<pre style='margin:0'>
Christopher Nielsen (mascguy) pushed a commit to branch master
in repository macports-legacy-support.
</pre>
<p><a href="https://github.com/macports/macports-legacy-support/commit/ac9791553b8b96e9a8011e773bf25b7004758c22">https://github.com/macports/macports-legacy-support/commit/ac9791553b8b96e9a8011e773bf25b7004758c22</a></p>
<pre style="white-space: pre; background: #F8F8F8"><span style='display:block; white-space:pre;color:#808000;'>commit ac9791553b8b96e9a8011e773bf25b7004758c22
</span>Author: Fred Wright <fw@fwright.net>
AuthorDate: Thu Jun 6 19:09:30 2024 -0700
<span style='display:block; white-space:pre;color:#404040;'> Fix stpncpy() security wrapper for 10.5 with 10.7+ SDK.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> The previous fix for the 10.5 compiler issue only applied when the
</span><span style='display:block; white-space:pre;color:#404040;'> wrapper is being provided by the legacy-support headers. But the
</span><span style='display:block; white-space:pre;color:#404040;'> problem also exists when the wrapper is applied by a 10.7+ SDK when
</span><span style='display:block; white-space:pre;color:#404040;'> building for 10.5. This moves the hack outside the check for the
</span><span style='display:block; white-space:pre;color:#404040;'> prefdefined wrapper.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> In the 10.7+ SDK case, the inline was defined before the macro hack,
</span><span style='display:block; white-space:pre;color:#404040;'> so we use a different name for the inline here. To make this
</span><span style='display:block; white-space:pre;color:#404040;'> effective, we unconditionally define the macro here, overriding the
</span><span style='display:block; white-space:pre;color:#404040;'> SDK.
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> Re: https://trac.macports.org/ticket/69867
</span><span style='display:block; white-space:pre;color:#404040;'>
</span><span style='display:block; white-space:pre;color:#404040;'> TESTED:
</span><span style='display:block; white-space:pre;color:#404040;'> Tested on 10.4-10.5 ppc, 10.5-10.6 ppc (i386 Rosetta), 10.4-10.6 i386,
</span><span style='display:block; white-space:pre;color:#404040;'> 10.5-12.x x86_64, and 11.x-14.x arm64. Tested against all 10.4-14.x
</span><span style='display:block; white-space:pre;color:#404040;'> SDKs, using the headerinfo manual test (from a subsequent commit).
</span><span style='display:block; white-space:pre;color:#404040;'> All target/SDK combinations where the SDK supports the CPU
</span><span style='display:block; white-space:pre;color:#404040;'> architecture work correctly, including all SDKs on Intel
</span><span style='display:block; white-space:pre;color:#404040;'> architectures. Only 10.4-10.6 SDKs support ppc, and only 11.x+ SDKs
</span><span style='display:block; white-space:pre;color:#404040;'> support arm64.
</span>---
include/string.h | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
<span style='display:block; white-space:pre;color:#808080;'>diff --git a/include/string.h b/include/string.h
</span><span style='display:block; white-space:pre;color:#808080;'>index 163230b..fa5223c 100644
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>--- a/include/string.h
</span><span style='display:block; white-space:pre;background:#e0e0ff;'>+++ b/include/string.h
</span><span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -1,4 +1,3 @@
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-
</span> /*
* Copyright (c) 2018 Chris Jones <jonesc@macports.org>
*
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -25,16 +24,12 @@
</span> #include_next <string.h>
/* stpncpy */
<span style='display:block; white-space:pre;background:#ffe0e0;'>-/*
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * If we're building with a 10.7+ SDK, stpncpy may have already been defined as
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * a macro. In that case, leave it as is. This not only leaves it as provided
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- * by the SDK, but also informs the decision below.
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-#if __MP_LEGACY_SUPPORT_STPNCPY__ && !defined(stpncpy)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#if __MP_LEGACY_SUPPORT_STPNCPY__
</span> __MP__BEGIN_DECLS
<span style='display:block; white-space:pre;background:#e0ffe0;'>+#undef stpncpy /* In case built with later SDK */
</span> extern char *stpncpy(char *dst, const char *src, size_t n);
__MP__END_DECLS
<span style='display:block; white-space:pre;background:#ffe0e0;'>-#endif /* __MP_LEGACY_SUPPORT_STPNCPY__ && !defined(stpncpy) */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#endif /* __MP_LEGACY_SUPPORT_STPNCPY__ */
</span>
/* strnlen */
#if __MP_LEGACY_SUPPORT_STRNLEN__
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -70,15 +65,19 @@ __MP__END_DECLS
</span> #if defined(_USE_FORTIFY_LEVEL) && _USE_FORTIFY_LEVEL > 0
/* stpncpy */
<span style='display:block; white-space:pre;background:#ffe0e0;'>-/* Note the defense against building with a 10.7+ SDK, as above. */
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>-#if __MP_LEGACY_SUPPORT_STPNCPY__ && !defined(stpncpy)
</span>
<span style='display:block; white-space:pre;background:#e0ffe0;'>+#if __MP_LEGACY_SUPPORT_STPNCPY__
</span> /*
* GCC 4.2 for 10.5 lacks __builtin___stpncpy_chk, even though GCC 4.2
* for 10.6 has it. In the absence of a reasonable way to check for compiler
* support directly, we rely on the OS version for the decision. Note that
* the security wrapper mechanism isn't enabled by default on 10.5, anyway,
* but this allows it to work (inefficiently) if it's enabled explicitly.
<span style='display:block; white-space:pre;background:#e0ffe0;'>+ *
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * This applies regardless of whether the wrapper comes from here or from
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * a 10.7+ SDK, hence we always define it here. To make this effective
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * in the 10.7+ SDK case, we use a different name for the inline, which
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ * also avoids a duplicate definition issue.
</span> */
#if __ENVIRONMENT_MAC_OS_X_VERSION_MIN_REQUIRED__ < 1060
extern char *__stpncpy_chk(char *dest, const char *src, size_t len,
<span style='display:block; white-space:pre;background:#e0e0e0;'>@@ -86,19 +85,20 @@ extern char *__stpncpy_chk(char *dest, const char *src, size_t len,
</span> #define __builtin___stpncpy_chk __stpncpy_chk
#endif /* OS <10.6 */
<span style='display:block; white-space:pre;background:#e0ffe0;'>+#undef stpncpy
</span> #define stpncpy(dest, src, len) \
((__darwin_obsz0 (dest) != (size_t) -1) \
? __builtin___stpncpy_chk (dest, src, len, __darwin_obsz (dest)) \
<span style='display:block; white-space:pre;background:#ffe0e0;'>- : __inline_stpncpy_chk (dest, src, len))
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ : __mpls_inline_stpncpy_chk (dest, src, len))
</span>
static __inline char *
<span style='display:block; white-space:pre;background:#ffe0e0;'>-__inline_stpncpy_chk (char *__restrict __dest, const char *__restrict __src,
</span><span style='display:block; white-space:pre;background:#ffe0e0;'>- size_t __len)
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+__mpls_inline_stpncpy_chk (char *__restrict __dest,
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+ const char *__restrict __src, size_t __len)
</span> {
return __builtin___stpncpy_chk (__dest, __src, __len, __darwin_obsz(__dest));
}
<span style='display:block; white-space:pre;background:#ffe0e0;'>-#endif /* __MP_LEGACY_SUPPORT_STPNCPY__ && !defined(stpncpy) */
</span><span style='display:block; white-space:pre;background:#e0ffe0;'>+#endif /* __MP_LEGACY_SUPPORT_STPNCPY__ */
</span>
#endif /* _USE_FORTIFY_LEVEL > 0 */
</pre><pre style='margin:0'>
</pre>