diff options
416 files changed, 23915 insertions, 4131 deletions
diff --git a/README.OE-Core b/README.OE-Core index 521916cd4f..2f2127fb03 100644 --- a/README.OE-Core +++ b/README.OE-Core @@ -6,24 +6,24 @@ of OpenEmbedded. It is distro-less (can build a functional image with DISTRO = "nodistro") and contains only emulated machine support. For information about OpenEmbedded, see the OpenEmbedded website: - http://www.openembedded.org/ + https://www.openembedded.org/ The Yocto Project has extensive documentation about OE including a reference manual which can be found at: - http://yoctoproject.org/documentation + https://docs.yoctoproject.org/ Contributing ------------ Please refer to -http://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded +https://www.openembedded.org/wiki/How_to_submit_a_patch_to_OpenEmbedded for guidelines on how to submit patches. Mailing list: - http://lists.openembedded.org/mailman/listinfo/openembedded-core + https://lists.openembedded.org/g/openembedded-core Source code: - http://git.openembedded.org/openembedded-core/ + https://git.openembedded.org/openembedded-core/ diff --git a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb index 07b83276fb..8a27e3a791 100644 --- a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb +++ b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb @@ -11,7 +11,7 @@ SRCREV = "1a3e1343761b30750bed70e0fd688f6d3c7b3717" PV = "0.1+git${SRCPV}" PR = "r2" -SRC_URI = "git://git.yoctoproject.org/dbus-wait" +SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master" UPSTREAM_CHECK_COMMITS = "1" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded index 32ec4b14fa..fbe90d6c6b 100644 --- a/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded +++ b/meta-selftest/recipes-test/devtool/devtool-upgrade-test2_git.bb.upgraded @@ -10,7 +10,7 @@ DEPENDS = "dbus" SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517" PV = "0.1+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/dbus-wait" +SRC_URI = "git://git.yoctoproject.org/dbus-wait;branch=master" UPSTREAM_CHECK_COMMITS = "1" RECIPE_NO_UPDATE_REASON = "This recipe is used to test devtool upgrade feature" diff --git a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb index 9429564df4..cc5d7eae5a 100644 --- a/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb +++ b/meta-selftest/recipes-test/git-submodule-test/git-submodule-test.bb @@ -5,5 +5,5 @@ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda INHIBIT_DEFAULT_DEPS = "1" -SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test" +SRC_URI = "gitsm://git.yoctoproject.org/git-submodule-test;branch=master" SRCREV = "a2885dd7d25380d23627e7544b7bbb55014b16ee" diff --git a/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb b/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb new file mode 100644 index 0000000000..f1b6c55833 --- /dev/null +++ b/meta-selftest/recipes-test/gitrepotest/gitrepotest.bb @@ -0,0 +1,16 @@ +SUMMARY = "Test recipe for git repo initialization" +HOMEPAGE = "https://git.yoctoproject.org/git/matchbox-panel-2" +LICENSE = "GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" + +INHIBIT_DEFAULT_DEPS = "1" + +PATCHTOOL="git" + +SRC_URI = "git://git.yoctoproject.org/git/matchbox-panel-2;branch=master;protocol=https \ + file://0001-testpatch.patch \ + " + +SRCREV = "f82ca3f42510fb3ef10f598b393eb373a2c34ca7" + +S = "${WORKDIR}/git" diff --git a/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch b/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch new file mode 100644 index 0000000000..bccda17ee9 --- /dev/null +++ b/meta-selftest/recipes-test/gitrepotest/gitrepotest/0001-testpatch.patch @@ -0,0 +1,9 @@ +diff --git a/Makefile.am b/Makefile.am +index 432a9b4..bbf7c74 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -1,3 +1,4 @@ ++## This is useless comment to test if patch works + ACLOCAL_AMFLAGS = -I m4 + + SUBDIRS = matchbox-panel applets data po diff --git a/meta/classes/buildhistory.bbclass b/meta/classes/buildhistory.bbclass index 49af61c9c5..b2cf9aa28a 100644 --- a/meta/classes/buildhistory.bbclass +++ b/meta/classes/buildhistory.bbclass @@ -960,23 +960,19 @@ def write_latest_srcrev(d, pkghistdir): value = value.replace('"', '').strip() old_tag_srcrevs[key] = value with open(srcrevfile, 'w') as f: - orig_srcrev = d.getVar('SRCREV', False) or 'INVALID' - if orig_srcrev != 'INVALID': - f.write('# SRCREV = "%s"\n' % orig_srcrev) - if len(srcrevs) > 1: - for name, srcrev in sorted(srcrevs.items()): - orig_srcrev = d.getVar('SRCREV_%s' % name, False) - if orig_srcrev: - f.write('# SRCREV_%s = "%s"\n' % (name, orig_srcrev)) - f.write('SRCREV_%s = "%s"\n' % (name, srcrev)) - else: - f.write('SRCREV = "%s"\n' % next(iter(srcrevs.values()))) - if len(tag_srcrevs) > 0: - for name, srcrev in sorted(tag_srcrevs.items()): - f.write('# tag_%s = "%s"\n' % (name, srcrev)) - if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: - pkg = d.getVar('PN') - bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) + for name, srcrev in sorted(srcrevs.items()): + suffix = "_" + name + if name == "default": + suffix = "" + orig_srcrev = d.getVar('SRCREV%s' % suffix, False) + if orig_srcrev: + f.write('# SRCREV%s = "%s"\n' % (suffix, orig_srcrev)) + f.write('SRCREV%s = "%s"\n' % (suffix, srcrev)) + for name, srcrev in sorted(tag_srcrevs.items()): + f.write('# tag_%s = "%s"\n' % (name, srcrev)) + if name in old_tag_srcrevs and old_tag_srcrevs[name] != srcrev: + pkg = d.getVar('PN') + bb.warn("Revision for tag %s in package %s was changed since last build (from %s to %s)" % (name, pkg, old_tag_srcrevs[name], srcrev)) else: if os.path.exists(srcrevfile): diff --git a/meta/classes/cross-canadian.bbclass b/meta/classes/cross-canadian.bbclass index f5c9f61595..3fc9cac442 100644 --- a/meta/classes/cross-canadian.bbclass +++ b/meta/classes/cross-canadian.bbclass @@ -155,7 +155,7 @@ libexecdir = "${exec_prefix}/libexec/${TARGET_ARCH}${TARGET_VENDOR}-${TARGET_OS} FILES_${PN} = "${prefix}" -export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${layout_libdir}/pkgconfig" +export PKG_CONFIG_DIR = "${STAGING_DIR_HOST}${exec_prefix}/lib/pkgconfig" export PKG_CONFIG_SYSROOT_DIR = "${STAGING_DIR_HOST}" do_populate_sysroot[stamp-extra-info] = "" diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 4fa1a64f85..a95e810605 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -110,6 +110,7 @@ python do_cve_check () { } addtask cve_check before do_build after do_fetch +do_cve_check[lockfiles] += "${CVE_CHECK_DB_FILE_LOCK}" do_cve_check[depends] = "cve-update-db-native:do_fetch" do_cve_check[nostamp] = "1" @@ -142,6 +143,7 @@ python cve_check_write_rootfs_manifest () { manifest_name = d.getVar("CVE_CHECK_MANIFEST") cve_tmp_file = d.getVar("CVE_CHECK_TMP_FILE") + bb.utils.mkdirhier(os.path.dirname(manifest_name)) shutil.copyfile(cve_tmp_file, manifest_name) if manifest_name and os.path.exists(manifest_name): diff --git a/meta/classes/devupstream.bbclass b/meta/classes/devupstream.bbclass index 7780c5482c..97e137cb40 100644 --- a/meta/classes/devupstream.bbclass +++ b/meta/classes/devupstream.bbclass @@ -4,7 +4,7 @@ # # Usage: # BBCLASSEXTEND = "devupstream:target" -# SRC_URI_class-devupstream = "git://git.example.com/example" +# SRC_URI_class-devupstream = "git://git.example.com/example;branch=master" # SRCREV_class-devupstream = "abcdef" # # If the first entry in SRC_URI is a git: URL then S is rewritten to diff --git a/meta/classes/externalsrc.bbclass b/meta/classes/externalsrc.bbclass index 3d6b80bee2..9fe9d36f76 100644 --- a/meta/classes/externalsrc.bbclass +++ b/meta/classes/externalsrc.bbclass @@ -109,6 +109,15 @@ python () { if local_srcuri and task in fetch_tasks: continue bb.build.deltask(task, d) + if bb.data.inherits_class('reproducible_build', d) and task == 'do_unpack': + # The reproducible_build's create_source_date_epoch_stamp function must + # be run after the source is available and before the + # do_deploy_source_date_epoch task. In the normal case, it's attached + # to do_unpack as a postfuncs, but since we removed do_unpack (above) + # we need to move the function elsewhere. The easiest thing to do is + # move it into the prefuncs of the do_deploy_source_date_epoch task. + # This is safe, as externalsrc runs with the source already unpacked. + d.prependVarFlag('do_deploy_source_date_epoch', 'prefuncs', 'create_source_date_epoch_stamp ') d.prependVarFlag('do_compile', 'prefuncs', "externalsrc_compile_prefunc ") d.prependVarFlag('do_configure', 'prefuncs', "externalsrc_configure_prefunc ") diff --git a/meta/classes/mirrors.bbclass b/meta/classes/mirrors.bbclass index 87bba41472..8a2c153d9b 100644 --- a/meta/classes/mirrors.bbclass +++ b/meta/classes/mirrors.bbclass @@ -62,6 +62,8 @@ ftp://.*/.* http://sources.openembedded.org/ \n \ npm://.*/?.* http://sources.openembedded.org/ \n \ ${CPAN_MIRROR} http://cpan.metacpan.org/ \n \ ${CPAN_MIRROR} http://search.cpan.org/CPAN/ \n \ +https?$://downloads.yoctoproject.org/releases/uninative/ https://mirrors.kernel.org/yocto/uninative/ \n \ +https?://downloads.yoctoproject.org/mirror/sources/ https://mirrors.kernel.org/yocto-sources/ \ " # Use MIRRORS to provide git repo fallbacks using the https protocol, for cases diff --git a/meta/classes/package.bbclass b/meta/classes/package.bbclass index e3f0a7060b..5e51b89184 100644 --- a/meta/classes/package.bbclass +++ b/meta/classes/package.bbclass @@ -2079,12 +2079,12 @@ python package_do_pkgconfig () { for pkg in packages.split(): pkgconfig_provided[pkg] = [] pkgconfig_needed[pkg] = [] - for file in pkgfiles[pkg]: + for file in sorted(pkgfiles[pkg]): m = pc_re.match(file) if m: pd = bb.data.init() name = m.group(1) - pkgconfig_provided[pkg].append(name) + pkgconfig_provided[pkg].append(os.path.basename(name)) if not os.access(file, os.R_OK): continue with open(file, 'r') as f: @@ -2107,7 +2107,7 @@ python package_do_pkgconfig () { pkgs_file = os.path.join(shlibswork_dir, pkg + ".pclist") if pkgconfig_provided[pkg] != []: with open(pkgs_file, 'w') as f: - for p in pkgconfig_provided[pkg]: + for p in sorted(pkgconfig_provided[pkg]): f.write('%s\n' % p) # Go from least to most specific since the last one found wins diff --git a/meta/classes/patch.bbclass b/meta/classes/patch.bbclass index cd491a563d..72bb1eb946 100644 --- a/meta/classes/patch.bbclass +++ b/meta/classes/patch.bbclass @@ -131,6 +131,9 @@ python patch_do_patch() { patchdir = parm["patchdir"] if not os.path.isabs(patchdir): patchdir = os.path.join(s, patchdir) + if not os.path.isdir(patchdir): + bb.fatal("Target directory '%s' not found, patchdir '%s' is incorrect in patch file '%s'" % + (patchdir, parm["patchdir"], parm['patchname'])) else: patchdir = s @@ -147,12 +150,12 @@ python patch_do_patch() { patchset.Import({"file":local, "strippath": parm['striplevel']}, True) except Exception as exc: bb.utils.remove(process_tmpdir, True) - bb.fatal(str(exc)) + bb.fatal("Importing patch '%s' with striplevel '%s'\n%s" % (parm['patchname'], parm['striplevel'], str(exc))) try: resolver.Resolve() except bb.BBHandledException as e: bb.utils.remove(process_tmpdir, True) - bb.fatal(str(e)) + bb.fatal("Applying patch '%s' on target directory '%s'\n%s" % (parm['patchname'], patchdir, str(e))) bb.utils.remove(process_tmpdir, True) del os.environ['TMPDIR'] diff --git a/meta/classes/populate_sdk_base.bbclass b/meta/classes/populate_sdk_base.bbclass index 2d33611ddd..76757a3a9d 100644 --- a/meta/classes/populate_sdk_base.bbclass +++ b/meta/classes/populate_sdk_base.bbclass @@ -90,6 +90,8 @@ SDK_HOST_MANIFEST = "${SDKDEPLOYDIR}/${TOOLCHAIN_OUTPUTNAME}.host.manifest" SDK_EXT_TARGET_MANIFEST = "${SDK_DEPLOY}/${TOOLCHAINEXT_OUTPUTNAME}.target.manifest" SDK_EXT_HOST_MANIFEST = "${SDK_DEPLOY}/${TOOLCHAINEXT_OUTPUTNAME}.host.manifest" +SDK_PRUNE_SYSROOT_DIRS ?= "/dev" + python write_target_sdk_manifest () { from oe.sdk import sdk_list_installed_packages from oe.utils import format_pkg_list @@ -101,6 +103,12 @@ python write_target_sdk_manifest () { output.write(format_pkg_list(pkgs, 'ver')) } +sdk_prune_dirs () { + for d in ${SDK_PRUNE_SYSROOT_DIRS}; do + rm -rf ${SDK_OUTPUT}${SDKTARGETSYSROOT}$d + done +} + python write_sdk_test_data() { from oe.data import export2json testdata = "%s/%s.testdata.json" % (d.getVar('SDKDEPLOYDIR'), d.getVar('TOOLCHAIN_OUTPUTNAME')) @@ -120,8 +128,9 @@ python write_host_sdk_manifest () { } POPULATE_SDK_POST_TARGET_COMMAND_append = " write_sdk_test_data ; " -POPULATE_SDK_POST_TARGET_COMMAND_append_task-populate-sdk = " write_target_sdk_manifest ; " +POPULATE_SDK_POST_TARGET_COMMAND_append_task-populate-sdk = " write_target_sdk_manifest; sdk_prune_dirs; " POPULATE_SDK_POST_HOST_COMMAND_append_task-populate-sdk = " write_host_sdk_manifest; " + SDK_PACKAGING_COMMAND = "${@'${SDK_PACKAGING_FUNC};' if '${SDK_PACKAGING_FUNC}' else ''}" SDK_POSTPROCESS_COMMAND = " create_sdk_files; check_sdk_sysroots; archive_sdk; ${SDK_PACKAGING_COMMAND} " diff --git a/meta/classes/reproducible_build.bbclass b/meta/classes/reproducible_build.bbclass index 1277764fab..62655c2a5b 100644 --- a/meta/classes/reproducible_build.bbclass +++ b/meta/classes/reproducible_build.bbclass @@ -90,11 +90,14 @@ python create_source_date_epoch_stamp() { } def get_source_date_epoch_value(d): - cached = d.getVar('__CACHED_SOURCE_DATE_EPOCH') - if cached: + epochfile = d.getVar('SDE_FILE') + cached, efile = d.getVar('__CACHED_SOURCE_DATE_EPOCH') or (None, None) + if cached and efile == epochfile: return cached - epochfile = d.getVar('SDE_FILE') + if cached and epochfile != efile: + bb.debug(1, "Epoch file changed from %s to %s" % (efile, epochfile)) + source_date_epoch = int(d.getVar('SOURCE_DATE_EPOCH_FALLBACK')) try: with open(epochfile, 'r') as f: @@ -112,7 +115,7 @@ def get_source_date_epoch_value(d): except FileNotFoundError: bb.debug(1, "Cannot find %s. SOURCE_DATE_EPOCH will default to %d" % (epochfile, source_date_epoch)) - d.setVar('__CACHED_SOURCE_DATE_EPOCH', str(source_date_epoch)) + d.setVar('__CACHED_SOURCE_DATE_EPOCH', (str(source_date_epoch), epochfile)) return str(source_date_epoch) export SOURCE_DATE_EPOCH ?= "${@get_source_date_epoch_value(d)}" diff --git a/meta/classes/rootfs-postcommands.bbclass b/meta/classes/rootfs-postcommands.bbclass index e66ed5938b..87b5751e24 100644 --- a/meta/classes/rootfs-postcommands.bbclass +++ b/meta/classes/rootfs-postcommands.bbclass @@ -60,7 +60,7 @@ python () { } systemd_create_users () { - for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd.conf ${IMAGE_ROOTFS}/usr/lib/sysusers.d/systemd-remote.conf; do + for conffile in ${IMAGE_ROOTFS}/usr/lib/sysusers.d/*.conf; do [ -e $conffile ] || continue grep -v "^#" $conffile | sed -e '/^$/d' | while read type name id comment; do if [ "$type" = "u" ]; then diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass index a2ac4eeb80..c8a42dc8bf 100644 --- a/meta/classes/sanity.bbclass +++ b/meta/classes/sanity.bbclass @@ -395,7 +395,7 @@ def check_connectivity(d): msg += " Please ensure your host's network is configured correctly.\n" msg += " If your ISP or network is blocking the above URL,\n" msg += " try with another domain name, for example by setting:\n" - msg += " CONNECTIVITY_CHECK_URIS = \"https://www.yoctoproject.org/\"" + msg += " CONNECTIVITY_CHECK_URIS = \"https://www.example.com/\"" msg += " You could also set BB_NO_NETWORK = \"1\" to disable network\n" msg += " access if all required sources are on local disk.\n" retval = msg diff --git a/meta/classes/sstate.bbclass b/meta/classes/sstate.bbclass index 8b4bfc25b7..de6e7fa960 100644 --- a/meta/classes/sstate.bbclass +++ b/meta/classes/sstate.bbclass @@ -20,7 +20,7 @@ def generate_sstatefn(spec, hash, taskname, siginfo, d): components = spec.split(":") # Fields 0,5,6 are mandatory, 1 is most useful, 2,3,4 are just for information # 7 is for the separators - avail = (254 - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3 + avail = (limit - len(hash + "_" + taskname + extension) - len(components[0]) - len(components[1]) - len(components[5]) - len(components[6]) - 7) // 3 components[2] = components[2][:avail] components[3] = components[3][:avail] components[4] = components[4][:avail] @@ -800,7 +800,7 @@ sstate_task_postfunc[dirs] = "${WORKDIR}" sstate_create_package () { # Exit early if it already exists if [ -e ${SSTATE_PKG} ]; then - [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG} + touch ${SSTATE_PKG} 2>/dev/null || true return fi @@ -827,14 +827,18 @@ sstate_create_package () { fi chmod 0664 $TFILE # Skip if it was already created by some other process - if [ ! -e ${SSTATE_PKG} ]; then + if [ -h ${SSTATE_PKG} ] && [ ! -e ${SSTATE_PKG} ]; then + # There is a symbolic link, but it links to nothing. + # Forcefully replace it with the new file. + ln -f $TFILE ${SSTATE_PKG} || true + elif [ ! -e ${SSTATE_PKG} ]; then # Move into place using ln to attempt an atomic op. # Abort if it already exists - ln $TFILE ${SSTATE_PKG} && rm $TFILE + ln $TFILE ${SSTATE_PKG} || true else - rm $TFILE + touch ${SSTATE_PKG} 2>/dev/null || true fi - [ ! -w ${SSTATE_PKG} ] || touch ${SSTATE_PKG} + rm $TFILE } python sstate_sign_package () { @@ -863,12 +867,12 @@ python sstate_report_unihash() { # sstate_unpack_package () { tar -xvzf ${SSTATE_PKG} - # update .siginfo atime on local/NFS mirror - [ -O ${SSTATE_PKG}.siginfo ] && [ -w ${SSTATE_PKG}.siginfo ] && [ -h ${SSTATE_PKG}.siginfo ] && touch -a ${SSTATE_PKG}.siginfo - # Use "! -w ||" to return true for read only files - [ ! -w ${SSTATE_PKG} ] || touch --no-dereference ${SSTATE_PKG} - [ ! -w ${SSTATE_PKG}.sig ] || [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig - [ ! -w ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo + # update .siginfo atime on local/NFS mirror if it is a symbolic link + [ ! -h ${SSTATE_PKG}.siginfo ] || [ ! -e ${SSTATE_PKG}.siginfo ] || touch -a ${SSTATE_PKG}.siginfo 2>/dev/null || true + # update each symbolic link instead of any referenced file + touch --no-dereference ${SSTATE_PKG} 2>/dev/null || true + [ ! -e ${SSTATE_PKG}.sig ] || touch --no-dereference ${SSTATE_PKG}.sig 2>/dev/null || true + [ ! -e ${SSTATE_PKG}.siginfo ] || touch --no-dereference ${SSTATE_PKG}.siginfo 2>/dev/null || true } BB_HASHCHECK_FUNCTION = "sstate_checkhashes" @@ -946,7 +950,7 @@ def sstate_checkhashes(sq_data, d, siginfo=False, currentcount=0, summary=True, localdata2 = bb.data.createCopy(localdata) srcuri = "file://" + sstatefile - localdata.setVar('SRC_URI', srcuri) + localdata2.setVar('SRC_URI', srcuri) bb.debug(2, "SState: Attempting to fetch %s" % srcuri) try: diff --git a/meta/classes/testimage.bbclass b/meta/classes/testimage.bbclass index e613759503..538ec4fc8a 100644 --- a/meta/classes/testimage.bbclass +++ b/meta/classes/testimage.bbclass @@ -230,9 +230,10 @@ def testimage_main(d): tdname = "%s.testdata.json" % image_name try: - td = json.load(open(tdname, "r")) - except (FileNotFoundError) as err: - bb.fatal('File %s Not Found. Have you built the image with INHERIT+="testimage" in the conf/local.conf?' % tdname) + with open(tdname, "r") as f: + td = json.load(f) + except FileNotFoundError as err: + bb.fatal('File %s not found (%s).\nHave you built the image with INHERIT += "testimage" in the conf/local.conf?' % (tdname, err)) # Some variables need to be updates (mostly paths) with the # ones of the current environment because some tests require them. diff --git a/meta/classes/toaster.bbclass b/meta/classes/toaster.bbclass index 9518ddf7a4..f365c09142 100644 --- a/meta/classes/toaster.bbclass +++ b/meta/classes/toaster.bbclass @@ -101,12 +101,12 @@ def _toaster_load_pkgdatafile(dirpath, filepath): for line in fin: try: kn, kv = line.strip().split(": ", 1) - m = re.match(r"^PKG_([^A-Z:]*)", kn) + m = re.match(r"^PKG:([^A-Z:]*)", kn) if m: pkgdata['OPKGN'] = m.group(1) - kn = "_".join([x for x in kn.split("_") if x.isupper()]) - pkgdata[kn] = kv.strip() - if kn == 'FILES_INFO': + kn = kn.split(":")[0] + pkgdata[kn] = kv + if kn.startswith('FILES_INFO'): pkgdata[kn] = json.loads(kv) except ValueError: diff --git a/meta/classes/uboot-sign.bbclass b/meta/classes/uboot-sign.bbclass index ba48f24b10..fca9de2934 100644 --- a/meta/classes/uboot-sign.bbclass +++ b/meta/classes/uboot-sign.bbclass @@ -131,6 +131,20 @@ concat_dtb_helper() { elif [ -e "${DEPLOYDIR}/${UBOOT_NODTB_IMAGE}" -a -e "$deployed_uboot_dtb_binary" ]; then cd ${DEPLOYDIR} cat ${UBOOT_NODTB_IMAGE} $deployed_uboot_dtb_binary | tee ${B}/${CONFIG_B_PATH}/${UBOOT_BINARY} > ${UBOOT_IMAGE} + + if [ -n "${UBOOT_CONFIG}" ] + then + for config in ${UBOOT_MACHINE}; do + i=$(expr $i + 1); + for type in ${UBOOT_CONFIG}; do + j=$(expr $j + 1); + if [ $j -eq $i ] + then + cp ${UBOOT_IMAGE} ${B}/${CONFIG_B_PATH}/u-boot-$type.${UBOOT_SUFFIX} + fi + done + done + fi else bbwarn "Failure while adding public key to u-boot binary. Verified boot won't be available." fi @@ -205,7 +219,7 @@ install_helper() { fi } -# Install SPL dtb and u-boot nodtb to datadir, +# Install SPL dtb and u-boot nodtb to datadir, install_spl_helper() { if [ -f "${SPL_DIR}/${SPL_DTB_BINARY}" ]; then install -Dm 0644 ${SPL_DIR}/${SPL_DTB_BINARY} ${D}${datadir}/${SPL_DTB_IMAGE} diff --git a/meta/classes/uninative.bbclass b/meta/classes/uninative.bbclass index 1e19917a97..4412d7c567 100644 --- a/meta/classes/uninative.bbclass +++ b/meta/classes/uninative.bbclass @@ -2,7 +2,7 @@ UNINATIVE_LOADER ?= "${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/lib/ UNINATIVE_STAGING_DIR ?= "${STAGING_DIR}" UNINATIVE_URL ?= "unset" -UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc.tar.xz" +UNINATIVE_TARBALL ?= "${BUILD_ARCH}-nativesdk-libc-${UNINATIVE_VERSION}.tar.xz" # Example checksums #UNINATIVE_CHECKSUM[aarch64] = "dead" #UNINATIVE_CHECKSUM[i686] = "dead" @@ -100,7 +100,7 @@ ${UNINATIVE_STAGING_DIR}-uninative/relocate_sdk.py \ ${UNINATIVE_LOADER} \ ${UNINATIVE_LOADER} \ ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux/${bindir_native}/patchelf-uninative \ - ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so" % chksum) + ${UNINATIVE_STAGING_DIR}-uninative/${BUILD_ARCH}-linux${base_libdir_native}/libc*.so*" % chksum) subprocess.check_output(cmd, shell=True) with open(loaderchksum, "w") as f: diff --git a/meta/conf/distro/include/cve-extra-exclusions.inc b/meta/conf/distro/include/cve-extra-exclusions.inc index 561386b706..0b8bec312b 100644 --- a/meta/conf/distro/include/cve-extra-exclusions.inc +++ b/meta/conf/distro/include/cve-extra-exclusions.inc @@ -43,3 +43,12 @@ CVE_CHECK_WHITELIST += "CVE-2010-4756" # CVE applies to a netapp product as well as flagging a general issue. We don't ship anything # exposing this interface in an exploitable way CVE_CHECK_WHITELIST += "CVE-2020-29509 CVE-2020-29511" + +# db +# Since Oracle relicensed bdb, the open source community is slowly but surely replacing bdb with +# supported and open source friendly alternatives. As a result these CVEs are unlikely to ever be fixed. +CVE_CHECK_WHITELIST += "CVE-2015-2583 CVE-2015-2624 CVE-2015-2626 CVE-2015-2640 CVE-2015-2654 \ +CVE-2015-2656 CVE-2015-4754 CVE-2015-4764 CVE-2015-4774 CVE-2015-4775 CVE-2015-4776 CVE-2015-4777 \ +CVE-2015-4778 CVE-2015-4779 CVE-2015-4780 CVE-2015-4781 CVE-2015-4782 CVE-2015-4783 CVE-2015-4784 \ +CVE-2015-4785 CVE-2015-4786 CVE-2015-4787 CVE-2015-4788 CVE-2015-4789 CVE-2015-4790 CVE-2016-0682 \ +CVE-2016-0689 CVE-2016-0692 CVE-2016-0694 CVE-2016-3418 CVE-2020-2981" diff --git a/meta/conf/distro/include/default-distrovars.inc b/meta/conf/distro/include/default-distrovars.inc index 433d4b6651..038acc1504 100644 --- a/meta/conf/distro/include/default-distrovars.inc +++ b/meta/conf/distro/include/default-distrovars.inc @@ -47,5 +47,5 @@ KERNEL_IMAGETYPES ??= "${KERNEL_IMAGETYPE}" # The CONNECTIVITY_CHECK_URIS are used to test whether we can succesfully # fetch from the network (and warn you if not). To disable the test set # the variable to be empty. -# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master -CONNECTIVITY_CHECK_URIS ?= "https://www.example.com/" +# Git example url: git://git.yoctoproject.org/yocto-firewall-test;protocol=git;rev=master;branch=master +CONNECTIVITY_CHECK_URIS ?= "https://yoctoproject.org/connectivity.html" diff --git a/meta/conf/distro/include/maintainers.inc b/meta/conf/distro/include/maintainers.inc index 5d453a6fcd..5064ee6b79 100644 --- a/meta/conf/distro/include/maintainers.inc +++ b/meta/conf/distro/include/maintainers.inc @@ -191,7 +191,7 @@ RECIPE_MAINTAINER_pn-gcc-cross-canadian-${TRANSLATED_TARGET_ARCH} = "Khem Raj <r RECIPE_MAINTAINER_pn-gcc-crosssdk-${SDK_SYS} = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER_pn-gcc-runtime = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER_pn-gcc-sanitizers = "Khem Raj <raj.khem@gmail.com>" -RECIPE_MAINTAINER_pn-gcc-source-10.2.0 = "Khem Raj <raj.khem@gmail.com>" +RECIPE_MAINTAINER_pn-gcc-source-10.3.0 = "Khem Raj <raj.khem@gmail.com>" RECIPE_MAINTAINER_pn-gconf = "Ross Burton <ross.burton@arm.com>" RECIPE_MAINTAINER_pn-gcr = "Alexander Kanavin <alex.kanavin@gmail.com>" RECIPE_MAINTAINER_pn-gdb = "Khem Raj <raj.khem@gmail.com>" diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc index 740cca0ecf..bfe05ce1eb 100644 --- a/meta/conf/distro/include/yocto-uninative.inc +++ b/meta/conf/distro/include/yocto-uninative.inc @@ -6,9 +6,10 @@ # to the distro running on the build machine. # -UNINATIVE_MAXGLIBCVERSION = "2.33" +UNINATIVE_MAXGLIBCVERSION = "2.35" +UNINATIVE_VERSION = "3.5" -UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/3.2/" -UNINATIVE_CHECKSUM[aarch64] ?= "4f0872cdca2775b637a8a99815ca5c8dd42146abe903a24a50ee0448358c764b" -UNINATIVE_CHECKSUM[i686] ?= "e2eeab92e67263db37d9bb6d4c58579abd1f47ff4cded3171bde572fece124b2" -UNINATIVE_CHECKSUM[x86_64] ?= "3ee8c7d55e2d4c7ae3887cddb97219f97b94efddfeee2e24923c0cb0e8ce84c6" +UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/" +UNINATIVE_CHECKSUM[aarch64] ?= "6de0771bd21e0fcb5e80388e5b561a8023b24083bcbf46e056a089982aff75d7" +UNINATIVE_CHECKSUM[i686] ?= "8c8745becbfa1c341bae839c7eab56ddf17ce36c303bcd73d3b2f2f788b631c2" +UNINATIVE_CHECKSUM[x86_64] ?= "e8047a5748e6f266165da141eb6d08b23674f30e477b0e5505b6403d50fbc4b2" diff --git a/meta/conf/machine/include/arm/arch-armv8-5a.inc b/meta/conf/machine/include/arm/arch-armv8-5a.inc new file mode 100644 index 0000000000..44c3b5bd22 --- /dev/null +++ b/meta/conf/machine/include/arm/arch-armv8-5a.inc @@ -0,0 +1,19 @@ +DEFAULTTUNE ?= "armv8-5a" + +TUNEVALID[armv8-5a] = "Enable instructions for ARMv8.5-a" +TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'armv8-5a', ' -march=armv8.5-a', '', d)}" +# TUNE crypto will be handled by arch-armv8a.inc below +MACHINEOVERRIDES =. "${@bb.utils.contains('TUNE_FEATURES', 'armv8-5a', 'armv8-5a:', '', d)}" + +require conf/machine/include/arm/arch-armv8a.inc + +# Little Endian base configs +AVAILTUNES += "armv8-5a armv8-5a-crypto" +ARMPKGARCH_tune-armv8-5a ?= "armv8-5a" +ARMPKGARCH_tune-armv8-5a-crypto ?= "armv8-5a" +TUNE_FEATURES_tune-armv8-5a = "aarch64 armv8-5a" +TUNE_FEATURES_tune-armv8-5a-crypto = "${TUNE_FEATURES_tune-armv8-5a} crypto" +PACKAGE_EXTRA_ARCHS_tune-armv8-5a = "${PACKAGE_EXTRA_ARCHS_tune-armv8a} armv8-5a" +PACKAGE_EXTRA_ARCHS_tune-armv8-5a-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a} armv8-5a-crypto" +BASE_LIB_tune-armv8-5a = "lib64" +BASE_LIB_tune-armv8-5a-crypto = "lib64" diff --git a/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc b/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc new file mode 100644 index 0000000000..dedabcf46e --- /dev/null +++ b/meta/conf/machine/include/arm/armv9a/tune-neoversen2.inc @@ -0,0 +1,22 @@ +# +# Tune Settings for Neoverse-N2 +# +DEFAULTTUNE ?= "neoversen2" + +TUNEVALID[neoversen2] = "Enable Neoverse-N2 specific processor optimizations" +TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'neoversen2', ' -mcpu=neoverse-n2', '', d)}" + +# Even though the Neoverse N2 core implemnts the Arm v9.0-A architecture, +# but the support of it in GCC is based on the Arm v8.5-A architecture. +require conf/machine/include/arm/arch-armv8-5a.inc + +# Little Endian base configs +AVAILTUNES += "neoversen2 neoversen2-crypto" +ARMPKGARCH_tune-neoversen2 = "neoversen2" +ARMPKGARCH_tune-neoversen2-crypto = "neoversen2-crypto" +TUNE_FEATURES_tune-neoversen2 = "${TUNE_FEATURES_tune-armv8-5a} neoversen2" +TUNE_FEATURES_tune-neoversen2-crypto = "${TUNE_FEATURES_tune-neoversen2} crypto" +PACKAGE_EXTRA_ARCHS_tune-neoversen2 = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a} neoversen2" +PACKAGE_EXTRA_ARCHS_tune-neoversen2-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8-5a-crypto} neoversen2 neoversen2-crypto" +BASE_LIB_tune-neoversen2 = "lib64" +BASE_LIB_tune-neoversen2-crypto = "lib64" diff --git a/meta/conf/machine/include/tune-cortexa72.inc b/meta/conf/machine/include/tune-cortexa72.inc index b3f68ab6e3..efb71ee0a1 100644 --- a/meta/conf/machine/include/tune-cortexa72.inc +++ b/meta/conf/machine/include/tune-cortexa72.inc @@ -6,8 +6,12 @@ TUNE_CCARGS .= "${@bb.utils.contains('TUNE_FEATURES', 'cortexa72', ' -mcpu=corte require conf/machine/include/arm/arch-armv8a.inc # Little Endian base configs -AVAILTUNES += "cortexa72" +AVAILTUNES += "cortexa72 cortexa72-crypto" ARMPKGARCH_tune-cortexa72 = "cortexa72" -TUNE_FEATURES_tune-cortexa72 = "${TUNE_FEATURES_tune-armv8a-crc-crypto} cortexa72" -PACKAGE_EXTRA_ARCHS_tune-cortexa72 = "${PACKAGE_EXTRA_ARCHS_tune-armv8a-crc-crypto} cortexa72" -BASE_LIB_tune-cortexa72 = "lib64" +ARMPKGARCH_tune-cortexa72-crypto = "cortexa72" +TUNE_FEATURES_tune-cortexa72 = "${TUNE_FEATURES_tune-armv8a-crc} cortexa72" +TUNE_FEATURES_tune-cortexa72-crypto = "${TUNE_FEATURES_tune-cortexa72} crypto" +PACKAGE_EXTRA_ARCHS_tune-cortexa72 = "${PACKAGE_EXTRA_ARCHS_tune-armv8-crc} cortexa72" +PACKAGE_EXTRA_ARCHS_tune-cortexa72-crypto = "${PACKAGE_EXTRA_ARCHS_tune-armv8a-crc-crypto} cortexa72 cortexa72-crypto" +BASE_LIB_tune-cortexa72 = "lib64" +BASE_LIB_tune-cortexa72-crypto = "lib64" diff --git a/meta/conf/multilib.conf b/meta/conf/multilib.conf index d231107f8b..e9767c73b6 100644 --- a/meta/conf/multilib.conf +++ b/meta/conf/multilib.conf @@ -11,6 +11,8 @@ STAGING_DIR_TARGET = "${WORKDIR}/${MLPREFIX}recipe-sysroot" RECIPE_SYSROOT = "${WORKDIR}/${MLPREFIX}recipe-sysroot" RECIPE_SYSROOT_class-native = "${WORKDIR}/recipe-sysroot" +PSEUDO_IGNORE_PATHS .= ",${WORKDIR}/${MLPREFIX}recipe-sysroot" + INHERIT += "multilib_global" BBCLASSEXTEND_append = " ${MULTILIBS}" diff --git a/meta/files/toolchain-shar-relocate.sh b/meta/files/toolchain-shar-relocate.sh index 3ece04db0a..cee9adbf39 100644 --- a/meta/files/toolchain-shar-relocate.sh +++ b/meta/files/toolchain-shar-relocate.sh @@ -5,7 +5,7 @@ fi # fix dynamic loader paths in all ELF SDK binaries native_sysroot=$($SUDO_EXEC cat $env_setup_script |grep 'OECORE_NATIVE_SYSROOT='|cut -d'=' -f2|tr -d '"') -dl_path=$($SUDO_EXEC find $native_sysroot/lib -name "ld-linux*") +dl_path=$($SUDO_EXEC find $native_sysroot/lib -maxdepth 1 -name "ld-linux*") if [ "$dl_path" = "" ] ; then echo "SDK could not be set up. Relocate script unable to find ld-linux.so. Abort!" exit 1 diff --git a/meta/lib/oe/patch.py b/meta/lib/oe/patch.py index fccbedb519..9034fcae03 100644 --- a/meta/lib/oe/patch.py +++ b/meta/lib/oe/patch.py @@ -4,6 +4,7 @@ import oe.path import oe.types +import subprocess class NotFoundError(bb.BBHandledException): def __init__(self, path): @@ -25,7 +26,6 @@ class CmdError(bb.BBHandledException): def runcmd(args, dir = None): import pipes - import subprocess if dir: olddir = os.path.abspath(os.curdir) @@ -56,6 +56,7 @@ def runcmd(args, dir = None): if dir: os.chdir(olddir) + class PatchError(Exception): def __init__(self, msg): self.msg = msg @@ -298,6 +299,24 @@ class GitApplyTree(PatchTree): PatchTree.__init__(self, dir, d) self.commituser = d.getVar('PATCH_GIT_USER_NAME') self.commitemail = d.getVar('PATCH_GIT_USER_EMAIL') + if not self._isInitialized(): + self._initRepo() + + def _isInitialized(self): + cmd = "git rev-parse --show-toplevel" + try: + output = runcmd(cmd.split(), self.dir).strip() + except CmdError as err: + ## runcmd returned non-zero which most likely means 128 + ## Not a git directory + return False + ## Make sure repo is in builddir to not break top-level git repos + return os.path.samefile(output, self.dir) + + def _initRepo(self): + runcmd("git init".split(), self.dir) + runcmd("git add .".split(), self.dir) + runcmd("git commit -a --allow-empty -m bitbake_patching_started".split(), self.dir) @staticmethod def extractPatchHeader(patchfile): diff --git a/meta/lib/oe/reproducible.py b/meta/lib/oe/reproducible.py index 204b9bd734..0938e4cb39 100644 --- a/meta/lib/oe/reproducible.py +++ b/meta/lib/oe/reproducible.py @@ -41,7 +41,7 @@ def find_git_folder(d, sourcedir): for root, dirs, files in os.walk(workdir, topdown=True): dirs[:] = [d for d in dirs if d not in exclude] if '.git' in dirs: - return root + return os.path.join(root, ".git") bb.warn("Failed to find a git repository in WORKDIR: %s" % workdir) return None diff --git a/meta/lib/oe/sdk.py b/meta/lib/oe/sdk.py index 37b59afd1a..27347667e8 100644 --- a/meta/lib/oe/sdk.py +++ b/meta/lib/oe/sdk.py @@ -115,6 +115,10 @@ def sdk_list_installed_packages(d, target, rootfs_dir=None): rootfs_dir = [sdk_output, os.path.join(sdk_output, target_path)][target is True] + if target is False: + ipkgconf_sdk_target = d.getVar("IPKGCONF_SDK") + d.setVar("IPKGCONF_TARGET", ipkgconf_sdk_target) + img_type = d.getVar('IMAGE_PKGTYPE') import importlib cls = importlib.import_module('oe.package_manager.' + img_type) diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py index a84039f585..2a8771dc28 100644 --- a/meta/lib/oe/utils.py +++ b/meta/lib/oe/utils.py @@ -480,7 +480,8 @@ class ThreadedWorker(Thread): try: func(self, *args, **kargs) except Exception as e: - print(e) + # Eat all exceptions + bb.mainlogger.debug("Worker task raised %s" % e, exc_info=e) finally: self.tasks.task_done() diff --git a/meta/lib/oeqa/manual/eclipse-plugin.json b/meta/lib/oeqa/manual/eclipse-plugin.json index d77d0e673b..6c110d0656 100644 --- a/meta/lib/oeqa/manual/eclipse-plugin.json +++ b/meta/lib/oeqa/manual/eclipse-plugin.json @@ -44,7 +44,7 @@ "expected_results": "" }, "2": { - "action": "wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/qemu (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n", + "action": "wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/ (ex:core-image-sato-sdk-qemux86-date-rootfs-tar-bz2) \nsource /opt/poky/version/environment-setup-i585-poky-linux \n\nExtract qemu with runqemu-extract-sdk /home/user/file(ex.core-image-sato-sdk-qemux86.bz2) \n/home/user/qemux86-sato-sdk \n\n", "expected_results": " Qemu can be lauched normally." }, "3": { @@ -60,7 +60,7 @@ "expected_results": "" }, "6": { - "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget autobuilder.yoctoproject.org/pub/releases//machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n", + "action": "(d) QEMU: \nSelect this option if you will be using the QEMU emulator. Specify the Kernel matching the QEMU architecture you are using. \n wget https://downloads.yoctoproject.org/releases/yocto/yocto-$VERSION/machines/qemu/qemux86/bzImage-qemux86.bin \n e.g: /home/$USER/yocto/adt-installer/download_image/bzImage-qemux86.bin \n\n", "expected_results": "" }, "7": { @@ -247,7 +247,7 @@ "execution": { "1": { "action": "Clone eclipse-poky source. \n \n - git clone git://git.yoctoproject.org/eclipse-poky \n\n", - "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on http://autobuilder.yoctoproject.org/pub/releases/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n" + "expected_results": "Eclipse plugin is successfully installed \n\nDocumentation is there. For example if you have release yocto-2.0.1 you will found on https://downloads.yoctoproject.org/releases/yocto/yocto-2.0.1/eclipse-plugin/mars/ archive with documentation like org.yocto.doc-development-$date.zip \n \n" }, "2": { "action": "Checkout correct tag. \n\n - git checkout <eclipse-version>/<yocto-version> \n\n", diff --git a/meta/lib/oeqa/runtime/cases/parselogs.py b/meta/lib/oeqa/runtime/cases/parselogs.py index 01b633d89e..c842f95c34 100644 --- a/meta/lib/oeqa/runtime/cases/parselogs.py +++ b/meta/lib/oeqa/runtime/cases/parselogs.py @@ -302,7 +302,7 @@ class ParseLogsTest(OERuntimeTestCase): grepcmd = 'grep ' grepcmd += '-Ei "' for error in errors: - grepcmd += '\<' + error + '\>' + '|' + grepcmd += r'\<' + error + r'\>' + '|' grepcmd = grepcmd[:-1] grepcmd += '" ' + str(log) + " | grep -Eiv \'" @@ -313,13 +313,13 @@ class ParseLogsTest(OERuntimeTestCase): errorlist = ignore_errors['default'] for ignore_error in errorlist: - ignore_error = ignore_error.replace('(', '\(') - ignore_error = ignore_error.replace(')', '\)') + ignore_error = ignore_error.replace('(', r'\(') + ignore_error = ignore_error.replace(')', r'\)') ignore_error = ignore_error.replace("'", '.') - ignore_error = ignore_error.replace('?', '\?') - ignore_error = ignore_error.replace('[', '\[') - ignore_error = ignore_error.replace(']', '\]') - ignore_error = ignore_error.replace('*', '\*') + ignore_error = ignore_error.replace('?', r'\?') + ignore_error = ignore_error.replace('[', r'\[') + ignore_error = ignore_error.replace(']', r'\]') + ignore_error = ignore_error.replace('*', r'\*') ignore_error = ignore_error.replace('0-9', '[0-9]') grepcmd += ignore_error + '|' grepcmd = grepcmd[:-1] diff --git a/meta/lib/oeqa/selftest/cases/bbtests.py b/meta/lib/oeqa/selftest/cases/bbtests.py index 79390acc0d..4187cb840a 100644 --- a/meta/lib/oeqa/selftest/cases/bbtests.py +++ b/meta/lib/oeqa/selftest/cases/bbtests.py @@ -83,8 +83,10 @@ class BitbakeTests(OESelftestTestCase): def test_force_task_1(self): # test 1 from bug 5875 + import uuid test_recipe = 'zlib' - test_data = "Microsoft Made No Profit From Anyone's Zunes Yo" + # Need to use uuid otherwise hash equivlance would change the workflow + test_data = "Microsoft Made No Profit From Anyone's Zunes Yo %s" % uuid.uuid1() bb_vars = get_bb_vars(['D', 'PKGDEST', 'mandir'], test_recipe) image_dir = bb_vars['D'] pkgsplit_dir = bb_vars['PKGDEST'] @@ -161,7 +163,7 @@ SSTATE_DIR = \"${TOPDIR}/download-selftest\" """) self.track_for_cleanup(os.path.join(self.builddir, "download-selftest")) - data = 'SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' + data = 'SRC_URI = "https://downloads.yoctoproject.org/mirror/sources/aspell-${PV}.tar.gz;downloadfilename=test-aspell.tar.gz"' self.write_recipeinc('aspell', data) result = bitbake('-f -c fetch aspell', ignore_status=True) self.delete_recipeinc('aspell') @@ -298,3 +300,32 @@ INHERIT_remove = \"report-error\" test_recipe_summary_after = get_bb_var('SUMMARY', test_recipe) self.assertEqual(expected_recipe_summary, test_recipe_summary_after) + + def test_git_patchtool(self): + """ PATCHTOOL=git should work with non-git sources like tarballs + test recipe for the test must NOT containt git:// repository in SRC_URI + """ + test_recipe = "man-db" + self.write_recipeinc(test_recipe, 'PATCHTOOL=\"git\"') + src = get_bb_var("SRC_URI",test_recipe) + gitscm = re.search("git://", src) + self.assertFalse(gitscm, "test_git_patchtool pre-condition failed: {} test recipe contains git repo!".format(test_recipe)) + result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False) + fatal = re.search("fatal: not a git repository (or any of the parent directories)", result.output) + self.assertFalse(fatal, "Failed to patch using PATCHTOOL=\"git\"") + self.delete_recipeinc(test_recipe) + bitbake('-cclean {}'.format(test_recipe)) + + def test_git_patchtool2(self): + """ Test if PATCHTOOL=git works with git repo and doesn't reinitialize it + """ + test_recipe = "gitrepotest" + src = get_bb_var("SRC_URI",test_recipe) + gitscm = re.search("git://", src) + self.assertTrue(gitscm, "test_git_patchtool pre-condition failed: {} test recipe doesn't contains git repo!".format(test_recipe)) + result = bitbake('{} -c patch'.format(test_recipe), ignore_status=False) + srcdir = get_bb_var('S', test_recipe) + result = runCmd("git log", cwd = srcdir) + self.assertFalse("bitbake_patching_started" in result.output, msg = "Repository has been reinitialized. {}".format(srcdir)) + self.delete_recipeinc(test_recipe) + bitbake('-cclean {}'.format(test_recipe)) diff --git a/meta/lib/oeqa/selftest/cases/devtool.py b/meta/lib/oeqa/selftest/cases/devtool.py index 3385546e8e..7ac1fcfbeb 100644 --- a/meta/lib/oeqa/selftest/cases/devtool.py +++ b/meta/lib/oeqa/selftest/cases/devtool.py @@ -340,7 +340,7 @@ class DevtoolAddTests(DevtoolBase): checkvars['LIC_FILES_CHKSUM'] = 'file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263' checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '0.1+git${SRCPV}' - checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https' + checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/dbus-wait;protocol=https;branch=master' checkvars['SRCREV'] = srcrev checkvars['DEPENDS'] = set(['dbus']) self._test_recipe_contents(recipefile, checkvars, []) @@ -442,6 +442,7 @@ class DevtoolAddTests(DevtoolBase): tempdir = tempfile.mkdtemp(prefix='devtoolqa') self.track_for_cleanup(tempdir) url = 'gitsm://git.yoctoproject.org/mraa' + url_branch = '%s;branch=master' % url checkrev = 'ae127b19a50aa54255e4330ccfdd9a5d058e581d' testrecipe = 'mraa' srcdir = os.path.join(tempdir, testrecipe) @@ -462,7 +463,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.0+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = '${AUTOREV}' self._test_recipe_contents(recipefile, checkvars, []) # Try with revision and version specified @@ -481,7 +482,7 @@ class DevtoolAddTests(DevtoolBase): checkvars = {} checkvars['S'] = '${WORKDIR}/git' checkvars['PV'] = '1.5+git${SRCPV}' - checkvars['SRC_URI'] = url + checkvars['SRC_URI'] = url_branch checkvars['SRCREV'] = checkrev self._test_recipe_contents(recipefile, checkvars, []) @@ -904,7 +905,7 @@ class DevtoolUpdateTests(DevtoolBase): self._check_repo_status(os.path.dirname(recipefile), expected_status) result = runCmd('git diff %s' % os.path.basename(recipefile), cwd=os.path.dirname(recipefile)) - addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git"'] + addlines = ['SRCREV = ".*"', 'SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master"'] srcurilines = src_uri.split() srcurilines[0] = 'SRC_URI = "' + srcurilines[0] srcurilines.append('"') diff --git a/meta/lib/oeqa/selftest/cases/fetch.py b/meta/lib/oeqa/selftest/cases/fetch.py index cd15f65129..d2f0c38ef4 100644 --- a/meta/lib/oeqa/selftest/cases/fetch.py +++ b/meta/lib/oeqa/selftest/cases/fetch.py @@ -99,7 +99,7 @@ class Dependencies(OESelftestTestCase): r = """ LICENSE="CLOSED" - SRC_URI="git://example.com/repo" + SRC_URI="git://example.com/repo;branch=master" """ f = self.write_recipe(textwrap.dedent(r), tempdir) d = tinfoil.parse_recipe_file(f) diff --git a/meta/lib/oeqa/selftest/cases/glibc.py b/meta/lib/oeqa/selftest/cases/glibc.py index c687f6ef93..cf8c92887b 100644 --- a/meta/lib/oeqa/selftest/cases/glibc.py +++ b/meta/lib/oeqa/selftest/cases/glibc.py @@ -33,7 +33,7 @@ class GlibcSelfTestBase(OESelftestTestCase, OEPTestResultTestCase): ptestsuite = "glibc-user" if ssh is None else "glibc" self.ptest_section(ptestsuite) - with open(os.path.join(builddir, "tests.sum"), "r") as f: + with open(os.path.join(builddir, "tests.sum"), "r", errors='replace') as f: for test, result in parse_values(f): self.ptest_result(ptestsuite, test, result) diff --git a/meta/lib/oeqa/selftest/cases/recipetool.py b/meta/lib/oeqa/selftest/cases/recipetool.py index 9d56e9e1e3..4f283cdc03 100644 --- a/meta/lib/oeqa/selftest/cases/recipetool.py +++ b/meta/lib/oeqa/selftest/cases/recipetool.py @@ -357,7 +357,7 @@ class RecipetoolTests(RecipetoolBase): tempsrc = os.path.join(self.tempdir, 'srctree') os.makedirs(tempsrc) recipefile = os.path.join(self.tempdir, 'libmatchbox.bb') - srcuri = 'git://git.yoctoproject.org/libmatchbox' + srcuri = 'git://git.yoctoproject.org/libmatchbox;branch=master' result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri + ";rev=9f7cf8895ae2d39c465c04cc78e918c157420269", '-x', tempsrc]) self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output) checkvars = {} @@ -375,7 +375,7 @@ class RecipetoolTests(RecipetoolBase): temprecipe = os.path.join(self.tempdir, 'recipe') os.makedirs(temprecipe) pv = '1.7.3.0' - srcuri = 'http://www.dest-unreach.org/socat/download/socat-%s.tar.bz2' % pv + srcuri = 'http://www.dest-unreach.org/socat/download/Archive/socat-%s.tar.bz2' % pv result = runCmd('recipetool create %s -o %s' % (srcuri, temprecipe)) dirlist = os.listdir(temprecipe) if len(dirlist) > 1: @@ -447,7 +447,7 @@ class RecipetoolTests(RecipetoolBase): self.assertTrue(os.path.isfile(recipefile)) checkvars = {} checkvars['LICENSE'] = set(['Apache-2.0']) - checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https' + checkvars['SRC_URI'] = 'git://github.com/mesonbuild/meson;protocol=https;branch=master' inherits = ['setuptools3'] self._test_recipe_contents(recipefile, checkvars, inherits) @@ -514,7 +514,7 @@ class RecipetoolTests(RecipetoolBase): self.assertTrue(os.path.isfile(recipefile)) checkvars = {} checkvars['LICENSE'] = set(['GPLv2']) - checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http' + checkvars['SRC_URI'] = 'git://git.yoctoproject.org/git/matchbox-terminal;protocol=http;branch=master' inherits = ['pkgconfig', 'autotools'] self._test_recipe_contents(recipefile, checkvars, inherits) diff --git a/meta/lib/oeqa/selftest/cases/reproducible.py b/meta/lib/oeqa/selftest/cases/reproducible.py index a62757399b..546dc91120 100644 --- a/meta/lib/oeqa/selftest/cases/reproducible.py +++ b/meta/lib/oeqa/selftest/cases/reproducible.py @@ -114,8 +114,9 @@ def compare_file(reference, test, diffutils_sysroot): result.status = SAME return result -def run_diffoscope(a_dir, b_dir, html_dir, **kwargs): - return runCmd(['diffoscope', '--no-default-limits', '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir], +def run_diffoscope(a_dir, b_dir, html_dir, max_report_size=0, **kwargs): + return runCmd(['diffoscope', '--no-default-limits', '--max-report-size', str(max_report_size), + '--exclude-directory-metadata', 'yes', '--html-dir', html_dir, a_dir, b_dir], **kwargs) class DiffoscopeTests(OESelftestTestCase): @@ -145,6 +146,9 @@ class ReproducibleTests(OESelftestTestCase): package_classes = ['deb', 'ipk', 'rpm'] + # Maximum report size, in bytes + max_report_size = 250 * 1024 * 1024 + # targets are the things we want to test the reproducibility of targets = ['core-image-minimal', 'core-image-sato', 'core-image-full-cmdline', 'core-image-weston', 'world'] # sstate targets are things to pull from sstate to potentially cut build/debugging time @@ -321,7 +325,7 @@ class ReproducibleTests(OESelftestTestCase): # Copy jquery to improve the diffoscope output usability self.copy_file(os.path.join(jquery_sysroot, 'usr/share/javascript/jquery/jquery.min.js'), os.path.join(package_html_dir, 'jquery.js')) - run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir, + run_diffoscope('reproducibleA', 'reproducibleB', package_html_dir, max_report_size=self.max_report_size, native_sysroot=diffoscope_sysroot, ignore_status=True, cwd=package_dir) if fails: diff --git a/meta/lib/oeqa/selftest/cases/runtime_test.py b/meta/lib/oeqa/selftest/cases/runtime_test.py index b20c5b427b..f9649339e5 100644 --- a/meta/lib/oeqa/selftest/cases/runtime_test.py +++ b/meta/lib/oeqa/selftest/cases/runtime_test.py @@ -185,6 +185,10 @@ class TestImage(OESelftestTestCase): self.skipTest('virgl isn\'t working with Debian 9') if distro and distro == 'centos-7': self.skipTest('virgl isn\'t working with Centos 7') + if distro and distro == 'centos-8': + self.skipTest('virgl isn\'t working with Centos 8') + if distro and distro == 'fedora-34': + self.skipTest('virgl isn\'t working with Fedora 34') if distro and distro == 'opensuseleap-15.0': self.skipTest('virgl isn\'t working with Opensuse 15.0') @@ -228,6 +232,9 @@ class TestImage(OESelftestTestCase): dripath = subprocess.check_output("pkg-config --variable=dridriverdir dri", shell=True) except subprocess.CalledProcessError as e: self.skipTest("Could not determine the path to dri drivers on the host via pkg-config.\nPlease install Mesa development files (particularly, dri.pc) on the host machine.") + distro = oe.lsb.distro_identifier() + if distro and distro == 'fedora-34': + self.skipTest('virgl isn\'t working with Fedora 34') qemu_distrofeatures = get_bb_var('DISTRO_FEATURES', 'qemu-system-native') features = 'INHERIT += "testimage"\n' if 'opengl' not in qemu_distrofeatures: diff --git a/meta/lib/oeqa/selftest/cases/sstatetests.py b/meta/lib/oeqa/selftest/cases/sstatetests.py index c46e8ba489..e2fe38be87 100644 --- a/meta/lib/oeqa/selftest/cases/sstatetests.py +++ b/meta/lib/oeqa/selftest/cases/sstatetests.py @@ -39,7 +39,7 @@ class SStateTests(SStateBase): recipefile = os.path.join(tempdir, "recipes-test", "dbus-wait-test", 'dbus-wait-test_git.bb') os.makedirs(os.path.dirname(recipefile)) - srcuri = 'git://' + srcdir + ';protocol=file' + srcuri = 'git://' + srcdir + ';protocol=file;branch=master' result = runCmd(['recipetool', 'create', '-o', recipefile, srcuri]) self.assertTrue(os.path.isfile(recipefile), 'recipetool did not create recipe file; output:\n%s' % result.output) diff --git a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb index 5d6f200a73..e9dfa0770e 100644 --- a/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb +++ b/meta/recipes-bsp/efibootmgr/efibootmgr_17.bb @@ -10,7 +10,7 @@ DEPENDS = "efivar popt" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" -SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https \ +SRC_URI = "git://github.com/rhinstaller/efibootmgr.git;protocol=https;branch=master \ file://0001-remove-extra-decl.patch \ file://97668ae0bce776a36ea2001dea63d376be8274ac.patch \ " diff --git a/meta/recipes-bsp/efivar/efivar_37.bb b/meta/recipes-bsp/efivar/efivar_37.bb index 5bf121ff6e..fa1fe1ecdf 100644 --- a/meta/recipes-bsp/efivar/efivar_37.bb +++ b/meta/recipes-bsp/efivar/efivar_37.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6626bb1e20189cfa95f2c508ba286393" COMPATIBLE_HOST = "(i.86|x86_64|arm|aarch64).*-linux" -SRC_URI = "git://github.com/rhinstaller/efivar.git \ +SRC_URI = "git://github.com/rhinstaller/efivar.git;branch=master;protocol=https \ file://determinism.patch \ file://no-werror.patch" SRCREV = "c1d6b10e1ed4ba2be07f385eae5bceb694478a10" diff --git a/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch b/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch new file mode 100644 index 0000000000..dae26fd8bb --- /dev/null +++ b/meta/recipes-bsp/grub/files/CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch @@ -0,0 +1,49 @@ +From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001 +From: Michael Chang <mchang@suse.com> +Date: Fri, 3 Dec 2021 16:13:28 +0800 +Subject: [PATCH] grub-mkconfig: Restore umask for the grub.cfg + +The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating +configuration by grub-mkconfig) has inadvertently discarded umask for +creating grub.cfg in the process of running grub-mkconfig. The resulting +wrong permission (0644) would allow unprivileged users to read GRUB +configuration file content. This presents a low confidentiality risk +as grub.cfg may contain non-secured plain-text passwords. + +This patch restores the missing umask and sets the creation file mode +to 0600 preventing unprivileged access. + +Fixes: CVE-2021-3981 + +Signed-off-by: Michael Chang <mchang@suse.com> +Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com> + +Upstream-Status: Backport +CVE: CVE-2021-3981 + +Reference to upstream patch: +https://git.savannah.gnu.org/cgit/grub.git/commit/?id=0adec29674561034771c13e446069b41ef41e4d4 + +Signed-off-by: Yongxin Liu <yongxin.liu@windriver.com> +--- + util/grub-mkconfig.in | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in +index c3ea7612e..62335d027 100644 +--- a/util/grub-mkconfig.in ++++ b/util/grub-mkconfig.in +@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with + exit 1 + else + # none of the children aborted with error, install the new grub.cfg ++ oldumask=$(umask) ++ umask 077 + cat ${grub_cfg}.new > ${grub_cfg} ++ umask $oldumask + rm -f ${grub_cfg}.new + fi + fi +-- +2.31.1 + diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 3c6b434c2d..a70754e346 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -20,6 +20,7 @@ SRC_URI = "https://alpha.gnu.org/gnu/grub/grub-${REALPV}.tar.xz \ file://0001-grub.d-10_linux.in-add-oe-s-kernel-name.patch \ file://determinism.patch \ file://0001-RISC-V-Restore-the-typcast-to-long.patch \ + file://CVE-2021-3981-grub-mkconfig-Restore-umask-for-the-grub.cfg.patch \ " SRC_URI[sha256sum] = "2c87f1f21e2ab50043e6cd9163c08f1b6c3a6171556bf23ff9ed65b074145484" diff --git a/meta/recipes-bsp/opensbi/opensbi_0.9.bb b/meta/recipes-bsp/opensbi/opensbi_0.9.bb index cb1c3f2ebf..e01491c9b7 100644 --- a/meta/recipes-bsp/opensbi/opensbi_0.9.bb +++ b/meta/recipes-bsp/opensbi/opensbi_0.9.bb @@ -9,7 +9,7 @@ require opensbi-payloads.inc inherit autotools-brokensep deploy SRCREV = "234ed8e427f4d92903123199f6590d144e0d9351" -SRC_URI = "git://github.com/riscv/opensbi.git;branch=master \ +SRC_URI = "git://github.com/riscv/opensbi.git;branch=master;protocol=https \ file://0001-Makefile-Don-t-specify-mabi-or-march.patch \ " diff --git a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb index 613e3161fb..8234b86162 100644 --- a/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb +++ b/meta/recipes-bsp/u-boot/libubootenv_0.3.1.bb @@ -10,7 +10,7 @@ LICENSE = "LGPL-2.1" LIC_FILES_CHKSUM = "file://Licenses/lgpl-2.1.txt;md5=4fbd65380cdd255951079008b364516c" SECTION = "libs" -SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https" +SRC_URI = "git://github.com/sbabic/libubootenv;protocol=https;branch=master" SRCREV = "824551ac77bab1d0f7ae34d7a7c77b155240e754" S = "${WORKDIR}/git" diff --git a/meta/recipes-bsp/u-boot/u-boot-common.inc b/meta/recipes-bsp/u-boot/u-boot-common.inc index 993478a73b..17c6140216 100644 --- a/meta/recipes-bsp/u-boot/u-boot-common.inc +++ b/meta/recipes-bsp/u-boot/u-boot-common.inc @@ -14,7 +14,7 @@ PE = "1" # repo during parse SRCREV = "c4fddedc48f336eabc4ce3f74940e6aa372de18c" -SRC_URI = "git://git.denx.de/u-boot.git \ +SRC_URI = "git://git.denx.de/u-boot.git;branch=master \ file://0001-add-valid-fdt-check.patch \ file://CVE-2021-27097-1.patch \ file://CVE-2021-27097-2.patch \ diff --git a/meta/recipes-connectivity/avahi/files/local-ping.patch b/meta/recipes-connectivity/avahi/files/local-ping.patch index 94116ad1f3..29c192d296 100644 --- a/meta/recipes-connectivity/avahi/files/local-ping.patch +++ b/meta/recipes-connectivity/avahi/files/local-ping.patch @@ -1,4 +1,5 @@ CVE: CVE-2021-36217 +CVE: CVE-2021-3502 Upstream-Status: Backport Signed-off-by: Ross Burton <ross.burton@arm.com> diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch new file mode 100644 index 0000000000..f63c333264 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-1.patch @@ -0,0 +1,76 @@ +From 011e9418ce9bb25675de6ac8d47536efedeeb312 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org> +Date: Fri, 24 Sep 2021 09:35:11 +0200 +Subject: [PATCH] Disable lame-ttl cache + +The lame-ttl cache is implemented in ADB as per-server locked +linked-list "indexed" with <qname,qtype>. This list has to be walked +every time there's a new query or new record added into the lame cache. +Determined attacker can use this to degrade performance of the resolver. + +Resolver testing has shown that disabling the lame cache has little +impact on the resolver performance and it's a minimal viable defense +against this kind of attack. + +CVE: CVE-2021-25219 + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/8fe18c0566c41228a568157287f5a44f96d37662] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + bin/named/config.c | 2 +- + bin/named/server.c | 7 +++++-- + doc/arm/reference.rst | 6 +++--- + 3 files changed, 9 insertions(+), 6 deletions(-) + +diff --git a/bin/named/config.c b/bin/named/config.c +index fa8473db7c..b6453b814e 100644 +--- a/bin/named/config.c ++++ b/bin/named/config.c +@@ -151,7 +151,7 @@ options {\n\ + fetches-per-server 0;\n\ + fetches-per-zone 0;\n\ + glue-cache yes;\n\ +- lame-ttl 600;\n" ++ lame-ttl 0;\n" + #ifdef HAVE_LMDB + " lmdb-mapsize 32M;\n" + #endif /* ifdef HAVE_LMDB */ +diff --git a/bin/named/server.c b/bin/named/server.c +index 638703e8c2..35ad6a0b7f 100644 +--- a/bin/named/server.c ++++ b/bin/named/server.c +@@ -4806,8 +4806,11 @@ configure_view(dns_view_t *view, dns_viewlist_t *viewlist, cfg_obj_t *config, + result = named_config_get(maps, "lame-ttl", &obj); + INSIST(result == ISC_R_SUCCESS); + lame_ttl = cfg_obj_asduration(obj); +- if (lame_ttl > 1800) { +- lame_ttl = 1800; ++ if (lame_ttl > 0) { ++ cfg_obj_log(obj, named_g_lctx, ISC_LOG_WARNING, ++ "disabling lame cache despite lame-ttl > 0 as it " ++ "may cause performance issues"); ++ lame_ttl = 0; + } + dns_resolver_setlamettl(view->resolver, lame_ttl); + +diff --git a/doc/arm/reference.rst b/doc/arm/reference.rst +index 3bc4439745..fea854f3d1 100644 +--- a/doc/arm/reference.rst ++++ b/doc/arm/reference.rst +@@ -3358,9 +3358,9 @@ Tuning + ^^^^^^ + + ``lame-ttl`` +- This sets the number of seconds to cache a lame server indication. 0 +- disables caching. (This is **NOT** recommended.) The default is +- ``600`` (10 minutes) and the maximum value is ``1800`` (30 minutes). ++ This is always set to 0. More information is available in the ++ `security advisory for CVE-2021-25219 ++ <https://kb.isc.org/docs/cve-2021-25219>`_. + + ``servfail-ttl`` + This sets the number of seconds to cache a SERVFAIL response due to DNSSEC +-- +2.17.1 + diff --git a/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch new file mode 100644 index 0000000000..1217f7f186 --- /dev/null +++ b/meta/recipes-connectivity/bind/bind-9.16.16/CVE-2021-25219-2.patch @@ -0,0 +1,65 @@ +From 117cf776a7add27ac6d236b4062258da0d068486 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= <ondrej@sury.org> +Date: Mon, 15 Nov 2021 16:26:52 +0800 +Subject: [PATCH] Enable lame response detection even with disabled lame cache + +Previously, when lame cache would be disabled by setting lame-ttl to 0, +it would also disable lame answer detection. In this commit, we enable +the lame response detection even when the lame cache is disabled. This +enables stopping answer processing early rather than going through the +whole answer processing flow. + +CVE: CVE-2021-25219 + +Upstream-Status: Backport [https://gitlab.isc.org/isc-projects/bind9/-/commit/e4931584a34bdd0a0d18e4d918fb853bf5296787] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + lib/dns/resolver.c | 23 ++++++++++++----------- + 1 file changed, 12 insertions(+), 11 deletions(-) + +diff --git a/lib/dns/resolver.c b/lib/dns/resolver.c +index 50fadc0..9291bd4 100644 +--- a/lib/dns/resolver.c ++++ b/lib/dns/resolver.c +@@ -10217,25 +10217,26 @@ rctx_badserver(respctx_t *rctx, isc_result_t result) { + */ + static isc_result_t + rctx_lameserver(respctx_t *rctx) { +- isc_result_t result; ++ isc_result_t result = ISC_R_SUCCESS; + fetchctx_t *fctx = rctx->fctx; + resquery_t *query = rctx->query; + +- if (fctx->res->lame_ttl == 0 || ISFORWARDER(query->addrinfo) || +- !is_lame(fctx, query->rmessage)) +- { ++ if (ISFORWARDER(query->addrinfo) || !is_lame(fctx, query->rmessage)) { + return (ISC_R_SUCCESS); + } + + inc_stats(fctx->res, dns_resstatscounter_lame); + log_lame(fctx, query->addrinfo); +- result = dns_adb_marklame(fctx->adb, query->addrinfo, &fctx->name, +- fctx->type, rctx->now + fctx->res->lame_ttl); +- if (result != ISC_R_SUCCESS) { +- isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, +- DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR, +- "could not mark server as lame: %s", +- isc_result_totext(result)); ++ if (fctx->res->lame_ttl != 0) { ++ result = dns_adb_marklame(fctx->adb, query->addrinfo, ++ &fctx->name, fctx->type, ++ rctx->now + fctx->res->lame_ttl); ++ if (result != ISC_R_SUCCESS) { ++ isc_log_write(dns_lctx, DNS_LOGCATEGORY_RESOLVER, ++ DNS_LOGMODULE_RESOLVER, ISC_LOG_ERROR, ++ "could not mark server as lame: %s", ++ isc_result_totext(result)); ++ } + } + rctx->broken_server = DNS_R_LAME; + rctx->next_server = true; +-- +2.17.1 + diff --git a/meta/recipes-connectivity/bind/bind_9.16.16.bb b/meta/recipes-connectivity/bind/bind_9.16.16.bb index b152598402..4bfdeca9ce 100644 --- a/meta/recipes-connectivity/bind/bind_9.16.16.bb +++ b/meta/recipes-connectivity/bind/bind_9.16.16.bb @@ -18,6 +18,8 @@ SRC_URI = "https://ftp.isc.org/isc/bind9/${PV}/${BPN}-${PV}.tar.xz \ file://bind-ensure-searching-for-json-headers-searches-sysr.patch \ file://0001-named-lwresd-V-and-start-log-hide-build-options.patch \ file://0001-avoid-start-failure-with-bind-user.patch \ + file://CVE-2021-25219-1.patch \ + file://CVE-2021-25219-2.patch \ " SRC_URI[sha256sum] = "6c913902adf878e7dc5e229cea94faefc9d40f44775a30213edd08860f761d7b" diff --git a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb index af986c4eab..e4eeb3c726 100644 --- a/meta/recipes-connectivity/connman/connman-gnome_0.7.bb +++ b/meta/recipes-connectivity/connman/connman-gnome_0.7.bb @@ -10,7 +10,7 @@ DEPENDS = "gtk+3 dbus-glib dbus-glib-native intltool-native gettext-native" # 0.7 tag SRCREV = "cf3c325b23dae843c5499a113591cfbc98acb143" -SRC_URI = "git://github.com/connectivity/connman-gnome.git \ +SRC_URI = "git://github.com/connectivity/connman-gnome.git;branch=master;protocol=https \ file://0001-Removed-icon-from-connman-gnome-about-applet.patch \ file://null_check_for_ipv4_config.patch \ file://images/ \ diff --git a/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch new file mode 100644 index 0000000000..f05c696929 --- /dev/null +++ b/meta/recipes-connectivity/inetutils/inetutils/CVE-2021-40491.patch @@ -0,0 +1,67 @@ +From 98ccabf68e5b3f0a177bd1925581753d10041448 Mon Sep 17 00:00:00 2001 +From: Simon Josefsson <simon@josefsson.org> +Date: Wed, 1 Sep 2021 09:09:50 +0200 +Subject: [PATCH] ftp: check that PASV/LSPV addresses match. + +* NEWS: Mention change. +* ftp/ftp.c (initconn): Validate returned addresses. + +CVE: CVE-2021-40491 + +Upstream-Status: Backport +[https://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=58cb043b190fd04effdaea7c9403416b436e50dd] + +Signed-off-by: Yi Zhao <yi.zhao@windriver.com> +--- + ftp/ftp.c | 21 +++++++++++++++++++++ + 1 files changed, 21 insertions(+) + +diff --git a/ftp/ftp.c b/ftp/ftp.c +index d21dbdd..7513539 100644 +--- a/ftp/ftp.c ++++ b/ftp/ftp.c +@@ -1365,6 +1365,13 @@ initconn (void) + uint32_t *pu32 = (uint32_t *) &data_addr_sa4->sin_addr.s_addr; + pu32[0] = htonl ( (h[0] << 24) | (h[1] << 16) | (h[2] << 8) | h[3]); + } ++ if (data_addr_sa4->sin_addr.s_addr ++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* LPSV IPv4 */ + else /* IPv6 */ + { +@@ -1395,6 +1402,13 @@ initconn (void) + pu32[2] = htonl ( (h[8] << 24) | (h[9] << 16) | (h[10] << 8) | h[11]); + pu32[3] = htonl ( (h[12] << 24) | (h[13] << 16) | (h[14] << 8) | h[15]); + } ++ if (data_addr_sa6->sin6_addr.s6_addr ++ != ((struct sockaddr_in6 *) &hisctladdr)->sin6_addr.s6_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* LPSV IPv6 */ + } + else /* !EPSV && !LPSV */ +@@ -1415,6 +1429,13 @@ initconn (void) + | ((a2 & 0xff) << 8) | (a3 & 0xff) ); + data_addr_sa4->sin_port = + htons (((p0 & 0xff) << 8) | (p1 & 0xff)); ++ if (data_addr_sa4->sin_addr.s_addr ++ != ((struct sockaddr_in *) &hisctladdr)->sin_addr.s_addr) ++ { ++ printf ("Passive mode address mismatch.\n"); ++ (void) command ("ABOR"); /* Cancel any open connection. */ ++ goto bad; ++ } + } /* PASV */ + else + { +-- +2.17.1 + diff --git a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb index a4d05b0542..d299bc359e 100644 --- a/meta/recipes-connectivity/inetutils/inetutils_2.0.bb +++ b/meta/recipes-connectivity/inetutils/inetutils_2.0.bb @@ -20,6 +20,7 @@ SRC_URI = "${GNU_MIRROR}/inetutils/inetutils-${PV}.tar.xz \ file://tftpd.xinetd.inetutils \ file://inetutils-1.9-PATH_PROCNET_DEV.patch \ file://inetutils-only-check-pam_appl.h-when-pam-enabled.patch \ + file://CVE-2021-40491.patch \ " SRC_URI[md5sum] = "5e1018502cd131ed8e42339f6b5c98aa" diff --git a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb index 9a83898e52..5213b28345 100644 --- a/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb +++ b/meta/recipes-connectivity/libnss-mdns/libnss-mdns_0.14.1.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1" DEPENDS = "avahi" -SRC_URI = "git://github.com/lathiat/nss-mdns \ +SRC_URI = "git://github.com/lathiat/nss-mdns;branch=master;protocol=https \ " SRCREV = "41c9c5e78f287ed4b41ac438c1873fa71bfa70ae" diff --git a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb index 4987331dc8..e15d338941 100644 --- a/meta/recipes-connectivity/libuv/libuv_1.41.0.bb +++ b/meta/recipes-connectivity/libuv/libuv_1.41.0.bb @@ -6,7 +6,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=a68902a430e32200263d182d44924d47" SRCREV = "1dff88e5161cba5c59276d2070d2e304e4dcb242" -SRC_URI = "git://github.com/libuv/libuv;branch=v1.x" +SRC_URI = "git://github.com/libuv/libuv;branch=v1.x;protocol=https" S = "${WORKDIR}/git" diff --git a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb index f170cf4650..781b9216c5 100644 --- a/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb +++ b/meta/recipes-connectivity/mobile-broadband-provider-info/mobile-broadband-provider-info_git.bb @@ -4,11 +4,12 @@ DESCRIPTION = "Mobile Broadband Service Provider Database stores service provide SECTION = "network" LICENSE = "PD" LIC_FILES_CHKSUM = "file://COPYING;md5=87964579b2a8ece4bc6744d2dc9a8b04" -SRCREV = "90f3fe28aa25135b7e4a54a7816388913bfd4a2a" -PV = "20201225" + +SRCREV = "4cbb44a9fe26aa6f0b28beb79f9488b37c097b5e" +PV = "20220315" PE = "1" -SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https" +SRC_URI = "git://gitlab.gnome.org/GNOME/mobile-broadband-provider-info.git;protocol=https;branch=main" S = "${WORKDIR}/git" inherit autotools diff --git a/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch new file mode 100644 index 0000000000..9ca7c2f202 --- /dev/null +++ b/meta/recipes-connectivity/openssh/openssh/CVE-2021-41617.patch @@ -0,0 +1,49 @@ +From 1f0707e8e78ef290fd0f229df3fcd2236f29db89 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 28 Oct 2021 11:11:05 +0800 +Subject: [PATCH] upstream: need initgroups() before setresgid(); reported by + anton@, + +ok deraadt@ + +OpenBSD-Commit-ID: 6aa003ee658b316960d94078f2a16edbc25087ce + +CVE: CVE-2021-41617 +Upstream-Status: [Backport] +https://github.com/openssh/openssh-portable/commit/f3cbe43e28fe71427d41cfe3a17125b972710455 +https://github.com/openssh/openssh-portable/commit/bf944e3794eff5413f2df1ef37cddf96918c6bde + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + misc.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/misc.c b/misc.c +index d988ce3..33eca1c 100644 +--- a/misc.c ++++ b/misc.c +@@ -56,6 +56,7 @@ + #ifdef HAVE_PATHS_H + # include <paths.h> + #include <pwd.h> ++#include <grp.h> + #endif + #ifdef SSH_TUN_OPENBSD + #include <net/if.h> +@@ -2629,6 +2630,13 @@ subprocess(const char *tag, const char *command, + } + closefrom(STDERR_FILENO + 1); + ++ if (geteuid() == 0 && ++ initgroups(pw->pw_name, pw->pw_gid) == -1) { ++ error("%s: initgroups(%s, %u): %s", tag, ++ pw->pw_name, (u_int)pw->pw_gid, strerror(errno)); ++ _exit(1); ++ } ++ + if (setresgid(pw->pw_gid, pw->pw_gid, pw->pw_gid) == -1) { + error("%s: setresgid %u: %s", tag, (u_int)pw->pw_gid, + strerror(errno)); +-- +2.17.1 + diff --git a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb index c6de519884..9a5f37bc39 100644 --- a/meta/recipes-connectivity/openssh/openssh_8.5p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_8.5p1.bb @@ -24,6 +24,7 @@ SRC_URI = "http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-${PV}.tar file://fix-potential-signed-overflow-in-pointer-arithmatic.patch \ file://sshd_check_keys \ file://add-test-support-for-busybox.patch \ + file://CVE-2021-41617.patch \ " SRC_URI[sha256sum] = "f52f3f41d429aa9918e38cf200af225ccdd8e66f052da572870c89737646ec25" diff --git a/meta/recipes-connectivity/openssl/openssl/reproducibility.patch b/meta/recipes-connectivity/openssl/openssl/reproducibility.patch new file mode 100644 index 0000000000..8accbc9df2 --- /dev/null +++ b/meta/recipes-connectivity/openssl/openssl/reproducibility.patch @@ -0,0 +1,22 @@ +Using localtime() means the output can depend on the timezone of the build machine. +Using gmtime() is safer. For complete reproducibility use SOURCE_DATE_EPOCH if set. + +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> +Upstream-Status: Pending [should be suitable] + +Index: openssl-3.0.1/apps/progs.pl +=================================================================== +--- openssl-3.0.1.orig/apps/progs.pl ++++ openssl-3.0.1/apps/progs.pl +@@ -21,7 +21,10 @@ die "Unrecognised option, must be -C or + my %commands = (); + my $cmdre = qr/^\s*int\s+([a-z_][a-z0-9_]*)_main\(\s*int\s+argc\s*,/; + my $apps_openssl = shift @ARGV; +-my $YEAR = [localtime()]->[5] + 1900; ++my $YEAR = [gmtime()]->[5] + 1900; ++if (defined($ENV{SOURCE_DATE_EPOCH}) && $ENV{SOURCE_DATE_EPOCH} !~ /\D/) { ++ $YEAR = [gmtime($ENV{SOURCE_DATE_EPOCH})]->[5] + 1900; ++} + + # because the program apps/openssl has object files as sources, and + # they then have the corresponding C files as source, we need to chain diff --git a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb index 9ea5c4c81f..df13abf54e 100644 --- a/meta/recipes-connectivity/openssl/openssl_1.1.1l.bb +++ b/meta/recipes-connectivity/openssl/openssl_1.1.1n.bb @@ -17,6 +17,7 @@ SRC_URI = "http://www.openssl.org/source/openssl-${PV}.tar.gz \ file://0001-buildinfo-strip-sysroot-and-debug-prefix-map-from-co.patch \ file://afalg.patch \ file://reproducible.patch \ + file://reproducibility.patch \ " SRC_URI_append_class-nativesdk = " \ @@ -28,7 +29,7 @@ SRC_URI_append_riscv32 = " \ file://0004-Fixup-support-for-io_pgetevents_time64-syscall.patch \ " -SRC_URI[sha256sum] = "0b7a3e5e59c34827fe0c3a74b7ec8baef302b98fa80088d7f9153aa16fa76bd1" +SRC_URI[sha256sum] = "40dceb51a4f6a5275bde0e6bf20ef4b91bfc32ed57c0552e2e8e15463372b17a" inherit lib_package multilib_header multilib_script ptest MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash" @@ -203,6 +204,7 @@ do_install_ptest () { install -m755 ${B}/apps/CA.pl ${D}${PTEST_PATH}/apps install -d ${D}${PTEST_PATH}/engines + install -m755 ${B}/engines/dasync.so ${D}${PTEST_PATH}/engines install -m755 ${B}/engines/ossltest.so ${D}${PTEST_PATH}/engines # seems to be needed with perl 5.32.1 diff --git a/meta/recipes-connectivity/socat/socat_1.7.4.1.bb b/meta/recipes-connectivity/socat/socat_1.7.4.1.bb index 5a13af91bc..0a1b65a8ca 100644 --- a/meta/recipes-connectivity/socat/socat_1.7.4.1.bb +++ b/meta/recipes-connectivity/socat/socat_1.7.4.1.bb @@ -9,7 +9,7 @@ LICENSE = "GPL-2.0-with-OpenSSL-exception" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://README;beginline=257;endline=287;md5=82520b052f322ac2b5b3dfdc7c7eea86" -SRC_URI = "http://www.dest-unreach.org/socat/download/socat-${PV}.tar.bz2 \ +SRC_URI = "http://www.dest-unreach.org/socat/download/Archive/socat-${PV}.tar.bz2 \ " SRC_URI[md5sum] = "36cad050ecf4981ab044c3fbd75c643f" diff --git a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb index 3804f4f7b2..3804f4f7b2 100644 --- a/meta/recipes-core/busybox/busybox-inittab_1.33.0.bb +++ b/meta/recipes-core/busybox/busybox-inittab_1.33.2.bb diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch new file mode 100644 index 0000000000..c07b53ebfd --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0001-awk-fix-CVEs.patch @@ -0,0 +1,3266 @@ +From cf542caeed195af05fa6205341f829ccee53f8c2 Mon Sep 17 00:00:00 2001 +From: Chen Qi <Qi.Chen@windriver.com> +Date: Tue, 4 Jan 2022 17:48:03 -0800 +Subject: [PATCH] awk: fix CVEs + +The awk CVEs is hard to be separated, thus we use the following method +to format the current patch. +git rev-list --reverse 1_33_2..1_34_1 -- editors/awk.c | xargs git cherry-pick +git reset HEAD~66 && git add . && git commit + +CVE: CVE-2021-42378 +CVE: CVE-2021-42379 +CVE: CVE-2021-42380 +CVE: CVE-2021-42381 +CVE: CVE-2021-42382 +CVE: CVE-2021-42383 +CVE: CVE-2021-42384 +CVE: CVE-2021-42385 +CVE: CVE-2021-42386 + +Upstream-Status: Backport + +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + editors/awk.c | 2060 +++++++++++++++++++++++----------------- + testsuite/awk.tests | 62 +- + testsuite/printf.tests | 5 + + 3 files changed, 1264 insertions(+), 863 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 2c15f9e4e..f6314ac72 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -66,6 +66,8 @@ + #endif + #ifndef debug_printf_parse + # define debug_printf_parse(...) (fprintf(stderr, __VA_ARGS__)) ++#else ++# define debug_parse_print_tc(...) ((void)0) + #endif + + +@@ -91,7 +93,6 @@ enum { + }; + + #define MAXVARFMT 240 +-#define MINNVBLOCK 64 + + /* variable flags */ + #define VF_NUMBER 0x0001 /* 1 = primary type is number */ +@@ -101,7 +102,7 @@ enum { + #define VF_USER 0x0200 /* 1 = user input (may be numeric string) */ + #define VF_SPECIAL 0x0400 /* 1 = requires extra handling when changed */ + #define VF_WALK 0x0800 /* 1 = variable has alloc'd x.walker list */ +-#define VF_FSTR 0x1000 /* 1 = var::string points to fstring buffer */ ++#define VF_FSTR 0x1000 /* 1 = don't free() var::string (not malloced, or is owned by something else) */ + #define VF_CHILD 0x2000 /* 1 = function arg; x.parent points to source */ + #define VF_DIRTY 0x4000 /* 1 = variable was set explicitly */ + +@@ -118,8 +119,8 @@ typedef struct walker_list { + /* Variable */ + typedef struct var_s { + unsigned type; /* flags */ +- double number; + char *string; ++ double number; + union { + int aidx; /* func arg idx (for compilation stage) */ + struct xhash_s *array; /* array ptr */ +@@ -138,6 +139,7 @@ typedef struct chain_s { + /* Function */ + typedef struct func_s { + unsigned nargs; ++ smallint defined; + struct chain_s body; + } func; + +@@ -177,7 +179,7 @@ typedef struct node_s { + struct node_s *n; + var *v; + int aidx; +- char *new_progname; ++ const char *new_progname; + regex_t *re; + } l; + union { +@@ -190,91 +192,120 @@ typedef struct node_s { + } a; + } node; + +-/* Block of temporary variables */ +-typedef struct nvblock_s { +- int size; +- var *pos; +- struct nvblock_s *prev; +- struct nvblock_s *next; +- var nv[]; +-} nvblock; +- + typedef struct tsplitter_s { + node n; + regex_t re[2]; + } tsplitter; + + /* simple token classes */ +-/* Order and hex values are very important!!! See next_token() */ +-#define TC_SEQSTART (1 << 0) /* ( */ +-#define TC_SEQTERM (1 << 1) /* ) */ +-#define TC_REGEXP (1 << 2) /* /.../ */ +-#define TC_OUTRDR (1 << 3) /* | > >> */ +-#define TC_UOPPOST (1 << 4) /* unary postfix operator */ +-#define TC_UOPPRE1 (1 << 5) /* unary prefix operator */ +-#define TC_BINOPX (1 << 6) /* two-opnd operator */ +-#define TC_IN (1 << 7) +-#define TC_COMMA (1 << 8) +-#define TC_PIPE (1 << 9) /* input redirection pipe */ +-#define TC_UOPPRE2 (1 << 10) /* unary prefix operator */ +-#define TC_ARRTERM (1 << 11) /* ] */ +-#define TC_GRPSTART (1 << 12) /* { */ +-#define TC_GRPTERM (1 << 13) /* } */ +-#define TC_SEMICOL (1 << 14) +-#define TC_NEWLINE (1 << 15) +-#define TC_STATX (1 << 16) /* ctl statement (for, next...) */ +-#define TC_WHILE (1 << 17) +-#define TC_ELSE (1 << 18) +-#define TC_BUILTIN (1 << 19) ++/* order and hex values are very important!!! See next_token() */ ++#define TC_LPAREN (1 << 0) /* ( */ ++#define TC_RPAREN (1 << 1) /* ) */ ++#define TC_REGEXP (1 << 2) /* /.../ */ ++#define TC_OUTRDR (1 << 3) /* | > >> */ ++#define TC_UOPPOST (1 << 4) /* unary postfix operator ++ -- */ ++#define TC_UOPPRE1 (1 << 5) /* unary prefix operator ++ -- $ */ ++#define TC_BINOPX (1 << 6) /* two-opnd operator */ ++#define TC_IN (1 << 7) /* 'in' */ ++#define TC_COMMA (1 << 8) /* , */ ++#define TC_PIPE (1 << 9) /* input redirection pipe | */ ++#define TC_UOPPRE2 (1 << 10) /* unary prefix operator + - ! */ ++#define TC_ARRTERM (1 << 11) /* ] */ ++#define TC_LBRACE (1 << 12) /* { */ ++#define TC_RBRACE (1 << 13) /* } */ ++#define TC_SEMICOL (1 << 14) /* ; */ ++#define TC_NEWLINE (1 << 15) ++#define TC_STATX (1 << 16) /* ctl statement (for, next...) */ ++#define TC_WHILE (1 << 17) /* 'while' */ ++#define TC_ELSE (1 << 18) /* 'else' */ ++#define TC_BUILTIN (1 << 19) + /* This costs ~50 bytes of code. + * A separate class to support deprecated "length" form. If we don't need that + * (i.e. if we demand that only "length()" with () is valid), then TC_LENGTH + * can be merged with TC_BUILTIN: + */ +-#define TC_LENGTH (1 << 20) +-#define TC_GETLINE (1 << 21) +-#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */ +-#define TC_BEGIN (1 << 23) +-#define TC_END (1 << 24) +-#define TC_EOF (1 << 25) +-#define TC_VARIABLE (1 << 26) +-#define TC_ARRAY (1 << 27) +-#define TC_FUNCTION (1 << 28) +-#define TC_STRING (1 << 29) +-#define TC_NUMBER (1 << 30) +- +-#define TC_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2) +- +-/* combined token classes */ +-#define TC_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN) +-//#define TC_UNARYOP (TC_UOPPRE | TC_UOPPOST) +-#define TC_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \ +- | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ +- | TC_SEQSTART | TC_STRING | TC_NUMBER) +- +-#define TC_STATEMNT (TC_STATX | TC_WHILE) +-#define TC_OPTERM (TC_SEMICOL | TC_NEWLINE) ++#define TC_LENGTH (1 << 20) /* 'length' */ ++#define TC_GETLINE (1 << 21) /* 'getline' */ ++#define TC_FUNCDECL (1 << 22) /* 'function' 'func' */ ++#define TC_BEGIN (1 << 23) /* 'BEGIN' */ ++#define TC_END (1 << 24) /* 'END' */ ++#define TC_EOF (1 << 25) ++#define TC_VARIABLE (1 << 26) /* name */ ++#define TC_ARRAY (1 << 27) /* name[ */ ++#define TC_FUNCTION (1 << 28) /* name( */ ++#define TC_STRING (1 << 29) /* "..." */ ++#define TC_NUMBER (1 << 30) ++ ++#ifndef debug_parse_print_tc ++static void debug_parse_print_tc(uint32_t n) ++{ ++ if (n & TC_LPAREN ) debug_printf_parse(" LPAREN" ); ++ if (n & TC_RPAREN ) debug_printf_parse(" RPAREN" ); ++ if (n & TC_REGEXP ) debug_printf_parse(" REGEXP" ); ++ if (n & TC_OUTRDR ) debug_printf_parse(" OUTRDR" ); ++ if (n & TC_UOPPOST ) debug_printf_parse(" UOPPOST" ); ++ if (n & TC_UOPPRE1 ) debug_printf_parse(" UOPPRE1" ); ++ if (n & TC_BINOPX ) debug_printf_parse(" BINOPX" ); ++ if (n & TC_IN ) debug_printf_parse(" IN" ); ++ if (n & TC_COMMA ) debug_printf_parse(" COMMA" ); ++ if (n & TC_PIPE ) debug_printf_parse(" PIPE" ); ++ if (n & TC_UOPPRE2 ) debug_printf_parse(" UOPPRE2" ); ++ if (n & TC_ARRTERM ) debug_printf_parse(" ARRTERM" ); ++ if (n & TC_LBRACE ) debug_printf_parse(" LBRACE" ); ++ if (n & TC_RBRACE ) debug_printf_parse(" RBRACE" ); ++ if (n & TC_SEMICOL ) debug_printf_parse(" SEMICOL" ); ++ if (n & TC_NEWLINE ) debug_printf_parse(" NEWLINE" ); ++ if (n & TC_STATX ) debug_printf_parse(" STATX" ); ++ if (n & TC_WHILE ) debug_printf_parse(" WHILE" ); ++ if (n & TC_ELSE ) debug_printf_parse(" ELSE" ); ++ if (n & TC_BUILTIN ) debug_printf_parse(" BUILTIN" ); ++ if (n & TC_LENGTH ) debug_printf_parse(" LENGTH" ); ++ if (n & TC_GETLINE ) debug_printf_parse(" GETLINE" ); ++ if (n & TC_FUNCDECL) debug_printf_parse(" FUNCDECL"); ++ if (n & TC_BEGIN ) debug_printf_parse(" BEGIN" ); ++ if (n & TC_END ) debug_printf_parse(" END" ); ++ if (n & TC_EOF ) debug_printf_parse(" EOF" ); ++ if (n & TC_VARIABLE) debug_printf_parse(" VARIABLE"); ++ if (n & TC_ARRAY ) debug_printf_parse(" ARRAY" ); ++ if (n & TC_FUNCTION) debug_printf_parse(" FUNCTION"); ++ if (n & TC_STRING ) debug_printf_parse(" STRING" ); ++ if (n & TC_NUMBER ) debug_printf_parse(" NUMBER" ); ++} ++#endif ++ ++/* combined token classes ("token [class] sets") */ ++#define TS_UOPPRE (TC_UOPPRE1 | TC_UOPPRE2) ++ ++#define TS_BINOP (TC_BINOPX | TC_COMMA | TC_PIPE | TC_IN) ++//#define TS_UNARYOP (TS_UOPPRE | TC_UOPPOST) ++#define TS_OPERAND (TC_VARIABLE | TC_ARRAY | TC_FUNCTION \ ++ | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ ++ | TC_LPAREN | TC_STRING | TC_NUMBER) ++ ++#define TS_LVALUE (TC_VARIABLE | TC_ARRAY) ++#define TS_STATEMNT (TC_STATX | TC_WHILE) + + /* word tokens, cannot mean something else if not expected */ +-#define TC_WORD (TC_IN | TC_STATEMNT | TC_ELSE \ +- | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ +- | TC_FUNCDECL | TC_BEGIN | TC_END) ++#define TS_WORD (TC_IN | TS_STATEMNT | TC_ELSE \ ++ | TC_BUILTIN | TC_LENGTH | TC_GETLINE \ ++ | TC_FUNCDECL | TC_BEGIN | TC_END) + + /* discard newlines after these */ +-#define TC_NOTERM (TC_COMMA | TC_GRPSTART | TC_GRPTERM \ +- | TC_BINOP | TC_OPTERM) ++#define TS_NOTERM (TS_BINOP | TC_COMMA | TC_LBRACE | TC_RBRACE \ ++ | TC_SEMICOL | TC_NEWLINE) + + /* what can expression begin with */ +-#define TC_OPSEQ (TC_OPERAND | TC_UOPPRE | TC_REGEXP) ++#define TS_OPSEQ (TS_OPERAND | TS_UOPPRE | TC_REGEXP) + /* what can group begin with */ +-#define TC_GRPSEQ (TC_OPSEQ | TC_OPTERM | TC_STATEMNT | TC_GRPSTART) ++#define TS_GRPSEQ (TS_OPSEQ | TS_STATEMNT \ ++ | TC_SEMICOL | TC_NEWLINE | TC_LBRACE) + +-/* if previous token class is CONCAT1 and next is CONCAT2, concatenation */ ++/* if previous token class is CONCAT_L and next is CONCAT_R, concatenation */ + /* operator is inserted between them */ +-#define TC_CONCAT1 (TC_VARIABLE | TC_ARRTERM | TC_SEQTERM \ ++#define TS_CONCAT_L (TC_VARIABLE | TC_ARRTERM | TC_RPAREN \ + | TC_STRING | TC_NUMBER | TC_UOPPOST \ + | TC_LENGTH) +-#define TC_CONCAT2 (TC_OPERAND | TC_UOPPRE) ++#define TS_CONCAT_R (TS_OPERAND | TS_UOPPRE) + + #define OF_RES1 0x010000 + #define OF_RES2 0x020000 +@@ -284,13 +315,12 @@ typedef struct tsplitter_s { + #define OF_CHECKED 0x200000 + #define OF_REQUIRED 0x400000 + +- + /* combined operator flags */ + #define xx 0 + #define xV OF_RES2 + #define xS (OF_RES2 | OF_STR2) + #define Vx OF_RES1 +-#define Rx (OF_RES1 | OF_NUM1 | OF_REQUIRED) ++#define Rx OF_REQUIRED + #define VV (OF_RES1 | OF_RES2) + #define Nx (OF_RES1 | OF_NUM1) + #define NV (OF_RES1 | OF_NUM1 | OF_RES2) +@@ -302,8 +332,7 @@ typedef struct tsplitter_s { + #define OPNMASK 0x007F + + /* operator priority is a highest byte (even: r->l, odd: l->r grouping) +- * For builtins it has different meaning: n n s3 s2 s1 v3 v2 v1, +- * n - min. number of args, vN - resolve Nth arg to var, sN - resolve to string ++ * (for builtins it has different meaning) + */ + #undef P + #undef PRIMASK +@@ -313,10 +342,8 @@ typedef struct tsplitter_s { + #define PRIMASK2 0x7E000000 + + /* Operation classes */ +- + #define SHIFT_TIL_THIS 0x0600 + #define RECUR_FROM_THIS 0x1000 +- + enum { + OC_DELETE = 0x0100, OC_EXEC = 0x0200, OC_NEWSOURCE = 0x0300, + OC_PRINT = 0x0400, OC_PRINTF = 0x0500, OC_WALKINIT = 0x0600, +@@ -358,8 +385,8 @@ enum { + #define NTCC '\377' + + static const char tokenlist[] ALIGN1 = +- "\1(" NTC /* TC_SEQSTART */ +- "\1)" NTC /* TC_SEQTERM */ ++ "\1(" NTC /* TC_LPAREN */ ++ "\1)" NTC /* TC_RPAREN */ + "\1/" NTC /* TC_REGEXP */ + "\2>>" "\1>" "\1|" NTC /* TC_OUTRDR */ + "\2++" "\2--" NTC /* TC_UOPPOST */ +@@ -376,8 +403,8 @@ static const char tokenlist[] ALIGN1 = + "\1|" NTC /* TC_PIPE */ + "\1+" "\1-" "\1!" NTC /* TC_UOPPRE2 */ + "\1]" NTC /* TC_ARRTERM */ +- "\1{" NTC /* TC_GRPSTART */ +- "\1}" NTC /* TC_GRPTERM */ ++ "\1{" NTC /* TC_LBRACE */ ++ "\1}" NTC /* TC_RBRACE */ + "\1;" NTC /* TC_SEMICOL */ + "\1\n" NTC /* TC_NEWLINE */ + "\2if" "\2do" "\3for" "\5break" /* TC_STATX */ +@@ -391,7 +418,7 @@ static const char tokenlist[] ALIGN1 = + "\5close" "\6system" "\6fflush" "\5atan2" + "\3cos" "\3exp" "\3int" "\3log" + "\4rand" "\3sin" "\4sqrt" "\5srand" +- "\6gensub" "\4gsub" "\5index" /* "\6length" was here */ ++ "\6gensub" "\4gsub" "\5index" /* "\6length" was here */ + "\5match" "\5split" "\7sprintf" "\3sub" + "\6substr" "\7systime" "\10strftime" "\6mktime" + "\7tolower" "\7toupper" NTC +@@ -403,25 +430,32 @@ static const char tokenlist[] ALIGN1 = + /* compiler adds trailing "\0" */ + ; + +-#define OC_B OC_BUILTIN +- + static const uint32_t tokeninfo[] ALIGN4 = { + 0, + 0, +- OC_REGEXP, ++#define TI_REGEXP OC_REGEXP ++ TI_REGEXP, + xS|'a', xS|'w', xS|'|', + OC_UNARY|xV|P(9)|'p', OC_UNARY|xV|P(9)|'m', +- OC_UNARY|xV|P(9)|'P', OC_UNARY|xV|P(9)|'M', OC_FIELD|xV|P(5), ++#define TI_PREINC (OC_UNARY|xV|P(9)|'P') ++#define TI_PREDEC (OC_UNARY|xV|P(9)|'M') ++ TI_PREINC, TI_PREDEC, OC_FIELD|xV|P(5), + OC_COMPARE|VV|P(39)|5, OC_MOVE|VV|P(74), OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-', + OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&', + OC_BINARY|NV|P(29)|'+', OC_BINARY|NV|P(29)|'-', OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&', + OC_BINARY|NV|P(25)|'/', OC_BINARY|NV|P(25)|'%', OC_BINARY|NV|P(15)|'&', OC_BINARY|NV|P(25)|'*', + OC_COMPARE|VV|P(39)|4, OC_COMPARE|VV|P(39)|3, OC_COMPARE|VV|P(39)|0, OC_COMPARE|VV|P(39)|1, +- OC_COMPARE|VV|P(39)|2, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55), +- OC_LOR|Vx|P(59), OC_TERNARY|Vx|P(64)|'?', OC_COLON|xx|P(67)|':', +- OC_IN|SV|P(49), /* TC_IN */ +- OC_COMMA|SS|P(80), +- OC_PGETLINE|SV|P(37), ++#define TI_LESS (OC_COMPARE|VV|P(39)|2) ++ TI_LESS, OC_MATCH|Sx|P(45)|'!', OC_MATCH|Sx|P(45)|'~', OC_LAND|Vx|P(55), ++#define TI_TERNARY (OC_TERNARY|Vx|P(64)|'?') ++#define TI_COLON (OC_COLON|xx|P(67)|':') ++ OC_LOR|Vx|P(59), TI_TERNARY, TI_COLON, ++#define TI_IN (OC_IN|SV|P(49)) ++ TI_IN, ++#define TI_COMMA (OC_COMMA|SS|P(80)) ++ TI_COMMA, ++#define TI_PGETLINE (OC_PGETLINE|SV|P(37)) ++ TI_PGETLINE, + OC_UNARY|xV|P(19)|'+', OC_UNARY|xV|P(19)|'-', OC_UNARY|xV|P(19)|'!', + 0, /* ] */ + 0, +@@ -434,20 +468,45 @@ static const uint32_t tokeninfo[] ALIGN4 = { + OC_RETURN|Vx, OC_EXIT|Nx, + ST_WHILE, + 0, /* else */ +- OC_B|B_an|P(0x83), OC_B|B_co|P(0x41), OC_B|B_ls|P(0x83), OC_B|B_or|P(0x83), +- OC_B|B_rs|P(0x83), OC_B|B_xo|P(0x83), +- OC_FBLTIN|Sx|F_cl, OC_FBLTIN|Sx|F_sy, OC_FBLTIN|Sx|F_ff, OC_B|B_a2|P(0x83), +- OC_FBLTIN|Nx|F_co, OC_FBLTIN|Nx|F_ex, OC_FBLTIN|Nx|F_in, OC_FBLTIN|Nx|F_lg, +- OC_FBLTIN|F_rn, OC_FBLTIN|Nx|F_si, OC_FBLTIN|Nx|F_sq, OC_FBLTIN|Nx|F_sr, +- OC_B|B_ge|P(0xd6), OC_B|B_gs|P(0xb6), OC_B|B_ix|P(0x9b), /* OC_FBLTIN|Sx|F_le, was here */ +- OC_B|B_ma|P(0x89), OC_B|B_sp|P(0x8b), OC_SPRINTF, OC_B|B_su|P(0xb6), +- OC_B|B_ss|P(0x8f), OC_FBLTIN|F_ti, OC_B|B_ti|P(0x0b), OC_B|B_mt|P(0x0b), +- OC_B|B_lo|P(0x49), OC_B|B_up|P(0x49), +- OC_FBLTIN|Sx|F_le, /* TC_LENGTH */ +- OC_GETLINE|SV|P(0), +- 0, 0, +- 0, +- 0 /* TC_END */ ++// OC_B's are builtins with enforced minimum number of arguments (two upper bits). ++// Highest byte bit pattern: nn s3s2s1 v3v2v1 ++// nn - min. number of args, sN - resolve Nth arg to string, vN - resolve to var ++// OC_F's are builtins with zero or one argument. ++// |Rx| enforces that arg is present for: system, close, cos, sin, exp, int, log, sqrt ++// Check for no args is present in builtins' code (not in this table): rand, systime ++// Have one _optional_ arg: fflush, srand, length ++#define OC_B OC_BUILTIN ++#define OC_F OC_FBLTIN ++#define A1 P(0x40) /*one arg*/ ++#define A2 P(0x80) /*two args*/ ++#define A3 P(0xc0) /*three args*/ ++#define __v P(1) ++#define _vv P(3) ++#define __s__v P(9) ++#define __s_vv P(0x0b) ++#define __svvv P(0x0f) ++#define _ss_vv P(0x1b) ++#define _s_vv_ P(0x16) ++#define ss_vv_ P(0x36) ++ OC_B|B_an|_vv|A2, OC_B|B_co|__v|A1, OC_B|B_ls|_vv|A2, OC_B|B_or|_vv|A2, // and compl lshift or ++ OC_B|B_rs|_vv|A2, OC_B|B_xo|_vv|A2, // rshift xor ++ OC_F|F_cl|Sx|Rx, OC_F|F_sy|Sx|Rx, OC_F|F_ff|Sx, OC_B|B_a2|_vv|A2, // close system fflush atan2 ++ OC_F|F_co|Nx|Rx, OC_F|F_ex|Nx|Rx, OC_F|F_in|Nx|Rx, OC_F|F_lg|Nx|Rx, // cos exp int log ++ OC_F|F_rn, OC_F|F_si|Nx|Rx, OC_F|F_sq|Nx|Rx, OC_F|F_sr|Nx, // rand sin sqrt srand ++ OC_B|B_ge|_s_vv_|A3,OC_B|B_gs|ss_vv_|A2,OC_B|B_ix|_ss_vv|A2, // gensub gsub index /*length was here*/ ++ OC_B|B_ma|__s__v|A2,OC_B|B_sp|__s_vv|A2,OC_SPRINTF, OC_B|B_su|ss_vv_|A2,// match split sprintf sub ++ OC_B|B_ss|__svvv|A2,OC_F|F_ti, OC_B|B_ti|__s_vv, OC_B|B_mt|__s_vv, // substr systime strftime mktime ++ OC_B|B_lo|__s__v|A1,OC_B|B_up|__s__v|A1, // tolower toupper ++ OC_F|F_le|Sx, // length ++ OC_GETLINE|SV, // getline ++ 0, 0, // func function ++ 0, // BEGIN ++ 0 // END ++#undef A1 ++#undef A2 ++#undef A3 ++#undef OC_B ++#undef OC_F + }; + + /* internal variable names and their initial values */ +@@ -488,21 +547,29 @@ struct globals { + chain *seq; + node *break_ptr, *continue_ptr; + rstream *iF; +- xhash *vhash, *ahash, *fdhash, *fnhash; ++ xhash *ahash; /* argument names, used only while parsing function bodies */ ++ xhash *fnhash; /* function names, used only in parsing stage */ ++ xhash *vhash; /* variables and arrays */ ++ //xhash *fdhash; /* file objects, used only in execution stage */ ++ //we are reusing ahash as fdhash, via define (see later) + const char *g_progname; + int g_lineno; + int nfields; + int maxfields; /* used in fsrealloc() only */ + var *Fields; +- nvblock *g_cb; + char *g_pos; +- char *g_buf; ++ char g_saved_ch; + smallint icase; + smallint exiting; + smallint nextrec; + smallint nextfile; + smallint is_f0_split; + smallint t_rollback; ++ ++ /* former statics from various functions */ ++ smallint next_token__concat_inserted; ++ uint32_t next_token__save_tclass; ++ uint32_t next_token__save_info; + }; + struct globals2 { + uint32_t t_info; /* often used */ +@@ -515,32 +582,35 @@ struct globals2 { + /* former statics from various functions */ + char *split_f0__fstrings; + +- uint32_t next_token__save_tclass; +- uint32_t next_token__save_info; +- uint32_t next_token__ltclass; +- smallint next_token__concat_inserted; +- +- smallint next_input_file__files_happen; + rstream next_input_file__rsm; ++ smallint next_input_file__files_happen; ++ ++ smalluint exitcode; + +- var *evaluate__fnargs; + unsigned evaluate__seed; ++ var *evaluate__fnargs; + regex_t evaluate__sreg; + +- var ptest__v; ++ var ptest__tmpvar; ++ var awk_printf__tmpvar; ++ var as_regex__tmpvar; ++ var exit__tmpvar; ++ var main__tmpvar; + + tsplitter exec_builtin__tspl; + + /* biggest and least used members go last */ + tsplitter fsplitter, rsplitter; ++ ++ char g_buf[MAXVARFMT + 1]; + }; + #define G1 (ptr_to_globals[-1]) + #define G (*(struct globals2 *)ptr_to_globals) + /* For debug. nm --size-sort awk.o | grep -vi ' [tr] ' */ +-/*char G1size[sizeof(G1)]; - 0x74 */ +-/*char Gsize[sizeof(G)]; - 0x1c4 */ ++//char G1size[sizeof(G1)]; // 0x70 ++//char Gsize[sizeof(G)]; // 0x2f8 + /* Trying to keep most of members accessible with short offsets: */ +-/*char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; - 0x90 */ ++//char Gofs_seed[offsetof(struct globals2, evaluate__seed)]; // 0x7c + #define t_double (G1.t_double ) + #define beginseq (G1.beginseq ) + #define mainseq (G1.mainseq ) +@@ -549,18 +619,20 @@ struct globals2 { + #define break_ptr (G1.break_ptr ) + #define continue_ptr (G1.continue_ptr) + #define iF (G1.iF ) +-#define vhash (G1.vhash ) + #define ahash (G1.ahash ) +-#define fdhash (G1.fdhash ) + #define fnhash (G1.fnhash ) ++#define vhash (G1.vhash ) ++#define fdhash ahash ++//^^^^^^^^^^^^^^^^^^ ahash is cleared after every function parsing, ++// and ends up empty after parsing phase. Thus, we can simply reuse it ++// for fdhash in execution stage. + #define g_progname (G1.g_progname ) + #define g_lineno (G1.g_lineno ) + #define nfields (G1.nfields ) + #define maxfields (G1.maxfields ) + #define Fields (G1.Fields ) +-#define g_cb (G1.g_cb ) + #define g_pos (G1.g_pos ) +-#define g_buf (G1.g_buf ) ++#define g_saved_ch (G1.g_saved_ch ) + #define icase (G1.icase ) + #define exiting (G1.exiting ) + #define nextrec (G1.nextrec ) +@@ -574,25 +646,13 @@ struct globals2 { + #define intvar (G.intvar ) + #define fsplitter (G.fsplitter ) + #define rsplitter (G.rsplitter ) ++#define g_buf (G.g_buf ) + #define INIT_G() do { \ + SET_PTR_TO_GLOBALS((char*)xzalloc(sizeof(G1)+sizeof(G)) + sizeof(G1)); \ +- G.next_token__ltclass = TC_OPTERM; \ ++ t_tclass = TC_NEWLINE; \ + G.evaluate__seed = 1; \ + } while (0) + +- +-/* function prototypes */ +-static void handle_special(var *); +-static node *parse_expr(uint32_t); +-static void chain_group(void); +-static var *evaluate(node *, var *); +-static rstream *next_input_file(void); +-static int fmt_num(char *, int, const char *, double, int); +-static int awk_exit(int) NORETURN; +- +-/* ---- error handling ---- */ +- +-static const char EMSG_INTERNAL_ERROR[] ALIGN1 = "Internal error"; + static const char EMSG_UNEXP_EOS[] ALIGN1 = "Unexpected end of string"; + static const char EMSG_UNEXP_TOKEN[] ALIGN1 = "Unexpected token"; + static const char EMSG_DIV_BY_ZERO[] ALIGN1 = "Division by zero"; +@@ -604,10 +664,7 @@ static const char EMSG_UNDEF_FUNC[] ALIGN1 = "Call to undefined function"; + static const char EMSG_NO_MATH[] ALIGN1 = "Math support is not compiled in"; + static const char EMSG_NEGATIVE_FIELD[] ALIGN1 = "Access to negative field"; + +-static void zero_out_var(var *vp) +-{ +- memset(vp, 0, sizeof(*vp)); +-} ++static int awk_exit(void) NORETURN; + + static void syntax_error(const char *message) NORETURN; + static void syntax_error(const char *message) +@@ -638,12 +695,40 @@ static xhash *hash_init(void) + return newhash; + } + ++static void hash_clear(xhash *hash) ++{ ++ unsigned i; ++ hash_item *hi, *thi; ++ ++ for (i = 0; i < hash->csize; i++) { ++ hi = hash->items[i]; ++ while (hi) { ++ thi = hi; ++ hi = hi->next; ++//FIXME: this assumes that it's a hash of *variables*: ++ free(thi->data.v.string); ++ free(thi); ++ } ++ hash->items[i] = NULL; ++ } ++ hash->glen = hash->nel = 0; ++} ++ ++#if 0 //UNUSED ++static void hash_free(xhash *hash) ++{ ++ hash_clear(hash); ++ free(hash->items); ++ free(hash); ++} ++#endif ++ + /* find item in hash, return ptr to data, NULL if not found */ +-static void *hash_search(xhash *hash, const char *name) ++static NOINLINE void *hash_search3(xhash *hash, const char *name, unsigned idx) + { + hash_item *hi; + +- hi = hash->items[hashidx(name) % hash->csize]; ++ hi = hash->items[idx % hash->csize]; + while (hi) { + if (strcmp(hi->name, name) == 0) + return &hi->data; +@@ -652,6 +737,11 @@ static void *hash_search(xhash *hash, const char *name) + return NULL; + } + ++static void *hash_search(xhash *hash, const char *name) ++{ ++ return hash_search3(hash, name, hashidx(name)); ++} ++ + /* grow hash if it becomes too big */ + static void hash_rebuild(xhash *hash) + { +@@ -687,16 +777,17 @@ static void *hash_find(xhash *hash, const char *name) + unsigned idx; + int l; + +- hi = hash_search(hash, name); ++ idx = hashidx(name); ++ hi = hash_search3(hash, name, idx); + if (!hi) { +- if (++hash->nel / hash->csize > 10) ++ if (++hash->nel > hash->csize * 8) + hash_rebuild(hash); + + l = strlen(name) + 1; + hi = xzalloc(sizeof(*hi) + l); + strcpy(hi->name, name); + +- idx = hashidx(name) % hash->csize; ++ idx = idx % hash->csize; + hi->next = hash->items[idx]; + hash->items[idx] = hi; + hash->glen += l; +@@ -731,7 +822,7 @@ static void hash_remove(xhash *hash, const char *name) + + static char *skip_spaces(char *p) + { +- while (1) { ++ for (;;) { + if (*p == '\\' && p[1] == '\n') { + p++; + t_lineno++; +@@ -747,8 +838,10 @@ static char *skip_spaces(char *p) + static char *nextword(char **s) + { + char *p = *s; +- while (*(*s)++ != '\0') ++ char *q = p; ++ while (*q++ != '\0') + continue; ++ *s = q; + return p; + } + +@@ -811,10 +904,27 @@ static double my_strtod(char **pp) + + /* -------- working with variables (set/get/copy/etc) -------- */ + +-static xhash *iamarray(var *v) ++static void fmt_num(const char *format, double n) + { +- var *a = v; ++ if (n == (long long)n) { ++ snprintf(g_buf, MAXVARFMT, "%lld", (long long)n); ++ } else { ++ const char *s = format; ++ char c; ++ ++ do { c = *s; } while (c && *++s); ++ if (strchr("diouxX", c)) { ++ snprintf(g_buf, MAXVARFMT, format, (int)n); ++ } else if (strchr("eEfFgGaA", c)) { ++ snprintf(g_buf, MAXVARFMT, format, n); ++ } else { ++ syntax_error(EMSG_INV_FMT); ++ } ++ } ++} + ++static xhash *iamarray(var *a) ++{ + while (a->type & VF_CHILD) + a = a->x.parent; + +@@ -825,23 +935,7 @@ static xhash *iamarray(var *v) + return a->x.array; + } + +-static void clear_array(xhash *array) +-{ +- unsigned i; +- hash_item *hi, *thi; +- +- for (i = 0; i < array->csize; i++) { +- hi = array->items[i]; +- while (hi) { +- thi = hi; +- hi = hi->next; +- free(thi->data.v.string); +- free(thi); +- } +- array->items[i] = NULL; +- } +- array->glen = array->nel = 0; +-} ++#define clear_array(array) hash_clear(array) + + /* clear a variable */ + static var *clrvar(var *v) +@@ -855,6 +949,8 @@ static var *clrvar(var *v) + return v; + } + ++static void handle_special(var *); ++ + /* assign string value to variable */ + static var *setvar_p(var *v, char *value) + { +@@ -901,7 +997,7 @@ static const char *getvar_s(var *v) + { + /* if v is numeric and has no cached string, convert it to string */ + if ((v->type & (VF_NUMBER | VF_CACHED)) == VF_NUMBER) { +- fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[CONVFMT]), v->number, TRUE); ++ fmt_num(getvar_s(intvar[CONVFMT]), v->number); + v->string = xstrdup(g_buf); + v->type |= VF_CACHED; + } +@@ -920,6 +1016,7 @@ static double getvar_i(var *v) + v->number = my_strtod(&s); + debug_printf_eval("%f (s:'%s')\n", v->number, s); + if (v->type & VF_USER) { ++//TODO: skip_spaces() also skips backslash+newline, is it intended here? + s = skip_spaces(s); + if (*s != '\0') + v->type &= ~VF_USER; +@@ -981,94 +1078,28 @@ static int istrue(var *v) + return (v->string && v->string[0]); + } + +-/* temporary variables allocator. Last allocated should be first freed */ +-static var *nvalloc(int n) +-{ +- nvblock *pb = NULL; +- var *v, *r; +- int size; +- +- while (g_cb) { +- pb = g_cb; +- if ((g_cb->pos - g_cb->nv) + n <= g_cb->size) +- break; +- g_cb = g_cb->next; +- } +- +- if (!g_cb) { +- size = (n <= MINNVBLOCK) ? MINNVBLOCK : n; +- g_cb = xzalloc(sizeof(nvblock) + size * sizeof(var)); +- g_cb->size = size; +- g_cb->pos = g_cb->nv; +- g_cb->prev = pb; +- /*g_cb->next = NULL; - xzalloc did it */ +- if (pb) +- pb->next = g_cb; +- } +- +- v = r = g_cb->pos; +- g_cb->pos += n; +- +- while (v < g_cb->pos) { +- v->type = 0; +- v->string = NULL; +- v++; +- } +- +- return r; +-} +- +-static void nvfree(var *v) +-{ +- var *p; +- +- if (v < g_cb->nv || v >= g_cb->pos) +- syntax_error(EMSG_INTERNAL_ERROR); +- +- for (p = v; p < g_cb->pos; p++) { +- if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) { +- clear_array(iamarray(p)); +- free(p->x.array->items); +- free(p->x.array); +- } +- if (p->type & VF_WALK) { +- walker_list *n; +- walker_list *w = p->x.walker; +- debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker); +- p->x.walker = NULL; +- while (w) { +- n = w->prev; +- debug_printf_walker(" free(%p)\n", w); +- free(w); +- w = n; +- } +- } +- clrvar(p); +- } +- +- g_cb->pos = v; +- while (g_cb->prev && g_cb->pos == g_cb->nv) { +- g_cb = g_cb->prev; +- } +-} +- + /* ------- awk program text parsing ------- */ + +-/* Parse next token pointed by global pos, place results into global ttt. +- * If token isn't expected, give away. Return token class ++/* Parse next token pointed by global pos, place results into global t_XYZ variables. ++ * If token isn't expected, print error message and die. ++ * Return token class (also store it in t_tclass). + */ + static uint32_t next_token(uint32_t expected) + { +-#define concat_inserted (G.next_token__concat_inserted) +-#define save_tclass (G.next_token__save_tclass) +-#define save_info (G.next_token__save_info) +-/* Initialized to TC_OPTERM: */ +-#define ltclass (G.next_token__ltclass) ++#define concat_inserted (G1.next_token__concat_inserted) ++#define save_tclass (G1.next_token__save_tclass) ++#define save_info (G1.next_token__save_info) + +- char *p, *s; ++ char *p; + const char *tl; +- uint32_t tc; + const uint32_t *ti; ++ uint32_t tc, last_token_class; ++ ++ last_token_class = t_tclass; /* t_tclass is initialized to TC_NEWLINE */ ++ ++ debug_printf_parse("%s() expected(%x):", __func__, expected); ++ debug_parse_print_tc(expected); ++ debug_printf_parse("\n"); + + if (t_rollback) { + debug_printf_parse("%s: using rolled-back token\n", __func__); +@@ -1080,6 +1111,10 @@ static uint32_t next_token(uint32_t expected) + t_info = save_info; + } else { + p = g_pos; ++ if (g_saved_ch != '\0') { ++ *p = g_saved_ch; ++ g_saved_ch = '\0'; ++ } + readnext: + p = skip_spaces(p); + g_lineno = t_lineno; +@@ -1087,15 +1122,12 @@ static uint32_t next_token(uint32_t expected) + while (*p != '\n' && *p != '\0') + p++; + +- if (*p == '\n') +- t_lineno++; +- + if (*p == '\0') { + tc = TC_EOF; + debug_printf_parse("%s: token found: TC_EOF\n", __func__); + } else if (*p == '\"') { + /* it's a string */ +- t_string = s = ++p; ++ char *s = t_string = ++p; + while (*p != '\"') { + char *pp; + if (*p == '\0' || *p == '\n') +@@ -1110,7 +1142,7 @@ static uint32_t next_token(uint32_t expected) + debug_printf_parse("%s: token found:'%s' TC_STRING\n", __func__, t_string); + } else if ((expected & TC_REGEXP) && *p == '/') { + /* it's regexp */ +- t_string = s = ++p; ++ char *s = t_string = ++p; + while (*p != '/') { + if (*p == '\0' || *p == '\n') + syntax_error(EMSG_UNEXP_EOS); +@@ -1141,6 +1173,11 @@ static uint32_t next_token(uint32_t expected) + tc = TC_NUMBER; + debug_printf_parse("%s: token found:%f TC_NUMBER\n", __func__, t_double); + } else { ++ char *end_of_name; ++ ++ if (*p == '\n') ++ t_lineno++; ++ + /* search for something known */ + tl = tokenlist; + tc = 0x00000001; +@@ -1155,9 +1192,9 @@ static uint32_t next_token(uint32_t expected) + * token matches, + * and it's not a longer word, + */ +- if ((tc & (expected | TC_WORD | TC_NEWLINE)) ++ if ((tc & (expected | TS_WORD | TC_NEWLINE)) + && strncmp(p, tl, l) == 0 +- && !((tc & TC_WORD) && isalnum_(p[l])) ++ && !((tc & TS_WORD) && isalnum_(p[l])) + ) { + /* then this is what we are looking for */ + t_info = *ti; +@@ -1174,67 +1211,94 @@ static uint32_t next_token(uint32_t expected) + if (!isalnum_(*p)) + syntax_error(EMSG_UNEXP_TOKEN); /* no */ + /* yes */ +- t_string = --p; +- while (isalnum_(*++p)) { +- p[-1] = *p; +- } +- p[-1] = '\0'; +- tc = TC_VARIABLE; +- /* also consume whitespace between functionname and bracket */ +- if (!(expected & TC_VARIABLE) || (expected & TC_ARRAY)) ++ t_string = p; ++ while (isalnum_(*p)) ++ p++; ++ end_of_name = p; ++ ++ if (last_token_class == TC_FUNCDECL) ++ /* eat space in "function FUNC (...) {...}" declaration */ + p = skip_spaces(p); ++ else if (expected & TC_ARRAY) { ++ /* eat space between array name and [ */ ++ char *s = skip_spaces(p); ++ if (*s == '[') /* array ref, not just a name? */ ++ p = s; ++ } ++ /* else: do NOT consume whitespace after variable name! ++ * gawk allows definition "function FUNC (p) {...}" - note space, ++ * but disallows the call "FUNC (p)" because it isn't one - ++ * expression "v (a)" should NOT be parsed as TC_FUNCTION: ++ * it is a valid concatenation if "v" is a variable, ++ * not a function name (and type of name is not known at parse time). ++ */ ++ + if (*p == '(') { ++ p++; + tc = TC_FUNCTION; + debug_printf_parse("%s: token found:'%s' TC_FUNCTION\n", __func__, t_string); ++ } else if (*p == '[') { ++ p++; ++ tc = TC_ARRAY; ++ debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string); + } else { +- if (*p == '[') { +- p++; +- tc = TC_ARRAY; +- debug_printf_parse("%s: token found:'%s' TC_ARRAY\n", __func__, t_string); +- } else +- debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string); ++ tc = TC_VARIABLE; ++ debug_printf_parse("%s: token found:'%s' TC_VARIABLE\n", __func__, t_string); ++ if (end_of_name == p) { ++ /* there is no space for trailing NUL in t_string! ++ * We need to save the char we are going to NUL. ++ * (we'll use it in future call to next_token()) ++ */ ++ g_saved_ch = *end_of_name; ++// especially pathological example is V="abc"; V.2 - it's V concatenated to .2 ++// (it evaluates to "abc0.2"). Because of this case, we can't simply cache ++// '.' and analyze it later: we also have to *store it back* in next ++// next_token(), in order to give my_strtod() the undamaged ".2" string. ++ } + } ++ *end_of_name = '\0'; /* terminate t_string */ + } + token_found: + g_pos = p; + + /* skipping newlines in some cases */ +- if ((ltclass & TC_NOTERM) && (tc & TC_NEWLINE)) ++ if ((last_token_class & TS_NOTERM) && (tc & TC_NEWLINE)) + goto readnext; + + /* insert concatenation operator when needed */ +- debug_printf_parse("%s: %x %x %x concat_inserted?\n", __func__, +- (ltclass & TC_CONCAT1), (tc & TC_CONCAT2), (expected & TC_BINOP)); +- if ((ltclass & TC_CONCAT1) && (tc & TC_CONCAT2) && (expected & TC_BINOP) +- && !(ltclass == TC_LENGTH && tc == TC_SEQSTART) /* but not for "length(..." */ ++ debug_printf_parse("%s: concat_inserted if all nonzero: %x %x %x %x\n", __func__, ++ (last_token_class & TS_CONCAT_L), (tc & TS_CONCAT_R), (expected & TS_BINOP), ++ !(last_token_class == TC_LENGTH && tc == TC_LPAREN)); ++ if ((last_token_class & TS_CONCAT_L) && (tc & TS_CONCAT_R) && (expected & TS_BINOP) ++ && !(last_token_class == TC_LENGTH && tc == TC_LPAREN) /* but not for "length(..." */ + ) { + concat_inserted = TRUE; + save_tclass = tc; + save_info = t_info; +- tc = TC_BINOP; ++ tc = TC_BINOPX; + t_info = OC_CONCAT | SS | P(35); + } + +- debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, t_tclass); + t_tclass = tc; ++ debug_printf_parse("%s: t_tclass=tc=%x\n", __func__, tc); + } +- ltclass = t_tclass; +- + /* Are we ready for this? */ +- if (!(ltclass & expected)) { +- syntax_error((ltclass & (TC_NEWLINE | TC_EOF)) ? ++ if (!(t_tclass & expected)) { ++ syntax_error((last_token_class & (TC_NEWLINE | TC_EOF)) ? + EMSG_UNEXP_EOS : EMSG_UNEXP_TOKEN); + } + +- debug_printf_parse("%s: returning, ltclass:%x t_double:%f\n", __func__, ltclass, t_double); +- return ltclass; ++ debug_printf_parse("%s: returning, t_double:%f t_tclass:", __func__, t_double); ++ debug_parse_print_tc(t_tclass); ++ debug_printf_parse("\n"); ++ ++ return t_tclass; + #undef concat_inserted + #undef save_tclass + #undef save_info +-#undef ltclass + } + +-static void rollback_token(void) ++static ALWAYS_INLINE void rollback_token(void) + { + t_rollback = TRUE; + } +@@ -1251,169 +1315,188 @@ static node *new_node(uint32_t info) + + static void mk_re_node(const char *s, node *n, regex_t *re) + { +- n->info = OC_REGEXP; ++ n->info = TI_REGEXP; + n->l.re = re; + n->r.ire = re + 1; + xregcomp(re, s, REG_EXTENDED); + xregcomp(re + 1, s, REG_EXTENDED | REG_ICASE); + } + +-static node *condition(void) ++static node *parse_expr(uint32_t); ++ ++static node *parse_lrparen_list(void) + { +- next_token(TC_SEQSTART); +- return parse_expr(TC_SEQTERM); ++ next_token(TC_LPAREN); ++ return parse_expr(TC_RPAREN); + } + + /* parse expression terminated by given argument, return ptr + * to built subtree. Terminator is eaten by parse_expr */ +-static node *parse_expr(uint32_t iexp) ++static node *parse_expr(uint32_t term_tc) + { + node sn; + node *cn = &sn; + node *vn, *glptr; +- uint32_t tc, xtc; ++ uint32_t tc, expected_tc; + var *v; + +- debug_printf_parse("%s(%x)\n", __func__, iexp); ++ debug_printf_parse("%s() term_tc(%x):", __func__, term_tc); ++ debug_parse_print_tc(term_tc); ++ debug_printf_parse("\n"); + + sn.info = PRIMASK; + sn.r.n = sn.a.n = glptr = NULL; +- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP | iexp; ++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc; + +- while (!((tc = next_token(xtc)) & iexp)) { ++ while (!((tc = next_token(expected_tc)) & term_tc)) { + +- if (glptr && (t_info == (OC_COMPARE | VV | P(39) | 2))) { ++ if (glptr && (t_info == TI_LESS)) { + /* input redirection (<) attached to glptr node */ + debug_printf_parse("%s: input redir\n", __func__); + cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37)); + cn->a.n = glptr; +- xtc = TC_OPERAND | TC_UOPPRE; ++ expected_tc = TS_OPERAND | TS_UOPPRE; + glptr = NULL; +- +- } else if (tc & (TC_BINOP | TC_UOPPOST)) { +- debug_printf_parse("%s: TC_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); ++ continue; ++ } ++ if (tc & (TS_BINOP | TC_UOPPOST)) { ++ debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc); + /* for binary and postfix-unary operators, jump back over + * previous operators with higher priority */ + vn = cn; + while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2)) +- || ((t_info == vn->info) && ((t_info & OPCLSMASK) == OC_COLON)) ++ || ((t_info == vn->info) && t_info == TI_COLON) + ) { + vn = vn->a.n; + if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN); + } +- if ((t_info & OPCLSMASK) == OC_TERNARY) ++ if (t_info == TI_TERNARY) ++//TODO: why? + t_info += P(6); + cn = vn->a.n->r.n = new_node(t_info); + cn->a.n = vn->a.n; +- if (tc & TC_BINOP) { ++ if (tc & TS_BINOP) { + cn->l.n = vn; +- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP; +- if ((t_info & OPCLSMASK) == OC_PGETLINE) { ++//FIXME: this is the place to detect and reject assignments to non-lvalues. ++//Currently we allow "assignments" to consts and temporaries, nonsense like this: ++// awk 'BEGIN { "qwe" = 1 }' ++// awk 'BEGIN { 7 *= 7 }' ++// awk 'BEGIN { length("qwe") = 1 }' ++// awk 'BEGIN { (1+1) += 3 }' ++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; ++ if (t_info == TI_PGETLINE) { + /* it's a pipe */ + next_token(TC_GETLINE); + /* give maximum priority to this pipe */ + cn->info &= ~PRIMASK; +- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; ++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; + } + } else { + cn->r.n = vn; +- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; ++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; + } + vn->a.n = cn; ++ continue; ++ } + +- } else { +- debug_printf_parse("%s: other\n", __func__); +- /* for operands and prefix-unary operators, attach them +- * to last node */ +- vn = cn; +- cn = vn->r.n = new_node(t_info); +- cn->a.n = vn; +- xtc = TC_OPERAND | TC_UOPPRE | TC_REGEXP; +- if (tc & (TC_OPERAND | TC_REGEXP)) { +- debug_printf_parse("%s: TC_OPERAND | TC_REGEXP\n", __func__); +- xtc = TC_UOPPRE | TC_UOPPOST | TC_BINOP | TC_OPERAND | iexp; +- /* one should be very careful with switch on tclass - +- * only simple tclasses should be used! */ +- switch (tc) { +- case TC_VARIABLE: +- case TC_ARRAY: +- debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); +- cn->info = OC_VAR; +- v = hash_search(ahash, t_string); +- if (v != NULL) { +- cn->info = OC_FNARG; +- cn->l.aidx = v->x.aidx; +- } else { +- cn->l.v = newvar(t_string); +- } +- if (tc & TC_ARRAY) { +- cn->info |= xS; +- cn->r.n = parse_expr(TC_ARRTERM); +- } +- break; ++ debug_printf_parse("%s: other, t_info:%x\n", __func__, t_info); ++ /* for operands and prefix-unary operators, attach them ++ * to last node */ ++ vn = cn; ++ cn = vn->r.n = new_node(t_info); ++ cn->a.n = vn; + +- case TC_NUMBER: +- case TC_STRING: +- debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); +- cn->info = OC_VAR; +- v = cn->l.v = xzalloc(sizeof(var)); +- if (tc & TC_NUMBER) +- setvar_i(v, t_double); +- else { +- setvar_s(v, t_string); +- xtc &= ~TC_UOPPOST; /* "str"++ is not allowed */ +- } +- break; ++ expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP; ++ if (t_info == TI_PREINC || t_info == TI_PREDEC) ++ expected_tc = TS_LVALUE | TC_UOPPRE1; + +- case TC_REGEXP: +- debug_printf_parse("%s: TC_REGEXP\n", __func__); +- mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2)); +- break; ++ if (!(tc & (TS_OPERAND | TC_REGEXP))) ++ continue; + +- case TC_FUNCTION: +- debug_printf_parse("%s: TC_FUNCTION\n", __func__); +- cn->info = OC_FUNC; +- cn->r.f = newfunc(t_string); +- cn->l.n = condition(); +- break; ++ debug_printf_parse("%s: TS_OPERAND | TC_REGEXP\n", __func__); ++ expected_tc = TS_UOPPRE | TC_UOPPOST | TS_BINOP | TS_OPERAND | term_tc; ++ /* one should be very careful with switch on tclass - ++ * only simple tclasses should be used (TC_xyz, not TS_xyz) */ ++ switch (tc) { ++ case TC_VARIABLE: ++ case TC_ARRAY: ++ debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__); ++ cn->info = OC_VAR; ++ v = hash_search(ahash, t_string); ++ if (v != NULL) { ++ cn->info = OC_FNARG; ++ cn->l.aidx = v->x.aidx; ++ } else { ++ cn->l.v = newvar(t_string); ++ } ++ if (tc & TC_ARRAY) { ++ cn->info |= xS; ++ cn->r.n = parse_expr(TC_ARRTERM); ++ } ++ break; + +- case TC_SEQSTART: +- debug_printf_parse("%s: TC_SEQSTART\n", __func__); +- cn = vn->r.n = parse_expr(TC_SEQTERM); +- if (!cn) +- syntax_error("Empty sequence"); +- cn->a.n = vn; +- break; ++ case TC_NUMBER: ++ case TC_STRING: ++ debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__); ++ cn->info = OC_VAR; ++ v = cn->l.v = xzalloc(sizeof(var)); ++ if (tc & TC_NUMBER) ++ setvar_i(v, t_double); ++ else { ++ setvar_s(v, t_string); ++ expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */ ++ } ++ break; + +- case TC_GETLINE: +- debug_printf_parse("%s: TC_GETLINE\n", __func__); +- glptr = cn; +- xtc = TC_OPERAND | TC_UOPPRE | TC_BINOP | iexp; +- break; ++ case TC_REGEXP: ++ debug_printf_parse("%s: TC_REGEXP\n", __func__); ++ mk_re_node(t_string, cn, xzalloc(sizeof(regex_t)*2)); ++ break; + +- case TC_BUILTIN: +- debug_printf_parse("%s: TC_BUILTIN\n", __func__); +- cn->l.n = condition(); +- break; ++ case TC_FUNCTION: ++ debug_printf_parse("%s: TC_FUNCTION\n", __func__); ++ cn->info = OC_FUNC; ++ cn->r.f = newfunc(t_string); ++ cn->l.n = parse_expr(TC_RPAREN); ++ break; + +- case TC_LENGTH: +- debug_printf_parse("%s: TC_LENGTH\n", __func__); +- next_token(TC_SEQSTART /* length(...) */ +- | TC_OPTERM /* length; (or newline)*/ +- | TC_GRPTERM /* length } */ +- | TC_BINOPX /* length <op> NUM */ +- | TC_COMMA /* print length, 1 */ +- ); +- rollback_token(); +- if (t_tclass & TC_SEQSTART) { +- /* It was a "(" token. Handle just like TC_BUILTIN */ +- cn->l.n = condition(); +- } +- break; +- } ++ case TC_LPAREN: ++ debug_printf_parse("%s: TC_LPAREN\n", __func__); ++ cn = vn->r.n = parse_expr(TC_RPAREN); ++ if (!cn) ++ syntax_error("Empty sequence"); ++ cn->a.n = vn; ++ break; ++ ++ case TC_GETLINE: ++ debug_printf_parse("%s: TC_GETLINE\n", __func__); ++ glptr = cn; ++ expected_tc = TS_OPERAND | TS_UOPPRE | TS_BINOP | term_tc; ++ break; ++ ++ case TC_BUILTIN: ++ debug_printf_parse("%s: TC_BUILTIN\n", __func__); ++ cn->l.n = parse_lrparen_list(); ++ break; ++ ++ case TC_LENGTH: ++ debug_printf_parse("%s: TC_LENGTH\n", __func__); ++ tc = next_token(TC_LPAREN /* length(...) */ ++ | TC_SEMICOL /* length; */ ++ | TC_NEWLINE /* length<newline> */ ++ | TC_RBRACE /* length } */ ++ | TC_BINOPX /* length <op> NUM */ ++ | TC_COMMA /* print length, 1 */ ++ ); ++ if (tc != TC_LPAREN) ++ rollback_token(); ++ else { ++ /* It was a "(" token. Handle just like TC_BUILTIN */ ++ cn->l.n = parse_expr(TC_RPAREN); + } ++ break; + } +- } ++ } /* while() */ + + debug_printf_parse("%s() returns %p\n", __func__, sn.r.n); + return sn.r.n; +@@ -1430,7 +1513,7 @@ static node *chain_node(uint32_t info) + if (seq->programname != g_progname) { + seq->programname = g_progname; + n = chain_node(OC_NEWSOURCE); +- n->l.new_progname = xstrdup(g_progname); ++ n->l.new_progname = g_progname; + } + + n = seq->last; +@@ -1446,14 +1529,16 @@ static void chain_expr(uint32_t info) + + n = chain_node(info); + +- n->l.n = parse_expr(TC_OPTERM | TC_GRPTERM); ++ n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE); + if ((info & OF_REQUIRED) && !n->l.n) + syntax_error(EMSG_TOO_FEW_ARGS); + +- if (t_tclass & TC_GRPTERM) ++ if (t_tclass & TC_RBRACE) + rollback_token(); + } + ++static void chain_group(void); ++ + static node *chain_loop(node *nn) + { + node *n, *n2, *save_brk, *save_cont; +@@ -1477,207 +1562,284 @@ static node *chain_loop(node *nn) + return n; + } + ++static void chain_until_rbrace(void) ++{ ++ uint32_t tc; ++ while ((tc = next_token(TS_GRPSEQ | TC_RBRACE)) != TC_RBRACE) { ++ debug_printf_parse("%s: !TC_RBRACE\n", __func__); ++ if (tc == TC_NEWLINE) ++ continue; ++ rollback_token(); ++ chain_group(); ++ } ++ debug_printf_parse("%s: TC_RBRACE\n", __func__); ++} ++ + /* parse group and attach it to chain */ + static void chain_group(void) + { +- uint32_t c; ++ uint32_t tc; + node *n, *n2, *n3; + + do { +- c = next_token(TC_GRPSEQ); +- } while (c & TC_NEWLINE); +- +- if (c & TC_GRPSTART) { +- debug_printf_parse("%s: TC_GRPSTART\n", __func__); +- while (next_token(TC_GRPSEQ | TC_GRPTERM) != TC_GRPTERM) { +- debug_printf_parse("%s: !TC_GRPTERM\n", __func__); +- if (t_tclass & TC_NEWLINE) +- continue; +- rollback_token(); +- chain_group(); +- } +- debug_printf_parse("%s: TC_GRPTERM\n", __func__); +- } else if (c & (TC_OPSEQ | TC_OPTERM)) { +- debug_printf_parse("%s: TC_OPSEQ | TC_OPTERM\n", __func__); ++ tc = next_token(TS_GRPSEQ); ++ } while (tc == TC_NEWLINE); ++ ++ if (tc == TC_LBRACE) { ++ debug_printf_parse("%s: TC_LBRACE\n", __func__); ++ chain_until_rbrace(); ++ return; ++ } ++ if (tc & (TS_OPSEQ | TC_SEMICOL)) { ++ debug_printf_parse("%s: TS_OPSEQ | TC_SEMICOL\n", __func__); + rollback_token(); + chain_expr(OC_EXEC | Vx); +- } else { +- /* TC_STATEMNT */ +- debug_printf_parse("%s: TC_STATEMNT(?)\n", __func__); +- switch (t_info & OPCLSMASK) { +- case ST_IF: +- debug_printf_parse("%s: ST_IF\n", __func__); +- n = chain_node(OC_BR | Vx); +- n->l.n = condition(); ++ return; ++ } ++ ++ /* TS_STATEMNT */ ++ debug_printf_parse("%s: TS_STATEMNT(?)\n", __func__); ++ switch (t_info & OPCLSMASK) { ++ case ST_IF: ++ debug_printf_parse("%s: ST_IF\n", __func__); ++ n = chain_node(OC_BR | Vx); ++ n->l.n = parse_lrparen_list(); ++ chain_group(); ++ n2 = chain_node(OC_EXEC); ++ n->r.n = seq->last; ++ if (next_token(TS_GRPSEQ | TC_RBRACE | TC_ELSE) == TC_ELSE) { + chain_group(); +- n2 = chain_node(OC_EXEC); +- n->r.n = seq->last; +- if (next_token(TC_GRPSEQ | TC_GRPTERM | TC_ELSE) == TC_ELSE) { +- chain_group(); +- n2->a.n = seq->last; +- } else { +- rollback_token(); +- } +- break; ++ n2->a.n = seq->last; ++ } else { ++ rollback_token(); ++ } ++ break; + +- case ST_WHILE: +- debug_printf_parse("%s: ST_WHILE\n", __func__); +- n2 = condition(); +- n = chain_loop(NULL); +- n->l.n = n2; +- break; ++ case ST_WHILE: ++ debug_printf_parse("%s: ST_WHILE\n", __func__); ++ n2 = parse_lrparen_list(); ++ n = chain_loop(NULL); ++ n->l.n = n2; ++ break; + +- case ST_DO: +- debug_printf_parse("%s: ST_DO\n", __func__); +- n2 = chain_node(OC_EXEC); +- n = chain_loop(NULL); +- n2->a.n = n->a.n; +- next_token(TC_WHILE); +- n->l.n = condition(); +- break; ++ case ST_DO: ++ debug_printf_parse("%s: ST_DO\n", __func__); ++ n2 = chain_node(OC_EXEC); ++ n = chain_loop(NULL); ++ n2->a.n = n->a.n; ++ next_token(TC_WHILE); ++ n->l.n = parse_lrparen_list(); ++ break; + +- case ST_FOR: +- debug_printf_parse("%s: ST_FOR\n", __func__); +- next_token(TC_SEQSTART); +- n2 = parse_expr(TC_SEMICOL | TC_SEQTERM); +- if (t_tclass & TC_SEQTERM) { /* for-in */ +- if (!n2 || (n2->info & OPCLSMASK) != OC_IN) +- syntax_error(EMSG_UNEXP_TOKEN); +- n = chain_node(OC_WALKINIT | VV); +- n->l.n = n2->l.n; +- n->r.n = n2->r.n; +- n = chain_loop(NULL); +- n->info = OC_WALKNEXT | Vx; +- n->l.n = n2->l.n; +- } else { /* for (;;) */ +- n = chain_node(OC_EXEC | Vx); +- n->l.n = n2; +- n2 = parse_expr(TC_SEMICOL); +- n3 = parse_expr(TC_SEQTERM); +- n = chain_loop(n3); +- n->l.n = n2; +- if (!n2) +- n->info = OC_EXEC; +- } +- break; ++ case ST_FOR: ++ debug_printf_parse("%s: ST_FOR\n", __func__); ++ next_token(TC_LPAREN); ++ n2 = parse_expr(TC_SEMICOL | TC_RPAREN); ++ if (t_tclass & TC_RPAREN) { /* for (I in ARRAY) */ ++ if (!n2 || n2->info != TI_IN) ++ syntax_error(EMSG_UNEXP_TOKEN); ++ n = chain_node(OC_WALKINIT | VV); ++ n->l.n = n2->l.n; ++ n->r.n = n2->r.n; ++ n = chain_loop(NULL); ++ n->info = OC_WALKNEXT | Vx; ++ n->l.n = n2->l.n; ++ } else { /* for (;;) */ ++ n = chain_node(OC_EXEC | Vx); ++ n->l.n = n2; ++ n2 = parse_expr(TC_SEMICOL); ++ n3 = parse_expr(TC_RPAREN); ++ n = chain_loop(n3); ++ n->l.n = n2; ++ if (!n2) ++ n->info = OC_EXEC; ++ } ++ break; + +- case OC_PRINT: +- case OC_PRINTF: +- debug_printf_parse("%s: OC_PRINT[F]\n", __func__); +- n = chain_node(t_info); +- n->l.n = parse_expr(TC_OPTERM | TC_OUTRDR | TC_GRPTERM); +- if (t_tclass & TC_OUTRDR) { +- n->info |= t_info; +- n->r.n = parse_expr(TC_OPTERM | TC_GRPTERM); +- } +- if (t_tclass & TC_GRPTERM) +- rollback_token(); +- break; ++ case OC_PRINT: ++ case OC_PRINTF: ++ debug_printf_parse("%s: OC_PRINT[F]\n", __func__); ++ n = chain_node(t_info); ++ n->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_OUTRDR | TC_RBRACE); ++ if (t_tclass & TC_OUTRDR) { ++ n->info |= t_info; ++ n->r.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_RBRACE); ++ } ++ if (t_tclass & TC_RBRACE) ++ rollback_token(); ++ break; + +- case OC_BREAK: +- debug_printf_parse("%s: OC_BREAK\n", __func__); +- n = chain_node(OC_EXEC); +- n->a.n = break_ptr; +- chain_expr(t_info); +- break; ++ case OC_BREAK: ++ debug_printf_parse("%s: OC_BREAK\n", __func__); ++ n = chain_node(OC_EXEC); ++ if (!break_ptr) ++ syntax_error("'break' not in a loop"); ++ n->a.n = break_ptr; ++ chain_expr(t_info); ++ break; + +- case OC_CONTINUE: +- debug_printf_parse("%s: OC_CONTINUE\n", __func__); +- n = chain_node(OC_EXEC); +- n->a.n = continue_ptr; +- chain_expr(t_info); +- break; ++ case OC_CONTINUE: ++ debug_printf_parse("%s: OC_CONTINUE\n", __func__); ++ n = chain_node(OC_EXEC); ++ if (!continue_ptr) ++ syntax_error("'continue' not in a loop"); ++ n->a.n = continue_ptr; ++ chain_expr(t_info); ++ break; + +- /* delete, next, nextfile, return, exit */ +- default: +- debug_printf_parse("%s: default\n", __func__); +- chain_expr(t_info); +- } ++ /* delete, next, nextfile, return, exit */ ++ default: ++ debug_printf_parse("%s: default\n", __func__); ++ chain_expr(t_info); + } + } + + static void parse_program(char *p) + { +- uint32_t tclass; +- node *cn; +- func *f; +- var *v; ++ debug_printf_parse("%s()\n", __func__); + + g_pos = p; + t_lineno = 1; +- while ((tclass = next_token(TC_EOF | TC_OPSEQ | TC_GRPSTART | +- TC_OPTERM | TC_BEGIN | TC_END | TC_FUNCDECL)) != TC_EOF) { ++ for (;;) { ++ uint32_t tclass; + +- if (tclass & TC_OPTERM) { +- debug_printf_parse("%s: TC_OPTERM\n", __func__); ++ tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL ++ | TC_EOF | TC_NEWLINE /* but not TC_SEMICOL */); ++ got_tok: ++ if (tclass == TC_EOF) { ++ debug_printf_parse("%s: TC_EOF\n", __func__); ++ break; ++ } ++ if (tclass == TC_NEWLINE) { ++ debug_printf_parse("%s: TC_NEWLINE\n", __func__); + continue; + } +- +- seq = &mainseq; +- if (tclass & TC_BEGIN) { ++ if (tclass == TC_BEGIN) { + debug_printf_parse("%s: TC_BEGIN\n", __func__); + seq = &beginseq; +- chain_group(); +- } else if (tclass & TC_END) { ++ /* ensure there is no newline between BEGIN and { */ ++ next_token(TC_LBRACE); ++ chain_until_rbrace(); ++ goto next_tok; ++ } ++ if (tclass == TC_END) { + debug_printf_parse("%s: TC_END\n", __func__); + seq = &endseq; +- chain_group(); +- } else if (tclass & TC_FUNCDECL) { ++ /* ensure there is no newline between END and { */ ++ next_token(TC_LBRACE); ++ chain_until_rbrace(); ++ goto next_tok; ++ } ++ if (tclass == TC_FUNCDECL) { ++ func *f; ++ + debug_printf_parse("%s: TC_FUNCDECL\n", __func__); + next_token(TC_FUNCTION); +- g_pos++; + f = newfunc(t_string); +- f->body.first = NULL; +- f->nargs = 0; +- /* Match func arg list: a comma sep list of >= 0 args, and a close paren */ +- while (next_token(TC_VARIABLE | TC_SEQTERM | TC_COMMA)) { +- /* Either an empty arg list, or trailing comma from prev iter +- * must be followed by an arg */ +- if (f->nargs == 0 && t_tclass == TC_SEQTERM) +- break; +- +- /* TC_SEQSTART/TC_COMMA must be followed by TC_VARIABLE */ +- if (t_tclass != TC_VARIABLE) ++ if (f->defined) ++ syntax_error("Duplicate function"); ++ f->defined = 1; ++ //f->body.first = NULL; - already is ++ //f->nargs = 0; - already is ++ /* func arg list: comma sep list of args, and a close paren */ ++ for (;;) { ++ var *v; ++ if (next_token(TC_VARIABLE | TC_RPAREN) == TC_RPAREN) { ++ if (f->nargs == 0) ++ break; /* func() is ok */ ++ /* func(a,) is not ok */ + syntax_error(EMSG_UNEXP_TOKEN); +- ++ } + v = findvar(ahash, t_string); + v->x.aidx = f->nargs++; +- + /* Arg followed either by end of arg list or 1 comma */ +- if (next_token(TC_COMMA | TC_SEQTERM) & TC_SEQTERM) ++ if (next_token(TC_COMMA | TC_RPAREN) == TC_RPAREN) + break; +- if (t_tclass != TC_COMMA) +- syntax_error(EMSG_UNEXP_TOKEN); ++ /* it was a comma, we ate it */ + } + seq = &f->body; +- chain_group(); +- clear_array(ahash); +- } else if (tclass & TC_OPSEQ) { +- debug_printf_parse("%s: TC_OPSEQ\n", __func__); ++ /* ensure there is { after "func F(...)" - but newlines are allowed */ ++ while (next_token(TC_LBRACE | TC_NEWLINE) == TC_NEWLINE) ++ continue; ++ chain_until_rbrace(); ++ hash_clear(ahash); ++ goto next_tok; ++ } ++ seq = &mainseq; ++ if (tclass & TS_OPSEQ) { ++ node *cn; ++ ++ debug_printf_parse("%s: TS_OPSEQ\n", __func__); + rollback_token(); + cn = chain_node(OC_TEST); +- cn->l.n = parse_expr(TC_OPTERM | TC_EOF | TC_GRPSTART); +- if (t_tclass & TC_GRPSTART) { +- debug_printf_parse("%s: TC_GRPSTART\n", __func__); +- rollback_token(); +- chain_group(); ++ cn->l.n = parse_expr(TC_SEMICOL | TC_NEWLINE | TC_EOF | TC_LBRACE); ++ if (t_tclass == TC_LBRACE) { ++ debug_printf_parse("%s: TC_LBRACE\n", __func__); ++ chain_until_rbrace(); + } else { +- debug_printf_parse("%s: !TC_GRPSTART\n", __func__); ++ /* no action, assume default "{ print }" */ ++ debug_printf_parse("%s: !TC_LBRACE\n", __func__); + chain_node(OC_PRINT); + } + cn->r.n = mainseq.last; +- } else /* if (tclass & TC_GRPSTART) */ { +- debug_printf_parse("%s: TC_GRPSTART(?)\n", __func__); +- rollback_token(); +- chain_group(); ++ goto next_tok; + } +- } +- debug_printf_parse("%s: TC_EOF\n", __func__); ++ /* tclass == TC_LBRACE */ ++ debug_printf_parse("%s: TC_LBRACE(?)\n", __func__); ++ chain_until_rbrace(); ++ next_tok: ++ /* Same as next_token() at the top of the loop, + TC_SEMICOL */ ++ tclass = next_token(TS_OPSEQ | TC_LBRACE | TC_BEGIN | TC_END | TC_FUNCDECL ++ | TC_EOF | TC_NEWLINE | TC_SEMICOL); ++ /* gawk allows many newlines, but does not allow more than one semicolon: ++ * BEGIN {...}<newline>;<newline>; ++ * would complain "each rule must have a pattern or an action part". ++ * Same message for ++ * ; BEGIN {...} ++ */ ++ if (tclass != TC_SEMICOL) ++ goto got_tok; /* use this token */ ++ /* else: loop back - ate the semicolon, get and use _next_ token */ ++ } /* for (;;) */ + } + +- + /* -------- program execution part -------- */ + ++/* temporary variables allocator */ ++static var *nvalloc(int sz) ++{ ++ return xzalloc(sz * sizeof(var)); ++} ++ ++static void nvfree(var *v, int sz) ++{ ++ var *p = v; ++ ++ while (--sz >= 0) { ++ if ((p->type & (VF_ARRAY | VF_CHILD)) == VF_ARRAY) { ++ clear_array(iamarray(p)); ++ free(p->x.array->items); ++ free(p->x.array); ++ } ++ if (p->type & VF_WALK) { ++ walker_list *n; ++ walker_list *w = p->x.walker; ++ debug_printf_walker("nvfree: freeing walker @%p\n", &p->x.walker); ++ p->x.walker = NULL; ++ while (w) { ++ n = w->prev; ++ debug_printf_walker(" free(%p)\n", w); ++ free(w); ++ w = n; ++ } ++ } ++ clrvar(p); ++ p++; ++ } ++ ++ free(v); ++} ++ + static node *mk_splitter(const char *s, tsplitter *spl) + { + regex_t *re, *ire; +@@ -1686,7 +1848,7 @@ static node *mk_splitter(const char *s, tsplitter *spl) + re = &spl->re[0]; + ire = &spl->re[1]; + n = &spl->n; +- if ((n->info & OPCLSMASK) == OC_REGEXP) { ++ if (n->info == TI_REGEXP) { + regfree(re); + regfree(ire); // TODO: nuke ire, use re+1? + } +@@ -1699,21 +1861,28 @@ static node *mk_splitter(const char *s, tsplitter *spl) + return n; + } + +-/* use node as a regular expression. Supplied with node ptr and regex_t ++static var *evaluate(node *, var *); ++ ++/* Use node as a regular expression. Supplied with node ptr and regex_t + * storage space. Return ptr to regex (if result points to preg, it should +- * be later regfree'd manually ++ * be later regfree'd manually). + */ + static regex_t *as_regex(node *op, regex_t *preg) + { + int cflags; +- var *v; + const char *s; + +- if ((op->info & OPCLSMASK) == OC_REGEXP) { ++ if (op->info == TI_REGEXP) { + return icase ? op->r.ire : op->l.re; + } +- v = nvalloc(1); +- s = getvar_s(evaluate(op, v)); ++ ++ //tmpvar = nvalloc(1); ++#define TMPVAR (&G.as_regex__tmpvar) ++ // We use a single "static" tmpvar (instead of on-stack or malloced one) ++ // to decrease memory consumption in deeply-recursive awk programs. ++ // The rule to work safely is to never call evaluate() while our static ++ // TMPVAR's value is still needed. ++ s = getvar_s(evaluate(op, TMPVAR)); + + cflags = icase ? REG_EXTENDED | REG_ICASE : REG_EXTENDED; + /* Testcase where REG_EXTENDED fails (unpaired '{'): +@@ -1725,7 +1894,8 @@ static regex_t *as_regex(node *op, regex_t *preg) + cflags &= ~REG_EXTENDED; + xregcomp(preg, s, cflags); + } +- nvfree(v); ++ //nvfree(tmpvar, 1); ++#undef TMPVAR + return preg; + } + +@@ -1745,12 +1915,22 @@ static char* qrealloc(char *b, int n, int *size) + /* resize field storage space */ + static void fsrealloc(int size) + { +- int i; ++ int i, newsize; + + if (size >= maxfields) { ++ /* Sanity cap, easier than catering for overflows */ ++ if (size > 0xffffff) ++ bb_die_memory_exhausted(); ++ + i = maxfields; + maxfields = size + 16; +- Fields = xrealloc(Fields, maxfields * sizeof(Fields[0])); ++ ++ newsize = maxfields * sizeof(Fields[0]); ++ debug_printf_eval("fsrealloc: xrealloc(%p, %u)\n", Fields, newsize); ++ Fields = xrealloc(Fields, newsize); ++ debug_printf_eval("fsrealloc: Fields=%p..%p\n", Fields, (char*)Fields + newsize - 1); ++ /* ^^^ did Fields[] move? debug aid for L.v getting "upstaged" by R.v in evaluate() */ ++ + for (; i < maxfields; i++) { + Fields[i].type = VF_SPECIAL; + Fields[i].string = NULL; +@@ -1802,13 +1982,13 @@ static int awk_split(const char *s, node *spl, char **slist) + c[2] = '\n'; + + n = 0; +- if ((spl->info & OPCLSMASK) == OC_REGEXP) { /* regex split */ ++ if (spl->info == TI_REGEXP) { /* regex split */ + if (!*s) + return n; /* "": zero fields */ + n++; /* at least one field will be there */ + do { + int l; +- regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... ++ regmatch_t pmatch[1]; + + l = strcspn(s, c+2); /* len till next NUL or \n */ + if (regexec1_nonempty(icase ? spl->r.ire : spl->l.re, s, pmatch) == 0 +@@ -1969,7 +2149,7 @@ static node *nextarg(node **pn) + node *n; + + n = *pn; +- if (n && (n->info & OPCLSMASK) == OC_COMMA) { ++ if (n && n->info == TI_COMMA) { + *pn = n->r.n; + n = n->l.n; + } else { +@@ -2000,8 +2180,7 @@ static void hashwalk_init(var *v, xhash *array) + for (i = 0; i < array->csize; i++) { + hi = array->items[i]; + while (hi) { +- strcpy(w->end, hi->name); +- nextword(&w->end); ++ w->end = stpcpy(w->end, hi->name) + 1; + hi = hi->next; + } + } +@@ -2027,15 +2206,18 @@ static int hashwalk_next(var *v) + /* evaluate node, return 1 when result is true, 0 otherwise */ + static int ptest(node *pattern) + { +- /* ptest__v is "static": to save stack space? */ +- return istrue(evaluate(pattern, &G.ptest__v)); ++ // We use a single "static" tmpvar (instead of on-stack or malloced one) ++ // to decrease memory consumption in deeply-recursive awk programs. ++ // The rule to work safely is to never call evaluate() while our static ++ // TMPVAR's value is still needed. ++ return istrue(evaluate(pattern, &G.ptest__tmpvar)); + } + + /* read next record from stream rsm into a variable v */ + static int awk_getline(rstream *rsm, var *v) + { + char *b; +- regmatch_t pmatch[2]; // TODO: why [2]? [1] is enough... ++ regmatch_t pmatch[1]; + int size, a, p, pp = 0; + int fd, so, eo, r, rp; + char c, *m, *s; +@@ -2061,7 +2243,7 @@ static int awk_getline(rstream *rsm, var *v) + so = eo = p; + r = 1; + if (p > 0) { +- if ((rsplitter.n.info & OPCLSMASK) == OC_REGEXP) { ++ if (rsplitter.n.info == TI_REGEXP) { + if (regexec(icase ? rsplitter.n.r.ire : rsplitter.n.l.re, + b, 1, pmatch, 0) == 0) { + so = pmatch[0].rm_so; +@@ -2133,82 +2315,126 @@ static int awk_getline(rstream *rsm, var *v) + return r; + } + +-static int fmt_num(char *b, int size, const char *format, double n, int int_as_int) +-{ +- int r = 0; +- char c; +- const char *s = format; +- +- if (int_as_int && n == (long long)n) { +- r = snprintf(b, size, "%lld", (long long)n); +- } else { +- do { c = *s; } while (c && *++s); +- if (strchr("diouxX", c)) { +- r = snprintf(b, size, format, (int)n); +- } else if (strchr("eEfgG", c)) { +- r = snprintf(b, size, format, n); +- } else { +- syntax_error(EMSG_INV_FMT); +- } +- } +- return r; +-} +- + /* formatted output into an allocated buffer, return ptr to buffer */ +-static char *awk_printf(node *n) ++#if !ENABLE_FEATURE_AWK_GNU_EXTENSIONS ++# define awk_printf(a, b) awk_printf(a) ++#endif ++static char *awk_printf(node *n, size_t *len) + { +- char *b = NULL; +- char *fmt, *s, *f; +- const char *s1; +- int i, j, incr, bsize; +- char c, c1; +- var *v, *arg; +- +- v = nvalloc(1); +- fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), v))); +- ++ char *b; ++ char *fmt, *f; ++ size_t i; ++ ++ //tmpvar = nvalloc(1); ++#define TMPVAR (&G.awk_printf__tmpvar) ++ // We use a single "static" tmpvar (instead of on-stack or malloced one) ++ // to decrease memory consumption in deeply-recursive awk programs. ++ // The rule to work safely is to never call evaluate() while our static ++ // TMPVAR's value is still needed. ++ fmt = f = xstrdup(getvar_s(evaluate(nextarg(&n), TMPVAR))); ++ // ^^^^^^^^^ here we immediately strdup() the value, so the later call ++ // to evaluate() potentially recursing into another awk_printf() can't ++ // mangle the value. ++ ++ b = NULL; + i = 0; +- while (*f) { ++ while (1) { /* "print one format spec" loop */ ++ char *s; ++ char c; ++ char sv; ++ var *arg; ++ size_t slen; ++ ++ /* Find end of the next format spec, or end of line */ + s = f; +- while (*f && (*f != '%' || *++f == '%')) +- f++; +- while (*f && !isalpha(*f)) { +- if (*f == '*') +- syntax_error("%*x formats are not supported"); ++ while (1) { ++ c = *f; ++ if (!c) /* no percent chars found at all */ ++ goto nul; + f++; ++ if (c == '%') ++ break; + } +- +- incr = (f - s) + MAXVARFMT; +- b = qrealloc(b, incr + i, &bsize); ++ /* we are past % in "....%..." */ + c = *f; +- if (c != '\0') ++ if (!c) /* "....%" */ ++ goto nul; ++ if (c == '%') { /* "....%%...." */ ++ slen = f - s; ++ s = xstrndup(s, slen); + f++; +- c1 = *f; ++ goto append; /* print "....%" part verbatim */ ++ } ++ while (1) { ++ if (isalpha(c)) ++ break; ++ if (c == '*') ++ syntax_error("%*x formats are not supported"); ++ c = *++f; ++ if (!c) { /* "....%...." and no letter found after % */ ++ /* Example: awk 'BEGIN { printf "^^^%^^^\n"; }' */ ++ nul: ++ slen = f - s; ++ goto tail; /* print remaining string, exit loop */ ++ } ++ } ++ /* we are at A in "....%...A..." */ ++ ++ arg = evaluate(nextarg(&n), TMPVAR); ++ ++ /* Result can be arbitrarily long. Example: ++ * printf "%99999s", "BOOM" ++ */ ++ sv = *++f; + *f = '\0'; +- arg = evaluate(nextarg(&n), v); +- +- j = i; +- if (c == 'c' || !c) { +- i += sprintf(b+i, s, is_numeric(arg) ? +- (char)getvar_i(arg) : *getvar_s(arg)); +- } else if (c == 's') { +- s1 = getvar_s(arg); +- b = qrealloc(b, incr+i+strlen(s1), &bsize); +- i += sprintf(b+i, s, s1); ++ if (c == 'c') { ++ char cc = is_numeric(arg) ? getvar_i(arg) : *getvar_s(arg); ++ char *r = xasprintf(s, cc ? cc : '^' /* else strlen will be wrong */); ++ slen = strlen(r); ++ if (cc == '\0') /* if cc is NUL, re-format the string with it */ ++ sprintf(r, s, cc); ++ s = r; + } else { +- i += fmt_num(b+i, incr, s, getvar_i(arg), FALSE); ++ if (c == 's') { ++ s = xasprintf(s, getvar_s(arg)); ++ } else { ++ double d = getvar_i(arg); ++ if (strchr("diouxX", c)) { ++//TODO: make it wider here (%x -> %llx etc)? ++ s = xasprintf(s, (int)d); ++ } else if (strchr("eEfFgGaA", c)) { ++ s = xasprintf(s, d); ++ } else { ++//TODO: GNU Awk 5.0.1: printf "%W" prints "%W", does not error out ++ syntax_error(EMSG_INV_FMT); ++ } ++ } ++ slen = strlen(s); + } +- *f = c1; +- +- /* if there was an error while sprintf, return value is negative */ +- if (i < j) +- i = j; ++ *f = sv; ++ append: ++ if (i == 0) { ++ b = s; ++ i = slen; ++ continue; ++ } ++ tail: ++ b = xrealloc(b, i + slen + 1); ++ strcpy(b + i, s); ++ i += slen; ++ if (!c) /* s is NOT allocated and this is the last part of string? */ ++ break; ++ free(s); + } + + free(fmt); +- nvfree(v); +- b = xrealloc(b, i + 1); +- b[i] = '\0'; ++ //nvfree(tmpvar, 1); ++#undef TMPVAR ++ ++#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS ++ if (len) ++ *len = i; ++#endif + return b; + } + +@@ -2338,33 +2564,59 @@ static NOINLINE int do_mktime(const char *ds) + return mktime(&then); + } + ++/* Reduce stack usage in exec_builtin() by keeping match() code separate */ ++static NOINLINE var *do_match(node *an1, const char *as0) ++{ ++ regmatch_t pmatch[1]; ++ regex_t sreg, *re; ++ int n, start, len; ++ ++ re = as_regex(an1, &sreg); ++ n = regexec(re, as0, 1, pmatch, 0); ++ if (re == &sreg) ++ regfree(re); ++ start = 0; ++ len = -1; ++ if (n == 0) { ++ start = pmatch[0].rm_so + 1; ++ len = pmatch[0].rm_eo - pmatch[0].rm_so; ++ } ++ setvar_i(newvar("RLENGTH"), len); ++ return setvar_i(newvar("RSTART"), start); ++} ++ ++/* Reduce stack usage in evaluate() by keeping builtins' code separate */ + static NOINLINE var *exec_builtin(node *op, var *res) + { + #define tspl (G.exec_builtin__tspl) + +- var *tv; ++ var *tmpvars; + node *an[4]; + var *av[4]; + const char *as[4]; +- regmatch_t pmatch[2]; +- regex_t sreg, *re; + node *spl; + uint32_t isr, info; + int nargs; + time_t tt; + int i, l, ll, n; + +- tv = nvalloc(4); ++ tmpvars = nvalloc(4); ++#define TMPVAR0 (tmpvars) ++#define TMPVAR1 (tmpvars + 1) ++#define TMPVAR2 (tmpvars + 2) ++#define TMPVAR3 (tmpvars + 3) ++#define TMPVAR(i) (tmpvars + (i)) + isr = info = op->info; + op = op->l.n; + + av[2] = av[3] = NULL; + for (i = 0; i < 4 && op; i++) { + an[i] = nextarg(&op); +- if (isr & 0x09000000) +- av[i] = evaluate(an[i], &tv[i]); +- if (isr & 0x08000000) +- as[i] = getvar_s(av[i]); ++ if (isr & 0x09000000) { ++ av[i] = evaluate(an[i], TMPVAR(i)); ++ if (isr & 0x08000000) ++ as[i] = getvar_s(av[i]); ++ } + isr >>= 1; + } + +@@ -2386,8 +2638,8 @@ static NOINLINE var *exec_builtin(node *op, var *res) + char *s, *s1; + + if (nargs > 2) { +- spl = (an[2]->info & OPCLSMASK) == OC_REGEXP ? +- an[2] : mk_splitter(getvar_s(evaluate(an[2], &tv[2])), &tspl); ++ spl = (an[2]->info == TI_REGEXP) ? an[2] ++ : mk_splitter(getvar_s(evaluate(an[2], TMPVAR2)), &tspl); + } else { + spl = &fsplitter.n; + } +@@ -2501,20 +2753,7 @@ static NOINLINE var *exec_builtin(node *op, var *res) + break; + + case B_ma: +- re = as_regex(an[1], &sreg); +- n = regexec(re, as[0], 1, pmatch, 0); +- if (n == 0) { +- pmatch[0].rm_so++; +- pmatch[0].rm_eo++; +- } else { +- pmatch[0].rm_so = 0; +- pmatch[0].rm_eo = -1; +- } +- setvar_i(newvar("RSTART"), pmatch[0].rm_so); +- setvar_i(newvar("RLENGTH"), pmatch[0].rm_eo - pmatch[0].rm_so); +- setvar_i(res, pmatch[0].rm_so); +- if (re == &sreg) +- regfree(re); ++ res = do_match(an[1], as[0]); + break; + + case B_ge: +@@ -2530,14 +2769,79 @@ static NOINLINE var *exec_builtin(node *op, var *res) + break; + } + +- nvfree(tv); ++ nvfree(tmpvars, 4); ++#undef TMPVAR0 ++#undef TMPVAR1 ++#undef TMPVAR2 ++#undef TMPVAR3 ++#undef TMPVAR ++ + return res; + #undef tspl + } + ++/* if expr looks like "var=value", perform assignment and return 1, ++ * otherwise return 0 */ ++static int is_assignment(const char *expr) ++{ ++ char *exprc, *val; ++ ++ val = (char*)endofname(expr); ++ if (val == (char*)expr || *val != '=') { ++ return FALSE; ++ } ++ ++ exprc = xstrdup(expr); ++ val = exprc + (val - expr); ++ *val++ = '\0'; ++ ++ unescape_string_in_place(val); ++ setvar_u(newvar(exprc), val); ++ free(exprc); ++ return TRUE; ++} ++ ++/* switch to next input file */ ++static rstream *next_input_file(void) ++{ ++#define rsm (G.next_input_file__rsm) ++#define files_happen (G.next_input_file__files_happen) ++ ++ const char *fname, *ind; ++ ++ if (rsm.F) ++ fclose(rsm.F); ++ rsm.F = NULL; ++ rsm.pos = rsm.adv = 0; ++ ++ for (;;) { ++ if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) { ++ if (files_happen) ++ return NULL; ++ fname = "-"; ++ rsm.F = stdin; ++ break; ++ } ++ ind = getvar_s(incvar(intvar[ARGIND])); ++ fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind)); ++ if (fname && *fname && !is_assignment(fname)) { ++ rsm.F = xfopen_stdin(fname); ++ break; ++ } ++ } ++ ++ files_happen = TRUE; ++ setvar_s(intvar[FILENAME], fname); ++ return &rsm; ++#undef rsm ++#undef files_happen ++} ++ + /* + * Evaluate node - the heart of the program. Supplied with subtree +- * and place where to store result. returns ptr to result. ++ * and "res" variable to assign the result to if we evaluate an expression. ++ * If node refers to e.g. a variable or a field, no assignment happens. ++ * Return ptr to the result (which may or may not be the "res" variable!) + */ + #define XC(n) ((n) >> 8) + +@@ -2549,14 +2853,16 @@ static var *evaluate(node *op, var *res) + #define seed (G.evaluate__seed) + #define sreg (G.evaluate__sreg) + +- var *v1; ++ var *tmpvars; + + if (!op) + return setvar_s(res, NULL); + + debug_printf_eval("entered %s()\n", __func__); + +- v1 = nvalloc(2); ++ tmpvars = nvalloc(2); ++#define TMPVAR0 (tmpvars) ++#define TMPVAR1 (tmpvars + 1) + + while (op) { + struct { +@@ -2578,48 +2884,35 @@ static var *evaluate(node *op, var *res) + op1 = op->l.n; + debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); + +- /* "delete" is special: +- * "delete array[var--]" must evaluate index expr only once, +- * must not evaluate it in "execute inevitable things" part. +- */ +- if (XC(opinfo & OPCLSMASK) == XC(OC_DELETE)) { +- uint32_t info = op1->info & OPCLSMASK; +- var *v; +- +- debug_printf_eval("DELETE\n"); +- if (info == OC_VAR) { +- v = op1->l.v; +- } else if (info == OC_FNARG) { +- v = &fnargs[op1->l.aidx]; +- } else { +- syntax_error(EMSG_NOT_ARRAY); ++ /* execute inevitable things */ ++ if (opinfo & OF_RES1) { ++ if ((opinfo & OF_REQUIRED) && !op1) ++ syntax_error(EMSG_TOO_FEW_ARGS); ++ L.v = evaluate(op1, TMPVAR0); ++ if (opinfo & OF_STR1) { ++ L.s = getvar_s(L.v); ++ debug_printf_eval("L.s:'%s'\n", L.s); + } +- if (op1->r.n) { /* array ref? */ +- const char *s; +- s = getvar_s(evaluate(op1->r.n, v1)); +- hash_remove(iamarray(v), s); +- } else { +- clear_array(iamarray(v)); ++ if (opinfo & OF_NUM1) { ++ L_d = getvar_i(L.v); ++ debug_printf_eval("L_d:%f\n", L_d); + } +- goto next; + } +- +- /* execute inevitable things */ +- if (opinfo & OF_RES1) +- L.v = evaluate(op1, v1); +- if (opinfo & OF_RES2) +- R.v = evaluate(op->r.n, v1+1); +- if (opinfo & OF_STR1) { +- L.s = getvar_s(L.v); +- debug_printf_eval("L.s:'%s'\n", L.s); +- } +- if (opinfo & OF_STR2) { +- R.s = getvar_s(R.v); +- debug_printf_eval("R.s:'%s'\n", R.s); +- } +- if (opinfo & OF_NUM1) { +- L_d = getvar_i(L.v); +- debug_printf_eval("L_d:%f\n", L_d); ++ /* NB: Must get string/numeric values of L (done above) ++ * _before_ evaluate()'ing R.v: if both L and R are $NNNs, ++ * and right one is large, then L.v points to Fields[NNN1], ++ * second evaluate() reallocates and moves (!) Fields[], ++ * R.v points to Fields[NNN2] but L.v now points to freed mem! ++ * (Seen trying to evaluate "$444 $44444") ++ */ ++ if (opinfo & OF_RES2) { ++ R.v = evaluate(op->r.n, TMPVAR1); ++ //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? ++ //L.v = NULL; ++ if (opinfo & OF_STR2) { ++ R.s = getvar_s(R.v); ++ debug_printf_eval("R.s:'%s'\n", R.s); ++ } + } + + debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK)); +@@ -2629,7 +2922,8 @@ static var *evaluate(node *op, var *res) + + /* test pattern */ + case XC( OC_TEST ): +- if ((op1->info & OPCLSMASK) == OC_COMMA) { ++ debug_printf_eval("TEST\n"); ++ if (op1->info == TI_COMMA) { + /* it's range pattern */ + if ((opinfo & OF_CHECKED) || ptest(op1->l.n)) { + op->info |= OF_CHECKED; +@@ -2646,25 +2940,32 @@ static var *evaluate(node *op, var *res) + + /* just evaluate an expression, also used as unconditional jump */ + case XC( OC_EXEC ): ++ debug_printf_eval("EXEC\n"); + break; + + /* branch, used in if-else and various loops */ + case XC( OC_BR ): ++ debug_printf_eval("BR\n"); + op = istrue(L.v) ? op->a.n : op->r.n; + break; + + /* initialize for-in loop */ + case XC( OC_WALKINIT ): ++ debug_printf_eval("WALKINIT\n"); + hashwalk_init(L.v, iamarray(R.v)); + break; + + /* get next array item */ + case XC( OC_WALKNEXT ): ++ debug_printf_eval("WALKNEXT\n"); + op = hashwalk_next(L.v) ? op->a.n : op->r.n; + break; + + case XC( OC_PRINT ): +- case XC( OC_PRINTF ): { ++ debug_printf_eval("PRINT /\n"); ++ case XC( OC_PRINTF ): ++ debug_printf_eval("PRINTF\n"); ++ { + FILE *F = stdout; + + if (op->r.n) { +@@ -2682,55 +2983,94 @@ static var *evaluate(node *op, var *res) + F = rsm->F; + } + ++ /* Can't just check 'opinfo == OC_PRINT' here, parser ORs ++ * additional bits to opinfos of print/printf with redirects ++ */ + if ((opinfo & OPCLSMASK) == OC_PRINT) { + if (!op1) { + fputs(getvar_s(intvar[F0]), F); + } else { +- while (op1) { +- var *v = evaluate(nextarg(&op1), v1); ++ for (;;) { ++ var *v = evaluate(nextarg(&op1), TMPVAR0); + if (v->type & VF_NUMBER) { +- fmt_num(g_buf, MAXVARFMT, getvar_s(intvar[OFMT]), +- getvar_i(v), TRUE); ++ fmt_num(getvar_s(intvar[OFMT]), ++ getvar_i(v)); + fputs(g_buf, F); + } else { + fputs(getvar_s(v), F); + } +- +- if (op1) +- fputs(getvar_s(intvar[OFS]), F); ++ if (!op1) ++ break; ++ fputs(getvar_s(intvar[OFS]), F); + } + } + fputs(getvar_s(intvar[ORS]), F); +- +- } else { /* OC_PRINTF */ +- char *s = awk_printf(op1); ++ } else { /* PRINTF */ ++ IF_FEATURE_AWK_GNU_EXTENSIONS(size_t len;) ++ char *s = awk_printf(op1, &len); ++#if ENABLE_FEATURE_AWK_GNU_EXTENSIONS ++ fwrite(s, len, 1, F); ++#else + fputs(s, F); ++#endif + free(s); + } + fflush(F); + break; + } + +- /* case XC( OC_DELETE ): - moved to happen before arg evaluation */ ++ case XC( OC_DELETE ): ++ debug_printf_eval("DELETE\n"); ++ { ++ /* "delete" is special: ++ * "delete array[var--]" must evaluate index expr only once. ++ */ ++ uint32_t info = op1->info & OPCLSMASK; ++ var *v; ++ ++ if (info == OC_VAR) { ++ v = op1->l.v; ++ } else if (info == OC_FNARG) { ++ v = &fnargs[op1->l.aidx]; ++ } else { ++ syntax_error(EMSG_NOT_ARRAY); ++ } ++ if (op1->r.n) { /* array ref? */ ++ const char *s; ++ s = getvar_s(evaluate(op1->r.n, TMPVAR0)); ++ hash_remove(iamarray(v), s); ++ } else { ++ clear_array(iamarray(v)); ++ } ++ break; ++ } + + case XC( OC_NEWSOURCE ): ++ debug_printf_eval("NEWSOURCE\n"); + g_progname = op->l.new_progname; + break; + + case XC( OC_RETURN ): ++ debug_printf_eval("RETURN\n"); + copyvar(res, L.v); + break; + + case XC( OC_NEXTFILE ): ++ debug_printf_eval("NEXTFILE\n"); + nextfile = TRUE; + case XC( OC_NEXT ): ++ debug_printf_eval("NEXT\n"); + nextrec = TRUE; + case XC( OC_DONE ): ++ debug_printf_eval("DONE\n"); + clrvar(res); + break; + + case XC( OC_EXIT ): +- awk_exit(L_d); ++ debug_printf_eval("EXIT\n"); ++ if (op1) ++ G.exitcode = (int)L_d; ++ awk_exit(); + + /* -- recursive node type -- */ + +@@ -2749,15 +3089,18 @@ static var *evaluate(node *op, var *res) + break; + + case XC( OC_IN ): ++ debug_printf_eval("IN\n"); + setvar_i(res, hash_search(iamarray(R.v), L.s) ? 1 : 0); + break; + + case XC( OC_REGEXP ): ++ debug_printf_eval("REGEXP\n"); + op1 = op; + L.s = getvar_s(intvar[F0]); + goto re_cont; + + case XC( OC_MATCH ): ++ debug_printf_eval("MATCH\n"); + op1 = op->r.n; + re_cont: + { +@@ -2772,61 +3115,80 @@ static var *evaluate(node *op, var *res) + case XC( OC_MOVE ): + debug_printf_eval("MOVE\n"); + /* if source is a temporary string, jusk relink it to dest */ +-//Disabled: if R.v is numeric but happens to have cached R.v->string, +-//then L.v ends up being a string, which is wrong +-// if (R.v == v1+1 && R.v->string) { +-// res = setvar_p(L.v, R.v->string); +-// R.v->string = NULL; +-// } else { ++ if (R.v == TMPVAR1 ++ && !(R.v->type & VF_NUMBER) ++ /* Why check !NUMBER? if R.v is a number but has cached R.v->string, ++ * L.v ends up a string, which is wrong */ ++ /*&& R.v->string - always not NULL (right?) */ ++ ) { ++ res = setvar_p(L.v, R.v->string); /* avoids strdup */ ++ R.v->string = NULL; ++ } else { + res = copyvar(L.v, R.v); +-// } ++ } + break; + + case XC( OC_TERNARY ): +- if ((op->r.n->info & OPCLSMASK) != OC_COLON) ++ debug_printf_eval("TERNARY\n"); ++ if (op->r.n->info != TI_COLON) + syntax_error(EMSG_POSSIBLE_ERROR); + res = evaluate(istrue(L.v) ? op->r.n->l.n : op->r.n->r.n, res); + break; + + case XC( OC_FUNC ): { +- var *vbeg, *v; ++ var *argvars, *sv_fnargs; + const char *sv_progname; ++ int nargs, i; + +- /* The body might be empty, still has to eval the args */ +- if (!op->r.n->info && !op->r.f->body.first) ++ debug_printf_eval("FUNC\n"); ++ ++ if (!op->r.f->defined) + syntax_error(EMSG_UNDEF_FUNC); + +- vbeg = v = nvalloc(op->r.f->nargs + 1); ++ /* The body might be empty, still has to eval the args */ ++ nargs = op->r.f->nargs; ++ argvars = nvalloc(nargs); ++ i = 0; + while (op1) { +- var *arg = evaluate(nextarg(&op1), v1); +- copyvar(v, arg); +- v->type |= VF_CHILD; +- v->x.parent = arg; +- if (++v - vbeg >= op->r.f->nargs) +- break; ++ var *arg = evaluate(nextarg(&op1), TMPVAR0); ++ if (i == nargs) { ++ /* call with more arguments than function takes. ++ * (gawk warns: "warning: function 'f' called with more arguments than declared"). ++ * They are still evaluated, but discarded: */ ++ clrvar(arg); ++ continue; ++ } ++ copyvar(&argvars[i], arg); ++ argvars[i].type |= VF_CHILD; ++ argvars[i].x.parent = arg; ++ i++; + } + +- v = fnargs; +- fnargs = vbeg; ++ sv_fnargs = fnargs; + sv_progname = g_progname; + ++ fnargs = argvars; + res = evaluate(op->r.f->body.first, res); ++ nvfree(argvars, nargs); + + g_progname = sv_progname; +- nvfree(fnargs); +- fnargs = v; ++ fnargs = sv_fnargs; + + break; + } + + case XC( OC_GETLINE ): +- case XC( OC_PGETLINE ): { ++ debug_printf_eval("GETLINE /\n"); ++ case XC( OC_PGETLINE ): ++ debug_printf_eval("PGETLINE\n"); ++ { + rstream *rsm; + int i; + + if (op1) { + rsm = newfile(L.s); + if (!rsm->F) { ++ /* NB: can't use "opinfo == TI_PGETLINE", would break "cmd" | getline */ + if ((opinfo & OPCLSMASK) == OC_PGETLINE) { + rsm->F = popen(L.s, "r"); + rsm->is_pipe = TRUE; +@@ -2861,16 +3223,34 @@ static var *evaluate(node *op, var *res) + /* simple builtins */ + case XC( OC_FBLTIN ): { + double R_d = R_d; /* for compiler */ ++ debug_printf_eval("FBLTIN\n"); ++ ++ if (op1 && op1->info == TI_COMMA) ++ /* Simple builtins take one arg maximum */ ++ syntax_error("Too many arguments"); + + switch (opn) { + case F_in: + R_d = (long long)L_d; + break; + +- case F_rn: +- R_d = (double)rand() / (double)RAND_MAX; ++ case F_rn: /*rand*/ ++ if (op1) ++ syntax_error("Too many arguments"); ++ { ++#if RAND_MAX >= 0x7fffffff ++ uint32_t u = ((uint32_t)rand() << 16) ^ rand(); ++ uint64_t v = ((uint64_t)rand() << 32) | u; ++ /* the above shift+or is optimized out on 32-bit arches */ ++# if RAND_MAX > 0x7fffffff ++ v &= 0x7fffffffffffffffULL; ++# endif ++ R_d = (double)v / 0x8000000000000000ULL; ++#else ++# error Not implemented for this value of RAND_MAX ++#endif + break; +- ++ } + case F_co: + if (ENABLE_FEATURE_AWK_LIBM) { + R_d = cos(L_d); +@@ -2910,7 +3290,9 @@ static var *evaluate(node *op, var *res) + srand(seed); + break; + +- case F_ti: ++ case F_ti: /*systime*/ ++ if (op1) ++ syntax_error("Too many arguments"); + R_d = time(NULL); + break; + +@@ -2949,7 +3331,7 @@ static var *evaluate(node *op, var *res) + rstream *rsm; + int err = 0; + rsm = (rstream *)hash_search(fdhash, L.s); +- debug_printf_eval("OC_FBLTIN F_cl rsm:%p\n", rsm); ++ debug_printf_eval("OC_FBLTIN close: op1:%p s:'%s' rsm:%p\n", op1, L.s, rsm); + if (rsm) { + debug_printf_eval("OC_FBLTIN F_cl " + "rsm->is_pipe:%d, ->F:%p\n", +@@ -2960,6 +3342,11 @@ static var *evaluate(node *op, var *res) + */ + if (rsm->F) + err = rsm->is_pipe ? pclose(rsm->F) : fclose(rsm->F); ++//TODO: fix this case: ++// $ awk 'BEGIN { print close(""); print ERRNO }' ++// -1 ++// close of redirection that was never opened ++// (we print 0, 0) + free(rsm->buffer); + hash_remove(fdhash, L.s); + } +@@ -2974,14 +3361,18 @@ static var *evaluate(node *op, var *res) + } + + case XC( OC_BUILTIN ): ++ debug_printf_eval("BUILTIN\n"); + res = exec_builtin(op, res); + break; + + case XC( OC_SPRINTF ): +- setvar_p(res, awk_printf(op1)); ++ debug_printf_eval("SPRINTF\n"); ++ setvar_p(res, awk_printf(op1, NULL)); + break; + +- case XC( OC_UNARY ): { ++ case XC( OC_UNARY ): ++ debug_printf_eval("UNARY\n"); ++ { + double Ld, R_d; + + Ld = R_d = getvar_i(R.v); +@@ -3011,7 +3402,9 @@ static var *evaluate(node *op, var *res) + break; + } + +- case XC( OC_FIELD ): { ++ case XC( OC_FIELD ): ++ debug_printf_eval("FIELD\n"); ++ { + int i = (int)getvar_i(R.v); + if (i < 0) + syntax_error(EMSG_NEGATIVE_FIELD); +@@ -3028,26 +3421,33 @@ static var *evaluate(node *op, var *res) + + /* concatenation (" ") and index joining (",") */ + case XC( OC_CONCAT ): ++ debug_printf_eval("CONCAT /\n"); + case XC( OC_COMMA ): { + const char *sep = ""; +- if ((opinfo & OPCLSMASK) == OC_COMMA) ++ debug_printf_eval("COMMA\n"); ++ if (opinfo == TI_COMMA) + sep = getvar_s(intvar[SUBSEP]); + setvar_p(res, xasprintf("%s%s%s", L.s, sep, R.s)); + break; + } + + case XC( OC_LAND ): ++ debug_printf_eval("LAND\n"); + setvar_i(res, istrue(L.v) ? ptest(op->r.n) : 0); + break; + + case XC( OC_LOR ): ++ debug_printf_eval("LOR\n"); + setvar_i(res, istrue(L.v) ? 1 : ptest(op->r.n)); + break; + + case XC( OC_BINARY ): +- case XC( OC_REPLACE ): { ++ debug_printf_eval("BINARY /\n"); ++ case XC( OC_REPLACE ): ++ debug_printf_eval("REPLACE\n"); ++ { + double R_d = getvar_i(R.v); +- debug_printf_eval("BINARY/REPLACE: R_d:%f opn:%c\n", R_d, opn); ++ debug_printf_eval("R_d:%f opn:%c\n", R_d, opn); + switch (opn) { + case '+': + L_d += R_d; +@@ -3083,6 +3483,7 @@ static var *evaluate(node *op, var *res) + case XC( OC_COMPARE ): { + int i = i; /* for compiler */ + double Ld; ++ debug_printf_eval("COMPARE\n"); + + if (is_numeric(L.v) && is_numeric(R.v)) { + Ld = getvar_i(L.v) - getvar_i(R.v); +@@ -3109,7 +3510,7 @@ static var *evaluate(node *op, var *res) + default: + syntax_error(EMSG_POSSIBLE_ERROR); + } /* switch */ +- next: ++ + if ((opinfo & OPCLSMASK) <= SHIFT_TIL_THIS) + op = op->a.n; + if ((opinfo & OPCLSMASK) >= RECUR_FROM_THIS) +@@ -3118,7 +3519,10 @@ static var *evaluate(node *op, var *res) + break; + } /* while (op) */ + +- nvfree(v1); ++ nvfree(tmpvars, 2); ++#undef TMPVAR0 ++#undef TMPVAR1 ++ + debug_printf_eval("returning from %s(): %p\n", __func__, res); + return res; + #undef fnargs +@@ -3126,25 +3530,21 @@ static var *evaluate(node *op, var *res) + #undef sreg + } + +- + /* -------- main & co. -------- */ + +-static int awk_exit(int r) ++static int awk_exit(void) + { +- var tv; + unsigned i; +- hash_item *hi; +- +- zero_out_var(&tv); + + if (!exiting) { + exiting = TRUE; + nextrec = FALSE; +- evaluate(endseq.first, &tv); ++ evaluate(endseq.first, &G.exit__tmpvar); + } + + /* waiting for children */ + for (i = 0; i < fdhash->csize; i++) { ++ hash_item *hi; + hi = fdhash->items[i]; + while (hi) { + if (hi->data.rs.F && hi->data.rs.is_pipe) +@@ -3153,65 +3553,7 @@ static int awk_exit(int r) + } + } + +- exit(r); +-} +- +-/* if expr looks like "var=value", perform assignment and return 1, +- * otherwise return 0 */ +-static int is_assignment(const char *expr) +-{ +- char *exprc, *val; +- +- if (!isalnum_(*expr) || (val = strchr(expr, '=')) == NULL) { +- return FALSE; +- } +- +- exprc = xstrdup(expr); +- val = exprc + (val - expr); +- *val++ = '\0'; +- +- unescape_string_in_place(val); +- setvar_u(newvar(exprc), val); +- free(exprc); +- return TRUE; +-} +- +-/* switch to next input file */ +-static rstream *next_input_file(void) +-{ +-#define rsm (G.next_input_file__rsm) +-#define files_happen (G.next_input_file__files_happen) +- +- FILE *F; +- const char *fname, *ind; +- +- if (rsm.F) +- fclose(rsm.F); +- rsm.F = NULL; +- rsm.pos = rsm.adv = 0; +- +- for (;;) { +- if (getvar_i(intvar[ARGIND])+1 >= getvar_i(intvar[ARGC])) { +- if (files_happen) +- return NULL; +- fname = "-"; +- F = stdin; +- break; +- } +- ind = getvar_s(incvar(intvar[ARGIND])); +- fname = getvar_s(findvar(iamarray(intvar[ARGV]), ind)); +- if (fname && *fname && !is_assignment(fname)) { +- F = xfopen_stdin(fname); +- break; +- } +- } +- +- files_happen = TRUE; +- setvar_s(intvar[FILENAME], fname); +- rsm.F = F; +- return &rsm; +-#undef rsm +-#undef files_happen ++ exit(G.exitcode); + } + + int awk_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; +@@ -3224,12 +3566,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + #if ENABLE_FEATURE_AWK_GNU_EXTENSIONS + llist_t *list_e = NULL; + #endif +- int i, j; +- var *v; +- var tv; +- char **envp; +- char *vnames = (char *)vNames; /* cheat */ +- char *vvalues = (char *)vValues; ++ int i; + + INIT_G(); + +@@ -3238,48 +3575,43 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + if (ENABLE_LOCALE_SUPPORT) + setlocale(LC_NUMERIC, "C"); + +- zero_out_var(&tv); +- +- /* allocate global buffer */ +- g_buf = xmalloc(MAXVARFMT + 1); +- +- vhash = hash_init(); +- ahash = hash_init(); +- fdhash = hash_init(); +- fnhash = hash_init(); +- + /* initialize variables */ +- for (i = 0; *vnames; i++) { +- intvar[i] = v = newvar(nextword(&vnames)); +- if (*vvalues != '\377') +- setvar_s(v, nextword(&vvalues)); +- else +- setvar_i(v, 0); +- +- if (*vnames == '*') { +- v->type |= VF_SPECIAL; +- vnames++; ++ vhash = hash_init(); ++ { ++ char *vnames = (char *)vNames; /* cheat */ ++ char *vvalues = (char *)vValues; ++ for (i = 0; *vnames; i++) { ++ var *v; ++ intvar[i] = v = newvar(nextword(&vnames)); ++ if (*vvalues != '\377') ++ setvar_s(v, nextword(&vvalues)); ++ else ++ setvar_i(v, 0); ++ ++ if (*vnames == '*') { ++ v->type |= VF_SPECIAL; ++ vnames++; ++ } + } + } + + handle_special(intvar[FS]); + handle_special(intvar[RS]); + +- newfile("/dev/stdin")->F = stdin; +- newfile("/dev/stdout")->F = stdout; +- newfile("/dev/stderr")->F = stderr; +- + /* Huh, people report that sometimes environ is NULL. Oh well. */ +- if (environ) for (envp = environ; *envp; envp++) { +- /* environ is writable, thus we don't strdup it needlessly */ +- char *s = *envp; +- char *s1 = strchr(s, '='); +- if (s1) { +- *s1 = '\0'; +- /* Both findvar and setvar_u take const char* +- * as 2nd arg -> environment is not trashed */ +- setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1); +- *s1 = '='; ++ if (environ) { ++ char **envp; ++ for (envp = environ; *envp; envp++) { ++ /* environ is writable, thus we don't strdup it needlessly */ ++ char *s = *envp; ++ char *s1 = strchr(s, '='); ++ if (s1) { ++ *s1 = '\0'; ++ /* Both findvar and setvar_u take const char* ++ * as 2nd arg -> environment is not trashed */ ++ setvar_u(findvar(iamarray(intvar[ENVIRON]), s), s1 + 1); ++ *s1 = '='; ++ } + } + } + opt = getopt32(argv, OPTSTR_AWK, &opt_F, &list_v, &list_f, IF_FEATURE_AWK_GNU_EXTENSIONS(&list_e,) NULL); +@@ -3295,20 +3627,19 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + if (!is_assignment(llist_pop(&list_v))) + bb_show_usage(); + } ++ ++ /* Parse all supplied programs */ ++ fnhash = hash_init(); ++ ahash = hash_init(); + while (list_f) { +- char *s = NULL; +- FILE *from_file; ++ int fd; ++ char *s; + + g_progname = llist_pop(&list_f); +- from_file = xfopen_stdin(g_progname); +- /* one byte is reserved for some trick in next_token */ +- for (i = j = 1; j > 0; i += j) { +- s = xrealloc(s, i + 4096); +- j = fread(s + i, 1, 4094, from_file); +- } +- s[i] = '\0'; +- fclose(from_file); +- parse_program(s + 1); ++ fd = xopen_stdin(g_progname); ++ s = xmalloc_read(fd, NULL); /* it's NUL-terminated */ ++ close(fd); ++ parse_program(s); + free(s); + } + g_progname = "cmd. line"; +@@ -3317,11 +3648,23 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + parse_program(llist_pop(&list_e)); + } + #endif ++//FIXME: preserve order of -e and -f ++//TODO: implement -i LIBRARY and -E FILE too, they are easy-ish + if (!(opt & (OPT_f | OPT_e))) { + if (!*argv) + bb_show_usage(); + parse_program(*argv++); + } ++ /* Free unused parse structures */ ++ //hash_free(fnhash); // ~250 bytes when empty, used only for function names ++ //^^^^^^^^^^^^^^^^^ does not work, hash_clear() inside SEGVs ++ // (IOW: hash_clear() assumes it's a hash of variables. fnhash is not). ++ free(fnhash->items); ++ free(fnhash); ++ fnhash = NULL; // debug ++ //hash_free(ahash); // empty after parsing, will reuse as fdhash instead of freeing ++ ++ /* Parsing done, on to executing */ + + /* fill in ARGV array */ + setari_u(intvar[ARGV], 0, "awk"); +@@ -3330,9 +3673,14 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + setari_u(intvar[ARGV], ++i, *argv++); + setvar_i(intvar[ARGC], i + 1); + +- evaluate(beginseq.first, &tv); ++ //fdhash = ahash; // done via define ++ newfile("/dev/stdin")->F = stdin; ++ newfile("/dev/stdout")->F = stdout; ++ newfile("/dev/stderr")->F = stderr; ++ ++ evaluate(beginseq.first, &G.main__tmpvar); + if (!mainseq.first && !endseq.first) +- awk_exit(EXIT_SUCCESS); ++ awk_exit(); + + /* input file could already be opened in BEGIN block */ + if (!iF) +@@ -3347,7 +3695,7 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + nextrec = FALSE; + incvar(intvar[NR]); + incvar(intvar[FNR]); +- evaluate(mainseq.first, &tv); ++ evaluate(mainseq.first, &G.main__tmpvar); + + if (nextfile) + break; +@@ -3359,6 +3707,6 @@ int awk_main(int argc UNUSED_PARAM, char **argv) + iF = next_input_file(); + } + +- awk_exit(EXIT_SUCCESS); ++ awk_exit(); + /*return 0;*/ + } +diff --git a/testsuite/awk.tests b/testsuite/awk.tests +index 92c83d719..4a7a01245 100755 +--- a/testsuite/awk.tests ++++ b/testsuite/awk.tests +@@ -44,6 +44,16 @@ testing "awk handles empty function f(arg){}" \ + "L1\n\nL2\n\n" \ + "" "" + ++prg=' ++function empty_fun(){} ++END {empty_fun() ++ print "Ok" ++}' ++testing "awk handles empty function f(){}" \ ++ "awk '$prg'" \ ++ "Ok\n" \ ++ "" "" ++ + prg=' + function outer_fun() { + return 1 +@@ -71,6 +81,23 @@ testing "awk properly handles undefined function" \ + "L1\n\nawk: cmd. line:5: Call to undefined function\n" \ + "" "" + ++prg=' ++BEGIN { ++ v=1 ++ a=2 ++ print v (a) ++}' ++testing "awk 'v (a)' is not a function call, it is a concatenation" \ ++ "awk '$prg' 2>&1" \ ++ "12\n" \ ++ "" "" ++ ++prg='func f(){print"F"};func g(){print"G"};BEGIN{f(g(),g())}' ++testing "awk unused function args are evaluated" \ ++ "awk '$prg' 2>&1" \ ++ "G\nG\nF\n" \ ++ "" "" ++ + + optional DESKTOP + testing "awk hex const 1" "awk '{ print or(0xffffffff,1) }'" "4294967295\n" "" "\n" +@@ -352,19 +379,14 @@ testing "awk -e and ARGC" \ + "" + SKIP= + +-# The examples are in fact not valid awk programs (break/continue +-# can only be used inside loops). +-# But we do accept them outside of loops. +-# We had a bug with misparsing "break ; else" sequence. +-# Test that *that* bug is fixed, using simplest possible scripts: + testing "awk break" \ + "awk -f - 2>&1; echo \$?" \ +- "0\n" \ ++ "awk: -:1: 'break' not in a loop\n1\n" \ + "" \ + 'BEGIN { if (1) break; else a = 1 }' + testing "awk continue" \ + "awk -f - 2>&1; echo \$?" \ +- "0\n" \ ++ "awk: -:1: 'continue' not in a loop\n1\n" \ + "" \ + 'BEGIN { if (1) continue; else a = 1 }' + +@@ -383,6 +405,11 @@ testing "awk errors on missing delete arg" \ + "awk -e '{delete}' 2>&1" "awk: cmd. line:1: Too few arguments\n" "" "" + SKIP= + ++optional FEATURE_AWK_GNU_EXTENSIONS ++testing "awk printf('%c') can output NUL" \ ++ "awk '{printf(\"hello%c null\n\", 0)}'" "hello\0 null\n" "" "\n" ++SKIP= ++ + # testing "description" "command" "result" "infile" "stdin" + testing 'awk negative field access' \ + 'awk 2>&1 -- '\''{ $(-1) }'\' \ +@@ -413,4 +440,25 @@ testing 'awk $NF is empty' \ + '' \ + 'a=====123=' + ++testing "awk exit N propagates through END's exit" \ ++ "awk 'BEGIN { exit 42 } END { exit }'; echo \$?" \ ++ "42\n" \ ++ '' '' ++ ++testing "awk print + redirect" \ ++ "awk 'BEGIN { print \"STDERR %s\" >\"/dev/stderr\" }' 2>&1" \ ++ "STDERR %s\n" \ ++ '' '' ++ ++testing "awk \"cmd\" | getline" \ ++ "awk 'BEGIN { \"echo HELLO\" | getline; print }'" \ ++ "HELLO\n" \ ++ '' '' ++ ++# printf %% should print one % (had a bug where it didn't) ++testing 'awk printf %% prints one %' \ ++ "awk 'BEGIN { printf \"%%\n\" }'" \ ++ "%\n" \ ++ '' '' ++ + exit $FAILCOUNT +diff --git a/testsuite/printf.tests b/testsuite/printf.tests +index 34a65926e..050edef71 100755 +--- a/testsuite/printf.tests ++++ b/testsuite/printf.tests +@@ -79,6 +79,11 @@ testing "printf understands %Ld" \ + "-5\n""0\n" \ + "" "" + ++testing "printf understands %%" \ ++ "${bb}printf '%%\n' 2>&1; echo \$?" \ ++ "%\n""0\n" \ ++ "" "" ++ + testing "printf handles positive numbers for %d" \ + "${bb}printf '%d\n' 3 +3 ' 3' ' +3' 2>&1; echo \$?" \ + "3\n"\ +-- +2.33.0 + diff --git a/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch new file mode 100644 index 0000000000..4a930b7b6f --- /dev/null +++ b/meta/recipes-core/busybox/busybox/0002-man-fix-segfault-in-man-1.patch @@ -0,0 +1,30 @@ +From 4975cace9bf96bfde174f8bb5cc4068d2ea294d4 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko <vda.linux@googlemail.com> +Date: Tue, 15 Jun 2021 14:47:46 +0200 +Subject: [PATCH] man: fix segfault in "man 1" + +function old new delta +man_main 942 954 +12 + +Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> + +Upstream-Status: Backport [4d4fc5ca5ee4f] +CVE: CVE-2021-42373 +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + miscutils/man.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/miscutils/man.c b/miscutils/man.c +index 722f6641e..d319e8bba 100644 +--- a/miscutils/man.c ++++ b/miscutils/man.c +@@ -324,7 +324,7 @@ int man_main(int argc UNUSED_PARAM, char **argv) + + /* is 1st ARG a SECTION? */ + sec_list = conf_sec_list; +- if (is_section_name(conf_sec_list, *argv)) { ++ if (is_section_name(conf_sec_list, *argv) && argv[1]) { + /* yes */ + sec_list = *argv++; + } diff --git a/meta/recipes-core/busybox/busybox_1.33.1.bb b/meta/recipes-core/busybox/busybox_1.33.2.bb index 4002d6a5c6..4a0d3b4556 100644 --- a/meta/recipes-core/busybox/busybox_1.33.1.bb +++ b/meta/recipes-core/busybox/busybox_1.33.2.bb @@ -48,7 +48,9 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \ file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \ file://0001-gen_build_files-Use-C-locale-when-calling-sed-on-glo.patch \ file://0001-mktemp-add-tmpdir-option.patch \ + file://0001-awk-fix-CVEs.patch \ + file://0002-man-fix-segfault-in-man-1.patch \ " SRC_URI_append_libc-musl = " file://musl.cfg " -SRC_URI[tarball.sha256sum] = "12cec6bd2b16d8a9446dd16130f2b92982f1819f6e1c5f5887b6db03f5660d28" +SRC_URI[tarball.sha256sum] = "6843ba7977081e735fa0fdb05893e3c002c8c5ad7c9c80da206e603cc0ac47e7" diff --git a/meta/recipes-core/dbus-wait/dbus-wait_git.bb b/meta/recipes-core/dbus-wait/dbus-wait_git.bb index 677768d35a..b39f7523c0 100644 --- a/meta/recipes-core/dbus-wait/dbus-wait_git.bb +++ b/meta/recipes-core/dbus-wait/dbus-wait_git.bb @@ -11,7 +11,7 @@ SRCREV = "6cc6077a36fe2648a5f993fe7c16c9632f946517" PV = "0.1+git${SRCPV}" PR = "r2" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" UPSTREAM_CHECK_COMMITS = "1" S = "${WORKDIR}/git" diff --git a/meta/recipes-core/expat/expat/CVE-2021-45960.patch b/meta/recipes-core/expat/expat/CVE-2021-45960.patch new file mode 100644 index 0000000000..523449e22c --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2021-45960.patch @@ -0,0 +1,65 @@ +From 0adcb34c49bee5b19bd29b16a578c510c23597ea Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Mon, 27 Dec 2021 20:15:02 +0100 +Subject: [PATCH] lib: Detect and prevent troublesome left shifts in function + storeAtts (CVE-2021-45960) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/534/commits/0adcb34c49bee5b19bd29b16a578c510c23597ea + +CVE: CVE-2021-45960 +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + expat/lib/xmlparse.c | 31 +++++++++++++++++++++++++++++-- + 1 file changed, 29 insertions(+), 2 deletions(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index d730f41c3..b47c31b05 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3414,7 +3414,13 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + if (nPrefixes) { + int j; /* hash table index */ + unsigned long version = parser->m_nsAttsVersion; +- int nsAttsSize = (int)1 << parser->m_nsAttsPower; ++ ++ /* Detect and prevent invalid shift */ ++ if (parser->m_nsAttsPower >= sizeof(unsigned int) * 8 /* bits per byte */) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ unsigned int nsAttsSize = 1u << parser->m_nsAttsPower; + unsigned char oldNsAttsPower = parser->m_nsAttsPower; + /* size of hash table must be at least 2 * (# of prefixed attributes) */ + if ((nPrefixes << 1) +@@ -3425,7 +3431,28 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + ; + if (parser->m_nsAttsPower < 3) + parser->m_nsAttsPower = 3; +- nsAttsSize = (int)1 << parser->m_nsAttsPower; ++ ++ /* Detect and prevent invalid shift */ ++ if (parser->m_nsAttsPower >= sizeof(nsAttsSize) * 8 /* bits per byte */) { ++ /* Restore actual size of memory in m_nsAtts */ ++ parser->m_nsAttsPower = oldNsAttsPower; ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ nsAttsSize = 1u << parser->m_nsAttsPower; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (nsAttsSize > (size_t)(-1) / sizeof(NS_ATT)) { ++ /* Restore actual size of memory in m_nsAtts */ ++ parser->m_nsAttsPower = oldNsAttsPower; ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + temp = (NS_ATT *)REALLOC(parser, parser->m_nsAtts, + nsAttsSize * sizeof(NS_ATT)); + if (! temp) { diff --git a/meta/recipes-core/expat/expat/CVE-2021-46143.patch b/meta/recipes-core/expat/expat/CVE-2021-46143.patch new file mode 100644 index 0000000000..b1a726d9a8 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2021-46143.patch @@ -0,0 +1,49 @@ +From 85ae9a2d7d0e9358f356b33977b842df8ebaec2b Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Sat, 25 Dec 2021 20:52:08 +0100 +Subject: [PATCH] lib: Prevent integer overflow on m_groupSize in function + doProlog (CVE-2021-46143) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/538/commits/85ae9a2d7d0e9358f356b33977b842df8ebaec2b + +CVE: CVE-2021-46143 + +Signed-off-by: Steve Sakoman <steve@sakoman.com> +--- + expat/lib/xmlparse.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index b47c31b0..8f243126 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -5046,6 +5046,11 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + if (parser->m_prologState.level >= parser->m_groupSize) { + if (parser->m_groupSize) { + { ++ /* Detect and prevent integer overflow */ ++ if (parser->m_groupSize > (unsigned int)(-1) / 2u) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + char *const new_connector = (char *)REALLOC( + parser, parser->m_groupConnector, parser->m_groupSize *= 2); + if (new_connector == NULL) { +@@ -5056,6 +5061,16 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + } + + if (dtd->scaffIndex) { ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (parser->m_groupSize > (size_t)(-1) / sizeof(int)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + int *const new_scaff_index = (int *)REALLOC( + parser, dtd->scaffIndex, parser->m_groupSize * sizeof(int)); + if (new_scaff_index == NULL) diff --git a/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch new file mode 100644 index 0000000000..e569fbc7ab --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-22822-27.patch @@ -0,0 +1,257 @@ +From 9f93e8036e842329863bf20395b8fb8f73834d9e Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Thu, 30 Dec 2021 22:46:03 +0100 +Subject: [PATCH] lib: Prevent integer overflow at multiple places + (CVE-2022-22822 to CVE-2022-22827) + +The involved functions are: +- addBinding (CVE-2022-22822) +- build_model (CVE-2022-22823) +- defineAttribute (CVE-2022-22824) +- lookup (CVE-2022-22825) +- nextScaffoldPart (CVE-2022-22826) +- storeAtts (CVE-2022-22827) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/539/commits/9f93e8036e842329863bf20395b8fb8f73834d9e + +CVE: CVE-2022-22822 CVE-2022-22823 CVE-2022-22824 CVE-2022-22825 CVE-2022-22826 CVE-2022-22827 +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + expat/lib/xmlparse.c | 153 ++++++++++++++++++++++++++++++++++++++++++- + 1 file changed, 151 insertions(+), 2 deletions(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index 8f243126..575e73ee 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3261,13 +3261,38 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + + /* get the attributes from the tokenizer */ + n = XmlGetAttributes(enc, attStr, parser->m_attsSize, parser->m_atts); ++ ++ /* Detect and prevent integer overflow */ ++ if (n > INT_MAX - nDefaultAtts) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + if (n + nDefaultAtts > parser->m_attsSize) { + int oldAttsSize = parser->m_attsSize; + ATTRIBUTE *temp; + #ifdef XML_ATTR_INFO + XML_AttrInfo *temp2; + #endif ++ ++ /* Detect and prevent integer overflow */ ++ if ((nDefaultAtts > INT_MAX - INIT_ATTS_SIZE) ++ || (n > INT_MAX - (nDefaultAtts + INIT_ATTS_SIZE))) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + parser->m_attsSize = n + nDefaultAtts + INIT_ATTS_SIZE; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(ATTRIBUTE)) { ++ parser->m_attsSize = oldAttsSize; ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + temp = (ATTRIBUTE *)REALLOC(parser, (void *)parser->m_atts, + parser->m_attsSize * sizeof(ATTRIBUTE)); + if (temp == NULL) { +@@ -3276,6 +3301,17 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + } + parser->m_atts = temp; + #ifdef XML_ATTR_INFO ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++# if UINT_MAX >= SIZE_MAX ++ if ((unsigned)parser->m_attsSize > (size_t)(-1) / sizeof(XML_AttrInfo)) { ++ parser->m_attsSize = oldAttsSize; ++ return XML_ERROR_NO_MEMORY; ++ } ++# endif ++ + temp2 = (XML_AttrInfo *)REALLOC(parser, (void *)parser->m_attInfo, + parser->m_attsSize * sizeof(XML_AttrInfo)); + if (temp2 == NULL) { +@@ -3610,9 +3646,31 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + tagNamePtr->prefixLen = prefixLen; + for (i = 0; localPart[i++];) + ; /* i includes null terminator */ ++ ++ /* Detect and prevent integer overflow */ ++ if (binding->uriLen > INT_MAX - prefixLen ++ || i > INT_MAX - (binding->uriLen + prefixLen)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ + n = i + binding->uriLen + prefixLen; + if (n > binding->uriAlloc) { + TAG *p; ++ ++ /* Detect and prevent integer overflow */ ++ if (n > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(n + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + uri = (XML_Char *)MALLOC(parser, (n + EXPAND_SPARE) * sizeof(XML_Char)); + if (! uri) + return XML_ERROR_NO_MEMORY; +@@ -3708,6 +3766,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + if (parser->m_freeBindingList) { + b = parser->m_freeBindingList; + if (len > b->uriAlloc) { ++ /* Detect and prevent integer overflow */ ++ if (len > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + XML_Char *temp = (XML_Char *)REALLOC( + parser, b->uri, sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (temp == NULL) +@@ -3720,6 +3793,21 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + b = (BINDING *)MALLOC(parser, sizeof(BINDING)); + if (! b) + return XML_ERROR_NO_MEMORY; ++ ++ /* Detect and prevent integer overflow */ ++ if (len > INT_MAX - EXPAND_SPARE) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)(len + EXPAND_SPARE) > (size_t)(-1) / sizeof(XML_Char)) { ++ return XML_ERROR_NO_MEMORY; ++ } ++#endif ++ + b->uri + = (XML_Char *)MALLOC(parser, sizeof(XML_Char) * (len + EXPAND_SPARE)); + if (! b->uri) { +@@ -6141,7 +6229,24 @@ defineAttribute(ELEMENT_TYPE *type, ATTRIBUTE_ID *attId, XML_Bool isCdata, + } + } else { + DEFAULT_ATTRIBUTE *temp; ++ ++ /* Detect and prevent integer overflow */ ++ if (type->allocDefaultAtts > INT_MAX / 2) { ++ return 0; ++ } ++ + int count = type->allocDefaultAtts * 2; ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if ((unsigned)count > (size_t)(-1) / sizeof(DEFAULT_ATTRIBUTE)) { ++ return 0; ++ } ++#endif ++ + temp = (DEFAULT_ATTRIBUTE *)REALLOC(parser, type->defaultAtts, + (count * sizeof(DEFAULT_ATTRIBUTE))); + if (temp == NULL) +@@ -6792,8 +6897,20 @@ lookup(XML_Parser parser, HASH_TABLE *table, KEY name, size_t createSize) { + /* check for overflow (table is half full) */ + if (table->used >> (table->power - 1)) { + unsigned char newPower = table->power + 1; ++ ++ /* Detect and prevent invalid shift */ ++ if (newPower >= sizeof(unsigned long) * 8 /* bits per byte */) { ++ return NULL; ++ } ++ + size_t newSize = (size_t)1 << newPower; + unsigned long newMask = (unsigned long)newSize - 1; ++ ++ /* Detect and prevent integer overflow */ ++ if (newSize > (size_t)(-1) / sizeof(NAMED *)) { ++ return NULL; ++ } ++ + size_t tsize = newSize * sizeof(NAMED *); + NAMED **newV = (NAMED **)table->mem->malloc_fcn(tsize); + if (! newV) +@@ -7143,6 +7260,20 @@ nextScaffoldPart(XML_Parser parser) { + if (dtd->scaffCount >= dtd->scaffSize) { + CONTENT_SCAFFOLD *temp; + if (dtd->scaffold) { ++ /* Detect and prevent integer overflow */ ++ if (dtd->scaffSize > UINT_MAX / 2u) { ++ return -1; ++ } ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (dtd->scaffSize > (size_t)(-1) / 2u / sizeof(CONTENT_SCAFFOLD)) { ++ return -1; ++ } ++#endif ++ + temp = (CONTENT_SCAFFOLD *)REALLOC( + parser, dtd->scaffold, dtd->scaffSize * 2 * sizeof(CONTENT_SCAFFOLD)); + if (temp == NULL) +@@ -7212,8 +7343,26 @@ build_model(XML_Parser parser) { + XML_Content *ret; + XML_Content *cpos; + XML_Char *str; +- int allocsize = (dtd->scaffCount * sizeof(XML_Content) +- + (dtd->contentStringLen * sizeof(XML_Char))); ++ ++ /* Detect and prevent integer overflow. ++ * The preprocessor guard addresses the "always false" warning ++ * from -Wtype-limits on platforms where ++ * sizeof(unsigned int) < sizeof(size_t), e.g. on x86_64. */ ++#if UINT_MAX >= SIZE_MAX ++ if (dtd->scaffCount > (size_t)(-1) / sizeof(XML_Content)) { ++ return NULL; ++ } ++ if (dtd->contentStringLen > (size_t)(-1) / sizeof(XML_Char)) { ++ return NULL; ++ } ++#endif ++ if (dtd->scaffCount * sizeof(XML_Content) ++ > (size_t)(-1) - dtd->contentStringLen * sizeof(XML_Char)) { ++ return NULL; ++ } ++ ++ const size_t allocsize = (dtd->scaffCount * sizeof(XML_Content) ++ + (dtd->contentStringLen * sizeof(XML_Char))); + + ret = (XML_Content *)MALLOC(parser, allocsize); + if (! ret) diff --git a/meta/recipes-core/expat/expat/CVE-2022-23852.patch b/meta/recipes-core/expat/expat/CVE-2022-23852.patch new file mode 100644 index 0000000000..41425c108b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-23852.patch @@ -0,0 +1,33 @@ +From 847a645152f5ebc10ac63b74b604d0c1a79fae40 Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Sat, 22 Jan 2022 17:48:00 +0100 +Subject: [PATCH] lib: Detect and prevent integer overflow in XML_GetBuffer + (CVE-2022-23852) + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/commit/847a645152f5ebc10ac63b74b604d0c1a79fae40 + +CVE: CVE-2022-23852 + +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + expat/lib/xmlparse.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index d54af683..5ce31402 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -2067,6 +2067,11 @@ XML_GetBuffer(XML_Parser parser, int len) { + keep = (int)EXPAT_SAFE_PTR_DIFF(parser->m_bufferPtr, parser->m_buffer); + if (keep > XML_CONTEXT_BYTES) + keep = XML_CONTEXT_BYTES; ++ /* Detect and prevent integer overflow */ ++ if (keep > INT_MAX - neededSize) { ++ parser->m_errorCode = XML_ERROR_NO_MEMORY; ++ return NULL; ++ } + neededSize += keep; + #endif /* defined XML_CONTEXT_BYTES */ + if (neededSize diff --git a/meta/recipes-core/expat/expat/CVE-2022-23990.patch b/meta/recipes-core/expat/expat/CVE-2022-23990.patch new file mode 100644 index 0000000000..c599517b3e --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-23990.patch @@ -0,0 +1,49 @@ +From ede41d1e186ed2aba88a06e84cac839b770af3a1 Mon Sep 17 00:00:00 2001 +From: Sebastian Pipping <sebastian@pipping.org> +Date: Wed, 26 Jan 2022 02:36:43 +0100 +Subject: [PATCH] lib: Prevent integer overflow in doProlog (CVE-2022-23990) + +The change from "int nameLen" to "size_t nameLen" +addresses the overflow on "nameLen++" in code +"for (; name[nameLen++];)" right above the second +change in the patch. + +Upstream-Status: Backport: +https://github.com/libexpat/libexpat/pull/551/commits/ede41d1e186ed2aba88a06e84cac839b770af3a1 + +CVE: CVE-2022-23990 + +Signed-off-by: Steve Sakoman <steve@sakoman.com> + +--- + lib/xmlparse.c | 10 ++++++++-- + 1 file changed, 8 insertions(+), 2 deletions(-) + +diff --git a/lib/xmlparse.c b/expat/lib/xmlparse.c +index 5ce31402..d1d17005 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -5372,7 +5372,7 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + if (dtd->in_eldecl) { + ELEMENT_TYPE *el; + const XML_Char *name; +- int nameLen; ++ size_t nameLen; + const char *nxt + = (quant == XML_CQUANT_NONE ? next : next - enc->minBytesPerChar); + int myindex = nextScaffoldPart(parser); +@@ -5388,7 +5388,13 @@ doProlog(XML_Parser parser, const ENCODING *enc, const char *s, const char *end, + nameLen = 0; + for (; name[nameLen++];) + ; +- dtd->contentStringLen += nameLen; ++ ++ /* Detect and prevent integer overflow */ ++ if (nameLen > UINT_MAX - dtd->contentStringLen) { ++ return XML_ERROR_NO_MEMORY; ++ } ++ ++ dtd->contentStringLen += (unsigned)nameLen; + if (parser->m_elementDeclHandler) + handleDefault = XML_FALSE; + } diff --git a/meta/recipes-core/expat/expat/CVE-2022-25235.patch b/meta/recipes-core/expat/expat/CVE-2022-25235.patch new file mode 100644 index 0000000000..9febeae609 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25235.patch @@ -0,0 +1,261 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/306b721] +CVE: CVE-2022-25235 + +The commit is a merge commit, and this patch is created by: + +$ git show -m -p --stat 306b72134f157bbfd1637b20a22cabf4acfa136a + +Remove modification for expat/Changes which fails to be applied. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +commit 306b72134f157bbfd1637b20a22cabf4acfa136a (from 2cc97e875ef84da4bcf55156c83599116f7523b4) +Merge: 2cc97e87 c16300f0 +Author: Sebastian Pipping <sebastian@pipping.org> +Date: Fri Feb 18 20:12:32 2022 +0100 + + Merge pull request #562 from libexpat/utf8-security + + [CVE-2022-25235] lib: Protect against malformed encoding (e.g. malformed UTF-8) +--- + expat/Changes | 7 ++++ + expat/lib/xmltok.c | 5 --- + expat/lib/xmltok_impl.c | 18 ++++---- + expat/tests/runtests.c | 109 ++++++++++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 127 insertions(+), 12 deletions(-) + +diff --git a/lib/xmltok.c b/lib/xmltok.c +index a72200e8..3bddf125 100644 +--- a/lib/xmltok.c ++++ b/lib/xmltok.c +@@ -98,11 +98,6 @@ + + ((((byte)[1]) & 3) << 1) + ((((byte)[2]) >> 5) & 1)] \ + & (1u << (((byte)[2]) & 0x1F))) + +-#define UTF8_GET_NAMING(pages, p, n) \ +- ((n) == 2 \ +- ? UTF8_GET_NAMING2(pages, (const unsigned char *)(p)) \ +- : ((n) == 3 ? UTF8_GET_NAMING3(pages, (const unsigned char *)(p)) : 0)) +- + /* Detection of invalid UTF-8 sequences is based on Table 3.1B + of Unicode 3.2: http://www.unicode.org/unicode/reports/tr28/ + with the additional restriction of not allowing the Unicode +diff --git a/lib/xmltok_impl.c b/lib/xmltok_impl.c +index 0430591b..84ff35f9 100644 +--- a/lib/xmltok_impl.c ++++ b/lib/xmltok_impl.c +@@ -69,7 +69,7 @@ + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ +- if (! IS_NAME_CHAR(enc, ptr, n)) { \ ++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NAME_CHAR(enc, ptr, n)) { \ + *nextTokPtr = ptr; \ + return XML_TOK_INVALID; \ + } \ +@@ -98,7 +98,7 @@ + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ +- if (! IS_NMSTRT_CHAR(enc, ptr, n)) { \ ++ if (IS_INVALID_CHAR(enc, ptr, n) || ! IS_NMSTRT_CHAR(enc, ptr, n)) { \ + *nextTokPtr = ptr; \ + return XML_TOK_INVALID; \ + } \ +@@ -1142,6 +1142,10 @@ PREFIX(prologTok)(const ENCODING *enc, const char *ptr, const char *end, + case BT_LEAD##n: \ + if (end - ptr < n) \ + return XML_TOK_PARTIAL_CHAR; \ ++ if (IS_INVALID_CHAR(enc, ptr, n)) { \ ++ *nextTokPtr = ptr; \ ++ return XML_TOK_INVALID; \ ++ } \ + if (IS_NMSTRT_CHAR(enc, ptr, n)) { \ + ptr += n; \ + tok = XML_TOK_NAME; \ +@@ -1270,7 +1274,7 @@ PREFIX(attributeValueTok)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1339,7 +1343,7 @@ PREFIX(entityValueTok)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1518,7 +1522,7 @@ PREFIX(getAtts)(const ENCODING *enc, const char *ptr, int attsMax, + state = inName; \ + } + # define LEAD_CASE(n) \ +- case BT_LEAD##n: \ ++ case BT_LEAD##n: /* NOTE: The encoding has already been validated. */ \ + START_NAME ptr += (n - MINBPC(enc)); \ + break; + LEAD_CASE(2) +@@ -1730,7 +1734,7 @@ PREFIX(nameLength)(const ENCODING *enc, const char *ptr) { + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + break; + LEAD_CASE(2) + LEAD_CASE(3) +@@ -1775,7 +1779,7 @@ PREFIX(updatePosition)(const ENCODING *enc, const char *ptr, const char *end, + switch (BYTE_TYPE(enc, ptr)) { + # define LEAD_CASE(n) \ + case BT_LEAD##n: \ +- ptr += n; \ ++ ptr += n; /* NOTE: The encoding has already been validated. */ \ + pos->columnNumber++; \ + break; + LEAD_CASE(2) +diff --git a/tests/runtests.c b/tests/runtests.c +index bc5344b1..9b155b82 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -5998,6 +5998,105 @@ START_TEST(test_utf8_in_cdata_section_2) { + } + END_TEST + ++START_TEST(test_utf8_in_start_tags) { ++ struct test_case { ++ bool goodName; ++ bool goodNameStart; ++ const char *tagName; ++ }; ++ ++ // The idea with the tests below is this: ++ // We want to cover 1-, 2- and 3-byte sequences, 4-byte sequences ++ // go to isNever and are hence not a concern. ++ // ++ // We start with a character that is a valid name character ++ // (or even name-start character, see XML 1.0r4 spec) and then we flip ++ // single bits at places where (1) the result leaves the UTF-8 encoding space ++ // and (2) we stay in the same n-byte sequence family. ++ // ++ // The flipped bits are highlighted in angle brackets in comments, ++ // e.g. "[<1>011 1001]" means we had [0011 1001] but we now flipped ++ // the most significant bit to 1 to leave UTF-8 encoding space. ++ struct test_case cases[] = { ++ // 1-byte UTF-8: [0xxx xxxx] ++ {true, true, "\x3A"}, // [0011 1010] = ASCII colon ':' ++ {false, false, "\xBA"}, // [<1>011 1010] ++ {true, false, "\x39"}, // [0011 1001] = ASCII nine '9' ++ {false, false, "\xB9"}, // [<1>011 1001] ++ ++ // 2-byte UTF-8: [110x xxxx] [10xx xxxx] ++ {true, true, "\xDB\xA5"}, // [1101 1011] [1010 0101] = ++ // Arabic small waw U+06E5 ++ {false, false, "\x9B\xA5"}, // [1<0>01 1011] [1010 0101] ++ {false, false, "\xDB\x25"}, // [1101 1011] [<0>010 0101] ++ {false, false, "\xDB\xE5"}, // [1101 1011] [1<1>10 0101] ++ {true, false, "\xCC\x81"}, // [1100 1100] [1000 0001] = ++ // combining char U+0301 ++ {false, false, "\x8C\x81"}, // [1<0>00 1100] [1000 0001] ++ {false, false, "\xCC\x01"}, // [1100 1100] [<0>000 0001] ++ {false, false, "\xCC\xC1"}, // [1100 1100] [1<1>00 0001] ++ ++ // 3-byte UTF-8: [1110 xxxx] [10xx xxxx] [10xxxxxx] ++ {true, true, "\xE0\xA4\x85"}, // [1110 0000] [1010 0100] [1000 0101] = ++ // Devanagari Letter A U+0905 ++ {false, false, "\xA0\xA4\x85"}, // [1<0>10 0000] [1010 0100] [1000 0101] ++ {false, false, "\xE0\x24\x85"}, // [1110 0000] [<0>010 0100] [1000 0101] ++ {false, false, "\xE0\xE4\x85"}, // [1110 0000] [1<1>10 0100] [1000 0101] ++ {false, false, "\xE0\xA4\x05"}, // [1110 0000] [1010 0100] [<0>000 0101] ++ {false, false, "\xE0\xA4\xC5"}, // [1110 0000] [1010 0100] [1<1>00 0101] ++ {true, false, "\xE0\xA4\x81"}, // [1110 0000] [1010 0100] [1000 0001] = ++ // combining char U+0901 ++ {false, false, "\xA0\xA4\x81"}, // [1<0>10 0000] [1010 0100] [1000 0001] ++ {false, false, "\xE0\x24\x81"}, // [1110 0000] [<0>010 0100] [1000 0001] ++ {false, false, "\xE0\xE4\x81"}, // [1110 0000] [1<1>10 0100] [1000 0001] ++ {false, false, "\xE0\xA4\x01"}, // [1110 0000] [1010 0100] [<0>000 0001] ++ {false, false, "\xE0\xA4\xC1"}, // [1110 0000] [1010 0100] [1<1>00 0001] ++ }; ++ const bool atNameStart[] = {true, false}; ++ ++ size_t i = 0; ++ char doc[1024]; ++ size_t failCount = 0; ++ ++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) { ++ size_t j = 0; ++ for (; j < sizeof(atNameStart) / sizeof(atNameStart[0]); j++) { ++ const bool expectedSuccess ++ = atNameStart[j] ? cases[i].goodNameStart : cases[i].goodName; ++ sprintf(doc, "<%s%s><!--", atNameStart[j] ? "" : "a", cases[i].tagName); ++ XML_Parser parser = XML_ParserCreate(NULL); ++ ++ const enum XML_Status status ++ = XML_Parse(parser, doc, (int)strlen(doc), /*isFinal=*/XML_FALSE); ++ ++ bool success = true; ++ if ((status == XML_STATUS_OK) != expectedSuccess) { ++ success = false; ++ } ++ if ((status == XML_STATUS_ERROR) ++ && (XML_GetErrorCode(parser) != XML_ERROR_INVALID_TOKEN)) { ++ success = false; ++ } ++ ++ if (! success) { ++ fprintf( ++ stderr, ++ "FAIL case %2u (%sat name start, %u-byte sequence, error code %d)\n", ++ (unsigned)i + 1u, atNameStart[j] ? " " : "not ", ++ (unsigned)strlen(cases[i].tagName), XML_GetErrorCode(parser)); ++ failCount++; ++ } ++ ++ XML_ParserFree(parser); ++ } ++ } ++ ++ if (failCount > 0) { ++ fail("UTF-8 regression detected"); ++ } ++} ++END_TEST ++ + /* Test trailing spaces in elements are accepted */ + static void XMLCALL + record_element_end_handler(void *userData, const XML_Char *name) { +@@ -6175,6 +6274,14 @@ START_TEST(test_bad_doctype) { + } + END_TEST + ++START_TEST(test_bad_doctype_utf8) { ++ const char *text = "<!DOCTYPE \xDB\x25" ++ "doc><doc/>"; // [1101 1011] [<0>010 0101] ++ expect_failure(text, XML_ERROR_INVALID_TOKEN, ++ "Invalid UTF-8 in DOCTYPE not faulted"); ++} ++END_TEST ++ + START_TEST(test_bad_doctype_utf16) { + const char text[] = + /* <!DOCTYPE doc [ \x06f2 ]><doc/> +@@ -11870,6 +11977,7 @@ make_suite(void) { + tcase_add_test(tc_basic, test_ext_entity_utf8_non_bom); + tcase_add_test(tc_basic, test_utf8_in_cdata_section); + tcase_add_test(tc_basic, test_utf8_in_cdata_section_2); ++ tcase_add_test(tc_basic, test_utf8_in_start_tags); + tcase_add_test(tc_basic, test_trailing_spaces_in_elements); + tcase_add_test(tc_basic, test_utf16_attribute); + tcase_add_test(tc_basic, test_utf16_second_attr); +@@ -11878,6 +11986,7 @@ make_suite(void) { + tcase_add_test(tc_basic, test_bad_attr_desc_keyword); + tcase_add_test(tc_basic, test_bad_attr_desc_keyword_utf16); + tcase_add_test(tc_basic, test_bad_doctype); ++ tcase_add_test(tc_basic, test_bad_doctype_utf8); + tcase_add_test(tc_basic, test_bad_doctype_utf16); + tcase_add_test(tc_basic, test_bad_doctype_plus); + tcase_add_test(tc_basic, test_bad_doctype_star); diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch new file mode 100644 index 0000000000..ab53d99c8f --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-1.patch @@ -0,0 +1,116 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/2cc97e87] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git diff -p --stat 2cc97e87~ 2cc97e87 + +Remove modification for expat/Changes which fails to be applied. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +commit 2cc97e875ef84da4bcf55156c83599116f7523b4 (from d477fdd284468f2ab822024e75702f2c1b254f42) +Merge: d477fdd2 e4d7e497 +Author: Sebastian Pipping <sebastian@pipping.org> +Date: Fri Feb 18 18:01:27 2022 +0100 + + Merge pull request #561 from libexpat/namesep-security + + [CVE-2022-25236] lib: Protect against insertion of namesep characters into namespace URIs + +--- + expat/Changes | 16 ++++++++++++++++ + expat/lib/xmlparse.c | 17 +++++++++++++---- + expat/tests/runtests.c | 30 ++++++++++++++++++++++++++++++ + 3 files changed, 59 insertions(+), 4 deletions(-) + +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 7376aab1..c98e2e9f 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -718,8 +718,7 @@ XML_ParserCreate(const XML_Char *encodingName) { + + XML_Parser XMLCALL + XML_ParserCreateNS(const XML_Char *encodingName, XML_Char nsSep) { +- XML_Char tmp[2]; +- *tmp = nsSep; ++ XML_Char tmp[2] = {nsSep, 0}; + return XML_ParserCreate_MM(encodingName, NULL, tmp); + } + +@@ -1344,8 +1343,7 @@ XML_ExternalEntityParserCreate(XML_Parser oldParser, const XML_Char *context, + would be otherwise. + */ + if (parser->m_ns) { +- XML_Char tmp[2]; +- *tmp = parser->m_namespaceSeparator; ++ XML_Char tmp[2] = {parser->m_namespaceSeparator, 0}; + parser = parserCreate(encodingName, &parser->m_mem, tmp, newDtd); + } else { + parser = parserCreate(encodingName, &parser->m_mem, NULL, newDtd); +@@ -3761,6 +3759,17 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + if (! mustBeXML && isXMLNS + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; ++ ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986, ++ // we have to at least make sure that the XML processor on top of ++ // Expat (that is splitting tag names by namespace separator into ++ // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused ++ // by an attacker putting additional namespace separator characters ++ // into namespace declarations. That would be ambiguous and not to ++ // be expected. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ return XML_ERROR_SYNTAX; ++ } + } + isXML = isXML && len == xmlLen; + isXMLNS = isXMLNS && len == xmlnsLen; +diff --git a/tests/runtests.c b/tests/runtests.c +index d07203f2..bc5344b1 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7220,6 +7220,35 @@ START_TEST(test_ns_double_colon_doctype) { + } + END_TEST + ++START_TEST(test_ns_separator_in_uri) { ++ struct test_case { ++ enum XML_Status expectedStatus; ++ const char *doc; ++ }; ++ struct test_case cases[] = { ++ {XML_STATUS_OK, "<doc xmlns='one_two' />"}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ }; ++ ++ size_t i = 0; ++ size_t failCount = 0; ++ for (; i < sizeof(cases) / sizeof(cases[0]); i++) { ++ XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); ++ if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), ++ /*isFinal*/ XML_TRUE) ++ != cases[i].expectedStatus) { ++ failCount++; ++ } ++ XML_ParserFree(parser); ++ } ++ ++ if (failCount) { ++ fail("Namespace separator handling is broken"); ++ } ++} ++END_TEST ++ + /* Control variable; the number of times duff_allocator() will successfully + * allocate */ + #define ALLOC_ALWAYS_SUCCEED (-1) +@@ -11905,6 +11934,7 @@ make_suite(void) { + tcase_add_test(tc_namespace, test_ns_utf16_doctype); + tcase_add_test(tc_namespace, test_ns_invalid_doctype); + tcase_add_test(tc_namespace, test_ns_double_colon_doctype); ++ tcase_add_test(tc_namespace, test_ns_separator_in_uri); + + suite_add_tcase(s, tc_misc); + tcase_add_checked_fixture(tc_misc, NULL, basic_teardown); diff --git a/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch new file mode 100644 index 0000000000..0f14c9631b --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25236-2.patch @@ -0,0 +1,232 @@ +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/f178826b] +CVE: CVE-2022-25236 + +The commit is a merge commit, and this patch is created by: + +$ git show -m -p --stat f178826b + +Remove changes for expat/Changes and reference.html which fail to be applied. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +commit f178826bb1e9c8ee23202f1be55ad4ac7b649e84 (from c99e0e7f2b15b48848038992ecbb4480f957cfe9) +Merge: c99e0e7f 9579f7ea +Author: Sebastian Pipping <sebastian@pipping.org> +Date: Fri Mar 4 18:43:39 2022 +0100 + + Merge pull request #577 from libexpat/namesep + + lib: Relax fix to CVE-2022-25236 with regard to RFC 3986 URI characters (fixes #572) +--- + expat/Changes | 16 ++++++ + expat/doc/reference.html | 8 +++ + expat/lib/expat.h | 11 ++++ + expat/lib/xmlparse.c | 139 ++++++++++++++++++++++++++++++++++++++++++++--- + expat/tests/runtests.c | 8 ++- + 5 files changed, 171 insertions(+), 11 deletions(-) + +diff --git a/lib/expat.h b/lib/expat.h +index 5ab493f7..181fc960 100644 +--- a/lib/expat.h ++++ b/lib/expat.h +@@ -239,6 +239,17 @@ XML_ParserCreate(const XML_Char *encoding); + and the local part will be concatenated without any separator. + It is a programming error to use the separator '\0' with namespace + triplets (see XML_SetReturnNSTriplet). ++ If a namespace separator is chosen that can be part of a URI or ++ part of an XML name, splitting an expanded name back into its ++ 1, 2 or 3 original parts on application level in the element handler ++ may end up vulnerable, so these are advised against; sane choices for ++ a namespace separator are e.g. '\n' (line feed) and '|' (pipe). ++ ++ Note that Expat does not validate namespace URIs (beyond encoding) ++ against RFC 3986 today (and is not required to do so with regard to ++ the XML 1.0 namespaces specification) but it may start doing that ++ in future releases. Before that, an application using Expat must ++ be ready to receive namespace URIs containing non-URI characters. + */ + XMLPARSEAPI(XML_Parser) + XML_ParserCreateNS(const XML_Char *encoding, XML_Char namespaceSeparator); +diff --git a/lib/xmlparse.c b/lib/xmlparse.c +index 59da19c8..6fe2cf1e 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -3705,6 +3705,117 @@ storeAtts(XML_Parser parser, const ENCODING *enc, const char *attStr, + return XML_ERROR_NONE; + } + ++static XML_Bool ++is_rfc3986_uri_char(XML_Char candidate) { ++ // For the RFC 3986 ANBF grammar see ++ // https://datatracker.ietf.org/doc/html/rfc3986#appendix-A ++ ++ switch (candidate) { ++ // From rule "ALPHA" (uppercase half) ++ case 'A': ++ case 'B': ++ case 'C': ++ case 'D': ++ case 'E': ++ case 'F': ++ case 'G': ++ case 'H': ++ case 'I': ++ case 'J': ++ case 'K': ++ case 'L': ++ case 'M': ++ case 'N': ++ case 'O': ++ case 'P': ++ case 'Q': ++ case 'R': ++ case 'S': ++ case 'T': ++ case 'U': ++ case 'V': ++ case 'W': ++ case 'X': ++ case 'Y': ++ case 'Z': ++ ++ // From rule "ALPHA" (lowercase half) ++ case 'a': ++ case 'b': ++ case 'c': ++ case 'd': ++ case 'e': ++ case 'f': ++ case 'g': ++ case 'h': ++ case 'i': ++ case 'j': ++ case 'k': ++ case 'l': ++ case 'm': ++ case 'n': ++ case 'o': ++ case 'p': ++ case 'q': ++ case 'r': ++ case 's': ++ case 't': ++ case 'u': ++ case 'v': ++ case 'w': ++ case 'x': ++ case 'y': ++ case 'z': ++ ++ // From rule "DIGIT" ++ case '0': ++ case '1': ++ case '2': ++ case '3': ++ case '4': ++ case '5': ++ case '6': ++ case '7': ++ case '8': ++ case '9': ++ ++ // From rule "pct-encoded" ++ case '%': ++ ++ // From rule "unreserved" ++ case '-': ++ case '.': ++ case '_': ++ case '~': ++ ++ // From rule "gen-delims" ++ case ':': ++ case '/': ++ case '?': ++ case '#': ++ case '[': ++ case ']': ++ case '@': ++ ++ // From rule "sub-delims" ++ case '!': ++ case '$': ++ case '&': ++ case '\'': ++ case '(': ++ case ')': ++ case '*': ++ case '+': ++ case ',': ++ case ';': ++ case '=': ++ return XML_TRUE; ++ ++ default: ++ return XML_FALSE; ++ } ++} ++ + /* addBinding() overwrites the value of prefix->binding without checking. + Therefore one must keep track of the old value outside of addBinding(). + */ +@@ -3763,14 +3874,26 @@ addBinding(XML_Parser parser, PREFIX *prefix, const ATTRIBUTE_ID *attId, + && (len > xmlnsLen || uri[len] != xmlnsNamespace[len])) + isXMLNS = XML_FALSE; + +- // NOTE: While Expat does not validate namespace URIs against RFC 3986, +- // we have to at least make sure that the XML processor on top of +- // Expat (that is splitting tag names by namespace separator into +- // 2- or 3-tuples (uri-local or uri-local-prefix)) cannot be confused +- // by an attacker putting additional namespace separator characters +- // into namespace declarations. That would be ambiguous and not to +- // be expected. +- if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator)) { ++ // NOTE: While Expat does not validate namespace URIs against RFC 3986 ++ // today (and is not REQUIRED to do so with regard to the XML 1.0 ++ // namespaces specification) we have to at least make sure, that ++ // the application on top of Expat (that is likely splitting expanded ++ // element names ("qualified names") of form ++ // "[uri sep] local [sep prefix] '\0'" back into 1, 2 or 3 pieces ++ // in its element handler code) cannot be confused by an attacker ++ // putting additional namespace separator characters into namespace ++ // declarations. That would be ambiguous and not to be expected. ++ // ++ // While the HTML API docs of function XML_ParserCreateNS have been ++ // advising against use of a namespace separator character that can ++ // appear in a URI for >20 years now, some widespread applications ++ // are using URI characters (':' (colon) in particular) for a ++ // namespace separator, in practice. To keep these applications ++ // functional, we only reject namespaces URIs containing the ++ // application-chosen namespace separator if the chosen separator ++ // is a non-URI character with regard to RFC 3986. ++ if (parser->m_ns && (uri[len] == parser->m_namespaceSeparator) ++ && ! is_rfc3986_uri_char(uri[len])) { + return XML_ERROR_SYNTAX; + } + } +diff --git a/tests/runtests.c b/tests/runtests.c +index 60da868e..712706c4 100644 +--- a/tests/runtests.c ++++ b/tests/runtests.c +@@ -7406,16 +7406,18 @@ START_TEST(test_ns_separator_in_uri) { + struct test_case { + enum XML_Status expectedStatus; + const char *doc; ++ XML_Char namesep; + }; + struct test_case cases[] = { +- {XML_STATUS_OK, "<doc xmlns='one_two' />"}, +- {XML_STATUS_ERROR, "<doc xmlns='one
two' />"}, ++ {XML_STATUS_OK, "<doc xmlns='one_two' />", XCS('\n')}, ++ {XML_STATUS_ERROR, "<doc xmlns='one
two' />", XCS('\n')}, ++ {XML_STATUS_OK, "<doc xmlns='one:two' />", XCS(':')}, + }; + + size_t i = 0; + size_t failCount = 0; + for (; i < sizeof(cases) / sizeof(cases[0]); i++) { +- XML_Parser parser = XML_ParserCreateNS(NULL, '\n'); ++ XML_Parser parser = XML_ParserCreateNS(NULL, cases[i].namesep); + XML_SetElementHandler(parser, dummy_start_element, dummy_end_element); + if (XML_Parse(parser, cases[i].doc, (int)strlen(cases[i].doc), + /*isFinal*/ XML_TRUE) diff --git a/meta/recipes-core/expat/expat/CVE-2022-25313.patch b/meta/recipes-core/expat/expat/CVE-2022-25313.patch new file mode 100644 index 0000000000..569324303e --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25313.patch @@ -0,0 +1,233 @@ +CVE: CVE-2022-25313 +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/9b4ce651] + +Ref: +* https://github.com/libexpat/libexpat/pull/558 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 9b4ce651b26557f16103c3a366c91934ecd439ab Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Tue, 15 Feb 2022 11:54:29 +0000 +Subject: [PATCH] Prevent stack exhaustion in build_model + +It is possible to trigger stack exhaustion in build_model function if +depth of nested children in DTD element is large enough. This happens +because build_node is a recursively called function within build_model. + +The code has been adjusted to run iteratively. It uses the already +allocated heap space as temporary stack (growing from top to bottom). + +Output is identical to recursive version. No new fields in data +structures were added, i.e. it keeps full API and ABI compatibility. +Instead the numchildren variable is used to temporarily keep the +index of items (uint vs int). + +Documentation and readability improvements kindly added by Sebastian. + +Proof of Concept: + +1. Compile poc binary which parses XML file line by line + +``` +cat > poc.c << EOF + #include <err.h> + #include <expat.h> + #include <stdio.h> + + XML_Parser parser; + + static void XMLCALL + dummy_element_decl_handler(void *userData, const XML_Char *name, + XML_Content *model) { + XML_FreeContentModel(parser, model); + } + + int main(int argc, char *argv[]) { + FILE *fp; + char *p = NULL; + size_t s = 0; + ssize_t l; + if (argc != 2) + errx(1, "usage: poc poc.xml"); + if ((parser = XML_ParserCreate(NULL)) == NULL) + errx(1, "XML_ParserCreate"); + XML_SetElementDeclHandler(parser, dummy_element_decl_handler); + if ((fp = fopen(argv[1], "r")) == NULL) + err(1, "fopen"); + while ((l = getline(&p, &s, fp)) > 0) + if (XML_Parse(parser, p, (int)l, XML_FALSE) != XML_STATUS_OK) + errx(1, "XML_Parse"); + XML_ParserFree(parser); + free(p); + fclose(fp); + return 0; + } +EOF +cc -std=c11 -D_POSIX_C_SOURCE=200809L -lexpat -o poc poc.c +``` + +2. Create XML file with a lot of nested groups in DTD element + +``` +cat > poc.xml.zst.b64 << EOF +KLUv/aQkACAAPAEA+DwhRE9DVFlQRSB1d3UgWwo8IUVMRU1FTlQgdXd1CigBAHv/58AJAgAQKAIA +ECgCABAoAgAQKAIAECgCABAoAgAQKHwAAChvd28KKQIA2/8gV24XBAIAECkCABApAgAQKQIAECkC +ABApAgAQKQIAEClVAAAgPl0+CgEA4A4I2VwwnQ== +EOF +base64 -d poc.xml.zst.b64 | zstd -d > poc.xml +``` + +3. Run Proof of Concept + +``` +./poc poc.xml +``` + +Co-authored-by: Sebastian Pipping <sebastian@pipping.org> +--- + expat/lib/xmlparse.c | 116 +++++++++++++++++++++++++++++-------------- + 1 file changed, 79 insertions(+), 37 deletions(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index 4b43e613..594cf12c 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -7317,44 +7317,15 @@ nextScaffoldPart(XML_Parser parser) { + return next; + } + +-static void +-build_node(XML_Parser parser, int src_node, XML_Content *dest, +- XML_Content **contpos, XML_Char **strpos) { +- DTD *const dtd = parser->m_dtd; /* save one level of indirection */ +- dest->type = dtd->scaffold[src_node].type; +- dest->quant = dtd->scaffold[src_node].quant; +- if (dest->type == XML_CTYPE_NAME) { +- const XML_Char *src; +- dest->name = *strpos; +- src = dtd->scaffold[src_node].name; +- for (;;) { +- *(*strpos)++ = *src; +- if (! *src) +- break; +- src++; +- } +- dest->numchildren = 0; +- dest->children = NULL; +- } else { +- unsigned int i; +- int cn; +- dest->numchildren = dtd->scaffold[src_node].childcnt; +- dest->children = *contpos; +- *contpos += dest->numchildren; +- for (i = 0, cn = dtd->scaffold[src_node].firstchild; i < dest->numchildren; +- i++, cn = dtd->scaffold[cn].nextsib) { +- build_node(parser, cn, &(dest->children[i]), contpos, strpos); +- } +- dest->name = NULL; +- } +-} +- + static XML_Content * + build_model(XML_Parser parser) { ++ /* Function build_model transforms the existing parser->m_dtd->scaffold ++ * array of CONTENT_SCAFFOLD tree nodes into a new array of ++ * XML_Content tree nodes followed by a gapless list of zero-terminated ++ * strings. */ + DTD *const dtd = parser->m_dtd; /* save one level of indirection */ + XML_Content *ret; +- XML_Content *cpos; +- XML_Char *str; ++ XML_Char *str; /* the current string writing location */ + + /* Detect and prevent integer overflow. + * The preprocessor guard addresses the "always false" warning +@@ -7380,10 +7351,81 @@ build_model(XML_Parser parser) { + if (! ret) + return NULL; + +- str = (XML_Char *)(&ret[dtd->scaffCount]); +- cpos = &ret[1]; ++ /* What follows is an iterative implementation (of what was previously done ++ * recursively in a dedicated function called "build_node". The old recursive ++ * build_node could be forced into stack exhaustion from input as small as a ++ * few megabyte, and so that was a security issue. Hence, a function call ++ * stack is avoided now by resolving recursion.) ++ * ++ * The iterative approach works as follows: ++ * ++ * - We use space in the target array for building a temporary stack structure ++ * while that space is still unused. ++ * The stack grows from the array's end downwards and the "actual data" ++ * grows from the start upwards, sequentially. ++ * (Because stack grows downwards, pushing onto the stack is a decrement ++ * while popping off the stack is an increment.) ++ * ++ * - A stack element appears as a regular XML_Content node on the outside, ++ * but only uses a single field -- numchildren -- to store the source ++ * tree node array index. These are the breadcrumbs leading the way back ++ * during pre-order (node first) depth-first traversal. ++ * ++ * - The reason we know the stack will never grow into (or overlap with) ++ * the area with data of value at the start of the array is because ++ * the overall number of elements to process matches the size of the array, ++ * and the sum of fully processed nodes and yet-to-be processed nodes ++ * on the stack, cannot be more than the total number of nodes. ++ * It is possible for the top of the stack and the about-to-write node ++ * to meet, but that is safe because we get the source index out ++ * before doing any writes on that node. ++ */ ++ XML_Content *dest = ret; /* tree node writing location, moves upwards */ ++ XML_Content *const destLimit = &ret[dtd->scaffCount]; ++ XML_Content *const stackBottom = &ret[dtd->scaffCount]; ++ XML_Content *stackTop = stackBottom; /* i.e. stack is initially empty */ ++ str = (XML_Char *)&ret[dtd->scaffCount]; ++ ++ /* Push source tree root node index onto the stack */ ++ (--stackTop)->numchildren = 0; ++ ++ for (; dest < destLimit; dest++) { ++ /* Pop source tree node index off the stack */ ++ const int src_node = (int)(stackTop++)->numchildren; ++ ++ /* Convert item */ ++ dest->type = dtd->scaffold[src_node].type; ++ dest->quant = dtd->scaffold[src_node].quant; ++ if (dest->type == XML_CTYPE_NAME) { ++ const XML_Char *src; ++ dest->name = str; ++ src = dtd->scaffold[src_node].name; ++ for (;;) { ++ *str++ = *src; ++ if (! *src) ++ break; ++ src++; ++ } ++ dest->numchildren = 0; ++ dest->children = NULL; ++ } else { ++ unsigned int i; ++ int cn; ++ dest->name = NULL; ++ dest->numchildren = dtd->scaffold[src_node].childcnt; ++ dest->children = &dest[1]; ++ ++ /* Push children to the stack ++ * in a way where the first child ends up at the top of the ++ * (downwards growing) stack, in order to be processed first. */ ++ stackTop -= dest->numchildren; ++ for (i = 0, cn = dtd->scaffold[src_node].firstchild; ++ i < dest->numchildren; i++, cn = dtd->scaffold[cn].nextsib) { ++ (stackTop + i)->numchildren = (unsigned int)cn; ++ } ++ } ++ } + +- build_node(parser, 0, ret, &cpos, &str); + return ret; + } + +-- +2.33.0 + diff --git a/meta/recipes-core/expat/expat/CVE-2022-25314.patch b/meta/recipes-core/expat/expat/CVE-2022-25314.patch new file mode 100644 index 0000000000..56e875894e --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25314.patch @@ -0,0 +1,35 @@ +CVE: CVE-2022-25314 +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/efcb3474] + +Ref: +* https://github.com/libexpat/libexpat/pull/560 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From efcb347440ade24b9f1054671e6bd05e60b4cafd Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Tue, 15 Feb 2022 11:56:57 +0000 +Subject: [PATCH] Prevent integer overflow in copyString + +The copyString function is only used for encoding string supplied by +the library user. +--- + expat/lib/xmlparse.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index 4b43e613..a39377c2 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -7412,7 +7412,7 @@ getElementType(XML_Parser parser, const ENCODING *enc, const char *ptr, + + static XML_Char * + copyString(const XML_Char *s, const XML_Memory_Handling_Suite *memsuite) { +- int charsRequired = 0; ++ size_t charsRequired = 0; + XML_Char *result; + + /* First determine how long the string is */ +-- +2.33.0 + diff --git a/meta/recipes-core/expat/expat/CVE-2022-25315.patch b/meta/recipes-core/expat/expat/CVE-2022-25315.patch new file mode 100644 index 0000000000..24e04dac71 --- /dev/null +++ b/meta/recipes-core/expat/expat/CVE-2022-25315.patch @@ -0,0 +1,149 @@ +CVE: CVE-2022-25315 +Upstream-Status: Backport [https://github.com/libexpat/libexpat/commit/eb036280] + +Ref: +* https://github.com/libexpat/libexpat/pull/559 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From eb0362808b4f9f1e2345a0cf203b8cc196d776d9 Mon Sep 17 00:00:00 2001 +From: Samanta Navarro <ferivoz@riseup.net> +Date: Tue, 15 Feb 2022 11:55:46 +0000 +Subject: [PATCH] Prevent integer overflow in storeRawNames + +It is possible to use an integer overflow in storeRawNames for out of +boundary heap writes. Default configuration is affected. If compiled +with XML_UNICODE then the attack does not work. Compiling with +-fsanitize=address confirms the following proof of concept. + +The problem can be exploited by abusing the m_buffer expansion logic. +Even though the initial size of m_buffer is a power of two, eventually +it can end up a little bit lower, thus allowing allocations very close +to INT_MAX (since INT_MAX/2 can be surpassed). This means that tag +names can be parsed which are almost INT_MAX in size. + +Unfortunately (from an attacker point of view) INT_MAX/2 is also a +limitation in string pools. Having a tag name of INT_MAX/2 characters +or more is not possible. + +Expat can convert between different encodings. UTF-16 documents which +contain only ASCII representable characters are twice as large as their +ASCII encoded counter-parts. + +The proof of concept works by taking these three considerations into +account: + +1. Move the m_buffer size slightly below a power of two by having a + short root node <a>. This allows the m_buffer to grow very close + to INT_MAX. +2. The string pooling forbids tag names longer than or equal to + INT_MAX/2, so keep the attack tag name smaller than that. +3. To be able to still overflow INT_MAX even though the name is + limited at INT_MAX/2-1 (nul byte) we use UTF-16 encoding and a tag + which only contains ASCII characters. UTF-16 always stores two + bytes per character while the tag name is converted to using only + one. Our attack node byte count must be a bit higher than + 2/3 INT_MAX so the converted tag name is around INT_MAX/3 which + in sum can overflow INT_MAX. + +Thanks to our small root node, m_buffer can handle 2/3 INT_MAX bytes +without running into INT_MAX boundary check. The string pooling is +able to store INT_MAX/3 as tag name because the amount is below +INT_MAX/2 limitation. And creating the sum of both eventually overflows +in storeRawNames. + +Proof of Concept: + +1. Compile expat with -fsanitize=address. + +2. Create Proof of Concept binary which iterates through input + file 16 MB at once for better performance and easier integer + calculations: + +``` +cat > poc.c << EOF + #include <err.h> + #include <expat.h> + #include <stdlib.h> + #include <stdio.h> + + #define CHUNK (16 * 1024 * 1024) + int main(int argc, char *argv[]) { + XML_Parser parser; + FILE *fp; + char *buf; + int i; + + if (argc != 2) + errx(1, "usage: poc file.xml"); + if ((parser = XML_ParserCreate(NULL)) == NULL) + errx(1, "failed to create expat parser"); + if ((fp = fopen(argv[1], "r")) == NULL) { + XML_ParserFree(parser); + err(1, "failed to open file"); + } + if ((buf = malloc(CHUNK)) == NULL) { + fclose(fp); + XML_ParserFree(parser); + err(1, "failed to allocate buffer"); + } + i = 0; + while (fread(buf, CHUNK, 1, fp) == 1) { + printf("iteration %d: XML_Parse returns %d\n", ++i, + XML_Parse(parser, buf, CHUNK, XML_FALSE)); + } + free(buf); + fclose(fp); + XML_ParserFree(parser); + return 0; + } +EOF +gcc -fsanitize=address -lexpat -o poc poc.c +``` + +3. Construct specially prepared UTF-16 XML file: + +``` +dd if=/dev/zero bs=1024 count=794624 | tr '\0' 'a' > poc-utf8.xml +echo -n '<a><' | dd conv=notrunc of=poc-utf8.xml +echo -n '><' | dd conv=notrunc of=poc-utf8.xml bs=1 seek=805306368 +iconv -f UTF-8 -t UTF-16LE poc-utf8.xml > poc-utf16.xml +``` + +4. Run proof of concept: + +``` +./poc poc-utf16.xml +``` +--- + expat/lib/xmlparse.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/expat/lib/xmlparse.c b/expat/lib/xmlparse.c +index 4b43e613..f34d6ab5 100644 +--- a/lib/xmlparse.c ++++ b/lib/xmlparse.c +@@ -2563,6 +2563,7 @@ storeRawNames(XML_Parser parser) { + while (tag) { + int bufSize; + int nameLen = sizeof(XML_Char) * (tag->name.strLen + 1); ++ size_t rawNameLen; + char *rawNameBuf = tag->buf + nameLen; + /* Stop if already stored. Since m_tagStack is a stack, we can stop + at the first entry that has already been copied; everything +@@ -2574,7 +2575,11 @@ storeRawNames(XML_Parser parser) { + /* For re-use purposes we need to ensure that the + size of tag->buf is a multiple of sizeof(XML_Char). + */ +- bufSize = nameLen + ROUND_UP(tag->rawNameLength, sizeof(XML_Char)); ++ rawNameLen = ROUND_UP(tag->rawNameLength, sizeof(XML_Char)); ++ /* Detect and prevent integer overflow. */ ++ if (rawNameLen > (size_t)INT_MAX - nameLen) ++ return XML_FALSE; ++ bufSize = nameLen + (int)rawNameLen; + if (bufSize > tag->bufEnd - tag->buf) { + char *temp = (char *)REALLOC(parser, tag->buf, bufSize); + if (temp == NULL) +-- +2.33.0 + diff --git a/meta/recipes-core/expat/expat_2.2.10.bb b/meta/recipes-core/expat/expat_2.2.10.bb index 08e8ff1cea..c8919c7f2f 100644 --- a/meta/recipes-core/expat/expat_2.2.10.bb +++ b/meta/recipes-core/expat/expat_2.2.10.bb @@ -10,9 +10,20 @@ VERSION_TAG = "${@d.getVar('PV').replace('.', '_')}" SRC_URI = "https://github.com/libexpat/libexpat/releases/download/R_${VERSION_TAG}/expat-${PV}.tar.bz2 \ file://libtool-tag.patch \ - file://run-ptest \ - file://0001-Add-output-of-tests-result.patch \ - " + file://run-ptest \ + file://0001-Add-output-of-tests-result.patch \ + file://CVE-2022-22822-27.patch \ + file://CVE-2021-45960.patch \ + file://CVE-2021-46143.patch \ + file://CVE-2022-23852.patch \ + file://CVE-2022-23990.patch \ + file://CVE-2022-25235.patch \ + file://CVE-2022-25236-1.patch \ + file://CVE-2022-25236-2.patch \ + file://CVE-2022-25313.patch \ + file://CVE-2022-25314.patch \ + file://CVE-2022-25315.patch \ + " UPSTREAM_CHECK_URI = "https://github.com/libexpat/libexpat/releases/" diff --git a/meta/recipes-core/fts/fts_1.2.7.bb b/meta/recipes-core/fts/fts_1.2.7.bb index ea820cb0c3..d3b0f31eda 100644 --- a/meta/recipes-core/fts/fts_1.2.7.bb +++ b/meta/recipes-core/fts/fts_1.2.7.bb @@ -10,7 +10,7 @@ SECTION = "libs" SRCREV = "0bde52df588e8969879a2cae51c3a4774ec62472" -SRC_URI = "git://github.com/pullmoll/musl-fts.git" +SRC_URI = "git://github.com/pullmoll/musl-fts.git;branch=master;protocol=https" S = "${WORKDIR}/git" diff --git a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb index ec59c6ba10..22d3f96c09 100644 --- a/meta/recipes-core/glibc/cross-localedef-native_2.33.bb +++ b/meta/recipes-core/glibc/cross-localedef-native_2.33.bb @@ -20,7 +20,7 @@ inherit native FILESEXTRAPATHS =. "${FILE_DIRNAME}/${PN}:${FILE_DIRNAME}/glibc:" SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ - git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef \ + git://github.com/kraj/localedef;branch=master;name=localedef;destsuffix=git/localedef;protocol=https \ \ file://0001-localedef-Add-hardlink-resolver-from-util-linux.patch \ file://0002-localedef-fix-ups-hardlink-to-make-it-compile.patch \ diff --git a/meta/recipes-core/glibc/glibc-version.inc b/meta/recipes-core/glibc/glibc-version.inc index 3a95173175..e1eefdee49 100644 --- a/meta/recipes-core/glibc/glibc-version.inc +++ b/meta/recipes-core/glibc/glibc-version.inc @@ -1,6 +1,6 @@ SRCBRANCH ?= "release/2.33/master" PV = "2.33" -SRCREV_glibc ?= "9826b03b747b841f5fc6de2054bf1ef3f5c4bdf3" +SRCREV_glibc ?= "3e2a15c666e40e5ee740e5079c56d83469280323" SRCREV_localedef ?= "bd644c9e6f3e20c5504da1488448173c69c56c28" GLIBC_GIT_URI ?= "git://sourceware.org/git/glibc.git" diff --git a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch deleted file mode 100644 index 8a52ac957c..0000000000 --- a/meta/recipes-core/glibc/glibc/0001-CVE-2021-38604.patch +++ /dev/null @@ -1,40 +0,0 @@ -From b805aebd42364fe696e417808a700fdb9800c9e8 Mon Sep 17 00:00:00 2001 -From: Nikita Popov <npv1310@gmail.com> -Date: Mon, 9 Aug 2021 20:17:34 +0530 -Subject: [PATCH] librt: fix NULL pointer dereference (bug 28213) - -Helper thread frees copied attribute on NOTIFY_REMOVED message -received from the OS kernel. Unfortunately, it fails to check whether -copied attribute actually exists (data.attr != NULL). This worked -earlier because free() checks passed pointer before actually -attempting to release corresponding memory. But -__pthread_attr_destroy assumes pointer is not NULL. - -So passing NULL pointer to __pthread_attr_destroy will result in -segmentation fault. This scenario is possible if -notification->sigev_notify_attributes == NULL (which means default -thread attributes should be used). - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=b805aebd42364fe696e417808a700fdb9800c9e8] -CVE: CVE-2021-38604 - -Signed-off-by: Nikita Popov <npv1310@gmail.com> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - sysdeps/unix/sysv/linux/mq_notify.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c -index 6f46d29d1d..1714e1cc5f 100644 ---- a/sysdeps/unix/sysv/linux/mq_notify.c -+++ b/sysdeps/unix/sysv/linux/mq_notify.c -@@ -132,7 +132,7 @@ helper_thread (void *arg) - to wait until it is done with it. */ - (void) __pthread_barrier_wait (¬ify_barrier); - } -- else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) -+ else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED && data.attr != NULL) - { - /* The only state we keep is the copy of the thread attributes. */ - pthread_attr_destroy (data.attr); diff --git a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch b/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch deleted file mode 100644 index 39fde5b785..0000000000 --- a/meta/recipes-core/glibc/glibc/0001-nptl-Remove-private-futex-optimization-BZ-27304.patch +++ /dev/null @@ -1,49 +0,0 @@ -From c4ad832276f4dadfa40904109b26a521468f66bc Mon Sep 17 00:00:00 2001 -From: Florian Weimer <fweimer@redhat.com> -Date: Thu, 4 Feb 2021 15:00:20 +0100 -Subject: [PATCH] nptl: Remove private futex optimization [BZ #27304] - -It is effectively used, unexcept for pthread_cond_destroy, where we do -not want it; see bug 27304. The internal locks do not support a -process-shared mode. - -This fixes commit dc6cfdc934db9997c33728082d63552b9eee4563 ("nptl: -Move pthread_cond_destroy implementation into libc"). - -Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org> - -Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27304] -Signed-off-by: Yanfei Xu <yanfei.xu@windriver.com> ---- - sysdeps/nptl/lowlevellock-futex.h | 14 +------------- - 1 file changed, 1 insertion(+), 13 deletions(-) - -diff --git a/sysdeps/nptl/lowlevellock-futex.h b/sysdeps/nptl/lowlevellock-futex.h -index ecb729da6b..ca96397a4a 100644 ---- a/sysdeps/nptl/lowlevellock-futex.h -+++ b/sysdeps/nptl/lowlevellock-futex.h -@@ -50,20 +50,8 @@ - #define LLL_SHARED FUTEX_PRIVATE_FLAG - - #ifndef __ASSEMBLER__ -- --# if IS_IN (libc) || IS_IN (rtld) --/* In libc.so or ld.so all futexes are private. */ --# define __lll_private_flag(fl, private) \ -- ({ \ -- /* Prevent warnings in callers of this macro. */ \ -- int __lll_private_flag_priv __attribute__ ((unused)); \ -- __lll_private_flag_priv = (private); \ -- ((fl) | FUTEX_PRIVATE_FLAG); \ -- }) --# else --# define __lll_private_flag(fl, private) \ -+# define __lll_private_flag(fl, private) \ - (((fl) | FUTEX_PRIVATE_FLAG) ^ (private)) --# endif - - # define lll_futex_syscall(nargs, futexp, op, ...) \ - ({ \ --- -2.27.0 - diff --git a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch b/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch deleted file mode 100644 index b654cdfecb..0000000000 --- a/meta/recipes-core/glibc/glibc/0002-CVE-2021-38604.patch +++ /dev/null @@ -1,147 +0,0 @@ -From 4cc79c217744743077bf7a0ec5e0a4318f1e6641 Mon Sep 17 00:00:00 2001 -From: Nikita Popov <npv1310@gmail.com> -Date: Thu, 12 Aug 2021 16:09:50 +0530 -Subject: [PATCH] librt: add test (bug 28213) - -This test implements following logic: -1) Create POSIX message queue. - Register a notification with mq_notify (using NULL attributes). - Then immediately unregister the notification with mq_notify. - Helper thread in a vulnerable version of glibc - should cause NULL pointer dereference after these steps. -2) Once again, register the same notification. - Try to send a dummy message. - Test is considered successfulif the dummy message - is successfully received by the callback function. - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=4cc79c217744743077bf7a0ec5e0a4318f1e6641] -CVE: CVE-2021-38604 - -Signed-off-by: Nikita Popov <npv1310@gmail.com> -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - rt/Makefile | 1 + - rt/tst-bz28213.c | 101 +++++++++++++++++++++++++++++++++++++++++++++++ - 2 files changed, 102 insertions(+) - create mode 100644 rt/tst-bz28213.c - -diff --git a/rt/Makefile b/rt/Makefile -index 7b374f2073..c87d95793a 100644 ---- a/rt/Makefile -+++ b/rt/Makefile -@@ -44,6 +44,7 @@ tests := tst-shm tst-timer tst-timer2 \ - tst-aio7 tst-aio8 tst-aio9 tst-aio10 \ - tst-mqueue1 tst-mqueue2 tst-mqueue3 tst-mqueue4 \ - tst-mqueue5 tst-mqueue6 tst-mqueue7 tst-mqueue8 tst-mqueue9 \ -+ tst-bz28213 \ - tst-timer3 tst-timer4 tst-timer5 \ - tst-cpuclock2 tst-cputimer1 tst-cputimer2 tst-cputimer3 \ - tst-shm-cancel -diff --git a/rt/tst-bz28213.c b/rt/tst-bz28213.c -new file mode 100644 -index 0000000000..0c096b5a0a ---- /dev/null -+++ b/rt/tst-bz28213.c -@@ -0,0 +1,101 @@ -+/* Bug 28213: test for NULL pointer dereference in mq_notify. -+ Copyright (C) The GNU Toolchain Authors. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ <https://www.gnu.org/licenses/>. */ -+ -+#include <errno.h> -+#include <sys/types.h> -+#include <sys/stat.h> -+#include <fcntl.h> -+#include <unistd.h> -+#include <mqueue.h> -+#include <signal.h> -+#include <stdlib.h> -+#include <string.h> -+#include <support/check.h> -+ -+static mqd_t m = -1; -+static const char msg[] = "hello"; -+ -+static void -+check_bz28213_cb (union sigval sv) -+{ -+ char buf[sizeof (msg)]; -+ -+ (void) sv; -+ -+ TEST_VERIFY_EXIT ((size_t) mq_receive (m, buf, sizeof (buf), NULL) -+ == sizeof (buf)); -+ TEST_VERIFY_EXIT (memcmp (buf, msg, sizeof (buf)) == 0); -+ -+ exit (0); -+} -+ -+static void -+check_bz28213 (void) -+{ -+ struct sigevent sev; -+ -+ memset (&sev, '\0', sizeof (sev)); -+ sev.sigev_notify = SIGEV_THREAD; -+ sev.sigev_notify_function = check_bz28213_cb; -+ -+ /* Step 1: Register & unregister notifier. -+ Helper thread should receive NOTIFY_REMOVED notification. -+ In a vulnerable version of glibc, NULL pointer dereference follows. */ -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0); -+ TEST_VERIFY_EXIT (mq_notify (m, NULL) == 0); -+ -+ /* Step 2: Once again, register notification. -+ Try to send one message. -+ Test is considered successful, if the callback does exit (0). */ -+ TEST_VERIFY_EXIT (mq_notify (m, &sev) == 0); -+ TEST_VERIFY_EXIT (mq_send (m, msg, sizeof (msg), 1) == 0); -+ -+ /* Wait... */ -+ pause (); -+} -+ -+static int -+do_test (void) -+{ -+ static const char m_name[] = "/bz28213_queue"; -+ struct mq_attr m_attr; -+ -+ memset (&m_attr, '\0', sizeof (m_attr)); -+ m_attr.mq_maxmsg = 1; -+ m_attr.mq_msgsize = sizeof (msg); -+ -+ m = mq_open (m_name, -+ O_RDWR | O_CREAT | O_EXCL, -+ 0600, -+ &m_attr); -+ -+ if (m < 0) -+ { -+ if (errno == ENOSYS) -+ FAIL_UNSUPPORTED ("POSIX message queues are not implemented\n"); -+ FAIL_EXIT1 ("Failed to create POSIX message queue: %m\n"); -+ } -+ -+ TEST_VERIFY_EXIT (mq_unlink (m_name) == 0); -+ -+ check_bz28213 (); -+ -+ return 0; -+} -+ -+#include <support/test-driver.c> diff --git a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch b/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch deleted file mode 100644 index 3cb60b2e55..0000000000 --- a/meta/recipes-core/glibc/glibc/0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch +++ /dev/null @@ -1,116 +0,0 @@ -From b1971f6f1331d738d1d6b376b4741668a7546125 Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" <hjl.tools@gmail.com> -Date: Tue, 2 Feb 2021 13:45:58 -0800 -Subject: [PATCH] x86: Require full ISA support for x86-64 level marker [BZ #27318] - -Since -march=sandybridge enables ISAs in x86-64 ISA level v3, the v3 -marker is set on libc.so. We couldn't set the needed ISA marker to v2 -since this libc won't run on all v2 machines. Technically, the v3 marker -is correct. But the resulting libc.so won't run on Sandy Brigde, which -is a v2 machine, even when libc is compiled with -march=sandybridge: - -$ ./elf/ld.so ./libc.so -./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3 - -Instead, we require full ISA support for x86-64 level marker and disable -x86-64 level marker for -march=sandybridge which enables ISAs between v2 -and v3. - -Upstream-Status: Submitted [https://sourceware.org/pipermail/libc-alpha/2021-February/122297.html] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - - sysdeps/x86/configure | 7 ++++++- - sysdeps/x86/configure.ac | 2 +- - sysdeps/x86/isa-level.c | 21 ++++++++++++++++++++- - 3 files changed, 27 insertions(+), 3 deletions(-) - -diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure -index 5e32dc62b3..5b20646843 100644 ---- a/sysdeps/x86/configure -+++ b/sysdeps/x86/configure -@@ -133,7 +133,12 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest c - $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 - test $ac_status = 0; }; }; then - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l` -- if test "$count" = 1; then -+ if test "$count" = 1 && { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c' -+ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 -+ (eval $ac_try) 2>&5 -+ ac_status=$? -+ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 -+ test $ac_status = 0; }; }; then - libc_cv_include_x86_isa_level=yes - fi - fi -diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac -index f94088f377..54ecd33d2c 100644 ---- a/sysdeps/x86/configure.ac -+++ b/sysdeps/x86/configure.ac -@@ -100,7 +100,7 @@ EOF - libc_cv_include_x86_isa_level=no - if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then - count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l` -- if test "$count" = 1; then -+ if test "$count" = 1 && AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -DINCLUDE_X86_ISA_LEVEL -S -o conftest.s $srcdir/sysdeps/x86/isa-level.c); then - libc_cv_include_x86_isa_level=yes - fi - fi -diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c -index aaf524cb56..7f83449061 100644 ---- a/sysdeps/x86/isa-level.c -+++ b/sysdeps/x86/isa-level.c -@@ -25,12 +25,17 @@ - License along with the GNU C Library; if not, see - <https://www.gnu.org/licenses/>. */ - --#include <elf.h> -+#ifdef _LIBC -+# include <elf.h> -+#endif - - /* ELF program property for x86 ISA level. */ - #ifdef INCLUDE_X86_ISA_LEVEL - # if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \ - || defined __MMX__ || defined __SSE__ || defined __SSE2__ -+# if !defined __SSE__ || !defined __SSE2__ -+# error "Missing ISAs for x86-64 ISA level baseline" -+# endif - # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE - # else - # define ISA_BASELINE 0 -@@ -40,6 +45,11 @@ - || (defined __x86_64__ && defined __LAHF_SAHF__) \ - || defined __POPCNT__ || defined __SSE3__ \ - || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__ -+# if !defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \ -+ || !defined __POPCNT__ || !defined __SSE3__ \ -+ || !defined __SSSE3__ || !defined __SSE4_1__ || !defined __SSE4_2__ -+# error "Missing ISAs for x86-64 ISA level v2" -+# endif - # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2 - # else - # define ISA_V2 0 -@@ -48,6 +58,10 @@ - # if defined __AVX__ || defined __AVX2__ || defined __F16C__ \ - || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \ - || defined __XSAVE__ -+# if !defined __AVX__ || !defined __AVX2__ || !defined __F16C__ \ -+ || !defined __FMA__ || !defined __LZCNT__ -+# error "Missing ISAs for x86-64 ISA level v3" -+# endif - # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3 - # else - # define ISA_V3 0 -@@ -55,6 +69,11 @@ - - # if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \ - || defined __AVX512DQ__ || defined __AVX512VL__ -+# if !defined __AVX512F__ || !defined __AVX512BW__ \ -+ || !defined __AVX512CD__ || !defined __AVX512DQ__ \ -+ || !defined __AVX512VL__ -+# error "Missing ISAs for x86-64 ISA level v4" -+# endif - # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4 - # else - # define ISA_V4 0 diff --git a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch b/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch deleted file mode 100644 index e904b28a05..0000000000 --- a/meta/recipes-core/glibc/glibc/0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch +++ /dev/null @@ -1,58 +0,0 @@ -From 044e603b698093cf48f6e6229e0b66acf05227e4 Mon Sep 17 00:00:00 2001 -From: Florian Weimer <fweimer@redhat.com> -Date: Fri, 19 Feb 2021 13:29:00 +0100 -Subject: [PATCH] string: Work around GCC PR 98512 in rawmemchr - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=044e603b698093cf48f6e6229e0b66acf05227e4] -Signed-off-by: Khem Raj <raj.khem@gmail.com> ---- - string/rawmemchr.c | 26 +++++++++++++++----------- - 1 file changed, 15 insertions(+), 11 deletions(-) - -diff --git a/string/rawmemchr.c b/string/rawmemchr.c -index 59bbeeaa42..b8523118e5 100644 ---- a/string/rawmemchr.c -+++ b/string/rawmemchr.c -@@ -22,24 +22,28 @@ - # define RAWMEMCHR __rawmemchr - #endif - --/* Find the first occurrence of C in S. */ --void * --RAWMEMCHR (const void *s, int c) --{ -- DIAG_PUSH_NEEDS_COMMENT; -+/* The pragmata should be nested inside RAWMEMCHR below, but that -+ triggers GCC PR 98512. */ -+DIAG_PUSH_NEEDS_COMMENT; - #if __GNUC_PREREQ (7, 0) -- /* GCC 8 warns about the size passed to memchr being larger than -- PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */ -- DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow="); -+/* GCC 8 warns about the size passed to memchr being larger than -+ PTRDIFF_MAX; the use of SIZE_MAX is deliberate here. */ -+DIAG_IGNORE_NEEDS_COMMENT (8, "-Wstringop-overflow="); - #endif - #if __GNUC_PREREQ (11, 0) -- /* Likewise GCC 11, with a different warning option. */ -- DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); -+/* Likewise GCC 11, with a different warning option. */ -+DIAG_IGNORE_NEEDS_COMMENT (11, "-Wstringop-overread"); - #endif -+ -+/* Find the first occurrence of C in S. */ -+void * -+RAWMEMCHR (const void *s, int c) -+{ - if (c != '\0') - return memchr (s, c, (size_t)-1); -- DIAG_POP_NEEDS_COMMENT; - return (char *)s + strlen (s); - } - libc_hidden_def (__rawmemchr) - weak_alias (__rawmemchr, rawmemchr) -+ -+DIAG_POP_NEEDS_COMMENT; --- -2.30.1 - diff --git a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch b/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch deleted file mode 100644 index 3a004e227f..0000000000 --- a/meta/recipes-core/glibc/glibc/0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch +++ /dev/null @@ -1,185 +0,0 @@ -From 750b00a1ddae220403fd892a6fd4e0791ffd154a Mon Sep 17 00:00:00 2001 -From: "H.J. Lu" <hjl.tools@gmail.com> -Date: Fri, 18 Sep 2020 07:55:14 -0700 -Subject: [PATCH] x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444] - - x86: Move x86 processor cache info to cpu_features - -missed _SC_LEVEL1_ICACHE_LINESIZE. - -1. Add level1_icache_linesize to struct cpu_features. -2. Initialize level1_icache_linesize by calling handle_intel, -handle_zhaoxin and handle_amd with _SC_LEVEL1_ICACHE_LINESIZE. -3. Return level1_icache_linesize for _SC_LEVEL1_ICACHE_LINESIZE. - -Upstream-Status: Backport [https://sourceware.org/bugzilla/show_bug.cgi?id=27444] -Signed-off-by: Andrei Gherzan <andrei.gherzan@huawei.com> ---- - sysdeps/x86/Makefile | 8 +++ - sysdeps/x86/cacheinfo.c | 3 + - sysdeps/x86/dl-cacheinfo.h | 6 ++ - sysdeps/x86/include/cpu-features.h | 2 + - .../x86/tst-sysconf-cache-linesize-static.c | 1 + - sysdeps/x86/tst-sysconf-cache-linesize.c | 57 +++++++++++++++++++ - 6 files changed, 77 insertions(+) - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize-static.c - create mode 100644 sysdeps/x86/tst-sysconf-cache-linesize.c - -diff --git a/sysdeps/x86/Makefile b/sysdeps/x86/Makefile -index dd82674342..d231263051 100644 ---- a/sysdeps/x86/Makefile -+++ b/sysdeps/x86/Makefile -@@ -208,3 +208,11 @@ $(objpfx)check-cet.out: $(..)sysdeps/x86/check-cet.awk \ - generated += check-cet.out - endif - endif -+ -+ifeq ($(subdir),posix) -+tests += \ -+ tst-sysconf-cache-linesize \ -+ tst-sysconf-cache-linesize-static -+tests-static += \ -+ tst-sysconf-cache-linesize-static -+endif -diff --git a/sysdeps/x86/cacheinfo.c b/sysdeps/x86/cacheinfo.c -index 7b8df45e3b..5ea4723ca6 100644 ---- a/sysdeps/x86/cacheinfo.c -+++ b/sysdeps/x86/cacheinfo.c -@@ -32,6 +32,9 @@ __cache_sysconf (int name) - case _SC_LEVEL1_ICACHE_SIZE: - return cpu_features->level1_icache_size; - -+ case _SC_LEVEL1_ICACHE_LINESIZE: -+ return cpu_features->level1_icache_linesize; -+ - case _SC_LEVEL1_DCACHE_SIZE: - return cpu_features->level1_dcache_size; - -diff --git a/sysdeps/x86/dl-cacheinfo.h b/sysdeps/x86/dl-cacheinfo.h -index a31fa0783a..7cd00b92f1 100644 ---- a/sysdeps/x86/dl-cacheinfo.h -+++ b/sysdeps/x86/dl-cacheinfo.h -@@ -707,6 +707,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - long int core; - unsigned int threads = 0; - unsigned long int level1_icache_size = -1; -+ unsigned long int level1_icache_linesize = -1; - unsigned long int level1_dcache_size = -1; - unsigned long int level1_dcache_assoc = -1; - unsigned long int level1_dcache_linesize = -1; -@@ -726,6 +727,8 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - - level1_icache_size - = handle_intel (_SC_LEVEL1_ICACHE_SIZE, cpu_features); -+ level1_icache_linesize -+ = handle_intel (_SC_LEVEL1_ICACHE_LINESIZE, cpu_features); - level1_dcache_size = data; - level1_dcache_assoc - = handle_intel (_SC_LEVEL1_DCACHE_ASSOC, cpu_features); -@@ -753,6 +756,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - shared = handle_zhaoxin (_SC_LEVEL3_CACHE_SIZE); - - level1_icache_size = handle_zhaoxin (_SC_LEVEL1_ICACHE_SIZE); -+ level1_icache_linesize = handle_zhaoxin (_SC_LEVEL1_ICACHE_LINESIZE); - level1_dcache_size = data; - level1_dcache_assoc = handle_zhaoxin (_SC_LEVEL1_DCACHE_ASSOC); - level1_dcache_linesize = handle_zhaoxin (_SC_LEVEL1_DCACHE_LINESIZE); -@@ -772,6 +776,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - shared = handle_amd (_SC_LEVEL3_CACHE_SIZE); - - level1_icache_size = handle_amd (_SC_LEVEL1_ICACHE_SIZE); -+ level1_icache_linesize = handle_amd (_SC_LEVEL1_ICACHE_LINESIZE); - level1_dcache_size = data; - level1_dcache_assoc = handle_amd (_SC_LEVEL1_DCACHE_ASSOC); - level1_dcache_linesize = handle_amd (_SC_LEVEL1_DCACHE_LINESIZE); -@@ -833,6 +838,7 @@ dl_init_cacheinfo (struct cpu_features *cpu_features) - } - - cpu_features->level1_icache_size = level1_icache_size; -+ cpu_features->level1_icache_linesize = level1_icache_linesize; - cpu_features->level1_dcache_size = level1_dcache_size; - cpu_features->level1_dcache_assoc = level1_dcache_assoc; - cpu_features->level1_dcache_linesize = level1_dcache_linesize; -diff --git a/sysdeps/x86/include/cpu-features.h b/sysdeps/x86/include/cpu-features.h -index 624736b40e..39a3f4f311 100644 ---- a/sysdeps/x86/include/cpu-features.h -+++ b/sysdeps/x86/include/cpu-features.h -@@ -874,6 +874,8 @@ struct cpu_features - unsigned long int rep_stosb_threshold; - /* _SC_LEVEL1_ICACHE_SIZE. */ - unsigned long int level1_icache_size; -+ /* _SC_LEVEL1_ICACHE_LINESIZE. */ -+ unsigned long int level1_icache_linesize; - /* _SC_LEVEL1_DCACHE_SIZE. */ - unsigned long int level1_dcache_size; - /* _SC_LEVEL1_DCACHE_ASSOC. */ -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize-static.c b/sysdeps/x86/tst-sysconf-cache-linesize-static.c -new file mode 100644 -index 0000000000..152ae68821 ---- /dev/null -+++ b/sysdeps/x86/tst-sysconf-cache-linesize-static.c -@@ -0,0 +1 @@ -+#include "tst-sysconf-cache-linesize.c" -diff --git a/sysdeps/x86/tst-sysconf-cache-linesize.c b/sysdeps/x86/tst-sysconf-cache-linesize.c -new file mode 100644 -index 0000000000..642dbde5d2 ---- /dev/null -+++ b/sysdeps/x86/tst-sysconf-cache-linesize.c -@@ -0,0 +1,57 @@ -+/* Test system cache line sizes. -+ Copyright (C) 2021 Free Software Foundation, Inc. -+ This file is part of the GNU C Library. -+ -+ The GNU C Library is free software; you can redistribute it and/or -+ modify it under the terms of the GNU Lesser General Public -+ License as published by the Free Software Foundation; either -+ version 2.1 of the License, or (at your option) any later version. -+ -+ The GNU C Library is distributed in the hope that it will be useful, -+ but WITHOUT ANY WARRANTY; without even the implied warranty of -+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ Lesser General Public License for more details. -+ -+ You should have received a copy of the GNU Lesser General Public -+ License along with the GNU C Library; if not, see -+ <https://www.gnu.org/licenses/>. */ -+ -+#include <stdio.h> -+#include <stdlib.h> -+#include <unistd.h> -+#include <array_length.h> -+ -+static struct -+{ -+ const char *name; -+ int _SC_val; -+} sc_options[] = -+ { -+#define N(name) { "_SC_"#name, _SC_##name } -+ N (LEVEL1_ICACHE_LINESIZE), -+ N (LEVEL1_DCACHE_LINESIZE), -+ N (LEVEL2_CACHE_LINESIZE) -+ }; -+ -+static int -+do_test (void) -+{ -+ int result = EXIT_SUCCESS; -+ -+ for (int i = 0; i < array_length (sc_options); ++i) -+ { -+ long int scret = sysconf (sc_options[i]._SC_val); -+ if (scret < 0) -+ { -+ printf ("sysconf (%s) returned < 0 (%ld)\n", -+ sc_options[i].name, scret); -+ result = EXIT_FAILURE; -+ } -+ else -+ printf ("sysconf (%s): %ld\n", sc_options[i].name, scret); -+ } -+ -+ return result; -+} -+ -+#include <support/test-driver.c> diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch new file mode 100644 index 0000000000..2f08a90dd0 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2021-27318-revert.patch @@ -0,0 +1,174 @@ +Since the full ISA set used in an ELF binary is unknown to compiler, +an x86-64 ISA level marker indicates the minimum, not maximum, ISA set +required to run such an ELF binary. We never guarantee a library with +an x86-64 ISA level v3 marker doesn't contain other ISAs beyond x86-64 +ISA level v3, like AVX VNNI. We check the x86-64 ISA level marker for +the minimum ISA set. Since -march=sandybridge enables only some ISAs +in x86-64 ISA level v3, we should set the needed ISA marker to v2. +Otherwise, libc is compiled with -march=sandybridge will fail to run on +Sandy Bridge: + +$ ./elf/ld.so ./libc.so +./libc.so: (p) CPU ISA level is lower than required: needed: 7; got: 3 + +Set the minimum, instead of maximum, x86-64 ISA level marker should have +no impact on the b-hwcaps directory assignment logic in ldconfig nor +ld.so. + +(cherry picked from commit 339bf918ea4830fb35614632e96f3aab3237adce) +--- + config.h.in | 6 ++++++ + sysdeps/x86/configure | 28 ++++++++++++++++++++++++++++ + sysdeps/x86/configure.ac | 16 ++++++++++++++++ + sysdeps/x86/isa-level.c | 25 ++++++++++++++----------- + 4 files changed, 64 insertions(+), 11 deletions(-) + +diff --git a/config.h.in b/config.h.in +--- a/config.h.in 2021-10-16 03:28:49.447573081 -0700 ++++ b/config.h.in 2021-10-16 03:29:38.626741181 -0700 +@@ -275,4 +275,10 @@ + /* Define if x86 ISA level should be included in shared libraries. */ + #undef INCLUDE_X86_ISA_LEVEL + ++/* Define if -msahf is enabled by default on x86. */ ++#undef HAVE_X86_LAHF_SAHF ++ ++/* Define if -mmovbe is enabled by default on x86. */ ++#undef HAVE_X86_MOVBE ++ + #endif +diff --git a/sysdeps/x86/configure b/sysdeps/x86/configure +--- a/sysdeps/x86/configure 2021-10-16 03:28:49.587570713 -0700 ++++ b/sysdeps/x86/configure 2021-10-16 03:29:39.330729277 -0700 +@@ -126,6 +126,8 @@ cat > conftest2.S <<EOF + 4: + EOF + libc_cv_include_x86_isa_level=no ++libc_cv_have_x86_lahf_sahf=no ++libc_cv_have_x86_movbe=no + if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 + (eval $ac_try) 2>&5 +@@ -135,6 +137,24 @@ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l` + if test "$count" = 1; then + libc_cv_include_x86_isa_level=yes ++ cat > conftest.c <<EOF ++EOF ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c' ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++ test $ac_status = 0; }; } | grep -q "\-msahf"; then ++ libc_cv_have_x86_lahf_sahf=yes ++ fi ++ if { ac_try='${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c' ++ { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_try\""; } >&5 ++ (eval $ac_try) 2>&5 ++ ac_status=$? ++ $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 ++ test $ac_status = 0; }; } | grep -q "\-mmovbe"; then ++ libc_cv_have_x86_movbe=yes ++ fi + fi + fi + rm -f conftest* +@@ -145,5 +165,13 @@ if test $libc_cv_include_x86_isa_level = + $as_echo "#define INCLUDE_X86_ISA_LEVEL 1" >>confdefs.h + + fi ++if test $libc_cv_have_x86_lahf_sahf = yes; then ++ $as_echo "#define HAVE_X86_LAHF_SAHF 1" >>confdefs.h ++ ++fi ++if test $libc_cv_have_x86_movbe = yes; then ++ $as_echo "#define HAVE_X86_MOVBE 1" >>confdefs.h ++ ++fi + config_vars="$config_vars + enable-x86-isa-level = $libc_cv_include_x86_isa_level" +diff --git a/sysdeps/x86/configure.ac b/sysdeps/x86/configure.ac +--- a/sysdeps/x86/configure.ac 2021-10-16 03:28:49.587570713 -0700 ++++ b/sysdeps/x86/configure.ac 2021-10-16 03:29:40.038717306 -0700 +@@ -98,14 +98,30 @@ cat > conftest2.S <<EOF + 4: + EOF + libc_cv_include_x86_isa_level=no ++libc_cv_have_x86_lahf_sahf=no ++libc_cv_have_x86_movbe=no + if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -nostartfiles -nostdlib -r -o conftest conftest1.S conftest2.S); then + count=`LC_ALL=C $READELF -n conftest | grep NT_GNU_PROPERTY_TYPE_0 | wc -l` + if test "$count" = 1; then + libc_cv_include_x86_isa_level=yes ++ cat > conftest.c <<EOF ++EOF ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-msahf"; then ++ libc_cv_have_x86_lahf_sahf=yes ++ fi ++ if AC_TRY_COMMAND(${CC-cc} $CFLAGS $CPPFLAGS -fverbose-asm -S -o - conftest.c) | grep -q "\-mmovbe"; then ++ libc_cv_have_x86_movbe=yes ++ fi + fi + fi + rm -f conftest*]) + if test $libc_cv_include_x86_isa_level = yes; then + AC_DEFINE(INCLUDE_X86_ISA_LEVEL) + fi ++if test $libc_cv_have_x86_lahf_sahf = yes; then ++ AC_DEFINE(HAVE_X86_LAHF_SAHF) ++fi ++if test $libc_cv_have_x86_movbe = yes; then ++ AC_DEFINE(HAVE_X86_MOVBE) ++fi + LIBC_CONFIG_VAR([enable-x86-isa-level], [$libc_cv_include_x86_isa_level]) +diff --git a/sysdeps/x86/isa-level.c b/sysdeps/x86/isa-level.c +--- a/sysdeps/x86/isa-level.c 2021-10-16 03:28:49.587570713 -0700 ++++ b/sysdeps/x86/isa-level.c 2021-10-16 03:29:40.766704997 -0700 +@@ -29,32 +29,35 @@ + + /* ELF program property for x86 ISA level. */ + #ifdef INCLUDE_X86_ISA_LEVEL +-# if defined __x86_64__ || defined __FXSR__ || !defined _SOFT_FLOAT \ +- || defined __MMX__ || defined __SSE__ || defined __SSE2__ ++# if defined __SSE__ && defined __SSE2__ ++/* NB: ISAs, excluding MMX, in x86-64 ISA level baseline are used. */ + # define ISA_BASELINE GNU_PROPERTY_X86_ISA_1_BASELINE + # else + # define ISA_BASELINE 0 + # endif + +-# if defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \ +- || (defined __x86_64__ && defined __LAHF_SAHF__) \ +- || defined __POPCNT__ || defined __SSE3__ \ +- || defined __SSSE3__ || defined __SSE4_1__ || defined __SSE4_2__ ++# if ISA_BASELINE && defined __GCC_HAVE_SYNC_COMPARE_AND_SWAP_16 \ ++ && defined HAVE_X86_LAHF_SAHF && defined __POPCNT__ \ ++ && defined __SSE3__ && defined __SSSE3__ && defined __SSE4_1__ \ ++ && defined __SSE4_2__ ++/* NB: ISAs in x86-64 ISA level v2 are used. */ + # define ISA_V2 GNU_PROPERTY_X86_ISA_1_V2 + # else + # define ISA_V2 0 + # endif + +-# if defined __AVX__ || defined __AVX2__ || defined __F16C__ \ +- || defined __FMA__ || defined __LZCNT__ || defined __MOVBE__ \ +- || defined __XSAVE__ ++# if ISA_V2 && defined __AVX__ && defined __AVX2__ && defined __F16C__ \ ++ && defined __FMA__ && defined __LZCNT__ && defined HAVE_X86_MOVBE ++/* NB: ISAs in x86-64 ISA level v3 are used. */ + # define ISA_V3 GNU_PROPERTY_X86_ISA_1_V3 + # else + # define ISA_V3 0 + # endif + +-# if defined __AVX512F__ || defined __AVX512BW__ || defined __AVX512CD__ \ +- || defined __AVX512DQ__ || defined __AVX512VL__ ++# if ISA_V3 && defined __AVX512F__ && defined __AVX512BW__ \ ++ && defined __AVX512CD__ && defined __AVX512DQ__ \ ++ && defined __AVX512VL__ ++/* NB: ISAs in x86-64 ISA level v4 are used. */ + # define ISA_V4 GNU_PROPERTY_X86_ISA_1_V4 + # else + # define ISA_V4 0 diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch b/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch deleted file mode 100644 index 26c5c0d2a9..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2021-27645.patch +++ /dev/null @@ -1,51 +0,0 @@ -From dca565886b5e8bd7966e15f0ca42ee5cff686673 Mon Sep 17 00:00:00 2001 -From: DJ Delorie <dj@redhat.com> -Date: Thu, 25 Feb 2021 16:08:21 -0500 -Subject: [PATCH] nscd: Fix double free in netgroupcache [BZ #27462] - -In commit 745664bd798ec8fd50438605948eea594179fba1 a use-after-free -was fixed, but this led to an occasional double-free. This patch -tracks the "live" allocation better. - -Tested manually by a third party. - -Related: RHBZ 1927877 - -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> -Reviewed-by: Carlos O'Donell <carlos@redhat.com> - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=dca565886b5e8bd7966e15f0ca42ee5cff686673] - -CVE: CVE-2021-27645 - -Reviewed-by: Carlos O'Donell <carlos@redhat.com> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> ---- - nscd/netgroupcache.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/nscd/netgroupcache.c b/nscd/netgroupcache.c -index dba6ceec1b..ad2daddafd 100644 ---- a/nscd/netgroupcache.c -+++ b/nscd/netgroupcache.c -@@ -248,7 +248,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - : NULL); - ndomain = (ndomain ? newbuf + ndomaindiff - : NULL); -- buffer = newbuf; -+ *tofreep = buffer = newbuf; - } - - nhost = memcpy (buffer + bufused, -@@ -319,7 +319,7 @@ addgetnetgrentX (struct database_dyn *db, int fd, request_header *req, - else if (status == NSS_STATUS_TRYAGAIN && e == ERANGE) - { - buflen *= 2; -- buffer = xrealloc (buffer, buflen); -+ *tofreep = buffer = xrealloc (buffer, buflen); - } - else if (status == NSS_STATUS_RETURN - || status == NSS_STATUS_NOTFOUND --- -2.27.0 - diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch deleted file mode 100644 index 21f07ac303..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_1.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 709674ec86c3c6da4f0995897f6b0205c16d049d Mon Sep 17 00:00:00 2001 -From: Andreas Schwab <schwab@linux-m68k.org> -Date: Thu, 27 May 2021 12:49:47 +0200 -Subject: [PATCH] Use __pthread_attr_copy in mq_notify (bug 27896) - -Make a deep copy of the pthread attribute object to remove a potential -use-after-free issue. - -Upstream-Status: Backport -[https://sourceware.org/git/?p=glibc.git;a=commit;h=42d359350510506b87101cf77202fefcbfc790cb] - -CVE: -CVE-2021-33574 - -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> ---- - NEWS | 4 ++++ - sysdeps/unix/sysv/linux/mq_notify.c | 15 ++++++++++----- - 2 files changed, 14 insertions(+), 5 deletions(-) - -diff --git a/NEWS b/NEWS -index 71f5d20324..017d656433 100644 ---- a/NEWS -+++ b/NEWS -@@ -118,6 +118,10 @@ Security related changes: - CVE-2019-25013: A buffer overflow has been fixed in the iconv function when - invoked with EUC-KR input containing invalid multibyte input sequences. - -+ CVE-2021-33574: The mq_notify function has a potential use-after-free -+ issue when using a notification type of SIGEV_THREAD and a thread -+ attribute with a non-default affinity mask. -+ - The following bugs are resolved with this release: - - [10635] libc: realpath portability patches -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c -index cc575a0cdd..f7ddfe5a6c 100644 ---- a/sysdeps/unix/sysv/linux/mq_notify.c -+++ b/sysdeps/unix/sysv/linux/mq_notify.c -@@ -133,8 +133,11 @@ helper_thread (void *arg) - (void) __pthread_barrier_wait (¬ify_barrier); - } - else if (data.raw[NOTIFY_COOKIE_LEN - 1] == NOTIFY_REMOVED) -- /* The only state we keep is the copy of the thread attributes. */ -- free (data.attr); -+ { -+ /* The only state we keep is the copy of the thread attributes. */ -+ pthread_attr_destroy (data.attr); -+ free (data.attr); -+ } - } - return NULL; - } -@@ -255,8 +258,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) - if (data.attr == NULL) - return -1; - -- memcpy (data.attr, notification->sigev_notify_attributes, -- sizeof (pthread_attr_t)); -+ __pthread_attr_copy (data.attr, notification->sigev_notify_attributes); - } - - /* Construct the new request. */ -@@ -270,7 +272,10 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) - - /* If it failed, free the allocated memory. */ - if (__glibc_unlikely (retval != 0)) -- free (data.attr); -+ { -+ pthread_attr_destroy (data.attr); -+ free (data.attr); -+ } - - return retval; - } diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch b/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch deleted file mode 100644 index befccd7ac7..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2021-33574_2.patch +++ /dev/null @@ -1,61 +0,0 @@ -From 217b6dc298156bdb0d6aea9ea93e7e394a5ff091 Mon Sep 17 00:00:00 2001 -From: Florian Weimer <fweimer@redhat.com> -Date: Tue, 1 Jun 2021 17:51:41 +0200 -Subject: [PATCH] Fix use of __pthread_attr_copy in mq_notify (bug 27896) - -__pthread_attr_copy can fail and does not initialize the attribute -structure in that case. - -If __pthread_attr_copy is never called and there is no allocated -attribute, pthread_attr_destroy should not be called, otherwise -there is a null pointer dereference in rt/tst-mqueue6. - -Fixes commit 42d359350510506b87101cf77202fefcbfc790cb -("Use __pthread_attr_copy in mq_notify (bug 27896)"). - -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> - -Upstream-Status: Backport -[https://sourceware.org/git/?p=glibc.git;a=commit;h=217b6dc298156bdb0d6aea9ea93e7e394a5ff091] - -CVE: -CVE-2021-33574 - -Reviewed-by: Siddhesh Poyarekar <siddhesh@sourceware.org> -Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com> ---- - sysdeps/unix/sysv/linux/mq_notify.c | 11 +++++++++-- - 1 file changed, 9 insertions(+), 2 deletions(-) - -diff --git a/sysdeps/unix/sysv/linux/mq_notify.c b/sysdeps/unix/sysv/linux/mq_notify.c -index f7ddfe5a6c..6f46d29d1d 100644 ---- a/sysdeps/unix/sysv/linux/mq_notify.c -+++ b/sysdeps/unix/sysv/linux/mq_notify.c -@@ -258,7 +258,14 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) - if (data.attr == NULL) - return -1; - -- __pthread_attr_copy (data.attr, notification->sigev_notify_attributes); -+ int ret = __pthread_attr_copy (data.attr, -+ notification->sigev_notify_attributes); -+ if (ret != 0) -+ { -+ free (data.attr); -+ __set_errno (ret); -+ return -1; -+ } - } - - /* Construct the new request. */ -@@ -271,7 +278,7 @@ mq_notify (mqd_t mqdes, const struct sigevent *notification) - int retval = INLINE_SYSCALL (mq_notify, 2, mqdes, &se); - - /* If it failed, free the allocated memory. */ -- if (__glibc_unlikely (retval != 0)) -+ if (retval != 0 && data.attr != NULL) - { - pthread_attr_destroy (data.attr); - free (data.attr); --- -2.27.0 - diff --git a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch b/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch deleted file mode 100644 index 5cae1bc91c..0000000000 --- a/meta/recipes-core/glibc/glibc/CVE-2021-35942.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 5adda61f62b77384718b4c0d8336ade8f2b4b35c Mon Sep 17 00:00:00 2001 -From: Andreas Schwab <schwab@linux-m68k.org> -Date: Fri, 25 Jun 2021 15:02:47 +0200 -Subject: [PATCH] wordexp: handle overflow in positional parameter number (bug - 28011) - -Use strtoul instead of atoi so that overflow can be detected. - -Upstream-Status: Backport [https://sourceware.org/git/?p=glibc.git;a=commit;h=5adda61f62b77384718b4c0d8336ade8f2b4b35c] -CVE: CVE-2021-35942 -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - posix/wordexp-test.c | 1 + - posix/wordexp.c | 2 +- - 2 files changed, 2 insertions(+), 1 deletion(-) - -diff --git a/posix/wordexp-test.c b/posix/wordexp-test.c -index f93a546d7e..9df02dbbb3 100644 ---- a/posix/wordexp-test.c -+++ b/posix/wordexp-test.c -@@ -183,6 +183,7 @@ struct test_case_struct - { 0, NULL, "$var", 0, 0, { NULL, }, IFS }, - { 0, NULL, "\"\\n\"", 0, 1, { "\\n", }, IFS }, - { 0, NULL, "", 0, 0, { NULL, }, IFS }, -+ { 0, NULL, "${1234567890123456789012}", 0, 0, { NULL, }, IFS }, - - /* Flags not already covered (testit() has special handling for these) */ - { 0, NULL, "one two", WRDE_DOOFFS, 2, { "one", "two", }, IFS }, -diff --git a/posix/wordexp.c b/posix/wordexp.c -index bcbe96e48d..1f3b09f721 100644 ---- a/posix/wordexp.c -+++ b/posix/wordexp.c -@@ -1399,7 +1399,7 @@ envsubst: - /* Is it a numeric parameter? */ - else if (isdigit (env[0])) - { -- int n = atoi (env); -+ unsigned long n = strtoul (env, NULL, 10); - - if (n >= __libc_argc) - /* Substitute NULL. */ --- -2.17.1 - diff --git a/meta/recipes-core/glibc/glibc_2.33.bb b/meta/recipes-core/glibc/glibc_2.33.bb index 57a60cb9d8..a1e9eb3a16 100644 --- a/meta/recipes-core/glibc/glibc_2.33.bb +++ b/meta/recipes-core/glibc/glibc_2.33.bb @@ -56,16 +56,6 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \ file://0028-readlib-Add-OECORE_KNOWN_INTERPRETER_NAMES-to-known-.patch \ file://0029-wordsize.h-Unify-the-header-between-arm-and-aarch64.patch \ file://0030-powerpc-Do-not-ask-compiler-for-finding-arch.patch \ - file://0031-x86-Require-full-ISA-support-for-x86-64-level-marker.patch \ - file://0032-string-Work-around-GCC-PR-98512-in-rawmemchr.patch \ - file://0033-x86-Handle-_SC_LEVEL1_ICACHE_LINESIZE-BZ-27444.patch \ - file://CVE-2021-27645.patch \ - file://0001-nptl-Remove-private-futex-optimization-BZ-27304.patch \ - file://CVE-2021-33574_1.patch \ - file://CVE-2021-33574_2.patch \ - file://CVE-2021-35942.patch \ - file://0001-CVE-2021-38604.patch \ - file://0002-CVE-2021-38604.patch \ " S = "${WORKDIR}/git" B = "${WORKDIR}/build-${TARGET_SYS}" @@ -98,7 +88,7 @@ EXTRA_OECONF = "--enable-kernel=${OLDEST_KERNEL} \ EXTRA_OECONF += "${@get_libc_fpu_setting(bb, d)}" -EXTRA_OECONF_append_x86 = " --enable-cet" +EXTRA_OECONF_append_x86 = " ${@bb.utils.contains_any('TUNE_FEATURES', 'i586 c3', '--disable-cet', '--enable-cet', d)}" EXTRA_OECONF_append_x86-64 = " --enable-cet" PACKAGECONFIG ??= "nscd" diff --git a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb index 0daf50acab..afc3196620 100644 --- a/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb +++ b/meta/recipes-core/ifupdown/ifupdown_0.8.36.bb @@ -7,7 +7,7 @@ the file /etc/network/interfaces." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https \ +SRC_URI = "git://salsa.debian.org/debian/ifupdown.git;protocol=https;branch=master \ file://defn2-c-man-don-t-rely-on-dpkg-architecture-to-set-a.patch \ file://99_network \ file://0001-Define-FNM_EXTMATCH-for-musl.patch \ diff --git a/meta/recipes-core/images/build-appliance-image_15.0.0.bb b/meta/recipes-core/images/build-appliance-image_15.0.0.bb index a13422490f..5631cd8ae6 100644 --- a/meta/recipes-core/images/build-appliance-image_15.0.0.bb +++ b/meta/recipes-core/images/build-appliance-image_15.0.0.bb @@ -24,7 +24,7 @@ IMAGE_FSTYPES = "wic.vmdk wic.vhd wic.vhdx" inherit core-image setuptools3 -SRCREV ?= "45fb2254f6961377ae0ad0c5c00735459fdcb182" +SRCREV ?= "2954fa87a4d325f1a3c722d6fb8bf13b17f9e7a0" SRC_URI = "git://git.yoctoproject.org/poky;branch=hardknott \ file://Yocto_Build_Appliance.vmx \ file://Yocto_Build_Appliance.vmxf \ diff --git a/meta/recipes-core/initrdscripts/initramfs-framework/finish b/meta/recipes-core/initrdscripts/initramfs-framework/finish index 717383ebac..f08a920867 100755 --- a/meta/recipes-core/initrdscripts/initramfs-framework/finish +++ b/meta/recipes-core/initrdscripts/initramfs-framework/finish @@ -12,6 +12,18 @@ finish_run() { fatal "ERROR: There's no '/dev' on rootfs." fi + # Unmount anything that was automounted by busybox via mdev-mount.sh. + # We're about to switch_root, and leaving anything mounted will prevent + # the next rootfs from modifying the block device. Ignore ROOT_DISK, + # if it was set by setup-live, because it'll be mounted over loopback + # to ROOTFS_DIR. + local dev + for dev in /run/media/*; do + if mountpoint -q "${dev}" && [ "${dev##*/}" != "${ROOT_DISK}" ]; then + umount -f "${dev}" || debug "Failed to unmount ${dev}" + fi + done + info "Switching root to '$ROOTFS_DIR'..." debug "Moving /dev, /proc and /sys onto rootfs..." diff --git a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb index 33977e66c1..98f45e1355 100644 --- a/meta/recipes-core/initscripts/init-system-helpers_1.60.bb +++ b/meta/recipes-core/initscripts/init-system-helpers_1.60.bb @@ -17,7 +17,7 @@ LICENSE = "BSD-3-Clause & GPLv2" LIC_FILES_CHKSUM = "file://debian/copyright;md5=ee2b1830fcfead84d07bc060ec43e072" SRCREV = "dbd9197569c0935029acd5c9b02b84c68fd937ee" -SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https" +SRC_URI = "git://salsa.debian.org/debian/init-system-helpers.git;protocol=https;branch=master" S = "${WORKDIR}/git" diff --git a/meta/recipes-core/libxcrypt/libxcrypt.inc b/meta/recipes-core/libxcrypt/libxcrypt.inc index b5ca863d54..8008ba2d38 100644 --- a/meta/recipes-core/libxcrypt/libxcrypt.inc +++ b/meta/recipes-core/libxcrypt/libxcrypt.inc @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://LICENSING;md5=bd5d9777dfe7076c4f2928f12fed226a \ inherit autotools pkgconfig -SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH} \ +SRC_URI = "git://github.com/besser82/libxcrypt.git;branch=${SRCBRANCH};protocol=https \ file://0001-configure.ac-do-not-use-compute-symver-floor.patch \ " SRCREV = "94d84f92ca123d851586016c4678eb1f21c19029" diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch new file mode 100644 index 0000000000..eefecb9adb --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch @@ -0,0 +1,99 @@ +From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Tue, 22 Feb 2022 11:51:08 +0100 +Subject: [PATCH] Fix --without-valid build + +Regressed in commit 652dd12a. +--- + valid.c | 58 ++++++++++++++++++++++++++++----------------------------- + 1 file changed, 29 insertions(+), 29 deletions(-) +--- + +From https://github.com/GNOME/libxml2.git + commit 646fe48d1c8a74310c409ddf81fe7df6700052af + +CVE: CVE-2022-23308 +Upstream-status: Backport + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + + +diff --git a/valid.c b/valid.c +index 8e596f1d..9684683a 100644 +--- a/valid.c ++++ b/valid.c +@@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt) + return (ret); + } + +-/** +- * xmlValidNormalizeString: +- * @str: a string +- * +- * Normalize a string in-place. +- */ +-static void +-xmlValidNormalizeString(xmlChar *str) { +- xmlChar *dst; +- const xmlChar *src; +- +- if (str == NULL) +- return; +- src = str; +- dst = str; +- +- while (*src == 0x20) src++; +- while (*src != 0) { +- if (*src == 0x20) { +- while (*src == 0x20) src++; +- if (*src != 0) +- *dst++ = 0x20; +- } else { +- *dst++ = *src++; +- } +- } +- *dst = 0; +-} +- + #ifdef DEBUG_VALID_ALGO + static void + xmlValidPrintNode(xmlNodePtr cur) { +@@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) { + (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \ + xmlFree((char *)(str)); + ++/** ++ * xmlValidNormalizeString: ++ * @str: a string ++ * ++ * Normalize a string in-place. ++ */ ++static void ++xmlValidNormalizeString(xmlChar *str) { ++ xmlChar *dst; ++ const xmlChar *src; ++ ++ if (str == NULL) ++ return; ++ src = str; ++ dst = str; ++ ++ while (*src == 0x20) src++; ++ while (*src != 0) { ++ if (*src == 0x20) { ++ while (*src == 0x20) src++; ++ if (*src != 0) ++ *dst++ = 0x20; ++ } else { ++ *dst++ = *src++; ++ } ++ } ++ *dst = 0; ++} ++ + static int + xmlIsStreaming(xmlValidCtxtPtr ctxt) { + xmlParserCtxtPtr pctxt; +-- +2.35.1 + diff --git a/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch new file mode 100644 index 0000000000..708a98b45a --- /dev/null +++ b/meta/recipes-core/libxml/libxml2/CVE-2022-23308.patch @@ -0,0 +1,209 @@ +From 652dd12a858989b14eed4e84e453059cd3ba340e Mon Sep 17 00:00:00 2001 +From: Nick Wellnhofer <wellnhofer@aevum.de> +Date: Tue, 8 Feb 2022 03:29:24 +0100 +Subject: [PATCH] [CVE-2022-23308] Use-after-free of ID and IDREF attributes + +If a document is parsed with XML_PARSE_DTDVALID and without +XML_PARSE_NOENT, the value of ID attributes has to be normalized after +potentially expanding entities in xmlRemoveID. Otherwise, later calls +to xmlGetID can return a pointer to previously freed memory. + +ID attributes which are empty or contain only whitespace after +entity expansion are affected in a similar way. This is fixed by +not storing such attributes in the ID table. + +The test to detect streaming mode when validating against a DTD was +broken. In connection with the defects above, this could result in a +use-after-free when using the xmlReader interface with validation. +Fix detection of streaming mode to avoid similar issues. (This changes +the expected result of a test case. But as far as I can tell, using the +XML reader with XIncludes referencing the root document never worked +properly, anyway.) + +All of these issues can result in denial of service. Using xmlReader +with validation could result in disclosure of memory via the error +channel, typically stderr. The security impact of xmlGetID returning +a pointer to freed memory depends on the application. The typical use +case of calling xmlGetID on an unmodified document is not affected. +--- + result/XInclude/ns1.xml.rdr | 2 +- + valid.c | 88 +++++++++++++++++++++++-------------- + 2 files changed, 56 insertions(+), 34 deletions(-) + --- + +From https://github.com/GNOME/libxml2.git + commit 652dd12a858989b14eed4e84e453059cd3ba340e + +Remove patch to ns1.xml.rdr which does not exist in version 2.9.10. + +CVE: CVE-2022-23308 +Upstream-status: Backport + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + + +diff --git a/valid.c b/valid.c +index 5ee391c0..8e596f1d 100644 +--- a/valid.c ++++ b/valid.c +@@ -479,6 +479,35 @@ nodeVPop(xmlValidCtxtPtr ctxt) + return (ret); + } + ++/** ++ * xmlValidNormalizeString: ++ * @str: a string ++ * ++ * Normalize a string in-place. ++ */ ++static void ++xmlValidNormalizeString(xmlChar *str) { ++ xmlChar *dst; ++ const xmlChar *src; ++ ++ if (str == NULL) ++ return; ++ src = str; ++ dst = str; ++ ++ while (*src == 0x20) src++; ++ while (*src != 0) { ++ if (*src == 0x20) { ++ while (*src == 0x20) src++; ++ if (*src != 0) ++ *dst++ = 0x20; ++ } else { ++ *dst++ = *src++; ++ } ++ } ++ *dst = 0; ++} ++ + #ifdef DEBUG_VALID_ALGO + static void + xmlValidPrintNode(xmlNodePtr cur) { +@@ -2607,6 +2636,24 @@ xmlDumpNotationTable(xmlBufferPtr buf, xmlNotationTablePtr table) { + (xmlDictOwns(dict, (const xmlChar *)(str)) == 0))) \ + xmlFree((char *)(str)); + ++static int ++xmlIsStreaming(xmlValidCtxtPtr ctxt) { ++ xmlParserCtxtPtr pctxt; ++ ++ if (ctxt == NULL) ++ return(0); ++ /* ++ * These magic values are also abused to detect whether we're validating ++ * while parsing a document. In this case, userData points to the parser ++ * context. ++ */ ++ if ((ctxt->finishDtd != XML_CTXT_FINISH_DTD_0) && ++ (ctxt->finishDtd != XML_CTXT_FINISH_DTD_1)) ++ return(0); ++ pctxt = ctxt->userData; ++ return(pctxt->parseMode == XML_PARSE_READER); ++} ++ + /** + * xmlFreeID: + * @not: A id +@@ -2650,7 +2697,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, + if (doc == NULL) { + return(NULL); + } +- if (value == NULL) { ++ if ((value == NULL) || (value[0] == 0)) { + return(NULL); + } + if (attr == NULL) { +@@ -2681,7 +2728,7 @@ xmlAddID(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, + */ + ret->value = xmlStrdup(value); + ret->doc = doc; +- if ((ctxt != NULL) && (ctxt->vstateNr != 0)) { ++ if (xmlIsStreaming(ctxt)) { + /* + * Operating in streaming mode, attr is gonna disappear + */ +@@ -2820,6 +2867,7 @@ xmlRemoveID(xmlDocPtr doc, xmlAttrPtr attr) { + ID = xmlNodeListGetString(doc, attr->children, 1); + if (ID == NULL) + return(-1); ++ xmlValidNormalizeString(ID); + + id = xmlHashLookup(table, ID); + if (id == NULL || id->attr != attr) { +@@ -3009,7 +3057,7 @@ xmlAddRef(xmlValidCtxtPtr ctxt, xmlDocPtr doc, const xmlChar *value, + * fill the structure. + */ + ret->value = xmlStrdup(value); +- if ((ctxt != NULL) && (ctxt->vstateNr != 0)) { ++ if (xmlIsStreaming(ctxt)) { + /* + * Operating in streaming mode, attr is gonna disappear + */ +@@ -4028,8 +4076,7 @@ xmlValidateAttributeValue2(xmlValidCtxtPtr ctxt, xmlDocPtr doc, + xmlChar * + xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, + xmlNodePtr elem, const xmlChar *name, const xmlChar *value) { +- xmlChar *ret, *dst; +- const xmlChar *src; ++ xmlChar *ret; + xmlAttributePtr attrDecl = NULL; + int extsubset = 0; + +@@ -4070,19 +4117,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, + ret = xmlStrdup(value); + if (ret == NULL) + return(NULL); +- src = value; +- dst = ret; +- while (*src == 0x20) src++; +- while (*src != 0) { +- if (*src == 0x20) { +- while (*src == 0x20) src++; +- if (*src != 0) +- *dst++ = 0x20; +- } else { +- *dst++ = *src++; +- } +- } +- *dst = 0; ++ xmlValidNormalizeString(ret); + if ((doc->standalone) && (extsubset == 1) && (!xmlStrEqual(value, ret))) { + xmlErrValidNode(ctxt, elem, XML_DTD_NOT_STANDALONE, + "standalone: %s on %s value had to be normalized based on external subset declaration\n", +@@ -4114,8 +4149,7 @@ xmlValidCtxtNormalizeAttributeValue(xmlValidCtxtPtr ctxt, xmlDocPtr doc, + xmlChar * + xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem, + const xmlChar *name, const xmlChar *value) { +- xmlChar *ret, *dst; +- const xmlChar *src; ++ xmlChar *ret; + xmlAttributePtr attrDecl = NULL; + + if (doc == NULL) return(NULL); +@@ -4145,19 +4179,7 @@ xmlValidNormalizeAttributeValue(xmlDocPtr doc, xmlNodePtr elem, + ret = xmlStrdup(value); + if (ret == NULL) + return(NULL); +- src = value; +- dst = ret; +- while (*src == 0x20) src++; +- while (*src != 0) { +- if (*src == 0x20) { +- while (*src == 0x20) src++; +- if (*src != 0) +- *dst++ = 0x20; +- } else { +- *dst++ = *src++; +- } +- } +- *dst = 0; ++ xmlValidNormalizeString(ret); + return(ret); + } + +-- +2.25.1 + diff --git a/meta/recipes-core/libxml/libxml2_2.9.10.bb b/meta/recipes-core/libxml/libxml2_2.9.10.bb index ce4f9a3340..778312f662 100644 --- a/meta/recipes-core/libxml/libxml2_2.9.10.bb +++ b/meta/recipes-core/libxml/libxml2_2.9.10.bb @@ -30,6 +30,8 @@ SRC_URI = "http://www.xmlsoft.org/sources/libxml2-${PV}.tar.gz;name=libtar \ file://CVE-2021-3518-0002.patch \ file://CVE-2021-3537.patch \ file://CVE-2021-3541.patch \ + file://CVE-2022-23308.patch \ + file://CVE-2022-23308-fix-regression.patch \ " SRC_URI[libtar.md5sum] = "10942a1dc23137a8aa07f0639cbfece5" @@ -47,7 +49,7 @@ PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," inherit autotools pkgconfig binconfig-disabled ptest -inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3native', '', d)} +inherit ${@bb.utils.contains('PACKAGECONFIG', 'python', 'python3targetconfig', '', d)} RDEPENDS_${PN}-ptest += "make ${@bb.utils.contains('PACKAGECONFIG', 'python', 'libgcc python3-core python3-logging python3-shell python3-stringold python3-threading python3-unittest ${PN}-python', '', d)}" diff --git a/meta/recipes-core/musl/libucontext_git.bb b/meta/recipes-core/musl/libucontext_git.bb index 11affebb49..87946b7ec3 100644 --- a/meta/recipes-core/musl/libucontext_git.bb +++ b/meta/recipes-core/musl/libucontext_git.bb @@ -10,7 +10,7 @@ DEPENDS = "" PV = "0.10+${SRCPV}" SRCREV = "19fa1bbfc26efb92147b5e85cc0ca02a0e837561" -SRC_URI = "git://github.com/kaniini/libucontext \ +SRC_URI = "git://github.com/kaniini/libucontext;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-core/musl/musl-obstack.bb b/meta/recipes-core/musl/musl-obstack.bb index 3003935fe5..74de48c2cd 100644 --- a/meta/recipes-core/musl/musl-obstack.bb +++ b/meta/recipes-core/musl/musl-obstack.bb @@ -10,7 +10,7 @@ SECTION = "libs" PV = "1.1" SRCREV = "d2ad66b0df44a4b784956f7f7f2717131ddc05f4" -SRC_URI = "git://github.com/pullmoll/musl-obstack" +SRC_URI = "git://github.com/pullmoll/musl-obstack;branch=master;protocol=https" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-core/musl/musl-utils.bb b/meta/recipes-core/musl/musl-utils.bb index dd0ce33061..c30509469c 100644 --- a/meta/recipes-core/musl/musl-utils.bb +++ b/meta/recipes-core/musl/musl-utils.bb @@ -11,7 +11,7 @@ SECTION = "utils" PV = "20170421" SRCREV = "fb5630138ccabbbc14a19d372096a04e42573c7d" -SRC_URI = "git://github.com/boltlinux/musl-utils" +SRC_URI = "git://github.com/boltlinux/musl-utils;branch=master;protocol=https" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-core/musl/musl_git.bb b/meta/recipes-core/musl/musl_git.bb index e6f9e2441e..a241a2fbbd 100644 --- a/meta/recipes-core/musl/musl_git.bb +++ b/meta/recipes-core/musl/musl_git.bb @@ -12,7 +12,7 @@ PV = "${BASEVER}+git${SRCPV}" # mirror is at git://github.com/kraj/musl.git -SRC_URI = "git://git.musl-libc.org/musl \ +SRC_URI = "git://git.musl-libc.org/musl;branch=master \ file://0001-Make-dynamic-linker-a-relative-symlink-to-libc.patch \ file://0002-ldso-Use-syslibdir-and-libdir-as-default-pathes-to-l.patch \ " diff --git a/meta/recipes-core/ncurses/files/CVE-2021-39537.patch b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch new file mode 100644 index 0000000000..d63bf57e8d --- /dev/null +++ b/meta/recipes-core/ncurses/files/CVE-2021-39537.patch @@ -0,0 +1,65 @@ +From e83ecbd26252bac163fc4377ef30edbd4acb0bad Mon Sep 17 00:00:00 2001 +From: Sven Joachim <svenjoac@gmx.de> +Date: Mon, 1 Jun 2020 08:03:52 +0200 +Subject: [PATCH] Import upstream patch 20200531 + +20200531 + + correct configure version-check/warnng for g++ to allow for 10.x + + re-enable "bel" in konsole-base (report by Nia Huang) + + add linux-s entry (patch by Alexandre Montaron). + + drop long-obsolete convert_configure.pl + + add test/test_parm.c, for checking tparm changes. + + improve parameter-checking for tparm, adding function _nc_tiparm() to + handle the most-used case, which accepts only numeric parameters + (report/testcase by "puppet-meteor"). + + use a more conservative estimate of the buffer-size in lib_tparm.c's + save_text() and save_number(), in case the sprintf() function + passes-through unexpected characters from a format specifier + (report/testcase by "puppet-meteor"). + + add a check for end-of-string in cvtchar to handle a malformed + string in infotocap (report/testcase by "puppet-meteor"). + +CVE: CVE-2021-39537 + +Upstream-Status: Backport [https://github.com/mirror/ncurses/commit/790a85dbd4a81d5f5d8dd02a44d84f01512ef443] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + ncurses/tinfo/captoinfo.c | 11 +- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/ncurses/tinfo/captoinfo.c b/ncurses/tinfo/captoinfo.c +index 8b3b83d1..9362105a 100644 +--- a/ncurses/tinfo/captoinfo.c ++++ b/ncurses/tinfo/captoinfo.c +@@ -98,7 +98,7 @@ + #include <ctype.h> + #include <tic.h> + +-MODULE_ID("$Id: captoinfo.c,v 1.98 2020/02/02 23:34:34 tom Exp $") ++MODULE_ID("$Id: captoinfo.c,v 1.99 2020/05/25 21:28:29 tom Exp $") + + #if 0 + #define DEBUG_THIS(p) DEBUG(9, p) +@@ -216,12 +216,15 @@ cvtchar(register const char *sp) + } + break; + case '^': ++ len = 2; + c = UChar(*++sp); +- if (c == '?') ++ if (c == '?') { + c = 127; +- else ++ } else if (c == '\0') { ++ len = 1; ++ } else { + c &= 0x1f; +- len = 2; ++ } + break; + default: + c = UChar(*sp); +-- +2.17.1 + diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc index ef59bc3b0a..9c74d2ec36 100644 --- a/meta/recipes-core/ncurses/ncurses.inc +++ b/meta/recipes-core/ncurses/ncurses.inc @@ -13,7 +13,7 @@ BINCONFIG = "${bindir}/ncurses5-config ${bindir}/ncursesw5-config \ inherit autotools binconfig-disabled multilib_header pkgconfig # Upstream has useful patches at times at ftp://invisible-island.net/ncurses/ -SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https" +SRC_URI = "git://salsa.debian.org/debian/ncurses.git;protocol=https;branch=master" EXTRA_AUTORECONF = "-I m4" diff --git a/meta/recipes-core/ncurses/ncurses_6.2.bb b/meta/recipes-core/ncurses/ncurses_6.2.bb index e7d7396a20..598c51b00b 100644 --- a/meta/recipes-core/ncurses/ncurses_6.2.bb +++ b/meta/recipes-core/ncurses/ncurses_6.2.bb @@ -3,6 +3,7 @@ require ncurses.inc SRC_URI += "file://0001-tic-hang.patch \ file://0002-configure-reproducible.patch \ file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ + file://CVE-2021-39537.patch \ " # commit id corresponds to the revision in package version SRCREV = "a669013cd5e9d6434e5301348ea51baf306c93c4" diff --git a/meta/recipes-core/netbase/netbase_6.2.bb b/meta/recipes-core/netbase/netbase_6.2.bb index c016d32dd3..ad7e9becde 100644 --- a/meta/recipes-core/netbase/netbase_6.2.bb +++ b/meta/recipes-core/netbase/netbase_6.2.bb @@ -6,7 +6,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://debian/copyright;md5=3dd6192d306f582dee7687da3d8748ab" PE = "1" -SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https" +SRC_URI = "git://salsa.debian.org/md/netbase.git;protocol=https;branch=master" SRCREV = "1c892c96a078ef28ec1a94681b3a0da7a3d545f7" inherit allarch diff --git a/meta/recipes-core/os-release/os-release.bb b/meta/recipes-core/os-release/os-release.bb index a29d678125..33f75e39b8 100644 --- a/meta/recipes-core/os-release/os-release.bb +++ b/meta/recipes-core/os-release/os-release.bb @@ -12,7 +12,9 @@ do_configure[noexec] = "1" # Other valid fields: BUILD_ID ID_LIKE ANSI_COLOR CPE_NAME # HOME_URL SUPPORT_URL BUG_REPORT_URL -OS_RELEASE_FIELDS = "ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME" +OS_RELEASE_FIELDS = "\ + ID ID_LIKE NAME VERSION VERSION_ID PRETTY_NAME DISTRO_CODENAME \ +" OS_RELEASE_UNQUOTED_FIELDS = "ID VERSION_ID VARIANT_ID" ID = "${DISTRO}" diff --git a/meta/recipes-core/psplash/psplash_git.bb b/meta/recipes-core/psplash/psplash_git.bb index 59e1e3f194..e1236475fc 100644 --- a/meta/recipes-core/psplash/psplash_git.bb +++ b/meta/recipes-core/psplash/psplash_git.bb @@ -10,7 +10,7 @@ SRCREV = "0a902f7cd875ccf018456451be369f05fa55f962" PV = "0.1+git${SRCPV}" PR = "r15" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://psplash-init \ file://psplash-start.service \ file://psplash-systemd.service \ diff --git a/meta/recipes-core/systemd/systemd.inc b/meta/recipes-core/systemd/systemd.inc index 7d3b3064ba..b11ab112af 100644 --- a/meta/recipes-core/systemd/systemd.inc +++ b/meta/recipes-core/systemd/systemd.inc @@ -16,6 +16,6 @@ LIC_FILES_CHKSUM = "file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe \ SRCREV = "17472dca0160cbe7b807ca648475fd70d0d62fe5" SRCBRANCH = "v247-stable" -SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=git;branch=${SRCBRANCH}" +SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH}" S = "${WORKDIR}/git" diff --git a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb index da716674c3..daee5c224b 100644 --- a/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb +++ b/meta/recipes-core/update-rc.d/update-rc.d_0.8.bb @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "GPLv2+" LIC_FILES_CHKSUM = "file://update-rc.d;beginline=5;endline=15;md5=d40a07c27f535425934bb5001f2037d9" -SRC_URI = "git://git.yoctoproject.org/update-rc.d" +SRC_URI = "git://git.yoctoproject.org/update-rc.d;branch=master" SRCREV = "8636cf478d426b568c1be11dbd9346f67e03adac" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-core/util-linux/util-linux_2.36.2.bb b/meta/recipes-core/util-linux/util-linux_2.36.2.bb index c79cf782d1..82cc8a3dbf 100644 --- a/meta/recipes-core/util-linux/util-linux_2.36.2.bb +++ b/meta/recipes-core/util-linux/util-linux_2.36.2.bb @@ -73,7 +73,7 @@ EXTRA_OECONF = "\ \ --disable-bfs --disable-chfn-chsh --disable-login \ --disable-makeinstall-chown --disable-minix --disable-newgrp \ - --disable-use-tty-group --disable-vipw \ + --disable-use-tty-group --disable-vipw --disable-raw \ \ --without-udev \ \ diff --git a/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch new file mode 100644 index 0000000000..5cb6183641 --- /dev/null +++ b/meta/recipes-core/zlib/zlib/CVE-2018-25032.patch @@ -0,0 +1,347 @@ +CVE: CVE-2018-25032 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 5c44459c3b28a9bd3283aaceab7c615f8020c531 Mon Sep 17 00:00:00 2001 +From: Mark Adler <madler@alumni.caltech.edu> +Date: Tue, 17 Apr 2018 22:09:22 -0700 +Subject: [PATCH] Fix a bug that can crash deflate on some input when using + Z_FIXED. + +This bug was reported by Danilo Ramos of Eideticom, Inc. It has +lain in wait 13 years before being found! The bug was introduced +in zlib 1.2.2.2, with the addition of the Z_FIXED option. That +option forces the use of fixed Huffman codes. For rare inputs with +a large number of distant matches, the pending buffer into which +the compressed data is written can overwrite the distance symbol +table which it overlays. That results in corrupted output due to +invalid distances, and can result in out-of-bound accesses, +crashing the application. + +The fix here combines the distance buffer and literal/length +buffers into a single symbol buffer. Now three bytes of pending +buffer space are opened up for each literal or length/distance +pair consumed, instead of the previous two bytes. This assures +that the pending buffer cannot overwrite the symbol table, since +the maximum fixed code compressed length/distance is 31 bits, and +since there are four bytes of pending space for every three bytes +of symbol space. +--- + deflate.c | 74 ++++++++++++++++++++++++++++++++++++++++--------------- + deflate.h | 25 +++++++++---------- + trees.c | 50 +++++++++++-------------------------- + 3 files changed, 79 insertions(+), 70 deletions(-) + +diff --git a/deflate.c b/deflate.c +index 425babc00..19cba873a 100644 +--- a/deflate.c ++++ b/deflate.c +@@ -255,11 +255,6 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, + int wrap = 1; + static const char my_version[] = ZLIB_VERSION; + +- ushf *overlay; +- /* We overlay pending_buf and d_buf+l_buf. This works since the average +- * output size for (length,distance) codes is <= 24 bits. +- */ +- + if (version == Z_NULL || version[0] != my_version[0] || + stream_size != sizeof(z_stream)) { + return Z_VERSION_ERROR; +@@ -329,9 +324,47 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, + + s->lit_bufsize = 1 << (memLevel + 6); /* 16K elements by default */ + +- overlay = (ushf *) ZALLOC(strm, s->lit_bufsize, sizeof(ush)+2); +- s->pending_buf = (uchf *) overlay; +- s->pending_buf_size = (ulg)s->lit_bufsize * (sizeof(ush)+2L); ++ /* We overlay pending_buf and sym_buf. This works since the average size ++ * for length/distance pairs over any compressed block is assured to be 31 ++ * bits or less. ++ * ++ * Analysis: The longest fixed codes are a length code of 8 bits plus 5 ++ * extra bits, for lengths 131 to 257. The longest fixed distance codes are ++ * 5 bits plus 13 extra bits, for distances 16385 to 32768. The longest ++ * possible fixed-codes length/distance pair is then 31 bits total. ++ * ++ * sym_buf starts one-fourth of the way into pending_buf. So there are ++ * three bytes in sym_buf for every four bytes in pending_buf. Each symbol ++ * in sym_buf is three bytes -- two for the distance and one for the ++ * literal/length. As each symbol is consumed, the pointer to the next ++ * sym_buf value to read moves forward three bytes. From that symbol, up to ++ * 31 bits are written to pending_buf. The closest the written pending_buf ++ * bits gets to the next sym_buf symbol to read is just before the last ++ * code is written. At that time, 31*(n-2) bits have been written, just ++ * after 24*(n-2) bits have been consumed from sym_buf. sym_buf starts at ++ * 8*n bits into pending_buf. (Note that the symbol buffer fills when n-1 ++ * symbols are written.) The closest the writing gets to what is unread is ++ * then n+14 bits. Here n is lit_bufsize, which is 16384 by default, and ++ * can range from 128 to 32768. ++ * ++ * Therefore, at a minimum, there are 142 bits of space between what is ++ * written and what is read in the overlain buffers, so the symbols cannot ++ * be overwritten by the compressed data. That space is actually 139 bits, ++ * due to the three-bit fixed-code block header. ++ * ++ * That covers the case where either Z_FIXED is specified, forcing fixed ++ * codes, or when the use of fixed codes is chosen, because that choice ++ * results in a smaller compressed block than dynamic codes. That latter ++ * condition then assures that the above analysis also covers all dynamic ++ * blocks. A dynamic-code block will only be chosen to be emitted if it has ++ * fewer bits than a fixed-code block would for the same set of symbols. ++ * Therefore its average symbol length is assured to be less than 31. So ++ * the compressed data for a dynamic block also cannot overwrite the ++ * symbols from which it is being constructed. ++ */ ++ ++ s->pending_buf = (uchf *) ZALLOC(strm, s->lit_bufsize, 4); ++ s->pending_buf_size = (ulg)s->lit_bufsize * 4; + + if (s->window == Z_NULL || s->prev == Z_NULL || s->head == Z_NULL || + s->pending_buf == Z_NULL) { +@@ -340,8 +373,12 @@ int ZEXPORT deflateInit2_(strm, level, method, windowBits, memLevel, strategy, + deflateEnd (strm); + return Z_MEM_ERROR; + } +- s->d_buf = overlay + s->lit_bufsize/sizeof(ush); +- s->l_buf = s->pending_buf + (1+sizeof(ush))*s->lit_bufsize; ++ s->sym_buf = s->pending_buf + s->lit_bufsize; ++ s->sym_end = (s->lit_bufsize - 1) * 3; ++ /* We avoid equality with lit_bufsize*3 because of wraparound at 64K ++ * on 16 bit machines and because stored blocks are restricted to ++ * 64K-1 bytes. ++ */ + + s->level = level; + s->strategy = strategy; +@@ -552,7 +589,7 @@ int ZEXPORT deflatePrime (strm, bits, value) + + if (deflateStateCheck(strm)) return Z_STREAM_ERROR; + s = strm->state; +- if ((Bytef *)(s->d_buf) < s->pending_out + ((Buf_size + 7) >> 3)) ++ if (s->sym_buf < s->pending_out + ((Buf_size + 7) >> 3)) + return Z_BUF_ERROR; + do { + put = Buf_size - s->bi_valid; +@@ -1113,7 +1150,6 @@ int ZEXPORT deflateCopy (dest, source) + #else + deflate_state *ds; + deflate_state *ss; +- ushf *overlay; + + + if (deflateStateCheck(source) || dest == Z_NULL) { +@@ -1133,8 +1169,7 @@ int ZEXPORT deflateCopy (dest, source) + ds->window = (Bytef *) ZALLOC(dest, ds->w_size, 2*sizeof(Byte)); + ds->prev = (Posf *) ZALLOC(dest, ds->w_size, sizeof(Pos)); + ds->head = (Posf *) ZALLOC(dest, ds->hash_size, sizeof(Pos)); +- overlay = (ushf *) ZALLOC(dest, ds->lit_bufsize, sizeof(ush)+2); +- ds->pending_buf = (uchf *) overlay; ++ ds->pending_buf = (uchf *) ZALLOC(dest, ds->lit_bufsize, 4); + + if (ds->window == Z_NULL || ds->prev == Z_NULL || ds->head == Z_NULL || + ds->pending_buf == Z_NULL) { +@@ -1148,8 +1183,7 @@ int ZEXPORT deflateCopy (dest, source) + zmemcpy(ds->pending_buf, ss->pending_buf, (uInt)ds->pending_buf_size); + + ds->pending_out = ds->pending_buf + (ss->pending_out - ss->pending_buf); +- ds->d_buf = overlay + ds->lit_bufsize/sizeof(ush); +- ds->l_buf = ds->pending_buf + (1+sizeof(ush))*ds->lit_bufsize; ++ ds->sym_buf = ds->pending_buf + ds->lit_bufsize; + + ds->l_desc.dyn_tree = ds->dyn_ltree; + ds->d_desc.dyn_tree = ds->dyn_dtree; +@@ -1925,7 +1959,7 @@ local block_state deflate_fast(s, flush) + FLUSH_BLOCK(s, 1); + return finish_done; + } +- if (s->last_lit) ++ if (s->sym_next) + FLUSH_BLOCK(s, 0); + return block_done; + } +@@ -2056,7 +2090,7 @@ local block_state deflate_slow(s, flush) + FLUSH_BLOCK(s, 1); + return finish_done; + } +- if (s->last_lit) ++ if (s->sym_next) + FLUSH_BLOCK(s, 0); + return block_done; + } +@@ -2131,7 +2165,7 @@ local block_state deflate_rle(s, flush) + FLUSH_BLOCK(s, 1); + return finish_done; + } +- if (s->last_lit) ++ if (s->sym_next) + FLUSH_BLOCK(s, 0); + return block_done; + } +@@ -2170,7 +2204,7 @@ local block_state deflate_huff(s, flush) + FLUSH_BLOCK(s, 1); + return finish_done; + } +- if (s->last_lit) ++ if (s->sym_next) + FLUSH_BLOCK(s, 0); + return block_done; + } +diff --git a/deflate.h b/deflate.h +index 23ecdd312..d4cf1a98b 100644 +--- a/deflate.h ++++ b/deflate.h +@@ -217,7 +217,7 @@ typedef struct internal_state { + /* Depth of each subtree used as tie breaker for trees of equal frequency + */ + +- uchf *l_buf; /* buffer for literals or lengths */ ++ uchf *sym_buf; /* buffer for distances and literals/lengths */ + + uInt lit_bufsize; + /* Size of match buffer for literals/lengths. There are 4 reasons for +@@ -239,13 +239,8 @@ typedef struct internal_state { + * - I can't count above 4 + */ + +- uInt last_lit; /* running index in l_buf */ +- +- ushf *d_buf; +- /* Buffer for distances. To simplify the code, d_buf and l_buf have +- * the same number of elements. To use different lengths, an extra flag +- * array would be necessary. +- */ ++ uInt sym_next; /* running index in sym_buf */ ++ uInt sym_end; /* symbol table full when sym_next reaches this */ + + ulg opt_len; /* bit length of current block with optimal trees */ + ulg static_len; /* bit length of current block with static trees */ +@@ -325,20 +320,22 @@ void ZLIB_INTERNAL _tr_stored_block OF((deflate_state *s, charf *buf, + + # define _tr_tally_lit(s, c, flush) \ + { uch cc = (c); \ +- s->d_buf[s->last_lit] = 0; \ +- s->l_buf[s->last_lit++] = cc; \ ++ s->sym_buf[s->sym_next++] = 0; \ ++ s->sym_buf[s->sym_next++] = 0; \ ++ s->sym_buf[s->sym_next++] = cc; \ + s->dyn_ltree[cc].Freq++; \ +- flush = (s->last_lit == s->lit_bufsize-1); \ ++ flush = (s->sym_next == s->sym_end); \ + } + # define _tr_tally_dist(s, distance, length, flush) \ + { uch len = (uch)(length); \ + ush dist = (ush)(distance); \ +- s->d_buf[s->last_lit] = dist; \ +- s->l_buf[s->last_lit++] = len; \ ++ s->sym_buf[s->sym_next++] = dist; \ ++ s->sym_buf[s->sym_next++] = dist >> 8; \ ++ s->sym_buf[s->sym_next++] = len; \ + dist--; \ + s->dyn_ltree[_length_code[len]+LITERALS+1].Freq++; \ + s->dyn_dtree[d_code(dist)].Freq++; \ +- flush = (s->last_lit == s->lit_bufsize-1); \ ++ flush = (s->sym_next == s->sym_end); \ + } + #else + # define _tr_tally_lit(s, c, flush) flush = _tr_tally(s, 0, c) +diff --git a/trees.c b/trees.c +index 4f4a65011..decaeb7c3 100644 +--- a/trees.c ++++ b/trees.c +@@ -416,7 +416,7 @@ local void init_block(s) + + s->dyn_ltree[END_BLOCK].Freq = 1; + s->opt_len = s->static_len = 0L; +- s->last_lit = s->matches = 0; ++ s->sym_next = s->matches = 0; + } + + #define SMALLEST 1 +@@ -948,7 +948,7 @@ void ZLIB_INTERNAL _tr_flush_block(s, buf, stored_len, last) + + Tracev((stderr, "\nopt %lu(%lu) stat %lu(%lu) stored %lu lit %u ", + opt_lenb, s->opt_len, static_lenb, s->static_len, stored_len, +- s->last_lit)); ++ s->sym_next / 3)); + + if (static_lenb <= opt_lenb) opt_lenb = static_lenb; + +@@ -1017,8 +1017,9 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc) + unsigned dist; /* distance of matched string */ + unsigned lc; /* match length-MIN_MATCH or unmatched char (if dist==0) */ + { +- s->d_buf[s->last_lit] = (ush)dist; +- s->l_buf[s->last_lit++] = (uch)lc; ++ s->sym_buf[s->sym_next++] = dist; ++ s->sym_buf[s->sym_next++] = dist >> 8; ++ s->sym_buf[s->sym_next++] = lc; + if (dist == 0) { + /* lc is the unmatched char */ + s->dyn_ltree[lc].Freq++; +@@ -1033,30 +1034,7 @@ int ZLIB_INTERNAL _tr_tally (s, dist, lc) + s->dyn_ltree[_length_code[lc]+LITERALS+1].Freq++; + s->dyn_dtree[d_code(dist)].Freq++; + } +- +-#ifdef TRUNCATE_BLOCK +- /* Try to guess if it is profitable to stop the current block here */ +- if ((s->last_lit & 0x1fff) == 0 && s->level > 2) { +- /* Compute an upper bound for the compressed length */ +- ulg out_length = (ulg)s->last_lit*8L; +- ulg in_length = (ulg)((long)s->strstart - s->block_start); +- int dcode; +- for (dcode = 0; dcode < D_CODES; dcode++) { +- out_length += (ulg)s->dyn_dtree[dcode].Freq * +- (5L+extra_dbits[dcode]); +- } +- out_length >>= 3; +- Tracev((stderr,"\nlast_lit %u, in %ld, out ~%ld(%ld%%) ", +- s->last_lit, in_length, out_length, +- 100L - out_length*100L/in_length)); +- if (s->matches < s->last_lit/2 && out_length < in_length/2) return 1; +- } +-#endif +- return (s->last_lit == s->lit_bufsize-1); +- /* We avoid equality with lit_bufsize because of wraparound at 64K +- * on 16 bit machines and because stored blocks are restricted to +- * 64K-1 bytes. +- */ ++ return (s->sym_next == s->sym_end); + } + + /* =========================================================================== +@@ -1069,13 +1047,14 @@ local void compress_block(s, ltree, dtree) + { + unsigned dist; /* distance of matched string */ + int lc; /* match length or unmatched char (if dist == 0) */ +- unsigned lx = 0; /* running index in l_buf */ ++ unsigned sx = 0; /* running index in sym_buf */ + unsigned code; /* the code to send */ + int extra; /* number of extra bits to send */ + +- if (s->last_lit != 0) do { +- dist = s->d_buf[lx]; +- lc = s->l_buf[lx++]; ++ if (s->sym_next != 0) do { ++ dist = s->sym_buf[sx++] & 0xff; ++ dist += (unsigned)(s->sym_buf[sx++] & 0xff) << 8; ++ lc = s->sym_buf[sx++]; + if (dist == 0) { + send_code(s, lc, ltree); /* send a literal byte */ + Tracecv(isgraph(lc), (stderr," '%c' ", lc)); +@@ -1100,11 +1079,10 @@ local void compress_block(s, ltree, dtree) + } + } /* literal or match pair ? */ + +- /* Check that the overlay between pending_buf and d_buf+l_buf is ok: */ +- Assert((uInt)(s->pending) < s->lit_bufsize + 2*lx, +- "pendingBuf overflow"); ++ /* Check that the overlay between pending_buf and sym_buf is ok: */ ++ Assert(s->pending < s->lit_bufsize + sx, "pendingBuf overflow"); + +- } while (lx < s->last_lit); ++ } while (sx < s->sym_next); + + send_code(s, END_BLOCK, ltree); + } diff --git a/meta/recipes-core/zlib/zlib_1.2.11.bb b/meta/recipes-core/zlib/zlib_1.2.11.bb index ef9431ae47..bc42cd64e9 100644 --- a/meta/recipes-core/zlib/zlib_1.2.11.bb +++ b/meta/recipes-core/zlib/zlib_1.2.11.bb @@ -8,6 +8,7 @@ LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef6 SRC_URI = "${SOURCEFORGE_MIRROR}/libpng/${BPN}/${PV}/${BPN}-${PV}.tar.xz \ file://ldflags-tests.patch \ + file://CVE-2018-25032.patch \ file://run-ptest \ " UPSTREAM_CHECK_URI = "http://zlib.net/" diff --git a/meta/recipes-devtools/binutils/binutils-2.36.inc b/meta/recipes-devtools/binutils/binutils-2.36.inc index 9d770db5a8..fa28358c2d 100644 --- a/meta/recipes-devtools/binutils/binutils-2.36.inc +++ b/meta/recipes-devtools/binutils/binutils-2.36.inc @@ -24,7 +24,7 @@ BRANCH ?= "binutils-2_36-branch" UPSTREAM_CHECK_GITTAGREGEX = "binutils-(?P<pver>\d+_(\d_?)*)" -SRCREV ?= "7651a4871c225925ffdfda0a8c91a6ed370cd9a1" +SRCREV ?= "a281816c8aeb12619d34eec8959a43dfa5c6b4ec" BINUTILS_GIT_URI ?= "git://sourceware.org/git/binutils-gdb.git;branch=${BRANCH};protocol=git" SRC_URI = "\ ${BINUTILS_GIT_URI} \ @@ -41,8 +41,9 @@ SRC_URI = "\ file://0014-Fix-rpath-in-libtool-when-sysroot-is-enabled.patch \ file://0015-sync-with-OE-libtool-changes.patch \ file://0016-Check-for-clang-before-checking-gcc-version.patch \ - file://0001-CVE-2021-20197.patch \ - file://0002-CVE-2021-20197.patch \ - file://0003-CVE-2021-20197.patch \ + file://0017-CVE-2021-3530.patch \ + file://0018-CVE-2021-3530.patch \ + file://0001-CVE-2021-42574.patch \ + file://0001-CVE-2021-45078.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch deleted file mode 100644 index 2b4eaba26d..0000000000 --- a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-20197.patch +++ /dev/null @@ -1,201 +0,0 @@ -From 8e03235147a9e774d3ba084e93c2da1aa94d1cec Mon Sep 17 00:00:00 2001 -From: Siddhesh Poyarekar <siddhesh@gotplt.org> -Date: Mon, 22 Feb 2021 20:45:50 +0530 -Subject: [PATCH] binutils: Avoid renaming over existing files - -Renaming over existing files needs additional care to restore -permissions and ownership, which may not always succeed. -Additionally, other properties of the file such as extended attributes -may be lost, making the operation flaky. - -For predictable results, resort to rename() only if the file does not -exist, otherwise copy the file contents into the existing file. This -ensures that no additional tricks are needed to retain file -properties. - -This also allows dropping of the redundant set_times on the tmpfile in -objcopy/strip since now we no longer rename over existing files. - -binutils/ - - * ar.c (write_archive): Adjust call to SMART_RENAME. - * arsup.c (ar_save): Likewise. - * objcopy (strip_main): Don't set times on temporary file and - adjust call to SMART_RENAME. - (copy_main): Likewise. - * rename.c [!S_ISLNK]: Remove definitions. - (try_preserve_permissions): Remove function. - (smart_rename): Replace PRESERVE_DATES argument with - TARGET_STAT. Use rename system call only if TO does not exist. - * bucomm.h (smart_rename): Adjust declaration. - -(cherry picked from commit 3685de750e6a091663a0abe42528cad29e960e35) - -Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8e03235147a9e774d3ba084e93c2da1aa94d1cec] -CVE: CVE-2021-20197 -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - binutils/ar.c | 2 +- - binutils/arsup.c | 2 +- - binutils/bucomm.h | 3 ++- - binutils/objcopy.c | 8 ++----- - binutils/rename.c | 55 +++++++++------------------------------------- - 6 files changed, 29 insertions(+), 54 deletions(-) - -diff --git a/binutils/ar.c b/binutils/ar.c -index 45a34e3a6cf..3a91708b51c 100644 ---- a/binutils/ar.c -+++ b/binutils/ar.c -@@ -1308,7 +1308,7 @@ write_archive (bfd *iarch) - /* We don't care if this fails; we might be creating the archive. */ - bfd_close (iarch); - -- if (smart_rename (new_name, old_name, 0) != 0) -+ if (smart_rename (new_name, old_name, NULL) != 0) - xexit (1); - free (old_name); - free (new_name); -diff --git a/binutils/arsup.c b/binutils/arsup.c -index 5403a0c5d74..0a1f63f6456 100644 ---- a/binutils/arsup.c -+++ b/binutils/arsup.c -@@ -351,7 +351,7 @@ ar_save (void) - - bfd_close (obfd); - -- smart_rename (ofilename, real_name, 0); -+ smart_rename (ofilename, real_name, NULL); - obfd = 0; - free (ofilename); - } -diff --git a/binutils/bucomm.h b/binutils/bucomm.h -index 91f6a5b228f..aa7e33d8cd1 100644 ---- a/binutils/bucomm.h -+++ b/binutils/bucomm.h -@@ -71,7 +71,8 @@ extern void print_version (const char *); - /* In rename.c. */ - extern void set_times (const char *, const struct stat *); - --extern int smart_rename (const char *, const char *, int); -+extern int smart_rename (const char *, const char *, struct stat *); -+ - - /* In libiberty. */ - void *xmalloc (size_t); -diff --git a/binutils/objcopy.c b/binutils/objcopy.c -index eab3b6db585..07a872b5a80 100644 ---- a/binutils/objcopy.c -+++ b/binutils/objcopy.c -@@ -4861,12 +4861,10 @@ strip_main (int argc, char *argv[]) - output_target, NULL); - if (status == 0) - { -- if (preserve_dates) -- set_times (tmpname, &statbuf); - if (output_file != tmpname) - status = (smart_rename (tmpname, - output_file ? output_file : argv[i], -- preserve_dates) != 0); -+ preserve_dates ? &statbuf : NULL) != 0); - if (status == 0) - status = hold_status; - } -@@ -5931,11 +5929,9 @@ copy_main (int argc, char *argv[]) - output_target, input_arch); - if (status == 0) - { -- if (preserve_dates) -- set_times (tmpname, &statbuf); - if (tmpname != output_filename) - status = (smart_rename (tmpname, input_filename, -- preserve_dates) != 0); -+ preserve_dates ? &statbuf : NULL) != 0); - } - else - unlink_if_ordinary (tmpname); -diff --git a/binutils/rename.c b/binutils/rename.c -index 65ad5bf52c4..f471b45fd3f 100644 ---- a/binutils/rename.c -+++ b/binutils/rename.c -@@ -122,20 +122,13 @@ set_times (const char *destination, const struct stat *statbuf) - non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno)); - } - --#ifndef S_ISLNK --#ifdef S_IFLNK --#define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK) --#else --#define S_ISLNK(m) 0 --#define lstat stat --#endif --#endif -- --/* Rename FROM to TO, copying if TO is a link. -- Return 0 if ok, -1 if error. */ -+/* Rename FROM to TO, copying if TO exists. TARGET_STAT has the file status -+ that, if non-NULL, is used to fix up timestamps after rename. Return 0 if -+ ok, -1 if error. */ - - int --smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNUSED) -+smart_rename (const char *from, const char *to, -+ struct stat *target_stat ATTRIBUTE_UNUSED) - { - bfd_boolean exists; - struct stat s; -@@ -158,38 +151,10 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU - unlink (from); - } - #else -- /* Use rename only if TO is not a symbolic link and has -- only one hard link, and we have permission to write to it. */ -- if (! exists -- || (!S_ISLNK (s.st_mode) -- && S_ISREG (s.st_mode) -- && (s.st_mode & S_IWUSR) -- && s.st_nlink == 1) -- ) -+ /* Avoid a full copy and use rename if TO does not exist. */ -+ if (!exists) - { -- ret = rename (from, to); -- if (ret == 0) -- { -- if (exists) -- { -- /* Try to preserve the permission bits and ownership of -- TO. First get the mode right except for the setuid -- bit. Then change the ownership. Then fix the setuid -- bit. We do the chmod before the chown because if the -- chown succeeds, and we are a normal user, we won't be -- able to do the chmod afterward. We don't bother to -- fix the setuid bit first because that might introduce -- a fleeting security problem, and because the chown -- will clear the setuid bit anyhow. We only fix the -- setuid bit if the chown succeeds, because we don't -- want to introduce an unexpected setuid file owned by -- the user running objcopy. */ -- chmod (to, s.st_mode & 0777); -- if (chown (to, s.st_uid, s.st_gid) >= 0) -- chmod (to, s.st_mode & 07777); -- } -- } -- else -+ if ((ret = rename (from, to)) != 0) - { - /* We have to clean up here. */ - non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno)); -@@ -202,8 +167,8 @@ smart_rename (const char *from, const char *to, int preserve_dates ATTRIBUTE_UNU - if (ret != 0) - non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno)); - -- if (preserve_dates) -- set_times (to, &s); -+ if (target_stat != NULL) -+ set_times (to, target_stat); - unlink (from); - } - #endif /* _WIN32 && !__CYGWIN32__ */ --- -2.31.1 - diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch new file mode 100644 index 0000000000..6adc438b5c --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-42574.patch @@ -0,0 +1,2006 @@ +From b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5 Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Tue, 9 Nov 2021 13:25:42 +0000 +Subject: [PATCH] Add --unicode option to control how unicode characters are + handled by display tools. + + * nm.c: Add --unicode option to control how unicode characters are + handled. + * objdump.c: Likewise. + * readelf.c: Likewise. + * strings.c: Likewise. + * binutils.texi: Document the new feature. + * NEWS: Document the new feature. + * testsuite/binutils-all/unicode.exp: New file. + * testsuite/binutils-all/nm.hex.unicode + * testsuite/binutils-all/strings.escape.unicode + * testsuite/binutils-all/objdump.highlight.unicode + * testsuite/binutils-all/readelf.invalid.unicode + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=b3aa80b45c4f46029efeb204bb9f2d2c4278a0e5] + +Signed-off-by: pgowda <pgowda.cve@gmail.com> +--- + binutils/ChangeLog | 15 + + binutils/NEWS | 9 + + binutils/doc/binutils.texi | 78 ++++ + binutils/nm.c | 228 ++++++++++- + binutils/objdump.c | 235 ++++++++++-- + binutils/readelf.c | 190 +++++++++- + binutils/strings.c | 757 ++++++++++++++++++++++++++++++++++--- + 7 files changed, 1409 insertions(+), 103 deletions(-) + +diff --git a/binutils/ChangeLog b/binutils/ChangeLog +--- a/binutils/ChangeLog 2021-12-23 03:23:38.425843662 -0800 ++++ b/binutils/ChangeLog 2021-12-23 03:30:31.094968942 -0800 +@@ -1,3 +1,18 @@ ++2021-11-09 Nick Clifton <nickc@redhat.com> ++ ++ * nm.c: Add --unicode option to control how unicode characters are ++ handled. ++ * objdump.c: Likewise. ++ * readelf.c: Likewise. ++ * strings.c: Likewise. ++ * binutils.texi: Document the new feature. ++ * NEWS: Document the new feature. ++ * testsuite/binutils-all/unicode.exp: New file. ++ * testsuite/binutils-all/nm.hex.unicode ++ * testsuite/binutils-all/strings.escape.unicode ++ * testsuite/binutils-all/objdump.highlight.unicode ++ * testsuite/binutils-all/readelf.invalid.unicode ++ + 2021-04-15 Alan Modra <amodra@gmail.com> + + PR 27456 +diff --git a/binutils/doc/binutils.texi b/binutils/doc/binutils.texi +--- a/binutils/doc/binutils.texi 2021-12-23 03:23:38.441843395 -0800 ++++ b/binutils/doc/binutils.texi 2021-12-23 03:30:31.094968942 -0800 +@@ -805,6 +805,7 @@ nm [@option{-A}|@option{-o}|@option{--pr + [@option{-s}|@option{--print-armap}] [@option{-t} @var{radix}|@option{--radix=}@var{radix}] + [@option{-u}|@option{--undefined-only}] [@option{-V}|@option{--version}] + [@option{-X 32_64}] [@option{--defined-only}] [@option{--no-demangle}] ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{--plugin} @var{name}] + [@option{--no-recurse-limit}|@option{--recurse-limit}]] + [@option{--size-sort}] [@option{--special-syms}] +@@ -1114,6 +1115,21 @@ Use @var{radix} as the radix for printin + @cindex undefined symbols + Display only undefined symbols (those external to each object file). + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment. The @option{--unicode=locale} option displays the sequence ++in the current locale, which may or may not support them. The options ++@option{--unicode=hex} and @option{--unicode=invalid} display them as ++hex byte sequences enclosed by either angle brackets or curly braces. ++ ++The @option{--unicode=escape} option displays them as escape sequences ++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays ++them as escape sequences highlighted in red (if supported by the ++output device). The colouring is intended to draw attention to the ++presence of unicode sequences where they might not be expected. ++ + @item -V + @itemx --version + Show the version number of @command{nm} and exit. +@@ -2210,6 +2226,7 @@ objdump [@option{-a}|@option{--archive-h + [@option{--prefix-strip=}@var{level}] + [@option{--insn-width=}@var{width}] + [@option{--visualize-jumps[=color|=extended-color|=off]} ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{-V}|@option{--version}] + [@option{-H}|@option{--help}] + @var{objfile}@dots{} +@@ -2877,6 +2894,21 @@ When displaying symbols include those wh + special in some way and which would not normally be of interest to the + user. + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment. The @option{--unicode=locale} option displays the sequence ++in the current locale, which may or may not support them. The options ++@option{--unicode=hex} and @option{--unicode=invalid} display them as ++hex byte sequences enclosed by either angle brackets or curly braces. ++ ++The @option{--unicode=escape} option displays them as escape sequences ++(@var{\uxxxx}) and the @option{--unicode=highlight} option displays ++them as escape sequences highlighted in red (if supported by the ++output device). The colouring is intended to draw attention to the ++presence of unicode sequences where they might not be expected. ++ + @item -V + @itemx --version + Print the version number of @command{objdump} and exit. +@@ -3153,6 +3185,7 @@ strings [@option{-afovV}] [@option{-}@va + [@option{-n} @var{min-len}] [@option{--bytes=}@var{min-len}] + [@option{-t} @var{radix}] [@option{--radix=}@var{radix}] + [@option{-e} @var{encoding}] [@option{--encoding=}@var{encoding}] ++ [@option{-U} @var{method}] [@option{--unicode=}@var{method}] + [@option{-}] [@option{--all}] [@option{--print-file-name}] + [@option{-T} @var{bfdname}] [@option{--target=}@var{bfdname}] + [@option{-w}] [@option{--include-all-whitespace}] +@@ -3244,6 +3277,28 @@ single-8-bit-byte characters, @samp{b} = + littleendian. Useful for finding wide character strings. (@samp{l} + and @samp{b} apply to, for example, Unicode UTF-16/UCS-2 encodings). + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=@var{[default|invalid|locale|escape|hex|highlight]} ++Controls the display of UTF-8 encoded mulibyte characters in strings. ++The default (@option{--unicode=default}) is to give them no special ++treatment, and instead rely upon the setting of the ++@option{--encoding} option. The other values for this option ++automatically enable @option{--encoding=S}. ++ ++The @option{--unicode=invalid} option treats them as non-graphic ++characters and hence not part of a valid string. All the remaining ++options treat them as valid string characters. ++ ++The @option{--unicode=locale} option displays them in the current ++locale, which may or may not support UTF-8 encoding. The ++@option{--unicode=hex} option displays them as hex byte sequences ++enclosed between @var{<>} characters. The @option{--unicode=escape} ++option displays them as escape sequences (@var{\uxxxx}) and the ++@option{--unicode=highlight} option displays them as escape sequences ++highlighted in red (if supported by the output device). The colouring ++is intended to draw attention to the presence of unicode sequences ++where they might not be expected. ++ + @item -T @var{bfdname} + @itemx --target=@var{bfdname} + @cindex object code format +@@ -4740,6 +4795,7 @@ readelf [@option{-a}|@option{--all}] + [@option{--dyn-syms}|@option{--lto-syms}] + [@option{--demangle@var{=style}}|@option{--no-demangle}] + [@option{--recurse-limit}|@option{--no-recurse-limit}] ++ [@option{-U} @var{method}|@option{--unicode=}@var{method}] + [@option{-n}|@option{--notes}] + [@option{-r}|@option{--relocs}] + [@option{-u}|@option{--unwind}] +@@ -4887,6 +4943,28 @@ necessary in order to demangle truly com + that if the recursion limit is disabled then stack exhaustion is + possible and any bug reports about such an event will be rejected. + ++@item -U @var{[d|i|l|e|x|h]} ++@itemx --unicode=[default|invalid|locale|escape|hex|highlight] ++Controls the display of non-ASCII characters in identifier names. ++The default (@option{--unicode=locale} or @option{--unicode=default}) is ++to treat them as multibyte characters and display them in the current ++locale. All other versions of this option treat the bytes as UTF-8 ++encoded values and attempt to interpret them. If they cannot be ++interpreted or if the @option{--unicode=invalid} option is used then ++they are displayed as a sequence of hex bytes, encloses in curly ++parethesis characters. ++ ++Using the @option{--unicode=escape} option will display the characters ++as as unicode escape sequences (@var{\uxxxx}). Using the ++@option{--unicode=hex} will display the characters as hex byte ++sequences enclosed between angle brackets. ++ ++Using the @option{--unicode=highlight} will display the characters as ++unicode escape sequences but it will also highlighted them in red, ++assuming that colouring is supported by the output device. The ++colouring is intended to draw attention to the presence of unicode ++sequences when they might not be expected. ++ + @item -e + @itemx --headers + Display all the headers in the file. Equivalent to @option{-h -l -S}. +diff --git a/binutils/NEWS b/binutils/NEWS +--- a/binutils/NEWS 2021-12-23 03:23:38.433843528 -0800 ++++ b/binutils/NEWS 2021-12-23 03:30:31.094968942 -0800 +@@ -1,5 +1,14 @@ + -*- text -*- + ++* Tools which display symbols or strings (readelf, strings, nm, objdump) ++ have a new command line option which controls how unicode characters are ++ handled. By default they are treated as normal for the tool. Using ++ --unicode=locale will display them according to the current locale. ++ Using --unicode=hex will display them as hex byte values, whilst ++ --unicode=escape will display them as escape sequences. In addition ++ using --unicode=highlight will display them as unicode escape sequences ++ highlighted in red (if supported by the output device). ++ + Changes in 2.36: + + * Update elfedit and readelf with LAM_U48 and LAM_U57 support. +diff --git a/binutils/nm.c b/binutils/nm.c +--- a/binutils/nm.c 2021-12-23 03:23:38.441843395 -0800 ++++ b/binutils/nm.c 2021-12-23 03:30:31.098968875 -0800 +@@ -38,6 +38,11 @@ + #include "bucomm.h" + #include "plugin-api.h" + #include "plugin.h" ++#include "safe-ctype.h" ++ ++#ifndef streq ++#define streq(a,b) (strcmp ((a),(b)) == 0) ++#endif + + /* When sorting by size, we use this structure to hold the size and a + pointer to the minisymbol. */ +@@ -192,6 +197,18 @@ static const char *plugin_target = NULL; + static bfd *lineno_cache_bfd; + static bfd *lineno_cache_rel_bfd; + ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ + enum long_option_values + { + OPTION_TARGET = 200, +@@ -234,6 +251,7 @@ static struct option long_options[] = + {"target", required_argument, 0, OPTION_TARGET}, + {"defined-only", no_argument, &defined_only, 1}, + {"undefined-only", no_argument, &undefined_only, 1}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, &show_version, 1}, + {"with-symbol-versions", no_argument, NULL, + OPTION_WITH_SYMBOL_VERSIONS}, +@@ -285,6 +303,8 @@ usage (FILE *stream, int status) + -t, --radix=RADIX Use RADIX for printing symbol values\n\ + --target=BFDNAME Specify the target object format as BFDNAME\n\ + -u, --undefined-only Display only undefined symbols\n\ ++ -U {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\ ++ --unicode={default|show|invalid|hex|escape|highlight}\n\ + --with-symbol-versions Display version strings after symbol names\n\ + -X 32_64 (ignored)\n\ + @FILE Read options from FILE\n\ +@@ -399,6 +419,188 @@ get_coff_symbol_type (const struct inter + fatal ("%s", xstrerror (errno)); + return bufp; + } ++ ++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT. ++ The conversion format is controlled by the unicode_display variable. ++ Returns the number of characters added to OUT. ++ Returns the number of bytes consumed from IN in CONSUMED. ++ Always consumes at least one byte and displays at least one character. */ ++ ++static unsigned int ++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed) ++{ ++ char * orig_out = out; ++ unsigned int nchars = 0; ++ unsigned int j; ++ ++ if (unicode_display == unicode_default) ++ goto invalid; ++ ++ if (in[0] < 0xc0) ++ goto invalid; ++ ++ if ((in[1] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x20) == 0) ++ { ++ nchars = 2; ++ goto valid; ++ } ++ ++ if ((in[2] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x10) == 0) ++ { ++ nchars = 3; ++ goto valid; ++ } ++ ++ if ((in[3] & 0xc0) != 0x80) ++ goto invalid; ++ ++ nchars = 4; ++ ++ valid: ++ switch (unicode_display) ++ { ++ case unicode_locale: ++ /* Copy the bytes into the output buffer as is. */ ++ memcpy (out, in, nchars); ++ out += nchars; ++ break; ++ ++ case unicode_invalid: ++ case unicode_hex: ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{'); ++ out += sprintf (out, "0x"); ++ for (j = 0; j < nchars; j++) ++ out += sprintf (out, "%02x", in [j]); ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}'); ++ break; ++ ++ case unicode_highlight: ++ if (isatty (1)) ++ out += sprintf (out, "\x1B[31;47m"); /* Red. */ ++ /* Fall through. */ ++ case unicode_escape: ++ switch (nchars) ++ { ++ case 2: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x1c) >> 2), ++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f)); ++ break; ++ ++ case 3: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f))); ++ break; ++ ++ case 4: ++ out += sprintf (out, "\\u%02x%02x%02x", ++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2), ++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ out += sprintf (out, "\033[0m"); /* Default colour. */ ++ break; ++ ++ default: ++ /* URG */ ++ break; ++ } ++ ++ * consumed = nchars; ++ return out - orig_out; ++ ++ invalid: ++ /* Not a valid UTF-8 sequence. */ ++ *out = *in; ++ * consumed = 1; ++ return 1; ++} ++ ++/* Convert any UTF-8 encoded characters in NAME into the form specified by ++ unicode_display. Also converts control characters. Returns a static ++ buffer if conversion was necessary. ++ Code stolen from objdump.c:sanitize_string(). */ ++ ++static const char * ++convert_utf8 (const char * in) ++{ ++ static char * buffer = NULL; ++ static size_t buffer_len = 0; ++ const char * original = in; ++ char * out; ++ ++ /* Paranoia. */ ++ if (in == NULL) ++ return ""; ++ ++ /* See if any conversion is necessary. ++ In the majority of cases it will not be needed. */ ++ do ++ { ++ unsigned char c = *in++; ++ ++ if (c == 0) ++ return original; ++ ++ if (ISCNTRL (c)) ++ break; ++ ++ if (unicode_display != unicode_default && c >= 0xc0) ++ break; ++ } ++ while (1); ++ ++ /* Copy the input, translating as needed. */ ++ in = original; ++ if (buffer_len < (strlen (in) * 9)) ++ { ++ free ((void *) buffer); ++ buffer_len = strlen (in) * 9; ++ buffer = xmalloc (buffer_len + 1); ++ } ++ ++ out = buffer; ++ do ++ { ++ unsigned char c = *in++; ++ ++ if (c == 0) ++ break; ++ ++ if (ISCNTRL (c)) ++ { ++ *out++ = '^'; ++ *out++ = c + 0x40; ++ } ++ else if (unicode_display != unicode_default && c >= 0xc0) ++ { ++ unsigned int num_consumed; ++ ++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed); ++ in += num_consumed - 1; ++ } ++ else ++ *out++ = c; ++ } ++ while (1); ++ ++ *out = 0; ++ return buffer; ++} ++ + + /* Print symbol name NAME, read from ABFD, with printf format FORM, + demangling it if requested. */ +@@ -418,6 +620,11 @@ print_symname (const char *form, struct + name = alloc; + } + ++ if (unicode_display != unicode_default) ++ { ++ name = convert_utf8 (name); ++ } ++ + if (info != NULL && info->elfinfo) + { + const char *version_string; +@@ -1738,7 +1945,7 @@ main (int argc, char **argv) + fatal (_("fatal error: libbfd ABI mismatch")); + set_default_bfd_target (); + +- while ((c = getopt_long (argc, argv, "aABCDef:gHhlnopPrSst:uvVvX:", ++ while ((c = getopt_long (argc, argv, "aABCDef:gHhlnopPrSst:uU:vVvX:", + long_options, (int *) 0)) != EOF) + { + switch (c) +@@ -1828,6 +2035,24 @@ main (int argc, char **argv) + case 'u': + undefined_only = 1; + break; ++ ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case 'V': + show_version = 1; + break; +diff --git a/binutils/objdump.c b/binutils/objdump.c +--- a/binutils/objdump.c 2021-12-23 03:23:38.445843329 -0800 ++++ b/binutils/objdump.c 2021-12-23 03:30:31.098968875 -0800 +@@ -205,6 +205,19 @@ static const struct objdump_private_desc + + /* The list of detected jumps inside a function. */ + static struct jump_info *detected_jumps = NULL; ++ ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ + + static void usage (FILE *, int) ATTRIBUTE_NORETURN; + static void +@@ -274,6 +287,8 @@ usage (FILE *stream, int status) + --recurse-limit Enable a limit on recursion whilst demangling. [Default]\n\ + --no-recurse-limit Disable a limit on recursion whilst demangling\n\ + -w, --wide Format output for more than 80 columns\n\ ++ -U[d|l|i|x|e|h] Controls the display of UTF-8 unicode characters\n\ ++ --unicode=[default|locale|invalid|hex|escape|highlight]\n\ + -z, --disassemble-zeroes Do not skip blocks of zeroes when disassembling\n\ + --start-address=ADDR Only process data whose address is >= ADDR\n\ + --stop-address=ADDR Only process data whose address is < ADDR\n\ +@@ -348,17 +363,23 @@ static struct option long_options[]= + { + {"adjust-vma", required_argument, NULL, OPTION_ADJUST_VMA}, + {"all-headers", no_argument, NULL, 'x'}, +- {"private-headers", no_argument, NULL, 'p'}, +- {"private", required_argument, NULL, 'P'}, + {"architecture", required_argument, NULL, 'm'}, + {"archive-headers", no_argument, NULL, 'a'}, ++#ifdef ENABLE_LIBCTF ++ {"ctf", required_argument, NULL, OPTION_CTF}, ++ {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT}, ++#endif + {"debugging", no_argument, NULL, 'g'}, + {"debugging-tags", no_argument, NULL, 'e'}, + {"demangle", optional_argument, NULL, 'C'}, + {"disassemble", optional_argument, NULL, 'd'}, + {"disassemble-all", no_argument, NULL, 'D'}, +- {"disassembler-options", required_argument, NULL, 'M'}, + {"disassemble-zeroes", no_argument, NULL, 'z'}, ++ {"disassembler-options", required_argument, NULL, 'M'}, ++ {"dwarf", optional_argument, NULL, OPTION_DWARF}, ++ {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK}, ++ {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH}, ++ {"dwarf-start", required_argument, 0, OPTION_DWARF_START}, + {"dynamic-reloc", no_argument, NULL, 'R'}, + {"dynamic-syms", no_argument, NULL, 'T'}, + {"endian", required_argument, NULL, OPTION_ENDIAN}, +@@ -368,15 +389,22 @@ static struct option long_options[]= + {"full-contents", no_argument, NULL, 's'}, + {"headers", no_argument, NULL, 'h'}, + {"help", no_argument, NULL, 'H'}, ++ {"include", required_argument, NULL, 'I'}, + {"info", no_argument, NULL, 'i'}, ++ {"inlines", no_argument, 0, OPTION_INLINES}, ++ {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH}, + {"line-numbers", no_argument, NULL, 'l'}, +- {"no-show-raw-insn", no_argument, &show_raw_insn, -1}, + {"no-addresses", no_argument, &no_addresses, 1}, ++ {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, ++ {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, ++ {"no-show-raw-insn", no_argument, &show_raw_insn, -1}, ++ {"prefix", required_argument, NULL, OPTION_PREFIX}, + {"prefix-addresses", no_argument, &prefix_addresses, 1}, ++ {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP}, ++ {"private", required_argument, NULL, 'P'}, ++ {"private-headers", no_argument, NULL, 'p'}, + {"recurse-limit", no_argument, NULL, OPTION_RECURSE_LIMIT}, + {"recursion-limit", no_argument, NULL, OPTION_RECURSE_LIMIT}, +- {"no-recurse-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, +- {"no-recursion-limit", no_argument, NULL, OPTION_NO_RECURSE_LIMIT}, + {"reloc", no_argument, NULL, 'r'}, + {"section", required_argument, NULL, 'j'}, + {"section-headers", no_argument, NULL, 'h'}, +@@ -384,28 +412,16 @@ static struct option long_options[]= + {"source", no_argument, NULL, 'S'}, + {"source-comment", optional_argument, NULL, OPTION_SOURCE_COMMENT}, + {"special-syms", no_argument, &dump_special_syms, 1}, +- {"include", required_argument, NULL, 'I'}, +- {"dwarf", optional_argument, NULL, OPTION_DWARF}, +-#ifdef ENABLE_LIBCTF +- {"ctf", required_argument, NULL, OPTION_CTF}, +- {"ctf-parent", required_argument, NULL, OPTION_CTF_PARENT}, +-#endif + {"stabs", no_argument, NULL, 'G'}, + {"start-address", required_argument, NULL, OPTION_START_ADDRESS}, + {"stop-address", required_argument, NULL, OPTION_STOP_ADDRESS}, + {"syms", no_argument, NULL, 't'}, + {"target", required_argument, NULL, 'b'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, NULL, 'V'}, +- {"wide", no_argument, NULL, 'w'}, +- {"prefix", required_argument, NULL, OPTION_PREFIX}, +- {"prefix-strip", required_argument, NULL, OPTION_PREFIX_STRIP}, +- {"insn-width", required_argument, NULL, OPTION_INSN_WIDTH}, +- {"dwarf-depth", required_argument, 0, OPTION_DWARF_DEPTH}, +- {"dwarf-start", required_argument, 0, OPTION_DWARF_START}, +- {"dwarf-check", no_argument, 0, OPTION_DWARF_CHECK}, +- {"inlines", no_argument, 0, OPTION_INLINES}, + {"visualize-jumps", optional_argument, 0, OPTION_VISUALIZE_JUMPS}, +- {0, no_argument, 0, 0} ++ {"wide", no_argument, NULL, 'w'}, ++ {NULL, no_argument, NULL, 0} + }; + + static void +@@ -415,9 +431,121 @@ nonfatal (const char *msg) + exit_status = 1; + } + ++/* Convert a potential UTF-8 encoded sequence in IN into characters in OUT. ++ The conversion format is controlled by the unicode_display variable. ++ Returns the number of characters added to OUT. ++ Returns the number of bytes consumed from IN in CONSUMED. ++ Always consumes at least one byte and displays at least one character. */ ++ ++static unsigned int ++display_utf8 (const unsigned char * in, char * out, unsigned int * consumed) ++{ ++ char * orig_out = out; ++ unsigned int nchars = 0; ++ unsigned int j; ++ ++ if (unicode_display == unicode_default) ++ goto invalid; ++ ++ if (in[0] < 0xc0) ++ goto invalid; ++ ++ if ((in[1] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x20) == 0) ++ { ++ nchars = 2; ++ goto valid; ++ } ++ ++ if ((in[2] & 0xc0) != 0x80) ++ goto invalid; ++ ++ if ((in[0] & 0x10) == 0) ++ { ++ nchars = 3; ++ goto valid; ++ } ++ ++ if ((in[3] & 0xc0) != 0x80) ++ goto invalid; ++ ++ nchars = 4; ++ ++ valid: ++ switch (unicode_display) ++ { ++ case unicode_locale: ++ /* Copy the bytes into the output buffer as is. */ ++ memcpy (out, in, nchars); ++ out += nchars; ++ break; ++ ++ case unicode_invalid: ++ case unicode_hex: ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '<' : '{'); ++ out += sprintf (out, "0x"); ++ for (j = 0; j < nchars; j++) ++ out += sprintf (out, "%02x", in [j]); ++ out += sprintf (out, "%c", unicode_display == unicode_hex ? '>' : '}'); ++ break; ++ ++ case unicode_highlight: ++ if (isatty (1)) ++ out += sprintf (out, "\x1B[31;47m"); /* Red. */ ++ /* Fall through. */ ++ case unicode_escape: ++ switch (nchars) ++ { ++ case 2: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x1c) >> 2), ++ ((in[0] & 0x03) << 6) | (in[1] & 0x3f)); ++ break; ++ ++ case 3: ++ out += sprintf (out, "\\u%02x%02x", ++ ((in[0] & 0x0f) << 4) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3f))); ++ break; ++ ++ case 4: ++ out += sprintf (out, "\\u%02x%02x%02x", ++ ((in[0] & 0x07) << 6) | ((in[1] & 0x3c) >> 2), ++ ((in[1] & 0x03) << 6) | ((in[2] & 0x3c) >> 2), ++ ((in[2] & 0x03) << 6) | ((in[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ out += sprintf (out, "\033[0m"); /* Default colour. */ ++ break; ++ ++ default: ++ /* URG */ ++ break; ++ } ++ ++ * consumed = nchars; ++ return out - orig_out; ++ ++ invalid: ++ /* Not a valid UTF-8 sequence. */ ++ *out = *in; ++ * consumed = 1; ++ return 1; ++} ++ + /* Returns a version of IN with any control characters + replaced by escape sequences. Uses a static buffer +- if necessary. */ ++ if necessary. ++ ++ If unicode display is enabled, then also handles the ++ conversion of unicode characters. */ + + static const char * + sanitize_string (const char * in) +@@ -435,40 +563,50 @@ sanitize_string (const char * in) + of cases it will not be needed. */ + do + { +- char c = *in++; ++ unsigned char c = *in++; + + if (c == 0) + return original; + + if (ISCNTRL (c)) + break; ++ ++ if (unicode_display != unicode_default && c >= 0xc0) ++ break; + } + while (1); + + /* Copy the input, translating as needed. */ + in = original; +- if (buffer_len < (strlen (in) * 2)) ++ if (buffer_len < (strlen (in) * 9)) + { + free ((void *) buffer); +- buffer_len = strlen (in) * 2; ++ buffer_len = strlen (in) * 9; + buffer = xmalloc (buffer_len + 1); + } + + out = buffer; + do + { +- char c = *in++; ++ unsigned char c = *in++; + + if (c == 0) + break; + +- if (!ISCNTRL (c)) +- *out++ = c; +- else ++ if (ISCNTRL (c)) + { + *out++ = '^'; + *out++ = c + 0x40; + } ++ else if (unicode_display != unicode_default && c >= 0xc0) ++ { ++ unsigned int num_consumed; ++ ++ out += display_utf8 ((const unsigned char *)(in - 1), out, & num_consumed); ++ in += num_consumed - 1; ++ } ++ else ++ *out++ = c; + } + while (1); + +@@ -4481,6 +4619,24 @@ dump_symbols (bfd *abfd ATTRIBUTE_UNUSED + free (alloc); + } + } ++ else if (unicode_display != unicode_default ++ && name != NULL && *name != '\0') ++ { ++ const char * sanitized_name; ++ ++ /* If we want to sanitize the name, we do it here, and ++ temporarily clobber it while calling bfd_print_symbol. ++ FIXME: This is a gross hack. */ ++ sanitized_name = sanitize_string (name); ++ if (sanitized_name != name) ++ (*current)->name = sanitized_name; ++ else ++ sanitized_name = NULL; ++ bfd_print_symbol (cur_bfd, stdout, *current, ++ bfd_print_symbol_all); ++ if (sanitized_name != NULL) ++ (*current)->name = name; ++ } + else + bfd_print_symbol (cur_bfd, stdout, *current, + bfd_print_symbol_all); +@@ -5162,7 +5318,7 @@ main (int argc, char **argv) + set_default_bfd_target (); + + while ((c = getopt_long (argc, argv, +- "pP:ib:m:M:VvCdDlfFaHhrRtTxsSI:j:wE:zgeGW::", ++ "pP:ib:m:U:M:VvCdDlfFaHhrRtTxsSI:j:wE:zgeGW::", + long_options, (int *) 0)) + != EOF) + { +@@ -5441,6 +5597,23 @@ main (int argc, char **argv) + seenflag = TRUE; + break; + ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; ++ + case 'H': + usage (stdout, 0); + /* No need to set seenflag or to break - usage() does not return. */ +diff --git a/binutils/readelf.c b/binutils/readelf.c +--- a/binutils/readelf.c 2021-12-23 03:23:42.065783023 -0800 ++++ b/binutils/readelf.c 2021-12-23 03:30:36.582877519 -0800 +@@ -321,6 +321,19 @@ typedef enum print_mode + } + print_mode; + ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ ++ + /* Versioned symbol info. */ + enum versioned_symbol_info + { +@@ -613,11 +626,18 @@ print_symbol (signed int width, const ch + if (c == 0) + break; + +- /* Do not print control characters directly as they can affect terminal +- settings. Such characters usually appear in the names generated +- by the assembler for local labels. */ +- if (ISCNTRL (c)) ++ if (ISPRINT (c)) ++ { ++ putchar (c); ++ width_remaining --; ++ num_printed ++; ++ } ++ else if (ISCNTRL (c)) + { ++ /* Do not print control characters directly as they can affect terminal ++ settings. Such characters usually appear in the names generated ++ by the assembler for local labels. */ ++ + if (width_remaining < 2) + break; + +@@ -625,11 +645,137 @@ print_symbol (signed int width, const ch + width_remaining -= 2; + num_printed += 2; + } +- else if (ISPRINT (c)) ++ else if (c == 0x7f) + { +- putchar (c); +- width_remaining --; +- num_printed ++; ++ if (width_remaining < 5) ++ break; ++ printf ("<DEL>"); ++ width_remaining -= 5; ++ num_printed += 5; ++ } ++ else if (unicode_display != unicode_locale ++ && unicode_display != unicode_default) ++ { ++ /* Display unicode characters as something else. */ ++ unsigned char bytes[4]; ++ bfd_boolean is_utf8; ++ unsigned int nbytes; ++ ++ bytes[0] = c; ++ ++ if (bytes[0] < 0xc0) ++ { ++ nbytes = 1; ++ is_utf8 = FALSE; ++ } ++ else ++ { ++ bytes[1] = *symbol++; ++ ++ if ((bytes[1] & 0xc0) != 0x80) ++ { ++ is_utf8 = FALSE; ++ /* Do not consume this character. It may only ++ be the first byte in the sequence that was ++ corrupt. */ ++ --symbol; ++ nbytes = 1; ++ } ++ else if ((bytes[0] & 0x20) == 0) ++ { ++ is_utf8 = TRUE; ++ nbytes = 2; ++ } ++ else ++ { ++ bytes[2] = *symbol++; ++ ++ if ((bytes[2] & 0xc0) != 0x80) ++ { ++ is_utf8 = FALSE; ++ symbol -= 2; ++ nbytes = 1; ++ } ++ else if ((bytes[0] & 0x10) == 0) ++ { ++ is_utf8 = TRUE; ++ nbytes = 3; ++ } ++ else ++ { ++ bytes[3] = *symbol++; ++ ++ nbytes = 4; ++ ++ if ((bytes[3] & 0xc0) != 0x80) ++ { ++ is_utf8 = FALSE; ++ symbol -= 3; ++ nbytes = 1; ++ } ++ else ++ is_utf8 = TRUE; ++ } ++ } ++ } ++ ++ if (unicode_display == unicode_invalid) ++ is_utf8 = FALSE; ++ ++ if (unicode_display == unicode_hex || ! is_utf8) ++ { ++ unsigned int i; ++ ++ if (width_remaining < (nbytes * 2) + 2) ++ break; ++ ++ putchar (is_utf8 ? '<' : '{'); ++ printf ("0x"); ++ for (i = 0; i < nbytes; i++) ++ printf ("%02x", bytes[i]); ++ putchar (is_utf8 ? '>' : '}'); ++ } ++ else ++ { ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\x1B[31;47m"); /* Red. */ ++ ++ switch (nbytes) ++ { ++ case 2: ++ if (width_remaining < 6) ++ break; ++ printf ("\\u%02x%02x", ++ (bytes[0] & 0x1c) >> 2, ++ ((bytes[0] & 0x03) << 6) | (bytes[1] & 0x3f)); ++ break; ++ case 3: ++ if (width_remaining < 6) ++ break; ++ printf ("\\u%02x%02x", ++ ((bytes[0] & 0x0f) << 4) | ((bytes[1] & 0x3c) >> 2), ++ ((bytes[1] & 0x03) << 6) | (bytes[2] & 0x3f)); ++ break; ++ case 4: ++ if (width_remaining < 8) ++ break; ++ printf ("\\u%02x%02x%02x", ++ ((bytes[0] & 0x07) << 6) | ((bytes[1] & 0x3c) >> 2), ++ ((bytes[1] & 0x03) << 6) | ((bytes[2] & 0x3c) >> 2), ++ ((bytes[2] & 0x03) << 6) | (bytes[3] & 0x3f)); ++ ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\033[0m"); /* Default colour. */ ++ } ++ ++ if (bytes[nbytes - 1] == 0) ++ break; + } + else + { +@@ -4556,6 +4702,7 @@ static struct option options[] = + {"syms", no_argument, 0, 's'}, + {"silent-truncation",no_argument, 0, 'T'}, + {"section-details", no_argument, 0, 't'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"unwind", no_argument, 0, 'u'}, + {"version-info", no_argument, 0, 'V'}, + {"version", no_argument, 0, 'v'}, +@@ -4609,6 +4756,11 @@ usage (FILE * stream) + --no-demangle Do not demangle low-level symbol names. (This is the default)\n\ + --recurse-limit Enable a demangling recursion limit. (This is the default)\n\ + --no-recurse-limit Disable a demangling recursion limit\n\ ++ -U[dlexhi] --unicode=[default|locale|escape|hex|highlight|invalid]\n\ ++ Display unicode characters as determined by the current locale\n\ ++ (default), escape sequences, \"<hex sequences>\", highlighted\n\ ++ escape sequences, or treat them as invalid and display as\n\ ++ \"{hex sequences}\"\n\ + -n --notes Display the core notes (if present)\n\ + -r --relocs Display the relocations (if present)\n\ + -u --unwind Display the unwind info (if present)\n\ +@@ -4749,7 +4901,7 @@ parse_args (struct dump_data *dumpdata, + usage (stderr); + + while ((c = getopt_long +- (argc, argv, "ACDHILNR:STVWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF) ++ (argc, argv, "ACDHILNR:STU:VWacdeghi:lnp:rstuvw::x:z", options, NULL)) != EOF) + { + switch (c) + { +@@ -4943,6 +5095,24 @@ parse_args (struct dump_data *dumpdata, + case OPTION_WITH_SYMBOL_VERSIONS: + /* Ignored for backward compatibility. */ + break; ++ case 'U': ++ if (optarg == NULL) ++ error (_("Missing arg to -U/--unicode")); /* Can this happen ? */ ++ else if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ error (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; + + default: + /* xgettext:c-format */ +diff --git a/binutils/strings.c b/binutils/strings.c +--- a/binutils/strings.c 2021-12-23 03:23:38.485842662 -0800 ++++ b/binutils/strings.c 2021-12-23 03:30:36.586877452 -0800 +@@ -55,6 +55,19 @@ + -T {bfdname} + Specify a non-default object file format. + ++ --unicode={default|locale|invalid|hex|escape|highlight} ++ -u {d|l|i|x|e|h} ++ Determine how to handle UTF-8 unicode characters. The default ++ is no special treatment. All other versions of this option ++ only apply if the encoding is valid and enabling the option ++ implies --encoding=S. ++ The 'locale' option displays the characters according to the ++ current locale. The 'invalid' option treats them as ++ non-string characters. The 'hex' option displays them as hex ++ byte sequences. The 'escape' option displays them as escape ++ sequences and the 'highlight' option displays them as ++ coloured escape sequences. ++ + --output-separator=sep_string + -s sep_string String used to separate parsed strings in output. + Default is newline. +@@ -76,6 +89,22 @@ + #include "safe-ctype.h" + #include "bucomm.h" + ++#ifndef streq ++#define streq(a,b) (strcmp ((a),(b)) == 0) ++#endif ++ ++typedef enum unicode_display_type ++{ ++ unicode_default = 0, ++ unicode_locale, ++ unicode_escape, ++ unicode_hex, ++ unicode_highlight, ++ unicode_invalid ++} unicode_display_type; ++ ++static unicode_display_type unicode_display = unicode_default; ++ + #define STRING_ISGRAPHIC(c) \ + ( (c) >= 0 \ + && (c) <= 255 \ +@@ -94,7 +123,7 @@ extern int errno; + static int address_radix; + + /* Minimum length of sequence of graphic chars to trigger output. */ +-static int string_min; ++static unsigned int string_min; + + /* Whether or not we include all whitespace as a graphic char. */ + static bfd_boolean include_all_whitespace; +@@ -121,21 +150,22 @@ static char *output_separator; + static struct option long_options[] = + { + {"all", no_argument, NULL, 'a'}, ++ {"bytes", required_argument, NULL, 'n'}, + {"data", no_argument, NULL, 'd'}, ++ {"encoding", required_argument, NULL, 'e'}, ++ {"help", no_argument, NULL, 'h'}, ++ {"include-all-whitespace", no_argument, NULL, 'w'}, ++ {"output-separator", required_argument, NULL, 's'}, + {"print-file-name", no_argument, NULL, 'f'}, +- {"bytes", required_argument, NULL, 'n'}, + {"radix", required_argument, NULL, 't'}, +- {"include-all-whitespace", no_argument, NULL, 'w'}, +- {"encoding", required_argument, NULL, 'e'}, + {"target", required_argument, NULL, 'T'}, +- {"output-separator", required_argument, NULL, 's'}, +- {"help", no_argument, NULL, 'h'}, ++ {"unicode", required_argument, NULL, 'U'}, + {"version", no_argument, NULL, 'v'}, + {NULL, 0, NULL, 0} + }; + + static bfd_boolean strings_file (char *); +-static void print_strings (const char *, FILE *, file_ptr, int, int, char *); ++static void print_strings (const char *, FILE *, file_ptr, int, char *); + static void usage (FILE *, int) ATTRIBUTE_NORETURN; + + int main (int, char **); +@@ -173,7 +203,7 @@ main (int argc, char **argv) + encoding = 's'; + output_separator = NULL; + +- while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:Vv0123456789", ++ while ((optc = getopt_long (argc, argv, "adfhHn:wot:e:T:s:U:Vv0123456789", + long_options, (int *) 0)) != EOF) + { + switch (optc) +@@ -244,7 +274,24 @@ main (int argc, char **argv) + + case 's': + output_separator = optarg; +- break; ++ break; ++ ++ case 'U': ++ if (streq (optarg, "default") || streq (optarg, "d")) ++ unicode_display = unicode_default; ++ else if (streq (optarg, "locale") || streq (optarg, "l")) ++ unicode_display = unicode_locale; ++ else if (streq (optarg, "escape") || streq (optarg, "e")) ++ unicode_display = unicode_escape; ++ else if (streq (optarg, "invalid") || streq (optarg, "i")) ++ unicode_display = unicode_invalid; ++ else if (streq (optarg, "hex") || streq (optarg, "x")) ++ unicode_display = unicode_hex; ++ else if (streq (optarg, "highlight") || streq (optarg, "h")) ++ unicode_display = unicode_highlight; ++ else ++ fatal (_("invalid argument to -U/--unicode: %s"), optarg); ++ break; + + case 'V': + case 'v': +@@ -260,6 +307,9 @@ main (int argc, char **argv) + } + } + ++ if (unicode_display != unicode_default) ++ encoding = 'S'; ++ + if (numeric_opt != 0) + { + string_min = (int) strtoul (argv[numeric_opt - 1] + 1, &s, 0); +@@ -295,14 +345,14 @@ main (int argc, char **argv) + { + datasection_only = FALSE; + SET_BINARY (fileno (stdin)); +- print_strings ("{standard input}", stdin, 0, 0, 0, (char *) NULL); ++ print_strings ("{standard input}", stdin, 0, 0, (char *) NULL); + files_given = TRUE; + } + else + { + for (; optind < argc; ++optind) + { +- if (strcmp (argv[optind], "-") == 0) ++ if (streq (argv[optind], "-")) + datasection_only = FALSE; + else + { +@@ -344,7 +394,7 @@ strings_a_section (bfd *abfd, asection * + } + + *got_a_section = TRUE; +- print_strings (filename, NULL, sect->filepos, 0, sectsize, (char *) mem); ++ print_strings (filename, NULL, sect->filepos, sectsize, (char *) mem); + free (mem); + } + +@@ -429,7 +479,7 @@ strings_file (char *file) + return FALSE; + } + +- print_strings (file, stream, (file_ptr) 0, 0, 0, (char *) 0); ++ print_strings (file, stream, (file_ptr) 0, 0, (char *) NULL); + + if (fclose (stream) == EOF) + { +@@ -553,11 +603,632 @@ unget_part_char (long c, file_ptr *addre + } + } + } ++ ++ ++static void ++print_filename_and_address (const char * filename, file_ptr address) ++{ ++ if (print_filenames) ++ printf ("%s: ", filename); ++ ++ if (! print_addresses) ++ return; ++ ++ switch (address_radix) ++ { ++ case 8: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llo ", (unsigned long long) address); ++#else ++ printf ("%7I64o ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7lo ", (unsigned long) address); ++ break; ++ ++ case 10: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llu ", (unsigned long long) address); ++#else ++ printf ("%7I64d ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7ld ", (long) address); ++ break; ++ ++ case 16: ++ if (sizeof (address) > sizeof (long)) ++ { ++#ifndef __MSVCRT__ ++ printf ("%7llx ", (unsigned long long) address); ++#else ++ printf ("%7I64x ", (unsigned long long) address); ++#endif ++ } ++ else ++ printf ("%7lx ", (unsigned long) address); ++ break; ++ } ++} ++ ++/* Return non-zero if the bytes starting at BUFFER form a valid UTF-8 encoding. ++ If the encoding is valid then returns the number of bytes it uses. */ ++ ++static unsigned int ++is_valid_utf8 (const unsigned char * buffer, unsigned long buflen) ++{ ++ if (buffer[0] < 0xc0) ++ return 0; ++ ++ if (buflen < 2) ++ return 0; ++ ++ if ((buffer[1] & 0xc0) != 0x80) ++ return 0; ++ ++ if ((buffer[0] & 0x20) == 0) ++ return 2; ++ ++ if (buflen < 3) ++ return 0; ++ ++ if ((buffer[2] & 0xc0) != 0x80) ++ return 0; ++ ++ if ((buffer[0] & 0x10) == 0) ++ return 3; ++ ++ if (buflen < 4) ++ return 0; ++ ++ if ((buffer[3] & 0xc0) != 0x80) ++ return 0; ++ ++ return 4; ++} ++ ++/* Display a UTF-8 encoded character in BUFFER according to the setting ++ of unicode_display. The character is known to be valid. ++ Returns the number of bytes consumed. */ ++ ++static unsigned int ++display_utf8_char (const unsigned char * buffer) ++{ ++ unsigned int j; ++ unsigned int utf8_len; ++ ++ switch (buffer[0] & 0x30) ++ { ++ case 0x00: ++ case 0x10: ++ utf8_len = 2; ++ break; ++ case 0x20: ++ utf8_len = 3; ++ break; ++ default: ++ utf8_len = 4; ++ } ++ ++ switch (unicode_display) ++ { ++ default: ++ fprintf (stderr, "ICE: unexpected unicode display type\n"); ++ break; ++ ++ case unicode_escape: ++ case unicode_highlight: ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\x1B[31;47m"); /* Red. */ ++ ++ switch (utf8_len) ++ { ++ case 2: ++ printf ("\\u%02x%02x", ++ ((buffer[0] & 0x1c) >> 2), ++ ((buffer[0] & 0x03) << 6) | (buffer[1] & 0x3f)); ++ break; ++ ++ case 3: ++ printf ("\\u%02x%02x", ++ ((buffer[0] & 0x0f) << 4) | ((buffer[1] & 0x3c) >> 2), ++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3f))); ++ break; ++ ++ case 4: ++ printf ("\\u%02x%02x%02x", ++ ((buffer[0] & 0x07) << 6) | ((buffer[1] & 0x3c) >> 2), ++ ((buffer[1] & 0x03) << 6) | ((buffer[2] & 0x3c) >> 2), ++ ((buffer[2] & 0x03) << 6) | ((buffer[3] & 0x3f))); ++ break; ++ default: ++ /* URG. */ ++ break; ++ } ++ ++ if (unicode_display == unicode_highlight && isatty (1)) ++ printf ("\033[0m"); /* Default colour. */ ++ break; ++ ++ case unicode_hex: ++ putchar ('<'); ++ printf ("0x"); ++ for (j = 0; j < utf8_len; j++) ++ printf ("%02x", buffer [j]); ++ putchar ('>'); ++ break; ++ ++ case unicode_locale: ++ printf ("%.1s", buffer); ++ break; ++ } ++ ++ return utf8_len; ++} ++ ++/* Display strings in BUFFER. Treat any UTF-8 encoded characters encountered ++ according to the setting of the unicode_display variable. The buffer ++ contains BUFLEN bytes. ++ ++ Display the characters as if they started at ADDRESS and are contained in ++ FILENAME. */ ++ ++static void ++print_unicode_buffer (const char * filename, ++ file_ptr address, ++ const unsigned char * buffer, ++ unsigned long buflen) ++{ ++ /* Paranoia checks... */ ++ if (filename == NULL ++ || buffer == NULL ++ || unicode_display == unicode_default ++ || encoding != 'S' ++ || encoding_bytes != 1) ++ { ++ fprintf (stderr, "ICE: bad arguments to print_unicode_buffer\n"); ++ return; ++ } ++ ++ if (buflen == 0) ++ return; ++ ++ /* We must only display strings that are at least string_min *characters* ++ long. So we scan the buffer in two stages. First we locate the start ++ of a potential string. Then we walk along it until we have found ++ string_min characters. Then we go back to the start point and start ++ displaying characters according to the unicode_display setting. */ ++ ++ unsigned long start_point = 0; ++ unsigned long i = 0; ++ unsigned int char_len = 1; ++ unsigned int num_found = 0; ++ ++ for (i = 0; i < buflen; i += char_len) ++ { ++ int c = buffer[i]; ++ ++ char_len = 1; ++ ++ /* Find the first potential character of a string. */ ++ if (! STRING_ISGRAPHIC (c)) ++ { ++ num_found = 0; ++ continue; ++ } ++ ++ if (c > 126) ++ { ++ if (c < 0xc0) ++ { ++ num_found = 0; ++ continue; ++ } ++ ++ if ((char_len = is_valid_utf8 (buffer + i, buflen - i)) == 0) ++ { ++ char_len = 1; ++ num_found = 0; ++ continue; ++ } ++ ++ if (unicode_display == unicode_invalid) ++ { ++ /* We have found a valid UTF-8 character, but we treat it as non-graphic. */ ++ num_found = 0; ++ continue; ++ } ++ } ++ ++ if (num_found == 0) ++ /* We have found a potential starting point for a string. */ ++ start_point = i; ++ ++ ++ num_found; ++ ++ if (num_found >= string_min) ++ break; ++ } ++ ++ if (num_found < string_min) ++ return; ++ ++ print_filename_and_address (filename, address + start_point); ++ ++ /* We have found string_min characters. Display them and any ++ more that follow. */ ++ for (i = start_point; i < buflen; i += char_len) ++ { ++ int c = buffer[i]; ++ ++ char_len = 1; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ break; ++ else if (c < 127) ++ putchar (c); ++ else if (! is_valid_utf8 (buffer + i, buflen - i)) ++ break; ++ else if (unicode_display == unicode_invalid) ++ break; ++ else ++ char_len = display_utf8_char (buffer + i); ++ } ++ ++ if (output_separator) ++ fputs (output_separator, stdout); ++ else ++ putchar ('\n'); ++ ++ /* FIXME: Using tail recursion here is lazy programming... */ ++ print_unicode_buffer (filename, address + i, buffer + i, buflen - i); ++} ++ ++static int ++get_unicode_byte (FILE * stream, ++ unsigned char * putback, ++ unsigned int * num_putback, ++ unsigned int * num_read) ++{ ++ if (* num_putback > 0) ++ { ++ * num_putback = * num_putback - 1; ++ return putback [* num_putback]; ++ } ++ ++ * num_read = * num_read + 1; ++ ++#if defined(HAVE_GETC_UNLOCKED) && HAVE_DECL_GETC_UNLOCKED ++ return getc_unlocked (stream); ++#else ++ return getc (stream); ++#endif ++} ++ ++/* Helper function for print_unicode_stream. */ ++ ++static void ++print_unicode_stream_body (const char * filename, ++ file_ptr address, ++ FILE * stream, ++ unsigned char * putback_buf, ++ unsigned int num_putback, ++ unsigned char * print_buf) ++{ ++ /* It would be nice if we could just read the stream into a buffer ++ and then process if with print_unicode_buffer. But the input ++ might be huge or it might time-locked (eg stdin). So instead ++ we go one byte at a time... */ ++ ++ file_ptr start_point = 0; ++ unsigned int num_read = 0; ++ unsigned int num_chars = 0; ++ unsigned int num_print = 0; ++ int c; ++ ++ /* Find a series of string_min characters. Put them into print_buf. */ ++ do ++ { ++ if (num_chars >= string_min) ++ break; ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ { ++ num_chars = num_print = 0; ++ continue; ++ } ++ ++ if (num_chars == 0) ++ start_point = num_read - 1; ++ ++ if (c < 127) ++ { ++ print_buf[num_print] = c; ++ num_chars ++; ++ num_print ++; ++ continue; ++ } ++ ++ if (c < 0xc0) ++ { ++ num_chars = num_print = 0; ++ continue; ++ } ++ ++ /* We *might* have a UTF-8 sequence. Time to start peeking. */ ++ char utf8[4]; ++ ++ utf8[0] = c; ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[1] = c; ++ ++ if ((utf8[1] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ continue; ++ } ++ else if ((utf8[0] & 0x20) == 0) ++ { ++ /* A valid 2-byte UTF-8 encoding. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ num_chars ++; ++ } ++ continue; ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[2] = c; ++ ++ if ((utf8[2] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ continue; ++ } ++ else if ((utf8[0] & 0x10) == 0) ++ { ++ /* A valid 3-byte UTF-8 encoding. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ print_buf[num_print ++] = utf8[2]; ++ num_chars ++; ++ } ++ continue; ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[3] = c; ++ ++ if ((utf8[3] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ num_chars = num_print = 0; ++ } ++ /* We have a valid 4-byte UTF-8 encoding. */ ++ else if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[1]; ++ putback_buf[num_putback++] = utf8[2]; ++ num_chars = num_print = 0; ++ } ++ else ++ { ++ print_buf[num_print ++] = utf8[0]; ++ print_buf[num_print ++] = utf8[1]; ++ print_buf[num_print ++] = utf8[2]; ++ print_buf[num_print ++] = utf8[3]; ++ num_chars ++; ++ } ++ } ++ while (1); ++ ++ if (num_chars >= string_min) ++ { ++ /* We know that we have string_min valid characters in print_buf, ++ and there may be more to come in the stream. Start displaying ++ them. */ ++ ++ print_filename_and_address (filename, address + start_point); ++ ++ unsigned int i; ++ for (i = 0; i < num_print;) ++ { ++ if (print_buf[i] < 127) ++ putchar (print_buf[i++]); ++ else ++ i += display_utf8_char (print_buf + i); ++ } ++ ++ /* OK so now we have to start read unchecked bytes. */ ++ ++ /* Find a series of string_min characters. Put them into print_buf. */ ++ do ++ { ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ ++ if (! STRING_ISGRAPHIC (c)) ++ break; ++ ++ if (c < 127) ++ { ++ putchar (c); ++ continue; ++ } ++ ++ if (c < 0xc0) ++ break; ++ ++ /* We *might* have a UTF-8 sequence. Time to start peeking. */ ++ unsigned char utf8[4]; ++ ++ utf8[0] = c; ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[1] = c; ++ ++ if ((utf8[1] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if ((utf8[0] & 0x20) == 0) ++ { ++ /* Valid 2-byte UTF-8. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ { ++ (void) display_utf8_char (utf8); ++ continue; ++ } ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[2] = c; ++ ++ if ((utf8[2] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if ((utf8[0] & 0x10) == 0) ++ { ++ /* Valid 3-byte UTF-8. */ ++ if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ { ++ (void) display_utf8_char (utf8); ++ continue; ++ } ++ } ++ ++ c = get_unicode_byte (stream, putback_buf, & num_putback, & num_read); ++ if (c == EOF) ++ break; ++ utf8[3] = c; ++ ++ if ((utf8[3] & 0xc0) != 0x80) ++ { ++ /* Invalid UTF-8. */ ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else if (unicode_display == unicode_invalid) ++ { ++ putback_buf[num_putback++] = utf8[3]; ++ putback_buf[num_putback++] = utf8[2]; ++ putback_buf[num_putback++] = utf8[1]; ++ break; ++ } ++ else ++ /* A valid 4-byte UTF-8 encoding. */ ++ (void) display_utf8_char (utf8); ++ } ++ while (1); ++ ++ if (output_separator) ++ fputs (output_separator, stdout); ++ else ++ putchar ('\n'); ++ } ++ ++ if (c != EOF) ++ /* FIXME: Using tail recursion here is lazy, but it works. */ ++ print_unicode_stream_body (filename, address + num_read, stream, putback_buf, num_putback, print_buf); ++} ++ ++/* Display strings read in from STREAM. Treat any UTF-8 encoded characters ++ encountered according to the setting of the unicode_display variable. ++ The stream is positioned at ADDRESS and is attached to FILENAME. */ ++ ++static void ++print_unicode_stream (const char * filename, ++ file_ptr address, ++ FILE * stream) ++{ ++ /* Paranoia checks... */ ++ if (filename == NULL ++ || stream == NULL ++ || unicode_display == unicode_default ++ || encoding != 'S' ++ || encoding_bytes != 1) ++ { ++ fprintf (stderr, "ICE: bad arguments to print_unicode_stream\n"); ++ return; ++ } ++ ++ /* Allocate space for string_min 4-byte utf-8 characters. */ ++ unsigned char * print_buf = xmalloc ((4 * string_min) + 1); ++ /* We should never have to put back more than 4 bytes. */ ++ unsigned char putback_buf[5]; ++ unsigned int num_putback = 0; ++ ++ print_unicode_stream_body (filename, address, stream, putback_buf, num_putback, print_buf); ++ free (print_buf); ++} ++ + + /* Find the strings in file FILENAME, read from STREAM. + Assume that STREAM is positioned so that the next byte read + is at address ADDRESS in the file. +- Stop reading at address STOP_POINT in the file, if nonzero. + + If STREAM is NULL, do not read from it. + The caller can supply a buffer of characters +@@ -568,20 +1239,29 @@ unget_part_char (long c, file_ptr *addre + + static void + print_strings (const char *filename, FILE *stream, file_ptr address, +- int stop_point, int magiccount, char *magic) ++ int magiccount, char *magic) + { ++ if (unicode_display != unicode_default) ++ { ++ if (magic != NULL) ++ print_unicode_buffer (filename, address, ++ (const unsigned char *) magic, magiccount); ++ ++ if (stream != NULL) ++ print_unicode_stream (filename, address, stream); ++ return; ++ } ++ + char *buf = (char *) xmalloc (sizeof (char) * (string_min + 1)); + + while (1) + { + file_ptr start; +- int i; ++ unsigned int i; + long c; + + /* See if the next `string_min' chars are all graphic chars. */ + tryline: +- if (stop_point && address >= stop_point) +- break; + start = address; + for (i = 0; i < string_min; i++) + { +@@ -604,69 +1284,7 @@ print_strings (const char *filename, FIL + /* We found a run of `string_min' graphic characters. Print up + to the next non-graphic character. */ + +- if (print_filenames) +- printf ("%s: ", filename); +- if (print_addresses) +- switch (address_radix) +- { +- case 8: +-#ifdef HAVE_LONG_LONG +- if (sizeof (start) > sizeof (long)) +- { +-# ifndef __MSVCRT__ +- printf ("%7llo ", (unsigned long long) start); +-# else +- printf ("%7I64o ", (unsigned long long) start); +-# endif +- } +- else +-#elif !BFD_HOST_64BIT_LONG +- if (start != (unsigned long) start) +- printf ("++%7lo ", (unsigned long) start); +- else +-#endif +- printf ("%7lo ", (unsigned long) start); +- break; +- +- case 10: +-#ifdef HAVE_LONG_LONG +- if (sizeof (start) > sizeof (long)) +- { +-# ifndef __MSVCRT__ +- printf ("%7llu ", (unsigned long long) start); +-# else +- printf ("%7I64d ", (unsigned long long) start); +-# endif +- } +- else +-#elif !BFD_HOST_64BIT_LONG +- if (start != (unsigned long) start) +- printf ("++%7lu ", (unsigned long) start); +- else +-#endif +- printf ("%7ld ", (long) start); +- break; +- +- case 16: +-#ifdef HAVE_LONG_LONG +- if (sizeof (start) > sizeof (long)) +- { +-# ifndef __MSVCRT__ +- printf ("%7llx ", (unsigned long long) start); +-# else +- printf ("%7I64x ", (unsigned long long) start); +-# endif +- } +- else +-#elif !BFD_HOST_64BIT_LONG +- if (start != (unsigned long) start) +- printf ("%lx%8.8lx ", (unsigned long) (start >> 32), +- (unsigned long) (start & 0xffffffff)); +- else +-#endif +- printf ("%7lx ", (unsigned long) start); +- break; +- } ++ print_filename_and_address (filename, start); + + buf[i] = '\0'; + fputs (buf, stdout); +@@ -718,6 +1336,8 @@ usage (FILE *stream, int status) + -T --target=<BFDNAME> Specify the binary file format\n\ + -e --encoding={s,S,b,l,B,L} Select character size and endianness:\n\ + s = 7-bit, S = 8-bit, {b,l} = 16-bit, {B,L} = 32-bit\n\ ++ --unicode={default|show|invalid|hex|escape|highlight}\n\ ++ -u {d|s|i|x|e|h} Specify how to treat UTF-8 encoded unicode characters\n\ + -s --output-separator=<string> String used to separate strings in output.\n\ + @<file> Read options from <file>\n\ + -h --help Display this information\n\ diff --git a/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch new file mode 100644 index 0000000000..f118e2599b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0001-CVE-2021-45078.patch @@ -0,0 +1,255 @@ +From 161e87d12167b1e36193385485c1f6ce92f74f02 Mon Sep 17 00:00:00 2001 +From: Alan Modra <amodra@gmail.com> +Date: Wed, 15 Dec 2021 11:48:42 +1030 +Subject: [PATCH] PR28694, Out-of-bounds write in stab_xcoff_builtin_type + + PR 28694 + * stabs.c (stab_xcoff_builtin_type): Make typenum unsigned. + Negate typenum earlier, simplifying bounds checking. Correct + off-by-one indexing. Adjust switch cases. + + +CVE: CVE-2021-45078 +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=patch;h=161e87d12167b1e36193385485c1f6ce92f74f02] + +Signed-off-by: Sundeep KOKKONDA <sundeep.kokkonda@gmail.com> +--- + binutils/stabs.c | 87 ++++++++++++++++++++++++------------------------ + 1 file changed, 43 insertions(+), 44 deletions(-) + + +diff --git a/binutils/stabs.c b/binutils/stabs.c +index 274bfb0e7fa..83ee3ea5fa4 100644 +--- a/binutils/stabs.c ++++ b/binutils/stabs.c +@@ -202,7 +202,7 @@ static debug_type stab_find_type (void *, struct stab_handle *, const int *); + static bfd_boolean stab_record_type + (void *, struct stab_handle *, const int *, debug_type); + static debug_type stab_xcoff_builtin_type +- (void *, struct stab_handle *, int); ++ (void *, struct stab_handle *, unsigned int); + static debug_type stab_find_tagged_type + (void *, struct stab_handle *, const char *, int, enum debug_type_kind); + static debug_type *stab_demangle_argtypes +@@ -3496,166 +3496,167 @@ stab_record_type (void *dhandle ATTRIBUTE_UNUSED, struct stab_handle *info, + + static debug_type + stab_xcoff_builtin_type (void *dhandle, struct stab_handle *info, +- int typenum) ++ unsigned int typenum) + { + debug_type rettype; + const char *name; + +- if (typenum >= 0 || typenum < -XCOFF_TYPE_COUNT) ++ typenum = -typenum - 1; ++ if (typenum >= XCOFF_TYPE_COUNT) + { +- fprintf (stderr, _("Unrecognized XCOFF type %d\n"), typenum); ++ fprintf (stderr, _("Unrecognized XCOFF type %d\n"), -typenum - 1); + return DEBUG_TYPE_NULL; + } +- if (info->xcoff_types[-typenum] != NULL) +- return info->xcoff_types[-typenum]; ++ if (info->xcoff_types[typenum] != NULL) ++ return info->xcoff_types[typenum]; + +- switch (-typenum) ++ switch (typenum) + { +- case 1: ++ case 0: + /* The size of this and all the other types are fixed, defined + by the debugging format. */ + name = "int"; + rettype = debug_make_int_type (dhandle, 4, FALSE); + break; +- case 2: ++ case 1: + name = "char"; + rettype = debug_make_int_type (dhandle, 1, FALSE); + break; +- case 3: ++ case 2: + name = "short"; + rettype = debug_make_int_type (dhandle, 2, FALSE); + break; +- case 4: ++ case 3: + name = "long"; + rettype = debug_make_int_type (dhandle, 4, FALSE); + break; +- case 5: ++ case 4: + name = "unsigned char"; + rettype = debug_make_int_type (dhandle, 1, TRUE); + break; +- case 6: ++ case 5: + name = "signed char"; + rettype = debug_make_int_type (dhandle, 1, FALSE); + break; +- case 7: ++ case 6: + name = "unsigned short"; + rettype = debug_make_int_type (dhandle, 2, TRUE); + break; +- case 8: ++ case 7: + name = "unsigned int"; + rettype = debug_make_int_type (dhandle, 4, TRUE); + break; +- case 9: ++ case 8: + name = "unsigned"; + rettype = debug_make_int_type (dhandle, 4, TRUE); + break; +- case 10: ++ case 9: + name = "unsigned long"; + rettype = debug_make_int_type (dhandle, 4, TRUE); + break; +- case 11: ++ case 10: + name = "void"; + rettype = debug_make_void_type (dhandle); + break; +- case 12: ++ case 11: + /* IEEE single precision (32 bit). */ + name = "float"; + rettype = debug_make_float_type (dhandle, 4); + break; +- case 13: ++ case 12: + /* IEEE double precision (64 bit). */ + name = "double"; + rettype = debug_make_float_type (dhandle, 8); + break; +- case 14: ++ case 13: + /* This is an IEEE double on the RS/6000, and different machines + with different sizes for "long double" should use different + negative type numbers. See stabs.texinfo. */ + name = "long double"; + rettype = debug_make_float_type (dhandle, 8); + break; +- case 15: ++ case 14: + name = "integer"; + rettype = debug_make_int_type (dhandle, 4, FALSE); + break; +- case 16: ++ case 15: + name = "boolean"; + rettype = debug_make_bool_type (dhandle, 4); + break; +- case 17: ++ case 16: + name = "short real"; + rettype = debug_make_float_type (dhandle, 4); + break; +- case 18: ++ case 17: + name = "real"; + rettype = debug_make_float_type (dhandle, 8); + break; +- case 19: ++ case 18: + /* FIXME */ + name = "stringptr"; + rettype = NULL; + break; +- case 20: ++ case 19: + /* FIXME */ + name = "character"; + rettype = debug_make_int_type (dhandle, 1, TRUE); + break; +- case 21: ++ case 20: + name = "logical*1"; + rettype = debug_make_bool_type (dhandle, 1); + break; +- case 22: ++ case 21: + name = "logical*2"; + rettype = debug_make_bool_type (dhandle, 2); + break; +- case 23: ++ case 22: + name = "logical*4"; + rettype = debug_make_bool_type (dhandle, 4); + break; +- case 24: ++ case 23: + name = "logical"; + rettype = debug_make_bool_type (dhandle, 4); + break; +- case 25: ++ case 24: + /* Complex type consisting of two IEEE single precision values. */ + name = "complex"; + rettype = debug_make_complex_type (dhandle, 8); + break; +- case 26: ++ case 25: + /* Complex type consisting of two IEEE double precision values. */ + name = "double complex"; + rettype = debug_make_complex_type (dhandle, 16); + break; +- case 27: ++ case 26: + name = "integer*1"; + rettype = debug_make_int_type (dhandle, 1, FALSE); + break; +- case 28: ++ case 27: + name = "integer*2"; + rettype = debug_make_int_type (dhandle, 2, FALSE); + break; +- case 29: ++ case 28: + name = "integer*4"; + rettype = debug_make_int_type (dhandle, 4, FALSE); + break; +- case 30: ++ case 29: + /* FIXME */ + name = "wchar"; + rettype = debug_make_int_type (dhandle, 2, FALSE); + break; +- case 31: ++ case 30: + name = "long long"; + rettype = debug_make_int_type (dhandle, 8, FALSE); + break; +- case 32: ++ case 31: + name = "unsigned long long"; + rettype = debug_make_int_type (dhandle, 8, TRUE); + break; +- case 33: ++ case 32: + name = "logical*8"; + rettype = debug_make_bool_type (dhandle, 8); + break; +- case 34: ++ case 33: + name = "integer*8"; + rettype = debug_make_int_type (dhandle, 8, FALSE); + break; +@@ -3664,9 +3665,7 @@ stab_xcoff_builtin_type (void *dhandle, struct stab_handle *info, + } + + rettype = debug_name_type (dhandle, name, rettype); +- +- info->xcoff_types[-typenum] = rettype; +- ++ info->xcoff_types[typenum] = rettype; + return rettype; + } + +-- +2.27.0 + diff --git a/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch deleted file mode 100644 index 3771f571eb..0000000000 --- a/meta/recipes-devtools/binutils/binutils/0002-CVE-2021-20197.patch +++ /dev/null @@ -1,170 +0,0 @@ -From d3edaa91d4cf7202ec14342410194841e2f67f12 Mon Sep 17 00:00:00 2001 -From: Alan Modra <amodra@gmail.com> -Date: Fri, 26 Feb 2021 11:30:32 +1030 -Subject: [PATCH] Reinstate various pieces backed out from smart_rename changes - -In the interests of a stable release various last minute smart_rename -patches were backed out of the 2.36 branch. The main reason to -reinstate some of those backed out changes here is to make necessary -followup fixes to commit 8e03235147a9 simple cherry-picks from -mainline. A secondary reason is that ar -M support isn't fixed for -pr26945 without this patch. - - PR 26945 - * ar.c: Don't include libbfd.h. - (write_archive): Replace xmalloc+strcpy with xstrdup. - * arsup.c (temp_name, real_ofd): New static variables. - (ar_open): Use make_tempname and bfd_fdopenw. - (ar_save): Adjust to suit ar_open changes. - * objcopy.c: Don't include libbfd.h. - * rename.c: Rename and reorder variables. - -(cherry picked from commit 95b91a043aeaeb546d2fea556d84a2de1e917770) - -Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d3edaa91d4cf7202ec14342410194841e2f67f12] -CVE: CVE-2021-20197 -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - binutils/ar.c | 4 +--- - binutils/arsup.c | 37 +++++++++++++++++++++++++------------ - binutils/objcopy.c | 1 - - binutils/rename.c | 6 +++--- - 5 files changed, 42 insertions(+), 19 deletions(-) - -diff --git a/binutils/ar.c b/binutils/ar.c -index 3a91708b51c..44df48c5c67 100644 ---- a/binutils/ar.c -+++ b/binutils/ar.c -@@ -25,7 +25,6 @@ - - #include "sysdep.h" - #include "bfd.h" --#include "libbfd.h" - #include "libiberty.h" - #include "progress.h" - #include "getopt.h" -@@ -1255,8 +1254,7 @@ write_archive (bfd *iarch) - bfd *contents_head = iarch->archive_next; - int ofd = -1; - -- old_name = (char *) xmalloc (strlen (bfd_get_filename (iarch)) + 1); -- strcpy (old_name, bfd_get_filename (iarch)); -+ old_name = xstrdup (bfd_get_filename (iarch)); - new_name = make_tempname (old_name, &ofd); - - if (new_name == NULL) -diff --git a/binutils/arsup.c b/binutils/arsup.c -index 0a1f63f6456..f7ce8f0bc82 100644 ---- a/binutils/arsup.c -+++ b/binutils/arsup.c -@@ -42,6 +42,8 @@ extern int deterministic; - - static bfd *obfd; - static char *real_name; -+static char *temp_name; -+static int real_ofd; - static FILE *outfile; - - static void -@@ -149,27 +151,24 @@ maybequit (void) - void - ar_open (char *name, int t) - { -- char *tname; -- const char *bname = lbasename (name); -- real_name = name; -+ real_name = xstrdup (name); -+ temp_name = make_tempname (real_name, &real_ofd); - -- /* Prepend tmp- to the beginning, to avoid file-name clashes after -- truncation on filesystems with limited namespaces (DOS). */ -- if (asprintf (&tname, "%.*stmp-%s", (int) (bname - name), name, bname) == -1) -+ if (temp_name == NULL) - { -- fprintf (stderr, _("%s: Can't allocate memory for temp name (%s)\n"), -+ fprintf (stderr, _("%s: Can't open temporary file (%s)\n"), - program_name, strerror(errno)); - maybequit (); - return; - } - -- obfd = bfd_openw (tname, NULL); -+ obfd = bfd_fdopenw (temp_name, NULL, real_ofd); - - if (!obfd) - { - fprintf (stderr, - _("%s: Can't open output archive %s\n"), -- program_name, tname); -+ program_name, temp_name); - - maybequit (); - } -@@ -344,16 +343,30 @@ ar_save (void) - } - else - { -- char *ofilename = xstrdup (bfd_get_filename (obfd)); -+ struct stat target_stat; - - if (deterministic > 0) - obfd->flags |= BFD_DETERMINISTIC_OUTPUT; - - bfd_close (obfd); - -- smart_rename (ofilename, real_name, NULL); -+ if (stat (real_name, &target_stat) != 0) -+ { -+ /* The temp file created in ar_open has mode 0600 as per mkstemp. -+ Create the real empty output file here so smart_rename will -+ update the mode according to the process umask. */ -+ obfd = bfd_openw (real_name, NULL); -+ if (obfd != NULL) -+ { -+ bfd_set_format (obfd, bfd_archive); -+ bfd_close (obfd); -+ } -+ } -+ -+ smart_rename (temp_name, real_name, NULL); - obfd = 0; -- free (ofilename); -+ free (temp_name); -+ free (real_name); - } - } - -diff --git a/binutils/objcopy.c b/binutils/objcopy.c -index 07a872b5a80..73aa8bc2514 100644 ---- a/binutils/objcopy.c -+++ b/binutils/objcopy.c -@@ -20,7 +20,6 @@ - - #include "sysdep.h" - #include "bfd.h" --#include "libbfd.h" - #include "progress.h" - #include "getopt.h" - #include "libiberty.h" -diff --git a/binutils/rename.c b/binutils/rename.c -index f471b45fd3f..2ff092ee22b 100644 ---- a/binutils/rename.c -+++ b/binutils/rename.c -@@ -130,11 +130,11 @@ int - smart_rename (const char *from, const char *to, - struct stat *target_stat ATTRIBUTE_UNUSED) - { -- bfd_boolean exists; -- struct stat s; - int ret = 0; -+ struct stat to_stat; -+ bfd_boolean exists; - -- exists = lstat (to, &s) == 0; -+ exists = lstat (to, &to_stat) == 0; - - #if defined (_WIN32) && !defined (__CYGWIN32__) - /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but --- -2.31.1 - diff --git a/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch b/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch deleted file mode 100644 index 082b28b29c..0000000000 --- a/meta/recipes-devtools/binutils/binutils/0003-CVE-2021-20197.patch +++ /dev/null @@ -1,171 +0,0 @@ -From 8b69e61d4be276bb862698aaafddc3e779d23c8f Mon Sep 17 00:00:00 2001 -From: Alan Modra <amodra@gmail.com> -Date: Tue, 23 Feb 2021 09:37:39 +1030 -Subject: [PATCH] PR27456, lstat in rename.c on MinGW - - PR 27456 - * rename.c: Tidy throughout. - (smart_rename): Always copy. Remove windows specific code. - -(cherry picked from commit cca8873dd5a6015d5557ea44bc1ea9c252435a29) - -Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8b69e61d4be276bb862698aaafddc3e779d23c8f] -CVE: CVE-2021-20197 -Signed-off-by: Vinay Kumar <vinay.m.engg@gmail.com> ---- - binutils/rename.c | 111 ++++++++++++++------------------------------- - 2 files changed, 40 insertions(+), 76 deletions(-) - -diff --git a/binutils/rename.c b/binutils/rename.c -index 2ff092ee22b..72a9323d72c 100644 ---- a/binutils/rename.c -+++ b/binutils/rename.c -@@ -24,14 +24,9 @@ - - #ifdef HAVE_GOOD_UTIME_H - #include <utime.h> --#else /* ! HAVE_GOOD_UTIME_H */ --#ifdef HAVE_UTIMES -+#elif defined HAVE_UTIMES - #include <sys/time.h> --#endif /* HAVE_UTIMES */ --#endif /* ! HAVE_GOOD_UTIME_H */ -- --#if ! defined (_WIN32) || defined (__CYGWIN32__) --static int simple_copy (const char *, const char *); -+#endif - - /* The number of bytes to copy at once. */ - #define COPY_BUF 8192 -@@ -82,7 +77,6 @@ simple_copy (const char *from, const char *to) - } - return 0; - } --#endif /* __CYGWIN32__ or not _WIN32 */ - - /* Set the times of the file DESTINATION to be the same as those in - STATBUF. */ -@@ -91,87 +85,52 @@ void - set_times (const char *destination, const struct stat *statbuf) - { - int result; -- -- { - #ifdef HAVE_GOOD_UTIME_H -- struct utimbuf tb; -- -- tb.actime = statbuf->st_atime; -- tb.modtime = statbuf->st_mtime; -- result = utime (destination, &tb); --#else /* ! HAVE_GOOD_UTIME_H */ --#ifndef HAVE_UTIMES -- long tb[2]; -- -- tb[0] = statbuf->st_atime; -- tb[1] = statbuf->st_mtime; -- result = utime (destination, tb); --#else /* HAVE_UTIMES */ -- struct timeval tv[2]; -- -- tv[0].tv_sec = statbuf->st_atime; -- tv[0].tv_usec = 0; -- tv[1].tv_sec = statbuf->st_mtime; -- tv[1].tv_usec = 0; -- result = utimes (destination, tv); --#endif /* HAVE_UTIMES */ --#endif /* ! HAVE_GOOD_UTIME_H */ -- } -+ struct utimbuf tb; -+ -+ tb.actime = statbuf->st_atime; -+ tb.modtime = statbuf->st_mtime; -+ result = utime (destination, &tb); -+#elif defined HAVE_UTIMES -+ struct timeval tv[2]; -+ -+ tv[0].tv_sec = statbuf->st_atime; -+ tv[0].tv_usec = 0; -+ tv[1].tv_sec = statbuf->st_mtime; -+ tv[1].tv_usec = 0; -+ result = utimes (destination, tv); -+#else -+ long tb[2]; -+ -+ tb[0] = statbuf->st_atime; -+ tb[1] = statbuf->st_mtime; -+ result = utime (destination, tb); -+#endif - - if (result != 0) - non_fatal (_("%s: cannot set time: %s"), destination, strerror (errno)); - } - --/* Rename FROM to TO, copying if TO exists. TARGET_STAT has the file status -- that, if non-NULL, is used to fix up timestamps after rename. Return 0 if -- ok, -1 if error. */ -+/* Copy FROM to TO. TARGET_STAT has the file status that, if non-NULL, -+ is used to fix up timestamps. Return 0 if ok, -1 if error. -+ At one time this function renamed files, but file permissions are -+ tricky to update given the number of different schemes used by -+ various systems. So now we just copy. */ - - int - smart_rename (const char *from, const char *to, -- struct stat *target_stat ATTRIBUTE_UNUSED) -+ struct stat *target_stat) - { -- int ret = 0; -- struct stat to_stat; -- bfd_boolean exists; -- -- exists = lstat (to, &to_stat) == 0; -- --#if defined (_WIN32) && !defined (__CYGWIN32__) -- /* Win32, unlike unix, will not erase `to' in `rename(from, to)' but -- fail instead. Also, chown is not present. */ -- -- if (exists) -- remove (to); -+ int ret; - -- ret = rename (from, to); -+ ret = simple_copy (from, to); - if (ret != 0) -- { -- /* We have to clean up here. */ -- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno)); -- unlink (from); -- } --#else -- /* Avoid a full copy and use rename if TO does not exist. */ -- if (!exists) -- { -- if ((ret = rename (from, to)) != 0) -- { -- /* We have to clean up here. */ -- non_fatal (_("unable to rename '%s'; reason: %s"), to, strerror (errno)); -- unlink (from); -- } -- } -- else -- { -- ret = simple_copy (from, to); -- if (ret != 0) -- non_fatal (_("unable to copy file '%s'; reason: %s"), to, strerror (errno)); -+ non_fatal (_("unable to copy file '%s'; reason: %s"), -+ to, strerror (errno)); - -- if (target_stat != NULL) -- set_times (to, target_stat); -- unlink (from); -- } --#endif /* _WIN32 && !__CYGWIN32__ */ -+ if (target_stat != NULL) -+ set_times (to, target_stat); -+ unlink (from); - - return ret; - } --- -2.31.1 - diff --git a/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch new file mode 100644 index 0000000000..fa10a6c99a --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0017-CVE-2021-3530.patch @@ -0,0 +1,102 @@ +From 25162c795b1a2becf936bb3581d86a307ea491eb Mon Sep 17 00:00:00 2001 +From: Nick Clifton <nickc@redhat.com> +Date: Thu, 15 Jul 2021 16:51:56 +0100 +Subject: [PATCH] Fix a stack exhaustion problem in the Rust demangling code in + the libiberty library. + + PR 99935 + * rust-demangle.c: Add recursion limit. + +CVE: CVE-2021-3530 +Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=25162c795b1a2becf936bb3581d86a307ea491eb] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + libiberty/ChangeLog | 5 +++++ + libiberty/rust-demangle.c | 31 +++++++++++++++++++++++++------ + 2 files changed, 30 insertions(+), 6 deletions(-) + +diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog +index bc1b35b97c4..8e39fd28eba 100644 +--- a/libiberty/ChangeLog ++++ b/libiberty/ChangeLog +@@ -1,3 +1,8 @@ ++2021-07-15 Nick Clifton <nickc@redhat.com> ++ ++ PR 99935 ++ * rust-demangle.c: Add recursion limit. ++ + 2021-01-04 Martin Liska <mliska@suse.cz> + + * strverscmp.c: Convert to utf8 from iso8859. +diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c +index 449941b56dc..df09b7b8fdd 100644 +--- a/libiberty/rust-demangle.c ++++ b/libiberty/rust-demangle.c +@@ -74,6 +74,12 @@ struct rust_demangler + /* Rust mangling version, with legacy mangling being -1. */ + int version; + ++ /* Recursion depth. */ ++ uint recursion; ++ /* Maximum number of times demangle_path may be called recursively. */ ++#define RUST_MAX_RECURSION_COUNT 1024 ++#define RUST_NO_RECURSION_LIMIT ((uint) -1) ++ + uint64_t bound_lifetime_depth; + }; + +@@ -671,6 +677,15 @@ demangle_path (struct rust_demangler *rd + if (rdm->errored) + return; + ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ { ++ ++ rdm->recursion; ++ if (rdm->recursion > RUST_MAX_RECURSION_COUNT) ++ /* FIXME: There ought to be a way to report ++ that the recursion limit has been reached. */ ++ goto fail_return; ++ } ++ + switch (tag = next (rdm)) + { + case 'C': +@@ -688,10 +703,7 @@ demangle_path (struct rust_demangler *rd + case 'N': + ns = next (rdm); + if (!ISLOWER (ns) && !ISUPPER (ns)) +- { +- rdm->errored = 1; +- return; +- } ++ goto fail_return; + + demangle_path (rdm, in_value); + +@@ -776,9 +788,15 @@ demangle_path (struct rust_demangler *rd + } + break; + default: +- rdm->errored = 1; +- return; ++ goto fail_return; + } ++ goto pass_return; ++ ++ fail_return: ++ rdm->errored = 1; ++ pass_return: ++ if (rdm->recursion != RUST_NO_RECURSION_LIMIT) ++ -- rdm->recursion; + } + + static void +@@ -1317,6 +1335,7 @@ rust_demangle_callback (const char *mang + rdm.skipping_printing = 0; + rdm.verbose = (options & DMGL_VERBOSE) != 0; + rdm.version = 0; ++ rdm.recursion = (options & DMGL_NO_RECURSE_LIMIT) ? RUST_NO_RECURSION_LIMIT : 0; + rdm.bound_lifetime_depth = 0; + + /* Rust symbols always start with _R (v0) or _ZN (legacy). */ diff --git a/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch new file mode 100644 index 0000000000..e569a6bc47 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0018-CVE-2021-3530.patch @@ -0,0 +1,64 @@ +From 999566402e3d7c69032bbf47e28b44fc0926fe62 Mon Sep 17 00:00:00 2001 +From: Christopher Wellons <wellons@nullprogram.com> +Date: Sun, 18 Jul 2021 16:57:19 -0400 +Subject: [PATCH] Change "uint" to "unsigned" + +This fixes a defect introduced in 25162c795. The "uint" type has not +been explicitly defined here on mingw, causing compilation to fail. + +On linux we have this in /usr/include/sys/types.h + +/* Old compatibility names for C types. */ +typedef unsigned long int ulong; +typedef unsigned short int ushort; +typedef unsigned int uint; + +So it's easy to see how such bugs can creep in. + + * rust-demangle.c (struct rust_demangler): Change type of + "recursion" to unsigned. + (RUST_NO_RECURSION_LIMIT): Similarly in cast. + +CVE: CVE-2021-3530 +Upstream-Status: Backport[https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=999566402e3] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + libiberty/ChangeLog | 6 ++++++ + libiberty/rust-demangle.c | 4 ++-- + 2 files changed, 8 insertions(+), 2 deletions(-) + +diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog +index 8e39fd28eba..3f749455f05 100644 +--- a/libiberty/ChangeLog ++++ b/libiberty/ChangeLog +@@ -1,3 +1,9 @@ ++2021-07-19 Christopher Wellons <wellons@nullprogram.com> ++ ++ * rust-demangle.c (struct rust_demangler): Change type of ++ "recursion" to unsigned. ++ (RUST_NO_RECURSION_LIMIT): Similarly in cast. ++ + 2021-07-15 Nick Clifton <nickc@redhat.com> + + PR 99935 +diff --git a/libiberty/rust-demangle.c b/libiberty/rust-demangle.c +index df09b7b8fdd..ac1eb8eb02c 100644 +--- a/libiberty/rust-demangle.c ++++ b/libiberty/rust-demangle.c +@@ -75,10 +75,10 @@ struct rust_demangler + int version; + + /* Recursion depth. */ +- uint recursion; ++ unsigned recursion; + /* Maximum number of times demangle_path may be called recursively. */ + #define RUST_MAX_RECURSION_COUNT 1024 +-#define RUST_NO_RECURSION_LIMIT ((uint) -1) ++#define RUST_NO_RECURSION_LIMIT ((unsigned) -1) + + uint64_t bound_lifetime_depth; + }; +-- +2.27.0 + diff --git a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb index f6a77b4606..02a286c396 100644 --- a/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb +++ b/meta/recipes-devtools/bootchart2/bootchart2_0.14.9.bb @@ -90,7 +90,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=44ac4678311254db62edf8fd39cb8124" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+(\.\d+)*)" -SRC_URI = "git://github.com/xrmx/bootchart.git \ +SRC_URI = "git://github.com/xrmx/bootchart.git;branch=master;protocol=https \ file://bootchartd_stop.sh \ file://0001-collector-Allocate-space-on-heap-for-chunks.patch \ file://0001-bootchart2-support-usrmerge.patch \ @@ -99,6 +99,10 @@ SRC_URI = "git://github.com/xrmx/bootchart.git \ S = "${WORKDIR}/git" SRCREV = "868a2afab9da34f32c007d773b77253c93104636" +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" + inherit systemd update-rc.d python3native update-alternatives ALTERNATIVE_${PN} = "bootchartd" @@ -131,7 +135,7 @@ do_install () { export PKGLIBDIR="${base_libdir}/bootchart" export SYSTEMD_UNIT_DIR="${systemd_unitdir}/system" - oe_runmake install + oe_runmake install NO_PYTHON_COMPILE=1 install -d ${D}${sysconfdir}/init.d install -m 0755 ${WORKDIR}/bootchartd_stop.sh ${D}${sysconfdir}/init.d diff --git a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb index fca010d4ae..7f51c799cd 100644 --- a/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb +++ b/meta/recipes-devtools/btrfs-tools/btrfs-tools_5.10.1.bb @@ -15,7 +15,7 @@ DEPENDS_append_class-target = " udev" RDEPENDS_${PN} = "libgcc" SRCREV = "f2ffce38b9c1477a7350bfe165f0e34b9bde40f5" -SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git \ +SRC_URI = "git://git.kernel.org/pub/scm/linux/kernel/git/kdave/btrfs-progs.git;branch=master \ file://0001-Add-a-possibility-to-specify-where-python-modules-ar.patch \ " diff --git a/meta/recipes-devtools/ccache/ccache_4.2.bb b/meta/recipes-devtools/ccache/ccache_4.2.1.bb index b76bf043f0..99bbe0eca2 100644 --- a/meta/recipes-devtools/ccache/ccache_4.2.bb +++ b/meta/recipes-devtools/ccache/ccache_4.2.1.bb @@ -7,14 +7,14 @@ HOMEPAGE = "http://ccache.samba.org" SECTION = "devel" LICENSE = "GPLv3+" -LIC_FILES_CHKSUM = "file://LICENSE.adoc;md5=28afb89f649f309e7ac1aab554564637" +LIC_FILES_CHKSUM = "file://LICENSE.adoc;md5=698a26b57e513d678e1e7727bf56395b" DEPENDS = "zstd" SRC_URI = "https://github.com/ccache/ccache/releases/download/v${PV}/${BP}.tar.gz" SRC_URI += "file://0001-CMake-make-build-of-documentation-optional-842.patch" -SRC_URI[sha256sum] = "dbf139ff32031b54cb47f2d7983269f328df14b5a427882f89f7721e5c411b7e" +SRC_URI[sha256sum] = "320d2b17d2f76393e5d4bb28c8dee5ca783248e9cd23dff0654694d60f8a4b62" UPSTREAM_CHECK_URI = "https://github.com/ccache/ccache/releases/" diff --git a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb index 7480affbc0..29f3866079 100644 --- a/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb +++ b/meta/recipes-devtools/createrepo-c/createrepo-c_0.17.0.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/rpm-software-management/createrepo_c/wiki" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/rpm-software-management/createrepo_c \ +SRC_URI = "git://github.com/rpm-software-management/createrepo_c;branch=master;protocol=https \ file://0001-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ " diff --git a/meta/recipes-devtools/distcc/distcc_3.3.5.bb b/meta/recipes-devtools/distcc/distcc_3.3.5.bb index 5c2644199e..defea99c95 100644 --- a/meta/recipes-devtools/distcc/distcc_3.3.5.bb +++ b/meta/recipes-devtools/distcc/distcc_3.3.5.bb @@ -15,7 +15,7 @@ PACKAGECONFIG[popt] = "--without-included-popt,--with-included-popt,popt" RRECOMMENDS_${PN}-server = "avahi-daemon" -SRC_URI = "git://github.com/distcc/distcc.git \ +SRC_URI = "git://github.com/distcc/distcc.git;branch=master;protocol=https \ file://default \ file://distcc \ file://distcc.service \ diff --git a/meta/recipes-devtools/dnf/dnf_4.6.0.bb b/meta/recipes-devtools/dnf/dnf_4.6.0.bb index 6651e64352..f2cb6db89b 100644 --- a/meta/recipes-devtools/dnf/dnf_4.6.0.bb +++ b/meta/recipes-devtools/dnf/dnf_4.6.0.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://PACKAGE-LICENSING;md5=4a0548e303dbc77f067335b4d688e745 \ " -SRC_URI = "git://github.com/rpm-software-management/dnf.git \ +SRC_URI = "git://github.com/rpm-software-management/dnf.git;branch=master;protocol=https \ file://0001-Corretly-install-tmpfiles.d-configuration.patch \ file://0001-Do-not-hardcode-etc-and-systemd-unit-directories.patch \ file://0005-Do-not-prepend-installroot-to-logdir.patch \ diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc index 2f113c5e8d..1250a9b99c 100644 --- a/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc +++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs.inc @@ -19,7 +19,8 @@ LIC_FILES_CHKSUM = "file://NOTICE;md5=d50be0580c0b0a7fbc7a4830bbe6c12b \ SECTION = "base" DEPENDS = "util-linux attr autoconf-archive" -SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git" +SRC_URI = "git://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git;branch=master \ + file://0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch" S = "${WORKDIR}/git" inherit autotools gettext texinfo pkgconfig multilib_header update-alternatives ptest diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch new file mode 100644 index 0000000000..d679b25b1d --- /dev/null +++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-fix-last-mount-write-time-when-e2fsck-is-forc.patch @@ -0,0 +1,66 @@ +From 2c69c94217b6db083d601d4fd62d6ab6c1628fee Mon Sep 17 00:00:00 2001 +From: Lukas Czerner <lczerner@redhat.com> +Date: Mon, 14 Jun 2021 15:27:25 +0200 +Subject: [PATCH] e2fsck: fix last mount/write time when e2fsck is forced + +With commit c52d930f e2fsck is no longer able to fix bad last +mount/write time by default because it is conditioned on s_checkinterval +not being zero, which it is by default. + +One place where it matters is when other e2fsprogs tools require to run +full file system check before a certain operation. If the last mount +time is for any reason in future, it will not allow it to run even if +full e2fsck is ran. + +Fix it by checking the last mount/write time when the e2fsck is forced, +except for the case where we know the system clock is broken. + +[ Reworked the conditionals so error messages claiming that the last + write/mount time were corrupted wouldn't be always printed when the + e2fsck was run with the -f option, thus causing 299 out of 372 + regression tests to fail. -- TYT ] + +Fixes: c52d930f ("e2fsck: don't check for future superblock times if checkinterval == 0") +Reported-by: Dusty Mabe <dustymabe@redhat.com> +Signed-off-by: Lukas Czerner <lczerner@redhat.com> +Signed-off-by: Theodore Ts'o <tytso@mit.edu> + +Upstream-Status: Backport [https://github.com/tytso/e2fsprogs/commit/2c69c94217b6db083d601d4fd62d6ab6c1628fee] +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + e2fsck/super.c | 12 ++++++------ + 1 file changed, 6 insertions(+), 6 deletions(-) + +diff --git a/e2fsck/super.c b/e2fsck/super.c +index e1c3f935..31e2ffb2 100644 +--- a/e2fsck/super.c ++++ b/e2fsck/super.c +@@ -1038,9 +1038,9 @@ void check_super_block(e2fsck_t ctx) + * Check to see if the superblock last mount time or last + * write time is in the future. + */ +- if (!broken_system_clock && fs->super->s_checkinterval && +- !(ctx->flags & E2F_FLAG_TIME_INSANE) && +- fs->super->s_mtime > (__u32) ctx->now) { ++ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) && ++ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) && ++ (fs->super->s_mtime > (__u32) ctx->now)) { + pctx.num = fs->super->s_mtime; + problem = PR_0_FUTURE_SB_LAST_MOUNT; + if (fs->super->s_mtime <= (__u32) ctx->now + ctx->time_fudge) +@@ -1050,9 +1050,9 @@ void check_super_block(e2fsck_t ctx) + fs->flags |= EXT2_FLAG_DIRTY; + } + } +- if (!broken_system_clock && fs->super->s_checkinterval && +- !(ctx->flags & E2F_FLAG_TIME_INSANE) && +- fs->super->s_wtime > (__u32) ctx->now) { ++ if (((ctx->options & E2F_OPT_FORCE) || fs->super->s_checkinterval) && ++ !broken_system_clock && !(ctx->flags & E2F_FLAG_TIME_INSANE) && ++ (fs->super->s_wtime > (__u32) ctx->now)) { + pctx.num = fs->super->s_wtime; + problem = PR_0_FUTURE_SB_LAST_WRITE; + if (fs->super->s_wtime <= (__u32) ctx->now + ctx->time_fudge) +-- +2.25.1 + diff --git a/meta/recipes-devtools/file/file_5.39.bb b/meta/recipes-devtools/file/file_5.39.bb index c0c7253688..234440e493 100644 --- a/meta/recipes-devtools/file/file_5.39.bb +++ b/meta/recipes-devtools/file/file_5.39.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdd DEPENDS = "file-replacement-native" DEPENDS_class-native = "bzip2-replacement-native" -SRC_URI = "git://github.com/file/file.git \ +SRC_URI = "git://github.com/file/file.git;branch=master;protocol=https \ file://0001-src-compress.c-correct-header-define-for-xz-lzma.patch \ file://0001-Fix-close_on_exec-multithreaded-decompression-issue.patch" diff --git a/meta/recipes-devtools/gcc/gcc-10.2.inc b/meta/recipes-devtools/gcc/gcc-10.3.inc index c0cd8b31d5..1fdfcced8e 100644 --- a/meta/recipes-devtools/gcc/gcc-10.2.inc +++ b/meta/recipes-devtools/gcc/gcc-10.3.inc @@ -2,11 +2,11 @@ require gcc-common.inc # Third digit in PV should be incremented after a minor release -PV = "10.2.0" +PV = "10.3.0" # BINV should be incremented to a revision after a minor gcc release -BINV = "10.2.0" +BINV = "10.3.0" FILESEXTRAPATHS =. "${FILE_DIRNAME}/gcc:${FILE_DIRNAME}/gcc/backport:" @@ -65,13 +65,18 @@ SRC_URI = "\ file://0035-gentypes-genmodes-Do-not-use-__LINE__-for-maintainin.patch \ file://0036-mingw32-Enable-operation_not_supported.patch \ file://0037-libatomic-Do-not-enforce-march-on-aarch64.patch \ - file://0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch \ - file://0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch \ - file://0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch \ - file://0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch \ file://0001-libatomic-libgomp-libitc-Fix-bootstrap-PR70454.patch \ + file://0001-CVE-2021-35465.patch \ + file://0002-CVE-2021-35465.patch \ + file://0003-CVE-2021-35465.patch \ + file://0004-CVE-2021-35465.patch \ + file://0001-CVE-2021-42574.patch \ + file://0002-CVE-2021-42574.patch \ + file://0003-CVE-2021-42574.patch \ + file://0004-CVE-2021-42574.patch \ + file://0005-CVE-2021-42574.patch \ " -SRC_URI[sha256sum] = "b8dd4368bb9c7f0b98188317ee0254dd8cc99d1e3a18d0ff146c855fe16c1d8c" +SRC_URI[sha256sum] = "64f404c1a650f27fc33da242e1f2df54952e3963a49e06e73f6940f3223ac344" S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" # For dev release snapshotting @@ -118,3 +123,6 @@ EXTRA_OECONF_PATHS = "\ --with-sysroot=/not/exist \ --with-build-sysroot=${STAGING_DIR_TARGET} \ " + +# Is a binutils 2.26 issue, not gcc +CVE_CHECK_WHITELIST += "CVE-2021-37322" diff --git a/meta/recipes-devtools/gcc/gcc-cross-canadian_10.2.bb b/meta/recipes-devtools/gcc/gcc-cross-canadian_10.3.bb index bf53c5cd78..bf53c5cd78 100644 --- a/meta/recipes-devtools/gcc/gcc-cross-canadian_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-cross-canadian_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc-cross_10.2.bb b/meta/recipes-devtools/gcc/gcc-cross_10.3.bb index b43cca0c52..b43cca0c52 100644 --- a/meta/recipes-devtools/gcc/gcc-cross_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-cross_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc-crosssdk_10.2.bb b/meta/recipes-devtools/gcc/gcc-crosssdk_10.3.bb index 40a6c4feff..40a6c4feff 100644 --- a/meta/recipes-devtools/gcc/gcc-crosssdk_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-crosssdk_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc-runtime_10.2.bb b/meta/recipes-devtools/gcc/gcc-runtime_10.3.bb index dd430b57eb..dd430b57eb 100644 --- a/meta/recipes-devtools/gcc/gcc-runtime_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-runtime_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc-sanitizers_10.2.bb b/meta/recipes-devtools/gcc/gcc-sanitizers_10.3.bb index f3c7058114..f3c7058114 100644 --- a/meta/recipes-devtools/gcc/gcc-sanitizers_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-sanitizers_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc-source_10.2.bb b/meta/recipes-devtools/gcc/gcc-source_10.3.bb index b890fa33ea..b890fa33ea 100644 --- a/meta/recipes-devtools/gcc/gcc-source_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc-source_10.3.bb diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch new file mode 100644 index 0000000000..4d7c7e3f18 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-35465.patch @@ -0,0 +1,138 @@ +From 3929bca9ca95de9d35e82ae8828b188029e3eb70 Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw <rearnsha@arm.com> +Date: Fri, 11 Jun 2021 16:02:05 +0100 +Subject: [PATCH] arm: Add command-line option for enabling CVE-2021-35465 + mitigation [PR102035] + +Add a new option, -mfix-cmse-cve-2021-35465 and document it. Enable it +automatically for cortex-m33, cortex-m35p and cortex-m55. + +gcc: + PR target/102035 + * config/arm/arm.opt (mfix-cmse-cve-2021-35465): New option. + * doc/invoke.texi (Arm Options): Document it. + * config/arm/arm-cpus.in (quirk_vlldm): New feature bit. + (ALL_QUIRKS): Add quirk_vlldm. + (cortex-m33): Add quirk_vlldm. + (cortex-m35p, cortex-m55): Likewise. + * config/arm/arm.c (arm_option_override): Enable fix_vlldm if + targetting an affected CPU and not explicitly controlled on + the command line. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=3929bca9ca95de9d35e82ae8828b188029e3eb70] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + gcc/config/arm/arm-cpus.in | 9 +++++++-- + gcc/config/arm/arm.c | 9 +++++++++ + gcc/config/arm/arm.opt | 4 ++++ + gcc/doc/invoke.texi | 9 +++++++++ + 4 files changed, 29 insertions(+), 2 deletions(-) + +diff --git a/gcc/config/arm/arm.c b/gcc/config/arm/arm.c +--- a/gcc/config/arm/arm.c 2020-07-22 23:35:17.344384552 -0700 ++++ b/gcc/config/arm/arm.c 2021-11-11 20:16:19.761241867 -0800 +@@ -3610,6 +3610,15 @@ arm_option_override (void) + fix_cm3_ldrd = 0; + } + ++ /* Enable fix_vlldm by default if required. */ ++ if (fix_vlldm == 2) ++ { ++ if (bitmap_bit_p (arm_active_target.isa, isa_bit_quirk_vlldm)) ++ fix_vlldm = 1; ++ else ++ fix_vlldm = 0; ++ } ++ + /* Hot/Cold partitioning is not currently supported, since we can't + handle literal pool placement in that case. */ + if (flag_reorder_blocks_and_partition) +diff --git a/gcc/config/arm/arm-cpus.in b/gcc/config/arm/arm-cpus.in +--- a/gcc/config/arm/arm-cpus.in 2020-07-22 23:35:17.340384509 -0700 ++++ b/gcc/config/arm/arm-cpus.in 2021-11-11 20:17:01.364573561 -0800 +@@ -186,6 +186,9 @@ define feature quirk_armv6kz + # Cortex-M3 LDRD quirk. + define feature quirk_cm3_ldrd + ++# v8-m/v8.1-m VLLDM errata. ++define feature quirk_vlldm ++ + # Don't use .cpu assembly directive + define feature quirk_no_asmcpu + +@@ -322,7 +325,7 @@ define implied vfp_base MVE MVE_FP ALL_F + # architectures. + # xscale isn't really a 'quirk', but it isn't an architecture either and we + # need to ignore it for matching purposes. +-define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd xscale quirk_no_asmcpu ++define fgroup ALL_QUIRKS quirk_no_volatile_ce quirk_armv6kz quirk_cm3_ldrd quirk_vlldm xscale quirk_no_asmcpu + + # Architecture entries + # format: +@@ -1524,6 +1527,7 @@ begin cpu cortex-m33 + architecture armv8-m.main+dsp+fp + option nofp remove ALL_FP + option nodsp remove armv7em ++ isa quirk_vlldm + costs v7m + end cpu cortex-m33 + +@@ -1533,6 +1537,7 @@ begin cpu cortex-m35p + architecture armv8-m.main+dsp+fp + option nofp remove ALL_FP + option nodsp remove armv7em ++ isa quirk_vlldm + costs v7m + end cpu cortex-m35p + +@@ -1544,7 +1549,7 @@ begin cpu cortex-m55 + option nomve remove mve mve_float + option nofp remove ALL_FP mve_float + option nodsp remove MVE mve_float +- isa quirk_no_asmcpu ++ isa quirk_no_asmcpu quirk_vlldm + costs v7m + vendor 41 + end cpu cortex-m55 +diff --git a/gcc/config/arm/arm.opt b/gcc/config/arm/arm.opt +--- a/gcc/config/arm/arm.opt 2020-07-22 23:35:17.344384552 -0700 ++++ b/gcc/config/arm/arm.opt 2021-11-11 20:16:19.761241867 -0800 +@@ -271,6 +271,10 @@ Target Report Var(fix_cm3_ldrd) Init(2) + Avoid overlapping destination and address registers on LDRD instructions + that may trigger Cortex-M3 errata. + ++mfix-cmse-cve-2021-35465 ++Target Var(fix_vlldm) Init(2) ++Mitigate issues with VLLDM on some M-profile devices (CVE-2021-35465). ++ + munaligned-access + Target Report Var(unaligned_access) Init(2) Save + Enable unaligned word and halfword accesses to packed data. +diff -upr a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-11-11 19:30:56.264523105 -0800 ++++ b/gcc/doc/invoke.texi 2021-11-11 20:16:19.769241739 -0800 +@@ -774,6 +774,7 @@ Objective-C and Objective-C++ Dialects}. + -mverbose-cost-dump @gol + -mpure-code @gol + -mcmse @gol ++-mfix-cmse-cve-2021-35465 @gol + -mfdpic} + + @emph{AVR Options} +@@ -21266,6 +21267,14 @@ Use multiply and add/subtract instructio + + Do not use multiply and add/subtract instructions. + ++@item -mfix-cmse-cve-2021-35465 ++@opindex mfix-cmse-cve-2021-35465 ++Mitigate against a potential security issue with the @code{VLLDM} instruction ++in some M-profile devices when using CMSE (CVE-2021-365465). This option is ++enabled by default when the option @option{-mcpu=} is used with ++@code{cortex-m33}, @code{cortex-m35p} or @code{cortex-m55}. The option ++@option{-mno-fix-cmse-cve-2021-35465} can be used to disable the mitigation. ++ + @item -mfdpic + @opindex mfdpic + diff --git a/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch new file mode 100644 index 0000000000..e0f4f7d32f --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0001-CVE-2021-42574.patch @@ -0,0 +1,2906 @@ +From 004bb936d6d5f177af26ad4905595e843d5665a5 Mon Sep 17 00:00:00 2001 +From: Lewis Hyatt <lhyatt@gmail.com> +Date: Tue, 14 Jul 2020 12:05:56 -0400 +Subject: [PATCH] diagnostics: Support conversion of tabs to spaces [PR49973] + [PR86904] + +Supports conversion of tabs to spaces when outputting diagnostics. Also +adds -fdiagnostics-column-unit and -fdiagnostics-column-origin options to +control how the column number is output, thereby resolving the two PRs. + +gcc/c-family/ChangeLog: + + PR other/86904 + * c-indentation.c (should_warn_for_misleading_indentation): Get + global tabstop from the new source. + * c-opts.c (c_common_handle_option): Remove handling of -ftabstop, which + is now a common option. + * c.opt: Likewise. + +gcc/ChangeLog: + + PR preprocessor/49973 + PR other/86904 + * common.opt: Handle -ftabstop here instead of in c-family + options. Add -fdiagnostics-column-unit= and + -fdiagnostics-column-origin= options. + * opts.c (common_handle_option): Handle the new options. + * diagnostic-format-json.cc (json_from_expanded_location): Add + diagnostic_context argument. Use it to convert column numbers as per + the new options. + (json_from_location_range): Likewise. + (json_from_fixit_hint): Likewise. + (json_end_diagnostic): Pass the new context argument to helper + functions above. Add "column-origin" field to the output. + (test_unknown_location): Add the new context argument to calls to + helper functions. + (test_bad_endpoints): Likewise. + * diagnostic-show-locus.c + (exploc_with_display_col::exploc_with_display_col): Support + tabstop parameter. + (layout_point::layout_point): Make use of class + exploc_with_display_col. + (layout_range::layout_range): Likewise. + (struct line_bounds): Clarify that the units are now always + display columns. Rename members accordingly. Add constructor. + (layout::print_source_line): Add support for tab expansion. + (make_range): Adapt to class layout_range changes. + (layout::maybe_add_location_range): Likewise. + (layout::layout): Adapt to class exploc_with_display_col changes. + (layout::calculate_x_offset_display): Support tabstop parameter. + (layout::print_annotation_line): Adapt to struct line_bounds changes. + (layout::print_line): Likewise. + (line_label::line_label): Add diagnostic_context argument. + (get_affected_range): Likewise. + (get_printed_columns): Likewise. + (layout::print_any_labels): Adapt to struct line_label changes. + (class correction): Add m_tabstop member. + (correction::correction): Add tabstop argument. + (correction::compute_display_cols): Use m_tabstop. + (class line_corrections): Add m_context member. + (line_corrections::line_corrections): Add diagnostic_context argument. + (line_corrections::add_hint): Use m_context to handle tabstops. + (layout::print_trailing_fixits): Adapt to class line_corrections + changes. + (test_layout_x_offset_display_utf8): Support tabstop parameter. + (test_layout_x_offset_display_tab): New selftest. + (test_one_liner_colorized_utf8): Likewise. + (test_tab_expansion): Likewise. + (test_diagnostic_show_locus_one_liner_utf8): Call the new tests. + (diagnostic_show_locus_c_tests): Likewise. + (test_overlapped_fixit_printing): Adapt to helper class and + function changes. + (test_overlapped_fixit_printing_utf8): Likewise. + (test_overlapped_fixit_printing_2): Likewise. + * diagnostic.h (enum diagnostics_column_unit): New enum. + (struct diagnostic_context): Add members for the new options. + (diagnostic_converted_column): Declare. + (json_from_expanded_location): Add new context argument. + * diagnostic.c (diagnostic_initialize): Initialize new members. + (diagnostic_converted_column): New function. + (maybe_line_and_column): Be willing to output a column of 0. + (diagnostic_get_location_text): Convert column number as per the new + options. + (diagnostic_report_current_module): Likewise. + (assert_location_text): Add origin and column_unit arguments for + testing the new functionality. + (test_diagnostic_get_location_text): Test the new functionality. + * doc/invoke.texi: Document the new options and behavior. + * input.h (location_compute_display_column): Add tabstop argument. + * input.c (location_compute_display_column): Likewise. + (test_cpp_utf8): Add selftests for tab expansion. + * tree-diagnostic-path.cc (default_tree_make_json_for_path): Pass the + new context argument to json_from_expanded_location(). + +libcpp/ChangeLog: + + PR preprocessor/49973 + PR other/86904 + * include/cpplib.h (struct cpp_options): Removed support for -ftabstop, + which is now handled by diagnostic_context. + (class cpp_display_width_computation): New class. + (cpp_byte_column_to_display_column): Add optional tabstop argument. + (cpp_display_width): Likewise. + (cpp_display_column_to_byte_column): Likewise. + * charset.c + (cpp_display_width_computation::cpp_display_width_computation): New + function. + (cpp_display_width_computation::advance_display_cols): Likewise. + (compute_next_display_width): Removed and implemented this + functionality in a new function... + (cpp_display_width_computation::process_next_codepoint): ...here. + (cpp_byte_column_to_display_column): Added tabstop argument. + Reimplemented in terms of class cpp_display_width_computation. + (cpp_display_column_to_byte_column): Likewise. + * init.c (cpp_create_reader): Remove handling of -ftabstop, which is now + handled by diagnostic_context. + +gcc/testsuite/ChangeLog: + + PR preprocessor/49973 + PR other/86904 + * c-c++-common/Wmisleading-indentation-3.c: Adjust expected output + for new defaults. + * c-c++-common/Wmisleading-indentation.c: Likewise. + * c-c++-common/diagnostic-format-json-1.c: Likewise. + * c-c++-common/diagnostic-format-json-2.c: Likewise. + * c-c++-common/diagnostic-format-json-3.c: Likewise. + * c-c++-common/diagnostic-format-json-4.c: Likewise. + * c-c++-common/diagnostic-format-json-5.c: Likewise. + * c-c++-common/missing-close-symbol.c: Likewise. + * g++.dg/diagnostic/bad-binary-ops.C: Likewise. + * g++.dg/parse/error4.C: Likewise. + * g++.old-deja/g++.brendan/crash11.C: Likewise. + * g++.old-deja/g++.pt/overload2.C: Likewise. + * g++.old-deja/g++.robertl/eb109.C: Likewise. + * gcc.dg/analyzer/malloc-paths-9.c: Likewise. + * gcc.dg/bad-binary-ops.c: Likewise. + * gcc.dg/format/branch-1.c: Likewise. + * gcc.dg/format/pr79210.c: Likewise. + * gcc.dg/plugin/diagnostic-test-expressions-1.c: Likewise. + * gcc.dg/plugin/diagnostic-test-string-literals-1.c: Likewise. + * gcc.dg/redecl-4.c: Likewise. + * gfortran.dg/diagnostic-format-json-1.F90: Likewise. + * gfortran.dg/diagnostic-format-json-2.F90: Likewise. + * gfortran.dg/diagnostic-format-json-3.F90: Likewise. + * go.dg/arrayclear.go: Add a comment explaining why adding a + comment was necessary to work around a dejagnu bug. + * c-c++-common/diagnostic-units-1.c: New test. + * c-c++-common/diagnostic-units-2.c: New test. + * c-c++-common/diagnostic-units-3.c: New test. + * c-c++-common/diagnostic-units-4.c: New test. + * c-c++-common/diagnostic-units-5.c: New test. + * c-c++-common/diagnostic-units-6.c: New test. + * c-c++-common/diagnostic-units-7.c: New test. + * c-c++-common/diagnostic-units-8.c: New test. + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=004bb936d6d5f177af26ad4905595e843d5665a5] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> +--- + gcc/c-family/c-indentation.c | 5 +- + gcc/c-family/c-opts.c | 6 - + gcc/c-family/c.opt | 4 - + gcc/common.opt | 21 + + gcc/diagnostic-format-json.cc | 55 +- + gcc/diagnostic-show-locus.c | 504 +++++++++++++----- + gcc/diagnostic.c | 113 +++- + gcc/diagnostic.h | 28 +- + gcc/doc/invoke.texi | 68 ++- + gcc/input.c | 72 ++- + gcc/input.h | 4 +- + gcc/opts.c | 14 + + .../c-c++-common/Wmisleading-indentation-3.c | 12 +- + .../c-c++-common/Wmisleading-indentation.c | 6 +- + .../c-c++-common/diagnostic-format-json-1.c | 5 + + .../c-c++-common/diagnostic-format-json-2.c | 5 + + .../c-c++-common/diagnostic-format-json-3.c | 5 + + .../c-c++-common/diagnostic-format-json-4.c | 9 + + .../c-c++-common/diagnostic-format-json-5.c | 9 + + .../c-c++-common/diagnostic-units-1.c | 28 + + .../c-c++-common/diagnostic-units-2.c | 28 + + .../c-c++-common/diagnostic-units-3.c | 28 + + .../c-c++-common/diagnostic-units-4.c | 28 + + .../c-c++-common/diagnostic-units-5.c | 28 + + .../c-c++-common/diagnostic-units-6.c | 28 + + .../c-c++-common/diagnostic-units-7.c | 28 + + .../c-c++-common/diagnostic-units-8.c | 28 + + .../c-c++-common/missing-close-symbol.c | 6 +- + .../g++.dg/diagnostic/bad-binary-ops.C | 8 +- + gcc/testsuite/g++.dg/parse/error4.C | 2 +- + .../g++.old-deja/g++.brendan/crash11.C | 4 +- + gcc/testsuite/g++.old-deja/g++.pt/overload2.C | 2 +- + .../g++.old-deja/g++.robertl/eb109.C | 4 +- + .../gcc.dg/analyzer/malloc-paths-9.c | 2 +- + gcc/testsuite/gcc.dg/bad-binary-ops.c | 8 +- + gcc/testsuite/gcc.dg/format/branch-1.c | 2 +- + gcc/testsuite/gcc.dg/format/pr79210.c | 2 +- + .../plugin/diagnostic-test-expressions-1.c | 16 +- + .../diagnostic-test-string-literals-1.c | 4 +- + gcc/testsuite/gcc.dg/redecl-4.c | 2 +- + .../gfortran.dg/diagnostic-format-json-1.F90 | 5 + + .../gfortran.dg/diagnostic-format-json-2.F90 | 5 + + .../gfortran.dg/diagnostic-format-json-3.F90 | 5 + + gcc/testsuite/go.dg/arrayclear.go | 3 + + gcc/tree-diagnostic-path.cc | 5 +- + libcpp/charset.c | 98 ++-- + libcpp/include/cpplib.h | 40 +- + libcpp/init.c | 1 - + 48 files changed, 1106 insertions(+), 287 deletions(-) + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-1.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-2.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-3.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-4.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-5.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-6.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-7.c + create mode 100644 gcc/testsuite/c-c++-common/diagnostic-units-8.c + +diff --git a/gcc/c-family/c-indentation.c b/gcc/c-family/c-indentation.c +--- a/gcc/c-family/c-indentation.c 2020-07-22 23:35:17.296384022 -0700 ++++ b/gcc/c-family/c-indentation.c 2021-12-25 01:20:53.475636694 -0800 +@@ -24,8 +24,7 @@ along with GCC; see the file COPYING3. + #include "c-common.h" + #include "c-indentation.h" + #include "selftest.h" +- +-extern cpp_options *cpp_opts; ++#include "diagnostic.h" + + /* Round up VIS_COLUMN to nearest tab stop. */ + +@@ -294,7 +293,7 @@ should_warn_for_misleading_indentation ( + expanded_location next_stmt_exploc = expand_location (next_stmt_loc); + expanded_location guard_exploc = expand_location (guard_loc); + +- const unsigned int tab_width = cpp_opts->tabstop; ++ const unsigned int tab_width = global_dc->tabstop; + + /* They must be in the same file. */ + if (next_stmt_exploc.file != body_exploc.file) +diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt +--- a/gcc/c-family/c.opt 2021-12-24 20:23:42.816809230 -0800 ++++ b/gcc/c-family/c.opt 2021-12-25 01:20:53.475636694 -0800 +@@ -1876,10 +1876,6 @@ Enum(strong_eval_order) String(some) Val + EnumValue + Enum(strong_eval_order) String(all) Value(2) + +-ftabstop= +-C ObjC C++ ObjC++ Joined RejectNegative UInteger +--ftabstop=<number> Distance between tab stops for column reporting. +- + ftemplate-backtrace-limit= + C++ ObjC++ Joined RejectNegative UInteger Var(template_backtrace_limit) Init(10) + Set the maximum number of template instantiation notes for a single warning or error. +diff --git a/gcc/c-family/c-opts.c b/gcc/c-family/c-opts.c +--- a/gcc/c-family/c-opts.c 2021-12-24 20:23:44.824774786 -0800 ++++ b/gcc/c-family/c-opts.c 2021-12-25 01:20:53.475636694 -0800 +@@ -504,12 +504,6 @@ c_common_handle_option (size_t scode, co + cpp_opts->track_macro_expansion = 2; + break; + +- case OPT_ftabstop_: +- /* It is documented that we silently ignore silly values. */ +- if (value >= 1 && value <= 100) +- cpp_opts->tabstop = value; +- break; +- + case OPT_fexec_charset_: + cpp_opts->narrow_charset = arg; + break; +diff --git a/gcc/common.opt b/gcc/common.opt +--- a/gcc/common.opt 2021-12-24 20:23:42.480814993 -0800 ++++ b/gcc/common.opt 2021-12-25 01:20:53.475636694 -0800 +@@ -1325,6 +1325,14 @@ Enum(diagnostic_url_rule) String(always) + EnumValue + Enum(diagnostic_url_rule) String(auto) Value(DIAGNOSTICS_URL_AUTO) + ++fdiagnostics-column-unit= ++Common Joined RejectNegative Enum(diagnostics_column_unit) ++-fdiagnostics-column-unit=[display|byte] Select whether column numbers are output as display columns (default) or raw bytes. ++ ++fdiagnostics-column-origin= ++Common Joined RejectNegative UInteger ++-fdiagnostics-column-origin=<number> Set the number of the first column. The default is 1-based as per GNU style, but some utilities may expect 0-based, for example. ++ + fdiagnostics-format= + Common Joined RejectNegative Enum(diagnostics_output_format) + -fdiagnostics-format=[text|json] Select output format. +@@ -1334,6 +1342,15 @@ SourceInclude + diagnostic.h + + Enum ++Name(diagnostics_column_unit) Type(int) ++ ++EnumValue ++Enum(diagnostics_column_unit) String(display) Value(DIAGNOSTICS_COLUMN_UNIT_DISPLAY) ++ ++EnumValue ++Enum(diagnostics_column_unit) String(byte) Value(DIAGNOSTICS_COLUMN_UNIT_BYTE) ++ ++Enum + Name(diagnostics_output_format) Type(int) + + EnumValue +@@ -1362,6 +1379,10 @@ fdiagnostics-path-format= + Common Joined RejectNegative Var(flag_diagnostics_path_format) Enum(diagnostic_path_format) Init(DPF_INLINE_EVENTS) + Specify how to print any control-flow path associated with a diagnostic. + ++ftabstop= ++Common Joined RejectNegative UInteger ++-ftabstop=<number> Distance between tab stops for column reporting. ++ + Enum + Name(diagnostic_path_format) Type(int) + +diff --git a/gcc/diagnostic.c b/gcc/diagnostic.c +--- a/gcc/diagnostic.c 2020-07-22 23:35:17.556386887 -0700 ++++ b/gcc/diagnostic.c 2021-12-25 01:23:41.300841207 -0800 +@@ -38,6 +38,7 @@ along with GCC; see the file COPYING3. + #include "selftest.h" + #include "selftest-diagnostic.h" + #include "opts.h" ++#include "cpplib.h" + + #ifdef HAVE_TERMIOS_H + # include <termios.h> +@@ -219,6 +220,9 @@ diagnostic_initialize (diagnostic_contex + context->min_margin_width = 0; + context->show_ruler_p = false; + context->parseable_fixits_p = false; ++ context->column_unit = DIAGNOSTICS_COLUMN_UNIT_DISPLAY; ++ context->column_origin = 1; ++ context->tabstop = 8; + context->edit_context_ptr = NULL; + context->diagnostic_group_nesting_depth = 0; + context->diagnostic_group_emission_count = 0; +@@ -353,8 +357,51 @@ diagnostic_get_color_for_kind (diagnosti + return diagnostic_kind_color[kind]; + } + ++/* Given an expanded_location, convert the column (which is in 1-based bytes) ++ to the requested units, without converting the origin. ++ Return -1 if the column is invalid (<= 0). */ ++ ++static int ++convert_column_unit (enum diagnostics_column_unit column_unit, ++ int tabstop, ++ expanded_location s) ++{ ++ if (s.column <= 0) ++ return -1; ++ ++ switch (column_unit) ++ { ++ default: ++ gcc_unreachable (); ++ ++ case DIAGNOSTICS_COLUMN_UNIT_DISPLAY: ++ { ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); ++ return location_compute_display_column (s, policy); ++ } ++ ++ case DIAGNOSTICS_COLUMN_UNIT_BYTE: ++ return s.column; ++ } ++} ++ ++/* Given an expanded_location, convert the column (which is in 1-based bytes) ++ to the requested units and origin. Return -1 if the column is ++ invalid (<= 0). */ ++int ++diagnostic_converted_column (diagnostic_context *context, expanded_location s) ++{ ++ int one_based_col ++ = convert_column_unit (context->column_unit, context->tabstop, s); ++ if (one_based_col <= 0) ++ return -1; ++ return one_based_col + (context->column_origin - 1); ++} ++ + /* Return a formatted line and column ':%line:%column'. Elided if +- zero. The result is a statically allocated buffer. */ ++ line == 0 or col < 0. (A column of 0 may be valid due to the ++ -fdiagnostics-column-origin option.) ++ The result is a statically allocated buffer. */ + + static const char * + maybe_line_and_column (int line, int col) +@@ -363,8 +410,9 @@ maybe_line_and_column (int line, int col + + if (line) + { +- size_t l = snprintf (result, sizeof (result), +- col ? ":%d:%d" : ":%d", line, col); ++ size_t l ++ = snprintf (result, sizeof (result), ++ col >= 0 ? ":%d:%d" : ":%d", line, col); + gcc_checking_assert (l < sizeof (result)); + } + else +@@ -383,8 +431,14 @@ diagnostic_get_location_text (diagnostic + const char *locus_cs = colorize_start (pp_show_color (pp), "locus"); + const char *locus_ce = colorize_stop (pp_show_color (pp)); + const char *file = s.file ? s.file : progname; +- int line = strcmp (file, N_("<built-in>")) ? s.line : 0; +- int col = context->show_column ? s.column : 0; ++ int line = 0; ++ int col = -1; ++ if (strcmp (file, N_("<built-in>"))) ++ { ++ line = s.line; ++ if (context->show_column) ++ col = diagnostic_converted_column (context, s); ++ } + + const char *line_col = maybe_line_and_column (line, col); + return build_message_string ("%s%s%s:%s", locus_cs, file, +@@ -650,14 +704,20 @@ diagnostic_report_current_module (diagno + if (! MAIN_FILE_P (map)) + { + bool first = true; ++ expanded_location s = {}; + do + { + where = linemap_included_from (map); + map = linemap_included_from_linemap (line_table, map); +- const char *line_col +- = maybe_line_and_column (SOURCE_LINE (map, where), +- first && context->show_column +- ? SOURCE_COLUMN (map, where) : 0); ++ s.file = LINEMAP_FILE (map); ++ s.line = SOURCE_LINE (map, where); ++ int col = -1; ++ if (first && context->show_column) ++ { ++ s.column = SOURCE_COLUMN (map, where); ++ col = diagnostic_converted_column (context, s); ++ } ++ const char *line_col = maybe_line_and_column (s.line, col); + static const char *const msgs[] = + { + N_("In file included from"), +@@ -666,7 +726,7 @@ diagnostic_report_current_module (diagno + unsigned index = !first; + pp_verbatim (context->printer, "%s%s %r%s%s%R", + first ? "" : ",\n", _(msgs[index]), +- "locus", LINEMAP_FILE (map), line_col); ++ "locus", s.file, line_col); + first = false; + } + while (! MAIN_FILE_P (map)); +@@ -2042,10 +2102,15 @@ test_print_parseable_fixits_replace () + static void + assert_location_text (const char *expected_loc_text, + const char *filename, int line, int column, +- bool show_column) ++ bool show_column, ++ int origin = 1, ++ enum diagnostics_column_unit column_unit ++ = DIAGNOSTICS_COLUMN_UNIT_BYTE) + { + test_diagnostic_context dc; + dc.show_column = show_column; ++ dc.column_unit = column_unit; ++ dc.column_origin = origin; + + expanded_location xloc; + xloc.file = filename; +@@ -2069,7 +2134,10 @@ test_diagnostic_get_location_text () + assert_location_text ("PROGNAME:", NULL, 0, 0, true); + assert_location_text ("<built-in>:", "<built-in>", 42, 10, true); + assert_location_text ("foo.c:42:10:", "foo.c", 42, 10, true); +- assert_location_text ("foo.c:42:", "foo.c", 42, 0, true); ++ assert_location_text ("foo.c:42:9:", "foo.c", 42, 10, true, 0); ++ assert_location_text ("foo.c:42:1010:", "foo.c", 42, 10, true, 1001); ++ for (int origin = 0; origin != 2; ++origin) ++ assert_location_text ("foo.c:42:", "foo.c", 42, 0, true, origin); + assert_location_text ("foo.c:", "foo.c", 0, 10, true); + assert_location_text ("foo.c:42:", "foo.c", 42, 10, false); + assert_location_text ("foo.c:", "foo.c", 0, 10, false); +@@ -2077,6 +2145,41 @@ test_diagnostic_get_location_text () + maybe_line_and_column (INT_MAX, INT_MAX); + maybe_line_and_column (INT_MIN, INT_MIN); + ++ { ++ /* In order to test display columns vs byte columns, we need to create a ++ file for location_get_source_line() to read. */ ++ ++ const char *const content = "smile \xf0\x9f\x98\x82\n"; ++ const int line_bytes = strlen (content) - 1; ++ const int def_tabstop = 8; ++ const int display_width = cpp_display_width (content, line_bytes, ++ def_tabstop); ++ ASSERT_EQ (line_bytes - 2, display_width); ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content); ++ const char *const fname = tmp.get_filename (); ++ const int buf_len = strlen (fname) + 16; ++ char *const expected = XNEWVEC (char, buf_len); ++ ++ snprintf (expected, buf_len, "%s:1:%d:", fname, line_bytes); ++ assert_location_text (expected, fname, 1, line_bytes, true, ++ 1, DIAGNOSTICS_COLUMN_UNIT_BYTE); ++ ++ snprintf (expected, buf_len, "%s:1:%d:", fname, line_bytes - 1); ++ assert_location_text (expected, fname, 1, line_bytes, true, ++ 0, DIAGNOSTICS_COLUMN_UNIT_BYTE); ++ ++ snprintf (expected, buf_len, "%s:1:%d:", fname, display_width); ++ assert_location_text (expected, fname, 1, line_bytes, true, ++ 1, DIAGNOSTICS_COLUMN_UNIT_DISPLAY); ++ ++ snprintf (expected, buf_len, "%s:1:%d:", fname, display_width - 1); ++ assert_location_text (expected, fname, 1, line_bytes, true, ++ 0, DIAGNOSTICS_COLUMN_UNIT_DISPLAY); ++ ++ XDELETEVEC (expected); ++ } ++ ++ + progname = old_progname; + } + +diff --git a/gcc/diagnostic-format-json.cc b/gcc/diagnostic-format-json.cc +--- a/gcc/diagnostic-format-json.cc 2020-07-22 23:35:17.556386887 -0700 ++++ b/gcc/diagnostic-format-json.cc 2021-12-25 01:20:53.475636694 -0800 +@@ -23,6 +23,7 @@ along with GCC; see the file COPYING3. + #include "system.h" + #include "coretypes.h" + #include "diagnostic.h" ++#include "selftest-diagnostic.h" + #include "diagnostic-metadata.h" + #include "json.h" + #include "selftest.h" +@@ -43,21 +44,43 @@ static json::array *cur_children_array; + /* Generate a JSON object for LOC. */ + + json::value * +-json_from_expanded_location (location_t loc) ++json_from_expanded_location (diagnostic_context *context, location_t loc) + { + expanded_location exploc = expand_location (loc); + json::object *result = new json::object (); + if (exploc.file) + result->set ("file", new json::string (exploc.file)); + result->set ("line", new json::integer_number (exploc.line)); +- result->set ("column", new json::integer_number (exploc.column)); ++ ++ const enum diagnostics_column_unit orig_unit = context->column_unit; ++ struct ++ { ++ const char *name; ++ enum diagnostics_column_unit unit; ++ } column_fields[] = { ++ {"display-column", DIAGNOSTICS_COLUMN_UNIT_DISPLAY}, ++ {"byte-column", DIAGNOSTICS_COLUMN_UNIT_BYTE} ++ }; ++ int the_column = INT_MIN; ++ for (int i = 0; i != sizeof column_fields / sizeof (*column_fields); ++i) ++ { ++ context->column_unit = column_fields[i].unit; ++ const int col = diagnostic_converted_column (context, exploc); ++ result->set (column_fields[i].name, new json::integer_number (col)); ++ if (column_fields[i].unit == orig_unit) ++ the_column = col; ++ } ++ gcc_assert (the_column != INT_MIN); ++ result->set ("column", new json::integer_number (the_column)); ++ context->column_unit = orig_unit; + return result; + } + + /* Generate a JSON object for LOC_RANGE. */ + + static json::object * +-json_from_location_range (const location_range *loc_range, unsigned range_idx) ++json_from_location_range (diagnostic_context *context, ++ const location_range *loc_range, unsigned range_idx) + { + location_t caret_loc = get_pure_location (loc_range->m_loc); + +@@ -68,13 +91,13 @@ json_from_location_range (const location + location_t finish_loc = get_finish (loc_range->m_loc); + + json::object *result = new json::object (); +- result->set ("caret", json_from_expanded_location (caret_loc)); ++ result->set ("caret", json_from_expanded_location (context, caret_loc)); + if (start_loc != caret_loc + && start_loc != UNKNOWN_LOCATION) +- result->set ("start", json_from_expanded_location (start_loc)); ++ result->set ("start", json_from_expanded_location (context, start_loc)); + if (finish_loc != caret_loc + && finish_loc != UNKNOWN_LOCATION) +- result->set ("finish", json_from_expanded_location (finish_loc)); ++ result->set ("finish", json_from_expanded_location (context, finish_loc)); + + if (loc_range->m_label) + { +@@ -91,14 +114,14 @@ json_from_location_range (const location + /* Generate a JSON object for HINT. */ + + static json::object * +-json_from_fixit_hint (const fixit_hint *hint) ++json_from_fixit_hint (diagnostic_context *context, const fixit_hint *hint) + { + json::object *fixit_obj = new json::object (); + + location_t start_loc = hint->get_start_loc (); +- fixit_obj->set ("start", json_from_expanded_location (start_loc)); ++ fixit_obj->set ("start", json_from_expanded_location (context, start_loc)); + location_t next_loc = hint->get_next_loc (); +- fixit_obj->set ("next", json_from_expanded_location (next_loc)); ++ fixit_obj->set ("next", json_from_expanded_location (context, next_loc)); + fixit_obj->set ("string", new json::string (hint->get_string ())); + + return fixit_obj; +@@ -190,11 +213,13 @@ json_end_diagnostic (diagnostic_context + else + { + /* Otherwise, make diag_obj be the top-level object within the group; +- add a "children" array. */ ++ add a "children" array and record the column origin. */ + toplevel_array->append (diag_obj); + cur_group = diag_obj; + cur_children_array = new json::array (); + diag_obj->set ("children", cur_children_array); ++ diag_obj->set ("column-origin", ++ new json::integer_number (context->column_origin)); + } + + const rich_location *richloc = diagnostic->richloc; +@@ -205,7 +230,7 @@ json_end_diagnostic (diagnostic_context + for (unsigned int i = 0; i < richloc->get_num_locations (); i++) + { + const location_range *loc_range = richloc->get_range (i); +- json::object *loc_obj = json_from_location_range (loc_range, i); ++ json::object *loc_obj = json_from_location_range (context, loc_range, i); + if (loc_obj) + loc_array->append (loc_obj); + } +@@ -217,7 +242,7 @@ json_end_diagnostic (diagnostic_context + for (unsigned int i = 0; i < richloc->get_num_fixit_hints (); i++) + { + const fixit_hint *hint = richloc->get_fixit_hint (i); +- json::object *fixit_obj = json_from_fixit_hint (hint); ++ json::object *fixit_obj = json_from_fixit_hint (context, hint); + fixit_array->append (fixit_obj); + } + } +@@ -320,7 +345,8 @@ namespace selftest { + static void + test_unknown_location () + { +- delete json_from_expanded_location (UNKNOWN_LOCATION); ++ test_diagnostic_context dc; ++ delete json_from_expanded_location (&dc, UNKNOWN_LOCATION); + } + + /* Verify that we gracefully handle attempts to serialize bad +@@ -338,7 +364,8 @@ test_bad_endpoints () + loc_range.m_range_display_kind = SHOW_RANGE_WITH_CARET; + loc_range.m_label = NULL; + +- json::object *obj = json_from_location_range (&loc_range, 0); ++ test_diagnostic_context dc; ++ json::object *obj = json_from_location_range (&dc, &loc_range, 0); + /* We should have a "caret" value, but no "start" or "finish" values. */ + ASSERT_TRUE (obj != NULL); + ASSERT_TRUE (obj->get ("caret") != NULL); +diff --git a/gcc/diagnostic.h b/gcc/diagnostic.h +--- a/gcc/diagnostic.h 2020-07-22 23:35:17.556386887 -0700 ++++ b/gcc/diagnostic.h 2021-12-25 01:20:53.479636627 -0800 +@@ -24,6 +24,20 @@ along with GCC; see the file COPYING3. + #include "pretty-print.h" + #include "diagnostic-core.h" + ++/* An enum for controlling what units to use for the column number ++ when diagnostics are output, used by the -fdiagnostics-column-unit option. ++ Tabs will be expanded or not according to the value of -ftabstop. The origin ++ (default 1) is controlled by -fdiagnostics-column-origin. */ ++ ++enum diagnostics_column_unit ++{ ++ /* The default from GCC 11 onwards: display columns. */ ++ DIAGNOSTICS_COLUMN_UNIT_DISPLAY, ++ ++ /* The behavior in GCC 10 and earlier: simple bytes. */ ++ DIAGNOSTICS_COLUMN_UNIT_BYTE ++}; ++ + /* Enum for overriding the standard output format. */ + + enum diagnostics_output_format +@@ -280,6 +294,15 @@ struct diagnostic_context + rest of the diagnostic. */ + bool parseable_fixits_p; + ++ /* What units to use when outputting the column number. */ ++ enum diagnostics_column_unit column_unit; ++ ++ /* The origin for the column number (1-based or 0-based typically). */ ++ int column_origin; ++ ++ /* The size of the tabstop for tab expansion. */ ++ int tabstop; ++ + /* If non-NULL, an edit_context to which fix-it hints should be + applied, for generating patches. */ + edit_context *edit_context_ptr; +@@ -458,6 +481,8 @@ diagnostic_same_line (const diagnostic_c + } + + extern const char *diagnostic_get_color_for_kind (diagnostic_t kind); ++extern int diagnostic_converted_column (diagnostic_context *context, ++ expanded_location s); + + /* Pure text formatting support functions. */ + extern char *file_name_as_prefix (diagnostic_context *, const char *); +@@ -470,6 +495,7 @@ extern void diagnostic_output_format_ini + /* Compute the number of digits in the decimal representation of an integer. */ + extern int num_digits (int); + +-extern json::value *json_from_expanded_location (location_t loc); ++extern json::value *json_from_expanded_location (diagnostic_context *context, ++ location_t loc); + + #endif /* ! GCC_DIAGNOSTIC_H */ +diff --git a/gcc/diagnostic-show-locus.c b/gcc/diagnostic-show-locus.c +--- a/gcc/diagnostic-show-locus.c 2020-07-22 23:35:17.556386887 -0700 ++++ b/gcc/diagnostic-show-locus.c 2021-12-25 01:20:53.479636627 -0800 +@@ -175,9 +175,10 @@ enum column_unit { + class exploc_with_display_col : public expanded_location + { + public: +- exploc_with_display_col (const expanded_location &exploc) ++ exploc_with_display_col (const expanded_location &exploc, int tabstop) + : expanded_location (exploc), +- m_display_col (location_compute_display_column (exploc)) {} ++ m_display_col (location_compute_display_column (exploc, tabstop)) ++ {} + + int m_display_col; + }; +@@ -189,11 +190,11 @@ class exploc_with_display_col : public e + class layout_point + { + public: +- layout_point (const expanded_location &exploc) ++ layout_point (const exploc_with_display_col &exploc) + : m_line (exploc.line) + { + m_columns[CU_BYTES] = exploc.column; +- m_columns[CU_DISPLAY_COLS] = location_compute_display_column (exploc); ++ m_columns[CU_DISPLAY_COLS] = exploc.m_display_col; + } + + linenum_type m_line; +@@ -205,10 +206,10 @@ class layout_point + class layout_range + { + public: +- layout_range (const expanded_location *start_exploc, +- const expanded_location *finish_exploc, ++ layout_range (const exploc_with_display_col &start_exploc, ++ const exploc_with_display_col &finish_exploc, + enum range_display_kind range_display_kind, +- const expanded_location *caret_exploc, ++ const exploc_with_display_col &caret_exploc, + unsigned original_idx, + const range_label *label); + +@@ -226,22 +227,18 @@ class layout_range + + /* A struct for use by layout::print_source_line for telling + layout::print_annotation_line the extents of the source line that +- it printed, so that underlines can be clipped appropriately. */ ++ it printed, so that underlines can be clipped appropriately. Units ++ are 1-based display columns. */ + + struct line_bounds + { +- int m_first_non_ws; +- int m_last_non_ws; ++ int m_first_non_ws_disp_col; ++ int m_last_non_ws_disp_col; + +- void convert_to_display_cols (char_span line) ++ line_bounds () + { +- m_first_non_ws = cpp_byte_column_to_display_column (line.get_buffer (), +- line.length (), +- m_first_non_ws); +- +- m_last_non_ws = cpp_byte_column_to_display_column (line.get_buffer (), +- line.length (), +- m_last_non_ws); ++ m_first_non_ws_disp_col = INT_MAX; ++ m_last_non_ws_disp_col = 0; + } + }; + +@@ -351,8 +348,8 @@ class layout + private: + bool will_show_line_p (linenum_type row) const; + void print_leading_fixits (linenum_type row); +- void print_source_line (linenum_type row, const char *line, int line_bytes, +- line_bounds *lbounds_out); ++ line_bounds print_source_line (linenum_type row, const char *line, ++ int line_bytes); + bool should_print_annotation_line_p (linenum_type row) const; + void start_annotation_line (char margin_char = ' ') const; + void print_annotation_line (linenum_type row, const line_bounds lbounds); +@@ -513,16 +510,16 @@ colorizer::get_color_by_name (const char + Initialize various layout_point fields from expanded_location + equivalents; we've already filtered on file. */ + +-layout_range::layout_range (const expanded_location *start_exploc, +- const expanded_location *finish_exploc, ++layout_range::layout_range (const exploc_with_display_col &start_exploc, ++ const exploc_with_display_col &finish_exploc, + enum range_display_kind range_display_kind, +- const expanded_location *caret_exploc, ++ const exploc_with_display_col &caret_exploc, + unsigned original_idx, + const range_label *label) +-: m_start (*start_exploc), +- m_finish (*finish_exploc), ++: m_start (start_exploc), ++ m_finish (finish_exploc), + m_range_display_kind (range_display_kind), +- m_caret (*caret_exploc), ++ m_caret (caret_exploc), + m_original_idx (original_idx), + m_label (label) + { +@@ -646,6 +643,9 @@ layout_range::intersects_line_p (linenum + + #if CHECKING_P + ++/* Default for when we don't care what the tab expansion is set to. */ ++static const int def_tabstop = 8; ++ + /* Create some expanded locations for testing layout_range. The filename + member of the explocs is set to the empty string. This member will only be + inspected by the calls to location_compute_display_column() made from the +@@ -662,8 +662,11 @@ make_range (int start_line, int start_co + = {"", start_line, start_col, NULL, false}; + const expanded_location finish_exploc + = {"", end_line, end_col, NULL, false}; +- return layout_range (&start_exploc, &finish_exploc, SHOW_RANGE_WITHOUT_CARET, +- &start_exploc, 0, NULL); ++ return layout_range (exploc_with_display_col (start_exploc, def_tabstop), ++ exploc_with_display_col (finish_exploc, def_tabstop), ++ SHOW_RANGE_WITHOUT_CARET, ++ exploc_with_display_col (start_exploc, def_tabstop), ++ 0, NULL); + } + + /* Selftests for layout_range::contains_point and +@@ -964,7 +967,7 @@ layout::layout (diagnostic_context * con + : m_context (context), + m_pp (context->printer), + m_primary_loc (richloc->get_range (0)->m_loc), +- m_exploc (richloc->get_expanded_location (0)), ++ m_exploc (richloc->get_expanded_location (0), context->tabstop), + m_colorizer (context, diagnostic_kind), + m_colorize_source_p (context->colorize_source_p), + m_show_labels_p (context->show_labels_p), +@@ -1060,7 +1063,10 @@ layout::maybe_add_location_range (const + + /* Everything is now known to be in the correct source file, + but it may require further sanitization. */ +- layout_range ri (&start, &finish, loc_range->m_range_display_kind, &caret, ++ layout_range ri (exploc_with_display_col (start, m_context->tabstop), ++ exploc_with_display_col (finish, m_context->tabstop), ++ loc_range->m_range_display_kind, ++ exploc_with_display_col (caret, m_context->tabstop), + original_idx, loc_range->m_label); + + /* If we have a range that finishes before it starts (perhaps +@@ -1394,7 +1400,7 @@ layout::calculate_x_offset_display () + = get_line_bytes_without_trailing_whitespace (line.get_buffer (), + line.length ()); + int eol_display_column +- = cpp_display_width (line.get_buffer (), line_bytes); ++ = cpp_display_width (line.get_buffer (), line_bytes, m_context->tabstop); + if (caret_display_column > eol_display_column + || !caret_display_column) + { +@@ -1445,16 +1451,13 @@ layout::calculate_x_offset_display () + } + + /* Print line ROW of source code, potentially colorized at any ranges, and +- populate *LBOUNDS_OUT. +- LINE is the source line (not necessarily 0-terminated) and LINE_BYTES +- is its length in bytes. +- This function deals only with byte offsets, not display columns, so +- m_x_offset_display must be converted from display to byte units. In +- particular, LINE_BYTES and LBOUNDS_OUT are in bytes. */ ++ return the line bounds. LINE is the source line (not necessarily ++ 0-terminated) and LINE_BYTES is its length in bytes. In order to handle both ++ colorization and tab expansion, this function tracks the line position in ++ both byte and display column units. */ + +-void +-layout::print_source_line (linenum_type row, const char *line, int line_bytes, +- line_bounds *lbounds_out) ++line_bounds ++layout::print_source_line (linenum_type row, const char *line, int line_bytes) + { + m_colorizer.set_normal_text (); + +@@ -1469,30 +1472,29 @@ layout::print_source_line (linenum_type + else + pp_space (m_pp); + +- /* We will stop printing the source line at any trailing whitespace, and start +- printing it as per m_x_offset_display. */ ++ /* We will stop printing the source line at any trailing whitespace. */ + line_bytes = get_line_bytes_without_trailing_whitespace (line, + line_bytes); +- int x_offset_bytes = 0; +- if (m_x_offset_display) +- { +- x_offset_bytes = cpp_display_column_to_byte_column (line, line_bytes, +- m_x_offset_display); +- /* In case the leading portion of the line that will be skipped over ends +- with a character with wcwidth > 1, then it is possible we skipped too +- much, so account for that by padding with spaces. */ +- const int overage +- = cpp_byte_column_to_display_column (line, line_bytes, x_offset_bytes) +- - m_x_offset_display; +- for (int column = 0; column < overage; ++column) +- pp_space (m_pp); +- line += x_offset_bytes; +- } + +- /* Print the line. */ +- int first_non_ws = INT_MAX; +- int last_non_ws = 0; +- for (int col_byte = 1 + x_offset_bytes; col_byte <= line_bytes; col_byte++) ++ /* This object helps to keep track of which display column we are at, which is ++ necessary for computing the line bounds in display units, for doing ++ tab expansion, and for implementing m_x_offset_display. */ ++ cpp_display_width_computation dw (line, line_bytes, m_context->tabstop); ++ ++ /* Skip the first m_x_offset_display display columns. In case the leading ++ portion that will be skipped ends with a character with wcwidth > 1, then ++ it is possible we skipped too much, so account for that by padding with ++ spaces. Note that this does the right thing too in case a tab was the last ++ character to be skipped over; the tab is effectively replaced by the ++ correct number of trailing spaces needed to offset by the desired number of ++ display columns. */ ++ for (int skipped_display_cols = dw.advance_display_cols (m_x_offset_display); ++ skipped_display_cols > m_x_offset_display; --skipped_display_cols) ++ pp_space (m_pp); ++ ++ /* Print the line and compute the line_bounds. */ ++ line_bounds lbounds; ++ while (!dw.done ()) + { + /* Assuming colorization is enabled for the caret and underline + characters, we may also colorize the associated characters +@@ -1510,7 +1512,8 @@ layout::print_source_line (linenum_type + { + bool in_range_p; + point_state state; +- in_range_p = get_state_at_point (row, col_byte, ++ const int start_byte_col = dw.bytes_processed () + 1; ++ in_range_p = get_state_at_point (row, start_byte_col, + 0, INT_MAX, + CU_BYTES, + &state); +@@ -1519,22 +1522,44 @@ layout::print_source_line (linenum_type + else + m_colorizer.set_normal_text (); + } +- char c = *line; +- if (c == '\0' || c == '\t' || c == '\r') +- c = ' '; +- if (c != ' ') ++ ++ /* Get the display width of the next character to be output, expanding ++ tabs and replacing some control bytes with spaces as necessary. */ ++ const char *c = dw.next_byte (); ++ const int start_disp_col = dw.display_cols_processed () + 1; ++ const int this_display_width = dw.process_next_codepoint (); ++ if (*c == '\t') ++ { ++ /* The returned display width is the number of spaces into which the ++ tab should be expanded. */ ++ for (int i = 0; i != this_display_width; ++i) ++ pp_space (m_pp); ++ continue; ++ } ++ if (*c == '\0' || *c == '\r') + { +- last_non_ws = col_byte; +- if (first_non_ws == INT_MAX) +- first_non_ws = col_byte; ++ /* cpp_wcwidth() promises to return 1 for all control bytes, and we ++ want to output these as a single space too, so this case is ++ actually the same as the '\t' case. */ ++ gcc_assert (this_display_width == 1); ++ pp_space (m_pp); ++ continue; + } +- pp_character (m_pp, c); +- line++; ++ ++ /* We have a (possibly multibyte) character to output; update the line ++ bounds if it is not whitespace. */ ++ if (*c != ' ') ++ { ++ lbounds.m_last_non_ws_disp_col = dw.display_cols_processed (); ++ if (lbounds.m_first_non_ws_disp_col == INT_MAX) ++ lbounds.m_first_non_ws_disp_col = start_disp_col; ++ } ++ ++ /* Output the character. */ ++ while (c != dw.next_byte ()) pp_character (m_pp, *c++); + } + print_newline (); +- +- lbounds_out->m_first_non_ws = first_non_ws; +- lbounds_out->m_last_non_ws = last_non_ws; ++ return lbounds; + } + + /* Determine if we should print an annotation line for ROW. +@@ -1576,14 +1601,13 @@ layout::start_annotation_line (char marg + } + + /* Print a line consisting of the caret/underlines for the given +- source line. This function works with display columns, rather than byte +- counts; in particular, LBOUNDS should be in display column units. */ ++ source line. */ + + void + layout::print_annotation_line (linenum_type row, const line_bounds lbounds) + { + int x_bound = get_x_bound_for_row (row, m_exploc.m_display_col, +- lbounds.m_last_non_ws); ++ lbounds.m_last_non_ws_disp_col); + + start_annotation_line (); + pp_space (m_pp); +@@ -1593,8 +1617,8 @@ layout::print_annotation_line (linenum_t + bool in_range_p; + point_state state; + in_range_p = get_state_at_point (row, column, +- lbounds.m_first_non_ws, +- lbounds.m_last_non_ws, ++ lbounds.m_first_non_ws_disp_col, ++ lbounds.m_last_non_ws_disp_col, + CU_DISPLAY_COLS, + &state); + if (in_range_p) +@@ -1631,12 +1655,14 @@ layout::print_annotation_line (linenum_t + class line_label + { + public: +- line_label (int state_idx, int column, label_text text) ++ line_label (diagnostic_context *context, int state_idx, int column, ++ label_text text) + : m_state_idx (state_idx), m_column (column), + m_text (text), m_label_line (0), m_has_vbar (true) + { + const int bytes = strlen (text.m_buffer); +- m_display_width = cpp_display_width (text.m_buffer, bytes); ++ m_display_width ++ = cpp_display_width (text.m_buffer, bytes, context->tabstop); + } + + /* Sorting is primarily by column, then by state index. */ +@@ -1696,7 +1722,7 @@ layout::print_any_labels (linenum_type r + if (text.m_buffer == NULL) + continue; + +- labels.safe_push (line_label (i, disp_col, text)); ++ labels.safe_push (line_label (m_context, i, disp_col, text)); + } + } + +@@ -1976,7 +2002,8 @@ public: + + /* Get the range of bytes or display columns that HINT would affect. */ + static column_range +-get_affected_range (const fixit_hint *hint, enum column_unit col_unit) ++get_affected_range (diagnostic_context *context, ++ const fixit_hint *hint, enum column_unit col_unit) + { + expanded_location exploc_start = expand_location (hint->get_start_loc ()); + expanded_location exploc_finish = expand_location (hint->get_next_loc ()); +@@ -1986,11 +2013,13 @@ get_affected_range (const fixit_hint *hi + int finish_column; + if (col_unit == CU_DISPLAY_COLS) + { +- start_column = location_compute_display_column (exploc_start); ++ start_column ++ = location_compute_display_column (exploc_start, context->tabstop); + if (hint->insertion_p ()) + finish_column = start_column - 1; + else +- finish_column = location_compute_display_column (exploc_finish); ++ finish_column ++ = location_compute_display_column (exploc_finish, context->tabstop); + } + else + { +@@ -2003,12 +2032,12 @@ get_affected_range (const fixit_hint *hi + /* Get the range of display columns that would be printed for HINT. */ + + static column_range +-get_printed_columns (const fixit_hint *hint) ++get_printed_columns (diagnostic_context *context, const fixit_hint *hint) + { + expanded_location exploc = expand_location (hint->get_start_loc ()); +- int start_column = location_compute_display_column (exploc); +- int hint_width = cpp_display_width (hint->get_string (), +- hint->get_length ()); ++ int start_column = location_compute_display_column (exploc, context->tabstop); ++ int hint_width = cpp_display_width (hint->get_string (), hint->get_length (), ++ context->tabstop); + int final_hint_column = start_column + hint_width - 1; + if (hint->insertion_p ()) + { +@@ -2018,7 +2047,8 @@ get_printed_columns (const fixit_hint *h + { + exploc = expand_location (hint->get_next_loc ()); + --exploc.column; +- int finish_column = location_compute_display_column (exploc); ++ int finish_column ++ = location_compute_display_column (exploc, context->tabstop); + return column_range (start_column, + MAX (finish_column, final_hint_column)); + } +@@ -2035,12 +2065,14 @@ public: + correction (column_range affected_bytes, + column_range affected_columns, + column_range printed_columns, +- const char *new_text, size_t new_text_len) ++ const char *new_text, size_t new_text_len, ++ int tabstop) + : m_affected_bytes (affected_bytes), + m_affected_columns (affected_columns), + m_printed_columns (printed_columns), + m_text (xstrdup (new_text)), + m_byte_length (new_text_len), ++ m_tabstop (tabstop), + m_alloc_sz (new_text_len + 1) + { + compute_display_cols (); +@@ -2058,7 +2090,7 @@ public: + + void compute_display_cols () + { +- m_display_cols = cpp_display_width (m_text, m_byte_length); ++ m_display_cols = cpp_display_width (m_text, m_byte_length, m_tabstop); + } + + void overwrite (int dst_offset, const char_span &src_span) +@@ -2086,6 +2118,7 @@ public: + char *m_text; + size_t m_byte_length; /* Not including null-terminator. */ + int m_display_cols; ++ int m_tabstop; + size_t m_alloc_sz; + }; + +@@ -2121,13 +2154,15 @@ correction::ensure_terminated () + class line_corrections + { + public: +- line_corrections (const char *filename, linenum_type row) +- : m_filename (filename), m_row (row) ++ line_corrections (diagnostic_context *context, const char *filename, ++ linenum_type row) ++ : m_context (context), m_filename (filename), m_row (row) + {} + ~line_corrections (); + + void add_hint (const fixit_hint *hint); + ++ diagnostic_context *m_context; + const char *m_filename; + linenum_type m_row; + auto_vec <correction *> m_corrections; +@@ -2173,9 +2208,10 @@ source_line::source_line (const char *fi + void + line_corrections::add_hint (const fixit_hint *hint) + { +- column_range affected_bytes = get_affected_range (hint, CU_BYTES); +- column_range affected_columns = get_affected_range (hint, CU_DISPLAY_COLS); +- column_range printed_columns = get_printed_columns (hint); ++ column_range affected_bytes = get_affected_range (m_context, hint, CU_BYTES); ++ column_range affected_columns = get_affected_range (m_context, hint, ++ CU_DISPLAY_COLS); ++ column_range printed_columns = get_printed_columns (m_context, hint); + + /* Potentially consolidate. */ + if (!m_corrections.is_empty ()) +@@ -2243,7 +2279,8 @@ line_corrections::add_hint (const fixit_ + affected_columns, + printed_columns, + hint->get_string (), +- hint->get_length ())); ++ hint->get_length (), ++ m_context->tabstop)); + } + + /* If there are any fixit hints on source line ROW, print them. +@@ -2257,7 +2294,7 @@ layout::print_trailing_fixits (linenum_t + { + /* Build a list of correction instances for the line, + potentially consolidating hints (for the sake of readability). */ +- line_corrections corrections (m_exploc.file, row); ++ line_corrections corrections (m_context, m_exploc.file, row); + for (unsigned int i = 0; i < m_fixit_hints.length (); i++) + { + const fixit_hint *hint = m_fixit_hints[i]; +@@ -2499,15 +2536,11 @@ layout::print_line (linenum_type row) + if (!line) + return; + +- line_bounds lbounds; + print_leading_fixits (row); +- print_source_line (row, line.get_buffer (), line.length (), &lbounds); ++ const line_bounds lbounds ++ = print_source_line (row, line.get_buffer (), line.length ()); + if (should_print_annotation_line_p (row)) +- { +- if (lbounds.m_first_non_ws != INT_MAX) +- lbounds.convert_to_display_cols (line); +- print_annotation_line (row, lbounds); +- } ++ print_annotation_line (row, lbounds); + if (m_show_labels_p) + print_any_labels (row); + print_trailing_fixits (row); +@@ -2670,9 +2703,11 @@ test_layout_x_offset_display_utf8 (const + + char_span lspan = location_get_source_line (tmp.get_filename (), 1); + ASSERT_EQ (line_display_cols, +- cpp_display_width (lspan.get_buffer (), lspan.length ())); ++ cpp_display_width (lspan.get_buffer (), lspan.length (), ++ def_tabstop)); + ASSERT_EQ (line_display_cols, +- location_compute_display_column (expand_location (line_end))); ++ location_compute_display_column (expand_location (line_end), ++ def_tabstop)); + ASSERT_EQ (0, memcmp (lspan.get_buffer () + (emoji_col - 1), + "\xf0\x9f\x98\x82\xf0\x9f\x98\x82", 8)); + +@@ -2774,6 +2809,111 @@ test_layout_x_offset_display_utf8 (const + + } + ++static void ++test_layout_x_offset_display_tab (const line_table_case &case_) ++{ ++ const char *content ++ = "This line is very long, so that we can use it to test the logic for " ++ "clipping long lines. Also this: `\t' is a tab that occupies 1 byte and " ++ "a variable number of display columns, starting at column #103.\n"; ++ ++ /* Number of bytes in the line, subtracting one to remove the newline. */ ++ const int line_bytes = strlen (content) - 1; ++ ++ /* The column where the tab begins. Byte or display is the same as there are ++ no multibyte characters earlier on the line. */ ++ const int tab_col = 103; ++ ++ /* Effective extra size of the tab beyond what a single space would have taken ++ up, indexed by tabstop. */ ++ static const int num_tabstops = 11; ++ int extra_width[num_tabstops]; ++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) ++ { ++ const int this_tab_size = tabstop - (tab_col - 1) % tabstop; ++ extra_width[tabstop] = this_tab_size - 1; ++ } ++ /* Example of this calculation: if tabstop is 10, the tab starting at column ++ #103 has to expand into 8 spaces, covering columns 103-110, so that the ++ next character is at column #111. So it takes up 7 more columns than ++ a space would have taken up. */ ++ ASSERT_EQ (7, extra_width[10]); ++ ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content); ++ line_table_test ltt (case_); ++ ++ linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 1); ++ ++ location_t line_end = linemap_position_for_column (line_table, line_bytes); ++ ++ /* Don't attempt to run the tests if column data might be unavailable. */ ++ if (line_end > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Check that cpp_display_width handles the tabs as expected. */ ++ char_span lspan = location_get_source_line (tmp.get_filename (), 1); ++ ASSERT_EQ ('\t', *(lspan.get_buffer () + (tab_col - 1))); ++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) ++ { ++ ASSERT_EQ (line_bytes + extra_width[tabstop], ++ cpp_display_width (lspan.get_buffer (), lspan.length (), ++ tabstop)); ++ ASSERT_EQ (line_bytes + extra_width[tabstop], ++ location_compute_display_column (expand_location (line_end), ++ tabstop)); ++ } ++ ++ /* Check that the tab is expanded to the expected number of spaces. */ ++ rich_location richloc (line_table, ++ linemap_position_for_column (line_table, ++ tab_col + 1)); ++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) ++ { ++ test_diagnostic_context dc; ++ dc.tabstop = tabstop; ++ layout test_layout (&dc, &richloc, DK_ERROR); ++ test_layout.print_line (1); ++ const char *out = pp_formatted_text (dc.printer); ++ ASSERT_EQ (NULL, strchr (out, '\t')); ++ const char *left_quote = strchr (out, '`'); ++ const char *right_quote = strchr (out, '\''); ++ ASSERT_NE (NULL, left_quote); ++ ASSERT_NE (NULL, right_quote); ++ ASSERT_EQ (right_quote - left_quote, extra_width[tabstop] + 2); ++ } ++ ++ /* Check that the line is offset properly and that the tab is broken up ++ into the expected number of spaces when it is the last character skipped ++ over. */ ++ for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) ++ { ++ test_diagnostic_context dc; ++ dc.tabstop = tabstop; ++ static const int small_width = 24; ++ dc.caret_max_width = small_width - 4; ++ dc.min_margin_width = test_left_margin - test_linenum_sep + 1; ++ dc.show_line_numbers_p = true; ++ layout test_layout (&dc, &richloc, DK_ERROR); ++ test_layout.print_line (1); ++ ++ /* We have arranged things so that two columns will be printed before ++ the caret. If the tab results in more than one space, this should ++ produce two spaces in the output; otherwise, it will be a single space ++ preceded by the opening quote before the tab character. */ ++ const char *output1 ++ = " 1 | ' is a tab that occupies 1 byte and a variable number of " ++ "display columns, starting at column #103.\n" ++ " | ^\n\n"; ++ const char *output2 ++ = " 1 | ` ' is a tab that occupies 1 byte and a variable number of " ++ "display columns, starting at column #103.\n" ++ " | ^\n\n"; ++ const char *expected_output = (extra_width[tabstop] ? output1 : output2); ++ ASSERT_STREQ (expected_output, pp_formatted_text (dc.printer)); ++ } ++} ++ ++ + /* Verify that diagnostic_show_locus works sanely on UNKNOWN_LOCATION. */ + + static void +@@ -3854,6 +3994,27 @@ test_one_liner_labels_utf8 () + } + } + ++/* Make sure that colorization codes don't interrupt a multibyte ++ sequence, which would corrupt it. */ ++static void ++test_one_liner_colorized_utf8 () ++{ ++ test_diagnostic_context dc; ++ dc.colorize_source_p = true; ++ diagnostic_color_init (&dc, DIAGNOSTICS_COLOR_YES); ++ const location_t pi = linemap_position_for_column (line_table, 12); ++ rich_location richloc (line_table, pi); ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ++ /* In order to avoid having the test depend on exactly how the colorization ++ was effected, just confirm there are two pi characters in the output. */ ++ const char *result = pp_formatted_text (dc.printer); ++ const char *null_term = result + strlen (result); ++ const char *first_pi = strstr (result, "\xcf\x80"); ++ ASSERT_TRUE (first_pi && first_pi <= null_term - 2); ++ ASSERT_STR_CONTAINS (first_pi + 2, "\xcf\x80"); ++} ++ + /* Run the various one-liner tests. */ + + static void +@@ -3884,8 +4045,10 @@ test_diagnostic_show_locus_one_liner_utf + ASSERT_EQ (31, LOCATION_COLUMN (line_end)); + + char_span lspan = location_get_source_line (tmp.get_filename (), 1); +- ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length ())); +- ASSERT_EQ (25, location_compute_display_column (expand_location (line_end))); ++ ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length (), ++ def_tabstop)); ++ ASSERT_EQ (25, location_compute_display_column (expand_location (line_end), ++ def_tabstop)); + + test_one_liner_simple_caret_utf8 (); + test_one_liner_caret_and_range_utf8 (); +@@ -3900,6 +4063,7 @@ test_diagnostic_show_locus_one_liner_utf + test_one_liner_many_fixits_1_utf8 (); + test_one_liner_many_fixits_2_utf8 (); + test_one_liner_labels_utf8 (); ++ test_one_liner_colorized_utf8 (); + } + + /* Verify that gcc_rich_location::add_location_if_nearby works. */ +@@ -4272,25 +4436,28 @@ test_overlapped_fixit_printing (const li + /* Unit-test the line_corrections machinery. */ + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); +- ASSERT_EQ (column_range (12, 12), get_affected_range (hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (hint_0)); ++ get_affected_range (&dc, hint_0, CU_BYTES)); ++ ASSERT_EQ (column_range (12, 12), ++ get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); +- ASSERT_EQ (column_range (18, 18), get_affected_range (hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (hint_1)); ++ get_affected_range (&dc, hint_1, CU_BYTES)); ++ ASSERT_EQ (column_range (18, 18), ++ get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); +- ASSERT_EQ (column_range (29, 28), get_affected_range (hint_2, CU_BYTES)); + ASSERT_EQ (column_range (29, 28), +- get_affected_range (hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (29, 29), get_printed_columns (hint_2)); ++ get_affected_range (&dc, hint_2, CU_BYTES)); ++ ASSERT_EQ (column_range (29, 28), ++ get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (29, 29), get_printed_columns (&dc, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (tmp.get_filename (), 1); ++ line_corrections lc (&dc, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4484,25 +4651,28 @@ test_overlapped_fixit_printing_utf8 (con + /* Unit-test the line_corrections machinery. */ + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); +- ASSERT_EQ (column_range (14, 14), get_affected_range (hint_0, CU_BYTES)); ++ ASSERT_EQ (column_range (14, 14), ++ get_affected_range (&dc, hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (hint_0)); ++ get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); +- ASSERT_EQ (column_range (22, 22), get_affected_range (hint_1, CU_BYTES)); ++ ASSERT_EQ (column_range (22, 22), ++ get_affected_range (&dc, hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (hint_1)); ++ get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); +- ASSERT_EQ (column_range (35, 34), get_affected_range (hint_2, CU_BYTES)); ++ ASSERT_EQ (column_range (35, 34), ++ get_affected_range (&dc, hint_2, CU_BYTES)); + ASSERT_EQ (column_range (30, 29), +- get_affected_range (hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (30, 30), get_printed_columns (hint_2)); ++ get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (30, 30), get_printed_columns (&dc, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (tmp.get_filename (), 1); ++ line_corrections lc (&dc, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4689,6 +4859,8 @@ test_overlapped_fixit_printing_2 (const + + /* Two insertions, in the wrong order. */ + { ++ test_diagnostic_context dc; ++ + rich_location richloc (line_table, col_20); + richloc.add_fixit_insert_before (col_23, "{"); + richloc.add_fixit_insert_before (col_21, "}"); +@@ -4696,14 +4868,15 @@ test_overlapped_fixit_printing_2 (const + /* These fixits should be accepted; they can't be consolidated. */ + ASSERT_EQ (2, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); +- ASSERT_EQ (column_range (23, 22), get_affected_range (hint_0, CU_BYTES)); +- ASSERT_EQ (column_range (23, 23), get_printed_columns (hint_0)); ++ ASSERT_EQ (column_range (23, 22), ++ get_affected_range (&dc, hint_0, CU_BYTES)); ++ ASSERT_EQ (column_range (23, 23), get_printed_columns (&dc, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); +- ASSERT_EQ (column_range (21, 20), get_affected_range (hint_1, CU_BYTES)); +- ASSERT_EQ (column_range (21, 21), get_printed_columns (hint_1)); ++ ASSERT_EQ (column_range (21, 20), ++ get_affected_range (&dc, hint_1, CU_BYTES)); ++ ASSERT_EQ (column_range (21, 21), get_printed_columns (&dc, hint_1)); + + /* Verify that they're printed correctly. */ +- test_diagnostic_context dc; + diagnostic_show_locus (&dc, &richloc, DK_ERROR); + ASSERT_STREQ (" int a5[][0][0] = { 1, 2 };\n" + " ^\n" +@@ -4955,6 +5128,65 @@ test_fixit_deletion_affecting_newline (c + pp_formatted_text (dc.printer)); + } + ++static void ++test_tab_expansion (const line_table_case &case_) ++{ ++ /* Create a tempfile and write some text to it. This example uses a tabstop ++ of 8, as the column numbers attempt to indicate: ++ ++ .....................000.01111111111.22222333333 display ++ .....................123.90123456789.56789012345 columns */ ++ const char *content = " \t This: `\t' is a tab.\n"; ++ /* ....................000 00000011111 11111222222 byte ++ ....................123 45678901234 56789012345 columns */ ++ ++ const int tabstop = 8; ++ const int first_non_ws_byte_col = 7; ++ const int right_quote_byte_col = 15; ++ const int last_byte_col = 25; ++ ASSERT_EQ (35, cpp_display_width (content, last_byte_col, tabstop)); ++ ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content); ++ line_table_test ltt (case_); ++ linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 1); ++ ++ /* Don't attempt to run the tests if column data might be unavailable. */ ++ location_t line_end = linemap_position_for_column (line_table, last_byte_col); ++ if (line_end > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Check that the leading whitespace with mixed tabs and spaces is expanded ++ into 11 spaces. Recall that print_line() also puts one space before ++ everything too. */ ++ { ++ test_diagnostic_context dc; ++ dc.tabstop = tabstop; ++ rich_location richloc (line_table, ++ linemap_position_for_column (line_table, ++ first_non_ws_byte_col)); ++ layout test_layout (&dc, &richloc, DK_ERROR); ++ test_layout.print_line (1); ++ ASSERT_STREQ (" This: ` ' is a tab.\n" ++ " ^\n", ++ pp_formatted_text (dc.printer)); ++ } ++ ++ /* Confirm the display width was tracked correctly across the internal tab ++ as well. */ ++ { ++ test_diagnostic_context dc; ++ dc.tabstop = tabstop; ++ rich_location richloc (line_table, ++ linemap_position_for_column (line_table, ++ right_quote_byte_col)); ++ layout test_layout (&dc, &richloc, DK_ERROR); ++ test_layout.print_line (1); ++ ASSERT_STREQ (" This: ` ' is a tab.\n" ++ " ^\n", ++ pp_formatted_text (dc.printer)); ++ } ++} ++ + /* Verify that line numbers are correctly printed for the case of + a multiline range in which the width of the line numbers changes + (e.g. from "9" to "10"). */ +@@ -5012,6 +5244,7 @@ diagnostic_show_locus_c_tests () + test_layout_range_for_multiple_lines (); + + for_each_line_table_case (test_layout_x_offset_display_utf8); ++ for_each_line_table_case (test_layout_x_offset_display_tab); + + test_get_line_bytes_without_trailing_whitespace (); + +@@ -5029,6 +5262,7 @@ diagnostic_show_locus_c_tests () + for_each_line_table_case (test_fixit_insert_containing_newline_2); + for_each_line_table_case (test_fixit_replace_containing_newline); + for_each_line_table_case (test_fixit_deletion_affecting_newline); ++ for_each_line_table_case (test_tab_expansion); + + test_line_numbers_multiline_range (); + } +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-12-24 20:23:46.876739587 -0800 ++++ b/gcc/doc/invoke.texi 2021-12-25 01:20:53.487636494 -0800 +@@ -293,7 +293,9 @@ Objective-C and Objective-C++ Dialects}. + -fdiagnostics-show-template-tree -fno-elide-type @gol + -fdiagnostics-path-format=@r{[}none@r{|}separate-events@r{|}inline-events@r{]} @gol + -fdiagnostics-show-path-depths @gol +--fno-show-column} ++-fno-show-column @gol ++-fdiagnostics-column-unit=@r{[}display@r{|}byte@r{]} @gol ++-fdiagnostics-column-origin=@var{origin}} + + @item Warning Options + @xref{Warning Options,,Options to Request or Suppress Warnings}. +@@ -4424,6 +4426,31 @@ Do not print column numbers in diagnosti + diagnostics are being scanned by a program that does not understand the + column numbers, such as @command{dejagnu}. + ++@item -fdiagnostics-column-unit=@var{UNIT} ++@opindex fdiagnostics-column-unit ++Select the units for the column number. This affects traditional diagnostics ++(in the absence of @option{-fno-show-column}), as well as JSON format ++diagnostics if requested. ++ ++The default @var{UNIT}, @samp{display}, considers the number of display ++columns occupied by each character. This may be larger than the number ++of bytes required to encode the character, in the case of tab ++characters, or it may be smaller, in the case of multibyte characters. ++For example, the character ``GREEK SMALL LETTER PI (U+03C0)'' occupies one ++display column, and its UTF-8 encoding requires two bytes; the character ++``SLIGHTLY SMILING FACE (U+1F642)'' occupies two display columns, and ++its UTF-8 encoding requires four bytes. ++ ++Setting @var{UNIT} to @samp{byte} changes the column number to the raw byte ++count in all cases, as was traditionally output by GCC prior to version 11.1.0. ++ ++@item -fdiagnostics-column-origin=@var{ORIGIN} ++@opindex fdiagnostics-column-origin ++Select the origin for column numbers, i.e. the column number assigned to the ++first column. The default value of 1 corresponds to traditional GCC ++behavior and to the GNU style guide. Some utilities may perform better with an ++origin of 0; any non-negative value may be specified. ++ + @item -fdiagnostics-format=@var{FORMAT} + @opindex fdiagnostics-format + Select a different format for printing diagnostics. +@@ -4459,11 +4486,15 @@ might be printed in JSON form (after for + "locations": [ + @{ + "caret": @{ ++ "display-column": 3, ++ "byte-column": 3, + "column": 3, + "file": "misleading-indentation.c", + "line": 15 + @}, + "finish": @{ ++ "display-column": 4, ++ "byte-column": 4, + "column": 4, + "file": "misleading-indentation.c", + "line": 15 +@@ -4479,6 +4510,8 @@ might be printed in JSON form (after for + "locations": [ + @{ + "caret": @{ ++ "display-column": 5, ++ "byte-column": 5, + "column": 5, + "file": "misleading-indentation.c", + "line": 17 +@@ -4488,6 +4521,7 @@ might be printed in JSON form (after for + "message": "...this statement, but the latter is @dots{}" + @} + ] ++ "column-origin": 1, + @}, + @dots{} + ] +@@ -4500,10 +4534,34 @@ A diagnostic has a @code{kind}. If this + an @code{option} key describing the command-line option controlling the + warning. + +-A diagnostic can contain zero or more locations. Each location has up +-to three positions within it: a @code{caret} position and optional +-@code{start} and @code{finish} positions. A location can also have +-an optional @code{label} string. For example, this error: ++A diagnostic can contain zero or more locations. Each location has an ++optional @code{label} string and up to three positions within it: a ++@code{caret} position and optional @code{start} and @code{finish} positions. ++A position is described by a @code{file} name, a @code{line} number, and ++three numbers indicating a column position: ++@itemize @bullet ++ ++@item ++@code{display-column} counts display columns, accounting for tabs and ++multibyte characters. ++ ++@item ++@code{byte-column} counts raw bytes. ++ ++@item ++@code{column} is equal to one of ++the previous two, as dictated by the @option{-fdiagnostics-column-unit} ++option. ++ ++@end itemize ++All three columns are relative to the origin specified by ++@option{-fdiagnostics-column-origin}, which is typically equal to 1 but may ++be set, for instance, to 0 for compatibility with other utilities that ++number columns from 0. The column origin is recorded in the JSON output in ++the @code{column-origin} tag. In the remaining examples below, the extra ++column number outputs have been omitted for brevity. ++ ++For example, this error: + + @smallexample + bad-binary-ops.c:64:23: error: invalid operands to binary + (have 'S' @{aka +diff --git a/gcc/input.c b/gcc/input.c +--- a/gcc/input.c 2020-07-22 23:35:17.664388078 -0700 ++++ b/gcc/input.c 2021-12-25 01:20:53.487636494 -0800 +@@ -913,7 +913,7 @@ make_location (location_t caret, source_ + source line in order to calculate the display width. If that cannot be done + for any reason, then returns the byte column as a fallback. */ + int +-location_compute_display_column (expanded_location exploc) ++location_compute_display_column (expanded_location exploc, int tabstop) + { + if (!(exploc.file && *exploc.file && exploc.line && exploc.column)) + return exploc.column; +@@ -921,7 +921,7 @@ location_compute_display_column (expande + /* If line is NULL, this function returns exploc.column which is the + desired fallback. */ + return cpp_byte_column_to_display_column (line.get_buffer (), line.length (), +- exploc.column); ++ exploc.column, tabstop); + } + + /* Dump statistics to stderr about the memory usage of the line_table +@@ -3608,33 +3608,46 @@ test_line_offset_overflow () + + void test_cpp_utf8 () + { ++ const int def_tabstop = 8; + /* Verify that wcwidth of invalid UTF-8 or control bytes is 1. */ + { +- int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8); ++ int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, def_tabstop); + ASSERT_EQ (8, w_bad); +- int w_ctrl = cpp_display_width ("\r\t\n\v\0\1", 6); +- ASSERT_EQ (6, w_ctrl); ++ int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, def_tabstop); ++ ASSERT_EQ (5, w_ctrl); + } + + /* Verify that wcwidth of valid UTF-8 is as expected. */ + { +- const int w_pi = cpp_display_width ("\xcf\x80", 2); ++ const int w_pi = cpp_display_width ("\xcf\x80", 2, def_tabstop); + ASSERT_EQ (1, w_pi); +- const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4); ++ const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, def_tabstop); + ASSERT_EQ (2, w_emoji); +- const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2); ++ const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2, ++ def_tabstop); + ASSERT_EQ (1, w_umlaut_precomposed); +- const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3); ++ const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3, ++ def_tabstop); + ASSERT_EQ (1, w_umlaut_combining); +- const int w_han = cpp_display_width ("\xe4\xb8\xba", 3); ++ const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, def_tabstop); + ASSERT_EQ (2, w_han); +- const int w_ascii = cpp_display_width ("GCC", 3); ++ const int w_ascii = cpp_display_width ("GCC", 3, def_tabstop); + ASSERT_EQ (3, w_ascii); + const int w_mixed = cpp_display_width ("\xcf\x80 = 3.14 \xf0\x9f\x98\x82" +- "\x9f! \xe4\xb8\xba y\xcc\x88", 24); ++ "\x9f! \xe4\xb8\xba y\xcc\x88", ++ 24, def_tabstop); + ASSERT_EQ (18, w_mixed); + } + ++ /* Verify that display width properly expands tabs. */ ++ { ++ const char *tstr = "\tabc\td"; ++ ASSERT_EQ (6, cpp_display_width (tstr, 6, 1)); ++ ASSERT_EQ (10, cpp_display_width (tstr, 6, 3)); ++ ASSERT_EQ (17, cpp_display_width (tstr, 6, 8)); ++ ASSERT_EQ (1, cpp_display_column_to_byte_column (tstr, 6, 7, 8)); ++ } ++ + /* Verify that cpp_byte_column_to_display_column can go past the end, + and similar edge cases. */ + { +@@ -3645,10 +3658,13 @@ void test_cpp_utf8 () + /* 111122223456 + Byte columns. */ + +- ASSERT_EQ (5, cpp_display_width (str, 6)); +- ASSERT_EQ (105, cpp_byte_column_to_display_column (str, 6, 106)); +- ASSERT_EQ (10000, cpp_byte_column_to_display_column (NULL, 0, 10000)); +- ASSERT_EQ (0, cpp_byte_column_to_display_column (NULL, 10000, 0)); ++ ASSERT_EQ (5, cpp_display_width (str, 6, def_tabstop)); ++ ASSERT_EQ (105, ++ cpp_byte_column_to_display_column (str, 6, 106, def_tabstop)); ++ ASSERT_EQ (10000, ++ cpp_byte_column_to_display_column (NULL, 0, 10000, def_tabstop)); ++ ASSERT_EQ (0, ++ cpp_byte_column_to_display_column (NULL, 10000, 0, def_tabstop)); + } + + /* Verify that cpp_display_column_to_byte_column can go past the end, +@@ -3662,21 +3678,25 @@ void test_cpp_utf8 () + /* 000000000000000000000000000000000111111 + 111122223333444456666777788889999012345 + Byte columns. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2)); +- ASSERT_EQ (15, cpp_display_column_to_byte_column (str, 15, 11)); +- ASSERT_EQ (115, cpp_display_column_to_byte_column (str, 15, 111)); +- ASSERT_EQ (10000, cpp_display_column_to_byte_column (NULL, 0, 10000)); +- ASSERT_EQ (0, cpp_display_column_to_byte_column (NULL, 10000, 0)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, def_tabstop)); ++ ASSERT_EQ (15, ++ cpp_display_column_to_byte_column (str, 15, 11, def_tabstop)); ++ ASSERT_EQ (115, ++ cpp_display_column_to_byte_column (str, 15, 111, def_tabstop)); ++ ASSERT_EQ (10000, ++ cpp_display_column_to_byte_column (NULL, 0, 10000, def_tabstop)); ++ ASSERT_EQ (0, ++ cpp_display_column_to_byte_column (NULL, 10000, 0, def_tabstop)); + + /* Verify that we do not interrupt a UTF-8 sequence. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, def_tabstop)); + + for (int byte_col = 1; byte_col <= 15; ++byte_col) + { +- const int disp_col = cpp_byte_column_to_display_column (str, 15, +- byte_col); +- const int byte_col2 = cpp_display_column_to_byte_column (str, 15, +- disp_col); ++ const int disp_col ++ = cpp_byte_column_to_display_column (str, 15, byte_col, def_tabstop); ++ const int byte_col2 ++ = cpp_display_column_to_byte_column (str, 15, disp_col, def_tabstop); + + /* If we ask for the display column in the middle of a UTF-8 + sequence, it will return the length of the partial sequence, +diff --git a/gcc/input.h b/gcc/input.h +--- a/gcc/input.h 2020-07-22 23:35:17.664388078 -0700 ++++ b/gcc/input.h 2021-12-25 01:20:53.487636494 -0800 +@@ -38,7 +38,9 @@ STATIC_ASSERT (BUILTINS_LOCATION < RESER + + extern bool is_location_from_builtin_token (location_t); + extern expanded_location expand_location (location_t); +-extern int location_compute_display_column (expanded_location); ++ ++extern int location_compute_display_column (expanded_location exploc, ++ int tabstop); + + /* A class capturing the bounds of a buffer, to allow for run-time + bounds-checking in a checked build. */ +diff --git a/gcc/opts.c b/gcc/opts.c +--- a/gcc/opts.c 2020-07-22 23:35:17.708388562 -0700 ++++ b/gcc/opts.c 2021-12-25 01:20:53.487636494 -0800 +@@ -2439,6 +2439,14 @@ common_handle_option (struct gcc_options + dc->parseable_fixits_p = value; + break; + ++ case OPT_fdiagnostics_column_unit_: ++ dc->column_unit = (enum diagnostics_column_unit)value; ++ break; ++ ++ case OPT_fdiagnostics_column_origin_: ++ dc->column_origin = value; ++ break; ++ + case OPT_fdiagnostics_show_cwe: + dc->show_cwe = value; + break; +@@ -2825,6 +2833,12 @@ common_handle_option (struct gcc_options + check_alignment_argument (loc, arg, "functions"); + break; + ++ case OPT_ftabstop_: ++ /* It is documented that we silently ignore silly values. */ ++ if (value >= 1 && value <= 100) ++ dc->tabstop = value; ++ break; ++ + default: + /* If the flag was handled in a standard way, assume the lack of + processing here is intentional. */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2020-07-22 23:35:17.908390765 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:20:53.487636494 -0800 +@@ -8,17 +8,22 @@ + We can't rely on any ordering of the keys. */ + + /* { dg-regexp "\"kind\": \"error\"" } */ ++/* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"#error message\"" } */ + + /* { dg-regexp "\"caret\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 2" } */ ++/* { dg-regexp "\"display-column\": 2" } */ ++/* { dg-regexp "\"byte-column\": 2" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 6" } */ ++/* { dg-regexp "\"display-column\": 6" } */ ++/* { dg-regexp "\"byte-column\": 6" } */ + + /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */ + /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2020-07-22 23:35:17.908390765 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:20:53.487636494 -0800 +@@ -8,6 +8,7 @@ + We can't rely on any ordering of the keys. */ + + /* { dg-regexp "\"kind\": \"warning\"" } */ ++/* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Wcpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +@@ -16,11 +17,15 @@ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 2" } */ ++/* { dg-regexp "\"display-column\": 2" } */ ++/* { dg-regexp "\"byte-column\": 2" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 8" } */ ++/* { dg-regexp "\"display-column\": 8" } */ ++/* { dg-regexp "\"byte-column\": 8" } */ + + /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */ + /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2020-07-22 23:35:17.908390765 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:20:53.487636494 -0800 +@@ -8,6 +8,7 @@ + We can't rely on any ordering of the keys. */ + + /* { dg-regexp "\"kind\": \"error\"" } */ ++/* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Werror=cpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +@@ -16,11 +17,15 @@ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 2" } */ ++/* { dg-regexp "\"display-column\": 2" } */ ++/* { dg-regexp "\"byte-column\": 2" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.c\"" } */ + /* { dg-regexp "\"line\": 4" } */ + /* { dg-regexp "\"column\": 8" } */ ++/* { dg-regexp "\"display-column\": 8" } */ ++/* { dg-regexp "\"byte-column\": 8" } */ + + /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */ + /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2020-07-22 23:35:17.908390765 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:20:53.487636494 -0800 +@@ -24,15 +24,20 @@ int test (void) + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 5" } */ ++/* { dg-regexp "\"display-column\": 5" } */ ++/* { dg-regexp "\"byte-column\": 5" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 10" } */ ++/* { dg-regexp "\"display-column\": 10" } */ ++/* { dg-regexp "\"byte-column\": 10" } */ + + /* The outer diagnostic. */ + + /* { dg-regexp "\"kind\": \"warning\"" } */ ++/* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"this 'if' clause does not guard...\"" } */ + /* { dg-regexp "\"option\": \"-Wmisleading-indentation\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wmisleading-indentation\"" } */ +@@ -41,11 +46,15 @@ int test (void) + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ + /* { dg-regexp "\"line\": 6" } */ + /* { dg-regexp "\"column\": 3" } */ ++/* { dg-regexp "\"display-column\": 3" } */ ++/* { dg-regexp "\"byte-column\": 3" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ + /* { dg-regexp "\"line\": 6" } */ + /* { dg-regexp "\"column\": 4" } */ ++/* { dg-regexp "\"display-column\": 4" } */ ++/* { dg-regexp "\"byte-column\": 4" } */ + + /* More from the nested diagnostic (we can't guarantee what order the + "file" keys are consumed). */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2020-07-22 23:35:17.908390765 -0700 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:20:53.487636494 -0800 +@@ -13,6 +13,7 @@ int test (struct s *ptr) + We can't rely on any ordering of the keys. */ + + /* { dg-regexp "\"kind\": \"error\"" } */ ++/* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \".*\"" } */ + + /* Verify fix-it hints. */ +@@ -23,11 +24,15 @@ int test (struct s *ptr) + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 15" } */ ++/* { dg-regexp "\"display-column\": 15" } */ ++/* { dg-regexp "\"byte-column\": 15" } */ + + /* { dg-regexp "\"next\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 21" } */ ++/* { dg-regexp "\"display-column\": 21" } */ ++/* { dg-regexp "\"byte-column\": 21" } */ + + /* { dg-regexp "\"fixits\": \[\[\{\}, \]*\]" } */ + +@@ -35,11 +40,15 @@ int test (struct s *ptr) + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 15" } */ ++/* { dg-regexp "\"display-column\": 15" } */ ++/* { dg-regexp "\"byte-column\": 15" } */ + + /* { dg-regexp "\"finish\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-5.c\"" } */ + /* { dg-regexp "\"line\": 8" } */ + /* { dg-regexp "\"column\": 20" } */ ++/* { dg-regexp "\"display-column\": 20" } */ ++/* { dg-regexp "\"byte-column\": 20" } */ + + /* { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } */ + /* { dg-regexp "\"children\": \[\[\]\[\]\]" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-1.c b/gcc/testsuite/c-c++-common/diagnostic-units-1.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-1.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-1.c 2021-12-25 01:20:53.487636494 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -Wmultichar" } */ ++ ++/* column units: bytes (via arg) ++ column origin: 1 (via default) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "19: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-2.c b/gcc/testsuite/c-c++-common/diagnostic-units-2.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-2.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-2.c 2021-12-25 01:20:53.487636494 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=display -fshow-column -fdiagnostics-show-caret -Wmultichar" } */ ++ ++/* column units: display (via arg) ++ column origin: 1 (via default) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "18: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "25: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-3.c b/gcc/testsuite/c-c++-common/diagnostic-units-3.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-3.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-3.c 2021-12-25 01:20:53.487636494 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -ftabstop=200 -Wmultichar" } */ ++ ++/* column units: bytes (via arg) ++ column origin: 1 (via fallback from overly large argument) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "18: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "19: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-4.c b/gcc/testsuite/c-c++-common/diagnostic-units-4.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-4.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-4.c 2021-12-25 01:20:53.487636494 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=0 -Wmultichar" } */ ++ ++/* column units: bytes (via arg) ++ column origin: 0 (via arg) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "10: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "17: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "18: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-5.c b/gcc/testsuite/c-c++-common/diagnostic-units-5.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-5.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-5.c 2021-12-25 01:20:53.491636427 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=display -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=0 -Wmultichar" } */ ++ ++/* column units: display (via arg) ++ column origin: 0 (via arg) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "17: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "17: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "24: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-6.c b/gcc/testsuite/c-c++-common/diagnostic-units-6.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-6.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-6.c 2021-12-25 01:20:53.491636427 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -fdiagnostics-column-origin=100 -Wmultichar" } */ ++ ++/* column units: bytes (via arg) ++ column origin: 100 (via arg) ++ tabstop: 8 (via default) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "110: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "117: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "118: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-7.c b/gcc/testsuite/c-c++-common/diagnostic-units-7.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-7.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-7.c 2021-12-25 01:20:53.491636427 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fdiagnostics-column-unit=byte -fshow-column -fdiagnostics-show-caret -ftabstop=9 -Wmultichar" } */ ++ ++/* column units: bytes (via arg) ++ column origin: 1 (via default) ++ tabstop: 9 (via arg) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "11: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "19: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "20: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-units-8.c b/gcc/testsuite/c-c++-common/diagnostic-units-8.c +--- a/gcc/testsuite/c-c++-common/diagnostic-units-8.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-units-8.c 2021-12-25 01:20:53.491636427 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-additional-options "-fshow-column -fdiagnostics-show-caret -ftabstop=9 -Wmultichar" } */ ++ ++/* column units: display (via default) ++ column origin: 1 (via default) ++ tabstop: 9 (via arg) */ ++ ++/* This line starts with a tab. */ ++ int c1 = 'c1'; /* { dg-warning "19: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c1 = 'c1'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces. */ ++ int c2 = 'c2'; /* { dg-warning "19: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c2 = 'c2'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ ++ ++/* This line starts with <tabstop> spaces and has an internal tab after ++ a space. */ ++ int c3 = 'c3'; /* { dg-warning "28: multi-character character constant" } */ ++/* { dg-begin-multiline-output "" } ++ int c3 = 'c3'; ++ ^~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/c-c++-common/missing-close-symbol.c b/gcc/testsuite/c-c++-common/missing-close-symbol.c +--- a/gcc/testsuite/c-c++-common/missing-close-symbol.c 2020-07-22 23:35:17.912390810 -0700 ++++ b/gcc/testsuite/c-c++-common/missing-close-symbol.c 2021-12-25 01:20:53.491636427 -0800 +@@ -24,9 +24,9 @@ void test_static_assert_different_line ( + _Static_assert(sizeof(int) >= sizeof(char), /* { dg-message "to match this '\\('" } */ + "msg"; /* { dg-error "expected '\\)' before ';' token" } */ + /* { dg-begin-multiline-output "" } +- "msg"; +- ^ +- ) ++ "msg"; ++ ^ ++ ) + { dg-end-multiline-output "" } */ + /* { dg-begin-multiline-output "" } + _Static_assert(sizeof(int) >= sizeof(char), +diff --git a/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c b/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c +--- a/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c 2020-07-22 23:35:17.904390722 -0700 ++++ b/gcc/testsuite/c-c++-common/Wmisleading-indentation-3.c 2021-12-25 01:20:53.487636494 -0800 +@@ -36,20 +36,20 @@ int fn_6 (int a, int b, int c) + /* ... */ + if ((err = foo (a)) != 0) + goto fail; +- if ((err = foo (b)) != 0) /* { dg-message "2: this 'if' clause does not guard..." } */ ++ if ((err = foo (b)) != 0) /* { dg-message "9: this 'if' clause does not guard..." } */ + goto fail; +- goto fail; /* { dg-message "3: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ ++ goto fail; /* { dg-message "17: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ + if ((err = foo (c)) != 0) + goto fail; + /* ... */ + + /* { dg-begin-multiline-output "" } +- if ((err = foo (b)) != 0) +- ^~ ++ if ((err = foo (b)) != 0) ++ ^~ + { dg-end-multiline-output "" } */ + /* { dg-begin-multiline-output "" } +- goto fail; +- ^~~~ ++ goto fail; ++ ^~~~ + { dg-end-multiline-output "" } */ + + fail: +diff --git a/gcc/testsuite/c-c++-common/Wmisleading-indentation.c b/gcc/testsuite/c-c++-common/Wmisleading-indentation.c +--- a/gcc/testsuite/c-c++-common/Wmisleading-indentation.c 2020-07-22 23:35:17.904390722 -0700 ++++ b/gcc/testsuite/c-c++-common/Wmisleading-indentation.c 2021-12-25 01:20:53.487636494 -0800 +@@ -65,9 +65,9 @@ int fn_6 (int a, int b, int c) + /* ... */ + if ((err = foo (a)) != 0) + goto fail; +- if ((err = foo (b)) != 0) /* { dg-message "2: this 'if' clause does not guard..." } */ ++ if ((err = foo (b)) != 0) /* { dg-message "9: this 'if' clause does not guard..." } */ + goto fail; +- goto fail; /* { dg-message "3: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ ++ goto fail; /* { dg-message "17: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ + if ((err = foo (c)) != 0) + goto fail; + /* ... */ +@@ -178,7 +178,7 @@ void fn_16_tabs (void) + while (flagA) + if (flagB) /* { dg-message "7: this 'if' clause does not guard..." } */ + foo (0); +- foo (1);/* { dg-message "2: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ ++ foo (1);/* { dg-message "9: ...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'" } */ + } + + void fn_17_spaces (void) +diff --git a/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c b/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c +--- a/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c 2020-07-22 23:35:18.124393144 -0700 ++++ b/gcc/testsuite/gcc.dg/analyzer/malloc-paths-9.c 2021-12-25 01:20:53.491636427 -0800 +@@ -288,7 +288,7 @@ int test_3 (int x, int y) + | | ~~~~~~~~~~ + | | | + | | (4) ...to here +- | NN | to dereference it above ++ | NN | to dereference it above + | NN | return *ptr; + | | ~~~~ + | | | +diff --git a/gcc/testsuite/gcc.dg/bad-binary-ops.c b/gcc/testsuite/gcc.dg/bad-binary-ops.c +--- a/gcc/testsuite/gcc.dg/bad-binary-ops.c 2020-07-22 23:35:18.128393190 -0700 ++++ b/gcc/testsuite/gcc.dg/bad-binary-ops.c 2021-12-25 01:20:53.491636427 -0800 +@@ -35,10 +35,10 @@ int test_2 (void) + ~~~~~~~~~~~~~~~~ + | + struct s +- + some_other_function ()); +- ^ ~~~~~~~~~~~~~~~~~~~~~~ +- | +- struct t ++ + some_other_function ()); ++ ^ ~~~~~~~~~~~~~~~~~~~~~~ ++ | ++ struct t + { dg-end-multiline-output "" } */ + } + +diff --git a/gcc/testsuite/gcc.dg/format/branch-1.c b/gcc/testsuite/gcc.dg/format/branch-1.c +--- a/gcc/testsuite/gcc.dg/format/branch-1.c 2020-07-22 23:35:18.152393454 -0700 ++++ b/gcc/testsuite/gcc.dg/format/branch-1.c 2021-12-25 01:20:53.491636427 -0800 +@@ -10,7 +10,7 @@ foo (long l, int nfoo) + { + printf ((nfoo > 1) ? "%d foos" : "%d foo", nfoo); + printf ((l > 1) ? "%d foos" /* { dg-warning "23:int" "wrong type in conditional expr" } */ +- : "%d foo", l); /* { dg-warning "16:int" "wrong type in conditional expr" } */ ++ : "%d foo", l); /* { dg-warning "23:int" "wrong type in conditional expr" } */ + printf ((l > 1) ? "%ld foos" : "%d foo", l); /* { dg-warning "36:int" "wrong type in conditional expr" } */ + printf ((l > 1) ? "%d foos" : "%ld foo", l); /* { dg-warning "23:int" "wrong type in conditional expr" } */ + /* Should allow one case to have extra arguments. */ +diff --git a/gcc/testsuite/gcc.dg/format/pr79210.c b/gcc/testsuite/gcc.dg/format/pr79210.c +--- a/gcc/testsuite/gcc.dg/format/pr79210.c 2020-07-22 23:35:18.152393454 -0700 ++++ b/gcc/testsuite/gcc.dg/format/pr79210.c 2021-12-25 01:20:53.491636427 -0800 +@@ -20,4 +20,4 @@ LPFC_VPORT_ATTR_R(peer_port_login, + "Allow peer ports on the same physical port to login to each " + "other."); + +-/* { dg-warning "6: format .%d. expects argument of type .int., but argument 4 has type .unsigned int. " "" { target *-*-* } .-12 } */ ++/* { dg-warning "20: format .%d. expects argument of type .int., but argument 4 has type .unsigned int. " "" { target *-*-* } .-12 } */ +diff --git a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c +--- a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c 2020-07-22 23:35:18.172393674 -0700 ++++ b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-expressions-1.c 2021-12-25 01:20:53.491636427 -0800 +@@ -540,15 +540,15 @@ void test_builtin_types_compatible_p (un + __emit_expression_range (0, + f (i) + __builtin_types_compatible_p (long, int)); /* { dg-warning "range" } */ + /* { dg-begin-multiline-output "" } +- f (i) + __builtin_types_compatible_p (long, int)); +- ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ++ f (i) + __builtin_types_compatible_p (long, int)); ++ ~~~~~~^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + { dg-end-multiline-output "" } */ + + __emit_expression_range (0, + __builtin_types_compatible_p (long, int) + f (i)); /* { dg-warning "range" } */ + /* { dg-begin-multiline-output "" } +- __builtin_types_compatible_p (long, int) + f (i)); +- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ ++ __builtin_types_compatible_p (long, int) + f (i)); ++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~~ + { dg-end-multiline-output "" } */ + } + +@@ -671,8 +671,8 @@ void test_multiple_ordinary_maps (void) + /* { dg-begin-multiline-output "" } + __emit_expression_range (0, foo (0, + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789")); +- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ++ "0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789")); ++ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + { dg-end-multiline-output "" } */ + + /* Another expression that transitions between ordinary maps; this +@@ -685,8 +685,8 @@ void test_multiple_ordinary_maps (void) + /* { dg-begin-multiline-output "" } + __emit_expression_range (0, foo (0, "01234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789", + ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ +- 0)); +- ~~ ++ 0)); ++ ~~ + { dg-end-multiline-output "" } */ + } + +diff --git a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c +--- a/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c 2020-07-22 23:35:18.172393674 -0700 ++++ b/gcc/testsuite/gcc.dg/plugin/diagnostic-test-string-literals-1.c 2021-12-25 01:20:53.491636427 -0800 +@@ -335,11 +335,11 @@ pr87652 (const char *stem, int counter) + /* { dg-error "unable to read substring location: unable to read source line" "" { target c } 329 } */ + /* { dg-error "unable to read substring location: failed to get ordinary maps" "" { target c++ } 329 } */ + /* { dg-begin-multiline-output "" } +- __emit_string_literal_range(__FILE__":%5d: " format, \ ++ __emit_string_literal_range(__FILE__":%5d: " format, \ + ^~~~~~~~ + { dg-end-multiline-output "" { target c } } */ + /* { dg-begin-multiline-output "" } +- __emit_string_literal_range(__FILE__":%5d: " format, \ ++ __emit_string_literal_range(__FILE__":%5d: " format, \ + ^ + { dg-end-multiline-output "" { target c++ } } */ + +diff --git a/gcc/testsuite/gcc.dg/redecl-4.c b/gcc/testsuite/gcc.dg/redecl-4.c +--- a/gcc/testsuite/gcc.dg/redecl-4.c 2020-07-22 23:35:18.192393895 -0700 ++++ b/gcc/testsuite/gcc.dg/redecl-4.c 2021-12-25 01:20:53.491636427 -0800 +@@ -15,7 +15,7 @@ f (void) + /* Should get format warnings even though the built-in declaration + isn't "visible". */ + printf ( +- "%s", 1); /* { dg-warning "8:format" } */ ++ "%s", 1); /* { dg-warning "15:format" } */ + /* The type of strcmp here should have no prototype. */ + if (0) + strcmp (1); +diff --git a/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C b/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C +--- a/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C 2020-07-22 23:35:17.972391472 -0700 ++++ b/gcc/testsuite/g++.dg/diagnostic/bad-binary-ops.C 2021-12-25 01:20:53.491636427 -0800 +@@ -33,10 +33,10 @@ int test_2 (void) + ~~~~~~~~~~~~~~~~ + | + s +- + some_other_function ()); +- ^ ~~~~~~~~~~~~~~~~~~~~~~ +- | +- t ++ + some_other_function ()); ++ ^ ~~~~~~~~~~~~~~~~~~~~~~ ++ | ++ t + { dg-end-multiline-output "" } */ + } + +diff --git a/gcc/testsuite/g++.dg/parse/error4.C b/gcc/testsuite/g++.dg/parse/error4.C +--- a/gcc/testsuite/g++.dg/parse/error4.C 2020-07-22 23:35:18.012391910 -0700 ++++ b/gcc/testsuite/g++.dg/parse/error4.C 2021-12-25 01:20:53.491636427 -0800 +@@ -7,4 +7,4 @@ struct X { + int); + }; + +-// { dg-error "4:'itn' has not been declared" "" { target *-*-* } 6 } ++// { dg-error "18:'itn' has not been declared" "" { target *-*-* } 6 } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2020-07-22 23:35:18.512397420 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:20:53.491636427 -0800 +@@ -8,17 +8,22 @@ + ! We can't rely on any ordering of the keys. + + ! { dg-regexp "\"kind\": \"error\"" } ++! { dg-regexp "\"column-origin\": 1" } + ! { dg-regexp "\"message\": \"#error message\"" } + + ! { dg-regexp "\"caret\": \{" } + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 2" } ++! { dg-regexp "\"display-column\": 2" } ++! { dg-regexp "\"byte-column\": 2" } + + ! { dg-regexp "\"finish\": \{" } + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-1.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 6" } ++! { dg-regexp "\"display-column\": 6" } ++! { dg-regexp "\"byte-column\": 6" } + + ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } + ! { dg-regexp "\"children\": \[\[\]\[\]\]" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2020-07-22 23:35:18.512397420 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:20:53.491636427 -0800 +@@ -8,6 +8,7 @@ + ! We can't rely on any ordering of the keys. + + ! { dg-regexp "\"kind\": \"warning\"" } ++! { dg-regexp "\"column-origin\": 1" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Wcpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +@@ -16,11 +17,15 @@ + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 2" } ++! { dg-regexp "\"display-column\": 2" } ++! { dg-regexp "\"byte-column\": 2" } + + ! { dg-regexp "\"finish\": \{" } + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-2.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 8" } ++! { dg-regexp "\"display-column\": 8" } ++! { dg-regexp "\"byte-column\": 8" } + + ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } + ! { dg-regexp "\"children\": \[\[\]\[\]\]" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2020-07-22 23:35:18.512397420 -0700 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:20:53.491636427 -0800 +@@ -8,6 +8,7 @@ + ! We can't rely on any ordering of the keys. + + ! { dg-regexp "\"kind\": \"error\"" } ++! { dg-regexp "\"column-origin\": 1" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Werror=cpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +@@ -16,11 +17,15 @@ + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 2" } ++! { dg-regexp "\"display-column\": 2" } ++! { dg-regexp "\"byte-column\": 2" } + + ! { dg-regexp "\"finish\": \{" } + ! { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-3.F90\"" } + ! { dg-regexp "\"line\": 4" } + ! { dg-regexp "\"column\": 8" } ++! { dg-regexp "\"display-column\": 8" } ++! { dg-regexp "\"byte-column\": 8" } + + ! { dg-regexp "\"locations\": \[\[\{\}, \]*\]" } + ! { dg-regexp "\"children\": \[\[\]\[\]\]" } +diff --git a/gcc/testsuite/go.dg/arrayclear.go b/gcc/testsuite/go.dg/arrayclear.go +--- a/gcc/testsuite/go.dg/arrayclear.go 2020-07-22 23:35:18.588398257 -0700 ++++ b/gcc/testsuite/go.dg/arrayclear.go 2021-12-25 01:20:53.491636427 -0800 +@@ -1,5 +1,8 @@ + // { dg-do compile } + // { dg-options "-fgo-debug-optimization" } ++// This comment is necessary to work around a dejagnu bug. Otherwise, the ++// column of the second error message would equal the row of the first one, and ++// since the errors are also identical, dejagnu is not able to distinguish them. + + package p + +diff --git a/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C b/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C +--- a/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C 2020-07-22 23:35:18.048392308 -0700 ++++ b/gcc/testsuite/g++.old-deja/g++.brendan/crash11.C 2021-12-25 01:20:53.491636427 -0800 +@@ -9,13 +9,13 @@ class A { + int h; + A() { i=10; j=20; } + virtual void f1() { printf("i=%d j=%d\n",i,j); } +- friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "9:virtual functions cannot be friends" } ++ friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "16:virtual functions cannot be friends" } + }; + + class B : public A { + public: + virtual void f1() { printf("i=%d j=%d\n",i,j); }// { dg-error "" } member.*// ERROR - member.* +- friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "9:virtual functions cannot be friends" } ++ friend virtual void f2() { printf("i=%d j=%d\n",i,j); } // { dg-error "16:virtual functions cannot be friends" } + // { dg-error "private" "" { target *-*-* } .-1 } + }; + +diff --git a/gcc/testsuite/g++.old-deja/g++.pt/overload2.C b/gcc/testsuite/g++.old-deja/g++.pt/overload2.C +--- a/gcc/testsuite/g++.old-deja/g++.pt/overload2.C 2020-07-22 23:35:18.072392572 -0700 ++++ b/gcc/testsuite/g++.old-deja/g++.pt/overload2.C 2021-12-25 01:20:53.491636427 -0800 +@@ -12,5 +12,5 @@ int + main() + { + C<char*> c; +- char* p = Z(c.O); //{ dg-error "13:'Z' was not declared" } ambiguous c.O ++ char* p = Z(c.O); //{ dg-error "29:'Z' was not declared" } ambiguous c.O + } +diff --git a/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C b/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C +--- a/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C 2020-07-22 23:35:18.076392617 -0700 ++++ b/gcc/testsuite/g++.old-deja/g++.robertl/eb109.C 2021-12-25 01:20:53.491636427 -0800 +@@ -48,8 +48,8 @@ ostream& operator<<(ostream& os, Graph<V + + // The compiler does not like this line!!!!!! + typename Graph<VertexType, EdgeType>::Successor::iterator +- startN = G[i].second.begin(), // { dg-error "14:no match" } no index operator +- endN = G[i].second.end(); // { dg-error "14:no match" } no index operator ++ startN = G[i].second.begin(), // { dg-error "21:no match" } no index operator ++ endN = G[i].second.end(); // { dg-error "21:no match" } no index operator + + while(startN != endN) + { +diff --git a/gcc/tree-diagnostic-path.cc b/gcc/tree-diagnostic-path.cc +--- a/gcc/tree-diagnostic-path.cc 2020-07-22 23:35:18.628398698 -0700 ++++ b/gcc/tree-diagnostic-path.cc 2021-12-25 01:20:53.491636427 -0800 +@@ -493,7 +493,7 @@ default_tree_diagnostic_path_printer (di + doesn't have access to trees (for m_fndecl). */ + + json::value * +-default_tree_make_json_for_path (diagnostic_context *, ++default_tree_make_json_for_path (diagnostic_context *context, + const diagnostic_path *path) + { + json::array *path_array = new json::array (); +@@ -504,7 +504,8 @@ default_tree_make_json_for_path (diagnos + json::object *event_obj = new json::object (); + if (event.get_location ()) + event_obj->set ("location", +- json_from_expanded_location (event.get_location ())); ++ json_from_expanded_location (context, ++ event.get_location ())); + label_text event_text (event.get_desc (false)); + event_obj->set ("description", new json::string (event_text.m_buffer)); + event_text.maybe_free (); +diff --git a/libcpp/charset.c b/libcpp/charset.c +--- a/libcpp/charset.c 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/charset.c 2021-12-25 01:20:53.491636427 -0800 +@@ -2276,49 +2276,90 @@ cpp_string_location_reader::get_next () + return result; + } + +-/* Helper for cpp_byte_column_to_display_column and its inverse. Given a +- pointer to a UTF-8-encoded character, compute its display width. *INBUFP +- points on entry to the start of the UTF-8 encoding of the character, and +- is updated to point just after the last byte of the encoding. *INBYTESLEFTP +- contains on entry the remaining size of the buffer into which *INBUFP +- points, and this is also updated accordingly. If *INBUFP does not ++cpp_display_width_computation:: ++cpp_display_width_computation (const char *data, int data_length, int tabstop) : ++ m_begin (data), ++ m_next (m_begin), ++ m_bytes_left (data_length), ++ m_tabstop (tabstop), ++ m_display_cols (0) ++{ ++ gcc_assert (m_tabstop > 0); ++} ++ ++ ++/* The main implementation function for class cpp_display_width_computation. ++ m_next points on entry to the start of the UTF-8 encoding of the next ++ character, and is updated to point just after the last byte of the encoding. ++ m_bytes_left contains on entry the remaining size of the buffer into which ++ m_next points, and this is also updated accordingly. If m_next does not + point to a valid UTF-8-encoded sequence, then it will be treated as a single +- byte with display width 1. */ ++ byte with display width 1. m_cur_display_col is the current display column, ++ relative to which tab stops should be expanded. Returns the display width of ++ the codepoint just processed. */ + +-static inline int +-compute_next_display_width (const uchar **inbufp, size_t *inbytesleftp) ++int ++cpp_display_width_computation::process_next_codepoint () + { + cppchar_t c; +- if (one_utf8_to_cppchar (inbufp, inbytesleftp, &c) != 0) ++ int next_width; ++ ++ if (*m_next == '\t') ++ { ++ ++m_next; ++ --m_bytes_left; ++ next_width = m_tabstop - (m_display_cols % m_tabstop); ++ } ++ else if (one_utf8_to_cppchar ((const uchar **) &m_next, &m_bytes_left, &c) ++ != 0) + { + /* Input is not convertible to UTF-8. This could be fine, e.g. in a + string literal, so don't complain. Just treat it as if it has a width + of one. */ +- ++*inbufp; +- --*inbytesleftp; +- return 1; ++ ++m_next; ++ --m_bytes_left; ++ next_width = 1; ++ } ++ else ++ { ++ /* one_utf8_to_cppchar() has updated m_next and m_bytes_left for us. */ ++ next_width = cpp_wcwidth (c); + } + +- /* one_utf8_to_cppchar() has updated inbufp and inbytesleftp for us. */ +- return cpp_wcwidth (c); ++ m_display_cols += next_width; ++ return next_width; ++} ++ ++/* Utility to advance the byte stream by the minimum amount needed to consume ++ N display columns. Returns the number of display columns that were ++ actually skipped. This could be less than N, if there was not enough data, ++ or more than N, if the last character to be skipped had a sufficiently large ++ display width. */ ++int ++cpp_display_width_computation::advance_display_cols (int n) ++{ ++ const int start = m_display_cols; ++ const int target = start + n; ++ while (m_display_cols < target && !done ()) ++ process_next_codepoint (); ++ return m_display_cols - start; + } + + /* For the string of length DATA_LENGTH bytes that begins at DATA, compute + how many display columns are occupied by the first COLUMN bytes. COLUMN + may exceed DATA_LENGTH, in which case the phantom bytes at the end are +- treated as if they have display width 1. */ ++ treated as if they have display width 1. Tabs are expanded to the next tab ++ stop, relative to the start of DATA. */ + + int + cpp_byte_column_to_display_column (const char *data, int data_length, +- int column) ++ int column, int tabstop) + { +- int display_col = 0; +- const uchar *udata = (const uchar *) data; + const int offset = MAX (0, column - data_length); +- size_t inbytesleft = column - offset; +- while (inbytesleft) +- display_col += compute_next_display_width (&udata, &inbytesleft); +- return display_col + offset; ++ cpp_display_width_computation dw (data, column - offset, tabstop); ++ while (!dw.done ()) ++ dw.process_next_codepoint (); ++ return dw.display_cols_processed () + offset; + } + + /* For the string of length DATA_LENGTH bytes that begins at DATA, compute +@@ -2328,14 +2369,11 @@ cpp_byte_column_to_display_column (const + + int + cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col) ++ int display_col, int tabstop) + { +- int column = 0; +- const uchar *udata = (const uchar *) data; +- size_t inbytesleft = data_length; +- while (column < display_col && inbytesleft) +- column += compute_next_display_width (&udata, &inbytesleft); +- return data_length - inbytesleft + MAX (0, display_col - column); ++ cpp_display_width_computation dw (data, data_length, tabstop); ++ const int avail_display = dw.advance_display_cols (display_col); ++ return dw.bytes_processed () + MAX (0, display_col - avail_display); + } + + /* Our own version of wcwidth(). We don't use the actual wcwidth() in glibc, +diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h +--- a/libcpp/include/cpplib.h 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/include/cpplib.h 2021-12-25 01:20:53.491636427 -0800 +@@ -312,9 +312,6 @@ enum cpp_normalize_level { + carries all the options visible to the command line. */ + struct cpp_options + { +- /* Characters between tab stops. */ +- unsigned int tabstop; +- + /* The language we're preprocessing. */ + enum c_lang lang; + +@@ -1322,14 +1319,43 @@ extern const char * cpp_get_userdef_suff + (const cpp_token *); + + /* In charset.c */ ++ ++/* A class to manage the state while converting a UTF-8 sequence to cppchar_t ++ and computing the display width one character at a time. */ ++class cpp_display_width_computation { ++ public: ++ cpp_display_width_computation (const char *data, int data_length, ++ int tabstop); ++ const char *next_byte () const { return m_next; } ++ int bytes_processed () const { return m_next - m_begin; } ++ int bytes_left () const { return m_bytes_left; } ++ bool done () const { return !bytes_left (); } ++ int display_cols_processed () const { return m_display_cols; } ++ ++ int process_next_codepoint (); ++ int advance_display_cols (int n); ++ ++ private: ++ const char *const m_begin; ++ const char *m_next; ++ size_t m_bytes_left; ++ const int m_tabstop; ++ int m_display_cols; ++}; ++ ++/* Convenience functions that are simple use cases for class ++ cpp_display_width_computation. Tab characters will be expanded to spaces ++ as determined by TABSTOP. */ + int cpp_byte_column_to_display_column (const char *data, int data_length, +- int column); +-inline int cpp_display_width (const char *data, int data_length) ++ int column, int tabstop); ++inline int cpp_display_width (const char *data, int data_length, ++ int tabstop) + { +- return cpp_byte_column_to_display_column (data, data_length, data_length); ++ return cpp_byte_column_to_display_column (data, data_length, data_length, ++ tabstop); + } + int cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col); ++ int display_col, int tabstop); + int cpp_wcwidth (cppchar_t c); + + #endif /* ! LIBCPP_CPPLIB_H */ +diff --git a/libcpp/init.c b/libcpp/init.c +--- a/libcpp/init.c 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/init.c 2021-12-25 01:20:53.491636427 -0800 +@@ -190,7 +190,6 @@ cpp_create_reader (enum c_lang lang, cpp + CPP_OPTION (pfile, discard_comments) = 1; + CPP_OPTION (pfile, discard_comments_in_macro_exp) = 1; + CPP_OPTION (pfile, max_include_depth) = 200; +- CPP_OPTION (pfile, tabstop) = 8; + CPP_OPTION (pfile, operator_names) = 1; + CPP_OPTION (pfile, warn_trigraphs) = 2; + CPP_OPTION (pfile, warn_endif_labels) = 1; diff --git a/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch b/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch deleted file mode 100644 index c060accd99..0000000000 --- a/meta/recipes-devtools/gcc/gcc/0001-aarch64-Fix-up-__aarch64_cas16_acq_rel-fallback.patch +++ /dev/null @@ -1,66 +0,0 @@ -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From fd2ec4542fd2975e6d3f2f1c1a2639945a84f9e1 Mon Sep 17 00:00:00 2001 -From: Jakub Jelinek <jakub@redhat.com> -Date: Mon, 3 Aug 2020 22:55:28 +0200 -Subject: [PATCH] aarch64: Fix up __aarch64_cas16_acq_rel fallback - -As mentioned in the PR, the fallback path when LSE is unavailable writes -incorrect registers to the memory if the previous content compares equal -to x0, x1 - it writes copy of x0, x1 from the start of function, but it -should write x2, x3. - -2020-08-03 Jakub Jelinek <jakub@redhat.com> - - PR target/96402 - * config/aarch64/lse.S (__aarch64_cas16_acq_rel): Use x2, x3 instead - of x(tmp0), x(tmp1) in STXP arguments. - - * gcc.target/aarch64/pr96402.c: New test. - -(cherry picked from commit 90b43856fdff7d96d93d22970eca8a86c56e0ddc) ---- - gcc/testsuite/gcc.target/aarch64/pr96402.c | 16 ++++++++++++++++ - libgcc/config/aarch64/lse.S | 2 +- - 2 files changed, 17 insertions(+), 1 deletion(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/pr96402.c - -diff --git a/gcc/testsuite/gcc.target/aarch64/pr96402.c b/gcc/testsuite/gcc.target/aarch64/pr96402.c -new file mode 100644 -index 00000000000..fa2dddfac15 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/pr96402.c -@@ -0,0 +1,16 @@ -+/* PR target/96402 */ -+/* { dg-do run { target int128 } } */ -+/* { dg-options "-moutline-atomics" } */ -+ -+int -+main () -+{ -+ __int128 a = 0; -+ __sync_val_compare_and_swap (&a, (__int128) 0, (__int128) 1); -+ if (a != 1) -+ __builtin_abort (); -+ __sync_val_compare_and_swap (&a, (__int128) 1, (((__int128) 0xdeadbeeffeedbac1ULL) << 64) | 0xabadcafe00c0ffeeULL); -+ if (a != ((((__int128) 0xdeadbeeffeedbac1ULL) << 64) | 0xabadcafe00c0ffeeULL)) -+ __builtin_abort (); -+ return 0; -+} -diff --git a/libgcc/config/aarch64/lse.S b/libgcc/config/aarch64/lse.S -index 64691c601c1..c8fbfbce4fd 100644 ---- a/libgcc/config/aarch64/lse.S -+++ b/libgcc/config/aarch64/lse.S -@@ -203,7 +203,7 @@ STARTFN NAME(cas) - cmp x0, x(tmp0) - ccmp x1, x(tmp1), #0, eq - bne 1f -- STXP w(tmp2), x(tmp0), x(tmp1), [x4] -+ STXP w(tmp2), x2, x3, [x4] - cbnz w(tmp2), 0b - 1: ret - --- -2.26.2 - diff --git a/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch b/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch deleted file mode 100644 index 73de4c7590..0000000000 --- a/meta/recipes-devtools/gcc/gcc/0001-aarch64-New-Straight-Line-Speculation-SLS-mitigation.patch +++ /dev/null @@ -1,202 +0,0 @@ -CVE: CVE-2020-13844 -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From 1ff243934ac443b5f58cd02a5012ce58ecc31fb2 Mon Sep 17 00:00:00 2001 -From: Matthew Malcomson <matthew.malcomson@arm.com> -Date: Thu, 9 Jul 2020 09:11:58 +0100 -Subject: [PATCH 1/3] aarch64: New Straight Line Speculation (SLS) mitigation - flags - -Here we introduce the flags that will be used for straight line speculation. - -The new flag introduced is `-mharden-sls=`. -This flag can take arguments of `none`, `all`, or a comma seperated list of one -or more of `retbr` or `blr`. -`none` indicates no special mitigation of the straight line speculation -vulnerability. -`all` requests all mitigations currently implemented. -`retbr` requests that the RET and BR instructions have a speculation barrier -inserted after them. -`blr` requests that BLR instructions are replaced by a BL to a function stub -using a BR with a speculation barrier after it. - -Setting this on a per-function basis using attributes or the like is not -enabled, but may be in the future. - -gcc/ChangeLog: - -2020-06-02 Matthew Malcomson <matthew.malcomson@arm.com> - - * config/aarch64/aarch64-protos.h (aarch64_harden_sls_retbr_p): - New. - (aarch64_harden_sls_blr_p): New. - * config/aarch64/aarch64.c (enum aarch64_sls_hardening_type): - New. - (aarch64_harden_sls_retbr_p): New. - (aarch64_harden_sls_blr_p): New. - (aarch64_validate_sls_mitigation): New. - (aarch64_override_options): Parse options for SLS mitigation. - * config/aarch64/aarch64.opt (-mharden-sls): New option. - * doc/invoke.texi: Document new option. ---- - gcc/config/aarch64/aarch64-protos.h | 3 ++ - gcc/config/aarch64/aarch64.c | 76 +++++++++++++++++++++++++++++++++++++ - gcc/config/aarch64/aarch64.opt | 4 ++ - gcc/doc/invoke.texi | 12 ++++++ - 4 files changed, 95 insertions(+) - -diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h -index 723d9ba..eb5f4b4 100644 ---- a/gcc/config/aarch64/aarch64-protos.h -+++ b/gcc/config/aarch64/aarch64-protos.h -@@ -781,4 +781,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names; - - tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *); - -+extern bool aarch64_harden_sls_retbr_p (void); -+extern bool aarch64_harden_sls_blr_p (void); -+ - #endif /* GCC_AARCH64_PROTOS_H */ -diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c -index b86434a..437a9cf 100644 ---- a/gcc/config/aarch64/aarch64.c -+++ b/gcc/config/aarch64/aarch64.c -@@ -14494,6 +14494,79 @@ aarch64_validate_mcpu (const char *str, const struct processor **res, - return false; - } - -+/* Straight line speculation indicators. */ -+enum aarch64_sls_hardening_type -+{ -+ SLS_NONE = 0, -+ SLS_RETBR = 1, -+ SLS_BLR = 2, -+ SLS_ALL = 3, -+}; -+static enum aarch64_sls_hardening_type aarch64_sls_hardening; -+ -+/* Return whether we should mitigatate Straight Line Speculation for the RET -+ and BR instructions. */ -+bool -+aarch64_harden_sls_retbr_p (void) -+{ -+ return aarch64_sls_hardening & SLS_RETBR; -+} -+ -+/* Return whether we should mitigatate Straight Line Speculation for the BLR -+ instruction. */ -+bool -+aarch64_harden_sls_blr_p (void) -+{ -+ return aarch64_sls_hardening & SLS_BLR; -+} -+ -+/* As of yet we only allow setting these options globally, in the future we may -+ allow setting them per function. */ -+static void -+aarch64_validate_sls_mitigation (const char *const_str) -+{ -+ char *token_save = NULL; -+ char *str = NULL; -+ -+ if (strcmp (const_str, "none") == 0) -+ { -+ aarch64_sls_hardening = SLS_NONE; -+ return; -+ } -+ if (strcmp (const_str, "all") == 0) -+ { -+ aarch64_sls_hardening = SLS_ALL; -+ return; -+ } -+ -+ char *str_root = xstrdup (const_str); -+ str = strtok_r (str_root, ",", &token_save); -+ if (!str) -+ error ("invalid argument given to %<-mharden-sls=%>"); -+ -+ int temp = SLS_NONE; -+ while (str) -+ { -+ if (strcmp (str, "blr") == 0) -+ temp |= SLS_BLR; -+ else if (strcmp (str, "retbr") == 0) -+ temp |= SLS_RETBR; -+ else if (strcmp (str, "none") == 0 || strcmp (str, "all") == 0) -+ { -+ error ("%<%s%> must be by itself for %<-mharden-sls=%>", str); -+ break; -+ } -+ else -+ { -+ error ("invalid argument %<%s%> for %<-mharden-sls=%>", str); -+ break; -+ } -+ str = strtok_r (NULL, ",", &token_save); -+ } -+ aarch64_sls_hardening = (aarch64_sls_hardening_type) temp; -+ free (str_root); -+} -+ - /* Parses CONST_STR for branch protection features specified in - aarch64_branch_protect_types, and set any global variables required. Returns - the parsing result and assigns LAST_STR to the last processed token from -@@ -14738,6 +14811,9 @@ aarch64_override_options (void) - selected_arch = NULL; - selected_tune = NULL; - -+ if (aarch64_harden_sls_string) -+ aarch64_validate_sls_mitigation (aarch64_harden_sls_string); -+ - if (aarch64_branch_protection_string) - aarch64_validate_mbranch_protection (aarch64_branch_protection_string); - -diff --git a/gcc/config/aarch64/aarch64.opt b/gcc/config/aarch64/aarch64.opt -index d99d14c..5170361 100644 ---- a/gcc/config/aarch64/aarch64.opt -+++ b/gcc/config/aarch64/aarch64.opt -@@ -71,6 +71,10 @@ mgeneral-regs-only - Target Report RejectNegative Mask(GENERAL_REGS_ONLY) Save - Generate code which uses only the general registers. - -+mharden-sls= -+Target RejectNegative Joined Var(aarch64_harden_sls_string) -+Generate code to mitigate against straight line speculation. -+ - mfix-cortex-a53-835769 - Target Report Var(aarch64_fix_a53_err835769) Init(2) Save - Workaround for ARM Cortex-A53 Erratum number 835769. -diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi -index a2794a6..bd5b77a 100644 ---- a/gcc/doc/invoke.texi -+++ b/gcc/doc/invoke.texi -@@ -696,6 +696,7 @@ Objective-C and Objective-C++ Dialects}. - -msign-return-address=@var{scope} @gol - -mbranch-protection=@var{none}|@var{standard}|@var{pac-ret}[+@var{leaf} - +@var{b-key}]|@var{bti} @gol -+-mharden-sls=@var{opts} @gol - -march=@var{name} -mcpu=@var{name} -mtune=@var{name} @gol - -moverride=@var{string} -mverbose-cost-dump @gol - -mstack-protector-guard=@var{guard} -mstack-protector-guard-reg=@var{sysreg} @gol -@@ -17065,6 +17066,17 @@ functions. The optional argument @samp{b-key} can be used to sign the functions - with the B-key instead of the A-key. - @samp{bti} turns on branch target identification mechanism. - -+@item -mharden-sls=@var{opts} -+@opindex mharden-sls -+Enable compiler hardening against straight line speculation (SLS). -+@var{opts} is a comma-separated list of the following options: -+@table @samp -+@item retbr -+@item blr -+@end table -+In addition, @samp{-mharden-sls=all} enables all SLS hardening while -+@samp{-mharden-sls=none} disables all SLS hardening. -+ - @item -msve-vector-bits=@var{bits} - @opindex msve-vector-bits - Specify the number of bits in an SVE vector register. This option only has --- -2.7.4 - diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch new file mode 100644 index 0000000000..38d02dc770 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-35465.patch @@ -0,0 +1,40 @@ +From 574e7950bd6b34e9e2cacce18c802b45505d1d0a Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw <rearnsha@arm.com> +Date: Fri, 18 Jun 2021 17:16:25 +0100 +Subject: [PATCH] arm: add erratum mitigation to __gnu_cmse_nonsecure_call + [PR102035] + +Add the recommended erratum mitigation sequence to +__gnu_cmse_nonsecure_call for use on Armv8-m.main devices. Since this +is in the library code we cannot know in advance whether the core we +are running on will be affected by this, so always enable it. + +libgcc: + PR target/102035 + * config/arm/cmse_nonsecure_call.S (__gnu_cmse_nonsecure_call): + Add vlldm erratum work-around. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=574e7950bd6b34e9e2cacce18c802b45505d1d0a] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + libgcc/config/arm/cmse_nonsecure_call.S | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/libgcc/config/arm/cmse_nonsecure_call.S b/libgcc/config/arm/cmse_nonsecure_call.S +index 00830ade98e..c8e0fbbe665 100644 +--- a/libgcc/config/arm/cmse_nonsecure_call.S ++++ b/libgcc/config/arm/cmse_nonsecure_call.S +@@ -102,6 +102,11 @@ blxns r4 + #ifdef __ARM_PCS_VFP + vpop.f64 {d8-d15} + #else ++/* VLLDM erratum mitigation sequence. */ ++mrs r5, control ++tst r5, #8 /* CONTROL_S.SFPA */ ++it ne ++.inst.w 0xeeb00a40 /* vmovne s0, s0 */ + vlldm sp /* Lazy restore of d0-d16 and FPSCR. */ + add sp, sp, #0x88 /* Free space used to save floating point registers. */ + #endif /* __ARM_PCS_VFP */ diff --git a/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch new file mode 100644 index 0000000000..5b1896ed69 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0002-CVE-2021-42574.patch @@ -0,0 +1,2270 @@ +From bd5e882cf6e0def3dd1bc106075d59a303fe0d1e Mon Sep 17 00:00:00 2001 +From: David Malcolm <dmalcolm@redhat.com> +Date: Mon, 18 Oct 2021 18:55:31 -0400 +Subject: [PATCH] diagnostics: escape non-ASCII source bytes for certain + diagnostics +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This patch adds support to GCC's diagnostic subsystem for escaping certain +bytes and Unicode characters when quoting source code. + +Specifically, this patch adds a new flag rich_location::m_escape_on_output +which is a hint from a diagnostic that non-ASCII bytes in the pertinent +lines of the user's source code should be escaped when printed. + +The patch sets this for the following diagnostics: +- when complaining about stray bytes in the program (when these +are non-printable) +- when complaining about "null character(s) ignored"); +- for -Wnormalized= (and generate source ranges for such warnings) + +The escaping is controlled by a new option: + -fdiagnostics-escape-format=[unicode|bytes] + +For example, consider a diagnostic involing a source line containing the +string "before" followed by the Unicode character U+03C0 ("GREEK SMALL +LETTER PI", with UTF-8 encoding 0xCF 0x80) followed by the byte 0xBF +(a stray UTF-8 trailing byte), followed by the string "after", where the +diagnostic highlights the U+03C0 character. + +By default, this line will be printed verbatim to the user when +reporting a diagnostic at it, as: + + beforeÏXafter + ^ + +(using X for the stray byte to avoid putting invalid UTF-8 in this +commit message) + +If the diagnostic sets the "escape" flag, it will be printed as: + + before<U+03C0><BF>after + ^~~~~~~~ + +with -fdiagnostics-escape-format=unicode (the default), or as: + + before<CF><80><BF>after + ^~~~~~~~ + +if the user supplies -fdiagnostics-escape-format=bytes. + +This only affects how the source is printed; it does not affect +how column numbers that are printed (as per -fdiagnostics-column-unit= +and -fdiagnostics-column-origin=). + +gcc/c-family/ChangeLog: + * c-lex.c (c_lex_with_flags): When complaining about non-printable + CPP_OTHER tokens, set the "escape on output" flag. + +gcc/ChangeLog: + * common.opt (fdiagnostics-escape-format=): New. + (diagnostics_escape_format): New enum. + (DIAGNOSTICS_ESCAPE_FORMAT_UNICODE): New enum value. + (DIAGNOSTICS_ESCAPE_FORMAT_BYTES): Likewise. + * diagnostic-format-json.cc (json_end_diagnostic): Add + "escape-source" attribute. + * diagnostic-show-locus.c + (exploc_with_display_col::exploc_with_display_col): Replace + "tabstop" param with a cpp_char_column_policy and add an "aspect" + param. Use these to compute m_display_col accordingly. + (struct char_display_policy): New struct. + (layout::m_policy): New field. + (layout::m_escape_on_output): New field. + (def_policy): New function. + (make_range): Update for changes to exploc_with_display_col ctor. + (default_print_decoded_ch): New. + (width_per_escaped_byte): New. + (escape_as_bytes_width): New. + (escape_as_bytes_print): New. + (escape_as_unicode_width): New. + (escape_as_unicode_print): New. + (make_policy): New. + (layout::layout): Initialize new fields. Update m_exploc ctor + call for above change to ctor. + (layout::maybe_add_location_range): Update for changes to + exploc_with_display_col ctor. + (layout::calculate_x_offset_display): Update for change to + cpp_display_width. + (layout::print_source_line): Pass policy + to cpp_display_width_computation. Capture cpp_decoded_char when + calling process_next_codepoint. Move printing of source code to + m_policy.m_print_cb. + (line_label::line_label): Pass in policy rather than context. + (layout::print_any_labels): Update for change to line_label ctor. + (get_affected_range): Pass in policy rather than context, updating + calls to location_compute_display_column accordingly. + (get_printed_columns): Likewise, also for cpp_display_width. + (correction::correction): Pass in policy rather than tabstop. + (correction::compute_display_cols): Pass m_policy rather than + m_tabstop to cpp_display_width. + (correction::m_tabstop): Replace with... + (correction::m_policy): ...this. + (line_corrections::line_corrections): Pass in policy rather than + context. + (line_corrections::m_context): Replace with... + (line_corrections::m_policy): ...this. + (line_corrections::add_hint): Update to use m_policy rather than + m_context. + (line_corrections::add_hint): Likewise. + (layout::print_trailing_fixits): Likewise. + (selftest::test_display_widths): New. + (selftest::test_layout_x_offset_display_utf8): Update to use + policy rather than tabstop. + (selftest::test_one_liner_labels_utf8): Add test of escaping + source lines. + (selftest::test_diagnostic_show_locus_one_liner_utf8): Update to + use policy rather than tabstop. + (selftest::test_overlapped_fixit_printing): Likewise. + (selftest::test_overlapped_fixit_printing_utf8): Likewise. + (selftest::test_overlapped_fixit_printing_2): Likewise. + (selftest::test_tab_expansion): Likewise. + (selftest::test_escaping_bytes_1): New. + (selftest::test_escaping_bytes_2): New. + (selftest::diagnostic_show_locus_c_tests): Call the new tests. + * diagnostic.c (diagnostic_initialize): Initialize + context->escape_format. + (convert_column_unit): Update to use default character width policy. + (selftest::test_diagnostic_get_location_text): Likewise. + * diagnostic.h (enum diagnostics_escape_format): New enum. + (diagnostic_context::escape_format): New field. + * doc/invoke.texi (-fdiagnostics-escape-format=): New option. + (-fdiagnostics-format=): Add "escape-source" attribute to examples + of JSON output, and document it. + * input.c (location_compute_display_column): Pass in "policy" + rather than "tabstop", passing to + cpp_byte_column_to_display_column. + (selftest::test_cpp_utf8): Update to use cpp_char_column_policy. + * input.h (class cpp_char_column_policy): New forward decl. + (location_compute_display_column): Pass in "policy" rather than + "tabstop". + * opts.c (common_handle_option): Handle + OPT_fdiagnostics_escape_format_. + * selftest.c (temp_source_file::temp_source_file): New ctor + overload taking a size_t. + * selftest.h (temp_source_file::temp_source_file): Likewise. + +gcc/testsuite/ChangeLog: + * c-c++-common/diagnostic-format-json-1.c: Add regexp to consume + "escape-source" attribute. + * c-c++-common/diagnostic-format-json-2.c: Likewise. + * c-c++-common/diagnostic-format-json-3.c: Likewise. + * c-c++-common/diagnostic-format-json-4.c: Likewise, twice. + * c-c++-common/diagnostic-format-json-5.c: Likewise. + * gcc.dg/cpp/warn-normalized-4-bytes.c: New test. + * gcc.dg/cpp/warn-normalized-4-unicode.c: New test. + * gcc.dg/encoding-issues-bytes.c: New test. + * gcc.dg/encoding-issues-unicode.c: New test. + * gfortran.dg/diagnostic-format-json-1.F90: Add regexp to consume + "escape-source" attribute. + * gfortran.dg/diagnostic-format-json-2.F90: Likewise. + * gfortran.dg/diagnostic-format-json-3.F90: Likewise. + +libcpp/ChangeLog: + * charset.c (convert_escape): Use encoding_rich_location when + complaining about nonprintable unknown escape sequences. + (cpp_display_width_computation::::cpp_display_width_computation): + Pass in policy rather than tabstop. + (cpp_display_width_computation::process_next_codepoint): Add "out" + param and populate *out if non-NULL. + (cpp_display_width_computation::advance_display_cols): Pass NULL + to process_next_codepoint. + (cpp_byte_column_to_display_column): Pass in policy rather than + tabstop. Pass NULL to process_next_codepoint. + (cpp_display_column_to_byte_column): Pass in policy rather than + tabstop. + * errors.c (cpp_diagnostic_get_current_location): New function, + splitting out the logic from... + (cpp_diagnostic): ...here. + (cpp_warning_at): New function. + (cpp_pedwarning_at): New function. + * include/cpplib.h (cpp_warning_at): New decl for rich_location. + (cpp_pedwarning_at): Likewise. + (struct cpp_decoded_char): New. + (struct cpp_char_column_policy): New. + (cpp_display_width_computation::cpp_display_width_computation): + Replace "tabstop" param with "policy". + (cpp_display_width_computation::process_next_codepoint): Add "out" + param. + (cpp_display_width_computation::m_tabstop): Replace with... + (cpp_display_width_computation::m_policy): ...this. + (cpp_byte_column_to_display_column): Replace "tabstop" param with + "policy". + (cpp_display_width): Likewise. + (cpp_display_column_to_byte_column): Likewise. + * include/line-map.h (rich_location::escape_on_output_p): New. + (rich_location::set_escape_on_output): New. + (rich_location::m_escape_on_output): New. + * internal.h (cpp_diagnostic_get_current_location): New decl. + (class encoding_rich_location): New. + * lex.c (skip_whitespace): Use encoding_rich_location when + complaining about null characters. + (warn_about_normalization): Generate a source range when + complaining about improperly normalized tokens, rather than just a + point, and use encoding_rich_location so that the source code + is escaped on printing. + * line-map.c (rich_location::rich_location): Initialize + m_escape_on_output. + +Signed-off-by: David Malcolm <dmalcolm@redhat.com> + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bd5e882cf6e0def3dd1bc106075d59a303fe0d1e] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + gcc/c-family/c-lex.c | 6 +- + gcc/common.opt | 13 + + gcc/diagnostic-format-json.cc | 3 + + gcc/diagnostic-show-locus.c | 580 +++++++++++++++--- + gcc/diagnostic.c | 10 +- + gcc/diagnostic.h | 18 + + gcc/doc/invoke.texi | 43 +- + gcc/input.c | 62 +- + gcc/input.h | 7 +- + gcc/opts.c | 4 + + gcc/selftest.c | 15 + + gcc/selftest.h | 2 + + .../c-c++-common/diagnostic-format-json-1.c | 1 + + .../c-c++-common/diagnostic-format-json-2.c | 1 + + .../c-c++-common/diagnostic-format-json-3.c | 1 + + .../c-c++-common/diagnostic-format-json-4.c | 2 + + .../c-c++-common/diagnostic-format-json-5.c | 1 + + .../gcc.dg/cpp/warn-normalized-4-bytes.c | 21 + + .../gcc.dg/cpp/warn-normalized-4-unicode.c | 19 + + gcc/testsuite/gcc.dg/encoding-issues-bytes.c | Bin 0 -> 595 bytes + .../gcc.dg/encoding-issues-unicode.c | Bin 0 -> 613 bytes + .../gfortran.dg/diagnostic-format-json-1.F90 | 1 + + .../gfortran.dg/diagnostic-format-json-2.F90 | 1 + + .../gfortran.dg/diagnostic-format-json-3.F90 | 1 + + libcpp/charset.c | 63 +- + libcpp/errors.c | 82 ++- + libcpp/include/cpplib.h | 76 ++- + libcpp/include/line-map.h | 13 + + libcpp/internal.h | 23 + + libcpp/lex.c | 38 +- + libcpp/line-map.c | 3 +- + 31 files changed, 942 insertions(+), 168 deletions(-) + create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c + create mode 100644 gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c + create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-bytes.c + create mode 100644 gcc/testsuite/gcc.dg/encoding-issues-unicode.c + +diff --git a/gcc/c-family/c-lex.c b/gcc/c-family/c-lex.c +--- a/gcc/c-family/c-lex.c 2020-07-22 23:35:17.296384022 -0700 ++++ b/gcc/c-family/c-lex.c 2021-12-25 01:30:50.669689023 -0800 +@@ -587,7 +587,11 @@ c_lex_with_flags (tree *value, location_ + else if (ISGRAPH (c)) + error_at (*loc, "stray %qc in program", (int) c); + else +- error_at (*loc, "stray %<\\%o%> in program", (int) c); ++ { ++ rich_location rich_loc (line_table, *loc); ++ rich_loc.set_escape_on_output (true); ++ error_at (&rich_loc, "stray %<\\%o%> in program", (int) c); ++ } + } + goto retry; + +diff --git a/gcc/common.opt b/gcc/common.opt +--- a/gcc/common.opt 2021-12-25 01:29:12.915317374 -0800 ++++ b/gcc/common.opt 2021-12-25 01:30:50.669689023 -0800 +@@ -1337,6 +1337,10 @@ fdiagnostics-format= + Common Joined RejectNegative Enum(diagnostics_output_format) + -fdiagnostics-format=[text|json] Select output format. + ++fdiagnostics-escape-format= ++Common Joined RejectNegative Enum(diagnostics_escape_format) ++-fdiagnostics-escape-format=[unicode|bytes] Select how to escape non-printable-ASCII bytes in the source for diagnostics that suggest it. ++ + ; Required for these enum values. + SourceInclude + diagnostic.h +@@ -1351,6 +1355,15 @@ EnumValue + Enum(diagnostics_column_unit) String(byte) Value(DIAGNOSTICS_COLUMN_UNIT_BYTE) + + Enum ++Name(diagnostics_escape_format) Type(int) ++ ++EnumValue ++Enum(diagnostics_escape_format) String(unicode) Value(DIAGNOSTICS_ESCAPE_FORMAT_UNICODE) ++ ++EnumValue ++Enum(diagnostics_escape_format) String(bytes) Value(DIAGNOSTICS_ESCAPE_FORMAT_BYTES) ++ ++Enum + Name(diagnostics_output_format) Type(int) + + EnumValue +diff --git a/gcc/diagnostic.c b/gcc/diagnostic.c +--- a/gcc/diagnostic.c 2021-12-25 01:29:12.915317374 -0800 ++++ b/gcc/diagnostic.c 2021-12-25 01:30:50.669689023 -0800 +@@ -223,6 +223,7 @@ diagnostic_initialize (diagnostic_contex + context->column_unit = DIAGNOSTICS_COLUMN_UNIT_DISPLAY; + context->column_origin = 1; + context->tabstop = 8; ++ context->escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; + context->edit_context_ptr = NULL; + context->diagnostic_group_nesting_depth = 0; + context->diagnostic_group_emission_count = 0; +@@ -2152,8 +2153,8 @@ test_diagnostic_get_location_text () + const char *const content = "smile \xf0\x9f\x98\x82\n"; + const int line_bytes = strlen (content) - 1; + const int def_tabstop = 8; +- const int display_width = cpp_display_width (content, line_bytes, +- def_tabstop); ++ const cpp_char_column_policy policy (def_tabstop, cpp_wcwidth); ++ const int display_width = cpp_display_width (content, line_bytes, policy); + ASSERT_EQ (line_bytes - 2, display_width); + temp_source_file tmp (SELFTEST_LOCATION, ".c", content); + const char *const fname = tmp.get_filename (); +diff --git a/gcc/diagnostic-format-json.cc b/gcc/diagnostic-format-json.cc +--- a/gcc/diagnostic-format-json.cc 2021-12-25 01:29:12.915317374 -0800 ++++ b/gcc/diagnostic-format-json.cc 2021-12-25 01:30:50.669689023 -0800 +@@ -264,6 +264,9 @@ json_end_diagnostic (diagnostic_context + json::value *path_value = context->make_json_for_path (context, path); + diag_obj->set ("path", path_value); + } ++ ++ diag_obj->set ("escape-source", ++ new json::literal (richloc->escape_on_output_p ())); + } + + /* No-op implementation of "begin_group_cb" for JSON output. */ +diff --git a/gcc/diagnostic.h b/gcc/diagnostic.h +--- a/gcc/diagnostic.h 2021-12-25 01:29:12.919317307 -0800 ++++ b/gcc/diagnostic.h 2021-12-25 01:30:50.669689023 -0800 +@@ -38,6 +38,20 @@ enum diagnostics_column_unit + DIAGNOSTICS_COLUMN_UNIT_BYTE + }; + ++/* An enum for controlling how to print non-ASCII characters/bytes when ++ a diagnostic suggests escaping the source code on output. */ ++ ++enum diagnostics_escape_format ++{ ++ /* Escape non-ASCII Unicode characters in the form <U+XXXX> and ++ non-UTF-8 bytes in the form <XX>. */ ++ DIAGNOSTICS_ESCAPE_FORMAT_UNICODE, ++ ++ /* Escape non-ASCII bytes in the form <XX> (thus showing the underlying ++ encoding of non-ASCII Unicode characters). */ ++ DIAGNOSTICS_ESCAPE_FORMAT_BYTES ++}; ++ + /* Enum for overriding the standard output format. */ + + enum diagnostics_output_format +@@ -303,6 +317,10 @@ struct diagnostic_context + /* The size of the tabstop for tab expansion. */ + int tabstop; + ++ /* How should non-ASCII/non-printable bytes be escaped when ++ a diagnostic suggests escaping the source code on output. */ ++ enum diagnostics_escape_format escape_format; ++ + /* If non-NULL, an edit_context to which fix-it hints should be + applied, for generating patches. */ + edit_context *edit_context_ptr; +diff --git a/gcc/diagnostic-show-locus.c b/gcc/diagnostic-show-locus.c +--- a/gcc/diagnostic-show-locus.c 2021-12-25 01:29:12.919317307 -0800 ++++ b/gcc/diagnostic-show-locus.c 2021-12-25 01:30:50.673688956 -0800 +@@ -175,10 +175,26 @@ enum column_unit { + class exploc_with_display_col : public expanded_location + { + public: +- exploc_with_display_col (const expanded_location &exploc, int tabstop) +- : expanded_location (exploc), +- m_display_col (location_compute_display_column (exploc, tabstop)) +- {} ++ exploc_with_display_col (const expanded_location &exploc, ++ const cpp_char_column_policy &policy, ++ enum location_aspect aspect) ++ : expanded_location (exploc), ++ m_display_col (location_compute_display_column (exploc, policy)) ++ { ++ if (exploc.column > 0) ++ { ++ /* m_display_col is now the final column of the byte. ++ If escaping has happened, we may want the first column instead. */ ++ if (aspect != LOCATION_ASPECT_FINISH) ++ { ++ expanded_location prev_exploc (exploc); ++ prev_exploc.column--; ++ int prev_display_col ++ = (location_compute_display_column (prev_exploc, policy)); ++ m_display_col = prev_display_col + 1; ++ } ++ } ++ } + + int m_display_col; + }; +@@ -313,6 +329,31 @@ test_line_span () + + #endif /* #if CHECKING_P */ + ++/* A bundle of information containing how to print unicode ++ characters and bytes when quoting source code. ++ ++ Provides a unified place to support escaping some subset ++ of characters to some format. ++ ++ Extends char_column_policy; printing is split out to avoid ++ libcpp having to know about pretty_printer. */ ++ ++struct char_display_policy : public cpp_char_column_policy ++{ ++ public: ++ char_display_policy (int tabstop, ++ int (*width_cb) (cppchar_t c), ++ void (*print_cb) (pretty_printer *pp, ++ const cpp_decoded_char &cp)) ++ : cpp_char_column_policy (tabstop, width_cb), ++ m_print_cb (print_cb) ++ { ++ } ++ ++ void (*m_print_cb) (pretty_printer *pp, ++ const cpp_decoded_char &cp); ++}; ++ + /* A class to control the overall layout when printing a diagnostic. + + The layout is determined within the constructor. +@@ -345,6 +386,8 @@ class layout + + void print_line (linenum_type row); + ++ void on_bad_codepoint (const char *ptr, cppchar_t ch, size_t ch_sz); ++ + private: + bool will_show_line_p (linenum_type row) const; + void print_leading_fixits (linenum_type row); +@@ -386,6 +429,7 @@ class layout + private: + diagnostic_context *m_context; + pretty_printer *m_pp; ++ char_display_policy m_policy; + location_t m_primary_loc; + exploc_with_display_col m_exploc; + colorizer m_colorizer; +@@ -398,6 +442,7 @@ class layout + auto_vec <line_span> m_line_spans; + int m_linenum_width; + int m_x_offset_display; ++ bool m_escape_on_output; + }; + + /* Implementation of "class colorizer". */ +@@ -646,6 +691,11 @@ layout_range::intersects_line_p (linenum + /* Default for when we don't care what the tab expansion is set to. */ + static const int def_tabstop = 8; + ++static cpp_char_column_policy def_policy () ++{ ++ return cpp_char_column_policy (8, cpp_wcwidth); ++} ++ + /* Create some expanded locations for testing layout_range. The filename + member of the explocs is set to the empty string. This member will only be + inspected by the calls to location_compute_display_column() made from the +@@ -662,10 +712,13 @@ make_range (int start_line, int start_co + = {"", start_line, start_col, NULL, false}; + const expanded_location finish_exploc + = {"", end_line, end_col, NULL, false}; +- return layout_range (exploc_with_display_col (start_exploc, def_tabstop), +- exploc_with_display_col (finish_exploc, def_tabstop), ++ return layout_range (exploc_with_display_col (start_exploc, def_policy (), ++ LOCATION_ASPECT_START), ++ exploc_with_display_col (finish_exploc, def_policy (), ++ LOCATION_ASPECT_FINISH), + SHOW_RANGE_WITHOUT_CARET, +- exploc_with_display_col (start_exploc, def_tabstop), ++ exploc_with_display_col (start_exploc, def_policy (), ++ LOCATION_ASPECT_CARET), + 0, NULL); + } + +@@ -950,6 +1003,164 @@ fixit_cmp (const void *p_a, const void * + return hint_a->get_start_loc () - hint_b->get_start_loc (); + } + ++/* Callbacks for use when not escaping the source. */ ++ ++/* The default callback for char_column_policy::m_width_cb is cpp_wcwidth. */ ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when not escaping the source. */ ++ ++static void ++default_print_decoded_ch (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ for (const char *ptr = decoded_ch.m_start_byte; ++ ptr != decoded_ch.m_next_byte; ptr++) ++ { ++ if (*ptr == '\0' || *ptr == '\r') ++ { ++ pp_space (pp); ++ continue; ++ } ++ ++ pp_character (pp, *ptr); ++ } ++} ++ ++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static const int width_per_escaped_byte = 4; ++ ++/* Callback for char_column_policy::m_width_cb for determining the ++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static int ++escape_as_bytes_width (cppchar_t ch) ++{ ++ if (ch < 0x80 && ISPRINT (ch)) ++ return cpp_wcwidth (ch); ++ else ++ { ++ if (ch <= 0x7F) return 1 * width_per_escaped_byte; ++ if (ch <= 0x7FF) return 2 * width_per_escaped_byte; ++ if (ch <= 0xFFFF) return 3 * width_per_escaped_byte; ++ return 4 * width_per_escaped_byte; ++ } ++} ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_BYTES. */ ++ ++static void ++escape_as_bytes_print (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ if (!decoded_ch.m_valid_ch) ++ { ++ for (const char *iter = decoded_ch.m_start_byte; ++ iter != decoded_ch.m_next_byte; ++iter) ++ { ++ char buf[16]; ++ sprintf (buf, "<%02x>", (unsigned char)*iter); ++ pp_string (pp, buf); ++ } ++ return; ++ } ++ ++ cppchar_t ch = decoded_ch.m_ch; ++ if (ch < 0x80 && ISPRINT (ch)) ++ pp_character (pp, ch); ++ else ++ { ++ for (const char *iter = decoded_ch.m_start_byte; ++ iter < decoded_ch.m_next_byte; ++iter) ++ { ++ char buf[16]; ++ sprintf (buf, "<%02x>", (unsigned char)*iter); ++ pp_string (pp, buf); ++ } ++ } ++} ++ ++/* Callbacks for use with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++/* Callback for char_column_policy::m_width_cb for determining the ++ display width when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++static int ++escape_as_unicode_width (cppchar_t ch) ++{ ++ if (ch < 0x80 && ISPRINT (ch)) ++ return cpp_wcwidth (ch); ++ else ++ { ++ // Width of "<U+%04x>" ++ if (ch > 0xfffff) ++ return 10; ++ else if (ch > 0xffff) ++ return 9; ++ else ++ return 8; ++ } ++} ++ ++/* Callback for char_display_policy::m_print_cb for printing source chars ++ when escaping with DIAGNOSTICS_ESCAPE_FORMAT_UNICODE. */ ++ ++static void ++escape_as_unicode_print (pretty_printer *pp, ++ const cpp_decoded_char &decoded_ch) ++{ ++ if (!decoded_ch.m_valid_ch) ++ { ++ escape_as_bytes_print (pp, decoded_ch); ++ return; ++ } ++ ++ cppchar_t ch = decoded_ch.m_ch; ++ if (ch < 0x80 && ISPRINT (ch)) ++ pp_character (pp, ch); ++ else ++ { ++ char buf[16]; ++ sprintf (buf, "<U+%04X>", ch); ++ pp_string (pp, buf); ++ } ++} ++ ++/* Populate a char_display_policy based on DC and RICHLOC. */ ++ ++static char_display_policy ++make_policy (const diagnostic_context &dc, ++ const rich_location &richloc) ++{ ++ /* The default is to not escape non-ASCII bytes. */ ++ char_display_policy result ++ (dc.tabstop, cpp_wcwidth, default_print_decoded_ch); ++ ++ /* If the diagnostic suggests escaping non-ASCII bytes, then ++ use policy from user-supplied options. */ ++ if (richloc.escape_on_output_p ()) ++ { ++ result.m_undecoded_byte_width = width_per_escaped_byte; ++ switch (dc.escape_format) ++ { ++ default: ++ gcc_unreachable (); ++ case DIAGNOSTICS_ESCAPE_FORMAT_UNICODE: ++ result.m_width_cb = escape_as_unicode_width; ++ result.m_print_cb = escape_as_unicode_print; ++ break; ++ case DIAGNOSTICS_ESCAPE_FORMAT_BYTES: ++ result.m_width_cb = escape_as_bytes_width; ++ result.m_print_cb = escape_as_bytes_print; ++ break; ++ } ++ } ++ ++ return result; ++} ++ + /* Implementation of class layout. */ + + /* Constructor for class layout. +@@ -966,8 +1177,10 @@ layout::layout (diagnostic_context * con + diagnostic_t diagnostic_kind) + : m_context (context), + m_pp (context->printer), ++ m_policy (make_policy (*context, *richloc)), + m_primary_loc (richloc->get_range (0)->m_loc), +- m_exploc (richloc->get_expanded_location (0), context->tabstop), ++ m_exploc (richloc->get_expanded_location (0), m_policy, ++ LOCATION_ASPECT_CARET), + m_colorizer (context, diagnostic_kind), + m_colorize_source_p (context->colorize_source_p), + m_show_labels_p (context->show_labels_p), +@@ -977,7 +1190,8 @@ layout::layout (diagnostic_context * con + m_fixit_hints (richloc->get_num_fixit_hints ()), + m_line_spans (1 + richloc->get_num_locations ()), + m_linenum_width (0), +- m_x_offset_display (0) ++ m_x_offset_display (0), ++ m_escape_on_output (richloc->escape_on_output_p ()) + { + for (unsigned int idx = 0; idx < richloc->get_num_locations (); idx++) + { +@@ -1063,10 +1277,13 @@ layout::maybe_add_location_range (const + + /* Everything is now known to be in the correct source file, + but it may require further sanitization. */ +- layout_range ri (exploc_with_display_col (start, m_context->tabstop), +- exploc_with_display_col (finish, m_context->tabstop), ++ layout_range ri (exploc_with_display_col (start, m_policy, ++ LOCATION_ASPECT_START), ++ exploc_with_display_col (finish, m_policy, ++ LOCATION_ASPECT_FINISH), + loc_range->m_range_display_kind, +- exploc_with_display_col (caret, m_context->tabstop), ++ exploc_with_display_col (caret, m_policy, ++ LOCATION_ASPECT_CARET), + original_idx, loc_range->m_label); + + /* If we have a range that finishes before it starts (perhaps +@@ -1400,7 +1617,7 @@ layout::calculate_x_offset_display () + = get_line_bytes_without_trailing_whitespace (line.get_buffer (), + line.length ()); + int eol_display_column +- = cpp_display_width (line.get_buffer (), line_bytes, m_context->tabstop); ++ = cpp_display_width (line.get_buffer (), line_bytes, m_policy); + if (caret_display_column > eol_display_column + || !caret_display_column) + { +@@ -1479,7 +1696,7 @@ layout::print_source_line (linenum_type + /* This object helps to keep track of which display column we are at, which is + necessary for computing the line bounds in display units, for doing + tab expansion, and for implementing m_x_offset_display. */ +- cpp_display_width_computation dw (line, line_bytes, m_context->tabstop); ++ cpp_display_width_computation dw (line, line_bytes, m_policy); + + /* Skip the first m_x_offset_display display columns. In case the leading + portion that will be skipped ends with a character with wcwidth > 1, then +@@ -1527,7 +1744,8 @@ layout::print_source_line (linenum_type + tabs and replacing some control bytes with spaces as necessary. */ + const char *c = dw.next_byte (); + const int start_disp_col = dw.display_cols_processed () + 1; +- const int this_display_width = dw.process_next_codepoint (); ++ cpp_decoded_char cp; ++ const int this_display_width = dw.process_next_codepoint (&cp); + if (*c == '\t') + { + /* The returned display width is the number of spaces into which the +@@ -1536,15 +1754,6 @@ layout::print_source_line (linenum_type + pp_space (m_pp); + continue; + } +- if (*c == '\0' || *c == '\r') +- { +- /* cpp_wcwidth() promises to return 1 for all control bytes, and we +- want to output these as a single space too, so this case is +- actually the same as the '\t' case. */ +- gcc_assert (this_display_width == 1); +- pp_space (m_pp); +- continue; +- } + + /* We have a (possibly multibyte) character to output; update the line + bounds if it is not whitespace. */ +@@ -1556,7 +1765,8 @@ layout::print_source_line (linenum_type + } + + /* Output the character. */ +- while (c != dw.next_byte ()) pp_character (m_pp, *c++); ++ m_policy.m_print_cb (m_pp, cp); ++ c = dw.next_byte (); + } + print_newline (); + return lbounds; +@@ -1655,14 +1865,14 @@ layout::print_annotation_line (linenum_t + class line_label + { + public: +- line_label (diagnostic_context *context, int state_idx, int column, ++ line_label (const cpp_char_column_policy &policy, ++ int state_idx, int column, + label_text text) + : m_state_idx (state_idx), m_column (column), + m_text (text), m_label_line (0), m_has_vbar (true) + { + const int bytes = strlen (text.m_buffer); +- m_display_width +- = cpp_display_width (text.m_buffer, bytes, context->tabstop); ++ m_display_width = cpp_display_width (text.m_buffer, bytes, policy); + } + + /* Sorting is primarily by column, then by state index. */ +@@ -1722,7 +1932,7 @@ layout::print_any_labels (linenum_type r + if (text.m_buffer == NULL) + continue; + +- labels.safe_push (line_label (m_context, i, disp_col, text)); ++ labels.safe_push (line_label (m_policy, i, disp_col, text)); + } + } + +@@ -2002,7 +2212,7 @@ public: + + /* Get the range of bytes or display columns that HINT would affect. */ + static column_range +-get_affected_range (diagnostic_context *context, ++get_affected_range (const cpp_char_column_policy &policy, + const fixit_hint *hint, enum column_unit col_unit) + { + expanded_location exploc_start = expand_location (hint->get_start_loc ()); +@@ -2013,13 +2223,11 @@ get_affected_range (diagnostic_context * + int finish_column; + if (col_unit == CU_DISPLAY_COLS) + { +- start_column +- = location_compute_display_column (exploc_start, context->tabstop); ++ start_column = location_compute_display_column (exploc_start, policy); + if (hint->insertion_p ()) + finish_column = start_column - 1; + else +- finish_column +- = location_compute_display_column (exploc_finish, context->tabstop); ++ finish_column = location_compute_display_column (exploc_finish, policy); + } + else + { +@@ -2032,12 +2240,13 @@ get_affected_range (diagnostic_context * + /* Get the range of display columns that would be printed for HINT. */ + + static column_range +-get_printed_columns (diagnostic_context *context, const fixit_hint *hint) ++get_printed_columns (const cpp_char_column_policy &policy, ++ const fixit_hint *hint) + { + expanded_location exploc = expand_location (hint->get_start_loc ()); +- int start_column = location_compute_display_column (exploc, context->tabstop); ++ int start_column = location_compute_display_column (exploc, policy); + int hint_width = cpp_display_width (hint->get_string (), hint->get_length (), +- context->tabstop); ++ policy); + int final_hint_column = start_column + hint_width - 1; + if (hint->insertion_p ()) + { +@@ -2047,8 +2256,7 @@ get_printed_columns (diagnostic_context + { + exploc = expand_location (hint->get_next_loc ()); + --exploc.column; +- int finish_column +- = location_compute_display_column (exploc, context->tabstop); ++ int finish_column = location_compute_display_column (exploc, policy); + return column_range (start_column, + MAX (finish_column, final_hint_column)); + } +@@ -2066,13 +2274,13 @@ public: + column_range affected_columns, + column_range printed_columns, + const char *new_text, size_t new_text_len, +- int tabstop) ++ const cpp_char_column_policy &policy) + : m_affected_bytes (affected_bytes), + m_affected_columns (affected_columns), + m_printed_columns (printed_columns), + m_text (xstrdup (new_text)), + m_byte_length (new_text_len), +- m_tabstop (tabstop), ++ m_policy (policy), + m_alloc_sz (new_text_len + 1) + { + compute_display_cols (); +@@ -2090,7 +2298,7 @@ public: + + void compute_display_cols () + { +- m_display_cols = cpp_display_width (m_text, m_byte_length, m_tabstop); ++ m_display_cols = cpp_display_width (m_text, m_byte_length, m_policy); + } + + void overwrite (int dst_offset, const char_span &src_span) +@@ -2118,7 +2326,7 @@ public: + char *m_text; + size_t m_byte_length; /* Not including null-terminator. */ + int m_display_cols; +- int m_tabstop; ++ const cpp_char_column_policy &m_policy; + size_t m_alloc_sz; + }; + +@@ -2154,15 +2362,16 @@ correction::ensure_terminated () + class line_corrections + { + public: +- line_corrections (diagnostic_context *context, const char *filename, ++ line_corrections (const char_display_policy &policy, ++ const char *filename, + linenum_type row) +- : m_context (context), m_filename (filename), m_row (row) ++ : m_policy (policy), m_filename (filename), m_row (row) + {} + ~line_corrections (); + + void add_hint (const fixit_hint *hint); + +- diagnostic_context *m_context; ++ const char_display_policy &m_policy; + const char *m_filename; + linenum_type m_row; + auto_vec <correction *> m_corrections; +@@ -2208,10 +2417,10 @@ source_line::source_line (const char *fi + void + line_corrections::add_hint (const fixit_hint *hint) + { +- column_range affected_bytes = get_affected_range (m_context, hint, CU_BYTES); +- column_range affected_columns = get_affected_range (m_context, hint, ++ column_range affected_bytes = get_affected_range (m_policy, hint, CU_BYTES); ++ column_range affected_columns = get_affected_range (m_policy, hint, + CU_DISPLAY_COLS); +- column_range printed_columns = get_printed_columns (m_context, hint); ++ column_range printed_columns = get_printed_columns (m_policy, hint); + + /* Potentially consolidate. */ + if (!m_corrections.is_empty ()) +@@ -2280,7 +2489,7 @@ line_corrections::add_hint (const fixit_ + printed_columns, + hint->get_string (), + hint->get_length (), +- m_context->tabstop)); ++ m_policy)); + } + + /* If there are any fixit hints on source line ROW, print them. +@@ -2294,7 +2503,7 @@ layout::print_trailing_fixits (linenum_t + { + /* Build a list of correction instances for the line, + potentially consolidating hints (for the sake of readability). */ +- line_corrections corrections (m_context, m_exploc.file, row); ++ line_corrections corrections (m_policy, m_exploc.file, row); + for (unsigned int i = 0; i < m_fixit_hints.length (); i++) + { + const fixit_hint *hint = m_fixit_hints[i]; +@@ -2635,6 +2844,59 @@ namespace selftest { + + /* Selftests for diagnostic_show_locus. */ + ++/* Verify that cpp_display_width correctly handles escaping. */ ++ ++static void ++test_display_widths () ++{ ++ gcc_rich_location richloc (UNKNOWN_LOCATION); ++ ++ /* U+03C0 "GREEK SMALL LETTER PI". */ ++ const char *pi = "\xCF\x80"; ++ /* U+1F642 "SLIGHTLY SMILING FACE". */ ++ const char *emoji = "\xF0\x9F\x99\x82"; ++ /* Stray trailing byte of a UTF-8 character. */ ++ const char *stray = "\xBF"; ++ /* U+10FFFF. */ ++ const char *max_codepoint = "\xF4\x8F\xBF\xBF"; ++ ++ /* No escaping. */ ++ { ++ test_diagnostic_context dc; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 1); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 2); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 1); ++ /* Don't check width of U+10FFFF; it's in a private use plane. */ ++ } ++ ++ richloc.set_escape_on_output (true); ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 9); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4); ++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint), ++ policy), ++ strlen ("<U+10FFFF>")); ++ } ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ char_display_policy policy (make_policy (dc, richloc)); ++ ASSERT_EQ (cpp_display_width (pi, strlen (pi), policy), 8); ++ ASSERT_EQ (cpp_display_width (emoji, strlen (emoji), policy), 16); ++ ASSERT_EQ (cpp_display_width (stray, strlen (stray), policy), 4); ++ ASSERT_EQ (cpp_display_width (max_codepoint, strlen (max_codepoint), ++ policy), ++ 16); ++ } ++} ++ + /* For precise tests of the layout, make clear where the source line will + start. test_left_margin sets the total byte count from the left side of the + screen to the start of source lines, after the line number and the separator, +@@ -2704,10 +2966,10 @@ test_layout_x_offset_display_utf8 (const + char_span lspan = location_get_source_line (tmp.get_filename (), 1); + ASSERT_EQ (line_display_cols, + cpp_display_width (lspan.get_buffer (), lspan.length (), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (line_display_cols, + location_compute_display_column (expand_location (line_end), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (0, memcmp (lspan.get_buffer () + (emoji_col - 1), + "\xf0\x9f\x98\x82\xf0\x9f\x98\x82", 8)); + +@@ -2855,12 +3117,13 @@ test_layout_x_offset_display_tab (const + ASSERT_EQ ('\t', *(lspan.get_buffer () + (tab_col - 1))); + for (int tabstop = 1; tabstop != num_tabstops; ++tabstop) + { ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); + ASSERT_EQ (line_bytes + extra_width[tabstop], + cpp_display_width (lspan.get_buffer (), lspan.length (), +- tabstop)); ++ policy)); + ASSERT_EQ (line_bytes + extra_width[tabstop], + location_compute_display_column (expand_location (line_end), +- tabstop)); ++ policy)); + } + + /* Check that the tab is expanded to the expected number of spaces. */ +@@ -3992,6 +4255,43 @@ test_one_liner_labels_utf8 () + " bb\xf0\x9f\x98\x82\xf0\x9f\x98\x82\n", + pp_formatted_text (dc.printer)); + } ++ ++ /* Example of escaping the source lines. */ ++ { ++ text_range_label label0 ("label 0\xf0\x9f\x98\x82"); ++ text_range_label label1 ("label 1\xcf\x80"); ++ text_range_label label2 ("label 2\xcf\x80"); ++ gcc_rich_location richloc (foo, &label0); ++ richloc.add_range (bar, SHOW_RANGE_WITHOUT_CARET, &label1); ++ richloc.add_range (field, SHOW_RANGE_WITHOUT_CARET, &label2); ++ richloc.set_escape_on_output (true); ++ ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" <U+1F602>_foo = <U+03C0>_bar.<U+1F602>_field<U+03C0>;\n" ++ " ^~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~\n" ++ " | | |\n" ++ " | | label 2\xcf\x80\n" ++ " | label 1\xcf\x80\n" ++ " label 0\xf0\x9f\x98\x82\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ ++ (" <f0><9f><98><82>_foo = <cf><80>_bar.<f0><9f><98><82>_field<cf><80>;\n" ++ " ^~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n" ++ " | | |\n" ++ " | | label 2\xcf\x80\n" ++ " | label 1\xcf\x80\n" ++ " label 0\xf0\x9f\x98\x82\n", ++ pp_formatted_text (dc.printer)); ++ } ++ } + } + + /* Make sure that colorization codes don't interrupt a multibyte +@@ -4046,9 +4346,9 @@ test_diagnostic_show_locus_one_liner_utf + + char_span lspan = location_get_source_line (tmp.get_filename (), 1); + ASSERT_EQ (25, cpp_display_width (lspan.get_buffer (), lspan.length (), +- def_tabstop)); ++ def_policy ())); + ASSERT_EQ (25, location_compute_display_column (expand_location (line_end), +- def_tabstop)); ++ def_policy ())); + + test_one_liner_simple_caret_utf8 (); + test_one_liner_caret_and_range_utf8 (); +@@ -4434,30 +4734,31 @@ test_overlapped_fixit_printing (const li + pp_formatted_text (dc.printer)); + + /* Unit-test the line_corrections machinery. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_BYTES)); ++ get_affected_range (policy, hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_BYTES)); ++ get_affected_range (policy, hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); + ASSERT_EQ (column_range (29, 28), +- get_affected_range (&dc, hint_2, CU_BYTES)); ++ get_affected_range (policy, hint_2, CU_BYTES)); + ASSERT_EQ (column_range (29, 28), +- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (29, 29), get_printed_columns (&dc, hint_2)); ++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (29, 29), get_printed_columns (policy, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (&dc, tmp.get_filename (), 1); ++ line_corrections lc (policy, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4649,30 +4950,31 @@ test_overlapped_fixit_printing_utf8 (con + pp_formatted_text (dc.printer)); + + /* Unit-test the line_corrections machinery. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (3, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (14, 14), +- get_affected_range (&dc, hint_0, CU_BYTES)); ++ get_affected_range (policy, hint_0, CU_BYTES)); + ASSERT_EQ (column_range (12, 12), +- get_affected_range (&dc, hint_0, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (12, 22), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (12, 22), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (22, 22), +- get_affected_range (&dc, hint_1, CU_BYTES)); ++ get_affected_range (policy, hint_1, CU_BYTES)); + ASSERT_EQ (column_range (18, 18), +- get_affected_range (&dc, hint_1, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (18, 20), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (18, 20), get_printed_columns (policy, hint_1)); + const fixit_hint *hint_2 = richloc.get_fixit_hint (2); + ASSERT_EQ (column_range (35, 34), +- get_affected_range (&dc, hint_2, CU_BYTES)); ++ get_affected_range (policy, hint_2, CU_BYTES)); + ASSERT_EQ (column_range (30, 29), +- get_affected_range (&dc, hint_2, CU_DISPLAY_COLS)); +- ASSERT_EQ (column_range (30, 30), get_printed_columns (&dc, hint_2)); ++ get_affected_range (policy, hint_2, CU_DISPLAY_COLS)); ++ ASSERT_EQ (column_range (30, 30), get_printed_columns (policy, hint_2)); + + /* Add each hint in turn to a line_corrections instance, + and verify that they are consolidated into one correction instance + as expected. */ +- line_corrections lc (&dc, tmp.get_filename (), 1); ++ line_corrections lc (policy, tmp.get_filename (), 1); + + /* The first replace hint by itself. */ + lc.add_hint (hint_0); +@@ -4866,15 +5168,16 @@ test_overlapped_fixit_printing_2 (const + richloc.add_fixit_insert_before (col_21, "}"); + + /* These fixits should be accepted; they can't be consolidated. */ ++ char_display_policy policy (make_policy (dc, richloc)); + ASSERT_EQ (2, richloc.get_num_fixit_hints ()); + const fixit_hint *hint_0 = richloc.get_fixit_hint (0); + ASSERT_EQ (column_range (23, 22), +- get_affected_range (&dc, hint_0, CU_BYTES)); +- ASSERT_EQ (column_range (23, 23), get_printed_columns (&dc, hint_0)); ++ get_affected_range (policy, hint_0, CU_BYTES)); ++ ASSERT_EQ (column_range (23, 23), get_printed_columns (policy, hint_0)); + const fixit_hint *hint_1 = richloc.get_fixit_hint (1); + ASSERT_EQ (column_range (21, 20), +- get_affected_range (&dc, hint_1, CU_BYTES)); +- ASSERT_EQ (column_range (21, 21), get_printed_columns (&dc, hint_1)); ++ get_affected_range (policy, hint_1, CU_BYTES)); ++ ASSERT_EQ (column_range (21, 21), get_printed_columns (policy, hint_1)); + + /* Verify that they're printed correctly. */ + diagnostic_show_locus (&dc, &richloc, DK_ERROR); +@@ -5141,10 +5444,11 @@ test_tab_expansion (const line_table_cas + ....................123 45678901234 56789012345 columns */ + + const int tabstop = 8; ++ cpp_char_column_policy policy (tabstop, cpp_wcwidth); + const int first_non_ws_byte_col = 7; + const int right_quote_byte_col = 15; + const int last_byte_col = 25; +- ASSERT_EQ (35, cpp_display_width (content, last_byte_col, tabstop)); ++ ASSERT_EQ (35, cpp_display_width (content, last_byte_col, policy)); + + temp_source_file tmp (SELFTEST_LOCATION, ".c", content); + line_table_test ltt (case_); +@@ -5187,6 +5491,114 @@ test_tab_expansion (const line_table_cas + } + } + ++/* Verify that the escaping machinery can cope with a variety of different ++ invalid bytes. */ ++ ++static void ++test_escaping_bytes_1 (const line_table_case &case_) ++{ ++ const char content[] = "before\0\1\2\3\r\x80\xff""after\n"; ++ const size_t sz = sizeof (content); ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz); ++ line_table_test ltt (case_); ++ const line_map_ordinary *ord_map = linemap_check_ordinary ++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0)); ++ linemap_line_start (line_table, 1, 100); ++ ++ location_t finish ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, ++ strlen (content)); ++ ++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Locations of the NUL and \r bytes. */ ++ location_t nul_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 7); ++ location_t r_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 11); ++ gcc_rich_location richloc (nul_loc); ++ richloc.add_range (r_loc); ++ ++ { ++ test_diagnostic_context dc; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" before \1\2\3 \x80\xff""after\n" ++ " ^ ~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ richloc.set_escape_on_output (true); ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ ++ (" before<U+0000><U+0001><U+0002><U+0003><U+000D><80><ff>after\n" ++ " ^~~~~~~~ ~~~~~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" before<00><01><02><03><0d><80><ff>after\n" ++ " ^~~~ ~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++} ++ ++/* As above, but verify that we handle the initial byte of a line ++ correctly. */ ++ ++static void ++test_escaping_bytes_2 (const line_table_case &case_) ++{ ++ const char content[] = "\0after\n"; ++ const size_t sz = sizeof (content); ++ temp_source_file tmp (SELFTEST_LOCATION, ".c", content, sz); ++ line_table_test ltt (case_); ++ const line_map_ordinary *ord_map = linemap_check_ordinary ++ (linemap_add (line_table, LC_ENTER, false, tmp.get_filename (), 0)); ++ linemap_line_start (line_table, 1, 100); ++ ++ location_t finish ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, ++ strlen (content)); ++ ++ if (finish > LINE_MAP_MAX_LOCATION_WITH_COLS) ++ return; ++ ++ /* Location of the NUL byte. */ ++ location_t nul_loc ++ = linemap_position_for_line_and_column (line_table, ord_map, 1, 1); ++ gcc_rich_location richloc (nul_loc); ++ ++ { ++ test_diagnostic_context dc; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" after\n" ++ " ^\n", ++ pp_formatted_text (dc.printer)); ++ } ++ richloc.set_escape_on_output (true); ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_UNICODE; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" <U+0000>after\n" ++ " ^~~~~~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++ { ++ test_diagnostic_context dc; ++ dc.escape_format = DIAGNOSTICS_ESCAPE_FORMAT_BYTES; ++ diagnostic_show_locus (&dc, &richloc, DK_ERROR); ++ ASSERT_STREQ (" <00>after\n" ++ " ^~~~\n", ++ pp_formatted_text (dc.printer)); ++ } ++} ++ + /* Verify that line numbers are correctly printed for the case of + a multiline range in which the width of the line numbers changes + (e.g. from "9" to "10"). */ +@@ -5243,6 +5655,8 @@ diagnostic_show_locus_c_tests () + test_layout_range_for_single_line (); + test_layout_range_for_multiple_lines (); + ++ test_display_widths (); ++ + for_each_line_table_case (test_layout_x_offset_display_utf8); + for_each_line_table_case (test_layout_x_offset_display_tab); + +@@ -5263,6 +5677,8 @@ diagnostic_show_locus_c_tests () + for_each_line_table_case (test_fixit_replace_containing_newline); + for_each_line_table_case (test_fixit_deletion_affecting_newline); + for_each_line_table_case (test_tab_expansion); ++ for_each_line_table_case (test_escaping_bytes_1); ++ for_each_line_table_case (test_escaping_bytes_2); + + test_line_numbers_multiline_range (); + } +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/doc/invoke.texi 2021-12-25 01:30:50.681688823 -0800 +@@ -295,7 +295,8 @@ Objective-C and Objective-C++ Dialects}. + -fdiagnostics-show-path-depths @gol + -fno-show-column @gol + -fdiagnostics-column-unit=@r{[}display@r{|}byte@r{]} @gol +--fdiagnostics-column-origin=@var{origin}} ++-fdiagnostics-column-origin=@var{origin} @gol ++-fdiagnostics-escape-format=@r{[}unicode@r{|}bytes@r{]}} + + @item Warning Options + @xref{Warning Options,,Options to Request or Suppress Warnings}. +@@ -4451,6 +4452,38 @@ first column. The default value of 1 co + behavior and to the GNU style guide. Some utilities may perform better with an + origin of 0; any non-negative value may be specified. + ++@item -fdiagnostics-escape-format=@var{FORMAT} ++@opindex fdiagnostics-escape-format ++When GCC prints pertinent source lines for a diagnostic it normally attempts ++to print the source bytes directly. However, some diagnostics relate to encoding ++issues in the source file, such as malformed UTF-8, or issues with Unicode ++normalization. These diagnostics are flagged so that GCC will escape bytes ++that are not printable ASCII when printing their pertinent source lines. ++ ++This option controls how such bytes should be escaped. ++ ++The default @var{FORMAT}, @samp{unicode} displays Unicode characters that ++are not printable ASCII in the form @samp{<U+XXXX>}, and bytes that do not ++correspond to a Unicode character validly-encoded in UTF-8-encoded will be ++displayed as hexadecimal in the form @samp{<XX>}. ++ ++For example, a source line containing the string @samp{before} followed by the ++Unicode character U+03C0 (``GREEK SMALL LETTER PI'', with UTF-8 encoding ++0xCF 0x80) followed by the byte 0xBF (a stray UTF-8 trailing byte), followed by ++the string @samp{after} will be printed for such a diagnostic as: ++ ++@smallexample ++ before<U+03C0><BF>after ++@end smallexample ++ ++Setting @var{FORMAT} to @samp{bytes} will display all non-printable-ASCII bytes ++in the form @samp{<XX>}, thus showing the underlying encoding of non-ASCII ++Unicode characters. For the example above, the following will be printed: ++ ++@smallexample ++ before<CF><80><BF>after ++@end smallexample ++ + @item -fdiagnostics-format=@var{FORMAT} + @opindex fdiagnostics-format + Select a different format for printing diagnostics. +@@ -4518,9 +4551,11 @@ might be printed in JSON form (after for + @} + @} + ], ++ "escape-source": false, + "message": "...this statement, but the latter is @dots{}" + @} + ] ++ "escape-source": false, + "column-origin": 1, + @}, + @dots{} +@@ -4607,6 +4642,7 @@ of the expression, which have labels. I + "label": "T @{aka struct t@}" + @} + ], ++ "escape-source": false, + "message": "invalid operands to binary + @dots{}" + @} + @end smallexample +@@ -4660,6 +4696,7 @@ might be printed in JSON form as: + @} + @} + ], ++ "escape-source": false, + "message": "\u2018struct s\u2019 has no member named @dots{}" + @} + @end smallexample +@@ -4717,6 +4754,10 @@ For example, the intraprocedural example + ] + @end smallexample + ++Diagnostics have a boolean attribute @code{escape-source}, hinting whether ++non-ASCII bytes should be escaped when printing the pertinent lines of ++source code (@code{true} for diagnostics involving source encoding issues). ++ + @end table + + @node Warning Options +diff --git a/gcc/input.c b/gcc/input.c +--- a/gcc/input.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/input.c 2021-12-25 01:30:50.681688823 -0800 +@@ -913,7 +913,8 @@ make_location (location_t caret, source_ + source line in order to calculate the display width. If that cannot be done + for any reason, then returns the byte column as a fallback. */ + int +-location_compute_display_column (expanded_location exploc, int tabstop) ++location_compute_display_column (expanded_location exploc, ++ const cpp_char_column_policy &policy) + { + if (!(exploc.file && *exploc.file && exploc.line && exploc.column)) + return exploc.column; +@@ -921,7 +922,7 @@ location_compute_display_column (expande + /* If line is NULL, this function returns exploc.column which is the + desired fallback. */ + return cpp_byte_column_to_display_column (line.get_buffer (), line.length (), +- exploc.column, tabstop); ++ exploc.column, policy); + } + + /* Dump statistics to stderr about the memory usage of the line_table +@@ -3609,43 +3610,50 @@ test_line_offset_overflow () + void test_cpp_utf8 () + { + const int def_tabstop = 8; ++ cpp_char_column_policy policy (def_tabstop, cpp_wcwidth); ++ + /* Verify that wcwidth of invalid UTF-8 or control bytes is 1. */ + { +- int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, def_tabstop); ++ int w_bad = cpp_display_width ("\xf0!\x9f!\x98!\x82!", 8, policy); + ASSERT_EQ (8, w_bad); +- int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, def_tabstop); ++ int w_ctrl = cpp_display_width ("\r\n\v\0\1", 5, policy); + ASSERT_EQ (5, w_ctrl); + } + + /* Verify that wcwidth of valid UTF-8 is as expected. */ + { +- const int w_pi = cpp_display_width ("\xcf\x80", 2, def_tabstop); ++ const int w_pi = cpp_display_width ("\xcf\x80", 2, policy); + ASSERT_EQ (1, w_pi); +- const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, def_tabstop); ++ const int w_emoji = cpp_display_width ("\xf0\x9f\x98\x82", 4, policy); + ASSERT_EQ (2, w_emoji); + const int w_umlaut_precomposed = cpp_display_width ("\xc3\xbf", 2, +- def_tabstop); ++ policy); + ASSERT_EQ (1, w_umlaut_precomposed); + const int w_umlaut_combining = cpp_display_width ("y\xcc\x88", 3, +- def_tabstop); ++ policy); + ASSERT_EQ (1, w_umlaut_combining); +- const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, def_tabstop); ++ const int w_han = cpp_display_width ("\xe4\xb8\xba", 3, policy); + ASSERT_EQ (2, w_han); +- const int w_ascii = cpp_display_width ("GCC", 3, def_tabstop); ++ const int w_ascii = cpp_display_width ("GCC", 3, policy); + ASSERT_EQ (3, w_ascii); + const int w_mixed = cpp_display_width ("\xcf\x80 = 3.14 \xf0\x9f\x98\x82" + "\x9f! \xe4\xb8\xba y\xcc\x88", +- 24, def_tabstop); ++ 24, policy); + ASSERT_EQ (18, w_mixed); + } + + /* Verify that display width properly expands tabs. */ + { + const char *tstr = "\tabc\td"; +- ASSERT_EQ (6, cpp_display_width (tstr, 6, 1)); +- ASSERT_EQ (10, cpp_display_width (tstr, 6, 3)); +- ASSERT_EQ (17, cpp_display_width (tstr, 6, 8)); +- ASSERT_EQ (1, cpp_display_column_to_byte_column (tstr, 6, 7, 8)); ++ ASSERT_EQ (6, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (1, cpp_wcwidth))); ++ ASSERT_EQ (10, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (3, cpp_wcwidth))); ++ ASSERT_EQ (17, cpp_display_width (tstr, 6, ++ cpp_char_column_policy (8, cpp_wcwidth))); ++ ASSERT_EQ (1, ++ cpp_display_column_to_byte_column ++ (tstr, 6, 7, cpp_char_column_policy (8, cpp_wcwidth))); + } + + /* Verify that cpp_byte_column_to_display_column can go past the end, +@@ -3658,13 +3666,13 @@ void test_cpp_utf8 () + /* 111122223456 + Byte columns. */ + +- ASSERT_EQ (5, cpp_display_width (str, 6, def_tabstop)); ++ ASSERT_EQ (5, cpp_display_width (str, 6, policy)); + ASSERT_EQ (105, +- cpp_byte_column_to_display_column (str, 6, 106, def_tabstop)); ++ cpp_byte_column_to_display_column (str, 6, 106, policy)); + ASSERT_EQ (10000, +- cpp_byte_column_to_display_column (NULL, 0, 10000, def_tabstop)); ++ cpp_byte_column_to_display_column (NULL, 0, 10000, policy)); + ASSERT_EQ (0, +- cpp_byte_column_to_display_column (NULL, 10000, 0, def_tabstop)); ++ cpp_byte_column_to_display_column (NULL, 10000, 0, policy)); + } + + /* Verify that cpp_display_column_to_byte_column can go past the end, +@@ -3678,25 +3686,25 @@ void test_cpp_utf8 () + /* 000000000000000000000000000000000111111 + 111122223333444456666777788889999012345 + Byte columns. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, def_tabstop)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 2, policy)); + ASSERT_EQ (15, +- cpp_display_column_to_byte_column (str, 15, 11, def_tabstop)); ++ cpp_display_column_to_byte_column (str, 15, 11, policy)); + ASSERT_EQ (115, +- cpp_display_column_to_byte_column (str, 15, 111, def_tabstop)); ++ cpp_display_column_to_byte_column (str, 15, 111, policy)); + ASSERT_EQ (10000, +- cpp_display_column_to_byte_column (NULL, 0, 10000, def_tabstop)); ++ cpp_display_column_to_byte_column (NULL, 0, 10000, policy)); + ASSERT_EQ (0, +- cpp_display_column_to_byte_column (NULL, 10000, 0, def_tabstop)); ++ cpp_display_column_to_byte_column (NULL, 10000, 0, policy)); + + /* Verify that we do not interrupt a UTF-8 sequence. */ +- ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, def_tabstop)); ++ ASSERT_EQ (4, cpp_display_column_to_byte_column (str, 15, 1, policy)); + + for (int byte_col = 1; byte_col <= 15; ++byte_col) + { + const int disp_col +- = cpp_byte_column_to_display_column (str, 15, byte_col, def_tabstop); ++ = cpp_byte_column_to_display_column (str, 15, byte_col, policy); + const int byte_col2 +- = cpp_display_column_to_byte_column (str, 15, disp_col, def_tabstop); ++ = cpp_display_column_to_byte_column (str, 15, disp_col, policy); + + /* If we ask for the display column in the middle of a UTF-8 + sequence, it will return the length of the partial sequence, +diff --git a/gcc/input.h b/gcc/input.h +--- a/gcc/input.h 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/input.h 2021-12-25 01:30:50.681688823 -0800 +@@ -39,8 +39,11 @@ STATIC_ASSERT (BUILTINS_LOCATION < RESER + extern bool is_location_from_builtin_token (location_t); + extern expanded_location expand_location (location_t); + +-extern int location_compute_display_column (expanded_location exploc, +- int tabstop); ++class cpp_char_column_policy; ++ ++extern int ++location_compute_display_column (expanded_location exploc, ++ const cpp_char_column_policy &policy); + + /* A class capturing the bounds of a buffer, to allow for run-time + bounds-checking in a checked build. */ +diff --git a/gcc/opts.c b/gcc/opts.c +--- a/gcc/opts.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/opts.c 2021-12-25 01:30:50.681688823 -0800 +@@ -2447,6 +2447,10 @@ common_handle_option (struct gcc_options + dc->column_origin = value; + break; + ++ case OPT_fdiagnostics_escape_format_: ++ dc->escape_format = (enum diagnostics_escape_format)value; ++ break; ++ + case OPT_fdiagnostics_show_cwe: + dc->show_cwe = value; + break; +diff --git a/gcc/selftest.c b/gcc/selftest.c +--- a/gcc/selftest.c 2020-07-22 23:35:17.820389797 -0700 ++++ b/gcc/selftest.c 2021-12-25 01:30:50.681688823 -0800 +@@ -193,6 +193,21 @@ temp_source_file::temp_source_file (cons + fclose (out); + } + ++/* As above, but with a size, to allow for NUL bytes in CONTENT. */ ++ ++temp_source_file::temp_source_file (const location &loc, ++ const char *suffix, ++ const char *content, ++ size_t sz) ++: named_temp_file (suffix) ++{ ++ FILE *out = fopen (get_filename (), "w"); ++ if (!out) ++ fail_formatted (loc, "unable to open tempfile: %s", get_filename ()); ++ fwrite (content, sz, 1, out); ++ fclose (out); ++} ++ + /* Avoid introducing locale-specific differences in the results + by hardcoding open_quote and close_quote. */ + +diff --git a/gcc/selftest.h b/gcc/selftest.h +--- a/gcc/selftest.h 2020-07-22 23:35:17.820389797 -0700 ++++ b/gcc/selftest.h 2021-12-25 01:30:50.681688823 -0800 +@@ -112,6 +112,8 @@ class temp_source_file : public named_te + public: + temp_source_file (const location &loc, const char *suffix, + const char *content); ++ temp_source_file (const location &loc, const char *suffix, ++ const char *content, size_t sz); + }; + + /* RAII-style class for avoiding introducing locale-specific differences +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-1.c 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#error message\"" } */ + + /* { dg-regexp "\"caret\": \{" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-2.c 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"warning\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Wcpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-3.c 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \"#warning message\"" } */ + /* { dg-regexp "\"option\": \"-Werror=cpp\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wcpp\"" } */ +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-4.c 2021-12-25 01:30:50.681688823 -0800 +@@ -19,6 +19,7 @@ int test (void) + + /* { dg-regexp "\"kind\": \"note\"" } */ + /* { dg-regexp "\"message\": \"...this statement, but the latter is misleadingly indented as if it were guarded by the 'if'\"" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + + /* { dg-regexp "\"caret\": \{" } */ + /* { dg-regexp "\"file\": \"\[^\n\r\"\]*diagnostic-format-json-4.c\"" } */ +@@ -39,6 +40,7 @@ int test (void) + /* { dg-regexp "\"kind\": \"warning\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ + /* { dg-regexp "\"message\": \"this 'if' clause does not guard...\"" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"option\": \"-Wmisleading-indentation\"" } */ + /* { dg-regexp "\"option_url\": \"https:\[^\n\r\"\]*#index-Wmisleading-indentation\"" } */ + +diff --git a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c +--- a/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:29:12.927317174 -0800 ++++ b/gcc/testsuite/c-c++-common/diagnostic-format-json-5.c 2021-12-25 01:30:50.681688823 -0800 +@@ -14,6 +14,7 @@ int test (struct s *ptr) + + /* { dg-regexp "\"kind\": \"error\"" } */ + /* { dg-regexp "\"column-origin\": 1" } */ ++/* { dg-regexp "\"escape-source\": false" } */ + /* { dg-regexp "\"message\": \".*\"" } */ + + /* Verify fix-it hints. */ +diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c +--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-bytes.c 2021-12-25 01:30:50.681688823 -0800 +@@ -0,0 +1,21 @@ ++// { dg-do preprocess } ++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=bytes" } ++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */ ++ ++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e. ++ U+0F42 TIBETAN LETTER GA: འ++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ ++ ++ The UTF-8 encoding of U+0F43 TIBETAN LETTER GHA is: E0 BD 83. */ ++ ++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_\u0F43_after bar ++ ^~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ ++ ++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_<e0><bd><83>_after bar ++ ^~~~~~~~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c +--- a/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.dg/cpp/warn-normalized-4-unicode.c 2021-12-25 01:30:50.681688823 -0800 +@@ -0,0 +1,19 @@ ++// { dg-do preprocess } ++// { dg-options "-std=gnu99 -Werror=normalized=nfc -fdiagnostics-show-caret -fdiagnostics-escape-format=unicode" } ++/* { dg-message "some warnings being treated as errors" "" {target "*-*-*"} 0 } */ ++ ++/* འ= U+0F43 TIBETAN LETTER GHA, which has decomposition "0F42 0FB7" i.e. ++ U+0F42 TIBETAN LETTER GA: འ++ U+0FB7 TIBETAN SUBJOINED LETTER HA: ྷ */ ++ ++foo before_\u0F43_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_\u0F43_after bar ++ ^~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ ++ ++foo before_à½_after bar // { dg-error "`before_.U00000f43_after' is not in NFC .-Werror=normalized=." } ++/* { dg-begin-multiline-output "" } ++ foo before_<U+0F43>_after bar ++ ^~~~~~~~~~~~~~~~~~~~~ ++ { dg-end-multiline-output "" } */ +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:29:12.931317107 -0800 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-1.F90 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"error\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#error message\"" } + + ! { dg-regexp "\"caret\": \{" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:29:12.931317107 -0800 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-2.F90 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"warning\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Wcpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +diff --git a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 +--- a/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:29:12.931317107 -0800 ++++ b/gcc/testsuite/gfortran.dg/diagnostic-format-json-3.F90 2021-12-25 01:30:50.681688823 -0800 +@@ -9,6 +9,7 @@ + + ! { dg-regexp "\"kind\": \"error\"" } + ! { dg-regexp "\"column-origin\": 1" } ++! { dg-regexp "\"escape-source\": false" } + ! { dg-regexp "\"message\": \"#warning message\"" } + ! { dg-regexp "\"option\": \"-Werror=cpp\"" } + ! { dg-regexp "\"option_url\": \"\[^\n\r\"\]*#index-Wcpp\"" } +diff --git a/libcpp/charset.c b/libcpp/charset.c +--- a/libcpp/charset.c 2021-12-25 01:29:12.931317107 -0800 ++++ b/libcpp/charset.c 2021-12-25 01:30:50.681688823 -0800 +@@ -1549,12 +1549,14 @@ convert_escape (cpp_reader *pfile, const + "unknown escape sequence: '\\%c'", (int) c); + else + { ++ encoding_rich_location rich_loc (pfile); ++ + /* diagnostic.c does not support "%03o". When it does, this + code can use %03o directly in the diagnostic again. */ + char buf[32]; + sprintf(buf, "%03o", (int) c); +- cpp_error (pfile, CPP_DL_PEDWARN, +- "unknown escape sequence: '\\%s'", buf); ++ cpp_error_at (pfile, CPP_DL_PEDWARN, &rich_loc, ++ "unknown escape sequence: '\\%s'", buf); + } + } + +@@ -2277,14 +2279,16 @@ cpp_string_location_reader::get_next () + } + + cpp_display_width_computation:: +-cpp_display_width_computation (const char *data, int data_length, int tabstop) : ++cpp_display_width_computation (const char *data, int data_length, ++ const cpp_char_column_policy &policy) : + m_begin (data), + m_next (m_begin), + m_bytes_left (data_length), +- m_tabstop (tabstop), ++ m_policy (policy), + m_display_cols (0) + { +- gcc_assert (m_tabstop > 0); ++ gcc_assert (policy.m_tabstop > 0); ++ gcc_assert (policy.m_width_cb); + } + + +@@ -2296,19 +2300,28 @@ cpp_display_width_computation (const cha + point to a valid UTF-8-encoded sequence, then it will be treated as a single + byte with display width 1. m_cur_display_col is the current display column, + relative to which tab stops should be expanded. Returns the display width of +- the codepoint just processed. */ ++ the codepoint just processed. ++ If OUT is non-NULL, it is populated. */ + + int +-cpp_display_width_computation::process_next_codepoint () ++cpp_display_width_computation::process_next_codepoint (cpp_decoded_char *out) + { + cppchar_t c; + int next_width; + ++ if (out) ++ out->m_start_byte = m_next; ++ + if (*m_next == '\t') + { + ++m_next; + --m_bytes_left; +- next_width = m_tabstop - (m_display_cols % m_tabstop); ++ next_width = m_policy.m_tabstop - (m_display_cols % m_policy.m_tabstop); ++ if (out) ++ { ++ out->m_ch = '\t'; ++ out->m_valid_ch = true; ++ } + } + else if (one_utf8_to_cppchar ((const uchar **) &m_next, &m_bytes_left, &c) + != 0) +@@ -2318,14 +2331,24 @@ cpp_display_width_computation::process_n + of one. */ + ++m_next; + --m_bytes_left; +- next_width = 1; ++ next_width = m_policy.m_undecoded_byte_width; ++ if (out) ++ out->m_valid_ch = false; + } + else + { + /* one_utf8_to_cppchar() has updated m_next and m_bytes_left for us. */ +- next_width = cpp_wcwidth (c); ++ next_width = m_policy.m_width_cb (c); ++ if (out) ++ { ++ out->m_ch = c; ++ out->m_valid_ch = true; ++ } + } + ++ if (out) ++ out->m_next_byte = m_next; ++ + m_display_cols += next_width; + return next_width; + } +@@ -2341,7 +2364,7 @@ cpp_display_width_computation::advance_d + const int start = m_display_cols; + const int target = start + n; + while (m_display_cols < target && !done ()) +- process_next_codepoint (); ++ process_next_codepoint (NULL); + return m_display_cols - start; + } + +@@ -2349,29 +2372,33 @@ cpp_display_width_computation::advance_d + how many display columns are occupied by the first COLUMN bytes. COLUMN + may exceed DATA_LENGTH, in which case the phantom bytes at the end are + treated as if they have display width 1. Tabs are expanded to the next tab +- stop, relative to the start of DATA. */ ++ stop, relative to the start of DATA, and non-printable-ASCII characters ++ will be escaped as per POLICY. */ + + int + cpp_byte_column_to_display_column (const char *data, int data_length, +- int column, int tabstop) ++ int column, ++ const cpp_char_column_policy &policy) + { + const int offset = MAX (0, column - data_length); +- cpp_display_width_computation dw (data, column - offset, tabstop); ++ cpp_display_width_computation dw (data, column - offset, policy); + while (!dw.done ()) +- dw.process_next_codepoint (); ++ dw.process_next_codepoint (NULL); + return dw.display_cols_processed () + offset; + } + + /* For the string of length DATA_LENGTH bytes that begins at DATA, compute + the least number of bytes that will result in at least DISPLAY_COL display + columns. The return value may exceed DATA_LENGTH if the entire string does +- not occupy enough display columns. */ ++ not occupy enough display columns. Non-printable-ASCII characters ++ will be escaped as per POLICY. */ + + int + cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col, int tabstop) ++ int display_col, ++ const cpp_char_column_policy &policy) + { +- cpp_display_width_computation dw (data, data_length, tabstop); ++ cpp_display_width_computation dw (data, data_length, policy); + const int avail_display = dw.advance_display_cols (display_col); + return dw.bytes_processed () + MAX (0, display_col - avail_display); + } +diff --git a/libcpp/errors.c b/libcpp/errors.c +--- a/libcpp/errors.c 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/errors.c 2021-12-25 01:30:50.681688823 -0800 +@@ -27,6 +27,31 @@ along with this program; see the file CO + #include "cpplib.h" + #include "internal.h" + ++/* Get a location_t for the current location in PFILE, ++ generally that of the previously lexed token. */ ++ ++location_t ++cpp_diagnostic_get_current_location (cpp_reader *pfile) ++{ ++ if (CPP_OPTION (pfile, traditional)) ++ { ++ if (pfile->state.in_directive) ++ return pfile->directive_line; ++ else ++ return pfile->line_table->highest_line; ++ } ++ /* We don't want to refer to a token before the beginning of the ++ current run -- that is invalid. */ ++ else if (pfile->cur_token == pfile->cur_run->base) ++ { ++ return 0; ++ } ++ else ++ { ++ return pfile->cur_token[-1].src_loc; ++ } ++} ++ + /* Print a diagnostic at the given location. */ + + ATTRIBUTE_FPTR_PRINTF(5,0) +@@ -52,25 +77,7 @@ cpp_diagnostic (cpp_reader * pfile, enum + enum cpp_warning_reason reason, + const char *msgid, va_list *ap) + { +- location_t src_loc; +- +- if (CPP_OPTION (pfile, traditional)) +- { +- if (pfile->state.in_directive) +- src_loc = pfile->directive_line; +- else +- src_loc = pfile->line_table->highest_line; +- } +- /* We don't want to refer to a token before the beginning of the +- current run -- that is invalid. */ +- else if (pfile->cur_token == pfile->cur_run->base) +- { +- src_loc = 0; +- } +- else +- { +- src_loc = pfile->cur_token[-1].src_loc; +- } ++ location_t src_loc = cpp_diagnostic_get_current_location (pfile); + rich_location richloc (pfile->line_table, src_loc); + return cpp_diagnostic_at (pfile, level, reason, &richloc, msgid, ap); + } +@@ -142,6 +149,43 @@ cpp_warning_syshdr (cpp_reader * pfile, + + va_end (ap); + return ret; ++} ++ ++/* As cpp_warning above, but use RICHLOC as the location of the diagnostic. */ ++ ++bool cpp_warning_at (cpp_reader *pfile, enum cpp_warning_reason reason, ++ rich_location *richloc, const char *msgid, ...) ++{ ++ va_list ap; ++ bool ret; ++ ++ va_start (ap, msgid); ++ ++ ret = cpp_diagnostic_at (pfile, CPP_DL_WARNING, reason, richloc, ++ msgid, &ap); ++ ++ va_end (ap); ++ return ret; ++ ++} ++ ++/* As cpp_pedwarning above, but use RICHLOC as the location of the ++ diagnostic. */ ++ ++bool ++cpp_pedwarning_at (cpp_reader * pfile, enum cpp_warning_reason reason, ++ rich_location *richloc, const char *msgid, ...) ++{ ++ va_list ap; ++ bool ret; ++ ++ va_start (ap, msgid); ++ ++ ret = cpp_diagnostic_at (pfile, CPP_DL_PEDWARN, reason, richloc, ++ msgid, &ap); ++ ++ va_end (ap); ++ return ret; + } + + /* Print a diagnostic at a specific location. */ +diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h +--- a/libcpp/include/cpplib.h 2021-12-25 01:29:12.931317107 -0800 ++++ b/libcpp/include/cpplib.h 2021-12-25 01:30:50.685688757 -0800 +@@ -1176,6 +1176,14 @@ extern bool cpp_warning_syshdr (cpp_read + const char *msgid, ...) + ATTRIBUTE_PRINTF_3; + ++/* As their counterparts above, but use RICHLOC. */ ++extern bool cpp_warning_at (cpp_reader *, enum cpp_warning_reason, ++ rich_location *richloc, const char *msgid, ...) ++ ATTRIBUTE_PRINTF_4; ++extern bool cpp_pedwarning_at (cpp_reader *, enum cpp_warning_reason, ++ rich_location *richloc, const char *msgid, ...) ++ ATTRIBUTE_PRINTF_4; ++ + /* Output a diagnostic with "MSGID: " preceding the + error string of errno. No location is printed. */ + extern bool cpp_errno (cpp_reader *, enum cpp_diagnostic_level, +@@ -1320,42 +1328,95 @@ extern const char * cpp_get_userdef_suff + + /* In charset.c */ + ++/* The result of attempting to decode a run of UTF-8 bytes. */ ++ ++struct cpp_decoded_char ++{ ++ const char *m_start_byte; ++ const char *m_next_byte; ++ ++ bool m_valid_ch; ++ cppchar_t m_ch; ++}; ++ ++/* Information for mapping between code points and display columns. ++ ++ This is a tabstop value, along with a callback for getting the ++ widths of characters. Normally this callback is cpp_wcwidth, but we ++ support other schemes for escaping non-ASCII unicode as a series of ++ ASCII chars when printing the user's source code in diagnostic-show-locus.c ++ ++ For example, consider: ++ - the Unicode character U+03C0 "GREEK SMALL LETTER PI" (UTF-8: 0xCF 0x80) ++ - the Unicode character U+1F642 "SLIGHTLY SMILING FACE" ++ (UTF-8: 0xF0 0x9F 0x99 0x82) ++ - the byte 0xBF (a stray trailing byte of a UTF-8 character) ++ Normally U+03C0 would occupy one display column, U+1F642 ++ would occupy two display columns, and the stray byte would be ++ printed verbatim as one display column. ++ ++ However when escaping them as unicode code points as "<U+03C0>" ++ and "<U+1F642>" they occupy 8 and 9 display columns respectively, ++ and when escaping them as bytes as "<CF><80>" and "<F0><9F><99><82>" ++ they occupy 8 and 16 display columns respectively. In both cases ++ the stray byte is escaped to <BF> as 4 display columns. */ ++ ++struct cpp_char_column_policy ++{ ++ cpp_char_column_policy (int tabstop, ++ int (*width_cb) (cppchar_t c)) ++ : m_tabstop (tabstop), ++ m_undecoded_byte_width (1), ++ m_width_cb (width_cb) ++ {} ++ ++ int m_tabstop; ++ /* Width in display columns of a stray byte that isn't decodable ++ as UTF-8. */ ++ int m_undecoded_byte_width; ++ int (*m_width_cb) (cppchar_t c); ++}; ++ + /* A class to manage the state while converting a UTF-8 sequence to cppchar_t + and computing the display width one character at a time. */ + class cpp_display_width_computation { + public: + cpp_display_width_computation (const char *data, int data_length, +- int tabstop); ++ const cpp_char_column_policy &policy); + const char *next_byte () const { return m_next; } + int bytes_processed () const { return m_next - m_begin; } + int bytes_left () const { return m_bytes_left; } + bool done () const { return !bytes_left (); } + int display_cols_processed () const { return m_display_cols; } + +- int process_next_codepoint (); ++ int process_next_codepoint (cpp_decoded_char *out); + int advance_display_cols (int n); + + private: + const char *const m_begin; + const char *m_next; + size_t m_bytes_left; +- const int m_tabstop; ++ const cpp_char_column_policy &m_policy; + int m_display_cols; + }; + + /* Convenience functions that are simple use cases for class + cpp_display_width_computation. Tab characters will be expanded to spaces +- as determined by TABSTOP. */ ++ as determined by POLICY.m_tabstop, and non-printable-ASCII characters ++ will be escaped as per POLICY. */ ++ + int cpp_byte_column_to_display_column (const char *data, int data_length, +- int column, int tabstop); ++ int column, ++ const cpp_char_column_policy &policy); + inline int cpp_display_width (const char *data, int data_length, +- int tabstop) ++ const cpp_char_column_policy &policy) + { + return cpp_byte_column_to_display_column (data, data_length, data_length, +- tabstop); ++ policy); + } + int cpp_display_column_to_byte_column (const char *data, int data_length, +- int display_col, int tabstop); ++ int display_col, ++ const cpp_char_column_policy &policy); + int cpp_wcwidth (cppchar_t c); + + #endif /* ! LIBCPP_CPPLIB_H */ +diff --git a/libcpp/include/line-map.h b/libcpp/include/line-map.h +--- a/libcpp/include/line-map.h 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/include/line-map.h 2021-12-25 01:30:50.685688757 -0800 +@@ -1732,6 +1732,18 @@ class rich_location + const diagnostic_path *get_path () const { return m_path; } + void set_path (const diagnostic_path *path) { m_path = path; } + ++ /* A flag for hinting that the diagnostic involves character encoding ++ issues, and thus that it will be helpful to the user if we show some ++ representation of how the characters in the pertinent source lines ++ are encoded. ++ The default is false (i.e. do not escape). ++ When set to true, non-ASCII bytes in the pertinent source lines will ++ be escaped in a manner controlled by the user-supplied option ++ -fdiagnostics-escape-format=, so that the user can better understand ++ what's going on with the encoding in their source file. */ ++ bool escape_on_output_p () const { return m_escape_on_output; } ++ void set_escape_on_output (bool flag) { m_escape_on_output = flag; } ++ + private: + bool reject_impossible_fixit (location_t where); + void stop_supporting_fixits (); +@@ -1758,6 +1770,7 @@ protected: + bool m_fixits_cannot_be_auto_applied; + + const diagnostic_path *m_path; ++ bool m_escape_on_output; + }; + + /* A struct for the result of range_label::get_text: a NUL-terminated buffer +diff --git a/libcpp/internal.h b/libcpp/internal.h +--- a/libcpp/internal.h 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/internal.h 2021-12-25 01:30:50.685688757 -0800 +@@ -758,6 +758,9 @@ struct _cpp_dir_only_callbacks + extern void _cpp_preprocess_dir_only (cpp_reader *, + const struct _cpp_dir_only_callbacks *); + ++/* In errors.c */ ++extern location_t cpp_diagnostic_get_current_location (cpp_reader *); ++ + /* In traditional.c. */ + extern bool _cpp_scan_out_logical_line (cpp_reader *, cpp_macro *, bool); + extern bool _cpp_read_logical_line_trad (cpp_reader *); +@@ -946,6 +949,26 @@ int linemap_get_expansion_line (class li + const char* linemap_get_expansion_filename (class line_maps *, + location_t); + ++/* A subclass of rich_location for emitting a diagnostic ++ at the current location of the reader, but flagging ++ it with set_escape_on_output (true). */ ++class encoding_rich_location : public rich_location ++{ ++ public: ++ encoding_rich_location (cpp_reader *pfile) ++ : rich_location (pfile->line_table, ++ cpp_diagnostic_get_current_location (pfile)) ++ { ++ set_escape_on_output (true); ++ } ++ ++ encoding_rich_location (cpp_reader *pfile, location_t loc) ++ : rich_location (pfile->line_table, loc) ++ { ++ set_escape_on_output (true); ++ } ++}; ++ + #ifdef __cplusplus + } + #endif +diff --git a/libcpp/lex.c b/libcpp/lex.c +--- a/libcpp/lex.c 2021-12-24 20:23:45.568762024 -0800 ++++ b/libcpp/lex.c 2021-12-25 01:30:50.685688757 -0800 +@@ -1268,7 +1268,11 @@ skip_whitespace (cpp_reader *pfile, cppc + while (is_nvspace (c)); + + if (saw_NUL) +- cpp_error (pfile, CPP_DL_WARNING, "null character(s) ignored"); ++ { ++ encoding_rich_location rich_loc (pfile); ++ cpp_error_at (pfile, CPP_DL_WARNING, &rich_loc, ++ "null character(s) ignored"); ++ } + + buffer->cur--; + } +@@ -1297,6 +1301,28 @@ warn_about_normalization (cpp_reader *pf + if (CPP_OPTION (pfile, warn_normalize) < NORMALIZE_STATE_RESULT (s) + && !pfile->state.skipping) + { ++ location_t loc = token->src_loc; ++ ++ /* If possible, create a location range for the token. */ ++ if (loc >= RESERVED_LOCATION_COUNT ++ && token->type != CPP_EOF ++ /* There must be no line notes to process. */ ++ && (!(pfile->buffer->cur ++ >= pfile->buffer->notes[pfile->buffer->cur_note].pos ++ && !pfile->overlaid_buffer))) ++ { ++ source_range tok_range; ++ tok_range.m_start = loc; ++ tok_range.m_finish ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, ++ pfile->buffer->cur)); ++ loc = COMBINE_LOCATION_DATA (pfile->line_table, ++ loc, tok_range, NULL); ++ } ++ ++ encoding_rich_location rich_loc (pfile, loc); ++ + /* Make sure that the token is printed using UCNs, even + if we'd otherwise happily print UTF-8. */ + unsigned char *buf = XNEWVEC (unsigned char, cpp_token_len (token)); +@@ -1304,11 +1330,11 @@ warn_about_normalization (cpp_reader *pf + + sz = cpp_spell_token (pfile, token, buf, false) - buf; + if (NORMALIZE_STATE_RESULT (s) == normalized_C) +- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0, +- "`%.*s' is not in NFKC", (int) sz, buf); ++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc, ++ "`%.*s' is not in NFKC", (int) sz, buf); + else +- cpp_warning_with_line (pfile, CPP_W_NORMALIZE, token->src_loc, 0, +- "`%.*s' is not in NFC", (int) sz, buf); ++ cpp_warning_at (pfile, CPP_W_NORMALIZE, &rich_loc, ++ "`%.*s' is not in NFC", (int) sz, buf); + free (buf); + } + } +diff --git a/libcpp/line-map.c b/libcpp/line-map.c +--- a/libcpp/line-map.c 2020-07-22 23:35:18.712399623 -0700 ++++ b/libcpp/line-map.c 2021-12-25 01:30:50.685688757 -0800 +@@ -2007,7 +2007,8 @@ rich_location::rich_location (line_maps + m_fixit_hints (), + m_seen_impossible_fixit (false), + m_fixits_cannot_be_auto_applied (false), +- m_path (NULL) ++ m_path (NULL), ++ m_escape_on_output (false) + { + add_range (loc, SHOW_RANGE_WITH_CARET, label); + } diff --git a/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch b/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch deleted file mode 100644 index 823cc8b668..0000000000 --- a/meta/recipes-devtools/gcc/gcc/0002-aarch64-Introduce-SLS-mitigation-for-RET-and-BR-inst.patch +++ /dev/null @@ -1,607 +0,0 @@ -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From b1204d16e1ec96a4aa89e44de8990e2499ffdb22 Mon Sep 17 00:00:00 2001 -From: Matthew Malcomson <matthew.malcomson@arm.com> -Date: Thu, 9 Jul 2020 09:11:59 +0100 -Subject: [PATCH 2/3] aarch64: Introduce SLS mitigation for RET and BR - instructions - -Instructions following RET or BR are not necessarily executed. In order -to avoid speculation past RET and BR we can simply append a speculation -barrier. - -Since these speculation barriers will not be architecturally executed, -they are not expected to add a high performance penalty. - -The speculation barrier is to be SB when targeting architectures which -have this enabled, and DSB SY + ISB otherwise. - -We add tests for each of the cases where such an instruction was seen. - -This is implemented by modifying each machine description pattern that -emits either a RET or a BR instruction. We choose not to use something -like `TARGET_ASM_FUNCTION_EPILOGUE` since it does not affect the -`indirect_jump`, `jump`, `sibcall_insn` and `sibcall_value_insn` -patterns and we find it preferable to implement the functionality in the -same way for every pattern. - -There is one particular case which is slightly tricky. The -implementation of TARGET_ASM_TRAMPOLINE_TEMPLATE uses a BR which needs -to be mitigated against. The trampoline template is used *once* per -compilation unit, and the TRAMPOLINE_SIZE is exposed to the user via the -builtin macro __LIBGCC_TRAMPOLINE_SIZE__. -In the future we may implement function specific attributes to turn on -and off hardening on a per-function basis. -The fixed nature of the trampoline described above implies it will be -safer to ensure this speculation barrier is always used. - -Testing: - Bootstrap and regtest done on aarch64-none-linux - Used a temporary hack(1) to use these options on every test in the - testsuite and a script to check that the output never emitted an - unmitigated RET or BR. - -1) Temporary hack was a change to the testsuite to always use -`-save-temps` and run a script on the assembly output of those -compilations which produced one to ensure every RET or BR is immediately -followed by a speculation barrier. - -gcc/ChangeLog: - - * config/aarch64/aarch64-protos.h (aarch64_sls_barrier): New. - * config/aarch64/aarch64.c (aarch64_output_casesi): Emit - speculation barrier after BR instruction if needs be. - (aarch64_trampoline_init): Handle ptr_mode value & adjust size - of code copied. - (aarch64_sls_barrier): New. - (aarch64_asm_trampoline_template): Add needed barriers. - * config/aarch64/aarch64.h (AARCH64_ISA_SB): New. - (TARGET_SB): New. - (TRAMPOLINE_SIZE): Account for barrier. - * config/aarch64/aarch64.md (indirect_jump, *casesi_dispatch, - simple_return, *do_return, *sibcall_insn, *sibcall_value_insn): - Emit barrier if needs be, also account for possible barrier using - "sls_length" attribute. - (sls_length): New attribute. - (length): Determine default using any non-default sls_length - value. - -gcc/testsuite/ChangeLog: - - * gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c: New test. - * gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c: - New test. - * gcc.target/aarch64/sls-mitigation/sls-mitigation.exp: New file. - * lib/target-supports.exp (check_effective_target_aarch64_asm_sb_ok): - New proc. ---- - gcc/config/aarch64/aarch64-protos.h | 1 + - gcc/config/aarch64/aarch64.c | 41 ++++++- - gcc/config/aarch64/aarch64.h | 10 +- - gcc/config/aarch64/aarch64.md | 76 +++++++++---- - .../aarch64/sls-mitigation/sls-miti-retbr-pacret.c | 21 ++++ - .../aarch64/sls-mitigation/sls-miti-retbr.c | 119 +++++++++++++++++++++ - .../aarch64/sls-mitigation/sls-mitigation.exp | 73 +++++++++++++ - gcc/testsuite/lib/target-supports.exp | 2 +- - 8 files changed, 318 insertions(+), 25 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp - -diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h -index eb5f4b4..ee0ffde 100644 ---- a/gcc/config/aarch64/aarch64-protos.h -+++ b/gcc/config/aarch64/aarch64-protos.h -@@ -781,6 +781,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names; - - tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *); - -+const char *aarch64_sls_barrier (int); - extern bool aarch64_harden_sls_retbr_p (void); - extern bool aarch64_harden_sls_blr_p (void); - -diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c -index 437a9cf..44e3d1f 100644 ---- a/gcc/config/aarch64/aarch64.c -+++ b/gcc/config/aarch64/aarch64.c -@@ -10852,8 +10852,8 @@ aarch64_return_addr (int count, rtx frame ATTRIBUTE_UNUSED) - static void - aarch64_asm_trampoline_template (FILE *f) - { -- int offset1 = 16; -- int offset2 = 20; -+ int offset1 = 24; -+ int offset2 = 28; - - if (aarch64_bti_enabled ()) - { -@@ -10876,6 +10876,17 @@ aarch64_asm_trampoline_template (FILE *f) - } - asm_fprintf (f, "\tbr\t%s\n", reg_names [IP1_REGNUM]); - -+ /* We always emit a speculation barrier. -+ This is because the same trampoline template is used for every nested -+ function. Since nested functions are not particularly common or -+ performant we don't worry too much about the extra instructions to copy -+ around. -+ This is not yet a problem, since we have not yet implemented function -+ specific attributes to choose between hardening against straight line -+ speculation or not, but such function specific attributes are likely to -+ happen in the future. */ -+ asm_fprintf (f, "\tdsb\tsy\n\tisb\n"); -+ - /* The trampoline needs an extra padding instruction. In case if BTI is - enabled the padding instruction is replaced by the BTI instruction at - the beginning. */ -@@ -10890,10 +10901,14 @@ static void - aarch64_trampoline_init (rtx m_tramp, tree fndecl, rtx chain_value) - { - rtx fnaddr, mem, a_tramp; -- const int tramp_code_sz = 16; -+ const int tramp_code_sz = 24; - - /* Don't need to copy the trailing D-words, we fill those in below. */ -- emit_block_move (m_tramp, assemble_trampoline_template (), -+ /* We create our own memory address in Pmode so that `emit_block_move` can -+ use parts of the backend which expect Pmode addresses. */ -+ rtx temp = convert_memory_address (Pmode, XEXP (m_tramp, 0)); -+ emit_block_move (gen_rtx_MEM (BLKmode, temp), -+ assemble_trampoline_template (), - GEN_INT (tramp_code_sz), BLOCK_OP_NORMAL); - mem = adjust_address (m_tramp, ptr_mode, tramp_code_sz); - fnaddr = XEXP (DECL_RTL (fndecl), 0); -@@ -11084,6 +11099,8 @@ aarch64_output_casesi (rtx *operands) - output_asm_insn (buf, operands); - output_asm_insn (patterns[index][1], operands); - output_asm_insn ("br\t%3", operands); -+ output_asm_insn (aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()), -+ operands); - assemble_label (asm_out_file, label); - return ""; - } -@@ -22924,6 +22941,22 @@ aarch64_file_end_indicate_exec_stack () - #undef GNU_PROPERTY_AARCH64_FEATURE_1_BTI - #undef GNU_PROPERTY_AARCH64_FEATURE_1_AND - -+/* Helper function for straight line speculation. -+ Return what barrier should be emitted for straight line speculation -+ mitigation. -+ When not mitigating against straight line speculation this function returns -+ an empty string. -+ When mitigating against straight line speculation, use: -+ * SB when the v8.5-A SB extension is enabled. -+ * DSB+ISB otherwise. */ -+const char * -+aarch64_sls_barrier (int mitigation_required) -+{ -+ return mitigation_required -+ ? (TARGET_SB ? "sb" : "dsb\tsy\n\tisb") -+ : ""; -+} -+ - /* Target-specific selftests. */ - - #if CHECKING_P -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 1ce23c6..c21015f 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -281,6 +281,7 @@ extern unsigned aarch64_architecture_version; - #define AARCH64_ISA_F32MM (aarch64_isa_flags & AARCH64_FL_F32MM) - #define AARCH64_ISA_F64MM (aarch64_isa_flags & AARCH64_FL_F64MM) - #define AARCH64_ISA_BF16 (aarch64_isa_flags & AARCH64_FL_BF16) -+#define AARCH64_ISA_SB (aarch64_isa_flags & AARCH64_FL_SB) - - /* Crypto is an optional extension to AdvSIMD. */ - #define TARGET_CRYPTO (TARGET_SIMD && AARCH64_ISA_CRYPTO) -@@ -378,6 +379,9 @@ extern unsigned aarch64_architecture_version; - #define TARGET_FIX_ERR_A53_835769_DEFAULT 1 - #endif - -+/* SB instruction is enabled through +sb. */ -+#define TARGET_SB (AARCH64_ISA_SB) -+ - /* Apply the workaround for Cortex-A53 erratum 835769. */ - #define TARGET_FIX_ERR_A53_835769 \ - ((aarch64_fix_a53_err835769 == 2) \ -@@ -1058,8 +1062,10 @@ typedef struct - - #define RETURN_ADDR_RTX aarch64_return_addr - --/* BTI c + 3 insns + 2 pointer-sized entries. */ --#define TRAMPOLINE_SIZE (TARGET_ILP32 ? 24 : 32) -+/* BTI c + 3 insns -+ + sls barrier of DSB + ISB. -+ + 2 pointer-sized entries. */ -+#define TRAMPOLINE_SIZE (24 + (TARGET_ILP32 ? 8 : 16)) - - /* Trampolines contain dwords, so must be dword aligned. */ - #define TRAMPOLINE_ALIGNMENT 64 -diff --git a/gcc/config/aarch64/aarch64.md b/gcc/config/aarch64/aarch64.md -index 8c8be3c..dda04ee 100644 ---- a/gcc/config/aarch64/aarch64.md -+++ b/gcc/config/aarch64/aarch64.md -@@ -407,10 +407,25 @@ - ;; Attribute that specifies whether the alternative uses MOVPRFX. - (define_attr "movprfx" "no,yes" (const_string "no")) - -+;; Attribute to specify that an alternative has the length of a single -+;; instruction plus a speculation barrier. -+(define_attr "sls_length" "none,retbr,casesi" (const_string "none")) -+ - (define_attr "length" "" - (cond [(eq_attr "movprfx" "yes") - (const_int 8) -- ] (const_int 4))) -+ -+ (eq_attr "sls_length" "retbr") -+ (cond [(match_test "!aarch64_harden_sls_retbr_p ()") (const_int 4) -+ (match_test "TARGET_SB") (const_int 8)] -+ (const_int 12)) -+ -+ (eq_attr "sls_length" "casesi") -+ (cond [(match_test "!aarch64_harden_sls_retbr_p ()") (const_int 16) -+ (match_test "TARGET_SB") (const_int 20)] -+ (const_int 24)) -+ ] -+ (const_int 4))) - - ;; Strictly for compatibility with AArch32 in pipeline models, since AArch64 has - ;; no predicated insns. -@@ -447,8 +462,12 @@ - (define_insn "indirect_jump" - [(set (pc) (match_operand:DI 0 "register_operand" "r"))] - "" -- "br\\t%0" -- [(set_attr "type" "branch")] -+ { -+ output_asm_insn ("br\\t%0", operands); -+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()); -+ } -+ [(set_attr "type" "branch") -+ (set_attr "sls_length" "retbr")] - ) - - (define_insn "jump" -@@ -765,7 +784,7 @@ - "* - return aarch64_output_casesi (operands); - " -- [(set_attr "length" "16") -+ [(set_attr "sls_length" "casesi") - (set_attr "type" "branch")] - ) - -@@ -844,18 +863,23 @@ - [(return)] - "" - { -+ const char *ret = NULL; - if (aarch64_return_address_signing_enabled () - && TARGET_ARMV8_3 - && !crtl->calls_eh_return) - { - if (aarch64_ra_sign_key == AARCH64_KEY_B) -- return "retab"; -+ ret = "retab"; - else -- return "retaa"; -+ ret = "retaa"; - } -- return "ret"; -+ else -+ ret = "ret"; -+ output_asm_insn (ret, operands); -+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()); - } -- [(set_attr "type" "branch")] -+ [(set_attr "type" "branch") -+ (set_attr "sls_length" "retbr")] - ) - - (define_expand "return" -@@ -867,8 +891,12 @@ - (define_insn "simple_return" - [(simple_return)] - "" -- "ret" -- [(set_attr "type" "branch")] -+ { -+ output_asm_insn ("ret", operands); -+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()); -+ } -+ [(set_attr "type" "branch") -+ (set_attr "sls_length" "retbr")] - ) - - (define_insn "*cb<optab><mode>1" -@@ -1066,10 +1094,16 @@ - (unspec:DI [(match_operand:DI 2 "const_int_operand")] UNSPEC_CALLEE_ABI) - (return)] - "SIBLING_CALL_P (insn)" -- "@ -- br\\t%0 -- b\\t%c0" -- [(set_attr "type" "branch, branch")] -+ { -+ if (which_alternative == 0) -+ { -+ output_asm_insn ("br\\t%0", operands); -+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()); -+ } -+ return "b\\t%c0"; -+ } -+ [(set_attr "type" "branch, branch") -+ (set_attr "sls_length" "retbr,none")] - ) - - (define_insn "*sibcall_value_insn" -@@ -1080,10 +1114,16 @@ - (unspec:DI [(match_operand:DI 3 "const_int_operand")] UNSPEC_CALLEE_ABI) - (return)] - "SIBLING_CALL_P (insn)" -- "@ -- br\\t%1 -- b\\t%c1" -- [(set_attr "type" "branch, branch")] -+ { -+ if (which_alternative == 0) -+ { -+ output_asm_insn ("br\\t%1", operands); -+ return aarch64_sls_barrier (aarch64_harden_sls_retbr_p ()); -+ } -+ return "b\\t%c1"; -+ } -+ [(set_attr "type" "branch, branch") -+ (set_attr "sls_length" "retbr,none")] - ) - - ;; Call subroutine returning any type. -diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c -new file mode 100644 -index 0000000..fa1887a ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr-pacret.c -@@ -0,0 +1,21 @@ -+/* Avoid ILP32 since pacret is only available for LP64 */ -+/* { dg-do compile { target { ! ilp32 } } } */ -+/* { dg-additional-options "-mharden-sls=retbr -mbranch-protection=pac-ret -march=armv8.3-a" } */ -+ -+/* Testing the do_return pattern for retaa and retab. */ -+long retbr_subcall(void); -+long retbr_do_return_retaa(void) -+{ -+ return retbr_subcall()+1; -+} -+ -+__attribute__((target("branch-protection=pac-ret+b-key"))) -+long retbr_do_return_retab(void) -+{ -+ return retbr_subcall()+1; -+} -+ -+/* Ensure there are no BR or RET instructions which are not directly followed -+ by a speculation barrier. */ -+/* { dg-final { scan-assembler-not {\t(br|ret|retaa|retab)\tx[0-9][0-9]?\n\t(?!dsb\tsy\n\tisb)} } } */ -+/* { dg-final { scan-assembler-not {ret\t} } } */ -diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c -new file mode 100644 -index 0000000..76b8d03 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-retbr.c -@@ -0,0 +1,119 @@ -+/* We ensure that -Wpedantic is off since it complains about the trampolines -+ we explicitly want to test. */ -+/* { dg-additional-options "-mharden-sls=retbr -Wno-pedantic " } */ -+/* -+ Ensure that the SLS hardening of RET and BR leaves no unprotected RET/BR -+ instructions. -+ */ -+typedef int (foo) (int, int); -+typedef void (bar) (int, int); -+struct sls_testclass { -+ foo *x; -+ bar *y; -+ int left; -+ int right; -+}; -+ -+int -+retbr_sibcall_value_insn (struct sls_testclass x) -+{ -+ return x.x(x.left, x.right); -+} -+ -+void -+retbr_sibcall_insn (struct sls_testclass x) -+{ -+ x.y(x.left, x.right); -+} -+ -+/* Aim to test two different returns. -+ One that introduces a tail call in the middle of the function, and one that -+ has a normal return. */ -+int -+retbr_multiple_returns (struct sls_testclass x) -+{ -+ int temp; -+ if (x.left % 10) -+ return x.x(x.left, 100); -+ else if (x.right % 20) -+ { -+ return x.x(x.left * x.right, 100); -+ } -+ temp = x.left % x.right; -+ temp *= 100; -+ temp /= 2; -+ return temp % 3; -+} -+ -+void -+retbr_multiple_returns_void (struct sls_testclass x) -+{ -+ if (x.left % 10) -+ { -+ x.y(x.left, 100); -+ } -+ else if (x.right % 20) -+ { -+ x.y(x.left * x.right, 100); -+ } -+ return; -+} -+ -+/* Testing the casesi jump via register. */ -+__attribute__ ((optimize ("Os"))) -+int -+retbr_casesi_dispatch (struct sls_testclass x) -+{ -+ switch (x.left) -+ { -+ case -5: -+ return -2; -+ case -3: -+ return -1; -+ case 0: -+ return 0; -+ case 3: -+ return 1; -+ case 5: -+ break; -+ default: -+ __builtin_unreachable (); -+ } -+ return x.right; -+} -+ -+/* Testing the BR in trampolines is mitigated against. */ -+void f1 (void *); -+void f3 (void *, void (*)(void *)); -+void f2 (void *); -+ -+int -+retbr_trampolines (void *a, int b) -+{ -+ if (!b) -+ { -+ f1 (a); -+ return 1; -+ } -+ if (b) -+ { -+ void retbr_tramp_internal (void *c) -+ { -+ if (c == a) -+ f2 (c); -+ } -+ f3 (a, retbr_tramp_internal); -+ } -+ return 0; -+} -+ -+/* Testing the indirect_jump pattern. */ -+void -+retbr_indirect_jump (int *buf) -+{ -+ __builtin_longjmp(buf, 1); -+} -+ -+/* Ensure there are no BR or RET instructions which are not directly followed -+ by a speculation barrier. */ -+/* { dg-final { scan-assembler-not {\t(br|ret|retaa|retab)\tx[0-9][0-9]?\n\t(?!dsb\tsy\n\tisb|sb)} } } */ -diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp -new file mode 100644 -index 0000000..8122503 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-mitigation.exp -@@ -0,0 +1,73 @@ -+# Regression driver for SLS mitigation on AArch64. -+# Copyright (C) 2020 Free Software Foundation, Inc. -+# Contributed by ARM Ltd. -+# -+# This file is part of GCC. -+# -+# GCC is free software; you can redistribute it and/or modify it -+# under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+# -+# GCC is distributed in the hope that it will be useful, but -+# WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+# General Public License for more details. -+# -+# You should have received a copy of the GNU General Public License -+# along with GCC; see the file COPYING3. If not see -+# <http://www.gnu.org/licenses/>. */ -+ -+# Exit immediately if this isn't an AArch64 target. -+if {![istarget aarch64*-*-*] } then { -+ return -+} -+ -+# Load support procs. -+load_lib gcc-dg.exp -+load_lib torture-options.exp -+ -+# If a testcase doesn't have special options, use these. -+global DEFAULT_CFLAGS -+if ![info exists DEFAULT_CFLAGS] then { -+ set DEFAULT_CFLAGS " " -+} -+ -+# Initialize `dg'. -+dg-init -+torture-init -+ -+# Use different architectures as well as the normal optimisation options. -+# (i.e. use both SB and DSB+ISB barriers). -+ -+set save-dg-do-what-default ${dg-do-what-default} -+# Main loop. -+# Run with torture tests (i.e. a bunch of different optimisation levels) just -+# to increase test coverage. -+set dg-do-what-default assemble -+gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cCS\]]] \ -+ "-save-temps" $DEFAULT_CFLAGS -+ -+# Run the same tests but this time with SB extension. -+# Since not all supported assemblers will support that extension we decide -+# whether to assemble or just compile based on whether the extension is -+# supported for the available assembler. -+ -+set templist {} -+foreach x $DG_TORTURE_OPTIONS { -+ lappend templist "$x -march=armv8.3-a+sb " -+ lappend templist "$x -march=armv8-a+sb " -+} -+set-torture-options $templist -+if { [check_effective_target_aarch64_asm_sb_ok] } { -+ set dg-do-what-default assemble -+} else { -+ set dg-do-what-default compile -+} -+gcc-dg-runtest [lsort [glob -nocomplain $srcdir/$subdir/*.\[cCS\]]] \ -+ "-save-temps" $DEFAULT_CFLAGS -+set dg-do-what-default ${save-dg-do-what-default} -+ -+# All done. -+torture-finish -+dg-finish -diff --git a/gcc/testsuite/lib/target-supports.exp b/gcc/testsuite/lib/target-supports.exp -index 8a186dd..9d2e093 100644 ---- a/gcc/testsuite/lib/target-supports.exp -+++ b/gcc/testsuite/lib/target-supports.exp -@@ -9432,7 +9432,7 @@ proc check_effective_target_aarch64_tiny { } { - # various architecture extensions via the .arch_extension pseudo-op. - - foreach { aarch64_ext } { "fp" "simd" "crypto" "crc" "lse" "dotprod" "sve" -- "i8mm" "f32mm" "f64mm" "bf16" } { -+ "i8mm" "f32mm" "f64mm" "bf16" "sb" } { - eval [string map [list FUNC $aarch64_ext] { - proc check_effective_target_aarch64_asm_FUNC_ok { } { - if { [istarget aarch64*-*-*] } { --- -2.7.4 - diff --git a/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch new file mode 100644 index 0000000000..d87be19866 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-35465.patch @@ -0,0 +1,103 @@ +From 30461cf8dba3d3adb15a125e4da48800eb2b9b8f Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw <rearnsha@arm.com> +Date: Fri, 18 Jun 2021 17:18:37 +0100 +Subject: [PATCH] arm: fix vlldm erratum for Armv8.1-m [PR102035] + +For Armv8.1-m we generate code that emits VLLDM directly and do not +rely on support code in the library, so emit the mitigation directly +as well, when required. In this case, we can use the compiler options +to determine when to apply the fix and when it is safe to omit it. + +gcc: + PR target/102035 + * config/arm/arm.md (attribute arch): Add fix_vlldm. + (arch_enabled): Use it. + * config/arm/vfp.md (lazy_store_multiple_insn): Add alternative to + use when erratum mitigation is needed. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=30461cf8dba3d3adb15a125e4da48800eb2b9b8f] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + gcc/config/arm/arm.md | 11 +++++++++-- + gcc/config/arm/vfp.md | 10 +++++++--- + 2 files changed, 16 insertions(+), 5 deletions(-) + +diff -upr a/gcc/config/arm/arm.md b/gcc/config/arm/arm.md +--- a/gcc/config/arm/arm.md 2020-07-22 23:35:17.344384552 -0700 ++++ b/gcc/config/arm/arm.md 2021-11-11 20:33:58.431543947 -0800 +@@ -132,9 +132,12 @@ + ; TARGET_32BIT, "t1" or "t2" to specify a specific Thumb mode. "v6" + ; for ARM or Thumb-2 with arm_arch6, and nov6 for ARM without + ; arm_arch6. "v6t2" for Thumb-2 with arm_arch6 and "v8mb" for ARMv8-M +-; Baseline. This attribute is used to compute attribute "enabled", ++; Baseline. "fix_vlldm" is for fixing the v8-m/v8.1-m VLLDM erratum. ++; This attribute is used to compute attribute "enabled", + ; use type "any" to enable an alternative in all cases. +-(define_attr "arch" "any,a,t,32,t1,t2,v6,nov6,v6t2,v8mb,iwmmxt,iwmmxt2,armv6_or_vfpv3,neon,mve" ++(define_attr "arch" "any, a, t, 32, t1, t2, v6,nov6, v6t2, \ ++ v8mb, fix_vlldm, iwmmxt, iwmmxt2, armv6_or_vfpv3, \ ++ neon, mve" + (const_string "any")) + + (define_attr "arch_enabled" "no,yes" +@@ -177,6 +180,10 @@ + (match_test "TARGET_THUMB1 && arm_arch8")) + (const_string "yes") + ++ (and (eq_attr "arch" "fix_vlldm") ++ (match_test "fix_vlldm")) ++ (const_string "yes") ++ + (and (eq_attr "arch" "iwmmxt2") + (match_test "TARGET_REALLY_IWMMXT2")) + (const_string "yes") +diff -upr a/gcc/config/arm/vfp.md b/gcc/config/arm/vfp.md +--- a/gcc/config/arm/vfp.md 2020-07-22 23:35:17.356384684 -0700 ++++ b/gcc/config/arm/vfp.md 2021-11-11 20:33:58.431543947 -0800 +@@ -1703,12 +1703,15 @@ + (set_attr "type" "mov_reg")] + ) + ++;; Both this and the next instruction are treated by GCC in the same ++;; way as a blockage pattern. That's perhaps stronger than it needs ++;; to be, but we do not want accesses to the VFP register bank to be ++;; moved across either instruction. ++ + (define_insn "lazy_store_multiple_insn" +- [(set (match_operand:SI 0 "s_register_operand" "+&rk") +- (post_dec:SI (match_dup 0))) +- (unspec_volatile [(const_int 0) +- (mem:SI (post_dec:SI (match_dup 0)))] +- VUNSPEC_VLSTM)] ++ [(unspec_volatile ++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk"))] ++ VUNSPEC_VLSTM)] + "use_cmse && reload_completed" + "vlstm%?\\t%0" + [(set_attr "predicable" "yes") +@@ -1716,14 +1719,16 @@ + ) + + (define_insn "lazy_load_multiple_insn" +- [(set (match_operand:SI 0 "s_register_operand" "+&rk") +- (post_inc:SI (match_dup 0))) +- (unspec_volatile:SI [(const_int 0) +- (mem:SI (match_dup 0))] +- VUNSPEC_VLLDM)] ++ [(unspec_volatile ++ [(mem:BLK (match_operand:SI 0 "s_register_operand" "rk,rk"))] ++ VUNSPEC_VLLDM)] + "use_cmse && reload_completed" +- "vlldm%?\\t%0" +- [(set_attr "predicable" "yes") ++ "@ ++ vscclrm\\t{vpr}\;vlldm\\t%0 ++ vlldm\\t%0" ++ [(set_attr "arch" "fix_vlldm,*") ++ (set_attr "predicable" "no") ++ (set_attr "length" "8,4") + (set_attr "type" "load_4")] + ) + diff --git a/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch new file mode 100644 index 0000000000..6bfaf8402d --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0003-CVE-2021-42574.patch @@ -0,0 +1,1724 @@ +From 51c500269bf53749b107807d84271385fad35628 Mon Sep 17 00:00:00 2001 +From: Marek Polacek <polacek@redhat.com> +Date: Wed, 6 Oct 2021 14:33:59 -0400 +Subject: [PATCH] libcpp: Implement -Wbidi-chars for CVE-2021-42574 [PR103026] + +From a link below: +"An issue was discovered in the Bidirectional Algorithm in the Unicode +Specification through 14.0. It permits the visual reordering of +characters via control sequences, which can be used to craft source code +that renders different logic than the logical ordering of tokens +ingested by compilers and interpreters. Adversaries can leverage this to +encode source code for compilers accepting Unicode such that targeted +vulnerabilities are introduced invisibly to human reviewers." + +More info: +https://nvd.nist.gov/vuln/detail/CVE-2021-42574 +https://trojansource.codes/ + +This is not a compiler bug. However, to mitigate the problem, this patch +implements -Wbidi-chars=[none|unpaired|any] to warn about possibly +misleading Unicode bidirectional control characters the preprocessor may +encounter. + +The default is =unpaired, which warns about improperly terminated +bidirectional control characters; e.g. a LRE without its corresponding PDF. +The level =any warns about any use of bidirectional control characters. + +This patch handles both UCNs and UTF-8 characters. UCNs designating +bidi characters in identifiers are accepted since r204886. Then r217144 +enabled -fextended-identifiers by default. Extended characters in C/C++ +identifiers have been accepted since r275979. However, this patch still +warns about mixing UTF-8 and UCN bidi characters; there seems to be no +good reason to allow mixing them. + +We warn in different contexts: comments (both C and C++-style), string +literals, character constants, and identifiers. Expectedly, UCNs are ignored +in comments and raw string literals. The bidirectional control characters +can nest so this patch handles that as well. + +I have not included nor tested this at all with Fortran (which also has +string literals and line comments). + +Dave M. posted patches improving diagnostic involving Unicode characters. +This patch does not make use of this new infrastructure yet. + + PR preprocessor/103026 + +gcc/c-family/ChangeLog: + + * c.opt (Wbidi-chars, Wbidi-chars=): New option. + +gcc/ChangeLog: + + * doc/invoke.texi: Document -Wbidi-chars. + +libcpp/ChangeLog: + + * include/cpplib.h (enum cpp_bidirectional_level): New. + (struct cpp_options): Add cpp_warn_bidirectional. + (enum cpp_warning_reason): Add CPP_W_BIDIRECTIONAL. + * internal.h (struct cpp_reader): Add warn_bidi_p member + function. + * init.c (cpp_create_reader): Set cpp_warn_bidirectional. + * lex.c (bidi): New namespace. + (get_bidi_utf8): New function. + (get_bidi_ucn): Likewise. + (maybe_warn_bidi_on_close): Likewise. + (maybe_warn_bidi_on_char): Likewise. + (_cpp_skip_block_comment): Implement warning about bidirectional + control characters. + (skip_line_comment): Likewise. + (forms_identifier_p): Likewise. + (lex_identifier): Likewise. + (lex_string): Likewise. + (lex_raw_string): Likewise. + +gcc/testsuite/ChangeLog: + + * c-c++-common/Wbidi-chars-1.c: New test. + * c-c++-common/Wbidi-chars-2.c: New test. + * c-c++-common/Wbidi-chars-3.c: New test. + * c-c++-common/Wbidi-chars-4.c: New test. + * c-c++-common/Wbidi-chars-5.c: New test. + * c-c++-common/Wbidi-chars-6.c: New test. + * c-c++-common/Wbidi-chars-7.c: New test. + * c-c++-common/Wbidi-chars-8.c: New test. + * c-c++-common/Wbidi-chars-9.c: New test. + * c-c++-common/Wbidi-chars-10.c: New test. + * c-c++-common/Wbidi-chars-11.c: New test. + * c-c++-common/Wbidi-chars-12.c: New test. + * c-c++-common/Wbidi-chars-13.c: New test. + * c-c++-common/Wbidi-chars-14.c: New test. + * c-c++-common/Wbidi-chars-15.c: New test. + * c-c++-common/Wbidi-chars-16.c: New test. + * c-c++-common/Wbidi-chars-17.c: New test. + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=51c500269bf53749b107807d84271385fad35628] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + gcc/c-family/c.opt | 24 ++ + gcc/doc/invoke.texi | 21 +- + gcc/testsuite/c-c++-common/Wbidi-chars-1.c | 12 + + gcc/testsuite/c-c++-common/Wbidi-chars-10.c | 27 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-11.c | 13 + + gcc/testsuite/c-c++-common/Wbidi-chars-12.c | 19 + + gcc/testsuite/c-c++-common/Wbidi-chars-13.c | 17 + + gcc/testsuite/c-c++-common/Wbidi-chars-14.c | 38 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-15.c | 59 +++ + gcc/testsuite/c-c++-common/Wbidi-chars-16.c | 26 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-17.c | 30 ++ + gcc/testsuite/c-c++-common/Wbidi-chars-2.c | 9 + + gcc/testsuite/c-c++-common/Wbidi-chars-3.c | 11 + + gcc/testsuite/c-c++-common/Wbidi-chars-4.c | 188 +++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-5.c | 188 +++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-6.c | 155 ++++++++ + gcc/testsuite/c-c++-common/Wbidi-chars-7.c | 9 + + gcc/testsuite/c-c++-common/Wbidi-chars-8.c | 13 + + gcc/testsuite/c-c++-common/Wbidi-chars-9.c | 29 ++ + libcpp/include/cpplib.h | 18 +- + libcpp/init.c | 1 + + libcpp/internal.h | 7 + + libcpp/lex.c | 408 +++++++++++++++++++- + 23 files changed, 1315 insertions(+), 7 deletions(-) + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-1.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-10.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-11.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-12.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-13.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-14.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-15.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-16.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-17.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-2.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-3.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-4.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-5.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-6.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-7.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-8.c + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-9.c + +diff --git a/gcc/c-family/c.opt b/gcc/c-family/c.opt +--- a/gcc/c-family/c.opt 2021-12-25 01:29:12.915317374 -0800 ++++ b/gcc/c-family/c.opt 2021-12-25 01:36:22.040018701 -0800 +@@ -350,6 +350,30 @@ Wbad-function-cast + C ObjC Var(warn_bad_function_cast) Warning + Warn about casting functions to incompatible types. + ++Wbidi-chars ++C ObjC C++ ObjC++ Warning Alias(Wbidi-chars=,any,none) ++; ++ ++Wbidi-chars= ++C ObjC C++ ObjC++ RejectNegative Joined Warning CPP(cpp_warn_bidirectional) CppReason(CPP_W_BIDIRECTIONAL) Var(warn_bidirectional) Init(bidirectional_unpaired) Enum(cpp_bidirectional_level) ++-Wbidi-chars=[none|unpaired|any] Warn about UTF-8 bidirectional control characters. ++ ++; Required for these enum values. ++SourceInclude ++cpplib.h ++ ++Enum ++Name(cpp_bidirectional_level) Type(int) UnknownError(argument %qs to %<-Wbidi-chars%> not recognized) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(none) Value(bidirectional_none) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(unpaired) Value(bidirectional_unpaired) ++ ++EnumValue ++Enum(cpp_bidirectional_level) String(any) Value(bidirectional_any) ++ + Wbool-compare + C ObjC C++ ObjC++ Var(warn_bool_compare) Warning LangEnabledBy(C ObjC C++ ObjC++,Wall) + Warn about boolean expression compared with an integer value different from true/false. +diff --git a/gcc/doc/invoke.texi b/gcc/doc/invoke.texi +--- a/gcc/doc/invoke.texi 2021-12-25 01:35:33.284883488 -0800 ++++ b/gcc/doc/invoke.texi 2021-12-25 01:36:22.048018559 -0800 +@@ -310,7 +310,9 @@ Objective-C and Objective-C++ Dialects}. + -Warith-conversion @gol + -Warray-bounds -Warray-bounds=@var{n} @gol + -Wno-attributes -Wattribute-alias=@var{n} -Wno-attribute-alias @gol +--Wno-attribute-warning -Wbool-compare -Wbool-operation @gol ++-Wno-attribute-warning @gol ++-Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]} @gol ++-Wbool-compare -Wbool-operation @gol + -Wno-builtin-declaration-mismatch @gol + -Wno-builtin-macro-redefined -Wc90-c99-compat -Wc99-c11-compat @gol + -Wc11-c2x-compat @gol +@@ -6860,6 +6862,23 @@ Attributes considered include @code{allo + This is the default. You can disable these warnings with either + @option{-Wno-attribute-alias} or @option{-Wattribute-alias=0}. + ++@item -Wbidi-chars=@r{[}none@r{|}unpaired@r{|}any@r{]} ++@opindex Wbidi-chars= ++@opindex Wbidi-chars ++@opindex Wno-bidi-chars ++Warn about possibly misleading UTF-8 bidirectional control characters in ++comments, string literals, character constants, and identifiers. Such ++characters can change left-to-right writing direction into right-to-left ++(and vice versa), which can cause confusion between the logical order and ++visual order. This may be dangerous; for instance, it may seem that a piece ++of code is not commented out, whereas it in fact is. ++ ++There are three levels of warning supported by GCC@. The default is ++@option{-Wbidi-chars=unpaired}, which warns about improperly terminated ++bidi contexts. @option{-Wbidi-chars=none} turns the warning off. ++@option{-Wbidi-chars=any} warns about any use of bidirectional control ++characters. ++ + @item -Wbool-compare + @opindex Wno-bool-compare + @opindex Wbool-compare +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-10.c b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-10.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-10.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,27 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* More nesting testing. */ ++ ++/* RLE LRI PDF PDI*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRE_\u202a_PDF_\u202c; ++int LRE_\u202a_PDF_\u202c_LRE_\u202a_PDF_\u202c; ++int LRE_\u202a_LRI_\u2066_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLE_\u202b_RLI_\u2067_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLE_\u202b_RLI_\u2067_PDI_\u2069_PDF_\u202c; ++int FSI_\u2068_LRO_\u202d_PDI_\u2069_PDF_\u202c; ++int FSI_\u2068; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_PDI_\u2069; ++int FSI_\u2068_FSI_\u2068_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDF_\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_RLI_\u2067_RLI_\u2067_RLI_\u2067_FSI_\u2068_PDI_\u2069_PDI_\u2069_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-11.c b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-11.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-11.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,13 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test that we warn when mixing UCN and UTF-8. */ ++ ++int LRE__PDF_\u202c; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++int LRE_\u202a_PDF__; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++const char *s1 = "LRE__PDF_\u202c"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++const char *s2 = "LRE_\u202a_PDF_"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-12.c b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-12.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-12.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,19 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile { target { c || c++11 } } } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test raw strings. */ ++ ++const char *s1 = R"(a b c LRE 1 2 3 PDF x y z)"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++const char *s2 = R"(a b c RLE 1 2 3 PDF x y z)"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++const char *s3 = R"(a b c LRO 1 2 3 PDF x y z)"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++const char *s4 = R"(a b c RLO 1 2 3 PDF x y z)"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++const char *s7 = R"(a b c FSI 1 2 3 PDI x y) z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++const char *s8 = R"(a b c PDI x y )z"; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++const char *s9 = R"(a b c PDF x y z)"; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-13.c b/gcc/testsuite/c-c++-common/Wbidi-chars-13.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-13.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,17 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile { target { c || c++11 } } } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test raw strings. */ ++ ++const char *s1 = R"(a b c LRE 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s2 = R"(a b c RLE 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = R"(a b c LRO 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s4 = R"(a b c FSI 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s5 = R"(a b c LRI 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s6 = R"(a b c RLI 1 2 3)"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-14.c b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-14.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-14.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,38 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test PDI handling, which also pops any subsequent LREs, RLEs, LROs, ++ or RLOs. */ ++ ++/* LRI__LRI__RLE__RLE__RLE__PDI_*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// LRI__RLE__RLE__RLE__PDI_ ++// LRI__RLO__RLE__RLE__PDI_ ++// LRI__RLO__RLE__PDI_ ++// FSI__RLO__PDI_ ++// FSI__FSI__RLO__PDI_ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069; ++int LRI_\u2066_LRI_\u2066_LRI_\u2066_LRE_\u202a_LRE_\u202a_LRE_\u202a_PDI_\u2069_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int PDI_\u2069; ++int LRI_\u2066_PDI_\u2069; ++int RLI_\u2067_PDI_\u2069; ++int LRE_\u202a_LRI_\u2066_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int LRI_\u2066_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++int LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++int RLI_\u2067_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_LRI_\u2066_LRE_\u202a_LRE_\u202a_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLO_\u202e_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int RLI_\u2067_PDI_\u2069_RLI_\u2067; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int FSI_\u2068_PDF_\u202c_PDI_\u2069; ++int FSI_\u2068_FSI_\u2068_PDF_\u202c_PDI_\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-15.c b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-15.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-15.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,59 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test unpaired bidi control chars in multiline comments. */ ++ ++/* ++ * LRE end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLE end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * LRO end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLO end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * LRI end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * RLI end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* ++ * FSI end ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* LRE ++ PDF */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++/* FSI ++ PDI */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ ++/* LRE<> ++ * ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-3 } */ ++ ++/* ++ * LRE<> ++ */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ ++/* ++ * ++ * LRE<> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* RLI<> */ /* PDI<> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRE<> */ /* PDF<> */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-16.c b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-16.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-16.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,26 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test LTR/RTL chars. */ ++ ++/* LTR<> */ ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++// LTR<> ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++/* RTL<> */ ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++// RTL<> ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LTR<>"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s2 = "LTR\u200e"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s3 = "LTR\u200E"; ++/* { dg-warning "U\\+200E" "" { target *-*-* } .-1 } */ ++const char *s4 = "RTL<>"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++const char *s5 = "RTL\u200f"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ ++const char *s6 = "RTL\u200F"; ++/* { dg-warning "U\\+200F" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-17.c b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-17.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-17.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,30 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test LTR/RTL chars. */ ++ ++/* LTR<> */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// LTR<> ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* RTL<> */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// RTL<> ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int ltr_\u200e; ++/* { dg-error "universal character " "" { target *-*-* } .-1 } */ ++int rtl_\u200f; ++/* { dg-error "universal character " "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LTR<>"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s2 = "LTR\u200e"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = "LTR\u200E"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s4 = "RTL<>"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s5 = "RTL\u200f"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++const char *s6 = "RTL\u200F"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-1.c b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-1.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-1.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,12 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ int isAdmin = 0; ++ /* } if (isAdmin) begin admins only */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("You are an admin.\n"); ++ /* end admins only { */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-2.c b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-2.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-2.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,9 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ /* Say hello; newline/*/ return 0 ; ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("Hello world.\n"); ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-3.c b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-3.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-3.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,11 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++ ++int main() { ++ const char* access_level = "user"; ++ if (__builtin_strcmp(access_level, "user // Check if admin ")) { ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++ __builtin_printf("You are an admin.\n"); ++ } ++ return 0; ++} +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-4.c b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-4.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-4.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,188 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any -Wno-multichar -Wno-overflow" } */ ++/* Test all bidi chars in various contexts (identifiers, comments, ++ string literals, character constants), both UCN and UTF-8. The bidi ++ chars here are properly terminated, except for the character constants. */ ++ ++/* a b c LRE 1 2 3 PDF x y z */ ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++/* a b c RLE 1 2 3 PDF x y z */ ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++/* a b c LRO 1 2 3 PDF x y z */ ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++/* a b c RLO 1 2 3 PDF x y z */ ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++/* a b c LRI 1 2 3 PDI x y z */ ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++/* a b c RLI 1 2 3 PDI x y */ ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++/* a b c FSI 1 2 3 PDI x y z */ ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ ++/* Same but C++ comments instead. */ ++// a b c LRE 1 2 3 PDF x y z ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++// a b c RLE 1 2 3 PDF x y z ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++// a b c LRO 1 2 3 PDF x y z ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++// a b c RLO 1 2 3 PDF x y z ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++// a b c LRI 1 2 3 PDI x y z ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++// a b c RLI 1 2 3 PDI x y ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++// a b c FSI 1 2 3 PDI x y z ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ ++/* Here we're closing an unopened context, warn when =any. */ ++/* a b c PDI x y z */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++/* a b c PDF x y z */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++// a b c PDI x y z ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++// a b c PDF x y z ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++/* Multiline comments. */ ++/* a b c PDI x y z ++ */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */ ++/* a b c PDF x y z ++ */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDI x y z ++ */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDF x y z ++ */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDI x y z */ ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++/* first ++ a b c PDF x y z */ ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE 1 2 3 PDF x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c RLE 1 2 3 PDF x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c LRO 1 2 3 PDF x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLO 1 2 3 PDF x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LRI 1 2 3 PDI x y z"; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c RLI 1 2 3 PDI x y z"; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c FSI 1 2 3 PDI x y z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c PDI x y z"; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c PDF x y z"; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++} ++ ++void ++g2 () ++{ ++ const char c1 = '\u202a'; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char c2 = '\u202A'; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++ const char c3 = '\u202b'; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char c4 = '\u202B'; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++ const char c5 = '\u202d'; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char c6 = '\u202D'; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++ const char c7 = '\u202e'; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char c8 = '\u202E'; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++ const char c9 = '\u2066'; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++ const char c10 = '\u2067'; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++ const char c11 = '\u2068'; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++} ++ ++int abc; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++int AX; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++int A\u202cY; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++int A\u202CY2; ++/* { dg-warning "U\\+202C" "" { target *-*-* } .-1 } */ ++ ++int d\u202ae\u202cf; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int d\u202Ae\u202cf2; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int d\u202be\u202cf; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int d\u202Be\u202cf2; ++/* { dg-warning "U\\+202B" "" { target *-*-* } .-1 } */ ++int d\u202de\u202cf; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int d\u202De\u202cf2; ++/* { dg-warning "U\\+202D" "" { target *-*-* } .-1 } */ ++int d\u202ee\u202cf; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int d\u202Ee\u202cf2; ++/* { dg-warning "U\\+202E" "" { target *-*-* } .-1 } */ ++int d\u2066e\u2069f; ++/* { dg-warning "U\\+2066" "" { target *-*-* } .-1 } */ ++int d\u2067e\u2069f; ++/* { dg-warning "U\\+2067" "" { target *-*-* } .-1 } */ ++int d\u2068e\u2069f; ++/* { dg-warning "U\\+2068" "" { target *-*-* } .-1 } */ ++int X\u2069; ++/* { dg-warning "U\\+2069" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-5.c b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-5.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-5.c 2021-12-25 01:36:22.048018559 -0800 +@@ -0,0 +1,188 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired -Wno-multichar -Wno-overflow" } */ ++/* Test all bidi chars in various contexts (identifiers, comments, ++ string literals, character constants), both UCN and UTF-8. The bidi ++ chars here are properly terminated, except for the character constants. */ ++ ++/* a b c LRE 1 2 3 PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLE 1 2 3 PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRO 1 2 3 PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLO 1 2 3 PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRI 1 2 3 PDI x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLI 1 2 3 PDI x y */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c FSI 1 2 3 PDI x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Same but C++ comments instead. */ ++// a b c LRE 1 2 3 PDF x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLE 1 2 3 PDF x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRO 1 2 3 PDF x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLO 1 2 3 PDF x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRI 1 2 3 PDI x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLI 1 2 3 PDI x y ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c FSI 1 2 3 PDI x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Here we're closing an unopened context, warn when =any. */ ++/* a b c PDI x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c PDI x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++// a b c PDF x y z ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* Multiline comments. */ ++/* a b c PDI x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* a b c PDF x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDI x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDF x y z ++ */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-2 } */ ++/* first ++ a b c PDI x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++/* first ++ a b c PDF x y z */ ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE 1 2 3 PDF x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c RLE 1 2 3 PDF x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c LRO 1 2 3 PDF x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLO 1 2 3 PDF x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LRI 1 2 3 PDI x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c RLI 1 2 3 PDI x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c FSI 1 2 3 PDI x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c PDI x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c PDF x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++ const char *s10 = "a b c LRE\u202a 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c LRE\u202A 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s12 = "a b c RLE\u202b 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c RLE\u202B 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c LRO\u202d 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s15 = "a b c LRO\u202D 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s16 = "a b c RLO\u202e 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s17 = "a b c RLO\u202E 1 2 3 PDF\u202c x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s18 = "a b c LRI\u2066 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s19 = "a b c RLI\u2067 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s20 = "a b c FSI\u2068 1 2 3 PDI\u2069 x y z"; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++void ++g2 () ++{ ++ const char c1 = '\u202a'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c2 = '\u202A'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c3 = '\u202b'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c4 = '\u202B'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c5 = '\u202d'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c6 = '\u202D'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c7 = '\u202e'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c8 = '\u202E'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c9 = '\u2066'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c10 = '\u2067'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char c11 = '\u2068'; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int abc; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int AX; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202cY; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202CY2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++ ++int d\u202ae\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Ae\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202be\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Be\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202de\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202De\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202ee\u202cf; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u202Ee\u202cf2; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2066e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2067e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int d\u2068e\u2069f; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ ++int X\u2069; ++/* { dg-bogus "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-6.c b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-6.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-6.c 2021-12-25 01:36:22.052018489 -0800 +@@ -0,0 +1,155 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test nesting of bidi chars in various contexts. */ ++ ++/* Terminated by the wrong char: */ ++/* a b c LRE 1 2 3 PDI x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLE 1 2 3 PDI x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRO 1 2 3 PDI x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLO 1 2 3 PDI x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c LRI 1 2 3 PDF x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c RLI 1 2 3 PDF x y z */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* a b c FSI 1 2 3 PDF x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++/* LRE PDF */ ++/* LRE LRE PDF PDF */ ++/* PDF LRE PDF */ ++/* LRE PDF LRE PDF */ ++/* LRE LRE PDF */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* PDF LRE */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++// a b c LRE 1 2 3 PDI x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLE 1 2 3 PDI x y z*/ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRO 1 2 3 PDI x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLO 1 2 3 PDI x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c LRI 1 2 3 PDF x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c RLI 1 2 3 PDF x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// a b c FSI 1 2 3 PDF x y z ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++// LRE PDF ++// LRE LRE PDF PDF ++// PDF LRE PDF ++// LRE PDF LRE PDF ++// LRE LRE PDF ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++// PDF LRE ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++void ++g1 () ++{ ++ const char *s1 = "a b c LRE 1 2 3 PDI x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s2 = "a b c LRE\u202a 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s3 = "a b c RLE 1 2 3 PDI x y "; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s4 = "a b c RLE\u202b 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s5 = "a b c LRO 1 2 3 PDI x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s6 = "a b c LRO\u202d 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s7 = "a b c RLO 1 2 3 PDI x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s8 = "a b c RLO\u202e 1 2 3 PDI\u2069 x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s9 = "a b c LRI 1 2 3 PDF x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s10 = "a b c LRI\u2066 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s11 = "a b c RLI 1 2 3 PDF x y z\ ++ "; ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++ const char *s12 = "a b c RLI\u2067 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s13 = "a b c FSI 1 2 3 PDF x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s14 = "a b c FSI\u2068 1 2 3 PDF\u202c x y z"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s15 = "PDF LRE"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s16 = "PDF\u202c LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s17 = "LRE PDF"; ++ const char *s18 = "LRE\u202a PDF\u202c"; ++ const char *s19 = "LRE LRE PDF PDF"; ++ const char *s20 = "LRE\u202a LRE\u202a PDF\u202c PDF\u202c"; ++ const char *s21 = "PDF LRE PDF"; ++ const char *s22 = "PDF\u202c LRE\u202a PDF\u202c"; ++ const char *s23 = "LRE LRE PDF"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s24 = "LRE\u202a LRE\u202a PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s25 = "PDF LRE"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s26 = "PDF\u202c LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s27 = "PDF LRE\u202a"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ const char *s28 = "PDF\u202c LRE"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++} ++ ++int aLREbPDI; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int A\u202aB\u2069C; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLEbPDI; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202bB\u2069c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLRObPDI; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202db\u2069c2; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLObPDI; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u202eb\u2069; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLRIbPDF; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u2066b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aRLIbPDFc ++; ++/* { dg-warning "unpaired" "" { target *-*-* } .-2 } */ ++int a\u2067b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSIbPDF; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a\u2068b\u202c; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSIbPD\u202C; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aFSI\u2068bPDF_; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int aLREbPDFb; ++int A\u202aB\u202c; ++int a_LRE_LRE_b_PDF_PDF; ++int A\u202aA\u202aB\u202cB\u202c; ++int aPDFbLREadPDF; ++int a_\u202C_\u202a_\u202c; ++int a_LRE_b_PDF_c_LRE_PDF; ++int a_\u202a_\u202c_\u202a_\u202c_; ++int a_LRE_b_PDF_c_LRE; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int a_\u202a_\u202c_\u202a_; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-7.c b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-7.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-7.c 2021-12-25 01:36:22.052018489 -0800 +@@ -0,0 +1,9 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test we ignore UCNs in comments. */ ++ ++// a b c \u202a 1 2 3 ++// a b c \u202A 1 2 3 ++/* a b c \u202a 1 2 3 */ ++/* a b c \u202A 1 2 3 */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-8.c b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-8.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-8.c 2021-12-25 01:36:22.052018489 -0800 +@@ -0,0 +1,13 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=any" } */ ++/* Test \u vs \U. */ ++ ++int a_\u202A; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\u202a_2; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\U0000202A_3; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ ++int a_\U0000202a_4; ++/* { dg-warning "U\\+202A" "" { target *-*-* } .-1 } */ +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-9.c b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-9.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-9.c 2021-12-25 01:36:22.052018489 -0800 +@@ -0,0 +1,29 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired" } */ ++/* Test that we properly separate bidi contexts (comment/identifier/character ++ constant/string literal). */ ++ ++/* LRE -><- */ int pdf_\u202c_1; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLE -><- */ int pdf_\u202c_2; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRO -><- */ int pdf_\u202c_3; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLO -><- */ int pdf_\u202c_4; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRI -><-*/ int pdi_\u2069_1; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* RLI -><- */ int pdi_\u2069_12; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* FSI -><- */ int pdi_\u2069_3; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++ ++const char *s1 = "LRE\u202a"; /* PDF -><- */ ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++/* LRE -><- */ const char *s2 = "PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++const char *s3 = "LRE\u202a"; int pdf_\u202c_5; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ ++int lre_\u202a; const char *s4 = "PDF\u202c"; ++/* { dg-warning "unpaired" "" { target *-*-* } .-1 } */ +diff --git a/libcpp/include/cpplib.h b/libcpp/include/cpplib.h +--- a/libcpp/include/cpplib.h 2021-12-25 01:35:33.288883417 -0800 ++++ b/libcpp/include/cpplib.h 2021-12-25 01:36:22.052018489 -0800 +@@ -308,6 +308,17 @@ enum cpp_normalize_level { + normalized_none + }; + ++/* The possible bidirectional control characters checking levels, from least ++ restrictive to most. */ ++enum cpp_bidirectional_level { ++ /* No checking. */ ++ bidirectional_none, ++ /* Only detect unpaired uses of bidirectional control characters. */ ++ bidirectional_unpaired, ++ /* Detect any use of bidirectional control characters. */ ++ bidirectional_any ++}; ++ + /* This structure is nested inside struct cpp_reader, and + carries all the options visible to the command line. */ + struct cpp_options +@@ -515,6 +526,10 @@ struct cpp_options + /* True if warn about differences between C++98 and C++11. */ + bool cpp_warn_cxx11_compat; + ++ /* Nonzero if bidirectional control characters checking is on. See enum ++ cpp_bidirectional_level. */ ++ unsigned char cpp_warn_bidirectional; ++ + /* Dependency generation. */ + struct + { +@@ -613,7 +628,8 @@ enum cpp_warning_reason { + CPP_W_C90_C99_COMPAT, + CPP_W_C11_C2X_COMPAT, + CPP_W_CXX11_COMPAT, +- CPP_W_EXPANSION_TO_DEFINED ++ CPP_W_EXPANSION_TO_DEFINED, ++ CPP_W_BIDIRECTIONAL + }; + + /* Callback for header lookup for HEADER, which is the name of a +diff --git a/libcpp/init.c b/libcpp/init.c +--- a/libcpp/init.c 2021-12-25 01:29:12.931317107 -0800 ++++ b/libcpp/init.c 2021-12-25 01:36:22.052018489 -0800 +@@ -215,6 +215,7 @@ cpp_create_reader (enum c_lang lang, cpp + = ENABLE_CANONICAL_SYSTEM_HEADERS; + CPP_OPTION (pfile, ext_numeric_literals) = 1; + CPP_OPTION (pfile, warn_date_time) = 0; ++ CPP_OPTION (pfile, cpp_warn_bidirectional) = bidirectional_unpaired; + + /* Default CPP arithmetic to something sensible for the host for the + benefit of dumb users like fix-header. */ +diff --git a/libcpp/internal.h b/libcpp/internal.h +--- a/libcpp/internal.h 2021-12-25 01:35:33.288883417 -0800 ++++ b/libcpp/internal.h 2021-12-25 01:36:22.052018489 -0800 +@@ -581,6 +581,10 @@ struct cpp_reader + /* If non-zero, the lexer will use this location for the next token + instead of getting a location from the linemap. */ + location_t forced_token_location; ++ bool warn_bidi_p () const ++ { ++ return CPP_OPTION (this, cpp_warn_bidirectional) != bidirectional_none; ++ } + }; + + /* Character classes. Based on the more primitive macros in safe-ctype.h. +diff --git a/libcpp/lex.c b/libcpp/lex.c +--- a/libcpp/lex.c 2021-12-25 01:35:33.288883417 -0800 ++++ b/libcpp/lex.c 2021-12-25 01:36:22.052018489 -0800 +@@ -1164,6 +1164,324 @@ _cpp_process_line_notes (cpp_reader *pfi + } + } + ++namespace bidi { ++ enum class kind { ++ NONE, LRE, RLE, LRO, RLO, LRI, RLI, FSI, PDF, PDI, LTR, RTL ++ }; ++ ++ /* All the UTF-8 encodings of bidi characters start with E2. */ ++ constexpr uchar utf8_start = 0xe2; ++ ++ /* A vector holding currently open bidi contexts. We use a char for ++ each context, its LSB is 1 if it represents a PDF context, 0 if it ++ represents a PDI context. The next bit is 1 if this context was open ++ by a bidi character written as a UCN, and 0 when it was UTF-8. */ ++ semi_embedded_vec <unsigned char, 16> vec; ++ ++ /* Close the whole comment/identifier/string literal/character constant ++ context. */ ++ void on_close () ++ { ++ vec.truncate (0); ++ } ++ ++ /* Pop the last element in the vector. */ ++ void pop () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ vec.truncate (len - 1); ++ } ++ ++ /* Return the context of the Ith element. */ ++ kind ctx_at (unsigned int i) ++ { ++ return (vec[i] & 1) ? kind::PDF : kind::PDI; ++ } ++ ++ /* Return which context is currently opened. */ ++ kind current_ctx () ++ { ++ unsigned int len = vec.count (); ++ if (len == 0) ++ return kind::NONE; ++ return ctx_at (len - 1); ++ } ++ ++ /* Return true if the current context comes from a UCN origin, that is, ++ the bidi char which started this bidi context was written as a UCN. */ ++ bool current_ctx_ucn_p () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ return (vec[len - 1] >> 1) & 1; ++ } ++ ++ /* We've read a bidi char, update the current vector as necessary. */ ++ void on_char (kind k, bool ucn_p) ++ { ++ switch (k) ++ { ++ case kind::LRE: ++ case kind::RLE: ++ case kind::LRO: ++ case kind::RLO: ++ vec.push (ucn_p ? 3u : 1u); ++ break; ++ case kind::LRI: ++ case kind::RLI: ++ case kind::FSI: ++ vec.push (ucn_p ? 2u : 0u); ++ break; ++ /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO ++ whose scope has not yet been terminated. */ ++ case kind::PDF: ++ if (current_ctx () == kind::PDF) ++ pop (); ++ break; ++ /* PDI terminates the scope of the last LRI, RLI, or FSI whose ++ scope has not yet been terminated, as well as the scopes of ++ any subsequent LREs, RLEs, LROs, or RLOs whose scopes have not ++ yet been terminated. */ ++ case kind::PDI: ++ for (int i = vec.count () - 1; i >= 0; --i) ++ if (ctx_at (i) == kind::PDI) ++ { ++ vec.truncate (i); ++ break; ++ } ++ break; ++ case kind::LTR: ++ case kind::RTL: ++ /* These aren't popped by a PDF/PDI. */ ++ break; ++ [[likely]] case kind::NONE: ++ break; ++ default: ++ abort (); ++ } ++ } ++ ++ /* Return a descriptive string for K. */ ++ const char *to_str (kind k) ++ { ++ switch (k) ++ { ++ case kind::LRE: ++ return "U+202A (LEFT-TO-RIGHT EMBEDDING)"; ++ case kind::RLE: ++ return "U+202B (RIGHT-TO-LEFT EMBEDDING)"; ++ case kind::LRO: ++ return "U+202D (LEFT-TO-RIGHT OVERRIDE)"; ++ case kind::RLO: ++ return "U+202E (RIGHT-TO-LEFT OVERRIDE)"; ++ case kind::LRI: ++ return "U+2066 (LEFT-TO-RIGHT ISOLATE)"; ++ case kind::RLI: ++ return "U+2067 (RIGHT-TO-LEFT ISOLATE)"; ++ case kind::FSI: ++ return "U+2068 (FIRST STRONG ISOLATE)"; ++ case kind::PDF: ++ return "U+202C (POP DIRECTIONAL FORMATTING)"; ++ case kind::PDI: ++ return "U+2069 (POP DIRECTIONAL ISOLATE)"; ++ case kind::LTR: ++ return "U+200E (LEFT-TO-RIGHT MARK)"; ++ case kind::RTL: ++ return "U+200F (RIGHT-TO-LEFT MARK)"; ++ default: ++ abort (); ++ } ++ } ++} ++ ++/* Parse a sequence of 3 bytes starting with P and return its bidi code. */ ++ ++static bidi::kind ++get_bidi_utf8 (const unsigned char *const p) ++{ ++ gcc_checking_assert (p[0] == bidi::utf8_start); ++ ++ if (p[1] == 0x80) ++ switch (p[2]) ++ { ++ case 0xaa: ++ return bidi::kind::LRE; ++ case 0xab: ++ return bidi::kind::RLE; ++ case 0xac: ++ return bidi::kind::PDF; ++ case 0xad: ++ return bidi::kind::LRO; ++ case 0xae: ++ return bidi::kind::RLO; ++ case 0x8e: ++ return bidi::kind::LTR; ++ case 0x8f: ++ return bidi::kind::RTL; ++ default: ++ break; ++ } ++ else if (p[1] == 0x81) ++ switch (p[2]) ++ { ++ case 0xa6: ++ return bidi::kind::LRI; ++ case 0xa7: ++ return bidi::kind::RLI; ++ case 0xa8: ++ return bidi::kind::FSI; ++ case 0xa9: ++ return bidi::kind::PDI; ++ default: ++ break; ++ } ++ ++ return bidi::kind::NONE; ++} ++ ++/* Parse a UCN where P points just past \u or \U and return its bidi code. */ ++ ++static bidi::kind ++get_bidi_ucn (const unsigned char *p, bool is_U) ++{ ++ /* 6.4.3 Universal Character Names ++ \u hex-quad ++ \U hex-quad hex-quad ++ where \unnnn means \U0000nnnn. */ ++ ++ if (is_U) ++ { ++ if (p[0] != '0' || p[1] != '0' || p[2] != '0' || p[3] != '0') ++ return bidi::kind::NONE; ++ /* Skip 4B so we can treat \u and \U the same below. */ ++ p += 4; ++ } ++ ++ /* All code points we are looking for start with 20xx. */ ++ if (p[0] != '2' || p[1] != '0') ++ return bidi::kind::NONE; ++ else if (p[2] == '2') ++ switch (p[3]) ++ { ++ case 'a': ++ case 'A': ++ return bidi::kind::LRE; ++ case 'b': ++ case 'B': ++ return bidi::kind::RLE; ++ case 'c': ++ case 'C': ++ return bidi::kind::PDF; ++ case 'd': ++ case 'D': ++ return bidi::kind::LRO; ++ case 'e': ++ case 'E': ++ return bidi::kind::RLO; ++ default: ++ break; ++ } ++ else if (p[2] == '6') ++ switch (p[3]) ++ { ++ case '6': ++ return bidi::kind::LRI; ++ case '7': ++ return bidi::kind::RLI; ++ case '8': ++ return bidi::kind::FSI; ++ case '9': ++ return bidi::kind::PDI; ++ default: ++ break; ++ } ++ else if (p[2] == '0') ++ switch (p[3]) ++ { ++ case 'e': ++ case 'E': ++ return bidi::kind::LTR; ++ case 'f': ++ case 'F': ++ return bidi::kind::RTL; ++ default: ++ break; ++ } ++ ++ return bidi::kind::NONE; ++} ++ ++/* We're closing a bidi context, that is, we've encountered a newline, ++ are closing a C-style comment, or are at the end of a string literal, ++ character constant, or identifier. Warn if this context was not ++ properly terminated by a PDI or PDF. P points to the last character ++ in this context. */ ++ ++static void ++maybe_warn_bidi_on_close (cpp_reader *pfile, const uchar *p) ++{ ++ if (CPP_OPTION (pfile, cpp_warn_bidirectional) == bidirectional_unpaired ++ && bidi::vec.count () > 0) ++ { ++ const location_t loc ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, p)); ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); ++ } ++ /* We're done with this context. */ ++ bidi::on_close (); ++} ++ ++/* We're at the beginning or in the middle of an identifier/comment/string ++ literal/character constant. Warn if we've encountered a bidi character. ++ KIND says which bidi character it was; P points to it in the character ++ stream. UCN_P is true iff this bidi character was written as a UCN. */ ++ ++static void ++maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, ++ bool ucn_p) ++{ ++ if (__builtin_expect (kind == bidi::kind::NONE, 1)) ++ return; ++ ++ const auto warn_bidi = CPP_OPTION (pfile, cpp_warn_bidirectional); ++ ++ if (warn_bidi != bidirectional_none) ++ { ++ const location_t loc ++ = linemap_position_for_column (pfile->line_table, ++ CPP_BUF_COLUMN (pfile->buffer, p)); ++ /* It seems excessive to warn about a PDI/PDF that is closing ++ an opened context because we've already warned about the ++ opening character. Except warn when we have a UCN x UTF-8 ++ mismatch. */ ++ if (kind == bidi::current_ctx ()) ++ { ++ if (warn_bidi == bidirectional_unpaired ++ && bidi::current_ctx_ucn_p () != ucn_p) ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); ++ } ++ else if (warn_bidi == bidirectional_any) ++ { ++ if (kind == bidi::kind::PDF || kind == bidi::kind::PDI) ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "\"%s\" is closing an unopened context", ++ bidi::to_str (kind)); ++ else ++ cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, ++ "found problematic Unicode character \"%s\"", ++ bidi::to_str (kind)); ++ } ++ } ++ /* We're done with this context. */ ++ bidi::on_char (kind, ucn_p); ++} ++ + /* Skip a C-style block comment. We find the end of the comment by + seeing if an asterisk is before every '/' we encounter. Returns + nonzero if comment terminated by EOF, zero otherwise. +@@ -1175,6 +1493,7 @@ _cpp_skip_block_comment (cpp_reader *pfi + cpp_buffer *buffer = pfile->buffer; + const uchar *cur = buffer->cur; + uchar c; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + cur++; + if (*cur == '/') +@@ -1189,7 +1508,11 @@ _cpp_skip_block_comment (cpp_reader *pfi + if (c == '/') + { + if (cur[-2] == '*') +- break; ++ { ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur); ++ break; ++ } + + /* Warn about potential nested comments, but not if the '/' + comes immediately before the true comment delimiter. +@@ -1208,6 +1531,8 @@ _cpp_skip_block_comment (cpp_reader *pfi + { + unsigned int cols; + buffer->cur = cur - 1; ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur); + _cpp_process_line_notes (pfile, true); + if (buffer->next_line >= buffer->rlimit) + return true; +@@ -1218,6 +1543,13 @@ _cpp_skip_block_comment (cpp_reader *pfi + + cur = buffer->cur; + } ++ /* If this is a beginning of a UTF-8 encoding, it might be ++ a bidirectional control character. */ ++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (cur - 1); ++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false); ++ } + } + + buffer->cur = cur; +@@ -1233,9 +1565,31 @@ skip_line_comment (cpp_reader *pfile) + { + cpp_buffer *buffer = pfile->buffer; + location_t orig_line = pfile->line_table->highest_line; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + +- while (*buffer->cur != '\n') +- buffer->cur++; ++ if (!warn_bidi_p) ++ while (*buffer->cur != '\n') ++ buffer->cur++; ++ else ++ { ++ while (*buffer->cur != '\n' ++ && *buffer->cur != bidi::utf8_start) ++ buffer->cur++; ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) ++ { ++ while (*buffer->cur != '\n') ++ { ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) ++ { ++ bidi::kind kind = get_bidi_utf8 (buffer->cur); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/false); ++ } ++ buffer->cur++; ++ } ++ maybe_warn_bidi_on_close (pfile, buffer->cur); ++ } ++ } + + _cpp_process_line_notes (pfile, true); + return orig_line != pfile->line_table->highest_line; +@@ -1343,11 +1697,13 @@ static const cppchar_t utf8_signifier = + + /* Returns TRUE if the sequence starting at buffer->cur is valid in + an identifier. FIRST is TRUE if this starts an identifier. */ ++ + static bool + forms_identifier_p (cpp_reader *pfile, int first, + struct normalize_state *state) + { + cpp_buffer *buffer = pfile->buffer; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + if (*buffer->cur == '$') + { +@@ -1370,6 +1726,13 @@ forms_identifier_p (cpp_reader *pfile, i + cppchar_t s; + if (*buffer->cur >= utf8_signifier) + { ++ if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0) ++ && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (buffer->cur); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/false); ++ } + if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s)) + return true; +@@ -1378,6 +1741,13 @@ forms_identifier_p (cpp_reader *pfile, i + && (buffer->cur[1] == 'u' || buffer->cur[1] == 'U')) + { + buffer->cur += 2; ++ if (warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_ucn (buffer->cur, ++ buffer->cur[-1] == 'U'); ++ maybe_warn_bidi_on_char (pfile, buffer->cur, kind, ++ /*ucn_p=*/true); ++ } + if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s, NULL, NULL)) + return true; +@@ -1486,6 +1856,7 @@ lex_identifier (cpp_reader *pfile, const + const uchar *cur; + unsigned int len; + unsigned int hash = HT_HASHSTEP (0, *base); ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + + cur = pfile->buffer->cur; + if (! starts_ucn) +@@ -1509,6 +1880,8 @@ lex_identifier (cpp_reader *pfile, const + pfile->buffer->cur++; + } + } while (forms_identifier_p (pfile, false, nst)); ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, pfile->buffer->cur); + result = _cpp_interpret_identifier (pfile, base, + pfile->buffer->cur - base); + *spelling = cpp_lookup (pfile, base, pfile->buffer->cur - base); +@@ -1697,6 +2070,7 @@ lex_raw_string (cpp_reader *pfile, cpp_t + { + uchar raw_prefix[17]; + uchar temp_buffer[18]; ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + const uchar *orig_base; + unsigned int raw_prefix_len = 0, raw_suffix_len = 0; + enum raw_str_phase { RAW_STR_PREFIX, RAW_STR, RAW_STR_SUFFIX }; +@@ -1946,8 +2320,15 @@ lex_raw_string (cpp_reader *pfile, cpp_t + cur = base = pfile->buffer->cur; + note = &pfile->buffer->notes[pfile->buffer->cur_note]; + } ++ else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0) ++ && warn_bidi_p) ++ maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1), ++ /*ucn_p=*/false); + } + ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, pos); ++ + if (CPP_OPTION (pfile, user_literals)) + { + /* If a string format macro, say from inttypes.h, is placed touching +@@ -2042,15 +2423,27 @@ lex_string (cpp_reader *pfile, cpp_token + else + terminator = '>', type = CPP_HEADER_NAME; + ++ const bool warn_bidi_p = pfile->warn_bidi_p (); + for (;;) + { + cppchar_t c = *cur++; + + /* In #include-style directives, terminators are not escapable. */ + if (c == '\\' && !pfile->state.angled_headers && *cur != '\n') +- cur++; ++ { ++ if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U'); ++ maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true); ++ } ++ cur++; ++ } + else if (c == terminator) +- break; ++ { ++ if (warn_bidi_p) ++ maybe_warn_bidi_on_close (pfile, cur - 1); ++ break; ++ } + else if (c == '\n') + { + cur--; +@@ -2067,6 +2460,11 @@ lex_string (cpp_reader *pfile, cpp_token + } + else if (c == '\0') + saw_NUL = true; ++ else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) ++ { ++ bidi::kind kind = get_bidi_utf8 (cur - 1); ++ maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false); ++ } + } + + if (saw_NUL && !pfile->state.skipping) diff --git a/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch b/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch deleted file mode 100644 index 716a367172..0000000000 --- a/meta/recipes-devtools/gcc/gcc/0003-aarch64-Mitigate-SLS-for-BLR-instruction.patch +++ /dev/null @@ -1,658 +0,0 @@ -Upstream-Status: Backport -Signed-off-by: Ross Burton <ross.burton@arm.com> - -From a5e7efc40ed841934c1d913f39476afa17d8e5f7 Mon Sep 17 00:00:00 2001 -From: Matthew Malcomson <matthew.malcomson@arm.com> -Date: Thu, 9 Jul 2020 09:11:59 +0100 -Subject: [PATCH 3/3] aarch64: Mitigate SLS for BLR instruction - -This patch introduces the mitigation for Straight Line Speculation past -the BLR instruction. - -This mitigation replaces BLR instructions with a BL to a stub which uses -a BR to jump to the original value. These function stubs are then -appended with a speculation barrier to ensure no straight line -speculation happens after these jumps. - -When optimising for speed we use a set of stubs for each function since -this should help the branch predictor make more accurate predictions -about where a stub should branch. - -When optimising for size we use one set of stubs for all functions. -This set of stubs can have human readable names, and we are using -`__call_indirect_x<N>` for register x<N>. - -When BTI branch protection is enabled the BLR instruction can jump to a -`BTI c` instruction using any register, while the BR instruction can -only jump to a `BTI c` instruction using the x16 or x17 registers. -Hence, in order to ensure this transformation is safe we mov the value -of the original register into x16 and use x16 for the BR. - -As an example when optimising for size: -a - BLR x0 -instruction would get transformed to something like - BL __call_indirect_x0 -where __call_indirect_x0 labels a thunk that contains -__call_indirect_x0: - MOV X16, X0 - BR X16 - <speculation barrier> - -The first version of this patch used local symbols specific to a -compilation unit to try and avoid relocations. -This was mistaken since functions coming from the same compilation unit -can still be in different sections, and the assembler will insert -relocations at jumps between sections. - -On any relocation the linker is permitted to emit a veneer to handle -jumps between symbols that are very far apart. The registers x16 and -x17 may be clobbered by these veneers. -Hence the function stubs cannot rely on the values of x16 and x17 being -the same as just before the function stub is called. - -Similar can be said for the hot/cold partitioning of single functions, -so function-local stubs have the same restriction. - -This updated version of the patch never emits function stubs for x16 and -x17, and instead forces other registers to be used. - -Given the above, there is now no benefit to local symbols (since they -are not enough to avoid dealing with linker intricacies). This patch -now uses global symbols with hidden visibility each stored in their own -COMDAT section. This means stubs can be shared between compilation -units while still avoiding the PLT indirection. - -This patch also removes the `__call_indirect_x30` stub (and -function-local equivalent) which would simply jump back to the original -location. - -The function-local stubs are emitted to the assembly output file in one -chunk, which means we need not add the speculation barrier directly -after each one. -This is because we know for certain that the instructions directly after -the BR in all but the last function stub will be from another one of -these stubs and hence will not contain a speculation gadget. -Instead we add a speculation barrier at the end of the sequence of -stubs. - -The global stubs are emitted in COMDAT/.linkonce sections by -themselves so that the linker can remove duplicates from multiple object -files. This means they are not emitted in one chunk, and each one must -include the speculation barrier. - -Another difference is that since the global stubs are shared across -compilation units we do not know that all functions will be targeting an -architecture supporting the SB instruction. -Rather than provide multiple stubs for each architecture, we provide a -stub that will work for all architectures -- using the DSB+ISB barrier. - -This mitigation does not apply for BLR instructions in the following -places: -- Some accesses to thread-local variables use a code sequence with a BLR - instruction. This code sequence is part of the binary interface between - compiler and linker. If this BLR instruction needs to be mitigated, it'd - probably be best to do so in the linker. It seems that the code sequence - for thread-local variable access is unlikely to lead to a Spectre Revalation - Gadget. -- PLT stubs are produced by the linker and each contain a BLR instruction. - It seems that at most only after the last PLT stub a Spectre Revalation - Gadget might appear. - -Testing: - Bootstrap and regtest on AArch64 - (with BOOT_CFLAGS="-mharden-sls=retbr,blr") - Used a temporary hack(1) in gcc-dg.exp to use these options on every - test in the testsuite, a slight modification to emit the speculation - barrier after every function stub, and a script to check that the - output never emitted a BLR, or unmitigated BR or RET instruction. - Similar on an aarch64-none-elf cross-compiler. - -1) Temporary hack emitted a speculation barrier at the end of every stub -function, and used a script to ensure that: - a) Every RET or BR is immediately followed by a speculation barrier. - b) No BLR instruction is emitted by compiler. - -gcc/ChangeLog: - - * config/aarch64/aarch64-protos.h (aarch64_indirect_call_asm): - New declaration. - * config/aarch64/aarch64.c (aarch64_regno_regclass): Handle new - stub registers class. - (aarch64_class_max_nregs): Likewise. - (aarch64_register_move_cost): Likewise. - (aarch64_sls_shared_thunks): Global array to store stub labels. - (aarch64_sls_emit_function_stub): New. - (aarch64_create_blr_label): New. - (aarch64_sls_emit_blr_function_thunks): New. - (aarch64_sls_emit_shared_blr_thunks): New. - (aarch64_asm_file_end): New. - (aarch64_indirect_call_asm): New. - (TARGET_ASM_FILE_END): Use aarch64_asm_file_end. - (TARGET_ASM_FUNCTION_EPILOGUE): Use - aarch64_sls_emit_blr_function_thunks. - * config/aarch64/aarch64.h (STB_REGNUM_P): New. - (enum reg_class): Add STUB_REGS class. - (machine_function): Introduce `call_via` array for - function-local stub labels. - * config/aarch64/aarch64.md (*call_insn, *call_value_insn): Use - aarch64_indirect_call_asm to emit code when hardening BLR - instructions. - * config/aarch64/constraints.md (Ucr): New constraint - representing registers for indirect calls. Is GENERAL_REGS - usually, and STUB_REGS when hardening BLR instruction against - SLS. - * config/aarch64/predicates.md (aarch64_general_reg): STUB_REGS class - is also a general register. - -gcc/testsuite/ChangeLog: - - * gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c: New test. - * gcc.target/aarch64/sls-mitigation/sls-miti-blr.c: New test. ---- - gcc/config/aarch64/aarch64-protos.h | 1 + - gcc/config/aarch64/aarch64.c | 225 ++++++++++++++++++++- - gcc/config/aarch64/aarch64.h | 15 ++ - gcc/config/aarch64/aarch64.md | 11 +- - gcc/config/aarch64/constraints.md | 9 + - gcc/config/aarch64/predicates.md | 3 +- - .../aarch64/sls-mitigation/sls-miti-blr-bti.c | 40 ++++ - .../aarch64/sls-mitigation/sls-miti-blr.c | 33 +++ - 8 files changed, 328 insertions(+), 9 deletions(-) - create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c - create mode 100644 gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c - -diff --git a/gcc/config/aarch64/aarch64-protos.h b/gcc/config/aarch64/aarch64-protos.h -index ee0ffde..839f801 100644 ---- a/gcc/config/aarch64/aarch64-protos.h -+++ b/gcc/config/aarch64/aarch64-protos.h -@@ -782,6 +782,7 @@ extern const atomic_ool_names aarch64_ool_ldeor_names; - tree aarch64_resolve_overloaded_builtin_general (location_t, tree, void *); - - const char *aarch64_sls_barrier (int); -+const char *aarch64_indirect_call_asm (rtx); - extern bool aarch64_harden_sls_retbr_p (void); - extern bool aarch64_harden_sls_blr_p (void); - -diff --git a/gcc/config/aarch64/aarch64.c b/gcc/config/aarch64/aarch64.c -index 2389d49..0f7bba3 100644 ---- a/gcc/config/aarch64/aarch64.c -+++ b/gcc/config/aarch64/aarch64.c -@@ -10605,6 +10605,9 @@ aarch64_label_mentioned_p (rtx x) - enum reg_class - aarch64_regno_regclass (unsigned regno) - { -+ if (STUB_REGNUM_P (regno)) -+ return STUB_REGS; -+ - if (GP_REGNUM_P (regno)) - return GENERAL_REGS; - -@@ -10939,6 +10942,7 @@ aarch64_class_max_nregs (reg_class_t regclass, machine_mode mode) - unsigned int nregs, vec_flags; - switch (regclass) - { -+ case STUB_REGS: - case TAILCALL_ADDR_REGS: - case POINTER_REGS: - case GENERAL_REGS: -@@ -13155,10 +13159,12 @@ aarch64_register_move_cost (machine_mode mode, - = aarch64_tune_params.regmove_cost; - - /* Caller save and pointer regs are equivalent to GENERAL_REGS. */ -- if (to == TAILCALL_ADDR_REGS || to == POINTER_REGS) -+ if (to == TAILCALL_ADDR_REGS || to == POINTER_REGS -+ || to == STUB_REGS) - to = GENERAL_REGS; - -- if (from == TAILCALL_ADDR_REGS || from == POINTER_REGS) -+ if (from == TAILCALL_ADDR_REGS || from == POINTER_REGS -+ || from == STUB_REGS) - from = GENERAL_REGS; - - /* Make RDFFR very expensive. In particular, if we know that the FFR -@@ -22957,6 +22963,215 @@ aarch64_sls_barrier (int mitigation_required) - : ""; - } - -+static GTY (()) tree aarch64_sls_shared_thunks[30]; -+static GTY (()) bool aarch64_sls_shared_thunks_needed = false; -+const char *indirect_symbol_names[30] = { -+ "__call_indirect_x0", -+ "__call_indirect_x1", -+ "__call_indirect_x2", -+ "__call_indirect_x3", -+ "__call_indirect_x4", -+ "__call_indirect_x5", -+ "__call_indirect_x6", -+ "__call_indirect_x7", -+ "__call_indirect_x8", -+ "__call_indirect_x9", -+ "__call_indirect_x10", -+ "__call_indirect_x11", -+ "__call_indirect_x12", -+ "__call_indirect_x13", -+ "__call_indirect_x14", -+ "__call_indirect_x15", -+ "", /* "__call_indirect_x16", */ -+ "", /* "__call_indirect_x17", */ -+ "__call_indirect_x18", -+ "__call_indirect_x19", -+ "__call_indirect_x20", -+ "__call_indirect_x21", -+ "__call_indirect_x22", -+ "__call_indirect_x23", -+ "__call_indirect_x24", -+ "__call_indirect_x25", -+ "__call_indirect_x26", -+ "__call_indirect_x27", -+ "__call_indirect_x28", -+ "__call_indirect_x29", -+}; -+ -+/* Function to create a BLR thunk. This thunk is used to mitigate straight -+ line speculation. Instead of a simple BLR that can be speculated past, -+ we emit a BL to this thunk, and this thunk contains a BR to the relevant -+ register. These thunks have the relevant speculation barries put after -+ their indirect branch so that speculation is blocked. -+ -+ We use such a thunk so the speculation barriers are kept off the -+ architecturally executed path in order to reduce the performance overhead. -+ -+ When optimizing for size we use stubs shared by the linked object. -+ When optimizing for performance we emit stubs for each function in the hope -+ that the branch predictor can better train on jumps specific for a given -+ function. */ -+rtx -+aarch64_sls_create_blr_label (int regnum) -+{ -+ gcc_assert (STUB_REGNUM_P (regnum)); -+ if (optimize_function_for_size_p (cfun)) -+ { -+ /* For the thunks shared between different functions in this compilation -+ unit we use a named symbol -- this is just for users to more easily -+ understand the generated assembly. */ -+ aarch64_sls_shared_thunks_needed = true; -+ const char *thunk_name = indirect_symbol_names[regnum]; -+ if (aarch64_sls_shared_thunks[regnum] == NULL) -+ { -+ /* Build a decl representing this function stub and record it for -+ later. We build a decl here so we can use the GCC machinery for -+ handling sections automatically (through `get_named_section` and -+ `make_decl_one_only`). That saves us a lot of trouble handling -+ the specifics of different output file formats. */ -+ tree decl = build_decl (BUILTINS_LOCATION, FUNCTION_DECL, -+ get_identifier (thunk_name), -+ build_function_type_list (void_type_node, -+ NULL_TREE)); -+ DECL_RESULT (decl) = build_decl (BUILTINS_LOCATION, RESULT_DECL, -+ NULL_TREE, void_type_node); -+ TREE_PUBLIC (decl) = 1; -+ TREE_STATIC (decl) = 1; -+ DECL_IGNORED_P (decl) = 1; -+ DECL_ARTIFICIAL (decl) = 1; -+ make_decl_one_only (decl, DECL_ASSEMBLER_NAME (decl)); -+ resolve_unique_section (decl, 0, false); -+ aarch64_sls_shared_thunks[regnum] = decl; -+ } -+ -+ return gen_rtx_SYMBOL_REF (Pmode, thunk_name); -+ } -+ -+ if (cfun->machine->call_via[regnum] == NULL) -+ cfun->machine->call_via[regnum] -+ = gen_rtx_LABEL_REF (Pmode, gen_label_rtx ()); -+ return cfun->machine->call_via[regnum]; -+} -+ -+/* Helper function for aarch64_sls_emit_blr_function_thunks and -+ aarch64_sls_emit_shared_blr_thunks below. */ -+static void -+aarch64_sls_emit_function_stub (FILE *out_file, int regnum) -+{ -+ /* Save in x16 and branch to that function so this transformation does -+ not prevent jumping to `BTI c` instructions. */ -+ asm_fprintf (out_file, "\tmov\tx16, x%d\n", regnum); -+ asm_fprintf (out_file, "\tbr\tx16\n"); -+} -+ -+/* Emit all BLR stubs for this particular function. -+ Here we emit all the BLR stubs needed for the current function. Since we -+ emit these stubs in a consecutive block we know there will be no speculation -+ gadgets between each stub, and hence we only emit a speculation barrier at -+ the end of the stub sequences. -+ -+ This is called in the TARGET_ASM_FUNCTION_EPILOGUE hook. */ -+void -+aarch64_sls_emit_blr_function_thunks (FILE *out_file) -+{ -+ if (! aarch64_harden_sls_blr_p ()) -+ return; -+ -+ bool any_functions_emitted = false; -+ /* We must save and restore the current function section since this assembly -+ is emitted at the end of the function. This means it can be emitted *just -+ after* the cold section of a function. That cold part would be emitted in -+ a different section. That switch would trigger a `.cfi_endproc` directive -+ to be emitted in the original section and a `.cfi_startproc` directive to -+ be emitted in the new section. Switching to the original section without -+ restoring would mean that the `.cfi_endproc` emitted as a function ends -+ would happen in a different section -- leaving an unmatched -+ `.cfi_startproc` in the cold text section and an unmatched `.cfi_endproc` -+ in the standard text section. */ -+ section *save_text_section = in_section; -+ switch_to_section (function_section (current_function_decl)); -+ for (int regnum = 0; regnum < 30; ++regnum) -+ { -+ rtx specu_label = cfun->machine->call_via[regnum]; -+ if (specu_label == NULL) -+ continue; -+ -+ targetm.asm_out.print_operand (out_file, specu_label, 0); -+ asm_fprintf (out_file, ":\n"); -+ aarch64_sls_emit_function_stub (out_file, regnum); -+ any_functions_emitted = true; -+ } -+ if (any_functions_emitted) -+ /* Can use the SB if needs be here, since this stub will only be used -+ by the current function, and hence for the current target. */ -+ asm_fprintf (out_file, "\t%s\n", aarch64_sls_barrier (true)); -+ switch_to_section (save_text_section); -+} -+ -+/* Emit shared BLR stubs for the current compilation unit. -+ Over the course of compiling this unit we may have converted some BLR -+ instructions to a BL to a shared stub function. This is where we emit those -+ stub functions. -+ This function is for the stubs shared between different functions in this -+ compilation unit. We share when optimizing for size instead of speed. -+ -+ This function is called through the TARGET_ASM_FILE_END hook. */ -+void -+aarch64_sls_emit_shared_blr_thunks (FILE *out_file) -+{ -+ if (! aarch64_sls_shared_thunks_needed) -+ return; -+ -+ for (int regnum = 0; regnum < 30; ++regnum) -+ { -+ tree decl = aarch64_sls_shared_thunks[regnum]; -+ if (!decl) -+ continue; -+ -+ const char *name = indirect_symbol_names[regnum]; -+ switch_to_section (get_named_section (decl, NULL, 0)); -+ ASM_OUTPUT_ALIGN (out_file, 2); -+ targetm.asm_out.globalize_label (out_file, name); -+ /* Only emits if the compiler is configured for an assembler that can -+ handle visibility directives. */ -+ targetm.asm_out.assemble_visibility (decl, VISIBILITY_HIDDEN); -+ ASM_OUTPUT_TYPE_DIRECTIVE (out_file, name, "function"); -+ ASM_OUTPUT_LABEL (out_file, name); -+ aarch64_sls_emit_function_stub (out_file, regnum); -+ /* Use the most conservative target to ensure it can always be used by any -+ function in the translation unit. */ -+ asm_fprintf (out_file, "\tdsb\tsy\n\tisb\n"); -+ ASM_DECLARE_FUNCTION_SIZE (out_file, name, decl); -+ } -+} -+ -+/* Implement TARGET_ASM_FILE_END. */ -+void -+aarch64_asm_file_end () -+{ -+ aarch64_sls_emit_shared_blr_thunks (asm_out_file); -+ /* Since this function will be called for the ASM_FILE_END hook, we ensure -+ that what would be called otherwise (e.g. `file_end_indicate_exec_stack` -+ for FreeBSD) still gets called. */ -+#ifdef TARGET_ASM_FILE_END -+ TARGET_ASM_FILE_END (); -+#endif -+} -+ -+const char * -+aarch64_indirect_call_asm (rtx addr) -+{ -+ gcc_assert (REG_P (addr)); -+ if (aarch64_harden_sls_blr_p ()) -+ { -+ rtx stub_label = aarch64_sls_create_blr_label (REGNO (addr)); -+ output_asm_insn ("bl\t%0", &stub_label); -+ } -+ else -+ output_asm_insn ("blr\t%0", &addr); -+ return ""; -+} -+ - /* Target-specific selftests. */ - - #if CHECKING_P -@@ -23507,6 +23722,12 @@ aarch64_libgcc_floating_mode_supported_p - #undef TARGET_MD_ASM_ADJUST - #define TARGET_MD_ASM_ADJUST arm_md_asm_adjust - -+#undef TARGET_ASM_FILE_END -+#define TARGET_ASM_FILE_END aarch64_asm_file_end -+ -+#undef TARGET_ASM_FUNCTION_EPILOGUE -+#define TARGET_ASM_FUNCTION_EPILOGUE aarch64_sls_emit_blr_function_thunks -+ - struct gcc_target targetm = TARGET_INITIALIZER; - - #include "gt-aarch64.h" -diff --git a/gcc/config/aarch64/aarch64.h b/gcc/config/aarch64/aarch64.h -index 8e0fc37..7331450 100644 ---- a/gcc/config/aarch64/aarch64.h -+++ b/gcc/config/aarch64/aarch64.h -@@ -643,6 +643,16 @@ extern unsigned aarch64_architecture_version; - #define GP_REGNUM_P(REGNO) \ - (((unsigned) (REGNO - R0_REGNUM)) <= (R30_REGNUM - R0_REGNUM)) - -+/* Registers known to be preserved over a BL instruction. This consists of the -+ GENERAL_REGS without x16, x17, and x30. The x30 register is changed by the -+ BL instruction itself, while the x16 and x17 registers may be used by -+ veneers which can be inserted by the linker. */ -+#define STUB_REGNUM_P(REGNO) \ -+ (GP_REGNUM_P (REGNO) \ -+ && (REGNO) != R16_REGNUM \ -+ && (REGNO) != R17_REGNUM \ -+ && (REGNO) != R30_REGNUM) \ -+ - #define FP_REGNUM_P(REGNO) \ - (((unsigned) (REGNO - V0_REGNUM)) <= (V31_REGNUM - V0_REGNUM)) - -@@ -667,6 +677,7 @@ enum reg_class - { - NO_REGS, - TAILCALL_ADDR_REGS, -+ STUB_REGS, - GENERAL_REGS, - STACK_REG, - POINTER_REGS, -@@ -689,6 +700,7 @@ enum reg_class - { \ - "NO_REGS", \ - "TAILCALL_ADDR_REGS", \ -+ "STUB_REGS", \ - "GENERAL_REGS", \ - "STACK_REG", \ - "POINTER_REGS", \ -@@ -708,6 +720,7 @@ enum reg_class - { \ - { 0x00000000, 0x00000000, 0x00000000 }, /* NO_REGS */ \ - { 0x00030000, 0x00000000, 0x00000000 }, /* TAILCALL_ADDR_REGS */\ -+ { 0x3ffcffff, 0x00000000, 0x00000000 }, /* STUB_REGS */ \ - { 0x7fffffff, 0x00000000, 0x00000003 }, /* GENERAL_REGS */ \ - { 0x80000000, 0x00000000, 0x00000000 }, /* STACK_REG */ \ - { 0xffffffff, 0x00000000, 0x00000003 }, /* POINTER_REGS */ \ -@@ -862,6 +875,8 @@ typedef struct GTY (()) machine_function - struct aarch64_frame frame; - /* One entry for each hard register. */ - bool reg_is_wrapped_separately[LAST_SAVED_REGNUM]; -+ /* One entry for each general purpose register. */ -+ rtx call_via[SP_REGNUM]; - bool label_is_assembled; - } machine_function; - #endif -diff --git a/gcc/config/aarch64/aarch64.md b/gcc/config/aarch64/aarch64.md -index dda04ee..43da754 100644 ---- a/gcc/config/aarch64/aarch64.md -+++ b/gcc/config/aarch64/aarch64.md -@@ -1022,16 +1022,15 @@ - ) - - (define_insn "*call_insn" -- [(call (mem:DI (match_operand:DI 0 "aarch64_call_insn_operand" "r, Usf")) -+ [(call (mem:DI (match_operand:DI 0 "aarch64_call_insn_operand" "Ucr, Usf")) - (match_operand 1 "" "")) - (unspec:DI [(match_operand:DI 2 "const_int_operand")] UNSPEC_CALLEE_ABI) - (clobber (reg:DI LR_REGNUM))] - "" - "@ -- blr\\t%0 -+ * return aarch64_indirect_call_asm (operands[0]); - bl\\t%c0" -- [(set_attr "type" "call, call")] --) -+ [(set_attr "type" "call, call")]) - - (define_expand "call_value" - [(parallel -@@ -1050,13 +1049,13 @@ - - (define_insn "*call_value_insn" - [(set (match_operand 0 "" "") -- (call (mem:DI (match_operand:DI 1 "aarch64_call_insn_operand" "r, Usf")) -+ (call (mem:DI (match_operand:DI 1 "aarch64_call_insn_operand" "Ucr, Usf")) - (match_operand 2 "" ""))) - (unspec:DI [(match_operand:DI 3 "const_int_operand")] UNSPEC_CALLEE_ABI) - (clobber (reg:DI LR_REGNUM))] - "" - "@ -- blr\\t%1 -+ * return aarch64_indirect_call_asm (operands[1]); - bl\\t%c1" - [(set_attr "type" "call, call")] - ) -diff --git a/gcc/config/aarch64/constraints.md b/gcc/config/aarch64/constraints.md -index d993268..8cc6f50 100644 ---- a/gcc/config/aarch64/constraints.md -+++ b/gcc/config/aarch64/constraints.md -@@ -24,6 +24,15 @@ - (define_register_constraint "Ucs" "TAILCALL_ADDR_REGS" - "@internal Registers suitable for an indirect tail call") - -+(define_register_constraint "Ucr" -+ "aarch64_harden_sls_blr_p () ? STUB_REGS : GENERAL_REGS" -+ "@internal Registers to be used for an indirect call. -+ This is usually the general registers, but when we are hardening against -+ Straight Line Speculation we disallow x16, x17, and x30 so we can use -+ indirection stubs. These indirection stubs cannot use the above registers -+ since they will be reached by a BL that may have to go through a linker -+ veneer.") -+ - (define_register_constraint "w" "FP_REGS" - "Floating point and SIMD vector registers.") - -diff --git a/gcc/config/aarch64/predicates.md b/gcc/config/aarch64/predicates.md -index 215fcec..1754b1e 100644 ---- a/gcc/config/aarch64/predicates.md -+++ b/gcc/config/aarch64/predicates.md -@@ -32,7 +32,8 @@ - - (define_predicate "aarch64_general_reg" - (and (match_operand 0 "register_operand") -- (match_test "REGNO_REG_CLASS (REGNO (op)) == GENERAL_REGS"))) -+ (match_test "REGNO_REG_CLASS (REGNO (op)) == STUB_REGS -+ || REGNO_REG_CLASS (REGNO (op)) == GENERAL_REGS"))) - - ;; Return true if OP a (const_int 0) operand. - (define_predicate "const0_operand" -diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c -new file mode 100644 -index 0000000..b1fb754 ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr-bti.c -@@ -0,0 +1,40 @@ -+/* { dg-do compile } */ -+/* { dg-additional-options "-mharden-sls=blr -mbranch-protection=bti" } */ -+/* -+ Ensure that the SLS hardening of BLR leaves no BLR instructions. -+ Here we also check that there are no BR instructions with anything except an -+ x16 or x17 register. This is because a `BTI c` instruction can be branched -+ to using a BLR instruction using any register, but can only be branched to -+ with a BR using an x16 or x17 register. -+ */ -+typedef int (foo) (int, int); -+typedef void (bar) (int, int); -+struct sls_testclass { -+ foo *x; -+ bar *y; -+ int left; -+ int right; -+}; -+ -+/* We test both RTL patterns for a call which returns a value and a call which -+ does not. */ -+int blr_call_value (struct sls_testclass x) -+{ -+ int retval = x.x(x.left, x.right); -+ if (retval % 10) -+ return 100; -+ return 9; -+} -+ -+int blr_call (struct sls_testclass x) -+{ -+ x.y(x.left, x.right); -+ if (x.left % 10) -+ return 100; -+ return 9; -+} -+ -+/* { dg-final { scan-assembler-not {\tblr\t} } } */ -+/* { dg-final { scan-assembler-not {\tbr\tx(?!16|17)} } } */ -+/* { dg-final { scan-assembler {\tbr\tx(16|17)} } } */ -+ -diff --git a/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c -new file mode 100644 -index 0000000..88bafff ---- /dev/null -+++ b/gcc/testsuite/gcc.target/aarch64/sls-mitigation/sls-miti-blr.c -@@ -0,0 +1,33 @@ -+/* { dg-additional-options "-mharden-sls=blr -save-temps" } */ -+/* Ensure that the SLS hardening of BLR leaves no BLR instructions. -+ We only test that all BLR instructions have been removed, not that the -+ resulting code makes sense. */ -+typedef int (foo) (int, int); -+typedef void (bar) (int, int); -+struct sls_testclass { -+ foo *x; -+ bar *y; -+ int left; -+ int right; -+}; -+ -+/* We test both RTL patterns for a call which returns a value and a call which -+ does not. */ -+int blr_call_value (struct sls_testclass x) -+{ -+ int retval = x.x(x.left, x.right); -+ if (retval % 10) -+ return 100; -+ return 9; -+} -+ -+int blr_call (struct sls_testclass x) -+{ -+ x.y(x.left, x.right); -+ if (x.left % 10) -+ return 100; -+ return 9; -+} -+ -+/* { dg-final { scan-assembler-not {\tblr\t} } } */ -+/* { dg-final { scan-assembler {\tbr\tx[0-9][0-9]?} } } */ --- -2.7.4 - diff --git a/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch new file mode 100644 index 0000000000..9f7a38ed2e --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-35465.patch @@ -0,0 +1,304 @@ +From 809330ab8450261e05919b472783bf15e4b000f7 Mon Sep 17 00:00:00 2001 +From: Richard Earnshaw <rearnsha@arm.com> +Date: Tue, 6 Jul 2021 15:10:18 +0100 +Subject: [PATCH] arm: Add tests for VLLDM mitigation [PR102035] + +New tests for the erratum mitigation. + +gcc/testsuite: + PR target/102035 + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c: New test. + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c: Likewise. + * gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c: Likewise. + +CVE: CVE-2021-35465 +Upstream-Status: Backport[https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=809330ab8450261e05919b472783bf15e4b000f7] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + .../arm/cmse/mainline/8_1m/soft/cmse-13a.c | 31 +++++++++++++++++++ + .../arm/cmse/mainline/8_1m/soft/cmse-7a.c | 28 +++++++++++++++++ + .../arm/cmse/mainline/8_1m/soft/cmse-8a.c | 30 ++++++++++++++++++ + .../cmse/mainline/8_1m/softfp-sp/cmse-7a.c | 27 ++++++++++++++++ + .../cmse/mainline/8_1m/softfp-sp/cmse-8a.c | 29 +++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-13a.c | 30 ++++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-7a.c | 27 ++++++++++++++++ + .../arm/cmse/mainline/8_1m/softfp/cmse-8a.c | 29 +++++++++++++++++ + 8 files changed, 231 insertions(+) + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c + create mode 100644 gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c + +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,31 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-13.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,28 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/soft/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,30 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=soft -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=soft" } } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler-not "vmov" } } */ ++/* { dg-final { scan-assembler-not "vmsr" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-13a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,30 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-13.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[1,4-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr2, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr3, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r1, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[1,4-9\]|r10|fp|ip), ){9}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[1,4-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,27 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp/cmse-8a.c 2021-11-11 20:38:44.290766017 -0800 +@@ -0,0 +1,29 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing single precision" {*-*-*} {"-mfpu=*-sp-*"} {""} } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-7a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,27 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */ ++ ++#include "../../../cmse-7.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[0-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r0, )?(r1, )?(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[0-9\]|r10|fp|ip), ){12}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[0-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ +diff --git a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c +--- a/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/gcc.target/arm/cmse/mainline/8_1m/softfp-sp/cmse-8a.c 2021-11-11 20:38:44.286766084 -0800 +@@ -0,0 +1,29 @@ ++/* { dg-do compile } */ ++/* { dg-options "-mcmse -mfloat-abi=softfp -mfpu=fpv5-sp-d16 -mfix-cmse-cve-2021-35465" } */ ++/* { dg-skip-if "Incompatible float ABI" { *-*-* } { "-mfloat-abi=*" } { "-mfloat-abi=softfp" } } */ ++/* { dg-skip-if "Skip these if testing double precision" {*-*-*} {"-mfpu=fpv[4-5]-d16"} {""} } */ ++ ++#include "../../../cmse-8.x" ++ ++/* Checks for saving and clearing prior to function call. */ ++/* Shift on the same register as blxns. */ ++/* { dg-final { scan-assembler "lsrs\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler "lsls\t(r\[2-9\]|r10|fp|ip), \\1, #1.*blxns\t\\1" } } */ ++/* { dg-final { scan-assembler-not "mov\tr0, r4" } } */ ++/* { dg-final { scan-assembler-not "mov\tr1, r4" } } */ ++/* { dg-final { scan-assembler "push\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++/* { dg-final { scan-assembler "vlstm\tsp" } } */ ++/* Check the right registers are cleared and none appears twice. */ ++/* { dg-final { scan-assembler "clrm\t\{(r2, )?(r3, )?(r4, )?(r5, )?(r6, )?(r7, )?(r8, )?(r9, )?(r10, )?(fp, )?(ip, )?APSR\}" } } */ ++/* Check that the right number of registers is cleared and thus only one ++ register is missing. */ ++/* { dg-final { scan-assembler "clrm\t\{((r\[2-9\]|r10|fp|ip), ){10}APSR\}" } } */ ++/* Check that no cleared register is used for blxns. */ ++/* { dg-final { scan-assembler-not "clrm\t\{\[^\}\]\+(r\[2-9\]|r10|fp|ip),\[^\}\]\+\}.*blxns\t\\1" } } */ ++/* Check for v8.1-m variant of erratum work-around. */ ++/* { dg-final { scan-assembler "vscclrm\t\{vpr\}" } } */ ++/* { dg-final { scan-assembler "vlldm\tsp" } } */ ++/* { dg-final { scan-assembler "pop\t\{r4, r5, r6, r7, r8, r9, r10, fp\}" } } */ ++ ++/* Now we check that we use the correct intrinsic to call. */ ++/* { dg-final { scan-assembler "blxns" } } */ diff --git a/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch new file mode 100644 index 0000000000..877b8a6452 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0004-CVE-2021-42574.patch @@ -0,0 +1,138 @@ +From 1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3 Mon Sep 17 00:00:00 2001 +From: David Malcolm <dmalcolm@redhat.com> +Date: Tue, 2 Nov 2021 09:54:32 -0400 +Subject: [PATCH] libcpp: escape non-ASCII source bytes in -Wbidi-chars= + [PR103026] +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This flags rich_locations associated with -Wbidi-chars= so that +non-ASCII bytes will be escaped when printing the source lines +(using the diagnostics support I added in +r12-4825-gbd5e882cf6e0def3dd1bc106075d59a303fe0d1e). + +In particular, this ensures that the printed source lines will +be pure ASCII, and thus the visual ordering of the characters +will be the same as the logical ordering. + +Before: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /*â® } â¦if (isAdmin)⩠⦠begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only â® { â¦*/ + | ^ + + Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 6 | int LRE_âª_PDF_\u202c; + | ^ + Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 8 | int LRE_\u202a_PDF_â¬_; + | ^ + Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 10 | const char *s1 = "LRE_âª_PDF_\u202c"; + | ^ + Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 12 | const char *s2 = "LRE_\u202a_PDF_â¬"; + | ^ + +After: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only <U+202E> { <U+2066>*/ + | ^ + + Wbidi-chars-11.c:6:15: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 6 | int LRE_<U+202A>_PDF_\u202c; + | ^ + Wbidi-chars-11.c:8:19: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 8 | int LRE_\u202a_PDF_<U+202C>_; + | ^ + Wbidi-chars-11.c:10:28: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 10 | const char *s1 = "LRE_<U+202A>_PDF_\u202c"; + | ^ + Wbidi-chars-11.c:12:33: warning: UTF-8 vs UCN mismatch when closing a context by "U+202C (POP DIRECTIONAL FORMATTING)" [-Wbidi-chars=] + 12 | const char *s2 = "LRE_\u202a_PDF_<U+202C>"; + | ^ + +libcpp/ChangeLog: + PR preprocessor/103026 + * lex.c (maybe_warn_bidi_on_close): Use a rich_location + and call set_escape_on_output (true) on it. + (maybe_warn_bidi_on_char): Likewise. + +Signed-off-by: David Malcolm <dmalcolm@redhat.com> + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=1a7f2c0774129750fdf73e9f1b78f0ce983c9ab3] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + libcpp/lex.c | 29 +++++++++++++++++------------ + 1 file changed, 17 insertions(+), 12 deletions(-) + +diff --git a/libcpp/lex.c b/libcpp/lex.c +--- a/libcpp/lex.c 2021-12-14 20:44:11.647815287 -0800 ++++ b/libcpp/lex.c 2021-12-14 20:43:38.008383220 -0800 +@@ -1427,9 +1427,11 @@ maybe_warn_bidi_on_close (cpp_reader *pf + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "unpaired UTF-8 bidirectional control character " +- "detected"); ++ rich_location rich_loc (pfile->line_table, loc); ++ rich_loc.set_escape_on_output (true); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); + } + /* We're done with this context. */ + bidi::on_close (); +@@ -1454,6 +1456,9 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); ++ rich_location rich_loc (pfile->line_table, loc); ++ rich_loc.set_escape_on_output (true); ++ + /* It seems excessive to warn about a PDI/PDF that is closing + an opened context because we've already warned about the + opening character. Except warn when we have a UCN x UTF-8 +@@ -1462,20 +1467,20 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + { + if (warn_bidi == bidirectional_unpaired + && bidi::current_ctx_ucn_p () != ucn_p) +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "UTF-8 vs UCN mismatch when closing " +- "a context by \"%s\"", bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); + } + else if (warn_bidi == bidirectional_any) + { + if (kind == bidi::kind::PDF || kind == bidi::kind::PDI) +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "\"%s\" is closing an unopened context", +- bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "\"%s\" is closing an unopened context", ++ bidi::to_str (kind)); + else +- cpp_warning_with_line (pfile, CPP_W_BIDIRECTIONAL, loc, 0, +- "found problematic Unicode character \"%s\"", +- bidi::to_str (kind)); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "found problematic Unicode character \"%s\"", ++ bidi::to_str (kind)); + } + } + /* We're done with this context. */ diff --git a/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch b/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch new file mode 100644 index 0000000000..6e983a67b6 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc/0005-CVE-2021-42574.patch @@ -0,0 +1,575 @@ +From bef32d4a28595e933f24fef378cf052a30b674a7 Mon Sep 17 00:00:00 2001 +From: David Malcolm <dmalcolm@redhat.com> +Date: Tue, 2 Nov 2021 15:45:22 -0400 +Subject: [PATCH] libcpp: capture and underline ranges in -Wbidi-chars= + [PR103026] +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +This patch converts the bidi::vec to use a struct so that we can +capture location_t values for the bidirectional control characters. + +Before: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */ + | ^ + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control character detected [-Wbidi-chars=] + 9 | /* end admins only <U+202E> { <U+2066>*/ + | ^ + +After: + + Wbidi-chars-1.c: In function âmainâ: + Wbidi-chars-1.c:6:43: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=] + 6 | /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */ + | ~~~~~~~~ ~~~~~~~~ ^ + | | | | + | | | end of bidirectional context + | U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE) + Wbidi-chars-1.c:9:28: warning: unpaired UTF-8 bidirectional control characters detected [-Wbidi-chars=] + 9 | /* end admins only <U+202E> { <U+2066>*/ + | ~~~~~~~~ ~~~~~~~~ ^ + | | | | + | | | end of bidirectional context + | | U+2066 (LEFT-TO-RIGHT ISOLATE) + | U+202E (RIGHT-TO-LEFT OVERRIDE) + +Signed-off-by: David Malcolm <dmalcolm@redhat.com> + +gcc/testsuite/ChangeLog: + PR preprocessor/103026 + * c-c++-common/Wbidi-chars-ranges.c: New test. + +libcpp/ChangeLog: + PR preprocessor/103026 + * lex.c (struct bidi::context): New. + (bidi::vec): Convert to a vec of context rather than unsigned + char. + (bidi::ctx_at): Rename to... + (bidi::pop_kind_at): ...this and reimplement for above change. + (bidi::current_ctx): Update for change to vec. + (bidi::current_ctx_ucn_p): Likewise. + (bidi::current_ctx_loc): New. + (bidi::on_char): Update for usage of context struct. Add "loc" + param and pass it when pushing contexts. + (get_location_for_byte_range_in_cur_line): New. + (get_bidi_utf8): Rename to... + (get_bidi_utf8_1): ...this, reintroducing... + (get_bidi_utf8): ...as a wrapper, setting *OUT when the result is + not NONE. + (get_bidi_ucn): Rename to... + (get_bidi_ucn_1): ...this, reintroducing... + (get_bidi_ucn): ...as a wrapper, setting *OUT when the result is + not NONE. + (class unpaired_bidi_rich_location): New. + (maybe_warn_bidi_on_close): Use unpaired_bidi_rich_location when + reporting on unpaired bidi chars. Split into singular vs plural + spellings. + (maybe_warn_bidi_on_char): Pass in a location_t rather than a + const uchar * and use it when emitting warnings, and when calling + bidi::on_char. + (_cpp_skip_block_comment): Capture location when kind is not NONE + and pass it to maybe_warn_bidi_on_char. + (skip_line_comment): Likewise. + (forms_identifier_p): Likewise. + (lex_raw_string): Likewise. + (lex_string): Likewise. + +Signed-off-by: David Malcolm <dmalcolm@redhat.com> + +CVE: CVE-2021-42574 +Upstream-Status: Backport [https://gcc.gnu.org/git/gitweb.cgi?p=gcc.git;h=bef32d4a28595e933f24fef378cf052a30b674a7] +Signed-off-by: Pgowda <pgowda.cve@gmail.com> + +--- + .../c-c++-common/Wbidi-chars-ranges.c | 54 ++++ + libcpp/lex.c | 251 ++++++++++++++---- + 2 files changed, 257 insertions(+), 48 deletions(-) + create mode 100644 gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c + +diff --git a/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c +--- a/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c 1969-12-31 16:00:00.000000000 -0800 ++++ b/gcc/testsuite/c-c++-common/Wbidi-chars-ranges.c 2021-12-25 01:39:55.116281847 -0800 +@@ -0,0 +1,54 @@ ++/* PR preprocessor/103026 */ ++/* { dg-do compile } */ ++/* { dg-options "-Wbidi-chars=unpaired -fdiagnostics-show-caret" } */ ++/* Verify that we escape and underline pertinent bidirectional ++ control characters when quoting the source. */ ++ ++int test_unpaired_bidi () { ++ int isAdmin = 0; ++ /* } if (isAdmin) begin admins only */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ /*<U+202E> } <U+2066>if (isAdmin)<U+2069> <U+2066> begin admins only */ ++ ~~~~~~~~ ~~~~~~~~ ^ ++ | | | ++ | | end of bidirectional context ++ U+202E (RIGHT-TO-LEFT OVERRIDE) U+2066 (LEFT-TO-RIGHT ISOLATE) ++ { dg-end-multiline-output "" } ++#endif ++ ++ __builtin_printf("You are an admin.\n"); ++ /* end admins only { */ ++/* { dg-warning "bidirectional" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ /* end admins only <U+202E> { <U+2066>*/ ++ ~~~~~~~~ ~~~~~~~~ ^ ++ | | | ++ | | end of bidirectional context ++ | U+2066 (LEFT-TO-RIGHT ISOLATE) ++ U+202E (RIGHT-TO-LEFT OVERRIDE) ++ { dg-end-multiline-output "" } ++#endif ++ ++ return 0; ++} ++ ++int LRE__PDF_\u202c; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ int LRE_<U+202A>_PDF_\u202c; ++ ~~~~~~~~ ^~~~~~ ++ { dg-end-multiline-output "" } ++#endif ++ ++const char *s1 = "LRE__PDF_\u202c"; ++/* { dg-warning "mismatch" "" { target *-*-* } .-1 } */ ++#if 0 ++ { dg-begin-multiline-output "" } ++ const char *s1 = "LRE_<U+202A>_PDF_\u202c"; ++ ~~~~~~~~ ^~~~~~ ++ { dg-end-multiline-output "" } ++#endif +diff --git a/libcpp/lex.c b/libcpp/lex.c +--- a/libcpp/lex.c 2021-12-25 01:41:16.522868808 -0800 ++++ b/libcpp/lex.c 2021-12-25 06:28:58.530680302 -0800 +@@ -1172,11 +1172,34 @@ namespace bidi { + /* All the UTF-8 encodings of bidi characters start with E2. */ + constexpr uchar utf8_start = 0xe2; + ++ struct context ++ { ++ context () {} ++ context (location_t loc, kind k, bool pdf, bool ucn) ++ : m_loc (loc), m_kind (k), m_pdf (pdf), m_ucn (ucn) ++ { ++ } ++ ++ kind get_pop_kind () const ++ { ++ return m_pdf ? kind::PDF : kind::PDI; ++ } ++ bool ucn_p () const ++ { ++ return m_ucn; ++ } ++ ++ location_t m_loc; ++ kind m_kind; ++ unsigned m_pdf : 1; ++ unsigned m_ucn : 1; ++ }; ++ + /* A vector holding currently open bidi contexts. We use a char for + each context, its LSB is 1 if it represents a PDF context, 0 if it + represents a PDI context. The next bit is 1 if this context was open + by a bidi character written as a UCN, and 0 when it was UTF-8. */ +- semi_embedded_vec <unsigned char, 16> vec; ++ semi_embedded_vec <context, 16> vec; + + /* Close the whole comment/identifier/string literal/character constant + context. */ +@@ -1193,19 +1216,19 @@ namespace bidi { + vec.truncate (len - 1); + } + +- /* Return the context of the Ith element. */ +- kind ctx_at (unsigned int i) ++ /* Return the pop kind of the context of the Ith element. */ ++ kind pop_kind_at (unsigned int i) + { +- return (vec[i] & 1) ? kind::PDF : kind::PDI; ++ return vec[i].get_pop_kind (); + } + +- /* Return which context is currently opened. */ ++ /* Return the pop kind of the context that is currently opened. */ + kind current_ctx () + { + unsigned int len = vec.count (); + if (len == 0) + return kind::NONE; +- return ctx_at (len - 1); ++ return vec[len - 1].get_pop_kind (); + } + + /* Return true if the current context comes from a UCN origin, that is, +@@ -1214,11 +1237,19 @@ namespace bidi { + { + unsigned int len = vec.count (); + gcc_checking_assert (len > 0); +- return (vec[len - 1] >> 1) & 1; ++ return vec[len - 1].m_ucn; + } + +- /* We've read a bidi char, update the current vector as necessary. */ +- void on_char (kind k, bool ucn_p) ++ location_t current_ctx_loc () ++ { ++ unsigned int len = vec.count (); ++ gcc_checking_assert (len > 0); ++ return vec[len - 1].m_loc; ++ } ++ ++ /* We've read a bidi char, update the current vector as necessary. ++ LOC is only valid when K is not kind::NONE. */ ++ void on_char (kind k, bool ucn_p, location_t loc) + { + switch (k) + { +@@ -1226,12 +1257,12 @@ namespace bidi { + case kind::RLE: + case kind::LRO: + case kind::RLO: +- vec.push (ucn_p ? 3u : 1u); ++ vec.push (context (loc, k, true, ucn_p)); + break; + case kind::LRI: + case kind::RLI: + case kind::FSI: +- vec.push (ucn_p ? 2u : 0u); ++ vec.push (context (loc, k, false, ucn_p)); + break; + /* PDF terminates the scope of the last LRE, RLE, LRO, or RLO + whose scope has not yet been terminated. */ +@@ -1245,7 +1276,7 @@ namespace bidi { + yet been terminated. */ + case kind::PDI: + for (int i = vec.count () - 1; i >= 0; --i) +- if (ctx_at (i) == kind::PDI) ++ if (pop_kind_at (i) == kind::PDI) + { + vec.truncate (i); + break; +@@ -1295,10 +1326,47 @@ namespace bidi { + } + } + ++/* Get location_t for the range of bytes [START, START + NUM_BYTES) ++ within the current line in FILE, with the caret at START. */ ++ ++static location_t ++get_location_for_byte_range_in_cur_line (cpp_reader *pfile, ++ const unsigned char *const start, ++ size_t num_bytes) ++{ ++ gcc_checking_assert (num_bytes > 0); ++ ++ /* CPP_BUF_COLUMN and linemap_position_for_column both refer ++ to offsets in bytes, but CPP_BUF_COLUMN is 0-based, ++ whereas linemap_position_for_column is 1-based. */ ++ ++ /* Get 0-based offsets within the line. */ ++ size_t start_offset = CPP_BUF_COLUMN (pfile->buffer, start); ++ size_t end_offset = start_offset + num_bytes - 1; ++ ++ /* Now convert to location_t, where "columns" are 1-based byte offsets. */ ++ location_t start_loc = linemap_position_for_column (pfile->line_table, ++ start_offset + 1); ++ location_t end_loc = linemap_position_for_column (pfile->line_table, ++ end_offset + 1); ++ ++ if (start_loc == end_loc) ++ return start_loc; ++ ++ source_range src_range; ++ src_range.m_start = start_loc; ++ src_range.m_finish = end_loc; ++ location_t combined_loc = COMBINE_LOCATION_DATA (pfile->line_table, ++ start_loc, ++ src_range, ++ NULL); ++ return combined_loc; ++} ++ + /* Parse a sequence of 3 bytes starting with P and return its bidi code. */ + + static bidi::kind +-get_bidi_utf8 (const unsigned char *const p) ++get_bidi_utf8_1 (const unsigned char *const p) + { + gcc_checking_assert (p[0] == bidi::utf8_start); + +@@ -1340,10 +1408,25 @@ get_bidi_utf8 (const unsigned char *cons + return bidi::kind::NONE; + } + ++/* Parse a sequence of 3 bytes starting with P and return its bidi code. ++ If the kind is not NONE, write the location to *OUT.*/ ++ ++static bidi::kind ++get_bidi_utf8 (cpp_reader *pfile, const unsigned char *const p, location_t *out) ++{ ++ bidi::kind result = get_bidi_utf8_1 (p); ++ if (result != bidi::kind::NONE) ++ { ++ /* We have a sequence of 3 bytes starting at P. */ ++ *out = get_location_for_byte_range_in_cur_line (pfile, p, 3); ++ } ++ return result; ++} ++ + /* Parse a UCN where P points just past \u or \U and return its bidi code. */ + + static bidi::kind +-get_bidi_ucn (const unsigned char *p, bool is_U) ++get_bidi_ucn_1 (const unsigned char *p, bool is_U) + { + /* 6.4.3 Universal Character Names + \u hex-quad +@@ -1412,6 +1495,62 @@ get_bidi_ucn (const unsigned char *p, bo + return bidi::kind::NONE; + } + ++/* Parse a UCN where P points just past \u or \U and return its bidi code. ++ If the kind is not NONE, write the location to *OUT.*/ ++ ++static bidi::kind ++get_bidi_ucn (cpp_reader *pfile, const unsigned char *p, bool is_U, ++ location_t *out) ++{ ++ bidi::kind result = get_bidi_ucn_1 (p, is_U); ++ if (result != bidi::kind::NONE) ++ { ++ const unsigned char *start = p - 2; ++ size_t num_bytes = 2 + (is_U ? 8 : 4); ++ *out = get_location_for_byte_range_in_cur_line (pfile, start, num_bytes); ++ } ++ return result; ++} ++ ++/* Subclass of rich_location for reporting on unpaired UTF-8 ++ bidirectional control character(s). ++ Escape the source lines on output, and show all unclosed ++ bidi context, labelling everything. */ ++ ++class unpaired_bidi_rich_location : public rich_location ++{ ++ public: ++ class custom_range_label : public range_label ++ { ++ public: ++ label_text get_text (unsigned range_idx) const FINAL OVERRIDE ++ { ++ /* range 0 is the primary location; each subsequent range i + 1 ++ is for bidi::vec[i]. */ ++ if (range_idx > 0) ++ { ++ const bidi::context &ctxt (bidi::vec[range_idx - 1]); ++ return label_text::borrow (bidi::to_str (ctxt.m_kind)); ++ } ++ else ++ return label_text::borrow (_("end of bidirectional context")); ++ } ++ }; ++ ++ unpaired_bidi_rich_location (cpp_reader *pfile, location_t loc) ++ : rich_location (pfile->line_table, loc, &m_custom_label) ++ { ++ set_escape_on_output (true); ++ for (unsigned i = 0; i < bidi::vec.count (); i++) ++ add_range (bidi::vec[i].m_loc, ++ SHOW_RANGE_WITHOUT_CARET, ++ &m_custom_label); ++ } ++ ++ private: ++ custom_range_label m_custom_label; ++}; ++ + /* We're closing a bidi context, that is, we've encountered a newline, + are closing a C-style comment, or are at the end of a string literal, + character constant, or identifier. Warn if this context was not +@@ -1427,11 +1566,17 @@ maybe_warn_bidi_on_close (cpp_reader *pf + const location_t loc + = linemap_position_for_column (pfile->line_table, + CPP_BUF_COLUMN (pfile->buffer, p)); +- rich_location rich_loc (pfile->line_table, loc); +- rich_loc.set_escape_on_output (true); +- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, +- "unpaired UTF-8 bidirectional control character " +- "detected"); ++ unpaired_bidi_rich_location rich_loc (pfile, loc); ++ /* cpp_callbacks doesn't yet have a way to handle singular vs plural ++ forms of a diagnostic, so fake it for now. */ ++ if (bidi::vec.count () > 1) ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control characters " ++ "detected"); ++ else ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "unpaired UTF-8 bidirectional control character " ++ "detected"); + } + /* We're done with this context. */ + bidi::on_close (); +@@ -1439,12 +1584,13 @@ maybe_warn_bidi_on_close (cpp_reader *pf + + /* We're at the beginning or in the middle of an identifier/comment/string + literal/character constant. Warn if we've encountered a bidi character. +- KIND says which bidi character it was; P points to it in the character +- stream. UCN_P is true iff this bidi character was written as a UCN. */ ++ KIND says which bidi control character it was; UCN_P is true iff this bidi ++ control character was written as a UCN. LOC is the location of the ++ character, but is only valid if KIND != bidi::kind::NONE. */ + + static void +-maybe_warn_bidi_on_char (cpp_reader *pfile, const uchar *p, bidi::kind kind, +- bool ucn_p) ++maybe_warn_bidi_on_char (cpp_reader *pfile, bidi::kind kind, ++ bool ucn_p, location_t loc) + { + if (__builtin_expect (kind == bidi::kind::NONE, 1)) + return; +@@ -1453,9 +1599,6 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + + if (warn_bidi != bidirectional_none) + { +- const location_t loc +- = linemap_position_for_column (pfile->line_table, +- CPP_BUF_COLUMN (pfile->buffer, p)); + rich_location rich_loc (pfile->line_table, loc); + rich_loc.set_escape_on_output (true); + +@@ -1467,9 +1610,12 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + { + if (warn_bidi == bidirectional_unpaired + && bidi::current_ctx_ucn_p () != ucn_p) +- cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, +- "UTF-8 vs UCN mismatch when closing " +- "a context by \"%s\"", bidi::to_str (kind)); ++ { ++ rich_loc.add_range (bidi::current_ctx_loc ()); ++ cpp_warning_at (pfile, CPP_W_BIDIRECTIONAL, &rich_loc, ++ "UTF-8 vs UCN mismatch when closing " ++ "a context by \"%s\"", bidi::to_str (kind)); ++ } + } + else if (warn_bidi == bidirectional_any) + { +@@ -1484,7 +1630,7 @@ maybe_warn_bidi_on_char (cpp_reader *pfi + } + } + /* We're done with this context. */ +- bidi::on_char (kind, ucn_p); ++ bidi::on_char (kind, ucn_p, loc); + } + + /* Skip a C-style block comment. We find the end of the comment by +@@ -1552,8 +1698,9 @@ _cpp_skip_block_comment (cpp_reader *pfi + a bidirectional control character. */ + else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (cur - 1); +- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + } + +@@ -1586,9 +1733,9 @@ skip_line_comment (cpp_reader *pfile) + { + if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0)) + { +- bidi::kind kind = get_bidi_utf8 (buffer->cur); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + buffer->cur++; + } +@@ -1734,9 +1881,9 @@ forms_identifier_p (cpp_reader *pfile, i + if (__builtin_expect (*buffer->cur == bidi::utf8_start, 0) + && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (buffer->cur); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, buffer->cur, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + if (_cpp_valid_utf8 (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s)) +@@ -1748,10 +1895,12 @@ forms_identifier_p (cpp_reader *pfile, i + buffer->cur += 2; + if (warn_bidi_p) + { +- bidi::kind kind = get_bidi_ucn (buffer->cur, +- buffer->cur[-1] == 'U'); +- maybe_warn_bidi_on_char (pfile, buffer->cur, kind, +- /*ucn_p=*/true); ++ location_t loc; ++ bidi::kind kind = get_bidi_ucn (pfile, ++ buffer->cur, ++ buffer->cur[-1] == 'U', ++ &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc); + } + if (_cpp_valid_ucn (pfile, &buffer->cur, buffer->rlimit, 1 + !first, + state, &s, NULL, NULL)) +@@ -2327,12 +2476,15 @@ lex_raw_string (cpp_reader *pfile, cpp_t + } + else if (__builtin_expect ((unsigned char) c == bidi::utf8_start, 0) + && warn_bidi_p) +- maybe_warn_bidi_on_char (pfile, pos - 1, get_bidi_utf8 (pos - 1), +- /*ucn_p=*/false); ++ { ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); ++ } + } + + if (warn_bidi_p) +- maybe_warn_bidi_on_close (pfile, pos); ++ maybe_warn_bidi_on_close (pfile, cur); + + if (CPP_OPTION (pfile, user_literals)) + { +@@ -2438,8 +2590,10 @@ lex_string (cpp_reader *pfile, cpp_token + { + if ((cur[0] == 'u' || cur[0] == 'U') && warn_bidi_p) + { +- bidi::kind kind = get_bidi_ucn (cur + 1, cur[0] == 'U'); +- maybe_warn_bidi_on_char (pfile, cur, kind, /*ucn_p=*/true); ++ location_t loc; ++ bidi::kind kind = get_bidi_ucn (pfile, cur + 1, cur[0] == 'U', ++ &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/true, loc); + } + cur++; + } +@@ -2467,8 +2621,9 @@ lex_string (cpp_reader *pfile, cpp_token + saw_NUL = true; + else if (__builtin_expect (c == bidi::utf8_start, 0) && warn_bidi_p) + { +- bidi::kind kind = get_bidi_utf8 (cur - 1); +- maybe_warn_bidi_on_char (pfile, cur - 1, kind, /*ucn_p=*/false); ++ location_t loc; ++ bidi::kind kind = get_bidi_utf8 (pfile, cur - 1, &loc); ++ maybe_warn_bidi_on_char (pfile, kind, /*ucn_p=*/false, loc); + } + } + diff --git a/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch b/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch index 88e1715b5c..03d7a41633 100644 --- a/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch +++ b/meta/recipes-devtools/gcc/gcc/0012-gcc-Fix-argument-list-too-long-error.patch @@ -30,9 +30,8 @@ diff --git a/gcc/Makefile.in b/gcc/Makefile.in index a67d2cc18d6..480c9366418 100644 --- a/gcc/Makefile.in +++ b/gcc/Makefile.in -@@ -3606,7 +3606,7 @@ install-plugin: installdirs lang.install-plugin s-header-vars install-gengtype - # We keep the directory structure for files in config or c-family and .def - # files. All other files are flattened to a single directory. + # We keep the directory structure for files in config, common/config or + # c-family and .def files. All other files are flattened to a single directory. $(mkinstalldirs) $(DESTDIR)$(plugin_includedir) - headers=`echo $(PLUGIN_HEADERS) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \ + headers=`echo $(sort $(PLUGIN_HEADERS)) $$(cd $(srcdir); echo *.h *.def) | tr ' ' '\012' | sort -u`; \ diff --git a/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch b/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch index ba7c2b8fd5..43d881fa5e 100644 --- a/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch +++ b/meta/recipes-devtools/gcc/gcc/0033-Re-introduce-spe-commandline-options.patch @@ -33,6 +33,6 @@ index f95b8279270..0e52d51409d 100644 +Target RejectNegative Var(rs6000_spe_abi, 0) +Do not use the SPE ABI extensions. + + ; Altivec ABI mabi=altivec Target RejectNegative Var(rs6000_altivec_abi) Save - Use the AltiVec ABI extensions. diff --git a/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch b/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch index de82a3a539..4db3d15554 100644 --- a/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch +++ b/meta/recipes-devtools/gcc/gcc/0036-mingw32-Enable-operation_not_supported.patch @@ -16,11 +16,11 @@ index 68ac72a78fb..71cd5815b81 100644 --- a/libstdc++-v3/config/os/mingw32/error_constants.h +++ b/libstdc++-v3/config/os/mingw32/error_constants.h @@ -107,7 +107,7 @@ _GLIBCXX_BEGIN_NAMESPACE_VERSION - #ifdef _GLIBCXX_HAVE_EPERM + #ifdef EPERM operation_not_permitted = EPERM, #endif -// operation_not_supported = EOPNOTSUPP, + operation_not_supported = EOPNOTSUPP, - #ifdef _GLIBCXX_HAVE_EWOULDBLOCK + #ifdef EWOULDBLOCK operation_would_block = EWOULDBLOCK, #endif diff --git a/meta/recipes-devtools/gcc/gcc_10.2.bb b/meta/recipes-devtools/gcc/gcc_10.3.bb index 7d93590588..7d93590588 100644 --- a/meta/recipes-devtools/gcc/gcc_10.2.bb +++ b/meta/recipes-devtools/gcc/gcc_10.3.bb diff --git a/meta/recipes-devtools/gcc/libgcc-initial_10.2.bb b/meta/recipes-devtools/gcc/libgcc-initial_10.3.bb index 0c698c26ec..0c698c26ec 100644 --- a/meta/recipes-devtools/gcc/libgcc-initial_10.2.bb +++ b/meta/recipes-devtools/gcc/libgcc-initial_10.3.bb diff --git a/meta/recipes-devtools/gcc/libgcc_10.2.bb b/meta/recipes-devtools/gcc/libgcc_10.3.bb index ea210a1130..ea210a1130 100644 --- a/meta/recipes-devtools/gcc/libgcc_10.2.bb +++ b/meta/recipes-devtools/gcc/libgcc_10.3.bb diff --git a/meta/recipes-devtools/gcc/libgfortran_10.2.bb b/meta/recipes-devtools/gcc/libgfortran_10.3.bb index 71dd8b4bdc..71dd8b4bdc 100644 --- a/meta/recipes-devtools/gcc/libgfortran_10.2.bb +++ b/meta/recipes-devtools/gcc/libgfortran_10.3.bb diff --git a/meta/recipes-devtools/glide/glide_0.13.3.bb b/meta/recipes-devtools/glide/glide_0.13.3.bb index 6eb87df7c3..1a5c760cb3 100644 --- a/meta/recipes-devtools/glide/glide_0.13.3.bb +++ b/meta/recipes-devtools/glide/glide_0.13.3.bb @@ -5,7 +5,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://src/${GO_IMPORT}/LICENSE;md5=54905cf894f8cc416a92f4fc350c35b2" GO_IMPORT = "github.com/Masterminds/glide" -SRC_URI = "git://${GO_IMPORT}" +SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https" SRCREV = "8ed5b9292379d86c39592a7e6a58eb9c903877cf" inherit go diff --git a/meta/recipes-devtools/gnu-config/gnu-config_git.bb b/meta/recipes-devtools/gnu-config/gnu-config_git.bb index c41177c72b..da52c943f5 100644 --- a/meta/recipes-devtools/gnu-config/gnu-config_git.bb +++ b/meta/recipes-devtools/gnu-config/gnu-config_git.bb @@ -12,7 +12,7 @@ INHIBIT_DEFAULT_DEPS = "1" SRCREV = "6faca61810d335c7837f320733fe8e15a1431fc2" PV = "20210125+git${SRCPV}" -SRC_URI = "git://git.savannah.gnu.org/config.git \ +SRC_URI = "git://git.savannah.gnu.org/git/config.git;protocol=https;branch=master \ file://gnu-configize.in" S = "${WORKDIR}/git" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-devtools/go/go-1.16.7.inc b/meta/recipes-devtools/go/go-1.16.15.inc index 9eca1caeeb..8b1ad22bcc 100644 --- a/meta/recipes-devtools/go/go-1.16.7.inc +++ b/meta/recipes-devtools/go/go-1.16.15.inc @@ -1,8 +1,8 @@ require go-common.inc GO_BASEVERSION = "1.16" -PV = "1.16.7" -FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" +PV = "1.16.15" +FILESEXTRAPATHS:prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" @@ -18,7 +18,7 @@ SRC_URI += "\ file://0009-Revert-cmd-go-make-sure-CC-and-CXX-are-absolute.patch \ file://0001-encoding-xml-handle-leading-trailing-or-double-colon.patch \ " -SRC_URI[main.sha256sum] = "1a9f2894d3d878729f7045072f30becebe243524cf2fce4e0a7b248b1e0654ac" +SRC_URI[main.sha256sum] = "90a08c689279e35f3865ba510998c33a63255c36089b3ec206c912fc0568c3d3" # Upstream don't believe it is a signifiant real world issue and will only # fix in 1.17 onwards where we can drop this. diff --git a/meta/recipes-devtools/go/go-binary-native_1.16.7.bb b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb index cb54c2868e..ba11ee5695 100644 --- a/meta/recipes-devtools/go/go-binary-native_1.16.7.bb +++ b/meta/recipes-devtools/go/go-binary-native_1.16.15.bb @@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707" PROVIDES = "go-native" SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}" -SRC_URI[go_linux_amd64.sha256sum] = "7fe7a73f55ba3e2285da36f8b085e5c0159e9564ef5f63ee0ed6b818ade8ef04" -SRC_URI[go_linux_arm64.sha256sum] = "63d6b53ecbd2b05c1f0e9903c92042663f2f68afdbb67f4d0d12700156869bac" +SRC_URI[go_linux_amd64.sha256sum] = "77c782a633186d78c384f972fb113a43c24be0234c42fef22c2d8c4c4c8e7475" +SRC_URI[go_linux_arm64.sha256sum] = "c2f27f0ce5620a9bc2ff3446165d1974ef94e9b885ec12dbfa3c07e0e198b7ce" UPSTREAM_CHECK_URI = "https://golang.org/dl/" UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux" diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb b/meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb index 7ac9449e47..7ac9449e47 100644 --- a/meta/recipes-devtools/go/go-cross-canadian_1.16.7.bb +++ b/meta/recipes-devtools/go/go-cross-canadian_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-cross_1.16.7.bb b/meta/recipes-devtools/go/go-cross_1.16.15.bb index 80b5a03f6c..80b5a03f6c 100644 --- a/meta/recipes-devtools/go/go-cross_1.16.7.bb +++ b/meta/recipes-devtools/go/go-cross_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb b/meta/recipes-devtools/go/go-crosssdk_1.16.15.bb index 1857c8a577..1857c8a577 100644 --- a/meta/recipes-devtools/go/go-crosssdk_1.16.7.bb +++ b/meta/recipes-devtools/go/go-crosssdk_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-native_1.16.7.bb b/meta/recipes-devtools/go/go-native_1.16.15.bb index f14892cdb0..f14892cdb0 100644 --- a/meta/recipes-devtools/go/go-native_1.16.7.bb +++ b/meta/recipes-devtools/go/go-native_1.16.15.bb diff --git a/meta/recipes-devtools/go/go-runtime_1.16.7.bb b/meta/recipes-devtools/go/go-runtime_1.16.15.bb index 63464a1501..63464a1501 100644 --- a/meta/recipes-devtools/go/go-runtime_1.16.7.bb +++ b/meta/recipes-devtools/go/go-runtime_1.16.15.bb diff --git a/meta/recipes-devtools/go/go_1.16.7.bb b/meta/recipes-devtools/go/go_1.16.15.bb index 4e9e0ebec8..4e9e0ebec8 100644 --- a/meta/recipes-devtools/go/go_1.16.7.bb +++ b/meta/recipes-devtools/go/go_1.16.15.bb diff --git a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb index 58d2dee897..d9e712f74a 100644 --- a/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb +++ b/meta/recipes-devtools/libcomps/libcomps_0.1.15.bb @@ -4,7 +4,7 @@ DESCRIPTION = "Libcomps is alternative for yum.comps library. It's written in pu LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/rpm-software-management/libcomps.git \ +SRC_URI = "git://github.com/rpm-software-management/libcomps.git;branch=master;protocol=https \ file://0001-Add-crc32.c-to-sources-list.patch \ file://0002-Do-not-set-PYTHON_INSTALL_DIR-by-running-python.patch \ " diff --git a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb index dbe68d5a15..30b96bd81d 100644 --- a/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb +++ b/meta/recipes-devtools/libdnf/libdnf_0.58.0.bb @@ -4,7 +4,7 @@ DESCRIPTION = "This library provides a high level package-manager. It's core lib LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master \ +SRC_URI = "git://github.com/rpm-software-management/libdnf;branch=dnf-4-master;protocol=https \ file://0001-FindGtkDoc.cmake-drop-the-requirement-for-GTKDOC_SCA.patch \ file://0004-Set-libsolv-variables-with-pkg-config-cmake-s-own-mo.patch \ file://0001-Get-parameters-for-both-libsolv-and-libsolvext-libdn.patch \ diff --git a/meta/recipes-devtools/librepo/librepo_1.13.0.bb b/meta/recipes-devtools/librepo/librepo_1.13.0.bb index 0a68e0ac4f..3f5919d0a2 100644 --- a/meta/recipes-devtools/librepo/librepo_1.13.0.bb +++ b/meta/recipes-devtools/librepo/librepo_1.13.0.bb @@ -5,7 +5,7 @@ DESCRIPTION = "${SUMMARY}" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://github.com/rpm-software-management/librepo.git \ +SRC_URI = "git://github.com/rpm-software-management/librepo.git;branch=master;protocol=https \ file://0002-Do-not-try-to-obtain-PYTHON_INSTALL_DIR-by-running-p.patch \ file://0004-Set-gpgme-variables-with-pkg-config-not-with-cmake-m.patch \ " diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb index db6694339c..58cdaaa5a9 100644 --- a/meta/recipes-devtools/llvm/llvm_git.bb +++ b/meta/recipes-devtools/llvm/llvm_git.bb @@ -30,13 +30,17 @@ LLVM_DIR = "llvm${LLVM_RELEASE}" BRANCH = "release/${MAJOR_VERSION}.x" SRCREV = "1fdec59bffc11ae37eb51a1b9869f0696bfd5312" -SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH} \ +SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=https \ file://0006-llvm-TargetLibraryInfo-Undefine-libc-functions-if-th.patch;striplevel=2 \ file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \ file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \ file://0001-nfc-Fix-missing-include.patch;striplevel=2 \ " +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" + UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)" S = "${WORKDIR}/git/llvm" diff --git a/meta/recipes-devtools/m4/m4-1.4.18.inc b/meta/recipes-devtools/m4/m4-1.4.18.inc index a9b63c1bf6..6475b02f8b 100644 --- a/meta/recipes-devtools/m4/m4-1.4.18.inc +++ b/meta/recipes-devtools/m4/m4-1.4.18.inc @@ -9,6 +9,7 @@ inherit autotools texinfo ptest SRC_URI = "${GNU_MIRROR}/m4/m4-${PV}.tar.gz \ file://ac_config_links.patch \ file://m4-1.4.18-glibc-change-work-around.patch \ + file://0001-c-stack-stop-using-SIGSTKSZ.patch \ " SRC_URI_append_class-target = " file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ file://run-ptest \ diff --git a/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch new file mode 100644 index 0000000000..883b8a2075 --- /dev/null +++ b/meta/recipes-devtools/m4/m4/0001-c-stack-stop-using-SIGSTKSZ.patch @@ -0,0 +1,84 @@ +From 69238f15129f35eb4756ad8e2004e0d7907cb175 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 30 Apr 2021 17:40:36 -0700 +Subject: [PATCH] c-stack: stop using SIGSTKSZ + +This patch is required with glibc 2.34+ +based on gnulib [1] + +[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=f9e2b20a12a230efa30f1d479563ae07d276a94b + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + lib/c-stack.c | 22 +++++++++++++--------- + 1 file changed, 13 insertions(+), 9 deletions(-) + +diff --git a/lib/c-stack.c b/lib/c-stack.c +index 5353c08..863f764 100644 +--- a/lib/c-stack.c ++++ b/lib/c-stack.c +@@ -51,13 +51,14 @@ + typedef struct sigaltstack stack_t; + #endif + #ifndef SIGSTKSZ +-# define SIGSTKSZ 16384 +-#elif HAVE_LIBSIGSEGV && SIGSTKSZ < 16384 ++#define get_sigstksz() (16384) ++#elif HAVE_LIBSIGSEGV + /* libsigsegv 2.6 through 2.8 have a bug where some architectures use + more than the Linux default of an 8k alternate stack when deciding + if a fault was caused by stack overflow. */ +-# undef SIGSTKSZ +-# define SIGSTKSZ 16384 ++#define get_sigstksz() ((SIGSTKSZ) < 16384 ? 16384 : (SIGSTKSZ)) ++#else ++#define get_sigstksz() ((SIGSTKSZ)) + #endif + + #include <stdlib.h> +@@ -131,7 +132,8 @@ die (int signo) + /* Storage for the alternate signal stack. */ + static union + { +- char buffer[SIGSTKSZ]; ++ /* allocate buffer with size from get_sigstksz() */ ++ char *buffer; + + /* These other members are for proper alignment. There's no + standard way to guarantee stack alignment, but this seems enough +@@ -203,10 +205,11 @@ c_stack_action (void (*action) (int)) + program_error_message = _("program error"); + stack_overflow_message = _("stack overflow"); + ++ alternate_signal_stack.buffer = malloc(get_sigstksz()); + /* Always install the overflow handler. */ + if (stackoverflow_install_handler (overflow_handler, + alternate_signal_stack.buffer, +- sizeof alternate_signal_stack.buffer)) ++ get_sigstksz())) + { + errno = ENOTSUP; + return -1; +@@ -279,14 +282,15 @@ c_stack_action (void (*action) (int)) + stack_t st; + struct sigaction act; + st.ss_flags = 0; ++ alternate_signal_stack.buffer = malloc(get_sigstksz()); + # if SIGALTSTACK_SS_REVERSED + /* Irix mistakenly treats ss_sp as the upper bound, rather than + lower bound, of the alternate stack. */ +- st.ss_sp = alternate_signal_stack.buffer + SIGSTKSZ - sizeof (void *); +- st.ss_size = sizeof alternate_signal_stack.buffer - sizeof (void *); ++ st.ss_sp = alternate_signal_stack.buffer + get_sigstksz() - sizeof (void *); ++ st.ss_size = get_sigstksz() - sizeof (void *); + # else + st.ss_sp = alternate_signal_stack.buffer; +- st.ss_size = sizeof alternate_signal_stack.buffer; ++ st.ss_size = get_sigstksz(); + # endif + r = sigaltstack (&st, NULL); + if (r != 0) +-- +2.31.1 + diff --git a/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch new file mode 100644 index 0000000000..f96cc7d302 --- /dev/null +++ b/meta/recipes-devtools/mklibs/files/remove-deprecated-exception-specification-cpp17.patch @@ -0,0 +1,431 @@ +From 597c7a8333df84a87cc48fb8477b603ffbf372a6 Mon Sep 17 00:00:00 2001 +From: Andrej Valek <andrej.valek@siemens.com> +Date: Mon, 23 Aug 2021 12:45:11 +0200 +Subject: [PATCH] feat(cpp17): remove deprecated exception specifications for + C++ 17 + +Upstream-Status: Submitted [https://salsa.debian.org/installer-team/mklibs/-/merge_requests/2] + +based on: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2016/p0003r5.html + +Signed-off-by: Andrej Valek <andrej.valek@siemens.com> +--- + src/mklibs-readelf/elf.cpp | 48 ++++++++++++++++++++--------------------- + src/mklibs-readelf/elf.hpp | 18 ++++++++-------- + src/mklibs-readelf/elf_data.hpp | 36 +++++++++++++++---------------- + 3 files changed, 51 insertions(+), 51 deletions(-) + +diff --git a/src/mklibs-readelf/elf.cpp b/src/mklibs-readelf/elf.cpp +index 0e4c0f3..2e6d0f6 100644 +--- a/src/mklibs-readelf/elf.cpp ++++ b/src/mklibs-readelf/elf.cpp +@@ -36,7 +36,7 @@ file::~file () throw () + delete *it; + } + +-file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_error) ++file *file::open (const char *filename) throw () + { + struct stat buf; + int fd; +@@ -72,7 +72,7 @@ file *file::open (const char *filename) throw (std::bad_alloc, std::runtime_erro + } + + template<typename _class> +-file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error) ++file *file::open_class(uint8_t *mem, size_t len) throw () + { + switch (mem[EI_DATA]) + { +@@ -86,7 +86,7 @@ file *file::open_class(uint8_t *mem, size_t len) throw (std::bad_alloc, std::run + } + + template <typename _class, typename _data> +-file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw (std::bad_alloc, std::runtime_error) ++file_data<_class, _data>::file_data(uint8_t *mem, size_t len) throw () + : file(mem, len) + { + if (mem[EI_CLASS] != _class::id) +@@ -190,7 +190,7 @@ section_data<_class, _data>::section_data(Shdr *shdr, uint8_t *mem) throw () + } + + template <typename _class, typename _data> +-void section_data<_class, _data>::update(const file &file) throw (std::bad_alloc) ++void section_data<_class, _data>::update(const file &file) throw () + { + const section_type<section_type_STRTAB> §ion = + dynamic_cast<const section_type<section_type_STRTAB> &>(file.get_section(file.get_shstrndx())); +@@ -204,7 +204,7 @@ section_type<section_type_DYNAMIC>::~section_type() throw () + } + + template <typename _class, typename _data> +-section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_DYNAMIC) +@@ -221,7 +221,7 @@ section_real<_class, _data, section_type_DYNAMIC>::section_real(Shdr *header, ui + } + + template <typename _class, typename _data> +-void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_DYNAMIC>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -243,7 +243,7 @@ section_type<section_type_DYNSYM>::~section_type() throw () + } + + template <typename _class, typename _data> +-section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_DYNSYM) +@@ -260,7 +260,7 @@ section_real<_class, _data, section_type_DYNSYM>::section_real(Shdr *header, uin + } + + template <typename _class, typename _data> +-void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_DYNSYM>::update(const file &file) throw () + { + section_data<_class, _data>::update (file); + +@@ -285,7 +285,7 @@ const version_definition *section_type<section_type_GNU_VERDEF>::get_version_def + } + + template <typename _class, typename _data> +-section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data>(header, mem) + { + if (this->type != SHT_GNU_verdef) +@@ -307,7 +307,7 @@ section_real<_class, _data, section_type_GNU_VERDEF>::section_real(Shdr *header, + } + + template <typename _class, typename _data> +-void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_GNU_VERDEF>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -333,7 +333,7 @@ const version_requirement_entry *section_type<section_type_GNU_VERNEED>::get_ver + + template <typename _class, typename _data> + section_real<_class, _data, section_type_GNU_VERNEED>:: +-section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real(Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data> (header, mem) + { + if (this->type != SHT_GNU_verneed) +@@ -355,7 +355,7 @@ section_real(Shdr *header, uint8_t *mem) throw (std::bad_alloc) + } + + template <typename _class, typename _data> +-void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw (std::bad_alloc) ++void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &file) throw () + { + section_data<_class, _data>::update(file); + +@@ -372,7 +372,7 @@ void section_real<_class, _data, section_type_GNU_VERNEED>::update(const file &f + + template <typename _class, typename _data> + section_real<_class, _data, section_type_GNU_VERSYM>:: +-section_real (Shdr *header, uint8_t *mem) throw (std::bad_alloc) ++section_real (Shdr *header, uint8_t *mem) throw () + : section_data<_class, _data> (header, mem) + { + if (this->type != SHT_GNU_versym) +@@ -399,7 +399,7 @@ segment_data<_class, _data>::segment_data (Phdr *phdr, uint8_t *mem) throw () + } + + template <typename _class, typename _data> +-segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw (std::bad_alloc) ++segment_real<_class, _data, segment_type_INTERP>::segment_real (Phdr *header, uint8_t *mem) throw () + : segment_data<_class, _data> (header, mem) + { + if (this->type != PT_INTERP) +@@ -429,13 +429,13 @@ dynamic_data<_class, _data>::dynamic_data (Dyn *dyn) throw () + } + + template <typename _class, typename _data> +-void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw (std::bad_alloc) ++void dynamic_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw () + { + if (is_string) + val_string = section.get_string(val); + } + +-std::string symbol::get_version () const throw (std::bad_alloc) ++std::string symbol::get_version () const throw () + { + if (verneed) + return verneed->get_name(); +@@ -445,7 +445,7 @@ std::string symbol::get_version () const throw (std::bad_alloc) + return "Base"; + } + +-std::string symbol::get_version_file () const throw (std::bad_alloc) ++std::string symbol::get_version_file () const throw () + { + if (verneed) + return verneed->get_file(); +@@ -453,7 +453,7 @@ std::string symbol::get_version_file () const throw (std::bad_alloc) + return "None"; + } + +-std::string symbol::get_name_version () const throw (std::bad_alloc) ++std::string symbol::get_name_version () const throw () + { + std::string ver; + +@@ -478,13 +478,13 @@ symbol_data<_class, _data>::symbol_data (Sym *sym) throw () + } + + template <typename _class, typename _data> +-void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw (std::bad_alloc) ++void symbol_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw () + { + name_string = section.get_string(name); + } + + template <typename _class, typename _data> +-void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw (std::bad_alloc) ++void symbol_data<_class, _data>::update_version(const file &file, uint16_t index) throw () + { + if (!file.get_section_GNU_VERSYM()) + return; +@@ -531,13 +531,13 @@ version_definition_data<_class, _data>::version_definition_data (Verdef *verdef) + } + + template <typename _class, typename _data> +-void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw (std::bad_alloc) ++void version_definition_data<_class, _data>::update_string(const section_type<section_type_STRTAB> §ion) throw () + { + for (std::vector<uint32_t>::iterator it = names.begin(); it != names.end(); ++it) + names_string.push_back(section.get_string(*it)); + } + +-version_requirement::version_requirement() throw (std::bad_alloc) ++version_requirement::version_requirement() throw () + : file_string("None") + { } + +@@ -561,7 +561,7 @@ version_requirement_data<_class, _data>::version_requirement_data (Verneed *vern + + template <typename _class, typename _data> + void version_requirement_data<_class, _data>:: +-update_string(const section_type<section_type_STRTAB> §ion) throw (std::bad_alloc) ++update_string(const section_type<section_type_STRTAB> §ion) throw () + { + file_string = section.get_string(file); + +@@ -596,7 +596,7 @@ version_requirement_entry_data(Vernaux *vna, const version_requirement &verneed) + + template <typename _class, typename _data> + void version_requirement_entry_data<_class, _data>:: +-update_string(const section_type<section_type_STRTAB> §ion) throw (std::bad_alloc) ++update_string(const section_type<section_type_STRTAB> §ion) throw () + { + name_string = section.get_string(name); + } +diff --git a/src/mklibs-readelf/elf.hpp b/src/mklibs-readelf/elf.hpp +index 70e61cd..afb0c9e 100644 +--- a/src/mklibs-readelf/elf.hpp ++++ b/src/mklibs-readelf/elf.hpp +@@ -49,7 +49,7 @@ namespace Elf + const uint16_t get_shstrndx() const throw () { return shstrndx; } + + const std::vector<section *> get_sections() const throw () { return sections; }; +- const section &get_section(unsigned int i) const throw (std::out_of_range) { return *sections.at(i); }; ++ const section &get_section(unsigned int i) const throw () { return *sections.at(i); }; + const section_type<section_type_DYNAMIC> *get_section_DYNAMIC() const throw () { return section_DYNAMIC; }; + const section_type<section_type_DYNSYM> *get_section_DYNSYM() const throw () { return section_DYNSYM; }; + const section_type<section_type_GNU_VERDEF> *get_section_GNU_VERDEF() const throw () { return section_GNU_VERDEF; }; +@@ -59,13 +59,13 @@ namespace Elf + const std::vector<segment *> get_segments() const throw () { return segments; }; + const segment_type<segment_type_INTERP> *get_segment_INTERP() const throw () { return segment_INTERP; }; + +- static file *open(const char *filename) throw (std::bad_alloc, std::runtime_error); ++ static file *open(const char *filename) throw (); + + protected: +- file(uint8_t *mem, size_t len) throw (std::bad_alloc) : mem(mem), len(len) { } ++ file(uint8_t *mem, size_t len) throw () : mem(mem), len(len) { } + + template<typename _class> +- static file *open_class(uint8_t *, size_t) throw (std::bad_alloc, std::runtime_error); ++ static file *open_class(uint8_t *, size_t) throw (); + + uint16_t type; + uint16_t machine; +@@ -128,7 +128,7 @@ namespace Elf + class section_type<section_type_STRTAB> : public virtual section + { + public: +- std::string get_string(uint32_t offset) const throw (std::bad_alloc) ++ std::string get_string(uint32_t offset) const throw () + { + return std::string(reinterpret_cast<const char *> (mem + offset)); + } +@@ -263,10 +263,10 @@ namespace Elf + uint8_t get_bind () const throw () { return bind; } + uint8_t get_type () const throw () { return type; } + const std::string &get_name_string() const throw () { return name_string; } +- std::string get_version() const throw (std::bad_alloc); +- std::string get_version_file() const throw (std::bad_alloc); ++ std::string get_version() const throw (); ++ std::string get_version_file() const throw (); + uint16_t get_version_data() const throw () { return versym; } +- std::string get_name_version() const throw (std::bad_alloc); ++ std::string get_name_version() const throw (); + + protected: + uint32_t name; +@@ -305,7 +305,7 @@ namespace Elf + class version_requirement + { + public: +- version_requirement() throw (std::bad_alloc); ++ version_requirement() throw (); + virtual ~version_requirement () throw () { } + + const std::string &get_file() const throw () { return file_string; } +diff --git a/src/mklibs-readelf/elf_data.hpp b/src/mklibs-readelf/elf_data.hpp +index 05effee..3871982 100644 +--- a/src/mklibs-readelf/elf_data.hpp ++++ b/src/mklibs-readelf/elf_data.hpp +@@ -94,7 +94,7 @@ namespace Elf + class file_data : public file + { + public: +- file_data(uint8_t *, size_t len) throw (std::bad_alloc, std::runtime_error); ++ file_data(uint8_t *, size_t len) throw (); + + const uint8_t get_class() const throw () { return _class::id; } + const uint8_t get_data() const throw () { return _data::id; } +@@ -109,7 +109,7 @@ namespace Elf + public: + section_data(Shdr *, uint8_t *) throw (); + +- virtual void update(const file &) throw (std::bad_alloc); ++ virtual void update(const file &) throw (); + }; + + template <typename _class, typename _data, typename _type> +@@ -133,9 +133,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template <typename _class, typename _data> +@@ -147,9 +147,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template <typename _class, typename _data> +@@ -161,9 +161,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template <typename _class, typename _data> +@@ -175,9 +175,9 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + +- void update(const file &) throw (std::bad_alloc); ++ void update(const file &) throw (); + }; + + template <typename _class, typename _data> +@@ -189,7 +189,7 @@ namespace Elf + typedef typename _elfdef<_class>::Shdr Shdr; + + public: +- section_real(Shdr *, uint8_t *) throw (std::bad_alloc); ++ section_real(Shdr *, uint8_t *) throw (); + }; + + template <typename _class, typename _data> +@@ -220,7 +220,7 @@ namespace Elf + typedef typename _elfdef<_class>::Phdr Phdr; + + public: +- segment_real (Phdr *, uint8_t *) throw (std::bad_alloc); ++ segment_real (Phdr *, uint8_t *) throw (); + }; + + template <typename _class, typename _data> +@@ -232,7 +232,7 @@ namespace Elf + public: + dynamic_data (Dyn *) throw (); + +- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc); ++ void update_string(const section_type<section_type_STRTAB> &) throw (); + }; + + template <typename _class, typename _data> +@@ -244,8 +244,8 @@ namespace Elf + public: + symbol_data (Sym *) throw (); + +- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc); +- virtual void update_version (const file &, uint16_t) throw (std::bad_alloc); ++ void update_string(const section_type<section_type_STRTAB> &) throw (); ++ virtual void update_version (const file &, uint16_t) throw (); + }; + + template <typename _class, typename _data> +@@ -257,7 +257,7 @@ namespace Elf + + version_definition_data (Verdef *) throw (); + +- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc); ++ void update_string(const section_type<section_type_STRTAB> &) throw (); + }; + + template <typename _class, typename _data> +@@ -269,7 +269,7 @@ namespace Elf + + version_requirement_data (Verneed *) throw (); + +- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc); ++ void update_string(const section_type<section_type_STRTAB> &) throw (); + }; + + template <typename _class, typename _data> +@@ -280,7 +280,7 @@ namespace Elf + + version_requirement_entry_data (Vernaux *, const version_requirement &) throw (); + +- void update_string(const section_type<section_type_STRTAB> &) throw (std::bad_alloc); ++ void update_string(const section_type<section_type_STRTAB> &) throw (); + }; + } + +-- +2.11.0 + diff --git a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb index 1784af1f4c..07142e57e0 100644 --- a/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb +++ b/meta/recipes-devtools/mklibs/mklibs-native_0.1.44.bb @@ -12,6 +12,7 @@ SRC_URI = "http://snapshot.debian.org/archive/debian/20180828T214102Z/pool/main/ file://avoid-failure-on-symbol-provided-by-application.patch \ file://show-GNU-unique-symbols-as-provided-symbols.patch \ file://fix_cross_compile.patch \ + file://remove-deprecated-exception-specification-cpp17.patch \ " SRC_URI[md5sum] = "6b6eeb9b4016c6a7317acc28c89e32cc" diff --git a/meta/recipes-devtools/mtd/mtd-utils_git.bb b/meta/recipes-devtools/mtd/mtd-utils_git.bb index 105a68dad8..de7bdcd969 100644 --- a/meta/recipes-devtools/mtd/mtd-utils_git.bb +++ b/meta/recipes-devtools/mtd/mtd-utils_git.bb @@ -14,7 +14,7 @@ RDEPENDS_mtd-utils-tests += "bash" PV = "2.1.2" SRCREV = "7b986779342021bda87c04da3bf729718736d8ab" -SRC_URI = "git://git.infradead.org/mtd-utils.git \ +SRC_URI = "git://git.infradead.org/mtd-utils.git;branch=master \ file://add-exclusion-to-mkfs-jffs2-git-2.patch \ " diff --git a/meta/recipes-devtools/ninja/ninja_1.10.2.bb b/meta/recipes-devtools/ninja/ninja_1.10.2.bb index 2a39b2d216..79328583ee 100644 --- a/meta/recipes-devtools/ninja/ninja_1.10.2.bb +++ b/meta/recipes-devtools/ninja/ninja_1.10.2.bb @@ -8,7 +8,7 @@ DEPENDS = "re2c-native ninja-native" SRCREV = "e72d1d581c945c158ed68d9bc48911063022a2c6" -SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release" +SRC_URI = "git://github.com/ninja-build/ninja.git;branch=release;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>.*)" S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch b/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch new file mode 100644 index 0000000000..a5322f0375 --- /dev/null +++ b/meta/recipes-devtools/patchelf/patchelf/0001-merge-from-PR243.patch @@ -0,0 +1,47 @@ +From 6ac5c1350834b9da81ab90ab5ba4e5bf507c6c0d Mon Sep 17 00:00:00 2001 +From: Satadru Pramanik <satadru@gmail.com> +Date: Thu, 20 May 2021 16:52:21 -0400 +Subject: [PATCH] merge from PR243 + +Upstream-Status: Backport + +Reference to upstream patch: +https://github.com/NixOS/patchelf/commit/4efbce410d00c8cb43f134181d07b364bcf78022 + +[OP: tweak patch to apply to patchelf v0.10] +Signed-off-by: Ovidiu Panait <ovidiu.panait@windriver.com> +[OP: tweak patch to apply to patchelf v0.12] +Signed-off-by: Chen Qi <Qi.Chen@windriver.com> +--- + src/patchelf.cc | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/src/patchelf.cc b/src/patchelf.cc +index 1854cfa..73a3a86 100644 +--- a/src/patchelf.cc ++++ b/src/patchelf.cc +@@ -774,12 +774,15 @@ void ElfFile<ElfFileParamNames>::rewriteSectionsLibrary() + PT_LOAD segment located directly after the last virtual address + page of other segments. */ + Elf_Addr startPage = 0; ++ Elf_Addr firstPage = 0; + for (unsigned int i = 0; i < phdrs.size(); ++i) { + Elf_Addr thisPage = roundUp(rdi(phdrs[i].p_vaddr) + rdi(phdrs[i].p_memsz), getPageSize()); + if (thisPage > startPage) startPage = thisPage; ++ if (rdi(phdrs[i].p_type) == PT_PHDR) firstPage = rdi(phdrs[i].p_vaddr) - rdi(phdrs[i].p_offset); + } + + debug("last page is 0x%llx\n", (unsigned long long) startPage); ++ debug("first page is 0x%llx\n", (unsigned long long) firstPage); + + /* When normalizing note segments we will in the worst case be adding + 1 program header for each SHT_NOTE section. */ +@@ -852,7 +855,7 @@ void ElfFile<ElfFileParamNames>::rewriteSectionsLibrary() + assert(curOff == startOffset + neededSpace); + + /* Write out the updated program and section headers */ +- rewriteHeaders(hdr->e_phoff); ++ rewriteHeaders(firstPage + hdr->e_phoff); + } + + diff --git a/meta/recipes-devtools/patchelf/patchelf_0.12.bb b/meta/recipes-devtools/patchelf/patchelf_0.12.bb index 7c97ea0789..007435a719 100644 --- a/meta/recipes-devtools/patchelf/patchelf_0.12.bb +++ b/meta/recipes-devtools/patchelf/patchelf_0.12.bb @@ -4,10 +4,11 @@ HOMEPAGE = "https://github.com/NixOS/patchelf" LICENSE = "GPLv3" -SRC_URI = "git://github.com/NixOS/patchelf;protocol=https \ +SRC_URI = "git://github.com/NixOS/patchelf;protocol=https;branch=master \ file://handle-read-only-files.patch \ file://6edec83653ce1b5fc201ff6db93b966394766814.patch \ file://alignmentfix.patch \ + file://0001-merge-from-PR243.patch \ " SRCREV = "8d3a16e97294e3c5521c61b4c8835499c9918264" diff --git a/meta/recipes-devtools/pseudo/files/build-oldlibc b/meta/recipes-devtools/pseudo/files/build-oldlibc new file mode 100755 index 0000000000..85c438de4e --- /dev/null +++ b/meta/recipes-devtools/pseudo/files/build-oldlibc @@ -0,0 +1,20 @@ +#!/bin/sh +# +# Script to re-generate pseudo-prebuilt-2.33.tar.xz +# +# Copyright (C) 2021 Richard Purdie +# +# SPDX-License-Identifier: GPL-2.0-only +# + +for i in x86_64 aarch64 i686; do + if [ ! -e $i-nativesdk-libc.tar.xz ]; then + wget http://downloads.yoctoproject.org/releases/uninative/3.2/$i-nativesdk-libc.tar.xz + fi + tar -xf $i-nativesdk-libc.tar.xz --wildcards \*/lib/libpthread\* \*/lib/libdl\* + cd $i-linux/lib + ln -s libdl.so.2 libdl.so + ln -s libpthread.so.0 libpthread.so + cd ../.. +done +tar -cJf pseudo-prebuilt-2.33.tar.xz *-linux
\ No newline at end of file diff --git a/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch new file mode 100644 index 0000000000..c453b5f735 --- /dev/null +++ b/meta/recipes-devtools/pseudo/files/older-glibc-symbols.patch @@ -0,0 +1,57 @@ +If we link against a newer glibc 2.34 and then try and our LD_PRELOAD is run against a +binary on a host with an older libc, we see symbol errors since in glibc 2.34, pthread +and dl are merged into libc itself. + +We need to use the older form of linking so use glibc binaries from an older release +to force this. We only use minimal symbols from these anyway. + +pthread_atfork is problematic, particularly on arm so use the internal glibc routine +it maps too. This was always present in the main libc from 2.3.2 onwards. + +Yes this is horrible. Better solutions welcome. + +There is more info in the bug: [YOCTO #14521] + +Upstream-Status: Inappropriate [this patch is native and nativesdk] +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Tweak library search order, make prebuilt lib ahead of recipe lib +Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> +--- + Makefile.in | 2 +- + pseudo_wrappers.c | 5 ++++- + 2 files changed, 5 insertions(+), 2 deletions(-) + +diff --git a/Makefile.in b/Makefile.in +--- a/Makefile.in ++++ b/Makefile.in +@@ -120,7 +120,7 @@ $(PSEUDODB): pseudodb.o $(SHOBJS) $(DBOBJS) pseudo_ipc.o | $(BIN) + libpseudo: $(LIBPSEUDO) + + $(LIBPSEUDO): $(WRAPOBJS) pseudo_client.o pseudo_ipc.o $(SHOBJS) | $(LIB) +- $(CC) $(CFLAGS) $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ ++ $(CC) $(CFLAGS) -Lprebuilt/$(shell uname -m)-linux/lib/ $(CFLAGS_PSEUDO) -shared -o $(LIBPSEUDO) \ + pseudo_client.o pseudo_ipc.o \ + $(WRAPOBJS) $(SHOBJS) $(LDFLAGS) $(CLIENT_LDFLAGS) + +diff --git a/pseudo_wrappers.c b/pseudo_wrappers.c +--- a/pseudo_wrappers.c ++++ b/pseudo_wrappers.c +@@ -100,10 +100,13 @@ static void libpseudo_atfork_child(void) + pseudo_mutex_holder = 0; + } + ++extern void *__dso_handle; ++extern int __register_atfork (void (*) (void), void (*) (void), void (*) (void), void *); ++ + static void + _libpseudo_init(void) { + if (!_libpseudo_initted) +- pthread_atfork(NULL, NULL, libpseudo_atfork_child); ++ __register_atfork (NULL, NULL, libpseudo_atfork_child, &__dso_handle == NULL ? NULL : __dso_handle); + + pseudo_getlock(); + pseudo_antimagic(); +-- +2.27.0 + diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb index 0ba460f3e6..b5da3f0e29 100644 --- a/meta/recipes-devtools/pseudo/pseudo_git.bb +++ b/meta/recipes-devtools/pseudo/pseudo_git.bb @@ -5,8 +5,15 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \ file://fallback-passwd \ file://fallback-group \ " +SRC_URI:append:class-native = " \ + http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \ + file://older-glibc-symbols.patch" +SRC_URI:append:class-nativesdk = " \ + http://downloads.yoctoproject.org/mirror/sources/pseudo-prebuilt-2.33.tar.xz;subdir=git/prebuilt;name=prebuilt \ + file://older-glibc-symbols.patch" +SRC_URI[prebuilt.sha256sum] = "ed9f456856e9d86359f169f46a70ad7be4190d6040282b84c8d97b99072485aa" -SRCREV = "b988b0a6b8afd8d459bc9a2528e834f63a3d59b2" +SRCREV = "2b4b88eb513335b0ece55fe51854693d9b20de35" S = "${WORKDIR}/git" PV = "1.9.0+git${SRCPV}" diff --git a/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch b/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch new file mode 100644 index 0000000000..0afc79ae0d --- /dev/null +++ b/meta/recipes-devtools/python-numpy/files/CVE-2021-41496.patch @@ -0,0 +1,64 @@ +From 86d81322c5c0ab67f89d64f56f6e77d4fe185910 Mon Sep 17 00:00:00 2001 +From: Warren Weckesser <warren.weckesser@gmail.com> +Date: Tue, 29 Mar 2022 15:58:00 +0800 +Subject: [PATCH] BUG: f2py: Simplify creation of an exception message. Closes + gh-19000. + +CVE: CVE-2021-41496 + +Upstream-Status: Backport [https://github.com/numpy/numpy/commit/271010f1037150e95017f803f4214b8861e528f2] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + numpy/f2py/src/fortranobject.c | 26 ++++++++++++-------------- + 1 file changed, 12 insertions(+), 14 deletions(-) + +diff --git a/numpy/f2py/src/fortranobject.c b/numpy/f2py/src/fortranobject.c +index 3275f90..85c9c7f 100644 +--- a/numpy/f2py/src/fortranobject.c ++++ b/numpy/f2py/src/fortranobject.c +@@ -637,14 +637,14 @@ static int check_and_fix_dimensions(const PyArrayObject* arr, + npy_intp *dims); + + static int +-count_negative_dimensions(const int rank, ++find_first_negative_dimension(const int rank, + const npy_intp *dims) { +- int i=0,r=0; +- while (i<rank) { +- if (dims[i] < 0) ++r; +- ++i; ++ for (int i = 0; i < rank; ++i) { ++ if (dims[i] < 0) { ++ return i; ++ } + } +- return r; ++ return -1; + } + + #ifdef DEBUG_COPY_ND_ARRAY +@@ -721,14 +721,12 @@ PyArrayObject* array_from_pyobj(const int type_num, + || ((intent & F2PY_OPTIONAL) && (obj==Py_None)) + ) { + /* intent(cache), optional, intent(hide) */ +- if (count_negative_dimensions(rank,dims) > 0) { +- int i; +- strcpy(mess, "failed to create intent(cache|hide)|optional array" +- "-- must have defined dimensions but got ("); +- for(i=0;i<rank;++i) +- sprintf(mess+strlen(mess),"%" NPY_INTP_FMT ",",dims[i]); +- strcat(mess, ")"); +- PyErr_SetString(PyExc_ValueError,mess); ++ int i = find_first_negative_dimension(rank, dims); ++ if (i >= 0) { ++ PyErr_Format(PyExc_ValueError, ++ "failed to create intent(cache|hide)|optional array" ++ " -- must have defined dimensions, but dims[%d] = %" ++ NPY_INTP_FMT, i, dims[i]); + return NULL; + } + arr = (PyArrayObject *) +-- +2.25.1 + diff --git a/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb b/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb index 6c3b886782..9e55e74d2c 100644 --- a/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb +++ b/meta/recipes-devtools/python-numpy/python3-numpy_1.20.1.bb @@ -10,6 +10,7 @@ SRCNAME = "numpy" SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${SRCNAME}-${PV}.tar.gz \ file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \ file://0001-numpy-core-Define-RISCV-32-support.patch \ + file://CVE-2021-41496.patch \ file://run-ptest \ " SRC_URI[sha256sum] = "9bf51d69ebb4ca9239e55bedc2185fe2c0ec222da0adee7ece4125414676846d" diff --git a/meta/recipes-devtools/python/python3-pyelftools_0.27.bb b/meta/recipes-devtools/python/python3-pyelftools_0.27.bb index 0cfd99504b..f8b9d420a5 100644 --- a/meta/recipes-devtools/python/python3-pyelftools_0.27.bb +++ b/meta/recipes-devtools/python/python3-pyelftools_0.27.bb @@ -11,3 +11,5 @@ PYPI_PACKAGE = "pyelftools" inherit pypi setuptools3 BBCLASSEXTEND = "native" + +RDEPENDS_${PN} += "${PYTHON_PN}-debugger ${PYTHON_PN}-pprint" diff --git a/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch b/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch deleted file mode 100644 index 237645bc60..0000000000 --- a/meta/recipes-devtools/python/python3/0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 840fda32c82550259d02a7a56a78a9c05162b1a1 Mon Sep 17 00:00:00 2001 -From: Changqing Li <changqing.li@windriver.com> -Date: Wed, 8 May 2019 16:10:29 +0800 -Subject: [PATCH] Makefile: fix Issue36464 (parallel build race problem) - -When using make -j with the 'install' target, it's possible for altbininstall -(which normally creates BINDIR) and libainstall (which doesn't, though it -installs python-config there) to race, resulting in a failure due to -attempting to install python-config into a nonexistent BINDIR. Ensure it also -exists in the libainstall target. - -Upstream-Status: Submitted [https://github.com/python/cpython/pull/13186] - -Signed-off-by: Changqing Li <changqing.li@windriver.com> ---- - Makefile.pre.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile.pre.in b/Makefile.pre.in -index 15f3687..7e9f173 100644 ---- a/Makefile.pre.in -+++ b/Makefile.pre.in -@@ -1456,7 +1456,7 @@ LIBPL= @LIBPL@ - LIBPC= $(LIBDIR)/pkgconfig - - libainstall: @DEF_MAKE_RULE@ python-config -- @for i in $(LIBDIR) $(LIBPL) $(LIBPC); \ -+ @for i in $(LIBDIR) $(LIBPL) $(LIBPC) $(BINDIR); \ - do \ - if test ! -d $(DESTDIR)$$i; then \ - echo "Creating directory $$i"; \ --- -2.7.4 - diff --git a/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch b/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch index c4fae09a5b..99968b81de 100644 --- a/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch +++ b/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch @@ -1,7 +1,8 @@ -From 1ad771d86728ee2ed30e202e9768d8d825f96467 Mon Sep 17 00:00:00 2001 +From d9eb634b3d2e6ba831e864c50f6a37c48edfc4f3 Mon Sep 17 00:00:00 2001 From: Matthias Schoepfer <matthias.schoepfer@ithinx.io> Date: Fri, 31 May 2019 15:34:34 +0200 Subject: [PATCH] bpo-36852: proper detection of mips architecture for soft + float When (cross) compiling for softfloat mips, __mips_hard_float will not be @@ -13,18 +14,18 @@ to do this in a more autoconf/autotools manner. Upstream-Status: Submitted [https://github.com/python/cpython/pull/13196] Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io> -%% original patch: 0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch + --- configure.ac | 175 +++++++-------------------------------------------- 1 file changed, 21 insertions(+), 154 deletions(-) diff --git a/configure.ac b/configure.ac -index ede710e..bc81b0b 100644 +index e2979a8..337182d 100644 --- a/configure.ac +++ b/configure.ac -@@ -710,160 +710,27 @@ fi - MULTIARCH=$($CC --print-multiarch 2>/dev/null) - AC_SUBST(MULTIARCH) +@@ -728,160 +728,27 @@ then + fi + -AC_MSG_CHECKING([for the platform triplet based on compiler characteristics]) -cat >> conftest.c <<EOF @@ -202,8 +203,5 @@ index ede710e..bc81b0b 100644 + ;; +esac - if test x$PLATFORM_TRIPLET != x && test x$MULTIARCH != x; then - if test x$PLATFORM_TRIPLET != x$MULTIARCH; then --- -2.24.1 - + if test x$PLATFORM_TRIPLET != xdarwin; then + MULTIARCH=$($CC --print-multiarch 2>/dev/null) diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch new file mode 100644 index 0000000000..96744cb557 --- /dev/null +++ b/meta/recipes-devtools/python/python3/makerace.patch @@ -0,0 +1,23 @@ +libainstall installs python-config.py but the .pyc cache files are generated +by the libinstall target. This means some builds may not generate the pyc files +for python-config.py depending on the order things happen in. This means builds +are not always reproducible. + +Add a dependency to avoid the race. + +Upstream-Status: Pending +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: Python-3.9.6/Makefile.pre.in +=================================================================== +--- Python-3.9.6.orig/Makefile.pre.in ++++ Python-3.9.6/Makefile.pre.in +@@ -1486,7 +1486,7 @@ LIBSUBDIRS= tkinter tkinter/test tkinter + venv venv/scripts venv/scripts/common venv/scripts/posix \ + curses pydoc_data \ + zoneinfo +-libinstall: build_all $(srcdir)/Modules/xxmodule.c ++libinstall: build_all $(srcdir)/Modules/xxmodule.c libainstall + @for i in $(SCRIPTDIR) $(LIBDEST); \ + do \ + if test ! -d $(DESTDIR)$$i; then \ diff --git a/meta/recipes-devtools/python/python3_3.9.5.bb b/meta/recipes-devtools/python/python3_3.9.9.bb index 82177f4a18..f41529833c 100644 --- a/meta/recipes-devtools/python/python3_3.9.5.bb +++ b/meta/recipes-devtools/python/python3_3.9.9.bb @@ -20,7 +20,6 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://python-config.patch \ file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \ file://0001-python3-use-cc_basename-to-replace-CC-for-checking-c.patch \ - file://0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch \ file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \ file://crosspythonpath.patch \ file://0001-Use-FLAG_REF-always-for-interned-strings.patch \ @@ -31,6 +30,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch \ file://0001-Lib-sysconfig.py-use-libdir-values-from-configuratio.patch \ file://0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch \ + file://makerace.patch \ " SRC_URI_append_class-native = " \ @@ -38,7 +38,7 @@ SRC_URI_append_class-native = " \ file://12-distutils-prefix-is-inside-staging-area.patch \ file://0001-Don-t-search-system-for-headers-libraries.patch \ " -SRC_URI[sha256sum] = "0c5a140665436ec3dbfbb79e2dfb6d192655f26ef4a29aeffcb6d1820d716d83" +SRC_URI[sha256sum] = "06828c04a573c073a4e51c4292a27c1be4ae26621c3edc7cf9318418ce3b6d27" # exclude pre-releases for both python 2.x and 3.x UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar" diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc index 463339e42b..934e5ee932 100644 --- a/meta/recipes-devtools/qemu/qemu.inc +++ b/meta/recipes-devtools/qemu/qemu.inc @@ -70,6 +70,14 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \ file://CVE-2021-3607.patch \ file://CVE-2021-3608.patch \ file://CVE-2021-3682.patch \ + file://CVE-2021-3713.patch \ + file://CVE-2021-3748.patch \ + file://CVE-2021-3930.patch \ + file://CVE-2021-20196_1.patch \ + file://CVE-2021-20196_2.patch \ + file://CVE-2021-4145_1.patch \ + file://CVE-2021-4145_2.patch \ + file://CVE-2022-26354.patch \ " UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar" diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch new file mode 100644 index 0000000000..8b1ad0423b --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_1.patch @@ -0,0 +1,54 @@ +From e907ff3d4cb7fd20d402f45355059e67d0dc93e7 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com> +Date: Wed, 24 Nov 2021 17:15:34 +0100 +Subject: [PATCH 11/12] hw/block/fdc: Extract blk_create_empty_drive() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We are going to re-use this code in the next commit, +so extract it as a new blk_create_empty_drive() function. + +Inspired-by: Hanna Reitz <hreitz@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Message-id: 20211124161536.631563-2-philmd@redhat.com +Signed-off-by: John Snow <jsnow@redhat.com> + +Upstream-Status: Backport [b154791e7b6d4ca5cdcd54443484d97360bd7ad2] +CVE: CVE-2021-20196 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/block/fdc.c | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/hw/block/fdc.c b/hw/block/fdc.c +index 4c2c35e22..854b4f172 100644 +--- a/hw/block/fdc.c ++++ b/hw/block/fdc.c +@@ -61,6 +61,12 @@ + } while (0) + + ++/* Anonymous BlockBackend for empty drive */ ++static BlockBackend *blk_create_empty_drive(void) ++{ ++ return blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL); ++} ++ + /********************************************************/ + /* qdev floppy bus */ + +@@ -543,8 +549,7 @@ static void floppy_drive_realize(DeviceState *qdev, Error **errp) + } + + if (!dev->conf.blk) { +- /* Anonymous BlockBackend for an empty drive */ +- dev->conf.blk = blk_new(qemu_get_aio_context(), 0, BLK_PERM_ALL); ++ dev->conf.blk = blk_create_empty_drive(); + ret = blk_attach_dev(dev->conf.blk, qdev); + assert(ret == 0); + +-- +2.31.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch new file mode 100644 index 0000000000..dd442ccb8f --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-20196_2.patch @@ -0,0 +1,67 @@ +From 1d48445a951fd5504190a38abeda70ea9372cf77 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= <philmd@redhat.com> +Date: Wed, 24 Nov 2021 17:15:35 +0100 +Subject: [PATCH 12/12] hw/block/fdc: Kludge missing floppy drive to fix + CVE-2021-20196 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Guest might select another drive on the bus by setting the +DRIVE_SEL bit of the DIGITAL OUTPUT REGISTER (DOR). +The current controller model doesn't expect a BlockBackend +to be NULL. A simple way to fix CVE-2021-20196 is to create +an empty BlockBackend when it is missing. All further +accesses will be safely handled, and the controller state +machines keep behaving correctly. + +Cc: qemu-stable@nongnu.org +Fixes: CVE-2021-20196 +Reported-by: Gaoning Pan (Ant Security Light-Year Lab) <pgn@zju.edu.cn> +Reviewed-by: Darren Kenny <darren.kenny@oracle.com> +Reviewed-by: Hanna Reitz <hreitz@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Message-id: 20211124161536.631563-3-philmd@redhat.com +BugLink: https://bugs.launchpad.net/qemu/+bug/1912780 +Resolves: https://gitlab.com/qemu-project/qemu/-/issues/338 +Reviewed-by: Darren Kenny <darren.kenny@oracle.com> +Reviewed-by: Hanna Reitz <hreitz@redhat.com> +Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Signed-off-by: John Snow <jsnow@redhat.com> + +Upstream-Status: Backport [1ab95af033a419e7a64e2d58e67dd96b20af5233] +CVE: CVE-2021-20196 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/block/fdc.c | 14 +++++++++++++- + 1 file changed, 13 insertions(+), 1 deletion(-) + +diff --git a/hw/block/fdc.c b/hw/block/fdc.c +index 854b4f172..a736c4d14 100644 +--- a/hw/block/fdc.c ++++ b/hw/block/fdc.c +@@ -1365,7 +1365,19 @@ static FDrive *get_drv(FDCtrl *fdctrl, int unit) + + static FDrive *get_cur_drv(FDCtrl *fdctrl) + { +- return get_drv(fdctrl, fdctrl->cur_drv); ++ FDrive *cur_drv = get_drv(fdctrl, fdctrl->cur_drv); ++ ++ if (!cur_drv->blk) { ++ /* ++ * Kludge: empty drive line selected. Create an anonymous ++ * BlockBackend to avoid NULL deref with various BlockBackend ++ * API calls within this model (CVE-2021-20196). ++ * Due to the controller QOM model limitations, we don't ++ * attach the created to the controller device. ++ */ ++ cur_drv->blk = blk_create_empty_drive(); ++ } ++ return cur_drv; + } + + /* Status A register : 0x00 (read-only) */ +-- +2.31.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch new file mode 100644 index 0000000000..33fca66d3d --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3713.patch @@ -0,0 +1,68 @@ +From 9a8f71ec660e67c51cc5905dd9d2a12ff78ce743 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann <kraxel@redhat.com> +Date: Wed, 18 Aug 2021 14:05:05 +0200 +Subject: [PATCH 08/12] uas: add stream number sanity checks. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The device uses the guest-supplied stream number unchecked, which can +lead to guest-triggered out-of-band access to the UASDevice->data3 and +UASDevice->status3 fields. Add the missing checks. + +Fixes: CVE-2021-3713 +Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> +Reported-by: Chen Zhe <chenzhe@huawei.com> +Reported-by: Tan Jingguo <tanjingguo@huawei.com> +Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> +Message-Id: <20210818120505.1258262-2-kraxel@redhat.com> +(cherry picked from commit 13b250b12ad3c59114a6a17d59caf073ce45b33a) +Signed-off-by: Michael Roth <michael.roth@amd.com> + +Upstream-Status: Backport [36403e8788a264dc96174f52584681ebcb4f54b1] +CVE: CVE-2021-3713 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/usb/dev-uas.c | 11 +++++++++++ + 1 file changed, 11 insertions(+) + +diff --git a/hw/usb/dev-uas.c b/hw/usb/dev-uas.c +index cec071d96..157734eb0 100644 +--- a/hw/usb/dev-uas.c ++++ b/hw/usb/dev-uas.c +@@ -831,6 +831,9 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p) + } + break; + case UAS_PIPE_ID_STATUS: ++ if (p->stream > UAS_MAX_STREAMS) { ++ goto err_stream; ++ } + if (p->stream) { + QTAILQ_FOREACH(st, &uas->results, next) { + if (st->stream == p->stream) { +@@ -858,6 +861,9 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p) + break; + case UAS_PIPE_ID_DATA_IN: + case UAS_PIPE_ID_DATA_OUT: ++ if (p->stream > UAS_MAX_STREAMS) { ++ goto err_stream; ++ } + if (p->stream) { + req = usb_uas_find_request(uas, p->stream); + } else { +@@ -893,6 +899,11 @@ static void usb_uas_handle_data(USBDevice *dev, USBPacket *p) + p->status = USB_RET_STALL; + break; + } ++ ++err_stream: ++ error_report("%s: invalid stream %d", __func__, p->stream); ++ p->status = USB_RET_STALL; ++ return; + } + + static void usb_uas_unrealize(USBDevice *dev) +-- +2.31.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch new file mode 100644 index 0000000000..4765f24739 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3748.patch @@ -0,0 +1,127 @@ +From bacc200f623647632258f7efc0f098ac30dd4225 Mon Sep 17 00:00:00 2001 +From: Jason Wang <jasowang@redhat.com> +Date: Thu, 2 Sep 2021 13:44:12 +0800 +Subject: [PATCH 09/12] virtio-net: fix use after unmap/free for sg + +When mergeable buffer is enabled, we try to set the num_buffers after +the virtqueue elem has been unmapped. This will lead several issues, +E.g a use after free when the descriptor has an address which belongs +to the non direct access region. In this case we use bounce buffer +that is allocated during address_space_map() and freed during +address_space_unmap(). + +Fixing this by storing the elems temporarily in an array and delay the +unmap after we set the the num_buffers. + +This addresses CVE-2021-3748. + +Reported-by: Alexander Bulekov <alxndr@bu.edu> +Fixes: fbe78f4f55c6 ("virtio-net support") +Cc: qemu-stable@nongnu.org +Signed-off-by: Jason Wang <jasowang@redhat.com> + +Upstream-Status: Backport [bedd7e93d01961fcb16a97ae45d93acf357e11f6] +CVE: CVE-2021-3748 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/net/virtio-net.c | 39 ++++++++++++++++++++++++++++++++------- + 1 file changed, 32 insertions(+), 7 deletions(-) + +diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c +index 9179013ac..df1d30e2c 100644 +--- a/hw/net/virtio-net.c ++++ b/hw/net/virtio-net.c +@@ -1665,10 +1665,13 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + VirtIONet *n = qemu_get_nic_opaque(nc); + VirtIONetQueue *q = virtio_net_get_subqueue(nc); + VirtIODevice *vdev = VIRTIO_DEVICE(n); ++ VirtQueueElement *elems[VIRTQUEUE_MAX_SIZE]; ++ size_t lens[VIRTQUEUE_MAX_SIZE]; + struct iovec mhdr_sg[VIRTQUEUE_MAX_SIZE]; + struct virtio_net_hdr_mrg_rxbuf mhdr; + unsigned mhdr_cnt = 0; +- size_t offset, i, guest_offset; ++ size_t offset, i, guest_offset, j; ++ ssize_t err; + + if (!virtio_net_can_receive(nc)) { + return -1; +@@ -1699,6 +1702,12 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + + total = 0; + ++ if (i == VIRTQUEUE_MAX_SIZE) { ++ virtio_error(vdev, "virtio-net unexpected long buffer chain"); ++ err = size; ++ goto err; ++ } ++ + elem = virtqueue_pop(q->rx_vq, sizeof(VirtQueueElement)); + if (!elem) { + if (i) { +@@ -1710,7 +1719,8 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + n->guest_hdr_len, n->host_hdr_len, + vdev->guest_features); + } +- return -1; ++ err = -1; ++ goto err; + } + + if (elem->in_num < 1) { +@@ -1718,7 +1728,8 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + "virtio-net receive queue contains no in buffers"); + virtqueue_detach_element(q->rx_vq, elem, 0); + g_free(elem); +- return -1; ++ err = -1; ++ goto err; + } + + sg = elem->in_sg; +@@ -1755,12 +1766,13 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + if (!n->mergeable_rx_bufs && offset < size) { + virtqueue_unpop(q->rx_vq, elem, total); + g_free(elem); +- return size; ++ err = size; ++ goto err; + } + +- /* signal other side */ +- virtqueue_fill(q->rx_vq, elem, total, i++); +- g_free(elem); ++ elems[i] = elem; ++ lens[i] = total; ++ i++; + } + + if (mhdr_cnt) { +@@ -1770,10 +1782,23 @@ static ssize_t virtio_net_receive_rcu(NetClientState *nc, const uint8_t *buf, + &mhdr.num_buffers, sizeof mhdr.num_buffers); + } + ++ for (j = 0; j < i; j++) { ++ /* signal other side */ ++ virtqueue_fill(q->rx_vq, elems[j], lens[j], j); ++ g_free(elems[j]); ++ } ++ + virtqueue_flush(q->rx_vq, i); + virtio_notify(vdev, q->rx_vq); + + return size; ++ ++err: ++ for (j = 0; j < i; j++) { ++ g_free(elems[j]); ++ } ++ ++ return err; + } + + static ssize_t virtio_net_do_receive(NetClientState *nc, const uint8_t *buf, +-- +2.31.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch new file mode 100644 index 0000000000..bfbe5cee33 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-3930.patch @@ -0,0 +1,53 @@ +From cdca50eff9c38367be54f92839734ab490c8b0f7 Mon Sep 17 00:00:00 2001 +From: Mauro Matteo Cascella <mcascell@redhat.com> +Date: Thu, 4 Nov 2021 17:31:38 +0100 +Subject: [PATCH 10/12] hw/scsi/scsi-disk: MODE_PAGE_ALLS not allowed in MODE + SELECT commands + +This avoids an off-by-one read of 'mode_sense_valid' buffer in +hw/scsi/scsi-disk.c:mode_sense_page(). + +Fixes: CVE-2021-3930 +Cc: qemu-stable@nongnu.org +Reported-by: Alexander Bulekov <alxndr@bu.edu> +Fixes: a8f4bbe2900 ("scsi-disk: store valid mode pages in a table") +Fixes: #546 +Reported-by: Qiuhao Li <Qiuhao.Li@outlook.com> +Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com> +Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> + +Upstream-Status: Backport [b3af7fdf9cc537f8f0dd3e2423d83f5c99a457e8] +CVE: CVE-2021-3930 + +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/scsi/scsi-disk.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/hw/scsi/scsi-disk.c b/hw/scsi/scsi-disk.c +index 90841ad79..5b44ed7d8 100644 +--- a/hw/scsi/scsi-disk.c ++++ b/hw/scsi/scsi-disk.c +@@ -1100,6 +1100,7 @@ static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf, + uint8_t *p = *p_outbuf + 2; + int length; + ++ assert(page < ARRAY_SIZE(mode_sense_valid)); + if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) { + return -1; + } +@@ -1441,6 +1442,11 @@ static int scsi_disk_check_mode_select(SCSIDiskState *s, int page, + return -1; + } + ++ /* MODE_PAGE_ALLS is only valid for MODE SENSE commands */ ++ if (page == MODE_PAGE_ALLS) { ++ return -1; ++ } ++ + p = mode_current; + memset(mode_current, 0, inlen + 2); + len = mode_sense_page(s, page, &p, 0); +-- +2.31.1 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_1.patch new file mode 100644 index 0000000000..9ea6c7e47c --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_1.patch @@ -0,0 +1,60 @@ +From 748bf90148bbbaedd75fe1b2c47b3617710523bd Mon Sep 17 00:00:00 2001 +From: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> +Date: Sat, 3 Jul 2021 00:16:36 +0300 +Subject: [PATCH 1/3] block/mirror: fix active mirror dead-lock in + mirror_wait_on_conflicts + +It's possible that requests start to wait each other in +mirror_wait_on_conflicts(). To avoid it let's use same technique as in +block/io.c in bdrv_wait_serialising_requests_locked() / +bdrv_find_conflicting_request(): don't wait on intersecting request if +it is already waiting for some other request. + +For details of the dead-lock look at testIntersectingActiveIO() +test-case which we actually fixing now. + +Fixes: d06107ade0ce74dc39739bac80de84b51ec18546 +Signed-off-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> +Message-Id: <20210702211636.228981-4-vsementsov@virtuozzo.com> +Signed-off-by: Kevin Wolf <kwolf@redhat.com> + +Upstream-Status: Backport [d44dae1a7cf782ec9235746ebb0e6c1a20dd7288] +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + block/mirror.c | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/block/mirror.c b/block/mirror.c +index 8e1ad6ece..fab008568 100644 +--- a/block/mirror.c ++++ b/block/mirror.c +@@ -106,6 +106,7 @@ struct MirrorOp { + bool is_in_flight; + CoQueue waiting_requests; + Coroutine *co; ++ MirrorOp *waiting_for_op; + + QTAILQ_ENTRY(MirrorOp) next; + }; +@@ -158,7 +159,18 @@ static void coroutine_fn mirror_wait_on_conflicts(MirrorOp *self, + if (ranges_overlap(self_start_chunk, self_nb_chunks, + op_start_chunk, op_nb_chunks)) + { ++ /* ++ * If the operation is already (indirectly) waiting for us, or ++ * will wait for us as soon as it wakes up, then just go on ++ * (instead of producing a deadlock in the former case). ++ */ ++ if (op->waiting_for_op) { ++ continue; ++ } ++ ++ self->waiting_for_op = op; + qemu_co_queue_wait(&op->waiting_requests, NULL); ++ self->waiting_for_op = NULL; + break; + } + } +-- +2.33.0 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_2.patch new file mode 100644 index 0000000000..57f1dca5f0 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-4145_2.patch @@ -0,0 +1,83 @@ +From ba51b041eea7da8faf955770092d6f6ba7f21037 Mon Sep 17 00:00:00 2001 +From: Stefano Garzarella <sgarzare@redhat.com> +Date: Fri, 10 Sep 2021 14:45:33 +0200 +Subject: [PATCH 2/3] block/mirror: fix NULL pointer dereference in + mirror_wait_on_conflicts() + +In mirror_iteration() we call mirror_wait_on_conflicts() with +`self` parameter set to NULL. + +Starting from commit d44dae1a7c we dereference `self` pointer in +mirror_wait_on_conflicts() without checks if it is not NULL. + +Backtrace: + Program terminated with signal SIGSEGV, Segmentation fault. + #0 mirror_wait_on_conflicts (self=0x0, s=<optimized out>, offset=<optimized out>, bytes=<optimized out>) + at ../block/mirror.c:172 + 172 self->waiting_for_op = op; + [Current thread is 1 (Thread 0x7f0908931ec0 (LWP 380249))] + (gdb) bt + #0 mirror_wait_on_conflicts (self=0x0, s=<optimized out>, offset=<optimized out>, bytes=<optimized out>) + at ../block/mirror.c:172 + #1 0x00005610c5d9d631 in mirror_run (job=0x5610c76a2c00, errp=<optimized out>) at ../block/mirror.c:491 + #2 0x00005610c5d58726 in job_co_entry (opaque=0x5610c76a2c00) at ../job.c:917 + #3 0x00005610c5f046c6 in coroutine_trampoline (i0=<optimized out>, i1=<optimized out>) + at ../util/coroutine-ucontext.c:173 + #4 0x00007f0909975820 in ?? () at ../sysdeps/unix/sysv/linux/x86_64/__start_context.S:91 + from /usr/lib64/libc.so.6 + +Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=2001404 +Fixes: d44dae1a7c ("block/mirror: fix active mirror dead-lock in mirror_wait_on_conflicts") +Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> +Message-Id: <20210910124533.288318-1-sgarzare@redhat.com> +Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> +Signed-off-by: Hanna Reitz <hreitz@redhat.com> + +Upstream-Status: Backport [66fed30c9cd11854fc878a4eceb507e915d7c9cd] +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + block/mirror.c | 25 ++++++++++++++++--------- + 1 file changed, 16 insertions(+), 9 deletions(-) + +diff --git a/block/mirror.c b/block/mirror.c +index fab008568..ca0be146f 100644 +--- a/block/mirror.c ++++ b/block/mirror.c +@@ -159,18 +159,25 @@ static void coroutine_fn mirror_wait_on_conflicts(MirrorOp *self, + if (ranges_overlap(self_start_chunk, self_nb_chunks, + op_start_chunk, op_nb_chunks)) + { +- /* +- * If the operation is already (indirectly) waiting for us, or +- * will wait for us as soon as it wakes up, then just go on +- * (instead of producing a deadlock in the former case). +- */ +- if (op->waiting_for_op) { +- continue; ++ if (self) { ++ /* ++ * If the operation is already (indirectly) waiting for us, ++ * or will wait for us as soon as it wakes up, then just go ++ * on (instead of producing a deadlock in the former case). ++ */ ++ if (op->waiting_for_op) { ++ continue; ++ } ++ ++ self->waiting_for_op = op; + } + +- self->waiting_for_op = op; + qemu_co_queue_wait(&op->waiting_requests, NULL); +- self->waiting_for_op = NULL; ++ ++ if (self) { ++ self->waiting_for_op = NULL; ++ } ++ + break; + } + } +-- +2.33.0 + diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2022-26354.patch b/meta/recipes-devtools/qemu/qemu/CVE-2022-26354.patch new file mode 100644 index 0000000000..ae8c490177 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2022-26354.patch @@ -0,0 +1,59 @@ +From 1c53fa2c574ebacf8bb20c73e35ae4b96dcf0476 Mon Sep 17 00:00:00 2001 +From: Stefano Garzarella <sgarzare@redhat.com> +Date: Mon, 28 Feb 2022 10:50:58 +0100 +Subject: [PATCH 3/3] vhost-vsock: detach the virqueue element in case of error + +In vhost_vsock_common_send_transport_reset(), if an element popped from +the virtqueue is invalid, we should call virtqueue_detach_element() to +detach it from the virtqueue before freeing its memory. + +Fixes: fc0b9b0e1c ("vhost-vsock: add virtio sockets device") +Fixes: CVE-2022-26354 +Cc: qemu-stable@nongnu.org +Reported-by: VictorV <vv474172261@gmail.com> +Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> +Message-Id: <20220228095058.27899-1-sgarzare@redhat.com> +Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> +Reviewed-by: Michael S. Tsirkin <mst@redhat.com> +Signed-off-by: Michael S. Tsirkin <mst@redhat.com> + +Upstream-Status: Backport [8d1b247f3748ac4078524130c6d7ae42b6140aaf] +Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> +--- + hw/virtio/vhost-vsock-common.c | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/hw/virtio/vhost-vsock-common.c b/hw/virtio/vhost-vsock-common.c +index 5b2ebf349..45ea58c3a 100644 +--- a/hw/virtio/vhost-vsock-common.c ++++ b/hw/virtio/vhost-vsock-common.c +@@ -129,19 +129,23 @@ static void vhost_vsock_common_send_transport_reset(VHostVSockCommon *vvc) + if (elem->out_num) { + error_report("invalid vhost-vsock event virtqueue element with " + "out buffers"); +- goto out; ++ goto err; + } + + if (iov_from_buf(elem->in_sg, elem->in_num, 0, + &event, sizeof(event)) != sizeof(event)) { + error_report("vhost-vsock event virtqueue element is too short"); +- goto out; ++ goto err; + } + + virtqueue_push(vq, elem, sizeof(event)); + virtio_notify(VIRTIO_DEVICE(vvc), vq); + +-out: ++ g_free(elem); ++ return; ++ ++err: ++ virtqueue_detach_element(vq, elem, 0); + g_free(elem); + } + +-- +2.33.0 + diff --git a/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch new file mode 100644 index 0000000000..b374583017 --- /dev/null +++ b/meta/recipes-devtools/rpm/files/0001-CVE-2021-3521.patch @@ -0,0 +1,57 @@ +From 9a6871126f472feea057d5f803505ec8cc78f083 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Thu, 30 Sep 2021 09:56:20 +0300 +Subject: [PATCH 1/3] Refactor pgpDigParams construction to helper function + +No functional changes, just to reduce code duplication and needed by +the following commits. + +CVE: CVE-2021-3521 +Upstream-Staus: Backport[https://github.com/rpm-software-management/rpm/commit/9f03f42e2] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + rpmio/rpmpgp.c | 13 +++++++++---- + 1 file changed, 9 insertions(+), 4 deletions(-) + +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c +index d0688ebe9a..e472b5320f 100644 +--- a/rpmio/rpmpgp.c ++++ b/rpmio/rpmpgp.c +@@ -1041,6 +1041,13 @@ unsigned int pgpDigParamsAlgo(pgpDigParams digp, unsigned int algotype) + return algo; + } + ++static pgpDigParams pgpDigParamsNew(uint8_t tag) ++{ ++ pgpDigParams digp = xcalloc(1, sizeof(*digp)); ++ digp->tag = tag; ++ return digp; ++} ++ + int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, + pgpDigParams * ret) + { +@@ -1058,8 +1065,7 @@ int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, + if (pkttype && pkt.tag != pkttype) { + break; + } else { +- digp = xcalloc(1, sizeof(*digp)); +- digp->tag = pkt.tag; ++ digp = pgpDigParamsNew(pkt.tag); + } + } + +@@ -1105,8 +1111,7 @@ int pgpPrtParamsSubkeys(const uint8_t *pkts, size_t pktlen, + digps = xrealloc(digps, alloced * sizeof(*digps)); + } + +- digps[count] = xcalloc(1, sizeof(**digps)); +- digps[count]->tag = PGPTAG_PUBLIC_SUBKEY; ++ digps[count] = pgpDigParamsNew(PGPTAG_PUBLIC_SUBKEY); + /* Copy UID from main key to subkey */ + digps[count]->userid = xstrdup(mainkey->userid); + +-- +2.17.1 + diff --git a/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch new file mode 100644 index 0000000000..79b168257e --- /dev/null +++ b/meta/recipes-devtools/rpm/files/0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch @@ -0,0 +1,28 @@ +From 2d351c666f09cc1b9e368422653fb42ac8b86249 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Tue, 31 Aug 2021 10:37:05 +0200 +Subject: [PATCH] build/pack.c: do not insert payloadflags into .rpm metadata + +The flags look like '19T56' where 19 is the compression level +(deterministic), and 56 is the amount of threads (varies from one +host to the next and breaks reproducibility for .rpm). + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + build/pack.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/build/pack.c b/build/pack.c +index 932cb213e..b45d0726f 100644 +--- a/build/pack.c ++++ b/build/pack.c +@@ -328,7 +328,7 @@ static char *getIOFlags(Package pkg) + headerPutString(pkg->header, RPMTAG_PAYLOADCOMPRESSOR, compr); + buf = xstrdup(rpmio_flags); + buf[s - rpmio_flags] = '\0'; +- headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, buf+1); ++ headerPutString(pkg->header, RPMTAG_PAYLOADFLAGS, ""); + free(buf); + } + exit: diff --git a/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch new file mode 100644 index 0000000000..a8ff98fa26 --- /dev/null +++ b/meta/recipes-devtools/rpm/files/0002-CVE-2021-3521.patch @@ -0,0 +1,62 @@ +From c4b1bee51bbdd732b94b431a951481af99117703 Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Thu, 30 Sep 2021 09:51:10 +0300 +Subject: [PATCH 2/3] Process MPI's from all kinds of signatures + +No immediate effect but needed by the following commits. + +CVE: CVE-2021-3521 +Upstream-Status: Backport[https://github.com/rpm-software-management/rpm/commit/b5e8bc74b] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + rpmio/rpmpgp.c | 12 +++++------- + 1 file changed, 5 insertions(+), 7 deletions(-) + +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c +index e472b5320f..57d411d1e0 100644 +--- a/rpmio/rpmpgp.c ++++ b/rpmio/rpmpgp.c +@@ -515,7 +515,7 @@ pgpDigAlg pgpDigAlgFree(pgpDigAlg alg) + return NULL; + } + +-static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype, ++static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, + const uint8_t *p, const uint8_t *h, size_t hlen, + pgpDigParams sigp) + { +@@ -528,10 +528,8 @@ static int pgpPrtSigParams(pgpTag tag, uint8_t pubkey_algo, uint8_t sigtype, + int mpil = pgpMpiLen(p); + if (p + mpil > pend) + break; +- if (sigtype == PGPSIGTYPE_BINARY || sigtype == PGPSIGTYPE_TEXT) { +- if (sigalg->setmpi(sigalg, i, p)) +- break; +- } ++ if (sigalg->setmpi(sigalg, i, p)) ++ break; + p += mpil; + } + +@@ -604,7 +602,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen, + } + + p = ((uint8_t *)v) + sizeof(*v); +- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp); ++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp); + } break; + case 4: + { pgpPktSigV4 v = (pgpPktSigV4)h; +@@ -662,7 +660,7 @@ static int pgpPrtSig(pgpTag tag, const uint8_t *h, size_t hlen, + if (p > (h + hlen)) + return 1; + +- rc = pgpPrtSigParams(tag, v->pubkey_algo, v->sigtype, p, h, hlen, _digp); ++ rc = pgpPrtSigParams(tag, v->pubkey_algo, p, h, hlen, _digp); + } break; + default: + rpmlog(RPMLOG_WARNING, _("Unsupported version of key: V%d\n"), version); +-- +2.17.1 + diff --git a/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch new file mode 100644 index 0000000000..d39ea7dacd --- /dev/null +++ b/meta/recipes-devtools/rpm/files/0003-CVE-2021-3521.patch @@ -0,0 +1,332 @@ +From 07676ca03ad8afcf1ca95a2353c83fbb1d970b9b Mon Sep 17 00:00:00 2001 +From: Panu Matilainen <pmatilai@redhat.com> +Date: Thu, 30 Sep 2021 09:59:30 +0300 +Subject: [PATCH 3/3] Validate and require subkey binding signatures on PGP + public keys + +All subkeys must be followed by a binding signature by the primary key +as per the OpenPGP RFC, enforce the presence and validity in the parser. + +The implementation is as kludgey as they come to work around our +simple-minded parser structure without touching API, to maximise +backportability. Store all the raw packets internally as we decode them +to be able to access previous elements at will, needed to validate ordering +and access the actual data. Add testcases for manipulated keys whose +import previously would succeed. + +Depends on the two previous commits: +7b399fcb8f52566e6f3b4327197a85facd08db91 and +236b802a4aa48711823a191d1b7f753c82a89ec5 + +Fixes CVE-2021-3521. + +Upstream-Status: Backport [https://github.com/rpm-software-management/rpm/commit/bd36c5dc9] +CVE:CVE-2021-3521 + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + rpmio/rpmpgp.c | 100 ++++++++++++++++-- + tests/Makefile.am | 3 + + tests/data/keys/CVE-2021-3521-badbind.asc | 25 +++++ + .../data/keys/CVE-2021-3521-nosubsig-last.asc | 25 +++++ + tests/data/keys/CVE-2021-3521-nosubsig.asc | 37 +++++++ + tests/rpmsigdig.at | 28 +++++ + 6 files changed, 211 insertions(+), 7 deletions(-) + create mode 100644 tests/data/keys/CVE-2021-3521-badbind.asc + create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig-last.asc + create mode 100644 tests/data/keys/CVE-2021-3521-nosubsig.asc + +diff --git a/rpmio/rpmpgp.c b/rpmio/rpmpgp.c +index 57d411d1e0..b12410d671 100644 +--- a/rpmio/rpmpgp.c ++++ b/rpmio/rpmpgp.c +@@ -1046,35 +1046,121 @@ static pgpDigParams pgpDigParamsNew(uint8_t tag) + return digp; + } + ++static int hashKey(DIGEST_CTX hash, const struct pgpPkt *pkt, int exptag) ++{ ++ int rc = -1; ++ if (pkt->tag == exptag) { ++ uint8_t head[] = { ++ 0x99, ++ (pkt->blen >> 8), ++ (pkt->blen ), ++ }; ++ ++ rpmDigestUpdate(hash, head, 3); ++ rpmDigestUpdate(hash, pkt->body, pkt->blen); ++ rc = 0; ++ } ++ return rc; ++} ++ ++static int pgpVerifySelf(pgpDigParams key, pgpDigParams selfsig, ++ const struct pgpPkt *all, int i) ++{ ++ int rc = -1; ++ DIGEST_CTX hash = NULL; ++ ++ switch (selfsig->sigtype) { ++ case PGPSIGTYPE_SUBKEY_BINDING: ++ hash = rpmDigestInit(selfsig->hash_algo, 0); ++ if (hash) { ++ rc = hashKey(hash, &all[0], PGPTAG_PUBLIC_KEY); ++ if (!rc) ++ rc = hashKey(hash, &all[i-1], PGPTAG_PUBLIC_SUBKEY); ++ } ++ break; ++ default: ++ /* ignore types we can't handle */ ++ rc = 0; ++ break; ++ } ++ ++ if (hash && rc == 0) ++ rc = pgpVerifySignature(key, selfsig, hash); ++ ++ rpmDigestFinal(hash, NULL, NULL, 0); ++ ++ return rc; ++} ++ + int pgpPrtParams(const uint8_t * pkts, size_t pktlen, unsigned int pkttype, + pgpDigParams * ret) + { + const uint8_t *p = pkts; + const uint8_t *pend = pkts + pktlen; + pgpDigParams digp = NULL; +- struct pgpPkt pkt; ++ pgpDigParams selfsig = NULL; ++ int i = 0; ++ int alloced = 16; /* plenty for normal cases */ ++ struct pgpPkt *all = xmalloc(alloced * sizeof(*all)); + int rc = -1; /* assume failure */ ++ int expect = 0; ++ int prevtag = 0; + + while (p < pend) { +- if (decodePkt(p, (pend - p), &pkt)) ++ struct pgpPkt *pkt = &all[i]; ++ if (decodePkt(p, (pend - p), pkt)) + break; + + if (digp == NULL) { +- if (pkttype && pkt.tag != pkttype) { ++ if (pkttype && pkt->tag != pkttype) { + break; + } else { +- digp = pgpDigParamsNew(pkt.tag); ++ digp = pgpDigParamsNew(pkt->tag); + } + } + +- if (pgpPrtPkt(&pkt, digp)) ++ if (expect) { ++ if (pkt->tag != expect) ++ break; ++ selfsig = pgpDigParamsNew(pkt->tag); ++ } ++ ++ if (pgpPrtPkt(pkt, selfsig ? selfsig : digp)) + break; + +- p += (pkt.body - pkt.head) + pkt.blen; ++ if (selfsig) { ++ /* subkeys must be followed by binding signature */ ++ if (prevtag == PGPTAG_PUBLIC_SUBKEY) { ++ if (selfsig->sigtype != PGPSIGTYPE_SUBKEY_BINDING) ++ break; ++ } ++ ++ int xx = pgpVerifySelf(digp, selfsig, all, i); ++ ++ selfsig = pgpDigParamsFree(selfsig); ++ if (xx) ++ break; ++ expect = 0; ++ } ++ ++ if (pkt->tag == PGPTAG_PUBLIC_SUBKEY) ++ expect = PGPTAG_SIGNATURE; ++ prevtag = pkt->tag; ++ ++ i++; ++ p += (pkt->body - pkt->head) + pkt->blen; ++ if (pkttype == PGPTAG_SIGNATURE) ++ break; ++ ++ if (alloced <= i) { ++ alloced *= 2; ++ all = xrealloc(all, alloced * sizeof(*all)); ++ } + } + +- rc = (digp && (p == pend)) ? 0 : -1; ++ rc = (digp && (p == pend) && expect == 0) ? 0 : -1; + ++ free(all); + if (ret && rc == 0) { + *ret = digp; + } else { +diff --git a/tests/Makefile.am b/tests/Makefile.am +index f742a9e1d2..328234278a 100644 +--- a/tests/Makefile.am ++++ b/tests/Makefile.am +@@ -107,6 +107,9 @@ EXTRA_DIST += data/SPECS/hello-config-buildid.spec + EXTRA_DIST += data/SPECS/hello-cd.spec + EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.pub + EXTRA_DIST += data/keys/rpm.org-rsa-2048-test.secret ++EXTRA_DIST += data/keys/CVE-2021-3521-badbind.asc ++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig.asc ++EXTRA_DIST += data/keys/CVE-2021-3521-nosubsig-last.asc + EXTRA_DIST += data/macros.testfile + EXTRA_DIST += data/macros.debug + EXTRA_DIST += data/SOURCES/foo.c +diff --git a/tests/data/keys/CVE-2021-3521-badbind.asc b/tests/data/keys/CVE-2021-3521-badbind.asc +new file mode 100644 +index 0000000000..aea00f9d7a +--- /dev/null ++++ b/tests/data/keys/CVE-2021-3521-badbind.asc +@@ -0,0 +1,25 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Version: rpm-4.17.90 (NSS-3) ++ ++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g ++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY ++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 ++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas ++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ ++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl ++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK ++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf ++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB ++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr ++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX ++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq +++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN ++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY ++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz ++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 ++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c ++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m ++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE= ++=WCfs ++-----END PGP PUBLIC KEY BLOCK----- ++ +diff --git a/tests/data/keys/CVE-2021-3521-nosubsig-last.asc b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc +new file mode 100644 +index 0000000000..aea00f9d7a +--- /dev/null ++++ b/tests/data/keys/CVE-2021-3521-nosubsig-last.asc +@@ -0,0 +1,25 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Version: rpm-4.17.90 (NSS-3) ++ ++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g ++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY ++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 ++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas ++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ ++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl ++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK ++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf ++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB ++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr ++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX ++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq +++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN ++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY ++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz ++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 ++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c ++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m ++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAE= ++=WCfs ++-----END PGP PUBLIC KEY BLOCK----- ++ +diff --git a/tests/data/keys/CVE-2021-3521-nosubsig.asc b/tests/data/keys/CVE-2021-3521-nosubsig.asc +new file mode 100644 +index 0000000000..3a2e7417f8 +--- /dev/null ++++ b/tests/data/keys/CVE-2021-3521-nosubsig.asc +@@ -0,0 +1,37 @@ ++-----BEGIN PGP PUBLIC KEY BLOCK----- ++Version: rpm-4.17.90 (NSS-3) ++ ++mQENBFjmORgBCAC7TMEk6wnjSs8Dr4yqSScWdU2pjcqrkTxuzdWvowcIUPZI0w/g ++HkRqGd4apjvY2V15kjL10gk3QhFP3pZ/9p7zh8o8NHX7aGdSGDK7NOq1eFaErPRY ++91LW9RiZ0lbOjXEzIL0KHxUiTQEmdXJT43DJMFPyW9fkCWg0OltiX618FUdWWfI8 ++eySdLur1utnqBvdEbCUvWK2RX3vQZQdvEBODnNk2pxqTyV0w6VPQ96W++lF/5Aas ++7rUv3HIyIXxIggc8FRrnH+y9XvvHDonhTIlGnYZN4ubm9i4y3gOkrZlGTrEw7elQ ++1QeMyG2QQEbze8YjpTm4iLABCBrRfPRaQpwrABEBAAG0IXJwbS5vcmcgUlNBIHRl ++c3RrZXkgPHJzYUBycG0ub3JnPokBNwQTAQgAIQUCWOY5GAIbAwULCQgHAgYVCAkK ++CwIEFgIDAQIeAQIXgAAKCRBDRFkeGWTF/MxxCACnjqFL+MmPh9W9JQKT2DcLbBzf ++Cqo6wcEBoCOcwgRSk8dSikhARoteoa55JRJhuMyeKhhEAogE9HRmCPFdjezFTwgB ++BDVBpO2dZ023mLXDVCYX3S8pShOgCP6Tn4wqCnYeAdLcGg106N4xcmgtcssJE+Pr ++XzTZksbZsrTVEmL/Ym+R5w5jBfFnGk7Yw7ndwfQsfNXQb5AZynClFxnX546lcyZX ++fEx3/e6ezw57WNOUK6WT+8b+EGovPkbetK/rGxNXuWaP6X4A/QUm8O98nCuHYFQq +++mvNdsCBqGf7mhaRGtpHk/JgCn5rFvArMDqLVrR9hX0LdCSsH7EGE+bR3r7wuQEN ++BFjmORgBCACk+vDZrIXQuFXEYToZVwb2attzbbJJCqD71vmZTLsW0QxuPKRgbcYY ++zp4K4lVBnHhFrF8MOUOxJ7kQWIJZMZFt+BDcptCYurbD2H4W2xvnWViiC+LzCMzz ++iMJT6165uefL4JHTDPxC2fFiM9yrc72LmylJNkM/vepT128J5Qv0gRUaQbHiQuS6 ++Dm/+WRnUfx3i89SV4mnBxb/Ta93GVqoOciWwzWSnwEnWYAvOb95JL4U7c5J5f/+c ++KnQDHsW7sIiIdscsWzvgf6qs2Ra1Zrt7Fdk4+ZS2f/adagLhDO1C24sXf5XfMk5m ++L0OGwZSr9m5s17VXxfspgU5ugc8kBJfzABEBAAG5AQ0EWOY5GAEIAKT68NmshdC4 ++VcRhOhlXBvZq23NtskkKoPvW+ZlMuxbRDG48pGBtxhjOngriVUGceEWsXww5Q7En ++uRBYglkxkW34ENym0Ji6tsPYfhbbG+dZWKIL4vMIzPOIwlPrXrm558vgkdMM/ELZ ++8WIz3KtzvYubKUk2Qz+96lPXbwnlC/SBFRpBseJC5LoOb/5ZGdR/HeLz1JXiacHF ++v9Nr3cZWqg5yJbDNZKfASdZgC85v3kkvhTtzknl//5wqdAMexbuwiIh2xyxbO+B/ ++qqzZFrVmu3sV2Tj5lLZ/9p1qAuEM7ULbixd/ld8yTmYvQ4bBlKv2bmzXtVfF+ymB ++Tm6BzyQEl/MAEQEAAYkBHwQYAQgACQUCWOY5GAIbDAAKCRBDRFkeGWTF/PANB/9j ++mifmj6z/EPe0PJFhrpISt9PjiUQCt0IPtiL5zKAkWjHePIzyi+0kCTBF6DDLFxos ++3vN4bWnVKT1kBhZAQlPqpJTg+m74JUYeDGCdNx9SK7oRllATqyu+5rncgxjWVPnQ ++zu/HRPlWJwcVFYEVXYL8xzfantwQTqefjmcRmBRdA2XJITK+hGWwAmrqAWx+q5xX ++Pa8wkNMxVzNS2rUKO9SoVuJ/wlUvfoShkJ/VJ5HDp3qzUqncADfdGN35TDzscngQ ++gHvnMwVBfYfSCABV1hNByoZcc/kxkrWMmsd/EnIyLd1Q1baKqc3cEDuC6E6/o4yJ ++E4XX4jtDmdZPreZALsiB ++=rRop ++-----END PGP PUBLIC KEY BLOCK----- ++ +diff --git a/tests/rpmsigdig.at b/tests/rpmsigdig.at +index e1a3ab062a..705fc58705 100644 +--- a/tests/rpmsigdig.at ++++ b/tests/rpmsigdig.at +@@ -240,6 +240,34 @@ gpg(185e6146f00650f8) = 4:185e6146f00650f8-58e63918 + []) + AT_CLEANUP + ++AT_SETUP([rpmkeys --import invalid keys]) ++AT_KEYWORDS([rpmkeys import]) ++RPMDB_INIT ++ ++AT_CHECK([ ++runroot rpmkeys --import /data/keys/CVE-2021-3521-badbind.asc ++], ++[1], ++[], ++[error: /data/keys/CVE-2021-3521-badbind.asc: key 1 import failed.] ++) ++AT_CHECK([ ++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig.asc ++], ++[1], ++[], ++[error: /data/keys/CVE-2021-3521-nosubsig.asc: key 1 import failed.] ++) ++ ++AT_CHECK([ ++runroot rpmkeys --import /data/keys/CVE-2021-3521-nosubsig-last.asc ++], ++[1], ++[], ++[error: /data/keys/CVE-2021-3521-nosubsig-last.asc: key 1 import failed.] ++) ++AT_CLEANUP ++ + # ------------------------------ + # Test pre-built package verification + AT_SETUP([rpmkeys -K <signed> 1]) +-- +2.17.1 + diff --git a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb index 7c03b41fc8..5a347953fa 100644 --- a/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb +++ b/meta/recipes-devtools/rpm/rpm_4.16.1.3.bb @@ -24,7 +24,7 @@ HOMEPAGE = "http://www.rpm.org" LICENSE = "GPL-2.0" LIC_FILES_CHKSUM = "file://COPYING;md5=c4eec0c20c6034b9407a09945b48a43f" -SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \ +SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x;protocol=https \ file://environment.d-rpm.sh \ file://0001-Do-not-add-an-unsatisfiable-dependency-when-building.patch \ file://0001-Do-not-read-config-files-from-HOME.patch \ @@ -40,6 +40,10 @@ SRC_URI = "git://github.com/rpm-software-management/rpm;branch=rpm-4.16.x \ file://0016-rpmscript.c-change-logging-level-around-scriptlets-t.patch \ file://0001-lib-transaction.c-fix-file-conflicts-for-MIPS64-N32.patch \ file://0001-tools-Add-error.h-for-non-glibc-case.patch \ + file://0001-build-pack.c-do-not-insert-payloadflags-into-.rpm-me.patch \ + file://0001-CVE-2021-3521.patch \ + file://0002-CVE-2021-3521.patch \ + file://0003-CVE-2021-3521.patch \ " PE = "1" @@ -58,7 +62,8 @@ AUTOTOOLS_AUXDIR = "${S}/build-aux" # OE-core patches autoreconf to additionally run gnu-configize, which fails with this recipe EXTRA_AUTORECONF_append = " --exclude=gnu-configize" -EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt" +# Vendor is detected differently on x86 and aarch64 hosts and can feed into target packages +EXTRA_OECONF_append = " --without-lua --enable-python --with-crypto=libgcrypt --with-vendor=pc" EXTRA_OECONF_append_libc-musl = " --disable-nls --disable-openmp" # --sysconfdir prevents rpm from attempting to access machine-specific configuration in sysroot/etc; we need to have it in rootfs diff --git a/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch new file mode 100644 index 0000000000..f92f0e1ba6 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0003-rdoc-build-reproducible-documentation.patch @@ -0,0 +1,35 @@ +From: Christian Hofstaedtler <zeha@debian.org> +Date: Tue, 10 Oct 2017 15:04:34 -0300 +Subject: rdoc: build reproducible documentation + +- provide a fixed timestamp to the gzip compression + +Upstream-Status: Backport [debian] + +Signed-off-by: Antonio Terceiro <terceiro@debian.org> +Signed-off-by: Christian Hofstaedtler <zeha@debian.org> +--- + lib/rdoc/generator/json_index.rb | 4 ++-- + lib/rdoc/rdoc.rb | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +--- a/lib/rdoc/generator/json_index.rb ++++ b/lib/rdoc/generator/json_index.rb +@@ -178,7 +178,7 @@ + debug_msg "Writing gzipped search index to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(search_index_file) ++ gz.mtime = -1 + gz.orig_name = search_index_file.basename.to_s + gz.write search_index + gz.close +@@ -196,7 +196,7 @@ + debug_msg "Writing gzipped file to %s" % outfile + + Zlib::GzipWriter.open(outfile) do |gz| +- gz.mtime = File.mtime(dest) ++ gz.mtime = -1 + gz.orig_name = dest.basename.to_s + gz.write data + gz.close diff --git a/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch new file mode 100644 index 0000000000..e0aca0dcfc --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch @@ -0,0 +1,28 @@ +From: Reiner Herrmann <reiner@reiner-h.de> +Date: Tue, 10 Oct 2017 15:06:13 -0300 +Subject: lib/mkmf.rb: sort list of object files in generated Makefile + +Without sorting the list explicitly, its order is indeterministic, +because readdir() is also not deterministic. +When the list of object files varies between builds, they are linked +in a different order, which results in an unreproducible build. + +Upstream-Status: Backport [debian] + +Signed-off-by: Antonio Terceiro <terceiro@debian.org> +Signed-off-by: Reiner Herrmann <reiner@reiner-h.de> +--- + lib/mkmf.rb | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +--- a/lib/mkmf.rb ++++ b/lib/mkmf.rb +@@ -2315,7 +2315,7 @@ + LIBS = #{$LIBRUBYARG} #{$libs} #{$LIBS} + ORIG_SRCS = #{orig_srcs.collect(&File.method(:basename)).join(' ')} + SRCS = $(ORIG_SRCS) #{(srcs - orig_srcs).collect(&File.method(:basename)).join(' ')} +-OBJS = #{$objs.join(" ")} ++OBJS = #{$objs.sort.join(" ")} + HDRS = #{hdrs.map{|h| '$(srcdir)/' + File.basename(h)}.join(' ')} + LOCAL_HDRS = #{$headers.join(' ')} + TARGET = #{target} diff --git a/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch new file mode 100644 index 0000000000..b7faa58655 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch @@ -0,0 +1,28 @@ +From: Christian Hofstaedtler <zeha@debian.org> +Date: Tue, 10 Oct 2017 15:07:11 -0300 +Subject: Mark Gemspec-reproducible change fixing #784225, too + +I think the UTC date change will fix the Multi-Arch not-same file issue, +too. + +Upstream-Status: Backport [debian] + +Signed-off-by: Antonio Terceiro <terceiro@debian.org> +Signed-off-by: Christian Hofstaedtler <zeha@debian.org> +--- + lib/rubygems/specification.rb | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +--- a/lib/rubygems/specification.rb ++++ b/lib/rubygems/specification.rb +@@ -1695,7 +1695,9 @@ + raise(Gem::InvalidSpecificationException, + "invalid date format in specification: #{date.inspect}") + end +- when Time, DateLike then ++ when Time then ++ Time.utc(date.utc.year, date.utc.month, date.utc.day) ++ when DateLike then + Time.utc(date.year, date.month, date.day) + else + TODAY diff --git a/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch new file mode 100644 index 0000000000..504893b4b4 --- /dev/null +++ b/meta/recipes-devtools/ruby/ruby/0006-Make-gemspecs-reproducible.patch @@ -0,0 +1,67 @@ +From: Lucas Kanashiro <kanashiro@debian.org> +Date: Fri, 1 Nov 2019 15:25:17 -0300 +Subject: Make gemspecs reproducible + +Without an explicit date, they will get the current date and make the +build unreproducible + +Upstream-Status: Backport [debian] + +--- + ext/bigdecimal/bigdecimal.gemspec | 1 + + ext/fiddle/fiddle.gemspec | 1 + + ext/io/console/io-console.gemspec | 2 +- + lib/ipaddr.gemspec | 1 + + lib/rdoc/rdoc.gemspec | 1 + + 5 files changed, 5 insertions(+), 1 deletion(-) + +--- a/ext/bigdecimal/bigdecimal.gemspec ++++ b/ext/bigdecimal/bigdecimal.gemspec +@@ -6,6 +6,7 @@ + s.name = "bigdecimal" + s.version = bigdecimal_version + s.authors = ["Kenta Murata", "Zachary Scott", "Shigeo Kobayashi"] ++ s.date = RUBY_RELEASE_DATE + s.email = ["mrkn@mrkn.jp"] + + s.summary = "Arbitrary-precision decimal floating-point number library." +--- a/ext/fiddle/fiddle.gemspec ++++ b/ext/fiddle/fiddle.gemspec +@@ -8,6 +8,7 @@ + Gem::Specification.new do |spec| + spec.name = "fiddle" + spec.version = version_module::Fiddle::VERSION ++ spec.date = RUBY_RELEASE_DATE + spec.authors = ["Aaron Patterson", "SHIBATA Hiroshi"] + spec.email = ["aaron@tenderlovemaking.com", "hsbt@ruby-lang.org"] + +--- a/ext/io/console/io-console.gemspec ++++ b/ext/io/console/io-console.gemspec +@@ -4,6 +4,7 @@ + Gem::Specification.new do |s| + s.name = "io-console" + s.version = _VERSION ++ s.date = RUBY_RELEASE_DATE + s.summary = "Console interface" + s.email = "nobu@ruby-lang.org" + s.description = "add console capabilities to IO instances." +--- a/lib/ipaddr.gemspec ++++ b/lib/ipaddr.gemspec +@@ -6,6 +6,7 @@ + Gem::Specification.new do |spec| + spec.name = "ipaddr" + spec.version = "1.2.2" ++ spec.date = RUBY_RELEASE_DATE + spec.authors = ["Akinori MUSHA", "Hajimu UMEMOTO"] + spec.email = ["knu@idaemons.org", "ume@mahoroba.org"] + +--- a/lib/rdoc/rdoc.gemspec ++++ b/lib/rdoc/rdoc.gemspec +@@ -7,6 +7,7 @@ + + Gem::Specification.new do |s| + s.name = "rdoc" ++ s.date = RUBY_RELEASE_DATE + s.version = RDoc::VERSION + + s.authors = [ diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch deleted file mode 100644 index 83064e85ab..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31799.patch +++ /dev/null @@ -1,57 +0,0 @@ -From b1c73f239fe9af97de837331849f55d67c27561e Mon Sep 17 00:00:00 2001 -From: aycabta <aycabta@gmail.com> -Date: Sun, 2 May 2021 20:52:23 +0900 -Subject: [PATCH] [ruby/rdoc] Use File.open to fix the OS Command Injection - vulnerability in CVE-2021-31799 - -https://github.com/ruby/rdoc/commit/a7f5d6ab88 - -CVE: CVE-2021-31799 - -Upstream-Status: Backport[https://github.com/ruby/ruby/commit/b1c73f239fe9af97de837331849f55d67c27561e] - -Signed-off-by: Mingli Yu <mingli.yu@windriver.com> ---- - lib/rdoc/rdoc.rb | 2 +- - test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++ - 2 files changed, 13 insertions(+), 1 deletion(-) - -diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb -index 680a8612f7..904625f105 100644 ---- a/lib/rdoc/rdoc.rb -+++ b/lib/rdoc/rdoc.rb -@@ -444,7 +444,7 @@ def remove_unparseable files - files.reject do |file, *| - file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or - (file =~ /tags$/i and -- open(file, 'rb') { |io| -+ File.open(file, 'rb') { |io| - io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/ - }) - end -diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb -index 3910dd4656..a83d5a1b88 100644 ---- a/test/rdoc/test_rdoc_rdoc.rb -+++ b/test/rdoc/test_rdoc_rdoc.rb -@@ -456,6 +456,18 @@ def test_remove_unparseable_tags_vim - end - end - -+ def test_remove_unparseable_CVE_2021_31799 -+ temp_dir do -+ file_list = ['| touch evil.txt && echo tags'] -+ file_list.each do |f| -+ FileUtils.touch f -+ end -+ -+ assert_equal file_list, @rdoc.remove_unparseable(file_list) -+ assert_equal file_list, Dir.children('.') -+ end -+ end -+ - def test_setup_output_dir - Dir.mktmpdir {|d| - path = File.join d, 'testdir' --- -2.17.1 - diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch deleted file mode 100644 index 69d774e0b7..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-31810.patch +++ /dev/null @@ -1,258 +0,0 @@ -From 8cebc092cd18f4cfb669f66018ea8ffc6f408584 Mon Sep 17 00:00:00 2001 -From: Yusuke Endoh <mame@ruby-lang.org> -Date: Wed, 7 Jul 2021 11:57:15 +0900 -Subject: [PATCH] Ignore IP addresses in PASV responses by default, and add new - option use_pasv_ip - -This fixes CVE-2021-31810. -Reported by Alexandr Savca. - -Co-authored-by: Shugo Maeda <shugo@ruby-lang.org> - -CVE: CVE-2021-31810 - -Upstream-Status: Backport -[https://github.com/ruby/ruby/commit/bf4d05173c7cf04d8892e4b64508ecf7902717cd] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/net/ftp.rb | 15 +++- - test/net/ftp/test_ftp.rb | 159 ++++++++++++++++++++++++++++++++++++++- - 2 files changed, 170 insertions(+), 4 deletions(-) - -diff --git a/lib/net/ftp.rb b/lib/net/ftp.rb -index 88e8655..d6f5cc3 100644 ---- a/lib/net/ftp.rb -+++ b/lib/net/ftp.rb -@@ -98,6 +98,10 @@ module Net - # When +true+, the connection is in passive mode. Default: +true+. - attr_accessor :passive - -+ # When +true+, use the IP address in PASV responses. Otherwise, it uses -+ # the same IP address for the control connection. Default: +false+. -+ attr_accessor :use_pasv_ip -+ - # When +true+, all traffic to and from the server is written - # to +$stdout+. Default: +false+. - attr_accessor :debug_mode -@@ -206,6 +210,9 @@ module Net - # handshake. - # See Net::FTP#ssl_handshake_timeout for - # details. Default: +nil+. -+ # use_pasv_ip:: When +true+, use the IP address in PASV responses. -+ # Otherwise, it uses the same IP address for the control -+ # connection. Default: +false+. - # debug_mode:: When +true+, all traffic to and from the server is - # written to +$stdout+. Default: +false+. - # -@@ -266,6 +273,7 @@ module Net - @open_timeout = options[:open_timeout] - @ssl_handshake_timeout = options[:ssl_handshake_timeout] - @read_timeout = options[:read_timeout] || 60 -+ @use_pasv_ip = options[:use_pasv_ip] || false - if host - connect(host, options[:port] || FTP_PORT) - if options[:username] -@@ -1371,7 +1379,12 @@ module Net - raise FTPReplyError, resp - end - if m = /\((?<host>\d+(?:,\d+){3}),(?<port>\d+,\d+)\)/.match(resp) -- return parse_pasv_ipv4_host(m["host"]), parse_pasv_port(m["port"]) -+ if @use_pasv_ip -+ host = parse_pasv_ipv4_host(m["host"]) -+ else -+ host = @bare_sock.remote_address.ip_address -+ end -+ return host, parse_pasv_port(m["port"]) - else - raise FTPProtoError, resp - end -diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb -index 023e794..243d4ad 100644 ---- a/test/net/ftp/test_ftp.rb -+++ b/test/net/ftp/test_ftp.rb -@@ -61,7 +61,7 @@ class FTPTest < Test::Unit::TestCase - end - - def test_parse227 -- ftp = Net::FTP.new -+ ftp = Net::FTP.new(nil, use_pasv_ip: true) - host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)") - assert_equal("192.168.0.1", host) - assert_equal(3106, port) -@@ -80,6 +80,14 @@ class FTPTest < Test::Unit::TestCase - assert_raise(Net::FTPProtoError) do - ftp.send(:parse227, "227 ) foo bar (") - end -+ -+ ftp = Net::FTP.new -+ sock = OpenStruct.new -+ sock.remote_address = OpenStruct.new -+ sock.remote_address.ip_address = "10.0.0.1" -+ ftp.instance_variable_set(:@bare_sock, sock) -+ host, port = ftp.send(:parse227, "227 Entering Passive Mode (192,168,0,1,12,34)") -+ assert_equal("10.0.0.1", host) - end - - def test_parse228 -@@ -2474,10 +2482,155 @@ EOF - end - end - -+ def test_ignore_pasv_ip -+ commands = [] -+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 -+ server = create_ftp_server(nil, "127.0.0.1") { |sock| -+ sock.print("220 (test_ftp).\r\n") -+ commands.push(sock.gets) -+ sock.print("331 Please specify the password.\r\n") -+ commands.push(sock.gets) -+ sock.print("230 Login successful.\r\n") -+ commands.push(sock.gets) -+ sock.print("200 Switching to Binary mode.\r\n") -+ line = sock.gets -+ commands.push(line) -+ data_server = TCPServer.new("127.0.0.1", 0) -+ port = data_server.local_address.ip_port -+ sock.printf("227 Entering Passive Mode (999,0,0,1,%s).\r\n", -+ port.divmod(256).join(",")) -+ commands.push(sock.gets) -+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n") -+ conn = data_server.accept -+ binary_data.scan(/.{1,1024}/nm) do |s| -+ conn.print(s) -+ end -+ conn.shutdown(Socket::SHUT_WR) -+ conn.read -+ conn.close -+ data_server.close -+ sock.print("226 Transfer complete.\r\n") -+ } -+ begin -+ begin -+ ftp = Net::FTP.new -+ ftp.passive = true -+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait -+ ftp.connect("127.0.0.1", server.port) -+ ftp.login -+ assert_match(/\AUSER /, commands.shift) -+ assert_match(/\APASS /, commands.shift) -+ assert_equal("TYPE I\r\n", commands.shift) -+ buf = ftp.getbinaryfile("foo", nil) -+ assert_equal(binary_data, buf) -+ assert_equal(Encoding::ASCII_8BIT, buf.encoding) -+ assert_equal("PASV\r\n", commands.shift) -+ assert_equal("RETR foo\r\n", commands.shift) -+ assert_equal(nil, commands.shift) -+ ensure -+ ftp.close if ftp -+ end -+ ensure -+ server.close -+ end -+ end -+ -+ def test_use_pasv_ip -+ commands = [] -+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 -+ server = create_ftp_server(nil, "127.0.0.1") { |sock| -+ sock.print("220 (test_ftp).\r\n") -+ commands.push(sock.gets) -+ sock.print("331 Please specify the password.\r\n") -+ commands.push(sock.gets) -+ sock.print("230 Login successful.\r\n") -+ commands.push(sock.gets) -+ sock.print("200 Switching to Binary mode.\r\n") -+ line = sock.gets -+ commands.push(line) -+ data_server = TCPServer.new("127.0.0.1", 0) -+ port = data_server.local_address.ip_port -+ sock.printf("227 Entering Passive Mode (127,0,0,1,%s).\r\n", -+ port.divmod(256).join(",")) -+ commands.push(sock.gets) -+ sock.print("150 Opening BINARY mode data connection for foo (#{binary_data.size} bytes)\r\n") -+ conn = data_server.accept -+ binary_data.scan(/.{1,1024}/nm) do |s| -+ conn.print(s) -+ end -+ conn.shutdown(Socket::SHUT_WR) -+ conn.read -+ conn.close -+ data_server.close -+ sock.print("226 Transfer complete.\r\n") -+ } -+ begin -+ begin -+ ftp = Net::FTP.new -+ ftp.passive = true -+ ftp.use_pasv_ip = true -+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait -+ ftp.connect("127.0.0.1", server.port) -+ ftp.login -+ assert_match(/\AUSER /, commands.shift) -+ assert_match(/\APASS /, commands.shift) -+ assert_equal("TYPE I\r\n", commands.shift) -+ buf = ftp.getbinaryfile("foo", nil) -+ assert_equal(binary_data, buf) -+ assert_equal(Encoding::ASCII_8BIT, buf.encoding) -+ assert_equal("PASV\r\n", commands.shift) -+ assert_equal("RETR foo\r\n", commands.shift) -+ assert_equal(nil, commands.shift) -+ ensure -+ ftp.close if ftp -+ end -+ ensure -+ server.close -+ end -+ end -+ -+ def test_use_pasv_invalid_ip -+ commands = [] -+ binary_data = (0..0xff).map {|i| i.chr}.join * 4 * 3 -+ server = create_ftp_server(nil, "127.0.0.1") { |sock| -+ sock.print("220 (test_ftp).\r\n") -+ commands.push(sock.gets) -+ sock.print("331 Please specify the password.\r\n") -+ commands.push(sock.gets) -+ sock.print("230 Login successful.\r\n") -+ commands.push(sock.gets) -+ sock.print("200 Switching to Binary mode.\r\n") -+ line = sock.gets -+ commands.push(line) -+ sock.print("227 Entering Passive Mode (999,0,0,1,48,57).\r\n") -+ commands.push(sock.gets) -+ } -+ begin -+ begin -+ ftp = Net::FTP.new -+ ftp.passive = true -+ ftp.use_pasv_ip = true -+ ftp.read_timeout *= 5 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # for --jit-wait -+ ftp.connect("127.0.0.1", server.port) -+ ftp.login -+ assert_match(/\AUSER /, commands.shift) -+ assert_match(/\APASS /, commands.shift) -+ assert_equal("TYPE I\r\n", commands.shift) -+ assert_raise(SocketError) do -+ ftp.getbinaryfile("foo", nil) -+ end -+ ensure -+ ftp.close if ftp -+ end -+ ensure -+ server.close -+ end -+ end -+ - private - -- def create_ftp_server(sleep_time = nil) -- server = TCPServer.new(SERVER_ADDR, 0) -+ def create_ftp_server(sleep_time = nil, addr = SERVER_ADDR) -+ server = TCPServer.new(addr, 0) - @thread = Thread.start do - if sleep_time - sleep(sleep_time) --- -2.17.1 - diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch b/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch deleted file mode 100644 index b78a74a4b5..0000000000 --- a/meta/recipes-devtools/ruby/ruby/CVE-2021-32066.patch +++ /dev/null @@ -1,102 +0,0 @@ -From e2ac25d0eb66de99f098d6669cf4f06796aa6256 Mon Sep 17 00:00:00 2001 -From: Shugo Maeda <shugo@ruby-lang.org> -Date: Tue, 11 May 2021 10:31:27 +0900 -Subject: [PATCH] Fix StartTLS stripping vulnerability - -This fixes CVE-2021-32066. -Reported by Alexandr Savca in <https://hackerone.com/reports/1178562>. - -CVE: CVE-2021-32066 - -Upstream-Status: Backport -[https://github.com/ruby/ruby/commit/e2ac25d0eb66de99f098d6669cf4f06796aa6256] - -Signed-off-by: Yi Zhao <yi.zhao@windriver.com> ---- - lib/net/imap.rb | 8 +++++++- - test/net/imap/test_imap.rb | 31 +++++++++++++++++++++++++++++++ - 2 files changed, 38 insertions(+), 1 deletion(-) - -diff --git a/lib/net/imap.rb b/lib/net/imap.rb -index 505b4c8950..d45304f289 100644 ---- a/lib/net/imap.rb -+++ b/lib/net/imap.rb -@@ -1218,12 +1218,14 @@ def get_tagged_response(tag, cmd) - end - resp = @tagged_responses.delete(tag) - case resp.name -+ when /\A(?:OK)\z/ni -+ return resp - when /\A(?:NO)\z/ni - raise NoResponseError, resp - when /\A(?:BAD)\z/ni - raise BadResponseError, resp - else -- return resp -+ raise UnknownResponseError, resp - end - end - -@@ -3719,6 +3721,10 @@ class BadResponseError < ResponseError - class ByeResponseError < ResponseError - end - -+ # Error raised upon an unknown response from the server. -+ class UnknownResponseError < ResponseError -+ end -+ - RESPONSE_ERRORS = Hash.new(ResponseError) - RESPONSE_ERRORS["NO"] = NoResponseError - RESPONSE_ERRORS["BAD"] = BadResponseError -diff --git a/test/net/imap/test_imap.rb b/test/net/imap/test_imap.rb -index 8b924b524e..85fb71d440 100644 ---- a/test/net/imap/test_imap.rb -+++ b/test/net/imap/test_imap.rb -@@ -127,6 +127,16 @@ def test_starttls - imap.disconnect - end - end -+ -+ def test_starttls_stripping -+ starttls_stripping_test do |port| -+ imap = Net::IMAP.new("localhost", :port => port) -+ assert_raise(Net::IMAP::UnknownResponseError) do -+ imap.starttls(:ca_file => CA_FILE) -+ end -+ imap -+ end -+ end - end - - def start_server -@@ -834,6 +844,27 @@ def starttls_test - end - end - -+ def starttls_stripping_test -+ server = create_tcp_server -+ port = server.addr[1] -+ start_server do -+ sock = server.accept -+ begin -+ sock.print("* OK test server\r\n") -+ sock.gets -+ sock.print("RUBY0001 BUG unhandled command\r\n") -+ ensure -+ sock.close -+ server.close -+ end -+ end -+ begin -+ imap = yield(port) -+ ensure -+ imap.disconnect if imap && !imap.disconnected? -+ end -+ end -+ - def create_tcp_server - return TCPServer.new(server_addr, 0) - end --- -2.25.1 - diff --git a/meta/recipes-devtools/ruby/ruby_3.0.1.bb b/meta/recipes-devtools/ruby/ruby_3.0.3.bb index 4ac7383a97..a781f69534 100644 --- a/meta/recipes-devtools/ruby/ruby_3.0.1.bb +++ b/meta/recipes-devtools/ruby/ruby_3.0.3.bb @@ -6,12 +6,13 @@ SRC_URI += " \ file://remove_has_include_macros.patch \ file://run-ptest \ file://0001-template-Makefile.in-do-not-write-host-cross-cc-item.patch \ - file://CVE-2021-31810.patch \ - file://CVE-2021-32066.patch \ - file://CVE-2021-31799.patch \ + file://0003-rdoc-build-reproducible-documentation.patch \ + file://0004-lib-mkmf.rb-sort-list-of-object-files-in-generated-M.patch \ + file://0005-Mark-Gemspec-reproducible-change-fixing-784225-too.patch \ + file://0006-Make-gemspecs-reproducible.patch \ " -SRC_URI[sha256sum] = "369825db2199f6aeef16b408df6a04ebaddb664fb9af0ec8c686b0ce7ab77727" +SRC_URI[sha256sum] = "3586861cb2df56970287f0fd83f274bd92058872d830d15570b36def7f1a92ac" PACKAGECONFIG ??= "" PACKAGECONFIG += "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)}" @@ -77,8 +78,6 @@ do_install_ptest () { -i ${D}${PTEST_PATH}/test/erb/test_erb_command.rb cp -r ${S}/include ${D}/${libdir}/ruby/ - test_case_rb=`grep rubygems/test_case.rb ${B}/.installed.list` - sed -i -e 's:../../../test/:../../../ptest/test/:g' ${D}/$test_case_rb } PACKAGES =+ "${PN}-ri-docs ${PN}-rdoc" diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch new file mode 100644 index 0000000000..d01b5c6871 --- /dev/null +++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-1.patch @@ -0,0 +1,135 @@ +The commit is required by the fix for CVE-2021-41072. + +Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/80b8441] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 80b8441a37fcf8bf07dacf24d9d6c6459a0f6e36 Mon Sep 17 00:00:00 2001 +From: Phillip Lougher <phillip@squashfs.org.uk> +Date: Sun, 12 Sep 2021 19:58:19 +0100 +Subject: [PATCH] unsquashfs: use squashfs_closedir() to delete directory + +Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk> +--- + squashfs-tools/unsquash-1.c | 3 +-- + squashfs-tools/unsquash-1234.c | 11 +++++++++-- + squashfs-tools/unsquash-2.c | 3 +-- + squashfs-tools/unsquash-3.c | 3 +-- + squashfs-tools/unsquash-4.c | 3 +-- + squashfs-tools/unsquashfs.c | 7 ------- + squashfs-tools/unsquashfs.h | 1 + + 7 files changed, 14 insertions(+), 17 deletions(-) + +diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c +index acba821..7598499 100644 +--- a/squashfs-tools/unsquash-1.c ++++ b/squashfs-tools/unsquash-1.c +@@ -373,8 +373,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + return dir; + + corrupted: +- free(dir->dirs); +- free(dir); ++ squashfs_closedir(dir); + return NULL; + } + +diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c +index c2d4f42..0c8dfbb 100644 +--- a/squashfs-tools/unsquash-1234.c ++++ b/squashfs-tools/unsquash-1234.c +@@ -25,8 +25,8 @@ + * unsquash-4. + */ + +-#define TRUE 1 +-#define FALSE 0 ++#include "unsquashfs.h" ++ + /* + * Check name for validity, name should not + * - be ".", "./", or +@@ -56,3 +56,10 @@ int check_name(char *name, int size) + + return TRUE; + } ++ ++ ++void squashfs_closedir(struct dir *dir) ++{ ++ free(dir->dirs); ++ free(dir); ++} +diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c +index 0746b3d..86f62ba 100644 +--- a/squashfs-tools/unsquash-2.c ++++ b/squashfs-tools/unsquash-2.c +@@ -465,8 +465,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + return dir; + + corrupted: +- free(dir->dirs); +- free(dir); ++ squashfs_closedir(dir); + return NULL; + } + +diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c +index 094caaa..c04aa9e 100644 +--- a/squashfs-tools/unsquash-3.c ++++ b/squashfs-tools/unsquash-3.c +@@ -499,8 +499,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + return dir; + + corrupted: +- free(dir->dirs); +- free(dir); ++ squashfs_closedir(dir); + return NULL; + } + +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index 3a1b9e1..ff62dcc 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -436,8 +436,7 @@ static struct dir *squashfs_opendir(unsigned int block_start, unsigned int offse + return dir; + + corrupted: +- free(dir->dirs); +- free(dir); ++ squashfs_closedir(dir); + return NULL; + } + +diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c +index 7b590bd..04be53c 100644 +--- a/squashfs-tools/unsquashfs.c ++++ b/squashfs-tools/unsquashfs.c +@@ -1350,13 +1350,6 @@ unsigned int *offset, unsigned int *type) + } + + +-void squashfs_closedir(struct dir *dir) +-{ +- free(dir->dirs); +- free(dir); +-} +- +- + char *get_component(char *target, char **targname) + { + char *start; +diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h +index 2e9201c..5ecb2ab 100644 +--- a/squashfs-tools/unsquashfs.h ++++ b/squashfs-tools/unsquashfs.h +@@ -291,4 +291,5 @@ extern long long *alloc_index_table(int); + + /* unsquash-1234.c */ + extern int check_name(char *, int); ++extern void squashfs_closedir(struct dir *); + #endif +-- +2.17.1 + diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch new file mode 100644 index 0000000000..0b80d07b3b --- /dev/null +++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-2.patch @@ -0,0 +1,109 @@ +The commit is required by the fix for CVE-2021-41072. Update context for +version 4.4. + +Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/1993a4e] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 1993a4e7aeda04962bf26e84c15fba8b58837e10 Mon Sep 17 00:00:00 2001 +From: Phillip Lougher <phillip@squashfs.org.uk> +Date: Sun, 12 Sep 2021 20:09:13 +0100 +Subject: [PATCH] unsquashfs: dynamically allocate name + +Dynamically allocate name rather than store it +directly in structure. + +Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk> +--- + squashfs-tools/unsquash-1.c | 2 +- + squashfs-tools/unsquash-1234.c | 5 +++++ + squashfs-tools/unsquash-2.c | 2 +- + squashfs-tools/unsquash-3.c | 2 +- + squashfs-tools/unsquash-4.c | 2 +- + squashfs-tools/unsquashfs.h | 2 +- + 6 files changed, 10 insertions(+), 5 deletions(-) + +diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c +index 7598499..d0121c6 100644 +--- a/squashfs-tools/unsquash-1.c ++++ b/squashfs-tools/unsquash-1.c +@@ -303,7 +303,7 @@ static struct dir *squashfs_opendir(unsi + "realloc failed!\n"); + dir->dirs = new_dir; + } +- strcpy(dir->dirs[dir->dir_count].name, dire->name); ++ dir->dirs[dir->dir_count].name = strdup(dire->name); + dir->dirs[dir->dir_count].start_block = + dirh.start_block; + dir->dirs[dir->dir_count].offset = dire->offset; +diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c +index 0c8dfbb..ac46d9d 100644 +--- a/squashfs-tools/unsquash-1234.c ++++ b/squashfs-tools/unsquash-1234.c +@@ -60,6 +60,11 @@ int check_name(char *name, int size) + + void squashfs_closedir(struct dir *dir) + { ++ int i; ++ ++ for(i = 0; i < dir->dir_count; i++) ++ free(dir->dirs[i].name); ++ + free(dir->dirs); + free(dir); + } +diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c +index 86f62ba..e847980 100644 +--- a/squashfs-tools/unsquash-2.c ++++ b/squashfs-tools/unsquash-2.c +@@ -404,7 +404,7 @@ static struct dir *squashfs_opendir(unsi + "realloc failed!\n"); + dir->dirs = new_dir; + } +- strcpy(dir->dirs[dir->dir_count].name, dire->name); ++ dir->dirs[dir->dir_count].name = strdup(dire->name); + dir->dirs[dir->dir_count].start_block = + dirh.start_block; + dir->dirs[dir->dir_count].offset = dire->offset; +diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c +index c04aa9e..8223f27 100644 +--- a/squashfs-tools/unsquash-3.c ++++ b/squashfs-tools/unsquash-3.c +@@ -431,7 +431,7 @@ static struct dir *squashfs_opendir(unsi + "realloc failed!\n"); + dir->dirs = new_dir; + } +- strcpy(dir->dirs[dir->dir_count].name, dire->name); ++ dir->dirs[dir->dir_count].name = strdup(dire->name); + dir->dirs[dir->dir_count].start_block = + dirh.start_block; + dir->dirs[dir->dir_count].offset = dire->offset; +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index ff62dcc..1e199a7 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -367,7 +367,7 @@ static struct dir *squashfs_opendir(unsi + "realloc failed!\n"); + dir->dirs = new_dir; + } +- strcpy(dir->dirs[dir->dir_count].name, dire->name); ++ dir->dirs[dir->dir_count].name = strdup(dire->name); + dir->dirs[dir->dir_count].start_block = + dirh.start_block; + dir->dirs[dir->dir_count].offset = dire->offset; +diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h +index 5ecb2ab..583fbe4 100644 +--- a/squashfs-tools/unsquashfs.h ++++ b/squashfs-tools/unsquashfs.h +@@ -165,7 +165,7 @@ struct queue { + #define DIR_ENT_SIZE 16 + + struct dir_ent { +- char name[SQUASHFS_NAME_LEN + 1]; ++ char *name; + unsigned int start_block; + unsigned int offset; + unsigned int type; +-- +2.17.1 + diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch new file mode 100644 index 0000000000..fad5898f13 --- /dev/null +++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072-requisite-3.patch @@ -0,0 +1,330 @@ +The commit is required by the fix for CVE-2021-41072. Update context for +version 4.4. + +Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/9938154] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 9938154174756ee48a94ea0b076397a2944b028d Mon Sep 17 00:00:00 2001 +From: Phillip Lougher <phillip@squashfs.org.uk> +Date: Sun, 12 Sep 2021 22:58:11 +0100 +Subject: [PATCH] unsquashfs: use linked list to store directory names + +This should bring higher performance, and it allows sorting +if necessary (1.x and 2.0 filesystems). + +Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk> +--- + squashfs-tools/unsquash-1.c | 30 +++++++++++++++--------------- + squashfs-tools/unsquash-1234.c | 12 ++++++++---- + squashfs-tools/unsquash-2.c | 29 +++++++++++++++-------------- + squashfs-tools/unsquash-3.c | 29 +++++++++++++++-------------- + squashfs-tools/unsquash-4.c | 29 +++++++++++++++-------------- + squashfs-tools/unsquashfs.c | 16 ++++++++++------ + squashfs-tools/unsquashfs.h | 3 ++- + 7 files changed, 80 insertions(+), 68 deletions(-) + +diff --git a/squashfs-tools/unsquash-1.c b/squashfs-tools/unsquash-1.c +index d0121c6..b604434 100644 +--- a/squashfs-tools/unsquash-1.c ++++ b/squashfs-tools/unsquash-1.c +@@ -207,7 +207,7 @@ static struct dir *squashfs_opendir(unsi + long long start; + int bytes; + int dir_count, size; +- struct dir_ent *new_dir; ++ struct dir_ent *ent, *cur_ent = NULL; + struct dir *dir; + + TRACE("squashfs_opendir: inode start block %d, offset %d\n", +@@ -220,7 +220,7 @@ static struct dir *squashfs_opendir(unsi + EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n"); + + dir->dir_count = 0; +- dir->cur_entry = 0; ++ dir->cur_entry = NULL; + dir->mode = (*i)->mode; + dir->uid = (*i)->uid; + dir->guid = (*i)->gid; +@@ -295,19 +295,20 @@ static struct dir *squashfs_opendir(unsi + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +- if((dir->dir_count % DIR_ENT_SIZE) == 0) { +- new_dir = realloc(dir->dirs, (dir->dir_count + +- DIR_ENT_SIZE) * sizeof(struct dir_ent)); +- if(new_dir == NULL) +- EXIT_UNSQUASH("squashfs_opendir: " +- "realloc failed!\n"); +- dir->dirs = new_dir; +- } +- dir->dirs[dir->dir_count].name = strdup(dire->name); +- dir->dirs[dir->dir_count].start_block = +- dirh.start_block; +- dir->dirs[dir->dir_count].offset = dire->offset; +- dir->dirs[dir->dir_count].type = dire->type; ++ ent = malloc(sizeof(struct dir_ent)); ++ if(ent == NULL) ++ MEM_ERROR(); ++ ++ ent->name = strdup(dire->name); ++ ent->start_block = dirh.start_block; ++ ent->offset = dire->offset; ++ ent->type = dire->type; ++ ent->next = NULL; ++ if(cur_ent == NULL) ++ dir->dirs = ent; ++ else ++ cur_ent->next = ent; ++ cur_ent = ent; + dir->dir_count ++; + bytes += dire->size + 1; + } +diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c +index ac46d9d..e389f8d 100644 +--- a/squashfs-tools/unsquash-1234.c ++++ b/squashfs-tools/unsquash-1234.c +@@ -60,11 +60,15 @@ int check_name(char *name, int size) + + void squashfs_closedir(struct dir *dir) + { +- int i; ++ struct dir_ent *ent = dir->dirs; + +- for(i = 0; i < dir->dir_count; i++) +- free(dir->dirs[i].name); ++ while(ent) { ++ struct dir_ent *tmp = ent; ++ ++ ent = ent->next; ++ free(tmp->name); ++ free(tmp); ++ } + +- free(dir->dirs); + free(dir); + } +diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c +index e847980..956f96f 100644 +--- a/squashfs-tools/unsquash-2.c ++++ b/squashfs-tools/unsquash-2.c +@@ -308,7 +308,7 @@ static struct dir *squashfs_opendir(unsi + long long start; + int bytes; + int dir_count, size; +- struct dir_ent *new_dir; ++ struct dir_ent *ent, *cur_ent = NULL; + struct dir *dir; + + TRACE("squashfs_opendir: inode start block %d, offset %d\n", +@@ -321,7 +321,7 @@ static struct dir *squashfs_opendir(unsi + EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n"); + + dir->dir_count = 0; +- dir->cur_entry = 0; ++ dir->cur_entry = NULL; + dir->mode = (*i)->mode; + dir->uid = (*i)->uid; + dir->guid = (*i)->gid; +@@ -396,19 +396,20 @@ static struct dir *squashfs_opendir(unsi + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +- if((dir->dir_count % DIR_ENT_SIZE) == 0) { +- new_dir = realloc(dir->dirs, (dir->dir_count + +- DIR_ENT_SIZE) * sizeof(struct dir_ent)); +- if(new_dir == NULL) +- EXIT_UNSQUASH("squashfs_opendir: " +- "realloc failed!\n"); +- dir->dirs = new_dir; +- } +- dir->dirs[dir->dir_count].name = strdup(dire->name); +- dir->dirs[dir->dir_count].start_block = +- dirh.start_block; +- dir->dirs[dir->dir_count].offset = dire->offset; +- dir->dirs[dir->dir_count].type = dire->type; ++ ent = malloc(sizeof(struct dir_ent)); ++ if(ent == NULL) ++ MEM_ERROR(); ++ ++ ent->name = strdup(dire->name); ++ ent->start_block = dirh.start_block; ++ ent->offset = dire->offset; ++ ent->type = dire->type; ++ ent->next = NULL; ++ if(cur_ent == NULL) ++ dir->dirs = ent; ++ else ++ cur_ent->next = ent; ++ cur_ent = ent; + dir->dir_count ++; + bytes += dire->size + 1; + } +diff --git a/squashfs-tools/unsquash-3.c b/squashfs-tools/unsquash-3.c +index 8223f27..835a574 100644 +--- a/squashfs-tools/unsquash-3.c ++++ b/squashfs-tools/unsquash-3.c +@@ -334,7 +334,7 @@ static struct dir *squashfs_opendir(unsi + long long start; + int bytes; + int dir_count, size; +- struct dir_ent *new_dir; ++ struct dir_ent *ent, *cur_ent = NULL; + struct dir *dir; + + TRACE("squashfs_opendir: inode start block %d, offset %d\n", +@@ -347,7 +347,7 @@ static struct dir *squashfs_opendir(unsi + EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n"); + + dir->dir_count = 0; +- dir->cur_entry = 0; ++ dir->cur_entry = NULL; + dir->mode = (*i)->mode; + dir->uid = (*i)->uid; + dir->guid = (*i)->gid; +@@ -423,19 +423,20 @@ static struct dir *squashfs_opendir(unsi + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +- if((dir->dir_count % DIR_ENT_SIZE) == 0) { +- new_dir = realloc(dir->dirs, (dir->dir_count + +- DIR_ENT_SIZE) * sizeof(struct dir_ent)); +- if(new_dir == NULL) +- EXIT_UNSQUASH("squashfs_opendir: " +- "realloc failed!\n"); +- dir->dirs = new_dir; +- } +- dir->dirs[dir->dir_count].name = strdup(dire->name); +- dir->dirs[dir->dir_count].start_block = +- dirh.start_block; +- dir->dirs[dir->dir_count].offset = dire->offset; +- dir->dirs[dir->dir_count].type = dire->type; ++ ent = malloc(sizeof(struct dir_ent)); ++ if(ent == NULL) ++ MEM_ERROR(); ++ ++ ent->name = strdup(dire->name); ++ ent->start_block = dirh.start_block; ++ ent->offset = dire->offset; ++ ent->type = dire->type; ++ ent->next = NULL; ++ if(cur_ent == NULL) ++ dir->dirs = ent; ++ else ++ cur_ent->next = ent; ++ cur_ent = ent; + dir->dir_count ++; + bytes += dire->size + 1; + } +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index 1e199a7..694783d 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -281,7 +281,7 @@ static struct dir *squashfs_opendir(unsi + long long start; + long long bytes; + int dir_count, size; +- struct dir_ent *new_dir; ++ struct dir_ent *ent, *cur_ent = NULL; + struct dir *dir; + + TRACE("squashfs_opendir: inode start block %d, offset %d\n", +@@ -294,7 +294,7 @@ static struct dir *squashfs_opendir(unsi + EXIT_UNSQUASH("squashfs_opendir: malloc failed!\n"); + + dir->dir_count = 0; +- dir->cur_entry = 0; ++ dir->cur_entry = NULL; + dir->mode = (*i)->mode; + dir->uid = (*i)->uid; + dir->guid = (*i)->gid; +@@ -359,19 +359,20 @@ static struct dir *squashfs_opendir(unsi + TRACE("squashfs_opendir: directory entry %s, inode " + "%d:%d, type %d\n", dire->name, + dirh.start_block, dire->offset, dire->type); +- if((dir->dir_count % DIR_ENT_SIZE) == 0) { +- new_dir = realloc(dir->dirs, (dir->dir_count + +- DIR_ENT_SIZE) * sizeof(struct dir_ent)); +- if(new_dir == NULL) +- EXIT_UNSQUASH("squashfs_opendir: " +- "realloc failed!\n"); +- dir->dirs = new_dir; +- } +- dir->dirs[dir->dir_count].name = strdup(dire->name); +- dir->dirs[dir->dir_count].start_block = +- dirh.start_block; +- dir->dirs[dir->dir_count].offset = dire->offset; +- dir->dirs[dir->dir_count].type = dire->type; ++ ent = malloc(sizeof(struct dir_ent)); ++ if(ent == NULL) ++ MEM_ERROR(); ++ ++ ent->name = strdup(dire->name); ++ ent->start_block = dirh.start_block; ++ ent->offset = dire->offset; ++ ent->type = dire->type; ++ ent->next = NULL; ++ if(cur_ent == NULL) ++ dir->dirs = ent; ++ else ++ cur_ent->next = ent; ++ cur_ent = ent; + dir->dir_count ++; + bytes += dire->size + 1; + } +diff --git a/squashfs-tools/unsquashfs.c b/squashfs-tools/unsquashfs.c +index 04be53c..fee28ec 100644 +--- a/squashfs-tools/unsquashfs.c ++++ b/squashfs-tools/unsquashfs.c +@@ -1277,14 +1277,18 @@ failed: + int squashfs_readdir(struct dir *dir, char **name, unsigned int *start_block, + unsigned int *offset, unsigned int *type) + { +- if(dir->cur_entry == dir->dir_count) ++ if(dir->cur_entry == NULL) ++ dir->cur_entry = dir->dirs; ++ else ++ dir->cur_entry = dir->cur_entry->next; ++ ++ if(dir->cur_entry == NULL) + return FALSE; + +- *name = dir->dirs[dir->cur_entry].name; +- *start_block = dir->dirs[dir->cur_entry].start_block; +- *offset = dir->dirs[dir->cur_entry].offset; +- *type = dir->dirs[dir->cur_entry].type; +- dir->cur_entry ++; ++ *name = dir->cur_entry->name; ++ *start_block = dir->cur_entry->start_block; ++ *offset = dir->cur_entry->offset; ++ *type = dir->cur_entry->type; + + return TRUE; + } +diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h +index 583fbe4..f8cf78c 100644 +--- a/squashfs-tools/unsquashfs.h ++++ b/squashfs-tools/unsquashfs.h +@@ -169,17 +169,18 @@ struct dir_ent { + unsigned int start_block; + unsigned int offset; + unsigned int type; ++ struct dir_ent *next; + }; + + struct dir { + int dir_count; +- int cur_entry; + unsigned int mode; + uid_t uid; + gid_t guid; + unsigned int mtime; + unsigned int xattr; + struct dir_ent *dirs; ++ struct dir_ent *cur_entry; + }; + + struct file_entry { +-- +2.17.1 + diff --git a/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch new file mode 100644 index 0000000000..29ec3bbeab --- /dev/null +++ b/meta/recipes-devtools/squashfs-tools/files/CVE-2021-41072.patch @@ -0,0 +1,316 @@ +CVE: CVE-2021-41072 +Upstream-Status: Backport [https://github.com/plougher/squashfs-tools/commit/e048580] + +Backport commit to fix CVE-2021-41072. And squash a follow-up fix for +CVE-2021-41072 from upstream: +https://github.com/plougher/squashfs-tools/commit/19fcc93 + +Update context for version 4.4. + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From e0485802ec72996c20026da320650d8362f555bd Mon Sep 17 00:00:00 2001 +From: Phillip Lougher <phillip@squashfs.org.uk> +Date: Sun, 12 Sep 2021 23:50:06 +0100 +Subject: [PATCH] Unsquashfs: additional write outside destination directory + exploit fix + +An issue on github (https://github.com/plougher/squashfs-tools/issues/72) +showed how some specially crafted Squashfs filesystems containing +invalid file names (with '/' and '..') can cause Unsquashfs to write +files outside of the destination directory. + +Since then it has been shown that specially crafted Squashfs filesystems +that contain a symbolic link pointing outside of the destination directory, +coupled with an identically named file within the same directory, can +cause Unsquashfs to write files outside of the destination directory. + +Specifically the symbolic link produces a pathname pointing outside +of the destination directory, which is then followed when writing the +duplicate identically named file within the directory. + +This commit fixes this exploit by explictly checking for duplicate +filenames within a directory. As directories in v2.1, v3.x, and v4.0 +filesystems are sorted, this is achieved by checking for consecutively +identical filenames. Additionally directories are checked to +ensure they are sorted, to avoid attempts to evade the duplicate +check. + +Version 1.x and 2.0 filesystems (where the directories were unsorted) +are sorted and then the above duplicate filename check is applied. + +Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk> +--- + squashfs-tools/Makefile | 6 +- + squashfs-tools/unsquash-1.c | 6 ++ + squashfs-tools/unsquash-12.c | 110 +++++++++++++++++++++++++++++++++ + squashfs-tools/unsquash-1234.c | 21 +++++++ + squashfs-tools/unsquash-2.c | 16 +++++ + squashfs-tools/unsquash-3.c | 6 ++ + squashfs-tools/unsquash-4.c | 6 ++ + squashfs-tools/unsquashfs.h | 4 ++ + 8 files changed, 173 insertions(+), 2 deletions(-) + create mode 100644 squashfs-tools/unsquash-12.c + +diff --git a/squashfs-tools/Makefile b/squashfs-tools/Makefile +index 7262a2e..1b544ed 100755 +--- a/squashfs-tools/Makefile ++++ b/squashfs-tools/Makefile +@@ -156,8 +156,8 @@ MKSQUASHFS_OBJS = mksquashfs.o read_fs.o + caches-queues-lists.o + + UNSQUASHFS_OBJS = unsquashfs.o unsquash-1.o unsquash-2.o unsquash-3.o \ +- unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o swap.o \ +- compressor.o unsquashfs_info.o ++ unsquash-4.o unsquash-123.o unsquash-34.o unsquash-1234.o unsquash-12.o \ ++ swap.o compressor.o unsquashfs_info.o + + CFLAGS ?= -O2 + CFLAGS += $(EXTRA_CFLAGS) $(INCLUDEDIR) -D_FILE_OFFSET_BITS=64 \ +@@ -353,6 +353,8 @@ unsquash-34.o: unsquashfs.h unsquash-34.c unsquashfs_error.h + + unsquash-1234.o: unsquash-1234.c + ++unsquash-12.o: unsquash-12.c unsquashfs.h ++ + unsquashfs_xattr.o: unsquashfs_xattr.c unsquashfs.h squashfs_fs.h xattr.h + + unsquashfs_info.o: unsquashfs.h squashfs_fs.h +--- a/squashfs-tools/unsquash-1.c ++++ b/squashfs-tools/unsquash-1.c +@@ -314,6 +314,12 @@ static struct dir *squashfs_opendir(unsi + } + } + ++ /* check directory for duplicate names. Need to sort directory first */ ++ sort_directory(dir); ++ if(check_directory(dir) == FALSE) { ++ ERROR("File system corrupted: directory has duplicate names\n"); ++ goto corrupted; ++ } + return dir; + + corrupted: +diff --git a/squashfs-tools/unsquash-12.c b/squashfs-tools/unsquash-12.c +new file mode 100644 +index 0000000..61bf128 +--- /dev/null ++++ b/squashfs-tools/unsquash-12.c +@@ -0,0 +1,110 @@ ++/* ++ * Unsquash a squashfs filesystem. This is a highly compressed read only ++ * filesystem. ++ * ++ * Copyright (c) 2021 ++ * Phillip Lougher <phillip@squashfs.org.uk> ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU General Public License ++ * as published by the Free Software Foundation; either version 2, ++ * or (at your option) any later version. ++ * ++ * This program is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with this program; if not, write to the Free Software ++ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ++ * ++ * unsquash-12.c ++ * ++ * Helper functions used by unsquash-1 and unsquash-2. ++ */ ++ ++#include "unsquashfs.h" ++ ++/* ++ * Bottom up linked list merge sort. ++ * ++ */ ++void sort_directory(struct dir *dir) ++{ ++ struct dir_ent *cur, *l1, *l2, *next; ++ int len1, len2, stride = 1; ++ ++ if(dir->dir_count < 2) ++ return; ++ ++ /* ++ * We can consider our linked-list to be made up of stride length ++ * sublists. Eacn iteration around this loop merges adjacent ++ * stride length sublists into larger 2*stride sublists. We stop ++ * when stride becomes equal to the entire list. ++ * ++ * Initially stride = 1 (by definition a sublist of 1 is sorted), and ++ * these 1 element sublists are merged into 2 element sublists, which ++ * are then merged into 4 element sublists and so on. ++ */ ++ do { ++ l2 = dir->dirs; /* head of current linked list */ ++ cur = NULL; /* empty output list */ ++ ++ /* ++ * Iterate through the linked list, merging adjacent sublists. ++ * On each interation l2 points to the next sublist pair to be ++ * merged (if there's only one sublist left this is simply added ++ * to the output list) ++ */ ++ while(l2) { ++ l1 = l2; ++ for(len1 = 0; l2 && len1 < stride; len1 ++, l2 = l2->next); ++ len2 = stride; ++ ++ /* ++ * l1 points to first sublist. ++ * l2 points to second sublist. ++ * Merge them onto the output list ++ */ ++ while(len1 && l2 && len2) { ++ if(strcmp(l1->name, l2->name) <= 0) { ++ next = l1; ++ l1 = l1->next; ++ len1 --; ++ } else { ++ next = l2; ++ l2 = l2->next; ++ len2 --; ++ } ++ ++ if(cur) { ++ cur->next = next; ++ cur = next; ++ } else ++ dir->dirs = cur = next; ++ } ++ /* ++ * One sublist is now empty, copy the other one onto the ++ * output list ++ */ ++ for(; len1; len1 --, l1 = l1->next) { ++ if(cur) { ++ cur->next = l1; ++ cur = l1; ++ } else ++ dir->dirs = cur = l1; ++ } ++ for(; l2 && len2; len2 --, l2 = l2->next) { ++ if(cur) { ++ cur->next = l2; ++ cur = l2; ++ } else ++ dir->dirs = cur = l2; ++ } ++ } ++ cur->next = NULL; ++ stride = stride << 1; ++ } while(stride < dir->dir_count); ++} +diff --git a/squashfs-tools/unsquash-1234.c b/squashfs-tools/unsquash-1234.c +index e389f8d..98a81ed 100644 +--- a/squashfs-tools/unsquash-1234.c ++++ b/squashfs-tools/unsquash-1234.c +@@ -72,3 +72,24 @@ void squashfs_closedir(struct dir *dir) + + free(dir); + } ++ ++ ++/* ++ * Check directory for duplicate names. As the directory should be sorted, ++ * duplicates will be consecutive. Obviously we also need to check if the ++ * directory has been deliberately unsorted, to evade this check. ++ */ ++int check_directory(struct dir *dir) ++{ ++ int i; ++ struct dir_ent *ent; ++ ++ if(dir->dir_count < 2) ++ return TRUE; ++ ++ for(ent = dir->dirs, i = 0; i < dir->dir_count - 1; ent = ent->next, i++) ++ if(strcmp(ent->name, ent->next->name) >= 0) ++ return FALSE; ++ ++ return TRUE; ++} +diff --git a/squashfs-tools/unsquash-2.c b/squashfs-tools/unsquash-2.c +index 956f96f..0e36f7d 100644 +--- a/squashfs-tools/unsquash-2.c ++++ b/squashfs-tools/unsquash-2.c +@@ -29,6 +29,7 @@ static squashfs_fragment_entry_2 *fragme + static unsigned int *uid_table, *guid_table; + static char *inode_table, *directory_table; + static squashfs_operations ops; ++static int needs_sorting = FALSE; + + static void read_block_list(unsigned int *block_list, char *block_ptr, int blocks) + { +@@ -415,6 +416,17 @@ static struct dir *squashfs_opendir(unsi + } + } + ++ if(needs_sorting) ++ sort_directory(dir); ++ ++ /* check directory for duplicate names and sorting */ ++ if(check_directory(dir) == FALSE) { ++ if(needs_sorting) ++ ERROR("File system corrupted: directory has duplicate names\n"); ++ else ++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n"); ++ goto corrupted; ++ } + return dir; + + corrupted: +--- a/squashfs-tools/unsquash-3.c ++++ b/squashfs-tools/unsquash-3.c +@@ -442,6 +442,12 @@ static struct dir *squashfs_opendir(unsi + } + } + ++ /* check directory for duplicate names and sorting */ ++ if(check_directory(dir) == FALSE) { ++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n"); ++ goto corrupted; ++ } ++ + return dir; + + corrupted: +diff --git a/squashfs-tools/unsquash-4.c b/squashfs-tools/unsquash-4.c +index 694783d..c615bb8 100644 +--- a/squashfs-tools/unsquash-4.c ++++ b/squashfs-tools/unsquash-4.c +@@ -378,6 +378,12 @@ static struct dir *squashfs_opendir(unsi + } + } + ++ /* check directory for duplicate names and sorting */ ++ if(check_directory(dir) == FALSE) { ++ ERROR("File system corrupted: directory has duplicate names or is unsorted\n"); ++ goto corrupted; ++ } ++ + return dir; + + corrupted: +diff --git a/squashfs-tools/unsquashfs.h b/squashfs-tools/unsquashfs.h +index f8cf78c..bf2a80d 100644 +--- a/squashfs-tools/unsquashfs.h ++++ b/squashfs-tools/unsquashfs.h +@@ -266,4 +266,8 @@ extern long long *alloc_index_table(int) + /* unsquash-1234.c */ + extern int check_name(char *, int); + extern void squashfs_closedir(struct dir *); ++extern int check_directory(struct dir *); ++ ++/* unsquash-12.c */ ++extern void sort_directory(struct dir *); + #endif +-- +2.17.1 + diff --git a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb index 083e597b03..caa5417ed0 100644 --- a/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb +++ b/meta/recipes-devtools/squashfs-tools/squashfs-tools_git.bb @@ -9,9 +9,13 @@ LIC_FILES_CHKSUM = "file://../COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" PV = "4.4" SRCREV = "52eb4c279cd283ed9802dd1ceb686560b22ffb67" -SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https \ +SRC_URI = "git://github.com/plougher/squashfs-tools.git;protocol=https;branch=master \ file://0001-squashfs-tools-fix-build-failure-against-gcc-10.patch;striplevel=2 \ file://CVE-2021-40153.patch;striplevel=2 \ + file://CVE-2021-41072-requisite-1.patch;striplevel=2 \ + file://CVE-2021-41072-requisite-2.patch;striplevel=2 \ + file://CVE-2021-41072-requisite-3.patch;striplevel=2 \ + file://CVE-2021-41072.patch;striplevel=2 \ " S = "${WORKDIR}/git/squashfs-tools" diff --git a/meta/recipes-devtools/strace/strace/run-ptest b/meta/recipes-devtools/strace/strace/run-ptest index 3a51fb0be9..02bb91e07f 100755 --- a/meta/recipes-devtools/strace/strace/run-ptest +++ b/meta/recipes-devtools/strace/strace/run-ptest @@ -1,6 +1,15 @@ #!/bin/sh + +set -u + export TIMEOUT_DURATION=240 chown nobody tests chown nobody tests/* chown nobody ../ptest + su nobody -c "make -B -C tests -k test-suite.log" +res=$? +if [ $res -ne 0 ]; then + cat tests/test-suite.log +fi +exit $res diff --git a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb index 905a0cbb72..44f0c8c8f2 100644 --- a/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb +++ b/meta/recipes-devtools/systemd-bootchart/systemd-bootchart_234.bb @@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1 & GPLv2" LIC_FILES_CHKSUM = "file://LICENSE.LGPL2.1;md5=4fbd65380cdd255951079008b364516c \ file://LICENSE.GPL2;md5=751419260aa954499f7abaabaa882bbe" -SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https \ +SRC_URI = "git://github.com/systemd/systemd-bootchart.git;protocol=https;branch=master \ file://0001-architecture-Recognise-RISCV-32-RISCV-64.patch \ file://mips64.patch \ file://no_lto.patch \ diff --git a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb index a143b09656..7f790c9dbb 100644 --- a/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb +++ b/meta/recipes-devtools/tcf-agent/tcf-agent_git.bb @@ -10,7 +10,7 @@ SRCREV = "a022ef2f1acfd9209a1bf792dda14ae4b0d1b60f" PV = "1.7.0+git${SRCPV}" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" -SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https \ +SRC_URI = "git://git.eclipse.org/r/tcf/org.eclipse.tcf.agent.git;protocol=https;branch=master \ file://fix_ranlib.patch \ file://ldflags.patch \ file://tcf-agent.init \ diff --git a/meta/recipes-devtools/unfs3/unfs3_git.bb b/meta/recipes-devtools/unfs3/unfs3_git.bb index a21fb58397..06148005cf 100644 --- a/meta/recipes-devtools/unfs3/unfs3_git.bb +++ b/meta/recipes-devtools/unfs3/unfs3_git.bb @@ -14,7 +14,7 @@ DEPENDS_append_class-nativesdk = " flex-nativesdk" ASNEEDED = "" S = "${WORKDIR}/git" -SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https \ +SRC_URI = "git://github.com/unfs3/unfs3.git;protocol=https;branch=master \ file://unfs3_parallel_build.patch \ file://alternate_rpc_ports.patch \ file://fix_pid_race_parent_writes_child_pid.patch \ @@ -37,7 +37,7 @@ BBCLASSEXTEND = "native nativesdk" inherit autotools EXTRA_OECONF_append_class-native = " --sbindir=${bindir}" CFLAGS_append = " -I${STAGING_INCDIR}/tirpc" -LDFLAGS_append = " -ltirpc" +EXTRA_OECONF_append = " LIBS=-ltirpc" # Turn off these header detects else the inode search # will walk entire file systems and this is a real problem diff --git a/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb b/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb index 523bf33f42..3869abee59 100644 --- a/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb +++ b/meta/recipes-extended/asciidoc/asciidoc_9.1.0.bb @@ -8,7 +8,7 @@ LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=4e5d1baf6f20559e3bec172226a47e4e \ file://LICENSE;md5=b234ee4d69f5fce4486a80fdaf4a4263 " -SRC_URI = "git://github.com/asciidoc/asciidoc-py3;protocol=https;branch=9.x" +SRC_URI = "git://github.com/asciidoc/asciidoc-py;protocol=https;branch=9.x" SRCREV = "9705d428439530104ce55d0ba12e8ef9d1b57ad1" DEPENDS = "libxml2-native libxslt-native docbook-xml-dtd4-native docbook-xsl-stylesheets-native" diff --git a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb index 70eb67f1f2..d2f34449b3 100644 --- a/meta/recipes-extended/bzip2/bzip2_1.0.8.bb +++ b/meta/recipes-extended/bzip2/bzip2_1.0.8.bb @@ -22,7 +22,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;endline=37;md5=600af43c50f1fcb82e " SRC_URI = "https://sourceware.org/pub/${BPN}/${BPN}-${PV}.tar.gz \ - git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests \ + git://sourceware.org/git/bzip2-tests.git;name=bzip2-tests;branch=master \ file://configure.ac;subdir=${BP} \ file://Makefile.am;subdir=${BP} \ file://run-ptest \ diff --git a/meta/recipes-extended/cups/cups.inc b/meta/recipes-extended/cups/cups.inc index beee614828..a667d1a142 100644 --- a/meta/recipes-extended/cups/cups.inc +++ b/meta/recipes-extended/cups/cups.inc @@ -44,7 +44,7 @@ PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'zeroconf', 'avahi', PACKAGECONFIG[avahi] = "--enable-avahi,--disable-avahi,avahi" PACKAGECONFIG[acl] = "--enable-acl,--disable-acl,acl" PACKAGECONFIG[pam] = "--enable-pam --with-pam-module=unix, --disable-pam, libpam" -PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--without-systemd,systemd" +PACKAGECONFIG[systemd] = "--with-systemd=${systemd_system_unitdir},--disable-systemd,systemd" PACKAGECONFIG[xinetd] = "--with-xinetd=${sysconfdir}/xinetd.d,--without-xinetd,xinetd" EXTRA_OECONF = " \ diff --git a/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch new file mode 100644 index 0000000000..44bdfbba35 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/0001-Bug-704342-Include-device-specifier-strings-in-acces.patch @@ -0,0 +1,238 @@ +From a9bd3dec9fde03327a4a2c69dad1036bf9632e20 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Tue, 7 Sep 2021 20:36:12 +0100 +Subject: [PATCH] Bug 704342: Include device specifier strings in access + validation + +for the "%pipe%", %handle%" and %printer% io devices. + +We previously validated only the part after the "%pipe%" Postscript device +specifier, but this proved insufficient. + +This rebuilds the original file name string, and validates it complete. The +slight complication for "%pipe%" is it can be reached implicitly using +"|" so we have to check both prefixes. + +Addresses CVE-2021-3781 + +CVE: CVE-2021-3781 + +Upstream-Status: Backport (http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=a9bd3dec9fde03327a4a2c69dad1036bf9632e20) + +Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> +--- + base/gdevpipe.c | 22 +++++++++++++++- + base/gp_mshdl.c | 11 +++++++- + base/gp_msprn.c | 10 ++++++- + base/gp_os2pr.c | 13 +++++++++- + base/gslibctx.c | 69 ++++++++++--------------------------------------- + 5 files changed, 65 insertions(+), 60 deletions(-) + +diff --git a/base/gdevpipe.c b/base/gdevpipe.c +index 96d71f5d8..5bdc485be 100644 +--- a/base/gdevpipe.c ++++ b/base/gdevpipe.c +@@ -72,8 +72,28 @@ pipe_fopen(gx_io_device * iodev, const char *fname, const char *access, + #else + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ /* The pipe device can be reached in two ways, explicltly with %pipe% ++ or implicitly with "|", so we have to check for both ++ */ ++ char f[gp_file_name_sizeof]; ++ const char *pipestr = "|"; ++ const size_t pipestrlen = strlen(pipestr); ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); ++ int code1; ++ ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(f, iodev->dname, preflen); ++ memcpy(f + preflen, fname, nlen + 1); ++ ++ code1 = gp_validate_path(mem, f, access); ++ ++ memcpy(f, pipestr, pipestrlen); ++ memcpy(f + pipestrlen, fname, nlen + 1); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (code1 != 0 && gp_validate_path(mem, f, access) != 0 ) + return gs_error_invalidfileaccess; + + /* +diff --git a/base/gp_mshdl.c b/base/gp_mshdl.c +index 2b964ed74..8d87ceadc 100644 +--- a/base/gp_mshdl.c ++++ b/base/gp_mshdl.c +@@ -95,8 +95,17 @@ mswin_handle_fopen(gx_io_device * iodev, const char *fname, const char *access, + long hfile; /* Correct for Win32, may be wrong for Win64 */ + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ char f[gp_file_name_sizeof]; ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(f, iodev->dname, preflen); ++ memcpy(f + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, f, access) != 0) + return gs_error_invalidfileaccess; + + /* First we try the open_handle method. */ +diff --git a/base/gp_msprn.c b/base/gp_msprn.c +index ed4827968..746a974f7 100644 +--- a/base/gp_msprn.c ++++ b/base/gp_msprn.c +@@ -168,8 +168,16 @@ mswin_printer_fopen(gx_io_device * iodev, const char *fname, const char *access, + uintptr_t *ptid = &((tid_t *)(iodev->state))->tid; + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ const size_t preflen = strlen(iodev->dname); ++ const size_t nlen = strlen(fname); + +- if (gp_validate_path(mem, fname, access) != 0) ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(pname, iodev->dname, preflen); ++ memcpy(pname + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, pname, access) != 0) + return gs_error_invalidfileaccess; + + /* First we try the open_printer method. */ +diff --git a/base/gp_os2pr.c b/base/gp_os2pr.c +index f852c71fc..ba54cde66 100644 +--- a/base/gp_os2pr.c ++++ b/base/gp_os2pr.c +@@ -107,9 +107,20 @@ os2_printer_fopen(gx_io_device * iodev, const char *fname, const char *access, + FILE ** pfile, char *rfname, uint rnamelen) + { + os2_printer_t *pr = (os2_printer_t *)iodev->state; +- char driver_name[256]; ++ char driver_name[gp_file_name_sizeof]; + gs_lib_ctx_t *ctx = mem->gs_lib_ctx; + gs_fs_list_t *fs = ctx->core->fs; ++ const size_t preflen = strlen(iodev->dname); ++ const int size_t = strlen(fname); ++ ++ if (preflen + nlen >= gp_file_name_sizeof) ++ return_error(gs_error_invalidaccess); ++ ++ memcpy(driver_name, iodev->dname, preflen); ++ memcpy(driver_name + preflen, fname, nlen + 1); ++ ++ if (gp_validate_path(mem, driver_name, access) != 0) ++ return gs_error_invalidfileaccess; + + /* First we try the open_printer method. */ + /* Note that the loop condition here ensures we don't +diff --git a/base/gslibctx.c b/base/gslibctx.c +index 6dfed6cd5..318039fad 100644 +--- a/base/gslibctx.c ++++ b/base/gslibctx.c +@@ -655,82 +655,39 @@ rewrite_percent_specifiers(char *s) + int + gs_add_outputfile_control_path(gs_memory_t *mem, const char *fname) + { +- char *fp, f[gp_file_name_sizeof]; +- const int pipe = 124; /* ASCII code for '|' */ +- const int len = strlen(fname); +- int i, code; ++ char f[gp_file_name_sizeof]; ++ int code; + + /* Be sure the string copy will fit */ +- if (len >= gp_file_name_sizeof) ++ if (strlen(fname) >= gp_file_name_sizeof) + return gs_error_rangecheck; + strcpy(f, fname); +- fp = f; + /* Try to rewrite any %d (or similar) in the string */ + rewrite_percent_specifiers(f); +- for (i = 0; i < len; i++) { +- if (f[i] == pipe) { +- fp = &f[i + 1]; +- /* Because we potentially have to check file permissions at two levels +- for the output file (gx_device_open_output_file and the low level +- fopen API, if we're using a pipe, we have to add both the full string, +- (including the '|', and just the command to which we pipe - since at +- the pipe_fopen(), the leading '|' has been stripped. +- */ +- code = gs_add_control_path(mem, gs_permit_file_writing, f); +- if (code < 0) +- return code; +- code = gs_add_control_path(mem, gs_permit_file_control, f); +- if (code < 0) +- return code; +- break; +- } +- if (!IS_WHITESPACE(f[i])) +- break; +- } +- code = gs_add_control_path(mem, gs_permit_file_control, fp); ++ ++ code = gs_add_control_path(mem, gs_permit_file_control, f); + if (code < 0) + return code; +- return gs_add_control_path(mem, gs_permit_file_writing, fp); ++ return gs_add_control_path(mem, gs_permit_file_writing, f); + } + + int + gs_remove_outputfile_control_path(gs_memory_t *mem, const char *fname) + { +- char *fp, f[gp_file_name_sizeof]; +- const int pipe = 124; /* ASCII code for '|' */ +- const int len = strlen(fname); +- int i, code; ++ char f[gp_file_name_sizeof]; ++ int code; + + /* Be sure the string copy will fit */ +- if (len >= gp_file_name_sizeof) ++ if (strlen(fname) >= gp_file_name_sizeof) + return gs_error_rangecheck; + strcpy(f, fname); +- fp = f; + /* Try to rewrite any %d (or similar) in the string */ +- for (i = 0; i < len; i++) { +- if (f[i] == pipe) { +- fp = &f[i + 1]; +- /* Because we potentially have to check file permissions at two levels +- for the output file (gx_device_open_output_file and the low level +- fopen API, if we're using a pipe, we have to add both the full string, +- (including the '|', and just the command to which we pipe - since at +- the pipe_fopen(), the leading '|' has been stripped. +- */ +- code = gs_remove_control_path(mem, gs_permit_file_writing, f); +- if (code < 0) +- return code; +- code = gs_remove_control_path(mem, gs_permit_file_control, f); +- if (code < 0) +- return code; +- break; +- } +- if (!IS_WHITESPACE(f[i])) +- break; +- } +- code = gs_remove_control_path(mem, gs_permit_file_control, fp); ++ rewrite_percent_specifiers(f); ++ ++ code = gs_remove_control_path(mem, gs_permit_file_control, f); + if (code < 0) + return code; +- return gs_remove_control_path(mem, gs_permit_file_writing, fp); ++ return gs_remove_control_path(mem, gs_permit_file_writing, f); + } + + int +-- +2.33.0 + diff --git a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch new file mode 100644 index 0000000000..f312f89e04 --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-45949.patch @@ -0,0 +1,65 @@ +From 6643ff0cb837db3eade489ffff21e3e92eee2ae0 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Fri, 28 Jan 2022 08:21:19 +0000 +Subject: [PATCH] [PATCH] Bug 703902: Fix op stack management in + sampled_data_continue() + +Replace pop() (which does no checking, and doesn't handle stack extension +blocks) with ref_stack_pop() which does do all that. + +We still use pop() in one case (it's faster), but we have to later use +ref_stack_pop() before calling sampled_data_sample() which also accesses the +op stack. + +Fixes: +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=34675 + +Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=2a3129365d3bc0d4a41f107ef175920d1505d1f7] +CVE: CVE-2021-45949 +Signed-off-by: Minjae Kim <flowergom@gmail.com> +--- + psi/zfsample.c | 13 ++++++++----- + 1 file changed, 8 insertions(+), 5 deletions(-) + +diff --git a/psi/zfsample.c b/psi/zfsample.c +index 0023fa4..f84671f 100644 +--- a/psi/zfsample.c ++++ b/psi/zfsample.c +@@ -534,14 +534,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p) + data_ptr[bps * i + j] = (byte)(cv >> ((bps - 1 - j) * 8)); /* MSB first */ + } + pop(num_out); /* Move op to base of result values */ +- ++ /* From here on, we have to use ref_stack_pop() rather than pop() ++ so that it handles stack extension blocks properly, before calling ++ sampled_data_sample() which also uses the op stack. ++ */ + /* Check if we are done collecting data. */ + + if (increment_cube_indexes(params, penum->indexes)) { + if (stack_depth_adjust == 0) +- pop(O_STACK_PAD); /* Remove spare stack space */ ++ ref_stack_pop(&o_stack, O_STACK_PAD); /* Remove spare stack space */ + else +- pop(stack_depth_adjust - num_out); ++ ref_stack_pop(&o_stack, stack_depth_adjust - num_out); + /* Execute the closing procedure, if given */ + code = 0; + if (esp_finish_proc != 0) +@@ -554,11 +557,11 @@ sampled_data_continue(i_ctx_t *i_ctx_p) + if ((O_STACK_PAD - stack_depth_adjust) < 0) { + stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust); + check_op(stack_depth_adjust); +- pop(stack_depth_adjust); ++ ref_stack_pop(&o_stack, stack_depth_adjust); + } + else { + check_ostack(O_STACK_PAD - stack_depth_adjust); +- push(O_STACK_PAD - stack_depth_adjust); ++ ref_stack_push(&o_stack, O_STACK_PAD - stack_depth_adjust); + for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++) + make_null(op - i); + } +-- +2.17.1 + diff --git a/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch new file mode 100644 index 0000000000..722bab4ddb --- /dev/null +++ b/meta/recipes-extended/ghostscript/ghostscript/check-stack-limits-after-function-evalution.patch @@ -0,0 +1,51 @@ +From 7861fcad13c497728189feafb41cd57b5b50ea25 Mon Sep 17 00:00:00 2001 +From: Chris Liddell <chris.liddell@artifex.com> +Date: Fri, 12 Feb 2021 10:34:23 +0000 +Subject: [PATCH] oss-fuzz 30715: Check stack limits after function evaluation. + +During function result sampling, after the callout to the Postscript +interpreter, make sure there is enough stack space available before pushing +or popping entries. + +In thise case, the Postscript procedure for the "function" is totally invalid +(as a function), and leaves the op stack in an unrecoverable state (as far as +function evaluation is concerned). We end up popping more entries off the +stack than are available. + +To cope, add in stack limit checking to throw an appropriate error when this +happens. + +Upstream-Status: Backported [https://git.ghostscript.com/?p=ghostpdl.git;a=patch;h=7861fcad13c497728189feafb41cd57b5b50ea25] +Signed-off-by: Minjae Kim <flowergom@gmail.com> +--- + psi/zfsample.c | 14 +++++++++++--- + 1 file changed, 11 insertions(+), 3 deletions(-) + +diff --git a/psi/zfsample.c b/psi/zfsample.c +index 290809405..652ae02c6 100644 +--- a/psi/zfsample.c ++++ b/psi/zfsample.c +@@ -551,9 +551,17 @@ sampled_data_continue(i_ctx_t *i_ctx_p) + } else { + if (stack_depth_adjust) { + stack_depth_adjust -= num_out; +- push(O_STACK_PAD - stack_depth_adjust); +- for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++) +- make_null(op - i); ++ if ((O_STACK_PAD - stack_depth_adjust) < 0) { ++ stack_depth_adjust = -(O_STACK_PAD - stack_depth_adjust); ++ check_op(stack_depth_adjust); ++ pop(stack_depth_adjust); ++ } ++ else { ++ check_ostack(O_STACK_PAD - stack_depth_adjust); ++ push(O_STACK_PAD - stack_depth_adjust); ++ for (i=0;i<O_STACK_PAD - stack_depth_adjust;i++) ++ make_null(op - i); ++ } + } + } + +-- +2.25.1 + diff --git a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb index 35826c2549..958a88e968 100644 --- a/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb +++ b/meta/recipes-extended/ghostscript/ghostscript_9.53.3.bb @@ -33,6 +33,9 @@ SRC_URI_BASE = "https://github.com/ArtifexSoftware/ghostpdl-downloads/releases/d file://do-not-check-local-libpng-source.patch \ file://avoid-host-contamination.patch \ file://mkdir-p.patch \ + file://0001-Bug-704342-Include-device-specifier-strings-in-acces.patch \ + file://check-stack-limits-after-function-evalution.patch \ + file://CVE-2021-45949.patch \ " SRC_URI = "${SRC_URI_BASE} \ diff --git a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb index c51f163e9b..3b738f82e7 100644 --- a/meta/recipes-extended/go-examples/go-helloworld_0.1.bb +++ b/meta/recipes-extended/go-examples/go-helloworld_0.1.bb @@ -5,7 +5,7 @@ HOMEPAGE = "https://golang.org/" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" -SRC_URI = "git://${GO_IMPORT}" +SRC_URI = "git://${GO_IMPORT};branch=master;protocol=https" SRCREV = "46695d81d1fae905a270fb7db8a4d11a334562fe" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-extended/iputils/iputils_s20200821.bb b/meta/recipes-extended/iputils/iputils_s20200821.bb index e43abf2629..dd541d4d48 100644 --- a/meta/recipes-extended/iputils/iputils_s20200821.bb +++ b/meta/recipes-extended/iputils/iputils_s20200821.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=55aa8c9fcad0691cef0ecd420361e390" DEPENDS = "gnutls" -SRC_URI = "git://github.com/iputils/iputils \ +SRC_URI = "git://github.com/iputils/iputils;branch=master;protocol=https \ file://0001-rarpd-rdisc-Drop-PrivateUsers.patch \ " SRCREV = "23c3782ae0c7f9c6ae59dbed8ad9204f8758542b" diff --git a/meta/recipes-extended/libaio/libaio_0.3.112.bb b/meta/recipes-extended/libaio/libaio_0.3.112.bb index b3606474a5..3892f3244e 100644 --- a/meta/recipes-extended/libaio/libaio_0.3.112.bb +++ b/meta/recipes-extended/libaio/libaio_0.3.112.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://lse.sourceforge.net/io/aio.html" LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=d8045f3b8f929c1cb29a1e3fd737b499" -SRC_URI = "git://pagure.io/libaio.git;protocol=https \ +SRC_URI = "git://pagure.io/libaio.git;protocol=https;branch=master \ file://00_arches.patch \ file://libaio_fix_for_mips_syscalls.patch \ file://system-linkage.patch \ diff --git a/meta/recipes-extended/libarchive/libarchive_3.5.1.bb b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb index 1387b69066..92bb223784 100644 --- a/meta/recipes-extended/libarchive/libarchive_3.5.1.bb +++ b/meta/recipes-extended/libarchive/libarchive_3.5.3.bb @@ -34,7 +34,7 @@ EXTRA_OECONF += "--enable-largefile" SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz" -SRC_URI[sha256sum] = "9015d109ec00bb9ae1a384b172bf2fc1dff41e2c66e5a9eeddf933af9db37f5a" +SRC_URI[sha256sum] = "72788e5f58d16febddfa262a5215e05fc9c79f2670f641ac039e6df44330ef51" inherit autotools update-alternatives pkgconfig diff --git a/meta/recipes-extended/libnsl/libnsl2_git.bb b/meta/recipes-extended/libnsl/libnsl2_git.bb index badb71d977..0690d4cd3b 100644 --- a/meta/recipes-extended/libnsl/libnsl2_git.bb +++ b/meta/recipes-extended/libnsl/libnsl2_git.bb @@ -14,7 +14,7 @@ PV = "1.3.0" SRCREV = "fbad7b36acaa89a54023930af70805649f962999" -SRC_URI = "git://github.com/thkukuk/libnsl \ +SRC_URI = "git://github.com/thkukuk/libnsl;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-extended/libnss-nis/libnss-nis.bb b/meta/recipes-extended/libnss-nis/libnss-nis.bb index a1d914e871..984cc98fc2 100644 --- a/meta/recipes-extended/libnss-nis/libnss-nis.bb +++ b/meta/recipes-extended/libnss-nis/libnss-nis.bb @@ -17,7 +17,7 @@ PV = "3.1+git${SRCPV}" SRCREV = "062f31999b35393abf7595cb89dfc9590d5a42ad" -SRC_URI = "git://github.com/thkukuk/libnss_nis \ +SRC_URI = "git://github.com/thkukuk/libnss_nis;branch=master;protocol=https \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb index fa6e8a3c4d..2b5da4d932 100644 --- a/meta/recipes-extended/libsolv/libsolv_0.7.17.bb +++ b/meta/recipes-extended/libsolv/libsolv_0.7.17.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE.BSD;md5=62272bd11c97396d4aaf1c41bc11f7d8" DEPENDS = "expat zlib" -SRC_URI = "git://github.com/openSUSE/libsolv.git \ +SRC_URI = "git://github.com/openSUSE/libsolv.git;branch=master;protocol=https \ " SRCREV = "4bc791c0d235eb14bfe4c5da607206bfdfa6983d" diff --git a/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch b/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch new file mode 100644 index 0000000000..f4e93d1065 --- /dev/null +++ b/meta/recipes-extended/lighttpd/lighttpd/0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch @@ -0,0 +1,97 @@ +Upstream-Status: Backport +CVE: CVE-2022-22707 +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From 27103f3f8b1a2857aa45b889e775435f7daf141f Mon Sep 17 00:00:00 2001 +From: povcfe <povcfe@qq.com> +Date: Wed, 5 Jan 2022 11:11:09 +0000 +Subject: [PATCH] [mod_extforward] fix out-of-bounds (OOB) write (fixes #3134) + +(thx povcfe) + +(edited: gstrauss) + +There is a potential remote denial of service in lighttpd mod_extforward +under specific, non-default and uncommon 32-bit lighttpd mod_extforward +configurations. + +Under specific, non-default and uncommon lighttpd mod_extforward +configurations, a remote attacker can trigger a 4-byte out-of-bounds +write of value '-1' to the stack. This is not believed to be exploitable +in any way beyond triggering a crash of the lighttpd server on systems +where the lighttpd server has been built 32-bit and with compiler flags +which enable a stack canary -- gcc/clang -fstack-protector-strong or +-fstack-protector-all, but bug not visible with only -fstack-protector. + +With standard lighttpd builds using -O2 optimization on 64-bit x86_64, +this bug has not been observed to cause adverse behavior, even with +gcc/clang -fstack-protector-strong. + +For the bug to be reachable, the user must be using a non-default +lighttpd configuration which enables mod_extforward and configures +mod_extforward to accept and parse the "Forwarded" header from a trusted +proxy. At this time, support for RFC7239 Forwarded is not common in CDN +providers or popular web server reverse proxies. It bears repeating that +for the user to desire to configure lighttpd mod_extforward to accept +"Forwarded", the user must also be using a trusted proxy (in front of +lighttpd) which understands and actively modifies the "Forwarded" header +sent to lighttpd. + +lighttpd natively supports RFC7239 "Forwarded" +hiawatha natively supports RFC7239 "Forwarded" + +nginx can be manually configured to add a "Forwarded" header +https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/ + +A 64-bit build of lighttpd on x86_64 (not known to be affected by bug) +in front of another 32-bit lighttpd will detect and reject a malicious +"Forwarded" request header, thereby thwarting an attempt to trigger +this bug in an upstream 32-bit lighttpd. + +The following servers currently do not natively support RFC7239 Forwarded: +nginx +apache2 +caddy +node.js +haproxy +squid +varnish-cache +litespeed + +Given the general dearth of support for RFC7239 Forwarded in popular +CDNs and web server reverse proxies, and given the prerequisites in +lighttpd mod_extforward needed to reach this bug, the number of lighttpd +servers vulnerable to this bug is estimated to be vanishingly small. +Large systems using reverse proxies are likely running 64-bit lighttpd, +which is not known to be adversely affected by this bug. + +In the future, it is desirable for more servers to implement RFC7239 +Forwarded. lighttpd developers would like to thank povcfe for reporting +this bug so that it can be fixed before more CDNs and web servers +implement RFC7239 Forwarded. + +x-ref: + "mod_extforward plugin has out-of-bounds (OOB) write of 4-byte -1" + https://redmine.lighttpd.net/issues/3134 + (not yet written or published) + CVE-2022-22707 +--- + src/mod_extforward.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/mod_extforward.c b/src/mod_extforward.c +index ba957e04..fdaef7f6 100644 +--- a/src/mod_extforward.c ++++ b/src/mod_extforward.c +@@ -715,7 +715,7 @@ static handler_t mod_extforward_Forwarded (request_st * const r, plugin_data * c + while (s[i] == ' ' || s[i] == '\t') ++i; + if (s[i] == ';') { ++i; continue; } + if (s[i] == ',') { +- if (j >= (int)(sizeof(offsets)/sizeof(int))) break; ++ if (j >= (int)(sizeof(offsets)/sizeof(int))-1) break; + offsets[++j] = -1; /*("offset" separating params from next proxy)*/ + ++i; + continue; +-- +2.25.1 + diff --git a/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb b/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb index cf7f478915..73443f77b4 100644 --- a/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb +++ b/meta/recipes-extended/lighttpd/lighttpd_1.4.59.bb @@ -14,6 +14,7 @@ RRECOMMENDS_${PN} = "lighttpd-module-access \ lighttpd-module-accesslog" SRC_URI = "http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-${PV}.tar.xz \ + file://0001-mod_extforward-fix-out-of-bounds-OOB-write-fixes-313.patch \ file://index.html.lighttpd \ file://lighttpd.conf \ file://lighttpd \ diff --git a/meta/recipes-extended/ltp/ltp_20210121.bb b/meta/recipes-extended/ltp/ltp_20210121.bb index 17adbf43f0..e816244f8c 100644 --- a/meta/recipes-extended/ltp/ltp_20210121.bb +++ b/meta/recipes-extended/ltp/ltp_20210121.bb @@ -33,7 +33,7 @@ SRCREV = "4d005621edd109d119627eb9210b224a63bf22cb" PR = "r4" HASHEQUIV_HASH_VERSION .= ".4" -SRC_URI = "git://github.com/linux-test-project/ltp.git \ +SRC_URI = "git://github.com/linux-test-project/ltp.git;branch=master;protocol=https \ file://0001-build-Add-option-to-select-libc-implementation.patch \ file://0007-Fix-test_proc_kill-hanging.patch \ file://0001-Add-more-musl-exclusions.patch \ diff --git a/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch b/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch new file mode 100644 index 0000000000..408473664f --- /dev/null +++ b/meta/recipes-extended/mc/files/0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch @@ -0,0 +1,87 @@ +From e7bbf72544ab62db9c92bfe7bd1155227e78c621 Mon Sep 17 00:00:00 2001 +From: Andrew Borodin <aborodin@vmail.ru> +Date: Sat, 28 Aug 2021 11:46:53 +0300 +Subject: [PATCH] Ticket #4200: fix FTBFS with ncurses build with + --disable-widec. + +Upstream-Status: Accepted [https://github.com/MidnightCommander/mc/commit/e7bbf72544] +Signed-off-by: Andrew Borodin <aborodin@vmail.ru> +--- + lib/tty/tty-ncurses.c | 8 ++++++++ + lib/tty/tty-ncurses.h | 5 +++++ + lib/tty/tty-slang.h | 2 ++ + src/filemanager/boxes.c | 2 ++ + 4 files changed, 17 insertions(+) + +diff --git a/lib/tty/tty-ncurses.c b/lib/tty/tty-ncurses.c +index f619c0a7bf31..13058a624208 100644 +--- a/lib/tty/tty-ncurses.c ++++ b/lib/tty/tty-ncurses.c +@@ -560,6 +560,7 @@ tty_fill_region (int y, int x, int rows, int cols, unsigned char ch) + void + tty_colorize_area (int y, int x, int rows, int cols, int color) + { ++#ifdef ENABLE_SHADOWS + cchar_t *ctext; + wchar_t wch[10]; /* TODO not sure if the length is correct */ + attr_t attrs; +@@ -585,6 +586,13 @@ tty_colorize_area (int y, int x, int rows, int cols, int color) + } + + g_free (ctext); ++#else ++ (void) y; ++ (void) x; ++ (void) rows; ++ (void) cols; ++ (void) color; ++#endif /* ENABLE_SHADOWS */ + } + + /* --------------------------------------------------------------------------------------------- */ +diff --git a/lib/tty/tty-ncurses.h b/lib/tty/tty-ncurses.h +index d75df9533ab9..8feb17ccd045 100644 +--- a/lib/tty/tty-ncurses.h ++++ b/lib/tty/tty-ncurses.h +@@ -30,6 +30,11 @@ + #define NCURSES_CONST const + #endif + ++/* do not draw shadows if NCurses is built with --disable-widec */ ++#if defined(NCURSES_WIDECHAR) && NCURSES_WIDECHAR ++#define ENABLE_SHADOWS 1 ++#endif ++ + /*** typedefs(not structures) and defined constants **********************************************/ + + /*** enums ***************************************************************************************/ +diff --git a/lib/tty/tty-slang.h b/lib/tty/tty-slang.h +index 5b12c6512853..eeaade388af4 100644 +--- a/lib/tty/tty-slang.h ++++ b/lib/tty/tty-slang.h +@@ -23,6 +23,8 @@ + #define COLS SLtt_Screen_Cols + #define LINES SLtt_Screen_Rows + ++#define ENABLE_SHADOWS 1 ++ + /*** enums ***************************************************************************************/ + + enum +diff --git a/src/filemanager/boxes.c b/src/filemanager/boxes.c +index 3eb525be4a9b..98df5ff2ed9a 100644 +--- a/src/filemanager/boxes.c ++++ b/src/filemanager/boxes.c +@@ -280,7 +280,9 @@ appearance_box_callback (Widget * w, Widget * sender, widget_msg_t msg, int parm + switch (msg) + { + case MSG_INIT: ++#ifdef ENABLE_SHADOWS + if (!tty_use_colors ()) ++#endif + { + Widget *shadow; + +-- +2.34.1 + diff --git a/meta/recipes-extended/mc/mc_4.8.26.bb b/meta/recipes-extended/mc/mc_4.8.26.bb index 6bc7e6e8e1..906778400e 100644 --- a/meta/recipes-extended/mc/mc_4.8.26.bb +++ b/meta/recipes-extended/mc/mc_4.8.26.bb @@ -12,6 +12,7 @@ SRC_URI = "http://www.midnight-commander.org/downloads/${BPN}-${PV}.tar.bz2 \ file://0001-mc-replace-perl-w-with-use-warnings.patch \ file://nomandate.patch \ file://CVE-2021-36370.patch \ + file://0001-Ticket-4200-fix-FTBFS-with-ncurses-build-with-disabl.patch \ " SRC_URI[sha256sum] = "9d6358d0a351a455a1410aab57f33b6b48b0fcf31344b9a10b0ff497595979d1" @@ -24,7 +25,9 @@ PACKAGECONFIG ??= "" PACKAGECONFIG[smb] = "--enable-vfs-smb,--disable-vfs-smb,samba," PACKAGECONFIG[sftp] = "--enable-vfs-sftp,--disable-vfs-sftp,libssh2," -CFLAGS_append_libc-musl = ' -DNCURSES_WIDECHAR=1 ' +# enable NCURSES_WIDECHAR=1 only if ENABLE_WIDEC has not been explicitly disabled (e.g. by the distro config). +# When compiling against the ncurses library, NCURSES_WIDECHAR needs to explicitly set to 0 in this case. +CFLAGS_append_libc-musl = "${@' -DNCURSES_WIDECHAR=1' if bb.utils.to_boolean((d.getVar('ENABLE_WIDEC') or 'True')) else ' -DNCURSES_WIDECHAR=0'}" EXTRA_OECONF = "--with-screen=ncurses --without-gpm-mouse --without-x --disable-configure-args" CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'" diff --git a/meta/recipes-extended/net-tools/net-tools_2.10.bb b/meta/recipes-extended/net-tools/net-tools_2.10.bb index de4a715971..2dafe96356 100644 --- a/meta/recipes-extended/net-tools/net-tools_2.10.bb +++ b/meta/recipes-extended/net-tools/net-tools_2.10.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://ifconfig.c;beginline=11;endline=15;md5=d1ca372080ad5401e23ca0afc35cf9ba" SRCREV = "80d7b95067f1f22fece9537dea6dff53081f4886" -SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https \ +SRC_URI = "git://git.code.sf.net/p/net-tools/code;protocol=https;branch=master \ file://net-tools-config.h \ file://net-tools-config.make \ file://Add_missing_headers.patch \ diff --git a/meta/recipes-extended/newt/libnewt_0.52.21.bb b/meta/recipes-extended/newt/libnewt_0.52.21.bb index 88b4cf4a03..3d35a17c92 100644 --- a/meta/recipes-extended/newt/libnewt_0.52.21.bb +++ b/meta/recipes-extended/newt/libnewt_0.52.21.bb @@ -29,7 +29,7 @@ SRC_URI[sha256sum] = "265eb46b55d7eaeb887fca7a1d51fe115658882dfe148164b6c49fccac S = "${WORKDIR}/newt-${PV}" -inherit autotools-brokensep python3native python3-dir +inherit autotools-brokensep python3native python3-dir python3targetconfig EXTRA_OECONF = "--without-tcl --with-python" diff --git a/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch b/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch new file mode 100644 index 0000000000..9c301f2054 --- /dev/null +++ b/meta/recipes-extended/pigz/files/0001-Fix-bug-when-combining-l-with-d.patch @@ -0,0 +1,50 @@ +From 65986f3d12d434b9bc428ceb6fcb1f6eeeb2c47d Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Mon, 17 Jan 2022 15:36:56 +0800 +Subject: [PATCH] Fix bug when combining -l with -d. + +Though it makes no sense to do pigz -ld, that is implicit when +doing unpigz -l. This commit fixes a bug for that combination. + +Upstream-Status: Backport [https://github.com/madler/pigz/commit/326bba44aa102c707dd6ebcd2fc3f413b3119db0] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + pigz.c | 14 +++++++------- + 1 file changed, 7 insertions(+), 7 deletions(-) + +diff --git a/pigz.c b/pigz.c +index f90157f..d648216 100644 +--- a/pigz.c ++++ b/pigz.c +@@ -4007,6 +4007,13 @@ local void process(char *path) { + } + SET_BINARY_MODE(g.ind); + ++ // if requested, just list information about the input file ++ if (g.list && g.decode != 2) { ++ list_info(); ++ load_end(); ++ return; ++ } ++ + // if decoding or testing, try to read gzip header + if (g.decode) { + in_init(); +@@ -4048,13 +4055,6 @@ local void process(char *path) { + } + } + +- // if requested, just list information about input file +- if (g.list) { +- list_info(); +- load_end(); +- return; +- } +- + // create output file out, descriptor outd + if (path == NULL || g.pipeout) { + // write to stdout +-- +2.17.1 + diff --git a/meta/recipes-extended/pigz/pigz_2.6.bb b/meta/recipes-extended/pigz/pigz_2.6.bb index 05be9b733f..5c0aab55a7 100644 --- a/meta/recipes-extended/pigz/pigz_2.6.bb +++ b/meta/recipes-extended/pigz/pigz_2.6.bb @@ -8,7 +8,8 @@ SECTION = "console/utils" LICENSE = "Zlib & Apache-2.0" LIC_FILES_CHKSUM = "file://pigz.c;md5=9ae6dee8ceba9610596ed0ada493d142;beginline=7;endline=21" -SRC_URI = "http://zlib.net/${BPN}/fossils/${BP}.tar.gz" +SRC_URI = "http://zlib.net/${BPN}/fossils/${BP}.tar.gz \ + file://0001-Fix-bug-when-combining-l-with-d.patch" SRC_URI[sha256sum] = "2eed7b0d7449d1d70903f2a62cd6005d262eb3a8c9e98687bc8cbb5809db2a7d" PROVIDES_class-native += "gzip-native" diff --git a/meta/recipes-extended/procps/procps_3.3.17.bb b/meta/recipes-extended/procps/procps_3.3.17.bb index c74a901d9a..9fd3db196d 100644 --- a/meta/recipes-extended/procps/procps_3.3.17.bb +++ b/meta/recipes-extended/procps/procps_3.3.17.bb @@ -12,7 +12,7 @@ DEPENDS = "ncurses" inherit autotools gettext pkgconfig update-alternatives -SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https \ +SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ file://sysctl.conf \ file://0001-w.c-correct-musl-builds.patch \ file://0002-proc-escape.c-add-missing-include.patch \ diff --git a/meta/recipes-extended/psmisc/psmisc_23.4.bb b/meta/recipes-extended/psmisc/psmisc_23.4.bb index 894443f4ef..89fe8a709c 100644 --- a/meta/recipes-extended/psmisc/psmisc_23.4.bb +++ b/meta/recipes-extended/psmisc/psmisc_23.4.bb @@ -2,7 +2,7 @@ require psmisc.inc LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" -SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https \ +SRC_URI = "git://gitlab.com/psmisc/psmisc.git;protocol=https;branch=master \ file://0001-Use-UINTPTR_MAX-instead-of-__WORDSIZE.patch \ " SRCREV = "5fab6b7ab385080f1db725d6803136ec1841a15f" diff --git a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb index 5aff2b56a6..ad392138b5 100644 --- a/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb +++ b/meta/recipes-extended/rpcsvc-proto/rpcsvc-proto.bb @@ -19,7 +19,7 @@ PV = "1.4.2" SRCREV = "6f54e54455c073d08a56ea627c6cd2355a40eb53" -SRC_URI = "git://github.com/thkukuk/${BPN} \ +SRC_URI = "git://github.com/thkukuk/${BPN};branch=master;protocol=https \ file://0001-Use-cross-compiled-rpcgen.patch \ " diff --git a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb index 5dfeca5326..01a079f041 100644 --- a/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb +++ b/meta/recipes-extended/sysklogd/sysklogd_2.2.2.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=5b4be4b2549338526758ef479c040943 \ inherit update-rc.d update-alternatives systemd autotools -SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1 \ +SRC_URI = "git://github.com/troglobit/sysklogd.git;nobranch=1;protocol=https \ file://sysklogd \ " diff --git a/meta/recipes-extended/timezone/timezone.inc b/meta/recipes-extended/timezone/timezone.inc index a89560b424..5c19e9a7f4 100644 --- a/meta/recipes-extended/timezone/timezone.inc +++ b/meta/recipes-extended/timezone/timezone.inc @@ -6,7 +6,7 @@ SECTION = "base" LICENSE = "PD & BSD & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=c679c9d6b02bc2757b3eaf8f53c43fba" -PV = "2021a" +PV = "2021d" SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz;name=tzcode \ http://www.iana.org/time-zones/repository/releases/tzdata${PV}.tar.gz;name=tzdata \ @@ -14,5 +14,6 @@ SRC_URI =" http://www.iana.org/time-zones/repository/releases/tzcode${PV}.tar.gz UPSTREAM_CHECK_URI = "http://www.iana.org/time-zones" -SRC_URI[tzcode.sha256sum] = "eb46bfa124b5b6bd13d61a609bfde8351bd192894708d33aa06e5c1e255802d0" -SRC_URI[tzdata.sha256sum] = "39e7d2ba08c68cbaefc8de3227aab0dec2521be8042cf56855f7dc3a9fb14e08" +SRC_URI[tzcode.sha256sum] = "ed0d02be79b54f4449ba1f239aeaf9315da490bf32f401d302dcbba4921f591d" +SRC_URI[tzdata.sha256sum] = "d7c188a2b33d4a3c25ee4a9fdc68c1ff462bfdb302cf41343d84ca5942dbddf6" + diff --git a/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch new file mode 100644 index 0000000000..6ba2b879a3 --- /dev/null +++ b/meta/recipes-extended/unzip/unzip/CVE-2021-4217.patch @@ -0,0 +1,67 @@ +From 731d698377dbd1f5b1b90efeb8094602ed59fc40 Mon Sep 17 00:00:00 2001 +From: Nils Bars <nils.bars@t-online.de> +Date: Mon, 17 Jan 2022 16:53:16 +0000 +Subject: [PATCH] Fix null pointer dereference and use of uninitialized data + +This fixes a bug that causes use of uninitialized heap data if `readbuf` fails +to read as many bytes as indicated by the extra field length attribute. +Furthermore, this fixes a null pointer dereference if an archive contains an +`EF_UNIPATH` extra field but does not have a filename set. +--- + fileio.c | 5 ++++- + process.c | 6 +++++- + 2 files changed, 9 insertions(+), 2 deletions(-) +--- + +Patch from: +https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/1957077 +https://launchpadlibrarian.net/580782282/0001-Fix-null-pointer-dereference-and-use-of-uninitialized-data.patch +Regenerated to apply without offsets. + +CVE: CVE-2021-4217 + +Upstream-Status: Pending [infozip upstream inactive] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + + +diff --git a/fileio.c b/fileio.c +index 14460f3..1dc319e 100644 +--- a/fileio.c ++++ b/fileio.c +@@ -2301,8 +2301,11 @@ int do_string(__G__ length, option) /* return PK-type error code */ + seek_zipf(__G__ G.cur_zipfile_bufstart - G.extra_bytes + + (G.inptr-G.inbuf) + length); + } else { +- if (readbuf(__G__ (char *)G.extra_field, length) == 0) ++ unsigned bytes_read = readbuf(__G__ (char *)G.extra_field, length); ++ if (bytes_read == 0) + return PK_EOF; ++ if (bytes_read != length) ++ return PK_ERR; + /* Looks like here is where extra fields are read */ + if (getZip64Data(__G__ G.extra_field, length) != PK_COOL) + { +diff --git a/process.c b/process.c +index 5f8f6c6..de843a5 100644 +--- a/process.c ++++ b/process.c +@@ -2058,10 +2058,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) + G.unipath_checksum = makelong(offset + ef_buf); + offset += 4; + ++ if (!G.filename_full) { ++ /* Check if we have a unicode extra section but no filename set */ ++ return PK_ERR; ++ } ++ + /* + * Compute 32-bit crc + */ +- + chksum = crc32(chksum, (uch *)(G.filename_full), + strlen(G.filename_full)); + +-- +2.32.0 + diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb index af5530ab38..f0ee38c178 100644 --- a/meta/recipes-extended/unzip/unzip_6.0.bb +++ b/meta/recipes-extended/unzip/unzip_6.0.bb @@ -26,6 +26,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/ file://CVE-2019-13232_p1.patch \ file://CVE-2019-13232_p2.patch \ file://CVE-2019-13232_p3.patch \ + file://CVE-2021-4217.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" diff --git a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb index 69d5b2f83b..c6d356d227 100644 --- a/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb +++ b/meta/recipes-extended/xinetd/xinetd_2.3.15.4.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=55c5fdf02cfcca3fc9621b6f2ceae10f" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+(\.\d+)+)" -SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https \ +SRC_URI = "git://github.com/openSUSE/xinetd.git;protocol=https;branch=master \ file://xinetd.init \ file://xinetd.default \ file://xinetd.service \ diff --git a/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch b/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch new file mode 100644 index 0000000000..02253f968c --- /dev/null +++ b/meta/recipes-extended/zip/zip-3.0/0001-configure-use-correct-CPP.patch @@ -0,0 +1,47 @@ +From 7a2729ee7f5d9b9d4a0d9b83fe641a2ab03c4ee0 Mon Sep 17 00:00:00 2001 +From: Joe Slater <joe.slater@windriver.com> +Date: Thu, 24 Feb 2022 17:36:59 -0800 +Subject: [PATCH 1/2] configure: use correct CPP + +configure uses CPP to test that two assembler routines +can be built. Unfortunately, it will use /usr/bin/cpp +if it exists, invalidating the tests. We use the $CC +passed to configure. + +Upstream-Status: Inappropriate [openembedded specific] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + unix/configure | 15 +++++++++------ + 1 file changed, 9 insertions(+), 6 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 73ba803..7e21070 100644 +--- a/unix/configure ++++ b/unix/configure +@@ -220,13 +220,16 @@ fi + echo Check for the C preprocessor + # on SVR4, cc -E does not produce correct assembler files. Need /lib/cpp. + CPP="${CC} -E" ++ ++# We should not change CPP for yocto builds. ++# + # solaris as(1) needs -P, maybe others as well ? +-[ -f /usr/ccs/lib/cpp ] && CPP="/usr/ccs/lib/cpp -P" +-[ -f /usr/lib/cpp ] && CPP=/usr/lib/cpp +-[ -f /lib/cpp ] && CPP=/lib/cpp +-[ -f /usr/bin/cpp ] && CPP=/usr/bin/cpp +-[ -f /xenix ] && CPP="${CC} -E" +-[ -f /lynx.os ] && CPP="${CC} -E" ++# [ -f /usr/ccs/lib/cpp ] && CPP="/usr/ccs/lib/cpp -P" ++# [ -f /usr/lib/cpp ] && CPP=/usr/lib/cpp ++# [ -f /lib/cpp ] && CPP=/lib/cpp ++# [ -f /usr/bin/cpp ] && CPP=/usr/bin/cpp ++# [ -f /xenix ] && CPP="${CC} -E" ++# [ -f /lynx.os ] && CPP="${CC} -E" + + echo "#include <stdio.h>" > conftest.c + $CPP conftest.c >/dev/null 2>/dev/null || CPP="${CC} -E" +-- +2.24.1 + diff --git a/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch b/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch new file mode 100644 index 0000000000..6e0879616a --- /dev/null +++ b/meta/recipes-extended/zip/zip-3.0/0002-configure-support-PIC-code-build.patch @@ -0,0 +1,34 @@ +From b0492506d2c28581193906e9d260d4f0451e2c39 Mon Sep 17 00:00:00 2001 +From: Joe Slater <joe.slater@windriver.com> +Date: Thu, 24 Feb 2022 17:46:03 -0800 +Subject: [PATCH 2/2] configure: support PIC code build + +Disable building match.S. The code requires +relocation in .text. + +Upstream-Status: Inappropriate [openembedded specific] + +Signed-off-by: Joe Slater <joe.slater@windriver.com> +--- + unix/configure | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/unix/configure b/unix/configure +index 7e21070..1bc698b 100644 +--- a/unix/configure ++++ b/unix/configure +@@ -242,8 +242,9 @@ if eval "$CPP match.S > _match.s 2>/dev/null"; then + if test ! -s _match.s || grep error < _match.s > /dev/null; then + : + elif eval "$CC -c _match.s >/dev/null 2>/dev/null" && [ -f _match.o ]; then +- CFLAGS="${CFLAGS} -DASMV" +- OBJA="match.o" ++ # disable match.S for PIC code ++ # CFLAGS="${CFLAGS} -DASMV" ++ # OBJA="match.o" + echo "int foo() { return 0;}" > conftest.c + $CC -c conftest.c >/dev/null 2>/dev/null + echo Check if compiler generates underlines +-- +2.24.1 + diff --git a/meta/recipes-extended/zip/zip_3.0.bb b/meta/recipes-extended/zip/zip_3.0.bb index 18b5d8648e..f8e0b6e259 100644 --- a/meta/recipes-extended/zip/zip_3.0.bb +++ b/meta/recipes-extended/zip/zip_3.0.bb @@ -14,6 +14,8 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar. file://fix-security-format.patch \ file://10-remove-build-date.patch \ file://zipnote-crashes-with-segfault.patch \ + file://0001-configure-use-correct-CPP.patch \ + file://0002-configure-support-PIC-code-build.patch \ " UPSTREAM_VERSION_UNKNOWN = "1" diff --git a/meta/recipes-extended/zstd/zstd_1.4.9.bb b/meta/recipes-extended/zstd/zstd_1.4.9.bb index 44224ec627..b648c84093 100644 --- a/meta/recipes-extended/zstd/zstd_1.4.9.bb +++ b/meta/recipes-extended/zstd/zstd_1.4.9.bb @@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & GPLv2" LIC_FILES_CHKSUM = "file://LICENSE;md5=c7f0b161edbe52f5f345a3d1311d0b32 \ file://COPYING;md5=39bba7d2cf0ba1036f2a6e2be52fe3f0" -SRC_URI = "git://github.com/facebook/zstd.git;branch=release \ +SRC_URI = "git://github.com/facebook/zstd.git;branch=release;protocol=https \ file://0001-Makefile-sort-all-wildcard-file-list-expansions.patch \ " diff --git a/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb b/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb index 04f340f133..72d116da69 100644 --- a/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb +++ b/meta/recipes-gnome/epiphany/epiphany_3.38.2.bb @@ -18,6 +18,7 @@ SRC_URI = "${GNOME_MIRROR}/${GNOMEBN}/${@gnome_verdir("${PV}")}/${GNOMEBN}-${PV} file://0002-help-meson.build-disable-the-use-of-yelp.patch \ file://migrator.patch \ file://distributor.patch \ + file://encode-untrusted-data.patch \ " SRC_URI[archive.sha256sum] = "8b05f2bcc1e80ecf4a10f6f01b3285087eb4cbdf5741dffb8c0355715ef5116d" diff --git a/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch b/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch new file mode 100644 index 0000000000..4805ee4e6b --- /dev/null +++ b/meta/recipes-gnome/epiphany/files/encode-untrusted-data.patch @@ -0,0 +1,707 @@ +From: Michael Catanzaro <mcatanzaro@redhat.com> +Subject: Properly encode untrusted data when injecting into trusted pages + +CVE: CVE-2021-45085 CVE-2021-45086 CVE-2021-45087 CVE-2021-45088 + +Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/epiphany/-/compare/c27a8180e12e6ec92292dcf53b9243815ad9aa2e...abac58c5191b7d653fbefa8d44e5c2bd4d002825?from_project_id=1906] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +Index: epiphany-browser/embed/ephy-about-handler.c +=================================================================== +--- epiphany-browser.orig/embed/ephy-about-handler.c ++++ epiphany-browser/embed/ephy-about-handler.c +@@ -27,6 +27,7 @@ + #include "ephy-file-helpers.h" + #include "ephy-flatpak-utils.h" + #include "ephy-history-service.h" ++#include "ephy-output-encoding.h" + #include "ephy-prefs.h" + #include "ephy-settings.h" + #include "ephy-smaps.h" +@@ -263,16 +264,34 @@ handle_applications_finished_cb (EphyAbo + + for (p = applications; p; p = p->next) { + EphyWebApplication *app = (EphyWebApplication *)p->data; +- ++ g_autofree char *html_encoded_id = NULL; ++ g_autofree char *encoded_icon_url = NULL; ++ g_autofree char *encoded_name = NULL; ++ g_autofree char *encoded_url = NULL; ++ g_autofree char *js_encoded_id = NULL; ++ g_autofree char *encoded_install_date = NULL; ++ ++ /* Most of these fields are untrusted. The web app suggests its own title, ++ * which gets used in the app ID and icon URL. The main URL could contain ++ * anything. Install date is the only trusted field here in that it's ++ * constructed by Epiphany, but it's a freeform string and we're encoding ++ * everything else here anyway, so might as well encode this too. ++ */ ++ html_encoded_id = ephy_encode_for_html_attribute (app->id); ++ encoded_icon_url = ephy_encode_for_html_attribute (app->icon_url); ++ encoded_name = ephy_encode_for_html_entity (app->name); ++ encoded_url = ephy_encode_for_html_entity (app->url); ++ js_encoded_id = ephy_encode_for_javascript (app->id); ++ encoded_install_date = ephy_encode_for_html_entity (app->install_date); + g_string_append_printf (data_str, + "<tbody><tr id =\"%s\">" + "<td class=\"icon\"><img width=64 height=64 src=\"file://%s\"></img></td>" + "<td class=\"data\"><div class=\"appname\">%s</div><div class=\"appurl\">%s</div></td>" + "<td class=\"input\"><input type=\"button\" value=\"%s\" onclick=\"deleteWebApp('%s');\"></td>" + "<td class=\"date\">%s <br /> %s</td></tr></tbody>", +- app->id, app->icon_url, app->name, app->url, _("Delete"), app->id, ++ html_encoded_id, encoded_icon_url, encoded_name, encoded_url, _("Delete"), js_encoded_id, + /* Note for translators: this refers to the installation date. */ +- _("Installed on:"), app->install_date); ++ _("Installed on:"), encoded_install_date); + } + + g_string_append (data_str, "</table></div></body></html>"); +@@ -407,7 +426,9 @@ history_service_query_urls_cb (EphyHisto + EphyHistoryURL *url = (EphyHistoryURL *)l->data; + const char *snapshot; + g_autofree char *thumbnail_style = NULL; +- g_autofree char *markup = NULL; ++ g_autofree char *entity_encoded_title = NULL; ++ g_autofree char *attribute_encoded_title = NULL; ++ g_autofree char *encoded_url = NULL; + + snapshot = ephy_snapshot_service_lookup_cached_snapshot_path (snapshot_service, url->url); + if (snapshot) +@@ -415,15 +436,19 @@ history_service_query_urls_cb (EphyHisto + else + ephy_embed_shell_schedule_thumbnail_update (shell, url); + +- markup = g_markup_escape_text (url->title, -1); ++ /* Title and URL are controlled by web content and could be malicious. */ ++ entity_encoded_title = ephy_encode_for_html_entity (url->title); ++ attribute_encoded_title = ephy_encode_for_html_attribute (url->title); ++ encoded_url = ephy_encode_for_html_attribute (url->url); + g_string_append_printf (data_str, + "<a class=\"overview-item\" title=\"%s\" href=\"%s\">" + " <div class=\"overview-close-button\" title=\"%s\"></div>" + " <span class=\"overview-thumbnail\"%s></span>" + " <span class=\"overview-title\">%s</span>" + "</a>", +- markup, url->url, _("Remove from overview"), +- thumbnail_style ? thumbnail_style : "", url->title); ++ attribute_encoded_title, encoded_url, _("Remove from overview"), ++ thumbnail_style ? thumbnail_style : "", ++ entity_encoded_title); + } + + data_str = g_string_append (data_str, +Index: epiphany-browser/embed/ephy-pdf-handler.c +=================================================================== +--- epiphany-browser.orig/embed/ephy-pdf-handler.c ++++ epiphany-browser/embed/ephy-pdf-handler.c +@@ -23,6 +23,7 @@ + + #include "ephy-embed-container.h" + #include "ephy-embed-shell.h" ++#include "ephy-output-encoding.h" + #include "ephy-web-view.h" + + #include <gio/gio.h> +@@ -124,8 +125,9 @@ pdf_file_loaded (GObject *source, + GBytes *html_file; + g_autoptr (GError) error = NULL; + g_autoptr (GString) html = NULL; +- g_autofree gchar *b64 = NULL; + g_autofree char *file_data = NULL; ++ g_autofree char *encoded_file_data = NULL; ++ g_autofree char *encoded_filename = NULL; + gsize len = 0; + + if (!g_file_load_contents_finish (G_FILE (source), res, &file_data, &len, NULL, &error)) { +@@ -134,13 +136,13 @@ pdf_file_loaded (GObject *source, + return; + } + +- html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL); +- +- b64 = g_base64_encode ((const guchar *)file_data, len); + g_file_delete_async (G_FILE (source), G_PRIORITY_DEFAULT, NULL, pdf_file_deleted, NULL); + +- html = g_string_new (""); +- g_string_printf (html, g_bytes_get_data (html_file, NULL), b64, self->file_name ? self->file_name : ""); ++ html = g_string_new (NULL); ++ html_file = g_resources_lookup_data ("/org/gnome/epiphany/pdfjs/web/viewer.html", 0, NULL); ++ encoded_file_data = g_base64_encode ((const guchar *)file_data, len); ++ encoded_filename = self->file_name ? ephy_encode_for_html_attribute (self->file_name) : g_strdup (""); ++ g_string_printf (html, g_bytes_get_data (html_file, NULL), encoded_file_data, encoded_filename); + + finish_uri_scheme_request (self, g_strdup (html->str), NULL); + } +Index: epiphany-browser/embed/ephy-reader-handler.c +=================================================================== +--- epiphany-browser.orig/embed/ephy-reader-handler.c ++++ epiphany-browser/embed/ephy-reader-handler.c +@@ -24,6 +24,7 @@ + #include "ephy-embed-container.h" + #include "ephy-embed-shell.h" + #include "ephy-lib-type-builtins.h" ++#include "ephy-output-encoding.h" + #include "ephy-settings.h" + #include "ephy-web-view.h" + +@@ -156,7 +157,9 @@ readability_js_finish_cb (GObject * + g_autoptr (WebKitJavascriptResult) js_result = NULL; + g_autoptr (GError) error = NULL; + g_autofree gchar *byline = NULL; ++ g_autofree gchar *encoded_byline = NULL; + g_autofree gchar *content = NULL; ++ g_autofree gchar *encoded_title = NULL; + g_autoptr (GString) html = NULL; + g_autoptr (GBytes) style_css = NULL; + const gchar *title; +@@ -173,10 +176,14 @@ readability_js_finish_cb (GObject * + + byline = readability_get_property_string (js_result, "byline"); + content = readability_get_property_string (js_result, "content"); ++ title = webkit_web_view_get_title (web_view); ++ ++ encoded_byline = byline ? ephy_encode_for_html_entity (byline) : g_strdup (""); ++ encoded_title = ephy_encode_for_html_entity (title); + +- html = g_string_new (""); ++ html = g_string_new (NULL); + style_css = g_resources_lookup_data ("/org/gnome/epiphany/readability/reader.css", G_RESOURCE_LOOKUP_FLAGS_NONE, NULL); +- title = webkit_web_view_get_title (web_view); ++ + font_style = enum_nick (EPHY_TYPE_PREFS_READER_FONT_STYLE, + g_settings_get_enum (EPHY_SETTINGS_READER, + EPHY_PREFS_READER_FONT_STYLE)); +@@ -186,7 +193,8 @@ readability_js_finish_cb (GObject * + + g_string_append_printf (html, "<style>%s</style>" + "<title>%s</title>" +- "<meta http-equiv=\"Content-Type\" content=\"text/html;\" charset=\"UTF-8\">" \ ++ "<meta http-equiv='Content-Type' content='text/html;' charset='UTF-8'>" \ ++ "<meta http-equiv='Content-Security-Policy' content=\"script-src 'none'\">" \ + "<body class='%s %s'>" + "<article>" + "<h2>" +@@ -197,13 +205,27 @@ readability_js_finish_cb (GObject * + "</i>" + "<hr>", + (gchar *)g_bytes_get_data (style_css, NULL), +- title, ++ encoded_title, + font_style, + color_scheme, +- title, +- byline != NULL ? byline : ""); ++ encoded_title, ++ encoded_byline); ++ ++ /* We cannot encode the page content because it contains HTML tags inserted by ++ * Readability.js. Upstream recommends that we use an XSS sanitizer like ++ * DOMPurify plus Content-Security-Policy, but I'm not keen on adding more ++ * bundled JS dependencies, and we have an advantage over Firefox in that we ++ * don't need scripts to work at this point. So instead the above CSP ++ * completely blocks all scripts, which should hopefully obviate the need for ++ * a DOM purifier. ++ * ++ * Note the encoding for page title and byline is still required, as they're ++ * not supposed to contain markup, and Readability.js unescapes them before ++ * returning them to us. ++ */ + g_string_append (html, content); + g_string_append (html, "</article>"); ++ g_string_append (html, "</body>"); + + finish_uri_scheme_request (request, g_strdup (html->str), NULL); + } +Index: epiphany-browser/embed/ephy-view-source-handler.c +=================================================================== +--- epiphany-browser.orig/embed/ephy-view-source-handler.c ++++ epiphany-browser/embed/ephy-view-source-handler.c +@@ -23,6 +23,7 @@ + + #include "ephy-embed-container.h" + #include "ephy-embed-shell.h" ++#include "ephy-output-encoding.h" + #include "ephy-web-view.h" + + #include <gio/gio.h> +@@ -109,7 +110,9 @@ web_resource_data_cb (WebKitWebResource + EphyViewSourceRequest *request) + { + g_autofree guchar *data = NULL; +- g_autofree char *escaped_str = NULL; ++ g_autofree char *data_str = NULL; ++ g_autofree char *encoded_str = NULL; ++ g_autofree char *encoded_uri = NULL; + g_autoptr (GError) error = NULL; + g_autofree char *html = NULL; + gsize length; +@@ -120,8 +123,13 @@ web_resource_data_cb (WebKitWebResource + return; + } + +- /* Warning: data is not a string, so we pass length here because it's not NUL-terminated. */ +- escaped_str = g_markup_escape_text ((const char *)data, length); ++ /* Convert data to a string */ ++ data_str = g_malloc (length + 1); ++ memcpy (data_str, data, length); ++ data_str[length] = '\0'; ++ ++ encoded_str = ephy_encode_for_html_entity (data_str); ++ encoded_uri = ephy_encode_for_html_entity (webkit_web_resource_get_uri (resource)); + + html = g_strdup_printf ("<head>" + " <link rel='stylesheet' href='ephy-resource:///org/gnome/epiphany/highlightjs/nnfx.css' media='(prefers-color-scheme: no-preference), (prefers-color-scheme: light)'>" +@@ -136,8 +144,8 @@ web_resource_data_cb (WebKitWebResource + " hljs.initLineNumbersOnLoad();</script>" + " <pre><code class='html'>%s</code></pre>" + "</body>", +- webkit_web_resource_get_uri (resource), +- escaped_str); ++ encoded_uri, ++ encoded_str); + + finish_uri_scheme_request (request, g_steal_pointer (&html), NULL); + } +Index: epiphany-browser/embed/ephy-web-view.c +=================================================================== +--- epiphany-browser.orig/embed/ephy-web-view.c ++++ epiphany-browser/embed/ephy-web-view.c +@@ -38,6 +38,7 @@ + #include "ephy-gsb-utils.h" + #include "ephy-history-service.h" + #include "ephy-lib-type-builtins.h" ++#include "ephy-output-encoding.h" + #include "ephy-permissions-manager.h" + #include "ephy-prefs.h" + #include "ephy-reader-handler.h" +@@ -1772,9 +1773,11 @@ format_network_error_page (const char * + const char **icon_name, + const char **style) + { +- char *formatted_origin; +- char *formatted_reason; +- char *first_paragraph; ++ g_autofree char *encoded_uri = NULL; ++ g_autofree char *encoded_origin = NULL; ++ g_autofree char *formatted_origin = NULL; ++ g_autofree char *formatted_reason = NULL; ++ g_autofree char *first_paragraph = NULL; + const char *second_paragraph; + + /* Page title when a site cannot be loaded due to a network error. */ +@@ -1783,7 +1786,8 @@ format_network_error_page (const char * + /* Message title when a site cannot be loaded due to a network error. */ + *message_title = g_strdup (_("Unable to display this website")); + +- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin); ++ encoded_origin = ephy_encode_for_html_entity (origin); ++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin); + /* Error details when a site cannot be loaded due to a network error. */ + first_paragraph = g_strdup_printf (_("The site at %s seems to be " + "unavailable."), +@@ -1805,16 +1809,13 @@ format_network_error_page (const char * + + /* The button on the network error page. DO NOT ADD MNEMONICS HERE. */ + *button_label = g_strdup (_("Reload")); +- *button_action = g_strdup_printf ("window.location = '%s';", uri); ++ encoded_uri = ephy_encode_for_javascript (uri); ++ *button_action = g_strdup_printf ("window.location = '%s';", encoded_uri); + /* Mnemonic for the Reload button on browser error pages. */ + *button_accesskey = C_("reload-access-key", "R"); + + *icon_name = "network-error-symbolic.svg"; + *style = "default"; +- +- g_free (formatted_origin); +- g_free (formatted_reason); +- g_free (first_paragraph); + } + + static void +@@ -1828,10 +1829,12 @@ format_crash_error_page (const char *ur + const char **icon_name, + const char **style) + { +- char *formatted_uri; +- char *formatted_distributor; +- char *first_paragraph; +- char *second_paragraph; ++ g_autofree char *html_encoded_uri = NULL; ++ g_autofree char *js_encoded_uri = NULL; ++ g_autofree char *formatted_uri = NULL; ++ g_autofree char *formatted_distributor = NULL; ++ g_autofree char *first_paragraph = NULL; ++ g_autofree char *second_paragraph = NULL; + + /* Page title when a site cannot be loaded due to a page crash error. */ + *page_title = g_strdup_printf (_("Problem Loading Page")); +@@ -1839,7 +1842,8 @@ format_crash_error_page (const char *ur + /* Message title when a site cannot be loaded due to a page crash error. */ + *message_title = g_strdup (_("Oops! There may be a problem")); + +- formatted_uri = g_strdup_printf ("<strong>%s</strong>", uri); ++ html_encoded_uri = ephy_encode_for_html_entity (uri); ++ formatted_uri = g_strdup_printf ("<strong>%s</strong>", html_encoded_uri); + /* Error details when a site cannot be loaded due to a page crash error. */ + first_paragraph = g_strdup_printf (_("The page %s may have caused Web to " + "close unexpectedly."), +@@ -1858,17 +1862,13 @@ format_crash_error_page (const char *ur + + /* The button on the page crash error page. DO NOT ADD MNEMONICS HERE. */ + *button_label = g_strdup (_("Reload")); +- *button_action = g_strdup_printf ("window.location = '%s';", uri); ++ js_encoded_uri = ephy_encode_for_javascript (uri); ++ *button_action = g_strdup_printf ("window.location = '%s';", js_encoded_uri); + /* Mnemonic for the Reload button on browser error pages. */ + *button_accesskey = C_("reload-access-key", "R"); + + *icon_name = "computer-fail-symbolic.svg"; + *style = "default"; +- +- g_free (formatted_uri); +- g_free (formatted_distributor); +- g_free (first_paragraph); +- g_free (second_paragraph); + } + + static void +@@ -1882,6 +1882,7 @@ format_process_crash_error_page (const c + const char **icon_name, + const char **style) + { ++ g_autofree char *encoded_uri = NULL; + const char *first_paragraph; + + /* Page title when a site cannot be loaded due to a process crash error. */ +@@ -1897,7 +1898,8 @@ format_process_crash_error_page (const c + + /* The button on the process crash error page. DO NOT ADD MNEMONICS HERE. */ + *button_label = g_strdup (_("Reload")); +- *button_action = g_strdup_printf ("window.location = '%s';", uri); ++ encoded_uri = ephy_encode_for_javascript (uri); ++ *button_action = g_strdup_printf ("window.location = '%s';", encoded_uri); + /* Mnemonic for the Reload button on browser error pages. */ + *button_accesskey = C_("reload-access-key", "R"); + +@@ -1921,8 +1923,9 @@ format_tls_error_page (EphyWebView *vie + const char **icon_name, + const char **style) + { +- char *formatted_origin; +- char *first_paragraph; ++ g_autofree char *encoded_origin = NULL; ++ g_autofree char *formatted_origin = NULL; ++ g_autofree char *first_paragraph = NULL; + + /* Page title when a site is not loaded due to an invalid TLS certificate. */ + *page_title = g_strdup_printf (_("Security Violation")); +@@ -1930,7 +1933,8 @@ format_tls_error_page (EphyWebView *vie + /* Message title when a site is not loaded due to an invalid TLS certificate. */ + *message_title = g_strdup (_("This Connection is Not Secure")); + +- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin); ++ encoded_origin = ephy_encode_for_html_entity (origin); ++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin); + /* Error details when a site is not loaded due to an invalid TLS certificate. */ + first_paragraph = g_strdup_printf (_("This does not look like the real %s. " + "Attackers might be trying to steal or " +@@ -1956,9 +1960,6 @@ format_tls_error_page (EphyWebView *vie + + *icon_name = "channel-insecure-symbolic.svg"; + *style = "danger"; +- +- g_free (formatted_origin); +- g_free (first_paragraph); + } + + static void +@@ -1978,8 +1979,9 @@ format_unsafe_browsing_error_page (EphyW + const char **icon_name, + const char **style) + { +- char *formatted_origin; +- char *first_paragraph; ++ g_autofree char *encoded_origin = NULL; ++ g_autofree char *formatted_origin = NULL; ++ g_autofree char *first_paragraph = NULL; + + /* Page title when a site is flagged by Google Safe Browsing verification. */ + *page_title = g_strdup_printf (_("Security Warning")); +@@ -1987,7 +1989,8 @@ format_unsafe_browsing_error_page (EphyW + /* Message title on the unsafe browsing error page. */ + *message_title = g_strdup (_("Unsafe website detected!")); + +- formatted_origin = g_strdup_printf ("<strong>%s</strong>", origin); ++ encoded_origin = ephy_encode_for_html_entity (origin); ++ formatted_origin = g_strdup_printf ("<strong>%s</strong>", encoded_origin); + /* Error details on the unsafe browsing error page. + * https://developers.google.com/safe-browsing/v4/usage-limits#UserWarnings + */ +@@ -2045,9 +2048,6 @@ format_unsafe_browsing_error_page (EphyW + + *icon_name = "security-high-symbolic.svg"; + *style = "danger"; +- +- g_free (formatted_origin); +- g_free (first_paragraph); + } + + static void +@@ -2061,7 +2061,8 @@ format_no_such_file_error_page (EphyWebV + const char **icon_name, + const char **style) + { +- g_autofree gchar *formatted_origin = NULL; ++ g_autofree gchar *encoded_address = NULL; ++ g_autofree gchar *formatted_address = NULL; + g_autofree gchar *first_paragraph = NULL; + g_autofree gchar *second_paragraph = NULL; + +@@ -2071,10 +2072,11 @@ format_no_such_file_error_page (EphyWebV + /* Message title on the no such file error page. */ + *message_title = g_strdup (_("File not found")); + +- formatted_origin = g_strdup_printf ("<strong>%s</strong>", view->address); ++ encoded_address = ephy_encode_for_html_entity (view->address); ++ formatted_address = g_strdup_printf ("<strong>%s</strong>", encoded_address); + + first_paragraph = g_strdup_printf (_("%s could not be found."), +- formatted_origin); ++ formatted_address); + second_paragraph = g_strdup_printf (_("Please check the file name for " + "capitalization or other typing errors. Also check if " + "it has been moved, renamed, or deleted.")); +@@ -2109,19 +2111,19 @@ ephy_web_view_load_error_page (EphyWebVi + GError *error, + gpointer user_data) + { +- GBytes *html_file; +- GString *html = g_string_new (""); +- char *origin = NULL; +- char *lang = NULL; +- char *page_title = NULL; +- char *msg_title = NULL; +- char *msg_body = NULL; +- char *msg_details = NULL; +- char *button_label = NULL; +- char *hidden_button_label = NULL; +- char *button_action = NULL; +- char *hidden_button_action = NULL; +- char *style_sheet = NULL; ++ g_autoptr (GBytes) html_file = NULL; ++ g_autoptr (GString) html = g_string_new (NULL); ++ g_autofree char *origin = NULL; ++ g_autofree char *lang = NULL; ++ g_autofree char *page_title = NULL; ++ g_autofree char *msg_title = NULL; ++ g_autofree char *msg_body = NULL; ++ g_autofree char *msg_details = NULL; ++ g_autofree char *button_label = NULL; ++ g_autofree char *hidden_button_label = NULL; ++ g_autofree char *button_action = NULL; ++ g_autofree char *hidden_button_action = NULL; ++ g_autofree char *style_sheet = NULL; + const char *button_accesskey = NULL; + const char *hidden_button_accesskey = NULL; + const char *icon_name = NULL; +@@ -2261,23 +2263,9 @@ ephy_web_view_load_error_page (EphyWebVi + button_accesskey, button_label); + #pragma GCC diagnostic pop + +- g_bytes_unref (html_file); +- g_free (origin); +- g_free (lang); +- g_free (page_title); +- g_free (msg_title); +- g_free (msg_body); +- g_free (msg_details); +- g_free (button_label); +- g_free (button_action); +- g_free (hidden_button_label); +- g_free (hidden_button_action); +- g_free (style_sheet); +- + /* Make our history backend ignore the next page load, since it will be an error page. */ + ephy_web_view_freeze_history (view); + webkit_web_view_load_alternate_html (WEBKIT_WEB_VIEW (view), html->str, uri, 0); +- g_string_free (html, TRUE); + } + + static gboolean +Index: epiphany-browser/lib/ephy-output-encoding.c +=================================================================== +--- /dev/null ++++ epiphany-browser/lib/ephy-output-encoding.c +@@ -0,0 +1,117 @@ ++/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ ++/* ++ * Copyright © Red Hat Inc. ++ * ++ * This file is part of Epiphany. ++ * ++ * Epiphany is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * Epiphany is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with Epiphany. If not, see <http://www.gnu.org/licenses/>. ++ */ ++ ++#include "config.h" ++#include "ephy-output-encoding.h" ++ ++#include <glib.h> ++ ++#if !GLIB_CHECK_VERSION(2, 68, 0) ++static guint ++g_string_replace (GString *string, ++ const gchar *find, ++ const gchar *replace, ++ guint limit) ++{ ++ gsize f_len, r_len, pos; ++ gchar *cur, *next; ++ guint n = 0; ++ ++ g_return_val_if_fail (string != NULL, 0); ++ g_return_val_if_fail (find != NULL, 0); ++ g_return_val_if_fail (replace != NULL, 0); ++ ++ f_len = strlen (find); ++ r_len = strlen (replace); ++ cur = string->str; ++ ++ while ((next = strstr (cur, find)) != NULL) ++ { ++ pos = next - string->str; ++ g_string_erase (string, pos, f_len); ++ g_string_insert (string, pos, replace); ++ cur = string->str + pos + r_len; ++ n++; ++ /* Only match the empty string once at any given position, to ++ * avoid infinite loops */ ++ if (f_len == 0) ++ { ++ if (cur[0] == '\0') ++ break; ++ else ++ cur++; ++ } ++ if (n == limit) ++ break; ++ } ++ ++ return n; ++} ++#endif ++ ++char * ++ephy_encode_for_html_entity (const char *input) ++{ ++ GString *str = g_string_new (input); ++ ++ g_string_replace (str, "&", "&", 0); ++ g_string_replace (str, "<", "<", 0); ++ g_string_replace (str, ">", ">", 0); ++ g_string_replace (str, "\"", """, 0); ++ g_string_replace (str, "'", "'", 0); ++ g_string_replace (str, "/", "/", 0); ++ ++ return g_string_free (str, FALSE); ++} ++ ++static char * ++encode_all_except_alnum (const char *input, ++ const char *format) ++{ ++ GString *str; ++ const char *c = input; ++ ++ if (!g_utf8_validate (input, -1, NULL)) ++ return g_strdup (""); ++ ++ str = g_string_new (NULL); ++ do { ++ gunichar u = g_utf8_get_char (c); ++ if (g_unichar_isalnum (u)) ++ g_string_append_unichar (str, u); ++ else ++ g_string_append_printf (str, format, u); ++ c = g_utf8_next_char (c); ++ } while (*c); ++ ++ return g_string_free (str, FALSE); ++} ++ ++char * ++ephy_encode_for_html_attribute (const char *input) ++{ ++ return encode_all_except_alnum (input, "&#x%02x;"); ++} ++ ++char * ++ephy_encode_for_javascript (const char *input) ++{ ++ return encode_all_except_alnum (input, "\\u%04u;"); ++} +Index: epiphany-browser/lib/ephy-output-encoding.h +=================================================================== +--- /dev/null ++++ epiphany-browser/lib/ephy-output-encoding.h +@@ -0,0 +1,38 @@ ++/* -*- Mode: C; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ ++/* ++ * Copyright © 2021 Red Hat Inc. ++ * ++ * This file is part of Epiphany. ++ * ++ * Epiphany is free software: you can redistribute it and/or modify ++ * it under the terms of the GNU General Public License as published by ++ * the Free Software Foundation, either version 3 of the License, or ++ * (at your option) any later version. ++ * ++ * Epiphany is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the ++ * GNU General Public License for more details. ++ * ++ * You should have received a copy of the GNU General Public License ++ * along with Epiphany. If not, see <http://www.gnu.org/licenses/>. ++ */ ++ ++#pragma once ++ ++#include <glib.h> ++ ++G_BEGIN_DECLS ++ ++/* These functions implement the OWASP XSS prevention output encoding rules: ++ * https://cheatsheetseries.owasp.org/cheatsheets/Cross_Site_Scripting_Prevention_Cheat_Sheet.html#output-encoding-rules-summary ++ * ++ * You must *carefully* read that document to safely inject untrusted data into ++ * web content. Here be dragons. ++ */ ++ ++char *ephy_encode_for_html_entity (const char *input); ++char *ephy_encode_for_html_attribute (const char *input); ++char *ephy_encode_for_javascript (const char *input); ++ ++G_END_DECLS +Index: epiphany-browser/lib/meson.build +=================================================================== +--- epiphany-browser.orig/lib/meson.build ++++ epiphany-browser/lib/meson.build +@@ -21,6 +21,7 @@ libephymisc_sources = [ + 'ephy-langs.c', + 'ephy-notification.c', + 'ephy-notification-container.c', ++ 'ephy-output-encoding.c', + 'ephy-permissions-manager.c', + 'ephy-profile-utils.c', + 'ephy-search-engine-manager.c', diff --git a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb index 3b884f03e9..8b752f7e7d 100644 --- a/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb +++ b/meta/recipes-gnome/gobject-introspection/gobject-introspection_1.66.1.bb @@ -94,7 +94,7 @@ EOF # from the target sysroot. cat > ${B}/g-ir-scanner-wrapper << EOF #!/bin/sh -# This prevents g-ir-scanner from writing cache data to $HOME +# This prevents g-ir-scanner from writing cache data to user's HOME dir export GI_SCANNER_DISABLE_CACHE=1 g-ir-scanner --lib-dirs-envvar=GIR_EXTRA_LIBS_PATH --use-binary-wrapper=${STAGING_BINDIR}/g-ir-scanner-qemuwrapper --use-ldd-wrapper=${STAGING_BINDIR}/g-ir-scanner-lddwrapper --add-include-path=${STAGING_DATADIR}/gir-1.0 --add-include-path=${STAGING_LIBDIR}/gir-1.0 "\$@" diff --git a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb index 74e3430528..d70265ee50 100644 --- a/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb +++ b/meta/recipes-gnome/hicolor-icon-theme/hicolor-icon-theme_0.17.bb @@ -16,3 +16,7 @@ inherit allarch autotools FILES_${PN} += "${datadir}/icons" BBCLASSEXTEND = "native nativesdk" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb index 1e37feb20a..f39cbdca5a 100644 --- a/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb +++ b/meta/recipes-gnome/libhandy/libhandy_1.2.0.bb @@ -9,7 +9,7 @@ BUGTRACKER = "https://gitlab.gnome.org/GNOME/libhandy/-/issues" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" -SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https" +SRC_URI = "git://gitlab.gnome.org/GNOME/libhandy.git;protocol=https;branch=master" SRCREV = "7b38a860ffcec6c2ad28153358cc3d037ddb618f" S = "${WORKDIR}/git" diff --git a/meta/recipes-gnome/libportal/libportal_0.3.bb b/meta/recipes-gnome/libportal/libportal_0.3.bb index bc4ff3784c..c24a794fc4 100644 --- a/meta/recipes-gnome/libportal/libportal_0.3.bb +++ b/meta/recipes-gnome/libportal/libportal_0.3.bb @@ -6,7 +6,7 @@ BUGTRACKER = "https://github.com/flatpak/libportal/issues" LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=5f30f0716dfdd0d91eb439ebec522ec2" -SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https" +SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https;branch=master" SRCREV = "a609e06d0c4adc5c510cf9ac7b060db3d368e78f" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/glslang/glslang_11.2.0.bb b/meta/recipes-graphics/glslang/glslang_11.2.0.bb index 902f7345f5..e00f73ccb7 100644 --- a/meta/recipes-graphics/glslang/glslang_11.2.0.bb +++ b/meta/recipes-graphics/glslang/glslang_11.2.0.bb @@ -9,7 +9,7 @@ LICENSE = "BSD-3-Clause & BSD-2-Clause & MIT & Apache-2.0 & GPL-3-with-bison-exc LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c5ce49c0456e9b413b98a4368c378229" SRCREV = "5421877c380d5f92c1965c7a94620dac861297dd" -SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https \ +SRC_URI = "git://github.com/KhronosGroup/glslang.git;protocol=https;branch=master \ file://0001-generate-glslang-pkg-config.patch" UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb index 1cc94cf993..4b8630a318 100644 --- a/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb +++ b/meta/recipes-graphics/igt-gpu-tools/igt-gpu-tools_git.bb @@ -12,7 +12,7 @@ inherit meson SRCREV = "d16ad07e7f2a028e14d61f570931c87fa5ce404c" PV = "1.25+git${SRCPV}" -SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https \ +SRC_URI = "git://gitlab.freedesktop.org/drm/igt-gpu-tools.git;protocol=https;branch=master \ file://0001-lib-igt_edid-Allocate-raw-8-bytes-for-VSDB.patch \ file://reproducibility.patch" diff --git a/meta/recipes-graphics/libfakekey/libfakekey_git.bb b/meta/recipes-graphics/libfakekey/libfakekey_git.bb index ab6f5ac9ed..33ea6fe5a9 100644 --- a/meta/recipes-graphics/libfakekey/libfakekey_git.bb +++ b/meta/recipes-graphics/libfakekey/libfakekey_git.bb @@ -13,7 +13,7 @@ SECTION = "x11/wm" SRCREV = "7ad885912efb2131e80914e964d5e635b0d07b40" PV = "0.3+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb index 1a31677978..06bd682823 100644 --- a/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb +++ b/meta/recipes-graphics/libmatchbox/libmatchbox_1.12.bb @@ -17,7 +17,7 @@ DEPENDS = "virtual/libx11 libxext" #SRCREV for 1.12 SRCREV = "e846ee434f8e23d9db38af13c523f791495e0e87" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb index 828f4fb317..39763ba539 100644 --- a/meta/recipes-graphics/libva/libva-utils_2.10.0.bb +++ b/meta/recipes-graphics/libva/libva-utils_2.10.0.bb @@ -14,7 +14,7 @@ SECTION = "x11" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=b148fc8adf19dc9aec17cf9cd29a9a5e" -SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch" +SRC_URI = "git://github.com/intel/libva-utils.git;branch=v2.10-branch;protocol=https" SRCREV = "f112ee75fcd1472131b20f901b93f6ac1d293fad" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb index a08eb252ce..3ea67d09d6 100644 --- a/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb +++ b/meta/recipes-graphics/matchbox-wm/matchbox-wm_1.2.2.bb @@ -12,7 +12,7 @@ DEPENDS = "libmatchbox virtual/libx11 libxext libxrender startup-notification ex # SRCREV tagged 1.2.2 SRCREV = "27da947e7fbdf9659f7e5bd1e92af92af6c03970" -SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager \ +SRC_URI = "git://git.yoctoproject.org/matchbox-window-manager;branch=master \ file://0001-Fix-build-with-gcc-10.patch \ file://kbdconfig" diff --git a/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch new file mode 100644 index 0000000000..899450eb2a --- /dev/null +++ b/meta/recipes-graphics/mesa/files/0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch @@ -0,0 +1,52 @@ +commit 8bd63cd28939d79d6681943b840627eaa3614ee4 +Author: Pablo Saavedra <psaavedra@igalia.com> +Date: Mon Oct 18 15:48:42 2021 +0200 + + gallium/dri: Make YUV formats we're going to emulate external-only. + + If we're going to have to bind them as separate planes with colorspace + conversion for sampling on the frontend, then we need to report that + they're only for external-image samplers, otherwise the lowering won't be + applied. + + Fixes: 4e3a7dcf ("gallium: enable EGL_EXT_image_dma_buf_import_modifiers unconditionally") + Reviewed-by: Jose Maria Casanova Crespo <jmcasanova@igalia.com> + Part-of: <https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038> + +Upstream-Status: Backport [https://gitlab.freedesktop.org/mesa/mesa/-/merge_requests/13038] + +diff --git a/src/gallium/frontends/dri/dri2.c b/src/gallium/frontends/dri/dri2.c +index b0c0d7e..ef8df5a 100644 +--- a/src/gallium/frontends/dri/dri2.c ++++ b/src/gallium/frontends/dri/dri2.c +@@ -1445,16 +1445,24 @@ dri2_query_dma_buf_modifiers(__DRIscreen *_screen, int fourcc, int max, + + format = map->pipe_format; + ++ bool native_sampling = pscreen->is_format_supported(pscreen, format, screen->target, 0, 0, ++ PIPE_BIND_SAMPLER_VIEW); + if (pscreen->is_format_supported(pscreen, format, screen->target, 0, 0, +- PIPE_BIND_RENDER_TARGET) || +- pscreen->is_format_supported(pscreen, format, screen->target, 0, 0, +- PIPE_BIND_SAMPLER_VIEW) || +- dri2_yuv_dma_buf_supported(screen, map)) { +- if (pscreen->query_dmabuf_modifiers != NULL) ++ PIPE_BIND_RENDER_TARGET) || ++ native_sampling || ++ dri2_yuv_dma_buf_supported(screen, map)) { ++ if (pscreen->query_dmabuf_modifiers != NULL) { + pscreen->query_dmabuf_modifiers(pscreen, format, max, modifiers, + external_only, count); +- else ++ if (!native_sampling && external_only) { ++ /* To support it using YUV lowering, we need it to be samplerExternalOES. ++ */ ++ for (int i = 0; i < *count; i++) ++ external_only[i] = true; ++ } ++ } else { + *count = 0; ++ } + return true; + } + return false; diff --git a/meta/recipes-graphics/mesa/mesa.inc b/meta/recipes-graphics/mesa/mesa.inc index a85f94c75e..cfc1bc1d36 100644 --- a/meta/recipes-graphics/mesa/mesa.inc +++ b/meta/recipes-graphics/mesa/mesa.inc @@ -19,6 +19,7 @@ SRC_URI = "https://mesa.freedesktop.org/archive/mesa-${PV}.tar.xz \ file://0002-meson.build-make-TLS-ELF-optional.patch \ file://0001-meson-misdetects-64bit-atomics-on-mips-clang.patch \ file://0001-futex.h-Define-__NR_futex-if-it-does-not-exist.patch \ + file://0001-gallium-dri-Make-YUV-formats-we-re-going-to-emulate-.patch \ " SRC_URI[sha256sum] = "565c6f4bd2d5747b919454fc1d439963024fc78ca56fd05158c3b2cde2f6912b" @@ -252,7 +253,7 @@ python mesa_populate_packages() { import re dri_drivers_root = oe.path.join(d.getVar('PKGD'), d.getVar('libdir'), "dri") if os.path.isdir(dri_drivers_root): - dri_pkgs = os.listdir(dri_drivers_root) + dri_pkgs = sorted(os.listdir(dri_drivers_root)) lib_name = d.expand("${MLPREFIX}mesa-megadriver") for p in dri_pkgs: m = re.match(r'^(.*)_dri\.so$', p) diff --git a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb index 58a6997ffe..88101b5dcc 100644 --- a/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb +++ b/meta/recipes-graphics/mx/mx-1.0_1.4.7.bb @@ -7,7 +7,7 @@ PV = "1.4.7+git${SRCPV}" # Exclude x.99.x versions from upstream checks UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>^\d+(\.(?!99)\d+)+)" -SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4 \ +SRC_URI = "git://github.com/clutter-project/mx.git;branch=mx-1.4;protocol=https \ file://fix-test-includes.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/piglit/piglit_git.bb b/meta/recipes-graphics/piglit/piglit_git.bb index 14f4c75a2c..96ec93071d 100644 --- a/meta/recipes-graphics/piglit/piglit_git.bb +++ b/meta/recipes-graphics/piglit/piglit_git.bb @@ -6,7 +6,7 @@ BUGTRACKER = "https://gitlab.freedesktop.org/mesa/piglit/-/issues" LICENSE = "MIT & LGPLv2+ & GPLv3 & GPLv2+ & BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=b2beded7103a3d8a442a2a0391d607b0" -SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https \ +SRC_URI = "git://gitlab.freedesktop.org/mesa/piglit.git;protocol=https;branch=master \ file://0001-cmake-install-bash-completions-in-the-right-place.patch \ file://0001-cmake-use-proper-WAYLAND_INCLUDE_DIRS-variable.patch \ file://0001-Add-a-missing-include-for-htobe32-definition.patch \ diff --git a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb index 7a43af5e6b..ea7e17305e 100644 --- a/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb +++ b/meta/recipes-graphics/spir/spirv-headers_1.5.4.bb @@ -8,7 +8,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=c938b85bceb8fb26c1a807f28a52ae2d" SRCREV = "bcf55210f13a4fa3c3d0963b509ff1070e434c79" -SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https" +SRC_URI = "git://github.com/KhronosGroup/SPIRV-Headers;protocol=https;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "^(?P<pver>\d+(\.\d+)+)$" S = "${WORKDIR}/git" PV .= "+git${SRCPV}" diff --git a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb index 8be698533a..9a06408526 100644 --- a/meta/recipes-graphics/spir/spirv-tools_2020.7.bb +++ b/meta/recipes-graphics/spir/spirv-tools_2020.7.bb @@ -8,7 +8,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRCREV = "2573fd781b5408cd7fe5755a78b60d767a748ff9" -SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git \ +SRC_URI = "git://github.com/KhronosGroup/SPIRV-Tools.git;branch=master;protocol=https \ file://0001-fix-strncpy-bound-error.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "^v(?P<pver>\d+(\.\d+)+)$" diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch new file mode 100644 index 0000000000..ae42dc8f6c --- /dev/null +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0135.patch @@ -0,0 +1,117 @@ +From 63aee871365f9c9e7fa9125672302a0fb250d34d Mon Sep 17 00:00:00 2001 +From: Gert Wollny <gert.wollny@collabora.com> +Date: Tue, 30 Nov 2021 09:16:24 +0100 +Subject: [PATCH 2/2] vrend: propperly check whether the shader image range is + correct + +Also add a test to check the integer underflow. + +Closes: #251 +Signed-off-by: Gert Wollny <gert.wollny@collabora.com> +Reviewed-by: Chia-I Wu <olvaffe@gmail.com> + +cherry-pick from anongit.freedesktop.org/virglrenderer +commit 2aed5d4... + +CVE: CVE-2022-0135 +Upstream-Status: Backport +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +--- + src/vrend_decode.c | 3 +- + tests/test_fuzzer_formats.c | 57 +++++++++++++++++++++++++++++++++++++ + 2 files changed, 59 insertions(+), 1 deletion(-) + +diff --git a/src/vrend_decode.c b/src/vrend_decode.c +index 91f5f24..6771b10 100644 +--- a/src/vrend_decode.c ++++ b/src/vrend_decode.c +@@ -1249,8 +1249,9 @@ static int vrend_decode_set_shader_images(struct vrend_context *ctx, const uint3 + if (num_images < 1) { + return 0; + } ++ + if (start_slot > PIPE_MAX_SHADER_IMAGES || +- start_slot > PIPE_MAX_SHADER_IMAGES - num_images) ++ start_slot + num_images > PIPE_MAX_SHADER_IMAGES) + return EINVAL; + + for (uint32_t i = 0; i < num_images; i++) { +diff --git a/tests/test_fuzzer_formats.c b/tests/test_fuzzer_formats.c +index 154a2e5..e32caf0 100644 +--- a/tests/test_fuzzer_formats.c ++++ b/tests/test_fuzzer_formats.c +@@ -958,6 +958,61 @@ static void test_vrend_set_signle_abo_heap_overflow() { + virgl_renderer_submit_cmd((void *) cmd, ctx_id, 0xde); + } + ++static void test_vrend_set_shader_images_overflow() ++{ ++ uint32_t num_shaders = PIPE_MAX_SHADER_IMAGES + 1; ++ uint32_t size = num_shaders * VIRGL_SET_SHADER_IMAGE_ELEMENT_SIZE + 3; ++ uint32_t cmd[size]; ++ int i = 0; ++ cmd[i++] = ((size - 1)<< 16) | 0 << 8 | VIRGL_CCMD_SET_SHADER_IMAGES; ++ cmd[i++] = PIPE_SHADER_FRAGMENT; ++ memset(&cmd[i], 0, size - i); ++ ++ virgl_renderer_submit_cmd((void *) cmd, ctx_id, size); ++} ++ ++/* Test adapted from yaojun8558363@gmail.com: ++ * https://gitlab.freedesktop.org/virgl/virglrenderer/-/issues/250 ++*/ ++static void test_vrend_3d_resource_overflow() { ++ ++ struct virgl_renderer_resource_create_args resource; ++ resource.handle = 0x4c474572; ++ resource.target = PIPE_TEXTURE_2D_ARRAY; ++ resource.format = VIRGL_FORMAT_Z24X8_UNORM; ++ resource.nr_samples = 2; ++ resource.last_level = 0; ++ resource.array_size = 3; ++ resource.bind = VIRGL_BIND_SAMPLER_VIEW; ++ resource.depth = 1; ++ resource.width = 8; ++ resource.height = 4; ++ resource.flags = 0; ++ ++ virgl_renderer_resource_create(&resource, NULL, 0); ++ virgl_renderer_ctx_attach_resource(ctx_id, resource.handle); ++ ++ uint32_t size = 0x400; ++ uint32_t cmd[size]; ++ int i = 0; ++ cmd[i++] = (size - 1) << 16 | 0 << 8 | VIRGL_CCMD_RESOURCE_INLINE_WRITE; ++ cmd[i++] = resource.handle; ++ cmd[i++] = 0; // level ++ cmd[i++] = 0; // usage ++ cmd[i++] = 0; // stride ++ cmd[i++] = 0; // layer_stride ++ cmd[i++] = 0; // x ++ cmd[i++] = 0; // y ++ cmd[i++] = 0; // z ++ cmd[i++] = 8; // w ++ cmd[i++] = 4; // h ++ cmd[i++] = 3; // d ++ memset(&cmd[i], 0, size - i); ++ ++ virgl_renderer_submit_cmd((void *) cmd, ctx_id, size); ++} ++ ++ + int main() + { + initialize_environment(); +@@ -980,6 +1035,8 @@ int main() + test_cs_nullpointer_deference(); + test_vrend_set_signle_abo_heap_overflow(); + ++ test_vrend_set_shader_images_overflow(); ++ test_vrend_3d_resource_overflow(); + + virgl_renderer_context_destroy(ctx_id); + virgl_renderer_cleanup(&cookie); +-- +2.25.1 + diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch new file mode 100644 index 0000000000..8bbb9eb579 --- /dev/null +++ b/meta/recipes-graphics/virglrenderer/virglrenderer/cve-2022-0175.patch @@ -0,0 +1,112 @@ +From 5ca7aca001092c557f0b6fc1ba3db7dcdab860b7 Mon Sep 17 00:00:00 2001 +From: Gert Wollny <gert.wollny@collabora.com> +Date: Tue, 30 Nov 2021 09:29:42 +0100 +Subject: [PATCH 1/2] vrend: clear memory when allocating a host-backed memory + resource + +Closes: #249 +Signed-off-by: Gert Wollny <gert.wollny@collabora.com> +Reviewed-by: Chia-I Wu <olvaffe@gmail.com> + +cherry-pick from anongit.freedesktop.org/virglrenderer +commit b05bb61... + +CVE: CVE-2022-0175 +Upstream-Status: Backport +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +Patch to vrend_renderer.c modified to apply to version used by hardknott. +Patch to test_virgl_transfer.c unchanged. + +Signed-off-by: Joe Slater <joe.slater@windriver.com> + +--- + src/vrend_renderer.c | 2 +- + tests/test_virgl_transfer.c | 51 +++++++++++++++++++++++++++++++++++++ + 2 files changed, 52 insertions(+), 1 deletion(-) + +diff --git a/src/vrend_renderer.c b/src/vrend_renderer.c +index ad7a351..d84f785 100644 +--- a/src/vrend_renderer.c ++++ b/src/vrend_renderer.c +@@ -6646,7 +6646,7 @@ int vrend_renderer_resource_create(struct vrend_renderer_resource_create_args *a + if (args->bind == VIRGL_BIND_CUSTOM) { + /* use iovec directly when attached */ + gr->storage_bits |= VREND_STORAGE_HOST_SYSTEM_MEMORY; +- gr->ptr = malloc(args->width); ++ gr->ptr = calloc(1, args->width); + if (!gr->ptr) { + FREE(gr); + return ENOMEM; +diff --git a/tests/test_virgl_transfer.c b/tests/test_virgl_transfer.c +index 2c8669a..8f8e98a 100644 +--- a/tests/test_virgl_transfer.c ++++ b/tests/test_virgl_transfer.c +@@ -952,6 +952,56 @@ START_TEST(virgl_test_transfer_near_res_bounds_with_stride_succeeds) + } + END_TEST + ++START_TEST(test_vrend_host_backed_memory_no_data_leak) ++{ ++ struct iovec iovs[1]; ++ int niovs = 1; ++ ++ struct virgl_context ctx = {0}; ++ ++ int ret = testvirgl_init_ctx_cmdbuf(&ctx); ++ ++ struct virgl_renderer_resource_create_args res; ++ res.handle = 0x400; ++ res.target = PIPE_BUFFER; ++ res.format = VIRGL_FORMAT_R8_UNORM; ++ res.nr_samples = 0; ++ res.last_level = 0; ++ res.array_size = 1; ++ res.bind = VIRGL_BIND_CUSTOM; ++ res.depth = 1; ++ res.width = 32; ++ res.height = 1; ++ res.flags = 0; ++ ++ uint32_t size = 32; ++ uint8_t* data = calloc(1, size); ++ memset(data, 1, 32); ++ iovs[0].iov_base = data; ++ iovs[0].iov_len = size; ++ ++ struct pipe_box box = {0,0,0, size, 1,1}; ++ ++ virgl_renderer_resource_create(&res, NULL, 0); ++ virgl_renderer_ctx_attach_resource(ctx.ctx_id, res.handle); ++ ++ ret = virgl_renderer_transfer_read_iov(res.handle, ctx.ctx_id, 0, 0, 0, ++ (struct virgl_box *)&box, 0, iovs, niovs); ++ ++ ck_assert_int_eq(ret, 0); ++ ++ for (int i = 0; i < 32; ++i) ++ ck_assert_int_eq(data[i], 0); ++ ++ virgl_renderer_ctx_detach_resource(1, res.handle); ++ ++ virgl_renderer_resource_unref(res.handle); ++ free(data); ++ ++} ++END_TEST ++ ++ + static Suite *virgl_init_suite(void) + { + Suite *s; +@@ -981,6 +1031,7 @@ static Suite *virgl_init_suite(void) + tcase_add_test(tc_core, virgl_test_transfer_buffer_bad_strides); + tcase_add_test(tc_core, virgl_test_transfer_2d_array_bad_layer_stride); + tcase_add_test(tc_core, virgl_test_transfer_2d_bad_level); ++ tcase_add_test(tc_core, test_vrend_host_backed_memory_no_data_leak); + + tcase_add_loop_test(tc_core, virgl_test_transfer_res_read_valid, 0, PIPE_MAX_TEXTURE_TYPES); + tcase_add_loop_test(tc_core, virgl_test_transfer_res_write_valid, 0, PIPE_MAX_TEXTURE_TYPES); +-- +2.31.1 + diff --git a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb index 52821195d1..1c32a573b2 100644 --- a/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb +++ b/meta/recipes-graphics/virglrenderer/virglrenderer_0.8.2.bb @@ -10,9 +10,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c81c08eeefd9418fca8f88309a76db10" DEPENDS = "libdrm virtual/libgl libepoxy" SRCREV = "7d204f3927be65fb3365dce01dbcd04d447a4985" -SRC_URI = "git://anongit.freedesktop.org/virglrenderer \ +SRC_URI = "git://anongit.freedesktop.org/git/virglrenderer;branch=master \ file://0001-gallium-Expand-libc-check-to-be-platform-OS-check.patch \ file://0001-meson.build-use-python3-directly-for-python.patch \ + file://cve-2022-0135.patch \ + file://cve-2022-0175.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb index 5a8c62e64d..295ac12fc5 100644 --- a/meta/recipes-graphics/vulkan/assimp_5.0.1.bb +++ b/meta/recipes-graphics/vulkan/assimp_5.0.1.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=2119edef0916b0bd511cb3c731076271" DEPENDS = "zlib" -SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release \ +SRC_URI = "git://github.com/assimp/assimp.git;branch=assimp_5.0_release;protocol=https \ file://0001-closes-https-github.com-assimp-assimp-issues-2733-up.patch \ file://0001-Use-ASSIMP_LIB_INSTALL_DIR-to-search-library.patch \ " diff --git a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb index 4c9c94f3d2..b0211432ab 100644 --- a/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb +++ b/meta/recipes-graphics/vulkan/vulkan-headers_1.2.170.0.bb @@ -9,7 +9,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Headers.git;branch=master;protocol=https" SRCREV = "1d99b835ec3cd5a7fb2f2a2dd9a615ee2d1f0101" diff --git a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb index 6b6ed06dbb..a866f0a5cb 100644 --- a/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb +++ b/meta/recipes-graphics/vulkan/vulkan-loader_1.2.170.0.bb @@ -9,7 +9,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=7dbefed23242760aa3475ee42801c5ac" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git \ +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Loader.git;branch=master;protocol=https \ " SRCREV = "c5678a03db383fd0dc5bfb8e9a383043bdbcb57b" diff --git a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb index b7c38f6543..07d6e9d735 100644 --- a/meta/recipes-graphics/vulkan/vulkan-samples_git.bb +++ b/meta/recipes-graphics/vulkan/vulkan-samples_git.bb @@ -5,7 +5,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=48aa35cefb768436223a6e7f18dc2a2a" -SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git \ +SRC_URI = "gitsm://github.com/KhronosGroup/Vulkan-Samples.git;branch=master;protocol=https \ file://0001-CMakeLists.txt-do-not-hardcode-lib-as-installation-t.patch \ file://debugfix.patch \ " diff --git a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb index 0c8bcaa085..d81dc14472 100644 --- a/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb +++ b/meta/recipes-graphics/vulkan/vulkan-tools_1.2.170.0.bb @@ -6,7 +6,7 @@ SECTION = "libs" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=3b83ef96387f14655fc854ddc3c6bd57" -SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170" +SRC_URI = "git://github.com/KhronosGroup/Vulkan-Tools.git;branch=sdk-1.2.170;protocol=https" SRCREV = "88ea55de928a08ba5c5f65a93d1e7c8f666fc43f" S = "${WORKDIR}/git" diff --git a/meta/recipes-graphics/waffle/waffle_1.6.1.bb b/meta/recipes-graphics/waffle/waffle_1.6.1.bb index 07d7279c2b..5e5b227a40 100644 --- a/meta/recipes-graphics/waffle/waffle_1.6.1.bb +++ b/meta/recipes-graphics/waffle/waffle_1.6.1.bb @@ -3,17 +3,15 @@ DESCRIPTION = "A cross-platform C library that allows one to defer selection \ of an OpenGL API and window system until runtime. For example, on Linux, Waffle \ enables an application to select X11/EGL with an OpenGL 3.3 core profile, \ Wayland with OpenGL ES2, and other window system / API combinations." -HOMEPAGE = "http://www.waffle-gl.org/" +HOMEPAGE = "https://gitlab.freedesktop.org/mesa/waffle" BUGTRACKER = "https://gitlab.freedesktop.org/mesa/waffle" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=4c5154407c2490750dd461c50ad94797 \ file://include/waffle/waffle.h;endline=24;md5=61dbf8697f61c78645e75a93c585b1bf" -SRC_URI = "http://waffle-gl.org/files/release/${BPN}-${PV}/${BPN}-${PV}.tar.xz" -SRC_URI[md5sum] = "c91529e579483f44fb330052872b9c73" -SRC_URI[sha256sum] = "31565649ff0e2d8dff1b8f7f2264ab7a78452063c7e04adfc4ce03e64b655080" - -UPSTREAM_CHECK_URI = "http://www.waffle-gl.org/releases.html" +SRC_URI = "git://gitlab.freedesktop.org/mesa/waffle.git;protocol=https;branch=maint-1.6" +SRCREV = "d7e8c4759704b3c571fa3697c716279c26fd05eb" +S = "${WORKDIR}/git" inherit meson features_check lib_package bash-completion diff --git a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb index 3fb78f658c..35a46dbb08 100644 --- a/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb +++ b/meta/recipes-graphics/wayland/wayland-protocols_1.20.bb @@ -20,3 +20,7 @@ inherit allarch autotools pkgconfig PACKAGES = "${PN}" FILES_${PN} += "${datadir}/pkgconfig/wayland-protocols.pc" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb index d2a16643fe..e524b82dd6 100644 --- a/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb +++ b/meta/recipes-graphics/xinput-calibrator/xinput-calibrator_git.bb @@ -12,7 +12,7 @@ inherit autotools pkgconfig features_check REQUIRED_DISTRO_FEATURES = "x11" SRCREV = "18ec53f1cada39f905614ebfaffed5c7754ecf46" -SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput \ +SRC_URI = "git://github.com/kreijack/xinput_calibrator.git;branch=libinput;protocol=https \ file://30xinput_calibrate.sh \ file://Allow-xinput_calibrator_pointercal.sh-to-be-run-as-n.patch \ file://0001-calibrator.hh-Include-string-to-get-std-string.patch \ diff --git a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb index 161371b118..73c0cdc385 100644 --- a/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb +++ b/meta/recipes-graphics/xorg-driver/xf86-video-intel_git.bb @@ -13,7 +13,7 @@ SRCREV = "f66d39544bb8339130c96d282a80f87ca1606caf" PV = "2.99.917+git${SRCPV}" S = "${WORKDIR}/git" -SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel \ +SRC_URI = "git://anongit.freedesktop.org/xorg/driver/xf86-video-intel;branch=master \ file://0001-Sync-i915_pciids-upto-8717c6b7414f.patch \ file://0001-i810-Avoid-duplicate-definition-of-I810PatternROP.patch \ " diff --git a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb index 713fcfb935..02c8cff25d 100644 --- a/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb +++ b/meta/recipes-graphics/xorg-font/encodings_1.0.5.bb @@ -23,3 +23,7 @@ EXTRA_OECONF += "--with-encodingsdir=${datadir}/fonts/X11/encodings" # postinst from .inc doesn't apply to this recipe pkg_postinst_${PN} () { } + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc index b3e03744c0..d83cb94317 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg.inc @@ -17,7 +17,15 @@ PE = "2" XORG_PN = "xorg-server" SRC_URI = "${XORG_MIRROR}/individual/xserver/${XORG_PN}-${PV}.tar.bz2" -CVE_PRODUCT = "xorg-server" +CVE_PRODUCT = "xorg-server x_server" +# This is specific to Debian's xserver-wrapper.c +CVE_CHECK_WHITELIST += "CVE-2011-4613" +# As per upstream, exploiting this flaw is non-trivial and it requires exact +# timing on the behalf of the attacker. Many graphical applications exit if their +# connection to the X server is lost, so a typical desktop session is either +# impossible or difficult to exploit. There is currently no upstream patch +# available for this flaw. +CVE_CHECK_WHITELIST += "CVE-2020-25697" S = "${WORKDIR}/${XORG_PN}-${PV}" diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch new file mode 100644 index 0000000000..3277be0185 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4008.patch @@ -0,0 +1,59 @@ +Backport patch to fix CVE-2021-4008. + +CVE: CVE-2021-4008 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/ebce7e2] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From ebce7e2d80e7c80e1dda60f2f0bc886f1106ba60 Mon Sep 17 00:00:00 2001 +From: Povilas Kanapickas <povilas@radix.lt> +Date: Tue, 14 Dec 2021 15:00:03 +0200 +Subject: [PATCH] render: Fix out of bounds access in + SProcRenderCompositeGlyphs() + +ZDI-CAN-14192, CVE-2021-4008 + +This vulnerability was discovered and the fix was suggested by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Povilas Kanapickas <povilas@radix.lt> +--- + render/render.c | 9 +++++++++ + 1 file changed, 9 insertions(+) + +diff --git a/render/render.c b/render/render.c +index c376090ca..456f156d4 100644 +--- a/render/render.c ++++ b/render/render.c +@@ -2309,6 +2309,9 @@ SProcRenderCompositeGlyphs(ClientPtr client) + + i = elt->len; + if (i == 0xff) { ++ if (buffer + 4 > end) { ++ return BadLength; ++ } + swapl((int *) buffer); + buffer += 4; + } +@@ -2319,12 +2322,18 @@ SProcRenderCompositeGlyphs(ClientPtr client) + buffer += i; + break; + case 2: ++ if (buffer + i * 2 > end) { ++ return BadLength; ++ } + while (i--) { + swaps((short *) buffer); + buffer += 2; + } + break; + case 4: ++ if (buffer + i * 4 > end) { ++ return BadLength; ++ } + while (i--) { + swapl((int *) buffer); + buffer += 4; +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch new file mode 100644 index 0000000000..ddfbb43ee4 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4009.patch @@ -0,0 +1,50 @@ +Backport patch to fix CVE-2021-4009. + +CVE: CVE-2021-4009 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/b519675] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From b5196750099ae6ae582e1f46bd0a6dad29550e02 Mon Sep 17 00:00:00 2001 +From: Povilas Kanapickas <povilas@radix.lt> +Date: Tue, 14 Dec 2021 15:00:01 +0200 +Subject: [PATCH] xfixes: Fix out of bounds access in + *ProcXFixesCreatePointerBarrier() + +ZDI-CAN-14950, CVE-2021-4009 + +This vulnerability was discovered and the fix was suggested by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Povilas Kanapickas <povilas@radix.lt> +--- + xfixes/cursor.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/xfixes/cursor.c b/xfixes/cursor.c +index 60580b88f..c5d4554b2 100644 +--- a/xfixes/cursor.c ++++ b/xfixes/cursor.c +@@ -1010,7 +1010,8 @@ ProcXFixesCreatePointerBarrier(ClientPtr client) + { + REQUEST(xXFixesCreatePointerBarrierReq); + +- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices)); ++ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, ++ pad_to_int32(stuff->num_devices * sizeof(CARD16))); + LEGAL_NEW_RESOURCE(stuff->barrier, client); + + return XICreatePointerBarrier(client, stuff); +@@ -1027,7 +1028,8 @@ SProcXFixesCreatePointerBarrier(ClientPtr client) + + swaps(&stuff->length); + swaps(&stuff->num_devices); +- REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, pad_to_int32(stuff->num_devices)); ++ REQUEST_FIXED_SIZE(xXFixesCreatePointerBarrierReq, ++ pad_to_int32(stuff->num_devices * sizeof(CARD16))); + + swapl(&stuff->barrier); + swapl(&stuff->window); +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch new file mode 100644 index 0000000000..06ebe7d077 --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4010.patch @@ -0,0 +1,39 @@ +Backport patch to fix CVE-2021-4010. + +CVE: CVE-2021-4010 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c4c530] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 6c4c53010772e3cb4cb8acd54950c8eec9c00d21 Mon Sep 17 00:00:00 2001 +From: Povilas Kanapickas <povilas@radix.lt> +Date: Tue, 14 Dec 2021 15:00:02 +0200 +Subject: [PATCH] Xext: Fix out of bounds access in SProcScreenSaverSuspend() + +ZDI-CAN-14951, CVE-2021-4010 + +This vulnerability was discovered and the fix was suggested by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Povilas Kanapickas <povilas@radix.lt> +--- + Xext/saver.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/Xext/saver.c b/Xext/saver.c +index 1d7e3cadf..f813ba08d 100644 +--- a/Xext/saver.c ++++ b/Xext/saver.c +@@ -1351,8 +1351,8 @@ SProcScreenSaverSuspend(ClientPtr client) + REQUEST(xScreenSaverSuspendReq); + + swaps(&stuff->length); +- swapl(&stuff->suspend); + REQUEST_SIZE_MATCH(xScreenSaverSuspendReq); ++ swapl(&stuff->suspend); + return ProcScreenSaverSuspend(client); + } + +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch new file mode 100644 index 0000000000..c7eb03091d --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2021-4011.patch @@ -0,0 +1,40 @@ +Backport patch to fix CVE-2021-4011. + +CVE: CVE-2021-4011 +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/e56f61c] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From e56f61c79fc3cee26d83cda0f84ae56d5979f768 Mon Sep 17 00:00:00 2001 +From: Povilas Kanapickas <povilas@radix.lt> +Date: Tue, 14 Dec 2021 15:00:00 +0200 +Subject: [PATCH] record: Fix out of bounds access in SwapCreateRegister() + +ZDI-CAN-14952, CVE-2021-4011 + +This vulnerability was discovered and the fix was suggested by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Povilas Kanapickas <povilas@radix.lt> +--- + record/record.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/record/record.c b/record/record.c +index be154525d..e123867a7 100644 +--- a/record/record.c ++++ b/record/record.c +@@ -2516,8 +2516,8 @@ SwapCreateRegister(ClientPtr client, xRecordRegisterClientsReq * stuff) + swapl(pClientID); + } + if (stuff->nRanges > +- client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq) +- - stuff->nClients) ++ (client->req_len - bytes_to_int32(sz_xRecordRegisterClientsReq) ++ - stuff->nClients) / bytes_to_int32(sz_xRecordRange)) + return BadLength; + RecordSwapRanges((xRecordRange *) pClientID, stuff->nRanges); + return Success; +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb index e0551fa999..58f1eb328e 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_1.20.10.bb @@ -9,6 +9,10 @@ SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.pat file://0001-Fix-segfault-on-probing-a-non-PCI-platform-device-on.patch \ file://CVE-2021-3472.patch \ file://0001-hw-xwayland-Makefile.am-fix-build-without-glx.patch \ + file://CVE-2021-4008.patch \ + file://CVE-2021-4009.patch \ + file://CVE-2021-4010.patch \ + file://CVE-2021-4011.patch \ " SRC_URI[sha256sum] = "977420c082450dc808de301ef56af4856d653eea71519a973c3490a780cb7c99" diff --git a/meta/recipes-kernel/blktrace/blktrace_git.bb b/meta/recipes-kernel/blktrace/blktrace_git.bb index 7ccc022b93..2110bc75fa 100644 --- a/meta/recipes-kernel/blktrace/blktrace_git.bb +++ b/meta/recipes-kernel/blktrace/blktrace_git.bb @@ -14,7 +14,7 @@ SRCREV = "cca113f2fe0759b91fd6a0e10fdcda2c28f18a7e" PV = "1.2.0+git${SRCPV}" -SRC_URI = "git://git.kernel.dk/blktrace.git \ +SRC_URI = "git://git.kernel.dk/blktrace.git;branch=master \ file://ldflags.patch \ file://CVE-2018-10689.patch \ file://make-btt-scripts-python3-ready.patch \ diff --git a/meta/recipes-kernel/cryptodev/cryptodev.inc b/meta/recipes-kernel/cryptodev/cryptodev.inc index ae2c308911..6ada0b0295 100644 --- a/meta/recipes-kernel/cryptodev/cryptodev.inc +++ b/meta/recipes-kernel/cryptodev/cryptodev.inc @@ -8,7 +8,7 @@ API is compatible with OpenBSD's cryptodev userspace API (/dev/crypto)." LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux \ +SRC_URI = "git://github.com/cryptodev-linux/cryptodev-linux;branch=master;protocol=https \ " SRCREV = "e0c25e289d6baf1d83c2b9cb523d3bc237d0c0c9" diff --git a/meta/recipes-kernel/dtc/dtc.inc b/meta/recipes-kernel/dtc/dtc.inc index 5da6c24fbf..461ab8fbd3 100644 --- a/meta/recipes-kernel/dtc/dtc.inc +++ b/meta/recipes-kernel/dtc/dtc.inc @@ -5,7 +5,7 @@ SECTION = "bootloader" LICENSE = "GPLv2 | BSD" DEPENDS = "flex-native bison-native" -SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/dtc/dtc.git;branch=master \ file://make_install.patch \ file://0001-dtc-Fix-Makefile-to-add-CFLAGS-not-override.patch \ " diff --git a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb index e967f485c1..ef035aed23 100644 --- a/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb +++ b/meta/recipes-kernel/kern-tools/kern-tools-native_git.bb @@ -14,7 +14,7 @@ PV = "0.2+git${SRCPV}" inherit native -SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git" +SRC_URI = "git://git.yoctoproject.org/yocto-kernel-tools.git;branch=master" S = "${WORKDIR}/git" UPSTREAM_CHECK_COMMITS = "1" diff --git a/meta/recipes-kernel/kmod/kmod.inc b/meta/recipes-kernel/kmod/kmod.inc index ba5ec7f650..11220c5138 100644 --- a/meta/recipes-kernel/kmod/kmod.inc +++ b/meta/recipes-kernel/kmod/kmod.inc @@ -19,7 +19,7 @@ SRCREV = "1ccfe994287119cc6cef37a7ca4c529d89de4b95" # Lookout for PV bump too when SRCREV is changed PV = "28" -SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git \ +SRC_URI = "git://git.kernel.org/pub/scm/utils/kernel/kmod/kmod.git;branch=master \ file://depmod-search.conf \ file://avoid_parallel_tests.patch \ " diff --git a/meta/recipes-kernel/linux-firmware/linux-firmware_20210818.bb b/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb index 7f6db18b69..7a6cb1903b 100644 --- a/meta/recipes-kernel/linux-firmware/linux-firmware_20210818.bb +++ b/meta/recipes-kernel/linux-firmware/linux-firmware_20220310.bb @@ -72,7 +72,7 @@ LICENSE = "\ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.adsp_sst;md5=615c45b91a5a4a9fe046d6ab9a2df728 \ file://LICENCE.agere;md5=af0133de6b4a9b2522defd5f188afd31 \ - file://LICENSE.amdgpu;md5=d357524f5099e2a3db3c1838921c593f \ + file://LICENSE.amdgpu;md5=44c1166d052226cb2d6c8d7400090203 \ file://LICENSE.amd-ucode;md5=3c5399dc9148d7f0e1f41e34b69cf14f \ file://LICENSE.amlogic_vdec;md5=dc44f59bf64a81643e500ad3f39a468a \ file://LICENCE.atheros_firmware;md5=30a14c7823beedac9fa39c64fdd01a13 \ @@ -132,7 +132,7 @@ LIC_FILES_CHKSUM = "file://LICENCE.Abilis;md5=b5ee3f410780e56711ad48eadc22b8bc \ file://LICENCE.xc4000;md5=0ff51d2dc49fce04814c9155081092f0 \ file://LICENCE.xc5000;md5=1e170c13175323c32c7f4d0998d53f66 \ file://LICENCE.xc5000c;md5=12b02efa3049db65d524aeb418dd87ca \ - file://WHENCE;md5=15ad289bf2359e8ecf613f3b04f72fab \ + file://WHENCE;md5=45a9c4a92d152e9495db81e1192f2bdc \ " # These are not common licenses, set NO_GENERIC_LICENSE for them @@ -205,7 +205,7 @@ PE = "1" SRC_URI = "${KERNELORG_MIRROR}/linux/kernel/firmware/${BPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "bef3d317c348d962b3a1b95cb4e19ea4f282e18112b2c669cff74f9267ce3893" +SRC_URI[sha256sum] = "5938ee717b2023b48f6bfcf344b40ddc947e3e22c0bc36d4c3418f90fea68182" inherit allarch @@ -751,6 +751,7 @@ FILES_${PN}-bcm4356-pcie = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4356-pc FILES_${PN}-bcm4373 = "${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.bin \ ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373.bin \ ${nonarch_base_libdir}/firmware/cypress/cyfmac4373-sdio.bin \ + ${nonarch_base_libdir}/firmware/brcm/brcmfmac4373-sdio.clm_blob \ " LICENSE_${PN}-bcm-0bb4-0306 = "Firmware-cypress" diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb index a27c67be1a..50e6a9f1e2 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.10.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "31e2870ebfd892708e8c5f3aced96565e2456ed9" -SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6" +SRCREV_machine ?= "7f96d3fd60eea0ab38afdf07b3fc7c8c9f501802" +SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.10.63" +LINUX_VERSION ?= "5.10.107" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" diff --git a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb index 7589d8ee1a..2134f848b2 100644 --- a/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-rt_5.4.bb @@ -11,13 +11,13 @@ python () { raise bb.parse.SkipRecipe("Set PREFERRED_PROVIDER_virtual/kernel to linux-yocto-rt to enable it") } -SRCREV_machine ?= "7f67141bca949eff8953f965c26475286d1a20cf" -SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a" +SRCREV_machine ?= "40423bc7ab2cc609f955a3dc16a0d854c1504ce3" +SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb" SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;branch=${KBRANCH};name=machine \ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" -LINUX_VERSION ?= "5.4.144" +LINUX_VERSION ?= "5.4.178" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb index fc6accac39..8f22c89165 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.10.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.10.63" +LINUX_VERSION ?= "5.10.107" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine_qemuarm ?= "96ec3026283d29493f757a077f9c51e6d698c634" -SRCREV_machine ?= "29ff88e6cdf170fbf71e27de32c09e4f6db95078" -SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6" +SRCREV_machine_qemuarm ?= "d47f1b40f2f77d0c810defd853c69eb39cb84bf5" +SRCREV_machine ?= "1ae0844c6a36151066744e43fd30db3a946bc21d" +SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb index 5ee1d359b2..35177d4f6c 100644 --- a/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto-tiny_5.4.bb @@ -6,7 +6,7 @@ KCONFIG_MODE = "--allnoconfig" require recipes-kernel/linux/linux-yocto.inc -LINUX_VERSION ?= "5.4.144" +LINUX_VERSION ?= "5.4.178" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" @@ -15,9 +15,9 @@ DEPENDS += "openssl-native util-linux-native" KMETA = "kernel-meta" KCONF_BSP_AUDIT_LEVEL = "2" -SRCREV_machine_qemuarm ?= "08336ce8b4ebc2b21c28488c85098c6816f3d99f" -SRCREV_machine ?= "8220749d3e8643091b118d93a857333e2c91a1eb" -SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a" +SRCREV_machine_qemuarm ?= "f6e09845d8bf3c307da395497b21c1ff17ef575c" +SRCREV_machine ?= "a7ba52065be4401b5d73b6b020770f7d260b7bf1" +SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.10.bb b/meta/recipes-kernel/linux/linux-yocto_5.10.bb index 49f9ef95d8..5ce504812f 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.10.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.10.bb @@ -13,17 +13,17 @@ KBRANCH_qemux86 ?= "v5.10/standard/base" KBRANCH_qemux86-64 ?= "v5.10/standard/base" KBRANCH_qemumips64 ?= "v5.10/standard/mti-malta64" -SRCREV_machine_qemuarm ?= "36e0cc294f77cf72b01a1f9ea62bb13d1ab0693e" -SRCREV_machine_qemuarm64 ?= "a1c9c936088b6cf4ec56f5180672d6f0e8e3b955" -SRCREV_machine_qemumips ?= "4962920baaee3235448b48e992a3da0259dcfa57" -SRCREV_machine_qemuppc ?= "57b30ad7f8a6c3be0ad8eac742476da3f97c23f3" -SRCREV_machine_qemuriscv64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_machine_qemuriscv32 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_machine_qemux86 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_machine_qemux86-64 ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_machine_qemumips64 ?= "a615aa60bc10bea5262f2d65da7ddff4ba32146e" -SRCREV_machine ?= "164ed895bc1e94722e80fe6496b176f6bb815cd4" -SRCREV_meta ?= "bce2813b162bb472c137fb503951295a931c25b6" +SRCREV_machine_qemuarm ?= "2ef8231651bb6a4c79b307f59a794b92238546ec" +SRCREV_machine_qemuarm64 ?= "00684b441f15d202c5849eed164a9b3b94a5c1e8" +SRCREV_machine_qemumips ?= "661a4f517906253e074fe301d68ff1e6b6968e9f" +SRCREV_machine_qemuppc ?= "bff933cb7a11019c64e6034c48ab79453f75b99e" +SRCREV_machine_qemuriscv64 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27" +SRCREV_machine_qemuriscv32 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27" +SRCREV_machine_qemux86 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27" +SRCREV_machine_qemux86-64 ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27" +SRCREV_machine_qemumips64 ?= "7a89b456542ff1fa0ab71fa4a2ae6f04281f3a2d" +SRCREV_machine ?= "763c0dbc0458ebcb1d06afe2f324925f0f61bd27" +SRCREV_meta ?= "24ab54209a8822aad92afe2c51ea5b95f5175394" # remap qemuarm to qemuarma15 for the 5.8 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -32,11 +32,11 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.10;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46" -LINUX_VERSION ?= "5.10.63" +LINUX_VERSION ?= "5.10.107" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" -DEPENDS += "gmp-native" +DEPENDS += "gmp-native libmpc-native" PV = "${LINUX_VERSION}+git${SRCPV}" diff --git a/meta/recipes-kernel/linux/linux-yocto_5.4.bb b/meta/recipes-kernel/linux/linux-yocto_5.4.bb index b600211bde..ae9dbca3af 100644 --- a/meta/recipes-kernel/linux/linux-yocto_5.4.bb +++ b/meta/recipes-kernel/linux/linux-yocto_5.4.bb @@ -12,16 +12,16 @@ KBRANCH_qemux86 ?= "v5.4/standard/base" KBRANCH_qemux86-64 ?= "v5.4/standard/base" KBRANCH_qemumips64 ?= "v5.4/standard/mti-malta64" -SRCREV_machine_qemuarm ?= "78a2f9d323a755a34cdc96af4bcf61ffd32a3db0" -SRCREV_machine_qemuarm64 ?= "aa6ec6934e35c8b0948f6b7c9bdbdef45d72be35" -SRCREV_machine_qemumips ?= "a892524441b30e5e8c491e22e36e3473fc6a0fe0" -SRCREV_machine_qemuppc ?= "784ca7c7837811123b5bd97cde964e45fbf5179b" -SRCREV_machine_qemuriscv64 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120" -SRCREV_machine_qemux86 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120" -SRCREV_machine_qemux86-64 ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120" -SRCREV_machine_qemumips64 ?= "d765ea7455bf978a9a86e8e90e032336b0baf887" -SRCREV_machine ?= "e3134debcf01f0aa20103e22fe2ef5fc7c201120" -SRCREV_meta ?= "e4ccb53f204f722583178a9249fbf5d745f0d56a" +SRCREV_machine_qemuarm ?= "b3ee7c62bf5a5ce3c7e30aff6c3dd9f70a847a28" +SRCREV_machine_qemuarm64 ?= "bf6581eba15cb43af60fda7053edaf66990c18ac" +SRCREV_machine_qemumips ?= "05580fff716df568dc3f737b288e0e514a908572" +SRCREV_machine_qemuppc ?= "0a016b0775980f67d686e47cc8637adec46856dc" +SRCREV_machine_qemuriscv64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064" +SRCREV_machine_qemux86 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064" +SRCREV_machine_qemux86-64 ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064" +SRCREV_machine_qemumips64 ?= "68f35eeca08d2a681495fd3a7b823ac34d9a97bc" +SRCREV_machine ?= "e2020dbe2ccaef50d7e8f37a5bf08c68a006a064" +SRCREV_meta ?= "e8c675c7e11fbd96cd812dfb9f4f6fb6f92b6abb" # remap qemuarm to qemuarma15 for the 5.4 kernel # KMACHINE_qemuarm ?= "qemuarma15" @@ -30,7 +30,7 @@ SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRA git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.4;destsuffix=${KMETA}" LIC_FILES_CHKSUM = "file://COPYING;md5=bbea815ee2795b2f4230826c0c6b8814" -LINUX_VERSION ?= "5.4.144" +LINUX_VERSION ?= "5.4.178" DEPENDS += "${@bb.utils.contains('ARCH', 'x86', 'elfutils-native', '', d)}" DEPENDS += "openssl-native util-linux-native" diff --git a/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb b/meta/recipes-kernel/lttng/lttng-modules_2.12.8.bb index 1dff2b05f7..eff97f27af 100644 --- a/meta/recipes-kernel/lttng/lttng-modules_2.12.6.bb +++ b/meta/recipes-kernel/lttng/lttng-modules_2.12.8.bb @@ -13,7 +13,7 @@ SRC_URI = "https://lttng.org/files/${BPN}/${BPN}-${PV}.tar.bz2 \ file://Makefile-Do-not-fail-if-CONFIG_TRACEPOINTS-is-not-en.patch \ " -SRC_URI[sha256sum] = "95ac2a2cf92d85d23ffbdaca6a1ec0d7c167211d1e0fb850ab90004a3f475eaa" +SRC_URI[sha256sum] = "1302005a982fd4a15cc4843866971008546939f65660023d7762aa046d4b9213" export INSTALL_MOD_DIR="kernel/lttng-modules" diff --git a/meta/recipes-kernel/powertop/powertop_2.13.bb b/meta/recipes-kernel/powertop/powertop_2.13.bb index 8c7e78fd94..dc9c77f337 100644 --- a/meta/recipes-kernel/powertop/powertop_2.13.bb +++ b/meta/recipes-kernel/powertop/powertop_2.13.bb @@ -6,7 +6,7 @@ DEPENDS = "ncurses libnl pciutils autoconf-archive" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=12f884d2ae1ff87c09e5b7ccc2c4ca7e" -SRC_URI = "git://github.com/fenrus75/powertop;protocol=https \ +SRC_URI = "git://github.com/fenrus75/powertop;protocol=https;branch=master \ file://0001-wakeup_xxx.h-include-limits.h.patch \ " SRCREV = "184cee06b2d64679bae5f806fe0a218827fdde99" diff --git a/meta/recipes-kernel/systemtap/systemtap_git.inc b/meta/recipes-kernel/systemtap/systemtap_git.inc index 73fba981b7..38bdbe3cfb 100644 --- a/meta/recipes-kernel/systemtap/systemtap_git.inc +++ b/meta/recipes-kernel/systemtap/systemtap_git.inc @@ -3,7 +3,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRCREV = "988f439af39a359b4387963ca4633649866d8275" PV = "4.4" -SRC_URI = "git://sourceware.org/git/systemtap.git \ +SRC_URI = "git://sourceware.org/git/systemtap.git;branch=master \ file://0001-Do-not-let-configure-write-a-python-location-into-th.patch \ file://0001-Install-python-modules-to-correct-library-dir.patch \ file://0001-staprun-stapbpf-don-t-support-installing-a-non-root.patch \ diff --git a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb index f79c0b29ea..2d7e5dad9d 100644 --- a/meta/recipes-kernel/wireless-regdb/wireless-regdb_2021.04.21.bb +++ b/meta/recipes-kernel/wireless-regdb/wireless-regdb_2022.02.18.bb @@ -5,7 +5,7 @@ LICENSE = "ISC" LIC_FILES_CHKSUM = "file://LICENSE;md5=07c4f6dea3845b02a18dc00c8c87699c" SRC_URI = "https://www.kernel.org/pub/software/network/${BPN}/${BP}.tar.xz" -SRC_URI[sha256sum] = "9e4c02b2a9710df4dbdb327c39612e8cbbae6495987afeddaebab28c1ea3d8fa" +SRC_URI[sha256sum] = "8828c25a4ee25020044004f57374bb9deac852809fad70f8d3d01770bf9ac97f" inherit bin_package allarch @@ -41,3 +41,7 @@ do_install_append_class-native() { RSUGGESTS_${PN} = "crda" BBCLASSEXTEND = "native" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb index 26542fbbbc..0d4a30a304 100644 --- a/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb +++ b/meta/recipes-multimedia/alsa/alsa-topology-conf_1.2.4.bb @@ -20,3 +20,7 @@ do_install() { PACKAGES = "${PN}" FILES_${PN} = "*" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb index 32cf41c8fd..7787dad268 100644 --- a/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb +++ b/meta/recipes-multimedia/alsa/alsa-ucm-conf_1.2.4.bb @@ -21,3 +21,7 @@ do_install() { PACKAGES = "${PN}" FILES_${PN} = "*" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch new file mode 100644 index 0000000000..b48663ae42 --- /dev/null +++ b/meta/recipes-multimedia/flac/flac/CVE-2021-0561.patch @@ -0,0 +1,41 @@ +From e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be Mon Sep 17 00:00:00 2001 +From: Neelkamal Semwal <neelkamal.semwal@ittiam.com> +Date: Fri, 18 Dec 2020 22:28:36 +0530 +Subject: [PATCH] libFlac: Exit at EOS in verify mode + +When verify mode is enabled, once decoder flags end of stream, +encode processing is considered complete. + +CVE-2021-0561 + +Signed-off-by: Ralph Giles <giles@thaumas.net> + +Upstream-Status: Backport +CVE: CVE-2021-0561 + +Reference to upstream patch: +https://github.com/xiph/flac/commit/e1575e4a7c5157cbf4e4a16dbd39b74f7174c7be + +Signed-off-by: Li Wang <li.wang@windriver.com> +--- + src/libFLAC/stream_encoder.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/libFLAC/stream_encoder.c b/src/libFLAC/stream_encoder.c +index 74387ec..8bb0ef3 100644 +--- a/src/libFLAC/stream_encoder.c ++++ b/src/libFLAC/stream_encoder.c +@@ -2610,7 +2610,9 @@ FLAC__bool write_bitbuffer_(FLAC__StreamEncoder *encoder, uint32_t samples, FLAC + encoder->private_->verify.needs_magic_hack = true; + } + else { +- if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder)) { ++ if(!FLAC__stream_decoder_process_single(encoder->private_->verify.decoder) ++ || (!is_last_block ++ && (FLAC__stream_encoder_get_verify_decoder_state(encoder) == FLAC__STREAM_DECODER_END_OF_STREAM))) { + FLAC__bitwriter_release_buffer(encoder->private_->frame); + FLAC__bitwriter_clear(encoder->private_->frame); + if(encoder->protected_->state != FLAC__STREAM_ENCODER_VERIFY_MISMATCH_IN_AUDIO_DATA) +-- +2.23.0 + diff --git a/meta/recipes-multimedia/flac/flac_1.3.3.bb b/meta/recipes-multimedia/flac/flac_1.3.3.bb index cb6692aedf..d3c352cc44 100644 --- a/meta/recipes-multimedia/flac/flac_1.3.3.bb +++ b/meta/recipes-multimedia/flac/flac_1.3.3.bb @@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING.FDL;md5=ad1419ecc56e060eccf8184a87c4285f \ DEPENDS = "libogg" SRC_URI = "http://downloads.xiph.org/releases/flac/${BP}.tar.xz \ + file://CVE-2021-0561.patch \ " SRC_URI[md5sum] = "26703ed2858c1fc9ffc05136d13daa69" diff --git a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb index 2a56967f7b..258a0e899c 100644 --- a/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gst-devtools_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-devtools/gst-devtools-${PV} file://0001-connect-has-a-different-signature-on-musl.patch \ " -SRC_URI[sha256sum] = "ffbd194c40912cb5e7fca2863648bf9dd8257b7af97d3a60c4fcd4efd8526ccf" +SRC_URI[sha256sum] = "3725622c740a635452e54b79d065f963ab7706ca2403de6c43072ae7610a0de4" DEPENDS = "json-glib glib-2.0 glib-2.0-native gstreamer1.0 gstreamer1.0-plugins-base" RRECOMMENDS_${PN} = "git" diff --git a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb index 4670ab34db..5af43d1eda 100644 --- a/meta/recipes-multimedia/gstreamer/gst-examples_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gst-examples_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "git://gitlab.freedesktop.org/gstreamer/gst-examples.git;protocol=http file://gst-player.desktop \ " -SRCREV = "959bb246a5b1f5f9c78557da11c3f22b42ff89c0" +SRCREV = "70e4fcf4fc8ae19641aa990de5f37d758cdfcea4" S = "${WORKDIR}/git" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb index 6a84f92f31..6229bb4d62 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav_1.18.6.bb @@ -12,7 +12,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6762ed442b3822387a51c92d928ead0d \ " SRC_URI = "https://gstreamer.freedesktop.org/src/gst-libav/gst-libav-${PV}.tar.xz" -SRC_URI[sha256sum] = "344a463badca216c2cef6ee36f9510c190862bdee48dc4591c0a430df7e8c396" +SRC_URI[sha256sum] = "e4e50dcd5a29441ae34de60d2221057e8064ed824bb6ca4dc0fd9ee88fbe9b81" S = "${WORKDIR}/gst-libav-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb index d38be035f9..04b5dcc4f4 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-omx_1.18.6.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-omx/gst-omx-${PV}.tar.xz" -SRC_URI[sha256sum] = "e35051cf891eb2f31d6fcf176ff37d985f97f33874ac31b0b3ad3b5b95035043" +SRC_URI[sha256sum] = "b5281c938e959fd2418e989cfb6065fdd9fe5f6f87ee86236c9427166e708163" S = "${WORKDIR}/gst-omx-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb index ce2082ee32..63e3488e9e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-bad_1.18.6.bb @@ -11,7 +11,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-bad/gst-plugins-bad file://0004-opencv-resolve-missing-opencv-data-dir-in-yocto-buil.patch \ file://0005-msdk-fix-includedir-path.patch \ " -SRC_URI[sha256sum] = "74e806bc5595b18c70e9ca93571e27e79dfb808e5d2e7967afa952b52e99c85f" +SRC_URI[sha256sum] = "0b1b50ac6311f0c510248b6cd64d6d3c94369344828baa602db85ded5bc70ec9" S = "${WORKDIR}/gst-plugins-bad-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb index 728a99e08b..4e7fc62ec7 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.18.6.bb @@ -12,7 +12,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba file://0002-ssaparse-enhance-SSA-text-lines-parsing.patch \ file://0004-glimagesink-Downrank-to-marginal.patch \ " -SRC_URI[sha256sum] = "29e53229a84d01d722f6f6db13087231cdf6113dd85c25746b9b58c3d68e8323" +SRC_URI[sha256sum] = "56a9ff2fe9e6603b9e658cf6897d412a173d2180829fe01e92568549c6bd0f5b" S = "${WORKDIR}/gst-plugins-base-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch deleted file mode 100644 index 14a9fe23aa..0000000000 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good/0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch +++ /dev/null @@ -1,33 +0,0 @@ -From ec1949dffd931d0ec7e4f67108a08ab1e2af0cfe Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com> -Date: Tue, 16 Mar 2021 19:25:36 +0200 -Subject: [PATCH] rtpjitterbuffer: Fix parsing of the mediaclk:direct= field - -Due to an off-by-one when parsing the string, the most significant digit -or the clock offset was skipped when parsing the offset. - -Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/merge_requests/910> - -Upstream-Status: Backport [b5bb4ede3a42273fafc1054f9cf106ca527e3c26] - -Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> ---- - gst/rtpmanager/gstrtpjitterbuffer.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gst/rtpmanager/gstrtpjitterbuffer.c b/gst/rtpmanager/gstrtpjitterbuffer.c -index 60d8ad875..02fe15adc 100644 ---- a/gst/rtpmanager/gstrtpjitterbuffer.c -+++ b/gst/rtpmanager/gstrtpjitterbuffer.c -@@ -1534,7 +1534,7 @@ gst_jitter_buffer_sink_parse_caps (GstRtpJitterBuffer * jitterbuffer, - GST_DEBUG_OBJECT (jitterbuffer, "Got media clock %s", mediaclk); - - if (!g_str_has_prefix (mediaclk, "direct=") || -- !g_ascii_string_to_unsigned (&mediaclk[8], 10, 0, G_MAXUINT64, -+ !g_ascii_string_to_unsigned (&mediaclk[7], 10, 0, G_MAXUINT64, - &clock_offset, NULL)) - GST_FIXME_OBJECT (jitterbuffer, "Unsupported media clock"); - if (strstr (mediaclk, "rate=") != NULL) { --- -2.31.0 - diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb index 07cacdc68a..72ad8eff08 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-good_1.18.6.bb @@ -6,10 +6,9 @@ BUGTRACKER = "https://gitlab.freedesktop.org/gstreamer/gst-plugins-good/-/issues SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-good/gst-plugins-good-${PV}.tar.xz \ file://0001-qt-include-ext-qt-gstqtgl.h-instead-of-gst-gl-gstglf.patch \ - file://0002-rtpjitterbuffer-Fix-parsing-of-the-mediaclk-direct-f.patch \ " -SRC_URI[sha256sum] = "b6e50e3a9bbcd56ee6ec71c33aa8332cc9c926b0c1fae995aac8b3040ebe39b0" +SRC_URI[sha256sum] = "26723ac01fcb360ade1f41d168c7c322d8af4ceb7e55c8c12ed2690d06a76eed" S = "${WORKDIR}/gst-plugins-good-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb index 932fa7f6fb..4774a17c1e 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-ugly_1.18.6.bb @@ -13,7 +13,7 @@ LICENSE_FLAGS = "commercial" SRC_URI = " \ https://gstreamer.freedesktop.org/src/gst-plugins-ugly/gst-plugins-ugly-${PV}.tar.xz \ " -SRC_URI[sha256sum] = "218df0ce0d31e8ca9cdeb01a3b0c573172cc9c21bb3d41811c7820145623d13c" +SRC_URI[sha256sum] = "4969c409cb6a88317d2108b8577108e18623b2333d7b587ae3f39459c70e3a7f" S = "${WORKDIR}/gst-plugins-ugly-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb index 49de3dac84..1a3ae5dde6 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-python_1.18.6.bb @@ -8,7 +8,7 @@ LICENSE = "LGPLv2.1" LIC_FILES_CHKSUM = "file://COPYING;md5=c34deae4e395ca07e725ab0076a5f740" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "cb68e08a7e825e08b83a12a22dcd6e4f1b328a7b02a7ac84f42f68f4ddc7098e" +SRC_URI[sha256sum] = "bdc0ea22fbd7335ad9decc151561aacc53c51206a9735b81eac700ce5b0bbd4a" DEPENDS = "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" RDEPENDS_${PN} += "gstreamer1.0 gstreamer1.0-plugins-base python3-pygobject" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb index f7bfe98985..f105713f33 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-rtsp-server_1.18.6.bb @@ -10,7 +10,7 @@ PNREAL = "gst-rtsp-server" SRC_URI = "https://gstreamer.freedesktop.org/src/${PNREAL}/${PNREAL}-${PV}.tar.xz" -SRC_URI[sha256sum] = "a46bb8de40b971a048580279d2660e616796f871ad3ed00c8a95fe4d273a6c94" +SRC_URI[sha256sum] = "826f32afbcf94b823541efcac4a0dacdb62f6145ef58f363095749f440262be9" S = "${WORKDIR}/${PNREAL}-${PV}" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb index a268d79541..a604b5ebce 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-vaapi_1.18.6.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "https://gstreamer.freedesktop.org/src/${REALPN}/${REALPN}-${PV}.tar.xz" -SRC_URI[sha256sum] = "92db98af86f3150d429c9ab17e88d2364f9c07a140c8f445ed739e8f10252aea" +SRC_URI[sha256sum] = "ab6270f1e5e4546fbe6f5ea246d86ca3d196282eb863d46e6cdcc96f867449e0" S = "${WORKDIR}/${REALPN}-${PV}" DEPENDS = "libva gstreamer1.0 gstreamer1.0-plugins-base gstreamer1.0-plugins-bad" diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch index 96abef17b0..5121044734 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0/0002-Remove-unused-valgrind-detection.patch @@ -1,4 +1,4 @@ -From 598d108e2c438d8f2ecd3bf948fa3ebbd3681490 Mon Sep 17 00:00:00 2001 +From e275ba2bd854ac15a4b65a8f07d9f042021950da Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim-Philipp=20M=C3=BCller?= <tim@centricular.com> Date: Fri, 14 Aug 2020 16:38:26 +0100 Subject: [PATCH 2/3] Remove unused valgrind detection @@ -19,7 +19,7 @@ Signed-off-by: Jose Quaresma <quaresma.jose@gmail.com> 3 files changed, 42 deletions(-) diff --git a/gst/gst_private.h b/gst/gst_private.h -index eefd044d9..8252ede51 100644 +index eefd044..8252ede 100644 --- a/gst/gst_private.h +++ b/gst/gst_private.h @@ -116,8 +116,6 @@ G_GNUC_INTERNAL gboolean _priv_plugin_deps_env_vars_changed (GstPlugin * plugin @@ -32,12 +32,12 @@ index eefd044d9..8252ede51 100644 G_GNUC_INTERNAL void _priv_gst_quarks_initialize (void); G_GNUC_INTERNAL void _priv_gst_mini_object_initialize (void); diff --git a/gst/gstinfo.c b/gst/gstinfo.c -index 5d317877b..097f8b20d 100644 +index eea1a21..d3035d6 100644 --- a/gst/gstinfo.c +++ b/gst/gstinfo.c @@ -305,36 +305,6 @@ static gboolean pretty_tags = PRETTY_TAGS_DEFAULT; - static volatile gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT; - static volatile gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON; + static gint G_GNUC_MAY_ALIAS __default_level = GST_LEVEL_DEFAULT; + static gint G_GNUC_MAY_ALIAS __use_color = GST_DEBUG_COLOR_MODE_ON; -/* FIXME: export this? */ -gboolean @@ -82,7 +82,7 @@ index 5d317877b..097f8b20d 100644 env = g_getenv ("GST_DEBUG_OPTIONS"); if (env != NULL) { if (strstr (env, "full_tags") || strstr (env, "full-tags")) -@@ -2503,12 +2470,6 @@ gst_debug_construct_win_color (guint colorinfo) +@@ -2505,12 +2472,6 @@ gst_debug_construct_win_color (guint colorinfo) return 0; } @@ -96,7 +96,7 @@ index 5d317877b..097f8b20d 100644 _gst_debug_dump_mem (GstDebugCategory * cat, const gchar * file, const gchar * func, gint line, GObject * obj, const gchar * msg, diff --git a/meson.build b/meson.build -index ce1921aa4..7a84d0981 100644 +index 82a1728..42ae617 100644 --- a/meson.build +++ b/meson.build @@ -200,7 +200,6 @@ check_headers = [ diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb index 8562070968..82fb476a47 100644 --- a/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.4.bb +++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0_1.18.6.bb @@ -21,7 +21,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${PV}.tar.x file://0003-meson-Add-option-for-installed-tests.patch \ file://0001-tests-seek-Don-t-use-too-strict-timeout-for-validati.patch \ " -SRC_URI[sha256sum] = "9aeec99b38e310817012aa2d1d76573b787af47f8a725a65b833880a094dfbc5" +SRC_URI[sha256sum] = "4ec816010dd4d3a93cf470ad0a6f25315f52b204eb1d71dfa70ab8a1c3bd06e6" PACKAGECONFIG ??= "${@bb.utils.contains('PTEST_ENABLED', '1', 'tests', '', d)} \ check \ diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch new file mode 100644 index 0000000000..b0ff1a0885 --- /dev/null +++ b/meta/recipes-multimedia/libsndfile/libsndfile1/CVE-2021-4156.patch @@ -0,0 +1,32 @@ +From 5adbc377cd90aa40f0cd56ae325ca70065a8aa19 Mon Sep 17 00:00:00 2001 +From: Changqing Li <changqing.li@windriver.com> +Date: Thu, 13 Jan 2022 16:45:59 +0800 +Subject: [PATCH] flac: Fix improper buffer reusing + +CVE: CVE-2021-4156.patch +Upstream-Status: Backport [https://github.com/libsndfile/libsndfile/issues/731] + +Signed-off-by: Changqing Li <changqing.li@windriver.com> +--- + src/flac.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/flac.c b/src/flac.c +index 0be82ac..6548bba 100644 +--- a/src/flac.c ++++ b/src/flac.c +@@ -952,7 +952,11 @@ flac_read_loop (SF_PRIVATE *psf, unsigned len) + /* Decode some more. */ + while (pflac->pos < pflac->len) + { if (FLAC__stream_decoder_process_single (pflac->fsd) == 0) ++ { psf_log_printf (psf, "FLAC__stream_decoder_process_single returned false\n") ; ++ /* Current frame is busted, so NULL the pointer. */ ++ pflac->frame = NULL ; + break ; ++ } + state = FLAC__stream_decoder_get_state (pflac->fsd) ; + if (state >= FLAC__STREAM_DECODER_END_OF_STREAM) + { psf_log_printf (psf, "FLAC__stream_decoder_get_state returned %s\n", FLAC__StreamDecoderStateString [state]) ; +-- +2.17.1 + diff --git a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb index 044881a859..8eb007884e 100644 --- a/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb +++ b/meta/recipes-multimedia/libsndfile/libsndfile1_1.0.28.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.mega-nerd.com/libsndfile/files/libsndfile-${PV}.tar.gz \ file://CVE-2017-12562.patch \ file://CVE-2018-19758.patch \ file://CVE-2019-3832.patch \ + file://CVE-2021-4156.patch \ " SRC_URI[md5sum] = "646b5f98ce89ac60cdb060fcd398247c" diff --git a/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch new file mode 100644 index 0000000000..eb16e95ffc --- /dev/null +++ b/meta/recipes-multimedia/speex/speex/CVE-2020-23903.patch @@ -0,0 +1,30 @@ +Backport patch to fix CVE-2020-23903. + +CVE: CVE-2020-23903 +Upstream-Status: Backport [https://github.com/xiph/speex/commit/870ff84] + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 870ff845b32f314aec0036641ffe18aba4916887 Mon Sep 17 00:00:00 2001 +From: Tristan Matthews <tmatth@videolan.org> +Date: Mon, 13 Jul 2020 23:25:03 -0400 +Subject: [PATCH] wav_io: guard against invalid channel numbers + +Fixes #13 +--- + src/wav_io.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/wav_io.c b/src/wav_io.c +index b5183015..09d62eb0 100644 +--- a/src/wav_io.c ++++ b/src/wav_io.c +@@ -111,7 +111,7 @@ int read_wav_header(FILE *file, int *rate, int *channels, int *format, spx_int32 + stmp = le_short(stmp); + *channels = stmp; + +- if (stmp>2) ++ if (stmp>2 || stmp<1) + { + fprintf (stderr, "Only mono and (intensity) stereo supported\n"); + return -1; diff --git a/meta/recipes-multimedia/speex/speex_1.2.0.bb b/meta/recipes-multimedia/speex/speex_1.2.0.bb index 3a0911d6f8..ea475f0f1b 100644 --- a/meta/recipes-multimedia/speex/speex_1.2.0.bb +++ b/meta/recipes-multimedia/speex/speex_1.2.0.bb @@ -7,7 +7,9 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=314649d8ba9dd7045dfb6683f298d0a8 \ file://include/speex/speex.h;beginline=1;endline=34;md5=ef8c8ea4f7198d71cf3509c6ed05ea50" DEPENDS = "libogg speexdsp" -SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz" +SRC_URI = "http://downloads.xiph.org/releases/speex/speex-${PV}.tar.gz \ + file://CVE-2020-23903.patch \ + " UPSTREAM_CHECK_REGEX = "speex-(?P<pver>\d+(\.\d+)+)\.tar" SRC_URI[md5sum] = "8ab7bb2589110dfaf0ed7fa7757dc49c" diff --git a/meta/recipes-multimedia/x264/x264_git.bb b/meta/recipes-multimedia/x264/x264_git.bb index f95fb0c41e..448d632145 100644 --- a/meta/recipes-multimedia/x264/x264_git.bb +++ b/meta/recipes-multimedia/x264/x264_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" DEPENDS = "nasm-native" -SRC_URI = "git://github.com/mirror/x264;branch=stable \ +SRC_URI = "git://github.com/mirror/x264;branch=stable;protocol=https \ file://don-t-default-to-cortex-a9-with-neon.patch \ file://Fix-X32-build-by-disabling-asm.patch \ " diff --git a/meta/recipes-sato/l3afpad/l3afpad_git.bb b/meta/recipes-sato/l3afpad/l3afpad_git.bb index 85c2c500ea..4d5d299d47 100644 --- a/meta/recipes-sato/l3afpad/l3afpad_git.bb +++ b/meta/recipes-sato/l3afpad/l3afpad_git.bb @@ -16,7 +16,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c \ DEPENDS = "gtk+3 intltool-native gettext-native" PV = "0.8.18.1.11+git${SRCPV}" -SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git" +SRC_URI = "git://github.com/stevenhoneyman/l3afpad.git;branch=master;protocol=https" SRCREV ="3cdccdc9505643e50f8208171d9eee5de11a42ff" S = "${WORKDIR}/git" diff --git a/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb b/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb index 547e851c15..5733a36b12 100644 --- a/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb +++ b/meta/recipes-sato/matchbox-config-gtk/matchbox-config-gtk_0.2.bb @@ -11,7 +11,7 @@ RDEPENDS_${PN} = "settings-daemon" # SRCREV tagged 0.2 SRCREV = "ef2192ce98d9374ffdad5f78544c3f8f353c16aa" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://no-handed.patch" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" diff --git a/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb b/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb index d775b5c651..71fb238f43 100644 --- a/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb +++ b/meta/recipes-sato/matchbox-desktop/matchbox-desktop_2.2.bb @@ -13,7 +13,7 @@ SECTION = "x11/wm" # SRCREV tagged 2.2 SRCREV = "6bc67d09da4147e5552fe30011a05a2c59d2f777" -SRC_URI = "git://git.yoctoproject.org/${BPN}-2 \ +SRC_URI = "git://git.yoctoproject.org/${BPN}-2;branch=master \ file://vfolders/ \ " diff --git a/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb b/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb index c659964a2b..54fe578cd3 100644 --- a/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb +++ b/meta/recipes-sato/matchbox-panel-2/matchbox-panel-2_2.11.bb @@ -23,7 +23,7 @@ RPROVIDES_${PN} = "matchbox-panel" RREPLACES_${PN} = "matchbox-panel" RCONFLICTS_${PN} = "matchbox-panel" -SRC_URI = "git://git.yoctoproject.org/${BPN} \ +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master \ file://0001-applets-systray-Allow-icons-to-be-smaller.patch \ " diff --git a/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb b/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb index 9f00281dde..e2e81c2905 100644 --- a/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb +++ b/meta/recipes-sato/matchbox-terminal/matchbox-terminal_0.2.bb @@ -11,7 +11,7 @@ SECTION = "x11/utils" #SRCREV tagged 0.2 SRCREV = "161276d0f5d1be8187010fd0d9581a6feca70ea5" -SRC_URI = "git://git.yoctoproject.org/${BPN}" +SRC_URI = "git://git.yoctoproject.org/${BPN};branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb b/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb index 7a043d3447..bc4024736f 100644 --- a/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb +++ b/meta/recipes-sato/matchbox-theme-sato/matchbox-theme-sato_0.2.bb @@ -2,7 +2,7 @@ require matchbox-theme-sato.inc # SRCREV tagged 0.2 SRCREV = "df085ba9cdaeaf2956890b0e29d7ea1779bf6c78" -SRC_URI = "git://git.yoctoproject.org/matchbox-sato" +SRC_URI = "git://git.yoctoproject.org/matchbox-sato;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb b/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb index e27339fb46..cfba2074f4 100644 --- a/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb +++ b/meta/recipes-sato/pulseaudio-sato/pulseaudio-client-conf-sato_1.bb @@ -15,3 +15,7 @@ do_install() { FILES_${PN} = "${sysconfdir}/pulse/client.conf.d/50-sato.conf" CONFFILES_${PN} = "${sysconfdir}/pulse/client.conf.d/50-sato.conf" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb index 2b1f513f1c..7e7612253d 100644 --- a/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb +++ b/meta/recipes-sato/sato-screenshot/sato-screenshot_0.3.bb @@ -11,7 +11,7 @@ DEPENDS = "matchbox-panel-2 gtk+3" # SRCREV tagged 0.3 SRCREV = "9250fa5a012d84ff45984e8c4345ee7635227756" -SRC_URI = "git://git.yoctoproject.org/screenshot" +SRC_URI = "git://git.yoctoproject.org/screenshot;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+)+))" S = "${WORKDIR}/git" diff --git a/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb b/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb index d01177f9b9..19c4a73dc3 100644 --- a/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb +++ b/meta/recipes-sato/settings-daemon/settings-daemon_0.0.2.bb @@ -9,7 +9,7 @@ SECTION = "x11" # SRCREV tagged 0.0.2 SRCREV = "b2e5da502f8c5ff75e9e6da771372ef8e40fd9a2" -SRC_URI = "git://git.yoctoproject.org/xsettings-daemon \ +SRC_URI = "git://git.yoctoproject.org/xsettings-daemon;branch=master \ file://addsoundkeys.patch \ file://70settings-daemon.sh \ " diff --git a/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb b/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb index 28d5096023..08d3c3fe19 100644 --- a/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb +++ b/meta/recipes-sato/shutdown-desktop/shutdown-desktop.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://${COREBASE}/meta/COPYING.MIT;md5=3da9cfbcb788c80a0384 SRC_URI = "file://shutdown.desktop" -PR = "r1" +PR = "r2" S = "${WORKDIR}" @@ -22,3 +22,6 @@ pkg_postinst_${PN} () { } inherit allarch + +# remove at next version upgrade or when output changes +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch b/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch new file mode 100644 index 0000000000..1d012271cb --- /dev/null +++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2021-42762.patch @@ -0,0 +1,468 @@ +Backport and rebase patch to fix CVE-2021-42762 for webkitgtk 2.30.5. + +CVE: CVE-2021-42762 +Upstream-Status: Backport [https://trac.webkit.org/changeset/284451/webkit] + +Ref: +* https://bugs.webkit.org/show_bug.cgi?id=231479#c8 + +Signed-off-by: Kai Kang <kai.kang@windriver.com> + +From 035ac439855c7bef0a4525897f783121e4a6055c Mon Sep 17 00:00:00 2001 +From: Michael Catanzaro <mcatanzaro@gnome.org> +Date: Tue, 19 Oct 2021 14:27:17 +0000 +Subject: [PATCH] Update seccomp filters with latest changes from flatpak + https://bugs.webkit.org/show_bug.cgi?id=231479 + +Patch by Michael Catanzaro <mcatanzaro@gnome.org> on 2021-10-19 +Reviewed by Adrian Perez de Castro. + +Additionally, let's fix a minor inconsistency in our error-handling code: all but one of +our codepaths carefully free and close resources, but the process is about to crash so +there's not really any reason to do so. The code is slightly simpler if we don't bother. + +The seemingly-extraneous include order changes are required to placate the style checker. + +* UIProcess/Launcher/glib/BubblewrapLauncher.cpp: +(WebKit::seccompStrerror): +(WebKit::setupSeccomp): +* UIProcess/Launcher/glib/Syscalls.h: Added. + +Canonical link: https://commits.webkit.org/243211@main +git-svn-id: https://svn.webkit.org/repository/webkit/trunk@284451 268f45cc-cd09-0410-ab3c-d52691b4dbfc +--- + .../UIProcess/Launcher/glib/BubblewrapLauncher.cpp | 139 +++++++++----- + Source/WebKit/UIProcess/Launcher/glib/Syscalls.h | 200 +++++++++++++++++++++ + 2 files changed, 293 insertions(+), 46 deletions(-) + +diff --git a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp +index 889388ac..c2f7e502 100644 +--- a/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp ++++ b/Source/WebKit/UIProcess/Launcher/glib/BubblewrapLauncher.cpp +@@ -25,11 +25,18 @@ + #include <glib.h> + #include <seccomp.h> + #include <sys/ioctl.h> ++#include <sys/mman.h> + #include <wtf/FileSystem.h> + #include <wtf/glib/GLibUtilities.h> + #include <wtf/glib/GRefPtr.h> + #include <wtf/glib/GUniquePtr.h> + ++#if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H) ++#include <linux/memfd.h> ++#endif ++ ++#include "Syscalls.h" ++ + #if PLATFORM(GTK) + #include "WaylandCompositor.h" + #endif +@@ -40,13 +47,7 @@ + #define BASE_DIRECTORY "wpe" + #endif + +-#include <sys/mman.h> +- +-#ifndef MFD_ALLOW_SEALING +- +-#if HAVE(LINUX_MEMFD_H) +- +-#include <linux/memfd.h> ++#if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H) + + // These defines were added in glibc 2.27, the same release that added memfd_create. + // But the kernel added all of this in Linux 3.17. So it's totally safe for us to +@@ -65,9 +66,7 @@ static int memfd_create(const char* name, unsigned flags) + { + return syscall(__NR_memfd_create, name, flags); + } +-#endif // #if HAVE(LINUX_MEMFD_H) +- +-#endif // #ifndef MFD_ALLOW_SEALING ++#endif // #if !defined(MFD_ALLOW_SEALING) && HAVE(LINUX_MEMFD_H) + + namespace WebKit { + using namespace WebCore; +@@ -573,6 +572,28 @@ static void bindSymlinksRealPath(Vector<CString>& args, const char* path) + } + } + ++// Translate a libseccomp error code into an error message. libseccomp ++// mostly returns negative errno values such as -ENOMEM, but some ++// standard errno values are used for non-standard purposes where their ++// strerror() would be misleading. ++static const char* seccompStrerror(int negativeErrno) ++{ ++ RELEASE_ASSERT_WITH_MESSAGE(negativeErrno < 0, "Non-negative error value from libseccomp?"); ++ RELEASE_ASSERT_WITH_MESSAGE(negativeErrno > INT_MIN, "Out of range error value from libseccomp?"); ++ ++ switch (negativeErrno) { ++ case -EDOM: ++ return "Architecture-specific failure"; ++ case -EFAULT: ++ return "Internal libseccomp failure (unknown syscall?)"; ++ case -ECANCELED: ++ return "System failure beyond the control of libseccomp"; ++ } ++ ++ // e.g. -ENOMEM: the result of strerror() is good enough ++ return g_strerror(-negativeErrno); ++} ++ + static int setupSeccomp() + { + // NOTE: This is shared code (flatpak-run.c - LGPLv2.1+) +@@ -600,6 +621,10 @@ static int setupSeccomp() + // in common/flatpak-run.c + // https://git.gnome.org/browse/linux-user-chroot + // in src/setup-seccomp.c ++ // ++ // Other useful resources: ++ // https://github.com/systemd/systemd/blob/HEAD/src/shared/seccomp-util.c ++ // https://github.com/moby/moby/blob/HEAD/profiles/seccomp/default.json + + #if defined(__s390__) || defined(__s390x__) || defined(__CRIS__) + // Architectures with CONFIG_CLONE_BACKWARDS2: the child stack +@@ -613,47 +638,70 @@ static int setupSeccomp() + struct scmp_arg_cmp ttyArg = SCMP_A1(SCMP_CMP_MASKED_EQ, 0xFFFFFFFFu, TIOCSTI); + struct { + int scall; ++ int errnum; + struct scmp_arg_cmp* arg; + } syscallBlockList[] = { + // Block dmesg +- { SCMP_SYS(syslog), nullptr }, ++ { SCMP_SYS(syslog), EPERM, nullptr }, + // Useless old syscall. +- { SCMP_SYS(uselib), nullptr }, ++ { SCMP_SYS(uselib), EPERM, nullptr }, + // Don't allow disabling accounting. +- { SCMP_SYS(acct), nullptr }, ++ { SCMP_SYS(acct), EPERM, nullptr }, + // 16-bit code is unnecessary in the sandbox, and modify_ldt is a + // historic source of interesting information leaks. +- { SCMP_SYS(modify_ldt), nullptr }, ++ { SCMP_SYS(modify_ldt), EPERM, nullptr }, + // Don't allow reading current quota use. +- { SCMP_SYS(quotactl), nullptr }, ++ { SCMP_SYS(quotactl), EPERM, nullptr }, + + // Don't allow access to the kernel keyring. +- { SCMP_SYS(add_key), nullptr }, +- { SCMP_SYS(keyctl), nullptr }, +- { SCMP_SYS(request_key), nullptr }, ++ { SCMP_SYS(add_key), EPERM, nullptr }, ++ { SCMP_SYS(keyctl), EPERM, nullptr }, ++ { SCMP_SYS(request_key), EPERM, nullptr }, + + // Scary VM/NUMA ops +- { SCMP_SYS(move_pages), nullptr }, +- { SCMP_SYS(mbind), nullptr }, +- { SCMP_SYS(get_mempolicy), nullptr }, +- { SCMP_SYS(set_mempolicy), nullptr }, +- { SCMP_SYS(migrate_pages), nullptr }, ++ { SCMP_SYS(move_pages), EPERM, nullptr }, ++ { SCMP_SYS(mbind), EPERM, nullptr }, ++ { SCMP_SYS(get_mempolicy), EPERM, nullptr }, ++ { SCMP_SYS(set_mempolicy), EPERM, nullptr }, ++ { SCMP_SYS(migrate_pages), EPERM, nullptr }, + + // Don't allow subnamespace setups: +- { SCMP_SYS(unshare), nullptr }, +- { SCMP_SYS(mount), nullptr }, +- { SCMP_SYS(pivot_root), nullptr }, +- { SCMP_SYS(clone), &cloneArg }, ++ { SCMP_SYS(unshare), EPERM, nullptr }, ++ { SCMP_SYS(setns), EPERM, nullptr }, ++ { SCMP_SYS(mount), EPERM, nullptr }, ++ { SCMP_SYS(umount), EPERM, nullptr }, ++ { SCMP_SYS(umount2), EPERM, nullptr }, ++ { SCMP_SYS(pivot_root), EPERM, nullptr }, ++ { SCMP_SYS(chroot), EPERM, nullptr }, ++ { SCMP_SYS(clone), EPERM, &cloneArg }, + + // Don't allow faking input to the controlling tty (CVE-2017-5226) +- { SCMP_SYS(ioctl), &ttyArg }, ++ { SCMP_SYS(ioctl), EPERM, &ttyArg }, ++ ++ // seccomp can't look into clone3()'s struct clone_args to check whether ++ // the flags are OK, so we have no choice but to block clone3(). ++ // Return ENOSYS so user-space will fall back to clone(). ++ // (GHSA-67h7-w3jq-vh4q; see also https://github.com/moby/moby/commit/9f6b562d) ++ { SCMP_SYS(clone3), ENOSYS, nullptr }, ++ ++ // New mount manipulation APIs can also change our VFS. There's no ++ // legitimate reason to do these in the sandbox, so block all of them ++ // rather than thinking about which ones might be dangerous. ++ // (GHSA-67h7-w3jq-vh4q) ++ { SCMP_SYS(open_tree), ENOSYS, nullptr }, ++ { SCMP_SYS(move_mount), ENOSYS, nullptr }, ++ { SCMP_SYS(fsopen), ENOSYS, nullptr }, ++ { SCMP_SYS(fsconfig), ENOSYS, nullptr }, ++ { SCMP_SYS(fsmount), ENOSYS, nullptr }, ++ { SCMP_SYS(fspick), ENOSYS, nullptr }, ++ { SCMP_SYS(mount_setattr), ENOSYS, nullptr }, + + // Profiling operations; we expect these to be done by tools from outside + // the sandbox. In particular perf has been the source of many CVEs. +- { SCMP_SYS(perf_event_open), nullptr }, ++ { SCMP_SYS(perf_event_open), EPERM, nullptr }, + // Don't allow you to switch to bsd emulation or whatnot. +- { SCMP_SYS(personality), nullptr }, +- { SCMP_SYS(ptrace), nullptr } ++ { SCMP_SYS(personality), EPERM, nullptr }, ++ { SCMP_SYS(ptrace), EPERM, nullptr } + }; + + scmp_filter_ctx seccomp = seccomp_init(SCMP_ACT_ALLOW); +@@ -661,29 +709,28 @@ static int setupSeccomp() + g_error("Failed to init seccomp"); + + for (auto& rule : syscallBlockList) { +- int scall = rule.scall; + int r; + if (rule.arg) +- r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 1, *rule.arg); ++ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(rule.errnum), rule.scall, 1, *rule.arg); + else +- r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(EPERM), scall, 0); +- if (r == -EFAULT) { +- seccomp_release(seccomp); +- g_error("Failed to add seccomp rule"); +- } ++ r = seccomp_rule_add(seccomp, SCMP_ACT_ERRNO(rule.errnum), rule.scall, 0); ++ // EFAULT means "internal libseccomp error", but in practice we get ++ // this for syscall numbers added via Syscalls.h (flatpak-syscalls-private.h) ++ // when trying to filter them on a non-native architecture, because ++ // libseccomp cannot map the syscall number to a name and back to a ++ // number for the non-native architecture. ++ if (r == -EFAULT) ++ g_info("Unable to block syscall %d: syscall not known to libseccomp?", rule.scall); ++ else if (r < 0) ++ g_error("Failed to block syscall %d: %s", rule.scall, seccompStrerror(r)); + } + + int tmpfd = memfd_create("seccomp-bpf", 0); +- if (tmpfd == -1) { +- seccomp_release(seccomp); ++ if (tmpfd == -1) + g_error("Failed to create memfd: %s", g_strerror(errno)); +- } + +- if (seccomp_export_bpf(seccomp, tmpfd)) { +- seccomp_release(seccomp); +- close(tmpfd); +- g_error("Failed to export seccomp bpf"); +- } ++ if (int r = seccomp_export_bpf(seccomp, tmpfd)) ++ g_error("Failed to export seccomp bpf: %s", seccompStrerror(r)); + + if (lseek(tmpfd, 0, SEEK_SET) < 0) + g_error("lseek failed: %s", g_strerror(errno)); +diff --git a/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h b/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h +new file mode 100644 +index 00000000..18dea9a9 +--- /dev/null ++++ b/Source/WebKit/UIProcess/Launcher/glib/Syscalls.h +@@ -0,0 +1,200 @@ ++/* ++ * Copyright 2021 Collabora Ltd. ++ * SPDX-License-Identifier: LGPL-2.1-or-later ++ * ++ * This program is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library. If not, see <http://www.gnu.org/licenses/>. ++ */ ++ ++// This file is a copy of flatpak-syscalls-private.h, reformatted a bit to placate WebKit's style checker. ++// ++// Upstream is here: ++// https://github.com/flatpak/flatpak/blob/26b12484eb8a6219b9e7aa287b298a894b2f34ca/common/flatpak-syscalls-private.h ++ ++#pragma once ++ ++#include <sys/syscall.h> ++ ++#if defined(_MIPS_SIM) ++# if _MIPS_SIM == _MIPS_SIM_ABI32 ++# define FLATPAK_MISSING_SYSCALL_BASE 4000 ++# elif _MIPS_SIM == _MIPS_SIM_ABI64 ++# define FLATPAK_MISSING_SYSCALL_BASE 5000 ++# elif _MIPS_SIM == _MIPS_SIM_NABI32 ++# define FLATPAK_MISSING_SYSCALL_BASE 6000 ++# else ++# error "Unknown MIPS ABI" ++# endif ++#endif ++ ++#if defined(__ia64__) ++# define FLATPAK_MISSING_SYSCALL_BASE 1024 ++#endif ++ ++#if defined(__alpha__) ++# define FLATPAK_MISSING_SYSCALL_BASE 110 ++#endif ++ ++#if defined(__x86_64__) && defined(__ILP32__) ++# define FLATPAK_MISSING_SYSCALL_BASE 0x40000000 ++#endif ++ ++// FLATPAK_MISSING_SYSCALL_BASE: ++// ++// Number to add to the syscall numbers of recently-added syscalls ++// to get the appropriate syscall for the current ABI. ++#ifndef FLATPAK_MISSING_SYSCALL_BASE ++# define FLATPAK_MISSING_SYSCALL_BASE 0 ++#endif ++ ++#ifndef __NR_open_tree ++# define __NR_open_tree (FLATPAK_MISSING_SYSCALL_BASE + 428) ++#endif ++#ifndef __SNR_open_tree ++# define __SNR_open_tree __NR_open_tree ++#endif ++ ++#ifndef __NR_move_mount ++# define __NR_move_mount (FLATPAK_MISSING_SYSCALL_BASE + 429) ++#endif ++#ifndef __SNR_move_mount ++# define __SNR_move_mount __NR_move_mount ++#endif ++ ++#ifndef __NR_fsopen ++# define __NR_fsopen (FLATPAK_MISSING_SYSCALL_BASE + 430) ++#endif ++#ifndef __SNR_fsopen ++# define __SNR_fsopen __NR_fsopen ++#endif ++ ++#ifndef __NR_fsconfig ++# define __NR_fsconfig (FLATPAK_MISSING_SYSCALL_BASE + 431) ++#endif ++#ifndef __SNR_fsconfig ++# define __SNR_fsconfig __NR_fsconfig ++#endif ++ ++#ifndef __NR_fsmount ++# define __NR_fsmount (FLATPAK_MISSING_SYSCALL_BASE + 432) ++#endif ++#ifndef __SNR_fsmount ++# define __SNR_fsmount __NR_fsmount ++#endif ++ ++#ifndef __NR_fspick ++# define __NR_fspick (FLATPAK_MISSING_SYSCALL_BASE + 433) ++#endif ++#ifndef __SNR_fspick ++# define __SNR_fspick __NR_fspick ++#endif ++ ++#ifndef __NR_pidfd_open ++# define __NR_pidfd_open (FLATPAK_MISSING_SYSCALL_BASE + 434) ++#endif ++#ifndef __SNR_pidfd_open ++# define __SNR_pidfd_open __NR_pidfd_open ++#endif ++ ++#ifndef __NR_clone3 ++# define __NR_clone3 (FLATPAK_MISSING_SYSCALL_BASE + 435) ++#endif ++#ifndef __SNR_clone3 ++# define __SNR_clone3 __NR_clone3 ++#endif ++ ++#ifndef __NR_close_range ++# define __NR_close_range (FLATPAK_MISSING_SYSCALL_BASE + 436) ++#endif ++#ifndef __SNR_close_range ++# define __SNR_close_range __NR_close_range ++#endif ++ ++#ifndef __NR_openat2 ++# define __NR_openat2 (FLATPAK_MISSING_SYSCALL_BASE + 437) ++#endif ++#ifndef __SNR_openat2 ++# define __SNR_openat2 __NR_openat2 ++#endif ++ ++#ifndef __NR_pidfd_getfd ++# define __NR_pidfd_getfd (FLATPAK_MISSING_SYSCALL_BASE + 438) ++#endif ++#ifndef __SNR_pidfd_getfd ++# define __SNR_pidfd_getfd __NR_pidfd_getfd ++#endif ++ ++#ifndef __NR_faccessat2 ++# define __NR_faccessat2 (FLATPAK_MISSING_SYSCALL_BASE + 439) ++#endif ++#ifndef __SNR_faccessat2 ++# define __SNR_faccessat2 __NR_faccessat2 ++#endif ++ ++#ifndef __NR_process_madvise ++# define __NR_process_madvise (FLATPAK_MISSING_SYSCALL_BASE + 440) ++#endif ++#ifndef __SNR_process_madvise ++# define __SNR_process_madvise __NR_process_madvise ++#endif ++ ++#ifndef __NR_epoll_pwait2 ++# define __NR_epoll_pwait2 (FLATPAK_MISSING_SYSCALL_BASE + 441) ++#endif ++#ifndef __SNR_epoll_pwait2 ++# define __SNR_epoll_pwait2 __NR_epoll_pwait2 ++#endif ++ ++#ifndef __NR_mount_setattr ++# define __NR_mount_setattr (FLATPAK_MISSING_SYSCALL_BASE + 442) ++#endif ++#ifndef __SNR_mount_setattr ++# define __SNR_mount_setattr __NR_mount_setattr ++#endif ++ ++#ifndef __NR_quotactl_fd ++# define __NR_quotactl_fd (FLATPAK_MISSING_SYSCALL_BASE + 443) ++#endif ++#ifndef __SNR_quotactl_fd ++# define __SNR_quotactl_fd __NR_quotactl_fd ++#endif ++ ++#ifndef __NR_landlock_create_ruleset ++# define __NR_landlock_create_ruleset (FLATPAK_MISSING_SYSCALL_BASE + 444) ++#endif ++#ifndef __SNR_landlock_create_ruleset ++# define __SNR_landlock_create_ruleset __NR_landlock_create_ruleset ++#endif ++ ++#ifndef __NR_landlock_add_rule ++# define __NR_landlock_add_rule (FLATPAK_MISSING_SYSCALL_BASE + 445) ++#endif ++#ifndef __SNR_landlock_add_rule ++# define __SNR_landlock_add_rule __NR_landlock_add_rule ++#endif ++ ++#ifndef __NR_landlock_restrict_self ++# define __NR_landlock_restrict_self (FLATPAK_MISSING_SYSCALL_BASE + 446) ++#endif ++#ifndef __SNR_landlock_restrict_self ++# define __SNR_landlock_restrict_self __NR_landlock_restrict_self ++#endif ++ ++#ifndef __NR_memfd_secret ++# define __NR_memfd_secret (FLATPAK_MISSING_SYSCALL_BASE + 447) ++#endif ++#ifndef __SNR_memfd_secret ++# define __SNR_memfd_secret __NR_memfd_secret ++#endif ++ ++// Last updated: Linux 5.14, syscall numbers < 448 diff --git a/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch b/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch new file mode 100644 index 0000000000..e866a1a193 --- /dev/null +++ b/meta/recipes-sato/webkit/webkitgtk/reproducibility.patch @@ -0,0 +1,22 @@ +Injection a year based on the current date isn't reproducible. Hack this +to a specific year for now for reproducibilty and to avoid autobuilder failures. + +The correct fix would be to use SOURCE_DATE_EPOCH from the environment and +then this could be submitted upstream, sadly my ruby isn't up to that. + +Upstream-Status: Pending [could be reworked] +Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> + +Index: webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb +=================================================================== +--- webkitgtk-2.34.2.orig/Source/JavaScriptCore/generator/GeneratedFile.rb ++++ webkitgtk-2.34.2/Source/JavaScriptCore/generator/GeneratedFile.rb +@@ -25,7 +25,7 @@ require 'date' + require 'digest' + + $LICENSE = <<-EOF +-Copyright (C) #{Date.today.year} Apple Inc. All rights reserved. ++Copyright (C) 2021 Apple Inc. All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions diff --git a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb b/meta/recipes-sato/webkit/webkitgtk_2.30.6.bb index 1fefc75c49..1fdba611ea 100644 --- a/meta/recipes-sato/webkit/webkitgtk_2.30.5.bb +++ b/meta/recipes-sato/webkit/webkitgtk_2.30.6.bb @@ -21,9 +21,11 @@ SRC_URI = "https://www.webkitgtk.org/releases/${BPN}-${PV}.tar.xz \ file://0001-Extend-atomics-check-to-include-1-byte-CAS-test.patch \ file://musl-lower-stack-usage.patch \ file://0001-MiniBrowser-Fix-reproduciblity.patch \ + file://reproducibility.patch \ + file://CVE-2021-42762.patch \ " -SRC_URI[sha256sum] = "7d0dab08e3c5ae07bec80b2822ef42e952765d5724cac86eb23999bfed5a7f1f" +SRC_URI[sha256sum] = "50736ec7a91770b5939d715196e5fe7209b93efcdeef425b24dc51fb8e9d7c1e" inherit cmake pkgconfig gobject-introspection perlnative features_check upstream-version-is-even gtk-doc diff --git a/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb b/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb index 611c0fb680..70ce12a06f 100644 --- a/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb +++ b/meta/recipes-support/bmap-tools/bmap-tools_3.6.bb @@ -9,7 +9,7 @@ SECTION = "console/utils" LICENSE = "GPLv2" LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" -SRC_URI = "git://github.com/intel/${BPN}" +SRC_URI = "git://github.com/intel/${BPN};branch=master;protocol=https" SRCREV = "c0673962a8ec1624b5189dc1d24f33fe4f06785a" S = "${WORKDIR}/git" diff --git a/meta/recipes-support/boost/boost-build-native_4.3.0.bb b/meta/recipes-support/boost/boost-build-native_4.3.0.bb index 00f3a86dd6..f09ff484ec 100644 --- a/meta/recipes-support/boost/boost-build-native_4.3.0.bb +++ b/meta/recipes-support/boost/boost-build-native_4.3.0.bb @@ -6,7 +6,7 @@ SECTION = "devel" LICENSE = "BSL-1.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=e4224ccaecb14d942c71d31bef20d78c" -SRC_URI = "git://github.com/boostorg/build;protocol=https" +SRC_URI = "git://github.com/boostorg/build;protocol=https;branch=master" SRCREV = "632ea768f3eb225b4472c5ed6d20afee708724ad" UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>(\d+(\.\d+){2,}))" diff --git a/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch b/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch new file mode 100644 index 0000000000..5c4a32f526 --- /dev/null +++ b/meta/recipes-support/ca-certificates/ca-certificates/0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch @@ -0,0 +1,80 @@ +From cb43ec15b700b25f3c4fe44043a1a021aaf5b768 Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex@linutronix.de> +Date: Mon, 18 Oct 2021 12:05:49 +0200 +Subject: [PATCH] Revert "mozilla/certdata2pem.py: print a warning for expired + certificates." + +This avoids a dependency on python3-cryptography, and only checks +for expired certs (which is upstream concern, but not ours). + +Upstream-Status: Inappropriate [oe-core specific] +Signed-off-by: Alexander Kanavin <alex@linutronix.de> +--- + debian/changelog | 1 - + debian/control | 2 +- + mozilla/certdata2pem.py | 11 ----------- + 3 files changed, 1 insertion(+), 13 deletions(-) + +diff --git a/debian/changelog b/debian/changelog +index 531e4d0..4006509 100644 +--- a/debian/changelog ++++ b/debian/changelog +@@ -37,7 +37,6 @@ ca-certificates (20211004) unstable; urgency=low + - "Trustis FPS Root CA" + - "Staat der Nederlanden Root CA - G3" + * Blacklist expired root certificate "DST Root CA X3" (closes: #995432) +- * mozilla/certdata2pem.py: print a warning for expired certificates. + + -- Julien Cristau <jcristau@debian.org> Thu, 07 Oct 2021 17:12:47 +0200 + +diff --git a/debian/control b/debian/control +index 4434b7a..5c6ba24 100644 +--- a/debian/control ++++ b/debian/control +@@ -3,7 +3,7 @@ Section: misc + Priority: optional + Maintainer: Julien Cristau <jcristau@debian.org> + Build-Depends: debhelper-compat (= 13), po-debconf +-Build-Depends-Indep: python3, openssl, python3-cryptography ++Build-Depends-Indep: python3, openssl + Standards-Version: 4.5.0.2 + Vcs-Git: https://salsa.debian.org/debian/ca-certificates.git + Vcs-Browser: https://salsa.debian.org/debian/ca-certificates +diff --git a/mozilla/certdata2pem.py b/mozilla/certdata2pem.py +index ede23d4..7d796f1 100644 +--- a/mozilla/certdata2pem.py ++++ b/mozilla/certdata2pem.py +@@ -21,16 +21,12 @@ + # USA. + + import base64 +-import datetime + import os.path + import re + import sys + import textwrap + import io + +-from cryptography import x509 +- +- + objects = [] + + # Dirty file parser. +@@ -121,13 +117,6 @@ for obj in objects: + if obj['CKA_CLASS'] == 'CKO_CERTIFICATE': + if not obj['CKA_LABEL'] in trust or not trust[obj['CKA_LABEL']]: + continue +- +- cert = x509.load_der_x509_certificate(obj['CKA_VALUE']) +- if cert.not_valid_after < datetime.datetime.now(): +- print('!'*74) +- print('Trusted but expired certificate found: %s' % obj['CKA_LABEL']) +- print('!'*74) +- + bname = obj['CKA_LABEL'][1:-1].replace('/', '_')\ + .replace(' ', '_')\ + .replace('(', '=')\ +-- +2.20.1 + diff --git a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch b/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch deleted file mode 100644 index f343ebf16e..0000000000 --- a/meta/recipes-support/ca-certificates/ca-certificates/sbindir.patch +++ /dev/null @@ -1,26 +0,0 @@ -sbin/Makefile: Allow the sbin path to be configurable - -Some project sharing ca-certificates from Debian allow configuration -of the installation location. Make the sbin location configurable. - -Also ensure the target directory exists - -Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> -Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5] - ---- ca-certificates-20130119.orig/sbin/Makefile -+++ ca-certificates-20130119/sbin/Makefile -@@ -3,9 +3,12 @@ - # - # - -+SBINDIR = /usr/sbin -+ - all: - - clean: - - install: -- install -m755 update-ca-certificates $(DESTDIR)/usr/sbin/ -+ install -d $(DESTDIR)$(SBINDIR) -+ install -m755 update-ca-certificates $(DESTDIR)$(SBINDIR)/ diff --git a/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch b/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch deleted file mode 100644 index f78790923c..0000000000 --- a/meta/recipes-support/ca-certificates/ca-certificates/update-ca-certificates-support-Toybox.patch +++ /dev/null @@ -1,33 +0,0 @@ -update-ca-certificates: Replace deprecated mktemp -t with mktemp --tmpdir - -According to coreutils docs, mktemp -t is deprecated, switch to the ---tmpdir option instead. - -Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> -Upstream-Status: Submitted [https://salsa.debian.org/debian/ca-certificates/-/merge_requests/5] - -[This was originally for compatibility with toybox but toybox now -supports -t] ---- - sbin/update-ca-certificates | 6 +++--- - 1 file changed, 3 insertions(+), 3 deletions(-) - -diff --git a/sbin/update-ca-certificates b/sbin/update-ca-certificates -index 79c41bb..ae9e3f1 100755 ---- a/sbin/update-ca-certificates -+++ b/sbin/update-ca-certificates -@@ -113,9 +113,9 @@ trap cleanup 0 - - # Helper files. (Some of them are not simple arrays because we spawn - # subshells later on.) --TEMPBUNDLE="$(mktemp -t "${CERTBUNDLE}.tmp.XXXXXX")" --ADDED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" --REMOVED="$(mktemp -t "ca-certificates.tmp.XXXXXX")" -+TEMPBUNDLE="$(mktemp --tmpdir "${CERTBUNDLE}.tmp.XXXXXX")" -+ADDED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")" -+REMOVED="$(mktemp --tmpdir "ca-certificates.tmp.XXXXXX")" - - # Adds a certificate to the list of trusted ones. This includes a symlink - # in /etc/ssl/certs to the certificate file and its inclusion into the --- -2.1.4 diff --git a/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb b/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb index 7dcc86fdc1..a54d6b458a 100644 --- a/meta/recipes-support/ca-certificates/ca-certificates_20210119.bb +++ b/meta/recipes-support/ca-certificates/ca-certificates_20211016.bb @@ -14,15 +14,14 @@ DEPENDS_class-nativesdk = "openssl-native" # Need rehash from openssl and run-parts from debianutils PACKAGE_WRITE_DEPS += "openssl-native debianutils-native" -SRCREV = "181be7ebd169b4a6fb5d90c3e6dc791e90534144" +SRCREV = "07de54fdcc5806bde549e1edf60738c6bccf50e8" -SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https \ +SRC_URI = "git://salsa.debian.org/debian/ca-certificates.git;protocol=https;branch=master \ file://0002-update-ca-certificates-use-SYSROOT.patch \ file://0001-update-ca-certificates-don-t-use-Debianisms-in-run-p.patch \ - file://update-ca-certificates-support-Toybox.patch \ file://default-sysroot.patch \ - file://sbindir.patch \ file://0003-update-ca-certificates-use-relative-symlinks-from-ET.patch \ + file://0001-Revert-mozilla-certdata2pem.py-print-a-warning-for-e.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+)" diff --git a/meta/recipes-support/curl/curl/CVE-2021-22945.patch b/meta/recipes-support/curl/curl/CVE-2021-22945.patch new file mode 100644 index 0000000000..44c42632ed --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2021-22945.patch @@ -0,0 +1,35 @@ +From 43157490a5054bd24256fe12876931e8abc9df49 Mon Sep 17 00:00:00 2001 +From: z2_ on hackerone <> +Date: Tue, 24 Aug 2021 09:50:33 +0200 +Subject: [PATCH] mqtt: clear the leftovers pointer when sending succeeds + +CVE-2021-22945 + +Bug: https://curl.se/docs/CVE-2021-22945.html + +Upstream-Status: Backport [https://github.com/curl/curl/commit/43157490a5054bd24256fe12876931e8abc9df49] + +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> + +--- + lib/mqtt.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/mqtt.c b/lib/mqtt.c +index f077e6c3d..fcd40b41e 100644 +--- a/lib/mqtt.c ++++ b/lib/mqtt.c +@@ -128,6 +128,10 @@ static CURLcode mqtt_send(struct Curl_easy *data, + mq->sendleftovers = sendleftovers; + mq->nsend = nsend; + } ++ else { ++ mq->sendleftovers = NULL; ++ mq->nsend = 0; ++ } + return result; + } + +-- +2.34.1 + diff --git a/meta/recipes-support/curl/curl/CVE-2021-22946.patch b/meta/recipes-support/curl/curl/CVE-2021-22946.patch new file mode 100644 index 0000000000..1cb95f0ea7 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2021-22946.patch @@ -0,0 +1,333 @@ +From 7c6e072216001fb1280d1868adfdcb54e3372ce7 Mon Sep 17 00:00:00 2001 +From: Patrick Monnerat <patrick@monnerat.net> +Date: Wed, 8 Sep 2021 11:56:22 +0200 +Subject: [PATCH] ftp,imap,pop3: do not ignore --ssl-reqd + +In imap and pop3, check if TLS is required even when capabilities +request has failed. + +In ftp, ignore preauthentication (230 status of server greeting) if TLS +is required. + +Bug: https://curl.se/docs/CVE-2021-22946.html + +CVE-2021-22946 + +Upstream-Status: Backport [https://github.com/curl/curl/commit/364f174724ef115c63d5e5dc1d3342c8a43b1cca] + +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> + +--- + lib/ftp.c | 9 ++++--- + lib/imap.c | 24 ++++++++---------- + lib/pop3.c | 33 +++++++++++------------- + tests/data/Makefile.inc | 2 ++ + tests/data/test984 | 56 +++++++++++++++++++++++++++++++++++++++++ + tests/data/test985 | 54 +++++++++++++++++++++++++++++++++++++++ + tests/data/test986 | 53 ++++++++++++++++++++++++++++++++++++++ + 7 files changed, 195 insertions(+), 36 deletions(-) + create mode 100644 tests/data/test984 + create mode 100644 tests/data/test985 + create mode 100644 tests/data/test986 + +diff --git a/lib/ftp.c b/lib/ftp.c +index 3818a9e..8b3fe1d 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -2665,9 +2665,12 @@ static CURLcode ftp_statemachine(struct Curl_easy *data, + /* we have now received a full FTP server response */ + switch(ftpc->state) { + case FTP_WAIT220: +- if(ftpcode == 230) +- /* 230 User logged in - already! */ +- return ftp_state_user_resp(data, ftpcode, ftpc->state); ++ if(ftpcode == 230) { ++ /* 230 User logged in - already! Take as 220 if TLS required. */ ++ if(data->set.use_ssl <= CURLUSESSL_TRY || ++ conn->bits.ftp_use_control_ssl) ++ return ftp_state_user_resp(data, ftpcode, ftpc->state); ++ } + else if(ftpcode != 220) { + failf(data, "Got a %03d ftp-server response when 220 was expected", + ftpcode); +diff --git a/lib/imap.c b/lib/imap.c +index 2d80699..b056208 100644 +--- a/lib/imap.c ++++ b/lib/imap.c +@@ -933,22 +933,18 @@ static CURLcode imap_state_capability_resp(struct Curl_easy *data, + line += wordlen; + } + } +- else if(imapcode == IMAP_RESP_OK) { +- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { +- /* We don't have a SSL/TLS connection yet, but SSL is requested */ +- if(imapc->tls_supported) +- /* Switch to TLS connection now */ +- result = imap_perform_starttls(data, conn); +- else if(data->set.use_ssl == CURLUSESSL_TRY) +- /* Fallback and carry on with authentication */ +- result = imap_perform_authentication(data, conn); +- else { +- failf(data, "STARTTLS not supported."); +- result = CURLE_USE_SSL_FAILED; +- } ++ else if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { ++ /* PREAUTH is not compatible with STARTTLS. */ ++ if(imapcode == IMAP_RESP_OK && imapc->tls_supported && !imapc->preauth) { ++ /* Switch to TLS connection now */ ++ result = imap_perform_starttls(data, conn); + } +- else ++ else if(data->set.use_ssl <= CURLUSESSL_TRY) + result = imap_perform_authentication(data, conn); ++ else { ++ failf(data, "STARTTLS not available."); ++ result = CURLE_USE_SSL_FAILED; ++ } + } + else + result = imap_perform_authentication(data, conn); +diff --git a/lib/pop3.c b/lib/pop3.c +index 0ed3d3e..018fda1 100644 +--- a/lib/pop3.c ++++ b/lib/pop3.c +@@ -738,28 +738,23 @@ static CURLcode pop3_state_capa_resp(struct Curl_easy *data, int pop3code, + } + } + } +- else if(pop3code == '+') { +- if(data->set.use_ssl && !conn->ssl[FIRSTSOCKET].use) { +- /* We don't have a SSL/TLS connection yet, but SSL is requested */ +- if(pop3c->tls_supported) +- /* Switch to TLS connection now */ +- result = pop3_perform_starttls(data, conn); +- else if(data->set.use_ssl == CURLUSESSL_TRY) +- /* Fallback and carry on with authentication */ +- result = pop3_perform_authentication(data, conn); +- else { +- failf(data, "STLS not supported."); +- result = CURLE_USE_SSL_FAILED; +- } +- } +- else +- result = pop3_perform_authentication(data, conn); +- } + else { + /* Clear text is supported when CAPA isn't recognised */ +- pop3c->authtypes |= POP3_TYPE_CLEARTEXT; ++ if(pop3code != '+') ++ pop3c->authtypes |= POP3_TYPE_CLEARTEXT; + +- result = pop3_perform_authentication(data, conn); ++ if(!data->set.use_ssl || conn->ssl[FIRSTSOCKET].use) ++ result = pop3_perform_authentication(data, conn); ++ else if(pop3code == '+' && pop3c->tls_supported) ++ /* Switch to TLS connection now */ ++ result = pop3_perform_starttls(data, conn); ++ else if(data->set.use_ssl <= CURLUSESSL_TRY) ++ /* Fallback and carry on with authentication */ ++ result = pop3_perform_authentication(data, conn); ++ else { ++ failf(data, "STLS not supported."); ++ result = CURLE_USE_SSL_FAILED; ++ } + } + + return result; +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index e08cfc7..e6e2551 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -115,6 +115,8 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \ + test954 test955 test956 test957 test958 test959 test960 test961 test962 \ + test963 test964 test965 test966 test967 test968 test969 test970 test971 \ + \ ++test984 test985 test986 \ ++\ + test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ + test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ + test1016 test1017 test1018 test1019 test1020 test1021 test1022 test1023 \ +diff --git a/tests/data/test984 b/tests/data/test984 +new file mode 100644 +index 0000000..e573f23 +--- /dev/null ++++ b/tests/data/test984 +@@ -0,0 +1,56 @@ ++<testcase> ++<info> ++<keywords> ++IMAP ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++REPLY CAPABILITY A001 BAD Not implemented ++</servercmd> ++</reply> ++ ++# ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++imap ++</server> ++ <name> ++IMAP require STARTTLS with failing capabilities ++ </name> ++ <command> ++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl-reqd ++</command> ++<file name="log/upload%TESTNUMBER"> ++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) ++From: Fred Foobar <foobar@example.COM> ++Subject: afternoon meeting ++To: joe@example.com ++Message-Id: <B27397-0100000@example.COM> ++MIME-Version: 1.0 ++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII ++ ++Hello Joe, do you think we can meet at 3:30 tomorrow? ++</file> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# 64 is CURLE_USE_SSL_FAILED ++<errorcode> ++64 ++</errorcode> ++<protocol> ++A001 CAPABILITY
++</protocol> ++</verify> ++</testcase> +diff --git a/tests/data/test985 b/tests/data/test985 +new file mode 100644 +index 0000000..d0db4aa +--- /dev/null ++++ b/tests/data/test985 +@@ -0,0 +1,54 @@ ++<testcase> ++<info> ++<keywords> ++POP3 ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++REPLY CAPA -ERR Not implemented ++</servercmd> ++<data nocheck="yes"> ++From: me@somewhere ++To: fake@nowhere ++ ++body ++ ++-- ++ yours sincerely ++</data> ++</reply> ++ ++# ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++pop3 ++</server> ++ <name> ++POP3 require STARTTLS with failing capabilities ++ </name> ++ <command> ++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl-reqd ++ </command> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# 64 is CURLE_USE_SSL_FAILED ++<errorcode> ++64 ++</errorcode> ++<protocol> ++CAPA
++</protocol> ++</verify> ++</testcase> +diff --git a/tests/data/test986 b/tests/data/test986 +new file mode 100644 +index 0000000..a709437 +--- /dev/null ++++ b/tests/data/test986 +@@ -0,0 +1,53 @@ ++<testcase> ++<info> ++<keywords> ++FTP ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++REPLY welcome 230 Welcome ++REPLY AUTH 500 unknown command ++</servercmd> ++</reply> ++ ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++ftp ++</server> ++ <name> ++FTP require STARTTLS while preauthenticated ++ </name> ++<file name="log/test%TESTNUMBER.txt"> ++data ++ to ++ see ++that FTPS ++works ++ so does it? ++</file> ++ <command> ++--ssl-reqd --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret ++</command> ++</client> ++ ++# Verify data after the test has been "shot" ++<verify> ++# 64 is CURLE_USE_SSL_FAILED ++<errorcode> ++64 ++</errorcode> ++<protocol> ++AUTH SSL
++AUTH TLS
++</protocol> ++</verify> ++</testcase> +-- +2.34.1 + diff --git a/meta/recipes-support/curl/curl/CVE-2021-22947.patch b/meta/recipes-support/curl/curl/CVE-2021-22947.patch new file mode 100644 index 0000000000..9bd9890d72 --- /dev/null +++ b/meta/recipes-support/curl/curl/CVE-2021-22947.patch @@ -0,0 +1,357 @@ +From f3f2d2554d09ca0e13039e4915b83faaa55961c4 Mon Sep 17 00:00:00 2001 +From: Patrick Monnerat <patrick@monnerat.net> +Date: Tue, 7 Sep 2021 13:26:42 +0200 +Subject: [PATCH] ftp,imap,pop3,smtp: reject STARTTLS server response + + pipelining + +If a server pipelines future responses within the STARTTLS response, the +former are preserved in the pingpong cache across TLS negotiation and +used as responses to the encrypted commands. + +This fix detects pipelined STARTTLS responses and rejects them with an +error. + +CVE-2021-22947 + +Bug: https://curl.se/docs/CVE-2021-22947.html + +Upstream-Status: Backport [https://github.com/curl/curl/commit/8ef147c43646e91fdaad5d0e7b60351f842e5c68] + +Signed-off-by: Robert Joslyn <robert.joslyn@redrectangle.org> + +--- + lib/ftp.c | 3 +++ + lib/imap.c | 4 +++ + lib/pop3.c | 4 +++ + lib/smtp.c | 4 +++ + tests/data/Makefile.inc | 2 +- + tests/data/test980 | 52 ++++++++++++++++++++++++++++++++++++ + tests/data/test981 | 59 +++++++++++++++++++++++++++++++++++++++++ + tests/data/test982 | 57 +++++++++++++++++++++++++++++++++++++++ + tests/data/test983 | 52 ++++++++++++++++++++++++++++++++++++ + 9 files changed, 236 insertions(+), 1 deletion(-) + create mode 100644 tests/data/test980 + create mode 100644 tests/data/test981 + create mode 100644 tests/data/test982 + create mode 100644 tests/data/test983 + +diff --git a/lib/ftp.c b/lib/ftp.c +index 8b3fe1d..a55566a 100644 +--- a/lib/ftp.c ++++ b/lib/ftp.c +@@ -2727,6 +2727,9 @@ static CURLcode ftp_statemachine(struct Curl_easy *data, + case FTP_AUTH: + /* we have gotten the response to a previous AUTH command */ + ++ if(pp->cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; /* Forbid pipelining in response. */ ++ + /* RFC2228 (page 5) says: + * + * If the server is willing to accept the named security mechanism, +diff --git a/lib/imap.c b/lib/imap.c +index b056208..9230f17 100644 +--- a/lib/imap.c ++++ b/lib/imap.c +@@ -962,6 +962,10 @@ static CURLcode imap_state_starttls_resp(struct Curl_easy *data, + + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.imapc.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(imapcode != IMAP_RESP_OK) { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied"); +diff --git a/lib/pop3.c b/lib/pop3.c +index 018fda1..4f953f7 100644 +--- a/lib/pop3.c ++++ b/lib/pop3.c +@@ -769,6 +769,10 @@ static CURLcode pop3_state_starttls_resp(struct Curl_easy *data, + CURLcode result = CURLE_OK; + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.pop3c.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(pop3code != '+') { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied"); +diff --git a/lib/smtp.c b/lib/smtp.c +index 1fc8800..51445f6 100644 +--- a/lib/smtp.c ++++ b/lib/smtp.c +@@ -832,6 +832,10 @@ static CURLcode smtp_state_starttls_resp(struct Curl_easy *data, + CURLcode result = CURLE_OK; + (void)instate; /* no use for this yet */ + ++ /* Pipelining in response is forbidden. */ ++ if(data->conn->proto.smtpc.pp.cache_size) ++ return CURLE_WEIRD_SERVER_REPLY; ++ + if(smtpcode != 220) { + if(data->set.use_ssl != CURLUSESSL_TRY) { + failf(data, "STARTTLS denied, code %d", smtpcode); +diff --git a/tests/data/Makefile.inc b/tests/data/Makefile.inc +index e6e2551..22d7a0b 100644 +--- a/tests/data/Makefile.inc ++++ b/tests/data/Makefile.inc +@@ -115,7 +115,7 @@ test945 test946 test947 test948 test949 test950 test951 test952 test953 \ + test954 test955 test956 test957 test958 test959 test960 test961 test962 \ + test963 test964 test965 test966 test967 test968 test969 test970 test971 \ + \ +-test984 test985 test986 \ ++test980 test981 test982 test983 test984 test985 test986 \ + \ + test1000 test1001 test1002 test1003 test1004 test1005 test1006 test1007 \ + test1008 test1009 test1010 test1011 test1012 test1013 test1014 test1015 \ +diff --git a/tests/data/test980 b/tests/data/test980 +new file mode 100644 +index 0000000..97567f8 +--- /dev/null ++++ b/tests/data/test980 +@@ -0,0 +1,52 @@ ++<testcase> ++<info> ++<keywords> ++SMTP ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++CAPA STARTTLS ++AUTH PLAIN ++REPLY STARTTLS 454 currently unavailable\r\n235 Authenticated\r\n250 2.1.0 Sender ok\r\n250 2.1.5 Recipient ok\r\n354 Enter mail\r\n250 2.0.0 Accepted ++REPLY AUTH 535 5.7.8 Authentication credentials invalid ++</servercmd> ++</reply> ++ ++# ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++smtp ++</server> ++ <name> ++SMTP STARTTLS pipelined server response ++ </name> ++<stdin> ++mail body ++</stdin> ++ <command> ++smtp://%HOSTIP:%SMTPPORT/%TESTNUMBER --mail-rcpt recipient@example.com --mail-from sender@example.com -u user:secret --ssl --sasl-ir -T - ++</command> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# 8 is CURLE_WEIRD_SERVER_REPLY ++<errorcode> ++8 ++</errorcode> ++<protocol> ++EHLO %TESTNUMBER
++STARTTLS
++</protocol> ++</verify> ++</testcase> +diff --git a/tests/data/test981 b/tests/data/test981 +new file mode 100644 +index 0000000..2b98ce4 +--- /dev/null ++++ b/tests/data/test981 +@@ -0,0 +1,59 @@ ++<testcase> ++<info> ++<keywords> ++IMAP ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++CAPA STARTTLS ++REPLY STARTTLS A002 BAD currently unavailable\r\nA003 OK Authenticated\r\nA004 OK Accepted ++REPLY LOGIN A003 BAD Authentication credentials invalid ++</servercmd> ++</reply> ++ ++# ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++imap ++</server> ++ <name> ++IMAP STARTTLS pipelined server response ++ </name> ++ <command> ++imap://%HOSTIP:%IMAPPORT/%TESTNUMBER -T log/upload%TESTNUMBER -u user:secret --ssl ++</command> ++<file name="log/upload%TESTNUMBER"> ++Date: Mon, 7 Feb 1994 21:52:25 -0800 (PST) ++From: Fred Foobar <foobar@example.COM> ++Subject: afternoon meeting ++To: joe@example.com ++Message-Id: <B27397-0100000@example.COM> ++MIME-Version: 1.0 ++Content-Type: TEXT/PLAIN; CHARSET=US-ASCII ++ ++Hello Joe, do you think we can meet at 3:30 tomorrow? ++</file> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# 8 is CURLE_WEIRD_SERVER_REPLY ++<errorcode> ++8 ++</errorcode> ++<protocol> ++A001 CAPABILITY
++A002 STARTTLS
++</protocol> ++</verify> ++</testcase> +diff --git a/tests/data/test982 b/tests/data/test982 +new file mode 100644 +index 0000000..9e07cc0 +--- /dev/null ++++ b/tests/data/test982 +@@ -0,0 +1,57 @@ ++<testcase> ++<info> ++<keywords> ++POP3 ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++CAPA STLS USER ++REPLY STLS -ERR currently unavailable\r\n+OK user accepted\r\n+OK authenticated ++REPLY PASS -ERR Authentication credentials invalid ++</servercmd> ++<data nocheck="yes"> ++From: me@somewhere ++To: fake@nowhere ++ ++body ++ ++-- ++ yours sincerely ++</data> ++</reply> ++ ++# ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++pop3 ++</server> ++ <name> ++POP3 STARTTLS pipelined server response ++ </name> ++ <command> ++pop3://%HOSTIP:%POP3PORT/%TESTNUMBER -u user:secret --ssl ++ </command> ++</client> ++ ++# ++# Verify data after the test has been "shot" ++<verify> ++# 8 is CURLE_WEIRD_SERVER_REPLY ++<errorcode> ++8 ++</errorcode> ++<protocol> ++CAPA
++STLS
++</protocol> ++</verify> ++</testcase> +diff --git a/tests/data/test983 b/tests/data/test983 +new file mode 100644 +index 0000000..300ec45 +--- /dev/null ++++ b/tests/data/test983 +@@ -0,0 +1,52 @@ ++<testcase> ++<info> ++<keywords> ++FTP ++STARTTLS ++</keywords> ++</info> ++ ++# ++# Server-side ++<reply> ++<servercmd> ++REPLY AUTH 500 unknown command\r\n500 unknown command\r\n331 give password\r\n230 Authenticated\r\n257 "/"\r\n200 OK\r\n200 OK\r\n200 OK\r\n226 Transfer complete ++REPLY PASS 530 Login incorrect ++</servercmd> ++</reply> ++ ++# Client-side ++<client> ++<features> ++SSL ++</features> ++<server> ++ftp ++</server> ++ <name> ++FTP STARTTLS pipelined server response ++ </name> ++<file name="log/test%TESTNUMBER.txt"> ++data ++ to ++ see ++that FTPS ++works ++ so does it? ++</file> ++ <command> ++--ssl --ftp-ssl-control ftp://%HOSTIP:%FTPPORT/%TESTNUMBER -T log/test%TESTNUMBER.txt -u user:secret -P %CLIENTIP ++</command> ++</client> ++ ++# Verify data after the test has been "shot" ++<verify> ++# 8 is CURLE_WEIRD_SERVER_REPLY ++<errorcode> ++8 ++</errorcode> ++<protocol> ++AUTH SSL
++</protocol> ++</verify> ++</testcase> +-- +2.34.1 + diff --git a/meta/recipes-support/curl/curl_7.75.0.bb b/meta/recipes-support/curl/curl_7.75.0.bb index d64e5e1f79..accede604c 100644 --- a/meta/recipes-support/curl/curl_7.75.0.bb +++ b/meta/recipes-support/curl/curl_7.75.0.bb @@ -21,6 +21,9 @@ SRC_URI = "https://curl.haxx.se/download/curl-${PV}.tar.bz2 \ file://CVE-2021-22901.patch \ file://CVE-2021-22924.patch \ file://CVE-2021-22926.patch \ + file://CVE-2021-22945.patch \ + file://CVE-2021-22946.patch \ + file://CVE-2021-22947.patch \ " SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb316d026" @@ -28,6 +31,10 @@ SRC_URI[sha256sum] = "50552d4501c178e4cc68baaecc487f466a3d6d19bbf4e50a01869effb3 # Curl has used many names over the years... CVE_PRODUCT = "haxx:curl haxx:libcurl curl:curl curl:libcurl libcurl:libcurl daniel_stenberg:curl" +# These only apply when using --with-libmetalink, but --without-libmetalink is +# set below. +CVE_CHECK_WHITELIST += "CVE-2021-22922 CVE-2021-22923" + inherit autotools pkgconfig binconfig multilib_header PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} gnutls libidn proxy threaded-resolver verbose zlib" @@ -65,6 +72,7 @@ PACKAGECONFIG[threaded-resolver] = "--enable-threaded-resolver,--disable-threade PACKAGECONFIG[verbose] = "--enable-verbose,--disable-verbose" PACKAGECONFIG[zlib] = "--with-zlib=${STAGING_LIBDIR}/../,--without-zlib,zlib" +# Keep --without-libmetalink to mitigate CVE-2021-22922 and CVE-2021-22923 EXTRA_OECONF = " \ --disable-libcurl-option \ --disable-ntlm-wb \ diff --git a/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb b/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb index 9005bdea59..e0a5499263 100644 --- a/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb +++ b/meta/recipes-support/dos2unix/dos2unix_7.4.2.bb @@ -8,7 +8,7 @@ SECTION = "support" LICENSE = "BSD-2-Clause" LIC_FILES_CHKSUM = "file://COPYING.txt;md5=8a7c3499a1142df819e727253cd53a12" -SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix" +SRC_URI = "git://git.code.sf.net/p/dos2unix/dos2unix;branch=master" UPSTREAM_CHECK_GITTAGREGEX = "dos2unix-(?P<pver>(\d+(\.\d+)+))" SRCREV = "72596f0ae21faa25a07a872d4843bc885475115d" diff --git a/meta/recipes-support/gmp/gmp/cve-2021-43618.patch b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch new file mode 100644 index 0000000000..095fb21eaa --- /dev/null +++ b/meta/recipes-support/gmp/gmp/cve-2021-43618.patch @@ -0,0 +1,27 @@ +CVE: CVE-2021-43618 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +# HG changeset patch +# User Marco Bodrato <bodrato@mail.dm.unipi.it> +# Date 1634836009 -7200 +# Node ID 561a9c25298e17bb01896801ff353546c6923dbd +# Parent e1fd9db13b475209a864577237ea4b9105b3e96e +mpz/inp_raw.c: Avoid bit size overflows + +diff -r e1fd9db13b47 -r 561a9c25298e mpz/inp_raw.c +--- a/mpz/inp_raw.c Tue Dec 22 23:49:51 2020 +0100 ++++ b/mpz/inp_raw.c Thu Oct 21 19:06:49 2021 +0200 +@@ -88,8 +88,11 @@ + + abs_csize = ABS (csize); + ++ if (UNLIKELY (abs_csize > ~(mp_bitcnt_t) 0 / 8)) ++ return 0; /* Bit size overflows */ ++ + /* round up to a multiple of limbs */ +- abs_xsize = BITS_TO_LIMBS (abs_csize*8); ++ abs_xsize = BITS_TO_LIMBS ((mp_bitcnt_t) abs_csize * 8); + + if (abs_xsize != 0) + { diff --git a/meta/recipes-support/gmp/gmp_6.2.1.bb b/meta/recipes-support/gmp/gmp_6.2.1.bb index 3c50f928ab..f97c588c31 100644 --- a/meta/recipes-support/gmp/gmp_6.2.1.bb +++ b/meta/recipes-support/gmp/gmp_6.2.1.bb @@ -12,6 +12,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \ file://use-includedir.patch \ file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \ file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \ + file://cve-2021-43618.patch \ " SRC_URI[md5sum] = "28971fc21cf028042d4897f02fd355ea" SRC_URI[sha256sum] = "eae9326beb4158c386e39a356818031bd28f3124cf915f8c5b1dc4c7a36b4d7c" diff --git a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb index e5c69c0c46..19f32e8d1f 100644 --- a/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb +++ b/meta/recipes-support/gnome-desktop-testing/gnome-desktop-testing_2018.1.bb @@ -9,7 +9,7 @@ LICENSE = "LGPLv2+" LIC_FILES_CHKSUM = "file://COPYING;md5=3bf50002aefd002f49e7bb854063f7e7 \ file://src/gnome-desktop-testing-runner.c;beginline=1;endline=20;md5=7ef3ad9da2ffcf7707dc11151fe007f4" -SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http" +SRC_URI = "git://gitlab.gnome.org/GNOME/gnome-desktop-testing.git;protocol=http;branch=master" SRCREV = "4decade67b29ad170fcf3de148e41695fc459f48" DEPENDS = "glib-2.0" diff --git a/meta/recipes-support/gnupg/gnupg_2.2.27.bb b/meta/recipes-support/gnupg/gnupg_2.2.27.bb index 1181c8341b..18bb855769 100644 --- a/meta/recipes-support/gnupg/gnupg_2.2.27.bb +++ b/meta/recipes-support/gnupg/gnupg_2.2.27.bb @@ -32,6 +32,7 @@ EXTRA_OECONF = "--disable-ldap \ --with-zlib=${STAGING_LIBDIR}/.. \ --with-bzip2=${STAGING_LIBDIR}/.. \ --with-readline=${STAGING_LIBDIR}/.. \ + --with-mailprog=${sbindir}/sendmail \ --enable-gpg-is-gpg2 \ " diff --git a/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch b/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch new file mode 100644 index 0000000000..1c46684c6d --- /dev/null +++ b/meta/recipes-support/gpgme/gpgme/0001-use-closefrom-on-linux-and-glibc-2.34.patch @@ -0,0 +1,24 @@ +From adb1d4e5498a19e9d591ac8f42f9ddfdb23a1354 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Thu, 15 Jul 2021 12:33:13 -0700 +Subject: [PATCH] use closefrom() on linux and glibc 2.34+ + +Upstream-Status: Pending +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + src/posix-io.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/posix-io.c b/src/posix-io.c +index e712ef2..ab8ded9 100644 +--- a/src/posix-io.c ++++ b/src/posix-io.c +@@ -570,7 +570,7 @@ _gpgme_io_spawn (const char *path, char *const argv[], unsigned int flags, + if (fd_list[i].fd > fd) + fd = fd_list[i].fd; + fd++; +-#if defined(__sun) || defined(__FreeBSD__) ++#if defined(__sun) || defined(__FreeBSD__) || (defined(__GLIBC__) && __GNUC_PREREQ(2, 34)) + closefrom (fd); + max_fds = fd; + #else /*!__sun */ diff --git a/meta/recipes-support/gpgme/gpgme_1.15.1.bb b/meta/recipes-support/gpgme/gpgme_1.15.1.bb index dc38aa8e3c..f207e81687 100644 --- a/meta/recipes-support/gpgme/gpgme_1.15.1.bb +++ b/meta/recipes-support/gpgme/gpgme_1.15.1.bb @@ -20,7 +20,8 @@ SRC_URI = "${GNUPG_MIRROR}/gpgme/${BP}.tar.bz2 \ file://0006-fix-build-path-issue.patch \ file://0007-python-Add-variables-to-tests.patch \ file://0008-do-not-auto-check-var-PYTHON.patch \ - " + file://0001-use-closefrom-on-linux-and-glibc-2.34.patch \ + " SRC_URI[sha256sum] = "eebc3c1b27f1c8979896ff361ba9bb4778b508b2496c2fc10e3775a40b1de1ad" diff --git a/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb b/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb index f915716ce7..cd27fb0b70 100644 --- a/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb +++ b/meta/recipes-support/iso-codes/iso-codes_4.6.0.bb @@ -20,3 +20,7 @@ S = "${WORKDIR}/git" inherit allarch autotools FILES_${PN} += "${datadir}/xml/" + +# remove at next version upgrade or when output changes +PR = "r1" +HASHEQUIV_HASH_VERSION .= ".1" diff --git a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb index fd3d8e09f2..c212d02651 100644 --- a/meta/recipes-support/libgcrypt/libgcrypt_1.9.3.bb +++ b/meta/recipes-support/libgcrypt/libgcrypt_1.9.4.bb @@ -27,7 +27,7 @@ SRC_URI = "${GNUPG_MIRROR}/libgcrypt/libgcrypt-${PV}.tar.bz2 \ file://0004-tests-Makefile.am-fix-undefined-reference-to-pthread.patch \ file://0001-Makefile.am-add-a-missing-space.patch \ " -SRC_URI[sha256sum] = "97ebe4f94e2f7e35b752194ce15a0f3c66324e0ff6af26659bbfb5ff2ec328fd" +SRC_URI[sha256sum] = "ea849c83a72454e3ed4267697e8ca03390aee972ab421e7df69dfe42b65caaf7" # Below whitelisted CVEs are disputed and not affecting crypto libraries for any distro. CVE_CHECK_WHITELIST += "CVE-2018-12433 CVE-2018-12438" diff --git a/meta/recipes-support/libgit2/libgit2_1.1.0.bb b/meta/recipes-support/libgit2/libgit2_1.1.0.bb index 2bbf59ea74..9b2eec9c9e 100644 --- a/meta/recipes-support/libgit2/libgit2_1.1.0.bb +++ b/meta/recipes-support/libgit2/libgit2_1.1.0.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=5b002a195fb7ea2d8d583f07eaff3a8e" DEPENDS = "curl openssl zlib libssh2 libgcrypt libpcre2" -SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.1" +SRC_URI = "git://github.com/libgit2/libgit2.git;branch=maint/v1.1;protocol=https" SRCREV = "7f4fa178629d559c037a1f72f79f79af9c1ef8ce" S = "${WORKDIR}/git" diff --git a/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb b/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb index 197bb787ac..f335abb261 100644 --- a/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb +++ b/meta/recipes-support/libjitterentropy/libjitterentropy_3.0.1.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=c69090e97c8fd6372d03099c0a5bc382 \ file://COPYING.gplv2;md5=eb723b61539feef013de476e68b5c50a \ file://COPYING.bsd;md5=66a5cedaf62c4b2637025f049f9b826f \ " -SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git" +SRC_URI = "git://github.com/smuellerDD/jitterentropy-library.git;branch=master;protocol=https" SRCREV = "747bf030b0ea9c44548b4e29bcfab7ae416675fc" S = "${WORKDIR}/git" diff --git a/meta/recipes-support/libpcre/libpcre2_10.36.bb b/meta/recipes-support/libpcre/libpcre2_10.36.bb index d8077a1224..d64822be30 100644 --- a/meta/recipes-support/libpcre/libpcre2_10.36.bb +++ b/meta/recipes-support/libpcre/libpcre2_10.36.bb @@ -10,7 +10,9 @@ SECTION = "devel" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENCE;md5=60c08fab1357bfe9084b333bc33362d6" -SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre2-${PV}.tar.bz2" +SRC_URI = "https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2" + +UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases" SRC_URI[sha256sum] = "a9ef39278113542968c7c73a31cfcb81aca1faa64690f400b907e8ab6b4a665c" diff --git a/meta/recipes-support/libpcre/libpcre_8.44.bb b/meta/recipes-support/libpcre/libpcre_8.44.bb index cd80dc7345..3267c5ad72 100644 --- a/meta/recipes-support/libpcre/libpcre_8.44.bb +++ b/meta/recipes-support/libpcre/libpcre_8.44.bb @@ -7,7 +7,7 @@ HOMEPAGE = "http://www.pcre.org" SECTION = "devel" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENCE;md5=3bb381a66a5385b246d4877922e7511e" -SRC_URI = "https://ftp.pcre.org/pub/pcre/pcre-${PV}.tar.bz2 \ +SRC_URI = "${SOURCEFORGE_MIRROR}/pcre/pcre-${PV}.tar.bz2 \ file://run-ptest \ file://Makefile \ " diff --git a/meta/recipes-support/libunistring/libunistring_0.9.10.bb b/meta/recipes-support/libunistring/libunistring_0.9.10.bb index 0a7b18ed08..589faacb05 100644 --- a/meta/recipes-support/libunistring/libunistring_0.9.10.bb +++ b/meta/recipes-support/libunistring/libunistring_0.9.10.bb @@ -18,6 +18,7 @@ LIC_FILES_CHKSUM = "file://COPYING.LIB;md5=6a6a8e020838b23406c81b19c1d46df6 \ file://README;beginline=45;endline=65;md5=08287d16ba8d839faed8d2dc14d7d6a5 \ file://doc/libunistring.texi;md5=287fa6075f78a3c85c1a52b0a92547cd \ " +DEPENDS = "gperf-native" SRC_URI = "${GNU_MIRROR}/libunistring/libunistring-${PV}.tar.gz \ file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ diff --git a/meta/recipes-support/libusb/libusb1_1.0.24.bb b/meta/recipes-support/libusb/libusb1_1.0.24.bb index 92e66b1b16..76a707b70f 100644 --- a/meta/recipes-support/libusb/libusb1_1.0.24.bb +++ b/meta/recipes-support/libusb/libusb1_1.0.24.bb @@ -1,7 +1,7 @@ SUMMARY = "Userspace library to access USB (version 1.0)" DESCRIPTION = "A cross-platform library to access USB devices from Linux, \ macOS, Windows, OpenBSD/NetBSD, Haiku and Solaris userspace." -HOMEPAGE = "http://libusb.sf.net" +HOMEPAGE = "https://libusb.info" BUGTRACKER = "http://www.libusb.org/report" SECTION = "libs" @@ -10,10 +10,12 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=fbc093901857fcd118f065f900982c24" BBCLASSEXTEND = "native nativesdk" -SRC_URI = "${SOURCEFORGE_MIRROR}/libusb/libusb-${PV}.tar.bz2 \ +SRC_URI = "https://github.com/libusb/libusb/releases/download/v${PV}/libusb-${PV}.tar.bz2 \ file://run-ptest \ " +UPSTREAM_CHECK_URI = "https://github.com/libusb/libusb/releases" + SRC_URI[sha256sum] = "7efd2685f7b327326dcfb85cee426d9b871fd70e22caa15bb68d595ce2a2b12a" S = "${WORKDIR}/libusb-${PV}" diff --git a/meta/recipes-support/lz4/lz4_1.9.3.bb b/meta/recipes-support/lz4/lz4_1.9.3.bb index 9d5dc0253a..15867023c3 100644 --- a/meta/recipes-support/lz4/lz4_1.9.3.bb +++ b/meta/recipes-support/lz4/lz4_1.9.3.bb @@ -12,7 +12,7 @@ PE = "1" SRCREV = "d44371841a2f1728a3f36839fd4b7e872d0927d3" -SRC_URI = "git://github.com/lz4/lz4.git;branch=release \ +SRC_URI = "git://github.com/lz4/lz4.git;branch=release;protocol=https \ file://run-ptest \ file://CVE-2021-3520.patch \ " diff --git a/meta/recipes-support/numactl/numactl_git.bb b/meta/recipes-support/numactl/numactl_git.bb index 6c8a667a41..a0e72253a1 100644 --- a/meta/recipes-support/numactl/numactl_git.bb +++ b/meta/recipes-support/numactl/numactl_git.bb @@ -13,7 +13,7 @@ LIC_FILES_CHKSUM = "file://README.md;beginline=19;endline=32;md5=f8ff2391624f28e SRCREV = "dd6de072c92c892a86e18c0fd0dfa1ba57a9a05d" PV = "2.0.14" -SRC_URI = "git://github.com/numactl/numactl \ +SRC_URI = "git://github.com/numactl/numactl;branch=master;protocol=https \ file://Fix-the-test-output-format.patch \ file://Makefile \ file://run-ptest \ diff --git a/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb b/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb index 623afccb5e..5f1b73ee16 100644 --- a/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb +++ b/meta/recipes-support/p11-kit/p11-kit_0.23.22.bb @@ -10,7 +10,7 @@ DEPENDS = "libtasn1 libtasn1-native libffi" DEPENDS_append = "${@' glib-2.0' if d.getVar('GTKDOC_ENABLED') == 'True' else ''}" -SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23" +SRC_URI = "git://github.com/p11-glue/p11-kit;branch=0.23;protocol=https" SRCREV = "bd97afbfe28d5fbbde95ce36ff7a8834fc0291ee" S = "${WORKDIR}/git" diff --git a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb index b14b947f97..6544b374c2 100644 --- a/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb +++ b/meta/recipes-support/ptest-runner/ptest-runner_2.4.2.bb @@ -10,7 +10,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=751419260aa954499f7abaabaa882bbe" SRCREV = "bcb82804daa8f725b6add259dcef2067e61a75aa" PV .= "+git${SRCPV}" -SRC_URI = "git://git.yoctoproject.org/ptest-runner2 \ +SRC_URI = "git://git.yoctoproject.org/ptest-runner2;branch=master \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-support/rng-tools/rng-tools/rngd.service b/meta/recipes-support/rng-tools/rng-tools/rngd.service index 0559b97991..568686e80e 100644 --- a/meta/recipes-support/rng-tools/rng-tools/rngd.service +++ b/meta/recipes-support/rng-tools/rng-tools/rngd.service @@ -3,6 +3,7 @@ Description=Hardware RNG Entropy Gatherer Daemon DefaultDependencies=no After=systemd-udev-settle.service Before=sysinit.target shutdown.target +Wants=systemd-udev-settle.service Conflicts=shutdown.target [Service] diff --git a/meta/recipes-support/rng-tools/rng-tools_6.11.bb b/meta/recipes-support/rng-tools/rng-tools_6.11.bb index 61a0cef2e0..bc98efa3c6 100644 --- a/meta/recipes-support/rng-tools/rng-tools_6.11.bb +++ b/meta/recipes-support/rng-tools/rng-tools_6.11.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "sysfsutils openssl" SRC_URI = "\ - git://github.com/nhorman/rng-tools.git \ + git://github.com/nhorman/rng-tools.git;branch=master;protocol=https \ file://init \ file://default \ file://rngd.service \ diff --git a/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb b/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb index ff32259d8e..9eb70b7e65 100644 --- a/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb +++ b/meta/recipes-support/shared-mime-info/shared-mime-info_git.bb @@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "libxml2 itstool-native glib-2.0 shared-mime-info-native xmlto-native" -SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https" +SRC_URI = "git://gitlab.freedesktop.org/xdg/shared-mime-info.git;protocol=https;branch=master" SRCREV = "18e558fa1c8b90b86757ade09a4ba4d6a6cf8f70" PV = "2.1" S = "${WORKDIR}/git" diff --git a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch index 63a7b78f12..2fc11dbdc2 100644 --- a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch +++ b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch @@ -16,11 +16,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com> src/Makefile | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) -diff --git a/src/Makefile b/src/Makefile -index f2fafa4dc..7148d4bd9 100644 ---- a/src/Makefile -+++ b/src/Makefile -@@ -2845,16 +2845,10 @@ auto/pathdef.c: Makefile auto/config.mk +Index: git/src/Makefile +=================================================================== +--- git.orig/src/Makefile ++++ git/src/Makefile +@@ -3101,16 +3101,10 @@ auto/pathdef.c: Makefile auto/config.mk -@echo '#include "vim.h"' >> $@ -@echo 'char_u *default_vim_dir = (char_u *)"$(VIMRCLOC)";' | $(QUOTESED) >> $@ -@echo 'char_u *default_vimruntime_dir = (char_u *)"$(VIMRUNTIMEDIR)";' | $(QUOTESED) >> $@ @@ -41,6 +41,3 @@ index f2fafa4dc..7148d4bd9 100644 -@sh $(srcdir)/pathdef.sh GUI_GTK_RES_INPUTS = \ --- -2.17.1 - diff --git a/meta/recipes-support/vim/files/CVE-2021-3778.patch b/meta/recipes-support/vim/files/CVE-2021-3778.patch deleted file mode 100644 index 04ac413e56..0000000000 --- a/meta/recipes-support/vim/files/CVE-2021-3778.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 9ba62f1042513fcadcc4e8fdcee171db66ef1d69 Mon Sep 17 00:00:00 2001 -From: Bram Moolenaar <Bram@vim.org> -Date: Fri, 24 Sep 2021 15:15:24 +0800 -Subject: [PATCH] patch 8.2.3409: reading beyond end of line with invalid utf-8 - character - -Problem: Reading beyond end of line with invalid utf-8 character. -Solution: Check for NUL when advancing. - -Upstream-Status: Backport [https://github.com/vim/vim/commit/65b605665997fad54ef39a93199e305af2fe4d7f] -CVE: CVE-2021-3778 - -Signed-off-by: Mingli Yu <mingli.yu@windriver.com> ---- - src/regexp_nfa.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/src/regexp_nfa.c b/src/regexp_nfa.c -index fb512f961..2806408de 100644 ---- a/src/regexp_nfa.c -+++ b/src/regexp_nfa.c -@@ -5455,7 +5455,8 @@ find_match_text(colnr_T startcol, int regstart, char_u *match_text) - match = FALSE; - break; - } -- len2 += MB_CHAR2LEN(c2); -+ len2 += enc_utf8 ? utf_ptr2len(rex.line + col + len2) -+ : MB_CHAR2LEN(c2); - } - if (match - // check that no composing char follows --- -2.17.1 - diff --git a/meta/recipes-support/vim/files/CVE-2021-3875.patch b/meta/recipes-support/vim/files/CVE-2021-3875.patch new file mode 100644 index 0000000000..d62d875f8e --- /dev/null +++ b/meta/recipes-support/vim/files/CVE-2021-3875.patch @@ -0,0 +1,37 @@ +From 40aa9802ef56d3cdbe256b4c9e58049953051a2d Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar <Bram@vim.org> +Date: Mon, 15 Nov 2021 14:34:50 +0800 +Subject: [PATCH] patch 8.2.3489: ml_get error after search with range + +Problem: ml_get error after search with range. +Solution: Limit the line number to the buffer line count. + +CVE: CVE-2021-3875 + +Upstream-Status: Backport [https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/ex_docmd.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index fb07450f8..89d33ba90 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -3586,8 +3586,10 @@ get_address( + + // When '/' or '?' follows another address, start from + // there. +- if (lnum != MAXLNUM) +- curwin->w_cursor.lnum = lnum; ++ if (lnum > 0 && lnum != MAXLNUM) ++ curwin->w_cursor.lnum = ++ lnum > curbuf->b_ml.ml_line_count ++ ? curbuf->b_ml.ml_line_count : lnum; + + // Start a forward search at the end of the line (unless + // before the first line). +-- +2.17.1 + diff --git a/meta/recipes-support/vim/files/CVE-2021-3903.patch b/meta/recipes-support/vim/files/CVE-2021-3903.patch new file mode 100644 index 0000000000..fb45857de8 --- /dev/null +++ b/meta/recipes-support/vim/files/CVE-2021-3903.patch @@ -0,0 +1,38 @@ +From a366598006f4d7bf9b4fbcd334a2e5078dcb6ad8 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar <Bram@vim.org> +Date: Fri, 12 Nov 2021 02:23:38 +0000 +Subject: [PATCH] =?UTF-8?q?patch=208.2.3564:=20invalid=20memory=20access?= + =?UTF-8?q?=20when=20scrolling=20without=20valid=20sc=E2=80=A6?= +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +…reen + +Problem: Invalid memory access when scrolling without a valid screen. +Solution: Do not set VALID_BOTLINE in w_valid. + +CVE: CVE-2021-3903 + +Upstream-Status: Backport [https://github.com/vim/vim/commit/777e7c21b7627be80961848ac560cb0a9978ff43] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/move.c | 1 - + 1 file changed, 1 deletion(-) + +diff --git a/src/move.c b/src/move.c +index 8e53d8bcb..10165ef4d 100644 +--- a/src/move.c ++++ b/src/move.c +@@ -198,7 +198,6 @@ update_topline(void) + { + curwin->w_topline = curwin->w_cursor.lnum; + curwin->w_botline = curwin->w_topline; +- curwin->w_valid |= VALID_BOTLINE|VALID_BOTLINE_AP; + curwin->w_scbind_pos = 1; + return; + } +-- +2.31.1 + diff --git a/meta/recipes-support/vim/files/CVE-2021-3927.patch b/meta/recipes-support/vim/files/CVE-2021-3927.patch new file mode 100644 index 0000000000..90b1b6b82e --- /dev/null +++ b/meta/recipes-support/vim/files/CVE-2021-3927.patch @@ -0,0 +1,32 @@ +From f334a87204b4aab76536063b37b4d4a10be46a3a Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar <Bram@vim.org> +Date: Wed, 17 Nov 2021 11:09:48 +0800 +Subject: [PATCH] patch 8.2.3581: reading character past end of line + +Problem: Reading character past end of line. +Solution: Correct the cursor column. + +CVE: CVE-2021-3927 + +Upstream-Status: Backport [https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/ex_docmd.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/ex_docmd.c b/src/ex_docmd.c +index 89d33ba90..54d7f4cb3 100644 +--- a/src/ex_docmd.c ++++ b/src/ex_docmd.c +@@ -6905,6 +6905,7 @@ ex_put(exarg_T *eap) + eap->forceit = TRUE; + } + curwin->w_cursor.lnum = eap->line2; ++ check_cursor_col(); + do_put(eap->regname, eap->forceit ? BACKWARD : FORWARD, 1L, + PUT_LINE|PUT_CURSLINE); + } +-- +2.17.1 + diff --git a/meta/recipes-support/vim/files/CVE-2021-3928.patch b/meta/recipes-support/vim/files/CVE-2021-3928.patch new file mode 100644 index 0000000000..8672367ab9 --- /dev/null +++ b/meta/recipes-support/vim/files/CVE-2021-3928.patch @@ -0,0 +1,34 @@ +From ad7f7a3f81077ddfac451acd33ca049b9f2a5178 Mon Sep 17 00:00:00 2001 +From: Bram Moolenaar <Bram@vim.org> +Date: Wed, 17 Nov 2021 11:22:21 +0800 +Subject: [PATCH] patch 8.2.3582: reading uninitialized memory when giving + spell suggestions + +Problem: Reading uninitialized memory when giving spell suggestions. +Solution: Check that preword is not empty. + +CVE: CVE-2021-3928 + +Upstream-Status: Backport [https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732] + +Signed-off-by: Mingli Yu <mingli.yu@windriver.com> +--- + src/spellsuggest.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/spellsuggest.c b/src/spellsuggest.c +index 9d6df7930..88307b203 100644 +--- a/src/spellsuggest.c ++++ b/src/spellsuggest.c +@@ -1600,7 +1600,7 @@ suggest_trie_walk( + // char, e.g., "thes," -> "these". + p = fword + sp->ts_fidx; + MB_PTR_BACK(fword, p); +- if (!spell_iswordp(p, curwin)) ++ if (!spell_iswordp(p, curwin) && *preword != NUL) + { + p = preword + STRLEN(preword); + MB_PTR_BACK(preword, p); +-- +2.17.1 + diff --git a/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch b/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch deleted file mode 100644 index 1cee759502..0000000000 --- a/meta/recipes-support/vim/files/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch +++ /dev/null @@ -1,207 +0,0 @@ -From b7081e135a16091c93f6f5f7525a5c58fb7ca9f9 Mon Sep 17 00:00:00 2001 -From: Bram Moolenaar <Bram@vim.org> -Date: Sat, 4 Sep 2021 18:47:28 +0200 -Subject: [PATCH] patch 8.2.3402: invalid memory access when using :retab with - large value - -Problem: Invalid memory access when using :retab with large value. -Solution: Check the number is positive. - -CVE: CVE-2021-3770 -Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> -Upstream-Status: Backport [https://github.com/vim/vim/commit/b7081e135a16091c93f6f5f7525a5c58fb7ca9f9] ---- - src/indent.c | 34 +++++++++++++++++++++------------- - src/option.c | 12 ++++++------ - src/optionstr.c | 4 ++-- - src/testdir/test_retab.vim | 3 +++ - src/version.c | 2 ++ - 5 files changed, 34 insertions(+), 21 deletions(-) - -Index: git/src/indent.c -=================================================================== ---- git.orig/src/indent.c -+++ git/src/indent.c -@@ -18,18 +18,19 @@ - /* - * Set the integer values corresponding to the string setting of 'vartabstop'. - * "array" will be set, caller must free it if needed. -+ * Return FAIL for an error. - */ - int - tabstop_set(char_u *var, int **array) - { -- int valcount = 1; -- int t; -- char_u *cp; -+ int valcount = 1; -+ int t; -+ char_u *cp; - - if (var[0] == NUL || (var[0] == '0' && var[1] == NUL)) - { - *array = NULL; -- return TRUE; -+ return OK; - } - - for (cp = var; *cp != NUL; ++cp) -@@ -43,8 +44,8 @@ tabstop_set(char_u *var, int **array) - if (cp != end) - emsg(_(e_positive)); - else -- emsg(_(e_invarg)); -- return FALSE; -+ semsg(_(e_invarg2), cp); -+ return FAIL; - } - } - -@@ -55,26 +56,33 @@ tabstop_set(char_u *var, int **array) - ++valcount; - continue; - } -- emsg(_(e_invarg)); -- return FALSE; -+ semsg(_(e_invarg2), var); -+ return FAIL; - } - - *array = ALLOC_MULT(int, valcount + 1); - if (*array == NULL) -- return FALSE; -+ return FAIL; - (*array)[0] = valcount; - - t = 1; - for (cp = var; *cp != NUL;) - { -- (*array)[t++] = atoi((char *)cp); -- while (*cp != NUL && *cp != ',') -+ int n = atoi((char *)cp); -+ -+ if (n < 0 || n > 9999) -+ { -+ semsg(_(e_invarg2), cp); -+ return FAIL; -+ } -+ (*array)[t++] = n; -+ while (*cp != NUL && *cp != ',') - ++cp; - if (*cp != NUL) - ++cp; - } - -- return TRUE; -+ return OK; - } - - /* -@@ -1556,7 +1564,7 @@ ex_retab(exarg_T *eap) - - #ifdef FEAT_VARTABS - new_ts_str = eap->arg; -- if (!tabstop_set(eap->arg, &new_vts_array)) -+ if (tabstop_set(eap->arg, &new_vts_array) == FAIL) - return; - while (vim_isdigit(*(eap->arg)) || *(eap->arg) == ',') - ++(eap->arg); -Index: git/src/option.c -=================================================================== ---- git.orig/src/option.c -+++ git/src/option.c -@@ -2292,9 +2292,9 @@ didset_options2(void) - #endif - #ifdef FEAT_VARTABS - vim_free(curbuf->b_p_vsts_array); -- tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); -+ (void)tabstop_set(curbuf->b_p_vsts, &curbuf->b_p_vsts_array); - vim_free(curbuf->b_p_vts_array); -- tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); -+ (void)tabstop_set(curbuf->b_p_vts, &curbuf->b_p_vts_array); - #endif - } - -@@ -5756,7 +5756,7 @@ buf_copy_options(buf_T *buf, int flags) - buf->b_p_vsts = vim_strsave(p_vsts); - COPY_OPT_SCTX(buf, BV_VSTS); - if (p_vsts && p_vsts != empty_option) -- tabstop_set(p_vsts, &buf->b_p_vsts_array); -+ (void)tabstop_set(p_vsts, &buf->b_p_vsts_array); - else - buf->b_p_vsts_array = 0; - buf->b_p_vsts_nopaste = p_vsts_nopaste -@@ -5914,7 +5914,7 @@ buf_copy_options(buf_T *buf, int flags) - buf->b_p_isk = save_p_isk; - #ifdef FEAT_VARTABS - if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) -- tabstop_set(p_vts, &buf->b_p_vts_array); -+ (void)tabstop_set(p_vts, &buf->b_p_vts_array); - else - buf->b_p_vts_array = NULL; - #endif -@@ -5929,7 +5929,7 @@ buf_copy_options(buf_T *buf, int flags) - buf->b_p_vts = vim_strsave(p_vts); - COPY_OPT_SCTX(buf, BV_VTS); - if (p_vts && p_vts != empty_option && !buf->b_p_vts_array) -- tabstop_set(p_vts, &buf->b_p_vts_array); -+ (void)tabstop_set(p_vts, &buf->b_p_vts_array); - else - buf->b_p_vts_array = NULL; - #endif -@@ -6634,7 +6634,7 @@ paste_option_changed(void) - if (buf->b_p_vsts_array) - vim_free(buf->b_p_vsts_array); - if (buf->b_p_vsts && buf->b_p_vsts != empty_option) -- tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); -+ (void)tabstop_set(buf->b_p_vsts, &buf->b_p_vsts_array); - else - buf->b_p_vsts_array = 0; - #endif -Index: git/src/optionstr.c -=================================================================== ---- git.orig/src/optionstr.c -+++ git/src/optionstr.c -@@ -2166,7 +2166,7 @@ did_set_string_option( - if (errmsg == NULL) - { - int *oldarray = curbuf->b_p_vsts_array; -- if (tabstop_set(*varp, &(curbuf->b_p_vsts_array))) -+ if (tabstop_set(*varp, &(curbuf->b_p_vsts_array)) == OK) - { - if (oldarray) - vim_free(oldarray); -@@ -2205,7 +2205,7 @@ did_set_string_option( - { - int *oldarray = curbuf->b_p_vts_array; - -- if (tabstop_set(*varp, &(curbuf->b_p_vts_array))) -+ if (tabstop_set(*varp, &(curbuf->b_p_vts_array)) == OK) - { - vim_free(oldarray); - #ifdef FEAT_FOLDING -Index: git/src/testdir/test_retab.vim -=================================================================== ---- git.orig/src/testdir/test_retab.vim -+++ git/src/testdir/test_retab.vim -@@ -74,4 +74,7 @@ endfunc - func Test_retab_error() - call assert_fails('retab -1', 'E487:') - call assert_fails('retab! -1', 'E487:') -+ call assert_fails('ret -1000', 'E487:') -+ call assert_fails('ret 10000', 'E475:') -+ call assert_fails('ret 80000000000000000000', 'E475:') - endfunc -Index: git/src/version.c -=================================================================== ---- git.orig/src/version.c -+++ git/src/version.c -@@ -743,6 +743,8 @@ static char *(features[]) = - static int included_patches[] = - { /* Add new patch number below this line */ - /**/ -+ 3402, -+/**/ - 0 - }; - diff --git a/meta/recipes-support/vim/files/disable_acl_header_check.patch b/meta/recipes-support/vim/files/disable_acl_header_check.patch index 33089162b4..533138245d 100644 --- a/meta/recipes-support/vim/files/disable_acl_header_check.patch +++ b/meta/recipes-support/vim/files/disable_acl_header_check.patch @@ -13,11 +13,11 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com> src/configure.ac | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) -diff --git a/src/configure.ac b/src/configure.ac -index 2d409b3ca06a..dbcaf6140263 100644 ---- a/src/configure.ac -+++ b/src/configure.ac -@@ -3257,7 +3257,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h string.h \ +Index: git/src/configure.ac +=================================================================== +--- git.orig/src/configure.ac ++++ git/src/configure.ac +@@ -3292,7 +3292,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h strin sys/systeminfo.h locale.h sys/stream.h termios.h \ libc.h sys/statfs.h poll.h sys/poll.h pwd.h \ utime.h sys/param.h sys/ptms.h libintl.h libgen.h \ @@ -26,7 +26,7 @@ index 2d409b3ca06a..dbcaf6140263 100644 sys/access.h sys/sysinfo.h wchar.h wctype.h) dnl sys/ptem.h depends on sys/stream.h on Solaris -@@ -3886,6 +3886,7 @@ AC_ARG_ENABLE(acl, +@@ -3974,6 +3974,7 @@ AC_ARG_ENABLE(acl, , [enable_acl="yes"]) if test "$enable_acl" = "yes"; then AC_MSG_RESULT(no) @@ -34,6 +34,3 @@ index 2d409b3ca06a..dbcaf6140263 100644 AC_CHECK_LIB(posix1e, acl_get_file, [LIBS="$LIBS -lposix1e"], AC_CHECK_LIB(acl, acl_get_file, [LIBS="$LIBS -lacl" AC_CHECK_LIB(attr, fgetxattr, LIBS="$LIBS -lattr",,)],,),) --- -2.7.4 - diff --git a/meta/recipes-support/vim/files/no-path-adjust.patch b/meta/recipes-support/vim/files/no-path-adjust.patch index 05c2d803f6..9d6da80913 100644 --- a/meta/recipes-support/vim/files/no-path-adjust.patch +++ b/meta/recipes-support/vim/files/no-path-adjust.patch @@ -7,9 +7,11 @@ Upstream-Status: Pending Signed-off-by: Joe Slater <joe.slater@windriver.com> ---- a/src/Makefile -+++ b/src/Makefile -@@ -2507,11 +2507,14 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_ +Index: git/src/Makefile +=================================================================== +--- git.orig/src/Makefile ++++ git/src/Makefile +@@ -2565,11 +2565,14 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_ rm -rf $$cvs; \ fi -chmod $(FILEMOD) $(DEST_TOOLS)/* diff --git a/meta/recipes-support/vim/files/racefix.patch b/meta/recipes-support/vim/files/racefix.patch index 48dca44cad..1cb8fb442f 100644 --- a/meta/recipes-support/vim/files/racefix.patch +++ b/meta/recipes-support/vim/files/racefix.patch @@ -9,9 +9,9 @@ Index: git/src/po/Makefile =================================================================== --- git.orig/src/po/Makefile +++ git/src/po/Makefile -@@ -165,17 +165,16 @@ $(PACKAGE).pot: ../*.c ../if_perl.xs ../ - po/gvim.desktop.in po/vim.desktop.in - mv -f ../$(PACKAGE).po $(PACKAGE).pot +@@ -207,17 +207,16 @@ $(PACKAGE).pot: $(PO_INPUTLIST) $(PO_VIM + # Delete the temporary files + rm *.js -vim.desktop: vim.desktop.in $(POFILES) +LINGUAS: diff --git a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch b/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch index 37914d4cd9..5284ba45b6 100644 --- a/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch +++ b/meta/recipes-support/vim/files/vim-add-knob-whether-elf.h-are-checked.patch @@ -14,11 +14,11 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com> src/configure.ac | 7 +++++++ 1 file changed, 7 insertions(+) -diff --git a/src/configure.ac b/src/configure.ac -index 0ee86ad..64736f0 100644 ---- a/src/configure.ac -+++ b/src/configure.ac -@@ -3192,11 +3192,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [int x __attribute__((unused));], +Index: git/src/configure.ac +=================================================================== +--- git.orig/src/configure.ac ++++ git/src/configure.ac +@@ -3264,11 +3264,18 @@ AC_TRY_COMPILE([#include <stdio.h>], [in AC_MSG_RESULT(no)) dnl Checks for header files. @@ -37,6 +37,3 @@ index 0ee86ad..64736f0 100644 AC_HEADER_DIRENT --- -2.7.4 - diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index e04c653fe3..c124596e8d 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -8,21 +8,21 @@ BUGTRACKER = "https://github.com/vim/vim/issues" DEPENDS = "ncurses gettext-native" # vimdiff doesn't like busybox diff RSUGGESTS_${PN} = "diffutils" + LICENSE = "vim" -LIC_FILES_CHKSUM = "file://runtime/doc/uganda.txt;endline=287;md5=a19edd7ec70d573a005d9e509375a99a" +LIC_FILES_CHKSUM = "file://LICENSE;md5=6b30ea4fa660c483b619924bc709ef99 \ + file://runtime/doc/uganda.txt;md5=a3f193c20c6faff93c69185d5d070535" -SRC_URI = "git://github.com/vim/vim.git \ +SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://disable_acl_header_check.patch \ file://vim-add-knob-whether-elf.h-are-checked.patch \ file://0001-src-Makefile-improve-reproducibility.patch \ file://no-path-adjust.patch \ file://racefix.patch \ - file://CVE-2021-3778.patch \ - file://CVE-2021-3796.patch \ - file://b7081e135a16091c93f6f5f7525a5c58fb7ca9f9.patch \ " -SRCREV = "98056533b96b6b5d8849641de93185dd7bcadc44" +PV .= ".4524" +SRCREV = "d8f8629b1bf566e1dada7515e9b146c69e5d9757" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0" diff --git a/meta/recipes-support/xxhash/xxhash_0.8.0.bb b/meta/recipes-support/xxhash/xxhash_0.8.0.bb index 9e38872361..daa1bc26de 100644 --- a/meta/recipes-support/xxhash/xxhash_0.8.0.bb +++ b/meta/recipes-support/xxhash/xxhash_0.8.0.bb @@ -5,7 +5,7 @@ HOMEPAGE = "http://www.xxhash.com/" LICENSE = "BSD-2-Clause & GPL-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=b335320506abb0505437e39295e799cb" -SRC_URI = "git://github.com/Cyan4973/xxHash.git;branch=release;protocol=git" +SRC_URI = "git://github.com/Cyan4973/xxHash.git;branch=release;protocol=https" UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+(\.\d+)+)" SRCREV = "94e5f23e736f2bb67ebdf90727353e65344f9fc0" diff --git a/scripts/buildhistory-diff b/scripts/buildhistory-diff index 3bd40a2a1e..a6e785aa23 100755 --- a/scripts/buildhistory-diff +++ b/scripts/buildhistory-diff @@ -11,7 +11,6 @@ import sys import os import argparse -from distutils.version import LooseVersion # Ensure PythonGit is installed (buildhistory_analysis needs it) try: @@ -73,10 +72,6 @@ def main(): parser = get_args_parser() args = parser.parse_args() - if LooseVersion(git.__version__) < '0.3.1': - sys.stderr.write("Version of GitPython is too old, please install GitPython (python-git) 0.3.1 or later in order to use this script\n") - sys.exit(1) - if len(args.revisions) > 2: sys.stderr.write('Invalid argument(s) specified: %s\n\n' % ' '.join(args.revisions[2:])) parser.print_help() diff --git a/scripts/contrib/convert-srcuri.py b/scripts/contrib/convert-srcuri.py new file mode 100755 index 0000000000..587392334f --- /dev/null +++ b/scripts/contrib/convert-srcuri.py @@ -0,0 +1,77 @@ +#!/usr/bin/env python3 +# +# Conversion script to update SRC_URI to add branch to git urls +# +# Copyright (C) 2021 Richard Purdie +# +# SPDX-License-Identifier: GPL-2.0-only +# + +import re +import os +import sys +import tempfile +import shutil +import mimetypes + +if len(sys.argv) < 2: + print("Please specify a directory to run the conversion script against.") + sys.exit(1) + +def processfile(fn): + def matchline(line): + if "MIRROR" in line or ".*" in line or "GNOME_GIT" in line: + return False + return True + print("processing file '%s'" % fn) + try: + if "distro_alias.inc" in fn or "linux-yocto-custom.bb" in fn: + return + fh, abs_path = tempfile.mkstemp() + modified = False + with os.fdopen(fh, 'w') as new_file: + with open(fn, "r") as old_file: + for line in old_file: + if ("git://" in line or "gitsm://" in line) and "branch=" not in line and matchline(line): + if line.endswith('"\n'): + line = line.replace('"\n', ';branch=master"\n') + elif re.search('\s*\\\\$', line): + line = re.sub('\s*\\\\$', ';branch=master \\\\', line) + modified = True + if ("git://" in line or "gitsm://" in line) and "github.com" in line and "protocol=https" not in line and matchline(line): + if "protocol=git" in line: + line = line.replace('protocol=git', 'protocol=https') + elif line.endswith('"\n'): + line = line.replace('"\n', ';protocol=https"\n') + elif re.search('\s*\\\\$', line): + line = re.sub('\s*\\\\$', ';protocol=https \\\\', line) + modified = True + new_file.write(line) + if modified: + shutil.copymode(fn, abs_path) + os.remove(fn) + shutil.move(abs_path, fn) + except UnicodeDecodeError: + pass + +ourname = os.path.basename(sys.argv[0]) +ourversion = "0.1" + +if os.path.isfile(sys.argv[1]): + processfile(sys.argv[1]) + sys.exit(0) + +for targetdir in sys.argv[1:]: + print("processing directory '%s'" % targetdir) + for root, dirs, files in os.walk(targetdir): + for name in files: + if name == ourname: + continue + fn = os.path.join(root, name) + if os.path.islink(fn): + continue + if "/.git/" in fn or fn.endswith(".html") or fn.endswith(".patch") or fn.endswith(".m4") or fn.endswith(".diff"): + continue + processfile(fn) + +print("All files processed with version %s" % ourversion) diff --git a/scripts/lib/checklayer/cases/common.py b/scripts/lib/checklayer/cases/common.py index b82304e361..4495f71b24 100644 --- a/scripts/lib/checklayer/cases/common.py +++ b/scripts/lib/checklayer/cases/common.py @@ -14,7 +14,7 @@ class CommonCheckLayer(OECheckLayerTestCase): # The top-level README file may have a suffix (like README.rst or README.txt). readme_files = glob.glob(os.path.join(self.tc.layer['path'], '[Rr][Ee][Aa][Dd][Mm][Ee]*')) self.assertTrue(len(readme_files) > 0, - msg="Layer doesn't contains README file.") + msg="Layer doesn't contain a README file.") # There might be more than one file matching the file pattern above # (for example, README.rst and README-COPYING.rst). The one with the shortest diff --git a/scripts/lib/devtool/deploy.py b/scripts/lib/devtool/deploy.py index 833322571f..e14a587417 100644 --- a/scripts/lib/devtool/deploy.py +++ b/scripts/lib/devtool/deploy.py @@ -170,7 +170,7 @@ def deploy(args, config, basepath, workspace): srcdir = recipe_outdir recipe_outdir = os.path.join(rd.getVar('WORKDIR'), 'devtool-deploy-target-stripped') if os.path.isdir(recipe_outdir): - bb.utils.remove(recipe_outdir, True) + exec_fakeroot(rd, "rm -rf %s" % recipe_outdir, shell=True) exec_fakeroot(rd, "cp -af %s %s" % (os.path.join(srcdir, '.'), recipe_outdir), shell=True) os.environ['PATH'] = ':'.join([os.environ['PATH'], rd.getVar('PATH') or '']) oe.package.strip_execs(args.recipename, recipe_outdir, rd.getVar('STRIP'), rd.getVar('libdir'), diff --git a/scripts/lib/recipetool/create.py b/scripts/lib/recipetool/create.py index 566c75369a..b9f9c80367 100644 --- a/scripts/lib/recipetool/create.py +++ b/scripts/lib/recipetool/create.py @@ -366,7 +366,7 @@ def supports_srcrev(uri): def reformat_git_uri(uri): '''Convert any http[s]://....git URI into git://...;protocol=http[s]''' checkuri = uri.split(';', 1)[0] - if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://github.com/[^/]+/[^/]+/?$', checkuri): + if checkuri.endswith('.git') or '/git/' in checkuri or re.match('https?://git(hub|lab).com/[^/]+/[^/]+/?$', checkuri): # Appends scheme if the scheme is missing if not '://' in uri: uri = 'git://' + uri @@ -435,7 +435,7 @@ def create_recipe(args): if args.binary: # Assume the archive contains the directory structure verbatim # so we need to extract to a subdirectory - fetchuri += ';subdir=${BP}' + fetchuri += ';subdir=${BPN}' srcuri = fetchuri rev_re = re.compile(';rev=([^;]+)') res = rev_re.search(srcuri) @@ -478,6 +478,9 @@ def create_recipe(args): storeTagName = params['tag'] params['nobranch'] = '1' del params['tag'] + # Assume 'master' branch if not set + if scheme in ['git', 'gitsm'] and 'branch' not in params and 'nobranch' not in params: + params['branch'] = 'master' fetchuri = bb.fetch2.encodeurl((scheme, network, path, user, passwd, params)) tmpparent = tinfoil.config_data.getVar('BASE_WORKDIR') @@ -527,10 +530,9 @@ def create_recipe(args): # Remove HEAD reference point and drop remote prefix get_branch = [x.split('/', 1)[1] for x in get_branch if not x.startswith('origin/HEAD')] if 'master' in get_branch: - # If it is master, we do not need to append 'branch=master' as this is default. # Even with the case where get_branch has multiple objects, if 'master' is one # of them, we should default take from 'master' - srcbranch = '' + srcbranch = 'master' elif len(get_branch) == 1: # If 'master' isn't in get_branch and get_branch contains only ONE object, then store result into 'srcbranch' srcbranch = get_branch[0] @@ -543,8 +545,8 @@ def create_recipe(args): # Since we might have a value in srcbranch, we need to # recontruct the srcuri to include 'branch' in params. scheme, network, path, user, passwd, params = bb.fetch2.decodeurl(srcuri) - if srcbranch: - params['branch'] = srcbranch + if scheme in ['git', 'gitsm']: + params['branch'] = srcbranch or 'master' if storeTagName and scheme in ['git', 'gitsm']: # Check srcrev using tag and check validity of the tag @@ -603,7 +605,7 @@ def create_recipe(args): splitline = line.split() if len(splitline) > 1: if splitline[0] == 'origin' and scriptutils.is_src_url(splitline[1]): - srcuri = reformat_git_uri(splitline[1]) + srcuri = reformat_git_uri(splitline[1]) + ';branch=master' srcsubdir = 'git' break diff --git a/scripts/lib/recipetool/create_buildsys.py b/scripts/lib/recipetool/create_buildsys.py index 35a97c9345..5015634476 100644 --- a/scripts/lib/recipetool/create_buildsys.py +++ b/scripts/lib/recipetool/create_buildsys.py @@ -545,7 +545,7 @@ class AutotoolsRecipeHandler(RecipeHandler): deps.append('zlib') elif keyword in ('AX_CHECK_OPENSSL', 'AX_LIB_CRYPTO'): deps.append('openssl') - elif keyword == 'AX_LIB_CURL': + elif keyword in ('AX_LIB_CURL', 'LIBCURL_CHECK_CONFIG'): deps.append('curl') elif keyword == 'AX_LIB_BEECRYPT': deps.append('beecrypt') @@ -624,6 +624,7 @@ class AutotoolsRecipeHandler(RecipeHandler): 'AX_CHECK_OPENSSL', 'AX_LIB_CRYPTO', 'AX_LIB_CURL', + 'LIBCURL_CHECK_CONFIG', 'AX_LIB_BEECRYPT', 'AX_LIB_EXPAT', 'AX_LIB_GCRYPT', diff --git a/scripts/lib/scriptutils.py b/scripts/lib/scriptutils.py index f92255d8dc..47a08194d0 100644 --- a/scripts/lib/scriptutils.py +++ b/scripts/lib/scriptutils.py @@ -18,7 +18,8 @@ import sys import tempfile import threading import importlib -from importlib import machinery +import importlib.machinery +import importlib.util class KeepAliveStreamHandler(logging.StreamHandler): def __init__(self, keepalive=True, **kwargs): @@ -82,7 +83,9 @@ def load_plugins(logger, plugins, pluginpath): logger.debug('Loading plugin %s' % name) spec = importlib.machinery.PathFinder.find_spec(name, path=[pluginpath] ) if spec: - return spec.loader.load_module() + mod = importlib.util.module_from_spec(spec) + spec.loader.exec_module(mod) + return mod def plugin_name(filename): return os.path.splitext(os.path.basename(filename))[0] @@ -215,7 +218,8 @@ def fetch_url(tinfoil, srcuri, srcrev, destdir, logger, preserve_tmp=False, mirr pathvars = ['T', 'RECIPE_SYSROOT', 'RECIPE_SYSROOT_NATIVE'] for pathvar in pathvars: path = rd.getVar(pathvar) - shutil.rmtree(path) + if os.path.exists(path): + shutil.rmtree(path) finally: if fetchrecipe: try: diff --git a/scripts/lib/wic/engine.py b/scripts/lib/wic/engine.py index 018815b966..674ccfc244 100644 --- a/scripts/lib/wic/engine.py +++ b/scripts/lib/wic/engine.py @@ -19,10 +19,10 @@ import os import tempfile import json import subprocess +import shutil import re from collections import namedtuple, OrderedDict -from distutils.spawn import find_executable from wic import WicError from wic.filemap import sparse_copy @@ -245,7 +245,7 @@ class Disk: for path in pathlist.split(':'): self.paths = "%s%s:%s" % (native_sysroot, path, self.paths) - self.parted = find_executable("parted", self.paths) + self.parted = shutil.which("parted", path=self.paths) if not self.parted: raise WicError("Can't find executable parted") @@ -283,7 +283,7 @@ class Disk: "resize2fs", "mkswap", "mkdosfs", "debugfs","blkid"): aname = "_%s" % name if aname not in self.__dict__: - setattr(self, aname, find_executable(name, self.paths)) + setattr(self, aname, shutil.which(name, path=self.paths)) if aname not in self.__dict__ or self.__dict__[aname] is None: raise WicError("Can't find executable '{}'".format(name)) return self.__dict__[aname] diff --git a/scripts/lib/wic/help.py b/scripts/lib/wic/help.py index bd3a2b97df..9c2d6991a9 100644 --- a/scripts/lib/wic/help.py +++ b/scripts/lib/wic/help.py @@ -840,8 +840,8 @@ DESCRIPTION meanings. The commands are based on the Fedora kickstart documentation but with modifications to reflect wic capabilities. - http://fedoraproject.org/wiki/Anaconda/Kickstart#part_or_partition - http://fedoraproject.org/wiki/Anaconda/Kickstart#bootloader + https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#part-or-partition + https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader Commands diff --git a/scripts/lib/wic/misc.py b/scripts/lib/wic/misc.py index 57c042c503..3e11822996 100644 --- a/scripts/lib/wic/misc.py +++ b/scripts/lib/wic/misc.py @@ -16,9 +16,9 @@ import logging import os import re import subprocess +import shutil from collections import defaultdict -from distutils import spawn from wic import WicError @@ -122,7 +122,7 @@ def find_executable(cmd, paths): if provided and "%s-native" % recipe in provided: return True - return spawn.find_executable(cmd, paths) + return shutil.which(cmd, path=paths) def exec_native_cmd(cmd_and_args, native_sysroot, pseudo=""): """ diff --git a/scripts/lib/wic/pluginbase.py b/scripts/lib/wic/pluginbase.py index d9b4e57747..b64568339b 100644 --- a/scripts/lib/wic/pluginbase.py +++ b/scripts/lib/wic/pluginbase.py @@ -9,9 +9,11 @@ __all__ = ['ImagerPlugin', 'SourcePlugin'] import os import logging +import types from collections import defaultdict -from importlib.machinery import SourceFileLoader +import importlib +import importlib.util from wic import WicError from wic.misc import get_bitbake_var @@ -54,7 +56,9 @@ class PluginMgr: mname = fname[:-3] mpath = os.path.join(ppath, fname) logger.debug("loading plugin module %s", mpath) - SourceFileLoader(mname, mpath).load_module() + spec = importlib.util.spec_from_file_location(mname, mpath) + module = importlib.util.module_from_spec(spec) + spec.loader.exec_module(module) return PLUGINS.get(ptype) diff --git a/scripts/lib/wic/plugins/imager/direct.py b/scripts/lib/wic/plugins/imager/direct.py index ea709e8c54..2c5d5efe0e 100644 --- a/scripts/lib/wic/plugins/imager/direct.py +++ b/scripts/lib/wic/plugins/imager/direct.py @@ -258,6 +258,8 @@ class DirectPlugin(ImagerPlugin): if part.mountpoint == "/": if part.uuid: return "PARTUUID=%s" % part.uuid + elif part.label: + return "PARTLABEL=%s" % part.label else: suffix = 'p' if part.disk.startswith('mmcblk') else '' return "/dev/%s%s%-d" % (part.disk, suffix, part.realnum) diff --git a/scripts/oe-pkgdata-browser b/scripts/oe-pkgdata-browser index 8d223185a4..65a6ee956e 100755 --- a/scripts/oe-pkgdata-browser +++ b/scripts/oe-pkgdata-browser @@ -236,6 +236,8 @@ class PkgUi(): update_deps("RPROVIDES", "Provides: ", self.provides_label, clickable=False) def load_recipes(self): + if not os.path.exists(pkgdata): + sys.exit("Error: Please ensure %s exists by generating packages before using this tool." % pkgdata) for recipe in sorted(os.listdir(pkgdata)): if os.path.isfile(os.path.join(pkgdata, recipe)): self.recipe_iters[recipe] = self.recipe_store.append([recipe]) diff --git a/scripts/runqemu b/scripts/runqemu index f3527a4412..f9a1a0da32 100755 --- a/scripts/runqemu +++ b/scripts/runqemu @@ -1573,7 +1573,8 @@ def main(): def sigterm_handler(signum, frame): logger.info("SIGTERM received") - os.kill(config.qemupid, signal.SIGTERM) + if config.qemupid: + os.kill(config.qemupid, signal.SIGTERM) config.cleanup() # Deliberately ignore the return code of 'tput smam'. subprocess.call(["tput", "smam"]) diff --git a/scripts/runqemu-ifdown b/scripts/runqemu-ifdown index a104c37bf8..e0eb5344c6 100755 --- a/scripts/runqemu-ifdown +++ b/scripts/runqemu-ifdown @@ -64,3 +64,4 @@ n=$[ (`echo $TAP | sed 's/tap//'` * 2) + 1 ] dest=$[ (`echo $TAP | sed 's/tap//'` * 2) + 2 ] $IPTABLES -D POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$n/32 $IPTABLES -D POSTROUTING -t nat -j MASQUERADE -s 192.168.7.$dest/32 +true diff --git a/scripts/wic b/scripts/wic index a741aed364..c0bc0e6fe8 100755 --- a/scripts/wic +++ b/scripts/wic @@ -22,9 +22,9 @@ import sys import argparse import logging import subprocess +import shutil from collections import namedtuple -from distutils import spawn # External modules scripts_path = os.path.dirname(os.path.realpath(__file__)) @@ -47,7 +47,7 @@ if os.environ.get('SDKTARGETSYSROOT'): break sdkroot = os.path.dirname(sdkroot) -bitbake_exe = spawn.find_executable('bitbake') +bitbake_exe = shutil.which('bitbake') if bitbake_exe: bitbake_path = scriptpath.add_bitbake_lib_path() import bb @@ -159,6 +159,9 @@ def wic_create_subcommand(options, usage_str): "(Use -e/--image-name to specify it)") native_sysroot = options.native_sysroot + if options.kernel_dir: + kernel_dir = options.kernel_dir + if not options.vars_dir and (not native_sysroot or not os.path.isdir(native_sysroot)): logger.info("Building wic-tools...\n") subprocess.check_call(["bitbake", "wic-tools"]) diff --git a/scripts/yocto-check-layer b/scripts/yocto-check-layer index 6975b09502..00a16d18fc 100755 --- a/scripts/yocto-check-layer +++ b/scripts/yocto-check-layer @@ -41,6 +41,12 @@ def test_layer(td, layer, test_software_layer_signatures): tc.loadTests(CASES_PATHS) return tc.runTests() +def dump_layer_debug(layer): + logger.debug("Found layer %s (%s)" % (layer["name"], layer["path"])) + collections = layer.get("collections", {}) + if collections: + logger.debug("%s collections: %s" % (layer["name"], ", ".join(collections))) + def main(): parser = argparse.ArgumentParser( description="Yocto Project layer checking tool", @@ -106,6 +112,13 @@ def main(): else: dep_layers = layers + logger.debug("Found additional layers:") + for l in additional_layers: + dump_layer_debug(l) + logger.debug("Found dependency layers:") + for l in dep_layers: + dump_layer_debug(l) + logger.info("Detected layers:") for layer in layers: if layer['type'] == LayerType.ERROR_BSP_DISTRO: |