GCC emits a warning about shadowing a builtin with our mempcpy
declaration, so switch it to using the same model as memcpy() and
use the apparently-existing __builtin___mempcpy_chk().
Reviewed by: kib (earlier version), markj
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D45976
ssp/ssp.h needed some improvements:
- `len` isn't always a size_t, it may need casted
- In some cases we may want to use a len that isn't specified as a
parameter (e.g., L_ctermid), so __ssp_redirect() should be more
flexible.
- In other cases we may want additional checking, so pull all of the
declaration bits out of __ssp_redirect_raw() so that some functions
can implement the body themselves.
strlcat/strlcpy should be the last of the fortified functions that get
their own __*_chk symbols, and these cases are only done to be
consistent with the rest of the str*() set.
Reviewed by: markj
Sponsored by: Klara, Inc.
Sponsored by: Stormshield
Differential Revision: https://reviews.freebsd.org/D45679
It's a stupid warning, but some ports enable it by default and were
already defining _FORTIFY_SOURCE, thus exposing the new macros
immediately. This at least fixes the libfido2 build, perhaps others as
well.
While we're here, fix a fresh build of stand w/ FORTIFY_SOURCE enabled
by not pulling in the ssp headers if _STANDALONE is defined. We do not
have runtime support in libsa as of the time of writing.
Reported by: netchild
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
In the future, we will Default to _FORTIFY_SOURCE=2 if SSP is enabled,
otherwise default to _FORTIFY_SOURCE=0. For now we default it to 0
unconditionally to ease bisect across older versions without the new
symbols, and we'll put out a call for testing.
include/*.h include their ssp/*.h equivalents as needed based on the
knob. Programs and users are allowed to override FORTIFY_SOURCE in their
Makefiles or src.conf/make.conf to force it off.
Reviewed by: des, markj
Relnotes: yes
Sponsored by: Stormshield
Sponsored by: Klara, Inc.
Differential Revision: https://reviews.freebsd.org/D32308
Remove ancient SCCS tags from the tree, automated scripting, with two
minor fixup to keep things compiling. All the common forms in the tree
were removed with a perl script.
Sponsored by: Netflix
Add a strverscmp(3) function to libc, a GNU extension I implemented by
reading its glibc manual page. It orders strings following a much more
natural ordering (e.g. "ent1 < ent2 < ent10" as opposed to
"ent1 < ent10 < ent2" with strcmp(3)'s lexicographic ordering).
Also add versionsort(3) for use as scandir(3)'s compar argument.
Update manual page for scandir(3) and add one for strverscmp(3).
Reviewed by: pstef, gbe, kib
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D35807
Finally, we have the correct function definition for strmode. NetBSD/OpenBSD
did this many years ago. This code is weird sign extension safe.
Reviewed by: imp@
Pull Request: https://github.com/freebsd/freebsd-src/pull/493
Third-party code tests for strerror_l(3) without specifying
_POSIX_SOURCE, and then expects that the function is prototyped with
_POSIX_SOURCE set to 200112.
Reported and tested by: antoine
Sponsored by: The FreeBSD Foundation
MFC after: 13 days
Mainly focus on files that use BSD 3-Clause license.
The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.
Special thanks to Wind River for providing access to "The Duke of
Highlander" tool: an older (2014) run over FreeBSD tree was useful as a
starting point.
9899:2011 Appendix K 3.7.4.1.
Other needed supporting types, defines and constraint_handler
infrastructure is added as specified in the C11 spec.
Submitted by: Tom Rix <trix@juniper.net>
Sponsored by: Juniper Networks
Discussed with: ed
MFC after: 3 weeks
Differential revision: https://reviews.freebsd.org/D9903
Differential revision: https://reviews.freebsd.org/D10161
or __POSIX_VISIBLE.
Whenever <sys/cdefs.h> sets __BSD_VISIBLE to non-zero, it also sets
__POSIX_VISIBLE and __XSI_VISIBLE to the newest version supported.
No functional change is intended.
- Address performance regressions encountered by das@ by caching per-thread
data in TLS where available.
- Add a __NO_TLS flag to cdefs.h to indicate where not available.
- Reorganise the xlocale.h definitions into xlocale/*.h so that they can be
included from multiple places.
- Export the POSIX2008 subset of xlocale when POSIX2008 says it should be
exported, independently of whether xlocale.h is included.
- Fix the bug where programs using ctype functions always assumed ASCII unless
recompiled.
- Fix some style(9) violations.
Reviewed by: brooks (mentor)
Approved by: dim (mentor)
wcscasecmp(), and wcsncasecmp().
- Make some previously non-standard extensions visible
if POSIX_VISIBLE >= 200809.
- Use restrict qualifiers in stpcpy().
- Declare off_t and size_t in stdio.h.
- Bump __FreeBSD_version in case the new symbols (particularly
getline()) cause issues with ports.
Reviewed by: standards@
that the annotated function returns a pointer that doesn't alias any
extant pointer. This results in a 50%+ speedup in microbenchmarks such
as the following:
char *cp = malloc(1), *buf = malloc(BUF);
for (i = 0; i < BUF; i++) buf[i] = *cp;
In real programs, your mileage will vary. Note that gcc already
performs this optimization automatically for any function called
`malloc', `calloc', `strdup', or `strndup' unless -fno-builtins is
used.
This change was erronously ommitted from the r185690, and attempt
to simply add the prototype to string.h has revealed that several
contributed programs defined local prototypes for strndup(), controlled
by autoconfed config.h. So, manually change #undef HAVE_STRNDUP to
#define HAVE_STRNDUP 1. Next import of the corresponding program would
regenerate config.h, overriding the changes in this commit.
No objections from: kan
It is the binary equivalent to strstr(3).
void *memmem(const void *big, size_t big_len,
const void *little, size_t little_len);
Submitted by: Pascal Gloor <pascal.gloor at spale.com>
MFC after: 3 days
http://www.opengroup.org/onlinepubs/009695399/functions/swab.html
the prototype for swab() should be in <unistd.h> and not in <string.h>.
Move it, and update to match SUS. Leave the prototype in string.h for
now, for backwards compat.
PR: 74751
Submitted by: Craig Rodrigues <rodrigc@crodrigues.org>
Discussed with: das
an int constant to a long constant. This change improves consistency
in the following two ways:
1. The first 8 arguments are always passed in registers on ia64, which
by virtue of the generated code implicitly widens ints to longs and
allows the use of an 32-bit integral type for 64-bit arguments.
Subsequent arguments are passed onto the memory stack, which does
not exhibit the same behaviour and consequently do not allow this.
In practice this means that variadic functions taking pointers
and given NULL (without cast) work as long as the NULL is passed
in one of the first 8 arguments. A SIGSEGV is more likely the
result if such would be done for stack-based arguments. This is
due to the fact that the upper 4 bytes remain undefined.
2. All 64-bit platforms that FreeBSD supports, with the obvious
exception of ia64, allow 32-bit integral types (specifically NULL)
when 64-bit pointers are expected in variadic functions by way of
how the compiler generates code. As such, code that works correctly
(whether rightfully so or not) on any platform other than ia64, may
fail on ia64.
To more easily allow tweaking of the definition of NULL, this commit
removes the 12 definitions in the various headers and puts it in a
new header that can be included whenever NULL is to be made visible.
This commit fixes GNOME, emacs, xemacs and a whole bunch of ports
that I don't particularly care about at this time...
called <machine/_types.h>.
o <machine/ansi.h> will continue to live so it can define MD clock
macros, which are only MD because of gratuitous differences between
architectures.
o Change all headers to make use of this. This mainly involves
changing:
#ifdef _BSD_FOO_T_
typedef _BSD_FOO_T_ foo_t;
#undef _BSD_FOO_T_
#endif
to:
#ifndef _FOO_T_DECLARED
typedef __foo_t foo_t;
#define _FOO_T_DECLARED
#endif
Concept by: bde
Reviewed by: jake, obrien
<strings.h>, based on POSIX.1-2001's requirements.
o Add 'restrict' qualifier (spelled '__restrict') to functions in
<string.h>, as per C99 and POSIX.1-2001.
o Properly expose new POSIX.1-2001 functions in <string.h>.
# This appears to not break X11, but I'm having problems compiling the
# glide part of the server with or without this patch, so I can't tell
# for sure.
number of characters that are searched. This is especially useful
with file operations and non-NUL terminated strings.
Silence from: -audit, -hackers
MFC after: 5 days
