Date: Friday, October 25, 2013 @ 23:17:14
Author: allan
Revision: 197431
upgpkg: glibc 2.18-9
fix getaddrinfo assertion (FS#34832), CVE-2013-4458
Added:
glibc/trunk/glibc-2.18-getaddrinfo-CVE-2013-4458.patch
glibc/trunk/glibc-2.18-getaddrinfo-assertion.patch
Modified:
glibc/trunk/PKGBUILD
--------------------------------------------+
PKGBUILD | 17 +++++++----
glibc-2.18-getaddrinfo-CVE-2013-4458.patch | 41 +++++++++++++++++++++++++++
glibc-2.18-getaddrinfo-assertion.patch | 39 +++++++++++++++++++++++++
3 files changed, 92 insertions(+), 5 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-10-25 20:13:38 UTC (rev 197430)
+++ PKGBUILD 2013-10-25 21:17:14 UTC (rev 197431)
@@ -8,7 +8,7 @@
pkgname=glibc
pkgver=2.18
-pkgrel=8
+pkgrel=9
pkgdesc="GNU C Library"
arch=('i686' 'x86_64')
url="http://www.gnu.org/software/libc";
@@ -27,6 +27,8 @@
glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
glibc-2.18-strcoll-CVE-2012-4412+4424.patch
glibc-2.18-ptr-mangle-CVE-2013-4788.patch
+ glibc-2.18-getaddrinfo-CVE-2013-4458.patch
+ glibc-2.18-getaddrinfo-assertion.patch
glibc-2.18-strstr-hackfix.patch
nscd.service
nscd.tmpfiles
@@ -39,6 +41,8 @@
'b79561ab9dce900e9bbeaf0d49927c2b'
'c7264b99d0f7e51922a4d3126182c40a'
'9749ba386b08a8fe53e7ecede9bf2dfb'
+ '71329fccb8eb583fb0d67b55f1e8df68'
+ 'd4d86add33f22125777e0ecff06bc9bb'
'4441f6dfe7d75ced1fa75e54dd21d36e'
'd5fab2cd3abea65aa5ae696ea4a47d6b'
'da662ca76e7c8d7efbc7986ab7acea2d'
@@ -58,13 +62,17 @@
patch -p1 -i $srcdir/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
# upstream commits 1326ba1a, 141f3a77 and 303e567a
- # https://sourceware.org/ml/libc-alpha/2013-08/msg00394.html
- # https://sourceware.org/ml/libc-alpha/2013-08/msg00462.html
patch -p1 -i $srcdir/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
# upstream commits c61b4d41 and 0b1f8e35
patch -p1 -i $srcdir/glibc-2.18-ptr-mangle-CVE-2013-4788.patch
+ # upstream commit 7cbcdb36
+ patch -p1 -i $srcdir/glibc-2.18-getaddrinfo-CVE-2013-4458.patch
+
+ # upstream commit 894f3f10
+ patch -p1 -i $srcdir/glibc-2.18-getaddrinfo-assertion.patch
+
# hack fix for strstr issues on x86
patch -p1 -i $srcdir/glibc-2.18-strstr-hackfix.patch
@@ -148,9 +156,8 @@
${srcdir}/glibc-${pkgver}/localedata/SUPPORTED >> ${pkgdir}/etc/locale.gen
# remove the static libraries that have a shared counterpart
- cd $pkgdir/usr/lib
# note: keep libc, libdl, libm, libpthread for binutils testsuite
- rm lib{anl,BrokenLocale,crypt,nsl,resolv,rt,util}.a
+ rm $pkgdir/usr/lib/lib{anl,BrokenLocale,crypt,nsl,resolv,rt,util}.a
# Do not strip the following files for improved debugging support
# ("improved" as in not breaking gdb and valgrind...):
Added: glibc-2.18-getaddrinfo-CVE-2013-4458.patch
===================================================================
--- glibc-2.18-getaddrinfo-CVE-2013-4458.patch (rev 0)
+++ glibc-2.18-getaddrinfo-CVE-2013-4458.patch 2013-10-25 21:17:14 UTC (rev
197431)
@@ -0,0 +1,41 @@
+diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
+index e6ce4cf..8ff74b4 100644
+--- a/sysdeps/posix/getaddrinfo.c
++++ b/sysdeps/posix/getaddrinfo.c
+@@ -197,7 +197,22 @@ gaih_inet_serv (const char *servicename, const struct
gaih_typeproto *tp,
+ &rc, &herrno, NULL, &localcanon)); \
+ if (rc != ERANGE || herrno != NETDB_INTERNAL) \
+ break; \
+- tmpbuf = extend_alloca (tmpbuf, tmpbuflen, 2 * tmpbuflen);
\
++ if (!malloc_tmpbuf && __libc_use_alloca (alloca_used + 2 * tmpbuflen))
\
++ tmpbuf = extend_alloca_account (tmpbuf, tmpbuflen, 2 * tmpbuflen,
\
++ alloca_used); \
++ else \
++ {
\
++ char *newp = realloc (malloc_tmpbuf ? tmpbuf : NULL, \
++ 2 * tmpbuflen); \
++ if (newp == NULL) \
++ { \
++ result = -EAI_MEMORY; \
++ goto free_and_return; \
++ } \
++ tmpbuf = newp; \
++ malloc_tmpbuf = true; \
++ tmpbuflen = 2 * tmpbuflen; \
++ }
\
+ } \
+ if (status == NSS_STATUS_SUCCESS && rc == 0)
\
+ h = &th; \
+@@ -209,7 +224,8 @@ gaih_inet_serv (const char *servicename, const struct
gaih_typeproto *tp,
+ { \
+ __set_h_errno (herrno); \
+ _res.options |= old_res_options & RES_USE_INET6; \
+- return -EAI_SYSTEM; \
++ result = -EAI_SYSTEM; \
++ goto free_and_return; \
+ } \
+ if (herrno == TRY_AGAIN)
\
+ no_data = EAI_AGAIN; \
+--
+1.8.4.1
+
Added: glibc-2.18-getaddrinfo-assertion.patch
===================================================================
--- glibc-2.18-getaddrinfo-assertion.patch (rev 0)
+++ glibc-2.18-getaddrinfo-assertion.patch 2013-10-25 21:17:14 UTC (rev
197431)
@@ -0,0 +1,39 @@
+diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c
+index 0f4b885..e6ce4cf 100644
+--- a/sysdeps/posix/getaddrinfo.c
++++ b/sysdeps/posix/getaddrinfo.c
+@@ -1666,13 +1666,13 @@ rfc3484_sort (const void *p1, const void *p2, void
*arg)
+
+ /* Fill in the results in all the records. */
+ for (int i = 0; i < src->nresults; ++i)
+- if (src->results[i].index == a1_index)
++ if (a1_index != -1 && src->results[i].index == a1_index)
+ {
+ assert (src->results[i].native == -1
+ || src->results[i].native == a1_native);
+ src->results[i].native = a1_native;
+ }
+- else if (src->results[i].index == a2_index)
++ else if (a2_index != -1 && src->results[i].index == a2_index)
+ {
+ assert (src->results[i].native == -1
+ || src->results[i].native == a2_native);
+@@ -2532,7 +2532,14 @@ getaddrinfo (const char *name, const char *service,
+ tmp.addr[0] = 0;
+ tmp.addr[1] = 0;
+ tmp.addr[2] = htonl (0xffff);
+- tmp.addr[3] = sinp->sin_addr.s_addr;
++ /* Special case for lo interface, the source address
++ being possibly different than the interface
++ address. */
++ if ((ntohl(sinp->sin_addr.s_addr) & 0xff000000)
++ == 0x7f000000)
++ tmp.addr[3] = htonl(0x7f000001);
++ else
++ tmp.addr[3] = sinp->sin_addr.s_addr;
+ }
+ else
+ {
+--
+1.8.4.1
+
