Global asm statements (like .symver directives) do not work reliably
in gcc with link time optimization. Use the symver attribute introduced
with gcc-10 to set symbol versions instead, if available.
[guillem@hadrons.org:
- Simplify by using __has_attribute fallback from <sys/cdefs.h>.
- Coding style changes. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
Switch from the previous versioned symbol implementation which required
users to also link against the message digest provider explicitly, or
they would fail to find the symbols, to an implementation that loads
the symbols from the linked library providing the functions using
dlsym(), thus preserving backwards compatibility.
Using various variables means we have to keep these in sync in various
places. Just use a single variable that we can use anywhere where this
is needed.
More important if close_range() is going to be used, since casting
negative values to 'unsigned int' might hide the errors.
[guillem@hadrons.org: Minor coding style fix. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
Take most of the changes done in sudo, but preserve the existing local
changes and refactoring.
In addition, refactor pstat implementation into closefrom_pstat(), so
that the code is easier to read, and requires no conditional
declarations.
This splits the implementation responsibilities, and reduces embedded
code copies, which was one of the driving points with this project to
start with, so it's nice to give a good example.
[guillem@hadrons.org:
- Remove .exe extension from default program name.
- Call reallocarray() once by switching to a «do {} while» loop.
- Minor coding style fixes. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
Add recallocarray(), introduced in OpenBSD 6.1, and freezero(),
introduced in OpenBSD 6.2. The former is imported as-is from OpenBSD,
while the latter is the non-malloc-internal branch of the same code (and
also the OpenSSH portable variant).
Both of these originated in OpenBSD, but have also been implemented by
IllumOS, cf. https://www.illumos.org/issues/8546
Documentation for these functions is in malloc(3) upstream, the relevant
parts of which were previously imported in reallocarray(3bsd). Update
reallocarray(3bsd) with the changes that were introduced since, and add
the relevant bits for recallocarray() and freezero(), plus aliases.
[guillem@hadrons.org: Update copyright in COPYING. ]
Closes: !10
Signed-off-by: Guillem Jover <guillem@hadrons.org>
The Intel compiler does not define __amd64__ on x86_64 platforms;
instead, like other compilers, it defines __x86_64__ .
Closes: !8
Signed-off-by: Guillem Jover <guillem@hadrons.org>
Some systems such as Windows or musl-libc based ones do not have these
BSD extensions. In addition libbsd itself is making use of the warnx()
functions, so we better provide these interfaces in case they are
missing.
Do not depend on the system vwarn() and verr() functions to implement
the *c() variants, as the system might actually lack any of the <err.h>
BSD extensions.
This is a Russian 64-bit LE VLIW architecture named Elbrus
(formerly Elbrus 2000).
[guillem@hadrons.org:
- Place the entry in alphabetical order. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
When doing a string comparison for a symbol name from the string table,
we should make sure we do a bounded comparison, otherwise a non-NUL
terminated string might make the code read out-of-bounds.
Warned-by: coverity
There are a couple of malloc() calls with unbounded size arguments,
coming from the parsed file. We need to make sure the size is not
larger than the file being parsed, otherwise we might end up with
out of memory conditions.
Reported-by: Daniel Hodson <daniel@elttam.com.au>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
We should check for partial reads, and not continue in those cases,
as we are not retrying them, otherwise we might end up operating on
uninitialized data.
Reported-by: Daniel Hodson <daniel@elttam.com.au>
Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
The sh_link members should be >= e_shnum, otherwise we might do out of
bounds read accesses on the shdr array.
Reported-by: Daniel Hodson <daniel@elttam.com.au>
Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
The e_shnum must not be 0, otherwise we will do a zero sized allocation
and further processing of the executable will lead to out of bounds
read/write accesses. The e_shentsize must be equal to sizeof(Elf_Shdr),
otherwise we will perform out of bounds read accesses on the shdr array.
Reported-by: Daniel Hodson <daniel@elttam.com.au>
Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
These warnings are not helpful for libbsd.
[guillem@hadrons.org:
- Rename WINDOWS conditional to OS_WINDOWS.
- Add a nil terminator to the AM_CPPFLAGS. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
The .symver directive is ELF-specific. On non-ELF platforms, work around
this with __attribute__((__alias__)) for the default symbol, and ignore
the variant versioned symbols.
Based-on-patch-by: Aaron Dierking <aarond@fb.com>
Signed-off-by: Guillem Jover <guillem@hadrons.org>
This is a glibc-specific symbol that has no public declaration. But is
being used by the OpenBSD and this implementation as a hack to avoid
having to link against the pthread library. This interface is at least
included in LSB 5.0 [L], and using pthread_atfork() is otherwise
problematic anyway [P].
[L] <https://refspecs.linuxfoundation.org/LSB_5.0.0/LSB-Core-generic/LSB-Core-generic/baselib---register-atfork.html>
[P] <http://austingroupbugs.net/view.php?id=851>
One problem is that we were using it whenever __GLIBC__ is defined,
which is supposed to be defined only on an actual glibc, but uClibc
defines that macro, but it does not provide the symbol on its noMMU
variant.
We add a new configure check that will try to link a program that uses
that symbol to make sure it is present.
Closes: !2
Reported-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Clang's __GNUC__ and __GNUC_MINOR__ definitions are not reliable and may
not be defined at all when targeting the MSVC ABI. Use feature-checking
macros when possible or check for __clang__.
[guillem@hadrons.org: Update for __ protected keyword change. ]
Signed-off-by: Guillem Jover <guillem@hadrons.org>
This fixes a regression caused by 2d7de18. These types are not available
on all systems.
Fixes: commit 2d7de186e9cb19a756c0630ee85cb3f2d29b3484
Signed-off-by: Guillem Jover <guillem@hadrons.org>
The loop only executes while len > 0, and the trinary operator in the
function argument is checking against len >= 1 which will always be
true.
Warned-by: coverity
