diff -Nru glibc-2.35/debian/changelog glibc-2.35/debian/changelog --- glibc-2.35/debian/changelog 2024-01-02 13:22:42.000000000 +0000 +++ glibc-2.35/debian/changelog 2024-04-16 13:40:36.000000000 +0000 @@ -1,16 +1,30 @@ -glibc (2.35-0ubuntu3.6~test2) jammy-security; urgency=medium +glibc (2.35-0ubuntu3.7) jammy-security; urgency=medium + + * SECURITY UPDATE: OOB write in iconv plugin ISO-2022-CN-EXT + - debian/patches/any/CVE-2024-2961.patch: fix out-of-bound writes when + writing escape sequence in iconvdata/Makefile, + iconvdata/iso-2022-cn-ext.c, iconvdata/tst-iconv-iso-2022-cn-ext.c. + - CVE-2024-2961 + + -- Marc Deslauriers Tue, 16 Apr 2024 09:40:36 -0400 + +glibc (2.35-0ubuntu3.6) jammy-security; urgency=medium * SECURITY REGRESSION: incorrect processing of address family with nscd (LP: #2047155) - - debian/patches/lp2047155-extra1.patch: refactor some bits for - readability (gaiconf_inet). - - debian/patches/lp2047155-extra2.patch: avoid jumping from if condition - to its else counterpart(gai_init). - - debian/patches/lp2047155-extra3.patch: refactor code for readability - (getaddrinfo). - - debian/patches/lp2047155-get-nscd-addresses-fix-subscript-typos.patch: - fix the subscript on air->family, which was accidentally set to COUNT - when it should have remained as I (get_nscd_addresses). + - debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch: + split out line processing for 'label', 'precedence' and 'scopev4' into + separate functions (gaiconf_inet). + - debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch: clean up + another antipattern where code flows from an if condition to its else + counterpart with a goto (gai_init). + - debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch: + refactor the code and make it easier to follow by removing the confusing + close_retry goto jump (getaddrinfo). + - debian/patches/lp2047155/ + lp2047155-get-nscd-addresses-fix-subscript-typos.patch: fix the + subscript on air->family, which was accidentally set to 'count' when it + should have remained as 'i' (get_nscd_addresses). - CVE-2023-4806 -- Camila Camargo de Matos Tue, 02 Jan 2024 10:22:42 -0300 diff -Nru glibc-2.35/debian/patches/any/CVE-2024-2961.patch glibc-2.35/debian/patches/any/CVE-2024-2961.patch --- glibc-2.35/debian/patches/any/CVE-2024-2961.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.35/debian/patches/any/CVE-2024-2961.patch 2024-04-16 13:40:22.000000000 +0000 @@ -0,0 +1,214 @@ +From 7eba00dcf7fedefc750b815b834edbbcfc85e620 Mon Sep 17 00:00:00 2001 +From: Charles Fol +Date: Thu, 28 Mar 2024 12:25:38 -0300 +Subject: [PATCH] iconv: ISO-2022-CN-EXT: fix out-of-bound writes when writing + escape sequence (CVE-2024-2961) + +ISO-2022-CN-EXT uses escape sequences to indicate character set changes +(as specified by RFC 1922). While the SOdesignation has the expected +bounds checks, neither SS2designation nor SS3designation have its; +allowing a write overflow of 1, 2, or 3 bytes with fixed values: +'$+I', '$+J', '$+K', '$+L', '$+M', or '$*H'. + +Checked on aarch64-linux-gnu. + +Co-authored-by: Adhemerval Zanella +Reviewed-by: Carlos O'Donell +Tested-by: Carlos O'Donell +--- + iconvdata/Makefile | 5 +- + iconvdata/iso-2022-cn-ext.c | 12 +++ + iconvdata/tst-iconv-iso-2022-cn-ext.c | 128 ++++++++++++++++++++++++++ + 3 files changed, 144 insertions(+), 1 deletion(-) + create mode 100644 iconvdata/tst-iconv-iso-2022-cn-ext.c + +diff --git a/iconvdata/Makefile b/iconvdata/Makefile +index ea019ce5c0..7196a8744b 100644 +--- a/iconvdata/Makefile ++++ b/iconvdata/Makefile +@@ -75,7 +75,8 @@ ifeq (yes,$(build-shared)) + tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \ + tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \ + bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \ +- bug-iconv13 bug-iconv14 bug-iconv15 ++ bug-iconv13 bug-iconv14 bug-iconv15 \ ++ tst-iconv-iso-2022-cn-ext + ifeq ($(have-thread-library),yes) + tests += bug-iconv3 + endif +@@ -330,6 +331,8 @@ $(objpfx)bug-iconv14.out: $(addprefix $(objpfx), $(gconv-modules)) \ + $(addprefix $(objpfx),$(modules.so)) + $(objpfx)bug-iconv15.out: $(addprefix $(objpfx), $(gconv-modules)) \ + $(addprefix $(objpfx),$(modules.so)) ++$(objpfx)tst-iconv-iso-2022-cn-ext.out: $(addprefix $(objpfx), $(gconv-modules)) \ ++ $(addprefix $(objpfx),$(modules.so)) + + $(objpfx)iconv-test.out: run-iconv-test.sh \ + $(addprefix $(objpfx), $(gconv-modules)) \ +diff --git a/iconvdata/iso-2022-cn-ext.c b/iconvdata/iso-2022-cn-ext.c +index b34c8a36f4..cce29b1969 100644 +--- a/iconvdata/iso-2022-cn-ext.c ++++ b/iconvdata/iso-2022-cn-ext.c +@@ -574,6 +574,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); + { \ + const char *escseq; \ + \ ++ if (outptr + 4 > outend) \ ++ { \ ++ result = __GCONV_FULL_OUTPUT; \ ++ break; \ ++ } \ ++ \ + assert (used == CNS11643_2_set); /* XXX */ \ + escseq = "*H"; \ + *outptr++ = ESC; \ +@@ -587,6 +593,12 @@ DIAG_IGNORE_Os_NEEDS_COMMENT (5, "-Wmaybe-uninitialized"); + { \ + const char *escseq; \ + \ ++ if (outptr + 4 > outend) \ ++ { \ ++ result = __GCONV_FULL_OUTPUT; \ ++ break; \ ++ } \ ++ \ + assert ((used >> 5) >= 3 && (used >> 5) <= 7); \ + escseq = "+I+J+K+L+M" + ((used >> 5) - 3) * 2; \ + *outptr++ = ESC; \ +diff --git a/iconvdata/tst-iconv-iso-2022-cn-ext.c b/iconvdata/tst-iconv-iso-2022-cn-ext.c +new file mode 100644 +index 0000000000..96a8765fd5 +--- /dev/null ++++ b/iconvdata/tst-iconv-iso-2022-cn-ext.c +@@ -0,0 +1,128 @@ ++/* Verify ISO-2022-CN-EXT does not write out of the bounds. ++ Copyright (C) 2024 Free Software Foundation, Inc. ++ This file is part of the GNU C Library. ++ ++ The GNU C Library is free software; you can redistribute it and/or ++ modify it under the terms of the GNU Lesser General Public ++ License as published by the Free Software Foundation; either ++ version 2.1 of the License, or (at your option) any later version. ++ ++ The GNU C Library is distributed in the hope that it will be useful, ++ but WITHOUT ANY WARRANTY; without even the implied warranty of ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ Lesser General Public License for more details. ++ ++ You should have received a copy of the GNU Lesser General Public ++ License along with the GNU C Library; if not, see ++ . */ ++ ++#include ++#include ++ ++#include ++#include ++#include ++ ++#include ++#include ++#include ++ ++/* The test sets up a two memory page buffer with the second page marked ++ PROT_NONE to trigger a fault if the conversion writes beyond the exact ++ expected amount. Then we carry out various conversions and precisely ++ place the start of the output buffer in order to trigger a SIGSEGV if the ++ process writes anywhere between 1 and page sized bytes more (only one ++ PROT_NONE page is setup as a canary) than expected. These tests exercise ++ all three of the cases in ISO-2022-CN-EXT where the converter must switch ++ character sets and may run out of buffer space while doing the ++ operation. */ ++ ++static int ++do_test (void) ++{ ++ iconv_t cd = iconv_open ("ISO-2022-CN-EXT", "UTF-8"); ++ TEST_VERIFY_EXIT (cd != (iconv_t) -1); ++ ++ char *ntf; ++ size_t ntfsize; ++ char *outbufbase; ++ { ++ int pgz = getpagesize (); ++ TEST_VERIFY_EXIT (pgz > 0); ++ ntfsize = 2 * pgz; ++ ++ ntf = xmmap (NULL, ntfsize, PROT_READ | PROT_WRITE, MAP_PRIVATE ++ | MAP_ANONYMOUS, -1); ++ xmprotect (ntf + pgz, pgz, PROT_NONE); ++ ++ outbufbase = ntf + pgz; ++ } ++ ++ /* Check if SOdesignation escape sequence does not trigger an OOB write. */ ++ { ++ char inbuf[] = "\xe4\xba\xa4\xe6\x8d\xa2"; ++ ++ for (int i = 0; i < 9; i++) ++ { ++ char *inp = inbuf; ++ size_t inleft = sizeof (inbuf) - 1; ++ ++ char *outp = outbufbase - i; ++ size_t outleft = i; ++ ++ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) ++ == (size_t) -1); ++ TEST_COMPARE (errno, E2BIG); ++ ++ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); ++ } ++ } ++ ++ /* Same as before for SS2designation. */ ++ { ++ char inbuf[] = "㴽 \xe3\xb4\xbd"; ++ ++ for (int i = 0; i < 14; i++) ++ { ++ char *inp = inbuf; ++ size_t inleft = sizeof (inbuf) - 1; ++ ++ char *outp = outbufbase - i; ++ size_t outleft = i; ++ ++ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) ++ == (size_t) -1); ++ TEST_COMPARE (errno, E2BIG); ++ ++ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); ++ } ++ } ++ ++ /* Same as before for SS3designation. */ ++ { ++ char inbuf[] = "劄 \xe5\x8a\x84"; ++ ++ for (int i = 0; i < 14; i++) ++ { ++ char *inp = inbuf; ++ size_t inleft = sizeof (inbuf) - 1; ++ ++ char *outp = outbufbase - i; ++ size_t outleft = i; ++ ++ TEST_VERIFY_EXIT (iconv (cd, &inp, &inleft, &outp, &outleft) ++ == (size_t) -1); ++ TEST_COMPARE (errno, E2BIG); ++ ++ TEST_VERIFY_EXIT (iconv (cd, NULL, NULL, NULL, NULL) == 0); ++ } ++ } ++ ++ TEST_VERIFY_EXIT (iconv_close (cd) != -1); ++ ++ xmunmap (ntf, ntfsize); ++ ++ return 0; ++} ++ ++#include +-- +2.34.1 + diff -Nru glibc-2.35/debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch glibc-2.35/debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch --- glibc-2.35/debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155/lp2047155-avoid-if-to-else-jump.patch 2024-01-02 13:22:42.000000000 +0000 @@ -0,0 +1,589 @@ +From bc0d18d873abf2cda6842ad8bb4df2a31dc0fbac Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 3 Aug 2021 21:29:23 +0530 +Subject: [PATCH] gai_init: Avoid jumping from if condition to its else + counterpart + +Clean up another antipattern where code flows from an if condition to +its else counterpart with a goto. + +Most of the change in this patch is whitespace-only; a `git diff -b` +ought to show the actual logic changes. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: DJ Delorie +--- + sysdeps/posix/getaddrinfo.c | 498 ++++++++++++++++++------------------ + 1 file changed, 248 insertions(+), 250 deletions(-) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index 984baf9744..aa34de6591 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -1926,142 +1926,122 @@ gaiconf_init (void) + bool scopelist_nullbits = false; + + FILE *fp = fopen (GAICONF_FNAME, "rce"); +- if (fp != NULL) ++ if (fp == NULL) ++ goto no_file; ++ ++ struct __stat64_t64 st; ++ if (__fstat64_time64 (fileno (fp), &st) != 0) + { +- struct __stat64_t64 st; +- if (__fstat64_time64 (fileno (fp), &st) != 0) +- { +- fclose (fp); +- goto no_file; +- } ++ fclose (fp); ++ goto no_file; ++ } + +- char *line = NULL; +- size_t linelen = 0; ++ char *line = NULL; ++ size_t linelen = 0; + +- __fsetlocking (fp, FSETLOCKING_BYCALLER); ++ __fsetlocking (fp, FSETLOCKING_BYCALLER); + +- while (!feof_unlocked (fp)) +- { +- ssize_t n = __getline (&line, &linelen, fp); +- if (n <= 0) +- break; ++ while (!feof_unlocked (fp)) ++ { ++ ssize_t n = __getline (&line, &linelen, fp); ++ if (n <= 0) ++ break; + +- /* Handle comments. No escaping possible so this is easy. */ +- char *cp = strchr (line, '#'); +- if (cp != NULL) +- *cp = '\0'; ++ /* Handle comments. No escaping possible so this is easy. */ ++ char *cp = strchr (line, '#'); ++ if (cp != NULL) ++ *cp = '\0'; + +- cp = line; +- while (isspace (*cp)) +- ++cp; ++ cp = line; ++ while (isspace (*cp)) ++ ++cp; + +- char *cmd = cp; +- while (*cp != '\0' && !isspace (*cp)) +- ++cp; +- size_t cmdlen = cp - cmd; ++ char *cmd = cp; ++ while (*cp != '\0' && !isspace (*cp)) ++ ++cp; ++ size_t cmdlen = cp - cmd; + +- if (*cp != '\0') +- *cp++ = '\0'; +- while (isspace (*cp)) +- ++cp; ++ if (*cp != '\0') ++ *cp++ = '\0'; ++ while (isspace (*cp)) ++ ++cp; + +- char *val1 = cp; +- while (*cp != '\0' && !isspace (*cp)) +- ++cp; +- size_t val1len = cp - cmd; ++ char *val1 = cp; ++ while (*cp != '\0' && !isspace (*cp)) ++ ++cp; ++ size_t val1len = cp - cmd; + +- /* We always need at least two values. */ +- if (val1len == 0) +- continue; ++ /* We always need at least two values. */ ++ if (val1len == 0) ++ continue; + +- if (*cp != '\0') +- *cp++ = '\0'; +- while (isspace (*cp)) +- ++cp; ++ if (*cp != '\0') ++ *cp++ = '\0'; ++ while (isspace (*cp)) ++ ++cp; + +- char *val2 = cp; +- while (*cp != '\0' && !isspace (*cp)) +- ++cp; ++ char *val2 = cp; ++ while (*cp != '\0' && !isspace (*cp)) ++ ++cp; + +- /* Ignore the rest of the line. */ +- *cp = '\0'; ++ /* Ignore the rest of the line. */ ++ *cp = '\0'; + +- switch (cmdlen) ++ switch (cmdlen) ++ { ++ case 5: ++ if (strcmp (cmd, "label") == 0) + { +- case 5: +- if (strcmp (cmd, "label") == 0) ++ if (!add_prefixlist (&labellist, &nlabellist, ++ &labellist_nullbits, val1, val2, &cp)) + { +- if (!add_prefixlist (&labellist, &nlabellist, +- &labellist_nullbits, val1, val2, &cp)) +- { +- free (line); +- fclose (fp); +- goto no_file; +- } ++ free (line); ++ fclose (fp); ++ goto no_file; + } +- break; ++ } ++ break; + +- case 6: +- if (strcmp (cmd, "reload") == 0) +- { +- gaiconf_reload_flag = strcmp (val1, "yes") == 0; +- if (gaiconf_reload_flag) +- gaiconf_reload_flag_ever_set = 1; +- } +- break; ++ case 6: ++ if (strcmp (cmd, "reload") == 0) ++ { ++ gaiconf_reload_flag = strcmp (val1, "yes") == 0; ++ if (gaiconf_reload_flag) ++ gaiconf_reload_flag_ever_set = 1; ++ } ++ break; + +- case 7: +- if (strcmp (cmd, "scopev4") == 0) ++ case 7: ++ if (strcmp (cmd, "scopev4") == 0) ++ { ++ struct in6_addr prefix; ++ unsigned long int bits; ++ unsigned long int val; ++ char *endp; ++ ++ bits = 32; ++ __set_errno (0); ++ cp = strchr (val1, '/'); ++ if (cp != NULL) ++ *cp++ = '\0'; ++ if (inet_pton (AF_INET6, val1, &prefix)) + { +- struct in6_addr prefix; +- unsigned long int bits; +- unsigned long int val; +- char *endp; +- +- bits = 32; +- __set_errno (0); +- cp = strchr (val1, '/'); +- if (cp != NULL) +- *cp++ = '\0'; +- if (inet_pton (AF_INET6, val1, &prefix)) +- { +- bits = 128; +- if (IN6_IS_ADDR_V4MAPPED (&prefix) +- && (cp == NULL +- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && bits >= 96 +- && bits <= 128 +- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && val <= INT_MAX) +- { +- if (!add_scopelist (&scopelist, &nscopelist, +- &scopelist_nullbits, &prefix, +- bits, val)) +- { +- free (line); +- fclose (fp); +- goto no_file; +- } +- } +- } +- else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) +- && (cp == NULL +- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && bits <= 32 +- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && val <= INT_MAX) ++ bits = 128; ++ if (IN6_IS_ADDR_V4MAPPED (&prefix) ++ && (cp == NULL ++ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && bits >= 96 ++ && bits <= 128 ++ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && val <= INT_MAX) + { + if (!add_scopelist (&scopelist, &nscopelist, + &scopelist_nullbits, &prefix, +- bits + 96, val)) ++ bits, val)) + { + free (line); + fclose (fp); +@@ -2069,173 +2049,191 @@ gaiconf_init (void) + } + } + } +- break; +- +- case 10: +- if (strcmp (cmd, "precedence") == 0) ++ else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) ++ && (cp == NULL ++ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && bits <= 32 ++ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && val <= INT_MAX) + { +- if (!add_prefixlist (&precedencelist, &nprecedencelist, +- &precedencelist_nullbits, val1, val2, +- &cp)) ++ if (!add_scopelist (&scopelist, &nscopelist, ++ &scopelist_nullbits, &prefix, ++ bits + 96, val)) + { + free (line); + fclose (fp); + goto no_file; + } + } +- break; +- } +- } +- +- free (line); +- +- fclose (fp); +- +- /* Create the array for the labels. */ +- struct prefixentry *new_labels; +- if (nlabellist > 0) +- { +- if (!labellist_nullbits) +- ++nlabellist; +- new_labels = malloc (nlabellist * sizeof (*new_labels)); +- if (new_labels == NULL) +- goto no_file; +- +- int i = nlabellist; +- if (!labellist_nullbits) +- { +- --i; +- memset (&new_labels[i].prefix, '\0', sizeof (struct in6_addr)); +- new_labels[i].bits = 0; +- new_labels[i].val = 1; + } ++ break; + +- struct prefixlist *l = labellist; +- while (i-- > 0) ++ case 10: ++ if (strcmp (cmd, "precedence") == 0) + { +- new_labels[i] = l->entry; +- l = l->next; ++ if (!add_prefixlist (&precedencelist, &nprecedencelist, ++ &precedencelist_nullbits, val1, val2, ++ &cp)) ++ { ++ free (line); ++ fclose (fp); ++ goto no_file; ++ } + } +- free_prefixlist (labellist); +- labellist = NULL; +- +- /* Sort the entries so that the most specific ones are at +- the beginning. */ +- qsort (new_labels, nlabellist, sizeof (*new_labels), prefixcmp); ++ break; + } +- else +- new_labels = (struct prefixentry *) default_labels; +- +- struct prefixentry *new_precedence; +- if (nprecedencelist > 0) +- { +- if (!precedencelist_nullbits) +- ++nprecedencelist; +- new_precedence = malloc (nprecedencelist * sizeof (*new_precedence)); +- if (new_precedence == NULL) +- { +- if (new_labels != default_labels) +- free (new_labels); +- goto no_file; +- } ++ } + +- int i = nprecedencelist; +- if (!precedencelist_nullbits) +- { +- --i; +- memset (&new_precedence[i].prefix, '\0', +- sizeof (struct in6_addr)); +- new_precedence[i].bits = 0; +- new_precedence[i].val = 40; +- } ++ free (line); + +- struct prefixlist *l = precedencelist; +- while (i-- > 0) +- { +- new_precedence[i] = l->entry; +- l = l->next; +- } +- free_prefixlist (precedencelist); +- precedencelist = NULL; ++ fclose (fp); + +- /* Sort the entries so that the most specific ones are at +- the beginning. */ +- qsort (new_precedence, nprecedencelist, sizeof (*new_precedence), +- prefixcmp); ++ /* Create the array for the labels. */ ++ struct prefixentry *new_labels; ++ if (nlabellist > 0) ++ { ++ if (!labellist_nullbits) ++ ++nlabellist; ++ new_labels = malloc (nlabellist * sizeof (*new_labels)); ++ if (new_labels == NULL) ++ goto no_file; ++ ++ int i = nlabellist; ++ if (!labellist_nullbits) ++ { ++ --i; ++ memset (&new_labels[i].prefix, '\0', sizeof (struct in6_addr)); ++ new_labels[i].bits = 0; ++ new_labels[i].val = 1; + } +- else +- new_precedence = (struct prefixentry *) default_precedence; + +- struct scopeentry *new_scopes; +- if (nscopelist > 0) ++ struct prefixlist *l = labellist; ++ while (i-- > 0) + { +- if (!scopelist_nullbits) +- ++nscopelist; +- new_scopes = malloc (nscopelist * sizeof (*new_scopes)); +- if (new_scopes == NULL) +- { +- if (new_labels != default_labels) +- free (new_labels); +- if (new_precedence != default_precedence) +- free (new_precedence); +- goto no_file; +- } +- +- int i = nscopelist; +- if (!scopelist_nullbits) +- { +- --i; +- new_scopes[i].addr32 = 0; +- new_scopes[i].netmask = 0; +- new_scopes[i].scope = 14; +- } ++ new_labels[i] = l->entry; ++ l = l->next; ++ } ++ free_prefixlist (labellist); ++ labellist = NULL; + +- struct scopelist *l = scopelist; +- while (i-- > 0) +- { +- new_scopes[i] = l->entry; +- l = l->next; +- } +- free_scopelist (scopelist); ++ /* Sort the entries so that the most specific ones are at ++ the beginning. */ ++ qsort (new_labels, nlabellist, sizeof (*new_labels), prefixcmp); ++ } ++ else ++ new_labels = (struct prefixentry *) default_labels; + +- /* Sort the entries so that the most specific ones are at +- the beginning. */ +- qsort (new_scopes, nscopelist, sizeof (*new_scopes), +- scopecmp); ++ struct prefixentry *new_precedence; ++ if (nprecedencelist > 0) ++ { ++ if (!precedencelist_nullbits) ++ ++nprecedencelist; ++ new_precedence = malloc (nprecedencelist * sizeof (*new_precedence)); ++ if (new_precedence == NULL) ++ { ++ if (new_labels != default_labels) ++ free (new_labels); ++ goto no_file; + } +- else +- new_scopes = (struct scopeentry *) default_scopes; +- +- /* Now we are ready to replace the values. */ +- const struct prefixentry *old = labels; +- labels = new_labels; +- if (old != default_labels) +- free ((void *) old); + +- old = precedence; +- precedence = new_precedence; +- if (old != default_precedence) +- free ((void *) old); ++ int i = nprecedencelist; ++ if (!precedencelist_nullbits) ++ { ++ --i; ++ memset (&new_precedence[i].prefix, '\0', ++ sizeof (struct in6_addr)); ++ new_precedence[i].bits = 0; ++ new_precedence[i].val = 40; ++ } + +- const struct scopeentry *oldscope = scopes; +- scopes = new_scopes; +- if (oldscope != default_scopes) +- free ((void *) oldscope); ++ struct prefixlist *l = precedencelist; ++ while (i-- > 0) ++ { ++ new_precedence[i] = l->entry; ++ l = l->next; ++ } ++ free_prefixlist (precedencelist); ++ precedencelist = NULL; + +- save_gaiconf_mtime (&st); ++ /* Sort the entries so that the most specific ones are at ++ the beginning. */ ++ qsort (new_precedence, nprecedencelist, sizeof (*new_precedence), ++ prefixcmp); + } + else ++ new_precedence = (struct prefixentry *) default_precedence; ++ ++ struct scopeentry *new_scopes; ++ if (nscopelist > 0) + { +- no_file: +- free_prefixlist (labellist); +- free_prefixlist (precedencelist); ++ if (!scopelist_nullbits) ++ ++nscopelist; ++ new_scopes = malloc (nscopelist * sizeof (*new_scopes)); ++ if (new_scopes == NULL) ++ { ++ if (new_labels != default_labels) ++ free (new_labels); ++ if (new_precedence != default_precedence) ++ free (new_precedence); ++ goto no_file; ++ } ++ ++ int i = nscopelist; ++ if (!scopelist_nullbits) ++ { ++ --i; ++ new_scopes[i].addr32 = 0; ++ new_scopes[i].netmask = 0; ++ new_scopes[i].scope = 14; ++ } ++ ++ struct scopelist *l = scopelist; ++ while (i-- > 0) ++ { ++ new_scopes[i] = l->entry; ++ l = l->next; ++ } + free_scopelist (scopelist); + +- /* If we previously read the file but it is gone now, free the +- old data and use the builtin one. Leave the reload flag +- alone. */ +- fini (); ++ /* Sort the entries so that the most specific ones are at ++ the beginning. */ ++ qsort (new_scopes, nscopelist, sizeof (*new_scopes), ++ scopecmp); + } ++ else ++ new_scopes = (struct scopeentry *) default_scopes; ++ ++ /* Now we are ready to replace the values. */ ++ const struct prefixentry *old = labels; ++ labels = new_labels; ++ if (old != default_labels) ++ free ((void *) old); ++ ++ old = precedence; ++ precedence = new_precedence; ++ if (old != default_precedence) ++ free ((void *) old); ++ ++ const struct scopeentry *oldscope = scopes; ++ scopes = new_scopes; ++ if (oldscope != default_scopes) ++ free ((void *) oldscope); ++ ++ save_gaiconf_mtime (&st); ++ return; ++ ++no_file: ++ free_prefixlist (labellist); ++ free_prefixlist (precedencelist); ++ free_scopelist (scopelist); ++ ++ /* If we previously read the file but it is gone now, free the old data and ++ use the builtin one. Leave the reload flag alone. */ ++ fini (); + } + + +-- +2.39.3 diff -Nru glibc-2.35/debian/patches/lp2047155/lp2047155-get-nscd-addresses-fix-subscript-typos.patch glibc-2.35/debian/patches/lp2047155/lp2047155-get-nscd-addresses-fix-subscript-typos.patch --- glibc-2.35/debian/patches/lp2047155/lp2047155-get-nscd-addresses-fix-subscript-typos.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155/lp2047155-get-nscd-addresses-fix-subscript-typos.patch 2024-01-02 13:12:24.000000000 +0000 @@ -0,0 +1,34 @@ +From c9226c03da0276593a0918eaa9a14835183343e8 Mon Sep 17 00:00:00 2001 +From: =?utf8?q?J=C3=B6rg=20Sonnenberger?= +Date: Mon, 26 Sep 2022 13:59:16 -0400 +Subject: [PATCH] get_nscd_addresses: Fix subscript typos [BZ #29605] + +Fix the subscript on air->family, which was accidentally set to COUNT +when it should have remained as I. + +Resolves: BZ #29605 + +Reviewed-by: Siddhesh Poyarekar +--- + sysdeps/posix/getaddrinfo.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +Index: glibc-2.35/sysdeps/posix/getaddrinfo.c +=================================================================== +--- glibc-2.35.orig/sysdeps/posix/getaddrinfo.c ++++ glibc-2.35/sysdeps/posix/getaddrinfo.c +@@ -549,11 +549,11 @@ get_nscd_addresses (const char *name, co + at[count].addr[2] = htonl (0xffff); + } + else if (req->ai_family == AF_UNSPEC +- || air->family[count] == req->ai_family) ++ || air->family[i] == req->ai_family) + { +- at[count].family = air->family[count]; ++ at[count].family = air->family[i]; + memcpy (at[count].addr, addrs, size); +- if (air->family[count] == AF_INET6) ++ if (air->family[i] == AF_INET6) + res->got_ipv6 = true; + } + at[count].next = at + count + 1; diff -Nru glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch --- glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-bits-for-readability.patch 2024-01-02 13:22:42.000000000 +0000 @@ -0,0 +1,215 @@ +From 06890c7ba553e82393413c59bb3131db5815a337 Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 27 Jul 2021 22:49:53 +0530 +Subject: [PATCH] gaiconf_init: Refactor some bits for readability + +Split out line processing for `label`, `precedence` and `scopev4` into +separate functions instead of the gotos. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: DJ Delorie +--- + sysdeps/posix/getaddrinfo.c | 149 ++++++++++++++++++++---------------- + 1 file changed, 84 insertions(+), 65 deletions(-) + +diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c +index 0ece3b46b7..984baf9744 100644 +--- a/sysdeps/posix/getaddrinfo.c ++++ b/sysdeps/posix/getaddrinfo.c +@@ -1851,6 +1851,66 @@ scopecmp (const void *p1, const void *p2) + return 1; + } + ++static bool ++add_prefixlist (struct prefixlist **listp, size_t *lenp, bool *nullbitsp, ++ char *val1, char *val2, char **pos) ++{ ++ struct in6_addr prefix; ++ unsigned long int bits; ++ unsigned long int val; ++ char *endp; ++ ++ bits = 128; ++ __set_errno (0); ++ char *cp = strchr (val1, '/'); ++ if (cp != NULL) ++ *cp++ = '\0'; ++ *pos = cp; ++ if (inet_pton (AF_INET6, val1, &prefix) ++ && (cp == NULL ++ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && bits <= 128 ++ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX ++ || errno != ERANGE) ++ && *endp == '\0' ++ && val <= INT_MAX) ++ { ++ struct prefixlist *newp = malloc (sizeof (*newp)); ++ if (newp == NULL) ++ return false; ++ ++ memcpy (&newp->entry.prefix, &prefix, sizeof (prefix)); ++ newp->entry.bits = bits; ++ newp->entry.val = val; ++ newp->next = *listp; ++ *listp = newp; ++ ++*lenp; ++ *nullbitsp |= bits == 0; ++ } ++ return true; ++} ++ ++static bool ++add_scopelist (struct scopelist **listp, size_t *lenp, bool *nullbitsp, ++ const struct in6_addr *prefixp, unsigned long int bits, ++ unsigned long int val) ++{ ++ struct scopelist *newp = malloc (sizeof (*newp)); ++ if (newp == NULL) ++ return false; ++ ++ newp->entry.netmask = htonl (bits != 96 ? (0xffffffff << (128 - bits)) : 0); ++ newp->entry.addr32 = (prefixp->s6_addr32[3] & newp->entry.netmask); ++ newp->entry.scope = val; ++ newp->next = *listp; ++ *listp = newp; ++ ++*lenp; ++ *nullbitsp |= bits == 96; ++ ++ return true; ++} + + static void + gaiconf_init (void) +@@ -1926,55 +1986,17 @@ gaiconf_init (void) + /* Ignore the rest of the line. */ + *cp = '\0'; + +- struct prefixlist **listp; +- size_t *lenp; +- bool *nullbitsp; + switch (cmdlen) + { + case 5: + if (strcmp (cmd, "label") == 0) + { +- struct in6_addr prefix; +- unsigned long int bits; +- unsigned long int val; +- char *endp; +- +- listp = &labellist; +- lenp = &nlabellist; +- nullbitsp = &labellist_nullbits; +- +- new_elem: +- bits = 128; +- __set_errno (0); +- cp = strchr (val1, '/'); +- if (cp != NULL) +- *cp++ = '\0'; +- if (inet_pton (AF_INET6, val1, &prefix) +- && (cp == NULL +- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && bits <= 128 +- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX +- || errno != ERANGE) +- && *endp == '\0' +- && val <= INT_MAX) ++ if (!add_prefixlist (&labellist, &nlabellist, ++ &labellist_nullbits, val1, val2, &cp)) + { +- struct prefixlist *newp = malloc (sizeof (*newp)); +- if (newp == NULL) +- { +- free (line); +- fclose (fp); +- goto no_file; +- } +- +- memcpy (&newp->entry.prefix, &prefix, sizeof (prefix)); +- newp->entry.bits = bits; +- newp->entry.val = val; +- newp->next = *listp; +- *listp = newp; +- ++*lenp; +- *nullbitsp |= bits == 0; ++ free (line); ++ fclose (fp); ++ goto no_file; + } + } + break; +@@ -2016,27 +2038,14 @@ gaiconf_init (void) + && *endp == '\0' + && val <= INT_MAX) + { +- struct scopelist *newp; +- new_scope: +- newp = malloc (sizeof (*newp)); +- if (newp == NULL) ++ if (!add_scopelist (&scopelist, &nscopelist, ++ &scopelist_nullbits, &prefix, ++ bits, val)) + { + free (line); + fclose (fp); + goto no_file; + } +- +- newp->entry.netmask = htonl (bits != 96 +- ? (0xffffffff +- << (128 - bits)) +- : 0); +- newp->entry.addr32 = (prefix.s6_addr32[3] +- & newp->entry.netmask); +- newp->entry.scope = val; +- newp->next = scopelist; +- scopelist = newp; +- ++nscopelist; +- scopelist_nullbits |= bits == 96; + } + } + else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) +@@ -2050,8 +2059,14 @@ gaiconf_init (void) + && *endp == '\0' + && val <= INT_MAX) + { +- bits += 96; +- goto new_scope; ++ if (!add_scopelist (&scopelist, &nscopelist, ++ &scopelist_nullbits, &prefix, ++ bits + 96, val)) ++ { ++ free (line); ++ fclose (fp); ++ goto no_file; ++ } + } + } + break; +@@ -2059,10 +2074,14 @@ gaiconf_init (void) + case 10: + if (strcmp (cmd, "precedence") == 0) + { +- listp = &precedencelist; +- lenp = &nprecedencelist; +- nullbitsp = &precedencelist_nullbits; +- goto new_elem; ++ if (!add_prefixlist (&precedencelist, &nprecedencelist, ++ &precedencelist_nullbits, val1, val2, ++ &cp)) ++ { ++ free (line); ++ fclose (fp); ++ goto no_file; ++ } + } + break; + } +-- +2.39.3 diff -Nru glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch --- glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch 1970-01-01 00:00:00.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155/lp2047155-refactor-code-for-readability.patch 2024-01-02 13:22:42.000000000 +0000 @@ -0,0 +1,124 @@ +[Ubuntu note: patch adjusted to include '__FreeBSD_kernel__' definition + block in function 'try_connect' (also present in lunar, for example). + -- Camila Camargo de Matos ] + +Origin: backport, https://sourceware.org/git/?p=glibc.git;a=commit;h=d3f2c2c8b57bdf9d963db8fa2372d6c1b86a337e + +From d3f2c2c8b57bdf9d963db8fa2372d6c1b86a337e Mon Sep 17 00:00:00 2001 +From: Siddhesh Poyarekar +Date: Tue, 22 Mar 2022 22:40:05 +0530 +Subject: [PATCH] getaddrinfo: Refactor code for readability + +The close_retry goto jump is confusing and clumsy to read, so refactor +the code a bit to make it easier to follow. + +Signed-off-by: Siddhesh Poyarekar +Reviewed-by: DJ Delorie +--- + sysdeps/posix/getaddrinfo.c | 45 +++++++++++++++++++++++++++---------- + 1 file changed, 33 insertions(+), 12 deletions(-) + +Index: glibc-2.35/sysdeps/posix/getaddrinfo.c +=================================================================== +--- glibc-2.35.orig/sysdeps/posix/getaddrinfo.c ++++ glibc-2.35/sysdeps/posix/getaddrinfo.c +@@ -2253,6 +2253,49 @@ gaiconf_reload (void) + gaiconf_init (); + } + ++static bool ++try_connect (int *fdp, int *afp, struct sockaddr_in6 *source_addrp, ++ const struct sockaddr *addr, socklen_t addrlen, int family) ++{ ++ int fd = *fdp; ++ int af = *afp; ++ socklen_t sl = sizeof (*source_addrp); ++ const struct sockaddr *sa = addr; ++#ifdef __FreeBSD_kernel__ ++ struct sockaddr_in6 sa_in6; ++ /* The FreeBSD kernel doesn't allow connections on port 0. Use ++ port 1 instead, as on the FreeBSD libc. */ ++ if (((struct sockaddr_in *)sa)->sin_port == htons(0)) ++ { ++ sa = (struct sockaddr *)&sa_in6; ++ memcpy(&sa_in6, addr, family == AF_INET6 ? ++ sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in)); ++ sa_in6.sin6_port = htons(1); ++ } ++#endif ++ ++ while (true) ++ { ++ if (fd != -1 && __connect (fd, sa, addrlen) == 0 ++ && __getsockname (fd, (struct sockaddr *) source_addrp, &sl) == 0) ++ return true; ++ ++ if (errno == EAFNOSUPPORT && af == AF_INET6 && family == AF_INET) ++ { ++ /* This could mean IPv6 sockets are IPv6-only. */ ++ if (fd != -1) ++ __close_nocancel_nostatus (fd); ++ *afp = af = AF_INET; ++ *fdp = fd = __socket (AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, ++ IPPROTO_IP); ++ continue; ++ } ++ ++ return false; ++ } ++ ++ __builtin_unreachable (); ++} + + int + getaddrinfo (const char *name, const char *service, +@@ -2443,7 +2486,6 @@ getaddrinfo (const char *name, const cha + if (fd == -1 || (af == AF_INET && q->ai_family == AF_INET6)) + { + if (fd != -1) +- close_retry: + __close_nocancel_nostatus (fd); + af = q->ai_family; + fd = __socket (af, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_IP); +@@ -2455,27 +2497,10 @@ getaddrinfo (const char *name, const cha + __connect (fd, &sa, sizeof (sa)); + } + +- socklen_t sl = sizeof (results[i].source_addr); +- const struct sockaddr *sa = q->ai_addr; +-#ifdef __FreeBSD_kernel__ +- struct sockaddr_in6 sa_in6; +- /* The FreeBSD kernel doesn't allow connections on port 0. Use +- port 1 instead, as on the FreeBSD libc. */ +- if (((struct sockaddr_in *)sa)->sin_port == htons(0)) +- { +- sa = (struct sockaddr *)&sa_in6; +- memcpy(&sa_in6, q->ai_addr, q->ai_family == AF_INET6 ? +- sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in)); +- sa_in6.sin6_port = htons(1); +- } +-#endif +- if (fd != -1 +- && __connect (fd, sa, q->ai_addrlen) == 0 +- && __getsockname (fd, +- (struct sockaddr *) &results[i].source_addr, +- &sl) == 0) ++ if (try_connect (&fd, &af, &results[i].source_addr, q->ai_addr, ++ q->ai_addrlen, q->ai_family)) + { +- results[i].source_addr_len = sl; ++ results[i].source_addr_len = sizeof (results[i].source_addr); + results[i].got_source_addr = true; + + if (in6ai != NULL) +@@ -2540,10 +2565,6 @@ getaddrinfo (const char *name, const cha + results[i].source_addr_len = sizeof (struct sockaddr_in); + } + } +- else if (errno == EAFNOSUPPORT && af == AF_INET6 +- && q->ai_family == AF_INET) +- /* This could mean IPv6 sockets are IPv6-only. */ +- goto close_retry; + else + /* Just make sure that if we have to process the same + address again we do not copy any memory. */ diff -Nru glibc-2.35/debian/patches/lp2047155-extra1.patch glibc-2.35/debian/patches/lp2047155-extra1.patch --- glibc-2.35/debian/patches/lp2047155-extra1.patch 2024-01-02 13:22:42.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155-extra1.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,215 +0,0 @@ -From 06890c7ba553e82393413c59bb3131db5815a337 Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 27 Jul 2021 22:49:53 +0530 -Subject: [PATCH] gaiconf_init: Refactor some bits for readability - -Split out line processing for `label`, `precedence` and `scopev4` into -separate functions instead of the gotos. - -Signed-off-by: Siddhesh Poyarekar -Reviewed-by: DJ Delorie ---- - sysdeps/posix/getaddrinfo.c | 149 ++++++++++++++++++++---------------- - 1 file changed, 84 insertions(+), 65 deletions(-) - -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 0ece3b46b7..984baf9744 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -1851,6 +1851,66 @@ scopecmp (const void *p1, const void *p2) - return 1; - } - -+static bool -+add_prefixlist (struct prefixlist **listp, size_t *lenp, bool *nullbitsp, -+ char *val1, char *val2, char **pos) -+{ -+ struct in6_addr prefix; -+ unsigned long int bits; -+ unsigned long int val; -+ char *endp; -+ -+ bits = 128; -+ __set_errno (0); -+ char *cp = strchr (val1, '/'); -+ if (cp != NULL) -+ *cp++ = '\0'; -+ *pos = cp; -+ if (inet_pton (AF_INET6, val1, &prefix) -+ && (cp == NULL -+ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && bits <= 128 -+ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && val <= INT_MAX) -+ { -+ struct prefixlist *newp = malloc (sizeof (*newp)); -+ if (newp == NULL) -+ return false; -+ -+ memcpy (&newp->entry.prefix, &prefix, sizeof (prefix)); -+ newp->entry.bits = bits; -+ newp->entry.val = val; -+ newp->next = *listp; -+ *listp = newp; -+ ++*lenp; -+ *nullbitsp |= bits == 0; -+ } -+ return true; -+} -+ -+static bool -+add_scopelist (struct scopelist **listp, size_t *lenp, bool *nullbitsp, -+ const struct in6_addr *prefixp, unsigned long int bits, -+ unsigned long int val) -+{ -+ struct scopelist *newp = malloc (sizeof (*newp)); -+ if (newp == NULL) -+ return false; -+ -+ newp->entry.netmask = htonl (bits != 96 ? (0xffffffff << (128 - bits)) : 0); -+ newp->entry.addr32 = (prefixp->s6_addr32[3] & newp->entry.netmask); -+ newp->entry.scope = val; -+ newp->next = *listp; -+ *listp = newp; -+ ++*lenp; -+ *nullbitsp |= bits == 96; -+ -+ return true; -+} - - static void - gaiconf_init (void) -@@ -1926,55 +1986,17 @@ gaiconf_init (void) - /* Ignore the rest of the line. */ - *cp = '\0'; - -- struct prefixlist **listp; -- size_t *lenp; -- bool *nullbitsp; - switch (cmdlen) - { - case 5: - if (strcmp (cmd, "label") == 0) - { -- struct in6_addr prefix; -- unsigned long int bits; -- unsigned long int val; -- char *endp; -- -- listp = &labellist; -- lenp = &nlabellist; -- nullbitsp = &labellist_nullbits; -- -- new_elem: -- bits = 128; -- __set_errno (0); -- cp = strchr (val1, '/'); -- if (cp != NULL) -- *cp++ = '\0'; -- if (inet_pton (AF_INET6, val1, &prefix) -- && (cp == NULL -- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && bits <= 128 -- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && val <= INT_MAX) -+ if (!add_prefixlist (&labellist, &nlabellist, -+ &labellist_nullbits, val1, val2, &cp)) - { -- struct prefixlist *newp = malloc (sizeof (*newp)); -- if (newp == NULL) -- { -- free (line); -- fclose (fp); -- goto no_file; -- } -- -- memcpy (&newp->entry.prefix, &prefix, sizeof (prefix)); -- newp->entry.bits = bits; -- newp->entry.val = val; -- newp->next = *listp; -- *listp = newp; -- ++*lenp; -- *nullbitsp |= bits == 0; -+ free (line); -+ fclose (fp); -+ goto no_file; - } - } - break; -@@ -2016,27 +2038,14 @@ gaiconf_init (void) - && *endp == '\0' - && val <= INT_MAX) - { -- struct scopelist *newp; -- new_scope: -- newp = malloc (sizeof (*newp)); -- if (newp == NULL) -+ if (!add_scopelist (&scopelist, &nscopelist, -+ &scopelist_nullbits, &prefix, -+ bits, val)) - { - free (line); - fclose (fp); - goto no_file; - } -- -- newp->entry.netmask = htonl (bits != 96 -- ? (0xffffffff -- << (128 - bits)) -- : 0); -- newp->entry.addr32 = (prefix.s6_addr32[3] -- & newp->entry.netmask); -- newp->entry.scope = val; -- newp->next = scopelist; -- scopelist = newp; -- ++nscopelist; -- scopelist_nullbits |= bits == 96; - } - } - else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) -@@ -2050,8 +2059,14 @@ gaiconf_init (void) - && *endp == '\0' - && val <= INT_MAX) - { -- bits += 96; -- goto new_scope; -+ if (!add_scopelist (&scopelist, &nscopelist, -+ &scopelist_nullbits, &prefix, -+ bits + 96, val)) -+ { -+ free (line); -+ fclose (fp); -+ goto no_file; -+ } - } - } - break; -@@ -2059,10 +2074,14 @@ gaiconf_init (void) - case 10: - if (strcmp (cmd, "precedence") == 0) - { -- listp = &precedencelist; -- lenp = &nprecedencelist; -- nullbitsp = &precedencelist_nullbits; -- goto new_elem; -+ if (!add_prefixlist (&precedencelist, &nprecedencelist, -+ &precedencelist_nullbits, val1, val2, -+ &cp)) -+ { -+ free (line); -+ fclose (fp); -+ goto no_file; -+ } - } - break; - } --- -2.39.3 diff -Nru glibc-2.35/debian/patches/lp2047155-extra2.patch glibc-2.35/debian/patches/lp2047155-extra2.patch --- glibc-2.35/debian/patches/lp2047155-extra2.patch 2024-01-02 13:22:42.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155-extra2.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,589 +0,0 @@ -From bc0d18d873abf2cda6842ad8bb4df2a31dc0fbac Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 3 Aug 2021 21:29:23 +0530 -Subject: [PATCH] gai_init: Avoid jumping from if condition to its else - counterpart - -Clean up another antipattern where code flows from an if condition to -its else counterpart with a goto. - -Most of the change in this patch is whitespace-only; a `git diff -b` -ought to show the actual logic changes. - -Signed-off-by: Siddhesh Poyarekar -Reviewed-by: DJ Delorie ---- - sysdeps/posix/getaddrinfo.c | 498 ++++++++++++++++++------------------ - 1 file changed, 248 insertions(+), 250 deletions(-) - -diff --git a/sysdeps/posix/getaddrinfo.c b/sysdeps/posix/getaddrinfo.c -index 984baf9744..aa34de6591 100644 ---- a/sysdeps/posix/getaddrinfo.c -+++ b/sysdeps/posix/getaddrinfo.c -@@ -1926,142 +1926,122 @@ gaiconf_init (void) - bool scopelist_nullbits = false; - - FILE *fp = fopen (GAICONF_FNAME, "rce"); -- if (fp != NULL) -+ if (fp == NULL) -+ goto no_file; -+ -+ struct __stat64_t64 st; -+ if (__fstat64_time64 (fileno (fp), &st) != 0) - { -- struct __stat64_t64 st; -- if (__fstat64_time64 (fileno (fp), &st) != 0) -- { -- fclose (fp); -- goto no_file; -- } -+ fclose (fp); -+ goto no_file; -+ } - -- char *line = NULL; -- size_t linelen = 0; -+ char *line = NULL; -+ size_t linelen = 0; - -- __fsetlocking (fp, FSETLOCKING_BYCALLER); -+ __fsetlocking (fp, FSETLOCKING_BYCALLER); - -- while (!feof_unlocked (fp)) -- { -- ssize_t n = __getline (&line, &linelen, fp); -- if (n <= 0) -- break; -+ while (!feof_unlocked (fp)) -+ { -+ ssize_t n = __getline (&line, &linelen, fp); -+ if (n <= 0) -+ break; - -- /* Handle comments. No escaping possible so this is easy. */ -- char *cp = strchr (line, '#'); -- if (cp != NULL) -- *cp = '\0'; -+ /* Handle comments. No escaping possible so this is easy. */ -+ char *cp = strchr (line, '#'); -+ if (cp != NULL) -+ *cp = '\0'; - -- cp = line; -- while (isspace (*cp)) -- ++cp; -+ cp = line; -+ while (isspace (*cp)) -+ ++cp; - -- char *cmd = cp; -- while (*cp != '\0' && !isspace (*cp)) -- ++cp; -- size_t cmdlen = cp - cmd; -+ char *cmd = cp; -+ while (*cp != '\0' && !isspace (*cp)) -+ ++cp; -+ size_t cmdlen = cp - cmd; - -- if (*cp != '\0') -- *cp++ = '\0'; -- while (isspace (*cp)) -- ++cp; -+ if (*cp != '\0') -+ *cp++ = '\0'; -+ while (isspace (*cp)) -+ ++cp; - -- char *val1 = cp; -- while (*cp != '\0' && !isspace (*cp)) -- ++cp; -- size_t val1len = cp - cmd; -+ char *val1 = cp; -+ while (*cp != '\0' && !isspace (*cp)) -+ ++cp; -+ size_t val1len = cp - cmd; - -- /* We always need at least two values. */ -- if (val1len == 0) -- continue; -+ /* We always need at least two values. */ -+ if (val1len == 0) -+ continue; - -- if (*cp != '\0') -- *cp++ = '\0'; -- while (isspace (*cp)) -- ++cp; -+ if (*cp != '\0') -+ *cp++ = '\0'; -+ while (isspace (*cp)) -+ ++cp; - -- char *val2 = cp; -- while (*cp != '\0' && !isspace (*cp)) -- ++cp; -+ char *val2 = cp; -+ while (*cp != '\0' && !isspace (*cp)) -+ ++cp; - -- /* Ignore the rest of the line. */ -- *cp = '\0'; -+ /* Ignore the rest of the line. */ -+ *cp = '\0'; - -- switch (cmdlen) -+ switch (cmdlen) -+ { -+ case 5: -+ if (strcmp (cmd, "label") == 0) - { -- case 5: -- if (strcmp (cmd, "label") == 0) -+ if (!add_prefixlist (&labellist, &nlabellist, -+ &labellist_nullbits, val1, val2, &cp)) - { -- if (!add_prefixlist (&labellist, &nlabellist, -- &labellist_nullbits, val1, val2, &cp)) -- { -- free (line); -- fclose (fp); -- goto no_file; -- } -+ free (line); -+ fclose (fp); -+ goto no_file; - } -- break; -+ } -+ break; - -- case 6: -- if (strcmp (cmd, "reload") == 0) -- { -- gaiconf_reload_flag = strcmp (val1, "yes") == 0; -- if (gaiconf_reload_flag) -- gaiconf_reload_flag_ever_set = 1; -- } -- break; -+ case 6: -+ if (strcmp (cmd, "reload") == 0) -+ { -+ gaiconf_reload_flag = strcmp (val1, "yes") == 0; -+ if (gaiconf_reload_flag) -+ gaiconf_reload_flag_ever_set = 1; -+ } -+ break; - -- case 7: -- if (strcmp (cmd, "scopev4") == 0) -+ case 7: -+ if (strcmp (cmd, "scopev4") == 0) -+ { -+ struct in6_addr prefix; -+ unsigned long int bits; -+ unsigned long int val; -+ char *endp; -+ -+ bits = 32; -+ __set_errno (0); -+ cp = strchr (val1, '/'); -+ if (cp != NULL) -+ *cp++ = '\0'; -+ if (inet_pton (AF_INET6, val1, &prefix)) - { -- struct in6_addr prefix; -- unsigned long int bits; -- unsigned long int val; -- char *endp; -- -- bits = 32; -- __set_errno (0); -- cp = strchr (val1, '/'); -- if (cp != NULL) -- *cp++ = '\0'; -- if (inet_pton (AF_INET6, val1, &prefix)) -- { -- bits = 128; -- if (IN6_IS_ADDR_V4MAPPED (&prefix) -- && (cp == NULL -- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && bits >= 96 -- && bits <= 128 -- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && val <= INT_MAX) -- { -- if (!add_scopelist (&scopelist, &nscopelist, -- &scopelist_nullbits, &prefix, -- bits, val)) -- { -- free (line); -- fclose (fp); -- goto no_file; -- } -- } -- } -- else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) -- && (cp == NULL -- || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && bits <= 32 -- && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -- || errno != ERANGE) -- && *endp == '\0' -- && val <= INT_MAX) -+ bits = 128; -+ if (IN6_IS_ADDR_V4MAPPED (&prefix) -+ && (cp == NULL -+ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && bits >= 96 -+ && bits <= 128 -+ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && val <= INT_MAX) - { - if (!add_scopelist (&scopelist, &nscopelist, - &scopelist_nullbits, &prefix, -- bits + 96, val)) -+ bits, val)) - { - free (line); - fclose (fp); -@@ -2069,173 +2049,191 @@ gaiconf_init (void) - } - } - } -- break; -- -- case 10: -- if (strcmp (cmd, "precedence") == 0) -+ else if (inet_pton (AF_INET, val1, &prefix.s6_addr32[3]) -+ && (cp == NULL -+ || (bits = strtoul (cp, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && bits <= 32 -+ && ((val = strtoul (val2, &endp, 10)) != ULONG_MAX -+ || errno != ERANGE) -+ && *endp == '\0' -+ && val <= INT_MAX) - { -- if (!add_prefixlist (&precedencelist, &nprecedencelist, -- &precedencelist_nullbits, val1, val2, -- &cp)) -+ if (!add_scopelist (&scopelist, &nscopelist, -+ &scopelist_nullbits, &prefix, -+ bits + 96, val)) - { - free (line); - fclose (fp); - goto no_file; - } - } -- break; -- } -- } -- -- free (line); -- -- fclose (fp); -- -- /* Create the array for the labels. */ -- struct prefixentry *new_labels; -- if (nlabellist > 0) -- { -- if (!labellist_nullbits) -- ++nlabellist; -- new_labels = malloc (nlabellist * sizeof (*new_labels)); -- if (new_labels == NULL) -- goto no_file; -- -- int i = nlabellist; -- if (!labellist_nullbits) -- { -- --i; -- memset (&new_labels[i].prefix, '\0', sizeof (struct in6_addr)); -- new_labels[i].bits = 0; -- new_labels[i].val = 1; - } -+ break; - -- struct prefixlist *l = labellist; -- while (i-- > 0) -+ case 10: -+ if (strcmp (cmd, "precedence") == 0) - { -- new_labels[i] = l->entry; -- l = l->next; -+ if (!add_prefixlist (&precedencelist, &nprecedencelist, -+ &precedencelist_nullbits, val1, val2, -+ &cp)) -+ { -+ free (line); -+ fclose (fp); -+ goto no_file; -+ } - } -- free_prefixlist (labellist); -- labellist = NULL; -- -- /* Sort the entries so that the most specific ones are at -- the beginning. */ -- qsort (new_labels, nlabellist, sizeof (*new_labels), prefixcmp); -+ break; - } -- else -- new_labels = (struct prefixentry *) default_labels; -- -- struct prefixentry *new_precedence; -- if (nprecedencelist > 0) -- { -- if (!precedencelist_nullbits) -- ++nprecedencelist; -- new_precedence = malloc (nprecedencelist * sizeof (*new_precedence)); -- if (new_precedence == NULL) -- { -- if (new_labels != default_labels) -- free (new_labels); -- goto no_file; -- } -+ } - -- int i = nprecedencelist; -- if (!precedencelist_nullbits) -- { -- --i; -- memset (&new_precedence[i].prefix, '\0', -- sizeof (struct in6_addr)); -- new_precedence[i].bits = 0; -- new_precedence[i].val = 40; -- } -+ free (line); - -- struct prefixlist *l = precedencelist; -- while (i-- > 0) -- { -- new_precedence[i] = l->entry; -- l = l->next; -- } -- free_prefixlist (precedencelist); -- precedencelist = NULL; -+ fclose (fp); - -- /* Sort the entries so that the most specific ones are at -- the beginning. */ -- qsort (new_precedence, nprecedencelist, sizeof (*new_precedence), -- prefixcmp); -+ /* Create the array for the labels. */ -+ struct prefixentry *new_labels; -+ if (nlabellist > 0) -+ { -+ if (!labellist_nullbits) -+ ++nlabellist; -+ new_labels = malloc (nlabellist * sizeof (*new_labels)); -+ if (new_labels == NULL) -+ goto no_file; -+ -+ int i = nlabellist; -+ if (!labellist_nullbits) -+ { -+ --i; -+ memset (&new_labels[i].prefix, '\0', sizeof (struct in6_addr)); -+ new_labels[i].bits = 0; -+ new_labels[i].val = 1; - } -- else -- new_precedence = (struct prefixentry *) default_precedence; - -- struct scopeentry *new_scopes; -- if (nscopelist > 0) -+ struct prefixlist *l = labellist; -+ while (i-- > 0) - { -- if (!scopelist_nullbits) -- ++nscopelist; -- new_scopes = malloc (nscopelist * sizeof (*new_scopes)); -- if (new_scopes == NULL) -- { -- if (new_labels != default_labels) -- free (new_labels); -- if (new_precedence != default_precedence) -- free (new_precedence); -- goto no_file; -- } -- -- int i = nscopelist; -- if (!scopelist_nullbits) -- { -- --i; -- new_scopes[i].addr32 = 0; -- new_scopes[i].netmask = 0; -- new_scopes[i].scope = 14; -- } -+ new_labels[i] = l->entry; -+ l = l->next; -+ } -+ free_prefixlist (labellist); -+ labellist = NULL; - -- struct scopelist *l = scopelist; -- while (i-- > 0) -- { -- new_scopes[i] = l->entry; -- l = l->next; -- } -- free_scopelist (scopelist); -+ /* Sort the entries so that the most specific ones are at -+ the beginning. */ -+ qsort (new_labels, nlabellist, sizeof (*new_labels), prefixcmp); -+ } -+ else -+ new_labels = (struct prefixentry *) default_labels; - -- /* Sort the entries so that the most specific ones are at -- the beginning. */ -- qsort (new_scopes, nscopelist, sizeof (*new_scopes), -- scopecmp); -+ struct prefixentry *new_precedence; -+ if (nprecedencelist > 0) -+ { -+ if (!precedencelist_nullbits) -+ ++nprecedencelist; -+ new_precedence = malloc (nprecedencelist * sizeof (*new_precedence)); -+ if (new_precedence == NULL) -+ { -+ if (new_labels != default_labels) -+ free (new_labels); -+ goto no_file; - } -- else -- new_scopes = (struct scopeentry *) default_scopes; -- -- /* Now we are ready to replace the values. */ -- const struct prefixentry *old = labels; -- labels = new_labels; -- if (old != default_labels) -- free ((void *) old); - -- old = precedence; -- precedence = new_precedence; -- if (old != default_precedence) -- free ((void *) old); -+ int i = nprecedencelist; -+ if (!precedencelist_nullbits) -+ { -+ --i; -+ memset (&new_precedence[i].prefix, '\0', -+ sizeof (struct in6_addr)); -+ new_precedence[i].bits = 0; -+ new_precedence[i].val = 40; -+ } - -- const struct scopeentry *oldscope = scopes; -- scopes = new_scopes; -- if (oldscope != default_scopes) -- free ((void *) oldscope); -+ struct prefixlist *l = precedencelist; -+ while (i-- > 0) -+ { -+ new_precedence[i] = l->entry; -+ l = l->next; -+ } -+ free_prefixlist (precedencelist); -+ precedencelist = NULL; - -- save_gaiconf_mtime (&st); -+ /* Sort the entries so that the most specific ones are at -+ the beginning. */ -+ qsort (new_precedence, nprecedencelist, sizeof (*new_precedence), -+ prefixcmp); - } - else -+ new_precedence = (struct prefixentry *) default_precedence; -+ -+ struct scopeentry *new_scopes; -+ if (nscopelist > 0) - { -- no_file: -- free_prefixlist (labellist); -- free_prefixlist (precedencelist); -+ if (!scopelist_nullbits) -+ ++nscopelist; -+ new_scopes = malloc (nscopelist * sizeof (*new_scopes)); -+ if (new_scopes == NULL) -+ { -+ if (new_labels != default_labels) -+ free (new_labels); -+ if (new_precedence != default_precedence) -+ free (new_precedence); -+ goto no_file; -+ } -+ -+ int i = nscopelist; -+ if (!scopelist_nullbits) -+ { -+ --i; -+ new_scopes[i].addr32 = 0; -+ new_scopes[i].netmask = 0; -+ new_scopes[i].scope = 14; -+ } -+ -+ struct scopelist *l = scopelist; -+ while (i-- > 0) -+ { -+ new_scopes[i] = l->entry; -+ l = l->next; -+ } - free_scopelist (scopelist); - -- /* If we previously read the file but it is gone now, free the -- old data and use the builtin one. Leave the reload flag -- alone. */ -- fini (); -+ /* Sort the entries so that the most specific ones are at -+ the beginning. */ -+ qsort (new_scopes, nscopelist, sizeof (*new_scopes), -+ scopecmp); - } -+ else -+ new_scopes = (struct scopeentry *) default_scopes; -+ -+ /* Now we are ready to replace the values. */ -+ const struct prefixentry *old = labels; -+ labels = new_labels; -+ if (old != default_labels) -+ free ((void *) old); -+ -+ old = precedence; -+ precedence = new_precedence; -+ if (old != default_precedence) -+ free ((void *) old); -+ -+ const struct scopeentry *oldscope = scopes; -+ scopes = new_scopes; -+ if (oldscope != default_scopes) -+ free ((void *) oldscope); -+ -+ save_gaiconf_mtime (&st); -+ return; -+ -+no_file: -+ free_prefixlist (labellist); -+ free_prefixlist (precedencelist); -+ free_scopelist (scopelist); -+ -+ /* If we previously read the file but it is gone now, free the old data and -+ use the builtin one. Leave the reload flag alone. */ -+ fini (); - } - - --- -2.39.3 diff -Nru glibc-2.35/debian/patches/lp2047155-extra3.patch glibc-2.35/debian/patches/lp2047155-extra3.patch --- glibc-2.35/debian/patches/lp2047155-extra3.patch 2024-01-02 13:22:42.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155-extra3.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,118 +0,0 @@ -From d3f2c2c8b57bdf9d963db8fa2372d6c1b86a337e Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar -Date: Tue, 22 Mar 2022 22:40:05 +0530 -Subject: [PATCH] getaddrinfo: Refactor code for readability - -The close_retry goto jump is confusing and clumsy to read, so refactor -the code a bit to make it easier to follow. - -Signed-off-by: Siddhesh Poyarekar -Reviewed-by: DJ Delorie ---- - sysdeps/posix/getaddrinfo.c | 45 +++++++++++++++++++++++++++---------- - 1 file changed, 33 insertions(+), 12 deletions(-) - -Index: glibc-2.35/sysdeps/posix/getaddrinfo.c -=================================================================== ---- glibc-2.35.orig/sysdeps/posix/getaddrinfo.c -+++ glibc-2.35/sysdeps/posix/getaddrinfo.c -@@ -2253,6 +2253,49 @@ gaiconf_reload (void) - gaiconf_init (); - } - -+static bool -+try_connect (int *fdp, int *afp, struct sockaddr_in6 *source_addrp, -+ const struct sockaddr *addr, socklen_t addrlen, int family) -+{ -+ int fd = *fdp; -+ int af = *afp; -+ socklen_t sl = sizeof (*source_addrp); -+ const struct sockaddr *sa = addr; -+#ifdef __FreeBSD_kernel__ -+ struct sockaddr_in6 sa_in6; -+ /* The FreeBSD kernel doesn't allow connections on port 0. Use -+ port 1 instead, as on the FreeBSD libc. */ -+ if (((struct sockaddr_in *)sa)->sin_port == htons(0)) -+ { -+ sa = (struct sockaddr *)&sa_in6; -+ memcpy(&sa_in6, addr, family == AF_INET6 ? -+ sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in)); -+ sa_in6.sin6_port = htons(1); -+ } -+#endif -+ -+ while (true) -+ { -+ if (fd != -1 && __connect (fd, sa, addrlen) == 0 -+ && __getsockname (fd, (struct sockaddr *) source_addrp, &sl) == 0) -+ return true; -+ -+ if (errno == EAFNOSUPPORT && af == AF_INET6 && family == AF_INET) -+ { -+ /* This could mean IPv6 sockets are IPv6-only. */ -+ if (fd != -1) -+ __close_nocancel_nostatus (fd); -+ *afp = af = AF_INET; -+ *fdp = fd = __socket (AF_INET, SOCK_DGRAM | SOCK_CLOEXEC, -+ IPPROTO_IP); -+ continue; -+ } -+ -+ return false; -+ } -+ -+ __builtin_unreachable (); -+} - - int - getaddrinfo (const char *name, const char *service, -@@ -2443,7 +2486,6 @@ getaddrinfo (const char *name, const cha - if (fd == -1 || (af == AF_INET && q->ai_family == AF_INET6)) - { - if (fd != -1) -- close_retry: - __close_nocancel_nostatus (fd); - af = q->ai_family; - fd = __socket (af, SOCK_DGRAM | SOCK_CLOEXEC, IPPROTO_IP); -@@ -2455,27 +2497,10 @@ getaddrinfo (const char *name, const cha - __connect (fd, &sa, sizeof (sa)); - } - -- socklen_t sl = sizeof (results[i].source_addr); -- const struct sockaddr *sa = q->ai_addr; --#ifdef __FreeBSD_kernel__ -- struct sockaddr_in6 sa_in6; -- /* The FreeBSD kernel doesn't allow connections on port 0. Use -- port 1 instead, as on the FreeBSD libc. */ -- if (((struct sockaddr_in *)sa)->sin_port == htons(0)) -- { -- sa = (struct sockaddr *)&sa_in6; -- memcpy(&sa_in6, q->ai_addr, q->ai_family == AF_INET6 ? -- sizeof(struct sockaddr_in6) : sizeof(struct sockaddr_in)); -- sa_in6.sin6_port = htons(1); -- } --#endif -- if (fd != -1 -- && __connect (fd, sa, q->ai_addrlen) == 0 -- && __getsockname (fd, -- (struct sockaddr *) &results[i].source_addr, -- &sl) == 0) -+ if (try_connect (&fd, &af, &results[i].source_addr, q->ai_addr, -+ q->ai_addrlen, q->ai_family)) - { -- results[i].source_addr_len = sl; -+ results[i].source_addr_len = sizeof (results[i].source_addr); - results[i].got_source_addr = true; - - if (in6ai != NULL) -@@ -2540,10 +2565,6 @@ getaddrinfo (const char *name, const cha - results[i].source_addr_len = sizeof (struct sockaddr_in); - } - } -- else if (errno == EAFNOSUPPORT && af == AF_INET6 -- && q->ai_family == AF_INET) -- /* This could mean IPv6 sockets are IPv6-only. */ -- goto close_retry; - else - /* Just make sure that if we have to process the same - address again we do not copy any memory. */ diff -Nru glibc-2.35/debian/patches/lp2047155-get-nscd-addresses-fix-subscript-typos.patch glibc-2.35/debian/patches/lp2047155-get-nscd-addresses-fix-subscript-typos.patch --- glibc-2.35/debian/patches/lp2047155-get-nscd-addresses-fix-subscript-typos.patch 2024-01-02 13:12:24.000000000 +0000 +++ glibc-2.35/debian/patches/lp2047155-get-nscd-addresses-fix-subscript-typos.patch 1970-01-01 00:00:00.000000000 +0000 @@ -1,34 +0,0 @@ -From c9226c03da0276593a0918eaa9a14835183343e8 Mon Sep 17 00:00:00 2001 -From: =?utf8?q?J=C3=B6rg=20Sonnenberger?= -Date: Mon, 26 Sep 2022 13:59:16 -0400 -Subject: [PATCH] get_nscd_addresses: Fix subscript typos [BZ #29605] - -Fix the subscript on air->family, which was accidentally set to COUNT -when it should have remained as I. - -Resolves: BZ #29605 - -Reviewed-by: Siddhesh Poyarekar ---- - sysdeps/posix/getaddrinfo.c | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -Index: glibc-2.35/sysdeps/posix/getaddrinfo.c -=================================================================== ---- glibc-2.35.orig/sysdeps/posix/getaddrinfo.c -+++ glibc-2.35/sysdeps/posix/getaddrinfo.c -@@ -549,11 +549,11 @@ get_nscd_addresses (const char *name, co - at[count].addr[2] = htonl (0xffff); - } - else if (req->ai_family == AF_UNSPEC -- || air->family[count] == req->ai_family) -+ || air->family[i] == req->ai_family) - { -- at[count].family = air->family[count]; -+ at[count].family = air->family[i]; - memcpy (at[count].addr, addrs, size); -- if (air->family[count] == AF_INET6) -+ if (air->family[i] == AF_INET6) - res->got_ipv6 = true; - } - at[count].next = at + count + 1; diff -Nru glibc-2.35/debian/patches/series glibc-2.35/debian/patches/series --- glibc-2.35/debian/patches/series 2024-01-02 13:22:42.000000000 +0000 +++ glibc-2.35/debian/patches/series 2024-04-16 13:40:36.000000000 +0000 @@ -207,7 +207,8 @@ any/CVE-2023-4806.patch any/CVE-2023-5156.patch -lp2047155-extra1.patch -lp2047155-extra2.patch -lp2047155-extra3.patch -lp2047155-get-nscd-addresses-fix-subscript-typos.patch +lp2047155/lp2047155-refactor-bits-for-readability.patch +lp2047155/lp2047155-avoid-if-to-else-jump.patch +lp2047155/lp2047155-refactor-code-for-readability.patch +lp2047155/lp2047155-get-nscd-addresses-fix-subscript-typos.patch +any/CVE-2024-2961.patch