From patchwork Thu Mar 25 14:01:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alyssa Ross X-Patchwork-Id: 42771 X-Patchwork-Delegate: fweimer@redhat.com Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 557863844047; Thu, 25 Mar 2021 14:01:18 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) by sourceware.org (Postfix) with ESMTPS id 7792B384406C for ; Thu, 25 Mar 2021 14:01:16 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 7792B384406C Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=alyssa.is Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=qyliss@eve.qyliss.net Received: from compute1.internal (compute1.nyi.internal [10.202.2.41]) by mailout.nyi.internal (Postfix) with ESMTP id 3A1705C00CD for ; Thu, 25 Mar 2021 10:01:16 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute1.internal (MEProxy); Thu, 25 Mar 2021 10:01:16 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; s=fm2; bh=5G5jewYIH837KePPJGa0omo70D W6aFiE32/JHNV4rlg=; b=OWygHzCeTRaznng8Y8AwypNCPjIN9pKMo3NnZZ6frQ t6DSFDQUke4ynfEU20QNCJJNDsX6TfAmqCB9NMErZD4jTu9K2xUJz2RH5Tvl0MmP vj3DAbJUxICELKX9/Skvqs5BqK7O/M57+D/6DSVxDV3h2Vghm5CTX6HwcKpjcSBS c3qEB/LSqRU+sKl/yL/W3DnZ9g15rWhr/vNTRjlJmuEO47hwhq1lKq+LCM/dwrq4 +Qy3wphP5XjuAUTH1wFHbhr67iA2MLcW8+pg8wFN4PJv0qTUDDb4ozSM7z+MXciw 9ZnYhz4Vks0NtjIZIWbIPcRLI+8XtDxZzi+9EV3i8cwA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :message-id:mime-version:subject:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=5G5jewYIH837KePPJ Ga0omo70DW6aFiE32/JHNV4rlg=; b=jl5deIWQVxdPrBG6Jqrs2PYDFONJstmT6 OGgN252TB9SqzqFWzv7JzTQ/cCXsnep8OZgx/GZPqMFdXDOFR9l0+/Sl2hvKn7Cl gEEaLX2tO0YeyhCfJCoiXymaAma2MbZ/aho3IPVZ7qzb7Xp6HnMlRsvBCwIyWA9H 2cfTVEzf6qYJ1q82rJmQCtDS7W6HkbRlkQ5tzERgDMZe+Np94VnXY6DVwsvHTSR1 18vtsHjZXvIT9TcmqPspV/Xj7Ik9ozDUPQSZZjFjYOXe7QTO4pW3+ro4bct26vDo PkDGvShJd6KdnVXsye9hJXfH72bPU+75CO6PlujCZ6reEOYTLG8QA== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudehtddgheelucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpefhvffufffkofgggfestdekredtre dttdenucfhrhhomheptehlhihsshgrucftohhsshcuoehhihesrghlhihsshgrrdhisheq necuggftrfgrthhtvghrnhephedvfffghfetieejgfetfedtgffhvdehueehvdejudfgge fgleejgfelfeevgfefnecukfhppeekgedrudekgedrvdeftddrvdduleenucevlhhushht vghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpehqhihlihhsshesvghvvg drqhihlhhishhsrdhnvght X-ME-Proxy: Received: from eve.qyliss.net (p54b8e6db.dip0.t-ipconnect.de [84.184.230.219]) by mail.messagingengine.com (Postfix) with ESMTPA id 27A9324005B for ; Thu, 25 Mar 2021 10:01:10 -0400 (EDT) Received: by eve.qyliss.net (Postfix, from userid 1000) id 5B0DFFB8; Thu, 25 Mar 2021 14:01:09 +0000 (UTC) From: Alyssa Ross To: libc-alpha@sourceware.org Subject: [PATCH] stdio: fix vfscanf with matches longer than INT_MAX (bug 27650) Date: Thu, 25 Mar 2021 14:01:02 +0000 Message-Id: <20210325140102.31043-1-hi@alyssa.is> X-Mailer: git-send-email 2.30.0 MIME-Version: 1.0 X-Spam-Status: No, score=-10.7 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_LOW, SPF_HELO_PASS, SPF_SOFTFAIL, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alyssa Ross Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" Patterns like %*[ can safely be used to match a great many characters, and it's quite realisitic to use them for more than INT_MAX characters from an IO stream. With the previous approach, after INT_MAX characters (v)fscanf would return successfully, indicating an end to the match, even though there wasn't one. --- I have not done a copyright assignment yet, but I think this change should be small enough to be exempt? stdio-common/vfscanf-internal.c | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/stdio-common/vfscanf-internal.c b/stdio-common/vfscanf-internal.c index 38e74776a5..1d81e16f4e 100644 --- a/stdio-common/vfscanf-internal.c +++ b/stdio-common/vfscanf-internal.c @@ -2479,11 +2479,6 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, else not_in = 0; - if (width < 0) - /* There is no width given so there is also no limit on the - number of characters we read. Therefore we set width to - a very high value to make the algorithm easier. */ - width = INT_MAX; #ifdef COMPILE_WSCANF /* Find the beginning and the end of the scanlist. We are not @@ -2647,7 +2642,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, } } } - while (--width > 0 && inchar () != WEOF); + while ((width < 0 || --width > 0) && inchar () != WEOF); out: #else char buf[MB_LEN_MAX]; @@ -2732,7 +2727,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, } } - if (--width <= 0) + if (width >= 0 && --width <= 0) break; } while (inchar () != EOF); @@ -2884,7 +2879,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, assert (n <= MB_LEN_MAX); str += n; } - while (--width > 0 && inchar () != WEOF); + while ((width < 0 || --width > 0) && inchar () != WEOF); out2: #else do @@ -2938,7 +2933,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr, } } } - while (--width > 0 && inchar () != EOF); + while ((width < 0 || --width > 0) && inchar () != EOF); #endif if (__glibc_unlikely (now == read_in)) From patchwork Mon Mar 29 18:06:40 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alyssa Ross X-Patchwork-Id: 42797 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 145823861002; Mon, 29 Mar 2021 18:07:05 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from wout1-smtp.messagingengine.com (wout1-smtp.messagingengine.com [64.147.123.24]) by sourceware.org (Postfix) with ESMTPS id B1F993851C3E for ; Mon, 29 Mar 2021 18:07:02 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org B1F993851C3E Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=alyssa.is Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=qyliss@eve.qyliss.net Received: from compute3.internal (compute3.nyi.internal [10.202.2.43]) by mailout.west.internal (Postfix) with ESMTP id 2978B168C; Mon, 29 Mar 2021 14:07:01 -0400 (EDT) Received: from mailfrontend1 ([10.202.2.162]) by compute3.internal (MEProxy); Mon, 29 Mar 2021 14:07:01 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alyssa.is; h= from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; s=fm2; bh=1HHSw1G0PJlg9 /oNR72sucg344Te6nXbtjyoaJqmFLc=; b=rIya+bOr0I3eAWtV6qKiyeAHO7o49 p4Kj77ruGP/RnKJ11c0J/esIS6YHiNdi1dlTukHeblkwIw8Ksa2XLpJf++I+8PSL IPUNgPjy1JxV6m9/5Zv/xmEJ2DZp99+g8W0pXIhwVn6bAzWWfP9CndJlMWFY+jxh z1lNVeHuMUsJq6vCUDhCIvmXHyFMIblrfoR4VwiOuhOD1MvxjV+Z5suPnXoRNNi5 dEumRyGFYVua/7l3q/SnyASoKK2jktqzJ6WC4P/1mnG7RzMv93/FPg3qThbtEiKA 5GAgLZo53quid2eo/LORb0T7D9nWZvBxE5rK10PFIzJ7enZ6izhWgd+0w== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-transfer-encoding:date:from :in-reply-to:message-id:mime-version:references:subject:to :x-me-proxy:x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s= fm2; bh=1HHSw1G0PJlg9/oNR72sucg344Te6nXbtjyoaJqmFLc=; b=j0mvNgg7 FHyrFqbR+kAZTw9sM0i/Bq0p0VJsCv5/h5iiueXBRHVsE3ggWPd/5tQ5SY6tTUSk BJeVRieKt1MNZWu1oxtVtCm8Dh+VlTmqd58P7wE/EAJwCtdLRDNzzE52mgI3WZ7W ATtRGCd+/FdizYkVzrC368nB/A/jbg9xiFD5+oybowgPqV0K5/gmmZWcyKBvPl+U 3Hr+2FxRiXLVf7gywicS5+h1p+enqnUXbcIqhK/+4FwtKki2nHbVXpHGwLYNX6pF gkW4TKy40GMlNA+Zt5FVxUgySPXEDFmRC/5cyD8e7VNgu0Q91b/Y+LeYW6XDe2IS cF37dojR3w3Fkg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduledrudehkedguddvvdcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefhvffufffkofgjfhgggfestdekredtredttdenucfhrhhomheptehlhihs shgrucftohhsshcuoehhihesrghlhihsshgrrdhisheqnecuggftrfgrthhtvghrnhepgf efudekvdelieelledufeevheeglefggedvudejvddtffeuueevffehleejkedvnecukfhp peejledrvdefuddrvdegfedrvddtudenucevlhhushhtvghrufhiiigvpedtnecurfgrrh grmhepmhgrihhlfhhrohhmpehqhihlihhsshesvghvvgdrqhihlhhishhsrdhnvght X-ME-Proxy: Received: from eve.qyliss.net (p4fe7f3c9.dip0.t-ipconnect.de [79.231.243.201]) by mail.messagingengine.com (Postfix) with ESMTPA id C2EA324005C; Mon, 29 Mar 2021 14:06:59 -0400 (EDT) Received: by eve.qyliss.net (Postfix, from userid 1000) id 4303610CC; Mon, 29 Mar 2021 18:06:58 +0000 (UTC) From: Alyssa Ross To: libc-alpha@sourceware.org Subject: [PATCH 2/2] stdio: add test for scanf matches longer than INT_MAX (bug 27650) Date: Mon, 29 Mar 2021 18:06:40 +0000 Message-Id: <20210329180640.18722-1-hi@alyssa.is> X-Mailer: git-send-email 2.30.0 In-Reply-To: <20210325140102.31043-1-hi@alyssa.is> References: <20210325140102.31043-1-hi@alyssa.is> MIME-Version: 1.0 X-Spam-Status: No, score=-11.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, GIT_PATCH_0, HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_LOW, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_PASS, SPF_SOFTFAIL, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alyssa Ross , Florian Weimer Errors-To: libc-alpha-bounces@sourceware.org Sender: "Libc-alpha" This doesn't test the wchar_t variants. Won't run on s390 due to using more than INT_MAX bytes of address space. --- Applying this will need to wait until I have my copyright paperwork sorted. stdio-common/Makefile | 3 ++- stdio-common/tst-sscanf-bz27650.c | 42 +++++++++++++++++++++++++++++++ 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 stdio-common/tst-sscanf-bz27650.c diff --git a/stdio-common/Makefile b/stdio-common/Makefile index b2458ba4a6..281a154f5b 100644 --- a/stdio-common/Makefile +++ b/stdio-common/Makefile @@ -70,7 +70,8 @@ tests := tstscanf test_rdwr test-popen tstgetln test-fseek \ tst-vfprintf-width-prec-alloc \ tst-printf-fp-free \ tst-printf-fp-leak \ - test-strerr + test-strerr \ + tst-sscanf-bz27650 test-srcs = tst-unbputc tst-printf tst-printfsz-islongdouble diff --git a/stdio-common/tst-sscanf-bz27650.c b/stdio-common/tst-sscanf-bz27650.c new file mode 100644 index 0000000000..4636d26323 --- /dev/null +++ b/stdio-common/tst-sscanf-bz27650.c @@ -0,0 +1,42 @@ +#include +#include +#include +#include +#include +#include + +#include +#include + +/* Test that vfscanf can handle matches longer than INT_MAX bytes. */ +static int +do_test (void) +{ + char next_char; + struct support_blob_repeat blob = + support_blob_repeat_allocate ("a", 1, INT_MAX + 3U); + char *s = blob.start; + + if (s == NULL) + FAIL_UNSUPPORTED ("repeated blob allocation failed: %m"); + + s[INT_MAX + 1U] = 'b'; + s[INT_MAX + 2U] = '\0'; + + errno = 0; + switch (sscanf (s, "%*[^b]%c", &next_char)) + { + case EOF: + if (errno) + FAIL_EXIT1 ("sscanf: %m"); + FAIL_EXIT1 ("EOF reached and no 'b' found"); + case 0: + FAIL_EXIT1 ("pattern didn't match"); + } + + TEST_COMPARE (next_char, 'b'); + + return 0; +} + +#include