[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Commits] r24413 - in /fsf/trunk/libc: ./ locale/ rt/ stdio-common/ sysdeps/unix/sysv/linux/



Author: eglibc
Date: Fri Nov  1 00:01:41 2013
New Revision: 24413

Log:
Import glibc-mainline for 2013-11-01

Modified:
    fsf/trunk/libc/ChangeLog
    fsf/trunk/libc/NEWS
    fsf/trunk/libc/locale/iso-639.def
    fsf/trunk/libc/rt/tst-shm.c
    fsf/trunk/libc/stdio-common/tst-sscanf.c
    fsf/trunk/libc/stdio-common/vfscanf.c
    fsf/trunk/libc/sysdeps/unix/sysv/linux/shm_open.c

Modified: fsf/trunk/libc/ChangeLog
==============================================================================
--- fsf/trunk/libc/ChangeLog (original)
+++ fsf/trunk/libc/ChangeLog Fri Nov  1 00:01:41 2013
@@ -1,3 +1,21 @@
+2013-10-31  Chris Leonard  <cjl@xxxxxxxxxxxxx>
+
+	* locale/iso-639.def: Add Meadow Mari (mhr).
+
+2013-10-31  OndÃÂej BÃÂlka  <neleai@xxxxxxxxx>
+
+	[BZ #14752], [BZ #15763]
+	* sysdeps/unix/sysv/linux/shm_open.c (shm_open, shm_unlink):
+	Validate name.
+	* rt/tst_shm.c: Add test for escaping directory.
+
+2013-10-31  Andreas Schwab  <schwab@xxxxxxx>
+
+	[BZ #15917]
+	* stdio-common/vfscanf.c (_IO_vfwscanf): Handle leading '0' not
+	followed by 'x' as part of digit sequence.
+	* stdio-common/tst-sscanf.c (double_tests2): New tests.
+
 2013-10-31  Marc-Antoine Perennou <Marc-Antoine@xxxxxxxxxxxx>
 
 	[BZ #16037]
@@ -23,7 +41,7 @@
 
 2013-10-30  OndÃÂej BÃÂlka  <neleai@xxxxxxxxx>
 
-	[BZ 15799]
+	[BZ #15799]
 	* stdlib/div.c (div): Remove obsolete code.
 	* stdlib/ldiv.c (ldiv): Likewise.
 	* stdlib/lldiv.c (lldiv): Likewise.

Modified: fsf/trunk/libc/NEWS
==============================================================================
--- fsf/trunk/libc/NEWS (original)
+++ fsf/trunk/libc/NEWS Fri Nov  1 00:01:41 2013
@@ -10,13 +10,14 @@
 * The following bugs are resolved with this release:
 
   156, 431, 832, 2801, 9954, 10278, 11087, 13028, 13982, 13985, 14029,
-  14155, 14547, 14699, 14876, 14910, 15048, 15218, 15277, 15308, 15362,
-  15400, 15427, 15522, 15531, 15532, 15608, 15609, 15610, 15632, 15640,
-  15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748, 15749,
-  15754, 15760, 15764, 15797, 15799, 15825, 15844, 15847, 15849, 15855,
-  15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892, 15893, 15895,
-  15897, 15905, 15909, 15919, 15921, 15923, 15939, 15948, 15963, 15966,
-  15988, 16032, 16034, 16036, 16037, 16041, 16071, 16072, 16074, 16078.
+  14155, 14547, 14699, 14752, 14876, 14910, 15048, 15218, 15277, 15308,
+  15362, 15400, 15427, 15522, 15531, 15532, 15608, 15609, 15610, 15632,
+  15640, 15670, 15672, 15680, 15681, 15723, 15734, 15735, 15736, 15748,
+  15749, 15754, 15760, 15763, 15764, 15797, 15799, 15825, 15844, 15847,
+  15849, 15855, 15856, 15857, 15859, 15867, 15886, 15887, 15890, 15892,
+  15893, 15895, 15897, 15905, 15909, 15917, 15919, 15921, 15923, 15939,
+  15948, 15963, 15966, 15988, 16032, 16034, 16036, 16037, 16041, 16071,
+  16072, 16074, 16078.
 
 * CVE-2012-4412 The strcoll implementation caches indices and rules for
   large collation sequences to optimize multiple passes.  This cache
@@ -48,8 +49,8 @@
 * CVE-2013-4458 Stack overflow in getaddrinfo with large number of results
   for AF_INET6 has been fixed (Bugzilla #16072).
 
-* New locales: ak_GH, anp_IN, ar_SS, cmn_TW, hak_TW, lzh_TW, nan_TW, pap_AW, pap_CW,
-  quz_PE
+* New locales: ak_GH, anp_IN, ar_SS, cmn_TW, hak_TW, lzh_TW, nan_TW, pap_AW,
+  pap_CW, quz_PE
 
 * Substantially revised locales: gd_GB, ht_HT
 

Modified: fsf/trunk/libc/locale/iso-639.def
==============================================================================
--- fsf/trunk/libc/locale/iso-639.def (original)
+++ fsf/trunk/libc/locale/iso-639.def Fri Nov  1 00:01:41 2013
@@ -311,6 +311,7 @@
 DEFINE_LANGUAGE_CODE3 ("Marwari", mwr, mwr)
 DEFINE_LANGUAGE_CODE3 ("Masai", mas, mas)
 DEFINE_LANGUAGE_CODE3 ("Mayan languages", myn, myn)
+DEFINE_LANGUAGE_CODE3 ("Meadow Mari", mhr, mhr)
 DEFINE_LANGUAGE_CODE3 ("Mende", men, men)
 DEFINE_LANGUAGE_CODE3 ("Mi'kmaq; Micmac", mic, mic)
 DEFINE_LANGUAGE_CODE3 ("Minangkabau", min, min)

Modified: fsf/trunk/libc/rt/tst-shm.c
==============================================================================
--- fsf/trunk/libc/rt/tst-shm.c (original)
+++ fsf/trunk/libc/rt/tst-shm.c Fri Nov  1 00:01:41 2013
@@ -134,6 +134,14 @@
   int status2;
   struct stat64 st;
 
+  fd = shm_open ("/../escaped", O_RDWR | O_CREAT | O_TRUNC | O_EXCL, 0600);
+  if (fd != -1)
+    {
+      perror ("read file outside of SHMDIR directory");
+      return 1;
+    }
+
+
   /* Create the shared memory object.  */
   fd = shm_open ("/shm-test", O_RDWR | O_CREAT | O_TRUNC | O_EXCL, 0600);
   if (fd == -1)

Modified: fsf/trunk/libc/stdio-common/tst-sscanf.c
==============================================================================
--- fsf/trunk/libc/stdio-common/tst-sscanf.c (original)
+++ fsf/trunk/libc/stdio-common/tst-sscanf.c Fri Nov  1 00:01:41 2013
@@ -109,6 +109,19 @@
   { L("-inf"), L("%g"), 1 }
 };
 
+struct test2
+{
+  const CHAR *str;
+  const CHAR *fmt;
+  int retval;
+  char residual;
+} double_tests2[] =
+{
+  { L("0e+0"), L("%g%c"), 1, 0 },
+  { L("0xe+0"), L("%g%c"), 2, '+' },
+  { L("0x.e+0"), L("%g%c"), 2, '+' },
+};
+
 int
 main (void)
 {
@@ -196,5 +209,26 @@
 	}
     }
 
+  for (i = 0; i < sizeof (double_tests2) / sizeof (double_tests2[0]); ++i)
+    {
+      double dummy;
+      int ret;
+      char c = 0;
+
+      if ((ret = SSCANF (double_tests2[i].str, double_tests2[i].fmt,
+			 &dummy, &c)) != double_tests2[i].retval)
+	{
+	  printf ("double_tests2[%d] returned %d != %d\n",
+		  i, ret, double_tests2[i].retval);
+	  result = 1;
+	}
+      else if (ret == 2 && c != double_tests2[i].residual)
+	{
+	  printf ("double_tests2[%d] stopped at '%c' != '%c'\n",
+		  i, c, double_tests2[i].residual);
+	  result = 1;
+	}
+    }
+
   return result;
 }

Modified: fsf/trunk/libc/stdio-common/vfscanf.c
==============================================================================
--- fsf/trunk/libc/stdio-common/vfscanf.c (original)
+++ fsf/trunk/libc/stdio-common/vfscanf.c Fri Nov  1 00:01:41 2013
@@ -1966,6 +1966,8 @@
 		  if (width > 0)
 		    --width;
 		}
+	      else
+		got_digit = 1;
 	    }
 
 	  while (1)

Modified: fsf/trunk/libc/sysdeps/unix/sysv/linux/shm_open.c
==============================================================================
--- fsf/trunk/libc/sysdeps/unix/sysv/linux/shm_open.c (original)
+++ fsf/trunk/libc/sysdeps/unix/sysv/linux/shm_open.c Fri Nov  1 00:01:41 2013
@@ -148,14 +148,15 @@
   while (name[0] == '/')
     ++name;
 
-  if (name[0] == '\0')
-    {
-      /* The name "/" is not supported.  */
+  namelen = strlen (name);
+
+  /* Validate the filename.  */
+  if (name[0] == '\0' || namelen > NAME_MAX || strchr (name, '/') == NULL)
+    {
       __set_errno (EINVAL);
       return -1;
     }
 
-  namelen = strlen (name);
   fname = (char *) alloca (mountpoint.dirlen + namelen + 1);
   __mempcpy (__mempcpy (fname, mountpoint.dir, mountpoint.dirlen),
 	     name, namelen + 1);
@@ -237,14 +238,15 @@
   while (name[0] == '/')
     ++name;
 
-  if (name[0] == '\0')
-    {
-      /* The name "/" is not supported.  */
+  namelen = strlen (name);
+
+  /* Validate the filename.  */
+  if (name[0] == '\0' || namelen > NAME_MAX || strchr (name, '/') == NULL)
+    {
       __set_errno (ENOENT);
       return -1;
     }
 
-  namelen = strlen (name);
   fname = (char *) alloca (mountpoint.dirlen + namelen + 1);
   __mempcpy (__mempcpy (fname, mountpoint.dir, mountpoint.dirlen),
 	     name, namelen + 1);

_______________________________________________
Commits mailing list
Commits@xxxxxxxxxx
http://eglibc.org/cgi-bin/mailman/listinfo/commits