aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2024-05-06Add crt1-2.0.o for glibc 2.0 compatibility testsH.J. Lu7-1/+102
Starting from glibc 2.1, crt1.o contains _IO_stdin_used which is checked by _IO_check_libio to provide binary compatibility for glibc 2.0. Add crt1-2.0.o for tests against glibc 2.0. Define tests-2.0 for glibc 2.0 compatibility tests. Add and update glibc 2.0 compatibility tests for stderr, matherr and pthread_kill. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-05-06powerpc: Optimized strncmp for power10Amrita H S5-1/+304
This patch is based on __strcmp_power10. Improvements from __strncmp_power9: 1. Uses new POWER10 instructions - This code uses lxvp to decrease contention on load by loading 32 bytes per instruction. 2. Performance implication - This version has around 38% better performance on average. - Minor performance regression is seen for few small sizes and specific combination of alignments. Signed-off-by: Amrita H S <amritahs@linux.ibm.com> Reviewed-by: Peter Bergner <bergner@linux.ibm.com>
2024-05-03build-many-glibcs.py: Add openrisc hard float glibc variantStafford Horne1-2/+3
This adds the OpenRISC hard float glibc variant to the build many script. We update the compiler for glibc to support hard-float multilibs to allow us to use a single generic compiler for all glibc variants, this requires updating the compiler name. Tested and all builds are passing. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-05-03or1k: Add hard float supportStafford Horne32-218/+1425
This patch adds hardware floating point support to OpenRISC. Hardware floating point toolchain builds are enabled by passing the machine specific argument -mhard-float to gcc via CFLAGS. With this enabled GCC generates floating point instructions for single-precision operations and exports __or1k_hard_float__. There are 2 main parts to this patch. - Implement fenv functions to update the FPCSR flags keeping it in sync with sfp (software floating point). - Update machine context functions to store and restore the FPCSR state. *On mcontext_t ABI* This patch adds __fpcsr to mcontext_t. This is an ABI change, but also an ABI fix. The Linux kernel has always defined padding in mcontext_t that space was missing from the glibc ABI. In Linux this unused space has now been re-purposed for storing the FPCSR. This patch brings OpenRISC glibc in line with the Linux kernel and other libc implementation (musl). Compatibility getcontext, setcontext, etc symbols have been added to allow for binaries expecting the old ABI to continue to work. *Hard float ABI* The calling conventions and types do not change with OpenRISC hard-float so glibc hard-float builds continue to use dynamic linker /lib/ld-linux-or1k.so.1. *Testing* I have tested this patch both with hard-float and soft-float builds and the test results look fine to me. Results are as follows: Hard Float # failures FAIL: elf/tst-sprof-basic (Haven't figured out yet, not related to hard-float) FAIL: gmon/tst-gmon-pie (PIE bug in or1k toolchain) FAIL: gmon/tst-gmon-pie-gprof (PIE bug in or1k toolchain) FAIL: iconvdata/iconv-test (timeout, passed when run manually) FAIL: nptl/tst-cond24 (Timeout) FAIL: nptl/tst-mutex10 (Timeout) # summary 6 FAIL 4289 PASS 86 UNSUPPORTED 16 XFAIL 2 XPASS # versions Toolchain: or1k-smhfpu-linux-gnu Compiler: gcc version 14.0.1 20240324 (experimental) [master r14-9649-gbb04a11418f] (GCC) Binutils: GNU assembler version 2.42.0 (or1k-smhfpu-linux-gnu) using BFD version (GNU Binutils) 2.42.0.20240324 Linux: Linux buildroot 6.9.0-rc1-00008-g4dc70e1aadfa #112 SMP Sat Apr 27 06:43:11 BST 2024 openrisc GNU/Linux Tester: shorne Glibc: 2024-04-25 b62928f907 Florian Weimer x86: In ld.so, diagnose missing APX support in APX-only builds (origin/master, origin/HEAD) Soft Float # failures FAIL: elf/tst-sprof-basic FAIL: gmon/tst-gmon-pie FAIL: gmon/tst-gmon-pie-gprof FAIL: nptl/tst-cond24 FAIL: nptl/tst-mutex10 # summary 5 FAIL 4295 PASS 81 UNSUPPORTED 16 XFAIL 2 XPASS # versions Toolchain: or1k-smh-linux-gnu Compiler: gcc version 14.0.1 20240324 (experimental) [master r14-9649-gbb04a11418f] (GCC) Binutils: GNU assembler version 2.42.0 (or1k-smh-linux-gnu) using BFD version (GNU Binutils) 2.42.0.20240324 Linux: Linux buildroot 6.9.0-rc1-00008-g4dc70e1aadfa #112 SMP Sat Apr 27 06:43:11 BST 2024 openrisc GNU/Linux Tester: shorne Glibc: 2024-04-25 b62928f907 Florian Weimer x86: In ld.so, diagnose missing APX support in APX-only builds (origin/master, origin/HEAD) Documentation: https://raw.githubusercontent.com/openrisc/doc/master/openrisc-arch-1.4-rev0.pdf Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-05-03or1k: Add hard float libm-test-ulpsStafford Horne5-1/+1117
This patch adds the ulps test file to prepare for the upcoming hard float patch. This is separated out to make the hard float patch smaller. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-05-02nscd: Use time_t for return type of addgetnetgrentXFlorian Weimer1-2/+2
Using int may give false results for future dates (timeouts after the year 2028). Fixes commit 04a21e050d64a1193a6daab872bca2528bda44b ("CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)"). Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-05-02Add a test to check for duplicate definitions in the static libraryGabi Falk1-0/+7
This change follows two previous fixes addressing multiple definitions of __memcpy_chk and __mempcpy_chk functions on i586, and __memmove_chk and __memset_chk functions on i686. The test is intended to prevent such issues from occurring in the future. Signed-off-by: Gabi Falk <gabifalk@gmx.com> Reviewed-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Dmitry V. Levin <ldv@altlinux.org>
2024-05-02i686: Fix multiple definitions of __memmove_chk and __memset_chkGabi Falk2-2/+2
Commit c73c96a4a1af1326df7f96eec58209e1e04066d8 updated memcpy.S and mempcpy.S, but omitted memmove.S and memset.S. As a result, the static library built as PIC, whether with or without multiarch support, contains two definitions for each of the __memmove_chk and __memset_chk symbols. /usr/lib/gcc/i686-pc-linux-gnu/14/../../../../i686-pc-linux-gnu/bin/ld: /usr/lib/gcc/i686-pc-linux-gnu/14/../../../../lib/libc.a(memset-ia32.o): in function `__memset_chk': /var/tmp/portage/sys-libs/glibc-2.39-r3/work/glibc-2.39/string/../sysdeps/i386/i686/memset.S:32: multiple definition of `__memset_chk'; /usr/lib/gcc/i686-pc-linux-gnu/14/../../../../lib/libc.a(memset_chk.o):/var/tmp/portage/sys-libs/glibc-2.39-r3/work/glibc-2.39/debug/../sysdeps/i386/i686/multiarch/memset_chk.c:24: first defined here After this change, regardless of PIC options, the static library, built for i686 with multiarch contains implementations of these functions respectively from debug/memmove_chk.c and debug/memset_chk.c, and without multiarch contains implementations of these functions respectively from sysdeps/i386/memmove_chk.S and sysdeps/i386/memset_chk.S. This ensures that memmove and memset won't pull in __chk_fail and the routines it calls. Reported-by: Sam James <sam@gentoo.org> Tested-by: Sam James <sam@gentoo.org> Fixes: c73c96a4a1 ("i686: Fix build with --disable-multiarch") Signed-off-by: Gabi Falk <gabifalk@gmx.com> Reviewed-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Dmitry V. Levin <ldv@altlinux.org>
2024-05-02i586: Fix multiple definitions of __memcpy_chk and __mempcpy_chkGabi Falk1-1/+1
/home/bmg/install/compilers/x86_64-linux-gnu/lib/gcc/x86_64-glibc-linux-gnu/13.2.1/../../../../x86_64-glibc-linux-gnu/bin/ld: /home/bmg/build/glibcs/i586-linux-gnu/glibc/libc.a(memcpy_chk.o): in function `__memcpy_chk': /home/bmg/src/glibc/debug/../sysdeps/i386/memcpy_chk.S:29: multiple definition of `__memcpy_chk';/home/bmg/build/glibcs/i586-linux-gnu/glibc/libc.a(memcpy.o):/home/bmg/src/glibc/string/../sysdeps/i386/i586/memcpy.S:31: first defined here /home/bmg/install/compilers/x86_64-linux-gnu/lib/gcc/x86_64-glibc-linux-gnu/13.2.1/../../../../x86_64-glibc-linux-gnu/bin/ld: /home/bmg/build/glibcs/i586-linux-gnu/glibc/libc.a(mempcpy_chk.o): in function `__mempcpy_chk': /home/bmg/src/glibc/debug/../sysdeps/i386/mempcpy_chk.S:28: multiple definition of `__mempcpy_chk'; /home/bmg/build/glibcs/i586-linux-gnu/glibc/libc.a(mempcpy.o):/home/bmg/src/glibc/string/../sysdeps/i386/i586/memcpy.S:31: first defined here After this change, the static library built for i586, regardless of PIC options, contains implementations of these functions respectively from sysdeps/i386/memcpy_chk.S and sysdeps/i386/mempcpy_chk.S. This ensures that memcpy and mempcpy won't pull in __chk_fail and the routines it calls. Reported-by: Florian Weimer <fweimer@redhat.com> Signed-off-by: Gabi Falk <gabifalk@gmx.com> Reviewed-by: H.J. Lu <hjl.tools@gmail.com> Reviewed-by: Dmitry V. Levin <ldv@altlinux.org>
2024-05-02nscd: Typo inside comment in netgroup cacheFlorian Weimer1-1/+1
Reported-by: Jonathan Wakely <jwakely@redhat.com>
2024-05-01time: Allow later version licensing.Carlos O'Donell4-4/+4
The FSF's Licensing and Compliance Lab noted a discrepancy in the licensing of several files in the glibc package. When timespect_get.c was impelemented the license did not include the standard ", or (at your option) any later version." text. Change the license in timespec_get.c and all copied files to match the expected license. This change was previously approved in principle by the FSF in RT ticket #1316403. And a similar instance was fixed in commit 46703efa02f6ddebce5ee54c92f7c32598de0de6.
2024-04-30hurd: Stop mapping AT_NO_AUTOMOUNT to O_NOTRANSSergey Bugaev1-2/+0
While AT_NO_AUTOMOUNT is similar in function to the Hurd's O_NOTRANS, there are significant enough differences in semantics: 1. AT_NO_AUTOMOUNT has no effect on already established mounts, whereas O_NOTRANS causes the lookup to ignore both passive and active translators. A better approximation of the AT_NO_AUTOMOUNT behavior would be to honor active translators, but avoid starting passive ones; like what the file_name_lookup_carefully () routine from sutils/clookup.c in the Hurd source tree does. 2. On GNU/Hurd, translators are used much more pervasively than mounts on "traditional" Unix systems: among other things, translators underlie features like symlinks, device nodes, and sockets. And while on a "traditional" Unix system, the mountpoint and the root of the mounted tree may look similar enough for many purposes (they're both directories, for one thing), the Hurd allows for any combination of the two node types, and indeed it is common to have e.g. a device node "mounted" on top of a regular file node on the underlying filesystem. Ignoring the translator and stat'ing the underlying node is therefore likely to return very different results from what you'd get if you stat the translator's root node. In practice, mapping AT_NO_AUTOMOUNT to O_NOTRANS was breaking GNU Coreutils, including stat(1) and ls(1): $ stat /dev/hd0s1 File: /dev/hd0s1 Size: 0 Blocks: 8 IO Block: 8192 regular empty file Device: 0,8 Inode: 32866 Links: 1 This was also breaking GNOME's glib, where a g_local_file_stat () call that is supposed to stat () a file through a symlink uses AT_NO_AUTOMOUNT, which gets mapped to O_NOTRANS, which then causes the stat () call to stat symlink itself like lstat () would, rather then the file it points to, which is what the logic expects to happen. This reverts most of 13710e7e6af6c8965cc9a63a0660cb4ce1966557 "hurd: Add support for AT_NO_AUTOMOUNT". Signed-off-by: Sergey Bugaev <bugaevc@gmail.com>
2024-04-30libio: Sort test variables in MakefileH.J. Lu1-20/+84
Sort test variables in libio/Makefile using scripts/sort-makefile-lines.py. Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
2024-04-30AArch64: Remove unused defines of CPU namesWilco Dijkstra1-7/+0
Remove unused defines of CPU names in cpu-features.h. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-30Make sure INSTALL is ASCII plaintext againMark Wielaard2-248/+248
This reverts commit 84e93afc7 ("Switch to UTF-8 for INSTALL") and reinstates commit c14f2e4aa ("Make sure INSTALL is ASCII plaintext") and regenerates INSTALL. It turns out that different versions of makeinfo (texinfo/texi2any), at least versions 7.0.3 and 7.1, put unicode quote glyphs in different places (specifically whether contractions like you'd, don't, aren't or you'll use ’ or '). This breaks the make dist target as used for (snapshot) releases, which have a check on the regenerated INSTALL file. Using --disable-encoding generates the same plaintext ASCII on all versions. An alternative would be to regenerate INSTALL with texinfo 7.1 and require at least that version. But that seems too soon while various distros don't have 7.1 yet. We can try again to use UTF-8 for INSTALL in a couple of years. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-04-25x86: In ld.so, diagnose missing APX support in APX-only buildsFlorian Weimer1-0/+5
At this point, this is mainly a tool for testing the early ld.so CPU compatibility diagnostics: GCC uses the new instructions in most functions, so it's easy to spot if some of the early code is not built correctly. Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-04-25elf: Also compile dl-misc.os with $(rtld-early-cflags)H.J. Lu1-0/+1
Also compile dl-misc.os with $(rtld-early-cflags) to avoid Program received signal SIGILL, Illegal instruction. 0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2", endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156 156 bool positive = true; (gdb) bt #0 0x00007ffff7fd36ea in _dl_strtoul (nptr=nptr@entry=0x7fffffffe2c9 "2", endptr=endptr@entry=0x7fffffffd728) at dl-misc.c:156 #1 0x00007ffff7fdb1a9 in tunable_initialize ( cur=cur@entry=0x7ffff7ffbc00 <tunable_list+2176>, strval=strval@entry=0x7fffffffe2c9 "2", len=len@entry=1) at dl-tunables.c:131 #2 0x00007ffff7fdb3a2 in parse_tunables (valstring=<optimized out>) at dl-tunables.c:258 #3 0x00007ffff7fdb5d9 in __GI___tunables_init (envp=0x7fffffffdd58) at dl-tunables.c:288 #4 0x00007ffff7fe44c3 in _dl_sysdep_start ( start_argptr=start_argptr@entry=0x7fffffffdcb0, dl_main=dl_main@entry=0x7ffff7fe5f80 <dl_main>) at ../sysdeps/unix/sysv/linux/dl-sysdep.c:110 #5 0x00007ffff7fe5cae in _dl_start_final (arg=0x7fffffffdcb0) at rtld.c:494 #6 _dl_start (arg=0x7fffffffdcb0) at rtld.c:581 #7 0x00007ffff7fe4b38 in _start () (gdb) when setting GLIBC_TUNABLES in glibc compiled with APX. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-04-25CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in ↵Florian Weimer1-98/+121
addgetnetgrentX (bug 31680) This avoids potential memory corruption when the underlying NSS callback function does not use the buffer space to store all strings (e.g., for constant strings). Instead of custom buffer management, two scratch buffers are used. This increases stack usage somewhat. Scratch buffer allocation failure is handled by return -1 (an invalid timeout value) instead of terminating the process. This fixes bug 31679. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-04-25CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response ↵Florian Weimer1-4/+7
(bug 31678) The addgetnetgrentX call in addinnetgrX may have failed to produce a result, so the result variable in addinnetgrX can be NULL. Use db->negtimeout as the fallback value if there is no result data; the timeout is also overwritten below. Also avoid sending a second not-found response. (The client disconnects after receiving the first response, so the data stream did not go out of sync even without this fix.) It is still beneficial to add the negative response to the mapping, so that the client can get it from there in the future, instead of going through the socket. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-04-25CVE-2024-33600: nscd: Do not send missing not-found response in ↵Florian Weimer1-8/+6
addgetnetgrentX (bug 31678) If we failed to add a not-found response to the cache, the dataset point can be null, resulting in a null pointer dereference. Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-04-25CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)Florian Weimer1-2/+3
Using alloca matches what other caches do. The request length is bounded by MAXKEYLEN. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-04-25i386: ulp update for SSE2 --disable-multi-arch configurationsFlorian Weimer1-0/+1
2024-04-25GLIBC-SA-2024-0004: add commit for 2.31 branchAurelien Jarno1-0/+1
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
2024-04-24benchtests: Add difficult strstr needle for bruteforce algorithmsWilco Dijkstra1-0/+27
Add another difficult needle to strstr that clearly shows the quadratic complexity of bruteforce algorithms. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-24x86: Define MINIMUM_X86_ISA_LEVEL in config.h [BZ #31676]H.J. Lu4-1/+18
Define MINIMUM_X86_ISA_LEVEL at configure time to avoid /usr/bin/ld: …/build/elf/librtld.os: in function `init_cpu_features': …/git/elf/../sysdeps/x86/cpu-features.c:1202: undefined reference to `_dl_runtime_resolve_fxsave' /usr/bin/ld: …/build/elf/librtld.os: relocation R_X86_64_PC32 against undefined hidden symbol `_dl_runtime_resolve_fxsave' can not be used when making a shared object /usr/bin/ld: final link failed: bad value collect2: error: ld returned 1 exit status when glibc is built with -march=x86-64-v3 and configured with --with-rtld-early-cflags=-march=x86-64, which is used to allow ld.so to print an error message on unsupported CPUs: Fatal glibc error: CPU does not support x86-64-v3 This fixes BZ #31676. Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>
2024-04-24LoongArch: Add glibc.cpu.hwcap support.caiyinyu13-9/+475
The current IFUNC selection is always using the most recent features which are available via AT_HWCAP. But in some scenarios it is useful to adjust this selection. The environment variable: GLIBC_TUNABLES=glibc.cpu.hwcaps=-xxx,yyy,zzz,.... can be used to enable HWCAP feature yyy, disable HWCAP feature xxx, where the feature name is case-sensitive and has to match the ones used in sysdeps/loongarch/cpu-tunables.c. Signed-off-by: caiyinyu <caiyinyu@loongson.cn>
2024-04-23nptl: Fix tst-cancel30 on kernels without ppoll_time64 supportFlorian Weimer1-4/+11
Fall back to ppoll if ppoll_time64 fails with ENOSYS. Fixes commit 370da8a121c3ba9eeb2f13da15fc0f21f4136b25 ("nptl: Fix tst-cancel30 on sparc64"). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-22Revert "Allow glibc to be compiled without EXEC_PAGESIZE"Samuel Thibault3-8/+2
This reverts commit 49aa652db810ebdca3a662ebd5b0468bd08ec688. This is still being discussed.
2024-04-22locale: Handle loading a missing locale twice (Bug 14247)Carlos O'Donell6-10/+119
Delay setting file->decided until the data has been successfully loaded by _nl_load_locale(). If the function fails to load the data then we must return and error and leave decided untouched to allow the caller to attempt to load the data again at a later time. We should not set decided to 1 early in the function since doing so may prevent attempting to load it again. We want to try loading it again because that allows an open to fail and set errno correctly. On the other side of this problem is that if we are called again with the same inputs we will fetch the cached version of the object and carry out no open syscalls and that fails to set errno so we must set errno to ENOENT in that case. There is a second code path that has to be handled where the name of the locale matches but the codeset doesn't match. These changes ensure that errno is correctly set on failure in all the return paths in _nl_find_locale(). Adds tst-locale-loadlocale to cover the bug. No regressions on x86_64. Co-authored-by: Jeff Law <law@redhat.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-22elf: Do not check for loader mmap on tst-decorate-maps (BZ 31553)Adhemerval Zanella1-6/+6
On some architectures and depending on the page size, the loader can also allocate some memory during dependencies loading and it will be marked as 'loader malloc'. However, if the system page size is large enough, the initial data page will be enough for all required allocation and there will be no extra loader mmap. To avoid false negatives, the test does not check for such pages. Checked on powerpc64le-linux-gnu with 64k pagesize. Reviewed-by: Simon Chopin <simon.chopin@canonical.com>
2024-04-19Use --enable-obsolete in build-many-glibcs.py for nios2-linux-gnuJoseph Myers1-1/+2
Until GCC removes Nios II support (at which point we should do so as well), this is now needed for GCC 14 / mainline to build for nios2-linux-gnu target. Tested with build-many-glibcs.py (GCC mainline) for nios2-linux-gnu.
2024-04-19login: Use unsigned 32-bit types for seconds-since-epochFlorian Weimer6-5/+55
These fields store timestamps when the system was running. No Linux systems existed before 1970, so these values are unused. Switching to unsigned types allows continued use of the existing struct layouts beyond the year 2038. The intent is to give distributions more time to switch to improved interfaces that also avoid locking/data corruption issues. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-19login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)Florian Weimer18-22/+165
These structs describe file formats under /var/log, and should not depend on the definition of _TIME_BITS. This is achieved by defining __WORDSIZE_TIME64_COMPAT32 to 1 on 32-bit ports that support 32-bit time_t values (where __time_t is 32 bits). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-19login: Check default sizes of structs utmp, utmpx, lastlogFlorian Weimer17-1/+88
The default <utmp-size.h> is for ports with a 64-bit time_t. Ports with a 32-bit time_t or with __WORDSIZE_TIME64_COMPAT32=1 need to override it. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-18benchtests: Add random() benchmarkWilco Dijkstra2-0/+107
Add a simple benchmark to measure the overhead of internal libc locks in the random() implementation on both single- and multi-threaded cases. This relies on the implementation of random using internal locks to access shared global data, and that the runtime uses multi-threaded locking once a thread has been created (even after it finishes). Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-18advisories: Add Reported-BySiddhesh Poyarekar1-0/+4
Add a new tag to give credit to vulnerability discoverers. Signed-off-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
2024-04-17Fix 'Reported-By' to use Camel Case for commit 6a98f4640ea453fAdhemerval Zanella1-1/+1
2024-04-17Document CVE-2024-2961Adhemerval Zanella1-0/+27
This commit adds "advisories" entries for the above three CVEs.
2024-04-17iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence ↵Charles Fol3-1/+144
(CVE-2024-2961) ISO-2022-CN-EXT uses escape sequences to indicate character set changes (as specified by RFC 1922). While the SOdesignation has the expected bounds checks, neither SS2designation nor SS3designation have its; allowing a write overflow of 1, 2, or 3 bytes with fixed values: '$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. Checked on aarch64-linux-gnu. Co-authored-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-04-16elf/rtld: Count skipped environment variables for enable_secureJoe Simmons-Talbott3-8/+66
When using the glibc.rtld.enable_secure tunable we need to keep track of the count of environment variables we skip due to __libc_enable_secure being set and adjust the auxv section of the stack. This fixes an assertion when running ld.so directly with glibc.rtld.enable_secure set. Add a testcase that ensures the assert is not hit. elf/rtld.c:1324 assert (auxv == sp + 1); Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-04-14powerpc: Fix ld.so address determination for PCREL mode (bug 31640)Florian Weimer1-0/+19
This seems to have stopped working with some GCC 14 versions, which clobber r2. With other compilers, the kernel-provided r2 value is still available at this point. Reviewed-by: Peter Bergner <bergner@linux.ibm.com>
2024-04-13Revert "x86_64: Suppress false positive valgrind error"Florian Weimer4-29/+3
This reverts commit a1735e0aa858f0c8b15e5ee9975bff4279423680. The test failure is a real valgrind bug that needs to be fixed before valgrind is usable with a glibc that has been built with CC="gcc -march=x86-64-v3". The proposed valgrind patch teaches valgrind to replace ld.so strcmp with an unoptimized scalar implementation, thus avoiding any AVX2-related problems. Valgrind bug: <https://bugs.kde.org/show_bug.cgi?id=485487> Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-04-11wcsmbs: Ensure wcstr worst-case linear execution time (BZ 23865)Adhemerval Zanella3-72/+507
It uses the same two-way algorithm used on strstr, strcasestr, and memmem. Different than strstr, neither the "shift table" optimization nor the self-adapting filtering check is used because it would result in a too-large shift table (and it also simplifies the implementation bit). Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reviewed-by: DJ Delorie <dj@redhat.com>
2024-04-11wcsmbs: Add test-wcsstrAdhemerval Zanella4-54/+117
Parametrize test-strstr.c so it can be used to check wcsstr. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reviewed-by: DJ Delorie <dj@redhat.com>
2024-04-10posix: Sync tempname with gnulibAdhemerval Zanella12-132/+260
The gnulib version contains an important change (9ce573cde), which fixes some problems with multithreading, entropy loss, and ASLR leak nfo. It also fixes an issue where getrandom is not being used on some new files generation (only for __GT_NOCREATE on first try). The 044bf893ac removed __path_search, which is now moved to another gnulib shared files (stdio-common/tmpdir.{c,h}). Tthis patch also fixes direxists to use __stat64_time64 instead of __xstat64, and move the include of pathmax.h for !_LIBC (since it is not used by glibc). The license is also changed from GPL 3.0 to 2.1, with permission from the authors (Bruno Haible and Paul Eggert). The sync also removed the clock fallback, since clock_gettime with CLOCK_REALTIME is expected to always succeed. It syncs with gnulib commit 323834962817af7b115187e8c9a833437f8d20ec. Checked on x86_64-linux-gnu. Co-authored-by: Bruno Haible <bruno@clisp.org> Co-authored-by: Paul Eggert <eggert@cs.ucla.edu> Reviewed-by: Bruno Haible <bruno@clisp.org>
2024-04-10socket: Add new test for connectSergey Kolosov2-0/+114
This commit adds a simple bind/accept/connect test for an IPv4 TCP connection to a local process via the loopback interface. Reviewed-by: Arjun Shankar <arjun@redhat.com>
2024-04-10libsupport: Add xgetpeernameSergey Kolosov3-0/+32
The patch adds redirections for getpeername. Reviewed-by: Arjun Shankar <arjun@redhat.com>
2024-04-09nptl: Add tst-pthread-key1-static for BZ #21777H.J. Lu2-0/+39
Add a static pthread static tests to verify that BZ #21777 is fixed. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-04-08elf: Add ld.so test with non-existing program nameFlorian Weimer2-0/+46
None of the existing tests seem to cover the case where _dl_signal_error is called without an active error handler. The new elf/tst-rtld-does-not-exist test triggers such a _dl_signal_error call from _dl_map_object. Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
2024-04-08elf: Check objname before calling fatal_errorH.J. Lu1-1/+5
_dl_signal_error may be called with objname == NULL. _dl_exception_create checks objname == NULL. But fatal_error doesn't. Check objname before calling fatal_error. This fixes BZ #31596. Reviewed-by: Sunil K Pandey <skpgkp2@gmail.com>