From 77881379e907df7f4a51e977b5e47bf58485ef27 Mon Sep 17 00:00:00 2001
From: Jeff Law <law@redhat.com>
Date: Jun 05 2012 17:35:03 +0000
Subject:   - Fix DoS in RPC implementation (#767693)

  - Remove deprecated alpha support.
  - Remove redundant hunk from patch. (#823905)

---

diff --git a/glibc-rh767693-2.patch b/glibc-rh767693-2.patch
new file mode 100644
index 0000000..97d3658
--- /dev/null
+++ b/glibc-rh767693-2.patch
@@ -0,0 +1,76 @@
+diff -rup a/sunrpc/svc_tcp.c b/sunrpc/svc_tcp.c
+--- a/sunrpc/svc_tcp.c	2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_tcp.c	2012-06-05 11:30:09.948733571 -0600
+@@ -44,6 +44,7 @@
+ #include <sys/poll.h>
+ #include <errno.h>
+ #include <stdlib.h>
++#include <time.h>
+ 
+ #include <wchar.h>
+ #include <libio/iolibio.h>
+@@ -247,6 +248,11 @@ again:
+     {
+       if (errno == EINTR)
+ 	goto again;
++      if (errno == EMFILE)
++        {
++          struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++          __nanosleep(&ts , NULL);
++        }
+       return FALSE;
+     }
+   /*
+diff -rup a/sunrpc/svc_udp.c b/sunrpc/svc_udp.c
+--- a/sunrpc/svc_udp.c	2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_udp.c	2012-06-05 11:30:09.948733571 -0600
+@@ -40,6 +40,7 @@
+ #include <sys/socket.h>
+ #include <errno.h>
+ #include <libintl.h>
++#include <time.h>
+ 
+ #ifdef IP_PKTINFO
+ #include <sys/uio.h>
+@@ -277,8 +278,16 @@ again:
+ 		       (int) su->su_iosz, 0,
+ 		       (struct sockaddr *) &(xprt->xp_raddr), &len);
+   xprt->xp_addrlen = len;
+-  if (rlen == -1 && errno == EINTR)
+-    goto again;
++  if (rlen == -1)
++    {
++      if (errno == EINTR)
++        goto again;
++      if (errno == EMFILE)
++        {
++          struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++          __nanosleep(&ts , NULL);
++        }
++    }
+   if (rlen < 16)		/* < 4 32-bit ints? */
+     return FALSE;
+   xdrs->x_op = XDR_DECODE;
+diff -rup a/sunrpc/svc_unix.c b/sunrpc/svc_unix.c
+--- a/sunrpc/svc_unix.c	2012-05-31 20:37:43.000000000 -0600
++++ b/sunrpc/svc_unix.c	2012-06-05 11:30:36.495612770 -0600
+@@ -46,6 +46,7 @@
+ #include <errno.h>
+ #include <stdlib.h>
+ #include <libintl.h>
++#include <time.h>
+ #include <wchar.h>
+ 
+ /*
+@@ -244,6 +245,11 @@ again:
+     {
+       if (errno == EINTR)
+ 	goto again;
++      if (errno == EMFILE)
++        {
++          struct timespec ts = { .tv_sec = 0, .tv_nsec = 50000000 };
++          __nanosleep(&ts , NULL);
++        }
+       return FALSE;
+     }
+   /*
diff --git a/glibc-rh823905.patch b/glibc-rh823905.patch
index ed9c4c9..c0a0e01 100644
--- a/glibc-rh823905.patch
+++ b/glibc-rh823905.patch
@@ -12,14 +12,3 @@ index 25a9be0..6f758eb 100644
  	    || (res = __ibm930db_to_ucs4[ch + rp2->idx],		      \
  		__builtin_expect (res, L'\1') == L'\0' && ch != '\0'))	      \
  	  {								      \
-@@ -215,7 +216,8 @@ enum
- 	while (ch > rp2->end)						      \
- 	  ++rp2;							      \
- 									      \
--	if (__builtin_expect (ch < rp2->start, 0)			      \
-+	if (__builtin_expect (rp2->start == 0xffff, 0)			      \
-+	    || __builtin_expect (ch < rp2->start, 0)			      \
- 	    || (cp = __ucs4_to_ibm930db[ch + rp2->idx],			      \
- 		__builtin_expect (cp[0], L'\1')== L'\0' && ch != '\0'))	      \
- 	  {								      \
-
diff --git a/glibc.spec b/glibc.spec
index 603d09a..0e6467e 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -28,7 +28,7 @@
 Summary: The GNU libc libraries
 Name: glibc
 Version: %{glibcversion}
-Release: 8%{?dist}
+Release: 9%{?dist}
 # GPLv2+ is used in a bunch of programs, LGPLv2+ is used for libraries.
 # Things that are linked directly into dynamically linked programs
 # and shared libraries (e.g. crt files, lib*_nonshared.a) have an additional
@@ -176,6 +176,9 @@ Patch2035: %{name}-rh819430.patch
 # Upstream BZ 14134
 Patch2036: %{name}-rh823905.patch
 
+# See http://sourceware.org/ml/libc-alpha/2012-06/msg00074.html
+Patch2037: %{name}-rh767693-2.patch
+
 Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Obsoletes: glibc-profile < 2.4
 Obsoletes: nss_db
@@ -427,11 +430,11 @@ rm -rf %{glibcportsdir}
 %patch0035 -p1
 %patch2035 -p1
 %patch2036 -p1
+%patch2037 -p1
 
 # A lot of programs still misuse memcpy when they have to use
 # memmove. The memcpy implementation below is not tolerant at
 # all.
-rm -f sysdeps/alpha/alphaev6/memcpy.S
 %if %{buildpower6}
 # On powerpc32, hp timing is only available in power4/power6
 # libs, not in base, so pre-power4 dynamic linker is incompatible
@@ -458,9 +461,6 @@ BuildFlags="$BuildFlags -mno-tls-direct-seg-refs"
 %ifarch x86_64
 BuildFlags="-mtune=generic"
 %endif
-%ifarch alphaev6
-BuildFlags="-mcpu=ev6"
-%endif
 %ifarch sparc
 BuildFlags="-fcall-used-g6"
 GCC="gcc -m32"
@@ -997,9 +997,6 @@ cat debuginfocommon.sources >> debuginfo.filelist
 %ifarch %{ix86}
 %define basearch i686
 %endif
-%ifarch alpha alphaev6
-%define basearch alpha
-%endif
 %ifarch sparc sparcv9
 %define basearch sparc
 %endif
@@ -1303,9 +1300,14 @@ rm -f *.filelist*
 %endif
 
 %changelog
+* Tue Jun  5 2012 Jeff Law <law@redhat.com> - 2.15.90-9
+  - Fix DoS in RPC implementation (#767693)
+  - Remove deprecated alpha support.
+  - Remove redundant hunk from patch. (#823905)
+
 * Fri Jun  1 2012 Patsy Franklin <patsy@redhat.com> - 2.15.90-8
-  - Fix iconv() segfault when the invalid multibyte character 0xffff is input when 
-    converting from IBM930 (823905)
+  - Fix iconv() segfault when the invalid multibyte character 0xffff is input
+    when converting from IBM930 (#823905)
 
 * Fri Jun 1 2012 Jeff Law <law@redhat.com> - 2.15.90-7
   - Resync with upstream sources.  (#827040)