Auto-sync with upstream branch release/2.37/master

Upstream commit: a704fd9a133bfb10510e18702f48a6a9c88dbbd5:

- Create ChangeLog.old/ChangeLog.26. (tag: glibc-2.37)
- Prepare for glibc 2.37 release.
- x86: Fix strncat-avx2.S reading past length [BZ #30065]
- Update install.texi, and regenerate INSTALL.
- Update manual/contrib.texi.
- Update NEWS file with bug fixes.
- Regenerate configure.
- Update all PO files in preparation for release.
- doc: correct _FORTIFY_SOURCE doc in features.h
- libio: Update number of written bytes in dprintf implementation

- Drop already included glibc-dprintf-length.patch patch.
- Apply glibc-printf-grouping-swbz30068.patch to fix swbz#30068.

glibc-dprintf-length.patch

@@ -1,87 +0,0 @@
-Author: Florian Weimer <fweimer@redhat.com>
-Date:   Tue Jan 31 09:44:16 2023 +0100
-
-    libio: Update number of written bytes in dprintf implementation
-    
-    The __printf_buffer_flush_dprintf function needs to record that
-    the buffer has been written before reusing it.  Without this
-    accounting, dprintf always returns zero.
-    
-    Fixes commit 8ece45e4f586abd212d1c02d74d38ef681a45600
-    ("libio: Convert __vdprintf_internal to buffers").
-
-diff --git a/libio/iovdprintf.c b/libio/iovdprintf.c
-index fb359d263de3428c..d9fa886fdf3e2f53 100644
---- a/libio/iovdprintf.c
-+++ b/libio/iovdprintf.c
-@@ -54,6 +54,7 @@ __printf_buffer_flush_dprintf (struct __printf_buffer_dprintf *buf)
- 	}
-       p += ret;
-     }
-+  buf->base.written += buf->base.write_ptr - buf->base.write_base;
-   buf->base.write_ptr = buf->buf;
- }
- 
-diff --git a/stdio-common/Makefile b/stdio-common/Makefile
-index da3034d847578074..34fdd6d1f890c282 100644
---- a/stdio-common/Makefile
-+++ b/stdio-common/Makefile
-@@ -180,6 +180,7 @@ tests := \
-   tst-bz11319 \
-   tst-bz11319-fortify2 \
-   tst-cookie \
-+  tst-dprintf-length \
-   tst-fdopen \
-   tst-ferror \
-   tst-fgets \
-diff --git a/stdio-common/tst-dprintf-length.c b/stdio-common/tst-dprintf-length.c
-new file mode 100644
-index 0000000000000000..abe2caf45aa46255
---- /dev/null
-+++ b/stdio-common/tst-dprintf-length.c
-@@ -0,0 +1,45 @@
-+/* Test that dprintf returns the expected length.
-+   Copyright (C) 2023 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   <https://www.gnu.org/licenses/>.  */
-+
-+#include <stdio.h>
-+#include <string.h>
-+#include <support/check.h>
-+#include <sys/socket.h>
-+#include <unistd.h>
-+
-+static int
-+do_test (void)
-+{
-+  /* Use a datagram socket to check that everything arrives in one packet.
-+     The dprintf function should perform a single write call.  */
-+  int fds[2];
-+  TEST_VERIFY_EXIT (socketpair (AF_LOCAL, SOCK_DGRAM, 0, fds) == 0);
-+
-+  TEST_COMPARE (dprintf (fds[0], "(%d)%s[%d]", 123, "---", 4567), 14);
-+
-+  char buf[32];
-+  ssize_t ret = read (fds[1], buf, sizeof (buf));
-+  TEST_VERIFY_EXIT (ret > 0);
-+  TEST_COMPARE_BLOB (buf, ret, "(123)---[4567]", strlen ("(123)---[4567]"));
-+
-+  close (fds[1]);
-+  close (fds[0]);
-+  return 0;
-+}
-+
-+#include <support/test-driver.c>

glibc-printf-grouping-swbz30068.patch

@@ -0,0 +1,251 @@
+From patchwork Sat Feb  4 19:18:18 2023
+Content-Type: text/plain; charset="utf-8"
+MIME-Version: 1.0
+Content-Transfer-Encoding: 7bit
+X-Patchwork-Submitter: Carlos O'Donell <carlos@redhat.com>
+X-Patchwork-Id: 64300
+Return-Path: <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
+X-Original-To: patchwork@sourceware.org
+Delivered-To: patchwork@sourceware.org
+Received: from server2.sourceware.org (localhost [IPv6:::1])
+	by sourceware.org (Postfix) with ESMTP id 1E3783858416
+	for <patchwork@sourceware.org>; Sat,  4 Feb 2023 19:18:52 +0000 (GMT)
+DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 1E3783858416
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
+	s=default; t=1675538332;
+	bh=ev1PZp1lPGlzKeweIk3q4xVTmUQzrL9YB8sSN3CDPGI=;
+	h=To:Cc:Subject:Date:List-Id:List-Unsubscribe:List-Archive:
+	 List-Post:List-Help:List-Subscribe:From:Reply-To:From;
+	b=gVK+gGFxbFhWd805R+5sQA5HNeITdBYl1WOP1gGc0LVK5DXQXscDWv5DUzc2enmAO
+	 YCM+oRk05vkRo9M67CB/JSVQHPMPWxYZMFy8tiEnsWaoUn1Ubzbh4WhlflaJ6RXQH1
+	 UY8VxbcEGSJ1X9P2F1N2PfVzXAVx+jKaw54zUjgM=
+X-Original-To: libc-alpha@sourceware.org
+Delivered-To: libc-alpha@sourceware.org
+Received: from us-smtp-delivery-124.mimecast.com
+ (us-smtp-delivery-124.mimecast.com [170.10.129.124])
+ by sourceware.org (Postfix) with ESMTPS id BD9823858C52
+ for <libc-alpha@sourceware.org>; Sat,  4 Feb 2023 19:18:29 +0000 (GMT)
+DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org BD9823858C52
+Received: from mail-il1-f198.google.com (mail-il1-f198.google.com
+ [209.85.166.198]) by relay.mimecast.com with ESMTP with STARTTLS
+ (version=TLSv1.3, cipher=TLS_AES_128_GCM_SHA256) id
+ us-mta-5-fCl4d0eFMiWLl_g1FnziVw-1; Sat, 04 Feb 2023 14:18:28 -0500
+X-MC-Unique: fCl4d0eFMiWLl_g1FnziVw-1
+Received: by mail-il1-f198.google.com with SMTP id
+ g5-20020a92d7c5000000b00310afb74005so5539060ilq.11
+ for <libc-alpha@sourceware.org>; Sat, 04 Feb 2023 11:18:28 -0800 (PST)
+X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
+ d=1e100.net; s=20210112;
+ h=content-transfer-encoding:mime-version:message-id:date:subject:cc
+ :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
+ :reply-to;
+ bh=ev1PZp1lPGlzKeweIk3q4xVTmUQzrL9YB8sSN3CDPGI=;
+ b=tl7WZimMrU5gBmgilpePq9lbsuZlOQwwY0KeYZpbd/T+692xWkEZhGF/fkBr6K2LNx
+ 8sb7O1KNQe02TuQ5ig3yBW8jGp9yc02CE6fX0BcwMxawMT9IK2VVoYp9GVxy7wgKFEJ1
+ orSp89XChlX043URfVgOgCvm7xtx2fxwGS7OnHlh5lJpAhr4aEEZKgsl69N8hqwk9pF4
+ wK4xM1mOippqpeygkMInQNnXH9pkWCX4hSpQhm/LCEDyQTzTqhrZaXGdUjVjeALxI8x1
+ PWH4imIEkg3nlvvljx3zggIAo/AsKeknImMZS2U2HfDYzeU3Hx2RE/7zffvTPqnCtazP
+ UWQg==
+X-Gm-Message-State: AO0yUKXcQuxnJj5ISa8S1GLlC18MWrNZp420TrDgJU/6XqBk1odax3Y2
+ Jxr96VNG1XzAEoDJuiKiobM01CCBh3g3w409MtLbDPQbMGN0fMloKfaYUT2/rWmsIEKNClPBO5y
+ QBixY74o9d0/jQpuChclU1efeTpIFAaf2mvRewQvqxmUtPItNGrvVdL4NvGEbbm3dVd+2XA==
+X-Received: by 2002:a92:c74d:0:b0:312:38c7:4edd with SMTP id
+ y13-20020a92c74d000000b0031238c74eddmr6342569ilp.16.1675538306991;
+ Sat, 04 Feb 2023 11:18:26 -0800 (PST)
+X-Google-Smtp-Source: 
+ AK7set+FFpHvm1nuhzbv/wXEJCsopqy5NpBLAQ1LjhTNYe12eslN33i9HSvuPU5Z+hH+4ZdFsBz14Q==
+X-Received: by 2002:a92:c74d:0:b0:312:38c7:4edd with SMTP id
+ y13-20020a92c74d000000b0031238c74eddmr6342554ilp.16.1675538306499;
+ Sat, 04 Feb 2023 11:18:26 -0800 (PST)
+Received: from localhost.localdomain (192-0-145-146.cpe.teksavvy.com.
+ [192.0.145.146]) by smtp.gmail.com with ESMTPSA id
+ q5-20020a056638238500b00374fa5b600csm1978655jat.0.2023.02.04.11.18.25
+ (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
+ Sat, 04 Feb 2023 11:18:25 -0800 (PST)
+To: libc-alpha@sourceware.org
+Cc: Carlos O'Donell <carlos@redhat.com>,
+	Andreas Schwab <schwab@suse.de>
+Subject: [PATCH] Account for grouping in printf width (bug 30068)
+Date: Sat,  4 Feb 2023 14:18:18 -0500
+Message-Id: <20230204191818.2692387-1-carlos@redhat.com>
+X-Mailer: git-send-email 2.39.1
+MIME-Version: 1.0
+X-Mimecast-Spam-Score: 0
+X-Mimecast-Originator: redhat.com
+X-Spam-Status: No, score=-12.4 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH,
+ DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0,
+ KAM_SHORT,
+ RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE,
+ TXREP autolearn=ham autolearn_force=no version=3.4.6
+X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
+ server2.sourceware.org
+X-BeenThere: libc-alpha@sourceware.org
+X-Mailman-Version: 2.1.29
+Precedence: list
+List-Id: Libc-alpha mailing list <libc-alpha.sourceware.org>
+List-Unsubscribe: <https://sourceware.org/mailman/options/libc-alpha>,
+ <mailto:libc-alpha-request@sourceware.org?subject=unsubscribe>
+List-Archive: <https://sourceware.org/pipermail/libc-alpha/>
+List-Post: <mailto:libc-alpha@sourceware.org>
+List-Help: <mailto:libc-alpha-request@sourceware.org?subject=help>
+List-Subscribe: <https://sourceware.org/mailman/listinfo/libc-alpha>,
+ <mailto:libc-alpha-request@sourceware.org?subject=subscribe>
+X-Patchwork-Original-From: Carlos O'Donell via Libc-alpha
+ <libc-alpha@sourceware.org>
+From: Carlos O'Donell <carlos@redhat.com>
+Reply-To: Carlos O'Donell <carlos@redhat.com>
+Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org
+Sender: "Libc-alpha"
+ <libc-alpha-bounces+patchwork=sourceware.org@sourceware.org>
+
+This is a partial fix for mishandling of grouping when formatting
+integers.  It properly computes the width in the presence of grouping
+characteres when the with is larger than the number of significant
+digits. The precision related issue is documented in bug 23432.
+
+Co-authored-by: Andreas Schwab <schwab@suse.de>
+---
+ stdio-common/Makefile               |  2 ++
+ stdio-common/tst-grouping3.c        | 54 +++++++++++++++++++++++++++++
+ stdio-common/vfprintf-process-arg.c | 22 +++++++++---
+ 3 files changed, 73 insertions(+), 5 deletions(-)
+ create mode 100644 stdio-common/tst-grouping3.c
+
+diff --git a/stdio-common/Makefile b/stdio-common/Makefile
+index 34fdd6d1f8..652d9e5f95 100644
+--- a/stdio-common/Makefile
++++ b/stdio-common/Makefile
+@@ -196,6 +196,7 @@ tests := \
+   tst-gets \
+   tst-grouping \
+   tst-grouping2 \
++  tst-grouping3 \
+   tst-long-dbl-fphex \
+   tst-memstream-string \
+   tst-obprintf \
+@@ -340,6 +341,7 @@ $(objpfx)tst-sscanf.out: $(gen-locales)
+ $(objpfx)tst-swprintf.out: $(gen-locales)
+ $(objpfx)tst-vfprintf-mbs-prec.out: $(gen-locales)
+ $(objpfx)tst-vfprintf-width-i18n.out: $(gen-locales)
++$(objpfx)tst-grouping3.out: $(gen-locales)
+ endif
+ 
+ tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace \
+diff --git a/stdio-common/tst-grouping3.c b/stdio-common/tst-grouping3.c
+new file mode 100644
+index 0000000000..e9e39218e2
+--- /dev/null
++++ b/stdio-common/tst-grouping3.c
+@@ -0,0 +1,54 @@
++/* Test printf with grouping and padding (bug 30068)
++   Copyright (C) 2023 Free Software Foundation, Inc.
++   This file is part of the GNU C Library.
++
++   The GNU C Library is free software; you can redistribute it and/or
++   modify it under the terms of the GNU Lesser General Public
++   License as published by the Free Software Foundation; either
++   version 2.1 of the License, or (at your option) any later version.
++
++   The GNU C Library is distributed in the hope that it will be useful,
++   but WITHOUT ANY WARRANTY; without even the implied warranty of
++   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
++   Lesser General Public License for more details.
++
++   You should have received a copy of the GNU Lesser General Public
++   License along with the GNU C Library; if not, see
++   <https://www.gnu.org/licenses/>.  */
++
++#include <locale.h>
++#include <stdio.h>
++#include <support/check.h>
++#include <support/support.h>
++
++static int
++do_test (void)
++{
++  char buf[80];
++
++  xsetlocale (LC_NUMERIC, "de_DE.UTF-8");
++
++  /* The format string has the following conversion specifier:
++     '  - Use thousands grouping.
++     +  - The result of a signed conversion shall begin with a sign.
++     -  - Left justified.
++     13 - Minimum 13 bytes of width.
++     9  - Minimum 9 digits of precision.
++
++     In bug 30068 the grouping characters were not accounted for in
++     the width, and were added after the fact resulting in a 15-byte
++     output instead of a 13-byte output.  The two additional bytes
++     come from the locale-specific thousands separator.  This increase
++     in size could result in a buffer overflow if a reasonable caller
++     calculated the size of the expected buffer using nl_langinfo to
++     determine the sie of THOUSEP in bytes.
++
++     This bug is distinct from bug 23432 which has to do with the
++     minimum precision calculation (digit based).  */
++  sprintf (buf, "%+-'13.9d", 1234567);
++  TEST_COMPARE_STRING (buf, "+001.234.567 ");
++
++  return 0;
++}
++
++#include <support/test-driver.c>
+diff --git a/stdio-common/vfprintf-process-arg.c b/stdio-common/vfprintf-process-arg.c
+index 24c9125f9f..8c0fcbcf78 100644
+--- a/stdio-common/vfprintf-process-arg.c
++++ b/stdio-common/vfprintf-process-arg.c
+@@ -186,11 +186,17 @@ LABEL (unsigned_number):      /* Unsigned number of base BASE.  */
+   bool octal_marker = (prec <= number_length && number.word != 0
+                        && alt && base == 8);
+ 
+-  prec = MAX (0, prec - (workend - string));
++  /* At this point prec_inc is the additional bytes required for the
++     specificed precision.  It is 0 if the precision would not have
++     required additional bytes i.e. the number of input digits is more
++     than the precision.  It is greater than zero if the precision is
++     more than the number of digits without grouping (precision only
++     considers digits).  */
++  unsigned int prec_inc = MAX (0, prec - (workend - string));
+ 
+   if (!left)
+     {
+-      width -= number_length + prec;
++      width -= number_length + prec_inc;
+ 
+       if (number.word != 0 && alt && (base == 16 || base == 2))
+         /* Account for 0X, 0x, 0B or 0b hex or binary marker.  */
+@@ -221,7 +227,7 @@ LABEL (unsigned_number):      /* Unsigned number of base BASE.  */
+           Xprintf_buffer_putc (buf, spec);
+         }
+ 
+-      width += prec;
++      width += prec_inc;
+       Xprintf_buffer_pad (buf, L_('0'), width);
+ 
+       if (octal_marker)
+@@ -237,6 +243,8 @@ LABEL (unsigned_number):      /* Unsigned number of base BASE.  */
+     }
+   else
+     {
++      /* Perform left justification adjustments.  */
++
+       if (is_negative)
+         {
+           Xprintf_buffer_putc (buf, L_('-'));
+@@ -263,9 +271,13 @@ LABEL (unsigned_number):      /* Unsigned number of base BASE.  */
+       if (octal_marker)
+ 	--width;
+ 
+-      width -= workend - string + prec;
++      /* Adjust the width by subtracting the number of bytes
++         required to represent the number with grouping characters
++	 (NUMBER_LENGTH) and any additional bytes required for
++	 precision.  */
++      width -= number_length + prec_inc;
+ 
+-      Xprintf_buffer_pad (buf, L_('0'), prec);
++      Xprintf_buffer_pad (buf, L_('0'), prec_inc);
+ 
+       if (octal_marker)
+         Xprintf_buffer_putc (buf, L_('0'));

glibc.spec

@@ -1,5 +1,5 @@
-%global glibcsrcdir glibc-2.36.9000-456-g2f39e44a84
-%global glibcversion 2.36.9000
+%global glibcsrcdir glibc-2.37
+%global glibcversion 2.37
 # Pre-release tarballs are pulled in from git using a command that is
 # effectively:
 #
@@ -159,7 +159,7 @@ Version: %{glibcversion}
 # - It allows using the Release number without the %%dist tag in the dependency
 #   generator to make the generated requires interchangeable between Rawhide
 #   and ELN (.elnYY < .fcXX).
-%global baserelease 25
+%global baserelease 1
 Release: %{baserelease}%{?dist}
 
 # In general, GPLv2+ is used by programs, LGPLv2+ is used for
@@ -230,7 +230,7 @@ Patch9: glibc-rh827510.patch
 Patch13: glibc-fedora-localedata-rh61908.patch
 Patch17: glibc-cs-path.patch
 Patch23: glibc-python3.patch
-Patch24: glibc-dprintf-length.patch
+Patch24: glibc-printf-grouping-swbz30068.patch
 
 ##############################################################################
 # Continued list of core "glibc" package information:
@@ -2194,6 +2194,22 @@ update_gconv_modules_cache ()
 %files -f compat-libpthread-nonshared.filelist -n compat-libpthread-nonshared
 
 %changelog
+* Sat Feb 04 2023 Carlos O'Donell <carlos@redhat.com> - 2.37-1
+- Drop already included glibc-dprintf-length.patch patch.
+- Apply glibc-printf-grouping-swbz30068.patch to fix swbz#30068.
+- Auto-sync with upstream branch release/2.37/master,
+  commit a704fd9a133bfb10510e18702f48a6a9c88dbbd5:
+- Create ChangeLog.old/ChangeLog.26. (tag: glibc-2.37)
+- Prepare for glibc 2.37 release.
+- x86: Fix strncat-avx2.S reading past length [BZ #30065]
+- Update install.texi, and regenerate INSTALL.
+- Update manual/contrib.texi.
+- Update NEWS file with bug fixes.
+- Regenerate configure.
+- Update all PO files in preparation for release.
+- doc: correct _FORTIFY_SOURCE doc in features.h
+- libio: Update number of written bytes in dprintf implementation
+
 * Tue Jan 31 2023 Florian Weimer <fweimer@redhat.com> - 2.36.9000-25
 - Apply glibc-dprintf-length.patch to fix dprintf return value regression.
 - Auto-sync with upstream branch master,

sources

@@ -1 +1 @@
-SHA512 (glibc-2.36.9000-456-g2f39e44a84.tar.xz) = 1a2d8963b715554b6e0a709f2860dafb93fcfeb0379ce2f7353010398d50c092cb8386caa9e28de87e82da321296ad27cc612fd8cfcb04a237488783db205c17
+SHA512 (glibc-2.37.tar.xz) = 4fc5932f206bb1b8b54828a28af1a681616b838bbab60c81c82155f3629cbfe1301d271af65511ed917f4c6949a025429221fe6035753282f15346919f15b90c