Date/time conversion specifiers are expanded after replacing buffer
local variables in name of log files. In some cases, this can lead to
an error in function strftime and a crash caused by the use of an
uninitialized buffer.
ok jca@, "that should go in" sthen@
Avoid using XZR/WZR directly as operands to split stores of zero
vectors. Doing so can lead to the XZR/WZR being used by an instruction
that doesn't allow it (e.g. add)
from Brad (maintainer)
in the checks.
Someone clearly did not read the autoconf documentation because
using the following functions with a function declaration inside
the body will end up declaring a function inside a function.
- AC_TRY_COMPILE( [], [ int main() { return 0; } ],
- AC_LANG_PROGRAM([[]], [[int main (void) { return 0; }]])],
- AC_TRY_LINK([], [int main (void) { return 0; }],
Result:
int
main ()
{
int main (void) { return 0; }
;
return 0;
}
nested functions is a gcc extension which is not supported by
clang.
test.c:4:17: error: function definition is not allowed here
int main (void) { return 0; }
^
1 error generated.
This causes tests to fail in the configure scripts resulting in
missing compile and link time flags from the builds.
This resulted in weird behaviour of several software, like gnome
hanging completely due to gtk+3 not being built properly.
This change intrudces the following fixes:
- remove int main() declaration from AC_TRY_COMPILE, AC_LANG_PROGRAM, AC_TRY_LINK
as it comes with a declaration already, and people misused them
- change to use AC_LANG_SOURCE when needed in case a complete source block is specified
Most of the changes are in configure.(ac|in), however there were some cases
where autoconf is either broken or the build failed because of an autoconf
generated configure script. Everytihng else is switched to autoconf, so
the maintainers can go ahead and upstream these diffs.
There are more to come, we are continously checking the tree for these issues
and in the future the infrastructure will error if such a case is found.
o CVE-2017-12150 (SMB1/2/3 connections may not require signing where
they should)
o CVE-2017-12151 (SMB3 connections don't keep encryption across DFS
redirects)
o CVE-2017-12163 (Server memory information leak over SMB1)
