This is an automated email from the git hooks/post-receive script.
aurel32 pushed a commit to branch sid
in repository glibc.
commit 82a888594125b1d05bed4092b23af44fc23907a2
Author: Aurelien Jarno <aurel...@aurel32.net>
Date: Sat Jan 13 16:14:06 2018 +0100
debian/patches/git-updates.diff: update from upstream stable branch:
* debian/patches/git-updates.diff: update from upstream stable branch:
- Fix a buffer underflow in getcwd() (CVE-2018-1000001). Closes:
#887001.
---
debian/changelog | 3 +
debian/patches/git-updates.diff | 137 ++++++++++++++++++++++++++++++++++++++--
2 files changed, 136 insertions(+), 4 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index f72b868..f1cebf4 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,9 @@ glibc (2.26-4) UNRELEASED; urgency=medium
the multilib flavours, simplify the mips* entries into mips*, mips be and
mips le, instead of trying to keep all the flavours in sync. Remove
XFAILs for tests that have been fixed.
+ * debian/patches/git-updates.diff: update from upstream stable branch:
+ - Fix a buffer underflow in getcwd() (CVE-2018-1000001). Closes:
+ #887001.
-- Aurelien Jarno <aure...@debian.org> Fri, 12 Jan 2018 22:26:33 +0100
diff --git a/debian/patches/git-updates.diff b/debian/patches/git-updates.diff
index be70c25..532da88 100644
--- a/debian/patches/git-updates.diff
+++ b/debian/patches/git-updates.diff
@@ -1,10 +1,19 @@
GIT update of https://sourceware.org/git/glibc.git/release/2.26/master from
glibc-2.26
diff --git a/ChangeLog b/ChangeLog
-index 8dbfc7eaff..efc8395ebb 100644
+index 8dbfc7eaff..98ef90f461 100644
--- a/ChangeLog
+++ b/ChangeLog
-@@ -1,3 +1,1136 @@
+@@ -1,3 +1,1146 @@
++2018-01-12 Dmitry V. Levin <l...@altlinux.org>
++
++ [BZ #22679]
++ CVE-2018-1000001
++ * sysdeps/unix/sysv/linux/getcwd.c (__getcwd): Fall back to
++ generic_getcwd if the path returned by getcwd syscall is not absolute.
++ * io/tst-getcwd-abspath.c: New test.
++ * io/Makefile (tests): Add tst-getcwd-abspath.
++
+2017-12-19 Adhemerval Zanella <adhemerval.zane...@linaro.org>
+ James Clarke <jrt...@jrtc27.com>
+
@@ -981,6 +990,7 @@ index 8dbfc7eaff..efc8395ebb 100644
+
+2017-09-01 Florian Weimer <fwei...@redhat.com>
+
++ [BZ #20532]
+ * sysdeps/posix/getaddrinfo.c (gaih_inet): Make reporting of NSS
+ function lookup failures more reliable.
+
@@ -1165,10 +1175,10 @@ index 9bb707c168..828a445f24 100644
# Don't try to use -lc when making libc.so itself.
# Also omits crti.o and crtn.o, which we do not want
diff --git a/NEWS b/NEWS
-index 8295f20c0a..f04b3ed4e8 100644
+index 8295f20c0a..7f88e9e310 100644
--- a/NEWS
+++ b/NEWS
-@@ -5,6 +5,98 @@ See the end for copying conditions.
+@@ -5,6 +5,105 @@ See the end for copying conditions.
Please send GNU C library bug reports via <http://sourceware.org/bugzilla/>
using `glibc' in the "product" field.
�
@@ -1226,10 +1236,15 @@ index 8295f20c0a..f04b3ed4e8 100644
+ for AT_SECURE or SUID binaries could be used to load libraries from the
+ current directory.
+
++ CVE-2018-1000001: Buffer underflow in realpath function when getcwd function
++ succeeds without returning an absolute path due to unexpected behaviour
++ of the Linux kernel getcwd syscall. Reported by halfdog.
++
+The following bugs are resolved with this release:
+
+ [16750] ldd: Never run file directly.
+ [17956] crypt: Use NSPR header files in addition to NSS header files
++ [20532] getaddrinfo: More robust handling of dlopen failures
+ [21242] assert: Suppress pedantic warning caused by statement expression
+ [21265] x86-64: Use fxsave/xsave/xsavec in _dl_runtime_resolve
+ [21780] posix: Set p{read,write}v2 to return ENOTSUP
@@ -1263,6 +1278,8 @@ index 8295f20c0a..f04b3ed4e8 100644
+ [22325] glibc: Memory leak in glob with GLOB_TILDE (CVE-2017-15671)
+ [22375] malloc returns pointer from tcache instead of NULL (CVE-2017-17426)
+ [22627] $ORIGIN in $LD_LIBRARY_PATH is substituted twice
++ [22679] getcwd(3) can succeed without returning an absolute path
++ (CVE-2018-1000001)
+�
Version 2.26
@@ -1828,6 +1845,91 @@ index 2b2632c7ba..b2135893e8 100644
libc_hidden_proto (__inet6_scopeid_pton)
+diff --git a/io/Makefile b/io/Makefile
+index 2f26bf56db..f0bdc838bb 100644
+--- a/io/Makefile
++++ b/io/Makefile
+@@ -70,7 +70,7 @@ tests := test-utime test-stat test-stat2
test-lfs tst-getcwd \
+ tst-symlinkat tst-linkat tst-readlinkat tst-mkdirat \
+ tst-mknodat tst-mkfifoat tst-ttyname_r bug-ftw5 \
+ tst-posix_fallocate tst-posix_fallocate64 \
+- tst-fts tst-fts-lfs tst-open-tmpfile
++ tst-fts tst-fts-lfs tst-open-tmpfile tst-getcwd-abspath
+
+ ifeq ($(run-built-tests),yes)
+ tests-special += $(objpfx)ftwtest.out
+diff --git a/io/tst-getcwd-abspath.c b/io/tst-getcwd-abspath.c
+new file mode 100644
+index 0000000000..3a3636f2ed
+--- /dev/null
++++ b/io/tst-getcwd-abspath.c
+@@ -0,0 +1,66 @@
++/* BZ #22679 getcwd(3) should not succeed without returning an absolute path.
++
++ Copyright (C) 2018 Free Software Foundation, Inc.
++ This file is part of the GNU C Library.
++
++ The GNU C Library is free software; you can redistribute it and/or
++ modify it under the terms of the GNU Lesser General Public
++ License as published by the Free Software Foundation; either
++ version 2.1 of the License, or (at your option) any later version.
++
++ The GNU C Library is distributed in the hope that it will be useful,
++ but WITHOUT ANY WARRANTY; without even the implied warranty of
++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
++ Lesser General Public License for more details.
++
++ You should have received a copy of the GNU Lesser General Public
++ License along with the GNU C Library; if not, see
++ <https://www.gnu.org/licenses/>. */
++
++#include <errno.h>
++#include <stdio.h>
++#include <stdlib.h>
++#include <support/check.h>
++#include <support/namespace.h>
++#include <support/support.h>
++#include <support/temp_file.h>
++#include <support/test-driver.h>
++#include <support/xunistd.h>
++#include <unistd.h>
++
++static char *chroot_dir;
++
++/* The actual test. Run it in a subprocess, so that the test harness
++ can remove the temporary directory in --direct mode. */
++static void
++getcwd_callback (void *closure)
++{
++ xchroot (chroot_dir);
++
++ errno = 0;
++ char *cwd = getcwd (NULL, 0);
++ TEST_COMPARE (errno, ENOENT);
++ TEST_VERIFY (cwd == NULL);
++
++ errno = 0;
++ cwd = realpath (".", NULL);
++ TEST_COMPARE (errno, ENOENT);
++ TEST_VERIFY (cwd == NULL);
++
++ _exit (0);
++}
++
++static int
++do_test (void)
++{
++ support_become_root ();
++ if (!support_can_chroot ())
++ return EXIT_UNSUPPORTED;
++
++ chroot_dir = support_create_temp_directory ("tst-getcwd-abspath-");
++ support_isolate_in_subprocess (getcwd_callback, NULL);
++
++ return 0;
++}
++
++#include <support/test-driver.c>
diff --git a/malloc/Makefile b/malloc/Makefile
index 3fa395b949..9e23db9343 100644
--- a/malloc/Makefile
@@ -21550,6 +21652,33 @@ index 82a9a296a7..0000000000
+++ /dev/null
@@ -1 +0,0 @@
-#include <sysdeps/unix/sysv/linux/i386/glob64.c>
+diff --git a/sysdeps/unix/sysv/linux/getcwd.c
b/sysdeps/unix/sysv/linux/getcwd.c
+index 3b556fd450..f485de88a5 100644
+--- a/sysdeps/unix/sysv/linux/getcwd.c
++++ b/sysdeps/unix/sysv/linux/getcwd.c
+@@ -76,7 +76,7 @@ __getcwd (char *buf, size_t size)
+ int retval;
+
+ retval = INLINE_SYSCALL (getcwd, 2, path, alloc_size);
+- if (retval >= 0)
++ if (retval > 0 && path[0] == '/')
+ {
+ #ifndef NO_ALLOCATION
+ if (buf == NULL && size == 0)
+@@ -92,10 +92,10 @@ __getcwd (char *buf, size_t size)
+ return buf;
+ }
+
+- /* The system call cannot handle paths longer than a page.
+- Neither can the magic symlink in /proc/self. Just use the
++ /* The system call either cannot handle paths longer than a page
++ or can succeed without returning an absolute path. Just use the
+ generic implementation right away. */
+- if (errno == ENAMETOOLONG)
++ if (retval >= 0 || errno == ENAMETOOLONG)
+ {
+ #ifndef NO_ALLOCATION
+ if (buf == NULL && size == 0)
diff --git a/sysdeps/unix/sysv/linux/glob.c b/sysdeps/unix/sysv/linux/glob.c
new file mode 100644
index 0000000000..057ae7fe25
--
Alioth's /usr/local/bin/git-commit-notice on
/srv/git.debian.org/git/pkg-glibc/glibc.git
