[packages/glibc] - rel 4; from upstream - getmntent memory corruption fix.
arekm
arekm at pld-linux.org
Sun Aug 30 22:47:16 CEST 2015
commit 2914288cdf0aa2fbeebcc2650f3dd4434f53f63f
Author: Arkadiusz Miśkiewicz <arekm at maven.pl>
Date: Sun Aug 30 22:47:10 2015 +0200
- rel 4; from upstream - getmntent memory corruption fix.
glibc-git.patch | 264 +++++++++++++++++++++++++++++++++++++++++++++++++++++++-
glibc.spec | 2 +-
2 files changed, 261 insertions(+), 5 deletions(-)
---
diff --git a/glibc.spec b/glibc.spec
index 552d02f..c61fd98 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -41,7 +41,7 @@ Summary(tr.UTF-8): GNU libc
Summary(uk.UTF-8): GNU libc версії
Name: glibc
Version: %{core_version}
-Release: 3
+Release: 4
Epoch: 6
License: LGPL v2.1+
Group: Libraries
diff --git a/glibc-git.patch b/glibc-git.patch
index 931ad79..e62ee57 100644
--- a/glibc-git.patch
+++ b/glibc-git.patch
@@ -1,8 +1,30 @@
diff --git a/ChangeLog b/ChangeLog
-index cb9124e..ee071b9 100644
+index cb9124e..f3027b0 100644
--- a/ChangeLog
+++ b/ChangeLog
-@@ -1,3 +1,47 @@
+@@ -1,3 +1,69 @@
++2015-08-28 Mike Frysinger <vapier at gentoo.org>
++
++ [BZ #18887]
++ * misc/Makefile (tests): Add tst-mntent-blank-corrupt and
++ tst-mntent-blank-passno.
++ * misc/mntent_r.c (__getmntent_r): Do not read past buffer[0].
++ * misc/tst-mntent-blank-corrupt.c: New test.
++ * misc/tst-mntent-blank-passno.c: New test ripped from ...
++ * misc/tst-mntent.c (do_test): ... here.
++
++2015-08-25 Roland McGrath <roland at hack.frob.com>
++
++ * sysdeps/nacl/start.c (_start): Call __nacl_main instead of main
++ if the weak reference is not null.
++
++2015-08-19 Andrew Senkevich <andrew.senkevich at intel.com>
++
++ [BZ #18796]
++ * scripts/test-installation.pl: Don't add -lmvec to build options
++ if libmvec wasn't built.
++ * NEWS: Mention this fix.
++
+2015-08-10 Maxim Ostapenko <m.ostapenko at partner.samsung.com>
+
+ [BZ #18778]
@@ -51,7 +73,7 @@ index cb9124e..ee071b9 100644
* version.h (RELEASE): Set to "stable".
diff --git a/NEWS b/NEWS
-index 4c31de7..d89d8e9 100644
+index 4c31de7..2cfe5c1 100644
--- a/NEWS
+++ b/NEWS
@@ -5,6 +5,12 @@ See the end for copying conditions.
@@ -62,7 +84,7 @@ index 4c31de7..d89d8e9 100644
+
+* The following bugs are resolved with this release:
+
-+ 18778, 18781, 18787.
++ 18778, 18781, 18787, 18796, 18887.
+
Version 2.22
@@ -259,6 +281,35 @@ index 539c2a2..b6ebae4 100644
test_ftello ();
return 0;
+diff --git a/misc/Makefile b/misc/Makefile
+index aecb0da..2f5edf6 100644
+--- a/misc/Makefile
++++ b/misc/Makefile
+@@ -76,7 +76,8 @@ install-lib := libg.a
+ gpl2lgpl := error.c error.h
+
+ tests := tst-dirname tst-tsearch tst-fdset tst-efgcvt tst-mntent tst-hsearch \
+- tst-error1 tst-pselect tst-insremque tst-mntent2 bug-hsearch1
++ tst-error1 tst-pselect tst-insremque tst-mntent2 bug-hsearch1 \
++ tst-mntent-blank-corrupt tst-mntent-blank-passno
+ ifeq ($(run-built-tests),yes)
+ tests-special += $(objpfx)tst-error1-mem.out
+ endif
+diff --git a/misc/mntent_r.c b/misc/mntent_r.c
+index 6159873..4f26998 100644
+--- a/misc/mntent_r.c
++++ b/misc/mntent_r.c
+@@ -136,7 +136,9 @@ __getmntent_r (FILE *stream, struct mntent *mp, char *buffer, int bufsiz)
+ end_ptr = strchr (buffer, '\n');
+ if (end_ptr != NULL) /* chop newline */
+ {
+- while (end_ptr[-1] == ' ' || end_ptr[-1] == '\t')
++ /* Do not walk past the start of buffer if it's all whitespace. */
++ while (end_ptr != buffer
++ && (end_ptr[-1] == ' ' || end_ptr[-1] == '\t'))
+ end_ptr--;
+ *end_ptr = '\0';
+ }
diff --git a/misc/regexp.h b/misc/regexp.h
index 3460989..42394f7 100644
--- a/misc/regexp.h
@@ -279,6 +330,187 @@ index 3460989..42394f7 100644
This header is provided only for backward compatibility.
It will be removed in the next release of the GNU C Library.
+diff --git a/misc/tst-mntent-blank-corrupt.c b/misc/tst-mntent-blank-corrupt.c
+new file mode 100644
+index 0000000..92266a3
+--- /dev/null
++++ b/misc/tst-mntent-blank-corrupt.c
+@@ -0,0 +1,45 @@
++/* Make sure blank lines does not cause memory corruption BZ #18887.
++
++ Copyright (C) 2009-2015 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <http://www.gnu.org/licenses/>. */
++
++#include <mntent.h>
++#include <stdio.h>
++#include <string.h>
++
++/* Make sure blank lines don't trigger memory corruption. This doesn't happen
++ for all targets though, so it's a best effort test BZ #18887. */
++static int
++do_test (void)
++{
++ FILE *fp;
++
++ fp = tmpfile ();
++ fputs ("\n \n/foo\\040dir /bar\\040dir auto bind \t \n", fp);
++ rewind (fp);
++
++ /* The corruption happens here ... */
++ getmntent (fp);
++ /* ... but trigers here. */
++ endmntent (fp);
++
++ /* If the test failed, we would crash, and not hit this point. */
++ return 0;
++}
++
++#define TEST_FUNCTION do_test ()
++#include "../test-skeleton.c"
+diff --git a/misc/tst-mntent-blank-passno.c b/misc/tst-mntent-blank-passno.c
+new file mode 100644
+index 0000000..fc04291
+--- /dev/null
++++ b/misc/tst-mntent-blank-passno.c
+@@ -0,0 +1,53 @@
++/* Make sure trailing whitespace is handled properly BZ #17273.
++
++ Copyright (C) 2009-2015 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <http://www.gnu.org/licenses/>. */
++
++#include <mntent.h>
++#include <stdio.h>
++#include <string.h>
++
++/* Check entries to make sure trailing whitespace is ignored and we return the
++ correct passno value BZ #17273. */
++static int
++do_test (void)
++{
++ int result = 0;
++ FILE *fp;
++ struct mntent *mnt;
++
++ fp = tmpfile ();
++ fputs ("/foo\\040dir /bar\\040dir auto bind \t \n", fp);
++ rewind (fp);
++
++ mnt = getmntent (fp);
++ if (strcmp (mnt->mnt_fsname, "/foo dir") != 0
++ || strcmp (mnt->mnt_dir, "/bar dir") != 0
++ || strcmp (mnt->mnt_type, "auto") != 0
++ || strcmp (mnt->mnt_opts, "bind") != 0
++ || mnt->mnt_freq != 0
++ || mnt->mnt_passno != 0)
++ {
++ puts ("Error while reading entry with trailing whitespaces");
++ result = 1;
++ }
++
++ return result;
++}
++
++#define TEST_FUNCTION do_test ()
++#include "../test-skeleton.c"
+diff --git a/misc/tst-mntent.c b/misc/tst-mntent.c
+index 876c89f..820b354 100644
+--- a/misc/tst-mntent.c
++++ b/misc/tst-mntent.c
+@@ -73,26 +73,6 @@ main (int argc, char *argv[])
+ puts ("Error while reading written entry back in");
+ result = 1;
+ }
+-
+- /* Part III: Entry with whitespaces at the end of a line. */
+- rewind (fp);
+-
+- fputs ("/foo\\040dir /bar\\040dir auto bind \t \n", fp);
+-
+- rewind (fp);
+-
+- mnt = getmntent (fp);
+-
+- if (strcmp (mnt->mnt_fsname, "/foo dir") != 0
+- || strcmp (mnt->mnt_dir, "/bar dir") != 0
+- || strcmp (mnt->mnt_type, "auto") != 0
+- || strcmp (mnt->mnt_opts, "bind") != 0
+- || mnt->mnt_freq != 0
+- || mnt->mnt_passno != 0)
+- {
+- puts ("Error while reading entry with trailing whitespaces");
+- result = 1;
+- }
+ }
+
+ return result;
+diff --git a/scripts/test-installation.pl b/scripts/test-installation.pl
+index cac1562..79b2b3e 100755
+--- a/scripts/test-installation.pl
++++ b/scripts/test-installation.pl
+@@ -80,16 +80,25 @@ arglist: while (@ARGV) {
+ # We expect none or one argument.
+ if ($#ARGV == -1) {
+ $soversions="soversions.mk";
++ $config="config.make";
+ } elsif ($#ARGV == 0) {
+ if (-d $ARGV[0]) {
+ $soversions = "$ARGV[0]/soversions.mk";
++ $config = "$ARGV[0]/config.make";
+ } else {
+- $soversions = $ARGV[0];
++ $soversions = $dir = $ARGV[0];
++ $dir =~ s!/?[^/]*/*$!!;
++ $config = $dir . "/config.make";
+ }
+ } else {
+ die "Wrong number of arguments.";
+ }
+
++if (system ("grep -q \"build-mathvec = yes\" $config") == 0) {
++ $build_mathvec = 1;
++} else {
++ $build_mathvec = 0;
++}
+
+ # Read names and versions of all shared libraries that are part of
+ # glibc
+@@ -111,6 +120,8 @@ while (<SOVERSIONS>) {
+ # - libthread_db since it contains unresolved references
+ # - it's just a test NSS module
+ # - We don't provide the libgcc so we don't test it
++ # - libmvec if it wasn't built
++ next if ($build_mathvec == 0 && $name eq "mvec");
+ if ($name ne "nss_ldap" && $name ne "db1"
+ && !($name =~/^nss1_/) && $name ne "thread_db"
+ && $name ne "nss_test1" && $name ne "libgcc_s") {
diff --git a/sysdeps/hppa/dl-symaddr.c b/sysdeps/hppa/dl-symaddr.c
index b707c19..89d8baf 100644
--- a/sysdeps/hppa/dl-symaddr.c
@@ -288,6 +520,30 @@ index b707c19..89d8baf 100644
return (void *) value;
}
+rtld_hidden_def (_dl_symbol_address)
+diff --git a/sysdeps/nacl/start.c b/sysdeps/nacl/start.c
+index a4b6dd3..8e8bc1a 100644
+--- a/sysdeps/nacl/start.c
++++ b/sysdeps/nacl/start.c
+@@ -44,6 +44,10 @@
+ /* The application defines this, of course. */
+ extern int main (int argc, char **argv, char **envp);
+
++/* But maybe it defines this too, in which case it takes precedence. */
++extern int __nacl_main (int argc, char **argv, char **envp)
++ __attribute__ ((weak));
++
+ /* These are defined in libc. */
+ extern int __libc_csu_init (int argc, char **argv, char **envp);
+ extern void __libc_csu_fini (void);
+@@ -59,7 +63,7 @@ _start (uint32_t info[])
+ {
+ /* The generic code actually assumes that envp follows argv. */
+
+- __libc_start_main (&main,
++ __libc_start_main (&__nacl_main ?: &main,
+ nacl_startup_argc (info),
+ nacl_startup_argv (info),
+ nacl_startup_auxv (info),
diff --git a/sysdeps/unix/sysv/linux/hppa/bits/atomic.h b/sysdeps/unix/sysv/linux/hppa/bits/atomic.h
index abde83e..6e73504 100644
--- a/sysdeps/unix/sysv/linux/hppa/bits/atomic.h
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/glibc.git/commitdiff/2914288cdf0aa2fbeebcc2650f3dd4434f53f63f
More information about the pld-cvs-commit
mailing list