lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <aVzs4-Ya6OwfetSG@1wt.eu>
Date: Tue, 6 Jan 2026 12:07:15 +0100
From: Willy Tarreau <w@....eu>
To: Thomas Weißschuh <linux@...ssschuh.net>
Cc: David Laight <david.laight.linux@...il.com>,
        Daniel Palmer <daniel@...ngy.jp>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] tools/nolibc: Add fread() to stdio.h

On Tue, Jan 06, 2026 at 12:02:18PM +0100, Thomas Weißschuh wrote:
> On 2026-01-05 11:01:42+0000, David Laight wrote:
> > On Mon, 5 Jan 2026 18:43:03 +0900
> > Daniel Palmer <daniel@...ngy.jp> wrote:
> > > On Mon, 5 Jan 2026 at 18:27, David Laight <david.laight.linux@...il.com> wrote:
> > > > But you've deleted the partial bytes from the input.
> > > > I'm sure that isn't right.
> > > > Normally a FILE is buffered and the bytes are saved for the next read.
> > > > Remember you can be reading from a pipe that is being written using
> > > > 'block buffering' - so it is valid for only a partial 'item' be read.
> > > > (I'm sure non-blocking IO is also valid...)  
> > > 
> > > I see now. If a partial read happens, the next call to fread() will
> > > read from after the end of the partial read that happened and it'll be
> > > broken.
> > > Since in nolibc the FILE pointer that gets used isn't really a pointer
> > > but the file descriptor I'm not sure where we'd stash the partial part
> > > so we need to avoid doing the partial read entirely.
> > 
> > Except you can't really avoid the partial read.
> > Doing multiple read() system calls doesn't help.
> > The situation where it can happen probably doesn't happen for nolibc.
> 
> > Is there support for ferror() and/or feof() ?
> > (a global 'u8 fstate[64]' indexed by fd number would probably suffice.)
> > If so you could set the 'error' bit and then error any further fread()s.
> 
> No, neither of them is currently supported.
> Given that the support for 'FILE *' is obviously somewhat limited in
> general and the existing fwrite() shares the same issues, I am leaning
> towards picking up these patches. We can then find a proper solution.
> 
> Users trying to use these APIs really correctly will quite fast find out
> that ferror() and feof() are missing.

I agree with you. The lib's called "nolibc" for a reason: it's not a
full-featured libc. Users have to accept some limitations.

> The only real solution for partial writes that I see with the current
> architecture is to limit the 'size' argument to '1'.

I thought about this as well but I don't know if it will be more
annoying than helpful...

> Maybe even with a static assertion. But there still won't be any way to
> properly signal the issue to the caller. Not that ferror() could
> distinguish the types of error in any case...

Let's see with the current patch how it goes. The first reported issues
(if any) will help us lean in the most desirable direction.

Willy

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ