core/glibc to 2.18-4

2025-02-16 23:57:11 +00:00 · 2013-09-16 13:29:53 +00:00 · 2013-09-16 13:29:53 +00:00 · 8eedc0e921
commit 8eedc0e921
parent ee583aa55e
3 changed files with 1071 additions and 1 deletions
--- a/core/glibc/PKGBUILD
+++ b/core/glibc/PKGBUILD
@ -14,7 +14,7 @@ noautobuild=1

 pkgname=glibc
 pkgver=2.18
-pkgrel=3
+pkgrel=4
 pkgdesc="GNU C Library"
 arch=('i686' 'x86_64')
 url="http://www.gnu.org/software/libc"
@ -29,6 +29,8 @@ options=('!strip' '!distcc')
 install=glibc.install
 source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig}
        glibc-2.18-readdir_r-CVE-2013-4237.patch
+	glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
+	glibc-2.18-strcoll-CVE-2012-4412+4424.patch
        glibc-2.18-strstr-hackfix.patch
        local-soname-hack.diff
        fix-hf-ld.so.cache.patch
@ -39,6 +41,8 @@ source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig}
 md5sums=('88fbbceafee809e82efd52efa1e3c58f'
         'SKIP'
         '154da6bf5a5248f42a7bf5bf08e01a47'
+         'b79561ab9dce900e9bbeaf0d49927c2b'
+         'c7264b99d0f7e51922a4d3126182c40a'
         '4441f6dfe7d75ced1fa75e54dd21d36e'
         '589d79041aa767a5179eaa4e2737dd3f'
         'ad8a9af15ab7eeaa23dc7ee85024af9f'
@ -52,6 +56,14 @@ prepare() {

  # upstream commit 91ce4085
  patch -p1 -i $srcdir/glibc-2.18-readdir_r-CVE-2013-4237.patch
+
+  # upstream commits 1159a193, 55e17aad and b73ed247
+  patch -p1 -i $srcdir/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
+
+  # upstream commit 1326ba1a and two not yet committed patches
+  # https://sourceware.org/ml/libc-alpha/2013-08/msg00394.html
+  # https://sourceware.org/ml/libc-alpha/2013-08/msg00462.html
+  patch -p1 -i $srcdir/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
  
  # hack fix for strstr issues on x86
  patch -p1 -i $srcdir/glibc-2.18-strstr-hackfix.patch
--- a/core/glibc/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
+++ b/core/glibc/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
@ -0,0 +1,54 @@
+diff --git a/malloc/malloc.c b/malloc/malloc.c
+index dd295f5..7f43ba3 100644
+--- a/malloc/malloc.c
+++ b/malloc/malloc.c
+@@ -3082,6 +3082,13 @@ __libc_pvalloc(size_t bytes)
+   size_t page_mask = GLRO(dl_pagesize) - 1;
+   size_t rounded_bytes = (bytes + page_mask) & ~(page_mask);
+ 
+  /* Check for overflow.  */
+  if (bytes > SIZE_MAX - 2*pagesz - MINSIZE)
+    {
+      __set_errno (ENOMEM);
+      return 0;
+    }
+
+   void *(*hook) (size_t, size_t, const void *) =
+     force_reg (__memalign_hook);
+   if (__builtin_expect (hook != NULL, 0))
+diff --git a/malloc/malloc.c b/malloc/malloc.c
+index 7f43ba3..3148c5f 100644
+--- a/malloc/malloc.c
+++ b/malloc/malloc.c
+@@ -3046,6 +3046,13 @@ __libc_valloc(size_t bytes)
+ 
+   size_t pagesz = GLRO(dl_pagesize);
+ 
+  /* Check for overflow.  */
+  if (bytes > SIZE_MAX - pagesz - MINSIZE)
+    {
+      __set_errno (ENOMEM);
+      return 0;
+    }
+
+   void *(*hook) (size_t, size_t, const void *) =
+     force_reg (__memalign_hook);
+   if (__builtin_expect (hook != NULL, 0))
+diff --git a/malloc/malloc.c b/malloc/malloc.c
+index 3148c5f..f7718a9 100644
+--- a/malloc/malloc.c
+++ b/malloc/malloc.c
+@@ -3015,6 +3015,13 @@ __libc_memalign(size_t alignment, size_t bytes)
+   /* Otherwise, ensure that it is at least a minimum chunk size */
+   if (alignment <  MINSIZE) alignment = MINSIZE;
+ 
+  /* Check for overflow.  */
+  if (bytes > SIZE_MAX - alignment - MINSIZE)
+    {
+      __set_errno (ENOMEM);
+      return 0;
+    }
+
+   arena_get(ar_ptr, bytes + alignment + MINSIZE);
+   if(!ar_ptr)
+     return 0;
--- a/core/glibc/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
+++ b/core/glibc/glibc-2.18-strcoll-CVE-2012-4412+4424.patch