This is the mail archive of the glibc-cvs@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

GNU C Library master sources branch master updated. glibc-2.24-121-g6d53362

From: aurel32 at sourceware dot org
To: glibc-cvs at sourceware dot org
Date: 5 Sep 2016 20:53:44 -0000
Subject: GNU C Library master sources branch master updated. glibc-2.24-121-g6d53362

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU C Library master sources".

The branch, master has been updated
       via  6d5336211d2e823d4d431a01e62a80d9be4cbc9d (commit)
      from  ead3cea7d8948113fe205243acbddbda609de5c9 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
http://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commitdiff;h=6d5336211d2e823d4d431a01e62a80d9be4cbc9d

commit 6d5336211d2e823d4d431a01e62a80d9be4cbc9d
Author: Aurelien Jarno <aurelien@aurel32.net>
Date:   Mon Sep 5 22:53:22 2016 +0200

    conform tests: call perl with '-I.'
    
    Historically perl includes the current directory in the module search
    path. Over the time this has been considered as a security issue and
    the recent vulnerabilities [1] made people to reconsider this behaviour.
    It is almost sure that this will be removed in the future [2], possibly
    for the 5.26 release, although this is not yet firmly decided.
    
    Debian has decided to backport the patches [3], so the perl binary in
    unstable do not have '.' in @INC anymore.
    
    This behaviour is used in the conform perl scripts to include the
    GlibcConform module. This patch fixes that by calling perl with '-I.'.
    This is not a security issue in this case as make ensures that the
    current directory is $(srcdir)/conform/ when the scripts are called.
    Passing the full path would do exactly the same.
    
    [1] CVE-2016-1238 CVE-2016-6185
    [2] https://rt.perl.org/Public/Bug/Display.html?id=127810
    [3] https://lists.debian.org/debian-devel-announce/2016/08/msg00013.html
    
    Changelog:
    	* conform/Makefile (conformtest-header-tests): Pass -I. to $(PERL).
    	(linknamespace-symlists-tests): Likewise.
    	(linknamespace-header-tests): Likewise.

diff --git a/ChangeLog b/ChangeLog
index 78bb16b..5d9091c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2016-09-05  Aurelien Jarno  <aurelien@aurel32.net>
+
+	* conform/Makefile (conformtest-header-tests): Pass -I. to $(PERL).
+	(linknamespace-symlists-tests): Likewise.
+	(linknamespace-header-tests): Likewise.
+
 2016-09-03  Aurelien Jarno  <aurelien@aurel32.net>
 
 	[BZ #19810]
diff --git a/conform/Makefile b/conform/Makefile
index 32a0937..b92a7d4 100644
--- a/conform/Makefile
+++ b/conform/Makefile
@@ -196,13 +196,13 @@ $(conformtest-header-tests): $(objpfx)%/conform.out: \
 			     conformtest.pl $(conformtest-headers-data)
 	(set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \
 	 mkdir -p $(@D)/scratch; \
-	 $(PERL) conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \
+	 $(PERL) -I. conformtest.pl --tmpdir=$(@D)/scratch --cc='$(CC)' \
 		 --flags='$(conformtest-cc-flags)' --standard=$$std \
 		 --headers=$$hdr > $@); \
 	$(evaluate-test)
 
 $(linknamespace-symlists-tests): $(objpfx)symlist-%: list-header-symbols.pl
-	$(PERL) -w $< --tmpdir=$(objpfx) --cc='$(CC)' \
+	$(PERL) -I. -w $< --tmpdir=$(objpfx) --cc='$(CC)' \
 		--flags='$(conformtest-cc-flags)' --standard=$* \
 		--headers="$(strip $(conformtest-headers-$*))" \
 		> $@ 2> $@.err; \
@@ -232,7 +232,7 @@ $(linknamespace-header-tests): $(objpfx)%/linknamespace.out: \
 			       $(linknamespace-symlist-stdlibs-tests)
 	(set -e; std_hdr=$*; std=$${std_hdr%%/*}; hdr=$${std_hdr#*/}; \
 	 mkdir -p $(@D)/scratch; \
-	 $(PERL) -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \
+	 $(PERL) -I. -w $< --tmpdir=$(@D)/scratch --cc='$(CC)' \
 		 --flags='$(conformtest-cc-flags)' --standard=$$std \
 		 --stdsyms=$(objpfx)symlist-$$std --header=$$hdr \
 		 --libsyms=$(objpfx)symlist-stdlibs-$$std \

-----------------------------------------------------------------------

Summary of changes:
 ChangeLog        |    6 ++++++
 conform/Makefile |    6 +++---
 2 files changed, 9 insertions(+), 3 deletions(-)


hooks/post-receive
-- 
GNU C Library master sources

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]