Merge pull request #1438 from pullmoll/glibc

glibc: Add security buflen and 32bit regression patches
2015-04-28 09:29:57 +02:00 · 2015-04-28 09:29:57 +02:00 · 7ab311d4aa
parent 5545fb4314 2bfcb1c4ca
commit 7ab311d4aa
3 changed files with 31 additions and 2 deletions
--- a/srcpkgs/glibc/patches/glibc-32bit-regression.patch
+++ b/srcpkgs/glibc/patches/glibc-32bit-regression.patch
@ -0,0 +1,15 @@
+Taken from http://www.linuxfromscratch.org/lfs/view/development/chapter06/glibc.html
+
+--- sysdeps/i386/i686/multiarch/mempcpy_chk.S	2015-02-06 07:40:18.000000000 +0100
+++ sysdeps/i386/i686/multiarch/mempcpy_chk.S	2015-04-25 17:38:44.952119997 +0200
+@@ -36,8 +36,8 @@
+ 	cmpl	$0, KIND_OFFSET+__cpu_features@GOTOFF(%ebx)
+ 	jne	1f
+ 	call	__init_cpu_features
+-	leal	__mempcpy_chk_ia32@GOTOFF(%ebx), %eax
+-1:	testl	$bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx)
+1:	leal	__mempcpy_chk_ia32@GOTOFF(%ebx), %eax
+	testl	$bit_SSE2, CPUID_OFFSET+index_SSE2+__cpu_features@GOTOFF(%ebx)
+ 	jz	2f
+ 	leal	__mempcpy_chk_sse2_unaligned@GOTOFF(%ebx), %eax
+ 	testl	$bit_Fast_Unaligned_Load, FEATURE_OFFSET+index_Fast_Unaligned_Load+__cpu_features@GOTOFF(%ebx)
--- a/srcpkgs/glibc/patches/glibc-security-buflen.patch
+++ b/srcpkgs/glibc/patches/glibc-security-buflen.patch
@ -0,0 +1,14 @@
+Taken from http://www.linuxfromscratch.org/lfs/view/development/chapter06/glibc.html
+
+--- resolv/nss_dns/dns-host.c	2015-02-06 07:40:18.000000000 +0100
+++ resolv/nss_dns/dns-host.c	2015-04-25 17:38:58.365119958 +0200
+@@ -615,7 +615,8 @@
+   int have_to_map = 0;
+   uintptr_t pad = -(uintptr_t) buffer % __alignof__ (struct host_data);
+   buffer += pad;
+-  if (__glibc_unlikely (buflen < sizeof (struct host_data) + pad))
+  buflen = buflen > pad ? buflen - pad : 0;
+  if (__glibc_unlikely (buflen < sizeof (struct host_data)))
+     {
+       /* The buffer is too small.  */
+     too_small:
--- a/srcpkgs/glibc/template
+++ b/srcpkgs/glibc/template
@ -1,13 +1,13 @@
 # Template file for 'glibc'
 pkgname=glibc
 version=2.21
-revision=3
+revision=4
 bootstrap=yes
 short_desc="The GNU C library"
 maintainer="Juan RP <xtraeme@voidlinux.eu>"
 homepage="http://www.gnu.org/software/libc"
 license="GPL-2, LGPL-2.1, BSD"
-distfiles="http://ftp.gnu.org/gnu/glibc/glibc-${version}.tar.xz"
+distfiles="${GNU_SITE}/glibc/glibc-${version}.tar.xz"
 checksum=aeeb362437965a5d3f40b151094ca79def04a115bd363fdd4a9a0c69482923b8
 # Do not strip these files, objcopy errors out.
 nostrip_files="