From e38cafa2c9fd575c7a69cb52e1c96fa910b0b256 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20B=C3=A9rat?= Date: Thu, 22 May 2025 17:21:41 +0200 Subject: [PATCH] Prevent `,ccs=` from being treated as individual mode flags in `fopen` calls - Backport: fileops: Don't process ,ccs= as individual mode flags (BZ#18906) Resolves: RHEL-92095 --- glibc-RHEL-92095.patch | 103 +++++++++++++++++++++++++++++++++++++++++ glibc.spec | 7 ++- 2 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 glibc-RHEL-92095.patch diff --git a/glibc-RHEL-92095.patch b/glibc-RHEL-92095.patch new file mode 100644 index 0000000..cedea61 --- /dev/null +++ b/glibc-RHEL-92095.patch @@ -0,0 +1,103 @@ +commit 5324d258427fd11ca0f4f595c94016e568b26d6b +Author: Joe Simmons-Talbott +Date: Wed Jul 5 21:23:28 2023 +0000 + + fileops: Don't process ,ccs= as individual mode flags (BZ#18906) + + In processing the first 7 individual characters of the mode for fopen + if ,ccs= is used those characters will be processed as well. Stop + processing individual mode flags once a comma is encountered. This has + the effect of requiring ,ccs= to be the last mode flag in the mode + string. Add a testcase to check that the ,ccs= mode flag is not + processed as individual mode flags. + + Reviewed-by: DJ Delorie + +Conflicts: + libio/tst-fopenloc.c (fixup context) + +diff --git a/libio/fileops.c b/libio/fileops.c +index 11303013cb11dbd2..f6a17a99e3020323 100644 +--- a/libio/fileops.c ++++ b/libio/fileops.c +@@ -282,6 +282,7 @@ _IO_new_file_fopen (FILE *fp, const char *filename, const char *mode, + switch (*++mode) + { + case '\0': ++ case ',': + break; + case '+': + omode = O_RDWR; +diff --git a/libio/tst-fopenloc.c b/libio/tst-fopenloc.c +index 6e417e6a673a3662..30606f1e3f4f11bb 100644 +--- a/libio/tst-fopenloc.c ++++ b/libio/tst-fopenloc.c +@@ -18,6 +18,7 @@ + . */ + + #include ++#include + #include + #include + #include +@@ -25,6 +26,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -49,13 +51,40 @@ do_bz17916 (void) + if (fp != NULL) + { + printf ("unxpected success\n"); ++ free (ccs); ++ fclose (fp); + return 1; + } ++ + free (ccs); + + return 0; + } + ++static int ++do_bz18906 (void) ++{ ++ /* BZ #18906 -- check processing of ,ccs= as flags case. */ ++ ++ const char *ccs = "r,ccs=+ISO-8859-1"; ++ size_t retval; ++ ++ FILE *fp = fopen (inputfile, ccs); ++ int flags; ++ ++ TEST_VERIFY (fp != NULL); ++ ++ if (fp != NULL) ++ { ++ flags = fcntl (fileno (fp), F_GETFL); ++ retval = (flags & O_RDWR) | (flags & O_WRONLY); ++ TEST_COMPARE (retval, false); ++ fclose (fp); ++ } ++ ++ return EXIT_SUCCESS; ++} ++ + static int + do_test (void) + { +@@ -79,7 +108,10 @@ do_test (void) + + xfclose (fp); + +- return do_bz17916 (); ++ TEST_COMPARE (do_bz17916 (), 0); ++ TEST_COMPARE (do_bz18906 (), 0); ++ ++ return EXIT_SUCCESS; + } + + #include diff --git a/glibc.spec b/glibc.spec index b001e92..2812c7b 100644 --- a/glibc.spec +++ b/glibc.spec @@ -157,7 +157,7 @@ end \ Summary: The GNU libc libraries Name: glibc Version: %{glibcversion} -Release: 196%{?dist} +Release: 197%{?dist} # In general, GPLv2+ is used by programs, LGPLv2+ is used for # libraries. @@ -1213,6 +1213,7 @@ Patch905: glibc-RHEL-92697-5.patch Patch906: glibc-RHEL-92697-6.patch Patch907: glibc-RHEL-92697-8.patch Patch908: glibc-RHEL-92697-9.patch +Patch909: glibc-RHEL-92095.patch ############################################################################## # Continued list of core "glibc" package information: @@ -3206,6 +3207,10 @@ update_gconv_modules_cache () %endif %changelog +* Thu May 22 2025 Frédéric Bérat - 2.34-197 +- Prevent `,ccs=` from being treated as individual mode flags in `fopen` calls + (RHEL-92095) + * Thu May 22 2025 Florian Weimer - 2.34-196 - SGID test enhancements (RHEL-92697)