From 42d61765b0712d7746b12cc90316ebc088383c0b Mon Sep 17 00:00:00 2001
From: panzhe0328 <panzhe@kylinos.cn>
Date: Tue, 28 Oct 2025 14:44:17 +0800
Subject: [PATCH] sync from glibc upstream for fix bugs

---
 glibc.spec                                    | 11 ++-
 ...idation-for-pre-2.1-interpos-handles.patch | 37 +++++++++
 ...CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch | 39 +++++++++
 ...me-enable-cet-if-GCC-defaults-to-CET.patch | 80 +++++++++++++++++++
 4 files changed, 166 insertions(+), 1 deletion(-)
 create mode 100644 libio-Disable-vtable-validation-for-pre-2.1-interpos-handles.patch
 create mode 100644 string-Define__CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch
 create mode 100644 x86-Assume-enable-cet-if-GCC-defaults-to-CET.patch

diff --git a/glibc.spec b/glibc.spec
index 73a3e2c3..6f76f5af 100644
--- a/glibc.spec
+++ b/glibc.spec
@@ -62,7 +62,7 @@
 ##############################################################################
 Name: 	 	glibc
 Version: 	2.28
-Release: 	119
+Release: 	120
 Summary: 	The GNU libc libraries
 License:	%{all_license}
 URL: 		http://www.gnu.org/software/glibc/
@@ -187,6 +187,9 @@ Patch100: malloc_remove_unwanted_leading_whitespace_in_malloc_info.patch
 Patch101: malloc-Add-more-integrity-checks-to-mremap_chunk.patch
 Patch102: malloc-Fix-tcache-count-maximum.patch
 Patch103: nscd-avoid-assertion-failure-during-persistent-db-ch.patch
+Patch104: libio-Disable-vtable-validation-for-pre-2.1-interpos-handles.patch
+Patch105: x86-Assume-enable-cet-if-GCC-defaults-to-CET.patch
+Patch106: string-Define__CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch
 
 Provides: ldconfig rtld(GNU_HASH) bundled(gnulib)
 
@@ -1306,6 +1309,12 @@ fi
 %endif
 
 %changelog
+* Tue Oct 28 2025 panzhe <panzhe@kylinos.cn> - 2.28-120
+- sync from glibc upstream for fix bugs
+- libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203]
+- x86: Assume --enable-cet if GCC defaults to CET [BZ #25225]
+- string: Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang [BZ #25232]
+
 * Mon Oct 27 2025 panzhe <panzhe@kylinos.cn> - 2.28-119
 - nscd: avoid assertion failure during persistent db check
 
diff --git a/libio-Disable-vtable-validation-for-pre-2.1-interpos-handles.patch b/libio-Disable-vtable-validation-for-pre-2.1-interpos-handles.patch
new file mode 100644
index 00000000..b0c52d45
--- /dev/null
+++ b/libio-Disable-vtable-validation-for-pre-2.1-interpos-handles.patch
@@ -0,0 +1,37 @@
+From cb61630ed712d033f54295f776967532d3f4b46a Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Fri, 22 Nov 2019 22:10:42 +0100
+Subject: [PATCH] libio: Disable vtable validation for pre-2.1 interposed
+ handles [BZ #25203]
+
+Commit c402355dfa7807b8e0adb27c009135a7e2b9f1b0 ("libio: Disable
+vtable validation in case of interposition [BZ #23313]") only covered
+the interposable glibc 2.1 handles, in libio/stdfiles.c.  The
+parallel code in libio/oldstdfiles.c needs similar detection logic.
+
+Fixes (again) commit db3476aff19b75c4fdefbe65fcd5f0a90588ba51
+("libio: Implement vtable verification [BZ #20191]").
+
+---
+ libio/oldstdfiles.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/libio/oldstdfiles.c b/libio/oldstdfiles.c
+index f3dda890..d09b6fc8 100644
+--- a/libio/oldstdfiles.c
++++ b/libio/oldstdfiles.c
+@@ -87,6 +87,11 @@ _IO_check_libio (void)
+ 	stdout->_vtable_offset = stderr->_vtable_offset =
+ 	((int) sizeof (struct _IO_FILE)
+ 	 - (int) sizeof (struct _IO_FILE_complete));
++
++      if (_IO_stdin_.vtable != &_IO_old_file_jumps
++          || _IO_stdout_.vtable != &_IO_old_file_jumps
++          || _IO_stderr_.vtable != &_IO_old_file_jumps)
++        IO_set_accept_foreign_vtables (&_IO_vtable_check);
+     }
+ }
+ 
+-- 
+2.33.0
+
diff --git a/string-Define__CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch b/string-Define__CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch
new file mode 100644
index 00000000..f33bad8e
--- /dev/null
+++ b/string-Define__CORRECT_ISO_CPP_STRING_H_PROTO-for-C.patch
@@ -0,0 +1,39 @@
+From 953ceff17a4a15b10cfdd5edc3c8cae4884c8ec3 Mon Sep 17 00:00:00 2001
+From: Kamlesh Kumar <kamleshbhalui@gmail.com>
+Date: Thu, 5 Dec 2019 16:49:00 +0100
+Subject: [PATCH] <string.h>: Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang
+ [BZ #25232]
+
+Without the asm redirects, strchr et al. are not const-correct.
+
+libc++ has a wrapper header that works with and without
+__CORRECT_ISO_CPP_STRING_H_PROTO (using a Clang extension).  But when
+Clang is used with libstdc++ or just C headers, the overloaded functions
+with the correct types are not declared.
+
+This change does not impact current GCC (with libstdc++ or libc++).
+---
+ string/string.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/string/string.h b/string/string.h
+index 150cfd8b..67c108a6 100644
+--- a/string/string.h
++++ b/string/string.h
+@@ -33,11 +33,11 @@ __BEGIN_DECLS
+ #include <stddef.h>
+ 
+ /* Tell the caller that we provide correct C++ prototypes.  */
+-#if defined __cplusplus && __GNUC_PREREQ (4, 4)
++#if defined __cplusplus && (__GNUC_PREREQ (4, 4) \
++                            || __glibc_clang_prereq (3, 5))
+ # define __CORRECT_ISO_CPP_STRING_H_PROTO
+ #endif
+ 
+-
+ /* Copy N bytes of SRC to DEST.  */
+ extern void *memcpy (void *__restrict __dest, const void *__restrict __src,
+ 		     size_t __n) __THROW __nonnull ((1, 2));
+-- 
+2.33.0
+
diff --git a/x86-Assume-enable-cet-if-GCC-defaults-to-CET.patch b/x86-Assume-enable-cet-if-GCC-defaults-to-CET.patch
new file mode 100644
index 00000000..9a46c3bc
--- /dev/null
+++ b/x86-Assume-enable-cet-if-GCC-defaults-to-CET.patch
@@ -0,0 +1,80 @@
+From 9fb8139079ef0bb1aa33a4ae418cbb113b9b9da7 Mon Sep 17 00:00:00 2001
+From: Florian Weimer <fweimer@redhat.com>
+Date: Tue, 3 Dec 2019 18:48:18 +0100
+Subject: [PATCH] x86: Assume --enable-cet if GCC defaults to CET [BZ #25225]
+
+This links in CET support if GCC defaults to CET.  Otherwise, __CET__
+is defined, yet CET functionality is not compiled and linked into the
+dynamic loader, resulting in a linker failure due to undefined
+references to _dl_cet_check and _dl_open_check.
+
+---
+ configure    | 23 ++++++++++++++++++++++-
+ configure.ac |  9 ++++++++-
+ 2 files changed, 30 insertions(+), 2 deletions(-)
+
+diff --git a/configure b/configure
+index 95c7646e..d1766110 100755
+--- a/configure
++++ b/configure
+@@ -3777,11 +3777,32 @@ else
+ fi
+ 
+ 
++cat confdefs.h - <<_ACEOF >conftest.$ac_ext
++/* end confdefs.h.  */
++
++int
++main ()
++{
++
++#ifndef __CET__
++#error no CET compiler support
++#endif
++  ;
++  return 0;
++}
++_ACEOF
++if ac_fn_c_try_compile "$LINENO"; then :
++  libc_cv_compiler_default_cet=yes
++else
++  libc_cv_compiler_default_cet=no
++fi
++rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
++
+ # Check whether --enable-cet was given.
+ if test "${enable_cet+set}" = set; then :
+   enableval=$enable_cet; enable_cet=$enableval
+ else
+-  enable_cet=no
++  enable_cet=$libc_cv_compiler_default_cet
+ fi
+ 
+ 
+diff --git a/configure.ac b/configure.ac
+index 4df72a75..14b0f398 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -472,11 +472,18 @@ AC_ARG_ENABLE([mathvec],
+ 	      [build_mathvec=$enableval],
+ 	      [build_mathvec=notset])
+ 
++AC_TRY_COMPILE([], [
++#ifndef __CET__
++# error no CET compiler support
++#endif],
++               [libc_cv_compiler_default_cet=yes],
++               [libc_cv_compiler_default_cet=no])
++
+ AC_ARG_ENABLE([cet],
+ 	      AC_HELP_STRING([--enable-cet],
+ 			     [enable Intel Control-flow Enforcement Technology (CET), x86 only]),
+ 	      [enable_cet=$enableval],
+-	      [enable_cet=no])
++	      [enable_cet=$libc_cv_compiler_default_cet])
+ 
+ # We keep the original values in `$config_*' and never modify them, so we
+ # can write them unchanged into config.make.  Everything else uses
+-- 
+2.33.0
+
-- 
Gitee