diff --git a/glibc-1622674-1.patch b/glibc-1622674-1.patch deleted file mode 100644 index 4d94590..0000000 --- a/glibc-1622674-1.patch +++ /dev/null @@ -1,41 +0,0 @@ -commit 58559f14437d2aa71753a29fed435efa06aa4576 -Author: Paul Eggert -Date: Tue Aug 28 21:54:28 2018 +0200 - - regex: fix uninitialized memory access - - I introduced this bug into gnulib in commit - 8335a4d6c7b4448cd0bcb6d0bebf1d456bcfdb17 dated 2006-04-10; - eventually it was merged into glibc. The bug was found by - project-repo and reported here: - https://lists.gnu.org/r/sed-devel/2018-08/msg00017.html - Diagnosis and draft fix reported by Assaf Gordon here: - https://lists.gnu.org/r/bug-gnulib/2018-08/msg00071.html - https://lists.gnu.org/r/bug-gnulib/2018-08/msg00142.html - * posix/regex_internal.c (build_wcs_upper_buffer): - Fix bug when mbrtowc returns 0. - - (cherry picked from commit bc680b336971305cb39896b30d72dc7101b62242) - -diff --git a/posix/regex_internal.c b/posix/regex_internal.c -index 7f0083b918de6530..b10588f1ccbb1992 100644 ---- a/posix/regex_internal.c -+++ b/posix/regex_internal.c -@@ -317,7 +317,7 @@ build_wcs_upper_buffer (re_string_t *pstr) - mbclen = __mbrtowc (&wc, - ((const char *) pstr->raw_mbs + pstr->raw_mbs_idx - + byte_idx), remain_len, &pstr->cur_state); -- if (BE (mbclen < (size_t) -2, 1)) -+ if (BE (0 < mbclen && mbclen < (size_t) -2, 1)) - { - wchar_t wcu = __towupper (wc); - if (wcu != wc) -@@ -386,7 +386,7 @@ build_wcs_upper_buffer (re_string_t *pstr) - else - p = (const char *) pstr->raw_mbs + pstr->raw_mbs_idx + src_idx; - mbclen = __mbrtowc (&wc, p, remain_len, &pstr->cur_state); -- if (BE (mbclen < (size_t) -2, 1)) -+ if (BE (0 < mbclen && mbclen < (size_t) -2, 1)) - { - wchar_t wcu = __towupper (wc); - if (wcu != wc) diff --git a/glibc-1622674-2.patch b/glibc-1622674-2.patch deleted file mode 100644 index ecf37f7..0000000 --- a/glibc-1622674-2.patch +++ /dev/null @@ -1,226 +0,0 @@ -commit 0b79004569e5ce1669136b8c41564c3809730f15 -Author: Florian Weimer -Date: Tue Aug 28 12:57:46 2018 +0200 - - regex: Add test tst-regcomp-truncated [BZ #23578] - - (cherry picked from commit 761404b74d9853ce1608195e24f25b78a910591a) - -diff --git a/posix/Makefile b/posix/Makefile -index 00c62841a282f15a..83162123f9c927a0 100644 ---- a/posix/Makefile -+++ b/posix/Makefile -@@ -96,7 +96,7 @@ tests := test-errno tstgetopt testfnm runtests runptests \ - tst-posix_fadvise tst-posix_fadvise64 \ - tst-sysconf-empty-chroot tst-glob_symlinks tst-fexecve \ - tst-glob-tilde test-ssize-max tst-spawn4 bug-regex37 \ -- bug-regex38 -+ bug-regex38 tst-regcomp-truncated - tests-internal := bug-regex5 bug-regex20 bug-regex33 \ - tst-rfc3484 tst-rfc3484-2 tst-rfc3484-3 \ - tst-glob_lstat_compat tst-spawn4-compat -@@ -194,6 +194,7 @@ $(objpfx)tst-regex2.out: $(gen-locales) - $(objpfx)tst-regexloc.out: $(gen-locales) - $(objpfx)tst-rxspencer.out: $(gen-locales) - $(objpfx)tst-rxspencer-no-utf8.out: $(gen-locales) -+$(objpfx)tst-regcomp-truncated.out: $(gen-locales) - endif - - # If we will use the generic uname implementation, we must figure out what -diff --git a/posix/tst-regcomp-truncated.c b/posix/tst-regcomp-truncated.c -new file mode 100644 -index 0000000000000000..a4a1581bbc2b39eb ---- /dev/null -+++ b/posix/tst-regcomp-truncated.c -@@ -0,0 +1,191 @@ -+/* Test compilation of truncated regular expressions. -+ Copyright (C) 2018 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+/* This test constructs various patterns in an attempt to trigger -+ over-reading the regular expression compiler, such as bug -+ 23578. */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Locales to test. */ -+static const char locales[][17] = -+ { -+ "C", -+ "en_US.UTF-8", -+ "de_DE.ISO-8859-1", -+ }; -+ -+/* Syntax options. Will be combined with other flags. */ -+static const reg_syntax_t syntaxes[] = -+ { -+ RE_SYNTAX_EMACS, -+ RE_SYNTAX_AWK, -+ RE_SYNTAX_GNU_AWK, -+ RE_SYNTAX_POSIX_AWK, -+ RE_SYNTAX_GREP, -+ RE_SYNTAX_EGREP, -+ RE_SYNTAX_POSIX_EGREP, -+ RE_SYNTAX_POSIX_BASIC, -+ RE_SYNTAX_POSIX_EXTENDED, -+ RE_SYNTAX_POSIX_MINIMAL_EXTENDED, -+ }; -+ -+/* Trailing characters placed after the initial character. */ -+static const char trailing_strings[][4] = -+ { -+ "", -+ "[", -+ "\\", -+ "[\\", -+ "(", -+ "(\\", -+ "\\(", -+ }; -+ -+static int -+do_test (void) -+{ -+ /* Staging buffer for the constructed regular expression. */ -+ char buffer[16]; -+ -+ /* Allocation used to detect over-reading by the regular expression -+ compiler. */ -+ struct support_next_to_fault ntf -+ = support_next_to_fault_allocate (sizeof (buffer)); -+ -+ /* Arbitrary Unicode codepoint at which we stop generating -+ characters. We do not probe the whole range because that would -+ take too long due to combinatorical exploision as the result of -+ combination with other flags. */ -+ static const wchar_t last_character = 0xfff; -+ -+ for (size_t locale_idx = 0; locale_idx < array_length (locales); -+ ++ locale_idx) -+ { -+ if (setlocale (LC_ALL, locales[locale_idx]) == NULL) -+ { -+ support_record_failure (); -+ printf ("error: setlocale (\"%s\"): %m", locales[locale_idx]); -+ continue; -+ } -+ if (test_verbose > 0) -+ printf ("info: testing locale \"%s\"\n", locales[locale_idx]); -+ -+ for (wchar_t wc = 0; wc <= last_character; ++wc) -+ { -+ char *after_wc; -+ if (wc == 0) -+ { -+ /* wcrtomb treats L'\0' in a special way. */ -+ *buffer = '\0'; -+ after_wc = &buffer[1]; -+ } -+ else -+ { -+ mbstate_t ps = { }; -+ size_t ret = wcrtomb (buffer, wc, &ps); -+ if (ret == (size_t) -1) -+ { -+ /* EILSEQ means that the target character set -+ cannot encode the character. */ -+ if (errno != EILSEQ) -+ { -+ support_record_failure (); -+ printf ("error: wcrtomb (0x%x) failed: %m\n", -+ (unsigned) wc); -+ } -+ continue; -+ } -+ TEST_VERIFY_EXIT (ret != 0); -+ after_wc = &buffer[ret]; -+ } -+ -+ for (size_t trailing_idx = 0; -+ trailing_idx < array_length (trailing_strings); -+ ++trailing_idx) -+ { -+ char *after_trailing -+ = stpcpy (after_wc, trailing_strings[trailing_idx]); -+ -+ for (int do_nul = 0; do_nul < 2; ++do_nul) -+ { -+ char *after_nul; -+ if (do_nul) -+ { -+ *after_trailing = '\0'; -+ after_nul = &after_trailing[1]; -+ } -+ else -+ after_nul = after_trailing; -+ -+ size_t length = after_nul - buffer; -+ -+ /* Make sure that the faulting region starts -+ after the used portion of the buffer. */ -+ char *ntf_start = ntf.buffer + sizeof (buffer) - length; -+ memcpy (ntf_start, buffer, length); -+ -+ for (const reg_syntax_t *psyntax = syntaxes; -+ psyntax < array_end (syntaxes); ++psyntax) -+ for (int do_icase = 0; do_icase < 2; ++do_icase) -+ { -+ re_syntax_options = *psyntax; -+ if (do_icase) -+ re_syntax_options |= RE_ICASE; -+ -+ regex_t reg; -+ memset (®, 0, sizeof (reg)); -+ const char *msg = re_compile_pattern -+ (ntf_start, length, ®); -+ if (msg != NULL) -+ { -+ if (test_verbose > 0) -+ { -+ char *quoted = support_quote_blob -+ (buffer, length); -+ printf ("info: compilation failed for pattern" -+ " \"%s\", syntax 0x%lx: %s\n", -+ quoted, re_syntax_options, msg); -+ free (quoted); -+ } -+ } -+ else -+ regfree (®); -+ } -+ } -+ } -+ } -+ } -+ -+ support_next_to_fault_free (&ntf); -+ -+ return 0; -+} -+ -+#include diff --git a/glibc-error-va_end.patch b/glibc-error-va_end.patch deleted file mode 100644 index a12ea17..0000000 --- a/glibc-error-va_end.patch +++ /dev/null @@ -1,28 +0,0 @@ -commit d05b05d1570ba3ae354a2f5a3cfeefb373b09979 -Author: Florian Weimer -Date: Mon Aug 13 14:28:07 2018 +0200 - - error, error_at_line: Add missing va_end calls - - (cherry picked from commit b7b52b9dec337a08a89bc67638773be652eba332) - -diff --git a/misc/error.c b/misc/error.c -index b4e8b6c93886b737..03378e2f2aa6251e 100644 ---- a/misc/error.c -+++ b/misc/error.c -@@ -319,6 +319,7 @@ error (int status, int errnum, const char *message, ...) - - va_start (args, message); - error_tail (status, errnum, message, args); -+ va_end (args); - - #ifdef _LIBC - _IO_funlockfile (stderr); -@@ -390,6 +391,7 @@ error_at_line (int status, int errnum, const char *file_name, - - va_start (args, message); - error_tail (status, errnum, message, args); -+ va_end (args); - - #ifdef _LIBC - _IO_funlockfile (stderr); diff --git a/glibc-nscd-leak.patch b/glibc-nscd-leak.patch deleted file mode 100644 index 0c12c9c..0000000 --- a/glibc-nscd-leak.patch +++ /dev/null @@ -1,35 +0,0 @@ -commit bfcfa22589f2b4277a65e60c6b736b6bbfbd87d0 -Author: Florian Weimer -Date: Tue Aug 14 10:51:07 2018 +0200 - - nscd: Deallocate existing user names in file parser - - This avoids a theoretical memory leak (theoretical because it depends on - multiple server-user/stat-user directives in the configuration file). - - (cherry picked from commit 2d7acfac3ebf266dcbc82d0d6cc576f626953a03) - -diff --git a/nscd/nscd_conf.c b/nscd/nscd_conf.c -index 265a02434dd26c29..7293b795b6bcf71e 100644 ---- a/nscd/nscd_conf.c -+++ b/nscd/nscd_conf.c -@@ -190,7 +190,10 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb]) - if (!arg1) - error (0, 0, _("Must specify user name for server-user option")); - else -- server_user = xstrdup (arg1); -+ { -+ free ((char *) server_user); -+ server_user = xstrdup (arg1); -+ } - } - else if (strcmp (entry, "stat-user") == 0) - { -@@ -198,6 +201,7 @@ nscd_parse_file (const char *fname, struct database_dyn dbs[lastdb]) - error (0, 0, _("Must specify user name for stat-user option")); - else - { -+ free ((char *) stat_user); - stat_user = xstrdup (arg1); - - struct passwd *pw = getpwnam (stat_user); diff --git a/glibc-nss_files-leak.patch b/glibc-nss_files-leak.patch deleted file mode 100644 index f0fbdc7..0000000 --- a/glibc-nss_files-leak.patch +++ /dev/null @@ -1,306 +0,0 @@ -commit 2f498f3d140ab5152bd784df2be7af7d9c5e63ed -Author: Florian Weimer -Date: Tue Aug 14 10:57:48 2018 +0200 - - nss_files: Fix file stream leak in aliases lookup [BZ #23521] - - In order to get a clean test case, it was necessary to fix partially - fixed bug 23522 as well. - - (cherry picked from commit e95c6f61920a0f9237cfb292fa44ad500e1df09b) - -diff --git a/nss/Makefile b/nss/Makefile -index 66fac7f5b8a4c0d8..5209fc0456dd6786 100644 ---- a/nss/Makefile -+++ b/nss/Makefile -@@ -65,6 +65,7 @@ ifeq (yes,$(build-shared)) - tests += tst-nss-files-hosts-erange - tests += tst-nss-files-hosts-multi - tests += tst-nss-files-hosts-getent -+tests += tst-nss-files-alias-leak - endif - - # If we have a thread library then we can test cancellation against -@@ -171,3 +172,5 @@ endif - $(objpfx)tst-nss-files-hosts-erange: $(libdl) - $(objpfx)tst-nss-files-hosts-multi: $(libdl) - $(objpfx)tst-nss-files-hosts-getent: $(libdl) -+$(objpfx)tst-nss-files-alias-leak: $(libdl) -+$(objpfx)tst-nss-files-alias-leak.out: $(objpfx)/libnss_files.so -diff --git a/nss/nss_files/files-alias.c b/nss/nss_files/files-alias.c -index cfd34b66b921bbff..35b0bfc5d2479ab6 100644 ---- a/nss/nss_files/files-alias.c -+++ b/nss/nss_files/files-alias.c -@@ -221,6 +221,13 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result, - { - while (! feof_unlocked (listfile)) - { -+ if (room_left < 2) -+ { -+ free (old_line); -+ fclose (listfile); -+ goto no_more_room; -+ } -+ - first_unused[room_left - 1] = '\xff'; - line = fgets_unlocked (first_unused, room_left, - listfile); -@@ -229,6 +236,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result, - if (first_unused[room_left - 1] != '\xff') - { - free (old_line); -+ fclose (listfile); - goto no_more_room; - } - -@@ -256,6 +264,7 @@ get_next_alias (FILE *stream, const char *match, struct aliasent *result, - + __alignof__ (char *))) - { - free (old_line); -+ fclose (listfile); - goto no_more_room; - } - room_left -= ((first_unused - cp) -diff --git a/nss/tst-nss-files-alias-leak.c b/nss/tst-nss-files-alias-leak.c -new file mode 100644 -index 0000000000000000..26d38e2dba1ddaf3 ---- /dev/null -+++ b/nss/tst-nss-files-alias-leak.c -@@ -0,0 +1,237 @@ -+/* Check for file descriptor leak in alias :include: processing (bug 23521). -+ Copyright (C) 2018 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+static struct support_chroot *chroot_env; -+ -+/* Number of the aliases for the "many" user. This must be large -+ enough to trigger reallocation for the pointer array, but result in -+ answers below the maximum size tried in do_test. */ -+enum { many_aliases = 30 }; -+ -+static void -+prepare (int argc, char **argv) -+{ -+ chroot_env = support_chroot_create -+ ((struct support_chroot_configuration) { } ); -+ -+ char *path = xasprintf ("%s/etc/aliases", chroot_env->path_chroot); -+ add_temp_file (path); -+ support_write_file_string -+ (path, -+ "user1: :include:/etc/aliases.user1\n" -+ "user2: :include:/etc/aliases.user2\n" -+ "comment: comment1, :include:/etc/aliases.comment\n" -+ "many: :include:/etc/aliases.many\n"); -+ free (path); -+ -+ path = xasprintf ("%s/etc/aliases.user1", chroot_env->path_chroot); -+ add_temp_file (path); -+ support_write_file_string (path, "alias1\n"); -+ free (path); -+ -+ path = xasprintf ("%s/etc/aliases.user2", chroot_env->path_chroot); -+ add_temp_file (path); -+ support_write_file_string (path, "alias1a, alias2\n"); -+ free (path); -+ -+ path = xasprintf ("%s/etc/aliases.comment", chroot_env->path_chroot); -+ add_temp_file (path); -+ support_write_file_string -+ (path, -+ /* The line must be longer than the line with the :include: -+ directive in /etc/aliases. */ -+ "# Long line. ##############################################\n" -+ "comment2\n"); -+ free (path); -+ -+ path = xasprintf ("%s/etc/aliases.many", chroot_env->path_chroot); -+ add_temp_file (path); -+ FILE *fp = xfopen (path, "w"); -+ for (int i = 0; i < many_aliases; ++i) -+ fprintf (fp, "a%d\n", i); -+ TEST_VERIFY_EXIT (! ferror (fp)); -+ xfclose (fp); -+ free (path); -+} -+ -+/* The names of the users to test. */ -+static const char *users[] = { "user1", "user2", "comment", "many" }; -+ -+static void -+check_aliases (int id, const struct aliasent *e) -+{ -+ TEST_VERIFY_EXIT (id >= 0 || id < array_length (users)); -+ const char *name = users[id]; -+ TEST_COMPARE_BLOB (e->alias_name, strlen (e->alias_name), -+ name, strlen (name)); -+ -+ switch (id) -+ { -+ case 0: -+ TEST_COMPARE (e->alias_members_len, 1); -+ TEST_COMPARE_BLOB (e->alias_members[0], strlen (e->alias_members[0]), -+ "alias1", strlen ("alias1")); -+ break; -+ -+ case 1: -+ TEST_COMPARE (e->alias_members_len, 2); -+ TEST_COMPARE_BLOB (e->alias_members[0], strlen (e->alias_members[0]), -+ "alias1a", strlen ("alias1a")); -+ TEST_COMPARE_BLOB (e->alias_members[1], strlen (e->alias_members[1]), -+ "alias2", strlen ("alias2")); -+ break; -+ -+ case 2: -+ TEST_COMPARE (e->alias_members_len, 2); -+ TEST_COMPARE_BLOB (e->alias_members[0], strlen (e->alias_members[0]), -+ "comment1", strlen ("comment1")); -+ TEST_COMPARE_BLOB (e->alias_members[1], strlen (e->alias_members[1]), -+ "comment2", strlen ("comment2")); -+ break; -+ -+ case 3: -+ TEST_COMPARE (e->alias_members_len, many_aliases); -+ for (int i = 0; i < e->alias_members_len; ++i) -+ { -+ char alias[30]; -+ int len = snprintf (alias, sizeof (alias), "a%d", i); -+ TEST_VERIFY_EXIT (len > 0); -+ TEST_COMPARE_BLOB (e->alias_members[i], strlen (e->alias_members[i]), -+ alias, len); -+ } -+ break; -+ } -+} -+ -+static int -+do_test (void) -+{ -+ /* Make sure we don't try to load the module in the chroot. */ -+ if (dlopen (LIBNSS_FILES_SO, RTLD_NOW) == NULL) -+ FAIL_EXIT1 ("could not load " LIBNSS_FILES_SO ": %s", dlerror ()); -+ -+ /* Some of these descriptors will become unavailable if there is a -+ file descriptor leak. 10 is chosen somewhat arbitrarily. The -+ array must be longer than the number of files opened by nss_files -+ at the same time (currently that number is 2). */ -+ int next_descriptors[10]; -+ for (size_t i = 0; i < array_length (next_descriptors); ++i) -+ { -+ next_descriptors[i] = dup (0); -+ TEST_VERIFY_EXIT (next_descriptors[i] > 0); -+ } -+ for (size_t i = 0; i < array_length (next_descriptors); ++i) -+ xclose (next_descriptors[i]); -+ -+ support_become_root (); -+ if (!support_can_chroot ()) -+ return EXIT_UNSUPPORTED; -+ -+ __nss_configure_lookup ("aliases", "files"); -+ -+ xchroot (chroot_env->path_chroot); -+ -+ /* Attempt various buffer sizes. If the operation succeeds, we -+ expect correct data. */ -+ for (int id = 0; id < array_length (users); ++id) -+ { -+ bool found = false; -+ for (size_t size = 1; size <= 1000; ++size) -+ { -+ void *buffer = malloc (size); -+ struct aliasent result; -+ struct aliasent *res; -+ errno = EINVAL; -+ int ret = getaliasbyname_r (users[id], &result, buffer, size, &res); -+ if (ret == 0) -+ { -+ if (res != NULL) -+ { -+ found = true; -+ check_aliases (id, res); -+ } -+ else -+ { -+ support_record_failure (); -+ printf ("error: failed lookup for user \"%s\", size %zu\n", -+ users[id], size); -+ } -+ } -+ else if (ret != ERANGE) -+ { -+ support_record_failure (); -+ printf ("error: invalid return code %d (user \%s\", size %zu)\n", -+ ret, users[id], size); -+ } -+ free (buffer); -+ -+ /* Make sure that we did not have a file descriptor leak. */ -+ for (size_t i = 0; i < array_length (next_descriptors); ++i) -+ { -+ int new_fd = dup (0); -+ if (new_fd != next_descriptors[i]) -+ { -+ support_record_failure (); -+ printf ("error: descriptor %d at index %zu leaked" -+ " (user \"%s\", size %zu)\n", -+ next_descriptors[i], i, users[id], size); -+ -+ /* Close unexpected descriptor, the leak probing -+ descriptors, and the leaked descriptor -+ next_descriptors[i]. */ -+ xclose (new_fd); -+ for (size_t j = 0; j <= i; ++j) -+ xclose (next_descriptors[j]); -+ goto next_size; -+ } -+ } -+ for (size_t i = 0; i < array_length (next_descriptors); ++i) -+ xclose (next_descriptors[i]); -+ -+ next_size: -+ ; -+ } -+ if (!found) -+ { -+ support_record_failure (); -+ printf ("error: user %s not found\n", users[id]); -+ } -+ } -+ -+ support_chroot_free (chroot_env); -+ return 0; -+} -+ -+#define PREPARE prepare -+#include diff --git a/glibc-rh1614705.patch b/glibc-rh1614705.patch deleted file mode 100644 index ae4b43d..0000000 --- a/glibc-rh1614705.patch +++ /dev/null @@ -1,254 +0,0 @@ -commit 4b25485f03158959cff45379eecc1d73c7dcdd11 -Author: Florian Weimer -Date: Fri Aug 10 11:19:26 2018 +0200 - - Linux: Rewrite __old_getdents64 [BZ #23497] - - Commit 298d0e3129c0b5137f4989275b13fe30d0733c4d ("Consolidate Linux - getdents{64} implementation") broke the implementation because it does - not take into account struct offset differences. - - The new implementation is close to the old one, before the - consolidation, but has been cleaned up slightly. - - (cherry picked from commit 690652882b499defb3d950dfeff8fe421d13cab5) - -diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile -index f71cc39c7e257a0a..773aaea0e980bdd6 100644 ---- a/sysdeps/unix/sysv/linux/Makefile -+++ b/sysdeps/unix/sysv/linux/Makefile -@@ -161,6 +161,7 @@ inhibit-glue = yes - - ifeq ($(subdir),dirent) - sysdep_routines += getdirentries getdirentries64 -+tests-internal += tst-readdir64-compat - endif - - ifeq ($(subdir),nis) -diff --git a/sysdeps/unix/sysv/linux/getdents64.c b/sysdeps/unix/sysv/linux/getdents64.c -index 3bde0cf4f0226f95..bc140b5a7fac3040 100644 ---- a/sysdeps/unix/sysv/linux/getdents64.c -+++ b/sysdeps/unix/sysv/linux/getdents64.c -@@ -33,41 +33,80 @@ strong_alias (__getdents64, __getdents) - # include - - # if SHLIB_COMPAT(libc, GLIBC_2_1, GLIBC_2_2) --# include -+# include -+# include - --/* kernel definition of as of 3.2. */ --struct compat_linux_dirent -+static ssize_t -+handle_overflow (int fd, __off64_t offset, ssize_t count) - { -- /* Both d_ino and d_off are compat_ulong_t which are defined in all -- architectures as 'u32'. */ -- uint32_t d_ino; -- uint32_t d_off; -- unsigned short d_reclen; -- char d_name[1]; --}; -+ /* If this is the first entry in the buffer, we can report the -+ error. */ -+ if (count == 0) -+ { -+ __set_errno (EOVERFLOW); -+ return -1; -+ } -+ -+ /* Otherwise, seek to the overflowing entry, so that the next call -+ will report the error, and return the data read so far.. */ -+ if (__lseek64 (fd, offset, SEEK_SET) != 0) -+ return -1; -+ return count; -+} - - ssize_t - __old_getdents64 (int fd, char *buf, size_t nbytes) - { -- ssize_t retval = INLINE_SYSCALL_CALL (getdents, fd, buf, nbytes); -+ /* We do not move the individual directory entries. This is only -+ possible if the target type (struct __old_dirent64) is smaller -+ than the source type. */ -+ _Static_assert (offsetof (struct __old_dirent64, d_name) -+ <= offsetof (struct dirent64, d_name), -+ "__old_dirent64 is larger than dirent64"); -+ _Static_assert (__alignof__ (struct __old_dirent64) -+ <= __alignof__ (struct dirent64), -+ "alignment of __old_dirent64 is larger than dirent64"); - -- /* The kernel added the d_type value after the name. Change this now. */ -- if (retval != -1) -+ ssize_t retval = INLINE_SYSCALL_CALL (getdents64, fd, buf, nbytes); -+ if (retval > 0) - { -- union -- { -- struct compat_linux_dirent k; -- struct dirent u; -- } *kbuf = (void *) buf; -- -- while ((char *) kbuf < buf + retval) -+ char *p = buf; -+ char *end = buf + retval; -+ while (p < end) - { -- char d_type = *((char *) kbuf + kbuf->k.d_reclen - 1); -- memmove (kbuf->u.d_name, kbuf->k.d_name, -- strlen (kbuf->k.d_name) + 1); -- kbuf->u.d_type = d_type; -+ struct dirent64 *source = (struct dirent64 *) p; -+ -+ /* Copy out the fixed-size data. */ -+ __ino_t ino = source->d_ino; -+ __off64_t offset = source->d_off; -+ unsigned int reclen = source->d_reclen; -+ unsigned char type = source->d_type; -+ -+ /* Check for ino_t overflow. */ -+ if (__glibc_unlikely (ino != source->d_ino)) -+ return handle_overflow (fd, offset, p - buf); -+ -+ /* Convert to the target layout. Use a separate struct and -+ memcpy to side-step aliasing issues. */ -+ struct __old_dirent64 result; -+ result.d_ino = ino; -+ result.d_off = offset; -+ result.d_reclen = reclen; -+ result.d_type = type; -+ -+ /* Write the fixed-sized part of the result to the -+ buffer. */ -+ size_t result_name_offset = offsetof (struct __old_dirent64, d_name); -+ memcpy (p, &result, result_name_offset); -+ -+ /* Adjust the position of the name if necessary. Copy -+ everything until the end of the record, including the -+ terminating NUL byte. */ -+ if (result_name_offset != offsetof (struct dirent64, d_name)) -+ memmove (p + result_name_offset, source->d_name, -+ reclen - offsetof (struct dirent64, d_name)); - -- kbuf = (void *) ((char *) kbuf + kbuf->k.d_reclen); -+ p += reclen; - } - } - return retval; -diff --git a/sysdeps/unix/sysv/linux/tst-readdir64-compat.c b/sysdeps/unix/sysv/linux/tst-readdir64-compat.c -new file mode 100644 -index 0000000000000000..43c4a8477c7403c5 ---- /dev/null -+++ b/sysdeps/unix/sysv/linux/tst-readdir64-compat.c -@@ -0,0 +1,111 @@ -+/* Test readdir64 compatibility symbol. -+ Copyright (C) 2018 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Copied from . */ -+struct __old_dirent64 -+ { -+ __ino_t d_ino; -+ __off64_t d_off; -+ unsigned short int d_reclen; -+ unsigned char d_type; -+ char d_name[256]; -+ }; -+ -+typedef struct __old_dirent64 *(*compat_readdir64_type) (DIR *); -+ -+#if TEST_COMPAT (libc, GLIBC_2_1, GLIBC_2_2) -+struct __old_dirent64 *compat_readdir64 (DIR *); -+compat_symbol_reference (libc, compat_readdir64, readdir64, GLIBC_2_1); -+#endif -+ -+static int -+do_test (void) -+{ -+#if TEST_COMPAT (libc, GLIBC_2_1, GLIBC_2_2) -+ -+ /* Directory stream using the non-compat readdir64 symbol. The test -+ checks against this. */ -+ DIR *dir_reference = opendir ("."); -+ TEST_VERIFY_EXIT (dir_reference != NULL); -+ DIR *dir_test = opendir ("."); -+ TEST_VERIFY_EXIT (dir_test != NULL); -+ -+ /* This loop assumes that the enumeration order is consistent for -+ two different handles. Nothing should write to the current -+ directory (in the source tree) while this test runs, so there -+ should not be any difference due to races. */ -+ size_t count = 0; -+ while (true) -+ { -+ errno = 0; -+ struct dirent64 *entry_reference = readdir64 (dir_reference); -+ if (entry_reference == NULL && errno != 0) -+ FAIL_EXIT1 ("readdir64 entry %zu: %m\n", count); -+ struct __old_dirent64 *entry_test = compat_readdir64 (dir_test); -+ if (entry_reference == NULL) -+ { -+ if (errno == EOVERFLOW) -+ { -+ TEST_VERIFY (entry_reference->d_ino -+ != (__ino_t) entry_reference->d_ino); -+ printf ("info: inode number overflow at entry %zu\n", count); -+ break; -+ } -+ if (errno != 0) -+ FAIL_EXIT1 ("compat readdir64 entry %zu: %m\n", count); -+ } -+ -+ /* Check that both streams end at the same time. */ -+ if (entry_reference == NULL) -+ { -+ TEST_VERIFY (entry_test == NULL); -+ break; -+ } -+ else -+ TEST_VERIFY_EXIT (entry_test != NULL); -+ -+ /* Check that the entries are the same. */ -+ TEST_COMPARE_BLOB (entry_reference->d_name, -+ strlen (entry_reference->d_name), -+ entry_test->d_name, strlen (entry_test->d_name)); -+ TEST_COMPARE (entry_reference->d_ino, entry_test->d_ino); -+ TEST_COMPARE (entry_reference->d_off, entry_test->d_off); -+ TEST_COMPARE (entry_reference->d_type, entry_test->d_type); -+ TEST_COMPARE (entry_reference->d_reclen, entry_test->d_reclen); -+ -+ ++count; -+ } -+ printf ("info: %zu directory entries found\n", count); -+ TEST_VERIFY (count >= 3); /* ".", "..", and some source files. */ -+ -+ TEST_COMPARE (closedir (dir_test), 0); -+ TEST_COMPARE (closedir (dir_reference), 0); -+#endif -+ return 0; -+} -+ -+#include diff --git a/glibc-rh1622669.patch b/glibc-rh1622669.patch deleted file mode 100644 index ba473cd..0000000 --- a/glibc-rh1622669.patch +++ /dev/null @@ -1,27 +0,0 @@ -commit aa8a3e4cdef20c50cb20f008864fff05cbfbdf29 -Author: Martin Kuchta -Date: Mon Aug 27 18:54:46 2018 +0200 - - pthread_cond_broadcast: Fix waiters-after-spinning case [BZ #23538] - - (cherry picked from commit 99ea93ca31795469d2a1f1570f17a5c39c2eb7e2) - -diff --git a/nptl/pthread_cond_common.c b/nptl/pthread_cond_common.c -index 8e425eb01eceabec..479e54febb417675 100644 ---- a/nptl/pthread_cond_common.c -+++ b/nptl/pthread_cond_common.c -@@ -405,8 +405,12 @@ __condvar_quiesce_and_switch_g1 (pthread_cond_t *cond, uint64_t wseq, - { - /* There is still a waiter after spinning. Set the wake-request - flag and block. Relaxed MO is fine because this is just about -- this futex word. */ -- r = atomic_fetch_or_relaxed (cond->__data.__g_refs + g1, 1); -+ this futex word. -+ -+ Update r to include the set wake-request flag so that the upcoming -+ futex_wait only blocks if the flag is still set (otherwise, we'd -+ violate the basic client-side futex protocol). */ -+ r = atomic_fetch_or_relaxed (cond->__data.__g_refs + g1, 1) | 1; - - if ((r >> 1) > 0) - futex_wait_simple (cond->__data.__g_refs + g1, r, private); diff --git a/glibc-rh1623519-2.patch b/glibc-rh1623519-2.patch deleted file mode 100644 index 63d141b..0000000 --- a/glibc-rh1623519-2.patch +++ /dev/null @@ -1,34 +0,0 @@ -commit 3a67c72c1512f778304a5644dea2fcf5bdece274 -Author: Andreas Schwab -Date: Thu Sep 27 12:37:06 2018 +0200 - - Fix stack overflow in tst-setcontext9 (bug 23717) - - The function f1a, executed on a stack of size 32k, allocates an object of - size 32k on the stack. Make the stack variables static to reduce - excessive stack usage. - - (cherry picked from commit f841c97e515a1673485a2b12b3c280073d737890) - -diff --git a/stdlib/tst-setcontext9.c b/stdlib/tst-setcontext9.c -index db8355766ca7b906..009928235dd5987e 100644 ---- a/stdlib/tst-setcontext9.c -+++ b/stdlib/tst-setcontext9.c -@@ -58,7 +58,7 @@ f1b (void) - static void - f1a (void) - { -- char st2[32768]; -+ static char st2[32768]; - puts ("start f1a"); - if (getcontext (&ctx[2]) != 0) - { -@@ -93,7 +93,7 @@ f1a (void) - static int - do_test (void) - { -- char st1[32768]; -+ static char st1[32768]; - puts ("making contexts"); - if (getcontext (&ctx[0]) != 0) - { diff --git a/glibc-rh1623519.patch b/glibc-rh1623519.patch deleted file mode 100644 index 8352b3d..0000000 --- a/glibc-rh1623519.patch +++ /dev/null @@ -1,100 +0,0 @@ -commit a55e109709af55e6ed67d3f9536cac5d929c982e -Author: Carlos O'Donell -Date: Wed Sep 5 01:16:42 2018 -0400 - - Fix tst-setcontext9 for optimized small stacks. - - If the compiler reduces the stack usage in function f1 before calling - into function f2, then when we swapcontext back to f1 and continue - execution we may overwrite registers that were spilled to the stack - while f2 was executing. Later when we return to f2 the corrupt - registers will be reloaded from the stack and the test will crash. This - was most commonly observed on i686 with __x86.get_pc_thunk.dx and - needing to save and restore $edx. Overall i686 has few registers and - the spilling to the stack is bound to happen, therefore the solution to - making this test robust is to split function f1 into two parts f1a and - f1b, and allocate f1b it's own stack such that subsequent execution does - not overwrite the stack in use by function f2. - - Tested on i686 and x86_64. - - Signed-off-by: Carlos O'Donell - (cherry picked from commit 791b350dc725545e3f9b5db0f97ebdbc60c9735f) - -diff --git a/stdlib/tst-setcontext9.c b/stdlib/tst-setcontext9.c -index 4636ce9030fa38a7..db8355766ca7b906 100644 ---- a/stdlib/tst-setcontext9.c -+++ b/stdlib/tst-setcontext9.c -@@ -41,26 +41,55 @@ f2 (void) - } - - static void --f1 (void) -+f1b (void) - { -- puts ("start f1"); -- if (getcontext (&ctx[2]) != 0) -- { -- printf ("%s: getcontext: %m\n", __FUNCTION__); -- exit (EXIT_FAILURE); -- } - if (done) - { -- puts ("set context in f1"); -+ puts ("set context in f1b"); - if (setcontext (&ctx[3]) != 0) - { - printf ("%s: setcontext: %m\n", __FUNCTION__); - exit (EXIT_FAILURE); - } - } -+ exit (EXIT_FAILURE); -+} -+ -+static void -+f1a (void) -+{ -+ char st2[32768]; -+ puts ("start f1a"); -+ if (getcontext (&ctx[2]) != 0) -+ { -+ printf ("%s: getcontext: %m\n", __FUNCTION__); -+ exit (EXIT_FAILURE); -+ } -+ ctx[2].uc_stack.ss_sp = st2; -+ ctx[2].uc_stack.ss_size = sizeof st2; -+ ctx[2].uc_link = &ctx[0]; -+ makecontext (&ctx[2], (void (*) (void)) f1b, 0); - f2 (); - } - -+/* The execution path through the test looks like this: -+ do_test (call) -+ -> "making contexts" -+ -> "swap contexts" -+ f1a (via swapcontext to ctx[1], with alternate stack) -+ -> "start f1a" -+ f2 (call) -+ -> "swap contexts in f2" -+ f1b (via swapcontext to ctx[2], with alternate stack) -+ -> "set context in f1b" -+ do_test (via setcontext to ctx[3], main stack) -+ -> "setcontext" -+ f2 (via setcontext to ctx[4], with alternate stack) -+ -> "end f2" -+ -+ We must use an alternate stack for f1b, because if we don't then the -+ result of executing an earlier caller may overwrite registers -+ spilled to the stack in f2. */ - static int - do_test (void) - { -@@ -79,7 +108,7 @@ do_test (void) - ctx[1].uc_stack.ss_sp = st1; - ctx[1].uc_stack.ss_size = sizeof st1; - ctx[1].uc_link = &ctx[0]; -- makecontext (&ctx[1], (void (*) (void)) f1, 0); -+ makecontext (&ctx[1], (void (*) (void)) f1a, 0); - puts ("swap contexts"); - if (swapcontext (&ctx[3], &ctx[1]) != 0) - { diff --git a/glibc-rh1631338-1.patch b/glibc-rh1631338-1.patch deleted file mode 100644 index fc2a74e..0000000 --- a/glibc-rh1631338-1.patch +++ /dev/null @@ -1,29 +0,0 @@ -commit e7d22db29cfdd2f1fb97a70a76fa53d151569945 -Author: Mingli Yu -Date: Thu Sep 20 12:41:13 2018 +0200 - - Linux gethostid: Check for NULL value from gethostbyname_r [BZ #23679] - - A NULL value can happen with certain gethostbyname_r failures. - - (cherry picked from commit 1214ba06e6771acb953a190091b0f6055c64fd25) - -diff --git a/sysdeps/unix/sysv/linux/gethostid.c b/sysdeps/unix/sysv/linux/gethostid.c -index 2e20f034dc134cc7..ee0190e7f945db1f 100644 ---- a/sysdeps/unix/sysv/linux/gethostid.c -+++ b/sysdeps/unix/sysv/linux/gethostid.c -@@ -102,12 +102,12 @@ gethostid (void) - { - int ret = __gethostbyname_r (hostname, &hostbuf, - tmpbuf.data, tmpbuf.length, &hp, &herr); -- if (ret == 0) -+ if (ret == 0 && hp != NULL) - break; - else - { - /* Enlarge the buffer on ERANGE. */ -- if (herr == NETDB_INTERNAL && errno == ERANGE) -+ if (ret != 0 && herr == NETDB_INTERNAL && errno == ERANGE) - { - if (!scratch_buffer_grow (&tmpbuf)) - return 0; diff --git a/glibc-rh1631338-2.patch b/glibc-rh1631338-2.patch deleted file mode 100644 index 4eef814..0000000 --- a/glibc-rh1631338-2.patch +++ /dev/null @@ -1,146 +0,0 @@ -commit 307d04334d516bb180f484a2b283f97310bfee66 -Author: Florian Weimer -Date: Thu Sep 20 12:03:01 2018 +0200 - - misc: New test misc/tst-gethostid - - The empty /etc/hosts file used to trigger bug 23679. - - (cherry picked from commit db9a8ad4ff3fc58e3773a9a4d0cabe3c1bc9c94c) - -diff --git a/misc/Makefile b/misc/Makefile -index b7be2bc19a6f7ed5..c9f81515ac9aef2c 100644 ---- a/misc/Makefile -+++ b/misc/Makefile -@@ -86,6 +86,11 @@ tests := tst-dirname tst-tsearch tst-fdset tst-efgcvt tst-mntent tst-hsearch \ - tst-preadvwritev tst-preadvwritev64 tst-makedev tst-empty \ - tst-preadvwritev2 tst-preadvwritev64v2 - -+# Tests which need libdl. -+ifeq (yes,$(build-shared)) -+tests += tst-gethostid -+endif -+ - tests-internal := tst-atomic tst-atomic-long tst-allocate_once - tests-static := tst-empty - -@@ -145,3 +150,5 @@ tst-allocate_once-ENV = MALLOC_TRACE=$(objpfx)tst-allocate_once.mtrace - $(objpfx)tst-allocate_once-mem.out: $(objpfx)tst-allocate_once.out - $(common-objpfx)malloc/mtrace $(objpfx)tst-allocate_once.mtrace > $@; \ - $(evaluate-test) -+ -+$(objpfx)tst-gethostid: $(libdl) -diff --git a/misc/tst-gethostid.c b/misc/tst-gethostid.c -new file mode 100644 -index 0000000000000000..1490aaf3f517ff1d ---- /dev/null -+++ b/misc/tst-gethostid.c -@@ -0,0 +1,108 @@ -+/* Basic test for gethostid. -+ Copyright (C) 2018 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ . */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+/* Initial test is run outside a chroot, to increase the likelihood of -+ success. */ -+static void -+outside_chroot (void *closure) -+{ -+ long id = gethostid (); -+ printf ("info: host ID outside chroot: 0x%lx\n", id); -+} -+ -+/* The same, but this time perform a chroot operation. */ -+static void -+in_chroot (void *closure) -+{ -+ const char *chroot_path = closure; -+ xchroot (chroot_path); -+ long id = gethostid (); -+ printf ("info: host ID in chroot: 0x%lx\n", id); -+} -+ -+static int -+do_test (void) -+{ -+ support_isolate_in_subprocess (outside_chroot, NULL); -+ -+ /* Now run the test inside a chroot. */ -+ support_become_root (); -+ if (!support_can_chroot ()) -+ /* Cannot perform further tests. */ -+ return 0; -+ -+ /* Only use nss_files. */ -+ __nss_configure_lookup ("hosts", "files"); -+ -+ /* Load the DSO outside of the chroot. */ -+ xdlopen (LIBNSS_FILES_SO, RTLD_LAZY); -+ -+ char *chroot_dir = support_create_temp_directory ("tst-gethostid-"); -+ support_isolate_in_subprocess (in_chroot, chroot_dir); -+ -+ /* Tests with /etc/hosts in the chroot. */ -+ { -+ char *path = xasprintf ("%s/etc", chroot_dir); -+ add_temp_file (path); -+ xmkdir (path, 0777); -+ free (path); -+ path = xasprintf ("%s/etc/hosts", chroot_dir); -+ add_temp_file (path); -+ -+ FILE *fp = xfopen (path, "w"); -+ xfclose (fp); -+ printf ("info: chroot test with an empty /etc/hosts file\n"); -+ support_isolate_in_subprocess (in_chroot, chroot_dir); -+ -+ char hostname[1024]; -+ int ret = gethostname (hostname, sizeof (hostname)); -+ if (ret < 0) -+ printf ("warning: invalid result from gethostname: %d\n", ret); -+ else if (strlen (hostname) == 0) -+ puts ("warning: gethostname returned empty string"); -+ else -+ { -+ printf ("info: chroot test with IPv6 address in /etc/hosts for: %s\n", -+ hostname); -+ fp = xfopen (path, "w"); -+ /* Use an IPv6 address to induce another lookup failure. */ -+ fprintf (fp, "2001:db8::1 %s\n", hostname); -+ xfclose (fp); -+ support_isolate_in_subprocess (in_chroot, chroot_dir); -+ } -+ free (path); -+ } -+ free (chroot_dir); -+ -+ return 0; -+} -+ -+#include diff --git a/glibc-rh1631719.patch b/glibc-rh1631719.patch deleted file mode 100644 index 30d9ea5..0000000 --- a/glibc-rh1631719.patch +++ /dev/null @@ -1,108 +0,0 @@ -commit 0ef2f4400c06927af34c515555f68840a70ba409 -Author: Wilco Dijkstra -Date: Wed Sep 19 16:50:18 2018 +0100 - - Fix strstr bug with huge needles (bug 23637) - - The generic strstr in GLIBC 2.28 fails to match huge needles. The optimized - AVAILABLE macro reads ahead a large fixed amount to reduce the overhead of - repeatedly checking for the end of the string. However if the needle length - is larger than this, two_way_long_needle may confuse this as meaning the end - of the string and return NULL. This is fixed by adding the needle length to - the amount to read ahead. - - [BZ #23637] - * string/test-strstr.c (pr23637): New function. - (test_main): Add tests with longer needles. - * string/strcasestr.c (AVAILABLE): Fix readahead distance. - * string/strstr.c (AVAILABLE): Likewise. - - (cherry picked from commit 83a552b0bb9fc2a5e80a0ab3723c0a80ce1db9f2) - -diff --git a/string/strcasestr.c b/string/strcasestr.c -index 5909fe3cdba88e47..421764bd1b0ff22e 100644 ---- a/string/strcasestr.c -+++ b/string/strcasestr.c -@@ -37,8 +37,9 @@ - /* Two-Way algorithm. */ - #define RETURN_TYPE char * - #define AVAILABLE(h, h_l, j, n_l) \ -- (((j) + (n_l) <= (h_l)) || ((h_l) += __strnlen ((void*)((h) + (h_l)), 512), \ -- (j) + (n_l) <= (h_l))) -+ (((j) + (n_l) <= (h_l)) \ -+ || ((h_l) += __strnlen ((void*)((h) + (h_l)), (n_l) + 512), \ -+ (j) + (n_l) <= (h_l))) - #define CHECK_EOL (1) - #define RET0_IF_0(a) if (!a) goto ret0 - #define CANON_ELEMENT(c) TOLOWER (c) -diff --git a/string/strstr.c b/string/strstr.c -index 265e9f310ce507ce..79ebcc75329d0b17 100644 ---- a/string/strstr.c -+++ b/string/strstr.c -@@ -33,8 +33,9 @@ - - #define RETURN_TYPE char * - #define AVAILABLE(h, h_l, j, n_l) \ -- (((j) + (n_l) <= (h_l)) || ((h_l) += __strnlen ((void*)((h) + (h_l)), 512), \ -- (j) + (n_l) <= (h_l))) -+ (((j) + (n_l) <= (h_l)) \ -+ || ((h_l) += __strnlen ((void*)((h) + (h_l)), (n_l) + 512), \ -+ (j) + (n_l) <= (h_l))) - #define CHECK_EOL (1) - #define RET0_IF_0(a) if (!a) goto ret0 - #define FASTSEARCH(S,C,N) (void*) strchr ((void*)(S), (C)) -diff --git a/string/test-strstr.c b/string/test-strstr.c -index 8d99716ff39cc2c2..5861b01b73e4c315 100644 ---- a/string/test-strstr.c -+++ b/string/test-strstr.c -@@ -151,6 +151,32 @@ check2 (void) - } - } - -+#define N 1024 -+ -+static void -+pr23637 (void) -+{ -+ char *h = (char*) buf1; -+ char *n = (char*) buf2; -+ -+ for (int i = 0; i < N; i++) -+ { -+ n[i] = 'x'; -+ h[i] = ' '; -+ h[i + N] = 'x'; -+ } -+ -+ n[N] = '\0'; -+ h[N * 2] = '\0'; -+ -+ /* Ensure we don't match at the first 'x'. */ -+ h[0] = 'x'; -+ -+ char *exp_result = stupid_strstr (h, n); -+ FOR_EACH_IMPL (impl, 0) -+ check_result (impl, h, n, exp_result); -+} -+ - static int - test_main (void) - { -@@ -158,6 +184,7 @@ test_main (void) - - check1 (); - check2 (); -+ pr23637 (); - - printf ("%23s", ""); - FOR_EACH_IMPL (impl, 0) -@@ -202,6 +229,9 @@ test_main (void) - do_test (15, 9, hlen, klen, 1); - do_test (15, 15, hlen, klen, 0); - do_test (15, 15, hlen, klen, 1); -+ -+ do_test (15, 15, hlen + klen * 4, klen * 4, 0); -+ do_test (15, 15, hlen + klen * 4, klen * 4, 1); - } - - do_test (0, 0, page_size - 1, 16, 0); diff --git a/glibc-rh1631728.patch b/glibc-rh1631728.patch deleted file mode 100644 index cc59bac..0000000 --- a/glibc-rh1631728.patch +++ /dev/null @@ -1,82 +0,0 @@ -commit 2339d6a55eb7a7e040ae888e906adc49eeb59eab -Author: H.J. Lu -Date: Wed Sep 12 08:40:59 2018 -0700 - - i386: Use ENTRY and END in start.S [BZ #23606] - - Wrapping the _start function with ENTRY and END to insert ENDBR32 at - function entry when CET is enabled. Since _start now includes CFI, - without "cfi_undefined (eip)", unwinder may not terminate at _start - and we will get - - Program received signal SIGSEGV, Segmentation fault. - 0xf7dc661e in ?? () from /lib/libgcc_s.so.1 - Missing separate debuginfos, use: dnf debuginfo-install libgcc-8.2.1-3.0.fc28.i686 - (gdb) bt - #0 0xf7dc661e in ?? () from /lib/libgcc_s.so.1 - #1 0xf7dc7c18 in _Unwind_Backtrace () from /lib/libgcc_s.so.1 - #2 0xf7f0d809 in __GI___backtrace (array=array@entry=0xffffc7d0, - size=size@entry=20) at ../sysdeps/i386/backtrace.c:127 - #3 0x08049254 in compare (p1=p1@entry=0xffffcad0, p2=p2@entry=0xffffcad4) - at backtrace-tst.c:12 - #4 0xf7e2a28c in msort_with_tmp (p=p@entry=0xffffca5c, b=b@entry=0xffffcad0, - n=n@entry=2) at msort.c:65 - #5 0xf7e29f64 in msort_with_tmp (n=2, b=0xffffcad0, p=0xffffca5c) - at msort.c:53 - #6 msort_with_tmp (p=p@entry=0xffffca5c, b=b@entry=0xffffcad0, n=n@entry=5) - at msort.c:53 - #7 0xf7e29f64 in msort_with_tmp (n=5, b=0xffffcad0, p=0xffffca5c) - at msort.c:53 - #8 msort_with_tmp (p=p@entry=0xffffca5c, b=b@entry=0xffffcad0, n=n@entry=10) - at msort.c:53 - #9 0xf7e29f64 in msort_with_tmp (n=10, b=0xffffcad0, p=0xffffca5c) - at msort.c:53 - #10 msort_with_tmp (p=p@entry=0xffffca5c, b=b@entry=0xffffcad0, n=n@entry=20) - at msort.c:53 - #11 0xf7e2a5b6 in msort_with_tmp (n=20, b=0xffffcad0, p=0xffffca5c) - at msort.c:297 - #12 __GI___qsort_r (b=b@entry=0xffffcad0, n=n@entry=20, s=s@entry=4, - cmp=cmp@entry=0x8049230 , arg=arg@entry=0x0) at msort.c:297 - #13 0xf7e2a84d in __GI_qsort (b=b@entry=0xffffcad0, n=n@entry=20, s=s@entry=4, - cmp=cmp@entry=0x8049230 ) at msort.c:308 - #14 0x080490f6 in main (argc=2, argv=0xffffcbd4) at backtrace-tst.c:39 - - FAIL: debug/backtrace-tst - - [BZ #23606] - * sysdeps/i386/start.S: Include - (_start): Use ENTRY/END to insert ENDBR32 at entry when CET is - enabled. Add cfi_undefined (eip). - - Signed-off-by: H.J. Lu - - (cherry picked from commit 5a274db4ea363d6b0b92933f085a92daaf1be2f2) - -diff --git a/sysdeps/i386/start.S b/sysdeps/i386/start.S -index 91035fa83fb7ee38..e35e9bd31b2cea30 100644 ---- a/sysdeps/i386/start.S -+++ b/sysdeps/i386/start.S -@@ -52,10 +52,11 @@ - NULL - */ - -- .text -- .globl _start -- .type _start,@function --_start: -+#include -+ -+ENTRY (_start) -+ /* Clearing frame pointer is insufficient, use CFI. */ -+ cfi_undefined (eip) - /* Clear the frame pointer. The ABI suggests this be done, to mark - the outermost frame obviously. */ - xorl %ebp, %ebp -@@ -131,6 +132,7 @@ _start: - 1: movl (%esp), %ebx - ret - #endif -+END (_start) - - /* To fulfill the System V/i386 ABI we need this symbol. Yuck, it's so - meaningless since we don't support machines < 80386. */ diff --git a/glibc.spec b/glibc.spec index be85958..98b9abb 100644 --- a/glibc.spec +++ b/glibc.spec @@ -1,6 +1,6 @@ -%define glibcsrcdir glibc-2.28 +%define glibcsrcdir glibc-2.28-34-gfc0e3393ff %define glibcversion 2.28 -%define glibcrelease 17%{?dist} +%define glibcrelease 18%{?dist} # Pre-release tarballs are pulled in from git using a command that is # effectively: # @@ -159,20 +159,7 @@ Patch18: glibc-c-utf8-locale.patch Patch23: glibc-python3.patch Patch24: glibc-with-nonshared-cflags.patch Patch25: glibc-asflags.patch -Patch27: glibc-rh1614705.patch Patch28: glibc-rh1615608.patch -Patch29: glibc-error-va_end.patch -Patch30: glibc-nscd-leak.patch -Patch31: glibc-nss_files-leak.patch -Patch32: glibc-rh1622669.patch -Patch33: glibc-1622674-1.patch -Patch34: glibc-1622674-2.patch -Patch35: glibc-rh1631338-1.patch -Patch36: glibc-rh1631338-2.patch -Patch37: glibc-rh1623519.patch -Patch38: glibc-rh1631719.patch -Patch39: glibc-rh1631728.patch -Patch40: glibc-rh1623519-2.patch ############################################################################## # Continued list of core "glibc" package information: @@ -1914,6 +1901,36 @@ fi %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared %changelog +* Wed Nov 07 2018 Florian Weimer - 2.28-18 +- Drop patches that were applied to upstream release/2.28/master branch: + glibc-rh1614705.patch + glibc-rh1615608.patch + glibc-error-va_end.patch + glibc-nscd-leak.patch + glibc-nss_files-leak.patch + glibc-rh1622669.patch + glibc-1622674-1.patch + glibc-1622674-2.patch + glibc-rh1631338-1.patch + glibc-rh1631338-2.patch + glibc-rh1623519.patch + glibc-rh1631719.patch + glibc-rh1631728.patch + glibc-rh1623519-2.patch +- Auto-sync with upstream branch release/2.28/master, + commit fc0e3393ff775aa795b523083bb0db7f18d3b91e: +- RISC-V: Move libc_fesetround_riscv after libc_feholdexcept_riscv +- pthread_spawn: Fix potential segfault in maybe_script_execute +- preadv2/pwritev2: Fix misreported errno (swbz#23579) +- kl_GL: Fix spelling of Sunday, should be "sapaat" (swbz#20209) +- i386: Use _dl_runtime_[resolve|profile]_shstk for SHSTK (swbz#23716) +- pthread_mutex_lock: Fix race while promoting to PTHREAD_MUTEX_ELISION_NP + (swbz#23275) +- signal: Use correct type for si_band in siginfo_t (swbz#23562) +- stdlib/test-bz22786: Avoid spurious test failures using alias mappings +- x86: Fix Haswell CPU string flags (swbz#23709) +- libanl: Fix crash if first helper thread creation failed (swbz#22927) + * Thu Nov 1 2018 Mike FABIAN - 2.28-17 - Include Esperanto (eo) in glibc-all-langpacks (#1643756) diff --git a/sources b/sources index d22bddf..ab7fa23 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (glibc-2.28.tar.xz) = 521f820953ff07c69ece4c2186f59fc061a7f9747932cd70ef2995c2b2deee76eeb6de700d85071cdca5949179aa8ccee75eda7feca1394121ec7b821ad0a3f3 +SHA512 (glibc-2.28-34-gfc0e3393ff.tar.xz) = 5f454bff7302eaeb608deec40debdab4dc770fbc44026d0b7e11d0ac4d7a4a8a7018b2c58b21344e539da44e81b9d1c8031baee74c73680ced49102326fb042b