This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

GNU C Library master sources branch ibm/2.20/master updated. glibc-2.20-51-g2aad087


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.20/master has been updated
       via  2aad087ddc0d14214f3d8fd1731a9b2e15f75091 (commit)
       via  072e4453edcad72cf72cdb46b07d98e088c60c55 (commit)
       via  4d54424420c6300efbf57a7b9aa8635a8b8c1942 (commit)
       via  1bf9d48aec087062e2a14b77cb5ee1fa81be334c (commit)
       via  f9e0f439b72e0b2fb035be1bc60aaceeed7f6ed0 (commit)
       via  b0694b9e98ee64cb25490de0921ce307f3872749 (commit)
       via  f80af76648ed97a76745fad6caa3315a79cb1c7c (commit)
       via  a3a1f4163c4d0f9a36056c8640661a88674ae8a2 (commit)
       via  d73ac1bb436cf1adb62335f53b4fc91a02f40a3b (commit)
       via  33ceaf6187b31ea15284ac65131749e1cb68d2ae (commit)
       via  e42643491c47dcd1c226b4f00f716023e9bcc5ca (commit)
       via  c14e752fc73d34c75d4f84f37fea8e0b1734cf98 (commit)
       via  1b198b7fc764c013d41d1bd7b83fed0ad3dee038 (commit)
       via  2930c79afaf31158f990949cbb7cd6c03d9c0d74 (commit)
      from  ae75fdc50acbdcf5bfda6c3151c537f2ab8ce637 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=2aad087ddc0d14214f3d8fd1731a9b2e15f75091

commit 2aad087ddc0d14214f3d8fd1731a9b2e15f75091
Author: Arjun Shankar <arjun.is@lostca.se>
Date:   Tue Apr 21 14:06:31 2015 +0200

    CVE-2015-1781: resolv/nss_dns/dns-host.c buffer overflow [BZ#18287]
    
    Conflicts:
    	NEWS

diff --git a/ChangeLog b/ChangeLog
index b19db3c..22f2017 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2015-04-21  Arjun Shankar  <arjun.is@lostca.se>
+
+	[BZ #18287]
+	* resolv/nss_dns/dns-host.c (getanswer_r): Adjust buffer length
+	based on padding.  (CVE-2015-1781)
+
 2015-03-10  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 
 	* sysdeps/ieee754/dbl-64/Makefile (CFLAGS-e_pow.c): Add
diff --git a/NEWS b/NEWS
index 4d94c08..8160427 100644
--- a/NEWS
+++ b/NEWS
@@ -10,7 +10,14 @@ Version 2.20.1
 * The following bugs are resolved with this release:
 
   16009, 16617, 16618, 17266, 17370, 17371, 17460, 17485, 17555, 17625,
-  17630, 17801.
+  17630, 17801, 18287
+
+* A buffer overflow in gethostbyname_r and related functions performing DNS
+  requests has been fixed.  If the NSS functions were called with a
+  misaligned buffer, the buffer length change due to pointer alignment was
+  not taken into account.  This could result in application crashes or,
+  potentially arbitrary code execution, using crafted, but syntactically
+  valid DNS responses.  (CVE-2015-1781)
 
 * Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64
   and powerpc64le.  This may improve lock scaling of existing programs on
diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
index 3258e70..ed99703 100644
--- a/resolv/nss_dns/dns-host.c
+++ b/resolv/nss_dns/dns-host.c
@@ -615,7 +615,8 @@ getanswer_r (const querybuf *answer, int anslen, const char *qname, int qtype,
   int have_to_map = 0;
   uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
   buffer += pad;
-  if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
+  buflen = buflen > pad ? buflen - pad : 0;
+  if (__glibc_unlikely (buflen < sizeof (struct host_data)))
     {
       /* The buffer is too small.  */
     too_small:

http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=072e4453edcad72cf72cdb46b07d98e088c60c55

commit 072e4453edcad72cf72cdb46b07d98e088c60c55
Merge: ae75fdc 4d54424
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date:   Thu Apr 16 11:02:14 2015 -0300

    Merge release/2.20/master into ibm/2.20/master
    
    Conflicts:
    	NEWS
    	stdio-common/Makefile

diff --cc ChangeLog
index f856a8a,ccce486..b19db3c
--- a/ChangeLog
+++ b/ChangeLog
@@@ -1,315 -1,145 +1,457 @@@
 +2015-03-10  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/ieee754/dbl-64/Makefile (CFLAGS-e_pow.c): Add
 +	$(config-cflags-nofma).
 +
 +2015-02-23  Paul Pluzhnikov  <ppluzhnikov@google.com>
 +
 +	[BZ #16618]
 +	* stdio-common/tst-sscanf.c (main): Test for buffer overflow.
 +	* stdio-common/vfscanf.c (_IO_vfscanf_internal): Compute needed
 +	size in bytes. Store needed elements in wpmax. Use needed size
 +	in bytes for extend_alloca.
 +
 +2015-02-12  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/unix/sysv/linux/powerpc/htm.h [TABORT]: Fix encoding for
 +	little endian.
 +
 +2014-01-20  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/nptl/tls.h (tcbhead_t): Add tm_capable field.
 +	(TLS_INIT_TP): Add tm_capable initialization.
 +	(TLS_DEFINE_INIT_TP): Likewise.
 +	(THREAD_GET_TM_CAPABLE): New file: get tm_capable field value from
 +	TCB.
 +	(THREAD_SET_TM_CAPABLE): New file: set tm_capable field value in TCB.
 +	* sysdeps/powerpc/nptl/tcb-offsets.sym (TM_CAPABLE): Add field offset
 +	calculation.
 +	* sysdeps/powerpc/powerpc32/sysdep.h (DO_CALL): Abort hardware
 +	transactoion is lock elision is built and TCB tm_capable is set.
 +	* sysdeps/powerpc/powerpc64/sysdep.h (DO_CALL): Likewise.
 +	* sysdeps/unix/sysv/linux/powerpc/powerpc32/sysdep.h
 +	(INTERNAL_SYSCALL_NCS): Likewise.
 +	* sysdeps/unix/sysv/linux/powerpc/powerpc64/sysdep.h
 +	(INTERNAL_SYSCALL_NCS): Likewise.
 +	* sysdeps/powerpc/sysdep.h (ABORT_TRANSACTION): New define.
 +
 +	* sysdeps/powerpc/nptl/elide.h: New file: generic lock elision support
 +	for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/bits/pthreadtypes.h
 +	[pthread_rwlock_t] (__pad1): Change size to 7 bytes in 64 bits case
 +	and remove it for 32 bits case.
 +	[pthread_rwlock_t] (__rwelision): New field for lock elision.
 +	(__PTHREAD_RWLOCK_ELISION_EXTRA): Adjust for new lock elision field
 +	initialization.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-conf.c (elision_init):
 +	Disable lock elision with rdlocks if elision is not available.
 +
 +	* sysdeps/unix/sysv/linux/powerpc/Makefile [nptl]
 +	(sysdep_routines): Add lock elision objects.
 +	* sysdeps/unix/sysv/linux/powerpc/bits/pthreadtypes.h
 +	[pthread_mutex_t] (__spins): Rework to add lock elision field.
 +	[pthread_mutex_t] (__elision): Add field.
 +	[__PTHREAD_SPINS]: Adjust to init lock elision field.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-conf.c: New file: lock
 +	elision definitions for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-lock.c: New file:
 +	implementation of lock elision for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-timed.c: New file:
 +	implementation of timed lock elision for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-trylock.c: New file:
 +	implementation of trylock with lock elision for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/elision-unlock.c: New file:
 +	implementaion of unlock for lock elision for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/force-elision.h: New file:
 +	automatic enable lock elision for mutexes.
 +	* sysdeps/unix/sysv/linux/powerpc/htm.h: New file: hardware
 +	transaction execution definitions for powerpc.
 +	* sysdeps/unix/sysv/linux/powerpc/lowlevellock.h: New file: add TLE
 +	definitions.
 +	* sysdeps/unix/sysv/linux/powerpc/pthread_mutex_cond_lock.c: New file.
 +	* sysdeps/unix/sysv/linux/powerpc/pthread_mutex_lock.c: Likewise.
 +	* sysdeps/unix/sysv/linux/powerpc/pthread_mutex_timedlock.c: Likewise.
 +	* sysdeps/unix/sysv/linux/powerpc/pthread_mutex_trylock.c: Likewise.
 +	* NEWS: Update.
 +
 +2015-01-13  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/power7/memcmp.S (memcmp): Fix performance
 +	regression on LE.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/strncmp-power8.S: New file.
 +	* sysdeps/powerpc/powerpc64/power8/strncmp.S: New file.
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]: Add
 +	strncmp-power8 object.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add __strncmp_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strncmp.c (strncmp): Likewise.
 +	* NEWS: Update.
 +
 +2015-01-13  Rajalakshmi Srinivasaraghavan  <raji@linux.vnet.ibm.com>
 +	    Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/power7/strcmp.S (strcmp): Optimize
 +	trailing byte check.
 +
 +2015-01-13  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Add strcmp-power8 object.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add __strcmp_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcmp-power8.S: New file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcmp.c (strcmp): Add
 +	__strcmp_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/power8/strcmp.S: New file.
 +	* NEWS: Update.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Add strncpy-power8 and stpncpy-power8 objects.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add __strncpy_power8 and stpncpy_power8
 +	implementations.
 +	* sysdeps/powerpc/powerpc64/multiarch/stpncpy-power8.S: New file.
 +	* sysdeps/powerpc/powerpc64/multiarch/stpncpy.c (__stpncpy): Add
 +	__stpncpy_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strncpy-power8.S: New file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strncpy.c (strncpy): Add
 +	__strncpy_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/power8/stpncpy.S: New file.
 +	* sysdeps/powerpc/powerpc64/power8/strncpy.S: New file.
 +	* NEWS: Update.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/strncat-power7.c: New file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strncat-power7.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/power7/strncat.S: Likewise.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]: Add
 +	strncat-power8 object.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcat.c (strcat): Add
 +	__strcat_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add __strcat_power8 implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcat-power8.c: New file:
 +	optimized strcat for power8.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]: Add
 +	strcpy-power8 and stpcpy-power8 objects.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add __strcpy_power8 and __stpcpy_power8
 +	implementations.
 +	* sysdeps/powerpc/powerpc64/multiarch/stpcpy-power8.S: New file:
 +	multiarch stpcpy implementation for POWER8.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcpy-power8.S: New file;
 +	multiarch strcpy implementation for POWER8.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcpy.c (strcpy): Add
 +	__strcpy_power8 function.
 +	* sysdeps/powerpc/powerpc64/power8/stpcpy.S: New file: optimized
 +	stpcpy for POWER8.
 +	* sysdeps/powerpc/powerpc64/power8/strcpy.S: New file: optimized
 +	strcpy for POWER8.
 +	* NEWS: Update.
 +
 +2014-12-31  Rajalakshmi Srinivasaraghavan  <raji@linux.vnet.ibm.com>
 +	    Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/power7/strcpy.S (strcpy): Optimize unaligned
 +	path.
 +	* benchtests/bench-strcpy.c (test_main): Add more unaligned inputs.
 +
 +2014-12-16  Florian Weimer  <fweimer@redhat.com>
 +
 +	[BZ #17630]
 +	* resolv/nss_dns/dns-network.c (getanswer_r): Iterate over alias
 +	names.
 +
 +2014-12-15  Jeff Law  <law@redhat.com>
 +
 +	[BZ #16617]
 +	* stdio-common/vfprintf.c (vfprintf): Allocate large specs array
 +	on the heap.  (CVE-2012-3406)
 +	* stdio-common/bug23-2.c, stdio-common/bug23-3.c: New file.
 +	* stdio-common/bug23-4.c: New file.  Test case by Joseph Myers.
 +	* stdio-common/Makefile (tests): Add bug23-2, bug23-3, bug23-4.
 +
 +2014-12-02  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Remove strpbrk objects.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Remove strpbrk implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strpbrk-ppc64.c: Remove file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strpbrk.c: Remove file.
 +	* sysdeps/powerpc/powerpc64/power7/strpbrk.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/strpbrk.S: New file.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Remove strcspn objects.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Remove strcspn implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcspn-ppc64.c: Remove file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strcspn.c: Remove file.
 +	* sysdeps/powerpc/powerpc64/power7/strcspn.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/strcspn.S: New file.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Remove strspn objetcs.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Remove strspn implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/strspn-power7.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/multiarch/strspn-ppc64.c: Likewise.
 +	* sysdeps/powerpc/powerpc64/power7/strspn.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/strspn.S: New file.
 +
 +2014-12-01  Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/strtok.S: New file.
 +	* sysdeps/powerpc/powerpc64/strtok_r.S: New file.
 +
 +2014-11-26  Adhemerval Zanella  <azanella@linux.ibm.com>
 +
 +	* csu/tst-atomic.c (do_test): Add atomic_exchange_and_add_{acq,rel}
 +	tests.
 +	* sysdeps/powerpc/bits/atomic.h
 +	(__arch_atomic_exchange_and_add_32_acq): Add definition.
 +	(__arch_atomic_exchange_and_add_32_rel): Likewise.
 +	(atomic_exchange_and_add_acq): Likewise.
 +	(atomic_exchange_and_add_rel): Likewise.
 +	* sysdeps/powerpc/powerpc32/bits/atomic.h
 +	(__arch_atomic_exchange_and_add_64_acq): Add definition.
 +	(__arch_atomic_exchange_and_add_64_rel): Likewise.
 +	* sysdeps/powerpc/powerpc64/bits/atomic.h
 +	(__arch_atomic_exchange_and_add_64_acq): Add definition.
 +	(__arch_atomic_exchange_and_add_64_rel): Likewise.
 +
 +2014-11-25  Anton Blanchard <anton@samba.org>
 +
 +	* sysdeps/powerpc/bits/atomic.h
 +	(__arch_compare_and_exchange_bool_64_rel): Load from mem.
 +
 +2014-11-19  Carlos O'Donell  <carlos@redhat.com>
 +	    Florian Weimer  <fweimer@redhat.com>
 +	    Joseph Myers  <joseph@codesourcery.com>
 +	    Adam Conrad  <adconrad@0c3.net>
 +	    Andreas Schwab  <schwab@suse.de>
 +	    Brooks  <bmoses@google.com>
 +
 +	[BZ #17625]
 +	* wordexp-test.c (__dso_handle): Add prototype.
 +	(__register_atfork): Likewise.
 +	(__app_register_atfork): New function.
 +	(registered_forks): New global.
 +	(register_fork): New function.
 +	(test_case): Add 3 new tests for WRDE_CMDSUB.
 +	(main): Call __app_register_atfork.
 +	(testit): If WRDE_NOCMD set registered_forks to zero, run test, and if
 +	fork count is non-zero fail the test.
 +	* posix/wordexp.c (exec_comm): Return WRDE_CMDSUB if WRDE_NOCMD flag
 +	is set.
 +	(parse_dollars): Remove check for WRDE_NOCMD.
 +	(parse_dquote): Likewise.
 +
 +2014-11-05  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/power8/memset.S (MTVSRD_V1_R4): Simplify
 +	definition.
 +	* sysdeps/powerpc/powerpc64/power8/fpu/s_finite.S (MFVSRD_R3_V1):
 +	Likwise.
 +	* sysdeps/powerpc/powerpc64/power8/fpu/s_isinf.S (MFVSRD_R3_V1):
 +	Likewise.
 +	* sysdeps/powerpc/powerpc64/power8/fpu/s_isnan.S (MFVSRD_R3_V1):
 +	Likewise.
 +	* sysdeps/powerpc/powerpc64/power8/fpu/s_llrint.S (MFVSRD_R3_V1):
 +	Likewise.
 +	* sysdeps/powerpc/powerpc64/power8/fpu/s_llround.S (MFVSRD_R3_V1):
 +	Likewise.
 +
 +2014-11-03  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* sysdeps/powerpc/powerpc64/power8/memset.S (MTVSRD_V1_R4): Encode
 +	mtvsrd instruction in binary form.
 +
 +2014-10-31  Torvald Riegel  <triegel@redhat.com>
 +
 +	* sysdeps/powerpc/bits/atomic.h (atomic_write_barrier): Remove and...
 +	* sysdeps/powerpc/powerpc32/bits/atomic.h (atomic_write_barrier):
 +	... add here and use lwsync or sync ...
 +	* sysdeps/powerpc/powerpc64/bits/atomic.h (atomic_write_barrier):
 +	... and add here using lwsync.
 +
 +2014-09-10  Adhemerval Zanella  <azanella@linux.vnet.ibm.com>
 +
 +	* benchtests/bench-memset.c (test_main): Add more test from size
 +	from 32 to 512 bytes.
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Add POWER8 memset object.
 +	* sysdeps/powerpc/powerpc64/multiarch/ifunc-impl-list.c
 +	(__libc_ifunc_impl_list): Add POWER8 memset and bzero implementations.
 +	* sysdeps/powerpc/powerpc64/multiarch/bzero.c (__bzero): Add POWER8
 +	implementation.
 +	* sysdeps/powerpc/powerpc64/multiarch/memset.c (__libc_memset):
 +	Likewise.
 +	* sysdeps/powerpc/powerpc64/multiarch/memset-power8.S: New file:
 +	multiarch POWER8 memset optimization.
 +	* sysdeps/powerpc/powerpc64/power8/memset.S: New file: optimized
 +	POWER8 memset optimization.
 +
 +	* sysdeps/powerpc/powerpc64/multiarch/Makefile [sysdep_routines]:
 +	Remove bzero multiarch objects.
 +	* sysdeps/powerpc/powerpc64/multiarch/bzero-power4.S: Remove file.
 +	* sysdeps/powerpc/powerpc64/multiarch/bzero-power6.S: Likewise.
 +	* sysdeps/powerpc/powerpc64/multiarch/bzero-power7.S: Likewise.
 +	* sysdeps/powerpc/powerpc64/multiarch/memset-power4.S [NO_BZERO_IMPL]:
 +	Remove define.
 +	[__bzero]: Redefine to specific name.
 +	* sysdeps/powerpc/powerpc64/multiarch/memset-power6.S: Likewise.
 +	* sysdeps/powerpc/powerpc64/multiarch/memset-power7.S: Likewise.
 +	* sysdeps/powerpc/powerpc64/power4/memset.S [NO_BZERO_IMPL]: Remove
 +	define.
 +	* sysdeps/powerpc/powerpc64/power6/memset.S: Likewise.
 +	* sysdeps/powerpc/powerpc64/power7/memset.S: Likewise.
 +
+ 2015-02-16  Paul Pluzhnikov  <ppluzhnikov@google.com>
+ 
+ 	[BZ #16618]
+ 	* stdio-common/tst-sscanf.c (main): Test for buffer overflow.
+ 	* stdio-common/vfscanf.c (_IO_vfscanf_internal): Compute needed
+ 	size in bytes. Store needed elements in wpmax. Use needed size
+ 	in bytes for extend_alloca.
+ 
+ 2015-02-16  H.J. Lu  <hongjiu.lu@intel.com>
+ 
+ 	[BZ #17801]
+ 	* sysdeps/x86_64/multiarch/init-arch.c (__init_cpu_features):
+ 	Set the bit_AVX_Fast_Unaligned_Load bit for AVX2.
+ 	* sysdeps/x86_64/multiarch/init-arch.h (bit_AVX_Fast_Unaligned_Load):
+ 	New.
+ 	(index_AVX_Fast_Unaligned_Load): Likewise.
+ 	(HAS_AVX_FAST_UNALIGNED_LOAD): Likewise.
+ 	* sysdeps/x86_64/multiarch/memcpy.S (__new_memcpy): Check the
+ 	bit_AVX_Fast_Unaligned_Load bit instead of the bit_AVX_Usable bit.
+ 	* sysdeps/x86_64/multiarch/memcpy_chk.S (__memcpy_chk): Likewise.
+ 	* sysdeps/x86_64/multiarch/mempcpy.S (__mempcpy): Likewise.
+ 	* sysdeps/x86_64/multiarch/mempcpy_chk.S (__mempcpy_chk): Likewise.
+ 	* sysdeps/x86_64/multiarch/memmove.c (__libc_memmove): Replace
+ 	HAS_AVX with HAS_AVX_FAST_UNALIGNED_LOAD.
+ 	* sysdeps/x86_64/multiarch/memmove_chk.c (__memmove_chk): Likewise.
+ 
+ 2015-02-16  Leonhard Holz  <leonhard.holz@web.de>
+ 
+ 	[BZ #16009]
+ 	* string/strxfrm_l.c (STRXFRM): Allocate fixed size cache for
+ 	weights and rules. Use do_xfrm_cached if data fits in cache,
+ 	do_xfrm otherwise.  Moved former main loop to...
+ 	* (do_xfrm_cached): New function.
+ 	* (do_xfrm): Non-caching version of do_xfrm_cached. Uses
+ 	find_idx, find_position and stack_push.
+ 	* (find_idx): New function.
+ 	* (find_position): Likewise.
+ 	* localedata/sort-test.sh: Added test run for do_xfrm.
+ 	* localedata/xfrm-test.c (main): Added command line option
+ 	-nocache to run the test with strings that are too large for
+ 	the STRXFRM cache.
+ 
+ 2015-02-16  Kostya Serebryany  <konstantin.s.serebryany@gmail.com>
+ 	    Roland McGrath  <roland@hack.frob.com>
+ 
+ 	* locale/weight.h: Add include guard.
+ 	(findidx): Make static rather than auto; take new parameters
+ 	TABLE, INDIRECT, and EXTRA instead of getting them as outer locals.
+ 	* locale/weightwc.h: Likewise.
+ 	* posix/fnmatch_loop.c
+ 	(FCT): Change type of EXTRA from int32_t to wint_t.
+ 	Don't include either header inside the function.
+ 	Call FINDIDX rather than findidx, and pass new arguments.
+ 	#undef FINDIDX at the end of the file.
+ 	* posix/fnmatch.c [_LIBC]: #include <locale/weight.h> and define
+ 	FINDIDX before including fnmatch_loop.c for the non-wide version.
+ 	[_LIBC] [HANDLE_MULTIBYTE]: #define findidx to findidxwc around
+ 	#include <locale/weightwc.h>, and define FINDIDX to findidxwc
+ 	for the wide version.
+ 	* posix/regcomp.c [_LIBC]: #include <locale/weight.h>.
+ 	(build_equiv_class) [_LIBC]: Don't #include it inside the function.
+ 	Pass new arguments to findidx.
+ 	* posix/regexec.c [RE_ENABLE_I18N] [_LIBC]: #include <locale/weight.h>.
+ 	[RE_ENABLE_I18N] (check_node_accept_bytes) [_LIBC]:
+ 	Don't #include it inside the function.  Pass new arguments to findidx.
+ 	* posix/regex_internal.h
+ 	[!NOT_IN_libc] [_LIBC]: #include <locale/weight.h>.
+ 	(re_string_elem_size_at): Don't #include it inside the function.
+ 	Pass new arguments to findidx.
+ 	* string/strcoll_l.c: #include WEIGHT_H at top level.
+ 	(get_next_seq): Don't #include it inside the function.
+ 	Pass new arguments to findidx.
+ 	(get_next_seq_nocache): Likewise.
+ 	* string/strxfrm_l.c: #include WEIGHT_H at top level.
+ 	(STRXFRM): Don't #include it inside the function.
+ 	Pass new arguments to findidx.
+ 
+ 2014-12-16  Florian Weimer  <fweimer@redhat.com>
+ 
+ 	[BZ #17630]
+ 	* resolv/nss_dns/dns-network.c (getanswer_r): Iterate over alias
+ 	names.
+ 
+ 2014-12-15  Jeff Law  <law@redhat.com>
+ 
+ 	[BZ #16617]
+ 	* stdio-common/vfprintf.c (vfprintf): Allocate large specs array
+ 	on the heap.  (CVE-2012-3406)
+ 	* stdio-common/bug23-2.c, stdio-common/bug23-3.c: New file.
+ 	* stdio-common/bug23-4.c: New file.  Test case by Joseph Myers.
+ 	* stdio-common/Makefile (tests): Add bug23-2, bug23-3, bug23-4.
+ 
+ 2014-11-24  Siddhesh Poyarekar  <siddhesh@redhat.com>
+ 
+ 	[BZ #17266]
+ 	* misc/sys/cdefs.h: Define __extern_always_inline for clang
+ 	4.2 and newer.
+ 
+ 2014-11-19  Carlos O'Donell  <carlos@redhat.com>
+ 	    Florian Weimer  <fweimer@redhat.com>
+ 	    Joseph Myers  <joseph@codesourcery.com>
+ 	    Adam Conrad  <adconrad@0c3.net>
+ 	    Andreas Schwab  <schwab@suse.de>
+ 	    Brooks  <bmoses@google.com>
+ 
+ 	[BZ #17625]
+ 	* wordexp-test.c (__dso_handle): Add prototype.
+ 	(__register_atfork): Likewise.
+ 	(__app_register_atfork): New function.
+ 	(registered_forks): New global.
+ 	(register_fork): New function.
+ 	(test_case): Add 3 new tests for WRDE_CMDSUB.
+ 	(main): Call __app_register_atfork.
+ 	(testit): If WRDE_NOCMD set registered_forks to zero, run test, and if
+ 	fork count is non-zero fail the test.
+ 	* posix/wordexp.c (exec_comm): Return WRDE_CMDSUB if WRDE_NOCMD flag
+ 	is set.
+ 	(parse_dollars): Remove check for WRDE_NOCMD.
+ 	(parse_dquote): Likewise.
+ 
+ 2014-11-10  Renlin Li  <Renlin.Li@arm.com>
+ 
+ 	[BZ #17555]
+ 	* sysdeps/aarch64/start.S (_start): Delete x29 overwritten assignment.
+ 
+ 2014-10-22  Maciej W. Rozycki  <macro@codesourcery.com>
+ 
+ 	[BZ #17485]
+ 	* sysdeps/unix/sysv/linux/mips/vfork.S (__libc_vfork): Define.
+ 
+ 2014-10-08  Roland McGrath  <roland@hack.frob.com>
+ 
+ 	[BZ #17460]
+ 	* nscd/nscd.c (more_help): Rewrite list of tables collection
+ 	using xstrdup and asprintf.
+ 
+ 	* nscd/nscd_conf.c: Remove local xstrdup declaration.
+ 
+ 2014-10-09  Allan McRae  <allan@archlinux.org>
+ 
+ 	* po/fr.po: Update French translation from translation project.
+ 
  2014-09-16  Siddhesh Poyarekar  <siddhesh@redhat.com>
  
  	[BZ #17370]
diff --cc NEWS
index 60ece7d,976f2ea..4d94c08
--- a/NEWS
+++ b/NEWS
@@@ -9,19 -9,14 +9,25 @@@ Version 2.20.
  
  * The following bugs are resolved with this release:
  
-   16617, 16618, 17266, 17370, 17371, 17625, 17630, 18104.
+   16009, 16617, 16618, 17266, 17370, 17371, 17460, 17485, 17555, 17625,
+   17630, 17801.
  
 +* Added support for TSX lock elision of pthread mutexes on powerpc32, powerpc64
 +  and powerpc64le.  This may improve lock scaling of existing programs on
 +  HTM capable systems.  The lock elision code is only enabled with
 +  --enable-lock-elision=yes.  Also, the TSX lock elision implementation for
 +  powerpc will issue a transaction abort on every syscall to avoid side
 +  effects being visible outside transactions.
 +
 +* Optimized strcpy, stpcpy, strncpy, stpncpy, strcmp, and strncmp
 +  implementations for powerpc64/powerpc64le.
 +  Implemented by Adhemerval Zanella (IBM).
 +
+ * CVE-2015-1472 Under certain conditions wscanf can allocate too little
+   memory for the to-be-scanned arguments and overflow the allocated
+   buffer.  The implementation now correctly computes the required buffer
+   size when using malloc.
+ 
  * CVE-2104-7817 The wordexp function could ignore the WRDE_NOCMD flag
    under certain input conditions resulting in the execution of a shell for
    command substitution when the applicaiton did not request it. The

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog                              |  148 ++++++++++
 NEWS                                   |   15 +-
 locale/weight.h                        |   13 +-
 locale/weightwc.h                      |   13 +-
 localedata/sort-test.sh                |    7 +
 localedata/xfrm-test.c                 |   52 +++-
 misc/sys/cdefs.h                       |   10 +-
 nscd/nscd.c                            |   45 ++--
 nscd/nscd_conf.c                       |    3 -
 po/fr.po                               |    4 +-
 posix/fnmatch.c                        |    8 +
 posix/fnmatch_loop.c                   |   17 +-
 posix/regcomp.c                        |   10 +-
 posix/regex_internal.h                 |    7 +-
 posix/regexec.c                        |    8 +-
 resolv/nss_dns/dns-host.c              |    3 +-
 stdio-common/Makefile                  |    2 +-
 string/strcoll_l.c                     |    9 +-
 string/strxfrm_l.c                     |  491 +++++++++++++++++++++++++-------
 sysdeps/aarch64/start.S                |    1 -
 sysdeps/unix/sysv/linux/mips/vfork.S   |    1 +
 sysdeps/x86_64/multiarch/init-arch.c   |    9 +-
 sysdeps/x86_64/multiarch/init-arch.h   |    4 +
 sysdeps/x86_64/multiarch/memcpy.S      |    2 +-
 sysdeps/x86_64/multiarch/memcpy_chk.S  |    2 +-
 sysdeps/x86_64/multiarch/memmove.c     |    2 +-
 sysdeps/x86_64/multiarch/memmove_chk.c |    2 +-
 sysdeps/x86_64/multiarch/mempcpy.S     |    2 +-
 sysdeps/x86_64/multiarch/mempcpy_chk.S |    2 +-
 29 files changed, 719 insertions(+), 173 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]