1. 23 2月, 2018 12 次提交
  2. 22 2月, 2018 4 次提交
    • R
      update authors/contributors list · 1366b3c5
      Rich Felker 提交于
      these additions were made by scanning git log since the last major
      update in commit 790580b2. in addition
      to git-level commit authorship, "patch by" text in the commit message
      was also scanned. this idiom was used in the past for patches that
      underwent substantial edits when merging or where the author did not
      provide a commit message. going forward, my intent is to use commit
      authorship consistently for attribution.
      
      as before my aim was adding everyone with either substantial code
      contributions or a pattern of ongoing simple patch submission; any
      omissions are unintentional.
      1366b3c5
    • M
      fix detection of LIBCC for compiler-rt with clang · fcf24b9f
      Matúš Olekšák 提交于
      Maintainer's note: at one point, -lcompiler_rt apparently worked, and
      may still work and be preferable if one has manually installed the
      library in a public lib directory. but with current versions of clang,
      the full pathname to the library file is needed. the original patch
      removed the -lcompiler_rt check; I have left it in place in case there
      are users depending on it, and since, when it does work, it's
      preferable so as not to code a dependency on the specific compiler
      version and paths in config.mak.
      fcf24b9f
    • R
      convert execvp error handling to switch statement · 6d610242
      Rich Felker 提交于
      this is more extensible if we need to consider additional errors, and
      more efficient as long as the compiler does not know it can cache the
      result of __errno_location (a surprisingly complex issue detailed in
      commit a603a75a).
      6d610242
    • P
      fix execvp failing on not-dir entries in PATH. · 8e0b3806
      Przemyslaw Pawelczyk 提交于
      It's better to make execvp continue PATH search on ENOTDIR rather than
      issuing an error. Bogus entries should not render rest of PATH invalid.
      
      Maintainer's note: POSIX seems to require the search to continue like
      this as part of XBD 8.3 Other Environment Variables. Only errors that
      conclusively determine non-existence are candidates for continuing;
      otherwise for consistency we have to report the error.
      8e0b3806
  3. 12 2月, 2018 1 次提交
    • R
      fix incorrect overflow check for allocation in fmemopen · 75cba9c6
      Rich Felker 提交于
      when a null buffer pointer is passed to fmemopen, requesting it
      allocate its own memory buffer, extremely large size arguments near
      SIZE_MAX could overflow and result in underallocation. this results
      from omission of the size of the cookie structure in the overflow
      check but inclusion of it in the calloc call.
      
      instead of accounting for individual small contributions to the total
      allocation size needed, simply reject sizes larger than PTRDIFF_MAX,
      which will necessarily fail anyway. then adding arbitrary fixed-size
      structures is safe without matching up the expressions in the
      comparison and the allocation.
      75cba9c6
  4. 08 2月, 2018 4 次提交
    • S
      better configure check for long double support · 249b621f
      Szabolcs Nagy 提交于
      249b621f
    • D
      make getcwd fail if it cannot obtain an absolute path · 23ddab85
      Dmitry V. Levin 提交于
      Currently getcwd(3) can succeed without returning an absolute path
      because the underlying getcwd syscall, starting with linux commit
      v2.6.36-rc1~96^2~2, may succeed without returning an absolute path.
      
      This is a conformance issue because "The getcwd() function shall
      place an absolute pathname of the current working directory
      in the array pointed to by buf, and return buf".
      
      Fix this by checking the path returned by syscall and failing with
      ENOENT if the path is not absolute.  The error code is chosen for
      consistency with the case when the current directory is unlinked.
      
      Similar issue was fixed in glibc recently, see
      https://sourceware.org/bugzilla/show_bug.cgi?id=22679
      23ddab85
    • R
      disallow non-absolute rpath $ORIGIN for suid/sgid/AT_SECURE processes · 376b3c54
      Rich Felker 提交于
      in theory non-absolute origins can only arise when either the main
      program is invoked by running ldso as a command (inherently non-suid)
      or when dlopen was called with a relative pathname containing at least
      one slash. such usage would be inherently insecure in an suid program
      anyway, so the old behavior here does not seem to have been insecure.
      harden against it anyway.
      376b3c54
    • R
      honor rpath $ORIGIN for ldd/ldso command with program in working dir · f0b235c1
      Rich Felker 提交于
      the rpath fixup code assumed any module's name field would contain at
      least one slash, an invariant which is usually met but not in the case
      of a main executable loaded from the current working directory by
      running ldd or ldso as a command. it would be possible to make this
      invariant always hold, but it has a higher runtime allocation cost and
      does not seem useful elsewhere, so just patch things up in fixup_rpath
      instead.
      f0b235c1
  5. 07 2月, 2018 1 次提交
    • R
      adjust strftime + modifier to match apparent intent of POSIX · c7f0da41
      Rich Felker 提交于
      it's unclear from the specification whether the word "consumes" in
      "consumes more than four bytes to represent a year" refers just to
      significant places or includes leading zeros due to field width
      padding. however the examples in the rationale indicate that the
      latter was the intent. in particular, the year 270 is shown being
      formatted by %+5Y as +0270 rather than 00270.
      
      previously '+' prefixing was implemented just by comparing the year
      against 10000. instead, count the number of significant digits and
      padding bytes to be added, and use the total to determine whether to
      apply the '+' prefix.
      
      based on testing by Dennis Wölfing.
      c7f0da41
  6. 06 2月, 2018 4 次提交
    • R
      fix strftime field widths with %F format and zero year · 596207aa
      Rich Felker 提交于
      the code to strip initial sign and leading zeros inadvertently
      stripped all the zeros and the subsequent '-' separating the month.
      instead, only strip sign characters from the very first position, and
      only strip zeros when they are followed by another digit.
      
      based on testing by Dennis Wölfing.
      596207aa
    • R
      document pthread structure ABI constraints in comments · cc7c300d
      Rich Felker 提交于
      in the original submission of the patch that became commit
      7c709f2d, and in subsequent reading of
      it by others, it was not clear that the new member had to be inserted
      before canary_at_end, or that inserting it at that location was safe.
      add comments to document.
      cc7c300d
    • A
      re-fix child reaping in wordexp · e53296f8
      Alexander Monakov 提交于
      Do not retry waitpid if the child was terminated by a signal. Do not
      examine status: since we are not passing any flags, we will not receive
      stop or continue notifications.
      e53296f8
    • R
      revert regression in faccessat AT_EACCESS robustness · cd0ae687
      Rich Felker 提交于
      commit f9fb20b4 switched from using a
      pipe for the result to conveying it via the child process exit status.
      Alexander Monakov pointed out that the latter could fail if the
      application is not expecting faccessat to produce a child and performs
      a wait operation with __WCLONE or __WALL, and that it is not clear
      whether it's guaranteed to work when SIGCHLD's disposition has been
      set to SIG_IGN.
      
      in addition, that commit introduced a bug that caused EACCES to be
      produced instead of EBUSY due to an exit path that was overlooked when
      the error channel was changed, and introduced a spurious retry loop
      around the wait operation.
      cd0ae687
  7. 03 2月, 2018 2 次提交
    • W
      7c709f2d
    • R
      adjust dladdr dli_fbase definition to match other implementations · b3ae7bea
      Rich Felker 提交于
      the Linux and FreeBSD man pages for dladdr document dli_fbase as the
      "base address" of the library/module found. normally (e.g. AT_BASE)
      the term "base" is used to denote the base address relative to which
      p_vaddr addresses are interpreted; however in the case of dladdr's
      Dl_info structure, existing implementations define it as the lowest
      address of the mapping, which makes sense in the context of
      determining which module's memory range the input address falls
      within.
      
      since this is a nonstandard interface provided to mimic one provided
      by other implementations, adjust it to match their behavior.
      b3ae7bea
  8. 01 2月, 2018 3 次提交
    • S
      getopt_long: accept prefix match of long options containing equals signs · 6f03b61b
      Samuel Holland 提交于
      Consider the first equals sign found in the option to be the delimiter
      between it and its argument, even if it matches an equals sign in the
      option name. This avoids consuming the equals sign, which would prevent
      finding the argument. Instead, it forces a partial match of the part of
      the option name before the equals sign.
      
      Maintainer's note: GNU getopt_long does not explicitly document this
      behavior, but it can be seen as a consequence of how partial matches
      are specified, and at least GNU (bfd) ld is known to make use of it.
      6f03b61b
    • S
      fix getopt_long arguments to partial matches · f1abc29b
      Samuel Holland 提交于
      If we find a partial option name match, we need to keep looking for
      ambiguous/conflicting options. However, we need to remember the position
      in the candidate argument to find its option-argument later, if there is
      one. This fixes e.g. option "foobar" being given as "--fooba=baz".
      f1abc29b
    • W
      14edadb5
  9. 13 1月, 2018 1 次提交
  10. 11 1月, 2018 1 次提交
    • R
      fix printf alt-form octal with value 0 and no explicit precision · b64539ae
      Rich Felker 提交于
      commit 78897b0d wrongly simplified
      Dmitry Levin's original submitted patch fixing alt-form octal with the
      zero flag and field width present, omitting the special case where the
      value is zero. as a result, printf("%#o",0) wrongly prints "00" rather
      than "0".
      
      the logic prior to this commit was actually better, in that it was
      aligned with how the alt-form flag (#) for printf is specified ("it
      shall increase the precision"). at the time there was no good way to
      avoid the zero flag issue with the old logic, but commit
      167dfe96 added tracking of whether an
      explicit precision was provided.
      
      revert commit 78897b0d and switch to
      using the explicit precision indicator for suppressing the zero flag.
      b64539ae
  11. 10 1月, 2018 4 次提交
    • J
      revise the definition of multiple basic locks in the code · 32482f61
      Jens Gustedt 提交于
      In all cases this is just a change from two volatile int to one.
      32482f61
    • J
      consistently use the LOCK an UNLOCK macros · c4bc0b1a
      Jens Gustedt 提交于
      In some places there has been a direct usage of the functions. Use the
      macros consistently everywhere, such that it might be easier later on to
      capture the fast path directly inside the macro and only have the call
      overhead on the slow path.
      c4bc0b1a
    • J
      new lock algorithm with state and congestion count in one atomic int · 47d0bcd4
      Jens Gustedt 提交于
      A variant of this new lock algorithm has been presented at SAC'16, see
      https://hal.inria.fr/hal-01304108. A full version of that paper is
      available at https://hal.inria.fr/hal-01236734.
      
      The main motivation of this is to improve on the safety of the basic lock
      implementation in musl. This is achieved by squeezing a lock flag and a
      congestion count (= threads inside the critical section) into a single
      int. Thereby an unlock operation does exactly one memory
      transfer (a_fetch_add) and never touches the value again, but still
      detects if a waiter has to be woken up.
      
      This is a fix of a use-after-free bug in pthread_detach that had
      temporarily been patched. Therefore this patch also reverts
      
               c1e27367
      
      This is also the only place where internal knowledge of the lock
      algorithm is used.
      
      The main price for the improved safety is a little bit larger code.
      
      Under high congestion, the scheduling behavior will be different
      compared to the previous algorithm. In that case, a successful
      put-to-sleep may appear out of order compared to the arrival in the
      critical section.
      47d0bcd4
    • H
      add additional uapi guards for Linux kernel header files · b583c5d3
      Hauke Mehrtens 提交于
      With Linux kernel 4.16 it will be possible to guard more parts of the
      Linux header files from a libc. Make use of this in musl to guard all
      the structures and other definitions from the Linux header files which
      are also defined by the header files provided by musl. This will make
      it possible to compile source files which include both the libc
      headers and the kernel userspace headers.
      
      This extends the definitions done in commit 04983f22 ("make
      netinet/in.h suppress clashing definitions from kernel headers")
      b583c5d3
  12. 19 12月, 2017 3 次提交