From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org X-Spam-Level: X-Spam-Status: No, score=-3.1 required=5.0 tests=DKIM_ADSP_CUSTOM_MED, DKIM_INVALID,DKIM_SIGNED,FREEMAIL_FROM,HTML_MESSAGE,MAILING_LIST_MULTI, RCVD_IN_DNSWL_MED,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL autolearn=ham autolearn_force=no version=3.4.4 Received: (qmail 15353 invoked from network); 25 Oct 2021 12:33:12 -0000 Received: from mother.openwall.net (195.42.179.200) by inbox.vuxu.org with ESMTPUTF8; 25 Oct 2021 12:33:12 -0000 Received: (qmail 25644 invoked by uid 550); 25 Oct 2021 12:33:10 -0000 Mailing-List: contact musl-help@lists.openwall.com; run by ezmlm Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-ID: Reply-To: musl@lists.openwall.com Received: (qmail 22104 invoked from network); 25 Oct 2021 12:28:35 -0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:from:date:message-id:subject:to; bh=eRyF3MSShn38Qqd4AxTc1xUL0BPFlxQaBlPyDdlN/qM=; b=b4Z0TQiTO+y6K4+bcMULmdGlEK4QnO85luYVK1pUVluE3/Ao+92JZGdr1jFu2SbdTF 8gl6B9nXARgcitetD91YzAQNsFXoID2lc8vs7kytfWwaL/BDWnusVtv+ZLc/zg1YPP9q exG1B8bh1VPKfNz8EJGi4Yme2ysxSMDbQGD/ZNSGdhlYLUHMbxtli/2x6uYOtidG+Z+P 4rVFwDC6VuZ9pnXMroUzFxrhqKlVicbyOegXxUzbfXdXprQSufLGz+jPRjNQZNpwd90Z QWPy+zV9RCKhxuUtMoPxaE6hyTlcm+4ECEZNzAyt1FPHwhWHj1+qAJ5JT5nMwmVkPlyH l5WQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=eRyF3MSShn38Qqd4AxTc1xUL0BPFlxQaBlPyDdlN/qM=; b=QVv/bYnR9uAeQ8IYSKsm9BxFZE2fGgx67ijwEQMEkfv0NbZgxbTkrL725KKlE9nAKW a3Fuq62VDmOro7Uk7yqScqXdk4y5V6lu01pj/n/d8ivh7CTUlJ9noV58U7eo60oPuYoP IzkMZQ8Xg5Hc/jroNazdBay8e6wWCPT1wHwtagiMFEcmndxfQtZEW8CcwnxvL3ctwfv7 F//qrHk129YWGnqg4GC1HwfhiYgtRaGOgYSBsVQQfXYiUcyGFYsPEJCWbCQjo0dTTPAg Cx0ERsPUyDVP8VN0R9VX44hrwOv0sT5HAbbo1Vikhr/dFiKvgc6P2mTSYlhTx4vA13v+ Qq/g== X-Gm-Message-State: AOAM532/7M/bfWXEScu2LZKNY7bzgJ3WySTNYxOUkB/AF276kcKRgyuZ ytNeqWNGuYif5VPECQNRu8CJngu10wsn6+3Erf5MqIdlPw== X-Google-Smtp-Source: ABdhPJwGUyZLxaxVPT1MPsqg0TJNsXfUkiVBFEY6FEl2+u5S6IqFsNzZH+A/CXaTCxP5kBqfydqDeY+2Kr5VvQc9ZWU= X-Received: by 2002:a2e:944e:: with SMTP id o14mr18931358ljh.464.1635164903416; Mon, 25 Oct 2021 05:28:23 -0700 (PDT) MIME-Version: 1.0 From: Lorenzo Beretta Date: Mon, 25 Oct 2021 14:28:12 +0200 Message-ID: To: musl@lists.openwall.com Content-Type: multipart/alternative; boundary="00000000000037a40a05cf2c7f83" Subject: [musl] request: please detect reads from stdin with unflushed writes to stdout --00000000000037a40a05cf2c7f83 Content-Type: text/plain; charset="UTF-8" Hello, there are a few programs around that do something like printf("question: "); fgets(ans, sizeof ans, stdin); without fflushing stdout and get away with it because it happens to work under glibc. (fyi the ones I stumbled onto are mkfs.xfs and, vipw/vigr from util-linux, then the developer noticed the same with chfn/chsh) Ideally that would be taken care of by either some compiler warning (but not even clang's -Weverything catches that) or by some static analysis tool, but I couldn't find any. A __very__ tentative and untested patch: diff --git i/src/stdio/__stdio_read.c w/src/stdio/__stdio_read.c index ea675da3..6b10f76c 100644 --- i/src/stdio/__stdio_read.c +++ w/src/stdio/__stdio_read.c @@ -8,6 +8,11 @@ size_t __stdio_read(FILE *f, unsigned char *buf, size_t len) { .iov_base = f->buf, .iov_len = f->buf_size } }; ssize_t cnt; + if (f == stdin) { + if (stdout->wpos != stdout->wbase) { + do_something(glibc); + } + } cnt = iov[0].iov_len ? syscall(SYS_readv, f->fd, iov, 2) : syscall(SYS_read, f->fd, iov[1].iov_base, iov[1].iov_len); ... with do_something() being either flushing stdout or printing some kind of warning to stderr (isatty?) or to syslog. Any suggestion, corrections etc are obviously very welcome. --00000000000037a40a05cf2c7f83 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello,

there are a few programs around = that do something like
printf("question: ");
= fgets(ans, sizeof ans, stdin);

without fflushing s= tdout and get away with it because it happens to work under glibc.
(fyi the ones I stumbled onto are mkfs.xfs and, vipw/vigr from util-linux= , then the developer noticed the same with chfn/chsh)

Ideally that would be taken care of by either some compiler warning= (but not even clang's -Weverything catches that) or by some static ana= lysis tool, but I couldn't find any.

A __very_= _ tentative and untested patch:
diff --git i/src/stdio/__stdio_re= ad.c w/src/stdio/__stdio_read.c
index ea675da3..6b10f76c 100644
--- i= /src/stdio/__stdio_read.c
+++ w/src/stdio/__stdio_read.c
@@ -8,6 +8,1= 1 @@ size_t __stdio_read(FILE *f, unsigned char *buf, size_t len)
=C2=A0= { .iov_base =3D f->buf, .iov_len =3D f->buf_size }
=C2=A0 };
= =C2=A0 ssize_t cnt;
+ if (f =3D=3D stdin) {
+ if (stdout->wpos != =3D stdout->wbase) {
+ do_something(glibc);
+ }
+ }
=C2= =A0
=C2=A0 cnt =3D iov[0].iov_len ? syscall(SYS_readv, f->fd, iov, 2)=
=C2=A0 : syscall(SYS_read, f->fd, iov[1].iov_base, iov[1].iov_len);=



... with do_som= ething() being either flushing stdout or printing some kind of warning to s= tderr (isatty?) or to syslog.
Any suggestion, corrections etc are= obviously very welcome.
--00000000000037a40a05cf2c7f83--