src/lib/libc/stdio, branch stable/13 FreeBSD source tree fgets.3: document gets_s() __STDC_WANT_LIB_EXT1__ 2024-12-27T15:49:31+00:00 Graham Percival gperciva@tarsnap.com 2024-10-06T22:57:45+00:00 7c4be554f72adb4bc008aa71c269801c10012d77 This matches the man page for qsort_s(). PR: 281828 Signed-off-by: Graham Percival <gperciva@tarsnap.com> Sponsored by: Tarsnap Backup Inc. (cherry picked from commit d0a3fd34a05794bc5cbf48709001a78e9f85169a) 
This matches the man page for qsort_s().

PR:		281828
Signed-off-by:	Graham Percival <gperciva@tarsnap.com>
Sponsored by:	Tarsnap Backup Inc.

(cherry picked from commit d0a3fd34a05794bc5cbf48709001a78e9f85169a)
libc: fix access mode tests in fmemopen(3) 2024-10-29T19:12:17+00:00 Ed Maste emaste@FreeBSD.org 2024-10-23T13:41:51+00:00 2b9e6e090a13ecba890fc4ad318a46ed23e25bad Previously a stream opened as read-only could be written to. Add a test case for the fix. Also correct another incorrect access mode check that worked by accident, and improve the tests for that. PR: 281953 Reported by: Erkki Moorits, fuz Reviewed by: fuz, khng (earlier) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47265 (cherry picked from commit 0953460ce149e6f384aafbcb1e6213dfbf8f6a16) (cherry picked from commit 6b9f7133aba44189d9625c352bc2c2a59baf18ef) (cherry picked from commit 4fbd6e0e3ca8e69d2d3789ecda6e4dd76c34e06a) 
Previously a stream opened as read-only could be written to.  Add a test
case for the fix.

Also correct another incorrect access mode check that worked by
accident, and improve the tests for that.

PR:		281953
Reported by:	Erkki Moorits, fuz
Reviewed by:	fuz, khng (earlier)
Sponsored by:	The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D47265

(cherry picked from commit 0953460ce149e6f384aafbcb1e6213dfbf8f6a16)
(cherry picked from commit 6b9f7133aba44189d9625c352bc2c2a59baf18ef)
(cherry picked from commit 4fbd6e0e3ca8e69d2d3789ecda6e4dd76c34e06a)
printf(): Save errno earlier. 2024-10-06T09:17:14+00:00 Dag-Erling Smørgrav des@FreeBSD.org 2024-09-20T16:30:30+00:00 3053d32194fa74809235b71c0889b11a6a5f316c The manual page says %m is replaced with “the string representation of the error code stored in the errno variable at the beginning of the call”. However, we don't actually save `errno` until fairly late in `__vfprintf()`. Make sure it is saved before we do anything that might perturb `errno`. MFC after: 1 week Reviewed by: kevans Differential Revision: https://reviews.freebsd.org/D46718 (cherry picked from commit 74f1007fcc838501c74a633792c3f01833bf65e1) 
The manual page says %m is replaced with “the string representation of
the error code stored in the errno variable at the beginning of the
call”.  However, we don't actually save `errno` until fairly late in
`__vfprintf()`.  Make sure it is saved before we do anything that
might perturb `errno`.

MFC after:	1 week
Reviewed by:	kevans
Differential Revision:	https://reviews.freebsd.org/D46718

(cherry picked from commit 74f1007fcc838501c74a633792c3f01833bf65e1)
libc printf_render_errno(): do not use strerror() 2024-04-30T00:49:53+00:00 Konstantin Belousov kib@FreeBSD.org 2024-04-23T17:15:22+00:00 f0e8600d71e0a39480bdad08b6237c6d20ab1ae2 (cherry picked from commit aa66995b4c804cbb579f71645d97fe282a798bfc) 
(cherry picked from commit aa66995b4c804cbb579f71645d97fe282a798bfc)
libc: minor style, wrap long lines 2024-04-30T00:49:53+00:00 Konstantin Belousov kib@FreeBSD.org 2024-04-23T17:14:34+00:00 fcac864ee14bfd6f332678974e574bb766d97796 (cherry picked from commit bac9d7e8f2931149815c3d5a9ab69594bbdffde6) 
(cherry picked from commit bac9d7e8f2931149815c3d5a9ab69594bbdffde6)
__vprintf(): switch from strerror() to strerror_rl() 2024-04-30T00:49:53+00:00 Konstantin Belousov kib@FreeBSD.org 2024-04-23T17:10:30+00:00 27e54c9f162879fcbf6f1d9dc221b98c8180f012 PR: 278556 (cherry picked from commit f887667694632c829b0599b54ff86a072e93df87) 
PR:	278556

(cherry picked from commit f887667694632c829b0599b54ff86a072e93df87)
fflush: correct buffer handling in __sflush 2023-11-07T18:41:55+00:00 Ed Maste emaste@FreeBSD.org 2023-11-07T14:16:13+00:00 0b7939d725ba0ca903c5f8a3ca6d74347eb88690 Two additional stdio changes followed 86a16ada1ea6 and need to be reverted as part of the fflush fix. This reverts commit 6e13794fbe6e82c21365d0fd66769bf8b19c0197. This reverts commit bafaa70b6f9098d83d074968c8e6747ecec1e118. Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush") Reviewed by: markj Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D42491 (cherry picked from commit 4e0e01bf6511c28212d7dff94fe131a502e13026) (cherry picked from commit d2c65a1c948648f11342274029a3f18b90aa58d2) Approved by: so 
Two additional stdio changes followed 86a16ada1ea6 and need to be
reverted as part of the fflush fix.

This reverts commit 6e13794fbe6e82c21365d0fd66769bf8b19c0197.
This reverts commit bafaa70b6f9098d83d074968c8e6747ecec1e118.

Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush")
Reviewed by: markj
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D42491

(cherry picked from commit 4e0e01bf6511c28212d7dff94fe131a502e13026)
(cherry picked from commit d2c65a1c948648f11342274029a3f18b90aa58d2)

Approved by:	so
libc: remove unused errno.h include 2023-11-07T18:41:49+00:00 Ed Maste emaste@FreeBSD.org 2023-11-07T15:00:35+00:00 59ec3ffdd7ce85f32ea833e8024f7bacd36d4e97 errno.h was added in 44cf1e5eb470, which has been reverted. Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush") Sponsored by: The FreeBSD Foundation (cherry picked from commit 418f026bd5a5084c1c4e2e91ad38051f6caa928c) (cherry picked from commit abe12d2f4ce31c3da0961b1b0a58df11f5a41e19) Approved by: so 
errno.h was added in 44cf1e5eb470, which has been reverted.

Fixes: d09a3bf72c0b ("fflush: correct buffer handling in __sflush")
Sponsored by: The FreeBSD Foundation

(cherry picked from commit 418f026bd5a5084c1c4e2e91ad38051f6caa928c)
(cherry picked from commit abe12d2f4ce31c3da0961b1b0a58df11f5a41e19)

Approved by:	so
fflush: correct buffer handling in __sflush 2023-11-07T13:39:48+00:00 Dag-Erling Smørgrav des@FreeBSD.org 2023-08-03T15:13:45+00:00 6cb5690b3495741e9ece6f42ba4a85732932aa83 This fixes CVE-2014-8611 correctly. The commit that purported to fix CVE-2014-8611 (805288c2f062) only hid it behind another bug. Two later commits, 86a16ada1ea6 and 44cf1e5eb470, attempted to address this new bug but mostly just confused the issue. This commit rolls back the three previous changes and fixes CVE-2014-8611 correctly. The key to understanding the bug (and the fix) is that `_w` has different meanings for different stream modes. If the stream is unbuffered, it is always zero. If the stream is fully buffered, it is the amount of space remaining in the buffer (equal to the buffer size when the buffer is empty and zero when the buffer is full). If the stream is line-buffered, it is a negative number reflecting the amount of data in the buffer (zero when the buffer is empty and negative buffer size when the buffer is full). At the heart of `fflush()`, we call the stream's write function in a loop, where `t` represents the return value from the last call and `n` the amount of data that remains to be written. When the write function fails, we need to move the unwritten data to the top of the buffer (unless nothing was written) and adjust `_p` (which points to the next free location in the buffer) and `_w` accordingly. These variables have already been set to the values they should have after a successful flush, so instead of adjusting them down to reflect what was written, we're adjusting them up to reflect what remains. The bug was that while `_p` was always adjusted, we only adjusted `_w` if the stream was fully buffered. The fix is to also adjust `_w` for line-buffered streams. Everything else is just noise. Fixes: 805288c2f062 Fixes: 86a16ada1ea6 Fixes: 44cf1e5eb470 Sponsored by: Klara, Inc. (cherry picked from commit d09a3bf72c0b5f1779c52269671872368c99f02a) (cherry picked from commit 92709431b14df6c0687446247ac57cfc189ee827) Approved by: so 
This fixes CVE-2014-8611 correctly.

The commit that purported to fix CVE-2014-8611 (805288c2f062) only hid
it behind another bug.  Two later commits, 86a16ada1ea6 and
44cf1e5eb470, attempted to address this new bug but mostly just confused
the issue.  This commit rolls back the three previous changes and fixes
CVE-2014-8611 correctly.

The key to understanding the bug (and the fix) is that `_w` has
different meanings for different stream modes.  If the stream is
unbuffered, it is always zero.  If the stream is fully buffered, it is
the amount of space remaining in the buffer (equal to the buffer size
when the buffer is empty and zero when the buffer is full).  If the
stream is line-buffered, it is a negative number reflecting the amount
of data in the buffer (zero when the buffer is empty and negative buffer
size when the buffer is full).

At the heart of `fflush()`, we call the stream's write function in a
loop, where `t` represents the return value from the last call and `n`
the amount of data that remains to be written.  When the write function
fails, we need to move the unwritten data to the top of the buffer
(unless nothing was written) and adjust `_p` (which points to the next
free location in the buffer) and `_w` accordingly.  These variables have
already been set to the values they should have after a successful
flush, so instead of adjusting them down to reflect what was written,
we're adjusting them up to reflect what remains.

The bug was that while `_p` was always adjusted, we only adjusted `_w`
if the stream was fully buffered.  The fix is to also adjust `_w` for
line-buffered streams.  Everything else is just noise.

Fixes: 805288c2f062
Fixes: 86a16ada1ea6
Fixes: 44cf1e5eb470
Sponsored by:	Klara, Inc.

(cherry picked from commit d09a3bf72c0b5f1779c52269671872368c99f02a)
(cherry picked from commit 92709431b14df6c0687446247ac57cfc189ee827)

Approved by:	so
fflush: Split a temporary variable in two. 2023-11-06T14:43:41+00:00 Dag-Erling Smørgrav des@FreeBSD.org 2023-08-03T15:08:03+00:00 ccdd8337f9cbd7d34e2e95df1440dd5f7225d0b4 It is clearer to avoid reusing temporary variables for different purposes. Sponsored by: Klara, Inc. (cherry picked from commit 1f90b4edffe815aebb35e74b79e10593b31f6b75) (cherry picked from commit 1e99535be2ea9c0ef8bc57fc885e9c01fa95d2dd) 
It is clearer to avoid reusing temporary variables for different
purposes.

Sponsored by:	Klara, Inc.

(cherry picked from commit 1f90b4edffe815aebb35e74b79e10593b31f6b75)
(cherry picked from commit 1e99535be2ea9c0ef8bc57fc885e9c01fa95d2dd)