Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
(cherry picked from commit a159b53fa059947cc2548e3b0d5bdcf7b9630ba8)
|
|
The new test checks for memory leaks (see bug 22325) and attempts
to trigger the buffer overflow in bug 22320.
(cherry picked from commit e80fc1fc98bf614eb01cf8325503df3a1451a99c)
|
|
(cherry picked from commit c369d66e5426a30e4725b100d5cd28e372754f90)
|
|
This patch syncs posix/glob.c implementation with gnulib version
b5ec983 (glob: simplify symlink detection). The only difference
to gnulib code is
* DT_UNKNOWN, DT_DIR, and DT_LNK definition in the case there
were not already defined. Gnulib code which uses
HAVE_STRUCT_DIRENT_D_TYPE will redefine them wrongly because
GLIBC does not define HAVE_STRUCT_DIRENT_D_TYPE. Instead
the patch check for each definition instead.
Also, the patch requires additional globfree and globfree64 files
for compatibility version on some architectures. Also the code
simplification leads to not macro simplification (not need for
NO_GLOB_PATTERN_P anymore).
Checked on x86_64-linux-gnu and on a build using build-many-glibcs.py
for all major architectures.
[BZ #1062]
* posix/Makefile (routines): Add globfree, globfree64, and
glob_pattern_p.
* posix/flexmember.h: New file.
* posix/glob_internal.h: Likewise.
* posix/glob_pattern_p.c: Likewise.
* posix/globfree.c: Likewise.
* posix/globfree64.c: Likewise.
* sysdeps/gnu/globfree64.c: Likewise.
* sysdeps/unix/sysv/linux/alpha/globfree.c: Likewise.
* sysdeps/unix/sysv/linux/mips/mips64/n64/globfree64.c: Likewise.
* sysdeps/unix/sysv/linux/oldglob.c: Likewise.
* sysdeps/unix/sysv/linux/wordsize-64/globfree64.c: Likewise.
* sysdeps/unix/sysv/linux/x86_64/x32/globfree.c: Likewise.
* sysdeps/wordsize-64/globfree.c: Likewise.
* sysdeps/wordsize-64/globfree64.c: Likewise.
* posix/glob.c (HAVE_CONFIG_H): Use !_LIBC instead.
[NDEBUG): Remove comments.
(GLOB_ONLY_P, _AMIGA, VMS): Remove define.
(dirent_type): New type. Use uint_fast8_t not
uint8_t, as C99 does not require uint8_t.
(DT_UNKNOWN, DT_DIR, DT_LNK): New macros.
(struct readdir_result): Use dirent_type. Do not define skip_entry
unless it is needed; this saves a byte on platforms lacking d_ino.
(readdir_result_type, readdir_result_skip_entry):
New functions, replacing ...
(readdir_result_might_be_symlink, readdir_result_might_be_dir):
these functions, which were removed. This makes the callers
easier to read. All callers changed.
(D_INO_TO_RESULT): Now empty if there is no d_ino.
(size_add_wrapv, glob_use_alloca): New static functions.
(glob, glob_in_dir): Check for size_t overflow in several places,
and fix some size_t checks that were not quite right.
Remove old code using SHELL since Bash no longer
uses this.
(glob, prefix_array): Separate MS code better.
(glob_in_dir): Remove old Amiga and VMS code.
(globfree, __glob_pattern_type, __glob_pattern_p): Move to
separate files.
(glob_in_dir): Do not rely on undefined behavior in accessing
struct members beyond their bounds. Use a flexible array member
instead
(link_stat): Rename from link_exists2_p and return -1/0 instead of
0/1. Caller changed.
(glob): Fix memory leaks.
* posix/glob64 (globfree64): Move to separate file.
* sysdeps/gnu/glob64.c (NO_GLOB_PATTERN_P): Remove define.
(globfree64): Remove hidden alias.
* sysdeps/unix/sysv/linux/Makefile (sysdeps_routines): Add
oldglob.
* sysdeps/unix/sysv/linux/alpha/glob.c (__new_globfree): Move to
separate file.
* sysdeps/unix/sysv/linux/i386/glob64.c (NO_GLOB_PATTERN_P): Remove
define.
Move compat code to separate file.
* sysdeps/wordsize-64/glob.c (globfree): Move definitions to
separate file.
(cherry picked from commit c66c908230169c1bab1f83b071eb585baa214b9f)
|
|
|
|
(cherry picked from commit 71aa429b029fdb6f9e65d44050388b51eca460d6)
|
|
(cherry picked from commit 4590634fd65162568b9f52fb4beb60aa25da37f2)
|
|
(cherry picked from commit 403143e1df85dadd374f304bd891be0cd7573e3b)
|
|
When posix_memalign is called with an alignment less than MALLOC_ALIGNMENT
and a requested size close to SIZE_MAX, it falls back to malloc code
(because the alignment of a block returned by malloc is sufficient to
satisfy the call). In this case, an integer overflow in _int_malloc leads
to posix_memalign incorrectly returning successfully.
Upon fixing this and writing a somewhat thorough regression test, it was
discovered that when posix_memalign is called with an alignment larger than
MALLOC_ALIGNMENT (so it uses _int_memalign instead) and a requested size
close to SIZE_MAX, a different integer overflow in _int_memalign leads to
posix_memalign incorrectly returning successfully.
Both integer overflows affect other memory allocation functions that use
_int_malloc (one affected malloc in x86) or _int_memalign as well.
This commit fixes both integer overflows. In addition to this, it adds a
regression test to guard against false successful allocations by the
following memory allocation functions when called with too-large allocation
sizes and, where relevant, various valid alignments:
malloc, realloc, calloc, reallocarray, memalign, posix_memalign,
aligned_alloc, valloc, and pvalloc.
(cherry picked from commit 8e448310d74b283c5cd02b9ed7fb997b47bf9b22)
|
|
(cherry picked from commit 8a0b17e48b83e933960dfeb8fa08b259f03f310e)
|
|
(cherry picked from commit c94a5688fb1228a862b2d4a3f1239cdc0e3349e5)
|
|
(cherry picked from commit 3ff3dfa5af313a6ea33f3393916f30eece4f0171)
|
|
The fillin_rpath function in elf/dl-load.c loops over each RPATH or
RUNPATH tokens and interprets empty tokens as the current directory
("./"). In practice the check for empty token is done *after* the
dynamic string token expansion. The expansion process can return an
empty string for the $ORIGIN token if __libc_enable_secure is set
or if the path of the binary can not be determined (/proc not mounted).
Fix that by moving the check for empty tokens before the dynamic string
token expansion. In addition, check for NULL pointer or empty strings
return by expand_dynamic_string_token.
The above changes highlighted a bug in decompose_rpath, an empty array
is represented by the first element being NULL at the fillin_rpath
level, but by using a -1 pointer in decompose_rpath and other functions.
Changelog:
[BZ #22625]
* elf/dl-load.c (fillin_rpath): Check for empty tokens before dynamic
string token expansion. Check for NULL pointer or empty string possibly
returned by expand_dynamic_string_token.
(decompose_rpath): Check for empty path after dynamic string
token expansion.
(cherry picked from commit 3e3c904daef69b8bf7d5cc07f793c9f07c3553ef)
|
|
After commit bc779a1a5b3035133024b21e2f339fe4219fb11c
(CVE-2016-4429: sunrpc: Do not use alloca in clntudp_call
[BZ #20112]), ancillary data is stored on the heap,
but it is accessed after it has been freed.
The test case must be run under a heap debugger such as valgrind
to observe the invalid access. A malloc implementation which
immediately calls munmap on free would catch this bug as well.
(cherry picked from commit d42eed4a044e5e10dfb885cf9891c2518a72a491)
|
|
(cherry picked from commit eedca9772e99c72ab4c3c34e43cc764250aa3e3c)
|
|
This commit updates the support/ subdirectory to
commit 2714c5f3c95f90977167c1d21326d907fb76b419
on the master branch and modifies Makeconfig,
Rules, and extra-lib.mk accordingly.
(cherry picked from commit 4c5785aa129a5d195fc1cd5c7fcd6f62c2b0ff0c)
Reviewed-by: Carlos O'Donell <carlos@redhat.com>
|
|
|
|
Linux commit b4b56f9ecab40f3b4ef53e130c9f6663be491894 introduced
a new HWCAP2 bit to indicate that the kernel now aborts a memory
transaction when a syscall is made. This patch adds that bit to
sysdeps/powerpc/bits/hwcap.h.
* sysdeps/powerpc/bits/hwcap.h: Add PPC_FEATURE2_HTM_NOSC.
* sysdeps/powerpc/dl-procinfo.c:
(_dl_powerpc_cap_flags): Added descriptor for this hwcap
feature so it shows when LD_SHOW_AUXV=1.
(cherry picked from commit 3c13f28c8eac1e5a883d1b3801314430a094fc99)
|
|
Some features in hwcap.h do not have matching string descriptors
to be displayed when LD_SHOW_AUXV=1. This patch fixes the problem.
* sysdeps/powerpc/dl-procinfo.c:
(_dl_powerpc_cap_flags): Added missing strings for some
hwcap features.
* sysdeps/powerpc/dl-procinfo.h: Updated hwcap bit count.
(cherry picked from commit 94ec7e007f4845de284d4f7569721b225ba77572)
|
|
Don't compile do_test (in sincos ABI tests) with -mavx, -mavx2
nor -mavx512 since they won't run on non-AVX machines.
(cherry-picked from commit fe0cf8614836e2b08b802eb1f55abca75d558545)
|
|
This uses the implementation of sinf() in sysdeps/x86_64/fpu/s_sinf.S
as inspiration.
(cherry picked from commit aa95fc13f5b02044eadc3af3d9e1c025f2e1edda)
|
|
This implementation is based on the one already used at
sysdeps/x86_64/fpu/e_expf.S.
This implementation improves the performance by ~14% on average in synthetic
benchmarks at the cost of decreasing accuracy to 1 ULP.
(cherry picked from commit 35da2541c382d1d4b7c9a15049a3cd1c7a6863a3)
|
|
|
|
Fixed wrong vector sincos/sincosf ABI to have it compatible with
current vector function declaration "#pragma omp declare simd notinbranch",
according to which vector sincos should have vector of pointers for second and
third parameters. It is fixed with implementation as wrapper to version
having second and third parameters as pointers.
(cherry-picked from commit ee2196bb6766ca7e63a1ba22ebb7619a3266776a)
|
|
(cherry picked from commit 1f645571d2db9008b3cd3d5acb9ff93357864283)
|
|
glibc provides fallback definitions already. It is not necessary to
suppress warnings for unknown attributes because GCC does this
automatically for system headers.
This commit does not sync with gnulib because gnulib has started to use
_GL_* macros in the header file, which are arguably in the gnulib
implementation space and not suitable for an installed glibc header
file.
(cherry picked from commit 2c820533c61fed175390bc6058afbbe42d2edc37)
|
|
(cherry picked from commit 983fd5c41ab7e5a5c33922259ca1ac99b3b413f8)
|
|
Reproducer (needs to run as root):
perl -e \
'print "large:x:999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \
>> /etc/group
cd /var/db
make
getent -s db group
After the fix, the last command should list the "large" group.
The magic number 135 has been chosen so that the line is shorter than
1024 bytes, but the pointers required to encode the member array will
cross the threshold, triggering the bug.
(cherry picked from commit a6033052d08027f745867e5e346852da1959226c)
|
|
When get*ent is called without a preceding set*ent, we need
to set the initial iteration position in get*ent.
Reproducer: Add “services: db files” to /etc/nsswitch.conf, then run
“perl -e getservent”. It will segfault before this change, and exit
silently after it.
(cherry picked from commit 31d0a4fa646db8b8c97ce24e0ec0a7b73de4fca1)
|
|
(cherry picked from commit 73fb56a4d51fd4437e4cde6dd3c8077a610f88a8)
|
|
__startcontext marks the bottom of the call stack of the contexts created
by makecontext.
(cherry picked from commit 9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617)
Also includes the NEWS update, cherry-picked from commits
056dd72af83f5459ce6d545a49dea6dba7d635dc and
4d047efdbc55b0d68947cde682e5363d16a66294.
|
|
Before this change, the while loop in reused_arena which avoids
returning a corrupt arena would never execute its body if the selected
arena were not corrupt. As a result, result == begin after the loop,
and the function returns NULL, triggering fallback to mmap.
(cherry picked from commit a3b473373ee43a292f5ec68a7fda6b9cfb26a9b0)
|
|
With this change, we no longer add sysdep.o and similar objects which
are present in libc.a to other static libraries.
(cherry picked from commit d9067fca40b8aac156d73cfa44d6875813555a6c)
|
|
It is necessary to preserve the invariant that if an arena is
on the free list, it has thread attach count zero. Otherwise,
when arena_thread_freeres sees the zero attach count, it will
add it, and without the invariant, an arena could get pushed
to the list twice, resulting in a cycle.
One possible execution trace looks like this:
Thread 1 examines free list and observes it as empty.
Thread 2 exits and adds its arena to the free list,
with attached_threads == 0).
Thread 1 selects this arena in reused_arena (not from the free list).
Thread 1 increments attached_threads and attaches itself.
(The arena remains on the free list.)
Thread 1 exits, decrements attached_threads,
and adds the arena to the free list.
The final step creates a cycle in the usual way (by overwriting the
next_free member with the former list head, while there is another
list item pointing to the arena structure).
tst-malloc-thread-exit exhibits this issue, but it was only visible
with a debugger because the incorrect fix in bug 19243 removed
the assert from get_free_list.
(cherry picked from commit f88aab5d508c13ae4a88124e65773d7d827cd47b)
|
|
The patched change fixes a regression for executables compiled with the
-p option and linked with gcrt1.o. The executables crash on startup.
This regression was introduced in 2.22 and was noticed in the gcc testsuite.
(cherry picked from commit 9765ffa71030efd8bb4f2ea4ed6e020fcb4bb714)
|
|
Commit 43c29487 tried to fix the vfork aliases in libpthread.so on MIPS
and SPARC, but failed to do it correctly, introducing an ABI change.
This patch does the remaining changes needed to align the MIPS and SPARC
vfork implementations with the other architectures. That way the the
alpha version of pt-vfork.S works correctly for MIPS and SPARC. The
changes for alpha were done in 82aab97c.
Changelog:
* sysdeps/unix/sysv/linux/mips/vfork.S (__vfork): Rename into
__libc_vfork.
(__vfork) [IS_IN (libc)]: Remove alias.
(__libc_vfork) [IS_IN (libc)]: Define as an alias.
* sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S: Likewise.
(cherry picked from commit b87c1ec3fa398646f042a68f0ce0f7d09c1348c7)
|
|
With recent binutils versions the GNU libc fails to build on at least
MISP and SPARC, with this kind of error:
/home/aurel32/glibc/glibc-build/nptl/libpthread.so:(*IND*+0x0): multiple definition of `vfork@GLIBC_2.0'
/home/aurel32/glibc/glibc-build/nptl/libpthread.so::(.text+0xee50): first defined here
It appears that on these architectures pt-vfork.S includes vfork.S
(through the alpha version of pt-vfork.S) and that the __vfork aliases
are not conditionalized on IS_IN (libc) like on other architectures.
Therefore the aliases are also wrongly included in libpthread.so.
Fix this by properly conditionalizing the aliases like on other
architectures.
Changelog:
* sysdeps/unix/sysv/linux/mips/vfork.S (__vfork): Conditionalize
hidden_def, weak_alias and strong_alias on [IS_IN (libc)].
* sysdeps/unix/sysv/linux/sparc/sparc32/vfork.S: Likewise.
* sysdeps/unix/sysv/linux/sparc/sparc64/vfork.S: Likewise.
(cherry picked from commit 43c2948756bb6e144c7b871e827bba37d61ad3a3)
|
|
Building string/tst-endian.c with gcc 6 produces an build warning/error on s390 (big endian machine):
gcc tst-endian.c -c -std=gnu11 -fgnu89-inline -O2 or -O3 ...
tst-endian.c: In function ‘do_test’:
tst-endian.c:16:30: error: self-comparison always evaluates to false [-Werror=tautological-compare]
if (htobe16 (be16toh (i)) != i)
^~
...
See definitions of htobexx, bexxtoh in string/endian.h:
...
This patch silences these warnings with DIAG_* macros if build with gcc 6
and newer.
The same warnings occur on little endian machines with the
"htoleXX (leXXtoh (i)) != i" if-statements.
ChangeLog:
* string/tst-endian.c: Include <libc-internal.h>.
(do_test): Ignore tautological-compare warnings around
"htobeXX (beXXtoh (i)) != i" and
"htoleXX (leXXtoh (i)) != i" if-statements.
(cherry picked from commit f69f887092914f6e1abcc2d622e4f5e56a6e1645)
|
|
(cherry picked from commit 794950ed1d29853158d783d57f72260f5665afe5)
|
|
Partial backport of commit 9dd346ff431fc761f1b748bd4da8bb59f7652094.
|
|
* sysdeps/ieee754/flt-32/k_rem_pio2f.c (__kernel_rem_pio2f):
Fix indentation.
(cherry picked from commit 976ef870542580cf5fed896c2c652b3e1a95f9da)
|
|
2015-09-18 Wilco Dijkstra <wdijkstr@arm.com>
* resolv/base64.c (rcsid): Remove unused static.
* sysdeps/ieee754/dbl-64/atnat2.h (qpi1): Remove unused
static. (tqpi1): Likewise.
* sysdeps/ieee754/dbl-64/uexp.h (one): Likewise.
* sysdeps/ieee754/dbl-64/upow.h (sqrt_2): Likewise.
* sysdeps/ieee754/flt-32/e_log10f.c (one): Likewise.
* sysdeps/ieee754/flt-32/s_cosf.c (one): Likewise.
* sysdeps/ieee754/ldbl-128/e_lgammal_r.c (zero): Likewise.
* sysdeps/ieee754/ldbl-128/s_erfl.c (half): Likewise.
* sysdeps/ieee754/ldbl-128/s_log1pl.c (maxlog): Likewise.
* timezone/private.h (time_t_min): Likewise. (time_t_max):
Likewise.
(cherry picked from commit 6565fcb6e189d67b5a3f321453daebb805056d73)
|
|
(cherry picked from commit df1cf48777fe4cd81ad7fb09ecbe5b31432b7c1c)
|
|
This commit only addresses the fork case, the vfork case has to be a
tail call, which is why the generic code needs an IFUNC resolver
there.
(cherry picked from commit f06f3f05b48c72e2c9b0fa78671f94fd22d67da8)
|
|
The call is technically in a loop, and under certain circumstances
(which are quite difficult to reproduce in a test case), alloca
can be invoked repeatedly during a single call to clntudp_call.
As a result, the available stack space can be exhausted (even
though individual alloca sizes are bounded implicitly by what
can fit into a UDP packet, as a side effect of the earlier
successful send operation).
(cherry picked from commit bc779a1a5b3035133024b21e2f339fe4219fb11c)
|
|
The Hesiod implementation imported into glibc was enhanced
to support caller-supplied resolver states. But its only
consumer is nss_hesiod, and it supplies the thread-local
resolver state. Therefore, this commit changes the Hesiod
implementation to use the thread-local resolver state (_res)
directly. This fixes bug 19573 because the Hesiod
implementation no longer has to initialize and free any
resolver state.
To avoid any risk of interposition of ABI-incompatible Hesiod
function implementations, this commit marks the Hesiod functions
as hidden. (They were already hidden using a linker version
script.)
(cherry picked from commit 5018f16c6205404ba3aa7298dc8a3d45fbd46bfc)
|
|
(cherry picked from commit dbdc657dc0b962ef3ac61585c81e0828d8da42ee)
|
|
When converting a struct hostent response to struct gaih_addrtuple, the
gethosts macro (which is called from gaih_inet) used alloca, without
malloc fallback for large responses. This commit changes this code to
use calloc unconditionally.
This commit also consolidated a second hostent-to-gaih_addrtuple
conversion loop (in gaih_inet) to use the new conversion function.
(cherry picked from commit 4ab2ab03d4351914ee53248dc5aef4a8c88ff8b9)
|
|
Instead, we store the data we need from the return value of
readdir in an object of the new type struct readdir_result.
This type is independent of the layout of struct dirent.
(cherry picked from commit 5171f3079f2cc53e0548fc4967361f4d1ce9d7ea)
|