Accepting request 184083 from home:Andreas_Schwab:Factory

- disable-pt-chown.patch: disable use of pt_chown (CVE-2013-2207,
  bnc#830257)
- nonascii-case.patch: fix strcasecmp in tr_TR.ISO-8859-9 locale
- glibc-2.14-crypt.diff: fix incomplete dependencies for libowcrypt

OBS-URL: https://build.opensuse.org/request/show/184083
OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=300
This commit is contained in:
Andreas Schwab 2013-07-23 13:31:56 +00:00 committed by Git OBS Bridge
parent 76c6a57448
commit 187a641195
9 changed files with 375 additions and 48 deletions

241
disable-pt-chown.patch Normal file
View File

@ -0,0 +1,241 @@
2013-07-21 Siddhesh Poyarekar <siddhesh@redhat.com>
Andreas Schwab <schwab@suse.de>
Roland McGrath <roland@hack.frob.com>
Joseph Myers <joseph@codesourcery.com>
Carlos O'Donell <carlos@redhat.com>
[BZ #15755]
* config.h.in: Define HAVE_PT_CHOWN.
* config.make.in (build-pt-chown): New variable.
* configure.in (--enable-pt_chown): New configure option.
* configure: Regenerate.
* login/Makefile: Include Makeconfig. Build pt_chown only if
build-pt-chown is enabled.
* sysdeps/unix/grantpt.c (grantpt) [HAVE_PT_CHOWN]: Spawn
pt_chown to fix pty ownership.
* sysdeps/unix/sysv/linux/grantpt.c [HAVE_PT_CHOWN]: Define
CLOSE_ALL_FDS.
* manual/install.texi (Configuring and compiling): Mention
--enable-pt_chown. Add @findex for grantpt.
* INSTALL: Regenerate.
Index: glibc-2.17/INSTALL
===================================================================
--- glibc-2.17.orig/INSTALL
+++ glibc-2.17/INSTALL
@@ -128,6 +128,18 @@ will be used, and CFLAGS sets optimizati
this can be prevented though there generally is no reason since it
creates compatibility problems.
+`--enable-pt_chown'
+ The file `pt_chown' is a helper binary for `grantpt' (*note
+ Pseudo-Terminals: Allocation.) that is installed setuid root to
+ fix up pseudo-terminal ownership. It is not built by default
+ because systems using the Linux kernel are commonly built with the
+ `devpts' filesystem enabled and mounted at `/dev/pts', which
+ manages pseudo-terminal ownership automatically. By using
+ `--enable-pt_chown', you may build `pt_chown' and install it
+ setuid and owned by `root'. The use of `pt_chown' introduces
+ additional security risks to the system and you should enable it
+ only if you understand and accept those risks.
+
`--build=BUILD-SYSTEM'
`--host=HOST-SYSTEM'
These options are for cross-compiling. If you specify both
Index: glibc-2.17/config.h.in
===================================================================
--- glibc-2.17.orig/config.h.in
+++ glibc-2.17/config.h.in
@@ -232,4 +232,7 @@
/* The ARM hard-float ABI is being used. */
#undef HAVE_ARM_PCS_VFP
+/* The pt_chown binary is being built and used by grantpt. */
+#undef HAVE_PT_CHOWN
+
#endif
Index: glibc-2.17/config.make.in
===================================================================
--- glibc-2.17.orig/config.make.in
+++ glibc-2.17/config.make.in
@@ -102,6 +102,7 @@ force-install = @force_install@
link-obsolete-rpc = @link_obsolete_rpc@
build-nscd = @build_nscd@
use-nscd = @use_nscd@
+build-pt-chown = @build_pt_chown@
# Build tools.
CC = @CC@
Index: glibc-2.17/configure
===================================================================
--- glibc-2.17.orig/configure
+++ glibc-2.17/configure
@@ -654,6 +654,7 @@ multi_arch
base_machine
add_on_subdirs
add_ons
+build_pt_chown
build_nscd
link_obsolete_rpc
libc_cv_nss_crypt
@@ -760,6 +761,7 @@ enable_obsolete_rpc
enable_systemtap
enable_build_nscd
enable_nscd
+enable_pt_chown
with_cpu
'
ac_precious_vars='build_alias
@@ -1420,6 +1422,7 @@ Optional Features:
--enable-systemtap enable systemtap static probe points [default=no]
--disable-build-nscd disable building and installing the nscd daemon
--disable-nscd library functions will not contact the nscd daemon
+ --enable-pt_chown Enable building and installing pt_chown
Optional Packages:
--with-PACKAGE[=ARG] use PACKAGE [ARG=yes]
@@ -3935,6 +3938,19 @@ else
fi
+# Check whether --enable-pt_chown was given.
+if test "${enable_pt_chown+set}" = set; then :
+ enableval=$enable_pt_chown; build_pt_chown=$enableval
+else
+ build_pt_chown=no
+fi
+
+
+if test $build_pt_chown = yes; then
+ $as_echo "#define HAVE_PT_CHOWN 1" >>confdefs.h
+
+fi
+
# The way shlib-versions is used to generate soversions.mk uses a
# fairly simplistic model for name recognition that can't distinguish
# i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os
Index: glibc-2.17/configure.in
===================================================================
--- glibc-2.17.orig/configure.in
+++ glibc-2.17/configure.in
@@ -315,6 +315,16 @@ AC_ARG_ENABLE([nscd],
[use_nscd=$enableval],
[use_nscd=yes])
+AC_ARG_ENABLE([pt_chown],
+ [AS_HELP_STRING([--enable-pt_chown],
+ [Enable building and installing pt_chown])],
+ [build_pt_chown=$enableval],
+ [build_pt_chown=no])
+AC_SUBST(build_pt_chown)
+if test $build_pt_chown = yes; then
+ AC_DEFINE(HAVE_PT_CHOWN)
+fi
+
# The way shlib-versions is used to generate soversions.mk uses a
# fairly simplistic model for name recognition that can't distinguish
# i486-pc-linux-gnu fully from i486-pc-gnu. So we mutate a $host_os
Index: glibc-2.17/login/Makefile
===================================================================
--- glibc-2.17.orig/login/Makefile
+++ glibc-2.17/login/Makefile
@@ -29,9 +29,15 @@ routines := getutent getutent_r getutid
CFLAGS-grantpt.c = -DLIBEXECDIR='"$(libexecdir)"'
-others = utmpdump pt_chown
+others = utmpdump
+
+include ../Makeconfig
+
+ifeq (yes,$(build-pt-chown))
+others += pt_chown
others-pie = pt_chown
install-others-programs = $(inst_libexecdir)/pt_chown
+endif
subdir-dirs = programs
vpath %.c programs
Index: glibc-2.17/manual/install.texi
===================================================================
--- glibc-2.17.orig/manual/install.texi
+++ glibc-2.17/manual/install.texi
@@ -155,6 +155,20 @@ if the used tools support it. By using
prevented though there generally is no reason since it creates
compatibility problems.
+@pindex pt_chown
+@findex grantpt
+@item --enable-pt_chown
+The file @file{pt_chown} is a helper binary for @code{grantpt}
+(@pxref{Allocation, Pseudo-Terminals}) that is installed setuid root to
+fix up pseudo-terminal ownership. It is not built by default because
+systems using the Linux kernel are commonly built with the @code{devpts}
+filesystem enabled and mounted at @file{/dev/pts}, which manages
+pseudo-terminal ownership automatically. By using
+@samp{--enable-pt_chown}, you may build @file{pt_chown} and install it
+setuid and owned by @code{root}. The use of @file{pt_chown} introduces
+additional security risks to the system and you should enable it only if
+you understand and accept those risks.
+
@item --build=@var{build-system}
@itemx --host=@var{host-system}
These options are for cross-compiling. If you specify both options and
Index: glibc-2.17/sysdeps/unix/grantpt.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/grantpt.c
+++ glibc-2.17/sysdeps/unix/grantpt.c
@@ -173,9 +173,10 @@ grantpt (int fd)
retval = 0;
goto cleanup;
- /* We have to use the helper program. */
+ /* We have to use the helper program if it is available. */
helper:;
+#ifdef HAVE_PT_CHOWN
pid_t pid = __fork ();
if (pid == -1)
goto cleanup;
@@ -190,9 +191,9 @@ grantpt (int fd)
if (__dup2 (fd, PTY_FILENO) < 0)
_exit (FAIL_EBADF);
-#ifdef CLOSE_ALL_FDS
+# ifdef CLOSE_ALL_FDS
CLOSE_ALL_FDS ();
-#endif
+# endif
execle (_PATH_PT_CHOWN, basename (_PATH_PT_CHOWN), NULL, NULL);
_exit (FAIL_EXEC);
@@ -231,6 +232,7 @@ grantpt (int fd)
assert(! "getpt: internal error: invalid exit code from pt_chown");
}
}
+#endif
cleanup:
if (buf != _buf)
Index: glibc-2.17/sysdeps/unix/sysv/linux/grantpt.c
===================================================================
--- glibc-2.17.orig/sysdeps/unix/sysv/linux/grantpt.c
+++ glibc-2.17/sysdeps/unix/sysv/linux/grantpt.c
@@ -11,7 +11,7 @@
#include "pty-private.h"
-
+#if HAVE_PT_CHOWN
/* Close all file descriptors except the one specified. */
static void
close_all_fds (void)
@@ -38,6 +38,7 @@ close_all_fds (void)
__dup2 (STDOUT_FILENO, STDERR_FILENO);
}
}
-#define CLOSE_ALL_FDS() close_all_fds()
+# define CLOSE_ALL_FDS() close_all_fds()
+#endif
#include <sysdeps/unix/grantpt.c>

View File

@ -39,6 +39,11 @@ Index: glibc-2.17/crypt/Makefile
include ../Makeconfig
@@ -77,3 +82,4 @@ endif
# This ensures they will load libc.so for needed symbols if loaded by
# a statically-linked program that hasn't already loaded it.
$(objpfx)libcrypt.so: $(common-objpfx)libc.so $(common-objpfx)libc_nonshared.a
+$(objpfx)libowcrypt.so: $(common-objpfx)libc.so $(common-objpfx)libc_nonshared.a
Index: glibc-2.17/crypt/Versions
===================================================================
--- glibc-2.17.orig/crypt/Versions

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Jul 22 12:32:34 UTC 2013 - schwab@suse.de
- disable-pt-chown.patch: disable use of pt_chown (CVE-2013-2207,
bnc#830257)
- nonascii-case.patch: fix strcasecmp in tr_TR.ISO-8859-9 locale
- glibc-2.14-crypt.diff: fix incomplete dependencies for libowcrypt
-------------------------------------------------------------------
Thu Jul 4 12:14:27 UTC 2013 - schwab@suse.de

View File

@ -253,6 +253,8 @@ Patch1004: regexp-overrun.patch
Patch1005: getaddrinfo-overflow.patch
# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
Patch1006: nscd-netgroup.patch
# PATCH-FIX-UPSTREAM Disable use of pt_chown (CVE-2013-2207)
Patch1007: disable-pt-chown.patch
###
# Patches awaiting upstream approval
@ -273,6 +275,8 @@ Patch2014: strptime-W-week.patch
Patch2015: printf-overrun.patch
# PATCH-FIX-UPSTREAM AArch64: Don't clobber argument for tail call to __sigjmp_save in sigsetjmp
Patch2016: aarch64-sigsetjmp.patch
# PATCH-FIX-UPSTREAM Fix strcasecmp for tr_TR.ISO-8859-9
Patch2017: nonascii-case.patch
# Non-glibc patches
# PATCH-FIX-OPENSUSE Remove debianisms from manpages
@ -480,6 +484,7 @@ rm nscd/s-stamp
%patch1004 -p1
%patch1005 -p1
%patch1006 -p1
%patch1007 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
@ -490,6 +495,7 @@ rm nscd/s-stamp
%patch2014 -p1
%patch2015 -p1
%patch2016 -p1
%patch2017 -p1
%patch3000
@ -979,23 +985,8 @@ rm -rf %{buildroot}/sbin %{buildroot}%{_includedir}
#######################################################################
%if %{normal_build}
# Note: glibc_post_upgrade does:
# %%set_permissions %%{_libexecdir}/pt_chown
# since we cannot do it in our own post section
%post -p %{_sbindir}/glibc_post_upgrade
%if 0
# Enabling the following lines will generate a
# requires on /bin/sh but glibc should not require any other binary
# packages. Therefore we do the change with the built-in lua:
# %%verifyscript
# %%verify_permissions -e %%{_libexecdir}/pt_chown
%endif
%verifyscript -p <lua>
os.execute("/usr/bin/chkstat -n --warn --system -e %{_libexecdir}/pt_chown")
%postun -p /sbin/ldconfig
%endif # %{normal_build}
@ -1177,7 +1168,6 @@ exit 0
%endif
%{_bindir}/locale
%{_bindir}/localedef
%verify(not mode caps) %attr(4755,root,root) %{_libexecdir}/pt_chown
%dir %attr(0755,root,root) %{_libexecdir}/getconf
%{_libexecdir}/getconf/*
%{_sbindir}/glibc_post_upgrade

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Jul 22 12:32:34 UTC 2013 - schwab@suse.de
- disable-pt-chown.patch: disable use of pt_chown (CVE-2013-2207,
bnc#830257)
- nonascii-case.patch: fix strcasecmp in tr_TR.ISO-8859-9 locale
- glibc-2.14-crypt.diff: fix incomplete dependencies for libowcrypt
-------------------------------------------------------------------
Thu Jul 4 12:14:27 UTC 2013 - schwab@suse.de

View File

@ -252,6 +252,8 @@ Patch1004: regexp-overrun.patch
Patch1005: getaddrinfo-overflow.patch
# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
Patch1006: nscd-netgroup.patch
# PATCH-FIX-UPSTREAM Disable use of pt_chown (CVE-2013-2207)
Patch1007: disable-pt-chown.patch
###
# Patches awaiting upstream approval
@ -272,6 +274,8 @@ Patch2014: strptime-W-week.patch
Patch2015: printf-overrun.patch
# PATCH-FIX-UPSTREAM AArch64: Don't clobber argument for tail call to __sigjmp_save in sigsetjmp
Patch2016: aarch64-sigsetjmp.patch
# PATCH-FIX-UPSTREAM Fix strcasecmp for tr_TR.ISO-8859-9
Patch2017: nonascii-case.patch
# Non-glibc patches
# PATCH-FIX-OPENSUSE Remove debianisms from manpages
@ -480,6 +484,7 @@ rm nscd/s-stamp
%patch1004 -p1
%patch1005 -p1
%patch1006 -p1
%patch1007 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
@ -490,6 +495,7 @@ rm nscd/s-stamp
%patch2014 -p1
%patch2015 -p1
%patch2016 -p1
%patch2017 -p1
%patch3000
@ -979,23 +985,8 @@ rm -rf %{buildroot}/sbin %{buildroot}%{_includedir}
#######################################################################
%if %{normal_build}
# Note: glibc_post_upgrade does:
# %%set_permissions %%{_libexecdir}/pt_chown
# since we cannot do it in our own post section
%post -p %{_sbindir}/glibc_post_upgrade
%if 0
# Enabling the following lines will generate a
# requires on /bin/sh but glibc should not require any other binary
# packages. Therefore we do the change with the built-in lua:
# %%verifyscript
# %%verify_permissions -e %%{_libexecdir}/pt_chown
%endif
%verifyscript -p <lua>
os.execute("/usr/bin/chkstat -n --warn --system -e %{_libexecdir}/pt_chown")
%postun -p /sbin/ldconfig
%endif # %{normal_build}
@ -1177,7 +1168,6 @@ exit 0
%endif
%{_bindir}/locale
%{_bindir}/localedef
%verify(not mode caps) %attr(4755,root,root) %{_libexecdir}/pt_chown
%dir %attr(0755,root,root) %{_libexecdir}/getconf
%{_libexecdir}/getconf/*
%{_sbindir}/glibc_post_upgrade

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Jul 22 12:32:34 UTC 2013 - schwab@suse.de
- disable-pt-chown.patch: disable use of pt_chown (CVE-2013-2207,
bnc#830257)
- nonascii-case.patch: fix strcasecmp in tr_TR.ISO-8859-9 locale
- glibc-2.14-crypt.diff: fix incomplete dependencies for libowcrypt
-------------------------------------------------------------------
Thu Jul 4 12:14:27 UTC 2013 - schwab@suse.de

View File

@ -253,6 +253,8 @@ Patch1004: regexp-overrun.patch
Patch1005: getaddrinfo-overflow.patch
# PATCH-FIX-UPSTREAM Fix handling of netgroup cache in nscd
Patch1006: nscd-netgroup.patch
# PATCH-FIX-UPSTREAM Disable use of pt_chown (CVE-2013-2207)
Patch1007: disable-pt-chown.patch
###
# Patches awaiting upstream approval
@ -273,6 +275,8 @@ Patch2014: strptime-W-week.patch
Patch2015: printf-overrun.patch
# PATCH-FIX-UPSTREAM AArch64: Don't clobber argument for tail call to __sigjmp_save in sigsetjmp
Patch2016: aarch64-sigsetjmp.patch
# PATCH-FIX-UPSTREAM Fix strcasecmp for tr_TR.ISO-8859-9
Patch2017: nonascii-case.patch
# Non-glibc patches
# PATCH-FIX-OPENSUSE Remove debianisms from manpages
@ -480,6 +484,7 @@ rm nscd/s-stamp
%patch1004 -p1
%patch1005 -p1
%patch1006 -p1
%patch1007 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
@ -490,6 +495,7 @@ rm nscd/s-stamp
%patch2014 -p1
%patch2015 -p1
%patch2016 -p1
%patch2017 -p1
%patch3000
@ -979,23 +985,8 @@ rm -rf %{buildroot}/sbin %{buildroot}%{_includedir}
#######################################################################
%if %{normal_build}
# Note: glibc_post_upgrade does:
# %%set_permissions %%{_libexecdir}/pt_chown
# since we cannot do it in our own post section
%post -p %{_sbindir}/glibc_post_upgrade
%if 0
# Enabling the following lines will generate a
# requires on /bin/sh but glibc should not require any other binary
# packages. Therefore we do the change with the built-in lua:
# %%verifyscript
# %%verify_permissions -e %%{_libexecdir}/pt_chown
%endif
%verifyscript -p <lua>
os.execute("/usr/bin/chkstat -n --warn --system -e %{_libexecdir}/pt_chown")
%postun -p /sbin/ldconfig
%endif # %{normal_build}
@ -1177,7 +1168,6 @@ exit 0
%endif
%{_bindir}/locale
%{_bindir}/localedef
%verify(not mode caps) %attr(4755,root,root) %{_libexecdir}/pt_chown
%dir %attr(0755,root,root) %{_libexecdir}/getconf
%{_libexecdir}/getconf/*
%{_sbindir}/glibc_post_upgrade

87
nonascii-case.patch Normal file
View File

@ -0,0 +1,87 @@
[BZ #15736]
* locale/categories.def (LC_CTYPE): Add "nonascii-case" element.
* string/Makefile (test-strcasecmp-ENV)
(test-strcasecmp-ifunc-ENV): Define.
* string/test-strcasecmp.c (test_main): Run tests in several
locales.
Index: glibc-2.17/locale/categories.def
===================================================================
--- glibc-2.17.orig/locale/categories.def
+++ glibc-2.17/locale/categories.def
@@ -133,6 +133,7 @@ DEFINE_CATEGORY
DEFINE_ELEMENT (_NL_CTYPE_TRANSLIT_IGNORE_LEN, "ctype-translit-ignore-len", std, word)
DEFINE_ELEMENT (_NL_CTYPE_TRANSLIT_IGNORE, "ctype-translit-ignore", std, string)
DEFINE_ELEMENT (_NL_CTYPE_MAP_TO_NONASCII, "map-to-nonascii", std, word)
+ DEFINE_ELEMENT (_NL_CTYPE_NONASCII_CASE, "nonascii-case", std, word)
), _nl_postload_ctype)
Index: glibc-2.17/string/Makefile
===================================================================
--- glibc-2.17.orig/string/Makefile
+++ glibc-2.17/string/Makefile
@@ -69,6 +69,8 @@ noinl-tester-ENV = LANGUAGE=C
tst-strxfrm-ENV = LOCPATH=$(common-objpfx)localedata
tst-strxfrm2-ENV = LOCPATH=$(common-objpfx)localedata
bug-strcoll1-ENV = LOCPATH=$(common-objpfx)localedata
+test-strcasecmp-ENV = LOCPATH=$(common-objpfx)localedata
+test-strcasecmp-ifunc-ENV = LOCPATH=$(common-objpfx)localedata
CFLAGS-inl-tester.c = -fno-builtin
CFLAGS-noinl-tester.c = -fno-builtin
CFLAGS-tst-strlen.c = -fno-builtin
Index: glibc-2.17/string/test-strcasecmp.c
===================================================================
--- glibc-2.17.orig/string/test-strcasecmp.c
+++ glibc-2.17/string/test-strcasecmp.c
@@ -17,6 +17,7 @@
License along with the GNU C Library; if not, see
<http://www.gnu.org/licenses/>. */
+#include <locale.h>
#include <ctype.h>
#define TEST_MAIN
#define TEST_NAME "strcasecmp"
@@ -230,14 +231,18 @@ do_random_tests (void)
}
}
-int
-test_main (void)
+static void
+test_locale (const char *locale)
{
size_t i;
- test_init ();
+ if (setlocale (LC_CTYPE, locale) == NULL)
+ {
+ error (0, 0, "cannot set locale \"%s\"", locale);
+ ret = 1;
+ }
- printf ("%23s", "");
+ printf ("%-23s", locale);
FOR_EACH_IMPL (impl, 0)
printf ("\t%s", impl->name);
putchar ('\n');
@@ -270,6 +275,19 @@ test_main (void)
}
do_random_tests ();
+}
+
+int
+test_main (void)
+{
+ test_init ();
+
+ test_locale ("C");
+ test_locale ("en_US.ISO-8859-1");
+ test_locale ("en_US.UTF-8");
+ test_locale ("tr_TR.ISO-8859-9");
+ test_locale ("tr_TR.UTF-8");
+
return ret;
}