From: Alexandre Belloni <alexandre.belloni@bootlin.com>
To: wangmy <wangmy@fujitsu.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH] aspell: upgrade 0.60.8 -> 0.60.8.1
Date: Wed, 27 Dec 2023 22:01:42 +0100 [thread overview]
Message-ID: <202312272101425eb74f55@mail.local> (raw)
In-Reply-To: <1703682337-23924-1-git-send-email-wangmy@fujitsu.com>
Hello,
This breaks the selftests:
https://autobuilder.yoctoproject.org/typhoon/#/builders/145/builds/1080/steps/12/logs/stdio
ERROR: No recipes in default available for:
/home/pokybuild/yocto-worker/qemux86-tc/build/build-st-3959354/meta-selftest/recipes-test/aspell/aspell_0.60.8.bbappend
On 27/12/2023 21:05:37+0800, wangmy wrote:
> From: Wang Mingyu <wangmy@fujitsu.com>
>
> CVE-2019-25051.patch
> removed since it's included in 0.60.8.1
>
> Changelog:
> ============
> -Fix memory leak in suggestion code introduced in 0.60.8.
> -Various documentation fixes.
> -Fix various warnings when compiling with -Wall.
> -Fix two buffer overflows found by Google's OSS-Fuzz.
> -Other minor updates.
>
> Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
> ---
> .../{aspell_0.60.8.bb => aspell_0.60.8.1.bb} | 7 +-
> .../aspell/files/CVE-2019-25051.patch | 101 ------------------
> 2 files changed, 2 insertions(+), 106 deletions(-)
> rename meta/recipes-support/aspell/{aspell_0.60.8.bb => aspell_0.60.8.1.bb} (83%)
> delete mode 100644 meta/recipes-support/aspell/files/CVE-2019-25051.patch
>
> diff --git a/meta/recipes-support/aspell/aspell_0.60.8.bb b/meta/recipes-support/aspell/aspell_0.60.8.1.bb
> similarity index 83%
> rename from meta/recipes-support/aspell/aspell_0.60.8.bb
> rename to meta/recipes-support/aspell/aspell_0.60.8.1.bb
> index 39b55f4ff2..0ea9b063e0 100644
> --- a/meta/recipes-support/aspell/aspell_0.60.8.bb
> +++ b/meta/recipes-support/aspell/aspell_0.60.8.1.bb
> @@ -13,11 +13,8 @@ HOMEPAGE = "http://aspell.net/"
> LICENSE = "LGPL-2.0-only | LGPL-2.1-only"
> LIC_FILES_CHKSUM = "file://COPYING;md5=7fbc338309ac38fefcd64b04bb903e34"
>
> -SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz \
> - file://CVE-2019-25051.patch \
> -"
> -SRC_URI[md5sum] = "012fa9209203ae4e5a61c2a668fd10e3"
> -SRC_URI[sha256sum] = "f9b77e515334a751b2e60daab5db23499e26c9209f5e7b7443b05235ad0226f2"
> +SRC_URI = "${GNU_MIRROR}/aspell/aspell-${PV}.tar.gz"
> +SRC_URI[sha256sum] = "d6da12b34d42d457fa604e435ad484a74b2effcd120ff40acd6bb3fb2887d21b"
>
> PACKAGECONFIG ??= ""
> PACKAGECONFIG[curses] = "--enable-curses,--disable-curses,ncurses"
> diff --git a/meta/recipes-support/aspell/files/CVE-2019-25051.patch b/meta/recipes-support/aspell/files/CVE-2019-25051.patch
> deleted file mode 100644
> index 8513f6de79..0000000000
> --- a/meta/recipes-support/aspell/files/CVE-2019-25051.patch
> +++ /dev/null
> @@ -1,101 +0,0 @@
> -From 0718b375425aad8e54e1150313b862e4c6fd324a Mon Sep 17 00:00:00 2001
> -From: Kevin Atkinson <kevina@gnu.org>
> -Date: Sat, 21 Dec 2019 20:32:47 +0000
> -Subject: [PATCH] objstack: assert that the alloc size will fit within a chunk
> - to prevent a buffer overflow
> -
> -Bug found using OSS-Fuze.
> -
> -Upstream-Status: Backport
> -[https://github.com/gnuaspell/aspell/commit/0718b375425aad8e54e1150313b862e4c6fd324a]
> -CVE: CVE-2019-25051
> -Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
> ----
> - common/objstack.hpp | 18 ++++++++++++++----
> - 1 file changed, 14 insertions(+), 4 deletions(-)
> -
> -diff --git a/common/objstack.hpp b/common/objstack.hpp
> -index 3997bf7..bd97ccd 100644
> ---- a/common/objstack.hpp
> -+++ b/common/objstack.hpp
> -@@ -5,6 +5,7 @@
> - #include "parm_string.hpp"
> - #include <stdlib.h>
> - #include <assert.h>
> -+#include <stddef.h>
> -
> - namespace acommon {
> -
> -@@ -26,6 +27,12 @@ class ObjStack
> - byte * temp_end;
> - void setup_chunk();
> - void new_chunk();
> -+ bool will_overflow(size_t sz) const {
> -+ return offsetof(Node,data) + sz > chunk_size;
> -+ }
> -+ void check_size(size_t sz) {
> -+ assert(!will_overflow(sz));
> -+ }
> -
> - ObjStack(const ObjStack &);
> - void operator=(const ObjStack &);
> -@@ -56,7 +63,7 @@ class ObjStack
> - void * alloc_bottom(size_t size) {
> - byte * tmp = bottom;
> - bottom += size;
> -- if (bottom > top) {new_chunk(); tmp = bottom; bottom += size;}
> -+ if (bottom > top) {check_size(size); new_chunk(); tmp = bottom; bottom += size;}
> - return tmp;
> - }
> - // This alloc_bottom will insure that the object is aligned based on the
> -@@ -66,7 +73,7 @@ class ObjStack
> - align_bottom(align);
> - byte * tmp = bottom;
> - bottom += size;
> -- if (bottom > top) {new_chunk(); goto loop;}
> -+ if (bottom > top) {check_size(size); new_chunk(); goto loop;}
> - return tmp;
> - }
> - char * dup_bottom(ParmString str) {
> -@@ -79,7 +86,7 @@ class ObjStack
> - // always be aligned as such.
> - void * alloc_top(size_t size) {
> - top -= size;
> -- if (top < bottom) {new_chunk(); top -= size;}
> -+ if (top < bottom) {check_size(size); new_chunk(); top -= size;}
> - return top;
> - }
> - // This alloc_top will insure that the object is aligned based on
> -@@ -88,7 +95,7 @@ class ObjStack
> - {loop:
> - top -= size;
> - align_top(align);
> -- if (top < bottom) {new_chunk(); goto loop;}
> -+ if (top < bottom) {check_size(size); new_chunk(); goto loop;}
> - return top;
> - }
> - char * dup_top(ParmString str) {
> -@@ -117,6 +124,7 @@ class ObjStack
> - void * alloc_temp(size_t size) {
> - temp_end = bottom + size;
> - if (temp_end > top) {
> -+ check_size(size);
> - new_chunk();
> - temp_end = bottom + size;
> - }
> -@@ -131,6 +139,7 @@ class ObjStack
> - } else {
> - size_t s = temp_end - bottom;
> - byte * p = bottom;
> -+ check_size(size);
> - new_chunk();
> - memcpy(bottom, p, s);
> - temp_end = bottom + size;
> -@@ -150,6 +159,7 @@ class ObjStack
> - } else {
> - size_t s = temp_end - bottom;
> - byte * p = bottom;
> -+ check_size(size);
> - new_chunk();
> - memcpy(bottom, p, s);
> - temp_end = bottom + size;
> --
> 2.34.1
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#192943): https://lists.openembedded.org/g/openembedded-core/message/192943
> Mute This Topic: https://lists.openembedded.org/mt/103384053/3617179
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [alexandre.belloni@bootlin.com]
> -=-=-=-=-=-=-=-=-=-=-=-
>
--
Alexandre Belloni, co-owner and COO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
next prev parent reply other threads:[~2023-12-27 21:01 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-12-27 13:05 [OE-core] [PATCH] aspell: upgrade 0.60.8 -> 0.60.8.1 wangmy
2023-12-27 21:01 ` Alexandre Belloni [this message]
2023-12-28 11:41 ` Alexander Kanavin
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=202312272101425eb74f55@mail.local \
--to=alexandre.belloni@bootlin.com \
--cc=openembedded-core@lists.openembedded.org \
--cc=wangmy@fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.