From 9d24271d86eb45ed569467cc8d6ef0f491778f26 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Tue, 12 Apr 2016 22:28:49 +0200 Subject: Fix os.urandom() on Solaris 11.3 Issue #26735: Fix os.urandom() on Solaris 11.3 and newer when reading more than 1,024 bytes: call getrandom() multiple times with a limit of 1024 bytes per call. --- Misc/NEWS | 4 ++++ Python/random.c | 17 ++++++++++++----- 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/Misc/NEWS b/Misc/NEWS index 2ce0620..dbebc76 100644 --- a/Misc/NEWS +++ b/Misc/NEWS @@ -102,6 +102,10 @@ Core and Builtins Library ------- +- Issue #26735: Fix :func:`os.urandom` on Solaris 11.3 and newer when reading + more than 1,024 bytes: call ``getrandom()`` multiple times with a limit of + 1024 bytes per call. + - Issue #16329: Add .webm to mimetypes.types_map. Patch by Giampaolo Rodola'. - Issue #13952: Add .csv to mimetypes.types_map. Patch by Geoff Wilson. diff --git a/Python/random.c b/Python/random.c index 772bfef..79157b8 100644 --- a/Python/random.c +++ b/Python/random.c @@ -131,16 +131,23 @@ py_getrandom(void *buffer, Py_ssize_t size, int raise) return 0; while (0 < size) { - errno = 0; +#ifdef sun + /* Issue #26735: On Solaris, getrandom() is limited to returning up + to 1024 bytes */ + n = Py_MIN(size, 1024); +#else + n = size; +#endif + errno = 0; #ifdef HAVE_GETRANDOM if (raise) { Py_BEGIN_ALLOW_THREADS - n = getrandom(buffer, size, flags); + n = getrandom(buffer, n, flags); Py_END_ALLOW_THREADS } else { - n = getrandom(buffer, size, flags); + n = getrandom(buffer, n, flags); } #else /* On Linux, use the syscall() function because the GNU libc doesn't @@ -148,11 +155,11 @@ py_getrandom(void *buffer, Py_ssize_t size, int raise) * https://sourceware.org/bugzilla/show_bug.cgi?id=17252 */ if (raise) { Py_BEGIN_ALLOW_THREADS - n = syscall(SYS_getrandom, buffer, size, flags); + n = syscall(SYS_getrandom, buffer, n, flags); Py_END_ALLOW_THREADS } else { - n = syscall(SYS_getrandom, buffer, size, flags); + n = syscall(SYS_getrandom, buffer, n, flags); } #endif -- cgit v0.12 From 1b80b24007154d1f5764b1c14b95c80289cd3c34 Mon Sep 17 00:00:00 2001 From: Victor Stinner Date: Tue, 12 Apr 2016 22:34:58 +0200 Subject: configure: fix HAVE_GETRANDOM_SYSCALL check syscall() function requires #include . --- configure | 1 + configure.ac | 167 ++++++++++++++++++++++++++++++----------------------------- 2 files changed, 85 insertions(+), 83 deletions(-) diff --git a/configure b/configure index 6f26a36..0eff26d 100755 --- a/configure +++ b/configure @@ -16276,6 +16276,7 @@ cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ + #include #include int main() { diff --git a/configure.ac b/configure.ac index e7d7bfc..7149830 100644 --- a/configure.ac +++ b/configure.ac @@ -86,7 +86,7 @@ dnl can cause trouble. dnl Last slash shouldn't be stripped if prefix=/ if test "$prefix" != "/"; then prefix=`echo "$prefix" | sed -e 's/\/$//g'` -fi +fi dnl This is for stuff that absolutely must end up in pyconfig.h. dnl Please use pyport.h instead, if possible. @@ -178,7 +178,7 @@ AC_ARG_ENABLE(universalsdk, fi ;; esac - + ],[ UNIVERSALSDK= enable_universalsdk= @@ -240,7 +240,7 @@ AC_ARG_ENABLE(framework, AS_HELP_STRING([--enable-framework@<:@=INSTALLDIR@:>@], [Build (MacOSX|Darwin) framework]), [ case $enableval in - yes) + yes) enableval=/Library/Frameworks esac case $enableval in @@ -297,7 +297,7 @@ AC_ARG_ENABLE(framework, FRAMEWORKINSTALLAPPSPREFIX="${MDIR}/Applications" if test "${prefix}" = "NONE"; then - # User hasn't specified the + # User hasn't specified the # --prefix option, but wants to install # the framework in a non-default location, # ensure that the compatibility links get @@ -442,7 +442,7 @@ case $ac_sys_system/$ac_sys_release in # Reconfirmed for OpenBSD 3.3 by Zachary Hamm, for 3.4 by Jason Ish. # In addition, Stefan Krah confirms that issue #1244610 exists through # OpenBSD 4.6, but is fixed in 4.7. - OpenBSD/2.* | OpenBSD/3.* | OpenBSD/4.@<:@0123456@:>@) + OpenBSD/2.* | OpenBSD/3.* | OpenBSD/4.@<:@0123456@:>@) define_xopen_source=no # OpenBSD undoes our definition of __BSD_VISIBLE if _XOPEN_SOURCE is # also defined. This can be overridden by defining _BSD_SOURCE @@ -480,12 +480,12 @@ case $ac_sys_system/$ac_sys_release in # with _XOPEN_SOURCE and __BSD_VISIBLE does not re-enable them. FreeBSD/4.*) define_xopen_source=no;; - # On MacOS X 10.2, a bug in ncurses.h means that it craps out if + # On MacOS X 10.2, a bug in ncurses.h means that it craps out if # _XOPEN_EXTENDED_SOURCE is defined. Apparently, this is fixed in 10.3, which # identifies itself as Darwin/7.* # On Mac OS X 10.4, defining _POSIX_C_SOURCE or _XOPEN_SOURCE # disables platform specific features beyond repair. - # On Mac OS X 10.3, defining _POSIX_C_SOURCE or _XOPEN_SOURCE + # On Mac OS X 10.3, defining _POSIX_C_SOURCE or _XOPEN_SOURCE # has no effect, don't bother defining them Darwin/@<:@6789@:>@.*) define_xopen_source=no;; @@ -690,7 +690,7 @@ AC_ARG_WITH(cxx_main, AS_HELP_STRING([--with-cxx-main=], [compile main() and link python executable with C++ compiler]), [ - + case $withval in no) with_cxx_main=no MAINCC='$(CC)';; @@ -870,7 +870,7 @@ if test x$PLATFORM_TRIPLET != x && test x$MULTIARCH != x; then if test x$PLATFORM_TRIPLET != x$MULTIARCH; then AC_MSG_ERROR([internal configure error for the platform triplet, please file a bug report]) fi -fi +fi PLATDIR=plat-$MACHDEP AC_SUBST(PLATDIR) AC_SUBST(PLATFORM_TRIPLET) @@ -959,7 +959,7 @@ AC_MSG_RESULT($LIBRARY) # systems without shared libraries, LDLIBRARY is the same as LIBRARY # (defined in the Makefiles). On Cygwin LDLIBRARY is the import library, # DLLLIBRARY is the shared (i.e., DLL) library. -# +# # RUNSHARED is used to run shared python without installed libraries # # INSTSONAME is the name of the shared library that will be use to install @@ -987,7 +987,7 @@ LDVERSION="$VERSION" # If CXX is set, and if it is needed to link a main function that was # compiled with CXX, LINKCC is CXX instead. Always using CXX is undesirable: # python might then depend on the C++ runtime -# This is altered for AIX in order to build the export list before +# This is altered for AIX in order to build the export list before # linking. AC_SUBST(LINKCC) AC_MSG_CHECKING(LINKCC) @@ -1041,7 +1041,7 @@ AC_ARG_ENABLE(shared, AS_HELP_STRING([--enable-shared], [disable/enable building shared python library])) if test -z "$enable_shared" -then +then case $ac_sys_system in CYGWIN*) enable_shared="yes";; @@ -1086,7 +1086,7 @@ then BLDLIBRARY='' else BLDLIBRARY='$(LDLIBRARY)' -fi +fi # Other platforms follow if test $enable_shared = "yes"; then @@ -1221,14 +1221,14 @@ ABIFLAGS="" # Check for --with-pydebug AC_MSG_CHECKING(for --with-pydebug) -AC_ARG_WITH(pydebug, +AC_ARG_WITH(pydebug, AS_HELP_STRING([--with-pydebug], [build with Py_DEBUG defined]), [ if test "$withval" != no -then - AC_DEFINE(Py_DEBUG, 1, - [Define if you want to build an interpreter with many run-time checks.]) - AC_MSG_RESULT(yes); +then + AC_DEFINE(Py_DEBUG, 1, + [Define if you want to build an interpreter with many run-time checks.]) + AC_MSG_RESULT(yes); Py_DEBUG='true' ABIFLAGS="${ABIFLAGS}d" else AC_MSG_RESULT(no); Py_DEBUG='false' @@ -1696,7 +1696,7 @@ int main(){ AC_MSG_RESULT($ac_cv_pthread_is_default) -if test $ac_cv_pthread_is_default = yes +if test $ac_cv_pthread_is_default = yes then ac_cv_kpthread=no else @@ -1795,14 +1795,14 @@ ac_save_cxx="$CXX" if test "$ac_cv_kpthread" = "yes" then - CXX="$CXX -Kpthread" + CXX="$CXX -Kpthread" ac_cv_cxx_thread=yes elif test "$ac_cv_kthread" = "yes" then CXX="$CXX -Kthread" ac_cv_cxx_thread=yes elif test "$ac_cv_pthread" = "yes" -then +then CXX="$CXX -pthread" ac_cv_cxx_thread=yes fi @@ -1950,11 +1950,11 @@ if test "$use_lfs" = "yes"; then # These may affect some typedefs case $ac_sys_system/$ac_sys_release in AIX*) - AC_DEFINE(_LARGE_FILES, 1, + AC_DEFINE(_LARGE_FILES, 1, [This must be defined on AIX systems to enable large file support.]) ;; esac -AC_DEFINE(_LARGEFILE_SOURCE, 1, +AC_DEFINE(_LARGEFILE_SOURCE, 1, [This must be defined on some systems to enable large file support.]) AC_DEFINE(_FILE_OFFSET_BITS, 64, [This must be set to 64 on some systems to enable large file support.]) @@ -2018,7 +2018,7 @@ AC_CHECK_SIZEOF(pid_t, 4) AC_MSG_CHECKING(for long long support) have_long_long=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[long long x; x = (long long)0;]])],[ - AC_DEFINE(HAVE_LONG_LONG, 1, [Define this if you have the type long long.]) + AC_DEFINE(HAVE_LONG_LONG, 1, [Define this if you have the type long long.]) have_long_long=yes ],[]) AC_MSG_RESULT($have_long_long) @@ -2029,7 +2029,7 @@ fi AC_MSG_CHECKING(for long double support) have_long_double=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[long double x; x = (long double)0;]])],[ - AC_DEFINE(HAVE_LONG_DOUBLE, 1, [Define this if you have the type long double.]) + AC_DEFINE(HAVE_LONG_DOUBLE, 1, [Define this if you have the type long double.]) have_long_double=yes ],[]) AC_MSG_RESULT($have_long_double) @@ -2041,7 +2041,7 @@ fi AC_MSG_CHECKING(for _Bool support) have_c99_bool=no AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[]], [[_Bool x; x = (_Bool)0;]])],[ - AC_DEFINE(HAVE_C99_BOOL, 1, [Define this if you have the type _Bool.]) + AC_DEFINE(HAVE_C99_BOOL, 1, [Define this if you have the type _Bool.]) have_c99_bool=yes ],[]) AC_MSG_RESULT($have_c99_bool) @@ -2049,8 +2049,8 @@ if test "$have_c99_bool" = yes ; then AC_CHECK_SIZEOF(_Bool, 1) fi -AC_CHECK_TYPES(uintptr_t, - [AC_CHECK_SIZEOF(uintptr_t, 4)], +AC_CHECK_TYPES(uintptr_t, + [AC_CHECK_SIZEOF(uintptr_t, 4)], [], [#ifdef HAVE_STDINT_H #include #endif @@ -2069,7 +2069,7 @@ if test "$have_long_long" = yes then if test "$ac_cv_sizeof_off_t" -gt "$ac_cv_sizeof_long" -a \ "$ac_cv_sizeof_long_long" -ge "$ac_cv_sizeof_off_t"; then - AC_DEFINE(HAVE_LARGEFILE_SUPPORT, 1, + AC_DEFINE(HAVE_LARGEFILE_SUPPORT, 1, [Defined to enable large file support when an off_t is bigger than a long and long long is available and at least as big as an off_t. You may need to add some flags for configuration and compilation to enable this mode. @@ -2118,7 +2118,7 @@ CC="$ac_save_cc" AC_SUBST(OTHER_LIBTOOL_OPT) case $ac_sys_system/$ac_sys_release in - Darwin/@<:@01567@:>@\..*) + Darwin/@<:@01567@:>@\..*) OTHER_LIBTOOL_OPT="-prebind -seg1addr 0x10000000" ;; Darwin/*) @@ -2129,7 +2129,7 @@ esac AC_SUBST(LIBTOOL_CRUFT) case $ac_sys_system/$ac_sys_release in - Darwin/@<:@01567@:>@\..*) + Darwin/@<:@01567@:>@\..*) LIBTOOL_CRUFT="-framework System -lcc_dynamic" if test "${enable_universalsdk}"; then : @@ -2143,7 +2143,7 @@ case $ac_sys_system/$ac_sys_release in if test ${gcc_version} '<' 4.0 then LIBTOOL_CRUFT="-lcc_dynamic" - else + else LIBTOOL_CRUFT="" fi AC_RUN_IFELSE([AC_LANG_SOURCE([[ @@ -2157,14 +2157,14 @@ case $ac_sys_system/$ac_sys_release in } } ]])],[ac_osx_32bit=yes],[ac_osx_32bit=no],[ac_osx_32bit=yes]) - + if test "${ac_osx_32bit}" = "yes"; then case `/usr/bin/arch` in - i386) - MACOSX_DEFAULT_ARCH="i386" + i386) + MACOSX_DEFAULT_ARCH="i386" ;; - ppc) - MACOSX_DEFAULT_ARCH="ppc" + ppc) + MACOSX_DEFAULT_ARCH="ppc" ;; *) AC_MSG_ERROR([Unexpected output of 'arch' on OSX]) @@ -2172,11 +2172,11 @@ case $ac_sys_system/$ac_sys_release in esac else case `/usr/bin/arch` in - i386) - MACOSX_DEFAULT_ARCH="x86_64" + i386) + MACOSX_DEFAULT_ARCH="x86_64" ;; - ppc) - MACOSX_DEFAULT_ARCH="ppc64" + ppc) + MACOSX_DEFAULT_ARCH="ppc64" ;; *) AC_MSG_ERROR([Unexpected output of 'arch' on OSX]) @@ -2193,9 +2193,9 @@ AC_MSG_CHECKING(for --enable-framework) if test "$enable_framework" then BASECFLAGS="$BASECFLAGS -fno-common -dynamic" - # -F. is needed to allow linking to the framework while + # -F. is needed to allow linking to the framework while # in the build location. - AC_DEFINE(WITH_NEXT_FRAMEWORK, 1, + AC_DEFINE(WITH_NEXT_FRAMEWORK, 1, [Define if you want to produce an OpenStep/Rhapsody framework (shared library plus accessory files).]) AC_MSG_RESULT(yes) @@ -2210,7 +2210,7 @@ fi AC_MSG_CHECKING(for dyld) case $ac_sys_system/$ac_sys_release in Darwin/*) - AC_DEFINE(WITH_DYLD, 1, + AC_DEFINE(WITH_DYLD, 1, [Define if you want to use the new-style (Openstep, Rhapsody, MacOS) dynamic linker (dyld) instead of the old-style (NextStep) dynamic linker (rld). Dyld is necessary to support frameworks.]) @@ -2260,7 +2260,7 @@ then ;; IRIX/5*) LDSHARED="ld -shared";; IRIX*/6*) LDSHARED="ld ${SGI_ABI} -shared -all";; - SunOS/5*) + SunOS/5*) if test "$GCC" = "yes" ; then LDSHARED='$(CC) -shared' LDCXXSHARED='$(CXX) -shared' @@ -2436,7 +2436,7 @@ then BSD/OS/4*) LINKFORSHARED="-Xlinker -export-dynamic";; Linux*|GNU*) LINKFORSHARED="-Xlinker -export-dynamic";; # -u libsys_s pulls in all symbols in libsys - Darwin/*) + Darwin/*) LINKFORSHARED="$extra_undefs -framework CoreFoundation" # Issue #18075: the default maximum stack size (8MBytes) is too @@ -2452,7 +2452,7 @@ then OpenUNIX*|UnixWare*) LINKFORSHARED="-Wl,-Bexport";; SCO_SV*) LINKFORSHARED="-Wl,-Bexport";; ReliantUNIX*) LINKFORSHARED="-W1 -Blargedynsym";; - FreeBSD*|NetBSD*|OpenBSD*|DragonFly*) + FreeBSD*|NetBSD*|OpenBSD*|DragonFly*) if [[ "`$CC -dM -E - ]], [[getpgrp(0);]])], [AC_DEFINE(GETPGRP_HAVE_ARG, 1, [Define if getpgrp() must be called as getpgrp(0).])], []) @@ -3544,7 +3544,7 @@ AC_CHECK_FUNCS(setpgrp, [AC_DEFINE(SETPGRP_HAVE_ARG, 1, [Define if setpgrp() must be called as setpgrp(0, 0).])], []) ) -AC_CHECK_FUNCS(gettimeofday, +AC_CHECK_FUNCS(gettimeofday, AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[#include ]], [[gettimeofday((struct timeval*)0,(struct timezone*)0);]])], [], @@ -3589,7 +3589,7 @@ AC_LINK_IFELSE([AC_LANG_PROGRAM([[ ]) # On OSF/1 V5.1, getaddrinfo is available, but a define -# for [no]getaddrinfo in netdb.h. +# for [no]getaddrinfo in netdb.h. AC_MSG_CHECKING(for getaddrinfo) AC_LINK_IFELSE([AC_LANG_PROGRAM([[ #include @@ -3749,7 +3749,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ ]], [[;]])],[ AC_DEFINE(SYS_SELECT_WITH_SYS_TIME, 1, [Define if you can safely include both and - (which you can't on SCO ODT 3.0).]) + (which you can't on SCO ODT 3.0).]) was_it_defined=yes ],[]) AC_MSG_RESULT($was_it_defined) @@ -3800,8 +3800,8 @@ AC_MSG_RESULT($works) have_prototypes=no AC_MSG_CHECKING(for prototypes) AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[int foo(int x) { return 0; }]], [[return foo(10);]])], - [AC_DEFINE(HAVE_PROTOTYPES, 1, - [Define if your compiler supports function prototype]) + [AC_DEFINE(HAVE_PROTOTYPES, 1, + [Define if your compiler supports function prototype]) have_prototypes=yes], [] ) @@ -3822,7 +3822,7 @@ int foo(int x, ...) { ]], [[return foo(10, "", 3.14);]])],[ AC_DEFINE(HAVE_STDARG_PROTOTYPES, 1, [Define if your compiler supports variable length function prototypes - (e.g. void fprintf(FILE *, char *, ...);) *and* ]) + (e.g. void fprintf(FILE *, char *, ...);) *and* ]) works=yes ],[]) AC_MSG_RESULT($works) @@ -3857,7 +3857,7 @@ AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ #include #endif ]], [[va_list list1, list2; list1 = list2;]])],[],[ - AC_DEFINE(VA_LIST_IS_ARRAY, 1, [Define if a va_list is an array of some kind]) + AC_DEFINE(VA_LIST_IS_ARRAY, 1, [Define if a va_list is an array of some kind]) va_list_is_array=yes ]) AC_MSG_RESULT($va_list_is_array) @@ -3952,9 +3952,9 @@ AC_ARG_WITH(fpectl, AS_HELP_STRING([--with-fpectl], [enable SIGFPE catching]), [ if test "$withval" != no -then +then AC_DEFINE(WANT_SIGFPE_HANDLER, 1, - [Define if you want SIGFPE handled (see Include/pyfpe.h).]) + [Define if you want SIGFPE handled (see Include/pyfpe.h).]) AC_MSG_RESULT(yes) else AC_MSG_RESULT(no) fi], @@ -4325,8 +4325,8 @@ AC_DEFINE_UNQUOTED(PYLONG_BITS_IN_DIGIT, $enable_big_digits, [Define as the pref # check for wchar.h AC_CHECK_HEADER(wchar.h, [ - AC_DEFINE(HAVE_WCHAR_H, 1, - [Define if the compiler provides a wchar.h header file.]) + AC_DEFINE(HAVE_WCHAR_H, 1, + [Define if the compiler provides a wchar.h header file.]) wchar_h="yes" ], wchar_h="no" @@ -4609,7 +4609,7 @@ then [Define if poll() sets errno on invalid file descriptors.]) fi -# Before we can test tzset, we need to check if struct tm has a tm_zone +# Before we can test tzset, we need to check if struct tm has a tm_zone # (which is not required by ISO C or UNIX spec) and/or if we support # tzname[] AC_STRUCT_TIMEZONE @@ -4635,7 +4635,7 @@ int main() tm->tm_zone does not exist since it is the alternative way of getting timezone info. - Red Hat 6.2 doesn't understand the southern hemisphere + Red Hat 6.2 doesn't understand the southern hemisphere after New Year's Day. */ @@ -4648,7 +4648,7 @@ int main() exit(1); #if HAVE_TZNAME /* For UTC, tzname[1] is sometimes "", sometimes " " */ - if (strcmp(tzname[0], "UTC") || + if (strcmp(tzname[0], "UTC") || (tzname[1][0] != 0 && tzname[1][0] != ' ')) exit(1); #endif @@ -4766,7 +4766,7 @@ AC_MSG_RESULT($ac_cv_window_has_flags) if test "$ac_cv_window_has_flags" = yes then - AC_DEFINE(WINDOW_HAS_FLAGS, 1, + AC_DEFINE(WINDOW_HAS_FLAGS, 1, [Define if WINDOW in curses.h offers a field _flags.]) fi @@ -4965,7 +4965,7 @@ AC_MSG_RESULT($ac_cv_broken_mbstowcs) if test "$ac_cv_broken_mbstowcs" = yes then AC_DEFINE(HAVE_BROKEN_MBSTOWCS, 1, - [Define if mbstowcs(NULL, "text", 0) does not return the number of + [Define if mbstowcs(NULL, "text", 0) does not return the number of wide chars that would be converted.]) fi @@ -4976,15 +4976,15 @@ AC_ARG_WITH(computed-gotos, [Use computed gotos in evaluation loop (enabled by default on supported compilers)]), [ if test "$withval" = yes -then +then AC_DEFINE(USE_COMPUTED_GOTOS, 1, - [Define if you want to use computed gotos in ceval.c.]) + [Define if you want to use computed gotos in ceval.c.]) AC_MSG_RESULT(yes) fi if test "$withval" = no -then +then AC_DEFINE(USE_COMPUTED_GOTOS, 0, - [Define if you want to use computed gotos in ceval.c.]) + [Define if you want to use computed gotos in ceval.c.]) AC_MSG_RESULT(no) fi ], @@ -5018,7 +5018,7 @@ case "$ac_cv_computed_gotos" in yes*) esac case $ac_sys_system in -AIX*) +AIX*) AC_DEFINE(HAVE_BROKEN_PIPE_BUF, 1, [Define if the system reports an invalid PIPE_BUF value.]) ;; esac @@ -5204,6 +5204,7 @@ AC_MSG_CHECKING(for the Linux getrandom() syscall) AC_LINK_IFELSE( [ AC_LANG_SOURCE([[ + #include #include int main() { -- cgit v0.12