diff options
author | Timo Teräs <timo.teras@iki.fi> | 2013-09-29 09:12:48 +0000 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2013-09-29 09:12:48 +0000 |
commit | d830cb39a9c5e454c0d1fc9717ef376c41a68583 (patch) | |
tree | e1fe0e1ae7174be264212fb57da41ba528dfed5d /main | |
parent | 5580d1c7a275b2a153b54cbb0fdd5021e5b6dc70 (diff) | |
download | aports-d830cb39a9c5e454c0d1fc9717ef376c41a68583.tar.bz2 aports-d830cb39a9c5e454c0d1fc9717ef376c41a68583.tar.xz |
main/musl: cherry pick two more bug fixes from upstream
Diffstat (limited to 'main')
-rw-r--r-- | main/musl/0001-add-missing-i386-syscall-numbers.patch | 41 | ||||
-rw-r--r-- | main/musl/0002-fix-buffer-overflow-in-mbsrtowcs.patch | 41 | ||||
-rw-r--r-- | main/musl/0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch | 38 | ||||
-rw-r--r-- | main/musl/APKBUILD | 19 |
4 files changed, 134 insertions, 5 deletions
diff --git a/main/musl/0001-add-missing-i386-syscall-numbers.patch b/main/musl/0001-add-missing-i386-syscall-numbers.patch new file mode 100644 index 0000000000..8c0b0a892d --- /dev/null +++ b/main/musl/0001-add-missing-i386-syscall-numbers.patch @@ -0,0 +1,41 @@ +From 78178542e73e143bf44b3ba32cf0b58ced53f2d5 Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Thu, 26 Sep 2013 14:17:36 -0400 +Subject: [PATCH] add missing i386 syscall numbers + +somehow the range 335-339 was missed when updating the file. +--- + arch/i386/bits/syscall.h | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/arch/i386/bits/syscall.h b/arch/i386/bits/syscall.h +index 800409a..2af242b 100644 +--- a/arch/i386/bits/syscall.h ++++ b/arch/i386/bits/syscall.h +@@ -333,6 +333,11 @@ + #define __NR_inotify_init1 332 + #define __NR_preadv 333 + #define __NR_pwritev 334 ++#define __NR_rt_tgsigqueueinfo 335 ++#define __NR_perf_event_open 336 ++#define __NR_recvmmsg 337 ++#define __NR_fanotify_init 338 ++#define __NR_fanotify_mark 339 + #define __NR_prlimit64 340 + #define __NR_name_to_handle_at 341 + #define __NR_open_by_handle_at 342 +@@ -683,6 +688,11 @@ + #define SYS_inotify_init1 332 + #define SYS_preadv 333 + #define SYS_pwritev 334 ++#define SYS_rt_tgsigqueueinfo 335 ++#define SYS_perf_event_open 336 ++#define SYS_recvmmsg 337 ++#define SYS_fanotify_init 338 ++#define SYS_fanotify_mark 339 + #define SYS_prlimit64 340 + #define SYS_name_to_handle_at 341 + #define SYS_open_by_handle_at 342 +-- +1.8.4 + diff --git a/main/musl/0002-fix-buffer-overflow-in-mbsrtowcs.patch b/main/musl/0002-fix-buffer-overflow-in-mbsrtowcs.patch new file mode 100644 index 0000000000..8b68cc8777 --- /dev/null +++ b/main/musl/0002-fix-buffer-overflow-in-mbsrtowcs.patch @@ -0,0 +1,41 @@ +From 211264e46a2f1bc382a84435e904d1548de672b0 Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Fri, 27 Sep 2013 13:09:46 -0400 +Subject: [PATCH] fix buffer overflow in mbsrtowcs + +issue reported by Michael Forney: + +"If wn becomes 0 after processing a chunk of 4, mbsrtowcs currently +continues on, wrapping wn around to -1, causing the rest of the string +to be processed. + +This resulted in buffer overruns if there was only space in ws for wn +wide characters." + +the original patch submitted added an additional check for !wn after +the loop; to avoid extra branching, I instead just changed the wn>=4 +check to wn>=5 to ensure that at least one slot remains after the +word-at-a-time loop runs. this should not slow down the tail +processing on real-world usage, since an extra slot that can't be +processed in the word-at-a-time loop is needed for the null +termination anyway. +--- + src/multibyte/mbsrtowcs.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/multibyte/mbsrtowcs.c b/src/multibyte/mbsrtowcs.c +index b9bbc33..066cce6 100644 +--- a/src/multibyte/mbsrtowcs.c ++++ b/src/multibyte/mbsrtowcs.c +@@ -59,7 +59,7 @@ resume0: + return wn0; + } + if (*s-1u < 0x7f && (uintptr_t)s%4 == 0) { +- while (wn>=4 && !(( *(uint32_t*)s | *(uint32_t*)s-0x01010101) & 0x80808080)) { ++ while (wn>=5 && !(( *(uint32_t*)s | *(uint32_t*)s-0x01010101) & 0x80808080)) { + *ws++ = *s++; + *ws++ = *s++; + *ws++ = *s++; +-- +1.8.4 + diff --git a/main/musl/0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch b/main/musl/0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch new file mode 100644 index 0000000000..ebc1910c7f --- /dev/null +++ b/main/musl/0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch @@ -0,0 +1,38 @@ +From 23b8e3bc95620b0bd90a78ce0d926942c12b45da Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Sun, 29 Sep 2013 02:52:33 -0400 +Subject: [PATCH] fix off-by-one error in getgrnam_r and getgrgid_r, clobbering + gr_name + +bug report and patch by Michael Forney. the terminating null pointer +at the end of the gr_mem array was overwriting the beginning of the +string data, causing the gr_name member to always be a zero-length +string. +--- + src/passwd/getgr_r.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/passwd/getgr_r.c b/src/passwd/getgr_r.c +index 234c901..3fe2e2b 100644 +--- a/src/passwd/getgr_r.c ++++ b/src/passwd/getgr_r.c +@@ -26,14 +26,14 @@ static int getgr_r(const char *name, gid_t gid, struct group *gr, char *buf, siz + while (__getgrent_a(f, gr, &line, &len, &mem, &nmem)) { + if (name && !strcmp(name, gr->gr_name) + || !name && gr->gr_gid == gid) { +- if (size < len + nmem*sizeof(char *) + 32) { ++ if (size < len + (nmem+1)*sizeof(char *) + 32) { + rv = ERANGE; + break; + } + *res = gr; + buf += (16-(uintptr_t)buf)%16; + gr->gr_mem = (void *)buf; +- buf += nmem*sizeof(char *); ++ buf += (nmem+1)*sizeof(char *); + memcpy(buf, line, len); + FIX(name); + FIX(passwd); +-- +1.8.4 + diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD index ded6dd6ee5..d277162332 100644 --- a/main/musl/APKBUILD +++ b/main/musl/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Timo Teräs <timo.teras@iki.fi> pkgname=musl pkgver=0.9.14 -pkgrel=2 +pkgrel=3 pkgdesc="the musl c library (libc) implementation" url="http://www.musl-libc.org/" arch="all" @@ -14,7 +14,10 @@ install="" subpackages="$pkgname-dev $pkgname-utils" [ "${CTARGET#*musl}" = "$CTARGET" ] && subpackages="$subpackages musl-gcc:crosstool" source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz - add-missing-i386-syscall-numbers.patch + 0001-add-missing-i386-syscall-numbers.patch + 0002-fix-buffer-overflow-in-mbsrtowcs.patch + 0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch + add-rfc3678-mcast-structs.patch workaround-gcc-pr58245.patch getopt_long.c @@ -105,21 +108,27 @@ crosstool() { } md5sums="bfb685695aa942e64c63170589e575b2 musl-0.9.14.tar.gz -f116cf69bcbcb7080ef3aa521acce8b8 add-missing-i386-syscall-numbers.patch +f116cf69bcbcb7080ef3aa521acce8b8 0001-add-missing-i386-syscall-numbers.patch +bfefbd099f555fe8fd22e7ffc3accbef 0002-fix-buffer-overflow-in-mbsrtowcs.patch +5d722e38a7ca2032c9f202db8ff7e369 0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch dcdded62320e3aa2a550058a75bc9c6e add-rfc3678-mcast-structs.patch 7a09c5cd7b3e9532e6902f54a5e928bb workaround-gcc-pr58245.patch 61c6c1e84ed1df82abbe6d75e90cf21c getopt_long.c 0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c ef81489a6258501cf45db58dfc6d5211 getent" sha256sums="982e9de1287cf95f9aa526adba008660d8885bfccc41faf5c613ea47f1922872 musl-0.9.14.tar.gz -84886493008bdca79ad223708e5568baeb948a520499b9f4eea2f1526aefb304 add-missing-i386-syscall-numbers.patch +84886493008bdca79ad223708e5568baeb948a520499b9f4eea2f1526aefb304 0001-add-missing-i386-syscall-numbers.patch +a6cb8b279e5b737d43c2de1bd6229f5e6599e9514bcb41ddaa411cd44dc65ba7 0002-fix-buffer-overflow-in-mbsrtowcs.patch +b6b161383b287505eecb53595039b8fe26c622508e783c86ee82d38c1ea582f4 0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch 6e8c4fe897c88e4b8f5654766cdaa5d14a0bfa51f28518b53cba2628ca700cdb add-rfc3678-mcast-structs.patch 45d6efda7450809e4e68f6e951431dcadf6cb7f0260930d50a9f1a8667aca49f workaround-gcc-pr58245.patch d9b644ec20bc33e81a7c52b9fcf7973d835923a69faf50f03db45534b811bd96 getopt_long.c 299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c d6996273f5aaaed429058257e4646b243d9e3a4d8609522f802762453f5be4cb getent" sha512sums="e5c3f7b1549dc2f9cbd3359cc413f761d5967607c23705f651c33d0ae93f00582193a41fe1f87158467d58d8eba2d7c09e0fe2f2b2c02c1dda78eee1a4cecff6 musl-0.9.14.tar.gz -e6cdb6b4c87e2488d31ac46898010dc9d41f31f2ed9c6f2f8a763b76e63587a37a54a7557cd7db1c524b1fcbd17e5418ec1058b30dc17cc91c3fb3ac7cd47fc8 add-missing-i386-syscall-numbers.patch +e6cdb6b4c87e2488d31ac46898010dc9d41f31f2ed9c6f2f8a763b76e63587a37a54a7557cd7db1c524b1fcbd17e5418ec1058b30dc17cc91c3fb3ac7cd47fc8 0001-add-missing-i386-syscall-numbers.patch +bb1a0025675fc0241a0ae15e04e12cfbb3c12604ccdb8ac9a2a192d76d346c2804d051f6698a636671d9b4154132b1fe4270bc464bdd370a9b2070c4573361e0 0002-fix-buffer-overflow-in-mbsrtowcs.patch +60fd9640ea6a8c46e8724ec80d228bcabb9ae3f0f366d2a21c7e15da4a31395aa6dfadeb480f22c720cbd773b73b245174adc3031ee04e69efecf4c45af8538f 0003-fix-off-by-one-error-in-getgrnam_r-and-getgrgid_r-cl.patch 72789ddf7018bb0878cb1f9c8a47d7b371a9a3e1c58693090d518bf1cc0d26e4edda3e3a405b2ddcdfb06f05a94eb4a358d9e26f742702be891a6578673a0369 add-rfc3678-mcast-structs.patch 69ad3fc851b44f33dd7c98b83fd0adbd149b37263d17b989f4d7338ee0703dfe8994f4299744e2509492300227d652de6f21b6cdba9b633fcefd3d9f7ca0cf20 workaround-gcc-pr58245.patch 140f3f20d30bd95ebce8c41b8cc7f616c6cbedf4ea06c729c21014e74f6043796825cc40ebc5180620ea38173afdba23f09ebf6d8b11fa05440b14d23764fca9 getopt_long.c |