Since version 8.0, there is a dependency on libstdc++, and gdb does not build against uClibc++. Disable building of the libstdc++-v3, instead of adding a hard dependency on libstdcpp. Adding a ~350KB dependency to gdbserver will make it hard for people to use it on 4MB flash devices.
Fixes CVE-2017-9778. Signed-off-by: Stijn Tintel <st...@linux-ipv6.be> --- This patch is also in my staging tree: https://git.lede-project.org/f3d16da8 package/devel/gdb/Makefile | 7 ++++--- package/devel/gdb/patches/110-shared_libgcc.patch | 12 ++++++------ package/devel/gdb/patches/120-sigprocmask-invalid-call.patch | 5 ----- 3 files changed, 10 insertions(+), 14 deletions(-) diff --git a/package/devel/gdb/Makefile b/package/devel/gdb/Makefile index 23039910ce..5342211715 100644 --- a/package/devel/gdb/Makefile +++ b/package/devel/gdb/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=gdb -PKG_VERSION:=7.12.1 -PKG_RELEASE:=3 +PKG_VERSION:=8.0.1 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNU/gdb -PKG_HASH:=4607680b973d3ec92c30ad029f1b7dbde3876869e6b3a117d8a7e90081113186 +PKG_HASH:=3dbd5f93e36ba2815ad0efab030dcd0c7b211d7b353a40a53f4c02d7d56295e3 PKG_BUILD_PARALLEL:=1 PKG_INSTALL:=1 @@ -55,6 +55,7 @@ CONFIGURE_ARGS+= \ --with-system-readline \ --without-expat \ --without-lzma \ + --disable-libstdcxx \ --disable-sim \ --disable-werror diff --git a/package/devel/gdb/patches/110-shared_libgcc.patch b/package/devel/gdb/patches/110-shared_libgcc.patch index e44616f4a2..929a5ae977 100644 --- a/package/devel/gdb/patches/110-shared_libgcc.patch +++ b/package/devel/gdb/patches/110-shared_libgcc.patch @@ -1,6 +1,6 @@ --- a/configure.ac +++ b/configure.ac -@@ -1406,13 +1406,13 @@ if test -z "$LD"; then +@@ -1300,13 +1300,13 @@ if test -z "$LD"; then fi fi @@ -17,7 +17,7 @@ AC_LANG_PUSH(C++) AC_LINK_IFELSE([ #if (__GNUC__ < 4) || (__GNUC__ == 4 && __GNUC_MINOR__ < 5) -@@ -1740,7 +1740,7 @@ AC_ARG_WITH(stage1-ldflags, +@@ -1632,7 +1632,7 @@ AC_ARG_WITH(stage1-ldflags, # if supported. But if the user explicitly specified the libraries to use, # trust that they are doing what they want. if test "$stage1_libs" = "" -a "$have_static_libs" = yes; then @@ -26,7 +26,7 @@ fi]) AC_SUBST(stage1_ldflags) -@@ -1769,7 +1769,7 @@ AC_ARG_WITH(boot-ldflags, +@@ -1661,7 +1661,7 @@ AC_ARG_WITH(boot-ldflags, # statically. But if the user explicitly specified the libraries to # use, trust that they are doing what they want. if test "$poststage1_libs" = ""; then @@ -37,7 +37,7 @@ --- a/configure +++ b/configure -@@ -5109,14 +5109,14 @@ if test -z "$LD"; then +@@ -5005,14 +5005,14 @@ if test -z "$LD"; then fi fi @@ -56,7 +56,7 @@ ac_ext=cpp ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -@@ -5902,7 +5902,7 @@ else +@@ -5795,7 +5795,7 @@ else # if supported. But if the user explicitly specified the libraries to use, # trust that they are doing what they want. if test "$stage1_libs" = "" -a "$have_static_libs" = yes; then @@ -65,7 +65,7 @@ fi fi -@@ -5938,7 +5938,7 @@ else +@@ -5831,7 +5831,7 @@ else # statically. But if the user explicitly specified the libraries to # use, trust that they are doing what they want. if test "$poststage1_libs" = ""; then diff --git a/package/devel/gdb/patches/120-sigprocmask-invalid-call.patch b/package/devel/gdb/patches/120-sigprocmask-invalid-call.patch index 7090db170a..8afa8ccf81 100644 --- a/package/devel/gdb/patches/120-sigprocmask-invalid-call.patch +++ b/package/devel/gdb/patches/120-sigprocmask-invalid-call.patch @@ -25,8 +25,6 @@ gdb/ChangeLog: gdb/common/signals-state-save-restore.c | 2 +- 2 files changed, 6 insertions(+), 1 deletion(-) -diff --git a/gdb/common/signals-state-save-restore.c b/gdb/common/signals-state-save-restore.c -index d11a9ae..734335c 100644 --- a/gdb/common/signals-state-save-restore.c +++ b/gdb/common/signals-state-save-restore.c @@ -41,7 +41,7 @@ save_original_signals_state (void) @@ -38,6 +36,3 @@ index d11a9ae..734335c 100644 if (res == -1) perror_with_name (("sigprocmask")); --- -2.6.4 - -- 2.13.5 _______________________________________________ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev