Accepting request 401556 from home:Andreas_Schwab:Factory

- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
  #19755)

OBS-URL: https://build.opensuse.org/request/show/401556
OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=440
This commit is contained in:
Andreas Schwab 2016-06-13 07:05:23 +00:00 committed by Git OBS Bridge
parent f2191fea4d
commit ba646d627b
7 changed files with 115 additions and 6 deletions

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
#19755)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future * The header <regexp.h> is deprecated, and will be removed in a future
release. release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
bsc#940195 bsc#940332 bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed - Patches from upstream removed
* htm-tabort.patch * htm-tabort.patch
* o-tmpfile.patch * o-tmpfile.patch
@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible * On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions with application code using Intel MPX instructions
* CVE-2013-7423 bsc#915526 bsc#934084 * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed - Patches from upstream removed
* nss-dns-memleak.patch * nss-dns-memleak.patch
* sin-sign.patch * sin-sign.patch
@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch * resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch * iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package - Remove sprof.1, and mtrace.1, now included in the man-pages package
(bsc#967190)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de

View File

@ -308,6 +308,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112) # PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch Patch1056: clntudp-call-alloca.patch
# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
Patch1057: nscd-gc-crash.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1 %patch1054 -p1
%patch1055 -p1 %patch1055 -p1
%patch1056 -p1 %patch1056 -p1
%patch1057 -p1
%patch2000 -p1 %patch2000 -p1
%patch2001 -p1 %patch2001 -p1
@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum done < $sum
done done
set -$o set -$o
# Fail build if there where compilation errors during testsuite run
test -f tests.sum
} }
%else %else
# This has to pass on all platforms! # This has to pass on all platforms!

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
#19755)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future * The header <regexp.h> is deprecated, and will be removed in a future
release. release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
bsc#940195 bsc#940332 bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed - Patches from upstream removed
* htm-tabort.patch * htm-tabort.patch
* o-tmpfile.patch * o-tmpfile.patch
@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible * On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions with application code using Intel MPX instructions
* CVE-2013-7423 bsc#915526 bsc#934084 * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed - Patches from upstream removed
* nss-dns-memleak.patch * nss-dns-memleak.patch
* sin-sign.patch * sin-sign.patch
@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch * resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch * iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package - Remove sprof.1, and mtrace.1, now included in the man-pages package
(bsc#967190)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de

View File

@ -307,6 +307,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112) # PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch Patch1056: clntudp-call-alloca.patch
# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
Patch1057: nscd-gc-crash.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1 %patch1054 -p1
%patch1055 -p1 %patch1055 -p1
%patch1056 -p1 %patch1056 -p1
%patch1057 -p1
%patch2000 -p1 %patch2000 -p1
%patch2001 -p1 %patch2001 -p1
@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum done < $sum
done done
set -$o set -$o
# Fail build if there where compilation errors during testsuite run
test -f tests.sum
} }
%else %else
# This has to pass on all platforms! # This has to pass on all platforms!

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Thu Jun 9 09:17:10 UTC 2016 - schwab@suse.de
- nscd-gc-crash.patch: Fix nscd assertion failure in gc (bsc#965699, BZ
#19755)
------------------------------------------------------------------- -------------------------------------------------------------------
Mon May 30 08:23:03 UTC 2016 - schwab@suse.de Mon May 30 08:23:03 UTC 2016 - schwab@suse.de
@ -295,7 +301,7 @@ Wed Aug 5 09:35:41 UTC 2015 - schwab@suse.de
* The header <regexp.h> is deprecated, and will be removed in a future * The header <regexp.h> is deprecated, and will be removed in a future
release. release.
* bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211 * bsc#905313 bsc#920338 bsc#927080 bsc#928723 bsc#931480 bsc#939211
bsc#940195 bsc#940332 bsc#940195 bsc#940332 bsc#944494 bsc#968787
- Patches from upstream removed - Patches from upstream removed
* htm-tabort.patch * htm-tabort.patch
* o-tmpfile.patch * o-tmpfile.patch
@ -441,7 +447,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
and the LC_* variables), are more tightly checked for proper syntax and the LC_* variables), are more tightly checked for proper syntax
* On x86-64, the dynamic linker's lazy-binding support is now compatible * On x86-64, the dynamic linker's lazy-binding support is now compatible
with application code using Intel MPX instructions with application code using Intel MPX instructions
* CVE-2013-7423 bsc#915526 bsc#934084 * CVE-2013-7423 bsc#915526 bsc#934084 bsc#973010
- Patches from upstream removed - Patches from upstream removed
* nss-dns-memleak.patch * nss-dns-memleak.patch
* sin-sign.patch * sin-sign.patch
@ -466,6 +472,7 @@ Mon Sep 8 09:48:26 UTC 2014 - schwab@suse.de
* resolv-dont-ignore-second-answer.patch * resolv-dont-ignore-second-answer.patch
* iconv-ibm-sentinel-check.patch * iconv-ibm-sentinel-check.patch
- Remove sprof.1, and mtrace.1, now included in the man-pages package - Remove sprof.1, and mtrace.1, now included in the man-pages package
(bsc#967190)
------------------------------------------------------------------- -------------------------------------------------------------------
Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de Tue Sep 2 07:52:36 UTC 2014 - schwab@suse.de

View File

@ -308,6 +308,8 @@ Patch1054: 0055-CVE-2016-3706-getaddrinfo-stack-overflow-in-hostent-.patch
Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch Patch1055: 0056-Fix-strfmon_l-Use-specified-locale-for-number-format.patch
# PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112) # PATCH-FIX-UPSTREAM sunrpc: Do not use alloca in clntudp_call (CVE-2016-4429, BZ #20112)
Patch1056: clntudp-call-alloca.patch Patch1056: clntudp-call-alloca.patch
# PATCH-FIX-UPSTREAM Fix nscd assertion failure in gc (BZ #19755)
Patch1057: nscd-gc-crash.patch
### ###
# Patches awaiting upstream approval # Patches awaiting upstream approval
@ -587,6 +589,7 @@ rm nscd/s-stamp
%patch1054 -p1 %patch1054 -p1
%patch1055 -p1 %patch1055 -p1
%patch1056 -p1 %patch1056 -p1
%patch1057 -p1
%patch2000 -p1 %patch2000 -p1
%patch2001 -p1 %patch2001 -p1
@ -872,6 +875,8 @@ make -C cc-base -k check || {
done < $sum done < $sum
done done
set -$o set -$o
# Fail build if there where compilation errors during testsuite run
test -f tests.sum
} }
%else %else
# This has to pass on all platforms! # This has to pass on all platforms!

73
nscd-gc-crash.patch Normal file
View File

@ -0,0 +1,73 @@
[BZ #19755]
* nscd/pwdcache.c (cache_addpw): Lock prune_run_lock while adding
new entries in auto-propagate mode.
* nscd/grpcache.c (cache_addgr): Likewise.
Index: glibc-2.23/nscd/grpcache.c
===================================================================
--- glibc-2.23.orig/nscd/grpcache.c
+++ glibc-2.23/nscd/grpcache.c
@@ -205,10 +205,19 @@ cache_addgr (struct database_dyn *db, in
dataset = NULL;
if (he == NULL)
- dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
+ {
+ /* Prevent an INVALIDATE request from pruning the data between
+ the two calls to cache_add. */
+ if (db->propagate)
+ pthread_mutex_lock (&db->prune_run_lock);
+ dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
+ }
if (dataset == NULL)
{
+ if (he == NULL && db->propagate)
+ pthread_mutex_unlock (&db->prune_run_lock);
+
/* We cannot permanently add the result in the moment. But
we can provide the result as is. Store the data in some
temporary memory. */
@@ -396,6 +405,8 @@ cache_addgr (struct database_dyn *db, in
out:
pthread_rwlock_unlock (&db->lock);
+ if (he == NULL && db->propagate)
+ pthread_mutex_unlock (&db->prune_run_lock);
}
}
Index: glibc-2.23/nscd/pwdcache.c
===================================================================
--- glibc-2.23.orig/nscd/pwdcache.c
+++ glibc-2.23/nscd/pwdcache.c
@@ -198,10 +198,19 @@ cache_addpw (struct database_dyn *db, in
dataset = NULL;
if (he == NULL)
- dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
+ {
+ /* Prevent an INVALIDATE request from pruning the data between
+ the two calls to cache_add. */
+ if (db->propagate)
+ pthread_mutex_lock (&db->prune_run_lock);
+ dataset = (struct dataset *) mempool_alloc (db, total + n, 1);
+ }
if (dataset == NULL)
{
+ if (he == NULL && db->propagate)
+ pthread_mutex_unlock (&db->prune_run_lock);
+
/* We cannot permanently add the result in the moment. But
we can provide the result as is. Store the data in some
temporary memory. */
@@ -374,6 +383,8 @@ cache_addpw (struct database_dyn *db, in
out:
pthread_rwlock_unlock (&db->lock);
+ if (he == NULL && db->propagate)
+ pthread_mutex_unlock (&db->prune_run_lock);
}
}