Compare commits

...

27 Commits
master ... f21

Author SHA1 Message Date
Jaromir Capik
ad1a353378 Adding BUILD_CC to the STAGE1 bootstrap recipes 2015-12-03 15:24:06 +01:00
Jaromir Capik
55304e7036 Fix for early stage2 SIGSEGV + 32-bit TARGET rework 2015-11-05 17:57:45 +01:00
Jaromir Capik
676ad9ab98 Adding STAGE1 bootstrap recipes 2015-06-18 19:51:23 +02:00
Siddhesh Poyarekar
cfa5cfd56f Fix segmentation fault when LD_LIBRARY_PATH contains only non-existing paths (#1184234) 2015-02-27 17:17:29 +05:30
Siddhesh Poyarekar
a2bbe283f4 scanf allocates too little memory (CVE-2015-1472, #1188237) 2015-02-27 16:39:13 +05:30
Siddhesh Poyarekar
ad163810f2 Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, #1175370) 2015-02-27 16:34:43 +05:30
Siddhesh Poyarekar
07eee66da3 CVE-2014-7817: wordexp fails to honour WRDE_NOCMD (#1167569). 2015-02-27 16:00:06 +05:30
Siddhesh Poyarekar
646364078f Fix up changelog 2015-01-06 21:18:35 +05:30
Siddhesh Poyarekar
a899894f5e Add %%lang tags to language locale files in /usr/share/i18n/locale (#1169044) 2015-01-06 21:10:23 +05:30
Siddhesh Poyarekar
085d92e0c5 Use the %%find_lang macro to get the *.mo files (#1167445) 2015-01-06 21:09:53 +05:30
Siddhesh Poyarekar
4a55c418ef Fix changelog comment 2015-01-06 21:09:33 +05:30
Siddhesh Poyarekar
139db7fbe4 Don't own any directories in /usr/share/locale 2015-01-06 21:08:51 +05:30
Siddhesh Poyarekar
3fb675bb3f Remove LIB_LANG
glibc no longer installs files in /usr/lib/locale, so we don't need to
have hacks in place for it anymore.
2015-01-06 21:08:27 +05:30
Siddhesh Poyarekar
7ef14d54fb Enable lock elision again on s390 and s390x
Conflicts:
	glibc.spec
2014-10-01 15:09:04 +05:30
Carlos O'Donell
f60aa2d629 Resolves: #1146967
- Disable more Intel TSX usage in rwlocks (#1146967).
2014-09-27 12:31:11 -04:00
Carlos O'Donell
f4db47775a Resolves: #1146967.
- Disable lock elision support for Intel hardware until microcode
  updates can be done in early bootup (#1146967).
2014-09-26 11:33:51 -04:00
Siddhesh Poyarekar
9cf951ff99 Don't own common debuginfo directories.
Conflicts:
	glibc.spec

(cherry-picked from 7007495c88)
2014-09-23 23:04:59 +05:30
Siddhesh Poyarekar
f02067f353 Make __extern_always_inline usable on clang++ again
Resolves: #1133508
2014-09-16 22:45:54 +05:30
Siddhesh Poyarekar
d61fdfcf3b Rebase to upstream release 2.20
No rebases from master on this branch from now on.
2014-09-08 14:37:31 +05:30
Carlos O'Donell
56389beda5 Merge 'master' into f21 2014-09-06 14:19:37 -04:00
Siddhesh Poyarekar
1d9b8cb932 Merge branch 'master' into f21 2014-08-26 15:03:47 +05:30
Dennis Gilmore
0f87ab5452 Merge branch 'master' into f21 2014-08-22 14:20:09 -05:00
Kevin Fenzi
2960472177 Merge remote-tracking branch 'origin/master' into f21 2014-08-21 11:58:11 -06:00
Dennis Gilmore
5cf10b5a9a Merge branch 'master' into f21 2014-08-19 10:57:25 -05:00
Siddhesh Poyarekar
4b8ee3b95b Merge branch 'master' into f21 2014-08-14 00:07:23 +05:30
Siddhesh Poyarekar
b9d3cdc0e8 Merge branch 'master' into f21
Conflicts:
	glibc.spec
2014-07-30 13:39:20 +05:30
Tom Callaway
00779c7114 fix license handling 2014-07-12 11:16:44 -04:00
11 changed files with 752 additions and 57 deletions

97
STAGE1-glibc Normal file
View File

@ -0,0 +1,97 @@
srpm glibc
# setup glibc
# This path MUST be relative, not absolute
GV=$(cd $SRC; echo glibc-2*)
if [ "$TARGET_ARCH" == "armv7hl" ]; then
# rtkaio not supported on ARM
rm -rf $SRC/$GV/rtkaio
fi
GLIBCARGS="--prefix=/usr
--with-headers=$ROOTFS/usr/include
--enable-kernel=2.6.32
--enable-bind-now
--build $BUILD
--host $TARGET
--disable-profile
--cache-file=config.cache
--without-cvs
--with-elf
--without-gd
--disable-sanity-checks
--with-tls
--with-__thread
--enable-obsolete-rpc
"
mcd $BUILDDIR/glibc
# prefill glibc cache
echo libc_cv_forced_unwind=yes > config.cache
echo libc_cv_c_cleanup=yes >> config.cache
#echo libc_cv_ctors_header=yes >> config.cache
echo ac_cv_header_cpuid_h=yes >> config.cache
echo libc_cv_gcc_builtin_expect=yes >> config.cache
$SRC/$GV/configure $GLIBCARGS
notparallel
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install
( cd $ROOTFS/usr/include/bits
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
mv mathdef.h.new mathdef.h
)
# 32-bit multilib libgcc needs 32-bit headers
if [ ! "$TARGET32" = "" ]; then
old_CC=$CC
old_CXX=$CC
export CC="$TARGET-gcc -m32"
export CXX="$TARGET-g++ -m32"
GLIBCARGS="--prefix=/usr
--with-headers=$ROOTFS/usr/include
--enable-kernel=2.6.32
--enable-bind-now
--build $BUILD
--host $TARGET32
--disable-profile
--cache-file=config.cache
--without-cvs
--with-elf
--without-gd
--disable-sanity-checks
--with-tls
--with-__thread
--enable-obsolete-rpc
"
mcd $BUILDDIR/glibc32
# prefill glibc cache
echo libc_cv_forced_unwind=yes > config.cache
echo libc_cv_c_cleanup=yes >> config.cache
echo libc_cv_ctors_header=yes >> config.cache
echo ac_cv_header_cpuid_h=yes >> config.cache
echo libc_cv_gcc_builtin_expect=yes >> config.cache
$SRC/$GV/configure $GLIBCARGS
notparallel
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install
( cd $ROOTFS/usr/include/bits
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
mv mathdef.h.new mathdef.h
)
CC=$old_CC
CXX=$old_CXX
export $CC
export $CXX
fi

117
STAGE1-glibc-headers Normal file
View File

@ -0,0 +1,117 @@
set -vx
srpm glibc
# setup glibc
# This path MUST be relative, not absolute
GV=$(cd $SRC; echo glibc-2*)
GLIBCARGS="--prefix=/usr
--with-headers=$ROOTFS/usr/include
--enable-kernel=2.6.32
--enable-bind-now
--build $BUILD
--host $TARGET
--disable-profile
--cache-file=config.cache
--without-cvs
--with-elf
--without-gd
--disable-sanity-checks
--with-tls
--with-__thread
--enable-obsolete-rpc
"
mcd $BUILDDIR/glibc-stage1
# prefill glibc cache
echo libc_cv_forced_unwind=yes > config.cache
echo libc_cv_c_cleanup=yes >> config.cache
#echo libc_cv_ctors_header=yes >> config.cache
echo ac_cv_header_cpuid_h=yes >> config.cache
echo libc_cv_gcc_builtin_expect=yes >> config.cache
$SRC/$GV/configure $GLIBCARGS
notparallel
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install-headers
touch $ROOTFS/usr/include/gnu/stubs.h
touch $ROOTFS/usr/include/bits/stdio_lim.h
( cd $ROOTFS/usr/include/bits
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
mv mathdef.h.new mathdef.h
)
# We also build just enough files to link libgcc.so. The fake
# libc.so will never actually get used, but simplifies the boostrap.
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes csu/subdir_lib
mkdirp $ROOTFS/usr/lib${SUFFIX}
for file in `cd csu; echo crt*.o`; do
echo "" | $TARGET-as -o $ROOTFS/usr/lib${SUFFIX}/$file
done
$TARGET-gcc -nostdlib -nostartfiles -shared -x c /dev/null\
-o $ROOTFS/usr/lib${SUFFIX}/libc.so
# 32-bit multilib libgcc needs stub 32-bit libraries
if [ ! "$TARGET32" = "" ]; then
old_CC=$CC
old_CXX=$CC
export CC="$TARGET-gcc -m32"
export CXX="$TARGET-g++ -m32"
# setup 32-bit glibc headers
GLIBCARGS="--prefix=/usr
--with-headers=$ROOTFS/usr/include
--enable-kernel=2.6.32
--enable-bind-now
--build $BUILD
--host $TARGET32
--disable-profile
--cache-file=config.cache
--without-cvs
--with-elf
--without-gd
--disable-sanity-checks
--with-tls
--with-__thread
--enable-obsolete-rpc
"
mcd $BUILDDIR/glibc32-stage1
# prefill glibc cache
echo libc_cv_forced_unwind=yes > config.cache
echo libc_cv_c_cleanup=yes >> config.cache
#echo libc_cv_ctors_header=yes >> config.cache
echo ac_cv_header_cpuid_h=yes >> config.cache
echo libc_cv_gcc_builtin_expect=yes >> config.cache
$SRC/$GV/configure $GLIBCARGS
notparallel
make DESTDIR=$ROOTFS $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes install-headers
touch $ROOTFS/usr/include/gnu/stubs.h
touch $ROOTFS/usr/include/bits/stdio_lim.h
( cd $ROOTFS/usr/include/bits
sed '/ifndef.*NO_LONG_DOUBLE/,/#endif/d' < mathdef.h > mathdef.h.new
mv mathdef.h.new mathdef.h
)
# We also build just enough files to link libgcc.so. The fake
# libc.so will never actually get used, but simplifies the boostrap.
make $J ARCH=${KARCH} BUILD_CC=gcc cross-compiling=yes csu/subdir_lib
mkdirp $ROOTFS/usr/lib
for file in `cd csu; echo crt*.o`; do
echo "" | $TARGET-as --32 -o $ROOTFS/usr/lib/$file
done
$CC -m32 -nostdlib -nostartfiles -shared -x c /dev/null\
-o $ROOTFS/usr/lib/libc.so
CC=$old_CC
CXX=$old_CXX
export $CC
export $CXX
fi

View File

@ -0,0 +1,22 @@
diff -urN glibc-2.20.mod/sysdeps/unix/sysv/linux/x86/elision-conf.c glibc-2.20/sysdeps/unix/sysv/linux/x86/elision-conf.c
--- glibc-2.20.mod/sysdeps/unix/sysv/linux/x86/elision-conf.c 2014-09-27 00:25:46.443462345 -0400
+++ glibc-2.20/sysdeps/unix/sysv/linux/x86/elision-conf.c 2014-09-27 00:29:53.586615813 -0400
@@ -62,12 +62,16 @@
char **argv __attribute__ ((unused)),
char **environ)
{
- __elision_available = HAS_RTM;
#ifdef ENABLE_LOCK_ELISION
+ __elision_available = HAS_RTM;
__pthread_force_elision = __libc_enable_secure ? 0 : __elision_available;
-#endif
if (!HAS_RTM)
__elision_aconf.retry_try_xbegin = 0; /* Disable elision on rwlocks */
+#else
+ __elision_available = 0;
+ __pthread_force_elision = 0;
+ __elision_aconf.retry_try_xbegin = 0;
+#endif
}
#ifdef SHARED

View File

@ -1,36 +1,48 @@
From 0998aff9be4f0a25b7a822c4f28e832d367977c6 Mon Sep 17 00:00:00 2001
From: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Wed, 13 Aug 2014 23:28:18 +0530
Subject: [PATCH] Revert to defining __extern_inline only for gcc-4.3+
commit 884ddc5081278f488ef8cd49951f41cfdbb480ce
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Tue Sep 16 14:08:48 2014 +0530
The check for only __GNUC_STDC_INLINE__ and __GNUC_GNU_INLINE__ may
not be sufficient since those flags were added during initial support
for C99 inlining semantics. There is also a problem with always
defining __extern_inline and __extern_always_inline, since it enables
inline wrapper functions even when GNU inlining semantics are not
guaranteed. This, along with the possibility of such wrappers using
redirection (btowc for example) could result in compiler generating an
infinitely recusrive call to the function.
Revert to defining __extern_inline only for gcc-4.3+ (BZ #17266)
In fact it was such a recursion that led to this code being written
the way it was; see:
The check for only __GNUC_STDC_INLINE__ and __GNUC_GNU_INLINE__ may
not be sufficient since those flags were added during initial support
for C99 inlining semantics. There is also a problem with always
defining __extern_inline and __extern_always_inline, since it enables
inline wrapper functions even when GNU inlining semantics are not
guaranteed. This, along with the possibility of such wrappers using
redirection (btowc for example) could result in compiler generating an
infinitely recusrive call to the function.
https://bugzilla.redhat.com/show_bug.cgi?id=186410
In fact it was such a recursion that led to this code being written
the way it was; see:
The initial change was to fix bugs 14530 and 13741, but they can be
resolved by checking if __fortify_function and/or
__extern_always_inline are defined, as it has been done in this patch.
In addition, I have audited uses of __extern_always_inline to make
sure that none of the uses result in compilation errors.
https://bugzilla.redhat.com/show_bug.cgi?id=186410
There is however a regression in this patch for llvm, since it reverts
the llvm expectation that __GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__
definition imply proper extern inline semantics.
---
libio/stdio.h | 2 +-
math/bits/math-finite.h | 8 +++++---
misc/sys/cdefs.h | 18 ++++++++----------
3 files changed, 14 insertions(+), 14 deletions(-)
The initial change was to fix bugs 14530 and 13741, but they can be
resolved by checking if __fortify_function and/or
__extern_always_inline are defined, as it has been done in this patch.
In addition, I have audited uses of __extern_always_inline to make
sure that none of the uses result in compilation errors.
There is however a regression in this patch for llvm, since it reverts
the llvm expectation that __GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__
definition imply proper extern inline semantics.
2014-09-16 Siddhesh Poyarekar <siddhesh@redhat.com>
Jakub Jelinek <jakub@redhat.com>
[BZ #17266]
* libio/stdio.h: Check definition of __fortify_function
instead of __extern_always_inline to include bits/stdio2.h.
* math/bits/math-finite.h [__USE_XOPEN || __USE_ISOC99]: Also
check if __extern_always_inline is defined.
[__USE_MISC || __USE_XOPEN]: Likewise.
[__USE_ISOC99] Likewise.
* misc/sys/cdefs.h (__fortify_function): Define only if
__extern_always_inline is defined.
[!__cplusplus || __GNUC_PREREQ (4,3)]: Revert to defining
__extern_always_inline and __extern_inline only for g++-4.3
and newer or a compatible gcc.
diff --git a/libio/stdio.h b/libio/stdio.h
index d8c0bdb..1f4f837 100644
@ -79,7 +91,7 @@ index aa755de..0656645 100644
extern double __gamma_r_finite (double, int *);
__extern_always_inline double __NTH (tgamma (double __d))
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
index 04db956..d8ee73c 100644
index 04db956..01e81ba 100644
--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
@@ -131,7 +131,6 @@
@ -90,7 +102,7 @@ index 04db956..d8ee73c 100644
#if __GNUC_PREREQ (4,3)
# define __warndecl(name, msg) \
@@ -318,12 +317,10 @@
@@ -318,12 +317,13 @@
# define __attribute_artificial__ /* Ignore */
#endif
@ -101,13 +113,16 @@ index 04db956..d8ee73c 100644
- defined, this version of GCC only supports GNU inline semantics. */
-# if defined __GNUC_STDC_INLINE__ || defined __GNUC_GNU_INLINE__
+/* GCC 4.3 and above with -std=c99 or -std=gnu99 implements ISO C99
+ inline semantics, unless -fgnu89-inline is used. */
+ inline semantics, unless -fgnu89-inline is used. Using __GNUC_STDC_INLINE__
+ or __GNUC_GNU_INLINE is not a good enough check for gcc because gcc versions
+ older than 4.3 may define these macros and still not guarantee GNU inlining
+ semantics. */
+#if !defined __cplusplus || __GNUC_PREREQ (4,3)
+# if defined __GNUC_STDC_INLINE__ || defined __cplusplus
# define __extern_inline extern __inline __attribute__ ((__gnu_inline__))
# define __extern_always_inline \
extern __always_inline __attribute__ ((__gnu_inline__))
@@ -331,9 +328,10 @@
@@ -331,9 +331,10 @@
# define __extern_inline extern __inline
# define __extern_always_inline extern __always_inline
# endif
@ -121,6 +136,3 @@ index 04db956..d8ee73c 100644
#endif
/* GCC 4.3 and above allow passing all anonymous arguments of an
--
1.9.3

69
glibc-rh1133508.patch Normal file
View File

@ -0,0 +1,69 @@
commit 602f80ec8b966cfad3b61914cbe14ee606cedf6e
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Tue Sep 16 22:16:01 2014 +0530
Make __extern_always_inline usable on clang++ again
The fix for BZ #17266 (884ddc5081278f488ef8cd49951f41cfdbb480ce)
removed changes that had gone into cdefs.h to make
__extern_always_inline usable with clang++. This patch adds back
support for clang to detect if GNU inlining semantics are available,
this time without breaking the gcc use case. The check put here is
based on the earlier patch and assertion[1] that checking if
__GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__ is defined is sufficient
to determine that clang++ suports GNU inlining semantics.
Tested with a simple program that builds with __extern_always_inline
with the patch and fails compilation without it.
#include <stdio.h>
#include <sys/cdefs.h>
extern void foo_alias (void) __asm ("foo");
__extern_always_inline void
foo (void)
{
puts ("hi oh world!");
return foo_alias ();
}
void
foo_alias (void)
{
puts ("hell oh world");
}
int
main ()
{
foo ();
}
[1] https://sourceware.org/ml/libc-alpha/2012-12/msg00306.html
[BZ #17266]
* misc/sys/cdefs.h: Define __extern_always_inline for clang
4.2 and newer.
diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h
index 01e81ba..711ac1d 100644
--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
@@ -321,8 +321,14 @@
inline semantics, unless -fgnu89-inline is used. Using __GNUC_STDC_INLINE__
or __GNUC_GNU_INLINE is not a good enough check for gcc because gcc versions
older than 4.3 may define these macros and still not guarantee GNU inlining
- semantics. */
-#if !defined __cplusplus || __GNUC_PREREQ (4,3)
+ semantics.
+
+ clang++ identifies itself as gcc-4.2, but has support for GNU inlining
+ semantics, that can be checked fot by using the __GNUC_STDC_INLINE_ and
+ __GNUC_GNU_INLINE__ macro definitions. */
+#if (!defined __cplusplus || __GNUC_PREREQ (4,3) \
+ || (defined __clang__ && (defined __GNUC_STDC_INLINE__ \
+ || defined __GNUC_GNU_INLINE__)))
# if defined __GNUC_STDC_INLINE__ || defined __cplusplus
# define __extern_inline extern __inline __attribute__ ((__gnu_inline__))
# define __extern_always_inline \

164
glibc-rh1167569.patch Normal file
View File

@ -0,0 +1,164 @@
commit 33ceaf6187b31ea15284ac65131749e1cb68d2ae
Author: Carlos O'Donell <carlos@redhat.com>
Date: Wed Nov 19 11:44:12 2014 -0500
CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
We expand the testsuite and add 3 new regression tests of roughly
the same form but with a couple of nested levels.
On top of the 3 new tests we add fork validation to the WRDE_NOCMD
testing. If any forks are detected during the execution of a wordexp()
call with WRDE_NOCMD, the test is marked as failed. This is slightly
heuristic since vfork might be used in the future, but it provides a
higher level of assurance that no shells were executed as part of
command substitution with WRDE_NOCMD in effect. In addition it doesn't
require libpthread or libdl, instead we use the public implementation
namespace function __register_atfork (already part of the public ABI
for libpthread).
Tested on x86_64 with no regressions.
(cherry picked from commit a39208bd7fb76c1b01c127b4c61f9bfd915bfe7c)
diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c
index 4957006..bdd65e4 100644
--- a/posix/wordexp-test.c
+++ b/posix/wordexp-test.c
@@ -27,6 +27,25 @@
#define IFS " \n\t"
+extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden")));
+extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *);
+
+static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void))
+{
+ return __register_atfork (prepare, parent, child,
+ &__dso_handle == NULL ? NULL : __dso_handle);
+}
+
+/* Number of forks seen. */
+static int registered_forks;
+
+/* For each fork increment the fork count. */
+static void
+register_fork (void)
+{
+ registered_forks++;
+}
+
struct test_case_struct
{
int retval;
@@ -206,6 +225,12 @@ struct test_case_struct
{ WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS },
{ WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS },
{ WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS },
+ /* Test for CVE-2014-7817. We test 3 combinations of command
+ substitution inside an arithmetic expression to make sure that
+ no commands are executed and error is returned. */
+ { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS },
+ { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS },
+ { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS },
{ -1, NULL, NULL, 0, 0, { NULL, }, IFS },
};
@@ -258,6 +283,15 @@ main (int argc, char *argv[])
return -1;
}
+ /* If we are not allowed to do command substitution, we install
+ fork handlers to verify that no forks happened. No forks should
+ happen at all if command substitution is disabled. */
+ if (__app_register_atfork (register_fork, NULL, NULL) != 0)
+ {
+ printf ("Failed to register fork handler.\n");
+ return -1;
+ }
+
for (test = 0; test_case[test].retval != -1; test++)
if (testit (&test_case[test]))
++fail;
@@ -367,6 +401,9 @@ testit (struct test_case_struct *tc)
printf ("Test %d (%s): ", ++tests, tc->words);
+ if (tc->flags & WRDE_NOCMD)
+ registered_forks = 0;
+
if (tc->flags & WRDE_APPEND)
{
/* initial wordexp() call, to be appended to */
@@ -378,6 +415,13 @@ testit (struct test_case_struct *tc)
}
retval = wordexp (tc->words, &we, tc->flags);
+ if ((tc->flags & WRDE_NOCMD)
+ && (registered_forks > 0))
+ {
+ printf ("FAILED fork called for WRDE_NOCMD\n");
+ return 1;
+ }
+
if (tc->flags & WRDE_DOOFFS)
start_offs = sav_we.we_offs;
diff --git a/posix/wordexp.c b/posix/wordexp.c
index b6b65dd..26f3a26 100644
--- a/posix/wordexp.c
+++ b/posix/wordexp.c
@@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size_t *word_length, size_t *max_length,
pid_t pid;
int noexec = 0;
+ /* Do nothing if command substitution should not succeed. */
+ if (flags & WRDE_NOCMD)
+ return WRDE_CMDSUB;
+
/* Don't fork() unless necessary */
if (!comm || !*comm)
return 0;
@@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word_length, size_t *max_length,
}
}
- if (flags & WRDE_NOCMD)
- return WRDE_CMDSUB;
-
(*offset) += 2;
return parse_comm (word, word_length, max_length, words, offset, flags,
quoted? NULL : pwordexp, ifs, ifs_white);
@@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_length, size_t *max_length,
break;
case '`':
- if (flags & WRDE_NOCMD)
- return WRDE_CMDSUB;
-
++(*offset);
error = parse_backtick (word, word_length, max_length, words,
offset, flags, NULL, NULL, NULL);
@@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *pwordexp, int flags)
break;
case '`':
- if (flags & WRDE_NOCMD)
- {
- error = WRDE_CMDSUB;
- goto do_error;
- }
-
++words_offset;
error = parse_backtick (&word, &word_length, &max_length, words,
&words_offset, flags, pwordexp, ifs,

21
glibc-rh1175370.patch Normal file
View File

@ -0,0 +1,21 @@
commit 11e3417af6e354f1942c68a271ae51e892b2814d
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 15 17:41:13 2014 +0100
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
index 0a77c8b..08cf0a6 100644
--- a/resolv/nss_dns/dns-network.c
+++ b/resolv/nss_dns/dns-network.c
@@ -398,8 +398,8 @@ getanswer_r (const querybuf *answer, int anslen, struct netent *result,
case BYNAME:
{
- char **ap = result->n_aliases++;
- while (*ap != NULL)
+ char **ap;
+ for (ap = result->n_aliases; *ap != NULL; ++ap)
{
/* Check each alias name for being of the forms:
4.3.2.1.in-addr.arpa = net 1.2.3.4

23
glibc-rh1184234.patch Normal file
View File

@ -0,0 +1,23 @@
commit 9317ea653afc26402387cac67042f9890af6add2
Author: Bram <bug_rh@spam.wizbit.be>
Date: Thu Apr 18 16:50:49 2013 +0200
Fix segmentation fault when LD_LIBRARY_PATH contains only non-existings paths
diff --git a/elf/dl-load.c b/elf/dl-load.c
index 73174aa..41b91fc 100644
--- a/elf/dl-load.c
+++ b/elf/dl-load.c
@@ -1889,9 +1889,9 @@ open_path (const char *name, size_t namelen, int mode,
if (sps->malloced)
free (sps->dirs);
- /* rtld_search_dirs is attribute_relro, therefore avoid writing
- into it. */
- if (sps != &rtld_search_dirs)
+ /* rtld_search_dirs and env_path_list are attribute_relro, therefore
+ avoid writing into it. */
+ if (sps != &rtld_search_dirs && sps != &env_path_list)
sps->dirs = (void *) -1;
}

93
glibc-rh1188237.patch Normal file
View File

@ -0,0 +1,93 @@
commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
diff --git a/stdio-common/tst-sscanf.c b/stdio-common/tst-sscanf.c
index aece3f2..8a2eb9e 100644
--- a/stdio-common/tst-sscanf.c
+++ b/stdio-common/tst-sscanf.c
@@ -233,5 +233,38 @@ main (void)
}
}
+ /* BZ #16618
+ The test will segfault during SSCANF if the buffer overflow
+ is not fixed. The size of `s` is such that it forces the use
+ of malloc internally and this triggers the incorrect computation.
+ Thus the value for SIZE is arbitrariy high enough that malloc
+ is used. */
+ {
+#define SIZE 131072
+ CHAR *s = malloc ((SIZE + 1) * sizeof (*s));
+ if (s == NULL)
+ abort ();
+ for (size_t i = 0; i < SIZE; i++)
+ s[i] = L('0');
+ s[SIZE] = L('\0');
+ int i = 42;
+ /* Scan multi-digit zero into `i`. */
+ if (SSCANF (s, L("%d"), &i) != 1)
+ {
+ printf ("FAIL: bug16618: SSCANF did not read one input item.\n");
+ result = 1;
+ }
+ if (i != 0)
+ {
+ printf ("FAIL: bug16618: Value of `i` was not zero as expected.\n");
+ result = 1;
+ }
+ free (s);
+ if (result != 1)
+ printf ("PASS: bug16618: Did not crash.\n");
+#undef SIZE
+ }
+
+
return result;
}
diff --git a/stdio-common/vfscanf.c b/stdio-common/vfscanf.c
index cd129a8..0e204e7 100644
--- a/stdio-common/vfscanf.c
+++ b/stdio-common/vfscanf.c
@@ -272,9 +272,10 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
if (__glibc_unlikely (wpsize == wpmax)) \
{ \
CHAR_T *old = wp; \
- size_t newsize = (UCHAR_MAX + 1 > 2 * wpmax \
- ? UCHAR_MAX + 1 : 2 * wpmax); \
- if (use_malloc || !__libc_use_alloca (newsize)) \
+ bool fits = __glibc_likely (wpmax <= SIZE_MAX / sizeof (CHAR_T) / 2); \
+ size_t wpneed = MAX (UCHAR_MAX + 1, 2 * wpmax); \
+ size_t newsize = fits ? wpneed * sizeof (CHAR_T) : SIZE_MAX; \
+ if (!__libc_use_alloca (newsize)) \
{ \
wp = realloc (use_malloc ? wp : NULL, newsize); \
if (wp == NULL) \
@@ -286,14 +287,13 @@ _IO_vfscanf_internal (_IO_FILE *s, const char *format, _IO_va_list argptr,
} \
if (! use_malloc) \
MEMCPY (wp, old, wpsize); \
- wpmax = newsize; \
+ wpmax = wpneed; \
use_malloc = true; \
} \
else \
{ \
size_t s = wpmax * sizeof (CHAR_T); \
- wp = (CHAR_T *) extend_alloca (wp, s, \
- newsize * sizeof (CHAR_T)); \
+ wp = (CHAR_T *) extend_alloca (wp, s, newsize); \
wpmax = s / sizeof (CHAR_T); \
if (old != NULL) \
MEMCPY (wp, old, wpsize); \

View File

@ -1,6 +1,6 @@
%define glibcsrcdir glibc-2.19-886-gdd763fd
%define glibcversion 2.19.90
%define glibcrelease 36%{?dist}
%define glibcsrcdir glibc-2.20
%define glibcversion 2.20
%define glibcrelease 8%{?dist}
# Pre-release tarballs are pulled in from git using a command that is
# effectively:
#
@ -9,7 +9,7 @@
# gzip -9 $(git describe --match 'glibc-*').tar
#
# glibc_release_url is only defined when we have a release tarball.
# % define glibc_release_url http://ftp.gnu.org/gnu/glibc/
%define glibc_release_url http://ftp.gnu.org/gnu/glibc/
##############################################################################
# If run_glibc_tests is zero then tests are not run for the build.
# You must always set run_glibc_tests to one for production builds.
@ -21,6 +21,15 @@
# to provide a more optimized version of the package for your arch.
%define auxarches athlon alphaev6
##############################################################################
# Enable lock elision support for these architectures
#
# At the moment lock elision is disabled on x86_64 until there's a CPU that
# would actually benefit from enabling it. Intel released a microcode update
# to disable HLE and RTM at boot and the Fedora kernel now applies it early
# enough that keeping lock elision enabled should be harmless, but we have
# disabled it anyway as a conservative measure.
%define lock_elision_arches s390 s390x
##############################################################################
# We build a special package for Xen that includes TLS support with
# no negative segment offsets for use with Xen guests. This is
# purely an optimization for increased performance on those arches.
@ -185,19 +194,23 @@ Patch0046: %{name}-rh1013801.patch
Patch0047: %{name}-nscd-sysconfig.patch
Patch0048: %{name}-rh1133134-i386-tlsinit.patch
Patch0049: %{name}-rh1119128.patch
# Allow up to 32 libraries to use static TLS. Should go upstream after
# more testing.
Patch0050: %{name}-rh1124987.patch
# Disable rwlock elision if --enable-lock-elision is not used.
Patch0051: %{name}-disable-rwlock-elision.patch
##############################################################################
#
# Patches from upstream
#
##############################################################################
Patch1001: %{name}-rh1133508.patch
Patch1002: %{name}-rh1167569.patch
Patch1003: %{name}-rh1175370.patch
Patch1004: %{name}-rh1188237.patch
Patch1005: %{name}-rh1184234.patch
##############################################################################
#
@ -563,9 +576,13 @@ package or when debugging this package.
%patch2033 -p1
%patch2034 -p1
%patch2035 -p1
%patch0048 -p1
%patch0049 -p1
%patch0050 -p1
%patch1001 -p1
%patch0051 -p1
%patch1002 -p1
%patch1003 -p1
%patch1004 -p1
%patch1005 -p1
##############################################################################
# %%prep - Additional prep required...
@ -711,7 +728,9 @@ build()
%ifarch ppc64p7
--with-cpu=power7 \
%endif
%ifarch %{lock_elision_arches}
--enable-lock-elision \
%endif
--disable-profile --enable-nss-crypt ||
{ cat config.log; false; }
@ -1074,24 +1093,32 @@ rm -f $RPM_BUILD_ROOT%{_prefix}/lib/debug%{_libdir}/*_p.a
-printf "%%%%verify(not md5 size mtime) " \
, \
! -path "*/lib/debug/*" -printf "/%%P\n" \)
# Print all directories with a %%dir prefix. We omit the info directory and
# all directories in (and including) /usr/share/locale.
find $RPM_BUILD_ROOT -type d \
\( -path '*%{_prefix}/share/locale' -prune -o \
\( -path '*%{_prefix}/share/*' ! -path '*%{_infodir}' -o \
-path "*%{_prefix}/include/*" \
\) -printf "%%%%dir /%%P\n"
\) -printf "%%%%dir /%%P\n" \)
} | {
# primary filelist
SHARE_LANG='s|.*/share/locale/\([^/_]\+\).*/LC_MESSAGES/.*\.mo|%lang(\1) &|'
LIB_LANG='s|.*/lib/locale/\([^/_]\+\)|%lang(\1) &|'
# rpm does not handle %lang() tagged files hardlinked together accross
# languages very well, temporarily disable
LIB_LANG=''
sed -e "$LIB_LANG" -e "$SHARE_LANG" \
# Add %%lang entries for language-specific locale files. This allows users
# to set %%_install_lang and not install the unnecessary locale files.
I18N_LANG='s|.*/share/i18n/locales/\([a-z]\{2\}[a-z]\?\)_[A-Z]\{2\}.*|%lang(\1) &|'
# Remove the *.mo entries. We will add that using %%find_lang
sed -e '\,.*/share/locale/\([^/_]\+\).*/LC_MESSAGES/.*\.mo,d' \
-e "$I18N_LANG" \
-e '\,/etc/\(localtime\|nsswitch.conf\|ld\.so\.conf\|ld\.so\.cache\|default\|rpc\|gai\.conf\),d' \
-e '\,/%{_lib}/lib\(pcprofile\|memusage\)\.so,d' \
-e '\,bin/\(memusage\|mtrace\|xtrace\|pcprofiledump\),d'
} | sort > rpm.filelist
# Our *.mo files. Put them in glibc-common.
%find_lang libc
mv libc.lang common.filelist
mkdir -p $RPM_BUILD_ROOT%{_libdir}
mv -f $RPM_BUILD_ROOT/%{_lib}/lib{pcprofile,memusage}.so $RPM_BUILD_ROOT%{_libdir}
@ -1371,6 +1398,24 @@ mv debuginfocommon2.filelist debuginfocommon.filelist
sort -u debuginfo.filelist > debuginfo2.filelist
mv debuginfo2.filelist debuginfo.filelist
# Remove some common directories from the common package debuginfo so that we
# don't end up owning them.
exclude_common_dirs()
{
exclude_dirs="%{_prefix}/src/debug"
exclude_dirs="$exclude_dirs $(echo %{_prefix}/lib/debug{,/%{_lib},/bin,/sbin})"
exclude_dirs="$exclude_dirs $(echo %{_prefix}/lib/debug%{_prefix}{,/%{_lib},/libexec,/bin,/sbin})"
for d in $(echo $exclude_dirs | sed 's/ /\n/g'); do
sed -i "\|^%%dir $d/\?$|d" $1
done
}
%ifarch %{debuginfocommonarches}
exclude_common_dirs debuginfocommon.filelist
%endif
exclude_common_dirs debuginfo.filelist
%endif # 0%{?_enable_debug_packages}
# Remove the `dir' info-heirarchy file which will be maintained
@ -1673,6 +1718,38 @@ rm -f *.filelist*
%endif
%changelog
* Fri Feb 27 2015 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-8
- wordexp fails to honour WRDE_NOCMD (CVE-2014-7817, #1167569).
- Avoid infinite loop in nss_dns getnetbyname (CVE-2014-9402, #1175370).
- wscanf allocates too little memory (CVE-2015-1472, #1188237).
- Fix segmentation fault when LD_LIBRARY_PATH contains only non-existing
paths (#1184234).
* Tue Jan 06 2015 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-7
- Remove LIB_LANG since we don't install locales in /usr/lib/locale anymore.
- Don't own any directories in /usr/share/locale (#1167445).
- Use the %%find_lang macro to get the *.mo files (#1167445).
- Add %%lang tags to language locale files in /usr/share/i18n/locale (#1169044).
* Wed Oct 1 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-6
- Enable lock elision again on s390 and s390x.
* Sat Sep 27 2014 Carlos O'Donell <carlos@redhat.com> - 2.20-5
- Disable more Intel TSX usage in rwlocks (#1146967).
* Fri Sep 26 2014 Carlos O'Donell <carlos@redhat.com> - 2.20-4
- Disable lock elision support for Intel hardware until microcode
updates can be done in early bootup (#1146967).
* Tue Sep 23 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-3
- Don't own the common debuginfo directories (#1144853).
* Tue Sep 16 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-2
- Make __extern_always_inline usable on clang++ again (#1133508).
* Mon Sep 8 2014 Siddhesh Poyarekar <siddhesh@redhat.com> - 2.20-1
- Rebase to upstream release 2.20.
* Thu Sep 4 2014 Carlos O'Donell <carlos@redhat.com> - 2.19.90-36
- Allow up to 32 dlopened modules to use static TLS (#1124987).
- Run glibc tests in %%check section of RPM spec file.

View File

@ -1 +1 @@
6b7d687c4bf371fc6fd5b100b9ded870 glibc-2.19-886-gdd763fd.tar.gz
aabb1776353e6bc60ecc707af78a3813 glibc-2.20.tar.gz