Merge pull request #967 from stilor/fix-building-older-glibc

Fix building older glibc
2024-12-19 04:47:52 +00:00 · 2018-05-15 16:41:28 -07:00 · 2018-05-15 16:41:28 -07:00 · d274ab06fe
commit d274ab06fe
parent 844c83cac2 37ac0e8474
88 changed files with 4259 additions and 31 deletions
--- a/config/libc/glibc.in
+++ b/config/libc/glibc.in
@ -320,4 +320,16 @@ config GLIBC_MIN_KERNEL
    default LINUX_VERSION                 if GLIBC_KERNEL_VERSION_AS_HEADERS
    default GLIBC_MIN_KERNEL_VERSION      if GLIBC_KERNEL_VERSION_CHOSEN

+# All supported versions of glibc build cleanly with GCC7 and earlier.
+# GCC8-related fixes were only available in glibc 2.27.
+config GLIBC_ENABLE_WERROR
+    bool "Enable -Werror during the build"
+    default y if GCC_7_or_older
+    default y if GCC_8_or_later && GLIBC_2_27_or_later
+    help
+      By default, glibc enables strict warning checks during the build.
+      However, older version of glibc may not build with newer versions
+      of the compiler than there were available at the time of a glibc
+      release (because newer compilers typically have better diagnostics).
+
 endif # KERNEL_LINUX
--- a/packages/glibc-linaro/2.20-2014.11/0011-strftime-multiple-stmts.patch
+++ b/packages/glibc-linaro/2.20-2014.11/0011-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -738,12 +738,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc-linaro/2.20-2014.11/0012-if_nametoindex-size-check.patch
+++ b/packages/glibc-linaro/2.20-2014.11/0012-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc-linaro/2.20-2014.11/0013-utmp-nonstring.patch
+++ b/packages/glibc-linaro/2.20-2014.11/0013-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -393,6 +393,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc-linaro/2.20-2014.11/0014-getlogin_r-use-strnlen.patch
+++ b/packages/glibc-linaro/2.20-2014.11/0014-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc-linaro/2.20-2014.11/0015-zic.c-use-memcpy.patch
+++ b/packages/glibc-linaro/2.20-2014.11/0015-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1713,7 +1713,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.12.1/0045-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.12.1/0045-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -742,12 +742,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.12.1/0046-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.12.1/0046-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -54,6 +54,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.12.1/0047-utmp-nonstring.patch
+++ b/packages/glibc/2.12.1/0047-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -350,6 +350,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.12.1/0048-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.12.1/0048-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -83,7 +83,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -92,7 +92,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.12.1/0049-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.12.1/0049-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1648,7 +1648,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.12.2/0008-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.12.2/0008-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -742,12 +742,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.12.2/0009-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.12.2/0009-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -54,6 +54,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.12.2/0010-utmp-nonstring.patch
+++ b/packages/glibc/2.12.2/0010-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -350,6 +350,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.12.2/0011-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.12.2/0011-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -83,7 +83,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -92,7 +92,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.12.2/0012-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.12.2/0012-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1648,7 +1648,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.13/0044-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.13/0044-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -742,12 +742,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.13/0045-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.13/0045-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -54,6 +54,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.13/0046-utmp-nonstring.patch
+++ b/packages/glibc/2.13/0046-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -350,6 +350,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.13/0047-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.13/0047-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -83,7 +83,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -92,7 +92,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.13/0048-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.13/0048-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1648,7 +1648,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.14.1/0044-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.14.1/0044-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -742,12 +742,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.14.1/0045-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.14.1/0045-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -54,6 +54,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.14.1/0046-utmp-nonstring.patch
+++ b/packages/glibc/2.14.1/0046-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -350,6 +350,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.14.1/0047-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.14.1/0047-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -83,7 +83,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -92,7 +92,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.14.1/0048-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.14.1/0048-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1648,7 +1648,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.14/998-obstack-common.patch
+++ b/packages/glibc/2.14/998-obstack-common.patch
@ -1,30 +0,0 @@
-commit 39b1f6172a2f9ddc74a8f82d6e84dd13b22dbaf2
-Author: Peter Collingbourne <pcc@google.com>
-Date:   Wed May 15 20:28:08 2013 +0200
-
-    Move _obstack_compat out of common
-    
-    it is impossible to create an alias of a common symbol (as
-    compat_symbol does), because common symbols do not have a section or
-    an offset until linked.  GNU as tolerates aliases of common symbols by
-    simply creating another common symbol, but other assemblers (notably
-    LLVM's integrated assembler) are less tolerant.
-    
-    2013-05-15  Peter Collingbourne  <pcc@google.com>
-    
-            * malloc/obstack.c (_obstack_compat): Add initializer.
-    -
-
-diff --git a/malloc/obstack.c b/malloc/obstack.c
-index 25a90514f7..c3c7db4a96 100644
--- a/malloc/obstack.c
-+++ b/malloc/obstack.c
-@@ -115,7 +115,7 @@ int obstack_exit_failure = EXIT_FAILURE;
- /* A looong time ago (before 1994, anyway; we're not sure) this global variable
-    was used by non-GNU-C macros to avoid multiple evaluation.  The GNU C
-    library still exports it because somebody might use it.  */
-struct obstack *_obstack_compat;
-+struct obstack *_obstack_compat = 0;
- compat_symbol (libc, _obstack_compat, _obstack, GLIBC_2_0);
- #  endif
- # endif
--- a/packages/glibc/2.15/0045-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.15/0045-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -742,12 +742,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.15/0046-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.15/0046-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -54,6 +54,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.15/0047-utmp-nonstring.patch
+++ b/packages/glibc/2.15/0047-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -375,6 +375,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -61,10 +61,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.15/0048-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.15/0048-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -83,7 +83,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -92,7 +92,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.15/0049-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.15/0049-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1648,7 +1648,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.16.0/0037-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.16.0/0037-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -737,12 +737,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.16.0/0038-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.16.0/0038-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -44,6 +44,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.16.0/0039-utmp-nonstring.patch
+++ b/packages/glibc/2.16.0/0039-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -375,6 +375,15 @@
+ # define __glibc_unlikely(cond) (cond)
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -60,10 +60,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.16.0/0040-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.16.0/0040-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.16.0/0041-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.16.0/0041-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1695,7 +1695,7 @@
+ #define DO(field)	(void) fwrite((void *) tzh.field, \
+ 				(size_t) sizeof tzh.field, (size_t) 1, fp)
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.17/0013-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.17/0013-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -737,12 +737,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.17/0014-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.17/0014-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -44,6 +44,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.17/0015-utmp-nonstring.patch
+++ b/packages/glibc/2.17/0015-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -382,6 +382,15 @@
+ # define __glibc_unlikely(cond) (cond)
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -60,10 +60,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.17/0016-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.17/0016-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.17/0017-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.17/0017-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1609,7 +1609,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.18/0014-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.18/0014-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -737,12 +737,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.18/0015-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.18/0015-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -44,6 +44,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.18/0016-utmp-nonstring.patch
+++ b/packages/glibc/2.18/0016-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -382,6 +382,15 @@
+ # define __glibc_likely(cond)	(cond)
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.18/0017-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.18/0017-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.18/0018-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.18/0018-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1609,7 +1609,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = ZIC_VERSION;
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisgmtcnt);
+ 		convert(eitol(thistypecnt), tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.19/0012-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.19/0012-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -737,12 +737,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.19/0013-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.19/0013-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -44,6 +44,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.19/0014-utmp-nonstring.patch
+++ b/packages/glibc/2.19/0014-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -382,6 +382,15 @@
+ # define __glibc_likely(cond)	(cond)
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.19/0015-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.19/0015-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.19/0016-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.19/0016-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1676,7 +1676,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.20/0012-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.20/0012-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -738,12 +738,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.20/0013-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.20/0013-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.20/0014-utmp-nonstring.patch
+++ b/packages/glibc/2.20/0014-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -392,6 +392,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.20/0015-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.20/0015-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.20/0016-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.20/0016-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1713,7 +1713,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.21/0012-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.21/0012-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -738,12 +738,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.21/0013-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.21/0013-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.21/0014-utmp-nonstring.patch
+++ b/packages/glibc/2.21/0014-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -399,6 +399,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #include <bits/wordsize.h>
+ 
+ #if defined __LONG_DOUBLE_MATH_OPTIONAL && defined __NO_LONG_DOUBLE_MATH
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.21/0015-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.21/0015-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.21/0016-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.21/0016-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1713,7 +1713,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.22/0012-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.22/0012-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -738,12 +738,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.22/0013-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.22/0013-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.22/0014-utmp-nonstring.patch
+++ b/packages/glibc/2.22/0014-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -399,6 +399,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #if (!defined _Static_assert && !defined __cplusplus \
+      && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
+      && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.22/0015-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.22/0015-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -82,7 +82,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -91,7 +91,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.22/0016-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.22/0016-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1713,7 +1713,7 @@
+ 		}
+ #define DO(field)	((void) fwrite(tzh.field, sizeof tzh.field, 1, fp))
+ 		tzh = tzh0;
+-		(void) strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.23/0008-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.23/0008-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -715,12 +715,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.23/0009-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.23/0009-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.23/0010-utmp-nonstring.patch
+++ b/packages/glibc/2.23/0010-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -399,6 +399,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #if (!defined _Static_assert && !defined __cplusplus \
+      && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
+      && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.23/0011-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.23/0011-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -80,7 +80,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -89,7 +89,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.23/0012-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.23/0012-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1819,7 +1819,7 @@
+ 		}
+ #define DO(field)	fwrite(tzh.field, sizeof tzh.field, 1, fp)
+ 		tzh = tzh0;
+-		strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.24/0008-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.24/0008-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -715,12 +715,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.24/0009-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.24/0009-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.24/0010-utmp-nonstring.patch
+++ b/packages/glibc/2.24/0010-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -404,6 +404,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #if (!defined _Static_assert && !defined __cplusplus \
+      && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
+      && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.24/0011-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.24/0011-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -80,7 +80,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -89,7 +89,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.24/0012-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.24/0012-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1819,7 +1819,7 @@
+ 		}
+ #define DO(field)	fwrite(tzh.field, sizeof tzh.field, 1, fp)
+ 		tzh = tzh0;
+-		strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.25/0007-strftime-multiple-stmts.patch
+++ b/packages/glibc/2.25/0007-strftime-multiple-stmts.patch
@ -0,0 +1,73 @@
+commit e4043b84c49e1cf9bcf1e8320233343ecc34f8eb
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Tue Jun 27 17:12:13 2017 +0000
+
+    Fix strftime build with GCC 8.
+    
+    Building with current GCC mainline fails with:
+    
+    strftime_l.c: In function '__strftime_internal':
+    strftime_l.c:719:4: error: macro expands to multiple statements [-Werror=multistatement-macros]
+        digits = d > width ? d : width;          \
+        ^
+    strftime_l.c:1260:6: note: in expansion of macro 'DO_NUMBER'
+          DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+          ^~~~~~~~~
+    strftime_l.c:1259:4: note: some parts of macro expansion are not guarded by this 'else' clause
+        else
+        ^~~~
+    
+    In fact this particular instance is harmless; the code looks like:
+    
+              if (modifier == L_('O'))
+                goto bad_format;
+              else
+                DO_NUMBER (1, tp->tm_year + TM_YEAR_BASE);
+    
+    and because of the goto, it doesn't matter that part of the expansion
+    isn't under the "else" conditional.  But it's also clearly bad style
+    to rely on that.  This patch changes DO_NUMBER and DO_NUMBER_SPACEPAD
+    to use do { } while (0) to avoid such problems.
+    
+    Tested (full testsuite) for x86_64 (GCC 6), and with
+    build-many-glibcs.py with GCC mainline, in conjunction with my libgcc
+    patch <https://gcc.gnu.org/ml/gcc-patches/2017-06/msg02032.html>.
+    
+            * time/strftime_l.c (DO_NUMBER): Define using do { } while (0).
+            (DO_NUMBER_SPACEPAD): Likewise.
+
+---
+ time/strftime_l.c |   22 ++++++++++++++++------
+ 1 file changed, 16 insertions(+), 6 deletions(-)
+
+--- a/time/strftime_l.c
+++ b/time/strftime_l.c
+@@ -715,12 +715,22 @@
+       format_char = *f;
+       switch (format_char)
+ 	{
+-#define DO_NUMBER(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number
+-#define DO_NUMBER_SPACEPAD(d, v) \
+-	  digits = d > width ? d : width;				      \
+-	  number_value = v; goto do_number_spacepad
+#define DO_NUMBER(d, v)				\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number;			\
+	    }					\
+	  while (0)
+#define DO_NUMBER_SPACEPAD(d, v)		\
+	  do					\
+	    {					\
+	      digits = d > width ? d : width;	\
+	      number_value = v;			\
+	      goto do_number_spacepad;		\
+	    }					\
+	  while (0)
+ 
+ 	case L_('%'):
+ 	  if (modifier != 0)
--- a/packages/glibc/2.25/0008-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.25/0008-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.25/0009-utmp-nonstring.patch
+++ b/packages/glibc/2.25/0009-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -430,6 +430,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #if (!defined _Static_assert && !defined __cplusplus \
+      && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
+      && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.25/0010-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.25/0010-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -80,7 +80,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -89,7 +89,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.25/0011-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.25/0011-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1819,7 +1819,7 @@
+ 		}
+ #define DO(field)	fwrite(tzh.field, sizeof tzh.field, 1, fp)
+ 		tzh = tzh0;
+-		strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/2.26/0002-if_nametoindex-size-check.patch
+++ b/packages/glibc/2.26/0002-if_nametoindex-size-check.patch
@ -0,0 +1,29 @@
+commit 2180fee114b778515b3f560e5ff1e795282e60b0
+Author: Steve Ellcey <sellcey@caviumnetworks.com>
+Date:   Wed Nov 15 08:58:48 2017 -0800
+
+    Check length of ifname before copying it into to ifreq structure.
+    
+            [BZ #22442]
+            * sysdeps/unix/sysv/linux/if_index.c (__if_nametoindex):
+            Check if ifname is too long.
+
+---
+ sysdeps/unix/sysv/linux/if_index.c |    6 ++++++
+ 1 file changed, 6 insertions(+)
+
+--- a/sysdeps/unix/sysv/linux/if_index.c
+++ b/sysdeps/unix/sysv/linux/if_index.c
+@@ -43,6 +43,12 @@
+   if (fd < 0)
+     return 0;
+ 
+  if (strlen (ifname) >= IFNAMSIZ)
+    {
+      __set_errno (ENODEV);
+      return 0;
+    }
+
+   strncpy (ifr.ifr_name, ifname, sizeof (ifr.ifr_name));
+   if (__ioctl (fd, SIOCGIFINDEX, &ifr) < 0)
+     {
--- a/packages/glibc/2.26/0003-utmp-nonstring.patch
+++ b/packages/glibc/2.26/0003-utmp-nonstring.patch
@ -0,0 +1,80 @@
+commit 7532837d7b03b3ca5b9a63d77a5bd81dd23f3d9c
+Author: Martin Sebor <msebor@redhat.com>
+Date:   Wed Nov 15 17:39:59 2017 -0700
+
+    The -Wstringop-truncation option new in GCC 8 detects common misuses
+    of the strncat and strncpy function that may result in truncating
+    the copied string before the terminating NUL.  To avoid false positive
+    warnings for correct code that intentionally creates sequences of
+    characters that aren't guaranteed to be NUL-terminated, arrays that
+    are intended to store such sequences should be decorated with a new
+    nonstring attribute.  This change add this attribute to Glibc and
+    uses it to suppress such false positives.
+    
+    ChangeLog:
+            * misc/sys/cdefs.h (__attribute_nonstring__): New macro.
+            * sysdeps/gnu/bits/utmp.h (struct utmp): Use it.
+            * sysdeps/unix/sysv/linux/s390/bits/utmp.h (struct utmp): Same.
+
+---
+ misc/sys/cdefs.h                         |    9 +++++++++
+ sysdeps/gnu/bits/utmp.h                  |    9 ++++++---
+ sysdeps/unix/sysv/linux/s390/bits/utmp.h |    9 ++++++---
+ 3 files changed, 21 insertions(+), 6 deletions(-)
+
+--- a/misc/sys/cdefs.h
+++ b/misc/sys/cdefs.h
+@@ -408,6 +408,15 @@
+ # endif
+ #endif
+ 
+#if __GNUC_PREREQ (8, 0)
+/* Describes a char array whose address can safely be passed as the first
+   argument to strncpy and strncat, as the char array is not necessarily
+   a NUL-terminated string.  */
+# define __attribute_nonstring__ __attribute__ ((__nonstring__))
+#else
+# define __attribute_nonstring__
+#endif
+
+ #if (!defined _Static_assert && !defined __cplusplus \
+      && (defined __STDC_VERSION__ ? __STDC_VERSION__ : 0) < 201112 \
+      && (!__GNUC_PREREQ (4, 6) || defined __STRICT_ANSI__))
+--- a/sysdeps/gnu/bits/utmp.h
+++ b/sysdeps/gnu/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+    __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+    __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+    __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
+--- a/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+++ b/sysdeps/unix/sysv/linux/s390/bits/utmp.h
+@@ -59,10 +59,13 @@
+ {
+   short int ut_type;		/* Type of login.  */
+   pid_t ut_pid;			/* Process ID of login process.  */
+-  char ut_line[UT_LINESIZE];	/* Devicename.  */
+  char ut_line[UT_LINESIZE]
+     __attribute_nonstring__;	/* Devicename.  */
+   char ut_id[4];		/* Inittab ID.  */
+-  char ut_user[UT_NAMESIZE];	/* Username.  */
+-  char ut_host[UT_HOSTSIZE];	/* Hostname for remote login.  */
+  char ut_user[UT_NAMESIZE]
+     __attribute_nonstring__;	/* Username.  */
+  char ut_host[UT_HOSTSIZE]
+     __attribute_nonstring__;	/* Hostname for remote login.  */
+   struct exit_status ut_exit;	/* Exit status of a process marked
+ 				   as DEAD_PROCESS.  */
+ /* The ut_session and ut_tv fields must be the same size when compiled
--- a/packages/glibc/2.26/0004-getlogin_r-use-strnlen.patch
+++ b/packages/glibc/2.26/0004-getlogin_r-use-strnlen.patch
@ -0,0 +1,47 @@
+commit 4bae615022cb5a5da79ccda83cc6c9ba9f2d479c
+Author: Joseph Myers <joseph@codesourcery.com>
+Date:   Wed Nov 22 18:44:23 2017 +0000
+
+    Avoid use of strlen in getlogin_r (bug 22447).
+    
+    Building glibc with current mainline GCC fails, among other reasons,
+    because of an error for use of strlen on the nonstring ut_user field.
+    This patch changes the problem code in getlogin_r to use __strnlen
+    instead.  It also needs to set the trailing NUL byte of the result
+    explicitly, because of the case where ut_user does not have such a
+    trailing NUL byte (but the result should always have one).
+    
+    Tested for x86_64.  Also tested that, in conjunction with
+    <https://sourceware.org/ml/libc-alpha/2017-11/msg00797.html>, it fixes
+    the build for arm with mainline GCC.
+    
+            [BZ #22447]
+            * sysdeps/unix/getlogin_r.c (__getlogin_r): Use __strnlen not
+            strlen to compute length of ut_user and set trailing NUL byte of
+            result explicitly.
+
+---
+ sysdeps/unix/getlogin_r.c |    5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+
+--- a/sysdeps/unix/getlogin_r.c
+++ b/sysdeps/unix/getlogin_r.c
+@@ -80,7 +80,7 @@
+ 
+   if (result == 0)
+     {
+-      size_t needed = strlen (ut->ut_user) + 1;
+      size_t needed = __strnlen (ut->ut_user, UT_NAMESIZE) + 1;
+ 
+       if (needed > name_len)
+ 	{
+@@ -89,7 +89,8 @@
+ 	}
+       else
+ 	{
+-	  memcpy (name, ut->ut_user, needed);
+	  memcpy (name, ut->ut_user, needed - 1);
+	  name[needed - 1] = 0;
+ 	  result = 0;
+ 	}
+     }
--- a/packages/glibc/2.26/0005-zic.c-use-memcpy.patch
+++ b/packages/glibc/2.26/0005-zic.c-use-memcpy.patch
@ -0,0 +1,25 @@
+commit e69897bf202e18034cbef26f363bae64de70a196
+Author: Paul Eggert <eggert@cs.ucla.edu>
+Date:   Sun Nov 12 22:00:28 2017 -0800
+
+    timezone: pacify GCC -Wstringop-truncation
+    
+    Problem reported by Martin Sebor in:
+    https://sourceware.org/ml/libc-alpha/2017-11/msg00336.html
+    * timezone/zic.c (writezone): Use memcpy, not strncpy.
+
+---
+ timezone/zic.c |    2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+--- a/timezone/zic.c
+++ b/timezone/zic.c
+@@ -1949,7 +1949,7 @@
+ 		}
+ #define DO(field)	fwrite(tzh.field, sizeof tzh.field, 1, fp)
+ 		tzh = tzh0;
+-		strncpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+		memcpy(tzh.tzh_magic, TZ_MAGIC, sizeof tzh.tzh_magic);
+ 		tzh.tzh_version[0] = version;
+ 		convert(thistypecnt, tzh.tzh_ttisgmtcnt);
+ 		convert(thistypecnt, tzh.tzh_ttisstdcnt);
--- a/packages/glibc/package.desc
+++ b/packages/glibc/package.desc
@ -1,6 +1,6 @@
 origin='GNU'
 repository='git git://sourceware.org/git/glibc.git'
 mirrors='$(CT_Mirrors GNU glibc)'
-milestones='2.14 2.17 2.20 2.23 2.24 2.26'
+milestones='2.14 2.17 2.20 2.23 2.24 2.26 2.27'
 archive_formats='.tar.xz .tar.bz2 .tar.gz'
 signature_format='packed/.sig'
--- a/scripts/build/libc/glibc.sh
+++ b/scripts/build/libc/glibc.sh
@ -171,6 +171,7 @@ do_libc_backend_once() {
        *)  extra_config+=("--enable-add-ons=$(do_libc_add_ons_list ,)");;
    esac

+    [ "${CT_GLIBC_ENABLE_WERROR}" != "y" ] && extra_config+=("--disable-werror")
    [ -n "${CT_PKGVERSION}" ] && extra_config+=("--with-pkgversion=${CT_PKGVERSION}")
    [ -n "${CT_TOOLCHAIN_BUGURL}" ] && extra_config+=("--with-bugurl=${CT_TOOLCHAIN_BUGURL}")