Hello community,
here is the log from the commit of package glibc.2020 for openSUSE:12.3:Update checked in at 2013-09-30 17:43:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:12.3:Update/glibc.2020 (Old)
and /work/SRC/openSUSE:12.3:Update/.glibc.2020.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "glibc.2020"
Changes:
--------
New Changes file:
--- /dev/null 2013-09-21 22:50:09.852032506 +0200
+++ /work/SRC/openSUSE:12.3:Update/.glibc.2020.new/glibc-testsuite.changes 2013-09-30 17:43:39.000000000 +0200
@@ -0,0 +1,6637 @@
+-------------------------------------------------------------------
+Mon Sep 16 14:10:12 UTC 2013 - schwab@suse.de
+
+- arm-ld-so-cache.patch: Support loading unmarked objects from cache
+- strcoll-overflow.patch: Fix buffer overflow in strcoll (CVE-2012-4412,
+ bnc#779320)
+- regexp-overrun.patch: Fix buffer overrun in regexp matcher
+ (CVE-2013-0242, bnc#801246)
+- manpages.patch: Remove debianisms from manpages (bnc#805054)
+- getaddrinfo-overflow.patch: Fix stack overflow in getaddrinfo with many
+ results (CVE-2013-1914, bnc#813121)
+- printf-overrun.patch: Revert problematic fixes for [BZ #11741]
+ (bnc#813306)
+- pldd-wait-ptrace-stop.patch: fix pldd not to leave process stopped after
+ detaching (bnc#819383)
+- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524)
+- glibc-2.3.90-bindresvport.blacklist.diff: Fix resource leaks
+ (bnc#824046)
+- disable-pt-chown.patch: Disable use of pt_chown (CVE-2013-2207,
+ bnc#830257)
+- readdir_r-overflow.patch: Buffer overflow in readdir_r (CVE-2013-4237,
+ bnc#834594)
+- malloc-overflow.patch: Fix integer overflows in malloc (CVE-2013-4332,
+ bnc#839870)
+- When testsuite run fails make all test output available
+
+-------------------------------------------------------------------
+Thu Jan 31 15:42:07 UTC 2013 - schwab@suse.de
+
+- Obsolete unscd to migrate back to nscd.
+
+-------------------------------------------------------------------
+Thu Jan 31 09:09:06 UTC 2013 - coolo@suse.com
+
+- looks like testsuite runs only on kvm, so add _constraint
+ (actually it does not build on xen, but I can't constraint that)
+
+-------------------------------------------------------------------
+Thu Jan 24 16:33:04 UTC 2013 - schwab@suse.de
+
+- Don't run testsuite in parallel
+- Fail if testsuite fails
+- Disable crypt/badsalttest test
+
+-------------------------------------------------------------------
+Tue Jan 8 09:53:38 UTC 2013 - coolo@suse.com
+
+- add _constraints file to make sure glibc-testsuite only builds on big
+ hosts. Otherwise it's running out of memory and stalls
+
+-------------------------------------------------------------------
+Thu Dec 27 12:31:13 UTC 2012 - aj@suse.de
+
+- Set bugurl to bugs.opensuse.org
+
+-------------------------------------------------------------------
+Tue Dec 25 16:50:52 UTC 2012 - aj@suse.de
+
+- Update to glibc 2.17 release (git id c758a6861537):
+ * bump version number
+ * update translations
+
+-------------------------------------------------------------------
+Tue Dec 18 10:28:01 UTC 2012 - schwab@suse.de
+
+- Move glibc-utils subpackage to own specfile and enable programs that
+ require libgd
+- Filter GLIBC_PRIVATE symbols
+- Don't stop at first error in testsuite run
+
+-------------------------------------------------------------------
+Mon Dec 17 11:16:49 UTC 2012 - schwab@suse.de
+
+- Split off glibc-testsuite package
+
+-------------------------------------------------------------------
+Fri Dec 14 19:31:45 UTC 2012 - aj@suse.de
+
+- Build profile and locale packages for i686 as well.
+
+-------------------------------------------------------------------
+Wed Dec 12 08:32:53 UTC 2012 - aj@suse.de
+
+- Update to 4641d57e1e00:
+ * Updated translations
+ * bug fixes
+
+-------------------------------------------------------------------
+Mon Dec 10 13:08:01 UTC 2012 - schwab@suse.de
+
+- pthread-cond-timedwait-i486.patch:
+ Extend i486 pthread_cond_timedwait to use futex syscall with absolute
+ timeout
+- nscd-short-write.patch:
+ Properly check for short writes when sending the response in nscd
+
+-------------------------------------------------------------------
+Sat Dec 8 18:55:53 UTC 2012 - aj@suse.de
+
+- Update to 56e7d3ad5c2f:
+ * Bugfixes
+ * Fix warnings building glibc
+- Remove upstreamed patch glibc-revert-fseek-on-fclose.diff
+
+-------------------------------------------------------------------
+Mon Dec 3 15:45:08 UTC 2012 - aj@suse.de
+
+- Remove nosegneg i686 library, it's only used for a 32-bit Xen
+ hypervisor (not for a 32-bit guest running under 64-bit hypervisor),
+ and since the 32-bit Xen hypervisor is not part of openSUSE anymore,
+ it is unneeded (bnc#789607).
+
+-------------------------------------------------------------------
+Mon Dec 3 14:47:22 UTC 2012 - schwab@suse.de
+
+- Suppress error message from systemctl in %post -n nscd (bnc#792333)
+
+-------------------------------------------------------------------
+Sat Dec 1 08:55:05 UTC 2012 - aj@suse.de
+
+- Update to f638872ab422:
+ Fix regression introduced with last update in sunrpc code
+ Fix assertion failure in resolver
+ Bug fixes
+- Remove upstreamed patch glibc-resolv-assert.diff
+
+-------------------------------------------------------------------
+Fri Nov 30 09:15:15 UTC 2012 - aj@suse.de
+
+- Update to c93ec1f091ec:
+ Warn about unsupported DT_FLAGS_1 flags
+ Add Interlingua locale
+ Bug fixes
+
+-------------------------------------------------------------------
+Thu Nov 29 14:30:11 UTC 2012 - schwab@suse.de
+
+- Remove obsolete patches:
+ glibc-strict-aliasing.diff
+ nscd-avoid-gcc-warning.diff
+
+-------------------------------------------------------------------
+Wed Nov 28 15:48:32 UTC 2012 - aj@suse.de
+
+- Update to e3c6aa3a5848:
+ * Fix powerpc64 make abi check failure
+ * bugfixes
+- Install nscd.socket to new /usr location
+
+-------------------------------------------------------------------
+Wed Nov 28 09:31:11 UTC 2012 - schwab@suse.de
+
+- Reenable multi-arch on ppc ppc64
+
+-------------------------------------------------------------------
+Tue Nov 27 21:34:15 UTC 2012 - aj@suse.de
+
+- Update to de2fd463b1c0:
+ Various bugfixes including:
+ * Fix fwrite bug causing grep etc testsuite failure
+ * sotruss: fix argument parsing
+ * Check supported DF_1_XXX bits
+ Add new locales niu_NU and niu_NZ
+- Refresh patch glibc-revert-fseek-on-fclose.diff
+
+-------------------------------------------------------------------
+Sat Nov 24 13:48:40 UTC 2012 - aj@suse.de
+
+- Remove nscd init script, use systemd files.
+
+-------------------------------------------------------------------
+Fri Nov 23 14:33:37 UTC 2012 - matz@suse.com
+
+- Fix getaddrinfo-ipv6-sanity.diff to apply again.
+
+-------------------------------------------------------------------
+Tue Nov 20 08:06:49 UTC 2012 - aj@suse.de
+
+- Update to f59cba71d848:
+ * Various bug fixes
+ * Add new locales szl_PL, ayc_PE, nhn_MX, doi_IN, mni_IN, sat_IN.
+ * Remove patch glibc-compiled-binaries.diff since getconf can not be
+ cross-compiled
+ * Refresh patch glibc-2.3.90-bindresvport.blacklist.diff
+
+-------------------------------------------------------------------
+Sun Nov 11 09:54:43 UTC 2012 - aj@suse.de
+
+- Update to current glibc 2.17 development snapshot (git 7e2bd01fcf3c):
+ * Upstream changes:
+ + ports is now part of main tarball
+ + Add port to ARM AArch64
+ + New function secure_getenv
+ + Systemtap static probes
+ + The `clock_*' suite of functions (declared in ) is now
+ available directly in the main C library.
+ + The `crypt' function now fails if passed salt bytes that violate the
++++ 6440 more lines (skipped)
++++ between /dev/null
++++ and /work/SRC/openSUSE:12.3:Update/.glibc.2020.new/glibc-testsuite.changes
New Changes file:
glibc-utils.changes: same change
New Changes file:
glibc.changes: same change
New:
----
_constraints
arm-ld-so-cache.patch
baselibs.conf
bindresvport.blacklist
check-build.sh
crypt_blowfish-1.2-hack_around_arm.diff
crypt_blowfish-1.2-sha.diff
crypt_blowfish-1.2-versioning.diff
crypt_blowfish-1.2.tar.gz
crypt_blowfish-1.2.tar.gz.sign
disable-pt-chown.patch
getaddrinfo-ipv6-sanity.diff
getaddrinfo-overflow.patch
glibc-2.14-crypt-versioning.diff
glibc-2.14-crypt.diff
glibc-2.17-c758a6861537.tar.xz
glibc-2.2-sunrpc.diff
glibc-2.3.2.no_archive.diff
glibc-2.3.3-nscd-db-path.diff
glibc-2.3.90-bindresvport.blacklist.diff
glibc-2.3.90-langpackdir.diff
glibc-2.3.90-noversion.diff
glibc-2.3.locales.diff.bz2
glibc-2.4-china.diff
glibc-2.4.90-no_NO.diff
glibc-2.4.90-revert-only-euro.diff
glibc-armhf-compat.patch
glibc-cpusetsize.diff
glibc-crypt-badsalttest.patch
glibc-fix-check-abi.patch
glibc-fix-double-loopback.diff
glibc-ld-profile.patch
glibc-nodate.patch
glibc-nscd-hconf.diff
glibc-nscd.conf.patch
glibc-resolv-mdnshint.diff
glibc-resolv-reload.diff
glibc-testsuite.changes
glibc-testsuite.patch
glibc-testsuite.spec
glibc-utils.changes
glibc-utils.spec
glibc-version.diff
glibc.changes
glibc.rpmlintrc
glibc.spec
glibc_post_upgrade.c
malloc-overflow.patch
manpages.patch
manpages.tar.bz2
noversion.tar.bz2
nscd-netgroup.patch
nscd-short-write.patch
nscd.conf
nscd.service
nss-db-path.patch
nsswitch.conf
pldd-wait-ptrace-stop.patch
pre_checkin.sh
printf-overrun.patch
pthread-cond-timedwait-i486.patch
readdir_r-overflow.patch
regexp-overrun.patch
strcoll-overflow.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ glibc-testsuite.spec ++++++
++++ 1300 lines (skipped)
glibc-utils.spec: same change
glibc.spec: same change
++++++ arm-ld-so-cache.patch ++++++
From b39949d21179bd0b08a083e4f7e35d0c98e11294 Mon Sep 17 00:00:00 2001
From: Carlos O'Donell
Date: Fri, 8 Feb 2013 12:26:12 -0500
Subject: [PATCH] ARM: Support loading unmarked objects from cache.
ARM now supports loading unmarked objects from
the dynamic loader cache. Unmarked objects can
be used with the hard-float or soft-float ABI.
We must support loading unmarked objects during
the transition period from a binutils that does
not mark objects to one that does mark them with
the correct ELF flags.
Signed-off-by: Carlos O'Donell
---
ChangeLog | 5 +++++
elf/cache.c | 4 ++++
ports/ChangeLog.arm | 8 ++++++++
ports/sysdeps/unix/sysv/linux/arm/dl-cache.h | 9 +++++++--
ports/sysdeps/unix/sysv/linux/arm/readelflib.c | 6 ++++++
sysdeps/generic/ldconfig.h | 1 +
6 files changed, 31 insertions(+), 2 deletions(-)
diff --git a/elf/cache.c b/elf/cache.c
index 9901952..699550b 100644
--- a/elf/cache.c
+++ b/elf/cache.c
@@ -100,6 +100,10 @@ print_entry (const char *lib, int flag, unsigned int osversion,
case FLAG_AARCH64_LIB64:
fputs (",AArch64", stdout);
break;
+ /* Uses the ARM soft-float ABI. */
+ case FLAG_ARM_LIBSF:
+ fputs (",soft-float", stdout);
+ break;
case 0:
break;
default:
diff --git a/ports/sysdeps/unix/sysv/linux/arm/dl-cache.h b/ports/sysdeps/unix/sysv/linux/arm/dl-cache.h
index acc4f28..504feca 100644
--- a/ports/sysdeps/unix/sysv/linux/arm/dl-cache.h
+++ b/ports/sysdeps/unix/sysv/linux/arm/dl-cache.h
@@ -18,12 +18,17 @@
#include
+/* In order to support the transition from unmarked objects
+ to marked objects we must treat unmarked objects as
+ compatible with either FLAG_ARM_LIBHF or FLAG_ARM_LIBSF. */
#ifdef __ARM_PCS_VFP
# define _dl_cache_check_flags(flags) \
- ((flags) == (FLAG_ARM_LIBHF | FLAG_ELF_LIBC6))
+ ((flags) == (FLAG_ARM_LIBHF | FLAG_ELF_LIBC6) \
+ || (flags) == FLAG_ELF_LIBC6)
#else
# define _dl_cache_check_flags(flags) \
- ((flags) == FLAG_ELF_LIBC6)
+ ((flags) == (FLAG_ARM_LIBSF | FLAG_ELF_LIBC6) \
+ || (flags) == FLAG_ELF_LIBC6)
#endif
#include_next
diff --git a/ports/sysdeps/unix/sysv/linux/arm/readelflib.c b/ports/sysdeps/unix/sysv/linux/arm/readelflib.c
index 81e5ccb..3efb613 100644
--- a/ports/sysdeps/unix/sysv/linux/arm/readelflib.c
+++ b/ports/sysdeps/unix/sysv/linux/arm/readelflib.c
@@ -46,6 +46,12 @@ process_elf_file (const char *file_name, const char *lib, int *flag,
if (elf32_header->e_flags & EF_ARM_ABI_FLOAT_HARD)
*flag = FLAG_ARM_LIBHF|FLAG_ELF_LIBC6;
else if (elf32_header->e_flags & EF_ARM_ABI_FLOAT_SOFT)
+ *flag = FLAG_ARM_LIBSF|FLAG_ELF_LIBC6;
+ else
+ /* We must assume the unmarked objects are compatible
+ with all ABI variants. Such objects may have been
+ generated in a transitional period when the ABI
+ tags were not added to all objects. */
*flag = FLAG_ELF_LIBC6;
}
}
diff --git a/sysdeps/generic/ldconfig.h b/sysdeps/generic/ldconfig.h
index 57a9a46..91190aa 100644
--- a/sysdeps/generic/ldconfig.h
+++ b/sysdeps/generic/ldconfig.h
@@ -36,6 +36,7 @@
#define FLAG_X8664_LIBX32 0x0800
#define FLAG_ARM_LIBHF 0x0900
#define FLAG_AARCH64_LIB64 0x0a00
+#define FLAG_ARM_LIBSF 0x0b00
/* Name of auxiliary cache. */
#define _PATH_LDCONFIG_AUX_CACHE "/var/cache/ldconfig/aux-cache"
--
1.8.2.3
++++++ baselibs.conf ++++++
glibc
arch i586 block!
targettype x86 +/etc/ld.so.conf
targettype x86 "/lib/ld-linux.so.2 -> <prefix>/lib/ld-linux.so.2"
targettype x86 obsoletes "baselibs-x86"
targettype ia32 +/etc/ld.so.conf
targettype ia32 "/lib/ld-linux.so.2 -> <prefix>/lib/ld-linux.so.2"
prereq -glibc-x86
+/usr/lib/getconf/[^g]
glibc-locale
arch i586 block!
+/usr/lib(64)?/gconv/gconv-modules
targettype x86 -/usr/lib(64)?/gconv/gconv-modules
glibc-devel
requires "glibc-<targettype> = %version"
arch i586 block!
+^/usr/include/gnu/stubs-.*\.h$
glibc-devel-static
arch i586 block!
glibc-profile
arch i586 block!
glibc-utils
++++++ bindresvport.blacklist ++++++
#
# This file contains a list of port numbers between 600 and 1024,
# which should not be used by bindresvport. bindresvport is mostly
# called by RPC services. This mostly solves the problem, that a
# RPC service uses a well known port of another service.
#
623 # ASF, used by IPMI on some cards
631 # cups
636 # ldaps
664 # Secure ASF, used by IPMI on some cards
774 # rpasswd
921 # lwresd
993 # imaps
995 # pops
++++++ check-build.sh ++++++
#!/bin/bash
# Copyright (c) 2003, 2004, 2011,2012 SUSE Linux Products GmbH, Germany. All rights reserved.
#
# Authors: Thorsten Kukuk
#
if [ `nice` -gt '9' ] ; then
echo "Don't modify nice for building glibc!"
exit 1
fi
# get kernel version
OFS="$IFS" ; IFS=".-" ; version=(`uname -r`) ; IFS="$OIFS"
ARCH=(`uname -m`)
if test ${version[0]} -gt 2 ; then
: # okay
elif test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 16 ; then
echo "FATAL: kernel too old, need kernel >= 2.6.16 for this package" 1>&2
exit 1
elif $ARCH -eq 'x86_64' ; then
if test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 32 ; then
echo "FATAL: kernel too old, need kernel >= 2.6.32 for this package" 1>&2
exit 1
fi
fi
exit 0
++++++ crypt_blowfish-1.2-hack_around_arm.diff ++++++
--- x86.S
+++ x86.S
@@ -199,5 +199,5 @@
#endif
#if defined(__ELF__) && defined(__linux__)
-.section .note.GNU-stack,"",@progbits
+.section .note.GNU-stack,"",%progbits
#endif
++++++ crypt_blowfish-1.2-sha.diff ++++++
From 1c581a8364ab18a6938f3153d7bea793d06a4652 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel
Date: Thu, 25 Aug 2011 14:00:38 +0200
Subject: [PATCH crypt_blowfish] support for sha256 and sha512
---
crypt.3 | 14 +++++++++++++
crypt_gensalt.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
wrapper.c | 23 +++++++++++++++++++++
3 files changed, 95 insertions(+), 0 deletions(-)
diff --git a/crypt.3 b/crypt.3
index e2f25bd..40a3538 100644
--- a/crypt.3
+++ b/crypt.3
@@ -399,6 +399,20 @@ too low for the currently available hardware.
.hash "$1$" "\e$1\e$[^$]{1,8}\e$[./0-9A-Za-z]{22}" unlimited 8 "" 128 "6 to 48" 1000
.PP
.ti -2
+.B SHA256 based
+.br
+This is Ulrich Drepper's SHA256-based password hashing method originally
+developed for Linux.
+.hash "$5$" "\e$5\e$(rounds=[0-9]{1,9}\e$)?([./0-9A-Za-z]{1,16})?\e$[./0-9A-Za-z]{43}" unlimited 8 "" 256 "0 to 96" "1000 to 999999999 (default 5000)"
+.PP
+.ti -2
+.B SHA512 based
+.br
+This is Ulrich Drepper's SHA512-based password hashing method originally
+developed for Linux.
+.hash "$6$" "\e$6\e$(rounds=[0-9]{1,9}\e$)?([./0-9A-Za-z]{1,16})?\e$[./0-9A-Za-z]{86}" unlimited 8 "" 512 "0 to 96" "1000 to 999999999 (default 5000)"
+.PP
+.ti -2
.BR "OpenBSD-style Blowfish-based" " (" bcrypt )
.br
.B bcrypt
diff --git a/crypt_gensalt.c b/crypt_gensalt.c
index 73c15a1..5cf9812 100644
--- a/crypt_gensalt.c
+++ b/crypt_gensalt.c
@@ -19,6 +19,7 @@
*/
#include
+#include
#include
#ifndef __set_errno
@@ -122,3 +123,60 @@ char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count,
return output;
}
+
+#define SHA2_SALT_LEN_MAX 16
+#define SHA2_ROUNDS_MIN 1000
+#define SHA2_ROUNDS_MAX 999999999
+char *_crypt_gensalt_sha2_rn (const char *prefix, unsigned long count,
+ const char *input, int size, char *output, int output_size)
+
+{
+ char *o = output;
+ const char *i = input;
+ unsigned needed = 3 + MIN(size/3*4, SHA2_SALT_LEN_MAX) + 1;
+
+ if (size < 3 || output_size < needed)
+ goto error;
+
+ size = MIN(size, SHA2_SALT_LEN_MAX/4*3);
+
+ o[0] = prefix[0];
+ o[1] = prefix[1];
+ o[2] = prefix[2];
+ o += 3;
+
+ if (count) {
+ count = MAX(SHA2_ROUNDS_MIN, MIN(count, SHA2_ROUNDS_MAX));
+ int n = snprintf (o, output_size-3, "rounds=%ld$", count);
+ if (n < 0 || n >= output_size-3)
+ goto error;
+ needed += n;
+ o += n;
+ }
+
+ if (output_size < needed)
+ goto error;
+
+ while (size >= 3) {
+ unsigned long value =
+ (unsigned long)(unsigned char)i[0] |
+ ((unsigned long)(unsigned char)i[1] << 8) |
+ ((unsigned long)(unsigned char)i[2] << 16);
+ o[0] = _crypt_itoa64[value & 0x3f];
+ o[1] = _crypt_itoa64[(value >> 6) & 0x3f];
+ o[2] = _crypt_itoa64[(value >> 12) & 0x3f];
+ o[3] = _crypt_itoa64[(value >> 18) & 0x3f];
+ size -= 3;
+ i += 3;
+ o += 3;
+ }
+ o[0] = '\0';
+
+ return output;
+
+error:
+ if (output_size > 0)
+ output[0] = '\0';
+ errno = ENOMEM;
+ return NULL;
+}
diff --git a/wrapper.c b/wrapper.c
index 344053b..070d91d 100644
--- a/wrapper.c
+++ b/wrapper.c
@@ -44,12 +44,18 @@
#include "crypt_blowfish.h"
#include "crypt_gensalt.h"
+extern char *_crypt_gensalt_sha2_rn(const char *prefix, unsigned long count,
+ const char *input, int size, char *output, int output_size);
#if defined(__GLIBC__) && defined(_LIBC)
/* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */
#include "crypt.h"
extern char *__md5_crypt_r(const char *key, const char *salt,
char *buffer, int buflen);
+extern char *__sha256_crypt_r (const char *key, const char *salt,
+ char *buffer, int buflen);
+extern char *__sha512_crypt_r (const char *key, const char *salt,
+ char *buffer, int buflen);
/* crypt-entry.c needs to be patched to define __des_crypt_r rather than
* __crypt_r, and not define crypt_r and crypt at all */
extern char *__des_crypt_r(const char *key, const char *salt,
@@ -112,6 +118,10 @@ static char *_crypt_retval_magic(char *retval, const char *setting,
char *__crypt_rn(__const char *key, __const char *setting,
void *data, int size)
{
+ if (setting[0] == '$' && setting[1] == '6')
+ return __sha512_crypt_r(key, setting, (char *)data, size);
+ if (setting[0] == '$' && setting[1] == '5')
+ return __sha256_crypt_r(key, setting, (char *)data, size);
if (setting[0] == '$' && setting[1] == '2')
return _crypt_blowfish_rn(key, setting, (char *)data, size);
if (setting[0] == '$' && setting[1] == '1')
@@ -129,6 +139,16 @@ char *__crypt_rn(__const char *key, __const char *setting,
char *__crypt_ra(__const char *key, __const char *setting,
void **data, int *size)
{
+ if (setting[0] == '$' && setting[1] == '6') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return __sha512_crypt_r(key, setting, (char *)*data, *size);
+ }
+ if (setting[0] == '$' && setting[1] == '5') {
+ if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
+ return NULL;
+ return __sha256_crypt_r(key, setting, (char *)*data, *size);
+ }
if (setting[0] == '$' && setting[1] == '2') {
if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE))
return NULL;
@@ -210,6 +230,9 @@ char *__crypt_gensalt_rn(const char *prefix, unsigned long count,
return NULL;
}
+ if (!strncmp(prefix, "$5$", 3) || !strncmp(prefix, "$6$", 3))
+ use = _crypt_gensalt_sha2_rn;
+ else
if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4))
use = _crypt_gensalt_blowfish_rn;
else
--
1.7.3.4
++++++ crypt_blowfish-1.2-versioning.diff ++++++
Index: crypt_blowfish-1.2/wrapper.c
===================================================================
--- crypt_blowfish-1.2/wrapper.c
+++ crypt_blowfish-1.2/wrapper.c
@@ -38,6 +38,7 @@
#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1)
#if defined(__GLIBC__) && defined(_LIBC)
+#include
#define __SKIP_GNU
#endif
#include "ow-crypt.h"
@@ -291,14 +292,34 @@ char *__crypt_gensalt(const char *prefix
}
#if defined(__GLIBC__) && defined(_LIBC)
-weak_alias(__crypt_rn, crypt_rn)
-weak_alias(__crypt_ra, crypt_ra)
weak_alias(__crypt_r, crypt_r)
weak_alias(__crypt, crypt)
-weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn)
-weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra)
-weak_alias(__crypt_gensalt, crypt_gensalt)
-weak_alias(crypt, fcrypt)
+weak_alias(__crypt, fcrypt)
+#if SHARED
+#if 1 // Owl has crypt_gensalt as GLIBC_2_0 so keep for compatibility
+#define ow_compat_symbol(name) \
+ compat_symbol(libcrypt, _compat_##name, name, GLIBC_2_0); \
+ weak_alias(__##name, _compat_##name)
+#else
+#define ow_compat_symbol(name)
+#endif
+
+#define ow_versioned(name) \
+ ow_compat_symbol(name) \
+ versioned_symbol(libcrypt, _owl_##name, name, OW_CRYPT_1_0);
+#else
+#define ow_versioned(name)
+#endif // SHARED
+
+#define ow_symbol(name) \
+ ow_versioned(name) \
+ weak_alias(__##name, _owl_##name) \
+
+ow_symbol(crypt_rn)
+ow_symbol(crypt_ra)
+ow_symbol(crypt_gensalt)
+ow_symbol(crypt_gensalt_rn)
+ow_symbol(crypt_gensalt_ra)
#endif
#ifdef TEST
++++++ disable-pt-chown.patch ++++++
2013-07-21 Siddhesh Poyarekar
Andreas Schwab
Roland McGrath
Joseph Myers
Carlos O'Donell
[BZ #15755]
* config.h.in: Define HAVE_PT_CHOWN.
* config.make.in (build-pt-chown): New variable.
* configure.in (--enable-pt_chown): New configure option.
* configure: Regenerate.
* login/Makefile: Include Makeconfig. Build pt_chown only if
build-pt-chown is enabled.
* sysdeps/unix/grantpt.c (grantpt) [HAVE_PT_CHOWN]: Spawn
pt_chown to fix pty ownership.
* sysdeps/unix/sysv/linux/grantpt.c [HAVE_PT_CHOWN]: Define
CLOSE_ALL_FDS.
* manual/install.texi (Configuring and compiling): Mention
--enable-pt_chown. Add @findex for grantpt.
* INSTALL: Regenerate.
Index: glibc-2.17/INSTALL
===================================================================
--- glibc-2.17.orig/INSTALL
+++ glibc-2.17/INSTALL
@@ -128,6 +128,18 @@ will be used, and CFLAGS sets optimizati
this can be prevented though there generally is no reason since it
creates compatibility problems.
+`--enable-pt_chown'
+ The file `pt_chown' is a helper binary for `grantpt' (*note
+ Pseudo-Terminals: Allocation.) that is installed setuid root to
+ fix up pseudo-terminal ownership. It is not built by default
+ because systems using the Linux kernel are commonly built with the
+ `devpts' filesystem enabled and mounted at `/dev/pts', which
+ manages pseudo-terminal ownership automatically. By using
+ `--enable-pt_chown', you may build `pt_chown' and install it
+ setuid and owned by `root'. The use of `pt_chown' introduces
+ additional security risks to the system and you should enable it
+ only if you understand and accept those risks.
+
`--build=BUILD-SYSTEM'
`--host=HOST-SYSTEM'
These options are for cross-compiling. If you specify both
Index: glibc-2.17/config.h.in
===================================================================
--- glibc-2.17.orig/config.h.in
+++ glibc-2.17/config.h.in
@@ -232,4 +232,7 @@
/* The ARM hard-float ABI is being used. */
#undef HAVE_ARM_PCS_VFP
+/* The pt_chown binary is being built and used by grantpt. */
+#undef HAVE_PT_CHOWN
+
#endif
Index: glibc-2.17/config.make.in
===================================================================
--- glibc-2.17.orig/config.make.in
+++ glibc-2.17/config.make.in
@@ -101,6 +101,7 @@ force-install = @force_install@
link-obsolete-rpc = @link_obsolete_rpc@
build-nscd = @build_nscd@
use-nscd = @use_nscd@
+build-pt-chown = @build_pt_chown@
# Build tools.
CC = @CC@
Index: glibc-2.17/configure
===================================================================
--- glibc-2.17.orig/configure
+++ glibc-2.17/configure
@@ -653,6 +653,7 @@ multi_arch
base_machine
add_on_subdirs
add_ons
+build_pt_chown
build_nscd
link_obsolete_rpc
libc_cv_nss_crypt
@@ -759,6 +760,7 @@ enable_obsolete_rpc
enable_systemtap
enable_build_nscd
enable_nscd
+enable_pt_chown
with_cpu
'
ac_precious_vars='build_alias
@@ -1419,6 +1421,7 @@ Optional Features:
--enable-systemtap enable systemtap static probe points [default=no]
--disable-build-nscd disable building and installing the nscd daemon
--disable-nscd library functions will not contact the nscd daemon
+ --enable-pt_chown Enable building and installing pt_chown
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@@ -3934,6 +3937,19 @@ else
fi
+# Check whether --enable-pt_chown was given.
+if test "${enable_pt_chown+set}" = set; then :
+ enableval=$enable_pt_chown; build_pt_chown=$enableval
+else
+ build_pt_chown=no
+fi
+
+
+if test $build_pt_chown = yes; then
+ $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h
+
+fi
+
# The way shlib-versions is used to generate soversions.mk uses a
# fairly simplistic model for name recognition that can't distinguish
# i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os
Index: glibc-2.17/configure.in
===================================================================
--- glibc-2.17.orig/configure.in
+++ glibc-2.17/configure.in
@@ -315,6 +315,16 @@ AC_ARG_ENABLE([nscd],
[use_nscd=$enableval],
[use_nscd=yes])
+AC_ARG_ENABLE([pt_chown],
+ [AS_HELP_STRING([--enable-pt_chown],
+ [Enable building and installing pt_chown])],
+ [build_pt_chown=$enableval],
+ [build_pt_chown=no])
+AC_SUBST(build_pt_chown)
+if test $build_pt_chown = yes; then
+ AC_DEFINE(HAVE_PT_CHOWN)
+fi
+
# The way shlib-versions is used to generate soversions.mk uses a
# fairly simplistic model for name recognition that can't distinguish
# i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os
Index: glibc-2.17/login/Makefile
===================================================================
--- glibc-2.17.orig/login/Makefile
+++ glibc-2.17/login/Makefile
@@ -29,9 +29,15 @@ routines := getutent getutent_r getutid
CFLAGS-grantpt.c = -DLIBEXECDIR='"$(libexecdir)"'
-others = utmpdump pt_chown
+others = utmpdump
+
+include ../Makeconfig
+
+ifeq (yes,$(build-pt-chown))
+others += pt_chown
others-pie = pt_chown
install-others-programs = $(inst_libexecdir)/pt_chown
+endif
subdir-dirs = programs
vpath %.c programs
Index: glibc-2.17/manual/install.texi
===================================================================
--- glibc-2.17.orig/manual/install.texi
+++ glibc-2.17/manual/install.texi
@@ -155,6 +155,20 @@ if the used tools support it. By using
prevented though there generally is no reason since it creates
compatibility problems.
+@pindex pt_chown
+@findex grantpt
+@item --enable-pt_chown
+The file @file{pt_chown} is a helper binary for @code{grantpt}
+(@pxref{Allocation, Pseudo-Terminals}) that is installed setuid root to
+fix up pseudo-terminal ownership. It is not built by default because
+systems using the Linux kernel are commonly built with the @code{devpts}
+filesystem enabled and mounted at @file{/dev/pts}, which manages
+pseudo-terminal ownership automatically. By using
+@samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
+setuid and owned by @code{root}. The use of @file{pt_chown} introduces
+additional security risks to the system and you should enable it only if
+you understand and accept those risks.
+
@item --build=@var{build-system}
@itemx --host=@var{host-system}
These options are for cross-compiling. If you specify both options and
Index: glibc-2.17/sysdeps/unix/grantpt.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/grantpt.c
+++ glibc-2.17/sysdeps/unix/grantpt.c
@@ -173,9 +173,10 @@ grantpt (int fd)
retval = 0;
goto cleanup;
- /* We have to use the helper program. */
+ /* We have to use the helper program if it is available. */
helper:;
+#ifdef HAVE_PT_CHOWN
pid_t pid = __fork ();
if (pid == -1)
goto cleanup;
@@ -190,9 +191,9 @@ grantpt (int fd)
if (__dup2 (fd, PTY_FILENO) < 0)
_exit (FAIL_EBADF);
-#ifdef CLOSE_ALL_FDS
+# ifdef CLOSE_ALL_FDS
CLOSE_ALL_FDS ();
-#endif
+# endif
execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
_exit (FAIL_EXEC);
@@ -231,6 +232,7 @@ grantpt (int fd)
assert(! "getpt: internal error: invalid exit code from pt_chown");
}
}
+#endif
cleanup:
if (buf != _buf)
Index: glibc-2.17/sysdeps/unix/sysv/linux/grantpt.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/sysv/linux/grantpt.c
+++ glibc-2.17/sysdeps/unix/sysv/linux/grantpt.c
@@ -11,7 +11,7 @@
#include "pty-private.h"
-
+#if HAVE_PT_CHOWN
/* Close all file descriptors except the one specified. */
static void
close_all_fds (void)
@@ -38,6 +38,7 @@ close_all_fds (void)
__dup2 (STDOUT_FILENO, STDERR_FILENO);
}
}
-#define CLOSE_ALL_FDS() close_all_fds()
+# define CLOSE_ALL_FDS() close_all_fds()
+#endif
#include
++++++ getaddrinfo-ipv6-sanity.diff ++++++
Index: glibc-2.16.90/sysdeps/posix/getaddrinfo.c
===================================================================
--- glibc-2.16.90.orig/sysdeps/posix/getaddrinfo.c 2012-11-20 03:45:45.000000000 +0100
+++ glibc-2.16.90/sysdeps/posix/getaddrinfo.c 2012-11-23 15:32:33.000000000 +0100
@@ -269,7 +269,7 @@ extern service_user *__nss_hosts_databas
static int
gaih_inet (const char *name, const struct gaih_service *service,
const struct addrinfo *req, struct addrinfo **pai,
- unsigned int *naddrs)
+ unsigned int *naddrs, bool usable_ipv6)
{
const struct gaih_typeproto *tp = gaih_inet_typeproto;
struct gaih_servtuple *st = (struct gaih_servtuple *) &nullserv;
@@ -839,7 +839,10 @@ gaih_inet (const char *name, const struc
if (req->ai_family == PF_UNSPEC)
fct4 = __nss_lookup_function (nip, "gethostbyname4_r");
- if (fct4 != NULL)
+ /* If we don't want ipv6, don't use gethostbyname4_r,
+ as it's using T_UNSPEC to libc_res_nsearch, which always
+ create T_A and T_AAAA queries. */
+ if (usable_ipv6 && fct4 != NULL)
{
int herrno;
@@ -942,7 +945,7 @@ gaih_inet (const char *name, const struc
if (fct != NULL)
{
if (req->ai_family == AF_INET6
- || req->ai_family == AF_UNSPEC)
+ || (req->ai_family == AF_UNSPEC && usable_ipv6))
{
gethosts (AF_INET6, struct in6_addr);
no_inet6_data = no_data;
@@ -2462,7 +2465,11 @@ getaddrinfo (const char *name, const cha
if (hints->ai_family == AF_UNSPEC || hints->ai_family == AF_INET
|| hints->ai_family == AF_INET6)
{
- last_i = gaih_inet (name, pservice, hints, end, &naddrs);
+ if (!check_pf_called)
+ __check_pf (&seen_ipv4, &seen_ipv6, &in6ai, &in6ailen);
+ check_pf_called = true;
+
+ last_i = gaih_inet (name, pservice, hints, end, &naddrs, seen_ipv6);
if (last_i != 0)
{
freeaddrinfo (p);
++++++ getaddrinfo-overflow.patch ++++++
From 1cef1b19089528db11f221e938f60b9b048945d7 Mon Sep 17 00:00:00 2001
From: Andreas Schwab
Date: Thu, 21 Mar 2013 15:50:27 +0100
Subject: [PATCH] Fix stack overflow in getaddrinfo with many results
[BZ #15330]
* sysdeps/posix/getaddrinfo.c (getaddrinfo): Allocate results and
order arrays from heap if bigger than alloca cutoff.
---
ChangeLog | 6 ++++++
NEWS | 5 ++++-
sysdeps/posix/getaddrinfo.c | 23 +++++++++++++++++++++--
3 files changed, 31 insertions(+), 3 deletions(-)
diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
index d95c2d1..2309281 100644
--- a/sysdeps/posix/getaddrinfo.c
+++ b/sysdeps/posix/getaddrinfo.c
@@ -2489,11 +2489,27 @@ getaddrinfo (const char *name, const char *service,
__typeof (once) old_once = once;
__libc_once (once, gaiconf_init);
/* Sort results according to RFC 3484. */
- struct sort_result results[nresults];
- size_t order[nresults];
+ struct sort_result *results;
+ size_t *order;
struct addrinfo *q;
struct addrinfo *last = NULL;
char *canonname = NULL;
+ bool malloc_results;
+
+ malloc_results
+ = !__libc_use_alloca (nresults * (sizeof (*results) + sizeof (size_t)));
+ if (malloc_results)
+ {
+ results = malloc (nresults * (sizeof (*results) + sizeof (size_t)));
+ if (results == NULL)
+ {
+ __free_in6ai (in6ai);
+ return EAI_MEMORY;
+ }
+ }
+ else
+ results = alloca (nresults * (sizeof (*results) + sizeof (size_t)));
+ order = (size_t *) (results + nresults);
/* Now we definitely need the interface information. */
if (! check_pf_called)
@@ -2664,6 +2680,9 @@ getaddrinfo (const char *name, const char *service,
/* Fill in the canonical name into the new first entry. */
p->ai_canonname = canonname;
+
+ if (malloc_results)
+ free (results);
}
__free_in6ai (in6ai);
--
1.8.2.3
++++++ glibc-2.14-crypt-versioning.diff ++++++
Index: glibc-2.16.90/Versions.def
===================================================================
--- glibc-2.16.90.orig/Versions.def
+++ glibc-2.16.90/Versions.def
@@ -42,6 +42,7 @@ libc {
}
libcrypt {
GLIBC_2.0
+ OW_CRYPT_1.0
}
libdl {
GLIBC_2.0
Index: glibc-2.16.90/crypt/Versions
===================================================================
--- glibc-2.16.90.orig/crypt/Versions
+++ glibc-2.16.90/crypt/Versions
@@ -3,4 +3,7 @@ libcrypt {
crypt; crypt_r; encrypt; encrypt_r; fcrypt; setkey; setkey_r;
crypt_rn; crypt_ra; crypt_gensalt; crypt_gensalt_rn; crypt_gensalt_ra;
}
+ OW_CRYPT_1.0 {
+ crypt_rn; crypt_ra; crypt_gensalt; crypt_gensalt_rn; crypt_gensalt_ra;
+ }
}
++++++ glibc-2.14-crypt.diff ++++++
Index: glibc-2.16.90/crypt/Makefile
===================================================================
--- glibc-2.16.90.orig/crypt/Makefile
+++ glibc-2.16.90/crypt/Makefile
@@ -21,6 +21,7 @@
subdir := crypt
headers := crypt.h
+headers += gnu-crypt.h ow-crypt.h
extra-libs := libcrypt
extra-libs-others := $(extra-libs)
@@ -28,6 +29,8 @@ extra-libs-others := $(extra-libs)
libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \
crypt_util
+libcrypt-routines += crypt_blowfish x86 crypt_gensalt wrapper
+
tests := cert md5c-test sha256c-test sha512c-test badsalttest
include ../Makeconfig
Index: glibc-2.16.90/crypt/Versions
===================================================================
--- glibc-2.16.90.orig/crypt/Versions
+++ glibc-2.16.90/crypt/Versions
@@ -1,5 +1,6 @@
libcrypt {
GLIBC_2.0 {
crypt; crypt_r; encrypt; encrypt_r; fcrypt; setkey; setkey_r;
+ crypt_rn; crypt_ra; crypt_gensalt; crypt_gensalt_rn; crypt_gensalt_ra;
}
}
Index: glibc-2.16.90/crypt/crypt-entry.c
===================================================================
--- glibc-2.16.90.orig/crypt/crypt-entry.c
+++ glibc-2.16.90/crypt/crypt-entry.c
@@ -81,7 +81,7 @@ extern struct crypt_data _ufc_foobar;
*/
char *
-__crypt_r (key, salt, data)
+__des_crypt_r (key, salt, data)
const char *key;
const char *salt;
struct crypt_data * __restrict data;
@@ -155,6 +155,7 @@ __crypt_r (key, salt, data)
_ufc_output_conversion_r (res[0], res[1], salt, data);
return data->crypt_3_buf;
}
+#if 0
weak_alias (__crypt_r, crypt_r)
char *
@@ -197,3 +198,4 @@ __fcrypt (key, salt)
return crypt (key, salt);
}
#endif
+#endif
++++++ glibc-2.2-sunrpc.diff ++++++
For details see:
http://sourceware.org/bugzilla/show_bug.cgi?id=5379
Index: glibc-2.15/sunrpc/clnt_udp.c
===================================================================
--- glibc-2.15.orig/sunrpc/clnt_udp.c
+++ glibc-2.15/sunrpc/clnt_udp.c
@@ -307,6 +307,7 @@ clntudp_call (cl, proc, xargs, argsp, xr
XDR *xdrs;
int outlen = 0;
int inlen;
+ int pollresult;
socklen_t fromlen;
struct pollfd fd;
int milliseconds = (cu->cu_wait.tv_sec * 1000) +
@@ -377,37 +378,36 @@ send_again:
anyup = 0;
for (;;)
{
- switch (__poll (&fd, 1, milliseconds))
+ switch (pollresult = __poll (&fd, 1, milliseconds))
{
-
case 0:
- if (anyup == 0)
- {
- anyup = is_network_up (cu->cu_sock);
- if (!anyup)
- return (cu->cu_error.re_status = RPC_CANTRECV);
- }
-
- time_waited.tv_sec += cu->cu_wait.tv_sec;
- time_waited.tv_usec += cu->cu_wait.tv_usec;
- while (time_waited.tv_usec >= 1000000)
- {
- time_waited.tv_sec++;
- time_waited.tv_usec -= 1000000;
- }
- if ((time_waited.tv_sec < timeout.tv_sec) ||
- ((time_waited.tv_sec == timeout.tv_sec) &&
- (time_waited.tv_usec < timeout.tv_usec)))
- goto send_again;
- return (cu->cu_error.re_status = RPC_TIMEDOUT);
-
- /*
- * buggy in other cases because time_waited is not being
- * updated.
- */
case -1:
- if (errno == EINTR)
- continue;
+ if (pollresult == 0 || errno == EINTR) {
+ if (anyup == 0)
+ {
+ anyup = is_network_up (cu->cu_sock);
+ if (!anyup)
+ return (cu->cu_error.re_status = RPC_CANTRECV);
+ }
+
+ time_waited.tv_sec += cu->cu_wait.tv_sec;
+ time_waited.tv_usec += cu->cu_wait.tv_usec;
+ while (time_waited.tv_usec >= 1000000)
+ {
+ time_waited.tv_sec++;
+ time_waited.tv_usec -= 1000000;
+ }
+ if ((time_waited.tv_sec < timeout.tv_sec) ||
+ ((time_waited.tv_sec == timeout.tv_sec) &&
+ (time_waited.tv_usec < timeout.tv_usec)))
+ if (pollresult == 0)
+ goto send_again;
+ else
+ continue;
+ return (cu->cu_error.re_status = RPC_TIMEDOUT);
+ }
+
+ /* errno != EINTR */
cu->cu_error.re_errno = errno;
return (cu->cu_error.re_status = RPC_CANTRECV);
}
++++++ glibc-2.3.2.no_archive.diff ++++++
-------------------------------------------------------------------
Wed Jun 4 14:29:07 CEST 2003 - kukuk@suse.de
- Make --no-archive default for localedef
Index: glibc-2.15.90/locale/programs/localedef.c
===================================================================
--- glibc-2.15.90.orig/locale/programs/localedef.c
+++ glibc-2.15.90/locale/programs/localedef.c
@@ -81,7 +81,7 @@ const char *alias_file;
static struct localedef_t *locales;
/* If true don't add locale data to archive. */
-bool no_archive;
+bool no_archive = true;
/* If true add named locales to archive. */
static bool add_to_archive;
@@ -112,6 +112,7 @@ void (*argp_program_version_hook) (FILE
#define OPT_REPLACE 307
#define OPT_DELETE_FROM_ARCHIVE 308
#define OPT_LIST_ARCHIVE 309
+#define OPT_ARCHIVE 310
/* Definitions of arguments for argp functions. */
static const struct argp_option options[] =
@@ -133,6 +134,8 @@ static const struct argp_option options[
N_("Suppress warnings and information messages") },
{ "verbose", 'v', NULL, 0, N_("Print more messages") },
{ NULL, 0, NULL, 0, N_("Archive control:") },
+ { "archive", OPT_ARCHIVE, NULL, 0,
+ N_("Add new data to archive") },
{ "no-archive", OPT_NO_ARCHIVE, NULL, 0,
N_("Don't add new data to archive") },
{ "add-to-archive", OPT_ADD_TO_ARCHIVE, NULL, 0,
@@ -310,6 +313,9 @@ parse_opt (int key, char *arg, struct ar
case OPT_PREFIX:
output_prefix = arg;
break;
+ case OPT_ARCHIVE:
+ no_archive = false;
+ break;
case OPT_NO_ARCHIVE:
no_archive = true;
break;
++++++ glibc-2.3.3-nscd-db-path.diff ++++++
2004-12-09 Thorsten Kukuk
* nscd/nscd.h: Move persistent storage back to /var/run/nscd
Index: glibc-2.15.90/nscd/nscd.h
===================================================================
--- glibc-2.15.90.orig/nscd/nscd.h
+++ glibc-2.15.90/nscd/nscd.h
@@ -112,11 +112,11 @@ struct database_dyn
/* Paths of the file for the persistent storage. */
-#define _PATH_NSCD_PASSWD_DB "/var/db/nscd/passwd"
-#define _PATH_NSCD_GROUP_DB "/var/db/nscd/group"
-#define _PATH_NSCD_HOSTS_DB "/var/db/nscd/hosts"
-#define _PATH_NSCD_SERVICES_DB "/var/db/nscd/services"
-#define _PATH_NSCD_NETGROUP_DB "/var/db/nscd/netgroup"
+#define _PATH_NSCD_PASSWD_DB "/var/run/nscd/passwd"
+#define _PATH_NSCD_GROUP_DB "/var/run/nscd/group"
+#define _PATH_NSCD_HOSTS_DB "/var/run/nscd/hosts"
+#define _PATH_NSCD_SERVICES_DB "/var/run/nscd/services"
+#define _PATH_NSCD_NETGROUP_DB "/var/run/nscd/netgroup"
/* Path used when not using persistent storage. */
#define _PATH_NSCD_XYZ_DB_TMP "/var/run/nscd/dbXXXXXX"
++++++ glibc-2.3.90-bindresvport.blacklist.diff ++++++
Index: glibc-2.17/sunrpc/bindrsvprt.c
===================================================================
--- glibc-2.17.orig/sunrpc/bindrsvprt.c
+++ glibc-2.17/sunrpc/bindrsvprt.c
@@ -29,6 +29,9 @@
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
+#include
+#include
+#include
#include
#include
#include
@@ -42,6 +45,93 @@
*/
__libc_lock_define_initialized (static, lock);
+#define STARTPORT 600
+#define LOWPORT 512
+#define ENDPORT (IPPORT_RESERVED - 1)
+#define NPORTS (ENDPORT - STARTPORT + 1)
+
+/* Read the file /etc/rpc.blacklisted, so that we don't bind to these
+ ports. */
+
+static int blacklist_read;
+static int *list;
+static int list_size = 0;
+
+static void
+load_blacklist (void)
+{
+ FILE *fp;
+ char *buf = NULL;
+ size_t buflen = 0;
+ int size = 0, ptr = 0;
+
+ __libc_lock_lock (lock);
+ if (blacklist_read)
+ goto unlock;
+ blacklist_read = 1;
+
+ fp = fopen ("/etc/bindresvport.blacklist", "r");
+ if (fp == NULL)
+ goto unlock;
+
+ while (!feof_unlocked (fp))
+ {
+ unsigned long port;
+ char *tmp, *cp;
+ ssize_t n = __getline (&buf, &buflen, fp);
+ if (n < 1)
+ break;
+
+ cp = buf;
+ /* Remove comments. */
+ tmp = strchr (cp, '#');
+ if (tmp)
+ *tmp = '\0';
+ /* Remove spaces and tabs. */
+ while (isspace ((unsigned char) *cp))
+ ++cp;
+ /* Ignore empty lines. */
+ if (*cp == '\0')
+ continue;
+ if (cp[strlen (cp) - 1] == '\n')
+ cp[strlen (cp) - 1] = '\0';
+
+ port = strtoul (cp, &tmp, 0);
+ while (isspace ((unsigned char) *tmp))
+ ++tmp;
+ if (*tmp != '\0' || (port == ULONG_MAX && errno == ERANGE))
+ continue;
+
+ /* Don't bother with out-of-range ports. */
+ if (port < LOWPORT || port > ENDPORT)
+ continue;
+
+ if (ptr >= size)
+ {
+ size += 10;
+ int *new_list = realloc (list, size * sizeof (int));
+ if (new_list == NULL)
+ {
+ free (list);
+ list = NULL;
+ free (buf);
+ goto unlock;
+ }
+ list = new_list;
+ }
+
+ list[ptr++] = port;
+ }
+
+ fclose (fp);
+ free (buf);
+ list_size = ptr;
+
+ unlock:
+ __libc_lock_unlock (lock);
+}
+
+
/*
* Bind a socket to a privileged IP port
*/
@@ -52,12 +142,11 @@ bindresvport (int sd, struct sockaddr_in
struct sockaddr_in myaddr;
int i;
-#define STARTPORT 600
-#define LOWPORT 512
-#define ENDPORT (IPPORT_RESERVED - 1)
-#define NPORTS (ENDPORT - STARTPORT + 1)
static short startport = STARTPORT;
+ if (!blacklist_read)
+ load_blacklist ();
+
if (sin == (struct sockaddr_in *) 0)
{
sin = &myaddr;
@@ -75,6 +164,7 @@ bindresvport (int sd, struct sockaddr_in
port = (__getpid () % NPORTS) + STARTPORT;
}
+ __set_errno (EADDRINUSE);
/* Initialize to make gcc happy. */
int res = -1;
@@ -86,12 +176,22 @@ bindresvport (int sd, struct sockaddr_in
again:
for (i = 0; i < nports; ++i)
{
- sin->sin_port = htons (port++);
- if (port > endport)
- port = startport;
+ int j;
+
+ sin->sin_port = htons (port);
+
+ /* Check that this port is not blacklisted. */
+ for (j = 0; j < list_size; j++)
+ if (port == list[j])
+ goto try_next_port;
+
res = __bind (sd, sin, sizeof (struct sockaddr_in));
if (res >= 0 || errno != EADDRINUSE)
break;
+
+ try_next_port:
+ if (++port > endport)
+ port = startport;
}
if (i == nports && startport != LOWPORT)
++++++ glibc-2.3.90-langpackdir.diff ++++++
Index: glibc-2.15.90/intl/loadmsgcat.c
===================================================================
--- glibc-2.15.90.orig/intl/loadmsgcat.c
+++ glibc-2.15.90/intl/loadmsgcat.c
@@ -805,8 +805,52 @@ _nl_load_domain (domain_file, domainbind
if (domain_file->filename == NULL)
goto out;
- /* Try to open the addressed file. */
- fd = open (domain_file->filename, O_RDONLY);
+ /* Replace /locale/ with /usr/share/locale-langpack/ */
+ const char *langpackdir = "/usr/share/locale-langpack/";
+ char *filename_langpack = malloc (strlen (domain_file->filename) +
+ strlen (langpackdir));
+ if (filename_langpack != NULL)
+ {
+ char *p = strstr (domain_file->filename, "/locale/");
+ if (p != NULL)
+ {
+ strcpy (filename_langpack, langpackdir);
+ strcpy (&filename_langpack[strlen (langpackdir)],
+ (p+8));
+ if ((fd = open (filename_langpack, O_RDONLY)) == -1)
+ fd = open (domain_file->filename, O_RDONLY);
+ }
+ else
+ /* Try to open the addressed file. */
+ fd = open (domain_file->filename, O_RDONLY);
+
+ free (filename_langpack);
+ }
+ else
+ /* Try to open the addressed file. */
+ fd = open (domain_file->filename, O_RDONLY);
+
+ if (fd == -1)
+ {
+ /* Use the fallback directory. */
+ const char *bundle_dir = "/usr/share/locale-bundle/";
+ char *filename_bundle = malloc (strlen (domain_file->filename) +
+ strlen (bundle_dir));
+ if (filename_bundle != NULL)
+ {
+ char *p = strstr (domain_file->filename, "/locale/");
+ if (p != NULL)
+ {
+ strcpy (filename_bundle, bundle_dir);
+ strcpy (&filename_bundle[strlen (bundle_dir)],
+ (p+8));
+ fd = open (filename_bundle, O_RDONLY);
+ }
+
+ free (filename_bundle);
+ }
+ }
+
if (fd == -1)
goto out;
++++++ glibc-2.3.90-noversion.diff ++++++
Index: glibc-2.16.90/elf/rtld.c
===================================================================
--- glibc-2.16.90.orig/elf/rtld.c
+++ glibc-2.16.90/elf/rtld.c
@@ -1717,6 +1717,53 @@ ERROR: ld.so: object '%s' cannot be load
}
}
+#if defined(__i386__)
+ /*
+ * Modifications by Red Hat Software
+ *
+ * Deal with the broken binaries from the non-versioned ages of glibc.
+ * If a binary does not have version information enabled, we assume that
+ * it is a glibc 2.0 binary and we load a compatibility library to try to
+ * overcome binary incompatibilities.
+ * Blame: gafton@redhat.com
+ */
+#define LIB_NOVERSION "/lib/obsolete/noversion/libNoVersion.so.1"
+
+ if (__builtin_expect (main_map->l_info[DT_NUM + DT_THISPROCNUM
+ + DT_VERSIONTAGIDX (DT_VERNEED)]
+ == NULL, 0)
+ && (main_map->l_info[DT_DEBUG]
+ || !(GLRO(dl_debug_mask) & DL_DEBUG_PRELINK)))
+ {
+ struct stat test_st;
+ int test_fd;
+ int can_load;
+
+ HP_TIMING_NOW (start);
+
+ can_load = 1;
+ test_fd = __open (LIB_NOVERSION, O_RDONLY);
+ if (test_fd < 0) {
+ can_load = 0;
+ } else {
+ if (__fxstat (_STAT_VER, test_fd, &test_st) < 0 || test_st.st_size == 0) {
+ can_load = 0;
+ }
+ }
+
+ if (test_fd >= 0) /* open did no fail.. */
+ __close(test_fd); /* avoid fd leaks */
+
+ if (can_load != 0)
+ npreloads += do_preload (LIB_NOVERSION, main_map,
+ "nonversioned binary");
+
+ HP_TIMING_NOW (stop);
+ HP_TIMING_DIFF (diff, start, stop);
+ HP_TIMING_ACCUM_NT (load_time, diff);
+ }
+#endif
+
if (__builtin_expect (*first_preload != NULL, 0))
{
/* Set up PRELOADS with a vector of the preloaded libraries. */
++++++ glibc-2.3.locales.diff.bz2 ++++++
++++ 74380 lines (skipped)
++++++ glibc-2.4-china.diff ++++++
Index: glibc-2.15/localedata/locales/zh_TW
===================================================================
--- glibc-2.15.orig/localedata/locales/zh_TW
+++ glibc-2.15/localedata/locales/zh_TW
@@ -1,7 +1,7 @@
comment_char %
escape_char /
%
-% Chinese language locale for Taiwan R.O.C.
+% Chinese language locale for Taiwan
% charmap: BIG5-CP950
%
% Original Author:
@@ -17,7 +17,7 @@ escape_char /
% Reference: http://wwwold.dkuug.dk/JTC1/SC22/WG20/docs/n690.pdf
LC_IDENTIFICATION
-title "Chinese locale for Taiwan R.O.C."
+title "Chinese locale for Taiwan"
source ""
address ""
contact ""
@@ -25,7 +25,7 @@ email "bug-glibc-locales@gnu.org"
tel ""
fax ""
language "Chinese"
-territory "Taiwan R.O.C."
+territory "Taiwan"
revision "0.2"
date "2000-08-02"
%
++++++ glibc-2.4.90-no_NO.diff ++++++
Index: glibc-2.15.90/intl/locale.alias
===================================================================
--- glibc-2.15.90.orig/intl/locale.alias
+++ glibc-2.15.90/intl/locale.alias
@@ -56,8 +56,6 @@ korean ko_KR.eucKR
korean.euc ko_KR.eucKR
ko_KR ko_KR.eucKR
lithuanian lt_LT.ISO-8859-13
-no_NO nb_NO.ISO-8859-1
-no_NO.ISO-8859-1 nb_NO.ISO-8859-1
norwegian nb_NO.ISO-8859-1
nynorsk nn_NO.ISO-8859-1
polish pl_PL.ISO-8859-2
Index: glibc-2.15.90/localedata/locales/no_NO
===================================================================
--- /dev/null
+++ glibc-2.15.90/localedata/locales/no_NO
@@ -0,0 +1,69 @@
+escape_char /
+comment_char %
+
+% Norwegian language locale for Norway
+% Source: Norsk Standardiseringsforbund
+% Address: University Library,
+% Drammensveien 41, N-9242 Oslo, Norge
+% Contact: Kolbjoern Aamboe
+% Tel: +47 - 22859109
+% Fax: +47 - 22434497
+% Email: kolbjorn.aambo@usit.uio.no
+% Language: no
+% Territory: NO
+% Revision: 4.3
+% Date: 1996-10-15
+% Application: general
+% Users: general
+% Repertoiremap: mnemonic.ds
+% Charset: ISO-8859-1
+% Distribution and use is free, also
+% for commercial purposes.
+
+LC_IDENTIFICATION
+copy "nb_NO"
+END LC_IDENTIFICATION
+
+LC_COLLATE
+copy "nb_NO"
+END LC_COLLATE
+
+LC_CTYPE
+copy "nb_NO"
+END LC_CTYPE
+
+LC_MONETARY
+copy "nb_NO"
+END LC_MONETARY
+
+LC_NUMERIC
+copy "nb_NO"
+END LC_NUMERIC
+
+LC_TIME
+copy "nb_NO"
+END LC_TIME
+
+LC_MESSAGES
+copy "nb_NO"
+END LC_MESSAGES
+
+LC_PAPER
+copy "nb_NO"
+END LC_PAPER
+
+LC_TELEPHONE
+copy "nb_NO"
+END LC_TELEPHONE
+
+LC_MEASUREMENT
+copy "nb_NO"
+END LC_MEASUREMENT
+
+LC_NAME
+copy "nb_NO"
+END LC_NAME
+
+LC_ADDRESS
+copy "nb_NO"
+END LC_ADDRESS
Index: glibc-2.15.90/localedata/SUPPORTED
===================================================================
--- glibc-2.15.90.orig/localedata/SUPPORTED
+++ glibc-2.15.90/localedata/SUPPORTED
@@ -317,6 +317,8 @@ nl_NL/ISO-8859-1 \
nl_NL@euro/ISO-8859-15 \
nn_NO.UTF-8/UTF-8 \
nn_NO/ISO-8859-1 \
+no_NO.UTF-8/UTF-8 \
+no_NO/ISO-8859-1 \
nr_ZA/UTF-8 \
nso_ZA/UTF-8 \
oc_FR.UTF-8/UTF-8 \
++++++ glibc-2.4.90-revert-only-euro.diff ++++++
Index: glibc-2.15/locale/iso-4217.def
===================================================================
--- glibc-2.15.orig/locale/iso-4217.def
+++ glibc-2.15/locale/iso-4217.def
@@ -8,6 +8,7 @@
*
* !!! The list has to be sorted !!!
*/
+DEFINE_INT_CURR("ADP") /* Andorran Peseta -> EUR */
DEFINE_INT_CURR("AED") /* United Arab Emirates Dirham */
DEFINE_INT_CURR("AFN") /* Afghanistan Afgani */
DEFINE_INT_CURR("ALL") /* Albanian Lek */
@@ -15,12 +16,14 @@ DEFINE_INT_CURR("AMD") /* Armenia Dram
DEFINE_INT_CURR("ANG") /* Netherlands Antilles */
DEFINE_INT_CURR("AOA") /* Angolan Kwanza */
DEFINE_INT_CURR("ARS") /* Argentine Peso */
+DEFINE_INT_CURR("ATS") /* Austrian Schilling -> EUR */
DEFINE_INT_CURR("AUD") /* Australian Dollar */
DEFINE_INT_CURR("AWG") /* Aruba Guilder */
DEFINE_INT_CURR("AZM") /* Azerbaijan Manat */
DEFINE_INT_CURR("BAM") /* Bosnian and Herzegovina Convertible Mark */
DEFINE_INT_CURR("BBD") /* Barbados Dollar */
DEFINE_INT_CURR("BDT") /* Bangladesh Taka */
+DEFINE_INT_CURR("BEF") /* Belgian Franc -> EUR */
DEFINE_INT_CURR("BGN") /* Bulgarian Lev */
DEFINE_INT_CURR("BHD") /* Bahraini Dinar */
DEFINE_INT_CURR("BIF") /* Burundi Franc */
@@ -44,6 +47,7 @@ DEFINE_INT_CURR("CUP") /* Cuban Peso *
DEFINE_INT_CURR("CVE") /* Cape Verde Escudo */
DEFINE_INT_CURR("CYP") /* Cypriot Pound */
DEFINE_INT_CURR("CZK") /* Czech Koruna */
+DEFINE_INT_CURR("DEM") /* German Mark -> EUR */
DEFINE_INT_CURR("DJF") /* Djibouti Franc */
DEFINE_INT_CURR("DKK") /* Danish Krone (Faroe Islands, Greenland) */
DEFINE_INT_CURR("DOP") /* Dominican Republic */
@@ -51,16 +55,20 @@ DEFINE_INT_CURR("DZD") /* Algerian Dina
DEFINE_INT_CURR("EEK") /* Estonian Kroon */
DEFINE_INT_CURR("EGP") /* Egyptian Pound */
DEFINE_INT_CURR("ERN") /* Eritrean Nakfa */
+DEFINE_INT_CURR("ESP") /* Spanish Peseta -> EUR */
DEFINE_INT_CURR("ETB") /* Ethiopian Birr */
DEFINE_INT_CURR("EUR") /* European Union Euro */
+DEFINE_INT_CURR("FIM") /* Finnish Markka -> EUR */
DEFINE_INT_CURR("FJD") /* Fiji Dollar */
DEFINE_INT_CURR("FKP") /* Falkland Islands Pound (Malvinas) */
+DEFINE_INT_CURR("FRF") /* French Franc -> EUR */
DEFINE_INT_CURR("GBP") /* British Pound */
DEFINE_INT_CURR("GEL") /* Georgia Lari */
DEFINE_INT_CURR("GHC") /* Ghana Cedi */
DEFINE_INT_CURR("GIP") /* Gibraltar Pound */
DEFINE_INT_CURR("GMD") /* Gambian Dalasi */
DEFINE_INT_CURR("GNF") /* Guinea Franc */
+DEFINE_INT_CURR("GRD") /* Greek Drachma -> EUR */
DEFINE_INT_CURR("GTQ") /* Guatemala Quetzal */
DEFINE_INT_CURR("GYD") /* Guyana Dollar */
DEFINE_INT_CURR("HKD") /* Hong Kong Dollar */
@@ -69,12 +77,14 @@ DEFINE_INT_CURR("HRK") /* Croatia Kuna
DEFINE_INT_CURR("HTG") /* Haiti Gourde */
DEFINE_INT_CURR("HUF") /* Hungarian Forint */
DEFINE_INT_CURR("IDR") /* Indonesia Rupiah */
+DEFINE_INT_CURR("IEP") /* Irish Pound -> EUR */
DEFINE_INT_CURR("ILS") /* Israeli Shekel */
DEFINE_INT_CURR("IMP") /* Isle of Man Pounds */
DEFINE_INT_CURR("INR") /* Indian Rupee (Bhutan) */
DEFINE_INT_CURR("IQD") /* Iraqi Dinar */
DEFINE_INT_CURR("IRR") /* Iranian Rial */
DEFINE_INT_CURR("ISK") /* Iceland Krona */
+DEFINE_INT_CURR("ITL") /* Italian Lira -> EUR */
DEFINE_INT_CURR("JEP") /* Jersey Pound */
DEFINE_INT_CURR("JMD") /* Jamaican Dollar */
DEFINE_INT_CURR("JOD") /* Jordanian Dinar */
@@ -94,6 +104,7 @@ DEFINE_INT_CURR("LKR") /* Sri Lankan Ru
DEFINE_INT_CURR("LRD") /* Liberian Dollar */
DEFINE_INT_CURR("LSL") /* Lesotho Maloti */
DEFINE_INT_CURR("LTL") /* Lithuanian Litas */
+DEFINE_INT_CURR("LUF") /* Luxembourg Franc -> EUR */
DEFINE_INT_CURR("LVL") /* Latvia Lat */
DEFINE_INT_CURR("LYD") /* Libyan Arab Jamahiriya Dinar */
DEFINE_INT_CURR("MAD") /* Moroccan Dirham */
@@ -114,6 +125,7 @@ DEFINE_INT_CURR("MZM") /* Mozambique Me
DEFINE_INT_CURR("NAD") /* Namibia Dollar */
DEFINE_INT_CURR("NGN") /* Nigeria Naira */
DEFINE_INT_CURR("NIO") /* Nicaragua Cordoba Oro */
+DEFINE_INT_CURR("NLG") /* Netherlands Guilder -> EUR */
DEFINE_INT_CURR("NOK") /* Norwegian Krone */
DEFINE_INT_CURR("NPR") /* Nepalese Rupee */
DEFINE_INT_CURR("NZD") /* New Zealand Dollar */
@@ -124,6 +136,7 @@ DEFINE_INT_CURR("PGK") /* Papau New Gui
DEFINE_INT_CURR("PHP") /* Philippines Peso */
DEFINE_INT_CURR("PKR") /* Pakistan Rupee */
DEFINE_INT_CURR("PLN") /* Polish Zloty */
+DEFINE_INT_CURR("PTE") /* Portugese Escudo -> EUR */
DEFINE_INT_CURR("PYG") /* Paraguay Guarani */
DEFINE_INT_CURR("QAR") /* Qatar Rial */
DEFINE_INT_CURR("ROL") /* Romanian Leu */
++++++ glibc-armhf-compat.patch ++++++
Patch for elf/dl-load.c taken from Debian:
For backward compatibility with armhf binaries built with the
old linker SONAME, we need to fake out the linker to believe
the new is the old, until such a point as everything is rebuilt.
--- glibc-2.15/elf/dl-load.c.~1~ 2011-12-30 23:13:56.000000000 +0100
+++ glibc-2.15/elf/dl-load.c 2012-04-18 15:05:33.203485389 +0200
@@ -2082,10 +2082,13 @@
soname = ((const char *) D_PTR (l, l_info[DT_STRTAB])
+ l->l_info[DT_SONAME]->d_un.d_val);
if (strcmp (name, soname) != 0)
+#ifdef __arm__
+ if (strcmp(name, "ld-linux.so.3") || strcmp(soname, "ld-linux-armhf.so.3"))
+#endif
continue;
/* We have a match on a new name -- cache it. */
- add_name_to_object (l, soname);
+ add_name_to_object (l, name);
l->l_soname_added = 1;
}
++++++ glibc-cpusetsize.diff ++++++
Index: glibc-2.15.90/bits/sched.h
===================================================================
--- glibc-2.15.90.orig/bits/sched.h
+++ glibc-2.15.90/bits/sched.h
@@ -53,7 +53,7 @@ struct __sched_param
#if defined _SCHED_H && !defined __cpu_set_t_defined
# define __cpu_set_t_defined
/* Size definition for CPU sets. */
-# define __CPU_SETSIZE 1024
+# define __CPU_SETSIZE 4096
# define __NCPUBITS (8 * sizeof (__cpu_mask))
/* Type for array elements in 'cpu_set_t'. */
Index: glibc-2.15.90/sysdeps/unix/sysv/linux/bits/sched.h
===================================================================
--- glibc-2.15.90.orig/sysdeps/unix/sysv/linux/bits/sched.h
+++ glibc-2.15.90/sysdeps/unix/sysv/linux/bits/sched.h
@@ -112,7 +112,7 @@ struct __sched_param
#if defined _SCHED_H && !defined __cpu_set_t_defined
# define __cpu_set_t_defined
/* Size definition for CPU sets. */
-# define __CPU_SETSIZE 1024
+# define __CPU_SETSIZE 4096
# define __NCPUBITS (8 * sizeof (__cpu_mask))
/* Type for array elements in 'cpu_set_t'. */
++++++ glibc-crypt-badsalttest.patch ++++++
badsalttest expects that crypt fails for unknown salt, but crypt-blowfish
doesn't.
Index: glibc-2.17/crypt/Makefile
===================================================================
--- glibc-2.17.orig/crypt/Makefile
+++ glibc-2.17/crypt/Makefile
@@ -31,7 +31,7 @@ libcrypt-routines := crypt-entry md5-cry
libcrypt-routines += crypt_blowfish x86 crypt_gensalt wrapper
-tests := cert md5c-test sha256c-test sha512c-test badsalttest
+tests := cert md5c-test sha256c-test sha512c-test
include ../Makeconfig
++++++ glibc-fix-check-abi.patch ++++++
++++ 603 lines (skipped)
++++++ glibc-fix-double-loopback.diff ++++++
This fixes the problem of getent ahosts localhost returning 127.0.0.1
_twice_ on systems that have no ipv6 interfaces up (hence are regarded
as ipv4 only by the lookup code), but still have localhost entries for
::1 and 127.0.0.1 in /etc/hosts (like most current systems).
Remapping ::1 to 127.0.0.1 is bogus when /etc/hosts is correct.
bnc #684534, #606980
http://sources.redhat.com/bugzilla/show_bug.cgi?id=4980
Index: glibc-2.15.90/nss/nss_files/files-hosts.c
===================================================================
--- glibc-2.15.90.orig/nss/nss_files/files-hosts.c
+++ glibc-2.15.90/nss/nss_files/files-hosts.c
@@ -68,11 +68,6 @@ LINE_PARSER
{
if (IN6_IS_ADDR_V4MAPPED (entdata->host_addr))
memcpy (entdata->host_addr, entdata->host_addr + 12, INADDRSZ);
- else if (IN6_IS_ADDR_LOOPBACK (entdata->host_addr))
- {
- in_addr_t localhost = htonl (INADDR_LOOPBACK);
- memcpy (entdata->host_addr, &localhost, sizeof (localhost));
- }
else
/* Illegal address: ignore line. */
return 0;
++++++ glibc-ld-profile.patch ++++++
glibc bug #13818
2012-03-07 Jeff Law
* elf/dl-reloc.c (_dl_relocate_object): Move code to allocate
l_reloc_result prior to calling ELF_DYNAMIC_RELOCATE.
diff -rup a/elf/dl-reloc.c b/elf/dl-reloc.c
--- a/elf/dl-reloc.c 2012-01-01 05:16:32.000000000 -0700
+++ b/elf/dl-reloc.c 2012-03-06 15:41:56.486242640 -0700
@@ -238,32 +238,9 @@ _dl_relocate_object (struct link_map *l,
/* String table object symbols. */
const char *strtab = (const void *) D_PTR (l, l_info[DT_STRTAB]);
- /* This macro is used as a callback from the ELF_DYNAMIC_RELOCATE code. */
-#define RESOLVE_MAP(ref, version, r_type) \
- (ELFW(ST_BIND) ((*ref)->st_info) != STB_LOCAL \
- ? ((__builtin_expect ((*ref) == l->l_lookup_cache.sym, 0) \
- && elf_machine_type_class (r_type) == l->l_lookup_cache.type_class) \
- ? (bump_num_cache_relocations (), \
- (*ref) = l->l_lookup_cache.ret, \
- l->l_lookup_cache.value) \
- : ({ lookup_t _lr; \
- int _tc = elf_machine_type_class (r_type); \
- l->l_lookup_cache.type_class = _tc; \
- l->l_lookup_cache.sym = (*ref); \
- const struct r_found_version *v = NULL; \
- if ((version) != NULL && (version)->hash != 0) \
- v = (version); \
- _lr = _dl_lookup_symbol_x (strtab + (*ref)->st_name, l, (ref), \
- scope, v, _tc, \
- DL_LOOKUP_ADD_DEPENDENCY, NULL); \
- l->l_lookup_cache.ret = (*ref); \
- l->l_lookup_cache.value = _lr; })) \
- : l)
-
-#include "dynamic-link.h"
-
- ELF_DYNAMIC_RELOCATE (l, lazy, consider_profiling, skip_ifunc);
-
+ /* ELF_DYNAMIC_RELOCATE may need to examine l_reloc_result
+ when handling MACHINE_IRELATIVE relocs. So we must
+ allocate l_reloc_result prior to calling ELF_DYNAMIC_RELOCATE. */
#ifndef PROF
if (__builtin_expect (consider_profiling, 0))
{
@@ -290,6 +267,32 @@ _dl_relocate_object (struct link_map *l,
}
}
#endif
+
+ /* This macro is used as a callback from the ELF_DYNAMIC_RELOCATE code. */
+#define RESOLVE_MAP(ref, version, r_type) \
+ (ELFW(ST_BIND) ((*ref)->st_info) != STB_LOCAL \
+ ? ((__builtin_expect ((*ref) == l->l_lookup_cache.sym, 0) \
+ && elf_machine_type_class (r_type) == l->l_lookup_cache.type_class) \
+ ? (bump_num_cache_relocations (), \
+ (*ref) = l->l_lookup_cache.ret, \
+ l->l_lookup_cache.value) \
+ : ({ lookup_t _lr; \
+ int _tc = elf_machine_type_class (r_type); \
+ l->l_lookup_cache.type_class = _tc; \
+ l->l_lookup_cache.sym = (*ref); \
+ const struct r_found_version *v = NULL; \
+ if ((version) != NULL && (version)->hash != 0) \
+ v = (version); \
+ _lr = _dl_lookup_symbol_x (strtab + (*ref)->st_name, l, (ref), \
+ scope, v, _tc, \
+ DL_LOOKUP_ADD_DEPENDENCY, NULL); \
+ l->l_lookup_cache.ret = (*ref); \
+ l->l_lookup_cache.value = _lr; })) \
+ : l)
+
+#include "dynamic-link.h"
+
+ ELF_DYNAMIC_RELOCATE (l, lazy, consider_profiling, skip_ifunc);
}
/* Mark the object so we know this work has been done. */
++++++ glibc-nodate.patch ++++++
Index: glibc-2.15.90/nscd/nscd_stat.c
===================================================================
--- glibc-2.15.90.orig/nscd/nscd_stat.c
+++ glibc-2.15.90/nscd/nscd_stat.c
@@ -36,8 +36,13 @@
#endif /* HAVE_SELINUX */
-/* We use this to make sure the receiver is the same. */
+/* We use this to make sure the receiver is the same. Capture mtime
+ of this file if possible. */
+#if defined(__TIMESTAMP__)
+static const char compilation[21] = __TIMESTAMP__;
+#else
static const char compilation[21] = __DATE__ " " __TIME__;
+#endif
/* Statistic data for one database. */
struct dbstat
Index: glibc-2.15.90/csu/Makefile
===================================================================
--- glibc-2.15.90.orig/csu/Makefile
+++ glibc-2.15.90/csu/Makefile
@@ -171,8 +171,8 @@ $(objpfx)version-info.h: $(common-objpfx
if [ -z "$$os" ]; then \
os=Linux; \
fi; \
- printf '"Compiled on a %s %s system on %s.\\n"\n' \
- "$$os" "$$version" "`date +%Y-%m-%d`";; \
+ printf '"Compiled on a %s %s system.\\n"\n' \
+ "$$os" "$$version";; \
*) ;; \
esac; \
files="$(all-Banner-files)"; \
++++++ glibc-nscd-hconf.diff ++++++
See:
http://sourceware.org/bugzilla/show_bug.cgi?id=11928
Index: glibc-2.15.90/nscd/aicache.c
===================================================================
--- glibc-2.15.90.orig/nscd/aicache.c
+++ glibc-2.15.90/nscd/aicache.c
@@ -25,6 +25,7 @@
#include
#include
#include
+#include
#include "dbg_log.h"
#include "nscd.h"
@@ -102,6 +103,8 @@ addhstaiX (struct database_dyn *db, int
if (__res_maybe_init (&_res, 0) == -1)
no_more = 1;
+ if (!_res_hconf.initialized)
+ _res_hconf_init ();
/* If we are looking for both IPv4 and IPv6 address we don't want
the lookup functions to automatically promote IPv4 addresses to
Index: glibc-2.15.90/resolv/res_hconf.c
===================================================================
--- glibc-2.15.90.orig/resolv/res_hconf.c
+++ glibc-2.15.90/resolv/res_hconf.c
@@ -82,7 +82,9 @@ static const struct cmd
};
/* Structure containing the state. */
+#ifndef NOT_IN_libc
struct hconf _res_hconf;
+#endif
/* Skip white space. */
static const char *
++++++ glibc-nscd.conf.patch ++++++
Index: glibc-2.15/nscd/nscd.conf
===================================================================
--- glibc-2.15.orig/nscd/nscd.conf
+++ glibc-2.15/nscd/nscd.conf
@@ -61,11 +61,11 @@
auto-propagate group yes
enable-cache hosts yes
- positive-time-to-live hosts 3600
- negative-time-to-live hosts 20
+ positive-time-to-live hosts 600
+ negative-time-to-live hosts 0
suggested-size hosts 211
check-files hosts yes
- persistent hosts yes
+ persistent hosts no
shared hosts yes
max-db-size hosts 33554432
++++++ glibc-resolv-mdnshint.diff ++++++
Index: glibc-2.15.90/resolv/res_hconf.c
===================================================================
--- glibc-2.15.90.orig/resolv/res_hconf.c
+++ glibc-2.15.90/resolv/res_hconf.c
@@ -241,9 +241,12 @@ parse_line (const char *fname, int line_
if (c == NULL)
{
char *buf;
+ char *hint = "";
- if (__asprintf (&buf, _("%s: line %d: bad command `%s'\n"),
- fname, line_num, start) < 0)
+ if (__strncasecmp (start, "mdns", len) == 0 && len == 4)
+ hint = "Multicast DNS is now configured in /etc/nsswitch.conf instead.\nSee also the package and manpage of nss-mdns.\n";
+ if (__asprintf (&buf, _("%s: line %d: bad command `%s'\n%s"),
+ fname, line_num, start, hint) < 0)
return;
__fxprintf (NULL, "%s", buf);
++++++ glibc-resolv-reload.diff ++++++
From libc-alpha-return-22754-pasky=ucw.cz@sourceware.org Tue Mar 16 00:47:00 2010
Return-Path:
X-Original-To: pasky@pasky.or.cz
Delivered-To: pasky@pasky.or.cz
Received: from nikam.ms.mff.cuni.cz (nikam-dmz.ms.mff.cuni.cz [195.113.20.16])
by machine.or.cz (Postfix) with ESMTPS id C1B8586202A
for ; Tue, 16 Mar 2010 00:47:00 +0100 (CET)
Received: by nikam.ms.mff.cuni.cz (Postfix)
id 9CDEC9AC7A4; Tue, 16 Mar 2010 00:47:00 +0100 (CET)
Delivered-To: pasky@kam.mff.cuni.cz
Received: from jabberwock.ucw.cz (jabberwock.ucw.cz [89.250.246.4])
by nikam.ms.mff.cuni.cz (Postfix) with ESMTP id 99F0E9AC77B
for ; Tue, 16 Mar 2010 00:47:00 +0100 (CET)
Received: from sourceware.org (server1.sourceware.org [209.132.180.131])
by jabberwock.ucw.cz (Postfix) with SMTP id 14E1ACF040
for ; Tue, 16 Mar 2010 00:46:59 +0100 (CET)
Received: (qmail 18956 invoked by alias); 15 Mar 2010 23:46:58 -0000
Delivered-To: moderator for libc-alpha@sourceware.org
Received: (qmail 15843 invoked by uid 22791); 15 Mar 2010 17:23:15 -0000
X-SWARE-Spam-Status: No, hits=-2.6 required=5.0
tests=BAYES_00
X-Spam-Check-By: sourceware.org
Message-ID: <4B9E6CFA.7020002@riot.org>
Date: Mon, 15 Mar 2010 18:23:06 +0100
From: Sebastian Kienzl
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: libc-alpha@sourceware.org
Subject: Reloading of /etc/resolv.conf
Content-Type: multipart/mixed;
boundary="------------060407080409020101000002"
Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id:
List-Unsubscribe: mailto:libc-alpha-unsubscribe-pasky=ucw.cz@sourceware.org
List-Subscribe: mailto:libc-alpha-subscribe@sourceware.org
List-Archive: http://sourceware.org/ml/libc-alpha/
List-Post: mailto:libc-alpha@sourceware.org
List-Help: mailto:libc-alpha-help@sourceware.org, http://sourceware.org/ml/#faqs
Sender: libc-alpha-owner@sourceware.org
Delivered-To: mailing list libc-alpha@sourceware.org
This is a multi-part message in MIME format.
--------------060407080409020101000002
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit
Hello!
There's a patch in the wild against the resolver which makes it reload
/etc/resolv.conf on change, see
http://sources.redhat.com/ml/libc-alpha/2004-09/msg00130.html
However, this patch actually doesn't work properly for multi-threaded
programs, as only one thread will notice the change and refresh its
resolver state. I've attached a proper patch. It's for 2.5 but it should
work with current versions, too.
Even though the patch may not be interesting for upstream, I decided to
let you know about this problem, since the mentioned patch seems to be
used by at least Debian and Ubuntu.
Regards,
Seb.
--------------060407080409020101000002
Content-Type: text/plain;
name="glibc-2.5-resolvconf.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="glibc-2.5-resolvconf.patch"
Index: glibc-2.15/resolv/res_libc.c
===================================================================
--- glibc-2.15.orig/resolv/res_libc.c
+++ glibc-2.15/resolv/res_libc.c
@@ -22,7 +22,7 @@
#include
#include
#include
-
+#include
/* The following bit is copied from res_data.c (where it is #ifdef'ed
out) since res_init() should go into libc.so but the rest of that
@@ -89,12 +89,34 @@ res_init(void) {
return (__res_vinit(&_res, 1));
}
+static time_t resconf_mtime;
+__libc_lock_define_initialized (static, resconf_mtime_lock);
+
+/* Check if the modification time of resolv.conf has changed.
+ If so, have all threads re-initialize their resolver states */
+static void
+__res_check_resconf (void)
+{
+ struct stat statbuf;
+ if (stat (_PATH_RESCONF, &statbuf) == 0) {
+ __libc_lock_lock (resconf_mtime_lock);
+ if (statbuf.st_mtime != resconf_mtime) {
+ resconf_mtime = statbuf.st_mtime;
+ atomicinclock (lock);
+ atomicinc (__res_initstamp);
+ atomicincunlock (lock);
+ }
+ __libc_lock_unlock (resconf_mtime_lock);
+ }
+}
+
/* Initialize resp if RES_INIT is not yet set or if res_init in some other
thread requested re-initializing. */
int
__res_maybe_init (res_state resp, int preinit)
{
if (resp->options & RES_INIT) {
+ __res_check_resconf ();
if (__res_initstamp != resp->_u._ext.initstamp) {
if (resp->nscount > 0)
__res_iclose (resp, true);
++++++ glibc-testsuite.patch ++++++
test-lfs runs for ever on ReiserFS. Let's disable it completely.
Index: glibc-2.15.90/io/Makefile
===================================================================
--- glibc-2.15.90.orig/io/Makefile
+++ glibc-2.15.90/io/Makefile
@@ -63,7 +63,7 @@ static-only-routines = stat fstat lstat
others := pwd
test-srcs := ftwtest
-tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \
+tests := test-utime test-stat test-stat2 tst-getcwd \
tst-fcntl bug-ftw1 bug-ftw2 bug-ftw3 bug-ftw4 tst-statvfs \
tst-openat tst-unlinkat tst-fstatat tst-futimesat \
tst-renameat tst-fchownat tst-fchmodat tst-faccessat \
++++++ glibc-version.diff ++++++
Index: glibc-2.16.90/csu/version.c
===================================================================
--- glibc-2.16.90.orig/csu/version.c
+++ glibc-2.16.90/csu/version.c
@@ -24,11 +24,12 @@ static const char __libc_release[] = REL
static const char __libc_version[] = VERSION;
static const char banner[] =
-"GNU C Library "PKGVERSION RELEASE" release version "VERSION", by Roland McGrath et al.\n\
+"GNU C Library "PKGVERSION RELEASE" release version "VERSION" (git "GITID"), by Roland McGrath et al.\n\
Copyright (C) 2012 Free Software Foundation, Inc.\n\
This is free software; see the source for copying conditions.\n\
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\n\
PARTICULAR PURPOSE.\n\
+Configured for "CONFHOST".\n\
Compiled by GNU CC version "__VERSION__".\n"
#include "version-info.h"
#ifdef LIBC_ABIS_STRING
++++++ glibc.rpmlintrc ++++++
addFilter(".*glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p.a")
addFilter(".*glibc.* incorrect-fsf-address")
# False positive - glibc implements gethostbyname
addFilter(".*binary-or-shlib-calls-gethostbyname")
# We do need to keep the symtab (see comments in glibc.spec), so this is intented:
addFilter(".*unstripped-binary-or-object.*")
# The duplication is intented:
addFilter(".*files-duplicate /usr/lib64/libbsd-compat.a /usr/lib.*/libg.a")
# ld.so is special:
addFilter(".*shared-lib-without-dependency-information /lib.*/ld-2.*.so")
# Handled via glibc_post_upgrade:
addFilter(".*permissions-missing-postin missing %set_permissions /usr/.*pt_chown in %post")
# Do not require permissions, this will lead to a cycle (bnc#700925):
addFilter("glibc\..*: permissions-missing-requires")
# We will not rename glibc to follow the shlib policy
addFilter("shlib-policy-missing-suffix")
# The dynamic linker and libnsl call exit - this is fine
addFilter(".*shared-lib-calls-exit.*")
# The man-pages package contains a number of man pages for programs that come
# with glibc, therefore do not warn about them
addFilter(".*glibc.*no-manual-page-for-binary getent")
addFilter(".*glibc.*no-manual-page-for-binary iconv")
addFilter(".*glibc.*no-manual-page-for-binary ldd")
addFilter(".*glibc.*no-manual-page-for-binary ldconfig")
addFilter(".*nscd.*no-manual-page-for-binary nscd")
++++++ glibc_post_upgrade.c ++++++
/* skeleton based on version from Fedora Core 3 */
#define _GNU_SOURCE
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#include
#define verbose_exec(failcode, fail_ok, path...) \
do \
{ \
char *const arr[] = { path, NULL }; \
vexec (failcode, fail_ok, arr); \
} while (0)
__attribute__((noinline)) void vexec (int failcode, int fail_ok, char *const path[]);
__attribute__((noinline)) void says (const char *str);
__attribute__((noinline)) void sayn (long num);
__attribute__((noinline)) void message (char *const path[]);
__attribute__((noinline)) int check_elf (const char *name);
int
main (void)
{
char initpath[256];
struct stat root, init_root;
/* First, get rid of platform-optimized libraries. We remove any we have
ever built, since otherwise we might end up using some old leftover
libraries when new ones aren't installed in their place anymore. */
#ifdef REMOVE_TLS_DIRS
const char *library[] = {"libc.so.6", "libc.so.6.1", "libm.so.6",
"libm.so.6.1", "librt.so.1", "librtkaio.so.1",
"libpthread.so.0", "libthread_db.so.1"};
const char *remove_dir[] = {
#ifdef __i386__
"/lib/i686/",
#endif
#ifdef __powerpc64__
#ifdef REMOVE_PPC_OPTIMIZE_POWER4
"/lib64/power4/",
"/lib64/ppc970/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER5
"/lib64/power5/",
"/lib64/power5+/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER6
"/lib64/power6/",
"/lib64/power6x/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER7
"/lib64/power7/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_CELL
"/lib64/ppc-cell-be/",
#endif
#endif /* __powerpc64__ */
#ifdef __powerpc__
#ifdef REMOVE_PPC_OPTIMIZE_POWER4
"/lib/power4/",
"/lib/ppc970/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER5
"/lib/power5/",
"/lib/power5+/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER6
"/lib/power6/",
"/lib/power6x/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_POWER7
"/lib/power7/",
#endif
#ifdef REMOVE_PPC_OPTIMIZE_CELL
"/lib/ppc-cell-be/",
#endif
#endif /* __powerpc__ */
LIBDIR"/tls/" };
int i, j;
for (i = 0; i < sizeof (remove_dir) / sizeof (remove_dir[0]); ++i)
for (j = 0; j < sizeof (library) / sizeof (library[0]); j++)
{
char buf[strlen (remove_dir[i]) + strlen (library[j]) + 1];
char readlink_buf[(strlen (remove_dir[i]) + strlen (library[j])) * 2 + 30];
ssize_t len;
char *cp;
cp = stpcpy (buf, remove_dir[i]);
strcpy (cp, library[j]);
/* This file could be a symlink to library-%{version}.so, so check
this and don't remove only the link, but also the library itself. */
cp = stpcpy (readlink_buf, remove_dir[i]);
if ((len = readlink (buf, cp, (sizeof (readlink_buf)
- (cp - readlink_buf) - 1))) > 0)
{
cp[len] = '\0';
if (cp[0] != '/') cp = readlink_buf;
unlink (cp);
}
unlink (buf);
}
#endif
/* If installing bi-arch glibc, rpm sometimes doesn't unpack all files
before running one of the lib's %post scriptlet. /sbin/ldconfig will
then be run by the other arch's %post. */
if (access ("/sbin/ldconfig", X_OK) == 0)
verbose_exec (110, 0, "/sbin/ldconfig", "/sbin/ldconfig", "-X");
if (utimes (GCONV_MODULES_DIR "/gconv-modules.cache", NULL) == 0)
{
#ifndef ICONVCONFIG
#define ICONVCONFIG "/usr/sbin/iconvconfig"
#endif
verbose_exec (113, 0, ICONVCONFIG, "/usr/sbin/iconvconfig",
"-o", GCONV_MODULES_DIR"/gconv-modules.cache",
"--nostdlib", GCONV_MODULES_DIR);
}
/* Check if telinit is available and the init fifo as well. */
if (access ("/sbin/telinit", X_OK) || access ("/dev/initctl", F_OK))
_exit (0);
/* Check if we are not inside of some chroot, because we'd just
timeout and leave /etc/initrunlvl. */
if (readlink ("/proc/1/exe", initpath, 256) <= 0 ||
readlink ("/proc/1/root", initpath, 256) <= 0 ||
stat ("/proc/1/root", &init_root) < 0 ||
stat ("/.buildenv", &init_root) < 0 || /* XEN build */
stat ("/", &root) < 0 ||
init_root.st_dev != root.st_dev || init_root.st_ino != root.st_ino)
_exit (0);
if (check_elf ("/proc/1/exe"))
verbose_exec (116, 0, "/sbin/telinit", "/sbin/telinit", "u");
#if 0
/* Check if we can safely condrestart sshd. */
if (access ("/sbin/service", X_OK) == 0
&& access ("/usr/sbin/sshd", X_OK) == 0
&& access ("/bin/bash", X_OK) == 0)
{
if (check_elf ("/usr/sbin/sshd"))
verbose_exec (121, 0, "/sbin/service", "/sbin/service", "sshd", "condrestart");
}
#endif
_exit(0);
}
void
vexec (int failcode, int fail_ok, char *const path[])
{
pid_t pid;
int status, save_errno;
pid = vfork ();
if (pid == 0)
{
execv (path[0], path + 1);
save_errno = errno;
message (path);
says (" exec failed with errno ");
sayn (save_errno);
says ("\n");
_exit (failcode);
}
else if (pid < 0)
{
save_errno = errno;
message (path);
says (" fork failed with errno ");
sayn (save_errno);
says ("\n");
_exit (failcode + 1);
}
if (waitpid (0, &status, 0) != pid || !WIFEXITED (status))
{
message (path);
says (" child terminated abnormally\n");
_exit (failcode + 2);
}
if (WEXITSTATUS (status))
{
message (path);
says (" child exited with exit code ");
sayn (WEXITSTATUS (status));
if (fail_ok)
{
says (" (ignored) \n");
}
else
{
says ("\n");
_exit (WEXITSTATUS (status));
}
}
}
void
says (const char *str)
{
write (1, str, strlen (str));
}
void
sayn (long num)
{
char string[sizeof (long) * 3 + 1];
char *p = string + sizeof (string) - 1;
*p = '\0';
if (num == 0)
*--p = '0';
else
while (num)
{
*--p = '0' + num % 10;
num = num / 10;
}
says (p);
}
void
message (char *const path[])
{
says ("/usr/sbin/glibc_post_upgrade: While trying to execute ");
says (path[0]);
}
int
check_elf (const char *name)
{
/* Play safe, if we can't open or read, assume it might be
ELF for the current arch. */
int ret = 1;
int fd = open (name, O_RDONLY);
if (fd >= 0)
{
Elf32_Ehdr ehdr;
if (read (fd, &ehdr, offsetof (Elf32_Ehdr, e_version))
== offsetof (Elf32_Ehdr, e_version))
{
ret = 0;
if (ehdr.e_ident[EI_CLASS]
== (sizeof (long) == 8 ? ELFCLASS64 : ELFCLASS32))
{
#if defined __i386__
ret = ehdr.e_machine == EM_386;
#elif defined __x86_64__
ret = ehdr.e_machine == EM_X86_64;
#elif defined __ia64__
ret = ehdr.e_machine == EM_IA_64;
#elif defined __powerpc64__
ret = ehdr.e_machine == EM_PPC64;
#elif defined __powerpc__
ret = ehdr.e_machine == EM_PPC;
#elif defined __s390__ || defined __s390x__
ret = ehdr.e_machine == EM_S390;
#elif defined __x86_64__
ret = ehdr.e_machine == EM_X86_64;
#elif defined __sparc__
if (sizeof (long) == 8)
ret = ehdr.e_machine == EM_SPARCV9;
else
ret = (ehdr.e_machine == EM_SPARC
|| ehdr.e_machine == EM_SPARC32PLUS);
#else
ret = 1;
#endif
}
}
close (fd);
}
return ret;
}
#ifdef SMALL_BINARY
int __libc_multiple_threads __attribute__((nocommon));
int __libc_enable_asynccancel (void) { return 0; }
void __libc_disable_asynccancel (int x) { }
void __libc_csu_init (void) { }
void __libc_csu_fini (void) { }
pid_t __fork (void) { return -1; }
char thr_buf[65536];
#ifndef __powerpc__
int
__libc_start_main (int (*main) (void), int argc, char **argv,
void (*init) (void), void (*fini) (void),
void (*rtld_fini) (void), void * stack_end)
#else
struct startup_info
{
void *sda_base;
int (*main) (int, char **, char **, void *);
int (*init) (int, char **, char **, void *);
void (*fini) (void);
};
int
__libc_start_main (int argc, char **ubp_av, char **ubp_ev,
void *auxvec, void (*rtld_fini) (void),
struct startup_info *stinfo,
char **stack_on_entry)
#endif
{
#if defined __ia64__ || defined __powerpc64__
register void *r13 __asm ("r13") = thr_buf + 32768;
__asm ("" : : "r" (r13));
#elif defined __sparc__
register void *g6 __asm ("g6") = thr_buf + 32768;
# ifdef __arch64__
__thread_self = thr_buf + 32768;
# else
register void *__thread_self __asm ("g7") = thr_buf + 32768;
# endif
__asm ("" : : "r" (g6), "r" (__thread_self));
#elif defined __s390__ && !defined __s390x__
__asm ("sar %%a0,%0" : : "d" (thr_buf + 32768));
#elif defined __s390x__
__asm ("sar %%a1,%0; srlg 0,%0,32; sar %%a0,0" : : "d" (thr_buf + 32768) : "0");
#elif defined __powerpc__ && !defined __powerpc64__
register void *r2 __asm ("r2") = thr_buf + 32768;
__asm ("" : : "r" (r2));
#endif
main();
return 0;
}
#endif
++++++ malloc-overflow.patch ++++++
libc:b73ed247781d533628b681f57257dc85882645d3
libc:55e17aadc1ef17a1df9626fb0e9fba290ece3331
libc:1159a193696ad48ec86e5895f6dee3e539619c0e
2013-09-11 Will Newton
[BZ #15857]
* malloc/malloc.c (__libc_memalign): Check the value of bytes
does not overflow.
[BZ #15856]
* malloc/malloc.c (__libc_valloc): Check the value of bytes
does not overflow.
[BZ #15855]
* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
does not overflow.
Index: glibc-2.17/malloc/malloc.c
===================================================================
--- glibc-2.17.orig/malloc/malloc.c
+++ glibc-2.17/malloc/malloc.c
@@ -3020,6 +3020,13 @@ __libc_memalign(size_t alignment, size_t
/* Otherwise, ensure that it is at least a minimum chunk size */
if (alignment < MINSIZE) alignment = MINSIZE;
+ /* Check for overflow. */
+ if (bytes > SIZE_MAX - alignment - MINSIZE)
+ {
+ __set_errno (ENOMEM);
+ return 0;
+ }
+
arena_get(ar_ptr, bytes + alignment + MINSIZE);
if(!ar_ptr)
return 0;
@@ -3051,6 +3058,13 @@ __libc_valloc(size_t bytes)
size_t pagesz = GLRO(dl_pagesize);
+ /* Check for overflow. */
+ if (bytes > SIZE_MAX - pagesz - MINSIZE)
+ {
+ __set_errno (ENOMEM);
+ return 0;
+ }
+
__malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t,
const __malloc_ptr_t)) =
force_reg (__memalign_hook);
@@ -3088,6 +3102,13 @@ __libc_pvalloc(size_t bytes)
size_t page_mask = GLRO(dl_pagesize) - 1;
size_t rounded_bytes = (bytes + page_mask) & ~(page_mask);
+ /* Check for overflow. */
+ if (bytes > SIZE_MAX - 2*pagesz - MINSIZE)
+ {
+ __set_errno (ENOMEM);
+ return 0;
+ }
+
__malloc_ptr_t (*hook) __MALLOC_PMT ((size_t, size_t,
const __malloc_ptr_t)) =
force_reg (__memalign_hook);
++++++ manpages.patch ++++++
Index: manpages/locale.1
===================================================================
--- manpages/locale.1.orig
+++ manpages/locale.1
@@ -247,17 +247,6 @@ This environment variable can switch aga
\& The directory where locale data is stored. By default, /usr/lib/locale is used.
.Ve
-.SH "FILES"
-.IX Header "FILES"
-.PP
-.PD 0
-.TP 8
-\fI/usr/share/i18n/SUPPORTED\fP
-List of supported values (and their associated encoding) for the locale name.
-This representation is recommended over
-\fB\-\-all\-locales\fR one, due being the system wide supported values.
-.PP
-
.SH "AUTHOR"
.IX Header "AUTHOR"
\&\fIlocale\fR was written by Ulrich Drepper for the \s-1GNU\s0 C Library.
Index: manpages/locale.alias.5
===================================================================
--- manpages/locale.alias.5.orig
+++ manpages/locale.alias.5
@@ -18,7 +18,7 @@
.SH "NAME"
locale.alias \- Locale name alias data base
.SH "DESCRIPTION"
-The locale.alias database file (/etc/locale.alias) is used by the
+The locale.alias database file (/usr/share/locale/locale.alias) is used by the
.B locale
command and the
.B X Window System
@@ -40,6 +40,6 @@ name, or simpler versions of the POSIX l
Lines beginning with Hash ("#") are treated as comments and ignored.
.SH "SEE ALSO"
-locale(1), localedef(1), locale-gen(8), locale.gen(5)
+locale(1), localedef(1)
.SH "AUTHOR"
Alastair McKinstry
++++++ nscd-netgroup.patch ++++++
2013-06-11 Andreas Schwab
[BZ #15577]
* nscd/connections.c (nscd_run_worker): Always zero-terminate key.
* nscd/netgroupcache.c (addgetnetgrentX): Properly handle absent
values in the triple.
* nscd/nscd_netgroup.c (__nscd_setnetgrent): Include zero
terminator in the group key.
Index: glibc-2.17/nscd/connections.c
===================================================================
--- glibc-2.17.orig/nscd/connections.c
+++ glibc-2.17/nscd/connections.c
@@ -1762,7 +1762,7 @@ nscd_run_worker (void *p)
else
{
/* Get the key. */
- char keybuf[MAXKEYLEN];
+ char keybuf[MAXKEYLEN + 1];
if (__builtin_expect (TEMP_FAILURE_RETRY (read (fd, keybuf,
req.key_len))
@@ -1774,6 +1774,7 @@ nscd_run_worker (void *p)
strerror_r (errno, buf, sizeof (buf)));
goto close_and_out;
}
+ keybuf[req.key_len] = '\0';
if (__builtin_expect (debug_level, 0) > 0)
{
Index: glibc-2.17/nscd/netgroupcache.c
===================================================================
--- glibc-2.17.orig/nscd/netgroupcache.c
+++ glibc-2.17/nscd/netgroupcache.c
@@ -192,18 +192,26 @@ addgetnetgrentX (struct database_dyn *db
const char *nuser = data.val.triple.user;
const char *ndomain = data.val.triple.domain;
- if (data.val.triple.host > data.val.triple.user
- || data.val.triple.user > data.val.triple.domain)
+ if (nhost == NULL || nuser == NULL || ndomain == NULL
+ || nhost > nuser || nuser > ndomain)
{
- const char *last = MAX (nhost,
- MAX (nuser, ndomain));
- size_t bufused = (last + strlen (last) + 1
- - buffer);
+ const char *last = nhost;
+ if (last == NULL
+ || (nuser != NULL && nuser > last))
+ last = nuser;
+ if (last == NULL
+ || (ndomain != NULL && ndomain > last))
+ last = ndomain;
+
+ size_t bufused
+ = (last == NULL
+ ? buffilled
+ : last + strlen (last) + 1 - buffer);
/* We have to make temporary copies. */
- size_t hostlen = strlen (nhost) + 1;
- size_t userlen = strlen (nuser) + 1;
- size_t domainlen = strlen (ndomain) + 1;
+ size_t hostlen = strlen (nhost ?: "") + 1;
+ size_t userlen = strlen (nuser ?: "") + 1;
+ size_t domainlen = strlen (ndomain ?: "") + 1;
size_t needed = hostlen + userlen + domainlen;
if (buflen - req->key_len - bufused < needed)
@@ -226,11 +234,11 @@ addgetnetgrentX (struct database_dyn *db
}
nhost = memcpy (buffer + bufused,
- nhost, hostlen);
+ nhost ?: "", hostlen);
nuser = memcpy ((char *) nhost + hostlen,
- nuser, userlen);
+ nuser ?: "", userlen);
ndomain = memcpy ((char *) nuser + userlen,
- ndomain, domainlen);
+ ndomain ?: "", domainlen);
}
char *wp = buffer + buffilled;
Index: glibc-2.17/nscd/nscd_netgroup.c
===================================================================
--- glibc-2.17.orig/nscd/nscd_netgroup.c
+++ glibc-2.17/nscd/nscd_netgroup.c
@@ -48,7 +48,7 @@ __nscd_setnetgrent (const char *group, s
{
int gc_cycle;
int nretries = 0;
- size_t group_len = strlen (group);
+ size_t group_len = strlen (group) + 1;
/* If the mapping is available, try to search there instead of
communicating with the nscd. */
++++++ nscd-short-write.patch ++++++
From 5a7b70c87c5ba03a122db0372e87ecb550ee4b38 Mon Sep 17 00:00:00 2001
From: Andreas Schwab
Date: Tue, 4 Dec 2012 16:14:13 +0100
Subject: [PATCH] Properly check for short writes when sending the response in
nscd
* nscd/grpcache.c (cache_addgr): Properly check for short write.
* nscd/initgrcache.c (addinitgroupsX): Likewise.
* nscd/pwdcache.c (cache_addpw): Likewise.
* nscd/servicescache.c (cache_addserv): Likewise. Don't write
more than recsize.
---
nscd/grpcache.c | 6 +++++-
nscd/initgrcache.c | 7 ++++++-
nscd/pwdcache.c | 8 ++++++--
nscd/servicescache.c | 12 ++++++++----
4 files changed, 25 insertions(+), 8 deletions(-)
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index f0dad4d..696162f 100644
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -75,6 +75,7 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
const void *key, struct group *grp, uid_t owner,
struct hashentry *const he, struct datahead *dh, int errval)
{
+ bool all_written = true;
ssize_t total;
ssize_t written;
time_t t = time (NULL);
@@ -342,6 +343,9 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
# endif
#endif
written = writeall (fd, &dataset->resp, dataset->head.recsize);
+
+ if (written != dataset->head.recsize)
+ all_written = false;
}
/* Add the record to the database. But only if it has not been
@@ -401,7 +405,7 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
}
}
- if (__builtin_expect (written != total, 0) && debug_level > 0)
+ if (__builtin_expect (!all_written, 0) && debug_level > 0)
{
char buf[256];
dbg_log (_("short write in %s: %s"), __FUNCTION__,
diff --git a/nscd/initgrcache.c b/nscd/initgrcache.c
index 255b121..13ee86e 100644
--- a/nscd/initgrcache.c
+++ b/nscd/initgrcache.c
@@ -171,10 +171,12 @@ addinitgroupsX (struct database_dyn *db, int fd, request_header *req,
nip = nip->next;
}
+ bool all_written;
ssize_t total;
ssize_t written;
time_t timeout;
out:
+ all_written = true;
timeout = MAX_TIMEOUT_VALUE;
if (!any_success)
{
@@ -379,6 +381,9 @@ addinitgroupsX (struct database_dyn *db, int fd, request_header *req,
# endif
#endif
written = writeall (fd, &dataset->resp, dataset->head.recsize);
+
+ if (written != dataset->head.recsize)
+ all_written = false;
}
@@ -405,7 +410,7 @@ addinitgroupsX (struct database_dyn *db, int fd, request_header *req,
free (groups);
- if (__builtin_expect (written != total, 0) && debug_level > 0)
+ if (__builtin_expect (!all_written, 0) && debug_level > 0)
{
char buf[256];
dbg_log (_("short write in %s: %s"), __FUNCTION__,
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index a8ea407..d6b91ef 100644
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -81,6 +81,7 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
const void *key, struct passwd *pwd, uid_t owner,
struct hashentry *const he, struct datahead *dh, int errval)
{
+ bool all_written = true;
ssize_t total;
ssize_t written;
time_t t = time (NULL);
@@ -306,7 +307,7 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
+ db->head->data_size));
written = sendfileall (fd, db->wr_fd,
(char *) &dataset->resp
- - (char *) db->head, dataset->head.recsize );
+ - (char *) db->head, dataset->head.recsize);
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -318,6 +319,9 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
# endif
#endif
written = writeall (fd, &dataset->resp, dataset->head.recsize);
+
+ if (written != dataset->head.recsize)
+ all_written = false;
}
@@ -377,7 +381,7 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
}
}
- if (__builtin_expect (written != total, 0) && debug_level > 0)
+ if (__builtin_expect (!all_written, 0) && debug_level > 0)
{
char buf[256];
dbg_log (_("short write in %s: %s"), __FUNCTION__,
diff --git a/nscd/servicescache.c b/nscd/servicescache.c
index 0e7520d..917daa4 100644
--- a/nscd/servicescache.c
+++ b/nscd/servicescache.c
@@ -65,6 +65,7 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
const void *key, struct servent *serv, uid_t owner,
struct hashentry *const he, struct datahead *dh, int errval)
{
+ bool all_written = true;
ssize_t total;
ssize_t written;
time_t t = time (NULL);
@@ -290,14 +291,14 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
{
assert (db->wr_fd != -1);
assert ((char *) &dataset->resp > (char *) db->data);
- assert ((char *) &dataset->resp - (char *) db->head
+ assert ((char *) dataset - (char *) db->head
+ total
<= (sizeof (struct database_pers_head)
+ db->head->module * sizeof (ref_t)
+ db->head->data_size));
written = sendfileall (fd, db->wr_fd,
(char *) &dataset->resp
- - (char *) db->head, total);
+ - (char *) db->head, dataset->head.recsize);
# ifndef __ASSUME_SENDFILE
if (written == -1 && errno == ENOSYS)
goto use_write;
@@ -308,7 +309,10 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
use_write:
# endif
#endif
- written = writeall (fd, &dataset->resp, total);
+ written = writeall (fd, &dataset->resp, dataset->head.recsize);
+
+ if (written != dataset->head.recsize)
+ all_written = false;
}
/* Add the record to the database. But only if it has not been
@@ -332,7 +336,7 @@ cache_addserv (struct database_dyn *db, int fd, request_header *req,
}
}
- if (__builtin_expect (written != total, 0) && debug_level > 0)
+ if (__builtin_expect (!all_written, 0) && debug_level > 0)
{
char buf[256];
dbg_log (_("short write in %s: %s"), __FUNCTION__,
--
1.8.0.1
++++++ nscd.conf ++++++
d /var/run/nscd 0755 root root
++++++ nscd.service ++++++
[Unit]
Description=Name Service Cache Daemon
After=syslog.target
[Service]
ExecStart=/usr/sbin/nscd --foreground
ExecStop=/usr/sbin/nscd --shutdown
ExecReload=/usr/sbin/nscd -i passwd
ExecReload=/usr/sbin/nscd -i group
ExecReload=/usr/sbin/nscd -i hosts
ExecReload=/usr/sbin/nscd -i services
ExecReload=/usr/sbin/nscd -i netgroup
Restart=always
[Install]
WantedBy=multi-user.target
++++++ nss-db-path.patch ++++++
Use /var/db for nss_db
Index: glibc-2.16.90/nss/db-Makefile
===================================================================
--- glibc-2.16.90.orig/nss/db-Makefile
+++ glibc-2.16.90/nss/db-Makefile
@@ -22,7 +22,7 @@ DATABASES = $(wildcard /etc/passwd /etc/
/etc/rpc /etc/services /etc/shadow /etc/gshadow \
/etc/netgroup)
-VAR_DB = /var/db
+VAR_DB = /var/lib/misc
AWK = awk
MAKEDB = makedb --quiet
Index: glibc-2.16.90/sysdeps/unix/sysv/linux/paths.h
===================================================================
--- glibc-2.16.90.orig/sysdeps/unix/sysv/linux/paths.h
+++ glibc-2.16.90/sysdeps/unix/sysv/linux/paths.h
@@ -68,7 +68,7 @@
/* Provide trailing slash, since mostly used for building pathnames. */
#define _PATH_DEV "/dev/"
#define _PATH_TMP "/tmp/"
-#define _PATH_VARDB "/var/db/"
+#define _PATH_VARDB "/var/lib/misc/"
#define _PATH_VARRUN "/var/run/"
#define _PATH_VARTMP "/var/tmp/"
Index: glibc-2.16.90/Makeconfig
===================================================================
--- glibc-2.16.90.orig/Makeconfig
+++ glibc-2.16.90/Makeconfig
@@ -250,7 +250,7 @@ inst_sysconfdir = $(install_root)$(sysco
# Directory for the database files and Makefile for nss_db.
ifndef vardbdir
-vardbdir = $(localstatedir)/db
+vardbdir = /var/lib/misc
endif
inst_vardbdir = $(install_root)$(vardbdir)
++++++ nsswitch.conf ++++++
#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Legal entries are:
#
# compat Use compatibility setup
# nisplus Use NIS+ (NIS version 3)
# nis Use NIS (NIS version 2), also called YP
# dns Use DNS (Domain Name Service)
# files Use the local files
# [NOTFOUND=return] Stop searching if not found so far
#
# For more information, please read the nsswitch.conf.5 manual page.
#
# passwd: files nis
# shadow: files nis
# group: files nis
passwd: compat
group: compat
hosts: files dns
networks: files dns
services: files
protocols: files
rpc: files
ethers: files
netmasks: files
netgroup: files nis
publickey: files
bootparams: files
automount: files nis
aliases: files
++++++ pldd-wait-ptrace-stop.patch ++++++
2013-07-31 Andreas Schwab
* elf/pldd.c (wait_for_ptrace_stop): New function.
(main): Call it after attaching.
Index: glibc-2.17/elf/pldd.c
===================================================================
--- glibc-2.17.orig/elf/pldd.c
+++ glibc-2.17/elf/pldd.c
@@ -34,6 +34,7 @@
#include
#include
#include
+#include
#include
#include
@@ -85,6 +86,7 @@ static char *exe;
/* Local functions. */
static int get_process_info (int dfd, long int pid);
+static void wait_for_ptrace_stop (long int pid);
int
@@ -173,6 +175,8 @@ main (int argc, char *argv[])
tid);
}
+ wait_for_ptrace_stop (tid);
+
struct thread_list *newp = alloca (sizeof (*newp));
newp->tid = tid;
newp->next = thread_list;
@@ -197,6 +201,24 @@ main (int argc, char *argv[])
}
+/* Wait for PID to enter ptrace-stop state after being attached. */
+static void
+wait_for_ptrace_stop (long int pid)
+{
+ int status;
+
+ /* While waiting for SIGSTOP being delivered to the tracee we have to
+ reinject any other pending signal. Ignore all other errors. */
+ while (waitpid (pid, &status, __WALL) == pid && WIFSTOPPED (status))
+ {
+ /* The STOP signal should not be delivered to the tracee. */
+ if (WSTOPSIG (status) == SIGSTOP)
+ return;
+ ptrace (PTRACE_CONT, pid, NULL, (void *) (uintptr_t) WSTOPSIG (status));
+ }
+}
+
+
/* Handle program arguments. */
static error_t
parse_opt (int key, char *arg, struct argp_state *state)
++++++ pre_checkin.sh ++++++
#!/bin/bash
# This script is called automatically during autobuild checkin.
sed -e 's/^Name:.*glibc/&-testsuite/' glibc.spec > glibc-testsuite.spec
cp glibc.changes glibc-testsuite.changes
awk '/^Name:/{ $0 = $0 "-utils" }
/UTILS-SUMMARY-BEGIN/ {
ignore = 1
print "\
Summary: Development utilities from GNU C library\n\
License: LGPL-2.1+\n\
Group: Development/Languages/C and C++"
}
/UTILS-SUMMARY-END/ { ignore = 0 }
/^%description$/ {
ignore = 1
print "\
%description\n\
The glibc-utils package contains mtrace, a memory leak tracer and\n\
xtrace, a function call tracer which can be helpful during program\n\
debugging.\n\
\n\
If you are unsure if you need this, don'\''t install this package.\n"
}
/^%package/ { ignore = 0}
!ignore { print }' glibc.spec > glibc-utils.spec
cp glibc.changes glibc-utils.changes
osc service localrun format_spec_file
++++++ printf-overrun.patch ++++++
From 1aa92494e55792b568663b5aad81a58fad35490d Mon Sep 17 00:00:00 2001
From: Eric Biggers
Date: Thu, 18 Apr 2013 17:46:08 +0200
Subject: [PATCH] PR15362
[BZ #15362]
* libio/fileops.c: Revert problematic fixes for [BZ #11741]
* libio/iofwrite.c: Likewise.
* libio/iofwrite_u.c: Likewise.
* libio/iopadn.c: Likewise.
* libio/iowpadn.c: Likewise.
* stdio-common/vfprintf.c: Fix [BZ #11741] properly by checking whether
_IO_padn() returned the full count written.
---
libio/fileops.c | 21 +++++++++------------
libio/iofwrite.c | 10 +++++-----
libio/iofwrite_u.c | 10 +++++-----
libio/iopadn.c | 2 +-
libio/iowpadn.c | 2 +-
stdio-common/vfprintf.c | 12 ++++++------
6 files changed, 27 insertions(+), 30 deletions(-)
diff --git a/libio/fileops.c b/libio/fileops.c
index 61b61b3..90d5e88 100644
--- a/libio/fileops.c
+++ b/libio/fileops.c
@@ -1245,13 +1245,12 @@ _IO_new_file_write (f, data, n)
_IO_ssize_t n;
{
_IO_ssize_t to_do = n;
- _IO_ssize_t count = 0;
while (to_do > 0)
{
- count = (__builtin_expect (f->_flags2
- & _IO_FLAGS2_NOTCANCEL, 0)
- ? write_not_cancel (f->_fileno, data, to_do)
- : write (f->_fileno, data, to_do));
+ _IO_ssize_t count = (__builtin_expect (f->_flags2
+ & _IO_FLAGS2_NOTCANCEL, 0)
+ ? write_not_cancel (f->_fileno, data, to_do)
+ : write (f->_fileno, data, to_do));
if (count < 0)
{
f->_flags |= _IO_ERR_SEEN;
@@ -1263,7 +1262,7 @@ _IO_new_file_write (f, data, n)
n -= to_do;
if (f->_offset >= 0)
f->_offset += n;
- return count < 0 ? count : n;
+ return n;
}
_IO_size_t
@@ -1323,13 +1322,11 @@ _IO_new_file_xsputn (f, data, n)
_IO_size_t block_size, do_write;
/* Next flush the (full) buffer. */
if (_IO_OVERFLOW (f, EOF) == EOF)
- /* If nothing else has to be written or nothing has been written, we
- must not signal the caller that the call was even partially
- successful. */
- return (to_do == 0 || to_do == n) ? EOF : n - to_do;
+ /* If nothing else has to be written we must not signal the
+ caller that everything has been written. */
+ return to_do == 0 ? EOF : n - to_do;
- /* Try to maintain alignment: write a whole number of blocks.
- dont_write is what gets left over. */
+ /* Try to maintain alignment: write a whole number of blocks. */
block_size = f->_IO_buf_end - f->_IO_buf_base;
do_write = to_do - (block_size >= 128 ? to_do % block_size : 0);
diff --git a/libio/iofwrite.c b/libio/iofwrite.c
index 81596a6..66542ea 100644
--- a/libio/iofwrite.c
+++ b/libio/iofwrite.c
@@ -42,12 +42,12 @@ _IO_fwrite (buf, size, count, fp)
if (_IO_vtable_offset (fp) != 0 || _IO_fwide (fp, -1) == -1)
written = _IO_sputn (fp, (const char *) buf, request);
_IO_release_lock (fp);
- /* We are guaranteed to have written all of the input, none of it, or
- some of it. */
- if (written == request)
+ /* We have written all of the input in case the return value indicates
+ this or EOF is returned. The latter is a special case where we
+ simply did not manage to flush the buffer. But the data is in the
+ buffer and therefore written as far as fwrite is concerned. */
+ if (written == request || written == EOF)
return count;
- else if (written == EOF)
- return 0;
else
return written / size;
}
diff --git a/libio/iofwrite_u.c b/libio/iofwrite_u.c
index 4a9d6ca..18dc6d0 100644
--- a/libio/iofwrite_u.c
+++ b/libio/iofwrite_u.c
@@ -44,12 +44,12 @@ fwrite_unlocked (buf, size, count, fp)
if (_IO_fwide (fp, -1) == -1)
{
written = _IO_sputn (fp, (const char *) buf, request);
- /* We are guaranteed to have written all of the input, none of it, or
- some of it. */
- if (written == request)
+ /* We have written all of the input in case the return value indicates
+ this or EOF is returned. The latter is a special case where we
+ simply did not manage to flush the buffer. But the data is in the
+ buffer and therefore written as far as fwrite is concerned. */
+ if (written == request || written == EOF)
return count;
- else if (written == EOF)
- return 0;
}
return written / size;
diff --git a/libio/iopadn.c b/libio/iopadn.c
index cc93c0f..5ebbcf4 100644
--- a/libio/iopadn.c
+++ b/libio/iopadn.c
@@ -59,7 +59,7 @@ _IO_padn (fp, pad, count)
w = _IO_sputn (fp, padptr, PADSIZE);
written += w;
if (w != PADSIZE)
- return w == EOF ? w : written;
+ return written;
}
if (i > 0)
diff --git a/libio/iowpadn.c b/libio/iowpadn.c
index d94db71..5600f37 100644
--- a/libio/iowpadn.c
+++ b/libio/iowpadn.c
@@ -65,7 +65,7 @@ _IO_wpadn (fp, pad, count)
w = _IO_sputn (fp, (char *) padptr, PADSIZE);
written += w;
if (w != PADSIZE)
- return w == EOF ? w : written;
+ return written;
}
if (i > 0)
diff --git a/stdio-common/vfprintf.c b/stdio-common/vfprintf.c
index c8bcf5a..61d9dc2 100644
--- a/stdio-common/vfprintf.c
+++ b/stdio-common/vfprintf.c
@@ -90,13 +90,13 @@
do { \
if (width > 0) \
{ \
- unsigned int d = _IO_padn (s, (Padchar), width); \
- if (__builtin_expect (d == EOF, 0)) \
+ _IO_ssize_t written = _IO_padn (s, (Padchar), width); \
+ if (__builtin_expect (written != width, 0)) \
{ \
done = -1; \
goto all_done; \
} \
- done_add (d); \
+ done_add (written); \
} \
} while (0)
# define PUTC(C, F) _IO_putc_unlocked (C, F)
@@ -119,13 +119,13 @@
do { \
if (width > 0) \
{ \
- unsigned int d = _IO_wpadn (s, (Padchar), width); \
- if (__builtin_expect (d == EOF, 0)) \
+ _IO_ssize_t written = _IO_wpadn (s, (Padchar), width); \
+ if (__builtin_expect (written != width, 0)) \
{ \
done = -1; \
goto all_done; \
} \
- done_add (d); \
+ done_add (written); \
} \
} while (0)
# define PUTC(C, F) _IO_putwc_unlocked (C, F)
++++++ pthread-cond-timedwait-i486.patch ++++++
From b8a72d0c4ca74e52ea06fa4e56489499489ec158 Mon Sep 17 00:00:00 2001
From: Andreas Schwab
Date: Thu, 22 Nov 2012 12:57:37 +0100
Subject: [PATCH] Extend i486 pthread_cond_timedwait to use futex syscall with
absolute timeout
* sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S
(__pthread_cond_timedwait): If possible use FUTEX_WAIT_BITSET to
directly use absolute timeout.
---
.../sysv/linux/i386/i486/pthread_cond_timedwait.S | 381 +++++++++++++++++----
1 file changed, 315 insertions(+), 66 deletions(-)
diff --git a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S
index 6011f69..b9dbe6b 100644
--- a/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S
+++ b/nptl/sysdeps/unix/sysv/linux/i386/i486/pthread_cond_timedwait.S
@@ -66,6 +66,34 @@ __pthread_cond_timedwait:
movl $EINVAL, %eax
jae 18f
+ /* Stack frame:
+
+ esp + 32
+ +--------------------------+
+ esp + 24 | timeout value |
+ +--------------------------+
+ esp + 20 | futex pointer |
+ +--------------------------+
+ esp + 16 | pi-requeued flag |
+ +--------------------------+
+ esp + 12 | old broadcast_seq value |
+ +--------------------------+
+ esp + 4 | old wake_seq value |
+ +--------------------------+
+ esp + 0 | old cancellation mode |
+ +--------------------------+
+ */
+
+#ifndef __ASSUME_FUTEX_CLOCK_REALTIME
+# ifdef PIC
+ LOAD_PIC_REG (cx)
+ cmpl $0, __have_futex_clock_realtime@GOTOFF(%ecx)
+# else
+ cmpl $0, __have_futex_clock_realtime
+# endif
+ je .Lreltmo
+#endif
+
/* Get internal lock. */
movl $1, %edx
xorl %eax, %eax
@@ -96,7 +124,11 @@ __pthread_cond_timedwait:
addl $1, cond_futex(%ebx)
addl $(1 << nwaiters_shift), cond_nwaiters(%ebx)
-#define FRAME_SIZE 32
+#ifdef __ASSUME_FUTEX_CLOCK_REALTIME
+# define FRAME_SIZE 24
+#else
+# define FRAME_SIZE 32
+#endif
subl $FRAME_SIZE, %esp
cfi_adjust_cfa_offset(FRAME_SIZE)
cfi_remember_state
@@ -105,60 +137,19 @@ __pthread_cond_timedwait:
movl wakeup_seq(%ebx), %edi
movl wakeup_seq+4(%ebx), %edx
movl broadcast_seq(%ebx), %eax
- movl %edi, 12(%esp)
- movl %edx, 16(%esp)
- movl %eax, 20(%esp)
+ movl %edi, 4(%esp)
+ movl %edx, 8(%esp)
+ movl %eax, 12(%esp)
/* Reset the pi-requeued flag. */
-8: movl $0, 24(%esp)
- /* Get the current time. */
- movl %ebx, %edx
-#ifdef __NR_clock_gettime
- /* Get the clock number. */
- movl cond_nwaiters(%ebx), %ebx
- andl $((1 << nwaiters_shift) - 1), %ebx
- /* Only clocks 0 and 1 are allowed so far. Both are handled in the
- kernel. */
- leal 4(%esp), %ecx
- movl $__NR_clock_gettime, %eax
- ENTER_KERNEL
- movl %edx, %ebx
-
- /* Compute relative timeout. */
- movl (%ebp), %ecx
- movl 4(%ebp), %edx
- subl 4(%esp), %ecx
- subl 8(%esp), %edx
-#else
- /* Get the current time. */
- leal 4(%esp), %ebx
- xorl %ecx, %ecx
- movl $__NR_gettimeofday, %eax
- ENTER_KERNEL
- movl %edx, %ebx
+ movl $0, 16(%esp)
- /* Compute relative timeout. */
- movl 8(%esp), %eax
- movl $1000, %edx
- mul %edx /* Milli seconds to nano seconds. */
- movl (%ebp), %ecx
- movl 4(%ebp), %edx
- subl 4(%esp), %ecx
- subl %eax, %edx
-#endif
- jns 12f
- addl $1000000000, %edx
- subl $1, %ecx
-12: testl %ecx, %ecx
+ cmpl $0, (%ebp)
movl $-ETIMEDOUT, %esi
js 6f
- /* Store relative timeout. */
-21: movl %ecx, 4(%esp)
- movl %edx, 8(%esp)
-
- movl cond_futex(%ebx), %edi
- movl %edi, 28(%esp)
+8: movl cond_futex(%ebx), %edi
+ movl %edi, 20(%esp)
/* Unlock. */
LOCK
@@ -173,6 +164,7 @@ __pthread_cond_timedwait:
4: call __pthread_enable_asynccancel
movl %eax, (%esp)
+ leal (%ebp), %esi
#if FUTEX_PRIVATE_FLAG > 255
xorl %ecx, %ecx
#endif
@@ -196,9 +188,7 @@ __pthread_cond_timedwait:
jne 42f
orl $FUTEX_CLOCK_REALTIME, %ecx
- /* Requeue-PI uses absolute timeout */
-42: leal (%ebp), %esi
- movl 28(%esp), %edx
+42: movl 20(%esp), %edx
addl $cond_futex, %ebx
.Ladd_cond_futex_pi:
movl $SYS_futex, %eax
@@ -209,12 +199,12 @@ __pthread_cond_timedwait:
/* Set the pi-requeued flag only if the kernel has returned 0. The
kernel does not hold the mutex on ETIMEDOUT or any other error. */
cmpl $0, %eax
- sete 24(%esp)
+ sete 16(%esp)
je 41f
/* When a futex syscall with FUTEX_WAIT_REQUEUE_PI returns
successfully, it has already locked the mutex for us and the
- pi_flag (24(%esp)) is set to denote that fact. However, if another
+ pi_flag (16(%esp)) is set to denote that fact. However, if another
thread changed the futex value before we entered the wait, the
syscall may return an EAGAIN and the mutex is not locked. We go
ahead with a success anyway since later we look at the pi_flag to
@@ -234,22 +224,28 @@ __pthread_cond_timedwait:
xorl %ecx, %ecx
40: subl $1, %ecx
+ movl $0, 16(%esp)
#ifdef __ASSUME_PRIVATE_FUTEX
andl $FUTEX_PRIVATE_FLAG, %ecx
#else
andl %gs:PRIVATE_FUTEX, %ecx
#endif
-#if FUTEX_WAIT != 0
- addl $FUTEX_WAIT, %ecx
-#endif
- leal 4(%esp), %esi
- movl 28(%esp), %edx
+ addl $FUTEX_WAIT_BITSET, %ecx
+ /* The following only works like this because we only support
+ two clocks, represented using a single bit. */
+ testl $1, cond_nwaiters(%ebx)
+ jne 30f
+ orl $FUTEX_CLOCK_REALTIME, %ecx
+30:
+ movl 20(%esp), %edx
+ movl $0xffffffff, %ebp
addl $cond_futex, %ebx
.Ladd_cond_futex:
movl $SYS_futex, %eax
ENTER_KERNEL
subl $cond_futex, %ebx
.Lsub_cond_futex:
+ movl 28+FRAME_SIZE(%esp), %ebp
movl %eax, %esi
41: movl (%esp), %eax
@@ -268,7 +264,7 @@ __pthread_cond_timedwait:
jnz 5f
6: movl broadcast_seq(%ebx), %eax
- cmpl 20(%esp), %eax
+ cmpl 12(%esp), %eax
jne 23f
movl woken_seq(%ebx), %eax
@@ -277,9 +273,9 @@ __pthread_cond_timedwait:
movl wakeup_seq(%ebx), %edi
movl wakeup_seq+4(%ebx), %edx
- cmpl 16(%esp), %edx
+ cmpl 8(%esp), %edx
jne 7f
- cmpl 12(%esp), %edi
+ cmpl 4(%esp), %edi
je 15f
7: cmpl %ecx, %edx
@@ -292,7 +288,7 @@ __pthread_cond_timedwait:
/* We need to go back to futex_wait. If we're using requeue_pi, then
release the mutex we had acquired and go back. */
- movl 24(%esp), %edx
+ movl 16(%esp), %edx
test %edx, %edx
jz 8b
@@ -357,13 +353,13 @@ __pthread_cond_timedwait:
11: movl 24+FRAME_SIZE(%esp), %eax
/* With requeue_pi, the mutex lock is held in the kernel. */
- movl 24(%esp), %ecx
+ movl 16(%esp), %ecx
testl %ecx, %ecx
jnz 27f
call __pthread_mutex_cond_lock
26: addl $FRAME_SIZE, %esp
- cfi_adjust_cfa_offset(-FRAME_SIZE);
+ cfi_adjust_cfa_offset(-FRAME_SIZE)
/* We return the result of the mutex_lock operation if it failed. */
testl %eax, %eax
@@ -509,6 +505,245 @@ __pthread_cond_timedwait:
#endif
call __lll_unlock_wake
jmp 11b
+ cfi_adjust_cfa_offset(-FRAME_SIZE)
+
+#ifndef __ASSUME_FUTEX_CLOCK_REALTIME
+.Lreltmo:
+ /* Get internal lock. */
+ movl $1, %edx
+ xorl %eax, %eax
+ LOCK
+# if cond_lock == 0
+ cmpxchgl %edx, (%ebx)
+# else
+ cmpxchgl %edx, cond_lock(%ebx)
+# endif
+ jnz 101f
+
+ /* Store the reference to the mutex. If there is already a
+ different value in there this is a bad user bug. */
+102: cmpl $-1, dep_mutex(%ebx)
+ movl 24(%esp), %eax
+ je 117f
+ movl %eax, dep_mutex(%ebx)
+
+ /* Unlock the mutex. */
+117: xorl %edx, %edx
+ call __pthread_mutex_unlock_usercnt
+
+ testl %eax, %eax
+ jne 16b
+
+ addl $1, total_seq(%ebx)
+ adcl $0, total_seq+4(%ebx)
+ addl $1, cond_futex(%ebx)
+ addl $(1 << nwaiters_shift), cond_nwaiters(%ebx)
+
+ subl $FRAME_SIZE, %esp
+ cfi_adjust_cfa_offset(FRAME_SIZE)
+
+ /* Get and store current wakeup_seq value. */
+ movl wakeup_seq(%ebx), %edi
+ movl wakeup_seq+4(%ebx), %edx
+ movl broadcast_seq(%ebx), %eax
+ movl %edi, 4(%esp)
+ movl %edx, 8(%esp)
+ movl %eax, 12(%esp)
+
+ /* Reset the pi-requeued flag. */
+ movl $0, 16(%esp)
+
+ /* Get the current time. */
+108: movl %ebx, %edx
+# ifdef __NR_clock_gettime
+ /* Get the clock number. */
+ movl cond_nwaiters(%ebx), %ebx
+ andl $((1 << nwaiters_shift) - 1), %ebx
+ /* Only clocks 0 and 1 are allowed so far. Both are handled in the
+ kernel. */
+ leal 24(%esp), %ecx
+ movl $__NR_clock_gettime, %eax
+ ENTER_KERNEL
+ movl %edx, %ebx
+
+ /* Compute relative timeout. */
+ movl (%ebp), %ecx
+ movl 4(%ebp), %edx
+ subl 24(%esp), %ecx
+ subl 28(%esp), %edx
+# else
+ /* Get the current time. */
+ leal 24(%esp), %ebx
+ xorl %ecx, %ecx
+ movl $__NR_gettimeofday, %eax
+ ENTER_KERNEL
+ movl %edx, %ebx
+
+ /* Compute relative timeout. */
+ movl 28(%esp), %eax
+ movl $1000, %edx
+ mul %edx /* Milli seconds to nano seconds. */
+ movl (%ebp), %ecx
+ movl 4(%ebp), %edx
+ subl 24(%esp), %ecx
+ subl %eax, %edx
+# endif
+ jns 112f
+ addl $1000000000, %edx
+ subl $1, %ecx
+112: testl %ecx, %ecx
+ movl $-ETIMEDOUT, %esi
+ js 106f
+
+ /* Store relative timeout. */
+121: movl %ecx, 24(%esp)
+ movl %edx, 28(%esp)
+
+ movl cond_futex(%ebx), %edi
+ movl %edi, 20(%esp)
+
+ /* Unlock. */
+ LOCK
+# if cond_lock == 0
+ subl $1, (%ebx)
+# else
+ subl $1, cond_lock(%ebx)
+# endif
+ jne 103f
+
+.LcleanupSTART2:
+104: call __pthread_enable_asynccancel
+ movl %eax, (%esp)
+
+ leal 24(%esp), %esi
+# if FUTEX_PRIVATE_FLAG > 255
+ xorl %ecx, %ecx
+# endif
+ cmpl $-1, dep_mutex(%ebx)
+ sete %cl
+ subl $1, %ecx
+# ifdef __ASSUME_PRIVATE_FUTEX
+ andl $FUTEX_PRIVATE_FLAG, %ecx
+# else
+ andl %gs:PRIVATE_FUTEX, %ecx
+# endif
+# if FUTEX_WAIT != 0
+ addl $FUTEX_WAIT, %ecx
+# endif
+ movl 20(%esp), %edx
+ addl $cond_futex, %ebx
+.Ladd_cond_futex2:
+ movl $SYS_futex, %eax
+ ENTER_KERNEL
+ subl $cond_futex, %ebx
+.Lsub_cond_futex2:
+ movl %eax, %esi
+
+141: movl (%esp), %eax
+ call __pthread_disable_asynccancel
+.LcleanupEND2:
+
+
+ /* Lock. */
+ movl $1, %edx
+ xorl %eax, %eax
+ LOCK
+# if cond_lock == 0
+ cmpxchgl %edx, (%ebx)
+# else
+ cmpxchgl %edx, cond_lock(%ebx)
+# endif
+ jnz 105f
+
+106: movl broadcast_seq(%ebx), %eax
+ cmpl 12(%esp), %eax
+ jne 23b
+
+ movl woken_seq(%ebx), %eax
+ movl woken_seq+4(%ebx), %ecx
+
+ movl wakeup_seq(%ebx), %edi
+ movl wakeup_seq+4(%ebx), %edx
+
+ cmpl 8(%esp), %edx
+ jne 107f
+ cmpl 4(%esp), %edi
+ je 115f
+
+107: cmpl %ecx, %edx
+ jne 9b
+ cmp %eax, %edi
+ jne 9b
+
+115: cmpl $-ETIMEDOUT, %esi
+ je 28b
+
+ jmp 8b
+
+ cfi_adjust_cfa_offset(-FRAME_SIZE)
+ /* Initial locking failed. */
+101:
+# if cond_lock == 0
+ movl %ebx, %edx
+# else
+ leal cond_lock(%ebx), %edx
+# endif
+# if (LLL_SHARED-LLL_PRIVATE) > 255
+ xorl %ecx, %ecx
+# endif
+ cmpl $-1, dep_mutex(%ebx)
+ setne %cl
+ subl $1, %ecx
+ andl $(LLL_SHARED-LLL_PRIVATE), %ecx
+# if LLL_PRIVATE != 0
+ addl $LLL_PRIVATE, %ecx
+# endif
+ call __lll_lock_wait
+ jmp 102b
+
+ cfi_adjust_cfa_offset(FRAME_SIZE)
+
+ /* Unlock in loop requires wakeup. */
+103:
+# if cond_lock == 0
+ movl %ebx, %eax
+# else
+ leal cond_lock(%ebx), %eax
+# endif
+# if (LLL_SHARED-LLL_PRIVATE) > 255
+ xorl %ecx, %ecx
+# endif
+ cmpl $-1, dep_mutex(%ebx)
+ setne %cl
+ subl $1, %ecx
+ andl $(LLL_SHARED-LLL_PRIVATE), %ecx
+# if LLL_PRIVATE != 0
+ addl $LLL_PRIVATE, %ecx
+# endif
+ call __lll_unlock_wake
+ jmp 104b
+
+ /* Locking in loop failed. */
+105:
+# if cond_lock == 0
+ movl %ebx, %edx
+# else
+ leal cond_lock(%ebx), %edx
+# endif
+# if (LLL_SHARED-LLL_PRIVATE) > 255
+ xorl %ecx, %ecx
+# endif
+ cmpl $-1, dep_mutex(%ebx)
+ setne %cl
+ subl $1, %ecx
+ andl $(LLL_SHARED-LLL_PRIVATE), %ecx
+# if LLL_PRIVATE != 0
+ addl $LLL_PRIVATE, %ecx
+# endif
+ call __lll_lock_wait
+ jmp 106b
+ cfi_adjust_cfa_offset(-FRAME_SIZE)
+#endif
.size __pthread_cond_timedwait, .-__pthread_cond_timedwait
versioned_symbol (libpthread, __pthread_cond_timedwait, pthread_cond_timedwait,
@@ -552,7 +787,7 @@ __condvar_tw_cleanup:
call __lll_lock_wait
1: movl broadcast_seq(%ebx), %eax
- cmpl 20(%esp), %eax
+ cmpl 12(%esp), %eax
jne 3f
/* We increment the wakeup_seq counter only if it is lower than
@@ -706,6 +941,20 @@ __condvar_tw_cleanup:
.long .LcleanupEND-.Lsub_cond_futex
.long __condvar_tw_cleanup-.LSTARTCODE
.uleb128 0
+#ifndef __ASSUME_FUTEX_CLOCK_REALTIME
+ .long .LcleanupSTART2-.LSTARTCODE
+ .long .Ladd_cond_futex2-.LcleanupSTART2
+ .long __condvar_tw_cleanup-.LSTARTCODE
+ .uleb128 0
+ .long .Ladd_cond_futex2-.LSTARTCODE
+ .long .Lsub_cond_futex2-.Ladd_cond_futex2
+ .long __condvar_tw_cleanup2-.LSTARTCODE
+ .uleb128 0
+ .long .Lsub_cond_futex2-.LSTARTCODE
+ .long .LcleanupEND2-.Lsub_cond_futex2
+ .long __condvar_tw_cleanup-.LSTARTCODE
+ .uleb128 0
+#endif
.long .LcallUR-.LSTARTCODE
.long .LENDCODE-.LcallUR
.long 0
--
1.8.0.1
++++++ readdir_r-overflow.patch ++++++
2013-08-16 Florian Weimer
[BZ #14699]
CVE-2013-4237
* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
member.
* sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
member.
* sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
* sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
Return delayed error code. Remove GETDENTS_64BIT_ALIGNED
conditional.
* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
GETDENTS_64BIT_ALIGNED.
* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
* manual/filesys.texi (Reading/Closing Directory): Document
ENAMETOOLONG return value of readdir_r. Recommend readdir more
strongly.
* manual/conf.texi (Limits for Files): Add portability note to
NAME_MAX, PATH_MAX.
(Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.
Index: glibc-2.17/manual/conf.texi
===================================================================
--- glibc-2.17.orig/manual/conf.texi
+++ glibc-2.17/manual/conf.texi
@@ -1149,6 +1149,9 @@ typed ahead as input. @xref{I/O Queues}
@deftypevr Macro int NAME_MAX
The uniform system limit (if any) for the length of a file name component, not
including the terminating null character.
+
+@strong{Portability Note:} On some systems, @theglibc{} defines
+@code{NAME_MAX}, but does not actually enforce this limit.
@end deftypevr
@comment limits.h
@@ -1157,6 +1160,9 @@ including the terminating null character
The uniform system limit (if any) for the length of an entire file name (that
is, the argument given to system calls such as @code{open}), including the
terminating null character.
+
+@strong{Portability Note:} @Theglibc{} does not enforce this limit
+even if @code{PATH_MAX} is defined.
@end deftypevr
@cindex limits, pipe buffer size
@@ -1476,6 +1482,9 @@ Inquire about the value of @code{POSIX_R
Inquire about the value of @code{POSIX_REC_XFER_ALIGN}.
@end table
+@strong{Portability Note:} On some systems, @theglibc{} does not
+enforce @code{_PC_NAME_MAX} or @code{_PC_PATH_MAX} limits.
+
@node Utility Limits
@section Utility Program Capacity Limits
Index: glibc-2.17/manual/filesys.texi
===================================================================
--- glibc-2.17.orig/manual/filesys.texi
+++ glibc-2.17/manual/filesys.texi
@@ -444,9 +444,9 @@ symbols are declared in the header file
@comment POSIX.1
@deftypefun {struct dirent *} readdir (DIR *@var{dirstream})
This function reads the next entry from the directory. It normally
-returns a pointer to a structure containing information about the file.
-This structure is statically allocated and can be rewritten by a
-subsequent call.
+returns a pointer to a structure containing information about the
+file. This structure is associated with the @var{dirstream} handle
+and can be rewritten by a subsequent call.
@strong{Portability Note:} On some systems @code{readdir} may not
return entries for @file{.} and @file{..}, even though these are always
@@ -461,19 +461,61 @@ conditions are defined for this function
The @var{dirstream} argument is not valid.
@end table
-@code{readdir} is not thread safe. Multiple threads using
-@code{readdir} on the same @var{dirstream} may overwrite the return
-value. Use @code{readdir_r} when this is critical.
+To distinguish between an end-of-directory condition or an error, you
+must set @code{errno} to zero before calling @code{readdir}. To avoid
+entering an infinite loop, you should stop reading from the directory
+after the first error.
+
+In POSIX.1-2008, @code{readdir} is not thread-safe. In @theglibc{}
+implementation, it is safe to call @code{readdir} concurrently on
+different @var{dirstream}s, but multiple threads accessing the same
+@var{dirstream} result in undefined behavior. @code{readdir_r} is a
+fully thread-safe alternative, but suffers from poor portability (see
+below). It is recommended that you use @code{readdir}, with external
+locking if multiple threads access the same @var{dirstream}.
@end deftypefun
@comment dirent.h
@comment GNU
@deftypefun int readdir_r (DIR *@var{dirstream}, struct dirent *@var{entry}, struct dirent **@var{result})
-This function is the reentrant version of @code{readdir}. Like
-@code{readdir} it returns the next entry from the directory. But to
-prevent conflicts between simultaneously running threads the result is
-not stored in statically allocated memory. Instead the argument
-@var{entry} points to a place to store the result.
+This function is a version of @code{readdir} which performs internal
+locking. Like @code{readdir} it returns the next entry from the
+directory. To prevent conflicts between simultaneously running
+threads the result is stored inside the @var{entry} object.
+
+@strong{Portability Note:} It is recommended to use @code{readdir}
+instead of @code{readdir_r} for the following reasons:
+
+@itemize @bullet
+@item
+On systems which do not define @code{NAME_MAX}, it may not be possible
+to use @code{readdir_r} safely because the caller does not specify the
+length of the buffer for the directory entry.
+
+@item
+On some systems, @code{readdir_r} cannot read directory entries with
+very long names. If such a name is encountered, @theglibc{}
+implementation of @code{readdir_r} returns with an error code of
+@code{ENAMETOOLONG} after the final directory entry has been read. On
+other systems, @code{readdir_r} may return successfully, but the
+@code{d_name} member may not be NUL-terminated or may be truncated.
+
+@item
+POSIX-1.2008 does not guarantee that @code{readdir} is thread-safe,
+even when access to the same @var{dirstream} is serialized. But in
+current implementations (including @theglibc{}), it is safe to call
+@code{readdir} concurrently on different @var{dirstream}s, so there is
+no need to use @code{readdir_r} in most multi-threaded programs. In
+the rare case that multiple threads need to read from the same
+@var{dirstream}, it is still better to use @code{readdir} and external
+synchronization.
+
+@item
+It is expected that future versions of POSIX will obsolete
+@code{readdir_r} and mandate the level of thread safety for
+@code{readdir} which is provided by @theglibc{} and other
+implementations today.
+@end itemize
Normally @code{readdir_r} returns zero and sets @code{*@var{result}}
to @var{entry}. If there are no more entries in the directory or an
@@ -481,15 +523,6 @@ error is detected, @code{readdir_r} sets
null pointer and returns a nonzero error code, also stored in
@code{errno}, as described for @code{readdir}.
-@strong{Portability Note:} On some systems @code{readdir_r} may not
-return a NUL terminated string for the file name, even when there is no
-@code{d_reclen} field in @code{struct dirent} and the file
-name is the maximum allowed size. Modern systems all have the
-@code{d_reclen} field, and on old systems multi-threading is not
-critical. In any case there is no such problem with the @code{readdir}
-function, so that even on systems without the @code{d_reclen} member one
-could use multiple threads by using external locking.
-
It is also important to look at the definition of the @code{struct
dirent} type. Simply passing a pointer to an object of this type for
the second parameter of @code{readdir_r} might not be enough. Some
Index: glibc-2.17/sysdeps/posix/dirstream.h
===================================================================
--- glibc-2.17.orig/sysdeps/posix/dirstream.h
+++ glibc-2.17/sysdeps/posix/dirstream.h
@@ -39,6 +39,8 @@ struct __dirstream
off_t filepos; /* Position of next entry to read. */
+ int errcode; /* Delayed error code. */
+
/* Directory block. */
char data[0] __attribute__ ((aligned (__alignof__ (void*))));
};
Index: glibc-2.17/sysdeps/posix/opendir.c
===================================================================
--- glibc-2.17.orig/sysdeps/posix/opendir.c
+++ glibc-2.17/sysdeps/posix/opendir.c
@@ -230,6 +230,7 @@ __alloc_dir (int fd, bool close_fd, int
dirp->size = 0;
dirp->offset = 0;
dirp->filepos = 0;
+ dirp->errcode = 0;
return dirp;
}
Index: glibc-2.17/sysdeps/posix/readdir_r.c
===================================================================
--- glibc-2.17.orig/sysdeps/posix/readdir_r.c
+++ glibc-2.17/sysdeps/posix/readdir_r.c
@@ -41,6 +41,7 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent
DIRENT_TYPE *dp;
size_t reclen;
const int saved_errno = errno;
+ int ret;
__libc_lock_lock (dirp->lock);
@@ -71,10 +72,10 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent
bytes = 0;
__set_errno (saved_errno);
}
+ if (bytes < 0)
+ dirp->errcode = errno;
dp = NULL;
- /* Reclen != 0 signals that an error occurred. */
- reclen = bytes != 0;
break;
}
dirp->size = (size_t) bytes;
@@ -107,29 +108,46 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent
dirp->filepos += reclen;
#endif
- /* Skip deleted files. */
+#ifdef NAME_MAX
+ if (reclen > offsetof (DIRENT_TYPE, d_name) + NAME_MAX + 1)
+ {
+ /* The record is very long. It could still fit into the
+ caller-supplied buffer if we can skip padding at the
+ end. */
+ size_t namelen = _D_EXACT_NAMLEN (dp);
+ if (namelen <= NAME_MAX)
+ reclen = offsetof (DIRENT_TYPE, d_name) + namelen + 1;
+ else
+ {
+ /* The name is too long. Ignore this file. */
+ dirp->errcode = ENAMETOOLONG;
+ dp->d_ino = 0;
+ continue;
+ }
+ }
+#endif
+
+ /* Skip deleted and ignored files. */
}
while (dp->d_ino == 0);
if (dp != NULL)
{
-#ifdef GETDENTS_64BIT_ALIGNED
- /* The d_reclen value might include padding which is not part of
- the DIRENT_TYPE data structure. */
- reclen = MIN (reclen,
- offsetof (DIRENT_TYPE, d_name) + sizeof (dp->d_name));
-#endif
*result = memcpy (entry, dp, reclen);
-#ifdef GETDENTS_64BIT_ALIGNED
+#ifdef _DIRENT_HAVE_D_RECLEN
entry->d_reclen = reclen;
#endif
+ ret = 0;
}
else
- *result = NULL;
+ {
+ *result = NULL;
+ ret = dirp->errcode;
+ }
__libc_lock_unlock (dirp->lock);
- return dp != NULL ? 0 : reclen ? errno : 0;
+ return ret;
}
#ifdef __READDIR_R_ALIAS
Index: glibc-2.17/sysdeps/posix/rewinddir.c
===================================================================
--- glibc-2.17.orig/sysdeps/posix/rewinddir.c
+++ glibc-2.17/sysdeps/posix/rewinddir.c
@@ -33,6 +33,7 @@ rewinddir (dirp)
dirp->filepos = 0;
dirp->offset = 0;
dirp->size = 0;
+ dirp->errcode = 0;
#ifndef NOT_IN_libc
__libc_lock_unlock (dirp->lock);
#endif
Index: glibc-2.17/sysdeps/unix/sysv/linux/i386/readdir64_r.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/sysv/linux/i386/readdir64_r.c
+++ glibc-2.17/sysdeps/unix/sysv/linux/i386/readdir64_r.c
@@ -18,7 +18,6 @@
#define __READDIR_R __readdir64_r
#define __GETDENTS __getdents64
#define DIRENT_TYPE struct dirent64
-#define GETDENTS_64BIT_ALIGNED 1
#include
Index: glibc-2.17/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
+++ glibc-2.17/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
@@ -1,5 +1,4 @@
#define readdir64_r __no_readdir64_r_decl
-#define GETDENTS_64BIT_ALIGNED 1
#include
#undef readdir64_r
weak_alias (__readdir_r, readdir64_r)
++++++ regexp-overrun.patch ++++++
From a445af0bc722d620afed7683cd320c0e4c7c6059 Mon Sep 17 00:00:00 2001
From: Andreas Schwab
Date: Tue, 29 Jan 2013 14:45:15 +0100
Subject: [PATCH] Fix buffer overrun in regexp matcher
[BZ #15078]
* posix/regexec.c (extend_buffers): Add parameter min_len.
(check_matching): Pass minimum needed length.
(clean_state_log_if_needed): Likewise.
(get_subexp): Likewise.
* posix/Makefile (tests): Add bug-regex34.
(bug-regex34-ENV): Define.
* posix/bug-regex34.c: New file.
---
ChangeLog | 9 +++++++++
NEWS | 3 ++-
posix/Makefile | 3 ++-
posix/bug-regex34.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++
posix/regexec.c | 16 +++++++++-------
5 files changed, 68 insertions(+), 9 deletions(-)
create mode 100644 posix/bug-regex34.c
diff --git a/posix/Makefile b/posix/Makefile
index 88d409f..2cacd21 100644
--- a/posix/Makefile
+++ b/posix/Makefile
@@ -86,7 +86,7 @@ tests := tstgetopt testfnm runtests runptests \
tst-rfc3484-3 \
tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \
bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \
- bug-getopt5 tst-getopt_long1
+ bug-getopt5 tst-getopt_long1 bug-regex34
xtests := bug-ga2
ifeq (yes,$(build-shared))
test-srcs := globtest
@@ -199,6 +199,7 @@ bug-regex26-ENV = LOCPATH=$(common-objpfx)localedata
bug-regex30-ENV = LOCPATH=$(common-objpfx)localedata
bug-regex32-ENV = LOCPATH=$(common-objpfx)localedata
bug-regex33-ENV = LOCPATH=$(common-objpfx)localedata
+bug-regex34-ENV = LOCPATH=$(common-objpfx)localedata
tst-rxspencer-ARGS = --utf8 rxspencer/tests
tst-rxspencer-ENV = LOCPATH=$(common-objpfx)localedata
tst-pcre-ARGS = PCRE.tests
diff --git a/posix/bug-regex34.c b/posix/bug-regex34.c
new file mode 100644
index 0000000..bb3b613
--- /dev/null
+++ b/posix/bug-regex34.c
@@ -0,0 +1,46 @@
+/* Test re_search with multi-byte characters in UTF-8.
+ Copyright (C) 2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ http://www.gnu.org/licenses/. */
+
+#define _GNU_SOURCE 1
+#include
+#include
+#include
+#include
+
+static int
+do_test (void)
+{
+ struct re_pattern_buffer r;
+ /* ကျွန်ုပ်x */
+ const char *s = "\xe1\x80\x80\xe1\x80\xbb\xe1\x80\xbd\xe1\x80\x94\xe1\x80\xba\xe1\x80\xaf\xe1\x80\x95\xe1\x80\xbax";
+
+ if (setlocale (LC_ALL, "en_US.UTF-8") == NULL)
+ {
+ puts ("setlocale failed");
+ return 1;
+ }
+ memset (&r, 0, sizeof (r));
+
+ re_compile_pattern ("[^x]x", 5, &r);
+ /* This was triggering a buffer overflow. */
+ re_search (&r, s, strlen (s), 0, strlen (s), 0);
+ return 0;
+}
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
diff --git a/posix/regexec.c b/posix/regexec.c
index 7f2de85..5ca2bf6 100644
--- a/posix/regexec.c
+++ b/posix/regexec.c
@@ -197,7 +197,7 @@ static int group_nodes_into_DFAstates (const re_dfa_t *dfa,
static int check_node_accept (const re_match_context_t *mctx,
const re_token_t *node, int idx)
internal_function;
-static reg_errcode_t extend_buffers (re_match_context_t *mctx)
+static reg_errcode_t extend_buffers (re_match_context_t *mctx, int min_len)
internal_function;
/* Entry point for POSIX code. */
@@ -1160,7 +1160,7 @@ check_matching (re_match_context_t *mctx, int fl_longest_match,
|| (BE (next_char_idx >= mctx->input.valid_len, 0)
&& mctx->input.valid_len < mctx->input.len))
{
- err = extend_buffers (mctx);
+ err = extend_buffers (mctx, next_char_idx + 1);
if (BE (err != REG_NOERROR, 0))
{
assert (err == REG_ESPACE);
@@ -1738,7 +1738,7 @@ clean_state_log_if_needed (re_match_context_t *mctx, int next_state_log_idx)
&& mctx->input.valid_len < mctx->input.len))
{
reg_errcode_t err;
- err = extend_buffers (mctx);
+ err = extend_buffers (mctx, next_state_log_idx + 1);
if (BE (err != REG_NOERROR, 0))
return err;
}
@@ -2792,7 +2792,7 @@ get_subexp (re_match_context_t *mctx, int bkref_node, int bkref_str_idx)
if (bkref_str_off >= mctx->input.len)
break;
- err = extend_buffers (mctx);
+ err = extend_buffers (mctx, bkref_str_off + 1);
if (BE (err != REG_NOERROR, 0))
return err;
@@ -4102,7 +4102,7 @@ check_node_accept (const re_match_context_t *mctx, const re_token_t *node,
static reg_errcode_t
internal_function __attribute_warn_unused_result__
-extend_buffers (re_match_context_t *mctx)
+extend_buffers (re_match_context_t *mctx, int min_len)
{
reg_errcode_t ret;
re_string_t *pstr = &mctx->input;
@@ -4111,8 +4111,10 @@ extend_buffers (re_match_context_t *mctx)
if (BE (INT_MAX / 2 / sizeof (re_dfastate_t *) <= pstr->bufs_len, 0))
return REG_ESPACE;
- /* Double the lengthes of the buffers. */
- ret = re_string_realloc_buffers (pstr, MIN (pstr->len, pstr->bufs_len * 2));
+ /* Double the lengthes of the buffers, but allocate at least MIN_LEN. */
+ ret = re_string_realloc_buffers (pstr,
+ MAX (min_len,
+ MIN (pstr->len, pstr->bufs_len * 2)));
if (BE (ret != REG_NOERROR, 0))
return ret;
--
1.8.2.3
++++++ strcoll-overflow.patch ++++++
++++ 1105 lines (skipped)