From nobody Thu Jan 13 10:25:39 2022 X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id E6B8519557B4; Thu, 13 Jan 2022 10:25:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4JZLDM3clcz3HfM; Thu, 13 Jan 2022 10:25:39 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642069539; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zJILUWn5EQIOEYGMrbPaT4Ay5L2k6o0aHZ4M5qcnQg0=; b=XGsnYbxJioNdqVyGgnwIy3IjRhNu32xpBpJFzGLetJfIYgrsvFqNO7pIIJaIf7YqodskX+ 3yH1tGwh/xG59+hj0IWtgEx0G+uaLQzZ7Ys6CycsnJIVdjMKEExg4lAA+75B1e70if3Ndb 5U2EwPkJM5rOjML6jr6CymkA6A3ZoWvd9m6SFaa2/LLvTDm5kvzSdrmfkK+xnpaejBEkU7 39cYXqcHC4IwfbQU4CVqYqfrlTcGQQ1huR2ySjK38nZAu8OVe4YqO/7DMbtv2KjPd8ldji A3BNaQvnLg83AfT/BMcKcurWL4oDrbEPUtfQLybkJr5Hb91ExP64+m+fRNDndQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4F1851EE8E; Thu, 13 Jan 2022 10:25:39 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 20DAPdFk049449; Thu, 13 Jan 2022 10:25:39 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 20DAPd82049448; Thu, 13 Jan 2022 10:25:39 GMT (envelope-from git) Date: Thu, 13 Jan 2022 10:25:39 GMT Message-Id: <202201131025.20DAPd82049448@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: =?utf-8?Q?Stefan E=C3=9Fer?= Subject: git: d106f982a54c - main - qsort.c: prevent undefined behavior List-Id: Commit messages for all branches of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-all@freebsd.org X-BeenThere: dev-commits-src-all@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: se X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: d106f982a54cd299671ccad58bc456138a22ae7b Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642069539; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=zJILUWn5EQIOEYGMrbPaT4Ay5L2k6o0aHZ4M5qcnQg0=; b=ePt+wmYLQlnC3LEw0t9DRP5mqU+wlRyZ8+mr/lN6GFtiyB+1YT0fGL0qFwBXaYk9sNlm+p Nq76oWE9X7r2DJHZqaDAIDKfNY7Jx24yf3HR4pfnpYiBgtMr8O/69HZOCD3h2EHvXmXeLe AAJZvoFEemdJKG71jwjtAE/IAIToxO8viw1T9YfTfSNoR6r0MrRC2RbZdfO7SAylBnMUqo 0nkAqbpMLO2gdHEjWMmk+spQQdcLdxFIile+MBMa2oT8/UszbSOChNnamOtJtFeMpczM3/ mbl3+r+UPiYjabdr3RAtvScdvJi4lap6Zuuize9s1t0nhfGkmWgiwW4eTqJI8A== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642069539; a=rsa-sha256; cv=none; b=RzNcgR2dNIXGgkhFUl72lubqFdBfPR0vBvNcjLsBArlHT9Z8uvh0l9t7UvHi4c6iS55V3z ST8IZIWIXEdCsuOSzg4U5/W47BR1wdb4ZI329CZ7blKk3x00ch5zmctP35LOLcY3uWgaZa rGHv3rgP6+JWnUin+QTZF/ceDnFsOMYjmai9oZNg1060gKQRmSLGZaml9EiEBvxNDsSX1i CsWKLQp4aW8muHSIPMNWESp+pEsP8VJZehIg75Lf1IIjNQ4IzuzbtWGcDqH6x8w86XLybL dCG/IKKhQwxZDXO6quLkcOdst3kxNDvhHTqhV8qFZmDJuNxhiN2GKLriS2xZUA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by se: URL: https://cgit.FreeBSD.org/src/commit/?id=d106f982a54cd299671ccad58bc456138a22ae7b commit d106f982a54cd299671ccad58bc456138a22ae7b Author: Stefan Eßer AuthorDate: 2022-01-13 10:09:38 +0000 Commit: Stefan Eßer CommitDate: 2022-01-13 10:09:38 +0000 qsort.c: prevent undefined behavior Mark Milliard has detected a case of undefined behavior with the LLVM UBSAN. The mandoc program called qsort with a==NULL and n==0, which is allowed by the POSIX standard. The qsort() in FreeBSD did not attempt to perform any accesses using the passed pointer for n==0, but it did add an offset to the pointer value, which is undefined behavior in case of a NULL pointer. This operation has no adverse effects on any achitecture supported by FreeBSD, but could be caught in more strict environments. After some discussion in the freebsd-current mail list, it was concluded that the case of a==NULL and n!=0 should still be caught by UBSAN (or cause a program abort due to an illegal access) in order to not hide errors in programs incorrectly invoking qsort(). Only the the case of a==NULL and n==0 should be fixed to not perform the undefined operation on a NULL pointer. This commit makes qsort() exit before reaching the point of potentially undefined behvior for the case n==0, but does not test the value of a, since the result will not depend on whether this pointer is NULL or an actual pointer to an array if n==0. The issue found by Mark Milliard in the whatis command has been reported to the upstream (OpenBSD) and has already been patched there. MFC after: 1 week --- lib/libc/stdlib/qsort.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/libc/stdlib/qsort.c b/lib/libc/stdlib/qsort.c index 5016fff7895f..0b99c04507d3 100644 --- a/lib/libc/stdlib/qsort.c +++ b/lib/libc/stdlib/qsort.c @@ -108,6 +108,8 @@ local_qsort(void *a, size_t n, size_t es, cmp_t *cmp, void *thunk) int cmp_result; int swap_cnt; + if (__predict_false(n == 0)) + return; loop: swap_cnt = 0; if (n < 7) {