Compare commits

...

137 Commits

Author SHA1 Message Date
Peter Korsgaard 6ec5f4eb71 Update for 2020.02.5
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 21:31:44 +02:00
Fabrice Fontaine dc2152dbb6 package/domoticz: drop SYNC4 from comment
Commit 8f5a9f597e forgot to drop SYNC4
from comment

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit c0126c38d6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 20:05:10 +02:00
Titouan Christophe d5438fdb06 package/mosquitto: security bump to v1.6.12
Mosquitto 1.6.11 is a bugfix release, read the whole announcement on
http://mosquitto.org/blog/2020/08/version-1-6-11-released/

Mosquitto 1.6.12 is a security and bugfix release, read
http://mosquitto.org/blog/2020/08/version-1-6-12-released/

>From the 1.6.11 changelog of the client library:
mosquitto_loop_start() now sets a thread name on Linux, FreeBSD, NetBSD,
and OpenBSD. Closes #1777.
This is done with pthread_setname_np; so mosquitto now requires
BR2_TOOLCHAIN_HAS_THREADS_NPTL when built with threading support.

2 reverse dependencies use the threaded API, but they already
depend on BR2_TOOLCHAIN_HAS_THREADS_NPTL:
* domoticz [1] (we add a comment for mosquitto)
* shairport-sync [2]

[1] https://github.com/domoticz/domoticz/blob/2020.1/main/mosquitto_helper.cpp#L344
[2] https://github.com/mikebrady/shairport-sync/blob/3.3.6/mqtt.c#L227-L229

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit df15d751c7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:51:55 +02:00
Titouan Christophe 7de027bf95 package/{collectd, domoticz}: fix outdated dependencies for mosquitto
In 4fc62e1eb6, we removed arch/toolchain
dependencies from the mosquitto library (MMU, !STATIC, SYNC4), and moved
them to the mosquitto broker only.

All the packages modified here only need the mosquitto library, so they
shouldn't have those depends anymore; but this was never done before.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
[Peter: leave mmu/!static dependency for domoticz as it uses fork()/looks
	for libmosquitto.so]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8f5a9f597e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:51:21 +02:00
Fabrice Fontaine 9806ac3df0 package/wolfssl: fix build with big endian
Fixes:
 - http://autobuild.buildroot.org/results/21098180d386890025ed5cdd243bf5a9b444c5cf

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d0ac6246ca)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:49:31 +02:00
Paul Cercueil 332e245792 linux: run depmod only if modules directory exists
If the modules directory that corresponds to the version of the kernel
being built has been deleted, don't try to run depmod, which will
obviously fail.

This can happen for instance when the modules are stripped from the main
root filesystem, and placed into a separate filesystem image, so that
the root filesystem and the kernel can be updated separately.

Signed-off-by: Paul Cercueil <paul@crapouillou.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 532fe9fb57)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:42:26 +02:00
Peter Korsgaard f1a83afe2d fs/cpio/init: unbreak ttyname_r() on glibc after dropping /dev/console exec
Commit 98a6f1fc02 (fs/cpio: make initramfs init script survive 'console='
kernel argument) dropped the explicit /dev/console execs for fd 0,1,2, as
they fail when booted with console= and aren't really needed as the kernel
will setup fd 0,1,2 from /dev/console before executing the initramfs anyway.

Not doing this unfortunately confuses glibc's ttyname_r(3) implementation
(used by E.G.  busybox/coreutils 'tty'), causing it to fail with ENOENT as
it does a fstat on fd 0 and tries to match up st_ino / st_dev against the
entries in /dev (since glibc 2.26):

 commit 15e9a4f378c8607c2ae1aa465436af4321db0e23
 Author: Christian Brauner <christian.brauner@canonical.com>
 Date:   Fri Jan 27 15:59:59 2017 +0100

    linux ttyname and ttyname_r: do not return wrong results

    If a link (say /proc/self/fd/0) pointing to a device, say /dev/pts/2, in a
    parent mount namespace is passed to ttyname, and a /dev/pts/2 exists (in a
    different devpts) in the current namespace, then it returns /dev/pts/2.
    But /dev/pts/2 is NOT the current tty, it is a different file and device.

    Detect this case and return ENODEV.  Userspace can choose to take this as a hint
    that the fd points to a tty device but to act on the fd rather than the link.

    Signed-off-by: Serge Hallyn <serge@hallyn.com>
    Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>

The reason it fails is that we manually mount devtmpfs on /dev in /init, so
the /dev/console used by the kernel (in rootfs) is not the same file as
/dev/console at runtime (in devtmpfs).

Notice: Once logged in, tty does work correctly.  Presumably login reopens
stdin/stdout/stderr.

To fix this, re-add the exec of /dev/console for fd 0,1,2, but only do so if
possible.  Because of the above mentioned shell behaviour (specified by
POSIX [0]), perform this check in a subshell.

[0] https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_20_01

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit b9026e83f9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:40:49 +02:00
Fabrice Fontaine eb5b33c51d package/postgresql: security bump to version 12.4
- Fix CVE-2020-14349: It was found that PostgreSQL versions before 12.4,
  before 11.9 and before 10.14 did not properly sanitize the search_path
  during logical replication. An authenticated attacker could use this
  flaw in an attack similar to CVE-2018-1058, in order to execute
  arbitrary SQL command in the context of the user used for replication.
- Fix CVE-2020-14350: It was found that some PostgreSQL extensions did
  not use search_path safely in their installation script. An attacker
  with sufficient privileges could use this flaw to trick an
  administrator into executing a specially crafted script, during the
  installation or update of such extension. This affects PostgreSQL
  versions before 12.4, before 11.9, before 10.14, before 9.6.19, and
  before 9.5.23.

https://www.postgresql.org/docs/12/release-12-4.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 35ebee6510)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:39:27 +02:00
Bernd Kuhls 6788863f84 package/postgresql: bump version to 12.3
Changelog: https://www.postgresql.org/about/news/2038/

Fixes CVE-2020-10733 which is only relevant for Windows.

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 1fcf0e27b3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:39:20 +02:00
Yann E. MORIN eac943b234 Makefile: use $(Q) instead of @ to silence target-finalize commands
As 18f6c26118 just did to silence the file lists commands, switch to
using $(Q) instead of a plain @, to silence the commands.

Using $(Q) will allow to debug the commands with V=1.

We keep @ for the calls to MESSAGE, though.

The commands that are not currently silenced are left as-is, and they
can be converted to being silent in a followup patch, if need be,

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 5754d9c9b1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:36:24 +02:00
Thomas Petazzoni 72ec125c16 Makefile: hide commands that build the package file lists at end of build
Since commit 0e2be4db8a
("package/pkg-generic: make file list logic parallel build
compatible"), the commands executed at the every end of the build
to assemble the list of files installed by the different packages
are visible in the make output. They are quite noisy, and clutter
the output.

The other commands in target-finalize are also hidden using "@",
so we should also do the same for those commands. But that hurts
debuggability, so we use $(Q) (the existing '@'s can be changed
in a followup patch).

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[yann.morin.1998@free.fr: use '$(Q)', not '@']
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 18f6c26118)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 19:36:17 +02:00
Peter Korsgaard a81e60cebd package/squid: security bump to version 4.13
Fixes the following security issues:

CVE-2020-15810: HTTP(S) Request Smuggling
Due to incorrect data validation Squid is vulnerable to HTTP Request
Smuggling attacks against HTTP and HTTPS traffic.  This leads to cache
poisoning.
https://github.com/squid-cache/squid/security/advisories/GHSA-3365-q9qx-f98m

CVE-2020-15811: HTTP(S) Request Splitting
Due to incorrect data validation Squid is vulnerable to HTTP Request
Splitting attacks against HTTP and HTTPS traffic.  This leads to cache
poisoning.
https://github.com/squid-cache/squid/security/advisories/GHSA-c7p8-xqhm-49wv

CVE-2020-24606: Denial of Service processing Cache Digest Response
Due to Improper Input Validation Squid is vulnerable to a Denial of Service
attack against the machine operating Squid.
https://github.com/squid-cache/squid/security/advisories/GHSA-vvj7-xjgq-g2jg

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 71ac106bb3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 13:36:56 +02:00
Peter Korsgaard cc3e09eba0 package/glibc: security bump for additional post-2.30.x fixes
Fixes the following security issue:

arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620]
Unsigned branch instructions could be used for r2 to fix the wrong behavior
when a negative length is passed to memcpy.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 12:24:03 +02:00
Fabrice Fontaine cd67d6c08b package/wolfssl: security bump to version 4.5.0
wolfSSL version 4.5.0 contains 6 vulnerability fixes: 2 fixes for TLS 1.3,
2 side channel attack mitigations, 1 fix for a potential private key leak
in a specific use case, 1 fix for DTLS including those 3 CVEs:

- Fix CVE-2020-12457: An issue was discovered in wolfSSL before 4.5.0.
  It mishandles the change_cipher_spec (CCS) message processing logic
  for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a
  crafted way involving more than one in a row, the server becomes stuck
  in the ProcessReply() loop, i.e., a denial of service.
- Fix CVE-2020-15309: An issue was discovered in wolfSSL before 4.5.0,
  when single precision is not employed. Local attackers can conduct a
  cache-timing attack against public key operations. These attackers may
  already have obtained sensitive information if the affected system has
  been used for private key operations (e.g., signing with a private
  key).
- Fix CVE-2020-24585: An issue was discovered in the DTLS handshake
  implementation in wolfSSL before 4.5.0. Clear DTLS application_data
  messages in epoch 0 do not produce an out-of-order error. Instead,
  these messages are returned to the application.

Also update hash of LICENSING as well as WOLF_LICENSE due to later
verbage update with
https://github.com/wolfSSL/wolfssl/commit/970391319beb023680eccd0e447e76834dbb4808

https://www.wolfssl.com/docs/security-vulnerabilities/

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 0ed8bf6d2b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 11:57:44 +02:00
Sergio Prado 3aba2e0c2e package/wolfssl: bump version to 4.4.0
Also change the hash file to separate the fields by two spaces.

Signed-off-by: Sergio Prado <sergio.prado@e-labworks.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4b71f00b1e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 11:57:35 +02:00
Fabrice Fontaine 15389955ae package/wireshark: security bump to version 3.2.6
Fix CVE-2020-17498: In Wireshark 3.2.0 to 3.2.5, the Kafka protocol
dissector could crash. This was addressed in
epan/dissectors/packet-kafka.c by avoiding a double free during LZ4
decompression.

https://www.wireshark.org/security/wnpa-sec-2020-10.html

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 753d01ac56)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 11:56:46 +02:00
Peter Korsgaard 813178eb21 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3cf6d708e1)
[Peter: drop 5.7.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 10:44:00 +02:00
Yann E. MORIN 7d3df069d5 linux: workaround make-4.1 bug
On Ubuntu 18.04, make-4.1 emits spurious, incorrect "entering/leaving"
messages, which end up in the LINUX_VERSION_PROBED variable:

    printf 'probed linux version: "%s"\n' "$(LINUX_VERSION_PROBED)"
    probed linux version: "make[1]: Entering directory '/home/buildroot'
    4.19.78-linux4sam-6.2
    make[1]: Leaving directory '/home/buildroot/output/build/linux-linux4sam_6.2'"

First, the messages are displayed even though we do explicitly pass
--no-print-directory -s.

Second, the entering and leaving messages are not about the same
directory!

This *only* occurs in the following conditions:

  - the user has the correct 0022 umask,
  - top-level parallel is used (with or without PPD),
  - initial -C is specified as well.

    $ umask 0022
    $ make -j16 -C $(pwd)
    [...]
    depmod: ERROR: Bad version passed make[1]:
    [...]

(yes, 'make[1]:' is the string depmod is trying, and fails, to parse as
a version string).

If any of the three conditions above is removed, the problem no longer
occurs. Here's a table of the MAKEFLAGS:

                |                   0002                         |          0022            |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        |                          |
    noC |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | -j --jobserver-fds=3,4   |
    ----+-------+------------------------------------------------+--------------------------+
        | no-j  | --no-print-directory --                        | w                        |
    -C  |       +------------------------------------------------+--------------------------+
        | -j16  | -j --jobserver-fds=3,4 --no-print-directory -- | w -j --jobserver-fds=3,4 |
    ----+-------+------------------------------------------------+--------------------------+

    0002: umask == 0002
    0022: umask == 0022

    no-j: no -j flag
    -j16: -j16 flag

    noC: no -C flag
    -C : -C /path/of/buildroot/

Only the bottom-right-most case fails...

This behaviour goes against what is documented:

    https://www.gnu.org/software/make/manual/make.html#g_t_002dw-Option

    5.7.4 The ‘--print-directory’ Option
    [...]
    you do not need to specify this option because ‘make’ does it for
    you: ‘-w’ is turned on automatically when you use the ‘-C’ option,
    and in sub-makes. make will not automatically turn on ‘-w’ if you
    also use ‘-s’, which says to be silent, or if you use
    ‘--no-print-directory’ to explicitly disable it.

So this exactly describes our situation; yet 'w' is added to MAKEFLAGS.

Getting rid of the 'w' flag makes the build succeed again, so that's
what we do here (bleark, icky)...

Furthermore, the documented way to override MAKEFLAGS is to do so as a
make parameter:

    https://www.gnu.org/software/make/manual/make.html#Options_002fRecursion

    5.7.3 Communicating Options to a Sub-make
    [...]
    If you do not want to pass the other flags down, you must change the
    value of MAKEFLAGS, like this:

        subsystem:
            cd subdir && $(MAKE) MAKEFLAGS=

However, doing so does not fix the issue. So we resort to pass the
modified MAKEFLAGS via the environment (bleark, icky)...

Fixes: #13141

Reported-by: Laurent <laurent@neko-labs.eu>
Reported-by: Asaf Kahlon <asafka7@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 3f6a40e9fa)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 10:39:33 +02:00
Peter Korsgaard 3fbff36337 package/trousers: add upstream security fix
Fixes the following security issues:

CVE-2020-24332
If the tcsd daemon is started with root privileges,
the creation of the system.data file is prone to symlink attacks

CVE-2020-24330
If the tcsd daemon is started with root privileges,
it fails to drop the root gid after it is no longer needed

CVE-2020-24331
If the tcsd daemon is started with root privileges,
the tss user has read and write access to the /etc/tcsd.conf file

For details, see the advisory:
https://www.openwall.com/lists/oss-security/2020/05/20/3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit e71be18354)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 10:39:13 +02:00
Peter Korsgaard a4c252e967 package/cryptsetup: add upstream patch to fix build against json-c >= 0.14.0
Fixes:
http://autobuild.buildroot.net/results/2ae/2aec06342f325c6d1f26376ef258f441b15098d5/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-29 09:30:09 +02:00
Bernd Kuhls 53575d5ff2 package/dovecot-pigeonhole: bump version to 0.5.11
Release notes:
https://dovecot.org/pipermail/dovecot-news/2020-August/000439.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bbb4e21046)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:55:45 +02:00
Bernd Kuhls b4aea092ba package/dovecot-pigeonhole: bump version to 0.5.10
Release notes:
https://raw.githubusercontent.com/dovecot/pigeonhole/release-0.5.10/NEWS

Reformatted hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 88aa55953c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:55:42 +02:00
Bernd Kuhls c64bec3a35 package/x11r7/xlib_libX11: security bump version to 1.6.12
Fixes CVE-2020-14363:
https://lists.x.org/archives/xorg-announce/2020-August/003056.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ab0c98cac8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:52:24 +02:00
Bernd Kuhls 04f7aee1da package/x11r7/xserver_xorg-server: security bump version to 1.20.9
Fixes CVE-2020-14345, CVE-2020-14346, CVE-2020-14361 & CVE-2020-1436:
https://lists.x.org/archives/xorg-announce/2020-August/003058.html

Removed patch 0002, not needed anymore due to upstream commit
https://cgit.freedesktop.org/xorg/xserver/commit/configure.ac?h=server-1.20-branch&id=c601c8faf54ff9e3bcbc653421828d71042deef7

Build-tested with wayland:
checking for a useful monotonic clock ......
checking whether CLOCK_MONOTONIC is declared... yes
guessing yes

Removed patch 0007, included in upstream release.

Rebased and renumbered remaining patches.

Reformatted license hashes.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b7f0ee878c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:51:26 +02:00
Fabrice Fontaine 267804d758 package/shadowsocks-libev: security bump to version 3.3.4
- Fix CVE-2019-5163: An exploitable denial-of-service vulnerability
  exists in the UDPRelay functionality of Shadowsocks-libev 3.3.2. When
  utilizing a Stream Cipher and a local_address, arbitrary UDP packets
  can cause a FATAL error code path and exit. An attacker can send
  arbitrary UDP packets to trigger this vulnerability.
- Fix CVE-2019-5164: An exploitable code execution vulnerability exists
  in the ss-manager binary of Shadowsocks-libev 3.3.2. Specially crafted
  network packets sent to ss-manager can cause an arbitrary binary to
  run, resulting in code execution and privilege escalation. An attacker
  can send network packets to trigger this vulnerability.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fd3dd9d9c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:50:56 +02:00
Fabrice Fontaine e1e1767daa package/python-matplotlib: simplify version checks
Hopefully, this should fix the following error on one of the
autobuilders:

png: no  [The C/C++ header for libpng (png.h) could not
     be found.  You may need to install the development
     package.]

Fixes:
 - http://autobuild.buildroot.org/results/afddcc44b2fb7983244f24542bfae921869e4ab8

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 07b74f914d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:49:30 +02:00
Fabrice Fontaine 1ee1539bd0 package/openjpeg: add CVE-2020-15389 entry
Commit b006cc373f forgot to add
the OPENJPEG_IGNORE_CVES entry

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 77ef9c333c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:45:21 +02:00
Fabrice Fontaine fea8055872 package/openjpeg: fix CVE-2020-15389
Fix CVE-2020-15389: jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a
use-after-free that can be triggered if there is a mix of valid and
invalid files in a directory operated on by the decompressor. Triggering
a double-free may also be possible. This is related to calling
opj_image_destroy twice.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b006cc373f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:44:53 +02:00
Fabrice Fontaine f4cd4359ab package/json-c: security bump to version 0.15
Fix CVE-2020-12762: json-c through 0.14 has an integer overflow and
out-of-bounds write via a large JSON file, as demonstrated by
printbuf_memappend.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 071e719d58)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:43:04 +02:00
Christopher Pelloux 7df4edb05a package/json-c: bump version to 0.14
Notes:

- json-c now uses cmake instead of autoconf
- This version also brings support to the much welcomed feature for
  parsing uint64_t types

Signed-off-by: Christopher Pelloux <git@chp.io>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7b4581cca8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:43:00 +02:00
Thomas Petazzoni fc24b95723 support/scripts/pkg-stats: drop erroneous "break" in CVE.affects()
Commit 7d2779ecbb
("support/script/pkg-stats: handle exception when version comparison
fails") erroneousy introduced a "break" within a try/expect block.

This break has the unfortunate consequence that every CVE that was
using the <= operator was skipped, and according to the current
CVE statistics, made us miss 74 CVEs out of 141 CVEs.

Here is for reference the complete list of CVEs we missed:

 - gnupg
   CVE-2006-3082
   CVE-2019-13050

 - jhead
   CVE-2020-6624
   CVE-2020-6625

 - patch
   CVE-2018-6952
   CVE-2019-20633

 - json-c
   CVE-2020-12762

 - git
   CVE-2018-1000110
   CVE-2018-1000182
   CVE-2019-1003010
   CVE-2020-2136

 - iperf2
   CVE-2016-4303

 - libtorrent
   CVE-2009-1760
   CVE-2016-5301

 - lua
   CVE-2020-15888
   CVE-2020-15889
   CVE-2020-15945
   CVE-2020-24342

 - openvpn
   CVE-2020-7224

 - smack
   CVE-2016-10027

 - bashtop
   CVE-2019-18276

 - links
   CVE-2008-3319

 - argus
   CVE-2011-3332

 - libraw
   CVE-2020-15503

 - netcat
   CVE-2008-5727
   CVE-2008-5728
   CVE-2008-5729
   CVE-2008-5730
   CVE-2008-5742
   CVE-2015-2214

 - subversion
   CVE-2017-1000085
   CVE-2018-1000111
   CVE-2020-2111

 - python
   CVE-2013-1753
   CVE-2015-5652
   CVE-2017-17522
   CVE-2017-18207
   CVE-2019-20907
   CVE-2019-9674

 - cereal
   CVE-2020-11104
   CVE-2020-11105

 - opencv
   CVE-2017-1000450
   CVE-2017-12597
   CVE-2017-12598
   CVE-2017-12599
   CVE-2017-12600
   CVE-2017-12601
   CVE-2017-12602
   CVE-2017-12603
   CVE-2017-12604
   CVE-2017-12605
   CVE-2017-12606
   CVE-2017-12862
   CVE-2017-12863
   CVE-2017-12864
   CVE-2019-15939

 - docker
   CVE-2015-1843
   CVE-2015-3627
   CVE-2015-3630
   CVE-2015-3631
   CVE-2016-3697
   CVE-2017-14992
   CVE-2019-16884

 - trousers
   CVE-2020-24330
   CVE-2020-24331
   CVE-2020-24332

 - libcroco
   CVE-2020-12825

 - libpupnp
   CVE-2020-13848

 - openjpeg
   CVE-2020-15389

 - flex
   CVE-2015-1773

 - libesmtp
   CVE-2019-19977

 - ed
   CVE-2015-2987

 - libmad
   CVE-2018-7263

 - grub
   CVE-2020-15705

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b3f959fe96)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:29:38 +02:00
Sam Voss 80c9d50e5e package/ripgrep: fix build directories
RIPGREP_CARGO_MODE was no longer defined after 832c076f26 and caused
issues during the install step as the build directory was malformed.

This patch maintains the release/dev profile distinction, while also
assigning appropriate build folders.

Fixes:
 - http://autobuild.buildroot.net/results/a4cd7ecc6d983aa6f15d3be1e21529f17e04b825/
 - http://autobuild.buildroot.net/results/2bab8ffa590d4c4eabffe94ed27311c7f6607c98/

Signed-off-by: Sam Voss <sam.voss@gmail.com>
CC: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 32d27c2f4c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:28:48 +02:00
Yann Sionneau 8ddefc303c package/patchelf: keep RPATH entries even without DT_NEEDED libraries
Our patch
0003-Add-option-to-make-the-rpath-relative-under-a-specif.patch adds
an option --make-rpath-relative, which we use to tweak RPATH of target
binaries.

However, one of the effect of this option is that it drops RPATH
entries if the corresponding directory does not contain a library that
is referenced by a DT_NEEDED entry of the binary.

This unfortunately isn't correct, as RPATH entries are not only used
by the dynamic linker to resolve the location of libraries listed
through DT_NEEDED entries: RPATH entries are also used by dlopen()
when resolving the location of libraries that are loaded at runtime.

Therefore, the removal of RPATH entries that don't correspond to
directories containing libraries referenced by DT_NEEDED entries break
legitimate uses of RPATH for dlopen()ed libraries.

This issue was even pointed out during the review of the upstream pull
request:

  https://github.com/NixOS/patchelf/pull/118#discussion_r329660138

This fixes tst-origin uClibc-ng unit test:

https://github.com/wbx-github/uclibc-ng-test/blob/master/test/dlopen/Makefile.in#L25
https://github.com/wbx-github/uclibc-ng-test/blob/master/test/dlopen/tst-origin.c#L15

Without this patch:

$ gcc -o toto toto.c -Wl,-rpath,/tmp/test/bar
$ readelf -d toto | grep PATH
 0x000000000000000f (RPATH)              Library rpath: [/tmp/test/bar]
$ ./output/host/bin/patchelf --debug --make-rpath-relative /tmp/
toto
patching ELF file `toto'
Kernel page size is 4096 bytes
removing directory '/tmp/test/bar' from RPATH because it does not contain needed libs
new rpath is `'
$ readelf -d toto | grep PATH
 0x000000000000001d (RUNPATH)            Library runpath: []

With the patch applied:

$ gcc -o toto toto.c -Wl,-rpath,/tmp/test/bar
$ readelf -d toto | grep PATH
 0x000000000000000f (RPATH)              Library rpath: [/tmp/test/bar]
$ ./output/host/bin/patchelf --debug --make-rpath-relative /tmp/ toto
patching ELF file `toto'
Kernel page size is 4096 bytes
keeping relative path of /tmp/test/bar
new rpath is `test/bar'
$ readelf -d toto | grep PATH
 0x000000000000001d (RUNPATH)            Library runpath: [test/bar]

Signed-off-by: Yann Sionneau <ysionneau@kalray.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bcdb74512d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:22:08 +02:00
Peter Korsgaard df77691b15 package/hostapd: add upstream 2020-1 security patches
Fixes the following security vulnerabilities:

CVE-2020-12695: The Open Connectivity Foundation UPnP specification before
2020-04-17 does not forbid the acceptance of a subscription request with a
delivery URL on a different network segment than the fully qualified
event-subscription URL, aka the CallStranger issue.

For details, see the advisory:
https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 9b020359b1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:19:59 +02:00
Peter Korsgaard 9393ff855d {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 7a3711132a)
[Peter: drop 5.7.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:14:03 +02:00
Fabrice Fontaine da17a05721 package/ripgrep: fix debug build
There is no --debug mode for cargo resulting in the following build
failure since the addition of this package with commit
4b0d1ef6ac:

error: Unknown flag: '--debug'

Fixes:
 - http://autobuild.buildroot.org/results/58e74bb056ec65680ecebaa559aa14bdebbf5c85
 - http://autobuild.buildroot.org/results/28c6364a89a6044d5a036614f7a6e59815efb770

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[yann.morin.1998@free.fr: keep the default 'dev' mode when in debug]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit d67ff44850)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:08:57 +02:00
Fabrice Fontaine 94efdad6c7 docs/manual/adding-packages-cargo.txt: drop debug profile
There is no debug profile on cargo. The available profiles are: dev
(enabled by default), release, test and bench.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit ec5b470710)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:07:52 +02:00
Peter Korsgaard f7c58e57ad package/xen: add upstream security fix for XSA-327
Fixes the following security issue:

CVE-2020-15564: Missing alignment check in VCPUOP_register_vcpu_info

For further details, see the advisory:

https://xenbits.xenproject.org/xsa/advisory-327.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b541b68067)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:06:26 +02:00
Peter Korsgaard 5bbe135cf8 package/tpm2-abrmd: bump to version 2.3.3
Bugfix release with a single fix:

Fixed:
  - Fixed handle resource leak exhausting TPM resources.

https://github.com/tpm2-software/tpm2-abrmd/releases/tag/2.3.3

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit b557b2e812)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:05:43 +02:00
Titouan Christophe e551d8c364 package/libcurl: security bump to 7.72.0
This new version fixes, amongst many other things, CVE-2020-8231
(https://curl.haxx.se/docs/CVE-2020-8231.html). See the full changelog
on https://curl.haxx.se/changes.html#7_72_0 .

Also drop the 4 patches, that have all been released upstream.

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4a55c2743b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:05:05 +02:00
Peter Korsgaard cf7176c3ef package/bind: security bump to version 9.11.22
Fixes the following security issues:

CVE-2020-8622: A truncated TSIG response can lead to an assertion failure
https://kb.isc.org/docs/cve-2020-8622

CVE-2020-8623: A flaw in native PKCS#11 code can lead to a remotely
triggerable assertion failure in pk11.c
https://kb.isc.org/docs/cve-2020-8623

CVE-2020-8624: update-policy rules of type "subdomain" are enforced incorrectly
https://kb.isc.org/docs/cve-2020-8624

For more details, see the release notes:
https://downloads.isc.org/isc/bind9/9.11.22/RELEASE-NOTES-bind-9.11.22.html

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 4b126afd27)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:03:24 +02:00
Peter Korsgaard 09c531ca09 package/chrony: security bump to version 3.5.1
Fixes the following security issues:

CVE-2020-14367: Insecure writing of pidfile
-------------------------------------------

When chronyd is configured to save the pidfile in a directory where the
chrony user has write permissions (e.g. /var/run/chrony - the default
since chrony-3.4), an attacker that compromised the chrony user account
could create a symbolic link at the location of the pidfile to make
chronyd starting with root privileges follow the symlink and write its
process ID to a file for which the chrony user doesn't have write
permissions, causing a denial of service, or data loss.

This issue was reported by Matthias Gerstner of SUSE.

For further details, see the oss-security posting:
https://www.openwall.com/lists/oss-security/2020/08/21/1

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 15484553f3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:02:58 +02:00
Fabrice Fontaine 5d18afcfe4 docs/manual: fix typo
depednencies -> dependencies

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 531e96e98c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 19:01:43 +02:00
Fabrice Fontaine af9b6c9e89 package/gstreamer1/gst1-plugins-bad: fix deactivation of opencv
Build can fail if opencv3 is built before gst1-plugins-bad because
-Dopencv=disabled does not work in meson (i.e. since commit
5d6c408e95)

Fixes:
 - http://autobuild.buildroot.org/results/19605057c4956d97e9e65068680485db637282db

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit a4bd80de75)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:57:33 +02:00
Frank Vanbever 61b25934d8 package/elixir: fix host-erlang dependency
There is no target elixir package, so setting a value to
ELIXIR_DEPENDENCIES has no effect, HOST_ELIXIR_DEPENDENCIES must be
used instead.

Fixes:

  http://autobuild.buildroot.net/results/a3a37eb724ca5689f8e83c9b2af04d07afa80315/

Signed-off-by: Frank Vanbever <frank.vanbever@essensium.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d059946df0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:53:48 +02:00
Bernd Kuhls 1ef350aa6e package/dovecot: security bump version to 2.3.11.3
Release notes:
https://dovecot.org/pipermail/dovecot-news/2020-August/000440.html

Fixes the following CVEs:

* CVE-2020-12100: Parsing mails with a large number of MIME parts could
  have resulted in excessive CPU usage or a crash due to running out of
  stack memory.
* CVE-2020-12673: Dovecot's NTLM implementation does not correctly check
  message buffer size, which leads to reading past allocation which can
  lead to crash.
* CVE-2020-10967: lmtp/submission: Issuing the RCPT command with an
  address that has the empty quoted string as local-part causes the lmtp
  service to crash.
* CVE-2020-12674: Dovecot's RPA mechanism implementation accepts
  zero-length message, which leads to assert-crash later on.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6db0ea91ef)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:52:17 +02:00
Fabrice Fontaine 93a9d8d127 package/ghostscript: security bump to version 9.52
Fix a bunch of CVEs: CVE-2020-16287, CVE-2020-16288, CVE-2020-16289,
CVE-2020-16290, CVE-2020-16291, CVE-2020-16292, CVE-2020-16293,
CVE-2020-16294, CVE-2020-16295, CVE-2020-16296, CVE-2020-16297,
CVE-2020-16298, CVE-2020-16299, CVE-2020-16300, CVE-2020-16301,
CVE-2020-16302, CVE-2020-16303, CVE-2020-16304, CVE-2020-16305
CVE-2020-16308, CVE-2020-16309, CVE-2020-17538

PKGCONFIG must be passed since version 9.51 and
https://github.com/ArtifexSoftware/ghostpdl/commit/2d84ecc57837785b566ebd9d5909ba9edc9d697f

Also drop patch (already in version) and update indentation in hash file
(two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e90c68e775)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:50:24 +02:00
Fabrice Fontaine 3e499ad849 package/opencv3: fix build with jasper >= 2.0.17
Fixes:
 - http://autobuild.buildroot.org/results/8da00d4b079195f45fe74d879b10db05d74d0559

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 594201acb5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:45:52 +02:00
Fabrice Fontaine d95e110e44 package/opencv: fix build with jasper >= 2.0.17
Fixes:
 - http://autobuild.buildroot.org/results/656e2232a0566ba8f7826a87b1fab9cc2c3d8e46

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 521854251f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:45:46 +02:00
Fabrice Fontaine 44dff152c6 package/mpv: atomic is mandatory
__sync builtins have been dropped since version 0.24.0 and
https://github.com/mpv-player/mpv/commit/c3205d294e519f994829d9355eb133670729aab4

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c6c381c483)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:43:57 +02:00
Fabrice Fontaine df8c34723e package/mpv: link with libatomic if needed
Fixes:
 - http://autobuild.buildroot.org/results/12f4580429427b6b546184366f74da16f83d692c

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 71cb0f0f72)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:42:23 +02:00
Thomas Petazzoni 98adbe7f90 DEVELOPERS: drop Maxime Ripard from kmsxx maintainers
Maxime Ripard is no longer at Bootlin, his e-mail is bouncing:

<maxime.ripard@bootlin.com>: host spool.mail.gandi.net[217.70.178.1] said: 550
    5.1.1 <maxime.ripard@bootlin.com>: Recipient address rejected: User unknown
    in virtual mailbox table (in reply to RCPT TO command)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3a4053b585)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:38:26 +02:00
Thomas Petazzoni 9cd8ee158f support/docker: drop Python 2.x modules
Since commit 4a40d36f13
("support/testing: switch to Python 3 only") our runtime testing
infrastructure is Python 3.x only.

Therefore, it is no longer needed to have python-nose2 and
python-pexpect in the Docker container used to run our Gitlab CI jobs.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 23f7fa874b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:38:04 +02:00
Thomas Petazzoni ddf41cf9a7 support/docker: use python3-flake8
support/scripts/pkg-stats now uses some Python 3.x only constructs
("async" and related keywords), so we must use the Python 3.x flake8.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 385c4da3dd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:35:49 +02:00
Thomas Petazzoni caf04bab8d utils/scanpypi: use raw strings in re.compile/re.sub
Fixes the following Python 3.x flake8 warning:

W605 invalid escape sequence '\w'

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f9150a6a3d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:34:43 +02:00
Thomas Petazzoni f23dd5e4a2 utils/getdeveloperlib.py: use raw strings for re.compile/re.match
Fixes the following Python 3.x flake8 warning:

W605 invalid escape sequence '\s'

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c5b848d719)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:34:41 +02:00
Thomas Petazzoni d917bf4727 support/testing/tests/core/test_timezone.py: fix indentation
Fixes:

support/testing/tests/core/test_timezone.py:7:9: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit cc061128de)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:32:58 +02:00
Thomas Petazzoni 76bbb43441 support/testing: consistently use raw strings for re.compile
Otherwise Python 3.x flake8 complains with:

W605 invalid escape sequence '\s'

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b0078c058a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:32:16 +02:00
Thomas Petazzoni 09ba349f0d utils/{check-package, checkpackagelib}: consistently use raw strings for re.compile
Raw strings need to be used when calling re.compile() otherwise Python
3.x flake8 complains with:

W605 invalid escape sequence '\s'

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Reviewed-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 163f160a8e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:32:07 +02:00
Peter Seiderer fd9a468b4e package/cvs: fix mktime related compile failure
Use ac_cv_func_working_mktime=yes to force the use of a provided
mktime implementation instead of compiling the failing own one.

Fixes:

  http://autobuild.buildroot.net/results/5bcd8f4235002da682cc900f866116d2fe87f1c8

  mktime.c: In function 'ydhms_diff':
  mktime.c:106:52: error: size of array 'a' is negative
   #define verify(name, assertion) struct name { char a[(assertion) ? 1 : -1]; }
                                                      ^
  mktime.c:170:3: note: in expansion of macro 'verify'
     verify (long_int_year_and_yday_are_wide_enough,
     ^~~~~~

with the failure/assert comming from the lines:

  verify (long_int_year_and_yday_are_wide_enough,
          INT_MAX <= LONG_MAX / 2 || TIME_T_MAX <= UINT_MAX);

which fails since the y2038 time_t conversion from 32bit to 64bit
(musl libc).

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ea2f52494c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:31:03 +02:00
Christian Stewart def480591c package/rtl8821au: add patch fixing sprintf error
Fixes compile errors against certain kernels.

Signed-off-by: Christian Stewart <christian@paral.in>
Reviewed-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d83e94ed82)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:29:06 +02:00
Fabrice Fontaine 0567bb15cd package/capnproto: add openssl optional dependency
openssl is an optional dependency that is enabled by default since
version 0.7.0 and
https://github.com/capnproto/capnproto/commit/23db5e3fd91104a0b2881d8f8ab3c10bf9dd8e75

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c20798bca2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:27:34 +02:00
Sergey Matyukevich 0c0356e86c package/wpa_supplicant: disable TEAP for internal TLS implementation
EAP-TEAP support in hostapd/wpa_supplicant fails to build with internal
TLS implementation. This patch disables TEAP support in wpa_supplicant
when internal TLS implementation is selected. Similar fix for hostapd
package has already been merged to Buildroot: see commit 47d14e3b1c
("package/hostapd: disable TEAP for internal TLS implementation").

TEAP is still an experimental feature that is not recommmended for
production use. Currently it should not be used for anything else
than experimentation and interoperability testing. Those who needs
experimenting with TEAP are encouraged to enable openssl in their
buildroot configuration.

Fixes:
http://autobuild.buildroot.net/results/e83613c06041a60f89da787f4ebf876245713cd2/

Signed-off-by: Sergey Matyukevich <geomatsi@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit bb27efbce7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:24:57 +02:00
Fabrice Fontaine 3d5c530da5 package/python-gunicorn: select python-setuptools
Fixes:
 - https://bugs.buildroot.org/show_bug.cgi?id=13111

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f242f9bad9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:23:34 +02:00
Fabrice Fontaine aa9b2b0abe package/ghostscript: fix CVE-2020-15900
A memory corruption issue was found in Artifex Ghostscript 9.50 and
9.52. Use of a non-standard PostScript operator can allow overriding of
file access controls. The 'rsearch' calculation for the 'post' size
resulted in a size that was too large, and could underflow to max
uint32_t. This was fixed in commit
5d499272b95a6b890a1397e11d20937de000d31b.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 13ddfcdce7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:10:40 +02:00
Michael Nosthoff aa1773ea21 package/live555: license is now LGPL-3.0+ and not LGPL-2.1+
The live555 source code includes both a COPYING file (with the GPL-3.0
license text) and a COPYING.LESSER file (with the LGPL-3.0 license
text). However, all source files indicate a LGPL-3.0 license, and none
of them indicate a GPL-3.0 license. In addition,
http://live555.com/liveMedia/faq.html#copyright-and-license says the
source code is under the LGPL.

So, we:

- Bump LGPL License to 3.0+
- Add a comment about the GPL-3.0 license

Fixes:

- https://bugs.busybox.net/show_bug.cgi?id=13156

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 650c5408bd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:08:19 +02:00
Fabrice Fontaine bda27f1b0c package/cpio: fix build with gcc 10
Fixes:
 - http://autobuild.buildroot.org/results/22fefd9774cbd6648d67f29826f47f1978e9c069

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0428b87a6a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 18:01:24 +02:00
Peter Seiderer a4de835979 package/rtl8188eu: bump version to 0924dc8f
- fixes compile against linux-5.4.x

Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 854b98408c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:59:47 +02:00
Fabrice Fontaine e0707286e6 package/iputils: drop wrong linux-headers dependency
Commit 9ffcd9279e wrongly added a
linux-headers dependency when switching to meson.

Remove it as headers are always provided by the toolchain.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Acked-by: Petr Vorel <petr.vorel@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d1d89d37c0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:57:56 +02:00
Fabrice Fontaine 0c871aaa38 package/gdk-pixbuf: security bump to version 2.36.12
- Fix CVE-2017-6312: Integer overflow in io-ico.c in gdk-pixbuf allows
  context-dependent attackers to cause a denial of service (segmentation
  fault and application crash) via a crafted image entry offset in an
  ICO file, which triggers an out-of-bounds read, related to compiler
  optimizations.
- Fix CVE-2017-6313: Integer underflow in the load_resources function in
  io-icns.c in gdk-pixbuf allows context-dependent attackers to cause a
  denial of service (out-of-bounds read and program crash) via a crafted
  image entry size in an ICO file.
- Fix CVE-2017-6314: The make_available_at_least function in io-tiff.c
  in gdk-pixbuf allows context-dependent attackers to cause a denial of
  service (infinite loop) via a large TIFF file.

Also update indentation in hash file (two spaces)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d455914332)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:56:55 +02:00
Thomas Petazzoni 777d730a00 DEVELOPERS: add Gwenhael Goavec-Merou for librtlsdr
Even though librtlsdr was initially introduced by Jason Pruitt in
2014, and Jason is still listed in the DEVELOPERS file for this
package, in recent times it's mainly Gwenhael who has been taking of
this package. Let's reflect that in the DEVELOPERS file so that
Gwenhael gets notified when there are librtlsdr issues.

Cc: Jason Pruitt <jrspruitt@gmail.com>
Cc: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 72df067afe)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:55:32 +02:00
Bernd Kuhls 10ba4cf76d package/x11r7/xserver_xorg-server: add security fix for CVE-2020-14347
Release notes:
https://lists.x.org/archives/xorg-announce/2020-July/003051.html

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[Thomas: add IGNORE_CVES entry.]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8a46f3237a)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:54:27 +02:00
Thomas Petazzoni be53bbbdd0 support/scripts/pkg-stats: show progress of upstream URL and latest version
This commit slightly improves the output of pkg-stats by showing the
progress of the upstream URL checks and latest version retrieval, on a
package basis:

Checking URL status
[0001/0062] curlpp
[0002/0062] cmocka
[0003/0062] snappy
[0004/0062] nload
[...]
[0060/0062] librtas
[0061/0062] libsilk
[0062/0062] jhead
Getting latest versions ...
[0001/0064] libglob
[0002/0064] perl-http-daemon
[0003/0064] shadowsocks-libev
[...]
[0061/0064] lua-flu
[0062/0064] python-aiohttp-security
[0063/0064] ljlinenoise
[0064/0064] matchbox-lib

Note that the above sample was run on 64 packages. Only 62 packages
appear for the URL status check, because packages that do not have any
URL in their Config.in file, or don't have any Config.in file at all,
are not checked and therefore not accounted.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5fea2e3997)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:48:32 +02:00
Thomas Petazzoni bc51041e6b support/scripts/pkg-stats: use aiohttp for upstream URL checking
This commit reworks the code that checks if the upstream URL of each
package (specified by its Config.in file) using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5c3221ac20)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:48:25 +02:00
Thomas Petazzoni 8e0b8bcbd3 support/scripts/pkg-stats: use aiohttp for latest version retrieval
This commit reworks the code that retrieves the latest upstream
version of each package from release-monitoring.org using the aiohttp
module. This makes the implementation much more elegant, and avoids
the problematic multiprocessing Pool which is causing issues in some
situations.

Since we're now using some async functionality, the script is Python
3.x only, so the shebang is changed to make this clear.

Suggested-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 68093f4778)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:48:13 +02:00
Thomas Petazzoni 7cc13f49af support/scripts/pkg-stats: fix flake8 warning
This fixes the following flake8 warning:

support/scripts/pkg-stats:1005:9: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 204d03ae43)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:46:17 +02:00
Gregory CLEMENT 44f78b11de support/script/pkg-stats: handle exception when version comparison fails
With python 3, when a package has a version number x-y-z instead of
x.y.z, then the version returned by LooseVersion can't be compared
which raises a TypeError exception:

Traceback (most recent call last):
  File "./support/scripts/pkg-stats", line 1062, in <module>
    __main__()
  File "./support/scripts/pkg-stats", line 1051, in __main__
    check_package_cves(args.nvd_path, {p.name: p for p in packages})
  File "./support/scripts/pkg-stats", line 613, in check_package_cves
    if pkg_name in packages and cve.affects(packages[pkg_name]):
  File "./support/scripts/pkg-stats", line 386, in affects
    return pkg_version <= cve_affected_version
  File "/usr/lib64/python3.8/distutils/version.py", line 58, in __le__
    c = self._cmp(other)
  File "/usr/lib64/python3.8/distutils/version.py", line 337, in _cmp
    if self.version < other.version:
TypeError: '<' not supported between instances of 'str' and 'int'

This patch handles this exception by adding a new return value when
the comparison can't be done. The code is adjusted to take of this
change. For now, a return value of CVE_UNKNOWN is handled the same way
as a CVE_DOESNT_AFFECT return value, but this can be improved later
on.

Signed-off-by: Gregory CLEMENT <gregory.clement@bootlin.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7d2779ecbb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:46:10 +02:00
Heiko Thiery 94725bb729 support/scripts/pkg-stats: add tilde '~' expansion for pathes
When the 'nvd-path', 'json' and 'html' are used like this:

  --html ~/foo

then the tilde expansion is properly done by the shell. However, when
they are used like this:

  --html=~/foo

The shell doesn't do the tilde expansion, and pkg-stats doesn't do
it. This commit modifies pkg-stats to ensure that tilde expansion is
done when parsing the 'nvd-path', 'json' and 'html' arguments.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
[Thomas: improve commit log]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f41056ec4b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:45:21 +02:00
Thomas Petazzoni 6a8e31a27a support/scripts/pkg-stats: fix flake8 E722 warning
flake8 complains with:

  support/scripts/pkg-stats:339:13: E722 do not use bare 'except'

Due to the construct:

  try:
     something
  except:
     print("some message")
     raise

Which is in fact OK because the exception is re-raised. This issue is
discussed at https://github.com/PyCQA/pycodestyle/issues/703, and the
general agreement is that these "bare except" are OK, and should be
ignored from flake8 using a noqa statement.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 3b5bc480a5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:45:16 +02:00
Thomas Petazzoni 48d9765054 support/scripts/pkg-stats: fix flake8 E501 warning
Fixes:

support/scripts/pkg-stats:281:133: E501 line too long (139 > 132 characters)

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f7f33771b3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:45:12 +02:00
Thomas Petazzoni 903b4fa920 support/scripts/pkg-stats: fix flake8 E117 warning
Fixes:

  support/scripts/pkg-stats:146:17: E117 over-indented

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 198d76efb3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:45:07 +02:00
Thomas Petazzoni 9f21e32341 support/scripts/pkg-stats: fix flake8 E302 warning
Fixes:

  support/scripts/pkg-stats:57:1: E302 expected 2 blank lines, found 1

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e03bdef0ec)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:45:03 +02:00
Thomas Petazzoni 0ab030f188 support/scripts/pkg-stats: fix flake8 E402 warning
flake8 complains with:

pkg-stats:38:1: E402 module level import not at top of file

This is due to sys.path.append() being before the import from
getdeveloperlib, but we really need this sys.path.append() to be
before, so let's ignore this flake8 warning.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 769f98c18c)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:44:57 +02:00
Heiko Thiery 7c87a94ef8 support/scripts/pkg-stats: add list of status checks to the json output
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 759521dae6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:42:26 +02:00
Heiko Thiery ef3585d6b8 support/scripts/pkg-stats: set status to 'na' for virtual packages
If there is no infra set or infra is virtual the status is set to 'na'.

This is done for the follwing checks:
 - license
 - license-files
 - hash
 - hash-license
 - patches
 - version

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit fb879c1954)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:42:14 +02:00
Heiko Thiery 75d97f2a8f support/scripts/pkg-stats: add defconfig support
Scan configs directory and create Defconfig objects.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 8d77ecbad0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:42:09 +02:00
Heiko Thiery 3c98107873 support/scripts/pkg-stats: store pkg dir path
This value can be used for later processing.

In the buildroot-stats application this is used to create links pointing
to the git repo of buildroot.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit d31fadfbf5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:42:04 +02:00
Heiko Thiery 3a8dd28bc5 support/scripts/pkg-stats: add package count to stats
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 0e267518cb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:59 +02:00
Heiko Thiery af549ab68f support/scripts/pkg-stats: add package status
Unify the status check information. The status is stored in a tuple. The
first entry is the status that can be 'ok', 'warning' or 'error'. The
second entry is a verbose message.

The following checks are performed:
- url: status of the URL check
- license: status of the license presence check
- license-files: status of the license file check
- hash: status of the hash file presence check
- patches: status of the patches count check
- pkg-check: status of the check-package script result
- developers: status if a package has developers in the DEVELOPERS file
- version: status of the version check

With that status information the following variables are replaced:
has_license, has_license_files, has_hash, url_status

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit f422fa991f)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:55 +02:00
Heiko Thiery 8ca8c1572c support/scripts/pkg-stats: store licences of package
Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5b7278e5f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:51 +02:00
Heiko Thiery 743b013a56 support/scripts/pkg-stats: set developers info
Use the function 'parse_developers' function from getdeveloperlib that
collect the information about the developers and the files they
maintain. Then set the maintainer(s) to each package.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c1fc827934)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:46 +02:00
Heiko Thiery 7f72379943 support/scripts/pkg-stats: store patch files for the package
Remove the patch_count attribute and use a class property instead.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b1916b0a8d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:42 +02:00
Heiko Thiery 922cd9e7f7 support/scripts/pkg-stats: store latest version in a dict
This patch changes the type of the latest_version variable to a dict.
This is for better readability/usability of the data. With this the json
output is more descriptive in later processing of the json output.

Signed-off-by: Heiko Thiery <heiko.thiery@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c46e707182)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:41:35 +02:00
Bernd Kuhls bd77d9131e package/php: bump version to 7.4.9
Changelog of this bugfix release:
https://www.php.net/ChangeLog-7.php#7.4.9

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 46ed4ac847)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:10:50 +02:00
Norbert Lange be642d909d package/f2fs-tools: fsck should use correct returncodes
fsck.f2fs does not implement the returncodes from the fsck interface.
This is particularly bad if systemd is used with a root f2fs partition,
as it will interpret the rc as order to reboot.

for thread & pending upstream fix see:
https://sourceforge.net/p/linux-f2fs/mailman/message/37079401/

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 5d8811eb87)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:06:19 +02:00
Bernd Kuhls 7e7f34281b package/apache: security bump version to 2.4.46
Changelog: http://archive.apache.org/dist/httpd/CHANGES_2.4.46

Release notes: https://downloads.apache.org/httpd/Announcement2.4.html

Fixes CVE-2020-9490, CVE-2020-11984 & CVE-2020-11993:
https://httpd.apache.org/security/vulnerabilities_24.html

Added sha512 hash provided by upstream.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
[yann.morin.1998@free.fr:
  - don't add md5 and sha1 hashes
  - single comment above hashes
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 7667418d97)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 17:03:52 +02:00
Michael Nosthoff 9c0aa8de35 package/boost: fixup Optimization flag in boost build
When building with Boost Build the CXXFLAGS are extended depending
on the optimization level set. When not defined explicitly the
optimization level depends on the <variant>. For release it's 'speed'
and for debug it's set to 'off'

These flags overwrite the -O flag passed in with TARGET_CXXFLAGS as
it is appended when calling g++.

This commit sets the Optimization flags generated by Boost Build
to the value of TARGET_OPTIMIZATION no matter what level is used.

As Boost Build offers no nice way to alter those values the gcc
toolchain file is altered directly.

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit af148ef4f0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 16:56:28 +02:00
Brandon Maier ff849fed45 boot/uboot: Fix kconfig to use $(BR2_MAKE)
U-Boot must use $(BR2_MAKE) as it uses a Make feature from v4.0. We
already use $(BR2_MAKE) in the BUILD_CMDS, but the kconfig commands
still uses $(MAKE). Without this fix, building U-Boot with kconfig will
fail with the following cryptic error.

> Makefile:37: *** missing separator.  Stop.

Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 43dc2007a9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 16:54:12 +02:00
Brandon Maier f0f7595cea package/pkg-kconfig: Support custom $(MAKE)
The U-Boot package requires GNU Make v4.0 or later, and so all U-Boot
"make" commands must use "$(BR2_MAKE)" so they use the host-make
package. Currently pkg-kconfig is hardcoded to uses $(MAKE), so add a
way to support $(BR2_MAKE). The package infra for pkg-automake and
pkg-cmake have a similar problem, and they solved it by defining a
$(PKG)_MAKE variable, and allowing each package to override it.

Signed-off-by: Brandon Maier <brandon.maier@rockwellcollins.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit e729d0d4b6)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 16:54:04 +02:00
Norbert Lange 9faba29108 package/busybox: enable flags for use as systemd pager
If the less package is not enable and systemd is enabled,
then configure the less applet to fully work with systemd.

systemd sets the flags for less in an environment variable
and requires a few options for correct display.

Signed-off-by: Norbert Lange <nolange79@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c2caf816e9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 16:47:26 +02:00
Peter Korsgaard 329ff9e9b8 package/ffmpeg: bump version to 4.2.4
Bugfix release, fixing a number of issues since 4.2.3.  For details, see the
changelog:

https://git.ffmpeg.org/gitweb/ffmpeg.git/blob/n4.2.4:/Changelog

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-28 16:37:04 +02:00
Eugen Hristev c0cef3d444 boot/at91bootstrap3: enable for cortexa7
Enable this bootloader for cortex a7 based SoCs: support for the
sama7g5 SoC is now in upstream at91bootstrap3, and it is a Cortex-A7
based SoC.

Signed-off-by: Eugen Hristev <eugen.hristev@microchip.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 33003a47c5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:39:41 +02:00
Peter Korsgaard 9cc3e64390 package/ruby: security bump to version 2.4.10
Fixes the following security issues:

- CVE-2020-10663: Unsafe Object Creation Vulnerability in JSON (Additional
  fix)
  https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 79c9a82a10)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:36:31 +02:00
Angelo Compagnucci 408392d26f package/cups: add proper init script
Cups service for systemv was erroneously installed in /etc/rcX.d and
therefore not working. Also, its init script installed in /etc/init.d
was definitely not a Buildroot-style init script.

This patch adds a Buildroot style init script instead of using the
example provided by the package.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 04226ac6b7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:36:09 +02:00
Fabrice Fontaine b70686422d package/gd: fix CVE-2018-14553 and CVE-2019-6977
- Fix CVE-2018-14553 : gdImageClone in gd.c in libgd 2.1.0-rc2 through
  2.2.5 has a NULL pointer dereference allowing attackers to crash an
  application via a specific function call sequence.

- Fix CVE-2019-6977: gdImageColorMatch in gd_color_match.c in the GD
  Graphics Library (aka LibGD) 2.2.5, as used in the imagecolormatch
  function in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14,
  and 7.3.x before 7.3.1, has a heap-based buffer overflow. This can be
  exploited by an attacker who is able to trigger imagecolormatch calls
  with crafted image data.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 6fa1a32dac)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:34:59 +02:00
Michael Vetter 5a9d4094b7 package/jasper: security bump to version 2.0.19
Fixes the following security issues:
* Fix CVE-2018-9154
  https://github.com/jasper-software/jasper/issues/215
  https://github.com/jasper-software/jasper/issues/166
  https://github.com/jasper-software/jasper/issues/175
  https://github.com/jasper-maint/jasper/issues/8

* Fix CVE-2018-19541
  https://github.com/jasper-software/jasper/pull/199
  https://github.com/jasper-maint/jasper/issues/6

* Fix CVE-2016-9399, CVE-2017-13751
  https://github.com/jasper-maint/jasper/issues/1

* Fix CVE-2018-19540
  https://github.com/jasper-software/jasper/issues/182
  https://github.com/jasper-maint/jasper/issues/22

* Fix CVE-2018-9055
  https://github.com/jasper-maint/jasper/issues/9

* Fix CVE-2017-13748
  https://github.com/jasper-software/jasper/issues/168

* Fix CVE-2017-5503, CVE-2017-5504, CVE-2017-5505
  https://github.com/jasper-maint/jasper/issues/3
  https://github.com/jasper-maint/jasper/issues/4
  https://github.com/jasper-maint/jasper/issues/5
  https://github.com/jasper-software/jasper/issues/88
  https://github.com/jasper-software/jasper/issues/89
  https://github.com/jasper-software/jasper/issues/90

* Fix CVE-2018-9252
  https://github.com/jasper-maint/jasper/issues/16

* Fix CVE-2018-19139
  https://github.com/jasper-maint/jasper/issues/14

* Fix CVE-2018-19543, CVE-2017-9782
  https://github.com/jasper-maint/jasper/issues/13
  https://github.com/jasper-maint/jasper/issues/18
  https://github.com/jasper-software/jasper/issues/140
  https://github.com/jasper-software/jasper/issues/182

* Fix CVE-2018-20570
  https://github.com/jasper-maint/jasper/issues/11
  https://github.com/jasper-software/jasper/issues/191

* Fix CVE-2018-20622
  https://github.com/jasper-maint/jasper/issues/12
  https://github.com/jasper-software/jasper/issues/193

* Fix CVE-2016-9398
  https://github.com/jasper-maint/jasper/issues/10

* Fix CVE-2017-14132
  https://github.com/jasper-maint/jasper/issues/17

* Fix CVE-2017-5499
  https://github.com/jasper-maint/jasper/issues/2
  https://github.com/jasper-software/jasper/issues/63

* Fix CVE-2018-18873
  https://github.com/jasper-maint/jasper/issues/15
  https://github.com/jasper-software/jasper/issues/184

* Fix CVE-2017-13750
  https://github.com/jasper-software/jasper/issues/165
  https://github.com/jasper-software/jasper/issues/174

Furthermore, drop now upstreamed patches and change to the new
jasper-software upstream location.

Signed-off-by: Michael Vetter <jubalh@iodoru.org>
[Peter: reword for security bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d0f7b241d4)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:33:06 +02:00
Stefan Sørensen 7958c928fb boot/grub2: Backport Boothole securify fixes
Details: https://lists.gnu.org/archive/html/grub-devel/2020-07/msg00034.html

Fixes the following security issues:

 * CVE-2020-10713
   A flaw was found in grub2, prior to version 2.06. An attacker may
   use the GRUB 2 flaw to hijack and tamper the GRUB verification
   process. This flaw also allows the bypass of Secure Boot
   protections. In order to load an untrusted or modified kernel, an
   attacker would first need to establish access to the system such as
   gaining physical access, obtain the ability to alter a pxe-boot
   network, or have remote access to a networked system with root
   access. With this access, an attacker could then craft a string to
   cause a buffer overflow by injecting a malicious payload that leads
   to arbitrary code execution within GRUB. The highest threat from
   this vulnerability is to data confidentiality and integrity as well
   as system availability.

 * CVE-2020-14308
   In grub2 versions before 2.06 the grub memory allocator doesn't
   check for possible arithmetic overflows on the requested allocation
   size. This leads the function to return invalid memory allocations
   which can be further used to cause possible integrity,
   confidentiality and availability impacts during the boot process.

 * CVE-2020-14309
   There's an issue with grub2 in all versions before 2.06 when
   handling squashfs filesystems containing a symbolic link with name
   length of UINT32 bytes in size. The name size leads to an
   arithmetic overflow leading to a zero-size allocation further
   causing a heap-based buffer overflow with attacker controlled data.

 * CVE-2020-14310
   An integer overflow in read_section_from_string may lead to a heap
   based buffer overflow.

 * CVE-2020-14311
   An integer overflow in grub_ext2_read_link may lead to a heap-based
   buffer overflow.

 * CVE-2020-15706
   GRUB2 contains a race condition in grub_script_function_create()
   leading to a use-after-free vulnerability which can be triggered by
   redefining a function whilst the same function is already
   executing, leading to arbitrary code execution and secure boot
   restriction bypass

 * CVE-2020-15707
   Integer overflows were discovered in the functions grub_cmd_initrd
   and grub_initrd_init in the efilinux component of GRUB2, as shipped
   in Debian, Red Hat, and Ubuntu (the functionality is not included
   in GRUB2 upstream), leading to a heap-based buffer overflow. These
   could be triggered by an extremely large number of arguments to the
   initrd command on 32-bit architectures, or a crafted filesystem
   with very large files on any architecture. An attacker could use
   this to execute arbitrary code and bypass UEFI Secure Boot
   restrictions. This issue affects GRUB2 version 2.04 and prior
   versions.

Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2f7a8021b5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:29:24 +02:00
Bernd Kuhls 91ad3f6e85 package/x11r7/xlib_libX11: bump version to 1.6.11
Reformatted license hash.

Quoting release notes:
https://lists.x.org/archives/xorg-announce/2020-August/003053.html
"This release fixes a regression introduced by the security patches in
 1.6.10.
 See https://gitlab.freedesktop.org/xorg/lib/libx11/-/issues/116 for
 details."

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit de47f7b494)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:28:14 +02:00
Bernd Kuhls c35e7bc7ed package/x11r7/xlib_libX11: security bump version to 1.6.10
Fixes CVE-2020-14344:
https://lists.x.org/archives/xorg-announce/2020-July/003050.html

Removed md5 & sha1 hashes, upstream does not provide them anymore.

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 2f81258db1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:28:11 +02:00
Bernd Kuhls 1dc191efe6 package/mesa3d: xvmc needs x11
This is a follow-up patch to

https://git.buildroot.net/buildroot/commit/package/mesa3d?id=e79ee3b0f91aa3eb1b20d86701a195e3bd9a26d3

to make sure that MESA3D_PLATFORMS contains x11 needed by xvmc:
https://cgit.freedesktop.org/mesa/mesa/tree/meson.build?h=20.1#n510

Fixes
http://autobuild.buildroot.net/results/dae/dae41e30d2ac69b768ec0a5b795a2e559c35bcd3/

Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit c35fe399cd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:24:21 +02:00
Peter Korsgaard 3957a66827 support/testing: drop explicit CGROUPFS_MOUNT from docker test
Since commit 4f8229653 (package/docker-engine: needs more runtime
dependencies), docker-engine now automatically pulls in cgroupfs-mount, so
drop the explicit handling of it in TestDockerCompose.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4726cf9517)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-18 17:23:27 +02:00
Adrian Perez de Castro 44f88e3084 package/webkitgtk: security bump to version 2.28.4
This is a minor release which provides fixes for CVE-2020-9862,
CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, and
CVE-2020-9925.

Full release notes can be found at:

  https://webkitgtk.org/2020/07/28/webkitgtk2.28.4-released.html

A detailed security advisory can be found at:

  https://webkitgtk.org/security/WSA-2020-0007.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 0b4d5678f1)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 21:14:13 +02:00
Adrian Perez de Castro 1b420fc037 package/wpewebkit: security bump to version 2.28.4
This is a minor release which provides fixes for CVE-2020-9862,
CVE-2020-9893, CVE-2020-9894, CVE-2020-9895, CVE-2020-9915, and
CVE-2020-9925.

Full release notes can be found at:

  https://wpewebkit.org/release/wpewebkit-2.28.4.html

A detailed security advisory can be found at:

  https://wpewebkit.org/security/WSA-2020-0007.html

Signed-off-by: Adrian Perez de Castro <aperez@igalia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4416e0e7ba)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 21:14:06 +02:00
John Keeping 3bd799aa49 package/dbus: disable systemd for host build
This fixes an issue if host-dbus happens to be rebuilt after systemd, in
which case it autodetects systemd support but then ignored the prefix
when installing unit files.  That means that is tries to write to the
host system's /usr/lib/ which fails.

There is no reason to build and install systemd support in the host
build, so disable it explicitly.

Signed-off-by: John Keeping <john@metanate.com>
Tested-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 1bfdb3d08d)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 21:12:23 +02:00
Peter Korsgaard 5247a63723 {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 7}.x series
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 38f4587997)
[Peter: drop 5.7.x bump]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 21:11:39 +02:00
Baruch Siach 2ea0d106c9 package/libcurl: fix build against gnutls with proxy disabled
Add upstream patch (#4) fixing build with gnutls when
BR2_PACKAGE_LIBCURL_PROXY_SUPPORT is disabled.

Patch #4 depends on #3 to apply so add this one as well.

Fixes:
http://autobuild.buildroot.net/results/31d7204869ff71319ea055688c919a646bfb200b/
http://autobuild.buildroot.net/results/f8d2fb919475cdff4a36ad93071048ee09193b98/
http://autobuild.buildroot.net/results/2f07a0ac1240a6040a3509d2ebf06906a31fd172/

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 30a73893f5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 20:42:11 +02:00
James Hilliard 785925c0eb package/efl: depend on LuaJIT
Luajit is a provider for luainterpreter. We can't select providers of
virtual packages; we can only depend on them.

Note also that it is not very clear whether the host and target variants
of EFL need to be built with the same lua interpreter. Today, this is
guaranteed as we inly use luajit in both cases. But there were issues
with lua 5.1 in the past, so stick to only using luajit.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - depend on luajit, not "any" luainterpreter
  - which keeps the host and target variants built with the same
    interpreter
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit f3134e7159)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 20:36:31 +02:00
Thomas Petazzoni 9e4ffdc8cf Makefile: properly account for custom tags in BR2_VERSION_FULL
BR2_VERSION_FULL is currently defined as follows:

  BR2_VERSION_FULL := $(BR2_VERSION)$(shell $(TOPDIR)/support/scripts/setlocalversion)

This BR2_VERSION_FULL value then gets used as the "VERSION" variable
in the /etc/os-release file.

The logic of "setlocalversion" is that if it is exactly on a tag, it
returns nothing.

If it is on a tag + a number of commits, then it returns only
-XYZ-gABC where XYZ is the number of commits since the last tag, and
ABC the git commit hash (these are extracted from git describe).

This output then gets concatenated to BR2_VERSION which gives
something like 2020.05 or 2020.05-00123-g5bc6a.

The issue is that when you're on a tag specific to your project, which
is not a Buildroot YYYY.MM tag, then the output of setlocalversion is
empty, and all you get as VERSION in os-release is $(BR2_VERSION)
which is not really nice. Worse, if you have another non-official
Buildroot tag between the last official Buildroot tag/version and
where you are, you will get $(BR2_VERSION)-XYZ-gABC, but XYZ will not
correspond to the number of commits since BR2_VERSION, but since the
last tag that "git describe" as found, which is clearly incorrect.

Here is an example: you're on master, "make print-version" (which
displays BR2_VERSION_FULL) will show:

$ make print-version
2020.08-git-00758-gc351877a6e

So far so good. Now, you create a tag say 5 commits "before" master,
and show BR2_VERSION_FULL again:

$ git tag -a -m "dummy tag" dummy-tag HEAD~5
$ make print-version
2020.08-git-00005-gc351877a6e

This makes you believe you are 5 commits above 2020.08, which is
absolutely wrong.

So this commit simplifies the logic of setlocalversion to simply
return what "git describe" provides, and not prepend $(BR2_VERSION) in
the main Makefile. Since official Buildroot tags match official
Buildroot version names, you get the same output when you're on an
official Buildroot tag, or some commits above a Buildroot tag. An in
other cases, you get a sensible output. The logic is also adjusted for
the Mercurial case.

In the above situation, with this commit applied, we get:

$ make print-version
dummy-tag-6-g6258cdddeb

(6 commits instead of 5 as we have this very commit applied, but at
least it's 6 commits on top of the dummy-tag)

Finally, if you're not using a version control system, setlocalversion
was already returning nothing, so in this case, the Makefile simply
sets BR2_VERSION_FULL to BR2_VERSION to preserve this behavior.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 98c99556e3)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 20:06:23 +02:00
James Hilliard b620a7962b package/nodejs: use system-icu for host-nodejs
The nodejs configure.py file orders zlib headers before the bundled ICU
headers. The zlib headers happen to be located in the system include
directory, next to some system ICU headers (not bundled). If these are
built before nodejs is, nodejs will get confused and try to use the
system ICU headers instead of the bundled ones.

Fix this by always using host-icu.

Set CXXFLAGS to -DU_DISABLE_RENAMING=1 when building with
system-icu since host-icu is built with --disable-renaming.

Fixes:
 - http://autobuild.buildroot.net/results/1ef947553ec762dba6a6202b1cfc84ceed75dbb2/

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr:
  - keep alphabetical order in _DEPENDENCIES
  - don't introduce HOST_NODEJS_CONF_OPTS
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 319f7b0dab)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 18:43:45 +02:00
Francois Perrad 3cb9d2ecab package/docker-engine: needs more runtime dependencies
fix error:
	failed to start daemon: Devices cgroup isn't mounted

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 4f82296536)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 18:42:11 +02:00
Peter Korsgaard 5be79ef42d package/tpm2-tools: bump version to 4.1.2
Bugfix release with a single fix:

- Fix missing handle maps for ESY3 handle breaks. See #1994

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9652e2cbe5)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 12:01:21 +02:00
Peter Korsgaard 9e427ca5a9 package/tpm2-abrmd: bump version to 2.3.2
Fixes various initialization / systemd issues. From the changelog:

- Provide meaningful exit codes on initialization failures.
- Prevent systemd from starting the daemon before udev changes ownership of
  the TPM device node.
- Prevent systemd from starting the daemon if there is no TPM device node.
- Prevent systemd from restarting the daemon if it fails.
- Add SELinux policy to allow daemon to resolve names.
- Add SELinux policy boolean (disabled by default) to allow daemon to
  connect to all unreserved ports.

Also adjust .hash file white space to match new agreements.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 56ff08cea0)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 12:00:53 +02:00
Romain Naour 6cbf1b57b0 gitlab-ci: convert only/except to rules
only/except keywords will be deprecated by upcoming gitlab release,
upstream recommend to use rules keyword instead [1][2][3][4][5].

This patch convert .gitlab-ci.yml to use rules, no functional
changes intended.

After this patch, we should still have the following behaviour
while pushing commit, tag, branches:

     - to trigger only the check-* jobs:
       $ git push gitlab HEAD:<name>

     - to trigger all defconfigs and all check-* jobs:
       $ git push gitlab HEAD:<name>-defconfigs

     - to trigger all runtime tests and all check-* jobs:
       $ git push gitlab HEAD:<name>-runtime-tests

     - to trigger one defconfig job:
       $ git push gitlab HEAD:<name>-<defconfig name>

     - to trigger one runtime job:
       $ git push gitlab HEAD:<name>-<test case name>

[1] https://gitlab.com/gitlab-org/gitlab/-/commit/7eaaa597e24bf24743bdd8f8d1d51ade83b3f6de
[2] https://about.gitlab.com/releases/2020/06/22/gitlab-13-1-released/#templates-to-simplify-initial-rules-keyword-configuration
[3] https://about.gitlab.com/releases/2020/05/22/gitlab-13-0-released/#auto-devops-and-secure-configuration-templates-are-changing-to-%60rules%60-instead-of-%60only/except%60
[4] https://gitlab.com/gitlab-org/gitlab/issues/27449
[5] https://gitlab.com/groups/gitlab-org/-/epics/2783
[6] https://buildroot.org/downloads/manual/manual.html#_using_the_run_tests_framework

Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Ricardo Martincoski <ricardo.martincoski@gmail.com>
Cc: Arnout Vandecappelle <arnout@mind.be>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 35de2fdcf7)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 11:43:09 +02:00
Adam Duskett 0433910910 package/libwebsockets: remove dependency on mmu
Six years ago, commit b6b5bb518d added the MMU
dependency for the libwebsockets package. However, according to the git
history of the CMakeLists.txt file, libwebsockets has supported the vfork
function for at least the last five years.

After testing with the qemu_arm_versatile_nommu_defconfig and the
br-arm-cortex-m4-full.config file, no errors occurred when building
libwebsockets without MMU support.

Remove the dependency; it is no longer necessary. Update the reverse
dependencies as needed.

Signed-off-by: Adam Duskett <Aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit ad953b0149)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 11:39:09 +02:00
Angelo Compagnucci 883e514f5b DEVELOPERS: add Angelo Compagnucci to several packages
This patch adds some packages I contributed to my entry.

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit db49315a61)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 11:33:20 +02:00
Angelo Compagnucci b442ccb43e linux: bump CIP RT kernel to version 4.19.132-cip30-rt12
This patch bumps Linux CIP RT to version 4.19.132-cip30-rt12

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit c009545716)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 11:29:43 +02:00
Angelo Compagnucci 17041efcf9 linux: bump CIP kernel to version 4.19.132-cip30
This patch bumps Linux CIP to version 4.19.132-cip30

Signed-off-by: Angelo Compagnucci <angelo@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 50d243cda9)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-13 11:27:11 +02:00
Thomas De Schampheleire 7e90b0171f package/dropbear: backport security fix for CVE-2018-20685
The update to 2020.79 contains several other changes that may not be
appropriate for the LTS branch, hence just backport the single fix.

Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-08-05 22:18:29 +02:00
Nicola Di Lieto 37b5713442 package/uacme: don't allow ualpn with mbedTLS
ualpn requires mbedTLS to be configured and built with
MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION
which is not the default and can be a security risk.

Therefore make BR2_PACKAGE_UACME_UALPN depend on
BR2_PACKAGE_OPENSSL || BR2_PACKAGE_GNUTLS.

Fixes http://autobuild.buildroot.net/results/d241121f8155bad9b6b25c16234576abb7fc940b

See also

https://github.com/ndilieto/uacme/issues/23
https://github.com/ARMmbed/mbedtls/issues/3241
https://github.com/ARMmbed/mbedtls/pull/3243
http://lists.busybox.net/pipermail/buildroot/2020-April/281059.html
http://lists.busybox.net/pipermail/buildroot/2020-April/281108.html

Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 96c3b52132)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-27 22:06:31 +02:00
Nicola Di Lieto 26c7864b4e package/uacme: bump version to 1.2.4
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
[yann.morin.1998@free.fr: two spaces in hash file]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 812cc01f69)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-27 22:06:19 +02:00
Nicola Di Lieto cf92dbcf81 package/uacme: bump version to 1.2.3
This version fixes https://github.com/ndilieto/uacme/issues/22

Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 5946c1fe99)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-27 22:05:48 +02:00
Nicola Di Lieto 1e88b79a75 package/uacme: bump version to 1.2.2
This version includes a new binary named "ualpn", a proxying
ACMEv2 tls-alpn-01 responder.

Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 6fb42fd549)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-27 22:05:20 +02:00
Nicola Di Lieto df83838d94 package/uacme: bump version to 1.0.22
Signed-off-by: Nicola Di Lieto <nicola.dilieto@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 066d552499)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-27 22:01:10 +02:00
Titouan Christophe 2c9acdc898 package/mosquitto: bump to v1.6.10
This release fix some bugs in the broker and client libraries,
as well as building with below C99 suport.

Read the whole announcement on:
https://mosquitto.org/blog/2020/05/version-1-6-8-released/

Signed-off-by: Titouan Christophe <titouan.christophe@railnova.eu>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 466bce9c9b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-26 17:11:21 +02:00
Peter Korsgaard 77fa6bd5b2 package/python-django: security bump to version 3.0.7
Fixes the following security issues:

- CVE-2020-13254: Potential data leakage via malformed memcached keys

  In cases where a memcached backend does not perform key validation,
  passing malformed cache keys could result in a key collision, and
  potential data leakage.  In order to avoid this vulnerability, key
  validation is added to the memcached cache backends.

- CVE-2020-13596: Possible XSS via admin ForeignKeyRawIdWidget

  Query parameters for the admin ForeignKeyRawIdWidget were not properly URL
  encoded, posing an XSS attack vector.  ForeignKeyRawIdWidget now ensures
  query parameters are correctly URL encoded.

For details, see the announcement:
https://docs.djangoproject.com/en/dev/releases/3.0.7/

Additionally, 3.0.5..3.0.7 contains a number of non-security related
bugfixes.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 36d78abceb)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-26 17:09:04 +02:00
Francois Perrad 3a2bef1f4f package/perl: security bump to version 5.30.3
Fixes the following security issues:

[CVE-2020-10543] Buffer overflow caused by a crafted regular
                 expression

[CVE-2020-10878] Integer overflow via malformed bytecode produced by a
                 crafted regular expression

[CVE-2020-12723] Buffer overflow caused by a crafted regular
                 expression

Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 13ceb980a2)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-26 17:06:26 +02:00
Francois Perrad 8dbb329307 package/perl: bump perl-cross to version 1.3.3
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 94f40137bd)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-26 17:06:18 +02:00
176 changed files with 8129 additions and 862 deletions
+23 -15
View File
@@ -7,9 +7,10 @@
image: buildroot/base:20191027.2027
.check_base:
except:
- /^.*-.*_defconfig$/
- /^.*-tests\..*$/
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/ || $CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
when: never
- when: always
check-DEVELOPERS:
extends: .check_base
@@ -69,17 +70,21 @@ check-package:
extends: .defconfig_base
# Running the defconfigs for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-defconfigs$/
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-defconfigs$/'
before_script:
- DEFCONFIG_NAME=${CI_JOB_NAME}
one-defconfig:
extends: .defconfig_base
only:
- /^.*-.*_defconfig$/
rules:
# For the branch or tag name named *-*_defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/'
before_script:
- DEFCONFIG_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
@@ -103,17 +108,20 @@ one-defconfig:
extends: .runtime_test_base
# Running the runtime tests for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-runtime-tests$/
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-runtime-tests, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-runtime-tests$/'
before_script:
- TEST_CASE_NAME=${CI_JOB_NAME}
one-runtime_test:
extends: .runtime_test_base
only:
- /^.*-tests\..*$/
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
before_script:
- TEST_CASE_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
aarch64_efi_defconfig: { extends: .defconfig }
+23 -15
View File
@@ -7,9 +7,10 @@
image: buildroot/base:20191027.2027
.check_base:
except:
- /^.*-.*_defconfig$/
- /^.*-tests\..*$/
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/ || $CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
when: never
- when: always
check-DEVELOPERS:
extends: .check_base
@@ -69,17 +70,21 @@ check-package:
extends: .defconfig_base
# Running the defconfigs for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-defconfigs$/
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-defconfigs$/'
before_script:
- DEFCONFIG_NAME=${CI_JOB_NAME}
one-defconfig:
extends: .defconfig_base
only:
- /^.*-.*_defconfig$/
rules:
# For the branch or tag name named *-*_defconfigs, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-.*_defconfig$/'
before_script:
- DEFCONFIG_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
@@ -103,16 +108,19 @@ one-defconfig:
extends: .runtime_test_base
# Running the runtime tests for every push is too much, so limit to
# explicit triggers through the API.
only:
- triggers
- tags
- /-runtime-tests$/
rules:
# For tags, create a pipeline.
- if: '$CI_COMMIT_TAG'
# For pipeline created by using a trigger token.
- if: '$CI_PIPELINE_TRIGGERED'
# For the branch or tag name named *-runtime-tests, create a pipeline.
- if: '$CI_COMMIT_REF_NAME =~ /^.*-runtime-tests$/'
before_script:
- TEST_CASE_NAME=${CI_JOB_NAME}
one-runtime_test:
extends: .runtime_test_base
only:
- /^.*-tests\..*$/
rules:
- if: '$CI_COMMIT_REF_NAME =~ /^.*-tests\..*$/'
before_script:
- TEST_CASE_NAME=$(echo ${CI_COMMIT_REF_NAME} | sed -e 's,^.*-,,g')
+32
View File
@@ -1,3 +1,35 @@
2020.02.5, released August 29th, 2020
Important / security related fixes.
Infrastructure: Ensure RPATH entries that may be needed for
dlopen() are not dropped by patchelf.
BR_VERSION_FULL/setlocalversion (used by make print-version
and /etc/os-release): Properly handle local git tags
Updated/fixed packages: apache, at91bootstrap3, bind, boost,
busybox, capnproto, chrony, collectd, cpio, cryptsetup, cups,
cvs, dbus, docker-engine, domoticz, dovecot,
dovecot-pigeonhole, dropbear, efl, elixir, f2fs-tools, ffmpeg,
gd, gdk-pixbuf, ghostscript, glibc, grub2, gst1-plugins-bad,
hostapd, iputils, jasper, json-c, libcurl, libwebsockets,
linux, live555, mesa3d, mosquitto, mpv, nodejs, opencv,
opencv3, openjpeg, patchelf, perl, php, postgresql,
python-django, python-gunicorn, python-matplotlib, ripgrep,
rtl8188eu, rtl8821au, ruby, shadowsocks-libev, squid,
tpm2-abrmd, tpm2-tools, trousers, uacme, webkitgtk, wireshark,
wolfssl, wpa_supplicant, wpewebkit, xen, xlib_libX11,
xserver_xorg-server
Issues resolved (http://bugs.uclibc.org):
#12876: nodejs fails to build when host-icu has been built before
#13111: python-gunicorn: missing dependency on python-setuptools
#13121: wpa_supplicant fails to build without libopenssl enabled
#13141: Target-finalize fail with "depmod: ERROR: Bad version passed"
#13156: package live555 new license
2020.02.4, released July 26th, 2020
Important / security related fixes.
+8 -3
View File
@@ -186,18 +186,25 @@ F: package/rauc/
N: Angelo Compagnucci <angelo.compagnucci@gmail.com>
F: package/corkscrew/
F: package/cups/
F: package/cups-filters/
F: package/fail2ban/
F: package/grep/
F: package/i2c-tools/
F: package/jq/
F: package/libb64/
F: package/mender/
F: package/mender-artifact/
F: package/mono/
F: package/mono-gtksharp3/
F: package/monolite/
F: package/openjpeg/
F: package/python-can/
F: package/python-pillow/
F: package/python-pydal/
F: package/python-spidev/
F: package/python-web2py/
F: package/sam-ba/
F: package/sshguard/
F: package/sunwait/
F: package/sysdig/
@@ -1035,6 +1042,7 @@ N: Gwenhael Goavec-Merou <gwenhael.goavec-merou@trabucayre.com>
F: package/gnuradio/
F: package/gqrx/
F: package/gr-osmosdr/
F: package/librtlsdr/
F: package/libusbgx/
F: package/python-cheetah/
F: package/python-markdown/
@@ -1713,9 +1721,6 @@ F: package/systemd-bootchart/
F: package/tinyalsa/
F: package/tinyxml/
N: Maxime Ripard <maxime.ripard@bootlin.com>
F: package/kmsxx/
N: Michael Durrant <mdurrant@arcturusnetworks.com>
F: board/arcturus/
F: configs/arcturus_ucp1020_defconfig
+21 -15
View File
@@ -92,9 +92,9 @@ all:
.PHONY: all
# Set and export the version string
export BR2_VERSION := 2020.02.4
export BR2_VERSION := 2020.02.5
# Actual time the release is cut (for reproducible builds)
BR2_VERSION_EPOCH = 1595750000
BR2_VERSION_EPOCH = 1598727000
# Save running make version since it's clobbered by the make package
RUNNING_MAKE_VERSION := $(MAKE_VERSION)
@@ -113,7 +113,13 @@ DATE := $(shell date +%Y%m%d)
# Compute the full local version string so packages can use it as-is
# Need to export it, so it can be got from environment in children (eg. mconf)
export BR2_VERSION_FULL := $(BR2_VERSION)$(shell $(TOPDIR)/support/scripts/setlocalversion)
BR2_LOCALVERSION := $(shell $(TOPDIR)/support/scripts/setlocalversion)
ifeq ($(BR2_LOCALVERSION),)
export BR2_VERSION_FULL := $(BR2_VERSION)
else
export BR2_VERSION_FULL := $(BR2_LOCALVERSION)
endif
# List of targets and target patterns for which .config doesn't need to be read in
noconfig_targets := menuconfig nconfig gconfig xconfig config oldconfig randconfig \
@@ -793,9 +799,9 @@ endif
# counterparts are appropriately setup as symlinks ones to the others.
ifeq ($(BR2_ROOTFS_MERGED_USR),y)
@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
$(call MESSAGE,"Sanity check in overlay $(d)"); \
not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Sanity check in overlay $(d)")$(sep) \
$(Q)not_merged_dirs="$$(support/scripts/check-merged-usr.sh $(d))"; \
test -n "$$not_merged_dirs" && { \
echo "ERROR: The overlay in $(d) is not" \
"using a merged /usr for the following directories:" \
@@ -805,20 +811,20 @@ ifeq ($(BR2_ROOTFS_MERGED_USR),y)
endif # merged /usr
@$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
$(call MESSAGE,"Copying overlay $(d)"); \
$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
$(foreach d, $(call qstrip,$(BR2_ROOTFS_OVERLAY)), \
@$(call MESSAGE,"Copying overlay $(d)")$(sep) \
$(Q)$(call SYSTEM_RSYNC,$(d),$(TARGET_DIR))$(sep))
$(if $(TARGET_DIR_FILES_LISTS), \
$(Q)$(if $(TARGET_DIR_FILES_LISTS), \
cat $(TARGET_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list.txt
$(if $(HOST_DIR_FILES_LISTS), \
$(Q)$(if $(HOST_DIR_FILES_LISTS), \
cat $(HOST_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-host.txt
$(if $(STAGING_DIR_FILES_LISTS), \
$(Q)$(if $(STAGING_DIR_FILES_LISTS), \
cat $(STAGING_DIR_FILES_LISTS)) > $(BUILD_DIR)/packages-file-list-staging.txt
@$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
$(call MESSAGE,"Executing post-build script $(s)"); \
$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
$(foreach s, $(call qstrip,$(BR2_ROOTFS_POST_BUILD_SCRIPT)), \
@$(call MESSAGE,"Executing post-build script $(s)")$(sep) \
$(Q)$(EXTRA_ENV) $(s) $(TARGET_DIR) $(call qstrip,$(BR2_ROOTFS_POST_SCRIPT_ARGS))$(sep))
touch $(TARGET_DIR)/usr
+1 -1
View File
@@ -1,6 +1,6 @@
config BR2_TARGET_AT91BOOTSTRAP3
bool "AT91 Bootstrap 3"
depends on BR2_arm926t || BR2_cortex_a5
depends on BR2_arm926t || BR2_cortex_a5 || BR2_cortex_a7
help
AT91Bootstrap is a first level bootloader for the Atmel AT91
devices. It integrates algorithms for:
@@ -0,0 +1,73 @@
From a7ab0cc98fa89a3d5098c29cbe44bcd24b0a6454 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 15 Apr 2020 15:45:02 -0400
Subject: [PATCH] yylex: Make lexer fatal errors actually be fatal
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
When presented with a command that can't be tokenized to anything
smaller than YYLMAX characters, the parser calls YY_FATAL_ERROR(errmsg),
expecting that will stop further processing, as such:
#define YY_DO_BEFORE_ACTION \
yyg->yytext_ptr = yy_bp; \
yyleng = (int) (yy_cp - yy_bp); \
yyg->yy_hold_char = *yy_cp; \
*yy_cp = '\0'; \
if ( yyleng >= YYLMAX ) \
YY_FATAL_ERROR( "token too large, exceeds YYLMAX" ); \
yy_flex_strncpy( yytext, yyg->yytext_ptr, yyleng + 1 , yyscanner); \
yyg->yy_c_buf_p = yy_cp;
The code flex generates expects that YY_FATAL_ERROR() will either return
for it or do some form of longjmp(), or handle the error in some way at
least, and so the strncpy() call isn't in an "else" clause, and thus if
YY_FATAL_ERROR() is *not* actually fatal, it does the call with the
questionable limit, and predictable results ensue.
Unfortunately, our implementation of YY_FATAL_ERROR() is:
#define YY_FATAL_ERROR(msg) \
do { \
grub_printf (_("fatal error: %s\n"), _(msg)); \
} while (0)
The same pattern exists in yyless(), and similar problems exist in users
of YY_INPUT(), several places in the main parsing loop,
yy_get_next_buffer(), yy_load_buffer_state(), yyensure_buffer_stack,
yy_scan_buffer(), etc.
All of these callers expect YY_FATAL_ERROR() to actually be fatal, and
the things they do if it returns after calling it are wildly unsafe.
Fixes: CVE-2020-10713
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/script/yylex.l | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/script/yylex.l b/grub-core/script/yylex.l
index 7b44c37b7..b7203c823 100644
--- a/grub-core/script/yylex.l
+++ b/grub-core/script/yylex.l
@@ -37,11 +37,11 @@
/*
* As we don't have access to yyscanner, we cannot do much except to
- * print the fatal error.
+ * print the fatal error and exit.
*/
#define YY_FATAL_ERROR(msg) \
do { \
- grub_printf (_("fatal error: %s\n"), _(msg)); \
+ grub_fatal (_("fatal error: %s\n"), _(msg));\
} while (0)
#define COPY(str, hint) \
--
2.26.2
@@ -0,0 +1,128 @@
From 782a4580a5e347793443aa8e9152db1bf4a0fff8 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 15 Jun 2020 10:58:42 -0400
Subject: [PATCH] safemath: Add some arithmetic primitives that check for
overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This adds a new header, include/grub/safemath.h, that includes easy to
use wrappers for __builtin_{add,sub,mul}_overflow() declared like:
bool OP(a, b, res)
where OP is grub_add, grub_sub or grub_mul. OP() returns true in the
case where the operation would overflow and res is not modified.
Otherwise, false is returned and the operation is executed.
These arithmetic primitives require newer compiler versions. So, bump
these requirements in the INSTALL file too.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
INSTALL | 22 ++--------------------
include/grub/compiler.h | 8 ++++++++
include/grub/safemath.h | 37 +++++++++++++++++++++++++++++++++++++
3 files changed, 47 insertions(+), 20 deletions(-)
create mode 100644 include/grub/safemath.h
diff --git a/INSTALL b/INSTALL
index 8acb40902..dcb9b7d7b 100644
--- a/INSTALL
+++ b/INSTALL
@@ -11,27 +11,9 @@ GRUB depends on some software packages installed into your system. If
you don't have any of them, please obtain and install them before
configuring the GRUB.
-* GCC 4.1.3 or later
- Note: older versions may work but support is limited
-
- Experimental support for clang 3.3 or later (results in much bigger binaries)
+* GCC 5.1.0 or later
+ Experimental support for clang 3.8.0 or later (results in much bigger binaries)
for i386, x86_64, arm (including thumb), arm64, mips(el), powerpc, sparc64
- Note: clang 3.2 or later works for i386 and x86_64 targets but results in
- much bigger binaries.
- earlier versions not tested
- Note: clang 3.2 or later works for arm
- earlier versions not tested
- Note: clang on arm64 is not supported due to
- https://llvm.org/bugs/show_bug.cgi?id=26030
- Note: clang 3.3 or later works for mips(el)
- earlier versions fail to generate .reginfo and hence gprel relocations
- fail.
- Note: clang 3.2 or later works for powerpc
- earlier versions not tested
- Note: clang 3.5 or later works for sparc64
- earlier versions return "error: unable to interface with target machine"
- Note: clang has no support for ia64 and hence you can't compile GRUB
- for ia64 with clang
* GNU Make
* GNU Bison 2.3 or later
* GNU gettext 0.17 or later
diff --git a/include/grub/compiler.h b/include/grub/compiler.h
index c9e1d7a73..8f3be3ae7 100644
--- a/include/grub/compiler.h
+++ b/include/grub/compiler.h
@@ -48,4 +48,12 @@
# define WARN_UNUSED_RESULT
#endif
+#if defined(__clang__) && defined(__clang_major__) && defined(__clang_minor__)
+# define CLANG_PREREQ(maj,min) \
+ ((__clang_major__ > (maj)) || \
+ (__clang_major__ == (maj) && __clang_minor__ >= (min)))
+#else
+# define CLANG_PREREQ(maj,min) 0
+#endif
+
#endif /* ! GRUB_COMPILER_HEADER */
diff --git a/include/grub/safemath.h b/include/grub/safemath.h
new file mode 100644
index 000000000..c17b89bba
--- /dev/null
+++ b/include/grub/safemath.h
@@ -0,0 +1,37 @@
+/*
+ * GRUB -- GRand Unified Bootloader
+ * Copyright (C) 2020 Free Software Foundation, Inc.
+ *
+ * GRUB is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * GRUB is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
+ *
+ * Arithmetic operations that protect against overflow.
+ */
+
+#ifndef GRUB_SAFEMATH_H
+#define GRUB_SAFEMATH_H 1
+
+#include <grub/compiler.h>
+
+/* These appear in gcc 5.1 and clang 3.8. */
+#if GNUC_PREREQ(5, 1) || CLANG_PREREQ(3, 8)
+
+#define grub_add(a, b, res) __builtin_add_overflow(a, b, res)
+#define grub_sub(a, b, res) __builtin_sub_overflow(a, b, res)
+#define grub_mul(a, b, res) __builtin_mul_overflow(a, b, res)
+
+#else
+#error gcc 5.1 or newer or clang 3.8 or newer is required
+#endif
+
+#endif /* GRUB_SAFEMATH_H */
--
2.26.2
@@ -0,0 +1,246 @@
From 5775eb40862b67468ced816e6d7560dbe22a3670 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Mon, 15 Jun 2020 12:15:29 -0400
Subject: [PATCH] calloc: Make sure we always have an overflow-checking
calloc() available
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This tries to make sure that everywhere in this source tree, we always have
an appropriate version of calloc() (i.e. grub_calloc(), xcalloc(), etc.)
available, and that they all safely check for overflow and return NULL when
it would occur.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/emu/misc.c | 12 +++++++++
grub-core/kern/emu/mm.c | 10 ++++++++
grub-core/kern/mm.c | 40 ++++++++++++++++++++++++++++++
grub-core/lib/libgcrypt_wrap/mem.c | 11 ++++++--
grub-core/lib/posix_wrap/stdlib.h | 8 +++++-
include/grub/emu/misc.h | 1 +
include/grub/mm.h | 6 +++++
7 files changed, 85 insertions(+), 3 deletions(-)
diff --git a/grub-core/kern/emu/misc.c b/grub-core/kern/emu/misc.c
index 65db79baa..dfd8a8ec4 100644
--- a/grub-core/kern/emu/misc.c
+++ b/grub-core/kern/emu/misc.c
@@ -85,6 +85,18 @@ grub_util_error (const char *fmt, ...)
exit (1);
}
+void *
+xcalloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *p;
+
+ p = calloc (nmemb, size);
+ if (!p)
+ grub_util_error ("%s", _("out of memory"));
+
+ return p;
+}
+
void *
xmalloc (grub_size_t size)
{
diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
index f262e95e3..145b01d37 100644
--- a/grub-core/kern/emu/mm.c
+++ b/grub-core/kern/emu/mm.c
@@ -25,6 +25,16 @@
#include <string.h>
#include <grub/i18n.h>
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *ret;
+ ret = calloc (nmemb, size);
+ if (!ret)
+ grub_error (GRUB_ERR_OUT_OF_MEMORY, N_("out of memory"));
+ return ret;
+}
+
void *
grub_malloc (grub_size_t size)
{
diff --git a/grub-core/kern/mm.c b/grub-core/kern/mm.c
index ee88ff611..f2822a836 100644
--- a/grub-core/kern/mm.c
+++ b/grub-core/kern/mm.c
@@ -67,8 +67,10 @@
#include <grub/dl.h>
#include <grub/i18n.h>
#include <grub/mm_private.h>
+#include <grub/safemath.h>
#ifdef MM_DEBUG
+# undef grub_calloc
# undef grub_malloc
# undef grub_zalloc
# undef grub_realloc
@@ -375,6 +377,30 @@ grub_memalign (grub_size_t align, grub_size_t size)
return 0;
}
+/*
+ * Allocate NMEMB instances of SIZE bytes and return the pointer, or error on
+ * integer overflow.
+ */
+void *
+grub_calloc (grub_size_t nmemb, grub_size_t size)
+{
+ void *ret;
+ grub_size_t sz = 0;
+
+ if (grub_mul (nmemb, size, &sz))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ return NULL;
+ }
+
+ ret = grub_memalign (0, sz);
+ if (!ret)
+ return NULL;
+
+ grub_memset (ret, 0, sz);
+ return ret;
+}
+
/* Allocate SIZE bytes and return the pointer. */
void *
grub_malloc (grub_size_t size)
@@ -561,6 +587,20 @@ grub_mm_dump (unsigned lineno)
grub_printf ("\n");
}
+void *
+grub_debug_calloc (const char *file, int line, grub_size_t nmemb, grub_size_t size)
+{
+ void *ptr;
+
+ if (grub_mm_debug)
+ grub_printf ("%s:%d: calloc (0x%" PRIxGRUB_SIZE ", 0x%" PRIxGRUB_SIZE ") = ",
+ file, line, size);
+ ptr = grub_calloc (nmemb, size);
+ if (grub_mm_debug)
+ grub_printf ("%p\n", ptr);
+ return ptr;
+}
+
void *
grub_debug_malloc (const char *file, int line, grub_size_t size)
{
diff --git a/grub-core/lib/libgcrypt_wrap/mem.c b/grub-core/lib/libgcrypt_wrap/mem.c
index beeb661a3..74c6eafe5 100644
--- a/grub-core/lib/libgcrypt_wrap/mem.c
+++ b/grub-core/lib/libgcrypt_wrap/mem.c
@@ -4,6 +4,7 @@
#include <grub/crypto.h>
#include <grub/dl.h>
#include <grub/env.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -36,7 +37,10 @@ void *
gcry_xcalloc (size_t n, size_t m)
{
void *ret;
- ret = grub_zalloc (n * m);
+ size_t sz;
+ if (grub_mul (n, m, &sz))
+ grub_fatal ("gcry_xcalloc would overflow");
+ ret = grub_zalloc (sz);
if (!ret)
grub_fatal ("gcry_xcalloc failed");
return ret;
@@ -56,7 +60,10 @@ void *
gcry_xcalloc_secure (size_t n, size_t m)
{
void *ret;
- ret = grub_zalloc (n * m);
+ size_t sz;
+ if (grub_mul (n, m, &sz))
+ grub_fatal ("gcry_xcalloc would overflow");
+ ret = grub_zalloc (sz);
if (!ret)
grub_fatal ("gcry_xcalloc failed");
return ret;
diff --git a/grub-core/lib/posix_wrap/stdlib.h b/grub-core/lib/posix_wrap/stdlib.h
index 3b46f47ff..7a8d385e9 100644
--- a/grub-core/lib/posix_wrap/stdlib.h
+++ b/grub-core/lib/posix_wrap/stdlib.h
@@ -21,6 +21,7 @@
#include <grub/mm.h>
#include <grub/misc.h>
+#include <grub/safemath.h>
static inline void
free (void *ptr)
@@ -37,7 +38,12 @@ malloc (grub_size_t size)
static inline void *
calloc (grub_size_t size, grub_size_t nelem)
{
- return grub_zalloc (size * nelem);
+ grub_size_t sz;
+
+ if (grub_mul (size, nelem, &sz))
+ return NULL;
+
+ return grub_zalloc (sz);
}
static inline void *
diff --git a/include/grub/emu/misc.h b/include/grub/emu/misc.h
index ce464cfd0..ff9c48a64 100644
--- a/include/grub/emu/misc.h
+++ b/include/grub/emu/misc.h
@@ -47,6 +47,7 @@ grub_util_device_is_mapped (const char *dev);
#define GRUB_HOST_PRIuLONG_LONG "llu"
#define GRUB_HOST_PRIxLONG_LONG "llx"
+void * EXPORT_FUNC(xcalloc) (grub_size_t nmemb, grub_size_t size) WARN_UNUSED_RESULT;
void * EXPORT_FUNC(xmalloc) (grub_size_t size) WARN_UNUSED_RESULT;
void * EXPORT_FUNC(xrealloc) (void *ptr, grub_size_t size) WARN_UNUSED_RESULT;
char * EXPORT_FUNC(xstrdup) (const char *str) WARN_UNUSED_RESULT;
diff --git a/include/grub/mm.h b/include/grub/mm.h
index 28e2e53eb..9c38dd3ca 100644
--- a/include/grub/mm.h
+++ b/include/grub/mm.h
@@ -29,6 +29,7 @@
#endif
void grub_mm_init_region (void *addr, grub_size_t size);
+void *EXPORT_FUNC(grub_calloc) (grub_size_t nmemb, grub_size_t size);
void *EXPORT_FUNC(grub_malloc) (grub_size_t size);
void *EXPORT_FUNC(grub_zalloc) (grub_size_t size);
void EXPORT_FUNC(grub_free) (void *ptr);
@@ -48,6 +49,9 @@ extern int EXPORT_VAR(grub_mm_debug);
void grub_mm_dump_free (void);
void grub_mm_dump (unsigned lineno);
+#define grub_calloc(nmemb, size) \
+ grub_debug_calloc (GRUB_FILE, __LINE__, nmemb, size)
+
#define grub_malloc(size) \
grub_debug_malloc (GRUB_FILE, __LINE__, size)
@@ -63,6 +67,8 @@ void grub_mm_dump (unsigned lineno);
#define grub_free(ptr) \
grub_debug_free (GRUB_FILE, __LINE__, ptr)
+void *EXPORT_FUNC(grub_debug_calloc) (const char *file, int line,
+ grub_size_t nmemb, grub_size_t size);
void *EXPORT_FUNC(grub_debug_malloc) (const char *file, int line,
grub_size_t size);
void *EXPORT_FUNC(grub_debug_zalloc) (const char *file, int line,
--
2.26.2
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
@@ -0,0 +1,72 @@
From e0dd17a3ce79c6622dc78c96e1f2ef1b20e2bf7b Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sat, 4 Jul 2020 12:25:09 -0400
Subject: [PATCH] iso9660: Don't leak memory on realloc() failures
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/iso9660.c | 24 ++++++++++++++++++++----
1 file changed, 20 insertions(+), 4 deletions(-)
diff --git a/grub-core/fs/iso9660.c b/grub-core/fs/iso9660.c
index 7ba5b300b..5ec4433b8 100644
--- a/grub-core/fs/iso9660.c
+++ b/grub-core/fs/iso9660.c
@@ -533,14 +533,20 @@ add_part (struct iterate_dir_ctx *ctx,
{
int size = ctx->symlink ? grub_strlen (ctx->symlink) : 0;
grub_size_t sz;
+ char *new;
if (grub_add (size, len2, &sz) ||
grub_add (sz, 1, &sz))
return;
- ctx->symlink = grub_realloc (ctx->symlink, sz);
- if (! ctx->symlink)
- return;
+ new = grub_realloc (ctx->symlink, sz);
+ if (!new)
+ {
+ grub_free (ctx->symlink);
+ ctx->symlink = NULL;
+ return;
+ }
+ ctx->symlink = new;
grub_memcpy (ctx->symlink + size, part, len2);
ctx->symlink[size + len2] = 0;
@@ -634,7 +640,12 @@ susp_iterate_dir (struct grub_iso9660_susp_entry *entry,
is the length. Both are part of the `Component
Record'. */
if (ctx->symlink && !ctx->was_continue)
- add_part (ctx, "/", 1);
+ {
+ add_part (ctx, "/", 1);
+ if (grub_errno)
+ return grub_errno;
+ }
+
add_part (ctx, (char *) &entry->data[pos + 2],
entry->data[pos + 1]);
ctx->was_continue = (entry->data[pos] & 1);
@@ -653,6 +664,11 @@ susp_iterate_dir (struct grub_iso9660_susp_entry *entry,
add_part (ctx, "/", 1);
break;
}
+
+ /* Check if grub_realloc() failed in add_part(). */
+ if (grub_errno)
+ return grub_errno;
+
/* In pos + 1 the length of the `Component Record' is
stored. */
pos += entry->data[pos + 1] + 2;
--
2.26.2
@@ -0,0 +1,41 @@
From 73bc7a964c9496d5b0f00dbd69959dacf5adcebe Mon Sep 17 00:00:00 2001
From: Daniel Kiper <daniel.kiper@oracle.com>
Date: Tue, 7 Jul 2020 15:36:26 +0200
Subject: [PATCH] font: Do not load more than one NAME section
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The GRUB font file can have one NAME section only. Though if somebody
crafts a broken font file with many NAME sections and loads it then the
GRUB leaks memory. So, prevent against that by loading first NAME
section and failing in controlled way on following one.
Reported-by: Chris Coulson <chris.coulson@canonical.com>
Signed-off-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/font/font.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/grub-core/font/font.c b/grub-core/font/font.c
index 5edb477ac..d09bb38d8 100644
--- a/grub-core/font/font.c
+++ b/grub-core/font/font.c
@@ -532,6 +532,12 @@ grub_font_load (const char *filename)
if (grub_memcmp (section.name, FONT_FORMAT_SECTION_NAMES_FONT_NAME,
sizeof (FONT_FORMAT_SECTION_NAMES_FONT_NAME) - 1) == 0)
{
+ if (font->name != NULL)
+ {
+ grub_error (GRUB_ERR_BAD_FONT, "invalid font file: too many NAME sections");
+ goto fail;
+ }
+
font->name = read_section_as_string (&section);
if (!font->name)
goto fail;
--
2.26.2
@@ -0,0 +1,39 @@
From 9ff609f0e7798bc5fb04f791131c98e7693bdd9b Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 20:41:56 +0000
Subject: [PATCH] gfxmenu: Fix double free in load_image()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
self->bitmap should be zeroed after free. Otherwise, there is a chance
to double free (USE_AFTER_FREE) it later in rescale_image().
Fixes: CID 292472
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/gfxmenu/gui_image.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/grub-core/gfxmenu/gui_image.c b/grub-core/gfxmenu/gui_image.c
index 29784ed2d..6b2e976f1 100644
--- a/grub-core/gfxmenu/gui_image.c
+++ b/grub-core/gfxmenu/gui_image.c
@@ -195,7 +195,10 @@ load_image (grub_gui_image_t self, const char *path)
return grub_errno;
if (self->bitmap && (self->bitmap != self->raw_bitmap))
- grub_video_bitmap_destroy (self->bitmap);
+ {
+ grub_video_bitmap_destroy (self->bitmap);
+ self->bitmap = 0;
+ }
if (self->raw_bitmap)
grub_video_bitmap_destroy (self->raw_bitmap);
--
2.26.2
@@ -0,0 +1,58 @@
From dc9777dc17697b196c415c53187a55861d41fd2a Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 21:30:43 +0000
Subject: [PATCH] xnu: Fix double free in grub_xnu_devprop_add_property()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
grub_xnu_devprop_add_property() should not free utf8 and utf16 as it get
allocated and freed in the caller.
Minor improvement: do prop fields initialization after memory allocations.
Fixes: CID 292442, CID 292457, CID 292460, CID 292466
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/i386/xnu.c | 17 ++++++++---------
1 file changed, 8 insertions(+), 9 deletions(-)
diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
index b7d176b5d..e9e119259 100644
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@@ -262,20 +262,19 @@ grub_xnu_devprop_add_property (struct grub_xnu_devprop_device_descriptor *dev,
if (!prop)
return grub_errno;
- prop->name = utf8;
- prop->name16 = utf16;
- prop->name16len = utf16len;
-
- prop->length = datalen;
- prop->data = grub_malloc (prop->length);
+ prop->data = grub_malloc (datalen);
if (!prop->data)
{
- grub_free (prop->name);
- grub_free (prop->name16);
grub_free (prop);
return grub_errno;
}
- grub_memcpy (prop->data, data, prop->length);
+ grub_memcpy (prop->data, data, datalen);
+
+ prop->name = utf8;
+ prop->name16 = utf16;
+ prop->name16len = utf16len;
+ prop->length = datalen;
+
grub_list_push (GRUB_AS_LIST_P (&dev->properties),
GRUB_AS_LIST (prop));
return GRUB_ERR_NONE;
--
2.26.2
@@ -0,0 +1,55 @@
From 78829f0c230680e386fff9f420bb1631bc20f761 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Thu, 9 Jul 2020 03:05:23 +0000
Subject: [PATCH] lzma: Make sure we don't dereference past array
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The two dimensional array p->posSlotEncoder[4][64] is being dereferenced
using the GetLenToPosState() macro which checks if len is less than 5,
and if so subtracts 2 from it. If len = 0, that is 0 - 2 = 4294967294.
Obviously we don't want to dereference that far out so we check if the
position found is greater or equal kNumLenToPosStates (4) and bail out.
N.B.: Upstream LZMA 18.05 and later has this function completely rewritten
without any history.
Fixes: CID 51526
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/LzmaEnc.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/grub-core/lib/LzmaEnc.c b/grub-core/lib/LzmaEnc.c
index f2ec04a8c..753e56a95 100644
--- a/grub-core/lib/LzmaEnc.c
+++ b/grub-core/lib/LzmaEnc.c
@@ -1877,13 +1877,19 @@ static SRes LzmaEnc_CodeOneBlock(CLzmaEnc *p, Bool useLimits, UInt32 maxPackSize
}
else
{
- UInt32 posSlot;
+ UInt32 posSlot, lenToPosState;
RangeEnc_EncodeBit(&p->rc, &p->isRep[p->state], 0);
p->state = kMatchNextStates[p->state];
LenEnc_Encode2(&p->lenEnc, &p->rc, len - LZMA_MATCH_LEN_MIN, posState, !p->fastMode, p->ProbPrices);
pos -= LZMA_NUM_REPS;
GetPosSlot(pos, posSlot);
- RcTree_Encode(&p->rc, p->posSlotEncoder[GetLenToPosState(len)], kNumPosSlotBits, posSlot);
+ lenToPosState = GetLenToPosState(len);
+ if (lenToPosState >= kNumLenToPosStates)
+ {
+ p->result = SZ_ERROR_DATA;
+ return CheckErrors(p);
+ }
+ RcTree_Encode(&p->rc, p->posSlotEncoder[lenToPosState], kNumPosSlotBits, posSlot);
if (posSlot >= kStartPosModelIndex)
{
--
2.26.2
@@ -0,0 +1,69 @@
From 8d3b6f9da468f666e3a7976657f2ab5c52762a21 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 7 Jul 2020 15:12:25 -0400
Subject: [PATCH] term: Fix overflow on user inputs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This requires a very weird input from the serial interface but can cause
an overflow in input_buf (keys) overwriting the next variable (npending)
with the user choice:
(pahole output)
struct grub_terminfo_input_state {
int input_buf[6]; /* 0 24 */
int npending; /* 24 4 */ <- CORRUPT
...snip...
The magic string requires causing this is "ESC,O,],0,1,2,q" and we overflow
npending with "q" (aka increase npending to 161). The simplest fix is to
just to disallow overwrites input_buf, which exactly what this patch does.
Fixes: CID 292449
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/term/terminfo.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/grub-core/term/terminfo.c b/grub-core/term/terminfo.c
index d317efa36..5fa94c0c3 100644
--- a/grub-core/term/terminfo.c
+++ b/grub-core/term/terminfo.c
@@ -398,7 +398,7 @@ grub_terminfo_getwh (struct grub_term_output *term)
}
static void
-grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len,
+grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len, int max_len,
int (*readkey) (struct grub_term_input *term))
{
int c;
@@ -414,6 +414,9 @@ grub_terminfo_readkey (struct grub_term_input *term, int *keys, int *len,
if (c == -1) \
return; \
\
+ if (*len >= max_len) \
+ return; \
+ \
keys[*len] = c; \
(*len)++; \
}
@@ -602,8 +605,8 @@ grub_terminfo_getkey (struct grub_term_input *termi)
return ret;
}
- grub_terminfo_readkey (termi, data->input_buf,
- &data->npending, data->readkey);
+ grub_terminfo_readkey (termi, data->input_buf, &data->npending,
+ GRUB_TERMINFO_READKEY_MAX_LEN, data->readkey);
#if defined(__powerpc__) && defined(GRUB_MACHINE_IEEE1275)
if (data->npending == 1 && data->input_buf[0] == GRUB_TERM_ESC
--
2.26.2
+59
View File
@@ -0,0 +1,59 @@
From 748b691761d31bfff7e9d0d210caa606294c2b52 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Tue, 7 Jul 2020 22:02:31 -0400
Subject: [PATCH] udf: Fix memory leak
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes: CID 73796
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/udf.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)
diff --git a/grub-core/fs/udf.c b/grub-core/fs/udf.c
index 21ac7f446..2ac5c1d00 100644
--- a/grub-core/fs/udf.c
+++ b/grub-core/fs/udf.c
@@ -965,8 +965,10 @@ grub_udf_iterate_dir (grub_fshelp_node_t dir,
return 0;
if (grub_udf_read_icb (dir->data, &dirent.icb, child))
- return 0;
-
+ {
+ grub_free (child);
+ return 0;
+ }
if (dirent.characteristics & GRUB_UDF_FID_CHAR_PARENT)
{
/* This is the parent directory. */
@@ -988,11 +990,18 @@ grub_udf_iterate_dir (grub_fshelp_node_t dir,
dirent.file_ident_length,
(char *) raw))
!= dirent.file_ident_length)
- return 0;
+ {
+ grub_free (child);
+ return 0;
+ }
filename = read_string (raw, dirent.file_ident_length, 0);
if (!filename)
- grub_print_error ();
+ {
+ /* As the hook won't get called. */
+ grub_free (child);
+ grub_print_error ();
+ }
if (filename && hook (filename, type, child, hook_data))
{
--
2.26.2
@@ -0,0 +1,38 @@
From 49bf3faa106498e151306fc780c63194a14751e3 Mon Sep 17 00:00:00 2001
From: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Date: Fri, 26 Jun 2020 10:51:43 -0400
Subject: [PATCH] multiboot2: Fix memory leak if
grub_create_loader_cmdline() fails
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes: CID 292468
Signed-off-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/multiboot_mbi2.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
index 53da78615..0efc66062 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -1070,7 +1070,11 @@ grub_multiboot2_add_module (grub_addr_t start, grub_size_t size,
err = grub_create_loader_cmdline (argc, argv, newmod->cmdline,
newmod->cmdline_size, GRUB_VERIFY_MODULE_CMDLINE);
if (err)
- return err;
+ {
+ grub_free (newmod->cmdline);
+ grub_free (newmod);
+ return err;
+ }
if (modules_last)
modules_last->next = newmod;
--
2.26.2
@@ -0,0 +1,283 @@
From b6c4a1b204740fe52b32e7f530831a59f4038e20 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Thu, 9 Jul 2020 08:10:40 +0000
Subject: [PATCH] tftp: Do not use priority queue
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
There is not need to reassemble the order of blocks. Per RFC 1350,
server must wait for the ACK, before sending next block. Data packets
can be served immediately without putting them to priority queue.
Logic to handle incoming packet is this:
- if packet block id equal to expected block id, then
process the packet,
- if packet block id is less than expected - this is retransmit
of old packet, then ACK it and drop the packet,
- if packet block id is more than expected - that shouldn't
happen, just drop the packet.
It makes the tftp receive path code simpler, smaller and faster.
As a benefit, this change fixes CID# 73624 and CID# 96690, caused
by following while loop:
while (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) == 0)
where tftph pointer is not moving from one iteration to another, causing
to serve same packet again. Luckily, double serving didn't happen due to
data->block++ during the first iteration.
Fixes: CID 73624, CID 96690
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/net/tftp.c | 168 ++++++++++++++-----------------------------
1 file changed, 53 insertions(+), 115 deletions(-)
diff --git a/grub-core/net/tftp.c b/grub-core/net/tftp.c
index 7d90bf66e..b4297bc8d 100644
--- a/grub-core/net/tftp.c
+++ b/grub-core/net/tftp.c
@@ -25,7 +25,6 @@
#include <grub/mm.h>
#include <grub/dl.h>
#include <grub/file.h>
-#include <grub/priority_queue.h>
#include <grub/i18n.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -106,31 +105,8 @@ typedef struct tftp_data
int have_oack;
struct grub_error_saved save_err;
grub_net_udp_socket_t sock;
- grub_priority_queue_t pq;
} *tftp_data_t;
-static int
-cmp_block (grub_uint16_t a, grub_uint16_t b)
-{
- grub_int16_t i = (grub_int16_t) (a - b);
- if (i > 0)
- return +1;
- if (i < 0)
- return -1;
- return 0;
-}
-
-static int
-cmp (const void *a__, const void *b__)
-{
- struct grub_net_buff *a_ = *(struct grub_net_buff **) a__;
- struct grub_net_buff *b_ = *(struct grub_net_buff **) b__;
- struct tftphdr *a = (struct tftphdr *) a_->data;
- struct tftphdr *b = (struct tftphdr *) b_->data;
- /* We want the first elements to be on top. */
- return -cmp_block (grub_be_to_cpu16 (a->u.data.block), grub_be_to_cpu16 (b->u.data.block));
-}
-
static grub_err_t
ack (tftp_data_t data, grub_uint64_t block)
{
@@ -207,73 +183,60 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
return GRUB_ERR_NONE;
}
- err = grub_priority_queue_push (data->pq, &nb);
- if (err)
- return err;
-
- {
- struct grub_net_buff **nb_top_p, *nb_top;
- while (1)
- {
- nb_top_p = grub_priority_queue_top (data->pq);
- if (!nb_top_p)
- return GRUB_ERR_NONE;
- nb_top = *nb_top_p;
- tftph = (struct tftphdr *) nb_top->data;
- if (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) >= 0)
- break;
- ack (data, grub_be_to_cpu16 (tftph->u.data.block));
- grub_netbuff_free (nb_top);
- grub_priority_queue_pop (data->pq);
- }
- while (cmp_block (grub_be_to_cpu16 (tftph->u.data.block), data->block + 1) == 0)
- {
- unsigned size;
-
- grub_priority_queue_pop (data->pq);
-
- if (file->device->net->packs.count < 50)
+ /* Ack old/retransmitted block. */
+ if (grub_be_to_cpu16 (tftph->u.data.block) < data->block + 1)
+ ack (data, grub_be_to_cpu16 (tftph->u.data.block));
+ /* Ignore unexpected block. */
+ else if (grub_be_to_cpu16 (tftph->u.data.block) > data->block + 1)
+ grub_dprintf ("tftp", "TFTP unexpected block # %d\n", tftph->u.data.block);
+ else
+ {
+ unsigned size;
+
+ if (file->device->net->packs.count < 50)
+ {
err = ack (data, data->block + 1);
- else
- {
- file->device->net->stall = 1;
- err = 0;
- }
- if (err)
- return err;
-
- err = grub_netbuff_pull (nb_top, sizeof (tftph->opcode) +
- sizeof (tftph->u.data.block));
- if (err)
- return err;
- size = nb_top->tail - nb_top->data;
-
- data->block++;
- if (size < data->block_size)
- {
- if (data->ack_sent < data->block)
- ack (data, data->block);
- file->device->net->eof = 1;
- file->device->net->stall = 1;
- grub_net_udp_close (data->sock);
- data->sock = NULL;
- }
- /* Prevent garbage in broken cards. Is it still necessary
- given that IP implementation has been fixed?
- */
- if (size > data->block_size)
- {
- err = grub_netbuff_unput (nb_top, size - data->block_size);
- if (err)
- return err;
- }
- /* If there is data, puts packet in socket list. */
- if ((nb_top->tail - nb_top->data) > 0)
- grub_net_put_packet (&file->device->net->packs, nb_top);
- else
- grub_netbuff_free (nb_top);
- }
- }
+ if (err)
+ return err;
+ }
+ else
+ file->device->net->stall = 1;
+
+ err = grub_netbuff_pull (nb, sizeof (tftph->opcode) +
+ sizeof (tftph->u.data.block));
+ if (err)
+ return err;
+ size = nb->tail - nb->data;
+
+ data->block++;
+ if (size < data->block_size)
+ {
+ if (data->ack_sent < data->block)
+ ack (data, data->block);
+ file->device->net->eof = 1;
+ file->device->net->stall = 1;
+ grub_net_udp_close (data->sock);
+ data->sock = NULL;
+ }
+ /*
+ * Prevent garbage in broken cards. Is it still necessary
+ * given that IP implementation has been fixed?
+ */
+ if (size > data->block_size)
+ {
+ err = grub_netbuff_unput (nb, size - data->block_size);
+ if (err)
+ return err;
+ }
+ /* If there is data, puts packet in socket list. */
+ if ((nb->tail - nb->data) > 0)
+ {
+ grub_net_put_packet (&file->device->net->packs, nb);
+ /* Do not free nb. */
+ return GRUB_ERR_NONE;
+ }
+ }
+ grub_netbuff_free (nb);
return GRUB_ERR_NONE;
case TFTP_ERROR:
data->have_oack = 1;
@@ -287,19 +250,6 @@ tftp_receive (grub_net_udp_socket_t sock __attribute__ ((unused)),
}
}
-static void
-destroy_pq (tftp_data_t data)
-{
- struct grub_net_buff **nb_p;
- while ((nb_p = grub_priority_queue_top (data->pq)))
- {
- grub_netbuff_free (*nb_p);
- grub_priority_queue_pop (data->pq);
- }
-
- grub_priority_queue_destroy (data->pq);
-}
-
static grub_err_t
tftp_open (struct grub_file *file, const char *filename)
{
@@ -372,17 +322,9 @@ tftp_open (struct grub_file *file, const char *filename)
file->not_easily_seekable = 1;
file->data = data;
- data->pq = grub_priority_queue_new (sizeof (struct grub_net_buff *), cmp);
- if (!data->pq)
- {
- grub_free (data);
- return grub_errno;
- }
-
err = grub_net_resolve_address (file->device->net->server, &addr);
if (err)
{
- destroy_pq (data);
grub_free (data);
return err;
}
@@ -392,7 +334,6 @@ tftp_open (struct grub_file *file, const char *filename)
file);
if (!data->sock)
{
- destroy_pq (data);
grub_free (data);
return grub_errno;
}
@@ -406,7 +347,6 @@ tftp_open (struct grub_file *file, const char *filename)
if (err)
{
grub_net_udp_close (data->sock);
- destroy_pq (data);
grub_free (data);
return err;
}
@@ -423,7 +363,6 @@ tftp_open (struct grub_file *file, const char *filename)
if (grub_errno)
{
grub_net_udp_close (data->sock);
- destroy_pq (data);
grub_free (data);
return grub_errno;
}
@@ -466,7 +405,6 @@ tftp_close (struct grub_file *file)
grub_print_error ();
grub_net_udp_close (data->sock);
}
- destroy_pq (data);
grub_free (data);
return GRUB_ERR_NONE;
}
--
2.26.2
@@ -0,0 +1,153 @@
From 1c7b619c84f229c1602c1958bcd054b6d9937562 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 15 Jul 2020 06:42:37 +0000
Subject: [PATCH] relocator: Protect grub_relocator_alloc_chunk_addr()
input args against integer underflow/overflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Use arithmetic macros from safemath.h to accomplish it. In this commit,
I didn't want to be too paranoid to check every possible math equation
for overflow/underflow. Only obvious places (with non zero chance of
overflow/underflow) were refactored.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/i386/linux.c | 9 +++++++--
grub-core/loader/i386/pc/linux.c | 9 +++++++--
grub-core/loader/i386/xen.c | 12 ++++++++++--
grub-core/loader/xnu.c | 11 +++++++----
4 files changed, 31 insertions(+), 10 deletions(-)
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index d0501e229..02a73463a 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -36,6 +36,7 @@
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
#include <grub/machine/kernel.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -547,9 +548,13 @@ grub_linux_boot (void)
{
grub_relocator_chunk_t ch;
+ grub_size_t sz;
+
+ if (grub_add (ctx.real_size, efi_mmap_size, &sz))
+ return GRUB_ERR_OUT_OF_RANGE;
+
err = grub_relocator_alloc_chunk_addr (relocator, &ch,
- ctx.real_mode_target,
- (ctx.real_size + efi_mmap_size));
+ ctx.real_mode_target, sz);
if (err)
return err;
real_mode_mem = get_virtual_current_address (ch);
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 47ea2945e..31f09922b 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -35,6 +35,7 @@
#include <grub/i386/floppy.h>
#include <grub/lib/cmdline.h>
#include <grub/linux.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -218,8 +219,12 @@ grub_cmd_linux (grub_command_t cmd __attribute__ ((unused)),
setup_sects = GRUB_LINUX_DEFAULT_SETUP_SECTS;
real_size = setup_sects << GRUB_DISK_SECTOR_BITS;
- grub_linux16_prot_size = grub_file_size (file)
- - real_size - GRUB_DISK_SECTOR_SIZE;
+ if (grub_sub (grub_file_size (file), real_size, &grub_linux16_prot_size) ||
+ grub_sub (grub_linux16_prot_size, GRUB_DISK_SECTOR_SIZE, &grub_linux16_prot_size))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ goto fail;
+ }
if (! grub_linux_is_bzimage
&& GRUB_LINUX_ZIMAGE_ADDR + grub_linux16_prot_size
diff --git a/grub-core/loader/i386/xen.c b/grub-core/loader/i386/xen.c
index 8f662c8ac..cd24874ca 100644
--- a/grub-core/loader/i386/xen.c
+++ b/grub-core/loader/i386/xen.c
@@ -41,6 +41,7 @@
#include <grub/linux.h>
#include <grub/i386/memory.h>
#include <grub/verify.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -636,6 +637,7 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
grub_relocator_chunk_t ch;
grub_addr_t kern_start;
grub_addr_t kern_end;
+ grub_size_t sz;
if (argc == 0)
return grub_error (GRUB_ERR_BAD_ARGUMENT, N_("filename expected"));
@@ -703,8 +705,14 @@ grub_cmd_xen (grub_command_t cmd __attribute__ ((unused)),
xen_state.max_addr = ALIGN_UP (kern_end, PAGE_SIZE);
- err = grub_relocator_alloc_chunk_addr (xen_state.relocator, &ch, kern_start,
- kern_end - kern_start);
+
+ if (grub_sub (kern_end, kern_start, &sz))
+ {
+ err = GRUB_ERR_OUT_OF_RANGE;
+ goto fail;
+ }
+
+ err = grub_relocator_alloc_chunk_addr (xen_state.relocator, &ch, kern_start, sz);
if (err)
goto fail;
kern_chunk_src = get_virtual_current_address (ch);
diff --git a/grub-core/loader/xnu.c b/grub-core/loader/xnu.c
index 77d7060e1..9ae4ceb35 100644
--- a/grub-core/loader/xnu.c
+++ b/grub-core/loader/xnu.c
@@ -34,6 +34,7 @@
#include <grub/env.h>
#include <grub/i18n.h>
#include <grub/verify.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -59,15 +60,17 @@ grub_xnu_heap_malloc (int size, void **src, grub_addr_t *target)
{
grub_err_t err;
grub_relocator_chunk_t ch;
+ grub_addr_t tgt;
+
+ if (grub_add (grub_xnu_heap_target_start, grub_xnu_heap_size, &tgt))
+ return GRUB_ERR_OUT_OF_RANGE;
- err = grub_relocator_alloc_chunk_addr (grub_xnu_relocator, &ch,
- grub_xnu_heap_target_start
- + grub_xnu_heap_size, size);
+ err = grub_relocator_alloc_chunk_addr (grub_xnu_relocator, &ch, tgt, size);
if (err)
return err;
*src = get_virtual_current_address (ch);
- *target = grub_xnu_heap_target_start + grub_xnu_heap_size;
+ *target = tgt;
grub_xnu_heap_size += size;
grub_dprintf ("xnu", "val=%p\n", *src);
return GRUB_ERR_NONE;
--
2.26.2
@@ -0,0 +1,341 @@
From 0cfbbca3ccd84d36ffb1bcd6644ada7c73b19fc0 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Wed, 8 Jul 2020 01:44:38 +0000
Subject: [PATCH] relocator: Protect grub_relocator_alloc_chunk_align()
max_addr against integer underflow
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This commit introduces integer underflow mitigation in max_addr calculation
in grub_relocator_alloc_chunk_align() invocation.
It consists of 2 fixes:
1. Introduced grub_relocator_alloc_chunk_align_safe() wrapper function to perform
sanity check for min/max and size values, and to make safe invocation of
grub_relocator_alloc_chunk_align() with validated max_addr value. Replace all
invocations such as grub_relocator_alloc_chunk_align(..., min_addr, max_addr - size, size, ...)
by grub_relocator_alloc_chunk_align_safe(..., min_addr, max_addr, size, ...).
2. Introduced UP_TO_TOP32(s) macro for the cases where max_addr is 32-bit top
address (0xffffffff - size + 1) or similar.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/i386/relocator.c | 28 ++++++++++----------------
grub-core/lib/mips/relocator.c | 6 ++----
grub-core/lib/powerpc/relocator.c | 6 ++----
grub-core/lib/x86_64/efi/relocator.c | 7 +++----
grub-core/loader/i386/linux.c | 5 ++---
grub-core/loader/i386/multiboot_mbi.c | 7 +++----
grub-core/loader/i386/pc/linux.c | 6 ++----
grub-core/loader/mips/linux.c | 9 +++------
grub-core/loader/multiboot.c | 2 +-
grub-core/loader/multiboot_elfxx.c | 10 ++++-----
grub-core/loader/multiboot_mbi2.c | 10 ++++-----
grub-core/loader/xnu_resume.c | 2 +-
include/grub/relocator.h | 29 +++++++++++++++++++++++++++
13 files changed, 69 insertions(+), 58 deletions(-)
diff --git a/grub-core/lib/i386/relocator.c b/grub-core/lib/i386/relocator.c
index 71dd4f0ab..34cbe834f 100644
--- a/grub-core/lib/i386/relocator.c
+++ b/grub-core/lib/i386/relocator.c
@@ -83,11 +83,10 @@ grub_relocator32_boot (struct grub_relocator *rel,
/* Specific memory range due to Global Descriptor Table for use by payload
that we will store in returned chunk. The address range and preference
are based on "THE LINUX/x86 BOOT PROTOCOL" specification. */
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0x1000,
- 0x9a000 - RELOCATOR_SIZEOF (32),
- RELOCATOR_SIZEOF (32), 16,
- GRUB_RELOCATOR_PREFERENCE_LOW,
- avoid_efi_bootservices);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0x1000, 0x9a000,
+ RELOCATOR_SIZEOF (32), 16,
+ GRUB_RELOCATOR_PREFERENCE_LOW,
+ avoid_efi_bootservices);
if (err)
return err;
@@ -125,13 +124,10 @@ grub_relocator16_boot (struct grub_relocator *rel,
grub_relocator_chunk_t ch;
/* Put it higher than the byte it checks for A20 check. */
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0x8010,
- 0xa0000 - RELOCATOR_SIZEOF (16)
- - GRUB_RELOCATOR16_STACK_SIZE,
- RELOCATOR_SIZEOF (16)
- + GRUB_RELOCATOR16_STACK_SIZE, 16,
- GRUB_RELOCATOR_PREFERENCE_NONE,
- 0);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0x8010, 0xa0000,
+ RELOCATOR_SIZEOF (16) +
+ GRUB_RELOCATOR16_STACK_SIZE, 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
@@ -183,11 +179,9 @@ grub_relocator64_boot (struct grub_relocator *rel,
void *relst;
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (rel, &ch, min_addr,
- max_addr - RELOCATOR_SIZEOF (64),
- RELOCATOR_SIZEOF (64), 16,
- GRUB_RELOCATOR_PREFERENCE_NONE,
- 0);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, min_addr, max_addr,
+ RELOCATOR_SIZEOF (64), 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/mips/relocator.c b/grub-core/lib/mips/relocator.c
index 9d5f49cb9..743b213e6 100644
--- a/grub-core/lib/mips/relocator.c
+++ b/grub-core/lib/mips/relocator.c
@@ -120,10 +120,8 @@ grub_relocator32_boot (struct grub_relocator *rel,
unsigned i;
grub_addr_t vtarget;
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- (0xffffffff - stateset_size)
- + 1, stateset_size,
- sizeof (grub_uint32_t),
+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0, UP_TO_TOP32 (stateset_size),
+ stateset_size, sizeof (grub_uint32_t),
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/powerpc/relocator.c b/grub-core/lib/powerpc/relocator.c
index bdf2b111b..8ffb8b686 100644
--- a/grub-core/lib/powerpc/relocator.c
+++ b/grub-core/lib/powerpc/relocator.c
@@ -115,10 +115,8 @@ grub_relocator32_boot (struct grub_relocator *rel,
unsigned i;
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- (0xffffffff - stateset_size)
- + 1, stateset_size,
- sizeof (grub_uint32_t),
+ err = grub_relocator_alloc_chunk_align (rel, &ch, 0, UP_TO_TOP32 (stateset_size),
+ stateset_size, sizeof (grub_uint32_t),
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
diff --git a/grub-core/lib/x86_64/efi/relocator.c b/grub-core/lib/x86_64/efi/relocator.c
index 3caef7a40..7d200a125 100644
--- a/grub-core/lib/x86_64/efi/relocator.c
+++ b/grub-core/lib/x86_64/efi/relocator.c
@@ -50,10 +50,9 @@ grub_relocator64_efi_boot (struct grub_relocator *rel,
* 64-bit relocator code may live above 4 GiB quite well.
* However, I do not want ask for problems. Just in case.
*/
- err = grub_relocator_alloc_chunk_align (rel, &ch, 0,
- 0x100000000 - RELOCATOR_SIZEOF (64_efi),
- RELOCATOR_SIZEOF (64_efi), 16,
- GRUB_RELOCATOR_PREFERENCE_NONE, 1);
+ err = grub_relocator_alloc_chunk_align_safe (rel, &ch, 0, 0x100000000,
+ RELOCATOR_SIZEOF (64_efi), 16,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
return err;
diff --git a/grub-core/loader/i386/linux.c b/grub-core/loader/i386/linux.c
index 02a73463a..efbb99307 100644
--- a/grub-core/loader/i386/linux.c
+++ b/grub-core/loader/i386/linux.c
@@ -181,9 +181,8 @@ allocate_pages (grub_size_t prot_size, grub_size_t *align,
for (; err && *align + 1 > min_align; (*align)--)
{
grub_errno = GRUB_ERR_NONE;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- 0x1000000,
- 0xffffffff & ~prot_size,
+ err = grub_relocator_alloc_chunk_align (relocator, &ch, 0x1000000,
+ UP_TO_TOP32 (prot_size),
prot_size, 1 << *align,
GRUB_RELOCATOR_PREFERENCE_LOW,
1);
diff --git a/grub-core/loader/i386/multiboot_mbi.c b/grub-core/loader/i386/multiboot_mbi.c
index ad3cc292f..a67d9d0a8 100644
--- a/grub-core/loader/i386/multiboot_mbi.c
+++ b/grub-core/loader/i386/multiboot_mbi.c
@@ -466,10 +466,9 @@ grub_multiboot_make_mbi (grub_uint32_t *target)
bufsize = grub_multiboot_get_mbi_size ();
- err = grub_relocator_alloc_chunk_align (grub_multiboot_relocator, &ch,
- 0x10000, 0xa0000 - bufsize,
- bufsize, 4,
- GRUB_RELOCATOR_PREFERENCE_NONE, 0);
+ err = grub_relocator_alloc_chunk_align_safe (grub_multiboot_relocator, &ch,
+ 0x10000, 0xa0000, bufsize, 4,
+ GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
return err;
ptrorig = get_virtual_current_address (ch);
diff --git a/grub-core/loader/i386/pc/linux.c b/grub-core/loader/i386/pc/linux.c
index 31f09922b..5fed5ffdf 100644
--- a/grub-core/loader/i386/pc/linux.c
+++ b/grub-core/loader/i386/pc/linux.c
@@ -453,10 +453,8 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- addr_min, addr_max - size,
- size, 0x1000,
- GRUB_RELOCATOR_PREFERENCE_HIGH, 0);
+ err = grub_relocator_alloc_chunk_align_safe (relocator, &ch, addr_min, addr_max, size,
+ 0x1000, GRUB_RELOCATOR_PREFERENCE_HIGH, 0);
if (err)
return err;
initrd_chunk = get_virtual_current_address (ch);
diff --git a/grub-core/loader/mips/linux.c b/grub-core/loader/mips/linux.c
index 7b723bf18..e4ed95921 100644
--- a/grub-core/loader/mips/linux.c
+++ b/grub-core/loader/mips/linux.c
@@ -442,12 +442,9 @@ grub_cmd_initrd (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
- err = grub_relocator_alloc_chunk_align (relocator, &ch,
- (target_addr & 0x1fffffff)
- + linux_size + 0x10000,
- (0x10000000 - size),
- size, 0x10000,
- GRUB_RELOCATOR_PREFERENCE_NONE, 0);
+ err = grub_relocator_alloc_chunk_align_safe (relocator, &ch, (target_addr & 0x1fffffff) +
+ linux_size + 0x10000, 0x10000000, size,
+ 0x10000, GRUB_RELOCATOR_PREFERENCE_NONE, 0);
if (err)
goto fail;
diff --git a/grub-core/loader/multiboot.c b/grub-core/loader/multiboot.c
index 4a98d7082..facb13f3d 100644
--- a/grub-core/loader/multiboot.c
+++ b/grub-core/loader/multiboot.c
@@ -403,7 +403,7 @@ grub_cmd_module (grub_command_t cmd __attribute__ ((unused)),
{
grub_relocator_chunk_t ch;
err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch,
- lowest_addr, (0xffffffff - size) + 1,
+ lowest_addr, UP_TO_TOP32 (size),
size, MULTIBOOT_MOD_ALIGN,
GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
diff --git a/grub-core/loader/multiboot_elfxx.c b/grub-core/loader/multiboot_elfxx.c
index cc6853692..f2318e0d1 100644
--- a/grub-core/loader/multiboot_elfxx.c
+++ b/grub-core/loader/multiboot_elfxx.c
@@ -109,10 +109,10 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
if (load_size > mld->max_addr || mld->min_addr > mld->max_addr - load_size)
return grub_error (GRUB_ERR_BAD_OS, "invalid min/max address and/or load size");
- err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch,
- mld->min_addr, mld->max_addr - load_size,
- load_size, mld->align ? mld->align : 1,
- mld->preference, mld->avoid_efi_boot_services);
+ err = grub_relocator_alloc_chunk_align_safe (GRUB_MULTIBOOT (relocator), &ch,
+ mld->min_addr, mld->max_addr,
+ load_size, mld->align ? mld->align : 1,
+ mld->preference, mld->avoid_efi_boot_services);
if (err)
{
@@ -256,7 +256,7 @@ CONCAT(grub_multiboot_load_elf, XX) (mbi_load_data_t *mld)
continue;
err = grub_relocator_alloc_chunk_align (GRUB_MULTIBOOT (relocator), &ch, 0,
- (0xffffffff - sh->sh_size) + 1,
+ UP_TO_TOP32 (sh->sh_size),
sh->sh_size, sh->sh_addralign,
GRUB_RELOCATOR_PREFERENCE_NONE,
mld->avoid_efi_boot_services);
diff --git a/grub-core/loader/multiboot_mbi2.c b/grub-core/loader/multiboot_mbi2.c
index 0efc66062..03967839c 100644
--- a/grub-core/loader/multiboot_mbi2.c
+++ b/grub-core/loader/multiboot_mbi2.c
@@ -295,10 +295,10 @@ grub_multiboot2_load (grub_file_t file, const char *filename)
return grub_error (GRUB_ERR_BAD_OS, "invalid min/max address and/or load size");
}
- err = grub_relocator_alloc_chunk_align (grub_multiboot2_relocator, &ch,
- mld.min_addr, mld.max_addr - code_size,
- code_size, mld.align ? mld.align : 1,
- mld.preference, keep_bs);
+ err = grub_relocator_alloc_chunk_align_safe (grub_multiboot2_relocator, &ch,
+ mld.min_addr, mld.max_addr,
+ code_size, mld.align ? mld.align : 1,
+ mld.preference, keep_bs);
}
else
err = grub_relocator_alloc_chunk_addr (grub_multiboot2_relocator,
@@ -708,7 +708,7 @@ grub_multiboot2_make_mbi (grub_uint32_t *target)
COMPILE_TIME_ASSERT (MULTIBOOT_TAG_ALIGN % sizeof (grub_properly_aligned_t) == 0);
err = grub_relocator_alloc_chunk_align (grub_multiboot2_relocator, &ch,
- 0, 0xffffffff - bufsize,
+ 0, UP_TO_TOP32 (bufsize),
bufsize, MULTIBOOT_TAG_ALIGN,
GRUB_RELOCATOR_PREFERENCE_NONE, 1);
if (err)
diff --git a/grub-core/loader/xnu_resume.c b/grub-core/loader/xnu_resume.c
index 8089804d4..d648ef0cd 100644
--- a/grub-core/loader/xnu_resume.c
+++ b/grub-core/loader/xnu_resume.c
@@ -129,7 +129,7 @@ grub_xnu_resume (char *imagename)
{
grub_relocator_chunk_t ch;
err = grub_relocator_alloc_chunk_align (grub_xnu_relocator, &ch, 0,
- (0xffffffff - hibhead.image_size) + 1,
+ UP_TO_TOP32 (hibhead.image_size),
hibhead.image_size,
GRUB_XNU_PAGESIZE,
GRUB_RELOCATOR_PREFERENCE_NONE, 0);
diff --git a/include/grub/relocator.h b/include/grub/relocator.h
index 24d8672d2..1b3bdd92a 100644
--- a/include/grub/relocator.h
+++ b/include/grub/relocator.h
@@ -49,6 +49,35 @@ grub_relocator_alloc_chunk_align (struct grub_relocator *rel,
int preference,
int avoid_efi_boot_services);
+/*
+ * Wrapper for grub_relocator_alloc_chunk_align() with purpose of
+ * protecting against integer underflow.
+ *
+ * Compare to its callee, max_addr has different meaning here.
+ * It covers entire chunk and not just start address of the chunk.
+ */
+static inline grub_err_t
+grub_relocator_alloc_chunk_align_safe (struct grub_relocator *rel,
+ grub_relocator_chunk_t *out,
+ grub_phys_addr_t min_addr,
+ grub_phys_addr_t max_addr,
+ grub_size_t size, grub_size_t align,
+ int preference,
+ int avoid_efi_boot_services)
+{
+ /* Sanity check and ensure following equation (max_addr - size) is safe. */
+ if (max_addr < size || (max_addr - size) < min_addr)
+ return GRUB_ERR_OUT_OF_RANGE;
+
+ return grub_relocator_alloc_chunk_align (rel, out, min_addr,
+ max_addr - size,
+ size, align, preference,
+ avoid_efi_boot_services);
+}
+
+/* Top 32-bit address minus s bytes and plus 1 byte. */
+#define UP_TO_TOP32(s) ((~(s) & 0xffffffff) + 1)
+
#define GRUB_RELOCATOR_PREFERENCE_NONE 0
#define GRUB_RELOCATOR_PREFERENCE_LOW 1
#define GRUB_RELOCATOR_PREFERENCE_HIGH 2
--
2.26.2
@@ -0,0 +1,37 @@
From 73aa0776457066ee6ebc93486c3cf0e6b755d1b8 Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Fri, 10 Jul 2020 11:21:14 +0100
Subject: [PATCH] script: Remove unused fields from grub_script_function
struct
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
include/grub/script_sh.h | 5 -----
1 file changed, 5 deletions(-)
diff --git a/include/grub/script_sh.h b/include/grub/script_sh.h
index 360c2be1f..b382bcf09 100644
--- a/include/grub/script_sh.h
+++ b/include/grub/script_sh.h
@@ -359,13 +359,8 @@ struct grub_script_function
/* The script function. */
struct grub_script *func;
- /* The flags. */
- unsigned flags;
-
/* The next element. */
struct grub_script_function *next;
-
- int references;
};
typedef struct grub_script_function *grub_script_function_t;
--
2.26.2
@@ -0,0 +1,113 @@
From 26349fcf80982b4d0120b73b2836e88bcf16853c Mon Sep 17 00:00:00 2001
From: Chris Coulson <chris.coulson@canonical.com>
Date: Fri, 10 Jul 2020 14:41:45 +0100
Subject: [PATCH] script: Avoid a use-after-free when redefining a
function during execution
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Defining a new function with the same name as a previously defined
function causes the grub_script and associated resources for the
previous function to be freed. If the previous function is currently
executing when a function with the same name is defined, this results
in use-after-frees when processing subsequent commands in the original
function.
Instead, reject a new function definition if it has the same name as
a previously defined function, and that function is currently being
executed. Although a behavioural change, this should be backwards
compatible with existing configurations because they can't be
dependent on the current behaviour without being broken.
Fixes: CVE-2020-15706
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/script/execute.c | 2 ++
grub-core/script/function.c | 16 +++++++++++++---
grub-core/script/parser.y | 3 ++-
include/grub/script_sh.h | 2 ++
4 files changed, 19 insertions(+), 4 deletions(-)
diff --git a/grub-core/script/execute.c b/grub-core/script/execute.c
index c8d6806fe..7e028e135 100644
--- a/grub-core/script/execute.c
+++ b/grub-core/script/execute.c
@@ -838,7 +838,9 @@ grub_script_function_call (grub_script_function_t func, int argc, char **args)
old_scope = scope;
scope = &new_scope;
+ func->executing++;
ret = grub_script_execute (func->func);
+ func->executing--;
function_return = 0;
active_loops = loops;
diff --git a/grub-core/script/function.c b/grub-core/script/function.c
index d36655e51..3aad04bf9 100644
--- a/grub-core/script/function.c
+++ b/grub-core/script/function.c
@@ -34,6 +34,7 @@ grub_script_function_create (struct grub_script_arg *functionname_arg,
func = (grub_script_function_t) grub_malloc (sizeof (*func));
if (! func)
return 0;
+ func->executing = 0;
func->name = grub_strdup (functionname_arg->str);
if (! func->name)
@@ -60,10 +61,19 @@ grub_script_function_create (struct grub_script_arg *functionname_arg,
grub_script_function_t q;
q = *p;
- grub_script_free (q->func);
- q->func = cmd;
grub_free (func);
- func = q;
+ if (q->executing > 0)
+ {
+ grub_error (GRUB_ERR_BAD_ARGUMENT,
+ N_("attempt to redefine a function being executed"));
+ func = NULL;
+ }
+ else
+ {
+ grub_script_free (q->func);
+ q->func = cmd;
+ func = q;
+ }
}
else
{
diff --git a/grub-core/script/parser.y b/grub-core/script/parser.y
index 4f0ab8319..f80b86b6f 100644
--- a/grub-core/script/parser.y
+++ b/grub-core/script/parser.y
@@ -289,7 +289,8 @@ function: "function" "name"
grub_script_mem_free (state->func_mem);
else {
script->children = state->scripts;
- grub_script_function_create ($2, script);
+ if (!grub_script_function_create ($2, script))
+ grub_script_free (script);
}
state->scripts = $<scripts>3;
diff --git a/include/grub/script_sh.h b/include/grub/script_sh.h
index b382bcf09..6c48e0751 100644
--- a/include/grub/script_sh.h
+++ b/include/grub/script_sh.h
@@ -361,6 +361,8 @@ struct grub_script_function
/* The next element. */
struct grub_script_function *next;
+
+ unsigned executing;
};
typedef struct grub_script_function *grub_script_function_t;
--
2.26.2
@@ -0,0 +1,49 @@
From 06aa91f79f902752cb7e5d22ac0ea8e13bffd056 Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Fri, 17 Jul 2020 05:17:26 +0000
Subject: [PATCH] relocator: Fix grub_relocator_alloc_chunk_align() top
memory allocation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Current implementation of grub_relocator_alloc_chunk_align()
does not allow allocation of the top byte.
Assuming input args are:
max_addr = 0xfffff000;
size = 0x1000;
And this is valid. But following overflow protection will
unnecessarily move max_addr one byte down (to 0xffffefff):
if (max_addr > ~size)
max_addr = ~size;
~size + 1 will fix the situation. In addition, check size
for non zero to do not zero max_addr.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/lib/relocator.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/grub-core/lib/relocator.c b/grub-core/lib/relocator.c
index 5847aac36..f2c1944c2 100644
--- a/grub-core/lib/relocator.c
+++ b/grub-core/lib/relocator.c
@@ -1386,8 +1386,8 @@ grub_relocator_alloc_chunk_align (struct grub_relocator *rel,
};
grub_addr_t min_addr2 = 0, max_addr2;
- if (max_addr > ~size)
- max_addr = ~size;
+ if (size && (max_addr > ~size))
+ max_addr = ~size + 1;
#ifdef GRUB_MACHINE_PCBIOS
if (min_addr < 0x1000)
--
2.26.2
@@ -0,0 +1,61 @@
From feec993673d8e13fcf22fe2389ac29222b6daebd Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 14:43:31 -0400
Subject: [PATCH] hfsplus: Fix two more overflows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Both node->size and node->namelen come from the supplied filesystem,
which may be user-supplied. We can't trust them for the math unless we
know they don't overflow. Making sure they go through grub_add() or
grub_calloc() first will give us that.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/fs/hfsplus.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/grub-core/fs/hfsplus.c b/grub-core/fs/hfsplus.c
index dae43becc..9c4e4c88c 100644
--- a/grub-core/fs/hfsplus.c
+++ b/grub-core/fs/hfsplus.c
@@ -31,6 +31,7 @@
#include <grub/hfs.h>
#include <grub/charset.h>
#include <grub/hfsplus.h>
+#include <grub/safemath.h>
GRUB_MOD_LICENSE ("GPLv3+");
@@ -475,8 +476,12 @@ grub_hfsplus_read_symlink (grub_fshelp_node_t node)
{
char *symlink;
grub_ssize_t numread;
+ grub_size_t sz = node->size;
- symlink = grub_malloc (node->size + 1);
+ if (grub_add (sz, 1, &sz))
+ return NULL;
+
+ symlink = grub_malloc (sz);
if (!symlink)
return 0;
@@ -715,8 +720,8 @@ list_nodes (void *record, void *hook_arg)
if (type == GRUB_FSHELP_UNKNOWN)
return 0;
- filename = grub_malloc (grub_be_to_cpu16 (catkey->namelen)
- * GRUB_MAX_UTF8_PER_UTF16 + 1);
+ filename = grub_calloc (grub_be_to_cpu16 (catkey->namelen),
+ GRUB_MAX_UTF8_PER_UTF16 + 1);
if (! filename)
return 0;
--
2.26.2
@@ -0,0 +1,116 @@
From a1845e90fc19fb5e904091bad8a378f458798e4a Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 15:48:20 -0400
Subject: [PATCH] lvm: Fix two more potential data-dependent alloc
overflows
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
It appears to be possible to make a (possibly invalid) lvm PV with
a metadata size field that overflows our type when adding it to the
address we've allocated. Even if it doesn't, it may be possible to do so
with the math using the outcome of that as an operand. Check them both.
Signed-off-by: Peter Jones <pjones@redhat.com>
Signed-off-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/disk/lvm.c | 48 ++++++++++++++++++++++++++++++++++++--------
1 file changed, 40 insertions(+), 8 deletions(-)
diff --git a/grub-core/disk/lvm.c b/grub-core/disk/lvm.c
index d1df640b3..139fafd47 100644
--- a/grub-core/disk/lvm.c
+++ b/grub-core/disk/lvm.c
@@ -25,6 +25,7 @@
#include <grub/lvm.h>
#include <grub/partition.h>
#include <grub/i18n.h>
+#include <grub/safemath.h>
#ifdef GRUB_UTIL
#include <grub/emu/misc.h>
@@ -102,10 +103,11 @@ grub_lvm_detect (grub_disk_t disk,
{
grub_err_t err;
grub_uint64_t mda_offset, mda_size;
+ grub_size_t ptr;
char buf[GRUB_LVM_LABEL_SIZE];
char vg_id[GRUB_LVM_ID_STRLEN+1];
char pv_id[GRUB_LVM_ID_STRLEN+1];
- char *metadatabuf, *p, *q, *vgname;
+ char *metadatabuf, *p, *q, *mda_end, *vgname;
struct grub_lvm_label_header *lh = (struct grub_lvm_label_header *) buf;
struct grub_lvm_pv_header *pvh;
struct grub_lvm_disk_locn *dlocn;
@@ -205,19 +207,31 @@ grub_lvm_detect (grub_disk_t disk,
grub_le_to_cpu64 (rlocn->size) -
grub_le_to_cpu64 (mdah->size));
}
- p = q = metadatabuf + grub_le_to_cpu64 (rlocn->offset);
- while (*q != ' ' && q < metadatabuf + mda_size)
- q++;
-
- if (q == metadatabuf + mda_size)
+ if (grub_add ((grub_size_t)metadatabuf,
+ (grub_size_t)grub_le_to_cpu64 (rlocn->offset),
+ &ptr))
{
+ error_parsing_metadata:
#ifdef GRUB_UTIL
grub_util_info ("error parsing metadata");
#endif
goto fail2;
}
+ p = q = (char *)ptr;
+
+ if (grub_add ((grub_size_t)metadatabuf, (grub_size_t)mda_size, &ptr))
+ goto error_parsing_metadata;
+
+ mda_end = (char *)ptr;
+
+ while (*q != ' ' && q < mda_end)
+ q++;
+
+ if (q == mda_end)
+ goto error_parsing_metadata;
+
vgname_len = q - p;
vgname = grub_malloc (vgname_len + 1);
if (!vgname)
@@ -367,8 +381,26 @@ grub_lvm_detect (grub_disk_t disk,
{
const char *iptr;
char *optr;
- lv->fullname = grub_malloc (sizeof ("lvm/") - 1 + 2 * vgname_len
- + 1 + 2 * s + 1);
+
+ /*
+ * This is kind of hard to read with our safe (but rather
+ * baroque) math primatives, but it boils down to:
+ *
+ * sz0 = vgname_len * 2 + 1 +
+ * s * 2 + 1 +
+ * sizeof ("lvm/") - 1;
+ */
+ grub_size_t sz0 = vgname_len, sz1 = s;
+
+ if (grub_mul (sz0, 2, &sz0) ||
+ grub_add (sz0, 1, &sz0) ||
+ grub_mul (sz1, 2, &sz1) ||
+ grub_add (sz1, 1, &sz1) ||
+ grub_add (sz0, sz1, &sz0) ||
+ grub_add (sz0, sizeof ("lvm/") - 1, &sz0))
+ goto lvs_fail;
+
+ lv->fullname = grub_malloc (sz0);
if (!lv->fullname)
goto lvs_fail;
--
2.26.2
@@ -0,0 +1,38 @@
From 320e86747a32e4d46d24ee4b64493741c161da50 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 16:08:08 -0400
Subject: [PATCH] emu: Make grub_free(NULL) safe
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
The grub_free() implementation in grub-core/kern/mm.c safely handles
NULL pointers, and code at many places depends on this. We don't know
that the same is true on all host OSes, so we need to handle the same
behavior in grub-emu's implementation.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/emu/mm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/grub-core/kern/emu/mm.c b/grub-core/kern/emu/mm.c
index 145b01d37..4d1046a21 100644
--- a/grub-core/kern/emu/mm.c
+++ b/grub-core/kern/emu/mm.c
@@ -60,7 +60,8 @@ grub_zalloc (grub_size_t size)
void
grub_free (void *ptr)
{
- free (ptr);
+ if (ptr)
+ free (ptr);
}
void *
--
2.26.2
@@ -0,0 +1,239 @@
From c330aa099a38bc5c4d3066954fe35767cc06adb1 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Sun, 19 Jul 2020 16:53:27 -0400
Subject: [PATCH] efi: Fix some malformed device path arithmetic errors
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Several places we take the length of a device path and subtract 4 from
it, without ever checking that it's >= 4. There are also cases where
this kind of malformation will result in unpredictable iteration,
including treating the length from one dp node as the type in the next
node. These are all errors, no matter where the data comes from.
This patch adds a checking macro, GRUB_EFI_DEVICE_PATH_VALID(), which
can be used in several places, and makes GRUB_EFI_NEXT_DEVICE_PATH()
return NULL and GRUB_EFI_END_ENTIRE_DEVICE_PATH() evaluate as true when
the length is too small. Additionally, it makes several places in the
code check for and return errors in these cases.
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/efi/efi.c | 64 +++++++++++++++++++++++++-----
grub-core/loader/efi/chainloader.c | 13 +++++-
grub-core/loader/i386/xnu.c | 9 +++--
include/grub/efi/api.h | 14 ++++---
4 files changed, 79 insertions(+), 21 deletions(-)
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index dc31caa21..c97969a65 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -332,7 +332,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
dp = dp0;
- while (1)
+ while (dp)
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -342,9 +342,15 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
if (type == GRUB_EFI_MEDIA_DEVICE_PATH_TYPE
&& subtype == GRUB_EFI_FILE_PATH_DEVICE_PATH_SUBTYPE)
{
- grub_efi_uint16_t len;
- len = ((GRUB_EFI_DEVICE_PATH_LENGTH (dp) - 4)
- / sizeof (grub_efi_char16_t));
+ grub_efi_uint16_t len = GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+ len = (len - 4) / sizeof (grub_efi_char16_t);
filesize += GRUB_MAX_UTF8_PER_UTF16 * len + 2;
}
@@ -360,7 +366,7 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
if (!name)
return NULL;
- while (1)
+ while (dp)
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -376,8 +382,15 @@ grub_efi_get_filename (grub_efi_device_path_t *dp0)
*p++ = '/';
- len = ((GRUB_EFI_DEVICE_PATH_LENGTH (dp) - 4)
- / sizeof (grub_efi_char16_t));
+ len = GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ len = (len - 4) / sizeof (grub_efi_char16_t);
fp = (grub_efi_file_path_device_path_t *) dp;
/* According to EFI spec Path Name is NULL terminated */
while (len > 0 && fp->path_name[len - 1] == 0)
@@ -452,7 +465,26 @@ grub_efi_duplicate_device_path (const grub_efi_device_path_t *dp)
;
p = GRUB_EFI_NEXT_DEVICE_PATH (p))
{
- total_size += GRUB_EFI_DEVICE_PATH_LENGTH (p);
+ grub_size_t len = GRUB_EFI_DEVICE_PATH_LENGTH (p);
+
+ /*
+ * In the event that we find a node that's completely garbage, for
+ * example if we get to 0x7f 0x01 0x02 0x00 ... (EndInstance with a size
+ * of 2), GRUB_EFI_END_ENTIRE_DEVICE_PATH() will be true and
+ * GRUB_EFI_NEXT_DEVICE_PATH() will return NULL, so we won't continue,
+ * and neither should our consumers, but there won't be any error raised
+ * even though the device path is junk.
+ *
+ * This keeps us from passing junk down back to our caller.
+ */
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ total_size += len;
if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (p))
break;
}
@@ -497,7 +529,7 @@ dump_vendor_path (const char *type, grub_efi_vendor_device_path_t *vendor)
void
grub_efi_print_device_path (grub_efi_device_path_t *dp)
{
- while (1)
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp))
{
grub_efi_uint8_t type = GRUB_EFI_DEVICE_PATH_TYPE (dp);
grub_efi_uint8_t subtype = GRUB_EFI_DEVICE_PATH_SUBTYPE (dp);
@@ -909,7 +941,10 @@ grub_efi_compare_device_paths (const grub_efi_device_path_t *dp1,
/* Return non-zero. */
return 1;
- while (1)
+ if (dp1 == dp2)
+ return 0;
+
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp1) && GRUB_EFI_DEVICE_PATH_VALID (dp2))
{
grub_efi_uint8_t type1, type2;
grub_efi_uint8_t subtype1, subtype2;
@@ -945,5 +980,14 @@ grub_efi_compare_device_paths (const grub_efi_device_path_t *dp1,
dp2 = (grub_efi_device_path_t *) ((char *) dp2 + len2);
}
+ /*
+ * There's no "right" answer here, but we probably don't want to call a valid
+ * dp and an invalid dp equal, so pick one way or the other.
+ */
+ if (GRUB_EFI_DEVICE_PATH_VALID (dp1) && !GRUB_EFI_DEVICE_PATH_VALID (dp2))
+ return 1;
+ else if (!GRUB_EFI_DEVICE_PATH_VALID (dp1) && GRUB_EFI_DEVICE_PATH_VALID (dp2))
+ return -1;
+
return 0;
}
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index daf8c6b54..a8d7b9155 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -156,9 +156,18 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
size = 0;
d = dp;
- while (1)
+ while (d)
{
- size += GRUB_EFI_DEVICE_PATH_LENGTH (d);
+ grub_size_t len = GRUB_EFI_DEVICE_PATH_LENGTH (d);
+
+ if (len < 4)
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE,
+ "malformed EFI Device Path node has length=%d", len);
+ return NULL;
+ }
+
+ size += len;
if ((GRUB_EFI_END_ENTIRE_DEVICE_PATH (d)))
break;
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
diff --git a/grub-core/loader/i386/xnu.c b/grub-core/loader/i386/xnu.c
index e9e119259..a70093607 100644
--- a/grub-core/loader/i386/xnu.c
+++ b/grub-core/loader/i386/xnu.c
@@ -515,14 +515,15 @@ grub_cmd_devprop_load (grub_command_t cmd __attribute__ ((unused)),
devhead = buf;
buf = devhead + 1;
- dpstart = buf;
+ dp = dpstart = buf;
- do
+ while (GRUB_EFI_DEVICE_PATH_VALID (dp) && buf < bufend)
{
- dp = buf;
buf = (char *) buf + GRUB_EFI_DEVICE_PATH_LENGTH (dp);
+ if (GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp))
+ break;
+ dp = buf;
}
- while (!GRUB_EFI_END_ENTIRE_DEVICE_PATH (dp) && buf < bufend);
dev = grub_xnu_devprop_add_device (dpstart, (char *) buf
- (char *) dpstart);
diff --git a/include/grub/efi/api.h b/include/grub/efi/api.h
index addcbfa8f..cf1355a8c 100644
--- a/include/grub/efi/api.h
+++ b/include/grub/efi/api.h
@@ -625,6 +625,7 @@ typedef struct grub_efi_device_path grub_efi_device_path_protocol_t;
#define GRUB_EFI_DEVICE_PATH_TYPE(dp) ((dp)->type & 0x7f)
#define GRUB_EFI_DEVICE_PATH_SUBTYPE(dp) ((dp)->subtype)
#define GRUB_EFI_DEVICE_PATH_LENGTH(dp) ((dp)->length)
+#define GRUB_EFI_DEVICE_PATH_VALID(dp) ((dp) != NULL && GRUB_EFI_DEVICE_PATH_LENGTH (dp) >= 4)
/* The End of Device Path nodes. */
#define GRUB_EFI_END_DEVICE_PATH_TYPE (0xff & 0x7f)
@@ -633,13 +634,16 @@ typedef struct grub_efi_device_path grub_efi_device_path_protocol_t;
#define GRUB_EFI_END_THIS_DEVICE_PATH_SUBTYPE 0x01
#define GRUB_EFI_END_ENTIRE_DEVICE_PATH(dp) \
- (GRUB_EFI_DEVICE_PATH_TYPE (dp) == GRUB_EFI_END_DEVICE_PATH_TYPE \
- && (GRUB_EFI_DEVICE_PATH_SUBTYPE (dp) \
- == GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE))
+ (!GRUB_EFI_DEVICE_PATH_VALID (dp) || \
+ (GRUB_EFI_DEVICE_PATH_TYPE (dp) == GRUB_EFI_END_DEVICE_PATH_TYPE \
+ && (GRUB_EFI_DEVICE_PATH_SUBTYPE (dp) \
+ == GRUB_EFI_END_ENTIRE_DEVICE_PATH_SUBTYPE)))
#define GRUB_EFI_NEXT_DEVICE_PATH(dp) \
- ((grub_efi_device_path_t *) ((char *) (dp) \
- + GRUB_EFI_DEVICE_PATH_LENGTH (dp)))
+ (GRUB_EFI_DEVICE_PATH_VALID (dp) \
+ ? ((grub_efi_device_path_t *) \
+ ((char *) (dp) + GRUB_EFI_DEVICE_PATH_LENGTH (dp))) \
+ : NULL)
/* Hardware Device Path. */
#define GRUB_EFI_HARDWARE_DEVICE_PATH_TYPE 1
--
2.26.2
@@ -0,0 +1,78 @@
From fb55bc37dd510911df4eaf649da939f5fafdc7ce Mon Sep 17 00:00:00 2001
From: Daniel Kiper <daniel.kiper@oracle.com>
Date: Wed, 29 Jul 2020 13:38:31 +0200
Subject: [PATCH] efi/chainloader: Propagate errors from copy_file_path()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Without any error propagated to the caller, make_file_path()
would then try to advance the invalid device path node with
GRUB_EFI_NEXT_DEVICE_PATH(), which would fail, returning a NULL
pointer that would subsequently be dereferenced. Hence, propagate
errors from copy_file_path().
Signed-off-by: Chris Coulson <chris.coulson@canonical.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/efi/chainloader.c | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/grub-core/loader/efi/chainloader.c b/grub-core/loader/efi/chainloader.c
index a8d7b9155..7b31c3fb9 100644
--- a/grub-core/loader/efi/chainloader.c
+++ b/grub-core/loader/efi/chainloader.c
@@ -106,7 +106,7 @@ grub_chainloader_boot (void)
return grub_errno;
}
-static void
+static grub_err_t
copy_file_path (grub_efi_file_path_device_path_t *fp,
const char *str, grub_efi_uint16_t len)
{
@@ -118,7 +118,7 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
path_name = grub_calloc (len, GRUB_MAX_UTF16_PER_UTF8 * sizeof (*path_name));
if (!path_name)
- return;
+ return grub_error (GRUB_ERR_OUT_OF_MEMORY, "failed to allocate path buffer");
size = grub_utf8_to_utf16 (path_name, len * GRUB_MAX_UTF16_PER_UTF8,
(const grub_uint8_t *) str, len, 0);
@@ -131,6 +131,7 @@ copy_file_path (grub_efi_file_path_device_path_t *fp,
fp->path_name[size++] = '\0';
fp->header.length = size * sizeof (grub_efi_char16_t) + sizeof (*fp);
grub_free (path_name);
+ return GRUB_ERR_NONE;
}
static grub_efi_device_path_t *
@@ -189,13 +190,19 @@ make_file_path (grub_efi_device_path_t *dp, const char *filename)
d = (grub_efi_device_path_t *) ((char *) file_path
+ ((char *) d - (char *) dp));
grub_efi_print_device_path (d);
- copy_file_path ((grub_efi_file_path_device_path_t *) d,
- dir_start, dir_end - dir_start);
+ if (copy_file_path ((grub_efi_file_path_device_path_t *) d,
+ dir_start, dir_end - dir_start) != GRUB_ERR_NONE)
+ {
+ fail:
+ grub_free (file_path);
+ return 0;
+ }
/* Fill the file path for the file. */
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
- copy_file_path ((grub_efi_file_path_device_path_t *) d,
- dir_end + 1, grub_strlen (dir_end + 1));
+ if (copy_file_path ((grub_efi_file_path_device_path_t *) d,
+ dir_end + 1, grub_strlen (dir_end + 1)) != GRUB_ERR_NONE)
+ goto fail;
/* Fill the end of device path nodes. */
d = GRUB_EFI_NEXT_DEVICE_PATH (d);
--
2.26.2
@@ -0,0 +1,183 @@
From 8a6d6299efcffd14c1130942195e6c0d9b50cacd Mon Sep 17 00:00:00 2001
From: Alexey Makhalov <amakhalov@vmware.com>
Date: Mon, 20 Jul 2020 23:03:05 +0000
Subject: [PATCH] efi: Fix use-after-free in halt/reboot path
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
commit 92bfc33db984 ("efi: Free malloc regions on exit")
introduced memory freeing in grub_efi_fini(), which is
used not only by exit path but by halt/reboot one as well.
As result of memory freeing, code and data regions used by
modules, such as halt, reboot, acpi (used by halt) also got
freed. After return to module code, CPU executes, filled
by UEFI firmware (tested with edk2), 0xAFAFAFAF pattern as
a code. Which leads to #UD exception later.
grub> halt
!!!! X64 Exception Type - 06(#UD - Invalid Opcode) CPU Apic ID - 00000000 !!!!
RIP - 0000000003F4EC28, CS - 0000000000000038, RFLAGS - 0000000000200246
RAX - 0000000000000000, RCX - 00000000061DA188, RDX - 0A74C0854DC35D41
RBX - 0000000003E10E08, RSP - 0000000007F0F860, RBP - 0000000000000000
RSI - 00000000064DB768, RDI - 000000000832C5C3
R8 - 0000000000000002, R9 - 0000000000000000, R10 - 00000000061E2E52
R11 - 0000000000000020, R12 - 0000000003EE5C1F, R13 - 00000000061E0FF4
R14 - 0000000003E10D80, R15 - 00000000061E2F60
DS - 0000000000000030, ES - 0000000000000030, FS - 0000000000000030
GS - 0000000000000030, SS - 0000000000000030
CR0 - 0000000080010033, CR2 - 0000000000000000, CR3 - 0000000007C01000
CR4 - 0000000000000668, CR8 - 0000000000000000
DR0 - 0000000000000000, DR1 - 0000000000000000, DR2 - 0000000000000000
DR3 - 0000000000000000, DR6 - 00000000FFFF0FF0, DR7 - 0000000000000400
GDTR - 00000000079EEA98 0000000000000047, LDTR - 0000000000000000
IDTR - 0000000007598018 0000000000000FFF, TR - 0000000000000000
FXSAVE_STATE - 0000000007F0F4C0
Proposal here is to continue to free allocated memory for
exit boot services path but keep it for halt/reboot path
as it won't be much security concern here.
Introduced GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY
loader flag to be used by efi halt/reboot path.
Signed-off-by: Alexey Makhalov <amakhalov@vmware.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/kern/arm/efi/init.c | 3 +++
grub-core/kern/arm64/efi/init.c | 3 +++
grub-core/kern/efi/efi.c | 3 ++-
grub-core/kern/efi/init.c | 1 -
grub-core/kern/i386/efi/init.c | 9 +++++++--
grub-core/kern/ia64/efi/init.c | 9 +++++++--
grub-core/kern/riscv/efi/init.c | 3 +++
grub-core/lib/efi/halt.c | 3 ++-
include/grub/loader.h | 1 +
9 files changed, 28 insertions(+), 7 deletions(-)
diff --git a/grub-core/kern/arm/efi/init.c b/grub-core/kern/arm/efi/init.c
index 06df60e2f..40c3b467f 100644
--- a/grub-core/kern/arm/efi/init.c
+++ b/grub-core/kern/arm/efi/init.c
@@ -71,4 +71,7 @@ grub_machine_fini (int flags)
efi_call_1 (b->close_event, tmr_evt);
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/arm64/efi/init.c b/grub-core/kern/arm64/efi/init.c
index 6224999ec..5010caefd 100644
--- a/grub-core/kern/arm64/efi/init.c
+++ b/grub-core/kern/arm64/efi/init.c
@@ -57,4 +57,7 @@ grub_machine_fini (int flags)
return;
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/efi/efi.c b/grub-core/kern/efi/efi.c
index c97969a65..9cfd88d77 100644
--- a/grub-core/kern/efi/efi.c
+++ b/grub-core/kern/efi/efi.c
@@ -157,7 +157,8 @@ grub_efi_get_loaded_image (grub_efi_handle_t image_handle)
void
grub_reboot (void)
{
- grub_machine_fini (GRUB_LOADER_FLAG_NORETURN);
+ grub_machine_fini (GRUB_LOADER_FLAG_NORETURN |
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY);
efi_call_4 (grub_efi_system_table->runtime_services->reset_system,
GRUB_EFI_RESET_COLD, GRUB_EFI_SUCCESS, 0, NULL);
for (;;) ;
diff --git a/grub-core/kern/efi/init.c b/grub-core/kern/efi/init.c
index 3dfdf2d22..2c31847bf 100644
--- a/grub-core/kern/efi/init.c
+++ b/grub-core/kern/efi/init.c
@@ -80,5 +80,4 @@ grub_efi_fini (void)
{
grub_efidisk_fini ();
grub_console_fini ();
- grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/i386/efi/init.c b/grub-core/kern/i386/efi/init.c
index da499aba0..deb2eacd8 100644
--- a/grub-core/kern/i386/efi/init.c
+++ b/grub-core/kern/i386/efi/init.c
@@ -39,6 +39,11 @@ grub_machine_init (void)
void
grub_machine_fini (int flags)
{
- if (flags & GRUB_LOADER_FLAG_NORETURN)
- grub_efi_fini ();
+ if (!(flags & GRUB_LOADER_FLAG_NORETURN))
+ return;
+
+ grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/ia64/efi/init.c b/grub-core/kern/ia64/efi/init.c
index b5ecbd091..f1965571b 100644
--- a/grub-core/kern/ia64/efi/init.c
+++ b/grub-core/kern/ia64/efi/init.c
@@ -70,6 +70,11 @@ grub_machine_init (void)
void
grub_machine_fini (int flags)
{
- if (flags & GRUB_LOADER_FLAG_NORETURN)
- grub_efi_fini ();
+ if (!(flags & GRUB_LOADER_FLAG_NORETURN))
+ return;
+
+ grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/kern/riscv/efi/init.c b/grub-core/kern/riscv/efi/init.c
index 7eb1969d0..38795fe67 100644
--- a/grub-core/kern/riscv/efi/init.c
+++ b/grub-core/kern/riscv/efi/init.c
@@ -73,4 +73,7 @@ grub_machine_fini (int flags)
return;
grub_efi_fini ();
+
+ if (!(flags & GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY))
+ grub_efi_memory_fini ();
}
diff --git a/grub-core/lib/efi/halt.c b/grub-core/lib/efi/halt.c
index 5859f0498..29d413641 100644
--- a/grub-core/lib/efi/halt.c
+++ b/grub-core/lib/efi/halt.c
@@ -28,7 +28,8 @@
void
grub_halt (void)
{
- grub_machine_fini (GRUB_LOADER_FLAG_NORETURN);
+ grub_machine_fini (GRUB_LOADER_FLAG_NORETURN |
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY);
#if !defined(__ia64__) && !defined(__arm__) && !defined(__aarch64__) && \
!defined(__riscv)
grub_acpi_halt ();
diff --git a/include/grub/loader.h b/include/grub/loader.h
index 7f82a499f..b20864282 100644
--- a/include/grub/loader.h
+++ b/include/grub/loader.h
@@ -33,6 +33,7 @@ enum
{
GRUB_LOADER_FLAG_NORETURN = 1,
GRUB_LOADER_FLAG_PXE_NOT_UNLOAD = 2,
+ GRUB_LOADER_FLAG_EFI_KEEP_ALLOCATED_MEMORY = 4,
};
void EXPORT_FUNC (grub_loader_set) (grub_err_t (*boot) (void),
--
2.26.2
@@ -0,0 +1,32 @@
From a2a7464e9f10a677d6f91e1c4fa527d084c22e7c Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Fri, 24 Jul 2020 13:57:27 -0400
Subject: [PATCH] loader/linux: Avoid overflow on initrd size calculation
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Peter Jones <pjones@redhat.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/linux.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index 471b214d6..4cd8c20c7 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -151,8 +151,7 @@ grub_initrd_init (int argc, char *argv[],
initrd_ctx->nfiles = 0;
initrd_ctx->components = 0;
- initrd_ctx->components = grub_zalloc (argc
- * sizeof (initrd_ctx->components[0]));
+ initrd_ctx->components = grub_calloc (argc, sizeof (initrd_ctx->components[0]));
if (!initrd_ctx->components)
return grub_errno;
--
2.26.2
@@ -0,0 +1,173 @@
From 0367e7d1b9bac3a78608a672bf6e4ace6a28b964 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sat, 25 Jul 2020 12:15:37 +0100
Subject: [PATCH] linux: Fix integer overflows in initrd size handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
These could be triggered by a crafted filesystem with very large files.
Fixes: CVE-2020-15707
Signed-off-by: Colin Watson <cjwatson@debian.org>
Reviewed-by: Jan Setje-Eilers <jan.setjeeilers@oracle.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Signed-off-by: Stefan Sørensen <stefan.sorensen@spectralink.com>
---
grub-core/loader/linux.c | 74 +++++++++++++++++++++++++++++-----------
1 file changed, 54 insertions(+), 20 deletions(-)
diff --git a/grub-core/loader/linux.c b/grub-core/loader/linux.c
index 4cd8c20c7..3fe390f17 100644
--- a/grub-core/loader/linux.c
+++ b/grub-core/loader/linux.c
@@ -4,6 +4,7 @@
#include <grub/misc.h>
#include <grub/file.h>
#include <grub/mm.h>
+#include <grub/safemath.h>
struct newc_head
{
@@ -98,13 +99,13 @@ free_dir (struct dir *root)
grub_free (root);
}
-static grub_size_t
+static grub_err_t
insert_dir (const char *name, struct dir **root,
- grub_uint8_t *ptr)
+ grub_uint8_t *ptr, grub_size_t *size)
{
struct dir *cur, **head = root;
const char *cb, *ce = name;
- grub_size_t size = 0;
+ *size = 0;
while (1)
{
for (cb = ce; *cb == '/'; cb++);
@@ -130,14 +131,22 @@ insert_dir (const char *name, struct dir **root,
ptr = make_header (ptr, name, ce - name,
040777, 0);
}
- size += ALIGN_UP ((ce - (char *) name)
- + sizeof (struct newc_head), 4);
+ if (grub_add (*size,
+ ALIGN_UP ((ce - (char *) name)
+ + sizeof (struct newc_head), 4),
+ size))
+ {
+ grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
+ grub_free (n->name);
+ grub_free (n);
+ return grub_errno;
+ }
*head = n;
cur = n;
}
root = &cur->next;
}
- return size;
+ return GRUB_ERR_NONE;
}
grub_err_t
@@ -172,26 +181,33 @@ grub_initrd_init (int argc, char *argv[],
eptr = grub_strchr (ptr, ':');
if (eptr)
{
+ grub_size_t dir_size, name_len;
+
initrd_ctx->components[i].newc_name = grub_strndup (ptr, eptr - ptr);
- if (!initrd_ctx->components[i].newc_name)
+ if (!initrd_ctx->components[i].newc_name ||
+ insert_dir (initrd_ctx->components[i].newc_name, &root, 0,
+ &dir_size))
{
grub_initrd_close (initrd_ctx);
return grub_errno;
}
- initrd_ctx->size
- += ALIGN_UP (sizeof (struct newc_head)
- + grub_strlen (initrd_ctx->components[i].newc_name),
- 4);
- initrd_ctx->size += insert_dir (initrd_ctx->components[i].newc_name,
- &root, 0);
+ name_len = grub_strlen (initrd_ctx->components[i].newc_name);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head) + name_len, 4),
+ &initrd_ctx->size) ||
+ grub_add (initrd_ctx->size, dir_size, &initrd_ctx->size))
+ goto overflow;
newc = 1;
fname = eptr + 1;
}
}
else if (newc)
{
- initrd_ctx->size += ALIGN_UP (sizeof (struct newc_head)
- + sizeof ("TRAILER!!!") - 1, 4);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head)
+ + sizeof ("TRAILER!!!") - 1, 4),
+ &initrd_ctx->size))
+ goto overflow;
free_dir (root);
root = 0;
newc = 0;
@@ -207,19 +223,29 @@ grub_initrd_init (int argc, char *argv[],
initrd_ctx->nfiles++;
initrd_ctx->components[i].size
= grub_file_size (initrd_ctx->components[i].file);
- initrd_ctx->size += initrd_ctx->components[i].size;
+ if (grub_add (initrd_ctx->size, initrd_ctx->components[i].size,
+ &initrd_ctx->size))
+ goto overflow;
}
if (newc)
{
initrd_ctx->size = ALIGN_UP (initrd_ctx->size, 4);
- initrd_ctx->size += ALIGN_UP (sizeof (struct newc_head)
- + sizeof ("TRAILER!!!") - 1, 4);
+ if (grub_add (initrd_ctx->size,
+ ALIGN_UP (sizeof (struct newc_head)
+ + sizeof ("TRAILER!!!") - 1, 4),
+ &initrd_ctx->size))
+ goto overflow;
free_dir (root);
root = 0;
}
return GRUB_ERR_NONE;
+
+ overflow:
+ free_dir (root);
+ grub_initrd_close (initrd_ctx);
+ return grub_error (GRUB_ERR_OUT_OF_RANGE, N_("overflow is detected"));
}
grub_size_t
@@ -260,8 +286,16 @@ grub_initrd_load (struct grub_linux_initrd_context *initrd_ctx,
if (initrd_ctx->components[i].newc_name)
{
- ptr += insert_dir (initrd_ctx->components[i].newc_name,
- &root, ptr);
+ grub_size_t dir_size;
+
+ if (insert_dir (initrd_ctx->components[i].newc_name, &root, ptr,
+ &dir_size))
+ {
+ free_dir (root);
+ grub_initrd_close (initrd_ctx);
+ return grub_errno;
+ }
+ ptr += dir_size;
ptr = make_header (ptr, initrd_ctx->components[i].newc_name,
grub_strlen (initrd_ctx->components[i].newc_name),
0100777,
--
2.26.2
+11
View File
@@ -21,6 +21,17 @@ endef
GRUB2_POST_PATCH_HOOKS += GRUB2_AVOID_AUTORECONF
HOST_GRUB2_POST_PATCH_HOOKS += GRUB2_AVOID_AUTORECONF
# 0002-yylex-Make-lexer-fatal-errors-actually-be-fatal.patch
GRUB2_IGNORE_CVES += CVE-2020-10713
# 0005-calloc-Use-calloc-at-most-places.patch
GRUB2_IGNORE_CVES += CVE-2020-14308
# 0006-malloc-Use-overflow-checking-primitives-where-we-do-.patch
GRUB2_IGNORE_CVES += CVE-2020-14309 CVE-2020-14310 CVE-2020-14311
# 0019-script-Avoid-a-use-after-free-when-redefining-a-func.patch
GRUB2_IGNORE_CVES += CVE-2020-15706
# 0028-linux-Fix-integer-overflows-in-initrd-size-handling.patch
GRUB2_IGNORE_CVES += CVE-2020-15707
ifeq ($(BR2_TARGET_GRUB2_INSTALL_TOOLS),y)
GRUB2_INSTALL_TARGET = YES
else
+3 -2
View File
@@ -16,6 +16,7 @@ UBOOT_INSTALL_IMAGES = YES
# u-boot 2020.01+ needs make 4.0+
UBOOT_DEPENDENCIES = $(BR2_MAKE_HOST_DEPENDENCY)
UBOOT_MAKE = $(BR2_MAKE)
ifeq ($(UBOOT_VERSION),custom)
# Handle custom U-Boot tarballs as specified by the configuration
@@ -247,7 +248,7 @@ UBOOT_POST_PATCH_HOOKS += UBOOT_FIXUP_LIBFDT_INCLUDE
ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_LEGACY),y)
define UBOOT_CONFIGURE_CMDS
$(TARGET_CONFIGURE_OPTS) \
$(BR2_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_BOARD_NAME)_config
endef
else ifeq ($(BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG),y)
@@ -284,7 +285,7 @@ define UBOOT_BUILD_CMDS
cp -f $(UBOOT_CUSTOM_DTS_PATH) $(@D)/arch/$(UBOOT_ARCH)/dts/
)
$(TARGET_CONFIGURE_OPTS) \
$(BR2_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_MAKE) -C $(@D) $(UBOOT_MAKE_OPTS) \
$(UBOOT_MAKE_TARGET)
$(if $(BR2_TARGET_UBOOT_FORMAT_SD),
$(@D)/tools/mxsboot sd $(@D)/u-boot.sb $(@D)/u-boot.sd)
+20 -21
View File
@@ -47,32 +47,31 @@ package. Let's start with an example:
13: FOO_DEPENDENCIES = host-cargo
14:
15: FOO_CARGO_ENV = CARGO_HOME=$(HOST_DIR)/share/cargo
16: FOO_CARGO_MODE = $(if $(BR2_ENABLE_DEBUG),debug,release)
17:
18: FOO_BIN_DIR = target/$(RUSTC_TARGET_NAME)/$(FOO_CARGO_MODE)
19:
20: FOO_CARGO_OPTS = \
21: --$(FOO_CARGO_MODE) \
22: --target=$(RUSTC_TARGET_NAME) \
23: --manifest-path=$(@D)/Cargo.toml
24:
25: define FOO_BUILD_CMDS
26: $(TARGET_MAKE_ENV) $(FOO_CARGO_ENV) \
27: cargo build $(FOO_CARGO_OPTS)
28: endef
29:
30: define FOO_INSTALL_TARGET_CMDS
31: $(INSTALL) -D -m 0755 $(@D)/$(FOO_BIN_DIR)/foo \
32: $(TARGET_DIR)/usr/bin/foo
33: endef
34:
35: $(eval $(generic-package))
16:
17: FOO_BIN_DIR = target/$(RUSTC_TARGET_NAME)/$(FOO_CARGO_MODE)
18:
19: FOO_CARGO_OPTS = \
20: $(if $(BR2_ENABLE_DEBUG),,--release) \
21: --target=$(RUSTC_TARGET_NAME) \
22: --manifest-path=$(@D)/Cargo.toml
23:
24: define FOO_BUILD_CMDS
25: $(TARGET_MAKE_ENV) $(FOO_CARGO_ENV) \
26: cargo build $(FOO_CARGO_OPTS)
27: endef
28:
29: define FOO_INSTALL_TARGET_CMDS
30: $(INSTALL) -D -m 0755 $(@D)/$(FOO_BIN_DIR)/foo \
31: $(TARGET_DIR)/usr/bin/foo
32: endef
33:
34: $(eval $(generic-package))
--------------------------------
The Makefile starts with the definition of the standard variables for package
declaration (lines 7 to 11).
As seen in line 35, it is based on the
As seen in line 34, it is based on the
xref:generic-package-tutorial[+generic-package+ infrastructure]. So, it defines
the variables required by this particular infrastructure, where Cargo is
invoked:
+1 -1
View File
@@ -34,7 +34,7 @@ will automatically download the tarball from this location.
On line 10, we tell Buildroot what options to enable for libfoo.
On line 11, we tell Buildroot the depednencies of libfoo.
On line 11, we tell Buildroot the dependencies of libfoo.
Finally, on line line 13, we invoke the +waf-package+
macro that generates all the Makefile rules that actually allows the
+11
View File
@@ -1,4 +1,15 @@
#!/bin/sh
# devtmpfs does not get automounted for initramfs
/bin/mount -t devtmpfs devtmpfs /dev
# use the /dev/console device node from devtmpfs if possible to not
# confuse glibc's ttyname_r().
# This may fail (E.G. booted with console=), and errors from exec will
# terminate the shell, so use a subshell for the test
if (exec 0</dev/console) 2>/dev/null; then
exec 0</dev/console
exec 1>/dev/console
exec 2>/dev/console
fi
exec /sbin/init "$@"
+5 -5
View File
@@ -30,7 +30,7 @@ config BR2_LINUX_KERNEL_LATEST_VERSION
bool "Latest version (5.4)"
config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
bool "Latest CIP SLTS version (4.19.118-cip25)"
bool "Latest CIP SLTS version (4.19.132-cip30)"
help
CIP launched in the spring of 2016 to address the needs of
organizations in industries such as power generation and
@@ -49,7 +49,7 @@ config BR2_LINUX_KERNEL_LATEST_CIP_VERSION
https://www.cip-project.org
config BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
bool "Latest CIP RT SLTS version (4.19.115-cip24-rt9)"
bool "Latest CIP RT SLTS version (4.19.132-cip30-rt12)"
help
Same as the CIP version, but this is the PREEMPT_RT realtime
variant.
@@ -128,9 +128,9 @@ endif
config BR2_LINUX_KERNEL_VERSION
string
default "5.4.45" if BR2_LINUX_KERNEL_LATEST_VERSION
default "4.19.118-cip25" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
default "4.19.115-cip24-rt9" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
default "5.4.61" if BR2_LINUX_KERNEL_LATEST_VERSION
default "4.19.132-cip30" if BR2_LINUX_KERNEL_LATEST_CIP_VERSION
default "4.19.132-cip30-rt12" if BR2_LINUX_KERNEL_LATEST_CIP_RT_VERSION
default BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE \
if BR2_LINUX_KERNEL_CUSTOM_VERSION
default "custom" if BR2_LINUX_KERNEL_CUSTOM_TARBALL
+7 -7
View File
@@ -1,13 +1,13 @@
# From https://www.kernel.org/pub/linux/kernel/v5.x/sha256sums.asc
sha256 103f039f34a9009c42ea643b4f473bda6bb9607d5ad7f63b56b3e2351615fe2e linux-5.4.45.tar.xz
sha256 86f13d050f6389c5a1727fa81510ee8eceac795297bc584f443354609617fea4 linux-5.4.61.tar.xz
# From https://www.kernel.org/pub/linux/kernel/v4.x/sha256sums.asc
sha256 418299385195f09b27e371a35f305f3aff148e7557a341b53460091303aa9bb7 linux-4.4.226.tar.xz
sha256 460a8c168fe5c60ce5b30015a4e4bf348d93a89f8b949de1f90779567ef345ca linux-4.9.226.tar.xz
sha256 4265afef56819b04656107a5abecde205c5bc5fb04b2e81447955e7e45db8085 linux-4.14.183.tar.xz
sha256 82af886bc588b5c8d7474beb2bac13810ee3ed07da356a2553c81ae8e52e586f linux-4.19.127.tar.xz
sha256 6994dda988e9fb7f5661cf80ff42039016cb0044acd39f830937ba0220296388 linux-4.4.234.tar.xz
sha256 756f8544d261e8117716c911261690e4fb5491e14c1f4612c83e0986453782e3 linux-4.9.234.tar.xz
sha256 394f28798670240baacd9e2cce521fbd79f8da5e1fc191695b0e11381445a021 linux-4.14.195.tar.xz
sha256 6912db1c242d72ce9c8d4ff71982ac935d97690822af5c1c6ec22412b31667a4 linux-4.19.142.tar.xz
# Locally computed
sha256 ea53913813cb5a9069608532b327de7a7ed0fdc8fed8c6f10cd55d1ac6a58ffb linux-cip-4.19.118-cip25.tar.gz
sha256 7f0a0db0e1cfb14053523f4432f1ad1468b5bd42305b44905c4b103466c8d655 linux-cip-4.19.115-cip24-rt9.tar.gz
sha256 c20f9014b89ea3e27f55f1d407aa5a4724ed38ac520c197291e9d644f164c43a linux-cip-4.19.132-cip30.tar.gz
sha256 81dd791d9ad6c3fddaeaffc6d7d8df0e13831283a5fe494c437ac7820d79ca39 linux-cip-4.19.132-cip30-rt12.tar.gz
# Licenses hashes
sha256 ee5808b032a67f587d3541099d46de34f5bec8cd5976114ba07f1299ee6001ff COPYING
+4 -2
View File
@@ -160,7 +160,8 @@ endif
# Get the real Linux version, which tells us where kernel modules are
# going to be installed in the target filesystem.
LINUX_VERSION_PROBED = `$(MAKE) $(LINUX_MAKE_FLAGS) -C $(LINUX_DIR) --no-print-directory -s kernelrelease 2>/dev/null`
# Filter out 'w' from MAKEFLAGS, to workaround a bug in make 4.1 (#13141)
LINUX_VERSION_PROBED = `MAKEFLAGS='$(filter-out w,$(MAKEFLAGS))' $(MAKE) $(LINUX_MAKE_FLAGS) -C $(LINUX_DIR) --no-print-directory -s kernelrelease 2>/dev/null`
LINUX_DTS_NAME += $(call qstrip,$(BR2_LINUX_KERNEL_INTREE_DTS_NAME))
@@ -531,7 +532,8 @@ endef
# Run depmod in a target-finalize hook, to encompass modules installed by
# packages.
define LINUX_RUN_DEPMOD
if grep -q "CONFIG_MODULES=y" $(LINUX_DIR)/.config; then \
if test -d $(TARGET_DIR)/lib/modules/$(LINUX_VERSION_PROBED) \
&& grep -q "CONFIG_MODULES=y" $(LINUX_DIR)/.config; then \
$(HOST_DIR)/sbin/depmod -a -b $(TARGET_DIR) $(LINUX_VERSION_PROBED); \
fi
endef
+3 -2
View File
@@ -1,4 +1,5 @@
# From http://archive.apache.org/dist/httpd/httpd-2.4.43.tar.bz2.sha256
sha256 a497652ab3fc81318cdc2a203090a999150d86461acff97c1065dc910fe10f43 httpd-2.4.43.tar.bz2
# From http://archive.apache.org/dist/httpd/httpd-2.4.46.tar.bz2.{sha256,sha512}
sha256 740eddf6e1c641992b22359cabc66e6325868c3c5e2e3f98faf349b61ecf41ea httpd-2.4.46.tar.bz2
sha512 5936784bb662e9d8a4f7fe38b70c043b468114d931cd10ea831bfe74461ea5856b64f88f42c567ab791fc8907640a99884ba4b6a600f86d661781812735b6f13 httpd-2.4.46.tar.bz2
# Locally computed
sha256 47b8c2b6c3309282a99d4a3001575c790fead690cc14734628c4667d2bbffc43 LICENSE
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
APACHE_VERSION = 2.4.43
APACHE_VERSION = 2.4.46
APACHE_SOURCE = httpd-$(APACHE_VERSION).tar.bz2
APACHE_SITE = http://archive.apache.org/dist/httpd
APACHE_LICENSE = Apache-2.0
+2 -2
View File
@@ -1,4 +1,4 @@
# Verified from https://ftp.isc.org/isc/bind9/9.11.20/bind-9.11.20.tar.gz.asc
# Verified from https://ftp.isc.org/isc/bind9/9.11.22/bind-9.11.22.tar.gz.asc
# with key AE3FAC796711EC59FC007AA474BB6B9A4CBB3D38
sha256 306831a738a275693bbe1d6839a09b34a2c8b5c26f8a42ea57ef000a6a99c2b6 bind-9.11.20.tar.gz
sha256 afc6d8015006f1cabf699ff19f517bb8fd9c1811e5231f26baf51c3550262ac9 bind-9.11.22.tar.gz
sha256 da2aec2b7f6f0feb16bcb080e2c587375fd3195145f047e4d92d112f5b9db501 COPYRIGHT
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
BIND_VERSION = 9.11.20
BIND_VERSION = 9.11.22
BIND_SITE = https://ftp.isc.org/isc/bind9/$(BIND_VERSION)
# bind does not support parallel builds.
BIND_MAKE = $(MAKE1)
+1
View File
@@ -134,6 +134,7 @@ define BOOST_CONFIGURE_CMDS
(cd $(@D) && ./bootstrap.sh $(BOOST_FLAGS))
echo "using gcc : `$(TARGET_CC) -dumpversion` : $(TARGET_CXX) : <cxxflags>\"$(BOOST_TARGET_CXXFLAGS)\" <linkflags>\"$(TARGET_LDFLAGS)\" ;" > $(@D)/user-config.jam
echo "" >> $(@D)/user-config.jam
sed -i "s/: -O.* ;/: $(TARGET_OPTIMIZATION) ;/" $(@D)/tools/build/src/tools/gcc.jam
endef
define BOOST_BUILD_CMDS
+13
View File
@@ -237,6 +237,18 @@ define BUSYBOX_SET_SELINUX
endef
endif
# enable relevant options to allow the Busybox less applet to be used
# as a systemd pager
ifeq ($(BR2_PACKAGE_SYSTEMD):$(BR2_PACKAGE_LESS),y:)
define BUSYBOX_SET_LESS_FLAGS
$(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_LESS_DASHCMD)
$(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_LESS_RAW)
$(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_LESS_TRUNCATE)
$(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_LESS_FLAGS)
$(call KCONFIG_ENABLE_OPT,CONFIG_FEATURE_LESS_ENV)
endef
endif
ifeq ($(BR2_PACKAGE_BUSYBOX_INDIVIDUAL_BINARIES),y)
define BUSYBOX_SET_INDIVIDUAL_BINARIES
$(call KCONFIG_ENABLE_OPT,CONFIG_BUILD_LIBBUSYBOX,$(BUSYBOX_BUILD_CONFIG))
@@ -338,6 +350,7 @@ define BUSYBOX_KCONFIG_FIXUP_CMDS
$(BUSYBOX_SET_INIT)
$(BUSYBOX_SET_WATCHDOG)
$(BUSYBOX_SET_SELINUX)
$(BUSYBOX_SET_LESS_FLAGS)
$(BUSYBOX_SET_INDIVIDUAL_BINARIES)
endef
+7
View File
@@ -21,5 +21,12 @@ endif
# The actual source to be compiled is within a 'c++' subdirectory
CAPNPROTO_SUBDIR = c++
ifeq ($(BR2_PACKAGE_OPENSSL),y)
CAPNPROTO_CONF_OPTS += --with-openssl
CAPNPROTO_DEPENDENCIES += openssl
else
CAPNPROTO_CONF_OPTS += --without-openssl
endif
$(eval $(autotools-package))
$(eval $(host-autotools-package))
+3 -4
View File
@@ -1,5 +1,4 @@
# From https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2019/05/msg00001.html
md5 5f66338bc940a9b51eede8f391e7bed3 chrony-3.5.tar.gz
sha1 79e9aeace143550300387a99f17bff04b45673f7 chrony-3.5.tar.gz
# From https://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2020/08/msg00000.html
sha256 1ba82f70db85d414cd7420c39858e3ceca4b9eb8b028cbe869512c3a14a2dca7 chrony-3.5.1.tar.gz
# Locally calculated
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 COPYING
sha256 ab15fd526bd8dd18a9e77ebc139656bf4d33e97fc7238cd11bf60e2b9b8666c6 COPYING
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
CHRONY_VERSION = 3.5
CHRONY_VERSION = 3.5.1
CHRONY_SITE = http://download.tuxfamily.org/chrony
CHRONY_LICENSE = GPL-2.0
CHRONY_LICENSE_FILES = COPYING
-1
View File
@@ -593,7 +593,6 @@ comment "grpc needs a toolchain w/ C++, gcc >= 4.8"
config BR2_PACKAGE_COLLECTD_MQTT
bool "mqtt"
depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
select BR2_PACKAGE_MOSQUITTO
help
Sends metrics to and/or receives metrics from an MQTT broker.
+30
View File
@@ -0,0 +1,30 @@
From 641d3f489cf6238bb916368d4ba0d9325a235afb Mon Sep 17 00:00:00 2001
From: Sergey Poznyakoff <gray@gnu.org>
Date: Mon, 20 Jan 2020 07:45:39 +0200
Subject: Minor fix * src/global.c: Remove superfluous declaration of
program_name
[Retrieved from:
https://git.savannah.gnu.org/cgit/cpio.git/commit/?id=641d3f489cf6238bb916368d4ba0d9325a235afb]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/global.c | 3 ---
1 file changed, 3 deletions(-)
diff --git a/src/global.c b/src/global.c
index fb3abe9..acf92bc 100644
--- a/src/global.c
+++ b/src/global.c
@@ -184,9 +184,6 @@ unsigned int warn_option = 0;
/* Extract to standard output? */
bool to_stdout_option = false;
-/* The name this program was run with. */
-char *program_name;
-
/* A pointer to either lstat or stat, depending on whether
dereferencing of symlinks is done for input files. */
int (*xstat) ();
--
cgit v1.2.1
@@ -0,0 +1,179 @@
From 604abec333a0efb44fd8bc610aa0b1151dd0f612 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bj=C3=B6rn=20Esser?= <besser82@fedoraproject.org>
Date: Mon, 13 Apr 2020 11:48:17 +0200
Subject: [PATCH] Add support for upcoming json-c 0.14.0.
* TRUE/FALSE are not defined anymore. 1 and 0 are used instead.
* json_object_get_uint64() and json_object_new_uint64() are part
of the upstream API now.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
lib/luks2/luks2_internal.h | 4 +++-
lib/luks2/luks2_json_metadata.c | 38 +++++++++++++++++----------------
2 files changed, 23 insertions(+), 19 deletions(-)
diff --git a/lib/luks2/luks2_internal.h b/lib/luks2/luks2_internal.h
index b9fec6b5..939101d6 100644
--- a/lib/luks2/luks2_internal.h
+++ b/lib/luks2/luks2_internal.h
@@ -58,9 +58,11 @@ json_object *LUKS2_get_segments_jobj(struct luks2_hdr *hdr);
void hexprint_base64(struct crypt_device *cd, json_object *jobj,
const char *sep, const char *line_sep);
+#if !(defined JSON_C_VERSION_NUM && JSON_C_VERSION_NUM >= ((13 << 8) | 99))
uint64_t json_object_get_uint64(json_object *jobj);
-uint32_t json_object_get_uint32(json_object *jobj);
json_object *json_object_new_uint64(uint64_t value);
+#endif
+uint32_t json_object_get_uint32(json_object *jobj);
int json_object_object_add_by_uint(json_object *jobj, unsigned key, json_object *jobj_val);
void json_object_object_del_by_uint(json_object *jobj, unsigned key);
diff --git a/lib/luks2/luks2_json_metadata.c b/lib/luks2/luks2_json_metadata.c
index 781280c2..712c2bbd 100644
--- a/lib/luks2/luks2_json_metadata.c
+++ b/lib/luks2/luks2_json_metadata.c
@@ -234,13 +234,14 @@ static json_bool json_str_to_uint64(json_object *jobj, uint64_t *value)
tmp = strtoull(json_object_get_string(jobj), &endptr, 10);
if (*endptr || errno) {
*value = 0;
- return FALSE;
+ return 0;
}
*value = tmp;
- return TRUE;
+ return 1;
}
+#if !(defined JSON_C_VERSION_NUM && JSON_C_VERSION_NUM >= ((13 << 8) | 99))
uint64_t json_object_get_uint64(json_object *jobj)
{
uint64_t r;
@@ -262,6 +263,7 @@ json_object *json_object_new_uint64(uint64_t value)
jobj = json_object_new_string(num);
return jobj;
}
+#endif
/*
* Validate helpers
@@ -273,9 +275,9 @@ static json_bool numbered(struct crypt_device *cd, const char *name, const char
for (i = 0; key[i]; i++)
if (!isdigit(key[i])) {
log_dbg(cd, "%s \"%s\" is not in numbered form.", name, key);
- return FALSE;
+ return 0;
}
- return TRUE;
+ return 1;
}
json_object *json_contains(struct crypt_device *cd, json_object *jobj, const char *name,
@@ -300,7 +302,7 @@ json_bool validate_json_uint32(json_object *jobj)
errno = 0;
tmp = json_object_get_int64(jobj);
- return (errno || tmp < 0 || tmp > UINT32_MAX) ? FALSE : TRUE;
+ return (errno || tmp < 0 || tmp > UINT32_MAX) ? 0 : 1;
}
static json_bool validate_keyslots_array(struct crypt_device *cd,
@@ -313,17 +315,17 @@ static json_bool validate_keyslots_array(struct crypt_device *cd,
jobj = json_object_array_get_idx(jarr, i);
if (!json_object_is_type(jobj, json_type_string)) {
log_dbg(cd, "Illegal value type in keyslots array at index %d.", i);
- return FALSE;
+ return 0;
}
if (!json_contains(cd, jobj_keys, "", "Keyslots section",
json_object_get_string(jobj), json_type_object))
- return FALSE;
+ return 0;
i++;
}
- return TRUE;
+ return 1;
}
static json_bool validate_segments_array(struct crypt_device *cd,
@@ -336,17 +338,17 @@ static json_bool validate_segments_array(struct crypt_device *cd,
jobj = json_object_array_get_idx(jarr, i);
if (!json_object_is_type(jobj, json_type_string)) {
log_dbg(cd, "Illegal value type in segments array at index %d.", i);
- return FALSE;
+ return 0;
}
if (!json_contains(cd, jobj_segments, "", "Segments section",
json_object_get_string(jobj), json_type_object))
- return FALSE;
+ return 0;
i++;
}
- return TRUE;
+ return 1;
}
static json_bool segment_has_digest(const char *segment_name, json_object *jobj_digests)
@@ -357,10 +359,10 @@ static json_bool segment_has_digest(const char *segment_name, json_object *jobj_
UNUSED(key);
json_object_object_get_ex(val, "segments", &jobj_segments);
if (LUKS2_array_jobj(jobj_segments, segment_name))
- return TRUE;
+ return 1;
}
- return FALSE;
+ return 0;
}
static json_bool validate_intervals(struct crypt_device *cd,
@@ -372,18 +374,18 @@ static json_bool validate_intervals(struct crypt_device *cd,
while (i < length) {
if (ix[i].offset < 2 * metadata_size) {
log_dbg(cd, "Illegal area offset: %" PRIu64 ".", ix[i].offset);
- return FALSE;
+ return 0;
}
if (!ix[i].length) {
log_dbg(cd, "Area length must be greater than zero.");
- return FALSE;
+ return 0;
}
if ((ix[i].offset + ix[i].length) > keyslots_area_end) {
log_dbg(cd, "Area [%" PRIu64 ", %" PRIu64 "] overflows binary keyslots area (ends at offset: %" PRIu64 ").",
ix[i].offset, ix[i].offset + ix[i].length, keyslots_area_end);
- return FALSE;
+ return 0;
}
for (j = 0; j < length; j++) {
@@ -393,14 +395,14 @@ static json_bool validate_intervals(struct crypt_device *cd,
log_dbg(cd, "Overlapping areas [%" PRIu64 ",%" PRIu64 "] and [%" PRIu64 ",%" PRIu64 "].",
ix[i].offset, ix[i].offset + ix[i].length,
ix[j].offset, ix[j].offset + ix[j].length);
- return FALSE;
+ return 0;
}
}
i++;
}
- return TRUE;
+ return 1;
}
static int LUKS2_keyslot_validate(struct crypt_device *cd, json_object *hdr_jobj, json_object *hdr_keyslot, const char *key)
--
2.20.1
+48
View File
@@ -0,0 +1,48 @@
#!/bin/sh
DAEMON="cupsd"
PIDFILE="/var/run/$DAEMON.pid"
start() {
printf 'Starting %s: ' "$DAEMON"
# shellcheck disable=SC2086 # we need the word splitting
start-stop-daemon -b -m -S -q -p "$PIDFILE" -x "/usr/sbin/$DAEMON" \
-- -C /etc/cups/cupsd.conf -s /etc/cups/cups-files
status=$?
if [ "$status" -eq 0 ]; then
echo "OK"
else
echo "FAIL"
fi
return "$status"
}
stop() {
printf 'Stopping %s: ' "$DAEMON"
start-stop-daemon -K -q -p "$PIDFILE"
status=$?
if [ "$status" -eq 0 ]; then
rm -f "$PIDFILE"
echo "OK"
else
echo "FAIL"
fi
return "$status"
}
restart() {
stop
sleep 1
start
}
case "$1" in
start|stop|restart)
"$1";;
reload)
# Restart, since there is no true "reload" feature.
restart;;
*)
echo "Usage: $0 {start|stop|restart|reload}"
exit 1
esac
+7 -1
View File
@@ -21,7 +21,8 @@ CUPS_CONF_OPTS = \
--with-docdir=/usr/share/cups/doc-root \
--disable-gssapi \
--disable-pam \
--libdir=/usr/lib
--libdir=/usr/lib \
--without-rcdir
CUPS_CONFIG_SCRIPTS = cups-config
CUPS_DEPENDENCIES = \
host-autoconf \
@@ -71,4 +72,9 @@ else
CUPS_CONF_OPTS += --disable-avahi
endif
define CUPS_INSTALL_INIT_SYSV
$(INSTALL) -D -m 0755 package/cups/S81cupsd \
$(TARGET_DIR)/etc/init.d/S81cupsd
endef
$(eval $(autotools-package))
+3 -1
View File
@@ -12,7 +12,9 @@ CVS_LICENSE = GPL-1.0+, LGPL-2.0+, LGPL-2.1+ (glob)
CVS_LICENSE_FILES = COPYING COPYING.LIB lib/glob-libc.h
CVS_DEPENDENCIES = ncurses
CVS_CONF_ENV = cvs_cv_func_printf_ptr=yes
CVS_CONF_ENV = \
ac_cv_func_working_mktime=yes \
cvs_cv_func_printf_ptr=yes
CVS_CONFIGURE_ARGS = --disable-old-info-format-support
ifeq ($(BR2_PACKAGE_CVS_SERVER),y)
+1
View File
@@ -107,6 +107,7 @@ HOST_DBUS_CONF_OPTS = \
--disable-selinux \
--disable-xml-docs \
--disable-doxygen-docs \
--disable-systemd \
--without-x \
--with-xml=expat
+1
View File
@@ -5,6 +5,7 @@ config BR2_PACKAGE_DOCKER_ENGINE
depends on BR2_TOOLCHAIN_HAS_THREADS
depends on !BR2_TOOLCHAIN_USES_UCLIBC # docker-containerd -> runc
depends on BR2_USE_MMU # docker-containerd
select BR2_PACKAGE_CGROUPFS_MOUNT if !BR2_PACKAGE_SYSTEMD # runtime dependency
select BR2_PACKAGE_DOCKER_CONTAINERD # runtime dependency
select BR2_PACKAGE_DOCKER_PROXY # runtime dependency
select BR2_PACKAGE_IPTABLES # runtime dependency
+3 -5
View File
@@ -1,11 +1,10 @@
config BR2_PACKAGE_DOMOTICZ
bool "domoticz"
depends on BR2_USE_MMU # mosquitto
depends on BR2_TOOLCHAIN_HAS_SYNC_4 # mosquitto
depends on !BR2_STATIC_LIBS # mosquitto
depends on BR2_USE_MMU # fork()
depends on !BR2_STATIC_LIBS
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 # sleep_for
# pthread_condattr_setclock
depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL
depends on BR2_TOOLCHAIN_HAS_THREADS_NPTL # mosquitto
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_USE_WCHAR
depends on BR2_PACKAGE_LUA_5_3
@@ -30,7 +29,6 @@ config BR2_PACKAGE_DOMOTICZ
comment "domoticz needs lua 5.3 and a toolchain w/ C++, gcc >= 4.8, NPTL, wchar, dynamic library"
depends on BR2_USE_MMU
depends on BR2_TOOLCHAIN_HAS_SYNC_4
depends on !BR2_INSTALL_LIBSTDCPP || \
!BR2_TOOLCHAIN_GCC_AT_LEAST_4_8 || \
!BR2_TOOLCHAIN_HAS_THREADS_NPTL || \
@@ -1,3 +1,3 @@
# Locally computed after checking signature
sha256 36da68aae5157b83e21383f711b8977e5b6f5477f369f71e7e22e76a738bbd05 dovecot-2.3-pigeonhole-0.5.9.tar.gz
sha256 fc9e9522216f2a9a28b31300e3c73c1df56acc27dfae951bf516e7995366b51a COPYING
sha256 0b972a441f680545ddfacd2f41fb2a705fb03249d46ed5ce7e01fe68b6cfb5f0 dovecot-2.3-pigeonhole-0.5.11.tar.gz
sha256 fc9e9522216f2a9a28b31300e3c73c1df56acc27dfae951bf516e7995366b51a COPYING
@@ -4,7 +4,7 @@
#
################################################################################
DOVECOT_PIGEONHOLE_VERSION = 0.5.9
DOVECOT_PIGEONHOLE_VERSION = 0.5.11
DOVECOT_PIGEONHOLE_SOURCE = dovecot-2.3-pigeonhole-$(DOVECOT_PIGEONHOLE_VERSION).tar.gz
DOVECOT_PIGEONHOLE_SITE = https://pigeonhole.dovecot.org/releases/2.3
DOVECOT_PIGEONHOLE_LICENSE = LGPL-2.1
+1 -1
View File
@@ -1,5 +1,5 @@
# Locally computed after checking signature
sha256 6642e62f23b1b23cfac235007ca6e21cb67460cca834689fad450724456eb10c dovecot-2.3.10.1.tar.gz
sha256 d3d9ea9010277f57eb5b9f4166a5d2ba539b172bd6d5a2b2529a6db524baafdc dovecot-2.3.11.3.tar.gz
sha256 a363b132e494f662d98c820d1481297e6ae72f194c2c91b6c39e1518b86240a8 COPYING
sha256 dc626520dcd53a22f727af3ee42c770e56c97a64fe3adb063799d8ab032fe551 COPYING.LGPL
sha256 52b8c95fabb19575281874b661ef7968ea47e8f5d74ba0dd40ce512e52b3fc97 COPYING.MIT
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
DOVECOT_VERSION_MAJOR = 2.3
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).10.1
DOVECOT_VERSION = $(DOVECOT_VERSION_MAJOR).11.3
DOVECOT_SITE = https://dovecot.org/releases/$(DOVECOT_VERSION_MAJOR)
DOVECOT_INSTALL_STAGING = YES
DOVECOT_LICENSE = LGPL-2.1, MIT, Public Domain, BSD-3-Clause, Unicode-DFS-2015
@@ -0,0 +1,24 @@
# HG changeset patch
# User Haelwenn Monnier <contact+github.com@hacktivis.me>
# Date 1590411269 -7200
# Mon May 25 14:54:29 2020 +0200
# Node ID 087c2804147074c95b6a3f35137b4f4b726b1452
# Parent 009d52ae26d35f3381c801e02318fa9be34be93c
scp.c: Port OpenSSH CVE-2018-20685 fix (#80)
[backport from 2020.79 to 2019.78 for Buildroot 2020.02.x]
Signed-off-by: Thomas De Schampheleire <thomas.de_schampheleire@nokia.com>
diff --git a/scp.c b/scp.c
--- a/scp.c
+++ b/scp.c
@@ -935,7 +935,8 @@ sink(int argc, char **argv)
size = size * 10 + (*cp++ - '0');
if (*cp++ != ' ')
SCREWUP("size not delimited");
- if ((strchr(cp, '/') != NULL) || (strcmp(cp, "..") == 0)) {
+ if (*cp == '\0' || strchr(cp, '/') != NULL ||
+ strcmp(cp, ".") == 0 || strcmp(cp, "..") == 0) {
run_err("error: unexpected filename: %s", cp);
exit(1);
}
+2 -4
View File
@@ -3,17 +3,16 @@ config BR2_PACKAGE_EFL
# g++ issue with 4.4.5, tested with g++ 4.7.2
depends on BR2_TOOLCHAIN_GCC_AT_LEAST_4_7
depends on BR2_INSTALL_LIBSTDCPP
depends on BR2_PACKAGE_LUAJIT_ARCH_SUPPORTS # luajit
depends on BR2_TOOLCHAIN_HAS_THREADS # untested without threads
depends on BR2_USE_MMU
depends on BR2_USE_WCHAR # use wchar_t
depends on !BR2_STATIC_LIBS # dlfcn.h
# https://phab.enlightenment.org/T2728
depends on BR2_PACKAGE_LUAJIT
select BR2_PACKAGE_DBUS
select BR2_PACKAGE_FREETYPE
select BR2_PACKAGE_JPEG # Emile needs libjpeg
select BR2_PACKAGE_LIBCURL # Ecore_con_url, runtime dependency
# https://phab.enlightenment.org/T2728
select BR2_PACKAGE_LUAJIT # Lua support broken
select BR2_PACKAGE_LZ4
select BR2_PACKAGE_ZLIB
help
@@ -306,5 +305,4 @@ comment "efl needs a toolchain w/ C++, dynamic library, gcc >= 4.7, threads, wch
depends on !BR2_INSTALL_LIBSTDCPP \
|| !BR2_TOOLCHAIN_GCC_AT_LEAST_4_7 \
|| BR2_STATIC_LIBS || !BR2_TOOLCHAIN_HAS_THREADS || !BR2_USE_WCHAR
depends on BR2_PACKAGE_LUAJIT_ARCH_SUPPORTS
depends on BR2_USE_MMU
+1 -1
View File
@@ -8,7 +8,7 @@ ELIXIR_VERSION = 1.9.4
ELIXIR_SITE = $(call github,elixir-lang,elixir,v$(ELIXIR_VERSION))
ELIXIR_LICENSE = Apache-2.0
ELIXIR_LICENSE_FILES = LICENSE
ELIXIR_DEPENDENCIES = host-erlang
HOST_ELIXIR_DEPENDENCIES = host-erlang
define HOST_ELIXIR_BUILD_CMDS
$(HOST_MAKE_ENV) $(HOST_CONFIGURE_OPTS) $(MAKE) -C $(@D) compile
@@ -0,0 +1,195 @@
From eee12fe5e2e6c5f71bc7cbe25a608b730fd5362e Mon Sep 17 00:00:00 2001
From: Chao Yu <yuchao0@huawei.com>
Date: Fri, 7 Aug 2020 10:02:31 +0800
Subject: [PATCH] fsck.f2fs: correct return value
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
As Norbert Lange reported:
"
$ fsck.f2fs -a /dev/mmcblk0p5; echo $?
Info: Fix the reported corruption.
Info: Mounted device!
Info: Check FS only on RO mounted device
Error: Failed to open the device!
255
"
Michael Laß reminds:
"
I think the return value is exactly the problem here. See fsck(8) (
https://linux.die.net/man/8/fsck) which specifies the return values.
Systemd looks at these and decides how to proceed:
https://github.com/systemd/systemd/blob/a859abf062cef1511e4879c4ee39c6036ebeaec8/src/fsck/fsck.c#L407
That means, if fsck.f2fs returns 255, then
the FSCK_SYSTEM_SHOULD_REBOOT bit is set and systemd will reboot.
"
So the problem here is fsck.f2fs didn't return correct value to userspace
apps, result in later unexpected behavior of rebooting, let's fix this.
Reported-by: Norbert Lange <nolange79@gmail.com>
Reported-by: Michael Laß <bevan@bi-co.net>
Signed-off-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Norbert Lange <nolange79@gmail.com>
---
fsck/fsck.h | 11 +++++++++++
fsck/main.c | 45 +++++++++++++++++++++++++++++++--------------
2 files changed, 42 insertions(+), 14 deletions(-)
diff --git a/fsck/fsck.h b/fsck/fsck.h
index ccf4a39..c8aeb06 100644
--- a/fsck/fsck.h
+++ b/fsck/fsck.h
@@ -13,6 +13,17 @@
#include "f2fs.h"
+enum {
+ FSCK_SUCCESS = 0,
+ FSCK_ERROR_CORRECTED = 1 << 0,
+ FSCK_SYSTEM_SHOULD_REBOOT = 1 << 1,
+ FSCK_ERRORS_LEFT_UNCORRECTED = 1 << 2,
+ FSCK_OPERATIONAL_ERROR = 1 << 3,
+ FSCK_USAGE_OR_SYNTAX_ERROR = 1 << 4,
+ FSCK_USER_CANCELLED = 1 << 5,
+ FSCK_SHARED_LIB_ERROR = 1 << 7,
+};
+
struct quota_ctx;
#define FSCK_UNMATCHED_EXTENT 0x00000001
diff --git a/fsck/main.c b/fsck/main.c
index 8c62a14..b0f2ec3 100644
--- a/fsck/main.c
+++ b/fsck/main.c
@@ -591,7 +591,7 @@ void f2fs_parse_options(int argc, char *argv[])
error_out(prog);
}
-static void do_fsck(struct f2fs_sb_info *sbi)
+static int do_fsck(struct f2fs_sb_info *sbi)
{
struct f2fs_checkpoint *ckpt = F2FS_CKPT(sbi);
u32 flag = le32_to_cpu(ckpt->ckpt_flags);
@@ -614,7 +614,7 @@ static void do_fsck(struct f2fs_sb_info *sbi)
} else {
MSG(0, "[FSCK] F2FS metadata [Ok..]");
fsck_free(sbi);
- return;
+ return FSCK_SUCCESS;
}
if (!c.ro)
@@ -646,7 +646,7 @@ static void do_fsck(struct f2fs_sb_info *sbi)
ret = quota_init_context(sbi);
if (ret) {
ASSERT_MSG("quota_init_context failure: %d", ret);
- return;
+ return FSCK_OPERATIONAL_ERROR;
}
}
fsck_chk_orphan_node(sbi);
@@ -654,8 +654,14 @@ static void do_fsck(struct f2fs_sb_info *sbi)
F2FS_FT_DIR, TYPE_INODE, &blk_cnt, NULL);
fsck_chk_quota_files(sbi);
- fsck_verify(sbi);
+ ret = fsck_verify(sbi);
fsck_free(sbi);
+
+ if (!c.bug_on)
+ return FSCK_SUCCESS;
+ if (!ret)
+ return FSCK_ERROR_CORRECTED;
+ return FSCK_ERRORS_LEFT_UNCORRECTED;
}
static void do_dump(struct f2fs_sb_info *sbi)
@@ -763,7 +769,7 @@ static int do_sload(struct f2fs_sb_info *sbi)
int main(int argc, char **argv)
{
struct f2fs_sb_info *sbi;
- int ret = 0;
+ int ret = 0, ret2;
clock_t start = clock();
f2fs_init_configuration();
@@ -771,10 +777,15 @@ int main(int argc, char **argv)
f2fs_parse_options(argc, argv);
if (c.func != DUMP && f2fs_devs_are_umounted() < 0) {
- if (errno == EBUSY)
+ if (errno == EBUSY) {
+ if (c.func == FSCK)
+ return FSCK_OPERATIONAL_ERROR;
return -1;
+ }
if (!c.ro || c.func == DEFRAG) {
MSG(0, "\tError: Not available on mounted device!\n");
+ if (c.func == FSCK)
+ return FSCK_OPERATIONAL_ERROR;
return -1;
}
@@ -789,8 +800,11 @@ int main(int argc, char **argv)
}
/* Get device */
- if (f2fs_get_device_info() < 0)
+ if (f2fs_get_device_info() < 0) {
+ if (c.func == FSCK)
+ return FSCK_OPERATIONAL_ERROR;
return -1;
+ }
fsck_again:
memset(&gfsck, 0, sizeof(gfsck));
@@ -808,7 +822,7 @@ fsck_again:
switch (c.func) {
case FSCK:
- do_fsck(sbi);
+ ret = do_fsck(sbi);
break;
#ifdef WITH_DUMP
case DUMP:
@@ -856,8 +870,8 @@ fsck_again:
char ans[255] = {0};
retry:
printf("Do you want to fix this partition? [Y/N] ");
- ret = scanf("%s", ans);
- ASSERT(ret >= 0);
+ ret2 = scanf("%s", ans);
+ ASSERT(ret2 >= 0);
if (!strcasecmp(ans, "y"))
c.fix_on = 1;
else if (!strcasecmp(ans, "n"))
@@ -869,12 +883,15 @@ retry:
goto fsck_again;
}
}
- ret = f2fs_finalize_device();
- if (ret < 0)
- return ret;
+ ret2 = f2fs_finalize_device();
+ if (ret2) {
+ if (c.func == FSCK)
+ return FSCK_OPERATIONAL_ERROR;
+ return ret2;
+ }
printf("\nDone: %lf secs\n", (clock() - start) / (double)CLOCKS_PER_SEC);
- return 0;
+ return ret;
out_err:
if (sbi->ckpt)
--
2.27.0
+1 -1
View File
@@ -1,5 +1,5 @@
# Locally calculated
sha256 9df6c90aed1337634c1fb026fb01c154c29c82a64ea71291ff2da9aacb9aad31 ffmpeg-4.2.3.tar.xz
sha256 0d5da81feba073ee78e0f18e0966bcaf91464ae75e18e9a0135186249e3d2a0b ffmpeg-4.2.4.tar.xz
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING.GPLv2
sha256 b634ab5640e258563c536e658cad87080553df6f34f62269a21d554844e58bfe COPYING.LGPLv2.1
sha256 cad1218c22121b169fb1380178ab7a0b33cb38a3ff6d3915b8533d1d954f3ce7 LICENSE.md
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
FFMPEG_VERSION = 4.2.3
FFMPEG_VERSION = 4.2.4
FFMPEG_SOURCE = ffmpeg-$(FFMPEG_VERSION).tar.xz
FFMPEG_SITE = http://ffmpeg.org/releases
FFMPEG_INSTALL_STAGING = YES
@@ -0,0 +1,44 @@
From a93eac0e843148dc2d631c3ba80af17e9c8c860f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?F=C3=A1bio=20Cabral=20Pacheco?= <fcabralpacheco@gmail.com>
Date: Fri, 20 Dec 2019 12:03:33 -0300
Subject: [PATCH] Fix potential NULL pointer dereference in gdImageClone()
[Retrieved (and updated to remove .gitignore and tests) from:
https://github.com/libgd/libgd/commit/a93eac0e843148dc2d631c3ba80af17e9c8c860f]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/gd.c | 9 +--------
tests/gdimageclone/.gitignore | 1 +
tests/gdimageclone/CMakeLists.txt | 1 +
tests/gdimageclone/Makemodule.am | 3 ++-
tests/gdimageclone/style.c | 30 ++++++++++++++++++++++++++++++
5 files changed, 35 insertions(+), 9 deletions(-)
create mode 100644 tests/gdimageclone/style.c
diff --git a/src/gd.c b/src/gd.c
index 592a0286..d564d1f9 100644
--- a/src/gd.c
+++ b/src/gd.c
@@ -2865,14 +2865,6 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
}
}
- if (src->styleLength > 0) {
- dst->styleLength = src->styleLength;
- dst->stylePos = src->stylePos;
- for (i = 0; i < src->styleLength; i++) {
- dst->style[i] = src->style[i];
- }
- }
-
dst->interlace = src->interlace;
dst->alphaBlendingFlag = src->alphaBlendingFlag;
@@ -2907,6 +2899,7 @@ BGD_DECLARE(gdImagePtr) gdImageClone (gdImagePtr src) {
if (src->style) {
gdImageSetStyle(dst, src->style, src->styleLength);
+ dst->stylePos = src->stylePos;
}
for (i = 0; i < gdMaxColors; i++) {
@@ -0,0 +1,39 @@
From 2e886046f86d0d6bfc14aab94a881259a081e3f4 Mon Sep 17 00:00:00 2001
From: wilson chen <willson.chenwx@gmail.com>
Date: Fri, 20 Dec 2019 10:12:04 +0800
Subject: [PATCH] Fix #497: gdImageColorMatch Out Of Bounds Write on Heap
(CVE-2019-6977)
Fixed CVE-2019-6977 and add corresponding testcase.
Original patch by Christoph M. Bechker <cmbecker69@gmx.de>
https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
[Retrieved (and updated to remove .gitignore and tests) from:
https://github.com/libgd/libgd/commit/2e886046f86d0d6bfc14aab94a881259a081e3f4]
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
---
src/gd_color_match.c | 5 ++---
tests/gdimagecolormatch/.gitignore | 1 +
tests/gdimagecolormatch/CMakeLists.txt | 1 +
tests/gdimagecolormatch/Makemodule.am | 1 +
tests/gdimagecolormatch/cve_2019_6977.c | 25 +++++++++++++++++++++++++
5 files changed, 30 insertions(+), 3 deletions(-)
create mode 100644 tests/gdimagecolormatch/cve_2019_6977.c
diff --git a/src/gd_color_match.c b/src/gd_color_match.c
index f0842b69..f0194302 100644
--- a/src/gd_color_match.c
+++ b/src/gd_color_match.c
@@ -31,9 +31,8 @@ BGD_DECLARE(int) gdImageColorMatch (gdImagePtr im1, gdImagePtr im2)
return -4; /* At least 1 color must be allocated */
}
- buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * im2->colorsTotal);
- memset (buf, 0, sizeof(unsigned long) * 5 * im2->colorsTotal );
-
+ buf = (unsigned long *)gdMalloc(sizeof(unsigned long) * 5 * gdMaxColors);
+ memset (buf, 0, sizeof(unsigned long) * 5 * gdMaxColors );
for (x=0; x < im1->sx; x++) {
for( y=0; y<im1->sy; y++ ) {
color = im2->pixels[y][x];
+13
View File
@@ -14,6 +14,19 @@ GD_CONFIG_SCRIPTS = gdlib-config
GD_CONF_OPTS = --without-x --disable-rpath --disable-werror
GD_DEPENDENCIES = host-pkgconf
# 0001-bmp-check-return-value-in-gdImageBmpPtr.patch
GD_IGNORE_CVES += CVE-2018-1000222
# 0002-Fix-420-Potential-infinite-loop-in-gdImageCreateFrom.patch
GD_IGNORE_CVES += CVE-2018-5711
# 0003-Fix-501-Uninitialized-read-in-gdImageCreateFromXbm-C.patch
GD_IGNORE_CVES += CVE-2019-11038
# 0004-Fix-492-Potential-double-free-in-gdImage-Ptr.patch
GD_IGNORE_CVES += CVE-2019-6978
# 0005-Fix-potential-NULL-pointer-dereference-in-gdImageClone.patch
GD_IGNORE_CVES += CVE-2018-14553
# 0006-Fix-497-gdImageColorMatch-Out-Of-Bounds-Write-on-Heap-CVE-2019-6977.patch
GD_IGNORE_CVES += CVE-2019-6977
# gd forgets to link utilities with -pthread even though it uses
# pthreads, causing linking errors with static linking
ifeq ($(BR2_TOOLCHAIN_HAS_THREADS),y)
+3 -3
View File
@@ -1,4 +1,4 @@
# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.10.sha256sum
sha256 f8f6fa896b89475c73b6e9e8d2a2b062fc359c4b4ccb8e96470d6ab5da949ace gdk-pixbuf-2.36.10.tar.xz
# From http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/2.36/gdk-pixbuf-2.36.12.sha256sum
sha256 fff85cf48223ab60e3c3c8318e2087131b590fd6f1737e42cb3759a3b427a334 gdk-pixbuf-2.36.12.tar.xz
# Locally calculated
sha256 d245807f90032872d1438d741ed21e2490e1175dc8aa3afa5ddb6c8e529b58e5 COPYING
sha256 d245807f90032872d1438d741ed21e2490e1175dc8aa3afa5ddb6c8e529b58e5 COPYING
+1 -1
View File
@@ -5,7 +5,7 @@
################################################################################
GDK_PIXBUF_VERSION_MAJOR = 2.36
GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).10
GDK_PIXBUF_VERSION = $(GDK_PIXBUF_VERSION_MAJOR).12
GDK_PIXBUF_SOURCE = gdk-pixbuf-$(GDK_PIXBUF_VERSION).tar.xz
GDK_PIXBUF_SITE = http://ftp.gnome.org/pub/gnome/sources/gdk-pixbuf/$(GDK_PIXBUF_VERSION_MAJOR)
GDK_PIXBUF_LICENSE = LGPL-2.0+
+3 -3
View File
@@ -1,5 +1,5 @@
# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs950/SHA512SUMS
sha512 3c1e5db519a427f4b6bfb8d93f3c3dfb67d5ec9ccd19c7afa7670deb768515f3fc617c5588e54934bbfbedfdf8609ce2ffa36dd7da3cb618937fe034f64f43ee ghostscript-9.50.tar.xz
# From https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs952/SHA512SUMS
sha512 4c4a33884e1138bad553eee61fac1a72158297ad5c2ce46a4b36150848dea8158affaf2b902f4ff03e4f72ebc8154c198b618112624f409230a610b7648faa67 ghostscript-9.52.tar.xz
# Hash for license file:
sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
sha256 6f852249f975287b3efd43a5883875e47fa9f3125e2f1b18b5c09517ac30ecf2 LICENSE
+3 -2
View File
@@ -4,7 +4,7 @@
#
################################################################################
GHOSTSCRIPT_VERSION = 9.50
GHOSTSCRIPT_VERSION = 9.52
GHOSTSCRIPT_SITE = https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs$(subst .,,$(GHOSTSCRIPT_VERSION))
GHOSTSCRIPT_SOURCE = ghostscript-$(GHOSTSCRIPT_VERSION).tar.xz
GHOSTSCRIPT_LICENSE = AGPL-3.0
@@ -34,7 +34,8 @@ GHOSTSCRIPT_POST_PATCH_HOOKS += GHOSTSCRIPT_REMOVE_LIBS
GHOSTSCRIPT_CONF_ENV = \
CCAUX="$(HOSTCC)" \
CFLAGSAUX="$(HOST_CFLAGS) $(HOST_LDFLAGS)"
CFLAGSAUX="$(HOST_CFLAGS) $(HOST_LDFLAGS)" \
PKGCONFIG="$(PKG_CONFIG_HOST_BINARY)"
GHOSTSCRIPT_CONF_OPTS = \
--disable-compile-inits \
@@ -1,5 +1,5 @@
# Locally calculated (fetched from Github)
sha256 4462f56696332efbc5b0c2f86d7aa75a2a02c3d44bc4345fa42b5bab1225de5c glibc-2.30-67-g4748829f86a458b76642f3e98b1d80f7b868e427.tar.gz
sha256 ce788d30851a215d58ff94c972d9cff5956725cc5ee906298711ddc63078c315 glibc-2.30-73-gd59630f9959b0bb8991964758ab854ff4378b20d.tar.gz
# Hashes for license files
sha256 8177f97513213526df2cf6184d8ff986c675afb514d4e68a404010521b880643 COPYING
+1 -1
View File
@@ -17,7 +17,7 @@ else
# Generate version string using:
# git describe --match 'glibc-*' --abbrev=40 origin/release/MAJOR.MINOR/master | cut -d '-' -f 2-
# When updating the version, please also update localedef
GLIBC_VERSION = 2.30-67-g4748829f86a458b76642f3e98b1d80f7b868e427
GLIBC_VERSION = 2.30-73-gd59630f9959b0bb8991964758ab854ff4378b20d
# Upstream doesn't officially provide an https download link.
# There is one (https://sourceware.org/git/glibc.git) but it's not reliable,
# sometimes the connection times out. So use an unofficial github mirror.
@@ -0,0 +1,31 @@
From 1bc387f8feaab9020be72e88cf26ccc1a67a6a10 Mon Sep 17 00:00:00 2001
From: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Date: Sat, 22 Aug 2020 23:33:48 +0200
Subject: [PATCH] meson: allow the user to disable opencv
Allow the user to really disable opencv through meson (i.e.
-Dopencv=disabled).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
[Upstream status:
https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1533]
---
gst-libs/gst/opencv/meson.build | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gst-libs/gst/opencv/meson.build b/gst-libs/gst/opencv/meson.build
index 6cc4602f3..fb6c46e40 100644
--- a/gst-libs/gst/opencv/meson.build
+++ b/gst-libs/gst/opencv/meson.build
@@ -13,7 +13,7 @@ opencv_dep = dependency('opencv', version : '>= 3.0.0', required : false)
if not opencv_dep.found()
opencv_dep = dependency('opencv4', version : '>= 4.0.0', required : false)
endif
-if opencv_dep.found()
+if not get_option('opencv').disabled() and opencv_dep.found()
gstopencv = library('gstopencv-' + api_version,
opencv_sources,
c_args : gst_plugins_bad_args + ['-DBUILDING_GST_OPENCV'],
--
2.28.0
+3
View File
@@ -1,3 +1,6 @@
# Locally calculated
sha256 881d7d6a90b2428479288d64233151448f8990ab4958e0ecaca7eeb3c9db2bd7 hostapd-2.9.tar.gz
sha256 2d9a5b9d616f1b4aa4a22b967cee866e2f69b798b0b46803a7928c8559842bd7 0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
sha256 49feb35a5276279b465f6836d6fa2c6b34d94dc979e8b840d1918865c04260de 0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch
sha256 a8212a2d89a5bab2824d22b6047e7740553df163114fcec94832bfa9c5c5d78a 0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
sha256 9da5dd0776da266b180b915e460ff75c6ff729aca1196ab396529510f24f3761 README
+7
View File
@@ -8,6 +8,10 @@ HOSTAPD_VERSION = 2.9
HOSTAPD_SITE = http://w1.fi/releases
HOSTAPD_SUBDIR = hostapd
HOSTAPD_CONFIG = $(HOSTAPD_DIR)/$(HOSTAPD_SUBDIR)/.config
HOSTAPD_PATCH = \
https://w1.fi/security/2020-1/0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch \
https://w1.fi/security/2020-1/0002-WPS-UPnP-Fix-event-message-generation-using-a-long-U.patch \
https://w1.fi/security/2020-1/0003-WPS-UPnP-Handle-HTTP-initiation-failures-for-events-.patch
HOSTAPD_DEPENDENCIES = host-pkgconf
HOSTAPD_CFLAGS = $(TARGET_CFLAGS)
HOSTAPD_LICENSE = BSD-3-Clause
@@ -16,6 +20,9 @@ HOSTAPD_LICENSE_FILES = README
# 0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
HOSTAPD_IGNORE_CVES += CVE-2019-16275
# 0001-WPS-UPnP-Do-not-allow-event-subscriptions-with-URLs-.patch
HOSTAPD_IGNORE_CVES += CVE-2020-12695
HOSTAPD_CONFIG_SET =
HOSTAPD_CONFIG_ENABLE = \
+1 -6
View File
@@ -40,13 +40,8 @@ IPUTILS_DEPENDENCIES += libgcrypt
else ifeq ($(BR2_PACKAGE_OPENSSL),y)
IPUTILS_CONF_OPTS += -DUSE_CRYPTO=openssl
IPUTILS_DEPENDENCIES += openssl
else ifeq ($(BR2_PACKAGE_LINUX_HEADERS),y)
IPUTILS_CONF_OPTS += -DUSE_CRYPTO=kernel
IPUTILS_DEPENDENCIES += linux-headers
else
IPUTILS_CONF_OPTS += -DUSE_CRYPTO=none
# BUILD_NINFOD=true and USE_CRYPTO=none cannot be combined
IPUTILS_NINFOD = n
IPUTILS_CONF_OPTS += -DUSE_CRYPTO=kernel
endif
ifeq ($(BR2_PACKAGE_SYSTEMD),y)
-1
View File
@@ -89,7 +89,6 @@ config BR2_PACKAGE_JANUS_GATEWAY_UNIX_SOCKETS
config BR2_PACKAGE_JANUS_GATEWAY_WEBSOCKETS
bool "WebSockets"
depends on BR2_USE_MMU
select BR2_PACKAGE_LIBWEBSOCKETS
endif
@@ -1,35 +0,0 @@
From 24fc4d6f01d2d4c8297d1bebec02360f796e01c2 Mon Sep 17 00:00:00 2001
From: Michael Vetter <jubalh@iodoru.org>
Date: Mon, 4 Nov 2019 18:17:44 +0100
Subject: [PATCH] Verify range data in jp2_pclr_getdata
This fixes CVE-2018-19541.
We need to verify the data is in the expected range. Otherwise we get
problems later.
This is a better fix for https://github.com/mdadams/jasper/pull/199
which caused segfaults under certain circumstances.
Patch by Adam Majer <adam.majer@suse.de>
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
---
src/libjasper/jp2/jp2_cod.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/libjasper/jp2/jp2_cod.c b/src/libjasper/jp2/jp2_cod.c
index 890e6ad..0f8d804 100644
--- a/src/libjasper/jp2/jp2_cod.c
+++ b/src/libjasper/jp2/jp2_cod.c
@@ -855,6 +855,12 @@ static int jp2_pclr_getdata(jp2_box_t *box, jas_stream_t *in)
jp2_getuint8(in, &pclr->numchans)) {
return -1;
}
+
+ // verify in range data as per I.5.3.4 - Palette box
+ if (pclr->numchans < 1 || pclr->numlutents < 1 || pclr->numlutents > 1024) {
+ return -1;
+ }
+
lutsize = pclr->numlutents * pclr->numchans;
if (!(pclr->lutdata = jas_alloc2(lutsize, sizeof(int_fast32_t)))) {
return -1;
@@ -1,24 +0,0 @@
From fc62d1b7164ded2405fd6a0604548b34a5a77462 Mon Sep 17 00:00:00 2001
From: Timothy Lyanguzov <timothy.lyanguzov@sap.com>
Date: Mon, 18 Mar 2019 16:46:24 +1300
Subject: [PATCH] Fix CVE-2018-19542: Check for NULL pointer in jp2_decode
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
---
src/libjasper/jp2/jp2_dec.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/src/libjasper/jp2/jp2_dec.c b/src/libjasper/jp2/jp2_dec.c
index 03b0eaf..a535c19 100644
--- a/src/libjasper/jp2/jp2_dec.c
+++ b/src/libjasper/jp2/jp2_dec.c
@@ -388,6 +388,9 @@ jas_image_t *jp2_decode(jas_stream_t *in, const char *optstr)
jas_image_setcmpttype(dec->image, newcmptno, jp2_getct(jas_image_clrspc(dec->image), 0, channo + 1));
}
#endif
+ } else {
+ jas_eprintf("error: invalid MTYP in CMAP box\n");
+ goto error;
}
}
}
@@ -1,29 +0,0 @@
From e38454aa1a15b78c028a778fc8bfba3587e25c25 Mon Sep 17 00:00:00 2001
From: Michael Vetter <jubalh@iodoru.org>
Date: Fri, 15 Mar 2019 11:01:02 +0100
Subject: [PATCH] Make sure asclen is at least 1
If txtdesc->asclen is < 1, the array index of txtdesc->ascdata will be negative which causes the heap based overflow.
Regards CVE-2018-19540.
Regards https://github.com/mdadams/jasper/issues/182 bug#3
Fix by Markus Koschany <apo@debian.org>.
From https://gist.github.com/apoleon/13598a45bf6522f6a79b77a629205823
Signed-off-by: Michael Vetter <jubalh@iodoru.org>
---
src/libjasper/base/jas_icc.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/libjasper/base/jas_icc.c b/src/libjasper/base/jas_icc.c
index 4607930..762c0e8 100644
--- a/src/libjasper/base/jas_icc.c
+++ b/src/libjasper/base/jas_icc.c
@@ -1104,6 +1104,8 @@ static int jas_icctxtdesc_input(jas_iccattrval_t *attrval, jas_stream_t *in,
if (jas_stream_read(in, txtdesc->ascdata, txtdesc->asclen) !=
JAS_CAST(int, txtdesc->asclen))
goto error;
+ if (txtdesc->asclen < 1)
+ goto error;
txtdesc->ascdata[txtdesc->asclen - 1] = '\0';
if (jas_iccgetuint32(in, &txtdesc->uclangcode) ||
jas_iccgetuint32(in, &txtdesc->uclen))
+1 -1
View File
@@ -1,3 +1,3 @@
# Locally calculated
sha256 f1d8b90f231184d99968f361884e2054a1714fdbbd9944ba1ae4ebdcc9bbfdb1 jasper-2.0.16.tar.gz
sha256 b9d16162a088617ada36450f2374d72165377cb64b33ed197c200bcfb73ec76c jasper-2.0.19.tar.gz
sha256 4ad1bb42aff888c4403d792e6e2c5f1716d6c279fea70b296333c9d577d30b81 LICENSE
+2 -2
View File
@@ -4,8 +4,8 @@
#
################################################################################
JASPER_VERSION = 2.0.16
JASPER_SITE = $(call github,mdadams,jasper,version-$(JASPER_VERSION))
JASPER_VERSION = 2.0.19
JASPER_SITE = $(call github,jasper-software,jasper,version-$(JASPER_VERSION))
JASPER_INSTALL_STAGING = YES
JASPER_LICENSE = JasPer-2.0
JASPER_LICENSE_FILES = LICENSE
+2 -2
View File
@@ -1,4 +1,4 @@
# From https://github.com/json-c/json-c/wiki
sha256 b87e608d4d3f7bfdd36ef78d56d53c74e66ab278d318b71e6002a369d36f4873 json-c-0.13.1.tar.gz
sha256 b8d80a1ddb718b3ba7492916237bbf86609e9709fb007e7f7d4322f02341a4c6 json-c-0.15.tar.gz
# Locally calculated
sha256 74c1e6ca5eba76b54d0ad00d4815c8315c1b3bc45ff99de61d103dc92486284c COPYING
sha256 74c1e6ca5eba76b54d0ad00d4815c8315c1b3bc45ff99de61d103dc92486284c COPYING
+3 -11
View File
@@ -4,19 +4,11 @@
#
################################################################################
JSON_C_VERSION = 0.13.1
JSON_C_VERSION = 0.15
JSON_C_SITE = https://s3.amazonaws.com/json-c_releases/releases
JSON_C_INSTALL_STAGING = YES
JSON_C_LICENSE = MIT
JSON_C_LICENSE_FILES = COPYING
# update config.h.in timestamp to avoid autoheader run
define JSON_C_UPDATE_CONFIG_TIMESTAMP
touch $(@D)/config.h.in
endef
JSON_C_POST_EXTRACT_HOOKS += JSON_C_UPDATE_CONFIG_TIMESTAMP
HOST_JSON_C_POST_EXTRACT_HOOKS += JSON_C_UPDATE_CONFIG_TIMESTAMP
$(eval $(autotools-package))
$(eval $(host-autotools-package))
$(eval $(cmake-package))
$(eval $(host-cmake-package))
@@ -1,50 +0,0 @@
From 3a46be47cad5a3498b5f6d6007b7d1fe5b8dff78 Mon Sep 17 00:00:00 2001
Message-Id: <3a46be47cad5a3498b5f6d6007b7d1fe5b8dff78.1594274321.git.baruch@tkos.co.il>
From: Baruch Siach <baruch@tkos.co.il>
Date: Thu, 9 Jul 2020 08:14:49 +0300
Subject: [PATCH] bearssl: fix build with disabled proxy support
Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
defined.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: https://github.com/curl/curl/pull/5666
lib/vtls/bearssl.c | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/lib/vtls/bearssl.c b/lib/vtls/bearssl.c
index 628e16a124a9..44e7406e8e39 100644
--- a/lib/vtls/bearssl.c
+++ b/lib/vtls/bearssl.c
@@ -300,8 +300,12 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex)
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
struct ssl_backend_data *backend = connssl->backend;
const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
+#ifndef CURL_DISABLE_PROXY
const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
conn->host.name;
+#else
+ const char *hostname = conn->host.name;
+#endif
const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
const bool verifyhost = SSL_CONN_CONFIG(verifyhost);
CURLcode ret;
@@ -386,8 +390,11 @@ static CURLcode bearssl_connect_step1(struct connectdata *conn, int sockindex)
*/
#ifdef USE_NGHTTP2
- if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
- (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
+ if(data->set.httpversion >= CURL_HTTP_VERSION_2
+#ifndef CURL_DISABLE_PROXY
+ && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)
+#endif
+ ) {
backend->protocols[cur++] = NGHTTP2_PROTO_VERSION_ID;
infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID);
}
--
2.27.0
@@ -1,159 +0,0 @@
From d040da28f57d0b3fcd6f63809a8c85a600f87a62 Mon Sep 17 00:00:00 2001
Message-Id: <d040da28f57d0b3fcd6f63809a8c85a600f87a62.1594274337.git.baruch@tkos.co.il>
From: Baruch Siach <baruch@tkos.co.il>
Date: Thu, 9 Jul 2020 08:14:49 +0300
Subject: [PATCH] nss: fix build with disabled proxy support
Avoid reference to fields that do not exist when CURL_DISABLE_PROXY is
defined.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: https://github.com/curl/curl/pull/5667
lib/vtls/nss.c | 44 +++++++++++++++++++++++++++++++++++---------
1 file changed, 35 insertions(+), 9 deletions(-)
diff --git a/lib/vtls/nss.c b/lib/vtls/nss.c
index fca292613815..0f0d1ee6c80f 100644
--- a/lib/vtls/nss.c
+++ b/lib/vtls/nss.c
@@ -1027,9 +1027,11 @@ static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
CERTCertificate *cert;
/* remember the cert verification result */
+#ifndef CURL_DISABLE_PROXY
if(SSL_IS_PROXY())
data->set.proxy_ssl.certverifyresult = err;
else
+#endif
data->set.ssl.certverifyresult = err;
if(err == SSL_ERROR_BAD_CERT_DOMAIN && !SSL_CONN_CONFIG(verifyhost))
@@ -1553,24 +1555,32 @@ static void nss_close(struct ssl_connect_data *connssl)
static void Curl_nss_close(struct connectdata *conn, int sockindex)
{
struct ssl_connect_data *connssl = &conn->ssl[sockindex];
+#ifndef CURL_DISABLE_PROXY
struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex];
+#endif
struct ssl_backend_data *backend = connssl->backend;
- if(backend->handle || connssl_proxy->backend->handle) {
+ if(backend->handle
+#ifndef CURL_DISABLE_PROXY
+ || connssl_proxy->backend->handle
+#endif
+ ) {
/* NSS closes the socket we previously handed to it, so we must mark it
as closed to avoid double close */
fake_sclose(conn->sock[sockindex]);
conn->sock[sockindex] = CURL_SOCKET_BAD;
}
+#ifndef CURL_DISABLE_PROXY
if(backend->handle)
/* nss_close(connssl) will transitively close also
connssl_proxy->backend->handle if both are used. Clear it to avoid
a double close leading to crash. */
connssl_proxy->backend->handle = NULL;
- nss_close(connssl);
nss_close(connssl_proxy);
+#endif
+ nss_close(connssl);
}
/* return true if NSS can provide error code (and possibly msg) for the
@@ -1828,6 +1838,12 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
CURLcode result;
bool second_layer = FALSE;
SSLVersionRange sslver_supported;
+#ifndef CURL_DISABLE_PROXY
+ const char *hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
+ conn->host.name;
+#else
+ const char *hostname = conn->host.name;
+#endif
SSLVersionRange sslver = {
SSL_LIBRARY_VERSION_TLS_1_0, /* min */
@@ -1932,9 +1948,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
goto error;
/* not checked yet */
+#ifndef CURL_DISABLE_PROXY
if(SSL_IS_PROXY())
data->set.proxy_ssl.certverifyresult = 0;
else
+#endif
data->set.ssl.certverifyresult = 0;
if(SSL_BadCertHook(model, BadCertHandler, conn) != SECSuccess)
@@ -1991,12 +2009,14 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
goto error;
}
+#ifndef CURL_DISABLE_PROXY
if(conn->proxy_ssl[sockindex].use) {
DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state);
DEBUGASSERT(conn->proxy_ssl[sockindex].backend->handle != NULL);
nspr_io = conn->proxy_ssl[sockindex].backend->handle;
second_layer = TRUE;
}
+#endif
else {
/* wrap OS file descriptor by NSPR's file descriptor abstraction */
nspr_io = PR_ImportTCPSocket(sockfd);
@@ -2077,8 +2097,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
unsigned char protocols[128];
#ifdef USE_NGHTTP2
- if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
- (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
+ if(data->set.httpversion >= CURL_HTTP_VERSION_2
+#ifndef CURL_DISABLE_PROXY
+ && (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)
+#endif
+ ) {
protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
NGHTTP2_PROTO_VERSION_ID_LEN);
@@ -2101,14 +2124,11 @@ static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
goto error;
/* propagate hostname to the TLS layer */
- if(SSL_SetURL(backend->handle, SSL_IS_PROXY() ? conn->http_proxy.host.name :
- conn->host.name) != SECSuccess)
+ if(SSL_SetURL(backend->handle, hostname) != SECSuccess)
goto error;
/* prevent NSS from re-using the session for a different hostname */
- if(SSL_SetSockPeerID(backend->handle, SSL_IS_PROXY() ?
- conn->http_proxy.host.name : conn->host.name)
- != SECSuccess)
+ if(SSL_SetSockPeerID(backend->handle, hostname) != SECSuccess)
goto error;
return CURLE_OK;
@@ -2127,11 +2147,17 @@ static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
struct Curl_easy *data = conn->data;
CURLcode result = CURLE_SSL_CONNECT_ERROR;
PRUint32 timeout;
+#ifndef CURL_DISABLE_PROXY
long * const certverifyresult = SSL_IS_PROXY() ?
&data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
const char * const pinnedpubkey = SSL_IS_PROXY() ?
data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
+#else
+ long * const certverifyresult = &data->set.ssl.certverifyresult;
+ const char * const pinnedpubkey =
+ data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
+#endif
/* check timeout situation */
--
2.27.0
+2 -2
View File
@@ -1,5 +1,5 @@
# Locally calculated after checking pgp signature
# https://curl.haxx.se/download/curl-7.71.1.tar.xz.asc
# https://curl.haxx.se/download/curl-7.72.0.tar.xz.asc
# signed with key 27EDEAF22F3ABCEB50DB9A125CC908FDB71E12C2
sha256 40f83eda27cdbeb25cd4da48cefb639af1b9395d6026d2da1825bf059239658c curl-7.71.1.tar.xz
sha256 0ded0808c4d85f2ee0db86980ae610cc9d165e9ca9da466196cc73c346513713 curl-7.72.0.tar.xz
sha256 db3c4a3b3695a0f317a0c5176acd2f656d18abc45b3ee78e50935a78eb1e132e COPYING
+1 -1
View File
@@ -4,7 +4,7 @@
#
################################################################################
LIBCURL_VERSION = 7.71.1
LIBCURL_VERSION = 7.72.0
LIBCURL_SOURCE = curl-$(LIBCURL_VERSION).tar.xz
LIBCURL_SITE = https://curl.haxx.se/download
LIBCURL_DEPENDENCIES = host-pkgconf \
-1
View File
@@ -1,6 +1,5 @@
config BR2_PACKAGE_LIBWEBSOCKETS
bool "libwebsockets"
depends on BR2_USE_MMU # fork()
select BR2_PACKAGE_ZLIB
help
Libwebsockets is a lightweight pure C library built to use
+5 -5
View File
@@ -318,11 +318,11 @@ endchoice
config BR2_DEFAULT_KERNEL_HEADERS
string
default "4.4.226" if BR2_KERNEL_HEADERS_4_4
default "4.9.226" if BR2_KERNEL_HEADERS_4_9
default "4.14.183" if BR2_KERNEL_HEADERS_4_14
default "4.19.127" if BR2_KERNEL_HEADERS_4_19
default "5.4.45" if BR2_KERNEL_HEADERS_5_4
default "4.4.234" if BR2_KERNEL_HEADERS_4_4
default "4.9.234" if BR2_KERNEL_HEADERS_4_9
default "4.14.195" if BR2_KERNEL_HEADERS_4_14
default "4.19.142" if BR2_KERNEL_HEADERS_4_19
default "5.4.61" if BR2_KERNEL_HEADERS_5_4
default BR2_DEFAULT_KERNEL_VERSION if BR2_KERNEL_HEADERS_VERSION
default "custom" if BR2_KERNEL_HEADERS_CUSTOM_TARBALL
default BR2_KERNEL_HEADERS_CUSTOM_REPO_VERSION \
+2 -2
View File
@@ -1,5 +1,5 @@
# From http://www.live555.com/liveMedia/public/live555-latest-md5.txt
md5 12e105c8fef9d34658d68367dc26a3d9 live.2019.09.30.tar.gz
# Locally generated
sha256 ef44f48a84324525cebc2081dd2d0f1e908f2d0a79d9d30dd41967e142dfb06b live.2019.09.30.tar.gz
sha256 8ceb4b9ee5adedde47b31e975c1d90c73ad27b6b165a1dcd80c7c545eb65b903 COPYING
sha256 ef44f48a84324525cebc2081dd2d0f1e908f2d0a79d9d30dd41967e142dfb06b live.2019.09.30.tar.gz
sha256 da7eabb7bafdf7d3ae5e9f223aa5bdc1eece45ac569dc21b3b037520b4464768 COPYING.LESSER
+6 -2
View File
@@ -7,8 +7,12 @@
LIVE555_VERSION = 2019.09.30
LIVE555_SOURCE = live.$(LIVE555_VERSION).tar.gz
LIVE555_SITE = http://www.live555.com/liveMedia/public
LIVE555_LICENSE = LGPL-2.1+
LIVE555_LICENSE_FILES = COPYING
# There is a COPYING file with the GPL-3.0 license text, but none of
# the source files appear to be released under GPL-3.0, and the
# project web site says it's licensed under the LGPL:
# http://live555.com/liveMedia/faq.html#copyright-and-license
LIVE555_LICENSE = LGPL-3.0+
LIVE555_LICENSE_FILES = COPYING.LESSER
LIVE555_INSTALL_STAGING = YES
LIVE555_CFLAGS = $(TARGET_CFLAGS)
+1
View File
@@ -320,6 +320,7 @@ config BR2_PACKAGE_MESA3D_XVMC
depends on BR2_PACKAGE_XORG7
depends on BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_NOUVEAU \
|| BR2_PACKAGE_MESA3D_GALLIUM_DRIVER_R600
select BR2_PACKAGE_MESA3D_NEEDS_X11
select BR2_PACKAGE_XLIB_LIBXV
select BR2_PACKAGE_XLIB_LIBXVMC
help
+2 -2
View File
@@ -1,6 +1,6 @@
# Locally calculated after checking gpg signature
# from https://mosquitto.org/files/source/mosquitto-1.6.9.tar.gz.asc
sha256 412979b2db0a0020bd02fa64f0a0de9e7000b84462586e32b67f29bb1f6c1685 mosquitto-1.6.9.tar.gz
# from https://mosquitto.org/files/source/mosquitto-1.6.12.tar.gz.asc
sha256 548d73d19fb787dd0530334e398fd256ef3a581181678488a741a995c4f007fb mosquitto-1.6.12.tar.gz
# License files
sha256 cc77e25bafd40637b7084f04086d606f0a200051b61806f97c93405926670bc1 LICENSE.txt

Some files were not shown because too many files have changed in this diff Show More