aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMartin Jansa <Martin.Jansa@gmail.com>2022-06-17 20:06:24 +0200
committerMartin Jansa <Martin.Jansa@gmail.com>2022-06-17 20:13:09 +0200
commit4d010543de50dd420d122a1c00aa3f0021dfa011 (patch)
tree0c70967449084ca138cd6dba0e9dc0ef08021f22
parent4756dbadfc0129dde2a0afcaebaa5079d36bef6f (diff)
downloadopenembedded-core-contrib-jansa/honister.tar.gz
openembedded-core-contrib-jansa/honister.tar.bz2
openembedded-core-contrib-jansa/honister.zip
linux-yocto-5.14: fix build with gcc-12 on hostjansa/honister
* fixes: In file included from sigchain.c:3: In function 'xrealloc', inlined from 'sigchain_push.isra' at sigchain.c:26:2: subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free] 56 | ret = realloc(ptr, size); | ^~~~~~~~~~~~~~~~~~ Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
-rw-r--r--meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch66
-rw-r--r--meta/recipes-kernel/linux/linux-yocto_5.14.bb4
2 files changed, 69 insertions, 1 deletions
diff --git a/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch b/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch
new file mode 100644
index 0000000000..2ad53f6b6e
--- /dev/null
+++ b/meta/recipes-kernel/linux/linux-yocto/0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch
@@ -0,0 +1,66 @@
+From 52a9dab6d892763b2a8334a568bd4e2c1a6fde66 Mon Sep 17 00:00:00 2001
+From: Kees Cook <keescook@chromium.org>
+Date: Sun, 13 Feb 2022 10:24:43 -0800
+Subject: [PATCH] libsubcmd: Fix use-after-free for realloc(..., 0)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+GCC 12 correctly reports a potential use-after-free condition in the
+xrealloc helper. Fix the warning by avoiding an implicit "free(ptr)"
+when size == 0:
+
+In file included from help.c:12:
+In function 'xrealloc',
+ inlined from 'add_cmdname' at help.c:24:2: subcmd-util.h:56:23: error: pointer may be used after 'realloc' [-Werror=use-after-free]
+ 56 | ret = realloc(ptr, size);
+ | ^~~~~~~~~~~~~~~~~~
+subcmd-util.h:52:21: note: call to 'realloc' here
+ 52 | void *ret = realloc(ptr, size);
+ | ^~~~~~~~~~~~~~~~~~
+subcmd-util.h:58:31: error: pointer may be used after 'realloc' [-Werror=use-after-free]
+ 58 | ret = realloc(ptr, 1);
+ | ^~~~~~~~~~~~~~~
+subcmd-util.h:52:21: note: call to 'realloc' here
+ 52 | void *ret = realloc(ptr, size);
+ | ^~~~~~~~~~~~~~~~~~
+
+Fixes: 2f4ce5ec1d447beb ("perf tools: Finalize subcmd independence")
+Reported-by: Valdis Klētnieks <valdis.kletnieks@vt.edu>
+Signed-off-by: Kees Kook <keescook@chromium.org>
+Tested-by: Valdis Klētnieks <valdis.kletnieks@vt.edu>
+Tested-by: Justin M. Forbes <jforbes@fedoraproject.org>
+Acked-by: Josh Poimboeuf <jpoimboe@redhat.com>
+Cc: linux-hardening@vger.kernel.org
+Cc: Valdis Klētnieks <valdis.kletnieks@vt.edu>
+Link: http://lore.kernel.org/lkml/20220213182443.4037039-1-keescook@chromium.org
+Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
+
+Upstream-Status: Backport [v5.17, v5.15.25]
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ tools/lib/subcmd/subcmd-util.h | 11 ++---------
+ 1 file changed, 2 insertions(+), 9 deletions(-)
+
+diff --git a/tools/lib/subcmd/subcmd-util.h b/tools/lib/subcmd/subcmd-util.h
+index 794a375dad36..b2aec04fce8f 100644
+--- a/tools/lib/subcmd/subcmd-util.h
++++ b/tools/lib/subcmd/subcmd-util.h
+@@ -50,15 +50,8 @@ static NORETURN inline void die(const char *err, ...)
+ static inline void *xrealloc(void *ptr, size_t size)
+ {
+ void *ret = realloc(ptr, size);
+- if (!ret && !size)
+- ret = realloc(ptr, 1);
+- if (!ret) {
+- ret = realloc(ptr, size);
+- if (!ret && !size)
+- ret = realloc(ptr, 1);
+- if (!ret)
+- die("Out of memory, realloc failed");
+- }
++ if (!ret)
++ die("Out of memory, realloc failed");
+ return ret;
+ }
+
diff --git a/meta/recipes-kernel/linux/linux-yocto_5.14.bb b/meta/recipes-kernel/linux/linux-yocto_5.14.bb
index b5be96b7c9..a48e0dbf72 100644
--- a/meta/recipes-kernel/linux/linux-yocto_5.14.bb
+++ b/meta/recipes-kernel/linux/linux-yocto_5.14.bb
@@ -39,7 +39,9 @@ KBRANCH:class-devupstream = "v5.14/base"
# KMACHINE:qemuarm ?= "qemuarma15"
SRC_URI = "git://git.yoctoproject.org/linux-yocto.git;name=machine;branch=${KBRANCH}; \
- git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.14;destsuffix=${KMETA}"
+ git://git.yoctoproject.org/yocto-kernel-cache;type=kmeta;name=meta;branch=yocto-5.14;destsuffix=${KMETA} \
+ file://0001-libsubcmd-Fix-use-after-free-for-realloc-.-0.patch \
+"
LIC_FILES_CHKSUM = "file://COPYING;md5=6bc538ed5bd9a7fc9398086aedcd7e46"
LINUX_VERSION ?= "5.14.21"