Age | Commit message (Collapse) | Author |
|
Building with GCC 7 produces an error building rpcgen:
rpc_parse.c: In function 'get_prog_declaration':
rpc_parse.c:543:25: error: may write a terminating nul past the end of the destination [-Werror=format-length=]
sprintf (name, "%s%d", ARGNAME, num); /* default name of argument */
~~~~^
rpc_parse.c:543:5: note: format output between 5 and 14 bytes into a destination of size 10
sprintf (name, "%s%d", ARGNAME, num); /* default name of argument */
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
That buffer overrun is for the case where the .x file declares a
program with a million arguments. The strcpy two lines above can
generate a buffer overrun much more simply for a long argument name.
The limit on length of line read by rpcgen (MAXLINESIZE == 1024)
provides a bound on the buffer size needed, so this patch just changes
the buffer size to MAXLINESIZE to avoid both possible buffer
overruns. A testcase is added that rpcgen does not crash with a
500-character argument name, where it previously crashed.
It would not at all surprise me if there are many other ways of
crashing rpcgen with either valid or invalid input; fuzz testing would
likely find various such bugs, though I don't think they are that
important to fix (rpcgen is not that likely to be used with untrusted
.x files as input). (As well as fuzz-findable bugs there are probably
also issues when various int variables get overflowed on very large
input.) The test infrastructure for rpcgen-not-crashing tests would
need extending if tests are to be added for cases where rpcgen should
produce an error, as opposed to cases where it should succeed.
Tested for x86_64 and x86.
[BZ #20790]
* sunrpc/rpc_parse.c (get_prog_declaration): Increase buffer size
to MAXLINESIZE.
* sunrpc/bug20790.x: New file.
* sunrpc/Makefile [$(run-built-tests) = yes] (rpcgen-tests): New
variable.
[$(run-built-tests) = yes] (tests-special): Add $(rpcgen-tests).
[$(run-built-tests) = yes] ($(rpcgen-tests)): New rule.
|
|
According to email from Wim Coekaerts.
|
|
license."
This reverts commit ab09b221594f12d90a63d29cbf5488d91f39d3f3.
The lawyers now say the copy in glibc isn't contained in the
agreement.
|
|
|
|
into a macro. Use preprocessor to decide how to initialize
attempts [Coverity CID 67].
* io/fts.c (fts_build): Comment out dead code [Coverity CID 68].
* sunrpc/rpc_parse.c (def_union): Comment out dead code
[Coverity CID 70].
* locale/programs/linereader.c (lr_token): Remove duplicate
handling of EOF [Coverity CID 71].
* locale/programs/ld-numeric.c (numeric_read) [case tok_grouping]:
We bail out early if ignore_content is set, so there is no need to
check it later again [Coverity CID 72].
* inet/inet6_option.c (inet6_option_find): Check *tptrp for NULL,
not tptrp [Coverity CID 73].
* inet/inet6_option.c (inet6_option_next): Check *tptrp for NULL,
not tptrp [Coverity CID 74].
* misc/tsearch.c (__tsearch): Don't rotate tree if memory
allocation failed [Coverity CID 78].
|
|
invalid length [Coverity CID 106].
* nss/nss_files/files-key.c (search): Close stream before
successful return [Coverity CID 107].
* io/fts.c (fts_open): Don't allocate parent if *argv==NULL
[Coverity CID 108].
* sunrpc/rpc_cout.c (inline_struct): Free sizestr after use
[Coverity CID 110, 109].
* sunrpc/rpc_scan.c (docppline): Free file string if it is not
going to be used [Coverity CID 111].
* sysdeps/unix/sysv/linux/getsourcefilter.c (getsourcefilter): Free
memory if socket level value cannot be retrieved [Coverity CID 112].
* nis/nis_clone_dir.c (nis_clone_directory): Free all memory in
error case [Coverity CID 114].
* nis/nis_clone_res.c (nis_clone_result): Free all memory in the
error cases [Coverity CID 115].
* sunrpc/rpc_parse.c (get_definition): Free defp if tok ==
TOK_EOF [Coverity CID 116].
* sysdeps/unix/sysv/linux/setsourcefilter.c (setsourcefilter): Free
memory if socket level value cannot be retrieved [Coverity CID 117].
* elf/cache.c (save_cache): Initialize pad to avoid writing
uninitialized data to disk.
* elf/cache.c (save_cache): Free file_entries_new [Coverity CID 118].
* intl/finddomain.c (_nl_find_domain): Avoid strdup of expand
locale name, use strdupa. Remove free call [Coverity CID 119].
* sunrpc/rpc_main.c (generate_guard): Avoid extra allocation and
the resulting leak [Coverity CID 121].
* sunrpc/rpc_main.c (mkfile_output): Free all allocated memory
[Coverity CID 122].
* sunrpc/rpc_main.c (h_output): Free guard after we are done
[Coverity CID 123].
* sunrpc/svc_udp.c (cache_set): Free victim if newbuf allocation
fails [Coverity CID 126].
* sunrpc/svc_udp.c (svcudp_enablecache): Free memory in error
cases [Coverity CID 127].
* nis/nis_table.c (__create_ib_request): Free ibreq in case strdup
fails [Coverity CID 128].
* nis/nis_getservlist.c (nis_getservlist): Free all memory in case
of an error [Coverity CID 130, 129].
* nis/nis_print_group_entry.c (nis_print_group_entry): If
nis_lookup call failed, return. Free lookup result in error
cases [Coverity CID 131].
* nis/nis_removemember.c (nis_removemember): Free all memory in
error cases [Coverity CID 132].
* nis/nss_nisplus/nisplus-alias.c (_nss_nisplus_getaliasbyname_r):
Always free lookup result [Coverity CID 134].
* nis/nss_nisplus/nisplus-ethers.c (_nss_nisplus_gethostton_r):
Always free lookup result [Coverity CID 135].
* nis/nss_nisplus/nisplus-ethers.c (_nss_nisplus_getntohost_r):
Always free lookup result [Coverity CID 136].
* nis/nss_nisplus/nisplus-network.c (_nss_nisplus_getnetbyaddr_r):
Before retrying, free old result [Coverity CID 137].
* nis/nss_nisplus/nisplus-publickey.c (_nss_nisplus_netname2user):
Free res in case UID is zero [Coverity CID 138].
* nis/ypclnt.c (yp_update): Always free master string
[Coverity CID 140].
* nis/nis_creategroup.c (nis_creategroup): Free all memory in
error cases [Coverity CID 143, 142, 141].
* nis/nss_nis/nis-publickey.c (_nss_nis_getpublickey): Free result
if yp_match call succeeded [Coverity CID 155].
* nis/nss_nis/nis-publickey.c (_nss_nis_getsecretkey): Free string
allocated in yp_match at all times [Coverity CID 157, 156].
* nscd/nscd.c (write_pid): Close stream also if writing failed
[Coverity CID 165].
* nis/nis_table.c (nis_add_entry): Move test for NULL parameter
ahead of first use [Coverity CID 167].
* nis/nss_nis/nis-alias.c (_nss_nis_getaliasbyname_r): Move test
for NULL parameter ahead of first use [Coverity CID 168].
* intl/finddomain.c (_nl_find_domain): We never return NULL if we
found the locale [Coverity CID 169].
* inet/getnameinfo.c (getnameinfo): __getservbyport_r does not set
herrno [Coverity CID 178].
* nis/nis_checkpoint.c (nis_checkpoint): Don't access and returned
freed object [Coverity CID 182].
|
|
2005-11-21 Ulrich Drepper <drepper@redhat.com>
* locales/se_NO: Remove RCS ID line.
|
|
|
|
|
|
2004-10-17 Ulrich Drepper <drepper@redhat.com>
* sunrpc/rpc_clntout.c: Avoid including rcsid into binary.
* sunrpc/rpc_cout.c: Likewise.
* sunrpc/rpc_hout.c: Likewise.
* sunrpc/rpc_main.c: Likewise.
* sunrpc/rpc_parse.c: Likewise.
* sunrpc/rpc_sample.c: Likewise.
* sunrpc/rpc_scan.c: Likewise.
* sunrpc/rpc_svcout.c: Likewise.
* sunrpc/rpc_tblout.c: Likewise.
* sunrpc/rpc_util.c: Likewise.
|
|
|
|
infinitely if typedef hyper int64_6 is seen. (unsigned_dec): Use "unsigned long long" for similar reasons.
|
|
2001-04-04 Ulrich Drepper <drepper@redhat.com>
* sysdeps/unix/sysv/linux/s390/s390-64/Dist: Add ucontext_i.h.
* sysdeps/unix/sysv/linux/s390/s390-32/Dist: Likewise.
2001-04-04 Martin Schwidefsky <schwidefsky@de.ibm.com>
* sysdeps/unix/sysv/linux/s390/s390-32/getcontext.S: New file.
* sysdeps/unix/sysv/linux/s390/s390-32/makecontext.c: New file.
* sysdeps/unix/sysv/linux/s390/s390-32/setcontext.S: New file.
* sysdeps/unix/sysv/linux/s390/s390-32/ucontext_i.h: New file.
* sysdeps/unix/sysv/linux/s390/s390-64/getcontext.S: New file.
* sysdeps/unix/sysv/linux/s390/s390-64/makecontext.c: New file.
* sysdeps/unix/sysv/linux/s390/s390-64/setcontext.S: New file.
* sysdeps/unix/sysv/linux/s390/s390-64/ucontext_i.h: New file.
* sysdeps/unix/sysv/linux/s390/swapcontext.c: New file.
* sunrpc/rpc_scan.c (symbols): Add entry for HYPER.
* sunrpc/rpc_scan.h (enum tok_kind): Add TOK_HYPER.
* sunrpc/rpc_parse.c (get_type): Handle TOK_HYPER.
(unsigned_dec): Likewise.
Patch by atai@jezebel.dreamhost.com.
|
|
1998-02-16 17:33 Ulrich Drepper <drepper@cygnus.com>
* elf/rtld.c (dl_main): Recognize --library-path parameter and
pass value (or NULL) to _dl_init_paths.
* elf/dl-load.c (_dl_init_paths): Change to take one parameter,
replacing local variable llp. If llp is NULL examine LD_LIBRARY_PATH
environment variable.
* elf/link.h: Change prototype for _dl_init_paths.
* elf/dl-support.c: Pass NULL in _dl_init_paths call.
* localedata/Makefile (distribute): Add test files.
1998-02-17 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* localedata/tests/{test1.cm, test2.cm, test3.cm, test4.cm,
test1.def, test2.def, test3.def, test4.def}: Simple input files
for localedef. Contributed by Yung-Ching Hsiao
<yhsiao@cae.wisc.edu>.
* localedata/Makefile (tests): Call tst-locale.sh.
* localedata/tst-locale.sh: New file, regression tests for some
localedef problems.
1998-02-15 Thorsten Kukuk <kukuk@vt.uni-paderborn.de>
* nis/nss_nisplus/nisplus-alias.c: Use __stpncpy.
* nis/nss_nisplus/nisplus-hosts.c: Make sure buffer is always NUL
terminated.
* nis/nss_nisplus/nisplus-network.c: Likewise.
* nis/nss_nisplus/nisplus-proto.c: Likewise.
* nis/nss_nisplus/nisplus-rpc.c: Likewise.
* nis/nss_nisplus/nisplus-service.c: Likewise.
Add more changes from TI-RPC 2.3 for rpcgen to fix include/C++ bug
and support generating thread safe RPC code.
* sunrpc/rpc_main.c: Add changes.
* sunrpc/rpc_clntout.c: Likewise.
* sunrpc/rpc_cout.c: Likewise.
* sunrpc/rpc_hout.c: Likewise.
* sunrpc/rpc_parse.c: Likewise.
* sunrpc/rpc_sample.c: Likewise.
* sunrpc/rpc_scan.c: Likewise.
* sunrpc/rpc_svcout.c: Likewise.
* sunrpc/rpc_util.c: Likewise.
* sunrpc/rpc_util.h: Add new structs and prototypes.
* sunrpc/proto.h: Remove prototypes for static functions.
1998-02-15 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* locale/programs/ld-messages.c (messages_finish): Don't skip
error checking when being quiet.
* locale/programs/ld-ctype.c (ctype_finish): Likewise.
(set_class_defaults): Likewise.
* locale/programs/charmap.c (parse_charmap): Likewise.
* locale/programs/ld-collate.c (collate_finish): Likewise.
* locale/programs/ld-monetary.c (monetary_finish): Likewise.
* locale/programs/ld-time.c (time_finish): Likewise.
* locale/programs/locfile.c (write_locale_data): Likewise.
* locale/programs/ld-ctype.c (ctype_class_to): Silently ignore
unknown characters and empty ranges.
* locale/programs/ld-collate.c (collate_order_elem): When
processing an ellipsis properly form a linked list in the result
table, fix typo when allocating ordering array.
[PR libc/419]
1998-02-13 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* elf/Makefile (ld-map): Define.
(rtld-ldscript): Define. Change all `$(objpfx)rtld-ldscript' to
`$(rtld-ldscript)'.
($(objpfx)ld.so): Combine the two versions of this rule. Depend
on $(ld-map).
(rtld-link): Combine the two versions of this definition. Fixed
to make it work when no symbol versioning is used.
1998-02-16 Ulrich Drepper <drepper@cygnus.com>
* Makeconfig (build-program-cmd): Use --library-path parameter to
ld.so instead of environment variable.
* sunrpc/Makefile (rpcgen-cmd): Don't use -$ parameter.
* sunrpc/rpc_main.c: Remove support for -$$ option again.
1998-02-16 Andreas Jaeger <aj@arthur.rhein-neckar.de>
* Make-dist: Respect with-cvs setting.
* MakeTAGS (all-pot): Likewise.
* sysdeps/sparc/sparc32/Makefile: Likewise.
* sysdeps/mach/hurd/Makefile: Likewise.
* stdlib/Makefile: Likewise.
* posix/Makefile: Likewise.
* intl/Makefile: Likewise.
* po/Makefile (linguas): Likewise
|
|
Thu Oct 17 01:55:34 1996 Ulrich Drepper <drepper@cygnus.com>
* sunrpc/Makefile ($(objpfx)rpcsvc/%.h, $(objpfx)x%.c): Write
output to $@T and move to $@ later since the new rpcgen will not
overwrite existing files.
* po/Makefile (libc.pot): Fix typo.
Sun Oct 13 20:52:07 1996 Thorsten Kukuk <kukuk@weber.uni-paderborn.de>
Update rpcgen program to TI-rpc code.
* sunrpc/Makefile (rpcgen-objs): Add rpc_tblout.o and rpc_sample.o.
(distribute): Add proto.h.
* sunrpc/proto.h: New file. Prototypes for all the RPC functions.
* sunrpc/rpc_clntout.c: Change to allow generation of ISO C code.
* sunrpc/rpc_cout.c: Likewise.
* sunrpc/rpc_hout.c: Likewise.
* sunrpc/rpc_main.c: Likewise.
* sunrpc/rpc_parse.c: Likewise.
* sunrpc/rpc_parse.h: Likewise.
* sunrpc/rpc_scan.c: Likewise.
* sunrpc/rpc_scan.h: Likewise.
* sunrpc/rpc_svcout.c: Likewise.
* sunrpc/rpc_util.c: Likewise.
* sunrpc/rpc_util.h: Likewise.
* sunrpc/rpc_tblout.c: New file.
* sunrpc/rpc_sample.c: Likewise.
Thu Oct 17 00:26:20 1996 NIIBE Yutaka <gniibe@mri.co.jp>
* sysdeps/unix/opendir.c: Add semicolon for consistency.
Wed Oct 16 12:26:53 1996 Sven Verdoolaege <skimo@breughel.ufsia.ac.be>
* locale/progams/localedef.c (main): Test with -1 to find out
whether read failed.
Wed Oct 16 14:54:59 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/unix/sysv/linux/i386/clone.S: Use JUMPTARGET and
PSEUDO_END macro.
Tue Oct 15 21:27:42 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* sysdeps/unix/sysv/linux/m68k/sigcontext.h: Removed.
Tue Oct 15 15:52:29 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* sysdeps/unix/sysv/linux/m68k/clone.S: Add CALL_MCOUNT.
* sysdeps/unix/sysv/linux/m68k/mmap.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/sigreturn.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/socket.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/sysdep.S (__errno_location):
Likewise.
* sysdeps/unix/sysv/linux/m68k/syscall.S: Likewise.
Correct generation of system call.
Tue Oct 15 15:13:16 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* Makerules (sysd-Makefile): Fix command so that it works in the
subdirectories.
(BUILD_CFLAGS): Change back using $(..) instead of
$(common-objpfx), the latter fails in the toplevel directory when
$(objdir) is relative.
(common-objdir-compile): Run compiler in $(objdir).
* sysdeps/posix/Makefile (mk-stdiolim): Likewise.
Tue Oct 15 23:39:48 1996 Ulrich Drepper <drepper@cygnus.com>
* string/string.h [__USE_SVID]: Add prototype for swab.
* time/sys/time.h [__USE_BSD]: Add prototype for ualarm.
Reported by Andreas Jaeger.
The available nlist implementation is not generally usable.
Especially on the currently supported ELF systems the nlist
function comes with the libelf.
* misc/Makefile (headers): Remove nlist.h.
(routines): Remove nlist.
* Makefile ($(objpfx)version-info.h): Include information about
system the libc is built on in version-info.h file.
* po/Makefile (distribute): Add header.pot.
Tue Oct 15 16:34:15 1996 Andreas Jaeger <aj@arthur.pfalz.de>
* sysdeps/unix/sysv/linux/sleep.c: Include file with prototype.
* sysdeps/unix/sysv/linux/reboot.c: Likewise.
* misc/error.c: Likewise.
Tue Oct 15 22:41:27 1996 Ulrich Drepper <drepper@cygnus.com>
* sysdeps/unix/sysv/linux/syscalls.list: Add {get,set}resuid.
Tue Oct 15 08:06:02 1996 Andreas Jaeger <aj@arthur.pfalz.de>
* crypt/Makefiel (rpath-link): Extend search path to current directory.
Fri Oct 11 09:18:06 1996 Sven Verdoolaege <skimo@breughel.ufsia.ac.be>
* sysdeps/i386/i586/strlen.S: Correct handling of prolog for
aligning pointer.
Tue Oct 15 02:13:21 1996 Ulrich Drepper <drepper@cygnus.com>
* stdio-common/vfprintf.c: Don't declare __flockfile as weak.
* crypt/md5-crypt.c (md5_crypt_r): Add cast to prevent warning.
Sun Oct 13 19:16:10 1996 Andreas Schwab <schwab@issan.informatik.uni-dortmund.de>
* sysdeps/unix/sysv/linux/m68k/sysdep.h (POUND): Macro removed,
replaced by `&'.
(PSEUDO_END): Provide definition to use .size directive.
(PSEUDO): Don't interpret negative return values less than -128 as
syscall error.
* sysdeps/unix/sysv/linux/m68k/syscall.S (syscall): Likewise.
* sysdeps/m68k/bsd-_setjmp.S: Use PSEUDO_END macro to provide
.size directive.
* sysdeps/m68k/bsd-setjmp.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/clone.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/mmap.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/sigreturn.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/socket.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/syscall.S: Likewise.
* sysdeps/unix/sysv/linux/m68k/sysdep.S: Use PSEUDO_END instead of
explicit .size directive.
* libio/iogets.c: Warn when gets is used.
cd * time/strptime.c: Recognize %s, %u, %g, and %G format.
|
|
* assert/assert-perr.c, assert/assert.c, inet/rcmd.c,
malloc/mcheck.c, malloc/vm-limit.c, posix/getconf.c, posix/id.c,
resolv/herror.c, sunrpc/auth_unix.c, sunrpc/clnt_perr.c,
sunrpc/clnt_raw.c, sunrpc/get_myaddr.c, sunrpc/pmap_clnt.c,
sunrpc/pmap_rmt.c, sunrpc/portmap.c, sunrpc/rpc_main.c,
sunrpc/rpc_parse.c, sunrpc/rpc_scan.c, sunrpc/rpc_util.c,
sunrpc/rpcinfo.c, sunrpc/svc_simple.c, sunrpc/svc_tcp.c,
sunrpc/svc_udp.c, time/zdump.c, time/zic.c: Mark translatable
strings.
Sat Nov 25 02:48:47 1995 Ulrich Drepper <drepper@gnu.ai.mit.edu>
* assert/assert-perr.c, assert/assert.c, inet/rcmd.c,
malloc/mcheck.c, malloc/vm-limit.c, posix/getconf.c, posix/id.c,
resolv/herror.c, sunrpc/auth_unix.c, sunrpc/clnt_perr.c,
sunrpc/clnt_raw.c, sunrpc/get_myaddr.c, sunrpc/pmap_clnt.c,
sunrpc/pmap_rmt.c, sunrpc/portmap.c, sunrpc/rpc_main.c,
sunrpc/rpc_parse.c, sunrpc/rpc_scan.c, sunrpc/rpc_util.c,
sunrpc/rpcinfo.c, sunrpc/svc_simple.c, sunrpc/svc_tcp.c,
sunrpc/svc_udp.c, time/zdump.c, time/zic.c: Mark translatable
strings.
|
|
|