Chan Lee [Thu, 16 Mar 2017 05:29:15 +0000 (14:29 +0900)]
packaging: add 64bit libs on 32bit build env
In some cases, especially .Net toolchain needs 64bit libs to execute
even though 32bit build environment.
It's a little weird but possble because almost archtecture of build machine is 64bit.
Change-Id: I0582231028edf64b0cb8e751ec3aba3ccb8e0e0e
Signed-off-by: Chan Lee <chan45.lee@samsung.com>
Dongkyun, Son [Fri, 13 May 2016 05:13:27 +0000 (14:13 +0900)]
packaging: move libBrokenLocale.so
'devel-utils' is not included to target image.
So, this can cause "dlopen failed(libBrokenLocale.so.1...)." issue.
Change-Id: I41667c1223df76a53de0bdb5eab592fed06475a0
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Dongkyun, Son [Thu, 7 Apr 2016 16:07:41 +0000 (01:07 +0900)]
packaging: Disabling nscd entirely
configure --disable-nscd
Change-Id: Ia36c10bad5bd2eb75a64d97c7b618df672228864
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Hyeongsik Min [Thu, 31 Mar 2016 07:57:40 +0000 (16:57 +0900)]
packaging: added libthread_db.so.1 to %file list
Change-Id: I40c685ceaa3b98207fb9eba9d63ffb94c76bdc8b
Signed-off-by: Hyeongsik Min <hyeongsik.min@samsung.com>
Chan Lee [Thu, 25 Feb 2016 07:42:10 +0000 (16:42 +0900)]
packaging: filter -mthumb, -mimplicit-it=thumb option
Change-Id: I5e68a2cc1c6232214d37a7e1f750842b69c043ba
Signed-off-by: Chan Lee <chan45.lee@samsung.com>
Carlos O'Donell [Wed, 17 Feb 2016 02:26:37 +0000 (21:26 -0500)]
CVE-2015-7547: getaddrinfo() stack-based buffer overflow (Bug 18665).
* A stack-based buffer overflow was found in libresolv when invoked from
libnss_dns, allowing specially crafted DNS responses to seize control
of execution flow in the DNS client. The buffer overflow occurs in
the functions send_dg (send datagram) and send_vc (send TCP) for the
NSS module libnss_dns.so.2 when calling getaddrinfo with AF_UNSPEC
family. The use of AF_UNSPEC triggers the low-level resolver code to
send out two parallel queries for A and AAAA. A mismanagement of the
buffers used for those queries could result in the response of a query
writing beyond the alloca allocated buffer created by
_nss_dns_gethostbyname4_r. Buffer management is simplified to remove
the overflow. Thanks to the Google Security Team and Red Hat for
reporting the security impact of this issue, and Robert Holiday of
Ciena for reporting the related bug 18665. (CVE-2015-7547)
See also:
https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html
https://sourceware.org/ml/libc-alpha/2016-02/msg00418.html
Change-Id: If6932f6419b17b6247ce3e025e12efefad9a3b37
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Paul Pluzhnikov [Sat, 8 Aug 2015 22:54:40 +0000 (15:54 -0700)]
CVE-2015-8779: catopen() Multiple unbounded stack allocations (2 of 2)
https://msisac.cisecurity.org/advisories/2016/2016-021.cfm
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Fix trailing space.
Change-Id: I55ec41be7b76784588c5f6ea6528911fb33d31b3
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Paul Pluzhnikov [Sat, 8 Aug 2015 22:53:03 +0000 (15:53 -0700)]
CVE-2015-8779: catopen() Multiple unbounded stack allocations (1 of 2)
https://msisac.cisecurity.org/advisories/2016/2016-021.cfm
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Fix BZ #17905
Change-Id: I6d7e5c49b7e0af3adccc4f3ad68fca42c1e92c6d
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Hyung-Kyu Choi [Tue, 23 Feb 2016 05:25:34 +0000 (21:25 -0800)]
Merge "Revert "CVE-2015-8779: catopen() Multiple unbounded stack allocations (1 of 3) https://msisac.cisecurity.org/advisories/2016/2016-021.cfm https://sourceware.org/bugzilla/show_bug.cgi?id=17905"" into tizen_base
Jaehun Jeong [Tue, 23 Feb 2016 05:25:02 +0000 (21:25 -0800)]
Revert "CVE-2015-8779: catopen() Multiple unbounded stack allocations (1 of 3) https://msisac.cisecurity.org/advisories/2016/2016-021.cfm https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
This reverts commit
7ce4c382c494405a43e20889f4e2a6a052963fab.
Due to wrong commit message
Change-Id: I454e15624ea45e38f06aee96d0c3987a612bd92b
Hyung-Kyu Choi [Tue, 23 Feb 2016 05:24:43 +0000 (21:24 -0800)]
Merge "Revert "CVE-2015-8779: catopen() Multiple unbounded stack allocations (2 of 3) https://msisac.cisecurity.org/advisories/2016/2016-021.cfm https://sourceware.org/bugzilla/show_bug.cgi?id=17905"" into tizen_base
Jaehun Jeong [Tue, 23 Feb 2016 05:24:02 +0000 (21:24 -0800)]
Revert "CVE-2015-8779: catopen() Multiple unbounded stack allocations (2 of 3) https://msisac.cisecurity.org/advisories/2016/2016-021.cfm https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
This reverts commit
40e6dab6b97f6674549998ddf6a4f7882710de8f.
Due to wrong commit message
Change-Id: I96451f200c501c99952bd872c24f6a31cc14cb89
Jaehun Jeong [Tue, 23 Feb 2016 05:21:26 +0000 (21:21 -0800)]
Revert commit due to wrong commit message
Revert "CVE-2015-8779: catopen() Multiple unbounded stack allocations (3 of 3) https://msisac.cisecurity.org/advisories/2016/2016-021.cfm https://sourceware.org/bugzilla/show_bug.cgi?id=17905"
This reverts commit
a1a8668eb9d679a772506b8ce0dbc14478715bbe.
Change-Id: Ic2f30abb91768e134f75a724710f9dffbab0ba61
Paul Pluzhnikov [Sat, 26 Sep 2015 20:27:48 +0000 (13:27 -0700)]
CVE-2015-8779: catopen() Multiple unbounded stack allocations (3 of 3)
https://msisac.cisecurity.org/advisories/2016/2016-021.cfm
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Fix BZ #18985 -- out of range data to strftime() causes a segfault
Change-Id: I6cb12bb92d0c0e55f721f71a2f06892c723981ef
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Paul Pluzhnikov [Sat, 8 Aug 2015 22:54:40 +0000 (15:54 -0700)]
CVE-2015-8779: catopen() Multiple unbounded stack allocations (2 of 3)
https://msisac.cisecurity.org/advisories/2016/2016-021.cfm
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Fix trailing space.
Change-Id: I2e5fe8bc6adeaefef952ae82bf217a8acb08e490
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Paul Pluzhnikov [Sat, 8 Aug 2015 22:53:03 +0000 (15:53 -0700)]
CVE-2015-8779: catopen() Multiple unbounded stack allocations (1 of 3)
https://msisac.cisecurity.org/advisories/2016/2016-021.cfm
https://sourceware.org/bugzilla/show_bug.cgi?id=17905
Fix BZ #17905
Change-Id: I615e916c407f142bd229fff79335f819b8b62ba9
Signed-off-by: Jaehun Jeong <jh4u.jeong@samsung.com>
Dongkyun, Son [Wed, 20 May 2015 01:01:33 +0000 (10:01 +0900)]
Lie about futex_atomic_cmpxchg_inatomic kernel support.
In past versions of glibc, we incorrectly assumed all ARM kernels
in all configurations supported futex_atomic_cmpxchg_inatomic. This
was clearly a lie, however it was a lie that we relied on, because
the fallback implementation appears to not play nicely with certain
applications like pulseaudio. Restore the lie for kernels > 2.6.32
and plug our ears and scream "LA LA LA" about how wrong this is.
Author: Adam Conrad <adconrad@ubuntu.com>
Bug-Ubuntu: https://launchpad.net/bugs/1436162
Last-Update: 2015-03-25
Change-Id: I45cd4a85dd5d5351633143d2cda7b12e624468b2
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Dongkyun, Son [Tue, 19 Jan 2016 08:48:37 +0000 (17:48 +0900)]
packaging: renamed glibc.spec -> linaro-glibc.spec
Change-Id: If1a21d163107ffd19e845ed8c1fdf08253ff28fc
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Dongkyun, Son [Sat, 9 Jan 2016 06:42:59 +0000 (15:42 +0900)]
packaging: removed locale build
Change-Id: If5c569cea5b0daa88f8e4af8101f565b730ba026
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Arjun Shankar [Tue, 21 Apr 2015 12:06:31 +0000 (14:06 +0200)]
CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow [BZ#18287]
Change-Id: I4104608d09d17826cd863877e1f0cdaffaecfe7f
Signed-off-by: Hyung-Kyu (HQ) Choi <hk0110.choi@samsung.com>
Andreas Schwab [Wed, 25 Mar 2015 15:35:46 +0000 (16:35 +0100)]
Separate internal state between getXXent and getXXbyYY NSS calls (bug 18007)
Change-Id: I7cab82f45dcac7c59671bd0a89bc82fe916915cc
Signed-off-by: Dongkyun Son <dongkyun.s@samsung.com>
Florian Weimer [Wed, 29 Apr 2015 12:41:25 +0000 (14:41 +0200)]
CVE-2014-8121: Do not close NSS files database during iteration [BZ #18007]
Robin Hack discovered Samba would enter an infinite loop processing
certain quota-related requests. We eventually tracked this down to a
glibc issue.
Running a (simplified) test case under strace shows that /etc/passwd
is continuously opened and closed:
…
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET) = 2717
close(3) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
lseek(3, 0, SEEK_SET) = 0
read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2717
lseek(3, 2717, SEEK_SET) = 2717
close(3) = 0
open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
lseek(3, 0, SEEK_CUR) = 0
…
The lookup function implementation in
nss/nss_files/files-XXX.c:DB_LOOKUP has code to prevent that. It is
supposed skip closing the input file if it was already open.
/* Reset file pointer to beginning or open file. */ \
status = internal_setent (keep_stream); \
\
if (status == NSS_STATUS_SUCCESS) \
{ \
/* Tell getent function that we have repositioned the file pointer. */ \
last_use = getby; \
\
while ((status = internal_getent (result, buffer, buflen, errnop \
H_ERRNO_ARG EXTRA_ARGS_VALUE)) \
== NSS_STATUS_SUCCESS) \
{ break_if_match } \
\
if (! keep_stream) \
internal_endent (); \
} \
keep_stream is initialized from the stayopen flag in internal_setent.
internal_setent is called from the set*ent implementation as:
status = internal_setent (stayopen);
However, for non-host database, this flag is always 0, per the
STAYOPEN magic in nss/getXXent_r.c.
Thus, the fix is this:
- status = internal_setent (stayopen);
+ status = internal_setent (1);
This is not a behavioral change even for the hosts database (where the
application can specify the stayopen flag) because with a call to
sethostent(0), the file handle is still not closed in the
implementation of gethostent.
Change-Id: I036022aee8c33895426c4baf383a499f11ff2ea0
Signed-off-by: UkJung Kim <ujkim@samsung.com>
Florian Weimer [Mon, 15 Dec 2014 16:41:13 +0000 (17:41 +0100)]
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
Fix CVE-2014-9402
Change-Id: I816b13ed56647345c5d18a1c4ba7b2e92fa806a7
Signed-off-by: UkJung Kim <ujkim@samsung.com>
Paul Pluzhnikov [Fri, 6 Feb 2015 05:30:42 +0000 (00:30 -0500)]
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
Change-Id: Ie33f4abe91c5371177b4ca1ae94d5c1b8e4ff149
Signed-off-by: UkJung Kim <ujkim@samsung.com>
Roland McGrath [Thu, 19 Mar 2015 19:45:24 +0000 (12:45 -0700)]
ARM: Fix memcpy & memmove for [ARM_ALWAYS_BX]
Backport from master:
298e5d56
2015-03-19 Roland McGrath <roland@hack.frob.com>
* sysdeps/arm/memcpy.S [ARM_ALWAYS_BX]: Fix computed-jump calculations
to account for alignment padding.
* sysdeps/arm/memmove.S: Likewise.
Change-Id: I7e607914f826c416a30c944d25ed48008611d59f
Yury Usishchev [Fri, 26 Jun 2015 14:10:21 +0000 (17:10 +0300)]
Add unwind info to _start and _dl_start_user
This patch fixes segfault when ASan tries to unwind stack on
libraries initialization stage.
* sysdeps/arm/dl-machine.h: add unwind info to inline assembly
Change-Id: I81fd4e35ac4bc6d20127fdf2ca6921d8e771c141
Signed-off-by: Yury Usishchev <y.usishchev@samsung.com>
H.J. Lu [Fri, 28 Nov 2014 15:54:07 +0000 (07:54 -0800)]
Resize DTV if the current DTV isn't big enough
This patch changes _dl_allocate_tls_init to resize DTV if the current DTV
isn't big enough. Tested on X86-64, x32 and ia32.
[BZ #13862]
* elf/dl-tls.c: Include <atomic.h>.
(oom): Remove #ifdef SHARED/#endif.
(_dl_static_dtv, _dl_initial_dtv): Moved before ...
(_dl_resize_dtv): This. Extracted from _dl_update_slotinfo.
(_dl_allocate_tls_init): Resize DTV if the current DTV isn't
big enough.
(_dl_update_slotinfo): Call _dl_resize_dtv to resize DTV.
* nptl/Makefile (tests): Add tst-stack4.
(modules-names): Add tst-stack4mod.
($(objpfx)tst-stack4): New.
(tst-stack4mod.sos): Likewise.
($(objpfx)tst-stack4.out): Likewise.
($(tst-stack4mod.sos)): Likewise.
(clean): Likewise.
* nptl/tst-stack4.c: New file.
* nptl/tst-stack4mod.c: Likewise.
Change-Id: Ib4cc10ee737b74004c659b2d2393b601f75ab249
Torvald Riegel [Sun, 14 Sep 2014 18:04:54 +0000 (20:04 +0200)]
Add atomic operations similar to those provided by C11.
Change-Id: I4138c4d17bfa5f70e85530933aadd4fc7662fc84
Torvald Riegel [Fri, 17 Oct 2014 23:02:59 +0000 (01:02 +0200)]
Add arch-specific configuration for C11 atomics support.
This sets __HAVE_64B_ATOMICS if provided. It also sets
USE_ATOMIC_COMPILER_BUILTINS to true if the existing atomic ops use the
__atomic* builtins (aarch64, mips partially) or if this has been
tested (x86_64); otherwise, this is set to false so that C11 atomics will
be based on the existing atomic operations.
Change-Id: Idb0f82007ca89b26bf330e63ddbc52ada6bfe5e0
Tatiana Udalova [Wed, 12 Nov 2014 11:36:39 +0000 (17:06 +0530)]
New Bhilodi and Tulu locales (BZ #17475)
Change-Id: Id08824de571c2b70e5c76849fd2afa49c25eee05
Dongkyun, Son [Wed, 10 Jun 2015 02:11:14 +0000 (11:11 +0900)]
Apply linaro-gcc-version.patch
Change-Id: I58a06e487be977cc370d589a314fa1a528da5187
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Gratian Crisan [Mon, 27 Oct 2014 22:45:43 +0000 (22:45 +0000)]
arm: Re-enable PI futex support for ARM kernels >= 3.14.3
ARM linux kernels before 3.14.3 may or may not support
futex_atomic_cmpxchg_inatomic depending on the kernel configuration (e.g.
CONFIG_CPU_USE_DOMAINS && CONFIG_SMP configuration was not supported)
Starting with 3.14.3 the linux kernel unconditionally enables support for
ARM, and this re-enables the relevant __ASSUME_* macros.
Tested on ARM both with kernels >= 3.14.3 and older kernels.
* sysdeps/unix/sysv/linux/arm/kernel-features.h
[__LINUX_KERNEL_VERSION >= 0x030E03] (__ASSUME_FUTEX_LOCK_PI): Do
not undefine.
[__LINUX_KERNEL_VERSION >= 0x030E03] (__ASSUME_REQUEUE_PI):
Likewise.
[__LINUX_KERNEL_VERSION >= 0x030E03] (__ASSUME_SET_ROBUST_LIST):
Likewise.
Change-Id: I45cd4a85dd5d5351633143d2cda7b12e624468b2
Vyacheslav Barinov [Tue, 20 Oct 2015 07:50:42 +0000 (10:50 +0300)]
Packaging version change
Change-Id: I1b113d575918d95fb331c96a6489cb3d51b2d6f9
Dongkyun, Son [Tue, 20 Oct 2015 02:05:27 +0000 (11:05 +0900)]
packaging: add packaging (from tizen branch)
Change-Id: I24d27a18a96d6d8dd60e7876469efb8f21abd214
Signed-off-by: Dongkyun, Son <dongkyun.s@samsung.com>
Will Newton [Wed, 22 Oct 2014 15:03:50 +0000 (16:03 +0100)]
version.h: Update VERSION for 2014.11 release.
Roland McGrath [Wed, 8 Oct 2014 22:36:12 +0000 (15:36 -0700)]
BZ#17460: Fix buffer overrun in nscd --help.
(cherry picked from commit
c763c5d27112be055920c46f3be8d05bc8b669da)
Conflicts:
NEWS
Allan McRae [Thu, 9 Oct 2014 12:11:30 +0000 (22:11 +1000)]
Update French translation
(cherry picked from commit
b6dcfe8c2408958be246dd61f1c5415ed7667a2a)
Siddhesh Poyarekar [Tue, 16 Sep 2014 08:50:45 +0000 (14:20 +0530)]
Fix memory leak in error path of do_ftell_wide (BZ #17370)
(cherry picked from commit
545583d664b64ff234b99aca0d85e99c8a55808f)
Tim Lammens [Thu, 11 Sep 2014 05:05:54 +0000 (10:35 +0530)]
Fix memory leak in libio/wfileops.c do_ftell_wide [BZ #17370]
(cherry picked from commit
984c0ea97f649c869130a1ff099098e2b6f70aad)
Conflicts:
NEWS
Siddhesh Poyarekar [Tue, 16 Sep 2014 08:44:11 +0000 (14:14 +0530)]
Revert to defining __extern_inline only for gcc-4.3+ (BZ #17266)
The check for only __GNUC_STDC_INLINE__ and __GNUC_GNU_INLINE__ may
not be sufficient since those flags were added during initial support
for C99 inlining semantics. There is also a problem with always
defining __extern_inline and __extern_always_inline, since it enables
inline wrapper functions even when GNU inlining semantics are not
guaranteed. This, along with the possibility of such wrappers using
redirection (btowc for example) could result in compiler generating an
infinitely recusrive call to the function.
In fact it was such a recursion that led to this code being written
the way it was; see:
https://bugzilla.redhat.com/show_bug.cgi?id=186410
The initial change was to fix bugs 14530 and 13741, but they can be
resolved by checking if __fortify_function and/or
__extern_always_inline are defined, as it has been done in this patch.
In addition, I have audited uses of __extern_always_inline to make
sure that none of the uses result in compilation errors.
There is however a regression in this patch for llvm, since it reverts
the llvm expectation that __GNUC_STDC_INLINE__ or __GNUC_GNU_INLINE__
definition imply proper extern inline semantics.
2014-09-16 Siddhesh Poyarekar <siddhesh@redhat.com>
Jakub Jelinek <jakub@redhat.com>
[BZ #17266]
* libio/stdio.h: Check definition of __fortify_function
instead of __extern_always_inline to include bits/stdio2.h.
* math/bits/math-finite.h [__USE_XOPEN || __USE_ISOC99]: Also
check if __extern_always_inline is defined.
[__USE_MISC || __USE_XOPEN]: Likewise.
[__USE_ISOC99] Likewise.
* misc/sys/cdefs.h (__fortify_function): Define only if
__extern_always_inline is defined.
[!__cplusplus || __GNUC_PREREQ (4,3)]: Revert to defining
__extern_always_inline and __extern_inline only for g++-4.3
and newer or a compatible gcc.
Andreas Schwab [Sat, 13 Sep 2014 08:10:29 +0000 (10:10 +0200)]
Handle zero prefix length in getifaddrs (BZ #17371)
(cherry picked from commit
a7b872687073decdcc7effc2289877d69058aca9)
Conflicts:
NEWS
Joseph Myers [Fri, 12 Sep 2014 12:13:08 +0000 (12:13 +0000)]
Add new Linux 3.16 constants to netinet/udp.h.
This patch adds the new constants UDP_NO_CHECK6_TX and
UDP_NO_CHECK6_RX from Linux 3.16 to sysdeps/gnu/netinet/udp.h. (I
believe the existing constants there are already Linux-specific,
possibly with the intention that other OSes should adopt the same
values if possible if adopting the features in question.)
Tested on x86_64.
* sysdeps/gnu/netinet/udp.h (UDP_NO_CHECK6_TX): New macro.
(UDP_NO_CHECK6_RX): Likewise.
(cherry picked from commit
0bd72468030947254e7de183cac1014dac884475)
Allan McRae [Sat, 13 Sep 2014 05:41:54 +0000 (15:41 +1000)]
Update Russian translation
(cherry picked from commit
d8f879ee3e4131542c2ac3d1d9db4cf12cb86729)
Allan McRae [Sun, 7 Sep 2014 08:09:09 +0000 (18:09 +1000)]
Update version.h and include/features.h for 2.20 release
Allan McRae [Sun, 7 Sep 2014 06:07:10 +0000 (16:07 +1000)]
Update contrib.texi
Add entries for Wilco Dijkstra and Stefan Liebler.
Allan McRae [Sun, 7 Sep 2014 05:50:34 +0000 (15:50 +1000)]
Update Korean translation
Chris Metcalf [Fri, 5 Sep 2014 18:40:23 +0000 (14:40 -0400)]
[BZ #17354] tile: Fix up corner cases with signed relocations
Some types of relocations technically need to be signed rather than
unsigned: in particular ones that are used with moveli or movei,
or for jump and branch. This is almost never a problem. Jump and
branch opcodes are pretty much uniformly resolved by the static linker
(unless you omit -fpic for a shared library, which is not recommended).
The moveli and movei opcodes that need to be sign-extended generally
are for positive displacements, like the construction of the address of
main() from _start(). However, tst-pie1 ends up with main below _start
(in a different module) and the test failed due to signedness issues in
relocation handling.
This commit treats the value as signed when shifting (to preserve the
high bit) and also sign-extends the value generated from the updated
bundle when comparing with the desired bundle, which we do to make sure
no overflow occurred. As a result, the tst-pie1 test now passes.
Florian Weimer [Wed, 3 Sep 2014 17:45:43 +0000 (19:45 +0200)]
CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
Khem Raj [Tue, 2 Sep 2014 21:39:04 +0000 (21:39 +0000)]
Define __GI_fegetenv for e500 libm
generic HAVE_RM_CTX implementation which is used for ppc/e500 as well
has introduced calls to fegetenv which should be resolved internally
with in libm
Signed-off-by: Khem Raj <raj.khem@gmail.com>
* sysdeps/powerpc/powerpc32/e500/nofpu/fegetenv.c (fegetenv): Add
libm_hidden_ver.
Allan McRae [Mon, 1 Sep 2014 00:48:22 +0000 (10:48 +1000)]
Update Esperanto translation
Allan McRae [Mon, 1 Sep 2014 00:47:30 +0000 (10:47 +1000)]
Update Catalan translation
Samuel Thibault [Thu, 28 Aug 2014 20:08:39 +0000 (22:08 +0200)]
Fix hang on fork
If e.g. a signal is being received while we are running fork(), the signal
thread may be having our SS lock when we make the space copy, and thus in the
child we can not take the SS lock any more.
* sysdeps/mach/hurd/fork.c (__fork): Lock SS->lock around __proc_dostop call.
Signed-off-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
Mark Wielaard [Wed, 27 Aug 2014 15:07:58 +0000 (17:07 +0200)]
i386 TLS_INIT_TP might produce bogus asm changing stack pointer [BZ #17319]
TLS_INIT_TP in sysdeps/i386/nptl/tls.h uses some hand written asm to
generate a set_thread_area that might result in exchanging ebx and esp
around the syscall causing introspection tools like valgrind to loose
track of the user stack. Just use INTERNAL_SYSCALL which makes sure
esp isn't changed arbitrarily.
Before the patch the code would generate:
mov $0xf3,%eax
movl $0xfffff,0x8(%esp)
movl $0x51,0xc(%esp)
xchg %esp,%ebx
int $0x80
xchg %esp,%ebx
Using INTERNAL_SYSCALL instead will generate:
movl $0xfffff,0x8(%esp)
movl $0x51,0xc(%esp)
xchg %ecx,%ebx
mov $0xf3,%eax
int $0x80
xchg %ecx,%ebx
Thanks to Florian Weimer for analysing why the original code generated
the bogus esp usage:
_segdescr.desc happens to be at the top of the stack, so its address
is in %esp. The asm statement says that %3 is an input, so its value
will not change, and GCC can use %esp as the input register for the
expression &_segdescr.desc. But the constraints do not fully describe
the asm statement because the %3 register is actually modified, albeit
only temporarily.
[BZ #17319]
* sysdeps/i386/nptl/tls.h (TLS_INIT_TP): Use INTERNAL_SYSCALL
to call set_thread_area instead of hand written asm.
(__NR_set_thread_area): Removed define.
(TLS_FLAG_WRITABLE): Likewise.
(__ASSUME_SET_THREAD_AREA): Remove check.
(TLS_EBX_ARG): Remove define.
(TLS_LOAD_EBX): Likewise.
Samuel Thibault [Wed, 27 Aug 2014 22:11:54 +0000 (00:11 +0200)]
Simplify atomicity of socket creation in bind.
Carlos O'Donell [Wed, 27 Aug 2014 15:53:25 +0000 (11:53 -0400)]
NEWS: Typo fix: s/wil /will /g
Allan McRae [Wed, 27 Aug 2014 03:36:02 +0000 (13:36 +1000)]
Update x86 ULPs
Using gcc-4.9, i7-2620M, i686 Linux.
Florian Weimer [Tue, 26 Aug 2014 18:43:07 +0000 (20:43 +0200)]
Fix typo in CVE ID
Florian Weimer [Tue, 26 Aug 2014 17:38:59 +0000 (19:38 +0200)]
__gconv_translit_find: Disable function [BZ #17187]
This functionality has never worked correctly, and the implementation
contained a security vulnerability (CVE-2014-5119).
Allan McRae [Tue, 26 Aug 2014 12:44:23 +0000 (22:44 +1000)]
Update Vietnamese translation
Allan McRae [Tue, 26 Aug 2014 12:43:31 +0000 (22:43 +1000)]
Update Ukrainian translation
Allan McRae [Tue, 26 Aug 2014 12:42:36 +0000 (22:42 +1000)]
Update French translation
Allan McRae [Tue, 26 Aug 2014 12:41:48 +0000 (22:41 +1000)]
Update Russian translation
Allan McRae [Tue, 26 Aug 2014 12:41:00 +0000 (22:41 +1000)]
Update Polish translation
Allan McRae [Tue, 26 Aug 2014 12:39:33 +0000 (22:39 +1000)]
Update Czech translation
Allan McRae [Tue, 26 Aug 2014 12:38:47 +0000 (22:38 +1000)]
Update German translation
Allan McRae [Tue, 26 Aug 2014 12:36:52 +0000 (22:36 +1000)]
Update Bulgarian translation
Allan McRae [Tue, 26 Aug 2014 12:33:50 +0000 (22:33 +1000)]
Update Sweedish translation
Allan McRae [Tue, 26 Aug 2014 12:32:32 +0000 (22:32 +1000)]
Update Dutch translation
Allan McRae [Tue, 26 Aug 2014 12:31:31 +0000 (22:31 +1000)]
Update Spanish translation
Siddhesh Poyarekar [Thu, 21 Aug 2014 05:00:55 +0000 (10:30 +0530)]
Remove NOT_IN_libc definition for pthread_atfork
pthread_atfork is already built in an extra-libs context, which gives
it NOT_IN_libc in its CPPFLAGS. Adding the same definition to CFLAGS
is pointless.
Verified that the code is unchanged on x86_64.
Siddhesh Poyarekar [Thu, 21 Aug 2014 04:57:13 +0000 (10:27 +0530)]
Remove redundant CPPFLAGS for some programs
These programs get the NOT_IN_libc twice, once through the 'other'
target and another explicitly. Remove the explicitly added CPFLAG.
* catgets/Makefile (CPPFLAGS-gencat): Remove.
* iconv/Makefile (CPPFLAGS-iconv_prog): Likewise.
(CPPFLAGS-iconvconfig): Likewise.
* timezone/Makefile (CPPFLAGS-zic): Likewise.
Siddhesh Poyarekar [Thu, 21 Aug 2014 04:56:46 +0000 (10:26 +0530)]
Remove unnecessary uses of NOT_IN_libc
If a IS_IN_* macro is defined, then NOT_IN_libc is always defined,
except obviously for IS_IN_libc. There's no need to check for both.
Verified on x86_64 and i686 that the source is unchanged.
* include/libc-symbols.h: Remove unnecessary check for
NOT_IN_libc.
* nptl/pthreadP.h: Likewise.
* sysdeps/aarch64/setjmp.S: Likewise.
* sysdeps/alpha/setjmp.S: Likewise.
* sysdeps/arm/sysdep.h: Likewise.
* sysdeps/i386/setjmp.S: Likewise.
* sysdeps/m68k/setjmp.c: Likewise.
* sysdeps/posix/getcwd.c: Likewise.
* sysdeps/powerpc/powerpc32/setjmp-common.S: Likewise.
* sysdeps/powerpc/powerpc64/setjmp-common.S: Likewise.
* sysdeps/s390/s390-32/setjmp.S: Likewise.
* sysdeps/s390/s390-64/setjmp.S: Likewise.
* sysdeps/sh/sh3/setjmp.S: Likewise.
* sysdeps/sh/sh4/setjmp.S: Likewise.
* sysdeps/unix/alpha/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/aarch64/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/i386/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/ia64/setjmp.S: Likewise.
* sysdeps/unix/sysv/linux/ia64/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc32/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/s390/s390-32/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/s390/s390-64/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/sh/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc32/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/tile/sysdep.h: Likewise.
* sysdeps/unix/sysv/linux/x86_64/sysdep.h: Likewise.
* sysdeps/x86_64/setjmp.S: Likewise.
H.J. Lu [Wed, 13 Aug 2014 15:04:54 +0000 (08:04 -0700)]
Mention fixes for BZs 16194 and 16275 in NEWS
Joseph Myers [Wed, 13 Aug 2014 16:06:18 +0000 (16:06 +0000)]
Fix powerpc32 __get_clockfreq for non-power4 (bug 17263).
In my powerpc32 testing I've observed misc/test-gettimebasefreq
failing.
This is a glibc build (soft-float, though that's not relevant here)
without any --with-cpu and without any special configuration of the
default CPU for GCC either. In particular, it's one not using
sysdeps/powerpc/powerpc32/power4/hp-timing.h (although in fact the
processor I'm using for testing is POWER4-based), so hp_timing_t is
32-bit not 64-bit. But the VDSO call being used by
INTERNAL_VSYSCALL_NO_SYSCALL_FALLBACK is generating a 64-bit result
(high part in r3, low part in r4). The code extracting that result,
however, expects a result of the type hp_timing_t as passed to
INTERNAL_VSYSCALL_NO_SYSCALL_FALLBACK, meaning that only r3 (= 0) is
used and the value in r4 is ignored. This patch fixes this by always
using uint64_t as the type in INTERNAL_VSYSCALL_NO_SYSCALL_FALLBACK -
reflecting the actual ABI (unconditional in the kernel) of that VDSO
call. This is the minimal change for this issue - no check for
overflow, no change of the type of the timebase_freq variable or the
return type of __get_clockfreq to something other than hp_timing_t
(such a change would simply move the implicit conversions to the over
callers of that function), no change to hp_timing_t itself.
Tested for powerpc32 soft float.
[BZ #17263]
* sysdeps/unix/sysv/linux/powerpc/get_clockfreq.c: Include
<stdint.h>.
(__get_clockfreq): Use uint64_t instead of hp_timing_t in
INTERNAL_VSYSCALL_NO_SYSCALL_FALLBACK call.
Siddhesh Poyarekar [Wed, 13 Aug 2014 13:16:41 +0000 (18:46 +0530)]
Fix comment error that Jakub pointed out but I forgot to fix
Siddhesh Poyarekar [Wed, 13 Aug 2014 08:35:15 +0000 (14:05 +0530)]
Disable x87 inline functions for x86_64 and SSE [BZ #17262]
Since:
commit
409e00bd69b8d8dd74d7327085351d26769ea6fc
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Wed Jan 29 07:51:41 2014 -0800
Disable x87 inline functions for SSE2 math
When i386 and x86-64 mathinline.h was merged into a single mathinline.h,
"gcc -m32" enables x87 inline functions on x86-64 even when -mfpmath=sse
and SSE2 is enabled. It is a regression on x86-64. We should check
__SSE2_MATH__ instead of __x86_64__ when disabling x87 inline functions.
gcc-3.2 is unable to correctly compile x86_64 routines for llrint
since it gets redefined. This is because gcc 3.2 does not set
__SSE2_MATH__ for x86_64, thus exposing the duplicate definition.
The correct fix ought to be to check for both __SSE2_MATH__ and
__x86_64__ and enable those bits only when neither are defined.
Tested fix with the reproducer for
409e00bd69b8d8dd74d7327085351d26769ea6fc as well as with gcc-3.2.
H.J. Lu [Wed, 13 Aug 2014 00:02:51 +0000 (17:02 -0700)]
Replace cpuid asm statement with __cpuid_count
The compiler doesn't know that the cpuid asm statement in intel_check_word
will trash RBX. We are lucky that it doesn't cause any problems since
RBX is also used by compiler for other purposes so that RBX is saved and
restored. This patch replaces it with __cpuid_count.
[BZ #17259]
* sysdeps/x86_64/cacheinfo.c (intel_check_word): Replace cpuid
asm statement with __cpuid_count.
Mike Frysinger [Thu, 7 Aug 2014 03:44:29 +0000 (23:44 -0400)]
detect broken linker handling of __ehdr_start
Older versions of ld on ia64 support __ehdr_start, but generate relocs
when they shouldn't. This causes the ld.so to not run because it tries
to resolve the __ehdr_start symbol (but it's not exported).
Joseph Myers [Tue, 12 Aug 2014 20:31:54 +0000 (20:31 +0000)]
Fix powerpc-nofpu __fe_enabled_env and __fe_nonieee_env (bug 17261).
On powerpc, floating-point environment macros are defined as pointers
to constants in the library that contain the bit-patterns of the
desired environment, instead of being magic constants cast to pointer
type.
For soft-float, the bit-patterns used for fenv_t are not laid out the
same as for hard-float. (e500 has a third layout used; that's not an
ABI issue because these values are only meaningful within a single
process, all of whose glibc libraries must come from the same build of
glibc.) While the __fe_dfl_env value for soft-float was appropriate
for the soft-float fenv_t representation, the other two constants had
the same bit-patterns as for hard-float. Those bit patterns had the
effect of having exceptions already raised, causing
math/test-fenv-return to fail; this patch fixes the patterns used.
(__fe_nonieee_env also had exceptions unmasked, though they should be
masked to match hard-float semantics. Since there is no separate
non-IEEE mode for soft-float, it's most appropriate for
__fe_nonieee_env to be the same as __fe_dfl_env; this patch makes it
an alias.)
Tested for powerpc-nofpu.
[BZ #17261]
* sysdeps/powerpc/nofpu/fenv_const.c (__fe_enabled_env): Change
value to 0.
(__fe_nonieee_env): Define as an alias for __fe_dfl_env.
Roland McGrath [Tue, 12 Aug 2014 16:49:58 +0000 (09:49 -0700)]
NEWS: Mention x86-64 ld.so use of Intel MPX instructions.
Will Newton [Tue, 12 Aug 2014 12:01:13 +0000 (13:01 +0100)]
Add BZ #16892 to NEWS
Bernard Ogden [Mon, 11 Aug 2014 14:26:48 +0000 (15:26 +0100)]
Check value of futex before updating in __lll_timedlock
2014-08-12 Bernard Ogden <bernie.ogden@linaro.org>
[BZ #16892]
* sysdeps/nptl/lowlevellock.h (__lll_timedlock): Use
atomic_compare_and_exchange_bool_acq rather than atomic_exchange_acq.
Sean Anderson [Tue, 12 Aug 2014 09:23:41 +0000 (05:23 -0400)]
malloc: fix comment typo
Allan McRae [Sat, 9 Aug 2014 07:14:35 +0000 (17:14 +1000)]
Regenerate libc.po
Mike Frysinger [Mon, 4 Aug 2014 14:31:27 +0000 (10:31 -0400)]
tst-gettext2: make setup more robust
This test should be more robust about setting up its lang dirs.
I had two completely different systems (ia64 & x86_64) get wedged
in a way where the test just kept FAILing on me due to some of the
files missing. This probably wasn't a big deal until the recent
commit which made checking of the locale dirs more robust (for
security reasons).
Wilco Dijkstra [Thu, 7 Aug 2014 16:29:55 +0000 (16:29 +0000)]
This patch adds new function libc_feholdsetround_noex_aarch64_ctx, enabling
further optimization. libc_feholdsetround_aarch64_ctx now only needs to
read the FPCR in the typical case, avoiding a redundant FPSR read.
Performance results show a good improvement (5-10% on sin()) on cores with
expensive FPCR/FPSR instructions.
Wilco [Thu, 7 Aug 2014 14:30:31 +0000 (14:30 +0000)]
Fix performance issue in misaligned strcpy.
Adhemerval Zanella [Thu, 24 Jul 2014 12:28:57 +0000 (08:28 -0400)]
PowerPC: Fix termios definitions
This patch fixes the incorrect guard by __USE_MISC of struct winsize and
struct termio in powerpc termios header. Current states leads to build
failures if the program defines _XOPEN_SOURCE, but not _DEFAULT_SOURCE
or either _BSD_SOURCE or _SVID_SOURCE. Without any definition,
__USE_MISC will not be defined and neither the struct definitions.
This patch copies the default Linux ioctl-types.h by adjusting only the
character control field (c_cc) size in struct termio.
Richard Henderson [Tue, 5 Aug 2014 20:36:36 +0000 (13:36 -0700)]
alpha: Fix exception raising from soft-fp
Use the SSI_IEEE_RAISE_EXCEPTION function as from feraiseexcept,
instead of __ieee_get+set_fp_status. Always raise the FP exceptions
from float-to-integer conversion.
Richard Henderson [Tue, 5 Aug 2014 16:06:36 +0000 (09:06 -0700)]
alpha: Remove linux lowlevellock.h
For real this time.
Richard Henderson [Tue, 5 Aug 2014 15:31:47 +0000 (08:31 -0700)]
alpha: Remove linux lowlevellock.h
Bernard Ogden [Mon, 4 Aug 2014 22:12:03 +0000 (22:12 +0000)]
MIPS - Remove mips lowlevellock.h.
* sysdeps/unix/sysv/linux/mips/lowlevellock.h: Remove file.
Will Newton [Mon, 4 Aug 2014 15:01:31 +0000 (16:01 +0100)]
AArch64: Remove lowlevellock.h
Remove lowlevellock.h in favour of the generic implementation. The
generic implementation was tested natively and introduces no
regressions.
ChangeLog:
2014-08-04 Will Newton <will.newton@linaro.org>
* sysdeps/unix/sysv/linux/aarch64/lowlevellock.h: Remove
file.
Mike Frysinger [Mon, 4 Aug 2014 14:31:01 +0000 (10:31 -0400)]
add ChangeLog for previous commit
Mike Frysinger [Sun, 3 Aug 2014 16:14:35 +0000 (16:14 +0000)]
ia64: define nocancel entry points in PSEUDO
The previous set of not-cancel.h headers (prior to the commit
2fbdf5339aaeaa423bd661524f7ec7af41fa2606) did not require the
arch to define nocancel entry points, so ia64 never did.
However, after the various files were merged, it became a hard
requirement for arches which mean ia64 failed to build.
Here we add dedicated entry points. It'd be nice to merge
with the existing stubs like other arches do, but the ia64
asm does not lend itself to interleaving of functions. If
someone has a suggestion on merging these, that'd be great,
but at least now we build & pass tests again.
Roland McGrath [Fri, 4 Jul 2014 05:19:41 +0000 (22:19 -0700)]
IA64: Consolidate nptl/ subdirectories under linux/...
Roland McGrath [Fri, 4 Jul 2014 04:51:13 +0000 (21:51 -0700)]
IA64: Move NPTL public headers to sysdeps/ia64/nptl/.
Roland McGrath [Fri, 4 Jul 2014 04:51:01 +0000 (21:51 -0700)]
IA64: Define TLS_DEFINE_INIT_TP
Roland McGrath [Fri, 4 Jul 2014 05:09:33 +0000 (22:09 -0700)]
IA64: Consolidate NPTL/non versions of vfork
Roland McGrath [Fri, 4 Jul 2014 04:50:50 +0000 (21:50 -0700)]
IA64: Consolidate NPTL/non versions of clone