Sync with upstream master branch

Resolves #1326903, #1337140.
2016-06-01 08:29:43 +02:00 · 2016-06-01 08:29:43 +02:00 · db9848cdc3
commit db9848cdc3
parent 15922d5c07
3 changed files with 9 additions and 249 deletions
--- a/glibc-rh1315108.patch
+++ b/glibc-rh1315108.patch
@ -146,21 +146,6 @@ Date:   Sun Mar 1 19:14:29 2015 +0100
    	* sysdeps/unix/sysv/linux/getlogin_r.c (__getlogin_r_loginuid):
    	Use struct scratch_buffer instead of extend_alloca.
 commit f414b3f5947f264cb5d114965f284cacb2fb10b5
 Author: Florian Weimer <fweimer@redhat.com>
 Date:   Sun Mar 1 19:38:42 2015 +0100
    getaddrinfo: Use struct scratch_buffer instead of extend_alloca
    This results in slightly smaller buffers in some cases, but as the
    buffer size is passed to the called functions (and they will request
    an increased buffer size with an ERANGE error code), this does not
    result in a functional difference.
    	[BZ #18023]
    	* sysdeps/posix/getaddrinfo.c (gaih_inet_serv, gethosts)
    	(gaih_inet): Use struct scratch_buffer instead of extend_alloca.
 commit 488063238ee5c87b66c6982b1b6d508e30e44386
 Author: Florian Weimer <fweimer@redhat.com>
 Date:   Sun Mar 1 19:48:31 2015 +0100
@ -1845,237 +1830,6 @@ Index: b/posix/wordexp.c
       *offset = i - 1;
     }
   return *word ? 0 : WRDE_NOSPACE;
 Index: b/sysdeps/posix/getaddrinfo.c
 ===================================================================
 --- a/sysdeps/posix/getaddrinfo.c
 +++ b/sysdeps/posix/getaddrinfo.c
@@ -63,6 +63,7 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBI
 #include <nscd/nscd-client.h>
 #include <nscd/nscd_proto.h>
 #include <resolv/res_hconf.h>
 +#include <scratch_buffer.h>
 #ifdef HAVE_LIBIDN
 extern int __idna_to_ascii_lz (const char *input, char **output, int flags);
@@ -138,21 +139,22 @@ gaih_inet_serv (const char *servicename,
 		const struct addrinfo *req, struct gaih_servtuple *st)
 {
   struct servent *s;
 -  size_t tmpbuflen = 1024;
   struct servent ts;
 -  char *tmpbuf;
   int r;
 +  struct scratch_buffer tmpbuf;
 +  scratch_buffer_init (&tmpbuf);
   do
     {
 -      tmpbuf = __alloca (tmpbuflen);
 -
 -      r = __getservbyname_r (servicename, tp->name, &ts, tmpbuf, tmpbuflen,
 -			     &s);
 +      r = __getservbyname_r (servicename, tp->name, &ts,
 +			     tmpbuf.data, tmpbuf.length, &s);
       if (r != 0 || s == NULL)
 	{
 	  if (r == ERANGE)
 -	    tmpbuflen *= 2;
 +	    {
 +	      if (!scratch_buffer_grow (&tmpbuf))
 +		return -EAI_MEMORY;
 +	    }
 	  else
 	    return -EAI_SERVICE;
 	}
@@ -164,7 +166,7 @@ gaih_inet_serv (const char *servicename,
   st->protocol = ((tp->protoflag & GAI_PROTO_PROTOANY)
 		  ? req->ai_protocol : tp->protocol);
   st->port = s->s_port;
 -
 +  scratch_buffer_free (&tmpbuf);
   return 0;
 }
@@ -227,25 +229,15 @@ convert_hostent_to_gaih_addrtuple (const
   no_data = 0;								      \
   while (1) {								      \
     rc = 0;								      \
 -    status = DL_CALL_FCT (fct, (name, _family, &th, tmpbuf, tmpbuflen,	      \
 +    status = DL_CALL_FCT (fct, (name, _family, &th,			      \
 +				tmpbuf.data, tmpbuf.length,		      \
 				&rc, &herrno, NULL, &localcanon));	      \
     if (rc != ERANGE || herrno != NETDB_INTERNAL)			      \
       break;								      \
 -    if (!malloc_tmpbuf && __libc_use_alloca (alloca_used + 2 * tmpbuflen))    \
 -      tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen, 2 * tmpbuflen,	      \
 -				      alloca_used);			      \
 -    else								      \
 +    if (!scratch_buffer_grow (&tmpbuf))					      \
       {									      \
 -	char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL,		      \
 -			      2 * tmpbuflen);				      \
 -	if (newp == NULL)						      \
 -	  {								      \
 -	    result = -EAI_MEMORY;					      \
 -	    goto free_and_return;					      \
 -	  }								      \
 -	tmpbuf = newp;							      \
 -	malloc_tmpbuf = true;						      \
 -	tmpbuflen = 2 * tmpbuflen;					      \
 +	result = -EAI_MEMORY;						      \
 +	goto free_and_return;						      \
       }									      \
   }									      \
   if (status == NSS_STATUS_SUCCESS && rc == 0)				      \
@@ -316,7 +308,10 @@ gaih_inet (const char *name, const struc
   bool got_ipv6 = false;
   const char *canon = NULL;
   const char *orig_name = name;
 -  size_t alloca_used = 0;
 +
 +  /* Reserve stack memory for this function's buffer and the one in
 +     gaih_inet_serv.  */
 +  size_t alloca_used = 2 * sizeof (struct scratch_buffer);
   if (req->ai_protocol || req->ai_socktype)
     {
@@ -437,9 +432,10 @@ gaih_inet (const char *name, const struc
   struct gaih_addrtuple *addrmem = NULL;
   bool malloc_canonbuf = false;
   char *canonbuf = NULL;
 -  bool malloc_tmpbuf = false;
 -  char *tmpbuf = NULL;
   int result = 0;
 +  struct scratch_buffer tmpbuf;
 +  scratch_buffer_init (&tmpbuf);
 +
   if (name != NULL)
     {
       at = alloca_account (sizeof (struct gaih_addrtuple), alloca_used);
@@ -607,11 +603,8 @@ gaih_inet (const char *name, const struc
 	  if (req->ai_family == AF_INET
 	      && (req->ai_flags & AI_CANONNAME) == 0)
 	    {
 -	      /* Allocate additional room for struct host_data.  */
 -	      size_t tmpbuflen = (512 + MAX_NR_ALIASES * sizeof(char*)
 -				  + 16 * sizeof(char));
 -	      assert (tmpbuf == NULL);
 -	      tmpbuf = alloca_account (tmpbuflen, alloca_used);
 +	      /* tmpbuf must not have been used so far.  */
 +	      assert (tmpbuf.data == tmpbuf.__space);
 	      int rc;
 	      struct hostent th;
 	      struct hostent *h;
@@ -619,28 +612,15 @@ gaih_inet (const char *name, const struc
 	      while (1)
 		{
 -		  rc = __gethostbyname2_r (name, AF_INET, &th, tmpbuf,
 -					   tmpbuflen, &h, &herrno);
 +		  rc = __gethostbyname2_r (name, AF_INET, &th,
 +					   tmpbuf.data, tmpbuf.length,
 +					   &h, &herrno);
 		  if (rc != ERANGE || herrno != NETDB_INTERNAL)
 		    break;
 -
 -		  if (!malloc_tmpbuf
 -		      && __libc_use_alloca (alloca_used + 2 * tmpbuflen))
 -		    tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen,
 -						    2 * tmpbuflen,
 -						    alloca_used);
 -		  else
 +		  if (!scratch_buffer_grow (&tmpbuf))
 		    {
 -		      char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL,
 -					    2 * tmpbuflen);
 -		      if (newp == NULL)
 -			{
 -			  result = -EAI_MEMORY;
 -			  goto free_and_return;
 -			}
 -		      tmpbuf = newp;
 -		      malloc_tmpbuf = true;
 -		      tmpbuflen = 2 * tmpbuflen;
 +		      result = -EAI_MEMORY;
 +		      goto free_and_return;
 		    }
 		}
@@ -834,21 +814,8 @@ gaih_inet (const char *name, const struc
 	  old_res_options = _res.options;
 	  _res.options &= ~RES_USE_INET6;
 -	  size_t tmpbuflen = 1024 + sizeof(struct gaih_addrtuple);
 -	  malloc_tmpbuf = !__libc_use_alloca (alloca_used + tmpbuflen);
 -	  assert (tmpbuf == NULL);
 -	  if (!malloc_tmpbuf)
 -	    tmpbuf = alloca_account (tmpbuflen, alloca_used);
 -	  else
 -	    {
 -	      tmpbuf = malloc (tmpbuflen);
 -	      if (tmpbuf == NULL)
 -		{
 -		  _res.options |= old_res_options & RES_USE_INET6;
 -		  result = -EAI_MEMORY;
 -		  goto free_and_return;
 -		}
 -	    }
 +	  /* tmpbuf has not been used yet.  */
 +	  assert (tmpbuf.data == tmpbuf.__space);
 	  while (!no_more)
 	    {
@@ -867,8 +834,9 @@ gaih_inet (const char *name, const struc
 		  while (1)
 		    {
 		      rc = 0;
 -		      status = DL_CALL_FCT (fct4, (name, pat, tmpbuf,
 -						   tmpbuflen, &rc, &herrno,
 +		      status = DL_CALL_FCT (fct4, (name, pat,
 +						   tmpbuf.data, tmpbuf.length,
 +						   &rc, &herrno,
 						   NULL));
 		      if (status == NSS_STATUS_SUCCESS)
 			break;
@@ -882,24 +850,11 @@ gaih_inet (const char *name, const struc
 			  break;
 			}
 -		      if (!malloc_tmpbuf
 -			  && __libc_use_alloca (alloca_used + 2 * tmpbuflen))
 -			tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen,
 -							2 * tmpbuflen,
 -							alloca_used);
 -		      else
 +		      if (!scratch_buffer_grow (&tmpbuf))
 			{
 -			  char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL,
 -						2 * tmpbuflen);
 -			  if (newp == NULL)
 -			    {
 -			      _res.options |= old_res_options & RES_USE_INET6;
 -			      result = -EAI_MEMORY;
 -			      goto free_and_return;
 -			    }
 -			  tmpbuf = newp;
 -			  malloc_tmpbuf = true;
 -			  tmpbuflen = 2 * tmpbuflen;
 +			  _res.options |= old_res_options & RES_USE_INET6;
 +			  result = -EAI_MEMORY;
 +			  goto free_and_return;
 			}
 		    }
@@ -1286,8 +1241,7 @@ gaih_inet (const char *name, const struc
     free (addrmem);
   if (malloc_canonbuf)
     free (canonbuf);
 -  if (malloc_tmpbuf)
 -    free (tmpbuf);
 +  scratch_buffer_free (&tmpbuf);
   return result;
 }
 Index: b/sysdeps/unix/sysv/linux/gethostid.c
 ===================================================================
 --- a/sysdeps/unix/sysv/linux/gethostid.c
--- a/glibc.spec
+++ b/glibc.spec
@ -1,6 +1,6 @@
-%define glibcsrcdir  glibc-2.23-300-gb91a333
+%define glibcsrcdir  glibc-2.23-411-gf06f3f0
 %define glibcversion 2.23.90
-%define glibcrelease 18%{?dist}
+%define glibcrelease 19%{?dist}
 # Pre-release tarballs are pulled in from git using a command that is
 # effectively:
 #
@ -2075,6 +2075,12 @@ rm -f *.filelist*
 %endif
 %changelog
 * Wed Jun 01 2016 Florian Weimer <fweimer@redhat.com> - 2.23.90-19
 - Auto-sync with upstream master.
 - Adjust glibc-rh1315108.patch accordingly.
 - Fix fork redirection in libpthread (#1326903)
 - CVE-2016-4429: stack overflow in Sun RPC clntudp_call (#1337140)
 * Wed May 11 2016 Carlos O'Donell <carlos@redhat.com> - 2.23.90-18
 - Move support for building GCC 2.96 into compat-gcc-296.
--- a/2
+++ b/2
@ -1 +1 @@
-6591008b546b6849845e06d9b1665943  glibc-2.23-300-gb91a333.tar.gz
+72b48c6bef1a5922033118d55cb376d2  glibc-2.23-411-gf06f3f0.tar.gz
`@ -1 +1 @@`
	`6591008b546b6849845e06d9b1665943 glibc-2.23-300-gb91a333.tar.gz`	`72b48c6bef1a5922033118d55cb376d2 glibc-2.23-411-gf06f3f0.tar.gz`