[OE-core] [master][kirkstone][PATCH 5/5] selftest/cve_check: update to new cve-check bb var

[Davide Gardenal]

After cve-check.bbclass refactor some variables changed,
this commit updates them to get the test working properly.

Signed-off-by: Davide Gardenal 
---
 meta/lib/oeqa/selftest/cases/cve_check.py | 34 ++-
 1 file changed, 21 insertions(+), 13 deletions(-)

diff --git a/meta/lib/oeqa/selftest/cases/cve_check.py 
b/meta/lib/oeqa/selftest/cases/cve_check.py
index d0b2213703..a06bda019f 100644
--- a/meta/lib/oeqa/selftest/cases/cve_check.py
+++ b/meta/lib/oeqa/selftest/cases/cve_check.py
@@ -52,12 +52,14 @@ class CVECheck(OESelftestTestCase):
 config = """
 INHERIT += "cve-check"
 CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_CREATE_BUILD_REPORT = "1"
+CVE_CHECK_CREATE_RECIPE_REPORTS = "1"
 """
 self.write_config(config)
 
-vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", 
"CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
-summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], 
vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
-recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], 
"m4-native_cve.json")
+vars = get_bb_vars(["CVE_CHECK_OUTPUT_DIR", 
"CVE_CHECK_BUILD_REPORT_FILE_NAME_BASE"])
+summary_json = os.path.join(vars["CVE_CHECK_OUTPUT_DIR"], 
str(vars["CVE_CHECK_BUILD_REPORT_FILE_NAME_BASE"]) + ".json")
+recipe_json = os.path.join(vars["CVE_CHECK_OUTPUT_DIR"], 
"recipes_reports/json/m4-native.json")
 
 try:
 os.remove(summary_json)
@@ -88,11 +90,13 @@ CVE_CHECK_FORMAT_JSON = "1"
 config = """
 INHERIT += "cve-check"
 CVE_CHECK_FORMAT_JSON = "1"
+CVE_CHECK_CREATE_IMAGE_REPORT = "1"
+CVE_CHECK_IMAGE_REPORT_FILE_NAME_BASE = 
"cve-report_core-image-minimal-initramfs-qemux86-64"
 """
 self.write_config(config)
 
-vars = get_bb_vars(["CVE_CHECK_DIR", "CVE_CHECK_SUMMARY_DIR", 
"CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
-report_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], 
vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
+vars = get_bb_vars(["DEPLOY_DIR_IMAGE", 
"CVE_CHECK_IMAGE_REPORT_FILE_NAME_BASE", "CVE_CHECK_OUTPUT_DIR"])
+report_json = os.path.join(vars["DEPLOY_DIR_IMAGE"], 
str(vars["CVE_CHECK_IMAGE_REPORT_FILE_NAME_BASE"]) + ".json")
 print(report_json)
 try:
 os.remove(report_json)
@@ -108,9 +112,9 @@ CVE_CHECK_FORMAT_JSON = "1"
 self.assertEqual(report["version"], "1")
 self.assertGreater(len(report["package"]), 1)
 
-# Check that a random recipe wrote a recipe report to deploy/cve/
+# Check that a random recipe wrote a recipe report to 
log/cve/recipes-reports/json
 recipename = report["package"][0]["name"]
-recipe_report = os.path.join(vars["CVE_CHECK_DIR"], recipename + 
"_cve.json")
+recipe_report = os.path.join(str(vars["CVE_CHECK_OUTPUT_DIR"]), 
"recipes_reports/json/" + recipename + ".json")
 self.assertExists(recipe_report)
 with open(recipe_report) as f:
 report = json.load(f)
@@ -124,12 +128,14 @@ CVE_CHECK_FORMAT_JSON = "1"
 INHERIT += "cve-check"
 CVE_CHECK_FORMAT_JSON = "1"
 CVE_CHECK_REPORT_PATCHED = "0"
+CVE_CHECK_CREATE_BUILD_REPORT = "1"
+CVE_CHECK_CREATE_RECIPE_REPORTS = "1"
 """
 self.write_config(config)
 
-vars = get_bb_vars(["CVE_CHECK_SUMMARY_DIR", 
"CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
-summary_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], 
vars["CVE_CHECK_SUMMARY_FILE_NAME_JSON"])
-recipe_json = os.path.join(vars["CVE_CHECK_SUMMARY_DIR"], 
"m4-native_cve.json")
+vars = get_bb_vars(["CVE_CHECK_OUTPUT_DIR", 
"CVE_CHECK_BUILD_REPORT_FILE_NAME_BASE"])
+summary_json = os.path.join(vars["CVE_CHECK_OUTPUT_DIR"], 
str(vars["CVE_CHECK_BUILD_REPORT_FILE_NAME_BASE"]) + ".json")
+recipe_json = os.path.join(vars["CVE_CHECK_OUTPUT_DIR"], 
"recipes_reports/json/m4-native.json")
 
 try:
 os.remove(summary_json)
@@ -160,12 +166,14 @@ CVE_CHECK_REPORT_PATCHED = "0"
 INHERIT += "cve-check"
 CVE_CHECK_FORMAT_JSON = "1"
 CVE_CHECK_REPORT_PATCHED = "1"
+CVE_CHECK_CREATE_BUILD_REPORT = "1"
+CVE_CHECK_CREATE_RECIPE_REPORTS = "1"
 """
 self.write_config(config)
 
-vars = get_bb_vars(["CVE_CHECK_SUMM

[OE-core] [master][kirkstone][PATCH 4/5] cve-check: major class refactor

[Davide Gardenal]

The rationale behind refactoring the class is to make testing 
and maintainability easier.

This commit includes:
- bb var refactor for better readability
- function and program flow refactor for better scalability
  and extensibility
- better documentation for all the functions
- minor bug fixes when using specific configurations

Deleted bb vars:
- CVE_CHECK_LOG
- CVE_CHECK_TMP_FILE
- CVE_CHECK_SUMMARY_DIR
- CVE_CHECK_SUMMARY_FILE_NAME
- CVE_CHECK_SUMMARY_FILE
- CVE_CHECK_SUMMARY_FILE_NAME_JSON
- CVE_CHECK_SUMMARY_INDEX_PATH
- CVE_CHECK_LOG_JSON
- CVE_CHECK_RECIPE_FILE
- CVE_CHECK_RECIPE_FILE_JSON
- CVE_CHECK_MANIFEST
- CVE_CHECK_MANIFEST_JSON
- CVE_CHECK_CREATE_MANIFEST

Renamed bb vars:
- CVE_CHECK_DIR -> CVE_CHECK_OUTPUT_DIR
- CVE_CHECK_COPY_FILES -> CVE_CHECK_CREATE_RECIPE_REPORTS

Added bb vars:
- CVE_CHECK_CREATE_BUILD_REPORT: flag to control if cve-check
  creates a build report or not
- CVE_CHECK_CREATE_IMAGE_REPORT: flag to control if cve-check
  creates an image report or not
- CVE_CHECK_TXT_INDEX_FILE: path of the temporary index file
  for the txt output format. Deleted after the build is
  completed
- CVE_CHECK_TXT_INDEX_DIR: folder path where all the temp
  recipes reports with txt format are store. Deleted after
  the build is completed
- CVE_CHECK_JSON_INDEX_FILE: same as CVE_CHECK_TXT_INDEX_FILE
  but for the json format
- CVE_CHECK_JSON_INDEX_DIR: same as CVE_CHECK_TXT_INDEX_DIR
  but for the json format
- CVE_CHECK_IMAGE_REPORT_FILE_NAME_BASE: name without extension
  of the report for the image
- CVE_CHECK_BUILD_REPORT_FILE_NAME_BASE: name without extension
  of the report for the entire build
- CVE_CHECK_RECIPE_FILE_NAME_BASE: name without extension of
  the report for every recipe

Default output structure (with txt and json format enabled):
tmp
|-log
   |-cve
  |-build_reports
  |  |-txt
  |  |  |- build report files with txt format
  |  |-json
  | |- build report files with json format
  |-image_reports
  |  |-txt
  |  |  |- image report files with txt format
  |  |-json
  | |- image report file with json format
  |-recipe_reports
  |  |-txt
  | |- recipe report files with txt format
  |  |-json
  | |- recipe report files with json format
  |-cve-report.json -> link pointing to the latest json build report
  |-cve-report.txt  -> link pointing to the latest txt build report

Note that a link to the latest image report is present in the
image deploy folder.

Signed-off-by: Davide Gardenal 
---
 meta/classes/cve-check.bbclass | 642 +
 1 file changed, 390 insertions(+), 252 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 50b9247f46..5ee53d4c77 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -19,44 +19,26 @@
 # This class/tool is meant to be used as support and not
 # the only method to check against CVEs. Running this tool
 # doesn't guarantee your packages are free of CVEs.
-
+#
+# Variables below are named using the following convention:
+# CVE_CHECK_ -> class prefix (always to use)
+# _DIR -> complete directory path
+# _FILE -> complete file path (including extension)
+# _FILE_NAME -> file name with extension
+# _FILE_NAME_BASE -> file name without extension (used when multiple 
extensions could be used)
+# For example: CVE_CHECK_IMAGE_REPORT_FILE_NAME_BASE has "_FILE_NAME_BASE" so 
that's just the file name,
+# without the extension, of the report file. And has "CVE_CHECK_" to indicate 
that this variable is
+# from the cve-check class
+
+
+# CHECK OPTIONS
 # The product name that the CVE database uses defaults to BPN, but may need to
-# be overriden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
+# be overridden per recipe (for example tiff.bb sets CVE_PRODUCT=libtiff).
 CVE_PRODUCT ??= "${BPN}"
 CVE_VERSION ??= "${PV}"
 
-CVE_CHECK_DB_DIR ?= "${DL_DIR}/CVE_CHECK"
-CVE_CHECK_DB_FILE ?= "${CVE_CHECK_DB_DIR}/nvdcve_1.1.db"
-CVE_CHECK_DB_FILE_LOCK ?= "${CVE_CHECK_DB_FILE}.lock"
-
-CVE_CHECK_LOG ?= "${T}/cve.log"
-CVE_CHECK_TMP_FILE ?= "${TMPDIR}/cve_check"
-CVE_CHECK_SUMMARY_DIR ?= "${LOG_DIR}/cve"
-CVE_CHECK_SUMMARY_FILE_NAME ?= "cve-summary"
-CVE_CHECK_SUMMARY_FILE ?= 
"${CVE_CHECK_SUMMARY_DIR}/${CVE_CHECK_SUMMARY_FILE_NAME}"
-CVE_CHECK_SUMMARY_FILE_NAME_JSON = "cve-summary.json"
-CVE_CHECK_SUMMARY_INDEX_PATH = "${CVE_CHECK_SUMMARY_DIR}/cve-summary-index.txt"
-
-CVE_CHECK_LOG_JSON ?= "${T}/cve.json"
-
-CVE_CHECK_DIR ??= "${DEPLOY_DIR}/cve"
-CVE_CHECK_RECIPE_FILE ?= "${CVE_CHECK_DIR}/${PN}"
-CVE_CHECK_REC

[OE-core] [master][kirkstone][PATCH 3/5] lib/oe/utils: create get_current_recipe_layer function

[Davide Gardenal]

get_current_recipe_layer returns the recipe layer given its
file path.

Signed-off-by: Davide Gardenal 
---
 meta/lib/oe/utils.py | 8 
 1 file changed, 8 insertions(+)

diff --git a/meta/lib/oe/utils.py b/meta/lib/oe/utils.py
index 46fc76c261..4e17b1b40e 100644
--- a/meta/lib/oe/utils.py
+++ b/meta/lib/oe/utils.py
@@ -584,3 +584,11 @@ def directory_size(root, blocksize=4096):
 total += sum(roundup(getsize(os.path.join(root, name))) for name in 
files)
 total += roundup(getsize(root))
 return total
+
+def get_current_recipe_layer(d):
+"""
+Extract the recipe layer from it's path.
+Returns the layer name.
+"""
+fdir_name  = d.getVar("FILE_DIRNAME")
+return fdir_name.split("/")[-3]
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#167341): 
https://lists.openembedded.org/g/openembedded-core/message/167341
Mute This Topic: https://lists.openembedded.org/mt/92043904/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH 2/5] lib/oe/rootfs: create image_list_installed_packages_pn function

[Davide Gardenal]

image_list_installed_packages_pn has been taken from cve-check.bbclass
to make it available for other classes.

Signed-off-by: Davide Gardenal 
---
 meta/lib/oe/rootfs.py | 9 +
 1 file changed, 9 insertions(+)

diff --git a/meta/lib/oe/rootfs.py b/meta/lib/oe/rootfs.py
index 9e6b411fb6..54a356102f 100644
--- a/meta/lib/oe/rootfs.py
+++ b/meta/lib/oe/rootfs.py
@@ -393,6 +393,15 @@ def image_list_installed_packages(d, rootfs_dir=None):
 cls = importlib.import_module('oe.package_manager.' + img_type)
 return cls.PMPkgsList(d, rootfs_dir).list_pkgs()
 
+def image_list_installed_packages_pn(d):
+recipies = set()
+for pkg in list(image_list_installed_packages(d)):
+pkg_info = os.path.join(d.getVar('PKGDATA_DIR'),
+'runtime-reverse', pkg)
+pkg_data = oe.packagedata.read_pkgdatafile(pkg_info)
+recipies.add(pkg_data["PN"])
+return recipies
+
 if __name__ == "__main__":
 """
 We should be able to run this as a standalone script, from outside bitbake
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#167340): 
https://lists.openembedded.org/g/openembedded-core/message/167340
Mute This Topic: https://lists.openembedded.org/mt/92043903/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH 1/5] lib/oe/cve_check: refactor update_symlinks with safer version

[Davide Gardenal]

Now update_symlinks has more checks to prevent unwanted exception.
It returns False if the link is not created/updated, True otherwise.

Signed-off-by: Davide Gardenal 
---
 meta/lib/oe/cve_check.py | 18 ++
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py
index aa06497727..688693520e 100644
--- a/meta/lib/oe/cve_check.py
+++ b/meta/lib/oe/cve_check.py
@@ -169,7 +169,17 @@ def update_symlinks(target_path, link_path):
 Update a symbolic link link_path to point to target_path.
 Remove the link and recreate it if exist and is different.
 """
-if link_path != target_path and os.path.exists(target_path):
-if os.path.exists(os.path.realpath(link_path)):
-os.remove(link_path)
-os.symlink(os.path.basename(target_path), link_path)
+import os
+
+if target_path == link_path or \
+target_path is None or \
+link_path is None or \
+not os.path.exists(target_path):
+
+return False
+
+if os.path.lexists(link_path):
+os.remove(link_path)
+
+os.symlink(target_path, link_path)
+return True
-- 
2.34.1


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#167339): 
https://lists.openembedded.org/g/openembedded-core/message/167339
Mute This Topic: https://lists.openembedded.org/mt/92043888/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH][RESEND] efivar: add musl libc compatibility

[Davide Gardenal]

Backport patch to get efivar working with musl.

Upstream issue:
https://github.com/rhboot/efivar/issues/202

After commit meta-oe/1582f81805ee3114bc1a44bd5cf52d21f96702ca
fwupd gives an error when trying to build with musl because
efivar is not compatible. This fixes the issue.

Signed-off-by: Davide Gardenal 
---
 .../efisecdb-fix-build-with-musl-libc.patch   | 184 ++
 meta/recipes-bsp/efivar/efivar_38.bb  |   3 +-
 2 files changed, 185 insertions(+), 2 deletions(-)
 create mode 100644 
meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch

diff --git 
a/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch 
b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
new file mode 100644
index 00..ec5b285a06
--- /dev/null
+++ b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
@@ -0,0 +1,184 @@
+From cece3ffd5be2f8641eb694513f2b73e5eb97ffd3 Mon Sep 17 00:00:00 2001
+From: Natanael Copa 
+Date: Fri, 28 Jan 2022 12:13:30 +0100
+Subject: [PATCH] efisecdb: fix build with musl libc
+
+Refactor code to use POSIX atexit(3) instead of the GNU specific
+on_exit(3).
+
+Resolves: #197
+Resolves: #202
+Signed-off-by: Natanael Copa 
+
+Upstream-Status: Backport
+https://github.com/rhboot/efivar/commit/cece3ffd5be2f8641eb694513f2b73e5eb97ffd3
+
+Signed-off-by: Davide Gardenal 
+---
+ src/compiler.h |  2 --
+ src/efisecdb.c | 68 +++---
+ 2 files changed, 26 insertions(+), 44 deletions(-)
+
+diff --git a/src/compiler.h b/src/compiler.h
+index e2f18f0b..d95fb014 100644
+--- a/src/compiler.h
 b/src/compiler.h
+@@ -7,8 +7,6 @@
+ #ifndef COMPILER_H_
+ #define COMPILER_H_
+ 
+-#include 
+-
+ /* GCC version checking borrowed from glibc. */
+ #if defined(__GNUC__) && defined(__GNUC_MINOR__)
+ #  define GNUC_PREREQ(maj,min) \
+diff --git a/src/efisecdb.c b/src/efisecdb.c
+index f8823737..6bd5ad90 100644
+--- a/src/efisecdb.c
 b/src/efisecdb.c
+@@ -25,6 +25,10 @@
+ extern char *optarg;
+ extern int optind, opterr, optopt;
+ 
++static efi_secdb_t *secdb = NULL;
++static list_t infiles;
++static list_t actions;
++
+ struct hash_param {
+   char *name;
+   efi_secdb_type_t algorithm;
+@@ -187,12 +191,11 @@ add_action(list_t *list, action_type_t action_type, 
const efi_guid_t *owner,
+ }
+ 
+ static void
+-free_actions(int status UNUSED, void *actionsp)
++free_actions(void)
+ {
+-  list_t *actions = (list_t *)actionsp;
+   list_t *pos, *tmp;
+ 
+-  for_each_action_safe(pos, tmp, actions) {
++  for_each_action_safe(pos, tmp, ) {
+   action_t *action = list_entry(pos, action_t, list);
+ 
+   list_del(>list);
+@@ -202,12 +205,11 @@ free_actions(int status UNUSED, void *actionsp)
+ }
+ 
+ static void
+-free_infiles(int status UNUSED, void *infilesp)
++free_infiles(void)
+ {
+-  list_t *infiles = (list_t *)infilesp;
+   list_t *pos, *tmp;
+ 
+-  for_each_ptr_safe(pos, tmp, infiles) {
++  for_each_ptr_safe(pos, tmp, ) {
+   ptrlist_t *entry = list_entry(pos, ptrlist_t, list);
+ 
+   list_del(>list);
+@@ -216,27 +218,12 @@ free_infiles(int status UNUSED, void *infilesp)
+ }
+ 
+ static void
+-maybe_free_secdb(int status UNUSED, void *voidp)
++maybe_free_secdb(void)
+ {
+-  efi_secdb_t **secdbp = (efi_secdb_t **)voidp;
+-
+-  if (secdbp == NULL || *secdbp == NULL)
++  if (secdb == NULL)
+   return;
+ 
+-  efi_secdb_free(*secdbp);
+-}
+-
+-static void
+-maybe_do_unlink(int status, void *filep)
+-{
+-  char **file = (char **)filep;
+-
+-  if (status == 0)
+-  return;
+-  if (file == NULL || *file == NULL)
+-  return;
+-
+-  unlink(*file);
++  efi_secdb_free(secdb);
+ }
+ 
+ static void
+@@ -323,15 +310,6 @@ parse_input_files(list_t *infiles, char **outfile, 
efi_secdb_t **secdb,
+   return status;
+ }
+ 
+-/*
+- * These need to be static globals so that they're not on main's stack when
+- * on_exit() fires.
+- */
+-static efi_secdb_t *secdb = NULL;
+-static list_t infiles;
+-static list_t actions;
+-static char *outfile = NULL;
+-
+ int
+ main(int argc, char *argv[])
+ {
+@@ -351,6 +329,7 @@ main(int argc, char *argv[])
+   bool do_sort_data = false;
+   bool sort_descending = false;
+   int status = 0;
++  char *outfile = NULL;
+ 
+   const char sopts[] = ":aAc:dfg:h:i:Lo:rs:t:v?";
+   const struct option lopts[] = {
+@@ -376,10 +355,9 @@ main(int argc, char *argv[])
+   INIT_LIST_HEAD();
+   INIT_LIST_HEAD();
+ 
+-  on_exit(free_actions, );
+-  on_exit(free_infiles, );
+-  on_exit(maybe_free_secdb, );
+-  on_exit(maybe_do_unlink, );
++  atexit(free_actions);
++  atexit(free_infiles);
++  atexit(maybe_free_secdb);
+ 
+   /*
+* parse the command line.
+@@ -587,24 +565,30 @@ main(int argc, char *argv[])
+   outfd = o

Re: [OE-core] [master][kirkstone][PATCH] efivar: add musl libc compatibility

[Davide Gardenal]

Greetings,

I’m here to flag that this patch has not yet landed to kirkstone-nut, is there 
any reason why?

Davide

> Il giorno 24 mag 2022, alle ore 10:04, Davide Gardenal 
>  ha scritto:
>
> Backport patch to get efivar working with musl.
>
> Upstream issue:
> https://github.com/rhboot/efivar/issues/202
>
> After commit meta-oe/1582f81805ee3114bc1a44bd5cf52d21f96702ca
> fwupd gives an error when trying to build with musl because
> efivar is not compatible. This fixes the issue.
>
> Signed-off-by: Davide Gardenal 
> ---
> .../efisecdb-fix-build-with-musl-libc.patch   | 184 ++
> meta/recipes-bsp/efivar/efivar_38.bb  |   3 +-
> 2 files changed, 185 insertions(+), 2 deletions(-)
> create mode 100644 
> meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
>
> diff --git 
> a/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch 
> b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
> new file mode 100644
> index 00..ec5b285a06
> --- /dev/null
> +++ b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
> @@ -0,0 +1,184 @@
> +From cece3ffd5be2f8641eb694513f2b73e5eb97ffd3 Mon Sep 17 00:00:00 2001
> +From: Natanael Copa 
> +Date: Fri, 28 Jan 2022 12:13:30 +0100
> +Subject: [PATCH] efisecdb: fix build with musl libc
> +
> +Refactor code to use POSIX atexit(3) instead of the GNU specific
> +on_exit(3).
> +
> +Resolves: #197
> +Resolves: #202
> +Signed-off-by: Natanael Copa 
> +
> +Upstream-Status: Backport
> +https://github.com/rhboot/efivar/commit/cece3ffd5be2f8641eb694513f2b73e5eb97ffd3
> +
> +Signed-off-by: Davide Gardenal 
> +---
> + src/compiler.h |  2 --
> + src/efisecdb.c | 68 +++---
> + 2 files changed, 26 insertions(+), 44 deletions(-)
> +
> +diff --git a/src/compiler.h b/src/compiler.h
> +index e2f18f0b..d95fb014 100644
> +--- a/src/compiler.h
>  b/src/compiler.h
> +@@ -7,8 +7,6 @@
> + #ifndef COMPILER_H_
> + #define COMPILER_H_
> +
> +-#include 
> +-
> + /* GCC version checking borrowed from glibc. */
> + #if defined(__GNUC__) && defined(__GNUC_MINOR__)
> + #  define GNUC_PREREQ(maj,min) \
> +diff --git a/src/efisecdb.c b/src/efisecdb.c
> +index f8823737..6bd5ad90 100644
> +--- a/src/efisecdb.c
>  b/src/efisecdb.c
> +@@ -25,6 +25,10 @@
> + extern char *optarg;
> + extern int optind, opterr, optopt;
> +
> ++static efi_secdb_t *secdb = NULL;
> ++static list_t infiles;
> ++static list_t actions;
> ++
> + struct hash_param {
> + char *name;
> + efi_secdb_type_t algorithm;
> +@@ -187,12 +191,11 @@ add_action(list_t *list, action_type_t action_type, 
> const efi_guid_t *owner,
> + }
> +
> + static void
> +-free_actions(int status UNUSED, void *actionsp)
> ++free_actions(void)
> + {
> +-list_t *actions = (list_t *)actionsp;
> + list_t *pos, *tmp;
> +
> +-for_each_action_safe(pos, tmp, actions) {
> ++for_each_action_safe(pos, tmp, ) {
> + action_t *action = list_entry(pos, action_t, list);
> +
> + list_del(>list);
> +@@ -202,12 +205,11 @@ free_actions(int status UNUSED, void *actionsp)
> + }
> +
> + static void
> +-free_infiles(int status UNUSED, void *infilesp)
> ++free_infiles(void)
> + {
> +-list_t *infiles = (list_t *)infilesp;
> + list_t *pos, *tmp;
> +
> +-for_each_ptr_safe(pos, tmp, infiles) {
> ++for_each_ptr_safe(pos, tmp, ) {
> + ptrlist_t *entry = list_entry(pos, ptrlist_t, list);
> +
> + list_del(>list);
> +@@ -216,27 +218,12 @@ free_infiles(int status UNUSED, void *infilesp)
> + }
> +
> + static void
> +-maybe_free_secdb(int status UNUSED, void *voidp)
> ++maybe_free_secdb(void)
> + {
> +-efi_secdb_t **secdbp = (efi_secdb_t **)voidp;
> +-
> +-if (secdbp == NULL || *secdbp == NULL)
> ++if (secdb == NULL)
> + return;
> +
> +-efi_secdb_free(*secdbp);
> +-}
> +-
> +-static void
> +-maybe_do_unlink(int status, void *filep)
> +-{
> +-char **file = (char **)filep;
> +-
> +-if (status == 0)
> +-return;
> +-if (file == NULL || *file == NULL)
> +-return;
> +-
> +-unlink(*file);
> ++efi_secdb_free(secdb);
> + }
> +
> + static void
> +@@ -323,15 +310,6 @@ parse_input_files(list_t *infiles, char **outfile, 
> efi_secdb_t **secdb,
> + return status;
> + }
> +
> +-/*
> +- * These need to be static globals so that they're not on main's stack when
> +- * on_exit() fires.
> +- */
> +-static efi_secdb_t *secdb = NULL;
> +

[OE-core] [master][kirkstone][PATCH] baremetal-image: fix broken symlink in do_rootfs

[Davide Gardenal]

If IMAGE_LINK_NAME and IMAGE_MANIFEST are equal
don't create a link otherwise it will create it
to itself.

Signed-off-by: Davide Gardenal 
---
 meta/classes/baremetal-image.bbclass | 7 ---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/meta/classes/baremetal-image.bbclass 
b/meta/classes/baremetal-image.bbclass
index 81f5e5e93d..cb9e250350 100644
--- a/meta/classes/baremetal-image.bbclass
+++ b/meta/classes/baremetal-image.bbclass
@@ -47,9 +47,10 @@ python do_rootfs(){
 Path(manifest_name).touch()
 if os.path.exists(manifest_name) and link_name:
 manifest_link = deploy_dir + "/" + link_name + ".manifest"
-if os.path.lexists(manifest_link):
-os.remove(manifest_link)
-os.symlink(os.path.basename(manifest_name), manifest_link)
+if manifest_link != manifest_name:
+if os.path.lexists(manifest_link):
+os.remove(manifest_link)
+os.symlink(os.path.basename(manifest_name), manifest_link)
 # A lot of postprocess commands assume the existence of rootfs/etc
 sysconfdir = d.getVar("IMAGE_ROOTFS") + d.getVar('sysconfdir')
 bb.utils.mkdirhier(sysconfdir)
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166592): 
https://lists.openembedded.org/g/openembedded-core/message/166592
Mute This Topic: https://lists.openembedded.org/mt/91574239/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH 2/4] qemu: fix CVE-2021-3750

[Davide Gardenal]

Could you send this one for kirkstone too?
You just need to change qemu.inc diff in theory.

Thanks,
Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166361): 
https://lists.openembedded.org/g/openembedded-core/message/166361
Mute This Topic: https://lists.openembedded.org/mt/91468556/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [master][kirkstone][PATCH] ncurses: update to patchlevel 20220423

[Davide Gardenal]

Are you sure that this is a development snapshot?
I took this branch 
https://salsa.debian.org/debian/ncurses/-/tree/upstream/6.3+20220423
Sorry I'm not that familiar with ncurses version naming scheme.

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166359): 
https://lists.openembedded.org/g/openembedded-core/message/166359
Mute This Topic: https://lists.openembedded.org/mt/91451965/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] ncurses: update to patchlevel 20220423

[Davide Gardenal]

CVE: CVE-2022-29458

Signed-off-by: Davide Gardenal 
---
 meta/recipes-core/ncurses/ncurses.inc | 2 +-
 .../ncurses/{ncurses_6.3.bb => ncurses_6.3+20220423.bb}   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-core/ncurses/{ncurses_6.3.bb => ncurses_6.3+20220423.bb} 
(77%)

diff --git a/meta/recipes-core/ncurses/ncurses.inc 
b/meta/recipes-core/ncurses/ncurses.inc
index 7a7c7dd227..1abcfae1fe 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -2,7 +2,7 @@ SUMMARY = "The New Curses library"
 DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo 
tools including tic, infocmp, captoinfo. Supports color, multiple highlights, 
forms-drawing characters, and automatic recognition of keypad and function-key 
sequences. Extensions include resizable windows and mouse support on both xterm 
and Linux console using the gpm library."
 HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html;
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = 
"file://COPYING;md5=9529289636145d1bf093c96af067695a;endline=27"
+LIC_FILES_CHKSUM = 
"file://COPYING;md5=c5a4600fdef86384c41ca33ecc70a4b8;endline=27"
 SECTION = "libs"
 DEPENDS = "ncurses-native"
 DEPENDS:class-native = ""
diff --git a/meta/recipes-core/ncurses/ncurses_6.3.bb 
b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
similarity index 77%
rename from meta/recipes-core/ncurses/ncurses_6.3.bb
rename to meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
index f0256dad22..f67a3f5bf4 100644
--- a/meta/recipes-core/ncurses/ncurses_6.3.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.3+20220423.bb
@@ -5,10 +5,10 @@ SRC_URI += "file://0001-tic-hang.patch \

file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \
"
 # commit id corresponds to the revision in package version
-SRCREV = "51d0fd9cc3edb975f04224f29f777f8f448e8ced"
+SRCREV = "a0bc708bc6954b5d3c0a38d92b683c3ec3135260"
 S = "${WORKDIR}/git"
 EXTRA_OECONF += "--with-abi-version=5"
 UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+(\.\d+)+)$"
 
 # This is needed when using patchlevel versions like 6.1+20181013
-#CVE_VERSION = 
"${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}"
+CVE_VERSION = 
"${@d.getVar("PV").split('+')[0]}.${@d.getVar("PV").split('+')[1]}"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166312): 
https://lists.openembedded.org/g/openembedded-core/message/166312
Mute This Topic: https://lists.openembedded.org/mt/91451965/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH v2] libpcre2: upgrade 10.39 -> 10.40

[Davide Gardenal]

After a bit of research I found out that the commit that fixes CVE-2022-1587 
(https://github.com/PCRE2Project/pcre2/commit/03654e751e7f0700693526b67dfcadda6b42c9d0)
 is not directly applicable to .39, it needs a compiler update 
(https://github.com/PCRE2Project/pcre2/commit/dea56d2df94546c23021a42d9395f2333589f01e),
 this is a very substantial update. Looking at Fedora and Debian they updated 
the .40 too.

Hope it helps,

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166306): 
https://lists.openembedded.org/g/openembedded-core/message/166306
Mute This Topic: https://lists.openembedded.org/mt/91447368/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH v2] libpcre2: upgrade 10.39 -> 10.40

[Davide Gardenal]

Security fixes and update to Unicode property handling.

Upstream release notes:
https://github.com/PCRE2Project/pcre2/releases/tag/pcre2-10.40

CVE: CVE-2022-1587

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: change commit message
---
 .../libpcre/libpcre2/CVE-2022-1586.patch  | 58 ---
 .../{libpcre2_10.39.bb => libpcre2_10.40.bb}  |  5 +-
 2 files changed, 2 insertions(+), 61 deletions(-)
 delete mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
 rename meta/recipes-support/libpcre/{libpcre2_10.39.bb => libpcre2_10.40.bb} 
(90%)

diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch 
b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
deleted file mode 100644
index 10d88d7b73..00
--- a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From e881ed5028622959cf8859c053501fb1b16387f1 Mon Sep 17 00:00:00 2001
-From: Hitendra Prajapati 
-Date: Mon, 23 May 2022 13:52:39 +0530
-Subject: [PATCH] CVE-2022-1586
-
-Upstream-Status: Backport from 
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
-
-Signed-off-by: Hitendra Prajapati 

- ChangeLog   | 3 +++
- src/pcre2_jit_compile.c | 2 +-
- src/pcre2_jit_test.c| 3 +++
- 3 files changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index d27542d..cd3da65 100644
 a/ChangeLog
-+++ b/ChangeLog
-@@ -63,6 +63,9 @@ Version 10.39 29-October-2021
- 
-   Reformat slightly to make it C89 compatible again.
- 
-+23. Fixed a unicode properrty matching issue in JIT. The character was not
-+fully read in caseless matching.
-+
- 
- Version 10.38 01-October-2021
- -
-diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
-index db2ce65..5baca9b 100644
 a/src/pcre2_jit_compile.c
-+++ b/src/pcre2_jit_compile.c
-@@ -7473,7 +7473,7 @@ while (*cc != XCL_END)
- {
- SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP);
- cc++;
--if (*cc == PT_CLIST)
-+if (*cc == PT_CLIST && *cc == XCL_PROP)
-   {
-   other_cases = PRIV(ucd_caseless_sets) + cc[1];
-   while (*other_cases != NOTACHAR)
-diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
-index 8dee16e..7bb307e 100644
 a/src/pcre2_jit_test.c
-+++ b/src/pcre2_jit_test.c
-@@ -412,6 +412,9 @@ static struct regression_test_case regression_test_cases[] 
= {
-   { MUP, A, 0, 0 | F_PROPERTY, 
"[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", 
"\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" },
-   { PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB  baaa" },
-   { MUP, 0, 0, 0 | F_NOMATCH, "[^\\p{Hangul}\\p{Z}]", " " },
-+  { MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
-+  { MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
-+  { CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" },
- 
-   /* Possible empty brackets. */
-   { MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" },
--- 
-2.35.3
-
diff --git a/meta/recipes-support/libpcre/libpcre2_10.39.bb 
b/meta/recipes-support/libpcre/libpcre2_10.40.bb
similarity index 90%
rename from meta/recipes-support/libpcre/libpcre2_10.39.bb
rename to meta/recipes-support/libpcre/libpcre2_10.40.bb
index 36c51d700a..3843d43b69 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.39.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.40.bb
@@ -8,14 +8,13 @@ SUMMARY = "Perl Compatible Regular Expressions version 2"
 HOMEPAGE = "http://www.pcre.org;
 SECTION = "devel"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENCE;md5=43cfa999260dd853cd6cb174dc396f3d"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=41bfb977e4933c506588724ce69bf5d2"
 
 SRC_URI = 
"https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2
 \
-   file://CVE-2022-1586.patch \
 "
 UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases;
 
-SRC_URI[sha256sum] = 
"0f03caf57f81d9ff362ac28cd389c055ec2bf0678d277349a1a4bee00ad6d440"
+SRC_URI[sha256sum] = 
"14e4b83c4783933dc17e964318e6324f7cae1bc75d8f3c79bc6969f00c159d68"
 
 CVE_PRODUCT = "pcre2"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166305): 
https://lists.openembedded.org/g/openembedded-core/message/166305
Mute This Topic: https://lists.openembedded.org/mt/91447368/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH] libpcre2: upgrade 10.39 -> 10.40

[Davide Gardenal]

On Mon, May 30, 2022 at 09:08 AM, Steve Sakoman wrote:

> 
> Yes, could you fix the CVE namning issue in kirkstone with a separate
> patch, and then resubmit the version bump patch based on this change?

I was checking the patch and realize that the CVE number is not wrong (I 
searched for the wrong CVE online),
I'm going to backport a patch for CVE-2022-1587 and then I will send the 
revision bump.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166304): 
https://lists.openembedded.org/g/openembedded-core/message/166304
Mute This Topic: https://lists.openembedded.org/mt/91429211/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH] libpcre2: upgrade 10.39 -> 10.40

[Davide Gardenal]

On Mon, May 30, 2022 at 08:49 AM, Steve Sakoman wrote:

> 
> 
>> Delete CVE-2022-1586.patch, wrong CVE code (patch included in 10.40).
>> 
>> CVE: CVE-2022-1587
> 
> If this is the case then you should submit a patch for master to
> correct this. If people agree that the version bump is suitable for
> LTS I would then take the upgrade patch from master along with your
> patch to fix the CVE confusion.

Do you mean for kirkstone? Because master doesn't have that patch.

Also if this update is a problem I can just rename the patch so that cve-check 
can work properly.

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166290): 
https://lists.openembedded.org/g/openembedded-core/message/166290
Mute This Topic: https://lists.openembedded.org/mt/91429211/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH] vim: upgrade 8.2.4912 -> 8.2.5034

[Davide Gardenal]

Security update to fix the following CVEs

CVE: CVE-2022-1621
CVE: CVE-2022-1629
CVE: CVE-2022-1674
CVE: CVE-2022-1733
CVE: CVE-2022-1735
CVE: CVE-2022-1769
CVE: CVE-2022-1771
CVE: CVE-2022-1785
CVE: CVE-2022-1796

Signed-off-by: Davide Gardenal 
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index c5922b7fcd..b22e8016ab 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -21,8 +21,8 @@ SRC_URI = 
"git://github.com/vim/vim.git;branch=master;protocol=https \
file://racefix.patch \
"
 
-PV .= ".4912"
-SRCREV = "a7583c42cd6b64fd276a5d7bb0db5ce7bfafa730"
+PV .= ".5034"
+SRCREV = "5a6ec10cc80ab02eeff644ab19b82312630ea855"
 
 # Remove when 8.3 is out
 UPSTREAM_VERSION_UNKNOWN = "1"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166284): 
https://lists.openembedded.org/g/openembedded-core/message/166284
Mute This Topic: https://lists.openembedded.org/mt/91429430/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH] libpcre2: upgrade 10.39 -> 10.40

[Davide Gardenal]

Minor bug fixes and security updates.
Delete CVE-2022-1586.patch, wrong CVE code (patch included in 10.40).

CVE: CVE-2022-1587

Signed-off-by: Davide Gardenal 
---
 .../libpcre/libpcre2/CVE-2022-1586.patch  | 58 ---
 .../{libpcre2_10.39.bb => libpcre2_10.40.bb}  |  5 +-
 2 files changed, 2 insertions(+), 61 deletions(-)
 delete mode 100644 meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
 rename meta/recipes-support/libpcre/{libpcre2_10.39.bb => libpcre2_10.40.bb} 
(90%)

diff --git a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch 
b/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
deleted file mode 100644
index 10d88d7b73..00
--- a/meta/recipes-support/libpcre/libpcre2/CVE-2022-1586.patch
+++ /dev/null
@@ -1,58 +0,0 @@
-From e881ed5028622959cf8859c053501fb1b16387f1 Mon Sep 17 00:00:00 2001
-From: Hitendra Prajapati 
-Date: Mon, 23 May 2022 13:52:39 +0530
-Subject: [PATCH] CVE-2022-1586
-
-Upstream-Status: Backport from 
https://github.com/PCRE2Project/pcre2/commit/50a51cb7e67268e6ad417eb07c9de9bfea5cc55a
-
-Signed-off-by: Hitendra Prajapati 

- ChangeLog   | 3 +++
- src/pcre2_jit_compile.c | 2 +-
- src/pcre2_jit_test.c| 3 +++
- 3 files changed, 7 insertions(+), 1 deletion(-)
-
-diff --git a/ChangeLog b/ChangeLog
-index d27542d..cd3da65 100644
 a/ChangeLog
-+++ b/ChangeLog
-@@ -63,6 +63,9 @@ Version 10.39 29-October-2021
- 
-   Reformat slightly to make it C89 compatible again.
- 
-+23. Fixed a unicode properrty matching issue in JIT. The character was not
-+fully read in caseless matching.
-+
- 
- Version 10.38 01-October-2021
- -
-diff --git a/src/pcre2_jit_compile.c b/src/pcre2_jit_compile.c
-index db2ce65..5baca9b 100644
 a/src/pcre2_jit_compile.c
-+++ b/src/pcre2_jit_compile.c
-@@ -7473,7 +7473,7 @@ while (*cc != XCL_END)
- {
- SLJIT_ASSERT(*cc == XCL_PROP || *cc == XCL_NOTPROP);
- cc++;
--if (*cc == PT_CLIST)
-+if (*cc == PT_CLIST && *cc == XCL_PROP)
-   {
-   other_cases = PRIV(ucd_caseless_sets) + cc[1];
-   while (*other_cases != NOTACHAR)
-diff --git a/src/pcre2_jit_test.c b/src/pcre2_jit_test.c
-index 8dee16e..7bb307e 100644
 a/src/pcre2_jit_test.c
-+++ b/src/pcre2_jit_test.c
-@@ -412,6 +412,9 @@ static struct regression_test_case regression_test_cases[] 
= {
-   { MUP, A, 0, 0 | F_PROPERTY, 
"[\\P{L&}]{2}[^\xc2\x85-\xc2\x89\\p{Ll}\\p{Lu}]{2}", 
"\xc3\xa9\xe6\x92\xad.a\xe6\x92\xad|\xc2\x8a#" },
-   { PCRE2_UCP, 0, 0, 0 | F_PROPERTY, "[a-b\\s]{2,5}[^a]", "AB  baaa" },
-   { MUP, 0, 0, 0 | F_NOMATCH, "[^\\p{Hangul}\\p{Z}]", " " },
-+  { MUP, 0, 0, 0, "[\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
-+  { MUP, 0, 0, 0, "[\\x{a92e}\\p{Lu}\\P{Latin}]+", "c\xEA\xA4\xAE,A,b" },
-+  { CMUP, 0, 0, 0, "[^S]\\B", "\xe2\x80\x8a" },
- 
-   /* Possible empty brackets. */
-   { MU, A, 0, 0, "(?:|ab||bc|a)+d", "abcxabcabd" },
--- 
-2.35.3
-
diff --git a/meta/recipes-support/libpcre/libpcre2_10.39.bb 
b/meta/recipes-support/libpcre/libpcre2_10.40.bb
similarity index 90%
rename from meta/recipes-support/libpcre/libpcre2_10.39.bb
rename to meta/recipes-support/libpcre/libpcre2_10.40.bb
index 36c51d700a..3843d43b69 100644
--- a/meta/recipes-support/libpcre/libpcre2_10.39.bb
+++ b/meta/recipes-support/libpcre/libpcre2_10.40.bb
@@ -8,14 +8,13 @@ SUMMARY = "Perl Compatible Regular Expressions version 2"
 HOMEPAGE = "http://www.pcre.org;
 SECTION = "devel"
 LICENSE = "BSD-3-Clause"
-LIC_FILES_CHKSUM = "file://LICENCE;md5=43cfa999260dd853cd6cb174dc396f3d"
+LIC_FILES_CHKSUM = "file://LICENCE;md5=41bfb977e4933c506588724ce69bf5d2"
 
 SRC_URI = 
"https://github.com/PhilipHazel/pcre2/releases/download/pcre2-${PV}/pcre2-${PV}.tar.bz2
 \
-   file://CVE-2022-1586.patch \
 "
 UPSTREAM_CHECK_URI = "https://github.com/PhilipHazel/pcre2/releases;
 
-SRC_URI[sha256sum] = 
"0f03caf57f81d9ff362ac28cd389c055ec2bf0678d277349a1a4bee00ad6d440"
+SRC_URI[sha256sum] = 
"14e4b83c4783933dc17e964318e6324f7cae1bc75d8f3c79bc6969f00c159d68"
 
 CVE_PRODUCT = "pcre2"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#166283): 
https://lists.openembedded.org/g/openembedded-core/message/166283
Mute This Topic: https://lists.openembedded.org/mt/91429211/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] efivar: add musl libc compatibility

[Davide Gardenal]

Backport patch to get efivar working with musl.

Upstream issue:
https://github.com/rhboot/efivar/issues/202

After commit meta-oe/1582f81805ee3114bc1a44bd5cf52d21f96702ca
fwupd gives an error when trying to build with musl because
efivar is not compatible. This fixes the issue.

Signed-off-by: Davide Gardenal 
---
 .../efisecdb-fix-build-with-musl-libc.patch   | 184 ++
 meta/recipes-bsp/efivar/efivar_38.bb  |   3 +-
 2 files changed, 185 insertions(+), 2 deletions(-)
 create mode 100644 
meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch

diff --git 
a/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch 
b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
new file mode 100644
index 00..ec5b285a06
--- /dev/null
+++ b/meta/recipes-bsp/efivar/efivar/efisecdb-fix-build-with-musl-libc.patch
@@ -0,0 +1,184 @@
+From cece3ffd5be2f8641eb694513f2b73e5eb97ffd3 Mon Sep 17 00:00:00 2001
+From: Natanael Copa 
+Date: Fri, 28 Jan 2022 12:13:30 +0100
+Subject: [PATCH] efisecdb: fix build with musl libc
+
+Refactor code to use POSIX atexit(3) instead of the GNU specific
+on_exit(3).
+
+Resolves: #197
+Resolves: #202
+Signed-off-by: Natanael Copa 
+
+Upstream-Status: Backport
+https://github.com/rhboot/efivar/commit/cece3ffd5be2f8641eb694513f2b73e5eb97ffd3
+
+Signed-off-by: Davide Gardenal 
+---
+ src/compiler.h |  2 --
+ src/efisecdb.c | 68 +++---
+ 2 files changed, 26 insertions(+), 44 deletions(-)
+
+diff --git a/src/compiler.h b/src/compiler.h
+index e2f18f0b..d95fb014 100644
+--- a/src/compiler.h
 b/src/compiler.h
+@@ -7,8 +7,6 @@
+ #ifndef COMPILER_H_
+ #define COMPILER_H_
+ 
+-#include 
+-
+ /* GCC version checking borrowed from glibc. */
+ #if defined(__GNUC__) && defined(__GNUC_MINOR__)
+ #  define GNUC_PREREQ(maj,min) \
+diff --git a/src/efisecdb.c b/src/efisecdb.c
+index f8823737..6bd5ad90 100644
+--- a/src/efisecdb.c
 b/src/efisecdb.c
+@@ -25,6 +25,10 @@
+ extern char *optarg;
+ extern int optind, opterr, optopt;
+ 
++static efi_secdb_t *secdb = NULL;
++static list_t infiles;
++static list_t actions;
++
+ struct hash_param {
+   char *name;
+   efi_secdb_type_t algorithm;
+@@ -187,12 +191,11 @@ add_action(list_t *list, action_type_t action_type, 
const efi_guid_t *owner,
+ }
+ 
+ static void
+-free_actions(int status UNUSED, void *actionsp)
++free_actions(void)
+ {
+-  list_t *actions = (list_t *)actionsp;
+   list_t *pos, *tmp;
+ 
+-  for_each_action_safe(pos, tmp, actions) {
++  for_each_action_safe(pos, tmp, ) {
+   action_t *action = list_entry(pos, action_t, list);
+ 
+   list_del(>list);
+@@ -202,12 +205,11 @@ free_actions(int status UNUSED, void *actionsp)
+ }
+ 
+ static void
+-free_infiles(int status UNUSED, void *infilesp)
++free_infiles(void)
+ {
+-  list_t *infiles = (list_t *)infilesp;
+   list_t *pos, *tmp;
+ 
+-  for_each_ptr_safe(pos, tmp, infiles) {
++  for_each_ptr_safe(pos, tmp, ) {
+   ptrlist_t *entry = list_entry(pos, ptrlist_t, list);
+ 
+   list_del(>list);
+@@ -216,27 +218,12 @@ free_infiles(int status UNUSED, void *infilesp)
+ }
+ 
+ static void
+-maybe_free_secdb(int status UNUSED, void *voidp)
++maybe_free_secdb(void)
+ {
+-  efi_secdb_t **secdbp = (efi_secdb_t **)voidp;
+-
+-  if (secdbp == NULL || *secdbp == NULL)
++  if (secdb == NULL)
+   return;
+ 
+-  efi_secdb_free(*secdbp);
+-}
+-
+-static void
+-maybe_do_unlink(int status, void *filep)
+-{
+-  char **file = (char **)filep;
+-
+-  if (status == 0)
+-  return;
+-  if (file == NULL || *file == NULL)
+-  return;
+-
+-  unlink(*file);
++  efi_secdb_free(secdb);
+ }
+ 
+ static void
+@@ -323,15 +310,6 @@ parse_input_files(list_t *infiles, char **outfile, 
efi_secdb_t **secdb,
+   return status;
+ }
+ 
+-/*
+- * These need to be static globals so that they're not on main's stack when
+- * on_exit() fires.
+- */
+-static efi_secdb_t *secdb = NULL;
+-static list_t infiles;
+-static list_t actions;
+-static char *outfile = NULL;
+-
+ int
+ main(int argc, char *argv[])
+ {
+@@ -351,6 +329,7 @@ main(int argc, char *argv[])
+   bool do_sort_data = false;
+   bool sort_descending = false;
+   int status = 0;
++  char *outfile = NULL;
+ 
+   const char sopts[] = ":aAc:dfg:h:i:Lo:rs:t:v?";
+   const struct option lopts[] = {
+@@ -376,10 +355,9 @@ main(int argc, char *argv[])
+   INIT_LIST_HEAD();
+   INIT_LIST_HEAD();
+ 
+-  on_exit(free_actions, );
+-  on_exit(free_infiles, );
+-  on_exit(maybe_free_secdb, );
+-  on_exit(maybe_do_unlink, );
++  atexit(free_actions);
++  atexit(free_infiles);
++  atexit(maybe_free_secdb);
+ 
+   /*
+* parse the command line.
+@@ -587,24 +565,30 @@ main(int argc, char *argv[])
+   outfd = o

[OE-core] [kirkstone][PATCH] libxml2: Upgrade 2.9.13 -> 2.9.14

[Davide Gardenal]

Signed-off-by: Jiaqing Zhao 
Signed-off-by: Luca Ceresoli 
Signed-off-by: Richard Purdie 

Cherry-picked from master/c4ba21f4012e8859fc793bec7df76e56eb8058ec

Signed-off-by: Davide Gardenal 
---
 .../CVE-2022-23308-fix-regression.patch   | 99 ---
 .../libxml2/libxml-m4-use-pkgconfig.patch | 21 ++--
 .../{libxml2_2.9.13.bb => libxml2_2.9.14.bb}  |  5 +-
 3 files changed, 14 insertions(+), 111 deletions(-)
 delete mode 100644 
meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
 rename meta/recipes-core/libxml/{libxml2_2.9.13.bb => libxml2_2.9.14.bb} (96%)

diff --git 
a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch 
b/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
deleted file mode 100644
index e188914613..00
--- a/meta/recipes-core/libxml/libxml2/CVE-2022-23308-fix-regression.patch
+++ /dev/null
@@ -1,99 +0,0 @@
-From 646fe48d1c8a74310c409ddf81fe7df6700052af Mon Sep 17 00:00:00 2001
-From: Nick Wellnhofer 
-Date: Tue, 22 Feb 2022 11:51:08 +0100
-Subject: [PATCH] Fix --without-valid build
-
-Regressed in commit 652dd12a.

- valid.c | 58 -
- 1 file changed, 29 insertions(+), 29 deletions(-)

-
-From https://github.com/GNOME/libxml2.git
- commit 646fe48d1c8a74310c409ddf81fe7df6700052af
-
-CVE: CVE-2022-23308
-Upstream-Status: Backport
-
-Signed-off-by: Joe Slater 
-
-
-diff --git a/valid.c b/valid.c
-index 8e596f1d..9684683a 100644
 a/valid.c
-+++ b/valid.c
-@@ -479,35 +479,6 @@ nodeVPop(xmlValidCtxtPtr ctxt)
- return (ret);
- }
- 
--/**
-- * xmlValidNormalizeString:
-- * @str: a string
-- *
-- * Normalize a string in-place.
-- */
--static void
--xmlValidNormalizeString(xmlChar *str) {
--xmlChar *dst;
--const xmlChar *src;
--
--if (str == NULL)
--return;
--src = str;
--dst = str;
--
--while (*src == 0x20) src++;
--while (*src != 0) {
--  if (*src == 0x20) {
--  while (*src == 0x20) src++;
--  if (*src != 0)
--  *dst++ = 0x20;
--  } else {
--  *dst++ = *src++;
--  }
--}
--*dst = 0;
--}
--
- #ifdef DEBUG_VALID_ALGO
- static void
- xmlValidPrintNode(xmlNodePtr cur) {
-@@ -2636,6 +2607,35 @@ xmlDumpNotationTable(xmlBufferPtr buf, 
xmlNotationTablePtr table) {
-   (xmlDictOwns(dict, (const xmlChar *)(str)) == 0)))  \
-   xmlFree((char *)(str));
- 
-+/**
-+ * xmlValidNormalizeString:
-+ * @str: a string
-+ *
-+ * Normalize a string in-place.
-+ */
-+static void
-+xmlValidNormalizeString(xmlChar *str) {
-+xmlChar *dst;
-+const xmlChar *src;
-+
-+if (str == NULL)
-+return;
-+src = str;
-+dst = str;
-+
-+while (*src == 0x20) src++;
-+while (*src != 0) {
-+  if (*src == 0x20) {
-+  while (*src == 0x20) src++;
-+  if (*src != 0)
-+  *dst++ = 0x20;
-+  } else {
-+  *dst++ = *src++;
-+  }
-+}
-+*dst = 0;
-+}
-+
- static int
- xmlIsStreaming(xmlValidCtxtPtr ctxt) {
- xmlParserCtxtPtr pctxt;
--- 
-2.35.1
-
diff --git a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch 
b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
index d211f65da3..cc9da88a29 100644
--- a/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
+++ b/meta/recipes-core/libxml/libxml2/libxml-m4-use-pkgconfig.patch
@@ -1,4 +1,4 @@
-From f57da62218cf72c1342da82abafdac6b0a2e4997 Mon Sep 17 00:00:00 2001
+From 7196bce35954c4b46391cb0139aeb15ed628fa54 Mon Sep 17 00:00:00 2001
 From: Tony Tascioglu 
 Date: Fri, 14 May 2021 11:50:35 -0400
 Subject: [PATCH] AM_PATH_XML2 uses xml-config which we disable through
@@ -16,16 +16,18 @@ Rebase to 2.9.9
 Signed-off-by: Hongxu Jia 
 
 Updated to apply cleanly to v2.9.12
-
 Signed-off-by: Tony Tascioglu 
+
+Rebase to 2.9.14
+Signed-off-by: Jiaqing Zhao 
 ---
- libxml.m4 | 190 ++
- 1 file changed, 5 insertions(+), 185 deletions(-)
+ libxml.m4 | 189 ++
+ 1 file changed, 5 insertions(+), 184 deletions(-)
 
-Index: libxml2-2.9.13/libxml.m4
-===
 libxml2-2.9.13.orig/libxml.m4
-+++ libxml2-2.9.13/libxml.m4
+diff --git a/libxml.m4 b/libxml.m4
+index fc7790c..1c53585 100644
+--- a/libxml.m4
 b/libxml.m4
 @@ -1,191 +1,12 @@
 -# Configure paths for LIBXML2
 -# Simon Josefsson 2020-02-12
@@ -223,3 +225,6 @@ Index: libxml2-2.9.13/libxml.m4
 -  AC_SUBST(XML_LIBS)
 -  rm -f conf.xmltest
  ])
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/libxml/libxml2_2.9.13.bb 
b/meta/recipes-core/libxml/libxml2_2.9.14.bb
similarity index 96%
rename from meta/recipes-core/libxml/libxml2_2.9.13.bb
rename to meta/recipes-core/libxml/libxml2_2.9.14.bb
index e361b53bfd..3081ebf92f 100644
--- a/meta/recipes-core/libxml/libxml2_2.9.13.bb
+++ b/meta/recipes-core/libxml/libxml2_2.9

[OE-core] [kirkstone][PATCH 2/2] qemu: backport patch for CVE-2021-4207

[Davide Gardenal]

CVE: CVE-2021-4207

Upstream fix:
https://git.qemu.org/?p=qemu.git;a=commit;h=9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2021-4207.patch | 43 +++
 2 files changed, 44 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index b7762f83a8..cc69eca9ae 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -34,6 +34,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \

file://0002-virtio-net-fix-map-leaking-on-error-during-receive.patch \
file://pvrdma.patch \
file://CVE-2021-4206.patch \
+   file://CVE-2021-4207.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch
new file mode 100644
index 00..38f36abd9e
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-4207.patch
@@ -0,0 +1,43 @@
+From 9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella 
+Date: Thu, 7 Apr 2022 10:11:06 +0200
+Subject: [PATCH] display/qxl-render: fix race condition in qxl_cursor
+ (CVE-2021-4207)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Avoid fetching 'width' and 'height' a second time to prevent possible
+race condition. Refer to security advisory
+https://starlabs.sg/advisories/22-4207/ for more information.
+
+Fixes: CVE-2021-4207
+Signed-off-by: Mauro Matteo Cascella 
+Reviewed-by: Marc-André Lureau 
+Message-Id: <20220407081106.343235-1-mcasc...@redhat.com>
+Signed-off-by: Gerd Hoffmann 
+
+Upstream-Status: Backport
+https://git.qemu.org/?p=qemu.git;a=commit;h=9569f5cb5b4bffa9d3ebc8ba7da1e03830a9a895
+
+Signed-off-by: Davide Gardenal 
+---
+ hw/display/qxl-render.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
+index d28849b..237ed29 100644
+--- a/hw/display/qxl-render.c
 b/hw/display/qxl-render.c
+@@ -266,7 +266,7 @@ static QEMUCursor *qxl_cursor(PCIQXLDevice *qxl, QXLCursor 
*cursor,
+ }
+ break;
+ case SPICE_CURSOR_TYPE_ALPHA:
+-size = sizeof(uint32_t) * cursor->header.width * 
cursor->header.height;
++size = sizeof(uint32_t) * c->width * c->height;
+ qxl_unpack_chunks(c->data, size, qxl, >chunk, group_id);
+ if (qxl->debug > 2) {
+ cursor_print_ascii_art(c, "qxl/alpha");
+-- 
+1.8.3.1
+
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165670): 
https://lists.openembedded.org/g/openembedded-core/message/165670
Mute This Topic: https://lists.openembedded.org/mt/91135752/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH 1/2] qemu: backport patch for CVE-2021-4206

[Davide Gardenal]

CVE: CVE-2021-4206

Upstream fix:
https://git.qemu.org/?p=qemu.git;a=commit;h=fa892e9abb728e76afcf27323ab29c57fb0fe7aa

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2021-4206.patch | 89 +++
 2 files changed, 90 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 1efbb104e2..b7762f83a8 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -33,6 +33,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \

file://0001-vhost-vsock-detach-the-virqueue-element-in-case-of-e.patch \

file://0002-virtio-net-fix-map-leaking-on-error-during-receive.patch \
file://pvrdma.patch \
+   file://CVE-2021-4206.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch
new file mode 100644
index 00..05f9c8f790
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2021-4206.patch
@@ -0,0 +1,89 @@
+From fa892e9abb728e76afcf27323ab29c57fb0fe7aa Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella 
+Date: Thu, 7 Apr 2022 10:17:12 +0200
+Subject: [PATCH] ui/cursor: fix integer overflow in cursor_alloc
+ (CVE-2021-4206)
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+Prevent potential integer overflow by limiting 'width' and 'height' to
+512x512. Also change 'datasize' type to size_t. Refer to security
+advisory https://starlabs.sg/advisories/22-4206/ for more information.
+
+Fixes: CVE-2021-4206
+Signed-off-by: Mauro Matteo Cascella 
+Reviewed-by: Marc-André Lureau 
+Message-Id: <20220407081712.345609-1-mcasc...@redhat.com>
+Signed-off-by: Gerd Hoffmann 
+
+Upstream-Status: Backport
+https://git.qemu.org/?p=qemu.git;a=commit;h=fa892e9abb728e76afcf27323ab29c57fb0fe7aa
+
+Signed-off-by: Davide Gardenal 
+---
+ hw/display/qxl-render.c | 7 +++
+ hw/display/vmware_vga.c | 2 ++
+ ui/cursor.c | 8 +++-
+ 3 files changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/hw/display/qxl-render.c b/hw/display/qxl-render.c
+index 237ed29..ca21700 100644
+--- a/hw/display/qxl-render.c
 b/hw/display/qxl-render.c
+@@ -247,6 +247,13 @@ static QEMUCursor *qxl_cursor(PCIQXLDevice *qxl, 
QXLCursor *cursor,
+ size_t size;
+ 
+ c = cursor_alloc(cursor->header.width, cursor->header.height);
++
++if (!c) {
++qxl_set_guest_bug(qxl, "%s: cursor %ux%u alloc error", __func__,
++cursor->header.width, cursor->header.height);
++goto fail;
++}
++
+ c->hot_x = cursor->header.hot_spot_x;
+ c->hot_y = cursor->header.hot_spot_y;
+ switch (cursor->header.type) {
+diff --git a/hw/display/vmware_vga.c b/hw/display/vmware_vga.c
+index 98c8347..45d06cb 100644
+--- a/hw/display/vmware_vga.c
 b/hw/display/vmware_vga.c
+@@ -515,6 +515,8 @@ static inline void vmsvga_cursor_define(struct 
vmsvga_state_s *s,
+ int i, pixels;
+ 
+ qc = cursor_alloc(c->width, c->height);
++assert(qc != NULL);
++
+ qc->hot_x = c->hot_x;
+ qc->hot_y = c->hot_y;
+ switch (c->bpp) {
+diff --git a/ui/cursor.c b/ui/cursor.c
+index 1d62ddd..835f080 100644
+--- a/ui/cursor.c
 b/ui/cursor.c
+@@ -46,6 +46,8 @@ static QEMUCursor *cursor_parse_xpm(const char *xpm[])
+ 
+ /* parse pixel data */
+ c = cursor_alloc(width, height);
++assert(c != NULL);
++
+ for (pixel = 0, y = 0; y < height; y++, line++) {
+ for (x = 0; x < height; x++, pixel++) {
+ idx = xpm[line][x];
+@@ -91,7 +93,11 @@ QEMUCursor *cursor_builtin_left_ptr(void)
+ QEMUCursor *cursor_alloc(int width, int height)
+ {
+ QEMUCursor *c;
+-int datasize = width * height * sizeof(uint32_t);
++size_t datasize = width * height * sizeof(uint32_t);
++
++if (width > 512 || height > 512) {
++return NULL;
++}
+ 
+ c = g_malloc0(sizeof(QEMUCursor) + datasize);
+ c->width  = width;
+-- 
+1.8.3.1
+
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165669): 
https://lists.openembedded.org/g/openembedded-core/message/165669
Mute This Topic: https://lists.openembedded.org/mt/91135749/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH v2] openssl: minor security upgrade 3.0.2 -> 3.0.3

[Davide Gardenal]

I’m always glad to help :)

> Il giorno 13 mag 2022, alle ore 18:57, Steve Sakoman  ha 
> scritto:
>
> On Fri, May 13, 2022 at 5:56 AM Davide Gardenal
>  wrote:
>>
>> I see, I’m sorry but I haven’t checked master because I’m working on 
>> kirkstone right now, next time I’ll do it.
>
> No worries.  If you don't catch it I probably will :-)
>
> BTW, I really appreciate your help with CVEs!
>
> Steve
>
>>
>> Davide
>>
>> Il giorno 13 mag 2022, alle ore 17:53, Steve Sakoman  ha 
>> scritto:
>>
>> On Fri, May 13, 2022 at 3:35 AM Davide Gardenal
>>  wrote:
>>
>>
>> This minor version include fixes for several CVEs
>>
>> CVE: CVE-2022-1292
>> CVE: CVE-2022-1343
>> CVE: CVE-2022-1434
>> CVE: CVE-2022-1473
>>
>> Signed-off-by: Davide Gardenal 
>> ---
>> Updates:
>> -v2 add kirkstone tag in the title
>>
>>
>> Actually, since master is also at version 3.0.2 this patch will have
>> to go to master first. I'll then backport it.
>>
>> In cases like this you should probably tag [master][kirkstone] so
>> Richard and I both take notice.
>>
>> Steve
>>
>> ---
>> .../openssl/{openssl_3.0.2.bb => openssl_3.0.3.bb} | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>> rename meta/recipes-connectivity/openssl/{openssl_3.0.2.bb => 
>> openssl_3.0.3.bb} (99%)
>>
>> diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb 
>> b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> similarity index 99%
>> rename from meta/recipes-connectivity/openssl/openssl_3.0.2.bb
>> rename to meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> index a809666aa7..fd88ae807d 100644
>> --- a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
>> +++ b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> @@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
>> file://environment.d-openssl.sh \
>> "
>>
>> -SRC_URI[sha256sum] = 
>> "98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
>> +SRC_URI[sha256sum] = 
>> "ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b"
>>
>> inherit lib_package multilib_header multilib_script ptest perlnative
>> MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
>> --
>> 2.32.0
>>
>>
>>
>>
>>



smime.p7s
Description: S/MIME cryptographic signature

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165585): 
https://lists.openembedded.org/g/openembedded-core/message/165585
Mute This Topic: https://lists.openembedded.org/mt/91080703/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [kirkstone][PATCH v2] openssl: minor security upgrade 3.0.2 -> 3.0.3

[Davide Gardenal]

I see, I’m sorry but I haven’t checked master because I’m working on kirkstone 
right now, next time I’ll do it.

Davide

> Il giorno 13 mag 2022, alle ore 17:53, Steve Sakoman  ha 
> scritto:
> 
> On Fri, May 13, 2022 at 3:35 AM Davide Gardenal
> mailto:davidegarde2...@gmail.com>> wrote:
>> 
>> This minor version include fixes for several CVEs
>> 
>> CVE: CVE-2022-1292
>> CVE: CVE-2022-1343
>> CVE: CVE-2022-1434
>> CVE: CVE-2022-1473
>> 
>> Signed-off-by: Davide Gardenal > <mailto:davide.garde...@huawei.com>>
>> ---
>> Updates:
>> -v2 add kirkstone tag in the title
> 
> Actually, since master is also at version 3.0.2 this patch will have
> to go to master first. I'll then backport it.
> 
> In cases like this you should probably tag [master][kirkstone] so
> Richard and I both take notice.
> 
> Steve
> 
>> ---
>> .../openssl/{openssl_3.0.2.bb => openssl_3.0.3.bb} | 2 +-
>> 1 file changed, 1 insertion(+), 1 deletion(-)
>> rename meta/recipes-connectivity/openssl/{openssl_3.0.2.bb => 
>> openssl_3.0.3.bb} (99%)
>> 
>> diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb 
>> b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> similarity index 99%
>> rename from meta/recipes-connectivity/openssl/openssl_3.0.2.bb
>> rename to meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> index a809666aa7..fd88ae807d 100644
>> --- a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
>> +++ b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
>> @@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
>> file://environment.d-openssl.sh \
>> "
>> 
>> -SRC_URI[sha256sum] = 
>> "98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
>> +SRC_URI[sha256sum] = 
>> "ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b"
>> 
>> inherit lib_package multilib_header multilib_script ptest perlnative
>> MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
>> --
>> 2.32.0
>> 
>> 
>> 



smime.p7s
Description: S/MIME cryptographic signature

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165578): 
https://lists.openembedded.org/g/openembedded-core/message/165578
Mute This Topic: https://lists.openembedded.org/mt/91080703/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH v2] openssl: minor security upgrade 3.0.2 -> 3.0.3

[Davide Gardenal]

This minor version include fixes for several CVEs

CVE: CVE-2022-1292
CVE: CVE-2022-1343
CVE: CVE-2022-1434
CVE: CVE-2022-1473

Signed-off-by: Davide Gardenal 
---
Updates:
-v2 add kirkstone tag in the title
---
 .../openssl/{openssl_3.0.2.bb => openssl_3.0.3.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.2.bb => 
openssl_3.0.3.bb} (99%)

diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb 
b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.0.2.bb
rename to meta/recipes-connectivity/openssl/openssl_3.0.3.bb
index a809666aa7..fd88ae807d 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
@@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
 
-SRC_URI[sha256sum] = 
"98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
+SRC_URI[sha256sum] = 
"ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b"
 
 inherit lib_package multilib_header multilib_script ptest perlnative
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165563): 
https://lists.openembedded.org/g/openembedded-core/message/165563
Mute This Topic: https://lists.openembedded.org/mt/91080703/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] openssl: minor security upgrade 3.0.2 -> 3.0.3

[Davide Gardenal]

This minor version include fixes for several CVEs

CVE: CVE-2022-1292
CVE: CVE-2022-1343
CVE: CVE-2022-1434
CVE: CVE-2022-1473

Signed-off-by: Davide Gardenal 
---
 .../openssl/{openssl_3.0.2.bb => openssl_3.0.3.bb}  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-connectivity/openssl/{openssl_3.0.2.bb => 
openssl_3.0.3.bb} (99%)

diff --git a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb 
b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
similarity index 99%
rename from meta/recipes-connectivity/openssl/openssl_3.0.2.bb
rename to meta/recipes-connectivity/openssl/openssl_3.0.3.bb
index a809666aa7..fd88ae807d 100644
--- a/meta/recipes-connectivity/openssl/openssl_3.0.2.bb
+++ b/meta/recipes-connectivity/openssl/openssl_3.0.3.bb
@@ -18,7 +18,7 @@ SRC_URI:append:class-nativesdk = " \
file://environment.d-openssl.sh \
"
 
-SRC_URI[sha256sum] = 
"98e91ccead4d4756ae3c9cde5e09191a8e586d9f4d50838e7ec09d6411dfdb63"
+SRC_URI[sha256sum] = 
"ee0078adcef1de5f003c62c80cc96527721609c6f3bb42b7795df31f8b558c0b"
 
 inherit lib_package multilib_header multilib_script ptest perlnative
 MULTILIB_SCRIPTS = "${PN}-bin:${bindir}/c_rehash"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165562): 
https://lists.openembedded.org/g/openembedded-core/message/165562
Mute This Topic: https://lists.openembedded.org/mt/91080671/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH 3/3] freetype: backport patch for CVE-2022-27406

[Davide Gardenal]

CVE: CVE-2022-27406

Upstream issue:
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1140

Signed-off-by: Davide Gardenal 
---
 .../freetype/freetype/CVE-2022-27406.patch| 32 +++
 .../freetype/freetype_2.11.1.bb   |  1 +
 2 files changed, 33 insertions(+)
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch

diff --git a/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch 
b/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch
new file mode 100644
index 00..49f76c643f
--- /dev/null
+++ b/meta/recipes-graphics/freetype/freetype/CVE-2022-27406.patch
@@ -0,0 +1,32 @@
+From 0c2bdb01a2e1d24a3e592377a6d0822856e10df2 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg 
+Date: Sat, 19 Mar 2022 09:37:28 +0100
+Subject: [PATCH] * src/base/ftobjs.c (FT_Request_Size): Guard `face->size`.
+
+Fixes #1140.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/0c2bdb01a2e1d24a3e592377a6d0822856e10df2
+
+Signed-off-by: Davide Gardenal 
+---
+ src/base/ftobjs.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
+index 6492a1517..282c9121a 100644
+--- a/src/base/ftobjs.c
 b/src/base/ftobjs.c
+@@ -3409,6 +3409,9 @@
+ if ( !face )
+   return FT_THROW( Invalid_Face_Handle );
+ 
++if ( !face->size )
++  return FT_THROW( Invalid_Size_Handle );
++
+ if ( !req || req->width < 0 || req->height < 0 ||
+  req->type >= FT_SIZE_REQUEST_TYPE_MAX )
+   return FT_THROW( Invalid_Argument );
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/freetype/freetype_2.11.1.bb 
b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
index 02a81a4f4f..5b464d3d70 100644
--- a/meta/recipes-graphics/freetype/freetype_2.11.1.bb
+++ b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
@@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = 
"file://LICENSE.TXT;md5=a5927784d823d443c6cae55701d01553 \
 SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz \ 
file://CVE-2022-27404.patch \
file://CVE-2022-27405.patch \
+   file://CVE-2022-27406.patch \
"
 SRC_URI[sha256sum] = 
"ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165554): 
https://lists.openembedded.org/g/openembedded-core/message/165554
Mute This Topic: https://lists.openembedded.org/mt/91077295/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH 2/3] freetype: backport patch for CVE-2022-27405

[Davide Gardenal]

CVE: CVE-2022-27405

Upstream issue:
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1139

Signed-off-by: Davide Gardenal 
---
 .../freetype/freetype/CVE-2022-27405.patch| 41 +++
 .../freetype/freetype_2.11.1.bb   |  1 +
 2 files changed, 42 insertions(+)
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch

diff --git a/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch 
b/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch
new file mode 100644
index 00..582a985221
--- /dev/null
+++ b/meta/recipes-graphics/freetype/freetype/CVE-2022-27405.patch
@@ -0,0 +1,41 @@
+From 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 Mon Sep 17 00:00:00 2001
+From: Werner Lemberg 
+Date: Sat, 19 Mar 2022 06:40:17 +0100
+Subject: [PATCH] * src/base/ftobjs.c (ft_open_face_internal): Properly guard
+ `face_index`.
+
+We must ensure that the cast to `FT_Int` doesn't change the sign.
+
+Fixes #1139.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5
+
+Signed-off-by: Davide Gardenal 
+---
+ src/base/ftobjs.c | 9 +
+ 1 file changed, 9 insertions(+)
+
+diff --git a/src/base/ftobjs.c b/src/base/ftobjs.c
+index 2c0f0e6c9..10952a6c6 100644
+--- a/src/base/ftobjs.c
 b/src/base/ftobjs.c
+@@ -2527,6 +2527,15 @@
+ #endif
+ 
+ 
++/* only use lower 31 bits together with sign bit */
++if ( face_index > 0 )
++  face_index &= 0x7FFFL;
++else
++{
++  face_index &= 0x7FFFL;
++  face_index  = -face_index;
++}
++
+ #ifdef FT_DEBUG_LEVEL_TRACE
+ FT_TRACE3(( "FT_Open_Face: " ));
+ if ( face_index < 0 )
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/freetype/freetype_2.11.1.bb 
b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
index 257c5c6d9a..02a81a4f4f 100644
--- a/meta/recipes-graphics/freetype/freetype_2.11.1.bb
+++ b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
@@ -14,6 +14,7 @@ LIC_FILES_CHKSUM = 
"file://LICENSE.TXT;md5=a5927784d823d443c6cae55701d01553 \
 
 SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz \ 
file://CVE-2022-27404.patch \
+   file://CVE-2022-27405.patch \
"
 SRC_URI[sha256sum] = 
"ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165553): 
https://lists.openembedded.org/g/openembedded-core/message/165553
Mute This Topic: https://lists.openembedded.org/mt/91077293/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH 1/3] freetype: backport patch for CVE-2022-27404

[Davide Gardenal]

CVE: CVE-2022-27404

Upstream issue:
https://gitlab.freedesktop.org/freetype/freetype/-/issues/1138

Signed-off-by: Davide Gardenal 
---
 .../freetype/freetype/CVE-2022-27404.patch| 48 +++
 .../freetype/freetype_2.11.1.bb   |  4 +-
 2 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch

diff --git a/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch 
b/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch
new file mode 100644
index 00..3335fbda06
--- /dev/null
+++ b/meta/recipes-graphics/freetype/freetype/CVE-2022-27404.patch
@@ -0,0 +1,48 @@
+From 53dfdcd8198d2b3201a23c4bad9190519ba918db Mon Sep 17 00:00:00 2001
+From: Werner Lemberg 
+Date: Thu, 17 Mar 2022 19:24:16 +0100
+Subject: [PATCH] [sfnt] Avoid invalid face index.
+
+Fixes #1138.
+
+* src/sfnt/sfobjs.c (sfnt_init_face), src/sfnt/sfwoff2.c (woff2_open_font):
+Check `face_index` before decrementing.
+
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/freetype/freetype/-/commit/53dfdcd8198d2b3201a23c4bad9190519ba918db
+
+Signed-off-by: Davide Gardenal 
+---
+ src/sfnt/sfobjs.c  | 2 +-
+ src/sfnt/sfwoff2.c | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/src/sfnt/sfobjs.c b/src/sfnt/sfobjs.c
+index f9d4d3858..9771c35df 100644
+--- a/src/sfnt/sfobjs.c
 b/src/sfnt/sfobjs.c
+@@ -566,7 +566,7 @@
+ face_index = FT_ABS( face_instance_index ) & 0x;
+ 
+ /* value -(N+1) requests information on index N */
+-if ( face_instance_index < 0 )
++if ( face_instance_index < 0 && face_index > 0 )
+   face_index--;
+ 
+ if ( face_index >= face->ttc_header.count )
+diff --git a/src/sfnt/sfwoff2.c b/src/sfnt/sfwoff2.c
+index cb1e0664a..165b875e5 100644
+--- a/src/sfnt/sfwoff2.c
 b/src/sfnt/sfwoff2.c
+@@ -2085,7 +2085,7 @@
+ /* Validate requested face index. */
+ *num_faces = woff2.num_fonts;
+ /* value -(N+1) requests information on index N */
+-if ( *face_instance_index < 0 )
++if ( *face_instance_index < 0 && face_index > 0 )
+   face_index--;
+ 
+ if ( face_index >= woff2.num_fonts )
+-- 
+GitLab
+
diff --git a/meta/recipes-graphics/freetype/freetype_2.11.1.bb 
b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
index 5055ff185c..257c5c6d9a 100644
--- a/meta/recipes-graphics/freetype/freetype_2.11.1.bb
+++ b/meta/recipes-graphics/freetype/freetype_2.11.1.bb
@@ -12,7 +12,9 @@ LIC_FILES_CHKSUM = 
"file://LICENSE.TXT;md5=a5927784d823d443c6cae55701d01553 \
 file://docs/FTL.TXT;md5=9f37b4e6afa3fef9dba8932b16bd3f97 \
 file://docs/GPLv2.TXT;md5=8ef380476f642c20ebf40fecb0add2ec"
 
-SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz"
+SRC_URI = "${SAVANNAH_NONGNU_MIRROR}/${BPN}/${BP}.tar.xz \ 
+   file://CVE-2022-27404.patch \
+   "
 SRC_URI[sha256sum] = 
"ae7cfda88429c97a7ae63b7d01ab398076c3b67182e960e5684050f2c5c8"
 
 UPSTREAM_CHECK_REGEX = "freetype-(?P\d+(\.\d+)+)"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165552): 
https://lists.openembedded.org/g/openembedded-core/message/165552
Mute This Topic: https://lists.openembedded.org/mt/91077290/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH v2] base-passwd: Disable shell for default users

[Davide Gardenal]

Change the shell of all global static users other than root (which
retains /bin/sh) and sync (as /bin/sync is rather harmless) to
/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)

Upstream-Status: Backport 
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
Signed-off-by: Jiaqing Zhao 
Signed-off-by: Richard Purdie 

Master reference: ba3bc4d7a0a39a96f6e8d340e1b2654d47475f07

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: fix commit message

---
 .../base-passwd/disable-shell.patch   | 57 +++
 .../base-passwd/base-passwd_3.5.29.bb |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 
meta/recipes-core/base-passwd/base-passwd/disable-shell.patch

diff --git a/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch 
b/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
new file mode 100644
index 00..bfaa786018
--- /dev/null
+++ b/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
@@ -0,0 +1,57 @@
+From 91e0db96741359173ddf2be083aafcc1a3c32472 Mon Sep 17 00:00:00 2001
+From: Jiaqing Zhao 
+Date: Mon, 18 Apr 2022 11:22:43 +0800
+Subject: [PATCH] Disable shell for default users
+
+Change the shell of all global static users other than root (which
+retains /bin/sh) and sync (as /bin/sync is rather harmless) to
+/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
+
+Upstream-Status: Backport 
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
+Signed-off-by: Jiaqing Zhao 
+---
+ passwd.master | 32 
+ 1 file changed, 16 insertions(+), 16 deletions(-)
+
+diff --git a/passwd.master b/passwd.master
+index e1c32ff..0cd5ffd 100644
+--- a/passwd.master
 b/passwd.master
+@@ -1,18 +1,18 @@
+ root::0:0:root:/root:/bin/sh
+-daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+-bin:*:2:2:bin:/bin:/bin/sh
+-sys:*:3:3:sys:/dev:/bin/sh
++daemon:*:1:1:daemon:/usr/sbin:/sbin/nologin
++bin:*:2:2:bin:/bin:/sbin/nologin
++sys:*:3:3:sys:/dev:/sbin/nologin
+ sync:*:4:65534:sync:/bin:/bin/sync
+-games:*:5:60:games:/usr/games:/bin/sh
+-man:*:6:12:man:/var/cache/man:/bin/sh
+-lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+-mail:*:8:8:mail:/var/mail:/bin/sh
+-news:*:9:9:news:/var/spool/news:/bin/sh
+-uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+-proxy:*:13:13:proxy:/bin:/bin/sh
+-www-data:*:33:33:www-data:/var/www:/bin/sh
+-backup:*:34:34:backup:/var/backups:/bin/sh
+-list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+-irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+-gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+-nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
++games:*:5:60:games:/usr/games:/sbin/nologin
++man:*:6:12:man:/var/cache/man:/sbin/nologin
++lp:*:7:7:lp:/var/spool/lpd:/sbin/nologin
++mail:*:8:8:mail:/var/mail:/sbin/nologin
++news:*:9:9:news:/var/spool/news:/sbin/nologin
++uucp:*:10:10:uucp:/var/spool/uucp:/sbin/nologin
++proxy:*:13:13:proxy:/bin:/sbin/nologin
++www-data:*:33:33:www-data:/var/www:/sbin/nologin
++backup:*:34:34:backup:/var/backups:/sbin/nologin
++list:*:38:38:Mailing List Manager:/var/list:/sbin/nologin
++irc:*:39:39:ircd:/var/run/ircd:/sbin/nologin
++gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/sbin/nologin
++nobody:*:65534:65534:nobody:/nonexistent:/sbin/nologin
+--
+2.32.0
+
diff --git a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb 
b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
index 9a27ad3ab5..ef7792ae49 100644
--- a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
+++ b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
@@ -14,6 +14,7 @@ SRC_URI = 
"https://launchpad.net/debian/+archive/primary/+files/${BPN}_${PV}.tar
file://input.patch \
file://disable-docs.patch \
file://kvm.patch \
+   file://disable-shell.patch \
"
 
 SRC_URI[md5sum] = "6beccac48083fe8ae5048acd062e5421"
-- 
2.32.0

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165546): 
https://lists.openembedded.org/g/openembedded-core/message/165546
Mute This Topic: https://lists.openembedded.org/mt/91076077/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirkstone][PATCH] base-passwd: Disable shell for default users

[Davide Gardenal]

From: Jiaqing Zhao 

Change the shell of all global static users other than root (which
retains /bin/sh) and sync (as /bin/sync is rather harmless) to
/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)

Upstream-Status: Backport 
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
Signed-off-by: Jiaqing Zhao 
Signed-off-by: Richard Purdie 

Master reference: ba3bc4d7a0a39a96f6e8d340e1b2654d47475f07

Signed-off-by: Davide Gardenal 
---
 .../base-passwd/disable-shell.patch   | 57 +++
 .../base-passwd/base-passwd_3.5.29.bb |  1 +
 2 files changed, 58 insertions(+)
 create mode 100644 
meta/recipes-core/base-passwd/base-passwd/disable-shell.patch

diff --git a/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch 
b/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
new file mode 100644
index 000..dddc93ca353
--- /dev/null
+++ b/meta/recipes-core/base-passwd/base-passwd/disable-shell.patch
@@ -0,0 +1,57 @@
+From 91e0db96741359173ddf2be083aafcc1a3c32472 Mon Sep 17 00:00:00 2001
+From: Jiaqing Zhao 
+Date: Mon, 18 Apr 2022 11:22:43 +0800
+Subject: [PATCH] Disable shell for default users
+
+Change the shell of all global static users other than root (which
+retains /bin/sh) and sync (as /bin/sync is rather harmless) to
+/sbin/nologin (as /usr/sbin/nologin does not exist in openembedded)
+
+Upstream-Status: Backport 
[https://launchpad.net/ubuntu/+source/base-passwd/3.5.30]
+Signed-off-by: Jiaqing Zhao 
+---
+ passwd.master | 32 
+ 1 file changed, 16 insertions(+), 16 deletions(-)
+
+diff --git a/passwd.master b/passwd.master
+index e1c32ff..0cd5ffd 100644
+--- a/passwd.master
 b/passwd.master
+@@ -1,18 +1,18 @@
+ root::0:0:root:/root:/bin/sh
+-daemon:*:1:1:daemon:/usr/sbin:/bin/sh
+-bin:*:2:2:bin:/bin:/bin/sh
+-sys:*:3:3:sys:/dev:/bin/sh
++daemon:*:1:1:daemon:/usr/sbin:/sbin/nologin
++bin:*:2:2:bin:/bin:/sbin/nologin
++sys:*:3:3:sys:/dev:/sbin/nologin
+ sync:*:4:65534:sync:/bin:/bin/sync
+-games:*:5:60:games:/usr/games:/bin/sh
+-man:*:6:12:man:/var/cache/man:/bin/sh
+-lp:*:7:7:lp:/var/spool/lpd:/bin/sh
+-mail:*:8:8:mail:/var/mail:/bin/sh
+-news:*:9:9:news:/var/spool/news:/bin/sh
+-uucp:*:10:10:uucp:/var/spool/uucp:/bin/sh
+-proxy:*:13:13:proxy:/bin:/bin/sh
+-www-data:*:33:33:www-data:/var/www:/bin/sh
+-backup:*:34:34:backup:/var/backups:/bin/sh
+-list:*:38:38:Mailing List Manager:/var/list:/bin/sh
+-irc:*:39:39:ircd:/var/run/ircd:/bin/sh
+-gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/bin/sh
+-nobody:*:65534:65534:nobody:/nonexistent:/bin/sh
++games:*:5:60:games:/usr/games:/sbin/nologin
++man:*:6:12:man:/var/cache/man:/sbin/nologin
++lp:*:7:7:lp:/var/spool/lpd:/sbin/nologin
++mail:*:8:8:mail:/var/mail:/sbin/nologin
++news:*:9:9:news:/var/spool/news:/sbin/nologin
++uucp:*:10:10:uucp:/var/spool/uucp:/sbin/nologin
++proxy:*:13:13:proxy:/bin:/sbin/nologin
++www-data:*:33:33:www-data:/var/www:/sbin/nologin
++backup:*:34:34:backup:/var/backups:/sbin/nologin
++list:*:38:38:Mailing List Manager:/var/list:/sbin/nologin
++irc:*:39:39:ircd:/var/run/ircd:/sbin/nologin
++gnats:*:41:41:Gnats Bug-Reporting System (admin):/var/lib/gnats:/sbin/nologin
++nobody:*:65534:65534:nobody:/nonexistent:/sbin/nologin
+--
+2.32.0
+
diff --git a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb 
b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
index 9a27ad3ab5a..ef7792ae49c 100644
--- a/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
+++ b/meta/recipes-core/base-passwd/base-passwd_3.5.29.bb
@@ -14,6 +14,7 @@ SRC_URI = 
"https://launchpad.net/debian/+archive/primary/+files/${BPN}_${PV}.tar
file://input.patch \
file://disable-docs.patch \
file://kvm.patch \
+   file://disable-shell.patch \
"
 
 SRC_URI[md5sum] = "6beccac48083fe8ae5048acd062e5421"

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165545): 
https://lists.openembedded.org/g/openembedded-core/message/165545
Mute This Topic: https://lists.openembedded.org/mt/91075956/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [kirstone][PATCH] go: minor upgrade 1.17.8 -> 1.17.9

[Davide Gardenal]

This minor update include fixes to the following CVE

CVE: CVE-2022-28327

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/go/{go-1.17.8.inc => go-1.17.9.inc} | 2 +-
 ...{go-binary-native_1.17.8.bb => go-binary-native_1.17.9.bb} | 4 ++--
 ...o-cross-canadian_1.17.8.bb => go-cross-canadian_1.17.9.bb} | 0
 .../go/{go-cross_1.17.8.bb => go-cross_1.17.9.bb} | 0
 .../go/{go-crosssdk_1.17.8.bb => go-crosssdk_1.17.9.bb}   | 0
 .../go/{go-native_1.17.8.bb => go-native_1.17.9.bb}   | 0
 .../go/{go-runtime_1.17.8.bb => go-runtime_1.17.9.bb} | 0
 meta/recipes-devtools/go/{go_1.17.8.bb => go_1.17.9.bb}   | 0
 8 files changed, 3 insertions(+), 3 deletions(-)
 rename meta/recipes-devtools/go/{go-1.17.8.inc => go-1.17.9.inc} (92%)
 rename meta/recipes-devtools/go/{go-binary-native_1.17.8.bb => 
go-binary-native_1.17.9.bb} (83%)
 rename meta/recipes-devtools/go/{go-cross-canadian_1.17.8.bb => 
go-cross-canadian_1.17.9.bb} (100%)
 rename meta/recipes-devtools/go/{go-cross_1.17.8.bb => go-cross_1.17.9.bb} 
(100%)
 rename meta/recipes-devtools/go/{go-crosssdk_1.17.8.bb => 
go-crosssdk_1.17.9.bb} (100%)
 rename meta/recipes-devtools/go/{go-native_1.17.8.bb => go-native_1.17.9.bb} 
(100%)
 rename meta/recipes-devtools/go/{go-runtime_1.17.8.bb => go-runtime_1.17.9.bb} 
(100%)
 rename meta/recipes-devtools/go/{go_1.17.8.bb => go_1.17.9.bb} (100%)

diff --git a/meta/recipes-devtools/go/go-1.17.8.inc 
b/meta/recipes-devtools/go/go-1.17.9.inc
similarity index 92%
rename from meta/recipes-devtools/go/go-1.17.8.inc
rename to meta/recipes-devtools/go/go-1.17.9.inc
index 649c09ec1d..aa2630016b 100644
--- a/meta/recipes-devtools/go/go-1.17.8.inc
+++ b/meta/recipes-devtools/go/go-1.17.9.inc
@@ -17,7 +17,7 @@ SRC_URI += "\
 file://0001-exec.go-do-not-write-linker-flags-into-buildids.patch \
 file://0001-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
 "
-SRC_URI[main.sha256sum] = 
"2effcd898140da79a061f3784ca4f8d8b13d811fb2abe9dad2404442dabbdf7a"
+SRC_URI[main.sha256sum] = 
"763ad4bafb80a9204458c5fa2b8e7327fa971aee454252c0e362c11236156813"
 
 # Upstream don't believe it is a signifiant real world issue and will only
 # fix in 1.17 onwards where we can drop this.
diff --git a/meta/recipes-devtools/go/go-binary-native_1.17.8.bb 
b/meta/recipes-devtools/go/go-binary-native_1.17.9.bb
similarity index 83%
rename from meta/recipes-devtools/go/go-binary-native_1.17.8.bb
rename to meta/recipes-devtools/go/go-binary-native_1.17.9.bb
index 1b85cd50d6..8a80fd1f69 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.17.8.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.17.9.bb
@@ -8,8 +8,8 @@ LIC_FILES_CHKSUM = 
"file://LICENSE;md5=5d4950ecb7b26d2c5e4e7b4e0dd74707"
 PROVIDES = "go-native"
 
 SRC_URI = 
"https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE};
-SRC_URI[go_linux_amd64.sha256sum] = 
"980e65a863377e69fd9b67df9d8395fd8e93858e7a24c9f55803421e453f4f99"
-SRC_URI[go_linux_arm64.sha256sum] = 
"57a9171682e297df1a5bd287be056ed0280195ad079af90af16dcad4f64710cb"
+SRC_URI[go_linux_amd64.sha256sum] = 
"9dacf782028fdfc79120576c872dee488b81257b1c48e9032d122cfdb379cca6"
+SRC_URI[go_linux_arm64.sha256sum] = 
"44dcdcd4f0fa6f83c15ef70b31580f1e3f95895c2f11a00e36c440c3554b6ad5"
 
 UPSTREAM_CHECK_URI = "https://golang.org/dl/;
 UPSTREAM_CHECK_REGEX = "go(?P\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb 
b/meta/recipes-devtools/go/go-cross-canadian_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.17.8.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.17.9.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.17.8.bb 
b/meta/recipes-devtools/go/go-cross_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.17.8.bb
rename to meta/recipes-devtools/go/go-cross_1.17.9.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.17.8.bb 
b/meta/recipes-devtools/go/go-crosssdk_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.17.8.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.17.9.bb
diff --git a/meta/recipes-devtools/go/go-native_1.17.8.bb 
b/meta/recipes-devtools/go/go-native_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-native_1.17.8.bb
rename to meta/recipes-devtools/go/go-native_1.17.9.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.17.8.bb 
b/meta/recipes-devtools/go/go-runtime_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.17.8.bb
rename to meta/recipes-devtools/go/go-runtime_1.17.9.bb
diff --git a/meta/recipes-devtools/go/go_1.17.8.bb 
b/meta/recipes-devtools/go/go_1.17.9.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.17.8.bb
rename to meta

[OE-core] [kirkstone][PATCH] vim: upgrade 8.2.4681 -> 8.2.4912

[Davide Gardenal]

This update include fixes for two CVEs.

CVE: CVE-2022-1381
CVE: CVE-2022-1420

Signed-off-by: Davide Gardenal 
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 21ff036cf4..c5922b7fcd 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -21,8 +21,8 @@ SRC_URI = 
"git://github.com/vim/vim.git;branch=master;protocol=https \
file://racefix.patch \
"
 
-PV .= ".4681"
-SRCREV = "15f74fab653a784548d5d966644926b47ba2cfa7"
+PV .= ".4912"
+SRCREV = "a7583c42cd6b64fd276a5d7bb0db5ce7bfafa730"
 
 # Remove when 8.3 is out
 UPSTREAM_VERSION_UNKNOWN = "1"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165488): 
https://lists.openembedded.org/g/openembedded-core/message/165488
Mute This Topic: https://lists.openembedded.org/mt/91030810/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH v3] rootfs-postcommands: fix symlinks where link and output path are equal

[Davide Gardenal]

When creating the manifest and the testdata.json links, if the link
name is equal to the output name the link is not created, otherwise
it is. This prevents a link-to-self in the first case.

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: change tabs into spaces
- v3: add missing ':' following an if statement
---
 meta/classes/rootfs-postcommands.bbclass | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass 
b/meta/classes/rootfs-postcommands.bbclass
index 7b92df69c5..2fa388ba95 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -267,9 +267,10 @@ python write_image_manifest () {
 
 if os.path.exists(manifest_name) and link_name:
 manifest_link = deploy_dir + "/" + link_name + ".manifest"
-if os.path.lexists(manifest_link):
-os.remove(manifest_link)
-os.symlink(os.path.basename(manifest_name), manifest_link)
+if manifest_link != manifest_name:
+if os.path.lexists(manifest_link):
+os.remove(manifest_link)
+os.symlink(os.path.basename(manifest_name), manifest_link)
 }
 
 # Can be used to create /etc/timestamp during image construction to give a 
reasonably
@@ -339,9 +340,10 @@ python write_image_test_data() {
 
 if os.path.exists(testdata_name) and link_name:
 testdata_link = os.path.join(deploy_dir, "%s.testdata.json" % 
link_name)
-if os.path.lexists(testdata_link):
-os.remove(testdata_link)
-os.symlink(os.path.basename(testdata_name), testdata_link)
+if testdata_link != testdata_name:
+if os.path.lexists(testdata_link):
+os.remove(testdata_link)
+os.symlink(os.path.basename(testdata_name), testdata_link)
 }
 write_image_test_data[vardepsexclude] += "TOPDIR"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165215): 
https://lists.openembedded.org/g/openembedded-core/message/165215
Mute This Topic: https://lists.openembedded.org/mt/90883244/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH v2] rootfs-postcommands: fix symlinks where link and output path are equal

[Davide Gardenal]

When creating the manifest and the testdata.json links, if the link
name is equal to the output name the link is not created, otherwise
it is. This prevents a link-to-self in the first case.

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: change tabs into spaces
---
 meta/classes/rootfs-postcommands.bbclass | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass 
b/meta/classes/rootfs-postcommands.bbclass
index 7b92df69c5..2fa388ba95 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -267,9 +267,10 @@ python write_image_manifest () {
 
 if os.path.exists(manifest_name) and link_name:
 manifest_link = deploy_dir + "/" + link_name + ".manifest"
-if os.path.lexists(manifest_link):
-os.remove(manifest_link)
-os.symlink(os.path.basename(manifest_name), manifest_link)
+if manifest_link != manifest_name
+if os.path.lexists(manifest_link):
+os.remove(manifest_link)
+os.symlink(os.path.basename(manifest_name), manifest_link)
 }
 
 # Can be used to create /etc/timestamp during image construction to give a 
reasonably
@@ -339,9 +340,10 @@ python write_image_test_data() {
 
 if os.path.exists(testdata_name) and link_name:
 testdata_link = os.path.join(deploy_dir, "%s.testdata.json" % 
link_name)
-if os.path.lexists(testdata_link):
-os.remove(testdata_link)
-os.symlink(os.path.basename(testdata_name), testdata_link)
+if testdata_link != testdata_name:
+if os.path.lexists(testdata_link):
+os.remove(testdata_link)
+os.symlink(os.path.basename(testdata_name), testdata_link)
 }
 write_image_test_data[vardepsexclude] += "TOPDIR"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165199): 
https://lists.openembedded.org/g/openembedded-core/message/165199
Mute This Topic: https://lists.openembedded.org/mt/90855850/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [master][kirkstone][PATCH] rootfs-postcommands: fix symlinks where link and output path are equal

[Davide Gardenal]

Yes, I don’t know how this happened...

> Il giorno 3 mag 2022, alle ore 11:43, Luca Ceresoli 
>  ha scritto:
> 
> Hi Davide,
> 
> Il giorno Tue,  3 May 2022 10:03:09 +0200
> "Davide Gardenal"  ha scritto:
> 
>> When creating the manifest and the testdata.json links, if the link
>> name is equal to the output name the link is not created, otherwise
>> it is. This prevents a link-to-self in the first case.
>> 
>> Signed-off-by: Davide Gardenal 
>> ---
>> meta/classes/rootfs-postcommands.bbclass | 14 --
>> 1 file changed, 8 insertions(+), 6 deletions(-)
>> 
>> diff --git a/meta/classes/rootfs-postcommands.bbclass
>> b/meta/classes/rootfs-postcommands.bbclass index
>> 7b92df69c5..c949115647 100644 ---
>> a/meta/classes/rootfs-postcommands.bbclass +++
>> b/meta/classes/rootfs-postcommands.bbclass @@ -267,9 +267,10 @@
>> python write_image_manifest () { 
>> if os.path.exists(manifest_name) and link_name:
>> manifest_link = deploy_dir + "/" + link_name + ".manifest"
>> -if os.path.lexists(manifest_link):
>> -os.remove(manifest_link)
>> -os.symlink(os.path.basename(manifest_name), manifest_link)
>> +if manifest_link != manifest_name
>> +if os.path.lexists(manifest_link):
>> +os.remove(manifest_link)
>> +os.symlink(os.path.basename(manifest_name),
> 
> This change is mixing tabs and spaces.
> 
>> # Can be used to create /etc/timestamp during image construction to
>> give a reasonably @@ -339,9 +340,10 @@ python write_image_test_data()
>> { 
>> if os.path.exists(testdata_name) and link_name:
>> testdata_link = os.path.join(deploy_dir, "%s.testdata.json"
>> % link_name)
>> -if os.path.lexists(testdata_link):
>> -os.remove(testdata_link)
>> -os.symlink(os.path.basename(testdata_name), testdata_link)
>> +if testdata_link != testdata_name:
>> +if os.path.lexists(testdata_link):
>> +os.remove(testdata_link)
>> +os.symlink(os.path.basename(testdata_name),
> 
> And this as well.
> 
> Can you send v2 with spaces-only indentation?
> 
> Best regards,
> -- 
> Luca Ceresoli, Bootlin
> Embedded Linux and Kernel engineering
> https://bootlin.com


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165198): 
https://lists.openembedded.org/g/openembedded-core/message/165198
Mute This Topic: https://lists.openembedded.org/mt/90854718/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] rootfs-postcommands: fix symlinks where link and output path are equal

[Davide Gardenal]

When creating the manifest and the testdata.json links, if the link
name is equal to the output name the link is not created, otherwise
it is. This prevents a link-to-self in the first case.

Signed-off-by: Davide Gardenal 
---
 meta/classes/rootfs-postcommands.bbclass | 14 --
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/meta/classes/rootfs-postcommands.bbclass 
b/meta/classes/rootfs-postcommands.bbclass
index 7b92df69c5..c949115647 100644
--- a/meta/classes/rootfs-postcommands.bbclass
+++ b/meta/classes/rootfs-postcommands.bbclass
@@ -267,9 +267,10 @@ python write_image_manifest () {
 
 if os.path.exists(manifest_name) and link_name:
 manifest_link = deploy_dir + "/" + link_name + ".manifest"
-if os.path.lexists(manifest_link):
-os.remove(manifest_link)
-os.symlink(os.path.basename(manifest_name), manifest_link)
+   if manifest_link != manifest_name
+   if os.path.lexists(manifest_link):
+   os.remove(manifest_link)
+   os.symlink(os.path.basename(manifest_name), 
manifest_link)
 }
 
 # Can be used to create /etc/timestamp during image construction to give a 
reasonably
@@ -339,9 +340,10 @@ python write_image_test_data() {
 
 if os.path.exists(testdata_name) and link_name:
 testdata_link = os.path.join(deploy_dir, "%s.testdata.json" % 
link_name)
-if os.path.lexists(testdata_link):
-os.remove(testdata_link)
-os.symlink(os.path.basename(testdata_name), testdata_link)
+   if testdata_link != testdata_name:
+   if os.path.lexists(testdata_link):
+   os.remove(testdata_link)
+   os.symlink(os.path.basename(testdata_name), 
testdata_link)
 }
 write_image_test_data[vardepsexclude] += "TOPDIR"
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165195): 
https://lists.openembedded.org/g/openembedded-core/message/165195
Mute This Topic: https://lists.openembedded.org/mt/90854718/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] cve-check: fix symlinks where link and output path are equal

[Davide Gardenal]

An if statement now checks if the link and output path are
the same, if they are then the link is not created,
otherwise it is.

Signed-off-by: Davide Gardenal 
---
 meta/classes/cve-check.bbclass | 19 +++
 1 file changed, 11 insertions(+), 8 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index e4e7240..8a53660 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -121,10 +121,11 @@ python cve_save_summary_handler () {
 
 if cve_summary_file and os.path.exists(cve_summary_file):
 cvefile_link = os.path.join(cvelogpath, cve_summary_name)
-
-if os.path.exists(os.path.realpath(cvefile_link)):
-os.remove(cvefile_link)
-os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+# if the paths are the same don't create the link
+if cvefile_link != cve_summary_file:
+if os.path.exists(os.path.realpath(cvefile_link)):
+os.remove(cvefile_link)
+os.symlink(os.path.basename(cve_summary_file), cvefile_link)
 
 json_summary_link_name = os.path.join(cvelogpath, 
d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
 json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % 
(cve_summary_name, timestamp))
@@ -198,10 +199,12 @@ python cve_check_write_rootfs_manifest () {
 
 if manifest_name and os.path.exists(manifest_name):
 manifest_link = os.path.join(deploy_dir, "%s.cve" % link_name)
-# If we already have another manifest, update symlinks
-if os.path.exists(os.path.realpath(manifest_link)):
-os.remove(manifest_link)
-os.symlink(os.path.basename(manifest_name), manifest_link)
+# if they are the same don't create the link
+if manifest_link != manifest_name:
+# If we already have another manifest, update symlinks
+if os.path.exists(os.path.realpath(manifest_link)):
+os.remove(manifest_link)
+os.symlink(os.path.basename(manifest_name), manifest_link)
 bb.plain("Image CVE report stored in: %s" % manifest_name)
 
 link_path = os.path.join(deploy_dir, "%s.json" % link_name)
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165193): 
https://lists.openembedded.org/g/openembedded-core/message/165193
Mute This Topic: https://lists.openembedded.org/mt/90854612/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH v3] cve-check: add JSON format to summary output

[Davide Gardenal]

Create generate_json_report including all the code used to generate the JSON
manifest file.
Add to cve_save_summary_handler the ability to create the summary in JSON 
format.

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: add a check to prevent linking the symlink to self and deleting the 
output file
  if the link name and the output name are the same
- v3: fix patch not applying
---
 meta/classes/cve-check.bbclass | 51 +---
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 78516d0..e4e7240 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -79,6 +79,30 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
 # set to "alphabetical" for version using single alphabetical character as 
increment release
 CVE_VERSION_SUFFIX ??= ""
 
+def generate_json_report(out_path, link_path):
+if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
+import json
+from oe.cve_check import cve_check_merge_jsons
+
+bb.note("Generating JSON CVE summary")
+index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
+summary = {"version":"1", "package": []}
+with open(index_file) as f:
+filename = f.readline()
+while filename:
+with open(filename.rstrip()) as j:
+data = json.load(j)
+cve_check_merge_jsons(summary, data)
+filename = f.readline()
+
+with open(out_path, "w") as f:
+json.dump(summary, f, indent=2)
+
+if link_path != out_path:
+if os.path.exists(os.path.realpath(link_path)):
+os.remove(link_path)
+os.symlink(os.path.basename(out_path), link_path)
+
 python cve_save_summary_handler () {
 import shutil
 import datetime
@@ -101,6 +125,11 @@ python cve_save_summary_handler () {
 if os.path.exists(os.path.realpath(cvefile_link)):
 os.remove(cvefile_link)
 os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+
+json_summary_link_name = os.path.join(cvelogpath, 
d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
+json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % 
(cve_summary_name, timestamp))
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("CVE report summary created at: %s" % json_summary_link_name)
 }
 
 addhandler cve_save_summary_handler
@@ -175,25 +204,11 @@ python cve_check_write_rootfs_manifest () {
 os.symlink(os.path.basename(manifest_name), manifest_link)
 bb.plain("Image CVE report stored in: %s" % manifest_name)
 
-if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
-import json
+link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
 bb.note("Generating JSON CVE manifest")
-deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
-link_name = d.getVar("IMAGE_LINK_NAME")
-manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
-index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
-manifest = {"version":"1", "package": []}
-with open(index_file) as f:
-filename = f.readline()
-while filename:
-with open(filename.rstrip()) as j:
-data = json.load(j)
-cve_check_merge_jsons(manifest, data)
-filename = f.readline()
-
-with open(manifest_name, "w") as f:
-json.dump(manifest, f, indent=2)
-bb.plain("Image CVE report stored in: %s" % manifest_name)
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("Image CVE JSON report stored in: %s" % link_path)
 }
 
 ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' 
if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165191): 
https://lists.openembedded.org/g/openembedded-core/message/165191
Mute This Topic: https://lists.openembedded.org/mt/90854601/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH v2] cve-check: add JSON format to summary output

[Davide Gardenal]

Create generate_json_report including all the code used to generate the JSON
manifest file.
Add to cve_save_summary_handler the ability to create the summary in JSON 
format.

Signed-off-by: Davide Gardenal 
---
Updates:
- v2: add a check to prevent linking the symlink to self and deleting the 
output file
  if the link name and the output name are the same
---
 meta-oniro-staging/classes/cve-check.bbclass | 51 +---
 1 file changed, 33 insertions(+), 18 deletions(-)

diff --git a/meta-oniro-staging/classes/cve-check.bbclass 
b/meta-oniro-staging/classes/cve-check.bbclass
index 78516d0..e4e7240 100644
--- a/meta-oniro-staging/classes/cve-check.bbclass
+++ b/meta-oniro-staging/classes/cve-check.bbclass
@@ -79,6 +79,30 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
 # set to "alphabetical" for version using single alphabetical character as 
increment release
 CVE_VERSION_SUFFIX ??= ""
 
+def generate_json_report(out_path, link_path):
+if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
+import json
+from oe.cve_check import cve_check_merge_jsons
+
+bb.note("Generating JSON CVE summary")
+index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
+summary = {"version":"1", "package": []}
+with open(index_file) as f:
+filename = f.readline()
+while filename:
+with open(filename.rstrip()) as j:
+data = json.load(j)
+cve_check_merge_jsons(summary, data)
+filename = f.readline()
+
+with open(out_path, "w") as f:
+json.dump(summary, f, indent=2)
+
+if link_path != out_path:
+if os.path.exists(os.path.realpath(link_path)):
+os.remove(link_path)
+os.symlink(os.path.basename(out_path), link_path)
+
 python cve_save_summary_handler () {
 import shutil
 import datetime
@@ -101,6 +125,11 @@ python cve_save_summary_handler () {
 if os.path.exists(os.path.realpath(cvefile_link)):
 os.remove(cvefile_link)
 os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+
+json_summary_link_name = os.path.join(cvelogpath, 
d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
+json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % 
(cve_summary_name, timestamp))
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("CVE report summary created at: %s" % json_summary_link_name)
 }
 
 addhandler cve_save_summary_handler
@@ -175,25 +204,11 @@ python cve_check_write_rootfs_manifest () {
 os.symlink(os.path.basename(manifest_name), manifest_link)
 bb.plain("Image CVE report stored in: %s" % manifest_name)
 
-if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
-import json
+link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
 bb.note("Generating JSON CVE manifest")
-deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
-link_name = d.getVar("IMAGE_LINK_NAME")
-manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
-index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
-manifest = {"version":"1", "package": []}
-with open(index_file) as f:
-filename = f.readline()
-while filename:
-with open(filename.rstrip()) as j:
-data = json.load(j)
-cve_check_merge_jsons(manifest, data)
-filename = f.readline()
-
-with open(manifest_name, "w") as f:
-json.dump(manifest, f, indent=2)
-bb.plain("Image CVE report stored in: %s" % manifest_name)
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("Image CVE JSON report stored in: %s" % link_path)
 }
 
 ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' 
if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165190): 
https://lists.openembedded.org/g/openembedded-core/message/165190
Mute This Topic: https://lists.openembedded.org/mt/90854508/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] cve-check: add JSON format to summary output

[Davide Gardenal]

Create generate_json_report including all the code used to generate the JSON
manifest file.
Add to cve_save_summary_handler the ability to create the summary in JSON 
format.

Signed-off-by: Davide Gardenal 
---
 meta/classes/cve-check.bbclass | 50 +---
 1 file changed, 32 insertions(+), 18 deletions(-)

diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass
index 78516d0..64875d7 100644
--- a/meta/classes/cve-check.bbclass
+++ b/meta/classes/cve-check.bbclass
@@ -79,6 +79,29 @@ CVE_CHECK_LAYER_INCLUDELIST ??= ""
 # set to "alphabetical" for version using single alphabetical character as 
increment release
 CVE_VERSION_SUFFIX ??= ""
 
+def generate_json_report(out_path, link_path):
+if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
+import json
+from oe.cve_check import cve_check_merge_jsons
+
+bb.note("Generating JSON CVE summary")
+index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
+summary = {"version":"1", "package": []}
+with open(index_file) as f:
+filename = f.readline()
+while filename:
+with open(filename.rstrip()) as j:
+data = json.load(j)
+cve_check_merge_jsons(summary, data)
+filename = f.readline()
+
+with open(out_path, "w") as f:
+json.dump(summary, f, indent=2)
+
+if os.path.exists(os.path.realpath(link_path)):
+os.remove(link_path)
+os.symlink(os.path.basename(out_path), link_path)
+
 python cve_save_summary_handler () {
 import shutil
 import datetime
@@ -101,6 +124,11 @@ python cve_save_summary_handler () {
 if os.path.exists(os.path.realpath(cvefile_link)):
 os.remove(cvefile_link)
 os.symlink(os.path.basename(cve_summary_file), cvefile_link)
+
+json_summary_link_name = os.path.join(cvelogpath, 
d.getVar("CVE_CHECK_SUMMARY_FILE_NAME_JSON"))
+json_summary_name = os.path.join(cvelogpath, "%s-%s.json" % 
(cve_summary_name, timestamp))
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("CVE report summary created at: %s" % json_summary_link_name)
 }
 
 addhandler cve_save_summary_handler
@@ -175,25 +203,11 @@ python cve_check_write_rootfs_manifest () {
 os.symlink(os.path.basename(manifest_name), manifest_link)
 bb.plain("Image CVE report stored in: %s" % manifest_name)
 
-if os.path.exists(d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")):
-import json
+link_path = os.path.join(deploy_dir, "%s.json" % link_name)
+manifest_path = d.getVar("CVE_CHECK_MANIFEST_JSON")
 bb.note("Generating JSON CVE manifest")
-deploy_dir = d.getVar("DEPLOY_DIR_IMAGE")
-link_name = d.getVar("IMAGE_LINK_NAME")
-manifest_name = d.getVar("CVE_CHECK_MANIFEST_JSON")
-index_file = d.getVar("CVE_CHECK_SUMMARY_INDEX_PATH")
-manifest = {"version":"1", "package": []}
-with open(index_file) as f:
-filename = f.readline()
-while filename:
-with open(filename.rstrip()) as j:
-data = json.load(j)
-cve_check_merge_jsons(manifest, data)
-filename = f.readline()
-
-with open(manifest_name, "w") as f:
-json.dump(manifest, f, indent=2)
-bb.plain("Image CVE report stored in: %s" % manifest_name)
+generate_json_report(json_summary_name, json_summary_link_name)
+bb.plain("Image CVE JSON report stored in: %s" % link_path)
 }
 
 ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest; ' 
if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165160): 
https://lists.openembedded.org/g/openembedded-core/message/165160
Mute This Topic: https://lists.openembedded.org/mt/90830880/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [master][kirkstone][PATCH v2] create-spdx: delete virtual/kernel dependency to fix FreeRTOS build

[Davide Gardenal]

I saw that this patch was not included in the kirkstone backport list. Could 
you consider to add it please?

Thanks!

Davide

CC: Steve Sakoman

> Il giorno 26 apr 2022, alle ore 15:49, Davide Gardenal 
>  ha scritto:
> 
> When building FreeRTOS this dependency generates an error because
> bitbake cannot find any provider for "virtual/kernel".
> From a dependency analysis the task is executed indipendently from
> this so it can be safely removed.
> 
> This patch has been discussed in this ML thread:
> https://lists.openembedded.org/g/openembedded-core/topic/90602531
> 
> Signed-off-by: Davide Gardenal 
> ---
> Updates:
> - v2: Reword of the commit message
> ---
> meta/classes/create-spdx.bbclass | 2 --
> 1 file changed, 2 deletions(-)
> 
> diff --git a/meta/classes/create-spdx.bbclass 
> b/meta/classes/create-spdx.bbclass
> index 28fc449636..9979c1d70e 100644
> --- a/meta/classes/create-spdx.bbclass
> +++ b/meta/classes/create-spdx.bbclass
> @@ -35,8 +35,6 @@ SPDX_SUPPLIER[doc] = "The SPDX PackageSupplier field for 
> SPDX packages created f
> is the contact information for the person or organization who is doing 
> the \
> build."
> 
> -do_image_complete[depends] = "virtual/kernel:do_create_spdx"
> -
> def extract_licenses(filename):
> import re
> 
> -- 
> 2.32.0
> 


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165007): 
https://lists.openembedded.org/g/openembedded-core/message/165007
Mute This Topic: https://lists.openembedded.org/mt/90708152/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] cve-check: building world doesn't create the manifest

[Davide Gardenal]

Greetings,

In the current version of cve-check there is no way of creating the manifest 
when building world. The reason why is due to these two lines:
> 
> 
> ROOTFS_POSTPROCESS_COMMAND:prepend = "${@'cve_check_write_rootfs_manifest;
> ' if d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"
> do_rootfs[recrdeptask] += "${@'do_cve_check' if
> d.getVar('CVE_CHECK_CREATE_MANIFEST') == '1' else ''}"

The problem is that in world there is no do_rootfs so the function 
cve_check_write_rootfs_manifest is never executed hence the manifest is not 
created.
My idea was to convert cve_check_write_rootfs_manifest to a handler listening 
for BuildCompleted but then if someone builds more than one image the output is 
broken.
Any suggestions are welcome and appreciated, thanks!

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#165002): 
https://lists.openembedded.org/g/openembedded-core/message/165002
Mute This Topic: https://lists.openembedded.org/mt/90771986/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH v2] create-spdx: delete virtual/kernel dependency to fix FreeRTOS build

[Davide Gardenal]

When building FreeRTOS this dependency generates an error because
bitbake cannot find any provider for "virtual/kernel".
>From a dependency analysis the task is executed indipendently from
this so it can be safely removed.

This patch has been discussed in this ML thread:
https://lists.openembedded.org/g/openembedded-core/topic/90602531

Signed-off-by: Davide Gardenal 
---
Updates:
 - v2: Reword of the commit message
---
 meta/classes/create-spdx.bbclass | 2 --
 1 file changed, 2 deletions(-)

diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass
index 28fc449636..9979c1d70e 100644
--- a/meta/classes/create-spdx.bbclass
+++ b/meta/classes/create-spdx.bbclass
@@ -35,8 +35,6 @@ SPDX_SUPPLIER[doc] = "The SPDX PackageSupplier field for SPDX 
packages created f
 is the contact information for the person or organization who is doing the 
\
 build."
 
-do_image_complete[depends] = "virtual/kernel:do_create_spdx"
-
 def extract_licenses(filename):
 import re
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164876): 
https://lists.openembedded.org/g/openembedded-core/message/164876
Mute This Topic: https://lists.openembedded.org/mt/90708152/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [master][kirkstone][PATCH] create-spdx: delete virtual/kernel dependency to fix FreeRTOS build

[Davide Gardenal]

This patch has been discussed in this ML thread:
https://lists.openembedded.org/g/openembedded-core/topic/90602531

Signed-off-by: Davide Gardenal 
---
 meta/classes/create-spdx.bbclass | 2 --
 1 file changed, 2 deletions(-)

diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass
index 28fc449636..9979c1d70e 100644
--- a/meta/classes/create-spdx.bbclass
+++ b/meta/classes/create-spdx.bbclass
@@ -35,8 +35,6 @@ SPDX_SUPPLIER[doc] = "The SPDX PackageSupplier field for SPDX 
packages created f
 is the contact information for the person or organization who is doing the 
\
 build."
 
-do_image_complete[depends] = "virtual/kernel:do_create_spdx"
-
 def extract_licenses(filename):
 import re
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164859): 
https://lists.openembedded.org/g/openembedded-core/message/164859
Mute This Topic: https://lists.openembedded.org/mt/90703350/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] create-spdx: question about virtual/kernel dependency

[Davide Gardenal]

Yes we could but I'm not sure if that dependency is needed in the first place.
Looking at the dependency graph I can see that other tasks depend upon it so 
could it be redundant to have it?

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164757): 
https://lists.openembedded.org/g/openembedded-core/message/164757
Mute This Topic: https://lists.openembedded.org/mt/90602531/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] create-spdx: question about virtual/kernel dependency

[Davide Gardenal]

Greetings,

I'm currently having a problem with this ( 
https://git.openembedded.org/openembedded-core/tree/meta/classes/create-spdx.bbclass?h=kirkstone#n38
 ) dependency in create-spdx.bbclass.
When building Linux everything is fine but using FreeRTOS brakes the build 
because there is no "virtual/kernel" provided.
My question now is, is it really a necessary thing to have or not?

Thanks for the help,

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164752): 
https://lists.openembedded.org/g/openembedded-core/message/164752
Mute This Topic: https://lists.openembedded.org/mt/90602531/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [PATCH] create-spdx: fix error when symlink cannot be created

[Davide Gardenal]

If IMAGE_NAME and IMAGE_LINK_NAME are the same an
exception is raised in image_combine_spdx because
it cannot create a symlink with the same exact
path of the original file. In that case there is
no point in creating a link in the first place.

Refactor image_combine_spdx to avoid code duplication

Signed-off-by: Davide Gardenal 
---
 meta/classes/create-spdx.bbclass | 10 --
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/meta/classes/create-spdx.bbclass b/meta/classes/create-spdx.bbclass
index 137db81a5b..47a8764bf0 100644
--- a/meta/classes/create-spdx.bbclass
+++ b/meta/classes/create-spdx.bbclass
@@ -835,16 +835,14 @@ python image_combine_spdx() {
 
 combine_spdx(d, image_name, imgdeploydir, img_spdxid, packages)
 
-if image_link_name:
-image_spdx_path = imgdeploydir / (image_name + ".spdx.json")
-image_spdx_link = imgdeploydir / (image_link_name + ".spdx.json")
-image_spdx_link.symlink_to(os.path.relpath(image_spdx_path, 
image_spdx_link.parent))
-
 def make_image_link(target_path, suffix):
 if image_link_name:
 link = imgdeploydir / (image_link_name + suffix)
-link.symlink_to(os.path.relpath(target_path, link.parent))
+if link != target_path:
+link.symlink_to(os.path.relpath(target_path, link.parent))
 
+image_spdx_path = imgdeploydir / (image_name + ".spdx.json")
+make_image_link(image_spdx_path, ".spdx.json")
 spdx_tar_path = imgdeploydir / (image_name + ".spdx.tar.zst")
 make_image_link(spdx_tar_path, ".spdx.tar.zst")
 spdx_index_path = imgdeploydir / (image_name + ".spdx.index.json")
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164408): 
https://lists.openembedded.org/g/openembedded-core/message/164408
Mute This Topic: https://lists.openembedded.org/mt/90464261/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][master][PATCH v3] libarchive: upgrate from 3.6.0 to 3.6.1

[Davide Gardenal]

This release contains security fixes
including CVE-2022-26280 fix.

Signed-off-by: Davide Gardenal 
---
Update v3:
Instead of backporting the patch upgrade to the latest release with
the CVE fix. Thanks Quentin Schulz for the advise.  
Update v2:
Change title from [meta-oe] to [oe-core]
---
 .../libarchive/{libarchive_3.6.0.bb => libarchive_3.6.1.bb} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-extended/libarchive/{libarchive_3.6.0.bb => 
libarchive_3.6.1.bb} (96%)

diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb 
b/meta/recipes-extended/libarchive/libarchive_3.6.1.bb
similarity index 96%
rename from meta/recipes-extended/libarchive/libarchive_3.6.0.bb
rename to meta/recipes-extended/libarchive/libarchive_3.6.1.bb
index f078c8ad03..c795b41628 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.6.1.bb
@@ -35,7 +35,7 @@ EXTRA_OECONF += "--enable-largefile"
 SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz;
 UPSTREAM_CHECK_URI = "http://libarchive.org/;
 
-SRC_URI[sha256sum] = 
"a36613695ffa2905fdedc997b6df04a3006ccfd71d747a339b78aa8412c3d852"
+SRC_URI[sha256sum] = 
"c676146577d989189940f1959d9e3980d28513d74eedfbc6b7f15ea45fe54ee2"
 
 inherit autotools update-alternatives pkgconfig
 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164224): 
https://lists.openembedded.org/g/openembedded-core/message/164224
Mute This Topic: https://lists.openembedded.org/mt/90394591/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [master][PATCH v2] libarchive: backport patch to fix CVE-2022-26280

[Davide Gardenal]

Hi Quentin,

I just missed the release so I'm going to send a v3 patch now, thanks!

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164223): 
https://lists.openembedded.org/g/openembedded-core/message/164223
Mute This Topic: https://lists.openembedded.org/mt/90393740/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][master][PATCH v2] libarchive: backport patch to fix CVE-2022-26280

[Davide Gardenal]

Signed-off-by: Davide Gardenal 
---
Update v2:
Change title from [meta-oe] to [oe-core]
---
 .../libarchive/CVE-2022-26280.patch   | 31 +++
 .../libarchive/libarchive_3.6.0.bb|  4 ++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch

diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch 
b/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch
new file mode 100644
index 00..c322e12274
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch
@@ -0,0 +1,31 @@
+From cfaa28168a07ea4a53276b63068f94fce37d6aff Mon Sep 17 00:00:00 2001
+From: Tim Kientzle 
+Date: Thu, 24 Mar 2022 10:35:00 +0100
+Subject: [PATCH] ZIP reader: fix possible out-of-bounds read in
+ zipx_lzma_alone_init()
+
+Fixes #1672
+
+CVE: CVE-2022-26280
+
+Upstream-Status: Backport
+https://github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
+
+Signed-off-by: Davide Gardenal 
+---
+ libarchive/archive_read_support_format_zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_zip.c 
b/libarchive/archive_read_support_format_zip.c
+index 38ada70b5..9d6c900b2 100644
+--- a/libarchive/archive_read_support_format_zip.c
 b/libarchive/archive_read_support_format_zip.c
+@@ -1667,7 +1667,7 @@ zipx_lzma_alone_init(struct archive_read *a, struct zip 
*zip)
+*/
+ 
+   /* Read magic1,magic2,lzma_params from the ZIPX stream. */
+-  if((p = __archive_read_ahead(a, 9, NULL)) == NULL) {
++  if(zip->entry_bytes_remaining < 9 || (p = __archive_read_ahead(a, 9, 
NULL)) == NULL) {
+   archive_set_error(>archive, ARCHIVE_ERRNO_FILE_FORMAT,
+   "Truncated lzma data");
+   return (ARCHIVE_FATAL); 
diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb 
b/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
index f078c8ad03..16d6e2af2d 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
@@ -32,7 +32,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd,"
 
 EXTRA_OECONF += "--enable-largefile"
 
-SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz;
+SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
+   file://CVE-2022-26280.patch"
+
 UPSTREAM_CHECK_URI = "http://libarchive.org/;
 
 SRC_URI[sha256sum] = 
"a36613695ffa2905fdedc997b6df04a3006ccfd71d747a339b78aa8412c3d852"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164221): 
https://lists.openembedded.org/g/openembedded-core/message/164221
Mute This Topic: https://lists.openembedded.org/mt/90393740/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core] [meta-oe][master][PATCH] libarchive: backport patch to fix CVE-2022-26280

[Davide Gardenal]

Signed-off-by: Davide Gardenal 
---
 .../libarchive/CVE-2022-26280.patch   | 31 +++
 .../libarchive/libarchive_3.6.0.bb|  4 ++-
 2 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 
meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch

diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch 
b/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch
new file mode 100644
index 00..c322e12274
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/CVE-2022-26280.patch
@@ -0,0 +1,31 @@
+From cfaa28168a07ea4a53276b63068f94fce37d6aff Mon Sep 17 00:00:00 2001
+From: Tim Kientzle 
+Date: Thu, 24 Mar 2022 10:35:00 +0100
+Subject: [PATCH] ZIP reader: fix possible out-of-bounds read in
+ zipx_lzma_alone_init()
+
+Fixes #1672
+
+CVE: CVE-2022-26280
+
+Upstream-Status: Backport
+https://github.com/libarchive/libarchive/commit/cfaa28168a07ea4a53276b63068f94fce37d6aff
+
+Signed-off-by: Davide Gardenal 
+---
+ libarchive/archive_read_support_format_zip.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/libarchive/archive_read_support_format_zip.c 
b/libarchive/archive_read_support_format_zip.c
+index 38ada70b5..9d6c900b2 100644
+--- a/libarchive/archive_read_support_format_zip.c
 b/libarchive/archive_read_support_format_zip.c
+@@ -1667,7 +1667,7 @@ zipx_lzma_alone_init(struct archive_read *a, struct zip 
*zip)
+*/
+ 
+   /* Read magic1,magic2,lzma_params from the ZIPX stream. */
+-  if((p = __archive_read_ahead(a, 9, NULL)) == NULL) {
++  if(zip->entry_bytes_remaining < 9 || (p = __archive_read_ahead(a, 9, 
NULL)) == NULL) {
+   archive_set_error(>archive, ARCHIVE_ERRNO_FILE_FORMAT,
+   "Truncated lzma data");
+   return (ARCHIVE_FATAL); 
diff --git a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb 
b/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
index f078c8ad03..16d6e2af2d 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.6.0.bb
@@ -32,7 +32,9 @@ PACKAGECONFIG[zstd] = "--with-zstd,--without-zstd,zstd,"
 
 EXTRA_OECONF += "--enable-largefile"
 
-SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz;
+SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
+   file://CVE-2022-26280.patch"
+
 UPSTREAM_CHECK_URI = "http://libarchive.org/;
 
 SRC_URI[sha256sum] = 
"a36613695ffa2905fdedc997b6df04a3006ccfd71d747a339b78aa8412c3d852"
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#164220): 
https://lists.openembedded.org/g/openembedded-core/message/164220
Mute This Topic: https://lists.openembedded.org/mt/90393720/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][dunfell][PATCH v2] go: backport patch fix for CVE-2021-38297

[Davide Gardenal]

Patch taken from
https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
from the following issue
https://github.com/golang/go/issues/48797

Original repo
https://go.googlesource.com/go/+/77f2750f4398990eed972186706f160631d7dae4

Signed-off-by: Davide Gardenal 
---
V2 Update:
 Update go-1.14.inc to the latest revision
 Inline isWasm method to solve compile error
 Thanks to Steve Sakoman for the feedback
---
 meta/recipes-devtools/go/go-1.14.inc  |  4 +
 .../go/go-1.14/CVE-2021-38297.patch   | 97 +++
 2 files changed, 101 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index 9b3c3b30a8..f98757d10d 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -19,9 +19,13 @@ SRC_URI += "\
 file://CVE-2021-34558.patch \
 file://CVE-2021-33196.patch \
 file://CVE-2021-33197.patch \
+file://CVE-2021-38297.patch \
 file://CVE-2022-23806.patch \
 file://CVE-2022-23772.patch \
 "
+
+# file://CVE-2021-38297.patch
+
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
 SRC_URI[main.sha256sum] = 
"7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149"
 
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch
new file mode 100644
index 00..24ceabf808
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch
@@ -0,0 +1,97 @@
+From 4548fcc8dfd933c237f29bba6f90040a85922564 Mon Sep 17 00:00:00 2001
+From: Michael Knyszek 
+Date: Thu, 2 Sep 2021 16:51:59 -0400
+Subject: [PATCH] [release-branch.go1.16] misc/wasm, cmd/link: do not let
+ command line args overwrite global data
+
+On Wasm, wasm_exec.js puts command line arguments at the beginning
+of the linear memory (following the "zero page"). Currently there
+is no limit for this, and a very long command line can overwrite
+the program's data section. Prevent this by limiting the command
+line to 4096 bytes, and in the linker ensuring the data section
+starts at a high enough address (8192).
+
+(Arguably our address assignment on Wasm is a bit confusing. This
+is the minimum fix I can come up with.)
+
+Thanks to Ben Lubar for reporting this issue.
+
+Change by Cherry Mui .
+
+For #48797
+Fixes #48799
+Fixes CVE-2021-38297
+
+Change-Id: I0f50fbb2a5b6d0d047e3c134a88988d9133e4ab3
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1205933
+Reviewed-by: Roland Shoemaker 
+Reviewed-by: Than McIntosh 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/354591
+Trust: Michael Knyszek 
+Reviewed-by: Heschi Kreinick 
+
+CVE: CVE-2021-38297
+
+Upstream-Status: Backport:
+https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
+
+Inline of ctxt.isWAsm followin this implemetation:
+https://github.com/golang/go/blob/4548fcc8dfd933c237f29bba6f90040a85922564/src/cmd/link/internal/ld/target.go#L127
+
+Signed-off-by: Davide Gardenal 
+---
+ misc/wasm/wasm_exec.js   |  7 +++
+ src/cmd/link/internal/ld/data.go | 11 ++-
+ 2 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/misc/wasm/wasm_exec.js b/misc/wasm/wasm_exec.js
+index 82041e6bb901..a0a264278b1b 100644
+--- a/misc/wasm/wasm_exec.js
 b/misc/wasm/wasm_exec.js
+@@ -564,6 +564,13 @@
+   offset += 8;
+   });
+ 
++  // The linker guarantees global data starts from at 
least wasmMinDataAddr.
++  // Keep in sync with 
cmd/link/internal/ld/data.go:wasmMinDataAddr.
++  const wasmMinDataAddr = 4096 + 4096;
++  if (offset >= wasmMinDataAddr) {
++  throw new Error("command line too long");
++  }
++
+   this._inst.exports.run(argc, argv);
+   if (this.exited) {
+   this._resolveExitPromise();
+diff --git a/src/cmd/link/internal/ld/data.go 
b/src/cmd/link/internal/ld/data.go
+index 52035e96301c..54a1d188cdb9 100644
+--- a/src/cmd/link/internal/ld/data.go
 b/src/cmd/link/internal/ld/data.go
+@@ -2330,6 +2330,11 @@ func assignAddress(ctxt *Link, sect *sym.Section, n 
int, s loader.Sym, va uint64
+   return sect, n, va
+ }
+ 
++// On Wasm, we reserve 4096 bytes for zero page, then 4096 bytes for 
wasm_exec.js
++// to store command line args. Data sections starts from at least address 
8192.
++// Keep in sync with wasm_exec.js.
++const wasmMinDataAddr = 4096 + 4096
++
+ // address assigns virtual addresses to all segments and sections and
+ // returns all segments in file order.
+ func (ctxt *Link) address() []*sym.Segment {
+@@ -2339,10 +2344,14 @@ func (ctxt *Link) ad

[oe-core][dunfell][PATCH] go: backport patch fix for CVE-2021-38297

[Davide Gardenal]

Patch taken from
https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
from the following issue
https://github.com/golang/go/issues/48797

Original repo
https://go.googlesource.com/go/+/77f2750f4398990eed972186706f160631d7dae4

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/go/go-1.14.inc  |  1 +
 .../go/go-1.14/CVE-2021-38297.patch   | 94 +++
 2 files changed, 95 insertions(+)
 create mode 100644 meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch

diff --git a/meta/recipes-devtools/go/go-1.14.inc 
b/meta/recipes-devtools/go/go-1.14.inc
index abc6f42184..947f1798ee 100644
--- a/meta/recipes-devtools/go/go-1.14.inc
+++ b/meta/recipes-devtools/go/go-1.14.inc
@@ -19,6 +19,7 @@ SRC_URI += "\
 file://CVE-2021-34558.patch \
 file://CVE-2021-33196.patch \
 file://CVE-2021-33197.patch \
+file://CVE-2021-38297.patch \
 "
 SRC_URI_append_libc-musl = " 
file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
 SRC_URI[main.sha256sum] = 
"7ed13b2209e54a451835997f78035530b331c5b6943cdcd68a3d815fdc009149"
diff --git a/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch 
b/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch
new file mode 100644
index 00..0b5d0b591e
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.14/CVE-2021-38297.patch
@@ -0,0 +1,94 @@
+From 4548fcc8dfd933c237f29bba6f90040a85922564 Mon Sep 17 00:00:00 2001
+From: Michael Knyszek 
+Date: Thu, 2 Sep 2021 16:51:59 -0400
+Subject: [PATCH] [release-branch.go1.16] misc/wasm, cmd/link: do not let
+ command line args overwrite global data
+
+On Wasm, wasm_exec.js puts command line arguments at the beginning
+of the linear memory (following the "zero page"). Currently there
+is no limit for this, and a very long command line can overwrite
+the program's data section. Prevent this by limiting the command
+line to 4096 bytes, and in the linker ensuring the data section
+starts at a high enough address (8192).
+
+(Arguably our address assignment on Wasm is a bit confusing. This
+is the minimum fix I can come up with.)
+
+Thanks to Ben Lubar for reporting this issue.
+
+Change by Cherry Mui .
+
+For #48797
+Fixes #48799
+Fixes CVE-2021-38297
+
+Change-Id: I0f50fbb2a5b6d0d047e3c134a88988d9133e4ab3
+Reviewed-on: 
https://team-review.git.corp.google.com/c/golang/go-private/+/1205933
+Reviewed-by: Roland Shoemaker 
+Reviewed-by: Than McIntosh 
+Reviewed-on: https://go-review.googlesource.com/c/go/+/354591
+Trust: Michael Knyszek 
+Reviewed-by: Heschi Kreinick 
+
+CVE: CVE-2021-38297
+
+Upstream-Status: Backport:
+https://github.com/golang/go/commit/4548fcc8dfd933c237f29bba6f90040a85922564
+
+Signed-off-by: Davide Gardenal 
+---
+ misc/wasm/wasm_exec.js   |  7 +++
+ src/cmd/link/internal/ld/data.go | 11 ++-
+ 2 files changed, 17 insertions(+), 1 deletion(-)
+
+diff --git a/misc/wasm/wasm_exec.js b/misc/wasm/wasm_exec.js
+index 82041e6bb901..a0a264278b1b 100644
+--- a/misc/wasm/wasm_exec.js
 b/misc/wasm/wasm_exec.js
+@@ -564,6 +564,13 @@
+   offset += 8;
+   });
+ 
++  // The linker guarantees global data starts from at 
least wasmMinDataAddr.
++  // Keep in sync with 
cmd/link/internal/ld/data.go:wasmMinDataAddr.
++  const wasmMinDataAddr = 4096 + 4096;
++  if (offset >= wasmMinDataAddr) {
++  throw new Error("command line too long");
++  }
++
+   this._inst.exports.run(argc, argv);
+   if (this.exited) {
+   this._resolveExitPromise();
+diff --git a/src/cmd/link/internal/ld/data.go 
b/src/cmd/link/internal/ld/data.go
+index 52035e96301c..54a1d188cdb9 100644
+--- a/src/cmd/link/internal/ld/data.go
 b/src/cmd/link/internal/ld/data.go
+@@ -2330,6 +2330,11 @@ func assignAddress(ctxt *Link, sect *sym.Section, n 
int, s loader.Sym, va uint64
+   return sect, n, va
+ }
+ 
++// On Wasm, we reserve 4096 bytes for zero page, then 4096 bytes for 
wasm_exec.js
++// to store command line args. Data sections starts from at least address 
8192.
++// Keep in sync with wasm_exec.js.
++const wasmMinDataAddr = 4096 + 4096
++
+ // address assigns virtual addresses to all segments and sections and
+ // returns all segments in file order.
+ func (ctxt *Link) address() []*sym.Segment {
+@@ -2339,10 +2344,14 @@ func (ctxt *Link) address() []*sym.Segment {
+   order = append(order, )
+   Segtext.Rwx = 05
+   Segtext.Vaddr = va
+-  for _, s := range Segtext.Sections {
++  for i, s := range Segtext.Sections {
+   va = uint64(Rnd(int64(va), int64(s.Align)))
+   s.Vaddr = va
+   va += s.Length
++
++  if ctxt.IsWasm() && i == 0 && va < wasmMinDataAddr {
++  va = wa

[oe-core][dunfell][PATCH] ghostscript: backport patch fix for CVE-2021-3781

[Davide Gardenal]

Upstream advisory:
https://ghostscript.com/blog/CVE-2021-3781.html

Other than the CVE fix other two commits are backported
to fit the patch.

Signed-off-by: Davide Gardenal 
---
 .../ghostscript/CVE-2021-3781_1.patch | 121 +
 .../ghostscript/CVE-2021-3781_2.patch |  37 +++
 .../ghostscript/CVE-2021-3781_3.patch | 238 ++
 .../ghostscript/ghostscript_9.52.bb   |   3 +
 4 files changed, 399 insertions(+)
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_1.patch
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_2.patch
 create mode 100644 
meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_3.patch

diff --git 
a/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_1.patch 
b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_1.patch
new file mode 100644
index 00..033ba77f9a
--- /dev/null
+++ b/meta/recipes-extended/ghostscript/ghostscript/CVE-2021-3781_1.patch
@@ -0,0 +1,121 @@
+From 3920a727fb19e19f597e518610ce2416d08cb75f Mon Sep 17 00:00:00 2001
+From: Chris Liddell 
+Date: Thu, 20 Aug 2020 17:19:09 +0100
+Subject: [PATCH] Fix pdfwrite "%d" mode with file permissions
+
+Firstly, in gx_device_delete_output_file the iodev pointer was being passed
+to the delete_method incorrectly (passing a pointer to that pointer). Thus
+when we attempted to use that to confirm permission to delete the file, it
+crashed. Credit to Ken for finding that.
+
+Secondly, due to the way pdfwrite works, when running with an output file per
+page, it creates the current output file immediately it has completed writing
+the previous one. Thus, it has to delete that partial file on exit.
+
+Previously, the output file was not added to the "control" permission list,
+so an attempt to delete it would result in an error. So add the output file
+to the "control" as well as "write" list.
+
+CVE: CVE-2021-3781
+
+Upstream-Status: Backport:
+https://git.ghostscript.com/?p=ghostpdl.git;a=commit;f=base/gslibctx.c;h=3920a727fb19e19f597e518610ce2416d08cb75f
+
+Signed-off-by: Davide Gardenal 
+---
+ base/gsdevice.c |  2 +-
+ base/gslibctx.c | 20 ++--
+ 2 files changed, 15 insertions(+), 7 deletions(-)
+
+diff --git a/base/gsdevice.c b/base/gsdevice.c
+index 913119495..ac78af93f 100644
+--- a/base/gsdevice.c
 b/base/gsdevice.c
+@@ -1185,7 +1185,7 @@ int gx_device_delete_output_file(const gx_device * dev, 
const char *fname)
+ parsed.len = strlen(parsed.fname);
+ }
+ if (parsed.iodev)
+-code = parsed.iodev->procs.delete_file((gx_io_device 
*)(), (const char *)parsed.fname);
++code = parsed.iodev->procs.delete_file((gx_io_device 
*)(parsed.iodev), (const char *)parsed.fname);
+ else
+ code = gs_note_error(gs_error_invalidfileaccess);
+ 
+diff --git a/base/gslibctx.c b/base/gslibctx.c
+index d726c58b5..ff8fc895e 100644
+--- a/base/gslibctx.c
 b/base/gslibctx.c
+@@ -647,7 +647,7 @@ gs_add_outputfile_control_path(gs_memory_t *mem, const 
char *fname)
+ char *fp, f[gp_file_name_sizeof];
+ const int pipe = 124; /* ASCII code for '|' */
+ const int len = strlen(fname);
+-int i;
++int i, code;
+ 
+ /* Be sure the string copy will fit */
+ if (len >= gp_file_name_sizeof)
+@@ -658,8 +658,6 @@ gs_add_outputfile_control_path(gs_memory_t *mem, const 
char *fname)
+ rewrite_percent_specifiers(f);
+ for (i = 0; i < len; i++) {
+ if (f[i] == pipe) {
+-   int code;
+-
+fp = [i + 1];
+/* Because we potentially have to check file permissions at two 
levels
+   for the output file (gx_device_open_output_file and the low 
level
+@@ -671,10 +669,16 @@ gs_add_outputfile_control_path(gs_memory_t *mem, const 
char *fname)
+if (code < 0)
+return code;
+break;
++   code = gs_add_control_path(mem, gs_permit_file_control, f);
++   if (code < 0)
++   return code;
+ }
+ if (!IS_WHITESPACE(f[i]))
+ break;
+ }
++code = gs_add_control_path(mem, gs_permit_file_control, fp);
++if (code < 0)
++return code;
+ return gs_add_control_path(mem, gs_permit_file_writing, fp);
+ }
+ 
+@@ -684,7 +688,7 @@ gs_remove_outputfile_control_path(gs_memory_t *mem, const 
char *fname)
+ char *fp, f[gp_file_name_sizeof];
+ const int pipe = 124; /* ASCII code for '|' */
+ const int len = strlen(fname);
+-int i;
++int i, code;
+ 
+ /* Be sure the string copy will fit */
+ if (len >= gp_file_name_sizeof)
+@@ -694,8 +698,6 @@ gs_remove_outputfile_control_path(gs_memory_t *mem, const 
char *fname)
+ /* Try to rewrite any %d (or similar) in the string */
+ for (i = 0; i < len; i++) {
+ if (f[i] == pipe) {
+-   int code;
+-
+fp = [i + 1];
+/* B

[oe-core][dunfell][PATCH] apt: backport patch fix for CVE-2020-3810

[Davide Gardenal]

Upstream commit:
https://salsa.debian.org/apt-team/apt/-/blob/dceb1e49e4b8e4dadaf056be34088b415939cda6/apt-pkg/contrib/arfile.cc

CVE: CVE-2020-3810

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/apt/apt.inc |   1 +
 .../apt/apt/CVE-2020-3810.patch   | 174 ++
 2 files changed, 175 insertions(+)
 create mode 100644 meta/recipes-devtools/apt/apt/CVE-2020-3810.patch

diff --git a/meta/recipes-devtools/apt/apt.inc 
b/meta/recipes-devtools/apt/apt.inc
index 3c4fc6df07..ba827848a7 100644
--- a/meta/recipes-devtools/apt/apt.inc
+++ b/meta/recipes-devtools/apt/apt.inc
@@ -18,6 +18,7 @@ SRC_URI = 
"https://launchpad.net/ubuntu/+archive/primary/+sourcefiles/${BPN}/${P

file://0001-environment.mak-musl-based-systems-can-generate-shar.patch \
file://0001-apt-1.2.12-Fix-musl-build.patch \
file://0001-Include-array.h-for-std-array.patch \
+   file://CVE-2020-3810.patch \
"
 SRC_URI[md5sum] = "d30eed9304e82ea8238c854b5c5a34d9"
 SRC_URI[sha256sum] = 
"03ded4f5e9b8d43ecec083704b2dcabf20c182ed382db9ac7251da0b0b038059"
diff --git a/meta/recipes-devtools/apt/apt/CVE-2020-3810.patch 
b/meta/recipes-devtools/apt/apt/CVE-2020-3810.patch
new file mode 100644
index 00..cf1206a3fa
--- /dev/null
+++ b/meta/recipes-devtools/apt/apt/CVE-2020-3810.patch
@@ -0,0 +1,174 @@
+From dceb1e49e4b8e4dadaf056be34088b415939cda6 Mon Sep 17 00:00:00 2001
+From: Julian Andres Klode 
+Date: Tue, 12 May 2020 11:49:09 +0200
+Subject: [PATCH] SECURITY UPDATE: Fix out of bounds read in .ar and .tar
+ implementation (CVE-2020-3810)
+
+When normalizing ar member names by removing trailing whitespace
+and slashes, an out-out-bound read can be caused if the ar member
+name consists only of such characters, because the code did not
+stop at 0, but would wrap around and continue reading from the
+stack, without any limit.
+
+Add a check to abort if we reached the first character in the
+name, effectively rejecting the use of names consisting just
+of slashes and spaces.
+
+Furthermore, certain error cases in arfile.cc and extracttar.cc have
+included member names in the output that were not checked at all and
+might hence not be nul terminated, leading to further out of bound reads.
+
+Fixes Debian/apt#111
+LP: #1878177
+
+CVE: CVE-2020-3810
+
+Upstream-Status: Backport:
+https://salsa.debian.org/apt-team/apt/-/commit/dceb1e49e4b8e4dadaf056be34088b415939cda6
+
+Signed-off-by: Davide Gardenal 
+---
+apt-inst/contrib/arfile.cc | 11 ++-
+apt-inst/contrib/extracttar.cc |  2 +-
+.../test-github-111-invalid-armember  | 88 +++
+ 3 files changed, 98 insertions(+), 3 deletions(-)
+ create mode 100755 test/integration/test-github-111-invalid-armember
+
+diff --git a/apt-inst/contrib/arfile.cc b/st/contrib/arfile.cc
+index 3fc3afedb..5cb43c690 100644
+--- a/apt-inst/contrib/arfile.cc
 b/apt-inst/contrib/arfile.cc
+@@ -92,7 +92,7 @@ bool ARArchive::LoadHeaders()
+ StrToNum(Head.Size,Memb->Size,sizeof(Head.Size)) == false)
+   {
+delete Memb;
+-   return _error->Error(_("Invalid archive member header %s"), Head.Name);
++   return _error->Error(_("Invalid archive member header"));
+   }
+
+   // Check for an extra long name string
+@@ -119,7 +119,14 @@ bool ARArchive::LoadHeaders()
+   else
+   {
+unsigned int I = sizeof(Head.Name) - 1;
+-   for (; Head.Name[I] == ' ' || Head.Name[I] == '/'; I--);
++   for (; Head.Name[I] == ' ' || Head.Name[I] == '/'; I--)
++   {
++  if (I == 0)
++  {
++ delete Memb;
++ return _error->Error(_("Invalid archive member header"));
++  }
++   }
+Memb->Name = std::string(Head.Name,I+1);
+   }
+ 
+diff --git a/apt-inst/contrib/extracttar.cc b/apt-inst/contrib/extracttar.cc
+index 9bb0a55c0..b22f59dbc 100644
+--- a/apt-inst/contrib/extracttar.cc
 b/apt-inst/contrib/extracttar.cc
+@@ -254,7 +254,7 @@ bool ExtractTar::Go(pkgDirStream )
+
+default:
+BadRecord = true;
+-   _error->Warning(_("Unknown TAR header type %u, member 
%s"),(unsigned)Tar->LinkFlag,Tar->Name);
++   _error->Warning(_("Unknown TAR header type %u"), 
(unsigned)Tar->LinkFlag);
+break;
+   }
+   
+diff --git a/test/integration/test-github-111-invalid-armember 
b/test/integration/test-github-111-invalid-armember
+new file mode 100755
+index 0..ec2163bf6
+--- /dev/null
 b/test/integration/test-github-111-invalid-armember
+@@ -0,0 +1,88 @@
++#!/bin/sh
++set -e
++
++TESTDIR="$(readlink -f "$(dirname "$0")")"
++. "$TESTDIR/framework"
++setupenvironment
++configarchitecture "amd64"
++setupaptarchive
++
++# this used to crash, but it should treat it as an in

Re: [OE-core] [dunfell][PATCH v2] qemu: backport patch fix for CVE-2020-13791

[Davide Gardenal]

Understood, sorry I'm not yet very familiar, still learning.

Thanks for the feedback!

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163614): 
https://lists.openembedded.org/g/openembedded-core/message/163614
Mute This Topic: https://lists.openembedded.org/mt/89996991/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][dunfell][PATCH v2] qemu: backport patch fix for CVE-2020-13791

[Davide Gardenal]

Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html

CVE: CVE-2020-13791

Update v2: rebase with patch for CVE-2020-13253 and
add Upstream-Status in patch description

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2020-13791.patch| 44 +++
 2 files changed, 45 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index 0bdc917783..25c2cdef3a 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -97,6 +97,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-13253_3.patch \
file://CVE-2020-13253_4.patch \
file://CVE-2020-13253_5.patch \
+   file://CVE-2020-13791.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch
new file mode 100644
index 00..1e8278f7b7
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch
@@ -0,0 +1,44 @@
+Date:  Thu, 4 Jun 2020 16:25:24 +0530
+From: Prasad J Pandit 
+Subject:   [PATCH v3] ati-vga: check address before reading configuration 
bytes (CVE-2020-13791)
+
+While reading PCI configuration bytes, a guest may send an
+address towards the end of the configuration space. It may lead
+to an OOB access issue. Add check to ensure 'address + size' is
+within PCI configuration space.
+
+CVE: CVE-2020-13791
+
+Upstream-Status: Submitted
+https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html
+
+Reported-by: Ren Ding 
+Reported-by: Hanqing Zhao 
+Reported-by: Yi Ren 
+Suggested-by: BALATON Zoltan 
+Signed-off-by: Prasad J Pandit 
+Signed-off-by: Davide Gardenal 
+---
+ hw/display/ati.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+Update v3: avoid modifying 'addr' variable
+  -> https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00834.html
+
+diff --git a/hw/display/ati.c b/hw/display/ati.c
+index 67604e68de..b4d0fd88b7 100644
+--- a/hw/display/ati.c
 b/hw/display/ati.c
+@@ -387,7 +387,9 @@ static uint64_t ati_mm_read(void *opaque, hwaddr addr, 
unsigned int size)
+ val = s->regs.crtc_pitch;
+ break;
+ case 0xf00 ... 0xfff:
+-val = pci_default_read_config(>dev, addr - 0xf00, size);
++if ((addr - 0xf00) + size <= pci_config_size(>dev)) {
++val = pci_default_read_config(>dev, addr - 0xf00, size);
++}
+ break;
+ case CUR_OFFSET:
+ val = s->regs.cur_offset;
+-- 
+2.26.2 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163605): 
https://lists.openembedded.org/g/openembedded-core/message/163605
Mute This Topic: https://lists.openembedded.org/mt/89996991/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][dunfell][PATCH] qemu: backport patch fix for CVE-2020-13791

[Davide Gardenal]

Upstream patch:
https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00979.html

CVE: CVE-2020-13791

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |  1 +
 .../qemu/qemu/CVE-2020-13791.patch| 40 +++
 2 files changed, 41 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index ef9bc3f64a..01cda49eee 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -92,6 +92,7 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-27617.patch \
file://CVE-2020-28916.patch \
file://CVE-2021-3682.patch \
+   file://CVE-2020-13791.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch
new file mode 100644
index 00..6026f02e54
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13791.patch
@@ -0,0 +1,40 @@
+Date:  Thu, 4 Jun 2020 16:25:24 +0530
+From: Prasad J Pandit 
+Subject:   [PATCH v3] ati-vga: check address before reading configuration 
bytes (CVE-2020-13791)
+
+While reading PCI configuration bytes, a guest may send an
+address towards the end of the configuration space. It may lead
+to an OOB access issue. Add check to ensure 'address + size' is
+within PCI configuration space.
+
+CVE: CVE-2020-13791
+
+Reported-by: Ren Ding 
+Reported-by: Hanqing Zhao 
+Reported-by: Yi Ren 
+Suggested-by: BALATON Zoltan 
+Signed-off-by: Prasad J Pandit 
+---
+ hw/display/ati.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+Update v3: avoid modifying 'addr' variable
+  -> https://lists.gnu.org/archive/html/qemu-devel/2020-06/msg00834.html
+
+diff --git a/hw/display/ati.c b/hw/display/ati.c
+index 67604e68de..b4d0fd88b7 100644
+--- a/hw/display/ati.c
 b/hw/display/ati.c
+@@ -387,7 +387,9 @@ static uint64_t ati_mm_read(void *opaque, hwaddr addr, 
unsigned int size)
+ val = s->regs.crtc_pitch;
+ break;
+ case 0xf00 ... 0xfff:
+-val = pci_default_read_config(>dev, addr - 0xf00, size);
++if ((addr - 0xf00) + size <= pci_config_size(>dev)) {
++val = pci_default_read_config(>dev, addr - 0xf00, size);
++}
+ break;
+ case CUR_OFFSET:
+ val = s->regs.cur_offset;
+-- 
+2.26.2 
-- 
2.32.0


-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163591): 
https://lists.openembedded.org/g/openembedded-core/message/163591
Mute This Topic: https://lists.openembedded.org/mt/89980626/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][dunfell][PATCH v2] qemu: backport fix for CVE-2020-13253

[Davide Gardenal]

Backport commits from the following MR:
https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6

Two other commits have been backported in order to be able
to correctly apply the patches.

CVE: CVE-2020-13253

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |   5 +
 .../qemu/qemu/CVE-2020-13253_1.patch  |  50 +++
 .../qemu/qemu/CVE-2020-13253_2.patch  | 112 ++
 .../qemu/qemu/CVE-2020-13253_3.patch  |  86 +++
 .../qemu/qemu/CVE-2020-13253_4.patch  | 139 ++
 .../qemu/qemu/CVE-2020-13253_5.patch  |  54 +++
 6 files changed, 446 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_4.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_5.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index ef9bc3f64a..0bdc917783 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -92,6 +92,11 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-27617.patch \
file://CVE-2020-28916.patch \
file://CVE-2021-3682.patch \
+   file://CVE-2020-13253_1.patch \
+   file://CVE-2020-13253_2.patch \
+   file://CVE-2020-13253_3.patch \
+   file://CVE-2020-13253_4.patch \
+   file://CVE-2020-13253_5.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
new file mode 100644
index 00..7f8383987c
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
@@ -0,0 +1,50 @@
+From 6dd3a164f5b31c703c7d8372841ad3bd6a57de6d Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= 
+Date: Tue, 5 Jun 2018 22:28:51 -0300
+Subject: [PATCH 1/1] hw/sd/sdcard: Simplify realize() a bit
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+We don't need to check if sd->blk is set twice.
+
+Reviewed-by: Peter Maydell 
+Signed-off-by: Philippe Mathieu-Daudé 
+Reviewed-by: Alistair Francis 
+Message-Id: <20200630133912.9428-18-f4...@amsat.org>
+
+Upstram-Status: Backport:
+https://git.qemu.org/?p=qemu.git;a=commit;f=hw/sd/sd.c;h=6dd3a164f5b31c703c7d8372841ad3bd6a57de6d
+
+CVE: CVE-2020-13253
+
+Signed-off-by: Davide Gardenal 
+---
+ hw/sd/sd.c | 10 +-
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/hw/sd/sd.c b/hw/sd/sd.c
+index 1cc16bf..edd60a0 100644
+--- a/hw/sd/sd.c
 b/hw/sd/sd.c
+@@ -2105,12 +2105,12 @@ static void sd_realize(DeviceState *dev, Error **errp)
+ return;
+ }
+ 
+-if (sd->blk && blk_is_read_only(sd->blk)) {
+-error_setg(errp, "Cannot use read-only drive as SD card");
+-return;
+-}
+-
+ if (sd->blk) {
++if (blk_is_read_only(sd->blk)) {
++error_setg(errp, "Cannot use read-only drive as SD card");
++return;
++}
++
+ ret = blk_set_perm(sd->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
+BLK_PERM_ALL, errp);
+ if (ret < 0) {
+-- 
+1.8.3.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
new file mode 100644
index 00..53145d059f
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
@@ -0,0 +1,112 @@
+From a9bcedd15a5834ca9ae6c3a97933e85ac7edbd36 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= 
+Date: Tue, 7 Jul 2020 13:02:34 +0200
+Subject: [PATCH] hw/sd/sdcard: Do not allow invalid SD card sizes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+QEMU allows to create SD card with unrealistic sizes. This could
+work, but some guests (at least Linux) consider sizes that are not
+a power of 2 as a firmware bug and fix the card size to the next
+power of 2.
+
+While the possibility to use small SD card images has been seen as
+a feature, it became a bug with CVE-2020-13253, where the guest is
+able to do OOB read/write accesses past the image size end.
+
+In a pair of commits we will fix CVE-2020-13253 as:
+
+Read command is rejected if BLOCK_LEN_ERROR or ADDRESS_ERROR
+occurred and no data transfer is performed.
+
+Write command is rejected if BLOCK_LEN_ERROR or ADDRESS_ERROR
+occurred and no data transfer is performed.
+
+WP_VIOLATION errors are not modified: the error bit is set, we
+stay in 

[oe-core][dunfell][PATCH] qemu: backport fix for CVE-2020-13253

[Davide Gardenal]

Backport commits from the following MR:
https://git.qemu.org/?p=qemu.git;a=commit;h=3a9163af4e3dd61795a35d47b702e302f98f81d6

Two other commits have been backported in order to be able
to correctly apply the patches.

CVE: CVE-2020-13253

Signed-off-by: Davide Gardenal 
---
 meta/recipes-devtools/qemu/qemu.inc   |   4 +
 .../qemu/qemu/CVE-2020-13253_1.patch  |  50 +++
 .../qemu/qemu/CVE-2020-13253_2.patch  | 112 ++
 .../qemu/qemu/CVE-2020-13253_3.patch  |  86 +++
 .../qemu/qemu/CVE-2020-13253_4.patch  | 139 ++
 5 files changed, 391 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch
 create mode 100644 meta/recipes-devtools/qemu/qemu/CVE-2020-13253_4.patch

diff --git a/meta/recipes-devtools/qemu/qemu.inc 
b/meta/recipes-devtools/qemu/qemu.inc
index ef9bc3f64a..96a981e1a9 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -92,6 +92,10 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
file://CVE-2020-27617.patch \
file://CVE-2020-28916.patch \
file://CVE-2021-3682.patch \
+   file://CVE-2020-13253_1.patch \
+   file://CVE-2020-13253_2.patch \
+   file://CVE-2020-13253_3.patch \
+   file://CVE-2020-13253_4.patch \
"
 UPSTREAM_CHECK_REGEX = "qemu-(?P\d+(\.\d+)+)\.tar"
 
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
new file mode 100644
index 00..7f8383987c
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_1.patch
@@ -0,0 +1,50 @@
+From 6dd3a164f5b31c703c7d8372841ad3bd6a57de6d Mon Sep 17 00:00:00 2001
+From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= 
+Date: Tue, 5 Jun 2018 22:28:51 -0300
+Subject: [PATCH 1/1] hw/sd/sdcard: Simplify realize() a bit
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf8
+Content-Transfer-Encoding: 8bit
+
+We don't need to check if sd->blk is set twice.
+
+Reviewed-by: Peter Maydell 
+Signed-off-by: Philippe Mathieu-Daudé 
+Reviewed-by: Alistair Francis 
+Message-Id: <20200630133912.9428-18-f4...@amsat.org>
+
+Upstram-Status: Backport:
+https://git.qemu.org/?p=qemu.git;a=commit;f=hw/sd/sd.c;h=6dd3a164f5b31c703c7d8372841ad3bd6a57de6d
+
+CVE: CVE-2020-13253
+
+Signed-off-by: Davide Gardenal 
+---
+ hw/sd/sd.c | 10 +-
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/hw/sd/sd.c b/hw/sd/sd.c
+index 1cc16bf..edd60a0 100644
+--- a/hw/sd/sd.c
 b/hw/sd/sd.c
+@@ -2105,12 +2105,12 @@ static void sd_realize(DeviceState *dev, Error **errp)
+ return;
+ }
+ 
+-if (sd->blk && blk_is_read_only(sd->blk)) {
+-error_setg(errp, "Cannot use read-only drive as SD card");
+-return;
+-}
+-
+ if (sd->blk) {
++if (blk_is_read_only(sd->blk)) {
++error_setg(errp, "Cannot use read-only drive as SD card");
++return;
++}
++
+ ret = blk_set_perm(sd->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
+BLK_PERM_ALL, errp);
+ if (ret < 0) {
+-- 
+1.8.3.1
+
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch 
b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
new file mode 100644
index 00..53145d059f
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_2.patch
@@ -0,0 +1,112 @@
+From a9bcedd15a5834ca9ae6c3a97933e85ac7edbd36 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= 
+Date: Tue, 7 Jul 2020 13:02:34 +0200
+Subject: [PATCH] hw/sd/sdcard: Do not allow invalid SD card sizes
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+QEMU allows to create SD card with unrealistic sizes. This could
+work, but some guests (at least Linux) consider sizes that are not
+a power of 2 as a firmware bug and fix the card size to the next
+power of 2.
+
+While the possibility to use small SD card images has been seen as
+a feature, it became a bug with CVE-2020-13253, where the guest is
+able to do OOB read/write accesses past the image size end.
+
+In a pair of commits we will fix CVE-2020-13253 as:
+
+Read command is rejected if BLOCK_LEN_ERROR or ADDRESS_ERROR
+occurred and no data transfer is performed.
+
+Write command is rejected if BLOCK_LEN_ERROR or ADDRESS_ERROR
+occurred and no data transfer is performed.
+
+WP_VIOLATION errors are not modified: the error bit is set, we
+stay in receive-data state, wait for a stop command. All further
+data transfer is ignored. See the check on sd->card_status at the
+beginning of sd_read_data() and sd_write_data()

Re: [OE-core] [PATCH] re2c: backport of partial fix for CVE-2018-21232

[Davide Gardenal]

Thanks for the feedback and here is the v2 
https://lists.openembedded.org/g/openembedded-core/topic/patch_v2_re2c_backport_fix/89775826?p=,,,20,0,0,0::recentpostdate/sticky,,,20,2,0,89775826,previd=1647271289760596900,nextid=1647223382628434197=1647271289760596900=1647223382628434197

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163154): 
https://lists.openembedded.org/g/openembedded-core/message/163154
Mute This Topic: https://lists.openembedded.org/mt/89771178/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][PATCH v2] re2c: backport fix for CVE-2018-21232

[Davide Gardenal]

Backport commits from the following issue:
https://github.com/skvadrik/re2c/issues/219

CVE: CVE-2018-21232

Signed-off-by: Davide Gardenal 
---
 .../re2c/re2c/CVE-2018-21232-1.patch  | 347 ++
 .../re2c/re2c/CVE-2018-21232-2.patch  | 243 
 .../re2c/re2c/CVE-2018-21232-3.patch  | 156 
 .../re2c/re2c/CVE-2018-21232-4.patch  | 166 +
 meta/recipes-support/re2c/re2c_1.0.1.bb   |   6 +-
 5 files changed, 917 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-2.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-3.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-4.patch

diff --git a/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch 
b/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
new file mode 100644
index 00..b7dcaefad3
--- /dev/null
+++ b/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
@@ -0,0 +1,347 @@
+From fd634998f813340768c333cdad638498602856e5 Mon Sep 17 00:00:00 2001
+From: Ulya Trofimovich 
+Date: Tue, 21 Apr 2020 21:28:32 +0100
+Subject: [PATCH] Rewrite recursion into iteration (Tarjan's SCC algorithm and
+ YYFILL states).
+
+This is to avoid stack overflow on large RE (especially on instrumented
+builds that have larger stack frames, like AddressSanitizer).
+
+Stack overflow reported by Agostino Sarubbo.
+Related to #219 "overflow-1.re test fails on system with small stack".
+
+Upstram-Status: Backport:
+https://github.com/skvadrik/re2c/commit/fd634998f813340768c333cdad638498602856e5
+
+CVE: CVE-2018-21232
+
+Signed-off-by: Davide Gardenal 
+---
+diff --git a/src/dfa/fillpoints.cc b/src/dfa/fillpoints.cc
+--- a/src/dfa/fillpoints.cc(revision 
e58939b34bb4c37cd990f82dc286f21cb405743e)
 b/src/dfa/fillpoints.cc(date 1646929180243)
+@@ -5,151 +5,186 @@
+ 
+ #include "src/dfa/dfa.h"
+ 
+-namespace re2c
+-{
++
++/*
++ * note [finding strongly connected components of DFA]
++ *
++ * A slight modification of Tarjan's algorithm.
++ *
++ * The algorithm traverses the DFA in depth-first order. It maintains a stack
++ * of states that have already been visited but haven't been assigned to an 
SCC
++ * yet. For each state the algorithm calculates 'lowlink': index of the 
highest
++ * ancestor state reachable in one step from a descendant of this state.
++ * Lowlink is used to determine when a set of states should be popped off 
stack
++ * into a new SCC.
++ *
++ * We use lowlink to hold different kinds of information:
++ *   - values in range [0 .. stack size] mean that the state is on stack (a
++ * link to a state with the smallest index reachable from this one)
++ *   - SCC_UND means that this state has not been visited yet
++ *   - SCC_INF means that this state has already been popped off stack
++ *
++ * We use stack size (rather than topological sort index) as a unique index of
++ * the state on stack. This is safe because the indices of states on stack are
++ * unique and less than the indices of states that have been popped off stack
++ * (SCC_INF).
++ */
++
++namespace re2c {
++namespace {
+ 
+-static const size_t SCC_INF = std::numeric_limits::max();
+-static const size_t SCC_UND = SCC_INF - 1;
++static const size_t SCC_INF = std::numeric_limits::max();
++static const size_t SCC_UND = SCC_INF - 1;
+ 
+-static bool loopback(size_t node, size_t narcs, const size_t *arcs)
+-{
+-  for (size_t i = 0; i < narcs; ++i)
+-  {
+-  if (arcs[i] == node)
+-  {
+-  return true;
+-  }
+-  }
+-  return false;
+-}
++static bool loopback(size_t state, size_t narcs, const size_t *arcs)
++{
++for (size_t i = 0; i < narcs; ++i) {
++if (arcs[i] == state) return true;
++}
++return false;
++}
+ 
+-/*
+- * node [finding strongly connected components of DFA]
+- *
+- * A slight modification of Tarjan's algorithm.
+- *
+- * The algorithm walks graph in deep-first order. It maintains a stack
+- * of nodes that have already been visited but haven't been assigned to
+- * SCC yet. For each node the algorithm calculates 'lowlink': index of
+- * the highest ancestor node reachable in one step from a descendant of
+- * the node. Lowlink is used to determine when a set of nodes should be
+- * popped off the stack into a new SCC.
+- *
+- * We use lowlink to hold different kinds of information:
+- *   - values in range [0 .. stack size] mean that this node is on stack
+- * (link to a node with the smallest index reachable from this one)
+- *   - SCC_UND means that this node has not been visited yet
+- *   - SCC_INF means that this node has already been popped off stack
+- *
+- * We use stack size (rather than topological sort index) as unique index
+- * of a node on s

Re: [OE-core] [PATCH] re2c: backport of partial fix for CVE-2018-21232

[Davide Gardenal]

The official CVE description ( https://nvd.nist.gov/vuln/detail/CVE-2018-21232 
) only highlights a stack consumption in "find_fixed_tags" (and this is 
actually fixed and is one of the included patches) but as stated in the github 
issue ( https://github.com/skvadrik/re2c/issues/219 that is still open) there 
are also other recursion with the same problem and not all have been fixed by 
upstream. So we could say the CVE is "officially" fixed.
Tell me if I can remove the "partially" and add the CVE in the description, 
thanks.

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163149): 
https://lists.openembedded.org/g/openembedded-core/message/163149
Mute This Topic: https://lists.openembedded.org/mt/89771178/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [OE-core] [PATCH] re2c: backport of partial fix for CVE-2018-21232

[Davide Gardenal]

Yes it is, sorry I forgot to mention that.

Davide

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#163140): 
https://lists.openembedded.org/g/openembedded-core/message/163140
Mute This Topic: https://lists.openembedded.org/mt/89771178/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[oe-core][PATCH] re2c: backport of partial fix for CVE-2018-21232

[Davide Gardenal]

Backport commits from the following issue (assigned CVE-2018-21232):
https://github.com/skvadrik/re2c/issues/219

Signed-off-by: Davide Gardenal 
---
 .../re2c/re2c/CVE-2018-21232-1.patch  | 345 ++
 .../re2c/re2c/CVE-2018-21232-2.patch  | 241 
 .../re2c/re2c/CVE-2018-21232-3.patch  | 154 
 .../re2c/re2c/CVE-2018-21232-4.patch  | 164 +
 meta/recipes-support/re2c/re2c_1.0.1.bb   |   6 +-
 5 files changed, 909 insertions(+), 1 deletion(-)
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-2.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-3.patch
 create mode 100644 meta/recipes-support/re2c/re2c/CVE-2018-21232-4.patch

diff --git a/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch 
b/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
new file mode 100644
index 00..f9cdfb9c96
--- /dev/null
+++ b/meta/recipes-support/re2c/re2c/CVE-2018-21232-1.patch
@@ -0,0 +1,345 @@
+From fd634998f813340768c333cdad638498602856e5 Mon Sep 17 00:00:00 2001
+From: Ulya Trofimovich 
+Date: Tue, 21 Apr 2020 21:28:32 +0100
+Subject: [PATCH] Rewrite recursion into iteration (Tarjan's SCC algorithm and
+ YYFILL states).
+
+This is to avoid stack overflow on large RE (especially on instrumented
+builds that have larger stack frames, like AddressSanitizer).
+
+Stack overflow reported by Agostino Sarubbo.
+Related to #219 "overflow-1.re test fails on system with small stack".
+
+Upstram-Status: Backport:
+https://github.com/skvadrik/re2c/commit/fd634998f813340768c333cdad638498602856e5
+
+Signed-off-by: Davide Gardenal 
+---
+diff --git a/src/dfa/fillpoints.cc b/src/dfa/fillpoints.cc
+--- a/src/dfa/fillpoints.cc(revision 
e58939b34bb4c37cd990f82dc286f21cb405743e)
 b/src/dfa/fillpoints.cc(date 1646929180243)
+@@ -5,151 +5,186 @@
+ 
+ #include "src/dfa/dfa.h"
+ 
+-namespace re2c
+-{
++
++/*
++ * note [finding strongly connected components of DFA]
++ *
++ * A slight modification of Tarjan's algorithm.
++ *
++ * The algorithm traverses the DFA in depth-first order. It maintains a stack
++ * of states that have already been visited but haven't been assigned to an 
SCC
++ * yet. For each state the algorithm calculates 'lowlink': index of the 
highest
++ * ancestor state reachable in one step from a descendant of this state.
++ * Lowlink is used to determine when a set of states should be popped off 
stack
++ * into a new SCC.
++ *
++ * We use lowlink to hold different kinds of information:
++ *   - values in range [0 .. stack size] mean that the state is on stack (a
++ * link to a state with the smallest index reachable from this one)
++ *   - SCC_UND means that this state has not been visited yet
++ *   - SCC_INF means that this state has already been popped off stack
++ *
++ * We use stack size (rather than topological sort index) as a unique index of
++ * the state on stack. This is safe because the indices of states on stack are
++ * unique and less than the indices of states that have been popped off stack
++ * (SCC_INF).
++ */
++
++namespace re2c {
++namespace {
+ 
+-static const size_t SCC_INF = std::numeric_limits::max();
+-static const size_t SCC_UND = SCC_INF - 1;
++static const size_t SCC_INF = std::numeric_limits::max();
++static const size_t SCC_UND = SCC_INF - 1;
+ 
+-static bool loopback(size_t node, size_t narcs, const size_t *arcs)
+-{
+-  for (size_t i = 0; i < narcs; ++i)
+-  {
+-  if (arcs[i] == node)
+-  {
+-  return true;
+-  }
+-  }
+-  return false;
+-}
++static bool loopback(size_t state, size_t narcs, const size_t *arcs)
++{
++for (size_t i = 0; i < narcs; ++i) {
++if (arcs[i] == state) return true;
++}
++return false;
++}
+ 
+-/*
+- * node [finding strongly connected components of DFA]
+- *
+- * A slight modification of Tarjan's algorithm.
+- *
+- * The algorithm walks graph in deep-first order. It maintains a stack
+- * of nodes that have already been visited but haven't been assigned to
+- * SCC yet. For each node the algorithm calculates 'lowlink': index of
+- * the highest ancestor node reachable in one step from a descendant of
+- * the node. Lowlink is used to determine when a set of nodes should be
+- * popped off the stack into a new SCC.
+- *
+- * We use lowlink to hold different kinds of information:
+- *   - values in range [0 .. stack size] mean that this node is on stack
+- * (link to a node with the smallest index reachable from this one)
+- *   - SCC_UND means that this node has not been visited yet
+- *   - SCC_INF means that this node has already been popped off stack
+- *
+- * We use stack size (rather than topological sort index) as unique index
+- * of a node on stack. This is saf