r6491 - in glibc-package/branches/glibc-branch-jessie/debian: . patches patches/any
Author: aurel32
Date: 2015-08-28 21:08:41 +0000 (Fri, 28 Aug 2015)
New Revision: 6491
Removed:
glibc-package/branches/glibc-branch-jessie/debian/patches/any/cvs-forced-elision.diff
glibc-package/branches/glibc-branch-jessie/debian/patches/ppc64le/
Modified:
glibc-package/branches/glibc-branch-jessie/debian/changelog
glibc-package/branches/glibc-branch-jessie/debian/patches/git-updates.diff
glibc-package/branches/glibc-branch-jessie/debian/patches/series
Log:
Revert r6474 and r6475. Update to the upstream stable branch instead.
Modified: glibc-package/branches/glibc-branch-jessie/debian/changelog
===================================================================
--- glibc-package/branches/glibc-branch-jessie/debian/changelog 2015-08-28 08:24:21 UTC (rev 6490)
+++ glibc-package/branches/glibc-branch-jessie/debian/changelog 2015-08-28 21:08:41 UTC (rev 6491)
@@ -1,10 +1,12 @@
glibc (2.19-19) UNRELEASED; urgency=medium
[ Aurelien Jarno ]
- * patches/any/cvs-forced-elision.diff: Fix pthread_mutex_trylock with
- lock elision. Closes: #759197, #788999.
- * patches/ppc64le/cvs-gprof-entry-point.diff: Fix gprof entry point on
- ppc64el. Closes: #794222.
+ * Update from upstream stable branch:
+ - Fix pthread_mutex_trylock with lock elision. Closes: #759197,
+ #788999.
+ - Fix gprof entry point on ppc64el. Closes: #794222.
+ - Fix a bugger overflow in overflow in getanswer_r (CVE-2015-1781)
+ Closes: #796105.
-- Aurelien Jarno <aurel32@debian.org> Sat, 15 Aug 2015 10:02:18 +0200
Deleted: glibc-package/branches/glibc-branch-jessie/debian/patches/any/cvs-forced-elision.diff
===================================================================
--- glibc-package/branches/glibc-branch-jessie/debian/patches/any/cvs-forced-elision.diff 2015-08-28 08:24:21 UTC (rev 6490)
+++ glibc-package/branches/glibc-branch-jessie/debian/patches/any/cvs-forced-elision.diff 2015-08-28 21:08:41 UTC (rev 6491)
@@ -1,54 +0,0 @@
-2014-12-11 Andreas Schwab <schwab@suse.de>
-
- [BZ #16657]
- * nptl/pthread_mutex_trylock.c (__pthread_mutex_trylock): Use
- FORCE_ELISION instead of DO_ELISION.
- * sysdeps/unix/sysv/linux/x86/force-elision.h (DO_ELISION):
- Remove.
-
---- a/nptl/pthread_mutex_trylock.c
-+++ b/nptl/pthread_mutex_trylock.c
-@@ -26,8 +26,8 @@
- #define lll_trylock_elision(a,t) lll_trylock(a)
- #endif
-
--#ifndef DO_ELISION
--#define DO_ELISION(m) 0
-+#ifndef FORCE_ELISION
-+#define FORCE_ELISION(m, s)
- #endif
-
- /* We don't force elision in trylock, because this can lead to inconsistent
-@@ -69,7 +69,7 @@
- break;
-
- case PTHREAD_MUTEX_TIMED_ELISION_NP:
-- elision:
-+ elision: __attribute__((unused))
- if (lll_trylock_elision (mutex->__data.__lock,
- mutex->__data.__elision) != 0)
- break;
-@@ -77,8 +77,7 @@
- return 0;
-
- case PTHREAD_MUTEX_TIMED_NP:
-- if (DO_ELISION (mutex))
-- goto elision;
-+ FORCE_ELISION (mutex, goto elision);
- /*FALL THROUGH*/
- case PTHREAD_MUTEX_ADAPTIVE_NP:
- case PTHREAD_MUTEX_ERRORCHECK_NP:
---- a/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h
-+++ b/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h
-@@ -16,11 +16,6 @@
- License along with the GNU C Library; if not, see
- <http://www.gnu.org/licenses/>. */
-
--/* Check for elision on this lock without upgrading. */
--#define DO_ELISION(m) \
-- (__pthread_force_elision \
-- && (m->__data.__kind & PTHREAD_MUTEX_NO_ELISION_NP) == 0) \
--
- /* Automatically enable elision for existing user lock kinds. */
- #define FORCE_ELISION(m, s) \
- if (__pthread_force_elision \
Modified: glibc-package/branches/glibc-branch-jessie/debian/patches/git-updates.diff
===================================================================
--- glibc-package/branches/glibc-branch-jessie/debian/patches/git-updates.diff 2015-08-28 08:24:21 UTC (rev 6490)
+++ glibc-package/branches/glibc-branch-jessie/debian/patches/git-updates.diff 2015-08-28 21:08:41 UTC (rev 6491)
@@ -1,10 +1,30 @@
GIT update of git://sourceware.org/git/glibc.git/release/2.19/master from glibc-2.19
diff --git a/ChangeLog b/ChangeLog
-index 81c393a..cecd6ec 100644
+index 81c393a..0eb6c3f 100644
--- a/ChangeLog
+++ b/ChangeLog
-@@ -1,3 +1,321 @@
+@@ -1,3 +1,341 @@
++2015-04-21 Arjun Shankar <arjun.is@lostca.se>
++
++ [BZ #18287]
++ * resolv/nss_dns/dns-host.c (getanswer_r): Adjust buffer length
++ based on padding. (CVE-2015-1781)
++
++2014-12-11 Andreas Schwab <schwab@suse.de>
++
++ [BZ #16657]
++ * nptl/pthread_mutex_trylock.c (__pthread_mutex_trylock): Use
++ FORCE_ELISION instead of DO_ELISION.
++ * nptl/sysdeps/unix/sysv/linux/x86/force-elision.h (DO_ELISION):
++ Remove.
++
++2013-07-29 Adhemerval Zanella <azanella@linux.vnet.ibm.com>
++
++ [BZ #17213]
++ * sysdeps/powerpc/powerpc64/entry.h: Fix TEXT_START definition for
++ powerpc64le.
++
+2014-11-11 Renlin Li <Renlin.Li@arm.com>
+
+ [BZ #17555]
@@ -327,10 +347,10 @@
[BZ #16529]
diff --git a/NEWS b/NEWS
-index 98b479e..d74f4a6 100644
+index 98b479e..7f9388f 100644
--- a/NEWS
+++ b/NEWS
-@@ -5,6 +5,51 @@ See the end for copying conditions.
+@@ -5,6 +5,59 @@ See the end for copying conditions.
Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
�
@@ -338,9 +358,17 @@
+
+* The following bugs are resolved with this release:
+
-+ 15946, 16545, 16574, 16623, 16695, 16878, 16882, 16885, 16916, 16932,
-+ 16943, 16958, 17048, 17069, 17137, 17263, 17325, 17555.
++ 15946, 16545, 16574, 16623, 16657, 16695, 16878, 16882, 16885, 16916,
++ 16932, 16943, 16958, 17048, 17069, 17137, 17213, 17263, 17325, 17555,
++ 18287.
+
++* A buffer overflow in gethostbyname_r and related functions performing DNS
++ requests has been fixed. If the NSS functions were called with a
++ misaligned buffer, the buffer length change due to pointer alignment was
++ not taken into account. This could result in application crashes or,
++ potentially arbitrary code execution, using crafted, but syntactically
++ valid DNS responses. (CVE-2015-1781)
++
+* Reverted change of ABI data structures for s390 and s390x:
+ On s390 and s390x the size of struct ucontext and jmp_buf was increased in
+ 2.19. This change is reverted in 2.19.1 and 2.20. The introduced 2.19 symbol
@@ -1221,6 +1249,8 @@
+
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"
+diff --git a/manual/locale.texi b/manual/locale.texi
+index 8bfd653..ee1c3a1 100644
diff --git a/misc/sys/xattr.h b/misc/sys/xattr.h
index 929cd87..796df90 100644
--- a/misc/sys/xattr.h
@@ -1354,6 +1384,40 @@
tst-cond1 tst-cond2 tst-cond3 tst-cond4 tst-cond5 tst-cond6 tst-cond7 \
tst-cond8 tst-cond9 tst-cond10 tst-cond11 tst-cond12 tst-cond13 \
tst-cond14 tst-cond15 tst-cond16 tst-cond17 tst-cond18 tst-cond19 \
+diff --git a/nptl/pthread_mutex_trylock.c b/nptl/pthread_mutex_trylock.c
+index 4d5f75d..1157320 100644
+--- a/nptl/pthread_mutex_trylock.c
++++ b/nptl/pthread_mutex_trylock.c
+@@ -26,8 +26,8 @@
+ #define lll_trylock_elision(a,t) lll_trylock(a)
+ #endif
+
+-#ifndef DO_ELISION
+-#define DO_ELISION(m) 0
++#ifndef FORCE_ELISION
++#define FORCE_ELISION(m, s)
+ #endif
+
+ /* We don't force elision in trylock, because this can lead to inconsistent
+@@ -69,7 +69,7 @@ __pthread_mutex_trylock (mutex)
+ break;
+
+ case PTHREAD_MUTEX_TIMED_ELISION_NP:
+- elision:
++ elision: __attribute__((unused))
+ if (lll_trylock_elision (mutex->__data.__lock,
+ mutex->__data.__elision) != 0)
+ break;
+@@ -77,8 +77,7 @@ __pthread_mutex_trylock (mutex)
+ return 0;
+
+ case PTHREAD_MUTEX_TIMED_NP:
+- if (DO_ELISION (mutex))
+- goto elision;
++ FORCE_ELISION (mutex, goto elision);
+ /*FALL THROUGH*/
+ case PTHREAD_MUTEX_ADAPTIVE_NP:
+ case PTHREAD_MUTEX_ERRORCHECK_NP:
diff --git a/nptl/sysdeps/sparc/sparc32/pthread_spin_lock.S b/nptl/sysdeps/sparc/sparc32/pthread_spin_lock.S
index ea863d7..3accc69 100644
--- a/nptl/sysdeps/sparc/sparc32/pthread_spin_lock.S
@@ -1474,6 +1538,22 @@
+versioned_symbol (libpthread, __v1siglongjmp, siglongjmp, GLIBC_2_0);
+compat_symbol (libpthread, __v2siglongjmp, siglongjmp, GLIBC_2_19);
+#endif /* defined SHARED && SHLIB_COMPAT (libpthread, GLIBC_2_19, GLIBC_2_20)) */
+diff --git a/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h b/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h
+index 945f886..a767cf1 100644
+--- a/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h
++++ b/nptl/sysdeps/unix/sysv/linux/x86/force-elision.h
+@@ -16,11 +16,6 @@
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+-/* Check for elision on this lock without upgrading. */
+-#define DO_ELISION(m) \
+- (__pthread_force_elision \
+- && (m->__data.__kind & PTHREAD_MUTEX_NO_ELISION_NP) == 0) \
+-
+ /* Automatically enable elision for existing user lock kinds. */
+ #define FORCE_ELISION(m, s) \
+ if (__pthread_force_elision \
diff --git a/nptl/tst-spin4.c b/nptl/tst-spin4.c
new file mode 100644
index 0000000..5b23a17
@@ -2138,7 +2218,7 @@
{
/* We need to decode the response. Just one question record.
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
-index f8f192e..f0b4b17 100644
+index f8f192e..f36d28b 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -190,7 +190,7 @@ _nss_dns_gethostbyname3_r (const char *name, int af, struct hostent *result,
@@ -2228,6 +2308,16 @@
}
if (n < 0)
{
+@@ -613,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
+ int have_to_map = 0;
+ uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
+ buffer += pad;
+- if (__builtin_expect (buflen < sizeof (struct host_data) + pad, 0))
++ buflen = buflen > pad ? buflen - pad : 0;
++ if (__builtin_expect (buflen < sizeof (struct host_data), 0))
+ {
+ /* The buffer is too small. */
+ too_small:
diff --git a/resolv/nss_dns/dns-network.c b/resolv/nss_dns/dns-network.c
index 8e80a60..13ad38c 100644
--- a/resolv/nss_dns/dns-network.c
@@ -2613,6 +2703,23 @@
res = do_sin (u, y, db, &cor);
cor = (cor > 0) ? 1.035 * cor + eps : 1.035 * cor - eps;
retval = ((res == res + cor) ? ((m) ? res : -res)
+diff --git a/sysdeps/powerpc/powerpc64/entry.h b/sysdeps/powerpc/powerpc64/entry.h
+index 76ead1d..30553c1 100644
+--- a/sysdeps/powerpc/powerpc64/entry.h
++++ b/sysdeps/powerpc/powerpc64/entry.h
+@@ -23,6 +23,7 @@ extern void _start (void);
+
+ #define ENTRY_POINT _start
+
++#if _CALL_ELF != 2
+ /* We have to provide a special declaration. */
+ #define ENTRY_POINT_DECL(class) class void _start (void);
+
+@@ -33,3 +34,4 @@ extern void _start (void);
+ #define TEXT_START \
+ ({ extern unsigned long int _start_as_data[] asm ("_start"); \
+ _start_as_data[0]; })
++#endif
diff --git a/sysdeps/s390/Makefile b/sysdeps/s390/Makefile
deleted file mode 100644
index 42978dc..0000000
Modified: glibc-package/branches/glibc-branch-jessie/debian/patches/series
===================================================================
--- glibc-package/branches/glibc-branch-jessie/debian/patches/series 2015-08-28 08:24:21 UTC (rev 6490)
+++ glibc-package/branches/glibc-branch-jessie/debian/patches/series 2015-08-28 21:08:41 UTC (rev 6491)
@@ -191,8 +191,6 @@
powerpc/cvs-ibm-branch.diff
powerpc/local-powerpc8xx-dcbz.diff
-ppc64le/cvs-gprof-entry-point.diff
-
s390/submitted-nexttowardf.diff
sh4/local-fpscr_values.diff
@@ -274,4 +272,3 @@
any/cvs-vfprintf.diff
any/cvs-wscanf.diff
any/cvs-ldconfig-aux-cache.diff
-any/cvs-forced-elision.diff
Reply to: