Joan Bruguera ca0faa140f misc: Fix rare fortify crash on wchar funcs. [BZ 29030] ... If `__glibc_objsize (__o) == (size_t) -1` (i.e. `__o` is unknown size), fortify checks should pass, and `__whatever_alias` should be called. Previously, `__glibc_objsize (__o) == (size_t) -1` was explicitly checked, but on commit a643f60c53, this was moved into `__glibc_safe_or_unknown_len`. A comment says the -1 case should work as: "The -1 check is redundant because since it implies that __glibc_safe_len_cond is true.". But this fails when: * `__s > 1` * `__osz == -1` (i.e. unknown size at compile time) * `__l` is big enough * `__l * __s <= __osz` can be folded to a constant (I only found this to be true for `mbsrtowcs` and other functions in wchar2.h) In this case `__l * __s <= __osz` is false, and `__whatever_chk_warn` will be called by `__glibc_fortify` or `__glibc_fortify_n` and crash the program. This commit adds the explicit `__osz == -1` check again. moc crashes on startup due to this, see: https://bugs.archlinux.org/task/74041 Minimal test case (test.c): #include <wchar.h> int main (void) { const char *hw = "HelloWorld"; mbsrtowcs (NULL, &hw, (size_t)-1, NULL); return 0; } Build with: gcc -O2 -Wp,-D_FORTIFY_SOURCE=2 test.c -o test && ./test Output: *** buffer overflow detected ***: terminated Fixes: BZ #29030 Signed-off-by: Joan Bruguera <joanbrugueram@gmail.com> Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org> (cherry picked from commit 33e03f9cd2)		2022-04-25 18:44:27 +05:30
..
asprintf_chk.c
backtrace-tst.c
backtrace.c
backtracesyms.c
backtracesymsfd.c
catchsegv.sh
chk_fail.c
confstr_chk.c
Depend
dprintf_chk.c
execinfo.h
explicit_bzero_chk.c
fdelt_chk.c
fgets_chk.c
fgets_u_chk.c
fgetws_chk.c
fgetws_u_chk.c
fortify_fail.c
fprintf_chk.c
fread_chk.c
fread_u_chk.c
fwprintf_chk.c
getcwd_chk.c
getdomainname_chk.c
getgroups_chk.c
gethostname_chk.c
gets_chk.c
getwd_chk.c
longjmp_chk.c
Makefile	debug: Synchronize feature guards in fortified functions [BZ #28746]	2022-03-11 20:36:24 +05:30
mbsnrtowcs_chk.c
mbsrtowcs_chk.c
mbstowcs_chk.c
memcpy_chk.c
memmove_chk.c
mempcpy_chk.c
memset_chk.c
noophooks.c
obprintf_chk.c
pcprofile.c
pcprofiledump.c
poll_chk.c
ppoll_chk.c
pread64_chk.c
pread_chk.c
printf_chk.c
read_chk.c
readlink_chk.c
readlinkat_chk.c
readonly-area.c
realpath_chk.c
recv_chk.c
recvfrom_chk.c
segfault.c
snprintf_chk.c
sprintf_chk.c
stack_chk_fail_local.c
stack_chk_fail.c
stpcpy_chk.c
stpncpy_chk.c
strcat_chk.c
strcpy_chk.c
strncat_chk.c
strncpy_chk.c
swprintf_chk.c
test-stpcpy_chk.c
test-strcpy_chk.c
tst-backtrace2.c
tst-backtrace3.c
tst-backtrace4.c
tst-backtrace5.c
tst-backtrace6.c
tst-backtrace.h
tst-fortify.c	misc: Fix rare fortify crash on wchar funcs. [BZ 29030]	2022-04-25 18:44:27 +05:30
tst-longjmp_chk2.c
tst-longjmp_chk3.c
tst-longjmp_chk.c
tst-realpath-chk.c	fortify: Fix spurious warning with realpath	2022-03-11 20:36:24 +05:30
tst-ssp-1.c
ttyname_r_chk.c
vasprintf_chk.c
vdprintf_chk.c
Versions
vfprintf_chk.c
vfwprintf_chk.c
vobprintf_chk.c
vprintf_chk.c
vsnprintf_chk.c
vsprintf_chk.c
vswprintf_chk.c
vwprintf_chk.c
wcpcpy_chk.c
wcpncpy_chk.c
wcrtomb_chk.c
wcscat_chk.c
wcscpy_chk.c
wcsncat_chk.c
wcsncpy_chk.c
wcsnrtombs_chk.c
wcsrtombs_chk.c
wcstombs_chk.c
wctomb_chk.c
wmemcpy_chk.c
wmemmove_chk.c
wmempcpy_chk.c
wmemset_chk.c
wprintf_chk.c
xtrace.sh	Remove all usage of @BASH@ or ${BASH} in installed files, and hardcode /bin/bash instead	2021-05-12 07:47:11 +05:30