[glibc] - Fix DoS in RPC implementation (#767693) - Remove deprecated alpha support. - Remove redundan
Jeffrey Law
law at fedoraproject.org
Tue Jun 5 17:35:13 UTC 2012
commit 77881379e907df7f4a51e977b5e47bf58485ef27
Author: Jeff Law <law at redhat.com>
Date: Tue Jun 5 11:35:03 2012 -0600
- Fix DoS in RPC implementation (#767693)
- Remove deprecated alpha support.
- Remove redundant hunk from patch. (#823905)
glibc-rh767693-2.patch | 76 ++++++++++++++++++++++++++++++++++++++++++++++++
glibc-rh823905.patch | 11 -------
glibc.spec | 22 +++++++------
3 files changed, 88 insertions(+), 21 deletions(-)
---
diff --git a/glibc-rh767693-2.patch b/glibc-rh767693-2.patch
new file mode 100644
index 0000000..97d3658
--- /dev/null
+++ b/glibc-rh767693-2.patch
@@ -0,0 +1,76 @@
+diff -rup a/sunrpc/svc_tcp.c b/sunrpc/svc_tcp.c
+--- a/sunrpc/svc_tcp.c 2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_tcp.c 2012-06-05 11:30:09.948733571 -0600
+@@ -44,6 +44,7 @@
+ #include <sys/poll.h>
+ #include <errno.h>
+ #include <stdlib.h>
++#include <time.h>
+
+ #include <wchar.h>
+ #include <libio/iolibio.h>
+@@ -247,6 +248,11 @@ again:
+ {
+ if (errno == EINTR)
+ goto again;
++ if (errno == EMFILE)
++ {
++ struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++ __nanosleep(&ts , NULL);
++ }
+ return FALSE;
+ }
+ /*
+diff -rup a/sunrpc/svc_udp.c b/sunrpc/svc_udp.c
+--- a/sunrpc/svc_udp.c 2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_udp.c 2012-06-05 11:30:09.948733571 -0600
+@@ -40,6 +40,7 @@
+ #include <sys/socket.h>
+ #include <errno.h>
+ #include <libintl.h>
++#include <time.h>
+
+ #ifdef IP_PKTINFO
+ #include <sys/uio.h>
+@@ -277,8 +278,16 @@ again:
+ (int) su->su_iosz, 0,
+ (struct sockaddr *) &(xprt->xp_raddr), &len);
+ xprt->xp_addrlen = len;
+- if (rlen == -1 && errno == EINTR)
+- goto again;
++ if (rlen == -1)
++ {
++ if (errno == EINTR)
++ goto again;
++ if (errno == EMFILE)
++ {
++ struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++ __nanosleep(&ts , NULL);
++ }
++ }
+ if (rlen < 16) /* < 4 32-bit ints? */
+ return FALSE;
+ xdrs->x_op = XDR_DECODE;
+diff -rup a/sunrpc/svc_unix.c b/sunrpc/svc_unix.c
+--- a/sunrpc/svc_unix.c 2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_unix.c 2012-06-05 11:30:36.495612770 -0600
+@@ -46,6 +46,7 @@
+ #include <errno.h>
+ #include <stdlib.h>
+ #include <libintl.h>
++#include <time.h>
+ #include <wchar.h>
+
+ /*
+@@ -244,6 +245,11 @@ again:
+ {
+ if (errno == EINTR)
+ goto again;
++ if (errno == EMFILE)
++ {
++ struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++ __nanosleep(&ts , NULL);
++ }
+ return FALSE;
+ }
+ /*
diff --git a/glibc-rh823905.patch b/glibc-rh823905.patch
index ed9c4c9..c0a0e01 100644
--- a/glibc-rh823905.patch
+++ b/glibc-rh823905.patch
@@ -12,14 +12,3 @@ index 25a9be0..6f758eb 100644
|| (res = __ibm930db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
{ \
-@@ -215,7 +216,8 @@ enum
- while (ch > rp2->end) \
- ++rp2; \
- \
-- if (__builtin_expect (ch < rp2->start, 0) \
-+ if (__builtin_expect (rp2->start == 0xffff, 0) \
-+ || __builtin_expect (ch < rp2->start, 0) \
- || (cp = __ucs4_to_ibm930db[ch + rp2->idx], \
- __builtin_expect (cp[0], L'\1')== L'\0' && ch != '\0')) \
- { \
-
diff --git a/glibc.spec b/glibc.spec
index 603d09a..0e6467e 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -28,7 +28,7 @@
Summary: The GNU libc libraries
Name: glibc
Version: %{glibcversion}
-Release: 8%{?dist}
+Release: 9%{?dist}
# GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
# Things that are linked directly into dynamically linked programs
# and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -176,6 +176,9 @@ Patch2035: %{name}-rh819430.patch
# Upstream BZ 14134
Patch2036: %{name}-rh823905.patch
+# See http://sourceware.org/ml/libc-alpha/2012-06/msg00074.html
+Patch2037: %{name}-rh767693-2.patch
+
Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
Obsoletes: glibc-profile < 2.4
Obsoletes: nss_db
@@ -427,11 +430,11 @@ rm -rf %{glibcportsdir}
%patch0035 -p1
%patch2035 -p1
%patch2036 -p1
+%patch2037 -p1
# A lot of programs still misuse memcpy when they have to use
# memmove. The memcpy implementation below is not tolerant at
# all.
-rm -f sysdeps/alpha/alphaev6/memcpy.S
%if %{buildpower6}
# On powerpc32, hp timing is only available in power4/power6
# libs, not in base, so pre-power4 dynamic linker is incompatible
@@ -458,9 +461,6 @@ BuildFlags="$BuildFlags -mno-tls-direct-seg-refs"
%ifarch x86_64
BuildFlags="-mtune=generic"
%endif
-%ifarch alphaev6
-BuildFlags="-mcpu=ev6"
-%endif
%ifarch sparc
BuildFlags="-fcall-used-g6"
GCC="gcc -m32"
@@ -997,9 +997,6 @@ cat debuginfocommon.sources >> debuginfo.filelist
%ifarch %{ix86}
%define basearch i686
%endif
-%ifarch alpha alphaev6
-%define basearch alpha
-%endif
%ifarch sparc sparcv9
%define basearch sparc
%endif
@@ -1303,9 +1300,14 @@ rm -f *.filelist*
%endif
%changelog
+* Tue Jun 5 2012 Jeff Law <law at redhat.com> - 2.15.90-9
+ - Fix DoS in RPC implementation (#767693)
+ - Remove deprecated alpha support.
+ - Remove redundant hunk from patch. (#823905)
+
* Fri Jun 1 2012 Patsy Franklin <patsy at redhat.com> - 2.15.90-8
- - Fix iconv() segfault when the invalid multibyte character 0xffff is input when
- converting from IBM930 (823905)
+ - Fix iconv() segfault when the invalid multibyte character 0xffff is input
+ when converting from IBM930 (#823905)
* Fri Jun 1 2012 Jeff Law <law at redhat.com> - 2.15.90-7
- Resync with upstream sources. (#827040)
More information about the scm-commits
mailing list