glibc:release/2.24/master

Last commit made on 2019-11-28
Get this branch:
git clone -b release/2.24/master https://git.launchpad.net/glibc

Branch merges

Branch information

Name:
release/2.24/master
Repository:
lp:glibc

Recent commits

0d7f1ed... by Florian Weimer on 2019-11-22

libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]

Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
vtable validation in case of interposition [BZ #23313]") only covered
the interposable glibc 2.1 handles, in libio/stdfiles.c. The
parallel code in libio/oldstdfiles.c needs similar detection logic.

Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
("libio: Implement vtable verification [BZ #20191]").

Change-Id: Ief6f9f17e91d1f7263421c56a7dc018f4f595c21
(cherry picked from commit cb61630ed712d033f54295f776967532d3f4b46a)

1154cb6... by Florian Weimer on 2018-06-26

libio: Disable vtable validation in case of interposition [BZ #23313]

(cherry picked from commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0)

a7b9e4c... by Marcin Koƛcielnicki <mwk@0x04.net> on 2019-11-20

rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]

The problem was introduced in glibc 2.23, in commit
b9eb92ab05204df772eb4929eccd018637c9f3e9
("Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT").

(cherry picked from commit d5dfad4326fc683c813df1e37bbf5cf920591c8e)

9105761... by Dragan Mladjenovic <email address hidden> on 2019-08-23

mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels

Linux/Mips kernels prior to 4.8 could potentially crash the user
process when doing FPU emulation while running on non-executable
user stack.

Currently, gcc doesn't emit .note.GNU-stack for mips, but that will
change in the future. To ensure that glibc can be used with such
future gcc, without silently resulting in binaries that might crash
in runtime, this patch forces RWX stack for all built objects if
configured to run against minimum kernel version less than 4.8.

 * sysdeps/unix/sysv/linux/mips/Makefile
 (test-xfail-check-execstack):
 Move under mips-has-gnustack != yes.
 (CFLAGS-.o*, ASFLAGS-.o*): New rules.
 Apply -Wa,-execstack if mips-force-execstack == yes.
 * sysdeps/unix/sysv/linux/mips/configure: Regenerated.
 * sysdeps/unix/sysv/linux/mips/configure.ac
 (mips-force-execstack): New var.
 Set to yes for hard-float builds with minimum_kernel < 4.8.0
 or minimum_kernel not set at all.
 (mips-has-gnustack): New var.
 Use value of libc_cv_as_noexecstack
 if mips-force-execstack != yes, otherwise set to no.

(cherry picked from commit 33bc9efd91de1b14354291fc8ebd5bce96379f12)

9146dc9... by "H.J. Lu" <email address hidden> on 2019-02-04

x86-64 memcmp: Use unsigned Jcc instructions on size [BZ #24155]

Since the size argument is unsigned. we should use unsigned Jcc
instructions, instead of signed, to check size.

Tested on x86-64 and x32, with and without --disable-multi-arch.

 [BZ #24155]
 CVE-2019-7309
 * NEWS: Updated for CVE-2019-7309.
 * sysdeps/x86_64/memcmp.S: Use RDX_LP for size. Clear the
 upper 32 bits of RDX register for x32. Use unsigned Jcc
 instructions, instead of signed.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memcmp-2.
 * sysdeps/x86_64/x32/tst-size_t-memcmp-2.c: New test.

(cherry picked from commit 3f635fb43389b54f682fc9ed2acc0b2aaf4a923d)

fc4a25e... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strnlen/wcsnlen: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes strnlen/wcsnlen for x32. Tested on x86-64 and x32. On
x86-64, libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/strlen.S: Use RSI_LP for length.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strnlen.
 * sysdeps/x86_64/x32/tst-size_t-strnlen.c: New file.

(cherry picked from commit 5165de69c0908e28a380cbd4bb054e55ea4abc95)

b17dc7d... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strncpy: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes strncpy for x32. Tested on x86-64 and x32. On x86-64,
libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S: Use RDX_LP
 for length.
 * sysdeps/x86_64/multiarch/strcpy-ssse3.S: Likewise.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strncpy.
 * sysdeps/x86_64/x32/tst-size_t-strncpy.c: New file.

(cherry picked from commit c7c54f65b080affb87a1513dee449c8ad6143c8b)

2700f1d... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strncmp family: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes the strncmp family for x32. Tested on x86-64 and x32.
On x86-64, libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/multiarch/strcmp-sse42.S: Use RDX_LP for length.
 * sysdeps/x86_64/strcmp.S: Likewise.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strncasecmp,
 tst-size_t-strncmp and tst-size_t-wcsncmp.
 * sysdeps/x86_64/x32/tst-size_t-strncasecmp.c: New file.
 * sysdeps/x86_64/x32/tst-size_t-strncmp.c: Likewise.
 * sysdeps/x86_64/x32/tst-size_t-wcsncmp.c: Likewise.

(cherry picked from commit ee915088a0231cd421054dbd8abab7aadf331153)

cfea023... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 memset/wmemset: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes memset/wmemset for x32. Tested on x86-64 and x32. On
x86-64, libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/multiarch/memset-avx512-no-vzeroupper.S: Use
 RDX_LP for length. Clear the upper 32 bits of RDX register.
 * sysdeps/x86_64/multiarch/memset-vec-unaligned-erms.S: Likewise.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memset.
 * sysdeps/x86_64/x32/tst-size_t-memset.c: New file.

(cherry picked from commit 82d0b4a4d76db554eb6757acb790fcea30b19965)

6f9ce82... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 memrchr: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes memrchr for x32. Tested on x86-64 and x32. On x86-64,
libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/memrchr.S: Use RDX_LP for length.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memrchr.
 * sysdeps/x86_64/x32/tst-size_t-memrchr.c: New file.

(cherry picked from commit ecd8b842cf37ea112e59cd9085ff1f1b6e208ae0)