aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch34
-rw-r--r--main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch37
-rw-r--r--main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch46
-rw-r--r--main/musl/APKBUILD18
-rw-r--r--main/musl/fix-fputs.patch12
5 files changed, 130 insertions, 17 deletions
diff --git a/main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch b/main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
new file mode 100644
index 0000000000..0be9162aab
--- /dev/null
+++ b/main/musl/0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
@@ -0,0 +1,34 @@
+From 10a17dfbad2c267d885817abc9c7589fc7ff630b Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 13:26:16 -0500
+Subject: [PATCH] fix assumption in fputs that fwrite returning 0 implies an
+ error
+
+internally, the idiom of passing nmemb=1 to fwrite and interpreting
+the return value of fwrite (which is necessarily 0 or 1) as
+failure/success is fairly widely used. this is not correct, however,
+when the size argument is unknown and may be zero, since C requires
+fwrite to return 0 in that special case. previously fwrite always
+returned nmemb on success, but this was changed for conformance with
+ISO C by commit 500c6886c654fd45e4926990fee2c61d816be197.
+---
+ src/stdio/fputs.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/stdio/fputs.c b/src/stdio/fputs.c
+index 4737f44..1cf344f 100644
+--- a/src/stdio/fputs.c
++++ b/src/stdio/fputs.c
+@@ -3,7 +3,8 @@
+
+ int fputs(const char *restrict s, FILE *restrict f)
+ {
+- return (int)fwrite(s, strlen(s), 1, f) - 1;
++ size_t l = strlen(s);
++ return (fwrite(s, 1, l, f)==l) - 1;
+ }
+
+ weak_alias(fputs, fputs_unlocked);
+--
+2.7.1
+
diff --git a/main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch b/main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
new file mode 100644
index 0000000000..a5d4e4af63
--- /dev/null
+++ b/main/musl/0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
@@ -0,0 +1,37 @@
+From ef2b5e9f13a7f216d6d64aeccc6b33c1262faece Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 13:27:24 -0500
+Subject: [PATCH] fix unlikely corner cases in getopt's message printing
+
+like fputs (see commit 10a17dfbad2c267d885817abc9c7589fc7ff630b), the
+message printing code for getopt assumed that fwrite only returns 0 on
+failure, but it can also happen on success if the total length to be
+written is zero. programs with zero-length argv[0] were affected.
+
+commit 500c6886c654fd45e4926990fee2c61d816be197 introduced this
+problem in getopt by fixing the fwrite behavior to conform to the
+requirements of ISO C. previously the wrong expectations of the getopt
+code were met by the fwrite implementation.
+---
+ src/misc/getopt.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/misc/getopt.c b/src/misc/getopt.c
+index 9217983..8290aef 100644
+--- a/src/misc/getopt.c
++++ b/src/misc/getopt.c
+@@ -17,9 +17,9 @@ void __getopt_msg(const char *a, const char *b, const char *c, size_t l)
+ FILE *f = stderr;
+ b = __lctrans_cur(b);
+ flockfile(f);
+- fwrite(a, strlen(a), 1, f)
++ fputs(a, f)>=0
+ && fwrite(b, strlen(b), 1, f)
+- && fwrite(c, l, 1, f)
++ && fwrite(c, 1, l, f)==l
+ && putc('\n', f);
+ funlockfile(f);
+ }
+--
+2.7.1
+
diff --git a/main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch b/main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
new file mode 100644
index 0000000000..7204b6a4f4
--- /dev/null
+++ b/main/musl/0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
@@ -0,0 +1,46 @@
+From cf115059ba0ecd611008c89c78c37b62f8e6d6af Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Tue, 16 Feb 2016 17:38:07 -0500
+Subject: [PATCH] in crypt-sha*, reject excessive rounds as error rather than
+ clamping
+
+the reference implementation clamps rounds to [1000,999999999]. we
+further limited rounds to at most 9999999 as a defense against extreme
+run times, but wrongly clamped instead of treating out-of-bounds
+values as an error, thereby producing implementation-specific hash
+results. fixing this should not break anything since values of rounds
+this high are not useful anyway.
+---
+ src/crypt/crypt_sha256.c | 2 +-
+ src/crypt/crypt_sha512.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/crypt/crypt_sha256.c b/src/crypt/crypt_sha256.c
+index d5f0b78..e885dc6 100644
+--- a/src/crypt/crypt_sha256.c
++++ b/src/crypt/crypt_sha256.c
+@@ -230,7 +230,7 @@ static char *sha256crypt(const char *key, const char *setting, char *output)
+ if (u < ROUNDS_MIN)
+ r = ROUNDS_MIN;
+ else if (u > ROUNDS_MAX)
+- r = ROUNDS_MAX;
++ return 0;
+ else
+ r = u;
+ /* needed when rounds is zero prefixed or out of bounds */
+diff --git a/src/crypt/crypt_sha512.c b/src/crypt/crypt_sha512.c
+index 1294e98..39970ca 100644
+--- a/src/crypt/crypt_sha512.c
++++ b/src/crypt/crypt_sha512.c
+@@ -252,7 +252,7 @@ static char *sha512crypt(const char *key, const char *setting, char *output)
+ if (u < ROUNDS_MIN)
+ r = ROUNDS_MIN;
+ else if (u > ROUNDS_MAX)
+- r = ROUNDS_MAX;
++ return 0;
+ else
+ r = u;
+ /* needed when rounds is zero prefixed or out of bounds */
+--
+2.7.1
+
diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD
index e5ac6481e2..d2324c9c3d 100644
--- a/main/musl/APKBUILD
+++ b/main/musl/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Timo Teräs <timo.teras@iki.fi>
pkgname=musl
pkgver=1.1.13
-pkgrel=1
+pkgrel=2
pkgdesc="the musl c library (libc) implementation"
url="http://www.musl-libc.org/"
arch="all"
@@ -12,7 +12,9 @@ depends_dev="!uclibc-dev"
makedepends="$depends_dev"
subpackages="$pkgname-dev $pkgname-utils $pkgname-dbg libc6-compat:compat"
source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz
- fix-fputs.patch
+ 0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+ 0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+ 0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
ldconfig
__stack_chk_fail_local.c
@@ -129,21 +131,27 @@ compat() {
}
md5sums="b8cb33a04ab461b55edcc807abf82241 musl-1.1.13.tar.gz
-796a4dab96dc5c1c182a7b6e44f563fb fix-fputs.patch
+b05c1a3f3b773610fdfe1fe44f41c5f8 0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+5b1ab9ab71069b9daafaf7a62ee3cf8e 0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+bf74e577da2993ccf468787910a3d4d3 0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
830d01f7821b978df770b06db3790921 ldconfig
0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c
57ef2c63b9ec6a2041694ace97d4ffa2 getconf.c
2b941c4251cac44988a4abfc50e21267 getent.c
45f92f8d59cf84d765de698a9578dbf4 iconv.c"
sha256sums="bbacdc64f557d0c4857f7d2daf592c32c29aec1babbb94fcf01a2e05bed15013 musl-1.1.13.tar.gz
-990d71f2efacede62b54225c773b1245b38fae9d5bd59971984bbd173cfb5e9c fix-fputs.patch
+f32bfc319bb2e4dd6e20ab81dd838af991c6696dbd70db93926e8e3e446caf50 0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+e21ad9f7e9ff9089d3be03281366dd01a7487b21fb00dd7b7556f46e84f2e282 0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+4542c63178f1f8d42d54a3e81a3db1978103d76f0d3ffb42b133bfe4b02f5de4 0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
b4a2c06db38742e8c42c3c9838b285a7d8cdac6c091ff3df5ff9a15f1e41b9c7 ldconfig
299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c
d87d0cbb3690ae2c5d8cc218349fd8278b93855dd625deaf7ae50e320aad247c getconf.c
68373a55e89ce85c562d941ccf588337d6cc6c9c17689d695f65cd7607134bbe getent.c
f79a2930a2e5bb0624321589edf8b889d1e9b603e01e6b7ae214616605b3fdd7 iconv.c"
sha512sums="d5f4a6fdb6a2cdbd7ab1ad5a8d91b1c690b3bd31d9049dfc022067019bba11952e375374eed982a0ddac7347d17f9ff2300178c4d5f27bdd8480933cc6e67802 musl-1.1.13.tar.gz
-1fb5708a0dd8938622c0a1c8f933f79da1de94d37952d555930152d52d5405f1e744e502bdf9e22cd4d16293dcfb685707f323f6ac2af5ef4eb6b6897ac4d182 fix-fputs.patch
+c634947ddf6d0b2e462cacff3920326a5677c06a3fc58f40cf99f22496b33882d25b4dce041a368fa2961d23bccbf9145a571fd40ea0d390cea1ab2849e681d7 0001-fix-assumption-in-fputs-that-fwrite-returning-0-impl.patch
+2a9b55bedfd13bb6f1ad6a10344294d672eaafbc4402c0f18cc31a9b5a62879a606e7fe4733c09295159a7458502886ed4d0c71170e66dca9a1bd228dbb08123 0002-fix-unlikely-corner-cases-in-getopt-s-message-printi.patch
+0a1715fb46204a13d9a29dfa9d86d3335890e75990d0d76c06daccb059f31498858b106966063e4b01c101f67ed139d8a24915d1ebeafec2491213d3e6bfdac9 0003-in-crypt-sha-reject-excessive-rounds-as-error-rather.patch
8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f ldconfig
062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b __stack_chk_fail_local.c
0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d getconf.c
diff --git a/main/musl/fix-fputs.patch b/main/musl/fix-fputs.patch
deleted file mode 100644
index da9e4a0929..0000000000
--- a/main/musl/fix-fputs.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff --git a/src/stdio/fputs.c b/src/stdio/fputs.c
-index 4737f44..c419923 100644
---- a/src/stdio/fputs.c
-+++ b/src/stdio/fputs.c
-@@ -3,6 +3,7 @@
-
- int fputs(const char *restrict s, FILE *restrict f)
- {
-+ if (!*s) return 0;
- return (int)fwrite(s, strlen(s), 1, f) - 1;
- }
-