From 4fd1d21f1ea7dc9fabb5c88f427b482322f6e4fc Mon Sep 17 00:00:00 2001
From: Kevin Mihelich <kevin@archlinuxarm.org>
Date: Mon, 6 Feb 2023 12:42:09 +0000
Subject: [PATCH] core/glibc to 2.37-2

---
 core/glibc/PKGBUILD             | 17 +++++--
 core/glibc/cve-2023-25139.patch | 81 +++++++++++++++++++++++++++++++++
 2 files changed, 93 insertions(+), 5 deletions(-)
 create mode 100644 core/glibc/cve-2023-25139.patch

diff --git a/core/glibc/PKGBUILD b/core/glibc/PKGBUILD
index 8f6dbf582..d267dd15b 100644
--- a/core/glibc/PKGBUILD
+++ b/core/glibc/PKGBUILD
@@ -15,9 +15,9 @@
 noautobuild=1
 
 pkgname=glibc
-pkgver=2.36
-_commit=93967a2a7bbdcedb73e0b246713580c7c84d001e
-pkgrel=7
+pkgver=2.37
+_commit=a704fd9a133bfb10510e18702f48a6a9c88dbbd5
+pkgrel=2
 arch=(x86_64)
 url='https://www.gnu.org/software/libc'
 license=(GPL LGPL)
@@ -28,6 +28,7 @@ source=(git+https://sourceware.org/git/glibc.git#commit=${_commit}
         locale-gen
         sdt.h sdt-config.h
         reenable_DT_HASH.patch
+        cve-2023-25139.patch
 )
 validpgpkeys=(7273542B39962DF7B299931416792B4EA25340F8 # Carlos O'Donell
               BC7C7372637EC10C57D7AA6579C43DFBF1CF2187) # Siddhesh Poyarekar
@@ -36,7 +37,8 @@ b2sums=('SKIP'
         '04fbb3b0b28705f41ccc6c15ed5532faf0105370f22133a2b49867e790df0491f5a1255220ff6ebab91a462f088d0cf299491b3eb8ea53534cb8638a213e46e3'
         'a6a5e2f2a627cc0d13d11a82458cfd0aa75ec1c5a3c7647e5d5a3bb1d4c0770887a3909bfda1236803d5bc9801bfd6251e13483e9adf797e4725332cd0d91a0e'
         '214e995e84b342fe7b2a7704ce011b7c7fc74c2971f98eeb3b4e677b99c860addc0a7d91b8dc0f0b8be7537782ee331999e02ba48f4ccc1c331b60f27d715678'
-        '5fdd133c367af2f5454ea1eea7907de12166fb95eb59dbe33eae16aa9e26209b6585972bc1c80e36a0af4bfb04296acaf940ee78cd624cdcbab9669dff46c051')
+        '5fdd133c367af2f5454ea1eea7907de12166fb95eb59dbe33eae16aa9e26209b6585972bc1c80e36a0af4bfb04296acaf940ee78cd624cdcbab9669dff46c051'
+        '917b876dbc2bc23d15ffedb56bfb51611f8c7a5b8321281a2cf488d442a45c38fc754e857573843042bf7cc3df87d4271bc723acd52aab4c8fc3c8f07d41456e')
 
 prepare() {
   mkdir -p glibc-build
@@ -44,10 +46,15 @@ prepare() {
   [[ -d glibc-$pkgver ]] && ln -s glibc-$pkgver glibc
   cd glibc
 
-  # re-enable `--hash-style=both` for building shared objects due to issues with EPIC's EAC
+  # Re-enable `--hash-style=both` for building shared objects due to issues with EPIC's EAC
   # which relies on DT_HASH to be present in these libs.
   # reconsider 2023-01
   patch -Np1 -i "${srcdir}"/reenable_DT_HASH.patch
+
+  # Add a temporary patch for cve 2023-25139 until a fix has been backported.
+  # Technical the fix itself is complete but the test cases aren't.
+  # See https://sourceware.org/bugzilla/show_bug.cgi?id=30068
+  patch -Np1 -i "${srcdir}"/cve-2023-25139.patch
 }
 
 build() {
diff --git a/core/glibc/cve-2023-25139.patch b/core/glibc/cve-2023-25139.patch
new file mode 100644
index 000000000..3361e68fa
--- /dev/null
+++ b/core/glibc/cve-2023-25139.patch
@@ -0,0 +1,81 @@
+This is a partial fix for mishandling of grouping when formatting
+integers.  It properly computes the width in presence of grouping
+characteres when the precision is larger than the number of significant
+digits.
+---
+ stdio-common/Makefile               |  1 +
+ stdio-common/tst-grouping3.c        | 37 +++++++++++++++++++++++++++++
+ stdio-common/vfprintf-process-arg.c |  2 +-
+ 3 files changed, 39 insertions(+), 1 deletion(-)
+ create mode 100644 stdio-common/tst-grouping3.c
+
+diff --git a/stdio-common/Makefile b/stdio-common/Makefile
+index 6e9d104524..b46d932a20 100644
+--- a/stdio-common/Makefile
++++ b/stdio-common/Makefile
+@@ -195,6 +195,7 @@ tests := \
+   tst-gets \
+   tst-grouping \
+   tst-grouping2 \
++  tst-grouping3 \
+   tst-long-dbl-fphex \
+   tst-memstream-string \
+   tst-obprintf \
+diff --git a/stdio-common/tst-grouping3.c b/stdio-common/tst-grouping3.c
+new file mode 100644
+index 0000000000..0031ad4010
+--- /dev/null
++++ b/stdio-common/tst-grouping3.c
+@@ -0,0 +1,37 @@
++/* Test printf with grouping and padding (bug 23432)
++   Copyright (C) 2023 Free Software Foundation, Inc.
++   This file is part of the GNU C Library.
++
++   The GNU C Library is free software; you can redistribute it and/or
++   modify it under the terms of the GNU Lesser General Public
++   License as published by the Free Software Foundation; either
++   version 2.1 of the License, or (at your option) any later version.
++
++   The GNU C Library is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++   Lesser General Public License for more details.
++
++   You should have received a copy of the GNU Lesser General Public
++   License along with the GNU C Library; if not, see
++   <https://www.gnu.org/licenses/>.  */
++
++#include <locale.h>
++#include <stdio.h>
++#include <support/check.h>
++#include <support/support.h>
++
++static int
++do_test (void)
++{
++  char buf[80];
++
++  xsetlocale (LC_NUMERIC, "de_DE.UTF-8");
++
++  sprintf (buf, "%+-'13.9d", 1234567);
++  TEST_COMPARE_STRING (buf, "+001.234.567 ");
++
++  return 0;
++}
++
++#include <support/test-driver.c>
+diff --git a/stdio-common/vfprintf-process-arg.c b/stdio-common/vfprintf-process-arg.c
+index 2c651946df..cd3eaf5c0c 100644
+--- a/stdio-common/vfprintf-process-arg.c
++++ b/stdio-common/vfprintf-process-arg.c
+@@ -257,7 +257,7 @@ LABEL (unsigned_number):      /* Unsigned number of base BASE.  */
+           width -= 2;
+         }
+
+-      width -= workend - string + prec;
++      width -= number_length + prec;
+
+       Xprintf_buffer_pad (buf, L_('0'), prec);
+
+--
+2.39.1