PROBLEM: (79714, 79724) (PATCH ID: OSF510-033) ******** Under certain circumstances, getaddrinfo(3) returns an incorrect status to the application. Conditions are: 1. Address family in the hints is not specified (PF_UNSPEC) or 'hints' parameter is NULL. 2. a. 'servname' is specified as a name of the service that exists in /etc/services file. b. ai_socktype and ai_protocol are not specified (0). c. /etc/services lists support only for tcp protocol. PROBLEM: (64466, CFS78826) (PATCH ID: OSF510-019) ******** This fix increases the number of places of precision for long doubles to 36. Prior to this fix, printing of long double values using the stdio printf functions would result in a value with a maximum of 17 places of precision. PROBLEM: (82439) (PATCH ID: OSF510-027) ******** On rare occasion the C runtime library atof() and strtod() functions (and other functions that may use them) may produce an incorrect result. The error should only be in the least significant digit of the mantissa (a rounding error). PROBLEM: (82154) (PATCH ID: OSF510-037) ******** This patch fixes hangs in threaded programs with subprocesses created with nfork(NULL). Examining one of the hanging subprocesses shows that it has called fopen() and is waiting for the "iobptr" mutex in _findiop(). The symptoms of the failure are: - the program does not terminate - the expected .td files (hex dumps of the input *.o files) are not all created - some of the created subprocesses hang - the parent process sleeps waiting for the subprocesses to terminate Examining one of the hanging subprocesses shows that it has called fopen() and is apparently waiting for the "iobptr" mutex in _findiop(). PROBLEM: (82180) (PATCH ID: OSF510-051) ******** This fix correctly prints the value 0.0 when the precision is specified for a %g type conversion. PROBLEM: (81106, 81262) (PATCH ID: OSF510-071) ******** If the TZ environment variable is set to ":" (as in TZ=:), either on the command line or via a putenv() call, the data for the default time zone (GMT) is supposed to be loaded and used when time-related libc functions (such as tzset(), mktime(), localtime(), etc) are called. However, due to this bug, the data is not loaded and time zone information will either be missing (as in empty time zone abbreviations) or erroneously consistent with a previous time zone used. It may also lead to incorrect errors from mktime() when valid input is given. PROBLEM: (SSRT0689U) (PATCH ID: OSF510-061) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. PROBLEM: (81317, 84669) (PATCH ID: OSF510-154) ******** PROBLEM: In a multithreaded application, freeing memory allocated by malloc can take a long time if many allocations of (nearly) the same size have been made. This patch causes malloc to adjust the way it manages memory if it notices its lists getting long, improving free performance in these cases several orders of magnitude. PROBLEM: If an application sets the malloc tuning variable __sbrk_override, malloc tries to allocate much too much memory from the kernel. This can cause malloc to return NULL with errno set to ENOMEM prematurely. PROBLEM: (85348) (PATCH ID: OSF510-177) ******** This patch fixes a problem with the mallinfo() call which can cause an application to fail if run on a RAD other than '0'. PROBLEM: (BCGMC14C4, 84427) (PATCH ID: OSF510-145) ******** This patch restores correct behavior that existed on pre-V5.0 releases for ecvt() and fcvt(). Floating point exceptions and core dumps no longer occur when denormalized values are passed to ecvt() and fcvt(). This patch also resolves issues with customer applications that experienced floating point exceptions and core dumps when passing denormalized values to ecvt() and fcvt() that subsequently caused INFORMIX databases to crash. PROBLEM: (IPMT:BE_G01142) (PATCH ID: OSF510-151) ******** This patch fixes the return values for the vwprintf() function so that it returns the number of characters written (instead of bytes) when called with wide characters. It also fixes the code to add a null terminating character to the resulting buffer. PROBLEM: (84115) (PATCH ID: OSF510-123) ******** This change extends the string and character input buffer length supported to be the maximum addressable number of characters (MAXINT). PROBLEM: (84797, 84942) (PATCH ID: OSF510-183) ******** This patch fixes the problem of optimized programs printing incorrect values for long doubles. PROBLEM: (84708) (PATCH ID: OSF510-130) ******** This fixes problems using scanf() routines with numeric format elements that include width directives containing values greater that 1024. Numeric input containing greater than 24 characters exceeds the system precision support for numeric values. This fix defaults the width in these cases to 1024. PROBLEM: (TKTR80008) (PATCH ID: OSF510-091) ******** This fix corrects a regular expression performance problem in libc. PROBLEM: (84528) (PATCH ID: OSF510-146) ******** This patch fixes a potential online help build problem when dthelptag is used to compile online help files in a multibyte locale. Without the patch, an error such as: Internal error. Failed in qualifying ../../icons/C/Dtadskt.m.pm may happen when compiling in a multibyte locale. PROBLEM: (83376, 84726) (PATCH ID: OSF510-150) ******** This patch fixes regular expression handling that used bracket expressions with the '*' character in non-default locales. PROBLEM: (88661) (PATCH ID: OSF510-283) ******** While running in a Asian multibyte locale, commands that make use of the regcomp() and regexec() regular expression routines in libc, such as sed, may sometimes fail to find a match for a simple string that starts with a multibyte character. This patch fixes that regular expression matching problem. PROBLEM: (85891) (PATCH ID: OSF510-253) ******** This fix corrects a problem in which the "rsh [host] -l [user] [command] command returns "permission denied". PROBLEM: (SSRT1-26) (PATCH ID: OSF510-208) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. PROBLEM: (HPAQA117F) (PATCH ID: OSF510-499) ******** This patch fixes a problem with fopen. Prior to this fix, fopen would return "File not found" if it ran out of memory while trying to open a file. With this patch, fopen will return "Not enough space" when memory is exceeded. PROBLEM: (HPAQA117F) (PATCH ID: OSF510-520) ******** This patch fixes a problem with strerror. When memory is exhausted, strerror can not allocate a buffer for the error string. This patch provides an alternate buffer for strerror when memory is exhausted. PROBLEM: (117-1-18105:, 82714) (PATCH ID: OSF510-398) ******** PROBLEM: ( 117-1-18105: HPAQ81H1M/89586, 82714 ) (PATCH ID: ) This patch fixes a problem in which the rpc tcp server incorrectly tries to write to a socket that has already been closed by a client. A system which does not have this patch will see extra tcp traffic on the wire whenever a client closes a connection to the server. This superfluous write to the socket results in a SIGPIPE sent to the server process. PROBLEM: (SSRT0781U) (PATCH ID: OSF510-529) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of network programs core dumping. Compaq has corrected this potential vulnerability. PROBLEM: (90461) (PATCH ID: OSF510-430) ******** As described in the regexec.3 reference page, the regexec() routine compares a string to a compiled regular expression. However, a problem causes the regexec() routine to fail to find a match if the REG_NEWLINE flag of the cflags parameter is specified and the matching pattern in the given string happens to be after the first '\n' character(s). This patch fixes this matching problem. PROBLEM: (89900) (PATCH ID: OSF510-393) ******** This change fixes the situation that, when using the passwd command, a user could be presented with a dialog such as the following: You are registered with the following security mechanisms 1. BSD 2. Synchronized update for synchronizable mechanisms [Default selection: 2] Select ONE item by number: The circumstances which cause this to arise involve having multiple SIA mechanisms registered on the system, with only the local SIA mechanims (BSD or OSFC2) expecting to be listed in that dialog. In this situation, the other mechanisms which are present on the system have been configured to expect only a synchronized password update. This confusing presentation has been corrected, so that the user now is not asked to select anything, but a synchronized update is selected automatically. PROBLEM: (117-1-17857:CA1Q70314, 89329) (PATCH ID: OSF510-401) ******** Applications that call fread() with large amounts of data may experience excessive I/O activity and slower performance than expected. Also, applications which issue individual fread() calls with a total data size representation that is greater than 32 bits (2^32 of data) will always read less than the requested amount due to a truncation error in fread(). This patch addresses these problems. PROBLEM: (91301, SSRT0771U) (PATCH ID: OSF510-530) ******** When the LANG and LOCPATH environment variables are set to a very long string, the application may crash with segmentation fault. This patch fixes the problem. PROBLEM: (117-1-18543:BCSMA04Q4:CFS.87236, 90176) (PATCH ID: OSF510-422) ******** Applications which call the mktime() function with a tm struct containing a non-negative tm_isdst (daylight savings time - DST) setting that does not match the actual DST setting for the specified time in the given time zone may be returned an adjusted tm struct (and associated time_t value) that is not accurate. This occurs only in certain time zones, and only in those containing transitions for more than one standard (STD) or DST setting. PROBLEM: (89280) (PATCH ID: OSF510-381) ******** This patch fixes a regular expression performance problem in case insensitive mode. It also fixes two potential regular expression problems for multibyte locales. PROBLEM: (90902, SSRT0788U) (PATCH ID: OSF510-467) ******** When the LANG environment variable is set to a very long string, some applications may crash with memory fault. This patch fixes the problem. PROBLEM: (117-1-17467:BCSM60KGT, 74405) (PATCH ID: OSF510-400) ******** Applications that use the fwrite() library call may fail when the total number of bytes to be written is larger than 2 GB. Also, when the total number of bytes to be written is a multiple of 4 GB, fwrite() may indicate success, when in reality, no data has actually been written. This patch addresses these problems.