From patchwork Wed Apr 16 20:14:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61445 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D5860C369C7 for ; Wed, 16 Apr 2025 20:14:26 +0000 (UTC) Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.29946.1744834464546961863 for ; Wed, 16 Apr 2025 13:14:24 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=s288ghc5; spf=softfail (domain: sakoman.com, ip: 209.85.214.171, mailfrom: steve@sakoman.com) Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-224171d6826so1127965ad.3 for ; Wed, 16 Apr 2025 13:14:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834464; x=1745439264; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=NtycDUaxd4w9hWsqt9cB4yX1hv68UGuZFRYl+TlEs1E=; b=s288ghc5fiku5hK1AQQ9aQ1zjCZ0VMAKz9GO53zYhWXMGZA62BqavA1e7cl4W8o84L yGmlMs9oAq9pgpOPkSR0d5pHcngWmK711/Ey9gtZ045r6/nEu2xrfobzdQdwOFKpupUx 2vVsLbIMFeca+5Kgscip4vBIzmtdg17M5rOal+0QP8C92gnTs44qylNxYcBhLUD7P0OQ 0tZuq02MULXUFSBx80K6N13PRnvuIv424S0QevZbP9hMOYQ9m8N13qdP7udfkz9aIihs 0MczEZBIM5SghNxTvwT+IwMo/UjGEnlCz/8ciz8M8tMjYyQ3MIFLMUTYtgtpd3UfdiVt in6g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834464; x=1745439264; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=NtycDUaxd4w9hWsqt9cB4yX1hv68UGuZFRYl+TlEs1E=; b=gc05k/Hl/rJUWjbS3jndbucPHDA3zctcrQjvNVsSks8Z5Z7nQss8bIJBYi8PthkEre Jyjxu2cKH6RJzo09+TKX+o7dLc5YaZ8zcYoZWqL3bekLpvcIOL9Bb1K65sHadj4+D7FH Cgz9i9uz9/HSOc1qH+ok17b07ahfFmxxLbKn7VSJnebZvHgH/Qwwl8dCF91ShIUbE8J5 5GDUQ9sjoOhp69UsjEXTqP1Faft4bV64LDMD9atqJ+tbF8WVmVZXQbuBRNAKFLO1Tl6g 6gcbJQJVQv5Z0FUOX+naP940uAUMtt0hfd0tnPViPIW7uMPwNyQZh0ReXoqCVcX3DaFQ rM4g== X-Gm-Message-State: AOJu0Yz44F6MmC+cI9PI4hYbai7EUJhTy9GhCvqZH1WcKKjgh9SK+aNj FyT+1I592Oox8hS/6e6whcTI6hj8BAe9UKksGI9LGstWowen+CxR6m2FAOg16vA79lLl/fq7KOy 9 X-Gm-Gg: ASbGnctKlf3OY5hbrj4o0+trE3AXDbJFsxkuhHOnYB0hBwjsmAyoKrwDo5LFjCqGmdC Gvs1V8nZEGClObvy2+BFf8QnwaW4UxRGVJzyuEEB24g2oEcT/bdWDdt5efPs9nBMXPAcYfF8eJ7 Yg/X/VDEMhP8cNx+mIPtfWX/0qaaBpjvZzs6J7GlW4dVFqZxRtHlOfPWbN5sLyOAa50JyM3jLGn 8GTSj4OOzNIu472f7Fj1DrDF2nuo0IbeWEQSZ4IcSXdCgidZFwqEcWYwMhDWRjMXzFnyhl8+g6x JCrQIRLLHYrCjQM4bGGEqX+14Hjb6ut3 X-Google-Smtp-Source: AGHT+IFTrDxdMBAA+4CYRYUYd/rJnCUF00EBQdBQO9YtS10WbSm5ATyiho43h62z+5A8s0LpRm9QSw== X-Received: by 2002:a17:903:948:b0:224:191d:8a79 with SMTP id d9443c01a7336-22c35916b53mr44963025ad.27.1744834463759; Wed, 16 Apr 2025 13:14:23 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:23 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 1/6] openssh: Fix for CVE-2025-32728 Date: Wed, 16 Apr 2025 13:14:10 -0700 Message-ID: <59850fba21c60ac9731e293bd21f90c6ae0391f8.1744834364.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:26 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215008 From: Vijay Anusuri Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../openssh/openssh/CVE-2025-32728.patch | 44 +++++++++++++++++++ .../openssh/openssh_9.6p1.bb | 1 + 2 files changed, 45 insertions(+) create mode 100644 meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch new file mode 100644 index 0000000000..72fc0073e8 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2025-32728.patch @@ -0,0 +1,44 @@ +From fc86875e6acb36401dfc1dfb6b628a9d1460f367 Mon Sep 17 00:00:00 2001 +From: "djm@openbsd.org" +Date: Wed, 9 Apr 2025 07:00:03 +0000 +Subject: [PATCH] upstream: Fix logic error in DisableForwarding option. This + option + +was documented as disabling X11 and agent forwarding but it failed to do so. +Spotted by Tim Rice. + +OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1 + +Upstream-Status: Backport [https://github.com/openssh/openssh-portable/commit/fc86875e6acb36401dfc1dfb6b628a9d1460f367] +CVE: CVE-2025-32728 +Signed-off-by: Vijay Anusuri +--- + session.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/session.c b/session.c +index aa342e8..eb932b8 100644 +--- a/session.c ++++ b/session.c +@@ -2191,7 +2191,8 @@ session_auth_agent_req(struct ssh *ssh, Session *s) + if ((r = sshpkt_get_end(ssh)) != 0) + sshpkt_fatal(ssh, r, "%s: parse packet", __func__); + if (!auth_opts->permit_agent_forwarding_flag || +- !options.allow_agent_forwarding) { ++ !options.allow_agent_forwarding || ++ options.disable_forwarding) { + debug_f("agent forwarding disabled"); + return 0; + } +@@ -2586,7 +2587,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s) + ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options."); + return 0; + } +- if (!options.x11_forwarding) { ++ if (!options.x11_forwarding || options.disable_forwarding) { + debug("X11 forwarding disabled in server configuration file."); + return 0; + } +-- +2.25.1 + diff --git a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb index 6ae4c81a42..afcd50c7e6 100644 --- a/meta/recipes-connectivity/openssh/openssh_9.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_9.6p1.bb @@ -31,6 +31,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://0001-Fix-missing-header-for-systemd-notification.patch \ file://CVE-2025-26466.patch \ file://CVE-2025-26465.patch \ + file://CVE-2025-32728.patch \ " SRC_URI[sha256sum] = "910211c07255a8c5ad654391b40ee59800710dd8119dd5362de09385aa7a777c" From patchwork Wed Apr 16 20:14:11 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61446 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id D545DC369C5 for ; Wed, 16 Apr 2025 20:14:26 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.29950.1744834466092055578 for ; Wed, 16 Apr 2025 13:14:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=qfYbKt0r; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-7396f13b750so3327b3a.1 for ; Wed, 16 Apr 2025 13:14:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834465; x=1745439265; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Gu7SOM6eN2G0ZRRx+s3B0205DCLMLf5iwMoGremxa4s=; b=qfYbKt0rrLcazZ595zO8pjk15MRJbrYM6zYnKLbM1sKos3r13FQ3NLWf35ORkEOU0C K2EYkel6JPKaHnxfuH0AaOcjGjbZa0H8iTGcioQ8DnzOGe8wGYPQIq0h1YAxSaT/SLSd ZW7n6XUHHm8J+LW4unu2aCyXu9FJslJWkepx1zJN4n5G/6BolccYDKQO2098YaiYKsIT EOj5DkStyQPIPc8jjvwObKqXbw4HffBrG9Ux4hIPWOtbZozm+6TLlulM1/KU+92b73ii xrV6uLcNeJto4UNdtOPUovMyBhJBMOZNnb5fkU5V7BxnR5SuFHkCi1nqY9BHZ7kuWQIO uoyA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834465; x=1745439265; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Gu7SOM6eN2G0ZRRx+s3B0205DCLMLf5iwMoGremxa4s=; b=Abtw/ZP/tbyTyh6+2z2PSFw5XrveFQJBT5m/pH6aXTZFKNElH8zTrVSYLRb4xDvbRs ES4k/qUe0ICQyweqssycuM5eI9/JPF+TyETvRjP/JRSpbBrwFrTy2fdXrNQe4b/drwdb jQv8iDG30EY+krP9GBt8oBQn7AHTduWVzcPjhpHcv80kOMpQ9ZcvzpVt8LSD3jDm1AQP xcosEcDOcucPUsSVn12u+U/sLCBzRMGiBpvQHWh/u0n1pyf0rVGGNBe8gK0MHb9qr3iO 94MQOYY8cxDE/x4n2NC6W1/DUqWogQl7Rm6lxvYK1nFcLahIwLyd/CLDL6Bsl43hOcLY +RLg== X-Gm-Message-State: AOJu0YxzX6862H8tGkKVUB8bQrYKa7hEhGvpZDxvenOS4DB4f8BlgJuL wS+yxLJyXLFkQhlGzvMWNemXDyPHlDfa8J8z8kz1oGOcddGPYQUuElUrUL7TgGC1hdIEi374zSm 8 X-Gm-Gg: ASbGncvnytAPhmpMmcxqxwq2w+HjXT7j4YBiXDTHazIsqtMpBTshVMzNh18WYVMTO+O BnvT9EBfD2JNx6ZE93mRqVoCfrDZ1qXN8jpp9s3WGo1cOZdt0+bPcuaH0YaBSQ2xV3+GicFxQiA tWWp0QcCMSTCchAwBtFA2u37B6BlaJSFlsGR0p2Ww2QikeoDemoeK57p5oyutnq7453odT5SUQw MZ+iCZv0ebwqicE5OauP5yfbDVxUEsD6Eo3xAQNaxgtUtuaeCAmqguCnF7WdKm5xW++I0oIB0rX zLvSggpZ4LOehw7QzpdQYvJOK8b/c0xZ X-Google-Smtp-Source: AGHT+IGCxCRlcCria91gybMdycD/XgtlOtFOgyImguqNNPZ4a5YjA3sodOnbCVbddfww6g1WO2kK7w== X-Received: by 2002:a05:6a21:6d8c:b0:1ee:d687:c39b with SMTP id adf61e73a8af0-203b3e6affdmr4613313637.7.1744834465308; Wed, 16 Apr 2025 13:14:25 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:24 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 2/6] binutils: Fix CVE-2025-1176 Date: Wed, 16 Apr 2025 13:14:11 -0700 Message-ID: <9273daf22d251221e5bcac1de21713e28149ad1d.1744834364.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:26 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215009 From: Ashish Sharma Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1176.patch?h=applied/ubuntu/jammy-security Upstream commit https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.42.inc | 1 + .../binutils/binutils/CVE-2025-1176.patch | 156 ++++++++++++++++++ 2 files changed, 157 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1176.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index 809c4207d4..0ca00552ce 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -39,5 +39,6 @@ SRC_URI = "\ file://0016-CVE-2024-53589.patch \ file://0017-dlltool-file-name-too-long.patch \ file://0018-CVE-2025-0840.patch \ + file://CVE-2025-1176.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1176.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1176.patch new file mode 100644 index 0000000000..1ecf09569d --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1176.patch @@ -0,0 +1,156 @@ +From f9978defb6fab0bd8583942d97c112b0932ac814 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 11:15:11 +0000 +Subject: [PATCH] Prevent illegal memory access when indexing into the + sym_hashes array of the elf bfd cookie structure. + +PR 32636 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1176.patch?h=applied/ubuntu/jammy-security&id=62a5cc5a49f4be036cf98d2b8fc7d618620ba672 +Upstream commit https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814] +CVE: CVE-2025-1176 +Signed-off-by: Ashish Sharma + +Index: binutils-2.38/bfd/elflink.c +=================================================================== +--- binutils-2.38.orig/bfd/elflink.c ++++ binutils-2.38/bfd/elflink.c +@@ -62,15 +62,16 @@ struct elf_find_verdep_info + static bool _bfd_elf_fix_symbol_flags + (struct elf_link_hash_entry *, struct elf_info_failed *); + +-asection * +-_bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, +- unsigned long r_symndx, +- bool discard) ++static struct elf_link_hash_entry * ++get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx) + { +- if (r_symndx >= cookie->locsymcount +- || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ struct elf_link_hash_entry *h = NULL; ++ ++ if ((r_symndx >= cookie->locsymcount ++ || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ /* Guard against corrupt input. See PR 32636 for an example. */ ++ && r_symndx >= cookie->extsymoff) + { +- struct elf_link_hash_entry *h; + + h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; + +@@ -78,6 +79,22 @@ _bfd_elf_section_for_symbol (struct elf_ + || h->root.type == bfd_link_hash_warning) + h = (struct elf_link_hash_entry *) h->root.u.i.link; + ++ } ++ ++ return h; ++} ++ ++asection * ++_bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, ++ unsigned long r_symndx, ++ bool discard) ++{ ++ struct elf_link_hash_entry *h; ++ ++ h = get_ext_sym_hash (cookie, r_symndx); ++ ++ if (h != NULL) ++ { + if ((h->root.type == bfd_link_hash_defined + || h->root.type == bfd_link_hash_defweak) + && discarded_section (h->root.u.def.section)) +@@ -85,21 +102,20 @@ _bfd_elf_section_for_symbol (struct elf_ + else + return NULL; + } +- else +- { +- /* It's not a relocation against a global symbol, +- but it could be a relocation against a local +- symbol for a discarded section. */ +- asection *isec; +- Elf_Internal_Sym *isym; + +- /* Need to: get the symbol; get the section. */ +- isym = &cookie->locsyms[r_symndx]; +- isec = bfd_section_from_elf_index (cookie->abfd, isym->st_shndx); +- if (isec != NULL +- && discard ? discarded_section (isec) : 1) +- return isec; +- } ++ /* It's not a relocation against a global symbol, ++ but it could be a relocation against a local ++ symbol for a discarded section. */ ++ asection *isec; ++ Elf_Internal_Sym *isym; ++ ++ /* Need to: get the symbol; get the section. */ ++ isym = &cookie->locsyms[r_symndx]; ++ isec = bfd_section_from_elf_index (cookie->abfd, isym->st_shndx); ++ if (isec != NULL ++ && discard ? discarded_section (isec) : 1) ++ return isec; ++ + return NULL; + } + +@@ -13642,22 +13658,12 @@ _bfd_elf_gc_mark_rsec (struct bfd_link_i + if (r_symndx == STN_UNDEF) + return NULL; + +- if (r_symndx >= cookie->locsymcount +- || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ h = get_ext_sym_hash (cookie, r_symndx); ++ ++ if (h != NULL) + { + bool was_marked; + +- h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; +- if (h == NULL) +- { +- info->callbacks->einfo (_("%F%P: corrupt input: %pB\n"), +- sec->owner); +- return NULL; +- } +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; +- + was_marked = h->mark; + h->mark = 1; + /* Keep all aliases of the symbol too. If an object symbol +@@ -14703,17 +14709,12 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma + if (r_symndx == STN_UNDEF) + return true; + +- if (r_symndx >= rcookie->locsymcount +- || ELF_ST_BIND (rcookie->locsyms[r_symndx].st_info) != STB_LOCAL) +- { +- struct elf_link_hash_entry *h; +- +- h = rcookie->sym_hashes[r_symndx - rcookie->extsymoff]; +- +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ struct elf_link_hash_entry *h; + ++ h = get_ext_sym_hash (rcookie, r_symndx); ++ ++ if (h != NULL) ++ { + if ((h->root.type == bfd_link_hash_defined + || h->root.type == bfd_link_hash_defweak) + && (h->root.u.def.section->owner != rcookie->abfd +@@ -14737,6 +14738,7 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma + || discarded_section (isec))) + return true; + } ++ + return false; + } + return false; From patchwork Wed Apr 16 20:14:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61450 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B92A0C369C7 for ; Wed, 16 Apr 2025 20:14:36 +0000 (UTC) Received: from mail-pl1-f170.google.com (mail-pl1-f170.google.com [209.85.214.170]) by mx.groups.io with SMTP id smtpd.web10.29951.1744834467443698620 for ; Wed, 16 Apr 2025 13:14:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=YKt+1of2; spf=softfail (domain: sakoman.com, ip: 209.85.214.170, mailfrom: steve@sakoman.com) Received: by mail-pl1-f170.google.com with SMTP id d9443c01a7336-224171d6826so1128445ad.3 for ; Wed, 16 Apr 2025 13:14:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834467; x=1745439267; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=2DHdgkOigIHUPBIJS/nV/J/TMKCJhBORttNFAxWcYBA=; b=YKt+1of27343PGjVmhv5qP+ketUR7QCyqquR0hOqFAWNt4orqggqBrmdLFtpaGxG+Y 2JzpV83tTUfGsA44OEIc38I3lRbW/KLpPOrg6aR95tDzmm4tsZzp6ibEiXvUG6Wthtcf memXC7U20E1iXqbTOZkmeoo56x43JMGlONKJ2CQh/jKVwAHApWg+7u0bIksLruCAcVW3 AP6GhBoO7154NYDbOYxFvL3TNPoXlf1pM0AGlxxIt1V/JZqHvN8o6c1P7i/A4dttMhIA T4khUld8pvQR4C1qXWneJFgKeejX4q8sT5hQq1O5QnIJqujlh/F8du48EYx0SGA1UPNi zp9A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834467; x=1745439267; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2DHdgkOigIHUPBIJS/nV/J/TMKCJhBORttNFAxWcYBA=; b=uWX8y5EkohC5ipUGkzVxR7tfFUTrCR3NeXYM6F0AYNAPONICzUVXLgfMBPxz6LnTPq wewzwRdmTCYeeieOTixLys2ePFNlh14z0EqSTXqQmjvj5NX8m1l+ilGRXwd1NinBnzrZ jFLXHzXBWFCpAAtqpBkG5IOxrSfvw6q41S32rAbXYs5dTTLaFN+tFdQaBVui0Hm7FHbU wbrlVgcfXqYhsdTSw0MQ4+as6eNNmbBhdZubyATUjOxFdylxbmIBxLkBHySEkuIbw4h7 ZhhHO2vc0lmY2sFqwx40JfhGznF9v+yEZweV7UJRAp9SPVCDQAfeKVK0wB9cvzzeqqnT 3gSA== X-Gm-Message-State: AOJu0Yw0FrSb0mbTFLi3JXH0858oP93A388QguxzqVDg4LbOWU3jr9sg c8CbaR5bPO8+lmJkqVVQxK70aDqwzGwAkoX+EgBz3rM8+qhRISYi4DDLcospuDG79nRL/Ag+d1S y X-Gm-Gg: ASbGncu14+6KEi67FLNvyOLNlVYWIV1Uyihbw1C7OsywOO0IscxcbB4gGSzQnr/hXX4 xSYiZTZNE4xRrPuYrOBn50yIbJ73NTdoOyIgWjH9T1WeWrYnyCChjBDuoQ24WEMkIDT+zz23PYU fhtUDuv1bvra3jJ/IpU+Rlmj6Wxb9V6dgHq3FPZMqabe5JTHQAvk0UtSQ0A1IhuKg7Mid+Pxc9r B0afuh9kXoZVs83djedbu5fUJYK+DugIkvyxuVrJ/GN+C0POXoCekCVhXR7GMJe6v9Lfh5EVQqj LJhlCv+QYLoxxvZtSbxsLOIQ0Y1tTW8RBQfAASnpG1M= X-Google-Smtp-Source: AGHT+IES2m1uM4BXPH0+NMAAFk8W5kIbPFwCJp7JgeFyoO8aZO1Dlk2Jp9cGFeCzjx/J1TXoPj3H4g== X-Received: by 2002:a17:902:ec83:b0:224:255b:c92e with SMTP id d9443c01a7336-22c358c5a60mr40660025ad.3.1744834466623; Wed, 16 Apr 2025 13:14:26 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.26 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:26 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 3/6] binutils: patch CVE-2025-1178 & CVE-2024-57360 Date: Wed, 16 Apr 2025 13:14:12 -0700 Message-ID: <36b994258fc8546e710ddc78cbf8ff09544744e3.1744834364.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215010 From: Ashish Sharma Backport Fixes for: *CVE-2025-1178 - Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] *CVE-2024-57360 - Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=5f8987d3999edb26e757115fe87be55787d510b9] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.42.inc | 2 + .../binutils/binutils/CVE-2024-57360.patch | 75 +++++++++++++++++++ .../binutils/binutils/CVE-2025-1178.patch | 38 ++++++++++ 3 files changed, 115 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2024-57360.patch create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1178.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index 0ca00552ce..d366350556 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -40,5 +40,7 @@ SRC_URI = "\ file://0017-dlltool-file-name-too-long.patch \ file://0018-CVE-2025-0840.patch \ file://CVE-2025-1176.patch \ + file://CVE-2025-1178.patch \ + file://CVE-2024-57360.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2024-57360.patch b/meta/recipes-devtools/binutils/binutils/CVE-2024-57360.patch new file mode 100644 index 0000000000..6d9720414b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2024-57360.patch @@ -0,0 +1,75 @@ +From 5f8987d3999edb26e757115fe87be55787d510b9 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Tue, 17 Dec 2024 09:18:57 +0000 +Subject: [PATCH] nm: Avoid potential segmentation fault when displaying + symbols without version info. + +PR 32467 + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] +CVE: CVE-2024-57360 +Signed-off-by: Ashish Sharma + + binutils/nm.c | 24 ++++++++++++++++-------- + 1 file changed, 16 insertions(+), 8 deletions(-) + +diff --git a/binutils/nm.c b/binutils/nm.c +index faf27c59b4d..0ba7604d34f 100644 +--- a/binutils/nm.c ++++ b/binutils/nm.c +@@ -682,7 +682,7 @@ print_symname (const char *form, struct extended_symbol_info *info, + const char *name, bfd *abfd) + { + char *alloc = NULL; +- char *atver = NULL; ++ char *atname = NULL; + + if (name == NULL) + name = info->sinfo->name; +@@ -690,9 +690,19 @@ print_symname (const char *form, struct extended_symbol_info *info, + if (!with_symbol_versions + && bfd_get_flavour (abfd) == bfd_target_elf_flavour) + { +- atver = strchr (name, '@'); ++ char *atver = strchr (name, '@'); ++ + if (atver) +- *atver = 0; ++ { ++ /* PR 32467 - Corrupt binaries might include an @ character in a ++ symbol name. Since non-versioned symbol names can be in ++ read-only memory (via memory mapping of a file's contents) we ++ cannot just replace the @ character with a NUL. Instead we ++ create a truncated copy of the name. */ ++ atname = xstrdup (name); ++ atname [atver - name] = 0; ++ name = atname; ++ } + } + + if (do_demangle && *name) +@@ -703,9 +713,7 @@ print_symname (const char *form, struct extended_symbol_info *info, + } + + if (unicode_display != unicode_default) +- { +- name = convert_utf8 (name); +- } ++ name = convert_utf8 (name); + + if (info != NULL && info->elfinfo && with_symbol_versions) + { +@@ -726,8 +734,8 @@ print_symname (const char *form, struct extended_symbol_info *info, + } + } + printf (form, name); +- if (atver) +- *atver = '@'; ++ ++ free (atname); + free (alloc); + } + +-- +2.43.5 + diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1178.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1178.patch new file mode 100644 index 0000000000..a68a5e1c3c --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1178.patch @@ -0,0 +1,38 @@ +From 75086e9de1707281172cc77f178e7949a4414ed0 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 13:26:51 +0000 +Subject: [PATCH] Prevent an abort in the bfd linker when attempting to + generate dynamic relocs for a corrupt input file. + +PR 32638 + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] +CVE: CVE-2025-1178 +Signed-off-by: Ashish Sharma + + bfd/elf64-x86-64.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c +index 61334c3ab04..32db254ba6c 100644 +--- a/bfd/elf64-x86-64.c ++++ b/bfd/elf64-x86-64.c +@@ -5303,6 +5303,15 @@ elf_x86_64_finish_dynamic_symbol (bfd *output_bfd, + + if (generate_dynamic_reloc) + { ++ /* If the relgot section has not been created, then ++ generate an error instead of a reloc. cf PR 32638. */ ++ if (relgot == NULL || relgot->size == 0) ++ { ++ info->callbacks->einfo (_("%F%pB: Unable to generate dynamic relocs because a suitable section does not exist\n"), ++ output_bfd); ++ return false; ++ } ++ + if (relative_reloc_name != NULL + && htab->params->report_relative_reloc) + _bfd_x86_elf_link_report_relative_reloc +-- +2.43.5 + From patchwork Wed Apr 16 20:14:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61449 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B27D5C369C5 for ; Wed, 16 Apr 2025 20:14:36 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.29614.1744834469133272640 for ; Wed, 16 Apr 2025 13:14:29 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=d/WGnT+Q; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-736dd9c4b40so1094841b3a.0 for ; Wed, 16 Apr 2025 13:14:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834468; x=1745439268; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=pu2Euc8wB6j6FBHbRwwtNSr6ohQd6ZoRfXv31PF0iIk=; b=d/WGnT+Q6RoBaRfH18v4AzbXg0dSItX9XfEjHSfn8wSxrkZ7EnsOB1EOhZEEXa2bUp 1e2EkPJZypVQpD6ExQy/YGwcNDoJ2xMnKY/MrqqUZfD7S+NAKYmOmSSHPGbmWtnymzE8 ul2Q9Od9Z3YNIks/GU9WmvHWjd/Ad6zbYtS5ZQseWt5cR2utC1sz+7JQMKaE1resZDom LNdSOSkUIOuuBoFynHMd0aNgpF+16IV1r93AyjjdTtrWy7yDteupeycJ/ECE8SMI/8RD v7riOjwyyT+K3my6UYcLigef8axh6xKzE72sU+LklixFubuO4a2yO6ZtnObNVaTWAcI3 7sMQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834468; x=1745439268; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=pu2Euc8wB6j6FBHbRwwtNSr6ohQd6ZoRfXv31PF0iIk=; b=vILFAsmD3bMG84cmw4j1ECVSHZY8vbGjvE4YWcO9QtKaKG7I/VDQEtMHLGqlB/qndM vWx/X2aCfLgE1Y0tGgNSkPl/uTd9fTb57IXuWerHC1hrrFIm/+X2mIbPlHjARu1BnyUY lLc55g8qdrA719FxgUmClXz0M2/pQWVOjrrNf/KhkJ7NGsQBJrWG8RLwA1TGYkSRSDW5 K/wmHVCHvAsFN8LswkzRzTyc7uTrxDmnaHaoNKCE0jAUbEgc+DFQkx8UY63EVVCfVY/M uJVBYvfsBQgtrVmeKHWOfbsZEla9eo3q9Br4L3sXCzZTflQJlHmUZMC3B2bpuND+d9gT 57TA== X-Gm-Message-State: AOJu0YwGBJ1fvIiWJMIpzKmafNgBPE+R8qygdfCcHT39P88KkLY/soOY Q7XfBf1FvwcjP/mLW9ZaHQ0zIdyyLRT60k3p3D/EZuIXawCdVWWYqHm6CRRmmlnRnkh2OXPBUJN s X-Gm-Gg: ASbGncv0dFWZyobOpNi7EAdvZLxsHRd96FI8kBnCkp2JmvOQ9JegfYBQdQLFVtsmHmS tJWf6gEYuGKuFV/AfqhJJCduSv2l3QzGz0eGEVuATuIBGv7xJFehMd3U9PmTQr1UQuE6kVFdW8u vT0byP4+vpwDkjXVNnnaeiYPymsdMLky/MiXwHh4afkQ3grxO7x3cYTqDk3/G7n0QfjNMLRnnVh pR/JxkMc4FvaHYMDypDWfHIzOLOTBouW7nx2QAaBy5FF16H1lk86kaPXenydnL0ryjtBz850vXP +EXFfVlX3DjhgLs+H4pnJoy9DXgndaVN X-Google-Smtp-Source: AGHT+IE06nqvHzWeG547MuPhy6Sj/tn7Aqqm5dtkYrBbBRlmtLNoOTwIEn8QPiUhBhaBNp2Dzooz2w== X-Received: by 2002:a05:6a21:513:b0:1f3:34a4:bf01 with SMTP id adf61e73a8af0-203bdd4201emr259615637.17.1744834468182; Wed, 16 Apr 2025 13:14:28 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.27 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:27 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 4/6] binutils: patch CVE-2025-1181 Date: Wed, 16 Apr 2025 13:14:13 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215011 From: Ashish Sharma Import patches from ubuntu: Upstream-Status: Backport [ https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1181-pre.patch?h=applied/ubuntu/noble-security&id=d6b5bf57cf048c42e4bcd3a4ab32116d0b809774 && https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1181.patch?h=applied/ubuntu/noble-security&id=d6b5bf57cf048c42e4bcd3a4ab32116d0b809774 Upstream commit: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24 ] Signed-off-by: Ashish Sharma Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.42.inc | 2 + .../binutils/binutils/CVE-2025-1181-pre.patch | 151 ++++++++ .../binutils/binutils/CVE-2025-1181.patch | 345 ++++++++++++++++++ 3 files changed, 498 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc index d366350556..758bd8dcce 100644 --- a/meta/recipes-devtools/binutils/binutils-2.42.inc +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc @@ -42,5 +42,7 @@ SRC_URI = "\ file://CVE-2025-1176.patch \ file://CVE-2025-1178.patch \ file://CVE-2024-57360.patch \ + file://CVE-2025-1181-pre.patch \ + file://CVE-2025-1181.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch new file mode 100644 index 0000000000..280e522a28 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1181-pre.patch @@ -0,0 +1,151 @@ +Backported of: + +From 18cc11a2771d9e40180485da9a4fb660c03efac3 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 14:31:10 +0000 +Subject: [PATCH] Prevent illegal memory access when checking relocs in a + corrupt ELF binary. + +PR 32641 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1181-pre.patch?h=applied/ubuntu/noble-security&id=d6b5bf57cf048c42e4bcd3a4ab32116d0b809774] +Upstream commit [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24] + +CVE: CVE-2025-1181 + +Signed-off-by: Ashish Sharma + + bfd/elf-bfd.h | 3 +++ + bfd/elf64-x86-64.c | 10 +++++----- + bfd/elflink.c | 24 ++++++++++++++++++++++++ + bfd/elfxx-x86.c | 20 +++++++------------- + 4 files changed, 39 insertions(+), 18 deletions(-) +diff --git a/bfd/elf-bfd.h b/bfd/elf-bfd.h +index 3ed22fa6..07add7d0 100644 +--- a/bfd/elf-bfd.h ++++ b/bfd/elf-bfd.h +@@ -3126,6 +3126,9 @@ extern bool _bfd_elf_maybe_set_textrel + extern bool _bfd_elf_add_dynamic_tags + (bfd *, struct bfd_link_info *, bool); + ++extern struct elf_link_hash_entry * _bfd_elf_get_link_hash_entry ++ (struct elf_link_hash_entry **, unsigned int, Elf_Internal_Shdr *); ++ + /* Large common section. */ + extern asection _bfd_elf_large_com_section; + +diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c +index d0d3b0e5..c3fb375c 100644 +--- a/bfd/elf64-x86-64.c ++++ b/bfd/elf64-x86-64.c +@@ -1665,7 +1665,7 @@ elf_x86_64_convert_load_reloc (bfd *abfd, + bool to_reloc_pc32; + bool abs_symbol; + bool local_ref; +- asection *tsec; ++ asection *tsec = NULL; + bfd_signed_vma raddend; + unsigned int opcode; + unsigned int modrm; +@@ -1831,6 +1831,9 @@ elf_x86_64_convert_load_reloc (bfd *abfd, + return true; + } + ++ if (tsec == NULL) ++ return false; ++ + /* Don't convert GOTPCREL relocation against large section. */ + if (elf_section_data (tsec) != NULL + && (elf_section_flags (tsec) & SHF_X86_64_LARGE) != 0) +@@ -2127,10 +2130,7 @@ elf_x86_64_scan_relocs (bfd *abfd, struct bfd_link_info *info, + else + { + isym = NULL; +- h = sym_hashes[r_symndx - symtab_hdr->sh_info]; +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr); + } + + /* Check invalid x32 relocations. */ +diff --git a/bfd/elflink.c b/bfd/elflink.c +index 11ec6bd9..e5521d7b 100644 +--- a/bfd/elflink.c ++++ b/bfd/elflink.c +@@ -49,6 +49,27 @@ struct elf_info_failed + static bool _bfd_elf_fix_symbol_flags + (struct elf_link_hash_entry *, struct elf_info_failed *); + ++struct elf_link_hash_entry * ++_bfd_elf_get_link_hash_entry (struct elf_link_hash_entry ** sym_hashes, ++ unsigned int symndx, ++ Elf_Internal_Shdr * symtab_hdr) ++{ ++ if (symndx < symtab_hdr->sh_info) ++ return NULL; ++ ++ struct elf_link_hash_entry *h = sym_hashes[symndx - symtab_hdr->sh_info]; ++ ++ /* The hash might be empty. See PR 32641 for an example of this. */ ++ if (h == NULL) ++ return NULL; ++ ++ while (h->root.type == bfd_link_hash_indirect ++ || h->root.type == bfd_link_hash_warning) ++ h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ ++ return h; ++} ++ + static struct elf_link_hash_entry * + get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx) + { +@@ -62,6 +83,9 @@ get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx) + + h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; + ++ if (h == NULL) ++ return NULL; ++ + while (h->root.type == bfd_link_hash_indirect + || h->root.type == bfd_link_hash_warning) + h = (struct elf_link_hash_entry *) h->root.u.i.link; +diff --git a/bfd/elfxx-x86.c b/bfd/elfxx-x86.c +index 508fd771..8c261cf8 100644 +--- a/bfd/elfxx-x86.c ++++ b/bfd/elfxx-x86.c +@@ -972,15 +972,7 @@ _bfd_x86_elf_check_relocs (bfd *abfd, + goto error_return; + } + +- if (r_symndx < symtab_hdr->sh_info) +- h = NULL; +- else +- { +- h = sym_hashes[r_symndx - symtab_hdr->sh_info]; +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; +- } ++ h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr); + + if (X86_NEED_DYNAMIC_RELOC_TYPE_P (is_x86_64, r_type) + && NEED_DYNAMIC_RELOCATION_P (is_x86_64, info, true, h, sec, +@@ -1205,10 +1197,12 @@ _bfd_x86_elf_link_relax_section (bfd *abfd ATTRIBUTE_UNUSED, + else + { + /* Get H and SEC for GENERATE_DYNAMIC_RELOCATION_P below. */ +- h = sym_hashes[r_symndx - symtab_hdr->sh_info]; +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ h = _bfd_elf_get_link_hash_entry (sym_hashes, r_symndx, symtab_hdr); ++ if (h == NULL) ++ { ++ /* FIXMEL: Issue an error message ? */ ++ continue; ++ } + + if (h->root.type == bfd_link_hash_defined + || h->root.type == bfd_link_hash_defweak) diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch new file mode 100644 index 0000000000..70b7485777 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1181.patch @@ -0,0 +1,345 @@ +Backported of: + +From 931494c9a89558acb36a03a340c01726545eef24 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 15:43:04 +0000 +Subject: [PATCH] Add even more checks for corrupt input when processing + relocations for ELF files. + +PR 32643 + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/binutils/plain/debian/patches/CVE-2025-1181.patch?h=applied/ubuntu/noble-security&id=d6b5bf57cf048c42e4bcd3a4ab32116d0b809774] +Upstream commit [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24] + +CVE: CVE-2025-1181 + +Signed-off-by: Ashish Sharma + + +diff --git a/bfd/elflink.c b/bfd/elflink.c +index e5521d7b..ff84229c 100644 +--- a/bfd/elflink.c ++++ b/bfd/elflink.c +@@ -49,15 +49,17 @@ struct elf_info_failed + static bool _bfd_elf_fix_symbol_flags + (struct elf_link_hash_entry *, struct elf_info_failed *); + +-struct elf_link_hash_entry * +-_bfd_elf_get_link_hash_entry (struct elf_link_hash_entry ** sym_hashes, +- unsigned int symndx, +- Elf_Internal_Shdr * symtab_hdr) ++static struct elf_link_hash_entry * ++get_link_hash_entry (struct elf_link_hash_entry ** sym_hashes, ++ unsigned int symndx, ++ unsigned int ext_sym_start) + { +- if (symndx < symtab_hdr->sh_info) ++ if (sym_hashes == NULL ++ /* Guard against corrupt input. See PR 32636 for an example. */ ++ || symndx < ext_sym_start) + return NULL; + +- struct elf_link_hash_entry *h = sym_hashes[symndx - symtab_hdr->sh_info]; ++ struct elf_link_hash_entry *h = sym_hashes[symndx - ext_sym_start]; + + /* The hash might be empty. See PR 32641 for an example of this. */ + if (h == NULL) +@@ -70,29 +72,28 @@ _bfd_elf_get_link_hash_entry (struct elf_link_hash_entry ** sym_hashes, + return h; + } + +-static struct elf_link_hash_entry * +-get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx) ++struct elf_link_hash_entry * ++_bfd_elf_get_link_hash_entry (struct elf_link_hash_entry ** sym_hashes, ++ unsigned int symndx, ++ Elf_Internal_Shdr * symtab_hdr) + { +- struct elf_link_hash_entry *h = NULL; +- +- if ((r_symndx >= cookie->locsymcount +- || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) +- /* Guard against corrupt input. See PR 32636 for an example. */ +- && r_symndx >= cookie->extsymoff) +- { +- +- h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; +- +- if (h == NULL) +- return NULL; ++ if (symtab_hdr == NULL) ++ return NULL; + +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ return get_link_hash_entry (sym_hashes, symndx, symtab_hdr->sh_info); ++} + +- } ++static struct elf_link_hash_entry * ++get_ext_sym_hash_from_cookie (struct elf_reloc_cookie *cookie, unsigned long r_symndx) ++{ ++ if (cookie == NULL || cookie->sym_hashes == NULL) ++ return NULL; ++ ++ if (r_symndx >= cookie->locsymcount ++ || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ return get_link_hash_entry (cookie->sym_hashes, r_symndx, cookie->extsymoff); + +- return h; ++ return NULL; + } + + asection * +@@ -102,7 +103,7 @@ _bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, + { + struct elf_link_hash_entry *h; + +- h = get_ext_sym_hash (cookie, r_symndx); ++ h = get_ext_sym_hash_from_cookie (cookie, r_symndx); + + if (h != NULL) + { +@@ -8906,7 +8907,6 @@ set_symbol_value (bfd *bfd_with_globals, + size_t symidx, + bfd_vma val) + { +- struct elf_link_hash_entry **sym_hashes; + struct elf_link_hash_entry *h; + size_t extsymoff = locsymcount; + +@@ -8929,12 +8929,12 @@ set_symbol_value (bfd *bfd_with_globals, + + /* It is a global symbol: set its link type + to "defined" and give it a value. */ +- +- sym_hashes = elf_sym_hashes (bfd_with_globals); +- h = sym_hashes [symidx - extsymoff]; +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ h = get_link_hash_entry (elf_sym_hashes (bfd_with_globals), symidx, extsymoff); ++ if (h == NULL) ++ { ++ /* FIXMEL What should we do ? */ ++ return; ++ } + h->root.type = bfd_link_hash_defined; + h->root.u.def.value = val; + h->root.u.def.section = bfd_abs_section_ptr; +@@ -11405,10 +11405,19 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd) + || (elf_bad_symtab (input_bfd) + && flinfo->sections[symndx] == NULL)) + { +- struct elf_link_hash_entry *h = sym_hashes[symndx - extsymoff]; +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ struct elf_link_hash_entry *h; ++ ++ h = get_link_hash_entry (sym_hashes, symndx, extsymoff); ++ if (h == NULL) ++ { ++ _bfd_error_handler ++ /* xgettext:c-format */ ++ (_("error: %pB: unable to create group section symbol"), ++ input_bfd); ++ bfd_set_error (bfd_error_bad_value); ++ return false; ++ } ++ + /* Arrange for symbol to be output. */ + h->indx = -2; + elf_section_data (osec)->this_hdr.sh_info = -2; +@@ -11542,7 +11551,7 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd) + || (elf_bad_symtab (input_bfd) + && flinfo->sections[r_symndx] == NULL)) + { +- h = sym_hashes[r_symndx - extsymoff]; ++ h = get_link_hash_entry (sym_hashes, r_symndx, extsymoff); + + /* Badly formatted input files can contain relocs that + reference non-existant symbols. Check here so that +@@ -11551,17 +11560,13 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd) + { + _bfd_error_handler + /* xgettext:c-format */ +- (_("error: %pB contains a reloc (%#" PRIx64 ") for section %pA " ++ (_("error: %pB contains a reloc (%#" PRIx64 ") for section '%pA' " + "that references a non-existent global symbol"), + input_bfd, (uint64_t) rel->r_info, o); + bfd_set_error (bfd_error_bad_value); + return false; + } + +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; +- + s_type = h->type; + + /* If a plugin symbol is referenced from a non-IR file, +@@ -11777,7 +11782,6 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd) + && flinfo->sections[r_symndx] == NULL)) + { + struct elf_link_hash_entry *rh; +- unsigned long indx; + + /* This is a reloc against a global symbol. We + have not yet output all the local symbols, so +@@ -11786,15 +11790,16 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd) + reloc to point to the global hash table entry + for this symbol. The symbol index is then + set at the end of bfd_elf_final_link. */ +- indx = r_symndx - extsymoff; +- rh = elf_sym_hashes (input_bfd)[indx]; +- while (rh->root.type == bfd_link_hash_indirect +- || rh->root.type == bfd_link_hash_warning) +- rh = (struct elf_link_hash_entry *) rh->root.u.i.link; +- +- /* Setting the index to -2 tells +- elf_link_output_extsym that this symbol is +- used by a reloc. */ ++ rh = get_link_hash_entry (elf_sym_hashes (input_bfd), ++ r_symndx, extsymoff); ++ if (rh == NULL) ++ { ++ /* FIXME: Generate an error ? */ ++ continue; ++ } ++ ++ /* Setting the index to -2 tells elf_link_output_extsym ++ that this symbol is used by a reloc. */ + BFD_ASSERT (rh->indx < 0); + rh->indx = -2; + *rel_hash = rh; +@@ -13758,25 +13763,21 @@ _bfd_elf_gc_mark_hook (asection *sec, + struct elf_link_hash_entry *h, + Elf_Internal_Sym *sym) + { +- if (h != NULL) ++ if (h == NULL) ++ return bfd_section_from_elf_index (sec->owner, sym->st_shndx); ++ ++ switch (h->root.type) + { +- switch (h->root.type) +- { +- case bfd_link_hash_defined: +- case bfd_link_hash_defweak: +- return h->root.u.def.section; ++ case bfd_link_hash_defined: ++ case bfd_link_hash_defweak: ++ return h->root.u.def.section; + +- case bfd_link_hash_common: +- return h->root.u.c.p->section; ++ case bfd_link_hash_common: ++ return h->root.u.c.p->section; + +- default: +- break; +- } ++ default: ++ return NULL; + } +- else +- return bfd_section_from_elf_index (sec->owner, sym->st_shndx); +- +- return NULL; + } + + /* Return the debug definition section. */ +@@ -13825,46 +13826,49 @@ _bfd_elf_gc_mark_rsec (struct bfd_link_info *info, asection *sec, + if (r_symndx == STN_UNDEF) + return NULL; + +- h = get_ext_sym_hash (cookie, r_symndx); +- +- if (h != NULL) ++ h = get_ext_sym_hash_from_cookie (cookie, r_symndx); ++ if (h == NULL) + { +- bool was_marked; ++ /* A corrup tinput file can lead to a situation where the index ++ does not reference either a local or an external symbol. */ ++ if (r_symndx >= cookie->locsymcount) ++ return NULL; + +- was_marked = h->mark; +- h->mark = 1; +- /* Keep all aliases of the symbol too. If an object symbol +- needs to be copied into .dynbss then all of its aliases +- should be present as dynamic symbols, not just the one used +- on the copy relocation. */ +- hw = h; +- while (hw->is_weakalias) +- { +- hw = hw->u.alias; +- hw->mark = 1; +- } ++ return (*gc_mark_hook) (sec, info, cookie->rel, NULL, ++ &cookie->locsyms[r_symndx]); ++ } + +- if (!was_marked && h->start_stop && !h->root.ldscript_def) +- { +- if (info->start_stop_gc) +- return NULL; ++ bool was_marked = h->mark; + +- /* To work around a glibc bug, mark XXX input sections +- when there is a reference to __start_XXX or __stop_XXX +- symbols. */ +- else if (start_stop != NULL) +- { +- asection *s = h->u2.start_stop_section; +- *start_stop = true; +- return s; +- } +- } ++ h->mark = 1; ++ /* Keep all aliases of the symbol too. If an object symbol ++ needs to be copied into .dynbss then all of its aliases ++ should be present as dynamic symbols, not just the one used ++ on the copy relocation. */ ++ hw = h; ++ while (hw->is_weakalias) ++ { ++ hw = hw->u.alias; ++ hw->mark = 1; ++ } + +- return (*gc_mark_hook) (sec, info, cookie->rel, h, NULL); ++ if (!was_marked && h->start_stop && !h->root.ldscript_def) ++ { ++ if (info->start_stop_gc) ++ return NULL; ++ ++ /* To work around a glibc bug, mark XXX input sections ++ when there is a reference to __start_XXX or __stop_XXX ++ symbols. */ ++ else if (start_stop != NULL) ++ { ++ asection *s = h->u2.start_stop_section; ++ *start_stop = true; ++ return s; ++ } + } + +- return (*gc_mark_hook) (sec, info, cookie->rel, NULL, +- &cookie->locsyms[r_symndx]); ++ return (*gc_mark_hook) (sec, info, cookie->rel, h, NULL); + } + + /* COOKIE->rel describes a relocation against section SEC, which is +@@ -14878,7 +14882,7 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie) + + struct elf_link_hash_entry *h; + +- h = get_ext_sym_hash (rcookie, r_symndx); ++ h = get_ext_sym_hash_from_cookie (rcookie, r_symndx); + + if (h != NULL) + { From patchwork Wed Apr 16 20:14:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61448 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id B92CCC3DA4A for ; Wed, 16 Apr 2025 20:14:36 +0000 (UTC) Received: from mail-pf1-f176.google.com (mail-pf1-f176.google.com [209.85.210.176]) by mx.groups.io with SMTP id smtpd.web10.29952.1744834471297237991 for ; Wed, 16 Apr 2025 13:14:31 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=qdX9ZE2b; spf=softfail (domain: sakoman.com, ip: 209.85.210.176, mailfrom: steve@sakoman.com) Received: by mail-pf1-f176.google.com with SMTP id d2e1a72fcca58-736b34a71a1so14379b3a.0 for ; Wed, 16 Apr 2025 13:14:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834470; x=1745439270; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=QojWW83AywHLLmbULGahhtwAeVkRlGsEoyXo35CtaaY=; b=qdX9ZE2brihspa50iged80+CPjdGSDy3eD1wfksAjzpdOfuEKfX8mLVoD6/i8EDOGM fqaoKUtxwpOfrgzqQHw3BQ6lVhDhsrVTtgz/CqGGWyLw5lWSyYq91wIfB3jRYNKJjJ4k 4V2EBWbedtrGPqStRpdLJt00ut0CsSrvmg6HQ8YlSEDfVpEuZokFJ9YMErzfSeqnkzMh aBQZ0+TA8yE83cmXjIIaUnSL/Iv2lpOzrQie0kHFyMcMGg5TPYT0ZLECahEV8lI6hP7c S6B8BMSlO2CN57R2bvMAtBNmzu5WdOB0q93RMTt24CfKs/t19WPilggMkbqg8DtZikZI NQVw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834470; x=1745439270; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=QojWW83AywHLLmbULGahhtwAeVkRlGsEoyXo35CtaaY=; b=BMENyobLPsOCc2wokRiKflFXf08p9SvXkSSUgKeE5Hc4QUh2MfSlWkHPFqEv4IcUKx yGjKpXhcin93Jmb95Xbz8gEiMdOorgISyILFKjS/75RzqYFhv2V9qe+qN2Ep9o9JQVzU 1J0/kprbdNU3CUqr6o/KzyaaO54SvWZXqRYi9vgfzNmEBVaElz5DlZ5qvw+8MxbXOuHw fAPubmizD3CDHmfGil4TZtXqBp8VSOQbhJEjT6gjJIm1o0Y2AYFT4Lf7ZwswMFyz2bYQ qz8lIJnUrjLVdd3VwvbpoE7KnH7kMaj+NWtePsV3UU/a9/lpLIl9SQ8QHOBeUVU5IU8f La9A== X-Gm-Message-State: AOJu0YzE8G8SiU93kQJsLQQSuZj9jsKLlB97WJ93i3wT0+5KCTWuoTdl g993TtFX/ujbxKEwggKrNOdV2p77+CMWozlQeEJEUlaLN/GTUYg3aKC81MNIcj6/Q7XCzJ4ktTb 5 X-Gm-Gg: ASbGnctit5nN2+KLgfL6CT95qfNsVMCgBgTv2lNcDsecZbIIRt48zJNFAAuuxSxxZ4A IiEEO5MWaA/87ZaVqSrIsuzXJp/Ln3XRmVF2T+SVF7tCRIeAVPtsbqWA50cpYI6TtUHMg2uS1XI YmPELVUAR9Iwo7pyjgpug49s975snTC6O5/8+4UH5Gd5bZdOYo6nwLdq+n+iRd3sNUGpZV0HZKY Z2Dws29Fa/szrMyeu5UUgGaKPq6irGuURnqJMOs7UrwNK3+kqAkT1sh6/SZaphVrFDvcvuLi36e 4usR0w0y7Xcm4xxgu9HndEUFGbMAvpFljoOzXn0D148= X-Google-Smtp-Source: AGHT+IECzRhCZUVECsCJV2j52T1mp8u7wjTBmHrN4HWxjLxu5WhgeYDmC/CA9tvUJ/awZ/GxSpECSA== X-Received: by 2002:a05:6300:668a:b0:1f5:9330:29fe with SMTP id adf61e73a8af0-203b3eb243amr4385831637.17.1744834470249; Wed, 16 Apr 2025 13:14:30 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.29 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:29 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 5/6] libarchive: upgrade 3.7.4 -> 3.7.9 Date: Wed, 16 Apr 2025 13:14:14 -0700 Message-ID: <1c89b2d7228ba94f8b6fb79b8df9ec00ebf25cad.1744834364.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215012 From: Peter Marko These is update with only bug and security releases. On top of previous CVE patches, also CVE-2024-48615 is handled. Also many security fixes without CVE assigment are included. Note that upgrade to 3.7.5 on master required fix of test in python3-libarchive-c, however that recipe does not yet have ptest in scarthgap and the fix was in test only, not in productive code, so it is not necessary in scarthgap. Also remove CVE_STATUS which was obsolete already before this upgrade. Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../libarchive/CVE-2024-20696.patch | 115 ------------------ .../libarchive/CVE-2024-48957.patch | 36 ------ .../libarchive/CVE-2024-48958.patch | 40 ------ .../CVE-2025-1632_CVE-2025-25724.patch | 83 ------------- .../libarchive/libarchive/configurehack.patch | 4 +- ...ibarchive_3.7.4.bb => libarchive_3.7.9.bb} | 12 +- 6 files changed, 5 insertions(+), 285 deletions(-) delete mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch delete mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-48957.patch delete mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2024-48958.patch delete mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-1632_CVE-2025-25724.patch rename meta/recipes-extended/libarchive/{libarchive_3.7.4.bb => libarchive_3.7.9.bb} (84%) diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch deleted file mode 100644 index e55d58d37b..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2024-20696.patch +++ /dev/null @@ -1,115 +0,0 @@ -From eac15e252010c1189a5c0f461364dbe2cd2a68b1 Mon Sep 17 00:00:00 2001 -From: "Dustin L. Howett" -Date: Thu, 9 May 2024 18:59:17 -0500 -Subject: [PATCH] rar4 reader: protect copy_from_lzss_window_to_unp() (#2172) - -copy_from_lzss_window_to_unp unnecessarily took an `int` parameter where -both of its callers were holding a `size_t`. - -A lzss opcode chain could be constructed that resulted in a negative -copy length, which when passed into memcpy would result in a very, very -large positive number. - -Switching copy_from_lzss_window_to_unp to take a `size_t` allows it to -properly bounds-check length. - -In addition, this patch also ensures that `length` is not itself larger -than the destination buffer. - -CVE: CVE-2024-20696 -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/eac15e252010c1189a5c0f461364dbe2cd2a68b1] - -Signed-off-by: Nitin Wankhade ---- - ---- a/libarchive/archive_read_support_format_rar.c 2024-04-26 14:52:59.000000000 +0530 -+++ b/libarchive/archive_read_support_format_rar.c 2024-12-12 07:35:33.287412704 +0530 -@@ -432,7 +432,7 @@ static int make_table_recurse(struct arc - struct huffman_table_entry *, int, int); - static int expand(struct archive_read *, int64_t *); - static int copy_from_lzss_window_to_unp(struct archive_read *, const void **, -- int64_t, int); -+ int64_t, size_t); - static const void *rar_read_ahead(struct archive_read *, size_t, ssize_t *); - static int parse_filter(struct archive_read *, const uint8_t *, uint16_t, - uint8_t); -@@ -2060,7 +2060,7 @@ read_data_compressed(struct archive_read - bs = rar->unp_buffer_size - rar->unp_offset; - else - bs = (size_t)rar->bytes_uncopied; -- ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs); -+ ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, bs); - if (ret != ARCHIVE_OK) - return (ret); - rar->offset += bs; -@@ -2213,7 +2213,7 @@ read_data_compressed(struct archive_read - bs = rar->unp_buffer_size - rar->unp_offset; - else - bs = (size_t)rar->bytes_uncopied; -- ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, (int)bs); -+ ret = copy_from_lzss_window_to_unp(a, buff, rar->offset, bs); - if (ret != ARCHIVE_OK) - return (ret); - rar->offset += bs; -@@ -3094,11 +3094,16 @@ copy_from_lzss_window(struct archive_rea - - static int - copy_from_lzss_window_to_unp(struct archive_read *a, const void **buffer, -- int64_t startpos, int length) -+ int64_t startpos, size_t length) - { - int windowoffs, firstpart; - struct rar *rar = (struct rar *)(a->format->data); - -+ if (length > rar->unp_buffer_size) -+ { -+ goto fatal; -+ } -+ - if (!rar->unp_buffer) - { - if ((rar->unp_buffer = malloc(rar->unp_buffer_size)) == NULL) -@@ -3110,17 +3115,17 @@ copy_from_lzss_window_to_unp(struct arch - } - - windowoffs = lzss_offset_for_position(&rar->lzss, startpos); -- if(windowoffs + length <= lzss_size(&rar->lzss)) { -+ if(windowoffs + length <= (size_t)lzss_size(&rar->lzss)) { - memcpy(&rar->unp_buffer[rar->unp_offset], &rar->lzss.window[windowoffs], - length); -- } else if (length <= lzss_size(&rar->lzss)) { -+ } else if (length <= (size_t)lzss_size(&rar->lzss)) { - firstpart = lzss_size(&rar->lzss) - windowoffs; - if (firstpart < 0) { - archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, - "Bad RAR file data"); - return (ARCHIVE_FATAL); - } -- if (firstpart < length) { -+ if ((size_t)firstpart < length) { - memcpy(&rar->unp_buffer[rar->unp_offset], - &rar->lzss.window[windowoffs], firstpart); - memcpy(&rar->unp_buffer[rar->unp_offset + firstpart], -@@ -3130,9 +3135,7 @@ copy_from_lzss_window_to_unp(struct arch - &rar->lzss.window[windowoffs], length); - } - } else { -- archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, -- "Bad RAR file data"); -- return (ARCHIVE_FATAL); -+ goto fatal; - } - rar->unp_offset += length; - if (rar->unp_offset >= rar->unp_buffer_size) -@@ -3140,6 +3143,11 @@ copy_from_lzss_window_to_unp(struct arch - else - *buffer = NULL; - return (ARCHIVE_OK); -+ -+fatal: -+ archive_set_error(&a->archive, ARCHIVE_ERRNO_FILE_FORMAT, -+ "Bad RAR file data"); -+ return (ARCHIVE_FATAL); - } - - static const void * diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-48957.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-48957.patch deleted file mode 100644 index 98877cf72c..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2024-48957.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b Mon Sep 17 00:00:00 2001 -From: Wei-Cheng Pan -Date: Mon, 29 Apr 2024 06:53:19 +0900 -Subject: [PATCH] fix: OOB in rar audio filter (#2149) - -This patch ensures that `src` won't move ahead of `dst`, so `src` will -not OOB. Similar situation like in a1cb648. - -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/3006bc5d02ad3ae3c4f9274f60c1f9d2d834734b] -CVE: CVE-2024-48957 -Signed-off-by: Hitendra Prajapati ---- - libarchive/archive_read_support_format_rar.c | 7 +++++++ - 1 file changed, 7 insertions(+) - -diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c -index 79669a8..95a91dc 100644 ---- a/libarchive/archive_read_support_format_rar.c -+++ b/libarchive/archive_read_support_format_rar.c -@@ -3714,6 +3714,13 @@ execute_filter_audio(struct rar_filter *filter, struct rar_virtual_machine *vm) - memset(&state, 0, sizeof(state)); - for (j = i; j < length; j += numchannels) - { -+ /* -+ * The src block should not overlap with the dst block. -+ * If so it would be better to consider this archive is broken. -+ */ -+ if (src >= dst) -+ return 0; -+ - int8_t delta = (int8_t)*src++; - uint8_t predbyte, byte; - int prederror; --- -2.25.1 - diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2024-48958.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2024-48958.patch deleted file mode 100644 index de266e9d95..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2024-48958.patch +++ /dev/null @@ -1,40 +0,0 @@ -From a1cb648d52f5b6d3f31184d9b6a7cbca628459b7 Mon Sep 17 00:00:00 2001 -From: Wei-Cheng Pan -Date: Mon, 29 Apr 2024 06:50:22 +0900 -Subject: [PATCH] fix: OOB in rar delta filter (#2148) - -Ensure that `src` won't move ahead of `dst`, so `src` will not OOB. -Since `dst` won't move in this function, and we are only increasing `src` -position, this check should be enough. It should be safe to early return -because this function does not allocate resources. - -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/a1cb648d52f5b6d3f31184d9b6a7cbca628459b7] -CVE: CVE-2024-48958 -Signed-off-by: Hitendra Prajapati ---- - libarchive/archive_read_support_format_rar.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/libarchive/archive_read_support_format_rar.c b/libarchive/archive_read_support_format_rar.c -index 95a91dc..4fc6626 100644 ---- a/libarchive/archive_read_support_format_rar.c -+++ b/libarchive/archive_read_support_format_rar.c -@@ -3612,7 +3612,15 @@ execute_filter_delta(struct rar_filter *filter, struct rar_virtual_machine *vm) - { - uint8_t lastbyte = 0; - for (idx = i; idx < length; idx += numchannels) -+ { -+ /* -+ * The src block should not overlap with the dst block. -+ * If so it would be better to consider this archive is broken. -+ */ -+ if (src >= dst) -+ return 0; - lastbyte = dst[idx] = lastbyte - *src++; -+ } - } - - filter->filteredblockaddress = length; --- -2.25.1 - diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-1632_CVE-2025-25724.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-1632_CVE-2025-25724.patch deleted file mode 100644 index 459b664180..0000000000 --- a/meta/recipes-extended/libarchive/libarchive/CVE-2025-1632_CVE-2025-25724.patch +++ /dev/null @@ -1,83 +0,0 @@ -From c9bc934e7e91d302e0feca6e713ccc38d6d01532 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Peter=20K=C3=A4stle?= -Date: Mon, 10 Mar 2025 16:43:04 +0100 -Subject: [PATCH] fix CVE-2025-1632 and CVE-2025-25724 (#2532) - -Hi, - -please find my approach to fix the CVE-2025-1632 and CVE-2025-25724 -vulnerabilities in this pr. -As both error cases did trigger a NULL pointer deref (and triggered -hopefully everywhere a coredump), we can safely replace the actual -information by a predefined invalid string without breaking any -functionality. - -CVE: CVE-2025-1632 -CVE: CVE-2025-25724 -Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/c9bc934e7e91d302e0feca6e713ccc38d6d01532] -Signed-off-by: Peter Marko ---------- - -Signed-off-by: Peter Kaestle ---- - tar/util.c | 5 ++++- - unzip/bsdunzip.c | 10 +++++++--- - 2 files changed, 11 insertions(+), 4 deletions(-) - -diff --git a/tar/util.c b/tar/util.c -index 3b099cb5..f3cbdf0b 100644 ---- a/tar/util.c -+++ b/tar/util.c -@@ -748,7 +748,10 @@ list_item_verbose(struct bsdtar *bsdtar, FILE *out, struct archive_entry *entry) - #else - ltime = localtime(&tim); - #endif -- strftime(tmp, sizeof(tmp), fmt, ltime); -+ if (ltime) -+ strftime(tmp, sizeof(tmp), fmt, ltime); -+ else -+ sprintf(tmp, "-- -- ----"); - fprintf(out, " %s ", tmp); - safe_fprintf(out, "%s", archive_entry_pathname(entry)); - -diff --git a/unzip/bsdunzip.c b/unzip/bsdunzip.c -index 7c8cafc3..4a9028b7 100644 ---- a/unzip/bsdunzip.c -+++ b/unzip/bsdunzip.c -@@ -904,6 +904,7 @@ list(struct archive *a, struct archive_entry *e) - char buf[20]; - time_t mtime; - struct tm *tm; -+ const char *pathname; - - mtime = archive_entry_mtime(e); - tm = localtime(&mtime); -@@ -912,22 +913,25 @@ list(struct archive *a, struct archive_entry *e) - else - strftime(buf, sizeof(buf), "%m-%d-%g %R", tm); - -+ pathname = archive_entry_pathname(e); -+ if (!pathname) -+ pathname = ""; - if (!zipinfo_mode) { - if (v_opt == 1) { - printf(" %8ju %s %s\n", - (uintmax_t)archive_entry_size(e), -- buf, archive_entry_pathname(e)); -+ buf, pathname); - } else if (v_opt == 2) { - printf("%8ju Stored %7ju 0%% %s %08x %s\n", - (uintmax_t)archive_entry_size(e), - (uintmax_t)archive_entry_size(e), - buf, - 0U, -- archive_entry_pathname(e)); -+ pathname); - } - } else { - if (Z1_opt) -- printf("%s\n",archive_entry_pathname(e)); -+ printf("%s\n", pathname); - } - ac(archive_read_data_skip(a)); - } diff --git a/meta/recipes-extended/libarchive/libarchive/configurehack.patch b/meta/recipes-extended/libarchive/libarchive/configurehack.patch index 44720fdd53..97e42591cb 100644 --- a/meta/recipes-extended/libarchive/libarchive/configurehack.patch +++ b/meta/recipes-extended/libarchive/libarchive/configurehack.patch @@ -10,7 +10,7 @@ diff --git a/configure.ac b/configure.ac index 5668d41..7e65e49 100644 --- a/configure.ac +++ b/configure.ac -@@ -414,6 +414,19 @@ if test "x$with_bz2lib" != "xno"; then +@@ -435,6 +435,19 @@ if test "x$with_bz2lib" != "xno"; then esac fi @@ -30,7 +30,7 @@ index 5668d41..7e65e49 100644 AC_ARG_WITH([libb2], AS_HELP_STRING([--without-libb2], [Don't build support for BLAKE2 through libb2])) -@@ -678,19 +691,6 @@ fi +@@ -694,19 +707,6 @@ fi AC_SUBST(DEAD_CODE_REMOVAL) diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb similarity index 84% rename from meta/recipes-extended/libarchive/libarchive_3.7.4.bb rename to meta/recipes-extended/libarchive/libarchive_3.7.9.bb index 156a6bdaae..4dd6794bb1 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.4.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb @@ -29,18 +29,12 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd," EXTRA_OECONF += "--enable-largefile --without-iconv" -SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" -SRC_URI += "file://configurehack.patch \ - file://CVE-2024-48957.patch \ - file://CVE-2024-48958.patch \ - file://CVE-2024-20696.patch \ - file://CVE-2025-1632_CVE-2025-25724.patch \ +SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \ + file://configurehack.patch \ " UPSTREAM_CHECK_URI = "http://libarchive.org/" -SRC_URI[sha256sum] = "7875d49596286055b52439ed42f044bd8ad426aa4cc5aabd96bfe7abb971d5e8" - -CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe" +SRC_URI[sha256sum] = "aa90732c5a6bdda52fda2ad468ac98d75be981c15dde263d7b5cf6af66fd009f" inherit autotools update-alternatives pkgconfig From patchwork Wed Apr 16 20:14:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 61451 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id C0E02C369C9 for ; Wed, 16 Apr 2025 20:14:36 +0000 (UTC) Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.29955.1744834473722437879 for ; Wed, 16 Apr 2025 13:14:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=1v5c73Pb; spf=softfail (domain: sakoman.com, ip: 209.85.214.171, mailfrom: steve@sakoman.com) Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-22c33ac23edso1021445ad.0 for ; Wed, 16 Apr 2025 13:14:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1744834473; x=1745439273; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ipc7u4vNbr2zxU5APbUtxjZdRK1vUmJdZBMSV0366NY=; b=1v5c73PbQWElVM/FAJzgdOD4HS+YMyUbPUNiEAdwCb5uI/CidjaiRa/mqCqeBZBZOv 7s6I31/+ewyg5BGaRxbP4fm8iZdvPnKFDyCBZWkoS9+wbV2SXuXeY7A8XVo9Fz2SWK08 bDAUx5KOmNZdcmqRCE1PnkyG3pYxT8YDjBiMWSup7JlYy1Aj5N5stnbKjjPmWA83Vt+A 2phM+4D0kRXGmGMBr+iPNalrm7q2XQZNgxPxQEazk9iMfnjKxvgvcUT6QRephXB3vANy FUNBZcVWwObKcejqkFArTujYvzdqYi97C+9bf2KZIp0BCXxZT8IfvDlzRtSOvcsqwKUM K8UA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744834473; x=1745439273; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ipc7u4vNbr2zxU5APbUtxjZdRK1vUmJdZBMSV0366NY=; b=whxfVG2zQMDYunlCRl66BJZUDM/RuZHUKAEyyiDRLXFu91pv9Uq1y9KgHXS2zkdZnB hZVdj7bV/DoXbcSNE7QFDru3FxUCjCa+yGilOh/4tvQTAsEp9UxSgZrM3Bbjjqdt73ME WrQfzTntICz9fRfbhDWjUQg++mpkOSqmKHay4tKzLTVEpPP2QF4/69IAB+x/XMGDHrde hupw2HCyLZsunniJtX1i3Um2V2fc+VdELn/UoccgJ5c5jgelyppE4xS80j6WNyZAJlT+ 7TKHMBBi71aJ2bZFCzNgQOuNHcaSHRwzsBMx2i2o927HJuqG85dB7ngQ3SZqmd/3L3MF Ju6A== X-Gm-Message-State: AOJu0Yyw3sUPKEhy6KXCYyJpEU5fEeqf1m3e0quy1boHBloKMrq6I8y6 vIdz1pxYVO6wQTPiZcn5tizZGktdTaNxLRANRhmEjd+g0v+C9d4G5vEO51a13cjpep+QtkmTKAm j X-Gm-Gg: ASbGncu2xp39OGflM1qnmRteloi7CgCA0BdXd3pev5ZZlANPfstnMpONuytviOQeuGK gNKJB+mNqXgobgHWZU/X4Z/HQRBbvgEBMqTXkfPJqIEVcPRptJ1+hDq9MbxPhMyimXJoR6hYBJc GjUcDqOLts+zUNA/VF+e9ccpkyAXRQJXqYG2ISt+F8p0taRk0T1ZvwTW1l3Wbu22aTLcmk/vOMw +y+rEqDkVsPOb9gH9dt/0uCdbEYtB1xJ3J9FP/tUMZCfpTNj7W3yHjPLTaLf48lJkJbAJpiJHT7 m5Nx1Cq2N3gsXdkzExXEC3ImlLVqQ8FU X-Google-Smtp-Source: AGHT+IGreUQ1TGO4akkKWipPZnTQox+u89i3GOhS8ymAtghHjnxaFqIbZMvdGVR6oJmwn72A9Kqptg== X-Received: by 2002:a17:903:24c:b0:227:e74a:a066 with SMTP id d9443c01a7336-22c35916cc4mr41931335ad.28.1744834472845; Wed, 16 Apr 2025 13:14:32 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:aeb8:30c6:2c5c:85aa]) by smtp.gmail.com with ESMTPSA id 41be03b00d2f7-b0b222029ccsm1703880a12.62.2025.04.16.13.14.31 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 16 Apr 2025 13:14:32 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][scarthgap 6/6] openssl: rewrite ptest installation Date: Wed, 16 Apr 2025 13:14:15 -0700 Message-ID: <617c68752faf94a265e3b2ceba8fdd16e2ff3e5a.1744834364.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 16 Apr 2025 20:14:36 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/215013 From: Vishwas Udupa Rewrite (again) the openssl test suite installation. Depend on and reuse already installed libraries and modules instead of installing them twice. Be more selective when installing from the build tree so we don't install intermediate .c .d .o files. This further reduces the size of openssl-dbg from ~120MB to ~18MB. (From OE-Core rev: 8baa0ce7eae65026cb3a784adaf3a4fc724ce9c9) Upstream-Status: Backport[https://git.yoctoproject.org/poky/commit/?id=76212866402edb947f745f837e3c3b98b3056e58] Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 76212866402edb947f745f837e3c3b98b3056e58) Signed-off-by: Vishwas Udupa Change-Id: Ifc0e3a019c2abe5142d0f1e359ae5aa33dae1608 Signed-off-by: Steve Sakoman --- .../openssl/openssl/run-ptest | 19 ++++-- .../openssl/openssl_3.2.4.bb | 67 +++++++++---------- 2 files changed, 46 insertions(+), 40 deletions(-) diff --git a/meta/recipes-connectivity/openssl/openssl/run-ptest b/meta/recipes-connectivity/openssl/openssl/run-ptest index c89ec5afa1..cd29bb1446 100644 --- a/meta/recipes-connectivity/openssl/openssl/run-ptest +++ b/meta/recipes-connectivity/openssl/openssl/run-ptest @@ -1,12 +1,19 @@ #!/bin/sh -set -e +set -eu -# Optional arguments are 'list' to lists all tests, or the test name (base name -# ie test_evp, not 03_test_evp.t). +# Optional arguments are 'list' to lists the tests, or the test name (base name +# ie test_evp, not 03_test_evp.t). Without any arguments we run all tests. + +if test $# -gt 0; then + TESTS=$* +else + # Skip test_symbol_presence as this is for developers + TESTS="alltests -test_symbol_presence" +fi export TOP=. -# OPENSSL_ENGINES is relative from the test binaries -export OPENSSL_ENGINES=../engines +# Run four jobs in parallel +export HARNESS_JOBS=4 -{ HARNESS_JOBS=4 perl ./test/run_tests.pl $* || echo "FAIL: openssl" ; } | sed -u -r -e '/(.*) \.*.ok/ s/^/PASS: /g' -r -e '/Dubious(.*)/ s/^/FAIL: /g' -e '/(.*) \.*.skipped: (.*)/ s/^/SKIP: /g' +{ perl ./test/run_tests.pl $TESTS || echo "FAIL: openssl" ; } | sed -u -r -e '/(.*) \.*.ok/ s/^/PASS: /g' -r -e '/Dubious(.*)/ s/^/FAIL: /g' -e '/(.*) \.*.skipped: (.*)/ s/^/SKIP: /g' diff --git a/meta/recipes-connectivity/openssl/openssl_3.2.4.bb b/meta/recipes-connectivity/openssl/openssl_3.2.4.bb index bada192fe9..c4ad80e734 100644 --- a/meta/recipes-connectivity/openssl/openssl_3.2.4.bb +++ b/meta/recipes-connectivity/openssl/openssl_3.2.4.bb @@ -186,44 +186,43 @@ do_install:append:class-nativesdk () { PTEST_BUILD_HOST_FILES += "configdata.pm" PTEST_BUILD_HOST_PATTERN = "perl_version =" -do_install_ptest () { - install -d ${D}${PTEST_PATH}/test - install -m755 ${B}/test/p_test.so ${D}${PTEST_PATH}/test - install -m755 ${B}/test/p_minimal.so ${D}${PTEST_PATH}/test - install -m755 ${B}/test/provider_internal_test.cnf ${D}${PTEST_PATH}/test - - # Prune the build tree - rm -f ${B}/fuzz/*.* ${B}/test/*.* - - cp ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} - sed 's|${S}|${PTEST_PATH}|g' -i ${D}${PTEST_PATH}/configdata.pm - cp -r ${S}/external ${B}/test ${S}/test ${B}/fuzz ${S}/util ${B}/util ${D}${PTEST_PATH} - - # For test_shlibload - ln -s ${libdir}/libcrypto.so.1.1 ${D}${PTEST_PATH}/ - ln -s ${libdir}/libssl.so.1.1 ${D}${PTEST_PATH}/ +do_install_ptest() { + install -m644 ${S}/Configure ${B}/configdata.pm ${D}${PTEST_PATH} + cp -rf ${S}/Configurations ${S}/external ${D}${PTEST_PATH}/ install -d ${D}${PTEST_PATH}/apps ln -s ${bindir}/openssl ${D}${PTEST_PATH}/apps - install -m644 ${S}/apps/*.pem ${S}/apps/*.srl ${S}/apps/openssl.cnf ${D}${PTEST_PATH}/apps - install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps - - install -d ${D}${PTEST_PATH}/engines - install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines - install -m755 ${B}/engines/loader_attic.so ${D}${PTEST_PATH}/engines - install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines - - install -d ${D}${PTEST_PATH}/providers - install -m755 ${B}/providers/legacy.so ${D}${PTEST_PATH}/providers - install -d ${D}${PTEST_PATH}/Configurations - cp -rf ${S}/Configurations/* ${D}${PTEST_PATH}/Configurations/ + cd ${S} + find test/certs test/ct test/d2i-tests test/recipes test/ocsp-tests test/ssl-tests test/smime-certs -type f -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.cnf -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.der -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.pem -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find util -name \*.p[lm] -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + + cd ${B} + # Everything but .? (.o and .d) + find test -type f -name \*[^.]? -exec install -m755 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.cnf -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.pem -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + find apps test -name \*.srl -exec install -m644 -D {} ${D}${PTEST_PATH}/{} \; + install -m755 ${B}/util/*wrap.* ${D}${PTEST_PATH}/util/ + + install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps/ + install -m755 ${S}/test/*.pl ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/shibboleth.pfx ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/*.bin ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/dane*.in ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/smcont*.txt ${D}${PTEST_PATH}/test/ + install -m755 ${S}/test/ssl_test.tmpl ${D}${PTEST_PATH}/test/ + + sed 's|${S}|${PTEST_PATH}|g' -i ${D}${PTEST_PATH}/configdata.pm ${D}${PTEST_PATH}/util/wrap.pl - # seems to be needed with perl 5.32.1 - install -d ${D}${PTEST_PATH}/util/perl/recipes - cp ${D}${PTEST_PATH}/test/recipes/tconversion.pl ${D}${PTEST_PATH}/util/perl/recipes/ - - sed 's|${S}|${PTEST_PATH}|g' -i ${D}${PTEST_PATH}/util/wrap.pl + install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines/ + install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines/ + ln -s ${libdir}/engines-3/loader_attic.so ${D}${PTEST_PATH}/engines/ + ln -s ${libdir}/ossl-modules/ ${D}${PTEST_PATH}/providers } # Add the openssl.cnf file to the openssl-conf package. Make the libcrypto @@ -250,7 +249,7 @@ CONFFILES:openssl-conf = "${sysconfdir}/ssl/openssl.cnf" RRECOMMENDS:libcrypto += "openssl-conf ${PN}-ossl-module-legacy" RDEPENDS:${PN}-misc = "perl" -RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed" +RDEPENDS:${PN}-ptest += "openssl-bin perl perl-modules bash sed openssl-engines openssl-ossl-module-legacy" RDEPENDS:${PN}-bin += "openssl-conf"