Hello community, here is the log from the commit of package glibc.3533 for openSUSE:13.1:Update checked in at 2015-02-23 14:06:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/glibc.3533 (Old) and /work/SRC/openSUSE:13.1:Update/.glibc.3533.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "glibc.3533" Changes: -------- New Changes file: --- /dev/null 2014-12-25 22:38:16.200041506 +0100 +++ /work/SRC/openSUSE:13.1:Update/.glibc.3533.new/glibc-testsuite.changes 2015-02-23 14:06:51.000000000 +0100 @@ -0,0 +1,6889 @@ +------------------------------------------------------------------- +Mon Feb 9 16:38:08 UTC 2015 - schwab@suse.de + +- nss-dns-infinite-loop.patch: Avoid infinite loop in nss_dns getnetbyname + (CVE-2014-9402, bsc#910599, BZ #17630) +- wordexp-wrde-nocmd.patch: wordexp fails to honour WRDE_NOCMD + (CVE-2014-7817, bsc#906371, BZ #17625) +- res-send-fd-reuse.patch: Fix invalid file descriptor reuse while sending + DNS query (CVE-2013-7423, bsc#915526, BZ #15946) +- wscanf-buffer-overflow.patch: Fix buffer overflow in wscanf + (CVE-2015-1472, bsc#916222, BZ #16618) + +------------------------------------------------------------------- +Tue Sep 2 07:57:23 UTC 2014 - schwab@suse.de + +- setlocale-directory-traversal.patch: Directory traversal in locale + environment handling (CVE-2014-0475, bnc#887022, BZ #17137) +- disable-gconv-translit-modules.patch: Disable gconv transliteration + module loading (CVE-2014-5119, bnc#892073, BZ #17187) +- iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM + gconv modules (CVE-2014-6040, bnc#894553, BZ #17325) + +------------------------------------------------------------------- +Mon Apr 7 09:02:53 UTC 2014 - schwab@suse.de + +- pthread-mutex-trylock-elision.patch: Properly handle forced elision in + pthread_mutex_trylock (bnc#865968) + +------------------------------------------------------------------- +Tue Dec 17 13:18:45 UTC 2013 - schwab@suse.de + +- arm-dl_hwcap-ifunc-resolver.patch: Correctly determine hwcap for IFUNC + resolver +- nscd-getservbyport.patch: Fix nscd getservbyport not to ignore proto + (bnc#849719) +- options-rotate.patch: Fix rotation in presence of name servers with IPv6 + address (bnc#848783) + +------------------------------------------------------------------- +Mon Nov 25 10:40:04 UTC 2013 - guillaume@opensuse.org + +- Fix ARMv7 on SoC that are not NEON capable with + arm_non_neon_fix.patch + +------------------------------------------------------------------- +Fri Nov 22 10:42:04 UTC 2013 - guillaume@opensuse.org + +- Enable explicitly multiarch for armv7hl + +------------------------------------------------------------------- +Wed Oct 30 14:05:30 UTC 2013 - schwab@suse.de + +- getaddrinfo-overflow.patch: Fix stack overflow due to large AF_INET6 + requests (CVE-2013-4458, bnc#847227) + +------------------------------------------------------------------- +Mon Oct 21 12:14:38 UTC 2013 - schwab@suse.de + +- Remove SSE4.2 implementation of strstr for x86-32 (bnc#843464) + +------------------------------------------------------------------- +Mon Oct 14 09:32:44 UTC 2013 - schwab@suse.de + +- Depend on gcc defaults for base powerpc optimisations (bnc#844824) + +------------------------------------------------------------------- +Fri Oct 11 08:37:38 UTC 2013 - schwab@suse.de + +- Enable ports addon for m68k and adapt file list +- m68k-Scrt1.patch: Use PIC for Scrt1.o + +------------------------------------------------------------------- +Thu Sep 19 14:12:59 UTC 2013 - schwab@suse.de + +- nscd-server-user.patch: run nscd as user nscd (fate#314673) + +------------------------------------------------------------------- +Thu Sep 12 13:42:23 UTC 2013 - schwab@suse.de + +- malloc-overflows.patch: Fix integer overflows in malloc (CVE-2013-4332, + bnc#839870) + +------------------------------------------------------------------- +Wed Sep 11 10:11:56 UTC 2013 - schwab@suse.de + +- fcntl-o-tmpfile.patch: Add O_TMPFILE to <fcntl.h> (bnc#837965) +- strcoll-overflow.patch: Update to latest version + +------------------------------------------------------------------- +Tue Aug 13 07:24:59 UTC 2013 - schwab@suse.de + +- Update to glibc 2.18 release + * No source change +- strcoll-overflow.patch: fix buffer overflow in strcoll (CVE-2012-4412, + bnc#779320) +- readdir_r-overflow.patch: fix readdir_r with long file names + (CVE-2013-4237, bnc#834594) + +------------------------------------------------------------------- +Tue Aug 6 09:20:04 UTC 2013 - schwab@suse.de + +- Update to glibc 2.17.90 85891acadf1b: + * CVE-2013-2207 Incorrectly granting access to another user's pseudo-terminal + has been fixed by disabling the use of pt_chown (Bugzilla #15755). + Distributions can re-enable building and using pt_chown via the new configure + option `--enable-pt_chown'. Enabling the use of pt_chown carries with it + considerable security risks and should only be used if the distribution + understands and accepts the risks. + * CVE-2013-0242 Buffer overrun in regexp matcher has been fixed (Bugzilla + #15078). + * CVE-2013-1914 Stack overflow in getaddrinfo with many results has been + fixed (Bugzilla #15330). + * Add support for calling C++11 thread_local object destructors on thread + and program exit. This needs compiler support for offloading C++11 + destructor calls to glibc. + * Improved worst case performance of libm functions with double inputs and + output. + * Support for priority inherited mutexes in pthread condition variables on + non-x86 architectures. + * Optimized string functions for AArch64. Implemented by Marcus Shawcroft. + * Optimized string functions for ARM. Implemented by Will Newton and + Richard Henderson. + * Added a benchmark framework to track performance of functions in glibc. + * New <math.h> macro named issignaling to check for a signaling NaN (sNaN). + It is based on draft TS 18661 and currently enabled as a GNU extension. + * On Linux, the clock function now uses the clock_gettime system call + for improved precision, rather than old times system call. + * Added new API functions pthread_getattr_default_np and + pthread_setattr_default_np to get and set the default pthread + attributes of a process. + * Added support for TSX lock elision for pthread mutexes on i386 and x86-64. + This may improve lock scaling of existing programs on TSX capable systems. + * Support added for AT_HWCAP2 (to coincide with Linux kernel 3.10 + availability). Implemented by Ryan S. Arnold. + * Support added for POWER8 platform. Implemented by Ryan S. Arnold. +- Remove upstreamed patches: + pthread-cond-timedwait-i486.patch + glibc-aarch64-lib64.patch + arm-ld-so-cache.patch + rtlddir.patch + regexp-overrun.patch + getaddrinfo-overflow.patch + nscd-netgroup.patch + disable-pt-chown.patch + nscd-short-write.patch + big5-hkscs-update.patch.bz2 + digits-dots.patch + strptime-W-week.patch + aarch64-sigsetjmp.patch +- Rediff all remaining patches +- Reenable stackguard randomization on arm +- Recognize ppc64p7 arch to build for power7 +- Remove all ABI extensions from libcrypt +- cbrtl-ldbl-96.patch: fix cbrtl for ldbl-96 + +------------------------------------------------------------------- +Wed Jul 31 12:20:38 UTC 2013 - schwab@suse.de + +- i686-strcasecmp-fallback.patch: fix fallback in i686 + strcasecmp/strncasecmp +- nonascii-case.patch: also test strncasecmp +- pldd-wait-ptrace-stop.patch: fix pldd not to leave process stopped after + detaching (bnc#819383) + +------------------------------------------------------------------- +Mon Jul 22 12:32:34 UTC 2013 - schwab@suse.de + +- disable-pt-chown.patch: disable use of pt_chown (CVE-2013-2207, + bnc#830257) +- nonascii-case.patch: fix strcasecmp in tr_TR.ISO-8859-9 locale +- glibc-2.14-crypt.diff: fix incomplete dependencies for libowcrypt + +------------------------------------------------------------------- +Thu Jul 4 12:14:27 UTC 2013 - schwab@suse.de + +- crypt_blowfish-gensalt.patch: separare crypt_gensalt into its own + library libowcrypt, remove crypt_rn and crypt_ra (fate#314945) +- glibc-2.14-crypt-versioning.diff, glibc-fix-check-abi.patch, + glibc-crypt-badsalttest.patch: folded into glibc-2.14-crypt.diff +- crypt_blowfish-const.patch: constify crypt_blowfish +- crypt_blowfish-1.2-sha.diff: refresh + +------------------------------------------------------------------- +Fri Jun 28 12:26:38 UTC 2013 - dmueller@suse.com + +- add ld-linux.so.3 compat symlink also for armv6hl +- remove deprecated armv7l + +------------------------------------------------------------------- +Wed Jun 19 09:29:55 UTC 2013 - coolo@suse.com + +- rely on systemd-rpm-macros instead of the full thing + +------------------------------------------------------------------- +Mon Jun 17 09:49:24 UTC 2013 - schwab@suse.de + +- nscd-netgroup.patch: Fix handling of netgroup cache in nscd (bnc#819524) ++++ 6692 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.glibc.3533.new/glibc-testsuite.changes New Changes file: glibc-utils.changes: same change New Changes file: glibc.changes: same change New: ---- arm-dl_hwcap-ifunc-resolver.patch baselibs.conf bindresvport.blacklist cbrtl-ldbl-96.patch check-build.sh crypt_blowfish-1.2-hack_around_arm.diff crypt_blowfish-1.2-sha.diff crypt_blowfish-1.2.tar.gz crypt_blowfish-1.2.tar.gz.sign crypt_blowfish-const.patch crypt_blowfish-gensalt.patch disable-gconv-translit-modules.patch fcntl-o-tmpfile.patch getaddrinfo-ipv6-sanity.diff getaddrinfo-overflow.patch glibc-2.14-crypt.diff glibc-2.18.tar.xz glibc-2.2-sunrpc.diff glibc-2.3.2.no_archive.diff glibc-2.3.3-nscd-db-path.diff glibc-2.3.90-langpackdir.diff glibc-2.3.90-noversion.diff glibc-2.3.locales.diff.bz2 glibc-2.4-china.diff glibc-2.4.90-no_NO.diff glibc-2.4.90-revert-only-euro.diff glibc-bindresvport-blacklist.diff glibc-cpusetsize.diff glibc-fix-double-loopback.diff glibc-ld-profile.patch glibc-nodate.patch glibc-nscd-hconf.diff glibc-nscd.conf.patch glibc-resolv-mdnshint.diff glibc-resolv-reload.diff glibc-testsuite.changes glibc-testsuite.patch glibc-testsuite.spec glibc-utils.changes glibc-utils.spec glibc-version.diff glibc.changes glibc.rpmlintrc glibc.spec glibc_post_upgrade.c i686-no-sse42-strstr.patch i686-strcasecmp-fallback.patch iconv-ibm-sentinel-check.patch m68k-Scrt1.patch malloc-overflows.patch manpages.patch manpages.tar.bz2 nonascii-case.patch noversion.tar.bz2 nscd-getservbyport.patch nscd-server-user.patch nscd.conf nscd.service nss-database.patch nss-db-path.patch nss-dns-infinite-loop.patch nsswitch.conf options-rotate.patch pldd-wait-ptrace-stop.patch pre_checkin.sh printf-overrun.patch pthread-mutex-trylock-elision.patch readdir_r-overflow.patch res-send-fd-reuse.patch setlocale-directory-traversal.patch strcoll-overflow.patch wordexp-wrde-nocmd.patch wscanf-buffer-overflow.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ glibc-testsuite.spec ++++++ ++++ 1346 lines (skipped) glibc-utils.spec: same change glibc.spec: same change ++++++ arm-dl_hwcap-ifunc-resolver.patch ++++++ 2013-08-28 Kyle McMartin <kyle@redhat.com> Carlos O'Donell <carlos@redhat.com> [BZ #15905] * sysdeps/arm/dl-machine [!RTLD_BOOTSTRAP] (elf_machine_rel): Pass GLRO(dl_hwcap) to the IFUNC resolver. Index: glibc-2.18/ports/sysdeps/arm/dl-machine.h =================================================================== --- glibc-2.18.orig/ports/sysdeps/arm/dl-machine.h +++ glibc-2.18/ports/sysdeps/arm/dl-machine.h @@ -503,7 +503,7 @@ elf_machine_rel (struct link_map *map, c break; case R_ARM_IRELATIVE: value = map->l_addr + *reloc_addr; - value = ((Elf32_Addr (*) (void)) value) (); + value = ((Elf32_Addr (*) (int)) value) (GLRO(dl_hwcap)); *reloc_addr = value; break; #endif ++++++ baselibs.conf ++++++ glibc arch i586 block! targettype x86 +/etc/ld.so.conf targettype x86 "/lib/ld-linux.so.2 -> <prefix>/lib/ld-linux.so.2" targettype x86 obsoletes "baselibs-x86" targettype ia32 +/etc/ld.so.conf targettype ia32 "/lib/ld-linux.so.2 -> <prefix>/lib/ld-linux.so.2" prereq -glibc-x86 +/usr/lib/getconf/[^g] glibc-locale arch i586 block! +/usr/lib(64)?/gconv/gconv-modules targettype x86 -/usr/lib(64)?/gconv/gconv-modules glibc-devel requires "glibc-<targettype> = %version" arch i586 block! +^/usr/include/gnu/stubs-.*\.h$ glibc-devel-static arch i586 block! glibc-profile arch i586 block! glibc-utils ++++++ bindresvport.blacklist ++++++ # # This file contains a list of port numbers between 600 and 1024, # which should not be used by bindresvport. bindresvport is mostly # called by RPC services. This mostly solves the problem, that a # RPC service uses a well known port of another service. # 623 # ASF, used by IPMI on some cards 631 # cups 636 # ldaps 664 # Secure ASF, used by IPMI on some cards 774 # rpasswd 921 # lwresd 993 # imaps 995 # pops ++++++ cbrtl-ldbl-96.patch ++++++ [BZ #15749] * sysdeps/ieee754/ldbl-96/s_cbrtl.c (__cbrtl): Use fabsl instead of fabs. Index: glibc-2.17.90/sysdeps/ieee754/ldbl-96/s_cbrtl.c =================================================================== --- glibc-2.17.90.orig/sysdeps/ieee754/ldbl-96/s_cbrtl.c +++ glibc-2.17.90/sysdeps/ieee754/ldbl-96/s_cbrtl.c @@ -45,7 +45,7 @@ __cbrtl (long double x) int xe; /* Reduce X. XM now is an range 1.0 to 0.5. */ - xm = __frexpl (fabs (x), &xe); + xm = __frexpl (fabsl (x), &xe); /* If X is not finite or is null return it (with raising exceptions if necessary. ++++++ check-build.sh ++++++ #!/bin/bash # Copyright (c) 2003, 2004, 2011,2012 SUSE Linux Products GmbH, Germany. All rights reserved. # # Authors: Thorsten Kukuk <kukuk@suse.de> # if [ `nice` -gt '9' ] ; then echo "Don't modify nice for building glibc!" exit 1 fi # get kernel version OFS="$IFS" ; IFS=".-" ; version=(`uname -r`) ; IFS="$OIFS" ARCH=(`uname -m`) if test ${version[0]} -gt 2 ; then : # okay elif test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 16 ; then echo "FATAL: kernel too old, need kernel >= 2.6.16 for this package" 1>&2 exit 1 elif $ARCH -eq 'x86_64' ; then if test ${version[0]} -lt 2 -o ${version[1]} -lt 6 -o ${version[2]} -lt 32 ; then echo "FATAL: kernel too old, need kernel >= 2.6.32 for this package" 1>&2 exit 1 fi fi exit 0 ++++++ crypt_blowfish-1.2-hack_around_arm.diff ++++++ --- x86.S +++ x86.S @@ -199,5 +199,5 @@ #endif #if defined(__ELF__) && defined(__linux__) -.section .note.GNU-stack,"",@progbits +.section .note.GNU-stack,"",%progbits #endif ++++++ crypt_blowfish-1.2-sha.diff ++++++

From 1c581a8364ab18a6938f3153d7bea793d06a4652 Mon Sep 17 00:00:00 2001 From: Ludwig Nussel <ludwig.nussel@suse.de> Date: Thu, 25 Aug 2011 14:00:38 +0200 Subject: [PATCH crypt_blowfish] support for sha256 and sha512

--- crypt.3 | 14 +++++++++++++ crypt_gensalt.c | 58 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ wrapper.c | 23 +++++++++++++++++++++ 3 files changed, 95 insertions(+), 0 deletions(-) Index: crypt_blowfish-1.2/crypt.3 =================================================================== --- crypt_blowfish-1.2.orig/crypt.3 +++ crypt_blowfish-1.2/crypt.3 @@ -399,6 +399,20 @@ too low for the currently available hard .hash "$1$" "\e$1\e$[^$]{1,8}\e$[./0-9A-Za-z]{22}" unlimited 8 "" 128 "6 to 48" 1000 .PP .ti -2 +.B SHA256 based +.br +This is Ulrich Drepper's SHA256-based password hashing method originally +developed for Linux. +.hash "$5$" "\e$5\e$(rounds=[0-9]{1,9}\e$)?([./0-9A-Za-z]{1,16})?\e$[./0-9A-Za-z]{43}" unlimited 8 "" 256 "0 to 96" "1000 to 999999999 (default 5000)" +.PP +.ti -2 +.B SHA512 based +.br +This is Ulrich Drepper's SHA512-based password hashing method originally +developed for Linux. +.hash "$6$" "\e$6\e$(rounds=[0-9]{1,9}\e$)?([./0-9A-Za-z]{1,16})?\e$[./0-9A-Za-z]{86}" unlimited 8 "" 512 "0 to 96" "1000 to 999999999 (default 5000)" +.PP +.ti -2 .BR "OpenBSD-style Blowfish-based" " (" bcrypt ) .br .B bcrypt Index: crypt_blowfish-1.2/crypt_gensalt.c =================================================================== --- crypt_blowfish-1.2.orig/crypt_gensalt.c +++ crypt_blowfish-1.2/crypt_gensalt.c @@ -19,6 +19,7 @@ */ #include <string.h> +#include <stdio.h> #include <errno.h> #ifndef __set_errno @@ -122,3 +123,60 @@ char *_crypt_gensalt_md5_rn(const char * return output; } + +#define SHA2_SALT_LEN_MAX 16 +#define SHA2_ROUNDS_MIN 1000 +#define SHA2_ROUNDS_MAX 999999999 +char *_crypt_gensalt_sha2_rn (const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) + +{ + char *o = output; + const char *i = input; + unsigned needed = 3 + MIN(size/3*4, SHA2_SALT_LEN_MAX) + 1; + + if (size < 3 || output_size < needed) + goto error; + + size = MIN(size, SHA2_SALT_LEN_MAX/4*3); + + o[0] = prefix[0]; + o[1] = prefix[1]; + o[2] = prefix[2]; + o += 3; + + if (count) { + count = MAX(SHA2_ROUNDS_MIN, MIN(count, SHA2_ROUNDS_MAX)); + int n = snprintf (o, output_size-3, "rounds=%ld$", count); + if (n < 0 || n >= output_size-3) + goto error; + needed += n; + o += n; + } + + if (output_size < needed) + goto error; + + while (size >= 3) { + unsigned long value = + (unsigned long)(unsigned char)i[0] | + ((unsigned long)(unsigned char)i[1] << 8) | + ((unsigned long)(unsigned char)i[2] << 16); + o[0] = _crypt_itoa64[value & 0x3f]; + o[1] = _crypt_itoa64[(value >> 6) & 0x3f]; + o[2] = _crypt_itoa64[(value >> 12) & 0x3f]; + o[3] = _crypt_itoa64[(value >> 18) & 0x3f]; + size -= 3; + i += 3; + o += 3; + } + o[0] = '\0'; + + return output; + +error: + if (output_size > 0) + output[0] = '\0'; + errno = ENOMEM; + return NULL; +} Index: crypt_blowfish-1.2/crypt_gensalt.h =================================================================== --- crypt_blowfish-1.2.orig/crypt_gensalt.h +++ crypt_blowfish-1.2/crypt_gensalt.h @@ -26,5 +26,7 @@ extern char *_crypt_gensalt_extended_rn( const char *input, int size, char *output, int output_size); extern char *_crypt_gensalt_md5_rn(const char *prefix, unsigned long count, const char *input, int size, char *output, int output_size); +extern char *_crypt_gensalt_sha2_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size); #endif Index: crypt_blowfish-1.2/wrapper.c =================================================================== --- crypt_blowfish-1.2.orig/wrapper.c +++ crypt_blowfish-1.2/wrapper.c @@ -50,6 +50,10 @@ #include "crypt.h" extern char *__md5_crypt_r(const char *key, const char *salt, char *buffer, int buflen); +extern char *__sha256_crypt_r (const char *key, const char *salt, + char *buffer, int buflen); +extern char *__sha512_crypt_r (const char *key, const char *salt, + char *buffer, int buflen); /* crypt-entry.c needs to be patched to define __des_crypt_r rather than * __crypt_r, and not define crypt_r and crypt at all */ extern char *__des_crypt_r(const char *key, const char *salt, @@ -112,6 +116,10 @@ static char *_crypt_retval_magic(char *r char *__crypt_rn(__const char *key, __const char *setting, void *data, int size) { + if (setting[0] == '$' && setting[1] == '6') + return __sha512_crypt_r(key, setting, (char *)data, size); + if (setting[0] == '$' && setting[1] == '5') + return __sha256_crypt_r(key, setting, (char *)data, size); if (setting[0] == '$' && setting[1] == '2') return _crypt_blowfish_rn(key, setting, (char *)data, size); if (setting[0] == '$' && setting[1] == '1') @@ -129,6 +137,16 @@ char *__crypt_rn(__const char *key, __co char *__crypt_ra(__const char *key, __const char *setting, void **data, int *size) { + if (setting[0] == '$' && setting[1] == '6') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return __sha512_crypt_r(key, setting, (char *)*data, *size); + } + if (setting[0] == '$' && setting[1] == '5') { + if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) + return NULL; + return __sha256_crypt_r(key, setting, (char *)*data, *size); + } if (setting[0] == '$' && setting[1] == '2') { if (_crypt_data_alloc(data, size, CRYPT_OUTPUT_SIZE)) return NULL; @@ -210,6 +228,9 @@ char *__crypt_gensalt_rn(const char *pre return NULL; } + if (!strncmp(prefix, "$5$", 3) || !strncmp(prefix, "$6$", 3)) + use = _crypt_gensalt_sha2_rn; + else if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4)) use = _crypt_gensalt_blowfish_rn; else ++++++ crypt_blowfish-const.patch ++++++ Index: crypt_blowfish-1.2/crypt_blowfish.c =================================================================== --- crypt_blowfish-1.2.orig/crypt_blowfish.c +++ crypt_blowfish-1.2/crypt_blowfish.c @@ -81,7 +81,7 @@ typedef struct { * Magic IV for 64 Blowfish encryptions that we do at the end. * The string is "OrpheanBeholderScryDoubt" on big-endian. */ -static BF_word BF_magic_w[6] = { +static const BF_word BF_magic_w[6] = { 0x4F727068, 0x65616E42, 0x65686F6C, 0x64657253, 0x63727944, 0x6F756274 }; @@ -89,7 +89,7 @@ static BF_word BF_magic_w[6] = { /* * P-box and S-box tables initialized with digits of Pi. */ -static BF_ctx BF_init_state = { +static const BF_ctx BF_init_state = { { { 0xd1310ba6, 0x98dfb5ac, 0x2ffd72db, 0xd01adfb7, @@ -361,10 +361,10 @@ static BF_ctx BF_init_state = { } }; -static unsigned char BF_itoa64[64 + 1] = +static const unsigned char BF_itoa64[64 + 1] = "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; -static unsigned char BF_atoi64[0x60] = { +static const unsigned char BF_atoi64[0x60] = { 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 64, 0, 1, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 64, 64, 64, 64, 64, 64, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, @@ -440,8 +440,8 @@ static void BF_encode(char *dst, const B static void BF_swap(BF_word *x, int count) { - static int endianness_check = 1; - char *is_little_endian = (char *)&endianness_check; + static const int endianness_check = 1; + const char *is_little_endian = (const char *)&endianness_check; BF_word tmp; if (*is_little_endian) ++++++ crypt_blowfish-gensalt.patch ++++++ Index: crypt_blowfish-1.2/crypt_blowfish.c =================================================================== --- crypt_blowfish-1.2.orig/crypt_blowfish.c +++ crypt_blowfish-1.2/crypt_blowfish.c @@ -872,31 +872,3 @@ char *_crypt_blowfish_rn(const char *key __set_errno(EINVAL); /* pretend we don't support this hash type */ return NULL; } - -char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, - const char *input, int size, char *output, int output_size) -{ - if (size < 16 || output_size < 7 + 22 + 1 || - (count && (count < 4 || count > 31)) || - prefix[0] != '$' || prefix[1] != '2' || - (prefix[2] != 'a' && prefix[2] != 'y')) { - if (output_size > 0) output[0] = '\0'; - __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL); - return NULL; - } - - if (!count) count = 5; - - output[0] = '$'; - output[1] = '2'; - output[2] = prefix[2]; - output[3] = '$'; - output[4] = '0' + count / 10; - output[5] = '0' + count % 10; - output[6] = '$'; - - BF_encode(&output[7], (const BF_word *)input, 16); - output[7 + 22] = '\0'; - - return output; -} Index: crypt_blowfish-1.2/crypt_blowfish.h =================================================================== --- crypt_blowfish-1.2.orig/crypt_blowfish.h +++ crypt_blowfish-1.2/crypt_blowfish.h @@ -20,8 +20,5 @@ extern int _crypt_output_magic(const char *setting, char *output, int size); extern char *_crypt_blowfish_rn(const char *key, const char *setting, char *output, int size); -extern char *_crypt_gensalt_blowfish_rn(const char *prefix, - unsigned long count, - const char *input, int size, char *output, int output_size); #endif Index: crypt_blowfish-1.2/crypt_gensalt.c =================================================================== --- crypt_blowfish-1.2.orig/crypt_gensalt.c +++ crypt_blowfish-1.2/crypt_gensalt.c @@ -180,3 +180,69 @@ error: errno = ENOMEM; return NULL; } + + +typedef unsigned int BF_word; + +static const unsigned char BF_itoa64[64 + 1] = + "./ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; + +static void BF_encode(char *dst, const BF_word *src, int size) +{ + const unsigned char *sptr = (const unsigned char *)src; + const unsigned char *end = sptr + size; + unsigned char *dptr = (unsigned char *)dst; + unsigned int c1, c2; + + do { + c1 = *sptr++; + *dptr++ = BF_itoa64[c1 >> 2]; + c1 = (c1 & 0x03) << 4; + if (sptr >= end) { + *dptr++ = BF_itoa64[c1]; + break; + } + + c2 = *sptr++; + c1 |= c2 >> 4; + *dptr++ = BF_itoa64[c1]; + c1 = (c2 & 0x0f) << 2; + if (sptr >= end) { + *dptr++ = BF_itoa64[c1]; + break; + } + + c2 = *sptr++; + c1 |= c2 >> 6; + *dptr++ = BF_itoa64[c1]; + *dptr++ = BF_itoa64[c2 & 0x3f]; + } while (sptr < end); +} + +char *_crypt_gensalt_blowfish_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + if (size < 16 || output_size < 7 + 22 + 1 || + (count && (count < 4 || count > 31)) || + prefix[0] != '$' || prefix[1] != '2' || + (prefix[2] != 'a' && prefix[2] != 'y')) { + if (output_size > 0) output[0] = '\0'; + __set_errno((output_size < 7 + 22 + 1) ? ERANGE : EINVAL); + return NULL; + } + + if (!count) count = 5; + + output[0] = '$'; + output[1] = '2'; + output[2] = prefix[2]; + output[3] = '$'; + output[4] = '0' + count / 10; + output[5] = '0' + count % 10; + output[6] = '$'; + + BF_encode(&output[7], (const BF_word *)input, 16); + output[7 + 22] = '\0'; + + return output; +} Index: crypt_blowfish-1.2/crypt_gensalt.h =================================================================== --- crypt_blowfish-1.2.orig/crypt_gensalt.h +++ crypt_blowfish-1.2/crypt_gensalt.h @@ -28,5 +28,8 @@ extern char *_crypt_gensalt_md5_rn(const const char *input, int size, char *output, int output_size); extern char *_crypt_gensalt_sha2_rn(const char *prefix, unsigned long count, const char *input, int size, char *output, int output_size); +extern char *_crypt_gensalt_blowfish_rn(const char *prefix, + unsigned long count, + const char *input, int size, char *output, int output_size); #endif Index: crypt_blowfish-1.2/wrapper-gensalt.c =================================================================== --- /dev/null +++ crypt_blowfish-1.2/wrapper-gensalt.c @@ -0,0 +1,113 @@ +/* + * Written by Solar Designer <solar at openwall.com> in 2000-2011. + * No copyright is claimed, and the software is hereby placed in the public + * domain. In case this attempt to disclaim copyright and place the software + * in the public domain is deemed null and void, then the software is + * Copyright (c) 2000-2011 Solar Designer and it is hereby released to the + * general public under the following terms: + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted. + * + * There's ABSOLUTELY NO WARRANTY, express or implied. + * + * See crypt_blowfish.c for more information. + */ + +#include <stdlib.h> +#include <string.h> + +#include <errno.h> +#ifndef __set_errno +#define __set_errno(val) errno = (val) +#endif + +#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1) + +#if defined(__GLIBC__) && defined(_LIBC) +#define __SKIP_GNU +#endif +#include "ow-crypt.h" + +#include "crypt_gensalt.h" + +#if !(defined(__GLIBC__) && defined(_LIBC)) +#define __crypt_gensalt_rn crypt_gensalt_rn +#define __crypt_gensalt_ra crypt_gensalt_ra +#define __crypt_gensalt crypt_gensalt +#endif + +char *__crypt_gensalt_rn(const char *prefix, unsigned long count, + const char *input, int size, char *output, int output_size) +{ + char *(*use)(const char *_prefix, unsigned long _count, + const char *_input, int _size, + char *_output, int _output_size); + + /* This may be supported on some platforms in the future */ + if (!input) { + __set_errno(EINVAL); + return NULL; + } + + if (!strncmp(prefix, "$5$", 3) || !strncmp(prefix, "$6$", 3)) + use = _crypt_gensalt_sha2_rn; + else + if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4)) + use = _crypt_gensalt_blowfish_rn; + else + if (!strncmp(prefix, "$1$", 3)) + use = _crypt_gensalt_md5_rn; + else + if (prefix[0] == '_') + use = _crypt_gensalt_extended_rn; + else + if (!prefix[0] || + (prefix[0] && prefix[1] && + memchr(_crypt_itoa64, prefix[0], 64) && + memchr(_crypt_itoa64, prefix[1], 64))) + use = _crypt_gensalt_traditional_rn; + else { + __set_errno(EINVAL); + return NULL; + } + + return use(prefix, count, input, size, output, output_size); +} + +char *__crypt_gensalt_ra(const char *prefix, unsigned long count, + const char *input, int size) +{ + char output[CRYPT_GENSALT_OUTPUT_SIZE]; + char *retval; + + retval = __crypt_gensalt_rn(prefix, count, + input, size, output, sizeof(output)); + + if (retval) { + retval = strdup(retval); +#ifndef __GLIBC__ + /* strdup(3) on glibc sets errno, so we don't need to bother */ + if (!retval) + __set_errno(ENOMEM); +#endif + } + + return retval; +} + +char *__crypt_gensalt(const char *prefix, unsigned long count, + const char *input, int size) +{ + static char output[CRYPT_GENSALT_OUTPUT_SIZE]; + + return __crypt_gensalt_rn(prefix, count, + input, size, output, sizeof(output)); +} + +#if defined(__GLIBC__) && defined(_LIBC) +weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn) +weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra) +weak_alias(__crypt_gensalt, crypt_gensalt) +#endif + Index: crypt_blowfish-1.2/wrapper.c =================================================================== --- crypt_blowfish-1.2.orig/wrapper.c +++ crypt_blowfish-1.2/wrapper.c @@ -35,7 +35,6 @@ #endif #define CRYPT_OUTPUT_SIZE (7 + 22 + 31 + 1) -#define CRYPT_GENSALT_OUTPUT_SIZE (7 + 22 + 1) #if defined(__GLIBC__) && defined(_LIBC) #define __SKIP_GNU @@ -43,7 +42,6 @@ #include "ow-crypt.h" #include "crypt_blowfish.h" -#include "crypt_gensalt.h" #if defined(__GLIBC__) && defined(_LIBC) /* crypt.h from glibc-crypt-2.1 will define struct crypt_data for us */ @@ -209,88 +207,11 @@ char *crypt(const char *key, const char crypt_rn(key, setting, output, sizeof(output)), setting, output, sizeof(output)); } - -#define __crypt_gensalt_rn crypt_gensalt_rn -#define __crypt_gensalt_ra crypt_gensalt_ra -#define __crypt_gensalt crypt_gensalt -#endif - -char *__crypt_gensalt_rn(const char *prefix, unsigned long count, - const char *input, int size, char *output, int output_size) -{ - char *(*use)(const char *_prefix, unsigned long _count, - const char *_input, int _size, - char *_output, int _output_size); - - /* This may be supported on some platforms in the future */ - if (!input) { - __set_errno(EINVAL); - return NULL; - } - - if (!strncmp(prefix, "$5$", 3) || !strncmp(prefix, "$6$", 3)) - use = _crypt_gensalt_sha2_rn; - else - if (!strncmp(prefix, "$2a$", 4) || !strncmp(prefix, "$2y$", 4)) - use = _crypt_gensalt_blowfish_rn; - else - if (!strncmp(prefix, "$1$", 3)) - use = _crypt_gensalt_md5_rn; - else - if (prefix[0] == '_') - use = _crypt_gensalt_extended_rn; - else - if (!prefix[0] || - (prefix[0] && prefix[1] && - memchr(_crypt_itoa64, prefix[0], 64) && - memchr(_crypt_itoa64, prefix[1], 64))) - use = _crypt_gensalt_traditional_rn; - else { - __set_errno(EINVAL); - return NULL; - } - - return use(prefix, count, input, size, output, output_size); -} - -char *__crypt_gensalt_ra(const char *prefix, unsigned long count, - const char *input, int size) -{ - char output[CRYPT_GENSALT_OUTPUT_SIZE]; - char *retval; - - retval = __crypt_gensalt_rn(prefix, count, - input, size, output, sizeof(output)); - - if (retval) { - retval = strdup(retval); -#ifndef __GLIBC__ - /* strdup(3) on glibc sets errno, so we don't need to bother */ - if (!retval) - __set_errno(ENOMEM); #endif - } - - return retval; -} - -char *__crypt_gensalt(const char *prefix, unsigned long count, - const char *input, int size) -{ - static char output[CRYPT_GENSALT_OUTPUT_SIZE]; - - return __crypt_gensalt_rn(prefix, count, - input, size, output, sizeof(output)); -} #if defined(__GLIBC__) && defined(_LIBC) -weak_alias(__crypt_rn, crypt_rn) -weak_alias(__crypt_ra, crypt_ra) weak_alias(__crypt_r, crypt_r) weak_alias(__crypt, crypt) -weak_alias(__crypt_gensalt_rn, crypt_gensalt_rn) -weak_alias(__crypt_gensalt_ra, crypt_gensalt_ra) -weak_alias(__crypt_gensalt, crypt_gensalt) weak_alias(crypt, fcrypt) #endif ++++++ disable-gconv-translit-modules.patch ++++++ 2014-08-26 Florian Weimer <fweimer@redhat.com> [BZ #17187] * iconv/gconv_trans.c (struct known_trans, search_tree, lock, trans_compare, open_translit, __gconv_translit_find): Remove module loading code. Index: glibc-2.18/iconv/gconv_trans.c =================================================================== --- glibc-2.18.orig/iconv/gconv_trans.c +++ glibc-2.18/iconv/gconv_trans.c @@ -238,181 +238,12 @@ __gconv_transliterate (struct __gconv_st return __GCONV_ILLEGAL_INPUT; } - -/* Structure to represent results of found (or not) transliteration - modules. */ -struct known_trans -{ - /* This structure must remain the first member. */ - struct trans_struct info; - - char *fname; - void *handle; - int open_count; -}; - - -/* Tree with results of previous calls to __gconv_translit_find. */ -static void *search_tree; - -/* We modify global data. */ -__libc_lock_define_initialized (static, lock); - - -/* Compare two transliteration entries. */ -static int -trans_compare (const void *p1, const void *p2) -{ - const struct known_trans *s1 = (const struct known_trans *) p1; - const struct known_trans *s2 = (const struct known_trans *) p2; - - return strcmp (s1->info.name, s2->info.name); -} - - -/* Open (maybe reopen) the module named in the struct. Get the function - and data structure pointers we need. */ -static int -open_translit (struct known_trans *trans) -{ - __gconv_trans_query_fct queryfct; - - trans->handle = __libc_dlopen (trans->fname); - if (trans->handle == NULL) - /* Not available. */ - return 1; - - /* Find the required symbol. */ - queryfct = __libc_dlsym (trans->handle, "gconv_trans_context"); - if (queryfct == NULL) - { - /* We cannot live with that. */ - close_and_out: - __libc_dlclose (trans->handle); - trans->handle = NULL; - return 1; - } - - /* Get the context. */ - if (queryfct (trans->info.name, &trans->info.csnames, &trans->info.ncsnames) - != 0) - goto close_and_out; - - /* Of course we also have to have the actual function. */ - trans->info.trans_fct = __libc_dlsym (trans->handle, "gconv_trans"); - if (trans->info.trans_fct == NULL) - goto close_and_out; - - /* Now the optional functions. */ - trans->info.trans_init_fct = - __libc_dlsym (trans->handle, "gconv_trans_init"); - trans->info.trans_context_fct = - __libc_dlsym (trans->handle, "gconv_trans_context"); - trans->info.trans_end_fct = - __libc_dlsym (trans->handle, "gconv_trans_end"); - - trans->open_count = 1; - - return 0; -} - - int internal_function __gconv_translit_find (struct trans_struct *trans) { - struct known_trans **found; - const struct path_elem *runp; - int res = 1; - - /* We have to have a name. */ - assert (trans->name != NULL); - - /* Acquire the lock. */ - __libc_lock_lock (lock); - - /* See whether we know this module already. */ - found = __tfind (trans, &search_tree, trans_compare); - if (found != NULL) - { - /* Is this module available? */ - if ((*found)->handle != NULL) - { - /* Maybe we have to reopen the file. */ - if ((*found)->handle != (void *) -1) - /* The object is not unloaded. */ - res = 0; - else if (open_translit (*found) == 0) - { - /* Copy the data. */ - *trans = (*found)->info; - (*found)->open_count++; - res = 0; - } - } - } - else - { - size_t name_len = strlen (trans->name) + 1; - int need_so = 0; - struct known_trans *newp; - - /* We have to continue looking for the module. */ - if (__gconv_path_elem == NULL) - __gconv_get_path (); - - /* See whether we have to append .so. */ - if (name_len <= 4 || memcmp (&trans->name[name_len - 4], ".so", 3) != 0) - need_so = 1; - - /* Create a new entry. */ - newp = (struct known_trans *) malloc (sizeof (struct known_trans) - + (__gconv_max_path_elem_len - + name_len + 3) - + name_len); - if (newp != NULL) - { - char *cp; - - /* Clear the struct. */ - memset (newp, '\0', sizeof (struct known_trans)); - - /* Store a copy of the module name. */ - newp->info.name = cp = (char *) (newp + 1); - cp = __mempcpy (cp, trans->name, name_len); - - newp->fname = cp; - - /* Search in all the directories. */ - for (runp = __gconv_path_elem; runp->name != NULL; ++runp) - { - cp = __mempcpy (__stpcpy ((char *) newp->fname, runp->name), - trans->name, name_len); - if (need_so) - memcpy (cp, ".so", sizeof (".so")); - - if (open_translit (newp) == 0) - { - /* We found a module. */ - res = 0; - break; - } - } - - if (res) - newp->fname = NULL; - - /* In any case we'll add the entry to our search tree. */ - if (__tsearch (newp, &search_tree, trans_compare) == NULL) - { - /* Yickes, this should not happen. Unload the object. */ - res = 1; - /* XXX unload here. */ - } - } - } - - __libc_lock_unlock (lock); - - return res; + /* Transliteration module loading has been removed because it never + worked as intended and suffered from a security vulnerability. + Consequently, this function always fails. */ + return 1; } ++++++ fcntl-o-tmpfile.patch ++++++ Index: glibc-2.18/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h =================================================================== --- glibc-2.18.orig/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h +++ glibc-2.18/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h @@ -36,6 +36,7 @@ #define __O_DIRECT 02000000 /* Direct disk access. */ #define __O_NOATIME 04000000 /* Do not set atime. */ #define __O_PATH 040000000 /* Resolve pathname but do not open file. */ +#define __O_TMPFILE 0100100000 /* Atomically create nameless file. */ /* Not necessary, files are always with 64bit off_t. */ #define __O_LARGEFILE 0 Index: glibc-2.18/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h =================================================================== --- glibc-2.18.orig/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h +++ glibc-2.18/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h @@ -37,6 +37,7 @@ #define __O_CLOEXEC 010000000 /* Set close_on_exec. */ #define __O_NOATIME 004000000 /* Do not set atime. */ #define __O_PATH 020000000 +#define __O_TMPFILE 040010000 /* Atomically create nameless file. */ #define __O_LARGEFILE 00004000 Index: glibc-2.18/sysdeps/unix/sysv/linux/bits/fcntl-linux.h =================================================================== --- glibc-2.18.orig/sysdeps/unix/sysv/linux/bits/fcntl-linux.h +++ glibc-2.18/sysdeps/unix/sysv/linux/bits/fcntl-linux.h @@ -96,6 +96,9 @@ #ifndef __O_DSYNC # define __O_DSYNC 010000 #endif +#ifndef __O_TMPFILE +# define __O_TMPFILE 020200000 +#endif #ifndef F_GETLK # ifndef __USE_FILE_OFFSET64 @@ -128,6 +131,7 @@ # define O_DIRECT __O_DIRECT /* Direct disk access. */ # define O_NOATIME __O_NOATIME /* Do not set atime. */ # define O_PATH __O_PATH /* Resolve pathname but do not open file. */ +# define O_TMPFILE __O_TMPFILE /* Atomically create nameless file. */ #endif /* For now, Linux has no separate synchronicitiy options for read Index: glibc-2.18/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h =================================================================== --- glibc-2.18.orig/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h +++ glibc-2.18/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h @@ -39,6 +39,7 @@ #define __O_DIRECT 0x100000 /* direct disk access hint */ #define __O_NOATIME 0x200000 /* Do not set atime. */ #define __O_PATH 0x1000000 /* Resolve pathname but do not open file. */ +#define __O_TMPFILE 0x2010000 /* Atomically create nameless file. */ #if __WORDSIZE == 64 # define __O_LARGEFILE 0 ++++++ getaddrinfo-ipv6-sanity.diff ++++++ Index: glibc-2.17.90/sysdeps/posix/getaddrinfo.c =================================================================== --- glibc-2.17.90.orig/sysdeps/posix/getaddrinfo.c +++ glibc-2.17.90/sysdeps/posix/getaddrinfo.c @@ -270,7 +270,7 @@ extern service_user *__nss_hosts_databas static int gaih_inet (const char *name, const struct gaih_service *service, const struct addrinfo *req, struct addrinfo **pai, - unsigned int *naddrs) + unsigned int *naddrs, bool usable_ipv6) { const struct gaih_typeproto *tp = gaih_inet_typeproto; struct gaih_servtuple *st = (struct gaih_servtuple *) &nullserv; @@ -840,7 +840,10 @@ gaih_inet (const char *name, const struc if (req->ai_family == PF_UNSPEC) fct4 = __nss_lookup_function (nip, "gethostbyname4_r"); - if (fct4 != NULL) + /* If we don't want ipv6, don't use gethostbyname4_r, + as it's using T_UNSPEC to libc_res_nsearch, which always + create T_A and T_AAAA queries. */ + if (usable_ipv6 && fct4 != NULL) { int herrno; @@ -943,7 +946,7 @@ gaih_inet (const char *name, const struc if (fct != NULL) { if (req->ai_family == AF_INET6 - || req->ai_family == AF_UNSPEC) + || (req->ai_family == AF_UNSPEC && usable_ipv6)) { gethosts (AF_INET6, struct in6_addr); no_inet6_data = no_data; @@ -2471,7 +2474,11 @@ getaddrinfo (const char *name, const cha if (hints->ai_family == AF_UNSPEC || hints->ai_family == AF_INET || hints->ai_family == AF_INET6) { - last_i = gaih_inet (name, pservice, hints, end, &naddrs); + if (!check_pf_called) + __check_pf (&seen_ipv4, &seen_ipv6, &in6ai, &in6ailen); + check_pf_called = true; + + last_i = gaih_inet (name, pservice, hints, end, &naddrs, seen_ipv6); if (last_i != 0) { freeaddrinfo (p); ++++++ getaddrinfo-overflow.patch ++++++ 2013-10-25 Siddhesh Poyarekar <siddhesh@redhat.com> [BZ #16072] * sysdeps/posix/getaddrinfo.c (gethosts): Allocate tmpbuf on heap for large requests. Index: glibc-2.18/sysdeps/posix/getaddrinfo.c =================================================================== --- glibc-2.18.orig/sysdeps/posix/getaddrinfo.c +++ glibc-2.18/sysdeps/posix/getaddrinfo.c @@ -197,7 +197,22 @@ gaih_inet_serv (const char *servicename, &rc, &herrno, NULL, &localcanon)); \ if (rc != ERANGE || herrno != NETDB_INTERNAL) \ break; \ - tmpbuf = extend_alloca (tmpbuf, tmpbuflen, 2 * tmpbuflen); \ + if (!malloc_tmpbuf && __libc_use_alloca (alloca_used + 2 * tmpbuflen)) \ + tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen, 2 * tmpbuflen, \ + alloca_used); \ + else \ + { \ + char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL, \ + 2 * tmpbuflen); \ + if (newp == NULL) \ + { \ + result = -EAI_MEMORY; \ + goto free_and_return; \ + } \ + tmpbuf = newp; \ + malloc_tmpbuf = true; \ + tmpbuflen = 2 * tmpbuflen; \ + } \ } \ if (status == NSS_STATUS_SUCCESS && rc == 0) \ h = &th; \ @@ -209,7 +224,8 @@ gaih_inet_serv (const char *servicename, { \ __set_h_errno (herrno); \ _res.options |= old_res_options & RES_USE_INET6; \ - return -EAI_SYSTEM; \ + result = -EAI_SYSTEM; \ + goto free_and_return; \ } \ if (herrno == TRY_AGAIN) \ no_data = EAI_AGAIN; \ ++++++ glibc-2.14-crypt.diff ++++++ Index: glibc-2.17.90/Versions.def =================================================================== --- glibc-2.17.90.orig/Versions.def +++ glibc-2.17.90/Versions.def @@ -44,6 +44,9 @@ libc { libcrypt { GLIBC_2.0 } +libowcrypt { + OW_CRYPT_1.0 +} libdl { GLIBC_2.0 GLIBC_2.1 Index: glibc-2.17.90/crypt/Makefile =================================================================== --- glibc-2.17.90.orig/crypt/Makefile +++ glibc-2.17.90/crypt/Makefile @@ -21,14 +21,18 @@ subdir := crypt headers := crypt.h +headers += gnu-crypt.h ow-crypt.h -extra-libs := libcrypt +extra-libs := libcrypt libowcrypt extra-libs-others := $(extra-libs) libcrypt-routines := crypt-entry md5-crypt sha256-crypt sha512-crypt crypt \ crypt_util -tests := cert md5c-test sha256c-test sha512c-test badsalttest +libcrypt-routines += crypt_blowfish x86 wrapper +libowcrypt-routines := crypt_gensalt wrapper-gensalt + +tests := cert md5c-test sha256c-test sha512c-test include ../Makeconfig Index: glibc-2.17.90/crypt/Versions =================================================================== --- glibc-2.17.90.orig/crypt/Versions +++ glibc-2.17.90/crypt/Versions @@ -3,3 +3,8 @@ libcrypt { crypt; crypt_r; encrypt; encrypt_r; fcrypt; setkey; setkey_r; } } +libowcrypt { + OW_CRYPT_1.0 { + crypt_gensalt; crypt_gensalt_rn; crypt_gensalt_ra; + } +} Index: glibc-2.17.90/crypt/crypt-entry.c =================================================================== --- glibc-2.17.90.orig/crypt/crypt-entry.c +++ glibc-2.17.90/crypt/crypt-entry.c @@ -81,7 +81,7 @@ extern struct crypt_data _ufc_foobar; */ char * -__crypt_r (key, salt, data) +__des_crypt_r (key, salt, data) const char *key; const char *salt; struct crypt_data * __restrict data; @@ -155,6 +155,7 @@ __crypt_r (key, salt, data) _ufc_output_conversion_r (res[0], res[1], salt, data); return data->crypt_3_buf; } +#if 0 weak_alias (__crypt_r, crypt_r) char * @@ -197,3 +198,4 @@ __fcrypt (key, salt) return crypt (key, salt); } #endif +#endif Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/aarch64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/aarch64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/alpha/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/alpha/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/arm/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/arm/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/ia64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/ia64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/m68k/coldfire/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/m68k/coldfire/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/m68k/m680x0/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/m68k/m680x0/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips64/n32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips64/n32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips64/n64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/mips/mips64/n64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilegx/tilegx32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilegx/tilegx32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilegx/tilegx64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilegx/tilegx64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilepro/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/ports/sysdeps/unix/sysv/linux/tile/tilepro/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/shlib-versions =================================================================== --- glibc-2.17.90.orig/shlib-versions +++ glibc-2.17.90/shlib-versions @@ -92,6 +92,7 @@ sh.*-.*-linux.* ld=ld-linux.so.2 GLIBC_ # This defines the shared library version numbers we will install. .*-.*-.* libcrypt=1 +.*-.*-.* libowcrypt=1 # The gross patch for programs assuming broken locale implementations. sh.*-.*-.* libBrokenLocale=1 GLIBC_2.2 Index: glibc-2.17.90/sysdeps/unix/sysv/linux/i386/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/i386/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/powerpc/powerpc64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/powerpc/powerpc64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/s390/s390-32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/s390/s390-32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/s390/s390-64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/s390/s390-64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/sh/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/sh/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/sparc/sparc32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/sparc/sparc32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/sparc/sparc64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/sparc/sparc64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/x86_64/64/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/x86_64/64/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F Index: glibc-2.17.90/sysdeps/unix/sysv/linux/x86_64/x32/nptl/libowcrypt.abilist =================================================================== --- /dev/null +++ glibc-2.17.90/sysdeps/unix/sysv/linux/x86_64/x32/nptl/libowcrypt.abilist @@ -0,0 +1,5 @@ +OW_CRYPT_1.0 + OW_CRYPT_1.0 A + crypt_gensalt F + crypt_gensalt_ra F + crypt_gensalt_rn F ++++++ glibc-2.2-sunrpc.diff ++++++ For details see: http://sourceware.org/bugzilla/show_bug.cgi?id=5379 Index: glibc-2.17.90/sunrpc/clnt_udp.c =================================================================== --- glibc-2.17.90.orig/sunrpc/clnt_udp.c +++ glibc-2.17.90/sunrpc/clnt_udp.c @@ -308,6 +308,7 @@ clntudp_call (cl, proc, xargs, argsp, xr XDR *xdrs; int outlen = 0; int inlen; + int pollresult; socklen_t fromlen; struct pollfd fd; int milliseconds = (cu->cu_wait.tv_sec * 1000) + @@ -378,37 +379,36 @@ send_again: anyup = 0; for (;;) { - switch (__poll (&fd, 1, milliseconds)) + switch (pollresult = __poll (&fd, 1, milliseconds)) { - case 0: - if (anyup == 0) - { - anyup = is_network_up (cu->cu_sock); - if (!anyup) - return (cu->cu_error.re_status = RPC_CANTRECV); - } - - time_waited.tv_sec += cu->cu_wait.tv_sec; - time_waited.tv_usec += cu->cu_wait.tv_usec; - while (time_waited.tv_usec >= 1000000) - { - time_waited.tv_sec++; - time_waited.tv_usec -= 1000000; - } - if ((time_waited.tv_sec < timeout.tv_sec) || - ((time_waited.tv_sec == timeout.tv_sec) && - (time_waited.tv_usec < timeout.tv_usec))) - goto send_again; - return (cu->cu_error.re_status = RPC_TIMEDOUT); - - /* - * buggy in other cases because time_waited is not being - * updated. - */ case -1: - if (errno == EINTR) - continue; + if (pollresult == 0 || errno == EINTR) { + if (anyup == 0) + { + anyup = is_network_up (cu->cu_sock); + if (!anyup) + return (cu->cu_error.re_status = RPC_CANTRECV); + } + + time_waited.tv_sec += cu->cu_wait.tv_sec; + time_waited.tv_usec += cu->cu_wait.tv_usec; + while (time_waited.tv_usec >= 1000000) + { + time_waited.tv_sec++; + time_waited.tv_usec -= 1000000; + } + if ((time_waited.tv_sec < timeout.tv_sec) || + ((time_waited.tv_sec == timeout.tv_sec) && + (time_waited.tv_usec < timeout.tv_usec))) + if (pollresult == 0) + goto send_again; + else + continue; + return (cu->cu_error.re_status = RPC_TIMEDOUT); + } + + /* errno != EINTR */ cu->cu_error.re_errno = errno; return (cu->cu_error.re_status = RPC_CANTRECV); } ++++++ glibc-2.3.2.no_archive.diff ++++++ ------------------------------------------------------------------- Wed Jun 4 14:29:07 CEST 2003 - kukuk@suse.de - Make --no-archive default for localedef Index: glibc-2.17.90/locale/programs/localedef.c =================================================================== --- glibc-2.17.90.orig/locale/programs/localedef.c +++ glibc-2.17.90/locale/programs/localedef.c @@ -81,7 +81,7 @@ const char *alias_file; static struct localedef_t *locales; /* If true don't add locale data to archive. */ -bool no_archive; +bool no_archive = true; /* If true add named locales to archive. */ static bool add_to_archive; @@ -112,6 +112,7 @@ void (*argp_program_version_hook) (FILE #define OPT_REPLACE 307 #define OPT_DELETE_FROM_ARCHIVE 308 #define OPT_LIST_ARCHIVE 309 +#define OPT_ARCHIVE 310 /* Definitions of arguments for argp functions. */ static const struct argp_option options[] = @@ -134,6 +135,8 @@ static const struct argp_option options[ N_("Suppress warnings and information messages") }, { "verbose", 'v', NULL, 0, N_("Print more messages") }, { NULL, 0, NULL, 0, N_("Archive control:") }, + { "archive", OPT_ARCHIVE, NULL, 0, + N_("Add new data to archive") }, { "no-archive", OPT_NO_ARCHIVE, NULL, 0, N_("Don't add new data to archive") }, { "add-to-archive", OPT_ADD_TO_ARCHIVE, NULL, 0, @@ -311,6 +314,9 @@ parse_opt (int key, char *arg, struct ar case OPT_PREFIX: output_prefix = arg; break; + case OPT_ARCHIVE: + no_archive = false; + break; case OPT_NO_ARCHIVE: no_archive = true; break; ++++++ glibc-2.3.3-nscd-db-path.diff ++++++ 2004-12-09 Thorsten Kukuk <kukuk@suse.de> * nscd/nscd.h: Move persistent storage back to /var/run/nscd Index: glibc-2.17.90/nscd/nscd.h =================================================================== --- glibc-2.17.90.orig/nscd/nscd.h +++ glibc-2.17.90/nscd/nscd.h @@ -112,11 +112,11 @@ struct database_dyn /* Paths of the file for the persistent storage. */ -#define _PATH_NSCD_PASSWD_DB "/var/db/nscd/passwd" -#define _PATH_NSCD_GROUP_DB "/var/db/nscd/group" -#define _PATH_NSCD_HOSTS_DB "/var/db/nscd/hosts" -#define _PATH_NSCD_SERVICES_DB "/var/db/nscd/services" -#define _PATH_NSCD_NETGROUP_DB "/var/db/nscd/netgroup" +#define _PATH_NSCD_PASSWD_DB "/var/run/nscd/passwd" +#define _PATH_NSCD_GROUP_DB "/var/run/nscd/group" +#define _PATH_NSCD_HOSTS_DB "/var/run/nscd/hosts" +#define _PATH_NSCD_SERVICES_DB "/var/run/nscd/services" +#define _PATH_NSCD_NETGROUP_DB "/var/run/nscd/netgroup" /* Path used when not using persistent storage. */ #define _PATH_NSCD_XYZ_DB_TMP "/var/run/nscd/dbXXXXXX" ++++++ glibc-2.3.90-langpackdir.diff ++++++ Index: glibc-2.17.90/intl/loadmsgcat.c =================================================================== --- glibc-2.17.90.orig/intl/loadmsgcat.c +++ glibc-2.17.90/intl/loadmsgcat.c @@ -806,8 +806,52 @@ _nl_load_domain (domain_file, domainbind if (domain_file->filename == NULL) goto out; - /* Try to open the addressed file. */ - fd = open (domain_file->filename, O_RDONLY); + /* Replace /locale/ with /usr/share/locale-langpack/ */ + const char *langpackdir = "/usr/share/locale-langpack/"; + char *filename_langpack = malloc (strlen (domain_file->filename) + + strlen (langpackdir)); + if (filename_langpack != NULL) + { + char *p = strstr (domain_file->filename, "/locale/"); + if (p != NULL) + { + strcpy (filename_langpack, langpackdir); + strcpy (&filename_langpack[strlen (langpackdir)], + (p+8)); + if ((fd = open (filename_langpack, O_RDONLY)) == -1) + fd = open (domain_file->filename, O_RDONLY); + } + else + /* Try to open the addressed file. */ + fd = open (domain_file->filename, O_RDONLY); + + free (filename_langpack); + } + else + /* Try to open the addressed file. */ + fd = open (domain_file->filename, O_RDONLY); + + if (fd == -1) + { + /* Use the fallback directory. */ + const char *bundle_dir = "/usr/share/locale-bundle/"; + char *filename_bundle = malloc (strlen (domain_file->filename) + + strlen (bundle_dir)); + if (filename_bundle != NULL) + { + char *p = strstr (domain_file->filename, "/locale/"); + if (p != NULL) + { + strcpy (filename_bundle, bundle_dir); + strcpy (&filename_bundle[strlen (bundle_dir)], + (p+8)); + fd = open (filename_bundle, O_RDONLY); + } + + free (filename_bundle); + } + } + if (fd == -1) goto out; ++++++ glibc-2.3.90-noversion.diff ++++++ Index: glibc-2.17.90/elf/rtld.c =================================================================== --- glibc-2.17.90.orig/elf/rtld.c +++ glibc-2.17.90/elf/rtld.c @@ -1717,6 +1717,53 @@ ERROR: ld.so: object '%s' cannot be load } } +#if defined(__i386__) + /* + * Modifications by Red Hat Software + * + * Deal with the broken binaries from the non-versioned ages of glibc. + * If a binary does not have version information enabled, we assume that + * it is a glibc 2.0 binary and we load a compatibility library to try to + * overcome binary incompatibilities. + * Blame: gafton@redhat.com + */ +#define LIB_NOVERSION "/lib/obsolete/noversion/libNoVersion.so.1" + + if (__builtin_expect (main_map->l_info[DT_NUM + DT_THISPROCNUM + + DT_VERSIONTAGIDX (DT_VERNEED)] + == NULL, 0) + && (main_map->l_info[DT_DEBUG] + || !(GLRO(dl_debug_mask) & DL_DEBUG_PRELINK))) + { + struct stat test_st; + int test_fd; + int can_load; + + HP_TIMING_NOW (start); + + can_load = 1; + test_fd = __open (LIB_NOVERSION, O_RDONLY); + if (test_fd < 0) { + can_load = 0; + } else { + if (__fxstat (_STAT_VER, test_fd, &test_st) < 0 || test_st.st_size == 0) { + can_load = 0; + } + } + + if (test_fd >= 0) /* open did no fail.. */ + __close(test_fd); /* avoid fd leaks */ + + if (can_load != 0) + npreloads += do_preload (LIB_NOVERSION, main_map, + "nonversioned binary"); + + HP_TIMING_NOW (stop); + HP_TIMING_DIFF (diff, start, stop); + HP_TIMING_ACCUM_NT (load_time, diff); + } +#endif + if (__builtin_expect (*first_preload != NULL, 0)) { /* Set up PRELOADS with a vector of the preloaded libraries. */ ++++++ glibc-2.3.locales.diff.bz2 ++++++ ++++ 74380 lines (skipped) ++++++ glibc-2.4-china.diff ++++++ Index: glibc-2.17.90/localedata/locales/zh_TW =================================================================== --- glibc-2.17.90.orig/localedata/locales/zh_TW +++ glibc-2.17.90/localedata/locales/zh_TW @@ -1,7 +1,7 @@ comment_char % escape_char / % -% Chinese language locale for Taiwan R.O.C. +% Chinese language locale for Taiwan % charmap: BIG5-CP950 % % Original Author: @@ -17,7 +17,7 @@ escape_char / % Reference: http://wwwold.dkuug.dk/JTC1/SC22/WG20/docs/n690.pdf LC_IDENTIFICATION -title "Chinese locale for Taiwan R.O.C." +title "Chinese locale for Taiwan" source "" address "" contact "" @@ -25,7 +25,7 @@ email "bug-glibc-locales@gnu.org" tel "" fax "" language "Chinese" -territory "Taiwan R.O.C." +territory "Taiwan" revision "0.2" date "2000-08-02" % ++++++ glibc-2.4.90-no_NO.diff ++++++ Index: glibc-2.17.90/intl/locale.alias =================================================================== --- glibc-2.17.90.orig/intl/locale.alias +++ glibc-2.17.90/intl/locale.alias @@ -56,8 +56,6 @@ korean ko_KR.eucKR korean.euc ko_KR.eucKR ko_KR ko_KR.eucKR lithuanian lt_LT.ISO-8859-13 -no_NO nb_NO.ISO-8859-1 -no_NO.ISO-8859-1 nb_NO.ISO-8859-1 norwegian nb_NO.ISO-8859-1 nynorsk nn_NO.ISO-8859-1 polish pl_PL.ISO-8859-2 Index: glibc-2.17.90/localedata/SUPPORTED =================================================================== --- glibc-2.17.90.orig/localedata/SUPPORTED +++ glibc-2.17.90/localedata/SUPPORTED @@ -324,6 +324,8 @@ nl_NL/ISO-8859-1 \ nl_NL@euro/ISO-8859-15 \ nn_NO.UTF-8/UTF-8 \ nn_NO/ISO-8859-1 \ +no_NO.UTF-8/UTF-8 \ +no_NO/ISO-8859-1 \ nr_ZA/UTF-8 \ nso_ZA/UTF-8 \ oc_FR.UTF-8/UTF-8 \ Index: glibc-2.17.90/localedata/locales/no_NO =================================================================== --- /dev/null +++ glibc-2.17.90/localedata/locales/no_NO @@ -0,0 +1,69 @@ +escape_char / +comment_char % + +% Norwegian language locale for Norway +% Source: Norsk Standardiseringsforbund +% Address: University Library, +% Drammensveien 41, N-9242 Oslo, Norge +% Contact: Kolbjoern Aamboe +% Tel: +47 - 22859109 +% Fax: +47 - 22434497 +% Email: kolbjorn.aambo@usit.uio.no +% Language: no +% Territory: NO +% Revision: 4.3 +% Date: 1996-10-15 +% Application: general +% Users: general +% Repertoiremap: mnemonic.ds +% Charset: ISO-8859-1 +% Distribution and use is free, also +% for commercial purposes. + +LC_IDENTIFICATION +copy "nb_NO" +END LC_IDENTIFICATION + +LC_COLLATE +copy "nb_NO" +END LC_COLLATE + +LC_CTYPE +copy "nb_NO" +END LC_CTYPE + +LC_MONETARY +copy "nb_NO" +END LC_MONETARY + +LC_NUMERIC +copy "nb_NO" +END LC_NUMERIC + +LC_TIME +copy "nb_NO" +END LC_TIME + +LC_MESSAGES +copy "nb_NO" +END LC_MESSAGES + +LC_PAPER +copy "nb_NO" +END LC_PAPER + +LC_TELEPHONE +copy "nb_NO" +END LC_TELEPHONE + +LC_MEASUREMENT +copy "nb_NO" +END LC_MEASUREMENT + +LC_NAME +copy "nb_NO" +END LC_NAME + +LC_ADDRESS +copy "nb_NO" +END LC_ADDRESS ++++++ glibc-2.4.90-revert-only-euro.diff ++++++ Index: glibc-2.17.90/locale/iso-4217.def =================================================================== --- glibc-2.17.90.orig/locale/iso-4217.def +++ glibc-2.17.90/locale/iso-4217.def @@ -8,6 +8,7 @@ * * !!! The list has to be sorted !!! */ +DEFINE_INT_CURR("ADP") /* Andorran Peseta -> EUR */ DEFINE_INT_CURR("AED") /* United Arab Emirates Dirham */ DEFINE_INT_CURR("AFN") /* Afghanistan Afgani */ DEFINE_INT_CURR("ALL") /* Albanian Lek */ @@ -15,12 +16,14 @@ DEFINE_INT_CURR("AMD") /* Armenia Dram DEFINE_INT_CURR("ANG") /* Netherlands Antilles */ DEFINE_INT_CURR("AOA") /* Angolan Kwanza */ DEFINE_INT_CURR("ARS") /* Argentine Peso */ +DEFINE_INT_CURR("ATS") /* Austrian Schilling -> EUR */ DEFINE_INT_CURR("AUD") /* Australian Dollar */ DEFINE_INT_CURR("AWG") /* Aruba Guilder */ DEFINE_INT_CURR("AZM") /* Azerbaijan Manat */ DEFINE_INT_CURR("BAM") /* Bosnian and Herzegovina Convertible Mark */ DEFINE_INT_CURR("BBD") /* Barbados Dollar */ DEFINE_INT_CURR("BDT") /* Bangladesh Taka */ +DEFINE_INT_CURR("BEF") /* Belgian Franc -> EUR */ DEFINE_INT_CURR("BGN") /* Bulgarian Lev */ DEFINE_INT_CURR("BHD") /* Bahraini Dinar */ DEFINE_INT_CURR("BIF") /* Burundi Franc */ @@ -44,6 +47,7 @@ DEFINE_INT_CURR("CUP") /* Cuban Peso * DEFINE_INT_CURR("CVE") /* Cape Verde Escudo */ DEFINE_INT_CURR("CYP") /* Cypriot Pound */ DEFINE_INT_CURR("CZK") /* Czech Koruna */ +DEFINE_INT_CURR("DEM") /* German Mark -> EUR */ DEFINE_INT_CURR("DJF") /* Djibouti Franc */ DEFINE_INT_CURR("DKK") /* Danish Krone (Faroe Islands, Greenland) */ DEFINE_INT_CURR("DOP") /* Dominican Republic */ @@ -51,16 +55,20 @@ DEFINE_INT_CURR("DZD") /* Algerian Dina DEFINE_INT_CURR("EEK") /* Estonian Kroon */ DEFINE_INT_CURR("EGP") /* Egyptian Pound */ DEFINE_INT_CURR("ERN") /* Eritrean Nakfa */ +DEFINE_INT_CURR("ESP") /* Spanish Peseta -> EUR */ DEFINE_INT_CURR("ETB") /* Ethiopian Birr */ DEFINE_INT_CURR("EUR") /* European Union Euro */ +DEFINE_INT_CURR("FIM") /* Finnish Markka -> EUR */ DEFINE_INT_CURR("FJD") /* Fiji Dollar */ DEFINE_INT_CURR("FKP") /* Falkland Islands Pound (Malvinas) */ +DEFINE_INT_CURR("FRF") /* French Franc -> EUR */ DEFINE_INT_CURR("GBP") /* British Pound */ DEFINE_INT_CURR("GEL") /* Georgia Lari */ DEFINE_INT_CURR("GHC") /* Ghana Cedi */ DEFINE_INT_CURR("GIP") /* Gibraltar Pound */ DEFINE_INT_CURR("GMD") /* Gambian Dalasi */ DEFINE_INT_CURR("GNF") /* Guinea Franc */ +DEFINE_INT_CURR("GRD") /* Greek Drachma -> EUR */ DEFINE_INT_CURR("GTQ") /* Guatemala Quetzal */ DEFINE_INT_CURR("GYD") /* Guyana Dollar */ DEFINE_INT_CURR("HKD") /* Hong Kong Dollar */ @@ -69,12 +77,14 @@ DEFINE_INT_CURR("HRK") /* Croatia Kuna DEFINE_INT_CURR("HTG") /* Haiti Gourde */ DEFINE_INT_CURR("HUF") /* Hungarian Forint */ DEFINE_INT_CURR("IDR") /* Indonesia Rupiah */ +DEFINE_INT_CURR("IEP") /* Irish Pound -> EUR */ DEFINE_INT_CURR("ILS") /* Israeli Shekel */ DEFINE_INT_CURR("IMP") /* Isle of Man Pounds */ DEFINE_INT_CURR("INR") /* Indian Rupee (Bhutan) */ DEFINE_INT_CURR("IQD") /* Iraqi Dinar */ DEFINE_INT_CURR("IRR") /* Iranian Rial */ DEFINE_INT_CURR("ISK") /* Iceland Krona */ +DEFINE_INT_CURR("ITL") /* Italian Lira -> EUR */ DEFINE_INT_CURR("JEP") /* Jersey Pound */ DEFINE_INT_CURR("JMD") /* Jamaican Dollar */ DEFINE_INT_CURR("JOD") /* Jordanian Dinar */ @@ -94,6 +104,7 @@ DEFINE_INT_CURR("LKR") /* Sri Lankan Ru DEFINE_INT_CURR("LRD") /* Liberian Dollar */ DEFINE_INT_CURR("LSL") /* Lesotho Maloti */ DEFINE_INT_CURR("LTL") /* Lithuanian Litas */ +DEFINE_INT_CURR("LUF") /* Luxembourg Franc -> EUR */ DEFINE_INT_CURR("LVL") /* Latvia Lat */ DEFINE_INT_CURR("LYD") /* Libyan Arab Jamahiriya Dinar */ DEFINE_INT_CURR("MAD") /* Moroccan Dirham */ @@ -114,6 +125,7 @@ DEFINE_INT_CURR("MZM") /* Mozambique Me DEFINE_INT_CURR("NAD") /* Namibia Dollar */ DEFINE_INT_CURR("NGN") /* Nigeria Naira */ DEFINE_INT_CURR("NIO") /* Nicaragua Cordoba Oro */ +DEFINE_INT_CURR("NLG") /* Netherlands Guilder -> EUR */ DEFINE_INT_CURR("NOK") /* Norwegian Krone */ DEFINE_INT_CURR("NPR") /* Nepalese Rupee */ DEFINE_INT_CURR("NZD") /* New Zealand Dollar */ @@ -124,6 +136,7 @@ DEFINE_INT_CURR("PGK") /* Papau New Gui DEFINE_INT_CURR("PHP") /* Philippines Peso */ DEFINE_INT_CURR("PKR") /* Pakistan Rupee */ DEFINE_INT_CURR("PLN") /* Polish Zloty */ +DEFINE_INT_CURR("PTE") /* Portugese Escudo -> EUR */ DEFINE_INT_CURR("PYG") /* Paraguay Guarani */ DEFINE_INT_CURR("QAR") /* Qatar Rial */ DEFINE_INT_CURR("ROL") /* Romanian Leu */ ++++++ glibc-bindresvport-blacklist.diff ++++++ Index: glibc-2.17.90/sunrpc/bindrsvprt.c =================================================================== --- glibc-2.17.90.orig/sunrpc/bindrsvprt.c +++ glibc-2.17.90/sunrpc/bindrsvprt.c @@ -29,6 +29,9 @@ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +#include <stdio.h> +#include <ctype.h> +#include <stdlib.h> #include <errno.h> #include <unistd.h> #include <string.h> @@ -42,6 +45,93 @@ */ __libc_lock_define_initialized (static, lock); +#define STARTPORT 600 +#define LOWPORT 512 +#define ENDPORT (IPPORT_RESERVED - 1) +#define NPORTS (ENDPORT - STARTPORT + 1) + +/* Read the file /etc/rpc.blacklisted, so that we don't bind to these + ports. */ + +static int blacklist_read; +static int *list; +static int list_size = 0; + +static void +load_blacklist (void) +{ + FILE *fp; + char *buf = NULL; + size_t buflen = 0; + int size = 0, ptr = 0; + + __libc_lock_lock (lock); + if (blacklist_read) + goto unlock; + blacklist_read = 1; + + fp = fopen ("/etc/bindresvport.blacklist", "r"); + if (fp == NULL) + goto unlock; + + while (!feof_unlocked (fp)) + { + unsigned long port; + char *tmp, *cp; + ssize_t n = __getline (&buf, &buflen, fp); + if (n < 1) + break; + + cp = buf; + /* Remove comments. */ + tmp = strchr (cp, '#'); + if (tmp) + *tmp = '\0'; + /* Remove spaces and tabs. */ + while (isspace ((unsigned char) *cp)) + ++cp; + /* Ignore empty lines. */ + if (*cp == '\0') + continue; + if (cp[strlen (cp) - 1] == '\n') + cp[strlen (cp) - 1] = '\0'; + + port = strtoul (cp, &tmp, 0); + while (isspace ((unsigned char) *tmp)) + ++tmp; + if (*tmp != '\0' || (port == ULONG_MAX && errno == ERANGE)) + continue; + + /* Don't bother with out-of-range ports. */ + if (port < LOWPORT || port > ENDPORT) + continue; + + if (ptr >= size) + { + size += 10; + int *new_list = realloc (list, size * sizeof (int)); + if (new_list == NULL) + { + free (list); + list = NULL; + free (buf); + goto unlock; + } + list = new_list; + } + + list[ptr++] = port; + } + + fclose (fp); + free (buf); + list_size = ptr; + + unlock: + __libc_lock_unlock (lock); +} + + /* * Bind a socket to a privileged IP port */ @@ -52,12 +142,11 @@ bindresvport (int sd, struct sockaddr_in struct sockaddr_in myaddr; int i; -#define STARTPORT 600 -#define LOWPORT 512 -#define ENDPORT (IPPORT_RESERVED - 1) -#define NPORTS (ENDPORT - STARTPORT + 1) static short startport = STARTPORT; + if (!blacklist_read) + load_blacklist (); + if (sin == (struct sockaddr_in *) 0) { sin = &myaddr; @@ -75,6 +164,7 @@ bindresvport (int sd, struct sockaddr_in port = (__getpid () % NPORTS) + STARTPORT; } + __set_errno (EADDRINUSE); /* Initialize to make gcc happy. */ int res = -1; @@ -86,12 +176,22 @@ bindresvport (int sd, struct sockaddr_in again: for (i = 0; i < nports; ++i) { - sin->sin_port = htons (port++); - if (port > endport) - port = startport; + int j; + + sin->sin_port = htons (port); + + /* Check that this port is not blacklisted. */ + for (j = 0; j < list_size; j++) + if (port == list[j]) + goto try_next_port; + res = __bind (sd, sin, sizeof (struct sockaddr_in)); if (res >= 0 || errno != EADDRINUSE) break; + + try_next_port: + if (++port > endport) + port = startport; } if (i == nports && startport != LOWPORT) ++++++ glibc-cpusetsize.diff ++++++ Index: glibc-2.17.90/bits/sched.h =================================================================== --- glibc-2.17.90.orig/bits/sched.h +++ glibc-2.17.90/bits/sched.h @@ -52,7 +52,7 @@ struct __sched_param #if defined _SCHED_H && !defined __cpu_set_t_defined # define __cpu_set_t_defined /* Size definition for CPU sets. */ -# define __CPU_SETSIZE 1024 +# define __CPU_SETSIZE 4096 # define __NCPUBITS (8 * sizeof (__cpu_mask)) /* Type for array elements in 'cpu_set_t'. */ Index: glibc-2.17.90/sysdeps/unix/sysv/linux/bits/sched.h =================================================================== --- glibc-2.17.90.orig/sysdeps/unix/sysv/linux/bits/sched.h +++ glibc-2.17.90/sysdeps/unix/sysv/linux/bits/sched.h @@ -111,7 +111,7 @@ struct __sched_param #if defined _SCHED_H && !defined __cpu_set_t_defined # define __cpu_set_t_defined /* Size definition for CPU sets. */ -# define __CPU_SETSIZE 1024 +# define __CPU_SETSIZE 4096 # define __NCPUBITS (8 * sizeof (__cpu_mask)) /* Type for array elements in 'cpu_set_t'. */ ++++++ glibc-fix-double-loopback.diff ++++++ This fixes the problem of getent ahosts localhost returning 127.0.0.1 _twice_ on systems that have no ipv6 interfaces up (hence are regarded as ipv4 only by the lookup code), but still have localhost entries for ::1 and 127.0.0.1 in /etc/hosts (like most current systems). Remapping ::1 to 127.0.0.1 is bogus when /etc/hosts is correct. bnc #684534, #606980 http://sources.redhat.com/bugzilla/show_bug.cgi?id=4980 Index: glibc-2.17.90/nss/nss_files/files-hosts.c =================================================================== --- glibc-2.17.90.orig/nss/nss_files/files-hosts.c +++ glibc-2.17.90/nss/nss_files/files-hosts.c @@ -68,11 +68,6 @@ LINE_PARSER { if (IN6_IS_ADDR_V4MAPPED (entdata->host_addr)) memcpy (entdata->host_addr, entdata->host_addr + 12, INADDRSZ); - else if (IN6_IS_ADDR_LOOPBACK (entdata->host_addr)) - { - in_addr_t localhost = htonl (INADDR_LOOPBACK); - memcpy (entdata->host_addr, &localhost, sizeof (localhost)); - } else /* Illegal address: ignore line. */ return 0; ++++++ glibc-ld-profile.patch ++++++ glibc bug #13818 2012-03-07 Jeff Law <law@redhat.com> * elf/dl-reloc.c (_dl_relocate_object): Move code to allocate l_reloc_result prior to calling ELF_DYNAMIC_RELOCATE. diff -rup a/elf/dl-reloc.c b/elf/dl-reloc.c --- a/elf/dl-reloc.c 2012-01-01 05:16:32.000000000 -0700 +++ b/elf/dl-reloc.c 2012-03-06 15:41:56.486242640 -0700 @@ -238,32 +238,9 @@ _dl_relocate_object (struct link_map *l, /* String table object symbols. */ const char *strtab = (const void *) D_PTR (l, l_info[DT_STRTAB]); - /* This macro is used as a callback from the ELF_DYNAMIC_RELOCATE code. */ -#define RESOLVE_MAP(ref, version, r_type) \ - (ELFW(ST_BIND) ((*ref)->st_info) != STB_LOCAL \ - ? ((__builtin_expect ((*ref) == l->l_lookup_cache.sym, 0) \ - && elf_machine_type_class (r_type) == l->l_lookup_cache.type_class) \ - ? (bump_num_cache_relocations (), \ - (*ref) = l->l_lookup_cache.ret, \ - l->l_lookup_cache.value) \ - : ({ lookup_t _lr; \ - int _tc = elf_machine_type_class (r_type); \ - l->l_lookup_cache.type_class = _tc; \ - l->l_lookup_cache.sym = (*ref); \ - const struct r_found_version *v = NULL; \ - if ((version) != NULL && (version)->hash != 0) \ - v = (version); \ - _lr = _dl_lookup_symbol_x (strtab + (*ref)->st_name, l, (ref), \ - scope, v, _tc, \ - DL_LOOKUP_ADD_DEPENDENCY, NULL); \ - l->l_lookup_cache.ret = (*ref); \ - l->l_lookup_cache.value = _lr; })) \ - : l) - -#include "dynamic-link.h" - - ELF_DYNAMIC_RELOCATE (l, lazy, consider_profiling, skip_ifunc); - + /* ELF_DYNAMIC_RELOCATE may need to examine l_reloc_result + when handling MACHINE_IRELATIVE relocs. So we must + allocate l_reloc_result prior to calling ELF_DYNAMIC_RELOCATE. */ #ifndef PROF if (__builtin_expect (consider_profiling, 0)) { @@ -290,6 +267,32 @@ _dl_relocate_object (struct link_map *l, } } #endif + + /* This macro is used as a callback from the ELF_DYNAMIC_RELOCATE code. */ +#define RESOLVE_MAP(ref, version, r_type) \ + (ELFW(ST_BIND) ((*ref)->st_info) != STB_LOCAL \ + ? ((__builtin_expect ((*ref) == l->l_lookup_cache.sym, 0) \ + && elf_machine_type_class (r_type) == l->l_lookup_cache.type_class) \ + ? (bump_num_cache_relocations (), \ + (*ref) = l->l_lookup_cache.ret, \ + l->l_lookup_cache.value) \ + : ({ lookup_t _lr; \ + int _tc = elf_machine_type_class (r_type); \ + l->l_lookup_cache.type_class = _tc; \ + l->l_lookup_cache.sym = (*ref); \ + const struct r_found_version *v = NULL; \ + if ((version) != NULL && (version)->hash != 0) \ + v = (version); \ + _lr = _dl_lookup_symbol_x (strtab + (*ref)->st_name, l, (ref), \ + scope, v, _tc, \ + DL_LOOKUP_ADD_DEPENDENCY, NULL); \ + l->l_lookup_cache.ret = (*ref); \ + l->l_lookup_cache.value = _lr; })) \ + : l) + +#include "dynamic-link.h" + + ELF_DYNAMIC_RELOCATE (l, lazy, consider_profiling, skip_ifunc); } /* Mark the object so we know this work has been done. */ ++++++ glibc-nodate.patch ++++++ Index: glibc-2.17.90/csu/Makefile =================================================================== --- glibc-2.17.90.orig/csu/Makefile +++ glibc-2.17.90/csu/Makefile @@ -162,8 +162,8 @@ $(objpfx)version-info.h: $(common-objpfx if [ -z "$$os" ]; then \ os=Linux; \ fi; \ - printf '"Compiled on a %s %s system on %s.\\n"\n' \ - "$$os" "$$version" "`date +%Y-%m-%d`";; \ + printf '"Compiled on a %s %s system.\\n"\n' \ + "$$os" "$$version";; \ *) ;; \ esac; \ files="$(all-Banner-files)"; \ Index: glibc-2.17.90/nscd/nscd_stat.c =================================================================== --- glibc-2.17.90.orig/nscd/nscd_stat.c +++ glibc-2.17.90/nscd/nscd_stat.c @@ -36,8 +36,13 @@ #endif /* HAVE_SELINUX */ -/* We use this to make sure the receiver is the same. */ +/* We use this to make sure the receiver is the same. Capture mtime + of this file if possible. */ +#if defined(__TIMESTAMP__) +static const char compilation[21] = __TIMESTAMP__; +#else static const char compilation[21] = __DATE__ " " __TIME__; +#endif /* Statistic data for one database. */ struct dbstat ++++++ glibc-nscd-hconf.diff ++++++ See: http://sourceware.org/bugzilla/show_bug.cgi?id=11928 Index: glibc-2.17.90/nscd/aicache.c =================================================================== --- glibc-2.17.90.orig/nscd/aicache.c +++ glibc-2.17.90/nscd/aicache.c @@ -25,6 +25,7 @@ #include <time.h> #include <unistd.h> #include <sys/mman.h> +#include <resolv/res_hconf.h> #include "dbg_log.h" #include "nscd.h" @@ -102,6 +103,8 @@ addhstaiX (struct database_dyn *db, int if (__res_maybe_init (&_res, 0) == -1) no_more = 1; + if (!_res_hconf.initialized) + _res_hconf_init (); /* If we are looking for both IPv4 and IPv6 address we don't want the lookup functions to automatically promote IPv4 addresses to Index: glibc-2.17.90/resolv/res_hconf.c =================================================================== --- glibc-2.17.90.orig/resolv/res_hconf.c +++ glibc-2.17.90/resolv/res_hconf.c @@ -81,7 +81,9 @@ static const struct cmd }; /* Structure containing the state. */ +#ifndef NOT_IN_libc struct hconf _res_hconf; +#endif /* Skip white space. */ static const char * ++++++ glibc-nscd.conf.patch ++++++ Index: glibc-2.17.90/nscd/nscd.conf =================================================================== --- glibc-2.17.90.orig/nscd/nscd.conf +++ glibc-2.17.90/nscd/nscd.conf @@ -61,11 +61,11 @@ auto-propagate group yes enable-cache hosts yes - positive-time-to-live hosts 3600 - negative-time-to-live hosts 20 + positive-time-to-live hosts 600 + negative-time-to-live hosts 0 suggested-size hosts 211 check-files hosts yes - persistent hosts yes + persistent hosts no shared hosts yes max-db-size hosts 33554432 ++++++ glibc-resolv-mdnshint.diff ++++++ Index: glibc-2.17.90/resolv/res_hconf.c =================================================================== --- glibc-2.17.90.orig/resolv/res_hconf.c +++ glibc-2.17.90/resolv/res_hconf.c @@ -240,9 +240,12 @@ parse_line (const char *fname, int line_ if (c == NULL) { char *buf; + char *hint = ""; - if (__asprintf (&buf, _("%s: line %d: bad command `%s'\n"), - fname, line_num, start) < 0) + if (__strncasecmp (start, "mdns", len) == 0 && len == 4) + hint = "Multicast DNS is now configured in /etc/nsswitch.conf instead.\nSee also the package and manpage of nss-mdns.\n"; + if (__asprintf (&buf, _("%s: line %d: bad command `%s'\n%s"), + fname, line_num, start, hint) < 0) return; __fxprintf (NULL, "%s", buf); ++++++ glibc-resolv-reload.diff ++++++

From libc-alpha-return-22754-pasky=ucw.cz@sourceware.org Tue Mar 16 00:47:00 2010 Return-Path: <libc-alpha-return-22754-pasky=ucw.cz@sourceware.org> X-Original-To: pasky@pasky.or.cz Delivered-To: pasky@pasky.or.cz Received: from nikam.ms.mff.cuni.cz (nikam-dmz.ms.mff.cuni.cz [195.113.20.16]) by machine.or.cz (Postfix) with ESMTPS id C1B8586202A for <pasky@pasky.or.cz>; Tue, 16 Mar 2010 00:47:00 +0100 (CET) Received: by nikam.ms.mff.cuni.cz (Postfix) id 9CDEC9AC7A4; Tue, 16 Mar 2010 00:47:00 +0100 (CET) Delivered-To: pasky@kam.mff.cuni.cz Received: from jabberwock.ucw.cz (jabberwock.ucw.cz [89.250.246.4]) by nikam.ms.mff.cuni.cz (Postfix) with ESMTP id 99F0E9AC77B for <pasky@kam.mff.cuni.cz>; Tue, 16 Mar 2010 00:47:00 +0100 (CET) Received: from sourceware.org (server1.sourceware.org [209.132.180.131]) by jabberwock.ucw.cz (Postfix) with SMTP id 14E1ACF040 for <pasky@ucw.cz>; Tue, 16 Mar 2010 00:46:59 +0100 (CET) Received: (qmail 18956 invoked by alias); 15 Mar 2010 23:46:58 -0000 Delivered-To: moderator for libc-alpha@sourceware.org Received: (qmail 15843 invoked by uid 22791); 15 Mar 2010 17:23:15 -0000 X-SWARE-Spam-Status: No, hits=-2.6 required=5.0 tests=BAYES_00 X-Spam-Check-By: sourceware.org Message-ID: <4B9E6CFA.7020002@riot.org> Date: Mon, 15 Mar 2010 18:23:06 +0100 From: Sebastian Kienzl <seb@riot.org> User-Agent: Thunderbird 2.0.0.23 (Windows/20090812) MIME-Version: 1.0 To: libc-alpha@sourceware.org Subject: Reloading of /etc/resolv.conf Content-Type: multipart/mixed; boundary="------------060407080409020101000002" Mailing-List: contact libc-alpha-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: <libc-alpha.sourceware.org> List-Unsubscribe: <mailto:libc-alpha-unsubscribe-pasky=ucw.cz@sourceware.org> List-Subscribe: <mailto:libc-alpha-subscribe@sourceware.org> List-Archive: <http://sourceware.org/ml/libc-alpha/> List-Post: <mailto:libc-alpha@sourceware.org> List-Help: <mailto:libc-alpha-help@sourceware.org>, <http://sourceware.org/ml/#faqs> Sender: libc-alpha-owner@sourceware.org Delivered-To: mailing list libc-alpha@sourceware.org

This is a multi-part message in MIME format. --------------060407080409020101000002 Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit Hello! There's a patch in the wild against the resolver which makes it reload /etc/resolv.conf on change, see http://sources.redhat.com/ml/libc-alpha/2004-09/msg00130.html However, this patch actually doesn't work properly for multi-threaded programs, as only one thread will notice the change and refresh its resolver state. I've attached a proper patch. It's for 2.5 but it should work with current versions, too. Even though the patch may not be interesting for upstream, I decided to let you know about this problem, since the mentioned patch seems to be used by at least Debian and Ubuntu. Regards, Seb. --------------060407080409020101000002 Content-Type: text/plain; name="glibc-2.5-resolvconf.patch" Content-Transfer-Encoding: 7bit Content-Disposition: inline; filename="glibc-2.5-resolvconf.patch" Index: glibc-2.17.90/resolv/res_libc.c =================================================================== --- glibc-2.17.90.orig/resolv/res_libc.c +++ glibc-2.17.90/resolv/res_libc.c @@ -22,7 +22,7 @@ #include <arpa/nameser.h> #include <resolv.h> #include <bits/libc-lock.h> - +#include <sys/stat.h> /* The following bit is copied from res_data.c (where it is #ifdef'ed out) since res_init() should go into libc.so but the rest of that @@ -89,12 +89,34 @@ res_init(void) { return (__res_vinit(&_res, 1)); } +static time_t resconf_mtime; +__libc_lock_define_initialized (static, resconf_mtime_lock); + +/* Check if the modification time of resolv.conf has changed. + If so, have all threads re-initialize their resolver states */ +static void +__res_check_resconf (void) +{ + struct stat statbuf; + if (stat (_PATH_RESCONF, &statbuf) == 0) { + __libc_lock_lock (resconf_mtime_lock); + if (statbuf.st_mtime != resconf_mtime) { + resconf_mtime = statbuf.st_mtime; + atomicinclock (lock); + atomicinc (__res_initstamp); + atomicincunlock (lock); + } + __libc_lock_unlock (resconf_mtime_lock); + } +} + /* Initialize resp if RES_INIT is not yet set or if res_init in some other thread requested re-initializing. */ int __res_maybe_init (res_state resp, int preinit) { if (resp->options & RES_INIT) { + __res_check_resconf (); if (__res_initstamp != resp->_u._ext.initstamp) { if (resp->nscount > 0) __res_iclose (resp, true); ++++++ glibc-testsuite.patch ++++++ test-lfs runs for ever on ReiserFS. Let's disable it completely. Index: glibc-2.17.90/io/Makefile =================================================================== --- glibc-2.17.90.orig/io/Makefile +++ glibc-2.17.90/io/Makefile @@ -63,7 +63,7 @@ static-only-routines = stat fstat lstat others := pwd test-srcs := ftwtest -tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ +tests := test-utime test-stat test-stat2 tst-getcwd \ tst-fcntl bug-ftw1 bug-ftw2 bug-ftw3 bug-ftw4 tst-statvfs \ tst-openat tst-unlinkat tst-fstatat tst-futimesat \ tst-renameat tst-fchownat tst-fchmodat tst-faccessat \ ++++++ glibc-version.diff ++++++ Index: glibc-2.17.90/csu/version.c =================================================================== --- glibc-2.17.90.orig/csu/version.c +++ glibc-2.17.90/csu/version.c @@ -24,11 +24,12 @@ static const char __libc_release[] = REL static const char __libc_version[] = VERSION; static const char banner[] = -"GNU C Library "PKGVERSION RELEASE" release version "VERSION", by Roland McGrath et al.\n\ +"GNU C Library "PKGVERSION RELEASE" release version "VERSION" (git "GITID"), by Roland McGrath et al.\n\ Copyright (C) 2013 Free Software Foundation, Inc.\n\ This is free software; see the source for copying conditions.\n\ There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A\n\ PARTICULAR PURPOSE.\n\ +Configured for "CONFHOST".\n\ Compiled by GNU CC version "__VERSION__".\n" #include "version-info.h" #ifdef LIBC_ABIS_STRING ++++++ glibc.rpmlintrc ++++++ addFilter(".*glibc-profile.* devel-file-in-non-devel-package.*/usr/lib.*/lib.*_p.a") addFilter(".*glibc.* incorrect-fsf-address") # False positive - glibc implements gethostbyname addFilter(".*binary-or-shlib-calls-gethostbyname") # We do need to keep the symtab (see comments in glibc.spec), so this is intented: addFilter(".*unstripped-binary-or-object.*") # The duplication is intented: addFilter(".*files-duplicate /usr/lib64/libbsd-compat.a /usr/lib.*/libg.a") # ld.so is special: addFilter(".*shared-lib-without-dependency-information /lib.*/ld-2.*.so") # Handled via glibc_post_upgrade: addFilter(".*permissions-missing-postin missing %set_permissions /usr/.*pt_chown in %post") # Do not require permissions, this will lead to a cycle (bnc#700925): addFilter("glibc\..*: permissions-missing-requires") # We will not rename glibc to follow the shlib policy addFilter("shlib-policy-missing-suffix") # The dynamic linker and libnsl call exit - this is fine addFilter(".*shared-lib-calls-exit.*") # The man-pages package contains a number of man pages for programs that come # with glibc, therefore do not warn about them addFilter(".*glibc.*no-manual-page-for-binary getent") addFilter(".*glibc.*no-manual-page-for-binary iconv") addFilter(".*glibc.*no-manual-page-for-binary ldd") addFilter(".*glibc.*no-manual-page-for-binary ldconfig") addFilter(".*nscd.*no-manual-page-for-binary nscd") ++++++ glibc_post_upgrade.c ++++++ /* skeleton based on version from Fedora Core 3 */ #define _GNU_SOURCE #include <sys/types.h> #include <sys/wait.h> #include <stdio.h> #include <errno.h> #include <unistd.h> #include <sys/time.h> #include <dirent.h> #include <stddef.h> #include <fcntl.h> #include <string.h> #include <sys/stat.h> #include <elf.h> #define verbose_exec(failcode, path...) \ do \ { \ char *const arr[] = { path, NULL }; \ vexec (failcode, arr); \ } while (0) __attribute__((noinline)) void vexec (int failcode, char *const path[]); __attribute__((noinline)) void says (const char *str); __attribute__((noinline)) void sayn (long num); __attribute__((noinline)) void message (char *const path[]); __attribute__((noinline)) int check_elf (const char *name); int main (void) { char initpath[256]; struct stat root, init_root; /* First, get rid of platform-optimized libraries. We remove any we have ever built, since otherwise we might end up using some old leftover libraries when new ones aren't installed in their place anymore. */ #ifdef REMOVE_TLS_DIRS const char *library[] = {"libc.so.6", "libc.so.6.1", "libm.so.6", "libm.so.6.1", "librt.so.1", "librtkaio.so.1", "libpthread.so.0", "libthread_db.so.1"}; const char *remove_dir[] = { #ifdef __i386__ "/lib/i686/", #endif #ifdef __powerpc64__ #ifdef REMOVE_PPC_OPTIMIZE_POWER4 "/lib64/power4/", "/lib64/ppc970/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER5 "/lib64/power5/", "/lib64/power5+/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER6 "/lib64/power6/", "/lib64/power6x/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER7 "/lib64/power7/", #endif #ifdef REMOVE_PPC_OPTIMIZE_CELL "/lib64/ppc-cell-be/", #endif #endif /* __powerpc64__ */ #ifdef __powerpc__ #ifdef REMOVE_PPC_OPTIMIZE_POWER4 "/lib/power4/", "/lib/ppc970/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER5 "/lib/power5/", "/lib/power5+/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER6 "/lib/power6/", "/lib/power6x/", #endif #ifdef REMOVE_PPC_OPTIMIZE_POWER7 "/lib/power7/", #endif #ifdef REMOVE_PPC_OPTIMIZE_CELL "/lib/ppc-cell-be/", #endif #endif /* __powerpc__ */ LIBDIR"/tls/" }; int i, j; for (i = 0; i < sizeof (remove_dir) / sizeof (remove_dir[0]); ++i) for (j = 0; j < sizeof (library) / sizeof (library[0]); j++) { char buf[strlen (remove_dir[i]) + strlen (library[j]) + 1]; char readlink_buf[(strlen (remove_dir[i]) + strlen (library[j])) * 2 + 30]; ssize_t len; char *cp; cp = stpcpy (buf, remove_dir[i]); strcpy (cp, library[j]); /* This file could be a symlink to library-%{version}.so, so check this and don't remove only the link, but also the library itself. */ cp = stpcpy (readlink_buf, remove_dir[i]); if ((len = readlink (buf, cp, (sizeof (readlink_buf) - (cp - readlink_buf) - 1))) > 0) { cp[len] = '\0'; if (cp[0] != '/') cp = readlink_buf; unlink (cp); } unlink (buf); } #endif /* If installing bi-arch glibc, rpm sometimes doesn't unpack all files before running one of the lib's %post scriptlet. /sbin/ldconfig will then be run by the other arch's %post. */ if (access ("/sbin/ldconfig", X_OK) == 0) verbose_exec (110, "/sbin/ldconfig", "/sbin/ldconfig", "-X"); if (utimes (GCONV_MODULES_DIR "/gconv-modules.cache", NULL) == 0) { #ifndef ICONVCONFIG #define ICONVCONFIG "/usr/sbin/iconvconfig" #endif verbose_exec (113, ICONVCONFIG, "/usr/sbin/iconvconfig", "-o", GCONV_MODULES_DIR"/gconv-modules.cache", "--nostdlib", GCONV_MODULES_DIR); } /* Check if telinit is available and the init fifo as well. */ if (access ("/sbin/telinit", X_OK) || access ("/dev/initctl", F_OK)) _exit (0); /* Check if we are not inside of some chroot, because we'd just timeout and leave /etc/initrunlvl. */ if (readlink ("/proc/1/exe", initpath, 256) <= 0 || readlink ("/proc/1/root", initpath, 256) <= 0 || access ("/.buildenv", F_OK) == 0 || /* XEN build */ stat ("/proc/1/root", &init_root) < 0 || stat ("/", &root) < 0 || init_root.st_dev != root.st_dev || init_root.st_ino != root.st_ino) _exit (0); if (check_elf ("/proc/1/exe")) verbose_exec (116, "/sbin/telinit", "/sbin/telinit", "u"); #if 0 /* Check if we can safely condrestart sshd. */ if (access ("/sbin/service", X_OK) == 0 && access ("/usr/sbin/sshd", X_OK) == 0 && access ("/bin/bash", X_OK) == 0) { if (check_elf ("/usr/sbin/sshd")) verbose_exec (121, "/sbin/service", "/sbin/service", "sshd", "condrestart"); } #endif _exit(0); } void vexec (int failcode, char *const path[]) { pid_t pid; int status, save_errno; pid = vfork (); if (pid == 0) { execv (path[0], path + 1); save_errno = errno; message (path); says (" exec failed with errno "); sayn (save_errno); says ("\n"); _exit (failcode); } else if (pid < 0) { save_errno = errno; message (path); says (" fork failed with errno "); sayn (save_errno); says ("\n"); _exit (failcode + 1); } if (waitpid (0, &status, 0) != pid || !WIFEXITED (status)) { message (path); says (" child terminated abnormally\n"); _exit (failcode + 2); } if (WEXITSTATUS (status)) { message (path); says (" child exited with exit code "); sayn (WEXITSTATUS (status)); says ("\n"); _exit (WEXITSTATUS (status)); } } void says (const char *str) { write (1, str, strlen (str)); } void sayn (long num) { char string[sizeof (long) * 3 + 1]; char *p = string + sizeof (string) - 1; *p = '\0'; if (num == 0) *--p = '0'; else while (num) { *--p = '0' + num % 10; num = num / 10; } says (p); } void message (char *const path[]) { says ("/usr/sbin/glibc_post_upgrade: While trying to execute "); says (path[0]); } int check_elf (const char *name) { /* Play safe, if we can't open or read, assume it might be ELF for the current arch. */ int ret = 1; int fd = open (name, O_RDONLY); if (fd >= 0) { Elf32_Ehdr ehdr; if (read (fd, &ehdr, offsetof (Elf32_Ehdr, e_version)) == offsetof (Elf32_Ehdr, e_version)) { ret = 0; if (ehdr.e_ident[EI_CLASS] == (sizeof (long) == 8 ? ELFCLASS64 : ELFCLASS32)) { #if defined __i386__ ret = ehdr.e_machine == EM_386; #elif defined __x86_64__ ret = ehdr.e_machine == EM_X86_64; #elif defined __ia64__ ret = ehdr.e_machine == EM_IA_64; #elif defined __powerpc64__ ret = ehdr.e_machine == EM_PPC64; #elif defined __powerpc__ ret = ehdr.e_machine == EM_PPC; #elif defined __s390__ || defined __s390x__ ret = ehdr.e_machine == EM_S390; #elif defined __x86_64__ ret = ehdr.e_machine == EM_X86_64; #elif defined __sparc__ if (sizeof (long) == 8) ret = ehdr.e_machine == EM_SPARCV9; else ret = (ehdr.e_machine == EM_SPARC || ehdr.e_machine == EM_SPARC32PLUS); #else ret = 1; #endif } } close (fd); } return ret; } #ifdef SMALL_BINARY int __libc_multiple_threads __attribute__((nocommon)); int __libc_enable_asynccancel (void) { return 0; } void __libc_disable_asynccancel (int x) { } void __libc_csu_init (void) { } void __libc_csu_fini (void) { } pid_t __fork (void) { return -1; } char thr_buf[65536]; #ifndef __powerpc__ int __libc_start_main (int (*main) (void), int argc, char **argv, void (*init) (void), void (*fini) (void), void (*rtld_fini) (void), void * stack_end) #else struct startup_info { void *sda_base; int (*main) (int, char **, char **, void *); int (*init) (int, char **, char **, void *); void (*fini) (void); }; int __libc_start_main (int argc, char **ubp_av, char **ubp_ev, void *auxvec, void (*rtld_fini) (void), struct startup_info *stinfo, char **stack_on_entry) #endif { #if defined __ia64__ || defined __powerpc64__ register void *r13 __asm ("r13") = thr_buf + 32768; __asm ("" : : "r" (r13)); #elif defined __sparc__ register void *g6 __asm ("g6") = thr_buf + 32768; # ifdef __arch64__ __thread_self = thr_buf + 32768; # else register void *__thread_self __asm ("g7") = thr_buf + 32768; # endif __asm ("" : : "r" (g6), "r" (__thread_self)); #elif defined __s390__ && !defined __s390x__ __asm ("sar %%a0,%0" : : "d" (thr_buf + 32768)); #elif defined __s390x__ __asm ("sar %%a1,%0; srlg 0,%0,32; sar %%a0,0" : : "d" (thr_buf + 32768) : "0"); #elif defined __powerpc__ && !defined __powerpc64__ register void *r2 __asm ("r2") = thr_buf + 32768; __asm ("" : : "r" (r2)); #endif main(); return 0; } #endif ++++++ i686-no-sse42-strstr.patch ++++++ Index: glibc-2.18/sysdeps/i386/i686/multiarch/Makefile =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/Makefile +++ glibc-2.18/sysdeps/i386/i686/multiarch/Makefile @@ -11,7 +11,7 @@ sysdep_routines += bzero-sse2 memset-sse memmove-ssse3-rep bcopy-ssse3 bcopy-ssse3-rep \ memset-sse2-rep bzero-sse2-rep strcmp-ssse3 \ strcmp-sse4 strncmp-c strncmp-ssse3 strncmp-sse4 \ - memcmp-ssse3 memcmp-sse4 strcasestr-nonascii varshift \ + memcmp-ssse3 memcmp-sse4 varshift \ strlen-sse2 strlen-sse2-bsf strncpy-c strcpy-ssse3 \ strncpy-ssse3 stpcpy-ssse3 stpncpy-ssse3 strcpy-sse2 \ strncpy-sse2 stpcpy-sse2 stpncpy-sse2 strcat-ssse3 \ @@ -25,14 +25,11 @@ sysdep_routines += bzero-sse2 memset-sse strncase_l-c strncase-c strncase_l-ssse3 \ strcasecmp_l-sse4 strncase_l-sse4 ifeq (yes,$(config-cflags-sse4)) -sysdep_routines += strcspn-c strpbrk-c strspn-c strstr-c strcasestr-c +sysdep_routines += strcspn-c strpbrk-c strspn-c CFLAGS-varshift.c += -msse4 CFLAGS-strcspn-c.c += -msse4 CFLAGS-strpbrk-c.c += -msse4 CFLAGS-strspn-c.c += -msse4 -CFLAGS-strstr.c += -msse4 -CFLAGS-strcasestr.c += -msse4 -CFLAGS-strcasestr-nonascii.c += -msse4 endif endif Index: glibc-2.18/sysdeps/i386/i686/multiarch/ifunc-impl-list.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/ifunc-impl-list.c +++ glibc-2.18/sysdeps/i386/i686/multiarch/ifunc-impl-list.c @@ -141,12 +141,6 @@ __libc_ifunc_impl_list (const char *name IFUNC_IMPL_ADD (array, i, strcasecmp_l, 1, __strcasecmp_l_ia32)) - /* Support sysdeps/i386/i686/multiarch/strcasestr.c. */ - IFUNC_IMPL (i, name, strcasestr, - IFUNC_IMPL_ADD (array, i, strcasestr, HAS_SSE4_2, - __strcasestr_sse42) - IFUNC_IMPL_ADD (array, i, strcasestr, 1, __strcasestr_ia32)) - /* Support sysdeps/i386/i686/multiarch/strcat.S. */ IFUNC_IMPL (i, name, strcat, IFUNC_IMPL_ADD (array, i, strcat, HAS_SSSE3, __strcat_ssse3) @@ -234,11 +228,6 @@ __libc_ifunc_impl_list (const char *name IFUNC_IMPL_ADD (array, i, strspn, HAS_SSE4_2, __strspn_sse42) IFUNC_IMPL_ADD (array, i, strspn, 1, __strspn_ia32)) - /* Support sysdeps/i386/i686/multiarch/strstr-c.c. */ - IFUNC_IMPL (i, name, strstr, - IFUNC_IMPL_ADD (array, i, strstr, HAS_SSE4_2, __strstr_sse42) - IFUNC_IMPL_ADD (array, i, strstr, 1, __strstr_ia32)) - /* Support sysdeps/i386/i686/multiarch/wcschr.S. */ IFUNC_IMPL (i, name, wcschr, IFUNC_IMPL_ADD (array, i, wcschr, HAS_SSE2, __wcschr_sse2) Index: glibc-2.18/sysdeps/i386/i686/multiarch/strcasestr-c.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/strcasestr-c.c +++ /dev/null @@ -1,4 +0,0 @@ -/* Multiple versions of strcasestr - All versions must be listed in ifunc-impl-list.c. */ -#define __strcasestr_sse2 __strcasestr_ia32 -#include <sysdeps/x86_64/multiarch/strcasestr-c.c> Index: glibc-2.18/sysdeps/i386/i686/multiarch/strcasestr-nonascii.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/strcasestr-nonascii.c +++ /dev/null @@ -1,2 +0,0 @@ -#include <nmmintrin.h> -#include <sysdeps/x86_64/multiarch/strcasestr-nonascii.c> Index: glibc-2.18/sysdeps/i386/i686/multiarch/strcasestr.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/strcasestr.c +++ /dev/null @@ -1 +0,0 @@ -#include <sysdeps/x86_64/multiarch/strcasestr.c> Index: glibc-2.18/sysdeps/i386/i686/multiarch/strstr-c.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/strstr-c.c +++ /dev/null @@ -1,29 +0,0 @@ -/* Multiple versions of strstr - All versions must be listed in ifunc-impl-list.c. */ - -#include "init-arch.h" - -#define STRSTR __strstr_ia32 -#if defined SHARED && defined DO_VERSIONING && !defined NO_HIDDEN -#undef libc_hidden_builtin_def -#define libc_hidden_builtin_def(name) \ - __hidden_ver1 (__strstr_ia32, __GI_strstr, __strstr_ia32); -#endif - -/* Redefine strstr so that the compiler won't complain about the type - mismatch with the IFUNC selector in strong_alias, below. */ -#undef strstr -#define strstr __redirect_strstr - -#include "string/strstr.c" - -extern __typeof (__redirect_strstr) __strstr_sse42 attribute_hidden; -extern __typeof (__redirect_strstr) __strstr_ia32 attribute_hidden; - -/* Avoid DWARF definition DIE on ifunc symbol so that GDB can handle - ifunc symbol properly. */ -extern __typeof (__redirect_strstr) __libc_strstr; -libc_ifunc (__libc_strstr, HAS_SSE4_2 ? __strstr_sse42 : __strstr_ia32) - -#undef strstr -strong_alias (__libc_strstr, strstr) Index: glibc-2.18/sysdeps/i386/i686/multiarch/strstr.c =================================================================== --- glibc-2.18.orig/sysdeps/i386/i686/multiarch/strstr.c +++ /dev/null @@ -1 +0,0 @@ -#include <sysdeps/x86_64/multiarch/strstr.c> ++++++ i686-strcasecmp-fallback.patch ++++++ * sysdeps/i386/i686/multiarch/strcmp-sse4.S (__strcasecmp_sse4_2) (__strncasecmp_sse4_2) [PIC]: Restore %ebx before falling through to __strcasecmp_nonascii and __strncasecmp_nonascii. * sysdeps/i386/i686/multiarch/strcmp-ssse3.S (__strcasecmp_ssse3) (__strncasecmp_ssse3) [PIC]: Likewise. Index: glibc-2.17.90/sysdeps/i386/i686/multiarch/strcmp-sse4.S =================================================================== --- glibc-2.17.90.orig/sysdeps/i386/i686/multiarch/strcmp-sse4.S +++ glibc-2.17.90/sysdeps/i386/i686/multiarch/strcmp-sse4.S @@ -121,8 +121,14 @@ ENTRY (__strcasecmp_sse4_2) movl (%eax), %eax # endif testl $1, LOCALE_DATA_VALUES+_NL_CTYPE_NONASCII_CASE*SIZEOF_VALUES(%eax) +# ifdef PIC + je L(ascii) + POP (%ebx) + jmp __strcasecmp_nonascii +# else jne __strcasecmp_nonascii jmp L(ascii) +# endif END (__strcasecmp_sse4_2) #endif @@ -152,8 +158,14 @@ ENTRY (__strncasecmp_sse4_2) movl (%eax), %eax # endif testl $1, LOCALE_DATA_VALUES+_NL_CTYPE_NONASCII_CASE*SIZEOF_VALUES(%eax) +# ifdef PIC + je L(ascii) + POP (%ebx) + jmp __strncasecmp_nonascii +# else jne __strncasecmp_nonascii jmp L(ascii) +# endif END (__strncasecmp_sse4_2) #endif Index: glibc-2.17.90/sysdeps/i386/i686/multiarch/strcmp-ssse3.S =================================================================== --- glibc-2.17.90.orig/sysdeps/i386/i686/multiarch/strcmp-ssse3.S +++ glibc-2.17.90/sysdeps/i386/i686/multiarch/strcmp-ssse3.S @@ -138,8 +138,14 @@ ENTRY (__strcasecmp_ssse3) movl (%eax), %eax # endif testl $1, LOCALE_DATA_VALUES+_NL_CTYPE_NONASCII_CASE*SIZEOF_VALUES(%eax) +# ifdef PIC + je L(ascii) + POP (%ebx) + jmp __strcasecmp_nonascii +# else jne __strcasecmp_nonascii jmp L(ascii) +# endif END (__strcasecmp_ssse3) #endif @@ -169,8 +175,14 @@ ENTRY (__strncasecmp_ssse3) movl (%eax), %eax # endif testl $1, LOCALE_DATA_VALUES+_NL_CTYPE_NONASCII_CASE*SIZEOF_VALUES(%eax) +# ifdef PIC + je L(ascii) + POP (%ebx) + jmp __strncasecmp_nonascii +# else jne __strncasecmp_nonascii jmp L(ascii) +# endif END (__strncasecmp_ssse3) #endif ++++++ iconv-ibm-sentinel-check.patch ++++++ 2014-08-29 Florian Weimer <fweimer@redhat.com> [BZ #17325] * iconvdata/ibm1364.c (BODY): Fix check for sentinel. * iconvdata/ibm932.c (BODY): Replace invalid sentinel check with assert. * iconvdata/ibm933.c (BODY): Fix check for sentinel. * iconvdata/ibm935.c (BODY): Likewise. * iconvdata/ibm937.c (BODY): Likewise. * iconvdata/ibm939.c (BODY): Likewise. * iconvdata/ibm943.c (BODY): Replace invalid sentinel check with assert. * iconvdata/Makefile (iconv-test.out): Pass module list to test script. * iconvdata/run-iconv-test.sh: New test loop for checking for decoder crashers. Index: glibc-2.18/iconvdata/Makefile =================================================================== --- glibc-2.18.orig/iconvdata/Makefile +++ glibc-2.18/iconvdata/Makefile @@ -299,6 +299,7 @@ $(objpfx)tst-iconv7.out: $(objpfx)gconv- $(objpfx)iconv-test.out: run-iconv-test.sh $(objpfx)gconv-modules \ $(addprefix $(objpfx),$(modules.so)) \ $(common-objdir)/iconv/iconv_prog TESTS + iconv_modules="$(modules)" \ $(SHELL) $< $(common-objdir) '$(test-wrapper)' > $@ $(objpfx)tst-tables.out: tst-tables.sh $(objpfx)gconv-modules \ Index: glibc-2.18/iconvdata/ibm1364.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm1364.c +++ glibc-2.18/iconvdata/ibm1364.c @@ -220,7 +220,8 @@ enum ++rp2; \ \ uint32_t res; \ - if (__builtin_expect (ch < rp2->start, 0) \ + if (__builtin_expect (rp2->start == 0xffff, 0) \ + || __builtin_expect (ch < rp2->start, 0) \ || (res = DB_TO_UCS4[ch + rp2->idx], \ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \ { \ Index: glibc-2.18/iconvdata/ibm932.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm932.c +++ glibc-2.18/iconvdata/ibm932.c @@ -73,11 +73,12 @@ } \ \ ch = (ch * 0x100) + inptr[1]; \ + /* ch was less than 0xfd. */ \ + assert (ch < 0xfd00); \ while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ - || __builtin_expect (ch < rp2->start, 0) \ + if (__builtin_expect (ch < rp2->start, 0) \ || (res = __ibm932db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, '\1') == 0 && ch !=0)) \ { \ Index: glibc-2.18/iconvdata/ibm933.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm933.c +++ glibc-2.18/iconvdata/ibm933.c @@ -161,7 +161,7 @@ enum while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ + if (__builtin_expect (rp2->start == 0xffff, 0) \ || __builtin_expect (ch < rp2->start, 0) \ || (res = __ibm933db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \ Index: glibc-2.18/iconvdata/ibm935.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm935.c +++ glibc-2.18/iconvdata/ibm935.c @@ -161,7 +161,7 @@ enum while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ + if (__builtin_expect (rp2->start == 0xffff, 0) \ || __builtin_expect (ch < rp2->start, 0) \ || (res = __ibm935db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \ Index: glibc-2.18/iconvdata/ibm937.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm937.c +++ glibc-2.18/iconvdata/ibm937.c @@ -161,7 +161,7 @@ enum while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ + if (__builtin_expect (rp2->start == 0xffff, 0) \ || __builtin_expect (ch < rp2->start, 0) \ || (res = __ibm937db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \ Index: glibc-2.18/iconvdata/ibm939.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm939.c +++ glibc-2.18/iconvdata/ibm939.c @@ -161,7 +161,7 @@ enum while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ + if (__builtin_expect (rp2->start == 0xffff, 0) \ || __builtin_expect (ch < rp2->start, 0) \ || (res = __ibm939db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \ Index: glibc-2.18/iconvdata/ibm943.c =================================================================== --- glibc-2.18.orig/iconvdata/ibm943.c +++ glibc-2.18/iconvdata/ibm943.c @@ -74,11 +74,12 @@ } \ \ ch = (ch * 0x100) + inptr[1]; \ + /* ch was less than 0xfd. */ \ + assert (ch < 0xfd00); \ while (ch > rp2->end) \ ++rp2; \ \ - if (__builtin_expect (rp2 == NULL, 0) \ - || __builtin_expect (ch < rp2->start, 0) \ + if (__builtin_expect (ch < rp2->start, 0) \ || (res = __ibm943db_to_ucs4[ch + rp2->idx], \ __builtin_expect (res, '\1') == 0 && ch !=0)) \ { \ Index: glibc-2.18/iconvdata/run-iconv-test.sh =================================================================== --- glibc-2.18.orig/iconvdata/run-iconv-test.sh +++ glibc-2.18/iconvdata/run-iconv-test.sh @@ -188,6 +188,24 @@ while read utf8 from filename; do done < TESTS2 +# Check for crashes in decoders. +printf '\016\377\377\377\377\377\377\377' > $temp1 +for from in $iconv_modules ; do + echo $ac_n "test decoder $from $ac_c" + PROG=`eval echo $ICONV` + if $PROG < $temp1 >/dev/null 2>&1 ; then + : # fall through + else + status=$? + if test $status -gt 1 ; then + echo "/FAILED" + failed=1 + continue + fi + fi + echo "OK" +done + exit $failed # Local Variables: # mode:shell-script ++++++ m68k-Scrt1.patch ++++++ 2013-10-08 Andreas Schwab <schwab@suse.de> * sysdeps/m68k/start.S [SHARED]: Use PIC. Index: glibc-2.18/ports/sysdeps/m68k/start.S =================================================================== --- glibc-2.18.orig/ports/sysdeps/m68k/start.S +++ glibc-2.18/ports/sysdeps/m68k/start.S @@ -52,6 +52,8 @@ NULL */ +#include <sysdep.h> + .text .globl _start .type _start,@function @@ -74,6 +76,24 @@ _start: pea (%a1) /* Push address of the shared library termination function. */ +#ifdef SHARED + /* Load PIC register. */ + LOAD_GOT (%a5) + + /* Push the address of our own entry points to `.fini' and + `.init'. */ + move.l __libc_csu_fini@GOT(%a5), -(%sp) + move.l __libc_csu_init@GOT(%a5), -(%sp) + + pea (%a0) /* Push second argument: argv. */ + move.l %d0, -(%sp) /* Push first argument: argc. */ + + move.l main@GOT(%a5), -(%sp) + + /* Call the user's main function, and exit with its value. But + let the libc call main. */ + jbsr __libc_start_main@PLTPC +#else /* Push the address of our own entry points to `.fini' and `.init'. */ pea __libc_csu_fini @@ -87,6 +107,7 @@ _start: /* Call the user's main function, and exit with its value. But let the libc call main. */ jbsr __libc_start_main +#endif illegal /* Crash if somehow `exit' does return. */ ++++++ malloc-overflows.patch ++++++ 2013-09-11 Will Newton <will.newton@linaro.org> [BZ #15857] * malloc/malloc.c (__libc_memalign): Check the value of bytes does not overflow. [BZ #15856] * malloc/malloc.c (__libc_valloc): Check the value of bytes does not overflow. [BZ #15855] * malloc/malloc.c (__libc_pvalloc): Check the value of bytes does not overflow. Index: glibc-2.18/malloc/malloc.c =================================================================== --- glibc-2.18.orig/malloc/malloc.c +++ glibc-2.18/malloc/malloc.c @@ -3015,6 +3015,13 @@ __libc_memalign(size_t alignment, size_t /* Otherwise, ensure that it is at least a minimum chunk size */ if (alignment < MINSIZE) alignment = MINSIZE; + /* Check for overflow. */ + if (bytes > SIZE_MAX - alignment - MINSIZE) + { + __set_errno (ENOMEM); + return 0; + } + arena_get(ar_ptr, bytes + alignment + MINSIZE); if(!ar_ptr) return 0; @@ -3046,6 +3053,13 @@ __libc_valloc(size_t bytes) size_t pagesz = GLRO(dl_pagesize); + /* Check for overflow. */ + if (bytes > SIZE_MAX - pagesz - MINSIZE) + { + __set_errno (ENOMEM); + return 0; + } + void *(*hook) (size_t, size_t, const void *) = force_reg (__memalign_hook); if (__builtin_expect (hook != NULL, 0)) @@ -3082,6 +3096,13 @@ __libc_pvalloc(size_t bytes) size_t page_mask = GLRO(dl_pagesize) - 1; size_t rounded_bytes = (bytes + page_mask) & ~(page_mask); + /* Check for overflow. */ + if (bytes > SIZE_MAX - 2*pagesz - MINSIZE) + { + __set_errno (ENOMEM); + return 0; + } + void *(*hook) (size_t, size_t, const void *) = force_reg (__memalign_hook); if (__builtin_expect (hook != NULL, 0)) ++++++ manpages.patch ++++++ Index: manpages/locale.1 =================================================================== --- manpages/locale.1.orig +++ manpages/locale.1 @@ -247,17 +247,6 @@ This environment variable can switch aga \& The directory where locale data is stored. By default, /usr/lib/locale is used. .Ve -.SH "FILES" -.IX Header "FILES" -.PP -.PD 0 -.TP 8 -\fI/usr/share/i18n/SUPPORTED\fP -List of supported values (and their associated encoding) for the locale name. -This representation is recommended over -\fB\-\-all\-locales\fR one, due being the system wide supported values. -.PP - .SH "AUTHOR" .IX Header "AUTHOR" \&\fIlocale\fR was written by Ulrich Drepper for the \s-1GNU\s0 C Library. Index: manpages/locale.alias.5 =================================================================== --- manpages/locale.alias.5.orig +++ manpages/locale.alias.5 @@ -18,7 +18,7 @@ .SH "NAME" locale.alias \- Locale name alias data base .SH "DESCRIPTION" -The locale.alias database file (/etc/locale.alias) is used by the +The locale.alias database file (/usr/share/locale/locale.alias) is used by the .B locale command and the .B X Window System @@ -40,6 +40,6 @@ name, or simpler versions of the POSIX l Lines beginning with Hash ("#") are treated as comments and ignored. .SH "SEE ALSO" -locale(1), localedef(1), locale-gen(8), locale.gen(5) +locale(1), localedef(1) .SH "AUTHOR" Alastair McKinstry <mckinstry@computer.org> ++++++ nonascii-case.patch ++++++ [BZ #15736] * locale/categories.def (LC_CTYPE): Add "nonascii-case" element. * string/Makefile (test-strcasecmp-ENV, test-strncasecmp-ENV) (test-strcasecmp-ifunc-ENV, test-strncasecmp-ifunc-ENV): Define. * string/test-strcasecmp.c (test_main): Run tests in several locales. * string/test-strncasecmp.c (test_main): Likewise. Index: glibc-2.17.90/locale/categories.def =================================================================== --- glibc-2.17.90.orig/locale/categories.def +++ glibc-2.17.90/locale/categories.def @@ -133,6 +133,7 @@ DEFINE_CATEGORY DEFINE_ELEMENT (_NL_CTYPE_TRANSLIT_IGNORE_LEN, "ctype-translit-ignore-len", std, word) DEFINE_ELEMENT (_NL_CTYPE_TRANSLIT_IGNORE, "ctype-translit-ignore", std, string) DEFINE_ELEMENT (_NL_CTYPE_MAP_TO_NONASCII, "map-to-nonascii", std, word) + DEFINE_ELEMENT (_NL_CTYPE_NONASCII_CASE, "nonascii-case", std, word) ), _nl_postload_ctype) Index: glibc-2.17.90/string/Makefile =================================================================== --- glibc-2.17.90.orig/string/Makefile +++ glibc-2.17.90/string/Makefile @@ -65,6 +65,10 @@ noinl-tester-ENV = LANGUAGE=C tst-strxfrm-ENV = LOCPATH=$(common-objpfx)localedata tst-strxfrm2-ENV = LOCPATH=$(common-objpfx)localedata bug-strcoll1-ENV = LOCPATH=$(common-objpfx)localedata +test-strcasecmp-ENV = LOCPATH=$(common-objpfx)localedata +test-strncasecmp-ENV = LOCPATH=$(common-objpfx)localedata +test-strcasecmp-ifunc-ENV = LOCPATH=$(common-objpfx)localedata +test-strncasecmp-ifunc-ENV = LOCPATH=$(common-objpfx)localedata CFLAGS-inl-tester.c = -fno-builtin CFLAGS-noinl-tester.c = -fno-builtin CFLAGS-tst-strlen.c = -fno-builtin Index: glibc-2.17.90/string/test-strcasecmp.c =================================================================== --- glibc-2.17.90.orig/string/test-strcasecmp.c +++ glibc-2.17.90/string/test-strcasecmp.c @@ -17,6 +17,7 @@ License along with the GNU C Library; if not, see <http://www.gnu.org/licenses/>. */ +#include <locale.h> #include <ctype.h> #define TEST_MAIN #define TEST_NAME "strcasecmp" @@ -206,14 +207,18 @@ do_random_tests (void) } } -int -test_main (void) +static void +test_locale (const char *locale) { size_t i; - test_init (); + if (setlocale (LC_CTYPE, locale) == NULL) + { + error (0, 0, "cannot set locale \"%s\"", locale); + ret = 1; + } - printf ("%23s", ""); + printf ("%-23s", locale); FOR_EACH_IMPL (impl, 0) printf ("\t%s", impl->name); putchar ('\n'); @@ -246,6 +251,19 @@ test_main (void) } do_random_tests (); +} + +int +test_main (void) +{ + test_init (); + + test_locale ("C"); + test_locale ("en_US.ISO-8859-1"); + test_locale ("en_US.UTF-8"); + test_locale ("tr_TR.ISO-8859-9"); + test_locale ("tr_TR.UTF-8"); + return ret; } Index: glibc-2.17.90/string/test-strncasecmp.c =================================================================== --- glibc-2.17.90.orig/string/test-strncasecmp.c +++ glibc-2.17.90/string/test-strncasecmp.c @@ -17,6 +17,7 @@ License along with the GNU C Library; if not, see <http://www.gnu.org/licenses/>. */ +#include <locale.h> #include <ctype.h> #define TEST_MAIN #define TEST_NAME "strncasecmp" @@ -256,17 +257,21 @@ bz14195 (void) check_result (impl, empty_string, "", 5, 0); } -int -test_main (void) +static void +test_locale (const char *locale) { size_t i; - test_init (); + if (setlocale (LC_CTYPE, locale) == NULL) + { + error (0, 0, "cannot set locale \"%s\"", locale); + ret = 1; + } bz12205 (); bz14195 (); - printf ("%23s", ""); + printf ("%23s", locale); FOR_EACH_IMPL (impl, 0) printf ("\t%s", impl->name); putchar ('\n'); @@ -329,6 +334,19 @@ test_main (void) } do_random_tests (); +} + +int +test_main (void) +{ + test_init (); + + test_locale ("C"); + test_locale ("en_US.ISO-8859-1"); + test_locale ("en_US.UTF-8"); + test_locale ("tr_TR.ISO-8859-9"); + test_locale ("tr_TR.UTF-8"); + return ret; } ++++++ nscd-getservbyport.patch ++++++ 2013-11-11 Andreas Schwab <schwab@suse.de> [BZ #16153] * nscd/nscd_getserv_r.c (__nscd_getservbyport_r): Don't include terminating NUL in key length. Index: glibc-2.18/nscd/nscd_getserv_r.c =================================================================== --- glibc-2.18.orig/nscd/nscd_getserv_r.c +++ glibc-2.18/nscd/nscd_getserv_r.c @@ -54,7 +54,7 @@ __nscd_getservbyport_r (int port, const portstr[sizeof (portstr) - 1] = '\0'; char *cp = _itoa_word (port, portstr + sizeof (portstr) - 1, 10, 0); - return nscd_getserv_r (cp, portstr + sizeof (portstr) - cp, proto, + return nscd_getserv_r (cp, portstr + sizeof (portstr) - 1 - cp, proto, GETSERVBYPORT, result_buf, buf, buflen, result); } ++++++ nscd-server-user.patch ++++++ Index: glibc-2.18/nscd/nscd.conf =================================================================== --- glibc-2.18.orig/nscd/nscd.conf +++ glibc-2.18/nscd/nscd.conf @@ -33,7 +33,7 @@ # logfile /var/log/nscd.log # threads 4 # max-threads 32 -# server-user nobody + server-user nscd # stat-user somebody debug-level 0 # reload-count 5 ++++++ nscd.conf ++++++ d /var/run/nscd 0755 root root ++++++ nscd.service ++++++ [Unit] Description=Name Service Cache Daemon [Service] ExecStart=/usr/sbin/nscd --foreground ExecStop=/usr/sbin/nscd --shutdown ExecReload=/usr/sbin/nscd -i passwd ExecReload=/usr/sbin/nscd -i group ExecReload=/usr/sbin/nscd -i hosts ExecReload=/usr/sbin/nscd -i services ExecReload=/usr/sbin/nscd -i netgroup Restart=always [Install] WantedBy=multi-user.target ++++++ nss-database.patch ++++++

From a6856a042a0669ac3f8bc675e8e1de14b5d09b94 Mon Sep 17 00:00:00 2001 From: Andreas Schwab <schwab@suse.de> Date: Thu, 24 Jan 2013 12:32:09 +0100 Subject: [PATCH] Properly cache the result from looking up the nss database config

[BZ #15048] * nscd/aicache.c (addhstaiX): Properly use the cache variable for the nss database lookup. * nscd/initgrcache.c (addinitgroupsX): Likewise. * sysdeps/posix/getaddrinfo.c (gaih_inet): Likewise. --- nscd/aicache.c | 15 +++++++-------- nscd/initgrcache.c | 15 +++++++-------- sysdeps/posix/getaddrinfo.c | 14 ++++++-------- 3 files changed, 20 insertions(+), 24 deletions(-) Index: glibc-2.17.90/nscd/aicache.c =================================================================== --- glibc-2.17.90.orig/nscd/aicache.c +++ glibc-2.17.90/nscd/aicache.c @@ -86,20 +86,19 @@ addhstaiX (struct database_dyn *db, int } static service_user *hosts_database; - service_user *nip = NULL; + service_user *nip; int no_more; int rc6 = 0; int rc4 = 0; int herrno = 0; - if (hosts_database != NULL) - { - nip = hosts_database; - no_more = 0; - } - else + if (hosts_database == NULL) no_more = __nss_database_lookup ("hosts", NULL, - "dns [!UNAVAIL=return] files", &nip); + "dns [!UNAVAIL=return] files", + &hosts_database); + else + no_more = 0; + nip = hosts_database; if (__res_maybe_init (&_res, 0) == -1) no_more = 1; Index: glibc-2.17.90/nscd/initgrcache.c =================================================================== --- glibc-2.17.90.orig/nscd/initgrcache.c +++ glibc-2.17.90/nscd/initgrcache.c @@ -80,17 +80,16 @@ addinitgroupsX (struct database_dyn *db, } static service_user *group_database; - service_user *nip = NULL; + service_user *nip; int no_more; - if (group_database != NULL) - { - nip = group_database; - no_more = 0; - } - else + if (group_database == NULL) no_more = __nss_database_lookup ("group", NULL, - "compat [NOTFOUND=return] files", &nip); + "compat [NOTFOUND=return] files", + &group_database); + else + no_more = 0; + nip = group_database; /* We always use sysconf even if NGROUPS_MAX is defined. That way, the limit can be raised in the kernel configuration without having to Index: glibc-2.17.90/sysdeps/posix/getaddrinfo.c =================================================================== --- glibc-2.17.90.orig/sysdeps/posix/getaddrinfo.c +++ glibc-2.17.90/sysdeps/posix/getaddrinfo.c @@ -558,7 +558,7 @@ gaih_inet (const char *name, const struc struct gaih_addrtuple **pat = &at; int no_data = 0; int no_inet6_data = 0; - service_user *nip = NULL; + service_user *nip; enum nss_status inet6_status = NSS_STATUS_UNAVAIL; enum nss_status status = NSS_STATUS_UNAVAIL; int no_more; @@ -791,15 +791,13 @@ gaih_inet (const char *name, const struc } #endif - if (__nss_hosts_database != NULL) - { - no_more = 0; - nip = __nss_hosts_database; - } - else + if (__nss_hosts_database == NULL) no_more = __nss_database_lookup ("hosts", NULL, "dns [!UNAVAIL=return] files", - &nip); + &__nss_hosts_database); + else + no_more = 0; + nip = __nss_hosts_database; /* Initialize configurations. */ if (__builtin_expect (!_res_hconf.initialized, 0)) ++++++ nss-db-path.patch ++++++ Use /var/db for nss_db Index: glibc-2.17.90/Makeconfig =================================================================== --- glibc-2.17.90.orig/Makeconfig +++ glibc-2.17.90/Makeconfig @@ -259,7 +259,7 @@ inst_sysconfdir = $(install_root)$(sysco # Directory for the database files and Makefile for nss_db. ifndef vardbdir -vardbdir = $(localstatedir)/db +vardbdir = /var/lib/misc endif inst_vardbdir = $(install_root)$(vardbdir) Index: glibc-2.17.90/nss/db-Makefile =================================================================== --- glibc-2.17.90.orig/nss/db-Makefile +++ glibc-2.17.90/nss/db-Makefile @@ -22,7 +22,7 @@ DATABASES = $(wildcard /etc/passwd /etc/ /etc/rpc /etc/services /etc/shadow /etc/gshadow \ /etc/netgroup) -VAR_DB = /var/db +VAR_DB = /var/lib/misc AWK = awk MAKEDB = makedb --quiet Index: glibc-2.17.90/sysdeps/unix/sysv/linux/paths.h =================================================================== --- glibc-2.17.90.orig/sysdeps/unix/sysv/linux/paths.h +++ glibc-2.17.90/sysdeps/unix/sysv/linux/paths.h @@ -68,7 +68,7 @@ /* Provide trailing slash, since mostly used for building pathnames. */ #define _PATH_DEV "/dev/" #define _PATH_TMP "/tmp/" -#define _PATH_VARDB "/var/db/" +#define _PATH_VARDB "/var/lib/misc/" #define _PATH_VARRUN "/var/run/" #define _PATH_VARTMP "/var/tmp/" ++++++ nss-dns-infinite-loop.patch ++++++ 2014-12-16 Florian Weimer <fweimer@redhat.com> [BZ #17630] * resolv/nss_dns/dns-network.c (getanswer_r): Iterate over alias names. Index: glibc-2.18/resolv/nss_dns/dns-network.c =================================================================== --- glibc-2.18.orig/resolv/nss_dns/dns-network.c +++ glibc-2.18/resolv/nss_dns/dns-network.c @@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int case BYNAME: { - char **ap = result->n_aliases++; - while (*ap != NULL) + char **ap; + for (ap = result->n_aliases; *ap != NULL; ++ap) { /* Check each alias name for being of the forms: 4.3.2.1.in-addr.arpa = net 1.2.3.4 ++++++ nsswitch.conf ++++++ # # /etc/nsswitch.conf # # An example Name Service Switch config file. This file should be # sorted with the most-used services at the beginning. # # The entry '[NOTFOUND=return]' means that the search for an # entry should stop if the search in the previous entry turned # up nothing. Note that if the search failed due to some other reason # (like no NIS server responding) then the search continues with the # next entry. # # Legal entries are: # # compat Use compatibility setup # nisplus Use NIS+ (NIS version 3) # nis Use NIS (NIS version 2), also called YP # dns Use DNS (Domain Name Service) # files Use the local files # [NOTFOUND=return] Stop searching if not found so far # # For more information, please read the nsswitch.conf.5 manual page. # # passwd: files nis # shadow: files nis # group: files nis passwd: compat group: compat hosts: files dns networks: files dns services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files nis publickey: files bootparams: files automount: files nis aliases: files ++++++ options-rotate.patch ++++++ 2013-10-14 Aurelien Jarno <aurelien@aurel32.net> [BZ #13028] * res_send.c(__libc_res_nsend): Correctly copy the nameserver address. Index: glibc-2.18/resolv/res_send.c =================================================================== --- glibc-2.18.orig/resolv/res_send.c +++ glibc-2.18/resolv/res_send.c @@ -441,7 +441,7 @@ __libc_res_nsend(res_state statp, const malloc(sizeof (struct sockaddr_in6)); if (EXT(statp).nsaddrs[n] != NULL) { memset (mempcpy(EXT(statp).nsaddrs[n], - &statp->nsaddr_list[n], + &statp->nsaddr_list[ns], sizeof (struct sockaddr_in)), '\0', sizeof (struct sockaddr_in6) ++++++ pldd-wait-ptrace-stop.patch ++++++ 2013-07-31 Andreas Schwab <schwab@suse.de> * elf/pldd.c (wait_for_ptrace_stop): New function. (main): Call it after attaching. Index: glibc-2.17.90/elf/pldd.c =================================================================== --- glibc-2.17.90.orig/elf/pldd.c +++ glibc-2.17.90/elf/pldd.c @@ -34,6 +34,7 @@ #include <unistd.h> #include <sys/ptrace.h> #include <sys/stat.h> +#include <sys/wait.h> #include <ldsodefs.h> #include <version.h> @@ -82,6 +83,7 @@ static char *exe; /* Local functions. */ static int get_process_info (int dfd, long int pid); +static void wait_for_ptrace_stop (long int pid); int @@ -170,6 +172,8 @@ main (int argc, char *argv[]) tid); } + wait_for_ptrace_stop (tid); + struct thread_list *newp = alloca (sizeof (*newp)); newp->tid = tid; newp->next = thread_list; @@ -194,6 +198,24 @@ main (int argc, char *argv[]) } +/* Wait for PID to enter ptrace-stop state after being attached. */ +static void +wait_for_ptrace_stop (long int pid) +{ + int status; + + /* While waiting for SIGSTOP being delivered to the tracee we have to + reinject any other pending signal. Ignore all other errors. */ + while (waitpid (pid, &status, __WALL) == pid && WIFSTOPPED (status)) + { + /* The STOP signal should not be delivered to the tracee. */ + if (WSTOPSIG (status) == SIGSTOP) + return; + ptrace (PTRACE_CONT, pid, NULL, (void *) (uintptr_t) WSTOPSIG (status)); + } +} + + /* Handle program arguments. */ static error_t parse_opt (int key, char *arg, struct argp_state *state) ++++++ pre_checkin.sh ++++++ #!/bin/bash # This script is called automatically during autobuild checkin. sed -e 's/^Name:.*glibc/&-testsuite/' glibc.spec > glibc-testsuite.spec cp glibc.changes glibc-testsuite.changes awk '/^Name:/{ $0 = $0 "-utils" } /UTILS-SUMMARY-BEGIN/ { ignore = 1 print "\ Summary: Development utilities from GNU C library\n\ License: LGPL-2.1+\n\ Group: Development/Languages/C and C++" } /UTILS-SUMMARY-END/ { ignore = 0 } /^%description$/ { ignore = 1 print "\ %description\n\ The glibc-utils package contains mtrace, a memory leak tracer and\n\ xtrace, a function call tracer which can be helpful during program\n\ debugging.\n\ \n\ If you are unsure if you need this, don'\''t install this package.\n" } /^%package/ { ignore = 0} !ignore { print }' glibc.spec > glibc-utils.spec cp glibc.changes glibc-utils.changes osc service localrun format_spec_file ++++++ printf-overrun.patch ++++++

From 1aa92494e55792b568663b5aad81a58fad35490d Mon Sep 17 00:00:00 2001 From: Eric Biggers <ebiggers3@gmail.com> Date: Thu, 18 Apr 2013 17:46:08 +0200 Subject: [PATCH] PR15362

[BZ #15362] * libio/fileops.c: Revert problematic fixes for [BZ #11741] * libio/iofwrite.c: Likewise. * libio/iofwrite_u.c: Likewise. * libio/iopadn.c: Likewise. * libio/iowpadn.c: Likewise. * stdio-common/vfprintf.c: Fix [BZ #11741] properly by checking whether _IO_padn() returned the full count written. --- libio/fileops.c | 21 +++++++++------------ libio/iofwrite.c | 10 +++++----- libio/iofwrite_u.c | 10 +++++----- libio/iopadn.c | 2 +- libio/iowpadn.c | 2 +- stdio-common/vfprintf.c | 12 ++++++------ 6 files changed, 27 insertions(+), 30 deletions(-) Index: glibc-2.17.90/libio/fileops.c =================================================================== --- glibc-2.17.90.orig/libio/fileops.c +++ glibc-2.17.90/libio/fileops.c @@ -1245,13 +1245,12 @@ _IO_new_file_write (f, data, n) _IO_ssize_t n; { _IO_ssize_t to_do = n; - _IO_ssize_t count = 0; while (to_do > 0) { - count = (__builtin_expect (f->_flags2 - & _IO_FLAGS2_NOTCANCEL, 0) - ? write_not_cancel (f->_fileno, data, to_do) - : write (f->_fileno, data, to_do)); + _IO_ssize_t count = (__builtin_expect (f->_flags2 + & _IO_FLAGS2_NOTCANCEL, 0) + ? write_not_cancel (f->_fileno, data, to_do) + : write (f->_fileno, data, to_do)); if (count < 0) { f->_flags |= _IO_ERR_SEEN; @@ -1263,7 +1262,7 @@ _IO_new_file_write (f, data, n) n -= to_do; if (f->_offset >= 0) f->_offset += n; - return count < 0 ? count : n; + return n; } _IO_size_t @@ -1323,13 +1322,11 @@ _IO_new_file_xsputn (f, data, n) _IO_size_t block_size, do_write; /* Next flush the (full) buffer. */ if (_IO_OVERFLOW (f, EOF) == EOF) - /* If nothing else has to be written or nothing has been written, we - must not signal the caller that the call was even partially - successful. */ - return (to_do == 0 || to_do == n) ? EOF : n - to_do; + /* If nothing else has to be written we must not signal the + caller that everything has been written. */ + return to_do == 0 ? EOF : n - to_do; - /* Try to maintain alignment: write a whole number of blocks. - dont_write is what gets left over. */ + /* Try to maintain alignment: write a whole number of blocks. */ block_size = f->_IO_buf_end - f->_IO_buf_base; do_write = to_do - (block_size >= 128 ? to_do % block_size : 0); Index: glibc-2.17.90/libio/iofwrite.c =================================================================== --- glibc-2.17.90.orig/libio/iofwrite.c +++ glibc-2.17.90/libio/iofwrite.c @@ -42,12 +42,12 @@ _IO_fwrite (buf, size, count, fp) if (_IO_vtable_offset (fp) != 0 || _IO_fwide (fp, -1) == -1) written = _IO_sputn (fp, (const char *) buf, request); _IO_release_lock (fp); - /* We are guaranteed to have written all of the input, none of it, or - some of it. */ - if (written == request) + /* We have written all of the input in case the return value indicates + this or EOF is returned. The latter is a special case where we + simply did not manage to flush the buffer. But the data is in the + buffer and therefore written as far as fwrite is concerned. */ + if (written == request || written == EOF) return count; - else if (written == EOF) - return 0; else return written / size; } Index: glibc-2.17.90/libio/iofwrite_u.c =================================================================== --- glibc-2.17.90.orig/libio/iofwrite_u.c +++ glibc-2.17.90/libio/iofwrite_u.c @@ -44,12 +44,12 @@ fwrite_unlocked (buf, size, count, fp) if (_IO_fwide (fp, -1) == -1) { written = _IO_sputn (fp, (const char *) buf, request); - /* We are guaranteed to have written all of the input, none of it, or - some of it. */ - if (written == request) + /* We have written all of the input in case the return value indicates + this or EOF is returned. The latter is a special case where we + simply did not manage to flush the buffer. But the data is in the + buffer and therefore written as far as fwrite is concerned. */ + if (written == request || written == EOF) return count; - else if (written == EOF) - return 0; } return written / size; Index: glibc-2.17.90/libio/iopadn.c =================================================================== --- glibc-2.17.90.orig/libio/iopadn.c +++ glibc-2.17.90/libio/iopadn.c @@ -59,7 +59,7 @@ _IO_padn (fp, pad, count) w = _IO_sputn (fp, padptr, PADSIZE); written += w; if (w != PADSIZE) - return w == EOF ? w : written; + return written; } if (i > 0) Index: glibc-2.17.90/libio/iowpadn.c =================================================================== --- glibc-2.17.90.orig/libio/iowpadn.c +++ glibc-2.17.90/libio/iowpadn.c @@ -65,7 +65,7 @@ _IO_wpadn (fp, pad, count) w = _IO_sputn (fp, (char *) padptr, PADSIZE); written += w; if (w != PADSIZE) - return w == EOF ? w : written; + return written; } if (i > 0) Index: glibc-2.17.90/stdio-common/vfprintf.c =================================================================== --- glibc-2.17.90.orig/stdio-common/vfprintf.c +++ glibc-2.17.90/stdio-common/vfprintf.c @@ -90,13 +90,13 @@ do { \ if (width > 0) \ { \ - unsigned int d = _IO_padn (s, (Padchar), width); \ - if (__glibc_unlikely (d == EOF)) \ + _IO_ssize_t written = _IO_padn (s, (Padchar), width); \ + if (__glibc_unlikely (written != width)) \ { \ done = -1; \ goto all_done; \ } \ - done_add (d); \ + done_add (written); \ } \ } while (0) # define PUTC(C, F) _IO_putc_unlocked (C, F) @@ -119,13 +119,13 @@ do { \ if (width > 0) \ { \ - unsigned int d = _IO_wpadn (s, (Padchar), width); \ - if (__glibc_unlikely (d == EOF)) \ + _IO_ssize_t written = _IO_wpadn (s, (Padchar), width); \ + if (__glibc_unlikely (written != width)) \ { \ done = -1; \ goto all_done; \ } \ - done_add (d); \ + done_add (written); \ } \ } while (0) # define PUTC(C, F) _IO_putwc_unlocked (C, F) ++++++ pthread-mutex-trylock-elision.patch ++++++ Properly handle forced elision in pthread_mutex_trylock [BZ #16657] * nptl/pthread_mutex_trylock.c (__pthread_mutex_trylock): Use FORCE_ELISION instead of DO_ELISION. Index: glibc-2.18/nptl/pthread_mutex_trylock.c =================================================================== --- glibc-2.18.orig/nptl/pthread_mutex_trylock.c +++ glibc-2.18/nptl/pthread_mutex_trylock.c @@ -26,8 +26,8 @@ #define lll_trylock_elision(a,t) lll_trylock(a) #endif -#ifndef DO_ELISION -#define DO_ELISION(m) 0 +#ifndef FORCE_ELISION +#define FORCE_ELISION(m, s) #endif /* We don't force elision in trylock, because this can lead to inconsistent @@ -77,8 +77,7 @@ __pthread_mutex_trylock (mutex) return 0; case PTHREAD_MUTEX_TIMED_NP: - if (DO_ELISION (mutex)) - goto elision; + FORCE_ELISION (mutex, goto elision); /*FALL THROUGH*/ case PTHREAD_MUTEX_ADAPTIVE_NP: case PTHREAD_MUTEX_ERRORCHECK_NP: ++++++ readdir_r-overflow.patch ++++++ 2013-06-12 Florian Weimer <fweimer@redhat.com> [BZ #14699] * sysdeps/posix/dirstream.h (struct __dirstream): Add errcode member. * sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode member. * sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member. * sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit. Return delayed error code. Remove GETDENTS_64BIT_ALIGNED conditional. * sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define GETDENTS_64BIT_ALIGNED. * sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise. * manual/filesys.texi (Reading/Closing Directory): Document ENAMETOOLONG return value of readdir_r. Recommend readdir more strongly. * manual/conf.texi (Limits for Files): Add portability note to NAME_MAX, PATH_MAX. (Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX. Index: glibc-2.18/manual/conf.texi =================================================================== --- glibc-2.18.orig/manual/conf.texi +++ glibc-2.18/manual/conf.texi @@ -1149,6 +1149,9 @@ typed ahead as input. @xref{I/O Queues} @deftypevr Macro int NAME_MAX The uniform system limit (if any) for the length of a file name component, not including the terminating null character. + +@strong{Portability Note:} On some systems, @theglibc{} defines +@code{NAME_MAX}, but does not actually enforce this limit. @end deftypevr @comment limits.h @@ -1157,6 +1160,9 @@ including the terminating null character The uniform system limit (if any) for the length of an entire file name (that is, the argument given to system calls such as @code{open}), including the terminating null character. + +@strong{Portability Note:} @Theglibc{} does not enforce this limit +even if @code{PATH_MAX} is defined. @end deftypevr @cindex limits, pipe buffer size @@ -1476,6 +1482,9 @@ Inquire about the value of @code{POSIX_R Inquire about the value of @code{POSIX_REC_XFER_ALIGN}. @end table +@strong{Portability Note:} On some systems, @theglibc{} does not +enforce @code{_PC_NAME_MAX} or @code{_PC_PATH_MAX} limits. + @node Utility Limits @section Utility Program Capacity Limits Index: glibc-2.18/manual/filesys.texi =================================================================== --- glibc-2.18.orig/manual/filesys.texi +++ glibc-2.18/manual/filesys.texi @@ -444,9 +444,9 @@ symbols are declared in the header file @comment POSIX.1 @deftypefun {struct dirent *} readdir (DIR *@var{dirstream}) This function reads the next entry from the directory. It normally -returns a pointer to a structure containing information about the file. -This structure is statically allocated and can be rewritten by a -subsequent call. +returns a pointer to a structure containing information about the +file. This structure is associated with the @var{dirstream} handle +and can be rewritten by a subsequent call. @strong{Portability Note:} On some systems @code{readdir} may not return entries for @file{.} and @file{..}, even though these are always @@ -461,19 +461,59 @@ conditions are defined for this function The @var{dirstream} argument is not valid. @end table -@code{readdir} is not thread safe. Multiple threads using -@code{readdir} on the same @var{dirstream} may overwrite the return -value. Use @code{readdir_r} when this is critical. +To distinguish between an end-of-directory condition or an error, you +must set @code{errno} to zero before calling @code{readdir}. To avoid +entering an infinite loop, you should stop reading from the directory +after the first error. + +In POSIX.1-2008, @code{readdir} is not thread-safe. In @theglibc{} +implementation, it is safe to call @code{readdir} concurrently on +different @var{dirstream}s (but multiple threads accessing the same +@var{dirstream} result in undefined behavior). @code{readdir_r} is a +fully thread-safe alternative, but suffers from poor portability (see +below). It is recommended that you use @code{readdir}, with external +locking if multiple threads access the same @var{dirstream}. @end deftypefun @comment dirent.h @comment GNU @deftypefun int readdir_r (DIR *@var{dirstream}, struct dirent *@var{entry}, struct dirent **@var{result}) -This function is the reentrant version of @code{readdir}. Like -@code{readdir} it returns the next entry from the directory. But to -prevent conflicts between simultaneously running threads the result is -not stored in statically allocated memory. Instead the argument -@var{entry} points to a place to store the result. +This function is a version of @code{readdir} which performs internal +locking. Like @code{readdir} it returns the next entry from the +directory. To prevent conflicts between simultaneously running +threads the result is stored inside the @var{entry} object. + +@strong{Portability Note:} It is recommended to use @code{readdir} +instead of @code{readdir_r} for the following reasons: + +@itemize @bullet +@item +On systems which do not define @code{NAME_MAX}, it may not be possible +to use @code{readdir_r} safely because the caller does not specify the +length of the buffer for the directory entry. + +@item +On some systems, @code{readdir_r} cannot read directory entries with +very long names. If such a name is encountered, @theglibc{} +implementation of @code{readdir_r} returns with an error code of +@code{ENAMETOOLONG} after the final directory entry has been read. On +other systems, @code{readdir_r} may return successfully, but the +@code{d_name} member may not be NUL-terminated or may be truncated. + +@item +POSIX-1.2008 does not guarantee that @code{readdir} is thread-safe, +even when access to the same @var{dirstream} is serialized. But in +current implementations (including @theglibc{}), it is safe to call +@code{readdir} concurrently on different @var{dirstream}s, so there is +no requirement to use @code{readdir_r} even in multi-threaded +programs. + +@item +It is expected that future versions of POSIX will obsolete +@code{readdir_r} and mandate the level of thread safety for +@code{readdir} which is provided by @theglibc{} and other +implementations today. +@end itemize Normally @code{readdir_r} returns zero and sets @code{*@var{result}} to @var{entry}. If there are no more entries in the directory or an @@ -481,15 +521,6 @@ error is detected, @code{readdir_r} sets null pointer and returns a nonzero error code, also stored in @code{errno}, as described for @code{readdir}. -@strong{Portability Note:} On some systems @code{readdir_r} may not -return a NUL terminated string for the file name, even when there is no -@code{d_reclen} field in @code{struct dirent} and the file -name is the maximum allowed size. Modern systems all have the -@code{d_reclen} field, and on old systems multi-threading is not -critical. In any case there is no such problem with the @code{readdir} -function, so that even on systems without the @code{d_reclen} member one -could use multiple threads by using external locking. - It is also important to look at the definition of the @code{struct dirent} type. Simply passing a pointer to an object of this type for the second parameter of @code{readdir_r} might not be enough. Some Index: glibc-2.18/sysdeps/posix/dirstream.h =================================================================== --- glibc-2.18.orig/sysdeps/posix/dirstream.h +++ glibc-2.18/sysdeps/posix/dirstream.h @@ -39,6 +39,8 @@ struct __dirstream off_t filepos; /* Position of next entry to read. */ + int errcode; /* Delayed error code. */ + /* Directory block. */ char data[0] __attribute__ ((aligned (__alignof__ (void*)))); }; Index: glibc-2.18/sysdeps/posix/opendir.c =================================================================== --- glibc-2.18.orig/sysdeps/posix/opendir.c +++ glibc-2.18/sysdeps/posix/opendir.c @@ -231,6 +231,7 @@ __alloc_dir (int fd, bool close_fd, int dirp->size = 0; dirp->offset = 0; dirp->filepos = 0; + dirp->errcode = 0; return dirp; } Index: glibc-2.18/sysdeps/posix/readdir_r.c =================================================================== --- glibc-2.18.orig/sysdeps/posix/readdir_r.c +++ glibc-2.18/sysdeps/posix/readdir_r.c @@ -40,6 +40,7 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent DIRENT_TYPE *dp; size_t reclen; const int saved_errno = errno; + int ret; __libc_lock_lock (dirp->lock); @@ -70,10 +71,10 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent bytes = 0; __set_errno (saved_errno); } + if (bytes < 0) + dirp->errcode = errno; dp = NULL; - /* Reclen != 0 signals that an error occurred. */ - reclen = bytes != 0; break; } dirp->size = (size_t) bytes; @@ -106,29 +107,46 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *ent dirp->filepos += reclen; #endif - /* Skip deleted files. */ +#ifdef NAME_MAX + if (reclen > offsetof (DIRENT_TYPE, d_name) + NAME_MAX + 1) + { + /* The record is very long. It could still fit into the + caller-supplied buffer if we can skip padding at the + end. */ + size_t namelen = _D_EXACT_NAMLEN (dp); + if (namelen <= NAME_MAX) + reclen = offsetof (DIRENT_TYPE, d_name) + namelen + 1; + else + { + /* The name is too long. Ignore this file. */ + dirp->errcode = ENAMETOOLONG; + dp->d_ino = 0; + continue; + } + } +#endif + + /* Skip deleted and ignored files. */ } while (dp->d_ino == 0); if (dp != NULL) { -#ifdef GETDENTS_64BIT_ALIGNED - /* The d_reclen value might include padding which is not part of - the DIRENT_TYPE data structure. */ - reclen = MIN (reclen, - offsetof (DIRENT_TYPE, d_name) + sizeof (dp->d_name)); -#endif *result = memcpy (entry, dp, reclen); -#ifdef GETDENTS_64BIT_ALIGNED +#ifdef _DIRENT_HAVE_D_RECLEN entry->d_reclen = reclen; #endif + ret = 0; } else - *result = NULL; + { + *result = NULL; + ret = dirp->errcode; + } __libc_lock_unlock (dirp->lock); - return dp != NULL ? 0 : reclen ? errno : 0; + return ret; } #ifdef __READDIR_R_ALIAS Index: glibc-2.18/sysdeps/posix/rewinddir.c =================================================================== --- glibc-2.18.orig/sysdeps/posix/rewinddir.c +++ glibc-2.18/sysdeps/posix/rewinddir.c @@ -33,6 +33,7 @@ rewinddir (dirp) dirp->filepos = 0; dirp->offset = 0; dirp->size = 0; + dirp->errcode = 0; #ifndef NOT_IN_libc __libc_lock_unlock (dirp->lock); #endif Index: glibc-2.18/sysdeps/unix/sysv/linux/i386/readdir64_r.c =================================================================== --- glibc-2.18.orig/sysdeps/unix/sysv/linux/i386/readdir64_r.c +++ glibc-2.18/sysdeps/unix/sysv/linux/i386/readdir64_r.c @@ -18,7 +18,6 @@ #define __READDIR_R __readdir64_r #define __GETDENTS __getdents64 #define DIRENT_TYPE struct dirent64 -#define GETDENTS_64BIT_ALIGNED 1 #include <sysdeps/posix/readdir_r.c> Index: glibc-2.18/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c =================================================================== --- glibc-2.18.orig/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c +++ glibc-2.18/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c @@ -1,5 +1,4 @@ #define readdir64_r __no_readdir64_r_decl -#define GETDENTS_64BIT_ALIGNED 1 #include <sysdeps/posix/readdir_r.c> #undef readdir64_r weak_alias (__readdir_r, readdir64_r) ++++++ res-send-fd-reuse.patch ++++++ 2014-06-03 Andreas Schwab <schwab@suse.de> [BZ #15946] * resolv/res_send.c (send_dg): Reload file descriptor after calling reopen. Index: glibc-2.18/resolv/res_send.c =================================================================== --- glibc-2.18.orig/resolv/res_send.c +++ glibc-2.18/resolv/res_send.c @@ -1402,6 +1402,7 @@ send_dg(res_state statp, retval = reopen (statp, terrno, ns); if (retval <= 0) return retval; + pfd[0].fd = EXT(statp).nssocks[ns]; } } goto wait; ++++++ setlocale-directory-traversal.patch ++++++ ++++ 648 lines (skipped) ++++++ strcoll-overflow.patch ++++++ ++++ 1106 lines (skipped) ++++++ wordexp-wrde-nocmd.patch ++++++ 2014-11-19 Carlos O'Donell <carlos@redhat.com> Florian Weimer <fweimer@redhat.com> Joseph Myers <joseph@codesourcery.com> Adam Conrad <adconrad@0c3.net> Andreas Schwab <schwab@suse.de> Brooks <bmoses@google.com> [BZ #17625] * wordexp-test.c (__dso_handle): Add prototype. (__register_atfork): Likewise. (__app_register_atfork): New function. (registered_forks): New global. (register_fork): New function. (test_case): Add 3 new tests for WRDE_CMDSUB. (main): Call __app_register_atfork. (testit): If WRDE_NOCMD set registered_forks to zero, run test, and if fork count is non-zero fail the test. * posix/wordexp.c (exec_comm): Return WRDE_CMDSUB if WRDE_NOCMD flag is set. (parse_dollars): Remove check for WRDE_NOCMD. (parse_dquote): Likewise. Index: glibc-2.18/posix/wordexp-test.c =================================================================== --- glibc-2.18.orig/posix/wordexp-test.c +++ glibc-2.18/posix/wordexp-test.c @@ -27,6 +27,25 @@ #define IFS " \n\t" +extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden"))); +extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); + +static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void)) +{ + return __register_atfork (prepare, parent, child, + &__dso_handle == NULL ? NULL : __dso_handle); +} + +/* Number of forks seen. */ +static int registered_forks; + +/* For each fork increment the fork count. */ +static void +register_fork (void) +{ + registered_forks++; +} + struct test_case_struct { int retval; @@ -206,6 +225,12 @@ struct test_case_struct { WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS }, { WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS }, { WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS }, + /* Test for CVE-2014-7817. We test 3 combinations of command + substitution inside an arithmetic expression to make sure that + no commands are executed and error is returned. */ + { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, + { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, + { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS }, { -1, NULL, NULL, 0, 0, { NULL, }, IFS }, }; @@ -258,6 +283,15 @@ main (int argc, char *argv[]) return -1; } + /* If we are not allowed to do command substitution, we install + fork handlers to verify that no forks happened. No forks should + happen at all if command substitution is disabled. */ + if (__app_register_atfork (register_fork, NULL, NULL) != 0) + { + printf ("Failed to register fork handler.\n"); + return -1; + } + for (test = 0; test_case[test].retval != -1; test++) if (testit (&test_case[test])) ++fail; @@ -367,6 +401,9 @@ testit (struct test_case_struct *tc) printf ("Test %d (%s): ", ++tests, tc->words); + if (tc->flags & WRDE_NOCMD) + registered_forks = 0; + if (tc->flags & WRDE_APPEND) { /* initial wordexp() call, to be appended to */ @@ -378,6 +415,13 @@ testit (struct test_case_struct *tc) } retval = wordexp (tc->words, &we, tc->flags); + if ((tc->flags & WRDE_NOCMD) + && (registered_forks > 0)) + { + printf ("FAILED fork called for WRDE_NOCMD\n"); + return 1; + } + if (tc->flags & WRDE_DOOFFS) start_offs = sav_we.we_offs; Index: glibc-2.18/posix/wordexp.c =================================================================== --- glibc-2.18.orig/posix/wordexp.c +++ glibc-2.18/posix/wordexp.c @@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size pid_t pid; int noexec = 0; + /* Do nothing if command substitution should not succeed. */ + if (flags & WRDE_NOCMD) + return WRDE_CMDSUB; + /* Don't fork() unless necessary */ if (!comm || !*comm) return 0; @@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word } } - if (flags & WRDE_NOCMD) - return WRDE_CMDSUB; - (*offset) += 2; return parse_comm (word, word_length, max_length, words, offset, flags, quoted? NULL : pwordexp, ifs, ifs_white); @@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_ break; case '`': - if (flags & WRDE_NOCMD) - return WRDE_CMDSUB; - ++(*offset); error = parse_backtick (word, word_length, max_length, words, offset, flags, NULL, NULL, NULL); @@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *p break; case '`': - if (flags & WRDE_NOCMD) - { - error = WRDE_CMDSUB; - goto do_error; - } - ++words_offset; error = parse_backtick (&word, &word_length, &max_length, words, &words_offset, flags, pwordexp, ifs, ++++++ wscanf-buffer-overflow.patch ++++++ 2015-02-05 Paul Pluzhnikov <ppluzhnikov@google.com> [BZ #16618] * stdio-common/tst-sscanf.c (main): Test for buffer overflow. * stdio-common/vfscanf.c (_IO_vfscanf_internal): Compute needed size in bytes. Store needed elements in wpmax. Use needed size in bytes for extend_alloca. Index: glibc-2.18/stdio-common/tst-sscanf.c =================================================================== --- glibc-2.18.orig/stdio-common/tst-sscanf.c +++ glibc-2.18/stdio-common/tst-sscanf.c @@ -196,5 +196,38 @@ main (void) } } + /* BZ #16618 + The test will segfault during SSCANF if the buffer overflow + is not fixed. The size of `s` is such that it forces the use + of malloc internally and this triggers the incorrect computation. + Thus the value for SIZE is arbitrariy high enough that malloc + is used. */ + { +#define SIZE 131072 + CHAR *s = malloc ((SIZE + 1) * sizeof (*s)); + if (s == NULL) + abort (); + for (size_t i = 0; i < SIZE; i++) + s[i] = L('0'); + s[SIZE] = L('\0'); + int i = 42; + /* Scan multi-digit zero into `i`. */ + if (SSCANF (s, L("%d"), &i) != 1) + { + printf ("FAIL: bug16618: SSCANF did not read one input item.\n"); + result = 1; + } + if (i != 0) + { + printf ("FAIL: bug16618: Value of `i` was not zero as expected.\n"); + result = 1; + } + free (s); + if (result != 1) + printf ("PASS: bug16618: Did not crash.\n"); +#undef SIZE + } + + return result; } Index: glibc-2.18/stdio-common/vfscanf.c =================================================================== --- glibc-2.18.orig/stdio-common/vfscanf.c +++ glibc-2.18/stdio-common/vfscanf.c @@ -272,9 +272,10 @@ _IO_vfscanf_internal (_IO_FILE *s, const if (__builtin_expect (wpsize == wpmax, 0)) \ { \ CHAR_T *old = wp; \ - size_t newsize = (UCHAR_MAX + 1 > 2 * wpmax \ - ? UCHAR_MAX + 1 : 2 * wpmax); \ - if (use_malloc || !__libc_use_alloca (newsize)) \ + bool fits = __builtin_expect (wpmax <= SIZE_MAX / sizeof (CHAR_T) / 2, 1); \ + size_t wpneed = MAX (UCHAR_MAX + 1, 2 * wpmax); \ + size_t newsize = fits ? wpneed * sizeof (CHAR_T) : SIZE_MAX; \ + if (!__libc_use_alloca (newsize)) \ { \ wp = realloc (use_malloc ? wp : NULL, newsize); \ if (wp == NULL) \ @@ -286,14 +287,13 @@ _IO_vfscanf_internal (_IO_FILE *s, const } \ if (! use_malloc) \ MEMCPY (wp, old, wpsize); \ - wpmax = newsize; \ + wpmax = wpneed; \ use_malloc = true; \ } \ else \ { \ size_t s = wpmax * sizeof (CHAR_T); \ - wp = (CHAR_T *) extend_alloca (wp, s, \ - newsize * sizeof (CHAR_T)); \ + wp = (CHAR_T *) extend_alloca (wp, s, newsize); \ wpmax = s / sizeof (CHAR_T); \ if (old != NULL) \ MEMCPY (wp, old, wpsize); \ -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org