Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <4FE14D23.60901@redhat.com>
Date: Tue, 19 Jun 2012 22:10:11 -0600
From: Eric Blake <eblake@...hat.com>
To: Rich Felker <dalias@...ifal.cx>
CC: musl@...ts.openwall.com, Isaac Dunham <idunham@...abit.com>,
        Paul Eggert <eggert@...ucla.edu>, bug-gnulib@....org,
        Reuben Thomas <rrt@...d.org>
Subject: Re: Re: musl bugs found through gnulib

On 06/19/2012 09:04 PM, Rich Felker wrote:

>> Replacement of duplocale, because of
>>   checking whether duplocale(LC_GLOBAL_LOCALE) works... no
> 
> POSIX does not specify any use of LC_GLOBAL_LOCALE except as an
> argument to uselocale. Is there a reason it's needed? Perhaps more
> importantly, is the replacement when libc doesn't provide this
> functionality bloated/painful?

Unfortunately, you are out of date.  POSIX _does_ require
duplocale(LC_GLOBAL_LOCALE) to work:

http://austingroupbugs.net/view.php?id=301


    If the locobj argument is LC_GLOBAL_LOCALE, duplocale() shall
    create a new locale object containing a copy of the global locale
    determined by the setlocale() function.

    The behavior is undefined if the locobj argument is not a valid
    locale object handle.

  After line 24978 add a new paragraph to APPLICATION USAGE:

    The duplocale() function can also be used in conjunction with
    uselocale((locale_t)0). This returns the locale in effect for
    the calling thread, but can have the value LC_GLOBAL_LOCALE.
    Passing LC_GLOBAL_LOCALE to functions such as isalnum_l()
    results in undefined behavior, but applications can convert
    it into a usable locale object by using duplocale().

>> test-fcntl.c:382: assertion failed
>> FAIL: test-fcntl
> 
> This is caused by the fact that the F_GETOWN fcntl on Linux is broken;
> there's no way to distinguish error returns from non-error negative
> return values. So we never set errno when calling F_GETOWN and assume
> the return value is not an error. There's a new-ish Linux-specific
> F_GETOWN_EX we could use when it's available, but the fallback code
> would still fail just like it does now, because it's a fundamental
> limitation in the API.

Yes, Linux 2.6.32 introduced F_GETOWN_EX for precisely this reason, and
you should be using it.


>> test-grantpt.c:34: assertion failed
>> FAIL: test-grantpt
> 
> This is an invalid test. POSIX specifies this function "may fail", not
> "shall fail", and since the function is inherently a no-op, it would
> be idiotic to make it perform a syscall to check the validity of the
> file descriptor...

This is one of the cases where gnulib prefers to emulate the shall fail
semantics of glibc, as they are more useful to program around.


>> test-ptsname_r.c:118: assertion failed
>> FAIL: test-ptsname_r
> 
> It's testing that ptsname_r both sets errno and returns the error
> code, and that they're the same. Since this function is nonstandard,
> there's no spec for it, so perhaps this is desirable; I was assuming
> it should return -1 on failure.

There _is_ a proposed standard for it now:

http://austingroupbugs.net/view.php?id=508

which requires only the return value to be 0 or an errno value, and not
that errno be set.  gnulib should only be checking for a valid return value.

> 
>> test-strerror_r.c:118: assertion failed
>> FAIL: test-strerror_r
> 
> This test is looking for a null terminator at the n-1 position of the
> buffer if strerror_r fails with ERANGE (buffer too small). I don't see
> anywhere the function is specified to write to the buffer AT ALL on
> failure, so this test seems invalid.

This is a case where POSIX is rather weak, but where quality of
implementation demands that the most useful interface is one that
provides the most information back to the user.  glibc had a number of
bugs that were fixed in this area to improve QoI, and gnulib now prefers
to rely on those improvements.

-- 
Eric Blake   eblake@...hat.com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org




Download attachment "signature.asc" of type "application/pgp-signature" (621 bytes)

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.