CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
This avoids potential memory corruption when the underlying NSS
callback function does not use the buffer space to store all strings
(e.g., for constant strings).
Instead of custom buffer management, two scratch buffers are used.
This increases stack usage somewhat.
Scratch buffer allocation failure is handled by return -1
(an invalid timeout value) instead of terminating the process.
This fixes bug 31679.
The addgetnetgrentX call in addinnetgrX may have failed to produce
a result, so the result variable in addinnetgrX can be NULL.
Use db->negtimeout as the fallback value if there is no result data;
the timeout is also overwritten below.
Also avoid sending a second not-found response. (The client
disconnects after receiving the first response, so the data stream did
not go out of sync even without this fix.) It is still beneficial to
add the negative response to the mapping, so that the client can get
it from there in the future, instead of going through the socket.
iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing escape sequence (CVE-2024-2961)
ISO-2022-CN-EXT uses escape sequences to indicate character set changes
(as specified by RFC 1922). While the SOdesignation has the expected
bounds checks, neither SS2designation nor SS3designation have its;
allowing a write overflow of 1, 2, or 3 bytes with fixed values:
'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'.
Checked on aarch64-linux-gnu.
Co-authored-by: Adhemerval Zanella <email address hidden>
Reviewed-by: Carlos O'Donell <email address hidden>
Tested-by: Carlos O'Donell <email address hidden>
(cherry picked from commit f9dc609e06b1136bb0408be9605ce7973a767ada)
9d5c6d0...
by
Wilco Dijkstra <email address hidden>
aarch64: Use memcpy_simd as the default memcpy
Since __memcpy_simd is the fastest memcpy on almost all cores, replace
the generic memcpy with it.
(cherry picked from commit 91ac82d0c61076aa55ac08f6c7b58c5c28dd2f59)
af3cbee...
by
Wilco Dijkstra <email address hidden>
AArch64: Improve strrchr
Use shrn for narrowing the mask which simplifies code and speeds up small
strings. Unroll the first search loop to improve performance on large
strings.
Reviewed-by: Szabolcs Nagy <email address hidden>
(cherry picked from commit 55599d480437dcf129b41b95be32b48f2a9e5da9)
83cb4f5...
by
Wilco Dijkstra <email address hidden>
AArch64: Optimize strnlen
Optimize strnlen using the shrn instruction and improve the main loop.
Small strings are around 10% faster, large strings are 40% faster on
modern CPUs.
Reviewed-by: Szabolcs Nagy <email address hidden>
(cherry picked from commit ad098893ba3c3344a5f2f6ab1627c47204afdb47)
e059e45...
by
Wilco Dijkstra <email address hidden>
AArch64: Optimize strlen
Optimize strlen by unrolling the main loop. Large strings are 64% faster on
modern CPUs.
Reviewed-by: Szabolcs Nagy <email address hidden>
(cherry picked from commit 03c8ce5000198947a4dd7b2c14e5131738fda62b)
ce9a4f6...
by
Wilco Dijkstra <email address hidden>
AArch64: Optimize strcpy
Unroll the main loop. Large strings are around 20% faster on modern CPUs.
Reviewed-by: Szabolcs Nagy <email address hidden>
(cherry picked from commit 349e48c01e85bd96006860084e76d322e6ca02f1)