Re: CVS commit: src/lib/libpthread
Hello,
I will have a look at them.
On 12.02.2020 14:02, Ryo ONODERA wrote:
> Hi,
>
> Kamil Rytarowski writes:
>
>> Please apple workaround (same like in NSPR) for now if fixing is difficult.
>>
>> Such bugs can have security implications.
>
> Adding workarounds will not improve security problems.
> And I feel that such workarounds will not be accepted by upstream.
> I will add workarounds to some packages.
> However I feel that it is not meaningful...
>
>> On 12.02.2020 09:49, Ryo ONODERA wrote:
>>> Hi,
>>>
>>> I have two problematic pkgsrc packages at least.
>>> Of course these programs have misuses and/or bugs, however I feel that
>>> dealing pt_magic in pthread_equal() is too hasty for pkgsrc.
>>>
>>> multimedia/handbrake (internal libbluray):
>>> The invalid thread pointer is not NULL.
>>> pthread_equal t1: 0x
>>> pthread_equal t2: 0x7073b25e2000
>>>
>>> Another one is lang/mono6:
>>> The invalid thread pointer is not 0x.
>>> pthread_equal t1: 0x7b066d4d7800
>>> pthread_equal t2: 0x60f5f000
>>>
>>> Of course, it is desirable to fix every misuses and bugs in pkgsrc.
>>> However it is impossible for now (at least for me).
>>>
>>> "Kamil Rytarowski" writes:
>>>
Module Name: src
Committed By: kamil
Date: Sat Feb 8 17:06:03 UTC 2020
Modified Files:
src/lib/libpthread: pthread.c
Log Message:
Change the behavior of pthread_equal()
On error when not aborting, do not return EINVAL as it has a side effect
of being interpreted as matching threads. For invalid threads return
unmatched.
Check pthreads for NULL, before accessing pt_magic field. This avoids
faults on comparision with a NULL pointer.
This behavior is in the scope of UB, but should be easier to deal with
buggy software.
To generate a diff of this commit:
cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/lib/libpthread/pthread.c
diff -u src/lib/libpthread/pthread.c:1.163
src/lib/libpthread/pthread.c:1.164
--- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020
+++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020
@@ -1,4 +1,4 @@
-/*$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $
*/
+/*$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $
*/
/*-
* Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020
@@ -31,7 +31,7 @@
*/
#include
-__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $");
+__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $");
#define __EXPOSE_STACK 1
@@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2
if (__predict_false(__uselibcstub))
return __libc_thr_equal_stub(t1, t2);
- pthread__error(EINVAL, "Invalid thread",
- t1->pt_magic == PT_MAGIC);
+ pthread__error(0, "Invalid thread",
+ (t1 != NULL) && (t1->pt_magic == PT_MAGIC));
- pthread__error(EINVAL, "Invalid thread",
- t2->pt_magic == PT_MAGIC);
+ pthread__error(0, "Invalid thread",
+ (t2 != NULL) && (t2->pt_magic == PT_MAGIC));
/* Nothing special here. */
return (t1 == t2);
>>>
>>
>>
>
signature.asc
Description: OpenPGP digital signature
Re: CVS commit: src/lib/libpthread
Hi,
Kamil Rytarowski writes:
> Please apple workaround (same like in NSPR) for now if fixing is difficult.
>
> Such bugs can have security implications.
Adding workarounds will not improve security problems.
And I feel that such workarounds will not be accepted by upstream.
I will add workarounds to some packages.
However I feel that it is not meaningful...
> On 12.02.2020 09:49, Ryo ONODERA wrote:
>> Hi,
>>
>> I have two problematic pkgsrc packages at least.
>> Of course these programs have misuses and/or bugs, however I feel that
>> dealing pt_magic in pthread_equal() is too hasty for pkgsrc.
>>
>> multimedia/handbrake (internal libbluray):
>> The invalid thread pointer is not NULL.
>> pthread_equal t1: 0x
>> pthread_equal t2: 0x7073b25e2000
>>
>> Another one is lang/mono6:
>> The invalid thread pointer is not 0x.
>> pthread_equal t1: 0x7b066d4d7800
>> pthread_equal t2: 0x60f5f000
>>
>> Of course, it is desirable to fix every misuses and bugs in pkgsrc.
>> However it is impossible for now (at least for me).
>>
>> "Kamil Rytarowski" writes:
>>
>>> Module Name:src
>>> Committed By: kamil
>>> Date: Sat Feb 8 17:06:03 UTC 2020
>>>
>>> Modified Files:
>>> src/lib/libpthread: pthread.c
>>>
>>> Log Message:
>>> Change the behavior of pthread_equal()
>>>
>>> On error when not aborting, do not return EINVAL as it has a side effect
>>> of being interpreted as matching threads. For invalid threads return
>>> unmatched.
>>>
>>> Check pthreads for NULL, before accessing pt_magic field. This avoids
>>> faults on comparision with a NULL pointer.
>>>
>>> This behavior is in the scope of UB, but should be easier to deal with
>>> buggy software.
>>>
>>>
>>> To generate a diff of this commit:
>>> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c
>>>
>>> Please note that diffs are not public domain; they are subject to the
>>> copyright notices on the relevant files.
>>>
>>> Modified files:
>>>
>>> Index: src/lib/libpthread/pthread.c
>>> diff -u src/lib/libpthread/pthread.c:1.163
>>> src/lib/libpthread/pthread.c:1.164
>>> --- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020
>>> +++ src/lib/libpthread/pthread.cSat Feb 8 17:06:03 2020
>>> @@ -1,4 +1,4 @@
>>> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ */
>>> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ */
>>>
>>> /*-
>>> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020
>>> @@ -31,7 +31,7 @@
>>> */
>>>
>>> #include
>>> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $");
>>> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $");
>>>
>>> #define__EXPOSE_STACK 1
>>>
>>> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2
>>> if (__predict_false(__uselibcstub))
>>> return __libc_thr_equal_stub(t1, t2);
>>>
>>> - pthread__error(EINVAL, "Invalid thread",
>>> - t1->pt_magic == PT_MAGIC);
>>> + pthread__error(0, "Invalid thread",
>>> + (t1 != NULL) && (t1->pt_magic == PT_MAGIC));
>>>
>>> - pthread__error(EINVAL, "Invalid thread",
>>> - t2->pt_magic == PT_MAGIC);
>>> + pthread__error(0, "Invalid thread",
>>> + (t2 != NULL) && (t2->pt_magic == PT_MAGIC));
>>>
>>> /* Nothing special here. */
>>> return (t1 == t2);
>>>
>>
>
>
--
Ryo ONODERA // r...@tetera.org
PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
Re: CVS commit: src/lib/libpthread
Please apple workaround (same like in NSPR) for now if fixing is difficult.
Such bugs can have security implications.
On 12.02.2020 09:49, Ryo ONODERA wrote:
> Hi,
>
> I have two problematic pkgsrc packages at least.
> Of course these programs have misuses and/or bugs, however I feel that
> dealing pt_magic in pthread_equal() is too hasty for pkgsrc.
>
> multimedia/handbrake (internal libbluray):
> The invalid thread pointer is not NULL.
> pthread_equal t1: 0x
> pthread_equal t2: 0x7073b25e2000
>
> Another one is lang/mono6:
> The invalid thread pointer is not 0x.
> pthread_equal t1: 0x7b066d4d7800
> pthread_equal t2: 0x60f5f000
>
> Of course, it is desirable to fix every misuses and bugs in pkgsrc.
> However it is impossible for now (at least for me).
>
> "Kamil Rytarowski" writes:
>
>> Module Name: src
>> Committed By:kamil
>> Date:Sat Feb 8 17:06:03 UTC 2020
>>
>> Modified Files:
>> src/lib/libpthread: pthread.c
>>
>> Log Message:
>> Change the behavior of pthread_equal()
>>
>> On error when not aborting, do not return EINVAL as it has a side effect
>> of being interpreted as matching threads. For invalid threads return
>> unmatched.
>>
>> Check pthreads for NULL, before accessing pt_magic field. This avoids
>> faults on comparision with a NULL pointer.
>>
>> This behavior is in the scope of UB, but should be easier to deal with
>> buggy software.
>>
>>
>> To generate a diff of this commit:
>> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c
>>
>> Please note that diffs are not public domain; they are subject to the
>> copyright notices on the relevant files.
>>
>> Modified files:
>>
>> Index: src/lib/libpthread/pthread.c
>> diff -u src/lib/libpthread/pthread.c:1.163 src/lib/libpthread/pthread.c:1.164
>> --- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020
>> +++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020
>> @@ -1,4 +1,4 @@
>> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ */
>> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ */
>>
>> /*-
>> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020
>> @@ -31,7 +31,7 @@
>> */
>>
>> #include
>> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $");
>> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $");
>>
>> #define __EXPOSE_STACK 1
>>
>> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2
>> if (__predict_false(__uselibcstub))
>> return __libc_thr_equal_stub(t1, t2);
>>
>> -pthread__error(EINVAL, "Invalid thread",
>> -t1->pt_magic == PT_MAGIC);
>> +pthread__error(0, "Invalid thread",
>> +(t1 != NULL) && (t1->pt_magic == PT_MAGIC));
>>
>> -pthread__error(EINVAL, "Invalid thread",
>> -t2->pt_magic == PT_MAGIC);
>> +pthread__error(0, "Invalid thread",
>> +(t2 != NULL) && (t2->pt_magic == PT_MAGIC));
>>
>> /* Nothing special here. */
>> return (t1 == t2);
>>
>
signature.asc
Description: OpenPGP digital signature
CVS commit: src/sbin/mount_msdos
Module Name:src Committed By: leot Date: Wed Feb 12 09:43:19 UTC 2020 Modified Files: src/sbin/mount_msdos: mount_msdos.8 Log Message: Fix a thinko Reported by qjsgkem via #netbsd-code, thanks! To generate a diff of this commit: cvs rdiff -u -r1.40 -r1.41 src/sbin/mount_msdos/mount_msdos.8 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sbin/mount_msdos
Module Name:src Committed By: leot Date: Wed Feb 12 09:43:19 UTC 2020 Modified Files: src/sbin/mount_msdos: mount_msdos.8 Log Message: Fix a thinko Reported by qjsgkem via #netbsd-code, thanks! To generate a diff of this commit: cvs rdiff -u -r1.40 -r1.41 src/sbin/mount_msdos/mount_msdos.8 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sbin/mount_msdos/mount_msdos.8 diff -u src/sbin/mount_msdos/mount_msdos.8:1.40 src/sbin/mount_msdos/mount_msdos.8:1.41 --- src/sbin/mount_msdos/mount_msdos.8:1.40 Tue Oct 11 16:10:03 2016 +++ src/sbin/mount_msdos/mount_msdos.8 Wed Feb 12 09:43:19 2020 @@ -1,4 +1,4 @@ -.\" $NetBSD: mount_msdos.8,v 1.40 2016/10/11 16:10:03 sevan Exp $ +.\" $NetBSD: mount_msdos.8,v 1.41 2020/02/12 09:43:19 leot Exp $ .\" .\" Copyright (c) 1993, 1994 Christopher G. Demetriou .\" All rights reserved. @@ -32,7 +32,7 @@ .\" .\" <> .\" -.Dd October 11, 2016 +.Dd February 12, 2020 .Dt MOUNT_MSDOS 8 .Os .Sh NAME @@ -203,7 +203,7 @@ in and rewritten entirely by .Nx 1.0 . .Sh AUTHORS -Initial implimintation as +Initial implementation as .Nm mount_pcfs was written by .An -nosplit
Re: CVS commit: src/lib/libpthread
Hi,
I have two problematic pkgsrc packages at least.
Of course these programs have misuses and/or bugs, however I feel that
dealing pt_magic in pthread_equal() is too hasty for pkgsrc.
multimedia/handbrake (internal libbluray):
The invalid thread pointer is not NULL.
pthread_equal t1: 0x
pthread_equal t2: 0x7073b25e2000
Another one is lang/mono6:
The invalid thread pointer is not 0x.
pthread_equal t1: 0x7b066d4d7800
pthread_equal t2: 0x60f5f000
Of course, it is desirable to fix every misuses and bugs in pkgsrc.
However it is impossible for now (at least for me).
"Kamil Rytarowski" writes:
> Module Name: src
> Committed By: kamil
> Date: Sat Feb 8 17:06:03 UTC 2020
>
> Modified Files:
> src/lib/libpthread: pthread.c
>
> Log Message:
> Change the behavior of pthread_equal()
>
> On error when not aborting, do not return EINVAL as it has a side effect
> of being interpreted as matching threads. For invalid threads return
> unmatched.
>
> Check pthreads for NULL, before accessing pt_magic field. This avoids
> faults on comparision with a NULL pointer.
>
> This behavior is in the scope of UB, but should be easier to deal with
> buggy software.
>
>
> To generate a diff of this commit:
> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c
>
> Please note that diffs are not public domain; they are subject to the
> copyright notices on the relevant files.
>
> Modified files:
>
> Index: src/lib/libpthread/pthread.c
> diff -u src/lib/libpthread/pthread.c:1.163 src/lib/libpthread/pthread.c:1.164
> --- src/lib/libpthread/pthread.c:1.163Wed Feb 5 14:56:04 2020
> +++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020
> @@ -1,4 +1,4 @@
> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ */
> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ */
>
> /*-
> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020
> @@ -31,7 +31,7 @@
> */
>
> #include
> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $");
> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $");
>
> #define __EXPOSE_STACK 1
>
> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2
> if (__predict_false(__uselibcstub))
> return __libc_thr_equal_stub(t1, t2);
>
> - pthread__error(EINVAL, "Invalid thread",
> - t1->pt_magic == PT_MAGIC);
> + pthread__error(0, "Invalid thread",
> + (t1 != NULL) && (t1->pt_magic == PT_MAGIC));
>
> - pthread__error(EINVAL, "Invalid thread",
> - t2->pt_magic == PT_MAGIC);
> + pthread__error(0, "Invalid thread",
> + (t2 != NULL) && (t2->pt_magic == PT_MAGIC));
>
> /* Nothing special here. */
> return (t1 == t2);
>
--
Ryo ONODERA // r...@tetera.org
PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3
