diff options
| author |   Martin Jansa <Martin.Jansa@gmail.com> | 2022-06-17 20:06:24 +0200 |
|---|---|---|
| committer | Martin Jansa <Martin.Jansa@gmail.com> | 2022-06-17 20:13:09 +0200 |
| commit | 4d010543de50dd420d122a1c00aa3f0021dfa011 (patch) | |
| tree | 0c70967449084ca138cd6dba0e9dc0ef08021f22 | |
| parent | 4756dbadfc0129dde2a0afcaebaa5079d36bef6f (diff) | |
| download | openembedded-core-contrib-4d010543de50dd420d122a1c00aa3f0021dfa011.tar.gz | |
linux-yocto-5.14: fix build with gcc-12 on host
* fixes:
In file included from sigchain.c:3:
In function 'xrealloc',
inlined from 'sigchain_push.isra' at sigchain.c:26:2:
subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free]
56 | ret = realloc(ptr, size);
| ^~~~~~~~~~~~~~~~~~
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
| -rw-r--r-- | meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch | 66 | ||||
| -rw-r--r-- | meta/recipes-kernel/linux/linux-yocto_5.14.bb | 4 |
2 files changed, 69 insertions, 1 deletions
diff --git a/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch b/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch new file mode 100644 index 0000000000..2ad53f6b6e --- /dev/null +++ b/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch @@ -0,0 +1,66 @@ +From 52a9dab6d892763b2a8334a568bd4e2c1a6fde66 Mon Sep 17 00:00:00 2001 +From: Kees Cook <keescook@chromium.org> +Date: Sun, 13 Feb 2022 10:24:43 -0800 +Subject: [PATCH] libsubcmd: Fix use-after-free for realloc(..., 0) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +GCC 12 correctly reports a potential use-after-free condition in the +xrealloc helper. Fix the warning by avoiding an implicit "free(ptr)" +when size == 0: + +In file included from help.c:12: +In function 'xrealloc', + inlined from 'add_cmdname' at help.c:24:2: subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 56 | ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ +subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free] + 58 | ret = realloc(ptr, 1); + | ^~~~~~~~~~~~~~~ +subcmd-util.h:52:21: note: call to 'realloc' here + 52 | void *ret = realloc(ptr, size); + | ^~~~~~~~~~~~~~~~~~ + +Fixes: 2f4ce5ec1d447beb ("perf tools: Finalize subcmd independence") +Reported-by: Valdis Klētnieks <valdis.kletnieks@vt.edu> +Signed-off-by: Kees Kook <keescook@chromium.org> +Tested-by: Valdis Klētnieks <valdis.kletnieks@vt.edu> +Tested-by: Justin M. Forbes <jforbes@fedoraproject.org> +Acked-by: Josh Poimboeuf <jpoimboe@redhat.com> +Cc: linux-hardening@vger.kernel.org +Cc: Valdis Klētnieks <valdis.kletnieks@vt.edu> +Link: http://lore.kernel.org/lkml/20220213182443.4037039-1-keescook@chromium.org +Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> + +Upstream-Status: Backport [v5.17, v5.15.25] +Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com> +--- + tools/lib/subcmd/subcmd-util.h | 11 ++--------- + 1 file changed, 2 insertions(+), 9 deletions(-) + +diff --git a/tools/lib/subcmd/subcmd-util.h b/tools/lib/subcmd/subcmd-util.h +index 794a375dad36..b2aec04fce8f 100644 +--- a/tools/lib/subcmd/subcmd-util.h ++++ b/tools/lib/subcmd/subcmd-util.h +@@ -50,15 +50,8 @@ static NORETURN inline void die(const char *err, ...) + static inline void *xrealloc(void *ptr, size_t size) + { + void *ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) { +- ret = realloc(ptr, size); +- if (!ret && !size) +- ret = realloc(ptr, 1); +- if (!ret) +- die("Out of memory, realloc failed"); +- } ++ if (!ret) ++ die("Out of memory, realloc failed"); + return ret; + } + diff --git a/meta/recipes-kernel/linux/linux-yocto_5.14.bb b/meta/recipes-kernel/linux/linux-yocto_5.14.bb index b5be96b7c9..a48e0dbf72 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.14.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.14.bb @@ -39,7 +39,9 @@ KBRANCH:class-devupstream = "v5.14/base" # KMACHINE:qemuarm ?= "qemuarma15" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \ - git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.14;destsuffix=${KMETA}" + git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.14;destsuffix=${KMETA} \ + file://0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch \ +" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" LINUX_VERSION ?= "5.14.21" |