From da972ff634132943de71241e130bdccd3e4cfa47 Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Wed, 8 Feb 2023 08:21:00 +0100 Subject: apr-util: update 1.6.1 -> 1.6.3 Changes with APR-util 1.6.3 *) Correct a packaging issue in 1.6.2. The contents of the release were correct, but the top level directory was misnamed. Changes with APR-util 1.6.2 *) SECURITY: CVE-2022-25147 (cve.mitre.org) Integer Overflow or Wraparound vulnerability in apr_base64 functions of Apache Portable Runtime Utility (APR-util) allows an attacker to write beyond bounds of a buffer. *) Teach configure how to find and build against MariaDB 10.2. PR 61517 [Kris Karas ] *) apr_crypto_commoncrypto: Remove stray reference to -lcrypto that prevented commoncrypto being enabled. [Graham Leggett] *) Add --tag=CC to libtool invocations. PR 62640. [Michael Osipov] *) apr_dbm_gdbm: Fix handling of error codes. This makes gdbm 1.14 work. apr_dbm_gdbm will now also return error codes starting with APR_OS_START_USEERR, as apr_dbm_berkleydb does, instead of always returning APR_EGENERAL. [Stefan Fritsch] Drop backport. Signed-off-by: Alexander Kanavin Signed-off-by: Luca Ceresoli Signed-off-by: Richard Purdie (cherry picked from commit dca707f9fecc805503e17f6db3e4c88069ac0125) Signed-off-by: Steve Sakoman --- .../apr-util/0001-Fix-error-handling-in-gdbm.patch | 134 --------------------- meta/recipes-support/apr/apr-util_1.6.1.bb | 98 --------------- meta/recipes-support/apr/apr-util_1.6.3.bb | 96 +++++++++++++++ 3 files changed, 96 insertions(+), 232 deletions(-) delete mode 100644 meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch delete mode 100644 meta/recipes-support/apr/apr-util_1.6.1.bb create mode 100644 meta/recipes-support/apr/apr-util_1.6.3.bb diff --git a/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch b/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch deleted file mode 100644 index 6f27876a7f..0000000000 --- a/meta/recipes-support/apr/apr-util/0001-Fix-error-handling-in-gdbm.patch +++ /dev/null @@ -1,134 +0,0 @@ -From 6b638fa9afbeb54dfa19378e391465a5284ce1ad Mon Sep 17 00:00:00 2001 -From: Changqing Li -Date: Wed, 12 Sep 2018 17:16:36 +0800 -Subject: [PATCH] Fix error handling in gdbm - -Only check for gdbm_errno if the return value of the called gdbm_* -function says so. This fixes apr-util with gdbm 1.14, which does not -seem to always reset gdbm_errno. - -Also make the gdbm driver return error codes starting with -APR_OS_START_USEERR instead of always returning APR_EGENERAL. This is -what the berkleydb driver already does. - -Also ensure that dsize is 0 if dptr == NULL. - -Upstream-Status: Backport [https://svn.apache.org/viewvc?view=revision&revision=1825311] - -Signed-off-by: Changqing Li ---- - dbm/apr_dbm_gdbm.c | 47 +++++++++++++++++++++++++++++------------------ - 1 file changed, 29 insertions(+), 18 deletions(-) - -diff --git a/dbm/apr_dbm_gdbm.c b/dbm/apr_dbm_gdbm.c -index 749447a..1c86327 100644 ---- a/dbm/apr_dbm_gdbm.c -+++ b/dbm/apr_dbm_gdbm.c -@@ -36,13 +36,25 @@ - static apr_status_t g2s(int gerr) - { - if (gerr == -1) { -- /* ### need to fix this */ -- return APR_EGENERAL; -+ if (gdbm_errno == GDBM_NO_ERROR) -+ return APR_SUCCESS; -+ return APR_OS_START_USEERR + gdbm_errno; - } - - return APR_SUCCESS; - } - -+static apr_status_t gdat2s(datum d) -+{ -+ if (d.dptr == NULL) { -+ if (gdbm_errno == GDBM_NO_ERROR || gdbm_errno == GDBM_ITEM_NOT_FOUND) -+ return APR_SUCCESS; -+ return APR_OS_START_USEERR + gdbm_errno; -+ } -+ -+ return APR_SUCCESS; -+} -+ - static apr_status_t datum_cleanup(void *dptr) - { - if (dptr) -@@ -53,22 +65,15 @@ static apr_status_t datum_cleanup(void *dptr) - - static apr_status_t set_error(apr_dbm_t *dbm, apr_status_t dbm_said) - { -- apr_status_t rv = APR_SUCCESS; - -- /* ### ignore whatever the DBM said (dbm_said); ask it explicitly */ -+ dbm->errcode = dbm_said; - -- if ((dbm->errcode = gdbm_errno) == GDBM_NO_ERROR) { -+ if (dbm_said == APR_SUCCESS) - dbm->errmsg = NULL; -- } -- else { -- dbm->errmsg = gdbm_strerror(gdbm_errno); -- rv = APR_EGENERAL; /* ### need something better */ -- } -- -- /* captured it. clear it now. */ -- gdbm_errno = GDBM_NO_ERROR; -+ else -+ dbm->errmsg = gdbm_strerror(dbm_said - APR_OS_START_USEERR); - -- return rv; -+ return dbm_said; - } - - /* -------------------------------------------------------------------------- -@@ -107,7 +112,7 @@ static apr_status_t vt_gdbm_open(apr_dbm_t **pdb, const char *pathname, - NULL); - - if (file == NULL) -- return APR_EGENERAL; /* ### need a better error */ -+ return APR_OS_START_USEERR + gdbm_errno; /* ### need a better error */ - - /* we have an open database... return it */ - *pdb = apr_pcalloc(pool, sizeof(**pdb)); -@@ -141,10 +146,12 @@ static apr_status_t vt_gdbm_fetch(apr_dbm_t *dbm, apr_datum_t key, - if (pvalue->dptr) - apr_pool_cleanup_register(dbm->pool, pvalue->dptr, datum_cleanup, - apr_pool_cleanup_null); -+ else -+ pvalue->dsize = 0; - - /* store the error info into DBM, and return a status code. Also, note - that *pvalue should have been cleared on error. */ -- return set_error(dbm, APR_SUCCESS); -+ return set_error(dbm, gdat2s(rd)); - } - - static apr_status_t vt_gdbm_store(apr_dbm_t *dbm, apr_datum_t key, -@@ -201,9 +208,11 @@ static apr_status_t vt_gdbm_firstkey(apr_dbm_t *dbm, apr_datum_t *pkey) - if (pkey->dptr) - apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup, - apr_pool_cleanup_null); -+ else -+ pkey->dsize = 0; - - /* store any error info into DBM, and return a status code. */ -- return set_error(dbm, APR_SUCCESS); -+ return set_error(dbm, gdat2s(rd)); - } - - static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey) -@@ -221,9 +230,11 @@ static apr_status_t vt_gdbm_nextkey(apr_dbm_t *dbm, apr_datum_t *pkey) - if (pkey->dptr) - apr_pool_cleanup_register(dbm->pool, pkey->dptr, datum_cleanup, - apr_pool_cleanup_null); -+ else -+ pkey->dsize = 0; - - /* store any error info into DBM, and return a status code. */ -- return set_error(dbm, APR_SUCCESS); -+ return set_error(dbm, gdat2s(rd)); - } - - static void vt_gdbm_freedatum(apr_dbm_t *dbm, apr_datum_t data) --- -2.7.4 - diff --git a/meta/recipes-support/apr/apr-util_1.6.1.bb b/meta/recipes-support/apr/apr-util_1.6.1.bb deleted file mode 100644 index b851d46351..0000000000 --- a/meta/recipes-support/apr/apr-util_1.6.1.bb +++ /dev/null @@ -1,98 +0,0 @@ -SUMMARY = "Apache Portable Runtime (APR) companion library" -HOMEPAGE = "http://apr.apache.org/" -SECTION = "libs" -DEPENDS = "apr expat" - -BBCLASSEXTEND = "native nativesdk" - -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=158aa0b1efe0c12f23d4b007ddb9a5db \ - file://include/apu_version.h;endline=15;md5=823b3d1a7225df8f7b68a69c3c2b4c71" - -SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.gz \ - file://configfix.patch \ - file://configure_fixes.patch \ - file://run-ptest \ - file://0001-Fix-error-handling-in-gdbm.patch \ -" - -SRC_URI[md5sum] = "bd502b9a8670a8012c4d90c31a84955f" -SRC_URI[sha256sum] = "b65e40713da57d004123b6319828be7f1273fbc6490e145874ee1177e112c459" - -EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ - --without-odbc \ - --without-pgsql \ - --without-sqlite2 \ - --with-expat=${STAGING_DIR_HOST}${prefix}" - - -inherit autotools lib_package binconfig multilib_script - -MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/apu-1-config" - -OE_BINCONFIG_EXTRA_MANGLE = " -e 's:location=source:location=installed:'" - -do_configure:append() { - if [ "${CLASSOVERRIDE}" = "class-target" ]; then - cp ${STAGING_DATADIR}/apr/apr_rules.mk ${B}/build/rules.mk - sed -i -e 's#^CFLAGS=.*#CFLAGS=${TARGET_CFLAGS}#g' ${B}/build/rules.mk - fi -} -do_configure:prepend:class-native() { - mkdir ${B}/build - cp ${STAGING_DATADIR_NATIVE}/apr/apr_rules.mk ${B}/build/rules.mk -} -do_configure:append:class-native() { - sed -i "s#LIBTOOL=\$(SHELL) \$(apr_builddir)#LIBTOOL=\$(SHELL) ${STAGING_BINDIR_NATIVE}#" ${B}/build/rules.mk - # sometimes there isn't SHELL - sed -i "s#LIBTOOL=\$(apr_builddir)#LIBTOOL=${STAGING_BINDIR_NATIVE}#" ${B}/build/rules.mk -} - -do_configure:prepend:class-nativesdk() { - cp ${STAGING_DATADIR}/apr/apr_rules.mk ${S}/build/rules.mk - sed -i -e 's#^CFLAGS=.*#CFLAGS=${TARGET_CFLAGS}#g' ${S}/build/rules.mk -} - -do_configure:append:class-nativesdk() { - sed -i "s#\(apr_builddir\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk - sed -i "s#\(apr_builders\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk - sed -i "s#\(top_builddir\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk - sed -i "s#\(LIBTOOL=\$(apr_builddir)\).*#\1/libtool#" ${B}/build/rules.mk -} - -do_install:append:class-target() { - sed -i -e 's,${STAGING_DIR_HOST},,g' \ - -e 's,APU_SOURCE_DIR=.*,APR_SOURCE_DIR=,g' \ - -e 's,APU_BUILD_DIR=.*,APR_BUILD_DIR=,g' ${D}${bindir}/apu-1-config -} - -PACKAGECONFIG ??= "crypto gdbm" -PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" -PACKAGECONFIG[crypto] = "--with-openssl=${STAGING_DIR_HOST}${prefix} --with-crypto,--without-crypto,openssl" -PACKAGECONFIG[sqlite3] = "--with-sqlite3=${STAGING_DIR_HOST}${prefix},--without-sqlite3,sqlite3" -PACKAGECONFIG[gdbm] = "--with-dbm=gdbm --with-gdbm=${STAGING_DIR_HOST}${prefix},--without-gdbm,gdbm" - -#files ${libdir}/apr-util-1/*.so are not symlinks but loadable modules thus they are packaged in ${PN} -FILES:${PN} += "${libdir}/apr-util-1/apr*${SOLIBS} ${libdir}/apr-util-1/apr*${SOLIBSDEV}" -FILES:${PN}-dev += "${libdir}/aprutil.exp ${libdir}/apr-util-1/*.la" -FILES:${PN}-staticdev += "${libdir}/apr-util-1/*.a" - -INSANE_SKIP:${PN} += "dev-so" - -inherit ptest - -RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-iso8859-1 glibc-gconv-iso8859-2 glibc-gconv-utf-7" -RDEPENDS:${PN}-ptest += "libgcc" - -do_compile_ptest() { - cd ${B}/test - oe_runmake -} - -do_install_ptest() { - t=${D}${PTEST_PATH}/test - mkdir $t - for i in testall data; do \ - cp -r ${B}/test/$i $t; \ - done -} diff --git a/meta/recipes-support/apr/apr-util_1.6.3.bb b/meta/recipes-support/apr/apr-util_1.6.3.bb new file mode 100644 index 0000000000..7c6fcc699b --- /dev/null +++ b/meta/recipes-support/apr/apr-util_1.6.3.bb @@ -0,0 +1,96 @@ +SUMMARY = "Apache Portable Runtime (APR) companion library" +HOMEPAGE = "http://apr.apache.org/" +SECTION = "libs" +DEPENDS = "apr expat" + +BBCLASSEXTEND = "native nativesdk" + +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://LICENSE;md5=158aa0b1efe0c12f23d4b007ddb9a5db \ + file://include/apu_version.h;endline=15;md5=823b3d1a7225df8f7b68a69c3c2b4c71" + +SRC_URI = "${APACHE_MIRROR}/apr/${BPN}-${PV}.tar.gz \ + file://configfix.patch \ + file://configure_fixes.patch \ + file://run-ptest \ + " + +SRC_URI[sha256sum] = "2b74d8932703826862ca305b094eef2983c27b39d5c9414442e9976a9acf1983" + +EXTRA_OECONF = "--with-apr=${STAGING_BINDIR_CROSS}/apr-1-config \ + --without-odbc \ + --without-pgsql \ + --without-sqlite2 \ + --with-expat=${STAGING_DIR_HOST}${prefix}" + + +inherit autotools lib_package binconfig multilib_script + +MULTILIB_SCRIPTS = "${PN}-dev:${bindir}/apu-1-config" + +OE_BINCONFIG_EXTRA_MANGLE = " -e 's:location=source:location=installed:'" + +do_configure:append() { + if [ "${CLASSOVERRIDE}" = "class-target" ]; then + cp ${STAGING_DATADIR}/apr/apr_rules.mk ${B}/build/rules.mk + sed -i -e 's#^CFLAGS=.*#CFLAGS=${TARGET_CFLAGS}#g' ${B}/build/rules.mk + fi +} +do_configure:prepend:class-native() { + mkdir ${B}/build + cp ${STAGING_DATADIR_NATIVE}/apr/apr_rules.mk ${B}/build/rules.mk +} +do_configure:append:class-native() { + sed -i "s#LIBTOOL=\$(SHELL) \$(apr_builddir)#LIBTOOL=\$(SHELL) ${STAGING_BINDIR_NATIVE}#" ${B}/build/rules.mk + # sometimes there isn't SHELL + sed -i "s#LIBTOOL=\$(apr_builddir)#LIBTOOL=${STAGING_BINDIR_NATIVE}#" ${B}/build/rules.mk +} + +do_configure:prepend:class-nativesdk() { + cp ${STAGING_DATADIR}/apr/apr_rules.mk ${S}/build/rules.mk + sed -i -e 's#^CFLAGS=.*#CFLAGS=${TARGET_CFLAGS}#g' ${S}/build/rules.mk +} + +do_configure:append:class-nativesdk() { + sed -i "s#\(apr_builddir\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk + sed -i "s#\(apr_builders\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk + sed -i "s#\(top_builddir\)=.*#\1=${STAGING_DATADIR}/build-1#" ${B}/build/rules.mk + sed -i "s#\(LIBTOOL=\$(apr_builddir)\).*#\1/libtool#" ${B}/build/rules.mk +} + +do_install:append:class-target() { + sed -i -e 's,${STAGING_DIR_HOST},,g' \ + -e 's,APU_SOURCE_DIR=.*,APR_SOURCE_DIR=,g' \ + -e 's,APU_BUILD_DIR=.*,APR_BUILD_DIR=,g' ${D}${bindir}/apu-1-config +} + +PACKAGECONFIG ??= "crypto gdbm" +PACKAGECONFIG[ldap] = "--with-ldap,--without-ldap,openldap" +PACKAGECONFIG[crypto] = "--with-openssl=${STAGING_DIR_HOST}${prefix} --with-crypto,--without-crypto,openssl" +PACKAGECONFIG[sqlite3] = "--with-sqlite3=${STAGING_DIR_HOST}${prefix},--without-sqlite3,sqlite3" +PACKAGECONFIG[gdbm] = "--with-dbm=gdbm --with-gdbm=${STAGING_DIR_HOST}${prefix},--without-gdbm,gdbm" + +#files ${libdir}/apr-util-1/*.so are not symlinks but loadable modules thus they are packaged in ${PN} +FILES:${PN} += "${libdir}/apr-util-1/apr*${SOLIBS} ${libdir}/apr-util-1/apr*${SOLIBSDEV}" +FILES:${PN}-dev += "${libdir}/aprutil.exp ${libdir}/apr-util-1/*.la" +FILES:${PN}-staticdev += "${libdir}/apr-util-1/*.a" + +INSANE_SKIP:${PN} += "dev-so" + +inherit ptest + +RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-gconv-iso8859-1 glibc-gconv-iso8859-2 glibc-gconv-utf-7" +RDEPENDS:${PN}-ptest += "libgcc" + +do_compile_ptest() { + cd ${B}/test + oe_runmake +} + +do_install_ptest() { + t=${D}${PTEST_PATH}/test + mkdir $t + for i in testall data; do \ + cp -r ${B}/test/$i $t; \ + done +} -- cgit 1.2.3-korg