The overflow check in mEMALIGn erroneously checks for INT_MAX,
albeit the input parameter is size_t. Fix this to check for
__SIZE_MAX__ instead. Also, it misses to check the req against
adding the alignment before calling mALLOc.
While at it, add out-of-bounds checks to pvALLOc, nano_memalign,
nano_valloc, and Cygwin's (unused) dlpvalloc.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
First cut. This is currently implemented only for disk files, and
many things still need to be fixed. But it works in limited testing
with the programs scm_rights_{recv,send} in
winsup/cygwin/socket_tests.
Define static helper functions serialize/deserialize in
fhandler_socket_unix.cc. These will be used to support sending file
descriptors via SCM_RIGHTS control messages.
The serialize function creates an 'fh_ser' structure that contains a
copy of the fhandler associated with the file descriptor, with all
allocated memory freed. The structure also contains the Windows pid
of the current process, which deserialize can use for duplicating
handles.
The deserialize function reconstructs an fhandler from an fh_ser
structure, with the handles duplicated into its own process.
For now, serialization and deserialization are fully implemented only
for disk files, and even in that case there are many FIXMEs that need
attention.
This allows duplication of handles from an fhandler created in a
different process. For now, this is implemented only for
fhandler_base and fhandler_disk_file.
Override this in each derived class to give the size of each fhandler
class so that the size can be computed dynamically from an
fhandler_base pointer.
Replace the 'WCHAR pipe_name_buf[48]' class member by 'PWCHAR
pipe_name_buf', and allocate space for the latter as needed.
Change the default constructor to accommodate this change, and add a
destructor that frees the allocated space.
Also change get_pipe_name and clone to accommodate this change.
By default, libltp tests will create temporary files in a subdirectory
of /tmp, which will (nowadays) be located relative to the test DLL (by
assuming that it is in /bin). This will evaluate to the directory
$target_builddir/winsup/tmp, which doesn't exist.
The location used for these temporary files can be explicitly controlled
by setting the TDIRECTORY env var. Arrange to set that env var to the
/cygdrive path of a tmp subdirectory of the build directory.
Unfortunately, libltp doesn't clean the temporary directory if
TDIRECTORY is set, and some tests assume they are started in a clean
directory, so we need to do that in tcl.
Set the PATH so that tests can pick up cygwin0.dll. Looks like this was
dropped by accident in 2e488e95 ("Don't rely on in-build tools"), so
restore it as it was prior to 9d89f634.
Drop MINGW_FE, which I can't find any trace of, and instead detect and
use MinGW compilers.
This requires adding AC_CANONICAL_TARGET, to set $target_cpu.
This is now required as cygwin_build is defined in terms of
target_builddir.
(Note that in other subdirectories, the autoconf variable
target_builddir is AC_SUBST-ed as a side-effect of using a macro from
winsup/acinclude.m4, which is perhaps less than ideal)
The autoconf variable all_host is used to make building of the stub
library used by the testsuite conditional on not cross-compiling.
Make it unconditional, so we will notice if it's broken when
cross-compiling.
This includes various changes to create_cmsg_data and
evaluate_cmsg_data. The most important are:
- create_cmsg_data now allows only one SCM_RIGHTS message and one
SCM_CREDENTIALS message.
- evaluate_cmsg_data now truncates the ancillary data to the number of
control messages that will fit in the supplied buffer. Previously
it discarded all control messages if the buffer was too small.
See https://man7.org/linux/man-pages/man7/unix.7.html.
Previously, create_cmsg_data and evaluate_cmsg_data required the
ancillary data to contain only a single control message, of type
SCM_CREDENTIALS. In preparation for supporting SCM_RIGHTS in the
future, allow more than one.
create_cmsg_data now iterates through the specified control messages
and allows both SCM_CREDENTIALS and SCM_RIGHTS. If no SCM_CREDENTIALS
message is present, it creates one. This was previously done in
sendmsg.
evaluate_cmsg_data also iterates through the received control messages
and allows both SCM_CREDENTIALS and SCM_RIGHTS. Control messages of
type SCM_CREDENTIALS are discarded unless the SO_PASSCRED option has
been set.
Update tests.
b55e3f19 was a bit too aggressive in dropping, rather than just
un-exporting these Makefile variables. We need to set these to the
configured host compiler if we are cross-compiling, otherwise they
default to the build compiler.
Also export CC to the mkvers.sh script (which requires it since
4eca5e6a). It's unclear why we can't just cause windres to use the
build 'cpp' as the pre-processor there.
Add a new HANDLE argument to peek_pipe and peek_pipe_poll so that the
caller can specify a pipe handle to use in lieu of get_handle(). Use
this in recvmsg to make the MSG_PEEK flag work for unbound datagram
sockets.
Untested.
If the caller doesn't specify ancillary data, add credentials to the
outgoing packet.
This enables us to satisfy the requirement
(https://man7.org/linux/man-pages/man7/unix.7.html) that a socket with
the SO_PASSCRED option enabled can get the credentials of its peer in
every message it receives.
FIXME: I'm not sure if this is the right way to satisfy that
requirement. A possible alternative would be to arrange for a socket
to be notified when its peer enables SO_PASSCRED.
