New release v04102017 3.0

Author: rurban

ChangeLog

@@ -1,7 +1,7 @@
 
                 ChangeLog file for safeclib
 
-Changes in vxx092017 3.0.0
+Changes in v04102017 3.0.0
         - Added mingw cross-compilation support and changes.
         The MINGW_HAS_SECURE_API deviates in strtok_s, vsnprintf_s, wcstok_s
         from C11 in w64, and in vswprintf for w32. (!__STRICT_ANSI__).
@@ -23,11 +23,12 @@ Changes in vxx092017 3.0.0
         plus all the new C11 functions.
         defines SAFECLIB_DISABLE_EXTENSIONS
         - Rearranged src layout
-        - Macrofied many more tests
+        - Macrofied many more tests, add CHECK_SLACK, errnot_t return and ERRNO checks.
         - Improved some tests for old gcc -ansi (c89) memcmp
         - Add unlikely() to improve branch prediction
         - Added --enable-gcov and a gcov target. lcov support not yet,
-        but via gcov2perl and some fixups essentially the same. see build-tools/smoke.sh
+        but via gcov2perl and some fixups essentially the same. See build-tools/smoke.sh
+        - Added a check-valgrind make target with support for BSD make
         - Added all missing safe wchar and multibyte string C11 functions:
         mbsrtowcs_s, mbstowcs_s, wcsrtombs_s, wcstombs_s, wcrtomb_s,
         wctomb_s, wcsnlen_s, wcscpy_s, wcsncpy_s, wcscat_s, wcsncat_s,
@@ -49,14 +50,24 @@ Changes in vxx092017 3.0.0
         - Better debugging support: add .i target
         - Fixed memset32_s for n > RSIZE_MAX_MEM32 ESLEMAX,
         was only RSIZE_MAX_MEM16.
-        - Added the wcsfc_s and wcsnorm_s extensions to be able to compare wide
+        - Added the wcsfc_s, wcsnorm_s, wcsicmp_s extensions to be able to compare wide
         strings.
         - Added --enable-norm-compat to enable the big compatbility modes NFKD, NFKC
         for wcsnorm_s.
         - Added the timingsafe_bcmp and timingsafe_memcmp extensions from OpenBSD,
         and memccpy_s derived from FreeBSD.
         - Changed strtok_s to set errno to ES* values. C11 does nothing,
         but with wcstok_s sets errno to EINVAL.
+        - Changed memset_s, harmonized with C11 API
+        - Changed mem{cpy,move,set}_s with smax/n=0, dependent if compiled with
+        a C11 compiler or not.
+        - Added a C11 compiler probe from latest autoconf git.
+        - Eliminated str/mem/lib inclusion loops. You need to include the right header(s).
+        - Clarify return values for {str,wcs}tok_s
+        - Negative return error values for all printf functions,
+          Make clear that errno is not set with _s violations, only the underlying
+        system call sets it. (EINVAL, EOVERFLOW, EILSEQ, EOF)
+        - Updated from autoconf 2.68 to 2.69
 
 Changes in v30082017 2.1.1
         - Added vsprintf_s, vsnprintf_s. They are C11.

README

@@ -57,9 +57,8 @@ _s variants in the Annex K.  The Microsoft Windows/MINGW secure API did the
 same, but deviated in some functions from the standard. Besides
 Windows only Android's Bionic and Embarcadero implemented this C11
 secure Annex K API so far.
-They are still missing from glibc, musl, FreeBSD and DragonFly libc,
-OpenBSD libc, newlib, dietlibc, uClibc, minilibc.
-
+They are still missing from glibc, musl, FreeBSD, darwin and DragonFly
+libc, OpenBSD libc, newlib, dietlibc, uClibc, minilibc.
 
 Design Considerations
 ---------------------
@@ -70,7 +69,7 @@ to provide a complementary set of functions with like behavior.
 This library is meant to be used on top of all the existing libc's
 which miss the secure C11 functions. Of course tighter integration
 into the system libc would be better, esp. with the printf, scanf and
-IO functions. See the seperate libc-overview.md document.
+IO functions. See the seperate [libc-overview](doc/libc-overview.md) document.
 
 Austin Group Review of ISO/IEC WDTR 24731
 http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1106.txt
@@ -81,15 +80,15 @@ http://en.cppreference.com/w/c
 Stackoverflow discussion:
 https://stackoverflow.com/questions/372980/do-you-use-the-tr-24731-safe-functions
 
-=== Use of errno
+* Use of errno
 
 The TR24731 specification says an implementation may set errno for the
 functions defined in the technical report, but is not required to.  This
 library does not set errno.  The library does use errno return codes as
 required by functional APIs.  Specific Safe C String and Safe C Memory errno
 codes are defined in the safe_errno.h file.
 
-=== Runtime-constraints
+* Runtime-constraints
 
 Per the spec, the library verifies that the calling program does not violate
 the function's runtime-constraints. If a runtime-constraint is violated, the
@@ -115,16 +114,16 @@ RSIZE_MAX::
 	range limit for the safe string functions.  RSIZE_MAX_MEM defines the
 	range limit for the safe memory functions.  The point is that string
 	limits can and should be different from memory limits.
+        There also exist RSIZE_MAX_WSTR, RSIZE_MAX_MEM16, RSIZE_MAX_MEM32.
 
 
-=== Header Files
+* Header Files
 
 The specification states the various functions would be added to existing
 Standard C header files: stdio.h, string.h, etc.  This implementation
-separates the memory related functions into the safe_mem_lib.h header and the
-string related functions into the safe_str_lib.h header.
-You can optionally use the safe_lib.h header to include also non str/mem
-functions.
+separates the memory related functions into the safe_mem_lib.h header, the
+string related functions into the safe_str_lib.h header, and the rest into
+the safe_lib.h header.
 
 The make file builds a single library libsafec-VERSION.a and .so in the
 src/.libs directory.
@@ -145,33 +144,32 @@ library to be built on a wide variety of platforms. See the
 xref:tested-platforms[``Tested Platforms''] section for details on what
 platforms this library was tested on during its development.
 
+Note that the library will behave differently if built with a C11 compiler
+or not. With C11 mem{cpy,move,set}_s smax/n=0 is allowed, before not.
 
-=== Building
+* Building
 
 For those familiar with autotools you can probably skip this part. For those
 not and want to get right to building the code see below. And, for those that
 need additional information see the 'INSTALL' file in the same directory.
 
 .To build you do the following:
-----
-    prompt$ ./build-tools/autogen.sh
-    prompt$ ./configure
-    prompt$ make
-----
+
+    $ ./build-tools/autogen.sh
+    $ ./configure
+    $ make
+
 'autogen.sh' only needs to be run if you are building from the git
 repository. Optionally, you can do ``make check'' if you want to run the unit
 tests.
 
 
-=== Installing
+* Installing
 
 Installation must be preformed by `root`, an `Administrator' on most
 systems. The following is used to install the library.
 
-----
-    prompt$ sudo make install
-----
-
+    $ sudo make install
 
 Safe Linux Kernel Module
 ------------------------
@@ -180,13 +178,13 @@ build infrastructure. Consequently, you have to run a different makefile to
 build the kernel module.
 
 
-=== Building
+* Building
 
 .To build do the following:
-----
-    prompt$ ./configure
-    prompt$ make -f Makefile.kernel
-----
+
+    $ ./configure
+    $ make -f Makefile.kernel
+
 
 This assumes you are compiling on a Linux box and this makefile supports the
 standard kernel build system infrastructure documented in:
@@ -197,7 +195,7 @@ NOTE: If you build the kernel module then wish to build the userspace library
       will fail to build.
 
 
-=== Installing
+* Installing
 
 The kernel module will be found at the root of the source tree called
 'slkm.ko'. The file 'testslkm.ko' are the unit tests run on the userspace
@@ -208,9 +206,10 @@ kernel.
 [[tested-platforms]]
 Tested Platforms
 ----------------
+
 .The library has been tested on the following systems
 - Mac OS X 10.6-11 w/ Apple developer tools and macports (gcc+clang)
-- Linux Debian 10 amd64 glibc 2.24
+- Linux Debian 10 amd64/i386 glibc 2.24
 - Linux Void amd64 musl-1.1.16
 - x86_64-w64-mingw32, i686-w64-mingw32 cross-compiled and tested under wine
 - i386-mingw32 cross-compiled and tested under wine
@@ -224,10 +223,7 @@ Known Issues
 ------------
 1. If you are building the library from the git repository you will have to
    first run build-tools/autogen.sh which runs autoreconf to ``install'' the
-   autotools files and create the configure script. On Mac OSX you may see a
-   warning about ``AC_FOREACH is obsolete'' this can be ignored as the library
-   will still build correctly.
-
+   autotools files and create the configure script.
 
 [bibliography]
 .References