From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <SRS0=mmgu=JO=cs.ucla.edu=eggert@sourceware.org> Received: from mail.cs.ucla.edu (mail.cs.ucla.edu [131.179.128.66]) by sourceware.org (Postfix) with ESMTPS id 3319A3858CDB for <libc-alpha@sourceware.org>; Mon, 5 Feb 2024 00:58:52 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 3319A3858CDB Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=cs.ucla.edu Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=cs.ucla.edu ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 3319A3858CDB Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=131.179.128.66 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707094734; cv=none; b=ANfwX/nksQ5rP2qDsec/j10iVIonvozkS46lHzfVWG324ZxMmfyK+xmap/JPC0S4WrG23MljBmLStmE/umIF0CWZyblL6MgMFmAfndgTHjYAf+FSF+MS/s2OkFAlFih5xthH+UmfytlxstxFOgrQL+0b0exjKCeMNPTaJIIHEMk= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1707094734; c=relaxed/simple; bh=/X8MoESjQI9whe2e9oPLLkTejQ2OheEXphx3MPl49x0=; h=DKIM-Signature:Message-ID:Date:MIME-Version:Subject:To:From; b=NFabNBNa5I5pYC+IMCS78qOCKVEwN3BQbNZOWEI/0Cx3i0yv9AQP9amfbxiaEmyHJWfEYukVM6ddjp3ppd1xNZxEvY6a9SKEG14wKDIRkliZP+m9h3jlOJPEms6IjG7+yVRvNBW29On7xkY48Z3OTGQkAwV8hrQlhGcwDFTUM7Y= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 040523C011BD4; Sun, 4 Feb 2024 16:58:51 -0800 (PST) Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10032) with ESMTP id Ome6H6sexQs4; Sun, 4 Feb 2024 16:58:50 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by mail.cs.ucla.edu (Postfix) with ESMTP id 800533C011BD7; Sun, 4 Feb 2024 16:58:50 -0800 (PST) DKIM-Filter: OpenDKIM Filter v2.10.3 mail.cs.ucla.edu 800533C011BD7 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.ucla.edu; s=9D0B346E-2AEB-11ED-9476-E14B719DCE6C; t=1707094730; bh=VArtrrVROOIqXoErusRdaSJTafBwtNQhgUkPBmthZDk=; h=Message-ID:Date:MIME-Version:To:From; b=lFXtSzvSpFlChMzdLbr47FwfAhctLJvpcOhgC1VtvpEN5s4O+2Xq7uoiJaMfW3EAN L4wOBCcWw+pr1ipuQIkkeVGu7cM0JWN+uTY2rJ2CxpGQL79wGm2jqn48e7jXMDYE0N 15rk+5n6E5a8M2R0GZMp/UHa2GbK57s3HJIKd1A+GjDZaklbV4WZM16CmgJUu6577m Bj6LlNhFVs65fyxdflOQeOAvTW/N3V30zZ/ox7nbYcD43nQYDGd0GudAPKBRv60Sqb OfRQcGrxRKThl1Fn7WlGGyFyMa01I7dp+dp/vJeOignb3uNSgSYAkOZ7RDihbpIdqr ZYWJJtNPAmVOg== X-Virus-Scanned: amavis at mail.cs.ucla.edu Received: from mail.cs.ucla.edu ([127.0.0.1]) by localhost (mail.cs.ucla.edu [127.0.0.1]) (amavis, port 10026) with ESMTP id 7UxJt5JqtBJZ; Sun, 4 Feb 2024 16:58:50 -0800 (PST) Received: from [192.168.254.12] (unknown [47.148.192.211]) by mail.cs.ucla.edu (Postfix) with ESMTPSA id 495B13C011BD4; Sun, 4 Feb 2024 16:58:50 -0800 (PST) Content-Type: multipart/mixed; boundary="------------RO3EWXob4py2pD00Q1pHp3kZ" Message-ID: <ab59923f-7f95-41c2-b78b-4fc92973b45f@cs.ucla.edu> Date: Sun, 4 Feb 2024 16:58:49 -0800 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: New GNU C Library (glibc) security flaw reported on 30 Jan 2024 Content-Language: en-US To: Siddhesh Poyarekar <siddhesh@gotplt.org>, Vincent Lefevre <vincent@vinc17.net>, Xi Ruoyao <xry111@xry111.site>, Adhemerval Zanella Netto <adhemerval.zanella@linaro.org>, Turritopsis Dohrnii Teo En Ming <teo.en.ming@protonmail.com>, "libc-alpha@sourceware.org" <libc-alpha@sourceware.org>, "ceo@teo-en-ming-corp.com" <ceo@teo-en-ming-corp.com> References: <vCs-fh6jYIOa_9Ru0H0tlrhIOOu811b3JBhYJsT4tZsBJWVmBR06ttykt_pmw9clWd8zNsiSIShRyYjpq7muFtpVYBGfMvvhB3Kk8-AfUEE=@protonmail.com> <b6e0bf7d3e0376b37861226cb84e7eca190beb78.camel@xry111.site> <20240131145555.GB2102@cventin.lip.ens-lyon.fr> <c622583d-a7f5-45ad-8195-0d8238469823@linaro.org> <96521764f4636c9ea3f3089f369975c12fa8be77.camel@xry111.site> <20240201005155.GF3044@qaa.vinc17.org> <c3bb6b7ce260b36d3db627b3063e061369780264.camel@xry111.site> <20240201090721.GH3044@qaa.vinc17.org> <5ea9eabb-f047-490f-abe9-43630d79c395@cs.ucla.edu> <7234533a-c8dd-4114-aa64-d4af3b138a3a@gotplt.org> From: Paul Eggert <eggert@cs.ucla.edu> Organization: UCLA Computer Science Department In-Reply-To: <7234533a-c8dd-4114-aa64-d4af3b138a3a@gotplt.org> X-Spam-Status: No, score=-8.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,GIT_PATCH_0,KAM_MANYTO,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: <libc-alpha.sourceware.org> This is a multi-part message in MIME format. --------------RO3EWXob4py2pD00Q1pHp3kZ Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit While we're on the topic, I reviewed the glibc manual's description of qsort, bsearch and lfind and found other instances where the manual disagrees with POSIX or is otherwise obviously incorrect. Proposed patch attached. --------------RO3EWXob4py2pD00Q1pHp3kZ Content-Type: text/x-patch; charset=UTF-8; name="0001-Fix-bsearch-qsort-etc.-doc-to-match-POSIX-better.patch" Content-Disposition: attachment; filename*0="0001-Fix-bsearch-qsort-etc.-doc-to-match-POSIX-better.patch" Content-Transfer-Encoding: base64 RnJvbSA1MDA5M2IxY2I4ODU5ZmVjMGVlN2NlODMxYzZlZWM2ZDhhYTQzZWU5IE1vbiBTZXAg MTcgMDA6MDA6MDAgMjAwMQpGcm9tOiBQYXVsIEVnZ2VydCA8ZWdnZXJ0QGNzLnVjbGEuZWR1 PgpEYXRlOiBTdW4sIDQgRmViIDIwMjQgMTY6NTM6MjIgLTA4MDAKU3ViamVjdDogW1BBVENI XSBGaXggYnNlYXJjaCwgcXNvcnQgZXRjLiBkb2MgdG8gbWF0Y2ggUE9TSVggYmV0dGVyCk1J TUUtVmVyc2lvbjogMS4wCkNvbnRlbnQtVHlwZTogdGV4dC9wbGFpbjsgY2hhcnNldD1VVEYt OApDb250ZW50LVRyYW5zZmVyLUVuY29kaW5nOiA4Yml0CgoqIG1hbnVhbC9zZWFyY2gudGV4 aSAoQXJyYXkgU2VhcmNoIEZ1bmN0aW9uKToKQ29ycmVjdCB0aGUgc3RhdGVtZW50IGFib3V0 IGxmaW5k4oCZcyBtZWFuIHJ1bnRpbWU6Cml0IGlzIHByb3BvcnRpb25hbCB0byBhIG51bWJl ciAobm90IHRoYXQgbnVtYmVyKSwKYW5kIHRoaXMgaXMgdHJ1ZSBvbmx5IGlmIHJhbmRvbSBl bGVtZW50cyBhcmUgc2VhcmNoZWQgZm9yLgpSZWxheCB0aGUgY29uc3RyYWludCBvbiBic2Vh cmNo4oCZcyBhcnJheSBhcmd1bWVudDoKUE9TSVggc2F5cyBpdCBuZWVkIG5vdCBiZSBzb3J0 ZWQsIG9ubHkgcGFydGlhbGx5IHNvcnRlZC4KU2F5IHRoYXQgdGhlIGZpcnN0IGFyZyBwYXNz ZWQgdG8gYnNlYXJjaOKAmXMgY29tcGFyaXNvbiBmdW5jdGlvbgppcyB0aGUga2V5LCBhbmQg dGhlIHNlY29uZCBhcmcgaXMgYW4gYXJyYXkgZWxlbWVudCwgYXMKUE9TSVggcmVxdWlyZXMu ICBGb3IgYnNlYXJjaCBhbmQgcXNvcnQsIHNheSB0aGF0IHRoZQpjb21wYXJpc29uIGZ1bmN0 aW9uIHNob3VsZCBub3QgYWx0ZXIgdGhlIGFycmF5LCBhcyBQT1NJWApyZXF1aXJlcy4gIEZv ciBxc29ydCwgc2F5IHRoYXQgdGhlIGNvbXBhcmlzb24gZnVuY3Rpb24KbXVzdCBkZWZpbmUg YSB0b3RhbCBvcmRlciwgYXMgUE9TSVggcmVxdWlyZXMuCi0tLQogbWFudWFsL3NlYXJjaC50 ZXhpIHwgMjUgKysrKysrKysrKysrKysrLS0tLS0tLS0tLQogMSBmaWxlIGNoYW5nZWQsIDE1 IGluc2VydGlvbnMoKyksIDEwIGRlbGV0aW9ucygtKQoKZGlmZiAtLWdpdCBhL21hbnVhbC9z ZWFyY2gudGV4aSBiL21hbnVhbC9zZWFyY2gudGV4aQppbmRleCBkYjU3N2E1MzMyLi44ZWZi NzA2OTJkIDEwMDY0NAotLS0gYS9tYW51YWwvc2VhcmNoLnRleGkKKysrIGIvbWFudWFsL3Nl YXJjaC50ZXhpCkBAIC04NCw4ICs4NCw5IEBAIFRoZSByZXR1cm4gdmFsdWUgaXMgYSBwb2lu dGVyIHRvIHRoZSBtYXRjaGluZyBlbGVtZW50IGluIHRoZSBhcnJheQogc3RhcnRpbmcgYXQg QHZhcntiYXNlfSBpZiBpdCBpcyBmb3VuZC4gIElmIG5vIG1hdGNoaW5nIGVsZW1lbnQgaXMK IGF2YWlsYWJsZSBAY29kZXtOVUxMfSBpcyByZXR1cm5lZC4KIAotVGhlIG1lYW4gcnVudGlt ZSBvZiB0aGlzIGZ1bmN0aW9uIGlzIEBjb2RleypAdmFye25tZW1ifX0vMi4gIFRoaXMKLWZ1 bmN0aW9uIHNob3VsZCBvbmx5IGJlIHVzZWQgaWYgZWxlbWVudHMgb2Z0ZW4gZ2V0IGFkZGVk IHRvIG9yIGRlbGV0ZWQgZnJvbQorVGhlIG1lYW4gcnVudGltZSBvZiB0aGlzIGZ1bmN0aW9u IGlzIHByb3BvcnRpb25hbCB0byBAY29kZXsqQHZhcntubWVtYn0vMn0sCithc3N1bWluZyBy YW5kb20gZWxlbWVudHMgb2YgdGhlIGFycmF5IGFyZSBzZWFyY2hlZCBmb3IuICBUaGlzCitm dW5jdGlvbiBzaG91bGQgYmUgdXNlZCBvbmx5IGlmIGVsZW1lbnRzIG9mdGVuIGdldCBhZGRl ZCB0byBvciBkZWxldGVkIGZyb20KIHRoZSBhcnJheSBpbiB3aGljaCBjYXNlIGl0IG1pZ2h0 IG5vdCBiZSB1c2VmdWwgdG8gc29ydCB0aGUgYXJyYXkgYmVmb3JlCiBzZWFyY2hpbmcuCiBA ZW5kIGRlZnR5cGVmdW4KQEAgLTEyMiwyNCArMTIzLDI2IEBAIGJ5dGVzLiAgSWYgb25lIGlz IHN1cmUgdGhlIGVsZW1lbnQgaXMgaW4gdGhlIGFycmF5IGl0IGlzIGJldHRlciB0byB1c2UK IGNhbGxpbmcgQGNvZGV7bHNlYXJjaH0uCiBAZW5kIGRlZnR5cGVmdW4KIAotVG8gc2VhcmNo IGEgc29ydGVkIGFycmF5IGZvciBhbiBlbGVtZW50IG1hdGNoaW5nIHRoZSBrZXksIHVzZSB0 aGUKLUBjb2Rle2JzZWFyY2h9IGZ1bmN0aW9uLiAgVGhlIHByb3RvdHlwZSBmb3IgdGhpcyBm dW5jdGlvbiBpcyBpbgorVG8gc2VhcmNoIGEgc29ydGVkIG9yIHBhcnRpYWxseSBzb3J0ZWQg YXJyYXkgZm9yIGFuIGVsZW1lbnQgbWF0Y2hpbmcgdGhlIGtleSwKK3VzZSB0aGUgQGNvZGV7 YnNlYXJjaH0gZnVuY3Rpb24uICBUaGUgcHJvdG90eXBlIGZvciB0aGlzIGZ1bmN0aW9uIGlz IGluCiB0aGUgaGVhZGVyIGZpbGUgQGZpbGV7c3RkbGliLmh9LgogQHBpbmRleCBzdGRsaWIu aAogCiBAZGVmdHlwZWZ1biB7dm9pZCAqfSBic2VhcmNoIChjb25zdCB2b2lkICpAdmFye2tl eX0sIGNvbnN0IHZvaWQgKkB2YXJ7YXJyYXl9LCBzaXplX3QgQHZhcntjb3VudH0sIHNpemVf dCBAdmFye3NpemV9LCBjb21wYXJpc29uX2ZuX3QgQHZhcntjb21wYXJlfSkKIEBzdGFuZGFy ZHN7SVNPLCBzdGRsaWIuaH0KIEBzYWZldHl7QHByZWxpbXt9QG10c2FmZXt9QGFzc2FmZXt9 QGFjc2FmZXt9fQotVGhlIEBjb2Rle2JzZWFyY2h9IGZ1bmN0aW9uIHNlYXJjaGVzIHRoZSBz b3J0ZWQgYXJyYXkgQHZhcnthcnJheX0gZm9yIGFuIG9iamVjdAorVGhlIEBjb2Rle2JzZWFy Y2h9IGZ1bmN0aW9uIHNlYXJjaGVzIEB2YXJ7YXJyYXl9IGZvciBhbiBvYmplY3QKIHRoYXQg aXMgZXF1aXZhbGVudCB0byBAdmFye2tleX0uICBUaGUgYXJyYXkgY29udGFpbnMgQHZhcntj b3VudH0gZWxlbWVudHMsCiBlYWNoIG9mIHdoaWNoIGlzIG9mIHNpemUgQHZhcntzaXplfSBi eXRlcy4KIAogVGhlIEB2YXJ7Y29tcGFyZX0gZnVuY3Rpb24gaXMgdXNlZCB0byBwZXJmb3Jt IHRoZSBjb21wYXJpc29uLiAgVGhpcwotZnVuY3Rpb24gaXMgY2FsbGVkIHdpdGggdHdvIHBv aW50ZXIgYXJndW1lbnRzIGFuZCBzaG91bGQgcmV0dXJuIGFuCitmdW5jdGlvbiBpcyBjYWxs ZWQgd2l0aCBhcmd1bWVudHMgdGhhdCBwb2ludCB0byB0aGUga2V5IGFuZCB0byBhbgorYXJy YXkgZWxlbWVudCwgaW4gdGhhdCBvcmRlciwgYW5kIHNob3VsZCByZXR1cm4gYW4KIGludGVn ZXIgbGVzcyB0aGFuLCBlcXVhbCB0bywgb3IgZ3JlYXRlciB0aGFuIHplcm8gY29ycmVzcG9u ZGluZyB0bwotd2hldGhlciBpdHMgZmlyc3QgYXJndW1lbnQgaXMgY29uc2lkZXJlZCBsZXNz IHRoYW4sIGVxdWFsIHRvLCBvciBncmVhdGVyCi10aGFuIGl0cyBzZWNvbmQgYXJndW1lbnQu ICBUaGUgZWxlbWVudHMgb2YgdGhlIEB2YXJ7YXJyYXl9IG11c3QgYWxyZWFkeQotYmUgc29y dGVkIGluIGFzY2VuZGluZyBvcmRlciBhY2NvcmRpbmcgdG8gdGhpcyBjb21wYXJpc29uIGZ1 bmN0aW9uLgord2hldGhlciB0aGUga2V5IGlzIGNvbnNpZGVyZWQgbGVzcyB0aGFuLCBlcXVh bCB0bywgb3IgZ3JlYXRlciB0aGFuCit0aGUgYXJyYXkgZWxlbWVudC4gIFRoZSBmdW5jdGlv biBzaG91bGQgbm90IGFsdGVyIHRoZSBhcnJheSdzIGNvbnRlbnRzLgorVGhlIEB2YXJ7YXJy YXl9IG11c3QgY29uc2lzdCBvZiBhbGwgZWxlbWVudHMgdGhhdCBjb21wYXJlIGxlc3MgdGhh biwKK2VxdWFsIHRvLCBhbmQgZ3JlYXRlciB0aGFuIEB2YXJ7a2V5fSwgaW4gdGhhdCBvcmRl ci4KIAogVGhlIHJldHVybiB2YWx1ZSBpcyBhIHBvaW50ZXIgdG8gdGhlIG1hdGNoaW5nIGFy cmF5IGVsZW1lbnQsIG9yIGEgbnVsbAogcG9pbnRlciBpZiBubyBtYXRjaCBpcyBmb3VuZC4g IElmIHRoZSBhcnJheSBjb250YWlucyBtb3JlIHRoYW4gb25lIGVsZW1lbnQKQEAgLTE3MCw3 ICsxNzMsOSBAQCBUaGUgQHZhcntjb21wYXJlfSBmdW5jdGlvbiBpcyB1c2VkIHRvIHBlcmZv cm0gdGhlIGNvbXBhcmlzb24gb24gdGhlCiBhcnJheSBlbGVtZW50cy4gIFRoaXMgZnVuY3Rp b24gaXMgY2FsbGVkIHdpdGggdHdvIHBvaW50ZXIgYXJndW1lbnRzIGFuZAogc2hvdWxkIHJl dHVybiBhbiBpbnRlZ2VyIGxlc3MgdGhhbiwgZXF1YWwgdG8sIG9yIGdyZWF0ZXIgdGhhbiB6 ZXJvCiBjb3JyZXNwb25kaW5nIHRvIHdoZXRoZXIgaXRzIGZpcnN0IGFyZ3VtZW50IGlzIGNv bnNpZGVyZWQgbGVzcyB0aGFuLAotZXF1YWwgdG8sIG9yIGdyZWF0ZXIgdGhhbiBpdHMgc2Vj b25kIGFyZ3VtZW50LgorZXF1YWwgdG8sIG9yIGdyZWF0ZXIgdGhhbiBpdHMgc2Vjb25kIGFy Z3VtZW50LiAgVGhlIGZ1bmN0aW9uIHNob3VsZAorYmUgY29uc2lzdGVudCB3aXRoIGEgdG90 YWwgb3JkZXJpbmcgb24gdGhlIGFycmF5IGVsZW1lbnRzJyB2YWx1ZXMsCithbmQgc2hvdWxk IG5vdCBhbHRlciB0aGUgYXJyYXkncyBjb250ZW50cy4KIAogQGNpbmRleCBzdGFibGUgc29y dGluZwogQHN0cm9uZ3tXYXJuaW5nOn0gSWYgdHdvIG9iamVjdHMgY29tcGFyZSBhcyBlcXVh bCwgdGhlaXIgb3JkZXIgYWZ0ZXIKLS0gCjIuNDAuMQoK --------------RO3EWXob4py2pD00Q1pHp3kZ--