reported as an error. alternatively we could return the last-received inconclusive answer (typically servfail), but doing so would require internal changes in __res_msend. this may be considered later.
-
由 Rich Felker 提交于
the old logic here likely dates back, at least in inspiration, to before it was recognized that transient errors must not be allowed to reflect the contents of successful results and must be reported to the application. here, the dns backend for getaddrinfo, when performing a paired query for v4 and v6 addresses, accepted results for one address family even if the other timed out. (the __res_msend backend does not propagate error rcodes back to the caller, but continues to retry until timeout, so other error conditions were not actually possible.) this patch moves the checks to take place before answer parsing, and performs them for each answer rather than only the answer to the first query. if nxdomain is seen it's assumed to apply to both queries since that's how dns semantics work.
-
- 19 5月, 2020 1 次提交
-
-
由 Rich Felker 提交于
the AD (authenticated data) bit in outgoing dns queries is defined by rfc3655 to request that the nameserver report (via the same bit in the response) whether the result is authenticated by DNSSEC. while all results returned by a DNSSEC conforming nameserver will be either authenticated or cryptographically proven to lack DNSSEC protection, for some applications it's necessary to be able to distinguish these two cases. in particular, conforming and compatible handling of DANE (TLSA) records requires enforcing them only in signed zones. when the AD bit was first defined for queries, there were reports of compatibility problems with broken firewalls and nameservers dropping queries with it set. these problems are probably a thing of the past, and broken nameservers are already unsupported. however, since there is no use in the AD bit with the netdb.h interfaces, explicitly clear it in the queries they make. this ensures that, even with broken setups, the standard functions will work, and at most the res_* functions break.
-
- 01 5月, 2020 1 次提交
-
-
由 Rich Felker 提交于
unsigned char promotes to int, which can overflow when shifted left by 24 bits or more. this has been reported multiple times but then forgotten. it's expected to be benign UB, but can trap when built with explicit overflow catching (ubsan or similar). fix it now. note that promotion to uint32_t is safe and portable even outside of the assumptions usually made in musl, since either uint32_t has rank at least unsigned int, so that no further default promotions happen, or int is wide enough that the shift can't overflow. this is a desirable property to have in case someone wants to reuse the code elsewhere.
-
- 27 4月, 2020 1 次提交
-
-
由 Rich Felker 提交于
it's been reported that the vdso clock_gettime64 function on (32-bit) arm is broken, producing erratic results that grow at a rate far greater than one reported second per actual elapsed second. the vdso function seems to have been added sometime between linux 5.4 and 5.6, so if there's ever been a working version, it was only present for a very short window. it's not clear what the eventual upstream kernel solution will be, but something needs to be done on the libc side so as not to be producing binaries that seem to work on older/existing/lts kernels (which lack the function and thus lack the bug) but will break fantastically when moving to newer kernels. hopefully vdso support will be added back soon, but with a new symbol name or version from the kernel to allow continued rejection of broken ones.
-
- 24 4月, 2020 1 次提交
-
-
由 Rich Felker 提交于
analogous to commit b287cd74 but for the custom FILE stream type the wcstol and wcstod family use. __toread could be used here as well, but there's a simple direct fix to make the buffer pointers initially valid for subtraction, so just do that to avoid pulling in stdio exit code in programs that don't use stdio.
-
- 18 4月, 2020 6 次提交
-
-
由 Rich Felker 提交于
the sh version of fesetround or'd the new rounding mode onto the control register without clearing the old rounding mode bits, making changes sticky. this was the root cause of multiple test failures.
-
由 Rich Felker 提交于
apparently this function was intended at some point to be used by strto* family as well, and thus was put in its own file; however, as far as I can tell, it's only ever been used by vsscanf. move it to the same file to reduce the number of source files and external symbols.
-
由 Rich Felker 提交于
-
由 Rich Felker 提交于
this idea came up when I thought we might need to zero the UNGET portion of buf as well, but it seems like a useful improvement even when that turned out not to be necessary.
-
由 Rich Felker 提交于
shgetc sets up to be able to perform an "unget" operation without the caller having to remember and pass back the character value, and for this purpose used a conditional store idiom: if (f->rpos[-1] != c) f->rpos[-1] = c to make it safe to use with non-writable buffers (setup by the sh_fromstring macro or __string_read with sscanf). however, validity of this depends on the buffer space at rpos[-1] being initialized, which is not the case under some conditions (including at least unbuffered files and fmemopen ones). whenever data was read "through the buffer", the desired character value is already in place and does not need to be written. thus, rather than testing for the absence of the value, we can test for rpos<=buf, indicating that the last character read could not have come from the buffer, and thereby that we have a "real" buffer (possibly of zero length) with writable pushback (UNGET bytes) below it.
-
由 Rich Felker 提交于
as reported/analyzed by Pascal Cuoq, the shlim and shcnt macros/functions are called by the scanf core (vfscanf) with f->rpos potentially null (if the FILE is not yet activated for reading at the time of the call). in this case, they compute differences between a null pointer (f->rpos) and a non-null one (f->buf), resulting in undefined behavior. it's unlikely that any observably wrong behavior occurred in practice, at least without LTO, due to limits on what's visible to the compiler from translation unit boundaries, but this has not been checked. fix is simply ensuring that the FILE is activated for read mode before entering the main scanf loop, and erroring out early if it can't be.
-
- 25 3月, 2020 11 次提交
-
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
由 Alexander Monakov 提交于
-
- 22 3月, 2020 2 次提交
-
-
由 Samuel Holland 提交于
TZ containg a timezone name with >TZNAME_MAX characters currently breaks musl's timezone parsing. getname() stops after TZNAME_MAX characters. getoff() will consume no characters (because the next character is not a digit) and incorrectly return 0. Then, because there are remaining alphabetic characters, __daylight == 1, and dst_off == -3600. getname() must consume the entire timezone name, even if it will not fit in d/__tzname, so when it returns, s points to the offset digits.
-
由 Samuel Holland 提交于
Parsing the timezone name must stop when reaching the null terminator. In that case, there is no '>' to skip.
-
- 21 3月, 2020 2 次提交
-
-
由 Alexander Monakov 提交于
Commit d9bdfd16 ("fix memccpy to not access buffer past given size") correctly added a check for 'n' nonzero, but made the pre-existing test '*s==c' redundant: n!=0 implies *s==c. Remove the unnecessary check. Reported by Alexey Izbyshev.
-
由 Fangrui Song 提交于
as a result of commit b6a6cd70, the REL_NONE case is now redundant.
-
- 15 3月, 2020 7 次提交
-
-
由 Samuel Holland 提交于
Linux defines MAP_SYNC on powerpc and powerpc64 as of commit 22fcea6f85f2 ("mm: move MAP_SYNC to asm-generic/mman-common.h"), so we can stop undefining it on those architectures.
-
由 Timo Teräs 提交于
change the current O(n) lookup to O(1) based on the machinery described in "How To Write Shared Libraries" (Appendix B).
-
由 Rich Felker 提交于
kernel commit 4693916846269d633a3664586650dbfac2c5562f (first included in release v4.14) silently fixed a bug whereby the reserved space (which was later used for high bits of time) in IPC_STAT structures was left untouched rather than zeroed. this means that a caller that wants to read the high bits needs to pre-zero the memory. since it's not clear that these operations are permitted to modify the destination buffer on failure, use a temp buffer and copy back to the caller's buffer on success.
-
由 Rich Felker 提交于
on all mips variants, Linux did (and maybe still does) have some syscall return paths that wrongly return both the error flag in r7 and a negated error code in r2. in particular this happened for at least some causes of ENOSYS. add an extra check to only negate the error code if it's positive to begin with. bug report and concept for patch by Andreas Dröscher.
-
由 Rich Felker 提交于
commit 4221f154 added the r7 constraint apparently out of a misunderstanding of the breakage it was addressing, and did so because the asm was in a shared macro used by all the __syscallN inline functions. now "+r" is used in the output section for the forms 4-argument and up, so having it in input is redundant, and the forms with 0-3 arguments don't need it as an input at all. the r2 constraint is kept because without it most gcc versions (seems to be all prior to 9.x) fail to honor the output register binding for r2. this seems to be a variant of gcc bug #87733. both the r7 and r2 input constraints look useless, but the r2 one was a quiet workaround for gcc bug 87733, which affects all modern versions prior to 9.x, so it's kept and documented.
-
由 Rich Felker 提交于
exactly revert commit 604f8d3d which was wrong; it caused a major regression on Linux versions prior to 2.6.36. old kernels did not properly preserve r2 across syscall restart, and instead restarted with the instruction right before syscall, imposing a contract that the previous instruction must load r2 from an immediate or a register (or memory) not clobbered by the syscall.
-
由 Rich Felker 提交于
effectivly revert commit ddc7c4f9 which was wrong; it caused a major regression on Linux versions prior to 2.6.36. old kernels did not properly preserve r2 across syscall restart, and instead restarted with the instruction right before syscall, imposing a contract that the previous instruction must load r2 from an immediate or a register (or memory) not clobbered by the syscall. since other changes were made since, including removal of the struct stat conversion that was replaced by separate struct kstat, this is not a direct revert, only a functional one. the "0"(r2) input constraint added back seems useless/erroneous, but without it most gcc versions (seems to be all prior to 9.x) fail to honor the output register binding for r2. this seems to be a variant of gcc bug #87733. further changes should be made later if a better workaround is found, but this one has been working since 2012. it seems this issue was encountered but misidentified then, when it inspired commit 4221f154.
-
- 05 3月, 2020 1 次提交
-
-
由 Rich Felker 提交于
these were leftover from early beginnings when arpa/inet.h was not including netinet/in.h.
-
- 26 2月, 2020 1 次提交
-
-
由 Rich Felker 提交于
this is added for POSIX-future as the outcome of Austin Group issue 599. since it's in the reserved namespace for pthread.h, there are no namespace considerations for adding it early.
-
- 23 2月, 2020 1 次提交
-
-
由 Rich Felker 提交于
commit 59324c8b added __socketcall analogous to __syscall, returning the negated error rather than setting errno. use it to simplify the fallback path of socket(), avoiding extern calls and access to errno. Author: Rich Felker <dalias@aerifal.cx> Date: Tue Jul 30 17:51:16 2019 -0400 make __socketcall analogous to __syscall, error-returning
-