Commit 3d3af575 authored by Niels Breet's avatar Niels Breet

[glibc] Update to 2.28. Fixes JB#45154

Fixes CVE-2016-10739, CVE-2016-6261, CVE-2016-6263, CVE-2017-14062,
CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591,
CVE-2019-6488, CVE-2019-7309, CVE-2019-9169
parent 4c941e27
This diff is collapsed.
This diff is collapsed.
diff -ru glibc-2.13/nscd/nscd_stat.c glibc-2.13-no-timestamping/nscd/nscd_stat.c
--- glibc-2.13/nscd/nscd_stat.c 2011-08-24 07:43:18.419464199 +0200
+++ glibc-2.13-no-timestamping/nscd/nscd_stat.c 2011-08-24 07:43:52.837209224 +0200
@@ -38,7 +38,7 @@
/* We use this to make sure the receiver is the same. */
-static const char compilation[21] = __DATE__ " " __TIME__;
+static const char compilation[21] = "built on OBS";
/* Statistic data for one database. */
struct dbstat
--- glibc-2.25/bits/wordsize.h.bak 2018-11-08 15:12:14.756848932 +0200 diff --git a/bits/endian.h b/bits/endian.h
+++ glibc-2.25/bits/wordsize.h 2018-11-08 15:13:00.505009458 +0200 index 45afd4a..f49f6ab 100644
@@ -1,27 +1,25 @@ --- a/bits/endian.h
-#error "This file must be written based on the data type sizes of the target" +++ b/bits/endian.h
@@ -1,13 +1,10 @@
-/* This file should define __BYTE_ORDER as appropriate for the machine
- in question. See string/endian.h for how to define it.
- -
/* The following entries are a template for what defines should be in the - If only the stub bits/endian.h applies to a particular configuration,
wordsize.h header file for a target. */ - bytesex.h is generated by running a program on the host machine.
- So if cross-compiling to a machine with a different byte order,
/* Size in bits of the 'long int' and pointer types. */ - the bits/endian.h file for that machine must exist. */
-#define __WORDSIZE -
+#define __WORDSIZE 32 #ifndef _ENDIAN_H
# error "Never use <bits/endian.h> directly; include <endian.h> instead."
/* This should be set to 1 if __WORDSIZE is 32 and size_t is type #endif
'unsigned long' instead of type 'unsigned int'. This will ensure
that SIZE_MAX is defined as an unsigned long constant instead of an
unsigned int constant. Set to 0 if __WORDSIZE is 32 and size_t is
'unsigned int' and leave undefined if __WORDSIZE is 64. */
-#define __WORDSIZE32_SIZE_ULONG
+#define __WORDSIZE32_SIZE_ULONG 0
/* This should be set to 1 if __WORDSIZE is 32 and ptrdiff_t is type 'long'
instead of type 'int'. This will ensure that PTRDIFF_MIN and PTRDIFF_MAX
are defined as long constants instead of int constants. Set to 0 if
__WORDSIZE is 32 and ptrdiff_t is type 'int' and leave undefined if
__WORDSIZE is 64. */
-#define __WORDSIZE32_PTRDIFF_LONG
+#define __WORDSIZE32_PTRDIFF_LONG 0
/* Set to 1 in order to force time types to be 32 bits instead of 64 bits in
struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in
order to make 64-bit ports compatible with 32-bit ports. Set to 0 for
64-bit ports where the time types are 64-bits or for any 32-bit ports. */
-#define __WORDSIZE_TIME64_COMPAT32
+#define __WORDSIZE_TIME64_COMPAT32 0
--- glibc-2.25/bits/errno.h.bak 2018-11-08 14:32:39.009340807 +0200
+++ glibc-2.25/bits/errno.h 2018-11-08 14:43:21.450954354 +0200
@@ -1,4 +1,5 @@
-/* Copyright (C) 1991-2017 Free Software Foundation, Inc.
+/* Error constants. Linux specific version.
+ Copyright (C) 1996-2014 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -15,20 +16,51 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
-/* This file defines the `errno' constants. */ -#error Machine byte order unknown.
+#ifdef _ERRNO_H +/* ARM can be either big or little endian. */
+#ifdef __ARMEB__
+#define __BYTE_ORDER __BIG_ENDIAN
+#else
+#define __BYTE_ORDER __LITTLE_ENDIAN
+#endif
diff --git a/bits/errno.h b/bits/errno.h
index 36c09f3..4eef942 100644
--- a/bits/errno.h
+++ b/bits/errno.h
@@ -25,26 +25,52 @@
# error "Never include <bits/errno.h> directly; use <errno.h> instead."
#endif
-#if !defined __Emath_defined && (defined _ERRNO_H || defined __need_Emath) -#error "Generic bits/errno.h included -- port is incomplete."
-#undef __need_Emath -
-#define __Emath_defined 1 -/* Authors of new ports of the GNU C Library must override this file
- with their own bits/errno.h in an appropriate subdirectory of
- sysdeps/. Its function is to define all of the error constants
- from C2011 and POSIX.1-2008, with values appropriate to the
- operating system, and any additional OS-specific error constants.
- -
-# define EDOM XXX <--- fill in what is actually needed - C2011 requires all error constants to be object-like macros that
-# define EILSEQ XXX <--- fill in what is actually needed - expand to "integer constant expressions with type int, positive
-# define ERANGE XXX <--- fill in what is actually needed - values, and suitable for use in #if directives". Moreover, all of
-#endif - their names must begin with a capital E, followed immediately by
- either another capital letter, or a digit. It is OK to define
- macros that are not error constants, but only in the implementation
- namespace.
- -
-#ifdef _ERRNO_H - errno.h is sometimes included from assembly language. Therefore,
-# error "Define here all the missing error messages for the port. These" - when __ASSEMBLER__ is defined, bits/errno.h may only define macros;
-# error "must match the numbers of the kernel." - it may not make any other kind of C declaration or definition.
-# define Exxxx XXX - Also, the error constants should, if at all possible, expand to
-... - simple decimal or hexadecimal numbers. */
-#endif +#ifdef _ERRNO_H
+# undef EDOM +
+# undef EILSEQ
+# undef ERANGE
+# include <linux/errno.h> +# include <linux/errno.h>
+ +
+/* Linux has no ENOTSUP error code. */ +/* Older Linux headers do not define these constants. */
+# define ENOTSUP EOPNOTSUPP +# ifndef ENOTSUP
+# define ENOTSUP EOPNOTSUPP
+# endif
+ +
+/* Older Linux versions also had no ECANCELED error code. */ +/* Older Linux versions also had no ECANCELED error code. */
+# ifndef ECANCELED +# ifndef ECANCELED
...@@ -109,25 +98,41 @@ ...@@ -109,25 +98,41 @@
+# define EILSEQ 84 /* Illegal byte sequence. */ +# define EILSEQ 84 /* Illegal byte sequence. */
+# define ERANGE 34 /* Math result not representable. */ +# define ERANGE 34 /* Math result not representable. */
+#endif /* !_ERRNO_H && __need_Emath */ +#endif /* !_ERRNO_H && __need_Emath */
--- glibc-2.25/bits/endian.h.bak 2018-11-08 15:51:55.110637120 +0200
+++ glibc-2.25/bits/endian.h 2018-11-08 15:52:20.538742585 +0200 #endif /* bits/errno.h. */
@@ -1,13 +1,10 @@ diff --git a/bits/wordsize.h b/bits/wordsize.h
-/* This file should define __BYTE_ORDER as appropriate for the machine index 14edae3..46ac7fd 100644
- in question. See string/endian.h for how to define it. --- a/bits/wordsize.h
- +++ b/bits/wordsize.h
- If only the stub bits/endian.h applies to a particular configuration, @@ -1,27 +1,25 @@
- bytesex.h is generated by running a program on the host machine. -#error "This file must be written based on the data type sizes of the target"
- So if cross-compiling to a machine with a different byte order,
- the bits/endian.h file for that machine must exist. */
- -
#ifndef _ENDIAN_H /* The following entries are a template for what defines should be in the
# error "Never use <bits/endian.h> directly; include <endian.h> instead." wordsize.h header file for a target. */
#endif
-#error Machine byte order unknown. /* Size in bits of the 'long int' and pointer types. */
+/* ARM can be either big or little endian. */ -#define __WORDSIZE
+#ifdef __ARMEB__ +#define __WORDSIZE 32
+#define __BYTE_ORDER __BIG_ENDIAN
+#else /* This should be set to 1 if __WORDSIZE is 32 and size_t is type
+#define __BYTE_ORDER __LITTLE_ENDIAN 'unsigned long' instead of type 'unsigned int'. This will ensure
+#endif that SIZE_MAX is defined as an unsigned long constant instead of an
unsigned int constant. Set to 0 if __WORDSIZE is 32 and size_t is
'unsigned int' and leave undefined if __WORDSIZE is 64. */
-#define __WORDSIZE32_SIZE_ULONG
+#define __WORDSIZE32_SIZE_ULONG 0
/* This should be set to 1 if __WORDSIZE is 32 and ptrdiff_t is type 'long'
instead of type 'int'. This will ensure that PTRDIFF_MIN and PTRDIFF_MAX
are defined as long constants instead of int constants. Set to 0 if
__WORDSIZE is 32 and ptrdiff_t is type 'int' and leave undefined if
__WORDSIZE is 64. */
-#define __WORDSIZE32_PTRDIFF_LONG
+#define __WORDSIZE32_PTRDIFF_LONG 0
/* Set to 1 in order to force time types to be 32 bits instead of 64 bits in
struct lastlog and struct utmp{,x} on 64-bit ports. This may be done in
order to make 64-bit ports compatible with 32-bit ports. Set to 0 for
64-bit ports where the time types are 64-bits or for any 32-bit ports. */
-#define __WORDSIZE_TIME64_COMPAT32
+#define __WORDSIZE_TIME64_COMPAT32 0
Index: eglibc-2.19/elf/dl-load.c diff --git a/elf/dl-load.c b/elf/dl-load.c
=================================================================== index 7554a99..eb34a7a 100644
--- eglibc-2.19.orig/elf/dl-load.c --- a/elf/dl-load.c
+++ eglibc-2.19/elf/dl-load.c +++ b/elf/dl-load.c
@@ -482,7 +482,7 @@ static size_t max_dirnamelen; @@ -385,7 +385,8 @@ static size_t max_dirnamelen;
static struct r_search_path_elem ** static struct r_search_path_elem **
fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep, fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
int check_trusted, const char *what, const char *where, - const char *what, const char *where, struct link_map *l)
- struct link_map *l) + const char *what, const char *where, struct link_map *l,
+ struct link_map *l, const char *rpath_prefix) + const char *rpath_prefix)
{ {
char *cp; char *cp;
size_t nelems = 0; size_t nelems = 0;
@@ -520,9 +520,23 @@ fillin_rpath (char *rpath, struct r_sear @@ -425,9 +426,23 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
} }
/* See if this directory is already known. */ /* See if this directory is already known. */
- for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next) - for (dirp = GL(dl_all_dirs); dirp != NULL; dirp = dirp->next)
- if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) - if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
...@@ -35,10 +36,10 @@ Index: eglibc-2.19/elf/dl-load.c ...@@ -35,10 +36,10 @@ Index: eglibc-2.19/elf/dl-load.c
+ if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0) + if (dirp->dirnamelen == len && memcmp (cp, dirp->dirname, len) == 0)
+ break; + break;
+ } + }
if (dirp != NULL) if (dirp != NULL)
{ {
@@ -540,22 +554,43 @@ fillin_rpath (char *rpath, struct r_sear @@ -445,22 +460,43 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
size_t cnt; size_t cnt;
enum r_dir_status init_val; enum r_dir_status init_val;
size_t where_len = where ? strlen (where) + 1 : 0; size_t where_len = where ? strlen (where) + 1 : 0;
...@@ -50,7 +51,7 @@ Index: eglibc-2.19/elf/dl-load.c ...@@ -50,7 +51,7 @@ Index: eglibc-2.19/elf/dl-load.c
+ rpath_prefix_len = strlen (rpath_prefix); + rpath_prefix_len = strlen (rpath_prefix);
+ if (*cp != '/') rpath_prefix_len++; /* need to add a '/' */ + if (*cp != '/') rpath_prefix_len++; /* need to add a '/' */
+ } + }
/* It's a new directory. Create an entry and add it. */ /* It's a new directory. Create an entry and add it. */
dirp = (struct r_search_path_elem *) dirp = (struct r_search_path_elem *)
malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status) malloc (sizeof (*dirp) + ncapstr * sizeof (enum r_dir_status)
...@@ -59,7 +60,7 @@ Index: eglibc-2.19/elf/dl-load.c ...@@ -59,7 +60,7 @@ Index: eglibc-2.19/elf/dl-load.c
if (dirp == NULL) if (dirp == NULL)
_dl_signal_error (ENOMEM, NULL, NULL, _dl_signal_error (ENOMEM, NULL, NULL,
N_("cannot create cache for search path")); N_("cannot create cache for search path"));
dirp->dirname = ((char *) dirp + sizeof (*dirp) dirp->dirname = ((char *) dirp + sizeof (*dirp)
+ ncapstr * sizeof (enum r_dir_status)); + ncapstr * sizeof (enum r_dir_status));
- *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0'; - *((char *) __mempcpy ((char *) dirp->dirname, cp, len)) = '\0';
...@@ -79,16 +80,16 @@ Index: eglibc-2.19/elf/dl-load.c ...@@ -79,16 +80,16 @@ Index: eglibc-2.19/elf/dl-load.c
+ *((char *) __mempcpy (prefixend, cp, len)) = '\0'; + *((char *) __mempcpy (prefixend, cp, len)) = '\0';
+ } + }
+ dirp->dirnamelen = len + rpath_prefix_len; + dirp->dirnamelen = len + rpath_prefix_len;
- if (len > max_dirnamelen) - if (len > max_dirnamelen)
- max_dirnamelen = len; - max_dirnamelen = len;
+ if ((len + rpath_prefix_len) > max_dirnamelen) + if ((len + rpath_prefix_len) > max_dirnamelen)
+ max_dirnamelen = len + rpath_prefix_len; + max_dirnamelen = len + rpath_prefix_len;
/* We have to make sure all the relative directories are /* We have to make sure all the relative directories are
never ignored. The current directory might change and never ignored. The current directory might change and
@@ -566,7 +601,8 @@ fillin_rpath (char *rpath, struct r_sear @@ -471,7 +507,8 @@ fillin_rpath (char *rpath, struct r_search_path_elem **result, const char *sep,
dirp->what = what; dirp->what = what;
if (__glibc_likely (where != NULL)) if (__glibc_likely (where != NULL))
- dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1 - dirp->where = memcpy ((char *) dirp + sizeof (*dirp) + len + 1
...@@ -97,59 +98,59 @@ Index: eglibc-2.19/elf/dl-load.c ...@@ -97,59 +98,59 @@ Index: eglibc-2.19/elf/dl-load.c
+ (ncapstr * sizeof (enum r_dir_status)), + (ncapstr * sizeof (enum r_dir_status)),
where, where_len); where, where_len);
else else
@@ -668,7 +704,7 @@ decompose_rpath (struct r_search_path_st @@ -570,7 +607,7 @@ decompose_rpath (struct r_search_path_struct *sps,
_dl_signal_error (ENOMEM, NULL, NULL, errstring); _dl_signal_error (ENOMEM, NULL, NULL, errstring);
} }
- fillin_rpath (copy, result, ":", 0, what, where, l); - fillin_rpath (copy, result, ":", what, where, l);
+ fillin_rpath (copy, result, ":", 0, what, where, l, GLRO(dl_rpath_prefix)); + fillin_rpath (copy, result, ":", what, where, l, GLRO(dl_rpath_prefix));
/* Free the copied RPATH string. `fillin_rpath' make own copies if /* Free the copied RPATH string. `fillin_rpath' make own copies if
necessary. */ necessary. */
@@ -871,7 +907,7 @@ _dl_init_paths (const char *llp) @@ -755,7 +792,7 @@ _dl_init_paths (const char *llp)
}
(void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;", (void) fillin_rpath (llp_tmp, env_path_list.dirs, ":;",
__libc_enable_secure, "LD_LIBRARY_PATH", - "LD_LIBRARY_PATH", NULL, l);
- NULL, l); + "LD_LIBRARY_PATH", NULL, l, NULL/*no prefix*/);
+ NULL, l, NULL/*no prefix*/);
if (env_path_list.dirs[0] == NULL) if (env_path_list.dirs[0] == NULL)
{ {
Index: eglibc-2.19/elf/dl-support.c diff --git a/elf/dl-support.c b/elf/dl-support.c
=================================================================== index 114f77a..502399f 100644
--- eglibc-2.19.orig/elf/dl-support.c --- a/elf/dl-support.c
+++ eglibc-2.19/elf/dl-support.c +++ b/elf/dl-support.c
@@ -61,6 +61,9 @@ const char *_dl_profile_output; @@ -58,6 +58,9 @@ const char *_dl_profile_output;
ignored. */ ignored. */
const char *_dl_inhibit_rpath; const char *_dl_inhibit_rpath;
+/* prefix to be added to all RUNPATHs and RPATHs */ +/* prefix to be added to all RUNPATHs and RPATHs */
+const char *_dl_rpath_prefix = NULL; +const char *_dl_rpath_prefix = NULL;
+ +
/* The map for the object we will profile. */ /* The map for the object we will profile. */
struct link_map *_dl_profile_map; struct link_map *_dl_profile_map;
Index: eglibc-2.19/elf/rtld.c diff --git a/elf/rtld.c b/elf/rtld.c
=================================================================== index 453f56e..c6bdd02 100644
--- eglibc-2.19.orig/elf/rtld.c --- a/elf/rtld.c
+++ eglibc-2.19/elf/rtld.c +++ b/elf/rtld.c
@@ -991,6 +991,15 @@ dl_main (const ElfW(Phdr) *phdr, @@ -965,6 +965,15 @@ dl_main (const ElfW(Phdr) *phdr,
_dl_argc -= 2; {
_dl_argv += 2; GLRO(dl_inhibit_rpath) = _dl_argv[2];
}
+ _dl_skip_args += 2;
+ _dl_argc -= 2;
+ _dl_argv += 2;
+ }
+ else if (! strcmp (_dl_argv[1], "--rpath-prefix") + else if (! strcmp (_dl_argv[1], "--rpath-prefix")
+ && _dl_argc > 2) + && _dl_argc > 2)
+ { + {
+ GLRO(dl_rpath_prefix) = _dl_argv[2]; + GLRO(dl_rpath_prefix) = _dl_argv[2];
+ +
+ _dl_skip_args += 2; _dl_skip_args += 2;
+ _dl_argc -= 2; _dl_argc -= 2;
+ _dl_argv += 2; _dl_argv += 2;
+ } @@ -1003,6 +1012,7 @@ of this helper program; chances are you did not intend to run this program.\n\
else if (! strcmp (_dl_argv[1], "--audit") && _dl_argc > 2)
{
process_dl_audit (_dl_argv[2]);
@@ -1025,6 +1034,7 @@ of this helper program; chances are you
--inhibit-cache Do not use " LD_SO_CACHE "\n\ --inhibit-cache Do not use " LD_SO_CACHE "\n\
--library-path PATH use given PATH instead of content of the environment\n\ --library-path PATH use given PATH instead of content of the environment\n\
variable LD_LIBRARY_PATH\n\ variable LD_LIBRARY_PATH\n\
...@@ -157,11 +158,11 @@ Index: eglibc-2.19/elf/rtld.c ...@@ -157,11 +158,11 @@ Index: eglibc-2.19/elf/rtld.c
--inhibit-rpath LIST ignore RUNPATH and RPATH information in object names\n\ --inhibit-rpath LIST ignore RUNPATH and RPATH information in object names\n\
in LIST\n\ in LIST\n\
--audit LIST use objects named in LIST as auditors\n"); --audit LIST use objects named in LIST as auditors\n");
Index: eglibc-2.19/sysdeps/generic/ldsodefs.h diff --git a/sysdeps/generic/ldsodefs.h b/sysdeps/generic/ldsodefs.h
=================================================================== index 0ea2786..a9bff29 100644
--- eglibc-2.19.orig/sysdeps/generic/ldsodefs.h --- a/sysdeps/generic/ldsodefs.h
+++ eglibc-2.19/sysdeps/generic/ldsodefs.h +++ b/sysdeps/generic/ldsodefs.h
@@ -600,6 +600,12 @@ struct rtld_global_ro @@ -608,6 +608,12 @@ struct rtld_global_ro
/* List of auditing interfaces. */ /* List of auditing interfaces. */
struct audit_ifaces *_dl_audit; struct audit_ifaces *_dl_audit;
unsigned int _dl_naudit; unsigned int _dl_naudit;
...@@ -173,4 +174,4 @@ Index: eglibc-2.19/sysdeps/generic/ldsodefs.h ...@@ -173,4 +174,4 @@ Index: eglibc-2.19/sysdeps/generic/ldsodefs.h
+#ifdef SHARED +#ifdef SHARED
}; };
# define __rtld_global_attribute__ # define __rtld_global_attribute__
# ifdef IS_IN_rtld # if IS_IN (rtld)
* Thu Apr 25 2019 Niels Breet <niels.breet@jolla.com> - 2.28+git1
- Update to 2.28. Fixes JB#45154
- Fixes CVE-2016-10739, CVE-2016-6261, CVE-2016-6263, CVE-2017-14062,
CVE-2017-18269, CVE-2018-11236, CVE-2018-11237, CVE-2018-19591,
CVE-2019-6488, CVE-2019-7309, CVE-2019-9169
* Thu Mar 28 2019 Marko Saukko <marko.saukko@jolla.com> - 2.27+git1
- Update to 2.27. Fixes JB#45152
- Drop already integrated patch glibc-2.25-posix-spawn-fix.patch
- Drop not needed patch glibc-2.25-no-timestamping.patch
- Fixes CVE-2009-5064, CVE-2017-15670, CVE-2017-15671, CVE-2017-15804,
CVE-2017-17426, CVE-2017-1000408, CVE-2017-1000409, CVE-2017-16997,
CVE-2018-1000001,CVE-2018-6485
2.26 Fixes CVE-2017-1000366, CVE-2010-3192, CVE-2010-3192,
CVE-2017-12132
* Wed Mar 27 2019 Marko Kenttälä <marko.kenttala@jolla.com> - 2.25+git5 * Wed Mar 27 2019 Marko Kenttälä <marko.kenttala@jolla.com> - 2.25+git5
- Added debuginfo handling, fixes jb#45224 - Added debuginfo handling, fixes jb#45224
......
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment