core/glibc to 2.18-1

2025-02-16 23:57:11 +00:00 · 2013-08-15 12:33:24 +00:00 · 2013-08-15 12:33:24 +00:00 · 8f9e288fbf
commit 8f9e288fbf
parent 0410911fa0
6 changed files with 14 additions and 347 deletions
--- a/core/glibc/PKGBUILD
+++ b/core/glibc/PKGBUILD
@ -13,8 +13,8 @@
 noautobuild=1

 pkgname=glibc
-pkgver=2.17
-pkgrel=6
+pkgver=2.18
+pkgrel=1
 pkgdesc="GNU C Library"
 arch=('i686' 'x86_64')
 url="http://www.gnu.org/software/libc"
@ -28,38 +28,24 @@ backup=(etc/gai.conf
 options=('!strip' '!distcc')
 install=glibc.install
 source=(http://ftp.gnu.org/gnu/libc/${pkgname}-${pkgver}.tar.xz{,.sig}
-        glibc-2.17-sync-with-linux37.patch
-        glibc-2.17-getaddrinfo-stack-overflow.patch
-        glibc-2.17-regexp-matcher-overrun.patch
        local-soname-hack.diff
        fix-hf-ld.so.cache.patch
        nscd.service
        nscd.tmpfiles
        locale.gen.txt
        locale-gen)
-md5sums=('87bf675c8ee523ebda4803e8e1cec638'
+md5sums=('88fbbceafee809e82efd52efa1e3c58f'
         'SKIP'
-         'fb99380d94598cc76d793deebf630022'
-         '56d5f2c09503a348281a20ae404b7de3'
-         '200acc05961b084ee00dde919e64f82d'
         '589d79041aa767a5179eaa4e2737dd3f'
         'ad8a9af15ab7eeaa23dc7ee85024af9f'
-         'bccbe5619e75cf1d97312ec3681c605c'
+         'd5fab2cd3abea65aa5ae696ea4a47d6b'
+         'da662ca76e7c8d7efbc7986ab7acea2d'
         '07ac979b6ab5eeb778d55f041529d623'
         '476e9113489f93b348b21e144b6a8fcf')

 build() {
  cd ${srcdir}/${pkgname}-${pkgver}

-  # combination of upstream commits 318cd0b, b540704 and fc1abbe
-  patch -p1 -i ${srcdir}/glibc-2.17-sync-with-linux37.patch
-
-  # CVE-2013-1914 - upstream commit 1cef1b19
-  patch -p1 -i ${srcdir}/glibc-2.17-getaddrinfo-stack-overflow.patch
-
-  # CVE-2013-0242 - upstream commit a445af0b
-  patch -p1 -i ${srcdir}/glibc-2.17-regexp-matcher-overrun.patch
-
  # ALARM: patch for hard-float ld-linux soname
  if [[ $CARCH == "armv6h" || $CARCH == "armv7h" ]]; then
    patch -p1 -i ${srcdir}/local-soname-hack.diff
@ -170,14 +156,5 @@ package() {
                      usr/lib/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-*.so \
                      usr/lib/{libdl,libm,libnsl,libresolv,librt,libutil}-*.so \
                      usr/lib/{libmemusage,libpcprofile,libSegFault}.so \
-                      usr/lib/{pt_chown,{audit,gconv}/*.so}
+                      usr/lib/{audit,gconv}/*.so
 }
-md5sums=('87bf675c8ee523ebda4803e8e1cec638'
-         '6db4d1661cf34282755dc90330465f6d'
-         'fb99380d94598cc76d793deebf630022'
-         'fa192d063312907797eb48f59da99588'
-         'dee46cbd2e544a61c263a0af39cc934c'
-         'ad8a9af15ab7eeaa23dc7ee85024af9f'
-         'bccbe5619e75cf1d97312ec3681c605c'
-         '07ac979b6ab5eeb778d55f041529d623'
-         '476e9113489f93b348b21e144b6a8fcf')
--- a/core/glibc/glibc-2.17-getaddrinfo-stack-overflow.patch
+++ b/core/glibc/glibc-2.17-getaddrinfo-stack-overflow.patch
@ -1,47 +0,0 @@
-diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
-index d95c2d1..2309281 100644
--- a/sysdeps/posix/getaddrinfo.c
-+++ b/sysdeps/posix/getaddrinfo.c
-@@ -2489,11 +2489,27 @@ getaddrinfo (const char *name, const char *service,
-       __typeof (once) old_once = once;
-       __libc_once (once, gaiconf_init);
-       /* Sort results according to RFC 3484.  */
-      struct sort_result results[nresults];
-      size_t order[nresults];
-+      struct sort_result *results;
-+      size_t *order;
-       struct addrinfo *q;
-       struct addrinfo *last = NULL;
-       char *canonname = NULL;
-+      bool malloc_results;
-+
-+      malloc_results
-+	= !__libc_use_alloca (nresults * (sizeof (*results) + sizeof (size_t)));
-+      if (malloc_results)
-+	{
-+	  results = malloc (nresults * (sizeof (*results) + sizeof (size_t)));
-+	  if (results == NULL)
-+	    {
-+	      __free_in6ai (in6ai);
-+	      return EAI_MEMORY;
-+	    }
-+	}
-+      else
-+	results = alloca (nresults * (sizeof (*results) + sizeof (size_t)));
-+      order = (size_t *) (results + nresults);
- 
-       /* Now we definitely need the interface information.  */
-       if (! check_pf_called)
-@@ -2664,6 +2680,9 @@ getaddrinfo (const char *name, const char *service,
- 
-       /* Fill in the canonical name into the new first entry.  */
-       p->ai_canonname = canonname;
-+
-+      if (malloc_results)
-+	free (results);
-     }
- 
-   __free_in6ai (in6ai);
-- 
-1.7.1
-
--- a/core/glibc/glibc-2.17-regexp-matcher-overrun.patch
+++ b/core/glibc/glibc-2.17-regexp-matcher-overrun.patch
@ -1,137 +0,0 @@
-diff --git a/posix/Makefile b/posix/Makefile
-index 88d409f..2cacd21 100644
--- a/posix/Makefile
-+++ b/posix/Makefile
-@@ -86,7 +86,7 @@ tests		:= tstgetopt testfnm runtests runptests	     \
- 		   tst-rfc3484-3 \
- 		   tst-getaddrinfo3 tst-fnmatch2 tst-cpucount tst-cpuset \
- 		   bug-getopt1 bug-getopt2 bug-getopt3 bug-getopt4 \
-		   bug-getopt5 tst-getopt_long1
-+		   bug-getopt5 tst-getopt_long1 bug-regex34
- xtests		:= bug-ga2
- ifeq (yes,$(build-shared))
- test-srcs	:= globtest
-@@ -199,5 +199,6 @@ bug-regex26-ENV = LOCPATH=$(common-objpfx)localedata
- bug-regex30-ENV = LOCPATH=$(common-objpfx)localedata
- bug-regex32-ENV = LOCPATH=$(common-objpfx)localedata
- bug-regex33-ENV = LOCPATH=$(common-objpfx)localedata
-+bug-regex34-ENV = LOCPATH=$(common-objpfx)localedata
- tst-rxspencer-ARGS = --utf8 rxspencer/tests
- tst-rxspencer-ENV = LOCPATH=$(common-objpfx)localedata
-diff --git a/posix/bug-regex34.c b/posix/bug-regex34.c
-new file mode 100644
-index 0000000..bb3b613
--- /dev/null
-+++ b/posix/bug-regex34.c
-@@ -0,0 +1,46 @@
-+/* Test re_search with multi-byte characters in UTF-8.
-+   Copyright (C) 2013 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   <http://www.gnu.org/licenses/>.  */
-+
-+#define _GNU_SOURCE 1
-+#include <stdio.h>
-+#include <string.h>
-+#include <locale.h>
-+#include <regex.h>
-+
-+static int
-+do_test (void)
-+{
-+  struct re_pattern_buffer r;
-+  /* áá»á½ááºá¯ááºx */
-+  const char *s = "\xe1\x80\x80\xe1\x80\xbb\xe1\x80\xbd\xe1\x80\x94\xe1\x80\xba\xe1\x80\xaf\xe1\x80\x95\xe1\x80\xbax";
-+
-+  if (setlocale (LC_ALL, "en_US.UTF-8") == NULL)
-+    {
-+      puts ("setlocale failed");
-+      return 1;
-+    }
-+  memset (&r, 0, sizeof (r));
-+
-+  re_compile_pattern ("[^x]x", 5, &r);
-+  /* This was triggering a buffer overflow.  */
-+  re_search (&r, s, strlen (s), 0, strlen (s), 0);
-+  return 0;
-+}
-+
-+#define TEST_FUNCTION do_test ()
-+#include "../test-skeleton.c"
-diff --git a/posix/regexec.c b/posix/regexec.c
-index 7f2de85..5ca2bf6 100644
--- a/posix/regexec.c
-+++ b/posix/regexec.c
-@@ -197,7 +197,7 @@ static int group_nodes_into_DFAstates (const re_dfa_t *dfa,
- static int check_node_accept (const re_match_context_t *mctx,
- 			      const re_token_t *node, int idx)
-      internal_function;
-static reg_errcode_t extend_buffers (re_match_context_t *mctx)
-+static reg_errcode_t extend_buffers (re_match_context_t *mctx, int min_len)
-      internal_function;
- 
- /* Entry point for POSIX code.  */
-@@ -1160,7 +1160,7 @@ check_matching (re_match_context_t *mctx, int fl_longest_match,
- 	  || (BE (next_char_idx >= mctx->input.valid_len, 0)
- 	      && mctx->input.valid_len < mctx->input.len))
- 	{
-	  err = extend_buffers (mctx);
-+	  err = extend_buffers (mctx, next_char_idx + 1);
- 	  if (BE (err != REG_NOERROR, 0))
- 	    {
- 	      assert (err == REG_ESPACE);
-@@ -1738,7 +1738,7 @@ clean_state_log_if_needed (re_match_context_t *mctx, int next_state_log_idx)
- 	  && mctx->input.valid_len < mctx->input.len))
-     {
-       reg_errcode_t err;
-      err = extend_buffers (mctx);
-+      err = extend_buffers (mctx, next_state_log_idx + 1);
-       if (BE (err != REG_NOERROR, 0))
- 	return err;
-     }
-@@ -2792,7 +2792,7 @@ get_subexp (re_match_context_t *mctx, int bkref_node, int bkref_str_idx)
- 		  if (bkref_str_off >= mctx->input.len)
- 		    break;
- 
-		  err = extend_buffers (mctx);
-+		  err = extend_buffers (mctx, bkref_str_off + 1);
- 		  if (BE (err != REG_NOERROR, 0))
- 		    return err;
- 
-@@ -4102,7 +4102,7 @@ check_node_accept (const re_match_context_t *mctx, const re_token_t *node,
- 
- static reg_errcode_t
- internal_function __attribute_warn_unused_result__
-extend_buffers (re_match_context_t *mctx)
-+extend_buffers (re_match_context_t *mctx, int min_len)
- {
-   reg_errcode_t ret;
-   re_string_t *pstr = &mctx->input;
-@@ -4111,8 +4111,10 @@ extend_buffers (re_match_context_t *mctx)
-   if (BE (INT_MAX / 2 / sizeof (re_dfastate_t *) <= pstr->bufs_len, 0))
-     return REG_ESPACE;
- 
-  /* Double the lengthes of the buffers.  */
-  ret = re_string_realloc_buffers (pstr, MIN (pstr->len, pstr->bufs_len * 2));
-+  /* Double the lengthes of the buffers, but allocate at least MIN_LEN.  */
-+  ret = re_string_realloc_buffers (pstr,
-+				   MAX (min_len,
-+					MIN (pstr->len, pstr->bufs_len * 2)));
-   if (BE (ret != REG_NOERROR, 0))
-     return ret;
- 
-- 
-1.7.1
-
--- a/core/glibc/glibc-2.17-sync-with-linux37.patch
+++ b/core/glibc/glibc-2.17-sync-with-linux37.patch
@ -1,130 +0,0 @@
-diff --git a/sysdeps/gnu/netinet/tcp.h b/sysdeps/gnu/netinet/tcp.h
-index 06e8414..b62a696 100644
--- a/sysdeps/gnu/netinet/tcp.h
-+++ b/sysdeps/gnu/netinet/tcp.h
-@@ -37,20 +37,29 @@
- /*
-  * User-settable options (used with setsockopt).
-  */
-#define	TCP_NODELAY	 1	/* Don't delay send to coalesce packets  */
-#define	TCP_MAXSEG	 2	/* Set maximum segment size  */
-#define TCP_CORK	 3	/* Control sending of partial frames  */
-#define TCP_KEEPIDLE	 4	/* Start keeplives after this period */
-#define TCP_KEEPINTVL	 5	/* Interval between keepalives */
-#define TCP_KEEPCNT	 6	/* Number of keepalives before death */
-#define TCP_SYNCNT	 7	/* Number of SYN retransmits */
-#define TCP_LINGER2	 8	/* Life time of orphaned FIN-WAIT-2 state */
-#define TCP_DEFER_ACCEPT 9	/* Wake up listener only when data arrive */
-#define TCP_WINDOW_CLAMP 10	/* Bound advertised window */
-#define TCP_INFO	 11	/* Information about this connection. */
-#define	TCP_QUICKACK	 12	/* Bock/reenable quick ACKs.  */
-#define TCP_CONGESTION	 13	/* Congestion control algorithm.  */
-#define TCP_MD5SIG	 14	/* TCP MD5 Signature (RFC2385) */
-+#define	TCP_NODELAY		 1  /* Don't delay send to coalesce packets  */
-+#define	TCP_MAXSEG		 2  /* Set maximum segment size  */
-+#define TCP_CORK		 3  /* Control sending of partial frames  */
-+#define TCP_KEEPIDLE		 4  /* Start keeplives after this period */
-+#define TCP_KEEPINTVL		 5  /* Interval between keepalives */
-+#define TCP_KEEPCNT		 6  /* Number of keepalives before death */
-+#define TCP_SYNCNT		 7  /* Number of SYN retransmits */
-+#define TCP_LINGER2		 8  /* Life time of orphaned FIN-WAIT-2 state */
-+#define TCP_DEFER_ACCEPT	 9  /* Wake up listener only when data arrive */
-+#define TCP_WINDOW_CLAMP	 10 /* Bound advertised window */
-+#define TCP_INFO		 11 /* Information about this connection. */
-+#define	TCP_QUICKACK		 12 /* Bock/reenable quick ACKs.  */
-+#define TCP_CONGESTION		 13 /* Congestion control algorithm.  */
-+#define TCP_MD5SIG		 14 /* TCP MD5 Signature (RFC2385) */
-+#define TCP_COOKIE_TRANSACTIONS	 15 /* TCP Cookie Transactions */
-+#define TCP_THIN_LINEAR_TIMEOUTS 16 /* Use linear timeouts for thin streams*/
-+#define TCP_THIN_DUPACK		 17 /* Fast retrans. after 1 dupack */
-+#define TCP_USER_TIMEOUT	 18 /* How long for loss retry before timeout */
-+#define TCP_REPAIR		 19 /* TCP sock is under repair right now */
-+#define TCP_REPAIR_QUEUE	 20 /* Set TCP queue to repair */
-+#define TCP_QUEUE_SEQ		 21 /* Set sequence number of repaired queue. */
-+#define TCP_REPAIR_OPTIONS	 22 /* Repair TCP connection options */
-+#define TCP_FASTOPEN		 23 /* Enable FastOpen on listeners */
- 
- #ifdef __USE_MISC
- # include <sys/types.h>
-@@ -173,7 +182,9 @@ enum
- # define TCPI_OPT_TIMESTAMPS	1
- # define TCPI_OPT_SACK		2
- # define TCPI_OPT_WSCALE	4
-# define TCPI_OPT_ECN		8
-+# define TCPI_OPT_ECN		8  /* ECN was negociated at TCP session init */
-+# define TCPI_OPT_ECN_SEEN	16 /* we received at least one packet with ECT */
-+# define TCPI_OPT_SYN_DATA	32 /* SYN-ACK acked data in SYN sent or rcvd */
- 
- /* Values for tcpi_state.  */
- enum tcp_ca_state
-@@ -241,6 +252,49 @@ struct tcp_md5sig
-   u_int8_t	tcpm_key[TCP_MD5SIG_MAXKEYLEN];	/* Key (binary).  */
- };
- 
-+/* For socket repair options.  */
-+struct tcp_repair_opt
-+{
-+  u_int32_t	opt_code;
-+  u_int32_t	opt_val;
-+};
-+
-+/* Queue to repair, for TCP_REPAIR_QUEUE.  */
-+enum
-+{
-+  TCP_NO_QUEUE,
-+  TCP_RECV_QUEUE,
-+  TCP_SEND_QUEUE,
-+  TCP_QUEUES_NR,
-+};
-+
-+/* For cookie transactions socket options.  */
-+#define TCP_COOKIE_MIN		8		/*  64-bits */
-+#define TCP_COOKIE_MAX		16		/* 128-bits */
-+#define TCP_COOKIE_PAIR_SIZE	(2*TCP_COOKIE_MAX)
-+
-+/* Flags for both getsockopt and setsockopt */
-+#define TCP_COOKIE_IN_ALWAYS	(1 << 0)	/* Discard SYN without cookie */
-+#define TCP_COOKIE_OUT_NEVER	(1 << 1)	/* Prohibit outgoing cookies,
-+						 * supercedes everything. */
-+
-+/* Flags for getsockopt */
-+#define TCP_S_DATA_IN		(1 << 2)	/* Was data received? */
-+#define TCP_S_DATA_OUT		(1 << 3)	/* Was data sent? */
-+
-+#define TCP_MSS_DEFAULT		 536U	/* IPv4 (RFC1122, RFC2581) */
-+#define TCP_MSS_DESIRED		1220U	/* IPv6 (tunneled), EDNS0 (RFC3226) */
-+
-+struct tcp_cookie_transactions
-+{
-+  u_int16_t	tcpct_flags;
-+  u_int8_t	__tcpct_pad1;
-+  u_int8_t	tcpct_cookie_desired;
-+  u_int16_t	tcpct_s_data_desired;
-+  u_int16_t	tcpct_used;
-+  u_int8_t	tcpct_value[TCP_MSS_DEFAULT];
-+};
-+
- #endif /* Misc.  */
- 
- #endif /* netinet/tcp.h */
-diff --git a/sysdeps/unix/sysv/linux/bits/socket.h b/sysdeps/unix/sysv/linux/bits/socket.h
-index df8f167..eadd7d9 100644
--- a/sysdeps/unix/sysv/linux/bits/socket.h
-+++ b/sysdeps/unix/sysv/linux/bits/socket.h
-@@ -1,6 +1,5 @@
- /* System-specific socket constants and types.  Linux version.
-   Copyright (C) 1991, 1992, 1994-2001, 2004, 2006-2010, 2011, 2012
-   Free Software Foundation, Inc.
-+   Copyright (C) 1991-2013 Free Software Foundation, Inc.
-    This file is part of the GNU C Library.
- 
-    The GNU C Library is free software; you can redistribute it and/or
-@@ -208,6 +207,8 @@ enum
- #define	MSG_MORE	MSG_MORE
-     MSG_WAITFORONE	= 0x10000, /* Wait for at least one packet to return.*/
- #define MSG_WAITFORONE	MSG_WAITFORONE
-+    MSG_FASTOPEN	= 0x20000000, /* Send data in TCP SYN.  */
-+#define MSG_FASTOPEN	MSG_FASTOPEN
- 
-     MSG_CMSG_CLOEXEC	= 0x40000000	/* Set close_on_exit for file
- 					   descriptor received through
--- a/core/glibc/nscd.service
+++ b/core/glibc/nscd.service
@ -1,15 +1,16 @@
+# systemd service file for nscd
+
 [Unit]
 Description=Name Service Cache Daemon
-After=syslog.target
 
 [Service]
-Type=forking
-ExecStart=/usr/sbin/nscd
+Type=simple
+ExecStart=/usr/sbin/nscd --foreground
 ExecStop=/usr/sbin/nscd --shutdown
 ExecReload=/usr/sbin/nscd -i passwd
 ExecReload=/usr/sbin/nscd -i group
 ExecReload=/usr/sbin/nscd -i hosts
-ExecReload=/usr/sbin/nscd -i service
+ExecReload=/usr/sbin/nscd -i services
 Restart=always
 PIDFile=/run/nscd/nscd.pid
 
--- a/core/glibc/nscd.tmpfiles
+++ b/core/glibc/nscd.tmpfiles
@ -1 +1,4 @@
+# Configuration to create /run/nscd directory
+# Used as part of systemd's tmpfiles
+
 d /run/nscd 0755 root root