Commit Graph

1268 Commits

Author SHA1 Message Date
Petr Štetiar
733a482733 musl: handle wcsnrtombs destination buffer overflow (CVE-2020-28928)
The wcsnrtombs function in all musl libc versions up through 1.2.1 has
been found to have multiple bugs in handling of destination buffer
size when limiting the input character count, which can lead to
infinite loop with no forward progress (no overflow) or writing past
the end of the destination buffera.

This function is not used internally in musl and is not widely used,
but does appear in some applications. The non-input-limiting form
wcsrtombs is not affected.

All users of musl 1.2.1 and prior versions should apply the attached
patch, which replaces the overly complex and erroneous implementation.
The upcoming 1.2.2 release will adopt this new implementation.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 4d4ef1058c)
2020-11-23 22:37:03 +01:00
Matthias Schiffer
83b714a27f
musl: fix locking synchronization bug
Import proposed upstream fix [2] for the critical locking
synchronization bug recently found in musl [1].

This affects all programs that are temporarily multithreaded, but then
return to single-threaded operation.

[1] https://www.openwall.com/lists/musl/2020/05/22/3
[2] https://www.openwall.com/lists/musl/2020/05/22/10

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 10c211031c)
2020-05-26 23:49:40 +02:00
Jeffery To
d2e87c7800 toolchain/gcc: Backport patch to fix unconditional MULTIARCH_DIRNAME
This backports the patch for GCC PR target/89587 (gcc's rs6000
configuration unconditionally sets MULTIARCH_DIRNAME, even when
multiarch is disabled).

This currently affects apm821xx and may cause issues when
cross-compiling packages, e.g. Python 3[1].

This includes patches for GCC 8 (with the changelog diff removed);
this change is already included in GCC 9.2 and 7.5.

[1]: https://github.com/openwrt/packages/issues/10552

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
[Removed patch for GCC 7.4.0, GCC 7.5.0 already contains this]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c102f702e7)
2019-12-23 00:31:20 +01:00
Yorkie Liu
a7d880e830 toolchain/gcc: correct the check expr for newer clang
This fixes gcc build error within clang 11.0, it tweaks the version
string from LLVM to clang.

Signed-off-by: Yorkie Liu <yorkiefixer@gmail.com>
(cherry picked from commit 65a561fd09)
2019-12-23 00:31:13 +01:00
Hans Dedecker
3959f11005 glibc: update to latest 2.27 commit (BZ #2503, BZ #2504)
bef0b1cb31 libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]
4d5cfeb510 rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204]
92f04eedb5 mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-14 14:06:33 +01:00
Alin Nastac
a50c2190d3 glibc: backport fix for regexec buffer read overrun
Problem found by AddressSanitizer[1]:

 Latest `grep` (git commit 1019e6e) compiled with asan may cause a
 heap-buffer-overflow when `-i` is specified.

     ./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt

 =================================================================
 ==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address

1. https://debbugs.gnu.org/34140

Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-12-14 14:06:22 +01:00
Hans Dedecker
929c6d733a glibc: update to latest 2.27 commit (BZ#23637)
5b4f7382af Add undef to fix test failure.
9456483fb2 Improve performance of memmem
373f8b06a3 Improve performance of strstr
4ec1b9e913 Fix strstr bug with huge needles (bug 23637)
ecd6271ed8 Speedup first memmem match
bba6b9288f Simplify and speedup strstr/strcasestr first match
7a4da6ef7a Improve strstr performance

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-14 14:06:03 +01:00
Hans Dedecker
e8e09c5893 glibc: update to latest 2.27 commit (BZ #24228, BZ #24744, BZ #24699)
5f0d2e0491 [AArch64] Add ifunc support for Ares
e6b7252040 aarch64,falkor: Use vector registers for memcpy
c74b884f70 aarch64,falkor: Ignore prefetcher tagging for smaller copies
0fc5934ebd aarch64/strncmp: Use lsr instead of mov+lsr
e0a0bd3acc aarch64/strncmp: Unbreak builds with old binutils
638caf3000 aarch64: Improve strncmp for mutually misaligned inputs
d5f45a29ff aarch64/strcmp: fix misaligned loop jump target
7f690fafad aarch64: Improve strcmp unaligned performance
40df047b3b aarch64: Fix branch target to loop16
062139f233 aarch64: Optimized memcmp for medium to large sizes
f3e2add213 aarch64: Use the L() macro for labels in memcmp
22bd3ab40e posix: Fix large mmap64 offset for mips64n32 (BZ#24699)
bdd16894aa aarch64: handle STO_AARCH64_VARIANT_PCS
0b48caab9a aarch64: add STO_AARCH64_VARIANT_PCS and DT_AARCH64_VARIANT_PCS
949da7f2fd io: Remove copy_file_range emulation [BZ #24744]
f056ac8363 libio: do not attempt to free wide buffers of legacy streams [BZ #24228]
5f90e009b1 NEWS: add entries for bugs 22964, 24180, and 24531

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-12-14 14:05:41 +01:00
Koen Vandeputte
dd284c6c57 toolchain/gcc: bump to 7.5.0
This updates the GCC to the next minor release which fixes +213 bugs.
Tested on ARMv6, ARMv7, MIPS R2, x86

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-11-19 15:02:22 +01:00
Koen Vandeputte
04c81498df toolchain/gdb: bump to 8.3.1
GDB 8.3.1 brings the following fixes and enhancements over GDB 8.3:

PR c++/20020 (GDB segfault on printing objects)
PR gdb/24454 (nat/x86-linux-dregs.c failed assertion)
PR breakpoints/24541 (Incorrect evaluation of systemtap probes due to register being signed and probe expression assuming unsigned)
PR symtab/24545 (Symbol loading performance regression with cc1)
PR gdb/24592 (amd64->i386 linux syscall restart problem)
PR gdb/25009 (terminate called after throwing an instance of 'srchilite::ParserException')
PR gdb/25010 (Calls to error () can cause SIGTTOU to send gdb to the background)
PR breakpoints/25011 (Breakpoints on file reloads broken for PIE binaries)

This corrective release also brings the following testsuite fixes and
enhancements:

PR testsuite/25005 (gdb-caching-proc.exp takes a lot of time on skip_opencl_tests)
PR testsuite/25016 (Test-case failures for -pie)

GDB 8.3 includes the following changes and enhancements:

* Support for new native configurations (also available as a target configuration):
     - RISC-V GNU/Linux (riscv*-*-linux*)
     - RISC-V FreeBSD (riscv*-*-freebsd*)

* Support for new target configurations:
     - CSKY ELF (csky*-*-elf)
     - CSKY GNU/Linux (csky*-*-linux)
     - NXP S12Z ELF (s12z-*-elf)
     - OpenRISC GNU/Linux (or1k*-*-linux*)

* Native Windows debugging is only supported on Windows XP or later.

* The Python API in GDB now requires Python 2.6 or later.

* GDB now supports terminal styling for the CLI and TUI.
  Source highlighting is also supported by building GDB with GNU
  Highlight.

* Experimental support for compilation and injection of C++ source
  code into the inferior (requires GCC 7.1 or higher, built with
  libcp1.so).

* GDB and GDBserver now support IPv6 connections.

* Target description support on RISC-V targets.

* Various enhancements to several commands:
     - "frame", "select-frame" and "info frame" commands
     - "info functions", "info types", "info variables"
     - "info thread"
     - "info proc"
     - System call alias catchpoint support on FreeBSD
     - "target remote" support for Unix Domain sockets.

* Support for displaying all files opened by a process

* DWARF index cache: GDB can now automatically save indices of DWARF
  symbols on disk to speed up further loading of the same binaries.

* Various GDB/MI enhancements.

* GDBserver on PowerPC GNU/Linux now supports access to the PPR,
  DSCR, TAR, EBB/PMU, and HTM registers.

* Ada task switching support when debugging programs built with
  the Ravenscar profile added to aarch64-elf.

* GDB in batch mode now exits with status 1 if the last executed
  command failed.

* Support for building GDB with GCC's Undefined Behavior Sanitizer.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 942f020bf4d0f49e4c5586a59ddf21c00e9d8bbe)
2019-10-15 16:13:06 +02:00
Koen Vandeputte
00f96dcddb toolchain/musl: bump to version 1.1.24
1.1.24 release notes

new features:
- GLOB_TILDE extension to glob
- non-stub catgets localization API, using netbsd binary catalog format
- posix_spawn file actions for [f]chdir (extension, pending future standard)
- secure_getenv function (extension)
- copy_file_range syscall wrapper (Linux extension)
- header-level support for new linux features in 5.2

performance:
- new fast path for lrint (generic C version) on 32-bit archs

major internal changes:
- functions involving time are overhauled to be time64-ready in 32-bit archs
- x32 uses the new time64 code paths to replace nasty hacks in syscall glue

compatibility & conformance:
- support for powerpc[64] unaligned relocation types
- powerpc[64] and sh sys/user.h no longer clash with kernel asm/ptrace.h
- select no longer modifies timeout on failure (or at all)
- mips64 stat results are no longer limited to 32-bit time range
- optreset (BSD extension) now has a public declaration
- support for clang inconsistencies in wchar_t type vs some 32-bit archs
- mips r6 syscall asm no longer has invalid lo/hi register clobbers
- vestigial asm declarations of __tls_get_new are removed (broke some tooling)
- riscv64 mcontext_t mismatch glibc's member naming is corrected

bugs fixed:
- glob failed to match broken symlinks consistently
- invalid use of interposed calloc to allocate initial TLS
- various dlsym symbol resolution logic errors
- semctl with SEM_STAT_ANY didn't work
- pthread_create with explicit scheduling was subject to priority inversion
- pthread_create failure path had data race for thread count
- timer_create with SIGEV_THREAD notification had data race getting timer id
- wide printf family failed to support l modifier for float formats

arch-specific bugs fixed:
- x87 floating point stack imbalance in math asm (i386-only CVE-2019-14697)
- x32 clock_adjtime, getrusage, wait3, wait4 produced junk (struct mismatches)
- lseek broken on x32 and mipsn32 with large file offsets
- riscv64 atomics weren't compiler barriers
- riscv64 atomics had broken asm constraints (missing earlyclobber flag)
- arm clone() was broken when compiled as thumb if start function returned
- mipsr6 setjmp/longjmp did not preserve fpu register state correctly

Refreshed all patches.
Removed upstreamed.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-10-15 16:13:06 +02:00
Hauke Mehrtens
930c141b69 toolchain: fix gcc depends on kernel headers
GCC needs the kernel headers to compile.
Some GCC file includes asm/unistd.h which is provided by the kernel headers.
Normally the kernel headers build is very fast and ready before the gcc uses
it, but if it clones the kernel from a slow git repository it takes longer
and then it could be that the gcc already wants to use the kernel headers
before they are available. This patch fixes this problem by adding the
missing dependency.

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit b20156ba70)
2019-09-04 13:35:53 +02:00
Kevin Darbyshire-Bryant
19a854fdb9 toolchain/fortify-headers: Update to 1.1
Update fortify-headers to 1.1

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit cbe08e6b56)
2019-09-04 13:33:29 +02:00
Hauke Mehrtens
b2cb6bb48a musl: Fix CVE-2019-14697
musl libc through 1.1.23 has an x87 floating-point stack adjustment
imbalance, related to the math/i386/ directory. In some cases, use of
this library could introduce out-of-bounds writes that are not present
in an application's source code.

This problem only affects x86 and no other architectures.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit c262daf308)
2019-08-18 23:59:23 +02:00
Luiz Angelo Daros de Luca
3b34fcaf94 musl: ldso/dlsym: fix mips returning undef dlsym
This happens only the second time a library is loaded by dlopen().
After lib1 is loaded, dlsym(lib1,"undef1") correctly resolves the undef
symbol from lib1 dependencies. After the second library is loaded,
dlsym(lib2,"undef1") was returning the address of "undef1" in lib2
instead of searching lib2 dependencies.

Using upstream fix which now uses the same logic for relocation time
and dlsym.

Fixes openwrt/packages#9297

Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 0d0617ff14)
2019-08-17 17:13:51 +02:00
Koen Vandeputte
19f768f691 toolchain/musl: bump to version 1.1.23
new features:
- riscv64 port
- configure now allows customizing AR and RANLIB vars
- header-level support for new linux features in 5.1

major internal changes:
- removed extern __syscall; syscall header code is now fully self-contained

performance:
- new math library implementation for log/exp/pow
- aarch64 dynamic tlsdesc function is streamlined

compatibility & conformance:
- O_TTY_INIT is now defined
- sys/types.h no longer pollutes namespace with sys/sysmacros.h in any profile
- powerpc asm is now compatible with clang internal assembler

changes for new POSIX interpretations:
- fgetwc now sets stream error indicator on encoding errors
- fmemopen no longer rejects 0 size

bugs fixed:
- static TLS for shared libraries was allocated wrong on "Variant I" archs
- crash in dladdr reading through uninitialized pointer on non-match
- sigaltstack wrongly errored out on invalid ss_size when doing SS_DISABLE
- getdents function misbehaved with buffer length larger than INT_MAX
- set*id could deadlock after fork from multithreaded process

arch-specfic bugs fixed:
- s390x SO_PEERSEC definition was wrong
- passing of 64-bit syscall arguments was broken on microblaze
- posix_fadvise was broken on mips due to missing 7-arg syscall support
- vrregset_t layout and member naming was wrong on powerpc64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-07-31 16:56:19 +02:00
Alexander Couzens
79948e9d61
replace links towards lede-project.org with openwrt.org
Modify VERSION_SUPPORT_URL VERSION_REPO
Replace BUGS variable in toolchain/gcc/common.mk

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2019-06-11 01:46:53 +02:00
Karl Pálsson
3b36aae9d5 toolchain: replace LEDE in help text
Use generic wording.

Signed-off-by: Karl Pálsson <karlp@etactica.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [fixed a -> á]
2019-06-10 11:31:52 +02:00
Hans Dedecker
f21c8577bb glibc: update to latest 2.27 commit (BZ #24531)
54ba8bcd423 Fix tcache count maximum (BZ #24531)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-23 14:17:21 +02:00
Hans Dedecker
5c742c86ef glibc: update to latest 2.27 commit
f9c3c12f336 Fix crash in _IO_wfile_sync (bug 20568)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-05-16 19:05:57 +02:00
Alexandru Ardelean
aecd0e09c9 toolchain/binutils: use default Host/Configure rule
This seems to have been omitted over-time.
Using the default Host/Configure seems to work fine.

The last patches to have touched this in a major way were ~10 years ago:
33a0eb3613 ("cosmetic & coherency fixes")
7eb1589875 ("build system refactoring in preparation for allowing
              packages to do host-build steps")

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
2019-05-11 23:10:10 +02:00
Daniel Golle
9cb3a3255e toolchain/nasm: update to version 2.14
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-05-11 01:30:00 +02:00
Hans Dedecker
6b5346e7ed glibc: update to latest 2.27 commit (BZ #18035)
1961e5c7296 elf: Fix pldd (BZ#18035)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-04-29 16:14:33 +02:00
Koen Vandeputte
82625374ee toolchain/musl: update to version 1.1.22
new features:
- priority-inheritance mutexes
- membarrier syscall, pre-registration to use it, fallback emulation
- header-level support for new linux features in 4.19, 4.20, 5.0

major internal changes:
- complete, async-safe view of all existent threads as global list
- robust __synccall based on new thread list
- new dynamic TLS is installed synchronously at dlopen
- TLSDESC resolver functions no longer make bad ABI assumptions to call C
- resolved shared library dependencies are now recorded

compatibility & conformance:
- dependency-order shared library constructor execution
- sigaltstack no longer rejects SS_AUTODISARM, future flags
- FILE is now a complete (dummy) type in pre-C11 feature profiles
- setvbuf reports failure on invalid arguments
- TSVTX is exposed unconditionally in tar.h
- multithreaded set*id() no longer depends on /proc
- key slot reuse after pthread_key_delete no longer depends on /proc

bugs fixed:
- failures in multithreaded set*id() with concurrent thread creation/exit
- interposed free was called from invalid/inconsistent contexts
- freeaddrinfo performed invalid free of some partial results lists
- dlsym dependency order search had false negatives and false positives
- dn_skipname gave wrong results for labels with 8-bit content
- dcngettext clobbered errno, often breaking printing of error messages
- sscanf read past end of buffer under certain conditions (1.1.21 regression)
- pthread_key_create spuriously failed under race condition (1.1.21 regression)
- fdopendir wrongly succeeded with O_PATH file descriptors
- gets behaved incorrectly in presence of null bytes
- namespace violations in c11 tsd and mutex function dependencies
- incorrect prototype for makecontext (unimplemented)

arch-specfic bugs fixed:
- s390x had wrong values for POSIX_FADV_DONTNEED/_NOREUSE

Extensively tested on dozens of devices, covering most popular architectures.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Dainis Jonitis <dainis.jonitis@ubnt.com>
Signed-off-by: Roman Yeryomin <roman@advem.lv>
2019-04-23 13:29:04 +02:00
Kevin Darbyshire-Bryant
13ffdf4482 toolchain/binutils: refresh patches
Fix hunk offset warnings.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2019-04-21 15:15:23 +01:00
Hans Dedecker
8f1cbef12e glibc: update to latest 2.27 commit [BZ #22964]
de9d4aa353 ja_JP locale: Add entry for the new Japanese era [BZ #22964]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-04-08 16:07:11 +02:00
Boris Krasnovskiy
4cf991bedb toolchain: ARM: Fix option conflict with multiarch
This problem exposed when compiling glibc, but applicable across the
board. gcc compiles runtime libraries for all supported architectures,
unless otherwise specified, and later selects applicable library based
-m[arch,cpu,*] options, thus these options should not be passed to gcc
as they break the compilation process.

Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[modified so it only touches ARM - I'm too chicken, changed authors email]
2019-03-25 21:19:05 +01:00
Boris Krasnovskiy
8dcc108760 toolchain: ARM: Fix toolchain compilation for gcc 8.x
Set the toolchain's ARM CPU and FPU architectures by utilizing' gcc's
--with-cpu / --with-fpu configure options that: "Specify which cpu
variant the compiler should generate code for by default. cpu will
be used as the default value of the -mcpu= switch."

This will resolve the following kernel compilation failures under
gcc 8.x on ARM because the kernel wants to set (possibly conflicting)
optimization flags.

.../ccyVnmrs.s:204: Error: selected processor does not support `dmb ish' in ARM mode
.../ccyVnmrs.s:215: Error: architectural extension `mp' is not allowed for the current base architecture
.../ccyVnmrs.s:216: Error: selected processor does not support `pldw [r4]' in ARM mode

Because this is a big change, the .config and toolchain need to be
refreshed (as in removed and regenerated).

Reported-by: Ansuel Smith <ansuelsmth@gmail.com>
Reported-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [#1203]
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [extended commit message,
removed now-deprecated CPU_CFLAGS, changed author to gmail address]
2019-03-25 21:15:58 +01:00
Hans Dedecker
076c11a3aa glibc: update to latest 2.27 commit
1ab314d8d3 S390: Mark vx and vxe as important hwcap.

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-03-22 10:57:05 +01:00
Daniel Engberg
8568dcd931 toolchain: Remove binutils 2.29 for ARC targets
Remove binutils 2.29 for ARC targets

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-03-20 18:23:39 +01:00
Daniel Engberg
da6ba853ce toolchain: Use binutils 2.32 by default for ARC
Use binutils 2.32 by default for ARC targets

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-03-20 18:23:39 +01:00
Daniel Engberg
075c76ea67 toolchain: Remove GCC 7.1 for ARC targets
Remove GCC 7.1 for ARC targets

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-03-20 18:23:39 +01:00
Daniel Engberg
343b36ffc7 toolchain: Use GCC 8.3.0 by default for ARC
Use GCC 8.3.0 by default for ARC targets
Includes a fix by Evgeniy Didin which fixes GCC version selection if
DEVEL isn't set

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-03-20 18:23:39 +01:00
Daniel Engberg
894a79d67b toolchain/binutils: Add binutils 2.32
Add binutils 2.32 to repo

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-02-26 23:20:04 +01:00
Daniel Engberg
40aec89b4c toolchain: Update to GCC 8.3.0
Update GCC to 8.3.0
Refresh patches
Allow GCC to be used for ARC
Source: https://github.com/openwrt/openwrt/pull/1803#issuecomment-462334890

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-02-26 23:20:04 +01:00
Daniel Engberg
700c0edc06 toolchain/gcc: Remove workaround for GCC 4.8
GCC 4.8 was removed a long time ago...

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-02-26 23:20:04 +01:00
Daniel Engberg
a0dfab220d toolchain/binutils: Remove 2.30
Remove binutils 2.30

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2019-02-17 19:22:39 +01:00
Hans Dedecker
e3311cb138 glibc: update to latest 2.27 commit [BZ #24180]
9f44fa22cb Add compiler barriers around modifications of the robust mutex list for pthread_mutex_trylock. [BZ #24180]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-02-09 21:07:16 +01:00
Christian Lamparter
917e6d772c toolchain/musl: update to version 1.1.21
<https://www.openwall.com/lists/musl/2019/01/21/8>
"This release makes improvements with respect to default thread stack
size, including increasing the default from 80k to 128k, increasing
the default guard size from 4k to 8k, and allowing the default to be
increased via ELF headers so that programs that need larger stacks can
be build without source-level changes, using just LDFLAGS.
Insufficient stack size for AIO threads on kernels that don't honor
the constant MINSIGSTKSZ is also fixed.

The glob core has been rewritten to fix inability to see past
searchable-but-unreadable path components, and to avoid excessive
stack usage and unnecessary syscalls. The tsearch AVL tree
implementation has also been rewritten for better size and
performance. The math library adds more native single-instruction
implementations for arm, s390x, powerpc, and x86_64.

Various bugs are fixed, including several possible deadlocks, one of
which was a new regression in 1.1.20."

detailed release notes can be found in the WHATSNEW file:
<http://git.musl-libc.org/cgit/musl/tree/WHATSNEW#n1989>

Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-02-05 19:35:40 +01:00
Hans Dedecker
420376ab50 glibc: update to latest 2.27 commit (BZ #24155,BZ #24097)
2ebadb6451 x86-64 memcmp: Use unsigned Jcc instructions on size [BZ #24155]
3a5ae8db68 x86-64 strnlen/wcsnlen: Properly handle the length parameter [BZ #24097]
2c016ffa24 x86-64 strncpy: Properly handle the length parameter [BZ #24097]
d8457edece x86-64 strncmp family: Properly handle the length parameter [BZ #24097]
55f8812858 x86-64 memset/wmemset: Properly handle the length parameter [BZ #24097]
efc3714845 x86-64 memrchr: Properly handle the length parameter [BZ #24097]
a4690969ed x86-64 memcpy: Properly handle the length parameter [BZ #24097]
6465327195 x86-64 memcmp/wmemcmp: Properly handle the length parameter [BZ #24097]
50117e00a1 x86-64 memchr/wmemchr: Properly handle the length parameter [BZ #24097]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-02-04 22:43:19 +01:00
Hans Dedecker
b88907e62a toolchain/gcc: backport FORTIFY patch to 5.5.0
Commit e61061a088 added support for hardening
options  in the toolchain. However this breaks the gcc5.5.0 compilation in
case FORTIFY_SOURCE is set different from FORTIFY_SOURCE_NONE as reported
in [1].
Fix this by backporting the upstream patch which fixes this in later gcc versions

[1] https://gcc.gnu.org/bugzilla/show_bug.cgi?format=multiple&id=61164

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-02-04 09:35:11 +01:00
protonesso
d018b55a18 update uClibc-ng from 1.0.30 to 1.0.31
Signed-off-by: protonesso <nagakamira@gmail.com>
2019-01-27 01:04:53 +01:00
Jo-Philipp Wich
ceb625439a musl: improve crypt() size hack
Instead of silently downgrading any non-MD5 crypt() request to DES,
cleanly fail with return NULL and errno = ENOSYS. This allows callers
to notice the missing support instead of the unwanted silent fallback
to DES.

Also add a menuconfig toolchain option to optionally disable the crypt
size hack completely. This can be probably made dependant on SMALL_FLASH
or a similar feature indicator in a future commit.

Ref: https://github.com/openwrt/openwrt/pull/1331
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-22 12:08:03 +01:00
Koen Vandeputte
4ef4ca4581 toolchain/gdb: bump to 8.2.1
PR build/23516 (gdb build error under msys+mingw: strip can't handle gdb-add-index.exe)
PR build/23623 (install-strip fails)
PR rust/23626 (gdb crashes in upstream rust nil-enum test)
PR rust/23650 (rust field name access error mentions "foo")
PR gdb/23663 (gdb 8.1.1: undefined rpl_stat function with musl toolchains)
PR python/23669 (gdb.execute("show commands") doesn't work)
PR python/23714 (Command repetition stops working after gdb.execute)
PR gdb/23838 (8.2 regression for invalid -data-directory)
PR gdb/23974 ("info os" crash when specifying invalid object)
PR gdb/23999 (SYMBOL_LANGUAGE assertion failure on AIX)
PR gdb/24003 (Error when binary searching CUs for a specific DIE when using DWZ)

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-01-07 17:09:06 +01:00
Hans Dedecker
b3664bc702 glibc: update to latest 2.27 commit (BZ #24018)
68c2930a56 NEWS: add entries for bugs 23275, 23861, and 23907
766e8fb932 intl: Do not return NULL on asprintf failure in gettext [BZ #24018]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-01-07 15:16:12 +01:00
Hans Dedecker
e9e63c5a9a glibc: update to latest 2.27 commit (BZ #24027, BZ #23927)
3981fc3453 malloc: Always call memcpy in _int_realloc [BZ #24027]
f6d0e8c36f Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
2794474c65 powerpc: Add missing CFI register information (bug #23614)
d8ca7a0c71 Fix _dl_profile_fixup data-dependency issue (Bug 23690)
f1e211096b inet/tst-if_index-long: New test case for CVE-2018-19591 [BZ #23927]
4e9f34e54f support: Implement <support/descriptors.h> to track file descriptors
e75481a7a7 support: Close original descriptors in support_capture_subprocess
0f79dc0be3 support_quote_string: Do not use str parameter name
6b2dd53aa0 support: Implement support_quote_string
50477165b9 malloc: Add another test for tcache double free check.
4b246928bd malloc: tcache double free check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-01-01 22:31:43 +01:00
Hauke Mehrtens
af1aa07b07 gcc: update to version 7.4.0
This updates the GCC to the next minor release which fixes 178 bugs.
The two removed patches are included in gcc 7.4.0

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2018-12-15 15:25:03 +01:00
Hans Dedecker
a969e96e47 glibc: update to latest 2.27 commit (BZ #23927)
f6d0e8c36f Fix rwlock stall with PREFER_WRITER_NONRECURSIVE_NP (bug 23861)
2794474c65 powerpc: Add missing CFI register information (bug #23614)
d8ca7a0c71 Fix _dl_profile_fixup data-dependency issue (Bug 23690)
f1e211096b inet/tst-if_index-long: New test case for CVE-2018-19591 [BZ #23927]
4e9f34e54f support: Implement <support/descriptors.h> to track file descriptors
e75481a7a7 support: Close original descriptors in support_capture_subprocess
0f79dc0be3 support_quote_string: Do not use str parameter name
6b2dd53aa0 support: Implement support_quote_string
50477165b9 malloc: Add another test for tcache double free check.
4b246928bd malloc: tcache double free check

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-12-14 16:18:32 +01:00
Hans Dedecker
476336fe66 glibc: update to latest 2.27 commit (BZ #23927)
9f433fc791 CVE-2018-19591: if_nametoindex: Fix descriptor for overlong name [BZ #23927]

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-12-06 11:47:36 +01:00
Hans Dedecker
1dcaef8410 glibc: update to latest 2.27 commit
1517dfb8aa Add an additional test to resolv/tst-resolv-network.c
1050634904 libanl: properly cleanup if first helper thread creation failed (bug 22927)

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-22 10:11:22 +01:00