libio: freopen of default streams crashes in old programs [BZ #24632]

Message ID 8736kqaj31.fsf@oldenburg2.str.redhat.com
State New
Headers show
Series
  • libio: freopen of default streams crashes in old programs [BZ #24632]
Related show

Commit Message

Florian Weimer June 3, 2019, 1:34 p.m.
As seen with very old i386 GCC binaries.

2019-06-03  Florian Weimer  <fweimer@redhat.com>

	[BZ #24632]
	* libio/libioP.h (_IO_JUMPS_FUNC_UPDATE): New macro.
	* libio/freopen.c (freopen): Use it.

Comments

Florian Weimer June 12, 2019, 12:27 p.m. | #1
* Florian Weimer:

> As seen with very old i386 GCC binaries.

>

> 2019-06-03  Florian Weimer  <fweimer@redhat.com>

>

> 	[BZ #24632]

> 	* libio/libioP.h (_IO_JUMPS_FUNC_UPDATE): New macro.

> 	* libio/freopen.c (freopen): Use it.

>

> diff --git a/libio/freopen.c b/libio/freopen.c

> index 17b00258cd..82e39f5028 100644

> --- a/libio/freopen.c

> +++ b/libio/freopen.c

> @@ -62,7 +62,7 @@ freopen (const char *filename, const char *mode, FILE *fp)

>  	 to the old libio may be passed into shared C library and wind

>  	 up here. */

>        _IO_old_file_close_it (fp);

> -      _IO_JUMPS_FILE_plus (fp) = &_IO_old_file_jumps;

> +      _IO_JUMPS_FUNC_UPDATE (fp, &_IO_old_file_jumps);

>        result = _IO_old_file_fopen (fp, gfilename, mode);

>      }

>    else

> diff --git a/libio/libioP.h b/libio/libioP.h

> index 66afaa8968..f17c6e68e4 100644

> --- a/libio/libioP.h

> +++ b/libio/libioP.h

> @@ -108,9 +108,14 @@

>    (IO_validate_vtable                                                   \

>     (*(struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

>  			     + (THIS)->_vtable_offset)))

> +# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE)				\

> +  (*(const struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

> +			    + (THIS)->_vtable_offset) = (VTABLE))

>  # define _IO_vtable_offset(THIS) (THIS)->_vtable_offset

>  #else

>  # define _IO_JUMPS_FUNC(THIS) (IO_validate_vtable (_IO_JUMPS_FILE_plus (THIS)))

> +# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE) \

> +  (_IO_JUMPS_FILE_plus (THIS) = (VTABLE))

>  # define _IO_vtable_offset(THIS) 0

>  #endif

>  #define _IO_WIDE_JUMPS_FUNC(THIS) _IO_WIDE_JUMPS(THIS)


Ping?

Thanks,
Florian
Andreas Schwab June 12, 2019, 12:43 p.m. | #2
On Jun 03 2019, Florian Weimer <fweimer@redhat.com> wrote:

> 	[BZ #24632]

> 	* libio/libioP.h (_IO_JUMPS_FUNC_UPDATE): New macro.

> 	* libio/freopen.c (freopen): Use it.


Ok.

> diff --git a/libio/libioP.h b/libio/libioP.h

> index 66afaa8968..f17c6e68e4 100644

> --- a/libio/libioP.h

> +++ b/libio/libioP.h

> @@ -108,9 +108,14 @@

>    (IO_validate_vtable                                                   \

>     (*(struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

>  			     + (THIS)->_vtable_offset)))

> +# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE)				\

> +  (*(const struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

> +			    + (THIS)->_vtable_offset) = (VTABLE))


Misaligned line.

Andreas.

-- 
Andreas Schwab, SUSE Labs, schwab@suse.de
GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE  1748 E4D4 88E3 0EEA B9D7
"And now for something completely different."
Florian Weimer June 12, 2019, 12:48 p.m. | #3
* Andreas Schwab:

> On Jun 03 2019, Florian Weimer <fweimer@redhat.com> wrote:

>

>> 	[BZ #24632]

>> 	* libio/libioP.h (_IO_JUMPS_FUNC_UPDATE): New macro.

>> 	* libio/freopen.c (freopen): Use it.

>

> Ok.


Thanks.

>> diff --git a/libio/libioP.h b/libio/libioP.h

>> index 66afaa8968..f17c6e68e4 100644

>> --- a/libio/libioP.h

>> +++ b/libio/libioP.h

>> @@ -108,9 +108,14 @@

>>    (IO_validate_vtable                                                   \

>>     (*(struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

>>  			     + (THIS)->_vtable_offset)))

>> +# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE)				\

>> +  (*(const struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\

>> +			    + (THIS)->_vtable_offset) = (VTABLE))


Ah, fixed.

Florian

Patch

diff --git a/libio/freopen.c b/libio/freopen.c
index 17b00258cd..82e39f5028 100644
--- a/libio/freopen.c
+++ b/libio/freopen.c
@@ -62,7 +62,7 @@  freopen (const char *filename, const char *mode, FILE *fp)
 	 to the old libio may be passed into shared C library and wind
 	 up here. */
       _IO_old_file_close_it (fp);
-      _IO_JUMPS_FILE_plus (fp) = &_IO_old_file_jumps;
+      _IO_JUMPS_FUNC_UPDATE (fp, &_IO_old_file_jumps);
       result = _IO_old_file_fopen (fp, gfilename, mode);
     }
   else
diff --git a/libio/libioP.h b/libio/libioP.h
index 66afaa8968..f17c6e68e4 100644
--- a/libio/libioP.h
+++ b/libio/libioP.h
@@ -108,9 +108,14 @@ 
   (IO_validate_vtable                                                   \
    (*(struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\
 			     + (THIS)->_vtable_offset)))
+# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE)				\
+  (*(const struct _IO_jump_t **) ((void *) &_IO_JUMPS_FILE_plus (THIS)	\
+			    + (THIS)->_vtable_offset) = (VTABLE))
 # define _IO_vtable_offset(THIS) (THIS)->_vtable_offset
 #else
 # define _IO_JUMPS_FUNC(THIS) (IO_validate_vtable (_IO_JUMPS_FILE_plus (THIS)))
+# define _IO_JUMPS_FUNC_UPDATE(THIS, VTABLE) \
+  (_IO_JUMPS_FILE_plus (THIS) = (VTABLE))
 # define _IO_vtable_offset(THIS) 0
 #endif
 #define _IO_WIDE_JUMPS_FUNC(THIS) _IO_WIDE_JUMPS(THIS)