2023-01-06 21:08:04 +00:00
|
|
|
/* Copyright (C) 1993-2023 Free Software Foundation, Inc.
|
2001-07-06 04:58:11 +00:00
|
|
|
This file is part of the GNU C Library.
|
1997-08-20 03:53:21 +00:00
|
|
|
|
2001-07-06 04:58:11 +00:00
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
|
|
|
modify it under the terms of the GNU Lesser General Public
|
|
|
|
|
License as published by the Free Software Foundation; either
|
|
|
|
|
version 2.1 of the License, or (at your option) any later version.
|
1997-08-20 03:53:21 +00:00
|
|
|
|
2001-07-06 04:58:11 +00:00
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
|
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
1997-08-20 03:53:21 +00:00
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
2001-07-06 04:58:11 +00:00
|
|
|
Lesser General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
2012-02-09 23:18:22 +00:00
|
|
|
License along with the GNU C Library; if not, see
|
Prefer https to http for gnu.org and fsf.org URLs
Also, change sources.redhat.com to sourceware.org.
This patch was automatically generated by running the following shell
script, which uses GNU sed, and which avoids modifying files imported
from upstream:
sed -ri '
s,(http|ftp)(://(.*\.)?(gnu|fsf|sourceware)\.org($|[^.]|\.[^a-z])),https\2,g
s,(http|ftp)(://(.*\.)?)sources\.redhat\.com($|[^.]|\.[^a-z]),https\2sourceware.org\4,g
' \
$(find $(git ls-files) -prune -type f \
! -name '*.po' \
! -name 'ChangeLog*' \
! -path COPYING ! -path COPYING.LIB \
! -path manual/fdl-1.3.texi ! -path manual/lgpl-2.1.texi \
! -path manual/texinfo.tex ! -path scripts/config.guess \
! -path scripts/config.sub ! -path scripts/install-sh \
! -path scripts/mkinstalldirs ! -path scripts/move-if-change \
! -path INSTALL ! -path locale/programs/charmap-kw.h \
! -path po/libc.pot ! -path sysdeps/gnu/errlist.c \
! '(' -name configure \
-execdir test -f configure.ac -o -f configure.in ';' ')' \
! '(' -name preconfigure \
-execdir test -f preconfigure.ac ';' ')' \
-print)
and then by running 'make dist-prepare' to regenerate files built
from the altered files, and then executing the following to cleanup:
chmod a+x sysdeps/unix/sysv/linux/riscv/configure
# Omit irrelevant whitespace and comment-only changes,
# perhaps from a slightly-different Autoconf version.
git checkout -f \
sysdeps/csky/configure \
sysdeps/hppa/configure \
sysdeps/riscv/configure \
sysdeps/unix/sysv/linux/csky/configure
# Omit changes that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/powerpc/powerpc64/ppc-mcount.S: trailing lines
git checkout -f \
sysdeps/powerpc/powerpc64/ppc-mcount.S \
sysdeps/unix/sysv/linux/s390/s390-64/syscall.S
# Omit change that caused a pre-commit check to fail like this:
# remote: *** error: sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S: last line does not end in newline
git checkout -f sysdeps/sparc/sparc64/multiarch/memcpy-ultra3.S
2019-09-07 05:40:42 +00:00
|
|
|
<https://www.gnu.org/licenses/>.
|
2001-07-06 04:58:11 +00:00
|
|
|
|
|
|
|
|
As a special exception, if you link the code in this file with
|
|
|
|
|
files compiled with a GNU compiler to produce an executable,
|
|
|
|
|
that does not cause the resulting executable to be covered by
|
|
|
|
|
the GNU Lesser General Public License. This exception does not
|
|
|
|
|
however invalidate any other reasons why the executable file
|
|
|
|
|
might be covered by the GNU Lesser General Public License.
|
|
|
|
|
This exception applies to code released by its copyright holders
|
|
|
|
|
in files containing the exception. */
|
Sat Nov 18 16:46:01 1995 Ulrich Drepper <drepper@gnu.ai.mit.edu>
* libio/Makefile, libio/cleanup.c, libio/clearerr.c, libio/feof.c,
libio/ferror.c, libio/fgetc.c, libio/filedoalloc.c, libio/fileno.c,
libio/fileops.c, libio/fputc.c, libio/freopen.c, libio/fseek.c,
libio/genops.c, libio/getc.c, libio/getchar.c, libio/iofclose.c,
libio/iofdopen.c, libio/iofflush.c, libio/iofgetpos.c, libio/iofgets.c,
libio/iofopen.c, libio/iofprintf.c, libio/iofputs.c, libio/iofread.c,
libio/iofscanf.c, libio/iofsetpos.c, libio/ioftell.c, libio/iofwrite.c,
libio/iogetdelim.c, libio/iogetline.c, libio/iogets.c, libio/iolibio.h,
libio/iopadn.c, libio/ioprims.c, libio/ioputs.c, libio/ioseekoff.c,
libio/ioseekpos.c, libio/iosetbuffer.c, libio/iosetvbuf.c,
libio/iosprintf.c, libio/ioungetc.c, libio/iovsprintf.c,
libio/iovsscanf.c, libio/libio.h, libio/libioP.h, libio/putc.c,
libio/putchar.c, libio/rewind.c, libio/setbuf.c, libio/setlinebuf.c,
libio/stdfiles.c, libio/stdio.c, libio/stdio.h, libio/strfile.h,
libio/strops.c, libio/vasprintf.c, libio/vscanf.c, libio/vsnprintf.c:
New files. Slightly modified version from Linux libc.
* libio/memstream.c, libio/vdprintf.c: New files for functions not
(yet) part of GNU libio.
* libio/iofopncook.c: Implementation of `fopencookie', mainly written
by Per Bothner.
* stdio-common/getline.c: Adapted to libio.
* stdio-common/snprintf.c: Adapted to libio.
* stdio-common/vfprintf.c: Adapted to libio.
* stdio-common/vfscanf.c: Adapted to libio.
* sysdeps/posix/tempname.c: Adapted to libio.
1995-11-20 03:48:11 +00:00
|
|
|
|
|
|
|
|
#include "libioP.h"
|
|
|
|
|
|
2022-12-19 17:56:55 +00:00
|
|
|
#include <printf.h>
|
|
|
|
|
#include <stdint.h>
|
|
|
|
|
#include <printf_buffer.h>
|
2018-03-07 19:32:03 +00:00
|
|
|
|
Sat Nov 18 16:46:01 1995 Ulrich Drepper <drepper@gnu.ai.mit.edu>
* libio/Makefile, libio/cleanup.c, libio/clearerr.c, libio/feof.c,
libio/ferror.c, libio/fgetc.c, libio/filedoalloc.c, libio/fileno.c,
libio/fileops.c, libio/fputc.c, libio/freopen.c, libio/fseek.c,
libio/genops.c, libio/getc.c, libio/getchar.c, libio/iofclose.c,
libio/iofdopen.c, libio/iofflush.c, libio/iofgetpos.c, libio/iofgets.c,
libio/iofopen.c, libio/iofprintf.c, libio/iofputs.c, libio/iofread.c,
libio/iofscanf.c, libio/iofsetpos.c, libio/ioftell.c, libio/iofwrite.c,
libio/iogetdelim.c, libio/iogetline.c, libio/iogets.c, libio/iolibio.h,
libio/iopadn.c, libio/ioprims.c, libio/ioputs.c, libio/ioseekoff.c,
libio/ioseekpos.c, libio/iosetbuffer.c, libio/iosetvbuf.c,
libio/iosprintf.c, libio/ioungetc.c, libio/iovsprintf.c,
libio/iovsscanf.c, libio/libio.h, libio/libioP.h, libio/putc.c,
libio/putchar.c, libio/rewind.c, libio/setbuf.c, libio/setlinebuf.c,
libio/stdfiles.c, libio/stdio.c, libio/stdio.h, libio/strfile.h,
libio/strops.c, libio/vasprintf.c, libio/vscanf.c, libio/vsnprintf.c:
New files. Slightly modified version from Linux libc.
* libio/memstream.c, libio/vdprintf.c: New files for functions not
(yet) part of GNU libio.
* libio/iofopncook.c: Implementation of `fopencookie', mainly written
by Per Bothner.
* stdio-common/getline.c: Adapted to libio.
* stdio-common/snprintf.c: Adapted to libio.
* stdio-common/vfprintf.c: Adapted to libio.
* stdio-common/vfscanf.c: Adapted to libio.
* sysdeps/posix/tempname.c: Adapted to libio.
1995-11-20 03:48:11 +00:00
|
|
|
int
|
2018-03-07 19:32:03 +00:00
|
|
|
__vsprintf_internal (char *string, size_t maxlen,
|
|
|
|
|
const char *format, va_list args,
|
Add __v*printf_internal with flags arguments
There are a lot more printf variants than there are scanf variants,
and the code for setting up and tearing down their custom FILE
variants around the call to __vf(w)printf is more complicated and
variable. Therefore, I have added _internal versions of all the
v*printf variants, rather than introducing helper routines so that
they can all directly call __vf(w)printf_internal, as was done with
scanf.
As with the scanf changes, in this patch the _internal functions still
look at the environmental mode bits and all callers pass 0 for the
flags parameter.
Several of the affected public functions had _IO_ name aliases that
were not exported (but, in one case, appeared in libio.h anyway);
I was originally planning to leave them as aliases to avoid having
to touch internal callers, but it turns out ldbl_*_alias only work
for exported symbols, so they've all been removed instead. It also
turns out there were hardly any internal callers. _IO_vsprintf and
_IO_vfprintf *are* exported, so those two stick around.
Summary for the changes to each of the affected symbols:
_IO_vfprintf, _IO_vsprintf:
All internal calls removed, thus the internal declarations, as well
as uses of libc_hidden_proto and libc_hidden_def, were also removed.
The external symbol is now exposed via uses of ldbl_strong_alias
to __vfprintf_internal and __vsprintf_internal, respectively.
_IO_vasprintf, _IO_vdprintf, _IO_vsnprintf,
_IO_vfwprintf, _IO_vswprintf,
_IO_obstack_vprintf, _IO_obstack_printf:
All internal calls removed, thus declaration in internal headers
were also removed. They were never exported, so there are no
aliases tying them to the internal functions. I.e.: entirely gone.
__vsnprintf:
Internal calls were always preceded by macros such as
#define __vsnprintf _IO_vsnprintf, and
#define __vsnprintf vsnprintf
The macros were removed and their uses replaced with calls to the
new internal function __vsnprintf_internal. Since there were no
internal calls, the internal declaration was also removed. The
external symbol is preserved with ldbl_weak_alias to ___vsnprintf.
__vfwprintf:
All internal calls converted into calls to __vfwprintf_internal,
thus the internal declaration was removed. The function is now a
wrapper that calls __vfwprintf_internal. The external symbol is
preserved.
__vswprintf:
Similarly, but no external symbol.
__vasprintf, __vdprintf, __vfprintf, __vsprintf:
New internal wrappers. Not exported.
vasprintf, vdprintf, vfprintf, vsprintf, vsnprintf,
vfwprintf, vswprintf,
obstack_vprintf, obstack_printf:
These functions used to be aliases to the respective _IO_* function,
they are now aliases to their respective __* functions.
Tested for powerpc and powerpc64le.
2018-03-07 19:32:01 +00:00
|
|
|
unsigned int mode_flags)
|
Sat Nov 18 16:46:01 1995 Ulrich Drepper <drepper@gnu.ai.mit.edu>
* libio/Makefile, libio/cleanup.c, libio/clearerr.c, libio/feof.c,
libio/ferror.c, libio/fgetc.c, libio/filedoalloc.c, libio/fileno.c,
libio/fileops.c, libio/fputc.c, libio/freopen.c, libio/fseek.c,
libio/genops.c, libio/getc.c, libio/getchar.c, libio/iofclose.c,
libio/iofdopen.c, libio/iofflush.c, libio/iofgetpos.c, libio/iofgets.c,
libio/iofopen.c, libio/iofprintf.c, libio/iofputs.c, libio/iofread.c,
libio/iofscanf.c, libio/iofsetpos.c, libio/ioftell.c, libio/iofwrite.c,
libio/iogetdelim.c, libio/iogetline.c, libio/iogets.c, libio/iolibio.h,
libio/iopadn.c, libio/ioprims.c, libio/ioputs.c, libio/ioseekoff.c,
libio/ioseekpos.c, libio/iosetbuffer.c, libio/iosetvbuf.c,
libio/iosprintf.c, libio/ioungetc.c, libio/iovsprintf.c,
libio/iovsscanf.c, libio/libio.h, libio/libioP.h, libio/putc.c,
libio/putchar.c, libio/rewind.c, libio/setbuf.c, libio/setlinebuf.c,
libio/stdfiles.c, libio/stdio.c, libio/stdio.h, libio/strfile.h,
libio/strops.c, libio/vasprintf.c, libio/vscanf.c, libio/vsnprintf.c:
New files. Slightly modified version from Linux libc.
* libio/memstream.c, libio/vdprintf.c: New files for functions not
(yet) part of GNU libio.
* libio/iofopncook.c: Implementation of `fopencookie', mainly written
by Per Bothner.
* stdio-common/getline.c: Adapted to libio.
* stdio-common/snprintf.c: Adapted to libio.
* stdio-common/vfprintf.c: Adapted to libio.
* stdio-common/vfscanf.c: Adapted to libio.
* sysdeps/posix/tempname.c: Adapted to libio.
1995-11-20 03:48:11 +00:00
|
|
|
{
|
2022-12-19 17:56:55 +00:00
|
|
|
struct __printf_buffer buf;
|
update from main archive 960906
Sat Sep 7 05:15:45 1996 Ulrich Drepper <drepper@cygnus.com>
* libio/iofdopen: Initialize _lock field only if _IO_MTSAFE_IO.
* libio/iofopen: Likewise.
* libio/iofopncook.c: Likewise.
* libio/iopopen.c: Likewise.
* libio/iovsprintf.c: Likewise.
* libio/iovsscanf.c: Likewise.
* libio/memstream.c: Likewise.
* libio/vasprintf.c: Likewise.
* libio/vdprintf.c: Likewise.
* libio/vsnprintf.c: Likewise.
Sat Sep 7 03:55:47 1996 Ulrich Drepper <drepper@cygnus.com>
* Makeconfig (soversions.mk): Also use shlib-versions files
in add-on directories.
* config.make.in (config-defines): Remove. Not used anymore.
(defines): New variable. Initiliazed by @DEFINES@.
* configure.in: Add AC_SUBST(DEFINES).
* libio/Makefile (routines): When compiling reentrant libc add
clearerr_u, feof_u, ferror_u, fputc_u, getc_u, getchar_u,
iofflush_u, putc_u, putchar_u, ioflockfile.
(CPPFLAGS): Add -D_IO_MTSAFE_IO for reentrant libc.
* sysdeps/stub/libc-lock.h: Add stubs for __libc_cleanup_region_start
and __libc_cleanup_region_end.
* sysdeps/unix/i386/sysdep.S [_LIBC_REENTRANT]: Set errno
using __errno_location function.
* sysdeps/unix/sysv/linux/i386/sysdep.S [_LIBC_REENTRANT]: Set errno
using __errno_location function.
(__errno_location): New function.
* sysdeps/unix/sysv/linux/i386/sysdep.h [PIC]: Add second
syscall_error handler for reentrant libc.
* sysdeps/unix/opendir.c: Remove unneeded `;'.
* libio.h [_IO_MTSAFE_IO]: Include <pthread.h>.
[!_IO_MTSAFE_IO]: Define _IO_flockfile and _IO_funlockfile
as empty macros.
* libioP.h: Include <libc-lock.h>.
* libio/stdio.h: Add prototypes for *_locked and *_unlocked
functions.
* libio/clearerr.c: Use _IO_ protected versions of flockfile
and funlockfile to be namespace clean.
* libio/genops.c: Use __libc_lock_* macros for handling lock.
* libio/iofdopen: Add initialization of _lock in _IO_FILE.
* libio/iofopen: Likewise.
* libio/iofopncook.c: Likewise.
* libio/iopopen.c: Likewise.
* libio/iovsprintf.c: Likewise.
* libio/iovsscanf.c: Likewise.
* libio/memstream.c: Likewise.
* libio/vasprintf.c: Likewise.
* libio/vdprintf.c: Likewise.
* libio/vsnprintf.c: Likewise.
* libio/fgetc.c: Use __libc_cleanup_region_* macros instead
of flockfile etc.
* libio/fputc.c: Likewise.
* libio/freopen.c: Likewise.
* libio/fseek.c: Likewise.
* libio/getc.c: Likewise.
* libio/getchar.c: Likewise.
* libio/iofclose.c: Likewise.
* libio/iofflush.c: Likewise.
* libio/iofgetpos.c: Likewise.
* libio/iofgets.c: Likewise.
* libio/iofputs.c: Likewise.
* libio/iofread.c: Likewise.
* libio/iofsetpos.c: Likewise.
* libio/ioftell.c: Likewise.
* libio/iofwrite.c: Likewise.
* libio/iogetdelim.c: Likewise.
* libio/iogets.c: Likewise.
* libio/ioputs.c: Likewise.
* libio/iosetbuffer.c: Likewise.
* libio/iosetvbuf.c: Likewise.
* libio/ioungetc.c: Likewise.
* libio/putc.c: Likewise.
* libio/putchar.c: Likewise.
* libio/rewind.c: Likewise.
* stdio-common/vfprintf.c: Likewise.
* stdio-common/vfscanf.c: Likewise.
* libio/clearerr_u.c: Correct alias name.
* libio/ferror_u.c: Likewise.
* libio/fileno.c: Likewise.
* libio/fputc_u.c: Likewise.
* libio/getc.c: Likewise.
* libio/getc_u.c: Likewise.
* libio/getchar.c: Likewise.
* libio/getchar_u.c: Likewise.
* libio/putc.c: Likewise.
* libio/putchar.c: Likewise.
* libio/feof_u.c: Undefine macro with name of function before
definition of function itself.
* libio/ioflockfile.c: New file. Implementation of flockfile and
funlockfile.
* libio/putchar_u.c: Fix typo. Use stdout instead of fp.
* malloc/malloc.h: Don't include <libc-lock.h> and don't declare
_malloc_loc.
* malloc/free.c: Include <libc-lock.h>.
* malloc/realloc.c: Likewise.
* malloc/malloc-find.c: Likewise.
* malloc/malloc-size.c: Likewise.
* malloc/malloc-walk.c: Likewise.
* malloc/memalign.c: Likewise.
* malloc/malloc.c: Likewise.
* sysdeps/i386/dl-machine.h: Correct clearing of _dl_starting_up.
Fri Sep 6 19:38:49 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/stub/libc-lock.h: Define __libc_lock_critical_start
and __libc_lock_critical_end as empty macros.
* malloc/malloc.h: Don't include <libc-lock.h> and don't declare
__libc_malloc_lock.
* malloc/free.c: Include <libc-lock.h>.
* malloc/malloc-find.c: Likewise.
* malloc/malloc-size.c: Likewise.
* malloc/malloc-walk.c: Likewise.
* malloc/malloc.c: Likewise.
* malloc/memalign.c: Likewise.
* malloc/realloc.c: Likewise.
* Makefile: Undo change from Mon Sep 2 22:15:14 1996. No more
extra_solibs pass.
* Rules: Likewise.
* extra-lib.mk: Likewise.
* manual/Makefile: Likewise.
* db/Makefile (makedb): Choose dependecies based on build-shared.
Patch by Andres Schwab.
* sysdeps/posix/sysconf.c: Don't use PTHREAD_DESTRUCTOR_ITERATIONS
but _POSIX_THREAD_DESTRUCTOR_ITERATIONS.
* sysdeps/unix/sysv/linux/errnos.h: New file.
* sysdeps/unix/sysv/linux/schedbits.h: New file.
* sysdeps/unix/sysv/linux/waitflags.h: New file.
* sysdeps/unix/sysv/linux/gnu/types.h: Add definition of `key_t'.
Fri Sep 6 08:26:31 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* rpm/template: Fix typo in %build section.
Fri Sep 6 03:31:07 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/unix/sysv/linux/errnos.h: Don't define errno macro when
building libc without thread support.
* resolv/netdb.h: Likewise for h_errno macro.
Thu Sep 5 23:01:48 1996 Ulrich Drepper <drepper@cygnus.com>
* libc-symbols.h: Add new macro weak_const_function. It's like
weak_function, but the function is additionally marked as const.
* features.h: Only include <sys/cdefs.h> if !__ASSEMBLER__.
Thu Sep 5 22:55:49 1996 Richard Henderson <rth@tamu.edu>
* inet/herrno.c (__h_errno_location): New function.
(h_errno): Make strong_alias __h_errno so that we can access
the variable even if `h_errno' is a macro.
* resolv/netdb.h: Define macro h_errno to access thread specific
version of h_errno variable. Declare alias __h_errno for h_errno.
* resolv/res_query (h_errno): Remove definition.
* sysdeps/unix/sysv/linux/errnos.h [!__ASSEMBLER__ && __USE_REENTRANT]:
Add macro `errno' to get thread specific variable.
* sysdeps/unix/alpha/sysdep.S [_LIBC_REENTRANT]: Set errno using
__errno_location function.
(__errno_location): New function.
Thu Sep 5 21:08:44 1996 Ulrich Drepper <drepper@cygnus.com>
* posix/gnu/types.h: Remove definition of key_t.
* sysdeps/generic/gnu/types.h: Move it to here.
* sysdeps/unix/sysv/linux/gnu/types.h: Add Linux specific
definition of key_t.
* sysdeps/unix/sysv/linux/waitflags.h: New file. Linux specific
definitions.
* sysdeps/unix/sysv/linux/schedbits.h: New file. Include
clone prototypes and associated flags.
Thu Sep 5 08:58:47 1996 Richard Henderson <rth@tamu.edu>
* sysdeps/alpha/elf/start.S: Make _start global again.
hertz.
here.
Wed Sep 4 16:16:13 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/mach/hurd/send.c (__send): De-ANSI-fy.
* sysdeps/mach/hurd/sendto.c (sendto): Likewise.
1996-09-07 04:10:57 +00:00
|
|
|
|
Set behavior of sprintf-like functions with overlapping source and destination
According to ISO C99, passing the same buffer as source and destination
to sprintf, snprintf, vsprintf, or vsnprintf has undefined behavior.
Until the commit
commit 4e2f43f842ef5e253cc23383645adbaa03cedb86
Author: Zack Weinberg <zackw@panix.com>
Date: Wed Mar 7 14:32:03 2018 -0500
Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
a call to sprintf or vsprintf with overlapping buffers, for instance
vsprintf (buf, "%sTEXT", buf), would append `TEXT' into buf, while a
call to snprintf or vsnprintf would override the contents of buf.
After the aforementioned commit, the behavior of sprintf and vsprintf
changed (so that they also override the contents of buf).
This patch reverts this behavioral change, because it will likely break
applications that rely on the previous behavior, even though it is
undefined by ISO C. As noted by Szabolcs Nagy, this is used in SPEC2017
507.cactuBSSN_r/src/PUGH/PughUtils.c:
sprintf(mess," Size:");
for (i=0;i<dim+1;i++)
{
sprintf(mess,"%s %d",mess,pughGH->GFExtras[dim]->nsize[i]);
}
More important to notice is the fact that the overwriting of the
destination buffer is not the only behavior affected by the refactoring.
Before the refactoring, sprintf and vsprintf would use _IO_str_jumps,
whereas __sprintf_chk and __vsprintf_chk would use _IO_str_chk_jumps.
After the refactoring, all use _IO_str_chk_jumps, which would make
sprintf and vsprintf report buffer overflows and terminate the program.
This patch also reverts this behavior, by installing the appropriate
jump table for each *sprintf functions.
Apart from reverting the changes, this patch adds a test case that has
the old behavior hardcoded, so that regressions are noticed if something
else unintentionally changes the behavior.
Tested for powerpc64le.
2018-12-19 20:01:14 +00:00
|
|
|
/* When called from fortified sprintf/vsprintf, erase the destination
|
|
|
|
|
buffer and try to detect overflows. When called from regular
|
|
|
|
|
sprintf/vsprintf, do not erase the destination buffer, because
|
|
|
|
|
known user code relies on this behavior (even though its undefined
|
|
|
|
|
by ISO C), nor try to detect overflows. */
|
|
|
|
|
if ((mode_flags & PRINTF_CHK) != 0)
|
|
|
|
|
{
|
|
|
|
|
string[0] = '\0';
|
2023-01-25 07:01:00 +00:00
|
|
|
/* In some cases, __sprintf_chk is called with an unknown buffer
|
|
|
|
|
size (the special value -1). Prevent pointer wraparound in
|
|
|
|
|
this case and saturate to the end of the address space. */
|
|
|
|
|
uintptr_t end;
|
|
|
|
|
if (__builtin_add_overflow ((uintptr_t) string, maxlen, &end))
|
|
|
|
|
end = -1;
|
|
|
|
|
__printf_buffer_init_end (&buf, string, (char *) end,
|
2022-12-19 17:56:55 +00:00
|
|
|
__printf_buffer_mode_sprintf_chk);
|
Set behavior of sprintf-like functions with overlapping source and destination
According to ISO C99, passing the same buffer as source and destination
to sprintf, snprintf, vsprintf, or vsnprintf has undefined behavior.
Until the commit
commit 4e2f43f842ef5e253cc23383645adbaa03cedb86
Author: Zack Weinberg <zackw@panix.com>
Date: Wed Mar 7 14:32:03 2018 -0500
Use PRINTF_FORTIFY instead of _IO_FLAGS2_FORTIFY (bug 11319)
a call to sprintf or vsprintf with overlapping buffers, for instance
vsprintf (buf, "%sTEXT", buf), would append `TEXT' into buf, while a
call to snprintf or vsnprintf would override the contents of buf.
After the aforementioned commit, the behavior of sprintf and vsprintf
changed (so that they also override the contents of buf).
This patch reverts this behavioral change, because it will likely break
applications that rely on the previous behavior, even though it is
undefined by ISO C. As noted by Szabolcs Nagy, this is used in SPEC2017
507.cactuBSSN_r/src/PUGH/PughUtils.c:
sprintf(mess," Size:");
for (i=0;i<dim+1;i++)
{
sprintf(mess,"%s %d",mess,pughGH->GFExtras[dim]->nsize[i]);
}
More important to notice is the fact that the overwriting of the
destination buffer is not the only behavior affected by the refactoring.
Before the refactoring, sprintf and vsprintf would use _IO_str_jumps,
whereas __sprintf_chk and __vsprintf_chk would use _IO_str_chk_jumps.
After the refactoring, all use _IO_str_chk_jumps, which would make
sprintf and vsprintf report buffer overflows and terminate the program.
This patch also reverts this behavior, by installing the appropriate
jump table for each *sprintf functions.
Apart from reverting the changes, this patch adds a test case that has
the old behavior hardcoded, so that regressions are noticed if something
else unintentionally changes the behavior.
Tested for powerpc64le.
2018-12-19 20:01:14 +00:00
|
|
|
}
|
|
|
|
|
else
|
2023-01-25 07:01:00 +00:00
|
|
|
/* Use end of address space. */
|
|
|
|
|
__printf_buffer_init_end (&buf, string, (char *) ~(uintptr_t) 0,
|
|
|
|
|
__printf_buffer_mode_sprintf);
|
2022-12-19 17:56:55 +00:00
|
|
|
|
|
|
|
|
__printf_buffer (&buf, format, args, mode_flags);
|
2018-03-07 19:32:03 +00:00
|
|
|
|
2022-12-19 17:56:55 +00:00
|
|
|
/* Write the NUL terminator if there is room. Do not use the putc
|
|
|
|
|
operation to avoid overflowing the character write count. */
|
|
|
|
|
if ((mode_flags & PRINTF_CHK) != 0 && buf.write_ptr == buf.write_end)
|
|
|
|
|
__chk_fail ();
|
|
|
|
|
*buf.write_ptr = '\0';
|
2018-03-07 19:32:03 +00:00
|
|
|
|
2022-12-19 17:56:55 +00:00
|
|
|
return __printf_buffer_done (&buf);
|
Sat Nov 18 16:46:01 1995 Ulrich Drepper <drepper@gnu.ai.mit.edu>
* libio/Makefile, libio/cleanup.c, libio/clearerr.c, libio/feof.c,
libio/ferror.c, libio/fgetc.c, libio/filedoalloc.c, libio/fileno.c,
libio/fileops.c, libio/fputc.c, libio/freopen.c, libio/fseek.c,
libio/genops.c, libio/getc.c, libio/getchar.c, libio/iofclose.c,
libio/iofdopen.c, libio/iofflush.c, libio/iofgetpos.c, libio/iofgets.c,
libio/iofopen.c, libio/iofprintf.c, libio/iofputs.c, libio/iofread.c,
libio/iofscanf.c, libio/iofsetpos.c, libio/ioftell.c, libio/iofwrite.c,
libio/iogetdelim.c, libio/iogetline.c, libio/iogets.c, libio/iolibio.h,
libio/iopadn.c, libio/ioprims.c, libio/ioputs.c, libio/ioseekoff.c,
libio/ioseekpos.c, libio/iosetbuffer.c, libio/iosetvbuf.c,
libio/iosprintf.c, libio/ioungetc.c, libio/iovsprintf.c,
libio/iovsscanf.c, libio/libio.h, libio/libioP.h, libio/putc.c,
libio/putchar.c, libio/rewind.c, libio/setbuf.c, libio/setlinebuf.c,
libio/stdfiles.c, libio/stdio.c, libio/stdio.h, libio/strfile.h,
libio/strops.c, libio/vasprintf.c, libio/vscanf.c, libio/vsnprintf.c:
New files. Slightly modified version from Linux libc.
* libio/memstream.c, libio/vdprintf.c: New files for functions not
(yet) part of GNU libio.
* libio/iofopncook.c: Implementation of `fopencookie', mainly written
by Per Bothner.
* stdio-common/getline.c: Adapted to libio.
* stdio-common/snprintf.c: Adapted to libio.
* stdio-common/vfprintf.c: Adapted to libio.
* stdio-common/vfscanf.c: Adapted to libio.
* sysdeps/posix/tempname.c: Adapted to libio.
1995-11-20 03:48:11 +00:00
|
|
|
}
|
|
|
|
|
|
Add __v*printf_internal with flags arguments
There are a lot more printf variants than there are scanf variants,
and the code for setting up and tearing down their custom FILE
variants around the call to __vf(w)printf is more complicated and
variable. Therefore, I have added _internal versions of all the
v*printf variants, rather than introducing helper routines so that
they can all directly call __vf(w)printf_internal, as was done with
scanf.
As with the scanf changes, in this patch the _internal functions still
look at the environmental mode bits and all callers pass 0 for the
flags parameter.
Several of the affected public functions had _IO_ name aliases that
were not exported (but, in one case, appeared in libio.h anyway);
I was originally planning to leave them as aliases to avoid having
to touch internal callers, but it turns out ldbl_*_alias only work
for exported symbols, so they've all been removed instead. It also
turns out there were hardly any internal callers. _IO_vsprintf and
_IO_vfprintf *are* exported, so those two stick around.
Summary for the changes to each of the affected symbols:
_IO_vfprintf, _IO_vsprintf:
All internal calls removed, thus the internal declarations, as well
as uses of libc_hidden_proto and libc_hidden_def, were also removed.
The external symbol is now exposed via uses of ldbl_strong_alias
to __vfprintf_internal and __vsprintf_internal, respectively.
_IO_vasprintf, _IO_vdprintf, _IO_vsnprintf,
_IO_vfwprintf, _IO_vswprintf,
_IO_obstack_vprintf, _IO_obstack_printf:
All internal calls removed, thus declaration in internal headers
were also removed. They were never exported, so there are no
aliases tying them to the internal functions. I.e.: entirely gone.
__vsnprintf:
Internal calls were always preceded by macros such as
#define __vsnprintf _IO_vsnprintf, and
#define __vsnprintf vsnprintf
The macros were removed and their uses replaced with calls to the
new internal function __vsnprintf_internal. Since there were no
internal calls, the internal declaration was also removed. The
external symbol is preserved with ldbl_weak_alias to ___vsnprintf.
__vfwprintf:
All internal calls converted into calls to __vfwprintf_internal,
thus the internal declaration was removed. The function is now a
wrapper that calls __vfwprintf_internal. The external symbol is
preserved.
__vswprintf:
Similarly, but no external symbol.
__vasprintf, __vdprintf, __vfprintf, __vsprintf:
New internal wrappers. Not exported.
vasprintf, vdprintf, vfprintf, vsprintf, vsnprintf,
vfwprintf, vswprintf,
obstack_vprintf, obstack_printf:
These functions used to be aliases to the respective _IO_* function,
they are now aliases to their respective __* functions.
Tested for powerpc and powerpc64le.
2018-03-07 19:32:01 +00:00
|
|
|
int
|
|
|
|
|
__vsprintf (char *string, const char *format, va_list args)
|
|
|
|
|
{
|
2018-03-07 19:32:03 +00:00
|
|
|
return __vsprintf_internal (string, -1, format, args, 0);
|
Add __v*printf_internal with flags arguments
There are a lot more printf variants than there are scanf variants,
and the code for setting up and tearing down their custom FILE
variants around the call to __vf(w)printf is more complicated and
variable. Therefore, I have added _internal versions of all the
v*printf variants, rather than introducing helper routines so that
they can all directly call __vf(w)printf_internal, as was done with
scanf.
As with the scanf changes, in this patch the _internal functions still
look at the environmental mode bits and all callers pass 0 for the
flags parameter.
Several of the affected public functions had _IO_ name aliases that
were not exported (but, in one case, appeared in libio.h anyway);
I was originally planning to leave them as aliases to avoid having
to touch internal callers, but it turns out ldbl_*_alias only work
for exported symbols, so they've all been removed instead. It also
turns out there were hardly any internal callers. _IO_vsprintf and
_IO_vfprintf *are* exported, so those two stick around.
Summary for the changes to each of the affected symbols:
_IO_vfprintf, _IO_vsprintf:
All internal calls removed, thus the internal declarations, as well
as uses of libc_hidden_proto and libc_hidden_def, were also removed.
The external symbol is now exposed via uses of ldbl_strong_alias
to __vfprintf_internal and __vsprintf_internal, respectively.
_IO_vasprintf, _IO_vdprintf, _IO_vsnprintf,
_IO_vfwprintf, _IO_vswprintf,
_IO_obstack_vprintf, _IO_obstack_printf:
All internal calls removed, thus declaration in internal headers
were also removed. They were never exported, so there are no
aliases tying them to the internal functions. I.e.: entirely gone.
__vsnprintf:
Internal calls were always preceded by macros such as
#define __vsnprintf _IO_vsnprintf, and
#define __vsnprintf vsnprintf
The macros were removed and their uses replaced with calls to the
new internal function __vsnprintf_internal. Since there were no
internal calls, the internal declaration was also removed. The
external symbol is preserved with ldbl_weak_alias to ___vsnprintf.
__vfwprintf:
All internal calls converted into calls to __vfwprintf_internal,
thus the internal declaration was removed. The function is now a
wrapper that calls __vfwprintf_internal. The external symbol is
preserved.
__vswprintf:
Similarly, but no external symbol.
__vasprintf, __vdprintf, __vfprintf, __vsprintf:
New internal wrappers. Not exported.
vasprintf, vdprintf, vfprintf, vsprintf, vsnprintf,
vfwprintf, vswprintf,
obstack_vprintf, obstack_printf:
These functions used to be aliases to the respective _IO_* function,
they are now aliases to their respective __* functions.
Tested for powerpc and powerpc64le.
2018-03-07 19:32:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ldbl_strong_alias (__vsprintf, _IO_vsprintf)
|
|
|
|
|
ldbl_weak_alias (__vsprintf, vsprintf)
|
