| Message ID | 20240527161104.2954913-1-f_l_k@t-online.de |
|---|---|
| State | New |
| Headers | show |
| Series | ghostscript: update 10.03.0 -> 10.03.1 | expand |
On Mon, 27 May 2024 at 18:10, Markus Volk via lists.openembedded.org
<f_l_k=t-online.de@lists.openembedded.org> wrote:
> Patchstatus still pending. Is this the right thing to do?
No. The expectation is that patches are submitted upstream first.
Because otherwise they won't be submitted at all, most of the time,
from experience.
Alex
Thank you for your submission. Patchtest identified one or more issues with the patch. Please see the log below for more information: --- Testing patch /home/patchtest/share/mboxes/ghostscript-update-10.03.0---10.03.1.patch FAIL: test CVE tag format: Missing or incorrectly formatted CVE tag in patch file. Correct or include the CVE tag in the patch with format: "CVE: CVE-YYYY-XXXX" (test_patch.TestPatch.test_cve_tag_format) PASS: pretest src uri left files (test_metadata.TestMetadata.pretest_src_uri_left_files) PASS: test CVE check ignore (test_metadata.TestMetadata.test_cve_check_ignore) PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence) PASS: test Signed-off-by presence (test_patch.TestPatch.test_signed_off_by_presence) PASS: test Upstream-Status presence (test_patch.TestPatch.test_upstream_status_presence_format) PASS: test author valid (test_mbox.TestMbox.test_author_valid) PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence) PASS: test lic files chksum modified not mentioned (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned) PASS: test max line length (test_metadata.TestMetadata.test_max_line_length) PASS: test mbox format (test_mbox.TestMbox.test_mbox_format) PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade) PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format) PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length) PASS: test src uri left files (test_metadata.TestMetadata.test_src_uri_left_files) SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint) SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format) SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence) SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence) SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint) SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head) SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence) SKIP: test target mailing list: Series merged, no reason to check other mailing lists (test_mbox.TestMbox.test_target_mailing_list) --- Please address the issues identified and submit a new revision of the patch, or alternatively, reply to this email with an explanation of why the patch should be accepted. If you believe these results are due to an error in patchtest, please submit a bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category under 'Yocto Project Subprojects'). For more information on specific failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank you!
On Mon, 27 May 2024 at 18:17, Alexander Kanavin via lists.openembedded.org <alex.kanavin=gmail.com@lists.openembedded.org> wrote: > > On Mon, 27 May 2024 at 18:10, Markus Volk via lists.openembedded.org > <f_l_k=t-online.de@lists.openembedded.org> wrote: > > Patchstatus still pending. Is this the right thing to do? > > No. The expectation is that patches are submitted upstream first. > Because otherwise they won't be submitted at all, most of the time, > from experience. Also someone already send this update, but without the patch, and the patch looks odd: | ./pdf/pdf_sec.c:187:20: error: assignment to 'int *' from 'int' makes pointer from integer without a cast [-Wint-conversion] With this error, forcing a cast may be masking the real issue? int should not be forced into a pointer to int, ever. Alex
On Mon, May 27 2024 at 06:17:31 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > No. The expectation is that patches are submitted upstream first. > Because otherwise they won't be submitted at all, most of the time, > from experience. I will send it upstream if I'm a little more sure that it's not nonsense. I was hoping to get some feedback from someone who has more experience with C code.
On Mon, 27 May 2024 at 18:24, Markus Volk <f_l_k@t-online.de> wrote: > > On Mon, May 27 2024 at 06:17:31 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > > No. The expectation is that patches are submitted upstream first. Because otherwise they won't be submitted at all, most of the time, from experience. > > > I will send it upstream if I'm a little more sure that it's not nonsense. I was hoping to get some feedback from someone who has more experience with C code. More research on the error is needed I'm afraid. The patch does not look right. Alex
On Mon, May 27 2024 at 06:22:34 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > With this error, forcing a cast may be masking the real issue? int > should not be forced into a pointer to int, ever. Thanks. That was the information I was hoping for. Anyway, build for ghostscript currently fails and if the cast is causing the real issue, maybe it should be for now fixed like this? CFLAGS += "-Wno-int-conversion"
On Mon, 27 May 2024 at 18:32, Markus Volk <f_l_k@t-online.de> wrote: > > On Mon, May 27 2024 at 06:22:34 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > > With this error, forcing a cast may be masking the real issue? int should not be forced into a pointer to int, ever. > > > Thanks. That was the information I was hoping for. > > Anyway, build for ghostscript currently fails and if the cast is causing the real issue, maybe it should be for now fixed like this? > > CFLAGS += "-Wno-int-conversion" Someone sent the same version update but without the patch, so presumably it works for them? Do you have something special in your setup, can you try with plain poky master without the patch? Alex
On Mon, May 27 2024 at 06:39:44 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > Someone sent the same version update but without the patch, so > presumably it works for them? Do you have something special in your > setup, can you try with plain poky master without the patch? I'm additionally building with PACKAGECONFIG:append = " gtk libidn" I'll verify if thats the reason
On Mon, May 27 2024 at 06:39:44 PM +02:00:00, Alexander Kanavin <alex.kanavin@gmail.com> wrote: > Do you have something special in your > setup, can you try with plain poky master without the patch? This error is caused by adding the 'libidn' PACKAGECONFIG
diff --git a/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch b/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch new file mode 100644 index 0000000000..58403a5260 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch @@ -0,0 +1,16 @@ +Upstream-Status: Pending +Signed-off-by: Markus Volk <f_l_k@t-online.de> + +--- a/pdf/pdf_sec.c 2024-05-02 11:45:25.000000000 +0200 ++++ b/pdf/pdf_sec.c 2024-05-27 17:42:26.695957128 +0200 +@@ -183,8 +183,8 @@ + * this easy: the errors we want to ignore are the ones with + * codes less than 100. */ + if ((int)err < 100) { +- NewPassword = Password; +- NewLen = Len; ++ NewPassword = (char **)Password; ++ NewLen = (int *)Len; + return 0; + } + diff --git a/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb b/meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb similarity index 95% rename from meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb rename to meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb index ff7d38676e..3df0caff72 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_10.03.0.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_10.03.1.bb @@ -25,9 +25,10 @@ def gs_verdir(v): SRC_URI = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/download/gs${@gs_verdir("${PV}")}/${BPN}-${PV}.tar.gz \ file://ghostscript-9.16-Werror-return-type.patch \ file://avoid-host-contamination.patch \ + file://fix-int-conversion.patch \ " -SRC_URI[sha256sum] = "6f2bc61023469fcf7c7c2d7f1bdd75b75f2b41836aa1d5e641396246d4abbb59" +SRC_URI[sha256sum] = "31cd01682ad23a801cc3bbc222a55f07c4ea3e068bdfb447792d54db21a2e8ad" PACKAGECONFIG ??= "" PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+3"
Patch release to address security bugs: CVE-2024-33869 CVE-2023-52722 CVE-2024-33870 CVE-2024-33871 CVE-2024-29510 - add a patch to fix: | ./pdf/pdf_sec.c:186:25: error: assignment to 'char **' from incompatible pointer type 'char *' [-Wincompatible-pointer-types] | 186 | NewPassword = Password; | | ^ | ./pdf/pdf_sec.c:187:20: error: assignment to 'int *' from 'int' makes pointer from integer without a cast [-Wint-conversion] | 187 | NewLen = Len; | | ^ | make: *** [pdf/pdf.mak:169: obj/pdf_sec.o] Error 1 Patchstatus still pending. Is this the right thing to do? Signed-off-by: Markus Volk <f_l_k@t-online.de> --- .../ghostscript/fix-int-conversion.patch | 16 ++++++++++++++++ ...tscript_10.03.0.bb => ghostscript_10.03.1.bb} | 3 ++- 2 files changed, 18 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-extended/ghostscript/ghostscript/fix-int-conversion.patch rename meta/recipes-extended/ghostscript/{ghostscript_10.03.0.bb => ghostscript_10.03.1.bb} (95%)