This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug network/17630] endless loop in getaddr_r (CVE-2014-9402)


https://sourceware.org/bugzilla/show_bug.cgi?id=17630

--- Comment #14 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, ibm/2.20/master has been created
        at  4286dfe63ed09a16328cfd7d7f6c08d8db5297b5 (commit)

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4286dfe63ed09a16328cfd7d7f6c08d8db5297b5

commit 4286dfe63ed09a16328cfd7d7f6c08d8db5297b5
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Sun Jan 11 19:33:17 2015 -0600

    powerpc: Fix POWER7/PPC64 performance regression on LE

    This patch fixes a performance regression on the POWER7/PPC64 memcmp
    porting for Little Endian.  The LE code uses 'ldbrx' instruction to read
    the memory on byte reversed form, however ISA 2.06 just provide the indexed
    form which uses a register value as additional index, instead of a fixed
value
    enconded in the instruction.

    And the port strategy for LE uses r0 index value and update the address
    value on each compare loop interation.  For large compare size values,
    it adds 8 more instructions plus some more depending of trailing
    size.  This patch fixes it by adding pre-calculate indexes to remove the
    address update on loops and tailing sizes.

    For large sizes it shows a considerable gain, with double performance
    pairing with BE.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=118c286f3e1020482e6cbafc3707efcc70114aa8

commit 118c286f3e1020482e6cbafc3707efcc70114aa8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Fri Jan 9 16:04:26 2015 -0500

    powerpc: Optimized strncmp for POWER8/PPC64

    This patch adds an optimized POWER8 strncmp.  The implementation focus
    on speeding up unaligned cases follwing the ideas of power8 strcmp.

    The algorithm first check the initial 16 bytes, then align the first
    function source and uses unaligned loads on second argument only.
    Aditional checks for page boundaries are done for unaligned cases
    (where sources alignment are different).

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ce698f2ab31cd4aa23673ae75af48a345044a883

commit ce698f2ab31cd4aa23673ae75af48a345044a883
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Fri Jan 9 11:56:35 2015 -0500

    powerpc: Optimize POWER7 strcmp trailing checks

    This patch optimized the POWER7 trailing check by avoiding using byte
    read operations and instead use the doubleword already readed with
    bitwise operations.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5c3ef9d5b29a74d959a020ab9b0ef3a8aa2b31e2

commit 5c3ef9d5b29a74d959a020ab9b0ef3a8aa2b31e2
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Jan 7 07:18:30 2015 -0500

    powerpc: Optimized strcmp for POWER8/PPC64

    This patch adds an optimized POWER8 strcmp using unaligned accesses.
    The algorithm first check the initial 16 bytes, then align the first
    function source and uses unaligned loads on second argument only.
    Aditional checks for page boundaries are done for unaligned cases

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=167ab637b959cfe5f7c6354bb48e871d4bd22f7f

commit 167ab637b959cfe5f7c6354bb48e871d4bd22f7f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Dec 31 11:47:41 2014 -0500

    powerpc: Optimized st{r,p}ncpy for POWER8/PPC64

    This patch adds an optimized POWER8 st{r,p}ncpy using unaligned accesses.
    It shows 10%-80% improvement over the optimized POWER7 one that uses
    only aligned accesses, specially on unaligned inputs.

    The algorithm first read and check 16 bytes (if inputs do not cross a 4K
    page size).  The it realign source to 16-bytes and issue a 16 bytes read
    and compare loop to speedup null byte checks for large strings.  Also,
    different from POWER7 optimization, the null pad is done inline in the
    implementation using possible unaligned accesses, instead of realying on
    a memset call.  Special case is added for page cross reads.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2d9a4f5291f7d94a6b713a121e10a272176d6150

commit 2d9a4f5291f7d94a6b713a121e10a272176d6150
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Dec 23 13:39:23 2014 -0500

    powerpc: Optimized strncat for POWER7/PPC64

    With 3eb38795dbbbd816 (Simplify strncat) the generic algorithms uses
    strlen, strnlen, and memcpy.  This is faster than POWER7 current
    implementation, especially for unaligned strings (where POWER7 code
    uses byte-byte operations).

    This patch removes the assembly implementation and uses a multiarch
    specialization based on default algorithm calling optimized POWER7
    symbols.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9bbee93b47dd16f5c9786621634feacf2e450bb3

commit 9bbee93b47dd16f5c9786621634feacf2e450bb3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Dec 23 13:36:34 2014 -0500

    powerpc: Optimized strcat for POWER8/PPC64

    With new optimized strcpy for POWER8, this patch adds an optimized
    strcat which uses it along with default implementation at strings/.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e28541972ba35488f0a94dd55f635f70ce459816

commit e28541972ba35488f0a94dd55f635f70ce459816
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Dec 23 05:59:44 2014 -0600

    powerpc: Optimized st{r,p}cpy for POWER8/PPC64

    This patch adds an optimized POWER8 strcpy using unaligned accesses.
    For strings up to 16 bytes the implementation first calculate the
    string size, like strlen, and issues a memcpy.  For larger strings,
    source is first aligned to 16 bytes and then tested over a loop that
    reads 16 bytes am combine the cmpb results for speedup.  Special case is
    added for page cross reads.

    It shows 30%-60% improvement over the optimized POWER7 one that uses
    only aligned accesses.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e231e34bbff6e4a3ba137bb8610234ebd83496c3

commit e231e34bbff6e4a3ba137bb8610234ebd83496c3
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date:   Wed Dec 31 14:05:00 2014 -0500

    powerpc: POWER7 strcpy optimization for unaligned strings

    This patch optimizes strcpy for ppc64/power7 for unaligned source or
    destination address.  The source or destination address is aligned
    to doubleword and data is shifted based on the alignment and
    added with the previous loaded data to be written as a doubleword.
    For each load, cmpb instruction is used for faster null check.

    The word aligned optimization is also removed, since the new unaligned
    code path shows better results handling word-aligned strings.

    More combination of unaligned inputs is also added in benchtest
    to measure the improvement.The new optimization shows 2 to 80% of
    performance improvement for longer string though it does not show
    big difference on string size less than 16 due to additional checks.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8db5b2abee8383d90abbc40a52f8492c003fbfaa

commit 8db5b2abee8383d90abbc40a52f8492c003fbfaa
Author: Florian Weimer <fweimer@redhat.com>
Date:   Mon Dec 15 17:41:13 2014 +0100

    Avoid infinite loop in nss_dns getnetbyname [BZ #17630]

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7fadf519dbbb5e22e6a5d80928ed6956d8875229

commit 7fadf519dbbb5e22e6a5d80928ed6956d8875229
Author: Jeff Law <law@redhat.com>
Date:   Mon Dec 15 10:09:32 2014 +0100

    CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]

    A larger number of format specifiers coudld cause a stack overflow,
    potentially allowing to bypass _FORTIFY_SOURCE format string
    protection.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4539e3dd986c5c4b60890349dec6c28e18c93365

commit 4539e3dd986c5c4b60890349dec6c28e18c93365
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Nov 19 16:27:56 2014 -0500

    powerpc: Add powerpc64 strpbrk optimization

    This patch makes the POWER7 optimized strpbrk generic by using
    default doubleword stores to zero the hash, instead of VSX
    instructions.  Performance on POWER7/POWER8 does not change.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b6891a48131015cbe2d88ba5796c94ba13f88e8f

commit b6891a48131015cbe2d88ba5796c94ba13f88e8f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Nov 19 15:24:55 2014 -0500

    powerpc: Add powerpc64 strcspn optimization

    This patch makes the POWER7 optimized strcspn generic by using
    default doubleword stores to zero the hash, instead of VSX
    instructions.  Performance on POWER7/POWER8 does not change.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bbab2dadf543ab9e012b7573ccb0ef80c11962c

commit 5bbab2dadf543ab9e012b7573ccb0ef80c11962c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Nov 19 14:24:18 2014 -0500

    powerpc: Add powerpc64 strspn optimization

    This patch makes the POWER7 optimized strspn generic by using
    default doubleword stores to zero the hash, instead of VSX
    instructions. Performance on POWER7/POWER8 machines does not changed.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8b063985c1a750a1947fcf60e4606a3b0d7d0f37

commit 8b063985c1a750a1947fcf60e4606a3b0d7d0f37
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Nov 25 14:32:54 2014 -0500

    powerpc: Fix missing barriers in atomic_exchange_and_add_{acq,rel}

    On powerpc, atomic_exchange_and_add is implemented without any
    barriers.  This patchs adds the missing instruction and memory barrier
    for acquire and release semanthics.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=364c58517bdcc91c5bf1fcb57b4befff8951a51b

commit 364c58517bdcc91c5bf1fcb57b4befff8951a51b
Author: Anton Blanchard <anton@samba.org>
Date:   Tue Nov 25 07:26:12 2014 -0500

    powerpc: Fix __arch_compare_and_exchange_bool_64_rel

    Fix a typo in the inline assembly.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=133a24ba079abf1e762bd4d85670e0bd8df660c4

commit 133a24ba079abf1e762bd4d85670e0bd8df660c4
Author: Carlos O'Donell <carlos@redhat.com>
Date:   Wed Nov 19 11:44:12 2014 -0500

    CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.

    The function wordexp() fails to properly handle the WRDE_NOCMD
    flag when processing arithmetic inputs in the form of "$((... ``))"
    where "..." can be anything valid. The backticks in the arithmetic
    epxression are evaluated by in a shell even if WRDE_NOCMD forbade
    command substitution. This allows an attacker to attempt to pass
    dangerous commands via constructs of the above form, and bypass
    the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
    in exec_comm(), the only place that can execute a shell. All other
    checks for WRDE_NOCMD are superfluous and removed.

    We expand the testsuite and add 3 new regression tests of roughly
    the same form but with a couple of nested levels.

    On top of the 3 new tests we add fork validation to the WRDE_NOCMD
    testing. If any forks are detected during the execution of a wordexp()
    call with WRDE_NOCMD, the test is marked as failed. This is slightly
    heuristic since vfork might be used in the future, but it provides a
    higher level of assurance that no shells were executed as part of
    command substitution with WRDE_NOCMD in effect. In addition it doesn't
    require libpthread or libdl, instead we use the public implementation
    namespace function __register_atfork (already part of the public ABI
    for libpthread).

    Tested on x86_64 with no regressions.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f8fbd413672816a429adc6b6c191ec8ea73421e8

commit f8fbd413672816a429adc6b6c191ec8ea73421e8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Wed Nov 5 08:01:09 2014 -0500

    powerpc: Simplify encoding of POWER8 instruction

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e154589132de915ef165a1e26f89ba6997170c2b

commit e154589132de915ef165a1e26f89ba6997170c2b
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Mon Nov 3 07:26:33 2014 -0500

    powerpc: Fix encoding of POWER8 instruction

    This patch adds a binary encoding for 'mtvsrd' instruction to avoid
    build failures when assembler does not support POWER8.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=46f58099960f7a2603c37c540d2644e392f0fdc7

commit 46f58099960f7a2603c37c540d2644e392f0fdc7
Author: Torvald Riegel <triegel@redhat.com>
Date:   Sat Oct 18 01:01:58 2014 +0200

    powerpc: Change atomic_write_barrier to have release semantics.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5f892cacbdf50322bc3ee2e131c105c71b495086

commit 5f892cacbdf50322bc3ee2e131c105c71b495086
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 15 12:19:09 2014 -0400

    PowerPC: memset optimization for POWER8/PPC64

    This patch adds an optimized memset implementation for POWER8.  For
    sizes from 0 to 255 bytes, a word/doubleword algorithm similar to
    POWER7 optimized one is used.

    For size higher than 255 two strategies are used:

    1. If the constant is different than 0, the memory is written with
       altivec vector instruction;

    2. If constant is 0, dbcz instructions are used.  The loop is unrolled
       to clear 512 byte at time.

    Using vector instructions increases throughput considerable, with a
    double performance for sizes larger than 1024.  The dcbz loops unrolls
    also shows performance improvement, by doubling throughput for sizes
    larger than 8192 bytes.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6bb56b6914e6435e251814a3a0ccd7fb65a7e36

commit e6bb56b6914e6435e251814a3a0ccd7fb65a7e36
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date:   Tue Jul 15 16:54:46 2014 -0400

    PowerPC: multiarch bzero cleanup for PPC64

    This patch cleanups the multiarch bzero for powerpc64 by remove
    the multiarch objects and use instead the the memset embedded
    implementation presented in each multiarch optimization.  The
    code generate is essentially the same, but the TB_TOCLESS (which
    is not essential).

    Conflicts:
        ChangeLog

    This is backport of 3b473fecdf4c52989cd915b649bb6d26c042d048.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=10f5f4c8edc35b4c3912456ffee820975e20a50b

commit 10f5f4c8edc35b4c3912456ffee820975e20a50b
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:44:20 2013 -0600

    Partially revert commit 2663b74f8103a2a8a46b4896439b7a452480fc7c

    This change is necessary in order to avoid the issue documented at
    http://sourceware.org/ml/libc-alpha/2013-05/msg00350.html.

https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6f905009b29769bd27077389ce4379d5de80df2

commit e6f905009b29769bd27077389ce4379d5de80df2
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date:   Fri Nov 15 07:42:33 2013 -0600

    Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.

-----------------------------------------------------------------------

-- 
You are receiving this mail because:
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]