1. 04 8月, 2013 1 次提交
    • R
      fix multiple bugs in SIGEV_THREAD timers · 7356c255
      Rich Felker 提交于
      1. the thread result field was reused for storing a kernel timer id,
      but would be overwritten if the application code exited or cancelled
      the thread.
      
      2. low pointer values were used as the indicator that the timer id is
      a kernel timer id rather than a thread id. this is not portable, as
      mmap may return low pointers on some conditions. instead, use the fact
      that pointers must be aligned and kernel timer ids must be
      non-negative to map pointers into the negative integer space.
      
      3. signals were not blocked until after the timer thread started, so a
      race condition could allow a signal handler to run in the timer thread
      when it's not supposed to exist. this is mainly problematic if the
      calling thread was the only thread where the signal was unblocked and
      the signal handler assumes it runs in that thread.
      7356c255
  2. 03 8月, 2013 15 次提交
    • R
      add some new linux AT_* flags · 14012b91
      Rich Felker 提交于
      14012b91
    • R
      fix faccessat to support AT_EACCESS flag · 0a05eace
      Rich Felker 提交于
      this is another case of the kernel syscall failing to support flags
      where it needs to, leading to horrible workarounds in userspace. this
      time the workaround requires changing uid/gid, and that's not safe to
      do in the current process. in the worst case, kernel resource limits
      might prevent recovering the original values, and then there would be
      no way to safely return. so, use the safe but horribly inefficient
      alternative: forking. clone is used instead of fork to suppress
      signals from the child.
      
      fortunately this worst-case code is only needed when effective and
      real ids mismatch, which mainly happens in suid programs.
      0a05eace
    • R
      collapse euidaccess to a call to faccessat · 89384f78
      Rich Felker 提交于
      it turns out Linux is buggy for faccessat, just like fchmodat: the
      kernel does not actually take a flags argument. so we're going to have
      to emulate it there.
      89384f78
    • R
      add prototypes for euidaccess/eaccess · f0ceb5ab
      Rich Felker 提交于
      f0ceb5ab
    • R
      add legacy euidaccess function and eaccess alias for it · a89aaee1
      Rich Felker 提交于
      this is mainly for ABI compat purposes.
      a89aaee1
    • R
      make tdestroy allow null function pointer if no destructor is needed · d3a98ff6
      Rich Felker 提交于
      this change is to align with a change in the glibc interface.
      d3a98ff6
    • R
      fix aliasing violations in tsearch functions · 2d2da648
      Rich Felker 提交于
      patch by nsz. the actual object the caller has storing the tree root
      has type void *, so accessing it as struct node * is not valid.
      instead, simply access the value, move it to a temporary of the
      appropriate type and work from there, then move the result back.
      2d2da648
    • R
      protect against long double type mismatches (mainly powerpc for now) · 86cc54b5
      Rich Felker 提交于
      check in configure to be polite (failing early if we're going to fail)
      and in vfprintf.c since that is the point at which a mismatching type
      would be extremely dangerous.
      86cc54b5
    • R
      add legacy function valloc · 2f820f3b
      Rich Felker 提交于
      it was already declared in stdlib.h, but not defined anywhere.
      2f820f3b
    • R
      fix feature test macro logic for _BSD_SOURCE · 2e5dfa51
      Rich Felker 提交于
      in several places, _BSD_SOURCE was not even implying POSIX, resulting
      in it being subtractive rather than additive (compared to the default
      features).
      2e5dfa51
    • R
      add wcsftime_t alias · 0c7294ef
      Rich Felker 提交于
      this is a nonstandard extension.
      0c7294ef
    • R
      add missing c++ extern "C" wrapping to link.h · feff6b43
      Rich Felker 提交于
      feff6b43
    • R
      make fchdir, fchmod, fchown, and fstat support O_PATH file descriptors · 9ca1f62b
      Rich Felker 提交于
      on newer kernels, fchdir and fstat work anyway. this same fix should
      be applied to any other syscalls that are similarly affected.
      
      with this change, the current definitions of O_SEARCH and O_EXEC as
      O_PATH are mostly conforming to POSIX requirements. the main remaining
      issue is that O_NOFOLLOW has different semantics.
      9ca1f62b
    • R
      debloat code that depends on /proc/self/fd/%d with shared function · c8c0844f
      Rich Felker 提交于
      I intend to add more Linux workarounds that depend on using these
      pathnames, and some of them will be in "syscall" functions that, from
      an anti-bloat standpoint, should not depend on the whole snprintf
      framework.
      c8c0844f
    • R
      work around linux's lack of flags argument to fchmodat syscall · 0dc48244
      Rich Felker 提交于
      previously, the AT_SYMLINK_NOFOLLOW flag was ignored, giving
      dangerously incorrect behavior -- the target of the symlink had its
      modes changed to the modes (usually 0777) intended for the symlink).
      this issue was amplified by the fact that musl provides lchmod, as a
      wrapper for fchmodat, which some archival programs take as a sign that
      symlink modes are supported and thus attempt to use.
      
      emulating AT_SYMLINK_NOFOLLOW was a difficult problem, and I
      originally believed it could not be solved, at least not without
      depending on kernels newer than 3.5.x or so where O_PATH works halfway
      well. however, it turns out that accessing O_PATH file descriptors via
      their pseudo-symlink entries in /proc/self/fd works much better than
      trying to use the fd directly, and works even on older kernels.
      moreover, the kernel has permanently pegged these references to the
      inode obtained by the O_PATH open, so there should not be race
      conditions with the file being moved, deleted, replaced, etc.
      0dc48244
  3. 02 8月, 2013 10 次提交
  4. 01 8月, 2013 5 次提交
    • R
      in pthread_getattr_np, use mremap rather than madvise to measure stack · 5db951ef
      Rich Felker 提交于
      the original motivation for this patch was that qemu (and possibly
      other syscall emulators) nop out madvise, resulting in an infinite
      loop. however, there is another benefit to this change: madvise may
      actually undo an explicit madvise the application intended for its
      stack, whereas the mremap operation is a true nop. the logic here is
      that mremap must fail if it cannot resize the mapping in-place, and
      the caller knows that it cannot resize in-place because it knows the
      next page of virtual memory is already occupied.
      5db951ef
    • R
      fix theoretical out-of-bound access in dynamic linker · 27593d3a
      Rich Felker 提交于
      one of the arguments to memcmp may be shorter than the length l-3, and
      memcmp is under no obligation not to access past the first byte that
      differs. instead use strncmp which conveys the correct semantics. the
      performance difference is negligible here and since the code is only
      use for shared libc, both functions are already linked anyway.
      27593d3a
    • R
      prevent passing PT_INTERP name to dlopen from double-loading libc · f8c376da
      Rich Felker 提交于
      the dev/inode for the main app and the dynamic linker ("interpreter")
      are not available, so the subsequent checks don't work. in general we
      don't want to make exact string matches to existing libraries prevent
      loading new ones, since this breaks loading upgraded modules in
      module-loading systems. so instead, special-case it.
      
      the motivation for this fix is that calling dlopen on the names
      returned by dl_iterate_phdr or walking the link map (obtained by
      dlinfo) seem to be the only methods available to an application to
      actually get a list of open dso handles.
      f8c376da
    • R
      add some sanity checks in dynamic loader code · 339516ad
      Rich Felker 提交于
      reject elf files which are not ET_EXEC/ET_DYN type as bad exec format,
      and reject ET_EXEC files when they cannot be loaded at the correct
      address, since they are not relocatable at runtime. the main practical
      benefit of this is to make dlopen of the main program fail rather than
      producing an unsafe-to-use handle.
      339516ad
    • R
  5. 31 7月, 2013 3 次提交
  6. 30 7月, 2013 1 次提交
    • T
      use separate sigaction buffers for old and new data · 48748143
      Timo Teräs 提交于
      in signal() it is needed since __sigaction uses restrict in parameters
      and sharing the buffer is technically an aliasing error. do the same
      for the syscall, as at least qemu-user does not handle it properly.
      48748143
  7. 29 7月, 2013 1 次提交
  8. 28 7月, 2013 4 次提交