packages/glibc
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!824 [sync] PR-819: sync upstream patch

Browse Source 
From: @openeuler-sync-bot 
Reviewed-by: @liqingqing_1229 
Signed-off-by: @liqingqing_1229
This commit is contained in:
openeuler-ci-bot 2024-05-08 00:52:52 +00:00 committed by Gitee
commit 1c3cc8e3e4
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
3 changed files with 152 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch Normal file
View File

@ -0,0 +1,93 @@
From c00b984fcd53f679ca2dafcd1aee2c89836e6e73 Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Tue, 29 Aug 2023 08:28:31 +0200
Subject: [PATCH] nscd: Skip unusable entries in first pass in prune_cache (bug
30800)
Previously, if an entry was marked unusable for any reason, but had
not timed out yet, the assert would trigger.
One way to get into such state is if a data change is detected during
re-validation of an entry. This causes the entry to be marked as not
usable. If exits nscd soon after that, then the clock jumps
backwards, and nscd restarted, the cache re-validation run after
startup triggers the removed assert.
The change is more complicated than just the removal of the assert
because entries marked as not usable should be garbage-collected in
the second pass. To make this happen, it is necessary to update some
book-keeping data.
Reviewed-by: DJ Delorie <dj@redhat.com>
Conflict:NA
Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=c00b984fcd53f679ca2dafcd1aee2c89836e6e73
---
nscd/cache.c | 25 +++++++++++--------------
1 file changed, 11 insertions(+), 14 deletions(-)
diff --git a/nscd/cache.c b/nscd/cache.c
index 78b22697..ac5902ae 100644
--- a/nscd/cache.c
+++ b/nscd/cache.c
@@ -371,8 +371,11 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
serv2str[runp->type], str, dh->timeout);
}
- /* Check whether the entry timed out. */
- if (dh->timeout < now)
+ /* Check whether the entry timed out. Timed out entries
+ will be revalidated. For unusable records, it is still
+ necessary to record that the bucket needs to be scanned
+ again below. */
+ if (dh->timeout < now || !dh->usable)
{
/* This hash bucket could contain entries which need to
be looked at. */
@@ -384,7 +387,7 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
/* We only have to look at the data of the first entries
since the count information is kept in the data part
which is shared. */
- if (runp->first)
+ if (runp->first && dh->usable)
{
/* At this point there are two choices: we reload the
@@ -400,9 +403,6 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
{
/* Remove the value. */
dh->usable = false;
-
- /* We definitely have some garbage entries now. */
- any = true;
}
else
{
@@ -414,18 +414,15 @@ prune_cache (struct database_dyn *table, time_t now, int fd)
time_t timeout = readdfcts[runp->type] (table, runp, dh);
next_timeout = MIN (next_timeout, timeout);
-
- /* If the entry has been replaced, we might need
- cleanup. */
- any |= !dh->usable;
}
}
+
+ /* If the entry has been replaced, we might need cleanup. */
+ any |= !dh->usable;
}
else
- {
- assert (dh->usable);
- next_timeout = MIN (next_timeout, dh->timeout);
- }
+ /* Entry has not timed out and is usable. */
+ next_timeout = MIN (next_timeout, dh->timeout);
run = runp->next;
}
--
2.33.0

49
backport-Use-errval-not-errno-to-guide-cache-update.patch Normal file
View File

@ -0,0 +1,49 @@
From 2d472b48610f6a298d28035b683ab13e9afac4cb Mon Sep 17 00:00:00 2001
From: Florian Weimer <fweimer@redhat.com>
Date: Mon, 24 Jul 2023 15:12:26 +0200
Subject: [PATCH] nscd: Use errval, not errno to guide cache update (bug 30662)
The errno variable is potentially clobbered by the preceding
send call. It is not related to the to-be-cached information.
The parallel code in hstcache.c and servicescache.c already uses
errval.
Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org>
Conflict:NA
Reference:https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=2d472b48610f6a298d28035b683ab13e9afac4cb
---
nscd/grpcache.c | 2 +-
nscd/pwdcache.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/nscd/grpcache.c b/nscd/grpcache.c
index 457ca4d8..d18bcabe 100644
--- a/nscd/grpcache.c
+++ b/nscd/grpcache.c
@@ -117,7 +117,7 @@ cache_addgr (struct database_dyn *db, int fd, request_header *req,
/* If we have a transient error or cannot permanently store
the result, so be it. */
- if (errno == EAGAIN || __builtin_expect (db->negtimeout == 0, 0))
+ if (errval == EAGAIN || __glibc_unlikely (db->negtimeout == 0))
{
/* Mark the old entry as obsolete. */
if (dh != NULL)
diff --git a/nscd/pwdcache.c b/nscd/pwdcache.c
index dfafb526..409c5acd 100644
--- a/nscd/pwdcache.c
+++ b/nscd/pwdcache.c
@@ -123,7 +123,7 @@ cache_addpw (struct database_dyn *db, int fd, request_header *req,
/* If we have a transient error or cannot permanently store
the result, so be it. */
- if (errno == EAGAIN || __builtin_expect (db->negtimeout == 0, 0))
+ if (errval == EAGAIN || __glibc_unlikely (db->negtimeout == 0))
{
/* Mark the old entry as obsolete. */
if (dh != NULL)
--
2.33.0

11
glibc.spec
View File

@ -66,7 +66,7 @@
############################################################################## ##############################################################################
Name: glibc Name: glibc
Version: 2.34 Version: 2.34
Release: 148 Release: 149
Summary: The GNU libc libraries Summary: The GNU libc libraries
License: %{all_license} License: %{all_license}
URL: http://www.gnu.org/software/glibc/ URL: http://www.gnu.org/software/glibc/
@ -290,6 +290,8 @@ Patch203: backport-CVE-2024-33599-nscd-Stack-based-buffer-overflow-in-netgroup-c
Patch204: backport-CVE-2024-33600-nscd-Do-not-send-missing-not-found-response.patch Patch204: backport-CVE-2024-33600-nscd-Do-not-send-missing-not-found-response.patch
Patch205: backport-CVE-2024-33600-nscd-Avoid-null-pointer-crash-after-not-found-response.patch Patch205: backport-CVE-2024-33600-nscd-Avoid-null-pointer-crash-after-not-found-response.patch
Patch206: backport-CVE-2024-33601-CVE-2024-33602-nscd-Use-two-buffer-in-addgetnetgrentX.patch Patch206: backport-CVE-2024-33601-CVE-2024-33602-nscd-Use-two-buffer-in-addgetnetgrentX.patch
Patch207: backport-Use-errval-not-errno-to-guide-cache-update.patch
Patch208: backport-Skip-unusable-entries-in-first-pass-in-prune_cache.patch
Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch Patch9000: turn-default-value-of-x86_rep_stosb_threshold_form_2K_to_1M.patch
Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch Patch9001: delete-no-hard-link-to-avoid-all_language-package-to.patch
@ -1505,6 +1507,13 @@ fi
%endif %endif
%changelog %changelog
* Mon May 06 2024 chengyechun <chengyechun1@huaiwe.com> - 2.34-149
- Type:bugfix
- ID:
- SUG:NA
- DESC:nscd: Use errval, not errno to guide cache update
nsce :Skip unusable entries in first pass in prune_cache
* Mon Apr 29 2024 chengyechun <chengyechun1@huawei.com> - 2.34-148 * Mon Apr 29 2024 chengyechun <chengyechun1@huawei.com> - 2.34-148
- Type:CVE - Type:CVE
- ID:CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602 - ID:CVE-2024-33599 CVE-2024-33600 CVE-2024-33601 CVE-2024-33602