diff --git a/ChangeLog b/ChangeLog index f343428..ac7d980 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,94 @@ +2014-11-24 Siddhesh Poyarekar + + [BZ #17266] + * misc/sys/cdefs.h: Define __extern_always_inline for clang + 4.2 and newer. + +2014-11-19 Carlos O'Donell + Florian Weimer + Joseph Myers + Adam Conrad + Andreas Schwab + Brooks + + [BZ #17625] + * wordexp-test.c (__dso_handle): Add prototype. + (__register_atfork): Likewise. + (__app_register_atfork): New function. + (registered_forks): New global. + (register_fork): New function. + (test_case): Add 3 new tests for WRDE_CMDSUB. + (main): Call __app_register_atfork. + (testit): If WRDE_NOCMD set registered_forks to zero, run test, and if + fork count is non-zero fail the test. + * posix/wordexp.c (exec_comm): Return WRDE_CMDSUB if WRDE_NOCMD flag + is set. + (parse_dollars): Remove check for WRDE_NOCMD. + (parse_dquote): Likewise. + +2014-11-10 Renlin Li + + [BZ #17555] + * sysdeps/aarch64/start.S (_start): Delete x29 overwritten assignment. + +2014-10-22 Maciej W. Rozycki + + [BZ #17485] + * sysdeps/unix/sysv/linux/mips/vfork.S (__libc_vfork): Define. + +2014-10-08 Roland McGrath + + [BZ #17460] + * nscd/nscd.c (more_help): Rewrite list of tables collection + using xstrdup and asprintf. + + * nscd/nscd_conf.c: Remove local xstrdup declaration. + +2014-10-09 Allan McRae + + * po/fr.po: Update French translation from translation project. + +2014-09-16 Siddhesh Poyarekar + + [BZ #17370] + * libio/wfileops.c (do_ftell_wide): Free OUT on error path. + +2014-09-11 Tim Lammens + + [BZ #17370] + * libio/wfileops (do_ftell_wide): Free OUT. + +2014-09-16 Siddhesh Poyarekar + Jakub Jelinek + + [BZ #17266] + * libio/stdio.h: Check definition of __fortify_function + instead of __extern_always_inline to include bits/stdio2.h. + * math/bits/math-finite.h [__USE_XOPEN || __USE_ISOC99]: Also + check if __extern_always_inline is defined. + [__USE_MISC || __USE_XOPEN]: Likewise. + [__USE_ISOC99] Likewise. + * misc/sys/cdefs.h (__fortify_function): Define only if + __extern_always_inline is defined. + [!__cplusplus || __GNUC_PREREQ (4,3)]: Revert to defining + __extern_always_inline and __extern_inline only for g++-4.3 + and newer or a compatible gcc. + +2014-09-15 Andreas Schwab + + [BZ #17371] + * sysdeps/unix/sysv/linux/ifaddrs.c (getifaddrs_internal): Fix + last change to handle zero prefix length. + +2014-09-12 Joseph Myers + + * sysdeps/gnu/netinet/udp.h (UDP_NO_CHECK6_TX): New macro. + (UDP_NO_CHECK6_RX): Likewise. + +2014-09-13 Allan McRae + + * po/ru.po: Update Russian translation from translation project. + 2014-09-07 Allan McRae using `glibc' in the "product" field. +Version 2.20.1 + +* The following bugs are resolved with this release: + + 17266, 17370, 17371, 17460, 17485, 17555, 17625. + +* CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag + under certain input conditions resulting in the execution of a shell for + command substitution when the applicaiton did not request it. The + implementation now checks WRDE_NOCMD immediately before executing the + shell and returns the error WRDE_CMDSUB as expected. + + Version 2.20 * The following bugs are resolved with this release: diff --git a/libio/stdio.h b/libio/stdio.h index d8c0bdb..1f4f837 100644 --- a/libio/stdio.h +++ b/libio/stdio.h @@ -932,7 +932,7 @@ extern void funlockfile (FILE *__stream) __THROW; #ifdef __USE_EXTERN_INLINES # include #endif -#if __USE_FORTIFY_LEVEL > 0 && defined __extern_always_inline +#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function # include #endif #ifdef __LDBL_COMPAT diff --git a/libio/wfileops.c b/libio/wfileops.c index f123add..c5ec5f7 100644 --- a/libio/wfileops.c +++ b/libio/wfileops.c @@ -708,9 +708,13 @@ do_ftell_wide (_IO_FILE *fp) sequences must be complete since they are accepted as wchar_t; if not, then that is an error. */ if (__glibc_unlikely (status != __codecvt_ok)) - return WEOF; + { + free (out); + return WEOF; + } offset += outstop - out; + free (out); } /* We don't trust _IO_read_end to represent the current file offset diff --git a/math/bits/math-finite.h b/math/bits/math-finite.h index aa755de..0656645 100644 --- a/math/bits/math-finite.h +++ b/math/bits/math-finite.h @@ -251,7 +251,8 @@ extern long double __REDIRECT_NTH (lgammal_r, (long double, int *), # endif #endif -#if defined __USE_XOPEN || defined __USE_ISOC99 +#if ((defined __USE_XOPEN || defined __USE_ISOC99) \ + && defined __extern_always_inline) /* lgamma. */ __extern_always_inline double __NTH (lgamma (double __d)) { @@ -284,7 +285,8 @@ __extern_always_inline long double __NTH (lgammal (long double __d)) # endif #endif -#if defined __USE_MISC || defined __USE_XOPEN +#if ((defined __USE_MISC || defined __USE_XOPEN) \ + && defined __extern_always_inline) /* gamma. */ __extern_always_inline double __NTH (gamma (double __d)) { @@ -422,7 +424,7 @@ extern long double __REDIRECT_NTH (sqrtl, (long double), __sqrtl_finite); # endif #endif -#ifdef __USE_ISOC99 +#if defined __USE_ISOC99 && defined __extern_always_inline /* tgamma. */ extern double __gamma_r_finite (double, int *); __extern_always_inline double __NTH (tgamma (double __d)) diff --git a/misc/sys/cdefs.h b/misc/sys/cdefs.h index 04db956..711ac1d 100644 --- a/misc/sys/cdefs.h +++ b/misc/sys/cdefs.h @@ -131,7 +131,6 @@ /* Fortify support. */ #define __bos(ptr) __builtin_object_size (ptr, __USE_FORTIFY_LEVEL > 1) #define __bos0(ptr) __builtin_object_size (ptr, 0) -#define __fortify_function __extern_always_inline __attribute_artificial__ #if __GNUC_PREREQ (4,3) # define __warndecl(name, msg) \ @@ -318,12 +317,19 @@ # define __attribute_artificial__ /* Ignore */ #endif -#ifdef __GNUC__ -/* One of these will be defined if the __gnu_inline__ attribute is - available. In C++, __GNUC_GNU_INLINE__ will be defined even though - __inline does not use the GNU inlining rules. If neither macro is - defined, this version of GCC only supports GNU inline semantics. */ -# if defined __GNUC_STDC_INLINE__ || defined __GNUC_GNU_INLINE__ +/* GCC 4.3 and above with -std=c99 or -std=gnu99 implements ISO C99 + inline semantics, unless -fgnu89-inline is used. Using __GNUC_STDC_INLINE__ + or __GNUC_GNU_INLINE is not a good enough check for gcc because gcc versions + older than 4.3 may define these macros and still not guarantee GNU inlining + semantics. + + clang++ identifies itself as gcc-4.2, but has support for GNU inlining + semantics, that can be checked fot by using the __GNUC_STDC_INLINE_ and + __GNUC_GNU_INLINE__ macro definitions. */ +#if (!defined __cplusplus || __GNUC_PREREQ (4,3) \ + || (defined __clang__ && (defined __GNUC_STDC_INLINE__ \ + || defined __GNUC_GNU_INLINE__))) +# if defined __GNUC_STDC_INLINE__ || defined __cplusplus # define __extern_inline extern __inline __attribute__ ((__gnu_inline__)) # define __extern_always_inline \ extern __always_inline __attribute__ ((__gnu_inline__)) @@ -331,9 +337,10 @@ # define __extern_inline extern __inline # define __extern_always_inline extern __always_inline # endif -#else /* Not GCC. */ -# define __extern_inline /* Ignore */ -# define __extern_always_inline /* Ignore */ +#endif + +#ifdef __extern_always_inline +# define __fortify_function __extern_always_inline __attribute_artificial__ #endif /* GCC 4.3 and above allow passing all anonymous arguments of an diff --git a/nscd/nscd.c b/nscd/nscd.c index 7131ead..b7704b3 100644 --- a/nscd/nscd.c +++ b/nscd/nscd.c @@ -451,33 +451,36 @@ parse_opt (int key, char *arg, struct argp_state *state) static char * more_help (int key, const char *text, void *input) { - char *tables, *tp = NULL; - switch (key) { case ARGP_KEY_HELP_EXTRA: { - dbtype cnt; + /* We print some extra information. */ - tables = xmalloc (sizeof (dbnames) + 1); - for (cnt = 0; cnt < lastdb; cnt++) + char *tables = xstrdup (dbnames[0]); + for (dbtype i = 1; i < lastdb; ++i) { - strcat (tables, dbnames[cnt]); - strcat (tables, " "); + char *more_tables; + if (asprintf (&more_tables, "%s %s", tables, dbnames[i]) < 0) + more_tables = NULL; + free (tables); + if (more_tables == NULL) + return NULL; + tables = more_tables; } - } - /* We print some extra information. */ - if (asprintf (&tp, gettext ("\ + char *tp; + if (asprintf (&tp, gettext ("\ Supported tables:\n\ %s\n\ \n\ For bug reporting instructions, please see:\n\ %s.\n\ "), tables, REPORT_BUGS_TO) < 0) - tp = NULL; - free (tables); - return tp; + tp = NULL; + free (tables); + return tp; + } default: break; @@ -622,15 +625,15 @@ monitor_child (int fd) } if (WIFEXITED (status)) - { - child_ret = WEXITSTATUS (status); - fprintf (stderr, _("child exited with status %d\n"), child_ret); - } + { + child_ret = WEXITSTATUS (status); + fprintf (stderr, _("child exited with status %d\n"), child_ret); + } if (WIFSIGNALED (status)) - { - child_ret = WTERMSIG (status); - fprintf (stderr, _("child terminated by signal %d\n"), child_ret); - } + { + child_ret = WTERMSIG (status); + fprintf (stderr, _("child terminated by signal %d\n"), child_ret); + } } /* We have the child status, so exit with that code. */ diff --git a/nscd/nscd_conf.c b/nscd/nscd_conf.c index 7856ed9..c8e194d 100644 --- a/nscd/nscd_conf.c +++ b/nscd/nscd_conf.c @@ -32,9 +32,6 @@ #include "dbg_log.h" #include "nscd.h" -/* Wrapper functions with error checking for standard functions. */ -extern char *xstrdup (const char *s); - /* Names of the databases. */ const char *const dbnames[lastdb] = diff --git a/po/fr.po b/po/fr.po index fbf564a..bb7a924 100644 --- a/po/fr.po +++ b/po/fr.po @@ -6673,11 +6673,11 @@ msgstr "Erreur d'entrée/sortie sur l'hôte cible" #: sysdeps/gnu/errlist.c:1399 msgid "No medium found" -msgstr "Aucun medium trouvé" +msgstr "Aucun médium trouvé" #: sysdeps/gnu/errlist.c:1407 msgid "Wrong medium type" -msgstr "Mauvais type de medium" +msgstr "Mauvais type de médium" #: sysdeps/gnu/errlist.c:1415 msgid "Required key not available" diff --git a/po/ru.po b/po/ru.po index 8596b47..d3d0973 100644 --- a/po/ru.po +++ b/po/ru.po @@ -13,7 +13,7 @@ msgid "" msgstr "" "Project-Id-Version: libc 2.19.90\n" "POT-Creation-Date: 2014-08-09 17:06+1000\n" -"PO-Revision-Date: 2014-08-21 14:55+0400\n" +"PO-Revision-Date: 2014-09-10 16:38+0400\n" "Last-Translator: Yuri Kozlov \n" "Language-Team: Russian \n" "Language: ru\n" @@ -76,7 +76,7 @@ msgstr "Выдает краткую информацию об использов #: iconv/iconv_prog.c:60 iconv/iconv_prog.c:61 nscd/nscd.c:105 #: nss/makedb.c:120 msgid "NAME" -msgstr "ФАЙЛ" +msgstr "ИМЯ" #: argp/argp-parse.c:104 msgid "Set the program name" @@ -123,7 +123,7 @@ msgstr "" #: catgets/gencat.c:110 msgid "Create C header file NAME containing symbol definitions" -msgstr "Создает заголовочный ФАЙЛ на Си, содержащий определения символов." +msgstr "Создает заголовочный файл с ИМЕНЕМ на Си, содержащий определения символов." #: catgets/gencat.c:112 msgid "Do not use existing catalog, force new output file" @@ -131,7 +131,7 @@ msgstr "Не использовать существующий каталог, #: catgets/gencat.c:113 nss/makedb.c:120 msgid "Write output to file NAME" -msgstr "Записать вывод в ФАЙЛ" +msgstr "Записать вывод в файл с ИМЕНЕМ" #: catgets/gencat.c:118 msgid "" @@ -4098,7 +4098,7 @@ msgstr "Перезагрузка «%s (%s,%s,%s)» в кэше netgroup!" #: nscd/nscd.c:106 msgid "Read configuration data from NAME" -msgstr "Читать конфигурационные данные из ФАЙЛА" +msgstr "Читать конфигурационные данные из файла с ИМЕНЕМ" #: nscd/nscd.c:108 msgid "Do not fork and display messages on the current tty" diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c index 4957006..bdd65e4 100644 --- a/posix/wordexp-test.c +++ b/posix/wordexp-test.c @@ -27,6 +27,25 @@ #define IFS " \n\t" +extern void *__dso_handle __attribute__ ((__weak__, __visibility__ ("hidden"))); +extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); + +static int __app_register_atfork (void (*prepare) (void), void (*parent) (void), void (*child) (void)) +{ + return __register_atfork (prepare, parent, child, + &__dso_handle == NULL ? NULL : __dso_handle); +} + +/* Number of forks seen. */ +static int registered_forks; + +/* For each fork increment the fork count. */ +static void +register_fork (void) +{ + registered_forks++; +} + struct test_case_struct { int retval; @@ -206,6 +225,12 @@ struct test_case_struct { WRDE_SYNTAX, NULL, "$((2+))", 0, 0, { NULL, }, IFS }, { WRDE_SYNTAX, NULL, "`", 0, 0, { NULL, }, IFS }, { WRDE_SYNTAX, NULL, "$((010+4+))", 0, 0, { NULL }, IFS }, + /* Test for CVE-2014-7817. We test 3 combinations of command + substitution inside an arithmetic expression to make sure that + no commands are executed and error is returned. */ + { WRDE_CMDSUB, NULL, "$((`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, + { WRDE_CMDSUB, NULL, "$((1+`echo 1`))", WRDE_NOCMD, 0, { NULL, }, IFS }, + { WRDE_CMDSUB, NULL, "$((1+$((`echo 1`))))", WRDE_NOCMD, 0, { NULL, }, IFS }, { -1, NULL, NULL, 0, 0, { NULL, }, IFS }, }; @@ -258,6 +283,15 @@ main (int argc, char *argv[]) return -1; } + /* If we are not allowed to do command substitution, we install + fork handlers to verify that no forks happened. No forks should + happen at all if command substitution is disabled. */ + if (__app_register_atfork (register_fork, NULL, NULL) != 0) + { + printf ("Failed to register fork handler.\n"); + return -1; + } + for (test = 0; test_case[test].retval != -1; test++) if (testit (&test_case[test])) ++fail; @@ -367,6 +401,9 @@ testit (struct test_case_struct *tc) printf ("Test %d (%s): ", ++tests, tc->words); + if (tc->flags & WRDE_NOCMD) + registered_forks = 0; + if (tc->flags & WRDE_APPEND) { /* initial wordexp() call, to be appended to */ @@ -378,6 +415,13 @@ testit (struct test_case_struct *tc) } retval = wordexp (tc->words, &we, tc->flags); + if ((tc->flags & WRDE_NOCMD) + && (registered_forks > 0)) + { + printf ("FAILED fork called for WRDE_NOCMD\n"); + return 1; + } + if (tc->flags & WRDE_DOOFFS) start_offs = sav_we.we_offs; diff --git a/posix/wordexp.c b/posix/wordexp.c index b6b65dd..26f3a26 100644 --- a/posix/wordexp.c +++ b/posix/wordexp.c @@ -893,6 +893,10 @@ exec_comm (char *comm, char **word, size_t *word_length, size_t *max_length, pid_t pid; int noexec = 0; + /* Do nothing if command substitution should not succeed. */ + if (flags & WRDE_NOCMD) + return WRDE_CMDSUB; + /* Don't fork() unless necessary */ if (!comm || !*comm) return 0; @@ -2082,9 +2086,6 @@ parse_dollars (char **word, size_t *word_length, size_t *max_length, } } - if (flags & WRDE_NOCMD) - return WRDE_CMDSUB; - (*offset) += 2; return parse_comm (word, word_length, max_length, words, offset, flags, quoted? NULL : pwordexp, ifs, ifs_white); @@ -2196,9 +2197,6 @@ parse_dquote (char **word, size_t *word_length, size_t *max_length, break; case '`': - if (flags & WRDE_NOCMD) - return WRDE_CMDSUB; - ++(*offset); error = parse_backtick (word, word_length, max_length, words, offset, flags, NULL, NULL, NULL); @@ -2357,12 +2355,6 @@ wordexp (const char *words, wordexp_t *pwordexp, int flags) break; case '`': - if (flags & WRDE_NOCMD) - { - error = WRDE_CMDSUB; - goto do_error; - } - ++words_offset; error = parse_backtick (&word, &word_length, &max_length, words, &words_offset, flags, pwordexp, ifs, diff --git a/sysdeps/aarch64/start.S b/sysdeps/aarch64/start.S index 35d603a..69b45ea 100644 --- a/sysdeps/aarch64/start.S +++ b/sysdeps/aarch64/start.S @@ -47,7 +47,6 @@ _start: /* Create an initial frame with 0 LR and FP */ mov x29, #0 mov x30, #0 - mov x29, sp /* Setup rtld_fini in argument register */ mov x5, x0 diff --git a/sysdeps/gnu/netinet/udp.h b/sysdeps/gnu/netinet/udp.h index 32159cd..8cc1c60 100644 --- a/sysdeps/gnu/netinet/udp.h +++ b/sysdeps/gnu/netinet/udp.h @@ -78,6 +78,10 @@ struct udphdr #define UDP_CORK 1 /* Never send partially complete segments. */ #define UDP_ENCAP 100 /* Set the socket to accept encapsulated packets. */ +#define UDP_NO_CHECK6_TX 101 /* Disable sending checksum for UDP + over IPv6. */ +#define UDP_NO_CHECK6_RX 102 /* Disable accepting checksum for UDP + over IPv6. */ /* UDP encapsulation types */ #define UDP_ENCAP_ESPINUDP_NON_IKE 1 /* draft-ietf-ipsec-nat-t-ike-00/01 */ diff --git a/sysdeps/unix/sysv/linux/ifaddrs.c b/sysdeps/unix/sysv/linux/ifaddrs.c index 2c04e17..a47b2ed 100644 --- a/sysdeps/unix/sysv/linux/ifaddrs.c +++ b/sysdeps/unix/sysv/linux/ifaddrs.c @@ -770,20 +770,17 @@ getifaddrs_internal (struct ifaddrs **ifap) if (cp != NULL) { - char c; unsigned int preflen; - if ((max_prefixlen > 0) && - (ifam->ifa_prefixlen > max_prefixlen)) + if (ifam->ifa_prefixlen > max_prefixlen) preflen = max_prefixlen; else preflen = ifam->ifa_prefixlen; - for (i = 0; i < ((preflen - 1) / 8); i++) + for (i = 0; i < preflen / 8; i++) *cp++ = 0xff; - c = 0xff; - c <<= ((128 - preflen) % 8); - *cp = c; + if (preflen % 8) + *cp = 0xff << (8 - preflen % 8); } } } diff --git a/sysdeps/unix/sysv/linux/mips/vfork.S b/sysdeps/unix/sysv/linux/mips/vfork.S index 80c362d..2c1a747 100644 --- a/sysdeps/unix/sysv/linux/mips/vfork.S +++ b/sysdeps/unix/sysv/linux/mips/vfork.S @@ -108,3 +108,4 @@ L(error): libc_hidden_def(__vfork) weak_alias (__vfork, vfork) +strong_alias (__vfork, __libc_vfork)