__libc_argv[0] points to address on stack and __libc_secure_getenv
accesses environment variables which are on stack. We should avoid
accessing stack when stack is corrupted.
This patch also renames function argument in __fortify_fail_abort
from do_backtrace to need_backtrace to avoid confusion with do_backtrace
from enum __libc_message_action.
[BZ #21752]
* debug/fortify_fail.c (__fortify_fail_abort): Don't pass down
__libc_argv[0] if we aren't doing backtrace. Rename do_backtrace
to need_backtrace.
* sysdeps/posix/libc_fatal.c (__libc_message): Don't call
__libc_secure_getenv if we aren't doing backtrace.
__stack_chk_fail is called on corrupted stack. Stack backtrace is very
unreliable against corrupted stack. __libc_message is changed to accept
enum __libc_message_action and call BEFORE_ABORT only if action includes
do_backtrace. __fortify_fail_abort is added to avoid backtrace from
__stack_chk_fail.
[BZ #12189]
* debug/Makefile (CFLAGS-tst-ssp-1.c): New.
(tests): Add tst-ssp-1 if -fstack-protector works.
* debug/fortify_fail.c: Include <stdbool.h>.
(_fortify_fail_abort): New function.
(__fortify_fail): Call _fortify_fail_abort.
(__fortify_fail_abort): Add a hidden definition.
* debug/stack_chk_fail.c: Include <stdbool.h>.
(__stack_chk_fail): Call __fortify_fail_abort, instead of
__fortify_fail.
* debug/tst-ssp-1.c: New file.
* include/stdio.h (__libc_message_action): New enum.
(__libc_message): Replace int with enum __libc_message_action.
(__fortify_fail_abort): New hidden prototype.
* malloc/malloc.c (malloc_printerr): Update __libc_message calls.
* sysdeps/posix/libc_fatal.c (__libc_message): Replace int
with enum __libc_message_action. Call BEFORE_ABORT only if
action includes do_backtrace.
(__libc_fatal): Update __libc_message call.
* rt/Makefile (headers): Add bits/mqueue2.h.
* rt/mqueue.h: Include bits/mqueue2.h if -D_FORTIFY_SOURCE=2,
optimizing with GCC and __va_arg_pack_len is defined.
* rt/bits/mqueue2.h: New file.
* rt/mq_open.c (__mq_open): Renamed from mq_open.
(mq_open): New strong_alias.
(__mq_open_2): New function.
* sysdeps/unix/sysv/linux/mq_open.c (__mq_open): Renamed from mq_open.
(mq_open): New strong_alias.
(__mq_open_2): New function.
* debug/Versions (libc): Export __fortify_fail@@GLIBC_PRIVATE.
* Versions.def (librt): Add GLIBC_2.7 version.
* debug/fortify_fail.c (__fortify_fail): Add libc_hidden_def.
* include/stdio.h (__fortify_fail): Add libc_hidden_proto.
* misc/sys/cdefs.h (__errordecl, __va_arg_pack_len): Define.
* io/fcntl.h: Include bits/fcntl2.h when __va_arg_pack_len
is defined rather than when not C++.
* io/bits/fcntl2.h (__open_alias, __open64_alias, __openat_alias,
__openat64_alias): New redirects.
(__open_too_many_args, __open_missing_mode, __open64_too_many_args,
__open64_missing_mode, __openat_too_many_args, __openat_missing_mode,
__openat64_too_many_args, __openat64_missing_mode): New __errordecls.
(open, open64, openat, openat64): Rewrite as __extern_always_inline
functions instead of function-like macros.
