Patch-ID# 105697-02 Keywords: security y2000 libc international bar date Synopsis: SunOS 4.1.4 (HLE): (Chinese HLE1.1.4) international y2000 mult fixes patch Date: Aug/09/99 NOTE: ******************************************************************************** This is the traditional Chinese version of libc and may be given to any customer. PLEASE read the ENTIRE installation discussion before proceeding with the installation of this patch. ******************************************************************************** Solaris Release: 1.1.2 Note: HLE 1.1.4 SunOS Release: 4.1.4 Unbundled Product: Unbundled Release: BugId's fixed with this patch: 1070813 1220511 1219835 1182835 1190985 1197137 1222421 1225336 1043741 1264595 4018724 4018723 1086103 4186756 Changes incorporated in this version: Patches accumulated and obsoleted by this patch: Relevant Architecture: sparc NOTE: sun4(all) Patches which may conflict with this patch: Obsoleted by: Files included with this patch: /usr/lib/libc.a /usr/lib/libc_p.a /usr/lib/libbsdmalloc.a /usr/lib/libc.sa19 /usr/lib/libc.so19 /usr/lib/libc.sa1019 /usr/lib/libc.so1019 /usr/5lib/libc.a /usr/5lib/libc_p.a /usr/5lib/libc.sa29 /usr/5lib/libc.so29 /usr/5lib/libc.sa1029 /usr/5lib/libc.so1029 /usr/lib/debug/malloc.o /usr/lib/debug/mallocmap.o /usr/lib/shlib.etc/README /usr/lib/shlib.etc/Makefile /usr/lib/shlib.etc/awkfile /usr/lib/shlib.etc/libc_pic.a /usr/lib/shlib.etc/libcs5_pic.a /usr/lib/shlib.etc/lorder-sparc /usr/lib/shlib.etc/objsort /usr/compat/5lib/libc.a /usr/compat/5lib/libc_p.a /usr/compat/lib/libc.a /usr/compat/lib/libc_p.a /usr/bin/date /usr/bin/bar NOTE: /usr/lib/libc.sa19 gets installed as lib/libc.sa.1.9 /usr/lib/libc.so19 gets installed as lib/libc.so.1.9 /usr/lib/libc.sa1019 gets installed as lib/libc.sa.101.9 /usr/lib/libc.so1019 gets installed as lib/libc.so.101.9 /usr/5lib/libc.sa29 gets installed as 5lib/libc.sa.2.9 /usr/5lib/libc.so29 gets installed as 5lib/libc.so.2.9 /usr/5lib/libc.sa1029 gets installed as 5lib/libc.sa.102.9 /usr/5lib/libc.so1029 gets installed as 5lib/libc.so.102.9 Problem Description: 4186756 --> strptime() %j gives incorrect day of the year 4018724 --> 4.x strptime %y doesn't recognize the year is 2000 or greater 1070813 --> mblen() and mbtowc() return 1 when pointing to null char 1264595 --> strncmp core dumps when used at the end of a page of memory 1043741 --> getpwent goes into infinite loop on malformed NIS passwd entry 1225336 --> T102545-03 breaks rpc programs with clnt_call requests Fail with RPC_CANTRECV 1220511 --> mktime() doesn't care leap year. 1222421 --> Patch 102545-02 changed clnt_udp.o but should not. 1190985 --> gethostbyname() can trash an existing open file descriptor. 1197137 --> NFS server crashed w/ "Panic: Bad Trap" when NFS client do a "find" over T1 link. 1182835 --> portmapper silently fails with version mismatch by PC-NFS client. 1219835 --> Syslog(3) can be abused to gain root access on 4.X systems 4018723 --> 4.x bar doesn't work when the system date is 2000 or greater 1086103 --> date command does not set date correctly beyond 1999 Patch Installation instructions: ------------------------------- The libraries in this patch may be placed in any directory. But if you choose to place any libc.* in a location other than /usr/lib or /usr/5lib, you'll have to use the -L flag with each ld execution to "point" to the chosen directory that holds these substitutes. Since this is likely to be a somewhat awkward requirement, the patch and the following install sequence assume you wish to substitute your standard libraries with the patched versions. The installation of ANY of the library parts may be done while the system is running, EXCEPT for the SHARED libc's. It is SAFEST to substitute the shared libraries while SunOS is booted in single-user mode or from the SunOS Installation miniroot. Since using SunOS in single-user mode is easier than booting the miniroot off the SunOS Installation tapes, the install sequence below will reference single-user mode. There is one more consideration. The installation sequence below will overwrite ALL libc "variants" in /usr/lib and /usr/5lib. If you have added/substituted parts to libc.a or libc.s?.X.Y in /usr/lib and/or /usr/5lib, you will need to 1) preserve these copies, or 2) plan to resubstitute your material in with these patch versions. It is highly recommended that you "walkthru" the installation sequence below to become familiar with what is being done prior to actually doing it. You can vary and even skip some steps in these instructions if you're *confident* you understand what is going on. Bear in mind that /usr/lib/libc.so.X.Y dynamically binds the *entire* SunOS and any corruption to this particular library will render a system virtually useless. Installing the libc patch: (perform the following steps in this order) o save patch distribution under some directory, say '/tmp/X'. (if in tar format untar using tar xpf .tar) o cd /tmp/X o su o (ensure no users are actively using any libc's) o mv /usr/lib/libc.a /usr/lib/libc.a.FCS o mv /usr/lib/libc_p.a /usr/lib/libc_p.a.FCS (1) o mv /usr/5lib/libc.a /usr/5lib/libc.a.FCS (2) o mv /usr/5lib/libc_p.a /usr/5lib/libc_p.a.FCS (2) o mv /usr/lib/libbsdmalloc.a /usr/lib/libbsdmalloc.a.FCS (1) if you do not have this file on your system, then the "Debugging" part of the OS distribution tape has not been loaded. (2) if you do not have this file on your system, then the "SystemV" part of the OS distribution tape has not been loaded. You will rename your original shared libc's at a later point in the installation. o mv /usr/lib/shlib.etc /usr/lib/shlib.etc.FCS o mkdir /usr/lib/shlib.etc o chmod 2755 /usr/lib/shlib.etc These above 3 steps may be done if you wish to preserve completely your original /usr/lib/shlib.etc. If not, you may skip them. o mv /usr/lib/debug /usr/lib/debug.FCS o mkdir /usr/lib/debug o chmod 2755 /usr/lib/debug These above 3 steps may be done if you wish to preserve completely your original /usr/lib/debug. If not, you may skip them. o cp -p -R lib/* /usr/lib o cp -p -R 5lib/* /usr/5lib You are actually copying all the files in lib and 5lib directories to /usr/lib and /usr/5lib. If you followed all steps mentioned above you are still in /tmp/X. o "quiet" system (have users log off, announce system going down) o sync o halt o >b[oot] vmunix -s You're now booting SunOS in single-user mode. We will rename the shared libc's to make them "active" and this is best done, at minimum, under single-user. o cd /usr/lib o ls -l libc.s* You will get an output similar to the following: -rw-r--r-- 1 root 7996 Oct 14 1994 libc.sa.1.9 -rwxr-xr-x 1 root 516096 Oct 14 1994 libc.so.1.9 -rw-r--r-- 1 root 11880 Dec 9 1994 libc.sa.101.9 -rwxr-xr-x 1 root 532480 Dec 9 1994 libc.so.101.9 -rw-r--r-- 1 root 7996 Nov 28 17:37 libc.sa19 -rw-r--r-- 1 root 524288 Nov 28 17:37 libc.so19 -rw-r--r-- 1 root 11904 Nov 28 10:14 libc.sa1019 -rw-r--r-- 1 root 532480 Nov 28 10:14 libc.so1019 o sync o mv libc.so.1.9 libc.so.1.9.FCS this saves the original file o mv libc.so19 libc.so.1.9 this copies the patch to its new place o mv libc.sa.1.9 libc.sa.1.9.FCS this saves the original file o mv libc.sa19 libc.sa.1.9 this copies the patch to its new place o mv libc.so.101.9 libc.so.101.9.FCS this saves the original file o mv libc.so1019 libc.so.101.9 this copies the patch to its new place o mv libc.sa.101.9 libc.sa.101.9.FCS this saves the original file o mv libc.sa1019 libc.sa.101.9 this copies the patch to its new place o date Do this last step CAREFULLY. IF the 'date' command does *anything* else but show a proper date, then IMMEDIATELY do: o mv libc.so.1.9 libc.so19 o mv libc.so.1.9.FCS libc.so.1.9 o mv libc.sa.1.9 libc.sa19 o mv libc.sa.1.9.FCS libc.sa.1.9 o mv libc.so.101.9 libc.so1019 o mv libc.so.101.9.FCS libc.so.101.9 o mv libc.sa.101.9 libc.sa1019 o mv libc.sa.101.9.FCS libc.sa.101.9 If the date command is successful, continue here: o cd ../5lib o ls -l libc.s* You will get an output similar to the following: -rw-r--r-- 1 root 7996 Oct 14 1994 libc.sa.2.9 -rw-r--r-- 1 root 524288 Oct 14 1994 libc.so.2.9 -rw-r--r-- 1 root 7996 Nov 28 17:34 libc.sa29 -rw-r--r-- 1 root 524288 Nov 28 17:34 libc.so29 -rw-r--r-- 1 root 11880 Dec 9 1994 libc.sa.102.9 -rw-r--r-- 1 root 524288 Dec 9 1994 libc.so.102.9 -rw-r--r-- 1 root 11904 Nov 28 10:14 libc.sa1029 -rw-r--r-- 1 root 532480 Nov 28 10:14 libc.so1029 o mv libc.so.2.9 libc.so.2.9.FCS this saves the original file o mv libc.so29 libc.so.2.9 this copies the patch to its new place o mv libc.sa.2.9 libc.sa.2.9.FCS this saves the original file o mv libc.sa29 libc.sa.2.9 this copies the patch to its new place o mv libc.so.102.9 libc.so.102.9.FCS this saves the original file o mv libc.so1029 libc.so.102.9 this copies the patch to its new place o mv libc.sa.102.9 libc.sa.102.9.FCS this saves the original file o mv libc.sa1029 libc.sa.102.9 this copies the patch to its new place Do this last step CAREFULLY also. o ranlib -t /usr/lib/libc* You will see "not an archive: /usr/lib/libc.so.1.9" This is OK. o ranlib -t /usr/5lib/libc* You will see "not an archive: /usr/5lib/libc.so.2.9" This is OK. o ^D Do the install for bar and date: o cp bin/bar /usr/bin o cp bin/date /usr/bin The install is complete. The ^D above terminates single-user mode, and brings your system back up in multi-user mode.