diff --git a/glibc-rh1631719.patch b/glibc-rh1631719.patch new file mode 100644 index 0000000..30d9ea5 --- /dev/null +++ b/glibc-rh1631719.patch @@ -0,0 +1,108 @@ +commit 0ef2f4400c06927af34c515555f68840a70ba409 +Author: Wilco Dijkstra +Date: Wed Sep 19 16:50:18 2018 +0100 + + Fix strstr bug with huge needles (bug 23637) + + The generic strstr in GLIBC 2.28 fails to match huge needles. The optimized + AVAILABLE macro reads ahead a large fixed amount to reduce the overhead of + repeatedly checking for the end of the string. However if the needle length + is larger than this, two_way_long_needle may confuse this as meaning the end + of the string and return NULL. This is fixed by adding the needle length to + the amount to read ahead. + + [BZ #23637] + * string/test-strstr.c (pr23637): New function. + (test_main): Add tests with longer needles. + * string/strcasestr.c (AVAILABLE): Fix readahead distance. + * string/strstr.c (AVAILABLE): Likewise. + + (cherry picked from commit 83a552b0bb9fc2a5e80a0ab3723c0a80ce1db9f2) + +diff --git a/string/strcasestr.c b/string/strcasestr.c +index 5909fe3cdba88e47..421764bd1b0ff22e 100644 +--- a/string/strcasestr.c ++++ b/string/strcasestr.c +@@ -37,8 +37,9 @@ + /* Two-Way algorithm. */ + #define RETURN_TYPE char * + #define AVAILABLE(h, h_l, j, n_l) \ +- (((j) + (n_l) <= (h_l)) || ((h_l) += __strnlen ((void*)((h) + (h_l)), 512), \ +- (j) + (n_l) <= (h_l))) ++ (((j) + (n_l) <= (h_l)) \ ++ || ((h_l) += __strnlen ((void*)((h) + (h_l)), (n_l) + 512), \ ++ (j) + (n_l) <= (h_l))) + #define CHECK_EOL (1) + #define RET0_IF_0(a) if (!a) goto ret0 + #define CANON_ELEMENT(c) TOLOWER (c) +diff --git a/string/strstr.c b/string/strstr.c +index 265e9f310ce507ce..79ebcc75329d0b17 100644 +--- a/string/strstr.c ++++ b/string/strstr.c +@@ -33,8 +33,9 @@ + + #define RETURN_TYPE char * + #define AVAILABLE(h, h_l, j, n_l) \ +- (((j) + (n_l) <= (h_l)) || ((h_l) += __strnlen ((void*)((h) + (h_l)), 512), \ +- (j) + (n_l) <= (h_l))) ++ (((j) + (n_l) <= (h_l)) \ ++ || ((h_l) += __strnlen ((void*)((h) + (h_l)), (n_l) + 512), \ ++ (j) + (n_l) <= (h_l))) + #define CHECK_EOL (1) + #define RET0_IF_0(a) if (!a) goto ret0 + #define FASTSEARCH(S,C,N) (void*) strchr ((void*)(S), (C)) +diff --git a/string/test-strstr.c b/string/test-strstr.c +index 8d99716ff39cc2c2..5861b01b73e4c315 100644 +--- a/string/test-strstr.c ++++ b/string/test-strstr.c +@@ -151,6 +151,32 @@ check2 (void) + } + } + ++#define N 1024 ++ ++static void ++pr23637 (void) ++{ ++ char *h = (char*) buf1; ++ char *n = (char*) buf2; ++ ++ for (int i = 0; i < N; i++) ++ { ++ n[i] = 'x'; ++ h[i] = ' '; ++ h[i + N] = 'x'; ++ } ++ ++ n[N] = '\0'; ++ h[N * 2] = '\0'; ++ ++ /* Ensure we don't match at the first 'x'. */ ++ h[0] = 'x'; ++ ++ char *exp_result = stupid_strstr (h, n); ++ FOR_EACH_IMPL (impl, 0) ++ check_result (impl, h, n, exp_result); ++} ++ + static int + test_main (void) + { +@@ -158,6 +184,7 @@ test_main (void) + + check1 (); + check2 (); ++ pr23637 (); + + printf ("%23s", ""); + FOR_EACH_IMPL (impl, 0) +@@ -202,6 +229,9 @@ test_main (void) + do_test (15, 9, hlen, klen, 1); + do_test (15, 15, hlen, klen, 0); + do_test (15, 15, hlen, klen, 1); ++ ++ do_test (15, 15, hlen + klen * 4, klen * 4, 0); ++ do_test (15, 15, hlen + klen * 4, klen * 4, 1); + } + + do_test (0, 0, page_size - 1, 16, 0); diff --git a/glibc.spec b/glibc.spec index d2f911f..dd7e518 100644 --- a/glibc.spec +++ b/glibc.spec @@ -1,6 +1,6 @@ %define glibcsrcdir glibc-2.28 %define glibcversion 2.28 -%define glibcrelease 13%{?dist} +%define glibcrelease 14%{?dist} # Pre-release tarballs are pulled in from git using a command that is # effectively: # @@ -170,6 +170,7 @@ Patch34: glibc-1622674-2.patch Patch35: glibc-rh1631338-1.patch Patch36: glibc-rh1631338-2.patch Patch37: glibc-rh1623519.patch +Patch38: glibc-rh1631719.patch ############################################################################## # Continued list of core "glibc" package information: @@ -1911,6 +1912,9 @@ fi %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %changelog +* Wed Sep 26 2018 Florian Weimer - 2.28-14 +- Fix bug in generic strstr with large needles (#1631719) + * Wed Sep 26 2018 Florian Weimer - 2.28-13 - stdlib/tst-setcontext9 test suite failure (#1623519)