| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
| |
This reverts commits 80f87443eed17838fe453f1f5406ccf5d3698c25
and a824d609581d5ee7544aabcbbc70e8da44b2b5b6.
See bug 20069. We can revisit this change once there has been a GCC
release with a fix for Address Sanitizer.
|
| |
|
|
| |
(cherry picked from commit ff889b196575c2fbf6aa7130abb1ec862714ea4e)
|
| |
|
|
|
|
|
|
|
|
| |
This patch fixes the new test tst-dlsym-error build on aarch64
(and possible other architectures as well) due missing strchrnul
definition.
* elf/tst-dlsym-error.c: Include <string.h> for strchrnul.
(cherry picked from commit e91bd7465816f474617dcb4bbfe72f3594c5783c)
|
| |
|
|
|
|
|
|
|
|
| |
* elf/dl-lookup.c (_dl_lookup_symbol_x): Report error even if
skip_map != NULL.
* elf/tst-dlsym-error.c: New file.
* elf/Makefile (tests): Add tst-dlsym-error.
(tst-dlsym-error): Link against libdl.
(cherry picked from commit 7d45c163d00c88d5875a112343c4ea3e61349e6b)
|
| |
|
|
| |
(cherry picked from commit 920b35c92ed8f41796c090c2819434e56701da5b)
|
| |
|
|
|
|
|
|
| |
Instead, we store the data we need from the return value of
readdir in an object of the new type struct readdir_result.
This type is independent of the layout of struct dirent.
(cherry picked from commit 5171f3079f2cc53e0548fc4967361f4d1ce9d7ea)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, application code had to set up the d_namlen member if
the target supported it, involving conditional compilation. After
this change, glob will use the length of the string in d_name instead
of d_namlen to determine the file name length. All glibc targets
provide the d_type and d_ino members, and setting them as needed for
gl_readdir is straightforward.
Changing the behavior with regards to d_ino is left to a future
cleanup.
(cherry picked from commit 137fe72eca6923a00381a3ca9f0e7672c1f85e3f)
|
| |
|
|
| |
(cherry picked from commit 985fc132f23dbb83de76c5af9e783ef1b5900148)
|
| |
|
|
|
|
|
|
| |
[BZ# 19860]
* sysdeps/x86_64/tst-audit10.c (avx512_enabled): Always return
zero if the compiler does not provide the AVX512F bit.
(cherry picked from commit f327f5b47be57bc05a4077344b381016c1bb2c11)
|
| |
|
|
| |
(cherry picked from commit 3bd80c0de2f8e7ca8020d37739339636d169957e)
|
| |
|
|
|
|
|
| |
This ensures that GCC will not use unsupported instructions before
the run-time check to ensure support.
(cherry picked from commit 3c0f7407eedb524c9114bb675cd55b903c71daaa)
|
| |
|
|
|
|
|
|
|
| |
In various error scenarios (for example, if the server closes the
TCP connection before sending the full response), send_vc can return
without resetting the *resplen2 value. This can pass uninitialized
or unexpected data to the caller.
(cherry picked from commit b9bdfa7c8fa22c944bb5f21a673dfd1f91b71c56)
|
| |
|
|
|
|
|
| |
This requires additional checks for the RDATA length and the
availability of record metadata.
(cherry picked from commit a12f9431b3808e78b9ed397e4fce7de69410d94d)
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, we allocated room in the result space before the check,
leaving uninitialized data there in case the check failed.
This also consolidates the behavior between single (A or AAAA) and
dual (A and AAAA in parallel) queries. Single queries checked
the record length against the QTYPE, not the RRTYPE.
(cherry picked from commit 5e0c421cc07e2d06945b863ed3bb92395472705d)
|
| |
|
|
|
|
| |
The fix for bug 14841 only removed part of the logging.
(cherry picked from commit b9b026c9c00db1a1b5b4a3caa28162655a04a882)
|
| |
|
|
|
|
|
| |
In _nss_dns_getcanonname_r, a check for the availability of RR metadata
was missing as well.
(cherry picked from commit f749498fa53df9ead81e291cd9378d67483c2452)
|
| |
|
|
| |
(cherry picked from commit d29fb41f4431ca35ea360498ef9d37558ce90d76)
|
| |
|
|
|
|
| |
Fixes build on i386 after commit 29d794863cd6e03115d3670707cc873a9965ba92.
(cherry picked from commit 186fe877f3df0b84d57dfbf0386f6332c6aa69bc)
|
| |
|
|
|
|
|
|
|
| |
The fork handler now runs so late that there is no risk anymore that
other fork handlers in the same thread use malloc, so it is no
longer necessary to install malloc hooks which made a subset
of malloc functionality available to the thread that called fork.
(cherry picked from commit 8a727af925be63aa6ea0f5f90e16751fd541626b)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, a thread M invoking fork would acquire locks in this order:
(M1) malloc arena locks (in the registered fork handler)
(M2) libio list lock
A thread F invoking flush (NULL) would acquire locks in this order:
(F1) libio list lock
(F2) individual _IO_FILE locks
A thread G running getdelim would use this order:
(G1) _IO_FILE lock
(G2) malloc arena lock
After executing (M1), (F1), (G1), none of the threads can make progress.
This commit changes the fork lock order to:
(M'1) libio list lock
(M'2) malloc arena locks
It explicitly encodes the lock order in the implementations of fork,
and does not rely on the registration order, thus avoiding the deadlock.
(cherry picked from commit 29d794863cd6e03115d3670707cc873a9965ba92)
|
| |
|
|
|
|
|
|
| |
* malloc/Makefile ($(objpfx)tst-malloc-backtrace,
$(objpfx)tst-malloc-thread-exit, $(objpfx)tst-malloc-thread-fail): Use
$(shared-thread-library) instead of hardcoding the path to libpthread.
(cherry picked from commit b87e41378beca3c98ec3464d64835e66cc788497)
|
| |
|
|
|
|
|
| |
No functional change. It was not possible to build without
threading support before.
(cherry picked from commit 59eda029a8a35e5f4e5cd7be0f84c6629e48ec6e)
|
| |
|
|
| |
(cherry picked from commit 8a03ccbb77f52ec4b55062eeedddb8daec1a33e4)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The Hesiod implementation imported into glibc was enhanced
to support caller-supplied resolver states. But its only
consumer is nss_hesiod, and it supplies the thread-local
resolver state. Therefore, this commit changes the Hesiod
implementation to use the thread-local resolver state (_res)
directly. This fixes bug 19573 because the Hesiod
implementation no longer has to initialize and free any
resolver state.
To avoid any risk of interposition of ABI-incompatible Hesiod
function implementations, this commit marks the Hesiod functions
as hidden. (They were already hidden using a linker version
script.)
(cherry picked from commit 5018f16c6205404ba3aa7298dc8a3d45fbd46bfc)
|
| |
|
|
| |
(cherry picked from commit dbdc657dc0b962ef3ac61585c81e0828d8da42ee)
|
| |
|
|
|
|
|
|
|
| |
The AF_LOCAL and AF_INET/AF_INET6 non-numerci service conversion
did not return EAI_OVERFLOW if the supplied buffer was too small,
silently returning truncated data. In the AF_INET/AF_INET6
numeric cases, the snprintf return value checking was incorrect.
(cherry picked from commit 066746783d6c6c0f61b39c741177e24a9b398a20)
|
| |
|
|
|
|
|
|
| |
In the numeric AF_INET/AF_INET6 case, if inet_ntop fails
as the result of a short host buffer, we used to call strnlen
on the uninitialized host buffer.
(cherry picked from commit 1c3490d4b29fc5b3f30dd6b13082046aee94443d)
|
| |
|
|
| |
(cherry picked from commit c9b0e6a432e827b61f12eb52c2aaeadc77b64461)
|
| |
|
|
|
|
|
| |
Split getnameinfo into separate functions for host and service
lookups, and for different address families.
(cherry picked from commit 2dce81a319601e1ee110f7316f705b48c5686e72)
|
| |
|
|
|
|
|
|
| |
POSIX does not require it, the companion getaddrinfo implementation
does not do it, and this behavior is not documented in the manual
page, either.
(cherry picked from commit 2b54cbce2c363ab6ae89d10657d7465858116d7a)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Reproducer (needs to run as root):
perl -e \
'print "large:x:999:" . join(",", map {"user$_"} (1 .. 135))."\n"' \
>> /etc/group
cd /var/db
make
getent -s db group
After the fix, the last command should list the "large" group.
The magic number 135 has been chosen so that the line is shorter than
1024 bytes, but the pointers required to encode the member array will
cross the threshold, triggering the bug.
(cherry picked from commit a6033052d08027f745867e5e346852da1959226c)
|
| |
|
|
| |
(cherry picked from commit df1cf48777fe4cd81ad7fb09ecbe5b31432b7c1c)
|
| |
|
|
|
|
|
| |
POSIX defines the = operator, but not ==. Fix the few places where we
incorrectly used ==.
(cherry picked from commit b2d4456b333970ab4cb01ed8045b9a8d2c4832f3)
|
| |
|
|
|
|
|
|
| |
The defensive copy is not needed because the name may not alias the
output buffer.
(cherry picked from commit 317b199b4aff8cfa27f2302ab404d2bb5032b9a4)
(cherry picked from commit 883dceebc8f11921a9890211a4e202e5be17562f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Starting with z13, vector registers can also occur as argument registers.
Thus the passed input/output register structs for
la_s390_[32|64]_gnu_plt[enter|exit] functions should reflect those new
registers. This patch extends these structs La_s390_regs and La_s390_retval
and adjusts _dl_runtime_profile() to handle those fields in case of
running on a z13 machine.
(picked from upstream commit 5cdd1989d1d2f135d02e66250f37ba8e767f9772)
ChangeLog:
* sysdeps/s390/bits/link.h: (La_s390_vr) New typedef.
(La_s390_32_regs): Append vector register lr_v24-lr_v31.
(La_s390_64_regs): Likewise.
(La_s390_32_retval): Append vector register lrv_v24.
(La_s390_64_retval): Likeweise.
* sysdeps/s390/s390-32/dl-trampoline.h (_dl_runtime_profile):
Handle extended structs La_s390_32_regs and La_s390_32_retval.
* sysdeps/s390/s390-64/dl-trampoline.h (_dl_runtime_profile):
Handle extended structs La_s390_64_regs and La_s390_64_retval.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On s390, no fpr/vrs were saved while resolving a symbol
via _dl_runtime_resolve/_dl_runtime_profile.
According to the abi, the fpr-arguments are defined as call clobbered.
In leaf-functions, gcc 4.9 and newer can use fprs for saving/restoring gprs
instead of saving them to the stack.
If gcc do this in one of the resolver-functions, then the floating point
arguments of a library-function are invalid for the first library-function-call.
Thus, this patch saves/restores the fprs around the resolving code.
The same could occur for vector registers. Furthermore an ifunc-resolver
could also clobber the vector/floating point argument registers.
Thus this patch provides the further variants _dl_runtime_resolve_vx/
_dl_runtime_profile_vx, which are used if the kernel claims, that
we run on a machine with vector registers.
Furthermore, if _dl_runtime_profile calls _dl_call_pltexit,
the pointers to inregs-/outregs-structs were setup invalid.
Now they point to the correct location in the stack-frame.
Before branching back to the caller, the return values are now
restored instead of containing the return values of the
_dl_call_pltexit() call.
On s390-32, an endless loop occurs if _dl_call_pltexit() should be called.
Now, this code-path branches to this function instead of just after the
preceding basr-instruction.
(Picked from upstream commits 4603c51ef7989d7eb800cdd6f42aab206f891077
and d8a012c5c9e4bfc1b8db2bc6deacb85b44a2e1eb)
ChangeLog:
* sysdeps/s390/s390-32/dl-trampoline.S: Include dl-trampoline.h twice
to create a non-vector/vector version for _dl_runtime_resolve and
_dl_runtime_profile. Move implementation to ...
* sysdeps/s390/s390-32/dl-trampoline.h: ... here.
(_dl_runtime_resolve) Save and restore fpr/vrs.
(_dl_runtime_profile) Save and restore vrs and fix some issues
if _dl_call_pltexit is called.
* sysdeps/s390/s390-32/dl-machine.h (elf_machine_runtime_setup):
Choose the correct resolver function if running on a machine with vx.
* sysdeps/s390/s390-64/dl-trampoline.S: Include dl-trampoline.h twice
to create a non-vector/vector version for _dl_runtime_resolve and
_dl_runtime_profile. Move implementation to ...
* sysdeps/s390/s390-64/dl-trampoline.h: ... here.
(_dl_runtime_resolve) Save and restore fpr/vrs.
(_dl_runtime_profile) Save and restore vrs and fix some issues
* sysdeps/s390/s390-64/dl-machine.h: (elf_machine_runtime_setup):
Choose the correct resolver function if running on a machine with vx.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Since commit 44d20bca52ace85850012b0ead37b360e3ecd96e (Implement
second fallback mode for DNS requests), there is a code path which
returns early, before *resplen2 is initialized. This happens if the
name server address is immediately recognized as invalid (because of
lack of protocol support, or if it is a broadcast address such
255.255.255.255, or another invalid address).
If this happens and *resplen2 was non-zero (which is the case if a
previous query resulted in a failure), __libc_res_nquery would reuse
an existing second answer buffer. This answer has been previously
identified as unusable (for example, it could be an NXDOMAIN
response). Due to the presence of a second answer, no name server
switching will occur. The result is a name resolution failure,
although a successful resolution would have been possible if name
servers have been switched and queries had proceeded along the search
path.
The above paragraph still simplifies the situation. Before glibc
2.23, if the second answer needed malloc, the stub resolver would
still attempt to reuse the second answer, but this is not possible
because __libc_res_nsearch has freed it, after the unsuccessful call
to __libc_res_nquerydomain, and set the buffer pointer to NULL. This
eventually leads to an assertion failure in __libc_res_nquery:
/* Make sure both hp and hp2 are defined */
assert((hp != NULL) && (hp2 != NULL));
If assertions are disabled, the consequence is a NULL pointer
dereference on the next line.
Starting with glibc 2.23, as a result of commit
e9db92d3acfe1822d56d11abcea5bfc4c41cf6ca (CVE-2015-7547: getaddrinfo()
stack-based buffer overflow (Bug 18665)), the second answer is always
allocated with malloc. This means that the assertion failure happens
with small responses as well because there is no buffer to reuse, as
soon as there is a name resolution failure which triggers a search for
an answer along the search path.
This commit addresses the issue by ensuring that *resplen2 is
initialized before the send_dg function returns.
This commit also addresses a bug where an invalid second reply is
incorrectly returned as a valid to the caller.
(cherry picked from commit b66d837bb5398795c6b0f651bd5a5d66091d8577)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When installing glibc (w/mathvec enabled) in-place on a system with
a glibc w/out mathvec enabled, the install will clobber the existing
libm.so (e.g., /lib64/libm-2.21.so) with a linker script. This is
because libm.so is a symlink to libm.so.6 which is a symlink to the
final libm-2.21.so file. When the makefile writes the linker script
directly to libm.so, it gets clobbered.
The simple patch below to math/Makefile fixes this. It is based on
the nptl Makefile, which does exactly the same thing in a safer way.
(cherry picked from commit f9378ac3773ffe998a2b3406568778ee9f77f759)
|
| |
|
|
|
|
|
|
| |
The number of currently defined nameservers is stored in ->nscount,
whereas ->_u._ext.nscount is set by __libc_res_nsend only after local
initializations.
(cherry picked from commit 5e7fdabd7df1fc6c56d104e61390bf5a6b526c38)
|
| |
|
|
|
|
|
|
|
| |
We should turn on bit_Prefer_MAP_32BIT_EXEC in EXTRA_LD_ENVVARS without
overriding other bits.
[BZ #19758]
* sysdeps/unix/sysv/linux/x86_64/64/dl-librecon.h
(EXTRA_LD_ENVVARS): Or bit_Prefer_MAP_32BIT_EXEC.
|
| |
|
|
|
|
|
|
|
|
| |
Since x86 has an optimized mempcpy and GCC can inline mempcpy on x86,
define _HAVE_STRING_ARCH_mempcpy to 1 for x86.
[BZ #19759]
* sysdeps/x86/bits/string.h (_HAVE_STRING_ARCH_mempcpy): New.
(cherry picked from commit 2b35e48c0c547b3f6f81996ce7ad7d67e24c7329)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HAS_ARCH_FEATURE, not HAS_CPU_FEATURE, should be used with
Fast_Rep_String.
[BZ #19762]
* sysdeps/i386/i686/multiarch/bcopy.S (bcopy): Use
HAS_ARCH_FEATURE with Fast_Rep_String.
* sysdeps/i386/i686/multiarch/bzero.S (__bzero): Likewise.
* sysdeps/i386/i686/multiarch/memcpy.S (memcpy): Likewise.
* sysdeps/i386/i686/multiarch/memcpy_chk.S (__memcpy_chk):
Likewise.
* sysdeps/i386/i686/multiarch/memmove_chk.S (__memmove_chk):
Likewise.
* sysdeps/i386/i686/multiarch/mempcpy.S (__mempcpy): Likewise.
* sysdeps/i386/i686/multiarch/mempcpy_chk.S (__mempcpy_chk):
Likewise.
* sysdeps/i386/i686/multiarch/memset.S (memset): Likewise.
* sysdeps/i386/i686/multiarch/memset_chk.S (__memset_chk):
Likewise.
(cherry picked from commit 4e940b2f4b577f3a530e0580373f7c2d569f4d63)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In makecontext the FDE needs to be terminated before the return
trampoline otherwise backtrace called within a context created by
makecontext yields infinite backtrace.
This bug has been present for a long time, stdlib/tst-makecontext did
not fail until recent commit e535ce25. Tested on mips-linux-gnu and
mips64el-linux-gnuabi64 and mips-linux-gnu, no regression.
This fixes stdlib/tst-makecontext on MIPS.
Changelog:
[BZ #19792]
* sysdeps/unix/sysv/linux/mips/makecontext.S (__makecontext):
Terminate FDE before return label.
(cherry picked from commit f8e9c4d30c28b8815e65a391416e8b15d2e7cbb8)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The GNU libc testsuite fails to build on powerpc/ppc64/ppc64le with the
following error:
../sysdeps/powerpc/test-get_hwcap.c:26:22: fatal error: sys/auxv.h: No such file or director
This is because test-get_hwcap.c includes <sys/auxv.h>, but we don't
provide a wrapper in include/sys. This patch adds one.
Changelog:
* include/sys/auxv.h: New file.
(cherry picked from commit 0b8dedd38f304d796b6b9b349428bea7f1f7065f)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When using sln on some filesystems which return 64-bit inodes,
the stat call might fail during install like so:
.../elf/sln .../elf/symlink.list
/lib32/libc.so.6: invalid destination: Value too large for defined data type
/lib32/ld-linux.so.2: invalid destination: Value too large for defined data type
Makefile:104: recipe for target 'install-symbolic-link' failed
Switch to using stat64 all the time to avoid this.
URL: https://bugs.gentoo.org/576396
(cherry picked from commit f5e753c8c3a18a1e3c715dd11bf4dc341b5c481f)
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
(cherry picked from commit b2e722855b4599cdcc5dfc98e9d28e3825ecbe33)
|
