aboutsummaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)AuthorFilesLines
2024-07-05syslog: revert LOG_FAC/LOG_FACMASK changesHEADmasterRich Felker1-1/+1
commit 895736d49bd2bb318c69de99a05ea70c035c2da9 made these changes along with fixing a real bug in LOG_MAKEPRI. based on further information, they do not seem to be well-motivated or in line with policy. the result of LOG_FAC is not a meaningful facility value if we shift it down like before, but apparently the way it is used by applications is as an index into an array of facility names. moreover, all historical systems which define it do so with the shift. as it is a nonstandard interface, there is no justification for providing a macro by the same name that is incompatible with historical practice. the value of LOG_FACMASK likewise is 0x3f8 on all historical systems checked. while only 5 bits are used for existing facility codes, the convention seems to be that all 7 bits belong to the facility field and theoretically could be used to expand to having more facilities. that seems unlikely to happen, but there is no reason to make a gratuitously incompatible change here.
2024-06-23siglongjmp: document why this function just calls longjmpRich Felker1-0/+5
2024-06-22inet_ntop: fix the IPv6 leading zero sequence compressionJakub Stasiak1-1/+6
Per RFC 5952, ties for longest sequence of zero fields must be broken by choosing the earliest, but the implementation put the leading sequence of zeros at a disadvantage. That's because for example when compressing "0:0:0:10:0:0:0:10" the strspn(buf+i, ":0") call returns 6 for the first sequence and 7 for the second one – the second sequence has the benefit of a leading colon. Changing the condition to require beating the leading sequence by not one but two characters resolves the issue.
2024-06-21getusershell: skip blank lines and commentsRich Felker1-2/+4
this interface does not have a lot of historical consensus on how it handles the contents of the /etc/shells file in regard to whitespace and comments, but the commonality between all checked is that they ignore lines that are blank or that begin with '#', so that is the behavior we adopt.
2024-06-13syslog: fix incorrect LOG_MAKEPRI and LOG_FAC[MASK] macrosRich Felker1-1/+1
these are nonstandard and unnecessary for using the associated functionality, but resulted in applications that used them malfunctioning. patch based on proposed fix by erny hombre.
2024-05-23add renameat2 linux syscall wrapperTony Ambardar1-0/+11
This syscall is available since Linux 3.15 and also implemented in glibc from version 2.28. It is commonly used in filesystem or security contexts. Constants RENAME_NOREPLACE, RENAME_EXCHANGE, RENAME_WHITEOUT are guarded by _GNU_SOURCE as with glibc.
2024-05-12fix mismatched type in posix_getdents definitionRich Felker1-1/+1
commit 1b0d48517f816e98f19111df82f32bfc1608ecec wrongly copied the getdents return type of int rather than matching the ssize_t used by posix_getdents. this was overlooked in testing on 32-bit archs but obviously broke 64-bit archs.
2024-05-08implement posix_getdents adopted for next issue of POSIXRich Felker1-0/+11
this interface was added as the outcome of Austin Group tracker issue 697. no error is specified for unsupported flags, which is probably an oversight. for now, EOPNOTSUPP is used so as not to overload EINVAL.
2024-05-06strptime: implement conversion specifiers adopted for next POSIX issueRich Felker1-1/+65
the %s conversion is added as the outcome of Austin Group tracker issue 169 and its unspecified behavior is clarified as the outcome of issue 1727. the %F, %g, %G, %u, %V, %z, and %Z conversions are added as the outcome of Austin Group tracker issue 879 for alignment with strftime and the behaviors of %u, %z, and %Z are defined as the outcome of issue 1727. at this time, the conversions with unspecified effects on struct tm are all left as parse-only no-ops. this may be changed at a later time, particularly for %s, if there is reasonable cross-implementation consensus outside the standards process on what the behavior should be.
2024-05-06printf decimal integer formatting: shave off one divisionRich Felker1-1/+2
once the remaining value is less than 10, the modulo operation to produce the final digit and division to prepare for next loop iteration can be dropped. this may be a meaningful performance distinction when formatting low-magnitude numbers in bulk, and should never hurt. based on patch by Viktor Reznov.
2024-04-13initgroups: do not artificially limit number of supplementary groupsRich Felker1-4/+22
historically linux limited the number of supplementary groups a process could be in to 32, but this limit was raised to 65536 in linux 2.6.4. proposals to support the new limit, change NGROUPS_MAX, or make it dynamic have been stalled due to the impact it would have on initgroups where the groups array exists in automatic storage. the changes here decouple initgroups from the value of NGROUPS_MAX and allow it to fall back to allocating a buffer in the case where getgrouplist indicates the user has more supplementary groups than could be reported in the buffer. getgrouplist already involves allocation, so this does not pull in any new link dependency. likewise, getgrouplist is already using the public malloc (vs internal libc one), so initgroups does the same. if this turns out not to be the best choice, both can be changed together later. the initial buffer size is left at 32, but now as the literal value, so that any potential future change to NGROUPS_MAX will not affect initgroups.
2024-04-12printf: fix edge case where hex float precision was not honoredRich Felker1-9/+2
commit cfa0a54c082d41db6446638eed1d57f163434092 attempted to fix rounding on archs where long double is not 80-bit (where LDBL_MANT_DIG is not zero mod four), but failed to address the edge case where rounding was skipped because LDBL_MANT_DIG/4 rounded down in the comparison against the requested precision. the rounding logic based on hex digit count is difficult to understand and not well-motivated, so rather than try to fix it, replace it with an explicit calculation in terms of number of bits to be kept, without any truncating division operations. based on patch by Peter Ammon, but with scalbn to apply the rounding exponent since the value will not generally fit in any integer type. scalbn is used instead of scalbnl to avoid pulling in the latter unnecessarily, since the value is an exact power of two whose exponent range is bounded by LDBL_MANT_DIG, a small integer.
2024-03-14complex: fix comment in cacoshSzabolcs Nagy1-1/+1
The principal expressions defining acosh and acos are such that acosh(z) = ±i acos(z) where the + is only true on the Im(z)>0 half of the complex plane (and partly on Im(z)==0 depending on number representation). fix the comment without expanding on the details.
2024-03-14math: fix fma(x,y,0) when x*y rounds to -0Szabolcs Nagy1-1/+1
if x!=0, y!=0, z==0 then fma(x,y,z) == x*y in all rounding modes, while adding z can ruin the sign of 0 if x*y rounds to -0.
2024-03-14fix pwrite/pwritev handling of O_APPEND filesRich Felker2-1/+20
POSIX requires pwrite to honor the explicit file offset where the write should take place even if the file was opened as O_APPEND. however, linux historically defined the pwrite syscall family as honoring O_APPEND. this cannot be changed on the kernel side due to stability policy, but the addition of the pwritev2 syscall with a flags argument opened the door to fixing it, and linux commit 73fa7547c70b32cc69685f79be31135797734eb6 adds the RWF_NOAPPEND flag that lets us request a write honoring the file offset argument. this patch changes the pwrite function to first attempt using the pwritev2 syscall with RWF_NOAPPEND, falling back to using the old pwrite syscall only after checking that O_APPEND is not set for the open file. if O_APPEND is set, the operation fails with EOPNOTSUPP, reflecting that the kernel does not support the correct behavior. this is an extended error case needed to avoid the wrong behavior that happened before (writing the data at the wrong location), and is aligned with the spirit of the POSIX requirement that "An attempt to perform a pwrite() on a file that is incapable of seeking shall result in an error." since the pwritev2 syscall interprets the offset of -1 as a request to write at the current file offset, it is mapped to a different negative value that will produce the expected error. pwritev, though not governed by POSIX at this time, is adjusted to match pwrite in honoring the offset.
2024-03-02iconv: fix missing bounds checking for shift_jis decodingRich Felker1-0/+1
the jis0208 table we use is only 84x94 in size, but the shift_jis encoding supports a 94x94 grid. attempts to convert sequences outside of the supported zone resulted in out-of-bounds table reads, misinterpreting adjacent rodata as part of the character table and thereby converting these sequences to unexpected characters.
2024-03-02add missing inline keyword on default a_barrier definitionRich Felker1-1/+1
this is not needed, but may act as a hint to the compiler, and also serves to suppress unused function warnings if enabled (on by default since commit 86ac0f794731f03dfff40ee843ff9e2752945d5e).
2024-03-01iconv: add aliases for GBKRich Felker1-1/+1
these are taken from the IANA registry, restricted to those that match the forms already used for other supported character encodings.
2024-03-01iconv: add euro symbol to GBK as single byte 0x80Rich Felker1-0/+4
this is how it's defined in the cp936 document referenced by the IANA charset registry as defining GBK, and of the mappings defined there, was the only one missing. it is not accepted for GB18030, as GB18030 is a UTF and has its own unique mapping for the euro symbol.
2024-02-29iconv: add cp932 as an alias for shift_jisRich Felker1-1/+1
2024-02-29riscv32: add thread supportStefan O'Rear4-0/+76
Identical to riscv64 except for stack offsets in clone.
2024-02-29riscv32: add setjmp/longjmp and sigreturnStefan O'Rear4-0/+114
Largely copied from riscv64 but required recalculation of offsets.
2024-02-29riscv32: add dlsymStefan O'Rear1-0/+6
Identical to riscv64.
2024-02-29riscv32: add fenv and mathStefan O'Rear14-0/+239
These are identical to riscv64.
2024-02-29getnameinfo: fix calling __dns_parse with potentially too large rlenAlexey Izbyshev1-1/+3
__res_send returns the full answer length even if it didn't fit the buffer, but __dns_parse expects the length of the filled part of the buffer. This is analogous to commit 77327ed064bd57b0e1865cd0e0364057ff4a53b4, which fixed the only other __dns_parse call site.
2024-02-29posix_spawn: fix child spinning on write to a broken pipeAlexey Izbyshev1-1/+6
A child process created by posix_spawn reports errors to its parent via a pipe, retrying infinitely on any write error to prevent falsely reporting success. If the (original) parent dies before write is attempted, there is nobody to report to, but the child will remain stuck in the write loop forever if SIGPIPE is blocked or ignored. Fix this by not retrying write if it fails with EPIPE.
2024-02-26loongarch64 __clone: align stack pointer mod 16wanghongliang1-0/+1
According to LoongArch ABI Specs, stack need to be 16 align to improve performance and compiler layout of stack frames.
2024-02-25riscv: fall back to syscall __riscv_flush_icacheStefan O'Rear1-0/+1
Matches glibc behavior and fixes a case where we could fall off the function without returning a value.
2024-02-25sh dlsym: fix passing of return address for RTLD_NEXT useRich Felker1-1/+1
this code dates back to the original commit of the sh port, with no real clue as to how the bug was introduced. it looks like it was written to assume the return address was pushed to the stack like on x86, rather than arriving in the pr special register.
2024-02-24add statx interface using syscall, fallback to fstatatDuncan Bellamy1-0/+42
2024-02-22use new SYS_fchmodat2 syscall to implement fchmodat with flagsGaël PORTAY1-1/+4
commit 0dc4824479e357a3e23a02d35527e23fca920343 worked around for lack of flags argument in syscall for fchmodat. linux 6.6 introduced a new syscall, SYS_fchmodat2, fixing this deficiency. use it if any flags are passed, and fallback to the old strategy on ENOSYS. continue using the old syscall when there are no flags. this is the exact same strategy used when SYS_faccessat2 was used to implement faccessat with flags.
2024-02-22remove flag argument from fchmodat syscallGaël PORTAY1-1/+1
linux's does not have the flag argument for fchmodat syscall.
2024-02-22add framework to support archs without a native wait4 syscallRich Felker6-4/+71
this commit should make no codegen change for existing archs, but is a prerequisite for new archs including riscv32. the wait4 emulation backend provides both cancellable and non-cancellable variants because waitpid is required to be a cancellation point, but all of our other uses are not, and most of them cannot be. based on patch by Stefan O'Rear.
2024-02-17sh: fix sigsetjmp corrupting call-saved register r8Rich Felker1-1/+1
due to incorrect base address register when attempting to reload the saved value of r8, the caller's value of r8 was not preserved.
2024-02-16add loongarch64 portHongliang Wang10-0/+257
Author: Xiaojuan Zhai <zhaixiaojuan@loongson.cn> Author: Meidan Li <limeidan@loongson.cn> Author: Guoqi Chen <chenguoqi@loongson.cn> Author: Xiaolin Zhao <zhaoxiaolin@loongson.cn> Author: Fan peng <fanpeng@loongson.cn> Author: Jiantao Shan <shanjiantao@loongson.cn> Author: Xuhui Qiang <qiangxuhui@loongson.cn> Author: Jingyun Hua <huajingyun@loongson.cn> Author: Liu xue <liuxue@loongson.cn> Author: Hongliang Wang <wanghongliang@loongson.cn>
2024-02-16strftime: fix breakage in last change (uninitialized pointer access)Rich Felker1-1/+6
commit f47a5d400b8ffa26cfc5b345dbff52fec94ac7f3 overlooked that strtoul was responsible for setting p to a const-laundered copy of the format string pointer f, even in the case where there was no number to parse. by making the call conditional on isdigit, that copy was lost. the logic here is a mess and should be cleaned up, but for now, this seems to be the least invasive change that undoes the breakage.
2024-02-07syslog: use C locale for timestamp generationRich Felker1-1/+2
depending on contents of the LC_TIME locale, log messages could be malformatted (especially if the ABMON strings contain non-alphabetic characters) or the subsequent code could invoke undefined behavior, via passing a timebuf[] with unspecified contents to snprintf, if the translated ABMON string did not fit in the 16-byte timebuf. this does not appear to be a security-relevant bug, as locale loading functionality is intentionally not available to set*id programs -- the MUSL_LOCPATH environment variable is ignored when libc.secure is true, and custom locales are not loadable without it.
2024-02-03riscv: add TLSDESC supportRich Felker1-0/+32
2024-02-03sqrtl: fix invalid use of a non-constant-expression as static initializerRich Felker1-2/+2
having these constants be static was unnecessary, so just remove the static. this error should have been caught by compilers, but recent versions of both gcc and clang accept these as "other forms of constant expressions" which the C standard allows.
2024-02-03riscv: correct symbol version of __vdso_flush_icachegns1-1/+1
Previously, __riscv_flush_icache would not work correctly as __vdso_flush_icache had a wrong symbol version. Fix this by correcting symbol version. Fixes: 0a48860c27a8 ("add riscv64 architecture support")
2024-01-25add preadv2 and pwritev2 syscall wrappers, flag value macrosRich Felker2-0/+34
2024-01-21expose ppoll in default feature profileRich Felker1-1/+1
the ppoll function has been accepted as a future part of the standard as the outcome of Austin Group tracker issue 1263. at some point it should be exposed unconditionally, but for now, expose it in the default feature profile.
2024-01-21move ppoll from src/linux to src/select reflecting future standardizationRich Felker1-0/+0
the ppoll function has been accepted as a future part of the standard as the outcome of Austin Group tracker issue 1263. move the source file to reflect this.
2024-01-17remove INT_MAX limit on the n argument to snprintf/swprintfRich Felker2-8/+0
this was a POSIX requirement that was always in conflict with ISO C, which specified a well-defined behavior for snprintf and swprintf so long as the actual number of bytes/characters produced did not exceed INT_MAX. I originally raised this conflict for snprintf with the Austin Group as tracker issue 761, which was never resolved. it was later reported again as issue 1219, and as a result the conflicting requirement has been removed. the corresponding issue with swprintf does not seem to have been addressed, but as the same reasoning applies to it, I am removing the limitation on n for swprintf as well.
2023-11-21strftime: don't attempt to parse field width without seeing a digitRich Felker1-1/+2
strtoul will consume leading whitespace or sign characters, which are not valid in this context, thereby accepting invalid field specifiers. so, avoid calling it unless there is a number to parse as the width.
2023-11-16mntent: fields are delimited only by tabs or spaces, not general whitespaceRich Felker1-1/+1
this matters because the kernel-provided mtab only escapes tabs, spaces, newlines, and backslashes. it leaves carriage returns, form feeds, and vertical tabs literal.
2023-11-16mntent: unescape octal sequencesq661-4/+40
As entries in mtab are delimited by spaces, whitespace characters are escaped as octal sequences. When reading them out, we have to unescape these sequences to get the proper string.
2023-11-06ldso: convert TLSDESC_BACKWARDS from "#ifdef" to "if" logicRich Felker1-0/+4
this style is preferred because it allows the code to be compile-checked even on archs where it is not used.
2023-11-06byte-based printf family: emit a nul byte for %lc with argument zeroRich Felker1-0/+2
this is contrary to the spec as written, which requires %lc to behave as if it were %ls on a 2-wchar_t buffer containing the argument and zero. however, apparently no other implementations conform to the spec as written, and in response to Austin Group issue #1647, WG14 chose to align with existing practice and have %lc produce output for this case.
2023-11-06remove arbitrary limit from dns result parsingQuentin Rameau1-1/+0
The name resolution would abort when getting more than 63 records per request, due to what seems to be a left-over from the original code. This check was non-breaking but spurious prior to TCP fallback support, since any 512-byte packet with more than 63 records was necessarily malformed. But now, it wrongly rejects valid results. Reported by Daniel Stefanik in Alpine Linux aports issue 15320.