From d6ae5339fb73f87ee27b0dc8ea31e5d568aabb42378050c62acb8bb70f3e46ff Mon Sep 17 00:00:00 2001 From: Andreas Schwab Date: Thu, 12 Aug 2021 08:36:15 +0000 Subject: [PATCH] Accepting request 911560 from home:Andreas_Schwab:Factory - Don't create separate debuginfo packages for cross packages - ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in config file - gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak - gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label and precedence lists - copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid double calls to close() - icon-charmap-close-output.patch: iconv_charmap: Close output file when done - fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182) - librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ #28213) OBS-URL: https://build.opensuse.org/request/show/911560 OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=603 --- copy-and-spawn-sgid-double-close.patch | 28 ++++++++++ fcntl-time-bits-64-redirect.patch | 72 ++++++++++++++++++++++++++ gaiconf-init-double-free.patch | 36 +++++++++++++ gconv-parseconfdir-memory-leak.patch | 37 +++++++++++++ glibc.changes | 22 ++++++++ glibc.spec | 37 +++++++++++-- icon-charmap-close-output.patch | 26 ++++++++++ ldconfig-leak-empty-paths.patch | 30 +++++++++++ librt-null-pointer.patch | 39 ++++++++++++++ 9 files changed, 324 insertions(+), 3 deletions(-) create mode 100644 copy-and-spawn-sgid-double-close.patch create mode 100644 fcntl-time-bits-64-redirect.patch create mode 100644 gaiconf-init-double-free.patch create mode 100644 gconv-parseconfdir-memory-leak.patch create mode 100644 icon-charmap-close-output.patch create mode 100644 ldconfig-leak-empty-paths.patch create mode 100644 librt-null-pointer.patch diff --git a/copy-and-spawn-sgid-double-close.patch b/copy-and-spawn-sgid-double-close.patch new file mode 100644 index 0000000..bda199e --- /dev/null +++ b/copy-and-spawn-sgid-double-close.patch @@ -0,0 +1,28 @@ +From 45caed9d67a00af917d8b5b88d4b5eb1225b7aef Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:10:53 +0530 +Subject: [PATCH] copy_and_spawn_sgid: Avoid double calls to close() + +If close() on infd and outfd succeeded, reset the fd numbers so that +we don't attempt to close them again. + +Reviewed-by: Arjun Shankar +--- + support/support_capture_subprocess.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/support/support_capture_subprocess.c b/support/support_capture_subprocess.c +index 27bfd19c93..0bacf6dbc2 100644 +--- a/support/support_capture_subprocess.c ++++ b/support/support_capture_subprocess.c +@@ -170,6 +170,7 @@ copy_and_spawn_sgid (char *child_id, gid_t gid) + support_subprogram because we only want the program exit status, not the + contents. */ + ret = 0; ++ infd = outfd = -1; + + char * const args[] = {execname, child_id, NULL}; + +-- +2.32.0 + diff --git a/fcntl-time-bits-64-redirect.patch b/fcntl-time-bits-64-redirect.patch new file mode 100644 index 0000000..a752393 --- /dev/null +++ b/fcntl-time-bits-64-redirect.patch @@ -0,0 +1,72 @@ +From c87fcacc50505d550f1bb038382bcc7ea73a5926 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Fri, 6 Aug 2021 09:51:38 +0200 +Subject: [PATCH] Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 + (bug 28182) + +__REDIRECT and __THROW are not compatible with C++ due to the ordering of the +__asm__ alias and the throw specifier. __REDIRECT_NTH has to be used +instead. + +Fixes commit 8a40aff86ba5f64a3a84883e539cb67b ("io: Add time64 alias +for fcntl"), commit 82c395d91ea4f69120d453aeec398e30 ("misc: Add +time64 alias for ioctl"), commit b39ffab860cd743a82c91946619f1b8158 +("Linux: Add time64 alias for prctl"). + +Reviewed-by: Carlos O'Donell +--- + io/fcntl.h | 8 ++++---- + misc/sys/ioctl.h | 4 ++-- + sysdeps/unix/sysv/linux/sys/prctl.h | 2 +- + 3 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/io/fcntl.h b/io/fcntl.h +index 8917a73b42..1c96f98f4d 100644 +--- a/io/fcntl.h ++++ b/io/fcntl.h +@@ -187,10 +187,10 @@ extern int fcntl64 (int __fd, int __cmd, ...); + # endif + #else /* __USE_TIME_BITS64 */ + # ifdef __REDIRECT +-extern int __REDIRECT (fcntl, (int __fd, int __request, ...), +- __fcntl_time64) __THROW; +-extern int __REDIRECT (fcntl64, (int __fd, int __request, ...), +- __fcntl_time64) __THROW; ++extern int __REDIRECT_NTH (fcntl, (int __fd, int __request, ...), ++ __fcntl_time64); ++extern int __REDIRECT_NTH (fcntl64, (int __fd, int __request, ...), ++ __fcntl_time64); + # else + extern int __fcntl_time64 (int __fd, int __request, ...) __THROW; + # define fcntl64 __fcntl_time64 +diff --git a/misc/sys/ioctl.h b/misc/sys/ioctl.h +index 6884d9925f..9945c1e918 100644 +--- a/misc/sys/ioctl.h ++++ b/misc/sys/ioctl.h +@@ -42,8 +42,8 @@ __BEGIN_DECLS + extern int ioctl (int __fd, unsigned long int __request, ...) __THROW; + #else + # ifdef __REDIRECT +-extern int __REDIRECT (ioctl, (int __fd, unsigned long int __request, ...), +- __ioctl_time64) __THROW; ++extern int __REDIRECT_NTH (ioctl, (int __fd, unsigned long int __request, ...), ++ __ioctl_time64); + # else + extern int __ioctl_time64 (int __fd, unsigned long int __request, ...) __THROW; + # define ioctl __ioctl_time64 +diff --git a/sysdeps/unix/sysv/linux/sys/prctl.h b/sysdeps/unix/sysv/linux/sys/prctl.h +index db88938b3a..f0e0d2f27f 100644 +--- a/sysdeps/unix/sysv/linux/sys/prctl.h ++++ b/sysdeps/unix/sysv/linux/sys/prctl.h +@@ -42,7 +42,7 @@ __BEGIN_DECLS + extern int prctl (int __option, ...) __THROW; + #else + # ifdef __REDIRECT +-extern int __REDIRECT (prctl, (int __option, ...), __prctl_time64) __THROW; ++extern int __REDIRECT_NTH (prctl, (int __option, ...), __prctl_time64); + # else + extern int __prctl_time64 (int __option,d ...) __THROW; + # define ioctl __prctl_time64 +-- +2.32.0 + diff --git a/gaiconf-init-double-free.patch b/gaiconf-init-double-free.patch new file mode 100644 index 0000000..71c8ad3 --- /dev/null +++ b/gaiconf-init-double-free.patch @@ -0,0 +1,36 @@ +From 77a34079d8f3d63b61543bf3af93043f8674e4c4 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:11:03 +0530 +Subject: [PATCH] gaiconf_init: Avoid double-free in label and precedence lists + +labellist and precedencelist could get freed a second time if there +are allocation failures, so set them to NULL to avoid a double-free. + +Reviewed-by: Arjun Shankar +--- + sysdeps/posix/getaddrinfo.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index 838a68f022..43dfc6739e 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -2008,6 +2008,7 @@ gaiconf_init (void) + l = l->next; + } + free_prefixlist (labellist); ++ labellist = NULL; + + /* Sort the entries so that the most specific ones are at + the beginning. */ +@@ -2046,6 +2047,7 @@ gaiconf_init (void) + l = l->next; + } + free_prefixlist (precedencelist); ++ precedencelist = NULL; + + /* Sort the entries so that the most specific ones are at + the beginning. */ +-- +2.32.0 + diff --git a/gconv-parseconfdir-memory-leak.patch b/gconv-parseconfdir-memory-leak.patch new file mode 100644 index 0000000..b52f166 --- /dev/null +++ b/gconv-parseconfdir-memory-leak.patch @@ -0,0 +1,37 @@ +From 5f9b78fe35d08739b6da1e5b356786d41116c108 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:10:20 +0530 +Subject: [PATCH] gconv_parseconfdir: Fix memory leak + +The allocated `conf` would leak if we have to skip over the file due +to the underlying filesystem not supporting dt_type. + +Reviewed-by: Arjun Shankar +--- + iconv/gconv_parseconfdir.h | 9 ++++----- + 1 file changed, 4 insertions(+), 5 deletions(-) + +diff --git a/iconv/gconv_parseconfdir.h b/iconv/gconv_parseconfdir.h +index a4153e54c6..2f062689ec 100644 +--- a/iconv/gconv_parseconfdir.h ++++ b/iconv/gconv_parseconfdir.h +@@ -153,12 +153,11 @@ gconv_parseconfdir (const char *dir, size_t dir_len) + struct stat64 st; + if (asprintf (&conf, "%s/%s", buf, ent->d_name) < 0) + continue; +- if (ent->d_type == DT_UNKNOWN +- && (lstat64 (conf, &st) == -1 +- || !S_ISREG (st.st_mode))) +- continue; + +- found |= read_conf_file (conf, dir, dir_len); ++ if (ent->d_type != DT_UNKNOWN ++ || (lstat64 (conf, &st) != -1 && S_ISREG (st.st_mode))) ++ found |= read_conf_file (conf, dir, dir_len); ++ + free (conf); + } + } +-- +2.32.0 + diff --git a/glibc.changes b/glibc.changes index 096282c..479b193 100644 --- a/glibc.changes +++ b/glibc.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Wed Aug 11 12:56:09 UTC 2021 - Andreas Schwab + +- Don't create separate debuginfo packages for cross packages + +------------------------------------------------------------------- +Wed Aug 11 12:23:10 UTC 2021 - Andreas Schwab + +- ldconfig-leak-empty-paths.patch: ldconfig: avoid leak on empty paths in + config file +- gconv-parseconfdir-memory-leak.patch: gconv_parseconfdir: Fix memory leak +- gaiconf-init-double-free.patch: gaiconf_init: Avoid double-free in label + and precedence lists +- copy-and-spawn-sgid-double-close.patch: copy_and_spawn_sgid: Avoid + double calls to close() +- icon-charmap-close-output.patch: iconv_charmap: Close output file when + done +- fcntl-time-bits-64-redirect.patch: Linux: Fix fcntl, ioctl, prctl + redirects for _TIME_BITS=64 (BZ #28182) +- librt-null-pointer.patch: librt: fix NULL pointer dereference (BZ + #28213) + ------------------------------------------------------------------- Tue Aug 10 13:18:54 UTC 2021 - Michael Matz diff --git a/glibc.spec b/glibc.spec index 2588f60..823615f 100644 --- a/glibc.spec +++ b/glibc.spec @@ -75,11 +75,15 @@ ExclusiveArch: do_not_build %define build_utils 0 %define build_testsuite 0 %define build_cross 1 +%undefine _build_create_debug ExcludeArch: %{cross_arch} +%if %{with ringdisabled} +ExclusiveArch: do_not_build +%endif %endif %define host_arch %{?cross_arch}%{!?cross_arch:%{_target_cpu}} -%if %{build_main} || %{build_cross} +%if %{build_main} %define name_suffix %{nil} %else %define name_suffix -%{flavor}-src @@ -277,6 +281,20 @@ Patch306: glibc-fix-double-loopback.diff ### # Patches from upstream ### +# PATCH-FIX-UPSTREAM ldconfig: avoid leak on empty paths in config file +Patch1000: ldconfig-leak-empty-paths.patch +# PATCH-FIX-UPSTREAM gconv_parseconfdir: Fix memory leak +Patch1001: gconv-parseconfdir-memory-leak.patch +# PATCH-FIX-UPSTREAM gaiconf_init: Avoid double-free in label and precedence lists +Patch1002: gaiconf-init-double-free.patch +# PATCH-FIX-UPSTREAM copy_and_spawn_sgid: Avoid double calls to close() +Patch1003: copy-and-spawn-sgid-double-close.patch +# PATCH-FIX-UPSTREAM iconv_charmap: Close output file when done +Patch1004: icon-charmap-close-output.patch +# PATCH-FIX-UPSTREAM Linux: Fix fcntl, ioctl, prctl redirects for _TIME_BITS=64 (BZ #28182) +Patch1005: fcntl-time-bits-64-redirect.patch +# PATCH-FIX-UPSTREAM librt: fix NULL pointer dereference (BZ #28213) +Patch1006: librt-null-pointer.patch ### # Patches awaiting upstream approval @@ -500,6 +518,14 @@ library in a cross compilation setting. %patch2000 -p1 %patch2001 -p1 +%patch1000 -p1 +%patch1001 -p1 +%patch1002 -p1 +%patch1003 -p1 +%patch1004 -p1 +%patch1005 -p1 +%patch1006 -p1 + %patch3000 %build @@ -520,6 +546,11 @@ target="%{host_arch}-suse-linux" case " %arm " in *" %{host_arch} "*) target="%{host_arch}-suse-linux-gnueabi" ;; esac +%ifarch %arm +%define build %{_target_cpu}-suse-linux-gnueabi +%else +%define build %{_target_cpu}-suse-linux +%endif # Don't use as-needed, it breaks glibc assumptions # Before enabling it, run the testsuite and verify that it # passes completely @@ -619,8 +650,7 @@ esac --prefix=%{_prefix} \ --libexecdir=%{_libexecdir} --infodir=%{_infodir} \ $profile \ - --build=%{_build_cpu}-suse-linux \ - --host=${target} \ + --build=%{build} --host=${target} \ %if %{build_cross} --with-headers=%{sysroot}/usr/include \ %else @@ -978,6 +1008,7 @@ rm %{buildroot}%{slibdir}/lp64d %if %{build_cross} # See above export STRIP_KEEP_SYMTAB=*.so* +export NO_BRP_STRIP_DEBUG=true make %{?_smp_mflags} install_root=%{buildroot}/%{sysroot} install -C cc-base rm -rf %{buildroot}/%{sysroot}/%{_libdir}/audit rm -rf %{buildroot}/%{sysroot}/%{_libdir}/gconv diff --git a/icon-charmap-close-output.patch b/icon-charmap-close-output.patch new file mode 100644 index 0000000..baf6775 --- /dev/null +++ b/icon-charmap-close-output.patch @@ -0,0 +1,26 @@ +From 1e0e6d656db9dfa12ef7eb67976385d3deb0d4ff Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:10:29 +0530 +Subject: [PATCH] iconv_charmap: Close output file when done + +Reviewed-by: Arjun Shankar +--- + iconv/iconv_charmap.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/iconv/iconv_charmap.c b/iconv/iconv_charmap.c +index e2d53fee3c..a8b6b56124 100644 +--- a/iconv/iconv_charmap.c ++++ b/iconv/iconv_charmap.c +@@ -234,6 +234,8 @@ charmap_conversion (const char *from_code, struct charmap_t *from_charmap, + while (++remaining < argc); + + /* All done. */ ++ if (output != stdout) ++ fclose (output); + free_table (cvtbl); + return status; + } +-- +2.32.0 + diff --git a/ldconfig-leak-empty-paths.patch b/ldconfig-leak-empty-paths.patch new file mode 100644 index 0000000..dfe07df --- /dev/null +++ b/ldconfig-leak-empty-paths.patch @@ -0,0 +1,30 @@ +From b0234d79e7d82475d1666f25326ec045c045b3ed Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:10:10 +0530 +Subject: [PATCH] ldconfig: avoid leak on empty paths in config file + +Reviewed-by: Arjun Shankar +--- + elf/ldconfig.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/elf/ldconfig.c b/elf/ldconfig.c +index 1037e8d0cf..b8893637f8 100644 +--- a/elf/ldconfig.c ++++ b/elf/ldconfig.c +@@ -503,7 +503,11 @@ add_dir_1 (const char *line, const char *from_file, int from_line) + entry->path[--i] = '\0'; + + if (i == 0) +- return; ++ { ++ free (entry->path); ++ free (entry); ++ return; ++ } + + char *path = entry->path; + if (opt_chroot != NULL) +-- +2.32.0 + diff --git a/librt-null-pointer.patch b/librt-null-pointer.patch new file mode 100644 index 0000000..33eea3f --- /dev/null +++ b/librt-null-pointer.patch @@ -0,0 +1,39 @@ +From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001 +From: Nikita Popov +Date: Mon, 9 Aug 2021 20:17:34 +0530 +Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213) + +Helper thread frees copied attribute on NOTIFY_REMOVED message +received from the OS kernel. Unfortunately, it fails to check whether +copied attribute actually exists (data.attr != NULL). This worked +earlier because free() checks passed pointer before actually +attempting to release corresponding memory. But +__pthread_attr_destroy assumes pointer is not NULL. + +So passing NULL pointer to __pthread_attr_destroy will result in +segmentation fault. This scenario is possible if +notification->sigev_notify_attributes == NULL (which means default +thread attributes should be used). + +Signed-off-by: Nikita Popov +Reviewed-by: Siddhesh Poyarekar +--- + sysdeps/unix/sysv/linux/mq_notify.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c +index 9799dcdaa4..eccae2e4c6 100644 +--- a/sysdeps/unix/sysv/linux/mq_notify.c ++++ b/sysdeps/unix/sysv/linux/mq_notify.c +@@ -131,7 +131,7 @@ helper_thread (void *arg) + to wait until it is done with it. */ + (void) __pthread_barrier_wait (¬ify_barrier); + } +- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) ++ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL) + { + /* The only state we keep is the copy of the thread attributes. */ + __pthread_attr_destroy (data.attr); +-- +2.32.0 +