diff --git a/Linux-Detect-user-namespace-support-in-io-tst-getcwd.patch b/Linux-Detect-user-namespace-support-in-io-tst-getcwd.patch new file mode 100644 index 0000000000000000000000000000000000000000..9ae3ffb73396906375a7b02b3ab3aab1d972009d --- /dev/null +++ b/Linux-Detect-user-namespace-support-in-io-tst-getcwd.patch @@ -0,0 +1,53 @@ +From 3438bbca90895d32825a52e31a77dc44d273c1c1 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 24 Jan 2022 18:14:24 +0100 +Subject: [PATCH] Linux: Detect user namespace support in + io/tst-getcwd-smallbuff + +Otherwise the test fails with certain container runtimes. + +Reviewed-by: Siddhesh Poyarekar +(cherry picked from commit 5b8e7980c5dabd9aaefeba4f0208baa8cf7653ee) +--- + sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c | 18 ++++++++++++++++++ + 1 file changed, 18 insertions(+) + +diff --git a/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +index d460d6e..55362f6 100644 +--- a/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c ++++ b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +@@ -34,6 +34,7 @@ + #include + #include + #include ++#include + #include + #include + +@@ -188,6 +189,23 @@ do_test (void) + xmkdir (MOUNT_NAME, S_IRWXU); + atexit (do_cleanup); + ++ /* Check whether user namespaces are supported. */ ++ { ++ pid_t pid = xfork (); ++ if (pid == 0) ++ { ++ if (unshare (CLONE_NEWUSER | CLONE_NEWNS) != 0) ++ _exit (EXIT_UNSUPPORTED); ++ else ++ _exit (0); ++ } ++ int status; ++ xwaitpid (pid, &status, 0); ++ TEST_VERIFY_EXIT (WIFEXITED (status)); ++ if (WEXITSTATUS (status) != 0) ++ return WEXITSTATUS (status); ++ } ++ + TEST_VERIFY_EXIT (socketpair (AF_UNIX, SOCK_STREAM, 0, sockfd) == 0); + pid_t child_pid = xclone (child_func, NULL, child_stack, + sizeof (child_stack), +-- +1.8.3.1 + diff --git a/getcwd-Set-errno-to-ERANGE-for-size-1-CVE-2021-3999.patch b/getcwd-Set-errno-to-ERANGE-for-size-1-CVE-2021-3999.patch new file mode 100644 index 0000000000000000000000000000000000000000..6d258a26f4b6f274096ae74857ccb9408932544c --- /dev/null +++ b/getcwd-Set-errno-to-ERANGE-for-size-1-CVE-2021-3999.patch @@ -0,0 +1,355 @@ +From 472e799a5f2102bc0c3206dbd5a801765fceb39c Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Fri, 21 Jan 2022 23:32:56 +0530 +Subject: [PATCH] getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999) + +No valid path returned by getcwd would fit into 1 byte, so reject the +size early and return NULL with errno set to ERANGE. This change is +prompted by CVE-2021-3999, which describes a single byte buffer +underflow and overflow when all of the following conditions are met: + +- The buffer size (i.e. the second argument of getcwd) is 1 byte +- The current working directory is too long +- '/' is also mounted on the current working directory + +Sequence of events: + +- In sysdeps/unix/sysv/linux/getcwd.c, the syscall returns ENAMETOOLONG + because the linux kernel checks for name length before it checks + buffer size + +- The code falls back to the generic getcwd in sysdeps/posix + +- In the generic func, the buf[0] is set to '\0' on line 250 + +- this while loop on line 262 is bypassed: + + while (!(thisdev == rootdev && thisino == rootino)) + + since the rootfs (/) is bind mounted onto the directory and the flow + goes on to line 449, where it puts a '/' in the byte before the + buffer. + +- Finally on line 458, it moves 2 bytes (the underflowed byte and the + '\0') to the buf[0] and buf[1], resulting in a 1 byte buffer overflow. + +- buf is returned on line 469 and errno is not set. + +This resolves BZ #28769. + +Reviewed-by: Andreas Schwab +Reviewed-by: Adhemerval Zanella +Signed-off-by: Qualys Security Advisory +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 23e0e8f5f1fb5ed150253d986ecccdc90c2dcd5e) +--- + NEWS | 6 + + sysdeps/posix/getcwd.c | 7 + + sysdeps/unix/sysv/linux/Makefile | 7 +- + .../unix/sysv/linux/tst-getcwd-smallbuff.c | 241 ++++++++++++++++++ + 4 files changed, 260 insertions(+), 1 deletion(-) + create mode 100644 sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c + +diff --git a/NEWS b/NEWS +index b4f81c2668..8d7467d2c1 100644 +--- a/NEWS ++++ b/NEWS +@@ -20,6 +20,12 @@ Security related changes: + function could result in a memory leak and potential access of + uninitialized memory. Reported by Qualys. + ++ CVE-2021-3999: Passing a buffer of size exactly 1 byte to the getcwd ++ function may result in an off-by-one buffer underflow and overflow ++ when the current working directory is longer than PATH_MAX and also ++ corresponds to the / directory through an unprivileged mount ++ namespace. Reported by Qualys. ++ + The following bugs are resolved with this release: + + [12889] nptl: Fix race between pthread_kill and thread exit +diff --git a/sysdeps/posix/getcwd.c b/sysdeps/posix/getcwd.c +index 13680026ff..b6984a382c 100644 +--- a/sysdeps/posix/getcwd.c ++++ b/sysdeps/posix/getcwd.c +@@ -187,6 +187,13 @@ __getcwd_generic (char *buf, size_t size) + size_t allocated = size; + size_t used; + ++ /* A size of 1 byte is never useful. */ ++ if (allocated == 1) ++ { ++ __set_errno (ERANGE); ++ return NULL; ++ } ++ + #if HAVE_MINIMALLY_WORKING_GETCWD + /* If AT_FDCWD is not defined, the algorithm below is O(N**2) and + this is much slower than the system getcwd (at least on +diff --git a/sysdeps/unix/sysv/linux/Makefile b/sysdeps/unix/sysv/linux/Makefile +index 76ad06361c..9380d3848d 100644 +--- a/sysdeps/unix/sysv/linux/Makefile ++++ b/sysdeps/unix/sysv/linux/Makefile +@@ -331,7 +331,12 @@ sysdep_routines += xstatconv internal_statvfs \ + + sysdep_headers += bits/fcntl-linux.h + +-tests += tst-fallocate tst-fallocate64 tst-o_path-locks ++tests += \ ++ tst-fallocate \ ++ tst-fallocate64 \ ++ tst-getcwd-smallbuff \ ++ tst-o_path-locks \ ++# tests + endif + + ifeq ($(subdir),elf) +diff --git a/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +new file mode 100644 +index 0000000000..d460d6e766 +--- /dev/null ++++ b/sysdeps/unix/sysv/linux/tst-getcwd-smallbuff.c +@@ -0,0 +1,241 @@ ++/* Verify that getcwd returns ERANGE for size 1 byte and does not underflow ++ buffer when the CWD is too long and is also a mount target of /. See bug ++ #28769 or CVE-2021-3999 for more context. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#include ++#include ++#include ++#include ++#include ++#include ++ ++static char *base; ++#define BASENAME "tst-getcwd-smallbuff" ++#define MOUNT_NAME "mpoint" ++static int sockfd[2]; ++ ++static void ++do_cleanup (void) ++{ ++ support_chdir_toolong_temp_directory (base); ++ TEST_VERIFY_EXIT (rmdir (MOUNT_NAME) == 0); ++ free (base); ++} ++ ++static void ++send_fd (const int sock, const int fd) ++{ ++ struct msghdr msg = {0}; ++ union ++ { ++ struct cmsghdr hdr; ++ char buf[CMSG_SPACE (sizeof (int))]; ++ } cmsgbuf = {0}; ++ struct cmsghdr *cmsg; ++ struct iovec vec; ++ char ch = 'A'; ++ ssize_t n; ++ ++ msg.msg_control = &cmsgbuf.buf; ++ msg.msg_controllen = sizeof (cmsgbuf.buf); ++ ++ cmsg = CMSG_FIRSTHDR (&msg); ++ cmsg->cmsg_len = CMSG_LEN (sizeof (int)); ++ cmsg->cmsg_level = SOL_SOCKET; ++ cmsg->cmsg_type = SCM_RIGHTS; ++ memcpy (CMSG_DATA (cmsg), &fd, sizeof (fd)); ++ ++ vec.iov_base = &ch; ++ vec.iov_len = 1; ++ msg.msg_iov = &vec; ++ msg.msg_iovlen = 1; ++ ++ while ((n = sendmsg (sock, &msg, 0)) == -1 && errno == EINTR); ++ ++ TEST_VERIFY_EXIT (n == 1); ++} ++ ++static int ++recv_fd (const int sock) ++{ ++ struct msghdr msg = {0}; ++ union ++ { ++ struct cmsghdr hdr; ++ char buf[CMSG_SPACE(sizeof(int))]; ++ } cmsgbuf = {0}; ++ struct cmsghdr *cmsg; ++ struct iovec vec; ++ ssize_t n; ++ char ch = '\0'; ++ int fd = -1; ++ ++ vec.iov_base = &ch; ++ vec.iov_len = 1; ++ msg.msg_iov = &vec; ++ msg.msg_iovlen = 1; ++ ++ msg.msg_control = &cmsgbuf.buf; ++ msg.msg_controllen = sizeof (cmsgbuf.buf); ++ ++ while ((n = recvmsg (sock, &msg, 0)) == -1 && errno == EINTR); ++ if (n != 1 || ch != 'A') ++ return -1; ++ ++ cmsg = CMSG_FIRSTHDR (&msg); ++ if (cmsg == NULL) ++ return -1; ++ if (cmsg->cmsg_type != SCM_RIGHTS) ++ return -1; ++ memcpy (&fd, CMSG_DATA (cmsg), sizeof (fd)); ++ if (fd < 0) ++ return -1; ++ return fd; ++} ++ ++static int ++child_func (void * const arg) ++{ ++ xclose (sockfd[0]); ++ const int sock = sockfd[1]; ++ char ch; ++ ++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1); ++ TEST_VERIFY_EXIT (ch == '1'); ++ ++ if (mount ("/", MOUNT_NAME, NULL, MS_BIND | MS_REC, NULL)) ++ FAIL_EXIT1 ("mount failed: %m\n"); ++ const int fd = xopen ("mpoint", ++ O_RDONLY | O_PATH | O_DIRECTORY | O_NOFOLLOW, 0); ++ ++ send_fd (sock, fd); ++ xclose (fd); ++ ++ TEST_VERIFY_EXIT (read (sock, &ch, 1) == 1); ++ TEST_VERIFY_EXIT (ch == 'a'); ++ ++ xclose (sock); ++ return 0; ++} ++ ++static void ++update_map (char * const mapping, const char * const map_file) ++{ ++ const size_t map_len = strlen (mapping); ++ ++ const int fd = xopen (map_file, O_WRONLY, 0); ++ xwrite (fd, mapping, map_len); ++ xclose (fd); ++} ++ ++static void ++proc_setgroups_write (const long child_pid, const char * const str) ++{ ++ const size_t str_len = strlen(str); ++ ++ char setgroups_path[sizeof ("/proc//setgroups") + INT_STRLEN_BOUND (long)]; ++ ++ snprintf (setgroups_path, sizeof (setgroups_path), ++ "/proc/%ld/setgroups", child_pid); ++ ++ const int fd = open (setgroups_path, O_WRONLY); ++ ++ if (fd < 0) ++ { ++ TEST_VERIFY_EXIT (errno == ENOENT); ++ FAIL_UNSUPPORTED ("/proc/%ld/setgroups not found\n", child_pid); ++ } ++ ++ xwrite (fd, str, str_len); ++ xclose(fd); ++} ++ ++static char child_stack[1024 * 1024]; ++ ++int ++do_test (void) ++{ ++ base = support_create_and_chdir_toolong_temp_directory (BASENAME); ++ ++ xmkdir (MOUNT_NAME, S_IRWXU); ++ atexit (do_cleanup); ++ ++ TEST_VERIFY_EXIT (socketpair (AF_UNIX, SOCK_STREAM, 0, sockfd) == 0); ++ pid_t child_pid = xclone (child_func, NULL, child_stack, ++ sizeof (child_stack), ++ CLONE_NEWUSER | CLONE_NEWNS | SIGCHLD); ++ ++ xclose (sockfd[1]); ++ const int sock = sockfd[0]; ++ ++ char map_path[sizeof ("/proc//uid_map") + INT_STRLEN_BOUND (long)]; ++ char map_buf[sizeof ("0 1") + INT_STRLEN_BOUND (long)]; ++ ++ snprintf (map_path, sizeof (map_path), "/proc/%ld/uid_map", ++ (long) child_pid); ++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getuid()); ++ update_map (map_buf, map_path); ++ ++ proc_setgroups_write ((long) child_pid, "deny"); ++ snprintf (map_path, sizeof (map_path), "/proc/%ld/gid_map", ++ (long) child_pid); ++ snprintf (map_buf, sizeof (map_buf), "0 %ld 1", (long) getgid()); ++ update_map (map_buf, map_path); ++ ++ TEST_VERIFY_EXIT (send (sock, "1", 1, MSG_NOSIGNAL) == 1); ++ const int fd = recv_fd (sock); ++ TEST_VERIFY_EXIT (fd >= 0); ++ TEST_VERIFY_EXIT (fchdir (fd) == 0); ++ ++ static char buf[2 * 10 + 1]; ++ memset (buf, 'A', sizeof (buf)); ++ ++ /* Finally, call getcwd and check if it resulted in a buffer underflow. */ ++ char * cwd = getcwd (buf + sizeof (buf) / 2, 1); ++ TEST_VERIFY (cwd == NULL); ++ TEST_VERIFY (errno == ERANGE); ++ ++ for (int i = 0; i < sizeof (buf); i++) ++ if (buf[i] != 'A') ++ { ++ printf ("buf[%d] = %02x\n", i, (unsigned int) buf[i]); ++ support_record_failure (); ++ } ++ ++ TEST_VERIFY_EXIT (send (sock, "a", 1, MSG_NOSIGNAL) == 1); ++ xclose (sock); ++ TEST_VERIFY_EXIT (xwaitpid (child_pid, NULL, 0) == child_pid); ++ ++ return 0; ++} ++ ++#define CLEANUP_HANDLER do_cleanup ++#include +-- +2.27.0 + diff --git a/glibc.spec b/glibc.spec index 3cbe88b4749c1f0deef5a26b3866f8fc4b36a292..1b25cb6f987a42d01c7b4b68a44266a555a561fd 100644 --- a/glibc.spec +++ b/glibc.spec @@ -66,7 +66,7 @@ ############################################################################## Name: glibc Version: 2.34 -Release: 45 +Release: 46 Summary: The GNU libc libraries License: %{all_license} URL: http://www.gnu.org/software/glibc/ @@ -164,6 +164,13 @@ Patch76: CVE-2022-23219-Buffer-overflow-in-sunrpc-clnt_create.patch Patch77: sunrpc-Test-case-for-clnt_create-unix-buffer-overflo.patch Patch78: CVE-2022-23218-Buffer-overflow-in-sunrpc-svcunix_cre.patch Patch79: support-Add-check-for-TID-zero-in-support_wait_for_t.patch +Patch80: support-Add-helpers-to-create-paths-longer-than-PATH.patch +Patch81: stdlib-Sort-tests-in-Makefile.patch +Patch82: stdlib-Fix-formatting-of-tests-list-in-Makefile.patch +Patch83: realpath-Set-errno-to-ENAMETOOLONG-for-result-larger.patch +Patch84: tst-realpath-toolong-Fix-hurd-build.patch +Patch85: getcwd-Set-errno-to-ERANGE-for-size-1-CVE-2021-3999.patch +Patch86: Linux-Detect-user-namespace-support-in-io-tst-getcwd.patch Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch @@ -1367,14 +1374,17 @@ fi %endif %changelog -* Fri Jan 21 Yang Yanchao - 2.34-45 +* Tue Jan 25 2022 Qingqing Li - 2.34-46 +- fix CVE-2021-3998 and CVE-2021-3999 + +* Fri Jan 21 2022 Yang Yanchao - 2.34-45 - disable check-installed-headers-c and check-installed-headers-cxx and delete glibc-benchtest to improve build speed -* Fri Jan 21 Qingqing Li - 2.34-44 +* Fri Jan 21 2022 Qingqing Li - 2.34-44 - support: Add check for TID zero in support_wait_for_thread_exit -* Tue Jan 18 Qingqing Li - 2.34-43 +* Tue Jan 18 2022 Qingqing Li - 2.34-43 - fix CVE-2022-23218 and CVE-2022-23219 * Tue Jan 11 2022 Yang Yanchao - 2.34-42 diff --git a/realpath-Set-errno-to-ENAMETOOLONG-for-result-larger.patch b/realpath-Set-errno-to-ENAMETOOLONG-for-result-larger.patch new file mode 100644 index 0000000000000000000000000000000000000000..c802dd92459043d5317572bba999c141e3c605da --- /dev/null +++ b/realpath-Set-errno-to-ENAMETOOLONG-for-result-larger.patch @@ -0,0 +1,138 @@ +From f7a79879c0b2bef0dadd6caaaeeb0d26423e04e5 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Thu, 13 Jan 2022 11:28:36 +0530 +Subject: [PATCH] realpath: Set errno to ENAMETOOLONG for result larger than + PATH_MAX [BZ #28770] + +realpath returns an allocated string when the result exceeds PATH_MAX, +which is unexpected when its second argument is not NULL. This results +in the second argument (resolved) being uninitialized and also results +in a memory leak since the caller expects resolved to be the same as the +returned value. + +Return NULL and set errno to ENAMETOOLONG if the result exceeds +PATH_MAX. This fixes [BZ #28770], which is CVE-2021-3998. + +Reviewed-by: Adhemerval Zanella +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit ee8d5e33adb284601c00c94687bc907e10aec9bb) +--- + NEWS | 6 +++++ + stdlib/Makefile | 1 + + stdlib/canonicalize.c | 12 +++++++++-- + stdlib/tst-realpath-toolong.c | 49 +++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 65 insertions(+), 2 deletions(-) + create mode 100644 stdlib/tst-realpath-toolong.c + +diff --git a/NEWS b/NEWS +index 711420cb..db50b2af 100644 +--- a/NEWS ++++ b/NEWS +@@ -17,8 +17,14 @@ Security related changes: + CVE-2022-23218: Passing an overlong file name to the svcunix_create + legacy function could result in a stack-based buffer overflow. + ++ CVE-2021-3998: Passing a path longer than PATH_MAX to the realpath ++ function could result in a memory leak and potential access of ++ uninitialized memory. Reported by Qualys. ++ + The following bugs are resolved with this release: + ++ [12889] nptl: Fix race between pthread_kill and thread exit ++ [19193] nptl: pthread_kill, pthread_cancel should not fail after exit + [22542] CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" + + +diff --git a/stdlib/Makefile b/stdlib/Makefile +index 9bb5c221..a4ac30d1 100644 +--- a/stdlib/Makefile ++++ b/stdlib/Makefile +@@ -109,6 +109,7 @@ tests := \ + tst-random \ + tst-random2 \ + tst-realpath \ ++ tst-realpath-toolong \ + tst-secure-getenv \ + tst-setcontext \ + tst-setcontext2 \ +diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c +index 698f9ede..7a23a51b 100644 +--- a/stdlib/canonicalize.c ++++ b/stdlib/canonicalize.c +@@ -400,8 +400,16 @@ realpath_stk (const char *name, char *resolved, + + error: + *dest++ = '\0'; +- if (resolved != NULL && dest - rname <= get_path_max ()) +- rname = strcpy (resolved, rname); ++ if (resolved != NULL) ++ { ++ if (dest - rname <= get_path_max ()) ++ rname = strcpy (resolved, rname); ++ else ++ { ++ failed = true; ++ __set_errno (ENAMETOOLONG); ++ } ++ } + + error_nomem: + scratch_buffer_free (&extra_buffer); +diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c +new file mode 100644 +index 00000000..8bed7724 +--- /dev/null ++++ b/stdlib/tst-realpath-toolong.c +@@ -0,0 +1,49 @@ ++/* Verify that realpath returns NULL with ENAMETOOLONG if the result exceeds ++ NAME_MAX. ++ Copyright The GNU Toolchain Authors. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++#include ++ ++#define BASENAME "tst-realpath-toolong." ++ ++int ++do_test (void) ++{ ++ char *base = support_create_and_chdir_toolong_temp_directory (BASENAME); ++ ++ char buf[PATH_MAX + 1]; ++ const char *res = realpath (".", buf); ++ ++ /* canonicalize.c states that if the real path is >= PATH_MAX, then ++ realpath returns NULL and sets ENAMETOOLONG. */ ++ TEST_VERIFY (res == NULL); ++ TEST_VERIFY (errno == ENAMETOOLONG); ++ ++ free (base); ++ return 0; ++} ++ ++#include +-- +2.27.0 + diff --git a/stdlib-Fix-formatting-of-tests-list-in-Makefile.patch b/stdlib-Fix-formatting-of-tests-list-in-Makefile.patch new file mode 100644 index 0000000000000000000000000000000000000000..db49888634974c9304b959f102345c3b50a94d74 --- /dev/null +++ b/stdlib-Fix-formatting-of-tests-list-in-Makefile.patch @@ -0,0 +1,178 @@ +From 73c362840c4efde45125a6c27bf41726397f4038 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Thu, 13 Jan 2022 18:50:55 +0530 +Subject: [PATCH] stdlib: Fix formatting of tests list in Makefile + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: Florian Weimer +(cherry picked from commit f9dab1b5f23d0fb008a56c7c6c8919adb49d3611) +--- + stdlib/Makefile | 152 ++++++++++++++++++++++++++++---------------------------- + 1 file changed, 77 insertions(+), 75 deletions(-) + +diff --git a/stdlib/Makefile b/stdlib/Makefile +index 6a1c358..9bb5c22 100644 +--- a/stdlib/Makefile ++++ b/stdlib/Makefile +@@ -65,81 +65,83 @@ aux = grouping groupingwc tens_in_limb + static-only-routines = atexit at_quick_exit + + test-srcs := tst-fmtmsg +-tests := bug-fmtmsg1 \ +- bug-getcontext \ +- bug-strtod \ +- bug-strtod2 \ +- test-a64l \ +- test-at_quick_exit-race \ +- test-atexit-race \ +- test-bz22786 \ +- test-canon \ +- test-canon2 \ +- test-cxa_atexit-race \ +- test-cxa_atexit-race2 \ +- test-dlclose-exit-race \ +- test-on_exit-race \ +- testdiv \ +- testmb \ +- testmb2 \ +- testrand \ +- testsort \ +- tst-at_quick_exit \ +- tst-atexit \ +- tst-atof1 \ +- tst-atof2 \ +- tst-bsearch \ +- tst-bz20544 \ +- tst-canon-bz26341 \ +- tst-cxa_atexit \ +- tst-environ \ +- tst-getrandom \ +- tst-limits \ +- tst-makecontext \ +- tst-makecontext-align \ +- tst-makecontext2 \ +- tst-makecontext3 \ +- tst-on_exit \ +- tst-qsort \ +- tst-qsort2 \ +- tst-quick_exit \ +- tst-rand48 \ +- tst-rand48-2 \ +- tst-random \ +- tst-random2 \ +- tst-realpath \ +- tst-secure-getenv \ +- tst-setcontext \ +- tst-setcontext2 \ +- tst-setcontext3 \ +- tst-setcontext4 \ +- tst-setcontext5 \ +- tst-setcontext6 \ +- tst-setcontext7 \ +- tst-setcontext8 \ +- tst-setcontext9 \ +- tst-strfmon_l \ +- tst-strfrom \ +- tst-strfrom-locale \ +- tst-strtod \ +- tst-strtod-nan-locale \ +- tst-strtod-nan-sign \ +- tst-strtod-overflow \ +- tst-strtod-round \ +- tst-strtod-underflow \ +- tst-strtod2 \ +- tst-strtod5 \ +- tst-strtod6 \ +- tst-strtol \ +- tst-strtol-locale \ +- tst-strtoll \ +- tst-swapcontext1 \ +- tst-thread-quick_exit \ +- tst-tininess \ +- tst-unsetenv1 \ +- tst-width \ +- tst-width-stdint \ +- tst-xpg-basename ++tests := \ ++ bug-fmtmsg1 \ ++ bug-getcontext \ ++ bug-strtod \ ++ bug-strtod2 \ ++ test-a64l \ ++ test-at_quick_exit-race \ ++ test-atexit-race \ ++ test-bz22786 \ ++ test-canon \ ++ test-canon2 \ ++ test-cxa_atexit-race \ ++ test-cxa_atexit-race2 \ ++ test-dlclose-exit-race \ ++ test-on_exit-race \ ++ testdiv \ ++ testmb \ ++ testmb2 \ ++ testrand \ ++ testsort \ ++ tst-at_quick_exit \ ++ tst-atexit \ ++ tst-atof1 \ ++ tst-atof2 \ ++ tst-bsearch \ ++ tst-bz20544 \ ++ tst-canon-bz26341 \ ++ tst-cxa_atexit \ ++ tst-environ \ ++ tst-getrandom \ ++ tst-limits \ ++ tst-makecontext \ ++ tst-makecontext-align \ ++ tst-makecontext2 \ ++ tst-makecontext3 \ ++ tst-on_exit \ ++ tst-qsort \ ++ tst-qsort2 \ ++ tst-quick_exit \ ++ tst-rand48 \ ++ tst-rand48-2 \ ++ tst-random \ ++ tst-random2 \ ++ tst-realpath \ ++ tst-secure-getenv \ ++ tst-setcontext \ ++ tst-setcontext2 \ ++ tst-setcontext3 \ ++ tst-setcontext4 \ ++ tst-setcontext5 \ ++ tst-setcontext6 \ ++ tst-setcontext7 \ ++ tst-setcontext8 \ ++ tst-setcontext9 \ ++ tst-strfmon_l \ ++ tst-strfrom \ ++ tst-strfrom-locale \ ++ tst-strtod \ ++ tst-strtod-nan-locale \ ++ tst-strtod-nan-sign \ ++ tst-strtod-overflow \ ++ tst-strtod-round \ ++ tst-strtod-underflow \ ++ tst-strtod2 \ ++ tst-strtod5 \ ++ tst-strtod6 \ ++ tst-strtol \ ++ tst-strtol-locale \ ++ tst-strtoll \ ++ tst-swapcontext1 \ ++ tst-thread-quick_exit \ ++ tst-tininess \ ++ tst-unsetenv1 \ ++ tst-width \ ++ tst-width-stdint \ ++ tst-xpg-basename \ ++# tests + + tests-internal := tst-strtod1i tst-strtod3 tst-strtod4 tst-strtod5i \ + tst-tls-atexit tst-tls-atexit-nodelete +-- +1.8.3.1 + diff --git a/stdlib-Sort-tests-in-Makefile.patch b/stdlib-Sort-tests-in-Makefile.patch new file mode 100644 index 0000000000000000000000000000000000000000..2e1cdf1804124a1172cc86e35c47091217543676 --- /dev/null +++ b/stdlib-Sort-tests-in-Makefile.patch @@ -0,0 +1,126 @@ +From 269eb9d930546ce57e83b56c44c430f154684a23 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Thu, 13 Jan 2022 10:34:37 +0530 +Subject: [PATCH] stdlib: Sort tests in Makefile + +Put one test per line and sort them. + +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 5b766603efa727c236a5f0cdcf09b71ff60b7584) +--- + stdlib/Makefile | 99 +++++++++++++++++++++++++++++++++++++++++++-------------- + 1 file changed, 75 insertions(+), 24 deletions(-) + +diff --git a/stdlib/Makefile b/stdlib/Makefile +index 7c15549..6a1c358 100644 +--- a/stdlib/Makefile ++++ b/stdlib/Makefile +@@ -65,30 +65,81 @@ aux = grouping groupingwc tens_in_limb + static-only-routines = atexit at_quick_exit + + test-srcs := tst-fmtmsg +-tests := tst-strtol tst-strtod testmb testrand testsort testdiv \ +- test-canon test-canon2 tst-strtoll tst-environ \ +- tst-xpg-basename tst-random tst-random2 tst-bsearch \ +- tst-limits tst-rand48 bug-strtod tst-setcontext \ +- tst-setcontext2 test-a64l tst-qsort testmb2 \ +- bug-strtod2 tst-atof1 tst-atof2 tst-strtod2 \ +- tst-rand48-2 tst-makecontext tst-strtod5 \ +- tst-qsort2 tst-makecontext2 tst-strtod6 tst-unsetenv1 \ +- tst-makecontext3 bug-getcontext bug-fmtmsg1 \ +- tst-secure-getenv tst-strtod-overflow tst-strtod-round \ +- tst-tininess tst-strtod-underflow tst-setcontext3 \ +- tst-strtol-locale tst-strtod-nan-locale tst-strfmon_l \ +- tst-quick_exit tst-thread-quick_exit tst-width \ +- tst-width-stdint tst-strfrom tst-strfrom-locale \ +- tst-getrandom tst-atexit tst-at_quick_exit \ +- tst-cxa_atexit tst-on_exit test-atexit-race \ +- test-at_quick_exit-race test-cxa_atexit-race \ +- test-cxa_atexit-race2 \ +- test-on_exit-race test-dlclose-exit-race \ +- tst-makecontext-align test-bz22786 tst-strtod-nan-sign \ +- tst-swapcontext1 tst-setcontext4 tst-setcontext5 \ +- tst-setcontext6 tst-setcontext7 tst-setcontext8 \ +- tst-setcontext9 tst-bz20544 tst-canon-bz26341 \ +- tst-realpath ++tests := bug-fmtmsg1 \ ++ bug-getcontext \ ++ bug-strtod \ ++ bug-strtod2 \ ++ test-a64l \ ++ test-at_quick_exit-race \ ++ test-atexit-race \ ++ test-bz22786 \ ++ test-canon \ ++ test-canon2 \ ++ test-cxa_atexit-race \ ++ test-cxa_atexit-race2 \ ++ test-dlclose-exit-race \ ++ test-on_exit-race \ ++ testdiv \ ++ testmb \ ++ testmb2 \ ++ testrand \ ++ testsort \ ++ tst-at_quick_exit \ ++ tst-atexit \ ++ tst-atof1 \ ++ tst-atof2 \ ++ tst-bsearch \ ++ tst-bz20544 \ ++ tst-canon-bz26341 \ ++ tst-cxa_atexit \ ++ tst-environ \ ++ tst-getrandom \ ++ tst-limits \ ++ tst-makecontext \ ++ tst-makecontext-align \ ++ tst-makecontext2 \ ++ tst-makecontext3 \ ++ tst-on_exit \ ++ tst-qsort \ ++ tst-qsort2 \ ++ tst-quick_exit \ ++ tst-rand48 \ ++ tst-rand48-2 \ ++ tst-random \ ++ tst-random2 \ ++ tst-realpath \ ++ tst-secure-getenv \ ++ tst-setcontext \ ++ tst-setcontext2 \ ++ tst-setcontext3 \ ++ tst-setcontext4 \ ++ tst-setcontext5 \ ++ tst-setcontext6 \ ++ tst-setcontext7 \ ++ tst-setcontext8 \ ++ tst-setcontext9 \ ++ tst-strfmon_l \ ++ tst-strfrom \ ++ tst-strfrom-locale \ ++ tst-strtod \ ++ tst-strtod-nan-locale \ ++ tst-strtod-nan-sign \ ++ tst-strtod-overflow \ ++ tst-strtod-round \ ++ tst-strtod-underflow \ ++ tst-strtod2 \ ++ tst-strtod5 \ ++ tst-strtod6 \ ++ tst-strtol \ ++ tst-strtol-locale \ ++ tst-strtoll \ ++ tst-swapcontext1 \ ++ tst-thread-quick_exit \ ++ tst-tininess \ ++ tst-unsetenv1 \ ++ tst-width \ ++ tst-width-stdint \ ++ tst-xpg-basename + + tests-internal := tst-strtod1i tst-strtod3 tst-strtod4 tst-strtod5i \ + tst-tls-atexit tst-tls-atexit-nodelete +-- +1.8.3.1 + diff --git a/support-Add-helpers-to-create-paths-longer-than-PATH.patch b/support-Add-helpers-to-create-paths-longer-than-PATH.patch new file mode 100644 index 0000000000000000000000000000000000000000..4d4e73737ee416b1c871b4a1b60aeeafebd60574 --- /dev/null +++ b/support-Add-helpers-to-create-paths-longer-than-PATH.patch @@ -0,0 +1,282 @@ +From 062ff490c1467059f6cd64bb9c3d85f6cc6cf97a Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 18 Jan 2022 13:29:36 +0530 +Subject: [PATCH] support: Add helpers to create paths longer than PATH_MAX + +Add new helpers support_create_and_chdir_toolong_temp_directory and +support_chdir_toolong_temp_directory to create and descend into +directory trees longer than PATH_MAX. + +Reviewed-by: Adhemerval Zanella +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit fb7bff12e81c677a6622f724edd4d4987dd9d971) +--- + support/temp_file.c | 161 ++++++++++++++++++++++++++++++++++++++++++++++++---- + support/temp_file.h | 9 +++ + 2 files changed, 160 insertions(+), 10 deletions(-) + +diff --git a/support/temp_file.c b/support/temp_file.c +index c6df641..e41128c 100644 +--- a/support/temp_file.c ++++ b/support/temp_file.c +@@ -1,5 +1,6 @@ + /* Temporary file handling for tests. +- Copyright (C) 1998-2021 Free Software Foundation, Inc. ++ Copyright (C) 1998-2022 Free Software Foundation, Inc. ++ Copyright The GNU Tools Authors. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or +@@ -20,15 +21,17 @@ + some 32-bit platforms. */ + #define _FILE_OFFSET_BITS 64 + ++#include + #include + #include + #include + ++#include + #include + #include + #include + #include +-#include ++#include + + /* List of temporary files. */ + static struct temp_name_list +@@ -36,14 +39,20 @@ static struct temp_name_list + struct temp_name_list *next; + char *name; + pid_t owner; ++ bool toolong; + } *temp_name_list; + + /* Location of the temporary files. Set by the test skeleton via + support_set_test_dir. The string is not be freed. */ + static const char *test_dir = _PATH_TMP; + +-void +-add_temp_file (const char *name) ++/* Name of subdirectories in a too long temporary directory tree. */ ++static char toolong_subdir[NAME_MAX + 1]; ++static bool toolong_initialized; ++static size_t toolong_path_max; ++ ++static void ++add_temp_file_internal (const char *name, bool toolong) + { + struct temp_name_list *newp + = (struct temp_name_list *) xcalloc (sizeof (*newp), 1); +@@ -53,12 +62,19 @@ add_temp_file (const char *name) + newp->name = newname; + newp->next = temp_name_list; + newp->owner = getpid (); ++ newp->toolong = toolong; + temp_name_list = newp; + } + else + free (newp); + } + ++void ++add_temp_file (const char *name) ++{ ++ add_temp_file_internal (name, false); ++} ++ + int + create_temp_file_in_dir (const char *base, const char *dir, char **filename) + { +@@ -90,8 +106,8 @@ create_temp_file (const char *base, char **filename) + return create_temp_file_in_dir (base, test_dir, filename); + } + +-char * +-support_create_temp_directory (const char *base) ++static char * ++create_temp_directory_internal (const char *base, bool toolong) + { + char *path = xasprintf ("%s/%sXXXXXX", test_dir, base); + if (mkdtemp (path) == NULL) +@@ -99,16 +115,132 @@ support_create_temp_directory (const char *base) + printf ("error: mkdtemp (\"%s\"): %m", path); + exit (1); + } +- add_temp_file (path); ++ add_temp_file_internal (path, toolong); + return path; + } + +-/* Helper functions called by the test skeleton follow. */ ++char * ++support_create_temp_directory (const char *base) ++{ ++ return create_temp_directory_internal (base, false); ++} ++ ++static void ++ensure_toolong_initialized (void) ++{ ++ if (!toolong_initialized) ++ FAIL_EXIT1 ("uninitialized toolong directory tree\n"); ++} ++ ++static void ++initialize_toolong (const char *base) ++{ ++ long name_max = pathconf (base, _PC_NAME_MAX); ++ name_max = (name_max < 0 ? 64 ++ : (name_max < sizeof (toolong_subdir) ? name_max ++ : sizeof (toolong_subdir) - 1)); ++ ++ long path_max = pathconf (base, _PC_PATH_MAX); ++ path_max = (path_max < 0 ? 1024 ++ : path_max <= PTRDIFF_MAX ? path_max : PTRDIFF_MAX); ++ ++ /* Sanity check to ensure that the test does not create temporary directories ++ in different filesystems because this API doesn't support it. */ ++ if (toolong_initialized) ++ { ++ if (name_max != strlen (toolong_subdir)) ++ FAIL_UNSUPPORTED ("name_max: Temporary directories in different" ++ " filesystems not supported yet\n"); ++ if (path_max != toolong_path_max) ++ FAIL_UNSUPPORTED ("path_max: Temporary directories in different" ++ " filesystems not supported yet\n"); ++ return; ++ } ++ ++ toolong_path_max = path_max; ++ ++ size_t len = name_max; ++ memset (toolong_subdir, 'X', len); ++ toolong_initialized = true; ++} ++ ++char * ++support_create_and_chdir_toolong_temp_directory (const char *basename) ++{ ++ char *base = create_temp_directory_internal (basename, true); ++ xchdir (base); ++ ++ initialize_toolong (base); ++ ++ size_t sz = strlen (toolong_subdir); ++ ++ /* Create directories and descend into them so that the final path is larger ++ than PATH_MAX. */ ++ for (size_t i = 0; i <= toolong_path_max / sz; i++) ++ { ++ int ret = mkdir (toolong_subdir, S_IRWXU); ++ if (ret != 0 && errno == ENAMETOOLONG) ++ FAIL_UNSUPPORTED ("Filesystem does not support creating too long " ++ "directory trees\n"); ++ else if (ret != 0) ++ FAIL_EXIT1 ("Failed to create directory tree: %m\n"); ++ xchdir (toolong_subdir); ++ } ++ return base; ++} + + void +-support_set_test_dir (const char *path) ++support_chdir_toolong_temp_directory (const char *base) + { +- test_dir = path; ++ ensure_toolong_initialized (); ++ ++ xchdir (base); ++ ++ size_t sz = strlen (toolong_subdir); ++ for (size_t i = 0; i <= toolong_path_max / sz; i++) ++ xchdir (toolong_subdir); ++} ++ ++/* Helper functions called by the test skeleton follow. */ ++ ++static void ++remove_toolong_subdirs (const char *base) ++{ ++ ensure_toolong_initialized (); ++ ++ if (chdir (base) != 0) ++ { ++ printf ("warning: toolong cleanup base failed: chdir (\"%s\"): %m\n", ++ base); ++ return; ++ } ++ ++ /* Descend. */ ++ int levels = 0; ++ size_t sz = strlen (toolong_subdir); ++ for (levels = 0; levels <= toolong_path_max / sz; levels++) ++ if (chdir (toolong_subdir) != 0) ++ { ++ printf ("warning: toolong cleanup failed: chdir (\"%s\"): %m\n", ++ toolong_subdir); ++ break; ++ } ++ ++ /* Ascend and remove. */ ++ while (--levels >= 0) ++ { ++ if (chdir ("..") != 0) ++ { ++ printf ("warning: toolong cleanup failed: chdir (\"..\"): %m\n"); ++ return; ++ } ++ if (remove (toolong_subdir) != 0) ++ { ++ printf ("warning: could not remove subdirectory: %s: %m\n", ++ toolong_subdir); ++ return; ++ } ++ } + } + + void +@@ -123,6 +255,9 @@ support_delete_temp_files (void) + around, to prevent PID reuse.) */ + if (temp_name_list->owner == pid) + { ++ if (temp_name_list->toolong) ++ remove_toolong_subdirs (temp_name_list->name); ++ + if (remove (temp_name_list->name) != 0) + printf ("warning: could not remove temporary file: %s: %m\n", + temp_name_list->name); +@@ -147,3 +282,9 @@ support_print_temp_files (FILE *f) + fprintf (f, ")\n"); + } + } ++ ++void ++support_set_test_dir (const char *path) ++{ ++ test_dir = path; ++} +diff --git a/support/temp_file.h b/support/temp_file.h +index f3a7fb6..a22964c 100644 +--- a/support/temp_file.h ++++ b/support/temp_file.h +@@ -44,6 +44,15 @@ int create_temp_file_in_dir (const char *base, const char *dir, + returns. The caller should free this string. */ + char *support_create_temp_directory (const char *base); + ++/* Create a temporary directory tree that is longer than PATH_MAX and schedule ++ it for deletion. BASENAME is used as a prefix for the unique directory ++ name, which the function returns. The caller should free this string. */ ++char *support_create_and_chdir_toolong_temp_directory (const char *basename); ++ ++/* Change into the innermost directory of the directory tree BASE, which was ++ created using support_create_and_chdir_toolong_temp_directory. */ ++void support_chdir_toolong_temp_directory (const char *base); ++ + __END_DECLS + + #endif /* SUPPORT_TEMP_FILE_H */ +-- +1.8.3.1 + diff --git a/tst-realpath-toolong-Fix-hurd-build.patch b/tst-realpath-toolong-Fix-hurd-build.patch new file mode 100644 index 0000000000000000000000000000000000000000..644578293fe7f2da38be2b9b0cc50b066ccf6e81 --- /dev/null +++ b/tst-realpath-toolong-Fix-hurd-build.patch @@ -0,0 +1,31 @@ +From 8c8a71c85f2ed5cc90d08d82ce645513fc907cb6 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Mon, 24 Jan 2022 10:57:09 +0530 +Subject: [PATCH] tst-realpath-toolong: Fix hurd build + +Define PATH_MAX to a constant if it isn't already defined, like in hurd. + +Signed-off-by: Siddhesh Poyarekar +(cherry picked from commit 976db046bc3a3738f69255ae00b0a09b8e77fd9c) +--- + stdlib/tst-realpath-toolong.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/stdlib/tst-realpath-toolong.c b/stdlib/tst-realpath-toolong.c +index 8bed772..4388890 100644 +--- a/stdlib/tst-realpath-toolong.c ++++ b/stdlib/tst-realpath-toolong.c +@@ -29,6 +29,10 @@ + + #define BASENAME "tst-realpath-toolong." + ++#ifndef PATH_MAX ++# define PATH_MAX 1024 ++#endif ++ + int + do_test (void) + { +-- +1.8.3.1 +