move ssp back to FILESDIR since its easier to manage here

2 files changed, 185 insertions, 13 deletions

diff --git a/sys-libs/glibc/Manifest b/sys-libs/glibc/Manifest
index ceacecefba60..86ffefa1d418 100644
--- a/sys-libs/glibc/Manifest
+++ b/sys-libs/glibc/Manifest
@@ -2,40 +2,40 @@ MD5 a21b53d7bce27855c61c23ebe3aa72ca ChangeLog 73343
 MD5 45b53d55a7990f579c81cc9698091b8b glibc-2.2.5-r10.ebuild 4454
 MD5 41a105e32ad4b0a4a8a2129645eed295 glibc-2.3.2-r12.ebuild 22301
 MD5 567094e03359ffc1c95af7356395228d metadata.xml 162
-MD5 dc4c20dd0eff03811d1dd30929dfdd34 glibc-2.3.5.ebuild 39310
+MD5 c5def2406c0304f57d41de3464b85829 glibc-2.3.5.ebuild 39693
 MD5 aeaeffc56ce8fedabbb5682693320b6b glibc-2.3.3.20040420-r2.ebuild 21685
 MD5 e44a41af599672120302813550b65a61 glibc-2.3.4.20040619-r2.ebuild 21356
-MD5 83d709648d3b577a09c1960c609ce509 glibc-2.3.5.20050421.ebuild 40252
+MD5 408a8619c0081fc115752c82f9f4959d glibc-2.3.5.20050421.ebuild 40445
 MD5 5ccfebdf2c0864c59f2cee75424bb29b glibc-2.3.4.20041102-r1.ebuild 33941
 MD5 7946da1bf84f19ad3896a61428c7a05a glibc-2.3.4.20040808-r1.ebuild 27705
 MD5 f657c3015509b40205f9eefa49d12c89 glibc-2.3.4.20050125-r1.ebuild 38637
 MD5 ee442d9b608306c5d87dff3248cb17ea glibc-2.3.4.20041102.ebuild 32976
 MD5 3622860499eecaced6dda4562aeb1b65 glibc-2.3.4.20050125.ebuild 35394
 MD5 8d58079469aedb014a800101ef60558f files/nsswitch.conf 503
+MD5 bed7cbcac1e8582deda43664e5b3f19c files/digest-glibc-2.2.5-r10 290
 MD5 2d5306ef875573750af642a9f93b634a files/digest-glibc-2.3.2-r12 312
 MD5 42af7e35fe2404a49954f91fd1aee891 files/digest-glibc-2.3.3.20040420-r2 312
 MD5 470f57fe18dd0a94cb4a4d6cf51528af files/digest-glibc-2.3.4.20040619-r2 307
 MD5 2f05d3181e9a9ded61e074147af47e8e files/digest-glibc-2.3.4.20040808-r1 382
+MD5 75b85b24e4ded1b0e8a0a762d5805818 files/digest-glibc-2.3.4.20041102 383
+MD5 75b85b24e4ded1b0e8a0a762d5805818 files/digest-glibc-2.3.4.20041102-r1 383
 MD5 5f2690b0a60b336ec8f26fa3a8898361 files/digest-glibc-2.3.4.20050125 371
+MD5 71c18ba0155b5cf1e7e4bf990225d566 files/digest-glibc-2.3.4.20050125-r1 521
+MD5 07cfaa15b8863c39585dcbf7c859e278 files/digest-glibc-2.3.5 518
+MD5 0f5c7825b61f2919ca8f7834d1c496c1 files/digest-glibc-2.3.5.20050421 604
 MD5 e4393f4721a207750581d6265d5f7f40 files/fix-sysctl_h.patch 376
 MD5 52cfc7627fc62dfb26d8d163aac361f6 files/glibc-2.2.2-test-lfs-timeout.patch 320
+MD5 c4300e2f8808cb38a308745ed8b77367 files/locales.build 602
+MD5 bedcd868a9462009158714238594173c files/nscd 964
+MD5 2013443f5192d4b999953ba4248d288c files/nscd.conf 1158
+MD5 d8830438ea871dbfd1acf7a3d0299159 files/test-__thread.c 53
+MD5 4404ee4b6e3017819d8f36082e0265e5 files/test-sysctl_h.c 54
 MD5 135f8145885a2f4f9876fe973f33ddf6 files/glibc-2.2.4-string2.h.diff 5221
 MD5 b712a49b5113fccb4c8b0ada2a30d390 files/glibc-manpages-2.2.5.tar.bz2 14610
 MD5 184eddb92615fb991dce41b9edbfa690 files/glibc-manpages-2.3.2.tar.bz2 14700
 MD5 13701e6cc0de584680502c0cd958f2cf files/glibc-sec-hotfix-20040804.patch 4319
 MD5 bbe355d94c5a36e11f543d12b70b5702 files/glibc-sec-hotfix-20040916.patch 3080
 MD5 d688e44731d6e4b757382d7646c492c3 files/glibc-xdr_security.patch 6612
-MD5 c4300e2f8808cb38a308745ed8b77367 files/locales.build 602
-MD5 bedcd868a9462009158714238594173c files/nscd 964
-MD5 2013443f5192d4b999953ba4248d288c files/nscd.conf 1158
-MD5 d8830438ea871dbfd1acf7a3d0299159 files/test-__thread.c 53
-MD5 4404ee4b6e3017819d8f36082e0265e5 files/test-sysctl_h.c 54
-MD5 75b85b24e4ded1b0e8a0a762d5805818 files/digest-glibc-2.3.4.20041102 383
-MD5 bed7cbcac1e8582deda43664e5b3f19c files/digest-glibc-2.2.5-r10 290
-MD5 71c18ba0155b5cf1e7e4bf990225d566 files/digest-glibc-2.3.4.20050125-r1 521
-MD5 75b85b24e4ded1b0e8a0a762d5805818 files/digest-glibc-2.3.4.20041102-r1 383
-MD5 07cfaa15b8863c39585dcbf7c859e278 files/digest-glibc-2.3.5 518
-MD5 0f5c7825b61f2919ca8f7834d1c496c1 files/digest-glibc-2.3.5.20050421 604
 MD5 f75ebd335c4b882013cc12229d39c9f7 files/2.2.5/glibc-2.2.5-alpha-gcc3-fix.diff 475
 MD5 843eaa26ae2c49e894aa365b6f463546 files/2.2.5/glibc-2.2.5-alpha-pcdyn-fix.diff 471
 MD5 5182f441608833569cb9e78536baf8af files/2.2.5/glibc-2.2.5-arm-errlist-fix.diff 2210
@@ -55,6 +55,7 @@ MD5 e6dc1e4d7839d2bb08c6865466791183 files/2.2.5/glibc-2.2.5-sunrpc-overflow.dif
 MD5 993732f56fdecf36f672198112fc5d5c files/2.2.5/glibc-2.2.5-threadsig.diff 636
 MD5 a50da56218f9aabc347d7e1130961cec files/2.2.5/glibc-2.2.5.divbyzero.patch 1694
 MD5 e9d9d086e8ed29ed49252d4cd0050f66 files/2.2.5/glibc-2.2.5.restrict_arr.patch 762
+MD5 35e58c96284f20b5000d04cc0f847ed9 files/2.3.5/ssp.c 4313
 MD5 941f13d27badc76c1e3704c59acaff26 files/2.3.1/glibc-2.3.1-ctype-compat-v3.patch 2823
 MD5 4f8ecd70003c5ca153ff7c204c54c1cf files/2.3.1/glibc-2.3.1-elf-machine-rela-mips.patch 1246
 MD5 afaf2540d2803ac066eb2555f2019a6f files/2.3.1/glibc-2.3.1-exit-syscall-mips.patch 633
diff --git a/sys-libs/glibc/files/2.3.5/ssp.c b/sys-libs/glibc/files/2.3.5/ssp.c
new file mode 100644
index 000000000000..4fcda2fa943c
--- /dev/null
+++ b/sys-libs/glibc/files/2.3.5/ssp.c
@@ -0,0 +1,171 @@
+/*
+ * Distributed under the terms of the GNU General Public License v2
+ * $Header: /var/cvsroot/gentoo-x86/sys-libs/glibc/files/2.3.5/ssp.c,v 1.1 2005/05/26 22:36:28 vapier Exp $
+ *
+ * This is a modified version of Hiroaki Etoh's stack smashing routines
+ * implemented for glibc.
+ *
+ * The following people have contributed input to this code.
+ * Ned Ludd - <solar[@]gentoo.org>
+ * Alexander Gabert - <pappy[@]gentoo.org>
+ * The PaX Team - <pageexec[@]freemail.hu>
+ * Peter S. Mazinger - <ps.m[@]gmx.net>
+ * Yoann Vandoorselaere - <yoann[@]prelude-ids.org>
+ * Robert Connolly - <robert[@]linuxfromscratch.org>
+ * Cory Visi <cory@visi.name>
+ *
+ */
+
+#ifdef HAVE_CONFIG_H
+# include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <fcntl.h>
+#include <unistd.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+#include <sys/syslog.h>
+#include <sys/time.h>
+#include <sys/sysctl.h>
+
+#ifndef _PATH_LOG
+# define _PATH_LOG "/dev/log"
+#endif
+
+#ifdef __PROPOLICE_BLOCK_SEGV__
+# define SSP_SIGTYPE SIGSEGV
+#elif __PROPOLICE_BLOCK_KILL__
+# define SSP_SIGTYPE SIGKILL
+#else
+# define SSP_SIGTYPE SIGABRT
+#endif
+
+unsigned long __guard = 0UL;
+
+/* Use of __* functions from the rest of glibc here avoids
+ * initialisation problems for executables preloaded with
+ * libraries that overload the associated standard library
+ * functions.
+ */
+void
+__guard_setup (void)
+{
+  size_t size;
+#ifdef HAVE_DEV_ERANDOM
+  int mib[3];
+#endif
+
+  if (__guard != 0UL)
+    return;
+
+#ifndef __SSP_QUICK_CANARY__
+#ifdef HAVE_DEV_ERANDOM
+  /* Random is another depth in Linux, hence an array of 3. */
+  mib[0] = CTL_KERN;
+  mib[1] = KERN_RANDOM;
+  mib[2] = RANDOM_ERANDOM;
+
+  size = sizeof (unsigned long);
+  if (__sysctl (mib, 3, &__guard, &size, NULL, 0) != (-1))
+    if (__guard != 0UL)
+      return;
+#endif /* ifdef HAVE_DEV_ERANDOM */
+  /* 
+   * Attempt to open kernel pseudo random device if one exists before 
+   * opening urandom to avoid system entropy depletion.
+   */
+  {
+    int fd;
+#ifdef HAVE_DEV_ERANDOM
+    if ((fd = __open ("/dev/erandom", O_RDONLY)) == (-1))
+#endif
+      fd = __open ("/dev/urandom", O_RDONLY);
+    if (fd != (-1))
+      {
+	size = __read (fd, (char *) &__guard, sizeof (__guard));
+	__close (fd);
+	if (size == sizeof (__guard))
+	  return;
+      }
+  }
+#endif /* ifndef __SSP_QUICK_CANARY__ */
+
+  /* If sysctl was unsuccessful, use the "terminator canary". */
+  __guard = 0xFF0A0D00UL;
+
+  {
+    /* Everything failed? Or we are using a weakened model of the 
+     * terminator canary */
+    struct timeval tv;
+
+    __gettimeofday (&tv, NULL);
+    __guard ^= tv.tv_usec ^ tv.tv_sec;
+  }
+}
+
+void
+__stack_smash_handler (char func[], int damaged)
+{
+  struct sigaction sa;
+  const char message[] = ": stack smashing attack in function ";
+  int bufsz, len;
+  char buf[512];
+#ifndef __dietlibc__
+  struct sockaddr_un sock;	/* AF_UNIX address of local logger */
+  int log;
+  extern char *__progname;
+#else
+  static char *__progname = "dietapp";
+#endif
+
+  sigset_t mask;
+  sigfillset (&mask);
+
+  sigdelset (&mask, SSP_SIGTYPE);	/* Block all signal handlers */
+  sigprocmask (SIG_BLOCK, &mask, NULL);	/* except SIGABRT */
+
+  bufsz = sizeof (buf);
+  strcpy (buf, "<2>");
+  len = 3;
+
+  strncat (buf, __progname, sizeof (buf) - 4);
+  len = strlen (buf);
+
+  if (bufsz > len)
+    {
+      strncat (buf, message, bufsz - len - 1);
+      len = strlen (buf);
+    }
+  if (bufsz > len)
+    {
+      strncat (buf, func, bufsz - len - 1);
+      len = strlen (buf);
+    }
+
+  /* print error message */
+  write (STDERR_FILENO, buf + 3, len - 3);
+  write (STDERR_FILENO, "()\n", 3);
+#ifndef __dietlibc__
+  if ((log = socket (AF_UNIX, SOCK_DGRAM, 0)) != -1)
+    {
+      /* Send "found" message to the "/dev/log" path */
+      sock.sun_family = AF_UNIX;
+      (void) strncpy (sock.sun_path, _PATH_LOG, sizeof (sock.sun_path) - 1);
+      sock.sun_path[sizeof (sock.sun_path) - 1] = '\0';
+      sendto (log, buf, len, 0, (struct sockaddr *) &sock, sizeof (sock));
+    }
+#endif
+  /* Make sure the default handler is associated with the our signal handler */
+
+  memset (&sa, 0, sizeof (struct sigaction));
+  sigfillset (&sa.sa_mask);	/* Block all signals */
+  sa.sa_flags = 0;
+  sa.sa_handler = SIG_DFL;
+  sigaction (SSP_SIGTYPE, &sa, NULL);
+  (void) kill (getpid (), SSP_SIGTYPE);
+  _exit (127);
+}