rpms/glibc
7
0
Fork 1
Code Issues Pull Requests Releases Activity

Merge remote-tracking branch 'origin/f16'

Browse Source
This commit is contained in:
Jeff Law 2011-12-19 05:19:27 +00:00
commit 51c5ad2484
2 changed files with 90 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
glibc-rh767696.patch Normal file
View File

@ -0,0 +1,82 @@
commit 97ac2654b2d831acaa18a2b018b0736245903fd2
Author: Ulrich Drepper <drepper@gmail.com>
Date: Sat Dec 17 20:18:42 2011 -0500
Check values from TZ file header
[BZ #13506]
* time/tzfile.c (__tzfile_read): Check values from file header.
diff --git a/time/tzfile.c b/time/tzfile.c
index 144e20b..402389c 100644
--- a/time/tzfile.c
+++ b/time/tzfile.c
@@ -234,23 +234,58 @@ __tzfile_read (const char *file, size_t extra, char **extrap)
goto read_again;
}
+ if (__builtin_expect (num_transitions
+ > ((SIZE_MAX - (__alignof__ (struct ttinfo) - 1))
+ / (sizeof (time_t) + 1)), 0))
+ goto lose;
total_size = num_transitions * (sizeof (time_t) + 1);
total_size = ((total_size + __alignof__ (struct ttinfo) - 1)
& ~(__alignof__ (struct ttinfo) - 1));
types_idx = total_size;
- total_size += num_types * sizeof (struct ttinfo) + chars;
+ if (__builtin_expect (num_types
+ > (SIZE_MAX - total_size) / sizeof (struct ttinfo), 0))
+ goto lose;
+ total_size += num_types * sizeof (struct ttinfo);
+ if (__builtin_expect (chars > SIZE_MAX - total_size, 0))
+ goto lose;
+ total_size += chars;
+ if (__builtin_expect (__alignof__ (struct leap) - 1
+ > SIZE_MAX - total_size, 0))
+ goto lose;
total_size = ((total_size + __alignof__ (struct leap) - 1)
& ~(__alignof__ (struct leap) - 1));
leaps_idx = total_size;
+ if (__builtin_expect (num_leaps
+ > (SIZE_MAX - total_size) / sizeof (struct leap), 0))
+ goto lose;
total_size += num_leaps * sizeof (struct leap);
- tzspec_len = (sizeof (time_t) == 8 && trans_width == 8
- ? st.st_size - (ftello (f)
- + num_transitions * (8 + 1)
- + num_types * 6
- + chars
- + num_leaps * 12
- + num_isstd
- + num_isgmt) - 1 : 0);
+ tzspec_len = 0;
+ if (sizeof (time_t) == 8 && trans_width == 8)
+ {
+ off_t rem = st.st_size - ftello (f);
+ if (__builtin_expect (rem < 0
+ || (size_t) rem < (num_transitions * (8 + 1)
+ + num_types * 6
+ + chars), 0))
+ goto lose;
+ tzspec_len = (size_t) rem - (num_transitions * (8 + 1)
+ + num_types * 6
+ + chars);
+ if (__builtin_expect (num_leaps > SIZE_MAX / 12
+ || tzspec_len < num_leaps * 12, 0))
+ goto lose;
+ tzspec_len -= num_leaps * 12;
+ if (__builtin_expect (tzspec_len < num_isstd, 0))
+ goto lose;
+ tzspec_len -= num_isstd;
+ if (__builtin_expect (tzspec == 0 || tzspec_len - 1 < num_isgmt, 0))
+ goto lose;
+ tzspec_len -= num_isgmt + 1;
+ if (__builtin_expect (SIZE_MAX - total_size < tzspec_len, 0))
+ goto lose;
+ }
+ if (__builtin_expect (SIZE_MAX - total_size - tzspec_len < extra, 0))
+ goto lose;
/* Allocate enough memory including the extra block requested by the
caller. */

12
glibc.spec
View File

@ -28,7 +28,7 @@
Summary: The GNU libc libraries Summary: The GNU libc libraries
Name: glibc Name: glibc
Version: %{glibcversion} Version: %{glibcversion}
Release: 24%{?dist} Release: 24%{?dist}.2
# GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries. # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
# Things that are linked directly into dynamically linked programs # Things that are linked directly into dynamically linked programs
# and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@ -54,6 +54,7 @@ Patch10: %{name}-rh750811.patch
Patch11: %{name}-rh758252.patch Patch11: %{name}-rh758252.patch
Patch12: %{name}-rh767746.patch Patch12: %{name}-rh767746.patch
Patch13: %{name}-rh552960.patch Patch13: %{name}-rh552960.patch
Patch14: %{name}-rh767696.patch
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Obsoletes: glibc-profile < 2.4 Obsoletes: glibc-profile < 2.4
Obsoletes: nss_db Obsoletes: nss_db
@ -284,6 +285,7 @@ rm -rf %{glibcportsdir}
%patch11 -p1 %patch11 -p1
%patch12 -p1 %patch12 -p1
%patch13 -p1 %patch13 -p1
%patch14 -p1
# A lot of programs still misuse memcpy when they have to use # A lot of programs still misuse memcpy when they have to use
# memmove. The memcpy implementation below is not tolerant at # memmove. The memcpy implementation below is not tolerant at
@ -1136,10 +1138,12 @@ rm -f *.filelist*
%endif %endif
%changelog %changelog
* Thu Dec 15 2011 Jeff Law <law@redhat.com> - 2.14.90-24 * Sun Dec 18 2011 Jeff Law <law@redhat.com> - 2.14.90-24.fc16.2
- Check values from TZ file header (#767696)
- Handle EAGAIN from FUTEX_WAIT_REQUEUE_PI (#552960) - Handle EAGAIN from FUTEX_WAIT_REQUEUE_PI (#552960)
- Add {dist} - Add {dist}.#
- Correct return value from pthread_create when stack alloction fails. - Correct return value from pthread_create when stack alloction fails.
(#767746)
* Wed Dec 7 2011 Jeff Law <law@redhat.com> - 2.14.90-23 * Wed Dec 7 2011 Jeff Law <law@redhat.com> - 2.14.90-23
- Fix a wrong constant in powerpc hypot implementation (#750811) - Fix a wrong constant in powerpc hypot implementation (#750811)
@ -1148,7 +1152,7 @@ rm -f *.filelist*
- Truncate time values in Linux futimes when falling back to utime - Truncate time values in Linux futimes when falling back to utime
* Mon Dec 5 2011 Jeff Law <law@redhat.com> - 2.14.90-22 * Mon Dec 5 2011 Jeff Law <law@redhat.com> - 2.14.90-22
- Mark fortified __FD_ELT as extension - Mark fortified __FD_ELT as extension (#761021)
- Fix typo in manual (#708455) - Fix typo in manual (#708455)
* Wed Nov 30 2011 Jeff Law <law@redhat.com> - 2.14.90-21 * Wed Nov 30 2011 Jeff Law <law@redhat.com> - 2.14.90-21