Backport: Add _FORTIFY_SOURCE support for inet_pton

- Backport: debug: Re-flow and sort routines variable in Makefile
  (RHEL-44920)
- Backport: inet: Rearrange and sort Makefile variables (RHEL-44920)
- Backport: Prepare inet_ntop to be fortified (RHEL-44920)
- Backport: Add missing guards in include/arpa/inet.h (RHEL-44920)
- Backport: Add _FORTIFY_SOURCE support for inet_ntop (RHEL-44920)
- Backport: Prepare inet_pton to be fortified (RHEL-44920)
- Backport: Add _FORTIFY_SOURCE support for inet_pton (RHEL-44920)

Resolves: RHEL-44920
This commit is contained in:
Frédéric Bérat 2025-03-31 21:09:49 +02:00
parent 6cf5f3f769
commit 44f7d061cb
9 changed files with 1369 additions and 1 deletions

135
glibc-RHEL-44920-1.patch Normal file
View File

@ -0,0 +1,135 @@
commit 4e4641164d2722d622a1bf3b5e4583538d9c7227
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Apr 17 15:41:08 2023 +0200
debug: Re-flow and sort routines variable in Makefile
Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Conflicts:
debug/Makefile (fixed context)
diff --git a/debug/Makefile b/debug/Makefile
index 63395fc626610a53..c19c76e2b8564bd2 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -28,31 +28,94 @@ headers := execinfo.h
# Note that ptsname_r_chk and getlogin_r are not here, but in
# login/Makefile instead. If that subdir is omitted from the
# build, its _FORTIFY_SOURCE support will be too.
-routines = backtrace backtracesyms backtracesymsfd noophooks \
- memcpy_chk memmove_chk mempcpy_chk memset_chk stpcpy_chk \
- strcat_chk strcpy_chk strncat_chk strncpy_chk stpncpy_chk \
- sprintf_chk vsprintf_chk snprintf_chk vsnprintf_chk \
- printf_chk fprintf_chk vprintf_chk vfprintf_chk \
- gets_chk chk_fail readonly-area fgets_chk fgets_u_chk \
- read_chk pread_chk pread64_chk recv_chk recvfrom_chk \
- readlink_chk readlinkat_chk getwd_chk getcwd_chk \
- realpath_chk fread_chk fread_u_chk \
- wctomb_chk wcscpy_chk wmemcpy_chk wmemmove_chk wmempcpy_chk \
- wcpcpy_chk wcsncpy_chk wcscat_chk wcsncat_chk wmemset_chk \
- wcpncpy_chk \
- swprintf_chk vswprintf_chk wprintf_chk fwprintf_chk \
- vwprintf_chk vfwprintf_chk fgetws_chk fgetws_u_chk \
- confstr_chk getgroups_chk ttyname_r_chk \
- gethostname_chk getdomainname_chk wcrtomb_chk mbsnrtowcs_chk \
- wcsnrtombs_chk mbsrtowcs_chk wcsrtombs_chk mbstowcs_chk \
- wcstombs_chk asprintf_chk vasprintf_chk dprintf_chk \
- vdprintf_chk obprintf_chk vobprintf_chk \
- longjmp_chk ____longjmp_chk \
- fdelt_chk poll_chk ppoll_chk \
- explicit_bzero_chk \
- stack_chk_fail fortify_fail \
- readonly-area-fallback \
- $(static-only-routines)
+routines = \
+ ____longjmp_chk \
+ asprintf_chk \
+ backtrace \
+ backtracesyms \
+ backtracesymsfd \
+ chk_fail \
+ confstr_chk \
+ dprintf_chk \
+ explicit_bzero_chk \
+ fdelt_chk \
+ fgets_chk \
+ fgets_u_chk \
+ fgetws_chk \
+ fgetws_u_chk \
+ fortify_fail \
+ fprintf_chk \
+ fread_chk \
+ fread_u_chk \
+ fwprintf_chk \
+ getcwd_chk \
+ getdomainname_chk \
+ getgroups_chk \
+ gethostname_chk \
+ gets_chk \
+ getwd_chk \
+ longjmp_chk \
+ mbsnrtowcs_chk \
+ mbsrtowcs_chk \
+ mbstowcs_chk \
+ memcpy_chk \
+ memmove_chk \
+ mempcpy_chk \
+ memset_chk \
+ noophooks \
+ obprintf_chk \
+ poll_chk \
+ ppoll_chk \
+ pread64_chk \
+ pread_chk \
+ printf_chk \
+ read_chk \
+ readlink_chk \
+ readlinkat_chk \
+ readonly-area \
+ readonly-area-fallback \
+ realpath_chk \
+ recv_chk \
+ recvfrom_chk \
+ snprintf_chk \
+ sprintf_chk \
+ stack_chk_fail \
+ stpcpy_chk \
+ stpncpy_chk \
+ strcat_chk \
+ strcpy_chk \
+ strncat_chk \
+ strncpy_chk \
+ swprintf_chk \
+ ttyname_r_chk \
+ vasprintf_chk \
+ vdprintf_chk \
+ vfprintf_chk \
+ vfwprintf_chk \
+ vobprintf_chk \
+ vprintf_chk \
+ vsnprintf_chk \
+ vsprintf_chk \
+ vswprintf_chk \
+ vwprintf_chk \
+ wcpcpy_chk \
+ wcpncpy_chk \
+ wcrtomb_chk \
+ wcscat_chk \
+ wcscpy_chk \
+ wcsncat_chk \
+ wcsncpy_chk \
+ wcsnrtombs_chk \
+ wcsrtombs_chk \
+ wcstombs_chk \
+ wctomb_chk \
+ wmemcpy_chk \
+ wmemmove_chk \
+ wmempcpy_chk \
+ wmemset_chk \
+ wprintf_chk \
+ $(static-only-routines)
+ # routines
static-only-routines := stack_chk_fail_local
# Don't add stack_chk_fail_local.o to libc.a since __stack_chk_fail_local

168
glibc-RHEL-44920-2.patch Normal file
View File

@ -0,0 +1,168 @@
commit b6b8a88cf59a00d7716e9dd2e5ba92eedfec69ce
Author: Arjun Shankar <arjun@redhat.com>
Date: Mon Oct 2 14:55:13 2023 +0200
inet: Rearrange and sort Makefile variables
Rearrange lists of routines, tests, etc. into one-per-line in
inet/Makefile and sort them using scripts/sort-makefile-lines.py.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
diff --git a/inet/Makefile b/inet/Makefile
index cf4cf5cf8ae6732f..b7d6e40fb319f52d 100644
--- a/inet/Makefile
+++ b/inet/Makefile
@@ -22,41 +22,123 @@ subdir := inet
include ../Makeconfig
-headers := netinet/ether.h netinet/in.h netinet/in_systm.h \
- netinet/if_ether.h netinet/igmp.h \
- netinet/tcp.h netinet/ip.h $(wildcard arpa/*.h protocols/*.h) \
- aliases.h ifaddrs.h netinet/ip6.h netinet/icmp6.h bits/in.h \
- rpc/netdb.h
-
-routines := htonl htons \
- inet_lnaof inet_mkadr \
- inet_netof inet_ntoa inet_net herrno herrno-loc \
- gethstbyad gethstbyad_r gethstbynm gethstbynm2 gethstbynm2_r \
- gethstbynm_r gethstent gethstent_r \
- getnetbyad getnetbyad_r getnetbynm getnetent getnetent_r \
- getnetbynm_r \
- getproto getproto_r getprtent getprtent_r getprtname getprtname_r \
- getsrvbynm getsrvbynm_r getsrvbypt getsrvbypt_r getservent \
- getservent_r getrpcent getrpcbyname getrpcbynumber \
- getrpcent_r getrpcbyname_r getrpcbynumber_r \
- ether_aton ether_aton_r ether_hton ether_line \
- ether_ntoa ether_ntoa_r ether_ntoh \
- rcmd rexec ruserpass bindresvport \
- getnetgrent_r getnetgrent \
- getaliasent_r getaliasent getaliasname getaliasname_r \
- in6_addr getnameinfo if_index ifaddrs inet6_option \
- getipv4sourcefilter setipv4sourcefilter \
- getsourcefilter setsourcefilter inet6_opt inet6_rth \
- inet6_scopeid_pton deadline idna idna_name_classify
+headers := \
+ $(wildcard arpa/*.h protocols/*.h) \
+ aliases.h \
+ bits/in.h \
+ ifaddrs.h \
+ netinet/ether.h \
+ netinet/icmp6.h \
+ netinet/if_ether.h \
+ netinet/igmp.h \
+ netinet/in.h \
+ netinet/in_systm.h \
+ netinet/ip.h \
+ netinet/ip6.h \
+ netinet/tcp.h \
+ rpc/netdb.h \
+ # headers
+
+routines := \
+ bindresvport \
+ deadline \
+ ether_aton \
+ ether_aton_r \
+ ether_hton \
+ ether_line \
+ ether_ntoa \
+ ether_ntoa_r \
+ ether_ntoh \
+ getaliasent \
+ getaliasent_r \
+ getaliasname \
+ getaliasname_r \
+ gethstbyad \
+ gethstbyad_r \
+ gethstbynm \
+ gethstbynm2 \
+ gethstbynm2_r \
+ gethstbynm_r \
+ gethstent \
+ gethstent_r \
+ getipv4sourcefilter \
+ getnameinfo \
+ getnetbyad \
+ getnetbyad_r \
+ getnetbynm \
+ getnetbynm_r \
+ getnetent \
+ getnetent_r \
+ getnetgrent \
+ getnetgrent_r \
+ getproto \
+ getproto_r \
+ getprtent \
+ getprtent_r \
+ getprtname \
+ getprtname_r \
+ getrpcbyname \
+ getrpcbyname_r \
+ getrpcbynumber \
+ getrpcbynumber_r \
+ getrpcent \
+ getrpcent_r \
+ getservent \
+ getservent_r \
+ getsourcefilter \
+ getsrvbynm \
+ getsrvbynm_r \
+ getsrvbypt \
+ getsrvbypt_r \
+ herrno \
+ herrno-loc \
+ htonl \
+ htons \
+ idna \
+ idna_name_classify \
+ if_index \
+ ifaddrs \
+ in6_addr \
+ inet6_opt \
+ inet6_option \
+ inet6_rth \
+ inet6_scopeid_pton \
+ inet_lnaof \
+ inet_mkadr \
+ inet_net \
+ inet_netof \
+ inet_ntoa \
+ rcmd \
+ rexec \
+ ruserpass \
+ setipv4sourcefilter \
+ setsourcefilter \
+ # routines
install-others = $(inst_sysconfdir)/rpc
aux := check_pf check_native ifreq
-tests := htontest test_ifindex tst-ntoa tst-ether_aton tst-network \
- tst-gethnm test-ifaddrs bug-if1 test-inet6_opt tst-ether_line \
- tst-getni1 tst-getni2 tst-inet6_rth tst-checks tst-checks-posix \
- tst-sockaddr test-hnto-types tst-if_index-long
+tests := \
+ bug-if1 \
+ htontest \
+ test-hnto-types \
+ test-ifaddrs \
+ test-inet6_opt \
+ test_ifindex \
+ tst-checks \
+ tst-checks-posix \
+ tst-ether_aton \
+ tst-ether_line \
+ tst-gethnm \
+ tst-getni1 \
+ tst-getni2 \
+ tst-if_index-long \
+ tst-inet6_rth \
+ tst-network \
+ tst-ntoa \
+ tst-sockaddr \
+ # tests
# tst-deadline must be linked statically so that we can access
# internal functions.

81
glibc-RHEL-44920-3.patch Normal file
View File

@ -0,0 +1,81 @@
commit 84373ef7b72c9c8ab61ce1fdfd798777715a1a52
Author: Frédéric Bérat <fberat@redhat.com>
Date: Fri Mar 7 14:42:26 2025 +0100
Prepare inet_ntop to be fortified
Rename inet_ntop to __inet_ntop and create the inet_ntop weak alias
based on it in order to prepare for disabling fortification when
available.
Reviewed-by: Florian Weimer <fweimer@redhat.com>
diff --git a/include/arpa/inet.h b/include/arpa/inet.h
index df9472ba3bc52689..d1ea13bb19d4a497 100644
--- a/include/arpa/inet.h
+++ b/include/arpa/inet.h
@@ -5,7 +5,9 @@
extern int __inet_aton_exact (const char *__cp, struct in_addr *__inp);
libc_hidden_proto (__inet_aton_exact)
-libc_hidden_proto (inet_ntop)
+extern __typeof (inet_ntop) __inet_ntop;
+libc_hidden_proto (__inet_ntop)
+
libc_hidden_proto (inet_pton)
extern __typeof (inet_pton) __inet_pton;
libc_hidden_proto (__inet_pton)
diff --git a/inet/getnameinfo.c b/inet/getnameinfo.c
index 8380d8578361b289..d0c6de6ba12b6298 100644
--- a/inet/getnameinfo.c
+++ b/inet/getnameinfo.c
@@ -323,7 +323,7 @@ gni_host_inet_numeric (struct scratch_buffer *tmpbuf,
if (sa->sa_family == AF_INET6)
{
const struct sockaddr_in6 *sin6p = (const struct sockaddr_in6 *) sa;
- if (inet_ntop (AF_INET6, &sin6p->sin6_addr, host, hostlen) == NULL)
+ if (__inet_ntop (AF_INET6, &sin6p->sin6_addr, host, hostlen) == NULL)
return EAI_OVERFLOW;
uint32_t scopeid = sin6p->sin6_scope_id;
@@ -350,7 +350,7 @@ gni_host_inet_numeric (struct scratch_buffer *tmpbuf,
else
{
const struct sockaddr_in *sinp = (const struct sockaddr_in *) sa;
- if (inet_ntop (AF_INET, &sinp->sin_addr, host, hostlen) == NULL)
+ if (__inet_ntop (AF_INET, &sinp->sin_addr, host, hostlen) == NULL)
return EAI_OVERFLOW;
}
return 0;
diff --git a/resolv/inet_ntop.c b/resolv/inet_ntop.c
index c4d38c0f951013e5..acf5f3cb885e2e47 100644
--- a/resolv/inet_ntop.c
+++ b/resolv/inet_ntop.c
@@ -42,7 +42,7 @@ static const char *inet_ntop4 (const u_char *src, char *dst, socklen_t size);
static const char *inet_ntop6 (const u_char *src, char *dst, socklen_t size);
/* char *
- * inet_ntop(af, src, dst, size)
+ * __inet_ntop(af, src, dst, size)
* convert a network format address to presentation format.
* return:
* pointer to presentation format address (`dst'), or NULL (see errno).
@@ -50,7 +50,7 @@ static const char *inet_ntop6 (const u_char *src, char *dst, socklen_t size);
* Paul Vixie, 1996.
*/
const char *
-inet_ntop (int af, const void *src, char *dst, socklen_t size)
+__inet_ntop (int af, const void *src, char *dst, socklen_t size)
{
switch (af) {
case AF_INET:
@@ -63,7 +63,8 @@ inet_ntop (int af, const void *src, char *dst, socklen_t size)
}
/* NOTREACHED */
}
-libc_hidden_def (inet_ntop)
+libc_hidden_def (__inet_ntop)
+weak_alias (__inet_ntop, inet_ntop)
/* const char *
* inet_ntop4(src, dst, size)

26
glibc-RHEL-44920-4.patch Normal file
View File

@ -0,0 +1,26 @@
commit 3cdb99d8bb9d0008b2b297080e61d6c10dd66cc8
Author: Frédéric Bérat <fberat@redhat.com>
Date: Tue Mar 11 10:40:11 2025 +0100
Add missing guards in include/arpa/inet.h
Add the missing guards in the header, similarly to other headers at the
same level
Reviewed-by: Florian Weimer <fweimer@redhat.com>
diff --git a/include/arpa/inet.h b/include/arpa/inet.h
index d1ea13bb19d4a497..d9e55a3c7f2db9f2 100644
--- a/include/arpa/inet.h
+++ b/include/arpa/inet.h
@@ -1,3 +1,5 @@
+#ifndef _ARPA_INET_H
+/* Note: _ARPA_INET_H is defined by inet/arpa/inet.h below. */
#include <inet/arpa/inet.h>
#ifndef _ISOMAC
@@ -17,3 +19,4 @@ libc_hidden_proto (inet_netof)
extern __typeof (inet_network) __inet_network;
libc_hidden_proto (__inet_network)
#endif
+#endif

277
glibc-RHEL-44920-5.patch Normal file
View File

@ -0,0 +1,277 @@
commit 090dfa40a5e46f7c0e4d6e8369bcbbd51267625f
Author: Frédéric Bérat <fberat@redhat.com>
Date: Fri Mar 7 18:16:30 2025 +0100
Add _FORTIFY_SOURCE support for inet_ntop
- Create the __inet_ntop_chk routine that verifies that the builtin size
of the destination buffer is at least as big as the size given by the
user.
- Redirect calls from inet_ntop to __inet_ntop_chk or __inet_ntop_warn
- Update the abilist for this new routine
- Update the manual to mention the new fortification
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Conflicts:
debug/Makefile (New routine added to static-only-routines
instead of routines)
debug/Versions (Version not updated in the backport)
inet/Makefile (New headers)
manual/maint.texi (Not relevant in current Glibc Version)
*/libc.abilist (Not added in the backport)
inet/bits/inet-fortified-decl.h (Replace __REDIRECT_FORTIFY_NTH
with __REDIRECT_NTH)
inet/bits/inet-fortified.h (removed attribute_overloadable and
clang specific handling)
Note on the changes:
- Since we can't modify the ABI, __inet_ntop_chk has been added to
static-only-routines and `attribute_hidden` has been added to its definition.
- __REDIRECT_FORTIFY* macros aren't available in the current version, since
the patch to enable foritfication on glibc itself hasn't be ported.
- clang specific handling of foritifcation has not been ported, which means the
following had to be removed from the patch:
- use of __attribute_overloadable__
- use of __fortify_clang_* macros
diff --git a/debug/Makefile b/debug/Makefile
index c19c76e2b8564bd2..18be784e86bbaaab 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -116,7 +116,8 @@ routines = \
wprintf_chk \
$(static-only-routines)
# routines
-static-only-routines := stack_chk_fail_local
+static-only-routines := stack_chk_fail_local \
+ inet_ntop_chk \
# Don't add stack_chk_fail_local.o to libc.a since __stack_chk_fail_local
# is an alias of __stack_chk_fail in stack_chk_fail.o.
diff --git a/debug/inet_ntop_chk.c b/debug/inet_ntop_chk.c
new file mode 100644
index 0000000000000000..8a3994dd3fc9bfe4
--- /dev/null
+++ b/debug/inet_ntop_chk.c
@@ -0,0 +1,31 @@
+/* Copyright (C) 2025 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <arpa/inet.h>
+#include <stdio.h>
+
+attribute_hidden
+const char *
+__inet_ntop_chk (int af, const void *src, char *dst,
+ socklen_t size, size_t dst_size)
+{
+ if (size > dst_size)
+ __chk_fail ();
+
+ return inet_ntop (af, src, dst, size);
+}
+libc_hidden_def (__inet_ntop_chk)
diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c
index 01a8703de1e6e09a..50909d0af53da10e 100644
--- a/debug/tst-fortify.c
+++ b/debug/tst-fortify.c
@@ -24,6 +24,7 @@
#include <assert.h>
#include <fcntl.h>
+#include <arpa/inet.h>
#include <limits.h>
#include <locale.h>
#include <obstack.h>
@@ -1762,6 +1763,26 @@ do_test (void)
# endif
#endif
+ struct in6_addr addr6 = {};
+ struct in_addr addr = {};
+ char addrstr6[INET6_ADDRSTRLEN];
+ char addrstr[INET_ADDRSTRLEN];
+
+ if (inet_ntop (AF_INET6, &addr6, addrstr6, sizeof (addrstr6)) == NULL)
+ FAIL ();
+ if (inet_ntop (AF_INET, &addr, addrstr, sizeof (addrstr)) == NULL)
+ FAIL ();
+
+#if __USE_FORTIFY_LEVEL >= 1
+ CHK_FAIL_START
+ inet_ntop (AF_INET6, &addr6, buf, INET6_ADDRSTRLEN);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ inet_ntop (AF_INET, &addr, buf, INET_ADDRSTRLEN);
+ CHK_FAIL_END
+#endif
+
return ret;
}
diff --git a/include/arpa/inet.h b/include/arpa/inet.h
index d9e55a3c7f2db9f2..a02892f48a27454e 100644
--- a/include/arpa/inet.h
+++ b/include/arpa/inet.h
@@ -3,12 +3,18 @@
#include <inet/arpa/inet.h>
#ifndef _ISOMAC
+/* Declare functions with security checks.
+ This needs to be included unconditionally as these definition are needed even
+ when fortification is disabled in inet/arpa/inet.h. */
+#include <bits/inet-fortified-decl.h>
+
/* Variant of inet_aton which rejects trailing garbage. */
extern int __inet_aton_exact (const char *__cp, struct in_addr *__inp);
libc_hidden_proto (__inet_aton_exact)
extern __typeof (inet_ntop) __inet_ntop;
libc_hidden_proto (__inet_ntop)
+libc_hidden_proto (__inet_ntop_chk)
libc_hidden_proto (inet_pton)
extern __typeof (inet_pton) __inet_pton;
diff --git a/include/bits/inet-fortified-decl.h b/include/bits/inet-fortified-decl.h
new file mode 100644
index 0000000000000000..e6ad4d4663c61a0d
--- /dev/null
+++ b/include/bits/inet-fortified-decl.h
@@ -0,0 +1 @@
+#include <inet/bits/inet-fortified-decl.h>
diff --git a/include/bits/inet-fortified.h b/include/bits/inet-fortified.h
new file mode 100644
index 0000000000000000..abba7c57014c2a23
--- /dev/null
+++ b/include/bits/inet-fortified.h
@@ -0,0 +1 @@
+#include <inet/bits/inet-fortified.h>
diff --git a/inet/Makefile b/inet/Makefile
index b7d6e40fb319f52d..ef6b94ed0b519d6d 100644
--- a/inet/Makefile
+++ b/inet/Makefile
@@ -26,6 +26,8 @@ headers := \
$(wildcard arpa/*.h protocols/*.h) \
aliases.h \
bits/in.h \
+ bits/inet-fortified-decl.h \
+ bits/inet-fortified.h \
ifaddrs.h \
netinet/ether.h \
netinet/icmp6.h \
diff --git a/inet/arpa/inet.h b/inet/arpa/inet.h
index 54c9c6d468b66a2f..2ac498061a533a7b 100644
--- a/inet/arpa/inet.h
+++ b/inet/arpa/inet.h
@@ -101,6 +101,11 @@ extern char *inet_nsap_ntoa (int __len, const unsigned char *__cp,
char *__buf) __THROW;
#endif
+#if __USE_FORTIFY_LEVEL > 0 && defined __fortify_function
+/* Include functions with security checks. */
+# include <bits/inet-fortified.h>
+#endif
+
__END_DECLS
#endif /* arpa/inet.h */
diff --git a/inet/bits/inet-fortified-decl.h b/inet/bits/inet-fortified-decl.h
new file mode 100644
index 0000000000000000..229063ae7898ba2d
--- /dev/null
+++ b/inet/bits/inet-fortified-decl.h
@@ -0,0 +1,35 @@
+/* Declarations of checking macros for inet functions.
+ Copyright (C) 2025 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_INET_FORTIFIED_DEC_H
+#define _BITS_INET_FORTIFIED_DEC_H 1
+
+#ifndef _ARPA_INET_H
+# error "Never include <bits/inet-fortified-decl.h> directly; use <arpa/inet.h> instead."
+#endif
+
+extern const char *__inet_ntop_chk (int, const void *, char *, socklen_t, size_t);
+
+extern const char *__REDIRECT_NTH (__inet_ntop_alias,
+ (int, const void *, char *, socklen_t), inet_ntop);
+extern const char *__REDIRECT_NTH (__inet_ntop_chk_warn,
+ (int, const void *, char *, socklen_t, size_t), __inet_ntop_chk)
+ __warnattr ("inet_ntop called with bigger length than "
+ "size of destination buffer");
+
+#endif /* bits/inet-fortified-decl.h. */
diff --git a/inet/bits/inet-fortified.h b/inet/bits/inet-fortified.h
new file mode 100644
index 0000000000000000..af26f36ef6ae0533
--- /dev/null
+++ b/inet/bits/inet-fortified.h
@@ -0,0 +1,37 @@
+/* Checking macros for inet functions.
+ Copyright (C) 2025 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#ifndef _BITS_INET_FORTIFIED_H
+#define _BITS_INET_FORTIFIED_H 1
+
+#ifndef _ARPA_INET_H
+# error "Never include <bits/inet-fortified.h> directly; use <arpa/inet.h> instead."
+#endif
+
+#include <bits/inet-fortified-decl.h>
+
+__fortify_function const char *
+__NTH (inet_ntop (int __af, const void * __restrict __src,
+ char *__restrict __dst, socklen_t __dst_size))
+{
+ return __glibc_fortify (inet_ntop, __dst_size, sizeof (char),
+ __glibc_objsize (__dst),
+ __af, __src, __dst, __dst_size);
+};
+
+#endif /* bits/inet-fortified.h. */

23
glibc-RHEL-44920-6.patch Normal file
View File

@ -0,0 +1,23 @@
commit 7f0d9e61f40c669fca3cfd1e342fa8236c7220b7
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Sat May 20 13:37:47 2023 +0000
Fix all the remaining misspellings -- BZ 25337
Note on the changes:
- Partial backport, the only file modified is `resolv/inet_pton.c` to
ease further backport for RHEL-44920.
diff --git a/resolv/inet_pton.c b/resolv/inet_pton.c
index f1d5db75d0d47501..835f364794c1be96 100644
--- a/resolv/inet_pton.c
+++ b/resolv/inet_pton.c
@@ -121,7 +121,7 @@ inet_pton4 (const char *src, const char *end, unsigned char *dst)
return 1;
}
-/* Return the value of CH as a hexademical digit, or -1 if it is a
+/* Return the value of CH as a hexadecimal digit, or -1 if it is a
different type of character. */
static int
hex_digit_value (char ch)

471
glibc-RHEL-44920-7.patch Normal file
View File

@ -0,0 +1,471 @@
commit a71db81ed1353edd00ca2901d2fefd98c53209d3
Author: Aaron Merey <amerey@redhat.com>
Date: Thu Mar 20 11:07:05 2025 -0400
Prepare inet_pton to be fortified
Split inet_pton internals such as __inet_pton_length from the
inet_pton entry point.
This allows the internals to be built with fortification while
leaving the inet_pton entry point unchanged.
Co-authored-by: Frédéric Bérat <fberat@redhat.com>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
diff --git a/resolv/Makefile b/resolv/Makefile
index e168a81d9e086df4..f3f5c260d0b7471f 100644
--- a/resolv/Makefile
+++ b/resolv/Makefile
@@ -38,6 +38,7 @@ routines := \
inet_addr \
inet_ntop \
inet_pton \
+ inet_pton_length \
ns_makecanon \
ns_name_compress \
ns_name_length_uncompressed \
@@ -73,6 +74,11 @@ routines := \
resolv_context \
# routines
+# Exclude fortified routines from being built with _FORTIFY_SOURCE
+routines_no_fortify += \
+ inet_pton \
+ # routines_no_fortify
+
tests = tst-aton tst-leaks tst-inet_ntop
tests-container = tst-leaks2
diff --git a/resolv/inet_pton.c b/resolv/inet_pton.c
index 835f364794c1be96..cebccb2e1ee7bfd1 100644
--- a/resolv/inet_pton.c
+++ b/resolv/inet_pton.c
@@ -33,33 +33,7 @@
*/
#include <arpa/inet.h>
-#include <arpa/nameser.h>
-#include <ctype.h>
-#include <errno.h>
-#include <netinet/in.h>
#include <resolv/resolv-internal.h>
-#include <string.h>
-#include <sys/socket.h>
-#include <sys/types.h>
-
-static int inet_pton4 (const char *src, const char *src_end, u_char *dst);
-static int inet_pton6 (const char *src, const char *src_end, u_char *dst);
-
-int
-__inet_pton_length (int af, const char *src, size_t srclen, void *dst)
-{
- switch (af)
- {
- case AF_INET:
- return inet_pton4 (src, src + srclen, dst);
- case AF_INET6:
- return inet_pton6 (src, src + srclen, dst);
- default:
- __set_errno (EAFNOSUPPORT);
- return -1;
- }
-}
-libc_hidden_def (__inet_pton_length)
/* Like __inet_pton_length, but use strlen (SRC) as the length of
SRC. */
@@ -71,164 +45,3 @@ __inet_pton (int af, const char *src, void *dst)
libc_hidden_def (__inet_pton)
weak_alias (__inet_pton, inet_pton)
libc_hidden_weak (inet_pton)
-
-/* Like inet_aton but without all the hexadecimal, octal and shorthand
- (and trailing garbage is not ignored). Return 1 if SRC is a valid
- dotted quad, else 0. This function does not touch DST unless it's
- returning 1.
- Author: Paul Vixie, 1996. */
-static int
-inet_pton4 (const char *src, const char *end, unsigned char *dst)
-{
- int saw_digit, octets, ch;
- unsigned char tmp[NS_INADDRSZ], *tp;
-
- saw_digit = 0;
- octets = 0;
- *(tp = tmp) = 0;
- while (src < end)
- {
- ch = *src++;
- if (ch >= '0' && ch <= '9')
- {
- unsigned int new = *tp * 10 + (ch - '0');
-
- if (saw_digit && *tp == 0)
- return 0;
- if (new > 255)
- return 0;
- *tp = new;
- if (! saw_digit)
- {
- if (++octets > 4)
- return 0;
- saw_digit = 1;
- }
- }
- else if (ch == '.' && saw_digit)
- {
- if (octets == 4)
- return 0;
- *++tp = 0;
- saw_digit = 0;
- }
- else
- return 0;
- }
- if (octets < 4)
- return 0;
- memcpy (dst, tmp, NS_INADDRSZ);
- return 1;
-}
-
-/* Return the value of CH as a hexadecimal digit, or -1 if it is a
- different type of character. */
-static int
-hex_digit_value (char ch)
-{
- if ('0' <= ch && ch <= '9')
- return ch - '0';
- if ('a' <= ch && ch <= 'f')
- return ch - 'a' + 10;
- if ('A' <= ch && ch <= 'F')
- return ch - 'A' + 10;
- return -1;
-}
-
-/* Convert presentation-level IPv6 address to network order binary
- form. Return 1 if SRC is a valid [RFC1884 2.2] address, else 0.
- This function does not touch DST unless it's returning 1.
- Author: Paul Vixie, 1996. Inspired by Mark Andrews. */
-static int
-inet_pton6 (const char *src, const char *src_endp, unsigned char *dst)
-{
- unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
- const char *curtok;
- int ch;
- size_t xdigits_seen; /* Number of hex digits since colon. */
- unsigned int val;
-
- tp = memset (tmp, '\0', NS_IN6ADDRSZ);
- endp = tp + NS_IN6ADDRSZ;
- colonp = NULL;
-
- /* Leading :: requires some special handling. */
- if (src == src_endp)
- return 0;
- if (*src == ':')
- {
- ++src;
- if (src == src_endp || *src != ':')
- return 0;
- }
-
- curtok = src;
- xdigits_seen = 0;
- val = 0;
- while (src < src_endp)
- {
- ch = *src++;
- int digit = hex_digit_value (ch);
- if (digit >= 0)
- {
- if (xdigits_seen == 4)
- return 0;
- val <<= 4;
- val |= digit;
- if (val > 0xffff)
- return 0;
- ++xdigits_seen;
- continue;
- }
- if (ch == ':')
- {
- curtok = src;
- if (xdigits_seen == 0)
- {
- if (colonp)
- return 0;
- colonp = tp;
- continue;
- }
- else if (src == src_endp)
- return 0;
- if (tp + NS_INT16SZ > endp)
- return 0;
- *tp++ = (unsigned char) (val >> 8) & 0xff;
- *tp++ = (unsigned char) val & 0xff;
- xdigits_seen = 0;
- val = 0;
- continue;
- }
- if (ch == '.' && ((tp + NS_INADDRSZ) <= endp)
- && inet_pton4 (curtok, src_endp, tp) > 0)
- {
- tp += NS_INADDRSZ;
- xdigits_seen = 0;
- break; /* '\0' was seen by inet_pton4. */
- }
- return 0;
- }
- if (xdigits_seen > 0)
- {
- if (tp + NS_INT16SZ > endp)
- return 0;
- *tp++ = (unsigned char) (val >> 8) & 0xff;
- *tp++ = (unsigned char) val & 0xff;
- }
- if (colonp != NULL)
- {
- /* Replace :: with zeros. */
- if (tp == endp)
- /* :: would expand to a zero-width field. */
- return 0;
- size_t n = tp - colonp;
- memmove (endp - n, colonp, n);
- memset (colonp, 0, endp - n - colonp);
- tp = endp;
- }
- if (tp != endp)
- return 0;
- memcpy (dst, tmp, NS_IN6ADDRSZ);
- return 1;
-}
diff --git a/resolv/inet_pton_length.c b/resolv/inet_pton_length.c
new file mode 100644
index 0000000000000000..c3614074a47140c1
--- /dev/null
+++ b/resolv/inet_pton_length.c
@@ -0,0 +1,223 @@
+/* Copyright (C) 1996-2025 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+/*
+ * Copyright (c) 1996,1999 by Internet Software Consortium.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND INTERNET SOFTWARE CONSORTIUM DISCLAIMS
+ * ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL INTERNET SOFTWARE
+ * CONSORTIUM BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
+ * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
+ * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
+ * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
+ * SOFTWARE.
+ */
+
+#include <arpa/inet.h>
+#include <arpa/nameser.h>
+#include <ctype.h>
+#include <errno.h>
+#include <netinet/in.h>
+#include <resolv/resolv-internal.h>
+#include <string.h>
+#include <sys/socket.h>
+#include <sys/types.h>
+
+static int inet_pton4 (const char *src, const char *src_end, u_char *dst);
+static int inet_pton6 (const char *src, const char *src_end, u_char *dst);
+
+int
+__inet_pton_length (int af, const char *src, size_t srclen, void *dst)
+{
+ switch (af)
+ {
+ case AF_INET:
+ return inet_pton4 (src, src + srclen, dst);
+ case AF_INET6:
+ return inet_pton6 (src, src + srclen, dst);
+ default:
+ __set_errno (EAFNOSUPPORT);
+ return -1;
+ }
+}
+libc_hidden_def (__inet_pton_length)
+
+/* Like inet_aton but without all the hexadecimal, octal and shorthand
+ (and trailing garbage is not ignored). Return 1 if SRC is a valid
+ dotted quad, else 0. This function does not touch DST unless it's
+ returning 1.
+ Author: Paul Vixie, 1996. */
+static int
+inet_pton4 (const char *src, const char *end, unsigned char *dst)
+{
+ int saw_digit, octets, ch;
+ unsigned char tmp[NS_INADDRSZ], *tp;
+
+ saw_digit = 0;
+ octets = 0;
+ *(tp = tmp) = 0;
+ while (src < end)
+ {
+ ch = *src++;
+ if (ch >= '0' && ch <= '9')
+ {
+ unsigned int new = *tp * 10 + (ch - '0');
+
+ if (saw_digit && *tp == 0)
+ return 0;
+ if (new > 255)
+ return 0;
+ *tp = new;
+ if (! saw_digit)
+ {
+ if (++octets > 4)
+ return 0;
+ saw_digit = 1;
+ }
+ }
+ else if (ch == '.' && saw_digit)
+ {
+ if (octets == 4)
+ return 0;
+ *++tp = 0;
+ saw_digit = 0;
+ }
+ else
+ return 0;
+ }
+ if (octets < 4)
+ return 0;
+ memcpy (dst, tmp, NS_INADDRSZ);
+ return 1;
+}
+
+/* Return the value of CH as a hexadecimal digit, or -1 if it is a
+ different type of character. */
+static int
+hex_digit_value (char ch)
+{
+ if ('0' <= ch && ch <= '9')
+ return ch - '0';
+ if ('a' <= ch && ch <= 'f')
+ return ch - 'a' + 10;
+ if ('A' <= ch && ch <= 'F')
+ return ch - 'A' + 10;
+ return -1;
+}
+
+/* Convert presentation-level IPv6 address to network order binary
+ form. Return 1 if SRC is a valid [RFC1884 2.2] address, else 0.
+ This function does not touch DST unless it's returning 1.
+ Author: Paul Vixie, 1996. Inspired by Mark Andrews. */
+static int
+inet_pton6 (const char *src, const char *src_endp, unsigned char *dst)
+{
+ unsigned char tmp[NS_IN6ADDRSZ], *tp, *endp, *colonp;
+ const char *curtok;
+ int ch;
+ size_t xdigits_seen; /* Number of hex digits since colon. */
+ unsigned int val;
+
+ tp = memset (tmp, '\0', NS_IN6ADDRSZ);
+ endp = tp + NS_IN6ADDRSZ;
+ colonp = NULL;
+
+ /* Leading :: requires some special handling. */
+ if (src == src_endp)
+ return 0;
+ if (*src == ':')
+ {
+ ++src;
+ if (src == src_endp || *src != ':')
+ return 0;
+ }
+
+ curtok = src;
+ xdigits_seen = 0;
+ val = 0;
+ while (src < src_endp)
+ {
+ ch = *src++;
+ int digit = hex_digit_value (ch);
+ if (digit >= 0)
+ {
+ if (xdigits_seen == 4)
+ return 0;
+ val <<= 4;
+ val |= digit;
+ if (val > 0xffff)
+ return 0;
+ ++xdigits_seen;
+ continue;
+ }
+ if (ch == ':')
+ {
+ curtok = src;
+ if (xdigits_seen == 0)
+ {
+ if (colonp)
+ return 0;
+ colonp = tp;
+ continue;
+ }
+ else if (src == src_endp)
+ return 0;
+ if (tp + NS_INT16SZ > endp)
+ return 0;
+ *tp++ = (unsigned char) (val >> 8) & 0xff;
+ *tp++ = (unsigned char) val & 0xff;
+ xdigits_seen = 0;
+ val = 0;
+ continue;
+ }
+ if (ch == '.' && ((tp + NS_INADDRSZ) <= endp)
+ && inet_pton4 (curtok, src_endp, tp) > 0)
+ {
+ tp += NS_INADDRSZ;
+ xdigits_seen = 0;
+ break; /* '\0' was seen by inet_pton4. */
+ }
+ return 0;
+ }
+ if (xdigits_seen > 0)
+ {
+ if (tp + NS_INT16SZ > endp)
+ return 0;
+ *tp++ = (unsigned char) (val >> 8) & 0xff;
+ *tp++ = (unsigned char) val & 0xff;
+ }
+ if (colonp != NULL)
+ {
+ /* Replace :: with zeros. */
+ if (tp == endp)
+ /* :: would expand to a zero-width field. */
+ return 0;
+ size_t n = tp - colonp;
+ memmove (endp - n, colonp, n);
+ memset (colonp, 0, endp - n - colonp);
+ tp = endp;
+ }
+ if (tp != endp)
+ return 0;
+ memcpy (dst, tmp, NS_IN6ADDRSZ);
+ return 1;
+}

176
glibc-RHEL-44920-8.patch Normal file
View File

@ -0,0 +1,176 @@
commit e3a6e85d67f1a48dec3e2557a83d6ce1544a58cb
Author: Aaron Merey <amerey@redhat.com>
Date: Thu Mar 20 13:13:33 2025 -0400
Add _FORTIFY_SOURCE support for inet_pton
Add function __inet_pton_chk which calls __chk_fail when the size of
argument dst is too small. inet_pton is redirected to __inet_pton_chk
or __inet_pton_warn when _FORTIFY_SOURCE is > 0.
Also add tests to debug/tst-fortify.c, update the abilist with
__inet_pton_chk and mention inet_pton fortification in maint.texi.
Co-authored-by: Frédéric Bérat <fberat@redhat.com>
Reviewed-by: Florian Weimer <fweimer@redhat.com>
Conflicts:
debug/Makefile (New routine added to static-only-routines
instead of routines)
debug/Versions (Not added in the backport)
manual/maint.texi (Not relevant for this version)
*/libc.abilist (Not added in the backport)
inet/bits/inet-fortified-decl.h (Replace __REDIRECT_FORTIFY_NTH
with __REDIRECT_NTH)
inet/bits/inet-fortified.h (removed attribute_overloadable and
clang specific handling)
Note on the changes:
- Since we can't modify the ABI, __inet_pton_chk has been added to
static-only-routines and `attribute_hidden` has been added to its definition.
- __REDIRECT_FORTIFY* macros aren't available in the current version, since
the patch to enable foritfication on glibc itself hasn't be ported.
- clang specific handling of foritifcation has not been ported, which means the
following had to be removed from the patch:
- use of __attribute_overloadable__
- use of __fortify_clang_* macros
diff --git a/debug/Makefile b/debug/Makefile
index 18be784e86bbaaab..c6ca9946d5fb5d19 100644
--- a/debug/Makefile
+++ b/debug/Makefile
@@ -118,6 +118,7 @@ routines = \
# routines
static-only-routines := stack_chk_fail_local \
inet_ntop_chk \
+ inet_pton_chk \
# Don't add stack_chk_fail_local.o to libc.a since __stack_chk_fail_local
# is an alias of __stack_chk_fail in stack_chk_fail.o.
diff --git a/debug/inet_pton_chk.c b/debug/inet_pton_chk.c
new file mode 100644
index 0000000000000000..c9e4fd4683900141
--- /dev/null
+++ b/debug/inet_pton_chk.c
@@ -0,0 +1,31 @@
+/* Copyright (C) 2025 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, see
+ <https://www.gnu.org/licenses/>. */
+
+#include <arpa/inet.h>
+#include <stdio.h>
+
+attribute_hidden
+int
+__inet_pton_chk (int af, const char *src, void *dst, size_t dst_size)
+{
+ if ((af == AF_INET && dst_size < 4)
+ || (af == AF_INET6 && dst_size < 16))
+ __chk_fail ();
+
+ return inet_pton (af, src, dst);
+}
+libc_hidden_def (__inet_pton_chk)
diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c
index 50909d0af53da10e..a87793e44ee36363 100644
--- a/debug/tst-fortify.c
+++ b/debug/tst-fortify.c
@@ -1783,6 +1783,30 @@ do_test (void)
CHK_FAIL_END
#endif
+ const char *ipv4str = "127.0.0.1";
+ const char *ipv6str = "::1";
+
+ if (inet_pton (AF_INET, ipv4str, (void *) &addr) != 1)
+ FAIL ();
+ if (inet_pton (AF_INET6, ipv6str, (void *) &addr6) != 1)
+ FAIL ();
+
+#if __USE_FORTIFY_LEVEL >= 1
+ char smallbuf[2];
+
+ CHK_FAIL_START
+ inet_pton (AF_INET, ipv4str, (void *) smallbuf);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ inet_pton (AF_INET6, ipv6str, (void *) smallbuf);
+ CHK_FAIL_END
+
+ CHK_FAIL_START
+ inet_pton (AF_INET6, ipv6str, (void *) &addr);
+ CHK_FAIL_END
+#endif
+
return ret;
}
diff --git a/include/arpa/inet.h b/include/arpa/inet.h
index a02892f48a27454e..3db8f1a96fdbd6fd 100644
--- a/include/arpa/inet.h
+++ b/include/arpa/inet.h
@@ -19,6 +19,8 @@ libc_hidden_proto (__inet_ntop_chk)
libc_hidden_proto (inet_pton)
extern __typeof (inet_pton) __inet_pton;
libc_hidden_proto (__inet_pton)
+libc_hidden_proto (__inet_pton_chk)
+
extern __typeof (inet_makeaddr) __inet_makeaddr;
libc_hidden_proto (__inet_makeaddr)
libc_hidden_proto (inet_netof)
diff --git a/inet/bits/inet-fortified-decl.h b/inet/bits/inet-fortified-decl.h
index 229063ae7898ba2d..189d35aee8bacab1 100644
--- a/inet/bits/inet-fortified-decl.h
+++ b/inet/bits/inet-fortified-decl.h
@@ -32,4 +32,11 @@ extern const char *__REDIRECT_NTH (__inet_ntop_chk_warn,
__warnattr ("inet_ntop called with bigger length than "
"size of destination buffer");
+extern int __inet_pton_chk (int, const char *, void *, size_t);
+
+extern int __REDIRECT_NTH (__inet_pton_alias,
+ (int, const char *, void *), inet_pton);
+extern int __REDIRECT_NTH (__inet_pton_chk_warn,
+ (int, const char *, void *, size_t), __inet_pton_chk)
+ __warnattr ("inet_pton called with a destination buffer size too small");
#endif /* bits/inet-fortified-decl.h. */
diff --git a/inet/bits/inet-fortified.h b/inet/bits/inet-fortified.h
index af26f36ef6ae0533..8420a4b7fb41086f 100644
--- a/inet/bits/inet-fortified.h
+++ b/inet/bits/inet-fortified.h
@@ -34,4 +34,21 @@ __NTH (inet_ntop (int __af, const void * __restrict __src,
__af, __src, __dst, __dst_size);
};
+__fortify_function int
+__NTH (inet_pton (int __af, const char *__restrict __src,
+ void * __restrict __dst))
+{
+ size_t sz = 0;
+ if (__af == AF_INET)
+ sz = sizeof (struct in_addr);
+ else if (__af == AF_INET6)
+ sz = sizeof (struct in6_addr);
+ else
+ return __inet_pton_alias (__af, __src, __dst);
+
+ return __glibc_fortify (inet_pton, sz, sizeof (char),
+ __glibc_objsize (__dst),
+ __af, __src, __dst);
+};
+
#endif /* bits/inet-fortified.h. */

View File

@ -157,7 +157,7 @@ end \
Summary: The GNU libc libraries
Name: glibc
Version: %{glibcversion}
Release: 182%{?dist}
Release: 183%{?dist}
# In general, GPLv2+ is used by programs, LGPLv2+ is used for
# libraries.
@ -1158,6 +1158,14 @@ Patch850: glibc-RHEL-80538-1.patch
Patch851: glibc-RHEL-80538-2.patch
Patch852: glibc-RHEL-80538-3.patch
Patch853: glibc-RHEL-80538-4.patch
Patch854: glibc-RHEL-44920-1.patch
Patch855: glibc-RHEL-44920-2.patch
Patch856: glibc-RHEL-44920-3.patch
Patch857: glibc-RHEL-44920-4.patch
Patch858: glibc-RHEL-44920-5.patch
Patch859: glibc-RHEL-44920-6.patch
Patch860: glibc-RHEL-44920-7.patch
Patch861: glibc-RHEL-44920-8.patch
##############################################################################
# Continued list of core "glibc" package information:
@ -3151,6 +3159,9 @@ update_gconv_modules_cache ()
%endif
%changelog
* Mon Mar 31 2025 Frédéric Bérat <fberat@redhat.com> - 2.34-183
- Fortify inet_ntop and inet_pton (RHEL-44920)
* Thu Mar 27 2025 Arjun Shankar <arjun@redhat.com> - 2.34-182
- Improve printf fortification against %n in writeable memory (RHEL-80538)