Commit Graph

431 Commits (4a3adf3457c9ed44f1cb267b1f65889b256f151b)

Author SHA1 Message Date
Ariadne Conill 79d25f979d queue: ensure private deps get flattened when --static is requested
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-08-08 00:58:55 +00:00
Dylan Baker 7976daab9a bsdstubs: include errno.h
ci/woodpecker/pr/woodpecker Pipeline was successful Details
Needed for ENOMEM, and fixes the build on MacOS.
2022-08-06 22:30:25 -07:00
Ariadne Conill d8d669f637 pkgconf 1.9.0.
ci/woodpecker/push/woodpecker Pipeline was successful Details
ci/woodpecker/tag/woodpecker Pipeline was successful Details
2022-08-07 04:47:04 +00:00
Ariadne Conill 0e05308f9c pkg: add SPDX license assertion to pkgconf builtin 2022-08-07 04:35:29 +00:00
Ariadne Conill 1389aa05ba pkg: add pkgconf_pkg_t.license field
ci/woodpecker/push/woodpecker Pipeline was successful Details
The pkgconf_pkg_t.license field maps to the new License keyword, and
should be an SPDX license expression.
2022-08-07 04:21:22 +00:00
Ariadne Conill 7edfdbff0b pkg: upgrade circular reference trace to a warning
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-08-07 01:29:21 +00:00
Ariadne Conill 662668d082 pkg: add trace log when breaking a circular reference
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-08-07 01:09:07 +00:00
Dylan Baker 1cfa2d1e20 pkg: prevent circular ownership
Otherwise in a case where A references B, and B references A, A and B
will have mutual ownership of each other and prevent each other from
being free'd.
2022-08-04 15:52:10 -07:00
Dylan Baker 301d8fa0c6 queue: free unused dependencies when flattening 2022-08-04 15:52:10 -07:00
Dylan Baker 34b110200a dependency: zero list after freeing 2022-08-04 15:52:10 -07:00
Dylan Baker e71a5a3370 dependency: add debug information for dependency refcounting 2022-08-04 15:52:10 -07:00
Dylan Baker 4934205737 pkg: add name of pkg being refed/unrefed to debug outpu 2022-08-04 15:52:10 -07:00
Dylan Baker a46ce3672f queue: when collecting dependents don't iterate private twice
Currently, the private field is iterated collecting private deps and
normal deps. It should only be iterated when collecting private deps.
2022-08-04 15:52:10 -07:00
Dylan Baker a391f9b650 pkg: use goto cleanup idiom 2022-08-04 15:52:10 -07:00
Dylan Baker 171738024e cache: clear the cache with pkgconf_cache_remove
Which results in more code re-use.
2022-08-04 15:52:10 -07:00
Dylan Baker e4d1c8ffa5 queue: when flattening do nothing if the flattened deps are empty 2022-08-04 15:52:10 -07:00
Dylan Baker 6609001114 queue: unref dependency in all cases 2022-08-04 15:52:10 -07:00
Dylan Baker e275594ba6 queue: ensure cleanup happens when applying 2022-08-04 15:52:10 -07:00
Dylan Baker 4a1119aa2a dependency: Fix reference counting of dependency_addraw
We only want a reference to be added for the value inserted into the
list, not the one returned. The returned one is unowned until it reaches
the public dependency_add function, which returns an owned pointer
instead. This makes things semantically more correct.

Unfortunately, this means in a few cases we have to write some ugly
code like:
```c
pkgconf_dependency_t *dep = pkgcond_dependency_add("args");
pkgconf_dependency_unref(dep->owner, dep);
```
2022-08-04 15:52:10 -07:00
Dylan Baker a4de6235c2 cache: when removing a package from the cache unset the cached flag 2022-08-04 15:52:10 -07:00
Dylan Baker ebe74fd253 cache: free the cache table when it is empty and set to NULL
We do the latter for the benefit of libpkgconf. This cleans up a
significant number of memory leaks in the cache handling.
2022-08-04 15:52:10 -07:00
Dylan Baker 96c61cbab0 libpkgconf: remove trailing ; from macro definition
GCC has a lovely bug (which I will report as soon as I have an account),
which causes -Wmisleading-indentation to miss cases of misleading
indentation after a `;;`, since the macro adds `;`, and in call cases
the caller also adds `;`, we end up with a double macro and gcc fails to
warn.
2022-08-03 12:03:15 -07:00
Ariadne Conill 6c70781aad introduce PKG_CONFIG_PKGCONF1_SYSROOT_RULES for legacy pkgconf behavior 2022-07-26 18:00:22 +00:00
Ariadne Conill f8aefea7ec pkg: add flags argument to pkgconf_pkg_new_from_file 2022-07-26 17:13:15 +00:00
Ariadne Conill 297e18f2c8 tuple: add flags parameter to pkgconf_tuple_parse 2022-07-26 17:08:48 +00:00
Ariadne Conill b0802cb3d1 Revert "pkgconf_pkg_parser_value_set(): fix code-path ordering bug."
ci/woodpecker/push/woodpecker Pipeline was successful Details
This reverts commit 13fe4c8c58.
2022-06-26 19:41:31 +00:00
Ariadne Conill 72e429ae70 tuple: use ${pc_sysrootdir} instead of client->sysroot_dir where relevant
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-06-26 19:35:19 +00:00
Ariadne Conill a61193c723 pkg: fix sysroot_dir logic for github 213
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-06-26 19:16:00 +00:00
Ariadne Conill d68a867dc0 tuple: fall back to using globals rather than preferring them 2022-06-26 19:15:07 +00:00
Ariadne Conill fdd7d192e0 queue: fix ISO C conformance for fallthrough label
ci/woodpecker/push/woodpecker Pipeline failed Details
2022-06-26 18:39:00 +00:00
Ariadne Conill a1a415111f queue: handle pkgconf_pkg_verify_dependency failure while flattening
ci/woodpecker/push/woodpecker Pipeline failed Details
2022-06-26 18:09:22 +00:00
Ariadne Conill 9bc6d80e61 queue: push new unresolved dependencies to the front of the queue, rather than the tail 2022-06-26 18:06:04 +00:00
Ariadne Conill fe4db3aad9 queue: skip dependency collection for root node 2022-06-26 18:04:42 +00:00
Ariadne Conill 5a82a259ac queue: use maxdepth after flattening
ci/woodpecker/push/woodpecker Pipeline failed Details
2022-06-26 15:17:08 +00:00
Ariadne Conill a416dc1fd6 queue: advance client serial when walking requires.private for flattening 2022-06-26 15:16:36 +00:00
Ariadne Conill 197fcadd4c queue: add flattening code 2022-06-26 15:02:37 +00:00
Ariadne Conill 5817e8848f pkg: track the number of hits a package has gotten while solving for dependencies
ci/woodpecker/push/woodpecker Pipeline failed Details
2022-06-26 07:22:56 +00:00
Ariadne Conill 6ae17bd0ef pkg: split pkgconf_pkg_traverse into a serial-modifying version 2022-06-26 06:05:40 +00:00
Ariadne Conill ffa0805d58 cache: use pkgconf_reallocarray stub
ci/woodpecker/push/woodpecker Pipeline was successful Details
2022-06-26 04:38:02 +00:00
Ariadne Conill c1579d381c bsdstubs: add pkgconf_reallocarray 2022-06-26 04:37:18 +00:00
Ariadne Conill 4c76f6bf01 meson: check for reallocarray
ci/woodpecker/push/woodpecker Pipeline was successful Details
it is needed for the new cache code
2022-06-26 04:33:47 +00:00
Ariadne Conill 464672404e cache: refactor to use a continguous table and bsearch
ci/woodpecker/push/woodpecker Pipeline was successful Details
cache functions are the hottest part of the pkgconf code when
profiled, by removing the linked list for lookups, we can turn
lookups into an O(k) operation
2022-06-26 04:30:35 +00:00
Dylan Baker c0fa7879b2 libpkgconf: zero path lists after freeing
ci/woodpecker/push/woodpecker Pipeline was successful Details
This is required to make the pointer safely re-usable after being freed,
otherwise the list still says that it has nodes, but they point nowhere.
This is particularly important for libpkgconf, if a caller needs to
re-enter the library after freeing a path in a static path (such as the
default personality)
2022-06-26 03:12:34 +00:00
Dylan Baker 2d201af326 libpkgconf: Add a helper to zero `pkgconf_list_t`s 2022-06-26 03:12:34 +00:00
Ariadne Conill cf48b61a59 stdinc: include strings.h on POSIX 2022-02-21 04:42:26 -06:00
Ariadne Conill 0995e49977
Merge branch 'master' into readme-meson 2022-02-21 04:27:11 -06:00
Ariadne Conill a45dbccc01
Merge pull request #242 from data-man/dirent_latest
Update dirent.h to latest
2022-02-21 04:25:36 -06:00
Ariadne Conill c6cfca6730
Merge pull request #245 from dcbaker/submit/remove-const
libpkgconf: remove const modifier from error_handler data pointer
2022-02-21 04:25:26 -06:00
Dylan Baker c581e24a67 personality: use an unsigned to track initializations
Instead of a bool. The latter will result in de-initing leaving the
library unable to init again, which works out for the cli, but is
problematic for other consumers (meson++ and muon).

v2: - Add docs that the functions are not thread safe
2022-02-14 21:22:05 -08:00
Dylan Baker f5d6bb71f8 libpkgconf: remove const modifier from error_handler data pointer
Currently, the data pointer is `const void *`, which means that the
handler can't modify the data without casting away the constness.
2022-02-07 09:34:09 -08:00
data-man b132ce8317 Update dirent.h to latest 2022-01-08 10:55:28 +05:00
Andrea Pappacoda 6109e06089
docs: mention Meson instead of CMake for Win build
Fixes #233
2021-12-11 14:49:19 +01:00
Ariadne Conill 2b82a4f63e use a serial instead of PKGCONF_PKG_PROPF_SEEN 2021-10-07 00:27:32 -06:00
Ariadne Conill 7d8cc1e4ce dependency: add pkgconf_dependency_copy() 2021-10-06 13:13:34 -06:00
Ariadne Conill c547edd07f deconst the client on pkgconf_dependency_add() 2021-10-06 11:52:18 -06:00
Ariadne Conill 4144d506bb implement dependency refcounting 2021-10-06 11:48:37 -06:00
Ariadne Conill 8130dd159e dependency: add pkgconf_dependency_free_one 2021-10-06 11:29:18 -06:00
Ariadne Conill 4b87e256d3 cache: clear package cache without using the refcounts 2021-08-17 15:29:55 -06:00
Ariadne Conill df1b671c83 dependency: use dependency match owner with pkgconf_pkg_unref() 2021-08-17 15:18:47 -06:00
Ariadne Conill 78bcb17116 personality: do not perform path filtering on default SYSTEM_INCLUDE_PATHS and SYSTEM_LIBRARY_PATHS
This is not consistent with the way the personality files or environment variables
are handled.

Fixes #224.
2021-07-24 20:06:55 -06:00
Ariadne Conill ceece2c195 pkg: fix up comment about issue #213 workaround 2021-07-24 19:47:33 -06:00
Sandro Mani ed86f2dda3 Don't prepend sysroot_dir if pkg-config file lies outside of sysroot_dir 2021-07-24 20:43:58 -05:00
Stone Tickle d688a7bd03 implement pkgconf_cross_personality_deinit 2021-07-24 06:08:25 -05:00
midipix 13fe4c8c58 pkgconf_pkg_parser_value_set(): fix code-path ordering bug.
Prior to this commit, the code path responsible for prefix redefinition
(motivated by --define-prefix or otherwise) was visited more than
once, specifically since the check ignored pkg->owner->prefix_varname.
2021-06-18 14:42:41 -05:00
Christoph Reiter 4f73f6a1d6 Rework path handling on native Windows
The current approach was to parse the .pc and, detect the prefix, throw
everything together and at the end replace all \ with / to not produce invalid
escape sequences.

This has the problem that escaping in .pc files is ignored and no longer
possible. Also in case the prefix path has a space in it the result would be
invalid because of missing escaping.

This changes the following things:

* We no longer normalize values at the end. Instead we assume .pc files use "/"
  as a directory separator or "\\", same format as under Unix. "\" alone no
  longer works. This shouldn't be a problem since most build tools produce .pc
  files with "/" like meson, cmake, autotools.

* When injecting the prefix at runtime we convert the prefix to use "/" and
  escape spaces so that in combination with the .pc content the result is a
  valid escaped path value again.

This patch has been used in MSYS2 for some months now.

See #212
2021-03-20 06:59:38 -08:00
Christoph Reiter 4be39c59fb Remove usage of cygwin_conv_path() under cygwin/msys
This converted Unix paths to Windows paths, but all cygwin tools
work with Unix paths so this shouldn't be needed.

There is one use case if you use a cygwin pkgconf with a non-cygwin toolchain,
but pkgconf works reasonable well natively now so this shouldn't be needed
anymore and more likely leads to problems and confusion.

Both cygwin and msys have patched this out already:
* https://cygwin.com/git-cygwin-packages/?p=git/cygwin-packages/pkgconf.git;a=blob;f=pkgconf.cygport;h=e5d003f3f3dfc9e374b916974018022ad8d68852;hb=HEAD#l55
* a4bce0c294/pkgconf/PKGBUILD (L26)
2021-03-20 06:58:53 -08:00
Ariadne Conill dbb6a232e5 path: don't use PATH_MAX, use PKGCONF_ITEM_SIZE * 4 for realpath buffer 2021-03-18 06:56:55 -06:00
Ariadne Conill fd1b8ccca6 main: if PKG_CONFIG_FDO_SYSROOT_RULES is set, or DESTDIR matches PKG_CONFIG_SYSROOT_DIRS, disable the automatic sysroot rewriting
Closes #205.
2021-03-18 06:22:11 -06:00
Ariadne Conill 008d706958 libpkgconf: personality: default: set want_default_static and want_default_pure to true on windows 2021-03-18 06:03:47 -06:00
Ariadne Conill f9531ce9fe add support for pkgconf_cross_personality_t.want_default_pure 2021-03-18 06:02:00 -06:00
Ariadne Conill 52d19e1b9e libpkgconf: fileio: pkgconf_fgetline(): handle quoted=true when a comment introduction is encountered
Fixes #215.
2021-03-18 05:45:41 -06:00
Ryan Scott ab404bc25b Fix #209
This commit fixes #209 by applying the suggestion from
https://github.com/pkgconf/pkgconf/issues/209#issuecomment-771609136.
2021-02-05 23:57:10 -07:00
Fabian Groffen 13a5d9a5f0 libpkgconf: path: supply buffer to realpath
To avoid a crash on some platforms (like Darwin 9) provide a buffer to
realpath(3).

Darwin 9 (last PPC target) documents realpath needs to be given a buffer
to the resolved_path argument large enough to hold PATH_MAX bytes.
With NULL argument it crashes.  Solaris makes no mention of
resolved_path to be allowed NULL, yet recent versions accept it and
malloc(3) accordingly.

Because the documentation explicitly mentions PATH_MAX being the limit
to what realpath(3) would write in resolved_path, switching to a static
buffer here doesn't limit resolution compared to dynamically allocating
a buffer by realpath(3).

While this change requires a bit more space on the stack, it avoids a
malloc/free sequence, and allows successful operation on (older)
platforms that lack support for dynamically allocating a return buffer
in realpath(3).

Signed-off-by: Fabian Groffen <grobian@gentoo.org>
2021-01-08 18:44:40 -05:00
Christoph Reiter de8fc9e438 meson: install headers into pkgconf/libpkgconf instead of just libpkgconf
To mirror what the autotools build does
2020-11-28 19:42:00 -07:00
Christoph Reiter 869f2a84d6 pkgconf_pkg_parser_version_func: fix whitespace detection
In case the version string has no whitespace then strcspn() returns
strlen() of the input, so whitespace is only found if len != strlen.

This fixes invalid warnings when parsing version fields.
2020-11-28 19:17:03 -07:00
Ariadne Conill 2a8bebf289 libpkgconf: path: rewrite DOS paths in non-cygwin case too 2020-06-11 18:00:56 -06:00
Tobias Stoeckmann f818a69b3d libpkgconf: pkg: fix out ouf boundary access
If a file with a matching "uninstalled" name exists but cannot be
parsed, an invalid memory area is accessed.

How to reproduce:
$ touch poc-uninstalled.pc
$ PKG_CONFIG_PATH=. pkgconf poc
2020-06-10 00:20:36 -06:00
Ariadne Conill ef135d819c meson: remove some autotools cruft 2020-06-02 18:58:00 -06:00
Ariadne Conill 354c87279b libpkgconf: tuple: fix truncation when no overflow occurs 2020-05-30 19:20:25 -06:00
Tobias Stoeckmann 5eb9cae009 libpkgconf: tuple: fix out of boundary write
This is the same issue which has been fixed in dependency code.

If a line contains a variable which is longer than PKGCONF_ITEM_SIZE,
then the varname buffer overflows.

The code itself still does not check if a closing } exists and
truncates variable names which are too long. Since these would
be functional changes and this commit is about a protection against
undefined behaviour on a language level, these changes are not
included.

Proof of concept:
$ echo "Description: poc" > poc.pc
$ echo "Version: 1" >> poc.pc
$ echo -n 'Name: ${'
$ dd if=/dev/zero bs=1 count=66535 | tr '\0' 'x' >> poc.pc
$ echo >> poc.pc
$ pkgconf poc.pc

On my Linux system, when compiled with gcc, the varname buffer overflows
directly into buf, which means that no crash can be notified.

It's easiest to figure out when adding strlen() and sizeof() output
as debug lines.
2020-05-30 19:09:24 -06:00
Tobias Stoeckmann 100bc605de libpkgconf: fragment: fix out of boundary write
fragment_quote adds quotation to fragments if needed. It allocates a
buffer and grows it as needed.

Unfortunately the dst pointer is not updated after a realloc, which
means that dst still points into the old memory area. Further writing
characters into that area leads to out of boundy writes.

Proof of concept:

$ cat > poc.pc << EOF
Name: poc
Description: poc
Version: 1
CFlags: -Ia
CFlags: -I%%%%%%%%%%%%%%%%%%%%b
CFlags: -I%%%%%%%%%%%%%%%%%%%%c
CFlags: -Id
EOF
$ pkgconf --cflags poc.pc

Most reliable attempt is to compile pkgconf with address sanitizer,
but this file should lead to an abort on a glibc system due to modified
chunk pointers (tested with Linux on amd64).

But since this is undefined behaviour, it depends on system details.
2020-05-30 19:05:53 -06:00
Tobias Stoeckmann dc04193c48 libpkgconf: fragment: fix out of boundary read
Parsing a fragment which consists only of a single dash leads to
an out of boundary read. It duplicates the following entry which
is not expected behaviour if another fragment follows.

Proof of concept:

$ cat > poc.pc << "EOF"
Name: poc
Description: poc
Version: 1
Cflags: - -I/somewhere
EOF
$ PKG_CONFIG_PATH=. pkgconf --cflags poc
-I/somewhere -I/somewhere

If - is the last entry, it leads to an out of boundary read, which is
easy to see if pkgconf is compiled with address sanitizer.
2020-05-30 12:43:08 -06:00
Vincent Torri 42b355310f fix missing backslashes in paths on Windows
According to

https://docs.microsoft.com/fr-fr/windows/win32/fileio/naming-a-file

backslashes (with slashes) are a path separator, hence must no be
considered as an escape code.

The first fix, in argvsplit.c, disables this. But because of fragment_quote(),
the backslashes are doubled. Hence the second fix in fragment.c

With this pc file :

prefix=C:/Documents/msys2/opt/efl_64
libdir=${prefix}/lib
includedir=${prefix}/include

Name: eina
Description: efl: eina
Version: 1.24.99
Requires.private: iconv
Libs: -L${libdir} -leina -pthread -levil
Libs.private: -lpsapi -lole32 -lws2_32 -lsecur32 -luuid -lregex -lm
Cflags:-I${includedir}/eina-1 -I${includedir}/efl-1
-I${includedir}/eina-1/eina -pthread

pkgconf.exe --cflags eina

returns :

-IC:\Documents\msys2\opt\efl_64/include/eina-1
-IC:\Documents\msys2\opt\efl_64/include/efl-1
-IC:\Documents\msys2\opt\efl_64/include/eina-1/eina -pthread
-DWINICONV_CONST= -IC:\Documents\msys2\opt\ewpi_64/include
2020-05-30 12:39:43 -06:00
Tobias Stoeckmann fb9acedcad libpkgconf: dependency: fix out of boundary write
It is possible to trigger an out of boundary write in function
pkgconf_dependency_parse_str if a dependency line contains a very
long comparator. The comparator is stored in a temporary buffer which
has a size of PKGCONF_ITEM_SIZE.

The line which is parsed can be up to PKGCONF_BUFSIZE characters long,
which is larger than PKGCONF_ITEM_SIZE (although it depends on PATH_MAX).

Having a comparator which is longer than PKGCONF_ITEM_SIZE therefore
leads to an out of boundary write. Although it is undefined behaviour,
this can lead to an overridden compare variable, which in turn can lead
to an invalid instruction pointer, i.e. most likely a crash or code
execution (very unlikely).

Proof of concept:

$ echo "Requires: x " > poc.pc
$ dd if=/dev/zero bs=1 count=65535 | tr '\0' '<' >> poc.pc
$ pkgconf poc.pc

Eiter compile pkgconf with address sanitizer or run pkgconf multiple
times, eventually it might crash (assuming that ASLR is in place).

In order to fix this, I decided to use an end pointer to avoid OOB write.
Alternative would be to increase the buffer size, but I try to avoid that
since this would be additional ~60 KB stack space for a very unlikely
situation.
2020-05-26 14:03:55 -06:00
Ariadne Conill c613eb5cce libpkgconf: pkg: use a second pointer for demunging windows paths 2020-05-26 13:42:39 -06:00
Ariadne Conill e70b536ea3 libpkgconf: pkg: when generating a search path, use the correct path separator
Before, this could result in generated paths like C:\foo\pkgconfig/bar.pc on Windows.
2020-05-26 11:01:46 -06:00
Ariadne Conill 0253fddc1d libpkgconf: pkg: fix computation of pkgconf_pkg_t.id on Windows.
Windows allows both \ and / as valid path characters.  A computed path
such as C:\development\libfoo\pkgconfig/foo.pc will result in a computed
pkgconf_pkg_t.id of "pkgconfig/foo".

Accordingly, correct the path normalization for checking for / after
the \ path has been dealt with in all cases.
2020-05-26 07:41:16 -06:00
Tobias Stoeckmann 9e16d2709c libpkgconf: personality: fix out of boundary access
It is possible to set the instruction pointer to undefined values by
using an operator larger than ':' in ASCII.

Since the personality function array does not have 256 entries, an
invalid operator can overflow the array.

Proof of concept:

$ echo "a _ b" > poc
$ ln -s $(which pkgconf) poc-pkgconf
$ ./poc-pkgconf
2020-05-25 05:55:39 -06:00
Ariadne Conill dd57abfe9f pkgconf 1.7.0. 2020-05-24 14:55:02 -06:00
Ariadne Conill 4fb7683c3e add support for the PKGCONF_PKG_PKGF_DONT_MERGE_SPECIAL_FRAGMENTS flag used in build2. 2020-05-24 14:40:47 -06:00
Ben 011db1bb88 Do not complain about malformed whitespace from \n on Version line
Every version line has a newline at the end; the malformed whitespace checker
should just check for trailing spaces and tabs.

Resolves https://todo.sr.ht/~kaniini/pkgconf/15
2020-05-24 14:36:46 -06:00
Ariadne Conill 382a89c173 pkg: pkgconf_compare_version(): do not return levenshtein distance in strcmp() case 2020-05-24 14:18:16 -06:00
Tobias Stoeckmann 92745ad9cb libpkgconf: parser: fix out of boundary access
It is possible to trigger an out of boundary access with specially
crafted files. If a line consist of only a key and spaces, then
op will point to '\0'-ending of the buffer. Since p is iterated by
one byte right past this ending '\0', the next read access to p is
effectively out of bounds.

Theoretically this can also lead to out of boundary writes if spaces
are encountered.

Proof of concept (I recommend to compile with address sanitizer):

$ echo -n a > poc.pc
$ dd if=/dev/zero bs=1 count=65533 | tr '\0' ' ' >> poc.pc
$ pkgconf poc.pc
2020-05-24 14:10:18 -06:00
Tobias Stoeckmann bd4ed1ca02 libpkgconf: fileio: prevent buffer overflow.
pkgconf_fgetline is called with a user-defined buffer, its size, and
a FILE stream to read input from.

If the buffer is almost completely filled and the file stream contains
an escaped character, then it is possible to trigger an off-by-one
buffer overflow with a '\0' character.

Easiest example to trigger this:

char buf[2];
pkgconf_fgetline(buf, sizeof(buf), stdin);

Enter "\\" (two backslashes) and press enter. If the library and the
program are compiled with address sanitizer, you will see the program
crashing. Otherwise it depends on your architecture what happens.

Since nobody should be using a buffer of only size 1 or 2, keep enough
space for a possibly escaped character in while loop by subtracting one
more byte for this situation, not just for '\0'.
2020-05-24 14:09:44 -06:00
Ariadne Conill 48dc665ae3 personality: add support for WantDefaultStatic setting 2019-10-19 00:56:17 -05:00
Ariadne Conill 2adafc2729 libpkgconf: personality: return the default personality if loading a personality file failed 2019-08-23 12:48:11 -05:00
Ariadne Conill 19aa93e371 prepare for pkgconf 2.0 development 2019-08-04 15:54:24 -05:00
Ariadne Conill c862e030cf pkgconf 1.6.3. 2019-07-12 06:53:37 -05:00
Ariadne Conill c10f69994b libpkgconf: pkg: generate diagnostic for and trim malformed versions 2019-07-12 06:35:48 -05:00
Ariadne Conill 7a395932f2 drop CMake support 2019-07-12 05:45:16 -05:00