1.58. gcc

A gcc update that resolves an option handling bug where only the last "-fno-builtin-*" option specified on the command line was honored is now available.

The gcc packages include C, C++, Java, Fortran, Objective C, and Ada 95 GNU compilers, along with related support libraries.

This update fixes the following bug:

* if multiple "-fno-builtin-*" options were specified on the command line (for example, "-fno-builtin-iswalpha -fno-builtin-iswalnum") only the last option was honored (in the example, -fno-builtin-iswalnum). With this update, joined switches are no longer pruned, ensuring all such options are honored, as expected. (BZ#526421)

Users are advised to install this gcc update, which applies this fix.

Updated gcc and gcc4 packages that fix one security issue are now available for Red Hat Enterprise Linux 3, 4, and 5.

This update has been rated as having moderate security impact by the Red Hat Security Response Team.

The gcc and gcc4 packages include, among others, C, C++, and Java GNU compilers and related support libraries. libgcj contains a copy of GNU Libtool's libltdl library.

A flaw was found in the way GNU Libtool's libltdl library looked for libraries to load. It was possible for libltdl to load a malicious library from the current working directory. In certain configurations, if a local attacker is able to trick a local user into running a Java application (which uses a function to load native libraries, such as System.loadLibrary) from within an attacker-controlled directory containing a malicious library or module, the attacker could possibly execute arbitrary code with the privileges of the user running the Java application. (CVE-2009-3736)

All gcc and gcc4 users should upgrade to these updated packages, which contain a backported patch to correct this issue. All running Java applications using libgcj must be restarted for this update to take effect.

A gcc update that resolves several compiler bugs is now available.

The gcc packages include C, C++, Java, Fortran, Objective C, and Ada 95 GNU compilers, along with related support libraries.

This update applies the following bug fixes:

* when compiling a debug version of a C++ program, it was possible for gcc to lose debug information for some local variables in C++ constructors or destructors. This was because gcc incorrectly released information on abstract functions (specifically, contents of the DECL_INITIAL() function), which are needed for creating debug information. With this release, nodes containing abstract functions are flagged accordingly to prevent gcc from prematurely discarding needed debug information. (BZ#513184)

* when issuing multiple -fno-builtin-* switches to gcc, gcc only registered the last switch. With this release, gcc can now register multiple -fno-builtin-* switches correctly. (BZ#515799)

* in some cases, aggregates returned by value could cause reload failures in the caller function, resulting in an internal compiler error. This was caused by a bug in the combining code that incorrectly lengthens the lifetime of a hard register. This update applies a patch to expand_call function in gcc/calls.c that resolves the issue. (BZ#516028)

* using g++ to compile code containing virtual inheritances could result in a segmentation fault. This was because the dynamic_cast code in gcc did not use src2dst hints as expected; as a result, g++ could search an unnecessarily large address list for possible bases. With this release, the dynamic_cast code now uses src2dst hints; this allows g++ to defer searching bases that don't overlap with a virtual inheritance's address. (BZ#519519)

* On PowerPC, it was possible for DWARF access to function parameters to fail. This was caused by a bug in the GCC instruction set for PowerPC, where compiling with -mno-sched-prolog could discard debug location lists. This update fixes the bug, ensuring consistent DWARF access to function parameters on PowerPC. (BZ#528792)

* The libgcc undwinder now supports DW_OP_swap handling. This update also fixes bugs in the way unwinding code handled unwind information from DW_OP_{gt,ge,lt,le} and DW_CFA_{remember,restore}_state. (BZ#555731)

All GCC users are advised to install this update.