There's TLS space used for unknown errno values, and a call to printf
shouldn't clobber that. No-one will ever hit this in real life, but
since it's easily fixed...
Bug: http://b/112776560
Test: ran tests
Change-Id: I8c2437f2e5214e652119791d4e162a197b049d5b
Add two functions to allow objects that own a file descriptor to
enforce that only they can close their file descriptor.
Use them in FILE* and DIR*.
Bug: http://b/110100358
Test: bionic_unit_tests
Test: aosp/master boots without errors
Test: treehugger
Change-Id: Iecd6e8b26c62217271e0822dc3d2d7888b091a45
pclose(3) is now an alias for fclose(3). We could add a FORTIFY check
that you use pclose(3) if and only if you used popen(3), but there seems
little value to that when we can just do the right thing.
This patch also adds the missing locking to _fwalk --- we need to lock
both the global list of FILE*s and also each FILE* we touch. POSIX says
that "The popen() function shall ensure that any streams from previous
popen() calls that remain open in the parent process are closed in the
new child process", which we implement via _fwalk(fclose) in the child,
but we might want to just make *all* popen(3) file descriptors O_CLOEXEC
in all cases.
Ignore fewer errors in popen(3) failure cases.
Improve popen(3) test coverage.
Bug: http://b/72470344
Test: ran tests
Change-Id: Ic937594bf28ec88b375f7e5825b9c05f500af438
We've ignored %n for a long time, but that's dangerous too because it
makes it unclear whether the corresponding pointer argument should be
supplied or not.
Remove the ambiguity by just rejecting %n outright.
Bug: http://b/31832608
Test: ran tests
Change-Id: Ic046ad3436a30c6f8f580ea738bdcaeb01c858f8
Based on gaps in the list of functions not referenced by the test
executable.
Bug: N/A
Test: ran tests
Change-Id: I73c238e7cf360f94670c7cd13eb954341c940b7b
Merge CT_CCL and CT_STRING handling before we add %m.
Also fix an accidental scanf/wscanf difference.
Add currently-disabled tests for questionable behavior noticed during
code review that isn't a regression, but should be fixed later.
Bug: http://b/68672236
Bug: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202240
Test: ran tests
Change-Id: I3eec9b7dfce84f63c68426406224822c52551d64
Strictly, POSIX says "If a '-' is in the scanlist and is not the first
wide character, nor the second where the first wide character is a '^',
nor the last wide character, the behavior is implementation-defined",
but it seems unreasonable for swscanf to interpret `a-c` differently
from sscanf. Make ours behave the same as each other by making swscanf
work the same as sscanf.
Bug: http://b/68672236
Test: ran tests
Change-Id: Ia84805897628d7128e901b468e02504373730e61
Fix the 'j' (intmax_t/uintmax_t) length qualifier in the wide
variant. (With new tests that fail without this fix.)
Fix a typo in the wide support for intmax_t*, which isn't testable because
%n is disabled on Android (and will be removed in a later cleanup pass).
Also move the public vfprintf/vfwprint functions into stdio.cpp.
Bug: http://b/67371539
Test: ran tests
Change-Id: Ib003599b1e9cb789044a068940b59e447f2cb7cb
This patch switches to C++ (in anticipation of needing it later), removes
a little duplication (via a macro for now), and ensures uniform support
for %C/%lc and %S/%ls between regular and wide (with new tests).
Since it's so hard to debug problems in printf (as the time I've wasted
already today will testify), that's all I want to do in this change. The
other 500 lines of diff can wait...
(Also merge "floatio.h" into "local.h" now all the users are in forked
code.)
Bug: http://b/67371539
Test: ran tests
Change-Id: I083353d89c32b9302d759ca6967cc6d8a62cd8a5
Also simplify trivial one-liners like perror/puts/fputs, and clean up
fread/fwrite slightly.
Fix perror to match POSIX.
Add basic perror and *_unlocked tests.
Bug: N/A
Test: ran tests
Change-Id: I63f83c8e0c15c3c4096509d17421ac331b6fc23d
"Although not explicitly required by this volume of POSIX.1-2008, a good
implementation of append (a) mode would cause the O_APPEND flag to be set."
Yeah, about that...
Bug: N/A
Test: ran tests
Change-Id: I23c4bc5c1ebc92e0cb44025d2d313f321f9ffa68
Tag fmemopen_NULL as a known failure, and make it reliably fail by
memsetting the buffer we read to.
Bug: http://b/33251022
Test: bionic-unit-tests/bionic-unit-tests64 on bullhead
Test: bionic-unit-tests-glibc --gtest_filter="*memopen*"
Change-Id: I381783282359851c9de47146dafbb5a291960c2a
The parsefloat routines -- which let us pass NaNs and infinities on to
strto(f|d|ld) -- come from NetBSD.
Also fix LP64's strtold to return a NaN, and fix all the architectures
to return quiet NaNs.
Also fix wcstof/wcstod/wcstold to use parsefloat so they support hex
floats.
Lots of new tests.
Bug: http://b/31101647
Change-Id: Id7d46ac2d8acb8770b5e8c445e87cfabfde6f111
This assumes that it's more likely we're unlinking a file than a directory,
though even if that's not true, as long as a failed unlink(2) is cheaper
than a successful lstat(2) -- which seems likely since there's no data to
copy -- we still win.
Change-Id: I0210e9cd3d31b8cf1813c55c810262ef327382ed
It turns out we don't have any bugs here, but glibc does. Found while
chasing down a toybox failure I saw on the host, but we may as well
add the test in case we ever screw up here in future.
Change-Id: Ib8dd227ed3b742dc4dab8c09dc08e6ea9a35c807
This is a common thing for people to want to do, snprintf requires
a lot of stack for itself, and PTHREAD_STACK_MIN should be usable
for realistic code.
Change-Id: Ib09cfb4e0beec1c69ee0944c3ea4c5d03a94c491
Our fopen/freopen/tmpfile are already always O_LARGEFILE, but let's add
the aliases for _LARGEFILE_SOURCE compatibility.
Bug: http://b/24807045
Change-Id: I5d99b3ef3c9f27ce70f13313f6a92e96c7f21f80
This also lets us test the EOVERFLOW behavior, which pointed out that the
fgetpos/fsetpos return on failure has always been wrong...
Bug: http://b/24807045
Change-Id: I35273eb07c8c9155af858adb27569983397580b6
This test didn't catch anything, but it does ensure that we exercise
the "lots of files" case.
Bug: http://b/26747402
Change-Id: I6c51c6436029572a49190d509f131eb93b808652
BSD doesn't invalidate the fd stored in struct FILE, which can make
it possible (via fileno(3), for example), to perform operations on
an fd you didn't intend to (rather than just failing with EBADF).
Fixing this makes the code slightly simpler anyway, and might help
catch bad code before it ships.
Bug: http://stackoverflow.com/questions/10816837/fclose-works-differently-on-android-and-linux
Change-Id: I9db74584038229499197a2695c70b58ed0372a87
Add a way to turn fortify off for the files that test fortify functions.
This method involves simply compiling the same file with fortify off and
changing the test name slightly.
It's not very pretty, and it assumes that only these few files test
functions that can be fortified.
Bug: 15195631
Change-Id: Iba9db1d508b7d28a1d6968019cb70fe08864827b
Apparently uClibc has a bug here. We don't, but let's keep it that way.
Bug: http://landley.net/notes.html#21-03-2015
Change-Id: If406df963db9bee47921d7a1c116ebcab08d96bf
gcov does writes after reads on the same stream, but the bulk read optimization
was clobbering the FILE _flags, causing fwrite to fail.
Bug: 19129055
Change-Id: I9650cb7de4bb173a706b502406266ed0d2b654d7
Another sizeof/strlen screwup caused by trying to be too clever. Use
std::string instead.
Also fix all the ASSERT_STREQ calls in this file that had the arguments
the right^Wwrong way round. If I ever see Kent Beck...
Change-Id: I47a1bdfee99cf4e7bed9b398f3158a308fbcf1e8
This makes us competitive with glibc for fully-buffered and unbuffered reads,
except in single-threaded situations where glibc avoids locking, but since
we're never really single-threaded anyway, that isn't a priority.
Bug: 18593728
Change-Id: Ib776bfba422ccf46209581fc0dc54f3567645b8f
