From patchwork Wed May 28 15:33:10 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63745 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 3FEC4C3ABB2 for ; Wed, 28 May 2025 15:33:41 +0000 (UTC) Received: from mail-pf1-f172.google.com (mail-pf1-f172.google.com [209.85.210.172]) by mx.groups.io with SMTP id smtpd.web10.917.1748446416137859191 for ; Wed, 28 May 2025 08:33:36 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=KjvC33lp; spf=softfail (domain: sakoman.com, ip: 209.85.210.172, mailfrom: steve@sakoman.com) Received: by mail-pf1-f172.google.com with SMTP id d2e1a72fcca58-742c2ed0fe1so4070034b3a.1 for ; Wed, 28 May 2025 08:33:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446415; x=1749051215; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=1GTU17lId6JRjfPgggQY7Va6v1g7/m6G4XZD4cFPAXo=; b=KjvC33lpseDiQ9ejGR6uaOxOikUJ/NkHAs6/Zj1fA5MUGitsY/CpFjyr8lpoPeJO7e CFjybfq01pQUzYuwu++JaOGDRbERlMDcKf8XwBB3sS24LLeYfESNm2lj+NnR6QtQbCG3 PfWXgOJ0TlPUQQzw4hxdSiby8BRRUdjVqH+Xp8g1WrJ30YzFCwHEItZ/uv8K13t86NgF BcjiSpstn4+lMcD8eAg3gP8J0UoVAm5KpwbAtrtXtEVCGfvXFb5IesCzHpZ+LB++dtC2 UrX1gfDj/kUj1kjgtKE4qoiwpA+xek5Vc6t5iaNAnHdkBE8VCdiyBKRX2rLeBkQ/g0Ue gjQA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446415; x=1749051215; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=1GTU17lId6JRjfPgggQY7Va6v1g7/m6G4XZD4cFPAXo=; b=vpKdsBEgrpUC6f9Zm6n85dK1MdsmsQ64/Os+fny+I8fsDY7zcqK5PFrgxXQtQZ0i6d nbZD0EyzPQ0Fpfs/nffiY6CCKgDuoMewfl7NhVZVD2zi9Qea89C6P3MZlKlxr6Yathh9 p2zPshZREJ/AV7FyDsHXBhqqkWDFPRjxDA8FgIQWbO2ZR7+KyLrIt5M7NSiXCHOwbgBz X5g9Y9r/tms50BNJfGARsFtERxTgIL0vp4yESRH/j1ADDc09ahqLOFobBFvM6156Lt8k dNBueNsZZRoIN0QMLthX+oNxcFw+PibJM0+2kYf2V1xmRSPDHh7WVpcgEpTTPoBQK5OS OARw== X-Gm-Message-State: AOJu0YwQx8k14ohnqc4RJfw2/8TlBJumcGZlrKkjFp8R34UKmO0DbU3M zx2JQnd1j0gZV4PrOyngTfJ++jMtKCNqkfeZLwvI+ikmsQMUJMkcwZ0P6gE9WGtzTTG5Q0NYU3N k/bKI X-Gm-Gg: ASbGncv8hmEtDFb57q9mEXhk82g9WwnI9/ah9r3Khj8K0Aac4BBPixMpIywa1QuWQIX RuRLc2YjConpB+Qj8TAp7Z/avXZVp7rTtgkYbnBGuUtNi77NNFlziVK8JGOhkwEtqz7ZD0CLn75 SrtA6sRSErs7S+lCNkywU+X0p/wIeskClHTI8mpddzv8wHwfA1EsElZt5cVc+26hauvq4Ly/y1y W3r+pBRh15U8O8SjK1rY5dp9bNxlHip/8aFgfrpqUnJWhvNTog9HeJ/cKVtuGHsQ4M441/wWB1l JPEEgQMf+ydCmUAFcTDAFtMBUXLajYXwnSzXr31JhRY= X-Google-Smtp-Source: AGHT+IFiQ64ht0Mv7B/pFa+8c1j5BhB1IcJuuB0+unFmeUE0DvE1/SMUSTz67WgviS/T6vioY6oqAw== X-Received: by 2002:a05:6a00:4b55:b0:740:a52f:9652 with SMTP id d2e1a72fcca58-745fdf34c71mr24536642b3a.6.1748446415281; Wed, 28 May 2025 08:33:35 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:34 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 01/14] sqlite3: patch CVE-2025-3277 Date: Wed, 28 May 2025 08:33:10 -0700 Message-ID: <341297828a5b7c77e6d9113d5abcd22c3a0c224a.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:41 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217365 From: Peter Marko Pick commit [1] mentioned in [2]. [1] https://sqlite.org/src/info/498e3f1cf57f164f [2] https://nvd.nist.gov/vuln/detail/CVE-2025-3277 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../sqlite/sqlite3/CVE-2025-3277.patch | 28 +++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 4 ++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch new file mode 100644 index 0000000000..8264d4443a --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch @@ -0,0 +1,28 @@ +From d7f45414935e4ef6e3361f02a22876f1ee7a04aa Mon Sep 17 00:00:00 2001 +From: drh <> +Date: Sun, 16 Feb 2025 10:57:25 +0000 +Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the + concat_ws() function with an enormous separator values and many arguments. + +FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5 + +CVE: CVE-2025-3277 +Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f] +Signed-off-by: Peter Marko +--- + sqlite3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 08c593e55c..24d0d954d9 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -130954,7 +130954,7 @@ static void concatFuncCore( + for(i=0; i X-Patchwork-Id: 63746 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 46A94C5B549 for ; Wed, 28 May 2025 15:33:41 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web11.927.1748446418281889715 for ; Wed, 28 May 2025 08:33:38 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=pA+h+GZ3; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-7398d65476eso810599b3a.1 for ; Wed, 28 May 2025 08:33:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446417; x=1749051217; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Cd73h8oInFujM4GUlEgry2gjWapvi8vM3UewcLSk96s=; b=pA+h+GZ3osBqcNRBdOk+O4CzuWKa7aLcxebL9kMFS5BHSKoHQIb1zceQ1z1RyvboVk ZviPFdrWgk9tEV5oCV7Trq491rpDEjqo7A+OSmdDSu46YlZlkIZ+48BHg33Fej8esVha x0/SL+EikHScoRiir5/rM4Clx6G5uZ/0mzbFinKu7mSk7a9eq0jhGl96IDEBeJtS3hVW eLWt5xIvkr3Yk8HwQ+DzXFPw18mWqQZQSJulg9fQXse22nwYZZvC5b144ZhwpJXRs5f8 ivgt6LRAliYou0kayjG8TKxKkceV/UebHD2fXgXcT21QYtVhJsrQFE+0zxIFF0YHdC/9 MS7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446417; x=1749051217; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Cd73h8oInFujM4GUlEgry2gjWapvi8vM3UewcLSk96s=; b=sLQhz8cC6houUPIMngOL97BTifk5NHkvUgjydxvPr9maFQgq5bNRJVGsG/ukl2mX2Q so8QzrkVWQxGQLoGdZYFfF3659r4hGiLQYJ7LyV5fDPL/DRwmrf4LPIHroYPWLEn0bLZ s7pmHAqc2KadOzZO5nkEeKiwNbjOZngBAuSK4JdSLEF0bqBawsVhHAdkvxIyNq45mqva E6fKnvB79wtcNh6FB8z0xOy+oTproM8Vlz4onRsTWfnmDSut5DwkgAzrI9GMft+Ovgv0 /0FiWwA/5WGt5ZYCV5B1Mnir4p1iqSY2DQk8UOyhwnKxnrHLJ4+vcCRgH/emsycIc/Pt /pSA== X-Gm-Message-State: AOJu0YwykFwla9dpFsagvwHVAFF62tPWR9iRYSwNsLcsE0Jh6T4npkLm rRKcTxprUTSNDCX+fMFTPJlf8y4vZt8klpMQRxpXnMpo3eZbkCrtqZlSQKn+ldsxHGo0Bo8pPgO t0lQX X-Gm-Gg: ASbGncvJlxC2MO6ytqlhLfLQ2Qvy5kgwNB1k1xsHDzdzUWlggIEAUWz9JBzNzdprn1n UrnrHBya89vgefjK2vvSl6iR+eedeDAXwV5aTBfFD+amY+G8adfXZYALo04rU0UJ2oVa+r8ahvQ 2Kd8qFFdq2LvyV1OJaBdZ8uXnk8ZXdhb88gHekRApRU5wadMKfwa2bfsvl+qZWxWFgZx4QHveh1 eZSr57PUSAPP2Y3bzHLteBLAQ6DKcH9RAl1YWRf3wO2wJ4qd1EXamDgel4yySmWi9mzu/IXlJtI 8rxBKz91tT4+QlAQ8HDqy0SOGZUIQeDi+4tLWshCQlM= X-Google-Smtp-Source: AGHT+IGOWfkkSyXqqLJ/4j8M6osiFcOcbeXZ2+M76dFt/q/ikZMtIMSK4Ha50ILknz8TFzuILzEhqg== X-Received: by 2002:a05:6a00:3d14:b0:742:b9d2:dc8f with SMTP id d2e1a72fcca58-747ad443aaemr50814b3a.1.1748446417178; Wed, 28 May 2025 08:33:37 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.36 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:36 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 02/14] sqlite3: patch CVE-2025-29088 Date: Wed, 28 May 2025 08:33:11 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:41 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217366 From: Peter Marko Pick commit [1] mentioned in [2]. [1] https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4 [2] https://nvd.nist.gov/vuln/detail/CVE-2025-29088 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../sqlite/sqlite3/CVE-2025-29088.patch | 179 ++++++++++++++++++ meta/recipes-support/sqlite/sqlite3_3.48.0.bb | 1 + 2 files changed, 180 insertions(+) create mode 100644 meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch new file mode 100644 index 0000000000..12a025fdd8 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-29088.patch @@ -0,0 +1,179 @@ +From 57d1e61dda969659f59a0b7841c7d0287d724bc6 Mon Sep 17 00:00:00 2001 +From: drh <> +Date: Mon, 17 Feb 2025 14:16:49 +0000 +Subject: [PATCH] Harden the SQLITE_DBCONFIG_LOOKASIDE interface against + misuse, such as described in [forum:/forumpost/48f365daec|forum post + 48f365daec]. Enhancements to the SQLITE_DBCONFIG_LOOKASIDE documentation. + Test cases in TH3. + +FossilOrigin-Name: 1ec4c308c76c69fba031184254fc3340f07607cfbf8342b13713ab445563d377 + +CVE: CVE-2025-29088 +Upstream-Status: Backport [https://github.com/sqlite/sqlite/commit/56d2fd008b108109f489339f5fd55212bb50afd4] +Signed-off-by: Peter Marko +--- + sqlite3.c | 42 +++++++++++++++++++++++--------------- + sqlite3.h | 60 +++++++++++++++++++++++++++++++++++++------------------ + 2 files changed, 67 insertions(+), 35 deletions(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 24d0d954d9..2574a43f3e 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -182001,17 +182001,22 @@ SQLITE_API int sqlite3_config(int op, ...){ + ** If lookaside is already active, return SQLITE_BUSY. + ** + ** The sz parameter is the number of bytes in each lookaside slot. +-** The cnt parameter is the number of slots. If pStart is NULL the +-** space for the lookaside memory is obtained from sqlite3_malloc(). +-** If pStart is not NULL then it is sz*cnt bytes of memory to use for +-** the lookaside memory. ++** The cnt parameter is the number of slots. If pBuf is NULL the ++** space for the lookaside memory is obtained from sqlite3_malloc() ++** or similar. If pBuf is not NULL then it is sz*cnt bytes of memory ++** to use for the lookaside memory. + */ +-static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ ++static int setupLookaside( ++ sqlite3 *db, /* Database connection being configured */ ++ void *pBuf, /* Memory to use for lookaside. May be NULL */ ++ int sz, /* Desired size of each lookaside memory slot */ ++ int cnt /* Number of slots to allocate */ ++){ + #ifndef SQLITE_OMIT_LOOKASIDE +- void *pStart; +- sqlite3_int64 szAlloc = sz*(sqlite3_int64)cnt; +- int nBig; /* Number of full-size slots */ +- int nSm; /* Number smaller LOOKASIDE_SMALL-byte slots */ ++ void *pStart; /* Start of the lookaside buffer */ ++ sqlite3_int64 szAlloc; /* Total space set aside for lookaside memory */ ++ int nBig; /* Number of full-size slots */ ++ int nSm; /* Number smaller LOOKASIDE_SMALL-byte slots */ + + if( sqlite3LookasideUsed(db,0)>0 ){ + return SQLITE_BUSY; +@@ -182024,17 +182029,22 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ + sqlite3_free(db->lookaside.pStart); + } + /* The size of a lookaside slot after ROUNDDOWN8 needs to be larger +- ** than a pointer to be useful. ++ ** than a pointer and small enough to fit in a u16. + */ +- sz = ROUNDDOWN8(sz); /* IMP: R-33038-09382 */ ++ sz = ROUNDDOWN8(sz); + if( sz<=(int)sizeof(LookasideSlot*) ) sz = 0; +- if( cnt<0 ) cnt = 0; +- if( sz==0 || cnt==0 ){ ++ if( sz>65528 ) sz = 65528; ++ /* Count must be at least 1 to be useful, but not so large as to use ++ ** more than 0x7fff0000 total bytes for lookaside. */ ++ if( cnt<1 ) cnt = 0; ++ if( sz>0 && cnt>(0x7fff0000/sz) ) cnt = 0x7fff0000/sz; ++ szAlloc = (i64)sz*(i64)cnt; ++ if( szAlloc==0 ){ + sz = 0; + pStart = 0; + }else if( pBuf==0 ){ + sqlite3BeginBenignMalloc(); +- pStart = sqlite3Malloc( szAlloc ); /* IMP: R-61949-35727 */ ++ pStart = sqlite3Malloc( szAlloc ); + sqlite3EndBenignMalloc(); + if( pStart ) szAlloc = sqlite3MallocSize(pStart); + }else{ +@@ -182043,10 +182053,10 @@ static int setupLookaside(sqlite3 *db, void *pBuf, int sz, int cnt){ + #ifndef SQLITE_OMIT_TWOSIZE_LOOKASIDE + if( sz>=LOOKASIDE_SMALL*3 ){ + nBig = szAlloc/(3*LOOKASIDE_SMALL+sz); +- nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL; ++ nSm = (szAlloc - (i64)sz*(i64)nBig)/LOOKASIDE_SMALL; + }else if( sz>=LOOKASIDE_SMALL*2 ){ + nBig = szAlloc/(LOOKASIDE_SMALL+sz); +- nSm = (szAlloc - sz*nBig)/LOOKASIDE_SMALL; ++ nSm = (szAlloc - (i64)sz*(i64)nBig)/LOOKASIDE_SMALL; + }else + #endif /* SQLITE_OMIT_TWOSIZE_LOOKASIDE */ + if( sz>0 ){ +diff --git a/sqlite3.h b/sqlite3.h +index 2618b37a7b..056511f577 100644 +--- a/sqlite3.h ++++ b/sqlite3.h +@@ -1989,13 +1989,16 @@ struct sqlite3_mem_methods { + ** + ** [[SQLITE_CONFIG_LOOKASIDE]]
SQLITE_CONFIG_LOOKASIDE
+ **
^(The SQLITE_CONFIG_LOOKASIDE option takes two arguments that determine +-** the default size of lookaside memory on each [database connection]. ++** the default size of [lookaside memory] on each [database connection]. + ** The first argument is the +-** size of each lookaside buffer slot and the second is the number of +-** slots allocated to each database connection.)^ ^(SQLITE_CONFIG_LOOKASIDE +-** sets the default lookaside size. The [SQLITE_DBCONFIG_LOOKASIDE] +-** option to [sqlite3_db_config()] can be used to change the lookaside +-** configuration on individual connections.)^
++** size of each lookaside buffer slot ("sz") and the second is the number of ++** slots allocated to each database connection ("cnt").)^ ++** ^(SQLITE_CONFIG_LOOKASIDE sets the default lookaside size. ++** The [SQLITE_DBCONFIG_LOOKASIDE] option to [sqlite3_db_config()] can ++** be used to change the lookaside configuration on individual connections.)^ ++** The [-DSQLITE_DEFAULT_LOOKASIDE] option can be used to change the ++** default lookaside configuration at compile-time. ++** + ** + ** [[SQLITE_CONFIG_PCACHE2]]
SQLITE_CONFIG_PCACHE2
+ **
^(The SQLITE_CONFIG_PCACHE2 option takes a single argument which is +@@ -2225,24 +2228,43 @@ struct sqlite3_mem_methods { + **
SQLITE_DBCONFIG_LOOKASIDE
+ **
^This option takes three additional arguments that determine the + ** [lookaside memory allocator] configuration for the [database connection]. +-** ^The first argument (the third parameter to [sqlite3_db_config()] is a ++**
    ++**

  1. The first argument ("buf") is a + ** pointer to a memory buffer to use for lookaside memory. +-** ^The first argument after the SQLITE_DBCONFIG_LOOKASIDE verb +-** may be NULL in which case SQLite will allocate the +-** lookaside buffer itself using [sqlite3_malloc()]. ^The second argument is the +-** size of each lookaside buffer slot. ^The third argument is the number of +-** slots. The size of the buffer in the first argument must be greater than +-** or equal to the product of the second and third arguments. The buffer +-** must be aligned to an 8-byte boundary. ^If the second argument to +-** SQLITE_DBCONFIG_LOOKASIDE is not a multiple of 8, it is internally +-** rounded down to the next smaller multiple of 8. ^(The lookaside memory ++** The first argument may be NULL in which case SQLite will allocate the ++** lookaside buffer itself using [sqlite3_malloc()]. ++**

  2. The second argument ("sz") is the ++** size of each lookaside buffer slot. Lookaside is disabled if "sz" ++** is less than 8. The "sz" argument should be a multiple of 8 less than ++** 65536. If "sz" does not meet this constraint, it is reduced in size until ++** it does. ++**

  3. The third argument ("cnt") is the number of slots. Lookaside is disabled ++** if "cnt"is less than 1. The "cnt" value will be reduced, if necessary, so ++** that the product of "sz" and "cnt" does not exceed 2,147,418,112. The "cnt" ++** parameter is usually chosen so that the product of "sz" and "cnt" is less ++** than 1,000,000. ++**

++**

If the "buf" argument is not NULL, then it must ++** point to a memory buffer with a size that is greater than ++** or equal to the product of "sz" and "cnt". ++** The buffer must be aligned to an 8-byte boundary. ++** The lookaside memory + ** configuration for a database connection can only be changed when that + ** connection is not currently using lookaside memory, or in other words +-** when the "current value" returned by +-** [sqlite3_db_status](D,[SQLITE_DBSTATUS_LOOKASIDE_USED],...) is zero. ++** when the value returned by [SQLITE_DBSTATUS_LOOKASIDE_USED] is zero. + ** Any attempt to change the lookaside memory configuration when lookaside + ** memory is in use leaves the configuration unchanged and returns +-** [SQLITE_BUSY].)^

++** [SQLITE_BUSY]. ++** If the "buf" argument is NULL and an attempt ++** to allocate memory based on "sz" and "cnt" fails, then ++** lookaside is silently disabled. ++**

++** The [SQLITE_CONFIG_LOOKASIDE] configuration option can be used to set the ++** default lookaside configuration at initialization. The ++** [-DSQLITE_DEFAULT_LOOKASIDE] option can be used to set the default lookaside ++** configuration at compile-time. Typical values for lookaside are 1200 for ++** "sz" and 40 to 100 for "cnt". ++** + ** + ** [[SQLITE_DBCONFIG_ENABLE_FKEY]] + **

SQLITE_DBCONFIG_ENABLE_FKEY
diff --git a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb index 86983f21bd..11f103dddc 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.48.0.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.48.0.bb @@ -5,6 +5,7 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0 SRC_URI = "http://www.sqlite.org/2025/sqlite-autoconf-${SQLITE_PV}.tar.gz \ file://CVE-2025-3277.patch \ + file://CVE-2025-29088.patch \ " SRC_URI[sha256sum] = "ac992f7fca3989de7ed1fe99c16363f848794c8c32a158dafd4eb927a2e02fd5" From patchwork Wed May 28 15:33:12 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63748 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id EFBC7C5AD49 for ; Wed, 28 May 2025 15:33:50 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.928.1748446421675991767 for ; Wed, 28 May 2025 08:33:41 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=GoNwL2Mo; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-742c9563fafso3447372b3a.0 for ; Wed, 28 May 2025 08:33:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446421; x=1749051221; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=sMXW42mfkE47FcIkm94wtl7KuTlhnYNRBbhjoltTaoc=; b=GoNwL2MoV2P+g9VyvFwK3mTa36wcTNHV7AGkcR0l7tyQb5QL7kFUXZLNGc8PWTct/B My/UePz5urFx5reKVbHpyC945th9Fz3/LtP7Cp/HnsZH89JwqrQ/cct/pZTeP5TszmiV hhfJIs7tWIAYbhecqg582x/wdDbzLLVnD00ng4Fr1TxpjFZRBqxQMzBud7+zV1K3W0kV 4LU/ZJMpOcCIv6rcNKigYTp2HajGN/nnfv+6aU3b2KkPAFbC4VGqVYGQ87+OON3ars2F xYUiuTJAknK0CBKlPVc/6xY8bWC18/1bxtOSkSRabXi9HhGw8PDToLj/c9K+c9NLH/lb zW5g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446421; x=1749051221; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=sMXW42mfkE47FcIkm94wtl7KuTlhnYNRBbhjoltTaoc=; b=nLn+ohWjZ8s7hYbVxkhGBE54fcegdpIz4QZ8RzYtJzP+cBy0RXQqFaLpxy3e+y2sbI P1jlpsyzsWZ8eOhNO8fHwBF8cdr3Gu5UgW1pT4G+EFcVVkTt7IrdDkCVEUFMnthaYtXV Ihqy60GN/jP6OBwOF4saWpeSm/cTPDsv46xwXTNzROf5Zw9CzxrGm5hOiIRgOE4+PXKJ aaAdqE48QksH4l8msiPc6zpqbukSm1Kv45bMeqycSeCggP1kt0I+DhMuZTlbMAjbqkg8 BTEy5H9z27XIDWmFj6mhjOmtl7DX5xvnPE0k4p1UoduhocME4rT7aQe+6ftrf67Cwdh/ rIoA== X-Gm-Message-State: AOJu0YyPg3BCj2xVQkF+CFl6OSizMDD3Tg/2oKjBeA5GYqGD6mRdRRdB tCDnHQqetVqQYskv2SQT/8jFBoZq86er8+BU/dNVEEQFRzjbQAiaQ2ayFrqwVX5iw1w95MO3jJD XaZjE X-Gm-Gg: ASbGnctP3N2hak9khhJ+iSdEZj4fjf+TfrsoRgxcUEZNOcQan3BpOy9O2ziWoA1uJ+1 bdhHtXtxhcGutYlRqnTQi+nWU+TLYpXudu7l/N8e+v38j180FGS/C8KZ3HVISu1WwxLJDRz8hO7 TMEQjQxi4WajBbjFCL1b2RgdZ7KMWt0+4Ota4yc45VvvXg4fyI4qpK4THp8OKBWxNrdpBCpxhRn dKNKUD4EeKsBcBtY1l7OsqIc58fIZGgSzvHuge/BYcR4eWsVYlTwHEQ2j8PfgrEmoOhFEBhV5m9 mR+mPTWD1ny8PKVnKF8CRU0gLdO0p89U8EYW/hQ9pjI= X-Google-Smtp-Source: AGHT+IHwiSIwoHrRMxJvyQnBKsfFahy7XUGsrGc+2cJnWAlUEB/iyVgXczmbAa2GzkK3eXVMsTpmJQ== X-Received: by 2002:a05:6a21:9010:b0:209:ca8b:91f2 with SMTP id adf61e73a8af0-21aad8349b6mr3990718637.19.1748446420936; Wed, 28 May 2025 08:33:40 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.40 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:40 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 03/14] sqlite3: mark CVE-2025-29087 as patched Date: Wed, 28 May 2025 08:33:12 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:50 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217367 From: Peter Marko Description of CVE-2025-29087 and CVE-2025-3277 are very similar. There is no lonk from NVD, but [1] and [2] from Debian mark these two CVEs as duplicates with the same link for patch. [1] https://security-tracker.debian.org/tracker/CVE-2025-29087 [2] https://security-tracker.debian.org/tracker/CVE-2025-3277 Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch index 8264d4443a..60da0b773d 100644 --- a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch @@ -7,6 +7,7 @@ Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5 CVE: CVE-2025-3277 +CVE: CVE-2025-29087 Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f] Signed-off-by: Peter Marko --- From patchwork Wed May 28 15:33:13 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63751 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 17487C5B554 for ; Wed, 28 May 2025 15:33:51 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.920.1748446423647497468 for ; Wed, 28 May 2025 08:33:43 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=xAqmoJkz; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-742c73f82dfso3613332b3a.2 for ; Wed, 28 May 2025 08:33:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446423; x=1749051223; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=BiYeXo9kfU7kjj7DCyUuZ+nSQ48yNLDrwYQVLMK/J/M=; b=xAqmoJkzBMmKLyVeGl5XhlV8tGciOdBx0E1gdzvNLUTq21iylMEBATc7jMbF9nzv10 7kTJr5p3ERHxrcKJfOpI9lFOvBw7PdQwtazdovpYUoeXQafSm9SxD7Bg5lZClXgWDI2w 4ReTlJr+Icb1A7gzz1kWYhJRViRx4OQh2WiNpBOOgtTZH1EilRBIK+/KqmZfz/4f3M/w nA3FIOfYAIwB9t3iHCgJL1bUopi1fuXE94hHBqdeuE2uYvuMPs5u5YwnbcsRuKAs9+/g EW1Si+0vDdUzun1LpSIvrPVUnHQh36i77yfP1JZE4NiGkrn6V7YnxD0kAKQx5s427TVU iUTA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446423; x=1749051223; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=BiYeXo9kfU7kjj7DCyUuZ+nSQ48yNLDrwYQVLMK/J/M=; b=kY7tvAUQXULYWRB5F7xjZgbFR+7xsBNSnWXbtlwhe8XjedwpnVXkbooNYwu0LiF9yy kFbhcoa4AUfAdA0tlAECvGwxga82GL6aQQPpGDZ/Wf0ulWEfWzDwXuwin3mIoqKgumMi isP2FG+cu9lC342QdT1fQ1enqNz8ZDt1WLlNRJYEv7UHEgzIpdhDx5aLP5fIGAj4t5Xl yT2vBkwXb8xgTsrRfimM5PyYZRy9mearxizxkuxPaIXV9j6yuJmwiMix6WYX3ZZbP6Dm QeeouXANQfUsoS5FJ3gJ/joB/eMWDFSDfAnJnMFFATC6BIcswJ/HsjQ1xu+5a3m7GYEo uFEg== X-Gm-Message-State: AOJu0YxQCXz/9aBnjyXurM1L3EAGjPiYcKsvLjtOny+znsi7ppjjekFr OtVqu+fkJePuq3yqYp0Bo20FOOU1JBtbRFO1IpmumBbnaWZN1wt/N4fZpqFgtMoJcfcyk1T2uZP MwD0K X-Gm-Gg: ASbGnctJdAcHc81P0gjlFfLw4KlfmO9wM4TNtqUhvLgpGcJ4y+BN5iZEBkqZpRVvdO1 VYYTOe2v4ujtw9Atw91KTHfORaJs6enmHS0rugpwZNWZCiLNRmxWjnsjf7vy2FDJFKWH5YHCKdQ lVkyXcASI3N+ftZOcMZIQ6L/GWx+I1l9v54WszJvomaO8iz95AjOXokHneKhb0oiu273mdv9nBt Ai9IFoj7U982LT1ACUrGVZyqp+2UFO6Kfc/vfVa4NoZu0KtcwJYDBpRWWKxnqEk6MvqKIY1JtNL 9veBRzmo57RBTc6amz/8Xx71T/mSHKEF6jGxjsazNn+fYBZSqa95JA== X-Google-Smtp-Source: AGHT+IHeRZI7BX102dGUWMJaHzYPSZVJi3mSHeBZ9V69F8ixxrOoGcqDeBzgcfaUKYaVW+TK64xu0g== X-Received: by 2002:a05:6a00:a06:b0:742:a77b:8bc with SMTP id d2e1a72fcca58-745fdf7710fmr24951737b3a.2.1748446422854; Wed, 28 May 2025 08:33:42 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.42 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:42 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 04/14] ofono: patch CVE-2024-7537 Date: Wed, 28 May 2025 08:33:13 -0700 Message-ID: <9ab0da6f0564787b753aedb90ea437b135243bdf.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:51 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217368 From: Peter Marko Pick commit https://web.git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../ofono/ofono/CVE-2024-7537.patch | 59 +++++++++++++++++++ meta/recipes-connectivity/ofono/ofono_2.15.bb | 1 + 2 files changed, 60 insertions(+) create mode 100644 meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch diff --git a/meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch new file mode 100644 index 0000000000..4a7cd12297 --- /dev/null +++ b/meta/recipes-connectivity/ofono/ofono/CVE-2024-7537.patch @@ -0,0 +1,59 @@ +From e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb Mon Sep 17 00:00:00 2001 +From: Ivaylo Dimitrov +Date: Sun, 16 Mar 2025 12:26:42 +0200 +Subject: [PATCH] qmi: sms: Fix possible out-of-bounds read + +Fixes: CVE-2024-7537 + +CVE: CVE-2024-7537 +Upstream-Status: Backport [https://web.git.kernel.org/pub/scm/network/ofono/ofono.git/commit/?id=e6d8d526d5077c0b6ab459efeb6b882c28e0fdeb] +Signed-off-by: Peter Marko +--- + drivers/qmimodem/sms.c | 13 ++++++++++--- + 1 file changed, 10 insertions(+), 3 deletions(-) + +diff --git a/drivers/qmimodem/sms.c b/drivers/qmimodem/sms.c +index 3e2bef6e..75863480 100644 +--- a/drivers/qmimodem/sms.c ++++ b/drivers/qmimodem/sms.c +@@ -442,6 +442,8 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data) + const struct qmi_wms_result_msg_list *list; + uint32_t cnt = 0; + uint16_t tmp; ++ uint16_t length; ++ size_t msg_size; + + DBG(""); + +@@ -451,7 +453,7 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data) + goto done; + } + +- list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, NULL); ++ list = qmi_result_get(result, QMI_WMS_RESULT_MSG_LIST, &length); + if (list == NULL) { + DBG("Err: get msg list empty"); + goto done; +@@ -460,6 +462,13 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data) + cnt = L_LE32_TO_CPU(list->cnt); + DBG("msgs found %d", cnt); + ++ msg_size = cnt * sizeof(list->msg[0]); ++ ++ if (length != sizeof(list->cnt) + msg_size) { ++ DBG("Err: invalid msg list count"); ++ goto done; ++ } ++ + for (tmp = 0; tmp < cnt; tmp++) { + DBG("unread type %d ndx %d", list->msg[tmp].type, + L_LE32_TO_CPU(list->msg[tmp].ndx)); +@@ -473,8 +482,6 @@ static void get_msg_list_cb(struct qmi_result *result, void *user_data) + + /* save list and get 1st msg */ + if (cnt) { +- int msg_size = cnt * sizeof(list->msg[0]); +- + data->msg_list = l_malloc(sizeof(list->cnt) + msg_size); + data->msg_list->cnt = cnt; + memcpy(data->msg_list->msg, list->msg, msg_size); diff --git a/meta/recipes-connectivity/ofono/ofono_2.15.bb b/meta/recipes-connectivity/ofono/ofono_2.15.bb index 40eeb3a086..07d7ac6095 100644 --- a/meta/recipes-connectivity/ofono/ofono_2.15.bb +++ b/meta/recipes-connectivity/ofono/ofono_2.15.bb @@ -9,6 +9,7 @@ DEPENDS = "dbus glib-2.0 udev mobile-broadband-provider-info ell" SRC_URI = "${KERNELORG_MIRROR}/linux/network/${BPN}/${BP}.tar.xz \ file://ofono \ + file://CVE-2024-7537.patch \ " SRC_URI[sha256sum] = "1af93ab72a70502452fe3d0297a6eaea13750cacae1fff3b643dd2245a6408ca" From patchwork Wed May 28 15:33:14 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63749 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F1B38C5B549 for ; Wed, 28 May 2025 15:33:50 +0000 (UTC) Received: from mail-pf1-f175.google.com (mail-pf1-f175.google.com [209.85.210.175]) by mx.groups.io with SMTP id smtpd.web10.921.1748446425825027891 for ; Wed, 28 May 2025 08:33:45 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=YScTtRj8; spf=softfail (domain: sakoman.com, ip: 209.85.210.175, mailfrom: steve@sakoman.com) Received: by mail-pf1-f175.google.com with SMTP id d2e1a72fcca58-742c9563fd9so3372479b3a.3 for ; Wed, 28 May 2025 08:33:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446425; x=1749051225; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=rUlG6VfnS3vQLITlce58D9tGn2Ezz0/+62mVOZWfo80=; b=YScTtRj8lZZGbYANOWt0OS7mu+BW8JpdYVUXwrooL4GLG5Dzcs8BFpcGMnoBliJagx nzJpz2x4LfFlQCxPbokmckpIOPIjzc/TBlddkUiItlad1V8CjCsyC5s1TLfga4uaryVb k6cBb6qbbq11x5IOtlF650Mu2A6MQcCzgEQZXkOc1cLLKFZkRAFfDOY76k+bhi9m1jkl sY7QADCzrd3H6Wh0QIv8YYfR97pm4g1vGaOaO3ZeDZi9E3E1LA9JzbjlfFk1ns2KF1eP zU1w32+f7IA0r3cjXubJUWcj1i+3Qfj0VxzIzaI+fnzF2fqUWZXu/gqEXSAiXBjnKbJO XrNg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446425; x=1749051225; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=rUlG6VfnS3vQLITlce58D9tGn2Ezz0/+62mVOZWfo80=; b=GTjHXZ2UZE6g7ywRNLxWeoq0j/dFBhAHglUBBy/tPRFeshxBIFxSx06BtR9+Rkzd4h ncqiofIxXIFnHOHzjsohhBp+W3+rxLxJjSfRREpfrD+9LoTeyGn0XPJH+o8erxw7yYuy RfHQjR+jPUXrhTayXtfMqr6pqgs20ARokZWm0gOxU/5zhGPXE+ZYUwgibGy81iVOvV1n X276Rqr7JO8z25eA8YYDbIQqHt6x7ni1k5BDLlxiJslsMlbN6+t/lwo3dt7PNl4KrI/l +SUiChSbs/bWSp2f3oVGsAENoeNb2cEJbafJUt3ESmZoU1Q+py8UbpGVb/fCCqyVri/P /m3w== X-Gm-Message-State: AOJu0YyaOrcvRU5IK+oqc0YR98q16n5rvE28/kc8ecTf0e0S/0LT1wxJ 1yjTCiNewfoLRwKGob1m27JM3KBD1xsoBuQygE+mOh9cTs8G47ohYInnpl7w55paMkYGCl/KDbY 5/wpI X-Gm-Gg: ASbGncvkYXOgNl9mNn4RTnV8HBs1jMX4wV9kdUc2vpNzBqy/hccPDTeCiFBDh6eDXKZ J+uW2jksi44ol6XIhPxdNtqDgVtEoC9igLFaBYc3Lwsy7WWs7TFzL21hPsG+t8f0ER4YuXXcSY+ PfdJNx1X3PWAN4A2TcoTuDNrsgFS2JfR9uUFe02MvvjySI2u4CgnIUF1qzWOJvz/Isxe60gCg0N 14yPN5/1Vuu+/A71Q+0ZH86hCakowz+MPE8QjiuJba2X6628kJY732J1VGEvGUWgODnFNMmwc5y 89C79M7wwY+4tt+rRKgjpo+AWwadgThn6NHJmgNK6IZNrbi8RIP1Up1qwQs4pVxI X-Google-Smtp-Source: AGHT+IHkqJm34vPeT2Sv29cXGeDK0qH3QGo8Zk+mz0lBD5Zp4/WVVjN6DisxjSFcNENsX4HvlK8fLg== X-Received: by 2002:a05:6a00:130d:b0:740:9d6f:a73b with SMTP id d2e1a72fcca58-745fe01508bmr22378606b3a.17.1748446424749; Wed, 28 May 2025 08:33:44 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.43 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:44 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 05/14] xz: patch CVE-2025-31115 Date: Wed, 28 May 2025 08:33:14 -0700 Message-ID: <7c5d0f0e1830095d3e8c30c648081b5e52b0ef06.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:50 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217369 From: Peter Marko Cherry-pick commits from [1] linked from [2] from branch v5.6 [1] https://tukaani.org/xz/xz-cve-2025-31115.patch [2] https://tukaani.org/xz/threaded-decoder-early-free.html Signed-off-by: Peter Marko Signed-off-by: Steve Sakoman --- .../xz/xz/CVE-2025-31115-01.patch | 29 ++++ .../xz/xz/CVE-2025-31115-02.patch | 152 ++++++++++++++++++ .../xz/xz/CVE-2025-31115-03.patch | 98 +++++++++++ .../xz/xz/CVE-2025-31115-04.patch | 56 +++++++ meta/recipes-extended/xz/xz_5.6.4.bb | 4 + 5 files changed, 339 insertions(+) create mode 100644 meta/recipes-extended/xz/xz/CVE-2025-31115-01.patch create mode 100644 meta/recipes-extended/xz/xz/CVE-2025-31115-02.patch create mode 100644 meta/recipes-extended/xz/xz/CVE-2025-31115-03.patch create mode 100644 meta/recipes-extended/xz/xz/CVE-2025-31115-04.patch diff --git a/meta/recipes-extended/xz/xz/CVE-2025-31115-01.patch b/meta/recipes-extended/xz/xz/CVE-2025-31115-01.patch new file mode 100644 index 0000000000..d6e75f8201 --- /dev/null +++ b/meta/recipes-extended/xz/xz/CVE-2025-31115-01.patch @@ -0,0 +1,29 @@ +From c1a91b8baeb947c5b232a6c3d6319267131830bc Mon Sep 17 00:00:00 2001 +From: Lasse Collin +Date: Thu, 3 Apr 2025 14:34:42 +0300 +Subject: [PATCH 1/4] liblzma: mt dec: Fix a comment + +Reviewed-by: Sebastian Andrzej Siewior +Thanks-to: Sam James +(cherry picked from commit 831b55b971cf579ee16a854f177c36b20d3c6999) + +CVE: CVE-2025-31115 +Upstream-Status: Backport [https://github.com/tukaani-project/xz/commit/c1a91b8baeb947c5b232a6c3d6319267131830bc] +Signed-off-by: Peter Marko +--- + src/liblzma/common/stream_decoder_mt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/liblzma/common/stream_decoder_mt.c b/src/liblzma/common/stream_decoder_mt.c +index 244624a4..6f06f1d1 100644 +--- a/src/liblzma/common/stream_decoder_mt.c ++++ b/src/liblzma/common/stream_decoder_mt.c +@@ -347,7 +347,7 @@ worker_enable_partial_update(void *thr_ptr) + + + /// Things do to at THR_STOP or when finishing a Block. +-/// This is called with thr->mutex locked. ++/// This is called with thr->coder->mutex locked. + static void + worker_stop(struct worker_thread *thr) + { diff --git a/meta/recipes-extended/xz/xz/CVE-2025-31115-02.patch b/meta/recipes-extended/xz/xz/CVE-2025-31115-02.patch new file mode 100644 index 0000000000..7b36ae551a --- /dev/null +++ b/meta/recipes-extended/xz/xz/CVE-2025-31115-02.patch @@ -0,0 +1,152 @@ +From f74cf18ad084a9185d8ae148d89265860aa8004c Mon Sep 17 00:00:00 2001 +From: Lasse Collin +Date: Thu, 3 Apr 2025 14:34:42 +0300 +Subject: [PATCH 2/4] liblzma: mt dec: Simplify by removing the THR_STOP state + +The main thread can directly set THR_IDLE in threads_stop() which is +called when errors are detected. threads_stop() won't return the stopped +threads to the pool or free the memory pointed by thr->in anymore, but +it doesn't matter because the existing workers won't be reused after +an error. The resources will be cleaned up when threads_end() is +called (reinitializing the decoder always calls threads_end()). + +Reviewed-by: Sebastian Andrzej Siewior +Thanks-to: Sam James +(cherry picked from commit c0c835964dfaeb2513a3c0bdb642105152fe9f34) + +CVE: CVE-2025-31115 +Upstream-Status: Backport [https://github.com/tukaani-project/xz/commit/f74cf18ad084a9185d8ae148d89265860aa8004c] +Signed-off-by: Peter Marko +--- + src/liblzma/common/stream_decoder_mt.c | 75 ++++++++++---------------- + 1 file changed, 29 insertions(+), 46 deletions(-) + +diff --git a/src/liblzma/common/stream_decoder_mt.c b/src/liblzma/common/stream_decoder_mt.c +index 6f06f1d1..e1d07007 100644 +--- a/src/liblzma/common/stream_decoder_mt.c ++++ b/src/liblzma/common/stream_decoder_mt.c +@@ -23,15 +23,10 @@ typedef enum { + THR_IDLE, + + /// Decoding is in progress. +- /// Main thread may change this to THR_STOP or THR_EXIT. ++ /// Main thread may change this to THR_IDLE or THR_EXIT. + /// The worker thread may change this to THR_IDLE. + THR_RUN, + +- /// The main thread wants the thread to stop whatever it was doing +- /// but not exit. Main thread may change this to THR_EXIT. +- /// The worker thread may change this to THR_IDLE. +- THR_STOP, +- + /// The main thread wants the thread to exit. + THR_EXIT, + +@@ -346,27 +341,6 @@ worker_enable_partial_update(void *thr_ptr) + } + + +-/// Things do to at THR_STOP or when finishing a Block. +-/// This is called with thr->coder->mutex locked. +-static void +-worker_stop(struct worker_thread *thr) +-{ +- // Update memory usage counters. +- thr->coder->mem_in_use -= thr->in_size; +- thr->in_size = 0; // thr->in was freed above. +- +- thr->coder->mem_in_use -= thr->mem_filters; +- thr->coder->mem_cached += thr->mem_filters; +- +- // Put this thread to the stack of free threads. +- thr->next = thr->coder->threads_free; +- thr->coder->threads_free = thr; +- +- mythread_cond_signal(&thr->coder->cond); +- return; +-} +- +- + static MYTHREAD_RET_TYPE + worker_decoder(void *thr_ptr) + { +@@ -397,17 +371,6 @@ next_loop_unlocked: + return MYTHREAD_RET_VALUE; + } + +- if (thr->state == THR_STOP) { +- thr->state = THR_IDLE; +- mythread_mutex_unlock(&thr->mutex); +- +- mythread_sync(thr->coder->mutex) { +- worker_stop(thr); +- } +- +- goto next_loop_lock; +- } +- + assert(thr->state == THR_RUN); + + // Update progress info for get_progress(). +@@ -510,7 +473,22 @@ next_loop_unlocked: + && thr->coder->thread_error == LZMA_OK) + thr->coder->thread_error = ret; + +- worker_stop(thr); ++ // Return the worker thread to the stack of available ++ // threads. ++ { ++ // Update memory usage counters. ++ thr->coder->mem_in_use -= thr->in_size; ++ thr->in_size = 0; // thr->in was freed above. ++ ++ thr->coder->mem_in_use -= thr->mem_filters; ++ thr->coder->mem_cached += thr->mem_filters; ++ ++ // Put this thread to the stack of free threads. ++ thr->next = thr->coder->threads_free; ++ thr->coder->threads_free = thr; ++ } ++ ++ mythread_cond_signal(&thr->coder->cond); + } + + goto next_loop_lock; +@@ -544,17 +522,22 @@ threads_end(struct lzma_stream_coder *coder, const lzma_allocator *allocator) + } + + ++/// Tell worker threads to stop without doing any cleaning up. ++/// The clean up will be done when threads_exit() is called; ++/// it's not possible to reuse the threads after threads_stop(). ++/// ++/// This is called before returning an unrecoverable error code ++/// to the application. It would be waste of processor time ++/// to keep the threads running in such a situation. + static void + threads_stop(struct lzma_stream_coder *coder) + { + for (uint32_t i = 0; i < coder->threads_initialized; ++i) { ++ // The threads that are in the THR_RUN state will stop ++ // when they check the state the next time. There's no ++ // need to signal coder->threads[i].cond. + mythread_sync(coder->threads[i].mutex) { +- // The state must be changed conditionally because +- // THR_IDLE -> THR_STOP is not a valid state change. +- if (coder->threads[i].state != THR_IDLE) { +- coder->threads[i].state = THR_STOP; +- mythread_cond_signal(&coder->threads[i].cond); +- } ++ coder->threads[i].state = THR_IDLE; + } + } + +@@ -1948,7 +1931,7 @@ stream_decoder_mt_init(lzma_next_coder *next, const lzma_allocator *allocator, + // accounting from scratch, too. Changes in filter and block sizes may + // affect number of threads. + // +- // FIXME? Reusing should be easy but unlike the single-threaded ++ // Reusing threads doesn't seem worth it. Unlike the single-threaded + // decoder, with some types of input file combinations reusing + // could leave quite a lot of memory allocated but unused (first + // file could allocate a lot, the next files could use fewer diff --git a/meta/recipes-extended/xz/xz/CVE-2025-31115-03.patch b/meta/recipes-extended/xz/xz/CVE-2025-31115-03.patch new file mode 100644 index 0000000000..892249d0b4 --- /dev/null +++ b/meta/recipes-extended/xz/xz/CVE-2025-31115-03.patch @@ -0,0 +1,98 @@ +From 1b874b4f04909b7bb5259cb612ecef39a434dde8 Mon Sep 17 00:00:00 2001 +From: Lasse Collin +Date: Thu, 3 Apr 2025 14:34:42 +0300 +Subject: [PATCH 3/4] liblzma: mt dec: Don't free the input buffer too early + (CVE-2025-31115) + +The input buffer must be valid as long as the main thread is writing +to the worker-specific input buffer. Fix it by making the worker +thread not free the buffer on errors and not return the worker thread to +the pool. The input buffer will be freed when threads_end() is called. + +With invalid input, the bug could at least result in a crash. The +effects include heap use after free and writing to an address based +on the null pointer plus an offset. + +The bug has been there since the first committed version of the threaded +decoder and thus affects versions from 5.3.3alpha to 5.8.0. + +As the commit message in 4cce3e27f529 says, I had made significant +changes on top of Sebastian's patch. This bug was indeed introduced +by my changes; it wasn't in Sebastian's version. + +Thanks to Harri K. Koskinen for discovering and reporting this issue. + +Fixes: 4cce3e27f529 ("liblzma: Add threaded .xz decompressor.") +Reported-by: Harri K. Koskinen +Reviewed-by: Sebastian Andrzej Siewior +Thanks-to: Sam James +(cherry picked from commit d5a2ffe41bb77b918a8c96084885d4dbe4bf6480) + +CVE: CVE-2025-31115 +Upstream-Status: Backport [https://github.com/tukaani-project/xz/commit/1b874b4f04909b7bb5259cb612ecef39a434dde8] +Signed-off-by: Peter Marko +--- + src/liblzma/common/stream_decoder_mt.c | 31 ++++++++++++++++++-------- + 1 file changed, 22 insertions(+), 9 deletions(-) + +diff --git a/src/liblzma/common/stream_decoder_mt.c b/src/liblzma/common/stream_decoder_mt.c +index e1d07007..ce5e54ac 100644 +--- a/src/liblzma/common/stream_decoder_mt.c ++++ b/src/liblzma/common/stream_decoder_mt.c +@@ -435,8 +435,7 @@ next_loop_unlocked: + } + + // Either we finished successfully (LZMA_STREAM_END) or an error +- // occurred. Both cases are handled almost identically. The error +- // case requires updating thr->coder->thread_error. ++ // occurred. + // + // The sizes are in the Block Header and the Block decoder + // checks that they match, thus we know these: +@@ -444,16 +443,30 @@ next_loop_unlocked: + assert(ret != LZMA_STREAM_END + || thr->out_pos == thr->block_options.uncompressed_size); + +- // Free the input buffer. Don't update in_size as we need +- // it later to update thr->coder->mem_in_use. +- lzma_free(thr->in, thr->allocator); +- thr->in = NULL; +- + mythread_sync(thr->mutex) { ++ // Block decoder ensures this, but do a sanity check anyway ++ // because thr->in_filled < thr->in_size means that the main ++ // thread is still writing to thr->in. ++ if (ret == LZMA_STREAM_END && thr->in_filled != thr->in_size) { ++ assert(0); ++ ret = LZMA_PROG_ERROR; ++ } ++ + if (thr->state != THR_EXIT) + thr->state = THR_IDLE; + } + ++ // Free the input buffer. Don't update in_size as we need ++ // it later to update thr->coder->mem_in_use. ++ // ++ // This step is skipped if an error occurred because the main thread ++ // might still be writing to thr->in. The memory will be freed after ++ // threads_end() sets thr->state = THR_EXIT. ++ if (ret == LZMA_STREAM_END) { ++ lzma_free(thr->in, thr->allocator); ++ thr->in = NULL; ++ } ++ + mythread_sync(thr->coder->mutex) { + // Move our progress info to the main thread. + thr->coder->progress_in += thr->in_pos; +@@ -474,8 +487,8 @@ next_loop_unlocked: + thr->coder->thread_error = ret; + + // Return the worker thread to the stack of available +- // threads. +- { ++ // threads only if no errors occurred. ++ if (ret == LZMA_STREAM_END) { + // Update memory usage counters. + thr->coder->mem_in_use -= thr->in_size; + thr->in_size = 0; // thr->in was freed above. diff --git a/meta/recipes-extended/xz/xz/CVE-2025-31115-04.patch b/meta/recipes-extended/xz/xz/CVE-2025-31115-04.patch new file mode 100644 index 0000000000..f80daceb4a --- /dev/null +++ b/meta/recipes-extended/xz/xz/CVE-2025-31115-04.patch @@ -0,0 +1,56 @@ +From 6ff5b8c55960f9ebc917b668bd3567ef217175fa Mon Sep 17 00:00:00 2001 +From: Lasse Collin +Date: Thu, 3 Apr 2025 14:34:42 +0300 +Subject: [PATCH 4/4] liblzma: mt dec: Don't modify thr->in_size in the worker + thread + +Don't set thr->in_size = 0 when returning the thread to the stack of +available threads. Not only is it useless, but the main thread may +read the value in SEQ_BLOCK_THR_RUN. With valid inputs, it made +no difference if the main thread saw the original value or 0. With +invalid inputs (when worker thread stops early), thr->in_size was +no longer modified after the previous commit with the security fix +("Don't free the input buffer too early"). + +So while the bug appears harmless now, it's important to fix it because +the variable was being modified without proper locking. It's trivial +to fix because there is no need to change the value. Only main thread +needs to set the value in (in SEQ_BLOCK_THR_INIT) when starting a new +Block before the worker thread is activated. + +Fixes: 4cce3e27f529 ("liblzma: Add threaded .xz decompressor.") +Reviewed-by: Sebastian Andrzej Siewior +Thanks-to: Sam James +(cherry picked from commit 8188048854e8d11071b8a50d093c74f4c030acc9) + +CVE: CVE-2025-31115 +Upstream-Status: Backport [https://github.com/tukaani-project/xz/commit/6ff5b8c55960f9ebc917b668bd3567ef217175fa] +Signed-off-by: Peter Marko +--- + src/liblzma/common/stream_decoder_mt.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/liblzma/common/stream_decoder_mt.c b/src/liblzma/common/stream_decoder_mt.c +index ce5e54ac..0cdb47d3 100644 +--- a/src/liblzma/common/stream_decoder_mt.c ++++ b/src/liblzma/common/stream_decoder_mt.c +@@ -491,8 +491,6 @@ next_loop_unlocked: + if (ret == LZMA_STREAM_END) { + // Update memory usage counters. + thr->coder->mem_in_use -= thr->in_size; +- thr->in_size = 0; // thr->in was freed above. +- + thr->coder->mem_in_use -= thr->mem_filters; + thr->coder->mem_cached += thr->mem_filters; + +@@ -1557,6 +1555,10 @@ stream_decode_mt(void *coder_ptr, const lzma_allocator *allocator, + } + + // Return if the input didn't contain the whole Block. ++ // ++ // NOTE: When we updated coder->thr->in_filled a few lines ++ // above, the worker thread might by now have finished its ++ // work and returned itself back to the stack of free threads. + if (coder->thr->in_filled < coder->thr->in_size) { + assert(*in_pos == in_size); + return LZMA_OK; diff --git a/meta/recipes-extended/xz/xz_5.6.4.bb b/meta/recipes-extended/xz/xz_5.6.4.bb index e48f4dbd7f..52bfd844b2 100644 --- a/meta/recipes-extended/xz/xz_5.6.4.bb +++ b/meta/recipes-extended/xz/xz_5.6.4.bb @@ -27,6 +27,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c02de712b028a5cc7e22472e8f2b3db1 \ SRC_URI = "https://github.com/tukaani-project/xz/releases/download/v${PV}/xz-${PV}.tar.gz \ file://run-ptest \ + file://CVE-2025-31115-01.patch \ + file://CVE-2025-31115-02.patch \ + file://CVE-2025-31115-03.patch \ + file://CVE-2025-31115-04.patch \ " SRC_URI[sha256sum] = "269e3f2e512cbd3314849982014dc199a7b2148cf5c91cedc6db629acdf5e09b" UPSTREAM_CHECK_REGEX = "releases/tag/v(?P\d+(\.\d+)+)" From patchwork Wed May 28 15:33:15 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63752 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id F2A08C5B552 for ; Wed, 28 May 2025 15:33:50 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.935.1748446428780398590 for ; Wed, 28 May 2025 08:33:48 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=ChnL3qk9; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-7390d21bb1cso3345017b3a.2 for ; Wed, 28 May 2025 08:33:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446428; x=1749051228; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=uVm/JwBWSjW9+d5IRuaz3HlPtnWm6B0i2IP6Dc7Ka4w=; b=ChnL3qk9N+zZ4/7Jl7JS2vac9wVINoH2a9aXe+QHfLXDMKLf1HEglw5QzqWjNlItFb Wotlps+tUAJ+8HuRNvgvtq4TIblCMmkH4StR4OoR9VxGju8iUoTY0HpeuMZhdGJyw6gC JcZGlTbOztIE8lPNPMtGZZHLYX+y30YWuybpqlHhsMtLzwrfNh7mAfPPscRS5gKXFZQe 0DR8p+EyVbI+ZxYlM9UGHhHZ8k6Xi0JbVqIocM5V5tRYBaxONhGLGAC959I7tTeaHpoe TLcx8j5i2allt/eYmnjv04teqARhHWRbc+b43r676GIt3KgZuvQWdAtYu4/UOIU8RbzW 6PnQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446428; x=1749051228; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=uVm/JwBWSjW9+d5IRuaz3HlPtnWm6B0i2IP6Dc7Ka4w=; b=e8TK6y1L1+HDzopyDVOZi62atX5DX5RsdRcvBtoYsUHcBnLNyKWl2SDdjyUeIqzWS7 2oiqE/QlFGHJ0HsZwkQdzmOwlSj0xGXFkxJ1BA5lJfO7l7k/OxP9PrYDdgDgP2w91ISO EfWBNOLlV6s9ahAkJ5sGl+ypoc43IPnJS9I8kahFOpR7FeXb2TM1xOLq/bLfcWtmYZSt A5WwCY0h07f23jDPO9YYiLkoe2qCdk+2d1nRZ65b6aQz4WXULoRWmWkwkeSZfFmmK/VV 7oZpD4vN7XMLsYSeVREOoBl/LWcWecxKTfqZzGPqri88LgdnBmqVuzZAn0v0DlnhswPT mG5Q== X-Gm-Message-State: AOJu0Yzs+ue7yx5sXve6NaBrFK3RuGGlWMO4iMzM0haCBic8DIW4FtmN 3OpAgNbU87Ctgkbh2wPQbZtiPRcCqejlTZ+jt8IIZsjQNikqwM7xlrii4M94Plmei1xeU3TFhmA 0V29P X-Gm-Gg: ASbGncv6HVRjQU2RJUTTqeioeCSn7ecPZxkHk9iZlTIwuKHcRa7nM/RMtal+Fbf33IA 9B9crN5HYTlroqD8ZzeL7QsD3Dlls7HL3o9fZnpCtrk1GyJB7qSBN0p2A6O5GdOox9pYCWDaAvH enDKjcQcIKzpBbGZSEukxR5PJvdv4Jaq9r3nmjYc9DzIb6D6X1t0PeJEM+njhNa5LwqMy/wlBnn ZqA3V8Jv0YxI8s6AaN3C5Q7QC1rhKNS6I9GVch6Ga6RgKuy5qdJIYko1DsERPPYvCtI1Dt1ZonA pCe5SeMzz7qqKPDneMgHVlaAoUYGSGGlq1MV+qKGEBFfJcuKImHunA== X-Google-Smtp-Source: AGHT+IEDcRsHH0dXA77CgGtIP5xz3gMpZ6DTWjbJOORnODWsQizgGc/Gi287MGqBv+HH9VMjeVZtbA== X-Received: by 2002:aa7:88cd:0:b0:742:aecc:c46b with SMTP id d2e1a72fcca58-746b40bdb7dmr3446602b3a.15.1748446428028; Wed, 28 May 2025 08:33:48 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.47 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:47 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 06/14] binutils: drop obsolete CVE_STATUS Date: Wed, 28 May 2025 08:33:15 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:50 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217370 From: Peter Marko NVD has CVE-2023-25584 listed as < 2.40, so we don't need to ignore it for version 2.44 anymore. (From OE-Core rev: eaf80096f96e5bebed53076c1dfe7e35e539f383) Signed-off-by: Peter Marko Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-devtools/binutils/binutils-2.44.inc | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc index 7a19aa31d5..41071fada1 100644 --- a/meta/recipes-devtools/binutils/binutils-2.44.inc +++ b/meta/recipes-devtools/binutils/binutils-2.44.inc @@ -18,8 +18,6 @@ SRCBRANCH ?= "binutils-2_44-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P\d+_(\d_?)*)" -CVE_STATUS[CVE-2023-25584] = "cpe-incorrect: Applies only for version 2.40 and earlier" - SRCREV ?= "819d713b6340ed3657e00ad0bc8d5f2b73094a0f" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https" SRC_URI = "\ From patchwork Wed May 28 15:33:16 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63750 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 0B872C5B553 for ; Wed, 28 May 2025 15:33:51 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web11.937.1748446430465726547 for ; Wed, 28 May 2025 08:33:50 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=qHxPU/Lv; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-74264d1832eso5012142b3a.0 for ; Wed, 28 May 2025 08:33:50 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446430; x=1749051230; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=cJdnOseQTfVVzlVp8qsiXhP40/ve1Kv290L6Aq3ttac=; b=qHxPU/LvRBK9Ho9P8nFLTQRAuwEn0vlo+g8RLijqHOUv3M09FMEi1eWW4kUnAynZlx GBLNmSXD/+fqRiv2eeDo3TeazqL7ZeWEVw6Q43KbGCFkEfu6GXq6oCV6EDA82f0eqLTR 64aYwtlacKWl6m4jBSsVDKFsVtuFwmvCw4WeuMKFEKVsmNDISZMJVSz+O1Grk/oQ5sdr /8ub+nwc968of229J9qV6f8GISfHABFt3UoF5d+74i60JcKc0KmO3GowBHQE7sIwfBHh q/X8mdam3QCyIAvmv3vftTwZq4dhvHtcL/U+YXKJcp7WCIuWj5N0oGA02T+TZhnKvFLv TqAA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446430; x=1749051230; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=cJdnOseQTfVVzlVp8qsiXhP40/ve1Kv290L6Aq3ttac=; b=KbOcb8T5KkoCCEBZEHT2vw1HIvStbJG4qKQhFJjRbAmhVltwwGoB91M1SUGqZ8M2u8 07JaNObkzUwWucMYfmzQkBXN6w8EgHpFP5pXOWNpqKxCcFYYXgLB3stbEqSs166hCuKH AK20S+OPTD8ZB8YC7M8EG5IjoSgb8iDAc0uqKaY5MVBqf/h5WRy70nMAXwHyW70o0nEm h7T2C/+mh1VaRWw77QbrDHFm6e8rmKPOC+juqbVmzyAd9M1O+83onR4yVXgghB6jAzpO XFnotHg3PZAWie+tpeYU6sMpmP4l2Ud1pMP11i+5oDpQR2X0VW7EXeTrn92JPAPruyr6 /TxQ== X-Gm-Message-State: AOJu0YwN3qG39nxyVbYIHAty6mSGZ9yyotEa+mWp7toNRbKRGZn2rhvf lRiIDB/qmOdFIXBNlGSVa3cyvXshmh7LFnuQhLdicOkBiQHf1PRzlzyxJxKrNxOSgq/kg47BiOa 4Ebkh X-Gm-Gg: ASbGncuR1CJ0oVtvz3+n7EyeFSJqTYWIYDHcFELf17iXGBsS0L3tnaLczl6ngFITYwv Hwt2upBAUSXOpuRFYqTrEZ1QcnW+TIo6vJGbWoi1Qj43erIoQ39ErQ7CP5gufPGWaC+t2nqD3LL p6tu/c1FUVwbu96xk8yb7mEKeeicQ72Ws3Vlw5z4UkSGGO8p5dzT4Rwh9BKf4gPidQdmaYQetx5 3nzVJGhF1auwtZW4KDScAoGV1xF0gvy1Zx0VYk0MY6MAs78OwdMrwT7YZDq5gOjEX7Q1Wyznj7J eczObPOryTo9jEK2VyXAQXkTVTxC8iuLd/pRkusz0Zo= X-Google-Smtp-Source: AGHT+IEmtOljNJTvKHHprXrChIAi0OYWvPxuRXZ7GkOTDpC7Xu+cwzNYztHT1frGC3dGJH2IGY5QiA== X-Received: by 2002:a05:6a00:2e84:b0:730:95a6:3761 with SMTP id d2e1a72fcca58-745fde797f3mr26147861b3a.3.1748446429709; Wed, 28 May 2025 08:33:49 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.49 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:49 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 07/14] binutils: mark CVE-2025-1153 as fixed Date: Wed, 28 May 2025 08:33:16 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:33:51 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217371 From: Peter Marko We had this CVE patched but the patch was removed with last 2.44 branch updates as it is now included. Since there is no new version which could be set in NVD DB, this needs to be explicitly handled. (From OE-Core rev: 32f18145dee54f61203506daef339cd132908287) Signed-off-by: Peter Marko Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- meta/recipes-devtools/binutils/binutils-2.44.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc index 41071fada1..28100abbe9 100644 --- a/meta/recipes-devtools/binutils/binutils-2.44.inc +++ b/meta/recipes-devtools/binutils/binutils-2.44.inc @@ -18,6 +18,8 @@ SRCBRANCH ?= "binutils-2_44-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P\d+_(\d_?)*)" +CVE_STATUS[CVE-2025-1153] = "cpe-stable-backport: fix available in used git hash" + SRCREV ?= "819d713b6340ed3657e00ad0bc8d5f2b73094a0f" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${SRCBRANCH};protocol=https" SRC_URI = "\ From patchwork Wed May 28 15:33:17 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63755 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 116A4C5B549 for ; Wed, 28 May 2025 15:34:01 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web10.923.1748446432408330204 for ; Wed, 28 May 2025 08:33:52 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=Bb/n3vAU; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-742c7a52e97so4095130b3a.3 for ; Wed, 28 May 2025 08:33:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446432; x=1749051232; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=SjN/l1pgqMbuVWqpdtyK3/Vt+7Cw+hwuY7p7TdZ9zRQ=; b=Bb/n3vAUGgqN7cSTWFCxZRq6pcNfS/1blhXqKjg65jh2I2ayNLJmvixD3Kx54Jv56V vgpXPMiqZpwzeFw1HLbQoeKUgqnuBNAUJKwGXNxDOdK3QfsgEuxqD1XGOIF7q6DyyriR pRHkqjQbYxmlShW6ue+ECwjr/RH5Fllm7kn3Y3Uf4zLuzQE6IKjB9EKc+Ca9fJysNMUU lWPvxeq7ho96HAiaPUx11R4M4VWLR3QJ6EazWyv0R3oMMWU1pxkVNB+6nOKgRdWZz8zw xd1NvgmZqvNZol1Noz+rwkqIz2z8x4XpsSNLGR1gUTA2tmaYLn5kO8roGQOmgWDzpQoR epFg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446432; x=1749051232; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=SjN/l1pgqMbuVWqpdtyK3/Vt+7Cw+hwuY7p7TdZ9zRQ=; b=qEWZ12qbdScSiX7JzYHGwwFbbW4yEa8sWt+K+0ARcDnpcxyKMDPy3QFO8NUBvuM8r0 ZCzEKGR7mL4IvVsfHFI4Qc3+snyznQHNFWDQrYQh2tZIzEStsLoGjOuM5kytOWarGb5q 9y5Q/uqYlr3xWDvEtJ/fuaP0cQBUCKnx54EdY6dCQkyVuzHlbJJMnU+fGe5lbNIkm1dX O2vsAEv6jOUCSZAVJuWrgD17I+6h7WhSzs9a7IeQ97kbIE0+i7Egjflo2VqCdDCmrqeO D74P5okV01WSG554ckzIZh1vchjpBWZCtSUnZ5TUvu/v3sLjNLoRSClgsgbHDAYcQ7T9 PfOw== X-Gm-Message-State: AOJu0YyTHC9Dedj1kaNssWFX7ACyOUv18pWOMswGRPj2EV8HPELfCA1U Td3TQxkzKvH7co1I+Ch0aReBF1wj7Agl2m3M5octgbyYlF7IZd1XZdevHCPI+BdMtg4hqGrPqmf /dixV X-Gm-Gg: ASbGnctkSZ8o6gGAqzaQ4d9z9DcY/EHuG6KFNEmU1WoQcFl+hAjtQDqP72hbjxIKM+R 7PO4bptb4AHVwk1KaFAfOE+3+adrsP39y/YvEpGRxpQtmIlT0tsaCVBHGhPT723kkTS4lzANx65 ujD1K2hzOIA5Y62O4qZswn8PLnF+cKCn2vF022v95jVQKV4+6+dPJsp+Q2a4rV7+HnoFyVlIFdZ ZtW/kgWHw5NM6rL4VMBQQzMJm6FT+aLdVPaHe6TFDGCMeTdPksy7BG/MHXt3Y7XKH37DtoLL5V9 3JTlW1u0poPnJyalfVNROXOEWs+fvbrSHnmrqmhKT7E= X-Google-Smtp-Source: AGHT+IHXTQ8zsa1ZyLp6CeCuWi8gXGUzJloGme7o2++oFlsh0uL91N9gzmxs5dhr67oynYchNWluKQ== X-Received: by 2002:a05:6a20:9f90:b0:1f3:41d5:65f6 with SMTP id adf61e73a8af0-2188c34145bmr32503187637.32.1748446431617; Wed, 28 May 2025 08:33:51 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.50 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:51 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 08/14] binutils: Fix CVE-2025-1178 Date: Wed, 28 May 2025 08:33:17 -0700 Message-ID: <3325b9dfd7a0da2236c96630b67ac2c6d4375840.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:01 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217372 From: Deepesh Varatharajan Prevent an abort in the bfd linker when attempting to generate dynamic relocs for a corrupt input file. PR 32638 Backport a patch from upstream to fix CVE-2025-1178 Upstream-Status: Backport from [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] Signed-off-by: Deepesh Varatharajan Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.44.inc | 1 + .../binutils/0015-CVE-2025-1178.patch | 33 +++++++++++++++++++ 2 files changed, 34 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc index 28100abbe9..681b42fc3c 100644 --- a/meta/recipes-devtools/binutils/binutils-2.44.inc +++ b/meta/recipes-devtools/binutils/binutils-2.44.inc @@ -35,5 +35,6 @@ SRC_URI = "\ file://0012-Only-generate-an-RPATH-entry-if-LD_RUN_PATH-is-not-e.patch \ file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ + file://0015-CVE-2025-1178.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch b/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch new file mode 100644 index 0000000000..c39f43fba4 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0015-CVE-2025-1178.patch @@ -0,0 +1,33 @@ +From 75086e9de1707281172cc77f178e7949a4414ed0 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Wed, 5 Feb 2025 13:26:51 +0000 +Subject: [PATCH] Prevent an abort in the bfd linker when attempting to + generate dynamic relocs for a corrupt input file. + +PR 32638 + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=75086e9de1707281172cc77f178e7949a4414ed0] +CVE: CVE-2025-1178 + +Signed-off-by: Deepesh Varatharajan + +diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c +index cb32732e..a08e9c97 100644 +--- a/bfd/elf64-x86-64.c ++++ b/bfd/elf64-x86-64.c +@@ -5031,6 +5031,15 @@ elf_x86_64_finish_dynamic_symbol (bfd *output_bfd, + + if (generate_dynamic_reloc) + { ++ /* If the relgot section has not been created, then ++ generate an error instead of a reloc. cf PR 32638. */ ++ if (relgot == NULL || relgot->size == 0) ++ { ++ info->callbacks->einfo (_("%F%pB: Unable to generate dynamic relocs because a suitable section does not exist\n"), ++ output_bfd); ++ return false; ++ } ++ + if (relative_reloc_name != NULL + && htab->params->report_relative_reloc) + _bfd_x86_elf_link_report_relative_reloc From patchwork Wed May 28 15:33:18 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63756 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 27E11C5B552 for ; Wed, 28 May 2025 15:34:01 +0000 (UTC) Received: from mail-pf1-f173.google.com (mail-pf1-f173.google.com [209.85.210.173]) by mx.groups.io with SMTP id smtpd.web11.939.1748446436646597600 for ; Wed, 28 May 2025 08:33:56 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=jlCaYyzP; spf=softfail (domain: sakoman.com, ip: 209.85.210.173, mailfrom: steve@sakoman.com) Received: by mail-pf1-f173.google.com with SMTP id d2e1a72fcca58-74019695377so2997972b3a.3 for ; Wed, 28 May 2025 08:33:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446436; x=1749051236; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ybMbNofQKljkNBoVEJ312U4PsH2LLqFKXLZ3GJZvGHw=; b=jlCaYyzPxDE/H7hmz4L5HWtT4vEdhF1sPhTIrmbY+vTjEDqjXr5haw+nIRQ4Zzsxij rMrVBAjU60J4keGsJ/kJaybKZmVe6oSMKCvmeFiwhv1vVOQQOShTqRDoMrtGNB71TRH2 RPa/LsWrhcLRiQqgl8KV0NYvEwbBcLJVv65jfCoCfAgqeC40+J7AsBf3Glh/4BxZ2s9P znOQnUPwjsAJ8PNvqT+/5FjR6bmLmHI7w7pz6Aolr10G/P29/+1GxgZZ3hWPUHEXov+K H8998AkSBgpyYbhl7+LEvhH7P03MjnCghqR5AA3OopTpZb0z4Bi70ZNdma+zBa4emdUM nQmw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446436; x=1749051236; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ybMbNofQKljkNBoVEJ312U4PsH2LLqFKXLZ3GJZvGHw=; b=GnCr39lUboicbrh7imQyZ6IzKI3i4DoZGH/IK1VSs3hUefhXDOcQJ+9Zu4KM57LN6F 9qclkam3ZKQtzEOSWrPXi7DlZydoxKvs/D/fTUlc4uCzFbRr/gRLfL/P6bRNSfWM6Uu+ M75K7D9SaX5JcyXYp24p1jnSAQ8wggTKIIyVMYNZeIOpVTyq72IOL08ld8ZNsU1VUhEy d8mB0S8znS7/iJS+oYeNMbY9xMEtuO6sDGU8cOwUl0wXVOo1qwZkqP8Ftvef2KJz/c4E ct9FYCr4WSb9PE35pKnYDd6QyW4xg9uiyJVNjTuKguEJgl547IHqlfWKQEoRSG9C7o62 apww== X-Gm-Message-State: AOJu0YzgUlQi/VDDcqkCXy6L3xygfQMEevwb/VQ+LOL8NRVQNBsnwnUO sMUx7ICGUouy7K3KaAEfdup/5X9DXriZoeaWAhOJ6hCWr7bMCz69tqX0k76YtjphEQgyjEsz8kW WMYUY X-Gm-Gg: ASbGncuXBj061S2UT8V3JbVtVZ3pJ/5XnnpalkWQsSVJw4sKG6g7Aj9bRzwRCy98mzq 5LU4T03uYjQQXTLCsZgvGzK+yf+NKY486U0Kz+selR9wzmxeW8FuXshEPX/SWh87svNphrLvhbs J4nODmTfbrJ6jluaViipqWj4Cni8bzdE+TBwDGCf/zHSGF6to9otcZibHgCOza1tShv8IPX2/HV mZpPEE8/v4cU+cO0uQALoSWfXQCOroOgP4EKXKHaNqM+5SA/W/PyHu8X3ElNN25SNGnG/SlNUxQ CEvYwK0kFf4AKpObS5+opnuQVVRF7+PhjM9WBmGMJIE= X-Google-Smtp-Source: AGHT+IFGNMl5XuFse985u87VPIXs7eK1NlndCUTD5N09qdcl82HOjGEAGnSTQFHPOK6JVm49Z95AUA== X-Received: by 2002:a05:6a21:6d93:b0:210:1c3a:6804 with SMTP id adf61e73a8af0-2188c370aabmr29723035637.31.1748446434858; Wed, 28 May 2025 08:33:54 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.52 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:54 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 09/14] binutils: Fix CVE-2025-1180 Date: Wed, 28 May 2025 08:33:18 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:01 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217373 From: Harish Sadineni Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141351.html] CVE: CVE-2025-1180 cherry picked from upstream commit: https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=f9978defb6fab0bd8583942d97c112b0932ac814 Signed-off-by: Harish Sadineni Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.44.inc | 1 + .../binutils/binutils/CVE-2025-1180.patch | 165 ++++++++++++++++++ 2 files changed, 166 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2025-1180.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.44.inc b/meta/recipes-devtools/binutils/binutils-2.44.inc index 681b42fc3c..6906ab3efb 100644 --- a/meta/recipes-devtools/binutils/binutils-2.44.inc +++ b/meta/recipes-devtools/binutils/binutils-2.44.inc @@ -36,5 +36,6 @@ SRC_URI = "\ file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \ file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ file://0015-CVE-2025-1178.patch \ + file://CVE-2025-1180.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2025-1180.patch b/meta/recipes-devtools/binutils/binutils/CVE-2025-1180.patch new file mode 100644 index 0000000000..073361cf19 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2025-1180.patch @@ -0,0 +1,165 @@ +From 509c5afcd71afd36cd6496f8c84733b11bd5e9e5 Mon Sep 17 00:00:00 2001 +From: Nick Clifton +Date: Thu, 22 May 2025 01:56:17 -0700 +Subject: [PATCH] Backport fix for PR 32642(CVE-2025-1180) + +Backporting the fix from PR 32636 to fix PR 32642 (ld SEGV (illegal read access) +in _bfd_elf_write_section_eh_frame (bfd/elf-eh-frame.c:2234:29) with + --gc-sections --gc-keep-exported option) + +https://nvd.nist.gov/vuln/detail/CVE-2025-1180 is associated with +PR32642 which will get fixed with commit from PR 32636. + +(cherry picked from commit: f9978defb6fab0bd8583942d97c112b0932ac814) +Upstream-Status: Submitted [https://sourceware.org/pipermail/binutils/2025-May/141351.html] +CVE: CVE-2025-1180 + +Signed-off-by: Harish Sadineni +--- + bfd/elflink.c | 88 +++++++++++++++++++++++++-------------------------- + 1 file changed, 44 insertions(+), 44 deletions(-) + +diff --git a/bfd/elflink.c b/bfd/elflink.c +index 6346d7e2b4b..d765b688801 100644 +--- a/bfd/elflink.c ++++ b/bfd/elflink.c +@@ -96,22 +96,37 @@ _bfd_elf_link_keep_memory (struct bfd_link_info *info) + return true; + } + +-asection * +-_bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, +- unsigned long r_symndx, +- bool discard) ++static struct elf_link_hash_entry * ++get_ext_sym_hash (struct elf_reloc_cookie *cookie, unsigned long r_symndx) + { +- if (r_symndx >= cookie->locsymcount +- || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) +- { +- struct elf_link_hash_entry *h; ++ struct elf_link_hash_entry *h = NULL; + ++ if ((r_symndx >= cookie->locsymcount ++ || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ /* Guard against corrupt input. See PR 32636 for an example. */ ++ && r_symndx >= cookie->extsymoff) ++ { + h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; + + while (h->root.type == bfd_link_hash_indirect + || h->root.type == bfd_link_hash_warning) + h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ } ++ ++ return h; ++} + ++asection * ++_bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, ++ unsigned long r_symndx, ++ bool discard) ++{ ++ struct elf_link_hash_entry *h; ++ ++ h = get_ext_sym_hash (cookie, r_symndx); ++ ++ if (h != NULL) ++ { + if ((h->root.type == bfd_link_hash_defined + || h->root.type == bfd_link_hash_defweak) + && discarded_section (h->root.u.def.section)) +@@ -119,21 +134,20 @@ _bfd_elf_section_for_symbol (struct elf_reloc_cookie *cookie, + else + return NULL; + } +- else +- { +- /* It's not a relocation against a global symbol, +- but it could be a relocation against a local +- symbol for a discarded section. */ +- asection *isec; +- Elf_Internal_Sym *isym; + +- /* Need to: get the symbol; get the section. */ +- isym = &cookie->locsyms[r_symndx]; +- isec = bfd_section_from_elf_index (cookie->abfd, isym->st_shndx); +- if (isec != NULL +- && discard ? discarded_section (isec) : 1) +- return isec; +- } ++ /* It's not a relocation against a global symbol, ++ but it could be a relocation against a local ++ symbol for a discarded section. */ ++ asection *isec; ++ Elf_Internal_Sym *isym; ++ ++ /* Need to: get the symbol; get the section. */ ++ isym = &cookie->locsyms[r_symndx]; ++ isec = bfd_section_from_elf_index (cookie->abfd, isym->st_shndx); ++ if (isec != NULL ++ && discard ? discarded_section (isec) : 1) ++ return isec; ++ + return NULL; + } + +@@ -13994,22 +14008,12 @@ _bfd_elf_gc_mark_rsec (struct bfd_link_info *info, asection *sec, + if (r_symndx == STN_UNDEF) + return NULL; + +- if (r_symndx >= cookie->locsymcount +- || ELF_ST_BIND (cookie->locsyms[r_symndx].st_info) != STB_LOCAL) ++ h = get_ext_sym_hash (cookie, r_symndx); ++ ++ if (h != NULL) + { + bool was_marked; + +- h = cookie->sym_hashes[r_symndx - cookie->extsymoff]; +- if (h == NULL) +- { +- info->callbacks->fatal (_("%F%P: corrupt input: %pB\n"), +- sec->owner); +- return NULL; +- } +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; +- + was_marked = h->mark; + h->mark = 1; + /* Keep all aliases of the symbol too. If an object symbol +@@ -15064,17 +15068,12 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie) + if (r_symndx == STN_UNDEF) + return true; + +- if (r_symndx >= rcookie->locsymcount +- || ELF_ST_BIND (rcookie->locsyms[r_symndx].st_info) != STB_LOCAL) +- { +- struct elf_link_hash_entry *h; +- +- h = rcookie->sym_hashes[r_symndx - rcookie->extsymoff]; ++ struct elf_link_hash_entry *h; + +- while (h->root.type == bfd_link_hash_indirect +- || h->root.type == bfd_link_hash_warning) +- h = (struct elf_link_hash_entry *) h->root.u.i.link; ++ h = get_ext_sym_hash (rcookie, r_symndx); + ++ if (h != NULL) ++ { + if ((h->root.type == bfd_link_hash_defined + || h->root.type == bfd_link_hash_defweak) + && (h->root.u.def.section->owner != rcookie->abfd +@@ -15098,6 +15097,7 @@ bfd_elf_reloc_symbol_deleted_p (bfd_vma offset, void *cookie) + || discarded_section (isec))) + return true; + } ++ + return false; + } + return false; +-- +2.49.0 + From patchwork Wed May 28 15:33:19 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63754 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 11669C3ABB2 for ; Wed, 28 May 2025 15:34:01 +0000 (UTC) Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170]) by mx.groups.io with SMTP id smtpd.web11.940.1748446438041914897 for ; Wed, 28 May 2025 08:33:58 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=RFt2PHHO; spf=softfail (domain: sakoman.com, ip: 209.85.210.170, mailfrom: steve@sakoman.com) Received: by mail-pf1-f170.google.com with SMTP id d2e1a72fcca58-742c035f2afso2924676b3a.2 for ; Wed, 28 May 2025 08:33:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446437; x=1749051237; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6ES/7dnEcrBx6GVxPd5oRAXaECbbzpRK+LMJM7OVCzg=; b=RFt2PHHOg1r9wVLb45UzObed7TpV7a9vlBkcnlOti5L2uCJ6txTEJL+lilRuLfJOJ+ a8QAKkPbOHus8gvJcCef3oHWfYByZxgolIBEYIeTN5LnN/tWwIR2qgOTj8kv+ZAAXuyr LZn2XFnFUtOoqjNVXgtDwAgrd5Xk/iUl4TvYUfzFPbUhUZp3EOi5YvAMOW3dYoomiGH/ 4HEIOKdS69lNos62+lj587YCIVmhGwTHo1Em98BMXFv78foWyh/KBIiqkOrS/7GD5OmZ Jhoz0cQcWOQFArafEtQMjoJKp9RUJ5FdQakdBWUReKve08gjTwsIWir5KpFFltYxkCVD 6XtQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446437; x=1749051237; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6ES/7dnEcrBx6GVxPd5oRAXaECbbzpRK+LMJM7OVCzg=; b=FqMxI9Sdazqt4tYzI3KRmxIWdsk3Ddrm17oQxqSlDIRAJu0QEnS/WLmALUepCO8pBi wThKcr0+4myhYPBM14tWhL7GwP55ep1A247LI3FCsAMkdyQDiH1fTfF1eY6NTrPn88bw PZ21yQ558dhVEtcy/DF091zOQUiOko1Ie91CavdxFr1P5EKJ/MYNMuHFwVbrwNjkJy99 XJearsrE6CkMGjG06zsLoHLFYiHUh0QNnj0Rb10RkZodI7iSvDdtYX9CUb2ihsmk2qtS BYm2Bp5bLZZo2xh5lUFLY1ume4AUdAwpmxPxBJodifFbD7hFSqSS/89rLrmDPW5TCQsx eYEA== X-Gm-Message-State: AOJu0YydzcjjrsS2WI36elDkJxTwgnFlDUW4By3ExDuGY9jPvOUF95HN eF2kVDC8SzhXSe9IZn1OylqWsnqgSWpxm99tE2xHm9HZwmpdlaESjRf/hGoNmTFA++7Z9DTrerg d4fYk X-Gm-Gg: ASbGncsaJi3R8AXeo5SjlD6Pt/tua13vELj+LNKlMz6iohQxOW3O2V03MejxCO039Cu qxqyh+NBMPUUFcOaWrqcPDq+2Afv92lbe7sWgsVa0J5amE267A7IdUtmWpQp7/kNAlLokGL3Jqp gRMfZoqVXmCOONCPsRQ3bIX7QXt9rg7B5b+UQnxjCE5e03fcANeg2mZy1c/pT99kteJwNh5ehQ6 ajEMZvvmRU/T4qEb/Lc84hbEmEhDWNuD3+HgI4CgQyx21lM8jz9f9QOPuZc/EtGheErEjBdt3jo koIFwZbcZQqpdgLppIr+cNdmplzn/vxqHfbPCe2o558= X-Google-Smtp-Source: AGHT+IFrAFQacDHdFZgt5ah8TJqxasCfLoPqFY1Usa4LBG9/rP6WACRPqGsGroQ66FhDFLTWcJm1jw== X-Received: by 2002:a05:6a00:2e84:b0:736:53ce:a32c with SMTP id d2e1a72fcca58-745fe0382a7mr22996801b3a.17.1748446437251; Wed, 28 May 2025 08:33:57 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:56 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 10/14] libarchive: upgrade 3.7.8 -> 3.7.9 Date: Wed, 28 May 2025 08:33:19 -0700 Message-ID: <5219998cde17542ae02622de29c5b4a1258772b2.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:01 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217374 From: Peter Marko https://github.com/libarchive/libarchive/releases/tag/v3.7.9 Libarchive 3.7.9 is a bugfix release Important bugfixes: * a regression in libarchive 3.7.8 regarding GNU sparse entries was fixed (#2558) Also remove CVE_STATUS which was obsolete already before this upgrade. (From OE-Core rev: 670f3fa028f3e873acf4c5265d3f5e4a3aa0ec89) Signed-off-by: Peter Marko Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie Signed-off-by: Steve Sakoman --- .../libarchive/{libarchive_3.7.8.bb => libarchive_3.7.9.bb} | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) rename meta/recipes-extended/libarchive/{libarchive_3.7.8.bb => libarchive_3.7.9.bb} (91%) diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.8.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb similarity index 91% rename from meta/recipes-extended/libarchive/libarchive_3.7.8.bb rename to meta/recipes-extended/libarchive/libarchive_3.7.9.bb index d78b38d3e9..9d134f7d38 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.7.8.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb @@ -33,9 +33,7 @@ SRC_URI = "https://libarchive.org/downloads/libarchive-${PV}.tar.gz" UPSTREAM_CHECK_URI = "http://libarchive.org/" -SRC_URI[sha256sum] = "a123d87b1bd8adb19e8c187da17ae2d957c7f9596e741b929e6b9ceefea5ad0f" - -CVE_STATUS[CVE-2023-30571] = "upstream-wontfix: upstream has documented that reported function is not thread-safe" +SRC_URI[sha256sum] = "aa90732c5a6bdda52fda2ad468ac98d75be981c15dde263d7b5cf6af66fd009f" inherit autotools update-alternatives pkgconfig From patchwork Wed May 28 15:33:20 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63753 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 1F7C3C5AD49 for ; Wed, 28 May 2025 15:34:01 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web10.928.1748446439747536230 for ; Wed, 28 May 2025 08:33:59 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=PRpejvdS; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-742b614581dso4312918b3a.3 for ; Wed, 28 May 2025 08:33:59 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446439; x=1749051239; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Ir38TpFMxMaLSjboIDQRYE77t5en0Gb6e1Il7qjc6BM=; b=PRpejvdSG57rpH6H0sSGSJyEPL2NsmzM12Gg5lAr5rdjLZ1AVnKM2k91KNMq3/ZDdc qWL/Mhs1i7jMNBLhDvw6qcRkAQuHuPO/phNX7DW67f3hAU5f6thX57sdJwMhb+lGorSY 8yJMB0qlqkaAcDs4mbznegDkWMu7Iost9P6DSjlA8OsgJDWuFeTGc4bgK/7V7pZ+g1jC Wra7UNMwnlfxRuRSkgeyAl6KKgtYJQJ+8T8vmczQ1Bzg+dyIA/5n1yiKpcOoqaUtb3I+ SVd0iauhEO+VYyCrHVocCl47C/hjebWWqAgrvlRULnRaYpxSTs7nOVFmZSzqy+5EKvNq hJsQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446439; x=1749051239; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Ir38TpFMxMaLSjboIDQRYE77t5en0Gb6e1Il7qjc6BM=; b=Yag7e0D1PPDG2GcE9oW+eM7j/KPv1Zdnne1mLlr/kZ2wTDPmzMp/Uz9kCWBIiZ3HNV ZLCkvCUlsoRjp1R4M1k2GFUYXsL7UizYynb0hD82byLpGxDVEydhqlQQxhH2MsNihtog iJh2fhcuxGy9bfhjrHgANYmgN4phqZQTWLTlXhCiX5kCxdv/l9v1l21pcSh6DosyGfmK 9CoJ2rmf5Y/y1lXS1cgF85JNd7k5OE/Eg2cmXqu+7Fg87YgxCPuMCPirOKluESMgKeJ4 D2vY/p1XlRKGTTO9U/mrjQMx8ZP+WBiHBmF8Z6IPB0dRiJaI2tKCNo2516Ph6Quwy5+3 Vr4Q== X-Gm-Message-State: AOJu0YyjL6bjuIPXLZmX2LSUzZo01VvJpzwIKvfxlkdG6VDyQpEzLRhs qGkfoO+x3e2NgeqzAki+VjmPDUfL+i2vmgpRZ7IyWgdIzD5Br5gOBdGtn0bKBG3t/38yDBqMMKb TI8xn X-Gm-Gg: ASbGncsUK3uPlKRptxnwL9kPLKoKUSeolZQq7ZkkLOPX2eYe9CMdE7SWFcqNnNOEegA y+OoH1In9v4CVh2xlEqKINk3DqaPVd6LpFtxmDPSfHTJXptDyJfKBcRUgmNpVDy5eVsYWCIiMBN aZHyQcRmBJM4Oy+MaUTTh2klaLzDqMUWnpuTFfJieMLgn5FqZ5Bz13zgykktCLTDsgGFwQga6Sa CNbM4ViF8C14dBH3nNG3uhUoxUm3Dc38RxiipZzDgi5VkQCeAdHbpzSyr/uIegaU8pa/aCRhntd 0I6U3w1qpehOBl5JGtZdSwd0TP9AZBlWtRHzWRAF7CE7QkDHqGtkEw== X-Google-Smtp-Source: AGHT+IEgE8B7LcJKkNKTAcL1Z1Fjh8NJN2+m+tH/I8O2BzFhRkCB58BUdCOt1FD3BzA+4pvAAVzsWQ== X-Received: by 2002:a05:6a00:21c6:b0:736:5664:53f3 with SMTP id d2e1a72fcca58-745fe06456bmr21599157b3a.15.1748446438842; Wed, 28 May 2025 08:33:58 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.58 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:33:58 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 11/14] epiphany: upgrade 48.0 -> 48.3 Date: Wed, 28 May 2025 08:33:20 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:01 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217375 From: Wang Mingyu Changelog: =========== - Fix crash when opening downloaded file - Fix crash when opening incognito window - Fix Crash when trying to select download location - Fix Crash in escape_csv_field() when exporting passwords - Fix Adding WhatsApp as a web app crashes - Fix Pressing Escape key in addressbar resets the cursor to beginning of the widget - Fix Epiphay shouldn't show the privacy dialog in incognito mode - Fix (CVE-2025-3839) Require user interaction before opening URL in external application - Fix Code cleanup - Fix window: fix crash when force closing window without session - Fix Several fixes for password export - Fix Remove Granite support from Tech Preview and Canary - Fix find-toolbar: fix crash on load-changed Signed-off-by: Wang Mingyu Signed-off-by: Richard Purdie (master rev: 2c60159fffd76b5dbe75bf7d6758e5f78b166714) Signed-off-by: Zhang Peng Signed-off-by: Steve Sakoman --- .../epiphany/{epiphany_48.0.bb => epiphany_48.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-gnome/epiphany/{epiphany_48.0.bb => epiphany_48.3.bb} (94%) diff --git a/meta/recipes-gnome/epiphany/epiphany_48.0.bb b/meta/recipes-gnome/epiphany/epiphany_48.3.bb similarity index 94% rename from meta/recipes-gnome/epiphany/epiphany_48.0.bb rename to meta/recipes-gnome/epiphany/epiphany_48.3.bb index 9eff56df3a..74a17be5a5 100644 --- a/meta/recipes-gnome/epiphany/epiphany_48.0.bb +++ b/meta/recipes-gnome/epiphany/epiphany_48.3.bb @@ -31,7 +31,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@oe.utils.trim_version("${PV}", 1)}/${GN file://migrator.patch \ file://distributor.patch \ " -SRC_URI[archive.sha256sum] = "c9d1f6dffbad03b0916436901c770da302879ca60a636d2b72b25b142ec05f80" +SRC_URI[archive.sha256sum] = "da2953e7e2b73bf7473c0a33979104d79362795295eaa0a2a38ea188537daf13" # Developer mode enables debugging PACKAGECONFIG[developer-mode] = "-Ddeveloper_mode=true,-Ddeveloper_mode=false" From patchwork Wed May 28 15:33:21 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63757 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2553DC5AD49 for ; Wed, 28 May 2025 15:34:11 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web11.942.1748446441148379063 for ; Wed, 28 May 2025 08:34:01 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=IPhOPCg9; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-73bf5aa95e7so3422488b3a.1 for ; Wed, 28 May 2025 08:34:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446440; x=1749051240; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=p5Oq3i6jU2EWWVWPYCVJjEwzq4x3v8wBu9A7R0tloUo=; b=IPhOPCg9NFZ0+MMoGjiHDru4Y9E1JjqiZ3qU0SHpe6FWVSctqVEyCUmaCEo43z5EHU vMUR3/7WBOXVm4E8+wW0wPCP/M1KmMMZoeNEZFLUlWQh+yrUNOkavrl7YuhRQkCxS3cw jdkbuvF3ae+G8uGayz0Ek1wYOPhCQA5ClES5s4Cs6lDsYGXYdDoJvAVIB1nAtiFwVBWE Bzl9o3ggDhjjsFW1ZvY5paNZRHdL42mGHZ9YHdMatmPQ4fl+3uxSQEmx0PhwjJGZohCB AsXBdRqB7xMlMH6XsasgQzl48ODLL+geZUrqJ1UkJhiUxTd/MPQYYjGHg/usoE6YJvev qkhQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446440; x=1749051240; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=p5Oq3i6jU2EWWVWPYCVJjEwzq4x3v8wBu9A7R0tloUo=; b=Hro0iFEVaXctiQ0LQKFK2FrnUIqWnEOPASLwyXdRjREAdUvaWf+os8Ej2j7osi+i67 ZZDs3/E1qY2lUhNIQqQvQPOlZMQqA75Yg0ybnV4w7KTlwxMj+LCyTdZCCNwCdlkJw0N3 BcvacqM1XKOm1HP8Za8Y0x6y0BRAZKIJpPblIaFkkq543GtCy/nHgHiRQP4ywJ+DlinP V77Wbza611/4Hi4OzdzwohBCTWI4A7BBpQBBwvUvp7mQ1LPiaXfgDpPDxQshb0V9rEq+ KMdDMOXIeF9+6Ca8rWN/LKikR1ugI4U0pCvo4H8Z8WFYxYq6E9cpOQVmtnMQBWWKS3cc yV0w== X-Gm-Message-State: AOJu0YwFIrgRWs6LlBpLyCVWYq8eZkjaaFGAfm2Lzix7onwKg7AnCNdR voOj8pae69zrxgkUqub8RU25yxnl4eISSyFiZTqkPuQ1Ow5y2ajomckRUt15dRgIqbR2OeLML5g ouvAV X-Gm-Gg: ASbGnct9Cs6/hjj5I6P+1n86HjdQhlhhXdN3wXmo/kneXSNvkTT6KjOSQTvBSj9h5fi y9UFIkeYqEaV5oQVv2gWeRCuJvxqacHe5GQj+FEIUD2UOBtirR+LkAjRQ2NBMO3mHKOqp0fZKZF eY5x/hhkRwFqqaTrFiL0iVy97ZCzVt6nfdheWUw4zpFj9tTnIeFcpmS/OzSDDI2DqlBEpnXzo07 w39QyEVhYWFRtjv1HpAcxrhMvn8TDF7pj5Xh021+DlG+a1DIvoKcwpl1Ce72u0UT6fAZTD2i5uF x+8NSpCnfb2XQxfj2iJ4bEomk1oaYGRXcIKkt7g8OS8= X-Google-Smtp-Source: AGHT+IEmx5LSwB2S8kLFI1yzJAc3lRMvtuBknFI9iVqkLJJvhG++QqI9REeMB4IOgio0ksLDANFeXg== X-Received: by 2002:a05:6a00:a06:b0:742:a77b:8bc with SMTP id d2e1a72fcca58-745fdf7710fmr24952892b3a.2.1748446440342; Wed, 28 May 2025 08:34:00 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.33.59 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:34:00 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 12/14] libmatchbox: upgrade 1.13 -> 1.14 Date: Wed, 28 May 2025 08:33:21 -0700 Message-ID: <34a33332d530278d42f9d402da051ad7272cf555.1748446235.git.steve@sakoman.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:11 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217376 From: Gyorgy Sarvari Includes a fix for the library version to match the tagged version in git. (From OE-Core rev: 3ba4b22ef7e50e017d25ba974666f2fdf190a8fd) Signed-off-by: Gyorgy Sarvari Signed-off-by: Richard Purdie Signed-off-by: Yi Zhao Signed-off-by: Steve Sakoman --- .../libmatchbox/{libmatchbox_1.13.bb => libmatchbox_1.14.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta/recipes-graphics/libmatchbox/{libmatchbox_1.13.bb => libmatchbox_1.14.bb} (95%) diff --git a/meta/recipes-graphics/libmatchbox/libmatchbox_1.13.bb b/meta/recipes-graphics/libmatchbox/libmatchbox_1.14.bb similarity index 95% rename from meta/recipes-graphics/libmatchbox/libmatchbox_1.13.bb rename to meta/recipes-graphics/libmatchbox/libmatchbox_1.14.bb index f212eb5e96..87ec4c812f 100644 --- a/meta/recipes-graphics/libmatchbox/libmatchbox_1.13.bb +++ b/meta/recipes-graphics/libmatchbox/libmatchbox_1.14.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=87712c91ca9a2c2d475a0604c00f8f54 \ DEPENDS = "virtual/libx11 libxext" -SRCREV = "35cd78efa3120efc46497f55c04382be960d1864" +SRCREV = "04b214a0d5cf8285e196d90bf2332626b12c74ef" SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master;protocol=https;tag=${PV}" S = "${WORKDIR}/git" From patchwork Wed May 28 15:33:22 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63759 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2F51DC3ABB2 for ; Wed, 28 May 2025 15:34:11 +0000 (UTC) Received: from mail-pf1-f174.google.com (mail-pf1-f174.google.com [209.85.210.174]) by mx.groups.io with SMTP id smtpd.web11.944.1748446444033095006 for ; Wed, 28 May 2025 08:34:04 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=StLkW59v; spf=softfail (domain: sakoman.com, ip: 209.85.210.174, mailfrom: steve@sakoman.com) Received: by mail-pf1-f174.google.com with SMTP id d2e1a72fcca58-7424ccbef4eso3618197b3a.2 for ; Wed, 28 May 2025 08:34:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446443; x=1749051243; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=6KU0sGW6Zmbf9fpYlPD3P3ID+SC/ksCs//G88yO/tNE=; b=StLkW59vgK2cH8CSKwa27kLjkGVexh9m7y+taHL+pzOkGIp2N8fszB8Sl9nX/WvOA9 tNIo7hHbeWHWsJ92U/deqPCiXlPL7zyRRtpCquQI4OlTTBpjin1jFxEiHAizrFN4P2Zw FtNEoQU/tXnCeCQw70UB1RpJD0SUUpHArBZBGhnZEZjxaip96Vk3nQBj/rOp2PWXGtNG RAk/1Gc/yecrWqsb4mFRd3FjcxraGu0afCzMaOyJbK93FxO2NnUKYxgLRTNDb7tVl1pE EMjmNj9YV/r08tfU+8nJmkfbVqi9GrIV2szEpC7xastIBIWXFJefwtv+kC6K6tzuY+8p nzAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446443; x=1749051243; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6KU0sGW6Zmbf9fpYlPD3P3ID+SC/ksCs//G88yO/tNE=; b=fTgvZip6nEbAp73rnw9fdnQ+wOrhsGbDvuWdaxbWdvYdvKO9oVWxiOFEgSgwZ8g9Pp dtaYCTd2CuzI35oeoxTjDQ2EE4VVRuxAuz6He60ZMjOVGRXmY85iulJ2z7a7u4Ywrvfv Hb8nIlHFMt0yV5urUF/sDrBb6fTrY/tlkQ35F0jrlnMb937pj85KnZe9xaha1Fb1x+cX JdVg4r5ac8ZwOhgaFOA0FMXTmPGjN7zsBoHUNZHDvd0cryHhG7D1ho35frN2wgdqrfsc PV3ikS2+QCsoWccMzys8Wp8Hj5z5yWgujo2Ig9CAiW8/4KeSmWlCauoVWzKCN36NzQT+ DZ4A== X-Gm-Message-State: AOJu0YwaYCcqgt4mWflvDN9GWbEwE46AvqJ+BuPJGCBMDrNyQEIivUcy EI4+CwKC+dCMrGFsMMdSK79A6vQNTzdrcK6Z4SIzAmxjtjwBWN4c1nn1hXisz79l6ej+mTJfitl pWukL X-Gm-Gg: ASbGnctwLaDk/xmbnkf0tgdgsfWqkyo3yOp0k4ne46HrFf/JttLgkKA2wsTlFdEmzkz HR2xzo6xCcyaVxAK2inBg+zGwqj11VuRWOaPbSOunNKjcC7lHcbYIStS8t2eq455ndx+LdJg6gv 0rvYrhu+NqIOhIwR4B0YPqXgsRtPCvKW/eAlyyr1GGqTxibP6JnyghqX7tA4R98f0CDiKNJIDjE ufycrxHlX7ybZHAM57Rmx53RpcndAUt+G2KC9cZWYoHTo0x++zXiLZihA1erNIvA+51e9EEZA38 9S7K/iyZk/uV311QzSkShuifSgjU+Mu/jNbBbaEHQVRXqWzKCiLa8A== X-Google-Smtp-Source: AGHT+IF0gRHg9LPZtJi3UUCTLpRU3tV7bGgzlMhlBx7GOu7fIZwoJYDKE+qog8eg6j646n3IqnRIaA== X-Received: by 2002:a05:6a00:1747:b0:730:75b1:7219 with SMTP id d2e1a72fcca58-745fdf4b8a4mr26346349b3a.12.1748446442542; Wed, 28 May 2025 08:34:02 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.34.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:34:02 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 13/14] gcc: fix incorrect preprocessor line numbers in large files Date: Wed, 28 May 2025 08:33:22 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:11 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217377 From: Yash Shinde Resolve static assertion failures caused by incorrect line numbers after #include directives, introduced by the backport of PR108900 to GCC. Update line map handling to correctly compute locations in large files, including fixes for both LC_ENTER and LC_LEAVE to ensure accurate line number resolution in rare edge cases. https://gcc.gnu.org/cgit/gcc/commit/?id=edf745dc519ddbfef127e2789bf11bfbacd300b7 Signed-off-by: Yash Shinde Signed-off-by: Steve Sakoman --- meta/recipes-devtools/gcc/gcc-14.2.inc | 1 + ...-incorrect-preprocessor-line-numbers.patch | 475 ++++++++++++++++++ 2 files changed, 476 insertions(+) create mode 100644 meta/recipes-devtools/gcc/gcc/0028-fix-incorrect-preprocessor-line-numbers.patch diff --git a/meta/recipes-devtools/gcc/gcc-14.2.inc b/meta/recipes-devtools/gcc/gcc-14.2.inc index f4e364f692..fa9003f604 100644 --- a/meta/recipes-devtools/gcc/gcc-14.2.inc +++ b/meta/recipes-devtools/gcc/gcc-14.2.inc @@ -72,6 +72,7 @@ SRC_URI = "${BASEURI} \ file://0027-gcc-backport-patch-to-fix-data-relocation-to-ENDBR-s.patch \ file://gcc.git-ab884fffe3fc82a710bea66ad651720d71c938b8.patch \ file://0001-arm-Fix-LDRD-register-overlap-PR117675.patch \ + file://0028-fix-incorrect-preprocessor-line-numbers.patch \ " S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/${SOURCEDIR}" diff --git a/meta/recipes-devtools/gcc/gcc/0028-fix-incorrect-preprocessor-line-numbers.patch b/meta/recipes-devtools/gcc/gcc/0028-fix-incorrect-preprocessor-line-numbers.patch new file mode 100644 index 0000000000..5185236a3d --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0028-fix-incorrect-preprocessor-line-numbers.patch @@ -0,0 +1,475 @@ +From 8cbe033a8a88fe6437cc5d343ae0ddf8dd3455c8 Mon Sep 17 00:00:00 2001 +From: Jakub Jelinek +Date: Thu, 8 May 2025 11:14:24 +0200 +Subject: libcpp: Further fixes for incorrect line numbers in large files + [PR120061] +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The backport of the PR108900 fix to 14 branch broke building chromium +because static_assert (__LINE__ == expected_line_number, ""); now triggers +as the __LINE__ values are off by one. +This isn't the case on the trunk and 15 branch because we've switched +to 64-bit location_t and so one actually needs far longer header files +to trigger it. +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c11 +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c12 +contain (large) testcases in patch form which show on the 14 branch +that the first one used to fail before the PR108900 backport and now +works correctly, while the second one attempts to match the chromium +behavior and it used to pass before the PR108900 backport and now it +FAILs. +The two testcases show rare problematic cases, because +do_include_common -> parse_include -> check_eol -> check_eol_1 -> +cpp_get_token_1 -> _cpp_lex_token -> _cpp_lex_direct -> linemap_line_start +triggers there + /* Allocate the new line_map. However, if the current map only has a + single line we can sometimes just increase its column_bits instead. */ + if (line_delta < 0 + || last_line != ORDINARY_MAP_STARTING_LINE_NUMBER (map) + || SOURCE_COLUMN (map, highest) >= (1U << (column_bits - range_bits)) + || ( /* We can't reuse the map if the line offset is sufficiently + large to cause overflow when computing location_t values. */ + (to_line - ORDINARY_MAP_STARTING_LINE_NUMBER (map)) + >= (((uint64_t) 1) + << (CHAR_BIT * sizeof (linenum_type) - column_bits))) + || range_bits < map->m_range_bits) + map = linemap_check_ordinary + (const_cast + (linemap_add (set, LC_RENAME, + ORDINARY_MAP_IN_SYSTEM_HEADER_P (map), + ORDINARY_MAP_FILE_NAME (map), + to_line))); +and so creates a new ordinary map on the line right after the +(problematic) #include line. +Now, in the spot that r14-11679-g8a884140c2bcb7 patched, +pfile->line_table->highest_location in all 3 tests (also +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c13 +) is before the decrement the start of the line after the #include line and so +the decrement is really desirable in that case to put highest_location +[jakub@tucnak gcc-15]$ git log -1 --format=%B r15-9638-gbfcb5da69a41f7a5e41faab39b763d9d7c8bd2ea | cat +libcpp: Further fixes for incorrect line numbers in large files [PR120061] + +The backport of the PR108900 fix to 14 branch broke building chromium +because static_assert (__LINE__ == expected_line_number, ""); now triggers +as the __LINE__ values are off by one. +This isn't the case on the trunk and 15 branch because we've switched +to 64-bit location_t and so one actually needs far longer header files +to trigger it. +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c11 +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c12 +contain (large) testcases in patch form which show on the 14 branch +that the first one used to fail before the PR108900 backport and now +works correctly, while the second one attempts to match the chromium +behavior and it used to pass before the PR108900 backport and now it +FAILs. +The two testcases show rare problematic cases, because +do_include_common -> parse_include -> check_eol -> check_eol_1 -> +cpp_get_token_1 -> _cpp_lex_token -> _cpp_lex_direct -> linemap_line_start +triggers there + /* Allocate the new line_map. However, if the current map only has a + single line we can sometimes just increase its column_bits instead. */ + if (line_delta < 0 + || last_line != ORDINARY_MAP_STARTING_LINE_NUMBER (map) + || SOURCE_COLUMN (map, highest) >= (1U << (column_bits - range_bits)) + || ( /* We can't reuse the map if the line offset is sufficiently + large to cause overflow when computing location_t values. */ + (to_line - ORDINARY_MAP_STARTING_LINE_NUMBER (map)) + >= (((uint64_t) 1) + << (CHAR_BIT * sizeof (linenum_type) - column_bits))) + || range_bits < map->m_range_bits) + map = linemap_check_ordinary + (const_cast + (linemap_add (set, LC_RENAME, + ORDINARY_MAP_IN_SYSTEM_HEADER_P (map), + ORDINARY_MAP_FILE_NAME (map), + to_line))); +and so creates a new ordinary map on the line right after the +(problematic) #include line. +Now, in the spot that r14-11679-g8a884140c2bcb7 patched, +pfile->line_table->highest_location in all 3 tests (also +https://gcc.gnu.org/bugzilla/show_bug.cgi?id=120061#c13 +) is before the decrement the start of the line after the #include line and so +the decrement is really desirable in that case to put highest_location +somewhere on the line where the #include actually is. +But at the same time it is also undesirable, because if we do decrement it, +then linemap_add LC_ENTER called from _cpp_do_file_change will then + /* Generate a start_location above the current highest_location. + If possible, make the low range bits be zero. */ + location_t start_location = set->highest_location + 1; + unsigned range_bits = 0; + if (start_location < LINE_MAP_MAX_LOCATION_WITH_COLS) + range_bits = set->default_range_bits; + start_location += (1 << range_bits) - 1; + start_location &= ~((1 << range_bits) - 1); + + linemap_assert (!LINEMAPS_ORDINARY_USED (set) + || (start_location + >= MAP_START_LOCATION (LINEMAPS_LAST_ORDINARY_MAP (set)))); +and we can end up with the new LC_ENTER ordinary map having the same +start_location as the preceding LC_RENAME one. +Next thing that happens is computation of included_from: + if (reason == LC_ENTER) + { + if (set->depth == 0) + map->included_from = 0; + else + /* The location of the end of the just-closed map. */ + map->included_from + = (((map[0].start_location - 1 - map[-1].start_location) + & ~((1 << map[-1].m_column_and_range_bits) - 1)) + + map[-1].start_location); +The normal case (e.g. with the testcase included at the start of this comment) is +that map[-1] starts somewhere earlier and so map->included_from computation above +nicely computes location_t which expands to the start of the #include line. +With r14-11679 reverted, for #c11 as well as #c12 +map[0].start_location == map[-1].start_location above, and so it is +((location_t) -1 & ~((1 << map[-1].m_column_and_range_bits) - 1))) ++ map[-1].start_location, +which happens to be start of the #include line. +For #c11 map[0].start_location is 0x500003a0 and map[-1] has +m_column_and_range_bits 7 and map[-2] has m_column_and_range_bits 12 and +map[0].included_from is set to 0x50000320. +For #c12 map[0].start_location is 0x606c0402 and map[-2].start_location is +0x606c0400 and m_column_and_range_bits is 0 for all 3 maps. +map[0].included_from is set to 0x606c0401. +The last important part is again in linemap_add when doing LC_LEAVE: + /* (MAP - 1) points to the map we are leaving. The + map from which (MAP - 1) got included should be the map + that comes right before MAP in the same file. */ + from = linemap_included_from_linemap (set, map - 1); + + /* A TO_FILE of NULL is special - we use the natural values. */ + if (to_file == NULL) + { + to_file = ORDINARY_MAP_FILE_NAME (from); + to_line = SOURCE_LINE (from, from[1].start_location); + sysp = ORDINARY_MAP_IN_SYSTEM_HEADER_P (from); + } +Here it wants to compute the right to_line which ought to be the line after +the #include directive. +On the #c11 testcase that doesn't work correctly though, because +map[-1].included_from is 0x50000320, from[0] for that is LC_ENTER with +start_location 0x4080 and m_column_and_range_bits 12 but note that we've +earlier computed map[-1].start_location + (-1 & 0xffffff80) and so only +decreased by 7 bits, so to_line is still on the line with #include and not +after it. In the #c12 that doesn't happen, all the ordinary maps involved +there had 0 m_column_and_range_bits and so this computes correct line. + +Below is a fix for the trunk including testcases using the +location_overflow_plugin hack to simulate the bugs without needing huge +files (in the 14 case it is just 330KB and almost 10MB, but in the 15 +case it would need to be far bigger). +The pre- r15-9018 trunk has +FAIL: gcc.dg/plugin/location-overflow-test-pr116047.c -fplugin=./location_overflow_plugin.so scan-file static_assert[^\n\r]*6[^\n\r]*== 6 +and current trunk +FAIL: gcc.dg/plugin/location-overflow-test-pr116047.c -fplugin=./location_overflow_plugin.so scan-file static_assert[^\n\r]*6[^\n\r]*== 6 +FAIL: gcc.dg/plugin/location-overflow-test-pr120061.c -fplugin=./location_overflow_plugin.so scan-file static_assert[^\n\r]*5[^\n\r]*== 5 +and with the patch everything PASSes. + +The patch reverts the r14-11679 change, because it is incorrect, +we really need to decrement it even when crossing ordinary map +boundaries, so that the location is not on the line after the #include +line but somewhere on the #include line. It also patches two spots +in linemap_add mentioned above to make sure we get correct locations +both in the included_from location_t when doing LC_ENTER (second +line-map.cc hunk) and when doing LC_LEAVE to compute the right to_line +(first line-map.cc hunk), both in presence of an added LC_RENAME +with the same start_location as the following LC_ENTER (i.e. the +problematic cases). +The LC_ENTER hunk is mostly to ensure included_form location_t is +at the start of the #include line (column 0), without it we can +decrease include_from not enough and end up at some random column +in the middle of the line, because it is masking away +map[-1].m_column_and_range_bits bits even when in the end the resulting +include_from location_t will be found in map[-2] map with perhaps +different m_column_and_range_bits. That alone doesn't fix the bug +though. +The more important is the LC_LEAVE hunk and the problem there is +caused by linemap_line_start not actually doing + r = set->highest_line + (line_delta << map->m_column_and_range_bits); +when adding a new map (the LC_RENAME one because we need to switch to +different number of directly encoded ranges, or columns, etc.). +So, in the original PR108900 case that + to_line = SOURCE_LINE (from, from[1].start_location); +doesn't do the right thing, from there is the last < 0x50000000 map +with m_column_and_range_bits 12, from[1] is the first one above it +and map[-1].included_from is the correct location of column 0 on +the #include line, but as the new LC_RENAME map has been created without +actually increasing highest_location to be on the new line (we've just +set to_line of the new LC_RENAME map to the correct line), + to_line = SOURCE_LINE (from, from[1].start_location); +stays on the same source line. I've tried to just replace that with + to_line = SOURCE_LINE (from, linemap_included_from (map - 1)) + 1; +i.e. just find out the #include line from map[-1].included_from and +add 1 to it, unfortunately that breaks the +c-c++-common/cpp/line-4.c +test where we expect to stay on the same 0 line for LC_LEAVE from + and gcc.dg/cpp/trad/Wunused.c, gcc.dg/cpp/trad/builtins.c +and c-c++-common/analyzer/named-constants-via-macros-traditional.c tests +all with -traditional-cpp preprocessing where to_line is also off-by-one +from the expected one. +So, this patch instead conditionalizes it, uses the + to_line = SOURCE_LINE (from, linemap_included_from (map - 1)) + 1; +way only if from[1] is a LC_RENAME map (rather than the usual +LC_ENTER one), that should limit it to the problematic cases of when +parse_include peeked after EOL and had to create LC_RENAME map with +the same start_location as the LC_ENTER after it. + +Some further justification for the LC_ENTER hunk, using the +https://gcc.gnu.org/pipermail/gcc-patches/2025-May/682774.html testcase +(old is 14 before r14-11679, vanilla current 14 and new with the 14 patch) +I get +$ /usr/src/gcc-14/obj/gcc/cc1.old -quiet -std=c23 pr116047.c -nostdinc +In file included from pr116047-1.h:327677:21, + from pr116047.c:4: +pr116047-2.h:1:1: error: unknown type name ‘a’ + 1 | a b c; + | ^ +pr116047-2.h:1:5: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘c’ + 1 | a b c; + | ^ +pr116047-1.h:327677:1: error: static assertion failed: "" +327677 | #include "pr116047-2.h" + | ^~~~~~~~~~~~~ +$ /usr/src/gcc-14/obj/gcc/cc1.vanilla -quiet -std=c23 pr116047.c -nostdinc +In file included from pr116047-1.h:327678, + from pr116047.c:4: +pr116047-2.h:1:1: error: unknown type name ‘a’ + 1 | a b c; + | ^ +pr116047-2.h:1:5: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘c’ + 1 | a b c; + | ^ +$ /usr/src/gcc-14/obj/gcc/cc1.new -quiet -std=c23 pr116047.c -nostdinc +In file included from pr116047-1.h:327677, + from pr116047.c:4: +pr116047-2.h:1:1: error: unknown type name ‘a’ + 1 | a b c; + | ^ +pr116047-2.h:1:5: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘c’ + 1 | a b c; + | ^ + +pr116047-1.h has on lines 327677+327678: + #include "pr116047-2.h" + static_assert (__LINE__ == 327678, ""); +so the static_assert failure is something that was dealt mainly in the +LC_LEAVE hunk and files.cc reversion, but please have a look at the +In file included from lines. +14.2 emits correct line (#include "pr116047-2.h" is indeed on line +327677) but some random column in there (which is not normally printed +for smaller headers; 21 is the . before extension in the filename). +Current trunk emits incorrect line (327678 instead of 327677, clearly +it didn't decrement). +And the patched compiler emits the right line with no column, as would +be printed if I remove e.g. 300000 newlines from the file. + +2025-05-08 Jakub Jelinek + + PR preprocessor/108900 + PR preprocessor/116047 + PR preprocessor/120061 + * files.cc (_cpp_stack_file): Revert 2025-03-28 change. + * line-map.cc (linemap_add): Use + SOURCE_LINE (from, linemap_included_from (map - 1)) + 1; instead of + SOURCE_LINE (from, from[1].start_location); to compute to_line + for LC_LEAVE if from[1].reason is LC_RENAME. For LC_ENTER + included_from computation, look at map[-2] or even lower if map[-1] + has the same start_location as map[0]. + + * gcc.dg/plugin/plugin.exp: Add location-overflow-test-pr116047.c + and location-overflow-test-pr120061.c. + * gcc.dg/plugin/location_overflow_plugin.c (plugin_init): Don't error + on unknown values, instead just break. + * gcc.dg/plugin/location-overflow-test-pr116047.c: New test. + * gcc.dg/plugin/location-overflow-test-pr116047-1.h: New test. + * gcc.dg/plugin/location-overflow-test-pr116047-2.h: New test. + * gcc.dg/plugin/location-overflow-test-pr120061.c: New test. + * gcc.dg/plugin/location-overflow-test-pr120061-1.h: New test. + * gcc.dg/plugin/location-overflow-test-pr120061-2.h: New test. + +Upstream-Status: Backport [https://gcc.gnu.org/cgit/gcc/commit/?id=edf745dc519ddbfef127e2789bf11bfbacd300b7] +Signed-off-by: Yash Shinde +--- + .../plugin/location-overflow-test-pr116047-1.h | 6 +++ + .../plugin/location-overflow-test-pr116047-2.h | 1 + + .../plugin/location-overflow-test-pr116047.c | 5 +++ + .../plugin/location-overflow-test-pr120061-1.h | 6 +++ + .../plugin/location-overflow-test-pr120061-2.h | 1 + + .../plugin/location-overflow-test-pr120061.c | 6 +++ + .../gcc.dg/plugin/location_overflow_plugin.c | 2 +- + gcc/testsuite/gcc.dg/plugin/plugin.exp | 4 +- + libcpp/line-map.cc | 48 ++++++++++++++++++---- + 10 files changed, 69 insertions(+), 18 deletions(-) + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-1.h + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-2.h + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047.c + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-1.h + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-2.h + create mode 100644 gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061.c + +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-1.h b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-1.h +new file mode 100644 +index 000000000000..3dd6434a938b +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-1.h +@@ -0,0 +1,6 @@ ++ ++ ++ ++ ++#include "location-overflow-test-pr116047-2.h" ++static_assert (__LINE__ == 6, ""); +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-2.h b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-2.h +new file mode 100644 +index 000000000000..048f715b4656 +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047-2.h +@@ -0,0 +1 @@ ++int i; +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047.c b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047.c +new file mode 100644 +index 000000000000..33f2c4ce8def +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr116047.c +@@ -0,0 +1,5 @@ ++/* PR preprocessor/116047 */ ++/* { dg-do preprocess } */ ++/* { dg-options "-nostdinc -std=c23 -fplugin-arg-location_overflow_plugin-value=0x4fff8080" } */ ++#include "location-overflow-test-pr116047-1.h" ++/* { dg-final { scan-file location-overflow-test-pr116047.i "static_assert\[^\n\r]\*6\[^\n\r]\*== 6" } } */ +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-1.h b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-1.h +new file mode 100644 +index 000000000000..ebf7704f568e +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-1.h +@@ -0,0 +1,6 @@ ++ ++ ++ ++ ++#include "location-overflow-test-pr120061-2.h" ++ +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-2.h b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-2.h +new file mode 100644 +index 000000000000..048f715b4656 +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061-2.h +@@ -0,0 +1 @@ ++int i; +diff --git a/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061.c b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061.c +new file mode 100644 +index 000000000000..e8e803898da3 +--- /dev/null ++++ b/gcc/testsuite/gcc.dg/plugin/location-overflow-test-pr120061.c +@@ -0,0 +1,6 @@ ++/* PR preprocessor/120061 */ ++/* { dg-do preprocess } */ ++/* { dg-options "-nostdinc -std=c23 -fplugin-arg-location_overflow_plugin-value=0x61000000" } */ ++#include "location-overflow-test-pr120061-1.h" ++static_assert (__LINE__ == 5, ""); ++/* { dg-final { scan-file location-overflow-test-pr120061.i "static_assert\[^\n\r]\*5\[^\n\r]\*== 5" } } */ +diff --git a/gcc/testsuite/gcc.dg/plugin/location_overflow_plugin.c b/gcc/testsuite/gcc.dg/plugin/location_overflow_plugin.c +index d0a6b0755648..6f4497a1cb16 100644 +--- a/gcc/testsuite/gcc.dg/plugin/location_overflow_plugin.c ++++ b/gcc/testsuite/gcc.dg/plugin/location_overflow_plugin.c +@@ -101,7 +101,7 @@ plugin_init (struct plugin_name_args *plugin_info, + break; + + default: +- error_at (UNKNOWN_LOCATION, "unrecognized value for plugin argument"); ++ break; + } + + return 0; +diff --git a/gcc/testsuite/gcc.dg/plugin/plugin.exp b/gcc/testsuite/gcc.dg/plugin/plugin.exp +index 933f9a5850bc..438c6d87aad9 100644 +--- a/gcc/testsuite/gcc.dg/plugin/plugin.exp ++++ b/gcc/testsuite/gcc.dg/plugin/plugin.exp +@@ -126,7 +126,9 @@ set plugin_test_list [list \ + { location_overflow_plugin.c \ + location-overflow-test-1.c \ + location-overflow-test-2.c \ +- location-overflow-test-pr83173.c } \ ++ location-overflow-test-pr83173.c \ ++ location-overflow-test-pr116047.c \ ++ location-overflow-test-pr120061.c } \ + { must_tail_call_plugin.c \ + must-tail-call-1.c \ + must-tail-call-2.c } \ +diff --git a/libcpp/line-map.cc b/libcpp/line-map.cc +index d5200b317eee..1e659638d9f7 100644 +--- a/libcpp/line-map.cc ++++ b/libcpp/line-map.cc +@@ -618,8 +618,8 @@ linemap_add (line_maps *set, enum lc_reason reason, + #include "included", inside the same "includer" file. */ + + linemap_assert (!MAIN_FILE_P (map - 1)); +- /* (MAP - 1) points to the map we are leaving. The +- map from which (MAP - 1) got included should be the map ++ /* (MAP - 1) points to the map we are leaving. The ++ map from which (MAP - 1) got included should be usually the map + that comes right before MAP in the same file. */ + from = linemap_included_from_linemap (set, map - 1); + +@@ -627,7 +627,24 @@ linemap_add (line_maps *set, enum lc_reason reason, + if (to_file == NULL) + { + to_file = ORDINARY_MAP_FILE_NAME (from); +- to_line = SOURCE_LINE (from, from[1].start_location); ++ /* Compute the line on which the map resumes, for #include this ++ should be the line after the #include line. Usually FROM is ++ the map right before LC_ENTER map - the first map of the included ++ file, and in that case SOURCE_LINE (from, from[1].start_location); ++ computes the right line (and does handle even some special cases ++ (e.g. where for returning from we still want to ++ be at line 0 or some -traditional-cpp cases). In rare cases ++ FROM can be followed by LC_RENAME created by linemap_line_start ++ for line right after #include line. If that happens, ++ start_location of the FROM[1] map will be the same as ++ start_location of FROM[2] LC_ENTER, but FROM[1] start_location ++ might not have advance enough for moving to a full next line. ++ In that case compute the line of #include line and add 1 to it ++ to advance to the next line. See PR120061. */ ++ if (from[1].reason == LC_RENAME) ++ to_line = SOURCE_LINE (from, linemap_included_from (map - 1)) + 1; ++ else ++ to_line = SOURCE_LINE (from, from[1].start_location); + sysp = ORDINARY_MAP_IN_SYSTEM_HEADER_P (from); + } + else +@@ -657,11 +674,26 @@ linemap_add (line_maps *set, enum lc_reason reason, + if (set->depth == 0) + map->included_from = 0; + else +- /* The location of the end of the just-closed map. */ +- map->included_from +- = (((map[0].start_location - 1 - map[-1].start_location) +- & ~((1 << map[-1].m_column_and_range_bits) - 1)) +- + map[-1].start_location); ++ { ++ /* Compute location from whence this line map was included. ++ For #include this should be preferrably column 0 of the ++ line on which #include directive appears. ++ map[-1] is the just closed map and usually included_from ++ falls within that map. In rare cases linemap_line_start ++ can insert a new LC_RENAME map for the line immediately ++ after #include line, in that case map[-1] will have the ++ same start_location as the new one and so included_from ++ would not be from map[-1] but likely map[-2]. If that ++ happens, mask off map[-2] m_column_and_range_bits bits ++ instead of map[-1]. See PR120061. */ ++ int i = -1; ++ while (map[i].start_location == map[0].start_location) ++ --i; ++ map->included_from ++ = (((map[0].start_location - 1 - map[i].start_location) ++ & ~((1 << map[i].m_column_and_range_bits) - 1)) ++ + map[i].start_location); ++ } + set->depth++; + if (set->trace_includes) + trace_include (set, map); +-- From patchwork Wed May 28 15:33:23 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 63758 X-Patchwork-Delegate: steve@sakoman.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2558CC5B549 for ; Wed, 28 May 2025 15:34:11 +0000 (UTC) Received: from mail-pf1-f178.google.com (mail-pf1-f178.google.com [209.85.210.178]) by mx.groups.io with SMTP id smtpd.web11.945.1748446445612862240 for ; Wed, 28 May 2025 08:34:05 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=SpNVQHRF; spf=softfail (domain: sakoman.com, ip: 209.85.210.178, mailfrom: steve@sakoman.com) Received: by mail-pf1-f178.google.com with SMTP id d2e1a72fcca58-742af848148so2778157b3a.1 for ; Wed, 28 May 2025 08:34:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1748446445; x=1749051245; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=h8G9D+nn+L87yB742U0/QxWb1Baung0Eh39N5WvxCG8=; b=SpNVQHRFMILZHf+nJFDBWok9ZjvLfStrH8J5l4VMBTl/hdAuZfAkEZfF22jLBTinM9 5KnySGgfveHWoX+cbi/CNvp+DjzMazrSrtFUNg83AD96+BiN6W3r38jtWYtQYQjGnBiS 3zbRmqJPnmiqOM70wyYFlx6enJNvmeEX+uEuODZdNPrGbNVhOX+QBeb/C1m7//RVRlW1 lcS9TLppVdG5xk0pAdWREYgnHxGWf3MauT6afOrku2mpaAKgTWPR4QQ5nWBXsUrv4Q0W AIfb2dssGOwhvmw9KF0qJeYenVvtbwiOBx83lzt5DcvgcIxYehBiet/BmondKS3FBPUL UgKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1748446445; x=1749051245; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=h8G9D+nn+L87yB742U0/QxWb1Baung0Eh39N5WvxCG8=; b=OEft41NlpzmhS9S/obKndH0TXxiXz3OGUZmBvkcWUSQIu+/U0Q+19Mgy6NwWvgeFWr yIMKRo7rAux5U8km5f2WbG2lbWLo8BX7D4f8GYL/L5jqHLWyOBsjcFsm6Iqf+AeuvyXy GutjwlhvpJ5SXa030hFavZ3kqGetQVFS5lLSY3qPy/Rd+8LCNY1Dta2Mxs0TvMEDTFf9 9L5O/LKv8eHc90OIJnZ8QxZKIeTOEE7E29b4mXtbRAx3tW1UustsR7zp8EnoFlHvZ4vc CtboP0Lbdz4l8LXnf27FW1DdVrreXIoZO+R0htvmU6ruiWwThSY/o8rP+InmRCYdUFcR bLKw== X-Gm-Message-State: AOJu0YyOxEsWxLmi4UrAr+WwmHzXpMDHzkciYJ3LNMIWoxNWMNdP6in3 nKHZdHJnlv3SkL+/WHWLsfPGs1MMtItaiHjnyZdx5QSmuWgyLNqMmJd+yRcZbLXRQm1wQrTbuh9 GbbEP X-Gm-Gg: ASbGncsijA+RwLFpQeBB8TiWFJBli1wdffa/qesZKcx4ArrYyicaS/BjmBRV4nCYeZL /rL9x9ovBYTg6Hj5bA9lye+0f0fhtnraMFyA5p8cQ36sFLLbRk/MfrmEsgfQzDNobzbNvbrjO0K 2L788UJGXYsdMM8qUDntUXaZRnHmyeD3N4++oMYX4rUWJea9I9QFkCBgU5X9k0YssUmGWsKCwmf FqmfV4RNVEeaJU8zrzs4OAB6oezadX76KM9ypiYSsycR3QXyUNP0TmH2ZFdlFBi8ZonokD3HJdF NZeFycyU1dUBAeM9Sr+wT8YjE3Dmpj3EdtXM2NlDPC8= X-Google-Smtp-Source: AGHT+IEXReyzMWBgQXH0luXWktFQsvJV9ZE/q+tV9WskXFfgjuGRL8rz9icqYuMe+vfuIJpMuHh8WA== X-Received: by 2002:a05:6a00:1822:b0:73f:ff25:90b3 with SMTP id d2e1a72fcca58-745fe05f18bmr30542940b3a.24.1748446444776; Wed, 28 May 2025 08:34:04 -0700 (PDT) Received: from hexa.. ([2602:feb4:3b:2100:2f2f:1884:f4cc:456c]) by smtp.gmail.com with ESMTPSA id d2e1a72fcca58-746e343c1basm1400268b3a.132.2025.05.28.08.34.04 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 28 May 2025 08:34:04 -0700 (PDT) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][walnascar 14/14] python3-pygobject: RDEPENDS on gobject-introspection Date: Wed, 28 May 2025 08:33:23 -0700 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 28 May 2025 15:34:11 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/217378 From: Yi Zhao Since 3.51.0, python3-pygobject depends on libgirepository 2.0 provided by glib-2.0 instead of libgirepository 1.0 provided by gobject-introspection[1]. It still needs the typelib files from libgirepository-1.0 package. Add gobject-introspection as a runtime dependency. Fixes: $ python3 Python 3.13.2 (main, Feb 4 2025, 14:51:09) [GCC 14.2.0] on linux Type "help", "copyright", "credits" or "license" for more information. >>> import gi >>> from gi.repository import Gtk Traceback (most recent call last): File "/usr/lib64/python3.13/site-packages/gi/importer.py", line 139, in create_module introspection_module = get_introspection_module(namespace) File "/usr/lib64/python3.13/site-packages/gi/module.py", line 243, in get_introspection_module module = IntrospectionModule(namespace, version) File "/usr/lib64/python3.13/site-packages/gi/module.py", line 111, in __init__ repository.require(namespace, version) ~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^ gi.RepositoryError: Typelib file for namespace 'xlib', version '2.0' not found The above exception was the direct cause of the following exception: Traceback (most recent call last): File "", line 1, in from gi.repository import Gtk File "/usr/lib64/python3.13/site-packages/gi/importer.py", line 141, in create_module raise ImportError(e) from e ImportError: Typelib file for namespace 'xlib', version '2.0' not found [1] https://gitlab.gnome.org/GNOME/pygobject/-/merge_requests/320 (From OE-Core rev: 6f9e02292c9305e795f2651c3bb6ef5b671e1c74) Signed-off-by: Yi Zhao Signed-off-by: Mathieu Dubois-Briand Signed-off-by: Richard Purdie Signed-off-by: Yi Zhao Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-pygobject_3.52.2.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta/recipes-devtools/python/python3-pygobject_3.52.2.bb b/meta/recipes-devtools/python/python3-pygobject_3.52.2.bb index 08f7dc67b0..cf1dd07639 100644 --- a/meta/recipes-devtools/python/python3-pygobject_3.52.2.bb +++ b/meta/recipes-devtools/python/python3-pygobject_3.52.2.bb @@ -29,6 +29,7 @@ RDEPENDS:${PN} += " \ python3-asyncio \ python3-io \ python3-pkgutil \ + gobject-introspection \ " # python3-pycairo is checked on configuration -> DEPENDS