Commit a92462fa authored by nobody's avatar nobody

This commit was manufactured by cvs2svn to create tag

'glibc_2_2_5-13'.

svn path=/tags/glibc_2_2_5-13/; revision=23
parent 2c775c2a
glibc (2.2.5-13) unstable; urgency=low
* Last maintainer upload for me.
* Fix double getent listing for build of libc package.
* Set maintainer to the debian-glibc mailing list. Set uploaders to myself
and others.
-- Ben Collins <bcollins@debian.org> Thu, 25 Jul 2002 10:02:04 -0400
* Ben Collins
- Last maintainer upload for me.
- Fix double getent listing for build of libc package.
Closes: #154133, #152866
- Set maintainer to the debian-glibc mailing list. Set uploaders to myself
and others.
- Placed into CVS (this log entry is the first test commit).
- ia64 build failure was fixed in last NMU. Closes: #151956
- This sshd/libc bug is long since gone. Closes: #72596, #82468
- ldconfig search order has also since been fixed. Closes: #105249
- Add patches that OpenOffice needs in order to build. Closes: #153107
- Bump min kernel supported to 2.2.0. Closes: #149529
- Remove db1 compat library. The only user I know of this is coda. Coda
can include it's own version of the library now. I've emailed the coda
maintainer.
- Bump the shlibs ver because of the min-kernel change, and db1 removal.
- Add xdr-array.c security patch, Closes: #154992
* GOTO Masanori <gotom@debian.or.jp>
- applied patches/locale-de_CH.
- debian/control: fix my uploader address due to my obsolete gpg key.
- debian/copyright: update copyright year.
* Jeff Bailey <jbailey@debian.org>
- Add hurd-i386 patch for support LFS from CVS
- Add patch to only declare sys_errlist and sys_nerr on Linux. This
allows gcc to build cleanly on hurd-i386.
- Require mig >= 1.3-2 (hurd-i386 only), and hurd-dev >= 20020608-1
(hurd-i386 only)
- Prune hurd-ldflags from Hurd patch list. Noone is quite sure what
it's for. With this change, all hurd-i386 patches are now upstream
in CVS.
- Add 'mathpatch' to fix a math testsuite failure.
-- Ben Collins <bcollins@debian.org> Thu, 25 Jul 2002 11:13:22 -0400
glibc (2.2.5-12) unstable; urgency=low
......
......@@ -5,7 +5,7 @@ Build-Depends: gettext (>= 0.10.37-1), make (>= 3.78-4), dpkg-dev (>= 1.4.1.5),
Build-Depends-Indep: perl, latex2html
Build-Conflicts: gcc-2.95 (<< 1:2.95.3-8) [!i386], gcc-2.95 (<< 1:2.95.3-9) [i386]
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Uploaders: Ben Collins <bcollins@debian.org>, GOTO Masanori <gotom@debian.org>, Philip Blundell <pb@nexus.co.uk>, Jeff Bailey <jbailey@nisa.net>
Uploaders: Ben Collins <bcollins@debian.org>, GOTO Masanori <gotom@debian.or.jp>, Philip Blundell <pb@nexus.co.uk>, Jeff Bailey <jbailey@nisa.net>
Standards-Version: 3.1.1
Package: glibc-doc
......
Source: @glibc@
Section: libs
Priority: required
Build-Depends: gettext (>= 0.10.37-1), make (>= 3.78-4), dpkg-dev (>= 1.4.1.5), debianutils (>= 1.13.1), tar (>= 1.13.11), bzip2, texinfo (>= 4.0), kernel-headers-2.4 [!hurd-i386], mig [hurd-i386], hurd-dev [hurd-i386], gnumach-dev [hurd-i386], texi2html, file, gcc-3.1 [sparc], autoconf
Build-Depends: gettext (>= 0.10.37-1), make (>= 3.78-4), dpkg-dev (>= 1.4.1.5), debianutils (>= 1.13.1), tar (>= 1.13.11), bzip2, texinfo (>= 4.0), kernel-headers-2.4 [!hurd-i386], mig (>= 1.3-2) [hurd-i386], hurd-dev (>= 20020608-1) [hurd-i386], gnumach-dev [hurd-i386], texi2html, file, gcc-3.0 [sparc], autoconf
Build-Depends-Indep: perl, latex2html
Build-Conflicts: gcc-2.95 (<< 1:2.95.3-8) [!i386], gcc-2.95 (<< 1:2.95.3-9) [i386]
Build-Conflicts: gcc-2.95 (<< 1:2.95.3-9), kernel-headers-2.4.18-sparc [!sparc]
Maintainer: GNU Libc Maintainers <debian-glibc@lists.debian.org>
Uploaders: Ben Collins <bcollins@debian.org>, GOTO Masanori <gotom@debian.org>, Philip Blundell <pb@nexus.co.uk>, Jeff Bailey <jbailey@nisa.net>
Uploaders: Ben Collins <bcollins@debian.org>, GOTO Masanori <gotom@debian.or.jp>, Philip Blundell <pb@nexus.co.uk>, Jeff Bailey <jbailey@nisa.net>
Standards-Version: 3.1.1
Package: @glibc@-doc
......
......@@ -7,7 +7,7 @@ from the following sources:
<ftp://sourceware.cygnus.com/pub/glibc/releases/glibc-2.2.x.tar.bz2>
<ftp://sourceware.cygnus.com/pub/glibc/releases/glibc-linuxthreads-2.2.x.tar.gz>
Copyright (C) 1991,92,93,94,95,96,97,98,99,2000,2001 Free Software Foundation, Inc.
Copyright (C) 1991,92,93,94,95,96,97,98,99,2000,2001,2002 Free Software Foundation, Inc.
The GNU C Library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
......
glibc-cvs
glibc22-misc
db1-addon-enabler
manual-texinfo4
ldd
glibcbug
hurd-ldflags
fhs-linux-paths
pthread_create-manpage
string2-pointer-arith
......@@ -39,3 +37,9 @@ ia64-strncpy
ia64-perf
sparc-misc
resolv-nss_dns
glibc-openoffice-fixes
xdr-array-security
locales-de_CH
hurd-lfs64
syserrlist
mathpatch
#! /bin/sh -e
# DP: Some fixes that allow openoffice to build correctly.
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p0 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p0 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
This fixes the missing sqrtl entry in libm on powerpc.
2002-05-10 Andreas Schwab <schwab@suse.de>;
* sysdeps/powerpc/fpu/w_sqrt.c: Add sqrtl alias.
Index: sysdeps/powerpc/fpu/w_sqrt.c
===================================================================
RCS file: /cvs/glibc/libc/sysdeps/powerpc/fpu/w_sqrt.c,v
retrieving revision 1.2
diff -u -p -a -u -p -a -r1.2 sysdeps/powerpc/fpu/w_sqrt.c
--- sysdeps/powerpc/fpu/w_sqrt.c 6 Jul 2001 04:56:02 -0000 1.2
+++ sysdeps/powerpc/fpu/w_sqrt.c 10 May 2002 08:40:46 -0000
@@ -1,5 +1,5 @@
/* Single-precision floating point square root.
- Copyright (C) 1997 Free Software Foundation, Inc.
+ Copyright (C) 1997, 2002 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -139,3 +139,8 @@ weak_alias (__sqrt, sqrt)
/* Strictly, this is wrong, but the only places where _ieee754_sqrt is
used will not pass in a negative result. */
strong_alias(__sqrt,__ieee754_sqrt)
+
+#ifdef NO_LONG_DOUBLE
+weak_alias (__sqrt, __sqrtl)
+weak_alias (__sqrt, sqrtl)
+#endif
Index: sysdeps/unix/sysv/linux/semctl.c
===================================================================
RCS file: /cvs/glibc/libc/sysdeps/unix/sysv/linux/semctl.c,v
retrieving revision 1.12
diff -u -p -r1.12 semctl.c
--- sysdeps/unix/sysv/linux/semctl.c 6 Jul 2001 04:56:13 -0000 1.12
+++ sysdeps/unix/sysv/linux/semctl.c 28 Apr 2002 21:03:16 -0000
@@ -69,8 +69,23 @@ __old_semctl (int semid, int semnum, int
va_start (ap, cmd);
- /* Get the argument. */
- arg = va_arg (ap, union semun);
+ /* Get the argument only if required. */
+ arg.buf = NULL;
+ switch (cmd)
+ {
+ case SETVAL: /* arg.val */
+ case GETALL: /* arg.array */
+ case SETALL:
+ case IPC_STAT: /* arg.buf */
+ case IPC_SET:
+ case SEM_STAT:
+ case IPC_INFO: /* arg.__buf */
+ case SEM_INFO:
+ va_start (ap, cmd);
+ arg = va_arg (ap, union semun);
+ va_end (ap);
+ break;
+ }
va_end (ap);
@@ -88,8 +103,23 @@ __new_semctl (int semid, int semnum, int
va_start (ap, cmd);
- /* Get the argument. */
- arg = va_arg (ap, union semun);
+ /* Get the argument only if required. */
+ arg.buf = NULL;
+ switch (cmd)
+ {
+ case SETVAL: /* arg.val */
+ case GETALL: /* arg.array */
+ case SETALL:
+ case IPC_STAT: /* arg.buf */
+ case IPC_SET:
+ case SEM_STAT:
+ case IPC_INFO: /* arg.__buf */
+ case SEM_INFO:
+ va_start (ap, cmd);
+ arg = va_arg (ap, union semun);
+ va_end (ap);
+ break;
+ }
va_end (ap);
This diff is collapsed.
#! /bin/sh -e
# DP: fix error generating de_CH
# DP: It's already in 2.3 cvs, but not in glibc-2-2-branch.
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p0 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p0 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
# append the patch here and adjust the -p? flag in the patch calls.
--- localedata/locales/de_CH.orig Sun Mar 24 20:54:21 2002
+++ localedata/locales/de_CH Tue Mar 26 22:29:29 2002
@@ -113,7 +113,7 @@
"<U004F><U006B><U0074><U006F><U0062><U0065><U0072>";/
"<U004E><U006F><U0076><U0065><U006D><U0062><U0065><U0072>";/
"<U0044><U0065><U007A><U0065><U006D><U0062><U0065><U0072>"
-d_t_fmt "<U0025><U0061><U0020><U0025><U0064><U0020><U0025><U0062><U0020><U0025><U0059><U0020><U0025><U0054><U0020><U0025><U005A>
+d_t_fmt "<U0025><U0061><U0020><U0025><U0064><U0020><U0025><U0062><U0020><U0025><U0059><U0020><U0025><U0054><U0020><U0025><U005A>"
d_fmt "<U0025><U0064><U002E><U0025><U006D><U002E><U0025><U0059>"
t_fmt "<U0025><U0054>"
am_pm "";""
#! /bin/sh -e
# All lines beginning with `# DP:' are a description of the patch.
# DP: Update from CVS for math test, hopefully gets rid of failures.
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
# append the patch here and adjust the -p? flag in the patch calls.
diff -urN glibc-2.2.5.old/ChangeLog glibc-2.2.5/ChangeLog
--- glibc-2.2.5.old/ChangeLog Sat Apr 27 22:28:07 2002
+++ glibc-2.2.5/ChangeLog Tue Apr 23 10:45:10 2002
@@ -0,0 +1,7 @@
+2002-07-16 Ulrich Drepper <drepper@redhat.com>
+
+ * config.h.in: Fail if __FAST_MATH__ is defined.
+ * math/Makefile (CPPFLAGS-test-ifloat.c): Also define TEST_FAST_MATH.
+ (CPPFLAGS-test-idouble.c): Likewise.
+ (CPPFLAGS-test-ildouble.c): Likewise.
+
diff -urN glibc-2.2.5/glibc-2.2.5/config.h.in glibc-upstream/config.h.in
--- glibc-2.2.5/glibc-2.2.5/config.h.in Sun Aug 4 10:01:38 2002
+++ glibc-upstream/config.h.in Wed Jul 17 19:14:00 2002
@@ -2,6 +2,12 @@
# error "glibc cannot be compiled without optimization"
#endif
+/* Another evil option when it comes to compiling the C library is
+ * --ffast-math since it alters the ABI. */
+#if defined __FAST_MATH__ && !defined TEST_FAST_MATH
+# error "glibc must not be compiled with -ffast-math"
+#endif
+
/* Define if using GNU ld, with support for weak symbols in a.out,
and for symbol set and warning messages extensions in a.out and ELF.
This implies HAVE_WEAK_SYMBOLS; set by --with-gnu-ld. */
diff -urN glibc-2.2.5/glibc-2.2.5/math/Makefile glibc-upstream/math/Makefile
--- glibc-2.2.5/glibc-2.2.5/math/Makefile Sat Aug 4 08:46:19 2001
+++ glibc-upstream/math/Makefile Wed Jul 17 19:15:11 2002
@@ -122,9 +122,12 @@
CFLAGS-test-double.c = -fno-inline -ffloat-store
CFLAGS-test-ldouble.c = -fno-inline -ffloat-store
CFLAGS-test-tgmath.c = -fno-builtin
-CPPFLAGS-test-ifloat.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__
-CPPFLAGS-test-idouble.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__
-CPPFLAGS-test-ildoubl.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__
+CPPFLAGS-test-ifloat.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__ \
+ -DTEST_FAST_MATH
+CPPFLAGS-test-idouble.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__ \
+ -DTEST_FAST_MATH
+CPPFLAGS-test-ildoubl.c = -U__LIBC_INTERNAL_MATH_INLINES -D__FAST_MATH__ \
+ -DTEST_FAST_MATH
distribute += libm-test.inc gen-libm-test.pl README.libm-test
#! /bin/sh -e
# All lines beginning with `# DP:' are a description of the patch.
# DP: Only declare sys_errlist and sys_nerr on linux. From 2.2 CVS
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p1 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p1 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
# append the patch here and adjust the -p? flag in the patch calls.
diff -urN glibc-2.2.5.old/ChangeLog glibc-2.2.5/ChangeLog
--- glibc-2.2.5.old/ChangeLog Sat Apr 27 22:28:07 2002
+++ glibc-2.2.5/ChangeLog Tue Apr 23 10:45:10 2002
@@ -0,0 +1,16 @@
+2002-07-31 Jeff Bailey <jbailey@gnu.org>
+
+ * libio/stdio.h (sys_errlist, sys_nerr, _sys_errlist, _sys_nerr):
+ Declarations moved to <bits/sys_errlist.h>. Include that file.
+ * libio/Makefile (headers): Add bits/sys_errlist.h to the list.
+ * sysdeps/generic/bits/sys_errlist.h: New file. This does *not*
+ declare sys_errlist and sys_nerr.
+ * sysdeps/unix/sysv/linux/bits/sys_errlist.h: New file. Does
+ provide declarations.
+
+2002-05-19 Ulrich Drepper <drepper@redhat.com>
+
+ * sysdeps/unix/sysv/linux/errlist.c: Remove extra weak alias
+ definiton of _old_sys_nerr. Define _old_sys_errlist as strong
+ alias.
+
diff -urN glibc-2.2.5/libio/stdio.h glibc-upstream/libio/stdio.h
--- glibc-2.2.5/glibc-2.2.5/libio/stdio.h Mon Jul 9 20:53:17 2001
+++ glibc-upstream/libio/stdio.h Wed Jul 31 20:05:23 2002
@@ -1,5 +1,5 @@
/* Define ISO C stdio on top of C++ iostreams.
- Copyright (C) 1991, 1994-1999, 2000, 2001 Free Software Foundation, Inc.
+ Copyright (C) 1991,1994-1999,2000,01,02 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -545,16 +545,11 @@
/* Print a message describing the meaning of the value of errno. */
extern void perror (__const char *__s) __THROW;
-/* These variables normally should not be used directly. The `strerror'
- function provides all the needed functionality. */
-#ifdef __USE_BSD
-extern int sys_nerr;
-extern __const char *__const sys_errlist[];
-#endif
-#ifdef __USE_GNU
-extern int _sys_nerr;
-extern __const char *__const _sys_errlist[];
-#endif
+/* Provide the declarations for `sys_errlist' and `sys_nerr' if they
+ are available on this system. Even if available, these variables
+ should not be used directly. The `strerror' function provides
+ all the necessary functionality. */
+#include <bits/sys_errlist.h>
#ifdef __USE_POSIX
diff -urN glibc-2.2.5.old/libio/Makefile glibc-2.2.5/libio/Makefile
--- glibc-2.2.5/glibc-2.2.5/libio/Makefile Fri Sep 7 13:58:25 2001
+++ glibc-upstream/libio/Makefile Wed Jul 31 19:59:22 2002
@@ -1,4 +1,4 @@
-# Copyright (C) 1995,96,97,98,99,2000, 2001 Free Software Foundation, Inc.
+# Copyright (C) 1995,96,97,98,99,2000,01,02 Free Software Foundation, Inc.
# This file is part of the GNU C Library.
# The GNU C Library is free software; you can redistribute it and/or
@@ -21,7 +21,8 @@
#
subdir := libio
-headers := stdio.h libio.h _G_config.h bits/stdio.h bits/stdio-lock.h
+headers := stdio.h libio.h _G_config.h bits/stdio.h bits/stdio-lock.h \
+ bits/sys_errlist.h
routines := \
filedoalloc iofclose iofdopen iofflush iofgetpos iofgets iofopen \
diff -urN /dev/null glibc-2.2.5/sysdeps/generic/bits/sys_errlist.h
--- /dev/null Wed Dec 31 19:00:00 1969
+++ glibc-upstream/sysdeps/generic/bits/sys_errlist.h Wed Jul 31 19:33:32 2002
@@ -0,0 +1,24 @@
+/* Declare sys_errlist and sys_nerr, or don't. Don't version.
+ Copyright (C) 2002 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+#ifndef _STDIO_H
+# error "Never include <bits/sys_errlist.h> directly; use <stdio.h> instead."
+#endif
+
+/* sys_errlist and sys_nerr are deprecated. Use strerror instead. */
diff -urN /dev/null glibc-2.2.5/sysdeps/unix/sysv/linux/bits/sys_errlist.h
--- /dev/null Wed Dec 31 19:00:00 1969
+++ glibc-upstream/sysdeps/unix/sysv/linux/bits/sys_errlist.h Wed Jul 31 19:33:32 2002
@@ -0,0 +1,33 @@
+/* Declare sys_errlist and sys_nerr, or don't. Compatibility (do) version.
+ Copyright (C) 2002 Free Software Foundation, Inc.
+ This file is part of the GNU C Library.
+
+ The GNU C Library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation; either
+ version 2.1 of the License, or (at your option) any later version.
+
+ The GNU C Library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with the GNU C Library; if not, write to the Free
+ Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
+ 02111-1307 USA. */
+
+#ifndef _STDIO_H
+# error "Never include <bits/sys_errlist.h> directly; use <stdio.h> instead."
+#endif
+
+/* sys_errlist and sys_nerr are deprecated. Use strerror instead. */
+
+#ifdef __USE_BSD
+extern int sys_nerr;
+extern __const char *__const sys_errlist[];
+#endif
+#ifdef __USE_GNU
+extern int _sys_nerr;
+extern __const char *__const _sys_errlist[];
+#endif
diff -urN glibc-2.2.5/glibc-2.2.5/sysdeps/unix/sysv/linux/errlist.c glibc-upstream/sysdeps/unix/sysv/linux/errlist.c
--- glibc-2.2.5/glibc-2.2.5/sysdeps/unix/sysv/linux/errlist.c Mon Jul 9 20:57:07 2001
+++ glibc-upstream/sysdeps/unix/sysv/linux/errlist.c Tue Jun 11 19:40:17 2002@@ -1,4 +1,4 @@
-/* Copyright (C) 1998, 2000 Free Software Foundation, Inc.
+/* Copyright (C) 1998, 2000, 2002 Free Software Foundation, Inc.
This file is part of the GNU C Library.
The GNU C Library is free software; you can redistribute it and/or
@@ -38,10 +38,9 @@
const int __old_sys_nerr = OLD_ERRLIST_SIZE;
strong_alias (__old_sys_nerr, _old_sys_nerr);
-weak_alias (__old_sys_nerr, _old_sys_nerr)
compat_symbol (libc, __old_sys_nerr, _sys_nerr, GLIBC_2_0);
compat_symbol (libc, _old_sys_nerr, sys_nerr, GLIBC_2_0);
-weak_alias (__old_sys_errlist, _old_sys_errlist);
+strong_alias (__old_sys_errlist, _old_sys_errlist);
compat_symbol (libc, __old_sys_errlist, _sys_errlist, GLIBC_2_0);
compat_symbol (libc, _old_sys_errlist, sys_errlist, GLIBC_2_0);
#endif
#! /bin/sh -e
# DP: Fixes security vulnerability in xdr-array.c as reported by CERT
if [ $# -ne 2 ]; then
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
fi
case "$1" in
-patch) patch -d "$2" -f --no-backup-if-mismatch -p0 < $0;;
-unpatch) patch -d "$2" -f --no-backup-if-mismatch -R -p0 < $0;;
*)
echo >&2 "`basename $0`: script expects -patch|-unpatch as argument"
exit 1
esac
exit 0
Hello Folks,
The CERT/CC has been made aware of a buffer overflow vulnerability in
the Sun RPC implementation. The information we have is that this
vulnerability will be discussed this Wednesday at Black Hat.
We are tracking this report as VU#192995. Please include this
reference number in the subject field of any email you send to us
concerning this issue.
Currently available information is included below. We will most
likely release a Vulnerability Note at least, so please provide
status/patch information when possible.
Regards,
- Art
Art Manion +1 412-268-7090
CERT Coordination Center http://www.cert.org/
Software Engineering Institute <cert@cert.org>
Carnegie Mellon University 8FE3 1F95 94BE FDE7 9BEE 9206 D735 ACF5
======================================================================
Sun RPC XDR buffer overflow information
======================================================================
The implementation of xdr_array can be tricked into writing beyond
the buffers it allocated when deserializing the XDR stream.
The number of array elements "c" is taken from the XDR stream and
the required bufferspace is calculated as
nodesize = c * elsize;
("elsize" is specified by the program). Since all variables are
unsigned ints, c*elsize can overflow if elsize > 1.
This results in
*addrp = target = (caddr_t)mem_alloc(nodesize);
allocating too little memory for the unpack loop
for (i = 0; (i < c) && stat; i++) {
stat = (*elproc)(xdrs, target);
target += elsize;
}
And thus a possible heap-overflow.
There are a number of RPC services using xdr_array() with elsize > 1
which are enabled by default and run as root, hence this is a
*buf* security problem.
--- sunrpc/xdr_array.c~ Tue May 21 12:34:05 2002
+++ sunrpc/xdr_array.c Tue May 21 12:33:58 2002
@@ -45,6 +45,7 @@
#include <rpc/types.h>
#include <rpc/xdr.h>
#include <libintl.h>
+#include <limits.h>
#ifdef USE_IN_LIBIO
# include <wchar.h>
@@ -81,7 +82,9 @@
return FALSE;
}
c = *sizep;
- if ((c > maxsize) && (xdrs->x_op != XDR_FREE))
+
+ /* Make sure that "c * elsize" doesn't overflow */
+ if ((c > maxsize || UINT_MAX/elsize < c) && (xdrs->x_op != XDR_FREE))
{
return FALSE;
}
......@@ -201,7 +201,6 @@ $(stamp_unpack): prep.sh
$(SHELL) prep.sh
$(MAKE) -f debian/rules links
$(MAKE) -f debian/rules setperms
ln -s . glibc-$(VERSION)/db/db1
# Stopgap, since memset.S on ppc is broken...
rm -f glibc-$(VERSION)/sysdeps/powerpc/memset.S
touch $@
......
shlib_depend = $(libc) (>= 2.2.4-4)
shlib_depend = $(libc) (>= 2.2.5-13)
debian/libc/DEBIAN/shlibs: debian/rules.d/shlibs.mk $(DEB_HOST_GNU_TYPE)
(cat $(objdir)/soversions.i | while read lib so_ver sym_ver; do \
......@@ -7,7 +7,6 @@ debian/libc/DEBIAN/shlibs: debian/rules.d/shlibs.mk $(DEB_HOST_GNU_TYPE)
line=`echo $$so_ver | awk -F. '{print $$1 " " $$3}'`; \
echo "/lib/$$line $(shlib_depend)"; \
echo "$$line $(shlib_depend)";; \
libdb|libdb1) echo "libdb $$so_ver";; \
*) echo "$$lib $$so_ver $(shlib_depend)";; \
esac; \
done;) > $@; exit 0
......
ifeq ($(DEB_HOST_GNU_CPU),i386)
MIN_KERNEL_SUPPORTED := 2.0.30
else
ifeq ($(DEB_HOST_GNU_CPU),m68k)
MIN_KERNEL_SUPPORTED := 2.0.30
else
MIN_KERNEL_SUPPORTED := 2.2.0
endif
endif
MIN_KERNEL_SUPPORTED := 2.2.0
# XXX: disabled for now
# Sparc and i386 have some optimized libs
......
......@@ -103,5 +103,4 @@ finish() {
# Glibc
unpack glibc-${TARBALL_VERSION}.tar.bz2 in . creating glibc-${TARBALL_VERSION}
overlay glibc-linuxthreads-${TARBALL_VERSION}.tar.bz2 on glibc-${TARBALL_VERSION}
overlay db1-addon-2.1.3.tar.bz2 on glibc-${TARBALL_VERSION}
finish glibc-${TARBALL_VERSION} ./glibc-${VERSION}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment