diff options
-rw-r--r-- | main/musl/0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch (renamed from main/musl/memmem.patch) | 5 | ||||
-rw-r--r-- | main/musl/0011-fix-FILE-buffer-underflow-in-ungetwc.patch | 54 | ||||
-rw-r--r-- | main/musl/0012-fix-incorrect-protocol-name-and-number-for-egp.patch | 28 | ||||
-rw-r--r-- | main/musl/APKBUILD | 18 |
4 files changed, 98 insertions, 7 deletions
diff --git a/main/musl/memmem.patch b/main/musl/0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch index 9753dabbb7..35c7276d0f 100644 --- a/main/musl/memmem.patch +++ b/main/musl/0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch @@ -1,7 +1,8 @@ From c718f9fc1b4bd913eff10d0c12763f90b2bc487c Mon Sep 17 00:00:00 2001 From: Rich Felker <dalias@aerifal.cx> Date: Fri, 1 Apr 2016 13:36:15 -0400 -Subject: fix read past end of haystack buffer for short needles in memmem +Subject: [PATCH] fix read past end of haystack buffer for short needles in + memmem the two/three/four byte memmem specializations are not prepared to handle haystacks shorter than the needle; they unconditionally read at @@ -31,5 +32,5 @@ index d7e1221..4be6a31 100644 if (l==3) return threebyte_memmem(h, k, n); if (l==4) return fourbyte_memmem(h, k, n); -- -cgit v0.11.2 +2.8.2 diff --git a/main/musl/0011-fix-FILE-buffer-underflow-in-ungetwc.patch b/main/musl/0011-fix-FILE-buffer-underflow-in-ungetwc.patch new file mode 100644 index 0000000000..78c716121a --- /dev/null +++ b/main/musl/0011-fix-FILE-buffer-underflow-in-ungetwc.patch @@ -0,0 +1,54 @@ +From 6ed791e768d83b40ed56c99dbb1ed72c1e49aae7 Mon Sep 17 00:00:00 2001 +From: Rich Felker <dalias@aerifal.cx> +Date: Tue, 26 Apr 2016 15:26:40 -0400 +Subject: [PATCH] fix FILE buffer underflow in ungetwc + +commit 7e816a6487932cbb3cb71d94b609e50e81f4e5bf (version 1.1.11 +release cycle) moved the code that performs wchar_t to multibyte +conversion across code that used the resulting length in bytes, +thereby breaking the unget buffer space check in ungetwc and +clobbering up to three bytes below the start of the buffer. + +for allocated FILEs (all read-enabled FILEs except stdin), the +underflow clobbers at most the FILE-specific locale pointer. no stores +are performed through this pointer, but subsequent loads may result in +a crash or mismatching encoding rule (UTF-8 multibyte vs byte-based). + +for stdin, the buffer lies in .bss and the underflow may clobber +another object. in practice, for libc.so the adjacent object seems to +be stderr's buffer, which is completely unused, but this could vary +with linking options, or when static linking. + +applications which do not attempt to use more than one character of +ungetwc pushback, or which do not use ungetwc, are not affected. +--- + src/stdio/ungetwc.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/stdio/ungetwc.c b/src/stdio/ungetwc.c +index 80d6e20..9edf366 100644 +--- a/src/stdio/ungetwc.c ++++ b/src/stdio/ungetwc.c +@@ -8,7 +8,7 @@ + wint_t ungetwc(wint_t c, FILE *f) + { + unsigned char mbc[MB_LEN_MAX]; +- int l=1; ++ int l; + locale_t *ploc = &CURRENT_LOCALE, loc = *ploc; + + FLOCK(f); +@@ -17,8 +17,8 @@ wint_t ungetwc(wint_t c, FILE *f) + *ploc = f->locale; + + if (!f->rpos) __toread(f); +- if (!f->rpos || f->rpos < f->buf - UNGET + l || c == WEOF || +- (!isascii(c) && (l = wctomb((void *)mbc, c)) < 0)) { ++ if (!f->rpos || c == WEOF || (l = wcrtomb((void *)mbc, c, 0)) < 0 || ++ f->rpos < f->buf - UNGET + l) { + FUNLOCK(f); + *ploc = loc; + return WEOF; +-- +2.8.2 + diff --git a/main/musl/0012-fix-incorrect-protocol-name-and-number-for-egp.patch b/main/musl/0012-fix-incorrect-protocol-name-and-number-for-egp.patch new file mode 100644 index 0000000000..01858484cd --- /dev/null +++ b/main/musl/0012-fix-incorrect-protocol-name-and-number-for-egp.patch @@ -0,0 +1,28 @@ +From 4b619e5c61d7d4cf344b355be8b1acb0f0795ea9 Mon Sep 17 00:00:00 2001 +From: Andrew Kelley <superjoe30@gmail.com> +Date: Wed, 4 May 2016 13:29:11 -0700 +Subject: [PATCH] fix incorrect protocol name and number for egp + +previously if you called getprotobyname("egp") you would get +NULL because \008 is invalid octal and so the protocol id was +interpreted as 0 and name as "8egp". +--- + src/network/proto.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/network/proto.c b/src/network/proto.c +index a42d145..c4fd34e 100644 +--- a/src/network/proto.c ++++ b/src/network/proto.c +@@ -12,7 +12,7 @@ static const unsigned char protos[] = { + "\004ipencap\0" + "\005st\0" + "\006tcp\0" +- "\008egp\0" ++ "\010egp\0" + "\014pup\0" + "\021udp\0" + "\024hmp\0" +-- +2.8.2 + diff --git a/main/musl/APKBUILD b/main/musl/APKBUILD index e5744c9a4a..8be162449b 100644 --- a/main/musl/APKBUILD +++ b/main/musl/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Timo Teräs <timo.teras@iki.fi> pkgname=musl pkgver=1.1.14 -pkgrel=8 +pkgrel=9 pkgdesc="the musl c library (libc) implementation" url="http://www.musl-libc.org/" arch="all" @@ -21,7 +21,9 @@ source="http://www.musl-libc.org/releases/musl-$pkgver.tar.gz 0007-fix-gethostbyaddr_r-to-fill-struct-hostent.h_length-.patch 0008-fix-undefined-pointer-comparison-in-stdio-internal-_.patch 0009-fix-regression-disabling-use-of-pause-instruction-fo.patch - memmem.patch + 0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch + 0011-fix-FILE-buffer-underflow-in-ungetwc.patch + 0012-fix-incorrect-protocol-name-and-number-for-egp.patch ldconfig __stack_chk_fail_local.c @@ -138,7 +140,9 @@ d85fdb4d80c8372d8e63cf4382e4012a 0006-fix-padding-string-formats-to-width-in-wi 882309436377613d8b65a1fed573f125 0007-fix-gethostbyaddr_r-to-fill-struct-hostent.h_length-.patch 4701e50c55b520e644c9e9a94e851d7f 0008-fix-undefined-pointer-comparison-in-stdio-internal-_.patch a2457ce90f3e4d5ef04005b6f42e9bc3 0009-fix-regression-disabling-use-of-pause-instruction-fo.patch -3d5b6f9614083cff7b845deeb5e4c13d memmem.patch +5cbd4551e71b317e1125e9cbe08e9a6d 0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch +1a54c766a86a56946ee53f9515410670 0011-fix-FILE-buffer-underflow-in-ungetwc.patch +67ca785b787c53316397f96d21afab31 0012-fix-incorrect-protocol-name-and-number-for-egp.patch 830d01f7821b978df770b06db3790921 ldconfig 0df687757221bbb0fc1aa67f1bd646f9 __stack_chk_fail_local.c 57ef2c63b9ec6a2041694ace97d4ffa2 getconf.c @@ -154,7 +158,9 @@ e4e36277864e1445295be1397c930c649905ddfa32f1ed65c6defb67f78dd0e8 0004-math-fix- 7cec62c7a4ee9d1fa5cd79391aabe9363006ccc6c942fd09924b038e7224f144 0007-fix-gethostbyaddr_r-to-fill-struct-hostent.h_length-.patch b937311664b96b6272e4e62e1aa0d44edd58c825cbb95746c82fab85a6390968 0008-fix-undefined-pointer-comparison-in-stdio-internal-_.patch 4eefc6e8e95da425a519e093e6f9e15390d498070759256de4d86a89679236b9 0009-fix-regression-disabling-use-of-pause-instruction-fo.patch -5f0d4174d8ad8db95211581d778d8ad696ad85b06abc0b2e1ae39461930217ee memmem.patch +3cfd4b886b5aa99d48a4bc814e3ac11690fdd166a9fc02da13274cd9acb2260b 0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch +b19de98d4c4051c2ff89b5f4b2705444f6f4c44a639692bedfa30a71b965fd04 0011-fix-FILE-buffer-underflow-in-ungetwc.patch +8721a088af8aa388c771174eb8e9b19cc96c47fe07d2fa8c70a640cdb7d52221 0012-fix-incorrect-protocol-name-and-number-for-egp.patch b4a2c06db38742e8c42c3c9838b285a7d8cdac6c091ff3df5ff9a15f1e41b9c7 ldconfig 299a7d75a09de3e2e11e7fb4acc3182e4a14e868093d2f30938fce9bfcff13da __stack_chk_fail_local.c d87d0cbb3690ae2c5d8cc218349fd8278b93855dd625deaf7ae50e320aad247c getconf.c @@ -170,7 +176,9 @@ fb30c3d1113e3cdaf575b37257b1184f2d5cc7cea0eb0ee94a71e861f9c72fe924de5f6382670158 ffb52c8a24bfa5fcad0561c6c4f6f265b0b3666f0c6e8c0a12b1f11c9aeb1c51b17f4f0fccdd70a3e94dccb17650efaf24635cd12b64d12c09469ca1399d99d7 0007-fix-gethostbyaddr_r-to-fill-struct-hostent.h_length-.patch afa17d63f3de02661709d3712d1586b3173518476d314ca2b1e72a3814536538c81aefa5a4ec0cee3470af7177dd4842ab6e62e891ae85a88102bb703ba09c59 0008-fix-undefined-pointer-comparison-in-stdio-internal-_.patch 5818f2563a7a335aec2cbaaeb4acb80d1380206dd03110331adb09fd1279c84f09883e2f92e0d8964079acf3d4fc173c1b5073091c874c492f2f5a966e1cccb7 0009-fix-regression-disabling-use-of-pause-instruction-fo.patch -fe5b9990ede91e205b040f23a24043472faae47390591dfbd8dfd29f02498b8642a6a919f00e7425ed86f765c7b29e2ccbb8560b6e2de1d35e5ef687ac26eda6 memmem.patch +c0cf860bc7c6259dc626a1178258010e4ea6588f1ecd6c6c69ed85f11c5f0f6c502f59af3d9655bb92f05263ffd06c8fe4aed3939e105c00f783b9c7975ac9ff 0010-fix-read-past-end-of-haystack-buffer-for-short-needl.patch +93a696ef060f4a7c9efe32589e3f8e0bb08cbbae6d0f9852aef8555f2f095f0d50431f55647ee8b59599916b0c90bb4aa251be495d3d2697b36c7cad5c9375a4 0011-fix-FILE-buffer-underflow-in-ungetwc.patch +78f1952b786cd4c31d956e169a6362d0f3007d68cb95308f88ae556dac88689cfa0e94856e5e8f727b1f27a9df5b35dab0fec8f3df4d925207c4980eb4e9f80f 0012-fix-incorrect-protocol-name-and-number-for-egp.patch 8d3a2d5315fc56fee7da9abb8b89bb38c6046c33d154c10d168fb35bfde6b0cf9f13042a3bceee34daf091bc409d699223735dcf19f382eeee1f6be34154f26f ldconfig 062bb49fa54839010acd4af113e20f7263dde1c8a2ca359b5fb2661ef9ed9d84a0f7c3bc10c25dcfa10bb3c5a4874588dff636ac43d5dbb3d748d75400756d0b __stack_chk_fail_local.c 0d80f37b34a35e3d14b012257c50862dfeb9d2c81139ea2dfa101d981d093b009b9fa450ba27a708ac59377a48626971dfc58e20a3799084a65777a0c32cbc7d getconf.c |