Rebase to 2.23 branch, commit a824d609581d5ee7544aabcbbc70e8da44b2b5b6

2016-05-09 13:07:39 +02:00 · 2016-05-09 13:07:39 +02:00 · 59cdbb3254
commit 59cdbb3254
parent 6716b71dfc
5 changed files with 35 additions and 427 deletions
--- a/glibc-dns-host-gcc5.patch
+++ b/glibc-dns-host-gcc5.patch
@ -1,16 +1,16 @@
-Index: glibc-2.22-193-g315267a/resolv/nss_dns/dns-host.c
+Index: b/resolv/nss_dns/dns-host.c
 ===================================================================
--- glibc-2.22-193-g315267a.orig/resolv/nss_dns/dns-host.c
-+++ glibc-2.22-193-g315267a/resolv/nss_dns/dns-host.c
-@@ -79,6 +79,7 @@
+--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
+@@ -78,6 +78,7 @@
+ #include <stdlib.h>
 #include <stddef.h>
 #include <string.h>
- #include <sys/syslog.h>
 +#include <libc-internal.h>
 
 #include "nsswitch.h"
 
-@@ -561,10 +562,19 @@ addrsort (char **ap, int num)
+@@ -572,10 +573,19 @@ addrsort (char **ap, int num)
     num = MAX_NR_ADDRS;
   for (i = 0; i < num; i++, p++)
     {
--- a/glibc-gethnamaddr-gcc5.patch
+++ b/glibc-gethnamaddr-gcc5.patch
@ -1,16 +1,16 @@
-Index: glibc-2.22-193-g315267a/resolv/gethnamaddr.c
+Index: b/resolv/gethnamaddr.c
 ===================================================================
--- glibc-2.22-193-g315267a.orig/resolv/gethnamaddr.c
-+++ glibc-2.22-193-g315267a/resolv/gethnamaddr.c
-@@ -71,6 +71,7 @@ static char sccsid[] = "@(#)gethostnamad
+--- a/resolv/gethnamaddr.c
+++ b/resolv/gethnamaddr.c
+@@ -70,6 +70,7 @@ static char sccsid[] = "@(#)gethostnamad
+ #include <resolv.h>
 #include <ctype.h>
 #include <errno.h>
- #include <syslog.h>
 +#include <libc-internal.h>
 
 #define RESOLVSORT
 
-@@ -986,10 +987,19 @@ addrsort(ap, num)
+@@ -944,10 +945,19 @@ addrsort (char **ap, int num)
 
 	p = ap;
 	for (i = 0; i < num; i++, p++) {
--- a/glibc-rh1252570.patch
+++ b/glibc-rh1252570.patch
@ -1,408 +0,0 @@
-Revert this upstream commit:
-
-commit 2212c1420c92a33b0e0bd9a34938c9814a56c0f7
-Author: Andreas Schwab <schwab@suse.de>
-Date:   Thu Feb 19 15:52:08 2015 +0100
-
-    Simplify handling of nameserver configuration in resolver
-    
-    Remove use of ext.nsmap member of struct __res_state and always use
-    an identity mapping betwen the nsaddr_list array and the ext.nsaddrs
-    array.  The fact that a nameserver has an IPv6 address is signalled by
-    setting nsaddr_list[].sin_family to zero.
-
-reverted:
-Index: glibc-2.23-39-g314f6de/resolv/res_init.c
-===================================================================
--- glibc-2.23-39-g314f6de.orig/resolv/res_init.c
-+++ glibc-2.23-39-g314f6de/resolv/res_init.c
-@@ -139,8 +139,10 @@ __res_vinit(res_state statp, int preinit
- 	char *cp, **pp;
- 	int n;
- 	char buf[BUFSIZ];
-	int nserv = 0;    /* number of nameservers read from file */
-	int have_serv6 = 0;
-+	int nserv = 0;    /* number of IPv4 nameservers read from file */
-+#ifdef _LIBC
-+	int nservall = 0; /* number of (IPv4 + IPV6) nameservers read from file */
-+#endif
- 	int haveenv = 0;
- 	int havesearch = 0;
- #ifdef RESOLVSORT
-@@ -169,9 +171,15 @@ __res_vinit(res_state statp, int preinit
- 	statp->_flags = 0;
- 	statp->qhook = NULL;
- 	statp->rhook = NULL;
-+	statp->_u._ext.nsinit = 0;
- 	statp->_u._ext.nscount = 0;
-	for (n = 0; n < MAXNS; n++)
-	    statp->_u._ext.nsaddrs[n] = NULL;
-+#ifdef _LIBC
-+	statp->_u._ext.nscount6 = 0;
-+	for (n = 0; n < MAXNS; n++) {
-+		statp->_u._ext.nsaddrs[n] = NULL;
-+		statp->_u._ext.nsmap[n] = MAXNS;
-+	}
-+#endif
- 
- 	/* Allow user to override the local domain definition */
- 	if ((cp = getenv("LOCALDOMAIN")) != NULL) {
-@@ -275,7 +283,11 @@ __res_vinit(res_state statp, int preinit
- 		    continue;
- 		}
- 		/* read nameservers to query */
-+#ifdef _LIBC
-+		if (MATCH(buf, "nameserver") && nservall < MAXNS) {
-+#else
- 		if (MATCH(buf, "nameserver") && nserv < MAXNS) {
-+#endif
- 		    struct in_addr a;
- 
- 		    cp = buf + sizeof("nameserver") - 1;
-@@ -283,12 +295,13 @@ __res_vinit(res_state statp, int preinit
- 			cp++;
- 		    if ((*cp != '\0') && (*cp != '\n')
- 			&& __inet_aton(cp, &a)) {
-			statp->nsaddr_list[nserv].sin_addr = a;
-			statp->nsaddr_list[nserv].sin_family = AF_INET;
-			statp->nsaddr_list[nserv].sin_port =
-+			statp->nsaddr_list[nservall].sin_addr = a;
-+			statp->nsaddr_list[nservall].sin_family = AF_INET;
-+			statp->nsaddr_list[nservall].sin_port =
- 				htons(NAMESERVER_PORT);
- 			nserv++;
- #ifdef _LIBC
-+			nservall++;
- 		    } else {
- 			struct in6_addr a6;
- 			char *el;
-@@ -330,11 +343,10 @@ __res_vinit(res_state statp, int preinit
- 				    }
- 				}
- 
-				statp->nsaddr_list[nserv].sin_family = 0;
-				statp->_u._ext.nsaddrs[nserv] = sa6;
-				statp->_u._ext.nssocks[nserv] = -1;
-				have_serv6 = 1;
-				nserv++;
-+				statp->_u._ext.nsaddrs[nservall] = sa6;
-+				statp->_u._ext.nssocks[nservall] = -1;
-+				statp->_u._ext.nsmap[nservall] = MAXNS + 1;
-+				nservall++;
- 			    }
- 			}
- #endif
-@@ -389,9 +401,10 @@ __res_vinit(res_state statp, int preinit
- 		    continue;
- 		}
- 	    }
-	    statp->nscount = nserv;
-+	    statp->nscount = nservall;
- #ifdef _LIBC
-	    if (have_serv6) {
-+	    if (nservall - nserv > 0) {
-+		statp->_u._ext.nscount6 = nservall - nserv;
- 		/* We try IPv6 servers again.  */
- 		statp->ipv6_unavail = false;
- 	    }
-@@ -580,7 +593,11 @@ __res_iclose(res_state statp, bool free_
- 		statp->_vcsock = -1;
- 		statp->_flags &= ~(RES_F_VC | RES_F_CONN);
- 	}
-+#ifdef _LIBC
-+	for (ns = 0; ns < MAXNS; ns++)
-+#else
- 	for (ns = 0; ns < statp->_u._ext.nscount; ns++)
-+#endif
- 		if (statp->_u._ext.nsaddrs[ns]) {
- 			if (statp->_u._ext.nssocks[ns] != -1) {
- 				close_not_cancel_no_status(statp->_u._ext.nssocks[ns]);
-@@ -591,6 +608,8 @@ __res_iclose(res_state statp, bool free_
- 				statp->_u._ext.nsaddrs[ns] = NULL;
- 			}
- 		}
-+	if (free_addr)
-+		statp->_u._ext.nsinit = 0;
- }
- libc_hidden_def (__res_iclose)
- 
-Index: glibc-2.23-39-g314f6de/resolv/res_send.c
-===================================================================
--- glibc-2.23-39-g314f6de.orig/resolv/res_send.c
-+++ glibc-2.23-39-g314f6de/resolv/res_send.c
-@@ -193,7 +193,6 @@ evNowTime(struct timespec *res) {
- 
- /* Forward. */
- 
-static struct sockaddr *get_nsaddr (res_state, int);
- static int		send_vc(res_state, const u_char *, int,
- 				const u_char *, int,
- 				u_char **, int *, int *, int, u_char **,
-@@ -231,21 +230,20 @@ res_ourserver_p(const res_state statp, c
- 	    in_port_t port = in4p->sin_port;
- 	    in_addr_t addr = in4p->sin_addr.s_addr;
- 
-	    for (ns = 0;  ns < statp->nscount;  ns++) {
-+	    for (ns = 0;  ns < MAXNS;  ns++) {
- 		const struct sockaddr_in *srv =
-		    (struct sockaddr_in *) get_nsaddr (statp, ns);
-+		    (struct sockaddr_in *)EXT(statp).nsaddrs[ns];
- 
-		if ((srv->sin_family == AF_INET) &&
-+		if ((srv != NULL) && (srv->sin_family == AF_INET) &&
- 		    (srv->sin_port == port) &&
- 		    (srv->sin_addr.s_addr == INADDR_ANY ||
- 		     srv->sin_addr.s_addr == addr))
- 		    return (1);
- 	    }
- 	} else if (inp->sin6_family == AF_INET6) {
-	    for (ns = 0;  ns < statp->nscount;  ns++) {
-		const struct sockaddr_in6 *srv
-		  = (struct sockaddr_in6 *) get_nsaddr (statp, ns);
-		if ((srv->sin6_family == AF_INET6) &&
-+	    for (ns = 0;  ns < MAXNS;  ns++) {
-+		const struct sockaddr_in6 *srv = EXT(statp).nsaddrs[ns];
-+		if ((srv != NULL) && (srv->sin6_family == AF_INET6) &&
- 		    (srv->sin6_port == inp->sin6_port) &&
- 		    !(memcmp(&srv->sin6_addr, &in6addr_any,
- 			     sizeof (struct in6_addr)) &&
-@@ -397,48 +395,80 @@ __libc_res_nsend(res_state statp, const
- 	 * If the ns_addr_list in the resolver context has changed, then
- 	 * invalidate our cached copy and the associated timing data.
- 	 */
-	if (EXT(statp).nscount != 0) {
-+	if (EXT(statp).nsinit) {
- 		int needclose = 0;
- 
- 		if (EXT(statp).nscount != statp->nscount)
- 			needclose++;
- 		else
-			for (ns = 0; ns < statp->nscount; ns++) {
-				if (statp->nsaddr_list[ns].sin_family != 0
-+			for (ns = 0; ns < MAXNS; ns++) {
-+				unsigned int map = EXT(statp).nsmap[ns];
-+				if (map < MAXNS
- 				    && !sock_eq((struct sockaddr_in6 *)
-						&statp->nsaddr_list[ns],
-+						&statp->nsaddr_list[map],
- 						EXT(statp).nsaddrs[ns]))
- 				{
- 					needclose++;
- 					break;
- 				}
- 			}
-		if (needclose) {
-+		if (needclose)
- 			__res_iclose(statp, false);
-			EXT(statp).nscount = 0;
-		}
- 	}
- 
- 	/*
- 	 * Maybe initialize our private copy of the ns_addr_list.
- 	 */
-	if (EXT(statp).nscount == 0) {
-		for (ns = 0; ns < statp->nscount; ns++) {
-			EXT(statp).nssocks[ns] = -1;
-			if (statp->nsaddr_list[ns].sin_family == 0)
-				continue;
-			if (EXT(statp).nsaddrs[ns] == NULL)
-				EXT(statp).nsaddrs[ns] =
-+	if (EXT(statp).nsinit == 0) {
-+		unsigned char map[MAXNS];
-+
-+		memset (map, MAXNS, sizeof (map));
-+		for (n = 0; n < MAXNS; n++) {
-+			ns = EXT(statp).nsmap[n];
-+			if (ns < statp->nscount)
-+				map[ns] = n;
-+			else if (ns < MAXNS) {
-+				free(EXT(statp).nsaddrs[n]);
-+				EXT(statp).nsaddrs[n] = NULL;
-+				EXT(statp).nsmap[n] = MAXNS;
-+			}
-+		}
-+		n = statp->nscount;
-+		if (statp->nscount > EXT(statp).nscount)
-+			for (n = EXT(statp).nscount, ns = 0;
-+			     n < statp->nscount; n++) {
-+				while (ns < MAXNS
-+				       && EXT(statp).nsmap[ns] != MAXNS)
-+					ns++;
-+				if (ns == MAXNS)
-+					break;
-+				/* NS never exceeds MAXNS, but gcc 4.9 somehow
-+				   does not see this.  */
-+				DIAG_PUSH_NEEDS_COMMENT;
-+				DIAG_IGNORE_NEEDS_COMMENT (4.9,
-+							   "-Warray-bounds");
-+				EXT(statp).nsmap[ns] = n;
-+				DIAG_POP_NEEDS_COMMENT;
-+				map[n] = ns++;
-+			}
-+		EXT(statp).nscount = n;
-+		for (ns = 0; ns < EXT(statp).nscount; ns++) {
-+			n = map[ns];
-+			if (EXT(statp).nsaddrs[n] == NULL)
-+				EXT(statp).nsaddrs[n] =
- 				    malloc(sizeof (struct sockaddr_in6));
-			if (EXT(statp).nsaddrs[ns] != NULL)
-				memset (mempcpy(EXT(statp).nsaddrs[ns],
-+			if (EXT(statp).nsaddrs[n] != NULL) {
-+				memset (mempcpy(EXT(statp).nsaddrs[n],
- 						&statp->nsaddr_list[ns],
- 						sizeof (struct sockaddr_in)),
- 					'\0',
- 					sizeof (struct sockaddr_in6)
- 					- sizeof (struct sockaddr_in));
-+				EXT(statp).nssocks[n] = -1;
-+				n++;
-+			}
- 		}
-		EXT(statp).nscount = statp->nscount;
-+		EXT(statp).nsinit = 1;
- 	}
- 
- 	/*
-@@ -447,37 +477,44 @@ __libc_res_nsend(res_state statp, const
- 	 */
- 	if (__builtin_expect ((statp->options & RES_ROTATE) != 0, 0) &&
- 	    (statp->options & RES_BLAST) == 0) {
-		struct sockaddr_in ina;
-		struct sockaddr_in6 *inp;
-		int lastns = statp->nscount - 1;
-		int fd;
-
-		inp = EXT(statp).nsaddrs[0];
-		ina = statp->nsaddr_list[0];
-		fd = EXT(statp).nssocks[0];
-		for (ns = 0; ns < lastns; ns++) {
-		    EXT(statp).nsaddrs[ns] = EXT(statp).nsaddrs[ns + 1];
-		    statp->nsaddr_list[ns] = statp->nsaddr_list[ns + 1];
-		    EXT(statp).nssocks[ns] = EXT(statp).nssocks[ns + 1];
-		}
-		EXT(statp).nsaddrs[lastns] = inp;
-		statp->nsaddr_list[lastns] = ina;
-		EXT(statp).nssocks[lastns] = fd;
-+		struct sockaddr_in6 *ina;
-+		unsigned int map;
-+
-+		n = 0;
-+		while (n < MAXNS && EXT(statp).nsmap[n] == MAXNS)
-+			n++;
-+		if (n < MAXNS) {
-+			ina = EXT(statp).nsaddrs[n];
-+			map = EXT(statp).nsmap[n];
-+			for (;;) {
-+				ns = n + 1;
-+				while (ns < MAXNS
-+				       && EXT(statp).nsmap[ns] == MAXNS)
-+					ns++;
-+				if (ns == MAXNS)
-+					break;
-+				EXT(statp).nsaddrs[n] = EXT(statp).nsaddrs[ns];
-+				EXT(statp).nsmap[n] = EXT(statp).nsmap[ns];
-+				n = ns;
-+			}
-+			EXT(statp).nsaddrs[n] = ina;
-+			EXT(statp).nsmap[n] = map;
-+		}
- 	}
- 
- 	/*
- 	 * Send request, RETRY times, or until successful.
- 	 */
- 	for (try = 0; try < statp->retry; try++) {
-	    for (ns = 0; ns < statp->nscount; ns++)
-+	    for (ns = 0; ns < MAXNS; ns++)
- 	    {
- #ifdef DEBUG
- 		char tmpbuf[40];
- #endif
-#if defined USE_HOOKS || defined DEBUG
-		struct sockaddr *nsap = get_nsaddr (statp, ns);
-#endif
-+		struct sockaddr_in6 *nsap = EXT(statp).nsaddrs[ns];
- 
-+		if (nsap == NULL)
-+			goto next_ns;
- 	    same_ns:
- #ifdef USE_HOOKS
- 		if (__glibc_unlikely (statp->qhook != NULL))       {
-@@ -634,21 +671,6 @@ libresolv_hidden_def (res_nsend)
- 
- /* Private */
- 
-static struct sockaddr *
-get_nsaddr (res_state statp, int n)
-{
-
-  if (statp->nsaddr_list[n].sin_family == 0 && EXT(statp).nsaddrs[n] != NULL)
-    /* EXT(statp).nsaddrs[n] holds an address that is larger than
-       struct sockaddr, and user code did not update
-       statp->nsaddr_list[n].  */
-    return (struct sockaddr *) EXT(statp).nsaddrs[n];
-  else
-    /* User code updated statp->nsaddr_list[n], or statp->nsaddr_list[n]
-       has the same content as EXT(statp).nsaddrs[n].  */
-    return (struct sockaddr *) (void *) &statp->nsaddr_list[n];
-}
-
- /* The send_vc function is responsible for sending a DNS query over TCP
-    to the nameserver numbered NS from the res_state STATP i.e.
-    EXT(statp).nssocks[ns].  The function supports sending both IPv4 and
-@@ -730,7 +752,7 @@ send_vc(res_state statp,
- 	const HEADER *hp = (HEADER *) buf;
- 	const HEADER *hp2 = (HEADER *) buf2;
- 	HEADER *anhp = (HEADER *) *ansp;
-	struct sockaddr *nsap = get_nsaddr (statp, ns);
-+	struct sockaddr_in6 *nsap = EXT(statp).nsaddrs[ns];
- 	int truncating, connreset, n;
- 	/* On some architectures compiler might emit a warning indicating
- 	   'resplen' may be used uninitialized.  However if buf2 == NULL
-@@ -763,8 +785,8 @@ send_vc(res_state statp,
- 
- 		if (getpeername(statp->_vcsock,
- 				(struct sockaddr *)&peer, &size) < 0 ||
-		    !sock_eq(&peer, (struct sockaddr_in6 *) nsap)) {
-			__res_iclose(statp, false);
-+		    !sock_eq(&peer, nsap)) {
-+		  __res_iclose(statp, false);
- 			statp->_flags &= ~RES_F_VC;
- 		}
- 	}
-@@ -773,19 +795,20 @@ send_vc(res_state statp,
- 		if (statp->_vcsock >= 0)
- 		  __res_iclose(statp, false);
- 
-		statp->_vcsock = socket(nsap->sa_family, SOCK_STREAM, 0);
-+		statp->_vcsock = socket(nsap->sin6_family, SOCK_STREAM, 0);
- 		if (statp->_vcsock < 0) {
- 			*terrno = errno;
- 			Perror(statp, stderr, "socket(vc)", errno);
- 			return (-1);
- 		}
- 		__set_errno (0);
-		if (connect(statp->_vcsock, nsap,
-			    nsap->sa_family == AF_INET
-+		if (connect(statp->_vcsock, (struct sockaddr *)nsap,
-+			    nsap->sin6_family == AF_INET
- 			    ? sizeof (struct sockaddr_in)
- 			    : sizeof (struct sockaddr_in6)) < 0) {
- 			*terrno = errno;
-			Aerror(statp, stderr, "connect/vc", errno, nsap);
-+			Aerror(statp, stderr, "connect/vc", errno,
-+			       (struct sockaddr *) nsap);
- 			__res_iclose(statp, false);
- 			return (0);
- 		}
-@@ -979,7 +1002,8 @@ static int
- reopen (res_state statp, int *terrno, int ns)
- {
- 	if (EXT(statp).nssocks[ns] == -1) {
-		struct sockaddr *nsap = get_nsaddr (statp, ns);
-+		struct sockaddr *nsap
-+		  = (struct sockaddr *) EXT(statp).nsaddrs[ns];
- 		socklen_t slen;
- 
- 		/* only try IPv6 if IPv6 NS and if not failed before */
--- a/glibc.spec
+++ b/glibc.spec
@ -1,6 +1,6 @@
-%define glibcsrcdir  glibc-2.23-8-g0a321a4
+%define glibcsrcdir  glibc-2.23-52-ga824d60
 %define glibcversion 2.23.1
-%define glibcrelease 5%{?dist}
+%define glibcrelease 6%{?dist}
 # Pre-release tarballs are pulled in from git using a command that is
 # effectively:
 #
@ -298,9 +298,6 @@ Patch2035: glibc-nsswitch-Add-group-merging-support.patch

 Patch2036: glibc-gcc-PR69537.patch

-# Upstream BZ 19573, patch reverts problematic commit
-Patch2099: glibc-rh1252570.patch
-
 # Upstream BZ 19581
 Patch2101: glibc-rh1114591.patch

@ -794,7 +791,6 @@ cat /proc/meminfo
 %patch0059 -p1
 %patch2035 -p1
 %patch2036 -p1
-%patch2099 -p1
 %patch2101 -p1
 %patch0060 -p1

@ -2114,6 +2110,26 @@ rm -f *.filelist*
 %endif

 %changelog
+* Mon May  9 2016 Florian Weimer <fweimer@redhat.com> - 2.23.1-6
+- Drop the revert in glibc-rh1252570.patch.  There is now a series
+  of upstream fixes for the Hesiod crash and the IPv6 address
+  memory leak.
+- Sync with the upstream 2.23 release branch
+  (commit a824d609581d5ee7544aabcbbc70e8da44b2b5b6),
+  resolving the bugs listed below.
+- nss_db: Fix handling of long entries (#1321861)
+- Fix getnameinfo memory leak and incorrect truncation (#1333901)
+- nss_hesiod: Fix heap overflow in TXT record parsing (#1332912)
+- Fix deadlock between between fflush, getdelim, and fork (#1332917)
+- CVE-2016-3075: Stack overflow in _nss_dns_getnetbyname_r (#1321954)
+- resolv: Fix NULL pointer dereference with unconnectable address (#1316972)
+- April 2016 nss_dns hardening (#1332914)
+- Fix elf/tst-audit10 and elf/tst-audit4 failures (#1313404)
+- Fix strfmon_l to use the locale object for grouping (#1307234)
+- CVE-2016-1234: buffer overflow in glob with GLOB_ALTDIRFUNC (#1315648)
+- ldconfig -X should not remove stale symbolic links (#1334289)
+- Set dlerror after dlsym (RTLD_NEXT) failure (#1333945)
+
 * Mon Feb 29 2016 Carlos O'Donell <carlos@redhat.com> - 2.23.1-5
 - Enhance support for upgrading from a non-language-pack system.

--- a/2
+++ b/2
@ -1 +1 @@
-f91055e85dc694d732b2ec7c2f751b0e  glibc-2.23-8-g0a321a4.tar.gz
+5caac941824ffc45a0e85ba17dc761dd  glibc-2.23-52-ga824d60.tar.gz