From b9911eb529e51ebe7c5daa3b4f17e2caf7ddb9a4 Mon Sep 17 00:00:00 2001 From: Fredrik Rinnestam Date: Sun, 22 Oct 2017 16:18:40 +0200 Subject: [PATCH] CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320] --- ChangeLog | 10 + NEWS | 701 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ posix/glob.c | 2 +- 3 files changed, 712 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 84189ec762..1fb38cb7ee 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,4 @@ +<<<<<<< HEAD 2017-10-19 H.J. Lu * sysdeps/x86_64/Makefile (tests): Add tst-sse, tst-avx and @@ -20,6 +21,15 @@ * sysdeps/x86_64/tst-avxmod.c: Likewise. * sysdeps/x86_64/tst-sse.c: Likewise. * sysdeps/x86_64/tst-ssemod.c: Likewise. +======= +2017-10-20 Paul Eggert + + [BZ #22320] + CVE-2017-15670 + * posix/glob.c (__glob): Fix one-byte overflow. + +2017-10-20 Wilco Dijkstra +>>>>>>> c369d66e54... CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320] 2017-10-19 H.J. Lu diff --git a/NEWS b/NEWS index 4831542023..90cae42eee 100644 --- a/NEWS +++ b/NEWS @@ -5,7 +5,708 @@ See the end for copying conditions. Please send GNU C library bug reports via using `glibc' in the "product" field. +<<<<<<< HEAD Version 2.24.1 +======= +Version 2.27 + +Major new features: + +* Optimized x86-64 asin, atan2, exp, expf, log, pow, atan, sin and tan + with FMA, contributed by Arjan van de Ven and H.J. Lu from Intel. + +* Optimized x86-64 trunc and truncf for processors with SSE4.1. + +* Optimized generic expf, exp2f, logf, log2f and powf. + +* In order to support faster and safer process termination the malloc API + family of functions will no longer print a failure address and stack + backtrace after detecting heap corruption. The goal is to minimize the + amount of work done after corruption is detected and to avoid potential + security issues in continued process execution. Reducing shutdown time + leads to lower overall process restart latency, so there is benefit both + from a security and performance perspective. + +* The abort function terminates the process immediately, without flushing + stdio streams. Previous glibc versions used to flush streams, resulting + in deadlocks and further data corruption. This change also affects + process aborts as the result of assertion failures. + +* On platforms where long double has the IEEE binary128 format (aarch64, + alpha, mips64, s390 and sparc), the math library now implements _Float128 + interfaces for that type, as defined by ISO/IEC TS 18661-3:2015. These + are the same interfaces added in version 2.26 for some platforms where + this format is supported but is not the format of long double. + +Deprecated and removed features, and other changes affecting compatibility: + +* On GNU/Linux, the obsolete Linux constant PTRACE_SEIZE_DEVEL is no longer + defined by . + +* libm no longer supports SVID error handling (calling a user-provided + matherr function on error) or the _LIB_VERSION variable to control error + handling. (SVID error handling and the _LIB_VERSION variable still work + for binaries linked against older versions of the GNU C Library.) The + libieee.a library is no longer provided. math.h no longer defines struct + exception, or the macros X_TLOSS, DOMAIN, SING, OVERFLOW, UNDERFLOW, + TLOSS, PLOSS and HUGE. + +* The libm functions pow10, pow10f and pow10l are no longer supported for + new programs. Programs should use the standard names exp10, exp10f and + exp10l for these functions instead. + +* The mcontext_t type is no longer the same as struct sigcontext. On + platforms where it was previously the same, this changes the C++ name + mangling for interfaces involving this type. + +* The add-ons mechanism for building additional packages at the same time as + glibc has been removed. The --enable-add-ons configure option is now + ignored. + +Changes to build and runtime requirements: + + [Add changes to build and runtime requirements here] + +Security related changes: + + CVE-2009-5064: The ldd script would sometimes run the program under + examination directly, without preventing code execution through the + dynamic linker. (The glibc project disputes that this is a security + vulnerability; only trusted binaries must be examined using the ldd + script.) + + CVE-2017-15670: The glob function, when invoked with GLOB_TILDE, suffered + from a one-byte overflow during ~ operator processing (either on the stack + or the heap, depending on the length of the user name). + +The following bugs are resolved with this release: + + [The release manager will add the list generated by + scripts/list-fixed-bugs.py just before the release.] + + +Version 2.26 + +Major new features: + +* A per-thread cache has been added to malloc. Access to the cache requires + no locks and therefore significantly accelerates the fast path to allocate + and free small amounts of memory. Refilling an empty cache requires locking + the underlying arena. Performance measurements show significant gains in a + wide variety of user workloads. Workloads were captured using a special + instrumented malloc and analyzed with a malloc simulator. Contributed by + DJ Delorie with the help of Florian Weimer, and Carlos O'Donell. + +* Unicode 10.0.0 Support: Character encoding, character type info, and + transliteration tables are all updated to Unicode 10.0.0, using + generator scripts contributed by Mike FABIAN (Red Hat). + These updates cause user visible changes, especially the changes in + wcwidth for many emoji characters cause problems when emoji sequences + are rendered with pango, see for example: + https://bugzilla.gnome.org/show_bug.cgi?id=780669#c5 + +* Collation of Hungarian has been overhauled and is now consistent with "The + Rules of Hungarian Orthography, 12th edition" (Bug 18934). Contributed by + Egmont Koblinger. + +* Improvements to the DNS stub resolver, contributed by Florian Weimer: + + - The GNU C Library will now detect when /etc/resolv.conf has been + modified and reload the changed configuration. The new resolver option + “no-reload” (RES_NORELOAD) disables this behavior. + + - The GNU C Library now supports an arbitrary number of search domains + (configured using the “search” directive in /etc/resolv.conf); + previously, there was a hard limit of six domains. For backward + compatibility, applications that directly modify the ‘_res’ global + object are still limited to six search domains. + + - When the “rotate” (RES_ROTATE) resolver option is active, the GNU C + Library will now randomly pick a name server from the configuration as a + starting point. (Previously, the second name server was always used.) + +* The tunables feature is now enabled by default. This allows users to tweak + behavior of the GNU C Library using the GLIBC_TUNABLES environment variable. + +* New function reallocarray, which resizes an allocated block (like realloc) + to the product of two sizes, with a guaranteed clean failure upon integer + overflow in the multiplication. Originally from OpenBSD, contributed by + Dennis Wölfing and Rüdiger Sonderfeld. + +* New wrappers for the Linux-specific system calls preadv2 and pwritev2. + These are extended versions of preadv and pwritev, respectively, taking an + additional flags argument. The set of supported flags depends on the + running kernel; full support currently requires kernel 4.7 or later. + +* posix_spawnattr_setflags now supports the flag POSIX_SPAWN_SETSID, to + create a new session ID for the spawned process. This feature is + scheduled to be added to the next major revision of POSIX; for the time + being, it is available under _GNU_SOURCE. + +* errno.h is now safe to use from C-preprocessed assembly language on all + supported operating systems. In this context, it will only define the + Exxxx constants, as preprocessor macros expanding to integer literals. + +* On ia64, powerpc64le, x86-32, and x86-64, the math library now implements + 128-bit floating point as defined by ISO/IEC/IEEE 60559:2011 (IEEE + 754-2008) and ISO/IEC TS 18661-3:2015. Contributed by Paul E. Murphy, + Gabriel F. T. Gomes, Tulio Magno Quites Machado Filho, and Joseph Myers. + + To compile programs that use this feature, the compiler must support + 128-bit floating point with the type name _Float128 (as defined by TS + 18661-3) or __float128 (the nonstandard name used by GCC for C++, and for + C prior to version 7). _GNU_SOURCE or __STDC_WANT_IEC_60559_TYPES_EXT__ + must be defined to make the new interfaces visible. + + The new functions and macros correspond to those present for other + floating-point types (except for a few obsolescent interfaces not + supported for the new type), with F128 or f128 suffixes; for example, + strtof128, HUGE_VAL_F128 and cosf128. Following TS 18661-3, there are no + printf or scanf formats for the new type; the strfromf128 and strtof128 + interfaces should be used instead. + +Deprecated and removed features, and other changes affecting compatibility: + +* The synchronization that pthread_spin_unlock performs has been changed to + now be equivalent to a C11 atomic store with release memory order to the + spin lock's memory location. Previously, several (but not all) + architectures used stronger synchronization (e.g., containing what is + often called a full barrier). This change can improve performance, but + may affect odd fringe uses of spin locks that depend on the previous + behavior (e.g., using spin locks as atomic variables to try to implement + Dekker's mutual exclusion algorithm). + +* The port to Native Client running on ARMv7-A (--host=arm-nacl) has been + removed. + +* Sun RPC is deprecated. The rpcgen program, librpcsvc, and Sun RPC headers + will only be built and installed when the GNU C Library is configured with + --enable-obsolete-rpc. This allows alternative RPC implementations, such + as TIRPC or rpcsvc-proto, to be used. + +* The NIS(+) name service modules, libnss_nis, libnss_nisplus, and + libnss_compat, are deprecated, and will not be built or installed by + default. + + The NIS(+) support library, libnsl, is also deprecated. By default, a + compatibility shared library will be built and installed, but not headers + or development libraries. Only a few NIS-related programs require this + library. (In particular, the GNU C Library has never required programs + that use 'gethostbyname' to be linked with libnsl.) + + Replacement implementations based on TIRPC, which additionally support + IPv6, are available from . The configure + option --enable-obsolete-nsl will cause libnsl's headers, and the NIS(+) + name service modules, to be built and installed. + +* The DNS stub resolver no longer performs EDNS fallback. If EDNS or DNSSEC + support is enabled, the configured recursive resolver must support EDNS. + (Responding to EDNS-enabled queries with responses which are not + EDNS-enabled is fine, but FORMERR responses are not.) + +* res_mkquery and res_nmkquery no longer support the IQUERY opcode. DNS + servers have not supported this opcode for a long time. + +* The _res_opcodes variable has been removed from libresolv. It had been + exported by accident. + +* no longer includes inline versions of any string functions, + as this kind of optimization is better done by the compiler. The macros + __USE_STRING_INLINES and __NO_STRING_INLINES no longer have any effect. + +* The nonstandard header has been removed. Most programs should + use instead. If you have a specific need for the definition of + locale_t with no other declarations, please contact + libc-alpha@sourceware.org and explain. + +* The obsolete header has been removed. + +* The obsolete signal constant SIGUNUSED is no longer defined by . + +* The obsolete function cfree has been removed. Applications should use + free instead. + +* The stack_t type no longer has the name struct sigaltstack. This changes + the C++ name mangling for interfaces involving this type. + +* The ucontext_t type no longer has the name struct ucontext. This changes + the C++ name mangling for interfaces involving this type. + +* On M68k GNU/Linux and MIPS GNU/Linux, the fpregset_t type no longer has + the name struct fpregset. On Nios II GNU/Linux, the mcontext_t type no + longer has the name struct mcontext. On SPARC GNU/Linux, the struct + mc_fq, struct rwindow, struct fpq and struct fq types are no longer + defined in sys/ucontext.h, the mc_fpu_t type no longer has the name struct + mc_fpu, the gwindows_t type no longer has the name struct gwindows and the + fpregset_t type no longer has the name struct fpu. This changes the C++ + name mangling for interfaces involving those types. + +* On S/390 GNU/Linux, the constants defined by have been + synced with the kernel: + + - PTRACE_GETREGS, PTRACE_SETREGS, PTRACE_GETFPREGS and PTRACE_SETFPREGS + are not supported on this architecture and have been removed. + + - PTRACE_SINGLEBLOCK, PTRACE_SECCOMP_GET_FILTER, PTRACE_PEEKUSR_AREA, + PTRACE_POKEUSR_AREA, PTRACE_GET_LAST_BREAK, PTRACE_ENABLE_TE, + PTRACE_DISABLE_TE and PTRACE_TE_ABORT_RAND have been added. + + Programs that assume the GET/SETREGS ptrace requests are universally + available will now fail to build, instead of malfunctioning at runtime. + +Changes to build and runtime requirements: + +* Linux kernel 3.2 or later is required at runtime, on all architectures + supported by that kernel. (This is a change from version 2.25 only for + x86-32 and x86-64.) + +* GNU Binutils 2.25 or later is now required to build the GNU C Library. + +* On most architectures, GCC 4.9 or later is required to build the GNU C + Library. On powerpc64le, GCC 6.2 or later is required. + + Older GCC versions and non-GNU compilers are still supported when + compiling programs that use the GNU C Library. (We do not know exactly + how old, and some GNU extensions to C may be _de facto_ required. If you + are interested in helping us make this statement less vague, please + contact libc-alpha@sourceware.org.) + +Security related changes: + +* The DNS stub resolver limits the advertised UDP buffer size to 1200 bytes, + to avoid fragmentation-based spoofing attacks (CVE-2017-12132). + +* LD_LIBRARY_PATH is now ignored in binaries running in privileged AT_SECURE + mode to guard against local privilege escalation attacks (CVE-2017-1000366). + +* Avoid printing a backtrace from the __stack_chk_fail function since it is + called on a corrupt stack and a backtrace is unreliable on a corrupt stack + (CVE-2010-3192). + +* A use-after-free vulnerability in clntudp_call in the Sun RPC system has been + fixed (CVE-2017-12133). + +The following bugs are resolved with this release: + + [984] network: Respond to changed resolv.conf in gethostbyname + [5010] network: sunrpc service cleanup causes unwanted port mapper traffic + [12068] localedata: sc_IT: misspelled yesexpr/day/abday/mon/abmon/date_fmt + fields + [12189] libc: __stack_chk_fail should not attempt a backtrace + (CVE-2010-3192) + [14096] time: Race condition on timezone/tst-timezone.out + [14172] localedata: az_IR: new locale + [14995] build: glibc fails to build if gold is the default linker, even if + ld.bfd is available + [15998] build: [powerpc] Set arch_minimum_kernel for powerpc LE + [16637] network: inet_pton function is accepting IPv6 with bad format + [16640] string: string/strtok.c: undefined behaviour inconsistent between + x86 and other generic code + [16875] localedata: ko_KR: fix lang_name + [17225] localedata: ar_SY: localized month names for May and June are + incorrect + [17297] localedata: da_DK: wrong date_fmt string + [18907] stdio: Incorrect order of __wur __THROW in + [18934] localedata: hu_HU: collate: fix multiple bugs and add tests + [18988] nptl: pthread wastes memory with mlockall(MCL_FUTURE) + [19066] localedata: ar_SA abbreviated day and month names are in English + [19569] network: resolv: Support an arbitrary number of search domains + [19570] network: Implement random DNS server selection in the stub + resolver + [19838] locale: localedef fails on PA-RISC + [19919] localedata: iso14651_t1_common: Correct the Malayalam sorting + order of 0D36 and 0D37 + [19922] localedata: iso14651_t1_common: Define collation for Malayalam + chillu characters + [20098] libc: FAIL: debug/backtrace-tst on hppa + [20257] network: sunrpc: clntudp_call does not enforce timeout when + receiving data + [20275] localedata: locale day/abday/mon/abmon should not have trailing + whitespace + [20313] localedata: Update locale data to Unicode 9.0 + [20424] manual: Document how to provide a malloc replacement + [20496] localedata: agr_PE: new language locale Awajún / Aguaruna (agr) + for Peru + [20686] locale: Add el_GR@euro to SUPPORTED. + [20831] dynamic-link: _dl_map_segments does not test for __mprotect + failures consistently + [21015] dynamic-link: Document and fix --enable-bind-now + [21016] nptl: pthread_cond support is broken on hppa + [21029] libc: glibc-2.23 (and later) fails to compile with -fno-omit- + frame-pointer on i386 + [21049] libc: segfault in longjmp_chk() due to clobbered processor + register + [21075] libc: unused assigment to %g4 in sparc/sparc{64,32}/clone.S + [21088] libc: Build fails with --enable-static-nss + [21094] math: cosf(1.57079697) has 3 ulp error on targets where the + generic c code is used + [21109] libc: Tunables broken on big-endian + [21112] math: powf has large ulp errors with base close to 1 and exponent + around 4000 + [21115] network: sunrpc: Use-after-free in error path in clntudp_call + (CVE-2017-12133) + [21120] malloc: glibc malloc is incompatible with GCC 7 + [21130] math: Incorrect return from y0l (-inf) and y1l (-inf) when linking + with -lieee + [21134] math: Exception (divide by zero) not set for y0/y1 (0.0) and y0/y1 + (-0.0) when linking with -lieee + [21171] math: log10, log2 and lgamma return incorrect results + [21179] libc: handle R_SPARC_DISP64 and R_SPARC_REGISTER relocs + [21182] libc: __memchr_sse2: regression in glibc-2.25 on i686 + [21207] localedata: ce_RU: update weekdays from CLDR + [21209] dynamic-link: LD_HWCAP_MASK read in setuid binaries + [21217] localedata: Update months from CLDR-31 + [21232] libc: miss posix_fadvise64 on MIPS64 when static linking + [21243] libc: support_delete_temp_file should issue warning for failed + remove() + [21244] libc: support resolv_test_start() socket fd close should be + checked for errors. + [21253] libc: localedef randomly segfaults when using -fstack-check due to + new posix_spawn implementation + [21258] dynamic-link: Branch predication in _dl_runtime_resolve_avx512_opt + leads to lower CPU frequency + [21259] libc: [alpha] termios.h missing IXANY for POSIX + [21261] libc: [sparc64] bits/setjmp.h namespace + [21267] network: [mips] bits/socket.h IOC* namespace + [21268] libc: [alpha] termios.h NL2, NL3 namespace + [21270] libc: mmap64 silently truncates large offset values + [21275] libc: posix_spawn always crashes on ia64 now + [21277] libc: [alpha] termios.h missing IUCLC for UNIX98 and older + [21280] math: [powerpc] logbl for POWER7 return incorrect results + [21289] libc: Incorrect declaration for 32-bit platforms with + _FILE_OFFSET_BITS=64 causes build error + [21295] network: GETAI(AF_UNSPEC) drops IPv6 addresses if nss module does + not support gethostbyname4_r + [21298] nptl: rwlock can deadlock on frequent reader/writer phase + switching + [21338] malloc: mallopt M_ARENA_MAX doesn't set the maximum number of + arenas + [21340] libc: Support POSIX_SPAWN_SETSID + [21357] libc: unwind-dw2-fde deadlock when using AddressSanitizer + [21359] network: ns_name_pack needs additional byte in destination buffer + [21361] network: resolv: Reduce advertised EDNS0 buffer size to guard + against fragmentation attacks (CVE-2017-12132) + [21369] network: resolv: Remove EDNS fallback + [21371] libc: Missing timespec definition when compiled with _XOPEN_SOURCE + and _POSIX_C_SOURCE + [21386] nptl: Assertion in fork for distinct parent PID is incorrect + [21391] dynamic-link: x86: Set dl_platform and dl_hwcap from CPU features + [21393] stdio: Missing dup3 error check in freopen, freopen64 + [21396] libc: Use AVX2 memcpy/memset on Skylake server + [21399] localedata: Bad description for U00EC in + localedata/charmaps/CP1254 + [21411] malloc: realloc documentation error + [21426] network: sys/socket.h uio.h namespace + [21428] libc: [aarch64] tst-backtrace5 testsuite failure + [21445] libc: signal.h bsd_signal namespace + [21455] network: Network headers stdint.h namespace + [21474] network: resolv: res_init does not use RES_DFLRETRY (2) but 4 for + retry value + [21475] network: resolv: Overlong search path is truncated mid-label + [21511] libc: sigstack namespace + [21512] libc: clone() ends up calling exit_group() through _exit() wrapper + [21514] libc: sysdeps/unix/sysv/linux/sys/syscall.h:31:27: fatal error: + bits/syscall.h: No such file or directory + [21517] libc: struct sigaltstack namespace + [21528] dynamic-link: Duplicated minimal strtoul implementations in ld.so + [21533] localedata: Update locale data to Unicode 10.0 + [21537] libc: + ../sysdeps/unix/sysv/linux/s390/s390-32/__makecontext_ret.S:44: Error: + junk at end of line, first unrecognized character is `@' + [21538] libc: SIG_HOLD missing for XPG4 + [21539] libc: S390: Mismatch between kernel and glibc ptrace.h with + request 12: PTRACE_SINGLEBLOCK vs PTRACE_GETREGS. + [21542] libc: Use conservative default for sysconf (_SC_NPROCESSORS_ONLN) + [21543] libc: sigevent namespace + [21548] libc: [mips] get/set/make/swap context for MIPS O32 assume wrong + size for general purpose registers in mcontext_t structure + [21550] libc: sigwait namespace + [21552] libc: XPG4 bsd_signal namespace + [21554] libc: sigpause namespace + [21560] libc: sys/wait.h signal.h namespace + [21561] libc: waitid namespace + [21573] nptl: GCC 7: /usr/bin/install: cannot remove + '/usr/include/stdlib.h': Permission denied + [21575] libc: sys/wait.h missing struct rusage definition + [21584] libc: sigaltstack etc namespace + [21597] libc: siginterrupt namespace + [21607] math: hppa: FAIL: math/test-tgmath + [21609] dynamic-link: Incomplete workaround for GCC __tls_get_addr ABI + issue on x86-64 + [21622] libc: [tile] missing SA_* for POSIX.1:2008 + [21624] dynamic-link: ld.so: Unsafe alloca allows local attackers to alias + stack and heap (CVE-2017-1000366) + [21625] libc: wait3 namespace + [21654] nss: Incorrect pointer alignment in NSS group merge result + construction + [21657] network: Parse interface zone id for node-local multicast + [21662] string: memcmp-avx2-movbe.S lacks saturating subtraction for + between_2_3 + [21666] libc: .symver is used on common symbol + [21668] network: resolv: res_init cross-thread broadcast introduces race + conditions + [21687] math: tgmath.h totalorder, totalordermag return type + [21694] locale: Current Glibc Locale Does Not Support Tok-Pisin and Fiji + Hindi Locale + [21696] libc: Incorrect assumption of of __cpu_mask in + posix/sched_cpucount.c + [21697] libc: sysdeps/posix/spawni.c: 2 * suspicious condition ? + [21706] localedata: yesstr and nostr are missing for Breton [LC_MESSAGES] + locale + [21707] math: ppc64le: Invalid IFUNC resolver from libgcc calls getauxval, + leading to relocation crash + [21709] libc: resolv_conf.c:552: update_from_conf: Assertion + `resolv_conf_matches (resp, conf)' failed. + [21710] localedata: Added Samoan language locale for Samoa + [21711] localedata: Pashto yesstr/nostr locale are missing + [21715] nptl: sysdeps/nptl/bits/pthreadtypes.h: typedef guard + __have_pthread_attr_t can cause redefinition of typedef ‘pthread_attr_t’ + [21721] localedata: Incorrect Full Weekday names for ks_IN@devanagari + [21723] localedata: yesstr/nostr missing for Chinese language locale + [21724] localedata: yesstr and nostr are missing for Xhosa [LC_MESSAGES] + locale + [21727] localedata: yesstr and nostr are missing for Tsonga [LC_MESSAGES] + locale + [21728] localedata: New Locale for Tongan language + [21729] localedata: incorrect LC_NAME fields for hi_IN + [21733] localedata: yesstr and nostr are missing for zh_HK + [21734] localedata: Missing yesstr and nostr are for kw_GB + [21738] libc: misc/tst-preadvwritev2 and misc/tst-preadvwritev64v2 fail + [21741] libc: Undefined __memmove_chk_XXX and __memset_chk_XXX in libc.a + [21742] libc: _dl_num_cache_relocations is undefined in libc.a + [21743] localedata: ks_IN@devanagari: abday strings mismatch the day + strings + [21744] libc: Tests failing on --enable-tunables --enable-stack- + protector=all + [21749] localedata: Wrong abbreviated day name (“abday”) for + ar_JO/ar_LB/ar_SY + [21756] localedata: missing yesstr, nostr for nds_DE and nds_NL + [21757] localedata: missing yesstr, nostr for pap_AW and pap_CW + [21759] localedata: missing yesstr and nostr for Tigrinya + [21760] localedata: Fix LC_MESSAGES and LC_ADDRESS for anp_IN + [21766] localedata: Wrong LC_MESSAGES for om_ET Locale + [21767] localedata: Missing Bislama locales + [21768] localedata: Missing yesstr and nostr for aa_ET + [21770] localedata: Missing Field in li_NL + [21778] nptl: Robust mutex may deadlock + [21779] libc: MicroBlaze segfaults when loading libpthread + [21783] localedata: Fix int_select international_call_prefixes + [21784] localedata: Inconsistency in country_isbn + [21788] localedata: Missing Country Postal Abbreviations + [21794] localedata: Added-country_isbn-for-Italy + [21795] localedata: Add/Fix country_isbn for France + [21796] localedata: Added country_isbn for Republic of Korea + [21797] localedata: Fix inconsistency in country_isbn and missing prefixes + [21799] localedata: Added int_select international_call_prefixes + [21801] localedata: Added int_select international_call_prefixes + [21804] nptl: Double semicolon in thread-shared-types.h + [21807] localedata: LC_ADDRESS fix for pap_CW + [21808] localedata: Fix LC_ADDRESS for pap_AW + [21821] localedata: Added country_name in mai_IN + [21822] localedata: Fix LC_TIME for mai_IN + [21823] localedata: missing yesstr, nostr for sa_IN + [21825] localedata: Fix name_mrs for mag_IN + [21828] localedata: 2.26 changelog should mention user visible changes + with unicode 9.0 + [21835] localedata: Added Maithili language locale for Nepal + [21838] localedata: Removed redundant data for the_NP + [21839] localedata: Fix LC_MONETARY for ta_LK + [21844] localedata: Fix Latin characters and Months Sequence. + [21848] localedata: Fix mai_NP Title Name + + +Version 2.25 + +* The feature test macro __STDC_WANT_LIB_EXT2__, from ISO/IEC TR + 24731-2:2010, is supported to enable declarations of functions from that + TR. Note that not all functions from that TR are supported by the GNU C + Library. + +* The feature test macro __STDC_WANT_IEC_60559_BFP_EXT__, from ISO/IEC TS + 18661-1:2014, is supported to enable declarations of functions and macros + from that TS. Note that not all features from that TS are supported by + the GNU C Library. + +* The feature test macro __STDC_WANT_IEC_60559_FUNCS_EXT__, from ISO/IEC TS + 18661-4:2015, is supported to enable declarations of functions and macros + from that TS. Note that most features from that TS are not supported by + the GNU C Library. + +* The nonstandard feature selection macros _REENTRANT and _THREAD_SAFE are + now treated as compatibility synonyms for _POSIX_C_SOURCE=199506L. + Since the GNU C Library defaults to a much newer revision of POSIX, this + will only affect programs that specifically request an old conformance + mode. For instance, a program compiled with -std=c89 -D_REENTRANT will + see a change in the visible declarations, but a program compiled with + just -D_REENTRANT, or -std=c99 -D_POSIX_C_SOURCE=200809L -D_REENTRANT, + will not. + + Some C libraries once required _REENTRANT and/or _THREAD_SAFE to be + defined by all multithreaded code, but glibc has not required this for + many years. + +* The inclusion of by is deprecated. This + means that in a future release, the macros “major”, “minor”, and “makedev” + will only be available from . + + These macros are not part of POSIX nor XSI, and their names frequently + collide with user code; see for instance glibc bug 19239 and Red Hat bug + 130601. includes under _GNU_SOURCE, and C++ code + presently cannot avoid being compiled under _GNU_SOURCE, exacerbating the + problem. + +* New features from TS 18661-1:2014 are added to libm: the + fesetexcept, fetestexceptflag, fegetmode and fesetmode functions, the + femode_t type and the FE_DFL_MODE and FE_SNANS_ALWAYS_SIGNAL macros. + +* Integer width macros from TS 18661-1:2014 are added to : + CHAR_WIDTH, SCHAR_WIDTH, UCHAR_WIDTH, SHRT_WIDTH, USHRT_WIDTH, INT_WIDTH, + UINT_WIDTH, LONG_WIDTH, ULONG_WIDTH, LLONG_WIDTH, ULLONG_WIDTH; and to + : INT8_WIDTH, UINT8_WIDTH, INT16_WIDTH, UINT16_WIDTH, + INT32_WIDTH, UINT32_WIDTH, INT64_WIDTH, UINT64_WIDTH, INT_LEAST8_WIDTH, + UINT_LEAST8_WIDTH, INT_LEAST16_WIDTH, UINT_LEAST16_WIDTH, + INT_LEAST32_WIDTH, UINT_LEAST32_WIDTH, INT_LEAST64_WIDTH, + UINT_LEAST64_WIDTH, INT_FAST8_WIDTH, UINT_FAST8_WIDTH, INT_FAST16_WIDTH, + UINT_FAST16_WIDTH, INT_FAST32_WIDTH, UINT_FAST32_WIDTH, INT_FAST64_WIDTH, + UINT_FAST64_WIDTH, INTPTR_WIDTH, UINTPTR_WIDTH, INTMAX_WIDTH, + UINTMAX_WIDTH, PTRDIFF_WIDTH, SIG_ATOMIC_WIDTH, SIZE_WIDTH, WCHAR_WIDTH, + WINT_WIDTH. + +* New features are added from TS 18661-1:2014: + + - Signaling NaN macros: SNANF, SNAN, SNANL. + + - Nearest integer functions: roundeven, roundevenf, roundevenl, fromfp, + fromfpf, fromfpl, ufromfp, ufromfpf, ufromfpl, fromfpx, fromfpxf, + fromfpxl, ufromfpx, ufromfpxf, ufromfpxl. + + - llogb functions: the llogb, llogbf and llogbl functions, and the + FP_LLOGB0 and FP_LLOGBNAN macros. + + - Max-min magnitude functions: fmaxmag, fmaxmagf, fmaxmagl, fminmag, + fminmagf, fminmagl. + + - Comparison macros: iseqsig. + + - Classification macros: iscanonical, issubnormal, iszero. + + - Total order functions: totalorder, totalorderf, totalorderl, + totalordermag, totalordermagf, totalordermagl. + + - Canonicalize functions: canonicalize, canonicalizef, canonicalizel. + + - NaN functions: getpayload, getpayloadf, getpayloadl, setpayload, + setpayloadf, setpayloadl, setpayloadsig, setpayloadsigf, setpayloadsigl. + +* The functions strfromd, strfromf, and strfroml, from ISO/IEC TS 18661-1:2014, + are added to libc. They convert a floating-point number into string. + +* Most of glibc can now be built with the stack smashing protector enabled. + It is recommended to build glibc with --enable-stack-protector=strong. + Implemented by Nick Alcock (Oracle). + +* The function explicit_bzero, from OpenBSD, has been added to libc. It is + intended to be used instead of memset() to erase sensitive data after use; + the compiler will not optimize out calls to explicit_bzero even if they + are "unnecessary" (in the sense that no _correct_ program can observe the + effects of the memory clear). + +* On ColdFire, MicroBlaze, Nios II and SH3, the float_t type is now defined + to float instead of double. This does not affect the ABI of any libraries + that are part of the GNU C Library, but may affect the ABI of other + libraries that use this type in their interfaces. + +* On x86_64, when compiling with -mfpmath=387 or -mfpmath=sse+387, the + float_t and double_t types are now defined to long double instead of float + and double. These options are not the default, and this does not affect + the ABI of any libraries that are part of the GNU C Library, but it may + affect the ABI of other libraries that use this type in their interfaces, + if they are compiled or used with those options. + +* The getentropy and getrandom functions, and the header file + have been added. + +* The buffer size for byte-oriented stdio streams is now limited to 8192 + bytes by default. Previously, on Linux, the default buffer size on most + file systems was 4096 bytes (and thus remains unchanged), except on + network file systems, where the buffer size was unpredictable and could be + as large as several megabytes. + +* The header now includes the header. Support + for the Linux quota interface which predates kernel version 2.4.22 has + been removed. + +* The malloc_get_state and malloc_set_state functions have been removed. + Already-existing binaries that dynamically link to these functions will + get a hidden implementation in which malloc_get_state is a stub. As far + as we know, these functions are used only by GNU Emacs and this change + will not adversely affect already-built Emacs executables. Any undumped + Emacs executables, which normally exist only during an Emacs build, should + be rebuilt by re-running “./configure; make” in the Emacs build tree. + +* The “ip6-dotint” and “no-ip6-dotint” resolver options, and the + corresponding RES_NOIP6DOTINT flag from have been removed. + “no-ip6-dotint” had already been the default, and support for the + “ip6-dotint” option was removed from the Internet in 2006. + +* The "ip6-bytestring" resolver option and the corresponding RES_USEBSTRING + flag from have been removed. The option relied on a + backwards-incompatible DNS extension which was never deployed on the + Internet. + +* The flags RES_AAONLY, RES_PRIMARY, RES_NOCHECKNAME, RES_KEEPTSIG, + RES_BLAST defined in the header file have been deprecated. + They were already unimplemented. + +* The "inet6" option in /etc/resolv.conf and the RES_USE_INET6 flag for + _res.flags are deprecated. The flag was standardized in RFC 2133, but + removed again from the IETF name lookup interface specification in RFC + 2553. Applications should use getaddrinfo instead. + +* DNSSEC-related declarations and definitions have been removed from the + header file, and libresolv will no longer attempt to + decode the data part of DNSSEC record types. Previous versions of glibc + only implemented minimal support for the previous version of DNSSEC, which + is incompatible with the currently deployed version. + +* The resource record type classification macros ns_t_qt_p, ns_t_mrr_p, + ns_t_rr_p, ns_t_udp_p, ns_t_xfr_p have been removed from the + header file because the distinction between RR types and + meta-RR types is not officially standardized, subject to revision, and + thus not suitable for encoding in a macro. + +* The types res_sendhookact, res_send_qhook, re_send_rhook, and the qhook + and rhook members of the res_state type in have been removed. + The glibc stub resolver did not support these hooks, but the header file + did not reflect that. + +* For multi-arch support it is recommended to use a GCC which has + been built with support for GNU indirect functions. This ensures + that correct debugging information is generated for functions + selected by IFUNC resolvers. This support can either be enabled by + configuring GCC with '--enable-gnu-indirect-function', or by + enabling it by default by setting 'default_gnu_indirect_function' + variable for a particular architecture in the GCC source file + 'gcc/config.gcc'. + +* GDB pretty printers have been added for mutex and condition variable + structures in POSIX Threads. When installed and loaded in gdb these pretty + printers show various pthread variables in human-readable form when read + using the 'print' or 'display' commands in gdb. + +* Tunables feature added to allow tweaking of the runtime for an application + program. This feature can be enabled with the '--enable-tunables' configure + flag. The GNU C Library manual has details on usage and README.tunables has + instructions on adding new tunables to the library. + +* A new version of condition variables functions have been implemented in + the NPTL implementation of POSIX Threads to provide stronger ordering + guarantees. + +* A new version of pthread_rwlock functions have been implemented to use a more + scalable algorithm primarily through not using a critical section anymore to + make state changes. +>>>>>>> c369d66e54... CVE-2017-15670: glob: Fix one-byte overflow [BZ #22320] Security related changes: diff --git a/posix/glob.c b/posix/glob.c index ea4b0b61eb..08f240a1ff 100644 --- a/posix/glob.c +++ b/posix/glob.c @@ -856,7 +856,7 @@ glob (const char *pattern, int flags, int (*errfunc) (const char *, int), *p = '\0'; } else - *((char *) mempcpy (newp, dirname + 1, end_name - dirname)) + *((char *) mempcpy (newp, dirname + 1, end_name - dirname - 1)) = '\0'; user_name = newp; } -- 2.14.2