Commit Graph

33361 Commits

Author SHA1 Message Date
Stan Shebs
96509a9dce Work around a ppc clang inlining bug 2021-08-27 17:23:12 -07:00
Stan Shebs
9b6c937b00 Add workaround for segfaults in __longjmp when compiled with ppc clang 2021-08-27 17:23:12 -07:00
Stan Shebs
f9bd60b7c0 Add clang version of find_cxx_header 2021-08-27 17:23:12 -07:00
Stan Shebs
0f93e3333f Change de-nesting fix to use added argument instead of globals 2021-08-27 17:23:12 -07:00
Stan Shebs
21991760c7 Fix regressions in async-safe TLS, add run-time control for debugging, add more comments 2021-08-27 17:23:12 -07:00
Stan Shebs
c0ab16f8cc Fix TLS problems not handled by cherrypick 2021-08-27 17:23:12 -07:00
Brooks Moses
3e9a530aae Revert upstream removal of async-safe TLS patches. 2021-08-27 17:23:11 -07:00
Stan Shebs
74f10c8aad Make pointer in tst-realloc volatile also 2021-08-27 17:23:11 -07:00
Stan Shebs
5884367eb9 Add a GRTE-specific readme. 2021-08-27 17:23:07 -07:00
Stan Shebs
4d4222dd27 Work around a make 3.81 segfault with clang 2021-08-27 16:22:14 -07:00
Florian Weimer
121dc10a6d NEWS: Move security-lated changes before bug list
This matches the practice for previous releases.
2021-08-27 16:22:13 -07:00
Florian Weimer
537386b1c9 Add references to CVE-2018-11236, CVE-2017-18269 2021-08-27 16:22:13 -07:00
H.J. Lu
3eb848f535 Add a test case for [BZ #23196]
[BZ #23196]
	* string/test-memcpy.c (do_test1): New function.
	(test_main): Call it.

(cherry picked from commit ed983107bb)
2021-08-27 16:22:13 -07:00
Andreas Schwab
c4fde9669a Don't write beyond destination in __mempcpy_avx512_no_vzeroupper (bug 23196)
When compiled as mempcpy, the return value is the end of the destination
buffer, thus it cannot be used to refer to the start of it.

(cherry picked from commit 9aaaab7c6e)
2021-08-27 16:22:13 -07:00
Florian Weimer
da768de04f sunrpc: Remove stray exports without --enable-obsolete-rpc [BZ #23166]
This is needed to avoid a warning when linking against libtirpc:

/lib64/libc.so.6: warning: common of `rpc_createerr@@TIRPC_0.3.0' overridden by definition
/usr/lib64/libtirpc.so: warning: defined here

This ld warning is not enabled by default; -Wl,--warn-common enables it.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>

(cherry picked from commit 89aacb513e)
2021-08-27 16:22:13 -07:00
Rafal Luzynski
0c65d0085d gd_GB: Fix typo in abbreviated "May" (bug 23152).
[BZ #23152]
	* localedata/locales/gd_GB (abmon): Fix typo in May:
	"Mhàrt" -> "Cèit".  Adjust the comment according to the change.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit bb066cb806)
2021-08-27 16:22:12 -07:00
Dmitry V. Levin
dd5ed1e875 NEWS: add entries for bugs 17343, 20419, 22644, 22786, 22884, 22947, 23005, 23037, 23069, 23137 2021-08-27 16:22:12 -07:00
Paul Pluzhnikov
1073cbb0ba Fix path length overflow in realpath [BZ #22786]
Integer addition overflow may cause stack buffer overflow
when realpath() input length is close to SSIZE_MAX.

2018-05-09  Paul Pluzhnikov  <ppluzhnikov@google.com>

	[BZ #22786]
	* stdlib/canonicalize.c (__realpath): Fix overflow in path length
	computation.
	* stdlib/Makefile (test-bz22786): New test.
	* stdlib/test-bz22786.c: New test.

(cherry picked from commit 5460617d15)
2021-08-27 16:22:12 -07:00
Paul Pluzhnikov
c13e59843a Fix stack overflow with huge PT_NOTE segment [BZ #20419]
A PT_NOTE in a binary could be arbitratily large, so using alloca
for it may cause stack overflow.  If the note is larger than
__MAX_ALLOCA_CUTOFF, use dynamically allocated memory to read it in.

2018-05-05  Paul Pluzhnikov  <ppluzhnikov@google.com>

	[BZ #20419]
	* elf/dl-load.c (open_verify): Fix stack overflow.
	* elf/Makefile (tst-big-note): New test.
	* elf/tst-big-note-lib.S: New.
	* elf/tst-big-note.c: New.

(cherry picked from commit 0065aaaaae)
2021-08-27 16:22:12 -07:00
Stefan Liebler
b3356fb4a1 Fix blocking pthread_join. [BZ #23137]
On s390 (31bit) if glibc is build with -Os, pthread_join sometimes
blocks indefinitely. This is e.g. observable with
testcase intl/tst-gettext6.

pthread_join is calling lll_wait_tid(tid), which performs the futex-wait
syscall in a loop as long as tid != 0 (thread is alive).

On s390 (and build with -Os), tid is loaded from memory before
comparing against zero and then the tid is loaded a second time
in order to pass it to the futex-wait-syscall.
If the thread exits in between, then the futex-wait-syscall is
called with the value zero and it waits until a futex-wake occurs.
As the thread is already exited, there won't be a futex-wake.

In lll_wait_tid, the tid is stored to the local variable __tid,
which is then used as argument for the futex-wait-syscall.
But unfortunately the compiler is allowed to reload the value
from memory.

With this patch, the tid is loaded with atomic_load_acquire.
Then the compiler is not allowed to reload the value for __tid from memory.

ChangeLog:

	[BZ #23137]
	* sysdeps/nptl/lowlevellock.h (lll_wait_tid):
	Use atomic_load_acquire to load __tid.

(cherry picked from commit 1660901840)
2021-08-27 16:22:12 -07:00
Joseph Myers
1ab675ca63 Add PTRACE_SECCOMP_GET_METADATA from Linux 4.16 to sys/ptrace.h.
This patch adds the PTRACE_SECCOMP_GET_METADATA constant from Linux
4.16 to all relevant sys/ptrace.h files.  A type struct
__ptrace_seccomp_metadata, analogous to other such types, is also
added.

Tested for x86_64, and with build-many-glibcs.py.

	* sysdeps/unix/sysv/linux/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): New enum value and macro.
	* sysdeps/unix/sysv/linux/bits/ptrace-shared.h
	(struct __ptrace_seccomp_metadata): New type.
	* sysdeps/unix/sysv/linux/aarch64/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/arm/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/ia64/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/powerpc/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/s390/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/sparc/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/tile/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.
	* sysdeps/unix/sysv/linux/x86/sys/ptrace.h
	(PTRACE_SECCOMP_GET_METADATA): Likewise.

(cherry picked from commit 9320ca88a1)
2021-08-27 16:22:11 -07:00
Florian Weimer
43092e2ec2 resolv: Fully initialize struct mmsghdr in send_dg [BZ #23037]
(cherry picked from commit 583a27d525)
2021-08-27 16:22:11 -07:00
Florian Weimer
adb65ebdcd manual: Various fixes to the mbstouwcs example, and mbrtowc update
The example did not work because the null byte was not converted, and
mbrtowc was called with a zero-length input string.  This results in a
(size_t) -2 return value, so the function always returns NULL.

The size computation for the heap allocation of the result was
incorrect because it did not deal with integer overflow.

Error checking was missing, and the allocated memory was not freed on
error paths.  All error returns now set errno.  (Note that there is an
assumption that free does not clobber errno.)

The slightly unportable comparision against (size_t) -2 to catch both
(size_t) -1 and (size_t) -2 return values is gone as well.

A null wide character needs to be stored in the result explicitly, to
terminate it.

The description in the manual is updated to deal with these finer
points.  The (size_t) -2 behavior (consuming the input bytes) matches
what is specified in ISO C11.

(cherry picked from commit cf138b0c83)
(cherry picked from commit 690c3475f1)
2021-08-27 16:22:11 -07:00
Florian Weimer
d6df404c01 manual: Move mbstouwcs to an example C file
(cherry picked from commit 0f33925269)
2021-08-27 16:22:10 -07:00
H.J. Lu
c01dc8b1ff Update RWF_SUPPORTED for Linux kernel 4.16 [BZ #22947]
Add RWF_APPEND to RWF_SUPPORTED to support Linux kernel 4.16.

	[BZ #22947]
	* bits/uio-ext.h (RWF_APPEND): New.
	* sysdeps/unix/sysv/linux/bits/uio-ext.h (RWF_APPEND): Likewise.
	* manual/llio.texi: Document RWF_APPEND.
	* misc/tst-preadvwritev2-common.c (RWF_APPEND): New.
	(RWF_SUPPORTED): Add RWF_APPEND.

(cherry picked from commit f2652643d7)
2021-08-27 16:22:10 -07:00
Jesse Hathaway
dadc309087 getlogin_r: return early when linux sentinel value is set
When there is no login uid Linux sets /proc/self/loginid to the sentinel
value of, (uid_t) -1. If this is set we can return early and avoid
needlessly looking up the sentinel value in any configured nss
databases.

Checked on aarch64-linux-gnu.

	* sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid): Return
	early when linux sentinel value is set.

Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
(cherry picked from commit cc8a1620eb)
2021-08-27 16:22:10 -07:00
Andreas Schwab
da41ab8923 Fix crash in resolver on memory allocation failure (bug 23005)
(cherry picked from commit f178e59fa5)
2021-08-27 16:22:09 -07:00
Joseph Myers
803f0773fb Fix signed integer overflow in random_r (bug 17343).
Bug 17343 reports that stdlib/random_r.c has code with undefined
behavior because of signed integer overflow on int32_t.  This patch
changes the code so that the possibly overflowing computations use
unsigned arithmetic instead.

Note that the bug report refers to "Most code" in that file.  The
places changed in this patch are the only ones I found where I think
such overflow can occur.

Tested for x86_64 and x86.

	[BZ #17343]
	* stdlib/random_r.c (__random_r): Use unsigned arithmetic for
	possibly overflowing computations.

(cherry picked from commit 8a07b0c43c)
2021-08-27 16:22:09 -07:00
Aurelien Jarno
d0a2b24eb9 Add tst-sigaction.c to test BZ #23069
This simple test uses sigaction to define a signal handler. It then
uses sigaction again to fetch the information about the same signal
handler, and check that they are consistent. This is enough to detect
mismatches between struct kernel_sigaction and the kernel version of
struct sigaction, like in BZ #23069.

Changelog:
       * signal/tst-sigaction.c: New file to test BZ #23069.
       * signal/Makefile (tests): Fix indentation. Add tst-sigaction.

(cherry picked from commit 7a6f747871)
2021-08-27 16:22:09 -07:00
Aurelien Jarno
b88e5137e6 RISC-V: fix struct kernel_sigaction to match the kernel version [BZ #23069]
The RISC-V kernel doesn't define SA_RESTORER, hence the kernel version
of struct sigaction doesn't have the sa_restorer field. The default
kernel_sigaction.h therefore can't be used.

This patch adds a RISC-V specific version of kernel_sigaction.h to fix
the issue. This fixes for example the libnih testsuite.

Note that this patch is not needed in master as the bug has been fixed
by commit b4a5d26d88 ("linux: Consolidate sigaction implementation").
2021-08-27 16:22:08 -07:00
Florian Weimer
80153017d1 Linux i386: tst-bz21269 triggers SIGBUS on some kernels
In addition to SIGSEGV and SIGILL, SIGBUS is also a possible signal
generated by the kernel.

(cherry picked from commit 4d76d3e59d)
2021-08-27 16:22:08 -07:00
Andrew Senkevich
ee056103a0 Fix i386 memmove issue (bug 22644).
[BZ #22644]
	* sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S: Fixed
	branch conditions.
	* string/test-memmove.c (do_test2): New testcase.

(cherry picked from commit cd66c0e584)
2021-08-27 16:22:08 -07:00
DJ Delorie
35abf882dd Update ChangeLog for BZ 22884 - riscv fmax/fmin
(cherry picked from commit 7e04eb2932)
2021-08-27 16:22:08 -07:00
Andrew Waterman
012483cf93 RISC-V: fmax/fmin: Handle signalling NaNs correctly.
RISC-V's fmax(sNAN,4) returns 4 but glibc expects it to return qNAN.

	* sysdeps/riscv/rvd/s_fmax.c (__fmax): Handle sNaNs correctly.
	* sysdeps/riscv/rvd/s_fmin.c (__fmin): Likewise.
	* sysdeps/riscv/rvf/s_fmaxf.c (__fmaxf): Likewise.
	* sysdeps/riscv/rvf/s_fminf.c (__fminf): Likewise.

(cherry picked from commit fdcc625376)
2021-08-27 16:22:07 -07:00
DJ Delorie
ab9c196492 RISC-V: Do not initialize $gp in TLS macros.
RISC-V TLS doesn't require GP to be initialized, and doing so breaks
TLS in a shared object.

(cherry picked from commit 8090720a87)
2021-08-27 16:22:07 -07:00
Rafal Luzynski
c1b247e3c4 NEWS: Add entries for bugs: 22848, 22932, 22937, 22963.
Alternative (nominative/genitive) month names have been added to the
Catalan and Czech locale data and the abbreviated alternative names to
Catalan and Greek.

(cherry picked from commit c553cd6f7e)
2021-08-27 16:22:07 -07:00
Rafal Luzynski
88b3498548 cs_CZ locale: Add alternative month names (bug 22963).
Add alternative month names, primary month names are genitive now.

	[BZ #22963]
	* localedata/locales/cs_CZ (mon): Rename to...
	(alt_mon): This.
	(mon): Import from CLDR (genitive case).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 807fee29d2)
2021-08-27 16:22:06 -07:00
Rafal Luzynski
07f3103a27 Greek (el_CY, el_GR) locales: Introduce ab_alt_mon (bug 22937).
As spotted by GNOME translation team, Greek language has the actually
visible difference between the abbreviated nominative and the abbreviated
genitive case for some month names.  Examples:

and more month names with similar differences.

Original discussion: https://bugzilla.gnome.org/show_bug.cgi?id=793645#c21

	[BZ #22937]
	* localedata/locales/el_CY (abmon): Rename to...
	(ab_alt_mon): This.
	(abmon): Import from CLDR (abbreviated genitive case).
	* localedata/locales/el_GR (abmon): Rename to...
	(ab_alt_mon): This.
	(abmon): Import from CLDR (abbreviated genitive case).

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit e7155a28ef)
2021-08-27 16:21:40 -07:00
Rafal Luzynski
2506b2401d lt_LT locale: Update abbreviated month names (bug 22932).
A GNOME translator asked to use the same abbreviated month names
as provided by CLDR.  This sounds reasonable.  See the discussion:
https://bugzilla.gnome.org/show_bug.cgi?id=793645#c27

	[BZ #22932]
	* localedata/locales/lt_LT (abmon): Synchronize with CLDR.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 71d7b12168)
2018-03-08 00:38:18 +01:00
Robert Buj
a53136e6d8 ca_ES locale: Update LC_TIME (bug 22848).
Add/fix alternative month names, long & short formats, am_pm,
abday settings, and improve indentation for Catalan.

	[BZ #22848]
	* localedata/locales/ca_ES (abmon): Rename to...
	(ab_alt_mon): This, then synchronize with CLDR (nominative case).
	(mon): Rename to...
	(alt_mon): This.
	(abmon): Import from CLDR (genitive case, month names preceded by
	"de" or "d'").
	(mon): Likewise.
	(abday): Synchronize with CLDR.
	(d_t_fmt): Likewise.
	(d_fmt): Likewise.
	(am_pm): Likewise.

	(LC_TIME): Improve indentation.
	(LC_TELEPHONE): Likewise.
	(LC_NAME): Likewise.
	(LC_ADDRESS): Likewise.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit a00bffe8b5)
2018-03-06 22:51:29 +01:00
Dmitry V. Levin
f6f3e83ea2 Update translations from the Translation Project
* po/pt_BR.po: Update translations.

(cherry picked from commit 778f197486)
2018-03-12 13:24:46 +00:00
Adhemerval Zanella
83d6db8187 i386: Fix i386 sigaction sa_restorer initialization (BZ#21269)
This patch fixes the i386 sa_restorer field initialization for sigaction
syscall for kernel with vDSO.  As described in bug report, i386 Linux
(and compat on x86_64) interprets SA_RESTORER clear with nonzero
sa_restorer as a request for stack switching if the SS segment is 'funny'.
This means that anything that tries to mix glibc's signal handling with
segmentation (for instance through modify_ldt syscall) is randomly broken
depending on what values lands in sa_restorer.

The testcase added  is based on Linux test tools/testing/selftests/x86/ldt_gdt.c,
more specifically in do_multicpu_tests function.  The main changes are:

  - C11 atomics instead of plain access.

  - Remove x86_64 support which simplifies the syscall handling and fallbacks.

  - Replicate only the test required to trigger the issue.

Checked on i686-linux-gnu.

	[BZ #21269]
	* sysdeps/unix/sysv/linux/i386/Makefile (tests): Add tst-bz21269.
	* sysdeps/unix/sysv/linux/i386/sigaction.c (SET_SA_RESTORER): Clear
	sa_restorer for vDSO case.
	* sysdeps/unix/sysv/linux/i386/tst-bz21269.c: New file.

(cherry picked from commit 68448be208)
2017-11-17 16:04:29 -02:00
Andreas Schwab
bc7cdeb7f0 Fix multiple definitions of __nss_*_database (bug 22918)
(cherry picked from commit eaf6753f8a)
2018-03-02 23:07:14 +01:00
DJ Delorie
9a21941968 [BZ #22342] Fix netgroup cache keys.
Unlike other nscd caches, the netgroup cache contains two types of
records - those for "iterate through a netgroup" (i.e. setnetgrent())
and those for "is this user in this netgroup" (i.e. innetgr()),
i.e. full and partial records.  The timeout code assumes these records
have the same key for the group name, so that the collection of records
that is "this netgroup" can be expired as a unit.

However, the keys are not the same, as the in-netgroup key is generated
by nscd rather than being passed to it from elsewhere, and is generated
without the trailing NUL.  All other keys have the trailing NUL, and as
noted in the linked BZ, debug statements confirm that two keys for the
same netgroup are added to the cache with two different lengths.

The result of this is that as records in the cache expire, the purge
code only cleans out one of the two types of entries, resulting in
stale, possibly incorrect, and possibly inconsistent cache data.

The patch simply includes the existing NUL in the computation for the
key length ('key' points to the char after the NUL, and 'group' to the
first char of the group, so 'key-group' includes the first char to the
NUL, inclusive).

	[BZ #22342]
	* nscd/netgroupcache.c (addinnetgrX): Include trailing NUL in
	key value.

Reviewed-by: Carlos O'Donell <carlos@redhat.com>
(cherry picked from commit 1c81d55fc4)
2018-03-01 23:20:45 -05:00
Dmitry V. Levin
fbac9a26b2 linux/powerpc: sync sys/ptrace.h with Linux 4.15 [BZ #22433, #22807]
Tested with strace.

* sysdeps/unix/sysv/linux/powerpc/sys/ptrace.h (__ptrace_request): Add
PTRACE_GETREGS, PTRACE_SETREGS, PTRACE_GETFPREGS, PTRACE_SETFPREGS,
PTRACE_GETVRREGS, PTRACE_SETVRREGS, PTRACE_GETEVRREGS,
PTRACE_SETEVRREGS, PTRACE_GETREGS64, PTRACE_SETREGS64,
PTRACE_GET_DEBUGREG, PTRACE_SET_DEBUGREG, PTRACE_GETVSRREGS,
PTRACE_SETVSRREGS, and PTRACE_SINGLEBLOCK.

(cherry picked from commit f5f473a9d0)
2018-02-10 23:19:32 +00:00
Tulio Magno Quites Machado Filho
3d67bc8070 powerpc: Undefine Linux ptrace macros that conflict with __ptrace_request
Linux ptrace headers define macros whose tokens conflict with the
constants of enum __ptrace_request causing build errors when
asm/ptrace.h or linux/ptrace.h are included before sys/ptrace.h.

	* sysdeps/unix/sysv/linux/powerpc/sys/ptrace.h: Undefine Linux
	macros used in __ptrace_request.

Signed-off-by: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
(cherry picked from commit 398c6fddaf)
2018-02-26 10:40:17 -03:00
Mike FABIAN
3e6bbf417e Add missing "reorder-end" in LC_COLLATE of et_EE [BZ #22517]
[BZ #22517]
	* localedata/locales/et_EE (LC_COLLATE): add missing "reorder-end"

(cherry picked from commit 7ec5f9465e)
2018-02-19 21:59:30 +01:00
Rical Jasan
e157ee6889 Fix a typo in a comment.
* io/fcntl.h: Fix a typo in a comment.

(cherry picked from commit 0d217f4082)
2018-02-21 04:00:03 -08:00
Rical Jasan
064c0ff384 manual: Update the _ISOC99_SOURCE description.
The current description refers to ISO C99 not being widely adopted,
which it is believed to be now.

	* manual/creature.texi (_ISOC99_SOURCE): Update the dated
	description.

(cherry picked from commit e8d190b9ed)
2018-02-19 04:32:35 -08:00
Rical Jasan
438b279674 manual: Document missing feature test macros.
Several feature test macros are documented in features.h but absent in
the manual, and some documented macros accept undocumented values.
This commit updates the manual to mention all the accepted macros,
along with any values that hold special meaning.

	* manual/creature.texi (_POSIX_C_SOURCE): Document special
	values of 199606L, 200112L, and 200809L.
	(_XOPEN_SOURCE): Document special values of 600 and 700.
	(_ISOC11_SOURCE): Document macro.
	(_ATFILE_SOURCE): Likewise.
	(_FORTIFY_SOURCE): Likewise.

(cherry picked from commit 6a3962c4a4)
(cherry picked from commit da81ae645d)
2018-02-19 03:30:06 -08:00