* [OE-core][scarthgap 01/33] go: fix CVE-2025-4674
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 02/33] gstreamer1.0-plugins-base: fix CVE-2025-47807 Steve Sakoman
` (31 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
The go command may execute unexpected commands when operating in untrusted VCS repositories.
This occurs when possibly dangerous VCS configuration is present in repositories.
This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata
for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line,
i.e. via "go get", are not affected.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-1.22.12.inc | 1 +
.../go/go/CVE-2025-4674.patch | 332 ++++++++++++++++++
2 files changed, 333 insertions(+)
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-4674.patch
diff --git a/meta/recipes-devtools/go/go-1.22.12.inc b/meta/recipes-devtools/go/go-1.22.12.inc
index ea57b23c3e..12d7539017 100644
--- a/meta/recipes-devtools/go/go-1.22.12.inc
+++ b/meta/recipes-devtools/go/go-1.22.12.inc
@@ -17,6 +17,7 @@ SRC_URI += "\
file://CVE-2025-22870.patch \
file://CVE-2025-22871.patch \
file://CVE-2025-4673.patch \
+ file://CVE-2025-4674.patch \
"
SRC_URI[main.sha256sum] = "012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71"
diff --git a/meta/recipes-devtools/go/go/CVE-2025-4674.patch b/meta/recipes-devtools/go/go/CVE-2025-4674.patch
new file mode 100644
index 0000000000..bc6e438652
--- /dev/null
+++ b/meta/recipes-devtools/go/go/CVE-2025-4674.patch
@@ -0,0 +1,332 @@
+From e9d2c032b14c17083be0f8f0c822565199d2994f Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker <bracewell@google.com>
+Date: Mon, 9 Jun 2025 11:23:46 -0700
+Subject: [PATCH] [release-branch.go1.23] cmd/go: disable support for multiple
+ vcs in one module
+
+Removes the somewhat redundant vcs.FromDir, "allowNesting" argument,
+which was always enabled, and disallow multiple VCS metadata folders
+being present in a single directory. This makes VCS injection attacks
+much more difficult.
+
+Also adds a GODEBUG, allowmultiplevcs, which re-enables this behavior.
+
+Thanks to RyotaK (https://ryotak.net) of GMO Flatt Security Inc for
+reporting this issue.
+
+Updates #74380
+Fixes #74382
+Fixes CVE-2025-4674
+
+CVE: CVE-2025-4674
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/e9d2c032b14c17083be0f8f0c822565199d2994f]
+
+Change-Id: I2db79f2baacfacfec331ee7c6978c4057d483eba
+Reviewed-on: https://go-review.googlesource.com/c/go/+/686337
+LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
+Reviewed-by: David Chase <drchase@google.com>
+Reviewed-by: Carlos Amedee <carlos@golang.org>
+Commit-Queue: Carlos Amedee <carlos@golang.org>
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ doc/godebug.md | 4 ++
+ src/cmd/go/internal/load/pkg.go | 14 ++---
+ src/cmd/go/internal/vcs/vcs.go | 28 ++++++----
+ src/cmd/go/internal/vcs/vcs_test.go | 2 +-
+ src/cmd/go/testdata/script/test_multivcs.txt | 54 +++++++++++++++++++
+ .../script/version_buildvcs_nested.txt | 20 +++++--
+ src/internal/godebugs/godebugs_test.go | 3 +-
+ src/internal/godebugs/table.go | 1 +
+ src/runtime/metrics/doc.go | 5 ++
+ 9 files changed, 108 insertions(+), 23 deletions(-)
+ create mode 100644 src/cmd/go/testdata/script/test_multivcs.txt
+
+diff --git a/doc/godebug.md b/doc/godebug.md
+index fb3f32f..ae4f057 100644
+--- a/doc/godebug.md
++++ b/doc/godebug.md
+@@ -126,6 +126,10 @@ for example,
+ see the [runtime documentation](/pkg/runtime#hdr-Environment_Variables)
+ and the [go command documentation](/cmd/go#hdr-Build_and_test_caching).
+
++Go 1.23.11 disabled build information stamping when multiple VCS are detected due
++to concerns around VCS injection attacks. This behavior can be renabled with the
++setting `allowmultiplevcs=1`.
++
+ ### Go 1.22
+
+ Go 1.22 adds a configurable limit to control the maximum acceptable RSA key size
+diff --git a/src/cmd/go/internal/load/pkg.go b/src/cmd/go/internal/load/pkg.go
+index f41fb2c..428780e 100644
+--- a/src/cmd/go/internal/load/pkg.go
++++ b/src/cmd/go/internal/load/pkg.go
+@@ -2465,7 +2465,6 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
+ var repoDir string
+ var vcsCmd *vcs.Cmd
+ var err error
+- const allowNesting = true
+
+ wantVCS := false
+ switch cfg.BuildBuildvcs {
+@@ -2485,7 +2484,7 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
+ // (so the bootstrap toolchain packages don't even appear to be in GOROOT).
+ goto omitVCS
+ }
+- repoDir, vcsCmd, err = vcs.FromDir(base.Cwd(), "", allowNesting)
++ repoDir, vcsCmd, err = vcs.FromDir(base.Cwd(), "")
+ if err != nil && !errors.Is(err, os.ErrNotExist) {
+ setVCSError(err)
+ return
+@@ -2508,10 +2507,11 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
+ }
+ if repoDir != "" && vcsCmd.Status != nil {
+ // Check that the current directory, package, and module are in the same
+- // repository. vcs.FromDir allows nested Git repositories, but nesting
+- // is not allowed for other VCS tools. The current directory may be outside
+- // p.Module.Dir when a workspace is used.
+- pkgRepoDir, _, err := vcs.FromDir(p.Dir, "", allowNesting)
++ // repository. vcs.FromDir disallows nested VCS and multiple VCS in the
++ // same repository, unless the GODEBUG allowmultiplevcs is set. The
++ // current directory may be outside p.Module.Dir when a workspace is
++ // used.
++ pkgRepoDir, _, err := vcs.FromDir(p.Dir, "")
+ if err != nil {
+ setVCSError(err)
+ return
+@@ -2523,7 +2523,7 @@ func (p *Package) setBuildInfo(ctx context.Context, autoVCS bool) {
+ }
+ goto omitVCS
+ }
+- modRepoDir, _, err := vcs.FromDir(p.Module.Dir, "", allowNesting)
++ modRepoDir, _, err := vcs.FromDir(p.Module.Dir, "")
+ if err != nil {
+ setVCSError(err)
+ return
+diff --git a/src/cmd/go/internal/vcs/vcs.go b/src/cmd/go/internal/vcs/vcs.go
+index 8550f2a..89d9f0e 100644
+--- a/src/cmd/go/internal/vcs/vcs.go
++++ b/src/cmd/go/internal/vcs/vcs.go
+@@ -8,6 +8,7 @@ import (
+ "bytes"
+ "errors"
+ "fmt"
++ "internal/godebug"
+ "internal/lazyregexp"
+ "internal/singleflight"
+ "io/fs"
+@@ -831,11 +832,13 @@ type vcsPath struct {
+ schemelessRepo bool // if true, the repo pattern lacks a scheme
+ }
+
++var allowmultiplevcs = godebug.New("allowmultiplevcs")
++
+ // FromDir inspects dir and its parents to determine the
+ // version control system and code repository to use.
+ // If no repository is found, FromDir returns an error
+ // equivalent to os.ErrNotExist.
+-func FromDir(dir, srcRoot string, allowNesting bool) (repoDir string, vcsCmd *Cmd, err error) {
++func FromDir(dir, srcRoot string) (repoDir string, vcsCmd *Cmd, err error) {
+ // Clean and double-check that dir is in (a subdirectory of) srcRoot.
+ dir = filepath.Clean(dir)
+ if srcRoot != "" {
+@@ -849,21 +852,28 @@ func FromDir(dir, srcRoot string, allowNesting bool) (repoDir string, vcsCmd *Cm
+ for len(dir) > len(srcRoot) {
+ for _, vcs := range vcsList {
+ if isVCSRoot(dir, vcs.RootNames) {
+- // Record first VCS we find.
+- // If allowNesting is false (as it is in GOPATH), keep looking for
+- // repositories in parent directories and report an error if one is
+- // found to mitigate VCS injection attacks.
+ if vcsCmd == nil {
++ // Record first VCS we find.
+ vcsCmd = vcs
+ repoDir = dir
+- if allowNesting {
++ if allowmultiplevcs.Value() == "1" {
++ allowmultiplevcs.IncNonDefault()
+ return repoDir, vcsCmd, nil
+ }
++ // If allowmultiplevcs is not set, keep looking for
++ // repositories in current and parent directories and report
++ // an error if one is found to mitigate VCS injection
++ // attacks.
++ continue
++ }
++ if vcsCmd == vcsGit && vcs == vcsGit {
++ // Nested Git is allowed, as this is how things like
++ // submodules work. Git explicitly protects against
++ // injection against itself.
+ continue
+ }
+- // Otherwise, we have one VCS inside a different VCS.
+- return "", nil, fmt.Errorf("directory %q uses %s, but parent %q uses %s",
+- repoDir, vcsCmd.Cmd, dir, vcs.Cmd)
++ return "", nil, fmt.Errorf("multiple VCS detected: %s in %q, and %s in %q",
++ vcsCmd.Cmd, repoDir, vcs.Cmd, dir)
+ }
+ }
+
+diff --git a/src/cmd/go/internal/vcs/vcs_test.go b/src/cmd/go/internal/vcs/vcs_test.go
+index 2ce85ea..06e63c2 100644
+--- a/src/cmd/go/internal/vcs/vcs_test.go
++++ b/src/cmd/go/internal/vcs/vcs_test.go
+@@ -239,7 +239,7 @@ func TestFromDir(t *testing.T) {
+ }
+
+ wantRepoDir := filepath.Dir(dir)
+- gotRepoDir, gotVCS, err := FromDir(dir, tempDir, false)
++ gotRepoDir, gotVCS, err := FromDir(dir, tempDir)
+ if err != nil {
+ t.Errorf("FromDir(%q, %q): %v", dir, tempDir, err)
+ continue
+diff --git a/src/cmd/go/testdata/script/test_multivcs.txt b/src/cmd/go/testdata/script/test_multivcs.txt
+new file mode 100644
+index 0000000..538cbf7
+--- /dev/null
++++ b/src/cmd/go/testdata/script/test_multivcs.txt
+@@ -0,0 +1,54 @@
++# To avoid VCS injection attacks, we should not accept multiple different VCS metadata
++# folders within a single module (either in the same directory, or nested in different
++# directories.)
++#
++# This behavior should be disabled by setting the allowmultiplevcs GODEBUG.
++
++[short] skip
++[!git] skip
++
++cd samedir
++
++exec git init .
++
++# Without explicitly requesting buildvcs, the go command should silently continue
++# without determining the correct VCS.
++go test -c -o $devnull .
++
++# If buildvcs is explicitly requested, we expect the go command to fail
++! go test -buildvcs -c -o $devnull .
++stderr '^error obtaining VCS status: multiple VCS detected:'
++
++env GODEBUG=allowmultiplevcs=1
++go test -buildvcs -c -o $devnull .
++
++env GODEBUG=
++cd ../nested
++exec git init .
++# cd a
++go test -c -o $devnull ./a
++! go test -buildvcs -c -o $devnull ./a
++stderr '^error obtaining VCS status: multiple VCS detected:'
++# allowmultiplevcs doesn't disable the check that the current directory, package, and
++# module are in the same repository.
++env GODEBUG=allowmultiplevcs=1
++! go test -buildvcs -c -o $devnull ./a
++stderr '^error obtaining VCS status: main package is in repository'
++
++-- samedir/go.mod --
++module example
++
++go 1.18
++-- samedir/example.go --
++package main
++-- samedir/.bzr/test --
++hello
++
++-- nested/go.mod --
++module example
++
++go 1.18
++-- nested/a/example.go --
++package main
++-- nested/a/.bzr/test --
++hello
+diff --git a/src/cmd/go/testdata/script/version_buildvcs_nested.txt b/src/cmd/go/testdata/script/version_buildvcs_nested.txt
+index 6dab847..22cd71c 100644
+--- a/src/cmd/go/testdata/script/version_buildvcs_nested.txt
++++ b/src/cmd/go/testdata/script/version_buildvcs_nested.txt
+@@ -9,25 +9,35 @@ cd root
+ go mod init example.com/root
+ exec git init
+
+-# Nesting repositories in parent directories are ignored, as the current
+-# directory main package, and containing main module are in the same repository.
+-# This is an error in GOPATH mode (to prevent VCS injection), but for modules,
+-# we assume users have control over repositories they've checked out.
++
++# Nesting repositories in parent directories are an error, to prevent VCS injection.
++# This can be disabled with the allowmultiplevcs GODEBUG.
+ mkdir hgsub
+ cd hgsub
+ exec hg init
+ cp ../../main.go main.go
+ ! go build
++stderr '^error obtaining VCS status: multiple VCS detected: hg in ".*hgsub", and git in ".*root"$'
++stderr '^\tUse -buildvcs=false to disable VCS stamping.$'
++env GODEBUG=allowmultiplevcs=1
++! go build
+ stderr '^error obtaining VCS status: main module is in repository ".*root" but current directory is in repository ".*hgsub"$'
+ stderr '^\tUse -buildvcs=false to disable VCS stamping.$'
+ go build -buildvcs=false
++env GODEBUG=
+ go mod init example.com/root/hgsub
++! go build
++stderr '^error obtaining VCS status: multiple VCS detected: hg in ".*hgsub", and git in ".*root"$'
++stderr '^\tUse -buildvcs=false to disable VCS stamping.$'
++env GODEBUG=allowmultiplevcs=1
+ go build
++env GODEBUG=
+ cd ..
+
+ # It's an error to build a package from a nested Git repository if the package
+ # is in a separate repository from the current directory or from the module
+-# root directory.
++# root directory. Otherwise nested Git repositories are allowed, as this is
++# how Git implements submodules (and protects against Git based VCS injection.)
+ mkdir gitsub
+ cd gitsub
+ exec git init
+diff --git a/src/internal/godebugs/godebugs_test.go b/src/internal/godebugs/godebugs_test.go
+index a1cb8d4..b3784eb 100644
+--- a/src/internal/godebugs/godebugs_test.go
++++ b/src/internal/godebugs/godebugs_test.go
+@@ -39,7 +39,8 @@ func TestAll(t *testing.T) {
+ if info.Old != "" && info.Changed == 0 {
+ t.Errorf("Name=%s has Old, missing Changed", info.Name)
+ }
+- if !strings.Contains(doc, "`"+info.Name+"`") {
++ if !strings.Contains(doc, "`"+info.Name+"`") &&
++ !strings.Contains(doc, "`"+info.Name+"=") {
+ t.Errorf("Name=%s not documented in doc/godebug.md", info.Name)
+ }
+ }
+diff --git a/src/internal/godebugs/table.go b/src/internal/godebugs/table.go
+index 11c5b7d..33dcd81 100644
+--- a/src/internal/godebugs/table.go
++++ b/src/internal/godebugs/table.go
+@@ -25,6 +25,7 @@ type Info struct {
+ // Note: After adding entries to this table, update the list in doc/godebug.md as well.
+ // (Otherwise the test in this package will fail.)
+ var All = []Info{
++ {Name: "allowmultiplevcs", Package: "cmd/go"},
+ {Name: "execerrdot", Package: "os/exec"},
+ {Name: "gocachehash", Package: "cmd/go"},
+ {Name: "gocachetest", Package: "cmd/go"},
+diff --git a/src/runtime/metrics/doc.go b/src/runtime/metrics/doc.go
+index 85f256d..517ec0e 100644
+--- a/src/runtime/metrics/doc.go
++++ b/src/runtime/metrics/doc.go
+@@ -230,6 +230,11 @@ Below is the full list of supported metrics, ordered lexicographically.
+ /gc/stack/starting-size:bytes
+ The stack size of new goroutines.
+
++ /godebug/non-default-behavior/allowmultiplevcs:events
++ The number of non-default behaviors executed by the cmd/go
++ package due to a non-default GODEBUG=allowmultiplevcs=...
++ setting.
++
+ /godebug/non-default-behavior/execerrdot:events
+ The number of non-default behaviors executed by the os/exec
+ package due to a non-default GODEBUG=execerrdot=... setting.
+--
+2.40.0
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 02/33] gstreamer1.0-plugins-base: fix CVE-2025-47807
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 01/33] go: fix CVE-2025-4674 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 03/33] ffmpeg: upgrade 6.1.2 -> 6.1.3 Steve Sakoman
` (30 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Hitendra Prajapati <hprajapati@mvista.com>
Upstream-Status: Backport from https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/9e2238adc1cad1fba5aad23bc8c2a6c2a65794d2
Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../CVE-2025-47807.patch | 49 +++++++++++++++++++
.../gstreamer1.0-plugins-base_1.22.12.bb | 1 +
2 files changed, 50 insertions(+)
create mode 100644 meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47807.patch
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47807.patch b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47807.patch
new file mode 100644
index 0000000000..11a4d49583
--- /dev/null
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base/CVE-2025-47807.patch
@@ -0,0 +1,49 @@
+From 9e2238adc1cad1fba5aad23bc8c2a6c2a65794d2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
+Date: Thu, 8 May 2025 09:14:15 +0300
+Subject: [PATCH] subparse: Check for valid UTF-8 before cleaning up lines and
+ check for regex replace errors
+
+Fixes https://gitlab.freedesktop.org/gstreamer/gstreamer/-/issues/4418
+Fixes CVE-2025-47807
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/gstreamer/-/merge_requests/9132>
+
+CVE: CVE-2025-47807
+Upstream-Status: Backport [https://gitlab.freedesktop.org/gstreamer/gstreamer/-/commit/9e2238adc1cad1fba5aad23bc8c2a6c2a65794d2]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ gst/subparse/gstsubparse.c | 10 ++++++++++
+ 1 file changed, 10 insertions(+)
+
+diff --git a/gst/subparse/gstsubparse.c b/gst/subparse/gstsubparse.c
+index 035068d..72bf104 100644
+--- a/gst/subparse/gstsubparse.c
++++ b/gst/subparse/gstsubparse.c
+@@ -666,6 +666,12 @@ subrip_unescape_formatting (gchar * txt, gconstpointer allowed_tags_ptr,
+ res = g_regex_replace (tag_regex, txt, strlen (txt), 0,
+ replace_pattern, 0, NULL);
+
++ /* Replacing can fail. Return an empty string in that case. */
++ if (!res) {
++ strcpy (txt, "");
++ return;
++ }
++
+ /* res will always be shorter than the input or identical, so this
+ * copy is OK */
+ strcpy (txt, res);
+@@ -1046,6 +1052,10 @@ parse_subrip (ParserState * state, const gchar * line)
+ g_string_append_c (state->buf, '\n');
+ g_string_append (state->buf, line);
+ if (strlen (line) == 0) {
++ if (!g_utf8_validate (state->buf->str, state->buf->len, NULL)) {
++ g_string_truncate (state->buf, 0);
++ return NULL;
++ }
+ ret = g_markup_escape_text (state->buf->str, state->buf->len);
+ g_string_truncate (state->buf, 0);
+ state->state = 0;
+--
+2.50.1
+
diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
index bfc6bb65ef..2eff864022 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-plugins-base_1.22.12.bb
@@ -21,6 +21,7 @@ SRC_URI = "https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-ba
file://0012-subparse-Check-for-NULL-return-of-strchr-when-parsin.patch \
file://CVE-2025-47808.patch \
file://CVE-2025-47806.patch \
+ file://CVE-2025-47807.patch \
"
SRC_URI[sha256sum] = "73cfadc3a6ffe77ed974cfd6fb391c605e4531f48db21dd6b9f42b8cb69bd8c1"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 03/33] ffmpeg: upgrade 6.1.2 -> 6.1.3
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 01/33] go: fix CVE-2025-4674 Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 02/33] gstreamer1.0-plugins-base: fix CVE-2025-47807 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 04/33] ffmpeg: fix CVE-2025-1594 Steve Sakoman
` (29 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
Fixes:
CVE-2023-6604
CVE-2023-6602
CVE-2025-7700
Changelog:
https://github.com/FFmpeg/FFmpeg/blob/n6.1.3/Changelog
Removed the CVE patches which are already fixed with this upgrade
ref:
https://github.com/FFmpeg/FFmpeg/commit/c104119c6b5e00496c5ff14071c85f95c98b7ae5
https://github.com/FFmpeg/FFmpeg/commit/7d79d0a43b5533ff584249332bc1db7fedbab1d2
https://github.com/FFmpeg/FFmpeg/commit/a4b6e37ad5f50454974fa22cc8f19d83cdaff0eb
https://github.com/FFmpeg/FFmpeg/commit/efedc1d1b6aef2481cf613a11992b1dce6320055
https://github.com/FFmpeg/FFmpeg/commit/dcf34f13f516aa0e214384f3185aff306feba01d
https://github.com/FFmpeg/FFmpeg/commit/bed04417b4d38af7a1b477b24ea6e26547e32373
https://github.com/FFmpeg/FFmpeg/commit/b43a12363c1fef0efa7eac15b6b830417656db15
https://github.com/FFmpeg/FFmpeg/commit/e2b20632b8c71a4e174511f8ff6e8342e0c63bd3
https://github.com/FFmpeg/FFmpeg/commit/43f64690ad9df72976bcbd6ea9e41b2542db2464
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ffmpeg/ffmpeg/CVE-2023-49501.patch | 30 -----
.../ffmpeg/ffmpeg/CVE-2023-49502.patch | 107 ------------------
.../ffmpeg/ffmpeg/CVE-2023-50007.patch | 78 -------------
.../ffmpeg/ffmpeg/CVE-2023-50008.patch | 29 -----
.../ffmpeg/ffmpeg/CVE-2024-31578.patch | 49 --------
.../ffmpeg/ffmpeg/CVE-2024-31582.patch | 34 ------
.../ffmpeg/ffmpeg/CVE-2024-35367.patch | 47 --------
.../ffmpeg/ffmpeg/CVE-2024-35368.patch | 41 -------
.../ffmpeg/ffmpeg/CVE-2025-0518.patch | 34 ------
.../ffmpeg/ffmpeg/CVE-2025-22919.patch | 39 -------
.../{ffmpeg_6.1.2.bb => ffmpeg_6.1.3.bb} | 12 +-
11 files changed, 1 insertion(+), 499 deletions(-)
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch
delete mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
rename meta/recipes-multimedia/ffmpeg/{ffmpeg_6.1.2.bb => ffmpeg_6.1.3.bb} (95%)
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
deleted file mode 100644
index 80d542952a..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49501.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 4adb93dff05dd947878c67784d98c9a4e13b57a7 Mon Sep 17 00:00:00 2001
-From: Paul B Mahol <onemda@gmail.com>
-Date: Thu, 23 Nov 2023 14:58:35 +0100
-Subject: [PATCH] avfilter/asrc_afirsrc: fix by one smaller allocation of
- buffer
-
-CVE: CVE-2023-49501
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/4adb93dff05dd947878c67784d98c9a4e13b57a7]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/asrc_afirsrc.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libavfilter/asrc_afirsrc.c b/libavfilter/asrc_afirsrc.c
-index e2359c1..ea04c35 100644
---- a/libavfilter/asrc_afirsrc.c
-+++ b/libavfilter/asrc_afirsrc.c
-@@ -480,7 +480,7 @@ static av_cold int config_eq_output(AVFilterLink *outlink)
- if (ret < 0)
- return ret;
-
-- s->magnitude = av_calloc(s->nb_magnitude, sizeof(*s->magnitude));
-+ s->magnitude = av_calloc(s->nb_magnitude + 1, sizeof(*s->magnitude));
- if (!s->magnitude)
- return AVERROR(ENOMEM);
- memcpy(s->magnitude, eq_presets[s->preset].gains, sizeof(*s->magnitude) * s->nb_magnitude);
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch
deleted file mode 100644
index bc78a46d03..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-49502.patch
+++ /dev/null
@@ -1,107 +0,0 @@
-From 737ede405b11a37fdd61d19cf25df296a0cb0b75 Mon Sep 17 00:00:00 2001
-From: Cosmin Stejerean <cosmin@cosmin.at>
-Date: Wed, 6 Dec 2023 18:39:32 +0800
-Subject: [PATCH] avfilter/bwdif: account for chroma sub-sampling in min size
- calculation
-
-The current logic for detecting frames that are too small for the
-algorithm does not account for chroma sub-sampling, and so a sample
-where the luma plane is large enough, but the chroma planes are not
-will not be rejected. In that event, a heap overflow will occur.
-
-This change adjusts the logic to consider the chroma planes and makes
-the change to all three bwdif implementations.
-
-Fixes #10688
-
-Signed-off-by: Cosmin Stejerean <cosmin@cosmin.at>
-Reviewed-by: Thomas Mundt <tmundt75@gmail.com>
-Signed-off-by: Philip Langdale <philipl@overt.org>
-
-CVE: CVE-2023-49502
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/737ede405b11a37f]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/vf_bwdif.c | 9 +++++----
- libavfilter/vf_bwdif_cuda.c | 11 ++++++-----
- libavfilter/vf_bwdif_vulkan.c | 11 +++++------
- 3 files changed, 16 insertions(+), 15 deletions(-)
-
-diff --git a/libavfilter/vf_bwdif.c b/libavfilter/vf_bwdif.c
-index 137cd5e..353cd0b 100644
---- a/libavfilter/vf_bwdif.c
-+++ b/libavfilter/vf_bwdif.c
-@@ -191,13 +191,14 @@ static int config_props(AVFilterLink *link)
- return ret;
- }
-
-- if (link->w < 3 || link->h < 4) {
-- av_log(ctx, AV_LOG_ERROR, "Video of less than 3 columns or 4 lines is not supported\n");
-+ yadif->csp = av_pix_fmt_desc_get(link->format);
-+ yadif->filter = filter;
-+
-+ if (AV_CEIL_RSHIFT(link->w, yadif->csp->log2_chroma_w) < 3 || AV_CEIL_RSHIFT(link->h, yadif->csp->log2_chroma_h) < 4) {
-+ av_log(ctx, AV_LOG_ERROR, "Video with planes less than 3 columns or 4 lines is not supported\n");
- return AVERROR(EINVAL);
- }
-
-- yadif->csp = av_pix_fmt_desc_get(link->format);
-- yadif->filter = filter;
- ff_bwdif_init_filter_line(&s->dsp, yadif->csp->comp[0].depth);
-
- return 0;
-diff --git a/libavfilter/vf_bwdif_cuda.c b/libavfilter/vf_bwdif_cuda.c
-index a5ecfba..418f15f 100644
---- a/libavfilter/vf_bwdif_cuda.c
-+++ b/libavfilter/vf_bwdif_cuda.c
-@@ -296,15 +296,16 @@ static int config_output(AVFilterLink *link)
- link->frame_rate = av_mul_q(ctx->inputs[0]->frame_rate,
- (AVRational){2, 1});
-
-- if (link->w < 3 || link->h < 3) {
-- av_log(ctx, AV_LOG_ERROR, "Video of less than 3 columns or lines is not supported\n");
-- ret = AVERROR(EINVAL);
-- goto exit;
-- }
-
- y->csp = av_pix_fmt_desc_get(output_frames->sw_format);
- y->filter = filter;
-
-+ if (AV_CEIL_RSHIFT(link->w, y->csp->log2_chroma_w) < 3 || AV_CEIL_RSHIFT(link->h, y->csp->log2_chroma_h) < 3) {
-+ av_log(ctx, AV_LOG_ERROR, "Video with planes less than 3 columns or lines is not supported\n");
-+ ret = AVERROR(EINVAL);
-+ goto exit;
-+ }
-+
- ret = CHECK_CU(cu->cuCtxPushCurrent(s->hwctx->cuda_ctx));
- if (ret < 0)
- goto exit;
-diff --git a/libavfilter/vf_bwdif_vulkan.c b/libavfilter/vf_bwdif_vulkan.c
-index 690a89c..c51df9a 100644
---- a/libavfilter/vf_bwdif_vulkan.c
-+++ b/libavfilter/vf_bwdif_vulkan.c
-@@ -362,15 +362,14 @@ static int bwdif_vulkan_config_output(AVFilterLink *outlink)
- outlink->frame_rate = av_mul_q(avctx->inputs[0]->frame_rate,
- (AVRational){2, 1});
-
-- if (outlink->w < 4 || outlink->h < 4) {
-- av_log(avctx, AV_LOG_ERROR, "Video of less than 4 columns or lines is not "
-- "supported\n");
-- return AVERROR(EINVAL);
-- }
--
- y->csp = av_pix_fmt_desc_get(vkctx->frames->sw_format);
- y->filter = bwdif_vulkan_filter_frame;
-
-+ if (AV_CEIL_RSHIFT(outlink->w, y->csp->log2_chroma_w) < 4 || AV_CEIL_RSHIFT(outlink->h, y->csp->log2_chroma_h) < 4) {
-+ av_log(avctx, AV_LOG_ERROR, "Video with planes less than 4 columns or lines is not supported\n");
-+ return AVERROR(EINVAL);
-+ }
-+
- return init_filter(avctx);
- }
-
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
deleted file mode 100644
index d86e39707e..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50007.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From b1942734c7cbcdc9034034373abcc9ecb9644c47 Mon Sep 17 00:00:00 2001
-From: Paul B Mahol <onemda@gmail.com>
-Date: Mon, 27 Nov 2023 11:45:34 +0100
-Subject: [PATCH 2/3] avfilter/af_afwtdn: fix crash with EOF handling
-
-CVE: CVE-2023-50007
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b1942734c7cbcdc9034034373abcc9ecb9644c47]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/af_afwtdn.c | 34 +++++++++++++++++++---------------
- 1 file changed, 19 insertions(+), 15 deletions(-)
-
-diff --git a/libavfilter/af_afwtdn.c b/libavfilter/af_afwtdn.c
-index 0fcfa77..63b7f5f 100644
---- a/libavfilter/af_afwtdn.c
-+++ b/libavfilter/af_afwtdn.c
-@@ -408,6 +408,7 @@ typedef struct AudioFWTDNContext {
-
- uint64_t sn;
- int64_t eof_pts;
-+ int eof;
-
- int wavelet_type;
- int channels;
-@@ -1069,7 +1070,7 @@ static int filter_frame(AVFilterLink *inlink, AVFrame *in)
- s->drop_samples = 0;
- } else {
- if (s->padd_samples < 0 && eof) {
-- out->nb_samples += s->padd_samples;
-+ out->nb_samples = FFMAX(0, out->nb_samples + s->padd_samples);
- s->padd_samples = 0;
- }
- if (!eof)
-@@ -1208,23 +1209,26 @@ static int activate(AVFilterContext *ctx)
-
- FF_FILTER_FORWARD_STATUS_BACK(outlink, inlink);
-
-- ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
-- if (ret < 0)
-- return ret;
-- if (ret > 0)
-- return filter_frame(inlink, in);
-+ if (!s->eof) {
-+ ret = ff_inlink_consume_samples(inlink, s->nb_samples, s->nb_samples, &in);
-+ if (ret < 0)
-+ return ret;
-+ if (ret > 0)
-+ return filter_frame(inlink, in);
-+ }
-
- if (ff_inlink_acknowledge_status(inlink, &status, &pts)) {
-- if (status == AVERROR_EOF) {
-- while (s->padd_samples != 0) {
-- ret = filter_frame(inlink, NULL);
-- if (ret < 0)
-- return ret;
-- }
-- ff_outlink_set_status(outlink, status, pts);
-- return ret;
-- }
-+ if (status == AVERROR_EOF)
-+ s->eof = 1;
- }
-+
-+ if (s->eof && s->padd_samples != 0) {
-+ return filter_frame(inlink, NULL);
-+ } else if (s->eof) {
-+ ff_outlink_set_status(outlink, AVERROR_EOF, s->eof_pts);
-+ return 0;
-+ }
-+
- FF_FILTER_FORWARD_WANTED(outlink, inlink);
-
- return FFERROR_NOT_READY;
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch
deleted file mode 100644
index 4b8935628f..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2023-50008.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 5f87a68cf70dafeab2fb89b42e41a4c29053b89b Mon Sep 17 00:00:00 2001
-From: Paul B Mahol <onemda@gmail.com>
-Date: Mon, 27 Nov 2023 12:08:20 +0100
-Subject: [PATCH] avfilter/vf_colorcorrect: fix memory leaks
-
-CVE: CVE-2023-50008
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/vf_colorcorrect.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/libavfilter/vf_colorcorrect.c b/libavfilter/vf_colorcorrect.c
-index 1c4dea5..6bdec2c 100644
---- a/libavfilter/vf_colorcorrect.c
-+++ b/libavfilter/vf_colorcorrect.c
-@@ -497,6 +497,8 @@ static av_cold void uninit(AVFilterContext *ctx)
- ColorCorrectContext *s = ctx->priv;
-
- av_freep(&s->analyzeret);
-+ av_freep(&s->uhistogram);
-+ av_freep(&s->vhistogram);
- }
-
- static const AVFilterPad colorcorrect_inputs[] = {
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch
deleted file mode 100644
index f8e7e1283b..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31578.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From edeeb35cecb5bc0d433b14dd0e544ae826b7ece5 Mon Sep 17 00:00:00 2001
-From: Zhao Zhili <zhilizhao@tencent.com>
-Date: Tue, 20 Feb 2024 20:08:55 +0800
-Subject: [PATCH] avutil/hwcontext: Don't assume frames_uninit is reentrant
-
-Fix heap use after free when vulkan_frames_init failed.
-
-Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
-
-CVE: CVE-2024-31578
-
-Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/3bb00c0a420c3ce83]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavutil/hwcontext.c | 8 ++------
- 1 file changed, 2 insertions(+), 6 deletions(-)
-
-diff --git a/libavutil/hwcontext.c b/libavutil/hwcontext.c
-index 3650d46..0ef3479 100644
---- a/libavutil/hwcontext.c
-+++ b/libavutil/hwcontext.c
-@@ -363,7 +363,7 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
- if (ctx->internal->hw_type->frames_init) {
- ret = ctx->internal->hw_type->frames_init(ctx);
- if (ret < 0)
-- goto fail;
-+ return ret;
- }
-
- if (ctx->internal->pool_internal && !ctx->pool)
-@@ -373,14 +373,10 @@ int av_hwframe_ctx_init(AVBufferRef *ref)
- if (ctx->initial_pool_size > 0) {
- ret = hwframe_pool_prealloc(ref);
- if (ret < 0)
-- goto fail;
-+ return ret;
- }
-
- return 0;
--fail:
-- if (ctx->internal->hw_type->frames_uninit)
-- ctx->internal->hw_type->frames_uninit(ctx);
-- return ret;
- }
-
- int av_hwframe_transfer_get_formats(AVBufferRef *hwframe_ref,
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
deleted file mode 100644
index 2ade3ab6b1..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-31582.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 1d1a05b393ece9fa3df825bfef3724b7370aefdc Mon Sep 17 00:00:00 2001
-From: Zhao Zhili <zhilizhao@tencent.com>
-Date: Fri, 29 Dec 2023 05:56:43 +0800
-Subject: [PATCH] avfilter/vf_codecview: fix heap buffer overflow
-
-And improve the performance by a little bit.
-
-Signed-off-by: Zhao Zhili <zhilizhao@tencent.com>
-
-CVE: CVE-2024-31582
-
-Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/99debe5f823f45a482e1dc08de35879aa9c74bd2]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/vf_codecview.c | 3 ---
- 1 file changed, 3 deletions(-)
-
-diff --git a/libavfilter/vf_codecview.c b/libavfilter/vf_codecview.c
-index 55d9c8c..f65ccbd 100644
---- a/libavfilter/vf_codecview.c
-+++ b/libavfilter/vf_codecview.c
-@@ -216,9 +216,6 @@ static void draw_block_rectangle(uint8_t *buf, int sx, int sy, int w, int h, ptr
- buf[sx + w - 1] = color;
- buf += stride;
- }
--
-- for (int x = sx; x < sx + w; x++)
-- buf[x] = color;
- }
-
- static int filter_frame(AVFilterLink *inlink, AVFrame *frame)
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
deleted file mode 100644
index a1bec43c66..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35367.patch
+++ /dev/null
@@ -1,47 +0,0 @@
-From 09e6840cf7a3ee07a73c3ae88a020bf27ca1a667 Mon Sep 17 00:00:00 2001
-From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
-Date: Wed, 13 Mar 2024 02:10:26 +0100
-Subject: [PATCH] avcodec/ppc/vp8dsp_altivec: Fix out-of-bounds access
-
-h_subpel_filters_inner[i] and h_subpel_filters_outer[i / 2]
-belong together and the former allows the range 0..6,
-so the latter needs to support 0..3. But it has only three
-elements. Add another one.
-The value for the last element has been guesstimated
-from subpel_filters in libavcodec/vp8dsp.c.
-
-This is also intended to fix FATE-failures with UBSan here:
-https://fate.ffmpeg.org/report.cgi?time=20240312011016&slot=ppc-linux-gcc-13.2-ubsan-altivec-qemu
-
-Tested-by: Sean McGovern <gseanmcg@gmail.com>
-Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
-
-CVE: CVE-2024-35367
-
-Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/09e6840cf7a3ee07a73c3ae88a020bf27ca1a667]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavcodec/ppc/vp8dsp_altivec.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/libavcodec/ppc/vp8dsp_altivec.c b/libavcodec/ppc/vp8dsp_altivec.c
-index 12dac8b..061914f 100644
---- a/libavcodec/ppc/vp8dsp_altivec.c
-+++ b/libavcodec/ppc/vp8dsp_altivec.c
-@@ -50,11 +50,12 @@ static const vec_s8 h_subpel_filters_inner[7] =
- // for 6tap filters, these are the outer two taps
- // The zeros mask off pixels 4-7 when filtering 0-3
- // and vice-versa
--static const vec_s8 h_subpel_filters_outer[3] =
-+static const vec_s8 h_subpel_filters_outer[4] =
- {
- REPT4(0, 0, 2, 1),
- REPT4(0, 0, 3, 3),
- REPT4(0, 0, 1, 2),
-+ REPT4(0, 0, 0, 0),
- };
-
- #define LOAD_H_SUBPEL_FILTER(i) \
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
deleted file mode 100644
index 7b802762eb..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2024-35368.patch
+++ /dev/null
@@ -1,41 +0,0 @@
-From 4513300989502090c4fd6560544dce399a8cd53c Mon Sep 17 00:00:00 2001
-From: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
-Date: Sun, 24 Sep 2023 13:15:48 +0200
-Subject: [PATCH] avcodec/rkmppdec: Fix double-free on error
-
-After having created the AVBuffer that is put into frame->buf[0],
-ownership of several objects (namely an AVDRMFrameDescriptor,
-an MppFrame and some AVBufferRefs framecontextref and decoder_ref)
-has passed to the AVBuffer and therefore to the frame.
-Yet it has nevertheless been freed manually on error
-afterwards, which would lead to a double-free as soon
-as the AVFrame is unreferenced.
-
-Signed-off-by: Andreas Rheinhardt <andreas.rheinhardt@outlook.com>
-
-CVE: CVE-2024-35368
-
-Upstream-Status: Backport [https://github.com/ffmpeg/ffmpeg/commit/4513300989502090c4fd6560544dce399a8cd53c]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavcodec/rkmppdec.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/libavcodec/rkmppdec.c b/libavcodec/rkmppdec.c
-index 5768568..2ca368e 100644
---- a/libavcodec/rkmppdec.c
-+++ b/libavcodec/rkmppdec.c
-@@ -462,8 +462,8 @@ static int rkmpp_retrieve_frame(AVCodecContext *avctx, AVFrame *frame)
-
- frame->hw_frames_ctx = av_buffer_ref(decoder->frames_ref);
- if (!frame->hw_frames_ctx) {
-- ret = AVERROR(ENOMEM);
-- goto fail;
-+ av_frame_unref(frame);
-+ return AVERROR(ENOMEM);
- }
-
- return 0;
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch
deleted file mode 100644
index d3e02bebe6..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-0518.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From b5b6391d64807578ab872dc58fb8aa621dcfc38a Mon Sep 17 00:00:00 2001
-From: Michael Niedermayer <michael@niedermayer.cc>
-Date: Mon, 6 Jan 2025 22:01:39 +0100
-Subject: [PATCH] avfilter/af_pan: Fix sscanf() use
-
-Fixes: Memory Data Leak
-
-Found-by: Simcha Kosman <simcha.kosman@cyberark.com>
-Signed-off-by: Michael Niedermayer <michael@niedermayer.cc>
-
-CVE: CVE-2025-0518
-
-Upstream-Status: Backport [https://github.com/FFmpeg/FFmpeg/commit/b5b6391d64807578ab872dc58fb8aa621dcfc38a]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/af_pan.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libavfilter/af_pan.c b/libavfilter/af_pan.c
-index cfed9f1..ffcd214 100644
---- a/libavfilter/af_pan.c
-+++ b/libavfilter/af_pan.c
-@@ -165,7 +165,7 @@ static av_cold int init(AVFilterContext *ctx)
- sign = 1;
- while (1) {
- gain = 1;
-- if (sscanf(arg, "%lf%n *%n", &gain, &len, &len))
-+ if (sscanf(arg, "%lf%n *%n", &gain, &len, &len) >= 1)
- arg += len;
- if (parse_channel_name(&arg, &in_ch_id, &named)){
- av_log(ctx, AV_LOG_ERROR,
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
deleted file mode 100644
index f895576de3..0000000000
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-22919.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From 1446e37d3d032e1452844778b3e6ba2c20f0c322 Mon Sep 17 00:00:00 2001
-From: James Almer <jamrial@gmail.com>
-Date: Mon, 30 Dec 2024 00:25:41 -0300
-Subject: [PATCH] avfilter/buffersrc: check for valid sample rate
-
-A sample rate <= 0 is invalid.
-
-Fixes an assert in ffmpeg_enc.c that assumed a valid sample rate would be set.
-Fixes ticket #11385.
-
-Signed-off-by: James Almer <jamrial@gmail.com>
-
-CVE: CVE-2025-22919
-
-Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1446e37d3d032e1452844778b3e6ba2c20f0c322]
-
-Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
----
- libavfilter/buffersrc.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/libavfilter/buffersrc.c b/libavfilter/buffersrc.c
-index 453fc0f..f49aa91 100644
---- a/libavfilter/buffersrc.c
-+++ b/libavfilter/buffersrc.c
-@@ -401,6 +401,11 @@ FF_ENABLE_DEPRECATION_WARNINGS
- av_channel_layout_describe(&s->ch_layout, buf, sizeof(buf));
- }
-
-+ if (s->sample_rate <= 0) {
-+ av_log(ctx, AV_LOG_ERROR, "Sample rate not set\n");
-+ return AVERROR(EINVAL);
-+ }
-+
- if (!s->time_base.num)
- s->time_base = (AVRational){1, s->sample_rate};
-
---
-2.40.0
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.2.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
similarity index 95%
rename from meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.2.bb
rename to meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
index a789980dde..c0112757f0 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.2.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
@@ -27,26 +27,16 @@ SRC_URI = " \
file://av1_ordering_info.patch \
file://vulkan_av1_stable_API.patch \
file://vulkan_fix_gcc14.patch \
- file://CVE-2023-49502.patch \
- file://CVE-2024-31578.patch \
- file://CVE-2024-31582.patch \
- file://CVE-2023-50008.patch \
- file://CVE-2023-49501.patch \
file://CVE-2024-28661.patch \
- file://CVE-2023-50007.patch \
file://CVE-2023-49528.patch \
- file://CVE-2024-35367.patch \
- file://CVE-2024-35368.patch \
file://CVE-2024-35365.patch \
file://CVE-2024-36618.patch \
file://CVE-2024-35369.patch \
file://CVE-2025-25473.patch \
- file://CVE-2025-22919.patch \
file://CVE-2025-22921.patch \
- file://CVE-2025-0518.patch \
"
-SRC_URI[sha256sum] = "3b624649725ecdc565c903ca6643d41f33bd49239922e45c9b1442c63dca4e38"
+SRC_URI[sha256sum] = "bc5f1e4a4d283a6492354684ee1124129c52293bcfc6a9169193539fbece3487"
# https://nvd.nist.gov/vuln/detail/CVE-2023-39018
# https://github.com/bramp/ffmpeg-cli-wrapper/issues/291
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 04/33] ffmpeg: fix CVE-2025-1594
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (2 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 03/33] ffmpeg: upgrade 6.1.2 -> 6.1.3 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 05/33] go: fix CVE-2025-47907 Steve Sakoman
` (28 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Archana Polampalli <archana.polampalli@windriver.com>
A vulnerability, which was classified as critical, was found in FFmpeg up to 7.1.
This affects the function ff_aac_search_for_tns of the file libavcodec/aacenc_tns.c
of the component AAC Encoder. The manipulation leads to stack-based buffer overflow.
It is possible to initiate the attack remotely. The exploit has been disclosed to the
public and may be used.
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../ffmpeg/ffmpeg/CVE-2025-1594.patch | 105 ++++++++++++++++++
.../recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb | 1 +
2 files changed, 106 insertions(+)
create mode 100644 meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch
new file mode 100644
index 0000000000..af71055c02
--- /dev/null
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg/CVE-2025-1594.patch
@@ -0,0 +1,105 @@
+From bedfb6eca402037f5cbb115fa767d106b8c14f1c Mon Sep 17 00:00:00 2001
+From: Lynne <dev@lynne.ee>
+Date: Sat, 8 Feb 2025 04:35:31 +0100
+Subject: [PATCH] aacenc_tns: clamp filter direction energy measurement
+
+The issue is that:
+
+float en[2];
+...
+tns->n_filt[w] = is8 ? 1 : order != TNS_MAX_ORDER ? 2 : 3;
+for (g = 0; g < tns->n_filt[w]; g++) {
+ tns->direction[w][g] = slant != 2 ? slant : en[g] < en[!g];
+
+When using the AAC Main profile, n_filt = 3, and slant is by
+default 2 (normal long frames), g can go above 1.
+
+en is the evolution of energy in the frequency domain for every
+band at the given window. E.g. whether the energy is concentrated
+at the top of each band, or the bottom.
+
+For 2-pole filters, its straightforward.
+For 3-pole filters, we need more than 2 measurements.
+
+This commit properly implements support for 3-pole filters, by measuring
+the band energy across three areas.
+
+Do note that even xHE-AAC caps n_filt to 2, and only AAC Main allows
+n_filt == 3.
+
+Fixes https://trac.ffmpeg.org/ticket/11418
+
+CVE: CVE-2025-1594
+
+Upstream-Status: Backport [https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/bedfb6eca402037f5cbb115fa767d106b8c14f1c]
+
+Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
+---
+ libavcodec/aacenc_tns.c | 33 ++++++++++++++++++++++++---------
+ 1 file changed, 24 insertions(+), 9 deletions(-)
+
+diff --git a/libavcodec/aacenc_tns.c b/libavcodec/aacenc_tns.c
+index 8dc6dfc..9ea3506 100644
+--- a/libavcodec/aacenc_tns.c
++++ b/libavcodec/aacenc_tns.c
+@@ -172,6 +172,7 @@ void ff_aac_search_for_tns(AACEncContext *s, SingleChannelElement *sce)
+ sce->ics.window_sequence[0] == LONG_START_SEQUENCE ? 0 : 2;
+ const int sfb_len = sfb_end - sfb_start;
+ const int coef_len = sce->ics.swb_offset[sfb_end] - sce->ics.swb_offset[sfb_start];
++ const int n_filt = is8 ? 1 : order != TNS_MAX_ORDER ? 2 : 3;
+
+ if (coef_len <= 0 || sfb_len <= 0) {
+ sce->tns.present = 0;
+@@ -179,16 +180,30 @@ void ff_aac_search_for_tns(AACEncContext *s, SingleChannelElement *sce)
+ }
+
+ for (w = 0; w < sce->ics.num_windows; w++) {
+- float en[2] = {0.0f, 0.0f};
++ float en[4] = {0.0f, 0.0f, 0.0f, 0.0f};
+ int oc_start = 0, os_start = 0;
+ int coef_start = sce->ics.swb_offset[sfb_start];
+
+- for (g = sfb_start; g < sce->ics.num_swb && g <= sfb_end; g++) {
+- FFPsyBand *band = &s->psy.ch[s->cur_channel].psy_bands[w*16+g];
+- if (g > sfb_start + (sfb_len/2))
+- en[1] += band->energy;
+- else
+- en[0] += band->energy;
++ if (n_filt == 2) {
++ for (g = sfb_start; g < sce->ics.num_swb && g <= sfb_end; g++) {
++ FFPsyBand *band = &s->psy.ch[s->cur_channel].psy_bands[w*16+g];
++ if (g > sfb_start + (sfb_len/2))
++ en[1] += band->energy; /* End */
++ else
++ en[0] += band->energy; /* Start */
++ }
++ en[2] = en[0];
++ } else {
++ for (g = sfb_start; g < sce->ics.num_swb && g <= sfb_end; g++) {
++ FFPsyBand *band = &s->psy.ch[s->cur_channel].psy_bands[w*16+g];
++ if (g > sfb_start + (sfb_len/2) + (sfb_len/4))
++ en[2] += band->energy; /* End */
++ else if (g > sfb_start + (sfb_len/2) - (sfb_len/4))
++ en[1] += band->energy; /* Middle */
++ else
++ en[0] += band->energy; /* Start */
++ }
++ en[3] = en[0];
+ }
+
+ /* LPC */
+@@ -198,9 +213,9 @@ void ff_aac_search_for_tns(AACEncContext *s, SingleChannelElement *sce)
+ if (!order || !isfinite(gain) || gain < TNS_GAIN_THRESHOLD_LOW || gain > TNS_GAIN_THRESHOLD_HIGH)
+ continue;
+
+- tns->n_filt[w] = is8 ? 1 : order != TNS_MAX_ORDER ? 2 : 3;
++ tns->n_filt[w] = n_filt;
+ for (g = 0; g < tns->n_filt[w]; g++) {
+- tns->direction[w][g] = slant != 2 ? slant : en[g] < en[!g];
++ tns->direction[w][g] = slant != 2 ? slant : en[g] < en[g + 1];
+ tns->order[w][g] = g < tns->n_filt[w] ? order/tns->n_filt[w] : order - oc_start;
+ tns->length[w][g] = g < tns->n_filt[w] ? sfb_len/tns->n_filt[w] : sfb_len - os_start;
+ quantize_coefs(&coefs[oc_start], tns->coef_idx[w][g], tns->coef[w][g],
+--
+2.40.0
+
diff --git a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
index c0112757f0..dbd0a3f270 100644
--- a/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
+++ b/meta/recipes-multimedia/ffmpeg/ffmpeg_6.1.3.bb
@@ -34,6 +34,7 @@ SRC_URI = " \
file://CVE-2024-35369.patch \
file://CVE-2025-25473.patch \
file://CVE-2025-22921.patch \
+ file://CVE-2025-1594.patch \
"
SRC_URI[sha256sum] = "bc5f1e4a4d283a6492354684ee1124129c52293bcfc6a9169193539fbece3487"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 05/33] go: fix CVE-2025-47907
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (3 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 04/33] ffmpeg: fix CVE-2025-1594 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 06/33] ncurses: Pin to C17 standard Steve Sakoman
` (27 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Praveen Kumar <praveen.kumar@windriver.com>
Cancelling a query (e.g. by cancelling the context passed to one of
the query methods) during a call to the Scan method of the returned
Rows can result in unexpected results if other queries are being made
in parallel. This can result in a race condition that may overwrite
the expected results with those of another query, causing the call to
Scan to return either unexpected results from the other query or an
error.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47907
Upstream-patch:
https://github.com/golang/go/commit/8a924caaf348fdc366bab906424616b2974ad4e9
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-1.22.12.inc | 2 +
.../go/go/CVE-2025-47907-pre.patch | 233 +++++++++++++
.../go/go/CVE-2025-47907.patch | 328 ++++++++++++++++++
3 files changed, 563 insertions(+)
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47907-pre.patch
create mode 100644 meta/recipes-devtools/go/go/CVE-2025-47907.patch
diff --git a/meta/recipes-devtools/go/go-1.22.12.inc b/meta/recipes-devtools/go/go-1.22.12.inc
index 12d7539017..d0ce333117 100644
--- a/meta/recipes-devtools/go/go-1.22.12.inc
+++ b/meta/recipes-devtools/go/go-1.22.12.inc
@@ -18,6 +18,8 @@ SRC_URI += "\
file://CVE-2025-22871.patch \
file://CVE-2025-4673.patch \
file://CVE-2025-4674.patch \
+ file://CVE-2025-47907-pre.patch \
+ file://CVE-2025-47907.patch \
"
SRC_URI[main.sha256sum] = "012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71"
diff --git a/meta/recipes-devtools/go/go/CVE-2025-47907-pre.patch b/meta/recipes-devtools/go/go/CVE-2025-47907-pre.patch
new file mode 100644
index 0000000000..dafa878e73
--- /dev/null
+++ b/meta/recipes-devtools/go/go/CVE-2025-47907-pre.patch
@@ -0,0 +1,233 @@
+From c23579f031ecd09bf37c644723b33736dffa8b92 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Tue, 23 Jan 2024 15:59:47 -0800
+Subject: [PATCH 1/2] database/sql: avoid clobbering driver-owned memory in
+ RawBytes
+
+Depending on the query, a RawBytes can contain memory owned by the
+driver or by database/sql:
+
+If the driver provides the column as a []byte,
+RawBytes aliases that []byte.
+
+If the driver provides the column as any other type,
+RawBytes contains memory allocated by database/sql.
+Prior to this CL, Rows.Scan will reuse existing capacity in a
+RawBytes to permit a single allocation to be reused across rows.
+
+When a RawBytes is reused across queries, this can result
+in database/sql writing to driver-owned memory.
+
+Add a buffer to Rows to store RawBytes data, and reuse this
+buffer across calls to Rows.Scan.
+
+Fixes #65201
+
+Change-Id: Iac640174c7afa97eeb39496f47dec202501b2483
+Reviewed-on: https://go-review.googlesource.com/c/go/+/557917
+Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
+Reviewed-by: Roland Shoemaker <roland@golang.org>
+LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
+
+CVE: CVE-2025-47907
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/c23579f031ecd09bf37c644723b33736dffa8b92]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ src/database/sql/convert.go | 8 +++---
+ src/database/sql/convert_test.go | 12 ++++++--
+ src/database/sql/sql.go | 34 +++++++++++++++++++++++
+ src/database/sql/sql_test.go | 47 ++++++++++++++++++++++++++++++++
+ 4 files changed, 94 insertions(+), 7 deletions(-)
+
+diff --git a/src/database/sql/convert.go b/src/database/sql/convert.go
+index cca5d15..999b8f1 100644
+--- a/src/database/sql/convert.go
++++ b/src/database/sql/convert.go
+@@ -237,7 +237,7 @@ func convertAssignRows(dest, src any, rows *Rows) error {
+ if d == nil {
+ return errNilPtr
+ }
+- *d = append((*d)[:0], s...)
++ *d = rows.setrawbuf(append(rows.rawbuf(), s...))
+ return nil
+ }
+ case []byte:
+@@ -285,7 +285,7 @@ func convertAssignRows(dest, src any, rows *Rows) error {
+ if d == nil {
+ return errNilPtr
+ }
+- *d = s.AppendFormat((*d)[:0], time.RFC3339Nano)
++ *d = rows.setrawbuf(s.AppendFormat(rows.rawbuf(), time.RFC3339Nano))
+ return nil
+ }
+ case decimalDecompose:
+@@ -366,8 +366,8 @@ func convertAssignRows(dest, src any, rows *Rows) error {
+ }
+ case *RawBytes:
+ sv = reflect.ValueOf(src)
+- if b, ok := asBytes([]byte(*d)[:0], sv); ok {
+- *d = RawBytes(b)
++ if b, ok := asBytes(rows.rawbuf(), sv); ok {
++ *d = rows.setrawbuf(b)
+ return nil
+ }
+ case *bool:
+diff --git a/src/database/sql/convert_test.go b/src/database/sql/convert_test.go
+index 6d09fa1..f94db8e 100644
+--- a/src/database/sql/convert_test.go
++++ b/src/database/sql/convert_test.go
+@@ -354,9 +354,10 @@ func TestRawBytesAllocs(t *testing.T) {
+ {"time", time.Unix(2, 5).UTC(), "1970-01-01T00:00:02.000000005Z"},
+ }
+
+- buf := make(RawBytes, 10)
++ var buf RawBytes
++ rows := &Rows{}
+ test := func(name string, in any, want string) {
+- if err := convertAssign(&buf, in); err != nil {
++ if err := convertAssignRows(&buf, in, rows); err != nil {
+ t.Fatalf("%s: convertAssign = %v", name, err)
+ }
+ match := len(buf) == len(want)
+@@ -375,6 +376,7 @@ func TestRawBytesAllocs(t *testing.T) {
+
+ n := testing.AllocsPerRun(100, func() {
+ for _, tt := range tests {
++ rows.raw = rows.raw[:0]
+ test(tt.name, tt.in, tt.want)
+ }
+ })
+@@ -383,7 +385,11 @@ func TestRawBytesAllocs(t *testing.T) {
+ // and gc. With 32-bit words there are more convT2E allocs, and
+ // with gccgo, only pointers currently go in interface data.
+ // So only care on amd64 gc for now.
+- measureAllocs := runtime.GOARCH == "amd64" && runtime.Compiler == "gc"
++ measureAllocs := false
++ switch runtime.GOARCH {
++ case "amd64", "arm64":
++ measureAllocs = runtime.Compiler == "gc"
++ }
+
+ if n > 0.5 && measureAllocs {
+ t.Fatalf("allocs = %v; want 0", n)
+diff --git a/src/database/sql/sql.go b/src/database/sql/sql.go
+index 4f1197d..da0f52c 100644
+--- a/src/database/sql/sql.go
++++ b/src/database/sql/sql.go
+@@ -2936,6 +2936,13 @@ type Rows struct {
+ // not to be called concurrently.
+ lastcols []driver.Value
+
++ // raw is a buffer for RawBytes that persists between Scan calls.
++ // This is used when the driver returns a mismatched type that requires
++ // a cloning allocation. For example, if the driver returns a *string and
++ // the user is scanning into a *RawBytes, we need to copy the string.
++ // The raw buffer here lets us reuse the memory for that copy across Scan calls.
++ raw []byte
++
+ // closemuScanHold is whether the previous call to Scan kept closemu RLock'ed
+ // without unlocking it. It does that when the user passes a *RawBytes scan
+ // target. In that case, we need to prevent awaitDone from closing the Rows
+@@ -3130,6 +3137,32 @@ func (rs *Rows) Err() error {
+ return rs.lasterrOrErrLocked(nil)
+ }
+
++// rawbuf returns the buffer to append RawBytes values to.
++// This buffer is reused across calls to Rows.Scan.
++//
++// Usage:
++//
++// rawBytes = rows.setrawbuf(append(rows.rawbuf(), value...))
++func (rs *Rows) rawbuf() []byte {
++ if rs == nil {
++ // convertAssignRows can take a nil *Rows; for simplicity handle it here
++ return nil
++ }
++ return rs.raw
++}
++
++// setrawbuf updates the RawBytes buffer with the result of appending a new value to it.
++// It returns the new value.
++func (rs *Rows) setrawbuf(b []byte) RawBytes {
++ if rs == nil {
++ // convertAssignRows can take a nil *Rows; for simplicity handle it here
++ return RawBytes(b)
++ }
++ off := len(rs.raw)
++ rs.raw = b
++ return RawBytes(rs.raw[off:])
++}
++
+ var errRowsClosed = errors.New("sql: Rows are closed")
+ var errNoRows = errors.New("sql: no Rows available")
+
+@@ -3337,6 +3370,7 @@ func (rs *Rows) Scan(dest ...any) error {
+
+ if scanArgsContainRawBytes(dest) {
+ rs.closemuScanHold = true
++ rs.raw = rs.raw[:0]
+ } else {
+ rs.closemu.RUnlock()
+ }
+diff --git a/src/database/sql/sql_test.go b/src/database/sql/sql_test.go
+index c38a348..c3b4822 100644
+--- a/src/database/sql/sql_test.go
++++ b/src/database/sql/sql_test.go
+@@ -4531,6 +4531,53 @@ func TestNilErrorAfterClose(t *testing.T) {
+ }
+ }
+
++// Issue #65201.
++//
++// If a RawBytes is reused across multiple queries,
++// subsequent queries shouldn't overwrite driver-owned memory from previous queries.
++func TestRawBytesReuse(t *testing.T) {
++ db := newTestDB(t, "people")
++ defer closeDB(t, db)
++
++ if _, err := db.Exec("USE_RAWBYTES"); err != nil {
++ t.Fatal(err)
++ }
++
++ var raw RawBytes
++
++ // The RawBytes in this query aliases driver-owned memory.
++ rows, err := db.Query("SELECT|people|name|")
++ if err != nil {
++ t.Fatal(err)
++ }
++ rows.Next()
++ rows.Scan(&raw) // now raw is pointing to driver-owned memory
++ name1 := string(raw)
++ rows.Close()
++
++ // The RawBytes in this query does not alias driver-owned memory.
++ rows, err = db.Query("SELECT|people|age|")
++ if err != nil {
++ t.Fatal(err)
++ }
++ rows.Next()
++ rows.Scan(&raw) // this must not write to the driver-owned memory in raw
++ rows.Close()
++
++ // Repeat the first query. Nothing should have changed.
++ rows, err = db.Query("SELECT|people|name|")
++ if err != nil {
++ t.Fatal(err)
++ }
++ rows.Next()
++ rows.Scan(&raw) // raw points to driver-owned memory again
++ name2 := string(raw)
++ rows.Close()
++ if name1 != name2 {
++ t.Fatalf("Scan read name %q, want %q", name2, name1)
++ }
++}
++
+ // badConn implements a bad driver.Conn, for TestBadDriver.
+ // The Exec method panics.
+ type badConn struct{}
+--
+2.40.0
diff --git a/meta/recipes-devtools/go/go/CVE-2025-47907.patch b/meta/recipes-devtools/go/go/CVE-2025-47907.patch
new file mode 100644
index 0000000000..a556c3dd68
--- /dev/null
+++ b/meta/recipes-devtools/go/go/CVE-2025-47907.patch
@@ -0,0 +1,328 @@
+From 8a924caaf348fdc366bab906424616b2974ad4e9 Mon Sep 17 00:00:00 2001
+From: Damien Neil <dneil@google.com>
+Date: Wed, 23 Jul 2025 14:26:54 -0700
+Subject: [PATCH 2/2] database/sql: avoid closing Rows while scan is in
+ progress
+
+A database/sql/driver.Rows can return database-owned data
+from Rows.Next. The driver.Rows documentation doesn't explicitly
+document the lifetime guarantees for this data, but a reasonable
+expectation is that the caller of Next should only access it
+until the next call to Rows.Close or Rows.Next.
+
+Avoid violating that constraint when a query is cancelled while
+a call to database/sql.Rows.Scan (note the difference between
+the two different Rows types!) is in progress. We previously
+took care to avoid closing a driver.Rows while the user has
+access to driver-owned memory via a RawData, but we could still
+close a driver.Rows while a Scan call was in the process of
+reading previously-returned driver-owned data.
+
+Update the fake DB used in database/sql tests to invalidate
+returned data to help catch other places we might be
+incorrectly retaining it.
+
+Updates #74831
+Fixes #74832
+
+Change-Id: Ice45b5fad51b679c38e3e1d21ef39156b56d6037
+Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2540
+Reviewed-by: Roland Shoemaker <bracewell@google.com>
+Reviewed-by: Neal Patel <nealpatel@google.com>
+Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/2601
+Reviewed-on: https://go-review.googlesource.com/c/go/+/693558
+TryBot-Bypass: Dmitri Shuralyov <dmitshur@golang.org>
+Reviewed-by: Mark Freeman <markfreeman@google.com>
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Auto-Submit: Dmitri Shuralyov <dmitshur@google.com>
+
+CVE: CVE-2025-47907
+
+Upstream-Status: Backport [https://github.com/golang/go/commit/8a924caaf348fdc366bab906424616b2974ad4e9]
+
+Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
+---
+ src/database/sql/convert.go | 2 --
+ src/database/sql/fakedb_test.go | 47 ++++++++++++--------------
+ src/database/sql/sql.go | 26 ++++++--------
+ src/database/sql/sql_test.go | 60 ++++++++++++++++++++++++++++++---
+ 4 files changed, 89 insertions(+), 46 deletions(-)
+
+diff --git a/src/database/sql/convert.go b/src/database/sql/convert.go
+index 999b8f1..2869a3b 100644
+--- a/src/database/sql/convert.go
++++ b/src/database/sql/convert.go
+@@ -324,7 +324,6 @@ func convertAssignRows(dest, src any, rows *Rows) error {
+ if rows == nil {
+ return errors.New("invalid context to convert cursor rows, missing parent *Rows")
+ }
+- rows.closemu.Lock()
+ *d = Rows{
+ dc: rows.dc,
+ releaseConn: func(error) {},
+@@ -340,7 +339,6 @@ func convertAssignRows(dest, src any, rows *Rows) error {
+ parentCancel()
+ }
+ }
+- rows.closemu.Unlock()
+ return nil
+ }
+ }
+diff --git a/src/database/sql/fakedb_test.go b/src/database/sql/fakedb_test.go
+index c6c3172..95c0fa3 100644
+--- a/src/database/sql/fakedb_test.go
++++ b/src/database/sql/fakedb_test.go
+@@ -5,6 +5,7 @@
+ package sql
+
+ import (
++ "bytes"
+ "context"
+ "database/sql/driver"
+ "errors"
+@@ -15,7 +16,6 @@ import (
+ "strconv"
+ "strings"
+ "sync"
+- "sync/atomic"
+ "testing"
+ "time"
+ )
+@@ -91,8 +91,6 @@ func (cc *fakeDriverCtx) OpenConnector(name string) (driver.Connector, error) {
+ type fakeDB struct {
+ name string
+
+- useRawBytes atomic.Bool
+-
+ mu sync.Mutex
+ tables map[string]*table
+ badConn bool
+@@ -700,8 +698,6 @@ func (c *fakeConn) PrepareContext(ctx context.Context, query string) (driver.Stm
+ switch cmd {
+ case "WIPE":
+ // Nothing
+- case "USE_RAWBYTES":
+- c.db.useRawBytes.Store(true)
+ case "SELECT":
+ stmt, err = c.prepareSelect(stmt, parts)
+ case "CREATE":
+@@ -805,9 +801,6 @@ func (s *fakeStmt) ExecContext(ctx context.Context, args []driver.NamedValue) (d
+ case "WIPE":
+ db.wipe()
+ return driver.ResultNoRows, nil
+- case "USE_RAWBYTES":
+- s.c.db.useRawBytes.Store(true)
+- return driver.ResultNoRows, nil
+ case "CREATE":
+ if err := db.createTable(s.table, s.colName, s.colType); err != nil {
+ return nil, err
+@@ -1090,10 +1083,9 @@ type rowsCursor struct {
+ errPos int
+ err error
+
+- // a clone of slices to give out to clients, indexed by the
+- // original slice's first byte address. we clone them
+- // just so we're able to corrupt them on close.
+- bytesClone map[*byte][]byte
++ // Data returned to clients.
++ // We clone and stash it here so it can be invalidated by Close and Next.
++ driverOwnedMemory [][]byte
+
+ // Every operation writes to line to enable the race detector
+ // check for data races.
+@@ -1110,9 +1102,19 @@ func (rc *rowsCursor) touchMem() {
+ rc.line++
+ }
+
++func (rc *rowsCursor) invalidateDriverOwnedMemory() {
++ for _, buf := range rc.driverOwnedMemory {
++ for i := range buf {
++ buf[i] = 'x'
++ }
++ }
++ rc.driverOwnedMemory = nil
++}
++
+ func (rc *rowsCursor) Close() error {
+ rc.touchMem()
+ rc.parentMem.touchMem()
++ rc.invalidateDriverOwnedMemory()
+ rc.closed = true
+ return rc.closeErr
+ }
+@@ -1143,6 +1145,8 @@ func (rc *rowsCursor) Next(dest []driver.Value) error {
+ if rc.posRow >= len(rc.rows[rc.posSet]) {
+ return io.EOF // per interface spec
+ }
++ // Corrupt any previously returned bytes.
++ rc.invalidateDriverOwnedMemory()
+ for i, v := range rc.rows[rc.posSet][rc.posRow].cols {
+ // TODO(bradfitz): convert to subset types? naah, I
+ // think the subset types should only be input to
+@@ -1150,20 +1154,13 @@ func (rc *rowsCursor) Next(dest []driver.Value) error {
+ // a wider range of types coming out of drivers. all
+ // for ease of drivers, and to prevent drivers from
+ // messing up conversions or doing them differently.
+- dest[i] = v
+-
+- if bs, ok := v.([]byte); ok && !rc.db.useRawBytes.Load() {
+- if rc.bytesClone == nil {
+- rc.bytesClone = make(map[*byte][]byte)
+- }
+- clone, ok := rc.bytesClone[&bs[0]]
+- if !ok {
+- clone = make([]byte, len(bs))
+- copy(clone, bs)
+- rc.bytesClone[&bs[0]] = clone
+- }
+- dest[i] = clone
++ if bs, ok := v.([]byte); ok {
++ // Clone []bytes and stash for later invalidation.
++ bs = bytes.Clone(bs)
++ rc.driverOwnedMemory = append(rc.driverOwnedMemory, bs)
++ v = bs
+ }
++ dest[i] = v
+ }
+ return nil
+ }
+diff --git a/src/database/sql/sql.go b/src/database/sql/sql.go
+index da0f52c..41130d9 100644
+--- a/src/database/sql/sql.go
++++ b/src/database/sql/sql.go
+@@ -3357,37 +3357,33 @@ func (rs *Rows) Scan(dest ...any) error {
+ return fmt.Errorf("sql: Scan called without calling Next (closemuScanHold)")
+ }
+ rs.closemu.RLock()
+-
+- if rs.lasterr != nil && rs.lasterr != io.EOF {
++ rs.raw = rs.raw[:0]
++ err := rs.scanLocked(dest...)
++ if err == nil && scanArgsContainRawBytes(dest) {
++ rs.closemuScanHold = true
++ } else {
+ rs.closemu.RUnlock()
++ }
++ return err
++}
++func (rs *Rows) scanLocked(dest ...any) error {
++ if rs.lasterr != nil && rs.lasterr != io.EOF {
+ return rs.lasterr
+ }
+ if rs.closed {
+- err := rs.lasterrOrErrLocked(errRowsClosed)
+- rs.closemu.RUnlock()
+- return err
+- }
+-
+- if scanArgsContainRawBytes(dest) {
+- rs.closemuScanHold = true
+- rs.raw = rs.raw[:0]
+- } else {
+- rs.closemu.RUnlock()
++ return rs.lasterrOrErrLocked(errRowsClosed)
+ }
+
+ if rs.lastcols == nil {
+- rs.closemuRUnlockIfHeldByScan()
+ return errors.New("sql: Scan called without calling Next")
+ }
+ if len(dest) != len(rs.lastcols) {
+- rs.closemuRUnlockIfHeldByScan()
+ return fmt.Errorf("sql: expected %d destination arguments in Scan, not %d", len(rs.lastcols), len(dest))
+ }
+
+ for i, sv := range rs.lastcols {
+ err := convertAssignRows(dest[i], sv, rs)
+ if err != nil {
+- rs.closemuRUnlockIfHeldByScan()
+ return fmt.Errorf(`sql: Scan error on column index %d, name %q: %w`, i, rs.rowsi.Columns()[i], err)
+ }
+ }
+diff --git a/src/database/sql/sql_test.go b/src/database/sql/sql_test.go
+index c3b4822..ee65b1b 100644
+--- a/src/database/sql/sql_test.go
++++ b/src/database/sql/sql_test.go
+@@ -5,6 +5,7 @@
+ package sql
+
+ import (
++ "bytes"
+ "context"
+ "database/sql/driver"
+ "errors"
+@@ -4411,10 +4412,6 @@ func testContextCancelDuringRawBytesScan(t *testing.T, mode string) {
+ db := newTestDB(t, "people")
+ defer closeDB(t, db)
+
+- if _, err := db.Exec("USE_RAWBYTES"); err != nil {
+- t.Fatal(err)
+- }
+-
+ // cancel used to call close asynchronously.
+ // This test checks that it waits so as not to interfere with RawBytes.
+ ctx, cancel := context.WithCancel(context.Background())
+@@ -4506,6 +4503,61 @@ func TestContextCancelBetweenNextAndErr(t *testing.T) {
+ }
+ }
+
++type testScanner struct {
++ scanf func(src any) error
++}
++
++func (ts testScanner) Scan(src any) error { return ts.scanf(src) }
++
++func TestContextCancelDuringScan(t *testing.T) {
++ db := newTestDB(t, "people")
++ defer closeDB(t, db)
++
++ ctx, cancel := context.WithCancel(context.Background())
++ defer cancel()
++
++ scanStart := make(chan any)
++ scanEnd := make(chan error)
++ scanner := &testScanner{
++ scanf: func(src any) error {
++ scanStart <- src
++ return <-scanEnd
++ },
++ }
++
++ // Start a query, and pause it mid-scan.
++ want := []byte("Alice")
++ r, err := db.QueryContext(ctx, "SELECT|people|name|name=?", string(want))
++ if err != nil {
++ t.Fatal(err)
++ }
++ if !r.Next() {
++ t.Fatalf("r.Next() = false, want true")
++ }
++ go func() {
++ r.Scan(scanner)
++ }()
++ got := <-scanStart
++ defer close(scanEnd)
++ gotBytes, ok := got.([]byte)
++ if !ok {
++ t.Fatalf("r.Scan returned %T, want []byte", got)
++ }
++ if !bytes.Equal(gotBytes, want) {
++ t.Fatalf("before cancel: r.Scan returned %q, want %q", gotBytes, want)
++ }
++
++ // Cancel the query.
++ // Sleep to give it a chance to finish canceling.
++ cancel()
++ time.Sleep(10 * time.Millisecond)
++
++ // Cancelling the query should not have changed the result.
++ if !bytes.Equal(gotBytes, want) {
++ t.Fatalf("after cancel: r.Scan result is now %q, want %q", gotBytes, want)
++ }
++}
++
+ func TestNilErrorAfterClose(t *testing.T) {
+ db := newTestDB(t, "people")
+ defer closeDB(t, db)
+--
+2.40.0
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 06/33] ncurses: Pin to C17 standard
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (4 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 05/33] go: fix CVE-2025-47907 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 07/33] qemu: set status of CVE-2024-7730 to fixed Steve Sakoman
` (26 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Newer snapshots of ncurses have the fixes but they are many needed to get
C23 going. Until next release lets stick with C17 even while GCC 15 switches
to C23 defaults.
For scarthgap also add it in BUILD_CFLAGS.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-core/ncurses/ncurses.inc | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc
index 3b72f3efdd..5ef735fcf8 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -30,6 +30,10 @@ ENABLE_WIDEC ?= "true"
# _GNU_SOURCE is required for widec stuff and is not detected automatically
CPPFLAGS += "-D_GNU_SOURCE"
+# Check if we still need it when next release (6.6) happens
+CFLAGS += "-std=gnu17"
+BUILD_CFLAGS += "-std=gnu17"
+
# natives don't generally look in base_libdir
base_libdir:class-native = "${libdir}"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 07/33] qemu: set status of CVE-2024-7730 to fixed
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (5 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 06/33] ncurses: Pin to C17 standard Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 08/33] go-binary-native: ignore CVE-2025-0913 Steve Sakoman
` (25 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
This was backported to v8.2.7 and also it is mentioned in commit
upgrading qemu in oe-core.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/qemu/qemu.inc | 2 ++
1 file changed, 2 insertions(+)
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index 38ed637b93..220f0a161c 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -84,6 +84,8 @@ CVE_STATUS[CVE-2024-6505] = "fixed-version: this CVE is fixed since 9.1.0"
CVE_STATUS[CVE-2023-1386] = "disputed: not an issue as per https://bugzilla.redhat.com/show_bug.cgi?id=2223985"
+CVE_STATUS[CVE-2024-7730] = "fixed-version: this is fixed in v8.2.7"
+
COMPATIBLE_HOST:mipsarchn32 = "null"
COMPATIBLE_HOST:mipsarchn64 = "null"
COMPATIBLE_HOST:riscv32 = "null"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 08/33] go-binary-native: ignore CVE-2025-0913
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (6 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 07/33] qemu: set status of CVE-2024-7730 to fixed Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 09/33] glib-2.0: patch CVE-2025-7039 Steve Sakoman
` (24 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
This was already done for all other go recipes.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/go/go-binary-native_1.22.12.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/go/go-binary-native_1.22.12.bb b/meta/recipes-devtools/go/go-binary-native_1.22.12.bb
index b15b60a691..7688a090f4 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.22.12.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.22.12.bb
@@ -18,6 +18,7 @@ UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
CVE_PRODUCT = "golang:go"
CVE_STATUS[CVE-2024-3566] = "not-applicable-platform: Issue only applies on Windows"
+CVE_STATUS[CVE-2025-0913] = "not-applicable-platform: Issue only applies on Windows"
S = "${WORKDIR}/go"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 09/33] glib-2.0: patch CVE-2025-7039
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (7 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 08/33] go-binary-native: ignore CVE-2025-0913 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 10/33] glib-2.0: patch CVE-2025-6052 Steve Sakoman
` (23 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Pick commit per [1].
[1] https://security-tracker.debian.org/tracker/CVE-2025-7039
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../glib-2.0/glib-2.0/CVE-2025-7039.patch | 43 +++++++++++++++++++
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 1 +
2 files changed, 44 insertions(+)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-7039.patch
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-7039.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-7039.patch
new file mode 100644
index 0000000000..6e03700880
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-7039.patch
@@ -0,0 +1,43 @@
+From 61e963284889ddb4544e6f1d5261c16120f6fcc3 Mon Sep 17 00:00:00 2001
+From: Michael Catanzaro <mcatanzaro@redhat.com>
+Date: Tue, 1 Jul 2025 10:58:07 -0500
+Subject: [PATCH] gfileutils: fix computation of temporary file name
+
+We need to ensure that the value we use to index into the letters array
+is always positive.
+
+Fixes #3716
+
+CVE: CVE-2025-7039
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/61e963284889ddb4544e6f1d5261c16120f6fcc3]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ glib/gfileutils.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gfileutils.c b/glib/gfileutils.c
+index c7d3339d1..286b1b154 100644
+--- a/glib/gfileutils.c
++++ b/glib/gfileutils.c
+@@ -1532,9 +1532,9 @@ get_tmp_file (gchar *tmpl,
+ static const char letters[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
+ static const int NLETTERS = sizeof (letters) - 1;
+- gint64 value;
+- gint64 now_us;
+- static int counter = 0;
++ guint64 value;
++ guint64 now_us;
++ static guint counter = 0;
+
+ g_return_val_if_fail (tmpl != NULL, -1);
+
+@@ -1553,7 +1553,7 @@ get_tmp_file (gchar *tmpl,
+
+ for (count = 0; count < 100; value += 7777, ++count)
+ {
+- gint64 v = value;
++ guint64 v = value;
+
+ /* Fill in the random bits. */
+ XXXXXX[0] = letters[v % NLETTERS];
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
index 53e0543045..c129be1328 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
@@ -29,6 +29,7 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://CVE-2025-3360-06.patch \
file://CVE-2025-4373-01.patch \
file://CVE-2025-4373-02.patch \
+ file://CVE-2025-7039.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch \
file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 10/33] glib-2.0: patch CVE-2025-6052
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (8 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 09/33] glib-2.0: patch CVE-2025-7039 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 11/33] dpkg: patch CVE-2025-6297 Steve Sakoman
` (22 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Pick commit per [1].
Also pick commits from [2] which is referencing this CVE as the original
fix was not complete.
[1] https://security-tracker.debian.org/tracker/CVE-2025-6052
[2] https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4681
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../glib-2.0/glib-2.0/CVE-2025-6052-01.patch | 69 +++++++++++++
.../glib-2.0/glib-2.0/CVE-2025-6052-02.patch | 97 +++++++++++++++++++
.../glib-2.0/glib-2.0/CVE-2025-6052-03.patch | 35 +++++++
meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb | 3 +
4 files changed, 204 insertions(+)
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-01.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-02.patch
create mode 100644 meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-03.patch
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-01.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-01.patch
new file mode 100644
index 0000000000..1bfe31131c
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-01.patch
@@ -0,0 +1,69 @@
+From 987309f23ada52592bffdb5db0d8a5d58bd8097b Mon Sep 17 00:00:00 2001
+From: Philip Withnall <pwithnall@gnome.org>
+Date: Tue, 3 Jun 2025 11:31:04 +0100
+Subject: [PATCH] gstring: Fix overflow check when expanding the string
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+After commit 34b7992fd6e3894bf6d2229b8aa59cac34bcb1b5 the overflow check
+was only done when expanding the string, but we need to do it before
+checking whether to expand the string, otherwise that calculation could
+overflow and falsely decide that the string is big enough already.
+
+As a concrete example, consider a `GString` which has:
+ * `.len = G_MAXSIZE / 2 + 1`
+ * `.allocated_len = G_MAXSIZE / 2 + 1`
+and `g_string_append()` is called on it with an input string of length
+`G_MAXSIZE / 2`.
+
+This results in a call `g_string_maybe_expand (string, G_MAXSIZE / 2)`,
+which calculates `string->len + len` as `(G_MAXSIZE / 2 + 1) +
+(G_MAXSIZE / 2)` which evaluates to `1` as it overflows. This is not
+greater than `string->allocated_len` (which is `G_MAXSIZE / 2 + 1`), so
+`g_string_expand()` is *not* called, and `g_string_maybe_expand()`
+returns successfully. The caller then assumes that there’s enough space
+in the buffer, and happily continues to cause a buffer overflow.
+
+It’s unlikely anyone could hit this in practice because it requires
+ludicrously big strings and `GString` allocations, which likely would
+have been blocked by other code, but if we’re going to have the overflow
+checks in `GString` then they should be effective.
+
+Spotted by code inspection.
+
+Signed-off-by: Philip Withnall <pwithnall@gnome.org>
+
+CVE: CVE-2025-6052
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/987309f23ada52592bffdb5db0d8a5d58bd8097b]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ glib/gstring.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/glib/gstring.c b/glib/gstring.c
+index 2a399ee21..8a489ca0d 100644
+--- a/glib/gstring.c
++++ b/glib/gstring.c
+@@ -78,10 +78,6 @@ static void
+ g_string_expand (GString *string,
+ gsize len)
+ {
+- /* Detect potential overflow */
+- if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len)
+- g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len);
+-
+ string->allocated_len = g_nearest_pow (string->len + len + 1);
+ /* If the new size is bigger than G_MAXSIZE / 2, only allocate enough
+ * memory for this string and don't over-allocate.
+@@ -96,6 +92,10 @@ static inline void
+ g_string_maybe_expand (GString *string,
+ gsize len)
+ {
++ /* Detect potential overflow */
++ if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len)
++ g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len);
++
+ if (G_UNLIKELY (string->len + len >= string->allocated_len))
+ g_string_expand (string, len);
+ }
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-02.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-02.patch
new file mode 100644
index 0000000000..a28425a4ff
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-02.patch
@@ -0,0 +1,97 @@
+From 6aa97beda32bb337370858862f4efe2f3372619f Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Mon, 7 Jul 2025 20:52:24 +0200
+Subject: [PATCH] gstring: Fix g_string_sized_new segmentation fault
+
+If glib is compiled with -Dglib_assert=false, i.e. no asserts
+enabled, then g_string_sized_new(G_MAXSIZE) leads to a segmentation
+fault due to an out of boundary write.
+
+This happens because the overflow check was moved into
+g_string_maybe_expand which is not called by g_string_sized_new.
+
+By assuming that string->allocated_len is always larger than
+string->len (and the code would be in huge trouble if that is not true),
+the G_UNLIKELY check in g_string_maybe_expand can be rephrased to
+avoid a potential G_MAXSIZE overflow.
+
+This in turn leads to 150-200 bytes smaller compiled library
+depending on gcc and clang versions, and one less check for the most
+common code paths.
+
+Reverts https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4655 and
+reorders internal g_string_maybe_expand check to still fix
+CVE-2025-6052.
+
+CVE: CVE-2025-6052
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/6aa97beda32bb337370858862f4efe2f3372619f]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ glib/gstring.c | 10 +++++-----
+ glib/tests/string.c | 18 ++++++++++++++++++
+ 2 files changed, 23 insertions(+), 5 deletions(-)
+
+diff --git a/glib/gstring.c b/glib/gstring.c
+index 010a8e976..24c4bfb40 100644
+--- a/glib/gstring.c
++++ b/glib/gstring.c
+@@ -78,6 +78,10 @@ static void
+ g_string_expand (GString *string,
+ gsize len)
+ {
++ /* Detect potential overflow */
++ if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len)
++ g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len);
++
+ string->allocated_len = g_nearest_pow (string->len + len + 1);
+ /* If the new size is bigger than G_MAXSIZE / 2, only allocate enough
+ * memory for this string and don't over-allocate.
+@@ -92,11 +96,7 @@ static inline void
+ g_string_maybe_expand (GString *string,
+ gsize len)
+ {
+- /* Detect potential overflow */
+- if G_UNLIKELY ((G_MAXSIZE - string->len - 1) < len)
+- g_error ("adding %" G_GSIZE_FORMAT " to string would overflow", len);
+-
+- if (G_UNLIKELY (string->len + len >= string->allocated_len))
++ if (G_UNLIKELY (len >= string->allocated_len - string->len))
+ g_string_expand (string, len);
+ }
+
+diff --git a/glib/tests/string.c b/glib/tests/string.c
+index aa363c57a..e3bc4a02e 100644
+--- a/glib/tests/string.c
++++ b/glib/tests/string.c
+@@ -743,6 +743,23 @@ test_string_new_take_null (void)
+ g_string_free (g_steal_pointer (&string), TRUE);
+ }
+
++static void
++test_string_sized_new (void)
++{
++
++ if (g_test_subprocess ())
++ {
++ GString *string = g_string_sized_new (G_MAXSIZE);
++ g_string_free (string, TRUE);
++ }
++ else
++ {
++ g_test_trap_subprocess (NULL, 0, G_TEST_SUBPROCESS_DEFAULT);
++ g_test_trap_assert_failed ();
++ g_test_trap_assert_stderr ("*string would overflow*");
++ }
++}
++
+ int
+ main (int argc,
+ char *argv[])
+@@ -772,6 +789,7 @@ main (int argc,
+ g_test_add_func ("/string/test-string-steal", test_string_steal);
+ g_test_add_func ("/string/test-string-new-take", test_string_new_take);
+ g_test_add_func ("/string/test-string-new-take/null", test_string_new_take_null);
++ g_test_add_func ("/string/sized-new", test_string_sized_new);
+
+ return g_test_run();
+ }
diff --git a/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-03.patch b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-03.patch
new file mode 100644
index 0000000000..3f6e564544
--- /dev/null
+++ b/meta/recipes-core/glib-2.0/glib-2.0/CVE-2025-6052-03.patch
@@ -0,0 +1,35 @@
+From 3752760c5091eaed561ec11636b069e529533514 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Mon, 7 Jul 2025 20:57:41 +0200
+Subject: [PATCH] gstring: Improve g_string_append_len_inline checks
+
+Use the same style for the G_LIKELY check here as in g_string_sized_new.
+The check could overflow on 32 bit systems.
+
+Also improve the memcpy/memmove check to use memcpy if val itself is
+adjacent to end + len_unsigned, which means that no overlapping exists.
+
+CVE: CVE-2025-6052
+Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/glib/-/commit/3752760c5091eaed561ec11636b069e529533514]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ glib/gstring.h | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/glib/gstring.h b/glib/gstring.h
+index e817176c9..c5e64b33a 100644
+--- a/glib/gstring.h
++++ b/glib/gstring.h
+@@ -228,10 +228,10 @@ g_string_append_len_inline (GString *gstring,
+ else
+ len_unsigned = (gsize) len;
+
+- if (G_LIKELY (gstring->len + len_unsigned < gstring->allocated_len))
++ if (G_LIKELY (len_unsigned < gstring->allocated_len - gstring->len))
+ {
+ char *end = gstring->str + gstring->len;
+- if (G_LIKELY (val + len_unsigned <= end || val > end + len_unsigned))
++ if (G_LIKELY (val + len_unsigned <= end || val >= end + len_unsigned))
+ memcpy (end, val, len_unsigned);
+ else
+ memmove (end, val, len_unsigned);
diff --git a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
index c129be1328..9f93655739 100644
--- a/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
+++ b/meta/recipes-core/glib-2.0/glib-2.0_2.78.6.bb
@@ -30,6 +30,9 @@ SRC_URI = "${GNOME_MIRROR}/glib/${SHRT_VER}/glib-${PV}.tar.xz \
file://CVE-2025-4373-01.patch \
file://CVE-2025-4373-02.patch \
file://CVE-2025-7039.patch \
+ file://CVE-2025-6052-01.patch \
+ file://CVE-2025-6052-02.patch \
+ file://CVE-2025-6052-03.patch \
"
SRC_URI:append:class-native = " file://relocate-modules.patch \
file://0001-meson.build-do-not-enable-pidfd-features-on-native-g.patch \
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 11/33] dpkg: patch CVE-2025-6297
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (9 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 10/33] glib-2.0: patch CVE-2025-6052 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 12/33] libarchive: patch regression of patch for CVE-2025-5918 Steve Sakoman
` (21 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Pick commit per [1] from 1.22.x branch.
[1] https://nvd.nist.gov/vuln/detail/CVE-2025-6297
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../dpkg/dpkg/CVE-2025-6297.patch | 125 ++++++++++++++++++
meta/recipes-devtools/dpkg/dpkg_1.22.0.bb | 1 +
2 files changed, 126 insertions(+)
create mode 100644 meta/recipes-devtools/dpkg/dpkg/CVE-2025-6297.patch
diff --git a/meta/recipes-devtools/dpkg/dpkg/CVE-2025-6297.patch b/meta/recipes-devtools/dpkg/dpkg/CVE-2025-6297.patch
new file mode 100644
index 0000000000..537f77643b
--- /dev/null
+++ b/meta/recipes-devtools/dpkg/dpkg/CVE-2025-6297.patch
@@ -0,0 +1,125 @@
+From 98c623c8d6814ae46a3b30ca22e584c77d47d86b Mon Sep 17 00:00:00 2001
+From: Guillem Jover <guillem@debian.org>
+Date: Sat, 7 Jun 2025 14:17:07 +0200
+Subject: [PATCH] dpkg-deb: Fix cleanup for control member with restricted
+ directories
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+When extracting a control member into a temporary directory, which is
+documented as being a safe operation even on untrusted data, the code
+in charge of the temporary directory cleanup does not sanitize the
+directory permissions, which is then unable to perform the «rm -rf»
+when running as a non-root user, leaving temporary files behind.
+
+Given automated and repeated execution of dpkg-deb commands on
+adversarial .deb packages or with well compressible files, placed
+inside a directory with permissions not allowing removal by a non-root
+user, this can end up with a DoS scenario due to causing disk quota
+exhaustion or disk full conditions.
+
+This is considered a minor issue, given the required conditions to
+trigger a problem with it, but an issue non the less given the
+documented security guarantees of the command. This has been an
+issue since the initial commit introducing dpkg-deb in C.
+
+We use an existing string for the error message to avoid new strings
+needing translation for stable branches, which make the error message
+less descriptive than what would be ideal. This will be improved in
+git HEAD.
+
+Reported-by: zhutyra on HackerOne
+Fixes: CVE-2025-6297
+Stable-Candidate: 1.20.x 1.21.x 1.22.x
+(cherry picked from commit ed6bbd445dd8800308c67236ba35d08004c98e82)
+(cherry picked from commit 02ad0532bd490cbc95b344f670e622a38eecfbf6)
+(cherry picked from commit d8a76551e22abe76eefd7fef5c7f51f4118eb40e)
+
+CVE: CVE-2025-6297
+Upstream-Status: Backport [https://git.dpkg.org/cgit/dpkg/dpkg.git/commit/?id=98c623c8d6814ae46a3b30ca22e584c77d47d86b]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ src/at/deb-content.at | 32 ++++++++++++++++++++++++++++++++
+ src/deb/info.c | 20 ++++++++++++++++++++
+ 2 files changed, 52 insertions(+)
+
+diff --git a/src/at/deb-content.at b/src/at/deb-content.at
+index a192c9493..d48eed72b 100644
+--- a/src/at/deb-content.at
++++ b/src/at/deb-content.at
+@@ -127,3 +127,35 @@ newline'
+ ])
+
+ AT_CLEANUP
++
++AT_SETUP([dpkg-deb .deb extraction cleanup])
++AT_KEYWORDS([dpkg-deb deb extraction])
++
++DPKG_GEN_CONTROL([pkg-ctrl-dir-perms])
++AT_CHECK([
++dpkg-deb --root-owner-group -Znone -b pkg-ctrl-dir-perms
++DPKG_AR_EXTRACT([pkg-ctrl-dir-perms.deb])
++dpkg-deb -R pkg-ctrl-dir-perms.deb pkg-ctrl-dir-perms-bad
++mkdir -p pkg-ctrl-dir-perms-bad/DEBIAN/rx-subdir/inner
++touch pkg-ctrl-dir-perms-bad/DEBIAN/rx-subdir/inner/file
++chmod 0555 pkg-ctrl-dir-perms-bad/DEBIAN
++chmod 0555 pkg-ctrl-dir-perms-bad/DEBIAN/rx-subdir
++chmod 0555 pkg-ctrl-dir-perms-bad/DEBIAN/rx-subdir/inner
++$TAR cf control.tar --format=gnu --sort=name --mtime @0 --clamp-mtime --owner root:0 --group root:0 -C pkg-ctrl-dir-perms-bad/DEBIAN .
++DPKG_AR_GEN([pkg-ctrl-dir-perms.deb], [debian-binary control.tar data.tar])
++], [0], [dpkg-deb: building package 'pkg-ctrl-dir-perms' in 'pkg-ctrl-dir-perms.deb'.
++])
++AT_CHECK([
++dpkg-deb --ctrl-tarfile pkg-ctrl-dir-perms.deb | $TAR tvf -
++], [0], [dr-xr-xr-x root/root 0 1970-01-01 00:00 ./
++-rw-r--r-- root/root 176 1970-01-01 00:00 ./control
++dr-xr-xr-x root/root 0 1970-01-01 00:00 ./rx-subdir/
++dr-xr-xr-x root/root 0 1970-01-01 00:00 ./rx-subdir/inner/
++-rw-r--r-- root/root 0 1970-01-01 00:00 ./rx-subdir/inner/file
++])
++# Check that we can cleanup the temporarily extracted control.tar member.
++AT_CHECK([
++dpkg-deb -I pkg-ctrl-dir-perms.deb
++], [0], [ignore])
++
++AT_CLEANUP
+diff --git a/src/deb/info.c b/src/deb/info.c
+index f3d57e2ce..396ea4d14 100644
+--- a/src/deb/info.c
++++ b/src/deb/info.c
+@@ -45,14 +45,34 @@
+ #include <dpkg/pkg-format.h>
+ #include <dpkg/buffer.h>
+ #include <dpkg/path.h>
++#include <dpkg/treewalk.h>
+ #include <dpkg/options.h>
+
+ #include "dpkg-deb.h"
+
++static int
++cu_info_treewalk_fixup_dir(struct treenode *node)
++{
++ const char *nodename;
++
++ if (!S_ISDIR(treenode_get_mode(node)))
++ return 0;
++
++ nodename = treenode_get_pathname(node);
++ if (chmod(nodename, 0755) < 0)
++ ohshite(_("error setting permissions of '%.255s'"), nodename);
++
++ return 0;
++}
++
+ static void cu_info_prepare(int argc, void **argv) {
+ char *dir;
++ struct treewalk_funcs cu_info_treewalk_funcs = {
++ .visit = cu_info_treewalk_fixup_dir,
++ };
+
+ dir = argv[0];
++ treewalk(dir, TREEWALK_NONE, &cu_info_treewalk_funcs);
+ path_remove_tree(dir);
+ free(dir);
+ }
diff --git a/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb b/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb
index 7eaae9f22e..41f5123508 100644
--- a/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb
+++ b/meta/recipes-devtools/dpkg/dpkg_1.22.0.bb
@@ -14,6 +14,7 @@ SRC_URI = "git://salsa.debian.org/dpkg-team/dpkg.git;protocol=https;branch=main
file://0001-dpkg-Support-muslx32-build.patch \
file://pager.patch \
file://0001-Add-support-for-riscv32-CPU.patch \
+ file://CVE-2025-6297.patch \
"
SRC_URI:append:class-native = " file://0001-build.c-ignore-return-of-1-from-tar-cf.patch"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 12/33] libarchive: patch regression of patch for CVE-2025-5918
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (10 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 11/33] dpkg: patch CVE-2025-6297 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 13/33] vim: upgrade 9.1.1198 -> 9.1.1652 Steve Sakoman
` (20 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Picked commit per [1].
[1] https://security-tracker.debian.org/tracker/CVE-2025-5918
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../libarchive/CVE-2025-5918-0003.patch | 51 +++++++++++++++++++
.../libarchive/libarchive_3.7.9.bb | 1 +
2 files changed, 52 insertions(+)
create mode 100644 meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
diff --git a/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
new file mode 100644
index 0000000000..bc6903d41c
--- /dev/null
+++ b/meta/recipes-extended/libarchive/libarchive/CVE-2025-5918-0003.patch
@@ -0,0 +1,51 @@
+From 51b4c35bb38b7df4af24de7f103863dd79129b01 Mon Sep 17 00:00:00 2001
+From: Tobias Stoeckmann <tobias@stoeckmann.org>
+Date: Tue, 27 May 2025 17:09:12 +0200
+Subject: [PATCH] Fix FILE_skip regression
+
+The fseek* family of functions return 0 on success, not the new offset.
+This is only true for lseek.
+
+Fixes https://github.com/libarchive/libarchive/issues/2641
+Fixes dcbf1e0ededa95849f098d154a25876ed5754bcf
+
+Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
+
+CVE: CVE-2025-5918
+Upstream-Status: Backport [https://github.com/libarchive/libarchive/commit/51b4c35bb38b7df4af24de7f103863dd79129b01]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ libarchive/archive_read_open_file.c | 11 +++++++----
+ 1 file changed, 7 insertions(+), 4 deletions(-)
+
+diff --git a/libarchive/archive_read_open_file.c b/libarchive/archive_read_open_file.c
+index 6ed18a0c..742923ab 100644
+--- a/libarchive/archive_read_open_file.c
++++ b/libarchive/archive_read_open_file.c
+@@ -132,7 +132,7 @@ FILE_skip(struct archive *a, void *client_data, int64_t request)
+ #else
+ long skip = (long)request;
+ #endif
+- int64_t old_offset, new_offset;
++ int64_t old_offset, new_offset = -1;
+ int skip_bits = sizeof(skip) * 8 - 1;
+
+ (void)a; /* UNUSED */
+@@ -170,11 +170,14 @@ FILE_skip(struct archive *a, void *client_data, int64_t request)
+ #ifdef __ANDROID__
+ new_offset = lseek(fileno(mine->f), skip, SEEK_CUR);
+ #elif HAVE__FSEEKI64
+- new_offset = _fseeki64(mine->f, skip, SEEK_CUR);
++ if (_fseeki64(mine->f, skip, SEEK_CUR) == 0)
++ new_offset = _ftelli64(mine->f);
+ #elif HAVE_FSEEKO
+- new_offset = fseeko(mine->f, skip, SEEK_CUR);
++ if (fseeko(mine->f, skip, SEEK_CUR) == 0)
++ new_offset = ftello(mine->f);
+ #else
+- new_offset = fseek(mine->f, skip, SEEK_CUR);
++ if (fseek(mine->f, skip, SEEK_CUR) == 0)
++ new_offset = ftell(mine->f);
+ #endif
+ if (new_offset >= 0)
+ return (new_offset - old_offset);
diff --git a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
index f08673ea3b..f4b1be2337 100644
--- a/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
+++ b/meta/recipes-extended/libarchive/libarchive_3.7.9.bb
@@ -37,6 +37,7 @@ SRC_URI = "http://libarchive.org/downloads/libarchive-${PV}.tar.gz \
file://CVE-2025-5917.patch \
file://CVE-2025-5918-0001.patch \
file://CVE-2025-5918-0002.patch \
+ file://CVE-2025-5918-0003.patch \
"
UPSTREAM_CHECK_URI = "http://libarchive.org/"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 13/33] vim: upgrade 9.1.1198 -> 9.1.1652
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (11 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 12/33] libarchive: patch regression of patch for CVE-2025-5918 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 14/33] cmake: fix build with gcc-15 on host Steve Sakoman
` (19 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.
Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652
Refresh patches.
Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.
(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../0001-src-Makefile-improve-reproducibility.patch | 10 +++++-----
| 12 ++++++------
meta/recipes-support/vim/files/no-path-adjust.patch | 2 +-
meta/recipes-support/vim/vim.inc | 7 ++++---
4 files changed, 16 insertions(+), 15 deletions(-)
diff --git a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
index 2fc11dbdc2..0741745adc 100644
--- a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
+++ b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
@@ -16,11 +16,11 @@ Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
src/Makefile | 14 ++++----------
1 file changed, 4 insertions(+), 10 deletions(-)
-Index: git/src/Makefile
-===================================================================
---- git.orig/src/Makefile
-+++ git/src/Makefile
-@@ -3101,16 +3101,10 @@ auto/pathdef.c: Makefile auto/config.mk
+diff --git a/src/Makefile b/src/Makefile
+index 32c0d97d1..97c754673 100644
+--- a/src/Makefile
++++ b/src/Makefile
+@@ -3138,16 +3138,10 @@ auto/pathdef.c: Makefile auto/config.mk
-@echo '#include "vim.h"' >> $@
-@echo 'char_u *default_vim_dir = (char_u *)"$(VIMRCLOC)";' | $(QUOTESED) >> $@
-@echo 'char_u *default_vimruntime_dir = (char_u *)"$(VIMRUNTIMEDIR)";' | $(QUOTESED) >> $@
--git a/meta/recipes-support/vim/files/disable_acl_header_check.patch b/meta/recipes-support/vim/files/disable_acl_header_check.patch
index ee1ea0f390..2a5487e685 100644
--- a/meta/recipes-support/vim/files/disable_acl_header_check.patch
+++ b/meta/recipes-support/vim/files/disable_acl_header_check.patch
@@ -13,11 +13,11 @@ Signed-off-by: Changqing Li <changqing.li@windriver.com>
src/configure.ac | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
-Index: git/src/configure.ac
-===================================================================
---- git.orig/src/configure.ac
-+++ git/src/configure.ac
-@@ -3292,7 +3292,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h strin
+diff --git a/src/configure.ac b/src/configure.ac
+index cdb818519..dafb7d6ce 100644
+--- a/src/configure.ac
++++ b/src/configure.ac
+@@ -3400,7 +3400,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h string.h \
sys/systeminfo.h locale.h sys/stream.h termios.h \
libc.h sys/statfs.h poll.h sys/poll.h pwd.h \
utime.h sys/param.h sys/ptms.h libintl.h libgen.h \
@@ -26,7 +26,7 @@ Index: git/src/configure.ac
sys/access.h sys/sysinfo.h wchar.h wctype.h)
dnl sys/ptem.h depends on sys/stream.h on Solaris
-@@ -3974,6 +3974,7 @@ AC_ARG_ENABLE(acl,
+@@ -4137,6 +4137,7 @@ AC_ARG_ENABLE(acl,
, [enable_acl="yes"])
if test "$enable_acl" = "yes"; then
AC_MSG_RESULT(no)
diff --git a/meta/recipes-support/vim/files/no-path-adjust.patch b/meta/recipes-support/vim/files/no-path-adjust.patch
index 908459a95e..1b380393d8 100644
--- a/meta/recipes-support/vim/files/no-path-adjust.patch
+++ b/meta/recipes-support/vim/files/no-path-adjust.patch
@@ -18,7 +18,7 @@ diff --git a/src/Makefile b/src/Makefile
index c9513a632..7a7cbdc43 100644
--- a/src/Makefile
+++ b/src/Makefile
-@@ -2534,11 +2534,7 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_prefix) $(DEST_BIN) \
+@@ -2552,11 +2552,7 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_prefix) $(DEST_BIN) \
rm -rf $$cvs; \
fi
-chmod $(FILEMOD) $(DEST_TOOLS)/*
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index c7f3987134..2a9fda5376 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -18,8 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
file://no-path-adjust.patch \
"
-PV .= ".1198"
-SRCREV = "f209dcd3defb95bae21b2740910e6aa7bb940531"
+PV .= ".1652"
+SRCREV = "3e152c76adb9542af86760786d42a0beffe5354b"
# Do not consider .z in x.y.z, as that is updated with every commit
UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
@@ -37,7 +37,7 @@ CLEANBROKEN = "1"
# vim configure.in contains functions which got 'dropped' by autotools.bbclass
do_configure () {
cd src
- rm -f auto/*
+ rm -rf auto/*
touch auto/config.mk
# git timestamps aren't reliable, so touch the shipped .po files so they aren't regenerated
touch -c po/cs.cp1250.po po/ja.euc-jp.po po/ja.sjis.po po/ko.po po/pl.UTF-8.po po/pl.cp1250.po po/ru.cp1251.po po/sk.cp1250.po po/uk.cp1251.po po/zh_CN.po po/zh_CN.cp936.po po/zh_TW.po
@@ -76,6 +76,7 @@ EXTRA_OECONF = " \
--disable-desktop-database-update \
--with-tlib=ncurses \
--with-modified-by='${MAINTAINER}' \
+ --with-wayland=no \
ac_cv_small_wchar_t=no \
ac_cv_path_GLIB_COMPILE_RESOURCES=no \
vim_cv_getcwd_broken=no \
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 14/33] cmake: fix build with gcc-15 on host
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (12 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 13/33] vim: upgrade 9.1.1198 -> 9.1.1652 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 15/33] git: " Steve Sakoman
` (18 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/cmake/cmake.inc | 1 +
.../0001-cppdap-fix-build-with-gcc-15.patch | 30 +++++++++++++++++++
2 files changed, 31 insertions(+)
create mode 100644 meta/recipes-devtools/cmake/cmake/0001-cppdap-fix-build-with-gcc-15.patch
diff --git a/meta/recipes-devtools/cmake/cmake.inc b/meta/recipes-devtools/cmake/cmake.inc
index a52506a8ea..b8667832e2 100644
--- a/meta/recipes-devtools/cmake/cmake.inc
+++ b/meta/recipes-devtools/cmake/cmake.inc
@@ -18,6 +18,7 @@ CMAKE_MAJOR_VERSION = "${@'.'.join(d.getVar('PV').split('.')[0:2])}"
SRC_URI = "https://cmake.org/files/v${CMAKE_MAJOR_VERSION}/cmake-${PV}.tar.gz \
file://0001-CMakeDetermineCompilerABI-Strip-pipe-from-compile-fl.patch \
+ file://0001-cppdap-fix-build-with-gcc-15.patch \
"
SRC_URI[sha256sum] = "72b7570e5c8593de6ac4ab433b73eab18c5fb328880460c86ce32608141ad5c1"
diff --git a/meta/recipes-devtools/cmake/cmake/0001-cppdap-fix-build-with-gcc-15.patch b/meta/recipes-devtools/cmake/cmake/0001-cppdap-fix-build-with-gcc-15.patch
new file mode 100644
index 0000000000..1ff0764018
--- /dev/null
+++ b/meta/recipes-devtools/cmake/cmake/0001-cppdap-fix-build-with-gcc-15.patch
@@ -0,0 +1,30 @@
+From f742c298a0d6b70059e5c98c89d301e62a3e2087 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Christoph=20Gr=C3=BCninger?= <foss@grueninger.de>
+Date: Thu, 8 Aug 2024 20:26:35 +0200
+Subject: [PATCH] cppdap: include/dap/network.h: add <stdint.h> include for GCC
+ 15
+
+GCC 15 requires the include for the declaration of `uint32_t`.
+Backport [cppdap PR 133](https://github.com/google/cppdap/pull/133).
+
+Upstream-Status: Backport [https://gitlab.kitware.com/cmake/cmake/-/commit/f742c298a0d6b70059e5c98c89d301e62a3e2087]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ Utilities/cmcppdap/include/dap/network.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/Utilities/cmcppdap/include/dap/network.h b/Utilities/cmcppdap/include/dap/network.h
+index 9d14f6b70fa..dd3e0062407 100644
+--- a/Utilities/cmcppdap/include/dap/network.h
++++ b/Utilities/cmcppdap/include/dap/network.h
+@@ -17,6 +17,7 @@
+
+ #include <functional>
+ #include <memory>
++#include <stdint.h>
+
+ namespace dap {
+ class ReaderWriter;
+--
+GitLab
+
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 15/33] git: fix build with gcc-15 on host
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (13 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 14/33] cmake: fix build with gcc-15 on host Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 16/33] unzip: Fix build with GCC-15 Steve Sakoman
` (17 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...ndex-pack-rename-struct-thread_local.patch | 67 +++++++++++++++++++
.../git/0001-reflog-rename-unreachable.patch | 40 +++++++++++
meta/recipes-devtools/git/git_2.44.4.bb | 2 +
3 files changed, 109 insertions(+)
create mode 100644 meta/recipes-devtools/git/git/0001-index-pack-rename-struct-thread_local.patch
create mode 100644 meta/recipes-devtools/git/git/0001-reflog-rename-unreachable.patch
diff --git a/meta/recipes-devtools/git/git/0001-index-pack-rename-struct-thread_local.patch b/meta/recipes-devtools/git/git/0001-index-pack-rename-struct-thread_local.patch
new file mode 100644
index 0000000000..b3b490064f
--- /dev/null
+++ b/meta/recipes-devtools/git/git/0001-index-pack-rename-struct-thread_local.patch
@@ -0,0 +1,67 @@
+From e8b3bcf49120309b207b7afc25c4aa81b866ac45 Mon Sep 17 00:00:00 2001
+From: "brian m. carlson" <sandals@crustytoothpaste.net>
+Date: Sun, 17 Nov 2024 01:31:48 +0000
+Subject: [PATCH] index-pack: rename struct thread_local
+
+"thread_local" is a keyword in C23. To make sure that our code compiles
+on a wide variety of C versions, rename struct thread_local to "struct
+thread_local_data" to avoid a conflict.
+
+Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+
+Upstream-Status: Backport [v2.48.0 e8b3bcf49120309b207b7afc25c4aa81b866ac45]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ builtin/index-pack.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/builtin/index-pack.c b/builtin/index-pack.c
+index e228c56ff2..74675dbd6c 100644
+--- a/builtin/index-pack.c
++++ b/builtin/index-pack.c
+@@ -94,7 +94,7 @@ static LIST_HEAD(done_head);
+ static size_t base_cache_used;
+ static size_t base_cache_limit;
+
+-struct thread_local {
++struct thread_local_data {
+ pthread_t thread;
+ int pack_fd;
+ };
+@@ -117,7 +117,7 @@ static struct object_entry *objects;
+ static struct object_stat *obj_stat;
+ static struct ofs_delta_entry *ofs_deltas;
+ static struct ref_delta_entry *ref_deltas;
+-static struct thread_local nothread_data;
++static struct thread_local_data nothread_data;
+ static int nr_objects;
+ static int nr_ofs_deltas;
+ static int nr_ref_deltas;
+@@ -148,7 +148,7 @@ static uint32_t input_crc32;
+ static int input_fd, output_fd;
+ static const char *curr_pack;
+
+-static struct thread_local *thread_data;
++static struct thread_local_data *thread_data;
+ static int nr_dispatched;
+ static int threads_active;
+
+@@ -390,7 +390,7 @@ static NORETURN void bad_object(off_t offset, const char *format, ...)
+ (uintmax_t)offset, buf);
+ }
+
+-static inline struct thread_local *get_thread_data(void)
++static inline struct thread_local_data *get_thread_data(void)
+ {
+ if (HAVE_THREADS) {
+ if (threads_active)
+@@ -401,7 +401,7 @@ static inline struct thread_local *get_thread_data(void)
+ return ¬hread_data;
+ }
+
+-static void set_thread_data(struct thread_local *data)
++static void set_thread_data(struct thread_local_data *data)
+ {
+ if (threads_active)
+ pthread_setspecific(key, data);
diff --git a/meta/recipes-devtools/git/git/0001-reflog-rename-unreachable.patch b/meta/recipes-devtools/git/git/0001-reflog-rename-unreachable.patch
new file mode 100644
index 0000000000..a44fe91dd3
--- /dev/null
+++ b/meta/recipes-devtools/git/git/0001-reflog-rename-unreachable.patch
@@ -0,0 +1,40 @@
+From 639cd8db63b07c958062bde4d3823dadbf469b0b Mon Sep 17 00:00:00 2001
+From: "brian m. carlson" <sandals@crustytoothpaste.net>
+Date: Sun, 17 Nov 2024 01:31:49 +0000
+Subject: [PATCH] reflog: rename unreachable
+
+In C23, "unreachable" is a macro that invokes undefined behavior if it
+is invoked. To make sure that our code compiles on a variety of C
+versions, rename unreachable to "is_unreachable".
+
+Signed-off-by: brian m. carlson <sandals@crustytoothpaste.net>
+Signed-off-by: Junio C Hamano <gitster@pobox.com>
+
+Upstream-Status: Backport [v2.48.0 639cd8db63b07c958062bde4d3823dadbf469b0b]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ reflog.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/reflog.c b/reflog.c
+index 875ac1aa66..aeab78c9b7 100644
+--- a/reflog.c
++++ b/reflog.c
+@@ -210,7 +210,7 @@ static void mark_reachable(struct expire_reflog_policy_cb *cb)
+ cb->mark_list = leftover;
+ }
+
+-static int unreachable(struct expire_reflog_policy_cb *cb, struct commit *commit, struct object_id *oid)
++static int is_unreachable(struct expire_reflog_policy_cb *cb, struct commit *commit, struct object_id *oid)
+ {
+ /*
+ * We may or may not have the commit yet - if not, look it
+@@ -265,7 +265,7 @@ int should_expire_reflog_ent(struct object_id *ooid, struct object_id *noid,
+ return 1;
+ case UE_NORMAL:
+ case UE_HEAD:
+- if (unreachable(cb, old_commit, ooid) || unreachable(cb, new_commit, noid))
++ if (is_unreachable(cb, old_commit, ooid) || is_unreachable(cb, new_commit, noid))
+ return 1;
+ break;
+ }
diff --git a/meta/recipes-devtools/git/git_2.44.4.bb b/meta/recipes-devtools/git/git_2.44.4.bb
index 66936417e1..3c94667382 100644
--- a/meta/recipes-devtools/git/git_2.44.4.bb
+++ b/meta/recipes-devtools/git/git_2.44.4.bb
@@ -11,6 +11,8 @@ PROVIDES:append:class-native = " git-replacement-native"
SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
file://fixsort.patch \
file://0001-config.mak.uname-do-not-force-RHEL-7-specific-build-.patch \
+ file://0001-reflog-rename-unreachable.patch \
+ file://0001-index-pack-rename-struct-thread_local.patch \
"
SRC_URI:append:class-nativesdk = " \
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 16/33] unzip: Fix build with GCC-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (14 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 15/33] git: " Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 17/33] m4: Stick to C17 standard Steve Sakoman
` (16 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Add a patch to remove redundant declarations
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/unzip/unzip/gcc15.patch | 18 ++++++++++++++++++
meta/recipes-extended/unzip/unzip_6.0.bb | 1 +
2 files changed, 19 insertions(+)
create mode 100644 meta/recipes-extended/unzip/unzip/gcc15.patch
diff --git a/meta/recipes-extended/unzip/unzip/gcc15.patch b/meta/recipes-extended/unzip/unzip/gcc15.patch
new file mode 100644
index 0000000000..ab06a4713f
--- /dev/null
+++ b/meta/recipes-extended/unzip/unzip/gcc15.patch
@@ -0,0 +1,18 @@
+Do not redefine gmtime(), localtime()
+
+They are already provided by system time.h header
+
+Upstream-Status: Inactive-Upstream [need a new release]
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+--- a/unix/unxcfg.h
++++ b/unix/unxcfg.h
+@@ -117,7 +117,6 @@ typedef struct stat z_stat;
+ # endif
+ #else
+ # include <time.h>
+- struct tm *gmtime(), *localtime();
+ #endif
+
+ #if (defined(BSD4_4) || (defined(SYSV) && defined(MODERN)))
diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index c13e7a008e..0a88b4c092 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -32,6 +32,7 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/infozip/UnZip%206.x%20%28latest%29/UnZip%206.0/
file://CVE-2022-0530.patch \
file://0001-configure-Add-correct-system-headers-and-prototypes-.patch \
file://0001-unix-configure-fix-detection-for-cross-compilation.patch \
+ file://gcc15.patch \
"
UPSTREAM_VERSION_UNKNOWN = "1"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 17/33] m4: Stick to C17 standard
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (15 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 16/33] unzip: Fix build with GCC-15 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 18/33] gmp: Fix build with GCC15/C23 Steve Sakoman
` (15 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
GCC15 imposes C23 by default and 1.4.19 release has gnulib version which
can not be compiled without errors, while new release of m4 is in progress
we might use C17 until then and use GCC15 to compile it
For scarthgap also add it in BUILD_CFLAGS.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-devtools/m4/m4-1.4.19.inc | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-devtools/m4/m4-1.4.19.inc b/meta/recipes-devtools/m4/m4-1.4.19.inc
index fcc9e58270..4b1f847664 100644
--- a/meta/recipes-devtools/m4/m4-1.4.19.inc
+++ b/meta/recipes-devtools/m4/m4-1.4.19.inc
@@ -30,6 +30,9 @@ EXTRA_OECONF += "--without-libsigsegv-prefix"
EXTRA_OEMAKE += "'infodir=${infodir}'"
+CFLAGS += "-std=gnu17"
+BUILD_CFLAGS += "-std=gnu17"
+
do_compile_ptest() {
cd ${B}/tests
sed -i '/^buildtest-TESTS: /c buildtest-TESTS: $(TESTS) $(check_LIBRARIES) $(check_PROGRAMS)' Makefile
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 18/33] gmp: Fix build with GCC15/C23
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (16 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 17/33] m4: Stick to C17 standard Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 19/33] gmp: Fix build with older gcc versions Steve Sakoman
` (14 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...n-prototype-in-acinclude.m4-for-C23-.patch | 25 +++++++++++++++++++
meta/recipes-support/gmp/gmp_6.3.0.bb | 1 +
2 files changed, 26 insertions(+)
create mode 100644 meta/recipes-support/gmp/gmp/0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch
diff --git a/meta/recipes-support/gmp/gmp/0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch b/meta/recipes-support/gmp/gmp/0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch
new file mode 100644
index 0000000000..ee199a8373
--- /dev/null
+++ b/meta/recipes-support/gmp/gmp/0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch
@@ -0,0 +1,25 @@
+From 51a657c827422d2bc284d752dfbcfd2b1311a5bf Mon Sep 17 00:00:00 2001
+From: Marc Glisse <marc.glisse@inria.fr>
+Date: Wed, 29 Jan 2025 22:38:02 +0100
+Subject: [PATCH] Complete function prototype in acinclude.m4 for C23
+ compatibility
+
+Upstream-Status: Backport [https://gmplib.org/repo/gmp/rev/8e7bb4ae7a18]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ acinclude.m4 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/acinclude.m4 b/acinclude.m4
+index 9cf9483..787511f 100644
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -609,7 +609,7 @@ GMP_PROG_CC_WORKS_PART([$1], [long long reliability test 1],
+
+ #if defined (__GNUC__) && ! defined (__cplusplus)
+ typedef unsigned long long t1;typedef t1*t2;
+-void g(){}
++void g(int,t1 const*,t1,t2,t1 const*,int){}
+ void h(){}
+ static __inline__ t1 e(t2 rp,t2 up,int n,t1 v0)
+ {t1 c,x,r;int i;if(v0){c=1;for(i=1;i<n;i++){x=up[i];r=x+1;rp[i]=r;}}return c;}
diff --git a/meta/recipes-support/gmp/gmp_6.3.0.bb b/meta/recipes-support/gmp/gmp_6.3.0.bb
index fd4aec92fd..fd810a264d 100644
--- a/meta/recipes-support/gmp/gmp_6.3.0.bb
+++ b/meta/recipes-support/gmp/gmp_6.3.0.bb
@@ -14,6 +14,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \
file://use-includedir.patch \
file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \
file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \
+ file://0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch \
"
SRC_URI[sha256sum] = "ac28211a7cfb609bae2e2c8d6058d66c8fe96434f740cf6fe2e47b000d1c20cb"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 19/33] gmp: Fix build with older gcc versions
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (17 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 18/33] gmp: Fix build with GCC15/C23 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 20/33] gdbm: Use C11 standard Steve Sakoman
` (13 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
The fix to make this work with GCC15/C23 caused problems with older gcc versions.
Add a fix for that.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...d-parameter-names-in-prototype-for-g.patch | 50 +++++++++++++++++++
meta/recipes-support/gmp/gmp_6.3.0.bb | 1 +
2 files changed, 51 insertions(+)
create mode 100644 meta/recipes-support/gmp/gmp/0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch
diff --git a/meta/recipes-support/gmp/gmp/0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch b/meta/recipes-support/gmp/gmp/0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch
new file mode 100644
index 0000000000..ae2411fd1b
--- /dev/null
+++ b/meta/recipes-support/gmp/gmp/0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch
@@ -0,0 +1,50 @@
+From 1744e433a16fb39a55c4c771b8ecb02246aa5b99 Mon Sep 17 00:00:00 2001
+From: Khem Raj <raj.khem@gmail.com>
+Date: Sat, 15 Mar 2025 09:40:06 -0700
+Subject: [PATCH] acinclude.m4: Add parameter names in prototype for g().
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+This allows it to compile with older gcc e.g. gcc-10
+which does not have allow parameter name omission, it results
+in
+
+a.c: In function ‘g’:
+a.c:3:8: error: parameter name omitted
+ 3 | void g(int,t1 const*,t1,t2,t1 const*,int){}
+ | ^~~
+
+this was added to gcc via [1] thats why it is supported in
+newer gcc.
+
+Adding the parameter names make it compatible with
+old and new gcc
+
+[1] https://gcc.gnu.org/pipermail/gcc-cvs/2020-October/336068.html
+
+Upstream-Status: Submitted [https://gmplib.org/list-archives/gmp-devel/2025-March/006294.html]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ChangeLog
+
+2025-03-15 Khem Raj <raj.khem@gmail.com>
+
+ * acinclude.m4: Add parameter names to function prototype.
+
+ acinclude.m4 | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/acinclude.m4 b/acinclude.m4
+index 4fca12de2..b9d1eacfe 100644
+--- a/acinclude.m4
++++ b/acinclude.m4
+@@ -609,7 +609,7 @@ GMP_PROG_CC_WORKS_PART([$1], [long long reliability test 1],
+
+ #if defined (__GNUC__) && ! defined (__cplusplus)
+ typedef unsigned long long t1;typedef t1*t2;
+-void g(int,t1 const*,t1,t2,t1 const*,int){}
++void g(int a,t1 const* b,t1 c,t2 d,t1 const* e,int f){}
+ void h(){}
+ static __inline__ t1 e(t2 rp,t2 up,int n,t1 v0)
+ {t1 c,x,r;int i;if(v0){c=1;for(i=1;i<n;i++){x=up[i];r=x+1;rp[i]=r;}}return c;}
diff --git a/meta/recipes-support/gmp/gmp_6.3.0.bb b/meta/recipes-support/gmp/gmp_6.3.0.bb
index fd810a264d..1508744ef1 100644
--- a/meta/recipes-support/gmp/gmp_6.3.0.bb
+++ b/meta/recipes-support/gmp/gmp_6.3.0.bb
@@ -15,6 +15,7 @@ SRC_URI = "https://gmplib.org/download/${BPN}/${BP}${REVISION}.tar.bz2 \
file://0001-Append-the-user-provided-flags-to-the-auto-detected-.patch \
file://0001-confiure.ac-Believe-the-cflags-from-environment.patch \
file://0001-Complete-function-prototype-in-acinclude.m4-for-C23-.patch \
+ file://0001-acinclude.m4-Add-parameter-names-in-prototype-for-g.patch \
"
SRC_URI[sha256sum] = "ac28211a7cfb609bae2e2c8d6058d66c8fe96434f740cf6fe2e47b000d1c20cb"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 20/33] gdbm: Use C11 standard
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (18 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 19/33] gmp: Fix build with older gcc versions Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 21/33] unifdef: Don't use C23 constexpr keyword Steve Sakoman
` (12 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
GCC15 is switching defaults to C23 and gdbm is not yet ready to
compile using C23 std.
For scarthgap also add it in BUILD_CFLAGS.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-support/gdbm/gdbm_1.23.bb | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/meta/recipes-support/gdbm/gdbm_1.23.bb b/meta/recipes-support/gdbm/gdbm_1.23.bb
index a08079741d..9b32935571 100644
--- a/meta/recipes-support/gdbm/gdbm_1.23.bb
+++ b/meta/recipes-support/gdbm/gdbm_1.23.bb
@@ -23,6 +23,10 @@ EXTRA_OECONF = "--enable-libgdbm-compat --without-readline"
# Stop presence of dbm/nbdm on the host contaminating builds
CACHED_CONFIGUREVARS += "ac_cv_lib_ndbm_main=no ac_cv_lib_dbm_main=no"
+# Not yet ready for C23
+CFLAGS += "-std=gnu11"
+BUILD_CFLAGS += "-std=gnu11"
+
BBCLASSEXTEND = "native nativesdk"
do_install:append () {
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 21/33] unifdef: Don't use C23 constexpr keyword
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (19 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 20/33] gdbm: Use C11 standard Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 22/33] pkgconfig: fix build with gcc-15 Steve Sakoman
` (11 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Fixes build with GCC-15
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...0001-Don-t-use-C23-constexpr-keyword.patch | 57 +++++++++++++++++++
meta/recipes-devtools/unifdef/unifdef_2.12.bb | 3 +-
2 files changed, 59 insertions(+), 1 deletion(-)
create mode 100644 meta/recipes-devtools/unifdef/unifdef/0001-Don-t-use-C23-constexpr-keyword.patch
diff --git a/meta/recipes-devtools/unifdef/unifdef/0001-Don-t-use-C23-constexpr-keyword.patch b/meta/recipes-devtools/unifdef/unifdef/0001-Don-t-use-C23-constexpr-keyword.patch
new file mode 100644
index 0000000000..9d02183930
--- /dev/null
+++ b/meta/recipes-devtools/unifdef/unifdef/0001-Don-t-use-C23-constexpr-keyword.patch
@@ -0,0 +1,57 @@
+From ca1ac9c8bde84dbdea972299b1a6e30e78c2d785 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sun, 17 Nov 2024 01:26:27 +0000
+Subject: [PATCH] Don't use C23 constexpr keyword
+
+This fixes building with upcoming GCC 15 which defaults to -std=gnu23.
+
+Upstream-Status: Submitted [https://github.com/fanf2/unifdef/pull/19]
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ unifdef.c | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/unifdef.c b/unifdef.c
+index dc145a2..4bd3bda 100644
+--- a/unifdef.c
++++ b/unifdef.c
+@@ -202,7 +202,7 @@ static int depth; /* current #if nesting */
+ static int delcount; /* count of deleted lines */
+ static unsigned blankcount; /* count of blank lines */
+ static unsigned blankmax; /* maximum recent blankcount */
+-static bool constexpr; /* constant #if expression */
++static bool is_constexpr; /* constant #if expression */
+ static bool zerosyms; /* to format symdepth output */
+ static bool firstsym; /* ditto */
+
+@@ -1086,7 +1086,7 @@ eval_unary(const struct ops *ops, long *valp, const char **cpp)
+ *valp = (value[sym] != NULL);
+ lt = *valp ? LT_TRUE : LT_FALSE;
+ }
+- constexpr = false;
++ is_constexpr = false;
+ } else if (!endsym(*cp)) {
+ debug("eval%d symbol", prec(ops));
+ sym = findsym(&cp);
+@@ -1103,7 +1103,7 @@ eval_unary(const struct ops *ops, long *valp, const char **cpp)
+ lt = *valp ? LT_TRUE : LT_FALSE;
+ cp = skipargs(cp);
+ }
+- constexpr = false;
++ is_constexpr = false;
+ } else {
+ debug("eval%d bad expr", prec(ops));
+ return (LT_ERROR);
+@@ -1170,10 +1170,10 @@ ifeval(const char **cpp)
+ long val = 0;
+
+ debug("eval %s", *cpp);
+- constexpr = killconsts ? false : true;
++ is_constexpr = killconsts ? false : true;
+ ret = eval_table(eval_ops, &val, cpp);
+ debug("eval = %d", val);
+- return (constexpr ? LT_IF : ret == LT_ERROR ? LT_IF : ret);
++ return (is_constexpr ? LT_IF : ret == LT_ERROR ? LT_IF : ret);
+ }
+
+ /*
diff --git a/meta/recipes-devtools/unifdef/unifdef_2.12.bb b/meta/recipes-devtools/unifdef/unifdef_2.12.bb
index 3e08b3a0a4..bf0f3e1b17 100644
--- a/meta/recipes-devtools/unifdef/unifdef_2.12.bb
+++ b/meta/recipes-devtools/unifdef/unifdef_2.12.bb
@@ -8,7 +8,8 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=3498caf346f6b77934882101749ada23 \
file://unifdef.c;endline=32;md5=6f4ee8085d6e6ab0f7cb4390e1a9c497 \
"
-SRC_URI = "http://dotat.at/prog/${BPN}/${BP}.tar.xz"
+SRC_URI = "http://dotat.at/prog/${BPN}/${BP}.tar.xz \
+ file://0001-Don-t-use-C23-constexpr-keyword.patch"
SRC_URI[md5sum] = "ae8c0b3b4c43c1f6bc5f32412a820818"
SRC_URI[sha256sum] = "43ce0f02ecdcdc723b2475575563ddb192e988c886d368260bc0a63aee3ac400"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 22/33] pkgconfig: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (20 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 21/33] unifdef: Don't use C23 constexpr keyword Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 23/33] libgpg-error: " Steve Sakoman
` (10 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
* on hosts with gcc-15 or whenever glib PACKAGECONFIG isn't enabled
and pkgconfig uses own old bundled glib
* fixes:
http://errors.yoctoproject.org/Errors/Details/853015/
../../../git/glib/glib/goption.c:169:14: error: two or more data types in declaration specifiers
169 | gboolean bool;
| ^~~~
../../../git/glib/glib/goption.c:169:18: warning: declaration does not declare anything
169 | gboolean bool;
| ^
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...0001-Do-not-use-bool-as-a-field-name.patch | 36 +++++++++++++++++++
.../pkgconfig/pkgconfig_git.bb | 1 +
2 files changed, 37 insertions(+)
create mode 100644 meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch
diff --git a/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch b/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch
new file mode 100644
index 0000000000..bcb7e94d69
--- /dev/null
+++ b/meta/recipes-devtools/pkgconfig/pkgconfig/0001-Do-not-use-bool-as-a-field-name.patch
@@ -0,0 +1,36 @@
+From b3b26a7e125e5e4f5b69975cc17eb6d33198ebaa Mon Sep 17 00:00:00 2001
+From: Emmanuele Bassi <ebassi@gnome.org>
+Date: Thu, 11 Apr 2024 14:40:21 +0100
+Subject: [PATCH] Do not use bool as a field name
+
+C99 aliases `bool` to `_Bool`, and C23 introduces `bool` as a reserved
+keyword. Let's avoid using `bool` as a field name.
+
+Upstream-Status: Backport [Backport from glib to bunlded version in pkg-config https://github.com/GNOME/glib/commit/9e320e1c43a4770ed1532248fe5416eb0c618120]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ glib/glib/goption.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/glib/glib/goption.c b/glib/glib/goption.c
+index 0a22f6f..f439fd4 100644
+--- a/glib/glib/goption.c
++++ b/glib/glib/goption.c
+@@ -166,7 +166,7 @@ typedef struct
+ gpointer arg_data;
+ union
+ {
+- gboolean bool;
++ gboolean boolean;
+ gint integer;
+ gchar *str;
+ gchar **array;
+@@ -1600,7 +1600,7 @@ free_changes_list (GOptionContext *context,
+ switch (change->arg_type)
+ {
+ case G_OPTION_ARG_NONE:
+- *(gboolean *)change->arg_data = change->prev.bool;
++ *(gboolean *)change->arg_data = change->prev.boolean;
+ break;
+ case G_OPTION_ARG_INT:
+ *(gint *)change->arg_data = change->prev.integer;
diff --git a/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb b/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb
index 16e6c5b609..c67c526aa5 100644
--- a/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb
+++ b/meta/recipes-devtools/pkgconfig/pkgconfig_git.bb
@@ -15,6 +15,7 @@ SRC_URI = "git://gitlab.freedesktop.org/pkg-config/pkg-config.git;branch=master;
file://pkg-config-esdk.in \
file://pkg-config-native.in \
file://0001-glib-gettext.m4-Update-AM_GLIB_GNU_GETTEXT-to-match-.patch \
+ file://0001-Do-not-use-bool-as-a-field-name.patch \
"
S = "${WORKDIR}/git"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 23/33] libgpg-error: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (21 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 22/33] pkgconfig: fix build with gcc-15 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 24/33] rust-llvm: " Steve Sakoman
` (9 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Backport a fix for native build with gcc-15 on host
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...oid-use-of-nullptr-for-an-identifier.patch | 52 +++++++++++++++++++
.../libgpg-error/libgpg-error_1.48.bb | 1 +
2 files changed, 53 insertions(+)
create mode 100644 meta/recipes-support/libgpg-error/libgpg-error/0001-Avoid-use-of-nullptr-for-an-identifier.patch
diff --git a/meta/recipes-support/libgpg-error/libgpg-error/0001-Avoid-use-of-nullptr-for-an-identifier.patch b/meta/recipes-support/libgpg-error/libgpg-error/0001-Avoid-use-of-nullptr-for-an-identifier.patch
new file mode 100644
index 0000000000..11ab7a2a4e
--- /dev/null
+++ b/meta/recipes-support/libgpg-error/libgpg-error/0001-Avoid-use-of-nullptr-for-an-identifier.patch
@@ -0,0 +1,52 @@
+From d14c69a7f256a9444c5c64b808d8767e5a8ba68e Mon Sep 17 00:00:00 2001
+From: NIIBE Yutaka <gniibe@fsij.org>
+Date: Wed, 23 Oct 2024 08:48:06 +0900
+Subject: [PATCH] Avoid use of 'nullptr' for an identifier.
+
+* tests/t-printf.c (check_fprintf_sf): Use 'null_ptr'
+as an identifier.
+
+--
+
+GnuPG-bug-id: 7344
+Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
+
+Upstream-Status: Backport [libgpg-error-1.51 d14c69a7f256a9444c5c64b808d8767e5a8ba68e]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ tests/t-printf.c | 8 ++++----
+ 1 file changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/tests/t-printf.c b/tests/t-printf.c
+index c1ad0b0..87c201d 100644
+--- a/tests/t-printf.c
++++ b/tests/t-printf.c
+@@ -449,7 +449,7 @@ string_filter (const char *string, int no, void *opaque)
+ static void
+ check_fprintf_sf (void)
+ {
+- volatile char *nullptr = NULL; /* Avoid compiler warning. */
++ volatile char *null_ptr = NULL; /* Avoid compiler warning. */
+ struct sfstate_s sfstate = {NULL};
+ gpgrt_stream_t stream;
+ const char *expect;
+@@ -461,8 +461,8 @@ check_fprintf_sf (void)
+
+ gpgrt_fprintf_sf (stream, string_filter, &sfstate,
+ "%s a=%d b=%s c=%d d=%.8s null=%s\n",
+- nullptr, 1, "foo\x01 bar", 2,
+- "a longer string", nullptr);
++ null_ptr, 1, "foo\x01 bar", 2,
++ "a longer string", null_ptr);
+ expect = "[==>Niente<==] a=1 b=foo\x01 bar c=2 d=a longer null=(null)\n";
+ result = stream_to_string (stream);
+ if (strcmp (result, expect))
+@@ -475,7 +475,7 @@ check_fprintf_sf (void)
+
+ gpgrt_fprintf_sf (stream, string_filter, &sfstate,
+ "a=%d b=%s c=%d d=%.8s e=%s\n",
+- 1, "foo\n bar", 2, nullptr, "");
++ 1, "foo\n bar", 2, null_ptr, "");
+ expect = "a=1 b=foo\n bar c=2 d=[==>Nien e=\n";
+ result = stream_to_string (stream);
+ if (strcmp (result, expect))
diff --git a/meta/recipes-support/libgpg-error/libgpg-error_1.48.bb b/meta/recipes-support/libgpg-error/libgpg-error_1.48.bb
index 9f2b49209d..2106f3de85 100644
--- a/meta/recipes-support/libgpg-error/libgpg-error_1.48.bb
+++ b/meta/recipes-support/libgpg-error/libgpg-error_1.48.bb
@@ -17,6 +17,7 @@ UPSTREAM_CHECK_URI = "https://gnupg.org/download/index.html"
SRC_URI = "${GNUPG_MIRROR}/libgpg-error/libgpg-error-${PV}.tar.bz2 \
file://pkgconfig.patch \
file://0001-Do-not-fail-when-testing-config-scripts.patch \
+ file://0001-Avoid-use-of-nullptr-for-an-identifier.patch \
file://run-ptest \
"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 24/33] rust-llvm: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (22 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 23/33] libgpg-error: " Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 25/33] libtirpc: Fix build with gcc-15/C23 Steve Sakoman
` (8 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
As in meta-clang for clang-native:
https://github.com/kraj/meta-clang/commit/f915bbfc71f7b58c38607b8407718bd8b5cefa44
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...36-Add-cstdint-to-SmallVector-101761.patch | 28 ++++++++++++++++
...cstdint-in-AMDGPUMCTargetDesc-101766.patch | 23 +++++++++++++
...-include-to-X86MCTargetDesc.h-123320.patch | 32 +++++++++++++++++++
.../recipes-devtools/rust/rust-llvm_1.75.0.bb | 8 +++--
4 files changed, 89 insertions(+), 2 deletions(-)
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0036-Add-cstdint-to-SmallVector-101761.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch
create mode 100644 meta/recipes-devtools/rust/rust-llvm/0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch
diff --git a/meta/recipes-devtools/rust/rust-llvm/0036-Add-cstdint-to-SmallVector-101761.patch b/meta/recipes-devtools/rust/rust-llvm/0036-Add-cstdint-to-SmallVector-101761.patch
new file mode 100644
index 0000000000..cf00eacbee
--- /dev/null
+++ b/meta/recipes-devtools/rust/rust-llvm/0036-Add-cstdint-to-SmallVector-101761.patch
@@ -0,0 +1,28 @@
+From 9c9071480edd4093b28a9e9a9980c2426d27344c Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Fri, 2 Aug 2024 23:07:21 +0100
+Subject: [PATCH] Add `<cstdint>` to SmallVector (#101761)
+
+SmallVector uses `uint32_t`, `uint64_t` without including `<cstdint>`
+which fails to build w/ GCC 15 after a change in libstdc++ [0]
+
+[0] https://gcc.gnu.org/git/?p=gcc.git;a=commit;h=3a817a4a5a6d94da9127af3be9f84a74e3076ee2
+
+Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/7e44305041d96b064c197216b931ae3917a34ac1]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ llvm/include/llvm/ADT/SmallVector.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/llvm/include/llvm/ADT/SmallVector.h b/llvm/include/llvm/ADT/SmallVector.h
+index 09676d792..17444147b 100644
+--- a/llvm/include/llvm/ADT/SmallVector.h
++++ b/llvm/include/llvm/ADT/SmallVector.h
+@@ -19,6 +19,7 @@
+ #include <algorithm>
+ #include <cassert>
+ #include <cstddef>
++#include <cstdint>
+ #include <cstdlib>
+ #include <cstring>
+ #include <functional>
diff --git a/meta/recipes-devtools/rust/rust-llvm/0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch b/meta/recipes-devtools/rust/rust-llvm/0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch
new file mode 100644
index 0000000000..24e7e1234f
--- /dev/null
+++ b/meta/recipes-devtools/rust/rust-llvm/0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch
@@ -0,0 +1,23 @@
+From 422390b31680305ce6babcfbf65579b7dbe090a5 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sat, 3 Aug 2024 06:36:43 +0100
+Subject: [PATCH] Include `<cstdint>` in AMDGPUMCTargetDesc (#101766)
+
+Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/8f39502b85d34998752193e85f36c408d3c99248]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ llvm/lib/Target/AMDGPU/MCTargetDesc/AMDGPUMCTargetDesc.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/llvm/lib/Target/AMDGPU/MCTargetDesc/AMDGPUMCTargetDesc.h b/llvm/lib/Target/AMDGPU/MCTargetDesc/AMDGPUMCTargetDesc.h
+index 3ef00f757..879dbe1b2 100644
+--- a/llvm/lib/Target/AMDGPU/MCTargetDesc/AMDGPUMCTargetDesc.h
++++ b/llvm/lib/Target/AMDGPU/MCTargetDesc/AMDGPUMCTargetDesc.h
+@@ -15,6 +15,7 @@
+ #ifndef LLVM_LIB_TARGET_AMDGPU_MCTARGETDESC_AMDGPUMCTARGETDESC_H
+ #define LLVM_LIB_TARGET_AMDGPU_MCTARGETDESC_AMDGPUMCTARGETDESC_H
+
++#include <cstdint>
+ #include <memory>
+
+ namespace llvm {
diff --git a/meta/recipes-devtools/rust/rust-llvm/0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch b/meta/recipes-devtools/rust/rust-llvm/0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch
new file mode 100644
index 0000000000..9bfbe9e2ed
--- /dev/null
+++ b/meta/recipes-devtools/rust/rust-llvm/0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch
@@ -0,0 +1,32 @@
+From 72dc74c42eb9d9940b36c6804a4e4ac757370324 Mon Sep 17 00:00:00 2001
+From: Stephan Hageboeck <stephan.hageboeck@cern.ch>
+Date: Mon, 20 Jan 2025 17:52:47 +0100
+Subject: [PATCH] Add missing include to X86MCTargetDesc.h (#123320)
+
+In gcc-15, explicit includes of `<cstdint>` are required when fixed-size
+integers are used. In this file, this include only happened as a side
+effect of including SmallVector.h
+
+Although llvm compiles fine, the root-project would benefit from
+explicitly including it here, so we can backport the patch.
+
+Maybe interesting for @hahnjo and @vgvassilev
+
+Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/7abf44069aec61eee147ca67a6333fc34583b524]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ llvm/lib/Target/X86/MCTargetDesc/X86MCTargetDesc.h | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/llvm/lib/Target/X86/MCTargetDesc/X86MCTargetDesc.h b/llvm/lib/Target/X86/MCTargetDesc/X86MCTargetDesc.h
+index 437a7bd6f..fd7d79484 100644
+--- a/llvm/lib/Target/X86/MCTargetDesc/X86MCTargetDesc.h
++++ b/llvm/lib/Target/X86/MCTargetDesc/X86MCTargetDesc.h
+@@ -13,6 +13,7 @@
+ #ifndef LLVM_LIB_TARGET_X86_MCTARGETDESC_X86MCTARGETDESC_H
+ #define LLVM_LIB_TARGET_X86_MCTARGETDESC_X86MCTARGETDESC_H
+
++#include <cstdint>
+ #include <memory>
+ #include <string>
+
diff --git a/meta/recipes-devtools/rust/rust-llvm_1.75.0.bb b/meta/recipes-devtools/rust/rust-llvm_1.75.0.bb
index 292fc15c55..cba41c739e 100644
--- a/meta/recipes-devtools/rust/rust-llvm_1.75.0.bb
+++ b/meta/recipes-devtools/rust/rust-llvm_1.75.0.bb
@@ -10,8 +10,12 @@ require rust-source.inc
SRC_URI += "file://0002-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
- file://0003-llvm-fix-include-benchmarks.patch;striplevel=2 \
- file://0004-llvm-Fix-CVE-2024-0151.patch;striplevel=2"
+ file://0003-llvm-fix-include-benchmarks.patch;striplevel=2 \
+ file://0004-llvm-Fix-CVE-2024-0151.patch;striplevel=2 \
+ file://0036-Add-cstdint-to-SmallVector-101761.patch;striplevel=2 \
+ file://0037-Include-cstdint-in-AMDGPUMCTargetDesc-101766.patch;striplevel=2 \
+ file://0038-Add-missing-include-to-X86MCTargetDesc.h-123320.patch;striplevel=2 \
+"
S = "${RUSTSRC}/src/llvm-project/llvm"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 25/33] libtirpc: Fix build with gcc-15/C23
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (23 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 24/33] rust-llvm: " Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 26/33] elfutils: fix build with gcc-15 Steve Sakoman
` (7 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Update declarations to allow building with gcc-15 with C23 std
being default now.
Fixes:
error: conflicting types for 'xdr_opaque_auth
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
...rations-to-allow-compile-with-gcc-15.patch | 64 +++++++++++++++++++
...d-key_call-declarations-to-allow-com.patch | 60 +++++++++++++++++
.../libtirpc/libtirpc_1.3.4.bb | 2 +
3 files changed, 126 insertions(+)
create mode 100644 meta/recipes-extended/libtirpc/libtirpc/0001-Update-declarations-to-allow-compile-with-gcc-15.patch
create mode 100644 meta/recipes-extended/libtirpc/libtirpc/0002-update-signal-and-key_call-declarations-to-allow-com.patch
diff --git a/meta/recipes-extended/libtirpc/libtirpc/0001-Update-declarations-to-allow-compile-with-gcc-15.patch b/meta/recipes-extended/libtirpc/libtirpc/0001-Update-declarations-to-allow-compile-with-gcc-15.patch
new file mode 100644
index 0000000000..7bfe7c2924
--- /dev/null
+++ b/meta/recipes-extended/libtirpc/libtirpc/0001-Update-declarations-to-allow-compile-with-gcc-15.patch
@@ -0,0 +1,64 @@
+From b526c0a90953f47d4cbf7ef01e9ac13e9e76904a Mon Sep 17 00:00:00 2001
+From: Rudi Heitbaum <rudi@heitbaum.com>
+Date: Thu, 12 Dec 2024 04:16:02 -0500
+Subject: [PATCH 1/2] Update declarations to allow compile with gcc-15
+
+This patch fixes some of the compile errors with gcc 15-20241117.
+
+In addition the follow declarations need to be fixed:
+ sed -n 75,77p libtirpc-1.3.6/src/key_call.c
+ cryptkeyres *(*__key_encryptsession_pk_LOCAL)() = 0;
+ cryptkeyres *(*__key_decryptsession_pk_LOCAL)() = 0;
+ des_block *(*__key_gendes_LOCAL)() = 0;
+
+Upstream-Status: Backport [https://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=d473f1e1f6ba80bfaee4daa058da159305167323]
+Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/auth_none.c | 2 +-
+ src/getpublickey.c | 2 +-
+ src/svc_auth_none.c | 4 ++--
+ 3 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/src/auth_none.c b/src/auth_none.c
+index 0b0bbd1..aca6e71 100644
+--- a/src/auth_none.c
++++ b/src/auth_none.c
+@@ -62,7 +62,7 @@ static bool_t authnone_validate (AUTH *, struct opaque_auth *);
+ static bool_t authnone_refresh (AUTH *, void *);
+ static void authnone_destroy (AUTH *);
+
+-extern bool_t xdr_opaque_auth();
++extern bool_t xdr_opaque_auth(XDR *, struct opaque_auth *);
+
+ static struct auth_ops *authnone_ops();
+
+diff --git a/src/getpublickey.c b/src/getpublickey.c
+index be37a24..4e96c7c 100644
+--- a/src/getpublickey.c
++++ b/src/getpublickey.c
+@@ -52,7 +52,7 @@
+ /*
+ * Hack to let ypserv/rpc.nisd use AUTH_DES.
+ */
+-int (*__getpublickey_LOCAL)() = 0;
++int (*__getpublickey_LOCAL)(const char *, char *) = 0;
+
+ /*
+ * Get somebody's public key
+diff --git a/src/svc_auth_none.c b/src/svc_auth_none.c
+index 887e809..5ca98e9 100644
+--- a/src/svc_auth_none.c
++++ b/src/svc_auth_none.c
+@@ -37,8 +37,8 @@
+
+ #include <rpc/rpc.h>
+
+-static bool_t svcauth_none_destroy();
+-static bool_t svcauth_none_wrap();
++static bool_t svcauth_none_destroy(SVCAUTH *);
++static bool_t svcauth_none_wrap(SVCAUTH *, XDR *, bool_t (*)(XDR *, ...), char *);
+
+ struct svc_auth_ops svc_auth_none_ops = {
+ svcauth_none_wrap,
diff --git a/meta/recipes-extended/libtirpc/libtirpc/0002-update-signal-and-key_call-declarations-to-allow-com.patch b/meta/recipes-extended/libtirpc/libtirpc/0002-update-signal-and-key_call-declarations-to-allow-com.patch
new file mode 100644
index 0000000000..83e2105a1a
--- /dev/null
+++ b/meta/recipes-extended/libtirpc/libtirpc/0002-update-signal-and-key_call-declarations-to-allow-com.patch
@@ -0,0 +1,60 @@
+From 55452e6ae71869880f8c85d5dba9aa24d7147d8b Mon Sep 17 00:00:00 2001
+From: Rudi Heitbaum <rudi@heitbaum.com>
+Date: Thu, 2 Jan 2025 08:46:24 -0500
+Subject: [PATCH 2/2] update signal and key_call declarations to allow compile
+ with gcc-15
+
+Follow up patch addressing the following declarations:
+ sed -n 75,77p libtirpc-1.3.6/src/key_call.c
+ cryptkeyres *(*__key_encryptsession_pk_LOCAL)() = 0;
+ cryptkeyres *(*__key_decryptsession_pk_LOCAL)() = 0;
+ des_block *(*__key_gendes_LOCAL)() = 0;
+
+Upstream-Status: Backport [https://git.linux-nfs.org/?p=steved/libtirpc.git;a=commit;h=240ee6c774729c9c24812aa8912f1fcf8996b162]
+Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>
+Signed-off-by: Steve Dickson <steved@redhat.com>
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+---
+ src/auth_time.c | 4 ++--
+ src/key_call.c | 6 +++---
+ 2 files changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/src/auth_time.c b/src/auth_time.c
+index 936dd76..c21b1df 100644
+--- a/src/auth_time.c
++++ b/src/auth_time.c
+@@ -248,7 +248,7 @@ __rpc_get_time_offset(td, srv, thost, uaddr, netid)
+ char ut[64], ipuaddr[64];
+ endpoint teps[32];
+ nis_server tsrv;
+- void (*oldsig)() = NULL; /* old alarm handler */
++ void (*oldsig)(int) = NULL; /* old alarm handler */
+ struct sockaddr_in sin;
+ int s = RPC_ANYSOCK;
+ socklen_t len;
+@@ -417,7 +417,7 @@ __rpc_get_time_offset(td, srv, thost, uaddr, netid)
+ } else {
+ int res;
+
+- oldsig = (void (*)())signal(SIGALRM, alarm_hndler);
++ oldsig = (void (*)(int))signal(SIGALRM, alarm_hndler);
+ saw_alarm = 0; /* global tracking the alarm */
+ alarm(20); /* only wait 20 seconds */
+ res = connect(s, (struct sockaddr *)&sin, sizeof(sin));
+diff --git a/src/key_call.c b/src/key_call.c
+index 9f4b1d2..43f990e 100644
+--- a/src/key_call.c
++++ b/src/key_call.c
+@@ -72,9 +72,9 @@
+ * implementations of these functions, and to call those in key_call().
+ */
+
+-cryptkeyres *(*__key_encryptsession_pk_LOCAL)() = 0;
+-cryptkeyres *(*__key_decryptsession_pk_LOCAL)() = 0;
+-des_block *(*__key_gendes_LOCAL)() = 0;
++cryptkeyres *(*__key_encryptsession_pk_LOCAL)(uid_t, char *) = 0;
++cryptkeyres *(*__key_decryptsession_pk_LOCAL)(uid_t, char *) = 0;
++des_block *(*__key_gendes_LOCAL)(uid_t, char *) = 0;
+
+ static int key_call( u_long, xdrproc_t, void *, xdrproc_t, void *);
+
diff --git a/meta/recipes-extended/libtirpc/libtirpc_1.3.4.bb b/meta/recipes-extended/libtirpc/libtirpc_1.3.4.bb
index aa526e9e1c..198cefacfb 100644
--- a/meta/recipes-extended/libtirpc/libtirpc_1.3.4.bb
+++ b/meta/recipes-extended/libtirpc/libtirpc_1.3.4.bb
@@ -11,6 +11,8 @@ PROVIDES = "virtual/librpc"
SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.bz2 \
file://ipv6.patch \
+ file://0001-Update-declarations-to-allow-compile-with-gcc-15.patch \
+ file://0002-update-signal-and-key_call-declarations-to-allow-com.patch \
"
UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/libtirpc/files/libtirpc/"
UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)/"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 26/33] elfutils: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (24 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 25/33] libtirpc: Fix build with gcc-15/C23 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 27/33] binutils: " Steve Sakoman
` (6 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../elfutils/elfutils_0.191.bb | 1 +
.../files/0007-Fix-build-with-gcc-15.patch | 72 +++++++++++++++++++
2 files changed, 73 insertions(+)
create mode 100644 meta/recipes-devtools/elfutils/files/0007-Fix-build-with-gcc-15.patch
diff --git a/meta/recipes-devtools/elfutils/elfutils_0.191.bb b/meta/recipes-devtools/elfutils/elfutils_0.191.bb
index bab3d94d12..fcb91e41aa 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.191.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.191.bb
@@ -27,6 +27,7 @@ SRC_URI = "https://sourceware.org/elfutils/ftp/${PV}/${BP}.tar.bz2 \
file://CVE-2025-1365.patch \
file://CVE-2025-1372.patch \
file://CVE-2025-1371.patch \
+ file://0007-Fix-build-with-gcc-15.patch \
"
SRC_URI:append:libc-musl = " \
file://0003-musl-utils.patch \
diff --git a/meta/recipes-devtools/elfutils/files/0007-Fix-build-with-gcc-15.patch b/meta/recipes-devtools/elfutils/files/0007-Fix-build-with-gcc-15.patch
new file mode 100644
index 0000000000..8f5c7e4421
--- /dev/null
+++ b/meta/recipes-devtools/elfutils/files/0007-Fix-build-with-gcc-15.patch
@@ -0,0 +1,72 @@
+From 7508696d107ca01b65ce8273c881462a8658f90f Mon Sep 17 00:00:00 2001
+From: Sergei Trofimovich <slyich@gmail.com>
+Date: Wed, 17 Jul 2024 23:03:34 +0100
+Subject: [PATCH] backends: allocate enough stace for null terminator
+
+`gcc-15` added a new warning in https://gcc.gnu.org/PR115185:
+
+ i386_regs.c:88:11: error: initializer-string for array of 'char' is too long [-Werror=unterminated-string-initialization]
+ 88 | "ax", "cx", "dx", "bx", "sp", "bp", "si", "di", "ip"
+ | ^~~~
+
+`elfutils` does not need to store '\0'. We could either initialize the
+arrays with individual bytes or allocate extra byte for null.
+
+This change initializes the array bytewise.
+
+ * backends/i386_regs.c (i386_register_info): Initialize the
+ array bytewise to fix gcc-15 warning.
+ * backends/x86_64_regs.c (x86_64_register_info): Ditto.
+
+Signed-off-by: Sergei Trofimovich <slyich@gmail.com>
+Upstream-Status: Backport [https://sourceware.org/git/?p=elfutils.git;a=commit;h=7508696d107ca01b65ce8273c881462a8658f90f]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ backends/i386_regs.c | 10 +++++++++-
+ backends/x86_64_regs.c | 9 ++++++++-
+ 2 files changed, 17 insertions(+), 2 deletions(-)
+
+diff --git a/backends/i386_regs.c b/backends/i386_regs.c
+index 7ec93bb9..ead55ef7 100644
+--- a/backends/i386_regs.c
++++ b/backends/i386_regs.c
+@@ -85,7 +85,15 @@ i386_register_info (Ebl *ebl __attribute__ ((unused)),
+ {
+ static const char baseregs[][2] =
+ {
+- "ax", "cx", "dx", "bx", "sp", "bp", "si", "di", "ip"
++ {'a', 'x'},
++ {'c', 'x'},
++ {'d', 'x'},
++ {'b', 'x'},
++ {'s', 'p'},
++ {'b', 'p'},
++ {'s', 'i'},
++ {'d', 'i'},
++ {'i', 'p'},
+ };
+
+ case 4:
+diff --git a/backends/x86_64_regs.c b/backends/x86_64_regs.c
+index ef987daf..dab8f27f 100644
+--- a/backends/x86_64_regs.c
++++ b/backends/x86_64_regs.c
+@@ -82,7 +82,14 @@ x86_64_register_info (Ebl *ebl __attribute__ ((unused)),
+ {
+ static const char baseregs[][2] =
+ {
+- "ax", "dx", "cx", "bx", "si", "di", "bp", "sp"
++ {'a', 'x'},
++ {'d', 'x'},
++ {'c', 'x'},
++ {'b', 'x'},
++ {'s', 'i'},
++ {'d', 'i'},
++ {'b', 'p'},
++ {'s', 'p'},
+ };
+
+ case 6 ... 7:
+--
+2.43.7
+
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 27/33] binutils: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (25 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 26/33] elfutils: fix build with gcc-15 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 28/33] dbus-glib: " Steve Sakoman
` (5 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../binutils/binutils-2.42.inc | 4 +
...nu23-compatibility-wrt-static_assert.patch | 89 ++
...ngs-when-building-gprofng-with-Clang.patch | 767 ++++++++++++++++++
...gnu23-compatibility-wrt-unprototyped.patch | 606 ++++++++++++++
...021-gprofng-fix-build-with-std-gnu23.patch | 196 +++++
5 files changed, 1662 insertions(+)
create mode 100644 meta/recipes-devtools/binutils/binutils/0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch
create mode 100644 meta/recipes-devtools/binutils/binutils/0021-gprofng-fix-build-with-std-gnu23.patch
diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc
index fb34ea9763..e791cd2b13 100644
--- a/meta/recipes-devtools/binutils/binutils-2.42.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.42.inc
@@ -39,6 +39,10 @@ SRC_URI = "\
file://0015-gprofng-change-use-of-bignum-to-bigint.patch \
file://0016-CVE-2024-53589.patch \
file://0017-dlltool-file-name-too-long.patch \
+ file://0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch \
+ file://0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch \
+ file://0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch \
+ file://0021-gprofng-fix-build-with-std-gnu23.patch \
file://0018-CVE-2025-0840.patch \
file://CVE-2025-1176.patch \
file://CVE-2025-1178.patch \
diff --git a/meta/recipes-devtools/binutils/binutils/0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch b/meta/recipes-devtools/binutils/binutils/0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch
new file mode 100644
index 0000000000..d447ce0d52
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0018-opcodes-fix-std-gnu23-compatibility-wrt-static_assert.patch
@@ -0,0 +1,89 @@
+From 8ebe62f3f0d27806b1bf69f301f5e188b4acd2b4 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sat, 16 Nov 2024 05:03:52 +0000
+Subject: [PATCH] opcodes: fix -std=gnu23 compatibility wrt static_assert
+
+static_assert is declared in C23 so we can't reuse that identifier:
+* Define our own static_assert conditionally;
+
+* Rename "static assert" hacks to _N as we do already in some places
+ to avoid a conflict.
+
+ChangeLog:
+ PR ld/32372
+
+ * i386-gen.c (static_assert): Define conditionally.
+ * mips-formats.h (MAPPED_INT): Rename identifier.
+ (MAPPED_REG): Rename identifier.
+ (OPTIONAL_MAPPED_REG): Rename identifier.
+ * s390-opc.c (static_assert): Define conditionally.
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=8ebe62f3f0d27806b1bf69f301f5e188b4acd2b4]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ opcodes/i386-gen.c | 2 ++
+ opcodes/mips-formats.h | 6 +++---
+ opcodes/s390-opc.c | 2 ++
+ 3 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/opcodes/i386-gen.c b/opcodes/i386-gen.c
+index 053b66675c5..7ee8a30310c 100644
+--- a/opcodes/i386-gen.c
++++ b/opcodes/i386-gen.c
+@@ -30,7 +30,9 @@
+
+ /* Build-time checks are preferrable over runtime ones. Use this construct
+ in preference where possible. */
++#ifndef static_assert
+ #define static_assert(e) ((void)sizeof (struct { int _:1 - 2 * !(e); }))
++#endif
+
+ static const char *program_name = NULL;
+ static int debug = 0;
+diff --git a/opcodes/mips-formats.h b/opcodes/mips-formats.h
+index 90df7100803..c4dec6352bf 100644
+--- a/opcodes/mips-formats.h
++++ b/opcodes/mips-formats.h
+@@ -49,7 +49,7 @@
+ #define MAPPED_INT(SIZE, LSB, MAP, PRINT_HEX) \
+ { \
+ typedef char ATTRIBUTE_UNUSED \
+- static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
++ static_assert_3[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
+ static const struct mips_mapped_int_operand op = { \
+ { OP_MAPPED_INT, SIZE, LSB }, MAP, PRINT_HEX \
+ }; \
+@@ -83,7 +83,7 @@
+ #define MAPPED_REG(SIZE, LSB, BANK, MAP) \
+ { \
+ typedef char ATTRIBUTE_UNUSED \
+- static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
++ static_assert_4[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
+ static const struct mips_reg_operand op = { \
+ { OP_REG, SIZE, LSB }, OP_REG_##BANK, MAP \
+ }; \
+@@ -93,7 +93,7 @@
+ #define OPTIONAL_MAPPED_REG(SIZE, LSB, BANK, MAP) \
+ { \
+ typedef char ATTRIBUTE_UNUSED \
+- static_assert[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
++ static_assert_5[(1 << (SIZE)) == ARRAY_SIZE (MAP)]; \
+ static const struct mips_reg_operand op = { \
+ { OP_OPTIONAL_REG, SIZE, LSB }, OP_REG_##BANK, MAP \
+ }; \
+diff --git a/opcodes/s390-opc.c b/opcodes/s390-opc.c
+index 9d9f0973e55..49efd714157 100644
+--- a/opcodes/s390-opc.c
++++ b/opcodes/s390-opc.c
+@@ -36,7 +36,9 @@
+
+ /* Build-time checks are preferrable over runtime ones. Use this construct
+ in preference where possible. */
++#ifndef static_assert
+ #define static_assert(e) ((void)sizeof (struct { int _:1 - 2 * !(e); }))
++#endif
+
+ #define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))
+
+--
+2.43.7
+
diff --git a/meta/recipes-devtools/binutils/binutils/0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch b/meta/recipes-devtools/binutils/binutils/0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch
new file mode 100644
index 0000000000..89bd9618bc
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0019-Fix-32097-Warnings-when-building-gprofng-with-Clang.patch
@@ -0,0 +1,767 @@
+From b7888eb5a45772ed2e9a2030c50625a15b5ef795 Mon Sep 17 00:00:00 2001
+From: Vladimir Mezentsev <vladimir.mezentsev@oracle.com>
+Date: Tue, 3 Sep 2024 21:30:31 -0700
+Subject: [PATCH] Fix 32097 Warnings when building gprofng with Clang
+
+gprofng/ChangeLog
+2024-09-03 Vladimir Mezentsev <vladimir.mezentsev@oracle.com>.
+
+ PR gprofng/32097
+ * common/hwcdrv.c: Fix -Wempty-body warnings.
+ * common/hwcentry.h: Fix -Wdeprecated-non-prototype warnings.
+ * common/hwctable.c: Fix -Wdeprecated-non-prototype warnings.
+ * libcollector/collector.c: Likewise.
+ * libcollector/collector.h: Likewise.
+ * libcollector/collectorAPI.c: Likewise.
+ * libcollector/dispatcher.c: Likewise.
+ * libcollector/iotrace.c: Likewise.
+ * libcollector/libcol_util.c: Fix -Wunused-but-set-variable warnings.
+ * libcollector/libcol_util.h: Remove unused declarations.
+ * libcollector/linetrace.c: Fix -Wdeprecated-non-prototype warnings.
+ * src/BaseMetricTreeNode.h: Fix -Wunused-private-field warnings.
+ * src/Dbe.cc: Fix -Wself-assign warnings.
+ * src/DbeSession.cc: Fix -Wunused-but-set-variable warnings.
+ * src/Disasm.cc: Fix -Wunused-const-variable warnings.
+ * src/Experiment.cc: Fix -Wunused-private-field warnings.
+ * src/HashMap.h: Fix -Wself-assign warnings.
+ * src/IOActivity.h: Fix -Wunused-private-field warnings.
+ * src/collctrl.cc: Fix -Wself-assign, -Wparentheses-equality warnings.
+ * src/collctrl.h: Fix -Wunused-private-field warnings.
+ * src/collector_module.h: Fix -Wdeprecated-non-prototype warnings.
+ * src/gp-display-src.cc: Fix -Wunused-private-field warnings.
+ * src/gp-print.h: Fix -Wheader-guard warnings.
+ * src/hwc_intel_icelake.h: Fix -Winitializer-overrides warnings.
+ * src/util.cc: Fix -Wunused-but-set-variable warnings.
+Upstream-Status: Backport [https://github.com/bminor/binutils-gdb/commit/b79c457ca01df82dbe1facb708e45def4584c903]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ gprofng/common/hwcdrv.c | 3 ++-
+ gprofng/common/hwcentry.h | 7 +----
+ gprofng/common/hwctable.c | 13 +---------
+ gprofng/libcollector/collector.c | 15 ++++-------
+ gprofng/libcollector/collector.h | 2 +-
+ gprofng/libcollector/collectorAPI.c | 15 ++++++-----
+ gprofng/libcollector/dispatcher.c | 19 ++++++++------
+ gprofng/libcollector/iotrace.c | 12 ++++-----
+ gprofng/libcollector/libcol_util.c | 2 --
+ gprofng/libcollector/libcol_util.h | 6 -----
+ gprofng/libcollector/linetrace.c | 40 +++++++++++++++++------------
+ gprofng/src/BaseMetricTreeNode.h | 1 -
+ gprofng/src/Dbe.cc | 12 ++++-----
+ gprofng/src/DbeSession.cc | 3 ---
+ gprofng/src/Disasm.cc | 1 -
+ gprofng/src/Experiment.cc | 2 --
+ gprofng/src/HashMap.h | 3 +--
+ gprofng/src/IOActivity.h | 1 -
+ gprofng/src/collctrl.cc | 14 +++++-----
+ gprofng/src/collctrl.h | 1 -
+ gprofng/src/collector_module.h | 20 +++++++--------
+ gprofng/src/gp-display-src.cc | 8 ------
+ gprofng/src/gp-print.h | 2 +-
+ gprofng/src/util.cc | 10 +++-----
+ 24 files changed, 84 insertions(+), 128 deletions(-)
+
+diff --git a/gprofng/common/hwcdrv.c b/gprofng/common/hwcdrv.c
+index 2d549b0d6a5..fa1ad32430b 100644
+--- a/gprofng/common/hwcdrv.c
++++ b/gprofng/common/hwcdrv.c
+@@ -650,6 +650,7 @@ read_sample (counter_state_t *ctr_state, int msgsz, uint64_t *rvalue,
+ static void
+ dump_perf_event_attr (struct perf_event_attr *at)
+ {
++#if defined(DEBUG)
+ TprintfT (DBG_LT2, "dump_perf_event_attr: size=%d type=%d sample_period=%lld\n"
+ " config=0x%llx config1=0x%llx config2=0x%llx wakeup_events=%lld __reserved_1=%lld\n",
+ (int) at->size, (int) at->type, (unsigned long long) at->sample_period,
+@@ -665,13 +666,13 @@ dump_perf_event_attr (struct perf_event_attr *at)
+ DUMP_F (exclude_kernel);
+ DUMP_F (exclude_hv);
+ DUMP_F (exclude_idle);
+- // DUMP_F(xmmap);
+ DUMP_F (comm);
+ DUMP_F (freq);
+ DUMP_F (inherit_stat);
+ DUMP_F (enable_on_exec);
+ DUMP_F (task);
+ DUMP_F (watermark);
++#endif
+ }
+
+ static void
+diff --git a/gprofng/common/hwcentry.h b/gprofng/common/hwcentry.h
+index a35a363e693..7899875cf96 100644
+--- a/gprofng/common/hwcentry.h
++++ b/gprofng/common/hwcentry.h
+@@ -202,17 +202,12 @@ extern "C"
+ extern char *hwc_get_docref (char *buf, size_t buflen);
+ /* Return a CPU HWC document reference, or NULL. */
+
+- // TBR
+- extern char *hwc_get_default_cntrs ();
+- /* Return a default HW counter string; may be NULL, or zero-length */
+- /* NULL means none is defined in the table; or zero-length means string defined could not be loaded */
+-
+ extern char *hwc_get_default_cntrs2 (int forKernel, int style);
+ /* like hwc_get_default_cntrs() for style==1 */
+ /* but allows other styles of formatting as well */
+ /* deprecate and eventually remove hwc_get_default_cntrs() */
+
+- extern char *hwc_get_orig_default_cntrs ();
++ extern char *hwc_get_orig_default_cntrs (int forKernel);
+ /* Get the default HW counter string as set in the table */
+ /* NULL means none is defined in the table */
+
+diff --git a/gprofng/common/hwctable.c b/gprofng/common/hwctable.c
+index d0735132fac..fe9153190e7 100644
+--- a/gprofng/common/hwctable.c
++++ b/gprofng/common/hwctable.c
+@@ -3231,7 +3231,7 @@ check_tables ()
+ }
+ #endif
+
+-static int try_a_counter ();
++static int try_a_counter (int forKernel);
+ static void hwc_process_raw_ctrs (int forKernel, Hwcentry ***pstd_out,
+ Hwcentry ***praw_out, Hwcentry ***phidden_out,
+ Hwcentry**static_tables,
+@@ -4321,17 +4321,6 @@ hwc_get_docref (char *buf, size_t buflen)
+ return buf;
+ }
+
+-//TBR:
+-
+-extern char*
+-hwc_get_default_cntrs ()
+-{
+- setup_cpcx ();
+- if (cpcx_default_hwcs[0] != NULL)
+- return strdup (cpcx_default_hwcs[0]); // TBR deprecate this
+- return NULL;
+-}
+-
+ extern char*
+ hwc_get_default_cntrs2 (int forKernel, int style)
+ {
+diff --git a/gprofng/libcollector/collector.c b/gprofng/libcollector/collector.c
+index 39529758600..ef580dcbdd9 100644
+--- a/gprofng/libcollector/collector.c
++++ b/gprofng/libcollector/collector.c
+@@ -210,15 +210,10 @@ get_collector_interface ()
+ static void
+ collector_module_init (CollectorInterface *col_intf)
+ {
+- int nmodules = 0;
+-
+ ModuleInitFunc next_init = (ModuleInitFunc) dlsym (RTLD_DEFAULT, "__collector_module_init");
+ if (next_init != NULL)
+- {
+- nmodules++;
+- next_init (col_intf);
+- }
+- TprintfT (DBG_LT1, "collector_module_init: %d modules\n", nmodules);
++ next_init (col_intf);
++ TprintfT (DBG_LT1, "collector_module_init: %d modules\n", next_init ? 1 : 0);
+ }
+
+ /* Routines concerned with general experiment start and stop */
+@@ -1784,7 +1779,7 @@ __collector_pause ()
+ }
+
+ void
+-__collector_pause_m (char *reason)
++__collector_pause_m (const char *reason)
+ {
+ hrtime_t now;
+ char xreason[MAXPATHLEN];
+@@ -2451,8 +2446,8 @@ __collector_dlog (int tflag, int level, char *format, ...)
+
+ static void (*__real__exit) (int status) = NULL; /* libc only: _exit */
+ static void (*__real__Exit) (int status) = NULL; /* libc only: _Exit */
+-void _exit () __attribute__ ((weak, alias ("__collector_exit")));
+-void _Exit () __attribute__ ((weak, alias ("__collector_Exit")));
++void _exit (int status) __attribute__ ((weak, alias ("__collector_exit")));
++void _Exit (int status) __attribute__ ((weak, alias ("__collector_Exit")));
+
+ void
+ __collector_exit (int status)
+diff --git a/gprofng/libcollector/collector.h b/gprofng/libcollector/collector.h
+index 07a03bdd17a..eda68a0e4f5 100644
+--- a/gprofng/libcollector/collector.h
++++ b/gprofng/libcollector/collector.h
+@@ -123,7 +123,7 @@ extern void __collector_terminate_expt ();
+ extern void __collector_terminate_hook ();
+ extern void __collector_sample (char *name);
+ extern void __collector_pause ();
+-extern void __collector_pause_m ();
++extern void __collector_pause_m (const char *reason);
+ extern void __collector_resume ();
+ extern int collector_sigemt_sigaction (const struct sigaction*,
+ struct sigaction*);
+diff --git a/gprofng/libcollector/collectorAPI.c b/gprofng/libcollector/collectorAPI.c
+index 5fa6403ad49..449bbbaab65 100644
+--- a/gprofng/libcollector/collectorAPI.c
++++ b/gprofng/libcollector/collectorAPI.c
+@@ -26,16 +26,17 @@
+ #include "collectorAPI.h"
+ #include "gp-experiment.h"
+
+-static void *__real_collector_sample = NULL;
+-static void *__real_collector_pause = NULL;
+-static void *__real_collector_resume = NULL;
+-static void *__real_collector_terminate_expt = NULL;
+-static void *__real_collector_func_load = NULL;
+-static void *__real_collector_func_unload = NULL;
++static void (*__real_collector_sample)(const char *) = NULL;
++static void (*__real_collector_pause)() = NULL;
++static void (*__real_collector_resume)() = NULL;
++static void (*__real_collector_terminate_expt)() = NULL;
++static void (*__real_collector_func_load)(const char *, const char *,
++ const char *, void *, int, int, Lineno *) = NULL;
++static void (*__real_collector_func_unload)(void *) = NULL;
+
+ #define INIT_API if (init_API == 0) collectorAPI_initAPI()
+ #define NULL_PTR(x) (__real_##x == NULL)
+-#define CALL_REAL(x) (*(void(*)())__real_##x)
++#define CALL_REAL(x) (__real_##x)
+ #define CALL_IF_REAL(x) INIT_API; if (!NULL_PTR(x)) CALL_REAL(x)
+
+ static int init_API = 0;
+diff --git a/gprofng/libcollector/dispatcher.c b/gprofng/libcollector/dispatcher.c
+index d2a4ad0b60b..867753a22ec 100644
+--- a/gprofng/libcollector/dispatcher.c
++++ b/gprofng/libcollector/dispatcher.c
+@@ -909,8 +909,9 @@ sigset (int sig, sighandler_t handler)
+
+ // map interposed symbol versions
+ static int
+-gprofng_timer_create (int (real_func) (), clockid_t clockid,
+- struct sigevent *sevp, timer_t *timerid)
++gprofng_timer_create (int (real_func) (clockid_t, struct sigevent *, timer_t *),
++ clockid_t clockid,
++ struct sigevent *sevp, timer_t *timerid)
+ {
+ // collector reserves SIGPROF
+ if (sevp == NULL || sevp->sigev_notify != SIGEV_SIGNAL ||
+@@ -1045,7 +1046,7 @@ __collector_thr_sigsetmask (int how, const sigset_t* iset, sigset_t* oset)
+ // map interposed symbol versions
+
+ static int
+-gprofng_pthread_sigmask (int (real_func) (),
++gprofng_pthread_sigmask (int (real_func) (int, const sigset_t *, sigset_t*),
+ int how, const sigset_t *iset, sigset_t* oset)
+ {
+ sigset_t lsigset;
+@@ -1140,9 +1141,10 @@ collector_root (void *cargs)
+ // map interposed symbol versions
+
+ static int
+-gprofng_pthread_create (int (real_func) (), pthread_t *thread,
+- const pthread_attr_t *attr,
+- void *(*func)(void*), void *arg)
++gprofng_pthread_create (int (real_func) (pthread_t *, const pthread_attr_t *,
++ void *(*)(void *), void *),
++ pthread_t *thread, const pthread_attr_t *attr,
++ void *(*func)(void*), void *arg)
+ {
+ TprintfT (DBG_LTT, "gprofng_pthread_create @%p\n", real_func);
+ if (dispatch_mode != DISPATCH_ON)
+@@ -1277,6 +1279,7 @@ __collector_ext_clone_pthread (int (*fn)(void *), void *child_stack, int flags,
+ }
+
+ // weak symbols:
+-int sigprocmask () __attribute__ ((weak, alias ("__collector_sigprocmask")));
+-int thr_sigsetmask () __attribute__ ((weak, alias ("__collector_thr_sigsetmask")));
++int sigprocmask (int, const sigset_t*, sigset_t*) __attribute__ ((weak, alias ("__collector_sigprocmask")));
++int thr_sigsetmask (int, const sigset_t*, sigset_t*) __attribute__ ((weak, alias ("__collector_thr_sigsetmask")));
+ int setitimer () __attribute__ ((weak, alias ("_setitimer")));
++
+diff --git a/gprofng/libcollector/iotrace.c b/gprofng/libcollector/iotrace.c
+index 18060864796..3deb441d9c7 100644
+--- a/gprofng/libcollector/iotrace.c
++++ b/gprofng/libcollector/iotrace.c
+@@ -1350,7 +1350,7 @@ mkstemp (char *template)
+ unsigned pktSize;
+ if (NULL_PTR (mkstemp))
+ init_io_intf ();
+- if (CHCK_REENTRANCE (guard) || template == NULL)
++ if (CHCK_REENTRANCE (guard))
+ return CALL_REAL (mkstemp)(template);
+ PUSH_REENTRANCE (guard);
+ hrtime_t reqt = gethrtime ();
+@@ -1405,7 +1405,7 @@ mkstemps (char *template, int slen)
+ unsigned pktSize;
+ if (NULL_PTR (mkstemps))
+ init_io_intf ();
+- if (CHCK_REENTRANCE (guard) || template == NULL)
++ if (CHCK_REENTRANCE (guard))
+ return CALL_REAL (mkstemps)(template, slen);
+ PUSH_REENTRANCE (guard);
+ hrtime_t reqt = gethrtime ();
+@@ -1485,7 +1485,7 @@ close (int fildes)
+
+ /*------------------------------------------------------------- fopen */
+ static FILE*
+-gprofng_fopen (FILE*(real_fopen) (), const char *filename, const char *mode)
++gprofng_fopen (FILE*(real_fopen) (const char *, const char *), const char *filename, const char *mode)
+ {
+ int *guard;
+ FILE *fp = NULL;
+@@ -1559,7 +1559,7 @@ DCL_FOPEN (fopen)
+
+ /*------------------------------------------------------------- fclose */
+ static int
+-gprofng_fclose (int(real_fclose) (), FILE *stream)
++gprofng_fclose (int(real_fclose) (FILE *), FILE *stream)
+ {
+ int *guard;
+ int stat;
+@@ -1645,7 +1645,7 @@ fflush (FILE *stream)
+
+ /*------------------------------------------------------------- fdopen */
+ static FILE*
+-gprofng_fdopen (FILE*(real_fdopen) (), int fildes, const char *mode)
++gprofng_fdopen (FILE*(real_fdopen) (int, const char *), int fildes, const char *mode)
+ {
+ int *guard;
+ FILE *fp = NULL;
+@@ -2957,7 +2957,7 @@ DCL_FGETPOS (fgetpos)
+
+ /*------------------------------------------------------------- fgetpos64 */
+ static int
+-gprofng_fgetpos64 (int(real_fgetpos64) (), FILE *stream, fpos64_t *pos)
++gprofng_fgetpos64 (int(real_fgetpos64) (FILE *, fpos64_t *), FILE *stream, fpos64_t *pos)
+ {
+ int *guard;
+ int ret;
+diff --git a/gprofng/libcollector/libcol_util.c b/gprofng/libcollector/libcol_util.c
+index 15ba24d2ab5..c2b82894e6b 100644
+--- a/gprofng/libcollector/libcol_util.c
++++ b/gprofng/libcollector/libcol_util.c
+@@ -1013,7 +1013,6 @@ __collector_open (const char *path, int oflag, ...)
+ mode_t mode = 0;
+
+ hrtime_t t_timeout = __collector_gethrtime () + 5 * ((hrtime_t) NANOSEC);
+- int nretries = 0;
+ long long delay = 100; /* start at some small, arbitrary value */
+
+ /* get optional mode argument if it's expected/required */
+@@ -1058,7 +1057,6 @@ __collector_open (const char *path, int oflag, ...)
+ delay *= 2;
+ if (delay > 100000000)
+ delay = 100000000; /* cap at some large, arbitrary value */
+- nretries++;
+ }
+ return fd;
+ }
+diff --git a/gprofng/libcollector/libcol_util.h b/gprofng/libcollector/libcol_util.h
+index 2eeeaeed50b..1b1b928180a 100644
+--- a/gprofng/libcollector/libcol_util.h
++++ b/gprofng/libcollector/libcol_util.h
+@@ -81,12 +81,6 @@ extern int __collector_mutex_trylock (collector_mutex_t *mp);
+ #define __collector_mutex_init(xx) \
+ do { collector_mutex_t tmp=COLLECTOR_MUTEX_INITIALIZER; *(xx)=tmp; } while(0)
+
+-void __collector_sample (char *name);
+-void __collector_terminate_expt ();
+-void __collector_pause ();
+-void __collector_pause_m ();
+-void __collector_resume ();
+-
+ struct DT_lineno;
+
+ typedef enum
+diff --git a/gprofng/libcollector/linetrace.c b/gprofng/libcollector/linetrace.c
+index 67b2d7e9030..66844bc1337 100644
+--- a/gprofng/libcollector/linetrace.c
++++ b/gprofng/libcollector/linetrace.c
+@@ -1207,7 +1207,7 @@ __collector_vfork (void)
+ }
+
+ /*------------------------------------------------------------- execve */
+-int execve () __attribute__ ((weak, alias ("__collector_execve")));
++int execve (const char *, char *const [], char *const []) __attribute__ ((weak, alias ("__collector_execve")));
+
+ int
+ __collector_execve (const char* path, char *const argv[], char *const envp[])
+@@ -1237,7 +1237,7 @@ __collector_execve (const char* path, char *const argv[], char *const envp[])
+ return ret;
+ }
+
+-int execvp () __attribute__ ((weak, alias ("__collector_execvp")));
++int execvp (const char *, char *const []) __attribute__ ((weak, alias ("__collector_execvp")));
+
+ int
+ __collector_execvp (const char* file, char *const argv[])
+@@ -1269,7 +1269,7 @@ __collector_execvp (const char* file, char *const argv[])
+ return ret;
+ }
+
+-int execv () __attribute__ ((weak, alias ("__collector_execv")));
++int execv (const char *, char *const []) __attribute__ ((weak, alias ("__collector_execv")));
+
+ int
+ __collector_execv (const char* path, char *const argv[])
+@@ -1408,7 +1408,10 @@ __collector_execl (const char* path, const char *arg0, ...)
+ /*-------------------------------------------------------- posix_spawn */
+ // map interposed symbol versions
+ static int
+-gprofng_posix_spawn (int(real_posix_spawn) (),
++gprofng_posix_spawn (int(real_posix_spawn) (pid_t *, const char *,
++ const posix_spawn_file_actions_t *,
++ const posix_spawnattr_t *,
++ char *const [], char *const []),
+ pid_t *pidp, const char *path,
+ const posix_spawn_file_actions_t *file_actions,
+ const posix_spawnattr_t *attrp,
+@@ -1466,7 +1469,10 @@ DCL_POSIX_SPAWN (posix_spawn)
+
+ /*-------------------------------------------------------- posix_spawnp */
+ static int
+-gprofng_posix_spawnp (int (real_posix_spawnp) (),
++gprofng_posix_spawnp (int (real_posix_spawnp) (pid_t *, const char *,
++ const posix_spawn_file_actions_t *,
++ const posix_spawnattr_t *,
++ char *const [], char *const []),
+ pid_t *pidp, const char *path,
+ const posix_spawn_file_actions_t *file_actions,
+ const posix_spawnattr_t *attrp,
+@@ -1754,8 +1760,8 @@ __collector_clone (int (*fn)(void *), void *child_stack, int flags, void *arg,
+ }
+
+ /*-------------------------------------------------------------------- setuid */
+-int setuid () __attribute__ ((weak, alias ("__collector_setuid")));
+-int _setuid () __attribute__ ((weak, alias ("__collector_setuid")));
++int setuid (uid_t) __attribute__ ((weak, alias ("__collector_setuid")));
++int _setuid (uid_t) __attribute__ ((weak, alias ("__collector_setuid")));
+
+ int
+ __collector_setuid (uid_t ruid)
+@@ -1770,8 +1776,8 @@ __collector_setuid (uid_t ruid)
+ }
+
+ /*------------------------------------------------------------------- seteuid */
+-int seteuid () __attribute__ ((weak, alias ("__collector_seteuid")));
+-int _seteuid () __attribute__ ((weak, alias ("__collector_seteuid")));
++int seteuid (uid_t) __attribute__ ((weak, alias ("__collector_seteuid")));
++int _seteuid (uid_t) __attribute__ ((weak, alias ("__collector_seteuid")));
+
+ int
+ __collector_seteuid (uid_t euid)
+@@ -1786,8 +1792,8 @@ __collector_seteuid (uid_t euid)
+ }
+
+ /*------------------------------------------------------------------ setreuid */
+-int setreuid () __attribute__ ((weak, alias ("__collector_setreuid")));
+-int _setreuid () __attribute__ ((weak, alias ("__collector_setreuid")));
++int setreuid (uid_t, uid_t) __attribute__ ((weak, alias ("__collector_setreuid")));
++int _setreuid (uid_t, uid_t) __attribute__ ((weak, alias ("__collector_setreuid")));
+
+ int
+ __collector_setreuid (uid_t ruid, uid_t euid)
+@@ -1802,8 +1808,8 @@ __collector_setreuid (uid_t ruid, uid_t euid)
+ }
+
+ /*-------------------------------------------------------------------- setgid */
+-int setgid () __attribute__ ((weak, alias ("__collector_setgid")));
+-int _setgid () __attribute__ ((weak, alias ("__collector_setgid")));
++int setgid (gid_t) __attribute__ ((weak, alias ("__collector_setgid")));
++int _setgid (gid_t) __attribute__ ((weak, alias ("__collector_setgid")));
+
+ int
+ __collector_setgid (gid_t rgid)
+@@ -1818,8 +1824,8 @@ __collector_setgid (gid_t rgid)
+ }
+
+ /*------------------------------------------------------------------- setegid */
+-int setegid () __attribute__ ((weak, alias ("__collector_setegid")));
+-int _setegid () __attribute__ ((weak, alias ("__collector_setegid")));
++int setegid (gid_t) __attribute__ ((weak, alias ("__collector_setegid")));
++int _setegid (gid_t) __attribute__ ((weak, alias ("__collector_setegid")));
+
+ int
+ __collector_setegid (gid_t egid)
+@@ -1834,8 +1840,8 @@ __collector_setegid (gid_t egid)
+ }
+
+ /*------------------------------------------------------------------ setregid */
+-int setregid () __attribute__ ((weak, alias ("__collector_setregid")));
+-int _setregid () __attribute__ ((weak, alias ("__collector_setregid")));
++int setregid (gid_t, gid_t) __attribute__ ((weak, alias ("__collector_setregid")));
++int _setregid (gid_t, gid_t) __attribute__ ((weak, alias ("__collector_setregid")));
+
+ int
+ __collector_setregid (gid_t rgid, gid_t egid)
+diff --git a/gprofng/src/BaseMetricTreeNode.h b/gprofng/src/BaseMetricTreeNode.h
+index d73d244e27e..7698f9c6eaf 100644
+--- a/gprofng/src/BaseMetricTreeNode.h
++++ b/gprofng/src/BaseMetricTreeNode.h
+@@ -85,7 +85,6 @@ private:
+
+ BaseMetricTreeNode *root; // root of tree
+ BaseMetricTreeNode *parent; // my parent
+- bool aggregation; // value is based on children's values
+ char *name; // bm->get_cmd() for metrics, unique string otherwise
+ char *uname; // user-visible text
+ char *unit; // see UNIT_* defines
+diff --git a/gprofng/src/Dbe.cc b/gprofng/src/Dbe.cc
+index 91a5aa5ef05..bcbf4694565 100644
+--- a/gprofng/src/Dbe.cc
++++ b/gprofng/src/Dbe.cc
+@@ -9594,14 +9594,12 @@ dbeGetTLDataRepVals (VMode view_mode, hrtime_t start_ts, hrtime_t delta,
+ }
+ if (sampleVals != NULL)
+ {
+- Sample* sample = (Sample*) packets->getObjValue (PROP_SMPLOBJ, packetIdx);
+- if (!sample || !sample->get_usage ())
+- sample = sample;
+- else
++ Sample *sample = (Sample*) packets->getObjValue (PROP_SMPLOBJ, packetIdx);
++ if (sample != NULL)
+ {
+- PrUsage* prusage = sample->get_usage ();
+- Vector<long long> *mstateVals = prusage->getMstateValues ();
+- sampleVals->store (eventIdx, mstateVals);
++ PrUsage *prusage = sample->get_usage ();
++ if (prusage != NULL)
++ sampleVals->store (eventIdx, prusage->getMstateValues ());
+ }
+ }
+ }
+diff --git a/gprofng/src/DbeSession.cc b/gprofng/src/DbeSession.cc
+index 20329091167..5d6bab75638 100644
+--- a/gprofng/src/DbeSession.cc
++++ b/gprofng/src/DbeSession.cc
+@@ -1162,8 +1162,6 @@ DbeSession::open_experiment (Experiment *exp, char *path)
+ closedir (exp_dir);
+ exp_names->sort (dir_name_cmp);
+ Experiment **t_exp_list = new Experiment *[exp_names->size ()];
+- int nsubexps = 0;
+-
+ for (int j = 0, jsz = exp_names->size (); j < jsz; j++)
+ {
+ t_exp_list[j] = NULL;
+@@ -1220,7 +1218,6 @@ DbeSession::open_experiment (Experiment *exp, char *path)
+ dexp->open (dpath);
+ append (dexp);
+ t_exp_list[j] = dexp;
+- nsubexps++;
+ dexp->set_clock (exp->clock);
+
+ // DbeView add_experiment() is split into two parts
+diff --git a/gprofng/src/Disasm.cc b/gprofng/src/Disasm.cc
+index 1396e4fb072..d78212cee39 100644
+--- a/gprofng/src/Disasm.cc
++++ b/gprofng/src/Disasm.cc
+@@ -49,7 +49,6 @@ struct DisContext
+ };
+
+ static const int MAX_DISASM_STR = 2048;
+-static const int MAX_INSTR_SIZE = 8;
+
+ Disasm::Disasm (char *fname)
+ {
+diff --git a/gprofng/src/Experiment.cc b/gprofng/src/Experiment.cc
+index 02a24ebc40d..a31550aff66 100644
+--- a/gprofng/src/Experiment.cc
++++ b/gprofng/src/Experiment.cc
+@@ -1935,8 +1935,6 @@ private:
+ }
+
+ Experiment *exp;
+- char *hostname;
+- hrtime_t time, tstamp;
+ };
+
+ void
+diff --git a/gprofng/src/HashMap.h b/gprofng/src/HashMap.h
+index 918c0dc95f9..c5fdd345ba8 100644
+--- a/gprofng/src/HashMap.h
++++ b/gprofng/src/HashMap.h
+@@ -78,9 +78,8 @@ copy_key (uint64_t a)
+ }
+
+ template<> inline void
+-delete_key (uint64_t a)
++delete_key (uint64_t)
+ {
+- a = a;
+ }
+
+ template<> inline int
+diff --git a/gprofng/src/IOActivity.h b/gprofng/src/IOActivity.h
+index cf462cf8d55..f3a22ada6b1 100644
+--- a/gprofng/src/IOActivity.h
++++ b/gprofng/src/IOActivity.h
+@@ -78,7 +78,6 @@ private:
+ Hist_data *hist_data_file_all;
+ Hist_data *hist_data_vfd_all;
+ Hist_data *hist_data_callstack_all;
+- Hist_data *hist_data_callstack;
+
+ DbeView *dbev;
+ };
+diff --git a/gprofng/src/collctrl.cc b/gprofng/src/collctrl.cc
+index ebf888c5a20..b0ed66efcdc 100644
+--- a/gprofng/src/collctrl.cc
++++ b/gprofng/src/collctrl.cc
+@@ -952,9 +952,7 @@ Coll_Ctrl::set_clkprof (const char *string, char** warn)
+ double dval = strtod (string, &endchar);
+ if (*endchar == 'm' || *endchar == 0) /* user specified milliseconds */
+ dval = dval * 1000.;
+- else if (*endchar == 'u') /* user specified microseconds */
+- dval = dval;
+- else
++ else if (*endchar != 'u')
+ return dbe_sprintf (GTXT ("Unrecognized clock-profiling interval `%s'\n"), string);
+ nclkprof_timer = (int) (dval + 0.5);
+ }
+@@ -2901,7 +2899,7 @@ Coll_Ctrl::get (char * control)
+ }
+ if (!strncmp (control, ipc_str_javaprof, len))
+ {
+- if ((java_mode == 0))
++ if (java_mode == 0)
+ return strdup (ipc_str_off);
+ return strdup (ipc_str_on);
+ }
+@@ -2917,7 +2915,7 @@ Coll_Ctrl::get (char * control)
+ }
+ if (!strncmp (control, ipc_str_sample_sig, len))
+ {
+- if ((sample_sig == 0))
++ if (sample_sig == 0)
+ return strdup (ipc_str_off);
+ char *str_signal = find_signal_name (sample_sig);
+ if (str_signal != NULL)
+@@ -2951,15 +2949,15 @@ Coll_Ctrl::get (char * control)
+ }
+ if (!strncmp (control, ipc_str_iotrace, len))
+ {
+- if ((iotrace_enabled == 0))
++ if (iotrace_enabled == 0)
+ return strdup (ipc_str_off);
+ return strdup (ipc_str_on);
+ }
+ if (!strncmp (control, ipc_str_count, len))
+ {
+- if ((count_enabled == 0))
++ if (count_enabled == 0)
+ return strdup (ipc_str_off);
+- if ((count_enabled < 0))
++ if (count_enabled < 0)
+ return strdup ("on\nstatic");
+ return strdup (ipc_str_on);
+ }
+diff --git a/gprofng/src/collector_module.h b/gprofng/src/collector_module.h
+index bb48eadb9f8..ebcdbca561f 100644
+--- a/gprofng/src/collector_module.h
++++ b/gprofng/src/collector_module.h
+@@ -40,12 +40,12 @@ struct tm;
+ * If you add any, please put it in the right place */
+ typedef struct CollectorUtilFuncs
+ {
+- int (*access)();
++ int (*access)(const char *, int);
+ int (*atoi)(const char *nptr);
+ void *(*calloc)(size_t nelem, size_t elsize);
+ int (*clearenv)(void);
+ int (*close)(int);
+- int (*closedir)();
++ int (*closedir)(DIR *);
+ int (*execv)(const char *path, char *const argv[]);
+ void (*exit)(int status);
+ int (*fclose)(FILE *stream);
+@@ -66,20 +66,20 @@ typedef struct CollectorUtilFuncs
+ off_t (*lseek)(int fd, off_t offset, int whence);
+ void *(*malloc)(size_t size);
+ void *(*memset)(void *s1, int c, size_t n);
+- int (*mkdir)();
++ int (*mkdir)(const char *, mode_t);
+ time_t (*mktime)(struct tm *timeptr);
+ void *(*mmap)(void *, size_t, int, int, int, off_t);
+- void *(*mmap64_)();
+- int (*munmap)();
++ void *(*mmap64_)(void *, size_t, int, int, int, off_t);
++ int (*munmap)(void *, size_t);
+ int (*open)(const char *, int, ...);
+ int (*open_bare)(const char *, int, ...);
+- DIR *(*opendir)();
++ DIR *(*opendir)(const char *);
+ int (*pclose)(FILE *stream);
+ FILE *(*popen)(const char *command, const char *mode);
+ int (*putenv)(char *string);
+- ssize_t (*pwrite)();
+- ssize_t (*pwrite64_)();
+- ssize_t (*read)();
++ ssize_t (*pwrite)(int, const void *, size_t, off_t);
++ ssize_t (*pwrite64_)(int, const void *, size_t, off_t);
++ ssize_t (*read)(int, void *, size_t);
+ int (*setenv)(const char *name, const char *value, int overwrite);
+ int (*sigfillset)(sigset_t *set);
+ int (*sigprocmask)(int how, const sigset_t *set, sigset_t *oldset);
+@@ -112,7 +112,7 @@ typedef struct CollectorUtilFuncs
+ int (*unsetenv)(const char *name);
+ int (*vsnprintf)(char *str, size_t size, const char *format, va_list ap);
+ pid_t (*waitpid)(pid_t pid, int *stat_loc, int options);
+- ssize_t (*write)();
++ ssize_t (*write)(int, void *, size_t);
+ double (*atof)();
+ void *n_a;
+ } CollectorUtilFuncs;
+diff --git a/gprofng/src/gp-display-src.cc b/gprofng/src/gp-display-src.cc
+index 200e6080d2e..24af375edf1 100644
+--- a/gprofng/src/gp-display-src.cc
++++ b/gprofng/src/gp-display-src.cc
+@@ -75,14 +75,6 @@ private:
+ bool v_opt;
+ int multiple;
+ char *str_compcom;
+- bool hex_visible;
+- int src_visible;
+- int vis_src;
+- int vis_dis;
+- int threshold_src;
+- int threshold_dis;
+- int threshold;
+- int vis_bits;
+ };
+
+ static int
+diff --git a/gprofng/src/gp-print.h b/gprofng/src/gp-print.h
+index 1b748ea60a3..1a8ad3b6c13 100644
+--- a/gprofng/src/gp-print.h
++++ b/gprofng/src/gp-print.h
+@@ -19,7 +19,7 @@
+ MA 02110-1301, USA. */
+
+ #ifndef _GP_PRINT_H
+-#define _ER_PRINT_H
++#define _GP_PRINT_H
+
+ #include "Command.h"
+ #include "DbeApplication.h"
+diff --git a/gprofng/src/util.cc b/gprofng/src/util.cc
+index 201f7088b66..228140b61ae 100644
+--- a/gprofng/src/util.cc
++++ b/gprofng/src/util.cc
+@@ -741,17 +741,13 @@ get_relative_link (const char *path_from, const char *path_to)
+ s2 = canonical_path (s2);
+ long l = dbe_sstrlen (s1);
+ // try to find common directories
+- int common_slashes = 0;
+ int last_common_slash = -1;
+ for (int i = 0; i < l; i++)
+ {
+- if (s1[i] != s2[i]) break;
+- if (s1[i] == 0) break;
++ if (s1[i] != s2[i] || s1[i] == 0)
++ break;
+ if (s1[i] == '/')
+- {
+- common_slashes++;
+- last_common_slash = i;
+- }
++ last_common_slash = i;
+ }
+ // find slashes in remaining path_to
+ int slashes = 0;
diff --git a/meta/recipes-devtools/binutils/binutils/0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch b/meta/recipes-devtools/binutils/binutils/0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch
new file mode 100644
index 0000000000..a1b8bb6d18
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0020-gprofng-fix-std-gnu23-compatibility-wrt-unprototyped.patch
@@ -0,0 +1,606 @@
+From 610889f9e0cace025758fdd0ce8e8f9edf9f4223 Mon Sep 17 00:00:00 2001
+From: Sam James <sam@gentoo.org>
+Date: Sat, 16 Nov 2024 05:13:48 +0000
+Subject: [PATCH] gprofng: fix -std=gnu23 compatibility wrt unprototyped
+ functions
+
+C23 removes support for unprototyped functions. Fix function pointer types
+accordingly.
+
+This does not fix all instances, there's a few left as I commented on in
+PR32374 (e.g. setitimer which I have a local workaround for but it involves
+a glibc implementation detail; the Linaro precommit CI tester pointed that
+out too, so dropped that).
+
+ChangeLog:
+ PR gprofng/32374
+
+ * libcollector/collector.c (collector_sample): Fix prototype.
+ * libcollector/envmgmt.c (putenv): Ditto.
+ (_putenv): Ditto.
+ (__collector_putenv): Ditto.
+ (setenv): Ditto.
+ (_setenv): Ditto.
+ (__collector_setenv): Ditto.
+ (unsetenv): Ditto.
+ (_unsetenv): Ditto.
+ (__collector_unsetenv): Ditto.
+ * libcollector/jprofile.c (open_experiment): Ditto.
+ (__collector_jprofile_enable_synctrace): Ditto.
+ (jprof_find_asyncgetcalltrace): Ditto.
+ * libcollector/libcol_util.c (__collector_util_init): Ditto.
+ (ARCH): Ditto.
+ * libcollector/mmaptrace.c (collector_func_load): Ditto.
+ (collector_func_unload): Ditto.
+ * libcollector/unwind.c (__collector_ext_unwind_init): Ditto.
+ * src/collector_module.h: Ditto.
+
+Upstream-Status: Backport [https://github.com/bminor/binutils-gdb/commit/a2f774427e078f3da2c06bdea25f77a61979a695]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ gprofng/libcollector/collector.c | 2 +-
+ gprofng/libcollector/envmgmt.c | 24 ++++-----
+ gprofng/libcollector/jprofile.c | 10 ++--
+ gprofng/libcollector/libcol_util.c | 84 +++++++++++++++---------------
+ gprofng/libcollector/mmaptrace.c | 4 +-
+ gprofng/libcollector/unwind.c | 2 +-
+ gprofng/src/collector_module.h | 2 +-
+ 7 files changed, 64 insertions(+), 64 deletions(-)
+
+diff --git a/gprofng/libcollector/collector.c b/gprofng/libcollector/collector.c
+index ef580dcbdd9..899f08a5381 100644
+--- a/gprofng/libcollector/collector.c
++++ b/gprofng/libcollector/collector.c
+@@ -1579,7 +1579,7 @@ __collector_resume_experiment ()
+ }
+
+ /* Code to support Samples and Pause/Resume */
+-void collector_sample () __attribute__ ((weak, alias ("__collector_sample")));
++void collector_sample (char *name) __attribute__ ((weak, alias ("__collector_sample")));
+ void
+ __collector_sample (char *name)
+ {
+diff --git a/gprofng/libcollector/envmgmt.c b/gprofng/libcollector/envmgmt.c
+index ebe08f82007..0ff7621070d 100644
+--- a/gprofng/libcollector/envmgmt.c
++++ b/gprofng/libcollector/envmgmt.c
+@@ -692,8 +692,8 @@ __collector_env_update (char *envp[])
+
+
+ /*------------------------------------------------------------- putenv */
+-int putenv () __attribute__ ((weak, alias ("__collector_putenv")));
+-int _putenv () __attribute__ ((weak, alias ("__collector_putenv")));
++int putenv (char*) __attribute__ ((weak, alias ("__collector_putenv")));
++int _putenv (char*) __attribute__ ((weak, alias ("__collector_putenv")));
+
+ int
+ __collector_putenv (char * string)
+@@ -701,9 +701,9 @@ __collector_putenv (char * string)
+ if (CALL_UTIL (putenv) == __collector_putenv ||
+ CALL_UTIL (putenv) == NULL)
+ { // __collector_libc_funcs_init failed
+- CALL_UTIL (putenv) = (int(*)())dlsym (RTLD_NEXT, "putenv");
++ CALL_UTIL (putenv) = (int(*)(char*))dlsym (RTLD_NEXT, "putenv");
+ if (CALL_UTIL (putenv) == NULL || CALL_UTIL (putenv) == __collector_putenv)
+- CALL_UTIL (putenv) = (int(*)())dlsym (RTLD_DEFAULT, "putenv");
++ CALL_UTIL (putenv) = (int(*)(char*))dlsym (RTLD_DEFAULT, "putenv");
+ if (CALL_UTIL (putenv) == NULL || CALL_UTIL (putenv) == __collector_putenv)
+ {
+ TprintfT (DBG_LT2, "__collector_putenv(): ERROR: no pointer found.\n");
+@@ -719,8 +719,8 @@ __collector_putenv (char * string)
+ }
+
+ /*------------------------------------------------------------- setenv */
+-int setenv () __attribute__ ((weak, alias ("__collector_setenv")));
+-int _setenv () __attribute__ ((weak, alias ("__collector_setenv")));
++int setenv (const char*, const char*, int) __attribute__ ((weak, alias ("__collector_setenv")));
++int _setenv (const char*, const char*, int) __attribute__ ((weak, alias ("__collector_setenv")));
+
+ int
+ __collector_setenv (const char *name, const char *value, int overwrite)
+@@ -728,9 +728,9 @@ __collector_setenv (const char *name, const char *value, int overwrite)
+ if (CALL_UTIL (setenv) == __collector_setenv ||
+ CALL_UTIL (setenv) == NULL)
+ { // __collector_libc_funcs_init failed
+- CALL_UTIL (setenv) = (int(*)())dlsym (RTLD_NEXT, "setenv");
++ CALL_UTIL (setenv) = (int(*)(const char*, const char*, int))dlsym (RTLD_NEXT, "setenv");
+ if (CALL_UTIL (setenv) == NULL || CALL_UTIL (setenv) == __collector_setenv)
+- CALL_UTIL (setenv) = (int(*)())dlsym (RTLD_DEFAULT, "setenv");
++ CALL_UTIL (setenv) = (int(*)(const char*, const char*, int))dlsym (RTLD_DEFAULT, "setenv");
+ if (CALL_UTIL (setenv) == NULL || CALL_UTIL (setenv) == __collector_setenv)
+ {
+ TprintfT (DBG_LT2, "__collector_setenv(): ERROR: no pointer found.\n");
+@@ -765,8 +765,8 @@ __collector_setenv (const char *name, const char *value, int overwrite)
+ }
+
+ /*------------------------------------------------------------- unsetenv */
+-int unsetenv () __attribute__ ((weak, alias ("__collector_unsetenv")));
+-int _unsetenv () __attribute__ ((weak, alias ("__collector_unsetenv")));
++int unsetenv (const char*) __attribute__ ((weak, alias ("__collector_unsetenv")));
++int _unsetenv (const char*) __attribute__ ((weak, alias ("__collector_unsetenv")));
+
+ int
+ __collector_unsetenv (const char *name)
+@@ -774,9 +774,9 @@ __collector_unsetenv (const char *name)
+ if (CALL_UTIL (unsetenv) == __collector_unsetenv ||
+ CALL_UTIL (unsetenv) == NULL)
+ { // __collector_libc_funcs_init failed
+- CALL_UTIL (unsetenv) = (int(*)())dlsym (RTLD_NEXT, "unsetenv");
++ CALL_UTIL (unsetenv) = (int(*)(const char*))dlsym (RTLD_NEXT, "unsetenv");
+ if (CALL_UTIL (unsetenv) == NULL || CALL_UTIL (unsetenv) == __collector_unsetenv)
+- CALL_UTIL (unsetenv) = (int(*)())dlsym (RTLD_DEFAULT, "unsetenv");
++ CALL_UTIL (unsetenv) = (int(*)(const char*))dlsym (RTLD_DEFAULT, "unsetenv");
+ if (CALL_UTIL (unsetenv) == NULL || CALL_UTIL (unsetenv) == __collector_unsetenv)
+ {
+ TprintfT (DBG_LT2, "__collector_unsetenv(): ERROR: no pointer found.\n");
+diff --git a/gprofng/libcollector/jprofile.c b/gprofng/libcollector/jprofile.c
+index 1bacacc1a2a..11051f937ef 100644
+--- a/gprofng/libcollector/jprofile.c
++++ b/gprofng/libcollector/jprofile.c
+@@ -105,8 +105,8 @@ static void rwrite (int fd, const void *buf, size_t nbyte);
+ static void addToDynamicArchive (const char* name, const unsigned char* class_data, int class_data_len);
+ static void (*AsyncGetCallTrace)(JVMPI_CallTrace*, jint, ucontext_t*) = NULL;
+ static void (*collector_heap_record)(int, int, void*) = NULL;
+-static void (*collector_jsync_begin)() = NULL;
+-static void (*collector_jsync_end)(hrtime_t, void *) = NULL;
++static void (*collector_jsync_begin)(void) = NULL;
++static void (*collector_jsync_end)(hrtime_t, void*) = NULL;
+
+ #define gethrtime collector_interface->getHiResTime
+
+@@ -230,7 +230,7 @@ open_experiment (const char *exp)
+ else if (__collector_strStartWith (args, "s:") == 0)
+ {
+ java_sync_mode = 1;
+- collector_jsync_begin = (void(*)(hrtime_t, void *))dlsym (RTLD_DEFAULT, "__collector_jsync_begin");
++ collector_jsync_begin = (void(*)(void))dlsym (RTLD_DEFAULT, "__collector_jsync_begin");
+ collector_jsync_end = (void(*)(hrtime_t, void *))dlsym (RTLD_DEFAULT, "__collector_jsync_end");
+ }
+ #endif
+@@ -255,7 +255,7 @@ __collector_jprofile_enable_synctrace ()
+ return;
+ }
+ java_sync_mode = 1;
+- collector_jsync_begin = (void(*)(hrtime_t, void *))dlsym (RTLD_DEFAULT, "__collector_jsync_begin");
++ collector_jsync_begin = (void(*)(void))dlsym (RTLD_DEFAULT, "__collector_jsync_begin");
+ collector_jsync_end = (void(*)(hrtime_t, void *))dlsym (RTLD_DEFAULT, "__collector_jsync_end");
+ TprintfT (DBG_LT1, "jprofile: turning on Java synctrace, and requesting events\n");
+ }
+@@ -1129,7 +1129,7 @@ jprof_find_asyncgetcalltrace ()
+ {
+ void *jvmhandle;
+ if (__collector_VM_ReadByteInstruction == NULL)
+- __collector_VM_ReadByteInstruction = (int(*)()) dlsym (RTLD_DEFAULT, "Async_VM_ReadByteInstruction");
++ __collector_VM_ReadByteInstruction = (int(*)(unsigned char*)) dlsym (RTLD_DEFAULT, "Async_VM_ReadByteInstruction");
+
+ /* look for stack unwind function using default path */
+ AsyncGetCallTrace = (void (*)(JVMPI_CallTrace*, jint, ucontext_t*))
+diff --git a/gprofng/libcollector/libcol_util.c b/gprofng/libcollector/libcol_util.c
+index c2b82894e6b..688bdf19c6d 100644
+--- a/gprofng/libcollector/libcol_util.c
++++ b/gprofng/libcollector/libcol_util.c
+@@ -1114,7 +1114,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "munmap");
+ if (ptr)
+- __collector_util_funcs.munmap = (int(*)())ptr;
++ __collector_util_funcs.munmap = (int(*)(void *, size_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT munmap: %s\n", dlerror ());
+@@ -1123,7 +1123,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "close");
+ if (ptr)
+- __collector_util_funcs.close = (int(*)())ptr;
++ __collector_util_funcs.close = (int(*)(int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT close: %s\n", dlerror ());
+@@ -1158,7 +1158,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "close");
+ if (ptr)
+- __collector_util_funcs.close = (int(*)())ptr;
++ __collector_util_funcs.close = (int(*)(int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT close: %s\n", dlerror ());
+@@ -1167,7 +1167,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "read");
+ if (ptr)
+- __collector_util_funcs.read = (ssize_t (*)())ptr;
++ __collector_util_funcs.read = (ssize_t (*)(int, void*, size_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT read: %s\n", dlerror ());
+@@ -1176,7 +1176,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "write");
+ if (ptr)
+- __collector_util_funcs.write = (ssize_t (*)())ptr;
++ __collector_util_funcs.write = (ssize_t (*)(int, void*, size_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT write: %s\n", dlerror ());
+@@ -1186,14 +1186,14 @@ __collector_util_init ()
+ #if ARCH(Intel) && WSIZE(32)
+ ptr = dlvsym (libc, "pwrite", "GLIBC_2.2"); // it is in /lib/libpthread.so.0
+ if (ptr)
+- __collector_util_funcs.pwrite = (ssize_t (*)())ptr;
++ __collector_util_funcs.pwrite = (ssize_t (*)(int, void*, size_t, off_t))ptr;
+ else
+ {
+ Tprintf (DBG_LT0, "libcol_util: WARNING: dlvsym for %s@%s failed. Using dlsym() instead.", "pwrite", "GLIBC_2.2");
+ #endif /* ARCH(Intel) && WSIZE(32) */
+ ptr = dlsym (libc, "pwrite");
+ if (ptr)
+- __collector_util_funcs.pwrite = (ssize_t (*)())ptr;
++ __collector_util_funcs.pwrite = (ssize_t (*)(int, const void*, size_t, off_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT pwrite: %s\n", dlerror ());
+@@ -1213,7 +1213,7 @@ __collector_util_init ()
+ #endif /* ARCH(Intel) && WSIZE(32) */
+ ptr = dlsym (libc, "pwrite64");
+ if (ptr)
+- __collector_util_funcs.pwrite64_ = (ssize_t (*)())ptr;
++ __collector_util_funcs.pwrite64_ = (ssize_t (*)(int, const void*, size_t, off_t))ptr;
+ else
+ __collector_util_funcs.pwrite64_ = __collector_util_funcs.pwrite;
+ #if ARCH(Intel) && WSIZE(32)
+@@ -1222,7 +1222,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "lseek");
+ if (ptr)
+- __collector_util_funcs.lseek = (off_t (*)())ptr;
++ __collector_util_funcs.lseek = (off_t (*)(int, off_t, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT lseek: %s\n", dlerror ());
+@@ -1231,7 +1231,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "access");
+ if (ptr)
+- __collector_util_funcs.access = (int(*)())ptr;
++ __collector_util_funcs.access = (int(*)(const char*, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT access: %s\n", dlerror ());
+@@ -1240,7 +1240,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "mkdir");
+ if (ptr)
+- __collector_util_funcs.mkdir = (int(*)())ptr;
++ __collector_util_funcs.mkdir = (int(*)(const char*, mode_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT mkdir: %s\n", dlerror ());
+@@ -1249,7 +1249,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "opendir");
+ if (ptr)
+- __collector_util_funcs.opendir = (DIR * (*)())ptr;
++ __collector_util_funcs.opendir = (DIR * (*)(const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT opendir: %s\n", dlerror ());
+@@ -1258,7 +1258,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "closedir");
+ if (ptr)
+- __collector_util_funcs.closedir = (int(*)())ptr;
++ __collector_util_funcs.closedir = (int(*)(DIR*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT closedir: %s\n", dlerror ());
+@@ -1267,7 +1267,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "execv");
+ if (ptr)
+- __collector_util_funcs.execv = (int(*)())ptr;
++ __collector_util_funcs.execv = (int(*)(const char*, char* const*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT execv: %s\n", dlerror ());
+@@ -1276,7 +1276,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "exit");
+ if (ptr)
+- __collector_util_funcs.exit = (void(*)())ptr;
++ __collector_util_funcs.exit = (void(*)(int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT exit: %s\n", dlerror ());
+@@ -1285,7 +1285,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "vfork");
+ if (ptr)
+- __collector_util_funcs.vfork = (pid_t (*)())ptr;
++ __collector_util_funcs.vfork = (pid_t (*)(void))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT vfork: %s\n", dlerror ());
+@@ -1294,7 +1294,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "waitpid");
+ if (ptr)
+- __collector_util_funcs.waitpid = (pid_t (*)())ptr;
++ __collector_util_funcs.waitpid = (pid_t (*)(pid_t, int*, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT waitpid: %s\n", dlerror ());
+@@ -1313,7 +1313,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "getcontext");
+ if (ptr)
+- __collector_util_funcs.getcontext = (int(*)())ptr;
++ __collector_util_funcs.getcontext = (int(*)(ucontext_t*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT getcontext: %s\n", dlerror ());
+@@ -1331,7 +1331,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "putenv");
+ if (ptr)
+- __collector_util_funcs.putenv = (int(*)())ptr;
++ __collector_util_funcs.putenv = (int(*)(char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT putenv: %s\n", dlerror ());
+@@ -1340,7 +1340,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "getenv");
+ if (ptr)
+- __collector_util_funcs.getenv = (char*(*)())ptr;
++ __collector_util_funcs.getenv = (char*(*)(const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT getenv: %s\n", dlerror ());
+@@ -1349,7 +1349,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "time");
+ if (ptr)
+- __collector_util_funcs.time = (time_t (*)())ptr;
++ __collector_util_funcs.time = (time_t (*)(time_t*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT time: %s\n", dlerror ());
+@@ -1358,7 +1358,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "mktime");
+ if (ptr)
+- __collector_util_funcs.mktime = (time_t (*)())ptr;
++ __collector_util_funcs.mktime = (time_t (*)(struct tm*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT mktime: %s\n", dlerror ());
+@@ -1372,7 +1372,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "gmtime_r");
+ if (ptr)
+- __collector_util_funcs.gmtime_r = (struct tm * (*)())ptr;
++ __collector_util_funcs.gmtime_r = (struct tm * (*)(const time_t*, struct tm*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT gmtime_r: %s\n", dlerror ());
+@@ -1381,7 +1381,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strtol");
+ if (ptr)
+- __collector_util_funcs.strtol = (long (*)())ptr;
++ __collector_util_funcs.strtol = (long (*)(const char*, char**, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strtol: %s\n", dlerror ());
+@@ -1390,7 +1390,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strtoll");
+ if (ptr)
+- __collector_util_funcs.strtoll = (long long (*)())ptr;
++ __collector_util_funcs.strtoll = (long long (*)(const char*, char**, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strtoll: %s\n", dlerror ());
+@@ -1402,7 +1402,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "setenv");
+ if (ptr)
+- __collector_util_funcs.setenv = (int(*)())ptr;
++ __collector_util_funcs.setenv = (int(*)(const char*, const char*, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT setenv: %s\n", dlerror ());
+@@ -1411,7 +1411,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "unsetenv");
+ if (ptr)
+- __collector_util_funcs.unsetenv = (int(*)())ptr;
++ __collector_util_funcs.unsetenv = (int(*)(const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT unsetenv: %s\n", dlerror ());
+@@ -1498,7 +1498,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "pclose");
+ if (ptr)
+- __collector_util_funcs.pclose = (int(*)())ptr;
++ __collector_util_funcs.pclose = (int(*)(FILE*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT pclose: %s\n", dlerror ());
+@@ -1507,7 +1507,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "fgets");
+ if (ptr)
+- __collector_util_funcs.fgets = (char*(*)())ptr;
++ __collector_util_funcs.fgets = (char*(*)(char*, int, FILE*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT fgets: %s\n", dlerror ());
+@@ -1534,7 +1534,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "vsnprintf");
+ if (ptr)
+- __collector_util_funcs.vsnprintf = (int(*)())ptr;
++ __collector_util_funcs.vsnprintf = (int(*)(char*, size_t, const char*, ...))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT vsnprintf: %s\n", dlerror ());
+@@ -1543,7 +1543,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "atoi");
+ if (ptr)
+- __collector_util_funcs.atoi = (int(*)())ptr;
++ __collector_util_funcs.atoi = (int(*)(const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT atoi: %s\n", dlerror ());
+@@ -1552,7 +1552,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "calloc");
+ if (ptr)
+- __collector_util_funcs.calloc = (void*(*)())ptr;
++ __collector_util_funcs.calloc = (void*(*)(size_t, size_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT calloc: %s\n", dlerror ());
+@@ -1562,7 +1562,7 @@ __collector_util_init ()
+ ptr = dlsym (libc, "free");
+ if (ptr)
+ {
+- __collector_util_funcs.free = (void(*)())ptr;
++ __collector_util_funcs.free = (void(*)(void*))ptr;
+ }
+ else
+ {
+@@ -1572,7 +1572,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strdup");
+ if (ptr)
+- __collector_util_funcs.libc_strdup = (char*(*)())ptr;
++ __collector_util_funcs.libc_strdup = (char*(*)(const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strdup: %s\n", dlerror ());
+@@ -1585,7 +1585,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strerror");
+ if (ptr)
+- __collector_util_funcs.strerror = (char*(*)())ptr;
++ __collector_util_funcs.strerror = (char*(*)(int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strerror: %s\n", dlerror ());
+@@ -1593,7 +1593,7 @@ __collector_util_init ()
+ }
+ ptr = dlsym (libc, "strerror_r");
+ if (ptr)
+- __collector_util_funcs.strerror_r = (int(*)())ptr;
++ __collector_util_funcs.strerror_r = (int(*)(int, char*, size_t))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strerror_r: %s\n", dlerror ());
+@@ -1601,7 +1601,7 @@ __collector_util_init ()
+ }
+ ptr = dlsym (libc, "strspn");
+ if (ptr)
+- __collector_util_funcs.strspn = (size_t (*)())ptr;
++ __collector_util_funcs.strspn = (size_t (*)(const char*, const char*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strspn: %s\n", dlerror ());
+@@ -1610,7 +1610,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strtoul");
+ if (ptr)
+- __collector_util_funcs.strtoul = (unsigned long int(*)())ptr;
++ __collector_util_funcs.strtoul = (unsigned long int(*)(const char*, char**, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strtoul: %s\n", dlerror ());
+@@ -1619,7 +1619,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "strtoull");
+ if (ptr)
+- __collector_util_funcs.strtoull = (unsigned long long int(*)())ptr;
++ __collector_util_funcs.strtoull = (unsigned long long int(*)(const char*, char**, int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT strtoull: %s\n", dlerror ());
+@@ -1664,7 +1664,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "sysconf");
+ if (ptr)
+- __collector_util_funcs.sysconf = (long(*)())ptr;
++ __collector_util_funcs.sysconf = (long(*)(int))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT sysconf: %s\n", dlerror ());
+@@ -1673,7 +1673,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "sigfillset");
+ if (ptr)
+- __collector_util_funcs.sigfillset = (int(*)())ptr;
++ __collector_util_funcs.sigfillset = (int(*)(sigset_t*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT sigfillset: %s\n", dlerror ());
+@@ -1682,7 +1682,7 @@ __collector_util_init ()
+
+ ptr = dlsym (libc, "sigprocmask");
+ if (ptr)
+- __collector_util_funcs.sigprocmask = (int(*)())ptr;
++ __collector_util_funcs.sigprocmask = (int(*)(int, const sigset_t*, sigset_t*))ptr;
+ else
+ {
+ CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT sigprocmask: %s\n", dlerror ());
+diff --git a/gprofng/libcollector/mmaptrace.c b/gprofng/libcollector/mmaptrace.c
+index f07f4d76513..2a6857ab58e 100644
+--- a/gprofng/libcollector/mmaptrace.c
++++ b/gprofng/libcollector/mmaptrace.c
+@@ -1209,7 +1209,7 @@ process_vsyscall_page ()
+ /*
+ * collector API for dynamic functions
+ */
+-void collector_func_load () __attribute__ ((weak, alias ("__collector_func_load")));
++void collector_func_load (char*, char*, char*, void*, int, int, DT_lineno *) __attribute__ ((weak, alias ("__collector_func_load")));
+ void
+ __collector_func_load (char *name, char *alias, char *sourcename,
+ void *vaddr, int size, int lntsize, DT_lineno *lntable)
+@@ -1218,7 +1218,7 @@ __collector_func_load (char *name, char *alias, char *sourcename,
+ vaddr, size, lntsize, lntable);
+ }
+
+-void collector_func_unload () __attribute__ ((weak, alias ("__collector_func_unload")));
++void collector_func_unload (void *vaddr) __attribute__ ((weak, alias ("__collector_func_unload")));
+ void
+ __collector_func_unload (void *vaddr)
+ {
+diff --git a/gprofng/libcollector/unwind.c b/gprofng/libcollector/unwind.c
+index 91678b1e334..cd47d4fbe0f 100644
+--- a/gprofng/libcollector/unwind.c
++++ b/gprofng/libcollector/unwind.c
+@@ -416,7 +416,7 @@ __collector_ext_unwind_init (int record)
+ omp_no_walk = 1;
+
+ if (__collector_VM_ReadByteInstruction == NULL)
+- __collector_VM_ReadByteInstruction = (int(*)()) dlsym (RTLD_DEFAULT, "Async_VM_ReadByteInstruction");
++ __collector_VM_ReadByteInstruction = (int(*)(unsigned char*)) dlsym (RTLD_DEFAULT, "Async_VM_ReadByteInstruction");
+
+ #if ARCH(SPARC)
+ #if WSIZE(64)
+diff --git a/gprofng/src/collector_module.h b/gprofng/src/collector_module.h
+index ebcdbca561f..fd888cd58dd 100644
+--- a/gprofng/src/collector_module.h
++++ b/gprofng/src/collector_module.h
+@@ -110,7 +110,7 @@ typedef struct CollectorUtilFuncs
+ long (*sysinfo)(int command, char *buf, long count);
+ time_t (*time)(time_t *tloc);
+ int (*unsetenv)(const char *name);
+- int (*vsnprintf)(char *str, size_t size, const char *format, va_list ap);
++ int (*vsnprintf)(char *str, size_t size, const char *format, ...);
+ pid_t (*waitpid)(pid_t pid, int *stat_loc, int options);
+ ssize_t (*write)(int, void *, size_t);
+ double (*atof)();
diff --git a/meta/recipes-devtools/binutils/binutils/0021-gprofng-fix-build-with-std-gnu23.patch b/meta/recipes-devtools/binutils/binutils/0021-gprofng-fix-build-with-std-gnu23.patch
new file mode 100644
index 0000000000..8a465bce00
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0021-gprofng-fix-build-with-std-gnu23.patch
@@ -0,0 +1,196 @@
+From 7683ea4411d2b76f346a8100b761615d09343448 Mon Sep 17 00:00:00 2001
+From: Vladimir Mezentsev <vladimir.mezentsev@oracle.com>
+Date: Thu, 21 Nov 2024 14:48:20 -0800
+Subject: [PATCH] gprofng: fix build with -std=gnu23
+
+Fix function pointer types accordingly.
+Remove unused function pointers.
+
+gprofng/ChangeLog
+2024-11-21 Vladimir Mezentsev <vladimir.mezentsev@oracle.com>
+
+ PR gprofng/32374
+ PR gprofng/32373
+ * common/cpuid.c: Define ATTRIBUTE_UNUSED if necessary.
+ * libcollector/libcol_util.c (sysinfo): Remove unused pointer.
+ * src/collector_module.h: Likewise.
+ * libcollector/dispatcher.c (setitimer): Fix prototype.
+ * libcollector/linetrace.c (system, grantpt, ptsname): Likewise.
+ * testsuite/gprofng.display/mttest/mttest.c (dump_arrays): Likewise.
+ * testsuite/gprofng.display/synprog/endcases.c (xinline_code,
+ s_inline_code): Likewise.
+ * testsuite/gprofng.display/synprog/inc_inline.h (ext_inline_code):
+ Likewise.
+ * testsuite/gprofng.display/synprog/synprog.c (doabort): Rename nullptr.
+Upstream-Status: Backport [https://github.com/bminor/binutils-gdb/commit/4e943705e3e8a5a9448d087502bcb390a694ad02]
+Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ gprofng/common/cpuid.c | 2 ++
+ gprofng/libcollector/dispatcher.c | 3 +--
+ gprofng/libcollector/libcol_util.c | 9 ---------
+ gprofng/libcollector/linetrace.c | 10 +++++-----
+ gprofng/src/collector_module.h | 1 -
+ gprofng/testsuite/gprofng.display/mttest/mttest.c | 2 +-
+ gprofng/testsuite/gprofng.display/synprog/endcases.c | 4 ++--
+ gprofng/testsuite/gprofng.display/synprog/inc_inline.h | 2 +-
+ gprofng/testsuite/gprofng.display/synprog/synprog.c | 4 ++--
+ 9 files changed, 14 insertions(+), 23 deletions(-)
+
+diff --git a/gprofng/common/cpuid.c b/gprofng/common/cpuid.c
+index af15439eb27..0373969693b 100644
+--- a/gprofng/common/cpuid.c
++++ b/gprofng/common/cpuid.c
+@@ -21,7 +21,9 @@
+ #if defined(__i386__) || defined(__x86_64)
+ #include <cpuid.h> /* GCC-provided */
+ #elif defined(__aarch64__)
++#if !defined(ATTRIBUTE_UNUSED)
+ #define ATTRIBUTE_UNUSED __attribute__((unused))
++#endif
+
+ static inline uint_t __attribute_const__
+ __get_cpuid (unsigned int op ATTRIBUTE_UNUSED, unsigned int *eax,
+diff --git a/gprofng/libcollector/dispatcher.c b/gprofng/libcollector/dispatcher.c
+index 867753a22ec..e85c343c776 100644
+--- a/gprofng/libcollector/dispatcher.c
++++ b/gprofng/libcollector/dispatcher.c
+@@ -1281,5 +1281,4 @@ __collector_ext_clone_pthread (int (*fn)(void *), void *child_stack, int flags,
+ // weak symbols:
+ int sigprocmask (int, const sigset_t*, sigset_t*) __attribute__ ((weak, alias ("__collector_sigprocmask")));
+ int thr_sigsetmask (int, const sigset_t*, sigset_t*) __attribute__ ((weak, alias ("__collector_thr_sigsetmask")));
+-int setitimer () __attribute__ ((weak, alias ("_setitimer")));
+-
++__typeof(setitimer) setitimer __attribute__ ((weak, alias ("_setitimer")));
+diff --git a/gprofng/libcollector/libcol_util.c b/gprofng/libcollector/libcol_util.c
+index 688bdf19c6d..46f8b80ccb4 100644
+--- a/gprofng/libcollector/libcol_util.c
++++ b/gprofng/libcollector/libcol_util.c
+@@ -1427,15 +1427,6 @@ __collector_util_init ()
+ err = COL_ERROR_UTIL_INIT;
+ }
+
+- ptr = dlsym (libc, "sysinfo");
+- if (ptr)
+- __collector_util_funcs.sysinfo = (long (*)())ptr;
+- else
+- {
+- CALL_UTIL (fprintf)(stderr, "collector_util_init COL_ERROR_UTIL_INIT sysinfo: %s\n", dlerror ());
+- err = COL_ERROR_UTIL_INIT;
+- }
+-
+ ptr = dlsym (libc, "clearenv");
+ if (ptr)
+ __collector_util_funcs.clearenv = (int(*)())ptr;
+diff --git a/gprofng/libcollector/linetrace.c b/gprofng/libcollector/linetrace.c
+index 66844bc1337..c81ae1a2272 100644
+--- a/gprofng/libcollector/linetrace.c
++++ b/gprofng/libcollector/linetrace.c
+@@ -1527,7 +1527,7 @@ DCL_FUNC_VER (DCL_POSIX_SPAWNP, posix_spawnp_2_2, posix_spawnp@GLIBC_2.2)
+ DCL_POSIX_SPAWNP (posix_spawnp)
+
+ /*------------------------------------------------------------- system */
+-int system () __attribute__ ((weak, alias ("__collector_system")));
++int system (const char *cmd) __attribute__ ((weak, alias ("__collector_system")));
+
+ int
+ __collector_system (const char *cmd)
+@@ -1582,10 +1582,10 @@ DCL_FUNC_VER (DCL_POPEN, popen_2_0, popen@GLIBC_2.0)
+ DCL_POPEN (popen)
+
+ /*------------------------------------------------------------- grantpt */
+-int grantpt () __attribute__ ((weak, alias ("__collector_grantpt")));
++int grantpt (int fildes) __attribute__ ((weak, alias ("__collector_grantpt")));
+
+ int
+-__collector_grantpt (const int fildes)
++__collector_grantpt (int fildes)
+ {
+ if (NULL_PTR (grantpt))
+ init_lineage_intf ();
+@@ -1607,10 +1607,10 @@ __collector_grantpt (const int fildes)
+ }
+
+ /*------------------------------------------------------------- ptsname */
+-char *ptsname () __attribute__ ((weak, alias ("__collector_ptsname")));
++char *ptsname (int fildes) __attribute__ ((weak, alias ("__collector_ptsname")));
+
+ char *
+-__collector_ptsname (const int fildes)
++__collector_ptsname (int fildes)
+ {
+ if (NULL_PTR (ptsname))
+ init_lineage_intf ();
+diff --git a/gprofng/src/collector_module.h b/gprofng/src/collector_module.h
+index fd888cd58dd..6640f12fa3c 100644
+--- a/gprofng/src/collector_module.h
++++ b/gprofng/src/collector_module.h
+@@ -107,7 +107,6 @@ typedef struct CollectorUtilFuncs
+ int (*symlink)(const char *s1, const char *s2);
+ int (*syscall)(int number, ...);
+ long (*sysconf)(int name);
+- long (*sysinfo)(int command, char *buf, long count);
+ time_t (*time)(time_t *tloc);
+ int (*unsetenv)(const char *name);
+ int (*vsnprintf)(char *str, size_t size, const char *format, ...);
+diff --git a/gprofng/testsuite/gprofng.display/mttest/mttest.c b/gprofng/testsuite/gprofng.display/mttest/mttest.c
+index e0835c833e5..3db5b8d8e86 100644
+--- a/gprofng/testsuite/gprofng.display/mttest/mttest.c
++++ b/gprofng/testsuite/gprofng.display/mttest/mttest.c
+@@ -171,7 +171,7 @@ void computeJ (workStruct_t *x);
+ void computeK (workStruct_t *x);
+ void addone (workCtr_t *x);
+ void init_arrays (int strat);
+-void dump_arrays ();
++void dump_arrays (hrtime_t real, hrtime_t cpu, int case_index);
+ void *do_work (void *v);
+ void thread_work ();
+ void nothreads (Workblk *array, struct scripttab *k);
+diff --git a/gprofng/testsuite/gprofng.display/synprog/endcases.c b/gprofng/testsuite/gprofng.display/synprog/endcases.c
+index a6a1389658a..6f1c83b6859 100644
+--- a/gprofng/testsuite/gprofng.display/synprog/endcases.c
++++ b/gprofng/testsuite/gprofng.display/synprog/endcases.c
+@@ -40,8 +40,8 @@ static void s_inline_code (int);
+ void ext_inline_code (int);
+
+ #ifndef NO_INLINE
+-void xinline_code () __attribute__ ((always_inline));
+-void s_inline_code () __attribute__ ((always_inline));
++void xinline_code (int) __attribute__ ((always_inline));
++void s_inline_code (int) __attribute__ ((always_inline));
+ #endif
+
+ #include "inc_inline.h"
+diff --git a/gprofng/testsuite/gprofng.display/synprog/inc_inline.h b/gprofng/testsuite/gprofng.display/synprog/inc_inline.h
+index da42563c828..6600eacb66d 100644
+--- a/gprofng/testsuite/gprofng.display/synprog/inc_inline.h
++++ b/gprofng/testsuite/gprofng.display/synprog/inc_inline.h
+@@ -19,7 +19,7 @@
+ MA 02110-1301, USA. */
+
+ #ifndef NO_INLINE
+-void ext_inline_code() __attribute__ ((always_inline));
++void ext_inline_code(int) __attribute__ ((always_inline));
+ #endif
+
+ void
+diff --git a/gprofng/testsuite/gprofng.display/synprog/synprog.c b/gprofng/testsuite/gprofng.display/synprog/synprog.c
+index cf1bc5b0909..05920dc7419 100644
+--- a/gprofng/testsuite/gprofng.display/synprog/synprog.c
++++ b/gprofng/testsuite/gprofng.display/synprog/synprog.c
+@@ -528,14 +528,14 @@ reapchildren ()
+ int
+ doabort (int k)
+ {
+- char *nullptr = NULL;
++ char *p = NULL;
+ char c;
+
+ /* Log the event */
+ wlog ("start of doabort", NULL);
+
+ /* and dereference a NULL */
+- c = *nullptr;
++ c = *p;
+
+ /* this should never be reached */
+ return (int) c;
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 28/33] dbus-glib: fix build with gcc-15
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (26 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 27/33] binutils: " Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 29/33] yocto-uninative: Update to 4.8 for GCC 15.1 Steve Sakoman
` (4 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../dbus-glib/fix-build-with-gcc-15.patch | 37 +++++++++++++++++++
meta/recipes-core/dbus/dbus-glib_0.112.bb | 1 +
2 files changed, 38 insertions(+)
create mode 100644 meta/recipes-core/dbus/dbus-glib/fix-build-with-gcc-15.patch
diff --git a/meta/recipes-core/dbus/dbus-glib/fix-build-with-gcc-15.patch b/meta/recipes-core/dbus/dbus-glib/fix-build-with-gcc-15.patch
new file mode 100644
index 0000000000..bf3fcd5b86
--- /dev/null
+++ b/meta/recipes-core/dbus/dbus-glib/fix-build-with-gcc-15.patch
@@ -0,0 +1,37 @@
+From 8c32bc9fa67513f46199bc31498dc1fecbb611bb Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@collabora.com>
+Date: Thu, 13 Mar 2025 14:19:28 +0000
+Subject: [PATCH] dbus-gvalue: Avoid using the reserved word 'bool'
+
+This is reserved in C23 for the equivalent of `<stdbool.h>`.
+
+Bug-Debian: https://bugs.debian.org/1096507
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+Upstream-Status: Backport [https://gitlab.freedesktop.org/dbus/dbus-glib/-/commit/8c32bc9fa67513f46199bc31498dc1fecbb611bb]
+igned-off-by: Martin Jansa <martin.jansa@gmail.com>
+---
+ dbus/dbus-gvalue.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/dbus/dbus-gvalue.c b/dbus/dbus-gvalue.c
+index 534e90a..788e360 100644
+--- a/dbus/dbus-gvalue.c
++++ b/dbus/dbus-gvalue.c
+@@ -545,11 +545,11 @@ demarshal_basic (DBusGValueMarshalCtx *context,
+ {
+ case DBUS_TYPE_BOOLEAN:
+ {
+- dbus_bool_t bool;
++ dbus_bool_t b;
+ if (!G_VALUE_HOLDS (value, G_TYPE_BOOLEAN))
+ goto invalid_type;
+- dbus_message_iter_get_basic (iter, &bool);
+- g_value_set_boolean (value, bool);
++ dbus_message_iter_get_basic (iter, &b);
++ g_value_set_boolean (value, b);
+ return TRUE;
+ }
+ case DBUS_TYPE_BYTE:
+--
+GitLab
+
diff --git a/meta/recipes-core/dbus/dbus-glib_0.112.bb b/meta/recipes-core/dbus/dbus-glib_0.112.bb
index 4acf435694..7312897dd3 100644
--- a/meta/recipes-core/dbus/dbus-glib_0.112.bb
+++ b/meta/recipes-core/dbus/dbus-glib_0.112.bb
@@ -13,6 +13,7 @@ DEPENDS:class-native = "glib-2.0-native dbus-native"
SRC_URI = "https://dbus.freedesktop.org/releases/dbus-glib/dbus-glib-${PV}.tar.gz \
file://no-examples.patch \
file://test-install-makefile.patch \
+ file://fix-build-with-gcc-15.patch \
"
SRC_URI[md5sum] = "021e6c8a288df02c227e4aafbf7e7527"
SRC_URI[sha256sum] = "7d550dccdfcd286e33895501829ed971eeb65c614e73aadb4a08aeef719b143a"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 29/33] yocto-uninative: Update to 4.8 for GCC 15.1
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (27 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 28/33] dbus-glib: " Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 30/33] yocto-uninative: Update to 4.9 for glibc 2.42 Steve Sakoman
` (3 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/conf/distro/include/yocto-uninative.inc | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index 3d0f1fdccd..dabd604e8e 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -7,9 +7,9 @@
#
UNINATIVE_MAXGLIBCVERSION = "2.41"
-UNINATIVE_VERSION = "4.7"
+UNINATIVE_VERSION = "4.8"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "ac440e4fc80665c79f9718c665c6e28d771e51609c088c3c97ba3ad5cfed197a"
-UNINATIVE_CHECKSUM[i686] ?= "c5efa31450f3bbd63ea961d4e7c747ae41317937d429f65e1d5cf2050338e27a"
-UNINATIVE_CHECKSUM[x86_64] ?= "5800d4e9a129d1be09cf548918d25f74e91a7c1193ae5239d5b0c9246c486d2c"
+UNINATIVE_CHECKSUM[aarch64] ?= "0d75ae3cc6e8245be40f55d48612285248ad331896ca3f4c772ed2fb34239fcf"
+UNINATIVE_CHECKSUM[i686] ?= "2cbfd7ad3e1362538764999dd4962eb2511211867ae17a327b65631f64f38e31"
+UNINATIVE_CHECKSUM[x86_64] ?= "6d5e28258176c52b9eecf882d4553033fa700902e60ba80d4b7ce0edacbe41d6"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 30/33] yocto-uninative: Update to 4.9 for glibc 2.42
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (28 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 29/33] yocto-uninative: Update to 4.8 for GCC 15.1 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 31/33] cpio: Pin to use C17 std Steve Sakoman
` (2 subsequent siblings)
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Michael Halstead <mhalstead@linuxfoundation.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/conf/distro/include/yocto-uninative.inc | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/meta/conf/distro/include/yocto-uninative.inc b/meta/conf/distro/include/yocto-uninative.inc
index dabd604e8e..3ced03d477 100644
--- a/meta/conf/distro/include/yocto-uninative.inc
+++ b/meta/conf/distro/include/yocto-uninative.inc
@@ -6,10 +6,10 @@
# to the distro running on the build machine.
#
-UNINATIVE_MAXGLIBCVERSION = "2.41"
-UNINATIVE_VERSION = "4.8"
+UNINATIVE_MAXGLIBCVERSION = "2.42"
+UNINATIVE_VERSION = "4.9"
UNINATIVE_URL ?= "http://downloads.yoctoproject.org/releases/uninative/${UNINATIVE_VERSION}/"
-UNINATIVE_CHECKSUM[aarch64] ?= "0d75ae3cc6e8245be40f55d48612285248ad331896ca3f4c772ed2fb34239fcf"
-UNINATIVE_CHECKSUM[i686] ?= "2cbfd7ad3e1362538764999dd4962eb2511211867ae17a327b65631f64f38e31"
-UNINATIVE_CHECKSUM[x86_64] ?= "6d5e28258176c52b9eecf882d4553033fa700902e60ba80d4b7ce0edacbe41d6"
+UNINATIVE_CHECKSUM[aarch64] ?= "812045d826b7fda88944055e8526b95a5a9440bfef608d5b53fd52faab49bf85"
+UNINATIVE_CHECKSUM[i686] ?= "5cc28efd0c15a75de4bcb147c6cce65f1c1c9d442173a220f08427f40a3ffa09"
+UNINATIVE_CHECKSUM[x86_64] ?= "4c03d1ed2b7b4e823aca4a1a23d8f2e322f1770fc10e859adcede5777aff4f3a"
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 31/33] cpio: Pin to use C17 std
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (29 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 30/33] yocto-uninative: Update to 4.9 for glibc 2.42 Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 32/33] ruby-ptest : some ptest fixes Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 33/33] sudo: remove devtool FIXME comment Steve Sakoman
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Khem Raj <raj.khem@gmail.com>
Fixes build with GCC-15 which is defaulting to C23
For scarthgap also add it in BUILD_CFLAGS.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Martin Jansa <martin.jansa@gmail.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/cpio/cpio_2.15.bb | 3 +++
1 file changed, 3 insertions(+)
diff --git a/meta/recipes-extended/cpio/cpio_2.15.bb b/meta/recipes-extended/cpio/cpio_2.15.bb
index 95f82cdf3a..a5c9b76da2 100644
--- a/meta/recipes-extended/cpio/cpio_2.15.bb
+++ b/meta/recipes-extended/cpio/cpio_2.15.bb
@@ -20,6 +20,9 @@ CVE_STATUS[CVE-2023-7216] = "disputed: intended behaviour, see https://lists.gnu
EXTRA_OECONF += "DEFAULT_RMT_DIR=${sbindir}"
+CFLAGS += "-std=gnu17"
+BUILD_CFLAGS += "-std=gnu17"
+
do_install () {
autotools_do_install
if [ "${base_bindir}" != "${bindir}" ]; then
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 32/33] ruby-ptest : some ptest fixes
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (30 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 31/33] cpio: Pin to use C17 std Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
2025-08-27 21:29 ` [OE-core][scarthgap 33/33] sudo: remove devtool FIXME comment Steve Sakoman
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Jiaying Song <jiaying.song.cn@windriver.com>
- Skip the test_rm_r_no_permissions test under the root user, as
deletion always succeeds.
- Filter out tests under the -ext- directory in run-ptest. Due to the
commit [1],the packaging of .so test files under the .ext directory
was removed. As a result, adjust the test filtering rules to avoid
test failures caused by missing files.
- Add installation of rdoc.rb and did_you_mean.rb files in
do_install_ptest to ensure complete test dependencies.
- Add init.rb file to PTEST installation path.
Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
..._rm_r_no_permissions-test-under-root.patch | 30 +++++++++++++++++++
meta/recipes-devtools/ruby/ruby/run-ptest | 2 +-
meta/recipes-devtools/ruby/ruby_3.3.5.bb | 7 +++--
3 files changed, 36 insertions(+), 3 deletions(-)
create mode 100644 meta/recipes-devtools/ruby/ruby/0007-Skip-test_rm_r_no_permissions-test-under-root.patch
diff --git a/meta/recipes-devtools/ruby/ruby/0007-Skip-test_rm_r_no_permissions-test-under-root.patch b/meta/recipes-devtools/ruby/ruby/0007-Skip-test_rm_r_no_permissions-test-under-root.patch
new file mode 100644
index 0000000000..dc06891bbc
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/0007-Skip-test_rm_r_no_permissions-test-under-root.patch
@@ -0,0 +1,30 @@
+From cc5e563f0fa5212e4a624b954fbc97cc6d8900d4 Mon Sep 17 00:00:00 2001
+From: Jiaying Song <jiaying.song.cn@windriver.com>
+Date: Mon, 25 Aug 2025 16:31:18 +0800
+Subject: [PATCH] Skip test_rm_r_no_permissions test under root
+
+Skip the test_rm_r_no_permissions test under the root user, as deletion always succeeds.
+
+Upstream-Status: Submitted [https://github.com/ruby/fileutils/pull/133/commits/3c831389c5e1523af5869d025f573ff043486b99]
+
+Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com>
+---
+ test/fileutils/test_fileutils.rb | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/test/fileutils/test_fileutils.rb b/test/fileutils/test_fileutils.rb
+index 481f913..a2ed414 100644
+--- a/test/fileutils/test_fileutils.rb
++++ b/test/fileutils/test_fileutils.rb
+@@ -757,7 +757,7 @@ class TestFileUtils < Test::Unit::TestCase
+ def test_rm_r_no_permissions
+ check_singleton :rm_rf
+
+- return if /mswin|mingw/ =~ RUBY_PLATFORM
++ return if /mswin|mingw/ =~ RUBY_PLATFORM || root_in_posix?
+
+ mkdir 'tmpdatadir'
+ touch 'tmpdatadir/tmpdata'
+--
+2.34.1
+
diff --git a/meta/recipes-devtools/ruby/ruby/run-ptest b/meta/recipes-devtools/ruby/ruby/run-ptest
index de7c415aba..17404e3509 100644
--- a/meta/recipes-devtools/ruby/ruby/run-ptest
+++ b/meta/recipes-devtools/ruby/ruby/run-ptest
@@ -1,6 +1,6 @@
#!/bin/sh
-test_fullname=`find test -name test_*.rb`
+test_fullname=$(find test -name test_*.rb | grep -v '/-ext-/')
for i in ${test_fullname}; do
ruby ./test/runner.rb ${i} 2>&1 > /dev/null
diff --git a/meta/recipes-devtools/ruby/ruby_3.3.5.bb b/meta/recipes-devtools/ruby/ruby_3.3.5.bb
index b37f0d03e7..8b45946f6b 100644
--- a/meta/recipes-devtools/ruby/ruby_3.3.5.bb
+++ b/meta/recipes-devtools/ruby/ruby_3.3.5.bb
@@ -30,7 +30,8 @@ SRC_URI = "http://cache.ruby-lang.org/pub/ruby/${SHRT_VER}/ruby-${PV}.tar.gz \
file://CVE-2025-27220.patch \
file://CVE-2025-27221-0001.patch \
file://CVE-2025-27221-0002.patch \
- "
+ file://0007-Skip-test_rm_r_no_permissions-test-under-root.patch \
+ "
UPSTREAM_CHECK_URI = "https://www.ruby-lang.org/en/downloads/"
inherit autotools ptest pkgconfig
@@ -102,11 +103,13 @@ do_install:append:class-target () {
do_install_ptest () {
cp -rf ${S}/test ${D}${PTEST_PATH}/
-
+ install -D ${S}/tool/test/init.rb ${D}${PTEST_PATH}/tool/test/init.rb
install -D ${S}/tool/test/runner.rb ${D}${PTEST_PATH}/tool/test/runner.rb
cp -r ${S}/tool/lib ${D}${PTEST_PATH}/tool/
mkdir -p ${D}${PTEST_PATH}/lib
cp -r ${S}/lib/did_you_mean ${S}/lib/rdoc ${D}${PTEST_PATH}/lib
+ cp ${D}${libdir}/ruby/${SHRT_VER}.0/rdoc.rb ${D}${PTEST_PATH}/lib
+ cp ${D}${libdir}/ruby/${SHRT_VER}.0/did_you_mean.rb ${D}${PTEST_PATH}/lib
# install test-binaries
# These .so files have sporadic reproducibility fails as seen here:
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread* [OE-core][scarthgap 33/33] sudo: remove devtool FIXME comment
2025-08-27 21:29 [OE-core][scarthgap 00/33] Patch review Steve Sakoman
` (31 preceding siblings ...)
2025-08-27 21:29 ` [OE-core][scarthgap 32/33] ruby-ptest : some ptest fixes Steve Sakoman
@ 2025-08-27 21:29 ` Steve Sakoman
32 siblings, 0 replies; 34+ messages in thread
From: Steve Sakoman @ 2025-08-27 21:29 UTC (permalink / raw)
To: openembedded-core
From: Peter Marko <peter.marko@siemens.com>
This comment should not have been merged.
It shows that the license did not change.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
meta/recipes-extended/sudo/sudo_1.9.17p1.bb | 52 ---------------------
1 file changed, 52 deletions(-)
diff --git a/meta/recipes-extended/sudo/sudo_1.9.17p1.bb b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
index c5d57da9f0..5b9d73b33b 100644
--- a/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
+++ b/meta/recipes-extended/sudo/sudo_1.9.17p1.bb
@@ -1,55 +1,3 @@
-# FIXME: the LIC_FILES_CHKSUM values have been updated by 'devtool upgrade'.
-# The following is the difference between the old and the new license text.
-# Please update the LICENSE value if needed, and summarize the changes in
-# the commit message via 'License-Update:' tag.
-# (example: 'License-Update: copyright years updated.')
-#
-# The changes:
-#
-# --- LICENSE.md
-# +++ LICENSE.md
-# @@ -1,6 +1,6 @@
-# Sudo is distributed under the following license:
-#
-# - Copyright (c) 1994-1996, 1998-2023
-# + Copyright (c) 1994-1996, 1998-2025
-# Todd C. Miller <Todd.Miller@sudo.ws>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# @@ -247,9 +247,9 @@
-#
-# The file arc4random.c bears the following license:
-#
-# - Copyright (c) 1996, David Mazieres <dm@uun.org>
-# - Copyright (c) 2008, Damien Miller <djm@openbsd.org>
-# - Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
-# + Copyright (c) 1996, David Mazieres <dm@uun.org>
-# + Copyright (c) 2008, Damien Miller <djm@openbsd.org>
-# + Copyright (c) 2013, Markus Friedl <markus@openbsd.org>
-# Copyright (c) 2014, Theo de Raadt <deraadt@openbsd.org>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# @@ -282,7 +282,7 @@
-#
-# The file getentropy.c bears the following license:
-#
-# - Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
-# + Copyright (c) 2014 Theo de Raadt <deraadt@openbsd.org>
-# Copyright (c) 2014 Bob Beck <beck@obtuse.com>
-#
-# Permission to use, copy, modify, and distribute this software for any
-# @@ -299,7 +299,7 @@
-#
-# The embedded copy of zlib bears the following license:
-#
-# - Copyright (C) 1995-2022 Jean-loup Gailly and Mark Adler
-# + Copyright (C) 1995-2024 Jean-loup Gailly and Mark Adler
-#
-# This software is provided 'as-is', without any express or implied
-# warranty. In no event will the authors be held liable for any damages
-#
-#
-
require sudo.inc
SRC_URI = "https://www.sudo.ws/dist/sudo-${PV}.tar.gz \
--
2.43.0
^ permalink raw reply related [flat|nested] 34+ messages in thread