[v5,07/12] tests: replace system by xsystem
Commit Message
With fortification enabled, system calls return result needs to be checked,
has it gets the __wur macro enabled.
---
Changes since v4:
- Added more fail case in xsystem
- Clarify why some system calls should not use xsystem
elf/tst-stackguard1.c | 3 ++-
libio/bug-mmap-fflush.c | 7 +++++--
nptl/tst-cancel7.c | 3 ++-
nptl/tst-stackguard1.c | 3 ++-
nss/tst-nss-db-endpwent.c | 3 ++-
support/Makefile | 1 +
support/xstdlib.h | 31 +++++++++++++++++++++++++++++++
support/xsystem.c | 37 +++++++++++++++++++++++++++++++++++++
8 files changed, 82 insertions(+), 6 deletions(-)
create mode 100644 support/xstdlib.h
create mode 100644 support/xsystem.c
Comments
On 2023-06-01 10:27, Frédéric Bérat wrote:
> With fortification enabled, system calls return result needs to be checked,
> has it gets the __wur macro enabled.
> ---
> Changes since v4:
> - Added more fail case in xsystem
> - Clarify why some system calls should not use xsystem
>
> elf/tst-stackguard1.c | 3 ++-
> libio/bug-mmap-fflush.c | 7 +++++--
> nptl/tst-cancel7.c | 3 ++-
> nptl/tst-stackguard1.c | 3 ++-
> nss/tst-nss-db-endpwent.c | 3 ++-
> support/Makefile | 1 +
> support/xstdlib.h | 31 +++++++++++++++++++++++++++++++
> support/xsystem.c | 37 +++++++++++++++++++++++++++++++++++++
> 8 files changed, 82 insertions(+), 6 deletions(-)
> create mode 100644 support/xstdlib.h
> create mode 100644 support/xsystem.c
>
> diff --git a/elf/tst-stackguard1.c b/elf/tst-stackguard1.c
> index 2e65e36078..1919ae8682 100644
> --- a/elf/tst-stackguard1.c
> +++ b/elf/tst-stackguard1.c
> @@ -108,7 +108,8 @@ do_test (void)
> dup2 (fds[1], 2);
> close (fds[1]);
>
> - system (command);
> + if (system (command)) {/* Should actually fail */}
Please elaborate on why this should fail:
if (system (command))
{
/* This should actually fail because... */
}
> +
> exit (0);
> }
>
> diff --git a/libio/bug-mmap-fflush.c b/libio/bug-mmap-fflush.c
> index d8aa58985a..3f99222eef 100644
> --- a/libio/bug-mmap-fflush.c
> +++ b/libio/bug-mmap-fflush.c
> @@ -4,6 +4,7 @@
> #include <stdlib.h>
> #include <string.h>
>
> +#include <support/xstdlib.h>
>
> static char *fname;
>
> @@ -35,14 +36,16 @@ do_test (void)
> char buffer[1024];
>
> snprintf (buffer, sizeof (buffer), "echo 'From foo@bar.com' > %s", fname);
> - system (buffer);
> + xsystem (buffer);
> +
> f = fopen (fname, "r");
> fseek (f, 0, SEEK_END);
> o = ftello (f);
> fseek (f, 0, SEEK_SET);
> fflush (f);
> snprintf (buffer, sizeof (buffer), "echo 'From bar@baz.edu' >> %s", fname);
> - system (buffer);
> + xsystem (buffer);
> +
> fseek (f, o, SEEK_SET);
> if (fgets (buffer, 1024, f) == NULL)
> exit (1);
> diff --git a/nptl/tst-cancel7.c b/nptl/tst-cancel7.c
> index 2835613a9b..0ecb7d025f 100644
> --- a/nptl/tst-cancel7.c
> +++ b/nptl/tst-cancel7.c
> @@ -27,6 +27,7 @@
> #include <support/support.h>
> #include <support/temp_file.h>
> #include <support/xstdio.h>
> +#include <support/xstdlib.h>
> #include <support/xunistd.h>
> #include <support/xthread.h>
>
> @@ -43,7 +44,7 @@ tf (void *arg)
> {
> char *cmd = xasprintf ("%s --direct --sem %s --pidfile %s",
> command, semfilename, pidfilename);
> - system (cmd);
> + xsystem (cmd);
> /* This call should never return. */
> return NULL;
> }
> diff --git a/nptl/tst-stackguard1.c b/nptl/tst-stackguard1.c
> index 4ac57157e9..5ca719ed32 100644
> --- a/nptl/tst-stackguard1.c
> +++ b/nptl/tst-stackguard1.c
> @@ -140,7 +140,8 @@ do_test (void)
> dup2 (fds[1], 2);
> close (fds[1]);
>
> - system (command);
> + if (system (command)) {/* Should actually fail */}
> +
> exit (0);
> }
>
> diff --git a/nss/tst-nss-db-endpwent.c b/nss/tst-nss-db-endpwent.c
> index 2b0fc1b064..4dba3fada6 100644
> --- a/nss/tst-nss-db-endpwent.c
> +++ b/nss/tst-nss-db-endpwent.c
> @@ -23,6 +23,7 @@
>
> #include <support/support.h>
> #include <support/check.h>
> +#include <support/xstdlib.h>
>
> /* It is entirely allowed to start with a getpwent call without
> resetting the state of the service via a call to setpwent.
> @@ -55,7 +56,7 @@ do_test (void)
>
> cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in",
> support_bindir_prefix);
> - system (cmd);
> + xsystem (cmd);
> free (cmd);
>
> try_it ();
> diff --git a/support/Makefile b/support/Makefile
> index c3d16d25b3..f51c2e03a8 100644
> --- a/support/Makefile
> +++ b/support/Makefile
> @@ -209,6 +209,7 @@ libsupport-routines = \
> xstrdup \
> xstrndup \
> xsymlink \
> + xsystem \
> xsysconf \
> xunlink \
> xuselocale \
> diff --git a/support/xstdlib.h b/support/xstdlib.h
> new file mode 100644
> index 0000000000..58642e3542
> --- /dev/null
> +++ b/support/xstdlib.h
> @@ -0,0 +1,31 @@
> +/* Error-checking wrappers for stdlib functions.
> + Copyright (C) 2016-2023 Free Software Foundation, Inc.
Only 2023 here.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <https://www.gnu.org/licenses/>. */
> +
> +#ifndef SUPPORT_XSTDLIB_H
> +#define SUPPORT_XSTDLIB_H
> +
> +#include <stdlib.h>
> +#include <sys/cdefs.h>
> +
> +__BEGIN_DECLS
> +
> +void xsystem (const char *cmd);
> +
> +__END_DECLS
> +
> +#endif /* SUPPORT_XSTDLIB_H */
> diff --git a/support/xsystem.c b/support/xsystem.c
> new file mode 100644
> index 0000000000..efa26ed772
> --- /dev/null
> +++ b/support/xsystem.c
> @@ -0,0 +1,37 @@
> +/* Error-checking replacement for "system".
> + Copyright (C) 2018-2023 Free Software Foundation, Inc.
Likewise, only 2023.
> + This file is part of the GNU C Library.
> +
> + The GNU C Library is free software; you can redistribute it and/or
> + modify it under the terms of the GNU Lesser General Public
> + License as published by the Free Software Foundation; either
> + version 2.1 of the License, or (at your option) any later version.
> +
> + The GNU C Library is distributed in the hope that it will be useful,
> + but WITHOUT ANY WARRANTY; without even the implied warranty of
> + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> + Lesser General Public License for more details.
> +
> + You should have received a copy of the GNU Lesser General Public
> + License along with the GNU C Library; if not, see
> + <https://www.gnu.org/licenses/>. */
> +
> +#include <support/support.h>
> +#include <support/check.h>
> +
> +#include <support/xstdlib.h>
> +
> +void
> +xsystem (const char *cmd)
> +{
> + int ret = system (cmd);
> +
> + if (ret == 0 && cmd == NULL)
> + FAIL_EXIT1 ("Unable to spawn a shell for NULL command");
> +
> + if (ret == 127)
> + FAIL_EXIT1 ("Child terminated with status 127");
> +
> + if (ret < 0)
> + FAIL_EXIT1 ("system (\"%s\")", cmd);
> +}
@@ -108,7 +108,8 @@ do_test (void)
dup2 (fds[1], 2);
close (fds[1]);
- system (command);
+ if (system (command)) {/* Should actually fail */}
+
exit (0);
}
@@ -4,6 +4,7 @@
#include <stdlib.h>
#include <string.h>
+#include <support/xstdlib.h>
static char *fname;
@@ -35,14 +36,16 @@ do_test (void)
char buffer[1024];
snprintf (buffer, sizeof (buffer), "echo 'From foo@bar.com' > %s", fname);
- system (buffer);
+ xsystem (buffer);
+
f = fopen (fname, "r");
fseek (f, 0, SEEK_END);
o = ftello (f);
fseek (f, 0, SEEK_SET);
fflush (f);
snprintf (buffer, sizeof (buffer), "echo 'From bar@baz.edu' >> %s", fname);
- system (buffer);
+ xsystem (buffer);
+
fseek (f, o, SEEK_SET);
if (fgets (buffer, 1024, f) == NULL)
exit (1);
@@ -27,6 +27,7 @@
#include <support/support.h>
#include <support/temp_file.h>
#include <support/xstdio.h>
+#include <support/xstdlib.h>
#include <support/xunistd.h>
#include <support/xthread.h>
@@ -43,7 +44,7 @@ tf (void *arg)
{
char *cmd = xasprintf ("%s --direct --sem %s --pidfile %s",
command, semfilename, pidfilename);
- system (cmd);
+ xsystem (cmd);
/* This call should never return. */
return NULL;
}
@@ -140,7 +140,8 @@ do_test (void)
dup2 (fds[1], 2);
close (fds[1]);
- system (command);
+ if (system (command)) {/* Should actually fail */}
+
exit (0);
}
@@ -23,6 +23,7 @@
#include <support/support.h>
#include <support/check.h>
+#include <support/xstdlib.h>
/* It is entirely allowed to start with a getpwent call without
resetting the state of the service via a call to setpwent.
@@ -55,7 +56,7 @@ do_test (void)
cmd = xasprintf ("%s/makedb -o /var/db/passwd.db /var/db/passwd.in",
support_bindir_prefix);
- system (cmd);
+ xsystem (cmd);
free (cmd);
try_it ();
@@ -209,6 +209,7 @@ libsupport-routines = \
xstrdup \
xstrndup \
xsymlink \
+ xsystem \
xsysconf \
xunlink \
xuselocale \
new file mode 100644
@@ -0,0 +1,31 @@
+/* Error-checking wrappers for stdlib functions.
+ Copyright (C) 2016-2023 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef SUPPORT_XSTDLIB_H
+#define SUPPORT_XSTDLIB_H
+
+#include <stdlib.h>
+#include <sys/cdefs.h>
+
+__BEGIN_DECLS
+
+void xsystem (const char *cmd);
+
+__END_DECLS
+
+#endif /* SUPPORT_XSTDLIB_H */
new file mode 100644
@@ -0,0 +1,37 @@
+/* Error-checking replacement for "system".
+ Copyright (C) 2018-2023 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <support/support.h>
+#include <support/check.h>
+
+#include <support/xstdlib.h>
+
+void
+xsystem (const char *cmd)
+{
+ int ret = system (cmd);
+
+ if (ret == 0 && cmd == NULL)
+ FAIL_EXIT1 ("Unable to spawn a shell for NULL command");
+
+ if (ret == 127)
+ FAIL_EXIT1 ("Child terminated with status 127");
+
+ if (ret < 0)
+ FAIL_EXIT1 ("system (\"%s\")", cmd);
+}