glibc/glibc-upstream-2.39-285.patch

commit 10c0bcb3d3935f9b79a828502513c2084c90772c
Author: Florian Weimer <fweimer@redhat.com>
Date:   Thu Nov 6 14:49:21 2025 +0100

    support: Exit on consistency check failure in resolv_response_add_name
    
    Using TEST_VERIFY (crname_target != crname) instructs some analysis
    tools that crname_target == crname might hold.  Under this assumption,
    they report a use-after-free for crname_target->offset below, caused
    by the previous free (crname).
    
    Reviewed-by: Collin Funk <collin.funk1@gmail.com>
    (cherry picked from commit b64335ff111c071fde61aec1c1a8460afb3d16d4)

diff --git a/support/resolv_test.c b/support/resolv_test.c
index f1613bd255c086e1..d4cc26b4aa24ce3a 100644
--- a/support/resolv_test.c
+++ b/support/resolv_test.c
@@ -326,7 +326,7 @@ resolv_response_add_name (struct resolv_response_builder *b,
               crname_target = *ptr;
             else
               crname_target = NULL;
-            TEST_VERIFY (crname_target != crname);
+            TEST_VERIFY_EXIT (crname_target != crname);
             /* Not added to the tree.  */
             free (crname);
           }