+2012-08-03 Roland McGrath <roland@hack.frob.com>
+
+ * sysdeps/mach/hurd/sys/param.h (MAXSYMLINKS): Macro removed.
+ * sysdeps/mach/hurd/bits/local_lim.h (SYMLOOP_MAX): Macro removed.
+ * sysdeps/mach/hurd/eloop-threshold.h: New file.
+ * hurd/lookup-retry.c (__hurd_file_name_lookup_retry): Use
+ __eloop_threshold instead of SYMLOOP_MAX.
+
+ * sysdeps/generic/eloop-threshold.h: New file.
+ * stdlib/canonicalize.c (__realpath): Use __eloop_threshold instead
+ of MAXSYMLINKS.
+ * elf/chroot_canon.c (chroot_canon): Likewise.
+
2012-08-03 Joseph Myers <joseph@codesourcery.com>
[BZ #13717]
/* Return the canonical absolute name of a given file inside chroot.
- Copyright (C) 1996,1997,1998,1999,2000,2001,2004,2005,2010,2011
- Free Software Foundation, Inc.
+ Copyright (C) 1996-2012 Free Software Foundation, Inc.
This file is part of the GNU C Library.
This program is free software; you can redistribute it and/or modify
#include <string.h>
#include <unistd.h>
#include <limits.h>
-#include <sys/param.h>
#include <sys/stat.h>
#include <errno.h>
#include <stddef.h>
#include <stdint.h>
+#include <eloop-threshold.h>
#include <ldconfig.h>
#ifndef PATH_MAX
char *buf = alloca (PATH_MAX);
size_t len;
- if (++num_links > MAXSYMLINKS)
+ if (++num_links > __eloop_threshold ())
{
__set_errno (ELOOP);
goto error;
#include <fcntl.h>
#include <string.h>
#include <_itoa.h>
+#include <eloop-threshold.h>
/* Translate the error from dir_lookup into the error the user sees. */
static inline error_t
/* Fall through. */
case FS_RETRY_NORMAL:
- if (nloops++ >= SYMLOOP_MAX)
+ if (nloops++ >= __eloop_threshold ())
{
__mach_port_deallocate (__mach_task_self (), *result);
return ELOOP;
dirport = INIT_PORT_CRDIR;
if (*result != MACH_PORT_NULL)
__mach_port_deallocate (__mach_task_self (), *result);
- if (nloops++ >= SYMLOOP_MAX)
+ if (nloops++ >= __eloop_threshold ())
return ELOOP;
file_name = &retryname[1];
break;
/* Return the canonical absolute name of a given file.
- Copyright (C) 1996-2002,2004,2005,2006,2008 Free Software Foundation, Inc.
+ Copyright (C) 1996-2012 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
#include <string.h>
#include <unistd.h>
#include <limits.h>
-#include <sys/param.h>
#include <sys/stat.h>
#include <errno.h>
#include <stddef.h>
+#include <eloop-threshold.h>
#include <shlib-compat.h>
/* Return the canonical absolute name of file NAME. A canonical name
char *buf = __alloca (path_max);
size_t len;
- if (++num_links > MAXSYMLINKS)
+ if (++num_links > __eloop_threshold ())
{
__set_errno (ELOOP);
goto error;
--- /dev/null
+/* Threshold at which to diagnose ELOOP. Generic version.
+ Copyright (C) 2012 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _ELOOP_THRESHOLD_H
+#define _ELOOP_THRESHOLD_H 1
+
+#include <limits.h>
+#include <sys/param.h>
+
+/* POSIX specifies SYMLOOP_MAX as the "Maximum number of symbolic
+ links that can be reliably traversed in the resolution of a
+ pathname in the absence of a loop." This makes it a minimum that
+ we should certainly accept. But it leaves open the possibility
+ that more might sometimes work--just not "reliably".
+
+ For example, Linux implements a complex policy whereby there is a
+ small limit on the number of direct symlink traversals (a symlink
+ to a symlink to a symlink), but larger limit on the total number of
+ symlink traversals overall. Hence the SYMLOOP_MAX number should be
+ the small one, but the limit library functions enforce on users
+ should be the larger one.
+
+ So, we use the larger of the reported SYMLOOP_MAX (if any) and our
+ own constant MIN_ELOOP_THRESHOLD, below. This constant should be
+ large enough that it never rules out a file name and directory tree
+ that the underlying system (i.e. calls to 'open' et al) would
+ resolve successfully. It should be small enough that actual loops
+ are detected without a huge number of iterations. */
+
+#ifndef MIN_ELOOP_THRESHOLD
+# define MIN_ELOOP_THRESHOLD 40
+#endif
+
+/* Return the maximum number of symlink traversals to permit
+ before diagnosing ELOOP. */
+static inline unsigned int __attribute__ ((const))
+__eloop_threshold (void)
+{
+#ifdef SYMLOOP_MAX
+ const int symloop_max = SYMLOOP_MAX;
+#else
+ /* The function is marked 'const' even though we use memory and
+ call a function, because sysconf is required to return the
+ same value in every call and so it must always be safe to
+ call __eloop_threshold exactly once and reuse the value. */
+ static long int sysconf_symloop_max;
+ if (sysconf_symloop_max == 0)
+ sysconf_symloop_max = __sysconf (_SC_SYMLOOP_MAX);
+ const unsigned int symloop_max = (sysconf_symloop_max <= 0
+ ? _POSIX_SYMLOOP_MAX
+ : sysconf_symloop_max);
+#endif
+
+ return MAX (symloop_max, MIN_ELOOP_THRESHOLD);
+}
+
+#endif /* eloop-threshold.h */
/* Minimum guaranteed maximum values for system limits. Hurd version.
- Copyright (C) 1993,94,96,98,2002 Free Software Foundation, Inc.
+ Copyright (C) 1993-2012 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
suitable, and `sysconf' will return a number at least as large. */
#define NGROUPS_MAX 256
-
-/* The maximum number of symbolic links that are allowed in a single file
- name resolution. When a further link is encountered, the call returns
- ELOOP. This name is a GNU extension; POSIX.1 has no such limit, and BSD
- calls it MAXSYMLINKS in <sys/param.h>. (We define the name under
- _BSD_SOURCE even without _GNU_SOURCE because our <sys/param.h> uses it
- to define MAXSYMLINKS.) */
-
-#if defined __USE_GNU || defined __USE_BSD /* 1003.1a defines this */
-#define SYMLOOP_MAX 8
-#endif
--- /dev/null
+/* Threshold at which to diagnose ELOOP. Hurd version.
+ Copyright (C) 2012 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#ifndef _ELOOP_THRESHOLD_H
+#define _ELOOP_THRESHOLD_H 1
+
+/* Return the maximum number of symlink traversals to permit
+ before diagnosing ELOOP.
+
+ In the Hurd version, here we are actually setting the only policy
+ there is on the system. We use a literal number here rather than
+ defining SYMLOOP_MAX so that programs don't compile in a number
+ but instead use sysconf and the number can be changed here to
+ affect sysconf's result. */
+
+static inline unsigned int __attribute__ ((const))
+__eloop_threshold (void)
+{
+ return 32;
+}
+
+#endif /* eloop-threshold.h */
-/* Copyright (C) 1993,1994,1995,1997,1999,2011 Free Software Foundation, Inc.
+/* Copyright (C) 1993-2012 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
#define NBBY CHAR_BIT
#define NGROUPS NGROUPS_MAX
-#define MAXSYMLINKS SYMLOOP_MAX
#define CANBSIZ MAX_CANON /* XXX ? */
/* ARG_MAX is unlimited, but we define NCARGS for BSD programs that want to
--- /dev/null
+/* Return values of system parameters. Hurd version.
+ Copyright (C) 2012 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <limits.h>
+#include <unistd.h>
+
+#include <eloop-threshold.h>
+
+#define SYMLOOP_MAX (__eloop_threshold ())
+
+#include <sysdeps/posix/sysconf.c>