Hi, Kamil Rytarowski <n...@gmx.com> writes:
> Please apple workaround (same like in NSPR) for now if fixing is difficult. > > Such bugs can have security implications. Adding workarounds will not improve security problems. And I feel that such workarounds will not be accepted by upstream. I will add workarounds to some packages. However I feel that it is not meaningful... > On 12.02.2020 09:49, Ryo ONODERA wrote: >> Hi, >> >> I have two problematic pkgsrc packages at least. >> Of course these programs have misuses and/or bugs, however I feel that >> dealing pt_magic in pthread_equal() is too hasty for pkgsrc. >> >> multimedia/handbrake (internal libbluray): >> The invalid thread pointer is not NULL. >> pthread_equal t1: 0xffffffffffffffff >> pthread_equal t2: 0x7073b25e2000 >> >> Another one is lang/mono6: >> The invalid thread pointer is not 0xffffffffffffffff. >> pthread_equal t1: 0x7b066d4d7800 >> pthread_equal t2: 0x60f5f000 >> >> Of course, it is desirable to fix every misuses and bugs in pkgsrc. >> However it is impossible for now (at least for me). >> >> "Kamil Rytarowski" <ka...@netbsd.org> writes: >> >>> Module Name: src >>> Committed By: kamil >>> Date: Sat Feb 8 17:06:03 UTC 2020 >>> >>> Modified Files: >>> src/lib/libpthread: pthread.c >>> >>> Log Message: >>> Change the behavior of pthread_equal() >>> >>> On error when not aborting, do not return EINVAL as it has a side effect >>> of being interpreted as matching threads. For invalid threads return >>> unmatched. >>> >>> Check pthreads for NULL, before accessing pt_magic field. This avoids >>> faults on comparision with a NULL pointer. >>> >>> This behavior is in the scope of UB, but should be easier to deal with >>> buggy software. >>> >>> >>> To generate a diff of this commit: >>> cvs rdiff -u -r1.163 -r1.164 src/lib/libpthread/pthread.c >>> >>> Please note that diffs are not public domain; they are subject to the >>> copyright notices on the relevant files. >>> >>> Modified files: >>> >>> Index: src/lib/libpthread/pthread.c >>> diff -u src/lib/libpthread/pthread.c:1.163 >>> src/lib/libpthread/pthread.c:1.164 >>> --- src/lib/libpthread/pthread.c:1.163 Wed Feb 5 14:56:04 2020 >>> +++ src/lib/libpthread/pthread.c Sat Feb 8 17:06:03 2020 >>> @@ -1,4 +1,4 @@ >>> -/* $NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $ */ >>> +/* $NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $ */ >>> >>> /*- >>> * Copyright (c) 2001, 2002, 2003, 2006, 2007, 2008, 2020 >>> @@ -31,7 +31,7 @@ >>> */ >>> >>> #include <sys/cdefs.h> >>> -__RCSID("$NetBSD: pthread.c,v 1.163 2020/02/05 14:56:04 ryoon Exp $"); >>> +__RCSID("$NetBSD: pthread.c,v 1.164 2020/02/08 17:06:03 kamil Exp $"); >>> >>> #define __EXPOSE_STACK 1 >>> >>> @@ -770,11 +770,11 @@ pthread_equal(pthread_t t1, pthread_t t2 >>> if (__predict_false(__uselibcstub)) >>> return __libc_thr_equal_stub(t1, t2); >>> >>> - pthread__error(EINVAL, "Invalid thread", >>> - t1->pt_magic == PT_MAGIC); >>> + pthread__error(0, "Invalid thread", >>> + (t1 != NULL) && (t1->pt_magic == PT_MAGIC)); >>> >>> - pthread__error(EINVAL, "Invalid thread", >>> - t2->pt_magic == PT_MAGIC); >>> + pthread__error(0, "Invalid thread", >>> + (t2 != NULL) && (t2->pt_magic == PT_MAGIC)); >>> >>> /* Nothing special here. */ >>> return (t1 == t2); >>> >> > > -- Ryo ONODERA // r...@tetera.org PGP fingerprint = 82A2 DC91 76E0 A10A 8ABB FD1B F404 27FA C7D1 15F3