SHA1
--- a/ldso/dynlink.c
+++ b/ldso/dynlink.c
@@ -616,6 +616,7 @@ static void reclaim_gaps(struct dso *dso)
 
				 	for (; phcnt--; ph=(void *)((char *)ph+dso->phentsize)) {
			
 
				 		if (ph->p_type!=PT_LOAD) continue;
			
 
				 		if ((ph->p_flags&(PF_R|PF_W))!=(PF_R|PF_W)) continue;
			
 
				+		if (ph->p_memsz == 0) continue;
			
 
				 		reclaim(dso, ph->p_vaddr & -PAGE_SIZE, ph->p_vaddr);
			
 
				 		reclaim(dso, ph->p_vaddr+ph->p_memsz,
			
 
				 			ph->p_vaddr+ph->p_memsz+PAGE_SIZE-1 & -PAGE_SIZE);
			
--- a/src/locale/iconv.c
+++ b/src/locale/iconv.c
@@ -339,6 +339,8 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri
 
				 			} else if (d-159 <= 252-159) {
			
 
				 				c++;
			
 
				 				d -= 159;
			
 
				+			} else {
			
 
				+				goto ilseq;
			
 
				 			}
			
 
				 			if (c>=84) goto ilseq;
			
 
				 			c = jis0208[c][d];
			
@@ -500,7 +502,7 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri
 
				 			if (c >= 93 || d >= 94) {
			
 
				 				c += (0xa1-0x81);
			
 
				 				d += 0xa1;
			
 
				-				if (c >= 93 || c>=0xc6-0x81 && d>0x52)
			
 
				+				if (c > 0xc6-0x81 || c==0xc6-0x81 && d>0x52)
			
 
				 					goto ilseq;
			
 
				 				if (d-'A'<26) d = d-'A';
			
 
				 				else if (d-'a'<26) d = d-'a'+26;
			
@@ -543,6 +545,10 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri
 
				 				if (*outb < k) goto toobig;
			
 
				 				memcpy(*out, tmp, k);
			
 
				 			} else k = wctomb_utf8(*out, c);
			
 
				+			/* This failure condition should be unreachable, but
			
 
				+			 * is included to prevent decoder bugs from translating
			
 
				+			 * into advancement outside the output buffer range. */
			
 
				+			if (k>4) goto ilseq;
			
 
				 			*out += k;
			
 
				 			*outb -= k;
			
 
				 			break;
			
--- a/src/misc/mntent.c
+++ b/src/misc/mntent.c
@@ -115,5 +115,13 @@ int addmntent(FILE *f, const struct mntent *mnt)
 
				 
			
 
				 char *hasmntopt(const struct mntent *mnt, const char *opt)
			
 
				 {
			
 
				-	return strstr(mnt->mnt_opts, opt);
			
 
				+	size_t l = strlen(opt);
			
 
				+	char *p = mnt->mnt_opts;
			
 
				+	for (;;) {
			
 
				+		if (!strncmp(p, opt, l) && (!p[l] || p[l]==',' || p[l]=='='))
			
 
				+			return p;
			
 
				+		p = strchr(p, ',');
			
 
				+		if (!p) return 0;
			
 
				+		p++;
			
 
				+	}
			
 
				 }
			
--- a/src/thread/s390x/__tls_get_offset.s
+++ b/src/thread/s390x/__tls_get_offset.s
@@ -1,17 +1,17 @@
 
				 	.global __tls_get_offset
			
 
				 	.type __tls_get_offset,%function
			
 
				 __tls_get_offset:
			
 
				-	stmg  %r14, %r15, 112(%r15)
			
 
				-	aghi  %r15, -160
			
 
				+	ear   %r0, %a0
			
 
				+	sllg  %r0, %r0, 32
			
 
				+	ear   %r0, %a1
			
 
				 
			
 
				-	la    %r2, 0(%r2, %r12)
			
 
				-	brasl %r14, __tls_get_addr
			
 
				+	la    %r1, 0(%r2, %r12)
			
 
				 
			
 
				-	ear   %r1, %a0
			
 
				-	sllg  %r1, %r1, 32
			
 
				-	ear   %r1, %a1
			
 
				+	lg    %r3, 0(%r1)
			
 
				+	sllg  %r4, %r3, 3
			
 
				+	lg    %r5, 8(%r0)
			
 
				+	lg    %r2, 0(%r4, %r5)
			
 
				+	ag    %r2, 8(%r1)
			
 
				+	sgr   %r2, %r0
			
 
				 
			
 
				-	sgr   %r2, %r1
			
 
				-
			
 
				-	lmg   %r14, %r15, 272(%r15)
			
 
				 	br    %r14
作者	SHA1 備註	提交日期
Rich Felker	c47ad25ea3 iconv: harden UTF-8 output code path against input decoder bugs	3 月之前
Rich Felker	4c4f15dae5 hasmntopt: match only whole options not arbitrary substrings	3 月之前
Rich Felker	e5adcd97b5 iconv: fix erroneous input validation in EUC-KR decoder	3 月之前
Rich Felker	5e594aeabf iconv: fix erroneous decoding of some invalid ShiftJIS sequences	3 月之前
Alex Rønne Petersen	6af4f25b89 s390x: manually inline __tls_get_addr in __tls_get_offset	4 月之前
Yao Zi	5ccf05d86d ldso: don't reclaim zero-memory-sized segments	6 月之前