r4188 - in glibc-package/trunk/debian: . patches/kfreebsd
Author: ps-guest Date: 2010-02-11 10:28:49 + (Thu, 11 Feb 2010) New Revision: 4188 Modified: glibc-package/trunk/debian/changelog glibc-package/trunk/debian/patches/kfreebsd/local-sysdeps.diff Log: * kfreebsd/local-sysdeps.diff: update to revision 2975 (from glibc-bsd). Modified: glibc-package/trunk/debian/changelog === --- glibc-package/trunk/debian/changelog2010-02-10 21:35:04 UTC (rev 4187) +++ glibc-package/trunk/debian/changelog2010-02-11 10:28:49 UTC (rev 4188) @@ -9,7 +9,7 @@ * debian/*symbols*: simplify symbol files by using the new #PACKAGE# feature. * Bump to Standards-Version 3.8.4. - * kfreebsd/local-sysdeps.diff: update to revision 2974 (from glibc-bsd). + * kfreebsd/local-sysdeps.diff: update to revision 2975 (from glibc-bsd). -- Aurelien Jarno aure...@debian.org Mon, 08 Feb 2010 19:20:38 +0100 Modified: glibc-package/trunk/debian/patches/kfreebsd/local-sysdeps.diff === --- glibc-package/trunk/debian/patches/kfreebsd/local-sysdeps.diff 2010-02-10 21:35:04 UTC (rev 4187) +++ glibc-package/trunk/debian/patches/kfreebsd/local-sysdeps.diff 2010-02-11 10:28:49 UTC (rev 4188) @@ -18315,7 +18315,7 @@ +} --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/open.c -@@ -0,0 +1,89 @@ +@@ -0,0 +1,93 @@ +/* Copyright (C) 1999, 2000, 2002 Free Software Foundation, Inc. + This file is part of the GNU C Library. + @@ -18368,6 +18368,9 @@ +LIBC_CANCEL_RESET (oldtype); + } + ++#if 0 ++/* At least 8.0 kernel seems be fine and this workaround does not respect sysctl vfs.timestamp_precision */ ++ + if (fd = 0 (oflag O_TRUNC)) +{ + /* Set the modification time. The kernel ought to do this. */ @@ -18392,6 +18395,7 @@ + } + __set_errno (saved_errno); +} ++#endif + + return fd; +} @@ -18417,7 +18421,7 @@ +strong_alias (__open_2, __open64_2) --- /dev/null +++ b/ports/sysdeps/unix/bsd/bsd4.4/kfreebsd/openat.c -@@ -0,0 +1,312 @@ +@@ -0,0 +1,316 @@ +/* Copyright (C) 2005, 2006, 2007 Free Software Foundation, Inc. + This file is part of the GNU C Library. + @@ -18679,6 +18683,9 @@ +} +#endif + ++#if 0 ++/* At least 8.0 kernel seems be fine and this workaround does not respect sysctl vfs.timestamp_precision */ ++ + if (result = 0 (oflag O_TRUNC)) +{ + /* Set the modification time. The kernel ought to do this. */ @@ -18703,6 +18710,7 @@ + } + __set_errno (saved_errno); +} ++#endif + + return result; +} -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
r4189 - glibc-package/branches/eglibc-2.11/debian/testsuite-checking
Author: sthibault Date: 2010-02-11 12:07:53 + (Thu, 11 Feb 2010) New Revision: 4189 Modified: glibc-package/branches/eglibc-2.11/debian/testsuite-checking/expected-results-i486-gnu-libc Log: fix r4180 by reapplying experimental branch changes Modified: glibc-package/branches/eglibc-2.11/debian/testsuite-checking/expected-results-i486-gnu-libc === --- glibc-package/branches/eglibc-2.11/debian/testsuite-checking/expected-results-i486-gnu-libc 2010-02-11 10:28:49 UTC (rev 4188) +++ glibc-package/branches/eglibc-2.11/debian/testsuite-checking/expected-results-i486-gnu-libc 2010-02-11 12:07:53 UTC (rev 4189) @@ -19,6 +19,8 @@ annexc.out, Error 1 (ignored) bug-glob2.out, Error 1 bug-ulimit1.out, Error 1 +check-execstack.out, Error 1 +check-textrel.out, Error 1 check-local-headers.out, Error 1 check-localplt.out, Error 1 mtrace-tst-loading, Error 1 @@ -26,7 +28,9 @@ test-assert-perr.out, Error 1 test-assert.out, Error 1 test-fenv.out, Error 1 +test-idouble.out, Error 139 test-ifaddrs.out, Error 1 +test-ifloat.out, Error 139 test-lfs.out, Error 1 test-memmem, Error 1 tst-aio10.out, Error 1 @@ -56,6 +60,7 @@ tst-lfschk4.out, Error 1 tst-lfschk5.out, Error 1 tst-lfschk6.out, Error 1 +tst-longjmp_chk2.out, Error 1 tst-mknodat.out, Error 1 tst-renameat.out, Error 1 tst-sprofil.out, Error 136 -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
r4190 - in glibc-package/branches/eglibc-2.11/debian: . patches patches/hppa
Author: aurel32 Date: 2010-02-11 13:58:15 + (Thu, 11 Feb 2010) New Revision: 4190 Added: glibc-package/branches/eglibc-2.11/debian/patches/hppa/local-lowlevellock.diff Modified: glibc-package/branches/eglibc-2.11/debian/changelog glibc-package/branches/eglibc-2.11/debian/patches/series Log: * Add debian/patches/mips/local-lowlevellock.diff to fix the testsuite on hppa. Modified: glibc-package/branches/eglibc-2.11/debian/changelog === --- glibc-package/branches/eglibc-2.11/debian/changelog 2010-02-11 12:07:53 UTC (rev 4189) +++ glibc-package/branches/eglibc-2.11/debian/changelog 2010-02-11 13:58:15 UTC (rev 4190) @@ -62,6 +62,8 @@ * Reenable the testsuite on mips/mipsel build daemons. * Add debian/patches/arm/local-atomic.diff to fix the testsuite on arm. * Add debian/patches/hppa/local-longjmp-chk.diff to fix FTBFS on hppa. + * Add debian/patches/mips/local-lowlevellock.diff to fix the testsuite +on hppa. [ Samuel Thibault ] * debian/patches/hurd-i386/submitted-rtld_lock_recursive.diff: New patch to @@ -78,7 +80,7 @@ * Add kfreebsd/local-dosavesse.diff, which does not work, so rather use also added kfreebsd/local-nosavesse.diff - -- Aurelien Jarno aure...@debian.org Tue, 09 Feb 2010 23:24:46 +0100 + -- Aurelien Jarno aure...@debian.org Thu, 11 Feb 2010 14:57:51 +0100 eglibc (2.10.2-7) UNRELEASED; urgency=low Added: glibc-package/branches/eglibc-2.11/debian/patches/hppa/local-lowlevellock.diff === --- glibc-package/branches/eglibc-2.11/debian/patches/hppa/local-lowlevellock.diff (rev 0) +++ glibc-package/branches/eglibc-2.11/debian/patches/hppa/local-lowlevellock.diff 2010-02-11 13:58:15 UTC (rev 4190) @@ -0,0 +1,29 @@ +2010-02-11 Aurelien Jarno aurel...@aurel32.net + + * sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.h: remove + useless sysdep.h include. Move tls.h include to... + * sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.c: here. + +--- a/ports/sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.c b/ports/sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.c +@@ -22,6 +22,7 @@ + #include sysdep.h + #include lowlevellock.h + #include sys/time.h ++#include tls.h /* Need THREAD_*, and header.*. */ + + void + __lll_lock_wait (lll_lock_t *futex, int private) +--- a/ports/sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.h b/ports/sysdeps/unix/sysv/linux/hppa/nptl/lowlevellock.h +@@ -22,10 +22,8 @@ + #include time.h + #include sys/param.h + #include bits/pthreadtypes.h +-#include sysdep.h + #include atomic.h + #include kernel-features.h /* Need __ASSUME_PRIVATE_FUTEX. */ +-#include tls.h /* Need THREAD_*, and header.*. */ + + /* HPPA only has one atomic read and modify memory operation, +load and clear, so hppa uses a kernel helper routine to implement Modified: glibc-package/branches/eglibc-2.11/debian/patches/series === --- glibc-package/branches/eglibc-2.11/debian/patches/series2010-02-11 12:07:53 UTC (rev 4189) +++ glibc-package/branches/eglibc-2.11/debian/patches/series2010-02-11 13:58:15 UTC (rev 4190) @@ -79,6 +79,7 @@ hppa/local-_dl_fptr_init.diff hppa/local-ELF_MACHINE_BEFORE_RTLD_RELOC.diff hppa/local-longjmp-chk.diff +hppa/local-lowlevellock.diff hurd-i386/local-dl-dynamic-weak.diff hurd-i386/local-enable-ldconfig.diff -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
r4191 - glibc-package/branches/eglibc-2.11/debian
Author: schizo Date: 2010-02-11 15:18:26 + (Thu, 11 Feb 2010) New Revision: 4191 Modified: glibc-package/branches/eglibc-2.11/debian/changelog Log: changelog thinko Modified: glibc-package/branches/eglibc-2.11/debian/changelog === --- glibc-package/branches/eglibc-2.11/debian/changelog 2010-02-11 13:58:15 UTC (rev 4190) +++ glibc-package/branches/eglibc-2.11/debian/changelog 2010-02-11 15:18:26 UTC (rev 4191) @@ -62,7 +62,7 @@ * Reenable the testsuite on mips/mipsel build daemons. * Add debian/patches/arm/local-atomic.diff to fix the testsuite on arm. * Add debian/patches/hppa/local-longjmp-chk.diff to fix FTBFS on hppa. - * Add debian/patches/mips/local-lowlevellock.diff to fix the testsuite + * Add debian/patches/hppa/local-lowlevellock.diff to fix the testsuite on hppa. [ Samuel Thibault ] -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#563637: improvements from Ubuntu to handle compiler hardening better
Hi Aurelien, On Sun, Feb 07, 2010 at 02:13:08PM +0100, Aurelien Jarno wrote: I would like to include the following patches that Ubuntu has carried for several releases now. (Note that submitted-leading-zero-stack-guard.diff will need to be adjusted slightly if stack-guard-quick-randomization.diff is not applied.) I have applied the two stack protection patches in the Debian package, but not the two other ones. See my comments below. Excellent, thanks! no-sprintf-pre-truncate.diff The sprintf function used when -D_FORTIFY_SOURCE=2 is used incorrectly pre-truncates the destination buffer; this changes the long-standing expectation of sprintf(foo,%sbaz,foo) to work. See the patch for further discussion. As explained in the bug report, this code is not valid anyway. If we want people to fix their code, we should not workaround the issue. Also I am not able to evaluate the impact on the fix, and don't know if it may introduce a security bug. Right, it's incorrect, but around 200 packages[1] use it and expect the prior behavior. I don't feel there is a security issue here, but I can respect not wanting to change it. 200 is a pretty small number of packages compared to the overall size of the archive. Perhaps I can re-scan the archive and actually do the mass bug filing. local-fwrite-no-attr-unused.diff Again, patch contains discussion, but basically, this disables a useless and noisy warning that -D_FORTIFY_SOURCE=2 triggers. I think people should either not use -D_FORTIFY_SOURCE=2 or fix their code. This is a warning anyway. I agree an error can happens up to the fclose() call, but it's not an excuse to not check possible errors at the fwrite() level. The real bug is actually that fclose() is not marked __wur, and that's probably what has to be fixed. Yeah, I would tend to agree. The main glitch was that there is no compiler option to turn off the warning. :( Thanks for reviewing the patches! -Kees [1] http://lists.debian.org/debian-devel/2008/12/msg01079.html -- Kees Cook@debian.org -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#569517: libc6-dev: sys/stat.h should provide S_ISSOCK with sufficiently recent _POSIX_C_SOURCE
Package: libc6-dev Version: 2.10.2-6 Severity: wishlist File issock.c: #include sys/stat.h int foo(mode_t mode) { return S_ISSOCK(mode); } int main(int argc, char *argv[]) { return foo(0); } Compilation results: $ gcc -std=c99 -D_POSIX_C_SOURCE=200112L -o issock issock.c issock.c: In function ‘foo’: issock.c:2: warning: implicit declaration of function ‘S_ISSOCK’ /tmp/ccUoCGe4.o: In function `foo': issock.c:(.text+0x16): undefined reference to `S_ISSOCK' collect2: ld returned 1 exit status $ gcc -std=c99 -D_POSIX_C_SOURCE=200809L -o issock issock.c issock.c: In function ‘foo’: issock.c:2: warning: implicit declaration of function ‘S_ISSOCK’ /tmp/ccsSvaAx.o: In function `foo': issock.c:(.text+0x16): undefined reference to `S_ISSOCK' collect2: ld returned 1 exit status Using gcc -E -dM, it is possible to observe that S_ISSOCK does not get defined as a macro at any point. With -D_GNU_SOURCE or no feature test macros at all, issock.c compiles fine. /usr/include/sys/stat.h on my machine has at line 146: #if (defined __USE_BSD || defined __USE_UNIX98) \ defined __S_IFSOCK # define S_ISSOCK(mode) __S_ISTYPE((mode), __S_IFSOCK) #endif This seems to be along the lines of only defining S_ISSOCK when BSD or X/Open features are being selected (my glance at __USE_UNIX98 yielded vague understanding at best), but according to [1], POSIX:2001 declares that sys/stat.h defines the macro S_ISSOCK without any extension tags (such as the XSI tag), which would seem to me to make it a POSIX feature. [1] http://www.opengroup.org/onlinepubs/95399/basedefs/sys/stat.h.html --- Drake Wilson -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (990, 'unstable'), (500, 'testing'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.29-1-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages libc6-dev depends on: ii libc-dev-bin 2.10.2-6 Embedded GNU C Library: Developmen ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib ii linux-libc-dev2.6.32-6 Linux support headers for userspac Versions of packages libc6-dev recommends: ii gcc [c-compiler] 4:4.4.2-3 The GNU C compiler ii gcc-3.4 [c-compiler] 3.4.6-10 The GNU C compiler ii gcc-4.3 [c-compiler] 4.3.4-6The GNU C compiler ii gcc-4.4 [c-compiler] 4.4.3-2The GNU C compiler Versions of packages libc6-dev suggests: ii glibc-doc 2.10.2-5 Embedded GNU C Library: Documentat ii manpages-dev 3.23-1 Manual pages about using GNU/Linux -- no debconf information -- To UNSUBSCRIBE, email to debian-glibc-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org