[Buildroot] [PATCH 1/2] (e)glibc: add security patches for CVE-2014-6040
Gustavo Zacarias
gustavo at zacarias.com.ar
Thu Jan 8 20:45:38 UTC 2015
Fixes CVE-2014-6040 - crash in code page decoding functions (IBM933,
IBM935, IBM937, IBM939, IBM1364).
Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
---
.../glibc/2.18-svnr23787/0003-CVE-2014-6040.patch | 141 +++++++++++++++++++++
.../glibc/2.19-svnr25243/0002-CVE-2014-6040.patch | 141 +++++++++++++++++++++
package/glibc/2.19/0002-CVE-2014-6040.patch | 141 +++++++++++++++++++++
3 files changed, 423 insertions(+)
create mode 100644 package/glibc/2.18-svnr23787/0003-CVE-2014-6040.patch
create mode 100644 package/glibc/2.19-svnr25243/0002-CVE-2014-6040.patch
create mode 100644 package/glibc/2.19/0002-CVE-2014-6040.patch
diff --git a/package/glibc/2.18-svnr23787/0003-CVE-2014-6040.patch b/package/glibc/2.18-svnr23787/0003-CVE-2014-6040.patch
new file mode 100644
index 0000000..f447dcd
--- /dev/null
+++ b/package/glibc/2.18-svnr23787/0003-CVE-2014-6040.patch
@@ -0,0 +1,141 @@
+Backport from https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=41488498b6
+See https://bugzilla.redhat.com/show_bug.cgi?id=1135841
+
+Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
+
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm1364.c eglibc-2.19/libc/iconvdata/ibm1364.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm1364.c 2015-01-08 16:05:53.918823240 -0300
++++ eglibc-2.19/libc/iconvdata/ibm1364.c 2015-01-08 16:06:02.781555143 -0300
+@@ -220,7 +220,8 @@
+ ++rp2; \
+ \
+ uint32_t res; \
+- if (__builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
++ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = DB_TO_UCS4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm932.c eglibc-2.19/libc/iconvdata/ibm932.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm932.c 2015-01-08 16:05:53.910818967 -0300
++++ eglibc-2.19/libc/iconvdata/ibm932.c 2015-01-08 16:06:02.781555143 -0300
+@@ -73,11 +73,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm932db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm933.c eglibc-2.19/libc/iconvdata/ibm933.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm933.c 2015-01-08 16:05:53.917822706 -0300
++++ eglibc-2.19/libc/iconvdata/ibm933.c 2015-01-08 16:06:02.781555143 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm933db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm935.c eglibc-2.19/libc/iconvdata/ibm935.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm935.c 2015-01-08 16:05:53.921824843 -0300
++++ eglibc-2.19/libc/iconvdata/ibm935.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm935db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm937.c eglibc-2.19/libc/iconvdata/ibm937.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm937.c 2015-01-08 16:05:53.915821638 -0300
++++ eglibc-2.19/libc/iconvdata/ibm937.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm937db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm939.c eglibc-2.19/libc/iconvdata/ibm939.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm939.c 2015-01-08 16:05:53.917822706 -0300
++++ eglibc-2.19/libc/iconvdata/ibm939.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm939db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm943.c eglibc-2.19/libc/iconvdata/ibm943.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm943.c 2015-01-08 16:05:53.918823240 -0300
++++ eglibc-2.19/libc/iconvdata/ibm943.c 2015-01-08 16:06:02.782555677 -0300
+@@ -74,11 +74,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm943db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/Makefile eglibc-2.19/libc/iconvdata/Makefile
+--- eglibc-2.19.orig/libc/iconvdata/Makefile 2015-01-08 16:05:53.903815227 -0300
++++ eglibc-2.19/libc/iconvdata/Makefile 2015-01-08 16:06:02.782555677 -0300
+@@ -303,6 +303,7 @@
+ $(objpfx)iconv-test.out: run-iconv-test.sh $(objpfx)gconv-modules \
+ $(addprefix $(objpfx),$(modules.so)) \
+ $(common-objdir)/iconv/iconv_prog TESTS
++ iconv_modules="$(modules)" \
+ $(SHELL) $< $(common-objdir) '$(test-wrapper)' > $@
+
+ $(objpfx)tst-tables.out: tst-tables.sh $(objpfx)gconv-modules \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/run-iconv-test.sh eglibc-2.19/libc/iconvdata/run-iconv-test.sh
+--- eglibc-2.19.orig/libc/iconvdata/run-iconv-test.sh 2015-01-08 16:05:53.894810420 -0300
++++ eglibc-2.19/libc/iconvdata/run-iconv-test.sh 2015-01-08 16:06:02.782555677 -0300
+@@ -188,6 +188,24 @@
+
+ done < TESTS2
+
++# Check for crashes in decoders.
++printf '\016\377\377\377\377\377\377\377' > $temp1
++for from in $iconv_modules ; do
++ echo $ac_n "test decoder $from $ac_c"
++ PROG=`eval echo $ICONV`
++ if $PROG < $temp1 >/dev/null 2>&1 ; then
++ : # fall through
++ else
++ status=$?
++ if test $status -gt 1 ; then
++ echo "/FAILED"
++ failed=1
++ continue
++ fi
++ fi
++ echo "OK"
++done
++
+ exit $failed
+ # Local Variables:
+ # mode:shell-script
diff --git a/package/glibc/2.19-svnr25243/0002-CVE-2014-6040.patch b/package/glibc/2.19-svnr25243/0002-CVE-2014-6040.patch
new file mode 100644
index 0000000..f447dcd
--- /dev/null
+++ b/package/glibc/2.19-svnr25243/0002-CVE-2014-6040.patch
@@ -0,0 +1,141 @@
+Backport from https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=41488498b6
+See https://bugzilla.redhat.com/show_bug.cgi?id=1135841
+
+Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
+
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm1364.c eglibc-2.19/libc/iconvdata/ibm1364.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm1364.c 2015-01-08 16:05:53.918823240 -0300
++++ eglibc-2.19/libc/iconvdata/ibm1364.c 2015-01-08 16:06:02.781555143 -0300
+@@ -220,7 +220,8 @@
+ ++rp2; \
+ \
+ uint32_t res; \
+- if (__builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
++ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = DB_TO_UCS4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm932.c eglibc-2.19/libc/iconvdata/ibm932.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm932.c 2015-01-08 16:05:53.910818967 -0300
++++ eglibc-2.19/libc/iconvdata/ibm932.c 2015-01-08 16:06:02.781555143 -0300
+@@ -73,11 +73,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm932db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm933.c eglibc-2.19/libc/iconvdata/ibm933.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm933.c 2015-01-08 16:05:53.917822706 -0300
++++ eglibc-2.19/libc/iconvdata/ibm933.c 2015-01-08 16:06:02.781555143 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm933db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm935.c eglibc-2.19/libc/iconvdata/ibm935.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm935.c 2015-01-08 16:05:53.921824843 -0300
++++ eglibc-2.19/libc/iconvdata/ibm935.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm935db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm937.c eglibc-2.19/libc/iconvdata/ibm937.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm937.c 2015-01-08 16:05:53.915821638 -0300
++++ eglibc-2.19/libc/iconvdata/ibm937.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm937db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm939.c eglibc-2.19/libc/iconvdata/ibm939.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm939.c 2015-01-08 16:05:53.917822706 -0300
++++ eglibc-2.19/libc/iconvdata/ibm939.c 2015-01-08 16:06:02.782555677 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm939db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/ibm943.c eglibc-2.19/libc/iconvdata/ibm943.c
+--- eglibc-2.19.orig/libc/iconvdata/ibm943.c 2015-01-08 16:05:53.918823240 -0300
++++ eglibc-2.19/libc/iconvdata/ibm943.c 2015-01-08 16:06:02.782555677 -0300
+@@ -74,11 +74,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm943db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/Makefile eglibc-2.19/libc/iconvdata/Makefile
+--- eglibc-2.19.orig/libc/iconvdata/Makefile 2015-01-08 16:05:53.903815227 -0300
++++ eglibc-2.19/libc/iconvdata/Makefile 2015-01-08 16:06:02.782555677 -0300
+@@ -303,6 +303,7 @@
+ $(objpfx)iconv-test.out: run-iconv-test.sh $(objpfx)gconv-modules \
+ $(addprefix $(objpfx),$(modules.so)) \
+ $(common-objdir)/iconv/iconv_prog TESTS
++ iconv_modules="$(modules)" \
+ $(SHELL) $< $(common-objdir) '$(test-wrapper)' > $@
+
+ $(objpfx)tst-tables.out: tst-tables.sh $(objpfx)gconv-modules \
+diff -Nura eglibc-2.19.orig/libc/iconvdata/run-iconv-test.sh eglibc-2.19/libc/iconvdata/run-iconv-test.sh
+--- eglibc-2.19.orig/libc/iconvdata/run-iconv-test.sh 2015-01-08 16:05:53.894810420 -0300
++++ eglibc-2.19/libc/iconvdata/run-iconv-test.sh 2015-01-08 16:06:02.782555677 -0300
+@@ -188,6 +188,24 @@
+
+ done < TESTS2
+
++# Check for crashes in decoders.
++printf '\016\377\377\377\377\377\377\377' > $temp1
++for from in $iconv_modules ; do
++ echo $ac_n "test decoder $from $ac_c"
++ PROG=`eval echo $ICONV`
++ if $PROG < $temp1 >/dev/null 2>&1 ; then
++ : # fall through
++ else
++ status=$?
++ if test $status -gt 1 ; then
++ echo "/FAILED"
++ failed=1
++ continue
++ fi
++ fi
++ echo "OK"
++done
++
+ exit $failed
+ # Local Variables:
+ # mode:shell-script
diff --git a/package/glibc/2.19/0002-CVE-2014-6040.patch b/package/glibc/2.19/0002-CVE-2014-6040.patch
new file mode 100644
index 0000000..d107b32
--- /dev/null
+++ b/package/glibc/2.19/0002-CVE-2014-6040.patch
@@ -0,0 +1,141 @@
+Backport from https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=41488498b6
+See https://bugzilla.redhat.com/show_bug.cgi?id=1135841
+
+Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
+
+diff -Nura glibc-2.19.orig/iconvdata/ibm1364.c glibc-2.19/iconvdata/ibm1364.c
+--- glibc-2.19.orig/iconvdata/ibm1364.c 2015-01-08 16:02:54.370960818 -0300
++++ glibc-2.19/iconvdata/ibm1364.c 2015-01-08 16:02:57.607688939 -0300
+@@ -220,7 +220,8 @@
+ ++rp2; \
+ \
+ uint32_t res; \
+- if (__builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
++ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = DB_TO_UCS4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+ { \
+diff -Nura glibc-2.19.orig/iconvdata/ibm932.c glibc-2.19/iconvdata/ibm932.c
+--- glibc-2.19.orig/iconvdata/ibm932.c 2015-01-08 16:02:54.357953873 -0300
++++ glibc-2.19/iconvdata/ibm932.c 2015-01-08 16:02:57.608689473 -0300
+@@ -73,11 +73,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm932db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura glibc-2.19.orig/iconvdata/ibm933.c glibc-2.19/iconvdata/ibm933.c
+--- glibc-2.19.orig/iconvdata/ibm933.c 2015-01-08 16:02:54.369960284 -0300
++++ glibc-2.19/iconvdata/ibm933.c 2015-01-08 16:02:57.608689473 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm933db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura glibc-2.19.orig/iconvdata/ibm935.c glibc-2.19/iconvdata/ibm935.c
+--- glibc-2.19.orig/iconvdata/ibm935.c 2015-01-08 16:02:54.373962421 -0300
++++ glibc-2.19/iconvdata/ibm935.c 2015-01-08 16:02:57.608689473 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm935db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura glibc-2.19.orig/iconvdata/ibm937.c glibc-2.19/iconvdata/ibm937.c
+--- glibc-2.19.orig/iconvdata/ibm937.c 2015-01-08 16:02:54.368959749 -0300
++++ glibc-2.19/iconvdata/ibm937.c 2015-01-08 16:02:57.608689473 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm937db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura glibc-2.19.orig/iconvdata/ibm939.c glibc-2.19/iconvdata/ibm939.c
+--- glibc-2.19.orig/iconvdata/ibm939.c 2015-01-08 16:02:54.369960284 -0300
++++ glibc-2.19/iconvdata/ibm939.c 2015-01-08 16:02:57.609690007 -0300
+@@ -161,7 +161,7 @@
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
++ if (__builtin_expect (rp2->start == 0xffff, 0) \
+ || __builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm939db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, L'\1') == L'\0' && ch != '\0')) \
+diff -Nura glibc-2.19.orig/iconvdata/ibm943.c glibc-2.19/iconvdata/ibm943.c
+--- glibc-2.19.orig/iconvdata/ibm943.c 2015-01-08 16:02:54.370960818 -0300
++++ glibc-2.19/iconvdata/ibm943.c 2015-01-08 16:02:57.609690007 -0300
+@@ -74,11 +74,12 @@
+ } \
+ \
+ ch = (ch * 0x100) + inptr[1]; \
++ /* ch was less than 0xfd. */ \
++ assert (ch < 0xfd00); \
+ while (ch > rp2->end) \
+ ++rp2; \
+ \
+- if (__builtin_expect (rp2 == NULL, 0) \
+- || __builtin_expect (ch < rp2->start, 0) \
++ if (__builtin_expect (ch < rp2->start, 0) \
+ || (res = __ibm943db_to_ucs4[ch + rp2->idx], \
+ __builtin_expect (res, '\1') == 0 && ch !=0)) \
+ { \
+diff -Nura glibc-2.19.orig/iconvdata/Makefile glibc-2.19/iconvdata/Makefile
+--- glibc-2.19.orig/iconvdata/Makefile 2015-01-08 16:02:54.344946929 -0300
++++ glibc-2.19/iconvdata/Makefile 2015-01-08 16:03:21.748578005 -0300
+@@ -299,6 +299,7 @@
+ $(objpfx)iconv-test.out: run-iconv-test.sh $(objpfx)gconv-modules \
+ $(addprefix $(objpfx),$(modules.so)) \
+ $(common-objdir)/iconv/iconv_prog TESTS
++ iconv_modules="$(modules)" \
+ $(SHELL) $< $(common-objdir) '$(test-wrapper)' > $@
+
+ $(objpfx)tst-tables.out: tst-tables.sh $(objpfx)gconv-modules \
+diff -Nura glibc-2.19.orig/iconvdata/run-iconv-test.sh glibc-2.19/iconvdata/run-iconv-test.sh
+--- glibc-2.19.orig/iconvdata/run-iconv-test.sh 2015-01-08 16:02:54.322935176 -0300
++++ glibc-2.19/iconvdata/run-iconv-test.sh 2015-01-08 16:02:57.609690007 -0300
+@@ -188,6 +188,24 @@
+
+ done < TESTS2
+
++# Check for crashes in decoders.
++printf '\016\377\377\377\377\377\377\377' > $temp1
++for from in $iconv_modules ; do
++ echo $ac_n "test decoder $from $ac_c"
++ PROG=`eval echo $ICONV`
++ if $PROG < $temp1 >/dev/null 2>&1 ; then
++ : # fall through
++ else
++ status=$?
++ if test $status -gt 1 ; then
++ echo "/FAILED"
++ failed=1
++ continue
++ fi
++ fi
++ echo "OK"
++done
++
+ exit $failed
+ # Local Variables:
+ # mode:shell-script
--
2.0.5
More information about the buildroot
mailing list