public inbox for libc-stable@sourceware.org
 help / color / mirror / Atom feed
From: Aurelien Jarno <aurelien@aurel32.net>
To: Rafal Luzynski <digitalfreak@lingonborough.com>
Cc: libc-stable@sourceware.org, Paul Eggert <eggert@cs.ucla.edu>
Subject: Re: [2.29 COMMITTED] regex: fix read overrun [BZ #24114]
Date: Tue, 01 Jan 2019 00:00:00 -0000	[thread overview]
Message-ID: <20190319120322.GA28833@aurel32.net> (raw)
In-Reply-To: <1004103621.41197.1552951132012@poczta.nazwa.pl>

[-- Attachment #1: Type: text/plain, Size: 1737 bytes --]

On 2019-03-19 00:18, Rafal Luzynski wrote:
> 16.03.2019 23:31 Aurelien Jarno <aurelien@aurel32.net> wrote:
> > [...]
> > diff --git a/ChangeLog b/ChangeLog
> > index 90558e434ce..fb88626efe1 100644
> > --- a/ChangeLog
> > +++ b/ChangeLog
> > @@ -1,3 +1,11 @@
> > +2019-01-31  Paul Eggert  <eggert@cs.ucla.edu>
> > +
> > +	regex: fix read overrun [BZ #24114]
> > +	Problem found by AddressSanitizer, reported by Hongxu Chen in:
> > +	https://debbugs.gnu.org/34140
> > +	* posix/regexec.c (proceed_next_node):
> > +	Do not read past end of input buffer.
> > +
> 
> As far as I know the date in the ChangeLog should be the date
> when the change was pushed to the git repository, not when the
> patch was authored.  In case of the stable branches it should be
> the date when it was pushed to the stable branch, not when it was
> pushed to master.  Shall we change this?

Thanks for pointing that out. It appears we do not have a clear process
about that, at least [1] doesn't say the date should be updated after a
cherry-pick, and it doesn't say the contrary either.

In practice looking at the glibc 2.28 branch (the 2.29 has very few
commit, and most of them backported immediately after being committed to
the master branch), it appears that both practices are common. I have
attached a patch fixing the commit dates to give an example of the
impact.

I think we should just decide a rule, fix the wrong entries if needed,
and apply it to new commits. On my side I am undecided what is the best
option.

Regards,
Aurelien

[1] https://sourceware.org/glibc/wiki/GlibcGit?Cherry_Pick_Changes_From_Another_Branch

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net

[-- Attachment #2: glibc-2.28-changelog-fix-date.patch --]
[-- Type: text/x-diff, Size: 13554 bytes --]

diff --git a/ChangeLog b/ChangeLog
index 5667d9262b..4b52e4754e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,4 @@
-2019-01-31  Paul Eggert  <eggert@cs.ucla.edu>
+2019-03-16  Paul Eggert  <eggert@cs.ucla.edu>
 
 	CVE-2019-9169
 	regex: fix read overrun [BZ #24114]
@@ -7,14 +7,14 @@
 	* posix/regexec.c (proceed_next_node):
 	Do not read past end of input buffer.
 
-2018-11-07  Andreas Schwab  <schwab@suse.de>
+2019-03-14  Andreas Schwab  <schwab@suse.de>
 
 	[BZ #23864]
 	* sysdeps/unix/sysv/linux/riscv/kernel-features.h
 	(__ASSUME_SET_ROBUST_LIST) [__LINUX_KERNEL_VERSION < 0x041400]:
 	Undef.
 
-2018-09-21  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
+2019-02-27  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
 
 	* NEWS: Add note about new TLE support on powerpc64le.
 	* sysdeps/powerpc/nptl/tcb-offsets.sym (TM_CAPABLE): Remove.
@@ -34,7 +34,7 @@
 	usage.
 	* sysdeps/unix/sysv/linux/powerpc/not-errno.h: Remove file.
 
-2019-01-13  Jim Wilson  <jimw@sifive.com>
+2019-02-19  Jim Wilson  <jimw@sifive.com>
 
 	[BZ #24040]
 	* elf/Makefile (CFLAGS-tst-unwind-main.c): Add -DUSE_PTHREADS=0.
@@ -48,7 +48,7 @@
 	* sysdeps/unix/sysv/linux/riscv/clone.S (__thread_start): Mark ra
 	as undefined.
 
-2019-01-31  Carlos O'Donell  <carlos@redhat.com>
+2019-02-17  Carlos O'Donell  <carlos@redhat.com>
 	    Torvald Riegel  <triegel@redhat.com>
 	    Rik Prohaska  <prohaska7@gmail.com>
 
@@ -91,7 +91,7 @@
 	* nscd/gai.c: Include <arpa/inet.h> and change visibility of
 	__inet_aton_exact.
 
-2019-01-21  Florian Weimer  <fweimer@redhat.com>
+2019-02-04  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #20018]
 	CVE-2016-10739
@@ -124,7 +124,7 @@
 	* resolv/tst-resolv-nondecimal.c: Likewise.
 	* sysdeps/posix/getaddrinfo.c (gaih_inet): Call __inet_aton_exact.
 
-2019-01-18  Florian Weimer  <fweimer@redhat.com>
+2019-02-04  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #24112]
 	resolv: Do not send queries for non-host-names in nss_dns.
@@ -133,7 +133,7 @@
 	(_nss_dns_gethostbyname_r): Likewise.
 	(_nss_dns_gethostbyname4_r): Likewise.
 
-2019-01-21  Florian Weimer  <fweimer@redhat.com>
+2019-02-04  Florian Weimer  <fweimer@redhat.com>
 
 	* resolv/inet_addr.c: Reformat to GNU style.
 	(__inet_addr, __inet_aton): Update comment.
@@ -250,7 +250,7 @@
 	* math/libm-test-fma.inc (fma_test_data): Set
 	XFAIL_ROUNDING_IBM128_LIBGCC to more tests.
 
-2019-01-07  Aurelien Jarno  <aurelien@aurel32.net>
+2019-01-08  Aurelien Jarno  <aurelien@aurel32.net>
 
 	[BZ #24024]
 	* Makeconfig: Build libm with -fno-math-errno but build the remaining
@@ -266,14 +266,14 @@
 	DIAG_PUSH_NEEDS_COMMENT, DIAG_IGNORE_NEEDS_COMMENT and
 	DIAG_POP_NEEDS_COMMENT to disable -Wmaybe-uninitialized.
 
-2019-01-02  Aurelien Jarno  <aurelien@aurel32.net>
+2019-01-03  Aurelien Jarno  <aurelien@aurel32.net>
 
 	[BZ #24034]
 	* sysdeps/unix/sysv/linux/arm/atomic-machine.h
 	(__arm_assisted_compare_and_exchange_val_32_acq): Use uint32_t rather
 	than __typeof (...) for the a_ptr variable.
 
-2018-12-31  H.J. Lu  <hongjiu.lu@intel.com>
+2019-01-03  H.J. Lu  <hongjiu.lu@intel.com>
 
 	[BZ #24022]
 	* sysdeps/unix/sysv/linux/riscv/flush-icache.c: Check if
@@ -285,7 +285,7 @@
 	* intl/dcigettext.c (DCIGETTEXT): Do not return NULL on asprintf
 	failure.
 
-2018-12-31  Florian Weimer  <fw@deneb.enyo.de>
+2019-01-01  Florian Weimer  <fw@deneb.enyo.de>
 
 	[BZ #24027]
 	* malloc/malloc.c (_int_realloc): Always call memcpy for the
@@ -296,7 +296,7 @@
 
 	* sysdeps/alpha/fpu/libm-test-ulps: Regenerated.
 
-2018-12-18  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
+2018-12-19  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
 	    James Clarke  <jrtc27@jrtc27.com>
 
 	[BZ #23967]
@@ -318,7 +318,7 @@
 	* sysdeps/unix/sysv/linux/s390/kernel_sigaction.h: Likewise.
 	* sysdeps/unix/sysv/linux/x86_64/sigaction.c: Likewise.
 
-2018-10-30  Andreas Schwab  <schwab@suse.de>
+2018-12-15  Andreas Schwab  <schwab@suse.de>
 
 	[BZ #23125]
 	* sysdeps/riscv/start.S (ENTRY_POINT): Mark ra as undefined.
@@ -342,7 +342,7 @@
 	* nptl/tst-rwlock-pwn.c: New file.
 	* nptl/Makefile (tests): Add tst-rwlock-pwn.
 
-2018-12-12  Tulio Magno Quites Machado Filho  <tuliom@linux.ibm.com>
+2018-12-13  Tulio Magno Quites Machado Filho  <tuliom@linux.ibm.com>
 
 	[BZ #23614]
 	* sysdeps/powerpc/powerpc64/addmul_1.S (FUNC): Add CFI offset for
@@ -350,20 +350,20 @@
 	* sysdeps/powerpc/powerpc64/lshift.S (__mpn_lshift): Likewise.
 	* sysdeps/powerpc/powerpc64/mul_1.S (__mpn_mul_1): Likewise.
 
-2018-12-07  DJ Delorie  <dj@redhat.com>
+2018-12-12  DJ Delorie  <dj@redhat.com>
 
 	[BZ #23907]
 	* malloc/tst-tcfree3.c: New.
 	* malloc/Makefile: Add it.
 
-2018-12-07  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #23927]
 	CVE-2018-19591
 	* inet/tst-if_index-long.c: New file.
 	* inet/Makefile (tests): Add tst-if_index-long.
 
-2018-12-07  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	* support/check.h (support_record_failure_is_failed): Declare.
 	* support/descriptors.h: New file.
@@ -374,18 +374,18 @@
 	* support/Makefile (libsupport-routines): Add support_descriptors.
 	(tests): Add tst-support_descriptors.
 
-2018-12-01  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	* support/support_capture_subprocess.c
 	(support_capture_subprocess): Check that pipe descriptors have
 	expected values.  Close original pipe descriptors in subprocess.
 
-2018-11-28  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	* support/support.h (support_quote_string): Do not use str
 	parameter name.
 
-2018-11-27  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	* support/support.h (support_quote_string): Declare.
 	* support/support_quote_string.c: New file.
@@ -404,7 +404,7 @@
 	* sysdeps/unix/sysv/linux/tst-readdir64-compat.c (do_test): Check
 	that d_off is never zero.
 
-2018-11-30  Tulio Magno Quites Machado Filho  <tuliom@linux.ibm.com>
+2018-12-07  Tulio Magno Quites Machado Filho  <tuliom@linux.ibm.com>
 
 	[BZ #23690]
 	* elf/dl-runtime.c (_dl_profile_fixup): Guarantee memory
@@ -419,7 +419,7 @@
 	* nptl/tst-audit-threads.c: Likewise.
 	* nptl/tst-audit-threads.h: Likewise.
 
-2018-11-26  Florian Weimer  <fweimer@redhat.com>
+2018-11-28  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #23907]
 	* malloc/malloc.c (_int_free): Validate tc_idx before checking for
@@ -439,7 +439,7 @@
 
 	* dlfcn/dlerror.c (check_free): Prevent double frees.
 
-2018-11-27  Florian Weimer  <fweimer@redhat.com>
+2018-12-12  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #23927]
 	CVE-2018-19591
@@ -453,23 +453,23 @@
 	(signal_handler): Use it to print the termination time and the
 	time of the last write to standard output.
 
-2018-10-09  Szabolcs Nagy  <szabolcs.nagy@arm.com>
+2018-11-19  Szabolcs Nagy  <szabolcs.nagy@arm.com>
 
 	* libio/tst-readline.c (TIMEOUT): Define.
 
-2018-10-22  Joseph Myers  <joseph@codesourcery.com>
+2018-11-09  Joseph Myers  <joseph@codesourcery.com>
 
 	* sysdeps/unix/sysv/linux/syscall-names.list: Update kernel
 	version to 4.19.
 
-2018-09-18  Paul Eggert  <eggert@cs.ucla.edu>
+2018-11-09  Paul Eggert  <eggert@cs.ucla.edu>
 
 	Fix tzfile low-memory assertion failure
 	[BZ #21716]
 	* time/tzfile.c (__tzfile_read): Check for memory exhaustion
 	when registering time zone abbreviations.
 
-2018-08-31  Paul Pluzhnikov  <ppluzhnikov@google.com>
+2018-11-09  Paul Pluzhnikov  <ppluzhnikov@google.com>
 
 	[BZ #20271]
 	* include/stdio.h (__libc_fatal): Mention newline in comment.
@@ -491,7 +491,7 @@
 	* sysdeps/unix/sysv/linux/netlink_assert_response.c
 	(__netlink_assert_response): Likewise.
 
-2018-08-28  Florian Weimer  <fweimer@redhat.com>
+2018-11-09  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #23520]
 	nscd: Fix use-after-free in addgetnetgrentX and its callers.
@@ -503,23 +503,23 @@
 	(addgetnetgrent): Call it.
 	(readdgetnetgrent): Likewise.
 
-2018-08-16  DJ Delorie  <dj@delorie.com>
+2018-11-09  DJ Delorie  <dj@delorie.com>
 
 	* malloc/malloc.c (_int_free): Check for corrupt prev_size vs size.
 	(malloc_consolidate): Likewise.
 
-2018-08-16  Pochang Chen  <johnchen902@gmail.com>
+2018-11-09  Pochang Chen  <johnchen902@gmail.com>
 
 	* malloc/malloc.c (_int_malloc.c): Verify size of top chunk.
 
-2018-08-13  Joseph Myers  <joseph@codesourcery.com>
+2018-11-09  Joseph Myers  <joseph@codesourcery.com>
 
 	* sysdeps/unix/sysv/linux/syscall-names.list: Update kernel
 	version to 4.18.
 	(io_pgetevents): New syscall.
 	(rseq): Likewise.
 
-2018-11-08  Alexandra Hájková  <ahajkova@redhat.com>
+2018-11-09  Alexandra Hájková  <ahajkova@redhat.com>
 
 	[BZ #17630]
 	* resolv/tst-resolv-network.c: Add test for getnetbyname.
@@ -534,33 +534,33 @@
 	* sysdeps/x86/link_map.h (l_cet): Expand to 3 bits,  Add
 	lc_unknown.
 
-2018-11-05  Andreas Schwab  <schwab@suse.de>
+2018-11-06  Andreas Schwab  <schwab@suse.de>
 
 	[BZ #22927]
 	* resolv/gai_misc.c (__gai_enqueue_request): Don't crash if
 	creating the first helper thread failed.
 
-2018-10-23  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
+2018-11-02  Adhemerval Zanella  <adhemerval.zanella@linaro.org>
 
 	[BZ #23709]
 	* sysdeps/x86/cpu-features.c (init_cpu_features): Set TSX bits
 	independently of other flags.
 
-2018-10-30  Florian Weimer  <fweimer@redhat.com>
+2018-11-02  Florian Weimer  <fweimer@redhat.com>
 
 	* stdlib/tst-strtod-overflow.c (do_test): Switch to
 	support_blob_repeat.
 
-2018-10-30  Florian Weimer  <fweimer@redhat.com>
+2018-11-02  Florian Weimer  <fweimer@redhat.com>
 
 	* support/blob_repeat.c (allocate_big): Call mkstemp directly.
 
-2018-10-30  Florian Weimer  <fweimer@redhat.com>
+2018-11-02  Florian Weimer  <fweimer@redhat.com>
 
 	* stdlib/test-bz22786.c (do_test): Additional free calls to avoid
 	memory leaks.
 
-2018-10-30  Florian Weimer  <fweimer@redhat.com>
+2018-11-02  Florian Weimer  <fweimer@redhat.com>
 
 	Avoid spurious test failures in stdlib/test-bz22786.
 	* support/Makefile (libsupport-routines): Add blob_repeat.
@@ -571,12 +571,12 @@
 	* stdlib/test-bz22786.c (do_test): Replace malloc and memset with
 	support_blob_repeat_allocate.
 
-2018-08-30  Stefan Liebler  <stli@linux.ibm.com>
+2018-11-02  Stefan Liebler  <stli@linux.ibm.com>
 
 	* stdlib/test-bz22786.c (do_test): Return EXIT_UNSUPPORTED
 	if malloc fails.
 
-2018-08-24  Paul Pluzhnikov  <ppluzhnikov@google.com>
+2018-11-02  Paul Pluzhnikov  <ppluzhnikov@google.com>
 
         [BZ #23400]
         * stdlib/test-bz22786.c (do_test): Fix undefined behavior, don't
@@ -589,7 +589,7 @@
 	* sysdeps/ia64/fpu/e_log2f.S (log2f): Likewise.
 	* sysdeps/ia64/fpu/e_exp2f.S (powf): Likewise.
 
-2018-10-25  Florian Weimer  <fweimer@redhat.com>
+2018-10-26  Florian Weimer  <fweimer@redhat.com>
 
 	[BZ #23562]
 	[BZ #23821]
@@ -602,13 +602,13 @@
 	sparc64.
 	* conform/data/sys/wait.h-data (siginfo_t): Likewise.
 
-2018-10-19  Ilya Yu. Malakhov  <malakhov@mcst.ru>
+2018-10-22  Ilya Yu. Malakhov  <malakhov@mcst.ru>
 
 	[BZ #23562]
 	* sysdeps/unix/sysv/linux/bits/types/siginfo_t.h
 	(struct siginfo_t): Use correct type for si_band.
 
-2018-10-17  Stefan Liebler  <stli@linux.ibm.com>
+2018-10-18  Stefan Liebler  <stli@linux.ibm.com>
 
 	[BZ #23275]
 	* nptl/tst-mutex10.c: New File.
@@ -685,7 +685,7 @@
 	(_start): Use ENTRY/END to insert ENDBR32 at entry when CET is
 	enabled.  Add cfi_undefined (eip).
 
-2018-09-19  Wilco Dijkstra  <wdijkstr@arm.com>
+2018-09-21  Wilco Dijkstra  <wdijkstr@arm.com>
 
 	[BZ #23637]
 	* string/test-strstr.c (pr23637): New function.
@@ -693,7 +693,7 @@
 	* string/strcasestr.c (AVAILABLE): Fix readahead distance.
 	* string/strstr.c (AVAILABLE): Likewise.
 
-2018-09-19  Carlos O'Donell  <carlos@redhat.com>
+2018-09-20  Carlos O'Donell  <carlos@redhat.com>
 
 	* stdlib/tst-setcontext9.c (f1): Rename to...
 	(f1a): ... this.
@@ -710,7 +710,7 @@
 	* sysdeps/unix/sysv/linux/gethostid.c (gethostid): Check for NULL
 	value from gethostbyname_r.
 
-2018-09-06  Stefan Liebler  <stli@linux.ibm.com>
+2018-09-10  Stefan Liebler  <stli@linux.ibm.com>
 
 	* sysdeps/unix/sysv/linux/spawni.c (maybe_script_execute):
 	Increment size of new_argv by one.
@@ -722,7 +722,7 @@
 	* posix/Makefile (tests): Add it.
 	(tst-regcomp-truncated.out): Depend on generated locales.
 
-2018-08-25  Paul Eggert  <eggert@cs.ucla.edu>
+2018-08-28  Paul Eggert  <eggert@cs.ucla.edu>
 
 	[BZ #23578]
 	regex: fix uninitialized memory access
@@ -745,7 +745,7 @@
 	Update r to include the set wake-request flag if waiters are
 	remaining after spinning.
 
-2018-08-03  DJ Delorie  <dj@redhat.com>
+2018-08-22  DJ Delorie  <dj@redhat.com>
 
 	* sysdeps/riscv/rvf/math_private.h (libc_feholdexcept_setround_riscv):
 	Move libc_fesetround_riscv after libc_feholdexcept_riscv.
@@ -770,7 +770,7 @@
 	* nscd/nscd_conf.c (nscd_parse_file): Deallocate old storage for
 	server_user, stat_user.
 
-2018-08-13  Florian Weimer  <fweimer@redhat.com>
+2018-08-14  Florian Weimer  <fweimer@redhat.com>
 
 	* misc/error.c (error): Add missing va_end call.
 	(error_at_line): Likewise.

  parent reply	other threads:[~2019-03-19 12:03 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-01  0:00 Aurelien Jarno
2019-01-01  0:00 ` [2.29 COMMITTED] Record CVE-2019-9169 in NEWS and ChangeLog " Aurelien Jarno
2019-01-01  0:00 ` [2.29 COMMITTED] regex: fix read overrun " Rafal Luzynski
2019-01-01  0:00   ` Paul Eggert
2019-01-01  0:00   ` Florian Weimer
2019-01-01  0:00     ` Rafal Luzynski
2019-01-01  0:00       ` Florian Weimer
2019-01-01  0:00   ` Aurelien Jarno [this message]
2019-01-01  0:00     ` Rafal Luzynski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190319120322.GA28833@aurel32.net \
    --to=aurelien@aurel32.net \
    --cc=digitalfreak@lingonborough.com \
    --cc=eggert@cs.ucla.edu \
    --cc=libc-stable@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).