|
These unmangled function pointers reside on the heap and could
be targeted by exploit writers, effectively bypassing libio vtable
validation. Instead, we ignore these pointers and always call
malloc or free.
In theory, this is a backwards-incompatible change, but using the
global heap instead of the user-supplied callback functions should
have little application impact. (The old libstdc++ implementation
exposed this functionality via a public, undocumented constructor
in its strstreambuf class.)
|
|
This patch mechanically removes all remaining uses, and the
definitions, of the following libio name aliases:
name replaced with
---- -------------
_IO_FILE FILE
_IO_fpos_t __fpos_t
_IO_fpos64_t __fpos64_t
_IO_size_t size_t
_IO_ssize_t ssize_t or __ssize_t
_IO_off_t off_t
_IO_off64_t off64_t
_IO_pid_t pid_t
_IO_uid_t uid_t
_IO_wint_t wint_t
_IO_va_list va_list or __gnuc_va_list
_IO_BUFSIZ BUFSIZ
_IO_cookie_io_functions_t cookie_io_functions_t
__io_read_fn cookie_read_function_t
__io_write_fn cookie_write_function_t
__io_seek_fn cookie_seek_function_t
__io_close_fn cookie_close_function_t
I used __fpos_t and __fpos64_t instead of fpos_t and fpos64_t because
the definitions of fpos_t and fpos64_t depend on the largefile mode.
I used __ssize_t and __gnuc_va_list in a handful of headers where
namespace cleanliness might be relevant even though they're
internal-use-only. In all other cases, I used the public-namespace
name.
There are a tiny handful of places where I left a use of 'struct _IO_FILE'
alone, because it was being used together with 'struct _IO_FILE_plus'
or 'struct _IO_FILE_complete' in the same arithmetic expression.
Because this patch was almost entirely done with search and replace, I
may have introduced indentation botches. I did proofread the diff,
but I may have missed something.
The ChangeLog below calls out all of the places where this was not a
pure search-and-replace change.
Installed stripped libraries and executables are unchanged by this patch,
except that some assertions in vfscanf.c change line numbers.
* libio/libio.h (_IO_FILE): Delete; all uses changed to FILE.
(_IO_fpos_t): Delete; all uses changed to __fpos_t.
(_IO_fpos64_t): Delete; all uses changed to __fpos64_t.
(_IO_size_t): Delete; all uses changed to size_t.
(_IO_ssize_t): Delete; all uses changed to ssize_t or __ssize_t.
(_IO_off_t): Delete; all uses changed to off_t.
(_IO_off64_t): Delete; all uses changed to off64_t.
(_IO_pid_t): Delete; all uses changed to pid_t.
(_IO_uid_t): Delete; all uses changed to uid_t.
(_IO_wint_t): Delete; all uses changed to wint_t.
(_IO_va_list): Delete; all uses changed to va_list or __gnuc_va_list.
(_IO_BUFSIZ): Delete; all uses changed to BUFSIZ.
(_IO_cookie_io_functions_t): Delete; all uses changed to
cookie_io_functions_t.
(__io_read_fn): Delete; all uses changed to cookie_read_function_t.
(__io_write_fn): Delete; all uses changed to cookie_write_function_t.
(__io_seek_fn): Delete; all uses changed to cookie_seek_function_t.
(__io_close_fn): Delete: all uses changed to cookie_close_function_t.
* libio/iofopncook.c: Remove unnecessary forward declarations.
* libio/iolibio.h: Correct outdated commentary.
* malloc/malloc.c (__malloc_stats): Remove unnecessary casts.
* stdio-common/fxprintf.c (__fxprintf_nocancel):
Remove unnecessary casts.
* stdio-common/getline.c: Use _IO_getdelim directly.
Don't redefine ssize_t.
* stdio-common/printf_fp.c, stdio_common/printf_fphex.c
* stdio-common/printf_size.c: Don't redefine size_t or FILE.
Remove outdated comments.
* stdio-common/vfscanf.c: Don't redefine va_list.
|
|
__obstack_printf_chk): New prototypes.
(__vasprintf_chk, __vdprintf_chk,
__obstack_vprintf_chk): Likewise.
Add libc_hidden_proto.
* libio/obprintf.c
(_IO_obstack_jumps): No longer static, add attribute_hidden.
* libio/bits/stdio-ldbl.h (__asprintf_chk, __dprintf_chk,
__obstack_printf_chk, __vasprintf_chk, __vdprintf_chk,
__obstack_vprintf_chk): Add __LDBL_REDIR_DECL.
* libio/bits/stdio2.h (__asprintf_chk, __dprintf_chk,
__obstack_printf_chk, __vasprintf_chk, __vdprintf_chk,
__obstack_vprintf_chk): New prototypes.
(asprintf, __asprintf, dprintf, obstack_printf, vasprintf, vdprintf,
obstack_vprintf): New inlines.
* debug/dprintf_chk.c: New file.
* debug/vdprintf_chk.c: New file.
* debug/asprintf_chk.c: New file.
* debug/vasprintf_chk.c: New file.
* debug/obprintf_chk.c: New file.
* debug/tst-chk1.c (do_test): Add asprintf and obstack_printf tests.
* debug/Versions (__asprintf_chk, __dprintf_chk, __obstack_printf_chk,
__vasprintf_chk, __vdprintf_chk, __obstack_vprintf_chk): Export
@@GLIBC_2.8.
* debug/Makefile: Build asprintf_chk, vasprintf_chk, dprintf_chk,
vdprintf_chk and obprintf_chk, set CFLAGS for them.
* sysdeps/ieee754/ldbl-opt/nldbl-compat.c (__nldbl___vasprintf_chk,
__nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): Add
libc_hidden_proto.
* sysdeps/ieee754/ldbl-opt/nldbl-compat.h (__nldbl___vasprintf_chk,
__nldbl___vdprintf_chk, __nldbl___obstack_vprintf_chk): New prototypes.
* sysdeps/ieee754/ldbl-opt/Versions (__nldbl___asprintf_chk,
__nldbl___vasprintf_chk, __nldbl___dprintf_chk, __nldbl___vdprintf_chk,
__nldbl___obstack_printf_chk, __nldbl___obstack_vprintf_chk): Export
@@GLIBC_2.8.
* sysdeps/ieee754/ldbl-opt/Makefile (libnldbl-calls): Add asprintf_chk,
vasprintf_chk, dprintf_chk, vdprintf_chk, obstack_printf_chk and
obstack_vprintf_chk.
* sysdeps/ieee754/ldbl-opt/nldbl-obstack_vprintf_chk.c: New file.
* sysdeps/ieee754/ldbl-opt/nldbl-dprintf_chk.c: New file.
* sysdeps/ieee754/ldbl-opt/nldbl-obstack_printf_chk.c: New file.
* sysdeps/ieee754/ldbl-opt/nldbl-asprintf_chk.c: New file.
* sysdeps/ieee754/ldbl-opt/nldbl-vdprintf_chk.c: New file.
* sysdeps/ieee754/ldbl-opt/nldbl-vasprintf_chk.c: New file.
|
