aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2024-01-30syslog: Fix integer overflow in __vsyslog_internal (CVE-2023-6780)Arjun Shankar
__vsyslog_internal calculated a buffer size by adding two integers, but did not first check if the addition would overflow. This commit fixes that. Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6779)Arjun Shankar
__vsyslog_internal used the return value of snprintf/vsnprintf to calculate buffer sizes for memory allocation. If these functions (for any reason) failed and returned -1, the resulting buffer would be too small to hold output. This commit fixes that. All snprintf/vsnprintf calls are checked for negative return values and the function silently returns upon encountering them. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30syslog: Fix heap buffer overflow in __vsyslog_internal (CVE-2023-6246)Arjun Shankar
__vsyslog_internal did not handle a case where printing a SYSLOG_HEADER containing a long program name failed to update the required buffer size, leading to the allocation and overflow of a too-small buffer on the heap. This commit fixes that. It also adds a new regression test that uses glibc.malloc.check. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> Reviewed-by: Carlos O'Donell <carlos@redhat.com> Tested-by: Carlos O'Donell <carlos@redhat.com>
2024-01-30Use binutils 2.42 branch in build-many-glibcs.pyJoseph Myers
This patch makes build-many-glibcs.py use binutils 2.42 branch. Tested with build-many-glibcs.py (host-libraries, compilers and glibcs builds).
2024-01-29elf: correct relocation statistics for !ELF_MACHINE_START_ADDRESSAndreas Schwab
Fixes: 6628c742b2 ("elf: Remove prelink support")
2024-01-26Relicense IBM portions of resolv/base64.c resolv/res_debug.c.Carlos O'Donell
This change relicenses the IBM portions of resolv/base64.c and resolv/res_debug.c to a new license that does not have use-limited patent language. The top-level LICENSE file is updated with the license. The relicensing was approved by IBM. Signed-off-by: Brad Topol, IBM Director of Open Technologies <btopol@us.ibm.com> Signed-off-by: Richard Fontana <rfontana@redhat.com> Signed-off-by: Carlos O'Donell <carlos@redhat.com>
2024-01-25localedata: Use consistent values for grouping and mon_groupingMike FABIAN
Resolves: BZ # 31205 Adapt test cases in test-grouping_iterator.c
2024-01-24manual: fix order of arguments of memalign and aligned_alloc (Bug 27547)Dennis Brendel
On the summary page the order of the function arguments was reversed, but it is in correct order in the other places of the manual. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-24manual, NEWS: Document malloc side effect of dynamic TLS changesFlorian Weimer
The increased malloc subsystem usage is a side effect of commit d2123d68275acc0f061e73d5f86ca504e0d5a344 ("elf: Fix slow tls access after dlopen [BZ #19924]"). Reviewed-by: Szabolcs Nagy <szabolcs.nagy@arm.com>
2024-01-24NEWS: Update temporary files ignored by ldconfigFlorian Weimer
Fixes commit 2aa0974d2573441bffd596b07bff8698b1f2f18c ("elf: ldconfig should skip temporary files created by package managers") and commit cfb5a97a93ea656e3b2263e42142a4032986d9ba ("ldconfig: Fixes for skipping temporary files."). Reported-by: Guillem Jover <guillem@debian.org> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-23po: Incorporate translations (sr)Andreas K. Hüttel
Signed-off-by: Andreas K. Hüttel <dilfridge@gentoo.org>
2024-01-23string: Disable stack protector for memset in early static initializationAdhemerval Zanella
For ports that use the default memset, the compiler might generate early calls before the stack protector is initialized (for instance, riscv with -fstack-protector-all on _dl_aux_init). Checked on riscv64-linux-gnu-rv64imafdc-lp64d. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-01-23qsort: Fix a typo causing unnecessary malloc/free (BZ 31276)Xi Ruoyao
In qsort_r we allocate a buffer sized QSORT_STACK_SIZE (1024) on stack and we intend to use it if all elements can fit into it. But there is a typo: if (total_size < sizeof buf) buf = tmp; else /* allocate a buffer on heap and use it ... */ Here "buf" is a pointer, thus sizeof buf is just 4 or 8, instead of 1024. There is also a minor issue that we should use "<=" instead of "<". This bug is detected debugging some strange heap corruption running the Ruby-3.3.0 test suite (on an experimental Linux From Scratch build using Binutils-2.41.90 and Glibc trunk, and also Fedora Rawhide [1]). It seems Ruby is doing some wild "optimization" by jumping into somewhere in qsort_r instead of calling it normally, resulting in a double free of buf if we allocate it on heap. The issue can be reproduced deterministically with: LD_PRELOAD=/usr/lib/libc_malloc_debug.so MALLOC_CHECK_=3 \ LD_LIBRARY_PATH=. ./ruby test/runner.rb test/ruby/test_enum.rb in Ruby-3.3.0 tree after building it. This change would hide the issue for Ruby, but Ruby is likely still buggy (if using this "optimization" sorting larger arrays). [1]:https://kojipkgs.fedoraproject.org/work/tasks/9729/111889729/build.log Signed-off-by: Xi Ruoyao <xry111@xry111.site>
2024-01-22riscv: add support for static PIEAndreas Schwab
In order to support static PIE the startup code must avoid relocations before __libc_start_main is called.
2024-01-22sh: Fix static build with --enable-fortifyAdhemerval Zanella
For static the internal symbols should not be prepended with the internal __GI_. Checked with a make check for sh4-linux-gnu.
2024-01-22sparc: Fix sparc64 memmove length comparison (BZ 31266)Adhemerval Zanella
The small counts copy bytes comparsion should be unsigned (as the memmove size argument). It fixes string/tst-memmove-overflow on sparcv9, where the input size triggers an invalid code path. Checked on sparc64-linux-gnu and sparcv9-linux-gnu.
2024-01-22sparc64: Remove unwind information from signal return stubs [BZ#31244]Adhemerval Zanella
Similar to sparc32 fix, remove the unwind information on the signal return stubs. This fixes the regressions: FAIL: nptl/tst-cancel24-static FAIL: nptl/tst-cond8-static FAIL: nptl/tst-mutex8-static FAIL: nptl/tst-mutexpi8-static FAIL: nptl/tst-mutexpi9 On sparc64-linux-gnu.
2024-01-22sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)Adhemerval Zanella
The sparc32 is always 32 bits. Checked on sparcv9-linux-gnu.
2024-01-22Use --disable-default-pie for sparc in build-many-glibcs.pyAdhemerval Zanella
The staticcally built binaries fails without this option [1]. Checked on sparc64-linux-gnu and sparcv9-linux-gnu. [1] https://sourceware.org/bugzilla/show_bug.cgi?id=29575
2024-01-19Further build-many-glibcs.py fixes for utcnow() deprecationJoseph Myers
It turns out that the replacement of datetime.datetime.utcnow(), for a warning produced early in running build-many-glibcs.py with Python 3.12, (a) wasn't complete (there were other uses elsewhere in the script also needing updating) and (b) broke reading of build-time from build-state.json, because an aware datetime was written out including +00:00 for the timezone, which was not expected by the strptime call. Fix the first by making the change to datetime.datetime.now(datetime.timezone.utc) for all the remaining utcnow() calls. Fix the second by using strftime with an explicit format instead of just str() when formatting build times for build-state.json and and email subjects, and then setting the timezone explicitly when reading from build-state.json. (Other uses, in particular messages output by the bot, continue to use str() as the precise format should not matter in those cases; it shouldn't actually matter for email subjects either but it seems a good idea to keep those short.) Tested with a bot-cycle run and checking the format of times in build-state.json afterwards.
2024-01-18sparc: Do not test preservation of NaN payloads for LEONDaniel Cederman
The FPU used by LEON does not preserve NaN payload. This change allows the math/test-*-canonicalize tests to pass on LEON. Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18sparc: Force calculation that raises exceptionDaniel Cederman
Use the math_force_eval() macro to force the calculation to complete and raise the exception. With this change the math/test-fenv test pass. Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18sparc: Fix llrint and llround missing exceptions on SPARC V8Daniel Cederman
Conversions from a float to a long long on SPARC v8 uses a libgcc function that may not raise the correct exceptions on overflow. It also may raise spurious "inexact" exceptions on non overflow cases. This patch fixes the problem in the same way as for RV32. Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18sparc: Remove unwind information from signal return stubs [BZ #31244]Daniel Cederman
The functions were previously written in C, but were not compiled with unwind information. The ENTRY/END macros includes .cfi_startproc and .cfi_endproc which adds unwind information. This caused the tests cleanup-8 and cleanup-10 in the GCC testsuite to fail. This patch adds a version of the ENTRY/END macros without the CFI instructions that can be used instead. sigaction registers a restorer address that is located two instructions before the stub function. This patch adds a two instruction padding to avoid that the unwinder accesses the unwind information from the function that the linker has placed right before it in memory. This fixes an issue with pthread_cancel that caused tst-mutex8-static (and other tests) to fail. Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18sparc: Prevent stfsr from directly following floating-point instructionDaniel Cederman
On LEON, if the stfsr instruction is immediately following a floating-point operation instruction in a running program, with no other instruction in between the two, the stfsr might behave as if the order was reversed between the two instructions and the stfsr occurred before the floating-point operation. Add a nop instruction before the stfsr to prevent this from happening. Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18sparc: Use existing macros to avoid code duplicationDaniel Cederman
Macros for using inline assembly to access the fp state register exists in both fenv_private.h and in fpu_control.h. Let fenv_private.h use the macros from fpu_control.h Signed-off-by: Daniel Cederman <cederman@gaisler.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-18localedata: renamed: aa_ER@saaho -> ssy_ERMike FABIAN
Resolves: BZ # 19956
2024-01-18Define ISO 639-3 "ssy" (Saho)Mike FABIAN
Related: BZ # 19956 References: https://iso639-3.sil.org/code/ssy https://en.wikipedia.org/wiki/Saho_language
2024-01-18localedata: add crh_RU, Crimean Tartar language in the Cyrillic script as ↵Mike FABIAN
used in Russia. Resolves: BZ # 24386
2024-01-18localedata: tr_TR, ku_TR: Sync with CLDR: “Turkey” -> “Türkiye”Mike FABIAN
Resolves: BZ # 31257
2024-01-18localedata: miq_NI: Shorten month names in abmonMike FABIAN
Resolves: BZ # 23172
2024-01-17Update kernel version to 6.7 in header constant testsJoseph Myers
This patch updates the kernel version in the tests tst-mman-consts.py, tst-mount-consts.py and tst-pidfd-consts.py to 6.7. (There are no new constants covered by these tests in 6.7 that need any other header changes.) Tested with build-many-glibcs.py.
2024-01-17localedata: add gbm_IN localeMike FABIAN
Resolves: BZ # 19479
2024-01-17Define ISO 639-3 "gbm" (Garhwali)Mike FABIAN
Related: BZ # 19479 References: https://iso639-3.sil.org/code/gbm https://en.wikipedia.org/wiki/Garhwali_language
2024-01-17Update syscall lists for Linux 6.7Joseph Myers
Linux 6.7 adds the futex_requeue, futex_wait and futex_wake syscalls, and enables map_shadow_stack for architectures previously missing it. Update syscall-names.list and regenerate the arch-syscall.h headers with build-many-glibcs.py update-syscalls. Tested with build-many-glibcs.py.
2024-01-17Use Linux 6.7 in build-many-glibcs.pyJoseph Myers
This patch makes build-many-glibcs.py use Linux 6.7. Tested with build-many-glibcs.py (host-libraries, compilers and glibcs builds).
2024-01-17stdlib: Remove unused is_aligned function from qsort.cAdhemerval Zanella
Checked on x86_64-linux-gnu.
2024-01-16NEWS: Mention PLT rewrite on x86-64H.J. Lu
Mention PLT rewrite on x86-64 for glibc 2.39.
2024-01-16stdlib: Verify heapsort for two-element casesKuan-Wei Chiu
Adjust the testing approach to start from scenarios with only 2 elements, as insertion sort no longer handles such cases. Signed-off-by: Kuan-Wei Chiu <visitorckw@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-16stdlib: Fix heapsort for cases with exactly two elementsKuan-Wei Chiu
When malloc fails to allocate a buffer and falls back to heapsort, the current heapsort implementation does not perform sorting when there are exactly two elements. Heapsort is now skipped only when there is exactly one element. Signed-off-by: Kuan-Wei Chiu <visitorckw@gmail.com> Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-15localedata: anp_IN: Fix abbreviated month namesMike FABIAN
Resolves: BZ # 31239 The correct abbreviated month names were apparently given in the comment above `abmon`. But the value of `abmon` was apparently just copied from the value of `mon` and this mistake was hard to see because code point notation <Uxxxx> was used. After converting to UTF-8 it was obvious that there was apparently a copy and paste mistake.
2024-01-15stdlib: Reinstate stable mergesort implementation on qsortAdhemerval Zanella
The mergesort removal from qsort implementation (commit 03bf8357e8) had the side-effect of making sorting nonstable. Although neither POSIX nor C standard specify that qsort should be stable, it seems that it has become an instance of Hyrum's law where multiple programs expect it. Also, the resulting introsort implementation is not faster than the previous mergesort (which makes the change even less appealing). This patch restores the previous mergesort implementation, with the exception of machinery that checks the resulting allocation against the _SC_PHYS_PAGES (it only adds complexity and the heuristic not always make sense depending on the system configuration and load). The alloca usage was replaced with a fixed-size buffer. For the fallback mechanism, the implementation uses heapsort. It is simpler than quicksort, and it does not suffer from adversarial inputs. With memory overcommit, it should be rarely triggered. The drawback is mergesort requires O(n) extra space, and since it is allocated with malloc the function is AS-signal-unsafe. It should be feasible to change it to use mmap, although I am not sure how urgent it is. The heapsort is also nonstable, so programs that require a stable sort would still be subject to this latent issue. The tst-qsort5 is removed since it will not create quicksort adversarial inputs with the current qsort_r implementation. Checked on x86_64-linux-gnu and aarch64-linux-gnu. Reviewed-by: Florian Weimer <fweimer@redhat.com>
2024-01-15x86-64: Check if mprotect works before rewriting PLTH.J. Lu
Systemd execution environment configuration may prohibit changing a memory mapping to become executable: MemoryDenyWriteExecute= Takes a boolean argument. If set, attempts to create memory mappings that are writable and executable at the same time, or to change existing memory mappings to become executable, or mapping shared memory segments as executable, are prohibited. When it is set, systemd service stops working if PLT rewrite is enabled. Check if mprotect works before rewriting PLT. This fixes BZ #31230. This also works with SELinux when deny_execmem is on. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-15aarch64: Add NEWS entry about libmvec for 2.39Szabolcs Nagy
Auto-vectorizing scalar calls is now supported. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-14localedata/unicode-gen/utf8_gen.py: fix Hangul syllable nameMike FABIAN
Resolves: BZ # 29506
2024-01-13x86_64: Optimize ffsll function code size.Sunil K Pandey
Ffsll function randomly regress by ~20%, depending on how code gets aligned in memory. Ffsll function code size is 17 bytes. Since default function alignment is 16 bytes, it can load on 16, 32, 48 or 64 bytes aligned memory. When ffsll function load at 16, 32 or 64 bytes aligned memory, entire code fits in single 64 bytes cache line. When ffsll function load at 48 bytes aligned memory, it splits in two cache line, hence random regression. Ffsll function size reduction from 17 bytes to 12 bytes ensures that it will always fit in single 64 bytes cache line. This patch fixes ffsll function random performance regression. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-13localedata: Remove redundant commentsMike FABIAN
2024-01-12RISC-V: Enable static-pie.Yanzhang Wang
This patch referents the commit 374cef3 to add static-pie support. And because the dummy link map is used when relocating ourselves, so need not to set __global_pointer$ at this time. It will also check whether toolchain supports to build static-pie. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
2024-01-12linux: Fix fstat64 on alpha and sparc64Adhemerval Zanella
The 551101e8240b7514fc646d1722f8b79c90362b8f change is incorrect for alpha and sparc, since __NR_stat is defined by both kABI. Use __NR_newfstat to check whether to fallback to __NR_fstat64 (similar to what fstatat64 does). Checked on sparc64-linux-gnu. Reviewed-by: Carlos O'Donell <carlos@redhat.com>
2024-01-12math: remove exp10 wrappersWilco Dijkstra
Remove the error handling wrapper from exp10. This is very similar to the changes done to exp and exp2, except that we also need to handle pow10 and pow10l. Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>