This fixes a bug I inadvertently introduced to Gnulib when I
merged glibc glob back into gnulib on 2007-10-16. This fix is
inspired by a patch proposed for glibc by Adhemerval Zanella in:
https://sourceware.org/ml/libc-alpha/2017-08/msg00446.html
* doc/posix-functions/glob.texi: Update list of affected platforms.
* lib/glob.c (__lstat64): New macro.
(is_dir): New function.
(glob, glob_in_dir): Match symlinks even if they are dangling.
(link_stat, link_exists_p): Remove. All uses removed.
* lib/glob.in.h (__attribute_noinline__): Remove; no longer used.
* m4/glob.m4 (gl_PREREQ_GLOB): Do not check for fstatat.
* modules/glob (Depends-on): Remove dirfd.
* modules/glob-tests (Depends-on): Add symlink.
* tests/test-glob.c: Include errno.h, unistd.h.
(BASE): New macro.
(main): Test dangling symlinks, if symlinks are supported.
* m4/futimens.m4 (gl_FUNC_FUTIMENS):
* m4/utimensat.m4 (gl_FUNC_UTIMENSAT):
* tests/test-fdutimensat.c (main):
* tests/test-futimens.h (test_futimens):
* tests/test-lutimens.h (test_lutimens):
* tests/test-utimens.h (test_utimens):
* tests/test-utimensat.c (main):
Don’t assume that struct timespec is a two-member structure in
tv_sec, tv_nsec order. Although this is true on all platforms we
know about, POSIX does not guarantee it.
Test failure reported by Bruno Haible in:
http://lists.gnu.org/archive/html/bug-gnulib/2017-08/msg00104.html
This is an area where NetBSD is better-behaved than POSIX,
so allow the NetBSD behavior in tests.
* doc/posix-functions/rename.texi:
* doc/posix-functions/renameat.texi: Document NetBSD behavior.
* tests/test-rename.h (test_rename): Allow NetBSD behavior.
* modules/duplocale-tests (configure.ac): Test for uselocale and
some *_l functions.
* tests/test-duplocale.c (test_with_uselocale): New function, extracted
from main.
(get_locale_dependent_values_from, test_with_locale_parameter): New
functions.
(main): Test both test_with_uselocale and test_with_locale_parameter.
reallocarray is a new function in glibc 2.26 to safely allocate an array
of memory locations with integer overflow protection.
* MODULES.html.sh: Add reallocarray.
* doc/glibc-functions/reallocarray.texi: Documentation for reallocarray.
* lib/reallocarray.c: New file to implement module reallocarray.
* lib/stdlib.in.h: Add function declarations for reallocarray.
* m4/reallocarray.m4: New file.
* m4/stdlib_h.m4: Declare reallocarray.
* modules/reallocarray: New file.
* modules/reallocarray-test: New file.
* modules/stdlib: Coerce stdlib.h to export reallocarray.
* tests/test-reallocarray.c: New test.
* lib/opendir-safer.c: Include fcntl.h instead of unistd-safer.h.
(opendir_safer): Use F_DUPFD_CLOEXEC.
* modules/dirent-safer (Depends-on): Add fcntl. Remove unistd-safer.
* tests/test-dirent-safer.c: Do not include unistd-safer.h,
as it is no longer a prerequisite. Use F_DUPFD_CLOEXEC
instead of dup_safer.
Although the Linux syscall renameat2 is not in glibc (yet?), it is
useful to have access to its RENAME_NOREPLACE flag.
* MODULES.html.sh (func_all_modules): Add renameat2.
* lib/renameat2.c, lib/renameat2.h, modules/renameat2:
* modules/renameat2-tests, tests/test-renameat2.c: New files.
* lib/renameat.c (renameat): Move most of the implementation
to renameat2, and just call renameat2.
* modules/renameat (Files): Remove lib/at-func2.c.
(Depends-on): Depend only on renameat2.
(Include): Remove <fcntl.h>.
* modules/renameat-tests (test_renameat_LDADD): Add $(LIB_EACCESS),
since renameat (via renameat2) might use faccessat.
Problem reported by Wolfgang F. Muthmann (Bug#27640).
* modules/getlogin-tests (Files): Add tests/test-getlogin_r.c.
(ttyname): Remove test.
* modules/getlogin_r-tests (ttyname): Remove test.
* tests/test-getlogin.c: Replace this near-clone of test-getlogin_r.c
with ‘#define TEST_LOGIN’ followed by ‘#include "test-getlogin_r.c"’.
* tests/test-getlogin_r.c: If TEST_GETLOGIN is defined, test
getlogin rather than getlogin_r. This avoids code duplication.
(main): Use isatty and fstat rather than ttyname and stat.
Use getpwnam instead of getpwuid, to be portable to test platforms
that have multiple login names for the same uid.
* lib/quotearg.c (FALLTHROUGH): New macro.
Use it whenever one switch case falls through into the next,
replacing "/* Fall through */" comments. This exposed one
instance of an unwarranted "fall through" comment: unwarranted
because it preceded a "goto" label not a case statement.
* lib/freopen-safer.c (freopen_safer): Likewise.
* lib/fts.c (leaf_optimization_applies): Likewise.
* lib/unistr/u8-uctomb-aux.c (u8_uctomb_aux): Likewise.
* tests/test-getopt_long.h (getopt_long_loop): Likewise.
* tests/test-tsearch.c (mangle_tree): Likewise. Also include
tests/macros.h for the definition.
* tests/test-argp.c (group1_parser): Likewise.
* tests/test-getopt.h (getopt_loop): Likewise.
Reported by Tim Rühsen <tim.ruehsen@gmx.de>.
* tests/test-printf-posix2.c (main): Test a width of 10000000 rather
than 5000000.
* tests/test-fprintf-posix2.c (main): Likewise.
* build-aux/gcc-warning.spec:
* m4/manywarnings.m4 (gl_MANYWARN_ALL_GCC):
Add GCC 7 warnings, notably -Wimplicit-fallthrough=5, which
requires a non-comment fallthrough attribute. This is a bit
cleaner than the comment versions.
* lib/strftime.c, lib/dfa.c, lib/fnmatch.c, lib/mbrtowc.c:
* lib/vasnprintf.c, tests/macros.h (FALLTHROUGH): New macro.
Use it whenever one switch case falls through into the next.
* tests/test-stat-time.c: Include <stdio.h>, <time.h>.
(filename_stamp1, filename_testfile, filename_stamp2, filename_stamp3):
New variables.
(initialize_filenames): New function.
(main): Invoke it.
(cleanup, prepare_test): Update.
Problem reported by Ævar Arnfjörð Bjarmason in:
http://lists.gnu.org/archive/html/bug-gnulib/2017-05/msg00054.html
* lib/intprops.h: Do not include verify.h, and move compile-time
checks from here ...
* tests/test-intprops.c (main): ... to here, if they’re not here
already. Check widths of other standard integer types.
* modules/intprops (Depends-on): Remove ‘verify’.
* tests/test-inttypes-c++.cc: New file.
(strtoimax): Declare, missing since 2012-01-05.
(strtoumax): Declare, missing since 2012-01-05.
* modules/inttypes-c++-tests: New file.
* m4/utime_h.m4: New file.
* lib/utime.in.h: New file.
* modules/utime-h: New file.
* doc/posix-headers/utime.texi: Mention the new module.
* tests/test-utime-h.c: New file.
* modules/utime-h-tests: New file.
* lib/noreturn.h: New file.
* modules/noreturn: New file.
* tests/test-noreturn.c: New file.
* modules/noreturn-tests: New file.
* tests/test-noreturn-c++.cc: New file.
* modules/noreturn-c++-tests: New file.
This issue has been assigned CVE-2017-7476 and was
detected with American Fuzzy Lop 2.41b run on the
coreutils date(1) program with ASAN enabled.
ERROR: AddressSanitizer: heap-buffer-overflow on address 0x...
WRITE of size 8 at 0x60d00000cff8 thread T0
#1 0x443020 in extend_abbrs lib/time_rz.c:88
#2 0x443356 in save_abbr lib/time_rz.c:155
#3 0x44393f in localtime_rz lib/time_rz.c:290
#4 0x41e4fe in parse_datetime2 lib/parse-datetime.y:1798
A minimized reproducer is the following 120 byte TZ value,
which goes beyond the value of ABBR_SIZE_MIN (119) on x86_64.
Extend the aa...b portion to overwrite more of the heap.
date -d $(printf 'TZ="aaa%020daaaaaab%089d"')
localtime_rz and mktime_z were affected since commit 4bc76593.
parse_datetime was affected since commit 4e6e16b3f.
* lib/time_rz.c (save_abbr): Rearrange the calculation determining
whether there is enough buffer space available. The rearrangement
ensures we're only dealing with positive numbers, thus avoiding
the problematic promotion of signed to unsigned causing an invalid
comparison when zone_copy is more than ABBR_SIZE_MIN bytes beyond
the start of the buffer.
* tests/test-parse-datetime.c (main): Add a test case written by
Paul Eggert, which overwrites enough of the heap so that
standard glibc will fail with "free(): invalid pointer"
without the patch applied.
Reported and analyzed at https://bugzilla.redhat.com/1444774
* tests/nap.h (nap_get_stat): Renamed from get_stat. Remove argument fd;
use nap_fd instead. On native Windows, close and reopen nap_fd.
(nap_works): Don't compare the ctimes, because on native Windows, these
are the creation times.
(nap): Update.
Paul Eggert