From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.cs.ucla.edu (mail.cs.ucla.edu [131.179.128.66]) by sourceware.org (Postfix) with ESMTPS id 39984385DC1F for ; Thu, 1 Feb 2024 19:55:25 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 39984385DC1F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=cs.ucla.edu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=cs.ucla.edu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 39984385DC1F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=131.179.128.66 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706817327; cv=none; b=ecA6ijzV1l5fn58TfoxFrW9DXJqwCd/isPM7CGnCfH5FA/QglSLFyGVcRCDPxRnMhBYTVeBa1REelldvWw3yEQtwx3jEntwxcFKMArRcDtHsO/wxjihxLbLLO7exGm8RTCac5U0405zktNZ3LnxHF6BXoKoM4Q0nPI8m7OdsF+Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1706817327; c=relaxed/simple; bh=LLIrmkoZcOe8SSdb18lAfOnKaZEbe6EvLl0bQb09sic=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=Nm6k/ydyaQHb4JtyNtKouQyHRMgmYEPopScZFqcspEoQWhLAhqyidqLVxTHq/Km2ObgqrJTJc7BGE1Q/nBGdUk5p0sqS+zj/XNVDcf3btRSWGC9gRgIxP00krvqhRCRtj780x9wtc9zXnlhHdKVY2DFSG6MLsbbsgQ/5b3nwOIw= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 8CC173C01409F; Thu, 1 Feb 2024 11:55:23 -0800 (PST) Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10032) with ESMTP id SWHA6RQqJ7uX; Thu, 1 Feb 2024 11:55:23 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 3D0BF3C00E403; Thu, 1 Feb 2024 11:55:23 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.cs.ucla.edu 3D0BF3C00E403 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.ucla.edu; s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C; t=1706817323; bh=EsmkqJACfZUib6mWA3pOnPmLf2WqrgWraybp6jBaWa8=; h=Message-ID:Date:MIME-Version:To:From; b=IJWm+gg9rFxsD8mXA6fnh9pYW/5Tg9wmhNDPnoG2IO3IZWlDEl2SPbS7XolP4tFMq V/iuDPpmHOJn9xO5n3knBozmTzNR3RMZoY1uOj0dmY5dfYMTWBkP3JiClYyqP55QL1 msjJFxocAXNJIIu3lGug8sr2nB2JRt1H5Er/EIm/V4/P+5eDDXfqIIQmxDujVNnM4n 8uLUI8+AxzDaZBET21MOMnvgmyMgcLyJb0ojHkBXaUdchi959VNarokMLaeUG2JrYb YAflHA/2deVAsyomPNd9lA3jHfX5j44C93BVtd+vpNlQy3z2yUsqdFCgK5KaE8KgHR XV4tLmHIX9jqA== X-Virus-Scanned: amavis at mail.cs.ucla.edu Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10026) with ESMTP id hlROu29paM2k; Thu, 1 Feb 2024 11:55:23 -0800 (PST) Received: from [192.168.254.12] (unknown [47.148.192.211]) by mail.cs.ucla.edu (Postfix) with ESMTPSA id 0A3DE3C01409F; Thu, 1 Feb 2024 11:55:23 -0800 (PST) Content-Type: multipart/mixed; boundary="------------mNfW1QGmGtKsLnLnpamx0Yhi" Message-ID: <5ea9eabb-f047-490f-abe9-43630d79c395@cs.ucla.edu> Date: Thu, 1 Feb 2024 11:55:22 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: New GNU C Library (glibc) security flaw reported on 30 Jan 2024 Content-Language: en-US To: Vincent Lefevre , Xi Ruoyao , Adhemerval Zanella Netto , Turritopsis Dohrnii Teo En Ming , "libc-alpha@sourceware.org" , "ceo@teo-en-ming-corp.com" References: <20240131145555.GB2102@cventin.lip.ens-lyon.fr> <96521764f4636c9ea3f3089f369975c12fa8be77.camel@xry111.site> <20240201005155.GF3044@qaa.vinc17.org> <20240201090721.GH3044@qaa.vinc17.org> From: Paul Eggert Organization: UCLA Computer Science Department In-Reply-To: <20240201090721.GH3044@qaa.vinc17.org> X-Spam-Status: No, score=-8.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,GIT_PATCH_0,KAM_MANYTO,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: This is a multi-part message in MIME format. --------------mNfW1QGmGtKsLnLnpamx0Yhi Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit No matter what we do to the qsort implementation, the manual should avoid any confusion about qsorting NaNs. Proposed patch attached. --------------mNfW1QGmGtKsLnLnpamx0Yhi Content-Type: text/x-patch; charset=UTF-8; name="0001-stdlib-fix-qsort-example-in-manual.patch" Content-Disposition: attachment; filename="0001-stdlib-fix-qsort-example-in-manual.patch" Content-Transfer-Encoding: base64 RnJvbSA4ZmY3NGVmY2MxMWE3N2UyMjE4MDgyOTNlZDM5MGZhZjZkZWE4NmZlIE1vbiBTZXAg MTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBQYXVsIEVnZ2VydCA8ZWdnZXJ0QGNzLnVjbGEuZWR1 PgpEYXRlOiBUaHUsIDEgRmViIDIwMjQgMTE6NTI6NDYgLTA4MDAKU3ViamVjdDogW1BBVENI XSBzdGRsaWI6IGZpeCBxc29ydCBleGFtcGxlIGluIG1hbnVhbAoKKiBtYW51YWwvc2VhcmNo LnRleGkgKENvbXBhcmlzb24gRnVuY3Rpb25zLCBBcnJheSBTb3J0IEZ1bmN0aW9uKToKU29y dCBhbiBhcnJheSBvZiBsb25nIGludHMsIG5vdCBkb3VibGVzLCB0byBhdm9pZCBoYXNzbGVz CndpdGggTmFOcy4KLS0tCiBtYW51YWwvc2VhcmNoLnRleGkgfCAyMSArKysrKysrKysrKyst LS0tLS0tLS0KIDEgZmlsZSBjaGFuZ2VkLCAxMiBpbnNlcnRpb25zKCspLCA5IGRlbGV0aW9u cygtKQoKZGlmZiAtLWdpdCBhL21hbnVhbC9zZWFyY2gudGV4aSBiL21hbnVhbC9zZWFyY2gu dGV4aQppbmRleCBmZmFhZGM0NmY1Li5kYjU3N2E1MzMyIDEwMDY0NAotLS0gYS9tYW51YWwv c2VhcmNoLnRleGkKKysrIGIvbWFudWFsL3NlYXJjaC50ZXhpCkBAIC0zNSwxOSArMzUsMjIg QEAgc2Vjb25kLCB6ZXJvIGlmIHRoZXkgYXJlIGBgZXF1YWwnJywgYW5kIHBvc2l0aXZlIGlm IHRoZSBmaXJzdCBhcmd1bWVudAogaXMgYGBncmVhdGVyJycuCiAKIEhlcmUgaXMgYW4gZXhh bXBsZSBvZiBhIGNvbXBhcmlzb24gZnVuY3Rpb24gd2hpY2ggd29ya3Mgd2l0aCBhbiBhcnJh eSBvZgotbnVtYmVycyBvZiB0eXBlIEBjb2Rle2RvdWJsZX06CitudW1iZXJzIG9mIHR5cGUg QGNvZGV7bG9uZyBpbnR9OgogCiBAc21hbGxleGFtcGxlCiBpbnQKLWNvbXBhcmVfZG91Ymxl cyAoY29uc3Qgdm9pZCAqYSwgY29uc3Qgdm9pZCAqYikKK2NvbXBhcmVfbG9uZ19pbnRzIChj b25zdCB2b2lkICphLCBjb25zdCB2b2lkICpiKQogQHsKLSAgY29uc3QgZG91YmxlICpkYSA9 IChjb25zdCBkb3VibGUgKikgYTsKLSAgY29uc3QgZG91YmxlICpkYiA9IChjb25zdCBkb3Vi bGUgKikgYjsKKyAgY29uc3QgbG9uZyBpbnQgKmxhID0gYTsKKyAgY29uc3QgbG9uZyBpbnQg KmxiID0gYjsKIAotICByZXR1cm4gKCpkYSA+ICpkYikgLSAoKmRhIDwgKmRiKTsKKyAgcmV0 dXJuICgqbGEgPiAqbGIpIC0gKCpsYSA8ICpsYik7CiBAfQogQGVuZCBzbWFsbGV4YW1wbGUK IAorKFRoZSBjb2RlIHdvdWxkIGhhdmUgdG8gYmUgbW9yZSBjb21wbGljYXRlZCBmb3IgYW4g YXJyYXkgb2YgQGNvZGV7ZG91YmxlfSwKK3RvIGhhbmRsZSBOYU5zIGNvcnJlY3RseS4pCisK IFRoZSBoZWFkZXIgZmlsZSBAZmlsZXtzdGRsaWIuaH0gZGVmaW5lcyBhIG5hbWUgZm9yIHRo ZSBkYXRhIHR5cGUgb2YKIGNvbXBhcmlzb24gZnVuY3Rpb25zLiAgVGhpcyB0eXBlIGlzIGEg R05VIGV4dGVuc2lvbi4KIApAQCAtMTgzLDE2ICsxODYsMTYgQEAgaW4gdGhlIGFycmF5IGJl Zm9yZSBtYWtpbmcgc29tZSBjb21wYXJpc29ucy4gIFRoZSBvbmx5IHdheSB0byBwZXJmb3Jt CiBhIHN0YWJsZSBzb3J0IHdpdGggQGNvZGV7cXNvcnR9IGlzIHRvIGZpcnN0IGF1Z21lbnQg dGhlIG9iamVjdHMgd2l0aCBhCiBtb25vdG9uaWMgY291bnRlciBvZiBzb21lIGtpbmQuCiAK LUhlcmUgaXMgYSBzaW1wbGUgZXhhbXBsZSBvZiBzb3J0aW5nIGFuIGFycmF5IG9mIGRvdWJs ZXMgaW4gbnVtZXJpY2FsCitIZXJlIGlzIGEgc2ltcGxlIGV4YW1wbGUgb2Ygc29ydGluZyBh biBhcnJheSBvZiBAY29kZXtsb25nIGludH0gaW4gbnVtZXJpY2FsCiBvcmRlciwgdXNpbmcg dGhlIGNvbXBhcmlzb24gZnVuY3Rpb24gZGVmaW5lZCBhYm92ZSAoQHB4cmVme0NvbXBhcmlz b24KIEZ1bmN0aW9uc30pOgogCiBAc21hbGxleGFtcGxlCiBAewotICBkb3VibGUgKmFycmF5 OwotICBpbnQgc2l6ZTsKKyAgbG9uZyBpbnQgKmFycmF5OworICBzaXplX3Qgbm1lbWI7CiAg IEBkb3Rze30KLSAgcXNvcnQgKGFycmF5LCBzaXplLCBzaXplb2YgKGRvdWJsZSksIGNvbXBh cmVfZG91Ymxlcyk7CisgIHFzb3J0IChhcnJheSwgbm1lbWIsIHNpemVvZiAqYXJyYXksIGNv bXBhcmVfbG9uZ19pbnRzKTsKIEB9CiBAZW5kIHNtYWxsZXhhbXBsZQogCi0tIAoyLjQwLjEK Cg== --------------mNfW1QGmGtKsLnLnpamx0Yhi--