summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorLines
2016-04-26fix FILE buffer underflow in ungetwcRich Felker-3/+3
commit 7e816a6487932cbb3cb71d94b609e50e81f4e5bf (version 1.1.11 release cycle) moved the code that performs wchar_t to multibyte conversion across code that used the resulting length in bytes, thereby breaking the unget buffer space check in ungetwc and clobbering up to three bytes below the start of the buffer. for allocated FILEs (all read-enabled FILEs except stdin), the underflow clobbers at most the FILE-specific locale pointer. no stores are performed through this pointer, but subsequent loads may result in a crash or mismatching encoding rule (UTF-8 multibyte vs byte-based). for stdin, the buffer lies in .bss and the underflow may clobber another object. in practice, for libc.so the adjacent object seems to be stderr's buffer, which is completely unused, but this could vary with linking options, or when static linking. applications which do not attempt to use more than one character of ungetwc pushback, or which do not use ungetwc, are not affected.
2016-04-25fix thread structure/dtv-pointer corruption on powerpcRich Felker-0/+5
per the powerpc psabi, offset 4 of the stack at call time belongs to the callee and is used for spilling lr (return address). in addition, offset 0 on the stack must contain a pointer to the previous stack frame, or a null pointer for the initial stack frame of a thread. __clone failed to setup any stack frame on the new thread's stack, thereby allowing the start function it called to clobber offset 4 of the new thread's struct __pthread, which contains the dtv pointer. add code to setup a proper stack frame and align the stack pointer to a multiple of 16 (also an abi requirement) if it was not already aligned.
2016-04-18remove dead store in res_msendPetr Vaněk-1/+0
The variable nss is set to zero in following line.
2016-04-18add mips n32 port (ILP32 ABI for mips64)Rich Felker-0/+335
based on patch submitted by Jaydeep Patil, with minor changes.
2016-04-01fix read past end of haystack buffer for short needles in memmemRich Felker-0/+1
the two/three/four byte memmem specializations are not prepared to handle haystacks shorter than the needle; they unconditionally read at least up to the needle length and subtract from the haystack length. if the haystack is shorter, the remaining haystack length underflows and produces an unbounded search which will eventually either crash or find a spurious match. the top-level memmem function attempted to avoid this case already by checking for haystack shorter than needle, but it failed to re-check after using memchr to remove the maximal prefix not containing the first byte of the needle.
2016-03-28fix undefined pointer comparison in stdio-internal __toreadRich Felker-1/+1
the comparison f->wpos > f->buf has undefined behavior when f->wpos is a null pointer, despite the intuition (and actual compiler behavior, for all known compilers) being that NULL > ptr is false for all valid pointers ptr. the purpose of the comparison is to determine if the write buffer is non-empty, and the idiom used elsewhere for that is comparison against f->wbase, which is either a null pointer when not writing, or equal to f->buf when writing. in the former case, both f->wpos and f->wbase are null; in the latter they are both non-null and point into the same array.
2016-03-24fix gethostbyaddr_r to fill struct hostent.h_length as appropriateTimo Teräs-0/+1
2016-03-16fix padding string formats to width in wide printf variantsRich Felker-4/+4
the idiom fprintf(f, "%.*s", n, "") was wrongly used in vfwprintf as a means of producing n spaces; instead it produces no output. the correct form is fprintf(f, "%*s", n, ""), using width instead of precision, since for %s the later is a maximum rather than a minimum.
2016-03-06add powerpc soft-float supportFelix Fietkau-34/+49
Some PowerPC CPUs (e.g. Freescale MPC85xx) have a completely different instruction set for floating point operations (SPE). Executing regular PowerPC floating point instructions results in "Illegal instruction" errors. Make it possible to run these devices in soft-float mode.
2016-03-06env: avoid leaving dangling pointers in __env_mapAlexander Monakov-0/+1
This is the minimal fix for __putenv leaving a pointer to freed heap storage in __env_map array, which could later on lead to errors such as double-free.
2016-03-06add mips64 portRich Felker-0/+338
patch by Mahesh Bodapati and Jaydeep Patil of Imagination Technologies.
2016-03-06generalize mips-specific reloc code not to hard-code sym/type encodingRich Felker-0/+2
this change is made in preparation for adding the mips64 port, which needs a 64-bit (and mips64-specific) form of the R_INFO macro, but it's a better abstraction anyway. based on part of the mips64 port patch by Mahesh Bodapati and Jaydeep Patil of Imagination Technologies.
2016-03-04math: fix expf(-NAN) and exp2f(-NAN) to return -NAN instead of 0Szabolcs Nagy-0/+4
expf(-NAN) was treated as expf(-large) which unconditionally returns +0, so special case +-NAN. reported by Petr Hosek.
2016-03-02add sched_getcpu vDSO supportNathan Zadoks-0/+31
This brings the call to an actually usable speed. Quick unscientific benchmark: 14ns : 102ns :: vDSO : syscall
2016-03-02add sched_getcpuNathan Zadoks-0/+13
This is a GNU extension, but a fairly minor one, for a system call that otherwise has no libc wrapper.
2016-03-02fix ^* at the start of a complete BRESzabolcs Nagy-0/+4
This is a workaround to treat * as literal * at the start of a BRE. Ideally ^ would be treated as an anchor at the start of any BRE subexpression and similarly $ would be an anchor at the end of any subexpression. This is not required by the standard and hard to do with the current code, but it's the existing practice. If it is changed, * should be treated as literal after such anchor as well.
2016-03-02fix * at the start of a BRE subexpressionSzabolcs Nagy-4/+0
commit 7eaa76fc2e7993582989d3838b1ac32dd8abac09 made * invalid at the start of a BRE subexpression, but it should be accepted as literal * there according to the standard. This patch does not fix subexpressions starting with ^*.
2016-03-02explicitly include stdio.h to get EOF definition needed by wctobMichael Meeuwisse-0/+1
2016-03-02handle non-matching address family entries in hosts fileRich Felker-3/+11
name_from_hosts failed to account for the possibility of an address family error from name_from_numeric, wrongly counting such a return as success and using the uninitialized address data as part of the results passed up to the caller. non-matching address family entries cannot simply be ignored or results would be inconsistent with respect to whether AF_UNSPEC or a specific address family is queried. instead, record that a non-matching entry was seen, and fail the lookup with EAI_NONAME of no matching-family entries are found.
2016-02-23allow implementing a_cas_p with pointer-sized ll/scBobby Bingham-0/+18
No current ports do this, but it will be useful for porting to 64-bit ll/sc architectures, such as mips64 and powerpc64.
2016-02-19work around regression building for armhf with clang (compiler bug)Rich Felker-2/+2
commit e4355bd6bec89688e8c739cd7b4c76e675643dca moved the math asm from external source files to inline asm, but unfortunately, all current releases of clang use the wrong inline asm constraint codes for float and double ("w" and "P" instead of "t" and "w", respectively). this patch adds detection for the bug in configure, and, for now, just disables the affected asm on broken clang versions.
2016-02-18improve macro logic for enabling arm math asmRich Felker-2/+2
in order to take advantage of the fpu in -mfloat-abi=softfp mode, the __VFP_FP__ (presence of vfp fpu) was checked instead of checking for __ARM_PCS_VFP (hardfloat EABI variant). however, the latter macro is the one that's actually specified by the ABI documents rather than being compiler-specific, and should also be checked in case __VFP_FP__ is not defined on some compilers or some configurations.
2016-02-16in crypt-sha*, reject excessive rounds as error rather than clampingRich Felker-2/+2
the reference implementation clamps rounds to [1000,999999999]. we further limited rounds to at most 9999999 as a defense against extreme run times, but wrongly clamped instead of treating out-of-bounds values as an error, thereby producing implementation-specific hash results. fixing this should not break anything since values of rounds this high are not useful anyway.
2016-02-16fix unlikely corner cases in getopt's message printingRich Felker-2/+2
like fputs (see commit 10a17dfbad2c267d885817abc9c7589fc7ff630b), the message printing code for getopt assumed that fwrite only returns 0 on failure, but it can also happen on success if the total length to be written is zero. programs with zero-length argv[0] were affected. commit 500c6886c654fd45e4926990fee2c61d816be197 introduced this problem in getopt by fixing the fwrite behavior to conform to the requirements of ISO C. previously the wrong expectations of the getopt code were met by the fwrite implementation.
2016-02-16fix assumption in fputs that fwrite returning 0 implies an errorRich Felker-1/+2
internally, the idiom of passing nmemb=1 to fwrite and interpreting the return value of fwrite (which is necessarily 0 or 1) as failure/success is fairly widely used. this is not correct, however, when the size argument is unknown and may be zero, since C requires fwrite to return 0 in that special case. previously fwrite always returned nmemb on success, but this was changed for conformance with ISO C by commit 500c6886c654fd45e4926990fee2c61d816be197.
2016-02-10fix return value for fread/fwrite when size argument is 0Rich Felker-0/+2
when the size argument was zero but nmemb was nonzero, these functions were returning nmemb, despite no data having been written. conceptually this is not wrong, but the standard requires a return value of zero in this case.
2016-02-10fix line-buffered flush omission for odd usage of putc-family functionsRich Felker-1/+2
as specified, the int argument providing the character to write is converted to type unsigned char. for the actual write to buffer, conversion happened implicitly via the assignment operator; however, the logic to check whether the argument was a newline used the original int value. thus usage such as putchar('\n'+0x100) failed to produce a flush.
2016-02-10fix failed write reporting by fwrite in line-buffered modeRich Felker-2/+2
when a write error occurred while flushing output due to a newline, fwrite falsely reported all bytes up to and including the newline as successfully written. in general, due to buffering such "spurious success" returns are acceptable for stdio; however for line-buffered mode it was subtly wrong. errors were still visible via ferror() or as a short-write return if there was more data past the newline that should have been written, but since the contract for line-buffered mode is that everything up through the newline be written out immediately, a discrepency was observable in the actual file contents.
2016-02-08remove workaround for broken mips assemblersRich Felker-5/+1
the workaround was for a bug that botched .gpword references to local labels, applying a nonsensical random offset of -0x4000 to them. this reverses commit 5e396fb996a80b035d0f6ecf7fed50f68aa3ebb7 and a removes a similar hack that was added to syscall_cp.s in the later commit 756c8af8589265e99e454fe3adcda1d0bc5e1963. it turns out one additional instance of the same idiom, the GETFUNCSYM macro in arch/mips/reloc.h, was still affected by the assembler bug and does not admit an easy workaround without making assumptions about how the macro is used. the previous workarounds made static linking work but left the early-stage dynamic linker broken and thus had limited usefulness. instead, affected users (using binutils versions older than 2.20) will need to fix the bug on the binutils side; the trivial patch is commit 453f5985b13e35161984bf1bf657bbab11515aa4 in the binutils-gdb repository.
2016-02-04in mips cancellable syscall asm, don't assume gp register is validRich Felker-2/+13
the old __cp_cancel code path loaded the address of __cancel from the GOT using the $gp register, which happened to be set to point to the correct GOT by the calling C function, but there is no ABI requirement that this happen. instead, go the roundabout way and compute the address of __cancel via pc-relative and gp-relative addressing starting with a fake return address generated by a bal instruction, which is the same trick crt1 uses to bootstrap.
2016-02-04avoid using signals when a thread attempts to cancel itselfRich Felker-0/+1
not only is pthread_kill expensive in this case; it also breaks testing under qemu app-level emulation.
2016-01-31fix malloc_usable_size for NULL inputSzabolcs Nagy-1/+1
the linux man page specifies malloc_usable_size(0) to return 0 and this is the semantics other implementations follow (jemalloc). reported by Alexander Monakov.
2016-01-31regex: increase the stack tre uses for tnfa creationSzabolcs Nagy-1/+1
10k elements stack is increased to 1000k, otherwise tnfa creation fails for reasonable sized patterns: a single literal char can add 7 elements to this stack, so regcomp of an 1500 char long pattern (with only litral chars) fails with REG_ESPACE. (the new limit allows about < 150k chars, this arbitrary limit allows most command line regex usage.) ideally there would be no upper bound: regcomp dynamically reallocates this buffer, every reallocation checks for allocation failure and at the end this stack is freed so there is no reason for special bound. however that may have unwanted effect on regcomp and regexec runtime so this is a conservative change.
2016-01-30ldso: fix GDB dynamic linker info on MIPSFelix Fietkau-0/+4
GDB is looking for a pointer to the ldso debug info in the data of the ..rld_map section. Signed-off-by: Felix Fietkau <nbd@openwrt.org>
2016-01-30regex: simplify the {,} repetition parsing logicSzabolcs Nagy-20/+19
2016-01-30regex: treat \+, \? as repetitions in BRESzabolcs Nagy-1/+5
These are undefined escape sequences by the standard, but often used in sed scripts.
2016-01-30regex: rewrite the repetition parsing codeSzabolcs Nagy-30/+29
The goto logic was hard to follow and modify. This is in preparation for the BRE \+ and \? support.
2016-01-30regex: treat \| in BRE as alternationSzabolcs Nagy-2/+17
The standard does not define semantics for \| in BRE, but some code depends on it meaning alternation. Empty alternative expression is allowed to be consistent with ERE. Based on a patch by Rob Landley.
2016-01-30regex: reject repetitions in some cases with REG_BADRPTSzabolcs Nagy-3/+12
Previously repetitions were accepted after empty expressions like in (*|?)|{2}, but in BRE the handling of * and \{\} were not consistent: they were accepted as literals in some cases and repetitions in others. It is better to treat repetitions after an empty expression as an error (this is allowed by the standard, and glibc mostly does the same). This is hard to do consistently with the current logic so the new rule is: Reject repetitions after empty expressions, except after assertions ^*, $? and empty groups ()+ and never treat them as literals. Empty alternation (|a) is undefined by the standard, but it can be useful so that should be accepted.
2016-01-30regex: clean up position accounting for literal nodesSzabolcs Nagy-4/+2
This should not change the meaning of the code, just make the intent clearer: advancing position is tied to adding a new literal.
2016-01-30fix misaligned pointer-like objects in arm atomics asm source fileRich Felker-0/+2
this file's .data section was not aligned, and just happened to get the correct alignment with past builds. it's likely that the move of atomic.s from arch/arm/src to src/thread/arm caused the change in alignment, which broke the atomic and thread-pointer access fragments on actual armv5 hardware.
2016-01-28reuse parsed resolv.conf in dns core to avoid re-reading/re-parsingRich Felker-16/+22
2016-01-28fix uninitialized variable in new resolv.conf parserRich Felker-1/+1
2016-01-28add support for search domains to dns resolverRich Felker-1/+41
search is only performed if the search or domain keyword is used in resolv.conf and the queried name has fewer than ndots dots. there is no default domain and names with >=ndots dots are never subjected to search; failure in the root scope is final. the (non-POSIX) res_search API presently does not honor search. this may be added at some point in the future if needed. resolv.conf is now parsed twice, at two different layers of the code involved. this will be fixed in a subsequent patch.
2016-01-28fix handling of dns response codesRich Felker-1/+2
rcode of 3 (NxDomain) was treated as a hard EAI_NONAME failure, but it should instead return 0 (no results) so the caller can continue searching. this will be important for adding search domain support. the top-level caller will automatically return EAI_NONAME if there are zero results at the end. also, the case where rcode is 0 (success) but there are no results was not handled. this happens when the domain exists but there are no A or AAAA records for it. in this case a hard EAI_NONAME should be imposed to inhibit further search, since the name was defined and just does not have any address associated with it. previously a misleading hard failure of EAI_FAIL was reported.
2016-01-28fix logic for matching search/domain keywords in resolv.confRich Felker-1/+1
2016-01-28factor resolv.conf parsing out of res_msend to its own fileRich Felker-60/+126
this change is made in preparation for adding search domains, for which higher-level code will need to parse resolv.conf. simply parsing it twice for each lookup would be one reasonable option, but the existing parser code was buggy anyway, which suggested to me that it's a bad idea to have two variants of this code in two different places. the old code in res_msend potentially misinterpreted overly long lines in resolv.conf, and stopped parsing after it found 3 nameservers, even if there were relevant options left to be parsed later in the file.
2016-01-28add errno setting to stub utmpxname functionRich Felker-0/+2
2016-01-28legacy/utmpx: Add utmp{,x}name stubsKylie McClain-0/+7
2016-01-27improve clock_gettime and adapt it to support slightly-broken vdsoRich Felker-22/+39
these changes are motivated by a functionally similar patch by Hauke Mehrtens to address the needs of the new mips vdso clock_gettime, which wrongly fails with ENOSYS rather than falling back to making a syscall for clock ids it cannot handle from userspace. in the process of preparing to handle that case, it was noticed that the old clock_gettime use of the vdso was actually wrong with respect to error handling -- the tail call to the vdso function failed to set errno and instead returned an error code. since tail calls to vdso are no longer possible and since the plain syscall code is now needed as a fallback path anyway, it does not make sense to use a function pointer to call the plain syscall code path. instead, it's inlined at the end of the main clock_gettime function. the new code also avoids the need to test for initialization of the vdso function pointer by statically initializing it to a self-init function, and eliminates redundant loads from the volatile pointer object. finally, the use of a_cas_p on an object of type other than void *, which is not permitted aliasing, is replaced by using an object with the correct type and casting the value.