* [PATCH] staging: use relative path in sysroot_stage_dir()
@ 2022-01-31 8:55 ahsan_hussain
2022-02-10 5:35 ` ahussain
0 siblings, 1 reply; 2+ messages in thread
From: ahsan_hussain @ 2022-01-31 8:55 UTC (permalink / raw)
To: openembedded-core
From: Ahsan Hussain <ahsan_hussain@mentor.com>
A regression form cpio CVE-2021-38185 caused the tool to hang for paths
greater than 128 character long. It was reported here:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=992098
We were able to reliable reproduce this with dunfell, meta-freescale
recipe imx-boot
https://github.com/Freescale/meta-freescale/blob/dunfell/recipes-bsp/imx-mkimage/imx-boot_1.0.bb
Using relative path on the affected host fixes the issue as this is
always short, being in the same work dir. It would be harmless, and
useful to generally use the relative path for sysroot_stage_dir()
Signed-off-by: Ahsan Hussain <ahsan_hussain@mentor.com>
---
meta/classes/staging.bbclass | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/classes/staging.bbclass b/meta/classes/staging.bbclass
index 25f77c7735..4f278b2205 100644
--- a/meta/classes/staging.bbclass
+++ b/meta/classes/staging.bbclass
@@ -49,9 +49,10 @@ sysroot_stage_dir() {
fi
mkdir -p "$dest"
+ rdest=$(realpath --relative-to="$src" "$dest")
(
cd $src
- find . -print0 | cpio --null -pdlu $dest
+ find . -print0 | cpio --null -pdlu $rdest
)
}
--
2.17.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-02-10 5:36 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-01-31 8:55 [PATCH] staging: use relative path in sysroot_stage_dir() ahsan_hussain
2022-02-10 5:35 ` ahussain
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.