| Message ID | 20230227025703.4986-1-vkumbhar@mvista.com |
|---|---|
| State | New, archived |
| Headers | show |
| Series | [dunfell] harfbuzz: fix CVE-2023-25193 allows attackers to trigger O(n^2) growth via consecutive marks | expand |
This patch results in build errors on dunfell:
| In file included from ../../harfbuzz-2.6.4/src/hb-ot-layout-gpos-table.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-kern.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-aat-layout-kerx-table.hh:31,
| from ../../harfbuzz-2.6.4/src/hb-aat-layout.cc:36:
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::next()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:376:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 376 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::prev()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:406:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 406 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-meta.cc -fPIC -DPIC -o
.libs/libharfbuzz_la-hb-ot-meta.o
| In file included from ../../harfbuzz-2.6.4/src/main.cc:30:
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::next()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:376:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 376 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::prev()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:406:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 406 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../x86_64-poky-linux-libtool --tag=CXX --mode=compile
x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3
-mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat
-Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c -o
libharfbuzz_la-hb-ot-metrics.lo `test -f 'hb-ot-metrics.cc' || echo
'../../harfbuzz-2.6.4/src/'`hb-ot-metrics.cc
| ../x86_64-poky-linux-libtool --tag=CXX --mode=compile
x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3
-mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat
-Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c -o
libharfbuzz_la-hb-ot-name.lo `test -f 'hb-ot-name.cc' || echo
'../../harfbuzz-2.6.4/src/'`hb-ot-name.cc
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-metrics.cc -fPIC -DPIC -o
.libs/libharfbuzz_la-hb-ot-metrics.o
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-name.cc -fPIC -DPIC -o
.libs/libharfbuzz_la-hb-ot-name.o
| In file included from ../../harfbuzz-2.6.4/src/hb-ot-layout-gpos-table.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-kern.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-aat-layout-kerx-table.hh:31,
| from ../../harfbuzz-2.6.4/src/hb-ot-kern-table.hh:30,
| from ../../harfbuzz-2.6.4/src/hb-ot-face.cc:34:
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::next()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:376:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 376 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::prev()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:406:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 406 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| In file included from ../../harfbuzz-2.6.4/src/hb-ot-layout-gpos-table.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-kern.hh:32,
| from ../../harfbuzz-2.6.4/src/hb-aat-layout-kerx-table.hh:31,
| from ../../harfbuzz-2.6.4/src/hb-ot-kern-table.hh:30,
| from ../../harfbuzz-2.6.4/src/hb-ot-layout.cc:45:
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::next()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:376:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 376 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::prev()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:406:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 406 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../x86_64-poky-linux-libtool --tag=CXX --mode=compile
x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3
-mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat
-Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c -o
libharfbuzz_la-hb-ot-shape-complex-arabic.lo `test -f
'hb-ot-shape-complex-arabic.cc' || echo
'../../harfbuzz-2.6.4/src/'`hb-ot-shape-complex-arabic.cc
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-shape-complex-arabic.cc -fPIC -DPIC -o
.libs/libharfbuzz_la-hb-ot-shape-complex-arabic.o
| ../x86_64-poky-linux-libtool --tag=CXX --mode=compile
x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3
-mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat
-Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c -o
libharfbuzz_la-hb-ot-shape-complex-default.lo `test -f
'hb-ot-shape-complex-default.cc' || echo
'../../harfbuzz-2.6.4/src/'`hb-ot-shape-complex-default.cc
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-shape-complex-default.cc -fPIC -DPIC
-o .libs/libharfbuzz_la-hb-ot-shape-complex-default.o
| ../x86_64-poky-linux-libtool --tag=CXX --mode=compile
x86_64-poky-linux-g++ -m64 -march=core2 -mtune=core2 -msse3
-mfpmath=sse -fstack-protector-strong -D_FORTIFY_SOURCE=2 -Wformat
-Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c -o
libharfbuzz_la-hb-ot-shape-complex-hangul.lo `test -f
'hb-ot-shape-complex-hangul.cc' || echo
'../../harfbuzz-2.6.4/src/'`hb-ot-shape-complex-hangul.cc
| x86_64-poky-linux-libtool: compile: x86_64-poky-linux-g++ -m64
-march=core2 -mtune=core2 -msse3 -mfpmath=sse -fstack-protector-strong
-D_FORTIFY_SOURCE=2 -Wformat -Wformat-security -Werror=format-security
--sysroot=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot
-DHAVE_CONFIG_H -I. -I../../harfbuzz-2.6.4/src -I.. -pthread
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/glib-2.0
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/lib/glib-2.0/include
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/freetype2
-I/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot/usr/include/libpng16
-fno-rtti -O2 -pipe -g -feliminate-unused-debug-types
-fmacro-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0=/usr/src/debug/harfbuzz/2.6.4-r0
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot=
-fdebug-prefix-map=/home/steve/builds/poky-contrib/build/tmp/work/core2-64-poky-linux/harfbuzz/2.6.4-r0/recipe-sysroot-native=
-fvisibility-inlines-hidden -fno-exceptions -fno-threadsafe-statics
-fvisibility-inlines-hidden -std=c++11 -c
../../harfbuzz-2.6.4/src/hb-ot-shape-complex-hangul.cc -fPIC -DPIC -o
.libs/libharfbuzz_la-hb-ot-shape-complex-hangul.o
| make[4]: *** [Makefile:2573: main-main.o] Error 1
| make[4]: *** Waiting for unfinished jobs....
| In file included from ../../harfbuzz-2.6.4/src/hb-ot-layout-gsub-table.hh:32,
| from
../../harfbuzz-2.6.4/src/hb-ot-shape-complex-arabic-fallback.hh:33,
| from
../../harfbuzz-2.6.4/src/hb-ot-shape-complex-arabic.cc:245:
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::next()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:376:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 376 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh: In member
function 'bool OT::hb_ot_apply_context_t::skipping_iterator_t::prev()':
| ../../harfbuzz-2.6.4/src/hb-ot-layout-gsubgpos.hh:406:30: error:
'HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT' was not declared in this
scope
| 406 | if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
| | ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| make[4]: *** [Makefile:2083: libharfbuzz_la-hb-aat-layout.lo] Error 1
| make[4]: *** [Makefile:2181: libharfbuzz_la-hb-ot-face.lo] Error 1
| make[4]: *** [Makefile:2195: libharfbuzz_la-hb-ot-layout.lo] Error 1
| make[4]: *** [Makefile:2237:
libharfbuzz_la-hb-ot-shape-complex-arabic.lo] Error 1
On Sun, Feb 26, 2023 at 4:57 PM vkumbhar <vkumbhar@mvista.com> wrote:
>
> [layout] Limit how far we skip when looking back
>
> Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
> ---
> .../harfbuzz/harfbuzz/CVE-2023-25193.patch | 71 +++++++++++++++++++
> .../harfbuzz/harfbuzz_2.6.4.bb | 5 +-
> 2 files changed, 75 insertions(+), 1 deletion(-)
> create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch
>
> diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch
> new file mode 100644
> index 0000000000..1ae80c29c3
> --- /dev/null
> +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch
> @@ -0,0 +1,71 @@
> +From 85be877925ddbf34f74a1229f3ca1716bb6170dc Mon Sep 17 00:00:00 2001
> +From: Behdad Esfahbod <behdad@behdad.org>
> +Date: Wed, 1 Feb 2023 20:00:43 -0700
> +Subject: [PATCH] [layout] Limit how far we skip when looking back
> +
> +Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc]
> +CVE: CVE-2023-25193
> +Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com>
> +---
> + src/hb-ot-layout-common.hh | 7 +++++++
> + src/hb-ot-layout-gsubgpos.hh | 19 ++++++++++++++++---
> + 2 files changed, 23 insertions(+), 3 deletions(-)
> +
> +diff --git a/src/hb-ot-layout-common.hh b/src/hb-ot-layout-common.hh
> +index fa08140..833be06 100644
> +--- a/src/hb-ot-layout-common.hh
> ++++ b/src/hb-ot-layout-common.hh
> +@@ -60,6 +60,13 @@
> + #define HB_MAX_LANGSYS 2000
> + #endif
> +
> ++#ifndef HB_MAX_NESTING_LEVEL
> ++#define HB_MAX_NESTING_LEVEL 6
> ++#endif
> ++#ifndef HB_MAX_CONTEXT_LENGTH
> ++#define HB_MAX_CONTEXT_LENGTH 64
> ++#endif
> ++
> +
> + namespace OT {
> +
> +diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh
> +index 579d178..357c2bb 100644
> +--- a/src/hb-ot-layout-gsubgpos.hh
> ++++ b/src/hb-ot-layout-gsubgpos.hh
> +@@ -372,7 +372,10 @@ struct hb_ot_apply_context_t :
> + bool next ()
> + {
> + assert (num_items > 0);
> +- while (idx + num_items < end)
> ++ unsigned stop = end - num_items;
> ++ if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
> ++ stop = end - 1;
> ++ while (idx < stop)
> + {
> + idx++;
> + const hb_glyph_info_t &info = c->buffer->info[idx];
> +@@ -398,8 +401,18 @@ struct hb_ot_apply_context_t :
> + }
> + bool prev ()
> + {
> +- assert (num_items > 0);
> +- while (idx > num_items - 1)
> ++ assert (num_items > 0);
> ++ unsigned stop = 1 - num_items;
> ++ if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT)
> ++ stop = 1 - 1;
> ++
> ++ /* When looking back, limit how far we search; this function is mostly
> ++ * used for looking back for base glyphs when attaching marks. If we
> ++ * don't limit, we can get O(n^2) behavior where n is the number of
> ++ * consecutive marks. */
> ++ stop = (unsigned) hb_max ((int) stop, (int) idx - HB_MAX_CONTEXT_LENGTH);
> ++
> ++ while (idx > stop)
> + {
> + idx--;
> + const hb_glyph_info_t &info = c->buffer->out_info[idx];
> +--
> +2.25.1
> +
> diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb
> index ee08c12bee..a488dbee35 100644
> --- a/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb
> +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb
> @@ -7,7 +7,10 @@ LICENSE = "MIT"
> LIC_FILES_CHKSUM = "file://COPYING;md5=e11f5c3149cdec4bb309babb020b32b9 \
> file://src/hb-ucd.cc;beginline=1;endline=15;md5=29d4dcb6410429195df67efe3382d8bc"
>
> -SRC_URI = "http://www.freedesktop.org/software/harfbuzz/release/${BP}.tar.xz"
> +SRC_URI = "http://www.freedesktop.org/software/harfbuzz/release/${BP}.tar.xz \
> + file://CVE-2023-25193.patch \
> + "
> +
> SRC_URI[md5sum] = "2b3a4dfdb3e5e50055f941978944da9f"
> SRC_URI[sha256sum] = "9413b8d96132d699687ef914ebb8c50440efc87b3f775d25856d7ec347c03c12"
>
> --
> 2.25.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#177768): https://lists.openembedded.org/g/openembedded-core/message/177768
> Mute This Topic: https://lists.openembedded.org/mt/97258861/3620601
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [steve@sakoman.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch new file mode 100644 index 0000000000..1ae80c29c3 --- /dev/null +++ b/meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch @@ -0,0 +1,71 @@ +From 85be877925ddbf34f74a1229f3ca1716bb6170dc Mon Sep 17 00:00:00 2001 +From: Behdad Esfahbod <behdad@behdad.org> +Date: Wed, 1 Feb 2023 20:00:43 -0700 +Subject: [PATCH] [layout] Limit how far we skip when looking back + +Upstream-Status: Backport [https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc] +CVE: CVE-2023-25193 +Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> +--- + src/hb-ot-layout-common.hh | 7 +++++++ + src/hb-ot-layout-gsubgpos.hh | 19 ++++++++++++++++--- + 2 files changed, 23 insertions(+), 3 deletions(-) + +diff --git a/src/hb-ot-layout-common.hh b/src/hb-ot-layout-common.hh +index fa08140..833be06 100644 +--- a/src/hb-ot-layout-common.hh ++++ b/src/hb-ot-layout-common.hh +@@ -60,6 +60,13 @@ + #define HB_MAX_LANGSYS 2000 + #endif + ++#ifndef HB_MAX_NESTING_LEVEL ++#define HB_MAX_NESTING_LEVEL 6 ++#endif ++#ifndef HB_MAX_CONTEXT_LENGTH ++#define HB_MAX_CONTEXT_LENGTH 64 ++#endif ++ + + namespace OT { + +diff --git a/src/hb-ot-layout-gsubgpos.hh b/src/hb-ot-layout-gsubgpos.hh +index 579d178..357c2bb 100644 +--- a/src/hb-ot-layout-gsubgpos.hh ++++ b/src/hb-ot-layout-gsubgpos.hh +@@ -372,7 +372,10 @@ struct hb_ot_apply_context_t : + bool next () + { + assert (num_items > 0); +- while (idx + num_items < end) ++ unsigned stop = end - num_items; ++ if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT) ++ stop = end - 1; ++ while (idx < stop) + { + idx++; + const hb_glyph_info_t &info = c->buffer->info[idx]; +@@ -398,8 +401,18 @@ struct hb_ot_apply_context_t : + } + bool prev () + { +- assert (num_items > 0); +- while (idx > num_items - 1) ++ assert (num_items > 0); ++ unsigned stop = 1 - num_items; ++ if (c->buffer->flags & HB_BUFFER_FLAG_PRODUCE_UNSAFE_TO_CONCAT) ++ stop = 1 - 1; ++ ++ /* When looking back, limit how far we search; this function is mostly ++ * used for looking back for base glyphs when attaching marks. If we ++ * don't limit, we can get O(n^2) behavior where n is the number of ++ * consecutive marks. */ ++ stop = (unsigned) hb_max ((int) stop, (int) idx - HB_MAX_CONTEXT_LENGTH); ++ ++ while (idx > stop) + { + idx--; + const hb_glyph_info_t &info = c->buffer->out_info[idx]; +-- +2.25.1 + diff --git a/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb b/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb index ee08c12bee..a488dbee35 100644 --- a/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb +++ b/meta/recipes-graphics/harfbuzz/harfbuzz_2.6.4.bb @@ -7,7 +7,10 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=e11f5c3149cdec4bb309babb020b32b9 \ file://src/hb-ucd.cc;beginline=1;endline=15;md5=29d4dcb6410429195df67efe3382d8bc" -SRC_URI = "http://www.freedesktop.org/software/harfbuzz/release/${BP}.tar.xz" +SRC_URI = "http://www.freedesktop.org/software/harfbuzz/release/${BP}.tar.xz \ + file://CVE-2023-25193.patch \ + " + SRC_URI[md5sum] = "2b3a4dfdb3e5e50055f941978944da9f" SRC_URI[sha256sum] = "9413b8d96132d699687ef914ebb8c50440efc87b3f775d25856d7ec347c03c12"
[layout] Limit how far we skip when looking back Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> --- .../harfbuzz/harfbuzz/CVE-2023-25193.patch | 71 +++++++++++++++++++ .../harfbuzz/harfbuzz_2.6.4.bb | 5 +- 2 files changed, 75 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-graphics/harfbuzz/harfbuzz/CVE-2023-25193.patch