NetBSD/lib/libc
christos b0735e4145 Add some better error handling from FreeBSD, although we don't
suffer from the same issue, since we don't decrement p->next, like
FreeBSD does because we don't have multibyte support (yet). We
choose to do this so we can fail faster and more predictably.

Here's the original FreeBSD message:

When passed the invalid regular expression "a**", the error is
eventually detected and seterr() is called. It sets p->error
appropriatly and p->next and p->end to nuls which is a never used char
nuls[10] which is zeros due to .bss initialization. Unfortunatly,
p_ere_exp() and p_simp_re() both have fall through cases where they set
the error, decrement p->next and access it which means a read from what
ever .bss variable comes before nuls.

Found with regex_test:repet_multi and CHERI bounds checking.

Reviewed by:	ngie, pfg, emaste
Obtained from:	CheriBSD
Sponsored by:	DARPA, AFRL
MFC after:	1 week
Differential Revision:	https://reviews.freebsd.org/D10541
2019-02-07 22:22:31 +00:00
..
arch use adrp not adr, since the data is not pc-rel. fixes brk(2). 2019-02-05 13:02:35 +00:00
atomic atomic_and/atomic_or do bitwise ops, not logical ops. 2018-06-16 08:11:32 +00:00
cdb Correct the documentation of cdbr_open_mem(3) 2018-12-01 02:43:43 +00:00
citrus Avoid left-shifting a negative number in the non-compat case, too. 2018-06-11 20:28:23 +00:00
compat Add some compat stubs for aarch64. Not providing any actual compatibility 2018-04-29 17:47:06 +00:00
compat-43 Add bunch of missing includes of namespace.h in libc 2018-01-04 20:57:28 +00:00
compiler_rt Do not use IEEE 754 specific functions for VAX 2017-07-23 09:50:54 +00:00
db Add bunch of missing includes of namespace.h in libc 2018-01-04 20:57:28 +00:00
dlfcn Compute relocbase correctly for static PIE. AT_BASE is not usable in 2018-07-13 19:49:47 +00:00
gdtoa PR/50937: Henning Petersen: Fix subnormal printf for long double x86. From 2016-03-13 19:44:58 +00:00
gen PR/53904: Jintao Zhu: Use a mutex instead of an rwlock to assure thread safety 2019-01-24 18:01:38 +00:00
gmon use the pico objects if we are making a PIC profiled library. 2019-01-06 18:14:10 +00:00
hash Use An in AUTHORS section. 2018-12-17 08:18:06 +00:00
iconv Bump date for previous. 2016-06-08 07:53:15 +00:00
include Revert to commits as they broke few rump tests 2018-01-17 01:24:29 +00:00
inet Remove unused macro. 2018-12-13 08:39:34 +00:00
isc time_t casts 2012-03-21 00:34:54 +00:00
locale Add bunch of missing includes of namespace.h in libc 2018-01-04 20:57:28 +00:00
md Use .An in authors section. Remove empty section. 2018-05-23 06:08:01 +00:00
misc Add a support to build ubsan.c in libc 2018-08-03 04:29:35 +00:00
nameser reduce diffs with other copies of this code. 2014-03-07 01:07:01 +00:00
net Adjust English usage in message for EAI_NONAME. 2018-12-13 04:41:41 +00:00
nls belt-n-suspenders, close on exec catalog files. 2014-09-16 01:30:28 +00:00
quad Don't return 0x1.0p31 for every input value 2^N. 2013-09-30 19:32:14 +00:00
regex Add some better error handling from FreeBSD, although we don't 2019-02-07 22:22:31 +00:00
resolv Remove unused macro 2018-12-13 08:45:29 +00:00
rpc Avoid undefined behavior in the definition of LAST_FRAG in xdr_rec.c 2018-07-25 23:59:08 +00:00
softfloat Avoid warnings (signed/unsigned comparision and unused variable) 2016-03-29 18:42:29 +00:00
ssp Remove workaround for ancient HTML generation code. 2017-07-03 21:28:48 +00:00
stdio remove diag assert - the compiler demands fp is non NULL now. 2019-01-23 00:05:47 +00:00
stdlib fix grammar. 2018-12-09 20:29:53 +00:00
string switch to FreeBSD's memmem 2018-07-08 17:53:42 +00:00
sys Merge the [pgoyette-compat] branch 2019-01-27 02:08:33 +00:00
termios Remove empty Fd. Use minus for return value. End list. Sort SEE ALSO. 2017-10-30 15:43:21 +00:00
thread-stub Add CHECK_NOT_THREADED() in __libc_mutexattr_settype_stub() 2016-10-31 18:10:11 +00:00
time fix duplicated chunk from merge 2019-01-27 04:33:29 +00:00
tls Determine dynamic binaries by presence of PT_INTERP. Static PIE has 2018-07-13 19:50:21 +00:00
uuid
yp Remove useless macros. Sort errors. 2018-02-11 13:30:55 +00:00
libcincludes.mk MKCOMPAT fixes for when compat MACHINE_CPU != normal MACHINE_CPU 2014-08-10 23:39:08 +00:00
Makefile Restrict -fno-sanitize=function to Clang/LLVM only 2018-08-03 14:01:21 +00:00
Makefile.inc We can't build those three with MKSANITIZER, they are used too early. 2018-06-09 22:41:55 +00:00
README Omit duplicate text. 2017-02-08 13:31:36 +00:00
shlib_version Suggest to remove lfs_ stubs on a major bump. 2018-11-05 04:08:39 +00:00

	$NetBSD: README,v 1.7 2017/02/08 13:31:36 riastradh Exp $

libc: The C library.

* ELF symbols and source names

libc contains symbols for:

(a) standard library routines in C and POSIX,
(b) published NetBSD-specific nonstandard extensions,
(c) internal symbols, and
(d) old versions of any published library routines.

** Standard library routines

If a library routine is standard and its signature has never changed,
it is provided as an ELF global symbol.  Its name is declared normally
in the appropriate header file.

=> Example: The names `malloc' and `free' are declared normally in
   <stdlib.h> (src/include/stdlib.h):

	void	*malloc(size_t);
	void	 free(void *);

   libc provides the following ELF symbols:

	malloc		global
	free		global

   In the implementation of libc, malloc and free are defined normally
   in src/lib/libc/stdlib/jemalloc.c:

	void *
	malloc(size_t size)
	{
	...

	void
	free(void *ptr)
	{
	...

** NetBSD-specific nonstandard extensions

If a library routine is nonstandard but published and its signature has
never changed, it is provided as an ELF weak symbol aliasing an ELF
global symbol of the same name with an underscore prefix.

The name is declared normally in the appropriate header file, provided
that the relevant feature macro, such as _NETBSD_SOURCE, is defined.

Within libc, the name is defined in "namespace.h"
(src/lib/libc/include/namespace.h) as a macro expanding to the
underscored name, which is included before the relevant header file, so
that

(a) the definition in a .c file will define the underscored ELF global
symbol, and

(b) the declaration in the standard header file will match the
definition in the .c file.

Alongside the definition in the .c file is a __weak_alias directive to
create the ELF weak symbol alias.

=> Example: For the nonstandard extension consttime_memequal, the
   header file <string.h> (src/include/string.h) declares
   `consttime_memequal' normally, if the caller defines _NETBSD_SOURCE:

	#if defined(_NETBSD_SOURCE)
	...
	int	consttime_memequal(const void *, const void *, size_t);
	...
	#endif	/* _NETBSD_SOURCE */

   libc provides the following ELF symbols:

	_consttime_memequal	global
	consttime_memequal	weak alias for	_consttime_memequal

   In the implementation of libc, the header file "namespace.h"
   (src/lib/libc/include/namespace.h) defines `consttime_memequal' as a
   macro expanding to `_consttime_memequal':

	#define	consttime_memequal	_consttime_memequal

   The source file src/common/lib/libc/string/consttime_memequal.c
   includes "namespace.h" and <string.h>, and defines
   `consttime_memequal' normally:

	int
	consttime_memequal(const void *b1, const void *b2, size_t len)
	{
	...

   Macro expansion replaces `consttime_memequal' by
   `_consttime_memequal', which is the ELF global symbol this defines.
   Alongside the definition is

	__weak_alias(consttime_memequal,_consttime_memequal)

   to provide `consttime_memequal' as an ELF weak symbol aliasing
   `_consttime_memequal'.

** Internal symbols

If a library routine is internal to libc, it is defined as an ELF
global symbol with an underscore prefix.  Its name is declared in the
appropriate internal header file.

=> Example: The implementations of opendir and rewinddir use a common
   subroutine _initdir, which is not part of the libc API or ABI -- it
   is just an internal subroutine.

   libc provides the following ELF symbols:

	_initdir	global

   The name `_initdir' is declared normally in
   src/lib/libc/gen/dirent_private.h:

	int	_initdir(DIR *, int, const char *);

   The name `_initdir' is defined normally in
   src/lib/libc/gen/initdir.c:

	int
	_initdir(DIR *dirp, int fd, const char *name)
	{
	...

** Old versions of library routines

If the signature or semantics of a library routine foo changed in (for
example) NetBSD 6.0, then libc provides

(1) an ELF global symbol `_foo' implementing its old signature,
(2) an ELF weak symbol `foo' aliasing `_foo', and
(3) an ELF global symbol `__foo50' implementing its new signature (yes,
    `__foo50', not `__foo60').

The name foo is declared in the appropriate header file, under any
relevant feature macros, with a __RENAME directive so that for calls to
foo, the compiler will generate relocations for __foo50.  Old programs,
compiled with the old signature, will continue to use the old symbol.

=> Example: In NetBSD 5.0, time_t was int32_t on every machine.  In
   NetBSD 6.0 and onward, time_t is int64_t on every machine.
   Consequently, the signature of time(3), written as

	time_t	time(time_t *);

   was effectively

	int32_t	time(int32_t *);

   before NetBSD 6.0.  In NetBSD 6.0, it changed to be effectively

	int64_t time(int64_t *);

   Before NetBSD 6.0, libc provided the following libc symbols:

	_time		global (implementing the old signature)
	time		weak alias for _time

   In NetBSD 6.0 and later, libc provides the following ELF symbols:

	_time		global (implementing the old signature)
	time		weak alias for _time
	__time50	global (implementing the new signature)

   (Note that the only change is to add __time50, so that existing
   programs linked against old versions of libc will see the same
   semantics for the symbols that were already there.)

   The header file <time.h> (src/include/time.h) declares

	time_t	time(time_t *) __RENAME(__time50);

   so that compiling C programs that call time will yield objects that
   use the __time50 symbol from libc.  However, old programs that were
   compiled against the 32-bit declaration will continue to use the
   32-bit symbol from libc.

   The header file "namespace.h" (src/lib/libc/include/namespace.h)
   defines `time' as a macro expanding to `_time':

	#define	time	_time

   The source file src/lib/libc/gen/time.c includes "namespace.h" and
   <time.h> and defines `time' normally:

	time_t
	time(time_t *t)
	{
	...

   Macro expansion replaces `time' by `_time', but the
   `__RENAME(__time50)' directive on the declaration <time.h> (to which
   the "namespace.h" macro expansion also applies) means the ELF global
   symbol defined here is actually `__time50'.

   The header file <compat/include/time.h>
   (src/lib/libc/compat/include/time.h) declares

	int32_t	time(int32_t *);

   The source file src/lib/libc/compat/gen/compat_time.c includes
   "namespace.h", <compat/include/time.h>, and <time.h>, but suppresses
   the normal declaration of `time' in <time.h> by defining
   __LIBC12_SOURCE__ and thus gets it from <compat/include/time.h>
   instead.  Then compat_time.c defines `time' normally:

	int32_t
	time(int32_t *t)
	{
	...

   Again, macro expansion replaces `time' by `_time', but since there
   is no __RENAME directive in <compat/include/time.h>, the resulting
   ELF global symbol is `_time'.  (Actually, compat_time.c just has
   `#define time_t int32_t' and `#include "gen/time.c"' to get the same
   text of the definition of time.  The above definition is what we get
   effectively by substituting int32_t for the type time_t.)

   Finally, alongside the definition in compat_time.c is

	__weak_alias(time,_time)

   to define `time' as an ELF weak symbol aliasing `_time'.

   The net effect is that NetBSD 6's libc provides the same definitions
   as NetBSD 5's libc for the symbols `time' and `_time', so that old
   programs that were compiled in NetBSD 5 will continue to work with
   NetBSD 6's libc.  But programs compiled in NetBSD 6 will have 64-bit
   time_t.