* [Bug stdio/16618] wscanf allocates too little memory
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
@ 2014-06-13 8:11 ` fweimer at redhat dot com
2015-02-01 20:13 ` ppluzhnikov at google dot com
` (11 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: fweimer at redhat dot com @ 2014-06-13 8:11 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fweimer at redhat dot com
Flags| |security+
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
2014-06-13 8:11 ` [Bug stdio/16618] " fweimer at redhat dot com
@ 2015-02-01 20:13 ` ppluzhnikov at google dot com
2015-02-02 20:57 ` michael.tremer at ipfire dot org
` (10 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: ppluzhnikov at google dot com @ 2015-02-01 20:13 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Paul Pluzhnikov <ppluzhnikov at google dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
CC| |ppluzhnikov at google dot com
Assignee|unassigned at sourceware dot org |ppluzhnikov at google dot com
--- Comment #1 from Paul Pluzhnikov <ppluzhnikov at google dot com> ---
Asked for CVE: http://www.openwall.com/lists/oss-security/2015/02/01/8
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
2014-06-13 8:11 ` [Bug stdio/16618] " fweimer at redhat dot com
2015-02-01 20:13 ` ppluzhnikov at google dot com
@ 2015-02-02 20:57 ` michael.tremer at ipfire dot org
2015-02-04 10:02 ` [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472) fweimer at redhat dot com
` (9 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: michael.tremer at ipfire dot org @ 2015-02-02 20:57 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Michael Tremer <michael.tremer at ipfire dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |michael.tremer at ipfire dot org
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (2 preceding siblings ...)
2015-02-02 20:57 ` michael.tremer at ipfire dot org
@ 2015-02-04 10:02 ` fweimer at redhat dot com
2015-02-06 5:52 ` cvs-commit at gcc dot gnu.org
` (8 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: fweimer at redhat dot com @ 2015-02-04 10:02 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|wscanf allocates too little |wscanf allocates too little
|memory |memory (CVE-2015-1472)
Alias| |CVE-2015-1472
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (3 preceding siblings ...)
2015-02-04 10:02 ` [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472) fweimer at redhat dot com
@ 2015-02-06 5:52 ` cvs-commit at gcc dot gnu.org
2015-02-06 5:53 ` carlos at redhat dot com
` (7 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-06 5:52 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, master has been updated
via 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06 (commit)
from 04cb913ddf67ac90da274dd32b6ceafd57ca36ca (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 8 ++++++++
NEWS | 24 +++++++++++++++---------
stdio-common/tst-sscanf.c | 33 +++++++++++++++++++++++++++++++++
stdio-common/vfscanf.c | 12 ++++++------
4 files changed, 62 insertions(+), 15 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (4 preceding siblings ...)
2015-02-06 5:52 ` cvs-commit at gcc dot gnu.org
@ 2015-02-06 5:53 ` carlos at redhat dot com
2015-02-06 8:20 ` [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473) fweimer at redhat dot com
` (6 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: carlos at redhat dot com @ 2015-02-06 5:53 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Carlos O'Donell <carlos at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
CC| |carlos at redhat dot com
Resolution|--- |FIXED
Target Milestone|--- |2.21
--- Comment #3 from Carlos O'Donell <carlos at redhat dot com> ---
Fixed in 2.21.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (5 preceding siblings ...)
2015-02-06 5:53 ` carlos at redhat dot com
@ 2015-02-06 8:20 ` fweimer at redhat dot com
2015-02-17 7:25 ` cvs-commit at gcc dot gnu.org
` (5 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: fweimer at redhat dot com @ 2015-02-06 8:20 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|wscanf allocates too little |wscanf allocates too little
|memory (CVE-2015-1472) |memory (CVE-2015-1472,
| |CVE-2015-1473)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (6 preceding siblings ...)
2015-02-06 8:20 ` [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473) fweimer at redhat dot com
@ 2015-02-17 7:25 ` cvs-commit at gcc dot gnu.org
2015-02-23 14:06 ` cvs-commit at gcc dot gnu.org
` (4 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-17 7:25 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
--- Comment #5 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, release/2.20/master has been updated
via 4d54424420c6300efbf57a7b9aa8635a8b8c1942 (commit)
via 1bf9d48aec087062e2a14b77cb5ee1fa81be334c (commit)
via f9e0f439b72e0b2fb035be1bc60aaceeed7f6ed0 (commit)
via b0694b9e98ee64cb25490de0921ce307f3872749 (commit)
from f80af76648ed97a76745fad6caa3315a79cb1c7c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4d54424420c6300efbf57a7b9aa8635a8b8c1942
commit 4d54424420c6300efbf57a7b9aa8635a8b8c1942
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
(cherry picked from commit 5bd80bfe9ca0d955bfbbc002781bc7b01b6bcb06)
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1bf9d48aec087062e2a14b77cb5ee1fa81be334c
commit 1bf9d48aec087062e2a14b77cb5ee1fa81be334c
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Jan 30 06:50:20 2015 -0800
Use AVX unaligned memcpy only if AVX2 is available
memcpy with unaligned 256-bit AVX register loads/stores are slow on older
processorsl like Sandy Bridge. This patch adds bit_AVX_Fast_Unaligned_Load
and sets it only when AVX2 is available.
[BZ #17801]
* sysdeps/x86_64/multiarch/init-arch.c (__init_cpu_features):
Set the bit_AVX_Fast_Unaligned_Load bit for AVX2.
* sysdeps/x86_64/multiarch/init-arch.h (bit_AVX_Fast_Unaligned_Load):
New.
(index_AVX_Fast_Unaligned_Load): Likewise.
(HAS_AVX_FAST_UNALIGNED_LOAD): Likewise.
* sysdeps/x86_64/multiarch/memcpy.S (__new_memcpy): Check the
bit_AVX_Fast_Unaligned_Load bit instead of the bit_AVX_Usable bit.
* sysdeps/x86_64/multiarch/memcpy_chk.S (__memcpy_chk): Likewise.
* sysdeps/x86_64/multiarch/mempcpy.S (__mempcpy): Likewise.
* sysdeps/x86_64/multiarch/mempcpy_chk.S (__mempcpy_chk): Likewise.
* sysdeps/x86_64/multiarch/memmove.c (__libc_memmove): Replace
HAS_AVX with HAS_AVX_FAST_UNALIGNED_LOAD.
* sysdeps/x86_64/multiarch/memmove_chk.c (__memmove_chk): Likewise.
(cherry picked from commit 5f3d0b78e011d2a72f9e88b0e9ef5bc081d18f97)
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f9e0f439b72e0b2fb035be1bc60aaceeed7f6ed0
commit f9e0f439b72e0b2fb035be1bc60aaceeed7f6ed0
Author: Leonhard Holz <leonhard.holz@web.de>
Date: Tue Jan 13 11:33:56 2015 +0530
Fix memory handling in strxfrm_l [BZ #16009]
[Modified from the original email by Siddhesh Poyarekar]
This patch solves bug #16009 by implementing an additional path in
strxfrm that does not depend on caching the weight and rule indices.
In detail the following changed:
* The old main loop was factored out of strxfrm_l into the function
do_xfrm_cached to be able to alternativly use the non-caching version
do_xfrm.
* strxfrm_l allocates a a fixed size array on the stack. If this is not
sufficiant to store the weight and rule indices, the non-caching path is
taken. As the cache size is not dependent on the input there can be no
problems with integer overflows or stack allocations greater than
__MAX_ALLOCA_CUTOFF. Note that malloc-ing is not possible because the
definition of strxfrm does not allow an oom errorhandling.
* The uncached path determines the weight and rule index for every char
and for every pass again.
* Passing all the locale data array by array resulted in very long
parameter lists, so I introduced a structure that holds them.
* Checking for zero src string has been moved a bit upwards, it is
before the locale data initialization now.
* To verify that the non-caching path works correct I added a test run
to localedata/sort-test.sh & localedata/xfrm-test.c where all strings
are patched up with spaces so that they are too large for the caching path.
(cherry picked from commit 0f9e585480edcdf1e30dc3d79e24b84aeee516fa)
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b0694b9e98ee64cb25490de0921ce307f3872749
commit b0694b9e98ee64cb25490de0921ce307f3872749
Author: Roland McGrath <roland@hack.frob.com>
Date: Thu Sep 11 16:02:17 2014 -0700
Move findidx nested functions to top-level.
Needed in order to backport strxfrm_l security fix cleanly.
(cherry picked from commit 8c0ab919f63dc03a420751172602a52d2bea59a8)
Conflicts:
ChangeLog
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 77 +++++
NEWS | 8 +-
locale/weight.h | 13 +-
locale/weightwc.h | 13 +-
localedata/sort-test.sh | 7 +
localedata/xfrm-test.c | 52 +++-
posix/fnmatch.c | 8 +
posix/fnmatch_loop.c | 17 +-
posix/regcomp.c | 10 +-
posix/regex_internal.h | 7 +-
posix/regexec.c | 8 +-
stdio-common/tst-sscanf.c | 33 +++
stdio-common/vfscanf.c | 12 +-
string/strcoll_l.c | 9 +-
string/strxfrm_l.c | 491 +++++++++++++++++++++++++-------
sysdeps/x86_64/multiarch/init-arch.c | 9 +-
sysdeps/x86_64/multiarch/init-arch.h | 4 +
sysdeps/x86_64/multiarch/memcpy.S | 2 +-
sysdeps/x86_64/multiarch/memcpy_chk.S | 2 +-
sysdeps/x86_64/multiarch/memmove.c | 2 +-
sysdeps/x86_64/multiarch/memmove_chk.c | 2 +-
sysdeps/x86_64/multiarch/mempcpy.S | 2 +-
sysdeps/x86_64/multiarch/mempcpy_chk.S | 2 +-
23 files changed, 642 insertions(+), 148 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (7 preceding siblings ...)
2015-02-17 7:25 ` cvs-commit at gcc dot gnu.org
@ 2015-02-23 14:06 ` cvs-commit at gcc dot gnu.org
2015-02-23 14:23 ` cvs-commit at gcc dot gnu.org
` (3 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-23 14:06 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
--- Comment #6 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, ibm/2.20/master has been created
at 47cb886328acf41612165a93e05af3db3d20ee17 (commit)
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=47cb886328acf41612165a93e05af3db3d20ee17
commit 47cb886328acf41612165a93e05af3db3d20ee17
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d3b0c8db9a4080c4f8a71cbf6912c05422094594
commit d3b0c8db9a4080c4f8a71cbf6912c05422094594
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Feb 12 05:34:16 2015 -0600
powerpc: Fix TABORT encoding for little endian
This patch fix the TABORT encoding for toolchains with no support for
HTM builtins.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1d19c9bc0dabb1d10c07cf4eec063f9da8406c2f
commit 1d19c9bc0dabb1d10c07cf4eec063f9da8406c2f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Nov 7 12:34:52 2014 -0500
powerpc: abort transaction in syscalls
Linux kernel powerpc documentation states issuing a syscall inside a
transaction is not recommended and may lead to undefined behavior. It
also states syscalls does not abort transactoin neither they run in
transactional state.
To avoid side-effects being visible outside transactions, GLIBC with
lock elision enabled will issue a transaction abort instruction just
before all syscalls if hardware supports hardware transactions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=0f7cecb9cf4b370c3d72f67e048bb07e238cf110
commit 0f7cecb9cf4b370c3d72f67e048bb07e238cf110
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Nov 7 12:30:56 2014 -0500
powerpc: Add adaptive elision to rwlocks
This patch adds support for lock elision using ISA 2.07 hardware
transactional memory for rwlocks. The logic is similar to the
one presented in pthread_mutex lock elision.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1d45200a803939be3316b7ddf442906d544e9d43
commit 1d45200a803939be3316b7ddf442906d544e9d43
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Nov 7 12:25:32 2014 -0500
powerpc: Add the lock elision using HTM
This patch adds support for lock elision using ISA 2.07 hardware
transactional memory instructions for pthread_mutex primitives.
Similar to s390 version, the for elision logic defined in
'force-elision.h' is only enabled if ENABLE_LOCK_ELISION is defined.
Also, the lock elision code should be able to be built even with
a compiler that does not provide HTM support with builtins.
However I have noted the performance is sub-optimal due scheduling
pressures.
Conflicts:
ChangeLog
NEWS
sysdeps/unix/sysv/linux/powerpc/lowlevellock.h
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6831ddb38379c1924bd19b3203d161a4c3ed1e2e
commit 6831ddb38379c1924bd19b3203d161a4c3ed1e2e
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Sun Jan 11 19:33:17 2015 -0600
powerpc: Fix POWER7/PPC64 performance regression on LE
This patch fixes a performance regression on the POWER7/PPC64 memcmp
porting for Little Endian. The LE code uses 'ldbrx' instruction to read
the memory on byte reversed form, however ISA 2.06 just provide the indexed
form which uses a register value as additional index, instead of a fixed
value
enconded in the instruction.
And the port strategy for LE uses r0 index value and update the address
value on each compare loop interation. For large compare size values,
it adds 8 more instructions plus some more depending of trailing
size. This patch fixes it by adding pre-calculate indexes to remove the
address update on loops and tailing sizes.
For large sizes it shows a considerable gain, with double performance
pairing with BE.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=473b6083820fd156985bf7b2cb60db9d4031b536
commit 473b6083820fd156985bf7b2cb60db9d4031b536
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Jan 9 16:04:26 2015 -0500
powerpc: Optimized strncmp for POWER8/PPC64
This patch adds an optimized POWER8 strncmp. The implementation focus
on speeding up unaligned cases follwing the ideas of power8 strcmp.
The algorithm first check the initial 16 bytes, then align the first
function source and uses unaligned loads on second argument only.
Aditional checks for page boundaries are done for unaligned cases
(where sources alignment are different).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=299b9464d9a1a48bbcfbc1c7a99604091ec5248f
commit 299b9464d9a1a48bbcfbc1c7a99604091ec5248f
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date: Fri Jan 9 11:56:35 2015 -0500
powerpc: Optimize POWER7 strcmp trailing checks
This patch optimized the POWER7 trailing check by avoiding using byte
read operations and instead use the doubleword already readed with
bitwise operations.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6f0685edc6676c7266fdc30fd0769fb88d058f04
commit 6f0685edc6676c7266fdc30fd0769fb88d058f04
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Jan 7 07:18:30 2015 -0500
powerpc: Optimized strcmp for POWER8/PPC64
This patch adds an optimized POWER8 strcmp using unaligned accesses.
The algorithm first check the initial 16 bytes, then align the first
function source and uses unaligned loads on second argument only.
Aditional checks for page boundaries are done for unaligned cases
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a38f68f12fd03374d599eeb0b6943e50b0ff7348
commit a38f68f12fd03374d599eeb0b6943e50b0ff7348
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Dec 31 11:47:41 2014 -0500
powerpc: Optimized st{r,p}ncpy for POWER8/PPC64
This patch adds an optimized POWER8 st{r,p}ncpy using unaligned accesses.
It shows 10%-80% improvement over the optimized POWER7 one that uses
only aligned accesses, specially on unaligned inputs.
The algorithm first read and check 16 bytes (if inputs do not cross a 4K
page size). The it realign source to 16-bytes and issue a 16 bytes read
and compare loop to speedup null byte checks for large strings. Also,
different from POWER7 optimization, the null pad is done inline in the
implementation using possible unaligned accesses, instead of realying on
a memset call. Special case is added for page cross reads.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4242356131256e54ca3e96b0c6f2af773b7a69c8
commit 4242356131256e54ca3e96b0c6f2af773b7a69c8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Dec 23 13:39:23 2014 -0500
powerpc: Optimized strncat for POWER7/PPC64
With 3eb38795dbbbd816 (Simplify strncat) the generic algorithms uses
strlen, strnlen, and memcpy. This is faster than POWER7 current
implementation, especially for unaligned strings (where POWER7 code
uses byte-byte operations).
This patch removes the assembly implementation and uses a multiarch
specialization based on default algorithm calling optimized POWER7
symbols.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=11ce06e589429143595a6c4b60ac7ab6372201b1
commit 11ce06e589429143595a6c4b60ac7ab6372201b1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Dec 23 13:36:34 2014 -0500
powerpc: Optimized strcat for POWER8/PPC64
With new optimized strcpy for POWER8, this patch adds an optimized
strcat which uses it along with default implementation at strings/.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a9728856f02f74b60a546499c5bd8492d1726f98
commit a9728856f02f74b60a546499c5bd8492d1726f98
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Dec 23 05:59:44 2014 -0600
powerpc: Optimized st{r,p}cpy for POWER8/PPC64
This patch adds an optimized POWER8 strcpy using unaligned accesses.
For strings up to 16 bytes the implementation first calculate the
string size, like strlen, and issues a memcpy. For larger strings,
source is first aligned to 16 bytes and then tested over a loop that
reads 16 bytes am combine the cmpb results for speedup. Special case is
added for page cross reads.
It shows 30%-60% improvement over the optimized POWER7 one that uses
only aligned accesses.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b53db929e654aaf97a2a239e17a87b04c768b854
commit b53db929e654aaf97a2a239e17a87b04c768b854
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date: Wed Dec 31 14:05:00 2014 -0500
powerpc: POWER7 strcpy optimization for unaligned strings
This patch optimizes strcpy for ppc64/power7 for unaligned source or
destination address. The source or destination address is aligned
to doubleword and data is shifted based on the alignment and
added with the previous loaded data to be written as a doubleword.
For each load, cmpb instruction is used for faster null check.
The word aligned optimization is also removed, since the new unaligned
code path shows better results handling word-aligned strings.
More combination of unaligned inputs is also added in benchtest
to measure the improvement.The new optimization shows 2 to 80% of
performance improvement for longer string though it does not show
big difference on string size less than 16 due to additional checks.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f4f9fb08d49740d9f18918bcf9d45ca594f416ee
commit f4f9fb08d49740d9f18918bcf9d45ca594f416ee
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 15 17:41:13 2014 +0100
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5985c6ea868db23380977a35a2167549f9a3653b
commit 5985c6ea868db23380977a35a2167549f9a3653b
Author: Jeff Law <law@redhat.com>
Date: Mon Dec 15 10:09:32 2014 +0100
CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
A larger number of format specifiers coudld cause a stack overflow,
potentially allowing to bypass _FORTIFY_SOURCE format string
protection.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8647419a62d1d5641488ca6430bb679cf1e766e0
commit 8647419a62d1d5641488ca6430bb679cf1e766e0
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Nov 19 16:27:56 2014 -0500
powerpc: Add powerpc64 strpbrk optimization
This patch makes the POWER7 optimized strpbrk generic by using
default doubleword stores to zero the hash, instead of VSX
instructions. Performance on POWER7/POWER8 does not change.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f9f30622819b4d3685c0d448f3a3d49032472b07
commit f9f30622819b4d3685c0d448f3a3d49032472b07
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Nov 19 15:24:55 2014 -0500
powerpc: Add powerpc64 strcspn optimization
This patch makes the POWER7 optimized strcspn generic by using
default doubleword stores to zero the hash, instead of VSX
instructions. Performance on POWER7/POWER8 does not change.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=97104a4e2b866aae6a6593286b6c584339ef29d3
commit 97104a4e2b866aae6a6593286b6c584339ef29d3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Nov 19 14:24:18 2014 -0500
powerpc: Add powerpc64 strspn optimization
This patch makes the POWER7 optimized strspn generic by using
default doubleword stores to zero the hash, instead of VSX
instructions. Performance on POWER7/POWER8 machines does not changed.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d3e53c8246952898cd1fd23dfa0657b03db0e36b
commit d3e53c8246952898cd1fd23dfa0657b03db0e36b
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date: Mon Dec 1 09:03:58 2014 -0500
powerpc: strtok{_r} optimization for powerpc64
This patch optimizes strtok and strtok_r for POWERPC64.
A table of 256 characters is created and marked based on
the 'accept' argument and used to check for any occurance on
the input string.Loop unrolling is also used to gain improvements.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8b063985c1a750a1947fcf60e4606a3b0d7d0f37
commit 8b063985c1a750a1947fcf60e4606a3b0d7d0f37
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Nov 25 14:32:54 2014 -0500
powerpc: Fix missing barriers in atomic_exchange_and_add_{acq,rel}
On powerpc, atomic_exchange_and_add is implemented without any
barriers. This patchs adds the missing instruction and memory barrier
for acquire and release semanthics.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=364c58517bdcc91c5bf1fcb57b4befff8951a51b
commit 364c58517bdcc91c5bf1fcb57b4befff8951a51b
Author: Anton Blanchard <anton@samba.org>
Date: Tue Nov 25 07:26:12 2014 -0500
powerpc: Fix __arch_compare_and_exchange_bool_64_rel
Fix a typo in the inline assembly.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=133a24ba079abf1e762bd4d85670e0bd8df660c4
commit 133a24ba079abf1e762bd4d85670e0bd8df660c4
Author: Carlos O'Donell <carlos@redhat.com>
Date: Wed Nov 19 11:44:12 2014 -0500
CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
We expand the testsuite and add 3 new regression tests of roughly
the same form but with a couple of nested levels.
On top of the 3 new tests we add fork validation to the WRDE_NOCMD
testing. If any forks are detected during the execution of a wordexp()
call with WRDE_NOCMD, the test is marked as failed. This is slightly
heuristic since vfork might be used in the future, but it provides a
higher level of assurance that no shells were executed as part of
command substitution with WRDE_NOCMD in effect. In addition it doesn't
require libpthread or libdl, instead we use the public implementation
namespace function __register_atfork (already part of the public ABI
for libpthread).
Tested on x86_64 with no regressions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f8fbd413672816a429adc6b6c191ec8ea73421e8
commit f8fbd413672816a429adc6b6c191ec8ea73421e8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Nov 5 08:01:09 2014 -0500
powerpc: Simplify encoding of POWER8 instruction
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e154589132de915ef165a1e26f89ba6997170c2b
commit e154589132de915ef165a1e26f89ba6997170c2b
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Nov 3 07:26:33 2014 -0500
powerpc: Fix encoding of POWER8 instruction
This patch adds a binary encoding for 'mtvsrd' instruction to avoid
build failures when assembler does not support POWER8.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=46f58099960f7a2603c37c540d2644e392f0fdc7
commit 46f58099960f7a2603c37c540d2644e392f0fdc7
Author: Torvald Riegel <triegel@redhat.com>
Date: Sat Oct 18 01:01:58 2014 +0200
powerpc: Change atomic_write_barrier to have release semantics.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5f892cacbdf50322bc3ee2e131c105c71b495086
commit 5f892cacbdf50322bc3ee2e131c105c71b495086
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 15 12:19:09 2014 -0400
PowerPC: memset optimization for POWER8/PPC64
This patch adds an optimized memset implementation for POWER8. For
sizes from 0 to 255 bytes, a word/doubleword algorithm similar to
POWER7 optimized one is used.
For size higher than 255 two strategies are used:
1. If the constant is different than 0, the memory is written with
altivec vector instruction;
2. If constant is 0, dbcz instructions are used. The loop is unrolled
to clear 512 byte at time.
Using vector instructions increases throughput considerable, with a
double performance for sizes larger than 1024. The dcbz loops unrolls
also shows performance improvement, by doubling throughput for sizes
larger than 8192 bytes.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6bb56b6914e6435e251814a3a0ccd7fb65a7e36
commit e6bb56b6914e6435e251814a3a0ccd7fb65a7e36
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 15 16:54:46 2014 -0400
PowerPC: multiarch bzero cleanup for PPC64
This patch cleanups the multiarch bzero for powerpc64 by remove
the multiarch objects and use instead the the memset embedded
implementation presented in each multiarch optimization. The
code generate is essentially the same, but the TB_TOCLESS (which
is not essential).
Conflicts:
ChangeLog
This is backport of 3b473fecdf4c52989cd915b649bb6d26c042d048.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=10f5f4c8edc35b4c3912456ffee820975e20a50b
commit 10f5f4c8edc35b4c3912456ffee820975e20a50b
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date: Fri Nov 15 07:44:20 2013 -0600
Partially revert commit 2663b74f8103a2a8a46b4896439b7a452480fc7c
This change is necessary in order to avoid the issue documented at
http://sourceware.org/ml/libc-alpha/2013-05/msg00350.html.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6f905009b29769bd27077389ce4379d5de80df2
commit e6f905009b29769bd27077389ce4379d5de80df2
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date: Fri Nov 15 07:42:33 2013 -0600
Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.
-----------------------------------------------------------------------
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (8 preceding siblings ...)
2015-02-23 14:06 ` cvs-commit at gcc dot gnu.org
@ 2015-02-23 14:23 ` cvs-commit at gcc dot gnu.org
2015-02-23 15:02 ` cvs-commit at gcc dot gnu.org
` (2 subsequent siblings)
12 siblings, 0 replies; 14+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-23 14:23 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
--- Comment #7 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, ibm/2.19/master has been created
at b5faf032c4c6a2260a9a93d8d4df611caa8b54cc (commit)
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b5faf032c4c6a2260a9a93d8d4df611caa8b54cc
commit b5faf032c4c6a2260a9a93d8d4df611caa8b54cc
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=88a8a351f3a6a95205a1499fd68b79fc3d0b9d19
commit 88a8a351f3a6a95205a1499fd68b79fc3d0b9d19
Author: Carlos O'Donell <carlos@redhat.com>
Date: Wed Nov 19 11:44:12 2014 -0500
CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
We expand the testsuite and add 3 new regression tests of roughly
the same form but with a couple of nested levels.
On top of the 3 new tests we add fork validation to the WRDE_NOCMD
testing. If any forks are detected during the execution of a wordexp()
call with WRDE_NOCMD, the test is marked as failed. This is slightly
heuristic since vfork might be used in the future, but it provides a
higher level of assurance that no shells were executed as part of
command substitution with WRDE_NOCMD in effect. In addition it doesn't
require libpthread or libdl, instead we use the public implementation
namespace function __register_atfork (already part of the public ABI
for libpthread).
Tested on x86_64 with no regressions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=32404a33a03747951daafde164e3b14464c28fe9
commit 32404a33a03747951daafde164e3b14464c28fe9
Author: Allan McRae <allan@archlinux.org>
Date: Thu Dec 18 11:01:43 2014 +1000
Label CVE-2014-9402 in NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d2a6f3a27b791d91beec2ea91f293ec898080904
commit d2a6f3a27b791d91beec2ea91f293ec898080904
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 15 17:41:13 2014 +0100
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=39700792d4224af99ab52ea26e98a0a2a2ed6ac6
commit 39700792d4224af99ab52ea26e98a0a2a2ed6ac6
Author: Jeff Law <law@redhat.com>
Date: Mon Dec 15 10:09:32 2014 +0100
CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
A larger number of format specifiers coudld cause a stack overflow,
potentially allowing to bypass _FORTIFY_SOURCE format string
protection.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5cefe3fc8f35b50eb84cbb740268539a40651173
commit 5cefe3fc8f35b50eb84cbb740268539a40651173
Author: Allan McRae <allan@archlinux.org>
Date: Sat Jun 21 17:23:55 2014 +1000
Mention CVE-2014-4043 in NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=eece504424b59a1d8de7b4da9c64e24acaa6fbe0
commit eece504424b59a1d8de7b4da9c64e24acaa6fbe0
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Jun 11 23:12:52 2014 +0200
posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
POSIX requires that we make a copy, so we allocate a new string
and free it in posix_spawn_file_actions_destroy.
Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz. This bug
may have security implications.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dcf0cce30d91100005e9aeb002096236325648fb
commit dcf0cce30d91100005e9aeb002096236325648fb
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon May 12 15:24:12 2014 +0200
_nl_find_locale: Improve handling of crafted locale names [BZ #17137]
Prevent directory traversal in locale-related environment variables
(CVE-2014-0475).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a5da5d74ff2e0a6ee267f283be8dbccc92cec59a
commit a5da5d74ff2e0a6ee267f283be8dbccc92cec59a
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Aug 26 19:38:59 2014 +0200
__gconv_translit_find: Disable function [BZ #17187]
This functionality has never worked correctly, and the implementation
contained a security vulnerability (CVE-2014-5119).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e6cbfc1fa2c64cad3c599f419dd154cec5af23cc
commit e6cbfc1fa2c64cad3c599f419dd154cec5af23cc
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 3 19:45:43 2014 +0200
CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a
commit fa7cc069f4eb29c00ec3a833d73ec4a473b11c8a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 29 13:56:44 2014 -0500
PowerPC: Fix gprof entry point for LE
This patch fixes the ELFv2 gprof entry point since the ABI
does not define function descriptors. It fixes BZ#17213.
This is a backport of a53fbd8e6cd2f69bdfa3431d616a5f332aea6664.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1
commit 3c640c4acb9bc2c2cc7fa77d5ce1254953761dc1
Author: Alan Modra <amodra@gmail.com>
Date: Mon Jul 14 21:14:50 2014 +0930
Correct DT_PPC64_NUM
[BZ #17153]
* elf/elf.h (DT_PPC64_NUM): Correct value.
* NEWS: Add to fixed bug list.
This is a backport of f6c44d475104e931bab2b4ffa499961088de673c.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=957afa3407c426969eaaa348981b9648d5191ae2
commit 957afa3407c426969eaaa348981b9648d5191ae2
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 8 08:54:09 2014 -0500
PowerPC: Cleanup powerpc memmove
Now that MEMCPY_OK_FOR_FWD_MEMMOVE should be define on memcopy.h there
is no need to specialized powerpc memmove implementation. This patch
moves the define set to powerpc memcopy and cleanup its definition on
powerpc code.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8d9513a103bdd202ffa4884bdedc2c3c0dbab210
commit 8d9513a103bdd202ffa4884bdedc2c3c0dbab210
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 8 08:49:54 2014 -0500
PowerPC: Fix compiler warnings
This patch fixes some compiler due trailing data in #undef directives
and due missing prototypes.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b00ec143897f076ecbcedc7369b4b74e0c7f6d14
commit b00ec143897f076ecbcedc7369b4b74e0c7f6d14
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jul 8 08:35:44 2014 -0500
PowerPC: Add ifunc tests for memmove
This patch add the missing ifunc tests definition for memmove ppc32
optimization patch (commit 07aedd7).
This is a backport of 91f4b564bd7bedcd93e7047cad570ce292d6330b.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=565e3d6c8230affd7089bf5ebfcebbf72f32a27c
commit 565e3d6c8230affd7089bf5ebfcebbf72f32a27c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Jun 25 11:54:31 2014 -0500
PowerPC: Align power7 memcpy using VSX to quadword
This patch changes power7 memcpy to use VSX instructions only when
memory is aligned to quardword. It is to avoid unaligned kernel traps
on non-cacheable memory (for instance, memory-mapped I/O).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fae3527af330c32399e3a4cdfac3958fc440eb8
commit 6fae3527af330c32399e3a4cdfac3958fc440eb8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jun 24 08:47:52 2014 -0500
PowerPC: optimized memmove for POWER7/PPC32
This patch adds a optimized memmove for power7 by using the optimized
power7 memcpy for forward copying.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=5d55f9b05ecb85b7a543f641829479cfb081f380
commit 5d55f9b05ecb85b7a543f641829479cfb081f380
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Jun 20 12:55:16 2014 -0500
PowerPC: optimized memmove for POWER7/PPC64
This patch adds an optimized memmove optimization for POWER7/powerpc64.
Basically the idea is to use the memcpy for POWER7 on non-overlapped
memory regions and a optimized backward memcpy for memory regions
that overlap (similar to the idea of string/memmove.c).
The backward memcpy algorithm used is similar the one use for memcpy for
POWER7, with adjustments done for alignment. The difference is memory
is always aligned to 16 bytes before using VSX/altivec instructions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dde00e9914370ddd90c9bbc4f3f0e455efae4b47
commit dde00e9914370ddd90c9bbc4f3f0e455efae4b47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Jun 24 06:42:31 2014 -0500
PowerPC: memmove default implementation cleanup
This patch removes the powerpc specific logic in memmove and instead
include default implementation with MEMCPY_OK_FOR_FWD_MEMMOVE defined.
This lead in a increase performance, since the constraints to use
memcpy in powerpc code are too restrictive and memcpy can be used for
any forward memmove.
This is a backport of d6f68bbef4427850c2901728a1d13efc0e687297.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9841a0850ed3be4310ec6b49c3349e39a6f0f481
commit 9841a0850ed3be4310ec6b49c3349e39a6f0f481
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date: Wed Jun 11 22:21:20 2014 -0500
PowerPC: strcat optimization for PPC64/POWER7
This patch adds an ifunc power7 strcat symbol that uses the logic on
sysdeps/powerpc/strcat.c but call power7 strlen/strcpy symbols instead
of default ones.
This is a backport of bc8ea38590070604006399e42469087e943fc8ec.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ded8852b37f673b8e66163b44f70504dc5af0985
commit ded8852b37f673b8e66163b44f70504dc5af0985
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Jun 23 09:38:47 2014 -0500
PowerPC: sync hwcap.h capabilities
Linux commit dd58a092c4202f2bd490adab7285b3ff77f8e467 added the
PPC_FEATURE2_VEC_CRYPTO auvx capability to indicate whether to
hardware supports vector crypto hardware instructions. This patch
adds its definition to powerpc hwcap bits.
This is a backport of db22400947e1c82153e5270d23fed53fc1e3a659.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7e986751f5c05f3363c01c717972f87a681da0d0
commit 7e986751f5c05f3363c01c717972f87a681da0d0
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date: Tue Jun 17 08:46:25 2014 -0500
PowerPC: Fix nearbyintl failure for few inputs
This patch fixes few failures in nearbyintl() where the fraction part is
close to 0.5.i The new tests added report few extra failures in
nearbyint_downward and nearbyint_towardzero which is a known issue.
Fixes #17031.
This is a backport of 754c5a08aacb44895d1ab97c553ce424eb43f761.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2289a56644fc05786e2d5637c76d47afea7d38b9
commit 2289a56644fc05786e2d5637c76d47afea7d38b9
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date: Fri Jun 6 07:56:07 2014 -0500
PowerPC: Optimized strcmp for PPC64/POWER7
Optimization is achieved on 8 byte aligned strings with double word
comparison using cmpb instruction. On unaligned strings loop unrolling
is applied for Power7 gain.
It is a backport of e23d3d2690bf63207b1a47e83a94693daebbbfe5.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=010c023685495f4cd907b7bf7d15375edcbe1ead
commit 010c023685495f4cd907b7bf7d15375edcbe1ead
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Jun 6 09:37:07 2014 -0500
PowerPC: Fix optimized strncat strlen call
This patch fixes the optimized ppc64/power7 strncat strlen call for
static build without ifunc enabled. The strlen symbol to call in such
situation is just strlen, instead of __GI_strlen (since the __GI_
alias is just created for shared objects).
It is a backport of ed36bfa18faf9be457575568e64b8409e46caa22.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6f0aba1acab171bd853905b66c551336aa0adcf9
commit 6f0aba1acab171bd853905b66c551336aa0adcf9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Apr 8 17:25:14 2014 -0500
PowerPC: Fix --disable-multi-arch builds
This patch fixes some powerpc32 and powerpc64 builds with
--disable-multi-arch option along with different --with-cpu=powerN.
It cleanups the Implies directories by removing the multiarch
folder for non multiarch config and also fixing two assembly
implementations: powerpc64/power7/strncat.S that is calling the
wrong strlen; and power8/fpu/s_isnan.S that misses the hidden_def and
weak_alias directives.
It is a backport of de21c33c068c8e39afb5711613a7c083c11ce6a1.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e40df8c4677611afc48601472675593dfd087e4b
commit e40df8c4677611afc48601472675593dfd087e4b
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu May 22 14:48:38 2014 -0500
PowerPC: Remove 64 bits instructions in PPC32 code
This patch replaces the insrdi by insrwi in powerpc32 assembly.
It is a backport of d298c41635ce7f2dc7c3eccc842fe3aa754c0c8e.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a448439dfffc0878121e0941be9717e05786b1fe
commit a448439dfffc0878121e0941be9717e05786b1fe
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu May 22 07:53:44 2014 -0500
PowerPC: Fix memchr ifunc hidden symbol for PPC32
This patch fixes a similar issue to
736c304a1ab4cee36a2f3343f1698bc0abae4608, where for PPC32 if the symbol
is defined as hidden (memchr) then compiler will create a local branc
(symbol@local) and the linker will not create a required PLT call to
make the ifunc work. It changes the default hidden symbol (__GI_memchr)
to default memchr symbol for powerpc32 (__memchr_ppc32).
Backport of 3d2badacf185fac740a2992240a817fb2ca325af.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c725f80591aa98c5c0270feb80e857c5943c861a
commit c725f80591aa98c5c0270feb80e857c5943c861a
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon May 19 17:56:55 2014 -0500
PowerPC: Fix multiarch hypotf PPC64 path
This patch moves the hypotf multiarch implementation to correct path.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1db8c8c873e6112ee4ecddf1eff54f4abaab91a7
commit 1db8c8c873e6112ee4ecddf1eff54f4abaab91a7
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date: Mon May 5 19:10:45 2014 -0500
PowerPC: strncpy/stpncpy optimization for PPC64/POWER7
The optimization is achieved by following techniques:
> data alignment [gain from aligned memory access on read/write]
> POWER7 gains performance with loop unrolling/unwinding
[gain by reduction of branch penalty].
> zero padding done by calling optimized memset
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=08111251bbd7275024d9c945f442f61b06d98910
commit 08111251bbd7275024d9c945f442f61b06d98910
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri May 2 12:00:36 2014 -0500
PowerPC: ifunc improvement for internal calls
This patch changes de default symbol redirection for internal call of
memcpy, memset, memchr, and strlen to the IFUNC resolved ones. The
performance improvement is noticeable in algorithms that uses these
symbols extensible, like the regex functions.
This is a backport of 19c4bec0f43599eecc2f32de96ae179cd7d64053.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a8050d789589b73e7908b806d5c929facf76cc6b
commit a8050d789589b73e7908b806d5c929facf76cc6b
Author: Alan Modra <amodra@gmail.com>
Date: Wed Apr 16 19:33:32 2014 +0930
Correct IBM long double frexpl.
Besides fixing the bugzilla, this also fixes corner-cases where the high
and low double differ greatly in magnitude, and handles a denormal
input without resorting to a fp rescale.
[BZ #16740]
[BZ #16619]
* sysdeps/ieee754/ldbl-128ibm/s_frexpl.c (__frexpl): Rewrite.
* math/libm-test.inc (frexp_test_data): Add tests.
Backport of aa5f0ff11ad2cc85277c64cf65c723a9664e1149 and
9860b0450275ad2b69cb9360fd01d5c122a65fc5.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=154d4d95f48061d5ab890c85b6015221c1accc6e
commit 154d4d95f48061d5ab890c85b6015221c1accc6e
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Sun Apr 6 14:50:11 2014 -0500
PowerPC: Fix nearbyint/nearbyintf result for FE_DOWNWARD
This patch fixes the powerpc32 optimized nearbyint/nearbyintf bogus
results for FE_DOWNWARD rounding mode. This is due wrong instructions
sequence used in the rounding calculation (two subtractions instead of
adition and a subtraction).
Fixes BZ#16815.
Backport of 8bd70862e11023e7f827f240a5a214f847ae982d.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e266b71770050a4d0cb276f4afea1c5b05215184
commit e266b71770050a4d0cb276f4afea1c5b05215184
Author: Alan Modra <amodra@gmail.com>
Date: Wed Apr 2 13:46:19 2014 +1030
Correct IBM long double nextafterl.
Fix for values near a power of two, and some tidies.
[BZ #16739]
* sysdeps/ieee754/ldbl-128ibm/s_nextafterl.c (__nextafterl): Correct
output when value is near a power of two. Use int64_t for lx and
remove casts. Use decimal rather than hex exponent constants.
Don't use long double multiplication when double will suffice.
* math/libm-test.inc (nextafter_test_data): Add tests.
* NEWS: Add 16739 and 16786 to bug list.
Backport of b0abbc21034f0e5edc49023d8fda0616173faf17.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b23fc92895aff0ce3d3134a91adaa253bffd187a
commit b23fc92895aff0ce3d3134a91adaa253bffd187a
Author: Alan Modra <amodra@gmail.com>
Date: Wed Apr 2 13:42:27 2014 +1030
Correct prefetch hint in power7 memrchr.
Typo fix.
* sysdeps/powerpc/powerpc64/power7/memrchr.S: Correct stream hint.
Backport of af6b17973cbc07ac06cfb40eeab5cc2391fb489a.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=acd56f757b4e5ab8737b9564bd7a4ad1009acd8d
commit acd56f757b4e5ab8737b9564bd7a4ad1009acd8d
Author: Alan Modra <amodra@gmail.com>
Date: Wed Apr 2 13:40:21 2014 +1030
Fix reference to toc symbol.
https://sourceware.org/ml/binutils/2014-03/msg00033.html removes the
"magic" treatment of symbols defined in a .toc section.
* sysdeps/powerpc/powerpc64/start.S: Add @toc to toc symbol reference.
Backport of 483818d768ed99a5edf4114298a75ebedaee8d5c.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fd5100c480beef3d36c4bf74b6a23529695d036c
commit fd5100c480beef3d36c4bf74b6a23529695d036c
Author: Alan Modra <amodra@gmail.com>
Date: Tue Apr 1 14:07:42 2014 +1030
Fix s_copysign stack temp for PowerPC64 ELFv2
[BZ #16786]
* sysdeps/powerpc/powerpc64/fpu/s_copysign.S: Don't trash stack.
Backport of c859b32e9d76afe8a3f20bb9528961a573c06937.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a51aafa398ed7dd2a0a846c1b2ed8a37909609eb
commit a51aafa398ed7dd2a0a846c1b2ed8a37909609eb
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Mar 31 08:07:55 2014 -0500
PowerPC: Fix little endian enconding for mfvsrd
This patch fixes the MFVSRD_R3_V1 macro that encodes 'mfvsrd r3,vs1'
(to support old binutils) for little endian.
Backport of 757d9dd5c3efa56fac75965abc014faaae7b7895.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=62caa3eed2a154a61a01df3a5f3dde3ff400f4d4
commit 62caa3eed2a154a61a01df3a5f3dde3ff400f4d4
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Mar 20 15:28:07 2014 -0500
PowerPC: optimized strpbrk for POWER7
This patch add an optimized strpbrk for POWER7 by using a different
algorithm than default implementation: it constructs a table based on
the 'accept' argument and use this table to check for any occurance on
the input string. The idea is similar as x86_64 uses.
For PowerPC some tunings were added, such as unroll loops and memory
clear using VSX instructions.
Backport of 6f23d0939e9651d8ac3c77a835fb6464b35a1dc4
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c0afc58657f482f4c31ccade06e7b059e761186c
commit c0afc58657f482f4c31ccade06e7b059e761186c
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Mar 20 11:24:52 2014 -0500
PowerPC: optimized strcspn for PPC64/POWER7
This patch add a optimized strcspn for POWER7 by using a different
algorithm than default implementation: it constructs a table based on
the 'accept' argument and use this table to check for any occurance
on the input string. The idea is similar as x86_64 uses.
For PowerPC some tunings were added, such as unroll loops and align
stack memory to table to 16 bytes (so VSX clean can ran without
alignment issues).
Backport of 6eaf95cbfa0031ea267682dc2c9c17ed3e3dc167
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ac6d8452be2d582e4a2b14525c839c71b9351991
commit ac6d8452be2d582e4a2b14525c839c71b9351991
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Mar 14 12:49:45 2014 -0500
PowerPC: remove wrong roundl implementation for PowerPC64
The roundl assembly implementation
(sysdeps/powerpc/powerpc64/fpu/s_roundl.S)
returns wrong results for some inputs where first double is a exact
integer and the precision is determined by second long double.
Checking on implementation comments and history, I am very confident the
assembly implementation was based on a version before commit
5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
long double (ldbl-128ibm) rounding functions in glibc-2.4).
By just removing the implementation and make the build select
sysdeps/ieee754/ldbl-128ibm/s_roundl.c instead fixes the failing math.
This fixes 16707.
Backport of c7de50250367167d8c9f35594b264f6a0af8dd0c
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c5ac422010eb6b384c3b4e45ab0049172f0ad688
commit c5ac422010eb6b384c3b4e45ab0049172f0ad688
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Mar 14 12:27:52 2014 -0500
PowerPC: remove wrong nearbyintl implementation for PPC64
The nearbyintl assembly implementation
(sysdeps/powerpc/powerpc64/fpu/s_nearbyintl.S)
returns wrong results for some inputs where first double is a exact
integer and the precision is determined by second long double.
Checking on implementation comments and history, I am very confident the
assembly implementation was based on a version before commit
5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
long double (ldbl-128ibm) rounding functions in glibc-2.4).
By just removing the implementation and make the build select
sysdeps/ieee754/ldbl-128ibm/s_nearbyintl.c instead fixes the failing
math.
Fixes BZ#16706.
Backport of 98fb27a373f37554232e0060eef1a5bb00a07eb0
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=7986a2d12b7ea0653f0366200c703a3905edffd9
commit 7986a2d12b7ea0653f0366200c703a3905edffd9
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Mar 14 07:35:43 2014 -0500
PowerPC: remove wrong ceill implementation for PowerPC64
The ceill assembly implementation (sysdeps/powerpc/powerpc64/fpu/s_ceill.S)
returns wrong results for some inputs where first double is a exact
integer and the precision is determined by second long double.
Checking on implementation comments and history, I am very confident the
assembly implementation was based on a version before commit
5c68d401698a58cf7da150d9cce769fa6679ba5f that fixes BZ#2423 (Errors in
long double (ldbl-128ibm) rounding functions in glibc-2.4).
By just removing the implementation and make the build select
sysdeps/ieee754/ldbl-128ibm/s_ceill.c instead fixes the failing math.
Fixes BZ#16701.
Backport of 374f7f61214967bb4e2257695aeeeecc2a77f369
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a56198dbb21767bde0003d3062d5ec7a8e1279f1
commit a56198dbb21767bde0003d3062d5ec7a8e1279f1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Mar 14 12:15:40 2014 -0500
Add truncl tests related to BZ#16414
Backport of 4655c291d1808c35b7c54236ae62be7a3aaa0a2d
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a52b3f7e4c4de8705370adda4b390293780dc768
commit a52b3f7e4c4de8705370adda4b390293780dc768
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Mar 12 08:55:50 2014 -0500
PowerPC: Fix bzero definition for static libc for PPC32
This patch fixes an issue for powerpc32-fpu static build which fails
with an 'bzero' undefined reference. This patch adds bzero ifunc selector
for static builds and fixes the '__bzero_ppc' reference to default
memset symbol (since static memset build does not provide ifunc
selector).
Fixes BZ#16689.
Backport of dd3946c615184e1957a0cb09352cac72be5d6d5b.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=09e09c2872ab52c8a42b907105343520019ca1d1
commit 09e09c2872ab52c8a42b907105343520019ca1d1
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Mar 11 16:17:50 2014 -0500
PowerPC: Fix strspn for static build
This patch makes the strspn ifunc selector build for static builds.
This is a backport of 27c7220a483bda576533aa9a0a9b42175644b1a1
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f510d35c58d16c32ce988d053c9a525b8e38fe47
commit f510d35c58d16c32ce988d053c9a525b8e38fe47
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Mar 10 15:26:20 2014 -0500
PowerPC: Fix bzero definition for static libc for PPC64
This patch fixes an issue for powerpc64[le] static build where __bzero
is definied in multiple places (memset-ppc64.o and bzero.o). It is now
defined only in bzero.o and memset-ppc64.o only defined __bzero_ppc for
both dynamic and static library.
Fixes BZ#16683.
Backport of 4facea473059914983b7da8dd654c06b8e3dcc41
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=afd75351c2f3cae4a2daf88c50faad889e3a0f2b
commit afd75351c2f3cae4a2daf88c50faad889e3a0f2b
Author: Vidya Ranganathan <vidya@linux.vnet.ibm.com>
Date: Mon Mar 10 12:20:36 2014 -0400
PowerPC: strspn optimization for PPC64/POWER7
The optimization is achieved by following techniques:
> hashing of needle.
> hashing avoids scanning of duplicate entries in needle across the
string.
> initializing the hash table with Vector instructions (VSX) by quadword
access.
> unrolling when scanning for character in string across hash table.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e5829d82c88117c9f4752cedfefc8516cb9ffdf7
commit e5829d82c88117c9f4752cedfefc8516cb9ffdf7
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Mar 7 06:09:47 2014 -0600
PowerPC: strncat optimization for PPC64
The optimization is achieved by following techniques:
1. Doubleword aligned memory access and compares using
cmpb instruction.
2. Loop unrolling for byte load/store.
3. CPU pre-fetch to avoid cache miss.
Backport of ba9cc0714e58a9e8fa73cf6b0e205cbf1e6b71f2
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e032058ea756e396c4ed1395a44d8b321e370b2f
commit e032058ea756e396c4ed1395a44d8b321e370b2f
Author: Rajalakshmi Srinivasaraghavan <raji@linux.vnet.ibm.com>
Date: Mon Mar 3 08:06:41 2014 -0600
PowerPC: strrchr optimization for POWER7/PPC64
This patch optimizes strrchr() for ppc64. It uses aligned memory
access along with cmpb instruction and CPU prefetch to avoid
cache misses for speed improvement.
Backport of c7debbdfacbef150aaf9113eb05ccaf2b9e7af6c
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=54dd35c59cda5f59c2f3ae783468da4b94f30dff
commit 54dd35c59cda5f59c2f3ae783468da4b94f30dff
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Feb 17 10:44:08 2014 -0600
PowerPC: llround/llroundf POWER8 optimization
This patch add a optimized llround/llroundf implementation for POWER8
using the new Move From VSR Doubleword instruction to gains some
cycles from FP to GRP register move.
Backport fe13a20c37578f08ce393ccaeb45caeb48815ca5
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b34f8e9fcd1274e69a9a59a28c270e2cada39c95
commit b34f8e9fcd1274e69a9a59a28c270e2cada39c95
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Tue Feb 18 09:29:29 2014 -0500
PowerPC: llrint/llrintf POWER8 optimization
This patch add a optimized llrint/llrintf implementation for POWER8
using the new Move From VSR Doubleword instruction to gains some
cycles from FP to GRP register move.
Backport of 1ad8950a3ea4056ed343d681b5146f4b4aa27e10
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938
commit c3241bcd73c47d2bcd2a5ffe84a21d4853c8c938
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Feb 27 09:46:46 2014 -0600
PowerPC: Optimized finite/finitef for POWER8
This patch add a optimized finite/finitef implementation for POWER8
using the new Move From VSR Doubleword instruction to gains some
cycles from FP to GRP register move.
Backport of cac626d60a863e48ab75417064984769e58c5719.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1cd3b05dda2dab30cb7658193cb1af8f594f52f3
commit 1cd3b05dda2dab30cb7658193cb1af8f594f52f3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Feb 27 09:45:41 2014 -0600
PowerPC: Optimized isinf/isinff for POWER8
This patch add a optimized isinf/isinff implementation for POWER8
using the new Move From VSR Doubleword instruction to gains some
cycles from FP to GRP register move.
Backport of 4393fc119c34e97519b9b7a4fc94066b283be452
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=65c8daedb68b74eae860f91dca226215cd80e348
commit 65c8daedb68b74eae860f91dca226215cd80e348
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Feb 27 09:43:51 2014 -0600
PowerPC: Optimized isnan/isnanf for POWER8
This patch add a optimized isnan/isnanf implementation for POWER8
using the new Move From VSR Doubleword instruction to gains some
cycles from FP to GRP register move.
Backport of 487972aea52004f604c2878c8c9d3e77670f2c32
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=55e71ccf31c29a7839344f03e0a7437ea0f5f211
commit 55e71ccf31c29a7839344f03e0a7437ea0f5f211
Author: Tulio Magno Quites Machado Filho <tuliom@linux.vnet.ibm.com>
Date: Fri Nov 15 07:44:20 2013 -0600
Partially revert commit 2663b74f8103a2a8a46b4896439b7a452480fc7c
This change is necessary in order to avoid the issue documented at
http://sourceware.org/ml/libc-alpha/2013-05/msg00350.html.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=fbed4f13980bf4ebd7df59b0e52bd2a16875f0db
commit fbed4f13980bf4ebd7df59b0e52bd2a16875f0db
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date: Fri Nov 15 07:42:33 2013 -0600
Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.
-----------------------------------------------------------------------
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (9 preceding siblings ...)
2015-02-23 14:23 ` cvs-commit at gcc dot gnu.org
@ 2015-02-23 15:02 ` cvs-commit at gcc dot gnu.org
2015-02-26 9:21 ` fweimer at redhat dot com
2015-07-21 3:17 ` vapier at gentoo dot org
12 siblings, 0 replies; 14+ messages in thread
From: cvs-commit at gcc dot gnu.org @ 2015-02-23 15:02 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
--- Comment #8 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".
The branch, ibm/2.16/master has been created
at 627eabb20f2b70faa3698e2c0124094c6d51af8e (commit)
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=627eabb20f2b70faa3698e2c0124094c6d51af8e
commit 627eabb20f2b70faa3698e2c0124094c6d51af8e
Author: Paul Pluzhnikov <ppluzhnikov@google.com>
Date: Fri Feb 6 00:30:42 2015 -0500
CVE-2015-1472: wscanf allocates too little memory
BZ #16618
Under certain conditions wscanf can allocate too little memory for the
to-be-scanned arguments and overflow the allocated buffer. The
implementation now correctly computes the required buffer size when
using malloc.
A regression test was added to tst-sscanf.
Conflicts:
ChangeLog
NEWS
stdio-common/tst-sscanf.c
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ec36394743c15fedca294219f2254b180c4e327c
commit ec36394743c15fedca294219f2254b180c4e327c
Author: Andreas Schwab <schwab@suse.de>
Date: Mon Jan 21 17:41:28 2013 +0100
Fix parsing of numeric hosts in gethostbyname_r
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=20ac5d44837b82c064dfabd3646ec1f4f6826263
commit 20ac5d44837b82c064dfabd3646ec1f4f6826263
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Mon Nov 19 13:01:43 2012 +0530
Return EAI_SYSTEM if we're out of file descriptors
Resolves BZ #14719.
Conflicts:
ChangeLog
NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=dfc25d72984eb5a3354e104612d0ca0129af3f98
commit dfc25d72984eb5a3354e104612d0ca0129af3f98
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Sep 25 13:43:04 2013 -0500
PowerPC: Fix POINTER_CHK_GUARD thread register for PPC64
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1442655ba419867ce1a045a97cdd7904ac1ad516
commit 1442655ba419867ce1a045a97cdd7904ac1ad516
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Jan 20 12:29:51 2014 -0600
PowerPC: Fix gettimeofday ifunc selection
The IFUNC selector for gettimeofday runs before _libc_vdso_platform_setup
where
__vdso_gettimeofday is set. The selector then sets __gettimeofday (the
internal
version used within GLIBC) to use the system call version instead of the
vDSO one.
This patch changes the check if vDSO is available to get its value directly
instead of rely on __vdso_gettimeofday.
This patch changes it by getting the vDSO value directly.
It fixes BZ#16431.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=1bdb6daceb10307543599df3b118afd2109d2ec8
commit 1bdb6daceb10307543599df3b118afd2109d2ec8
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Jan 16 06:53:18 2014 -0600
PowerPC: Fix ftime gettimeofday internal call returning bogus data
This patches fixes BZ#16430 by setting a different symbol for internal
GLIBC calls that points to ifunc resolvers. For PPC32, if the symbol
is defined as hidden (which is the case for gettimeofday and time) the
compiler will create local branches (symbol@local) and linker will not
create PLT calls (required for IFUNC). This will leads to internal symbol
calling the IFUNC resolver instead of the resolved symbol.
For PPC64 this behavior does not occur because a call to a function in
another translation unit might use a different toc pointer thus requiring
a PLT call.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=e3008132765936162552b15a77fe348c01074310
commit e3008132765936162552b15a77fe348c01074310
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Thu Nov 7 05:34:22 2013 -0600
PowerPC: Fix vDSO missing ODP entries
This patch fixes the vDSO symbol used directed in IFUNC resolver where
they do not have an associated ODP entry leading to undefined behavior
in some cases. It adds an artificial OPD static entry to such cases
and set its TOC to non 0 to avoid triggering lazy resolutions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6ff69e1eb81719ee907642f615cef889d5bf8b2c
commit 6ff69e1eb81719ee907642f615cef889d5bf8b2c
Author: Carlos O'Donell <carlos@redhat.com>
Date: Wed Nov 19 11:44:12 2014 -0500
CVE-2014-7817: wordexp fails to honour WRDE_NOCMD.
The function wordexp() fails to properly handle the WRDE_NOCMD
flag when processing arithmetic inputs in the form of "$((... ``))"
where "..." can be anything valid. The backticks in the arithmetic
epxression are evaluated by in a shell even if WRDE_NOCMD forbade
command substitution. This allows an attacker to attempt to pass
dangerous commands via constructs of the above form, and bypass
the WRDE_NOCMD flag. This patch fixes this by checking for WRDE_NOCMD
in exec_comm(), the only place that can execute a shell. All other
checks for WRDE_NOCMD are superfluous and removed.
We expand the testsuite and add 3 new regression tests of roughly
the same form but with a couple of nested levels.
On top of the 3 new tests we add fork validation to the WRDE_NOCMD
testing. If any forks are detected during the execution of a wordexp()
call with WRDE_NOCMD, the test is marked as failed. This is slightly
heuristic since vfork might be used in the future, but it provides a
higher level of assurance that no shells were executed as part of
command substitution with WRDE_NOCMD in effect. In addition it doesn't
require libpthread or libdl, instead we use the public implementation
namespace function __register_atfork (already part of the public ABI
for libpthread).
Tested on x86_64 with no regressions.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3ded3d365f0237e92e8af90c878b233f265d7b4a
commit 3ded3d365f0237e92e8af90c878b233f265d7b4a
Author: Allan McRae <allan@archlinux.org>
Date: Thu Dec 18 11:01:43 2014 +1000
Label CVE-2014-9402 in NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7093fd0fedd8a0b4ed5b01347e3798219ba22ec
commit c7093fd0fedd8a0b4ed5b01347e3798219ba22ec
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon Dec 15 17:41:13 2014 +0100
Avoid infinite loop in nss_dns getnetbyname [BZ #17630]
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c9b43ec3890d5c750a5127a543a55cd94aa73c94
commit c9b43ec3890d5c750a5127a543a55cd94aa73c94
Author: Jeff Law <law@redhat.com>
Date: Mon Dec 15 10:09:32 2014 +0100
CVE-2012-3406: Stack overflow in vfprintf [BZ #16617]
A larger number of format specifiers coudld cause a stack overflow,
potentially allowing to bypass _FORTIFY_SOURCE format string
protection.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b6ac4b1093333f364698ca3bb812c80b11c2f77
commit 3b6ac4b1093333f364698ca3bb812c80b11c2f77
Author: Allan McRae <allan@archlinux.org>
Date: Sat Jun 21 17:23:55 2014 +1000
Mention CVE-2014-4043 in NEWS
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f7865ec21e8ad32929509796497fa3b44c3ef826
commit f7865ec21e8ad32929509796497fa3b44c3ef826
Author: Florian Weimer <fweimer@redhat.com>
Date: Thu Jan 15 15:16:54 2015 -0500
posix_spawn_file_actions_addopen needs to copy the path argument (BZ 17048)
POSIX requires that we make a copy, so we allocate a new string
and free it in posix_spawn_file_actions_destroy.
Reported by David Reid, Alex Gaynor, and Glyph Lefkowitz. This bug
may have security implications.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c7a91d241b095855e06e0bd00287968df2f6d87e
commit c7a91d241b095855e06e0bd00287968df2f6d87e
Author: Florian Weimer <fweimer@redhat.com>
Date: Mon May 12 15:24:12 2014 +0200
_nl_find_locale: Improve handling of crafted locale names [BZ #17137]
Prevent directory traversal in locale-related environment variables
(CVE-2014-0475).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=588b214bc7fa3e54d6b679ed4b755e6d1310e61d
commit 588b214bc7fa3e54d6b679ed4b755e6d1310e61d
Author: Florian Weimer <fweimer@redhat.com>
Date: Tue Aug 26 19:38:59 2014 +0200
__gconv_translit_find: Disable function [BZ #17187]
This functionality has never worked correctly, and the implementation
contained a security vulnerability (CVE-2014-5119).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bd51e93f9305e37aa17e08dbdb86a2e146c09eff
commit bd51e93f9305e37aa17e08dbdb86a2e146c09eff
Author: Florian Weimer <fweimer@redhat.com>
Date: Wed Sep 3 19:45:43 2014 +0200
CVE-2014-6040: Crashes on invalid input in IBM gconv modules [BZ #17325]
These changes are based on the fix for BZ #14134 in commit
6e230d11837f3ae7b375ea69d7905f0d18eb79e5.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=97ef0b2223e10fe3053494defd8a008d7dd9d6d8
commit 97ef0b2223e10fe3053494defd8a008d7dd9d6d8
Author: Will Newton <will.newton@linaro.org>
Date: Fri Sep 13 09:26:02 2013 +0100
Add CVE-2013-4332 to NEWS.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733
commit ccb8f6bab96cfcc7aedf5cd0d1946f26b028d733
Author: Will Newton <will.newton@linaro.org>
Date: Fri Aug 16 12:54:29 2013 +0100
malloc: Check for integer overflow in memalign.
A large bytes parameter to memalign could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15857]
* malloc/malloc.c (__libc_memalign): Check the value of bytes
does not overflow.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=f1292792799a507711ce24b497e40f8fea8f9c9c
commit f1292792799a507711ce24b497e40f8fea8f9c9c
Author: Will Newton <will.newton@linaro.org>
Date: Fri Aug 16 11:59:37 2013 +0100
malloc: Check for integer overflow in valloc.
A large bytes parameter to valloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15856]
* malloc/malloc.c (__libc_valloc): Check the value of bytes
does not overflow.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b1e934aed5170eb8948e0f3c6618c9431d6810ad
commit b1e934aed5170eb8948e0f3c6618c9431d6810ad
Author: Will Newton <will.newton@linaro.org>
Date: Mon Aug 12 15:08:02 2013 +0100
malloc: Check for integer overflow in pvalloc.
A large bytes parameter to pvalloc could cause an integer overflow
and corrupt allocator internals. Check the overflow does not occur
before continuing with the allocation.
ChangeLog:
2013-09-11 Will Newton <will.newton@linaro.org>
[BZ #15855]
* malloc/malloc.c (__libc_pvalloc): Check the value of bytes
does not overflow.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=bcd619797e785f90cc9fd67208267c26c8e4b40d
commit bcd619797e785f90cc9fd67208267c26c8e4b40d
Author: Florian Weimer <fweimer@redhat.com>
Date: Fri Aug 16 09:38:52 2013 +0200
CVE-2013-4237, BZ #14699: Buffer overflow in readdir_r
* sysdeps/posix/dirstream.h (struct __dirstream): Add errcode
member.
* sysdeps/posix/opendir.c (__alloc_dir): Initialize errcode
member.
* sysdeps/posix/rewinddir.c (rewinddir): Reset errcode member.
* sysdeps/posix/readdir_r.c (__READDIR_R): Enforce NAME_MAX limit.
Return delayed error code. Remove GETDENTS_64BIT_ALIGNED
conditional.
* sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c: Do not define
GETDENTS_64BIT_ALIGNED.
* sysdeps/unix/sysv/linux/i386/readdir64_r.c: Likewise.
* manual/filesys.texi (Reading/Closing Directory): Document
ENAMETOOLONG return value of readdir_r. Recommend readdir more
strongly.
* manual/conf.texi (Limits for Files): Add portability note to
NAME_MAX, PATH_MAX.
(Pathconf): Add portability note for _PC_NAME_MAX, _PC_PATH_MAX.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=6fd8e941423354e6c7a951d37a60d2f1424d568e
commit 6fd8e941423354e6c7a951d37a60d2f1424d568e
Author: Carlos O'Donell <carlos@redhat.com>
Date: Mon Sep 23 00:52:09 2013 -0400
BZ #15754: CVE-2013-4788
The pointer guard used for pointer mangling was not initialized for
static applications resulting in the security feature being disabled.
The pointer guard is now correctly initialized to a random value for
static applications. Existing static applications need to be
recompiled to take advantage of the fix.
The test tst-ptrguard1-static and tst-ptrguard1 add regression
coverage to ensure the pointer guards are sufficiently random
and initialized to a default value.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a243b1a0797180e142d525d1325a173c758c3714
commit a243b1a0797180e142d525d1325a173c758c3714
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Mon Sep 23 11:24:30 2013 +0530
Check for integer overflow in cache size computation in strcoll
strcoll is implemented using a cache for indices and weights of
collation sequences in the strings so that subsequent passes do not
have to search through collation data again. For very large string
inputs, the cache size computation could overflow. In such a case,
use the fallback function that does not cache indices and weights of
collation sequences.
Fixes CVE-2012-4412.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=c1132021659d22753104762a074d6339ae6cbd01
commit c1132021659d22753104762a074d6339ae6cbd01
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Mon Sep 23 11:20:02 2013 +0530
Fall back to non-cached sequence traversal and comparison on malloc fail
strcoll currently falls back to alloca if malloc fails, resulting in a
possible stack overflow. This patch implements sequence traversal and
comparison without caching indices and rules.
Fixes CVE-2012-4424.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2dc811b78adc97b5f5d951716df30053a24da1a1
commit 2dc811b78adc97b5f5d951716df30053a24da1a1
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Tue Aug 20 08:40:05 2013 +0530
Simplify strcoll implementation
Break up strcoll into simpler functions so that the logic is easier to
follow and maintain.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9b951f59aa3c2f2d58d398aab146951216f9ff8d
commit 9b951f59aa3c2f2d58d398aab146951216f9ff8d
Author: Siddhesh Poyarekar <siddhesh@redhat.com>
Date: Fri Oct 25 10:22:12 2013 +0530
Fix stack overflow due to large AF_INET6 requests
Resolves #16072 (CVE-2013-4458).
This patch fixes another stack overflow in getaddrinfo when it is
called with AF_INET6. The AF_UNSPEC case was fixed as CVE-2013-1914,
but the AF_INET6 case went undetected back then.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=302c61e2d3536a6ff99d518499771afd6a951b0c
commit 302c61e2d3536a6ff99d518499771afd6a951b0c
Author: Andreas Schwab <schwab@suse.de>
Date: Tue Jan 29 14:45:15 2013 +0100
Fix buffer overrun in regexp matcher
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=b7e0492e183efc24e5658c860ca5711e00524dd7
commit b7e0492e183efc24e5658c860ca5711e00524dd7
Author: Carlos O'Donell <carlos@redhat.com>
Date: Fri Jul 19 02:42:03 2013 -0400
CVE-2013-2207, BZ #15755: Disable pt_chown.
The helper binary pt_chown tricked into granting access to another
user's pseudo-terminal.
Pre-conditions for the attack:
* Attacker with local user account
* Kernel with FUSE support
* "user_allow_other" in /etc/fuse.conf
* Victim with allocated slave in /dev/pts
Using the setuid installed pt_chown and a weak check on whether a file
descriptor is a tty, an attacker could fake a pty check using FUSE and
trick pt_chown to grant ownership of a pty descriptor that the current
user does not own. It cannot access /dev/pts/ptmx however.
In most modern distributions pt_chown is not needed because devpts
is enabled by default. The fix for this CVE is to disable building
and using pt_chown by default. We still provide a configure option
to enable hte use of pt_chown but distributions do so at their own
risk.
Cherry-pick of e4608715e6e1dd2adc91982fd151d5ba4f761d69.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=02a002fe9c0b65532643a88b01253e95ba8ba8c6
commit 02a002fe9c0b65532643a88b01253e95ba8ba8c6
Author: Jeff Law <law@redhat.com>
Date: Wed Nov 28 14:12:28 2012 -0700
[BZ #14889]
* sunrpc/rpc/svc.h (__svc_accept_failed): New prototype.
* sunrpc/svc.c: Include time.h.
(__svc_accept_failed): New function.
* sunrpc/svc_tcp.c (rendezvous_request): If the accept fails for
any reason other than EINTR, call __svc_accept_failed.
* sunrpc/svc_udp.c (svcudp_recv): Similarly.
* sunrpc/svc_unix.c (rendezvous_request): Similarly.
Cherry-pick of 14bc93a967e62abf8cf2704725b6f76619399f83
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=3b498440aac70e994f32f45a31102964313af690
commit 3b498440aac70e994f32f45a31102964313af690
Author: Andreas Schwab <schwab@suse.de>
Date: Wed Nov 28 10:24:06 2012 +0100
Properly handle indirect functions in ABI check on powerpc64
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=8282b7f2aa6380e8a91515f748d4693d8151fc4f
commit 8282b7f2aa6380e8a91515f748d4693d8151fc4f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Fri Apr 26 13:00:56 2013 -0500
PowerPC: modf optimization fix
This patch fix the 3c0265394d9ffedff2b0de508602dc52e077ce5c commits
by correctly setting minimum architecture for modf PPC optimization
to power5+ instead of power5 (since only on power5+ round/ceil will
be inline to inline assembly).
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f
commit 17e599d2613c2a2e4cb6d5c3f9d5f626879aa63f
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Mar 25 16:10:06 2013 -0500
PowerPC: modf optimization
This patch implements modf/modff optimization for POWER by focus
on FP operations instead of relying in integer ones.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=60dc6d12c5c61b05013cb15f63349dd3d343f26d
commit 60dc6d12c5c61b05013cb15f63349dd3d343f26d
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Wed Mar 13 10:46:08 2013 -0300
PowerPC: Change sched_getcpu to use vDSO getcpu instead of syscall.
Backport of d5e0b9bd6e296f3ec5263fa296d39f3fed9b8fa2.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=cc328ae264f5b97d2811a95d84112bb1c6c7cae3
commit cc328ae264f5b97d2811a95d84112bb1c6c7cae3
Author: Adhemerval Zanella <azanella@linux.vnet.ibm.com>
Date: Mon Mar 4 22:02:41 2013 -0300
PowerPC: gettimeofday optimization by using IFUNC
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=36016f626e72f5d1cb6107deeab29768d82ff7e3
commit 36016f626e72f5d1cb6107deeab29768d82ff7e3
Merge: 4e1f97c 043c748
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date: Fri Mar 1 16:20:18 2013 -0600
Merge remote branch 'remotes/origin/release/2.16/master' into
local_ibm_2.16
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=4e1f97ccdcc257eba262667f7a3179a7d530330d
commit 4e1f97ccdcc257eba262667f7a3179a7d530330d
Author: Mike Frysinger <vapier@gentoo.org>
Date: Wed Nov 28 23:04:32 2012 -0500
byteswap.h: fix gcc ver test for __builtin_bswap{32,64}
The __builtin_bswap* functions were introduced in gcc-4.3, not gcc-4.2.
Fix the __GNUC_PREREQ tests to reflect this.
Otherwise trying to compile code with gcc-4.2 falls down:
In file included from /usr/include/endian.h:60,
from /usr/include/ctype.h:40,
/usr/include/bits/byteswap.h: In function 'unsigned int __bswap_32(unsigned
int)':
/usr/include/bits/byteswap.h:46: error: '__builtin_bswap32' was not
declared in this scope
/usr/include/bits/byteswap.h: In function 'long long unsigned int
__bswap_64(long long unsigned int)':
/usr/include/bits/byteswap.h:110: error: '__builtin_bswap64' was not
declared in this scope
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
(cherry picked from commit c9d6789ebe028a260d3e5be0c26b7d02fdfe99fe)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=025b233a88a30f5f0474ff2c6051313eb33e5689
commit 025b233a88a30f5f0474ff2c6051313eb33e5689
Author: Joseph Myers <joseph@codesourcery.com>
Date: Tue Nov 20 00:04:45 2012 +0000
Fix __bswap_64 return type in generic bits/byteswap.h.
(cherry picked from commit ecd4caf9783c99fb068a100c35899a0c3a3c6d98)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=2c739e2cffb65d80787cfa861f9f6c62de327ad6
commit 2c739e2cffb65d80787cfa861f9f6c62de327ad6
Author: H.J. Lu <hjl.tools@gmail.com>
Date: Fri Oct 12 09:21:47 2012 -0700
Use __uint64_t in x86 __bswap_64
(cherry picked from commit d394eb742a3565d7fe7a4b02710a60b5f219ee64)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=a24f8ac8e65b451efc81839dd653d0a0e95a23ab
commit a24f8ac8e65b451efc81839dd653d0a0e95a23ab
Author: Andreas Schwab <schwab@linux-m68k.org>
Date: Tue May 1 17:10:10 2012 +0200
Fix missing _mcount@GLIBC_2.0 on powerpc32
(cherry picked from commit 261f485936b283f4327fc1f2fc8fd1705d805c12)
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=94464655b576985fdd5f66f7f6126ee1f92a41cc
commit 94464655b576985fdd5f66f7f6126ee1f92a41cc
Author: Peter Bergner <bergner@vnet.ibm.com>
Date: Fri Jul 6 13:24:49 2012 -0500
Add AT_PLATFORM env variable to ld.so to override auxv AT_PLATFORM.
https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d846920271a0f4dc54c0dbbd56998228e75e776c
commit d846920271a0f4dc54c0dbbd56998228e75e776c
Author: Ryan S. Arnold <rsa@linux.vnet.ibm.com>
Date: Fri Jul 6 13:03:09 2012 -0500
Remove assert() if DT_RUNPATH and DT_RPATH flags are found in ld.so.
-----------------------------------------------------------------------
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (10 preceding siblings ...)
2015-02-23 15:02 ` cvs-commit at gcc dot gnu.org
@ 2015-02-26 9:21 ` fweimer at redhat dot com
2015-07-21 3:17 ` vapier at gentoo dot org
12 siblings, 0 replies; 14+ messages in thread
From: fweimer at redhat dot com @ 2015-02-26 9:21 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Florian Weimer <fweimer at redhat dot com> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://sourceware.org/bugz
| |illa/show_bug.cgi?id=13138
--- Comment #9 from Florian Weimer <fweimer at redhat dot com> ---
This vulnerability was introduced with the fix for bug 13138.
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread* [Bug stdio/16618] wscanf allocates too little memory (CVE-2015-1472, CVE-2015-1473)
2014-02-21 1:10 [Bug stdio/16618] New: wscanf allocates too little memory jsm28 at gcc dot gnu.org
` (11 preceding siblings ...)
2015-02-26 9:21 ` fweimer at redhat dot com
@ 2015-07-21 3:17 ` vapier at gentoo dot org
12 siblings, 0 replies; 14+ messages in thread
From: vapier at gentoo dot org @ 2015-07-21 3:17 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=16618
Mike Frysinger <vapier at gentoo dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
See Also| |https://bugs.gentoo.org/sho
| |w_bug.cgi?id=538814
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] 14+ messages in thread