From 2b055ddc67425f6850b6ddd98d021f52ee6051ea Mon Sep 17 00:00:00 2001 From: Alexey Neyman Date: Sat, 12 May 2018 23:17:03 -0700 Subject: Second batch of backported fixes getlogin/getlogin_r, zic Signed-off-by: Alexey Neyman diff --git a/packages/glibc-linaro/2.20-2014.11/0013-utmp-nonstring.patch b/packages/glibc-linaro/2.20-2014.11/0013-utmp-nonstring.patch new file mode 100644 index 0000000..a4570fb --- /dev/null +++ b/packages/glibc-linaro/2.20-2014.11/0013-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -393,6 +393,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc-linaro/2.20-2014.11/0014-getlogin_r-use-strnlen.patch b/packages/glibc-linaro/2.20-2014.11/0014-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc-linaro/2.20-2014.11/0014-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc-linaro/2.20-2014.11/0015-zic.c-use-memcpy.patch b/packages/glibc-linaro/2.20-2014.11/0015-zic.c-use-memcpy.patch new file mode 100644 index 0000000..ef768aa --- /dev/null +++ b/packages/glibc-linaro/2.20-2014.11/0015-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1713,7 +1713,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.12.1/0047-utmp-nonstring.patch b/packages/glibc/2.12.1/0047-utmp-nonstring.patch new file mode 100644 index 0000000..b789724 --- /dev/null +++ b/packages/glibc/2.12.1/0047-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -350,6 +350,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.12.1/0048-getlogin_r-use-strnlen.patch b/packages/glibc/2.12.1/0048-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..15a16bd --- /dev/null +++ b/packages/glibc/2.12.1/0048-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -83,7 +83,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -92,7 +92,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.12.1/0049-zic.c-use-memcpy.patch b/packages/glibc/2.12.1/0049-zic.c-use-memcpy.patch new file mode 100644 index 0000000..4c89446 --- /dev/null +++ b/packages/glibc/2.12.1/0049-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1648,7 +1648,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.12.2/0010-utmp-nonstring.patch b/packages/glibc/2.12.2/0010-utmp-nonstring.patch new file mode 100644 index 0000000..b789724 --- /dev/null +++ b/packages/glibc/2.12.2/0010-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -350,6 +350,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.12.2/0011-getlogin_r-use-strnlen.patch b/packages/glibc/2.12.2/0011-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..15a16bd --- /dev/null +++ b/packages/glibc/2.12.2/0011-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -83,7 +83,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -92,7 +92,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.12.2/0012-zic.c-use-memcpy.patch b/packages/glibc/2.12.2/0012-zic.c-use-memcpy.patch new file mode 100644 index 0000000..4c89446 --- /dev/null +++ b/packages/glibc/2.12.2/0012-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1648,7 +1648,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.13/0046-utmp-nonstring.patch b/packages/glibc/2.13/0046-utmp-nonstring.patch new file mode 100644 index 0000000..b789724 --- /dev/null +++ b/packages/glibc/2.13/0046-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -350,6 +350,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.13/0047-getlogin_r-use-strnlen.patch b/packages/glibc/2.13/0047-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..15a16bd --- /dev/null +++ b/packages/glibc/2.13/0047-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -83,7 +83,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -92,7 +92,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.13/0048-zic.c-use-memcpy.patch b/packages/glibc/2.13/0048-zic.c-use-memcpy.patch new file mode 100644 index 0000000..4c89446 --- /dev/null +++ b/packages/glibc/2.13/0048-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1648,7 +1648,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.14.1/0046-utmp-nonstring.patch b/packages/glibc/2.14.1/0046-utmp-nonstring.patch new file mode 100644 index 0000000..b789724 --- /dev/null +++ b/packages/glibc/2.14.1/0046-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -350,6 +350,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.14.1/0047-getlogin_r-use-strnlen.patch b/packages/glibc/2.14.1/0047-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..15a16bd --- /dev/null +++ b/packages/glibc/2.14.1/0047-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -83,7 +83,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -92,7 +92,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.14.1/0048-zic.c-use-memcpy.patch b/packages/glibc/2.14.1/0048-zic.c-use-memcpy.patch new file mode 100644 index 0000000..4c89446 --- /dev/null +++ b/packages/glibc/2.14.1/0048-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1648,7 +1648,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.15/0047-utmp-nonstring.patch b/packages/glibc/2.15/0047-utmp-nonstring.patch new file mode 100644 index 0000000..3943cdf --- /dev/null +++ b/packages/glibc/2.15/0047-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -375,6 +375,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -61,10 +61,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.15/0048-getlogin_r-use-strnlen.patch b/packages/glibc/2.15/0048-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..15a16bd --- /dev/null +++ b/packages/glibc/2.15/0048-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -83,7 +83,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -92,7 +92,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.15/0049-zic.c-use-memcpy.patch b/packages/glibc/2.15/0049-zic.c-use-memcpy.patch new file mode 100644 index 0000000..4c89446 --- /dev/null +++ b/packages/glibc/2.15/0049-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1648,7 +1648,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.16.0/0039-utmp-nonstring.patch b/packages/glibc/2.16.0/0039-utmp-nonstring.patch new file mode 100644 index 0000000..1f47956 --- /dev/null +++ b/packages/glibc/2.16.0/0039-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -375,6 +375,15 @@ + # define __glibc_unlikely(cond) (cond) + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -60,10 +60,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.16.0/0040-getlogin_r-use-strnlen.patch b/packages/glibc/2.16.0/0040-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.16.0/0040-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.16.0/0041-zic.c-use-memcpy.patch b/packages/glibc/2.16.0/0041-zic.c-use-memcpy.patch new file mode 100644 index 0000000..8679c0a --- /dev/null +++ b/packages/glibc/2.16.0/0041-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1695,7 +1695,7 @@ + #define DO(field) (void) fwrite((void *) tzh.field, \ + (size_t) sizeof tzh.field, (size_t) 1, fp) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.17/0015-utmp-nonstring.patch b/packages/glibc/2.17/0015-utmp-nonstring.patch new file mode 100644 index 0000000..0ffcbcc --- /dev/null +++ b/packages/glibc/2.17/0015-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -382,6 +382,15 @@ + # define __glibc_unlikely(cond) (cond) + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -60,10 +60,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.17/0016-getlogin_r-use-strnlen.patch b/packages/glibc/2.17/0016-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.17/0016-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.17/0017-zic.c-use-memcpy.patch b/packages/glibc/2.17/0017-zic.c-use-memcpy.patch new file mode 100644 index 0000000..e5ab81e --- /dev/null +++ b/packages/glibc/2.17/0017-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1609,7 +1609,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.18/0016-utmp-nonstring.patch b/packages/glibc/2.18/0016-utmp-nonstring.patch new file mode 100644 index 0000000..378d62e --- /dev/null +++ b/packages/glibc/2.18/0016-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -382,6 +382,15 @@ + # define __glibc_likely(cond) (cond) + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.18/0017-getlogin_r-use-strnlen.patch b/packages/glibc/2.18/0017-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.18/0017-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.18/0018-zic.c-use-memcpy.patch b/packages/glibc/2.18/0018-zic.c-use-memcpy.patch new file mode 100644 index 0000000..e5ab81e --- /dev/null +++ b/packages/glibc/2.18/0018-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1609,7 +1609,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = ZIC_VERSION; + convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt); + convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.19/0014-utmp-nonstring.patch b/packages/glibc/2.19/0014-utmp-nonstring.patch new file mode 100644 index 0000000..378d62e --- /dev/null +++ b/packages/glibc/2.19/0014-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -382,6 +382,15 @@ + # define __glibc_likely(cond) (cond) + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.19/0015-getlogin_r-use-strnlen.patch b/packages/glibc/2.19/0015-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.19/0015-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.19/0016-zic.c-use-memcpy.patch b/packages/glibc/2.19/0016-zic.c-use-memcpy.patch new file mode 100644 index 0000000..8b2b480 --- /dev/null +++ b/packages/glibc/2.19/0016-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1676,7 +1676,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.20/0014-utmp-nonstring.patch b/packages/glibc/2.20/0014-utmp-nonstring.patch new file mode 100644 index 0000000..5a3da64 --- /dev/null +++ b/packages/glibc/2.20/0014-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -392,6 +392,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.20/0015-getlogin_r-use-strnlen.patch b/packages/glibc/2.20/0015-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.20/0015-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.20/0016-zic.c-use-memcpy.patch b/packages/glibc/2.20/0016-zic.c-use-memcpy.patch new file mode 100644 index 0000000..ef768aa --- /dev/null +++ b/packages/glibc/2.20/0016-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1713,7 +1713,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.21/0014-utmp-nonstring.patch b/packages/glibc/2.21/0014-utmp-nonstring.patch new file mode 100644 index 0000000..dab4e02 --- /dev/null +++ b/packages/glibc/2.21/0014-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -399,6 +399,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #include + + #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.21/0015-getlogin_r-use-strnlen.patch b/packages/glibc/2.21/0015-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.21/0015-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.21/0016-zic.c-use-memcpy.patch b/packages/glibc/2.21/0016-zic.c-use-memcpy.patch new file mode 100644 index 0000000..ef768aa --- /dev/null +++ b/packages/glibc/2.21/0016-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1713,7 +1713,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.22/0014-utmp-nonstring.patch b/packages/glibc/2.22/0014-utmp-nonstring.patch new file mode 100644 index 0000000..98f142c --- /dev/null +++ b/packages/glibc/2.22/0014-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -399,6 +399,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #if (!defined _Static_assert && !defined __cplusplus \ + && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ + && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.22/0015-getlogin_r-use-strnlen.patch b/packages/glibc/2.22/0015-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..ff19964 --- /dev/null +++ b/packages/glibc/2.22/0015-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -82,7 +82,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -91,7 +91,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.22/0016-zic.c-use-memcpy.patch b/packages/glibc/2.22/0016-zic.c-use-memcpy.patch new file mode 100644 index 0000000..ef768aa --- /dev/null +++ b/packages/glibc/2.22/0016-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1713,7 +1713,7 @@ + } + #define DO(field) ((void) fwrite(tzh.field, sizeof tzh.field, 1, fp)) + tzh = tzh0; +- (void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.23/0010-utmp-nonstring.patch b/packages/glibc/2.23/0010-utmp-nonstring.patch new file mode 100644 index 0000000..98f142c --- /dev/null +++ b/packages/glibc/2.23/0010-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -399,6 +399,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #if (!defined _Static_assert && !defined __cplusplus \ + && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ + && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.23/0011-getlogin_r-use-strnlen.patch b/packages/glibc/2.23/0011-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..110adcd --- /dev/null +++ b/packages/glibc/2.23/0011-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -80,7 +80,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -89,7 +89,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.23/0012-zic.c-use-memcpy.patch b/packages/glibc/2.23/0012-zic.c-use-memcpy.patch new file mode 100644 index 0000000..96d0f1d --- /dev/null +++ b/packages/glibc/2.23/0012-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1819,7 +1819,7 @@ + } + #define DO(field) fwrite(tzh.field, sizeof tzh.field, 1, fp) + tzh = tzh0; +- strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.24/0010-utmp-nonstring.patch b/packages/glibc/2.24/0010-utmp-nonstring.patch new file mode 100644 index 0000000..5aad8a3 --- /dev/null +++ b/packages/glibc/2.24/0010-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -404,6 +404,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #if (!defined _Static_assert && !defined __cplusplus \ + && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ + && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.24/0011-getlogin_r-use-strnlen.patch b/packages/glibc/2.24/0011-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..110adcd --- /dev/null +++ b/packages/glibc/2.24/0011-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -80,7 +80,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -89,7 +89,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.24/0012-zic.c-use-memcpy.patch b/packages/glibc/2.24/0012-zic.c-use-memcpy.patch new file mode 100644 index 0000000..96d0f1d --- /dev/null +++ b/packages/glibc/2.24/0012-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1819,7 +1819,7 @@ + } + #define DO(field) fwrite(tzh.field, sizeof tzh.field, 1, fp) + tzh = tzh0; +- strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.25/0009-utmp-nonstring.patch b/packages/glibc/2.25/0009-utmp-nonstring.patch new file mode 100644 index 0000000..e5dd6f4 --- /dev/null +++ b/packages/glibc/2.25/0009-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -430,6 +430,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #if (!defined _Static_assert && !defined __cplusplus \ + && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ + && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.25/0010-getlogin_r-use-strnlen.patch b/packages/glibc/2.25/0010-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..110adcd --- /dev/null +++ b/packages/glibc/2.25/0010-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -80,7 +80,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -89,7 +89,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.25/0011-zic.c-use-memcpy.patch b/packages/glibc/2.25/0011-zic.c-use-memcpy.patch new file mode 100644 index 0000000..96d0f1d --- /dev/null +++ b/packages/glibc/2.25/0011-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1819,7 +1819,7 @@ + } + #define DO(field) fwrite(tzh.field, sizeof tzh.field, 1, fp) + tzh = tzh0; +- strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); diff --git a/packages/glibc/2.26/0003-utmp-nonstring.patch b/packages/glibc/2.26/0003-utmp-nonstring.patch new file mode 100644 index 0000000..bfcaad8 --- /dev/null +++ b/packages/glibc/2.26/0003-utmp-nonstring.patch @@ -0,0 +1,80 @@ +commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c +Author: Martin Sebor +Date: Wed Nov 15 17:39:59 2017 -0700 + + The -Wstringop-truncation option new in GCC 8 detects common misuses + of the strncat and strncpy function that may result in truncating + the copied string before the terminating NUL. To avoid false positive + warnings for correct code that intentionally creates sequences of + characters that aren't guaranteed to be NUL-terminated, arrays that + are intended to store such sequences should be decorated with a new + nonstring attribute. This change add this attribute to Glibc and + uses it to suppress such false positives. + + ChangeLog: + * misc/sys/cdefs.h (__attribute_nonstring__): New macro. + * sysdeps/gnu/bits/utmp.h (struct utmp): Use it. + * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same. + +--- + misc/sys/cdefs.h | 9 +++++++++ + sysdeps/gnu/bits/utmp.h | 9 ++++++--- + sysdeps/unix/sysv/linux/s390/bits/utmp.h | 9 ++++++--- + 3 files changed, 21 insertions(+), 6 deletions(-) + +--- a/misc/sys/cdefs.h ++++ b/misc/sys/cdefs.h +@@ -408,6 +408,15 @@ + # endif + #endif + ++#if __GNUC_PREREQ (8, 0) ++/* Describes a char array whose address can safely be passed as the first ++ argument to strncpy and strncat, as the char array is not necessarily ++ a NUL-terminated string. */ ++# define __attribute_nonstring__ __attribute__ ((__nonstring__)) ++#else ++# define __attribute_nonstring__ ++#endif ++ + #if (!defined _Static_assert && !defined __cplusplus \ + && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \ + && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__)) +--- a/sysdeps/gnu/bits/utmp.h ++++ b/sysdeps/gnu/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled +--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h ++++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h +@@ -59,10 +59,13 @@ + { + short int ut_type; /* Type of login. */ + pid_t ut_pid; /* Process ID of login process. */ +- char ut_line[UT_LINESIZE]; /* Devicename. */ ++ char ut_line[UT_LINESIZE] ++ __attribute_nonstring__; /* Devicename. */ + char ut_id[4]; /* Inittab ID. */ +- char ut_user[UT_NAMESIZE]; /* Username. */ +- char ut_host[UT_HOSTSIZE]; /* Hostname for remote login. */ ++ char ut_user[UT_NAMESIZE] ++ __attribute_nonstring__; /* Username. */ ++ char ut_host[UT_HOSTSIZE] ++ __attribute_nonstring__; /* Hostname for remote login. */ + struct exit_status ut_exit; /* Exit status of a process marked + as DEAD_PROCESS. */ + /* The ut_session and ut_tv fields must be the same size when compiled diff --git a/packages/glibc/2.26/0004-getlogin_r-use-strnlen.patch b/packages/glibc/2.26/0004-getlogin_r-use-strnlen.patch new file mode 100644 index 0000000..110adcd --- /dev/null +++ b/packages/glibc/2.26/0004-getlogin_r-use-strnlen.patch @@ -0,0 +1,47 @@ +commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c +Author: Joseph Myers +Date: Wed Nov 22 18:44:23 2017 +0000 + + Avoid use of strlen in getlogin_r (bug 22447). + + Building glibc with current mainline GCC fails, among other reasons, + because of an error for use of strlen on the nonstring ut_user field. + This patch changes the problem code in getlogin_r to use __strnlen + instead. It also needs to set the trailing NUL byte of the result + explicitly, because of the case where ut_user does not have such a + trailing NUL byte (but the result should always have one). + + Tested for x86_64. Also tested that, in conjunction with + , it fixes + the build for arm with mainline GCC. + + [BZ #22447] + * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not + strlen to compute length of ut_user and set trailing NUL byte of + result explicitly. + +--- + sysdeps/unix/getlogin_r.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +--- a/sysdeps/unix/getlogin_r.c ++++ b/sysdeps/unix/getlogin_r.c +@@ -80,7 +80,7 @@ + + if (result == 0) + { +- size_t needed = strlen (ut->ut_user) + 1; ++ size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1; + + if (needed > name_len) + { +@@ -89,7 +89,8 @@ + } + else + { +- memcpy (name, ut->ut_user, needed); ++ memcpy (name, ut->ut_user, needed - 1); ++ name[needed - 1] = 0; + result = 0; + } + } diff --git a/packages/glibc/2.26/0005-zic.c-use-memcpy.patch b/packages/glibc/2.26/0005-zic.c-use-memcpy.patch new file mode 100644 index 0000000..34ebbc5 --- /dev/null +++ b/packages/glibc/2.26/0005-zic.c-use-memcpy.patch @@ -0,0 +1,25 @@ +commit e69897bf202e18034cbef26f363bae64de70a196 +Author: Paul Eggert +Date: Sun Nov 12 22:00:28 2017 -0800 + + timezone: pacify GCC -Wstringop-truncation + + Problem reported by Martin Sebor in: + https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html + * timezone/zic.c (writezone): Use memcpy, not strncpy. + +--- + timezone/zic.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/timezone/zic.c ++++ b/timezone/zic.c +@@ -1949,7 +1949,7 @@ + } + #define DO(field) fwrite(tzh.field, sizeof tzh.field, 1, fp) + tzh = tzh0; +- strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); ++ memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic); + tzh.tzh_version[0] = version; + convert(thistypecnt, tzh.tzh_ttisgmtcnt); + convert(thistypecnt, tzh.tzh_ttisstdcnt); -- cgit v0.10.2-6-g49f6