Hello,
I will have a look at them.
On 12.02.2020 14:02, Ryo ONODERA wrote:
> Hi,
>
> Kamil Rytarowski <n54%gmx.com@localhost> writes:
>
>> Please apple workaround (same like in NSPR) for now if fixing is difficult.
>>
>> Such bugs can have security implications.
>
> Adding workarounds will not improve security problems.
> And I feel that such workarounds will not be accepted by upstream.
> I will add workarounds to some packages.
> However I feel that it is not meaningful...
>
>> On 12.02.2020 09:49, Ryo ONODERA wrote:
>>> Hi,
>>>
>>> I have two problematic pkgsrc packages at least.
>>> Of course these programs have misuses and/or bugs, however I feel that
>>> dealing pt_magic in pthread_equal() is too hasty for pkgsrc.
>>>
>>> multimedia/handbrake (internal libbluray):
>>> The invalid thread pointer is not NULL.
>>> pthread_equal t1: 0xffffffffffffffff
>>> pthread_equal t2: 0x7073b25e2000
>>>
>>> Another one is lang/mono6:
>>> The invalid thread pointer is not 0xffffffffffffffff.
>>> pthread_equal t1: 0x7b066d4d7800
>>> pthread_equal t2: 0x60f5f000
>>>
>>> Of course, it is desirable to fix every misuses and bugs in pkgsrc.
>>> However it is impossible for now (at least for me).
>>>
>>> "Kamil Rytarowski" <kamil%netbsd.org@localhost> writes:
>>>
>>>> Module Name: src
>>>> Committed By: kamil
>>>> Date: Sat Feb 8 17:06:03 UTC 2020
>>>>
>>>> Modified Files:
>>>> src/lib/libpthread: pthread.c
>>>>
>>>> Log Message:
>>>> Change the behavior of pthread_equal()
>>>>
>>>> On error when not aborting, do not return EINVAL as it has a side effect
>>>> of being interpreted as matching threads. For invalid threads return
>>>> unmatched.
>>>>
>>>> Check pthreads for NULL, before accessing pt_magic field. This avoids
>>>> faults on comparision with a NULL pointer.
>>>>
>>>> This behavior is in the scope of UB, but should be easier to deal with
>>>> buggy software.
>>>>
>>>>
>>>> To generate a diff of this commit:
>>>> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c
>>>>
>>>> Please note that diffs are not public domain; they are subject to the
>>>> copyright notices on the relevant files.
>>>>
>>>> Modified files:
>>>>
>>>> Index: src/lib/libpthread/pthread.c
>>>> diff -u src/lib/libpthread/pthread.c:1.163 src/lib/libpthread/pthread.c:1.164
>>>> --- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020
>>>> +++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020
>>>> @@ -1,4 +1,4 @@
>>>> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ */
>>>> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ */
>>>>
>>>> /*-
>>>> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020
>>>> @@ -31,7 +31,7 @@
>>>> */
>>>>
>>>> #include <sys/cdefs.h>
>>>> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $");
>>>> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $");
>>>>
>>>> #define __EXPOSE_STACK 1
>>>>
>>>> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2
>>>> if (__predict_false(__uselibcstub))
>>>> return __libc_thr_equal_stub(t1, t2);
>>>>
>>>> - pthread__error(EINVAL, "Invalid thread",
>>>> - t1->pt_magic == PT_MAGIC);
>>>> + pthread__error(0, "Invalid thread",
>>>> + (t1 != NULL) && (t1->pt_magic == PT_MAGIC));
>>>>
>>>> - pthread__error(EINVAL, "Invalid thread",
>>>> - t2->pt_magic == PT_MAGIC);
>>>> + pthread__error(0, "Invalid thread",
>>>> + (t2 != NULL) && (t2->pt_magic == PT_MAGIC));
>>>>
>>>> /* Nothing special here. */
>>>> return (t1 == t2);
>>>>
>>>
>>
>>
>
Attachment:
signature.asc
Description: OpenPGP digital signature