done multilib toolchain

2025-02-03 15:17:15 +08:00 · 2013-10-09 09:18:50 +00:00 · 2013-10-09 09:18:50 +00:00 · d52e5f7c30
commit d52e5f7c30
parent 347f5f1226
10 changed files with 1948 additions and 57 deletions
--- a/binutils-multilib/PKGBUILD
+++ b/binutils-multilib/PKGBUILD
@ -5,7 +5,7 @@
 pkgname=binutils-multilib
 pkgver=2.23.2
-pkgrel=2
+pkgrel=6
 pkgdesc="A set of programs to assemble and manipulate binary and object files for multilib"
 arch=('x86_64')
 url="http://www.gnu.org/software/binutils/"
@ -13,7 +13,7 @@ license=('GPL')
 groups=('multilib-devel')
 provides=("binutils=$pkgver-$pkgrel")
 conflicts=('binutils')
-depends=('glibc>=2.17' 'zlib')
+depends=('glibc>=2.18' 'zlib')
 makedepends=('gcc-multilib') # Make sure we compile this with gcc-multilib
 checkdepends=('dejagnu' 'bc')
 options=('!libtool' '!distcc' '!ccache')
@ -38,7 +38,6 @@ prepare() {
 }
 build() {
  prepare
  cd ${srcdir}/binutils-build
  ${srcdir}/binutils-${pkgver}/configure --prefix=/usr \
--- a/gcc-multilib/PKGBUILD
+++ b/gcc-multilib/PKGBUILD
@ -6,9 +6,9 @@
 # NOTE: lib32-libtool requires rebuilt with each new gcc-multilib version
 pkgname=('gcc-multilib' 'gcc-libs-multilib' 'lib32-gcc-libs' 'gcc-fortran-multilib' 'gcc-objc-multilib' 'gcc-ada-multilib' 'gcc-go-multilib')
-pkgver=4.8.0
+pkgver=4.8.1
-pkgrel=1
+pkgrel=6
-_snapshot=4.8-20130411
+_snapshot=4.8-20130725
 pkgdesc="The GNU Compiler Collection for multilib"
 arch=('x86_64')
 license=('GPL' 'LGPL' 'FDL' 'custom')
@ -17,9 +17,11 @@ makedepends=('binutils-multilib>=2.23' 'libmpc' 'cloog' 'gcc-ada-multilib' 'doxy
             'lib32-glibc>=2.17')
 checkdepends=('dejagnu' 'inetutils')
 options=('!libtool' '!emptydirs')
-source=(ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-${_snapshot}.tar.bz2)
+source=(#ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-${pkgver}.tar.bz2)
-        #ftp://gcc.gnu.org/pub/gcc/releases/gcc-${pkgver}/gcc-${pkgver}.tar.bz2
+        ftp://gcc.gnu.org/pub/gcc/snapshots/${_snapshot}/gcc-${_snapshot}.tar.bz2
-md5sums=('cb529205469260f0d56adc01088c4850')
+        gcc-4.8-filename-output.patch)
 md5sums=('e21f259bc4c44e61e19a780ad5badfeb'
         '40cb437805e2f7a006aa0d0c3098ab0f')
 if [ -n "${_snapshot}" ]; then
@ -42,11 +44,13 @@ prepare() {
  # hack! - some configure tests for header files using "$CPP $CPPFLAGS"
  sed -i "/ac_cpp=/s/\$CPPFLAGS/\$CPPFLAGS -O2/" {libiberty,gcc}/configure
  # http://gcc.gnu.org/bugzilla/show_bug.cgi?id=57653
  patch -p0 -i ${srcdir}/gcc-4.8-filename-output.patch
  mkdir ${srcdir}/gcc-build
 }
 build() {
  prepare
  cd ${srcdir}/gcc-build
  # using -pipe causes spurious test-suite failures
@ -57,7 +61,7 @@ build() {
  ${srcdir}/${_basedir}/configure --prefix=/usr \
      --libdir=/usr/lib --libexecdir=/usr/lib \
      --mandir=/usr/share/man --infodir=/usr/share/info \
-      --with-bugurl=http://chakra-project.org/bugs \
+      --with-bugurl=https://www.chakralinux.org/bugs \
      --enable-languages=c,c++,ada,fortran,go,lto,objc,obj-c++ \
      --enable-shared --enable-threads=posix \
      --with-system-zlib --enable-__cxa_atexit \
@ -82,11 +86,11 @@ check() {
  # increase stack size to prevent test failures
  # http://gcc.gnu.org/bugzilla/show_bug.cgi?id=31827
-  #ulimit -s 32768
+  ulimit -s 32768
  # do not abort on error as some are "expected"
-  #make -k check || true
+  make -k check || true
-  #${srcdir}/${_basedir}/contrib/test_summary
+  ${srcdir}/${_basedir}/contrib/test_summary
 }
 package_gcc-libs-multilib()
@ -294,7 +298,7 @@ package_gcc-go-multilib()
 package_lib32-gcc-libs()
 {
  pkgdesc="Runtime libraries shipped by GCC (32-bit)"
-  depends=('lib32-glibc>=2.17' "gcc-libs>=$pkgver")
+  depends=('lib32-glibc>=2.17')
  cd ${srcdir}/gcc-build
  make -j1 -C $CHOST/32/libgcc DESTDIR=${pkgdir} install-shared
--- a/gcc-multilib/gcc-4.8-filename-output.patch
+++ b/gcc-multilib/gcc-4.8-filename-output.patch
@ -0,0 +1,17 @@
 --- gcc/c-family/c-opts.c       (revision 200330)
 +++ gcc/c-family/c-opts.c       (working copy)
@@ -1338,10 +1338,14 @@ c_finish_options (void)
 /* Give CPP the next file given by -include, if any.  */
 static void
 push_command_line_include (void)
 {
 +  // This can happen if disabled by -imacros for example.
 +  if (include_cursor > deferred_count)
 +    return;
 +
   if (!done_preinclude)
     {
       done_preinclude = true;
       if (flag_hosted && std_inc && !cpp_opts->preprocessed)
        {
--- a/lib32-glibc/PKGBUILD
+++ b/lib32-glibc/PKGBUILD
@ -5,8 +5,8 @@
 _pkgbasename=glibc
 pkgname=lib32-$_pkgbasename
-pkgver=2.17
+pkgver=2.18
-pkgrel=1
+pkgrel=9
 pkgdesc="GNU C Library for multilib"
 arch=('x86_64')
 url="http://www.gnu.org/software/libc"
@ -14,40 +14,58 @@ license=('GPL' 'LGPL')
 makedepends=('gcc-multilib>=4.7')
 options=('!strip' '!emptydirs')
 source=(http://ftp.gnu.org/gnu/libc/${_pkgbasename}-${pkgver}.tar.xz{,.sig}
-        glibc-2.17-sync-with-linux37.patch
+        glibc-2.18-readdir_r-CVE-2013-4237.patch
-        glibc-2.17-getaddrinfo-stack-overflow.patch
+        glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
-        glibc-2.17-regexp-matcher-overrun.patch
+        glibc-2.18-strcoll-CVE-2012-4412+4424.patch
        glibc-2.18-ptr-mangle-CVE-2013-4788.patch
        glibc-2.18-strstr-hackfix.patch
        lib32-glibc.conf)
-md5sums=('87bf675c8ee523ebda4803e8e1cec638'
+md5sums=('88fbbceafee809e82efd52efa1e3c58f'
         'SKIP'
-         'fb99380d94598cc76d793deebf630022'
+         '154da6bf5a5248f42a7bf5bf08e01a47'
-         '56d5f2c09503a348281a20ae404b7de3'
+         'b79561ab9dce900e9bbeaf0d49927c2b'
-         '200acc05961b084ee00dde919e64f82d'
+         'c7264b99d0f7e51922a4d3126182c40a'
         '9749ba386b08a8fe53e7ecede9bf2dfb'
         '4441f6dfe7d75ced1fa75e54dd21d36e'
         '6e052f1cb693d5d3203f50f9d4e8c33b')
-build() {
+prepare() {
  cd ${srcdir}/${_pkgbasename}-${pkgver}
-  # combination of upstream commits 318cd0b, b540704 and fc1abbe
+  # upstream commit 91ce4085
-  patch -p1 -i ${srcdir}/glibc-2.17-sync-with-linux37.patch
+  patch -p1 -i $srcdir/glibc-2.18-readdir_r-CVE-2013-4237.patch
-  # CVE-2013-1914 - upstream commit 1cef1b19
+  # upstream commits 1159a193, 55e17aad and b73ed247
-  patch -p1 -i ${srcdir}/glibc-2.17-getaddrinfo-stack-overflow.patch
+  patch -p1 -i $srcdir/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
-  # CVE-2013-0242 - upstream commit a445af0b
+  # upstream commits 1326ba1a, 141f3a77 and 303e567a
-  patch -p1 -i ${srcdir}/glibc-2.17-regexp-matcher-overrun.patch
+  # https://sourceware.org/ml/libc-alpha/2013-08/msg00394.html
  # https://sourceware.org/ml/libc-alpha/2013-08/msg00462.html
  patch -p1 -i $srcdir/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
-  cd ${srcdir}
+  # upstream commits c61b4d41 and 0b1f8e35
-  mkdir glibc-build
+  patch -p1 -i $srcdir/glibc-2.18-ptr-mangle-CVE-2013-4788.patch
  cd glibc-build
-  export CC="gcc -m32"
+  # hack fix for strstr issues on x86
  patch -p1 -i $srcdir/glibc-2.18-strstr-hackfix.patch
-  # Hack to fix NPTL issues with Xen, only required on 32bit platforms
+  mkdir ${srcdir}/glibc-build
-  export CFLAGS="${CFLAGS} -mno-tls-direct-seg-refs"
+}
 build() {
  cd ${srcdir}/glibc-build
  #if [[ ${CARCH} = "i686" ]]; then
    # Hack to fix NPTL issues with Xen, only required on 32bit platforms
    # TODO: make separate glibc-xen package for i686
    export CFLAGS="${CFLAGS} -mno-tls-direct-seg-refs"
  #fi
  echo "slibdir=/usr/lib32" >> configparms
  export CC="gcc -m32"
  export CXX="g++ -m32"
  # remove hardening options for building libraries
  CFLAGS=${CFLAGS/-fstack-protector/}
  CPPFLAGS=${CPPFLAGS/-D_FORTIFY_SOURCE=2/}
@ -55,12 +73,13 @@ build() {
  ${srcdir}/${_pkgbasename}-${pkgver}/configure --prefix=/usr \
      --libdir=/usr/lib32 --libexecdir=/usr/lib32 \
      --with-headers=/usr/include \
-      --with-bugurl=http://chakra-linux.org/bugs \
+      --with-bugurl=https://www.chakralinux.org/bugs/ \
      --enable-add-ons=nptl,libidn \
      --enable-obsolete-rpc \
      --enable-kernel=2.6.32 \
      --enable-bind-now --disable-profile \
      --enable-stackguard-randomization \
      --enable-lock-elision \
      --enable-multi-arch i686-unknown-linux-gnu
  # build libraries with hardening disabled
@ -74,14 +93,15 @@ build() {
  make
  # remove harding in preparation to run test-suite
-  sed -i '2,4d' configparms
+  sed -i '4,6d' configparms
 }
 check() {
-  cd ${srcdir}/glibc-build
+  # bug to file - the linker commands need to be reordered
  LDFLAGS=${LDFLAGS/--as-needed,/}
-  # some errors are expected - manually check log files
+  cd ${srcdir}/glibc-build
-  make -k check || true
+  make -k check 2>&1 | tee glibc-check-log
 }
 package() {
@ -93,24 +113,38 @@ package() {
  # We need one 32 bit specific header file
  find ${pkgdir}/usr/include -type f -not -name stubs-32.h -delete
  cd $pkgdir
  strip $STRIP_BINARIES usr/lib32/getconf/*
  strip $STRIP_STATIC usr/lib32/*.a
  strip $STRIP_SHARED usr/lib32/{libanl,libBrokenLocale,libcidn,libcrypt}-${pkgver}.so \
                      usr/lib32/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-${pkgver}.so \
                      usr/lib32/{libdl,libm,libnsl,libresolv,librt,libutil}-${pkgver}.so \
                      usr/lib32/{libmemusage,libpcprofile,libSegFault}.so \
                      usr/lib32/{pt_chown,{audit,gconv}/*.so}
  # Dynamic linker
  # install -d -m755 ${pkgdir}/usr/lib
  install -d -m755 ${pkgdir}/lib
  # ln -s ../lib32/ld-linux.so.2 ${pkgdir}/usr/lib/ # no reason yet to install in /usr/lib too, only needed once we also move lib
  ln -s ../usr/lib32/ld-linux.so.2 ${pkgdir}/lib/ 
-  # Add /usr/lib32 to the default library search path
+  # Add lib32 paths to the default library search path
  install -Dm644 "$srcdir/lib32-glibc.conf" "$pkgdir/etc/ld.so.conf.d/lib32-glibc.conf"
  # Symlink /usr/lib32/locale to /usr/lib/locale
  ln -s ../lib/locale "$pkgdir/usr/lib32/locale"
  # Do not strip the following files for improved debugging support
  # ("improved" as in not breaking gdb and valgrind...):
  #   ld-${pkgver}.so
  #   libc-${pkgver}.so
  #   libpthread-${pkgver}.so
  #   libthread_db-1.0.so
  cd $pkgdir
  strip $STRIP_BINARIES \
                        \
                        \
                        usr/lib32/getconf/*
  strip $STRIP_STATIC usr/lib32/*.a
  strip $STRIP_SHARED usr/lib32/{libanl,libBrokenLocale,libcidn,libcrypt}-*.so \
                      usr/lib32/libnss_{compat,db,dns,files,hesiod,nis,nisplus}-*.so \
                      usr/lib32/{libdl,libm,libnsl,libresolv,librt,libutil}-*.so \
                      usr/lib32/{libmemusage,libpcprofile,libSegFault}.so \
                      usr/lib32/{audit,gconv}/*.so
 }
--- a/lib32-glibc/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
+++ b/lib32-glibc/glibc-2.18-malloc-corrupt-CVE-2013-4332.patch
@ -0,0 +1,54 @@
 diff --git a/malloc/malloc.c b/malloc/malloc.c
 index dd295f5..7f43ba3 100644
 --- a/malloc/malloc.c
 +++ b/malloc/malloc.c
@@ -3082,6 +3082,13 @@ __libc_pvalloc(size_t bytes)
   size_t page_mask = GLRO(dl_pagesize) - 1;
   size_t rounded_bytes = (bytes + page_mask) & ~(page_mask);
 +  /* Check for overflow.  */
 +  if (bytes > SIZE_MAX - 2*pagesz - MINSIZE)
 +    {
 +      __set_errno (ENOMEM);
 +      return 0;
 +    }
 +
   void *(*hook) (size_t, size_t, const void *) =
     force_reg (__memalign_hook);
   if (__builtin_expect (hook != NULL, 0))
 diff --git a/malloc/malloc.c b/malloc/malloc.c
 index 7f43ba3..3148c5f 100644
 --- a/malloc/malloc.c
 +++ b/malloc/malloc.c
@@ -3046,6 +3046,13 @@ __libc_valloc(size_t bytes)
   size_t pagesz = GLRO(dl_pagesize);
 +  /* Check for overflow.  */
 +  if (bytes > SIZE_MAX - pagesz - MINSIZE)
 +    {
 +      __set_errno (ENOMEM);
 +      return 0;
 +    }
 +
   void *(*hook) (size_t, size_t, const void *) =
     force_reg (__memalign_hook);
   if (__builtin_expect (hook != NULL, 0))
 diff --git a/malloc/malloc.c b/malloc/malloc.c
 index 3148c5f..f7718a9 100644
 --- a/malloc/malloc.c
 +++ b/malloc/malloc.c
@@ -3015,6 +3015,13 @@ __libc_memalign(size_t alignment, size_t bytes)
   /* Otherwise, ensure that it is at least a minimum chunk size */
   if (alignment <  MINSIZE) alignment = MINSIZE;
 +  /* Check for overflow.  */
 +  if (bytes > SIZE_MAX - alignment - MINSIZE)
 +    {
 +      __set_errno (ENOMEM);
 +      return 0;
 +    }
 +
   arena_get(ar_ptr, bytes + alignment + MINSIZE);
   if(!ar_ptr)
     return 0;
--- a/lib32-glibc/glibc-2.18-ptr-mangle-CVE-2013-4788.patch
+++ b/lib32-glibc/glibc-2.18-ptr-mangle-CVE-2013-4788.patch
@ -0,0 +1,485 @@
 diff --git a/csu/libc-start.c b/csu/libc-start.c
 index e5da3ef..c898d06 100644
 --- a/csu/libc-start.c
 +++ b/csu/libc-start.c
@@ -37,6 +37,12 @@ extern void __pthread_initialize_minimal (void);
    in thread local area.  */
 uintptr_t __stack_chk_guard attribute_relro;
 # endif
 +# ifndef  THREAD_SET_POINTER_GUARD
 +/* Only exported for architectures that don't store the pointer guard
 +   value in thread local area.  */
 +uintptr_t __pointer_chk_guard_local
 +	attribute_relro attribute_hidden __attribute__ ((nocommon));
 +# endif
 #endif
 #ifdef HAVE_PTR_NTHREADS
@@ -195,6 +201,16 @@ LIBC_START_MAIN (int (*main) (int, char **, char ** MAIN_AUXVEC_DECL),
 # else
   __stack_chk_guard = stack_chk_guard;
 # endif
 +
 +  /* Set up the pointer guard value.  */
 +  uintptr_t pointer_chk_guard = _dl_setup_pointer_guard (_dl_random,
 +							 stack_chk_guard);
 +# ifdef THREAD_SET_POINTER_GUARD
 +  THREAD_SET_POINTER_GUARD (pointer_chk_guard);
 +# else
 +  __pointer_chk_guard_local = pointer_chk_guard;
 +# endif
 +
 #endif
   /* Register the destructor of the dynamic linker if there is any.  */
 diff --git a/elf/Makefile b/elf/Makefile
 index aaa9534..cb8da93 100644
 --- a/elf/Makefile
 +++ b/elf/Makefile
@@ -121,7 +121,8 @@ endif
 tests = tst-tls1 tst-tls2 tst-tls9 tst-leaks1 \
 	tst-array1 tst-array2 tst-array3 tst-array4 tst-array5
 tests-static = tst-tls1-static tst-tls2-static tst-stackguard1-static \
 -	       tst-leaks1-static tst-array1-static tst-array5-static
 +	       tst-leaks1-static tst-array1-static tst-array5-static \
 +	       tst-ptrguard1-static
 ifeq (yes,$(build-shared))
 tests-static += tst-tls9-static
 tst-tls9-static-ENV = \
@@ -145,7 +146,8 @@ tests += loadtest restest1 preloadtest loadfail multiload origtest resolvfail \
 	 tst-audit1 tst-audit2 tst-audit8 \
 	 tst-stackguard1 tst-addr1 tst-thrlock \
 	 tst-unique1 tst-unique2 tst-unique3 tst-unique4 \
 -	 tst-initorder tst-initorder2 tst-relsort1 tst-null-argv
 +	 tst-initorder tst-initorder2 tst-relsort1 tst-null-argv \
 +	 tst-ptrguard1
 #	 reldep9
 test-srcs = tst-pathopt
 selinux-enabled := $(shell cat /selinux/enforce 2> /dev/null)
@@ -1016,6 +1018,9 @@ LDFLAGS-order2mod2.so = $(no-as-needed)
 tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child"
 tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"
 +tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child"
 +tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child"
 +
 $(objpfx)tst-leaks1: $(libdl)
 $(objpfx)tst-leaks1-mem: $(objpfx)tst-leaks1.out
 	$(common-objpfx)malloc/mtrace $(objpfx)tst-leaks1.mtrace > $@
 diff --git a/elf/tst-ptrguard1-static.c b/elf/tst-ptrguard1-static.c
 new file mode 100644
 index 0000000..7aff3b7
 --- /dev/null
 +++ b/elf/tst-ptrguard1-static.c
@@ -0,0 +1 @@
 +#include "tst-ptrguard1.c"
 diff --git a/elf/tst-ptrguard1.c b/elf/tst-ptrguard1.c
 new file mode 100644
 index 0000000..c344a04
 --- /dev/null
 +++ b/elf/tst-ptrguard1.c
@@ -0,0 +1,202 @@
 +/* Copyright (C) 2013 Free Software Foundation, Inc.
 +   This file is part of the GNU C Library.
 +
 +   The GNU C Library is free software; you can redistribute it and/or
 +   modify it under the terms of the GNU Lesser General Public
 +   License as published by the Free Software Foundation; either
 +   version 2.1 of the License, or (at your option) any later version.
 +
 +   The GNU C Library is distributed in the hope that it will be useful,
 +   but WITHOUT ANY WARRANTY; without even the implied warranty of
 +   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 +   Lesser General Public License for more details.
 +
 +   You should have received a copy of the GNU Lesser General Public
 +   License along with the GNU C Library; if not, see
 +   <http://www.gnu.org/licenses/>.  */
 +
 +#include <errno.h>
 +#include <stdbool.h>
 +#include <stdio.h>
 +#include <stdlib.h>
 +#include <string.h>
 +#include <sys/wait.h>
 +#include <stackguard-macros.h>
 +#include <tls.h>
 +#include <unistd.h>
 +
 +#ifndef POINTER_CHK_GUARD
 +extern uintptr_t __pointer_chk_guard;
 +# define POINTER_CHK_GUARD __pointer_chk_guard
 +#endif
 +
 +static const char *command;
 +static bool child;
 +static uintptr_t ptr_chk_guard_copy;
 +static bool ptr_chk_guard_copy_set;
 +static int fds[2];
 +
 +static void __attribute__ ((constructor))
 +con (void)
 +{
 +  ptr_chk_guard_copy = POINTER_CHK_GUARD;
 +  ptr_chk_guard_copy_set = true;
 +}
 +
 +static int
 +uintptr_t_cmp (const void *a, const void *b)
 +{
 +  if (*(uintptr_t *) a < *(uintptr_t *) b)
 +    return 1;
 +  if (*(uintptr_t *) a > *(uintptr_t *) b)
 +    return -1;
 +  return 0;
 +}
 +
 +static int
 +do_test (void)
 +{
 +  if (!ptr_chk_guard_copy_set)
 +    {
 +      puts ("constructor has not been run");
 +      return 1;
 +    }
 +
 +  if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
 +    {
 +      puts ("POINTER_CHK_GUARD changed between constructor and do_test");
 +      return 1;
 +    }
 +
 +  if (child)
 +    {
 +      write (2, &ptr_chk_guard_copy, sizeof (ptr_chk_guard_copy));
 +      return 0;
 +    }
 +
 +  if (command == NULL)
 +    {
 +      puts ("missing --command or --child argument");
 +      return 1;
 +    }
 +
 +#define N 16
 +  uintptr_t child_ptr_chk_guards[N + 1];
 +  child_ptr_chk_guards[N] = ptr_chk_guard_copy;
 +  int i;
 +  for (i = 0; i < N; ++i)
 +    {
 +      if (pipe (fds) < 0)
 +	{
 +	  printf ("couldn't create pipe: %m\n");
 +	  return 1;
 +	}
 +
 +      pid_t pid = fork ();
 +      if (pid < 0)
 +	{
 +	  printf ("fork failed: %m\n");
 +	  return 1;
 +	}
 +
 +      if (!pid)
 +	{
 +	  if (ptr_chk_guard_copy != POINTER_CHK_GUARD)
 +	    {
 +	      puts ("POINTER_CHK_GUARD changed after fork");
 +	      exit (1);
 +	    }
 +
 +	  close (fds[0]);
 +	  close (2);
 +	  dup2 (fds[1], 2);
 +	  close (fds[1]);
 +
 +	  system (command);
 +	  exit (0);
 +	}
 +
 +      close (fds[1]);
 +
 +      if (TEMP_FAILURE_RETRY (read (fds[0], &child_ptr_chk_guards[i],
 +				    sizeof (uintptr_t))) != sizeof (uintptr_t))
 +	{
 +	  puts ("could not read ptr_chk_guard value from child");
 +	  return 1;
 +	}
 +
 +      close (fds[0]);
 +
 +      pid_t termpid;
 +      int status;
 +      termpid = TEMP_FAILURE_RETRY (waitpid (pid, &status, 0));
 +      if (termpid == -1)
 +	{
 +	  printf ("waitpid failed: %m\n");
 +	  return 1;
 +	}
 +      else if (termpid != pid)
 +	{
 +	  printf ("waitpid returned %ld != %ld\n",
 +		  (long int) termpid, (long int) pid);
 +	  return 1;
 +	}
 +      else if (!WIFEXITED (status) || WEXITSTATUS (status))
 +	{
 +	  puts ("child hasn't exited with exit status 0");
 +	  return 1;
 +	}
 +    }
 +
 +  qsort (child_ptr_chk_guards, N + 1, sizeof (uintptr_t), uintptr_t_cmp);
 +
 +  /* The default pointer guard is the same as the default stack guard.
 +     They are only set to default if dl_random is NULL.  */
 +  uintptr_t default_guard = 0;
 +  unsigned char *p = (unsigned char *) &default_guard;
 +  p[sizeof (uintptr_t) - 1] = 255;
 +  p[sizeof (uintptr_t) - 2] = '\n';
 +  p[0] = 0;
 +
 +  /* Test if the pointer guard canaries are either randomized,
 +     or equal to the default pointer guard value.
 +     Even with randomized pointer guards it might happen
 +     that the random number generator generates the same
 +     values, but if that happens in more than half from
 +     the 16 runs, something is very wrong.  */
 +  int ndifferences = 0;
 +  int ndefaults = 0;
 +  for (i = 0; i < N; ++i)
 +    {
 +      if (child_ptr_chk_guards[i] != child_ptr_chk_guards[i+1])
 +	ndifferences++;
 +      else if (child_ptr_chk_guards[i] == default_guard)
 +	ndefaults++;
 +    }
 +
 +  printf ("differences %d defaults %d\n", ndifferences, ndefaults);
 +
 +  if (ndifferences < N / 2 && ndefaults < N / 2)
 +    {
 +      puts ("pointer guard values are not randomized enough");
 +      puts ("nor equal to the default value");
 +      return 1;
 +    }
 +
 +  return 0;
 +}
 +
 +#define OPT_COMMAND	10000
 +#define OPT_CHILD	10001
 +#define CMDLINE_OPTIONS	\
 +  { "command", required_argument, NULL, OPT_COMMAND },  \
 +  { "child", no_argument, NULL, OPT_CHILD },
 +#define CMDLINE_PROCESS	\
 +  case OPT_COMMAND:	\
 +    command = optarg;	\
 +    break;		\
 +  case OPT_CHILD:	\
 +    child = true;	\
 +    break;
 +#define TEST_FUNCTION do_test ()
 +#include "../test-skeleton.c"
 diff --git a/ports/sysdeps/ia64/stackguard-macros.h b/ports/sysdeps/ia64/stackguard-macros.h
 index dc683c2..3907293 100644
 --- a/ports/sysdeps/ia64/stackguard-macros.h
 +++ b/ports/sysdeps/ia64/stackguard-macros.h
@@ -2,3 +2,6 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("adds %0 = -8, r13;; ld8 %0 = [%0]" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("adds %0 = -16, r13;; ld8 %0 = [%0]" : "=r" (x)); x; })
 diff --git a/ports/sysdeps/tile/stackguard-macros.h b/ports/sysdeps/tile/stackguard-macros.h
 index 589ea2b..f2e041b 100644
 --- a/ports/sysdeps/tile/stackguard-macros.h
 +++ b/ports/sysdeps/tile/stackguard-macros.h
@@ -4,11 +4,17 @@
 # if __WORDSIZE == 64
 #  define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("addi %0, tp, -16; ld %0, %0" : "=r" (x)); x; })
 +#  define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("addi %0, tp, -24; ld %0, %0" : "=r" (x)); x; })
 # else
 #  define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("addi %0, tp, -8; ld4s %0, %0" : "=r" (x)); x; })
 +#  define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("addi %0, tp, -12; ld4s %0, %0" : "=r" (x)); x; })
 # endif
 #else
 # define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("addi %0, tp, -8; lw %0, %0" : "=r" (x)); x; })
 +# define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("addi %0, tp, -12; lw %0, %0" : "=r" (x)); x; })
 #endif
 diff --git a/sysdeps/generic/stackguard-macros.h b/sysdeps/generic/stackguard-macros.h
 index ababf65..4fa3d96 100644
 --- a/sysdeps/generic/stackguard-macros.h
 +++ b/sysdeps/generic/stackguard-macros.h
@@ -2,3 +2,6 @@
 extern uintptr_t __stack_chk_guard;
 #define STACK_CHK_GUARD __stack_chk_guard
 +
 +extern uintptr_t __pointer_chk_guard_local;
 +#define POINTER_CHK_GUARD __pointer_chk_guard_local
 diff --git a/sysdeps/i386/stackguard-macros.h b/sysdeps/i386/stackguard-macros.h
 index 8c31e19..0397629 100644
 --- a/sysdeps/i386/stackguard-macros.h
 +++ b/sysdeps/i386/stackguard-macros.h
@@ -2,3 +2,11 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("movl %%gs:0x14, %0" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({							\
 +     uintptr_t x;					\
 +     asm ("movl %%gs:%c1, %0" : "=r" (x)		\
 +	  : "i" (offsetof (tcbhead_t, pointer_guard)));	\
 +     x;							\
 +   })
 diff --git a/sysdeps/powerpc/powerpc32/stackguard-macros.h b/sysdeps/powerpc/powerpc32/stackguard-macros.h
 index 839f6a4..b3d0af8 100644
 --- a/sysdeps/powerpc/powerpc32/stackguard-macros.h
 +++ b/sysdeps/powerpc/powerpc32/stackguard-macros.h
@@ -2,3 +2,13 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("lwz %0,-28680(2)" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({												\
 +     uintptr_t x;										\
 +     asm ("lwz %0,%1(2)"									\
 +	  : "=r" (x)										\
 +	  : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))	\
 +         );											\
 +     x;												\
 +   })
 diff --git a/sysdeps/powerpc/powerpc64/stackguard-macros.h b/sysdeps/powerpc/powerpc64/stackguard-macros.h
 index 9da879c..4620f96 100644
 --- a/sysdeps/powerpc/powerpc64/stackguard-macros.h
 +++ b/sysdeps/powerpc/powerpc64/stackguard-macros.h
@@ -2,3 +2,13 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("ld %0,-28688(13)" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({												\
 +     uintptr_t x;										\
 +     asm ("ld %0,%1(2)"										\
 +	  : "=r" (x)										\
 +	  : "i" (offsetof (tcbhead_t, pointer_guard) - TLS_TCB_OFFSET - sizeof (tcbhead_t))	\
 +         );											\
 +     x;												\
 +   })
 diff --git a/sysdeps/s390/s390-32/stackguard-macros.h b/sysdeps/s390/s390-32/stackguard-macros.h
 index b74c579..449e8d4 100644
 --- a/sysdeps/s390/s390-32/stackguard-macros.h
 +++ b/sysdeps/s390/s390-32/stackguard-macros.h
@@ -2,3 +2,14 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("ear %0,%%a0; l %0,0x14(%0)" : "=a" (x)); x; })
 +
 +/* On s390/s390x there is no unique pointer guard, instead we use the
 +   same value as the stack guard.  */
 +#define POINTER_CHK_GUARD \
 +  ({							\
 +     uintptr_t x;					\
 +     asm ("ear %0,%%a0; l %0,%1(%0)"			\
 +	  : "=a" (x)					\
 +	  : "i" (offsetof (tcbhead_t, stack_guard)));	\
 +     x;							\
 +   })
 diff --git a/sysdeps/s390/s390-64/stackguard-macros.h b/sysdeps/s390/s390-64/stackguard-macros.h
 index 0cebb5f..c8270fb 100644
 --- a/sysdeps/s390/s390-64/stackguard-macros.h
 +++ b/sysdeps/s390/s390-64/stackguard-macros.h
@@ -2,3 +2,17 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("ear %0,%%a0; sllg %0,%0,32; ear %0,%%a1; lg %0,0x28(%0)" : "=a" (x)); x; })
 +
 +/* On s390/s390x there is no unique pointer guard, instead we use the
 +   same value as the stack guard.  */
 +#define POINTER_CHK_GUARD \
 +  ({							\
 +     uintptr_t x;					\
 +     asm ("ear %0,%%a0;"				\
 +	  "sllg %0,%0,32;"				\
 +	  "ear %0,%%a1;"				\
 +	  "lg %0,%1(%0)"				\
 +	 : "=a" (x)					\
 +	 : "i" (offsetof (tcbhead_t, stack_guard)));	\
 +     x;							\
 +   })
 diff --git a/sysdeps/sparc/sparc32/stackguard-macros.h b/sysdeps/sparc/sparc32/stackguard-macros.h
 index c0b02b0..1eef0f1 100644
 --- a/sysdeps/sparc/sparc32/stackguard-macros.h
 +++ b/sysdeps/sparc/sparc32/stackguard-macros.h
@@ -2,3 +2,6 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("ld [%%g7+0x14], %0" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("ld [%%g7+0x18], %0" : "=r" (x)); x; })
 diff --git a/sysdeps/sparc/sparc64/stackguard-macros.h b/sysdeps/sparc/sparc64/stackguard-macros.h
 index 80f0635..cc0c12c 100644
 --- a/sysdeps/sparc/sparc64/stackguard-macros.h
 +++ b/sysdeps/sparc/sparc64/stackguard-macros.h
@@ -2,3 +2,6 @@
 #define STACK_CHK_GUARD \
   ({ uintptr_t x; asm ("ldx [%%g7+0x28], %0" : "=r" (x)); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({ uintptr_t x; asm ("ldx [%%g7+0x30], %0" : "=r" (x)); x; })
 diff --git a/sysdeps/x86_64/stackguard-macros.h b/sysdeps/x86_64/stackguard-macros.h
 index d7fedb3..1948800 100644
 --- a/sysdeps/x86_64/stackguard-macros.h
 +++ b/sysdeps/x86_64/stackguard-macros.h
@@ -4,3 +4,8 @@
   ({ uintptr_t x;						\
      asm ("mov %%fs:%c1, %0" : "=r" (x)				\
 	  : "i" (offsetof (tcbhead_t, stack_guard))); x; })
 +
 +#define POINTER_CHK_GUARD \
 +  ({ uintptr_t x;						\
 +     asm ("mov %%fs:%c1, %0" : "=r" (x)				\
 +	  : "i" (offsetof (tcbhead_t, pointer_guard))); x; })
 diff --git a/elf/Makefile b/elf/Makefile
 index cb8da93..27d249b 100644
 --- a/elf/Makefile
 +++ b/elf/Makefile
@@ -1019,6 +1019,9 @@ tst-stackguard1-ARGS = --command "$(host-test-program-cmd) --child"
 tst-stackguard1-static-ARGS = --command "$(objpfx)tst-stackguard1-static --child"
 tst-ptrguard1-ARGS = --command "$(host-test-program-cmd) --child"
 +# When built statically, the pointer guard interface uses
 +# __pointer_chk_guard_local.
 +CFLAGS-tst-ptrguard1-static.c = -DPTRGUARD_LOCAL
 tst-ptrguard1-static-ARGS = --command "$(objpfx)tst-ptrguard1-static --child"
 $(objpfx)tst-leaks1: $(libdl)
 diff --git a/sysdeps/generic/stackguard-macros.h b/sysdeps/generic/stackguard-macros.h
 index 4fa3d96..b4a6b23 100644
 --- a/sysdeps/generic/stackguard-macros.h
 +++ b/sysdeps/generic/stackguard-macros.h
@@ -3,5 +3,10 @@
 extern uintptr_t __stack_chk_guard;
 #define STACK_CHK_GUARD __stack_chk_guard
 +#ifdef PTRGUARD_LOCAL
 extern uintptr_t __pointer_chk_guard_local;
 -#define POINTER_CHK_GUARD __pointer_chk_guard_local
 +# define POINTER_CHK_GUARD __pointer_chk_guard_local
 +#else
 +extern uintptr_t __pointer_chk_guard;
 +# define POINTER_CHK_GUARD __pointer_chk_guard
 +#endif
--- a/lib32-glibc/glibc-2.18-readdir_r-CVE-2013-4237.patch
+++ b/lib32-glibc/glibc-2.18-readdir_r-CVE-2013-4237.patch
@ -0,0 +1,281 @@
 diff --git a/manual/conf.texi b/manual/conf.texi
 index 7eb8b36..c720063 100644
 --- a/manual/conf.texi
 +++ b/manual/conf.texi
@@ -1149,6 +1149,9 @@ typed ahead as input.  @xref{I/O Queues}.
 @deftypevr Macro int NAME_MAX
 The uniform system limit (if any) for the length of a file name component, not
 including the terminating null character.
 +
 +@strong{Portability Note:} On some systems, @theglibc{} defines
 +@code{NAME_MAX}, but does not actually enforce this limit.
 @end deftypevr
 @comment limits.h
@@ -1157,6 +1160,9 @@ including the terminating null character.
 The uniform system limit (if any) for the length of an entire file name (that
 is, the argument given to system calls such as @code{open}), including the
 terminating null character.
 +
 +@strong{Portability Note:} @Theglibc{} does not enforce this limit
 +even if @code{PATH_MAX} is defined.
 @end deftypevr
 @cindex limits, pipe buffer size
@@ -1476,6 +1482,9 @@ Inquire about the value of @code{POSIX_REC_MIN_XFER_SIZE}.
 Inquire about the value of @code{POSIX_REC_XFER_ALIGN}.
 @end table
 +@strong{Portability Note:} On some systems, @theglibc{} does not
 +enforce @code{_PC_NAME_MAX} or @code{_PC_PATH_MAX} limits.
 +
 @node Utility Limits
 @section Utility Program Capacity Limits
 diff --git a/manual/filesys.texi b/manual/filesys.texi
 index 1df9cf2..814c210 100644
 --- a/manual/filesys.texi
 +++ b/manual/filesys.texi
@@ -444,9 +444,9 @@ symbols are declared in the header file @file{dirent.h}.
 @comment POSIX.1
 @deftypefun {struct dirent *} readdir (DIR *@var{dirstream})
 This function reads the next entry from the directory.  It normally
 -returns a pointer to a structure containing information about the file.
 -This structure is statically allocated and can be rewritten by a
 -subsequent call.
 +returns a pointer to a structure containing information about the
 +file.  This structure is associated with the @var{dirstream} handle
 +and can be rewritten by a subsequent call.
 @strong{Portability Note:} On some systems @code{readdir} may not
 return entries for @file{.} and @file{..}, even though these are always
@@ -461,19 +461,61 @@ conditions are defined for this function:
 The @var{dirstream} argument is not valid.
 @end table
 -@code{readdir} is not thread safe.  Multiple threads using
 -@code{readdir} on the same @var{dirstream} may overwrite the return
 -value.  Use @code{readdir_r} when this is critical.
 +To distinguish between an end-of-directory condition or an error, you
 +must set @code{errno} to zero before calling @code{readdir}.  To avoid
 +entering an infinite loop, you should stop reading from the directory
 +after the first error.
 +
 +In POSIX.1-2008, @code{readdir} is not thread-safe.  In @theglibc{}
 +implementation, it is safe to call @code{readdir} concurrently on
 +different @var{dirstream}s, but multiple threads accessing the same
 +@var{dirstream} result in undefined behavior.  @code{readdir_r} is a
 +fully thread-safe alternative, but suffers from poor portability (see
 +below).  It is recommended that you use @code{readdir}, with external
 +locking if multiple threads access the same @var{dirstream}.
 @end deftypefun
 @comment dirent.h
 @comment GNU
 @deftypefun int readdir_r (DIR *@var{dirstream}, struct dirent *@var{entry}, struct dirent **@var{result})
 -This function is the reentrant version of @code{readdir}.  Like
 -@code{readdir} it returns the next entry from the directory.  But to
 -prevent conflicts between simultaneously running threads the result is
 -not stored in statically allocated memory.  Instead the argument
 -@var{entry} points to a place to store the result.
 +This function is a version of @code{readdir} which performs internal
 +locking.  Like @code{readdir} it returns the next entry from the
 +directory.  To prevent conflicts between simultaneously running
 +threads the result is stored inside the @var{entry} object.
 +
 +@strong{Portability Note:} It is recommended to use @code{readdir}
 +instead of @code{readdir_r} for the following reasons:
 +
 +@itemize @bullet
 +@item
 +On systems which do not define @code{NAME_MAX}, it may not be possible
 +to use @code{readdir_r} safely because the caller does not specify the
 +length of the buffer for the directory entry.
 +
 +@item
 +On some systems, @code{readdir_r} cannot read directory entries with
 +very long names.  If such a name is encountered, @theglibc{}
 +implementation of @code{readdir_r} returns with an error code of
 +@code{ENAMETOOLONG} after the final directory entry has been read.  On
 +other systems, @code{readdir_r} may return successfully, but the
 +@code{d_name} member may not be NUL-terminated or may be truncated.
 +
 +@item
 +POSIX-1.2008 does not guarantee that @code{readdir} is thread-safe,
 +even when access to the same @var{dirstream} is serialized.  But in
 +current implementations (including @theglibc{}), it is safe to call
 +@code{readdir} concurrently on different @var{dirstream}s, so there is
 +no need to use @code{readdir_r} in most multi-threaded programs.  In
 +the rare case that multiple threads need to read from the same
 +@var{dirstream}, it is still better to use @code{readdir} and external
 +synchronization.
 +
 +@item
 +It is expected that future versions of POSIX will obsolete
 +@code{readdir_r} and mandate the level of thread safety for
 +@code{readdir} which is provided by @theglibc{} and other
 +implementations today.
 +@end itemize
 Normally @code{readdir_r} returns zero and sets @code{*@var{result}}
 to @var{entry}.  If there are no more entries in the directory or an
@@ -481,15 +523,6 @@ error is detected, @code{readdir_r} sets @code{*@var{result}} to a
 null pointer and returns a nonzero error code, also stored in
 @code{errno}, as described for @code{readdir}.
 -@strong{Portability Note:} On some systems @code{readdir_r} may not
 -return a NUL terminated string for the file name, even when there is no
 -@code{d_reclen} field in @code{struct dirent} and the file
 -name is the maximum allowed size.  Modern systems all have the
 -@code{d_reclen} field, and on old systems multi-threading is not
 -critical.  In any case there is no such problem with the @code{readdir}
 -function, so that even on systems without the @code{d_reclen} member one
 -could use multiple threads by using external locking.
 -
 It is also important to look at the definition of the @code{struct
 dirent} type.  Simply passing a pointer to an object of this type for
 the second parameter of @code{readdir_r} might not be enough.  Some
 diff --git a/sysdeps/posix/dirstream.h b/sysdeps/posix/dirstream.h
 index a7a074d..8e8570d 100644
 --- a/sysdeps/posix/dirstream.h
 +++ b/sysdeps/posix/dirstream.h
@@ -39,6 +39,8 @@ struct __dirstream
     off_t filepos;		/* Position of next entry to read.  */
 +    int errcode;		/* Delayed error code.  */
 +
     /* Directory block.  */
     char data[0] __attribute__ ((aligned (__alignof__ (void*))));
   };
 diff --git a/sysdeps/posix/opendir.c b/sysdeps/posix/opendir.c
 index ddfc3a7..fc05b0f 100644
 --- a/sysdeps/posix/opendir.c
 +++ b/sysdeps/posix/opendir.c
@@ -231,6 +231,7 @@ __alloc_dir (int fd, bool close_fd, int flags, const struct stat64 *statp)
   dirp->size = 0;
   dirp->offset = 0;
   dirp->filepos = 0;
 +  dirp->errcode = 0;
   return dirp;
 }
 diff --git a/sysdeps/posix/readdir_r.c b/sysdeps/posix/readdir_r.c
 index b5a8e2e..8ed5c3f 100644
 --- a/sysdeps/posix/readdir_r.c
 +++ b/sysdeps/posix/readdir_r.c
@@ -40,6 +40,7 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *entry, DIRENT_TYPE **result)
   DIRENT_TYPE *dp;
   size_t reclen;
   const int saved_errno = errno;
 +  int ret;
   __libc_lock_lock (dirp->lock);
@@ -70,10 +71,10 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *entry, DIRENT_TYPE **result)
 		  bytes = 0;
 		  __set_errno (saved_errno);
 		}
 +	      if (bytes < 0)
 +		dirp->errcode = errno;
 	      dp = NULL;
 -	      /* Reclen != 0 signals that an error occurred.  */
 -	      reclen = bytes != 0;
 	      break;
 	    }
 	  dirp->size = (size_t) bytes;
@@ -106,29 +107,46 @@ __READDIR_R (DIR *dirp, DIRENT_TYPE *entry, DIRENT_TYPE **result)
       dirp->filepos += reclen;
 #endif
 -      /* Skip deleted files.  */
 +#ifdef NAME_MAX
 +      if (reclen > offsetof (DIRENT_TYPE, d_name) + NAME_MAX + 1)
 +	{
 +	  /* The record is very long.  It could still fit into the
 +	     caller-supplied buffer if we can skip padding at the
 +	     end.  */
 +	  size_t namelen = _D_EXACT_NAMLEN (dp);
 +	  if (namelen <= NAME_MAX)
 +	    reclen = offsetof (DIRENT_TYPE, d_name) + namelen + 1;
 +	  else
 +	    {
 +	      /* The name is too long.  Ignore this file.  */
 +	      dirp->errcode = ENAMETOOLONG;
 +	      dp->d_ino = 0;
 +	      continue;
 +	    }
 +	}
 +#endif
 +
 +      /* Skip deleted and ignored files.  */
     }
   while (dp->d_ino == 0);
   if (dp != NULL)
     {
 -#ifdef GETDENTS_64BIT_ALIGNED
 -      /* The d_reclen value might include padding which is not part of
 -	 the DIRENT_TYPE data structure.  */
 -      reclen = MIN (reclen,
 -		    offsetof (DIRENT_TYPE, d_name) + sizeof (dp->d_name));
 -#endif
       *result = memcpy (entry, dp, reclen);
 -#ifdef GETDENTS_64BIT_ALIGNED
 +#ifdef _DIRENT_HAVE_D_RECLEN
       entry->d_reclen = reclen;
 #endif
 +      ret = 0;
     }
   else
 -    *result = NULL;
 +    {
 +      *result = NULL;
 +      ret = dirp->errcode;
 +    }
   __libc_lock_unlock (dirp->lock);
 -  return dp != NULL ? 0 : reclen ? errno : 0;
 +  return ret;
 }
 #ifdef __READDIR_R_ALIAS
 diff --git a/sysdeps/posix/rewinddir.c b/sysdeps/posix/rewinddir.c
 index 2935a8e..d4991ad 100644
 --- a/sysdeps/posix/rewinddir.c
 +++ b/sysdeps/posix/rewinddir.c
@@ -33,6 +33,7 @@ rewinddir (dirp)
   dirp->filepos = 0;
   dirp->offset = 0;
   dirp->size = 0;
 +  dirp->errcode = 0;
 #ifndef NOT_IN_libc
   __libc_lock_unlock (dirp->lock);
 #endif
 diff --git a/sysdeps/unix/sysv/linux/i386/readdir64_r.c b/sysdeps/unix/sysv/linux/i386/readdir64_r.c
 index 8ebbcfd..a7d114e 100644
 --- a/sysdeps/unix/sysv/linux/i386/readdir64_r.c
 +++ b/sysdeps/unix/sysv/linux/i386/readdir64_r.c
@@ -18,7 +18,6 @@
 #define __READDIR_R __readdir64_r
 #define __GETDENTS __getdents64
 #define DIRENT_TYPE struct dirent64
 -#define GETDENTS_64BIT_ALIGNED 1
 #include <sysdeps/posix/readdir_r.c>
 diff --git a/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c b/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
 index 5ed8e95..290f2c8 100644
 --- a/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
 +++ b/sysdeps/unix/sysv/linux/wordsize-64/readdir_r.c
@@ -1,5 +1,4 @@
 #define readdir64_r __no_readdir64_r_decl
 -#define GETDENTS_64BIT_ALIGNED 1
 #include <sysdeps/posix/readdir_r.c>
 #undef readdir64_r
 weak_alias (__readdir_r, readdir64_r)
 -- 
 1.8.3.4
--- a/lib32-glibc/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
+++ b/lib32-glibc/glibc-2.18-strcoll-CVE-2012-4412+4424.patch
--- a/lib32-glibc/glibc-2.18-strstr-hackfix.patch
+++ b/lib32-glibc/glibc-2.18-strstr-hackfix.patch
@ -0,0 +1,13 @@
 diff --git a/sysdeps/x86_64/multiarch/strstr.c b/sysdeps/x86_64/multiarch/strstr.c
 index cd63b68..03d8b9a 100644
 --- a/sysdeps/x86_64/multiarch/strstr.c
 +++ b/sysdeps/x86_64/multiarch/strstr.c
@@ -86,7 +86,7 @@
 /* Simple replacement of movdqu to address 4KB boundary cross issue.
    If EOS occurs within less than 16B before 4KB boundary, we don't
    cross to next page.  */
 -static __m128i
 +static inline __m128i
 __m128i_strloadu (const unsigned char * p, __m128i zero)
 {
   if (__builtin_expect ((int) ((size_t) p & 0xfff) > 0xff0, 0))
--- a/libtool-multilib/PKGBUILD
+++ b/libtool-multilib/PKGBUILD
@ -6,7 +6,7 @@ pkgbase=libtool-multilib
 _pkgbase=libtool
 pkgname=(libtool-multilib lib32-libltdl)
 pkgver=2.4.2
-pkgrel=4
+pkgrel=5
 pkgdesc="A generic library support script for multilib"
 arch=('x86_64')
 url="http://www.gnu.org/software/libtool"