diff --git a/pkgs/development/libraries/glibc/2.18/common.nix b/pkgs/development/libraries/glibc/2.18/common.nix index 66251e0fc49..6ffc8d495f1 100644 --- a/pkgs/development/libraries/glibc/2.18/common.nix +++ b/pkgs/development/libraries/glibc/2.18/common.nix @@ -13,7 +13,7 @@ cross: let - version = "2.17"; + version = "2.18"; in @@ -44,9 +44,6 @@ stdenv.mkDerivation ({ /* Don't use /etc/ld.so.cache, for non-NixOS systems. */ ./dont-use-system-ld-so-cache.patch - /* Without this patch many KDE binaries crash. */ - ./glibc-elf-localscope.patch - /* Add blowfish password hashing support. This is needed for compatibility with old NixOS installations (since NixOS used to default to blowfish). */ @@ -56,12 +53,6 @@ stdenv.mkDerivation ({ rfc3484_sort: Assertion `src->results[i].native == -1 || src->results[i].native == a2_native' failed." crashes. */ ./glibc-rh739743.patch - - /* Fix buffer overrun in regexp matcher. */ - ./cve-2013-0242.patch - - /* Fix stack overflow in getaddrinfo with many results. */ - ./cve-2013-1914.patch ]; postPatch = '' @@ -145,7 +136,7 @@ stdenv.mkDerivation ({ } else fetchurl { url = "mirror://gnu/glibc/glibc-${version}.tar.gz"; - sha256 = "0ym3zk9ii64279wgw7pw9xkbxczy2ci7ka6mnfs05rhlainhicm3"; + sha256 = "0d3pnh6kg5r48ga5rg4lhwlc1062brr6fiqs4j23327gzssjgry8"; }; # Remove absolute paths from `configure' & co.; build out-of-tree. diff --git a/pkgs/development/libraries/glibc/2.18/cve-2013-0242.patch b/pkgs/development/libraries/glibc/2.18/cve-2013-0242.patch deleted file mode 100644 index 1d6557071e1..00000000000 --- a/pkgs/development/libraries/glibc/2.18/cve-2013-0242.patch +++ /dev/null @@ -1,87 +0,0 @@ -When extending regex buffers, make sure we allocate enough room for the -state log. Merely doubling the space may not be enough if the current -node has accepted a long run of characters. This part of the code only -triggers with multibyte characters. - -Andreas. - - [BZ #15078] - * posix/regexec.c (extend_buffers): Add parameter min_len. - (check_matching): Pass minimum needed length. - (clean_state_log_if_needed): Likewise. - (get_subexp): Likewise. - * posix/Makefile (tests): Add bug-regex34. - (bug-regex34-ENV): Define. - * posix/bug-regex34.c: New file. - -diff --git a/posix/regexec.c b/posix/regexec.c -index 7f2de85..5ca2bf6 100644 ---- a/posix/regexec.c -+++ b/posix/regexec.c -@@ -197,7 +197,7 @@ static int group_nodes_into_DFAstates (const re_dfa_t *dfa, - static int check_node_accept (const re_match_context_t *mctx, - const re_token_t *node, int idx) - internal_function; --static reg_errcode_t extend_buffers (re_match_context_t *mctx) -+static reg_errcode_t extend_buffers (re_match_context_t *mctx, int min_len) - internal_function; - - /* Entry point for POSIX code. */ -@@ -1160,7 +1160,7 @@ check_matching (re_match_context_t *mctx, int fl_longest_match, - || (BE (next_char_idx >= mctx->input.valid_len, 0) - && mctx->input.valid_len < mctx->input.len)) - { -- err = extend_buffers (mctx); -+ err = extend_buffers (mctx, next_char_idx + 1); - if (BE (err != REG_NOERROR, 0)) - { - assert (err == REG_ESPACE); -@@ -1738,7 +1738,7 @@ clean_state_log_if_needed (re_match_context_t *mctx, int next_state_log_idx) - && mctx->input.valid_len < mctx->input.len)) - { - reg_errcode_t err; -- err = extend_buffers (mctx); -+ err = extend_buffers (mctx, next_state_log_idx + 1); - if (BE (err != REG_NOERROR, 0)) - return err; - } -@@ -2792,7 +2792,7 @@ get_subexp (re_match_context_t *mctx, int bkref_node, int bkref_str_idx) - if (bkref_str_off >= mctx->input.len) - break; - -- err = extend_buffers (mctx); -+ err = extend_buffers (mctx, bkref_str_off + 1); - if (BE (err != REG_NOERROR, 0)) - return err; - -@@ -4102,7 +4102,7 @@ check_node_accept (const re_match_context_t *mctx, const re_token_t *node, - - static reg_errcode_t - internal_function __attribute_warn_unused_result__ --extend_buffers (re_match_context_t *mctx) -+extend_buffers (re_match_context_t *mctx, int min_len) - { - reg_errcode_t ret; - re_string_t *pstr = &mctx->input; -@@ -4111,8 +4111,10 @@ extend_buffers (re_match_context_t *mctx) - if (BE (INT_MAX / 2 / sizeof (re_dfastate_t *) <= pstr->bufs_len, 0)) - return REG_ESPACE; - -- /* Double the lengthes of the buffers. */ -- ret = re_string_realloc_buffers (pstr, MIN (pstr->len, pstr->bufs_len * 2)); -+ /* Double the lengthes of the buffers, but allocate at least MIN_LEN. */ -+ ret = re_string_realloc_buffers (pstr, -+ MAX (min_len, -+ MIN (pstr->len, pstr->bufs_len * 2))); - if (BE (ret != REG_NOERROR, 0)) - return ret; - --- -1.8.1.2 - - --- -Andreas Schwab, SUSE Labs, schwab@suse.de -GPG Key fingerprint = 0196 BAD8 1CE9 1970 F4BE 1748 E4D4 88E3 0EEA B9D7 -"And now for something completely different." - diff --git a/pkgs/development/libraries/glibc/2.18/cve-2013-1914.patch b/pkgs/development/libraries/glibc/2.18/cve-2013-1914.patch deleted file mode 100644 index c2963249f5e..00000000000 --- a/pkgs/development/libraries/glibc/2.18/cve-2013-1914.patch +++ /dev/null @@ -1,52 +0,0 @@ -From: Andreas Schwab -Date: Thu, 21 Mar 2013 14:50:27 +0000 (+0100) -Subject: Fix stack overflow in getaddrinfo with many results -X-Git-Url: http://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=1cef1b19089528db11f221e938f60b9b048945d7 - -Fix stack overflow in getaddrinfo with many results ---- - -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index d95c2d1..2309281 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -2489,11 +2489,27 @@ getaddrinfo (const char *name, const char *service, - __typeof (once) old_once = once; - __libc_once (once, gaiconf_init); - /* Sort results according to RFC 3484. */ -- struct sort_result results[nresults]; -- size_t order[nresults]; -+ struct sort_result *results; -+ size_t *order; - struct addrinfo *q; - struct addrinfo *last = NULL; - char *canonname = NULL; -+ bool malloc_results; -+ -+ malloc_results -+ = !__libc_use_alloca (nresults * (sizeof (*results) + sizeof (size_t))); -+ if (malloc_results) -+ { -+ results = malloc (nresults * (sizeof (*results) + sizeof (size_t))); -+ if (results == NULL) -+ { -+ __free_in6ai (in6ai); -+ return EAI_MEMORY; -+ } -+ } -+ else -+ results = alloca (nresults * (sizeof (*results) + sizeof (size_t))); -+ order = (size_t *) (results + nresults); - - /* Now we definitely need the interface information. */ - if (! check_pf_called) -@@ -2664,6 +2680,9 @@ getaddrinfo (const char *name, const char *service, - - /* Fill in the canonical name into the new first entry. */ - p->ai_canonname = canonname; -+ -+ if (malloc_results) -+ free (results); - } - - __free_in6ai (in6ai); diff --git a/pkgs/development/libraries/glibc/2.18/glibc-elf-localscope.patch b/pkgs/development/libraries/glibc/2.18/glibc-elf-localscope.patch deleted file mode 100644 index 98f7f81087b..00000000000 --- a/pkgs/development/libraries/glibc/2.18/glibc-elf-localscope.patch +++ /dev/null @@ -1,82 +0,0 @@ -diff -ru a/elf/dl-close.c b/elf/dl-close.c ---- a/elf/dl-close.c 2011-02-04 00:35:03.000000000 +0100 -+++ b/elf/dl-close.c 2011-02-22 02:16:12.367883000 +0100 -@@ -180,24 +186,28 @@ - /* Signal the object is still needed. */ - l->l_idx = IDX_STILL_USED; - -+#define mark_used(dmap) \ -+ do { \ -+ if ((dmap)->l_idx != IDX_STILL_USED) \ -+ { \ -+ assert ((dmap)->l_idx >= 0 && (dmap)->l_idx < nloaded); \ -+ \ -+ if (!used[(dmap)->l_idx]) \ -+ { \ -+ used[(dmap)->l_idx] = 1; \ -+ if ((dmap)->l_idx - 1 < done_index) \ -+ done_index = (dmap)->l_idx - 1; \ -+ } \ -+ } \ -+ } while (0) -+ - /* Mark all dependencies as used. */ - if (l->l_initfini != NULL) - { - struct link_map **lp = &l->l_initfini[1]; - while (*lp != NULL) - { -- if ((*lp)->l_idx != IDX_STILL_USED) -- { -- assert ((*lp)->l_idx >= 0 && (*lp)->l_idx < nloaded); -- -- if (!used[(*lp)->l_idx]) -- { -- used[(*lp)->l_idx] = 1; -- if ((*lp)->l_idx - 1 < done_index) -- done_index = (*lp)->l_idx - 1; -- } -- } -- -+ mark_used(*lp); - ++lp; - } - } -@@ -206,19 +216,25 @@ - for (unsigned int j = 0; j < l->l_reldeps->act; ++j) - { - struct link_map *jmap = l->l_reldeps->list[j]; -- -- if (jmap->l_idx != IDX_STILL_USED) -- { -- assert (jmap->l_idx >= 0 && jmap->l_idx < nloaded); -- -- if (!used[jmap->l_idx]) -- { -- used[jmap->l_idx] = 1; -- if (jmap->l_idx - 1 < done_index) -- done_index = jmap->l_idx - 1; -- } -- } -+ mark_used(jmap); - } -+ /* And the same for owners of our scopes; normally, our last -+ scope provider would render us unused, but this can be -+ prevented by the NODELETE flag. */ -+ if (__builtin_expect(l->l_type == lt_loaded -+ && (l->l_flags_1 & DF_1_NODELETE), 0)) -+ for (size_t cnt = 0; l->l_scope[cnt] != NULL; ++cnt) -+ /* This relies on l_scope[] entries being always set either -+ to its own l_symbolic_searchlist address, or some map's -+ l_searchlist address. */ -+ if (l->l_scope[cnt] != &l->l_symbolic_searchlist) -+ { -+ struct link_map *ls = (struct link_map *) -+ ((char *) l->l_scope[cnt] -+ - offsetof (struct link_map, l_searchlist)); -+ assert (ls->l_ns == nsid); -+ mark_used(ls); -+ } - } - - /* Sort the entries. */ diff --git a/pkgs/development/libraries/glibc/2.18/rpcgen-path.patch b/pkgs/development/libraries/glibc/2.18/rpcgen-path.patch index fd81ab5324e..3349449d916 100644 --- a/pkgs/development/libraries/glibc/2.18/rpcgen-path.patch +++ b/pkgs/development/libraries/glibc/2.18/rpcgen-path.patch @@ -1,7 +1,7 @@ -diff -ru glibc-2.17-orig/sunrpc/rpc_main.c glibc-2.17/sunrpc/rpc_main.c ---- glibc-2.17-orig/sunrpc/rpc_main.c 2012-12-25 04:02:13.000000000 +0100 -+++ glibc-2.17/sunrpc/rpc_main.c 2012-12-29 00:21:04.124698455 +0100 -@@ -77,7 +77,7 @@ +diff -ru glibc-2.18-orig/sunrpc/rpc_main.c glibc-2.18/sunrpc/rpc_main.c +--- glibc-2.18-orig/sunrpc/rpc_main.c 2013-08-11 00:52:55.000000000 +0200 ++++ glibc-2.18/sunrpc/rpc_main.c 2013-11-15 12:04:48.041006977 +0100 +@@ -78,7 +78,7 @@ static const char *svcclosetime = "120"; static int cppDefined; /* explicit path for C preprocessor */ @@ -10,7 +10,7 @@ diff -ru glibc-2.17-orig/sunrpc/rpc_main.c glibc-2.17/sunrpc/rpc_main.c static const char CPPFLAGS[] = "-C"; static char *pathbuf; static int cpp_pid; -@@ -106,7 +106,6 @@ +@@ -107,7 +107,6 @@ static void open_output (const char *infile, const char *outfile); static void add_warning (void); static void clear_args (void); @@ -18,7 +18,7 @@ diff -ru glibc-2.17-orig/sunrpc/rpc_main.c glibc-2.17/sunrpc/rpc_main.c static void open_input (const char *infile, const char *define); static int check_nettype (const char *name, const char *list_to_check[]); static void c_output (const char *infile, const char *define, -@@ -318,25 +317,6 @@ +@@ -322,25 +321,6 @@ argcount = FIXEDARGS; } @@ -26,9 +26,9 @@ diff -ru glibc-2.17-orig/sunrpc/rpc_main.c glibc-2.17/sunrpc/rpc_main.c -static void -find_cpp (void) -{ -- struct stat buf; +- struct stat64 buf; - -- if (stat (CPP, &buf) == 0) +- if (stat64 (CPP, &buf) == 0) - return; - - if (cppDefined) /* user specified cpp but it does not exist */ @@ -44,7 +44,7 @@ diff -ru glibc-2.17-orig/sunrpc/rpc_main.c glibc-2.17/sunrpc/rpc_main.c /* * Open input file with given define for C-preprocessor */ -@@ -355,7 +335,6 @@ +@@ -359,7 +339,6 @@ switch (cpp_pid) { case 0: