From patchwork Sat Jan 25 18:02:55 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56103 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A2217C0218C for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f175.google.com (mail-pl1-f175.google.com [209.85.214.175]) by mx.groups.io with SMTP id smtpd.web10.15096.1737828191677247194 for ; Sat, 25 Jan 2025 10:03:11 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=JjUMrL3M; spf=pass (domain: gmail.com, ip: 209.85.214.175, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f175.google.com with SMTP id d9443c01a7336-2164b662090so60838955ad.1 for ; Sat, 25 Jan 2025 10:03:11 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828191; x=1738432991; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=tEEgCAq3rbQEylSjYH8ijyq7pudTmM/HQ8IC2CnPO0U=; b=JjUMrL3M+WmbA/MtX9+dqE/v+OZCVPTO69OJL/WkNjfZRAN5uf4mIPHSoSWOBi9VeZ rUrRm7uNZWS94kMJCHoJtu09tLdOYSdEx2Kxtz3MKtU4KzSm5+FUe+2Lz3+ow4Bzg4WP FHTOVTyIQd7TC4a3vLrG7mQMVotf+Hh2oZH08KJUgafLWIoKbktd3Ozad2TWWqKvjBKU Iwpys+f4rIInAOcP4o4amQ6QxdDVilc6Ziuqd9GLsfTK8oUnEGD1cd63zL3nTDovr6V0 QFWHFuscPOEDSwCQxCbiZcsbuyIlb92FcNMyTLA7dtZy05XZYWewSFuvwWb/ypsfuhHg I2oA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828191; x=1738432991; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=tEEgCAq3rbQEylSjYH8ijyq7pudTmM/HQ8IC2CnPO0U=; b=cNDIQgySdLqDjvGHub/3rW359tx2LdM5cIq2XGwTmPbjnE69AwV7P+RDnk01kUVlZ6 4N6mvktCFewQ0iDepizrgsCZGqZ8quPJsd8L55aaq7OWBdMvYtrqFw1nVSurw954IBER Ew7e66WBMeyGfr0MlGf8UU/yOl6I/aFpUuCc12JSJoOc1FY2Rdh0Za3QfnT2gbicDI5P smrRDVVltsjtaKQD03gIQp5jOGDcH4x2uJAGm0Ua++je53C0QixfQtSjftSTs+i15tDq mRevnLT9qU3WcyzJfvk3Kr0HYiEOOk1GKv1MIoFCjvaz5ZK1uGD6jC73b4fJdhYtqteW WnVQ== X-Gm-Message-State: AOJu0YwWplK16eTdDeAm22Vmy3UfOJ7mclhgWg+UABKYnVKIkzQkZeaz ow3TqlnZUy9O+TlhTkG3uFHHDs3/T79Q8La1MXzSDhSGV7C4sYZhsM14AA== X-Gm-Gg: ASbGncvQX4XhQC0B3q23yKGLB5xPlf9reRdp6fZhrGkle8Kscd43FwEwnC/kVYP1S8c Vyixi8I7G50MLYSE1ReQLvdKfXHmzBuF14MTZJSL7PJVQwYGcu/k1WvXyx9kYPgvPhAyTF9pRic NKSmLB0FKSgL/lwn7WsdzjiFNVP8pT3VkBPVGAJUw8d3NCq6GCY9G8i4Lylsd1ElUl8hmiyyMK2 x6ccjqQw1EPa9dimC8BhKvlwMiEDdVj5jZlCphlmXhIpP+w9lG865O1+m0KByRCkvspG7677uWe 7m8GyPRZZylFvFfw3/zsK6KX4d8= X-Google-Smtp-Source: AGHT+IGrHXEDCyWvx4gJixPkCuJGnjGieeImC3v/HK29myf2N+Je7HGoz/DDlAR7pC15VDu4SsFgBA== X-Received: by 2002:a05:6a00:1813:b0:729:cc5:fa42 with SMTP id d2e1a72fcca58-72dafbaa1c1mr51448663b3a.20.1737828190867; Sat, 25 Jan 2025 10:03:10 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:10 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Hieu Van Nguyen Subject: [meta-oe][styhead][PATCH 01/14] gphoto2: Fix /usr/bin/gphoto2 runtime error Date: Sat, 25 Jan 2025 10:02:55 -0800 Message-ID: <20250125180308.7856-1-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115084 From: Hieu Van Nguyen After fixing the TMPDIR [buildpaths] warning, a segmentation fault while running gphoto2 command. It seems 'sed' is primarily designed for text processing. When running 'sed' on a binary, it may overwrite or corrupt critical parts of the binary. > root@qemux86-64:~# gphoto2 -v > Segmentation fault Signed-off-by: Hieu Van Nguyen Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/gphoto2/gphoto2_2.5.28.bb | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-graphics/gphoto2/gphoto2_2.5.28.bb b/meta-oe/recipes-graphics/gphoto2/gphoto2_2.5.28.bb index aba590aa02..1dc2a1fc34 100644 --- a/meta-oe/recipes-graphics/gphoto2/gphoto2_2.5.28.bb +++ b/meta-oe/recipes-graphics/gphoto2/gphoto2_2.5.28.bb @@ -19,8 +19,6 @@ EXTRA_OECONF += "--with-jpeg-prefix=${STAGING_INCDIR} \ --without-cdk \ " -INSANE_SKIP:${PN} = "already-stripped" - -do_install:append() { - sed -i -e 's#${RECIPE_SYSROOT}##g' ${D}${bindir}/gphoto2 +do_configure:append() { + sed -i -e 's#${RECIPE_SYSROOT}##g' ${B}/config.h } From patchwork Sat Jan 25 18:02:56 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56109 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C8084C02191 for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f179.google.com (mail-pl1-f179.google.com [209.85.214.179]) by mx.groups.io with SMTP id smtpd.web11.14806.1737828192651219951 for ; Sat, 25 Jan 2025 10:03:12 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=YVwy42wK; spf=pass (domain: gmail.com, ip: 209.85.214.179, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f179.google.com with SMTP id d9443c01a7336-21680814d42so51621215ad.2 for ; Sat, 25 Jan 2025 10:03:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828192; x=1738432992; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=80MrsSXpCK81Tq5Y/64j/7bQney7MLozQL0dypAHJYc=; b=YVwy42wKnhSH4e0zYhq8Yiql6gR1Fj9wdDifHNllLPQLGUM1X9b3dIiv4KR3BimCMQ JcQaZkifCDImgaKtrR67lRXOdngV6vXhDdR4pcZ7QoHAQJTw7w8vgJqVMsYANiYVqo2p gSPcKl9jkha9Zv0rmZokVGEKU99P59Gey26OskOq+OOolMlbGfE0znQEj9JpGPZVYu8s vsX8nj+WoCHRkDTWRliiPRPHKTy6Nafz+8CfJFjx0Kj74bBlISJsxUJI5X9v2i5MVSou Ky86JCLiCOSidDg4AIBpA34lBinCfiqWZeQDDv55FJvuAi1SgIEGSDA5GN8k0WCJwogm WCUg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828192; x=1738432992; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=80MrsSXpCK81Tq5Y/64j/7bQney7MLozQL0dypAHJYc=; b=WeIbISUiAXlH/h8P1yhXDukAIAOFCcYqDlIpDAn0dltQSN3v15SS/ucqZaIUozY523 ZEStRv7LpJMZ9AdDXyNaP97asqKhHcQNYK0TewvCipZrtv7Nj4ma4DEt4wo0CZSTudm4 D2q0ZVDPnlIoScgz9dRZVDVj0djPmTd0XlF5GOF6LvxT76USCGE3puWAYYhJ+Oa87ibt iCq+jgIJlF1NB07yDP+o4FtuZkU2F8VOhmBErD1gmcRnqSrM/aMIFhnCbZXHzfoE9zAx Ob4vKyYgBaQI4XGOVlZ0Vga8hDhSzjVYXhbKq3QFuMFupV5VOS5Z0AktrL7yDuyyp9VN SWng== X-Gm-Message-State: AOJu0YyK+XKOygt7lQNj3wBmFb3Nshvc5BhlALWSsOWPB/2AlaRcj2/P TVdCpGb+W26Fj1WGQCyCy1bnnMe/KC8h24YEDEWn8yjz2WFXIPtJqrwUvA== X-Gm-Gg: ASbGncsarVr4Vjd4C06ZTLW/Hujf6kDH6u/Adv10XFch7VG65XZNhk1lKE3wcmLNx2j +3SMnjZehCV6Wfi2na3jO6Nezxmw05c57CHDqMi9shKHY8JjTxDreF3KGsNtvHr29Dxv+8rB3xH kXDX2d5TVdH8kWFutRBQny7nbHoP4w0nXonN3sSvg7EsYz8NXmHhxVsHFKOcqA2tvnC6ZYIMBqU 6eN1ArNk94gA5TRLBDZMfv8HW0YDnwlkDnGd8cvYer3eFUsthtn/Fdzfr5PUJjx9qifmeZcxkn1 nwYBEOKwa0/v0OvmfAkbQ5+DHYM= X-Google-Smtp-Source: AGHT+IHEDRVVf38BqBj6Pmur6sv61rUZqNnY+ImbNDRpm7dUr+Cy/z1dzQZw6Yw0hNc0QmbVFO41Ww== X-Received: by 2002:a05:6a21:81a3:b0:1e8:bff6:8356 with SMTP id adf61e73a8af0-1eb214cb158mr40140591637.20.1737828191782; Sat, 25 Jan 2025 10:03:11 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:11 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Khem Raj Subject: [meta-oe][styhead][PATCH 02/14] mpd: Upgrade mpd to 0.23.16 Date: Sat, 25 Jan 2025 10:02:56 -0800 Message-ID: <20250125180308.7856-2-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115085 From: Khem Raj - Release Notes * database - fix integer overflows with 64-bit inode numbers * filter - ffmpeg: fix for filters producing no output * support libfmt 11 * support ICU 76 - Drop ICU-76 support patch its already in this release Signed-off-by: Khem Raj (cherry picked from commit e7ca3cedb0ada5363db24d1ba7256544732173d7) Signed-off-by: Armin Kuster --- ...n.build-support-building-with-ICU-76.patch | 52 ------------------- .../{mpd_0.23.15.bb => mpd_0.23.16.bb} | 3 +- 2 files changed, 1 insertion(+), 54 deletions(-) delete mode 100644 meta-multimedia/recipes-multimedia/musicpd/mpd/0001-meson.build-support-building-with-ICU-76.patch rename meta-multimedia/recipes-multimedia/musicpd/{mpd_0.23.15.bb => mpd_0.23.16.bb} (97%) diff --git a/meta-multimedia/recipes-multimedia/musicpd/mpd/0001-meson.build-support-building-with-ICU-76.patch b/meta-multimedia/recipes-multimedia/musicpd/mpd/0001-meson.build-support-building-with-ICU-76.patch deleted file mode 100644 index 8b85f396ca..0000000000 --- a/meta-multimedia/recipes-multimedia/musicpd/mpd/0001-meson.build-support-building-with-ICU-76.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 1a063fee7ec1077e248ff97ebf1f92c5c5941a67 Mon Sep 17 00:00:00 2001 -From: Michael Cho -Date: Sat, 26 Oct 2024 10:29:53 -0400 -Subject: [PATCH] meson.build: support building with ICU 76 - -ICU 76 decided to reduce overlinking[^1] thus `icu-i18n` will no longer -add `icu-uc` when linking to shared libraries. This results in failure: -``` -src/lib/icu/libicu.a.p/Converter.cxx.o: undefined reference to symbol 'ucnv_fromUnicode_76' -``` - -[^1]: https://github.com/unicode-org/icu/commit/199bc827021ffdb43b6579d68e5eecf54c7f6f56 - -Upstream-Status: Backport [https://github.com/MusicPlayerDaemon/MPD/commit/1a063fee7ec1077e248ff97ebf1f92c5c5941a67] -Signed-off-by: Khem Raj ---- - src/lib/icu/meson.build | 11 +++++++---- - 1 file changed, 7 insertions(+), 4 deletions(-) - -diff --git a/src/lib/icu/meson.build b/src/lib/icu/meson.build -index 3ecc0a517..e6cf8cdce 100644 ---- a/src/lib/icu/meson.build -+++ b/src/lib/icu/meson.build -@@ -1,5 +1,7 @@ --icu_dep = dependency('icu-i18n', version: '>= 50', required: get_option('icu')) --conf.set('HAVE_ICU', icu_dep.found()) -+icu_i18n_dep = dependency('icu-i18n', version: '>= 50', required: get_option('icu')) -+icu_uc_dep = dependency('icu-uc', version: '>= 50', required: get_option('icu')) -+have_icu = icu_i18n_dep.found() and icu_uc_dep.found() -+conf.set('HAVE_ICU', have_icu) - - icu_sources = [ - 'Canonicalize.cxx', -@@ -13,7 +15,7 @@ if is_windows - endif - - iconv_dep = [] --if icu_dep.found() -+if have_icu - icu_sources += [ - 'Init.cxx', - 'Util.cxx', -@@ -31,7 +33,8 @@ icu = static_library( - icu_sources, - include_directories: inc, - dependencies: [ -- icu_dep, -+ icu_i18n_dep, -+ icu_uc_dep, - iconv_dep, - fmt_dep, - ], diff --git a/meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.15.bb b/meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.16.bb similarity index 97% rename from meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.15.bb rename to meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.16.bb index 3fa4485a04..4d854d6fc5 100644 --- a/meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.15.bb +++ b/meta-multimedia/recipes-multimedia/musicpd/mpd_0.23.16.bb @@ -21,9 +21,8 @@ DEPENDS += " \ PV .= "+git" SRC_URI = "git://github.com/MusicPlayerDaemon/MPD;branch=master;protocol=https \ file://mpd.conf.in \ - file://0001-meson.build-support-building-with-ICU-76.patch \ " -SRCREV = "965c466e9bda262790e76edd5272e9e74b407ff3" +SRCREV = "b5bd294e5c88c062b1a9c0c4c60397fbf7f3f1c5" S = "${WORKDIR}/git" EXTRA_OEMESON += "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', '-Dsystemd=enabled -Dsystemd_system_unit_dir=${systemd_system_unitdir} -Dsystemd_user_unit_dir=${systemd_system_unitdir}', '-Dsystemd=disabled', d)} \ From patchwork Sat Jan 25 18:02:57 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56108 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C5A2FC02192 for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f174.google.com (mail-pl1-f174.google.com [209.85.214.174]) by mx.groups.io with SMTP id smtpd.web10.15097.1737828193503621451 for ; Sat, 25 Jan 2025 10:03:13 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=Jm04mJtf; spf=pass (domain: gmail.com, ip: 209.85.214.174, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f174.google.com with SMTP id d9443c01a7336-215770613dbso39511035ad.2 for ; Sat, 25 Jan 2025 10:03:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828193; x=1738432993; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=lkTIVVPGP4tPFczzakKxnSbRj6fRyfUZ7TZRqqFJWOI=; b=Jm04mJtfKRkT+uaaKrnfY2BzMN7PMyJIaALWMUhOnTyWftKOaa9/alhbCgPC1qQ3bl bQqsORx8nVHCougRI8ZsT7occog8DoaEmQECXq08nj7DfHgGrsg1eIRz7Hutmkh7MKlO ObvincwbyOt1WKbX8Ca1hi2xjKbV0wb8o2htSqJPSJ4AjF+ly+YKdWSxrzFo6ShWjbL2 0IT+8hy4xkewFAQzJIqmbtX6iv0v5VwzHZrMCTzdmBGvL6AhXQjIbHfoEukjbG0yl122 Yg9lSCjjCNFUJrVwMt0H40B+168k2x1sfR8iiT5iRgRXjxNkI7dK3s49YsAzuaG/vApg rjmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828193; x=1738432993; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=lkTIVVPGP4tPFczzakKxnSbRj6fRyfUZ7TZRqqFJWOI=; b=PWn18CUf4gtdG69YILQMbuRidqUbu9TWmyvj9i5dOOiKVoc2Muh6wPCUHxbj5KqeHK nDIIWDwFD8oNFSl7KQtWEC+wiqgXPuDet4wdsC/p7drS3LeD3iA+Q1f/rzYQ+6QnuQw8 zgNSFdeVXvtw+KgMhPmCfQBbIjoVgVOBmhohUXIm/uPepc8k9Tnabsw06ouKYKI/9gv+ kHR3E6lhd6uhCLW9DBXP98KSzYlkJmCIUhvytD/Rdgox1fw4mFBkDTeK908WKEMP27Ki 53tviuNbXJm6KlSRxlqTmP+KYM6eEiBoIPi2vd3iYUvzSEnJyVx7YKiRBXyU04X4Ovej ZgLQ== X-Gm-Message-State: AOJu0YxuAcSCC9DoYK5vIXX1/Pith5O9BFLCOYm9eKB0EjkBylFBHEox pkSYnrzfLKsMxX4ZkXwRuBkX6N21NUqetsvN7jDpKwAKerM5Cf4p8/km7w== X-Gm-Gg: ASbGncvQgGQJ5+q2/VqPK2HDbHIes6rWgReRLKOWxoJCcv5P21SHFdSuKbECUqClaM9 jPcQj+y14spuamYoEChPaa3QaxnIC3vbHZERt2Zu3LyYJBguw0ddUjsc8N1B3FsCHb8p6WbTcD9 E1u15VJRCPIKOKGxSX0l2Hu+BrubPK6+4XE98ahzafhH7v8AeERxN/9n3BHiW9gXLNldIefhYS4 h+ui873vqED4TZc7LkZ99GoFmyqadBCe9m+blhATxSlU0LpE5b3XhvKtMHRzJOGbbEx+vPiDbKC yrQ0Ox0tY7F1Z0qD2o+bf2pmYWA= X-Google-Smtp-Source: AGHT+IHV110Y2icvvZfyfN4sOcG45Ch92AVEYLLTOHQ2kypnqRUo1w9lKLuRkY1g3c88siAwiIYwJA== X-Received: by 2002:a05:6a20:3d87:b0:1e1:af74:a235 with SMTP id adf61e73a8af0-1eb214ea4a4mr59389026637.24.1737828192759; Sat, 25 Jan 2025 10:03:12 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.11 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:12 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: =?utf-8?q?J=C3=B6rg_Sommer?= , Khem Raj Subject: [meta-oe][styhead][PATCH 03/14] libtinyxml: set CVE product to tinyxml Date: Sat, 25 Jan 2025 10:02:57 -0800 Message-ID: <20250125180308.7856-3-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115086 From: Jörg Sommer This library gets tracked with the product name tinyxml: https://nvd.nist.gov/products/cpe/detail/95BDA29F-257C-4C44-8847-25CFC107228D Signed-off-by: Jörg Sommer Signed-off-by: Khem Raj (cherry picked from commit c5ef63d685b291b648c364dcd880dca39b13b538) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb index 6fbdd071e8..2a7ca30a9d 100644 --- a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb +++ b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb @@ -5,6 +5,7 @@ HOMEPAGE = "http://www.sourceforge.net/projects/tinyxml" LICENSE = "Zlib" LIC_FILES_CHKSUM = "file://readme.txt;md5=f8f366f3370dda889f60faa7db162cf4" SECTION = "libs" +CVE_PRODUCT = "tinyxml" SRC_URI = "${SOURCEFORGE_MIRROR}/tinyxml/tinyxml_${@'${PV}'.replace('.', '_')}.tar.gz \ From patchwork Sat Jan 25 18:02:58 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56106 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A83EBC0218F for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.15098.1737828194552739353 for ; Sat, 25 Jan 2025 10:03:14 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=lQEXNDfk; spf=pass (domain: gmail.com, ip: 209.85.214.170, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-21a7ed0155cso52743485ad.3 for ; Sat, 25 Jan 2025 10:03:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828194; x=1738432994; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Bb884nGgfFzrgplaBx26eolesA5wi8cZfYBTg6e7pa8=; b=lQEXNDfkFa8LlkucFWg0OGSsYr9Ld0osEdDrihAfO8BmG+uJbkVNTDzezzUa/8FE+q lDiG76RX7GZ8aGcg6YqOdUi5s0pGH42llTeubabyFkkzh9uXYn2vEMLnfsMthv7HG2fl g6MQNsHSAp0RSGm17ADlu4Tjq3VmS0wWv9g63RaNP4BQGUJsDMTzlLq8R5I1FlszQFQq s9SSZGVxrIdPZcTlp/gI/g3ldMwofYSHjmOdpCtfcdESEe8NyI0dNteJlkpWI6TscxNr aUZkiGfeNTT3NHrrUWLB8RWNAfOm61mUZHIsGpQTF21QWYW24EWlTXLTRZOoltL9uVmt Uzvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828194; x=1738432994; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Bb884nGgfFzrgplaBx26eolesA5wi8cZfYBTg6e7pa8=; b=rhbkeR2yqnVfAqzB0UNjRbi2/bRsAmUbWBCNsMLm3BeJjqvlmumhYruUHuUoJYmbsN Vyo/Rd5XQxBp5kvVHtP6aIHXzcCYGefFZ1613Z27OItKCm5H2L1KTKxjh6tlbdNm4jHY vdBsvl5RO+iVYci/P4K/ec+li1YgDe7Sf74O1tefb23lfPGi2fYOeIKXSGMPD9dIT1II GUvYA5pBQCzPUDHXsVHi8SmuaNVDygoGlga+rWLwHGZ17VUwvmpzUlsplvGFCy/bGR/i GatFn3ST7Ki0IOj3ID+aVjosli6bkxuOCGzTktwh/zJO33sc2fa6WeASNm1E73LGR2S1 vAVw== X-Gm-Message-State: AOJu0YzaeotVz8zh2pa3Dcg0yGqK2SCbwH2bzSZT/FcqmiSYW96vhz2N gqpTskqh8ZaueeApGFMMshyop6XCw0k9YEFbY3WY4cGDhQ+8/YRZiIErzQ== X-Gm-Gg: ASbGncsMq/26rWibajnNbFfWB6rAvOh6dBJ8PF0kJpeksEIKembL97gO+PL2mqFq+6O rwI7aeY8BMnKHJJkGC1RdsY4g0/+Qs0hBVbZSxk9AuFPVlr+Sn3CR3qhdqvYBtLyaz/D7CpOo5x K7ofy+JQuT/PCJdPHgc6SMTn6/K514nAxaghFVYQxLeOdnBMGmcNnGCAuTjSwXmrDQnsBWuqOPl rJdPVBm9fOGpHfCAiRn6MfI6pSrzJ8jTzHOEWOCpwCskSchC6iSiuXxGPhm8XiKrOCskJG44WXi EX2pvwdlhiCSmdbHkwm+uOO+gGM= X-Google-Smtp-Source: AGHT+IEF2KK8G4UaOB97JuT/Fnkzul3ZTLOuQsYgKSmA7l87/X1fLpMsdC13KDilAqOQyAnh+SudEQ== X-Received: by 2002:a05:6a00:ad8d:b0:72a:ae66:3050 with SMTP id d2e1a72fcca58-72daf931cd0mr45794091b3a.1.1737828193707; Sat, 25 Jan 2025 10:03:13 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.12 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:13 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 04/14] libtinyxml: patch CVE-2021-42260 Date: Sat, 25 Jan 2025 10:02:58 -0800 Message-ID: <20250125180308.7856-4-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115087 From: Peter Marko Take patch from Debian: https://salsa.debian.org/debian/tinyxml/-/commit/38db99c12e43d7d6e349403ce4d39a706708603d Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 066cf35ae588ef5f81266b216624b95d37777661) [Fixup for styhead context] Signed-off-by: Armin Kuster --- .../libtinyxml/CVE-2021-42260.patch | 27 +++++++++++++++++++ .../libtinyxml/libtinyxml_2.6.2.bb | 4 ++- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2021-42260.patch diff --git a/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2021-42260.patch b/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2021-42260.patch new file mode 100644 index 0000000000..8fc623744c --- /dev/null +++ b/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2021-42260.patch @@ -0,0 +1,27 @@ +Description: In stamp always advance the pointer if *p= 0xef + . + The current implementation only advanced if 0xef is followed + by two non-zero bytes. In case of malformed input (0xef should be + the start byte of a three byte character) this leads to an infinite + loop. (CVE-2021-42260) +Origin: https://sourceforge.net/p/tinyxml/git/merge-requests/1/ + +CVE: CVE-2021-42260 +Upstream-Status: Inactive-Upstream [lastrelease: 2011] +Signed-off-by: Peter Marko + +--- a/tinyxmlparser.cpp ++++ b/tinyxmlparser.cpp +@@ -274,6 +274,12 @@ void TiXmlParsingData::Stamp( const char* now, TiXmlEncoding encoding ) + else + { p +=3; ++col; } // A normal character. + } ++ else ++ { ++ // TIXML_UTF_LEAD_0 (239) is the start character of a 3 byte sequence, so ++ // there is something wrong here. Just advance the pointer to evade infinite loops ++ ++p; ++ } + } + else + { diff --git a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb index 2a7ca30a9d..9ab92012f4 100644 --- a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb +++ b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb @@ -10,7 +10,9 @@ CVE_PRODUCT = "tinyxml" SRC_URI = "${SOURCEFORGE_MIRROR}/tinyxml/tinyxml_${@'${PV}'.replace('.', '_')}.tar.gz \ file://enforce-use-stl.patch \ - file://entity-encoding.patch" + file://entity-encoding.patch \ + file://CVE-2021-42260.patch \ +" SRC_URI[md5sum] = "c1b864c96804a10526540c664ade67f0" SRC_URI[sha256sum] = "15bdfdcec58a7da30adc87ac2b078e4417dbe5392f3afb719f9ba6d062645593" From patchwork Sat Jan 25 18:02:59 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56104 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id A33D7C0218E for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web11.14808.1737828195499015552 for ; Sat, 25 Jan 2025 10:03:15 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=LDSmnVGc; spf=pass (domain: gmail.com, ip: 209.85.214.170, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-21619108a6bso53163395ad.3 for ; Sat, 25 Jan 2025 10:03:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828195; x=1738432995; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=eflqLNncEnO1imr2+2VMeNXswhNnNTBEG5aAVd9hQC4=; b=LDSmnVGc5uFwz8wo18oBsMtDHgcJWnRLn0bQyH1x4WEpbABCT1iyf34aTUPpyO70/r y8HibcbUb6rNGTIZJ6Lap52YuPCv0zlnW57GY6j12I8uBpu45TIlSQYJ+DspDbi55TbJ YPbdHzRyYKxgR2YAHpS/tR9xqwzaSFkTGFuVWxcPDmhSMxZo3l71iI2VOoiwuut0WSgt elqkLUIcpK4hR/7ewEKdLAYPJ3mW67CrUzbs7E5vckjqNb1CSne0zTBVBWMPNqMfTDl2 NM4YlJA5lqwzcusdeaxPtzrR6qIOU22BAc27nfLt2G0MPAoiFmUDy1wYDUfVuDv0XXjl SfjQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828195; x=1738432995; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=eflqLNncEnO1imr2+2VMeNXswhNnNTBEG5aAVd9hQC4=; b=YYa6+mrRzanjvgd2JFdD8Lnfd5C1yfXjPSp2nz3t90H7kZwSvfiasTf73QAdd/pqKu wAcK0KrrOepPdWPR+ci6AzpjOzpwo0ERWvW8+Bn50qiCrY8IG3mEEA177fLTd71UXPKE 8cNp0wE11rWj/tcnN3LFFVDEsMTyZdHuTygiFAWMBmhi2BbwgE/5HNJO8+nWpH3oelkf 5QkoJSicC7LVV3cpZzaDIJxY75l7I+S5SmuI44c6Ek/f+RacwUvamx3SBsknbjxNAjf7 WxAY01T3ZifAGfN6hWVC5Xl5vOU4Lm9R4fboHzeqLgP0YfwWdStOaQLt/223FQ5UZWtn KALA== X-Gm-Message-State: AOJu0YylEFeljOKu7fALuua32LRQDLfi4zzkpGW3Qcxijg43Moj1Rx+H 1ISH9hMa68Qopz0r9NS72ALWDVqJGpuWakA46+xDu6CbiAi/7KmdMJ7J2A== X-Gm-Gg: ASbGncuqNJRWomm8yNrPnKAazRY27r5L5pQpi9zqGzOlSdf/pFvqHK/pZq2dH+tQH1T MOibDFVFypG8/LiubJxOFI+mzx9p0TZtcCuok245E9R48fwT6qHhJ7+obJAEfKyQdrzD5laqGxh WEDefzpXXUOf9VJ6UWKVlHlM0gRqdlylQ1QNzQa/XqpoCww+qmPjvvmWcj//dse5na6V8pUYpd7 +WEcMiOb4OO8VSzBtjspdlABJvlq0kmOfSDJv/VZwwX+gFIGbI1oUmTPVvjvKVBargqyFSJlnWa fNR4gix/zGgHuEt3ZCwrK2NFs8o= X-Google-Smtp-Source: AGHT+IGCInF0g+9F60apmo+GKnvC4Ppu3KkXOUGxAyOLZx6QrRoTYW98gnbR4gU1aJ9e3ZGA4OiskQ== X-Received: by 2002:a05:6a21:6da5:b0:1e1:c07b:b087 with SMTP id adf61e73a8af0-1eb21183620mr52970805637.0.1737828194739; Sat, 25 Jan 2025 10:03:14 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:14 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 05/14] libtinyxml: patch CVE-2023-34194 Date: Sat, 25 Jan 2025 10:02:59 -0800 Message-ID: <20250125180308.7856-5-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115088 From: Peter Marko Take patch from Debian: https://salsa.debian.org/debian/tinyxml/-/commit/2366e1f23d059d4c20c43c54176b6bd78d6a83fc Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit f4a6966bf0cc48ee7fa83c64c2eec2c4fbf91eb4) Signed-off-by: Armin Kuster --- .../libtinyxml/CVE-2023-34194.patch | 31 +++++++++++++++++++ .../libtinyxml/libtinyxml_2.6.2.bb | 1 + 2 files changed, 32 insertions(+) create mode 100644 meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2023-34194.patch diff --git a/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2023-34194.patch b/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2023-34194.patch new file mode 100644 index 0000000000..a94806daad --- /dev/null +++ b/meta-oe/recipes-support/libtinyxml/libtinyxml/CVE-2023-34194.patch @@ -0,0 +1,31 @@ +From: Guilhem Moulin +Date: Sat, 30 Dec 2023 14:15:54 +0100 +Subject: Avoid reachable assertion via crafted XML document with a '\0' + located after whitespace + +Bug: https://www.forescout.com/resources/sierra21-vulnerabilities +Bug-Debian: https://bugs.debian.org/1059315 +Bug-Debian: https://security-tracker.debian.org/tracker/CVE-2023-34194 + +CVE: CVE-2023-34194 +Upstream-Status: Inactive-Upstream [lastrelease: 2011] +Signed-off-by: Peter Marko +--- + tinyxmlparser.cpp | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/tinyxmlparser.cpp b/tinyxmlparser.cpp +index 8aa0dfa..1601962 100644 +--- a/tinyxmlparser.cpp ++++ b/tinyxmlparser.cpp +@@ -1606,6 +1606,10 @@ const char* TiXmlDeclaration::Parse( const char* p, TiXmlParsingData* data, TiXm + } + + p = SkipWhiteSpace( p, _encoding ); ++ if ( !p || !*p ) ++ { ++ break; ++ } + if ( StringEqual( p, "version", true, _encoding ) ) + { + TiXmlAttribute attrib; diff --git a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb index 9ab92012f4..11bc2dde4c 100644 --- a/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb +++ b/meta-oe/recipes-support/libtinyxml/libtinyxml_2.6.2.bb @@ -12,6 +12,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/tinyxml/tinyxml_${@'${PV}'.replace('.', '_')}.t file://enforce-use-stl.patch \ file://entity-encoding.patch \ file://CVE-2021-42260.patch \ + file://CVE-2023-34194.patch \ " SRC_URI[md5sum] = "c1b864c96804a10526540c664ade67f0" SRC_URI[sha256sum] = "15bdfdcec58a7da30adc87ac2b078e4417dbe5392f3afb719f9ba6d062645593" From patchwork Sat Jan 25 18:03:00 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56107 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id AFE47C0218D for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web10.15099.1737828196581361181 for ; Sat, 25 Jan 2025 10:03:16 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=OWhJpj1Z; spf=pass (domain: gmail.com, ip: 209.85.214.169, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-21654fdd5daso53395995ad.1 for ; Sat, 25 Jan 2025 10:03:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828196; x=1738432996; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=jw6nbnLBmHgy24SLxl+KcZ/Dk15QS4RYEzVXiOodHAA=; b=OWhJpj1Z5A4FLcVp3vR9sofREDkUr45ocNDrlDABrzyYOnzsNYPKq0bPma4UjgeORP MyWSS2LB6y6WMnEaZwP4eY+B9YhCs3izilBsQ06pjsmb1VdQHpAsJBe/i2tjFu9XAP6j IwVoYWHKs/Du43nVV9pv0tAjtNE9AKGYSQrBXfCi0tPfGDgtd0Mew8lPoLT1Cq0bWLzI 3x0XkHTG11dABwePFof5LYNFyNFBEE/Do3WB447syOWKSv9uWgLzDlfDMbxzBGMKRG1L H6t3RgDi8xp3uuVJnLEIpAso5YYo5SFV/5f/Eyr/O52n2Ak/7jpnSgHvgu2+hYGZDYY6 Mq+A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828196; x=1738432996; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=jw6nbnLBmHgy24SLxl+KcZ/Dk15QS4RYEzVXiOodHAA=; b=oNG49yGPbUAN7hfFJzaY7e81gKF7rd6uky+3pU36OgI6xtvI/Wtv0YonzcoYcD5A+z tl5Tw/evtmx1h00LXDMnVgF9xt+Sy4vTkvsSZfft4oBeMyjJCzKp+odHQo007jIXQ+/1 zM7jVUST9hl2XZEQdkNcGmTe4Pnofalr30SLFUHs3YUI5jXqz+ToAOteNm0ZrFDhsBEa F1SXvH5FZC/4/PcvNzv+6tGL3Pox+Og6LCirKtcGQ5IfXi33P+vn0IRYMDWLtR5i4djZ zNbisfZcB8ndWQvAVhYFGO0xFR3Rc+CZsgBvFlHPqY4/0LTSgYSAoGqRLTpd/MDlWEC+ o4Rw== X-Gm-Message-State: AOJu0Yy9nSz+Hk0N5e2/OttFz2RiQTea/kUrLD3PRCQCkMubD3vyKq1i Q1uSrCKxO+sng46lDFGmtMGPB6tOcoZgLq5Wmi5lhGFDSfRFyWtore9BBg== X-Gm-Gg: ASbGncsKP2n7BQrEZ8PTU+Q87Yu6FaJDQKoXHcM9R0s2zPByhj78E+a1Qfj27okLwAa ntcbzBUbHptdyD+HQWUej27TjpcnucK133wT/+FmRoLquz/Kd/lTs661pN/22LHc317Ze5PRgGx OMeQQR4iKa3HhSZQX2i2ztCY0eNqWoyYyUVxLskLM/lxrUZ7Jse3bFIN+6mi6zh12EH/ClLS8mD Xm/2nGQZ8m9/+tzYl9id4Ga0KTGl9lNSayN5E3o6ryn3Z+ncvnddjfln0hsoG915pG/bcsTqJw2 Q+ome12+Ksx4Zbabo1yi0VFGSUE= X-Google-Smtp-Source: AGHT+IEgszlWBHq+wbRcHEEGsg/r41eVAU1ImQk+hxSG6GiYSGWSU9v2HGcJed1iEnfxOBiYHFDtDg== X-Received: by 2002:a05:6a00:2183:b0:72a:bc6a:3a87 with SMTP id d2e1a72fcca58-72daf86eb81mr48261032b3a.0.1737828195790; Sat, 25 Jan 2025 10:03:15 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:15 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Zhang Peng , Khem Raj Subject: [meta-oe][styhead][PATCH 06/14] lapack: fix TMPDIR reference in do_package_qa Date: Sat, 25 Jan 2025 10:03:00 -0800 Message-ID: <20250125180308.7856-6-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115089 From: Zhang Peng When building the `lapack` package, the following QA error occurs: "File /usr/lib64/libblas.so.3.12.0 in package lapack contains reference to TMPDIR [buildpaths]" The issue arises because the `xerbla.o` object file embeds the absolute host path of `xerbla.f`. This occurs during compilation, where the build command in `build.make` (generated by CMake) specifies: `gfortran -c /xerbla.f -o`. As a result, the absolute path is included in `xerbla.o`. Unfortunately, `gfortran` does not support flags like `-fdebug-prefix-map` or `-ffile-prefix-map` to remove such paths. To resolve this, the fix involves replacing the absolute path of `xerbla.f` in the generated `build.make` file with a relative path before the compilation step. This ensures that the resulting `xerbla.o` does not contain any references to TMPDIR, passing the `do_package_qa` check. For ptest code, the solution is to replace `${WORKDIR}` with `../../..` in the generated `build.make` files located in the TESTING directory. Signed-off-by: Zhang Peng Signed-off-by: Khem Raj (cherry picked from commit b617496fb08950c155e75c8f21bafb10e301095c) Signed-off-by: Armin Kuster --- .../recipes-devtools/lapack/lapack_3.12.0.bb | 31 +++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/meta-oe/recipes-devtools/lapack/lapack_3.12.0.bb b/meta-oe/recipes-devtools/lapack/lapack_3.12.0.bb index fef9d3a80e..4357515b71 100644 --- a/meta-oe/recipes-devtools/lapack/lapack_3.12.0.bb +++ b/meta-oe/recipes-devtools/lapack/lapack_3.12.0.bb @@ -33,6 +33,37 @@ OECMAKE_GENERATOR = "Unix Makefiles" inherit cmake pkgconfig ptest EXCLUDE_FROM_WORLD = "1" +# The `xerbla.o` file contains an absolute path in `xerbla.f.o`, but the options +# `-fdebug-prefix-map` and `-ffile-prefix-map` cannot be used because gfortran does not support them. +# To address this issue, we manually replace the absolute path with a relative path +# in the generated `build.make` file. +# +# An issue has been reported: https://github.com/Reference-LAPACK/lapack/issues/1087, +# requesting a fix in the source code. +# +# This workaround resolves the TMPDIR [buildpaths] issue by converting the absolute path +# of `xerbla.f` to a relative path. The steps are as follows: +# +# 1. Locate all `build.make` files after the `do_configure` step is completed. +# 2. Compute the relative path for `xerbla.f` based on the current build directory. +# 3. Replace the absolute path with the calculated relative path in the `build.make` files +# +# Additionally, when ptests are enabled, apply a simpler workaround for ptest code: +# - Replace occurrences of `${WORKDIR}` in all `build.make` files under the TESTING directory, excluding +# the MATGEN subdirectory, with a relative path prefix of `"../../.."`. +do_configure:append(){ + for file in `find ${B} -name build.make`; do + sed -i -e "s#\(.*-c \).*\(/xerbla\.f \)#\1$(grep '\-c .*xerbla\.f' $file | awk -F'cd ' '{print $2}'| \ + awk '{src=$1; sub(/.*-c /, ""); sub(/xerbla\.f.*/, ""); obj=$0; print src, obj}' | \ + while read src obj; do echo "$(realpath --relative-to="$src" "$obj")"; done)\2#g" $file + done + if (${@bb.utils.contains('PTEST_ENABLED', '1', 'true', 'false', d)});then + for file in `find . -name build.make -path '*TESTING*' -not -path '*MATGEN*'`; do + sed -i -e "s#\(.*-c \)\(${WORKDIR}\)\(.*.[f|F] \)#\1../../..\3#g" $file + done + fi +} + do_install_ptest () { rsync -a ${B}/TESTING ${D}${PTEST_PATH} \ --exclude CMakeFiles \ From patchwork Sat Jan 25 18:03:01 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56105 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C4668C02190 for ; Sat, 25 Jan 2025 18:03:17 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.15101.1737828197523476625 for ; Sat, 25 Jan 2025 10:03:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ELebAkiB; spf=pass (domain: gmail.com, ip: 209.85.214.176, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-21670dce0a7so64858065ad.1 for ; Sat, 25 Jan 2025 10:03:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828197; x=1738432997; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UCVLp3tIOElgqAPs4lfJAFIcIiU7ibeVm8+1IOVl/Ws=; b=ELebAkiBzUo7LVrVD9TKaYUxTLTzlgZUbnA3yScT5W8gWY56+TrzIVlATyYWiLnfPL 1ItBA9J5z03HhdsLWbr68gWiDGDNO+Ri17RzLuUYoLh73InAiIZecKkvVAlUvKsBverK 8Q49rq/F0TKC1/8a3PmnzE51kPyuOKkWcRaA2wyvuxiACOBG0sHPk/pQVB6A0DTbwy6e sANAASvEcG2zXbHP5FJKFuyQSfpZMS39ePAs9QvEtHNqLSpWJrRf4BYtfCbchBEN28+d hHN7q1nzNTLXBLdfYSQsZuTfEoz7iPvRkBtawPYY/c4C4D8VORGmnVLuxrfPcf5IHWpS AdUw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828197; x=1738432997; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UCVLp3tIOElgqAPs4lfJAFIcIiU7ibeVm8+1IOVl/Ws=; b=QlGbHP9aPTYzpA8KPVzl/lVMT2HCCXAOgHxoHVX9t/cS2+5AEHsSPBUcAh6ooOcVgx PL3vHWgR6QFI06BmK3uoVwvJoN7REehU5XDr97hnUNP7Kuqwk0+CkTm3MDL6H5qDTOb5 bG51x4wTv55l1aVdQh40TS9v6s9xwmwRqrynymemSIWzwHI/88XZv5o0R7dZ2WgC07y9 /PT/eUBfInhQpefA8ElvlnPaQQTAAfSEhmttKPyzJ6h/bV+ICKHizqkKALB0FKFIRZ73 BUB8A62/UZQOzL4TRZw+jScbJPMmJZr9TnIFPCftz8tMRcBJ4dDCXpglnC0BSAs9+YqK vgeQ== X-Gm-Message-State: AOJu0YwVerr5uxLpWFRxElJDng6E5uACmKhCGu0W1v6dxLU7iPPNApoe 8LAhLjufPOPlhYCCYh010Uns/TnCQ6hAKYBJC7mzRnNwtbTwlJVhGQAdmg== X-Gm-Gg: ASbGncsD91eBX/tzG2alHWLislfUbvl5+HPDzFtVztq/73DTvmfWAdEePsoUMRwn5BZ RJLjbUV/onPfX5P+tT9Bprsw5LLaaVWW/ABHgqSD9PU8TZjtQuMAAmFQcbLj/r4Ta41eWd9MV2E Iyj+L/fFPKE2T0Uj49YBJo3Or86UEjsu5sQDfYDQL56xzyjH4oZX6WlBZRkqnJ+odiT/ftcK2tw dWHadDT4T/tv5pRqgg8IELfWJJwohbJfg+yE2PTDdAtfslTYDAXlqj5hVJ3bs3Udcpe3lN3LuHC yjMd1gZamoOMWXKbt8J2Ko/rkQ4= X-Google-Smtp-Source: AGHT+IG3BvW+EXYaFIqufcCFzK52+Kp7SHKOrbvDeMsnBQyACpzUws/C+3ZNs2P/lWgV0Eb7lcQAkw== X-Received: by 2002:a05:6a00:18a7:b0:725:f376:f4ff with SMTP id d2e1a72fcca58-72dafa46e92mr45179505b3a.13.1737828196794; Sat, 25 Jan 2025 10:03:16 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.15 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:16 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: =?utf-8?q?J=C3=B6rg_Sommer?= , Khem Raj Subject: [meta-oe][styhead][PATCH 07/14] libtinyxml2: set CVE product to tinyxml2 Date: Sat, 25 Jan 2025 10:03:01 -0800 Message-ID: <20250125180308.7856-7-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:17 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115090 From: Jörg Sommer This library gets tracked with the product name tinyxml2: https://nvd.nist.gov/products/cpe/detail/5A6C04CB-E6AD-4740-882A-34620AEC060A Signed-off-by: Jörg Sommer Signed-off-by: Khem Raj (cherry picked from commit 1c60b8ccf7a011fcac05714fc29d47bbc21c5ea3) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libtinyxml2/libtinyxml2_10.0.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-support/libtinyxml2/libtinyxml2_10.0.0.bb b/meta-oe/recipes-support/libtinyxml2/libtinyxml2_10.0.0.bb index bcd309282b..2ee43ebc03 100644 --- a/meta-oe/recipes-support/libtinyxml2/libtinyxml2_10.0.0.bb +++ b/meta-oe/recipes-support/libtinyxml2/libtinyxml2_10.0.0.bb @@ -3,6 +3,7 @@ HOMEPAGE = "https://leethomason.github.io/tinyxml2" SECTION = "libs" LICENSE = "Zlib" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=135624eef03e1f1101b9ba9ac9b5fffd" +CVE_PRODUCT = "tinyxml2" SRCREV = "321ea883b7190d4e85cae5512a12e5eaa8f8731f" SRC_URI = "git://github.com/leethomason/tinyxml2.git;branch=master;protocol=https \ From patchwork Sat Jan 25 18:03:02 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56112 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C52E6C0218D for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f176.google.com (mail-pl1-f176.google.com [209.85.214.176]) by mx.groups.io with SMTP id smtpd.web10.15102.1737828198498879796 for ; Sat, 25 Jan 2025 10:03:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=TOIiRz86; spf=pass (domain: gmail.com, ip: 209.85.214.176, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f176.google.com with SMTP id d9443c01a7336-216281bc30fso73734515ad.0 for ; Sat, 25 Jan 2025 10:03:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828198; x=1738432998; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=50HGGyQZlZXbv0J+Ry+ZPm/4l0EuovizBnhM6hdvwwk=; b=TOIiRz8677olsP6rEKxfP1PY6QzIQCh7LPi5eVEjtsOkEykiLdRiSMoKJgAvdV0++g QitKxO44SD3QY9vWIsW5xVschhR1p/hYSVTKrX8naHesXkQxJC7dwnewJKY70jKkNhSg XfdzZ5BvyIo5pQyi7hVrELXoiU3l88LsLb8pckIZWYsf1t+mjgDRwU5mNTSjI8l9Mc7V QXhTa4wISSZy4I6WrJ1edzlsxLBCzCrv0VIpe61JEJkef48ox7waCiESPGyoelrPlDFm bCm7rYTbNzZ2VFrtRO/YOpdADZ/0loRWtUMWmEidDvIF6v8aBmlexUIMEAvf26yzL9qf s4gw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828198; x=1738432998; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=50HGGyQZlZXbv0J+Ry+ZPm/4l0EuovizBnhM6hdvwwk=; b=HywBiD+5cvMzI7ySp7YxqXZHM2AzVbdOpY7oSQmo48tYVYqKlBjOhR3j45MNvUD+Hb lryHFmiSQ56Z58Xmr8u8vj4tgzmPUhKi36u4oKzaHjEG/lCLzcC44XFXv1ozX+aH78ZV 2DVK+qcM5hj/m9eUYx8cbsEWLEDu99YvrQ6+BTXMIwLk3lIXBqhIEJdSOlsgiaZkreZJ KmmFxdXaKjXhQp6XO1nQfAbZ0VbHXj7Be5tvG4iPX4SsNTf9Fx/a2O3LeydhjhEwLkQl poKy8fogzyqL1GyXtxUPOfRMZPN65tClN9Kg/CbM5Ul92Zs1PNUtmH7NI8J69eVHrD68 4jiw== X-Gm-Message-State: AOJu0YyEIHh0XAk7HEjQ86DwxpHej+Fgf3NTHsYUxBMjCykwGRx0zYo7 XurMMFWqouFlVTzJrclrefKkK/7AVTPguoTvRVi0LdbfvmKlQFcFCcqGAA== X-Gm-Gg: ASbGncvkyETdHRT1vIwNbx6QfSGSWa3PMtUQTy4t3NakmQe8tKAWL6mKjDgyhlhJBmn D99KTvtp8PVRA4xTEGucw6KdCP+MTMSrdkJppsjhgw9ztEiPnwdgndZ8C8b6quYN2U0bA38oeLQ SQydcVU9jUudlK+SOr1CWbKGlCePhWnVIDFAHPERii36WM2WtbO8sMO8Yb+F1EFybgCxZNYmx28 KspC1vidqNoYauwzIUFqxuo/OtLR34Jz6M0m0hETYP4ZLS04c7mz4aYWRjHUuo9ipYw9TyrZucL 9huM+qt0OiG5vhTlYpYvTF5HyXk= X-Google-Smtp-Source: AGHT+IEu8EDl0u9mFV+/DK3fw/7Pg/AUN4ppHP2N/xBWuwYEOyFtca+zeLtUjKp3AyWEfRTxGfIa5A== X-Received: by 2002:a05:6a21:999e:b0:1db:e0d7:675c with SMTP id adf61e73a8af0-1eb2148cc78mr56220310637.13.1737828197747; Sat, 25 Jan 2025 10:03:17 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:17 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 08/14] procmail: patch CVE-2014-3618 Date: Sat, 25 Jan 2025 10:03:02 -0800 Message-ID: <20250125180308.7856-8-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115091 From: Peter Marko Take patch from Debian. https://sources.debian.org/data/main/p/procmail/3.22-20%2Bdeb7u1/debian/patches/CVE-2014-3618.patch Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 8378820dab0b6955fb0e2b27f24a1626f9124e5b) [Fixup for styhead context] Signed-off-by: Armin Kuster --- .../procmail/procmail/CVE-2014-3618.patch | 29 +++++++++++++++++++ .../recipes-support/procmail/procmail_3.22.bb | 4 ++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch diff --git a/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch b/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch new file mode 100644 index 0000000000..b041924361 --- /dev/null +++ b/meta-oe/recipes-support/procmail/procmail/CVE-2014-3618.patch @@ -0,0 +1,29 @@ +Description: Fix heap-overflow in formail + CVE-2014-3618: Heap-overflow in formail when processing + specially-crafted email headers. +Origin: http://www.openwall.com/lists/oss-security/2014/09/03/8 +Bug-Debian: https://bugs.debian.org/704675 +Bug-Debian: https://bugs.debian.org/760443 +Forwarded: not-needed +Last-Update: 2014-09-04 + +CVE: CVE-2014-3618 +Upstream-Status: Inactive-Upstream [lastrelease: 2001] +Signed-off-by: Peter Marko + +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -84,12 +84,11 @@ normal: *target++= *start++; + case '"':*target++=delim='"';start++; + } + ;{ int i; +- do ++ while(*start) + if((i= *target++= *start++)==delim) /* corresponding delimiter? */ + break; + else if(i=='\\'&&*start) /* skip quoted character */ + *target++= *start++; +- while(*start); /* anything? */ + } + hitspc=2; + } diff --git a/meta-oe/recipes-support/procmail/procmail_3.22.bb b/meta-oe/recipes-support/procmail/procmail_3.22.bb index abb87f9935..4806bf5f80 100644 --- a/meta-oe/recipes-support/procmail/procmail_3.22.bb +++ b/meta-oe/recipes-support/procmail/procmail_3.22.bb @@ -12,7 +12,9 @@ SRC_URI = "http://www.ring.gr.jp/archives/net/mail/${BPN}/${BP}.tar.gz \ file://from-debian-to-fix-compile-errors.patch \ file://from-debian-to-modify-parameters.patch \ file://from-debian-to-fix-man-file.patch \ - file://man-file-mailstat.1-from-debian.patch" + file://man-file-mailstat.1-from-debian.patch \ + file://CVE-2014-3618.patch \ +" SRC_URI[md5sum] = "1678ea99b973eb77eda4ecf6acae53f1" SRC_URI[sha256sum] = "087c75b34dd33d8b9df5afe9e42801c9395f4bf373a784d9bc97153b0062e117" From patchwork Sat Jan 25 18:03:03 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56116 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E2337C02191 for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f169.google.com (mail-pl1-f169.google.com [209.85.214.169]) by mx.groups.io with SMTP id smtpd.web11.14810.1737828199485244184 for ; Sat, 25 Jan 2025 10:03:19 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=gGpC3Sjc; spf=pass (domain: gmail.com, ip: 209.85.214.169, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f169.google.com with SMTP id d9443c01a7336-21c2f1b610dso71868055ad.0 for ; Sat, 25 Jan 2025 10:03:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828199; x=1738432999; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=UDrdBc0a8Hkn4x/bx5tyDCryJcFvEhd35x3GaNytoMw=; b=gGpC3SjcOhATmRdr2G/NvGMrtPD6OdbZJ+nmyOCbLjzrql/HtOWeHWcb7Rn9LUU54d BhXWT3PCjnpDKrpND4LhiiDgVwDpL7L//UPpnlbvgvVkt0CoYk+YSvBsoKmruuadTHHm yBKMgbIEGHouKy0D0pHvyy05SobGQJfyActgsASIA/pR+zH1dJ+onEcLvuN08QXbgK9F WXmFFgYY7hfQ5mFt6x+RT+P3JkvhPuAFh49fs2SrUtXaX8RiJORUn7ElAGOoKU6Jzbzd 6HHsO8YEULM0GuXe8wXXMmJ7Gm2/wS9wsrFWhBdbKkBEzl4fYC+t6wPGw8In/8r2SCh7 5Pcg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828199; x=1738432999; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=UDrdBc0a8Hkn4x/bx5tyDCryJcFvEhd35x3GaNytoMw=; b=ccklua+60W/nnlGhKAZz7HIwTc8zYvKl2q8wHSsu412MNosU9EKLnzjNl2Ttaz/Ug/ 8znRsPUpeMkbwAtG16o2HGYenkYHGXUpVCysLgHawWFbgY+EZKtlGYZXaxamn5ZaEXWQ X0vhTzUAY+qOJXZcOuTVsI9MlEH0Q6qzVu49n3+ZhlXibAks3WVH+7lCbm9RNSZCflpH fJvMwQMn0MP/Zu1+iCOAIhiEjVnWBYgc+g4L9BqoIoPui9p6DhjMlUoNevCeOn+9h8m9 rMuX/kEqaVFNWet3bZ+ojPI4DvLQetRl8ct6soT+uoSs5yrXbtiPNj0+hwIB+DRP0i7K HIuQ== X-Gm-Message-State: AOJu0Yw8ZIM5OMZnZHI8xRjkwvg4JxZ7ujGbRMsM6vPrP8C2iMeo+Uyg C3nIgrU0q/MIxc9hApqd++E7wnYqmVGigCpzCxRBeNurUW66MSGAh/LCpQ== X-Gm-Gg: ASbGncun0io+/yExH7xo9AxNpiX6ztZYh2NFBqWJRkN1Fni/D3QTl4WmQng+sdsg+21 3/FrVvKAu76lan0t3AajsbkxJztuds+pcCeYHdAqK+O6FRw1vRWVcS20A97YXjCkVdFNYDDgOcU HmDcwhRoMgzqeNVCwDVuFwtKBuM4MJM/ez/n5gVK3/TWaJYz63njAJbeaId8p3mqH6YlbwScI5F XtVC6COd7TCAzKspp/XU4L3mwMfJKq1Qsr2virNdlEJUuSB3+mIg1Ashw/nSHdXXhjEHkPYQC11 qwCqplMeeGyawNHln6/QERSfCkU= X-Google-Smtp-Source: AGHT+IGdqWPFVe9VUTFF5xX9ipPvUA2G/opkKbUUjm7r2aGDymsDtFRieGiDvu29n5swFNLvDfdAxQ== X-Received: by 2002:a05:6a00:ad8a:b0:725:8b00:167e with SMTP id d2e1a72fcca58-72dafb714eamr47803878b3a.16.1737828198727; Sat, 25 Jan 2025 10:03:18 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.17 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:18 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 09/14] procmail: patch CVE-2017-16844. Date: Sat, 25 Jan 2025 10:03:03 -0800 Message-ID: <20250125180308.7856-9-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115092 From: Peter Marko Take patch from Debian. https://sources.debian.org/data/main/p/procmail/3.22-26%2Bdeb10u1/debian/patches/30 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 3d97f4c13d5f5810659e107f6461f0b63f6fa92a) Signed-off-by: Armin Kuster --- .../procmail/procmail/CVE-2017-16844.patch | 20 +++++++++++++++++++ .../recipes-support/procmail/procmail_3.22.bb | 1 + 2 files changed, 21 insertions(+) create mode 100644 meta-oe/recipes-support/procmail/procmail/CVE-2017-16844.patch diff --git a/meta-oe/recipes-support/procmail/procmail/CVE-2017-16844.patch b/meta-oe/recipes-support/procmail/procmail/CVE-2017-16844.patch new file mode 100644 index 0000000000..6e04989c33 --- /dev/null +++ b/meta-oe/recipes-support/procmail/procmail/CVE-2017-16844.patch @@ -0,0 +1,20 @@ +From: Santiago Vila +Subject: Fix heap-based buffer overflow in loadbuf() +Bug-Debian: http://bugs.debian.org/876511 +X-Debian-version: 3.22-26 + +CVE: CVE-2017-16844 +Upstream-Status: Inactive-Upstream [lastrelease: 2001] +Signed-off-by: Peter Marko + +--- a/src/formisc.c ++++ b/src/formisc.c +@@ -103,7 +103,7 @@ + } + /* append to buf */ + void loadbuf(text,len)const char*const text;const size_t len; +-{ if(buffilled+len>buflen) /* buf can't hold the text */ ++{ while(buffilled+len>buflen) /* buf can't hold the text */ + buf=realloc(buf,buflen+=Bsize); + tmemmove(buf+buffilled,text,len);buffilled+=len; + } diff --git a/meta-oe/recipes-support/procmail/procmail_3.22.bb b/meta-oe/recipes-support/procmail/procmail_3.22.bb index 4806bf5f80..16fcf84dad 100644 --- a/meta-oe/recipes-support/procmail/procmail_3.22.bb +++ b/meta-oe/recipes-support/procmail/procmail_3.22.bb @@ -14,6 +14,7 @@ SRC_URI = "http://www.ring.gr.jp/archives/net/mail/${BPN}/${BP}.tar.gz \ file://from-debian-to-fix-man-file.patch \ file://man-file-mailstat.1-from-debian.patch \ file://CVE-2014-3618.patch \ + file://CVE-2017-16844.patch \ " SRC_URI[md5sum] = "1678ea99b973eb77eda4ecf6acae53f1" SRC_URI[sha256sum] = "087c75b34dd33d8b9df5afe9e42801c9395f4bf373a784d9bc97153b0062e117" From patchwork Sat Jan 25 18:03:04 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56115 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F01E7C02192 for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f181.google.com (mail-pl1-f181.google.com [209.85.214.181]) by mx.groups.io with SMTP id smtpd.web10.15103.1737828200349227951 for ; Sat, 25 Jan 2025 10:03:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=W1OXgQNp; spf=pass (domain: gmail.com, ip: 209.85.214.181, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f181.google.com with SMTP id d9443c01a7336-21675fd60feso71258335ad.2 for ; Sat, 25 Jan 2025 10:03:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828200; x=1738433000; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=HzYvuAIxwjAOaILTEP6RyyDzpWECgDCttYfjHfM18jU=; b=W1OXgQNp/ey0PtK3TW2+juOmcElR4b8ZCW2yj6boRKgG9V4jQ5hsmE/f+LGhllFcvQ aCS3c14YHlUwIRBFwededSQ2n/U9/MFPkyuy92+E+rf7IH2afXnYmvjPHNL5EhN4e/KE XkoQ/EVY2HF9Mv87Ys3RmOliBQ6DxIxNq0+3uj+et9tx1D2Z5nSUBJnW5ZaPN6zQlPeZ w2RHbjGcebPe+zE9HtTxmFE8FpSCRpZwUPtWPvSCvAtjasLDGSDzHuPjQ+j7LT5DC6iN U8lWdTWMCrjE8RX6ko8Maodtif5+ONu81bHH+NCsEa33nY+9C9nPqFtsIy+BMkD/ZRMQ pEVQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828200; x=1738433000; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=HzYvuAIxwjAOaILTEP6RyyDzpWECgDCttYfjHfM18jU=; b=J5Zzas6dA4TAxLw0Pl8IKrLHWzFzcuvHQLYjrEZU5gej6AvUTP1K5ISS8ItZ/riIza qJ2upAQ3RFVLZGBNoow4x9UFR+tfEcI4KVK5s48Lf8Gev+pwgUt78m6JVYLonjt2GVFH cB9s+PMc8bS6erIE8NeMDsg/rD1yxio04TrRbVUltchPBf8zfEjH4dlJxHOjoYKhERds db9WWws9auWxi6HiGAjjE0Fj2EeQLwtIUUc4kWIOF5xOugHIzwvK8Qui/wPfgCQMq7xq gr52UD7unGIF7i1h3XpOhByZ40KL5qp9Tf4HvL78/wgMC5d5BmFQjiUbbwc4d2CX954z SDpg== X-Gm-Message-State: AOJu0YzcJyN/CmFcXt3vdVZjCsW2Csn/udX7tJCF1vA+cz+1CECKgK2Z X3Q5QrFvWb2rGjQUudfa6Q4sl6oRyvl6sWgEY3F5meq7x85K22ur03KIUA== X-Gm-Gg: ASbGncsdzJT34nVNG+z6ncShHXmwiYbvFzTK82w/V0hrb+/50b1Wp0cNot/bSIvXRJs 8KJ78WgJ9f8NHZ+8+IpTdQSERxWCfuldZ3rgaUVACsSNTF9vuxhibhG/bbpa7LDabCN0mgthlFt eT+wPxWkivixKF9DLrrYRbmhsjRrYKta/GN02EEoqIR0hCQdgvMogNQDqc9ZzR9VsABsHVR922j e9YbAqdEisM2klghVOWCxleSK3VUZp0zgatbpWFFA73YPQBKqk5ZLTyUTClj6kha65hdiOvah4U gGbcm+yclRatCKXWYFoN/02sg5c= X-Google-Smtp-Source: AGHT+IG8rYW3Nh4/tYINie2pN+5BWpm7ufwKl21/0a7BbKbxtdRiUnfYhXUpJ17QxwByC7BshcNkDw== X-Received: by 2002:a05:6a21:3285:b0:1e1:b1e4:e750 with SMTP id adf61e73a8af0-1eb214946aemr58920967637.18.1737828199648; Sat, 25 Jan 2025 10:03:19 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.18 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:19 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 10/14] audiofile: fix multiple CVEs Date: Sat, 25 Jan 2025 10:03:04 -0800 Message-ID: <20250125180308.7856-10-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115093 From: Peter Marko CVE-2017-6827 / CVE-2017-6828 / CVE-2017-6832 / CVE-2017-6833 / CVE-2017-6835 / CVE-2017-6837 Use patch from buildroot: https://github.com/buildroot/buildroot/commit/cc00bde57fc20d11f8fa4e8ec5f193c091714c55 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 634cbcb91c3ab7154e0cda707663a1e4aa500f4a) Signed-off-by: Armin Kuster --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ays-check-the-number-of-coefficients.patch | 45 +++++++++++++++++++ 2 files changed, 46 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index a09f84381e..7654c073f4 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -13,6 +13,7 @@ SRC_URI = " \ file://0001-fix-negative-shift-constants.patch \ file://0002-fix-build-on-gcc6.patch \ file://0003-fix-CVE-2015-7747.patch \ + file://0004-Always-check-the-number-of-coefficients.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch new file mode 100644 index 0000000000..282f4c01b9 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0004-Always-check-the-number-of-coefficients.patch @@ -0,0 +1,45 @@ +From c48e4c6503f7dabd41f11d4c9c7b7f8960e7f2c0 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 12:51:22 +0100 +Subject: [PATCH] Always check the number of coefficients + +When building the library with NDEBUG, asserts are eliminated +so it's better to always check that the number of coefficients +is inside the array range. + +This fixes the 00191-audiofile-indexoob issue in #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6827 +CVE: CVE-2017-6828 +CVE: CVE-2017-6832 +CVE: CVE-2017-6833 +CVE: CVE-2017-6835 +CVE: CVE-2017-6837 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/WAVE.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp +index 0e81cf7..61f9541 100644 +--- a/libaudiofile/WAVE.cpp ++++ b/libaudiofile/WAVE.cpp +@@ -281,6 +281,12 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + + /* numCoefficients should be at least 7. */ + assert(numCoefficients >= 7 && numCoefficients <= 255); ++ if (numCoefficients < 7 || numCoefficients > 255) ++ { ++ _af_error(AF_BAD_HEADER, ++ "Bad number of coefficients"); ++ return AF_FAIL; ++ } + + m_msadpcmNumCoefficients = numCoefficients; + +-- +2.11.0 + From patchwork Sat Jan 25 18:03:05 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56111 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C42B4C0218C for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f178.google.com (mail-pl1-f178.google.com [209.85.214.178]) by mx.groups.io with SMTP id smtpd.web10.15104.1737828201428946273 for ; Sat, 25 Jan 2025 10:03:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=P/QpxXbv; spf=pass (domain: gmail.com, ip: 209.85.214.178, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f178.google.com with SMTP id d9443c01a7336-21631789fcdso56358835ad.1 for ; Sat, 25 Jan 2025 10:03:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828201; x=1738433001; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=e1t3/uKMdDITGLhAfSJbzne6Mt2lieUnzbfs8d+6v3o=; b=P/QpxXbvtj6npZVthbzZRZG3b2+pDHLKYeIbm1/TW3U5c0aamv39f5/D6takwqk1ky URzH3vcNEq4/wvpPUoy1KYAfT8G7tAwR6O0X3legYvW8oAVcQ3b3RwQ1/E9EdbsHsWMd EtEcs39GpED+7u66YW2lAQbu56LJQ6i04HqXTzScf6jHg660YKwDzLdPwcbLTUTyo1/i vPHRO64BsDKt050Ma3iLjPvzpqQmFberwKkYaVbX/SgfYX9KgylobHZTdcbwuDFZDsrA F+gHhfOCxKYWwZaBz7WiiOCqW23L5SG8rwAHbjt2kajixJ27Pgjk02ZqDH0FGC5Ez9+C 9ctg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828201; x=1738433001; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=e1t3/uKMdDITGLhAfSJbzne6Mt2lieUnzbfs8d+6v3o=; b=aG2AH7S4qOqBD+gVxGrLg1MvIIB0AulVzGpaPkQtrt5pLvbdeQOZduZvQsT4c6m5C7 sJV7MgZeVA+CAkSLZlvfMq+2etDJNQ2Qgd7B9865wUlbNpN47b6dyG+a+VlK6fC3BZc4 Evp5JJLW+XYrLguMwMEla+MxWlDF+NTUkOPCQaRohss9eKwGOgf6eaVgzWdU2XHtpzrV rHVHBSScip9i0lg6Jxq7Axv0tBxJ5GicLt1UrnrWst7nJZaCWQGDBGMCljjp6ti0MWgU DCwIf3FwbJUEkC2JLGbEa9NPRFTL5poL0fQsUMWx0rc8sx63epKLrQQQANKjqELgWpCW 8ciQ== X-Gm-Message-State: AOJu0YwnrAtytVYKLxAS1lJDxTyh6xjNJjaNodtfI2RbIUV6p8qDAw9I hqWvo3dHMiw2vodgren7cLOQSuBCIuha03ZFtJIFTINUzJbB9aW6k5NRvQ== X-Gm-Gg: ASbGncsQ0GAcpd2lrDUD0JNnRPz4/AjKXBpmAOoz4xxPBeFe/pPXLu8N67LO1HxfyDM k3zcYaankQp2JZhszPJN7ztb0P+TPZ1nmq0RJxb9ue+a7yx2vt9MB6vLWeBCQL89ieIWsQh/Yoz NC5COhfnY/YW+DwFu+7FskubFn2/7GbOfMRaDhRrsHDD6yhYiaoM6apZMvgiHYI1GDz4lS7FS2l 78r1+brYSuJtCpXhlBxarc1zsrIfKjEIEB9XGjbWkzwDP2WGd1SVws0qwSEopFIRrcaeojUvQyA z8HWUfvos7nQA4YUPclx5bA7nm8= X-Google-Smtp-Source: AGHT+IF0GdFnhU8wT9VL8cBQpVTG/37JIsriHE1c3qujr5QUmYA3tShjJGLCF6IqPznEzC3zdlTgRg== X-Received: by 2002:a05:6a20:c88b:b0:1e1:a48f:1212 with SMTP id adf61e73a8af0-1eb6968a5d8mr20766711637.4.1737828200723; Sat, 25 Jan 2025 10:03:20 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:20 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 11/14] audiofile: patch CVE-2017-6829 Date: Sat, 25 Jan 2025 10:03:05 -0800 Message-ID: <20250125180308.7856-11-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115094 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/434890df2a7c131b40fec1c49e6239972ab299d2 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit f29fbaa4650201a059c65572947ed8faa991fcd8) Signed-off-by: Armin Kuster --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ues-to-fix-index-overflow-in-IMA.cpp.patch | 43 +++++++++++++++++++ 2 files changed, 44 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 7654c073f4..a48bed2a3b 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -14,6 +14,7 @@ SRC_URI = " \ file://0002-fix-build-on-gcc6.patch \ file://0003-fix-CVE-2015-7747.patch \ file://0004-Always-check-the-number-of-coefficients.patch \ + file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch b/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch new file mode 100644 index 0000000000..00bb7e597e --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch @@ -0,0 +1,43 @@ +From 25eb00ce913452c2e614548d7df93070bf0d066f Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 18:02:31 +0100 +Subject: [PATCH] clamp index values to fix index overflow in IMA.cpp + +This fixes #33 +(also reported at https://bugzilla.opensuse.org/show_bug.cgi?id=1026981 +and https://blogs.gentoo.org/ago/2017/02/20/audiofile-global-buffer-overflow-in-decodesample-ima-cpp/) + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6829 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/modules/IMA.cpp | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/libaudiofile/modules/IMA.cpp b/libaudiofile/modules/IMA.cpp +index 7476d44..df4aad6 100644 +--- a/libaudiofile/modules/IMA.cpp ++++ b/libaudiofile/modules/IMA.cpp +@@ -169,7 +169,7 @@ int IMA::decodeBlockWAVE(const uint8_t *encoded, int16_t *decoded) + if (encoded[1] & 0x80) + m_adpcmState[c].previousValue -= 0x10000; + +- m_adpcmState[c].index = encoded[2]; ++ m_adpcmState[c].index = clamp(encoded[2], 0, 88); + + *decoded++ = m_adpcmState[c].previousValue; + +@@ -210,7 +210,7 @@ int IMA::decodeBlockQT(const uint8_t *encoded, int16_t *decoded) + predictor -= 0x10000; + + state.previousValue = clamp(predictor, MIN_INT16, MAX_INT16); +- state.index = encoded[1] & 0x7f; ++ state.index = clamp(encoded[1] & 0x7f, 0, 88); + encoded += 2; + + for (int n=0; n X-Patchwork-Id: 56110 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id CA3D8C3DA4A for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f180.google.com (mail-pl1-f180.google.com [209.85.214.180]) by mx.groups.io with SMTP id smtpd.web11.14812.1737828202615181971 for ; Sat, 25 Jan 2025 10:03:22 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ccg2YMxe; spf=pass (domain: gmail.com, ip: 209.85.214.180, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f180.google.com with SMTP id d9443c01a7336-2165448243fso67878215ad.1 for ; Sat, 25 Jan 2025 10:03:22 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828202; x=1738433002; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=GKgG1FDEgD2CihaxzX9eZIeiEUVOrLgpSIqg5u0tk6E=; b=ccg2YMxeVqHPRhF2RpV0oXFRUTVd9HAwPLd3tX6OXE8lICKCfJrqVy+MWoY/AN6RQU BeDBG5D65gGnOUu1HALnEQvHutKqFLXvzBsj0fmrM/Ohv5pGSLf2Jz6+g3t5/ldJ7VNO w+20CIG6fGQWpxKaZDlHFCm0EnSr3P87vuMtH4nQ9/M5rglbUs+VLN7Alei5OUcsOqSf C5RRym6Oe9dapGIwlPQXT/6bhc2Hg7iJzmC5LiRegUC3tIxk+hYIPc/ngp8aQ+FE0Tds Y1lG/Vcoma1XA9tMVKKsOK4XihQzlL/lhKUxcRcAuNl5SH0Q5zEuHFMGi/hNbTsZUc8t hNJw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828202; x=1738433002; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GKgG1FDEgD2CihaxzX9eZIeiEUVOrLgpSIqg5u0tk6E=; b=XvGTeVqz7yR7ak8bIdFtsAWhUqgdfEGAQ5bFCVD/4j7Ke+RzJXduIbEAbLhjjylXi/ ZXHecrSnWHsGwAXUXRdnAcATfHouCoguLfqhxQFms0lRLxovq+RA7C4pnt+LBfp+YE0E Ox/wDQ9XQ9BAaNom8SIdKc0jhEWlUYTUJmL/uoDFTg23c2oJFD1dJ0xEpzesM3Foo778 6h7h6nndRFowk4JXLeV2SaN/06Si/g7YDq0mLOvy9P8AEmI/zR0GJLFDUsuOYbNPpFKe xgHTkPQxtur4wsAhMe8uBvfLSdwONCnn4coVc7Yha3Jv6E9m0PRY/UvnFffW+9rDPDVJ O6Jg== X-Gm-Message-State: AOJu0Yy9lMTroWtxS1wFxL+hwdUc0PtBwXynuTv/CDsWV1jcwFQe9RPV hzQrd5s5OtNMNQ+OlxuGArjR4+dVepd4OEjCypoEGu/Au4Y7/1jK3ZCd8w== X-Gm-Gg: ASbGncurcHKeGNrP6yhbvl8Kag1JMpwXIZR25OvLFaNWRb1VFlT9inPzSERhzWtkTBc 7NEtrwYx5GDNuP45DZnzPcMq99b1iybWpk4s86GxwYVNMievdMifPVDufiBxW6Zxs7nNF2slx5d rkYgVxXx+UhQ+bLH/PLHRGw4op++i8l+zqdP8pMELHIFilRhSYVh/5g6HZHA+khu6Ob5r0Y0n32 QjnE0z6/GPpyFNz65LogE+CWcule6vaVvS0IuV+DYWhgR5uEI3wojsTKLny/Ke/l0/Q82PCVA21 BQUOFT8e0VYk5vdMKRPyJbBIXn8= X-Google-Smtp-Source: AGHT+IEzJEV8o7VkYvTNhiIkEROxv3TuzN12xfClXuf0Y289X4fgTEQwv6WVaVvkjEbICVbDvg6uNQ== X-Received: by 2002:a05:6a21:3285:b0:1e1:b1e4:e750 with SMTP id adf61e73a8af0-1eb214946aemr58921167637.18.1737828201794; Sat, 25 Jan 2025 10:03:21 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.20 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:21 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 12/14] audiofile: fix multiple CVEs Date: Sat, 25 Jan 2025 10:03:06 -0800 Message-ID: <20250125180308.7856-12-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115095 From: Peter Marko CVE-2017-6830 / CVE-2017-6834 / CVE-2017-6836 / CVE-2017-6838 Use patch from buildroot: https://github.com/buildroot/buildroot/commit/4a1a8277bba490d227f413e218138e39f1fe1203 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 75f2bd2b3b145d8282db9926d8212c6d81bde99e) Signed-off-by: Armin Kuster --- .../audiofile/audiofile_0.3.6.bb | 1 + ...multiplication-overflow-in-sfconvert.patch | 79 +++++++++++++++++++ 2 files changed, 80 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index a48bed2a3b..8aebe88f26 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -15,6 +15,7 @@ SRC_URI = " \ file://0003-fix-CVE-2015-7747.patch \ file://0004-Always-check-the-number-of-coefficients.patch \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ + file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch b/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch new file mode 100644 index 0000000000..ec21b09f30 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0006-Check-for-multiplication-overflow-in-sfconvert.patch @@ -0,0 +1,79 @@ +From 7d65f89defb092b63bcbc5d98349fb222ca73b3c Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 13:54:52 +0100 +Subject: [PATCH] Check for multiplication overflow in sfconvert + +Checks that a multiplication doesn't overflow when +calculating the buffer size, and if it overflows, +reduce the buffer size instead of failing. + +This fixes the 00192-audiofile-signintoverflow-sfconvert case +in #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6830 +CVE: CVE-2017-6834 +CVE: CVE-2017-6836 +CVE: CVE-2017-6838 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + sfcommands/sfconvert.c | 34 ++++++++++++++++++++++++++++++++-- + 1 file changed, 32 insertions(+), 2 deletions(-) + +diff --git a/sfcommands/sfconvert.c b/sfcommands/sfconvert.c +index 80a1bc4..970a3e4 100644 +--- a/sfcommands/sfconvert.c ++++ b/sfcommands/sfconvert.c +@@ -45,6 +45,33 @@ void printusage (void); + void usageerror (void); + bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid); + ++int firstBitSet(int x) ++{ ++ int position=0; ++ while (x!=0) ++ { ++ x>>=1; ++ ++position; ++ } ++ return position; ++} ++ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++int multiplyCheckOverflow(int a, int b, int *result) ++{ ++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) ++ return __builtin_mul_overflow(a, b, result); ++#else ++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits ++ return true; ++ *result = a * b; ++ return false; ++#endif ++} ++ + int main (int argc, char **argv) + { + if (argc == 2) +@@ -323,8 +350,11 @@ bool copyaudiodata (AFfilehandle infile, AFfilehandle outfile, int trackid) + { + int frameSize = afGetVirtualFrameSize(infile, trackid, 1); + +- const int kBufferFrameCount = 65536; +- void *buffer = malloc(kBufferFrameCount * frameSize); ++ int kBufferFrameCount = 65536; ++ int bufferSize; ++ while (multiplyCheckOverflow(kBufferFrameCount, frameSize, &bufferSize)) ++ kBufferFrameCount /= 2; ++ void *buffer = malloc(bufferSize); + + AFframecount totalFrames = afGetFrameCount(infile, AF_DEFAULT_TRACK); + AFframecount totalFramesWritten = 0; +-- +2.11.0 + From patchwork Sat Jan 25 18:03:07 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56114 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D39F9C0218E for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.15106.1737828203716529128 for ; Sat, 25 Jan 2025 10:03:23 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=ZtwmLh1F; spf=pass (domain: gmail.com, ip: 209.85.214.170, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-21675fd60feso71258845ad.2 for ; Sat, 25 Jan 2025 10:03:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828203; x=1738433003; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Gj4zYSKuvN+ZFCcUyzBsBEQw4vdg8o7veh1NIhsr9Xs=; b=ZtwmLh1FzGod2/VgEhr5V1/p+l4X3ASt1XopcdVpc9J0MhOBkQff+kjiSOGGdKpZ4C JkTN+Q0/FzExMF2znQukXgYavGvIZWYfh4B0HrlecK8g0JROgfCH9kkM5HlU1ROfCamY dsbMxIRzr91xbZZR6LswsrIKExDhDLh3f8RqpBbRsvdQ1oO/6uvRKHsd340jRMKe29ld pjShFw5xFqG2qNY9SkdACTPZpFWf+tOhjwbS09IeCLOqfKFtXLhxAb9OhcC51ySTI5Kd he3qSh5Wad0UqHWXDvIIU0PC+4NvpXGfM2eoXQjYFxNRkj3jsWBHHRT2XVP2fde90Lvm Dt6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828203; x=1738433003; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gj4zYSKuvN+ZFCcUyzBsBEQw4vdg8o7veh1NIhsr9Xs=; b=tva/qutdmJ1YGOP7f+bhcm0pa8Ck4mmD0nE6CrBaN6DcDDjAQ/ODp9MCSVIr/4jQNA LcxC+AoSbOsT5BpxVDDt3JONiTWSSxWjI/w6P7eJctvDaE4Kjmlnhp+lXvfdr+zZH/i3 OnllffKOIlgTRBnBwzGkph7QP2zQAQhN5/Wo88i/IQTvMTmr1QkHnzq66Wq8op6gVO8M D2Ndrwkms46tNWp52IYP830fONOErSIQpmRY1HIIaquNWnxGa4ruithkWWno7LWgc8QA c52VdQXeYvUWgBCRlcZ+UeCy7XvA02EjV7Cpd8BwE/uYQywvWbVvKfg0klgUG9eeoubn 1XqQ== X-Gm-Message-State: AOJu0Yzd7MVMFyciPeAkxnbpsvh1i1e2J63Eq/JOErYlHTK+QMY0fCCB bGvpgdAM47IBgkpOyaCwz9Dl4S3jDHJqJQkdz6n0xlku/AXpTTK9iY2xgQ== X-Gm-Gg: ASbGnctSU8qdoiWln3ZEg/l4tWLiRHLPzLIpMcpnV0dNxDCV+9OoKRKM2OAqOfM6OjD l/msMOKv48SI7TJkCzg0I8w+xOX9iVzufqywDhJGeKaG7kks/4wyTTGDdE2XN2GT+djA/ZmO+2Q I/F27sqU0YVH5p/bCFq311BGkaWEnpjDyGoa6TmbPyciCNEETaTEAs/kHYSC3NMSsIiokIgY3rj zKNqJOYzA/Sd75dlnmB8rRYhp8ikvrYlbjg1X/CutvjS+vW15zPo732aAchfSxB+ialxAvlmB5A 6QuFsOmVmd9ADl9UoFfR/hc6ez4= X-Google-Smtp-Source: AGHT+IFVp/zneKwGKPcIQo7eRa2js9B92TvFggMpd6IlMpSGiaAK2wBYZ38y4cr45S30RyFIGO/9LQ== X-Received: by 2002:a05:6a00:b96:b0:72a:bc6a:3a85 with SMTP id d2e1a72fcca58-72dafbb6205mr46327873b3a.22.1737828202961; Sat, 25 Jan 2025 10:03:22 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.21 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:22 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 13/14] audiofile: patch CVE-2017-6831 Date: Sat, 25 Jan 2025 10:03:07 -0800 Message-ID: <20250125180308.7856-13-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115096 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/bd5f84d301c4e74ca200a9336eca88468ec0e1f3 Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 9d668989b1447fb19aff55c1a47acdf8d4e8c5e2) Signed-off-by: Armin Kuster --- .../audiofile/audiofile_0.3.6.bb | 1 + ...ail-when-error-occurs-in-parseFormat.patch | 46 +++++++++++++++++++ 2 files changed, 47 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 8aebe88f26..3d0ce3bfbc 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -16,6 +16,7 @@ SRC_URI = " \ file://0004-Always-check-the-number-of-coefficients.patch \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ + file://0007-Actually-fail-when-error-occurs-in-parseFormat.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch b/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch new file mode 100644 index 0000000000..38294ca200 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0007-Actually-fail-when-error-occurs-in-parseFormat.patch @@ -0,0 +1,46 @@ +From a2e9eab8ea87c4ffc494d839ebb4ea145eb9f2e6 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 18:59:26 +0100 +Subject: [PATCH] Actually fail when error occurs in parseFormat + +When there's an unsupported number of bits per sample or an invalid +number of samples per block, don't only print an error message using +the error handler, but actually stop parsing the file. + +This fixes #35 (also reported at +https://bugzilla.opensuse.org/show_bug.cgi?id=1026983 and +https://blogs.gentoo.org/ago/2017/02/20/audiofile-heap-based-buffer-overflow-in-imadecodeblockwave-ima-cpp/ +) + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6831 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/WAVE.cpp | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/libaudiofile/WAVE.cpp b/libaudiofile/WAVE.cpp +index 0e81cf7..d762249 100644 +--- a/libaudiofile/WAVE.cpp ++++ b/libaudiofile/WAVE.cpp +@@ -326,6 +326,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + { + _af_error(AF_BAD_NOT_IMPLEMENTED, + "IMA ADPCM compression supports only 4 bits per sample"); ++ return AF_FAIL; + } + + int bytesPerBlock = (samplesPerBlock + 14) / 8 * 4 * channelCount; +@@ -333,6 +334,7 @@ status WAVEFile::parseFormat(const Tag &id, uint32_t size) + { + _af_error(AF_BAD_CODEC_CONFIG, + "Invalid samples per block for IMA ADPCM compression"); ++ return AF_FAIL; + } + + track->f.sampleWidth = 16; +-- +2.11.0 + From patchwork Sat Jan 25 18:03:08 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Armin Kuster X-Patchwork-Id: 56113 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id E20FBC02190 for ; Sat, 25 Jan 2025 18:03:27 +0000 (UTC) Received: from mail-pl1-f182.google.com (mail-pl1-f182.google.com [209.85.214.182]) by mx.groups.io with SMTP id smtpd.web11.14813.1737828204903407676 for ; Sat, 25 Jan 2025 10:03:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@gmail.com header.s=20230601 header.b=IurHQT1l; spf=pass (domain: gmail.com, ip: 209.85.214.182, mailfrom: akuster808@gmail.com) Received: by mail-pl1-f182.google.com with SMTP id d9443c01a7336-216426b0865so51893535ad.0 for ; Sat, 25 Jan 2025 10:03:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1737828204; x=1738433004; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=NU6gIG5OE9qu5QH0/Pyy7oLN2Rmq8XGHmFw3m3nCJfU=; b=IurHQT1lRAdoqr+ekrVPuGIDI5LtwvbT/xqw4wDk3l2HEPcMokDqCm6Z/uiTs1Y7xv LoYqAG8TDiGS1Zl8IXY0ExCpGe2eqWg++3n6I0macL8eGJ8GjI+PhzAWQ2bTixAQGrQs NdoKUl94/FaGGBwoDDQsB0fByagZTHpFxUXvx6snlCIuUDQZyPcGJvU+1UvmjEGT5pxz xXV3RRQPQ2epVJe72TfWF6gka0ytmlvpEEp4MMPofDnaqfO8Dzw6aRCaPdR1Zh6pr4T0 mTyd2QrctR/koEgWda3c7cwEEeGgT04lYgswxAwoISy9BMTVpeAAzwn3lFtBT8AyigGr vm8A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1737828204; x=1738433004; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NU6gIG5OE9qu5QH0/Pyy7oLN2Rmq8XGHmFw3m3nCJfU=; b=IbD54jEodPxgoH8arkgzDiRqmS09ljg6wxpqKhPzVvaGkkK6G862kKy1DPLXD0eB+F MR+mtg8RAtBQunHo9/GmZnmS2JIlRjQCdX1Ull+zKjvblQKdqINpNZRC0cv228EjBMr0 52B2nJ72CZRqAJdddNqrk0PrH+/3+n3nHl9QGtnawfZEh/jRrLgH74ya3ussbORwkogv Huj6CI7/0jROXfcPPbElNC/iwPz2OZ91Sv/hIwHyygX4xjDyQHdWHO9ZNQAfXf8NMtEI dycqXqKXX3hWg/vfEJt6jnazQwvAehTT1OiUBDI/MtfBIrt7ZRNvF2qjbPfB7zfaewT4 r1ag== X-Gm-Message-State: AOJu0YzsWlFbx/aehQXnLOIGZoGI6yXArov2MSN7Zokhf7Ny8WuZqlxy jc7DToAEMa5AfSJGrwE3dfvCTcc7Sp86IEtAGqbqm1AesQAn/Tbx3C5DzQ== X-Gm-Gg: ASbGncvmFd3HwSLbSkJ0HquTyn/H9bYvxIl9JtwS4J1d/S5U1e4nHmzySv95DTH5w6c EzxxNGBb3yjLT9HGDH1vyoDGBqFF0kkxvklZIE9FfSUHYlqHhxZtsmsPNm57UtVw7oEwoViogOV v8DrhjbZniBdCTmNIh+PnYdfV0I9+YBrK2vdxZj1k2hgJ8eXazU6bgWpmiWlYgP3Db531GC6Oq9 xf9tm8YBt+UUTCLs4k2yWjR3CJIqWna4esz9M7ZX78r+zMZZP4STd0BdUkx7dP1JbvjlxgpSuyq cRdIqmk8y4DTK6/HOPo/eyLKwRo= X-Google-Smtp-Source: AGHT+IG1vXy0ry6qywEEhNsksip8FaVTgESFbY66vl67s7lqRPW8gN+Cp5aFxqTpqsS2qVcbelkUWA== X-Received: by 2002:a05:6a21:7881:b0:1e0:eb49:b81b with SMTP id adf61e73a8af0-1eb2158bc78mr63146185637.31.1737828204159; Sat, 25 Jan 2025 10:03:24 -0800 (PST) Received: from keaua.hsd1.ca.comcast.net ([2601:646:8182:b790:f137:fcfb:97fc:71bd]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-72f8a6b51e7sm4108906b3a.69.2025.01.25.10.03.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 25 Jan 2025 10:03:23 -0800 (PST) From: Armin Kuster To: openembedded-devel@lists.openembedded.org Cc: Peter Marko , Khem Raj Subject: [meta-oe][styhead][PATCH 14/14] audiofile: patch CVE-2017-6839 Date: Sat, 25 Jan 2025 10:03:08 -0800 Message-ID: <20250125180308.7856-14-akuster808@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20250125180308.7856-1-akuster808@gmail.com> References: <20250125180308.7856-1-akuster808@gmail.com> MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Sat, 25 Jan 2025 18:03:27 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-devel/message/115097 From: Peter Marko Use patch from buildroot: https://github.com/buildroot/buildroot/commit/844a7c6281eb442881330a5d36d5a0719f2870bf Signed-off-by: Peter Marko Signed-off-by: Khem Raj (cherry picked from commit 88faae83b2b0e68827c457f4f348f7d7868f5258) Signed-off-by: Armin Kuster --- .../audiofile/audiofile_0.3.6.bb | 1 + ...lication-overflow-in-MSADPCM-decodeS.patch | 126 ++++++++++++++++++ 2 files changed, 127 insertions(+) create mode 100644 meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch diff --git a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb index 3d0ce3bfbc..d10c7a8b49 100644 --- a/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb +++ b/meta-oe/recipes-multimedia/audiofile/audiofile_0.3.6.bb @@ -17,6 +17,7 @@ SRC_URI = " \ file://0005-clamp-index-values-to-fix-index-overflow-in-IMA.cpp.patch \ file://0006-Check-for-multiplication-overflow-in-sfconvert.patch \ file://0007-Actually-fail-when-error-occurs-in-parseFormat.patch \ + file://0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch \ " SRC_URI[md5sum] = "235dde14742317328f0109e9866a8008" SRC_URI[sha256sum] = "ea2449ad3f201ec590d811db9da6d02ffc5e87a677d06b92ab15363d8cb59782" diff --git a/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch b/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch new file mode 100644 index 0000000000..857ed78c59 --- /dev/null +++ b/meta-oe/recipes-multimedia/audiofile/files/0008-Check-for-multiplication-overflow-in-MSADPCM-decodeS.patch @@ -0,0 +1,126 @@ +From beacc44eb8cdf6d58717ec1a5103c5141f1b37f9 Mon Sep 17 00:00:00 2001 +From: Antonio Larrosa +Date: Mon, 6 Mar 2017 13:43:53 +0100 +Subject: [PATCH] Check for multiplication overflow in MSADPCM decodeSample + +Check for multiplication overflow (using __builtin_mul_overflow +if available) in MSADPCM.cpp decodeSample and return an empty +decoded block if an error occurs. + +This fixes the 00193-audiofile-signintoverflow-MSADPCM case of #41 + +Signed-off-by: Peter Korsgaard + +CVE: CVE-2017-6839 +Upstream-Status: Inactive-Upstream [lastrelease: 2013] +Signed-off-by: Peter Marko +--- + libaudiofile/modules/BlockCodec.cpp | 5 ++-- + libaudiofile/modules/MSADPCM.cpp | 47 +++++++++++++++++++++++++++++++++---- + 2 files changed, 46 insertions(+), 6 deletions(-) + +diff --git a/libaudiofile/modules/BlockCodec.cpp b/libaudiofile/modules/BlockCodec.cpp +index 45925e8..4731be1 100644 +--- a/libaudiofile/modules/BlockCodec.cpp ++++ b/libaudiofile/modules/BlockCodec.cpp +@@ -52,8 +52,9 @@ void BlockCodec::runPull() + // Decompress into m_outChunk. + for (int i=0; i(m_inChunk->buffer) + i * m_bytesPerPacket, +- static_cast(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount); ++ if (decodeBlock(static_cast(m_inChunk->buffer) + i * m_bytesPerPacket, ++ static_cast(m_outChunk->buffer) + i * m_framesPerPacket * m_track->f.channelCount)==0) ++ break; + + framesRead += m_framesPerPacket; + } +diff --git a/libaudiofile/modules/MSADPCM.cpp b/libaudiofile/modules/MSADPCM.cpp +index 8ea3c85..ef9c38c 100644 +--- a/libaudiofile/modules/MSADPCM.cpp ++++ b/libaudiofile/modules/MSADPCM.cpp +@@ -101,24 +101,60 @@ static const int16_t adaptationTable[] = + 768, 614, 512, 409, 307, 230, 230, 230 + }; + ++int firstBitSet(int x) ++{ ++ int position=0; ++ while (x!=0) ++ { ++ x>>=1; ++ ++position; ++ } ++ return position; ++} ++ ++#ifndef __has_builtin ++#define __has_builtin(x) 0 ++#endif ++ ++int multiplyCheckOverflow(int a, int b, int *result) ++{ ++#if (defined __GNUC__ && __GNUC__ >= 5) || ( __clang__ && __has_builtin(__builtin_mul_overflow)) ++ return __builtin_mul_overflow(a, b, result); ++#else ++ if (firstBitSet(a)+firstBitSet(b)>31) // int is signed, so we can't use 32 bits ++ return true; ++ *result = a * b; ++ return false; ++#endif ++} ++ ++ + // Compute a linear PCM value from the given differential coded value. + static int16_t decodeSample(ms_adpcm_state &state, +- uint8_t code, const int16_t *coefficient) ++ uint8_t code, const int16_t *coefficient, bool *ok=NULL) + { + int linearSample = (state.sample1 * coefficient[0] + + state.sample2 * coefficient[1]) >> 8; ++ int delta; + + linearSample += ((code & 0x08) ? (code - 0x10) : code) * state.delta; + + linearSample = clamp(linearSample, MIN_INT16, MAX_INT16); + +- int delta = (state.delta * adaptationTable[code]) >> 8; ++ if (multiplyCheckOverflow(state.delta, adaptationTable[code], &delta)) ++ { ++ if (ok) *ok=false; ++ _af_error(AF_BAD_COMPRESSION, "Error decoding sample"); ++ return 0; ++ } ++ delta >>= 8; + if (delta < 16) + delta = 16; + + state.delta = delta; + state.sample2 = state.sample1; + state.sample1 = linearSample; ++ if (ok) *ok=true; + + return static_cast(linearSample); + } +@@ -212,13 +248,16 @@ int MSADPCM::decodeBlock(const uint8_t *encoded, int16_t *decoded) + { + uint8_t code; + int16_t newSample; ++ bool ok; + + code = *encoded >> 4; +- newSample = decodeSample(*state[0], code, coefficient[0]); ++ newSample = decodeSample(*state[0], code, coefficient[0], &ok); ++ if (!ok) return 0; + *decoded++ = newSample; + + code = *encoded & 0x0f; +- newSample = decodeSample(*state[1], code, coefficient[1]); ++ newSample = decodeSample(*state[1], code, coefficient[1], &ok); ++ if (!ok) return 0; + *decoded++ = newSample; + + encoded++; +-- +2.11.0 +