glibc:release/2.25/master

Branch merges

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related charm recipes

a0408ec... by Florian Weimer on 2019-11-22

libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]

Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
vtable validation in case of interposition [BZ #23313]") only covered
the interposable glibc 2.1 handles, in libio/stdfiles.c. The
parallel code in libio/oldstdfiles.c needs similar detection logic.

Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
("libio: Implement vtable verification [BZ #20191]").

Change-Id: Ief6f9f17e91d1f7263421c56a7dc018f4f595c21
(cherry picked from commit cb61630ed712d033f54295f776967532d3f4b46a)

8440c51... by Florian Weimer on 2018-06-26

libio: Disable vtable validation in case of interposition [BZ #23313]

(cherry picked from commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0)

e73ac9c... by =?utf-8?q?Marcin_Ko=C5=9Bcielnicki?= <mwk@0x04.net> on 2019-11-20

rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]

The problem was introduced in glibc 2.23, in commit
b9eb92ab05204df772eb4929eccd018637c9f3e9
("Add Prefer_MAP_32BIT_EXEC to map executable pages with MAP_32BIT").

(cherry picked from commit d5dfad4326fc683c813df1e37bbf5cf920591c8e)

d83ba68... by Dragan Mladjenovic <email address hidden> on 2019-08-23

mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels

Linux/Mips kernels prior to 4.8 could potentially crash the user
process when doing FPU emulation while running on non-executable
user stack.

Currently, gcc doesn't emit .note.GNU-stack for mips, but that will
change in the future. To ensure that glibc can be used with such
future gcc, without silently resulting in binaries that might crash
in runtime, this patch forces RWX stack for all built objects if
configured to run against minimum kernel version less than 4.8.

 * sysdeps/unix/sysv/linux/mips/Makefile
 (test-xfail-check-execstack):
 Move under mips-has-gnustack != yes.
 (CFLAGS-.o*, ASFLAGS-.o*): New rules.
 Apply -Wa,-execstack if mips-force-execstack == yes.
 * sysdeps/unix/sysv/linux/mips/configure: Regenerated.
 * sysdeps/unix/sysv/linux/mips/configure.ac
 (mips-force-execstack): New var.
 Set to yes for hard-float builds with minimum_kernel < 4.8.0
 or minimum_kernel not set at all.
 (mips-has-gnustack): New var.
 Use value of libc_cv_as_noexecstack
 if mips-force-execstack != yes, otherwise set to no.

(cherry picked from commit 33bc9efd91de1b14354291fc8ebd5bce96379f12)

60bc81b... by Andreas Schwab <email address hidden> on 2019-05-14

Fix crash in _IO_wfile_sync (bug 20568)

When computing the length of the converted part of the stdio buffer, use
the number of consumed wide characters, not the (negative) distance to the
end of the wide buffer.

(cherry picked from commit 32ff397533715988c19cbf3675dcbd727ec13e18)

aa6e767... by Stefan Liebler <email address hidden> on 2019-02-07

Add compiler barriers around modifications of the robust mutex list for pthread_mutex_trylock. [BZ #24180]

While debugging a kernel warning, Thomas Gleixner, Sebastian Sewior and
Heiko Carstens found a bug in pthread_mutex_trylock due to misordered
instructions:
140: a5 1b 00 01 oill %r1,1
144: e5 48 a0 f0 00 00 mvghi 240(%r10),0 <--- THREAD_SETMEM (THREAD_SELF, robust_head.list_op_pending, NULL);
14a: e3 10 a0 e0 00 24 stg %r1,224(%r10) <--- last THREAD_SETMEM of ENQUEUE_MUTEX_PI

vs (with compiler barriers):
140: a5 1b 00 01 oill %r1,1
144: e3 10 a0 e0 00 24 stg %r1,224(%r10)
14a: e5 48 a0 f0 00 00 mvghi 240(%r10),0

Please have a look at the discussion:
"Re: WARN_ON_ONCE(!new_owner) within wake_futex_pi() triggerede"
(https://lore.kernel.org/lkml/20190202112006.GB3381@osiris/)

This patch is introducing the same compiler barriers and comments
for pthread_mutex_trylock as introduced for pthread_mutex_lock and
pthread_mutex_timedlock by commit 8f9450a0b7a9e78267e8ae1ab1000ebca08e473e
"Add compiler barriers around modifications of the robust mutex list."

ChangeLog:

 [BZ #24180]
 * nptl/pthread_mutex_trylock.c (__pthread_mutex_trylock):
 Add compiler barriers and comments.

(cherry picked from commit 823624bdc47f1f80109c9c52dee7939b9386d708)

2ad78b7... by "H.J. Lu" <email address hidden> on 2019-02-04

x86-64 memcmp: Use unsigned Jcc instructions on size [BZ #24155]

Since the size argument is unsigned. we should use unsigned Jcc
instructions, instead of signed, to check size.

Tested on x86-64 and x32, with and without --disable-multi-arch.

 [BZ #24155]
 CVE-2019-7309
 * NEWS: Updated for CVE-2019-7309.
 * sysdeps/x86_64/memcmp.S: Use RDX_LP for size. Clear the
 upper 32 bits of RDX register for x32. Use unsigned Jcc
 instructions, instead of signed.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-memcmp-2.
 * sysdeps/x86_64/x32/tst-size_t-memcmp-2.c: New test.

(cherry picked from commit 3f635fb43389b54f682fc9ed2acc0b2aaf4a923d)

f728a54... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strnlen/wcsnlen: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes strnlen/wcsnlen for x32. Tested on x86-64 and x32. On
x86-64, libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/strlen.S: Use RSI_LP for length.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strnlen.
 * sysdeps/x86_64/x32/tst-size_t-strnlen.c: New file.

(cherry picked from commit 5165de69c0908e28a380cbd4bb054e55ea4abc95)

3a84199... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strncpy: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes strncpy for x32. Tested on x86-64 and x32. On x86-64,
libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/multiarch/strcpy-sse2-unaligned.S: Use RDX_LP
 for length.
 * sysdeps/x86_64/multiarch/strcpy-ssse3.S: Likewise.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strncpy.
 * sysdeps/x86_64/x32/tst-size_t-strncpy.c: New file.

(cherry picked from commit c7c54f65b080affb87a1513dee449c8ad6143c8b)

c69b892... by "H.J. Lu" <email address hidden> on 2019-02-01

x86-64 strncmp family: Properly handle the length parameter [BZ #24097]

On x32, the size_t parameter may be passed in the lower 32 bits of a
64-bit register with the non-zero upper 32 bits. The string/memory
functions written in assembly can only use the lower 32 bits of a
64-bit register as length or must clear the upper 32 bits before using
the full 64-bit register for length.

This pach fixes the strncmp family for x32. Tested on x86-64 and x32.
On x86-64, libc.so is the same with and withou the fix.

 [BZ #24097]
 CVE-2019-6488
 * sysdeps/x86_64/multiarch/strcmp-sse42.S: Use RDX_LP for length.
 * sysdeps/x86_64/strcmp.S: Likewise.
 * sysdeps/x86_64/x32/Makefile (tests): Add tst-size_t-strncasecmp,
 tst-size_t-strncmp and tst-size_t-wcsncmp.
 * sysdeps/x86_64/x32/tst-size_t-strncasecmp.c: New file.
 * sysdeps/x86_64/x32/tst-size_t-strncmp.c: Likewise.
 * sysdeps/x86_64/x32/tst-size_t-wcsncmp.c: Likewise.

(cherry picked from commit ee915088a0231cd421054dbd8abab7aadf331153)