kmx git

Commit	Date	Message
d454f62c	2023-11-05T22:17:02	libpkgconf: fix -Walloc-size GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` libpkgconf/personality.c:260:11: warning: allocation of insufficient size '1' for type 'pkgconf_cross_personality_t' {aka 'struct pkgconf_cross_personality_'} with size '48' [-Walloc-size] libpkgconf/queue.c:46:33: warning: allocation of insufficient size '1' for type 'pkgconf_queue_t' {aka'struct pkgconf_queue_'} with size '16' [-Walloc-size] libpkgconf/client.c:164:33: warning: allocation of insufficient size '1' for type 'pkgconf_client_t' {aka 'struct pkgconf_client_'} with size '120' [-Walloc-size] libpkgconf/path.c:105:14: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '24' [-Walloc-size] libpkgconf/path.c:237:22: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '24' [-Walloc-size] libpkgconf/tuple.c:239:34: warning: allocation of insufficient size '1' for type 'pkgconf_tuple_t' {aka 'struct pkgconf_tuple_'} with size '24' [-Walloc-size] libpkgconf/dependency.c:133:13: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '44' [-Walloc-size] libpkgconf/dependency.c:472:17: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '44' [-Walloc-size] libpkgconf/fragment.c:146:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/fragment.c:195:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/fragment.c:356:14: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/pkg.c:422:13: warning: allocation of insufficient size '1' for type 'pkgconf_pkg_t' {aka 'struct pkgconf_pkg_'} with size '188' [-Walloc-size] libpkgconf/client.c:164:33: warning: allocation of insufficient size '1' for type 'pkgconf_client_t' {aka 'struct pkgconf_client_'} with size '224' [-Walloc-size] libpkgconf/personality.c:260:11: warning: allocation of insufficient size '1' for type 'pkgconf_cross_personality_t' {aka 'struct pkgconf_cross_personality_'} with size '96' [-Walloc-size] libpkgconf/dependency.c:133:13: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '80' [-Walloc-size] libpkgconf/dependency.c:472:17: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '80' [-Walloc-size] libpkgconf/path.c:105:14: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '48' [-Walloc-size] libpkgconf/path.c:237:22: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '48' [-Walloc-size] libpkgconf/queue.c:46:33: warning: allocation of insufficient size '1' for type 'pkgconf_queue_t' {aka 'struct pkgconf_queue_'} with size '32' [-Walloc-size] libpkgconf/tuple.c:239:34: warning: allocation of insufficient size '1' for type 'pkgconf_tuple_t' {aka 'struct pkgconf_tuple_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:146:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:195:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:356:14: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/pkg.c:422:13: warning: allocation of insufficient size '1' for type 'pkgconf_pkg_t' {aka 'struct pkgconf_pkg_'} with size '360' [-Walloc-size] ``` The calloc prototype is: ``` void *calloc(size_t nmemb, size_t size); ``` So, just swap the number of members and size arguments to match the prototype, as we're initialising 1 struct of size `sizeof(struct ...)`. GCC then sees we're not doing anything wrong. The only exception there is for argv which I fixed while at it. Signed-off-by: Sam James <sam@gentoo.org>
628b2b2b	2023-01-20T22:07:03	tuple: test for, and stop string processing, on truncation otherwise a buffer overflow occurs. this has been a bug in pkgconf since the beginning, it seems. instead of disclosing the bug correctly, a "hotshot" developer decided to blog about it instead. sigh. https://nullprogram.com/blog/2023/01/18/
80bc5ac3	2022-08-16T19:38:40	tuple: if a global tuple is explicitly defined with --define-variable, prefer it fixes github #259
6c70781a	2022-07-26T18:00:22	introduce PKG_CONFIG_PKGCONF1_SYSROOT_RULES for legacy pkgconf behavior
297e18f2	2022-07-26T17:08:48	tuple: add flags parameter to pkgconf_tuple_parse
72e429ae	2022-06-26T19:35:19	tuple: use ${pc_sysrootdir} instead of client->sysroot_dir where relevant
d68a867d	2022-06-26T19:15:07	tuple: fall back to using globals rather than preferring them
c0fa7879	2022-04-01T14:15:43	libpkgconf: zero path lists after freeing This is required to make the pointer safely re-usable after being freed, otherwise the list still says that it has nodes, but they point nowhere. This is particularly important for libpkgconf, if a caller needs to re-enter the library after freeing a path in a static path (such as the default personality)
fd1b8ccc	2021-03-18T06:22:11	main: if PKG_CONFIG_FDO_SYSROOT_RULES is set, or DESTDIR matches PKG_CONFIG_SYSROOT_DIRS, disable the automatic sysroot rewriting Closes #205.
354c8727	2020-05-30T19:19:48	libpkgconf: tuple: fix truncation when no overflow occurs
5eb9cae0	2020-05-31T00:25:54	libpkgconf: tuple: fix out of boundary write This is the same issue which has been fixed in dependency code. If a line contains a variable which is longer than PKGCONF_ITEM_SIZE, then the varname buffer overflows. The code itself still does not check if a closing } exists and truncates variable names which are too long. Since these would be functional changes and this commit is about a protection against undefined behaviour on a language level, these changes are not included. Proof of concept: $ echo "Description: poc" > poc.pc $ echo "Version: 1" >> poc.pc $ echo -n 'Name: ${' $ dd if=/dev/zero bs=1 count=66535 \| tr '\0' 'x' >> poc.pc $ echo >> poc.pc $ pkgconf poc.pc On my Linux system, when compiled with gcc, the varname buffer overflows directly into buf, which means that no crash can be notified. It's easiest to figure out when adding strlen() and sizeof() output as debug lines.
662957ca	2019-03-23T22:33:55	libpkgconf: tuple: tighten quoting logic a bit closes #12
9b7affe0	2018-07-28T19:06:33	tuple: Ensure buf length is always >= 1 in dequote If a key is defined with no value, dequote will allocate a buffer with a length of 0. Since the buffer's length is 0, any manipulation of its content is UB. Example .pc file: prefix=/usr exec_prefix=${prefix} libdir=${exec_prefix}/lib includedir=${prefix}/include xcflags= xlibs= -lSM -lICE -lX11 Name: Obt Description: Openbox Toolkit Library Version: 3.6 Requires: glib-2.0 libxml-2.0 Libs: -L${libdir} -lobt ${xlibs} Cflags: -I${includedir}/openbox/3.6 ${xcflags} Output using pkgconf 1.5.2 on x86_64 Linux/musl: % pkgconf --cflags obt-3.5 -I/usr/include/openbox/3.6 \�\\�I\�\ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2
b46bb93c	2018-06-14T16:12:04	libpkgconf: tuple: properly dequote tuples when added from the parser (closes legacy github bug #186)
973aff21	2017-12-11T17:39:12	libpkgconf: tuple: add some trace logging
4589274c	2017-10-16T12:56:19	libpkgconf: start to remove PKGCONF_BUFSIZE allocations from the stack. (closes #149) Patch by Karen Arutyunov.
6985a179	2017-10-11T17:03:21	libpkgconf: Fix issue when sysroot is '/' If sysroot is /, simply do nothing. This fixes #146
e9fd43ca	2017-09-17T23:38:25	libpkgconf: clean up header includes (closes #137)
b9dac13e	2017-09-08T19:17:38	libpkgconf: tuple: pkgconf_tuple_parse(): remove unnecessary static buffer declaration
9505213c	2017-07-16T17:35:28	tuple: check expanded variables to see if a sysroot has been duplicated, and if so, remove the prepended sysroot. This allows compatibility between legacy pkg-config's broken sysroot implementation and pkgconf's sysroot implementation, by removing any prepended sysroot paths and preferencing the variable expansion sysroot path we typically do instead. Closes github #123.
e6c49153	2016-12-11T17:28:27	libpkgconf: document tuple module
8213d910	2016-12-10T16:19:40	libpkgconf: migrate to using the pkgconf_ namespaced strlcat/strlcpy symbols
792cd7c8	2016-12-09T21:32:55	libpkgconf: tuple: handle sysroot without the need of PKGCONF_PKG_PKGF_MUNGE_SYSROOT_PREFIX
92e9b783	2016-12-09T20:58:15	libpkgconf: tuple: when calling pkgconf_tuple_add() on a collection that already has a tuple entry for 'key', replace it instead of adding a new entry
f7b78539	2016-12-09T20:50:33	libpkgconf: tuple: add pkgconf_tuple_free_entry() to free a specific tuple node
8740c5cd	2016-12-01T15:05:03	libpkgconf: begin removing global state from libpkgconf library by introducing a "client" object which holds the state
1fe91b91	2015-12-08T00:02:14	Do not parse the global variables This fixes an incompatibility with pkg-confing 0.29 Found by Thomas Klausner <wiz@NetBSD.org> when building gupnp-igd-0.2.3 with introspection support
571d9c75	2015-09-06T11:29:56	libpkgconf: PKG_BUFSIZE becomes PKGCONF_BUFSIZE, remove unused PKG_MIN/PKG_MAX.
4c71b25d	2015-09-06T10:41:40	libpkgconf: move pkg_tuple to pkgconf_tuple namespace
cc2dcc1f	2015-09-06T10:31:21	libpkgconf: move pkg_node and pkg_list to pkgconf_node and pkgconf_list namespaces
a706b3dc	2015-09-06T09:35:08	initial libtoolization for libpkgconf

d454f62c

2023-11-05T22:17:02

libpkgconf: fix -Walloc-size GCC 14 introduces a new -Walloc-size included in -Wextra which gives: ``` libpkgconf/personality.c:260:11: warning: allocation of insufficient size '1' for type 'pkgconf_cross_personality_t' {aka 'struct pkgconf_cross_personality_'} with size '48' [-Walloc-size] libpkgconf/queue.c:46:33: warning: allocation of insufficient size '1' for type 'pkgconf_queue_t' {aka'struct pkgconf_queue_'} with size '16' [-Walloc-size] libpkgconf/client.c:164:33: warning: allocation of insufficient size '1' for type 'pkgconf_client_t' {aka 'struct pkgconf_client_'} with size '120' [-Walloc-size] libpkgconf/path.c:105:14: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '24' [-Walloc-size] libpkgconf/path.c:237:22: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '24' [-Walloc-size] libpkgconf/tuple.c:239:34: warning: allocation of insufficient size '1' for type 'pkgconf_tuple_t' {aka 'struct pkgconf_tuple_'} with size '24' [-Walloc-size] libpkgconf/dependency.c:133:13: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '44' [-Walloc-size] libpkgconf/dependency.c:472:17: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '44' [-Walloc-size] libpkgconf/fragment.c:146:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/fragment.c:195:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/fragment.c:356:14: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '24' [-Walloc-size] libpkgconf/pkg.c:422:13: warning: allocation of insufficient size '1' for type 'pkgconf_pkg_t' {aka 'struct pkgconf_pkg_'} with size '188' [-Walloc-size] libpkgconf/client.c:164:33: warning: allocation of insufficient size '1' for type 'pkgconf_client_t' {aka 'struct pkgconf_client_'} with size '224' [-Walloc-size] libpkgconf/personality.c:260:11: warning: allocation of insufficient size '1' for type 'pkgconf_cross_personality_t' {aka 'struct pkgconf_cross_personality_'} with size '96' [-Walloc-size] libpkgconf/dependency.c:133:13: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '80' [-Walloc-size] libpkgconf/dependency.c:472:17: warning: allocation of insufficient size '1' for type 'pkgconf_dependency_t' {aka 'struct pkgconf_dependency_'} with size '80' [-Walloc-size] libpkgconf/path.c:105:14: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '48' [-Walloc-size] libpkgconf/path.c:237:22: warning: allocation of insufficient size '1' for type 'pkgconf_path_t' {aka 'struct pkgconf_path_'} with size '48' [-Walloc-size] libpkgconf/queue.c:46:33: warning: allocation of insufficient size '1' for type 'pkgconf_queue_t' {aka 'struct pkgconf_queue_'} with size '32' [-Walloc-size] libpkgconf/tuple.c:239:34: warning: allocation of insufficient size '1' for type 'pkgconf_tuple_t' {aka 'struct pkgconf_tuple_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:146:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:195:22: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/fragment.c:356:14: warning: allocation of insufficient size '1' for type 'pkgconf_fragment_t' {aka 'struct pkgconf_fragment_'} with size '48' [-Walloc-size] libpkgconf/pkg.c:422:13: warning: allocation of insufficient size '1' for type 'pkgconf_pkg_t' {aka 'struct pkgconf_pkg_'} with size '360' [-Walloc-size] ``` The calloc prototype is: ``` void *calloc(size_t nmemb, size_t size); ``` So, just swap the number of members and size arguments to match the prototype, as we're initialising 1 struct of size `sizeof(struct ...)`. GCC then sees we're not doing anything wrong. The only exception there is for argv which I fixed while at it. Signed-off-by: Sam James <sam@gentoo.org>

628b2b2b

2023-01-20T22:07:03

tuple: test for, and stop string processing, on truncation otherwise a buffer overflow occurs. this has been a bug in pkgconf since the beginning, it seems. instead of disclosing the bug correctly, a "hotshot" developer decided to blog about it instead. sigh. https://nullprogram.com/blog/2023/01/18/

80bc5ac3

2022-08-16T19:38:40

tuple: if a global tuple is explicitly defined with --define-variable, prefer it fixes github #259

6c70781a

2022-07-26T18:00:22

introduce PKG_CONFIG_PKGCONF1_SYSROOT_RULES for legacy pkgconf behavior

297e18f2

2022-07-26T17:08:48

tuple: add flags parameter to pkgconf_tuple_parse

72e429ae

2022-06-26T19:35:19

tuple: use ${pc_sysrootdir} instead of client->sysroot_dir where relevant

d68a867d

2022-06-26T19:15:07

tuple: fall back to using globals rather than preferring them

c0fa7879

2022-04-01T14:15:43

libpkgconf: zero path lists after freeing This is required to make the pointer safely re-usable after being freed, otherwise the list still says that it has nodes, but they point nowhere. This is particularly important for libpkgconf, if a caller needs to re-enter the library after freeing a path in a static path (such as the default personality)

fd1b8ccc

2021-03-18T06:22:11

main: if PKG_CONFIG_FDO_SYSROOT_RULES is set, or DESTDIR matches PKG_CONFIG_SYSROOT_DIRS, disable the automatic sysroot rewriting Closes #205.

354c8727

2020-05-30T19:19:48

libpkgconf: tuple: fix truncation when no overflow occurs

5eb9cae0

2020-05-31T00:25:54

libpkgconf: tuple: fix out of boundary write This is the same issue which has been fixed in dependency code. If a line contains a variable which is longer than PKGCONF_ITEM_SIZE, then the varname buffer overflows. The code itself still does not check if a closing } exists and truncates variable names which are too long. Since these would be functional changes and this commit is about a protection against undefined behaviour on a language level, these changes are not included. Proof of concept: $ echo "Description: poc" > poc.pc $ echo "Version: 1" >> poc.pc $ echo -n 'Name: ${' $ dd if=/dev/zero bs=1 count=66535 | tr '\0' 'x' >> poc.pc $ echo >> poc.pc $ pkgconf poc.pc On my Linux system, when compiled with gcc, the varname buffer overflows directly into buf, which means that no crash can be notified. It's easiest to figure out when adding strlen() and sizeof() output as debug lines.

662957ca

2019-03-23T22:33:55

libpkgconf: tuple: tighten quoting logic a bit closes #12

9b7affe0

2018-07-28T19:06:33

tuple: Ensure buf length is always >= 1 in dequote If a key is defined with no value, dequote will allocate a buffer with a length of 0. Since the buffer's length is 0, any manipulation of its content is UB. Example .pc file: prefix=/usr exec_prefix=${prefix} libdir=${exec_prefix}/lib includedir=${prefix}/include xcflags= xlibs= -lSM -lICE -lX11 Name: Obt Description: Openbox Toolkit Library Version: 3.6 Requires: glib-2.0 libxml-2.0 Libs: -L${libdir} -lobt ${xlibs} Cflags: -I${includedir}/openbox/3.6 ${xcflags} Output using pkgconf 1.5.2 on x86_64 Linux/musl: % pkgconf --cflags obt-3.5 -I/usr/include/openbox/3.6 \�\\�I\�\ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2

b46bb93c

2018-06-14T16:12:04

libpkgconf: tuple: properly dequote tuples when added from the parser (closes legacy github bug #186)

973aff21

2017-12-11T17:39:12

libpkgconf: tuple: add some trace logging

4589274c

2017-10-16T12:56:19

libpkgconf: start to remove PKGCONF_BUFSIZE allocations from the stack. (closes #149) Patch by Karen Arutyunov.

6985a179

2017-10-11T17:03:21

libpkgconf: Fix issue when sysroot is '/' If sysroot is /, simply do nothing. This fixes #146

e9fd43ca

2017-09-17T23:38:25

libpkgconf: clean up header includes (closes #137)

b9dac13e

2017-09-08T19:17:38

libpkgconf: tuple: pkgconf_tuple_parse(): remove unnecessary static buffer declaration

9505213c

2017-07-16T17:35:28

tuple: check expanded variables to see if a sysroot has been duplicated, and if so, remove the prepended sysroot. This allows compatibility between legacy pkg-config's broken sysroot implementation and pkgconf's sysroot implementation, by removing any prepended sysroot paths and preferencing the variable expansion sysroot path we typically do instead. Closes github #123.

e6c49153

2016-12-11T17:28:27

libpkgconf: document tuple module

8213d910

2016-12-10T16:19:40

libpkgconf: migrate to using the pkgconf_ namespaced strlcat/strlcpy symbols

792cd7c8

2016-12-09T21:32:55

libpkgconf: tuple: handle sysroot without the need of PKGCONF_PKG_PKGF_MUNGE_SYSROOT_PREFIX

92e9b783

2016-12-09T20:58:15

libpkgconf: tuple: when calling pkgconf_tuple_add() on a collection that already has a tuple entry for 'key', replace it instead of adding a new entry

f7b78539

2016-12-09T20:50:33

libpkgconf: tuple: add pkgconf_tuple_free_entry() to free a specific tuple node

8740c5cd

2016-12-01T15:05:03

libpkgconf: begin removing global state from libpkgconf library by introducing a "client" object which holds the state

1fe91b91

2015-12-08T00:02:14

Do not parse the global variables This fixes an incompatibility with pkg-confing 0.29 Found by Thomas Klausner <wiz@NetBSD.org> when building gupnp-igd-0.2.3 with introspection support

571d9c75

2015-09-06T11:29:56

libpkgconf: PKG_BUFSIZE becomes PKGCONF_BUFSIZE, remove unused PKG_MIN/PKG_MAX.

4c71b25d

2015-09-06T10:41:40

libpkgconf: move pkg_tuple to pkgconf_tuple namespace

cc2dcc1f

2015-09-06T10:31:21

libpkgconf: move pkg_node and pkg_list to pkgconf_node and pkgconf_list namespaces

a706b3dc

2015-09-06T09:35:08

initial libtoolization for libpkgconf

kc3-lang/pkgconf/libpkgconf/tuple.c

libpkgconf/tuple.c

Log