glibc: stable 2.38 branch updates.

Below commits on glibc-2.38 stable branch are updated. 0e1ef6779a (HEAD -> release/2.38/master, origin/release/2.38/master) manual/jobs.texi: Add missing @item EPERM for getpgid d94461bb86 string: Fix tester build with fortify enable with gcc < 12 63250e9c57 iconv: restore verbosity with unrecognized encoding names (bug 30694) 00ae4f10b5 getaddrinfo: Fix use after free in getcanonname (CVE-2023-4806) b25508dd77 CVE-2023-4527: Stack read overflow with large TCP responses in no-aaaa mode 89da8bc588 NEWS: Add the 2.38.1 bug list d3ba6c1333 elf: Move l_init_called_next to old place of l_text_end in link map 750f19526a elf: Remove unused l_text_end field from struct link_map a3189f66a5 elf: Always call destructors in reverse constructor order (bug 30785) 7ae211a01b elf: Do not run constructors for proxy objects 92201f16cb libio: Fix oversized __io_vtables 5bdef6f27c io: Fix record locking contants for powerpc64 with __USE_FILE_OFFSET64 0024-CVE-2023-4527.patch is dropped (From OE-Core rev: eae8634ff7a7dd6f84c4607b5f1b0c6fe5e39f37) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> 2023-10-02 20:09:17 -0700
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-10-03 22:18:27 +0100
commit: c6ed95a7e41bccf809e273a14bc7592b9ff77352 (patch)
tree: a466c16f56f41c7712e856bdc5f6ea27e65f82f8
parent: 3edb9acca18171894771c36c19b0c2e905852ce5 (diff)
download: poky-c6ed95a7e41bccf809e273a14bc7592b9ff77352.tar.gz
3 files changed, 1 insertions, 221 deletions
diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc
index a907444f50..f5ebbb2ee6 100644
--- a/meta/recipes-core/glibc/glibc-version.inc
+++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
 SRCBRANCH ?= "release/2.38/master"
 PV = "2.38+git"
-SRCREV_glibc ?= "1aed90c9c8f8be9f68b58e96b6e4cd0fc08eb2b1"
+SRCREV_glibc ?= "0e1ef6779a90bc0f8a05bc367796df2793deecaa"
 SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1"
 GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"
diff --git a/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch b/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch
deleted file mode 100644
index 7d9adf6a66..0000000000
--- a/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch
+++ /dev/null
@@ -1,219 +0,0 @@
-From 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f Mon Sep 17 00:00:00 2001
-From: Florian Weimer <fweimer@redhat.com>
-Date: Wed, 13 Sep 2023 14:10:56 +0200
-Subject: [PATCH] CVE-2023-4527: Stack read overflow with large TCP responses
- in no-aaaa mode
-Without passing alt_dns_packet_buffer, __res_context_search can only
-store 2048 bytes (what fits into dns_packet_buffer).  However,
-the function returns the total packet size, and the subsequent
-DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
-of the stack-allocated buffer.
-Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
-stub resolver option") and bug 30842.
-(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d)
-Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=4ea972b7edd7e36610e8cde18bf7a8149d7bac4f]
-CVE: CVE-2023-4527
-Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
---
- NEWS                          |   7 ++
- resolv/Makefile               |   2 +
- resolv/nss_dns/dns-host.c     |   2 +-
- resolv/tst-resolv-noaaaa-vc.c | 129 ++++++++++++++++++++++++++++++++++
- 4 files changed, 139 insertions(+), 1 deletion(-)
- create mode 100644 resolv/tst-resolv-noaaaa-vc.c
-diff --git a/NEWS b/NEWS
--- a/NEWS
-+++ b/NEWS
-@@ -126,6 +126,7 @@
-   [30477] libc: [RISCV]: time64 does not work on riscv32
-   [30515] dynamic-link: _dl_find_object incorrectly returns 1 during
-     early startup
-+  [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
-   [30527] network: resolv_conf lock not unlocked on allocation failure
-   [30550] math: powerpc64le: GCC-specific code for isinf() is being used
-     on clang
-@@ -157,6 +158,12 @@
-   heap and prints it to the target log file, potentially revealing a
-   portion of the contents of the heap.
-+  CVE-2023-4527: If the system is configured in no-aaaa mode via
-+  /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address
-+  family, and a DNS response is received over TCP that is larger than
-+  2048 bytes, getaddrinfo may potentially disclose stack contents via
-+  the returned address data, or crash.
-+
- The following bugs are resolved with this release:
-   [12154] network: Cannot resolve hosts which have wildcard aliases
-diff --git a/resolv/Makefile b/resolv/Makefile
--- a/resolv/Makefile
-+++ b/resolv/Makefile
-@@ -102,6 +102,7 @@
-   tst-resolv-invalid-cname \
-   tst-resolv-network \
-   tst-resolv-noaaaa \
-+  tst-resolv-noaaaa-vc \
-   tst-resolv-nondecimal \
-   tst-resolv-res_init-multi \
-   tst-resolv-search \
-@@ -293,6 +294,7 @@
- $(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \
-   $(shared-thread-library)
- $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library)
-+$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library)
- $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library)
- $(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library)
- $(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library)
-diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
--- a/resolv/nss_dns/dns-host.c
-+++ b/resolv/nss_dns/dns-host.c
-@@ -427,7 +427,7 @@ _nss_dns_gethostbyname4_r (const char *name, struct gaih_addrtuple **pat,
-     {
-       n = __res_context_search (ctx, name, C_IN, T_A,
-                                dns_packet_buffer, sizeof (dns_packet_buffer),
-                               NULL, NULL, NULL, NULL, NULL);
-+                               &alt_dns_packet_buffer, NULL, NULL, NULL, NULL);
-       if (n >= 0)
-        status = gaih_getanswer_noaaaa (alt_dns_packet_buffer, n,
-                                        &abuf, pat, errnop, herrnop, ttlp);
-diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c
-new file mode 100644
--- /dev/null
-+++ b/resolv/tst-resolv-noaaaa-vc.c
-@@ -0,0 +1,129 @@
-+/* Test the RES_NOAAAA resolver option with a large response.
-+   Copyright (C) 2022-2023 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   <https://www.gnu.org/licenses/>.  */
-+
-+#include <errno.h>
-+#include <netdb.h>
-+#include <resolv.h>
-+#include <stdbool.h>
-+#include <stdlib.h>
-+#include <support/check.h>
-+#include <support/check_nss.h>
-+#include <support/resolv_test.h>
-+#include <support/support.h>
-+#include <support/xmemstream.h>
-+
-+/* Used to keep track of the number of queries.  */
-+static volatile unsigned int queries;
-+
-+/* If true, add a large TXT record at the start of the answer section.  */
-+static volatile bool stuff_txt;
-+
-+static void
-+response (const struct resolv_response_context *ctx,
-+          struct resolv_response_builder *b,
-+          const char *qname, uint16_t qclass, uint16_t qtype)
-+{
-+  /* If not using TCP, just force its use.  */
-+  if (!ctx->tcp)
-+    {
-+      struct resolv_response_flags flags = {.tc = true};
-+      resolv_response_init (b, flags);
-+      resolv_response_add_question (b, qname, qclass, qtype);
-+      return;
-+    }
-+
-+  /* The test needs to send four queries, the first three are used to
-+     grow the NSS buffer via the ERANGE handshake.  */
-+  ++queries;
-+  TEST_VERIFY (queries <= 4);
-+
-+  /* AAAA queries are supposed to be disabled.  */
-+  TEST_COMPARE (qtype, T_A);
-+  TEST_COMPARE (qclass, C_IN);
-+  TEST_COMPARE_STRING (qname, "example.com");
-+
-+  struct resolv_response_flags flags = {};
-+  resolv_response_init (b, flags);
-+  resolv_response_add_question (b, qname, qclass, qtype);
-+
-+  resolv_response_section (b, ns_s_an);
-+
-+  if (stuff_txt)
-+    {
-+      resolv_response_open_record (b, qname, qclass, T_TXT, 60);
-+      int zero = 0;
-+      for (int i = 0; i <= 15000; ++i)
-+        resolv_response_add_data (b, &zero, sizeof (zero));
-+      resolv_response_close_record (b);
-+    }
-+
-+  for (int i = 0; i < 200; ++i)
-+    {
-+      resolv_response_open_record (b, qname, qclass, qtype, 60);
-+      char ipv4[4] = {192, 0, 2, i + 1};
-+      resolv_response_add_data (b, &ipv4, sizeof (ipv4));
-+      resolv_response_close_record (b);
-+    }
-+}
-+
-+static int
-+do_test (void)
-+{
-+  struct resolv_test *obj = resolv_test_start
-+    ((struct resolv_redirect_config)
-+     {
-+       .response_callback = response
-+     });
-+
-+  _res.options |= RES_NOAAAA;
-+
-+  for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt)
-+    {
-+      queries = 0;
-+      stuff_txt = do_stuff_txt;
-+
-+      struct addrinfo *ai = NULL;
-+      int ret;
-+      ret = getaddrinfo ("example.com", "80",
-+                         &(struct addrinfo)
-+                         {
-+                           .ai_family = AF_UNSPEC,
-+                           .ai_socktype = SOCK_STREAM,
-+                         }, &ai);
-+
-+      char *expected_result;
-+      {
-+        struct xmemstream mem;
-+        xopen_memstream (&mem);
-+        for (int i = 0; i < 200; ++i)
-+          fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1);
-+        xfclose_memstream (&mem);
-+        expected_result = mem.buffer;
-+      }
-+
-+      check_addrinfo ("example.com", ai, ret, expected_result);
-+
-+      free (expected_result);
-+      freeaddrinfo (ai);
-+    }
-+
-+  resolv_test_end (obj);
-+  return 0;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/meta/recipes-core/glibc/glibc_2.38.bb b/meta/recipes-core/glibc/glibc_2.38.bb
index 237458d066..32ccb888f0 100644
--- a/meta/recipes-core/glibc/glibc_2.38.bb
+++ b/meta/recipes-core/glibc/glibc_2.38.bb
@@ -51,7 +51,6 @@ SRC_URI =  "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
           file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \
           file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \
           file://0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch \
-           file://0024-CVE-2023-4527.patch \
 "
 S = "${WORKDIR}/git"
 B = "${WORKDIR}/build-${TARGET_SYS}"
author	Deepthi Hemraj <Deepthi.Hemraj@windriver.com>	2023-10-02 20:09:17 -0700
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-10-03 22:18:27 +0100
commit	c6ed95a7e41bccf809e273a14bc7592b9ff77352 (patch)
tree	a466c16f56f41c7712e856bdc5f6ea27e65f82f8
parent	3edb9acca18171894771c36c19b0c2e905852ce5 (diff)
download	poky-c6ed95a7e41bccf809e273a14bc7592b9ff77352.tar.gz

diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index a907444f50..f5ebbb2ee6 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc
@@ -1,6 +1,6 @@
1	SRCBRANCH ?= "release/2.38/master"	1	SRCBRANCH ?= "release/2.38/master"
2	PV = "2.38+git"	2	PV = "2.38+git"
3	SRCREV_glibc ?= "1aed90c9c8f8be9f68b58e96b6e4cd0fc08eb2b1"	3	SRCREV_glibc ?= "0e1ef6779a90bc0f8a05bc367796df2793deecaa"
4	SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1"	4	SRCREV_localedef ?= "e0eca29583b9e0f62645c4316ced93cf4e4e26e1"
5		5
6	GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"	6	GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git;protocol=https"


diff --git a/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch b/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch deleted file mode 100644 index 7d9adf6a66..0000000000 --- a/meta/recipes-core/glibc/glibc/0024-CVE-2023-4527.patch +++ /dev/null
@@ -1,219 +0,0 @@
1	From 4ea972b7edd7e36610e8cde18bf7a8149d7bac4f Mon Sep 17 00:00:00 2001
2	From: Florian Weimer <fweimer@redhat.com>
3	Date: Wed, 13 Sep 2023 14:10:56 +0200
4	Subject: [PATCH] CVE-2023-4527: Stack read overflow with large TCP responses
5	in no-aaaa mode
6
7	Without passing alt_dns_packet_buffer, __res_context_search can only
8	store 2048 bytes (what fits into dns_packet_buffer). However,
9	the function returns the total packet size, and the subsequent
10	DNS parsing code in _nss_dns_gethostbyname4_r reads beyond the end
11	of the stack-allocated buffer.
12
13	Fixes commit f282cdbe7f436c75864e5640a4 ("resolv: Implement no-aaaa
14	stub resolver option") and bug 30842.
15
16	(cherry picked from commit bd77dd7e73e3530203be1c52c8a29d08270cb25d)
17
18	Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=4ea972b7edd7e36610e8cde18bf7a8149d7bac4f]
19	CVE: CVE-2023-4527
20
21	Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
22
23	---
24	NEWS \| 7 ++
25	resolv/Makefile \| 2 +
26	resolv/nss_dns/dns-host.c \| 2 +-
27	resolv/tst-resolv-noaaaa-vc.c \| 129 ++++++++++++++++++++++++++++++++++
28	4 files changed, 139 insertions(+), 1 deletion(-)
29	create mode 100644 resolv/tst-resolv-noaaaa-vc.c
30
31	diff --git a/NEWS b/NEWS
32	--- a/NEWS
33	+++ b/NEWS
34	@@ -126,6 +126,7 @@
35	[30477] libc: [RISCV]: time64 does not work on riscv32
36	[30515] dynamic-link: _dl_find_object incorrectly returns 1 during
37	early startup
38	+ [30842] Stack read overflow in getaddrinfo in no-aaaa mode (CVE-2023-4527)
39	[30527] network: resolv_conf lock not unlocked on allocation failure
40	[30550] math: powerpc64le: GCC-specific code for isinf() is being used
41	on clang
42	@@ -157,6 +158,12 @@
43	heap and prints it to the target log file, potentially revealing a
44	portion of the contents of the heap.
45
46	+ CVE-2023-4527: If the system is configured in no-aaaa mode via
47	+ /etc/resolv.conf, getaddrinfo is called for the AF_UNSPEC address
48	+ family, and a DNS response is received over TCP that is larger than
49	+ 2048 bytes, getaddrinfo may potentially disclose stack contents via
50	+ the returned address data, or crash.
51	+
52	The following bugs are resolved with this release:
53
54	[12154] network: Cannot resolve hosts which have wildcard aliases
55	diff --git a/resolv/Makefile b/resolv/Makefile
56	--- a/resolv/Makefile
57	+++ b/resolv/Makefile
58	@@ -102,6 +102,7 @@
59	tst-resolv-invalid-cname \
60	tst-resolv-network \
61	tst-resolv-noaaaa \
62	+ tst-resolv-noaaaa-vc \
63	tst-resolv-nondecimal \
64	tst-resolv-res_init-multi \
65	tst-resolv-search \
66	@@ -293,6 +294,7 @@
67	$(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \
68	$(shared-thread-library)
69	$(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library)
70	+$(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library)
71	$(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library)
72	$(objpfx)tst-resolv-qtypes: $(objpfx)libresolv.so $(shared-thread-library)
73	$(objpfx)tst-resolv-rotate: $(objpfx)libresolv.so $(shared-thread-library)
74	diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
75	--- a/resolv/nss_dns/dns-host.c
76	+++ b/resolv/nss_dns/dns-host.c
77	@@ -427,7 +427,7 @@ _nss_dns_gethostbyname4_r (const char name, struct gaih_addrtuple *pat,
78	{
79	n = __res_context_search (ctx, name, C_IN, T_A,
80	dns_packet_buffer, sizeof (dns_packet_buffer),
81	- NULL, NULL, NULL, NULL, NULL);
82	+ &alt_dns_packet_buffer, NULL, NULL, NULL, NULL);
83	if (n >= 0)
84	status = gaih_getanswer_noaaaa (alt_dns_packet_buffer, n,
85	&abuf, pat, errnop, herrnop, ttlp);
86	diff --git a/resolv/tst-resolv-noaaaa-vc.c b/resolv/tst-resolv-noaaaa-vc.c
87	new file mode 100644
88	--- /dev/null
89	+++ b/resolv/tst-resolv-noaaaa-vc.c
90	@@ -0,0 +1,129 @@
91	+/* Test the RES_NOAAAA resolver option with a large response.
92	+ Copyright (C) 2022-2023 Free Software Foundation, Inc.
93	+ This file is part of the GNU C Library.
94	+
95	+ The GNU C Library is free software; you can redistribute it and/or
96	+ modify it under the terms of the GNU Lesser General Public
97	+ License as published by the Free Software Foundation; either
98	+ version 2.1 of the License, or (at your option) any later version.
99	+
100	+ The GNU C Library is distributed in the hope that it will be useful,
101	+ but WITHOUT ANY WARRANTY; without even the implied warranty of
102	+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
103	+ Lesser General Public License for more details.
104	+
105	+ You should have received a copy of the GNU Lesser General Public
106	+ License along with the GNU C Library; if not, see
107	+ <https://www.gnu.org/licenses/>. */
108	+
109	+#include <errno.h>
110	+#include <netdb.h>
111	+#include <resolv.h>
112	+#include <stdbool.h>
113	+#include <stdlib.h>
114	+#include <support/check.h>
115	+#include <support/check_nss.h>
116	+#include <support/resolv_test.h>
117	+#include <support/support.h>
118	+#include <support/xmemstream.h>
119	+
120	+/* Used to keep track of the number of queries. */
121	+static volatile unsigned int queries;
122	+
123	+/* If true, add a large TXT record at the start of the answer section. */
124	+static volatile bool stuff_txt;
125	+
126	+static void
127	+response (const struct resolv_response_context *ctx,
128	+ struct resolv_response_builder *b,
129	+ const char *qname, uint16_t qclass, uint16_t qtype)
130	+{
131	+ /* If not using TCP, just force its use. */
132	+ if (!ctx->tcp)
133	+ {
134	+ struct resolv_response_flags flags = {.tc = true};
135	+ resolv_response_init (b, flags);
136	+ resolv_response_add_question (b, qname, qclass, qtype);
137	+ return;
138	+ }
139	+
140	+ /* The test needs to send four queries, the first three are used to
141	+ grow the NSS buffer via the ERANGE handshake. */
142	+ ++queries;
143	+ TEST_VERIFY (queries <= 4);
144	+
145	+ /* AAAA queries are supposed to be disabled. */
146	+ TEST_COMPARE (qtype, T_A);
147	+ TEST_COMPARE (qclass, C_IN);
148	+ TEST_COMPARE_STRING (qname, "example.com");
149	+
150	+ struct resolv_response_flags flags = {};
151	+ resolv_response_init (b, flags);
152	+ resolv_response_add_question (b, qname, qclass, qtype);
153	+
154	+ resolv_response_section (b, ns_s_an);
155	+
156	+ if (stuff_txt)
157	+ {
158	+ resolv_response_open_record (b, qname, qclass, T_TXT, 60);
159	+ int zero = 0;
160	+ for (int i = 0; i <= 15000; ++i)
161	+ resolv_response_add_data (b, &zero, sizeof (zero));
162	+ resolv_response_close_record (b);
163	+ }
164	+
165	+ for (int i = 0; i < 200; ++i)
166	+ {
167	+ resolv_response_open_record (b, qname, qclass, qtype, 60);
168	+ char ipv4[4] = {192, 0, 2, i + 1};
169	+ resolv_response_add_data (b, &ipv4, sizeof (ipv4));
170	+ resolv_response_close_record (b);
171	+ }
172	+}
173	+
174	+static int
175	+do_test (void)
176	+{
177	+ struct resolv_test *obj = resolv_test_start
178	+ ((struct resolv_redirect_config)
179	+ {
180	+ .response_callback = response
181	+ });
182	+
183	+ _res.options \|= RES_NOAAAA;
184	+
185	+ for (int do_stuff_txt = 0; do_stuff_txt < 2; ++do_stuff_txt)
186	+ {
187	+ queries = 0;
188	+ stuff_txt = do_stuff_txt;
189	+
190	+ struct addrinfo *ai = NULL;
191	+ int ret;
192	+ ret = getaddrinfo ("example.com", "80",
193	+ &(struct addrinfo)
194	+ {
195	+ .ai_family = AF_UNSPEC,
196	+ .ai_socktype = SOCK_STREAM,
197	+ }, &ai);
198	+
199	+ char *expected_result;
200	+ {
201	+ struct xmemstream mem;
202	+ xopen_memstream (&mem);
203	+ for (int i = 0; i < 200; ++i)
204	+ fprintf (mem.out, "address: STREAM/TCP 192.0.2.%d 80\n", i + 1);
205	+ xfclose_memstream (&mem);
206	+ expected_result = mem.buffer;
207	+ }
208	+
209	+ check_addrinfo ("example.com", ai, ret, expected_result);
210	+
211	+ free (expected_result);
212	+ freeaddrinfo (ai);
213	+ }
214	+
215	+ resolv_test_end (obj);
216	+ return 0;
217	+}
218	+
219	+#include <support/test-driver.c>


diff --git a/meta/recipes-core/glibc/glibc_2.38.bb b/meta/recipes-core/glibc/glibc_2.38.bb index 237458d066..32ccb888f0 100644 --- a/meta/recipes-core/glibc/glibc_2.38.bb +++ b/meta/recipes-core/glibc/glibc_2.38.bb
@@ -51,7 +51,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
51	file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \	51	file://0021-fix-create-thread-failed-in-unprivileged-process-BZ-.patch \
52	file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \	52	file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \
53	file://0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch \	53	file://0023-aarch64-configure-Pass-mcpu-along-with-march-to-dete.patch \
54	file://0024-CVE-2023-4527.patch \
55	"	54	"
56	S = "${WORKDIR}/git"	55	S = "${WORKDIR}/git"
57	B = "${WORKDIR}/build-${TARGET_SYS}"	56	B = "${WORKDIR}/build-${TARGET_SYS}"