!23 [sync] PR-18: do not remove info/dir by default

From: @openeuler-sync-bot 
Reviewed-by: @liqingqing_1229 
Signed-off-by: @liqingqing_1229

0001-correctly-check-for-out-of-bounds-allocation-reqs.patch

@@ -1,107 +0,0 @@
-From aa106b29a6a8a1b0df9e334704292cbc32f2d44e Mon Sep 17 00:00:00 2001
-From: Corinna Vinschen <vinschen@redhat.com>
-Date: Tue, 17 Nov 2020 10:50:57 +0100
-Subject: [PATCH] malloc/nano-malloc: correctly check for out-of-bounds
- allocation reqs
-CVE: CVE-2021-3420
-Reference: https://sourceware.org/git/?p=newlib-cygwin.git;a=commit;h=aa106b29a6a8a1b0df9e334704292cbc32f2d44e
-
-The overflow check in mEMALIGn erroneously checks for INT_MAX,
-albeit the input parameter is size_t.  Fix this to check for
-__SIZE_MAX__ instead.  Also, it misses to check the req against
-adding the alignment before calling mALLOc.
-
-While at it, add out-of-bounds checks to pvALLOc, nano_memalign,
-nano_valloc, and Cygwin's (unused) dlpvalloc.
-
-Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
----
- newlib/libc/stdlib/mallocr.c      |  7 ++++++-
- newlib/libc/stdlib/nano-mallocr.c | 22 +++++++++++++++++++++-
- winsup/cygwin/malloc.cc           |  4 ++++
- 3 files changed, 31 insertions(+), 2 deletions(-)
-
-diff --git a/newlib/libc/stdlib/mallocr.c b/newlib/libc/stdlib/mallocr.c
-index 26d1c89c..af877605 100644
---- a/newlib/libc/stdlib/mallocr.c
-+++ b/newlib/libc/stdlib/mallocr.c
-@@ -3055,7 +3055,7 @@ Void_t* mEMALIGn(RARG alignment, bytes) RDECL size_t alignment; size_t bytes;
-   nb = request2size(bytes);
- 
-   /* Check for overflow. */
--  if (nb > INT_MAX || nb < bytes)
-+  if (nb > __SIZE_MAX__ - (alignment + MINSIZE) || nb < bytes)
-   {
-     RERRNO = ENOMEM;
-     return 0;
-@@ -3172,6 +3172,11 @@ Void_t* pvALLOc(RARG bytes) RDECL size_t bytes;
- #endif
- {
-   size_t pagesize = malloc_getpagesize;
-+  if (bytes > __SIZE_MAX__ - pagesize)
-+  {
-+    RERRNO = ENOMEM;
-+    return 0;
-+  }
-   return mEMALIGn (RCALL pagesize, (bytes + pagesize - 1) & ~(pagesize - 1));
- }
- 
-diff --git a/newlib/libc/stdlib/nano-mallocr.c b/newlib/libc/stdlib/nano-mallocr.c
-index 13b72c99..edf68e7a 100644
---- a/newlib/libc/stdlib/nano-mallocr.c
-+++ b/newlib/libc/stdlib/nano-mallocr.c
-@@ -568,8 +568,22 @@ void * nano_memalign(RARG size_t align, size_t s)
-     if ((align & (align-1)) != 0) return NULL;
- 
-     align = MAX(align, MALLOC_ALIGN);
-+
-+   /* Make sure ma_size does not overflow */
-+   if (s > __SIZE_MAX__ - CHUNK_ALIGN)
-+   {
-+	RERRNO = ENOMEM;
-+	return NULL;
-+   }
-     ma_size = ALIGN_TO(MAX(s, MALLOC_MINSIZE), CHUNK_ALIGN);
--    size_with_padding = ma_size + align - MALLOC_ALIGN;
-+
-+   /* Make sure size_with_padding does not overflow */
-+   if (ma_size > __SIZE_MAX__ - (align - MALLOC_ALIGN))
-+   {
-+	RERRNO = ENOMEM;
-+	return NULL;
-+   }
-+   size_with_padding = ma_size + (align - MALLOC_ALIGN);
- 
-     allocated = nano_malloc(RCALL size_with_padding);
-     if (allocated == NULL) return NULL;
-@@ -632,6 +646,12 @@ void * nano_valloc(RARG size_t s)
- #ifdef DEFINE_PVALLOC
- void * nano_pvalloc(RARG size_t s)
- {
-+   /* Make sure size given to nano_valloc does not overflow */
-+   if (s > __SIZE_MAX__ - MALLOC_PAGE_ALIGN)
-+   {
-+	RERRNO = ENOMEM;
-+	return NULL;
-+   }
-     return nano_valloc(RCALL ALIGN_TO(s, MALLOC_PAGE_ALIGN));
- }
- #endif /* DEFINE_PVALLOC */
-diff --git a/winsup/cygwin/malloc.cc b/winsup/cygwin/malloc.cc
-index 23c35407..8a1fc257 100644
---- a/winsup/cygwin/malloc.cc
-+++ b/winsup/cygwin/malloc.cc
-@@ -5298,6 +5298,10 @@ void* dlpvalloc(size_t bytes) {
-   size_t pagesz;
-   ensure_initialization();
-   pagesz = mparams.page_size;
-+  if (bytes > MAX_REQUEST) {
-+    MALLOC_FAILURE_ACTION;
-+    return NULL;
-+  }
-   return dlmemalign(pagesz, (bytes + pagesz - SIZE_T_ONE) & ~(pagesz - SIZE_T_ONE));
- }
- 
--- 
-2.33.0.windows.2
-

Modify-neon-instruction.patch

@@ -0,0 +1,144 @@
+From 48c25d7907a6909ed92db94da6d52ae3ca91f17e Mon Sep 17 00:00:00 2001
+From: 15859157387 <977713017@qq.com>
+Date: Wed, 6 Sep 2023 09:10:25 +0800
+Subject: [PATCH] modify 2d to d
+
+---
+ newlib/libc/machine/aarch64/memchr.S    |  6 +++---
+ newlib/libc/machine/aarch64/strchr.S    |  6 +++---
+ newlib/libc/machine/aarch64/strchrnul.S |  6 +++---
+ newlib/libc/machine/aarch64/strrchr.S   | 10 +++++-----
+ 4 files changed, 14 insertions(+), 14 deletions(-)
+
+diff --git a/newlib/libc/machine/aarch64/memchr.S b/newlib/libc/machine/aarch64/memchr.S
+index 53f5d6b..81fcecc 100644
+--- a/newlib/libc/machine/aarch64/memchr.S
++++ b/newlib/libc/machine/aarch64/memchr.S
+@@ -110,7 +110,7 @@ def_fn memchr
+ 	and	vhas_chr2.16b, vhas_chr2.16b, vrepmask.16b
+ 	addp	vend.16b, vhas_chr1.16b, vhas_chr2.16b		/* 256->128 */
+ 	addp	vend.16b, vend.16b, vend.16b			/* 128->64 */
+-	mov	synd, vend.2d[0]
++	mov	synd, vend.d[0]
+ 	/* Clear the soff*2 lower bits */
+ 	lsl	tmp, soff, #1
+ 	lsr	synd, synd, tmp
+@@ -130,7 +130,7 @@ def_fn memchr
+ 	/* Use a fast check for the termination condition */
+ 	orr	vend.16b, vhas_chr1.16b, vhas_chr2.16b
+ 	addp	vend.2d, vend.2d, vend.2d
+-	mov	synd, vend.2d[0]
++	mov	synd, vend.d[0]
+ 	/* We're not out of data, loop if we haven't found the character */
+ 	cbz	synd, .Lloop
+ 
+@@ -140,7 +140,7 @@ def_fn memchr
+ 	and	vhas_chr2.16b, vhas_chr2.16b, vrepmask.16b
+ 	addp	vend.16b, vhas_chr1.16b, vhas_chr2.16b		/* 256->128 */
+ 	addp	vend.16b, vend.16b, vend.16b			/* 128->64 */
+-	mov	synd, vend.2d[0]
++	mov	synd, vend.d[0]
+ 	/* Only do the clear for the last possible block */
+ 	b.hi	.Ltail
+ 
+diff --git a/newlib/libc/machine/aarch64/strchr.S b/newlib/libc/machine/aarch64/strchr.S
+index 2448dbc..7061078 100644
+--- a/newlib/libc/machine/aarch64/strchr.S
++++ b/newlib/libc/machine/aarch64/strchr.S
+@@ -117,7 +117,7 @@ def_fn strchr
+ 	addp	vend1.16b, vend1.16b, vend2.16b		// 128->64
+ 	lsr	tmp1, tmp3, tmp1
+ 
+-	mov	tmp3, vend1.2d[0]
++	mov	tmp3, vend1.d[0]
+ 	bic	tmp1, tmp3, tmp1	// Mask padding bits.
+ 	cbnz	tmp1, .Ltail
+ 
+@@ -132,7 +132,7 @@ def_fn strchr
+ 	orr	vend2.16b, vhas_nul2.16b, vhas_chr2.16b
+ 	orr	vend1.16b, vend1.16b, vend2.16b
+ 	addp	vend1.2d, vend1.2d, vend1.2d
+-	mov	tmp1, vend1.2d[0]
++	mov	tmp1, vend1.d[0]
+ 	cbz	tmp1, .Lloop
+ 
+ 	/* Termination condition found.  Now need to establish exactly why
+@@ -146,7 +146,7 @@ def_fn strchr
+ 	addp	vend1.16b, vend1.16b, vend2.16b		// 256->128
+ 	addp	vend1.16b, vend1.16b, vend2.16b		// 128->64
+ 
+-	mov	tmp1, vend1.2d[0]
++	mov	tmp1, vend1.d[0]
+ .Ltail:
+ 	/* Count the trailing zeros, by bit reversing...  */
+ 	rbit	tmp1, tmp1
+diff --git a/newlib/libc/machine/aarch64/strchrnul.S b/newlib/libc/machine/aarch64/strchrnul.S
+index a0ac13b..fd2002f 100644
+--- a/newlib/libc/machine/aarch64/strchrnul.S
++++ b/newlib/libc/machine/aarch64/strchrnul.S
+@@ -109,7 +109,7 @@ def_fn strchrnul
+ 	addp	vend1.16b, vend1.16b, vend1.16b		// 128->64
+ 	lsr	tmp1, tmp3, tmp1
+ 
+-	mov	tmp3, vend1.2d[0]
++	mov	tmp3, vend1.d[0]
+ 	bic	tmp1, tmp3, tmp1	// Mask padding bits.
+ 	cbnz	tmp1, .Ltail
+ 
+@@ -124,7 +124,7 @@ def_fn strchrnul
+ 	orr	vhas_chr2.16b, vhas_nul2.16b, vhas_chr2.16b
+ 	orr	vend1.16b, vhas_chr1.16b, vhas_chr2.16b
+ 	addp	vend1.2d, vend1.2d, vend1.2d
+-	mov	tmp1, vend1.2d[0]
++	mov	tmp1, vend1.d[0]
+ 	cbz	tmp1, .Lloop
+ 
+ 	/* Termination condition found.  Now need to establish exactly why
+@@ -134,7 +134,7 @@ def_fn strchrnul
+ 	addp	vend1.16b, vhas_chr1.16b, vhas_chr2.16b		// 256->128
+ 	addp	vend1.16b, vend1.16b, vend1.16b		// 128->64
+ 
+-	mov	tmp1, vend1.2d[0]
++	mov	tmp1, vend1.d[0]
+ .Ltail:
+ 	/* Count the trailing zeros, by bit reversing...  */
+ 	rbit	tmp1, tmp1
+diff --git a/newlib/libc/machine/aarch64/strrchr.S b/newlib/libc/machine/aarch64/strrchr.S
+index d64fc09..1b6f075 100644
+--- a/newlib/libc/machine/aarch64/strrchr.S
++++ b/newlib/libc/machine/aarch64/strrchr.S
+@@ -120,10 +120,10 @@ def_fn strrchr
+ 	addp	vhas_chr1.16b, vhas_chr1.16b, vhas_chr2.16b	// 256->128
+ 	addp	vhas_nul1.16b, vhas_nul1.16b, vhas_nul1.16b	// 128->64
+ 	addp	vhas_chr1.16b, vhas_chr1.16b, vhas_chr1.16b	// 128->64
+-	mov	nul_match, vhas_nul1.2d[0]
++	mov	nul_match, vhas_nul1.d[0]
+ 	lsl	tmp1, tmp1, #1
+ 	mov	const_m1, #~0
+-	mov	chr_match, vhas_chr1.2d[0]
++	mov	chr_match, vhas_chr1.d[0]
+ 	lsr	tmp3, const_m1, tmp1
+ 
+ 	bic	nul_match, nul_match, tmp3	// Mask padding bits.
+@@ -146,15 +146,15 @@ def_fn strrchr
+ 	addp	vhas_chr1.16b, vhas_chr1.16b, vhas_chr2.16b	// 256->128
+ 	addp	vend1.16b, vend1.16b, vend1.16b	// 128->64
+ 	addp	vhas_chr1.16b, vhas_chr1.16b, vhas_chr1.16b	// 128->64
+-	mov	nul_match, vend1.2d[0]
+-	mov	chr_match, vhas_chr1.2d[0]
++	mov	nul_match, vend1.d[0]
++	mov	chr_match, vhas_chr1.d[0]
+ 	cbz	nul_match, .Lloop
+ 
+ 	and	vhas_nul1.16b, vhas_nul1.16b, vrepmask_0.16b
+ 	and	vhas_nul2.16b, vhas_nul2.16b, vrepmask_0.16b
+ 	addp	vhas_nul1.16b, vhas_nul1.16b, vhas_nul2.16b
+ 	addp	vhas_nul1.16b, vhas_nul1.16b, vhas_nul1.16b
+-	mov	nul_match, vhas_nul1.2d[0]
++	mov	nul_match, vhas_nul1.d[0]
+ 
+ .Ltail:
+ 	/* Work out exactly where the string ends.  */
+-- 
+2.27.0
+

fix-CVE-2024-30949.patch

@@ -0,0 +1,54 @@
+From 5f15d7c5817b07a6b18cbab17342c95cb7b42be4 Mon Sep 17 00:00:00 2001
+From: Kuan-Wei Chiu <visitorckw@gmail.com>
+Date: Fri, 20 Sep 2024 12:44:40 +0800
+Subject: [PATCH] fix CVE-2024-30949
+
+RISC-V: Fix timeval conversion in _gettimeofday()
+
+Replace multiplication with division for microseconds calculation from
+nanoseconds in _gettimeofday function.
+
+---
+ libgloss/riscv/sys_gettimeofday.c | 23 ++++++++++++++++++++++-
+ 1 file changed, 22 insertions(+), 1 deletion(-)
+
+diff --git a/libgloss/riscv/sys_gettimeofday.c b/libgloss/riscv/sys_gettimeofday.c
+index 457dcbc..5379a89 100644
+--- a/libgloss/riscv/sys_gettimeofday.c
++++ b/libgloss/riscv/sys_gettimeofday.c
+@@ -1,10 +1,31 @@
+ #include <machine/syscall.h>
+ #include <sys/time.h>
++#include <stdint.h>
+ #include "internal_syscall.h"
+ 
+ /* Get the current time.  Only relatively correct.  */
+ int
+ _gettimeofday(struct timeval *tp, void *tzp)
+ {
+-  return syscall_errno (SYS_gettimeofday, tp, 0, 0, 0, 0, 0);
++#if __riscv_xlen == 32
++  struct __timespec64
++  {
++    int64_t tv_sec;         /* Seconds */
++# if BYTE_ORDER == BIG_ENDIAN
++    int32_t __padding;      /* Padding */
++    int32_t tv_nsec;        /* Nanoseconds */
++# else
++    int32_t tv_nsec;        /* Nanoseconds */
++    int32_t __padding;      /* Padding */
++# endif
++  };
++  struct __timespec64 ts64;
++  int rv;
++  rv = syscall_errno (SYS_clock_gettime64, 2, 0, (long)&ts64, 0, 0, 0, 0);
++  tp->tv_sec = ts64.tv_sec;
++  tp->tv_usec = ts64.tv_nsec / 1000;
++  return rv;
++#else
++  return syscall_errno (SYS_gettimeofday, 1, tp, 0, 0, 0, 0, 0);
++#endif
+ }
+-- 
+2.43.0
+

newlib.spec

@@ -1,16 +1,21 @@
 %global debug_package %{nil}
 %global _newlib newlib
+%global __brp_remove_info_dir %{nil}
 Name:           newlib
 Version:        3.3.0
-Release:        2
+Release:        6
 Summary:        Newlib is a C library intended for use on embedded systems.
 
 License:        BSD
 URL:            https://sourceware.org/newlib/
 Source0:        ftp://sourceware.org/pub/newlib/newlib-%{version}.tar.gz
 
+Patch01:      Modify-neon-instruction.patch
+Patch02:      fix-CVE-2024-30949.patch
 BuildRequires:  make gcc binutils texinfo texinfo-tex
 
+Excludearch:	loongarch64
+
 %description
 
 Newlib is a C library intended for use on embedded systems. It is a conglomeration 
@@ -19,21 +24,27 @@ usable on embedded products.
 
 
 %prep
-%autosetup
+%autosetup -p1
 
 
 %build
 rm -rf build-newlib
 mkdir build-newlib
 cd build-newlib
+
+%if "%toolchain" == "clang"
+export CFLAGS="-O2 -D_FORTIFY_SOURCE=0 -ffreestanding"
+%else
 export CFLAGS="-O2 -D_FORTIFY_SOURCE=0"
+%endif
+
 ../newlib/configure --prefix=%{_prefix}
 make %{?_smp_mflags}
 cd ..
 
 
 %install
-rm -rf %{buildroot}
+export AM_UPDATE_INFO_DIR=yes
 cd build-newlib
 make DESTDIR=%{buildroot}%{_prefix}/%{_newlib} install install-info
 cd ..
@@ -54,8 +65,20 @@ cd ..
 
 
 %changelog
+* Wed Feb 12 2025 Funda Wang <fundawang@yeah.net> - 3.3.0-6
+- do not remove info/dir by default
+
+* Wed Sep 25 2024 changtao <changtao@kylinos.cn> - 3.3.0-5
+- fix CVE-2024-30949
+
+* Sat Jun 08 2024 yueyuankun <yueyuankun@kylinos.cn> - 3.3.0-4
+- add Excludearch: loongarch64
+
+* Wed Sep 6 2023 renyi <977713017@qq.com> - 3.3.0-3
+- Support building this package with clang
+
 * Wed Dec 15 2021 jiangxinyu <jiangxinyu@kylinos.cn> - 3.3.0-2
 - Remove the release suffix
 
 * Sat Sep 25 2021 Lijinpei <lijinpei@huawei.com>
-- Package init
+- Package init

newlib.yaml

@@ -1,4 +1,4 @@
-version_control: sourceware.org
-src_repo: git/newlib-cygwin
-tag_prefix: "newlib"
+version_control: git
+src_repo: git://sourceware.org/git/newlib-cygwin.git
+tag_prefix: "^newlib-"
 separator: "."