Hello community,
here is the log from the commit of package glibc for openSUSE:Factory checked
in at 2014-09-03 18:20:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/glibc (Old)
and /work/SRC/openSUSE:Factory/.glibc.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "glibc"
Changes:
--------
--- /work/SRC/openSUSE:Factory/glibc/glibc-testsuite.changes 2014-08-29
17:42:33.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.glibc.new/glibc-testsuite.changes
2014-09-03 18:20:36.000000000 +0200
@@ -1,0 +2,6 @@
+Tue Sep 2 07:52:36 UTC 2014 - sch...@suse.de
+
+- iconv-ibm-sentinel-check.patch: Fix crashes on invalid input in IBM
+ gconv modules (CVE-2014-6040, bnc#894553, BZ #17325)
+
+-------------------------------------------------------------------
glibc-utils.changes: same change
glibc.changes: same change
New:
----
iconv-ibm-sentinel-check.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ glibc-testsuite.spec ++++++
--- /var/tmp/diff_new_pack.jcuVYT/_old 2014-09-03 18:20:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jcuVYT/_new 2014-09-03 18:20:38.000000000 +0200
@@ -270,6 +270,8 @@
Patch1017: ppc64le-profiling.patch
# PATCH-FIX-UPSTREAM S/390 Reverting the jmp_buf/ucontext_t ABI change
(bnc#887228)
Patch1018: s390-revert-abi-change.patch
+# PATCH-FIX-UPSTREAM Disable gconv transliteration module loading (BZ #17187)
+Patch1019: disable-gconv-translit-modules.patch
###
# Patches awaiting upstream approval
@@ -290,8 +292,8 @@
Patch2006: ibm93x-redundant-shift-si.patch
# PATCH-FIX-UPSTREAM Filter out PTHREAD_MUTEX_NO_ELISION_NP bit in
pthread_mutexattr_gettype (BZ #15790)
Patch2007: pthread-mutexattr-gettype-kind.patch
-# PATCH-FIX-UPSTREAM Disable gconv transliteration module loading (BZ #17187)
-Patch2008: disable-gconv-translit-modules.patch
+# PATCH-FIX-UPSTREAM Fix crashes on invalid input in IBM gconv modules (BZ
#17325)
+Patch2008: iconv-ibm-sentinel-check.patch
# Non-glibc patches
# PATCH-FIX-OPENSUSE Remove debianisms from manpages
@@ -511,6 +513,7 @@
%patch1016 -p1
%patch1017 -p1
%patch1018 -p1
+%patch1019 -p1
%patch2000 -p1
%patch2001 -p1
glibc-utils.spec: same change
++++++ glibc.spec ++++++
--- /var/tmp/diff_new_pack.jcuVYT/_old 2014-09-03 18:20:38.000000000 +0200
+++ /var/tmp/diff_new_pack.jcuVYT/_new 2014-09-03 18:20:38.000000000 +0200
@@ -270,6 +270,8 @@
Patch1017: ppc64le-profiling.patch
# PATCH-FIX-UPSTREAM S/390 Reverting the jmp_buf/ucontext_t ABI change
(bnc#887228)
Patch1018: s390-revert-abi-change.patch
+# PATCH-FIX-UPSTREAM Disable gconv transliteration module loading (BZ #17187)
+Patch1019: disable-gconv-translit-modules.patch
###
# Patches awaiting upstream approval
@@ -290,8 +292,8 @@
Patch2006: ibm93x-redundant-shift-si.patch
# PATCH-FIX-UPSTREAM Filter out PTHREAD_MUTEX_NO_ELISION_NP bit in
pthread_mutexattr_gettype (BZ #15790)
Patch2007: pthread-mutexattr-gettype-kind.patch
-# PATCH-FIX-UPSTREAM Disable gconv transliteration module loading (BZ #17187)
-Patch2008: disable-gconv-translit-modules.patch
+# PATCH-FIX-UPSTREAM Fix crashes on invalid input in IBM gconv modules (BZ
#17325)
+Patch2008: iconv-ibm-sentinel-check.patch
# Non-glibc patches
# PATCH-FIX-OPENSUSE Remove debianisms from manpages
@@ -511,6 +513,7 @@
%patch1016 -p1
%patch1017 -p1
%patch1018 -p1
+%patch1019 -p1
%patch2000 -p1
%patch2001 -p1
++++++ iconv-ibm-sentinel-check.patch ++++++
2014-08-29 Florian Weimer <fwei...@redhat.com>
[BZ #17325]
* iconvdata/ibm1364.c (BODY): Fix check for sentinel.
* iconvdata/ibm932.c (BODY): Replace invalid sentinel check with
assert.
* iconvdata/ibm933.c (BODY): Fix check for sentinel.
* iconvdata/ibm935.c (BODY): Likewise.
* iconvdata/ibm937.c (BODY): Likewise.
* iconvdata/ibm939.c (BODY): Likewise.
* iconvdata/ibm943.c (BODY): Replace invalid sentinel check with
assert.
* iconvdata/Makefile (iconv-test.out): Pass module list to test
script.
* iconvdata/run-iconv-test.sh: New test loop for checking for
decoder crashers.
Index: glibc-2.19/iconvdata/Makefile
===================================================================
--- glibc-2.19.orig/iconvdata/Makefile
+++ glibc-2.19/iconvdata/Makefile
@@ -302,6 +302,7 @@ $(objpfx)bug-iconv10.out: $(objpfx)gconv
$(objpfx)iconv-test.out: run-iconv-test.sh $(objpfx)gconv-modules \
$(addprefix $(objpfx),$(modules.so)) \
$(common-objdir)/iconv/iconv_prog TESTS
+ iconv_modules="$(modules)" \
$(SHELL) $< $(common-objdir) '$(test-wrapper)' > $@
$(objpfx)tst-tables.out: tst-tables.sh $(objpfx)gconv-modules \
Index: glibc-2.19/iconvdata/ibm1364.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm1364.c
+++ glibc-2.19/iconvdata/ibm1364.c
@@ -220,7 +220,8 @@ enum
++rp2; \
\
uint32_t res; \
- if (__builtin_expect (ch < rp2->start, 0) \
+ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
|| (res = DB_TO_UCS4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
{ \
Index: glibc-2.19/iconvdata/ibm932.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm932.c
+++ glibc-2.19/iconvdata/ibm932.c
@@ -73,11 +73,12 @@
} \
\
ch = (ch * 0x100) + inptr[1]; \
+ /* ch was less than 0xfd. */ \
+ assert (ch < 0xfd00); \
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
- || __builtin_expect (ch < rp2->start, 0) \
+ if (__builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm932db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, '\1') == 0 && ch !=0)) \
{ \
Index: glibc-2.19/iconvdata/ibm933.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm933.c
+++ glibc-2.19/iconvdata/ibm933.c
@@ -161,7 +161,7 @@ enum
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
+ if (__builtin_expect (rp2->start == 0xffff, 0) \
|| __builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm933db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
Index: glibc-2.19/iconvdata/ibm935.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm935.c
+++ glibc-2.19/iconvdata/ibm935.c
@@ -161,7 +161,7 @@ enum
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
+ if (__builtin_expect (rp2->start == 0xffff, 0) \
|| __builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm935db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
Index: glibc-2.19/iconvdata/ibm937.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm937.c
+++ glibc-2.19/iconvdata/ibm937.c
@@ -161,7 +161,7 @@ enum
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
+ if (__builtin_expect (rp2->start == 0xffff, 0) \
|| __builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm937db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
Index: glibc-2.19/iconvdata/ibm939.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm939.c
+++ glibc-2.19/iconvdata/ibm939.c
@@ -161,7 +161,7 @@ enum
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
+ if (__builtin_expect (rp2->start == 0xffff, 0) \
|| __builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm939db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
Index: glibc-2.19/iconvdata/ibm943.c
===================================================================
--- glibc-2.19.orig/iconvdata/ibm943.c
+++ glibc-2.19/iconvdata/ibm943.c
@@ -74,11 +74,12 @@
} \
\
ch = (ch * 0x100) + inptr[1]; \
+ /* ch was less than 0xfd. */ \
+ assert (ch < 0xfd00); \
while (ch > rp2->end) \
++rp2; \
\
- if (__builtin_expect (rp2 == NULL, 0) \
- || __builtin_expect (ch < rp2->start, 0) \
+ if (__builtin_expect (ch < rp2->start, 0) \
|| (res = __ibm943db_to_ucs4[ch + rp2->idx], \
__builtin_expect (res, '\1') == 0 && ch !=0)) \
{ \
Index: glibc-2.19/iconvdata/run-iconv-test.sh
===================================================================
--- glibc-2.19.orig/iconvdata/run-iconv-test.sh
+++ glibc-2.19/iconvdata/run-iconv-test.sh
@@ -188,6 +188,24 @@ while read utf8 from filename; do
done < TESTS2
+# Check for crashes in decoders.
+printf '\016\377\377\377\377\377\377\377' > $temp1
+for from in $iconv_modules ; do
+ echo $ac_n "test decoder $from $ac_c"
+ PROG=`eval echo $ICONV`
+ if $PROG < $temp1 >/dev/null 2>&1 ; then
+ : # fall through
+ else
+ status=$?
+ if test $status -gt 1 ; then
+ echo "/FAILED"
+ failed=1
+ continue
+ fi
+ fi
+ echo "OK"
+done
+
exit $failed
# Local Variables:
# mode:shell-script
--
To unsubscribe, e-mail: opensuse-commit+unsubscr...@opensuse.org
For additional commands, e-mail: opensuse-commit+h...@opensuse.org
