main/musl: backport proper fputs fix from upstream

2026-05-04 20:06:43 +02:00 · 2016-02-17 08:18:19 +02:00 · 2016-02-17 08:18:19 +02:00 · 167441e8b2
commit 167441e8b2
parent b1766033fc
5 changed files with 130 additions and 17 deletions
--- a/main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+++ b/main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
@ -0,0 +1,34 @@
+From 10a17dfbad2c267d885817abc9c7589fc7ff630b Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 13:26:16 -0500
+Subject: [PATCH] fix assumption in fputs that fwrite returning 0 implies an
+ error
+
+internally, the idiom of passing nmemb=1 to fwrite and interpreting
+the return value of fwrite (which is necessarily 0 or 1) as
+failure/success is fairly widely used. this is not correct, however,
+when the size argument is unknown and may be zero, since C requires
+fwrite to return 0 in that special case. previously fwrite always
+returned nmemb on success, but this was changed for conformance with
+ISO C by commit 500c6886c654fd45e4926990fee2c61d816be197.
+---
+ src/stdio/fputs.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/stdio/fputs.c b/src/stdio/fputs.c
+index 4737f44..1cf344f 100644
+--- a/src/stdio/fputs.c
+++ b/src/stdio/fputs.c
+@@ -3,7 +3,8 @@
+ 
+ int fputs(const char *restrict s, FILE *restrict f)
+ {
+-	return (int)fwrite(s, strlen(s), 1, f) - 1;
+	size_t l = strlen(s);
+	return (fwrite(s, 1, l, f)==l) - 1;
+ }
+ 
+ weak_alias(fputs, fputs_unlocked);
+-- 
+2.7.1
+
--- a/main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+++ b/main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
@ -0,0 +1,37 @@
+From ef2b5e9f13a7f216d6d64aeccc6b33c1262faece Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 13:27:24 -0500
+Subject: [PATCH] fix unlikely corner cases in getopt's message printing
+
+like fputs (see commit 10a17dfbad2c267d885817abc9c7589fc7ff630b), the
+message printing code for getopt assumed that fwrite only returns 0 on
+failure, but it can also happen on success if the total length to be
+written is zero. programs with zero-length argv[0] were affected.
+
+commit 500c6886c654fd45e4926990fee2c61d816be197 introduced this
+problem in getopt by fixing the fwrite behavior to conform to the
+requirements of ISO C. previously the wrong expectations of the getopt
+code were met by the fwrite implementation.
+---
+ src/misc/getopt.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/misc/getopt.c b/src/misc/getopt.c
+index 9217983..8290aef 100644
+--- a/src/misc/getopt.c
+++ b/src/misc/getopt.c
+@@ -17,9 +17,9 @@ void __getopt_msg(const char *a, const char *b, const char *c, size_t l)
+ 	FILE *f = stderr;
+ 	b = __lctrans_cur(b);
+ 	flockfile(f);
+-	fwrite(a, strlen(a), 1, f)
+	fputs(a, f)>=0
+ 	&& fwrite(b, strlen(b), 1, f)
+-	&& fwrite(c, l, 1, f)
+	&& fwrite(c, 1, l, f)==l
+ 	&& putc('\n', f);
+ 	funlockfile(f);
+ }
+-- 
+2.7.1
+
--- a/main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
+++ b/main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
@ -0,0 +1,46 @@
+From cf115059ba0ecd611008c89c78c37b62f8e6d6af Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 17:38:07 -0500
+Subject: [PATCH] in crypt-sha*, reject excessive rounds as error rather than
+ clamping
+
+the reference implementation clamps rounds to [1000,999999999]. we
+further limited rounds to at most 9999999 as a defense against extreme
+run times, but wrongly clamped instead of treating out-of-bounds
+values as an error, thereby producing implementation-specific hash
+results. fixing this should not break anything since values of rounds
+this high are not useful anyway.
+---
+ src/crypt/crypt_sha256.c | 2 +-
+ src/crypt/crypt_sha512.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/crypt/crypt_sha256.c b/src/crypt/crypt_sha256.c
+index d5f0b78..e885dc6 100644
+--- a/src/crypt/crypt_sha256.c
+++ b/src/crypt/crypt_sha256.c
+@@ -230,7 +230,7 @@ static char *sha256crypt(const char *key, const char *setting, char *output)
+ 		if (u < ROUNDS_MIN)
+ 			r = ROUNDS_MIN;
+ 		else if (u > ROUNDS_MAX)
+-			r = ROUNDS_MAX;
+			return 0;
+ 		else
+ 			r = u;
+ 		/* needed when rounds is zero prefixed or out of bounds */
+diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
+index 1294e98..39970ca 100644
+--- a/src/crypt/crypt_sha512.c
+++ b/src/crypt/crypt_sha512.c
+@@ -252,7 +252,7 @@ static char *sha512crypt(const char *key, const char *setting, char *output)
+ 		if (u < ROUNDS_MIN)
+ 			r = ROUNDS_MIN;
+ 		else if (u > ROUNDS_MAX)
+-			r = ROUNDS_MAX;
+			return 0;
+ 		else
+ 			r = u;
+ 		/* needed when rounds is zero prefixed or out of bounds */
+-- 
+2.7.1
+
--- a/main/musl/APKBUILD
+++ b/main/musl/APKBUILD
@ -2,7 +2,7 @@
 # Maintainer: Timo Teräs <timo.teras@iki.fi>
 pkgname=musl
 pkgver=1.1.13
-pkgrel=1
+pkgrel=2
 pkgdesc="the musl c library (libc) implementation"
 url="http://www.musl-libc.org/"
 arch="all"
@ -12,7 +12,9 @@ depends_dev="!uclibc-dev"
 makedepends="$depends_dev"
 subpackages="$pkgname-dev $pkgname-utils $pkgname-dbg libc6-compat:compat"
 source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz
-	fix-fputs.patch
+	0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+	0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+	0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch

 	ldconfig
 	__stack_chk_fail_local.c
@ -129,21 +131,27 @@ compat() {
 }

 md5sums="b8cb33a04ab461b55edcc807abf82241  musl-1.1.13.tar.gz
-796a4dab96dc5c1c182a7b6e44f563fb  fix-fputs.patch
+b05c1a3f3b773610fdfe1fe44f41c5f8  0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+5b1ab9ab71069b9daafaf7a62ee3cf8e  0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+bf74e577da2993ccf468787910a3d4d3  0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
 830d01f7821b978df770b06db3790921  ldconfig
 0df687757221bbb0fc1aa67f1bd646f9  __stack_chk_fail_local.c
 57ef2c63b9ec6a2041694ace97d4ffa2  getconf.c
 2b941c4251cac44988a4abfc50e21267  getent.c
 45f92f8d59cf84d765de698a9578dbf4  iconv.c"
 sha256sums="bbacdc64f557d0c4857f7d2daf592c32c29aec1babbb94fcf01a2e05bed15013  musl-1.1.13.tar.gz
-990d71f2efacede62b54225c773b1245b38fae9d5bd59971984bbd173cfb5e9c  fix-fputs.patch
+f32bfc319bb2e4dd6e20ab81dd838af991c6696dbd70db93926e8e3e446caf50  0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+e21ad9f7e9ff9089d3be03281366dd01a7487b21fb00dd7b7556f46e84f2e282  0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+4542c63178f1f8d42d54a3e81a3db1978103d76f0d3ffb42b133bfe4b02f5de4  0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
 b4a2c06db38742e8c42c3c9838b285a7d8cdac6c091ff3df5ff9a15f1e41b9c7  ldconfig
 299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da  __stack_chk_fail_local.c
 d87d0cbb3690ae2c5d8cc218349fd8278b93855dd625deaf7ae50e320aad247c  getconf.c
 68373a55e89ce85c562d941ccf588337d6cc6c9c17689d695f65cd7607134bbe  getent.c
 f79a2930a2e5bb0624321589edf8b889d1e9b603e01e6b7ae214616605b3fdd7  iconv.c"
 sha512sums="d5f4a6fdb6a2cdbd7ab1ad5a8d91b1c690b3bd31d9049dfc022067019bba11952e375374eed982a0ddac7347d17f9ff2300178c4d5f27bdd8480933cc6e67802  musl-1.1.13.tar.gz
-1fb5708a0dd8938622c0a1c8f933f79da1de94d37952d555930152d52d5405f1e744e502bdf9e22cd4d16293dcfb685707f323f6ac2af5ef4eb6b6897ac4d182  fix-fputs.patch
+c634947ddf6d0b2e462cacff3920326a5677c06a3fc58f40cf99f22496b33882d25b4dce041a368fa2961d23bccbf9145a571fd40ea0d390cea1ab2849e681d7  0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+2a9b55bedfd13bb6f1ad6a10344294d672eaafbc4402c0f18cc31a9b5a62879a606e7fe4733c09295159a7458502886ed4d0c71170e66dca9a1bd228dbb08123  0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+0a1715fb46204a13d9a29dfa9d86d3335890e75990d0d76c06daccb059f31498858b106966063e4b01c101f67ed139d8a24915d1ebeafec2491213d3e6bfdac9  0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
 8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f  ldconfig
 062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b  __stack_chk_fail_local.c
 0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d  getconf.c
--- a/main/musl/fix-fputs.patch
+++ b/main/musl/fix-fputs.patch
@ -1,12 +0,0 @@
-diff --git a/src/stdio/fputs.c b/src/stdio/fputs.c
-index 4737f44..c419923 100644
--- a/src/stdio/fputs.c
-+++ b/src/stdio/fputs.c
-@@ -3,6 +3,7 @@
- 
- int fputs(const char *restrict s, FILE *restrict f)
- {
-+	if (!*s) return 0;
- 	return (int)fwrite(s, strlen(s), 1, f) - 1;
- }
-