summaryrefslogtreecommitdiffstats
path: root/meta/recipes-extended/cpio
diff options
context:
space:
mode:
Diffstat (limited to 'meta/recipes-extended/cpio')
-rw-r--r--meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch178
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch (renamed from meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch)0
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch42
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch27
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch28
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch581
-rw-r--r--meta/recipes-extended/cpio/cpio-2.13/run-ptest10
-rw-r--r--meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch26
-rw-r--r--meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch217
-rw-r--r--meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch31
-rw-r--r--meta/recipes-extended/cpio/cpio-2.8/statdef.patch15
-rw-r--r--meta/recipes-extended/cpio/cpio_2.12.bb12
-rw-r--r--meta/recipes-extended/cpio/cpio_2.13.bb77
-rw-r--r--meta/recipes-extended/cpio/cpio_2.8.bb19
-rw-r--r--meta/recipes-extended/cpio/cpio_v2.inc43
15 files changed, 765 insertions, 541 deletions
diff --git a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch b/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
deleted file mode 100644
index 5c999197ff..0000000000
--- a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From dcee489f821c1260a0136fcdfdb6ff4dd11086ac Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Wed, 9 Dec 2015 17:58:03 +0200
-Subject: [PATCH] Fix CVE-2015-1197
-
-Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197.
-Upstream is dormant or no longer existing. To restore the old
-behaviour use --extract-over-symlinks (Closes: #774669)
-This issue has been discovered by Alexander Cherepanov.
-Author: Vitezslav Cizek <vcizek@suse.cz>
-Bug-Debian: https://bugs.debian.org/774669
-
-Upstream-Status: Pending
-CVE: CVE-2015-1197
-Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
-
----
- doc/cpio.1 | 1 +
- src/copyin.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- src/extern.h | 1 +
- src/global.c | 3 +++
- src/main.c | 7 +++++++
- 5 files changed, 74 insertions(+)
-
-diff --git a/doc/cpio.1 b/doc/cpio.1
-index 2a68241..dc4676c 100644
---- a/doc/cpio.1
-+++ b/doc/cpio.1
-@@ -49,6 +49,7 @@ cpio \- copy files to and from archives
- [\fB\-\-no\-preserve\-owner\fR] [\fB\-\-message=\fIMESSAGE\fR]
- [\fB\-\-force\-local\fR] [\fB\-\-no\-absolute\-filenames\fR] [\fB\-\-sparse\fR]
- [\fB\-\-only\-verify\-crc\fR] [\fB\-\-to\-stdout\fR] [\fB\-\-quiet\fR]
-+[\fB\-\-extract\-over\-symlinks\fR]
- [\fB\-\-rsh\-command=\fICOMMAND\fR]
- [\fIpattern\fR...] [\fB<\fR \fIarchive\fR]
-
-diff --git a/src/copyin.c b/src/copyin.c
-index cde911e..053afe7 100644
---- a/src/copyin.c
-+++ b/src/copyin.c
-@@ -695,6 +695,51 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
- free (link_name);
- }
-
-+
-+static int
-+path_contains_symlink(char *path)
-+{
-+ struct stat st;
-+ char *slash;
-+ char *nextslash;
-+
-+ /* we got NULL pointer or empty string */
-+ if (!path || !*path) {
-+ return false;
-+ }
-+
-+ slash = path;
-+
-+ while ((nextslash = strchr(slash + 1, '/')) != NULL) {
-+ slash = nextslash;
-+ *slash = '\0';
-+
-+ if (lstat(path, &st) != 0) {
-+ if (errno == ELOOP) {
-+ /* ELOOP - too many symlinks */
-+ *slash = '/';
-+ return true;
-+ } else if (errno == ENOMEM) {
-+ /* No memory for lstat - terminate */
-+ xalloc_die();
-+ } else {
-+ /* cannot lstat path - give up */
-+ *slash = '/';
-+ return false;
-+ }
-+ }
-+
-+ if (S_ISLNK(st.st_mode)) {
-+ *slash = '/';
-+ return true;
-+ }
-+
-+ *slash = '/';
-+ }
-+
-+ return false;
-+}
-+
- static void
- copyin_file (struct cpio_file_stat *file_hdr, int in_file_des)
- {
-@@ -1468,6 +1513,23 @@ process_copy_in ()
- {
- /* Copy the input file into the directory structure. */
-
-+ /* Can we write files over symlinks? */
-+ if (!extract_over_symlinks)
-+ {
-+ if (path_contains_symlink(file_hdr.c_name))
-+ {
-+ /* skip the file */
-+ /*
-+ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name);
-+ tape_toss_input (in_file_des, file_hdr.c_filesize);
-+ tape_skip_padding (in_file_des, file_hdr.c_filesize);
-+ continue;
-+ */
-+ /* terminate */
-+ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name);
-+ }
-+ }
-+
- /* Do we need to rename the file? */
- if (rename_flag || rename_batch_file)
- {
-diff --git a/src/extern.h b/src/extern.h
-index e27d662..d864bde 100644
---- a/src/extern.h
-+++ b/src/extern.h
-@@ -96,6 +96,7 @@ extern char input_is_special;
- extern char output_is_special;
- extern char input_is_seekable;
- extern char output_is_seekable;
-+extern bool extract_over_symlinks;
- extern int (*xstat) ();
- extern void (*copy_function) ();
- extern char *change_directory_option;
-diff --git a/src/global.c b/src/global.c
-index 57e505a..336fce4 100644
---- a/src/global.c
-+++ b/src/global.c
-@@ -187,6 +187,9 @@ bool to_stdout_option = false;
- /* The name this program was run with. */
- char *program_name;
-
-+/* Extract files over symbolic links */
-+bool extract_over_symlinks;
-+
- /* A pointer to either lstat or stat, depending on whether
- dereferencing of symlinks is done for input files. */
- int (*xstat) ();
-diff --git a/src/main.c b/src/main.c
-index a13861f..87cb309 100644
---- a/src/main.c
-+++ b/src/main.c
-@@ -59,6 +59,7 @@ enum cpio_options {
- DEBUG_OPTION,
- BLOCK_SIZE_OPTION,
- TO_STDOUT_OPTION,
-+ EXTRACT_OVER_SYMLINKS,
- RENUMBER_INODES_OPTION,
- IGNORE_DEVNO_OPTION,
- DEVICE_INDEPENDENT_OPTION
-@@ -243,6 +244,8 @@ static struct argp_option options[] = {
- N_("Create leading directories where needed"), GRID+1 },
- {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0,
- N_("Do not change the ownership of the files"), GRID+1 },
-+ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0,
-+ N_("Force writing over symbolic links"), GRID+1 },
- {"unconditional", 'u', NULL, 0,
- N_("Replace all files unconditionally"), GRID+1 },
- {"sparse", SPARSE_OPTION, NULL, 0,
-@@ -432,6 +435,10 @@ crc newc odc bin ustar tar (all-caps also recognized)"), arg));
- no_chown_flag = true;
- break;
-
-+ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */
-+ extract_over_symlinks = true;
-+ break;
-+
- case 'o': /* Copy-out mode. */
- if (copy_function != 0)
- USAGE_ERROR ((0, 0, _("Mode already defined")));
---
-2.6.2
-
diff --git a/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch
index 6ae213942c..6ae213942c 100644
--- a/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch
+++ b/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch
diff --git a/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch
new file mode 100644
index 0000000000..d637e70395
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch
@@ -0,0 +1,42 @@
+From 6e169bb5fadb73b4dd300b28e9cae1e1772855e8 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sun, 15 Jan 2023 02:05:23 -0800
+Subject: [PATCH] Use __alignof__ with clang.
+
+For clang versions < 8, use the same
+workaround as for GCC versions < 4.9.
+
+Backport couple of gnulib patches squashed
+
+[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=57caf9541d98314102a55dd1cd0b8dc2be747471
+[2] https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=2af490a4c4ce85567296e27be6a9528964ca851e
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=57caf9541d98314102a55dd1cd0b8dc2be747471]
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gnu/stdalign.in.h | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/gnu/stdalign.in.h b/gnu/stdalign.in.h
+index 5f56eee..e6e6a65 100644
+--- a/gnu/stdalign.in.h
++++ b/gnu/stdalign.in.h
+@@ -53,9 +53,12 @@
+ #undef _Alignof
+
+ /* GCC releases before GCC 4.9 had a bug in _Alignof. See GCC bug 52023
+- <http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. */
++ <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>.
++ clang versions < 8.0.0 have the same bug. */
+ #if (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112 \
+- || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9)))
++ || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9) \
++ && !defined __clang__) \
++ || (defined __clang__ && __clang_major__ < 8))
+ # ifdef __cplusplus
+ # if 201103 <= __cplusplus
+ # define _Alignof(type) alignof (type)
+--
+2.39.0
+
diff --git a/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch
new file mode 100644
index 0000000000..6f6e396ef3
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch
@@ -0,0 +1,27 @@
+From 02f1f63d3ff58f3473f1689a0322a234ce10b659 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Fri, 13 Jan 2023 22:13:45 -0800
+Subject: [PATCH] obstack: Fix a clang warning
+
+Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=0cc39712803ade7b2d4b89c36b143dad72404063]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ gnu/obstack.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/gnu/obstack.c b/gnu/obstack.c
+index 54b675d..4d6a1d5 100644
+--- a/gnu/obstack.c
++++ b/gnu/obstack.c
+@@ -326,7 +326,7 @@ int obstack_exit_failure = EXIT_FAILURE;
+ # include <libio/iolibio.h>
+ # endif
+
+-static _Noreturn void
++static __attribute_noreturn__ void
+ print_and_abort (void)
+ {
+ /* Don't change any of these strings. Yes, it would be possible to add
+--
+2.39.0
+
diff --git a/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch b/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch
new file mode 100644
index 0000000000..478324c1c4
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch
@@ -0,0 +1,28 @@
+From 33e6cb5a28fab3d99bd6818f8c01e6f33805390f Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Mon, 20 Jan 2020 07:45:39 +0200
+Subject: [PATCH] src/global.c: Remove superfluous declaration of program_name
+
+Upstream-Status: Backport (commit 641d3f4)
+Signed-off-by: Richard Leitner <richard.leitner@skidata.com>
+---
+ src/global.c | 3 ---
+ 1 file changed, 3 deletions(-)
+
+diff --git a/src/global.c b/src/global.c
+index fb3abe9..acf92bc 100644
+--- a/src/global.c
++++ b/src/global.c
+@@ -184,9 +184,6 @@ unsigned int warn_option = 0;
+ /* Extract to standard output? */
+ bool to_stdout_option = false;
+
+-/* The name this program was run with. */
+-char *program_name;
+-
+ /* A pointer to either lstat or stat, depending on whether
+ dereferencing of symlinks is done for input files. */
+ int (*xstat) ();
+--
+2.26.2
+
diff --git a/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
new file mode 100644
index 0000000000..6ceafeee49
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch
@@ -0,0 +1,581 @@
+GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted
+pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers
+an out-of-bounds heap write.
+
+CVE: CVE-2021-38185
+Upstream-Status: Backport
+Signed-off-by: Ross Burton <ross.burton@arm.com>
+
+From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sat, 7 Aug 2021 12:52:21 +0300
+Subject: [PATCH 1/3] Rewrite dynamic string support.
+
+* src/dstring.c (ds_init): Take a single argument.
+(ds_free): New function.
+(ds_resize): Take a single argument. Use x2nrealloc to expand
+the storage.
+(ds_reset,ds_append,ds_concat,ds_endswith): New function.
+(ds_fgetstr): Rewrite. In particular, this fixes integer overflow.
+* src/dstring.h (dynamic_string): Keep both the allocated length
+(ds_size) and index of the next free byte in the string (ds_idx).
+(ds_init,ds_resize): Change signature.
+(ds_len): New macro.
+(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos.
+* src/copyin.c: Use new ds_ functions.
+* src/copyout.c: Likewise.
+* src/copypass.c: Likewise.
+* src/util.c: Likewise.
+---
+ src/copyin.c | 40 +++++++++++------------
+ src/copyout.c | 16 ++++-----
+ src/copypass.c | 34 +++++++++----------
+ src/dstring.c | 88 ++++++++++++++++++++++++++++++++++++--------------
+ src/dstring.h | 31 +++++++++---------
+ src/util.c | 6 ++--
+ 6 files changed, 123 insertions(+), 92 deletions(-)
+
+diff --git a/src/copyin.c b/src/copyin.c
+index b29f348..37e503a 100644
+--- a/src/copyin.c
++++ b/src/copyin.c
+@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out,
+ char *str_res; /* Result for string function. */
+ static dynamic_string new_name; /* New file name for rename option. */
+ static int initialized_new_name = false;
++
+ if (!initialized_new_name)
+- {
+- ds_init (&new_name, 128);
+- initialized_new_name = true;
+- }
++ {
++ ds_init (&new_name);
++ initialized_new_name = true;
++ }
+
+ if (rename_flag)
+ {
+@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name)
+ already in `save_patterns' (from the command line) are preserved. */
+
+ static void
+-read_pattern_file ()
++read_pattern_file (void)
+ {
+- int max_new_patterns;
+- char **new_save_patterns;
+- int new_num_patterns;
++ char **new_save_patterns = NULL;
++ size_t max_new_patterns;
++ size_t new_num_patterns;
+ int i;
+- dynamic_string pattern_name;
++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER;
+ FILE *pattern_fp;
+
+ if (num_patterns < 0)
+ num_patterns = 0;
+- max_new_patterns = 1 + num_patterns;
+- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *));
+ new_num_patterns = num_patterns;
+- ds_init (&pattern_name, 128);
++ max_new_patterns = num_patterns;
++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0]));
+
+ pattern_fp = fopen (pattern_file_name, "r");
+ if (pattern_fp == NULL)
+ open_fatal (pattern_file_name);
+ while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL)
+ {
+- if (new_num_patterns >= max_new_patterns)
+- {
+- max_new_patterns += 1;
+- new_save_patterns = (char **)
+- xrealloc ((char *) new_save_patterns,
+- max_new_patterns * sizeof (char *));
+- }
++ if (new_num_patterns == max_new_patterns)
++ new_save_patterns = x2nrealloc (new_save_patterns,
++ &max_new_patterns,
++ sizeof (new_save_patterns[0]));
+ new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string);
+ ++new_num_patterns;
+ }
++
++ ds_free (&pattern_name);
++
+ if (ferror (pattern_fp) || fclose (pattern_fp) == EOF)
+ close_error (pattern_file_name);
+
+@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count)
+ in the file system. */
+
+ void
+-process_copy_in ()
++process_copy_in (void)
+ {
+ char done = false; /* True if trailer reached. */
+ FILE *tty_in = NULL; /* Interactive file for rename option. */
+diff --git a/src/copyout.c b/src/copyout.c
+index 8b0beb6..26e3dda 100644
+--- a/src/copyout.c
++++ b/src/copyout.c
+@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value)
+ The format of the header depends on the compatibility (-c) flag. */
+
+ void
+-process_copy_out ()
++process_copy_out (void)
+ {
+- dynamic_string input_name; /* Name of file read from stdin. */
++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of file read from stdin. */
+ struct stat file_stat; /* Stat record for file. */
+ struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER;
+ /* Output header information. */
+@@ -605,7 +606,6 @@ process_copy_out ()
+ char *orig_file_name = NULL;
+
+ /* Initialize the copy out. */
+- ds_init (&input_name, 128);
+ file_hdr.c_magic = 070707;
+
+ /* Check whether the output file might be a tape. */
+@@ -657,14 +657,9 @@ process_copy_out ()
+ {
+ if (file_hdr.c_mode & CP_IFDIR)
+ {
+- int len = strlen (input_name.ds_string);
+ /* Make sure the name ends with a slash */
+- if (input_name.ds_string[len-1] != '/')
+- {
+- ds_resize (&input_name, len + 2);
+- input_name.ds_string[len] = '/';
+- input_name.ds_string[len+1] = 0;
+- }
++ if (!ds_endswith (&input_name, '/'))
++ ds_append (&input_name, '/');
+ }
+ }
+
+@@ -875,6 +870,7 @@ process_copy_out ()
+ (unsigned long) blocks), (unsigned long) blocks);
+ }
+ cpio_file_stat_free (&file_hdr);
++ ds_free (&input_name);
+ }
+
+
+diff --git a/src/copypass.c b/src/copypass.c
+index dc13b5b..62f31c6 100644
+--- a/src/copypass.c
++++ b/src/copypass.c
+@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st)
+ If `link_flag', link instead of copying. */
+
+ void
+-process_copy_pass ()
++process_copy_pass (void)
+ {
+- dynamic_string input_name; /* Name of file from stdin. */
+- dynamic_string output_name; /* Name of new file. */
++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of file from stdin. */
++ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER;
++ /* Name of new file. */
+ size_t dirname_len; /* Length of `directory_name'. */
+ int res; /* Result of functions. */
+ char *slash; /* For moving past slashes in input name. */
+@@ -65,25 +67,18 @@ process_copy_pass ()
+ created files */
+
+ /* Initialize the copy pass. */
+- ds_init (&input_name, 128);
+
+ dirname_len = strlen (directory_name);
+ if (change_directory_option && !ISSLASH (directory_name[0]))
+ {
+ char *pwd = xgetcwd ();
+-
+- dirname_len += strlen (pwd) + 1;
+- ds_init (&output_name, dirname_len + 2);
+- strcpy (output_name.ds_string, pwd);
+- strcat (output_name.ds_string, "/");
+- strcat (output_name.ds_string, directory_name);
++
++ ds_concat (&output_name, pwd);
++ ds_append (&output_name, '/');
+ }
+- else
+- {
+- ds_init (&output_name, dirname_len + 2);
+- strcpy (output_name.ds_string, directory_name);
+- }
+- output_name.ds_string[dirname_len] = '/';
++ ds_concat (&output_name, directory_name);
++ ds_append (&output_name, '/');
++ dirname_len = ds_len (&output_name);
+ output_is_seekable = true;
+
+ change_dir ();
+@@ -116,8 +111,8 @@ process_copy_pass ()
+ /* Make the name of the new file. */
+ for (slash = input_name.ds_string; *slash == '/'; ++slash)
+ ;
+- ds_resize (&output_name, dirname_len + strlen (slash) + 2);
+- strcpy (output_name.ds_string + dirname_len + 1, slash);
++ ds_reset (&output_name, dirname_len);
++ ds_concat (&output_name, slash);
+
+ existing_dir = false;
+ if (lstat (output_name.ds_string, &out_file_stat) == 0)
+@@ -333,6 +328,9 @@ process_copy_pass ()
+ (unsigned long) blocks),
+ (unsigned long) blocks);
+ }
++
++ ds_free (&input_name);
++ ds_free (&output_name);
+ }
+
+ /* Try and create a hard link from FILE_NAME to another file
+diff --git a/src/dstring.c b/src/dstring.c
+index e9c063f..358f356 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -20,8 +20,8 @@
+ #if defined(HAVE_CONFIG_H)
+ # include <config.h>
+ #endif
+-
+ #include <stdio.h>
++#include <stdlib.h>
+ #if defined(HAVE_STRING_H) || defined(STDC_HEADERS)
+ #include <string.h>
+ #else
+@@ -33,24 +33,41 @@
+ /* Initialiaze dynamic string STRING with space for SIZE characters. */
+
+ void
+-ds_init (dynamic_string *string, int size)
++ds_init (dynamic_string *string)
++{
++ memset (string, 0, sizeof *string);
++}
++
++/* Free the dynamic string storage. */
++
++void
++ds_free (dynamic_string *string)
+ {
+- string->ds_length = size;
+- string->ds_string = (char *) xmalloc (size);
++ free (string->ds_string);
+ }
+
+-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */
++/* Expand dynamic string STRING, if necessary. */
+
+ void
+-ds_resize (dynamic_string *string, int size)
++ds_resize (dynamic_string *string)
+ {
+- if (size > string->ds_length)
++ if (string->ds_idx == string->ds_size)
+ {
+- string->ds_length = size;
+- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size);
++ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
++ 1);
+ }
+ }
+
++/* Reset the index of the dynamic string S to LEN. */
++
++void
++ds_reset (dynamic_string *s, size_t len)
++{
++ while (len > s->ds_size)
++ ds_resize (s);
++ s->ds_idx = len;
++}
++
+ /* Dynamic string S gets a string terminated by the EOS character
+ (which is removed) from file F. S will increase
+ in size during the function if the string from F is longer than
+@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int size)
+ char *
+ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ {
+- int insize; /* Amount needed for line. */
+- int strsize; /* Amount allocated for S. */
+ int next_ch;
+
+ /* Initialize. */
+- insize = 0;
+- strsize = s->ds_length;
++ s->ds_idx = 0;
+
+ /* Read the input string. */
+- next_ch = getc (f);
+- while (next_ch != eos && next_ch != EOF)
++ while ((next_ch = getc (f)) != eos && next_ch != EOF)
+ {
+- if (insize >= strsize - 1)
+- {
+- ds_resize (s, strsize * 2 + 2);
+- strsize = s->ds_length;
+- }
+- s->ds_string[insize++] = next_ch;
+- next_ch = getc (f);
++ ds_resize (s);
++ s->ds_string[s->ds_idx++] = next_ch;
+ }
+- s->ds_string[insize++] = '\0';
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = '\0';
+
+- if (insize == 1 && next_ch == EOF)
++ if (s->ds_idx == 0 && next_ch == EOF)
+ return NULL;
+ else
+ return s->ds_string;
+ }
+
++void
++ds_append (dynamic_string *s, int c)
++{
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = c;
++ if (c)
++ {
++ s->ds_idx++;
++ ds_resize (s);
++ s->ds_string[s->ds_idx] = 0;
++ }
++}
++
++void
++ds_concat (dynamic_string *s, char const *str)
++{
++ size_t len = strlen (str);
++ while (len + 1 > s->ds_size)
++ ds_resize (s);
++ memcpy (s->ds_string + s->ds_idx, str, len);
++ s->ds_idx += len;
++ s->ds_string[s->ds_idx] = 0;
++}
++
+ char *
+ ds_fgets (FILE *f, dynamic_string *s)
+ {
+@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s)
+ {
+ return ds_fgetstr (f, s, '\0');
+ }
++
++/* Return true if the dynamic string S ends with character C. */
++int
++ds_endswith (dynamic_string *s, int c)
++{
++ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c);
++}
+diff --git a/src/dstring.h b/src/dstring.h
+index b5135fe..f5b04ef 100644
+--- a/src/dstring.h
++++ b/src/dstring.h
+@@ -17,10 +17,6 @@
+ Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+ Boston, MA 02110-1301 USA. */
+
+-#ifndef NULL
+-#define NULL 0
+-#endif
+-
+ /* A dynamic string consists of record that records the size of an
+ allocated string and the pointer to that string. The actual string
+ is a normal zero byte terminated string that can be used with the
+@@ -30,22 +26,25 @@
+
+ typedef struct
+ {
+- int ds_length; /* Actual amount of storage allocated. */
+- char *ds_string; /* String. */
++ size_t ds_size; /* Actual amount of storage allocated. */
++ size_t ds_idx; /* Index of the next free byte in the string. */
++ char *ds_string; /* String storage. */
+ } dynamic_string;
+
++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL }
+
+-/* Macros that look similar to the original string functions.
+- WARNING: These macros work only on pointers to dynamic string records.
+- If used with a real record, an "&" must be used to get the pointer. */
+-#define ds_strlen(s) strlen ((s)->ds_string)
+-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string)
+-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n)
+-#define ds_index(s, c) index ((s)->ds_string, c)
+-#define ds_rindex(s, c) rindex ((s)->ds_string, c)
++void ds_init (dynamic_string *string);
++void ds_free (dynamic_string *string);
++void ds_reset (dynamic_string *s, size_t len);
+
+-void ds_init (dynamic_string *string, int size);
+-void ds_resize (dynamic_string *string, int size);
++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */
+ char *ds_fgetname (FILE *f, dynamic_string *s);
+ char *ds_fgets (FILE *f, dynamic_string *s);
+ char *ds_fgetstr (FILE *f, dynamic_string *s, char eos);
++void ds_append (dynamic_string *s, int c);
++void ds_concat (dynamic_string *s, char const *str);
++
++#define ds_len(s) ((s)->ds_idx)
++
++int ds_endswith (dynamic_string *s, int c);
++
+diff --git a/src/util.c b/src/util.c
+index 4421b20..6d6bbaa 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -846,11 +846,9 @@ get_next_reel (int tape_des)
+ FILE *tty_out; /* File for interacting with user. */
+ int old_tape_des;
+ char *next_archive_name;
+- dynamic_string new_name;
++ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER;
+ char *str_res;
+
+- ds_init (&new_name, 128);
+-
+ /* Open files for interactive communication. */
+ tty_in = fopen (TTY_NAME, "r");
+ if (tty_in == NULL)
+@@ -925,7 +923,7 @@ get_next_reel (int tape_des)
+ error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"),
+ old_tape_des, tape_des);
+
+- free (new_name.ds_string);
++ ds_free (&new_name);
+ fclose (tty_in);
+ fclose (tty_out);
+ }
+--
+2.25.1
+
+
+From fb7a51bf85b8e6f045cacb4fb783db4a414741bf Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 11 Aug 2021 18:10:38 +0300
+Subject: [PATCH 2/3] Fix previous commit
+
+* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a
+loop.
+---
+ src/dstring.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 358f356..90c691c 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -64,7 +64,7 @@ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+ while (len > s->ds_size)
+- ds_resize (s);
++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+ s->ds_idx = len;
+ }
+
+@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str)
+ {
+ size_t len = strlen (str);
+ while (len + 1 > s->ds_size)
+- ds_resize (s);
++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
+ memcpy (s->ds_string + s->ds_idx, str, len);
+ s->ds_idx += len;
+ s->ds_string[s->ds_idx] = 0;
+--
+2.25.1
+
+
+From 86b37d74b15f9bb5fe62fd1642cc126d3ace0189 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Wed, 18 Aug 2021 09:41:39 +0300
+Subject: [PATCH 3/3] Fix dynamic string reallocations
+
+* src/dstring.c (ds_resize): Take additional argument: number of
+bytes to leave available after ds_idx. All uses changed.
+---
+ src/dstring.c | 18 ++++++++----------
+ 1 file changed, 8 insertions(+), 10 deletions(-)
+
+diff --git a/src/dstring.c b/src/dstring.c
+index 90c691c..0f597cc 100644
+--- a/src/dstring.c
++++ b/src/dstring.c
+@@ -49,9 +49,9 @@ ds_free (dynamic_string *string)
+ /* Expand dynamic string STRING, if necessary. */
+
+ void
+-ds_resize (dynamic_string *string)
++ds_resize (dynamic_string *string, size_t len)
+ {
+- if (string->ds_idx == string->ds_size)
++ while (len + string->ds_idx >= string->ds_size)
+ {
+ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size,
+ 1);
+@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string)
+ void
+ ds_reset (dynamic_string *s, size_t len)
+ {
+- while (len > s->ds_size)
+- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++ ds_resize (s, len);
+ s->ds_idx = len;
+ }
+
+@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ /* Read the input string. */
+ while ((next_ch = getc (f)) != eos && next_ch != EOF)
+ {
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx++] = next_ch;
+ }
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = '\0';
+
+ if (s->ds_idx == 0 && next_ch == EOF)
+@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos)
+ void
+ ds_append (dynamic_string *s, int c)
+ {
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = c;
+ if (c)
+ {
+ s->ds_idx++;
+- ds_resize (s);
++ ds_resize (s, 0);
+ s->ds_string[s->ds_idx] = 0;
+ }
+ }
+@@ -115,8 +114,7 @@ void
+ ds_concat (dynamic_string *s, char const *str)
+ {
+ size_t len = strlen (str);
+- while (len + 1 > s->ds_size)
+- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1);
++ ds_resize (s, len);
+ memcpy (s->ds_string + s->ds_idx, str, len);
+ s->ds_idx += len;
+ s->ds_string[s->ds_idx] = 0;
+--
+2.25.1
+
diff --git a/meta/recipes-extended/cpio/cpio-2.13/run-ptest b/meta/recipes-extended/cpio/cpio-2.13/run-ptest
new file mode 100644
index 0000000000..bdac7259c1
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.13/run-ptest
@@ -0,0 +1,10 @@
+#!/bin/sh
+
+# Define cpio test work dir
+WORKDIR=/usr/lib/cpio/ptest/tests/
+
+# Run test
+cd ${WORKDIR}
+./atconfig ./atlocal ./testsuite
+
+./testsuite 2>&1 | grep -E '[0-9]{1,3}: ' | sed -e 's/^.....//' -e '/[ok]$/s/^/PASS: /;/FAILED (.*)/s/^/FAIL: /;/skipped (.*)/s/^/SKIP: /;/expected failure/ s/^/PASS: /;/UNEXPECTED PASS/s/^/FAIL: /' -e 's/ok$//g' -e 's/FAILED.*//g' -e 's/skipped.*//g' -e 's/expected failure.*//g' -e 's/UNEXPECTED PASS.*//g'
diff --git a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
deleted file mode 100644
index a31573510a..0000000000
--- a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
+++ /dev/null
@@ -1,26 +0,0 @@
-Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624]
-CVE: CVE-2010-0624
-
-This patch avoids heap overflow reported by :
-http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624
-
-This is a clean patch for the GPLv2 tar recipe.
-
-the GPLv2 tar recipe patch is also applicable to this GPLv2 cpio
-recipe, as they share code.
-
-Nitin A Kamble <nitin.a.kamble@intel.com> 2011/04/25
-
-Index: tar-1.17/lib/rtapelib.c
-===================================================================
---- tar-1.17.orig/lib/rtapelib.c
-+++ tar-1.17/lib/rtapelib.c
-@@ -570,7 +570,7 @@ rmt_read__ (int handle, char *buffer, si
-
- sprintf (command_buffer, "R%lu\n", (unsigned long) length);
- if (do_command (handle, command_buffer) == -1
-- || (status = get_status (handle)) == SAFE_READ_ERROR)
-+ || ((status = get_status (handle)) == SAFE_READ_ERROR) || (status > length))
- return SAFE_READ_ERROR;
-
- for (counter = 0; counter < status; counter += rlen, buffer += rlen)
diff --git a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch b/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch
deleted file mode 100644
index 0148e70797..0000000000
--- a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch
+++ /dev/null
@@ -1,217 +0,0 @@
-cpio: Fix memory overrun on reading improperly created link records
-
-Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
-
-http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d
-
- * src/copyin.c (get_link_name): New function.
- (list_file, copyin_link): use get_link_name
-
- * tests/symlink-bad-length.at: New file.
- * tests/symlink-long.at: New file.
- * tests/Makefile.am: Add new files.
- * tests/testsuite.at: Likewise.
-
- See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
-
-Upstream-Status: Backport
-
-Signed-off-by: Sergey Poznyakoff <gray@gnu.org.ua>
-
-diff -Nurp cpio-2.8.orig/src/copyin.c cpio-2.8/src/copyin.c
---- cpio-2.8.orig/src/copyin.c 2007-06-07 19:58:03.000000000 +0800
-+++ cpio-2.8/src/copyin.c 2014-12-08 11:30:01.159791484 +0800
-@@ -126,6 +126,28 @@ tape_skip_padding (int in_file_des, int
- }
-
-
-+static char *
-+get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
-+{
-+ off_t n = file_hdr->c_filesize + 1;
-+ char *link_name;
-+
-+ if (n == 0 || n > SIZE_MAX)
-+ {
-+ error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name);
-+ link_name = NULL;
-+ }
-+ else
-+ {
-+ link_name = xmalloc (n);
-+ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
-+ link_name[file_hdr->c_filesize] = '\0';
-+ tape_skip_padding (in_file_des, file_hdr->c_filesize);
-+ }
-+ return link_name;
-+}
-+
-+
- static void
- list_file(struct cpio_file_stat* file_hdr, int in_file_des)
- {
-@@ -136,21 +158,16 @@ list_file(struct cpio_file_stat* file_hd
- {
- if (archive_format != arf_tar && archive_format != arf_ustar)
- {
-- char *link_name = NULL; /* Name of hard and symbolic links. */
--
-- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
-- link_name[file_hdr->c_filesize] = '\0';
-- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
-- long_format (file_hdr, link_name);
-- free (link_name);
-- tape_skip_padding (in_file_des, file_hdr->c_filesize);
-- return;
-+ char *link_name = get_link_name (file_hdr, in_file_des);
-+ if (link_name)
-+ {
-+ long_format (file_hdr, link_name);
-+ free (link_name);
-+ }
- }
- else
-- {
- long_format (file_hdr, file_hdr->c_tar_linkname);
-- return;
-- }
-+ return;
- }
- else
- #endif
-@@ -732,10 +749,7 @@ copyin_link(struct cpio_file_stat *file_
-
- if (archive_format != arf_tar && archive_format != arf_ustar)
- {
-- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
-- link_name[file_hdr->c_filesize] = '\0';
-- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
-- tape_skip_padding (in_file_des, file_hdr->c_filesize);
-+ link_name = get_link_name (file_hdr, in_file_des);
- }
- else
- {
-diff -Nurp cpio-2.8.orig/tests/Makefile.am cpio-2.8/tests/Makefile.am
---- cpio-2.8.orig/tests/Makefile.am 2006-10-24 18:32:13.000000000 +0800
-+++ cpio-2.8/tests/Makefile.am 2014-12-08 11:30:52.387789482 +0800
-@@ -45,6 +45,8 @@ TESTSUITE_AT = \
- testsuite.at\
- inout.at\
- symlink.at\
-+ symlink-bad-length.at\
-+ symlink-long.at\
- version.at
-
- TESTSUITE = $(srcdir)/testsuite
-diff -Nurp cpio-2.8.orig/tests/symlink-bad-length.at cpio-2.8/tests/symlink-bad-length.at
---- cpio-2.8.orig/tests/symlink-bad-length.at 1970-01-01 08:00:00.000000000 +0800
-+++ cpio-2.8/tests/symlink-bad-length.at 2014-12-08 11:33:25.283783507 +0800
-@@ -0,0 +1,49 @@
-+# Process this file with autom4te to create testsuite. -*- Autotest -*-
-+# Copyright (C) 2014 Free Software Foundation, Inc.
-+
-+# This program is free software; you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation; either version 3, or (at your option)
-+# any later version.
-+
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+# GNU General Public License for more details.
-+
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software
-+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-+# 02110-1301 USA.
-+
-+# Cpio v2.11 did segfault with badly set symlink length.
-+# References:
-+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
-+
-+AT_SETUP([symlink-bad-length])
-+AT_KEYWORDS([symlink-long copyout])
-+
-+AT_DATA([ARCHIVE.base64],
-+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
-+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
-+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-+])
-+
-+AT_CHECK([
-+base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
-+cpio -ntv < ARCHIVE
-+test $? -eq 2
-+],
-+[0],
-+[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE
-+],[cpio: LINK: stored filename length too big
-+cpio: premature end of file
-+])
-+
-+AT_CLEANUP
-diff -Nurp cpio-2.8.orig/tests/symlink-long.at cpio-2.8/tests/symlink-long.at
---- cpio-2.8.orig/tests/symlink-long.at 1970-01-01 08:00:00.000000000 +0800
-+++ cpio-2.8/tests/symlink-long.at 2014-12-08 11:34:28.807781024 +0800
-@@ -0,0 +1,46 @@
-+# Process this file with autom4te to create testsuite. -*- Autotest -*-
-+# Copyright (C) 2014 Free Software Foundation, Inc.
-+
-+# This program is free software; you can redistribute it and/or modify
-+# it under the terms of the GNU General Public License as published by
-+# the Free Software Foundation; either version 3, or (at your option)
-+# any later version.
-+
-+# This program is distributed in the hope that it will be useful,
-+# but WITHOUT ANY WARRANTY; without even the implied warranty of
-+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-+# GNU General Public License for more details.
-+
-+# You should have received a copy of the GNU General Public License
-+# along with this program; if not, write to the Free Software
-+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-+# 02110-1301 USA.
-+
-+# Cpio v2.11.90 changed the way symlink name is read from archive.
-+# References:
-+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
-+
-+AT_SETUP([symlink-long])
-+AT_KEYWORDS([symlink-long copyout])
-+
-+AT_CHECK([
-+
-+# len(dirname) > READBUFSIZE
-+dirname=
-+for i in {1..52}; do
-+ dirname="xxxxxxxxx/$dirname"
-+ mkdir "$dirname"
-+done
-+ln -s "$dirname" x || AT_SKIP_TEST
-+
-+echo x | cpio -o > ar
-+list=`cpio -tv < ar | sed 's|.*-> ||'`
-+test "$list" = "$dirname" && echo success || echo fail
-+],
-+[0],
-+[success
-+],[2 blocks
-+2 blocks
-+])
-+
-+AT_CLEANUP
-diff -Nurp cpio-2.8.orig/tests/testsuite.at cpio-2.8/tests/testsuite.at
---- cpio-2.8.orig/tests/testsuite.at 2006-10-24 18:32:13.000000000 +0800
-+++ cpio-2.8/tests/testsuite.at 2014-12-08 11:34:56.515779942 +0800
-@@ -31,3 +31,5 @@ m4_include([version.at])
-
- m4_include([inout.at])
- m4_include([symlink.at])
-+m4_include([symlink-bad-length.at])
-+m4_include([symlink-long.at])
diff --git a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch b/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch
deleted file mode 100644
index e16585dd3f..0000000000
--- a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-Upstream-Status: Inappropriate [licensing]
-
-# Define AC_USE_SYSTEM_EXTENSIONS only if it was previously undefined.
-# This is needed to configure correctly with newer versions of autoconf.
-
-diff -urN cpio-2.8.orig/m4/extensions.m4 cpio-2.8/m4/extensions.m4
---- cpio-2.8.orig/m4/extensions.m4 2006-10-12 04:34:45.000000000 -0700
-+++ cpio-2.8/m4/extensions.m4 2010-07-23 14:37:36.000000000 -0700
-@@ -1,4 +1,4 @@
--# serial 4 -*- Autoconf -*-
-+# serial 5 -*- Autoconf -*-
- # Enable extensions on systems that normally disable them.
-
- # Copyright (C) 2003, 2006 Free Software Foundation, Inc.
-@@ -16,6 +16,7 @@
- # ------------------------
- # Enable extensions on systems that normally disable them,
- # typically due to standards-conformance issues.
-+m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [], [
- AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS],
- [
- AC_BEFORE([$0], [AC_COMPILE_IFELSE])
-@@ -48,7 +49,7 @@
- AC_DEFINE([__EXTENSIONS__])
- AC_DEFINE([_POSIX_PTHREAD_SEMANTICS])
- AC_DEFINE([_TANDEM_SOURCE])
--])
-+])])
-
- # gl_USE_SYSTEM_EXTENSIONS
- # ------------------------
diff --git a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch b/meta/recipes-extended/cpio/cpio-2.8/statdef.patch
deleted file mode 100644
index a00799fea9..0000000000
--- a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch
+++ /dev/null
@@ -1,15 +0,0 @@
-Upstream-Status: Inappropriate [licensing]
-
-# Avoid multiple stat definitions
-# Patch taken from cpio mailing list posting 2010-03-19
-
-diff -urN cpio-2.11.orig/src/filetypes.h cpio-2.11/src/filetypes.h
---- cpio-2.11.orig/src/filetypes.h 2010-02-12 02:19:23.000000000 -0800
-+++ cpio-2.11/src/filetypes.h 2010-07-23 13:17:25.000000000 -0700
-@@ -82,4 +82,6 @@
- #define lstat stat
- #endif
- int lstat ();
-+#ifndef stat
- int stat ();
-+#endif
diff --git a/meta/recipes-extended/cpio/cpio_2.12.bb b/meta/recipes-extended/cpio/cpio_2.12.bb
deleted file mode 100644
index e7439996bb..0000000000
--- a/meta/recipes-extended/cpio/cpio_2.12.bb
+++ /dev/null
@@ -1,12 +0,0 @@
-include cpio_v2.inc
-
-LICENSE = "GPLv3"
-LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
-
-SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
- file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
- file://0001-Fix-CVE-2015-1197.patch \
- "
-
-SRC_URI[md5sum] = "fc207561a86b63862eea4b8300313e86"
-SRC_URI[sha256sum] = "08a35e92deb3c85d269a0059a27d4140a9667a6369459299d08c17f713a92e73"
diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb b/meta/recipes-extended/cpio/cpio_2.13.bb
new file mode 100644
index 0000000000..7a3c8b308b
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -0,0 +1,77 @@
+SUMMARY = "GNU cpio is a program to manage archives of files"
+DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \
+another. It handles a number of cpio formats as well as reading and writing tar files."
+HOMEPAGE = "http://www.gnu.org/software/cpio/"
+SECTION = "base"
+LICENSE = "GPL-3.0-only"
+LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
+
+SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
+ file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
+ file://0002-src-global.c-Remove-superfluous-declaration-of-progr.patch \
+ file://0001-obstack-Fix-a-clang-warning.patch \
+ file://CVE-2021-38185.patch \
+ file://0001-Use-__alignof__-with-clang.patch \
+ file://run-ptest \
+ "
+
+SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
+SRC_URI[sha256sum] = "e87470d9c984317f658567c03bfefb6b0c829ff17dbf6b0de48d71a4c8f3db88"
+
+inherit autotools gettext texinfo ptest
+
+# Issue applies to use of cpio in SUSE/OBS, doesn't apply to us
+CVE_CHECK_IGNORE += "CVE-2010-4226"
+
+EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}"
+
+do_install () {
+ autotools_do_install
+ if [ "${base_bindir}" != "${bindir}" ]; then
+ install -d ${D}${base_bindir}/
+ mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio"
+ if [ "${sbindir}" != "${bindir}" ]; then
+ rmdir ${D}${bindir}/
+ fi
+ fi
+
+ # Avoid conflicts with the version from tar
+ mv "${D}${mandir}/man8/rmt.8" "${D}${mandir}/man8/rmt-cpio.8"
+}
+
+do_compile_ptest() {
+ oe_runmake -C ${B}/gnu/ check
+ oe_runmake -C ${B}/lib/ check
+ oe_runmake -C ${B}/rmt/ check
+ oe_runmake -C ${B}/src/ check
+ oe_runmake -C ${B}/tests/ genfile
+}
+
+do_install_ptest() {
+ install -d ${D}${PTEST_PATH}/tests/
+ sed -i "/abs_/d" ${B}/tests/atconfig
+ install --mode=755 ${B}/tests/atconfig ${D}${PTEST_PATH}/tests/
+ sed -i "s%${B}/tests:%%g" ${B}/tests/atlocal
+ sed -i "s%${B}/src:%%g" ${B}/tests/atlocal
+ install --mode=755 ${B}/tests/atlocal ${D}${PTEST_PATH}/tests/
+ install --mode=755 ${B}/tests/genfile ${D}${PTEST_PATH}/tests/
+ install --mode=755 ${S}/tests/testsuite ${D}${PTEST_PATH}/tests/
+}
+
+PACKAGES =+ "${PN}-rmt"
+
+FILES:${PN}-rmt = "${sbindir}/rmt*"
+
+inherit update-alternatives
+
+ALTERNATIVE_PRIORITY = "100"
+
+ALTERNATIVE:${PN} = "cpio"
+ALTERNATIVE:${PN}-rmt = "rmt"
+
+ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio"
+
+ALTERNATIVE_PRIORITY[rmt] = "50"
+ALTERNATIVE_LINK_NAME[rmt] = "${sbindir}/rmt"
+
+BBCLASSEXTEND = "native nativesdk"
diff --git a/meta/recipes-extended/cpio/cpio_2.8.bb b/meta/recipes-extended/cpio/cpio_2.8.bb
deleted file mode 100644
index 624906b134..0000000000
--- a/meta/recipes-extended/cpio/cpio_2.8.bb
+++ /dev/null
@@ -1,19 +0,0 @@
-require cpio_v2.inc
-
-LICENSE = "GPLv2"
-LIC_FILES_CHKSUM = "file://COPYING;md5=b7f772ea3a2489231cb4872656cac34b"
-
-PR = "r4"
-
-SRC_URI += " \
- file://statdef.patch \
- file://m4extensions.patch \
- file://avoid_heap_overflow.patch \
- file://fix-memory-overrun.patch \
- "
-
-SRC_URI[md5sum] = "0caa356e69e149fb49b76bacc64615a1"
-SRC_URI[sha256sum] = "1b203248874c3b5a728b351f06513e5282f73e0170b7f207fbf8c39f28f6b4ad"
-
-# Required to build with gcc 4.3 and later:
-CFLAGS += "-fgnu89-inline"
diff --git a/meta/recipes-extended/cpio/cpio_v2.inc b/meta/recipes-extended/cpio/cpio_v2.inc
deleted file mode 100644
index 31adb717d4..0000000000
--- a/meta/recipes-extended/cpio/cpio_v2.inc
+++ /dev/null
@@ -1,43 +0,0 @@
-SUMMARY = "GNU cpio is a program to manage archives of files"
-DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \
-another. It handles a number of cpio formats as well as reading and writing tar files."
-HOMEPAGE = "http://www.gnu.org/software/cpio/"
-SECTION = "base"
-
-DEPENDS = "texinfo-native"
-
-SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
- "
-
-inherit autotools gettext texinfo
-
-S = "${WORKDIR}/cpio-${PV}"
-
-EXTRA_OECONF += "DEFAULT_RMT_DIR=${base_sbindir}"
-
-do_install () {
- autotools_do_install
- if [ "${base_bindir}" != "${bindir}" ]; then
- install -d ${D}${base_bindir}/
- mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio"
- rmdir ${D}${bindir}/
- fi
-}
-
-PACKAGES =+ "${PN}-rmt"
-
-FILES_${PN}-rmt = "${base_sbindir}/rmt*"
-
-inherit update-alternatives
-
-ALTERNATIVE_PRIORITY = "100"
-
-ALTERNATIVE_${PN} = "cpio"
-ALTERNATIVE_${PN}-rmt = "rmt"
-
-ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio"
-
-ALTERNATIVE_PRIORITY[rmt] = "50"
-ALTERNATIVE_LINK_NAME[rmt] = "${base_sbindir}/rmt"
-
-BBCLASSEXTEND = "native"
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-05-29 07:53:40 +0000