From 30286ebcc178aec1fb3797ba3ec88cf75feb282b Mon Sep 17 00:00:00 2001
From: Maximilian Bosch <maximilian@mbosch.me>
Date: Mon, 10 Aug 2020 11:25:08 +0200
Subject: [PATCH] glibc: 2.31 -> 2.32

ChangeLog: https://sourceware.org/pipermail/libc-announce/2020/000029.html

Patches removed:

* `rpcgen-path.patch` is obsolete as the support for SunOS RPC has been
  removed in 2.32[1].

* The vulnerabilities CVE-2020-1752[2] & CVE-2020-10029[3] are fixed in
  `glibc-2.32`[4][5], thus applying those manually isn't necessary anymore.

I also added myself as second maintainer as I'm quite regularly doing
`glibc`-related stuff in `nixpkgs`, so let's make this situation
official.

[1] https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=5500cdba4018ddbda7909bc7f4f9718610b43cf0
[2] https://nvd.nist.gov/vuln/detail/CVE-2020-1752
[3] https://nvd.nist.gov/vuln/detail/CVE-2020-10029
[4] Commit 9333498794cde1d5cca518badf79533a24114b6f (CVE-2020-1752)
[5] Commit ddc650e9b3dc916eab417ce9f79e67337b05035c (CVE-2020-10029)
---
 .../libraries/glibc/2.30-cve-2020-1752.patch  | 62 ---------------
 .../libraries/glibc/2.31-cve-2020-10029.patch | 79 -------------------
 pkgs/development/libraries/glibc/common.nix   | 19 ++---
 3 files changed, 6 insertions(+), 154 deletions(-)
 delete mode 100644 pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch
 delete mode 100644 pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch

diff --git a/pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch b/pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch
deleted file mode 100644
index 75d874b93d09..000000000000
--- a/pkgs/development/libraries/glibc/2.30-cve-2020-1752.patch
+++ /dev/null
@@ -1,62 +0,0 @@
-From: Andreas Schwab <schwab@suse.de>
-Date: Wed, 19 Feb 2020 16:21:46 +0000 (+0100)
-Subject: Fix use-after-free in glob when expanding ~user (bug 25414)
-X-Git-Url: https://sourceware.org/git/?p=glibc.git;a=commitdiff_plain;h=da97c6b88eb03fb834e92964b0895c2ac8d61f63;hp=dd34bce38c822b67fcc42e73969bf6699d6874b6
-
-Fix use-after-free in glob when expanding ~user (bug 25414)
-
-The value of `end_name' points into the value of `dirname', thus don't
-deallocate the latter before the last use of the former.
-
-(cherry picked from commit ddc650e9b3dc916eab417ce9f79e67337b05035c)
----
-
-diff --git a/posix/glob.c b/posix/glob.c
-index e73e35c510..c6cbd0eb43 100644
---- a/posix/glob.c
-+++ b/posix/glob.c
-@@ -827,31 +827,32 @@ __glob (const char *pattern, int flags, int (*errfunc) (const char *, int),
- 	      {
- 		size_t home_len = strlen (p->pw_dir);
- 		size_t rest_len = end_name == NULL ? 0 : strlen (end_name);
--		char *d;
-+		char *d, *newp;
-+		bool use_alloca = glob_use_alloca (alloca_used,
-+						   home_len + rest_len + 1);
- 
--		if (__glibc_unlikely (malloc_dirname))
--		  free (dirname);
--		malloc_dirname = 0;
--
--		if (glob_use_alloca (alloca_used, home_len + rest_len + 1))
--		  dirname = alloca_account (home_len + rest_len + 1,
--					    alloca_used);
-+		if (use_alloca)
-+		  newp = alloca_account (home_len + rest_len + 1, alloca_used);
- 		else
- 		  {
--		    dirname = malloc (home_len + rest_len + 1);
--		    if (dirname == NULL)
-+		    newp = malloc (home_len + rest_len + 1);
-+		    if (newp == NULL)
- 		      {
- 			scratch_buffer_free (&pwtmpbuf);
- 			retval = GLOB_NOSPACE;
- 			goto out;
- 		      }
--		    malloc_dirname = 1;
- 		  }
--		d = mempcpy (dirname, p->pw_dir, home_len);
-+		d = mempcpy (newp, p->pw_dir, home_len);
- 		if (end_name != NULL)
- 		  d = mempcpy (d, end_name, rest_len);
- 		*d = '\0';
- 
-+		if (__glibc_unlikely (malloc_dirname))
-+		  free (dirname);
-+		dirname = newp;
-+		malloc_dirname = !use_alloca;
-+
- 		dirlen = home_len + rest_len;
- 		dirname_modified = 1;
- 	      }
diff --git a/pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch b/pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch
deleted file mode 100644
index 8334398e8912..000000000000
--- a/pkgs/development/libraries/glibc/2.31-cve-2020-10029.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-diff --git a/sysdeps/ieee754/ldbl-96/Makefile b/sysdeps/ieee754/ldbl-96/Makefile
-index 995e90d6da..318628aed6 100644
---- a/sysdeps/ieee754/ldbl-96/Makefile
-+++ b/sysdeps/ieee754/ldbl-96/Makefile
-@@ -17,5 +17,6 @@
- # <https://www.gnu.org/licenses/>.
- 
- ifeq ($(subdir),math)
--tests += test-canonical-ldbl-96 test-totalorderl-ldbl-96
-+tests += test-canonical-ldbl-96 test-totalorderl-ldbl-96 test-sinl-pseudo
-+CFLAGS-test-sinl-pseudo.c += -fstack-protector-all
- endif
-diff --git a/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c b/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c
-index 5f742321ae..bcdf20179f 100644
---- a/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c
-+++ b/sysdeps/ieee754/ldbl-96/e_rem_pio2l.c
-@@ -210,6 +210,18 @@ __ieee754_rem_pio2l (long double x, long double *y)
-       return 0;
-     }
- 
-+  if ((i0 & 0x80000000) == 0)
-+    {
-+      /* Pseudo-zero and unnormal representations are not valid
-+	 representations of long double.  We need to avoid stack
-+	 corruption in __kernel_rem_pio2, which expects input in a
-+	 particular normal form, but those representations do not need
-+	 to be consistently handled like any particular floating-point
-+	 value.  */
-+      y[1] = y[0] = __builtin_nanl ("");
-+      return 0;
-+    }
-+
-   /* Split the 64 bits of the mantissa into three 24-bit integers
-      stored in a double array.  */
-   exp = j0 - 23;
---- /dev/null
-+++ b/sysdeps/ieee754/ldbl-96/test-sinl-pseudo.c
-@@ -0,0 +1,41 @@
-+/* Test sinl for pseudo-zeros and unnormals for ldbl-96 (bug 25487).
-+   Copyright (C) 2020 Free Software Foundation, Inc.
-+   This file is part of the GNU C Library.
-+
-+   The GNU C Library is free software; you can redistribute it and/or
-+   modify it under the terms of the GNU Lesser General Public
-+   License as published by the Free Software Foundation; either
-+   version 2.1 of the License, or (at your option) any later version.
-+
-+   The GNU C Library is distributed in the hope that it will be useful,
-+   but WITHOUT ANY WARRANTY; without even the implied warranty of
-+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
-+   Lesser General Public License for more details.
-+
-+   You should have received a copy of the GNU Lesser General Public
-+   License along with the GNU C Library; if not, see
-+   <https://www.gnu.org/licenses/>.  */
-+
-+#include <math.h>
-+#include <math_ldbl.h>
-+#include <stdint.h>
-+
-+static int
-+do_test (void)
-+{
-+  for (int i = 0; i < 64; i++)
-+    {
-+      uint64_t sig = i == 63 ? 0 : 1ULL << i;
-+      long double ld;
-+      SET_LDOUBLE_WORDS (ld, 0x4141,
-+			 sig >> 32, sig & 0xffffffffULL);
-+      /* The requirement is that no stack overflow occurs when the
-+	 pseudo-zero or unnormal goes through range reduction.  */
-+      volatile long double ldr;
-+      ldr = sinl (ld);
-+      (void) ldr;
-+    }
-+  return 0;
-+}
-+
-+#include <support/test-driver.c>
diff --git a/pkgs/development/libraries/glibc/common.nix b/pkgs/development/libraries/glibc/common.nix
index 0b2f34c7b765..3de840d4e3c6 100644
--- a/pkgs/development/libraries/glibc/common.nix
+++ b/pkgs/development/libraries/glibc/common.nix
@@ -41,9 +41,9 @@
 } @ args:
 
 let
-  version = "2.31";
+  version = "2.32";
   patchSuffix = "";
-  sha256 = "05zxkyz9bv3j9h0xyid1rhvh3klhsmrpkf3bcs6frvlgyr2gwilj";
+  sha256 = "0di848ibffrnwq7g2dvgqrnn4xqhj3h96csn69q4da51ymafl9qn";
 in
 
 assert withLinuxHeaders -> linuxHeaders != null;
@@ -59,9 +59,6 @@ stdenv.mkDerivation ({
 
   patches =
     [
-      /* Have rpcgen(1) look for cpp(1) in $PATH.  */
-      ./rpcgen-path.patch
-
       /* Allow NixOS and Nix to handle the locale-archive. */
       ./nix-locale-archive.patch
 
@@ -113,8 +110,6 @@ stdenv.mkDerivation ({
       })
 
       ./fix-x64-abi.patch
-      ./2.30-cve-2020-1752.patch
-      ./2.31-cve-2020-10029.patch
     ]
     ++ lib.optional stdenv.hostPlatform.isMusl ./fix-rpc-types-musl-conflicts.patch
     ++ lib.optional stdenv.buildPlatform.isDarwin ./darwin-cross-build.patch;
@@ -146,8 +141,6 @@ stdenv.mkDerivation ({
   configureFlags =
     [ "-C"
       "--enable-add-ons"
-      "--enable-obsolete-nsl"
-      "--enable-obsolete-rpc"
       "--sysconfdir=/etc"
       "--enable-stackguard-randomization"
       (lib.withFeatureAs withLinuxHeaders "headers" "${linuxHeaders}/include")
@@ -226,7 +219,7 @@ stdenv.mkDerivation ({
 
   doCheck = false; # fails
 
-  meta = {
+  meta = with lib; {
     homepage = "https://www.gnu.org/software/libc/";
     description = "The GNU C Library";
 
@@ -239,10 +232,10 @@ stdenv.mkDerivation ({
          most systems with the Linux kernel.
       '';
 
-    license = lib.licenses.lgpl2Plus;
+    license = licenses.lgpl2Plus;
 
-    maintainers = [ lib.maintainers.eelco ];
-    platforms = lib.platforms.linux;
+    maintainers = with maintainers; [ eelco ma27 ];
+    platforms = platforms.linux;
   } // meta;
 }