diff options
Diffstat (limited to 'meta/recipes-extended/cpio')
15 files changed, 765 insertions, 541 deletions
diff --git a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch b/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch deleted file mode 100644 index 5c999197ff..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch +++ /dev/null @@ -1,178 +0,0 @@ -From dcee489f821c1260a0136fcdfdb6ff4dd11086ac Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin <alex.kanavin@gmail.com> -Date: Wed, 9 Dec 2015 17:58:03 +0200 -Subject: [PATCH] Fix CVE-2015-1197 - -Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197. -Upstream is dormant or no longer existing. To restore the old -behaviour use --extract-over-symlinks (Closes: #774669) -This issue has been discovered by Alexander Cherepanov. -Author: Vitezslav Cizek <vcizek@suse.cz> -Bug-Debian: https://bugs.debian.org/774669 - -Upstream-Status: Pending -CVE: CVE-2015-1197 -Signed-off-by: Robert Yang <liezhi.yang@windriver.com> -Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> - ---- - doc/cpio.1 | 1 + - src/copyin.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ - src/extern.h | 1 + - src/global.c | 3 +++ - src/main.c | 7 +++++++ - 5 files changed, 74 insertions(+) - -diff --git a/doc/cpio.1 b/doc/cpio.1 -index 2a68241..dc4676c 100644 ---- a/doc/cpio.1 -+++ b/doc/cpio.1 -@@ -49,6 +49,7 @@ cpio \- copy files to and from archives - [\fB\-\-no\-preserve\-owner\fR] [\fB\-\-message=\fIMESSAGE\fR] - [\fB\-\-force\-local\fR] [\fB\-\-no\-absolute\-filenames\fR] [\fB\-\-sparse\fR] - [\fB\-\-only\-verify\-crc\fR] [\fB\-\-to\-stdout\fR] [\fB\-\-quiet\fR] -+[\fB\-\-extract\-over\-symlinks\fR] - [\fB\-\-rsh\-command=\fICOMMAND\fR] - [\fIpattern\fR...] [\fB<\fR \fIarchive\fR] - -diff --git a/src/copyin.c b/src/copyin.c -index cde911e..053afe7 100644 ---- a/src/copyin.c -+++ b/src/copyin.c -@@ -695,6 +695,51 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) - free (link_name); - } - -+ -+static int -+path_contains_symlink(char *path) -+{ -+ struct stat st; -+ char *slash; -+ char *nextslash; -+ -+ /* we got NULL pointer or empty string */ -+ if (!path || !*path) { -+ return false; -+ } -+ -+ slash = path; -+ -+ while ((nextslash = strchr(slash + 1, '/')) != NULL) { -+ slash = nextslash; -+ *slash = '\0'; -+ -+ if (lstat(path, &st) != 0) { -+ if (errno == ELOOP) { -+ /* ELOOP - too many symlinks */ -+ *slash = '/'; -+ return true; -+ } else if (errno == ENOMEM) { -+ /* No memory for lstat - terminate */ -+ xalloc_die(); -+ } else { -+ /* cannot lstat path - give up */ -+ *slash = '/'; -+ return false; -+ } -+ } -+ -+ if (S_ISLNK(st.st_mode)) { -+ *slash = '/'; -+ return true; -+ } -+ -+ *slash = '/'; -+ } -+ -+ return false; -+} -+ - static void - copyin_file (struct cpio_file_stat *file_hdr, int in_file_des) - { -@@ -1468,6 +1513,23 @@ process_copy_in () - { - /* Copy the input file into the directory structure. */ - -+ /* Can we write files over symlinks? */ -+ if (!extract_over_symlinks) -+ { -+ if (path_contains_symlink(file_hdr.c_name)) -+ { -+ /* skip the file */ -+ /* -+ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name); -+ tape_toss_input (in_file_des, file_hdr.c_filesize); -+ tape_skip_padding (in_file_des, file_hdr.c_filesize); -+ continue; -+ */ -+ /* terminate */ -+ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name); -+ } -+ } -+ - /* Do we need to rename the file? */ - if (rename_flag || rename_batch_file) - { -diff --git a/src/extern.h b/src/extern.h -index e27d662..d864bde 100644 ---- a/src/extern.h -+++ b/src/extern.h -@@ -96,6 +96,7 @@ extern char input_is_special; - extern char output_is_special; - extern char input_is_seekable; - extern char output_is_seekable; -+extern bool extract_over_symlinks; - extern int (*xstat) (); - extern void (*copy_function) (); - extern char *change_directory_option; -diff --git a/src/global.c b/src/global.c -index 57e505a..336fce4 100644 ---- a/src/global.c -+++ b/src/global.c -@@ -187,6 +187,9 @@ bool to_stdout_option = false; - /* The name this program was run with. */ - char *program_name; - -+/* Extract files over symbolic links */ -+bool extract_over_symlinks; -+ - /* A pointer to either lstat or stat, depending on whether - dereferencing of symlinks is done for input files. */ - int (*xstat) (); -diff --git a/src/main.c b/src/main.c -index a13861f..87cb309 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -59,6 +59,7 @@ enum cpio_options { - DEBUG_OPTION, - BLOCK_SIZE_OPTION, - TO_STDOUT_OPTION, -+ EXTRACT_OVER_SYMLINKS, - RENUMBER_INODES_OPTION, - IGNORE_DEVNO_OPTION, - DEVICE_INDEPENDENT_OPTION -@@ -243,6 +244,8 @@ static struct argp_option options[] = { - N_("Create leading directories where needed"), GRID+1 }, - {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0, - N_("Do not change the ownership of the files"), GRID+1 }, -+ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0, -+ N_("Force writing over symbolic links"), GRID+1 }, - {"unconditional", 'u', NULL, 0, - N_("Replace all files unconditionally"), GRID+1 }, - {"sparse", SPARSE_OPTION, NULL, 0, -@@ -432,6 +435,10 @@ crc newc odc bin ustar tar (all-caps also recognized)"), arg)); - no_chown_flag = true; - break; - -+ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */ -+ extract_over_symlinks = true; -+ break; -+ - case 'o': /* Copy-out mode. */ - if (copy_function != 0) - USAGE_ERROR ((0, 0, _("Mode already defined"))); --- -2.6.2 - diff --git a/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch index 6ae213942c..6ae213942c 100644 --- a/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch +++ b/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch diff --git a/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch new file mode 100644 index 0000000000..d637e70395 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/0001-Use-__alignof__-with-clang.patch @@ -0,0 +1,42 @@ +From 6e169bb5fadb73b4dd300b28e9cae1e1772855e8 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Sun, 15 Jan 2023 02:05:23 -0800 +Subject: [PATCH] Use __alignof__ with clang. + +For clang versions < 8, use the same +workaround as for GCC versions < 4.9. + +Backport couple of gnulib patches squashed + +[1] https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=57caf9541d98314102a55dd1cd0b8dc2be747471 +[2] https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=2af490a4c4ce85567296e27be6a9528964ca851e + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gnulib.git/commit/lib/stdalign.in.h?id=57caf9541d98314102a55dd1cd0b8dc2be747471] + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + gnu/stdalign.in.h | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/gnu/stdalign.in.h b/gnu/stdalign.in.h +index 5f56eee..e6e6a65 100644 +--- a/gnu/stdalign.in.h ++++ b/gnu/stdalign.in.h +@@ -53,9 +53,12 @@ + #undef _Alignof + + /* GCC releases before GCC 4.9 had a bug in _Alignof. See GCC bug 52023 +- <http://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. */ ++ <https://gcc.gnu.org/bugzilla/show_bug.cgi?id=52023>. ++ clang versions < 8.0.0 have the same bug. */ + #if (!defined __STDC_VERSION__ || __STDC_VERSION__ < 201112 \ +- || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9))) ++ || (defined __GNUC__ && __GNUC__ < 4 + (__GNUC_MINOR__ < 9) \ ++ && !defined __clang__) \ ++ || (defined __clang__ && __clang_major__ < 8)) + # ifdef __cplusplus + # if 201103 <= __cplusplus + # define _Alignof(type) alignof (type) +-- +2.39.0 + diff --git a/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch b/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch new file mode 100644 index 0000000000..6f6e396ef3 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/0001-obstack-Fix-a-clang-warning.patch @@ -0,0 +1,27 @@ +From 02f1f63d3ff58f3473f1689a0322a234ce10b659 Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Fri, 13 Jan 2023 22:13:45 -0800 +Subject: [PATCH] obstack: Fix a clang warning + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/gnulib.git/commit/?id=0cc39712803ade7b2d4b89c36b143dad72404063] +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + gnu/obstack.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/gnu/obstack.c b/gnu/obstack.c +index 54b675d..4d6a1d5 100644 +--- a/gnu/obstack.c ++++ b/gnu/obstack.c +@@ -326,7 +326,7 @@ int obstack_exit_failure = EXIT_FAILURE; + # include <libio/iolibio.h> + # endif + +-static _Noreturn void ++static __attribute_noreturn__ void + print_and_abort (void) + { + /* Don't change any of these strings. Yes, it would be possible to add +-- +2.39.0 + diff --git a/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch b/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch new file mode 100644 index 0000000000..478324c1c4 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/0002-src-global.c-Remove-superfluous-declaration-of-progr.patch @@ -0,0 +1,28 @@ +From 33e6cb5a28fab3d99bd6818f8c01e6f33805390f Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff <gray@gnu.org> +Date: Mon, 20 Jan 2020 07:45:39 +0200 +Subject: [PATCH] src/global.c: Remove superfluous declaration of program_name + +Upstream-Status: Backport (commit 641d3f4) +Signed-off-by: Richard Leitner <richard.leitner@skidata.com> +--- + src/global.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/src/global.c b/src/global.c +index fb3abe9..acf92bc 100644 +--- a/src/global.c ++++ b/src/global.c +@@ -184,9 +184,6 @@ unsigned int warn_option = 0; + /* Extract to standard output? */ + bool to_stdout_option = false; + +-/* The name this program was run with. */ +-char *program_name; +- + /* A pointer to either lstat or stat, depending on whether + dereferencing of symlinks is done for input files. */ + int (*xstat) (); +-- +2.26.2 + diff --git a/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch new file mode 100644 index 0000000000..6ceafeee49 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/CVE-2021-38185.patch @@ -0,0 +1,581 @@ +GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted +pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers +an out-of-bounds heap write. + +CVE: CVE-2021-38185 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@arm.com> + +From e494c68a3a0951b1eaba77e2db93f71a890e15d8 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff <gray@gnu.org> +Date: Sat, 7 Aug 2021 12:52:21 +0300 +Subject: [PATCH 1/3] Rewrite dynamic string support. + +* src/dstring.c (ds_init): Take a single argument. +(ds_free): New function. +(ds_resize): Take a single argument. Use x2nrealloc to expand +the storage. +(ds_reset,ds_append,ds_concat,ds_endswith): New function. +(ds_fgetstr): Rewrite. In particular, this fixes integer overflow. +* src/dstring.h (dynamic_string): Keep both the allocated length +(ds_size) and index of the next free byte in the string (ds_idx). +(ds_init,ds_resize): Change signature. +(ds_len): New macro. +(ds_free,ds_reset,ds_append,ds_concat,ds_endswith): New protos. +* src/copyin.c: Use new ds_ functions. +* src/copyout.c: Likewise. +* src/copypass.c: Likewise. +* src/util.c: Likewise. +--- + src/copyin.c | 40 +++++++++++------------ + src/copyout.c | 16 ++++----- + src/copypass.c | 34 +++++++++---------- + src/dstring.c | 88 ++++++++++++++++++++++++++++++++++++-------------- + src/dstring.h | 31 +++++++++--------- + src/util.c | 6 ++-- + 6 files changed, 123 insertions(+), 92 deletions(-) + +diff --git a/src/copyin.c b/src/copyin.c +index b29f348..37e503a 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -55,11 +55,12 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + char *str_res; /* Result for string function. */ + static dynamic_string new_name; /* New file name for rename option. */ + static int initialized_new_name = false; ++ + if (!initialized_new_name) +- { +- ds_init (&new_name, 128); +- initialized_new_name = true; +- } ++ { ++ ds_init (&new_name); ++ initialized_new_name = true; ++ } + + if (rename_flag) + { +@@ -779,37 +780,36 @@ long_format (struct cpio_file_stat *file_hdr, char const *link_name) + already in `save_patterns' (from the command line) are preserved. */ + + static void +-read_pattern_file () ++read_pattern_file (void) + { +- int max_new_patterns; +- char **new_save_patterns; +- int new_num_patterns; ++ char **new_save_patterns = NULL; ++ size_t max_new_patterns; ++ size_t new_num_patterns; + int i; +- dynamic_string pattern_name; ++ dynamic_string pattern_name = DYNAMIC_STRING_INITIALIZER; + FILE *pattern_fp; + + if (num_patterns < 0) + num_patterns = 0; +- max_new_patterns = 1 + num_patterns; +- new_save_patterns = (char **) xmalloc (max_new_patterns * sizeof (char *)); + new_num_patterns = num_patterns; +- ds_init (&pattern_name, 128); ++ max_new_patterns = num_patterns; ++ new_save_patterns = xcalloc (max_new_patterns, sizeof (new_save_patterns[0])); + + pattern_fp = fopen (pattern_file_name, "r"); + if (pattern_fp == NULL) + open_fatal (pattern_file_name); + while (ds_fgetstr (pattern_fp, &pattern_name, '\n') != NULL) + { +- if (new_num_patterns >= max_new_patterns) +- { +- max_new_patterns += 1; +- new_save_patterns = (char **) +- xrealloc ((char *) new_save_patterns, +- max_new_patterns * sizeof (char *)); +- } ++ if (new_num_patterns == max_new_patterns) ++ new_save_patterns = x2nrealloc (new_save_patterns, ++ &max_new_patterns, ++ sizeof (new_save_patterns[0])); + new_save_patterns[new_num_patterns] = xstrdup (pattern_name.ds_string); + ++new_num_patterns; + } ++ ++ ds_free (&pattern_name); ++ + if (ferror (pattern_fp) || fclose (pattern_fp) == EOF) + close_error (pattern_file_name); + +@@ -1196,7 +1196,7 @@ swab_array (char *ptr, int count) + in the file system. */ + + void +-process_copy_in () ++process_copy_in (void) + { + char done = false; /* True if trailer reached. */ + FILE *tty_in = NULL; /* Interactive file for rename option. */ +diff --git a/src/copyout.c b/src/copyout.c +index 8b0beb6..26e3dda 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -594,9 +594,10 @@ assign_string (char **pvar, char *value) + The format of the header depends on the compatibility (-c) flag. */ + + void +-process_copy_out () ++process_copy_out (void) + { +- dynamic_string input_name; /* Name of file read from stdin. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file read from stdin. */ + struct stat file_stat; /* Stat record for file. */ + struct cpio_file_stat file_hdr = CPIO_FILE_STAT_INITIALIZER; + /* Output header information. */ +@@ -605,7 +606,6 @@ process_copy_out () + char *orig_file_name = NULL; + + /* Initialize the copy out. */ +- ds_init (&input_name, 128); + file_hdr.c_magic = 070707; + + /* Check whether the output file might be a tape. */ +@@ -657,14 +657,9 @@ process_copy_out () + { + if (file_hdr.c_mode & CP_IFDIR) + { +- int len = strlen (input_name.ds_string); + /* Make sure the name ends with a slash */ +- if (input_name.ds_string[len-1] != '/') +- { +- ds_resize (&input_name, len + 2); +- input_name.ds_string[len] = '/'; +- input_name.ds_string[len+1] = 0; +- } ++ if (!ds_endswith (&input_name, '/')) ++ ds_append (&input_name, '/'); + } + } + +@@ -875,6 +870,7 @@ process_copy_out () + (unsigned long) blocks), (unsigned long) blocks); + } + cpio_file_stat_free (&file_hdr); ++ ds_free (&input_name); + } + + +diff --git a/src/copypass.c b/src/copypass.c +index dc13b5b..62f31c6 100644 +--- a/src/copypass.c ++++ b/src/copypass.c +@@ -48,10 +48,12 @@ set_copypass_perms (int fd, const char *name, struct stat *st) + If `link_flag', link instead of copying. */ + + void +-process_copy_pass () ++process_copy_pass (void) + { +- dynamic_string input_name; /* Name of file from stdin. */ +- dynamic_string output_name; /* Name of new file. */ ++ dynamic_string input_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of file from stdin. */ ++ dynamic_string output_name = DYNAMIC_STRING_INITIALIZER; ++ /* Name of new file. */ + size_t dirname_len; /* Length of `directory_name'. */ + int res; /* Result of functions. */ + char *slash; /* For moving past slashes in input name. */ +@@ -65,25 +67,18 @@ process_copy_pass () + created files */ + + /* Initialize the copy pass. */ +- ds_init (&input_name, 128); + + dirname_len = strlen (directory_name); + if (change_directory_option && !ISSLASH (directory_name[0])) + { + char *pwd = xgetcwd (); +- +- dirname_len += strlen (pwd) + 1; +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, pwd); +- strcat (output_name.ds_string, "/"); +- strcat (output_name.ds_string, directory_name); ++ ++ ds_concat (&output_name, pwd); ++ ds_append (&output_name, '/'); + } +- else +- { +- ds_init (&output_name, dirname_len + 2); +- strcpy (output_name.ds_string, directory_name); +- } +- output_name.ds_string[dirname_len] = '/'; ++ ds_concat (&output_name, directory_name); ++ ds_append (&output_name, '/'); ++ dirname_len = ds_len (&output_name); + output_is_seekable = true; + + change_dir (); +@@ -116,8 +111,8 @@ process_copy_pass () + /* Make the name of the new file. */ + for (slash = input_name.ds_string; *slash == '/'; ++slash) + ; +- ds_resize (&output_name, dirname_len + strlen (slash) + 2); +- strcpy (output_name.ds_string + dirname_len + 1, slash); ++ ds_reset (&output_name, dirname_len); ++ ds_concat (&output_name, slash); + + existing_dir = false; + if (lstat (output_name.ds_string, &out_file_stat) == 0) +@@ -333,6 +328,9 @@ process_copy_pass () + (unsigned long) blocks), + (unsigned long) blocks); + } ++ ++ ds_free (&input_name); ++ ds_free (&output_name); + } + + /* Try and create a hard link from FILE_NAME to another file +diff --git a/src/dstring.c b/src/dstring.c +index e9c063f..358f356 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -20,8 +20,8 @@ + #if defined(HAVE_CONFIG_H) + # include <config.h> + #endif +- + #include <stdio.h> ++#include <stdlib.h> + #if defined(HAVE_STRING_H) || defined(STDC_HEADERS) + #include <string.h> + #else +@@ -33,24 +33,41 @@ + /* Initialiaze dynamic string STRING with space for SIZE characters. */ + + void +-ds_init (dynamic_string *string, int size) ++ds_init (dynamic_string *string) ++{ ++ memset (string, 0, sizeof *string); ++} ++ ++/* Free the dynamic string storage. */ ++ ++void ++ds_free (dynamic_string *string) + { +- string->ds_length = size; +- string->ds_string = (char *) xmalloc (size); ++ free (string->ds_string); + } + +-/* Expand dynamic string STRING, if necessary, to hold SIZE characters. */ ++/* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string, int size) ++ds_resize (dynamic_string *string) + { +- if (size > string->ds_length) ++ if (string->ds_idx == string->ds_size) + { +- string->ds_length = size; +- string->ds_string = (char *) xrealloc ((char *) string->ds_string, size); ++ string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, ++ 1); + } + } + ++/* Reset the index of the dynamic string S to LEN. */ ++ ++void ++ds_reset (dynamic_string *s, size_t len) ++{ ++ while (len > s->ds_size) ++ ds_resize (s); ++ s->ds_idx = len; ++} ++ + /* Dynamic string S gets a string terminated by the EOS character + (which is removed) from file F. S will increase + in size during the function if the string from F is longer than +@@ -61,34 +78,50 @@ ds_resize (dynamic_string *string, int size) + char * + ds_fgetstr (FILE *f, dynamic_string *s, char eos) + { +- int insize; /* Amount needed for line. */ +- int strsize; /* Amount allocated for S. */ + int next_ch; + + /* Initialize. */ +- insize = 0; +- strsize = s->ds_length; ++ s->ds_idx = 0; + + /* Read the input string. */ +- next_ch = getc (f); +- while (next_ch != eos && next_ch != EOF) ++ while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- if (insize >= strsize - 1) +- { +- ds_resize (s, strsize * 2 + 2); +- strsize = s->ds_length; +- } +- s->ds_string[insize++] = next_ch; +- next_ch = getc (f); ++ ds_resize (s); ++ s->ds_string[s->ds_idx++] = next_ch; + } +- s->ds_string[insize++] = '\0'; ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = '\0'; + +- if (insize == 1 && next_ch == EOF) ++ if (s->ds_idx == 0 && next_ch == EOF) + return NULL; + else + return s->ds_string; + } + ++void ++ds_append (dynamic_string *s, int c) ++{ ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = c; ++ if (c) ++ { ++ s->ds_idx++; ++ ds_resize (s); ++ s->ds_string[s->ds_idx] = 0; ++ } ++} ++ ++void ++ds_concat (dynamic_string *s, char const *str) ++{ ++ size_t len = strlen (str); ++ while (len + 1 > s->ds_size) ++ ds_resize (s); ++ memcpy (s->ds_string + s->ds_idx, str, len); ++ s->ds_idx += len; ++ s->ds_string[s->ds_idx] = 0; ++} ++ + char * + ds_fgets (FILE *f, dynamic_string *s) + { +@@ -100,3 +133,10 @@ ds_fgetname (FILE *f, dynamic_string *s) + { + return ds_fgetstr (f, s, '\0'); + } ++ ++/* Return true if the dynamic string S ends with character C. */ ++int ++ds_endswith (dynamic_string *s, int c) ++{ ++ return (s->ds_idx > 0 && s->ds_string[s->ds_idx - 1] == c); ++} +diff --git a/src/dstring.h b/src/dstring.h +index b5135fe..f5b04ef 100644 +--- a/src/dstring.h ++++ b/src/dstring.h +@@ -17,10 +17,6 @@ + Software Foundation, Inc., 51 Franklin Street, Fifth Floor, + Boston, MA 02110-1301 USA. */ + +-#ifndef NULL +-#define NULL 0 +-#endif +- + /* A dynamic string consists of record that records the size of an + allocated string and the pointer to that string. The actual string + is a normal zero byte terminated string that can be used with the +@@ -30,22 +26,25 @@ + + typedef struct + { +- int ds_length; /* Actual amount of storage allocated. */ +- char *ds_string; /* String. */ ++ size_t ds_size; /* Actual amount of storage allocated. */ ++ size_t ds_idx; /* Index of the next free byte in the string. */ ++ char *ds_string; /* String storage. */ + } dynamic_string; + ++#define DYNAMIC_STRING_INITIALIZER { 0, 0, NULL } + +-/* Macros that look similar to the original string functions. +- WARNING: These macros work only on pointers to dynamic string records. +- If used with a real record, an "&" must be used to get the pointer. */ +-#define ds_strlen(s) strlen ((s)->ds_string) +-#define ds_strcmp(s1, s2) strcmp ((s1)->ds_string, (s2)->ds_string) +-#define ds_strncmp(s1, s2, n) strncmp ((s1)->ds_string, (s2)->ds_string, n) +-#define ds_index(s, c) index ((s)->ds_string, c) +-#define ds_rindex(s, c) rindex ((s)->ds_string, c) ++void ds_init (dynamic_string *string); ++void ds_free (dynamic_string *string); ++void ds_reset (dynamic_string *s, size_t len); + +-void ds_init (dynamic_string *string, int size); +-void ds_resize (dynamic_string *string, int size); ++/* All functions below guarantee that s->ds_string[s->ds_idx] == '\0' */ + char *ds_fgetname (FILE *f, dynamic_string *s); + char *ds_fgets (FILE *f, dynamic_string *s); + char *ds_fgetstr (FILE *f, dynamic_string *s, char eos); ++void ds_append (dynamic_string *s, int c); ++void ds_concat (dynamic_string *s, char const *str); ++ ++#define ds_len(s) ((s)->ds_idx) ++ ++int ds_endswith (dynamic_string *s, int c); ++ +diff --git a/src/util.c b/src/util.c +index 4421b20..6d6bbaa 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -846,11 +846,9 @@ get_next_reel (int tape_des) + FILE *tty_out; /* File for interacting with user. */ + int old_tape_des; + char *next_archive_name; +- dynamic_string new_name; ++ dynamic_string new_name = DYNAMIC_STRING_INITIALIZER; + char *str_res; + +- ds_init (&new_name, 128); +- + /* Open files for interactive communication. */ + tty_in = fopen (TTY_NAME, "r"); + if (tty_in == NULL) +@@ -925,7 +923,7 @@ get_next_reel (int tape_des) + error (PAXEXIT_FAILURE, 0, _("internal error: tape descriptor changed from %d to %d"), + old_tape_des, tape_des); + +- free (new_name.ds_string); ++ ds_free (&new_name); + fclose (tty_in); + fclose (tty_out); + } +-- +2.25.1 + + +From fb7a51bf85b8e6f045cacb4fb783db4a414741bf Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff <gray@gnu.org> +Date: Wed, 11 Aug 2021 18:10:38 +0300 +Subject: [PATCH 2/3] Fix previous commit + +* src/dstring.c (ds_reset,ds_concat): Don't call ds_resize in a +loop. +--- + src/dstring.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/dstring.c b/src/dstring.c +index 358f356..90c691c 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -64,7 +64,7 @@ void + ds_reset (dynamic_string *s, size_t len) + { + while (len > s->ds_size) +- ds_resize (s); ++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); + s->ds_idx = len; + } + +@@ -116,7 +116,7 @@ ds_concat (dynamic_string *s, char const *str) + { + size_t len = strlen (str); + while (len + 1 > s->ds_size) +- ds_resize (s); ++ s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); + memcpy (s->ds_string + s->ds_idx, str, len); + s->ds_idx += len; + s->ds_string[s->ds_idx] = 0; +-- +2.25.1 + + +From 86b37d74b15f9bb5fe62fd1642cc126d3ace0189 Mon Sep 17 00:00:00 2001 +From: Sergey Poznyakoff <gray@gnu.org> +Date: Wed, 18 Aug 2021 09:41:39 +0300 +Subject: [PATCH 3/3] Fix dynamic string reallocations + +* src/dstring.c (ds_resize): Take additional argument: number of +bytes to leave available after ds_idx. All uses changed. +--- + src/dstring.c | 18 ++++++++---------- + 1 file changed, 8 insertions(+), 10 deletions(-) + +diff --git a/src/dstring.c b/src/dstring.c +index 90c691c..0f597cc 100644 +--- a/src/dstring.c ++++ b/src/dstring.c +@@ -49,9 +49,9 @@ ds_free (dynamic_string *string) + /* Expand dynamic string STRING, if necessary. */ + + void +-ds_resize (dynamic_string *string) ++ds_resize (dynamic_string *string, size_t len) + { +- if (string->ds_idx == string->ds_size) ++ while (len + string->ds_idx >= string->ds_size) + { + string->ds_string = x2nrealloc (string->ds_string, &string->ds_size, + 1); +@@ -63,8 +63,7 @@ ds_resize (dynamic_string *string) + void + ds_reset (dynamic_string *s, size_t len) + { +- while (len > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + s->ds_idx = len; + } + +@@ -86,10 +85,10 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + /* Read the input string. */ + while ((next_ch = getc (f)) != eos && next_ch != EOF) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx++] = next_ch; + } +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = '\0'; + + if (s->ds_idx == 0 && next_ch == EOF) +@@ -101,12 +100,12 @@ ds_fgetstr (FILE *f, dynamic_string *s, char eos) + void + ds_append (dynamic_string *s, int c) + { +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = c; + if (c) + { + s->ds_idx++; +- ds_resize (s); ++ ds_resize (s, 0); + s->ds_string[s->ds_idx] = 0; + } + } +@@ -115,8 +114,7 @@ void + ds_concat (dynamic_string *s, char const *str) + { + size_t len = strlen (str); +- while (len + 1 > s->ds_size) +- s->ds_string = x2nrealloc (s->ds_string, &s->ds_size, 1); ++ ds_resize (s, len); + memcpy (s->ds_string + s->ds_idx, str, len); + s->ds_idx += len; + s->ds_string[s->ds_idx] = 0; +-- +2.25.1 + diff --git a/meta/recipes-extended/cpio/cpio-2.13/run-ptest b/meta/recipes-extended/cpio/cpio-2.13/run-ptest new file mode 100644 index 0000000000..bdac7259c1 --- /dev/null +++ b/meta/recipes-extended/cpio/cpio-2.13/run-ptest @@ -0,0 +1,10 @@ +#!/bin/sh + +# Define cpio test work dir +WORKDIR=/usr/lib/cpio/ptest/tests/ + +# Run test +cd ${WORKDIR} +./atconfig ./atlocal ./testsuite + +./testsuite 2>&1 | grep -E '[0-9]{1,3}: ' | sed -e 's/^.....//' -e '/[ok]$/s/^/PASS: /;/FAILED (.*)/s/^/FAIL: /;/skipped (.*)/s/^/SKIP: /;/expected failure/ s/^/PASS: /;/UNEXPECTED PASS/s/^/FAIL: /' -e 's/ok$//g' -e 's/FAILED.*//g' -e 's/skipped.*//g' -e 's/expected failure.*//g' -e 's/UNEXPECTED PASS.*//g' diff --git a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch deleted file mode 100644 index a31573510a..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch +++ /dev/null @@ -1,26 +0,0 @@ -Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624] -CVE: CVE-2010-0624 - -This patch avoids heap overflow reported by : -http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624 - -This is a clean patch for the GPLv2 tar recipe. - -the GPLv2 tar recipe patch is also applicable to this GPLv2 cpio -recipe, as they share code. - -Nitin A Kamble <nitin.a.kamble@intel.com> 2011/04/25 - -Index: tar-1.17/lib/rtapelib.c -=================================================================== ---- tar-1.17.orig/lib/rtapelib.c -+++ tar-1.17/lib/rtapelib.c -@@ -570,7 +570,7 @@ rmt_read__ (int handle, char *buffer, si - - sprintf (command_buffer, "R%lu\n", (unsigned long) length); - if (do_command (handle, command_buffer) == -1 -- || (status = get_status (handle)) == SAFE_READ_ERROR) -+ || ((status = get_status (handle)) == SAFE_READ_ERROR) || (status > length)) - return SAFE_READ_ERROR; - - for (counter = 0; counter < status; counter += rlen, buffer += rlen) diff --git a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch b/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch deleted file mode 100644 index 0148e70797..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch +++ /dev/null @@ -1,217 +0,0 @@ -cpio: Fix memory overrun on reading improperly created link records - -Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> - -http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d - - * src/copyin.c (get_link_name): New function. - (list_file, copyin_link): use get_link_name - - * tests/symlink-bad-length.at: New file. - * tests/symlink-long.at: New file. - * tests/Makefile.am: Add new files. - * tests/testsuite.at: Likewise. - - See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html - -Upstream-Status: Backport - -Signed-off-by: Sergey Poznyakoff <gray@gnu.org.ua> - -diff -Nurp cpio-2.8.orig/src/copyin.c cpio-2.8/src/copyin.c ---- cpio-2.8.orig/src/copyin.c 2007-06-07 19:58:03.000000000 +0800 -+++ cpio-2.8/src/copyin.c 2014-12-08 11:30:01.159791484 +0800 -@@ -126,6 +126,28 @@ tape_skip_padding (int in_file_des, int - } - - -+static char * -+get_link_name (struct cpio_file_stat *file_hdr, int in_file_des) -+{ -+ off_t n = file_hdr->c_filesize + 1; -+ char *link_name; -+ -+ if (n == 0 || n > SIZE_MAX) -+ { -+ error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name); -+ link_name = NULL; -+ } -+ else -+ { -+ link_name = xmalloc (n); -+ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -+ link_name[file_hdr->c_filesize] = '\0'; -+ tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ } -+ return link_name; -+} -+ -+ - static void - list_file(struct cpio_file_stat* file_hdr, int in_file_des) - { -@@ -136,21 +158,16 @@ list_file(struct cpio_file_stat* file_hd - { - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- char *link_name = NULL; /* Name of hard and symbolic links. */ -- -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- long_format (file_hdr, link_name); -- free (link_name); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -- return; -+ char *link_name = get_link_name (file_hdr, in_file_des); -+ if (link_name) -+ { -+ long_format (file_hdr, link_name); -+ free (link_name); -+ } - } - else -- { - long_format (file_hdr, file_hdr->c_tar_linkname); -- return; -- } -+ return; - } - else - #endif -@@ -732,10 +749,7 @@ copyin_link(struct cpio_file_stat *file_ - - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ link_name = get_link_name (file_hdr, in_file_des); - } - else - { -diff -Nurp cpio-2.8.orig/tests/Makefile.am cpio-2.8/tests/Makefile.am ---- cpio-2.8.orig/tests/Makefile.am 2006-10-24 18:32:13.000000000 +0800 -+++ cpio-2.8/tests/Makefile.am 2014-12-08 11:30:52.387789482 +0800 -@@ -45,6 +45,8 @@ TESTSUITE_AT = \ - testsuite.at\ - inout.at\ - symlink.at\ -+ symlink-bad-length.at\ -+ symlink-long.at\ - version.at - - TESTSUITE = $(srcdir)/testsuite -diff -Nurp cpio-2.8.orig/tests/symlink-bad-length.at cpio-2.8/tests/symlink-bad-length.at ---- cpio-2.8.orig/tests/symlink-bad-length.at 1970-01-01 08:00:00.000000000 +0800 -+++ cpio-2.8/tests/symlink-bad-length.at 2014-12-08 11:33:25.283783507 +0800 -@@ -0,0 +1,49 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11 did segfault with badly set symlink length. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-bad-length]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_DATA([ARCHIVE.base64], -+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv -+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF -+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= -+]) -+ -+AT_CHECK([ -+base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST -+cpio -ntv < ARCHIVE -+test $? -eq 2 -+], -+[0], -+[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE -+],[cpio: LINK: stored filename length too big -+cpio: premature end of file -+]) -+ -+AT_CLEANUP -diff -Nurp cpio-2.8.orig/tests/symlink-long.at cpio-2.8/tests/symlink-long.at ---- cpio-2.8.orig/tests/symlink-long.at 1970-01-01 08:00:00.000000000 +0800 -+++ cpio-2.8/tests/symlink-long.at 2014-12-08 11:34:28.807781024 +0800 -@@ -0,0 +1,46 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11.90 changed the way symlink name is read from archive. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-long]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_CHECK([ -+ -+# len(dirname) > READBUFSIZE -+dirname= -+for i in {1..52}; do -+ dirname="xxxxxxxxx/$dirname" -+ mkdir "$dirname" -+done -+ln -s "$dirname" x || AT_SKIP_TEST -+ -+echo x | cpio -o > ar -+list=`cpio -tv < ar | sed 's|.*-> ||'` -+test "$list" = "$dirname" && echo success || echo fail -+], -+[0], -+[success -+],[2 blocks -+2 blocks -+]) -+ -+AT_CLEANUP -diff -Nurp cpio-2.8.orig/tests/testsuite.at cpio-2.8/tests/testsuite.at ---- cpio-2.8.orig/tests/testsuite.at 2006-10-24 18:32:13.000000000 +0800 -+++ cpio-2.8/tests/testsuite.at 2014-12-08 11:34:56.515779942 +0800 -@@ -31,3 +31,5 @@ m4_include([version.at]) - - m4_include([inout.at]) - m4_include([symlink.at]) -+m4_include([symlink-bad-length.at]) -+m4_include([symlink-long.at]) diff --git a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch b/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch deleted file mode 100644 index e16585dd3f..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch +++ /dev/null @@ -1,31 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Define AC_USE_SYSTEM_EXTENSIONS only if it was previously undefined. -# This is needed to configure correctly with newer versions of autoconf. - -diff -urN cpio-2.8.orig/m4/extensions.m4 cpio-2.8/m4/extensions.m4 ---- cpio-2.8.orig/m4/extensions.m4 2006-10-12 04:34:45.000000000 -0700 -+++ cpio-2.8/m4/extensions.m4 2010-07-23 14:37:36.000000000 -0700 -@@ -1,4 +1,4 @@ --# serial 4 -*- Autoconf -*- -+# serial 5 -*- Autoconf -*- - # Enable extensions on systems that normally disable them. - - # Copyright (C) 2003, 2006 Free Software Foundation, Inc. -@@ -16,6 +16,7 @@ - # ------------------------ - # Enable extensions on systems that normally disable them, - # typically due to standards-conformance issues. -+m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [], [ - AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS], - [ - AC_BEFORE([$0], [AC_COMPILE_IFELSE]) -@@ -48,7 +49,7 @@ - AC_DEFINE([__EXTENSIONS__]) - AC_DEFINE([_POSIX_PTHREAD_SEMANTICS]) - AC_DEFINE([_TANDEM_SOURCE]) --]) -+])]) - - # gl_USE_SYSTEM_EXTENSIONS - # ------------------------ diff --git a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch b/meta/recipes-extended/cpio/cpio-2.8/statdef.patch deleted file mode 100644 index a00799fea9..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Avoid multiple stat definitions -# Patch taken from cpio mailing list posting 2010-03-19 - -diff -urN cpio-2.11.orig/src/filetypes.h cpio-2.11/src/filetypes.h ---- cpio-2.11.orig/src/filetypes.h 2010-02-12 02:19:23.000000000 -0800 -+++ cpio-2.11/src/filetypes.h 2010-07-23 13:17:25.000000000 -0700 -@@ -82,4 +82,6 @@ - #define lstat stat - #endif - int lstat (); -+#ifndef stat - int stat (); -+#endif diff --git a/meta/recipes-extended/cpio/cpio_2.12.bb b/meta/recipes-extended/cpio/cpio_2.12.bb deleted file mode 100644 index e7439996bb..0000000000 --- a/meta/recipes-extended/cpio/cpio_2.12.bb +++ /dev/null @@ -1,12 +0,0 @@ -include cpio_v2.inc - -LICENSE = "GPLv3" -LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" - -SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ - file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ - file://0001-Fix-CVE-2015-1197.patch \ - " - -SRC_URI[md5sum] = "fc207561a86b63862eea4b8300313e86" -SRC_URI[sha256sum] = "08a35e92deb3c85d269a0059a27d4140a9667a6369459299d08c17f713a92e73" diff --git a/meta/recipes-extended/cpio/cpio_2.13.bb b/meta/recipes-extended/cpio/cpio_2.13.bb new file mode 100644 index 0000000000..7a3c8b308b --- /dev/null +++ b/meta/recipes-extended/cpio/cpio_2.13.bb @@ -0,0 +1,77 @@ +SUMMARY = "GNU cpio is a program to manage archives of files" +DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \ +another. It handles a number of cpio formats as well as reading and writing tar files." +HOMEPAGE = "http://www.gnu.org/software/cpio/" +SECTION = "base" +LICENSE = "GPL-3.0-only" +LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" + +SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ + file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ + file://0002-src-global.c-Remove-superfluous-declaration-of-progr.patch \ + file://0001-obstack-Fix-a-clang-warning.patch \ + file://CVE-2021-38185.patch \ + file://0001-Use-__alignof__-with-clang.patch \ + file://run-ptest \ + " + +SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810" +SRC_URI[sha256sum] = "e87470d9c984317f658567c03bfefb6b0c829ff17dbf6b0de48d71a4c8f3db88" + +inherit autotools gettext texinfo ptest + +# Issue applies to use of cpio in SUSE/OBS, doesn't apply to us +CVE_CHECK_IGNORE += "CVE-2010-4226" + +EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}" + +do_install () { + autotools_do_install + if [ "${base_bindir}" != "${bindir}" ]; then + install -d ${D}${base_bindir}/ + mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio" + if [ "${sbindir}" != "${bindir}" ]; then + rmdir ${D}${bindir}/ + fi + fi + + # Avoid conflicts with the version from tar + mv "${D}${mandir}/man8/rmt.8" "${D}${mandir}/man8/rmt-cpio.8" +} + +do_compile_ptest() { + oe_runmake -C ${B}/gnu/ check + oe_runmake -C ${B}/lib/ check + oe_runmake -C ${B}/rmt/ check + oe_runmake -C ${B}/src/ check + oe_runmake -C ${B}/tests/ genfile +} + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/tests/ + sed -i "/abs_/d" ${B}/tests/atconfig + install --mode=755 ${B}/tests/atconfig ${D}${PTEST_PATH}/tests/ + sed -i "s%${B}/tests:%%g" ${B}/tests/atlocal + sed -i "s%${B}/src:%%g" ${B}/tests/atlocal + install --mode=755 ${B}/tests/atlocal ${D}${PTEST_PATH}/tests/ + install --mode=755 ${B}/tests/genfile ${D}${PTEST_PATH}/tests/ + install --mode=755 ${S}/tests/testsuite ${D}${PTEST_PATH}/tests/ +} + +PACKAGES =+ "${PN}-rmt" + +FILES:${PN}-rmt = "${sbindir}/rmt*" + +inherit update-alternatives + +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE:${PN} = "cpio" +ALTERNATIVE:${PN}-rmt = "rmt" + +ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" + +ALTERNATIVE_PRIORITY[rmt] = "50" +ALTERNATIVE_LINK_NAME[rmt] = "${sbindir}/rmt" + +BBCLASSEXTEND = "native nativesdk" diff --git a/meta/recipes-extended/cpio/cpio_2.8.bb b/meta/recipes-extended/cpio/cpio_2.8.bb deleted file mode 100644 index 624906b134..0000000000 --- a/meta/recipes-extended/cpio/cpio_2.8.bb +++ /dev/null @@ -1,19 +0,0 @@ -require cpio_v2.inc - -LICENSE = "GPLv2" -LIC_FILES_CHKSUM = "file://COPYING;md5=b7f772ea3a2489231cb4872656cac34b" - -PR = "r4" - -SRC_URI += " \ - file://statdef.patch \ - file://m4extensions.patch \ - file://avoid_heap_overflow.patch \ - file://fix-memory-overrun.patch \ - " - -SRC_URI[md5sum] = "0caa356e69e149fb49b76bacc64615a1" -SRC_URI[sha256sum] = "1b203248874c3b5a728b351f06513e5282f73e0170b7f207fbf8c39f28f6b4ad" - -# Required to build with gcc 4.3 and later: -CFLAGS += "-fgnu89-inline" diff --git a/meta/recipes-extended/cpio/cpio_v2.inc b/meta/recipes-extended/cpio/cpio_v2.inc deleted file mode 100644 index 31adb717d4..0000000000 --- a/meta/recipes-extended/cpio/cpio_v2.inc +++ /dev/null @@ -1,43 +0,0 @@ -SUMMARY = "GNU cpio is a program to manage archives of files" -DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \ -another. It handles a number of cpio formats as well as reading and writing tar files." -HOMEPAGE = "http://www.gnu.org/software/cpio/" -SECTION = "base" - -DEPENDS = "texinfo-native" - -SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ - " - -inherit autotools gettext texinfo - -S = "${WORKDIR}/cpio-${PV}" - -EXTRA_OECONF += "DEFAULT_RMT_DIR=${base_sbindir}" - -do_install () { - autotools_do_install - if [ "${base_bindir}" != "${bindir}" ]; then - install -d ${D}${base_bindir}/ - mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio" - rmdir ${D}${bindir}/ - fi -} - -PACKAGES =+ "${PN}-rmt" - -FILES_${PN}-rmt = "${base_sbindir}/rmt*" - -inherit update-alternatives - -ALTERNATIVE_PRIORITY = "100" - -ALTERNATIVE_${PN} = "cpio" -ALTERNATIVE_${PN}-rmt = "rmt" - -ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" - -ALTERNATIVE_PRIORITY[rmt] = "50" -ALTERNATIVE_LINK_NAME[rmt] = "${base_sbindir}/rmt" - -BBCLASSEXTEND = "native" |