From: Tulio A M Mendes <tadryanom@hotmail.com>
Date: Tue, 26 May 2026 05:26:20 +0000 (-0300)
Subject: security: fix fcntl/openat varargs handling (Fase 3)
X-Git-Url: https://projects.tadryanom.me/?a=commitdiff_plain;h=6b2e0e49cc1c3c4de9cc0e6b66793801bde87a58;p=AdrOS.git

security: fix fcntl/openat varargs handling (Fase 3)
---

diff --git a/newlib/libgloss/adros/posix_stubs.c b/newlib/libgloss/adros/posix_stubs.c
index 0b747381..1e2fe938 100644
--- a/newlib/libgloss/adros/posix_stubs.c
+++ b/newlib/libgloss/adros/posix_stubs.c
@@ -256,10 +256,15 @@ int dup2(int oldfd, int newfd) {
 }
 
 int fcntl(int fd, int cmd, ...) {
-    va_list ap;
-    va_start(ap, cmd);
-    int arg = va_arg(ap, int);
-    va_end(ap);
+    /* M11: Only read arg from varargs for commands that need it */
+    int arg = 0;
+    if (cmd == 0 /* F_DUPFD */ || cmd == 2 /* F_SETFD */ ||
+        cmd == 4 /* F_SETFL */ || cmd == 1024 /* F_DUPFD_CLOEXEC */) {
+        va_list ap;
+        va_start(ap, cmd);
+        arg = va_arg(ap, int);
+        va_end(ap);
+    }
     return _check(_sc3(SYS_FCNTL, fd, cmd, arg));
 }
 
@@ -571,10 +576,14 @@ int dup3(int oldfd, int newfd, int flags) {
 }
 
 int openat(int dirfd, const char *path, int flags, ...) {
-    va_list ap;
-    va_start(ap, flags);
-    int mode = va_arg(ap, int);
-    va_end(ap);
+    /* M11: Only read mode from varargs when O_CREAT is set */
+    int mode = 0;
+    if (flags & 0x40 /* O_CREAT */) {
+        va_list ap;
+        va_start(ap, flags);
+        mode = va_arg(ap, int);
+        va_end(ap);
+    }
     return _check(_sc4(SYS_OPENAT, dirfd, (int)path, flags, mode));
 }
 
diff --git a/user/ulibc/src/unistd.c b/user/ulibc/src/unistd.c
index 89c7e3ba..0cde624e 100644
--- a/user/ulibc/src/unistd.c
+++ b/user/ulibc/src/unistd.c
@@ -364,10 +364,10 @@ int select(int nfds, fd_set* readfds, fd_set* writefds, fd_set* exceptfds,
 }
 
 int fcntl(int fd, int cmd, ...) {
-    /* A17: Only read arg from varargs for commands that need it */
+    /* M10: Only read arg from varargs for commands that need it */
     int arg = 0;
-    if (cmd == 0 /* F_DUPFD */ || cmd == 1 /* F_GETFD */ || cmd == 2 /* F_SETFD */ ||
-        cmd == 3 /* F_GETFL */ || cmd == 4 /* F_SETFL */ || cmd == 1024 /* F_DUPFD_CLOEXEC */) {
+    if (cmd == 0 /* F_DUPFD */ || cmd == 2 /* F_SETFD */ ||
+        cmd == 4 /* F_SETFL */ || cmd == 1024 /* F_DUPFD_CLOEXEC */) {
         __builtin_va_list ap;
         __builtin_va_start(ap, cmd);
         arg = __builtin_va_arg(ap, int);