7.67. glibc
Updated glibc packages that fix multiple bugs are now available for Red Hat Enterprise Linux 6.
The glibc packages provide the standard C and standard math libraries, which are used by multiple programs on the system. These libraries are required for the Linux system to function correctly.
Bug Fixes
- BZ#804686
- Prior to this update, a logic error caused the DNS code of glibc to incorrectly handle rejected responses from DNS servers. As a consequence, additional servers in the
/etc/resolv.conf
file could not be searched after one server responded with a REJECT. This update modifies the logic in the DNS. Now, glibc cycles through the servers listed in/etc/resolv.conf
even if one returns a REJECT response. - BZ#806404
- Prior to this update, the
nss/getnssent.c
file contained an unchecked malloc call and an incorrect loop test. As a consequence, glibc could abort unexpectedly. This update modifies the malloc call and the loop test. - BZ#809726
- Prior to this update, locale data for the characters in the range a-z were incorrect in the Finnish locale. As a consequence, some characters in the range a-z failed to print correctly in the Finnish locale. This update modifies the underlying code to provide the correct output for these characters. Now, characters in the Finnish locale print as expected.
- BZ#823909
- If a file or a string was in the IBM-930 encoding, and contained the invalid multibyte character "0xffff", attempting to use
iconv()
(or theiconv
command) to convert that file or string to another encoding, such as UTF-8, resulted in a segmentation fault. Now, the conversion code for the IBM-930 encoding recognizes this invalid character and calls an error handler, rather than causing a segmentation fault. - BZ#826149
- Prior to this update, the
fnmatch()
function failed with the return value -1 when the wildcard character "*" was part of the pattern argument and thefile name argument
contained an invalid multibyte encoding. This update modifies thefnmatch()
code to recognize this case. Now, the invalid characters are treated as not matching and then the process proceeds. - BZ#827362
- Prior to this update, the internal
FILE
offset was set incorrectly in wide character streams. As a consequence, the offset returned byftell
was incorrect. In some cases, this could result in over-writing data. This update modifies theftell
code to correctly set the internalFILE
offset field for wide characters. Now,ftell
andfseek
handle the offset as expected. - BZ#829222
- Prior to this update, the
/etc/rpc
file was not set as a configuration file in the glibc build. As a consequence, updating glibc caused the/etc/rpc
file to be replaced without warning or creating a backup copy. This update correctly marks/etc/rpc
as a configuration file. Now, the existing/etc/rpc
file is left in place, and the bundled version can be installed in/etc/rpc.rpmnew
. - BZ#830127
- Prior to this update, the
vfprintf
command returned the wrong error codes when encountering an overflow. As a consequence, applications which checked return codes fromvfprintf
could get unexpected values. This update modifies the error codes for overflow situations. - BZ#832516
- Prior to this update, the
newlocale
flag relied entirely on failure of an underlying open() call to set the errno variable for an incorrect locale name. As a consequence, thenewlocale()
function did not set theerrno
variable to an appropriate value when failing, if it has already been asked about the same incorrect locale name. This update modifies the logic in theloadlocale
call so that subsequent attempts to load a non-existent locale more than once always set theerrno
variable appropriately. - BZ#832694
- Prior to this update, the ESTALE error message referred only to
NFS
file systems. As a consequence, users were confused when non-NFS
file systems triggered this error. This update modifies the error message to apply the error message to all file systems that can trigger this error. - BZ#835090
- Prior to this update, an internal array of name servers was only partially initialized when the
/etc/resolv.conf
file contained IPV6 name servers. As a consequence, applications could, depending on the exact contents of a nearby structure, abort. This update modifies the underlying code to handle IPV6 name servers listed in/etc/resolv.conf
. - BZ#837695
- Prior to this update, a buffer in the resolver code for glibc was too small to handle results for certain DNS queries. As a consequence, the query had to be repeated after a larger buffer was allocated and wasted time and network bandwidth. This update enlarges the buffer to handle the larger DNS results.
- BZ#837918
- Prior to this update, the logic for the functions
exp
,exp2
,pow
,sin
,tan
, andrint
was erroneous. As a consequence, these functions could fail when running them in the non-default rounding mode. With this update, the functions return correct results across all 4 different rounding modes. - BZ#841787
- Prior to this update, glibc incorrectly handled the
options rotate
option in the/etc/resolv.conf
file if this file also contained one or more IPv6 name servers. As a consequence, DNS queries could unexpectedly fail, particularly when multiple queries were issued by a single process. This update modifies the internalization of the listed servers from/etc/resolv.conf
into internal structures of glibc, as well as the sorting and rotation of those structures to implement theoptions rotate
capability. Now, DNS names are resolved correctly in glibc. - BZ#846342
- Prior to this update, certain user-defined 32 bit executables could issue calls to the
memcpy()
function with overlapping arguments. As a consequence, the applications invoked undefined behavior and could fail. With this update, users with 32 bit applications which issue thememcpy
function with overlapping arguments can create the/etc/sysconfig/32bit_ssse3_memcpy_via_32bit_ssse3_memmove
. If this file exists, glibc redirects all calls to the SSSE3 memcpy copiers to the SSSE3 memmove copier, which is tolerant of overlapping arguments.Important
We strongly encourage customers to identify and fix these problems in their source code. Overlapping arguments tomemcpy()
is a clear violation of the ANSI/ISO standards and Red Hat does not provide binary compatibility for applications which violate these standards. - BZ#847932
- Prior to this update, the
strtod()
,strtof()
, andstrtold()
functions to convert a string to a numeric representation in glibc contained multiple integer overflow flaws. This caused stack-based buffer overflows. As a consequence, these functions could cause an application to abort or, under certain circumstances, execute arbitrary code. This update modifies the underlying code to avoid these faults. - BZ#848082
- Prior to this update, the
setlocale()
function failed to detect memory allocation problems. As a consequence, thesetlocale()
function eventually core dumped, due to NULL pointers or uninitialized strings. This update modifies thesetlocale
code to insure that memory allocation succeeded. Now, thesetlocale()
function no longer core dumps. - BZ#849651
- Prior to this update, the
expf()
function was considerably slowed down when saving and restoring the FPU state. This update adds a hand optimized assembler implementation of theexpf()
function for Intel 64 and AMD64 platforms. Now, theexpf()
function is considerably faster. - BZ#852445
- Prior to this update, the PowerPC specific
pthread_once
code did not correctly publish changes it made. As a consequence, the changes were not visible to other threads at the right time. This update adds release barriers to the appropriate thread code to ensure correct synchronization of data between multiple threads. - BZ#861167
- This update adds the
MADV_DONTDUMP
andMADV_DODUMP
macros to themman.h
file to compile code that uses these macros. - BZ#863453
- Prior to this update, the nscd daemon attempted to free a pointer that was not provided by the
malloc()
function, due to an error in the memory management in glibc. As a consequence, nscd could terminate unexpectedly, when handling groups with a large number of members. This update ensures that memory allocated by the pool allocator is no longer passed tofree
. Now, the pool allocator's garbage collector reclaims the memory. As a result, nscd no longer crashes on groups with a large number of members. - BZ#864322
- Prior to this update, the
IPTOS_CLASS
definition referenced the wrong object. As a consequence, applications that referenced theIPTOS_CLASS
definition from theip.h
file did not build or failed to operate as expected. This update modifies the definition to reference the right object and applications that reference to theIPTOS_CLASS
definition.
Users of glibc are advised to upgrade to these updated packages, which fix these bugs ...
Updated glibc packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the Name Server Caching Daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
Bug Fix
- BZ#989558
- The C library security framework was unable to handle dynamically loaded character conversion routines when loaded at specific virtual addresses. This resulted in an unexpected termination with a segmentation fault when trying to use the dynamically loaded character conversion routine. This update enhances the C library security framework to handle dynamically loaded character conversion routines at any virtual memory address, and crashes no longer occur in the described scenario.
Users of glibc are advised to upgrade to these updated packages, which fix this bug.
Updated glibc packages that fix two bugs are now available for Red Hat Enterprise Linux 6.
The glibc packages provide the standard C and standard math libraries used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
Bug Fixes
- BZ#964044
- A fix to prevent logic errors in various mathematical functions, including exp, exp2, expf, exp2f, pow, sin, tan, and rint, caused by inconsistent results when the functions were used with the non-default rounding mode, creates performance regressions for certain inputs. The performance regressions have been analyzed and the core routines have been optimized to bring performance back to reasonable levels.
- BZ#970992
- A program that opens and uses dynamic libraries which use thread-local storage variables may terminate unexpectedly with a segmentation fault when it is being audited by a module that also uses thread-local storage. This update modifies the dynamic linker to detect such a condition, and crashes no longer occur in the described scenario.
Users of glibc are advised to upgrade to these updated packages, which fix these bugs.
Updated glibc packages that fix one bug are now available for Red Hat Enterprise Linux 6.
The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly.
Bug Fix
- BZ#1001050
- A defect in the name service cache daemon (nscd) caused cached DNS queries, under certain conditions, to return only IPv4 addresses when querying for an address using the AF_UNSPEC address family, even though IPv4 and IPv6 results existed. The defect has been corrected and nscd correctly returns both IPv4 and IPv6 results if they both exist.
Users of glibc are advised to upgrade to these updated packages, which fix this bug.