Commit Graph

351 Commits (04a6dda79fe94151a9644747cb15079a83474a43)

Author SHA1 Message Date
Tobias Stoeckmann 100bc605de libpkgconf: fragment: fix out of boundary write
fragment_quote adds quotation to fragments if needed. It allocates a
buffer and grows it as needed.

Unfortunately the dst pointer is not updated after a realloc, which
means that dst still points into the old memory area. Further writing
characters into that area leads to out of boundy writes.

Proof of concept:

$ cat > poc.pc << EOF
Name: poc
Description: poc
Version: 1
CFlags: -Ia
CFlags: -I%%%%%%%%%%%%%%%%%%%%b
CFlags: -I%%%%%%%%%%%%%%%%%%%%c
CFlags: -Id
EOF
$ pkgconf --cflags poc.pc

Most reliable attempt is to compile pkgconf with address sanitizer,
but this file should lead to an abort on a glibc system due to modified
chunk pointers (tested with Linux on amd64).

But since this is undefined behaviour, it depends on system details.
2020-05-30 19:05:53 -06:00
Tobias Stoeckmann dc04193c48 libpkgconf: fragment: fix out of boundary read
Parsing a fragment which consists only of a single dash leads to
an out of boundary read. It duplicates the following entry which
is not expected behaviour if another fragment follows.

Proof of concept:

$ cat > poc.pc << "EOF"
Name: poc
Description: poc
Version: 1
Cflags: - -I/somewhere
EOF
$ PKG_CONFIG_PATH=. pkgconf --cflags poc
-I/somewhere -I/somewhere

If - is the last entry, it leads to an out of boundary read, which is
easy to see if pkgconf is compiled with address sanitizer.
2020-05-30 12:43:08 -06:00
Vincent Torri 42b355310f fix missing backslashes in paths on Windows
According to

https://docs.microsoft.com/fr-fr/windows/win32/fileio/naming-a-file

backslashes (with slashes) are a path separator, hence must no be
considered as an escape code.

The first fix, in argvsplit.c, disables this. But because of fragment_quote(),
the backslashes are doubled. Hence the second fix in fragment.c

With this pc file :

prefix=C:/Documents/msys2/opt/efl_64
libdir=${prefix}/lib
includedir=${prefix}/include

Name: eina
Description: efl: eina
Version: 1.24.99
Requires.private: iconv
Libs: -L${libdir} -leina -pthread -levil
Libs.private: -lpsapi -lole32 -lws2_32 -lsecur32 -luuid -lregex -lm
Cflags:-I${includedir}/eina-1 -I${includedir}/efl-1
-I${includedir}/eina-1/eina -pthread

pkgconf.exe --cflags eina

returns :

-IC:\Documents\msys2\opt\efl_64/include/eina-1
-IC:\Documents\msys2\opt\efl_64/include/efl-1
-IC:\Documents\msys2\opt\efl_64/include/eina-1/eina -pthread
-DWINICONV_CONST= -IC:\Documents\msys2\opt\ewpi_64/include
2020-05-30 12:39:43 -06:00
Tobias Stoeckmann fb9acedcad libpkgconf: dependency: fix out of boundary write
It is possible to trigger an out of boundary write in function
pkgconf_dependency_parse_str if a dependency line contains a very
long comparator. The comparator is stored in a temporary buffer which
has a size of PKGCONF_ITEM_SIZE.

The line which is parsed can be up to PKGCONF_BUFSIZE characters long,
which is larger than PKGCONF_ITEM_SIZE (although it depends on PATH_MAX).

Having a comparator which is longer than PKGCONF_ITEM_SIZE therefore
leads to an out of boundary write. Although it is undefined behaviour,
this can lead to an overridden compare variable, which in turn can lead
to an invalid instruction pointer, i.e. most likely a crash or code
execution (very unlikely).

Proof of concept:

$ echo "Requires: x " > poc.pc
$ dd if=/dev/zero bs=1 count=65535 | tr '\0' '<' >> poc.pc
$ pkgconf poc.pc

Eiter compile pkgconf with address sanitizer or run pkgconf multiple
times, eventually it might crash (assuming that ASLR is in place).

In order to fix this, I decided to use an end pointer to avoid OOB write.
Alternative would be to increase the buffer size, but I try to avoid that
since this would be additional ~60 KB stack space for a very unlikely
situation.
2020-05-26 14:03:55 -06:00
Ariadne Conill c613eb5cce libpkgconf: pkg: use a second pointer for demunging windows paths 2020-05-26 13:42:39 -06:00
Ariadne Conill e70b536ea3 libpkgconf: pkg: when generating a search path, use the correct path separator
Before, this could result in generated paths like C:\foo\pkgconfig/bar.pc on Windows.
2020-05-26 11:01:46 -06:00
Ariadne Conill 0253fddc1d libpkgconf: pkg: fix computation of pkgconf_pkg_t.id on Windows.
Windows allows both \ and / as valid path characters.  A computed path
such as C:\development\libfoo\pkgconfig/foo.pc will result in a computed
pkgconf_pkg_t.id of "pkgconfig/foo".

Accordingly, correct the path normalization for checking for / after
the \ path has been dealt with in all cases.
2020-05-26 07:41:16 -06:00
Tobias Stoeckmann 9e16d2709c libpkgconf: personality: fix out of boundary access
It is possible to set the instruction pointer to undefined values by
using an operator larger than ':' in ASCII.

Since the personality function array does not have 256 entries, an
invalid operator can overflow the array.

Proof of concept:

$ echo "a _ b" > poc
$ ln -s $(which pkgconf) poc-pkgconf
$ ./poc-pkgconf
2020-05-25 05:55:39 -06:00
Ariadne Conill dd57abfe9f pkgconf 1.7.0. 2020-05-24 14:55:02 -06:00
Ariadne Conill 4fb7683c3e add support for the PKGCONF_PKG_PKGF_DONT_MERGE_SPECIAL_FRAGMENTS flag used in build2. 2020-05-24 14:40:47 -06:00
Ben 011db1bb88 Do not complain about malformed whitespace from \n on Version line
Every version line has a newline at the end; the malformed whitespace checker
should just check for trailing spaces and tabs.

Resolves https://todo.sr.ht/~kaniini/pkgconf/15
2020-05-24 14:36:46 -06:00
Ariadne Conill 382a89c173 pkg: pkgconf_compare_version(): do not return levenshtein distance in strcmp() case 2020-05-24 14:18:16 -06:00
Tobias Stoeckmann 92745ad9cb libpkgconf: parser: fix out of boundary access
It is possible to trigger an out of boundary access with specially
crafted files. If a line consist of only a key and spaces, then
op will point to '\0'-ending of the buffer. Since p is iterated by
one byte right past this ending '\0', the next read access to p is
effectively out of bounds.

Theoretically this can also lead to out of boundary writes if spaces
are encountered.

Proof of concept (I recommend to compile with address sanitizer):

$ echo -n a > poc.pc
$ dd if=/dev/zero bs=1 count=65533 | tr '\0' ' ' >> poc.pc
$ pkgconf poc.pc
2020-05-24 14:10:18 -06:00
Tobias Stoeckmann bd4ed1ca02 libpkgconf: fileio: prevent buffer overflow.
pkgconf_fgetline is called with a user-defined buffer, its size, and
a FILE stream to read input from.

If the buffer is almost completely filled and the file stream contains
an escaped character, then it is possible to trigger an off-by-one
buffer overflow with a '\0' character.

Easiest example to trigger this:

char buf[2];
pkgconf_fgetline(buf, sizeof(buf), stdin);

Enter "\\" (two backslashes) and press enter. If the library and the
program are compiled with address sanitizer, you will see the program
crashing. Otherwise it depends on your architecture what happens.

Since nobody should be using a buffer of only size 1 or 2, keep enough
space for a possibly escaped character in while loop by subtracting one
more byte for this situation, not just for '\0'.
2020-05-24 14:09:44 -06:00
Ariadne Conill 48dc665ae3 personality: add support for WantDefaultStatic setting 2019-10-19 00:56:17 -05:00
Ariadne Conill 2adafc2729 libpkgconf: personality: return the default personality if loading a personality file failed 2019-08-23 12:48:11 -05:00
Ariadne Conill 19aa93e371 prepare for pkgconf 2.0 development 2019-08-04 15:54:24 -05:00
Ariadne Conill c862e030cf pkgconf 1.6.3. 2019-07-12 06:53:37 -05:00
Ariadne Conill c10f69994b libpkgconf: pkg: generate diagnostic for and trim malformed versions 2019-07-12 06:35:48 -05:00
Ariadne Conill 7a395932f2 drop CMake support 2019-07-12 05:45:16 -05:00
Ariadne Conill c816ce6969 pkgconf 1.6.2. (closes #38, #40, #41) 2019-07-11 03:50:00 -05:00
Ariadne Conill 7e0b0fadab libpkgconf: path: fix memory leak when deduping paths (closes #39) 2019-07-11 03:43:18 -05:00
Alexander Tsoy db9c1e96a1
fix the order of header includes
config.h should be included before stdinc.h, otherwise large file
support is not enabled.

Downstream bug: https://bugs.gentoo.org/687548
2019-06-08 04:55:52 +03:00
William Pitcock ebfcaf5081 normalize include guards. closes #33 2019-05-25 16:00:09 -05:00
William Pitcock 2d0c1f5cb7 lite: disable debug logging 2019-05-06 15:17:08 -05:00
William Pitcock 43ca536b9f lite: disable some bloat 2019-05-06 15:13:17 -05:00
William Pitcock 662957ca7d libpkgconf: tuple: tighten quoting logic a bit
closes #12
2019-03-23 22:34:11 -05:00
William Pitcock 3afd14c49e libpkgconf: path: use realpath(3) to deduplicate the search path
closes #24
2019-03-23 22:27:05 -05:00
William Pitcock ba1f48e48e libpkgconf: client: ensure PKG_CONFIG_LIBDIR being empty overrides the default search paths
closes #25
2019-03-23 22:18:40 -05:00
William Pitcock 183e68df39 libpkgconf: add LIBPKGCONF_VERSION macro 2019-01-14 13:52:04 -06:00
William Pitcock 6854265f28 libpkgconf: pkg: use pkgconf_fragment_copy_list() to clean up cflags gathering logic (closes #20) 2019-01-14 13:48:23 -06:00
William Pitcock 36a5b7acbd libpkgconf: fragment: add pkgconf_fragment_copy_list() 2019-01-14 13:48:02 -06:00
William Pitcock 0ae52182c9 libpkgconf: pkg: clean up pkgconf_parser interactions (closes #13) 2019-01-14 13:11:59 -06:00
Ignacio Casal Quinteiro 2c05971029 Canonicalize paths before using them
This fixes a problem where on Windows the prefix would
not match if the prefix is generated with backslashes
and the rest of the variables use normal slashes
2018-09-17 16:31:25 +02:00
Ignacio Casal Quinteiro 9f17da92d2 On Windows the path prefix should be checked caseless 2018-09-17 15:41:27 +02:00
Ignacio Casal Quinteiro c9dffb8570 Fix build on windows with meson 2018-09-17 15:41:27 +02:00
A. Wilcox 9b7affe0b1
tuple: Ensure buf length is always >= 1 in dequote
If a key is defined with no value, dequote will allocate a buffer with a
length of 0.  Since the buffer's length is 0, any manipulation of its
content is UB.

Example .pc file:

prefix=/usr
exec_prefix=${prefix}
libdir=${exec_prefix}/lib
includedir=${prefix}/include

xcflags=
xlibs= -lSM -lICE  -lX11

Name: Obt
Description: Openbox Toolkit Library
Version: 3.6
Requires: glib-2.0 libxml-2.0
Libs: -L${libdir} -lobt ${xlibs}
Cflags: -I${includedir}/openbox/3.6 ${xcflags}

Output using pkgconf 1.5.2 on x86_64 Linux/musl:

% pkgconf --cflags obt-3.5
-I/usr/include/openbox/3.6 \�\\�I\�\ -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -I/usr/include/libxml2
2018-07-28 19:06:33 -05:00
Graham Ollis fb08ae2bd2 environment variables for system paths should override compiled-in defaults 2018-06-25 06:36:57 -04:00
William Pitcock 6f05fec4b5 pkg: give a correctly sized vtable to the parser 2018-06-16 16:35:44 -05:00
William Pitcock b46bb93cd1 libpkgconf: tuple: properly dequote tuples when added from the parser (closes legacy github bug #186) 2018-06-14 16:12:04 -05:00
Graham Ollis 273d1d0461 use pkgconf_strlcpy
On Debian/Ubuntu I get:

  CC       libpkgconf/personality.lo
  libpkgconf/personality.c: In function ‘load_personality_with_path’:
  libpkgconf/personality.c:195:3: warning: implicit declaration of function ‘strlcpy’ [-Wimplicit-function-declaration]
  strlcpy(pathbuf, path, sizeof pathbuf);
        ^~~~~~~
  CC       libpkgconf/parser.lo
  CCLD     libpkgconf.la
  ar: `u' modifier ignored since `D' is the default (see `U')
  CC       cli/pkgconf-main.o
  CC       cli/pkgconf-getopt_long.o
  CC       cli/pkgconf-renderer-msvc.o
  CCLD     pkgconf
  ./.libs/libpkgconf.so: undefined reference to `strlcpy'
2018-06-14 14:46:34 -05:00
William Pitcock 3ccc4454d1 libpkgconf: personality: ensure the path list is properly initialized before searching for triplets 2018-05-10 13:36:22 -05:00
William Pitcock 40897f246b libpkgconf: personality: remove const from the default personality, since it's not really const 2018-05-09 22:52:27 -05:00
William Pitcock 25b2105e93 libpkgconf: client: if tracing is disabled, don't try to trace 2018-05-09 22:52:07 -05:00
William Pitcock e6ce6c8edd libpkgconf: personality: fixups 2018-05-09 22:39:39 -05:00
William Pitcock 751348298b libpkgconf: personality: fill in the rest of the personality parser 2018-05-09 22:08:28 -05:00
William Pitcock 1244f8f8e7 libpkgconf: refactor out the rfc822 message parser so that the cross-personality code can share it 2018-05-09 21:21:39 -05:00
William Pitcock f702967d0a libpkgconf: pkg: refactor pkgconf_pkg_new_from_file to prepare to factor out the rfc822 parser 2018-05-09 19:56:30 -05:00
William Pitcock 0f17a4f390 libpkgconf: pkg: mark owning client earlier, to allow for refactoring out the rfc822 parser 2018-05-09 19:33:12 -05:00
William Pitcock 9439b683ca libpkgconf: personality: add stub cross personality loader 2018-05-09 19:27:53 -05:00
William Pitcock 6b0e346c28 libpkgconf: refactor building the dir lists into separate concerns 2018-05-09 17:07:26 -05:00
William Pitcock 854490c5b9 libpkgconf: add basic support for cross-compile personality objects 2018-05-09 16:54:21 -05:00
William Pitcock 43e8c7b44d libpkgconf: path: add path list copying function 2018-05-09 16:35:21 -05:00
Leorize f36ccc1d91 libpkgconf: add support for Haiku
client: use BELIBRARIES

On Haiku, BELIBRARIES is the equivalent to LIBRARY_PATH on many other
systems, while LIBRARY_PATH is instead the LD_LIBRARY_PATH of Haiku.

pkg: bootstrap package search paths with Haiku's find_paths

This commit adds build_default_pkgconfig_path. The function appends
to the list given the default pkgconfig paths, and will supersede
get_default_pkgconfig_path
2018-04-05 10:02:54 -05:00
William Pitcock 3f753fa3dd libpkgconf: dependency: preference uncoloured nodes in event of a dependency collision 2018-03-18 19:03:18 -05:00
William Pitcock 7e9ed6922d libpkgconf: pkg: skip over -I cflags from Requires.internal nodes when building a cflags list 2018-03-18 18:05:55 -05:00
William Pitcock ad65bc4a71 libpkgconf: dependency: allow dependency nodes to be colored with traits 2018-03-18 18:03:33 -05:00
William Pitcock f03ec3ff90 libpkgconf: add support for proposed Requires.internal extension 2018-03-18 15:46:53 -05:00
TingPing a50bf726e0 Fix incorrect comment (#178) 2018-03-07 23:16:18 -06:00
TingPing 60c05f5621 Improve prefix rewriting on Windows (#177)
* cli: Default to rewriting prefix on Windows

This matches `pkg-config` behavior

* libpkgconf: Rewrite the prefix of all variables
2018-03-07 23:00:22 -06:00
TingPing 83eea876b0 meson: Fix defining PKGCONF_API (#174) 2018-03-06 23:27:54 -06:00
William Pitcock 0d52339141 libpkgconf: pkg: ensure the dependency node has a solution associated with it
Sometimes this did not happen, e.g. when using providers as the solution (ref #172).
2018-02-08 14:26:25 -06:00
William Pitcock d5fd74d799 libpkgconf: fragment: revert the quoting changes, but not the lexing changes
a few strange edge cases are causing problems (closes #168)
2018-01-22 15:13:14 -06:00
William Pitcock 4a09efe070 libpkgconf: pkg: fix harmless gcc7 compiler warning 2018-01-05 11:38:21 -06:00
William Pitcock a42f265c07 libpkgconf: pkg: include system libdir and includedir search paths as variables in builtin packages (closes #165) 2017-12-21 02:19:21 -06:00
William Pitcock cf96c562e1 libpkgconf: argvsplit: fix escape handling in tokenizer (closes #163) 2017-12-14 22:41:14 -06:00
William Pitcock 18abb4ccc1 libpkgconf: fragment: fix nitpick warning reported by MSVC (closes #162) 2017-12-13 11:18:25 -06:00
William Pitcock e0bf4009cb libpkgconf: pkg: rename pkgconf_pkg_t.requires to pkgconf_pkg_t.required (closes #154)
C++20 makes requires a keyword, so we need to not use it in headers.
2017-12-12 00:21:21 -06:00
William Pitcock 278a2bd667 libpkgconf: fragment: rework quoting and lexing (closes #139, #153)
we now use POSIX-style quoting for all fragments.  it is our belief that this is the
most optimal behaviour for portability, because all POSIX-compliant tools require
single-quotes to be considered as literal (closes #153).

because of this, we are able to remove some hacks on the lexer side which were there
to simulate pkg-config quoting, but were basically utterly wrong (closes #139).
2017-12-11 18:25:55 -06:00
William Pitcock 973aff21e9 libpkgconf: tuple: add some trace logging 2017-12-11 17:39:12 -06:00
William Pitcock 7274357565 libpkgconf: fragment: track merged fragments, as they should never be quoted 2017-12-10 00:39:39 -06:00
William Pitcock cad2515be5 libpkgconf: fragment: there are no consumers of non-escaped rendered fragment lists, so deprecate the option 2017-12-10 00:36:20 -06:00
William Pitcock d2b6983385 libpkgconf: cache: fix refcount issue exposed by recent depgraph solver changes 2017-12-08 13:39:40 -06:00
William Pitcock 19d91e90e5 libpkgconf: fragment: allow for overriding the default fragment rendering behaviour 2017-12-07 19:13:35 -06:00
William Pitcock f7406afc5b libpkgconf: pkg: do not mention PKG_CONFIG_SKIP_CONFLICTS env var when simplified errors are requested (closes #134) 2017-12-05 18:04:42 -06:00
William Pitcock 06abf28dab libpkgconf: client: handle NULL client in pkgconf_trace calls 2017-12-05 17:46:57 -06:00
William Pitcock 74d58d1b63 libpkgconf: pkg: cache solutions for already solved dependency graph nodes
in almost all cases, we partially solve the dependency graph multiple times, which
just wastes resources.  if we record the solution to a given dependency node, further
iterations can make use of the previous solution without having to solve it again.

this is safe because all provides entries (including virtuals) are knowable prior to
solving the dependency graph the first time.

a nice side effect of this is that all packages are preloaded when querying
information about them (--cflags and related commands).
2017-12-05 17:34:01 -06:00
William Pitcock 44b4b126f3 libpkgconf: pkg: record which pkgconf_client_t owns each pkgconf_pkg_t object 2017-12-05 17:32:00 -06:00
William Pitcock 4c0cc29277 libpkgconf: pkg: add refcount debugging 2017-12-05 17:24:57 -06:00
William Pitcock 4589274c43 libpkgconf: start to remove PKGCONF_BUFSIZE allocations from the stack. (closes #149)
Patch by Karen Arutyunov.
2017-10-16 12:56:19 -05:00
William Pitcock 1297385762 libpkgconf: fragment: remove obsolete code in pkgconf_fragment_should_munge() 2017-10-16 12:51:59 -05:00
William Pitcock 36551cca83 libpkgconf: path: relocate the path before doing dedup checks (closes #151) 2017-10-16 11:30:22 -05:00
William Pitcock 3bc2e21dd1 libpkgconf: path: ensure entire buffer is zeroed before calling realpath() on it (closes #150) 2017-10-16 11:26:27 -05:00
Baptiste Daroussin 6985a179c1 libpkgconf: Fix issue when sysroot is '/'
If sysroot is /, simply do nothing.

This fixes #146
2017-10-11 17:05:35 +02:00
William Pitcock fae657101c libpkgconf: argvsplit: handle double backslash case properly (closes #140) 2017-09-23 00:24:34 -05:00
William Pitcock abe0f5c821 libpkgconf: fileio: fix quoting logic for double backslash case (ref #140) 2017-09-23 00:19:16 -05:00
William Pitcock db56c80d92 libpkgconf: fragment: add debug to document post-subst output to parser 2017-09-23 00:11:55 -05:00
William Pitcock 67dd48a343 libpkgconf: api: handle DLL_EXPORT libtool case on mingw (closes #141) 2017-09-23 00:00:43 -05:00
William Pitcock 24c1439d52 libpkgconf: stdinc: fix SIZE_FMT_SPECIFIER on mingw 2017-09-22 23:58:40 -05:00
William Pitcock 420c62e10c libpkgconf: pkg: refactor parser harness to allow providing warnings, provide warning for improper fragment list 2017-09-19 21:58:54 -05:00
William Pitcock 7ced8d77ae libpkgconf: fragment: pkgconf_fragment_parse: return false on parse failure 2017-09-19 21:48:53 -05:00
William Pitcock 7786554be2 libpkgconf: fragment: check pkgconf_argv_split() return value 2017-09-19 21:34:24 -05:00
William Pitcock 56101390ac libpkgconf: fragment parsing: do not pass NULL to pkgconf_fragment_add() 2017-09-19 21:08:18 -05:00
William Pitcock e9fd43caa7 libpkgconf: clean up header includes (closes #137) 2017-09-17 23:38:25 -05:00
William Pitcock ebb4c73525 libpkgconf: client: resolve memory leak of filter lists (closes #130) 2017-09-13 15:02:57 -05:00
William Pitcock f808300a01 libpkgconf: pkg: some elements of virtual packages should be freed as they have heap-allocated portions (closes #132) 2017-09-13 14:56:10 -05:00
William Pitcock 9b55fc3c23 libpkgconf: cache: refactor the way package objects are marked as cached to avoid memory leaks (#133) 2017-09-13 14:41:19 -05:00
William Pitcock 048deb95b3 headers: add C++ wrappers (closes #136) 2017-09-13 14:35:28 -05:00
William Pitcock b5da424ef7 stdinc: drop _GNU_SOURCE definition 2017-09-13 14:20:47 -05:00
William Pitcock 906fef8449 libpkgconf: fragment: mark some inline match tables as const 2017-09-08 20:09:12 -05:00