Date: Wed, 6 Sep 2017 22:18:12 -0400 From: Rich Felker <dalias@...c.org> To: musl@...ts.openwall.com Subject: Re: open issues On Tue, Aug 29, 2017 at 10:06:52PM -0400, Rich Felker wrote: > Updated lists after reviewing the list and pushing the changes that > were easy to make/merge: Further updates: > Still pending due to nontrivial patch to review and/or need for > testing: > > - getenv/setenv/putenv ub > http://www.openwall.com/lists/musl/2017/08/21/1 > http://www.openwall.com/lists/musl/2016/03/13/7 Committed new version of the patches by Alexander Monakov. > - mbsnrtowcs and mbsnrtowcs confuses byte and wchar counts > http://www.openwall.com/lists/musl/2017/08/09/1 Committed patch by Mikhail Kremnyov. > - oob reads in memmem (and signed << ub) > http://www.openwall.com/lists/musl/2017/06/29/6 Committed Alexander Monakov's fix. I'm not sure it's my favorite but upon rereading it was the version that I could easily say doesn't change behavior (except for fixing the bug) and looks like it doesn't change any performance characteristics. > - fix nftw when called with paths ending in slash > http://www.openwall.com/lists/musl/2017/03/07/1 Reviewed and I understand the issue and patch well now. I replied to the thread with a possible simpler patch that just fixes the bug without other behavioral change and raised a couple small issues about behavior. > Pending due to waiting for updated patch incorporating feedback > already given or resolving merge conflicts or similar: > > - handle whitespace before %% in scanf > http://www.openwall.com/lists/musl/2017/07/11/1 Committed patch by Bartosz Brachaczek. Previously I thought a different approach would be cleaner but it turned out not to be. > - make dlsym and reloc time lookup consistent > http://www.openwall.com/lists/musl/2017/02/16/1 Remains open. > - newly created thread may run with signals blocked > < sergei> there seems to be a race condition in pthread_create.c between lines 134 and 298 > < sergei> if line 298 is executed before 134 (assuming syscall returned 0), startlock will be overwritten with zero, the condition will be evaluated to false and __restore_sigs will not be executed > < sergei> the newly created thread will run with all signals blocked > < sergei> i have a patch that fixes the issue for me: https://pastebin.com/T5QSd0C9 While I still don't like the original direct use of atomics, the proposed patch (especially once a no-op change is removed from it) is simple and fairly clearly fixes the bug. Committing something similar with added comments. > - missed underflow in fma > http://www.openwall.com/lists/musl/2017/03/19/6 > new fma, depends on a_clz_64 > http://www.openwall.com/lists/musl/2017/04/23/10 New proposal is pending review. > Pending due to need for additional analysis to determine exactly > what/where the bug is: > > - mips64 utime issue? > "tar binary can't fix the modification/access times on any extracted symbolic links," > http://www.openwall.com/lists/musl/2017/07/06/1 Still needs analysis. > Pending due to open question about desired behavior: > > - getservbyport(_r) should not report numeric ports > http://www.openwall.com/lists/musl/2017/02/06/5 Committed with corresponding change in opposite direction and added comments. > - mmap should not return EPERM when it means ENOMEM > http://www.openwall.com/lists/musl/2017/01/12/1 Fixed in commit da438ee1fc516c41ba1790cef7be551a9e244397 > - GLOB_PERIOD is inconsistent with glibc > http://www.openwall.com/lists/musl/2017/01/12/5 Fixed in commit 8c4be3e2209d2a1d3874b8bc2b474668fcbbbac6 > - ldso ctor dependency ordering and recursive dlopen fix > http://www.openwall.com/lists/musl/2017/01/03/6 This is going to have to be a punt until next release cycle. > Pending due to dependency of fix on larger change: > > - use-after-free in __unlock of pthread struct > http://www.openwall.com/lists/musl/2017/06/01/7 Still need to decide what to do on this. > Pending due to need to minor mechanical review: > > - fix syscall number differences compared to linux uapi > http://www.openwall.com/lists/musl/2017/02/18/1 Committed new patch. > Pending due to missing patch: > > - align arm hwcap.h with glibc (nsz) Got patch and committed. Rich
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.