4 files changed, 3 insertions, 232 deletions
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index 1566056297..586b2e207e 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.32/master"
 PV = "2.32"
-SRCREV_glibc ?= "3de512be7ea6053255afed6154db9ee31d4e557a"
+SRCREV_glibc ?= "760e1d287825fa91d4d5a0cc921340c740d803e2"
 SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"
diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch b/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
deleted file mode 100644
index 987e959db2..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch
+++ /dev/null
@@ -1,137 +0,0 @@
-From ee7a3144c9922808181009b7b3e50e852fb4999b Mon Sep 17 00:00:00 2001
-From: Andreas Schwab <schwab@suse.de>
-Date: Mon, 21 Dec 2020 08:56:43 +0530
-Subject: [PATCH] Fix buffer overrun in EUC-KR conversion module (bz #24973)
-The byte 0xfe as input to the EUC-KR conversion denotes a user-defined
-area and is not allowed.  The from_euc_kr function used to skip two bytes
-when told to skip over the unknown designation, potentially running over
-the buffer end.
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=ee7a3144c9922808181009b7b3e50e852fb4999b]
-CVE: CVE-2019-25013
-Signed-off-by: Scott Murray <scott.murray@konsulko.com>
---
- iconvdata/Makefile      |  3 ++-
- iconvdata/bug-iconv13.c | 53 +++++++++++++++++++++++++++++++++++++++++
- iconvdata/euc-kr.c      |  6 +----
- iconvdata/ksc5601.h     |  6 ++---
- 4 files changed, 59 insertions(+), 9 deletions(-)
- create mode 100644 iconvdata/bug-iconv13.c
-diff --git a/iconvdata/Makefile b/iconvdata/Makefile
-index 4ec2741cdc..85009f3390 100644
--- a/iconvdata/Makefile
-+++ b/iconvdata/Makefile
-@@ -73,7 +73,8 @@ modules.so := $(addsuffix .so, $(modules))
- ifeq (yes,$(build-shared))
- tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
-        tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
-       bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4
-+       bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \
-+       bug-iconv13
- ifeq ($(have-thread-library),yes)
- tests += bug-iconv3
- endif
-diff --git a/iconvdata/bug-iconv13.c b/iconvdata/bug-iconv13.c
-new file mode 100644
-index 0000000000..87aaff398e
--- /dev/null
-+++ b/iconvdata/bug-iconv13.c
-@@ -0,0 +1,53 @@
-+/* bug 24973: Test EUC-KR module
-+   Copyright (C) 2020 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   <https://www.gnu.org/licenses/>.  */
-+
-+#include <errno.h>
-+#include <iconv.h>
-+#include <stdio.h>
-+#include <support/check.h>
-+
-+static int
-+do_test (void)
-+{
-+  iconv_t cd = iconv_open ("UTF-8//IGNORE", "EUC-KR");
-+  TEST_VERIFY_EXIT (cd != (iconv_t) -1);
-+
-+  /* 0xfe (->0x7e : row 94) and 0xc9 (->0x49 : row 41) are user-defined
-+     areas, which are not allowed and should be skipped over due to
-+     //IGNORE.  The trailing 0xfe also is an incomplete sequence, which
-+     should be checked first.  */
-+  char input[4] = { '\xc9', '\xa1', '\0', '\xfe' };
-+  char *inptr = input;
-+  size_t insize = sizeof (input);
-+  char output[4];
-+  char *outptr = output;
-+  size_t outsize = sizeof (output);
-+
-+  /* This used to crash due to buffer overrun.  */
-+  TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == (size_t) -1);
-+  TEST_VERIFY (errno == EINVAL);
-+  /* The conversion should produce one character, the converted null
-+     character.  */
-+  TEST_VERIFY (sizeof (output) - outsize == 1);
-+
-+  TEST_VERIFY_EXIT (iconv_close (cd) != -1);
-+
-+  return 0;
-+}
-+
-+#include <support/test-driver.c>
-diff --git a/iconvdata/euc-kr.c b/iconvdata/euc-kr.c
-index b0d56cf3ee..1045bae926 100644
--- a/iconvdata/euc-kr.c
-+++ b/iconvdata/euc-kr.c
-@@ -80,11 +80,7 @@ euckr_from_ucs4 (uint32_t ch, unsigned char *cp)
-                                                                              \
-     if (ch <= 0x9f)                                                          \
-       ++inptr;                                                               \
-    /* 0xfe(->0x7e : row 94) and 0xc9(->0x59 : row 41) are                   \
-       user-defined areas.  */                                               \
-    else if (__builtin_expect (ch == 0xa0, 0)                                \
-            || __builtin_expect (ch > 0xfe, 0)                               \
-            || __builtin_expect (ch == 0xc9, 0))                             \
-+    else if (__glibc_unlikely (ch == 0xa0))                                  \
-       {                                                                              \
-        /* This is illegal.  */                                               \
-        STANDARD_FROM_LOOP_ERR_HANDLER (1);                                   \
-diff --git a/iconvdata/ksc5601.h b/iconvdata/ksc5601.h
-index d3eb3a4ff8..f5cdc72797 100644
--- a/iconvdata/ksc5601.h
-+++ b/iconvdata/ksc5601.h
-@@ -50,15 +50,15 @@ ksc5601_to_ucs4 (const unsigned char **s, size_t avail, unsigned char offset)
-   unsigned char ch2;
-   int idx;
- 
-+  if (avail < 2)
-+    return 0;
-+
-   /* row 94(0x7e) and row 41(0x49) are user-defined area in KS C 5601 */
- 
-   if (ch < offset || (ch - offset) <= 0x20 || (ch - offset) >= 0x7e
-       || (ch - offset) == 0x49)
-     return __UNKNOWN_10646_CHAR;
- 
-  if (avail < 2)
-    return 0;
-
-   ch2 = (*s)[1];
-   if (ch2 < offset || (ch2 - offset) <= 0x20 || (ch2 - offset) >= 0x7f)
-     return __UNKNOWN_10646_CHAR;
-- 
-2.27.0
diff --git a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch b/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch
deleted file mode 100644
index bf32238357..0000000000
--- a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-From 20e6c868c29f5a6121cbb88f3387bb9b884a4206 Mon Sep 17 00:00:00 2001
-From: Arjun Shankar <arjun@redhat.com>
-Date: Wed, 4 Nov 2020 12:19:38 +0100
-Subject: [PATCH] iconv: Accept redundant shift sequences in IBM1364 [BZ
- #26224]
-The IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets
-share converter logic (iconvdata/ibm1364.c) which would reject
-redundant shift sequences when processing input in these character
-sets.  This led to a hang in the iconv program (CVE-2020-27618).
-This commit adjusts the converter to ignore redundant shift sequences
-and adds test cases for iconv_prog hangs that would be triggered upon
-their rejection.  This brings the implementation in line with other
-converters that also ignore redundant shift sequences (e.g. IBM930
-etc., fixed in commit 692de4b3960d).
-Reviewed-by: Carlos O'Donell <carlos@redhat.com>
-Upstream-Status: Backport
-[https://sourceware.org/git/?p=glibc.git;a=commit;
-h=9a99c682144bdbd40792ebf822fe9264e0376fb5]
-CVE: CVE-2020-27618
-Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
---
- iconv/tst-iconv_prog.sh | 16 ++++++++++------
- iconvdata/ibm1364.c     | 14 ++------------
- 2 files changed, 12 insertions(+), 18 deletions(-)
-diff --git a/iconv/tst-iconv_prog.sh b/iconv/tst-iconv_prog.sh
-index 8298136b7f..d8db7b335c 100644
--- a/iconv/tst-iconv_prog.sh
-+++ b/iconv/tst-iconv_prog.sh
-@@ -102,12 +102,16 @@ hangarray=(
- "\x00\x80;-c;IBM1161;UTF-8//TRANSLIT//IGNORE"
- "\x00\xdb;-c;IBM1162;UTF-8//TRANSLIT//IGNORE"
- "\x00\x70;-c;IBM12712;UTF-8//TRANSLIT//IGNORE"
-# These are known hangs that are yet to be fixed:
-# "\x00\x0f;-c;IBM1364;UTF-8"
-# "\x00\x0f;-c;IBM1371;UTF-8"
-# "\x00\x0f;-c;IBM1388;UTF-8"
-# "\x00\x0f;-c;IBM1390;UTF-8"
-# "\x00\x0f;-c;IBM1399;UTF-8"
-+"\x00\x0f;-c;IBM1364;UTF-8"
-+"\x0e\x0e;-c;IBM1364;UTF-8"
-+"\x00\x0f;-c;IBM1371;UTF-8"
-+"\x0e\x0e;-c;IBM1371;UTF-8"
-+"\x00\x0f;-c;IBM1388;UTF-8"
-+"\x0e\x0e;-c;IBM1388;UTF-8"
-+"\x00\x0f;-c;IBM1390;UTF-8"
-+"\x0e\x0e;-c;IBM1390;UTF-8"
-+"\x00\x0f;-c;IBM1399;UTF-8"
-+"\x0e\x0e;-c;IBM1399;UTF-8"
- "\x00\x53;-c;IBM16804;UTF-8//TRANSLIT//IGNORE"
- "\x00\x41;-c;IBM274;UTF-8//TRANSLIT//IGNORE"
- "\x00\x41;-c;IBM275;UTF-8//TRANSLIT//IGNORE"
-diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
-index 49e7267ab4..521f0825b7 100644
--- a/iconvdata/ibm1364.c
-+++ b/iconvdata/ibm1364.c
-@@ -158,24 +158,14 @@ enum
-                                                                              \
-     if (__builtin_expect (ch, 0) == SO)                                              \
-       {                                                                              \
-       /* Shift OUT, change to DBCS converter.  */                           \
-       if (curcs == db)                                                      \
-         {                                                                   \
-           result = __GCONV_ILLEGAL_INPUT;                                   \
-           break;                                                            \
-         }                                                                   \
-+       /* Shift OUT, change to DBCS converter (redundant escape okay).  */   \
-        curcs = db;                                                           \
-        ++inptr;                                                              \
-        continue;                                                             \
-       }                                                                              \
-     if (__builtin_expect (ch, 0) == SI)                                              \
-       {                                                                              \
-       /* Shift IN, change to SBCS converter.  */                            \
-       if (curcs == sb)                                                      \
-         {                                                                   \
-           result = __GCONV_ILLEGAL_INPUT;                                   \
-           break;                                                            \
-         }                                                                   \
-+       /* Shift IN, change to SBCS converter (redundant escape okay).  */    \
-        curcs = sb;                                                           \
-        ++inptr;                                                              \
-        continue;                                                             \
-- 
-2.29.2
diff --git a/meta/recipes-core/glibc/glibc_2.32.bb b/meta/recipes-core/glibc/glibc_2.32.bb
index 2d9c707a0b..249f59176e 100644
--- a/meta/recipes-core/glibc/glibc_2.32.bb
+++ b/meta/recipes-core/glibc/glibc_2.32.bb
@@ -1,7 +1,8 @@
 require glibc.inc
 require glibc-version.inc
-CVE_CHECK_WHITELIST += "CVE-2020-10029"
+# whitelist CVE's with fixes in latest release/2.32/master branch
+CVE_CHECK_WHITELIST += "CVE-2019-25013 CVE-2020-10029 CVE-2020-27618"
 DEPENDS += "gperf-native bison-native make-native"
@@ -45,8 +46,6 @@ SRC_URI =  "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
           file://0031-linux-Allow-adjtime-with-NULL-argument-BZ-26833.patch \
           file://CVE-2020-29562.patch \
           file://CVE-2020-29573.patch \
-           file://CVE-2019-25013.patch \
-           file://CVE-2020-27618.patch \
           "
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build-${TARGET_SYS}"

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 1566056297..586b2e207e 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
1	SRCBRANCH ?= "release/2.32/master"	1	SRCBRANCH ?= "release/2.32/master"
2	PV = "2.32"	2	PV = "2.32"
3	SRCREV_glibc ?= "3de512be7ea6053255afed6154db9ee31d4e557a"	3	SRCREV_glibc ?= "760e1d287825fa91d4d5a0cc921340c740d803e2"
4	SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"	4	SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28"
5		5
6	GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"	6	GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git"


diff --git a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch b/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch deleted file mode 100644 index 987e959db2..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2019-25013.patch +++ /dev/null
@@ -1,137 +0,0 @@
1	From ee7a3144c9922808181009b7b3e50e852fb4999b Mon Sep 17 00:00:00 2001
2	From: Andreas Schwab <schwab@suse.de>
3	Date: Mon, 21 Dec 2020 08:56:43 +0530
4	Subject: [PATCH] Fix buffer overrun in EUC-KR conversion module (bz #24973)
5
6	The byte 0xfe as input to the EUC-KR conversion denotes a user-defined
7	area and is not allowed. The from_euc_kr function used to skip two bytes
8	when told to skip over the unknown designation, potentially running over
9	the buffer end.
10
11	Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=patch;h=ee7a3144c9922808181009b7b3e50e852fb4999b]
12	CVE: CVE-2019-25013
13	Signed-off-by: Scott Murray <scott.murray@konsulko.com>
14	---
15	iconvdata/Makefile \| 3 ++-
16	iconvdata/bug-iconv13.c \| 53 +++++++++++++++++++++++++++++++++++++++++
17	iconvdata/euc-kr.c \| 6 +----
18	iconvdata/ksc5601.h \| 6 ++---
19	4 files changed, 59 insertions(+), 9 deletions(-)
20	create mode 100644 iconvdata/bug-iconv13.c
21
22	diff --git a/iconvdata/Makefile b/iconvdata/Makefile
23	index 4ec2741cdc..85009f3390 100644
24	--- a/iconvdata/Makefile
25	+++ b/iconvdata/Makefile
26	@@ -73,7 +73,8 @@ modules.so := $(addsuffix .so, $(modules))
27	ifeq (yes,$(build-shared))
28	tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
29	tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
30	- bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4
31	+ bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \
32	+ bug-iconv13
33	ifeq ($(have-thread-library),yes)
34	tests += bug-iconv3
35	endif
36	diff --git a/iconvdata/bug-iconv13.c b/iconvdata/bug-iconv13.c
37	new file mode 100644
38	index 0000000000..87aaff398e
39	--- /dev/null
40	+++ b/iconvdata/bug-iconv13.c
41	@@ -0,0 +1,53 @@
42	+/* bug 24973: Test EUC-KR module
43	+ Copyright (C) 2020 Free Software Foundation, Inc.
44	+ This file is part of the GNU C Library.
45	+
46	+ The GNU C Library is free software; you can redistribute it and/or
47	+ modify it under the terms of the GNU Lesser General Public
48	+ License as published by the Free Software Foundation; either
49	+ version 2.1 of the License, or (at your option) any later version.
50	+
51	+ The GNU C Library is distributed in the hope that it will be useful,
52	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
53	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
54	+ Lesser General Public License for more details.
55	+
56	+ You should have received a copy of the GNU Lesser General Public
57	+ License along with the GNU C Library; if not, see
58	+ <https://www.gnu.org/licenses/>. */
59	+
60	+#include <errno.h>
61	+#include <iconv.h>
62	+#include <stdio.h>
63	+#include <support/check.h>
64	+
65	+static int
66	+do_test (void)
67	+{
68	+ iconv_t cd = iconv_open ("UTF-8//IGNORE", "EUC-KR");
69	+ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
70	+
71	+ /* 0xfe (->0x7e : row 94) and 0xc9 (->0x49 : row 41) are user-defined
72	+ areas, which are not allowed and should be skipped over due to
73	+ //IGNORE. The trailing 0xfe also is an incomplete sequence, which
74	+ should be checked first. */
75	+ char input[4] = { '\xc9', '\xa1', '\0', '\xfe' };
76	+ char *inptr = input;
77	+ size_t insize = sizeof (input);
78	+ char output[4];
79	+ char *outptr = output;
80	+ size_t outsize = sizeof (output);
81	+
82	+ /* This used to crash due to buffer overrun. */
83	+ TEST_VERIFY (iconv (cd, &inptr, &insize, &outptr, &outsize) == (size_t) -1);
84	+ TEST_VERIFY (errno == EINVAL);
85	+ /* The conversion should produce one character, the converted null
86	+ character. */
87	+ TEST_VERIFY (sizeof (output) - outsize == 1);
88	+
89	+ TEST_VERIFY_EXIT (iconv_close (cd) != -1);
90	+
91	+ return 0;
92	+}
93	+
94	+#include <support/test-driver.c>
95	diff --git a/iconvdata/euc-kr.c b/iconvdata/euc-kr.c
96	index b0d56cf3ee..1045bae926 100644
97	--- a/iconvdata/euc-kr.c
98	+++ b/iconvdata/euc-kr.c
99	@@ -80,11 +80,7 @@ euckr_from_ucs4 (uint32_t ch, unsigned char *cp)
100	\
101	if (ch <= 0x9f) \
102	++inptr; \
103	- /* 0xfe(->0x7e : row 94) and 0xc9(->0x59 : row 41) are \
104	- user-defined areas. */ \
105	- else if (__builtin_expect (ch == 0xa0, 0) \
106	- \|\| __builtin_expect (ch > 0xfe, 0) \
107	- \|\| __builtin_expect (ch == 0xc9, 0)) \
108	+ else if (__glibc_unlikely (ch == 0xa0)) \
109	{ \
110	/* This is illegal. */ \
111	STANDARD_FROM_LOOP_ERR_HANDLER (1); \
112	diff --git a/iconvdata/ksc5601.h b/iconvdata/ksc5601.h
113	index d3eb3a4ff8..f5cdc72797 100644
114	--- a/iconvdata/ksc5601.h
115	+++ b/iconvdata/ksc5601.h
116	@@ -50,15 +50,15 @@ ksc5601_to_ucs4 (const unsigned char **s, size_t avail, unsigned char offset)
117	unsigned char ch2;
118	int idx;
119
120	+ if (avail < 2)
121	+ return 0;
122	+
123	/* row 94(0x7e) and row 41(0x49) are user-defined area in KS C 5601 */
124
125	if (ch < offset \|\| (ch - offset) <= 0x20 \|\| (ch - offset) >= 0x7e
126	\|\| (ch - offset) == 0x49)
127	return __UNKNOWN_10646_CHAR;
128
129	- if (avail < 2)
130	- return 0;
131	-
132	ch2 = (*s)[1];
133	if (ch2 < offset \|\| (ch2 - offset) <= 0x20 \|\| (ch2 - offset) >= 0x7f)
134	return __UNKNOWN_10646_CHAR;
135	--
136	2.27.0
137


diff --git a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch b/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch deleted file mode 100644 index bf32238357..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2020-27618.patch +++ /dev/null
@@ -1,91 +0,0 @@
1	From 20e6c868c29f5a6121cbb88f3387bb9b884a4206 Mon Sep 17 00:00:00 2001
2	From: Arjun Shankar <arjun@redhat.com>
3	Date: Wed, 4 Nov 2020 12:19:38 +0100
4	Subject: [PATCH] iconv: Accept redundant shift sequences in IBM1364 [BZ
5	#26224]
6
7	The IBM1364, IBM1371, IBM1388, IBM1390 and IBM1399 character sets
8	share converter logic (iconvdata/ibm1364.c) which would reject
9	redundant shift sequences when processing input in these character
10	sets. This led to a hang in the iconv program (CVE-2020-27618).
11
12	This commit adjusts the converter to ignore redundant shift sequences
13	and adds test cases for iconv_prog hangs that would be triggered upon
14	their rejection. This brings the implementation in line with other
15	converters that also ignore redundant shift sequences (e.g. IBM930
16	etc., fixed in commit 692de4b3960d).
17
18	Reviewed-by: Carlos O'Donell <carlos@redhat.com>
19
20	Upstream-Status: Backport
21	[https://sourceware.org/git/?p=glibc.git;a=commit;
22	h=9a99c682144bdbd40792ebf822fe9264e0376fb5]
23
24	CVE: CVE-2020-27618
25	Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
26	---
27	iconv/tst-iconv_prog.sh \| 16 ++++++++++------
28	iconvdata/ibm1364.c \| 14 ++------------
29	2 files changed, 12 insertions(+), 18 deletions(-)
30
31	diff --git a/iconv/tst-iconv_prog.sh b/iconv/tst-iconv_prog.sh
32	index 8298136b7f..d8db7b335c 100644
33	--- a/iconv/tst-iconv_prog.sh
34	+++ b/iconv/tst-iconv_prog.sh
35	@@ -102,12 +102,16 @@ hangarray=(
36	"\x00\x80;-c;IBM1161;UTF-8//TRANSLIT//IGNORE"
37	"\x00\xdb;-c;IBM1162;UTF-8//TRANSLIT//IGNORE"
38	"\x00\x70;-c;IBM12712;UTF-8//TRANSLIT//IGNORE"
39	-# These are known hangs that are yet to be fixed:
40	-# "\x00\x0f;-c;IBM1364;UTF-8"
41	-# "\x00\x0f;-c;IBM1371;UTF-8"
42	-# "\x00\x0f;-c;IBM1388;UTF-8"
43	-# "\x00\x0f;-c;IBM1390;UTF-8"
44	-# "\x00\x0f;-c;IBM1399;UTF-8"
45	+"\x00\x0f;-c;IBM1364;UTF-8"
46	+"\x0e\x0e;-c;IBM1364;UTF-8"
47	+"\x00\x0f;-c;IBM1371;UTF-8"
48	+"\x0e\x0e;-c;IBM1371;UTF-8"
49	+"\x00\x0f;-c;IBM1388;UTF-8"
50	+"\x0e\x0e;-c;IBM1388;UTF-8"
51	+"\x00\x0f;-c;IBM1390;UTF-8"
52	+"\x0e\x0e;-c;IBM1390;UTF-8"
53	+"\x00\x0f;-c;IBM1399;UTF-8"
54	+"\x0e\x0e;-c;IBM1399;UTF-8"
55	"\x00\x53;-c;IBM16804;UTF-8//TRANSLIT//IGNORE"
56	"\x00\x41;-c;IBM274;UTF-8//TRANSLIT//IGNORE"
57	"\x00\x41;-c;IBM275;UTF-8//TRANSLIT//IGNORE"
58	diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
59	index 49e7267ab4..521f0825b7 100644
60	--- a/iconvdata/ibm1364.c
61	+++ b/iconvdata/ibm1364.c
62	@@ -158,24 +158,14 @@ enum
63	\
64	if (__builtin_expect (ch, 0) == SO) \
65	{ \
66	- /* Shift OUT, change to DBCS converter. */ \
67	- if (curcs == db) \
68	- { \
69	- result = __GCONV_ILLEGAL_INPUT; \
70	- break; \
71	- } \
72	+ /* Shift OUT, change to DBCS converter (redundant escape okay). */ \
73	curcs = db; \
74	++inptr; \
75	continue; \
76	} \
77	if (__builtin_expect (ch, 0) == SI) \
78	{ \
79	- /* Shift IN, change to SBCS converter. */ \
80	- if (curcs == sb) \
81	- { \
82	- result = __GCONV_ILLEGAL_INPUT; \
83	- break; \
84	- } \
85	+ /* Shift IN, change to SBCS converter (redundant escape okay). */ \
86	curcs = sb; \
87	++inptr; \
88	continue; \
89	--
90	2.29.2
91


diff --git a/meta/recipes-core/glibc/glibc_2.32.bb b/meta/recipes-core/glibc/glibc_2.32.bb index 2d9c707a0b..249f59176e 100644 --- a/meta/recipes-core/glibc/glibc_2.32.bb +++ b/meta/recipes-core/glibc/glibc_2.32.bb
@@ -1,7 +1,8 @@
1	require glibc.inc	1	require glibc.inc
2	require glibc-version.inc	2	require glibc-version.inc
3		3
4	CVE_CHECK_WHITELIST += "CVE-2020-10029"	4	# whitelist CVE's with fixes in latest release/2.32/master branch
		5	CVE_CHECK_WHITELIST += "CVE-2019-25013 CVE-2020-10029 CVE-2020-27618"
5		6
6	DEPENDS += "gperf-native bison-native make-native"	7	DEPENDS += "gperf-native bison-native make-native"
7		8
@@ -45,8 +46,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
45	file://0031-linux-Allow-adjtime-with-NULL-argument-BZ-26833.patch \	46	file://0031-linux-Allow-adjtime-with-NULL-argument-BZ-26833.patch \
46	file://CVE-2020-29562.patch \	47	file://CVE-2020-29562.patch \
47	file://CVE-2020-29573.patch \	48	file://CVE-2020-29573.patch \
48	file://CVE-2019-25013.patch \
49	file://CVE-2020-27618.patch \
50	"	49	"
51	S = "${WORKDIR}/git"	50	S = "${WORKDIR}/git"
52	B = "${WORKDIR}/build-${TARGET_SYS}"	51	B = "${WORKDIR}/build-${TARGET_SYS}"