From patchwork Wed Nov 8 22:53:00 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34106 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7DF1FC4167D for ; Wed, 8 Nov 2023 22:53:20 +0000 (UTC) Received: from mail-oi1-f176.google.com (mail-oi1-f176.google.com [209.85.167.176]) by mx.groups.io with SMTP id smtpd.web10.107053.1699483996556668246 for ; Wed, 08 Nov 2023 14:53:17 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=R1BdgWlM; spf=softfail (domain: sakoman.com, ip: 209.85.167.176, mailfrom: steve@sakoman.com) Received: by mail-oi1-f176.google.com with SMTP id 5614622812f47-3b4145e887bso119410b6e.3 for ; Wed, 08 Nov 2023 14:53:16 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699483995; x=1700088795; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=ZjFKiZfBlr95DFMLTP6eU+224JUS7PJwmDsZ1FYbtlE=; b=R1BdgWlMUQ8NAiA2kGN1dNXUNr9qGXWSLzyTrrHuypy4aX+ON5UIAW/LcyCjLPZSgs E6cdzXcKn614I9lHtDyQBSOcaLrqzZf7Nk4dJ6gQ7BCe7r3K7HdyIrQ0r5JKUGiqKwna S80n9fyXfo1B+NHlY5sjOeBwMd63NrfDK3FBae7rU+v72G4VJtpeI+KYLsOePlE466Vm ArvWRCmlSA6OgRk48mznDbr1aPowhK1q923hkwseUNCtCh20o5CeXHpAEWgtSYTikjID 9o/UEAapH+CMQHo1B9OvVlJ5Nc0oi9GPkHy2IDczJEsKABej0KsWpLTT3eEPBRZxLAHd Aq9Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699483995; x=1700088795; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZjFKiZfBlr95DFMLTP6eU+224JUS7PJwmDsZ1FYbtlE=; b=DNhQ5NxkNrS0p00yFW1W3j/JcATEGrg9Yun3K6bb/BSfHRXjHpfOhk9p1ey5tiZm2h f9V3jwB+w8jcwxyr4faxphiUwn39+l9+WgT5v5Rg8Zczxl1I46AdLtEDeIA7oCyWdwJx WcTANoOp4gD1BQ0CikPn4IDfOAIhRazpHFNWDcPcveefVuXfloCIyMTKIyxTzrrIbM+W +zWjJsIP/xkETN3VTcpxZVPcU76izuG2PX0HfSrm4BJkvUggV3Ej+dqYIF2j+aQAuxkI WVCQXGiMAPEbuCFXQ4f80BaM3bL5Da8JFgHdQt8CZ93qKbZrVqf29yMQy1gA96L0sgxv vpuw== X-Gm-Message-State: AOJu0Yx+PPE1rv7O068AUmjuxCjUrNMZygo2kOEj6t9JEI6znMbMSrhJ Tzfwa3XxL5lRI7YomEK2d6i4lj4UTF6arwN5blZv9Q== X-Google-Smtp-Source: AGHT+IFjKKDwbp0n/T/HQtQrbaiJnvDHodO/5HlHDaDLhSqOFSS6XNFjG1WUHuWE41vVyglEs8KJvA== X-Received: by 2002:a05:6808:2110:b0:3ae:511e:179e with SMTP id r16-20020a056808211000b003ae511e179emr4417523oiw.54.1699483994981; Wed, 08 Nov 2023 14:53:14 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:14 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 1/7] binutils: Fix CVE-2022-47010 Date: Wed, 8 Nov 2023 12:53:00 -1000 Message-Id: <3fd5701a861aa263ad1d912bfd44d4d5826d11a1.1699483825.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190359 From: Sanjana Signed-off-by: Sanjana Signed-off-by: Steve Sakoman --- .../binutils/binutils-2.38.inc | 1 + .../binutils/0032-CVE-2022-47010.patch | 38 +++++++++++++++++++ 2 files changed, 39 insertions(+) create mode 100644 meta/recipes-devtools/binutils/binutils/0032-CVE-2022-47010.patch diff --git a/meta/recipes-devtools/binutils/binutils-2.38.inc b/meta/recipes-devtools/binutils/binutils-2.38.inc index 60a0c04412..43cc97f1ef 100644 --- a/meta/recipes-devtools/binutils/binutils-2.38.inc +++ b/meta/recipes-devtools/binutils/binutils-2.38.inc @@ -66,5 +66,6 @@ SRC_URI = "\ file://0031-CVE-2022-45703-2.patch \ file://0031-CVE-2022-47695.patch \ file://CVE-2022-48063.patch \ + file://0032-CVE-2022-47010.patch \ " S = "${WORKDIR}/git" diff --git a/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-47010.patch b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-47010.patch new file mode 100644 index 0000000000..9648033e67 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0032-CVE-2022-47010.patch @@ -0,0 +1,38 @@ +From: Alan Modra +Date: Mon, 20 Jun 2022 01:09:31 +0000 (+0930) +Subject: PR29262, memory leak in pr_function_type +X-Git-Tag: binutils-2_39~224 +X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0d02e70b197c786f26175b9a73f94e01d14abdab + +PR29262, memory leak in pr_function_type + + PR 29262 + * prdbg.c (pr_function_type): Free "s" on failure path. + +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0d02e70b197c786f26175b9a73f94e01d14abdab] + +CVE: CVE-2022-47010 + +Signed-off-by: Sanjana Venkatesh + +--- + +diff --git a/binutils/prdbg.c b/binutils/prdbg.c +index c1e41628d26..bb42a5b6c2d 100644 +--- a/binutils/prdbg.c ++++ b/binutils/prdbg.c +@@ -742,12 +742,9 @@ pr_function_type (void *p, int argcount, bool varargs) + + strcat (s, ")"); + +- if (! substitute_type (info, s)) +- return false; +- ++ bool ret = substitute_type (info, s); + free (s); +- +- return true; ++ return ret; + } + + /* Turn the top type on the stack into a reference to that type. */ From patchwork Wed Nov 8 22:53:01 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34105 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 62936C4332F for ; Wed, 8 Nov 2023 22:53:20 +0000 (UTC) Received: from mail-pf1-f171.google.com (mail-pf1-f171.google.com [209.85.210.171]) by mx.groups.io with SMTP id smtpd.web11.107109.1699483998264586119 for ; Wed, 08 Nov 2023 14:53:18 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=GHqIw3Qu; spf=softfail (domain: sakoman.com, ip: 209.85.210.171, mailfrom: steve@sakoman.com) Received: by mail-pf1-f171.google.com with SMTP id d2e1a72fcca58-6bee11456baso190488b3a.1 for ; Wed, 08 Nov 2023 14:53:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699483997; x=1700088797; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=maTHmA7MEQ9MrKFesHVNLOmsFw+v+FWMbVK0yd7uVBc=; b=GHqIw3QuAErYPzNOS/5IlWY6FuwU3+px/5ymxeb2b5wLaw/GApE7RHgisv37dZBTOI lpT04xKhhmQ37VeFqHTFzFpEiMVuMiXZhYNLk0BtRSGtpR8BOQB7To1oTNnRjSfGUy1X G0aFCF6wi9OiL0c05GhV4uWlgWnjBSSGx1uCjVSIqB+ydWcGWFQQXXCdIoQAjTTLzU5j fffs31RAMntNcygydBgoApwBipXIZtHrqOQIVm0ccdU6tyXdTeh7Jgxt3VPvaYu2f7BB lVNQcp1XVzMdiqrMRMCH4YshbMXVPYt/fOw6Hxcb73N+S6dlqFz3rfwaN36ZhcSesTrx T+lw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699483997; x=1700088797; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=maTHmA7MEQ9MrKFesHVNLOmsFw+v+FWMbVK0yd7uVBc=; b=F59UtJkeI+s6iYCiFFaE/+2LORC1c9j9rpuWs5bZyX4/KbiJEc1MJTa0GLDApofbG1 SyAI8rVz5c9V0ncQsciMX+L8pGKNscEXoJpTg5P8Gct2qVNUWnaMtjcDOlWZLSjPQLUF jMV06dUJnLSgI8HQsJENhodOaTKEAtpsYxKqh4HQepfH3TQMacc6FXOO45G5WeNESYwN HpIevZpph28+FEZz9OzH6HDRfNntgxHo6F5hoI+BjshUobSMYnQoxYKWhzfdDJesVret KoVZ0wALGH9Za7T+GQw9ylBLX1N+f/HWNcbZCoYYTM9p6F2zVfHzsl471XIZiXQxsdfF ykaQ== X-Gm-Message-State: AOJu0Yz7jXs8VOMXZWVTRhCgy3BSMs652t8PP57+XETPHA9rpHAOGkEG +eL/W0ptp5JNXcDJpEqVKZNhgYRfcUPgHT2gk5Yxjw== X-Google-Smtp-Source: AGHT+IFYOEpCaaorkfpl/MCosqACrnMTsYY/MN2Nx5m1aTLA/lpZP914zTEPhhPwwvsKZwyFhW9hLg== X-Received: by 2002:a05:6a00:1707:b0:68e:2d59:b1f3 with SMTP id h7-20020a056a00170700b0068e2d59b1f3mr3330357pfc.13.1699483996839; Wed, 08 Nov 2023 14:53:16 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.15 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:16 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 2/7] libwebp: Fix CVE-2023-4863 Date: Wed, 8 Nov 2023 12:53:01 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:20 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190360 From: Soumya Sambu Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. Removed CVE-2023-5129.patch as CVE-2023-5129 is duplicate of CVE-2023-4863. CVE: CVE-2023-4863 References: https://nvd.nist.gov/vuln/detail/CVE-2023-4863 https://security-tracker.debian.org/tracker/CVE-2023-4863 https://bugzilla.redhat.com/show_bug.cgi?id=2238431#c12 Signed-off-by: Soumya Sambu Signed-off-by: Steve Sakoman --- ...23-5129.patch => CVE-2023-4863-0001.patch} | 20 +++---- .../webp/files/CVE-2023-4863-0002.patch | 53 +++++++++++++++++++ meta/recipes-multimedia/webp/libwebp_1.2.4.bb | 3 +- 3 files changed, 66 insertions(+), 10 deletions(-) rename meta/recipes-multimedia/webp/files/{CVE-2023-5129.patch => CVE-2023-4863-0001.patch} (97%) create mode 100644 meta/recipes-multimedia/webp/files/CVE-2023-4863-0002.patch diff --git a/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch b/meta/recipes-multimedia/webp/files/CVE-2023-4863-0001.patch similarity index 97% rename from meta/recipes-multimedia/webp/files/CVE-2023-5129.patch rename to meta/recipes-multimedia/webp/files/CVE-2023-4863-0001.patch index 356806ad87..e623569352 100644 --- a/meta/recipes-multimedia/webp/files/CVE-2023-5129.patch +++ b/meta/recipes-multimedia/webp/files/CVE-2023-4863-0001.patch @@ -1,7 +1,7 @@ -From 383b8b4eb6780d855e8a8177fbce96ab39dba6a5 Mon Sep 17 00:00:00 2001 +From 902bc9190331343b2017211debcec8d2ab87e17a Mon Sep 17 00:00:00 2001 From: Vincent Rabaud Date: Thu, 7 Sep 2023 21:16:03 +0200 -Subject: [PATCH 1/1] Fix OOB write in BuildHuffmanTable. +Subject: [PATCH 1/2] Fix OOB write in BuildHuffmanTable. First, BuildHuffmanTable is called to check if the data is valid. If it is and the table is not big enough, more memory is allocated. @@ -12,9 +12,11 @@ codes) streams are still decodable. Bug: chromium:1479274 Change-Id: I31c36dbf3aa78d35ecf38706b50464fd3d375741 -CVE: CVE-2023-5129 +CVE: CVE-2023-4863 + Upstream-Status: Backport [https://github.com/webmproject/libwebp/commit/902bc9190331343b2017211debcec8d2ab87e17a] -Signed-off-by: Colin McAllister + +Signed-off-by: Soumya Sambu --- src/dec/vp8l_dec.c | 46 ++++++++++--------- src/dec/vp8li_dec.h | 2 +- @@ -23,7 +25,7 @@ Signed-off-by: Colin McAllister 4 files changed, 129 insertions(+), 43 deletions(-) diff --git a/src/dec/vp8l_dec.c b/src/dec/vp8l_dec.c -index 13480551..186b0b2f 100644 +index 1348055..186b0b2 100644 --- a/src/dec/vp8l_dec.c +++ b/src/dec/vp8l_dec.c @@ -253,11 +253,11 @@ static int ReadHuffmanCodeLengths( @@ -171,7 +173,7 @@ index 13480551..186b0b2f 100644 assert(dec->hdr_.num_htree_groups_ > 0); diff --git a/src/dec/vp8li_dec.h b/src/dec/vp8li_dec.h -index 72b2e861..32540a4b 100644 +index 72b2e86..32540a4 100644 --- a/src/dec/vp8li_dec.h +++ b/src/dec/vp8li_dec.h @@ -51,7 +51,7 @@ typedef struct { @@ -184,7 +186,7 @@ index 72b2e861..32540a4b 100644 typedef struct VP8LDecoder VP8LDecoder; diff --git a/src/utils/huffman_utils.c b/src/utils/huffman_utils.c -index 0cba0fbb..9efd6283 100644 +index 0cba0fb..9efd628 100644 --- a/src/utils/huffman_utils.c +++ b/src/utils/huffman_utils.c @@ -177,21 +177,24 @@ static int BuildHuffmanTable(HuffmanCode* const root_table, int root_bits, @@ -315,7 +317,7 @@ index 0cba0fbb..9efd6283 100644 + } +} diff --git a/src/utils/huffman_utils.h b/src/utils/huffman_utils.h -index 13b7ad1a..98415c53 100644 +index 13b7ad1..98415c5 100644 --- a/src/utils/huffman_utils.h +++ b/src/utils/huffman_utils.h @@ -43,6 +43,29 @@ typedef struct { @@ -360,5 +362,5 @@ index 13b7ad1a..98415c53 100644 #ifdef __cplusplus -- -2.34.1 +2.40.0 diff --git a/meta/recipes-multimedia/webp/files/CVE-2023-4863-0002.patch b/meta/recipes-multimedia/webp/files/CVE-2023-4863-0002.patch new file mode 100644 index 0000000000..231894e882 --- /dev/null +++ b/meta/recipes-multimedia/webp/files/CVE-2023-4863-0002.patch @@ -0,0 +1,53 @@ +From 95ea5226c870449522240ccff26f0b006037c520 Mon Sep 17 00:00:00 2001 +From: Vincent Rabaud +Date: Mon, 11 Sep 2023 16:06:08 +0200 +Subject: [PATCH 2/2] Fix invalid incremental decoding check. + +The first condition is only necessary if we have not read enough +(enough being defined by src_last, not src_end which is the end +of the image). +The second condition now fits the comment below: "if not +incremental, and we are past the end of buffer". + +BUG=oss-fuzz:62136 + +Change-Id: I0700f67c62db8e1c02c2e429a069a71e606a5e4f + +CVE: CVE-2023-4863 + +Upstream-Status: Backport [https://github.com/webmproject/libwebp/commit/95ea5226c870449522240ccff26f0b006037c520] + +Signed-off-by: Soumya Sambu +--- + src/dec/vp8l_dec.c | 15 +++++++++++++-- + 1 file changed, 13 insertions(+), 2 deletions(-) + +diff --git a/src/dec/vp8l_dec.c b/src/dec/vp8l_dec.c +index 186b0b2..59a9e64 100644 +--- a/src/dec/vp8l_dec.c ++++ b/src/dec/vp8l_dec.c +@@ -1241,9 +1241,20 @@ static int DecodeImageData(VP8LDecoder* const dec, uint32_t* const data, + } + + br->eos_ = VP8LIsEndOfStream(br); +- if (dec->incremental_ && br->eos_ && src < src_end) { ++ // In incremental decoding: ++ // br->eos_ && src < src_last: if 'br' reached the end of the buffer and ++ // 'src_last' has not been reached yet, there is not enough data. 'dec' has to ++ // be reset until there is more data. ++ // !br->eos_ && src < src_last: this cannot happen as either the buffer is ++ // fully read, either enough has been read to reach 'src_last'. ++ // src >= src_last: 'src_last' is reached, all is fine. 'src' can actually go ++ // beyond 'src_last' in case the image is cropped and an LZ77 goes further. ++ // The buffer might have been enough or there is some left. 'br->eos_' does ++ // not matter. ++ assert(!dec->incremental_ || (br->eos_ && src < src_last) || src >= src_last); ++ if (dec->incremental_ && br->eos_ && src < src_last) { + RestoreState(dec); +- } else if (!br->eos_) { ++ } else if ((dec->incremental_ && src >= src_last) || !br->eos_) { + // Process the remaining rows corresponding to last row-block. + if (process_func != NULL) { + process_func(dec, row > last_row ? last_row : row); +-- +2.40.0 diff --git a/meta/recipes-multimedia/webp/libwebp_1.2.4.bb b/meta/recipes-multimedia/webp/libwebp_1.2.4.bb index 4defdd5e42..a6cdc0c510 100644 --- a/meta/recipes-multimedia/webp/libwebp_1.2.4.bb +++ b/meta/recipes-multimedia/webp/libwebp_1.2.4.bb @@ -15,7 +15,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=6e8dee932c26f2dab503abf70c96d8bb \ SRC_URI = "http://downloads.webmproject.org/releases/webp/${BP}.tar.gz \ file://CVE-2023-1999.patch \ - file://CVE-2023-5129.patch \ + file://CVE-2023-4863-0001.patch \ + file://CVE-2023-4863-0002.patch \ " SRC_URI[sha256sum] = "7bf5a8a28cc69bcfa8cb214f2c3095703c6b73ac5fba4d5480c205331d9494df" From patchwork Wed Nov 8 22:53:02 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34108 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7A970C4167D for ; Wed, 8 Nov 2023 22:53:30 +0000 (UTC) Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web10.107063.1699484000337398393 for ; Wed, 08 Nov 2023 14:53:20 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=VcOU3JYT; spf=softfail (domain: sakoman.com, ip: 209.85.210.181, mailfrom: steve@sakoman.com) Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6bd73395bceso203677b3a.0 for ; Wed, 08 Nov 2023 14:53:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699483999; x=1700088799; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=JCAGLWNebGmpwzCbzU32fS/l0qlQQFSzqyJjWHg+j14=; b=VcOU3JYTwfuK4dxcealSwPaPdl41uyiiUabLsOMGn/4qBxDJz/SZRSXIyO3PdG8s7A zWmKueyAQ2fc4xQIoql9I6lC7VgZOY2pAsSEUp0Vnt7YBaFKUKnVXDGIKDVPV3hMVjfW ZBz+tlIizwEMmPsXkJHrcHQF6BgSHv34+cLbYPHvxpec7X87hQm5MA7srjBFkVjqX6CK Cvll2JijPLW/QNHvx1UWUvQHZBltwRPujYhP6TO7IvGXTzyfueC0K1QA8+Aph5WUIlom QKuszFdQxaQ30BEEJxPVynK3WJ3qWvCR8O9EwFeOjTb0SKeIOeH7vDwYT++6+8qoqTKM WpXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699483999; x=1700088799; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=JCAGLWNebGmpwzCbzU32fS/l0qlQQFSzqyJjWHg+j14=; b=thSonAsed9Ho4bnXzyGdtSiuUGQWfv2EmB64gahladKB8xWcr6EMK325vuDmtoXNSp q73kzT51qOC7tTThXzmcCsBS9mbLNIJ/jsH1LBVBWvLxYeEll5PZHFXGRTwNlxljywat llo0vCB97d8Jpj3nj77zoLa5LWFArVUwzQ1Dugp5WZyGY1iWyDiU5FcZHrkB7YwDSyU0 ROx40XulBgzjwyMvB5gNPiHPhzoJMsRLA3e7KvvRi5aLabhTbJaVT1mo9joLXkn2tmrS UK9xwLpVAIuADFeLXmbZuB/8ZHmBlCRP3sHX7hy5VhRwAmwesRHwAfkFnu0rr6RnGg2z gz8A== X-Gm-Message-State: AOJu0Yyob1lAvX0kUNXEBdmVDyXUckjQhXypkzGSNwC54ghTUTH9hqIi jHUpi9RC8r5CNsvH5VDUNdkZaMZa2MZRHb17n0TNsQ== X-Google-Smtp-Source: AGHT+IGUsuInJZ99yXYmMrY2BINN/ra1H4bFw+6fZeTXXsrUX90Tt6uOL5YiWcNNjeOqbSzrWXA9ag== X-Received: by 2002:a05:6a00:890f:b0:691:27b:15b4 with SMTP id hw15-20020a056a00890f00b00691027b15b4mr4077780pfb.5.1699483998803; Wed, 08 Nov 2023 14:53:18 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.17 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:18 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 3/7] xserver-xorg: Fix for CVE-2023-5367 and CVE-2023-5380 Date: Wed, 8 Nov 2023 12:53:02 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190361 From: Vijay Anusuri Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/541ab2ecd41d4d8689e71855d93e492bc554719a & https://gitlab.freedesktop.org/xorg/xserver/-/commit/564ccf2ce9616620456102727acb8b0256b7bbd7] Signed-off-by: Vijay Anusuri Signed-off-by: Steve Sakoman --- .../xserver-xorg/CVE-2023-5367.patch | 84 +++++++++++++++ .../xserver-xorg/CVE-2023-5380.patch | 102 ++++++++++++++++++ .../xorg-xserver/xserver-xorg_21.1.8.bb | 2 + 3 files changed, 188 insertions(+) create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5367.patch create mode 100644 meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5380.patch diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5367.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5367.patch new file mode 100644 index 0000000000..508588481e --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5367.patch @@ -0,0 +1,84 @@ +From 541ab2ecd41d4d8689e71855d93e492bc554719a Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Tue, 3 Oct 2023 11:53:05 +1000 +Subject: [PATCH] Xi/randr: fix handling of PropModeAppend/Prepend + +The handling of appending/prepending properties was incorrect, with at +least two bugs: the property length was set to the length of the new +part only, i.e. appending or prepending N elements to a property with P +existing elements always resulted in the property having N elements +instead of N + P. + +Second, when pre-pending a value to a property, the offset for the old +values was incorrect, leaving the new property with potentially +uninitalized values and/or resulting in OOB memory writes. +For example, prepending a 3 element value to a 5 element property would +result in this 8 value array: + [N, N, N, ?, ?, P, P, P ] P, P + ^OOB write + +The XI2 code is a copy/paste of the RandR code, so the bug exists in +both. + +CVE-2023-5367, ZDI-CAN-22153 + +This vulnerability was discovered by: +Jan-Niklas Sohn working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/541ab2ecd41d4d8689e71855d93e492bc554719a] +CVE: CVE-2023-5367 +Signed-off-by: Vijay Anusuri +--- + Xi/xiproperty.c | 4 ++-- + randr/rrproperty.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/Xi/xiproperty.c b/Xi/xiproperty.c +index 066ba21fba..d315f04d0e 100644 +--- a/Xi/xiproperty.c ++++ b/Xi/xiproperty.c +@@ -730,7 +730,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + XIDestroyDeviceProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -747,7 +747,7 @@ XIChangeDeviceProperty(DeviceIntPtr dev, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +diff --git a/randr/rrproperty.c b/randr/rrproperty.c +index c2fb9585c6..25469f57b2 100644 +--- a/randr/rrproperty.c ++++ b/randr/rrproperty.c +@@ -209,7 +209,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + RRDestroyOutputProperty(prop); + return BadAlloc; + } +- new_value.size = len; ++ new_value.size = total_len; + new_value.type = type; + new_value.format = format; + +@@ -226,7 +226,7 @@ RRChangeOutputProperty(RROutputPtr output, Atom property, Atom type, + case PropModePrepend: + new_data = new_value.data; + old_data = (void *) (((char *) new_value.data) + +- (prop_value->size * size_in_bytes)); ++ (len * size_in_bytes)); + break; + } + if (new_data) +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5380.patch b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5380.patch new file mode 100644 index 0000000000..57e2a5abdf --- /dev/null +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg/CVE-2023-5380.patch @@ -0,0 +1,102 @@ +From 564ccf2ce9616620456102727acb8b0256b7bbd7 Mon Sep 17 00:00:00 2001 +From: Peter Hutterer +Date: Thu, 5 Oct 2023 12:19:45 +1000 +Subject: [PATCH] mi: reset the PointerWindows reference on screen switch + +PointerWindows[] keeps a reference to the last window our sprite +entered - changes are usually handled by CheckMotion(). + +If we switch between screens via XWarpPointer our +dev->spriteInfo->sprite->win is set to the new screen's root window. +If there's another window at the cursor location CheckMotion() will +trigger the right enter/leave events later. If there is not, it skips +that process and we never trigger LeaveWindow() - PointerWindows[] for +the device still refers to the previous window. + +If that window is destroyed we have a dangling reference that will +eventually cause a use-after-free bug when checking the window hierarchy +later. + +To trigger this, we require: +- two protocol screens +- XWarpPointer to the other screen's root window +- XDestroyWindow before entering any other window + +This is a niche bug so we hack around it by making sure we reset the +PointerWindows[] entry so we cannot have a dangling pointer. This +doesn't handle Enter/Leave events correctly but the previous code didn't +either. + +CVE-2023-5380, ZDI-CAN-21608 + +This vulnerability was discovered by: +Sri working with Trend Micro Zero Day Initiative + +Signed-off-by: Peter Hutterer +Reviewed-by: Adam Jackson + +Upstream-Status: Backport [https://gitlab.freedesktop.org/xorg/xserver/-/commit/564ccf2ce9616620456102727acb8b0256b7bbd7] +CVE: CVE-2023-5380 +Signed-off-by: Vijay Anusuri +--- + dix/enterleave.h | 2 -- + include/eventstr.h | 3 +++ + mi/mipointer.c | 17 +++++++++++++++-- + 3 files changed, 18 insertions(+), 4 deletions(-) + +diff --git a/dix/enterleave.h b/dix/enterleave.h +index 4b833d8a3b..e8af924c68 100644 +--- a/dix/enterleave.h ++++ b/dix/enterleave.h +@@ -58,8 +58,6 @@ extern void DeviceFocusEvent(DeviceIntPtr dev, + + extern void EnterWindow(DeviceIntPtr dev, WindowPtr win, int mode); + +-extern void LeaveWindow(DeviceIntPtr dev); +- + extern void CoreFocusEvent(DeviceIntPtr kbd, + int type, int mode, int detail, WindowPtr pWin); + +diff --git a/include/eventstr.h b/include/eventstr.h +index 93308f9b24..a9926eaeef 100644 +--- a/include/eventstr.h ++++ b/include/eventstr.h +@@ -335,4 +335,7 @@ union _InternalEvent { + GestureEvent gesture_event; + }; + ++extern void ++LeaveWindow(DeviceIntPtr dev); ++ + #endif +diff --git a/mi/mipointer.c b/mi/mipointer.c +index a638f25d4a..8cf0035140 100644 +--- a/mi/mipointer.c ++++ b/mi/mipointer.c +@@ -397,8 +397,21 @@ miPointerWarpCursor(DeviceIntPtr pDev, ScreenPtr pScreen, int x, int y) + #ifdef PANORAMIX + && noPanoramiXExtension + #endif +- ) +- UpdateSpriteForScreen(pDev, pScreen); ++ ) { ++ DeviceIntPtr master = GetMaster(pDev, MASTER_POINTER); ++ /* Hack for CVE-2023-5380: if we're moving ++ * screens PointerWindows[] keeps referring to the ++ * old window. If that gets destroyed we have a UAF ++ * bug later. Only happens when jumping from a window ++ * to the root window on the other screen. ++ * Enter/Leave events are incorrect for that case but ++ * too niche to fix. ++ */ ++ LeaveWindow(pDev); ++ if (master) ++ LeaveWindow(master); ++ UpdateSpriteForScreen(pDev, pScreen); ++ } + } + + /** +-- +GitLab + diff --git a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb index 19db7ea434..63932b4e79 100644 --- a/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb +++ b/meta/recipes-graphics/xorg-xserver/xserver-xorg_21.1.8.bb @@ -2,6 +2,8 @@ require xserver-xorg.inc SRC_URI += "file://0001-xf86pciBus.c-use-Intel-ddx-only-for-pre-gen4-hardwar.patch \ file://0001-Avoid-duplicate-definitions-of-IOPortBase.patch \ + file://CVE-2023-5367.patch \ + file://CVE-2023-5380.patch \ " SRC_URI[sha256sum] = "38aadb735650c8024ee25211c190bf8aad844c5f59632761ab1ef4c4d5aeb152" From patchwork Wed Nov 8 22:53:03 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34110 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 9888CC0018C for ; Wed, 8 Nov 2023 22:53:30 +0000 (UTC) Received: from mail-pg1-f174.google.com (mail-pg1-f174.google.com [209.85.215.174]) by mx.groups.io with SMTP id smtpd.web11.107111.1699484001903364646 for ; Wed, 08 Nov 2023 14:53:21 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=B8Z/XtAP; spf=softfail (domain: sakoman.com, ip: 209.85.215.174, mailfrom: steve@sakoman.com) Received: by mail-pg1-f174.google.com with SMTP id 41be03b00d2f7-565334377d0so174954a12.2 for ; Wed, 08 Nov 2023 14:53:21 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699484000; x=1700088800; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=Z0v6XyoOheDwqe6so5zFf6HdKGvFAiBekg8DF3w3an8=; b=B8Z/XtAP9Vij7MwVPKm22fLPUTiSLX+9ZMNXmYMwUtg3Mm8Wigkj/eWVZz+QywUFg4 ZtuTRVvx/e/HPGt+8tKQjKOybBE+nlamreSuL5BDVByw7Fjb54mnFv0Q3sM4Lq9F8epT 6iiNQ4Ts70mXTxF0avjw8ciMzgChJ5XF9WlBDw97nKFiZmqkwx6QLCx1aFgVVK+vcC2j 56VhLiNMKjl15UnJHRvRhS/G/HPY2Vk1iHK9CWy4TCYOl07/Vt2D5mmgE7BeVW1xkK5s U0boRMNwxr35qmQxEXvBPNUhPcrGq6Ydu9XDZgnrrDkcryoOMvIUihgtyo3NqHfSvcJd vxrg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699484000; x=1700088800; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Z0v6XyoOheDwqe6so5zFf6HdKGvFAiBekg8DF3w3an8=; b=fRVk3KnxPyvNwNrEUxxtu0MKkBI6PTeNPwq/x/HP8WIZzdNJcEfnA3UJybURnAw0sP l2spTWOK/txi8Abq6X7IlkOECMIbSwgUHM/NjIQz4q/BIzrVF+IedRJXGLGrSWeGj09t otBqFNf7siC2WzRYCywpHXH5uC+LLKtPSrAAEnACXzQ5gddIC9QrxGyDDuSPvH+pAI8U MSdKwioSUZXiPr111YafDUyGO+KCOUAyl2DJoJsUZNyRQRrvOwz2XoTdEn2J6qArc1dJ H9M48gsm3+XtXjA9Fnss4Bmfrg4kRinn7t93SPCOizd90bf+e1CEuAiapGyst+IzZ8iw rnpA== X-Gm-Message-State: AOJu0YzF3ljSsSzZOdCRML/TWUGpwMgG3llEJ2G2RzP7epLZPTgGMYWL +Hfv/kf6pvdYHbV+GrCrV6SiIkPQ8/yM5dSshyh7Dg== X-Google-Smtp-Source: AGHT+IGkKR6mps1rc5L0NryeA/tHidBkmqhJ6x2GJyBQwD6FuDriCpGtK9q3tNmiYmMfvS6FgEnsMQ== X-Received: by 2002:a05:6a20:54a8:b0:136:faec:a7dc with SMTP id i40-20020a056a2054a800b00136faeca7dcmr4134667pzk.11.1699484000587; Wed, 08 Nov 2023 14:53:20 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.19 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:20 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 4/7] cve-check: sort the package list in the JSON report Date: Wed, 8 Nov 2023 12:53:03 -1000 Message-Id: <1245649fd2725915154648a98584c908da07af18.1699483825.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190362 From: Ross Burton The JSON report generated by the cve-check class is basically a huge list of packages. This list of packages is, however, unsorted. To make things easier for people comparing the JSON, or more specifically for git when archiving the JSON over time in a git repository, we can sort the list by package name. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit e9861be0e5020830c2ecc24fd091f4f5b05da036) Signed-off-by: Steve Sakoman --- meta/classes/cve-check.bbclass | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta/classes/cve-check.bbclass b/meta/classes/cve-check.bbclass index 494fa03ec1..f554150d94 100644 --- a/meta/classes/cve-check.bbclass +++ b/meta/classes/cve-check.bbclass @@ -98,6 +98,8 @@ def generate_json_report(d, out_path, link_path): cve_check_merge_jsons(summary, data) filename = f.readline() + summary["package"].sort(key=lambda d: d['name']) + with open(out_path, "w") as f: json.dump(summary, f, indent=2) From patchwork Wed Nov 8 22:53:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34107 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 6EBB1C4332F for ; Wed, 8 Nov 2023 22:53:30 +0000 (UTC) Received: from mail-pf1-f169.google.com (mail-pf1-f169.google.com [209.85.210.169]) by mx.groups.io with SMTP id smtpd.web10.107064.1699484003472346800 for ; Wed, 08 Nov 2023 14:53:23 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=i7p5U+aS; spf=softfail (domain: sakoman.com, ip: 209.85.210.169, mailfrom: steve@sakoman.com) Received: by mail-pf1-f169.google.com with SMTP id d2e1a72fcca58-6c33ab26dddso205823b3a.0 for ; Wed, 08 Nov 2023 14:53:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699484002; x=1700088802; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=/RrIzqpm3upKMlVcpXdbub15rkifbC//H7A5gw16hMw=; b=i7p5U+aSvmUMrNS96GuZe2jtUXk8cQEJkL68AXJAkmPd3Ra1Dme10Vm94zUIfLSKw7 NymAq1Nz8vQEFEQL6p3sp0YC+wfwQ5soUQB5761X3XYw2PIVNzwE48DJfqWmkhIAehSu RJYVxASeLNPdGO9+wYdehH1RvtQ9LpwslvGdjlncroM/REYqtyTUI4TOYQOm1f8QyRad NWGY0ArJJ5mgHT7gPllOYOTk9vV4YYtcSVtW3odqNyWhMicMJk7TBOnAhdoeVj22rqf7 gt4vLJXq3nXAXJwNJsVBh3sQP3LQ8aYzjmPhtPXemePW4exyLqNDHNdG+3MeuiRgebJq nTIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699484002; x=1700088802; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=/RrIzqpm3upKMlVcpXdbub15rkifbC//H7A5gw16hMw=; b=ltYp3FHGGL1dGPcKiWk9Yn0OX7ORRvl85i7NqcSzFznKiN76SQson8wSJSFoPnOfGc 6tX40qgX1ZEkRGanwU+IGn0jtMgnCesRHe1vN6uW/dObNMlAQ5+MOFFHmRhvMQPrNofI t4y+Nw9wpas48hWpTcsAqWaDqWuwbOvToyIyFSzBRXxsDq/2mkFjFSWyaUL2Ho8STwU0 QbfmnkXsE9M/RRD6RH2Pv43lDcF14qDZ5NfUK2na0ta6G495ZP3u4fL2DjwVqfc1+Dvv pzzt3/3heIL9GgPYUbZH0Xu983n4DJ12hUW/bY9j9H86xEq/VeBF/gVhL9EnQunAYjFS fWMw== X-Gm-Message-State: AOJu0Yx9gSufhXHLTw86SgOU/P2gdkbIJll3e5UenDZ0PhBg8ynKu9xW JTpQ7JhNxCHf/TW+ddgv4rqR9NOnWZSV87L5PLdgAA== X-Google-Smtp-Source: AGHT+IGeoGxThRIfLjDmu79m20fNefsTJ2BcD1n3pCG4305tvrF3zbCFaB2bgpqK6Xf0gU+D6AdD+A== X-Received: by 2002:a05:6a21:33a9:b0:184:9f3d:f7dd with SMTP id yy41-20020a056a2133a900b001849f3df7ddmr3459005pzb.29.1699484002204; Wed, 08 Nov 2023 14:53:22 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:21 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 5/7] cve-check: slightly more verbose warning when adding the same package twice Date: Wed, 8 Nov 2023 12:53:04 -1000 Message-Id: <4b449d5dcbaebb0690a55cf45e3a735c2d8df101.1699483825.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190363 From: Ross Burton Occasionally the cve-check tool will warn that it is adding the same package twice. Knowing what this package is might be the first step towards understanding where this message comes from. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit c1179faec8583a8b7df192cf1cbf221f0e3001fc) Signed-off-by: Steve Sakoman --- meta/lib/oe/cve_check.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index 42a77872e9..2efc4290af 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py @@ -159,7 +159,7 @@ def cve_check_merge_jsons(output, data): for product in output["package"]: if product["name"] == data["package"][0]["name"]: - bb.error("Error adding the same package twice") + bb.error("Error adding the same package %s twice" % product["name"]) return output["package"].append(data["package"][0]) From patchwork Wed Nov 8 22:53:05 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34111 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 7BEEAC41535 for ; Wed, 8 Nov 2023 22:53:30 +0000 (UTC) Received: from mail-pf1-f180.google.com (mail-pf1-f180.google.com [209.85.210.180]) by mx.groups.io with SMTP id smtpd.web10.107067.1699484004696570858 for ; Wed, 08 Nov 2023 14:53:24 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=woPfBpKa; spf=softfail (domain: sakoman.com, ip: 209.85.210.180, mailfrom: steve@sakoman.com) Received: by mail-pf1-f180.google.com with SMTP id d2e1a72fcca58-6b497c8575aso194687b3a.1 for ; Wed, 08 Nov 2023 14:53:24 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699484004; x=1700088804; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=P4IHrFKN9yzsSqYiLBeRCgprpPUHcENynjC8s+gi3aA=; b=woPfBpKa6l3H5YDTe//XGABODem9KSZzK388s1yBW2hFNYmtudWs7PeII/r8kaEZec L3bj+epWmkNmhCkFT/nM67RPtXN3eh3ITPTIrGzXMq9nuyLdTvd0i/tcvkIS2ohTK7pl GgZTYzFy6uJl3T6oW3J9Wqvpx805gSiKAril32ZIMc6Xcn99Or1RqjVOnwvdDvdC0K9q HsajcHuPxLdh210K0uqTuh7o6dKAaw5pZAos0PgqlPqre/NaHwHWLFPqOeeYPuFYvrMx sw7HN8KHiLJloqgTsIR2KU7IB2WTJ2Sf587VP926uMSgLervp6kz1BmKXaCD1UTor2Od m84w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699484004; x=1700088804; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=P4IHrFKN9yzsSqYiLBeRCgprpPUHcENynjC8s+gi3aA=; b=VYlorAaMRRSXWq+jWl+xZNL9eJ2FgpyIufphKLPvs4uRBcAa91kEyFAzwpXnWHO3aN vaaJBG3bmH4FeqX0+wk4W1Yg9tPSp1r9ObvHRq1m/qgcXH8yXSmGiT+MdzQHzahzLsnp 7FhPV4laMIhqIjL51F71O6355ZXxh/NOwTRzZPO/TRXvDmatuCw+Gr58sbWk5WxSbM10 aywjpIFQ346j+iM6St/WmrvGrLLlkSbyKySDz8I5OXGL8T8gp0F5k+Uw4rrRxoumikV5 Ia+a7vvJsYw+cAp9d3Ti9kr+RfUEogQ/BxLI8pvdLhV8UZSyTBraMFqAWB1pO9eSgqFq xPrQ== X-Gm-Message-State: AOJu0Yy4DKWNFfJOA72BwAoWSWTqmJmZAqimyi1K1uuJLoOUn7fUfVvP 3KHUkh5ucVXR0Lvq7yPp0nc1t533fpJPprD6nvsjtQ== X-Google-Smtp-Source: AGHT+IHFSVbykUgUkuL4fVsmlZ4xcgWcyxTeh/QIfuckB5ELgFmXA3LbFVG+jvYWH4YFk8ZMjHL3ow== X-Received: by 2002:a05:6a20:5485:b0:16b:8067:23a7 with SMTP id i5-20020a056a20548500b0016b806723a7mr4628266pzk.24.1699484003854; Wed, 08 Nov 2023 14:53:23 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.23 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:23 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 6/7] cve-check: don't warn if a patch is remote Date: Wed, 8 Nov 2023 12:53:05 -1000 Message-Id: X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190364 From: Ross Burton We don't make do_cve_check depend on do_unpack because that would be a waste of time 99% of the time. The compromise here is that we can't scan remote patches for issues, but this isn't a problem so downgrade the warning to a note. Also move the check for CVEs in the filename before the local file check so that even with remote patches, we still check for CVE references in the name. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 0251cad677579f5b4dcc25fa2f8552c6040ac2cf) Signed-off-by: Steve Sakoman --- meta/lib/oe/cve_check.py | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/meta/lib/oe/cve_check.py b/meta/lib/oe/cve_check.py index 2efc4290af..65b1358ffc 100644 --- a/meta/lib/oe/cve_check.py +++ b/meta/lib/oe/cve_check.py @@ -89,11 +89,6 @@ def get_patched_cves(d): for url in oe.patch.src_patches(d): patch_file = bb.fetch.decodeurl(url)[2] - # Remote compressed patches may not be unpacked, so silently ignore them - if not os.path.isfile(patch_file): - bb.warn("%s does not exist, cannot extract CVE list" % patch_file) - continue - # Check patch file name for CVE ID fname_match = cve_file_name_match.search(patch_file) if fname_match: @@ -101,6 +96,12 @@ def get_patched_cves(d): patched_cves.add(cve) bb.debug(2, "Found CVE %s from patch file name %s" % (cve, patch_file)) + # Remote patches won't be present and compressed patches won't be + # unpacked, so say we're not scanning them + if not os.path.isfile(patch_file): + bb.note("%s is remote or compressed, not scanning content" % patch_file) + continue + with open(patch_file, "r", encoding="utf-8") as f: try: patch_text = f.read() From patchwork Wed Nov 8 22:53:06 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steve Sakoman X-Patchwork-Id: 34109 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org (localhost.localdomain [127.0.0.1]) by smtp.lore.kernel.org (Postfix) with ESMTP id 933C1C4167B for ; Wed, 8 Nov 2023 22:53:30 +0000 (UTC) Received: from mail-pf1-f177.google.com (mail-pf1-f177.google.com [209.85.210.177]) by mx.groups.io with SMTP id smtpd.web11.107114.1699484007006260185 for ; Wed, 08 Nov 2023 14:53:27 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@sakoman-com.20230601.gappssmtp.com header.s=20230601 header.b=wr1mZ5cf; spf=softfail (domain: sakoman.com, ip: 209.85.210.177, mailfrom: steve@sakoman.com) Received: by mail-pf1-f177.google.com with SMTP id d2e1a72fcca58-6b89ab5ddb7so207649b3a.0 for ; Wed, 08 Nov 2023 14:53:26 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sakoman-com.20230601.gappssmtp.com; s=20230601; t=1699484006; x=1700088806; darn=lists.openembedded.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GVXgqaTcrZspsPd6gPjt0w+6XSqKK3vqKLfk9RwXQZE=; b=wr1mZ5cf1T1AQn9cdl/HB5Ejl/txOrDcIsruFDS1mUQ2msM1kI5juTC42q7PnaEscw S/UfkVrxL/fBB5cvf1p3QrvjIsgelev3Y28XKw+Fq+PvpvtaCrHbclX+NfEBwIoQAbSY UU+t7tM5xoxZuvXf6yJFbUD9S3erq/UIifFPJ3RhGg3ZPGdsLTkIAqKxyDThk6raVDPO up++7dlJnR1xpbBr+Qm0asneKY9QaYQYwqv0A8Wjxp63hK3GlHGYXEmDlmQCgT9/Z7rG jBZ0/3LF8WEnA60qkggwX4ZWNqhDK6JQiMSGhlX1BuluNJgICa3avuPZPBsjIreoRjQJ cYGw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1699484006; x=1700088806; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GVXgqaTcrZspsPd6gPjt0w+6XSqKK3vqKLfk9RwXQZE=; b=dsv0F3+MDRc7Zs7bXqIXIZxgyX2FiGJx9W4Cw1pszHgfggAwmXKs2gL1eqDXs5Gkm0 1oVJsE+I/+wPZ4IYZDyut7AItjIEqvH47LBgJeWFoXLglV6VxJ3gW72PDrb1H9kqFLtV P6owDC6L0+EEwgiJul2ei840FaBVZldAmi75PJd/hexFMFL3X3HkMq/s+qoInBLFj9Pw vP6SrKkkWEl+TYBPyp5ER/bMT2yPpsolynXc4LFDlELoP3RaCgk1C27T5F4gjJCGC6Z8 vU5z1W3IoZuWM5OTmhVB6nxDLDQOoCS0SON2Y8qzkRNTCs/L0AbjGQ+bHGO0zS2HFrNP Os2Q== X-Gm-Message-State: AOJu0YyyGSErnLSZO2GxDNeb0wVzXHWzx+f48G85IjR78pM3c95oW05m ZnyyhKF1hvvo4WAtWV4QveyLaaka/GxffaKK4oavkg== X-Google-Smtp-Source: AGHT+IFwssRC+gRsBx8fYCO+g/XXSKgf6rt60rFkGum9Zo2clmzFNSNafprIURIB2ByGTBjDZpe7bg== X-Received: by 2002:a05:6a00:3998:b0:6bc:f819:fcf0 with SMTP id fi24-20020a056a00399800b006bcf819fcf0mr3015914pfb.1.1699484005720; Wed, 08 Nov 2023 14:53:25 -0800 (PST) Received: from hexa.lan (rrcs-66-91-142-162.west.biz.rr.com. [66.91.142.162]) by smtp.gmail.com with ESMTPSA id du4-20020a056a002b4400b006884844dfcdsm9467883pfb.55.2023.11.08.14.53.24 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 08 Nov 2023 14:53:25 -0800 (PST) From: Steve Sakoman To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 7/7] python3-jinja2: Fixed ptest result output as per the standard Date: Wed, 8 Nov 2023 12:53:06 -1000 Message-Id: <4bb6373e5f4a1330a063d1afe855d6c24d5461e7.1699483825.git.steve@sakoman.com> X-Mailer: git-send-email 2.34.1 In-Reply-To: References: MIME-Version: 1.0 List-Id: X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for ; Wed, 08 Nov 2023 22:53:30 -0000 X-Groupsio-URL: https://lists.openembedded.org/g/openembedded-core/message/190365 From: Narpat Mali There was an extra space between the result and ':'. After removing extra space, the ptest result will be: result : testname -> result: testname Signed-off-by: Narpat Mali Signed-off-by: Steve Sakoman --- meta/recipes-devtools/python/python3-jinja2/run-ptest | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta/recipes-devtools/python/python3-jinja2/run-ptest b/meta/recipes-devtools/python/python3-jinja2/run-ptest index 3004024619..5817735a63 100644 --- a/meta/recipes-devtools/python/python3-jinja2/run-ptest +++ b/meta/recipes-devtools/python/python3-jinja2/run-ptest @@ -1,3 +1,3 @@ #!/bin/sh -pytest -o log_cli=true -o log_cli_level=INFO | sed -e 's/\[...%\]//g'| sed -e 's/PASSED/PASS/g'| sed -e 's/FAILED/FAIL/g'| sed -e 's/SKIPPED/SKIP/g'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS"){printf "%s : %s\n", $NF, $0}else{print}}'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS") {$NF="";print $0}else{print}}' +pytest -o log_cli=true -o log_cli_level=INFO | sed -e 's/\[...%\]//g'| sed -e 's/PASSED/PASS/g'| sed -e 's/FAILED/FAIL/g'| sed -e 's/SKIPPED/SKIP/g'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS"){printf "%s: %s\n", $NF, $0}else{print}}'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS") {$NF="";print $0}else{print}}'