SHA256
3
0
forked from pool/glibc

Accepting request 198529 from home:Andreas_Schwab:Factory

- fcntl-o-tmpfile.patch: Add O_TMPFILE to <fcntl.h> (bnc#837965)
- strcoll-overflow.patch: Update to latest version

OBS-URL: https://build.opensuse.org/request/show/198529
OBS-URL: https://build.opensuse.org/package/show/Base:System/glibc?expand=0&rev=307
This commit is contained in:
Andreas Schwab 2013-09-11 13:17:37 +00:00 committed by Git OBS Bridge
parent 2575a3b7df
commit 66993bce55
8 changed files with 218 additions and 50 deletions

58
fcntl-o-tmpfile.patch Normal file
View File

@ -0,0 +1,58 @@
Index: glibc-2.18/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h
===================================================================
--- glibc-2.18.orig/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h
+++ glibc-2.18/ports/sysdeps/unix/sysv/linux/alpha/bits/fcntl.h
@@ -36,6 +36,7 @@
#define __O_DIRECT 02000000 /* Direct disk access. */
#define __O_NOATIME 04000000 /* Do not set atime. */
#define __O_PATH 040000000 /* Resolve pathname but do not open file. */
+#define __O_TMPFILE 0100100000 /* Atomically create nameless file. */
/* Not necessary, files are always with 64bit off_t. */
#define __O_LARGEFILE 0
Index: glibc-2.18/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h
===================================================================
--- glibc-2.18.orig/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h
+++ glibc-2.18/ports/sysdeps/unix/sysv/linux/hppa/bits/fcntl.h
@@ -37,6 +37,7 @@
#define __O_CLOEXEC 010000000 /* Set close_on_exec. */
#define __O_NOATIME 004000000 /* Do not set atime. */
#define __O_PATH 020000000
+#define __O_TMPFILE 040010000 /* Atomically create nameless file. */
#define __O_LARGEFILE 00004000
Index: glibc-2.18/sysdeps/unix/sysv/linux/bits/fcntl-linux.h
===================================================================
--- glibc-2.18.orig/sysdeps/unix/sysv/linux/bits/fcntl-linux.h
+++ glibc-2.18/sysdeps/unix/sysv/linux/bits/fcntl-linux.h
@@ -96,6 +96,9 @@
#ifndef __O_DSYNC
# define __O_DSYNC 010000
#endif
+#ifndef __O_TMPFILE
+# define __O_TMPFILE 020200000
+#endif
#ifndef F_GETLK
# ifndef __USE_FILE_OFFSET64
@@ -128,6 +131,7 @@
# define O_DIRECT __O_DIRECT /* Direct disk access. */
# define O_NOATIME __O_NOATIME /* Do not set atime. */
# define O_PATH __O_PATH /* Resolve pathname but do not open file. */
+# define O_TMPFILE __O_TMPFILE /* Atomically create nameless file. */
#endif
/* For now, Linux has no separate synchronicitiy options for read
Index: glibc-2.18/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h
===================================================================
--- glibc-2.18.orig/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h
+++ glibc-2.18/sysdeps/unix/sysv/linux/sparc/bits/fcntl.h
@@ -39,6 +39,7 @@
#define __O_DIRECT 0x100000 /* direct disk access hint */
#define __O_NOATIME 0x200000 /* Do not set atime. */
#define __O_PATH 0x1000000 /* Resolve pathname but do not open file. */
+#define __O_TMPFILE 0x2010000 /* Atomically create nameless file. */
#if __WORDSIZE == 64
# define __O_LARGEFILE 0

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Sep 11 10:11:56 UTC 2013 - schwab@suse.de
- fcntl-o-tmpfile.patch: Add O_TMPFILE to <fcntl.h> (bnc#837965)
- strcoll-overflow.patch: Update to latest version
-------------------------------------------------------------------
Tue Aug 13 07:24:59 UTC 2013 - schwab@suse.de

View File

@ -240,6 +240,8 @@ Patch306: glibc-fix-double-loopback.diff
###
# Patches from upstream
###
# PATCH-FIX-UPSTREAM Add O_TMPFILE to <fcntl.h>
Patch1000: fcntl-o-tmpfile.patch
###
# Patches awaiting upstream approval
@ -462,6 +464,8 @@ rm nscd/s-stamp
%patch305 -p1
%patch306 -p1
%patch1000 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
%patch2013 -p1

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Sep 11 10:11:56 UTC 2013 - schwab@suse.de
- fcntl-o-tmpfile.patch: Add O_TMPFILE to <fcntl.h> (bnc#837965)
- strcoll-overflow.patch: Update to latest version
-------------------------------------------------------------------
Tue Aug 13 07:24:59 UTC 2013 - schwab@suse.de

View File

@ -239,6 +239,8 @@ Patch306: glibc-fix-double-loopback.diff
###
# Patches from upstream
###
# PATCH-FIX-UPSTREAM Add O_TMPFILE to <fcntl.h>
Patch1000: fcntl-o-tmpfile.patch
###
# Patches awaiting upstream approval
@ -462,6 +464,8 @@ rm nscd/s-stamp
%patch305 -p1
%patch306 -p1
%patch1000 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
%patch2013 -p1

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Sep 11 10:11:56 UTC 2013 - schwab@suse.de
- fcntl-o-tmpfile.patch: Add O_TMPFILE to <fcntl.h> (bnc#837965)
- strcoll-overflow.patch: Update to latest version
-------------------------------------------------------------------
Tue Aug 13 07:24:59 UTC 2013 - schwab@suse.de

View File

@ -240,6 +240,8 @@ Patch306: glibc-fix-double-loopback.diff
###
# Patches from upstream
###
# PATCH-FIX-UPSTREAM Add O_TMPFILE to <fcntl.h>
Patch1000: fcntl-o-tmpfile.patch
###
# Patches awaiting upstream approval
@ -462,6 +464,8 @@ rm nscd/s-stamp
%patch305 -p1
%patch306 -p1
%patch1000 -p1
# XXX Disable, it breaks the testsuite, test elf/tst-audit2
# %patch2008 -p1
%patch2013 -p1

View File

@ -1,6 +1,8 @@
Siddhesh Poyarekar <siddhesh@redhat.com>
[BZ #14547]
* string/tst-strcoll-overflow.c: New test case.
* string/Makefile (xtests): Add tst-strcoll-overflow.
* string/strcoll_l.c (STRCOLL): Skip allocating memory for
cache if string sizes may cause integer overflow.
@ -12,18 +14,30 @@ Siddhesh Poyarekar <siddhesh@redhat.com>
(STRCOLL): Use get_next_seq_nocache and do_compare_nocache
when malloc fails.
[BZ #14547]
* string/strcoll_l.c (coll_seq): New structure.
(get_next_seq_cached): New function.
(get_next_seq): New function.
(do_compare): New function.
(STRCOLL): Use GNU style definition. Simplify implementation
by using get_next_seq, get_next_seq_cached and do_copare.
by using get_next_seq, get_next_seq_cached and do_compare.
Index: glibc-2.17.90/string/strcoll_l.c
Index: glibc-2.18/string/Makefile
===================================================================
--- glibc-2.17.90.orig/string/strcoll_l.c
+++ glibc-2.17.90/string/strcoll_l.c
--- glibc-2.18.orig/string/Makefile
+++ glibc-2.18/string/Makefile
@@ -57,6 +57,8 @@ tests := tester inl-tester noinl-tester
tests-ifunc := $(strop-tests:%=test-%-ifunc)
tests += $(tests-ifunc)
+xtests = tst-strcoll-overflow
+
include ../Rules
tester-ENV = LANGUAGE=C
Index: glibc-2.18/string/strcoll_l.c
===================================================================
--- glibc-2.18.orig/string/strcoll_l.c
+++ glibc-2.18/string/strcoll_l.c
@@ -41,11 +41,434 @@
#include "../locale/localeinfo.h"
@ -32,15 +46,15 @@ Index: glibc-2.17.90/string/strcoll_l.c
+typedef struct
+{
+ int len; /* Length of the current sequence. */
+ int val; /* Position of the sequence relative to the
+ size_t val; /* Position of the sequence relative to the
+ previous non-ignored sequence. */
+ size_t idxnow; /* Current index in sequences. */
+ size_t idxmax; /* Maximum index in sequences. */
+ size_t idxcnt; /* Current count of indeces. */
+ size_t idxcnt; /* Current count of indices. */
+ size_t backw; /* Current Backward sequence index. */
+ size_t backw_stop; /* Index where the backward sequences stop. */
+ const USTRING_TYPE *us; /* The string. */
+ int32_t *idxarr; /* Array to cache weight indeces. */
+ int32_t *idxarr; /* Array to cache weight indices. */
+ unsigned char *rulearr; /* Array to cache rules. */
+ unsigned char rule; /* Saved rule for the first sequence. */
+ int32_t idx; /* Index to weight of the current sequence. */
@ -50,14 +64,14 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ const USTRING_TYPE *back_us; /* Beginning of the backward sequence. */
+} coll_seq;
+
+/* Get next sequence. The weight indeces are cached, so we don't need to
+/* Get next sequence. The weight indices are cached, so we don't need to
+ traverse the string. */
+static void
+get_next_seq_cached (coll_seq *seq, int nrules, int pass,
+ const unsigned char *rulesets,
+ const USTRING_TYPE *weights)
+{
+ int val = seq->val = 0;
+ size_t val = seq->val = 0;
+ int len = seq->len;
+ size_t backw_stop = seq->backw_stop;
+ size_t backw = seq->backw;
@ -72,7 +86,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ ++val;
+ if (backw_stop != ~0ul)
+ {
+ /* The is something pushed. */
+ /* There is something pushed. */
+ if (backw == backw_stop)
+ {
+ /* The last pushed character was handled. Continue
@ -110,7 +124,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ {
+ /* No sequence at all or just one. */
+ if (idxcnt == idxmax)
+ /* Note that seq1len is still zero. */
+ /* Note that LEN is still zero. */
+ break;
+
+ backw_stop = ~0ul;
@ -139,7 +153,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ const USTRING_TYPE *extra, const int32_t *indirect)
+{
+#include WEIGHT_H
+ int val = seq->val = 0;
+ size_t val = seq->val = 0;
+ int len = seq->len;
+ size_t backw_stop = seq->backw_stop;
+ size_t backw = seq->backw;
@ -155,7 +169,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ ++val;
+ if (backw_stop != ~0ul)
+ {
+ /* The is something pushed. */
+ /* There is something pushed. */
+ if (backw == backw_stop)
+ {
+ /* The last pushed character was handled. Continue
@ -167,7 +181,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ }
+ else
+ /* Nothing any more. The backward sequence ended with
+ the last sequence in the string. Note that seq2len
+ the last sequence in the string. Note that LEN
+ is still zero. */
+ break;
+ }
@ -196,7 +210,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ {
+ /* No sequence at all or just one. */
+ if (idxcnt == idxmax || backw_stop > idxcnt)
+ /* Note that seq1len is still zero. */
+ /* Note that LEN is still zero. */
+ break;
+
+ backw_stop = ~0ul;
@ -229,7 +243,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ int pass)
+{
+#include WEIGHT_H
+ int val = seq->val = 0;
+ size_t val = seq->val = 0;
+ int len = seq->len;
+ size_t backw_stop = seq->backw_stop;
+ size_t backw = seq->backw;
@ -243,7 +257,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ ++val;
+ if (backw_stop != ~0ul)
+ {
+ /* The is something pushed. */
+ /* There is something pushed. */
+ if (backw == backw_stop)
+ {
+ /* The last pushed character was handled. Continue
@ -267,7 +281,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ /* XXX Traverse BACKW sequences from the beginning of
+ BACKW_STOP to get the next sequence. Is ther a quicker way
+ to do this? */
+ int i = backw_stop;
+ size_t i = backw_stop;
+ us = seq->back_us;
+ while (i < backw)
+ {
@ -333,7 +347,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ }
+
+ len = weights[idx++];
+ /* Skip over indeces of previous levels. */
+ /* Skip over indices of previous levels. */
+ for (int i = 0; i < pass; i++)
+ {
+ idx += len;
@ -361,8 +375,8 @@ Index: glibc-2.17.90/string/strcoll_l.c
+{
+ int seq1len = seq1->len;
+ int seq2len = seq2->len;
+ int val1 = seq1->val;
+ int val2 = seq2->val;
+ size_t val1 = seq1->val;
+ size_t val2 = seq2->val;
+ int idx1 = seq1->idx;
+ int idx2 = seq2->idx;
+ int result = 0;
@ -370,7 +384,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ /* Test for position if necessary. */
+ if (position && val1 != val2)
+ {
+ result = val1 - val2;
+ result = val1 > val2 ? 1 : -1;
+ goto out;
+ }
+
@ -411,8 +425,8 @@ Index: glibc-2.17.90/string/strcoll_l.c
+{
+ int seq1len = seq1->len;
+ int seq2len = seq2->len;
+ int val1 = seq1->val;
+ int val2 = seq2->val;
+ size_t val1 = seq1->val;
+ size_t val2 = seq2->val;
+ int32_t *idx1arr = seq1->idxarr;
+ int32_t *idx2arr = seq2->idxarr;
+ int idx1now = seq1->idxnow;
@ -422,7 +436,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ /* Test for position if necessary. */
+ if (position && val1 != val2)
+ {
+ result = val1 - val2;
+ result = val1 > val2 ? 1 : -1;
+ goto out;
+ }
+
@ -528,7 +542,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
/* Perform the first pass over the string and while doing this find
and store the weights for each character. Since we want this to
be as fast as possible we are using `alloca' to store the temporary
@@ -127,411 +516,124 @@ STRCOLL (s1, s2, l)
@@ -127,411 +516,122 @@ STRCOLL (s1, s2, l)
Please note that the localedef programs makes sure that `position'
is not used at the first level. */
@ -557,7 +571,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
- rule1arr = (unsigned char *) alloca (s1len);
- rule2arr = (unsigned char *) alloca (s2len);
- }
-
- idx1cnt = 0;
- idx2cnt = 0;
- idx1max = 0;
@ -575,10 +589,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
- {
- val1 = 0;
- val2 = 0;
+ coll_seq seq1, seq2;
+ bool use_malloc = false;
+ int result = 0;
-
- /* Get the next non-IGNOREd element for string `s1'. */
- if (seq1len == 0)
- do
@ -723,8 +734,6 @@ Index: glibc-2.17.90/string/strcoll_l.c
- result = val1 - val2;
- goto free_and_return;
- }
+ memset (&seq1, 0, sizeof (seq1));
+ seq2 = seq1;
- /* Compare the two sequences. */
- do
@ -735,26 +744,33 @@ Index: glibc-2.17.90/string/strcoll_l.c
- result = weights[idx1arr[idx1now]] - weights[idx2arr[idx2now]];
- goto free_and_return;
- }
+ size_t size_max = SIZE_MAX / (sizeof (int32_t) + 1);
+ coll_seq seq1, seq2;
+ bool use_malloc = false;
+ int result = 0;
- /* Increment the offsets. */
- ++idx1arr[idx1now];
- ++idx2arr[idx2now];
+ /* If the strings are long enough to cause overflow in the size request, then
+ skip the allocation and proceed with the non-cached routines. */
+ if (MIN (s1len, s2len) > size_max
+ || MAX (s1len, s2len) > size_max - MIN (s1len, s2len))
+ goto begin_collate;
+ memset (&seq1, 0, sizeof (seq1));
+ seq2 = seq1;
- --seq1len;
- --seq2len;
- }
- while (seq1len > 0 && seq2len > 0);
+ if (! __libc_use_alloca ((s1len + s2len) * (sizeof (int32_t) + 1)))
+ {
+ seq1.idxarr = (int32_t *) malloc ((s1len + s2len) * (sizeof (int32_t) + 1));
+ size_t size_max = SIZE_MAX / (sizeof (int32_t) + 1);
- if (position && seq1len != seq2len)
+ if (MIN (s1len, s2len) > size_max
+ || MAX (s1len, s2len) > size_max - MIN (s1len, s2len))
+ {
+ /* If the strings are long enough to cause overflow in the size request,
+ then skip the allocation and proceed with the non-cached routines. */
+ }
+ else if (! __libc_use_alloca ((s1len + s2len) * (sizeof (int32_t) + 1)))
+ {
+ seq1.idxarr = (int32_t *) malloc ((s1len + s2len) * (sizeof (int32_t) + 1));
+
+ /* If we failed to allocate memory, we leave everything as NULL so that
+ we use the nocache version of traversal and comparison functions. */
+ if (seq1.idxarr != NULL)
@ -775,13 +791,11 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ seq2.rulearr = (unsigned char *) alloca (s2len);
+ }
+
+ int rule;
+ int rule = 0;
- /* Now the remaining passes over the weights. We now use the
- indeces we found before. */
- for (pass = 1; pass < nrules; ++pass)
+ begin_collate:
+ rule = 0;
+ /* Cache values in the first pass and if needed, use them in subsequent
+ passes. */
+ for (int pass = 0; pass < nrules; ++pass)
@ -796,7 +810,7 @@ Index: glibc-2.17.90/string/strcoll_l.c
+ seq2.backw = ~0ul;
+
+ /* We need the elements of the strings as unsigned values since they
+ are used as indeces. */
+ are used as indices. */
+ seq1.us = (const USTRING_TYPE *) s1;
+ seq2.us = (const USTRING_TYPE *) s2;
+
@ -1024,3 +1038,69 @@ Index: glibc-2.17.90/string/strcoll_l.c
return result;
}
Index: glibc-2.18/string/tst-strcoll-overflow.c
===================================================================
--- /dev/null
+++ glibc-2.18/string/tst-strcoll-overflow.c
@@ -0,0 +1,61 @@
+/* Copyright (C) 2013 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <http://www.gnu.org/licenses/>. */
+
+#include <locale.h>
+#include <stdio.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+
+/* Verify that strcoll does not crash for large strings for which it cannot
+ cache weight lookup results. The size is large enough to cause integer
+ overflows on 32-bit as well as buffer overflows on 64-bit. The test should
+ work reasonably reliably when overcommit is disabled, but it obviously
+ depends on how much memory the system has. There's a limitation to this
+ test in that it does not run to completion. Actually collating such a
+ large string can take days and we can't have xcheck running that long. For
+ that reason, we run the test for about 5 minutes and then assume that
+ everything is fine if there are no crashes. */
+#define SIZE 0x40000000ul
+
+int
+do_test (void)
+{
+ if (setlocale (LC_COLLATE, "en_GB.UTF-8") == NULL)
+ {
+ puts ("setlocale failed, cannot test for overflow");
+ return 0;
+ }
+
+ char *p = malloc (SIZE);
+
+ if (p == NULL)
+ {
+ puts ("could not allocate memory");
+ return 1;
+ }
+
+ memset (p, 'x', SIZE - 1);
+ p[SIZE - 1] = 0;
+ printf ("%d\n", strcoll (p, p));
+ return 0;
+}
+
+#define TIMEOUT 300
+#define EXPECTED_SIGNAL SIGALRM
+#define TEST_FUNCTION do_test ()
+#include "../test-skeleton.c"