Hi, Kamil Rytarowski <n...@gmx.com> writes:
> Hello, > > I will have a look at them. Thank you. Real fix is welcome. And multimedia/handbrake has workaround already. I have workaround patches for lang/mono6 (like your nspr patch). I will commit them after some tests. > On 12.02.2020 14:02, Ryo ONODERA wrote: >> Hi, >> >> Kamil Rytarowski <n...@gmx.com> writes: >> >>> Please apple workaround (same like in NSPR) for now if fixing is difficult. >>> >>> Such bugs can have security implications. >> >> Adding workarounds will not improve security problems. >> And I feel that such workarounds will not be accepted by upstream. >> I will add workarounds to some packages. >> However I feel that it is not meaningful... >> >>> On 12.02.2020 09:49, Ryo ONODERA wrote: >>>> Hi, >>>> >>>> I have two problematic pkgsrc packages at least. >>>> Of course these programs have misuses and/or bugs, however I feel that >>>> dealing pt_magic in pthread_equal() is too hasty for pkgsrc. >>>> >>>> multimedia/handbrake (internal libbluray): >>>> The invalid thread pointer is not NULL. >>>> pthread_equal t1: 0xffffffffffffffff >>>> pthread_equal t2: 0x7073b25e2000 >>>> >>>> Another one is lang/mono6: >>>> The invalid thread pointer is not 0xffffffffffffffff. >>>> pthread_equal t1: 0x7b066d4d7800 >>>> pthread_equal t2: 0x60f5f000 >>>> >>>> Of course, it is desirable to fix every misuses and bugs in pkgsrc. >>>> However it is impossible for now (at least for me). >>>> >>>> "Kamil Rytarowski" <ka...@netbsd.org> writes: >>>> >>>>> Module Name: src >>>>> Committed By: kamil >>>>> Date: Sat Feb 8 17:06:03 UTC 2020 >>>>> >>>>> Modified Files: >>>>> src/lib/libpthread: pthread.c >>>>> >>>>> Log Message: >>>>> Change the behavior of pthread_equal() >>>>> >>>>> On error when not aborting, do not return EINVAL as it has a side effect >>>>> of being interpreted as matching threads. For invalid threads return >>>>> unmatched. >>>>> >>>>> Check pthreads for NULL, before accessing pt_magic field. This avoids >>>>> faults on comparision with a NULL pointer. >>>>> >>>>> This behavior is in the scope of UB, but should be easier to deal with >>>>> buggy software. >>>>> >>>>> >>>>> To generate a diff of this commit: >>>>> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c >>>>> >>>>> Please note that diffs are not public domain; they are subject to the >>>>> copyright notices on the relevant files. >>>>> >>>>> Modified files: >>>>> >>>>> Index: src/lib/libpthread/pthread.c >>>>> diff -u src/lib/libpthread/pthread.c:1.163 >>>>> src/lib/libpthread/pthread.c:1.164 >>>>> --- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020 >>>>> +++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020 >>>>> @@ -1,4 +1,4 @@ >>>>> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ >>>>> */ >>>>> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ >>>>> */ >>>>> >>>>> /*- >>>>> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020 >>>>> @@ -31,7 +31,7 @@ >>>>> */ >>>>> >>>>> #include <sys/cdefs.h> >>>>> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $"); >>>>> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $"); >>>>> >>>>> #define __EXPOSE_STACK 1 >>>>> >>>>> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2 >>>>> if (__predict_false(__uselibcstub)) >>>>> return __libc_thr_equal_stub(t1, t2); >>>>> >>>>> - pthread__error(EINVAL, "Invalid thread", >>>>> - t1->pt_magic == PT_MAGIC); >>>>> + pthread__error(0, "Invalid thread", >>>>> + (t1 != NULL) && (t1->pt_magic == PT_MAGIC)); >>>>> >>>>> - pthread__error(EINVAL, "Invalid thread", >>>>> - t2->pt_magic == PT_MAGIC); >>>>> + pthread__error(0, "Invalid thread", >>>>> + (t2 != NULL) && (t2->pt_magic == PT_MAGIC)); >>>>> >>>>> /* Nothing special here. */ >>>>> return (t1 == t2); >>>>> >>>> >>> >>> >> > > -- Ryo ONODERA // r...@tetera.org PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3