From: Arkadiusz Miśkiewicz Date: Sun, 31 Jan 2016 08:34:49 +0000 (+0100) Subject: - update from upstream X-Git-Tag: auto/th/glibc-2.22-14~1 X-Git-Url: http://git.pld-linux.org/gitweb.cgi?a=commitdiff_plain;h=33d7b2ea85f263d857386ec2322cd04774d80b5e;p=packages%2Fglibc.git - update from upstream --- diff --git a/glibc-git.patch b/glibc-git.patch index 7c6904f..5f98ebe 100644 --- a/glibc-git.patch +++ b/glibc-git.patch @@ -1,8 +1,25 @@ diff --git a/ChangeLog b/ChangeLog -index cb9124e..9740c89 100644 +index cb9124e..ed20b9b 100644 --- a/ChangeLog +++ b/ChangeLog -@@ -1,3 +1,296 @@ +@@ -1,3 +1,313 @@ ++2016-01-27 Paul Eggert ++ ++ [BZ #18240] ++ * misc/hsearch_r.c (isprime, __hcreate_r): Protect against ++ unsigned int wraparound. ++ ++2016-01-27 Florian Weimer ++ ++ [BZ #18240] ++ * misc/bug18240.c: New test. ++ * misc/Makefile (tests): Add it. ++ ++2015-08-25 Ondřej Bílka ++ ++ [BZ #18240] ++ * misc/hsearch_r.c (__hcreate_r): Handle overflow. ++ +2015-10-27 Ludovic Courtès + + * locale/loadlocale.c (_nl_intern_locale_data): Change assertion @@ -300,7 +317,7 @@ index cb9124e..9740c89 100644 * version.h (RELEASE): Set to "stable". diff --git a/NEWS b/NEWS -index 4c31de7..99e68d2 100644 +index 4c31de7..d1daf9b 100644 --- a/NEWS +++ b/NEWS @@ -5,6 +5,16 @@ See the end for copying conditions. @@ -311,8 +328,8 @@ index 4c31de7..99e68d2 100644 + +* The following bugs are resolved with this release: + -+ 17905, 18421, 18480, 18589, 18743, 18778, 18781, 18787, 18796, 18870, -+ 18887, 18921, 18928, 18969, 18985, 19018, 19058, 19174, 19178. ++ 17905, 18420, 18421, 18480, 18589, 18743, 18778, 18781, 18787, 18796, ++ 18870, 18887, 18921, 18928, 18969, 18985, 19018, 19058, 19174, 19178. + +* The LD_POINTER_GUARD environment variable can no longer be used to + disable the pointer guard feature. It is always enabled. @@ -1259,7 +1276,7 @@ index 6388bae..2c9d72d 100644 endif diff --git a/misc/Makefile b/misc/Makefile -index aecb0da..2f5edf6 100644 +index aecb0da..12055ce 100644 --- a/misc/Makefile +++ b/misc/Makefile @@ -76,7 +76,8 @@ install-lib := libg.a @@ -1268,10 +1285,148 @@ index aecb0da..2f5edf6 100644 tests := tst-dirname tst-tsearch tst-fdset tst-efgcvt tst-mntent tst-hsearch \ - tst-error1 tst-pselect tst-insremque tst-mntent2 bug-hsearch1 + tst-error1 tst-pselect tst-insremque tst-mntent2 bug-hsearch1 \ -+ tst-mntent-blank-corrupt tst-mntent-blank-passno ++ tst-mntent-blank-corrupt tst-mntent-blank-passno bug18240 ifeq ($(run-built-tests),yes) tests-special += $(objpfx)tst-error1-mem.out endif +diff --git a/misc/bug18240.c b/misc/bug18240.c +new file mode 100644 +index 0000000..4b26865 +--- /dev/null ++++ b/misc/bug18240.c +@@ -0,0 +1,75 @@ ++/* Test integer wraparound in hcreate. ++ Copyright (C) 2016 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static void ++test_size (size_t size) ++{ ++ int res = hcreate (size); ++ if (res == 0) ++ { ++ if (errno == ENOMEM) ++ return; ++ printf ("error: hcreate (%zu): %m\n", size); ++ exit (1); ++ } ++ char *keys[100]; ++ for (int i = 0; i < 100; ++i) ++ { ++ if (asprintf (keys + i, "%d", i) < 0) ++ { ++ printf ("error: asprintf: %m\n"); ++ exit (1); ++ } ++ ENTRY e = { keys[i], (char *) "value" }; ++ if (hsearch (e, ENTER) == NULL) ++ { ++ printf ("error: hsearch (\"%s\"): %m\n", keys[i]); ++ exit (1); ++ } ++ } ++ hdestroy (); ++ ++ for (int i = 0; i < 100; ++i) ++ free (keys[i]); ++} ++ ++static int ++do_test (void) ++{ ++ test_size (500); ++ test_size (-1); ++ test_size (-3); ++ test_size (INT_MAX - 2); ++ test_size (INT_MAX - 1); ++ test_size (INT_MAX); ++ test_size (((unsigned) INT_MAX) + 1); ++ test_size (UINT_MAX - 2); ++ test_size (UINT_MAX - 1); ++ test_size (UINT_MAX); ++ return 0; ++} ++ ++#define TEST_FUNCTION do_test () ++#include "../test-skeleton.c" +diff --git a/misc/hsearch_r.c b/misc/hsearch_r.c +index 9f55e84..661f0f6 100644 +--- a/misc/hsearch_r.c ++++ b/misc/hsearch_r.c +@@ -19,7 +19,7 @@ + #include + #include + #include +- ++#include + #include + + /* [Aho,Sethi,Ullman] Compilers: Principles, Techniques and Tools, 1986 +@@ -46,15 +46,12 @@ static int + isprime (unsigned int number) + { + /* no even number will be passed */ +- unsigned int div = 3; +- +- while (div * div < number && number % div != 0) +- div += 2; +- +- return number % div != 0; ++ for (unsigned int div = 3; div <= number / div; div += 2) ++ if (number % div == 0) ++ return 0; ++ return 1; + } + +- + /* Before using the hash table we must allocate memory for it. + Test for an existing table are done. We allocate one element + more as the found prime number says. This is done for more effective +@@ -81,10 +78,19 @@ __hcreate_r (nel, htab) + use will not work. */ + if (nel < 3) + nel = 3; +- /* Change nel to the first prime number not smaller as nel. */ +- nel |= 1; /* make odd */ +- while (!isprime (nel)) +- nel += 2; ++ ++ /* Change nel to the first prime number in the range [nel, UINT_MAX - 2], ++ The '- 2' means 'nel += 2' cannot overflow. */ ++ for (nel |= 1; ; nel += 2) ++ { ++ if (UINT_MAX - 2 < nel) ++ { ++ __set_errno (ENOMEM); ++ return 0; ++ } ++ if (isprime (nel)) ++ break; ++ } + + htab->size = nel; + htab->filled = 0; diff --git a/misc/mntent_r.c b/misc/mntent_r.c index 6159873..4f26998 100644 --- a/misc/mntent_r.c