[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug mass-filing: Broken packages using errno without including errno.h



Unfortunately some Debian packages use errno without #include
<errno.h>.
This is very bad because glibc has a #define errno
(*__errno_location()) and programs not including <errno.h> will
instead use the errno@@GLIBC_2.0 symbol.

Older version of glibc stored a pointer to the thread's errno in the
thread structure, so the programs still worked.
Newer versions with TLS support enabled, which is necessary to use the
superior Native Posix Threads Library (NPTL), instead store errno
directly in the TLS.
These versions of glibc also no longer provide the errno symbol.

When ELF programs use errno, they reference a fixed address in the
.bss section and have a copy relocation against errno and the
address.
The dynamic loader copies the initial value to the .bss errno and
links every other module to the errno in the program's .bss section.

Unfortunately, this makes working around the problem for programs
impossible.

For shared libraries it is possible to work around it, but the glibc
maintainers may decide to not do it for performance reasons.


As a result using errno without #include <errno.h> is a very serious
bug, and packages doing it should be fixed and recompiled.
It is usually possible to get a correct package simply by setting
CC="gcc -include /usr/include/errno.h".
The proper fix is instead to add a #include <errno.h> at the start of
any C/C++ file using errno.

Affected binaries and libraries may be found with the following
command:
for i in {/usr,}/{{s,}bin,lib}/*; do if ! test -L $i && readelf -a $i \
2>/dev/null|grep -q -w -E 'errno@?@GLIBC_2.0'; then echo $i; fi; done

This is the output on my machine:

/usr/bin/ar86
/usr/bin/cvpasswd
/usr/bin/cvsup
/usr/bin/dosemu.bin
/usr/bin/makedb
/usr/bin/mysql
/usr/bin/orp
/usr/bin/paperconf
/usr/lib/libkrb4.so.2.0
/usr/lib/liblecternserver.so.1
/usr/lib/libm3core.so.1
/usr/lib/libm3.so.1
/usr/lib/libm3tcp.so.1
/usr/lib/libmysqlclient.so.10.0.0
/usr/lib/libtcpextras.so.1
/sbin/mkdosfs
/sbin/pivot_root
/sbin/portmap

Please authorize to file bugs against the owner packages (which
severity?) and check whether your packages are affected.

I suggest to add a lintian check for this and a policy rule to
#include <errno.h> before using errno.

Attachment: pgpC6amSMuVDR.pgp
Description: PGP signature


Reply to: