diff mbox

[v3] libio: do not unbuffer legacy standard files in compatibility mode [BZ #24228]

Message ID 20190619160340.GA23394@altlinux.org
State Superseded
Headers

Commit Message

Dmitry V. Levin June 19, 2019, 4:03 p.m. UTC 
  On Wed, Jun 19, 2019 at 03:10:14PM +0200, Florian Weimer wrote:
> * Dmitry V. Levin:
> 
> > diff --git a/libio/genops.c b/libio/genops.c
> > index 2a0d9b81df..aa92d61b6b 100644
> > --- a/libio/genops.c
> > +++ b/libio/genops.c
> > @@ -789,6 +789,10 @@ _IO_unbuffer_all (void)
> >  
> >    for (fp = (FILE *) _IO_list_all; fp; fp = fp->_chain)
> >      {
> > +#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
> > +      if (__glibc_unlikely (&_IO_stdin_used == NULL) && _IO_legacy_file (fp))
> > +	continue;
> > +#endif
> >        if (! (fp->_flags & _IO_UNBUFFERED)
> >  	  /* Iff stream is un-orientated, it wasn't used. */
> >  	  && fp->_mode != 0)
> 
> I believe a better fix would be this, in case an old-style file showed
> up for a different reason:
> 
> #if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
>           bool potentially_wide_stream = _IO_vtable_offset (fp) != 0;
> #else
>           bool potentially_wide_stream = true;
> #endif
> 	  if (potentially_wide_stream && fp->_mode > 0)
> 	    _IO_wsetb (fp, NULL, NULL, 0);
> 
> This is _IO_new_fclose handles this situation.

Yes, this approach seems to work, too:


> I fear the test is unreliable because it depends on what fp->_mode
> evaluates to (which is not actually present in the struct with old
> files).  But the test is definitely better than nothing.

Sorry, I couldn't think of a more reliable test than that.

Comments

Florian Weimer June 19, 2019, 4:15 p.m. UTC | #1 
* Dmitry V. Levin:

> On Wed, Jun 19, 2019 at 03:10:14PM +0200, Florian Weimer wrote:
>> * Dmitry V. Levin:
>> 
>> > diff --git a/libio/genops.c b/libio/genops.c
>> > index 2a0d9b81df..aa92d61b6b 100644
>> > --- a/libio/genops.c
>> > +++ b/libio/genops.c
>> > @@ -789,6 +789,10 @@ _IO_unbuffer_all (void)
>> >  
>> >    for (fp = (FILE *) _IO_list_all; fp; fp = fp->_chain)
>> >      {
>> > +#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
>> > +      if (__glibc_unlikely (&_IO_stdin_used == NULL) && _IO_legacy_file (fp))
>> > +	continue;
>> > +#endif
>> >        if (! (fp->_flags & _IO_UNBUFFERED)
>> >  	  /* Iff stream is un-orientated, it wasn't used. */
>> >  	  && fp->_mode != 0)
>> 
>> I believe a better fix would be this, in case an old-style file showed
>> up for a different reason:
>> 
>> #if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
>>           bool potentially_wide_stream = _IO_vtable_offset (fp) != 0;
>> #else
>>           bool potentially_wide_stream = true;
>> #endif
>> 	  if (potentially_wide_stream && fp->_mode > 0)
>> 	    _IO_wsetb (fp, NULL, NULL, 0);
>> 
>> This is _IO_new_fclose handles this situation.
>
> Yes, this approach seems to work, too:
>
> diff --git a/libio/genops.c b/libio/genops.c
> index 2a0d9b81df..575f0e6584 100644
> --- a/libio/genops.c
> +++ b/libio/genops.c
> @@ -789,6 +789,10 @@ _IO_unbuffer_all (void)
>  
>    for (fp = (FILE *) _IO_list_all; fp; fp = fp->_chain)
>      {
> +#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
> +      if (__glibc_unlikely (_IO_vtable_offset (fp) != 0))
> +	continue;
> +#endif
>        if (! (fp->_flags & _IO_UNBUFFERED)
>  	  /* Iff stream is un-orientated, it wasn't used. */
>  	  && fp->_mode != 0)

Hmm, right there's an early access to fp->_mode that I had missed.
Should we still flush buffers in old binaries?

I think we could do this instead:

  int mode;
#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
  if (__glibc_unlikely (_IO_vtable_offset (fp) != 0))
    mode = 1; /* Old streams are never wide.  */
  else
    mode = fp->_mode;
#else
  mode  = fp->_mode;
#endif

And then use mode instead of fp->_mode below.  Does this make sense?

>> I fear the test is unreliable because it depends on what fp->_mode
>> evaluates to (which is not actually present in the struct with old
>> files).  But the test is definitely better than nothing.
>
> Sorry, I couldn't think of a more reliable test than that.

I came up with this (also with the linker script).  But curiously
enough, the padding is not actually needed.  The test is only valid with
GLIBC_2.0 targets, it crashes for newer targets which do not define
_IO_stdout_.

#include <stdio.h>
#include <stdlib.h>

int pad1[] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 };
int _IO_stdout_[20] __attribute__ ((nocommon));
int pad2[] = {1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1 };

int
main (void)
{
  /* Simulate old-style printf.  */
  fprintf ((FILE *) &_IO_stdout_, "info: testing old printing\n");
  return 0;
}

This could be improved by using internal headers when the test is built
within the glibc tree, so that hard-coding the size of _IO_stdout_ is
not required.

I guess we could add both tests, just in case.

Thanks,
Florian
diff mbox

Patch

diff --git a/libio/genops.c b/libio/genops.c
index 2a0d9b81df..575f0e6584 100644
--- a/libio/genops.c
+++ b/libio/genops.c
@@ -789,6 +789,10 @@  _IO_unbuffer_all (void)
 
   for (fp = (FILE *) _IO_list_all; fp; fp = fp->_chain)
     {
+#if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1)
+      if (__glibc_unlikely (_IO_vtable_offset (fp) != 0))
+	continue;
+#endif
       if (! (fp->_flags & _IO_UNBUFFERED)
 	  /* Iff stream is un-orientated, it wasn't used. */
 	  && fp->_mode != 0)