Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: "Mike Frysinger (vapier)" <vapier@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] gentoo commit in src/patchsets/glibc/2.22: 00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch 00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch 00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch 00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch README.history
Date: Wed, 30 Mar 2016 21:13:15
Message-Id: 20160330211308.1EEC986C@oystercatcher.gentoo.org
1 vapier 16/03/30 21:13:08
2
3 Modified: README.history
4 Added:
5 00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch
6 00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch
7 00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch
8 00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch
9 Log:
10 more upstream fixes
11
12 Revision Changes Path
13 1.13 src/patchsets/glibc/2.22/README.history
14
15 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/README.history?rev=1.13&view=markup
16 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/README.history?rev=1.13&content-type=text/plain
17 diff : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/README.history?r1=1.12&r2=1.13
18
19 Index: README.history
20 ===================================================================
21 RCS file: /var/cvsroot/gentoo/src/patchsets/glibc/2.22/README.history,v
22 retrieving revision 1.12
23 retrieving revision 1.13
24 diff -u -r1.12 -r1.13
25 --- README.history 7 Mar 2016 17:59:32 -0000 1.12
26 +++ README.history 30 Mar 2016 21:13:08 -0000 1.13
27 @@ -1,3 +1,9 @@
28 +12 30 Mar 2016
29 + + 00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch
30 + + 00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch
31 + + 00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch
32 + + 00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch
33 +
34 11 07 Mar 2016
35 + 00_all_0041-CVE-2015-7547-getaddrinfo-stack-based-buffer-overflo.patch
36 + 00_all_0042-powerpc-Enforce-compiler-barriers-on-hardware-transa.patch
37
38
39
40 1.1 src/patchsets/glibc/2.22/00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch
41
42 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch?rev=1.1&view=markup
43 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch?rev=1.1&content-type=text/plain
44
45 Index: 00_all_0046-Fix-x86_64-fma4-pow-inappropriate-contraction-bug-19.patch
46 ===================================================================
47 From 209606141fb74f9bfa8ad4ca56900077f0cad2b7 Mon Sep 17 00:00:00 2001
48 From: Joseph Myers <joseph@××××××××××××.com>
49 Date: Thu, 24 Sep 2015 16:48:32 +0000
50 Subject: [PATCH] Fix x86_64 fma4 pow inappropriate contraction (bug 19003).
51
52 The x86_64 fma4 version of pow fails to disable contraction of
53 operations other than those explicitly intended to use fma
54 instructions, so resulting in large ulps errors on processors with
55 fma4 instructions, as in bug 18104 (165ulp for the test added for that
56 bug; error originally reported by "blaaa" on #glibc). This patch adds
57 $(config-cflags-nofma) for e_pow-fma4.c, corresponding to the use for
58 e_pow.c in sysdeps/ieee754/dbl-64/Makefile.
59
60 Tested for x86_64 on a processor with fma4.
61
62 [BZ #19003]
63 * sysdeps/x86_64/fpu/multiarch/Makefile (CFLAGS-e_pow-fma4.c): Add
64 $(config-cflags-nofma).
65
66 (cherry picked from commit 51df2605064a2bfd44fa0655ef9815812347de80)
67 (cherry picked from commit c95a56e2a8b16eeb911eed5c1bdc8fd26f337f4d)
68 ---
69 sysdeps/x86_64/fpu/multiarch/Makefile | 2 +-
70 1 file changed, 1 insertion(+), 1 deletion(-)
71
72 diff --git a/sysdeps/x86_64/fpu/multiarch/Makefile b/sysdeps/x86_64/fpu/multiarch/Makefile
73 index 86ea473..631534a 100644
74 --- a/sysdeps/x86_64/fpu/multiarch/Makefile
75 +++ b/sysdeps/x86_64/fpu/multiarch/Makefile
76 @@ -16,7 +16,7 @@ CFLAGS-e_asin-fma4.c = -mfma4
77 CFLAGS-e_atan2-fma4.c = -mfma4
78 CFLAGS-e_exp-fma4.c = -mfma4
79 CFLAGS-e_log-fma4.c = -mfma4
80 -CFLAGS-e_pow-fma4.c = -mfma4
81 +CFLAGS-e_pow-fma4.c = -mfma4 $(config-cflags-nofma)
82 CFLAGS-halfulp-fma4.c = -mfma4
83 CFLAGS-mpa-fma4.c = -mfma4
84 CFLAGS-mpatan-fma4.c = -mfma4
85 --
86 2.7.4
87
88
89
90
91 1.1 src/patchsets/glibc/2.22/00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch
92
93 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch?rev=1.1&view=markup
94 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch?rev=1.1&content-type=text/plain
95
96 Index: 00_all_0047-Use-PIC-relocation-in-ALIAS_IMPL.patch
97 ===================================================================
98 From 3ffe1a9e559b88ed2c1096a798cec5fb17194e99 Mon Sep 17 00:00:00 2001
99 From: Andrew Senkevich <andrew.senkevich@×××××.com>
100 Date: Wed, 17 Feb 2016 14:23:32 -0800
101 Subject: [PATCH] Use PIC relocation in ALIAS_IMPL
102
103 Since libmvec_nonshared.a may be linked into shared objects, ALIAS_IMPL
104 should use PIC relocation.
105
106 [BZ #19590]
107 * sysdeps/x86_64/fpu/svml_finite_alias.S (ALIAS_IMPL): Use PIC
108 relocation.
109
110 (cherry picked from commit a5df3210a641c175138052037fcdad34298bfa4d)
111 (cherry picked from commit 2b8ab5c3f618e4d9e0a9147c24f8cf6bbf35a1d8)
112 ---
113 sysdeps/x86_64/fpu/svml_finite_alias.S | 3 +--
114 1 file changed, 1 insertion(+), 2 deletions(-)
115
116 diff --git a/sysdeps/x86_64/fpu/svml_finite_alias.S b/sysdeps/x86_64/fpu/svml_finite_alias.S
117 index f8bcfeb..aed1661 100644
118 --- a/sysdeps/x86_64/fpu/svml_finite_alias.S
119 +++ b/sysdeps/x86_64/fpu/svml_finite_alias.S
120 @@ -23,8 +23,7 @@
121
122 #define ALIAS_IMPL(alias, target) \
123 ENTRY (alias); \
124 - call target; \
125 - ret; \
126 + jmp *target@GOTPCREL(%rip); \
127 END (alias)
128
129 .text
130 --
131 2.7.4
132
133
134
135
136 1.1 src/patchsets/glibc/2.22/00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch
137
138 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch?rev=1.1&view=markup
139 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch?rev=1.1&content-type=text/plain
140
141 Index: 00_all_0048-Fix-resource-leak-in-resolver-bug-19257.patch
142 ===================================================================
143 From 066bfd462534b7141aaaac23aadc5c0ec3e4e7f3 Mon Sep 17 00:00:00 2001
144 From: Andreas Schwab <schwab@××××.de>
145 Date: Wed, 18 Nov 2015 15:45:59 +0100
146 Subject: [PATCH] Fix resource leak in resolver (bug 19257)
147
148 The number of currently defined nameservers is stored in ->nscount,
149 whereas ->_u._ext.nscount is set by __libc_res_nsend only after local
150 initializations.
151
152 (cherry picked from commit 5e7fdabd7df1fc6c56d104e61390bf5a6b526c38)
153 (cherry picked from commit e5d560e0e7f621b5cde4bcbbac424f8b2742395a)
154 ---
155 resolv/res_init.c | 2 +-
156 1 file changed, 1 insertion(+), 1 deletion(-)
157
158 diff --git a/resolv/res_init.c b/resolv/res_init.c
159 index 66561ff..77873c1 100644
160 --- a/resolv/res_init.c
161 +++ b/resolv/res_init.c
162 @@ -593,7 +593,7 @@ __res_iclose(res_state statp, bool free_addr) {
163 statp->_vcsock = -1;
164 statp->_flags &= ~(RES_F_VC | RES_F_CONN);
165 }
166 - for (ns = 0; ns < statp->_u._ext.nscount; ns++)
167 + for (ns = 0; ns < statp->nscount; ns++)
168 if (statp->_u._ext.nsaddrs[ns]) {
169 if (statp->_u._ext.nssocks[ns] != -1) {
170 close_not_cancel_no_status(statp->_u._ext.nssocks[ns]);
171 --
172 2.7.4
173
174
175
176
177 1.1 src/patchsets/glibc/2.22/00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch
178
179 file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch?rev=1.1&view=markup
180 plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/glibc/2.22/00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch?rev=1.1&content-type=text/plain
181
182 Index: 00_all_0049-resolv-Always-set-resplen2-out-parameter-in-send_dg-.patch
183 ===================================================================
184 From b286c83dcbd06314859bf86319782611c81e283d Mon Sep 17 00:00:00 2001
185 From: Florian Weimer <fweimer@××××××.com>
186 Date: Fri, 25 Mar 2016 11:49:51 +0100
187 Subject: [PATCH] resolv: Always set *resplen2 out parameter in send_dg [BZ
188 #19791]
189
190 Since commit 44d20bca52ace85850012b0ead37b360e3ecd96e (Implement
191 second fallback mode for DNS requests), there is a code path which
192 returns early, before *resplen2 is initialized. This happens if the
193 name server address is immediately recognized as invalid (because of
194 lack of protocol support, or if it is a broadcast address such
195 255.255.255.255, or another invalid address).
196
197 If this happens and *resplen2 was non-zero (which is the case if a
198 previous query resulted in a failure), __libc_res_nquery would reuse
199 an existing second answer buffer. This answer has been previously
200 identified as unusable (for example, it could be an NXDOMAIN
201 response). Due to the presence of a second answer, no name server
202 switching will occur. The result is a name resolution failure,
203 although a successful resolution would have been possible if name
204 servers have been switched and queries had proceeded along the search
205 path.
206
207 The above paragraph still simplifies the situation. Before glibc
208 2.23, if the second answer needed malloc, the stub resolver would
209 still attempt to reuse the second answer, but this is not possible
210 because __libc_res_nsearch has freed it, after the unsuccessful call
211 to __libc_res_nquerydomain, and set the buffer pointer to NULL. This
212 eventually leads to an assertion failure in __libc_res_nquery:
213
214 /* Make sure both hp and hp2 are defined */
215 assert((hp != NULL) && (hp2 != NULL));
216
217 If assertions are disabled, the consequence is a NULL pointer
218 dereference on the next line.
219
220 Starting with glibc 2.23, as a result of commit
221 e9db92d3acfe1822d56d11abcea5bfc4c41cf6ca (CVE-2015-7547: getaddrinfo()
222 stack-based buffer overflow (Bug 18665)), the second answer is always
223 allocated with malloc. This means that the assertion failure happens
224 with small responses as well because there is no buffer to reuse, as
225 soon as there is a name resolution failure which triggers a search for
226 an answer along the search path.
227
228 This commit addresses the issue by ensuring that *resplen2 is
229 initialized before the send_dg function returns.
230
231 This commit also addresses a bug where an invalid second reply is
232 incorrectly returned as a valid to the caller.
233
234 (cherry picked from commit b66d837bb5398795c6b0f651bd5a5d66091d8577)
235 (cherry picked from commit 5a1a5f0dd2744044801c91bf2588444c29cda533)
236 ---
237 resolv/res_send.c | 63 +++++++++++++++++++++++++++++++++++--------------------
238 1 file changed, 40 insertions(+), 23 deletions(-)
239
240 diff --git a/resolv/res_send.c b/resolv/res_send.c
241 index 6511bb1..0add3d2 100644
242 --- a/resolv/res_send.c
243 +++ b/resolv/res_send.c
244 @@ -657,6 +657,18 @@ get_nsaddr (res_state statp, int n)
245 return (struct sockaddr *) (void *) &statp->nsaddr_list[n];
246 }
247
248 +/* Close the resolver structure, assign zero to *RESPLEN2 if RESPLEN2
249 + is not NULL, and return zero. */
250 +static int
251 +__attribute__ ((warn_unused_result))
252 +close_and_return_error (res_state statp, int *resplen2)
253 +{
254 + __res_iclose(statp, false);
255 + if (resplen2 != NULL)
256 + *resplen2 = 0;
257 + return 0;
258 +}
259 +
260 /* The send_vc function is responsible for sending a DNS query over TCP
261 to the nameserver numbered NS from the res_state STATP i.e.
262 EXT(statp).nssocks[ns]. The function supports sending both IPv4 and
263 @@ -1159,7 +1171,11 @@ send_dg(res_state statp,
264 retry_reopen:
265 retval = reopen (statp, terrno, ns);
266 if (retval <= 0)
267 - return retval;
268 + {
269 + if (resplen2 != NULL)
270 + *resplen2 = 0;
271 + return retval;
272 + }
273 retry:
274 evNowTime(&now);
275 evConsTime(&timeout, seconds, 0);
276 @@ -1172,8 +1188,6 @@ send_dg(res_state statp,
277 int recvresp2 = buf2 == NULL;
278 pfd[0].fd = EXT(statp).nssocks[ns];
279 pfd[0].events = POLLOUT;
280 - if (resplen2 != NULL)
281 - *resplen2 = 0;
282 wait:
283 if (need_recompute) {
284 recompute_resend:
285 @@ -1181,9 +1195,7 @@ send_dg(res_state statp,
286 if (evCmpTime(finish, now) <= 0) {
287 poll_err_out:
288 Perror(statp, stderr, "poll", errno);
289 - err_out:
290 - __res_iclose(statp, false);
291 - return (0);
292 + return close_and_return_error (statp, resplen2);
293 }
294 evSubTime(&timeout, &finish, &now);
295 need_recompute = 0;
296 @@ -1230,7 +1242,9 @@ send_dg(res_state statp,
297 }
298
299 *gotsomewhere = 1;
300 - return (0);
301 + if (resplen2 != NULL)
302 + *resplen2 = 0;
303 + return 0;
304 }
305 if (n < 0) {
306 if (errno == EINTR)
307 @@ -1298,7 +1312,7 @@ send_dg(res_state statp,
308
309 fail_sendmmsg:
310 Perror(statp, stderr, "sendmmsg", errno);
311 - goto err_out;
312 + return close_and_return_error (statp, resplen2);
313 }
314 }
315 else
316 @@ -1316,7 +1330,7 @@ send_dg(res_state statp,
317 if (errno == EINTR || errno == EAGAIN)
318 goto recompute_resend;
319 Perror(statp, stderr, "send", errno);
320 - goto err_out;
321 + return close_and_return_error (statp, resplen2);
322 }
323 just_one:
324 if (nwritten != 0 || buf2 == NULL || single_request)
325 @@ -1394,7 +1408,7 @@ send_dg(res_state statp,
326 goto wait;
327 }
328 Perror(statp, stderr, "recvfrom", errno);
329 - goto err_out;
330 + return close_and_return_error (statp, resplen2);
331 }
332 *gotsomewhere = 1;
333 if (__glibc_unlikely (*thisresplenp < HFIXEDSZ)) {
334 @@ -1405,7 +1419,7 @@ send_dg(res_state statp,
335 (stdout, ";; undersized: %d\n",
336 *thisresplenp));
337 *terrno = EMSGSIZE;
338 - goto err_out;
339 + return close_and_return_error (statp, resplen2);
340 }
341 if ((recvresp1 || hp->id != anhp->id)
342 && (recvresp2 || hp2->id != anhp->id)) {
343 @@ -1454,7 +1468,7 @@ send_dg(res_state statp,
344 ? *thisanssizp : *thisresplenp);
345 /* record the error */
346 statp->_flags |= RES_F_EDNS0ERR;
347 - goto err_out;
348 + return close_and_return_error (statp, resplen2);
349 }
350 #endif
351 if (!(statp->options & RES_INSECURE2)
352 @@ -1506,10 +1520,10 @@ send_dg(res_state statp,
353 goto wait;
354 }
355
356 - __res_iclose(statp, false);
357 /* don't retry if called from dig */
358 if (!statp->pfcode)
359 - return (0);
360 + return close_and_return_error (statp, resplen2);
361 + __res_iclose(statp, false);
362 }
363 if (anhp->rcode == NOERROR && anhp->ancount == 0
364 && anhp->aa == 0 && anhp->ra == 0 && anhp->arcount == 0) {
365 @@ -1531,6 +1545,8 @@ send_dg(res_state statp,
366 __res_iclose(statp, false);
367 // XXX if we have received one reply we could
368 // XXX use it and not repeat it over TCP...
369 + if (resplen2 != NULL)
370 + *resplen2 = 0;
371 return (1);
372 }
373 /* Mark which reply we received. */
374 @@ -1546,21 +1562,22 @@ send_dg(res_state statp,
375 __res_iclose (statp, false);
376 retval = reopen (statp, terrno, ns);
377 if (retval <= 0)
378 - return retval;
379 + {
380 + if (resplen2 != NULL)
381 + *resplen2 = 0;
382 + return retval;
383 + }
384 pfd[0].fd = EXT(statp).nssocks[ns];
385 }
386 }
387 goto wait;
388 }
389 - /*
390 - * All is well, or the error is fatal. Signal that the
391 - * next nameserver ought not be tried.
392 - */
393 + /* All is well. We have received both responses (if
394 + two responses were requested). */
395 return (resplen);
396 - } else if (pfd[0].revents & (POLLERR | POLLHUP | POLLNVAL)) {
397 - /* Something went wrong. We can stop trying. */
398 - goto err_out;
399 - }
400 + } else if (pfd[0].revents & (POLLERR | POLLHUP | POLLNVAL))
401 + /* Something went wrong. We can stop trying. */
402 + return close_and_return_error (statp, resplen2);
403 else {
404 /* poll should not have returned > 0 in this case. */
405 abort ();
406 --
407 2.7.4
Report Message
Find on MARC Find on Google Groups