Openembedded Core Discussions
 help / color / mirror / Atom feed
* [PATCH] sanity.bbclass: fix logging of an error
From: Markus Lehtonen @ 2016-11-10 14:57 UTC (permalink / raw)
  To: openembedded-core

Fixes a crash in exception handler. All bb logging functions need an
string instances as arguments.

Signed-off-by: Markus Lehtonen <markus.lehtonen@linux.intel.com>
---
 meta/classes/sanity.bbclass | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/meta/classes/sanity.bbclass b/meta/classes/sanity.bbclass
index 7682ffb..9db3f1d 100644
--- a/meta/classes/sanity.bbclass
+++ b/meta/classes/sanity.bbclass
@@ -565,7 +565,7 @@ def sanity_check_conffiles(d):
             try:
                 bb.build.exec_func(func, d, pythonexception=True)
             except NotImplementedError as e:
-                bb.fatal(e)
+                bb.fatal(str(e))
             d.setVar("BB_INVALIDCONF", True)
 
 def sanity_handle_abichanges(status, d):
-- 
2.6.6



^ permalink raw reply related

* [krogoth][PATCH] gstreamer1.0-libav: Add 'valgrind' config option
From: Martin Jansa @ 2016-11-10 14:44 UTC (permalink / raw)
  To: openembedded-core; +Cc: Otavio Salvador

From: Otavio Salvador <otavio@ossystems.com.br>

This fixes following error:

,----
| src/libavutil/log.c:51:31: fatal error: valgrind/valgrind.h: No such file or directory
|  #include <valgrind/valgrind.h>
`----

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
Signed-off-by: Ross Burton <ross.burton@intel.com>
---
 meta/recipes-multimedia/gstreamer/gstreamer1.0-libav.inc | 1 +
 1 file changed, 1 insertion(+)

diff --git a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav.inc b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav.inc
index 363101e..2814a58 100644
--- a/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav.inc
+++ b/meta/recipes-multimedia/gstreamer/gstreamer1.0-libav.inc
@@ -18,6 +18,7 @@ PACKAGECONFIG[gpl] = "--enable-gpl,--disable-gpl,"
 PACKAGECONFIG[libav] = "--with-system-libav,,libav"
 PACKAGECONFIG[orc] = "--enable-orc,--disable-orc,orc"
 PACKAGECONFIG[yasm] = "--enable-yasm,--disable-yasm,yasm-native"
+PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind"
 
 GSTREAMER_1_0_DEBUG ?= "--disable-debug"
 
-- 
2.10.2



^ permalink raw reply related

* Re: [PATCH 2/2] librsvg: Add missing pixbufcache dependencies
From: Kyle Russell @ 2016-11-10 13:58 UTC (permalink / raw)
  To: Burton, Ross; +Cc: OE-core
In-Reply-To: <CAFrQVPMDPit+MZh47cUYef91vespyrh2X3_v9Edk2shXxin0aw@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 3864 bytes --]

We were able to capture a full cooker log with the libpixbufloader-jpeg
failure, and I only see the populate_lic_setscene tasks being run for
jpeg-native.  We were running jethro with the two patches I originally
provided in this thread.

Is there a specific task dependency chain you'd like for me to look for in
the log?

On Fri, Oct 14, 2016 at 5:55 AM, Kyle Russell <bkylerussell@gmail.com>
wrote:

> Actually, we just hit another failure mode running with these two
> patches.  Again, we're currently running on the jethro branch.
>
> g_module_open() failed for /poky/build/tmp/sysroots/x86_
> 64-linux/usr/lib/gdk-pixbuf-2.0/2.10.0/loaders/libpixbufloader-jpeg.so:
> libjpeg.so.9: cannot open shared object file: No such file or directory
>
> Looking at the build output itself, I was reminded of another signature of
> this failure.  It seems like the do_populate_lice_setscene runs for the
> package that should have provided libjpeg.so.9, but no
> do_populate_sysroot_setscene.  I remember also seeing this on the other
> failures I mentioned.
>
> $ cat build-output.log | grep jpeg-native
> NOTE: recipe jpeg-native-9a-r0: task do_populate_lic_setscene: Started
> NOTE: recipe jpeg-native-9a-r0: task do_populate_lic_setscene: Succeeded
>
> I can try to get the full cooker log from the build slave if you want.  Do
> you mean the file from tmp/log/cooker/<machine>/?  If I can get it, how
> would you prefer me send that to you?
>
> On Thu, Oct 13, 2016 at 9:09 AM, Burton, Ross <ross.burton@intel.com>
> wrote:
>
>>
>> On 11 October 2016 at 17:44, Kyle Russell <bkylerussell@gmail.com> wrote:
>>
>>> I suspect this list may still not be entirely complete, because ldd
>>> shows several dependencies for libpixbufloader-svg.so.  However, I'm not
>>> really that familiar with all the dependencies going on here; we are
>>> definitely seeing sporadic failures for various native libraries during the
>>> pixbufcache postinst task though.  Best I could tell, it looked like the
>>> PIXBUFCACHE_SYSROOT_DEPS functionality was accidentally removed from the
>>> pixbufcache.bbclass a while back (hence, my first patch).  Adding that hunk
>>> back in has seemed to help most of the failures, but we still see lingering
>>> failures for pixman and libXdmcp on occasion.
>>
>>
>> This bit of code is particularly tangled, so I'm hoping I can remember
>> the details.  The AB just hit a related problem earlier in the week so I'm
>> trying to remember how all this ties together.
>>
>> The SYSROOT_DEPS bit wasn't removed accidentally because the way the
>> query-loaders script is executed has changed.  It used to be ran via
>> SSTATEPOSTINSTFUNCS so would execute the moment that gdk-pixbuf-native or
>> librsvg-native was unpacked.  As sstate installation is top-down instead of
>> bottom-up this would generally mean that librsvg-native would be installed
>> before even gdk-pixbuf-native was installed, and typically before stuff
>> like libpng-native or the rest of the stack.
>>
>> This was changed so that the SSTATEPOSTINSTFUNC simply writes a
>> sstate-completion script that is executed once all of sstate has been
>> unpacked, so ordering isn't a problem. The logic to add explicit
>> dependencies isn't required anymore.
>>
>> Of course native dependencies are not as neat as target dependencies
>> which is something I'd really like to see fixed, but in general I can't
>> understand why this happens for you: if gdk-pixbuf-native can be extracted
>> from sstate then all of its dependencies must have been too, and they
>> include recipes such as libxdmcp-native.  If the dependencies need a
>> rebuild then gdk-pixbuf should need a rebuild too...
>>
>> A full cooker log with the bug would be appreciated, but I know that's
>> unlikely to happen!
>>
>> Ross
>>
>
>

[-- Attachment #2: Type: text/html, Size: 5248 bytes --]

^ permalink raw reply

* [PATCHv3][krogoth] curl: fix multiple CVEs
From: Sona Sarmadi @ 2016-11-10 12:59 UTC (permalink / raw)
  To: openembedded-core

CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

[url-remove-unconditional-idn2.h-include.patch is needed
for CVE-2016-8625]

Reference:
https://curl.haxx.se/docs/security.html

Fixes [Yocto #10617]

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-support/curl/curl/CVE-2016-8615.patch |  70 +++
 meta/recipes-support/curl/curl/CVE-2016-8616.patch |  50 ++
 meta/recipes-support/curl/curl/CVE-2016-8617.patch |  29 +
 meta/recipes-support/curl/curl/CVE-2016-8618.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8619.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8620.patch |  47 ++
 meta/recipes-support/curl/curl/CVE-2016-8621.patch | 104 ++++
 meta/recipes-support/curl/curl/CVE-2016-8622.patch |  95 ++++
 meta/recipes-support/curl/curl/CVE-2016-8623.patch | 174 ++++++
 meta/recipes-support/curl/curl/CVE-2016-8624.patch |  55 ++
 meta/recipes-support/curl/curl/CVE-2016-8625.patch | 615 +++++++++++++++++++++
 .../url-remove-unconditional-idn2.h-include.patch  |  29 +
 meta/recipes-support/curl/curl_7.47.1.bb           |  12 +
 13 files changed, 1378 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8615.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8616.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8617.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8618.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8619.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8620.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8621.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8622.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8623.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8624.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8625.patch
 create mode 100644 meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2016-8615.patch b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
new file mode 100644
index 0000000..95070f4
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
@@ -0,0 +1,70 @@
+From cff89bc088b7884098ea0c5378bbda3d49c437bc Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 17:36:19 +0200
+Subject: [PATCH] cookie: replace use of fgets() with custom version
+
+... that will ignore lines that are too long to fit in the buffer.
+
+CVE: CVE-2016-8615
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102A.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 31 ++++++++++++++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 4932ab1..1b3e645 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -902,6 +902,35 @@ Curl_cookie_add(struct Curl_easy *data,
+   return co;
+ }
+ 
++/*
++ * get_line() makes sure to only return complete whole lines that fit in 'len'
++ * bytes and end with a newline.
++ */
++static char *get_line(char *buf, int len, FILE *input)
++{
++  bool partial = FALSE;
++  while(1) {
++    char *b = fgets(buf, len, input);
++    if(b) {
++      size_t rlen = strlen(b);
++      if(rlen && (b[rlen-1] == '\n')) {
++        if(partial) {
++          partial = FALSE;
++          continue;
++        }
++        return b;
++      }
++      else
++        /* read a partial, discard the next piece that ends with newline */
++        partial = TRUE;
++    }
++    else
++      break;
++  }
++  return NULL;
++}
++
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_init()
+@@ -958,7 +987,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
+     line = malloc(MAX_COOKIE_LINE);
+     if(!line)
+       goto fail;
+-    while(fgets(line, MAX_COOKIE_LINE, fp)) {
++    while(get_line(line, MAX_COOKIE_LINE, fp)) {
+       if(checkprefix("Set-Cookie:", line)) {
+         /* This is a cookie line, get it! */
+         lineptr=&line[11];
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8616.patch b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
new file mode 100644
index 0000000..2849d28
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
@@ -0,0 +1,50 @@
+From b3ee26c5df75d97f6895e6ec4538894ebaf76e48 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 18:01:53 +0200
+Subject: [PATCH] connectionexists: use case sensitive user/password
+ comparisons
+
+CVE: CVE-2016-8616
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102B.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 09:16:20.459836564 +0100
+@@ -3305,8 +3305,8 @@
+       if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
+         /* This protocol requires credentials per connection,
+            so verify that we're using the same name and password as well */
+-        if(!strequal(needle->user, check->user) ||
+-           !strequal(needle->passwd, check->passwd)) {
++        if(strcmp(needle->user, check->user) ||
++           strcmp(needle->passwd, check->passwd)) {
+           /* one of them was different */
+           continue;
+         }
+@@ -3369,8 +3369,8 @@
+            possible. (Especially we must not reuse the same connection if
+            partway through a handshake!) */
+         if(wantNTLMhttp) {
+-          if(!strequal(needle->user, check->user) ||
+-             !strequal(needle->passwd, check->passwd))
++          if(strcmp(needle->user, check->user) ||
++             strcmp(needle->passwd, check->passwd))
+             continue;
+         }
+         else if(check->ntlm.state != NTLMSTATE_NONE) {
+@@ -3380,8 +3380,8 @@
+ 
+         /* Same for Proxy NTLM authentication */
+         if(wantProxyNTLMhttp) {
+-          if(!strequal(needle->proxyuser, check->proxyuser) ||
+-             !strequal(needle->proxypasswd, check->proxypasswd))
++          if(strcmp(needle->proxyuser, check->proxyuser) ||
++             strcmp(needle->proxypasswd, check->proxypasswd))
+             continue;
+         }
+         else if(check->proxyntlm.state != NTLMSTATE_NONE) {
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8617.patch b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
new file mode 100644
index 0000000..a9bb509
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
@@ -0,0 +1,29 @@
+From efd24d57426bd77c9b5860e6b297904703750412 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 00:05:12 +0200
+Subject: [PATCH] base64: check for integer overflow on large input
+
+CVE: CVE-2016-8617
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102C.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+diff -ruN a/lib/base64.c b/lib/base64.c
+--- a/lib/base64.c	2016-02-03 00:02:43.000000000 +0100
++++ b/lib/base64.c	2016-11-07 09:22:07.918167530 +0100
+@@ -190,6 +190,11 @@
+   if(0 == insize)
+     insize = strlen(indata);
+ 
++#if SIZEOF_SIZE_T == 4
++  if(insize > UINT_MAX/4)
++    return CURLE_OUT_OF_MEMORY;
++#endif
++
+   base64data = output = malloc(insize*4/3+4);
+   if(NULL == output)
+     return CURLE_OUT_OF_MEMORY;
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8618.patch b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
new file mode 100644
index 0000000..57b3397
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
@@ -0,0 +1,49 @@
+From 8732ec40db652c53fa58cd13e2acb8eab6e40874 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 10:15:34 +0200
+Subject: [PATCH] aprintf: detect wrap-around when growing allocation
+
+On 32bit systems we could otherwise wrap around after 2GB and allocate 0
+bytes and crash.
+
+CVE: CVE-2016-8618
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102D.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/mprintf.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/mprintf.c b/lib/mprintf.c
+index dbedeaa..2c88aa8 100644
+--- a/lib/mprintf.c
++++ b/lib/mprintf.c
+@@ -1036,16 +1036,19 @@ static int alloc_addbyter(int output, FILE *data)
+     infop->len =0;
+   }
+   else if(infop->len+1 >= infop->alloc) {
+-    char *newptr;
++    char *newptr = NULL;
++    size_t newsize = infop->alloc*2;
+ 
+-    newptr = realloc(infop->buffer, infop->alloc*2);
++    /* detect wrap-around or other overflow problems */
++    if(newsize > infop->alloc)
++      newptr = realloc(infop->buffer, newsize);
+ 
+     if(!newptr) {
+       infop->fail = 1;
+       return -1; /* fail */
+     }
+     infop->buffer = newptr;
+-    infop->alloc *= 2;
++    infop->alloc = newsize;
+   }
+ 
+   infop->buffer[ infop->len ] = outc;
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8619.patch b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
new file mode 100644
index 0000000..13c67c2
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
@@ -0,0 +1,49 @@
+From 3d6460edeee21d7d790ec570d0887bed1f4366dd Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 12:56:02 +0200
+Subject: [PATCH] krb5: avoid realloc(0)
+
+If the requested size is zero, bail out with error instead of doing a
+realloc() that would cause a double-free: realloc(0) acts as a free()
+and then there's a second free in the cleanup path.
+
+CVE: CVE-2016-8619
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102E.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/security.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/security.c b/lib/security.c
+index a268d4a..4cef8f8 100644
+--- a/lib/security.c
++++ b/lib/security.c
+@@ -192,15 +192,18 @@ static CURLcode read_data(struct connectdata *conn,
+                           struct krb5buffer *buf)
+ {
+   int len;
+-  void* tmp;
++  void *tmp = NULL;
+   CURLcode result;
+ 
+   result = socket_read(fd, &len, sizeof(len));
+   if(result)
+     return result;
+ 
+-  len = ntohl(len);
+-  tmp = realloc(buf->data, len);
++  if(len) {
++    /* only realloc if there was a length */
++    len = ntohl(len);
++    tmp = realloc(buf->data, len);
++  }
+   if(tmp == NULL)
+     return CURLE_OUT_OF_MEMORY;
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8620.patch b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
new file mode 100644
index 0000000..9cea298
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
@@ -0,0 +1,47 @@
+From fbb5f1aa0326d485d5a7ac643b48481897ca667f Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 3 Oct 2016 17:27:16 +0200
+Subject: [PATCH] range: prevent negative end number in a glob range
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CVE: CVE-2016-8620
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102F.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ src/tool_urlglob.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
+index a357b8b..64c75ba 100644
+--- a/src/tool_urlglob.c
++++ b/src/tool_urlglob.c
+@@ -257,6 +257,12 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+         endp = NULL;
+       else {
+         pattern = endp+1;
++        while(*pattern && ISBLANK(*pattern))
++          pattern++;
++        if(!ISDIGIT(*pattern)) {
++          endp = NULL;
++          goto fail;
++        }
+         errno = 0;
+         max_n = strtoul(pattern, &endp, 10);
+         if(errno || (*endp == ':')) {
+@@ -277,6 +283,7 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+       }
+     }
+ 
++    fail:
+     *posp += (pattern - *patternp);
+ 
+     if(!endp || (min_n > max_n) || (step_n > (max_n - min_n)) || !step_n)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8621.patch b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
new file mode 100644
index 0000000..c05968e
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
@@ -0,0 +1,104 @@
+From 96a80b5a262fb6dd2ddcea7987296f3b9a405618 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 16:59:38 +0200
+Subject: [PATCH] parsedate: handle cut off numbers better
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+... and don't read outside of the given buffer!
+
+CVE: CVE-2016-8621
+
+Upstream-Status: Backport
+
+bug: https://curl.haxx.se/docs/adv_20161102G.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/parsedate.c        | 12 +++++++-----
+ tests/data/test517     |  6 ++++++
+ tests/libtest/lib517.c |  8 +++++++-
+ 3 files changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/lib/parsedate.c b/lib/parsedate.c
+index dfcf855..8e932f4 100644
+--- a/lib/parsedate.c
++++ b/lib/parsedate.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -386,15 +386,17 @@ static int parsedate(const char *date, time_t *output)
+       /* a digit */
+       int val;
+       char *end;
++      int len=0;
+       if((secnum == -1) &&
+-         (3 == sscanf(date, "%02d:%02d:%02d", &hournum, &minnum, &secnum))) {
++         (3 == sscanf(date, "%02d:%02d:%02d%n",
++                      &hournum, &minnum, &secnum, &len))) {
+         /* time stamp! */
+-        date += 8;
++        date += len;
+       }
+       else if((secnum == -1) &&
+-              (2 == sscanf(date, "%02d:%02d", &hournum, &minnum))) {
++              (2 == sscanf(date, "%02d:%02d%n", &hournum, &minnum, &len))) {
+         /* time stamp without seconds */
+-        date += 5;
++        date += len;
+         secnum = 0;
+       }
+       else {
+diff --git a/tests/data/test517 b/tests/data/test517
+index c81a45e..513634f 100644
+--- a/tests/data/test517
++++ b/tests/data/test517
+@@ -116,6 +116,12 @@ nothing
+ 81: 20111323 12:34:56 => -1
+ 82: 20110623 12:34:79 => -1
+ 83: Wed, 31 Dec 2008 23:59:60 GMT => 1230768000
++84: 20110623 12:3 => 1308830580
++85: 20110623 1:3 => 1308790980
++86: 20110623 1:30 => 1308792600
++87: 20110623 12:12:3 => 1308831123
++88: 20110623 01:12:3 => 1308791523
++89: 20110623 01:99:30 => -1
+ </stdout>
+ 
+ # This test case previously tested an overflow case ("2094 Nov 6 =>
+diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
+index 2f68ebd..22162ff 100644
+--- a/tests/libtest/lib517.c
++++ b/tests/libtest/lib517.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -116,6 +116,12 @@ static const char * const dates[]={
+   "20111323 12:34:56",
+   "20110623 12:34:79",
+   "Wed, 31 Dec 2008 23:59:60 GMT", /* leap second */
++  "20110623 12:3",
++  "20110623 1:3",
++  "20110623 1:30",
++  "20110623 12:12:3",
++  "20110623 01:12:3",
++  "20110623 01:99:30",
+   NULL
+ };
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8622.patch b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
new file mode 100644
index 0000000..aedc85b
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
@@ -0,0 +1,95 @@
+From 53e71e47d6b81650d26ec33a58d0dca24c7ffb2c Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 18:56:45 +0200
+Subject: [PATCH] unescape: avoid integer overflow
+
+CVE: CVE-2016-8622
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102H.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/docs/libcurl/curl_easy_unescape.3 b/docs/libcurl/curl_easy_unescape.3
+--- a/docs/libcurl/curl_easy_unescape.3	2016-02-03 00:08:02.000000000 +0100
++++ b/docs/libcurl/curl_easy_unescape.3	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+ .\" *                            | (__| |_| |  _ <| |___
+ .\" *                             \___|\___/|_| \_\_____|
+ .\" *
+-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ .\" *
+ .\" * This software is licensed as described in the file COPYING, which
+ .\" * you should have received as part of this distribution. The terms
+@@ -40,7 +40,10 @@
+ 
+ If \fBoutlength\fP is non-NULL, the function will write the length of the
+ returned string in the integer it points to. This allows an escaped string
+-containing %00 to still get used properly after unescaping.
++containing %00 to still get used properly after unescaping. Since this is a
++pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no
++longer string can be unescaped if the string length is returned in this
++parameter.
+ 
+ You must \fIcurl_free(3)\fP the returned string when you're done with it.
+ .SH AVAILABILITY
+diff -ruN a/lib/dict.c b/lib/dict.c
+--- a/lib/dict.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/dict.c	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -52,7 +52,7 @@
+ #include <curl/curl.h>
+ #include "transfer.h"
+ #include "sendf.h"
+-
++#include "escape.h"
+ #include "progress.h"
+ #include "strequal.h"
+ #include "dict.h"
+@@ -96,12 +96,12 @@
+   char *newp;
+   char *dictp;
+   char *ptr;
+-  int len;
++  size_t len;
+   char ch;
+   int olen=0;
+ 
+-  newp = curl_easy_unescape(data, inputbuff, 0, &len);
+-  if(!newp)
++  CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE);
++  if(!newp || result)
+     return NULL;
+ 
+   dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */
+diff -ruN a/lib/escape.c b/lib/escape.c
+--- a/lib/escape.c	2016-02-05 10:02:03.000000000 +0100
++++ b/lib/escape.c	2016-11-07 09:29:43.073671606 +0100
+@@ -217,8 +217,14 @@
+                                 FALSE);
+   if(res)
+     return NULL;
+-  if(olen)
+-    *olen = curlx_uztosi(outputlen);
++
++    if(olen) {
++      if(outputlen <= (size_t) INT_MAX)
++        *olen = curlx_uztosi(outputlen);
++      else
++        /* too large to return in an int, fail! */
++        Curl_safefree(str);
++    }
+   return str;
+ }
+ 
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8623.patch b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
new file mode 100644
index 0000000..e791ecd
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
@@ -0,0 +1,174 @@
+From c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 23:26:13 +0200
+Subject: [PATCH] cookies: getlist() now holds deep copies of all cookies
+
+Previously it only held references to them, which was reckless as the
+thread lock was released so the cookies could get modified by other
+handles that share the same cookie jar over the share interface.
+
+CVE: CVE-2016-8623
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102I.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 61 +++++++++++++++++++++++++++++++++++++++---------------------
+ lib/cookie.h |  4 ++--
+ lib/http.c   |  2 +-
+ 3 files changed, 43 insertions(+), 24 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 0f05da2..8607ce3 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -1024,6 +1024,40 @@ static int cookie_sort(const void *p1, const void *p2)
+   return 0;
+ }
+ 
++#define CLONE(field)                     \
++  do {                                   \
++    if(src->field) {                     \
++      dup->field = strdup(src->field);   \
++      if(!dup->field)                    \
++        goto fail;                       \
++    }                                    \
++  } while(0)
++
++static struct Cookie *dup_cookie(struct Cookie *src)
++{
++  struct Cookie *dup = calloc(sizeof(struct Cookie), 1);
++  if(dup) {
++    CLONE(expirestr);
++    CLONE(domain);
++    CLONE(path);
++    CLONE(spath);
++    CLONE(name);
++    CLONE(value);
++    CLONE(maxage);
++    CLONE(version);
++    dup->expires = src->expires;
++    dup->tailmatch = src->tailmatch;
++    dup->secure = src->secure;
++    dup->livecookie = src->livecookie;
++    dup->httponly = src->httponly;
++  }
++  return dup;
++
++  fail:
++  freecookie(dup);
++  return NULL;
++}
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_getlist()
+@@ -1079,11 +1113,8 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           /* and now, we know this is a match and we should create an
+              entry for the return-linked-list */
+ 
+-          newco = malloc(sizeof(struct Cookie));
++          newco = dup_cookie(co);
+           if(newco) {
+-            /* first, copy the whole source cookie: */
+-            memcpy(newco, co, sizeof(struct Cookie));
+-
+             /* then modify our next */
+             newco->next = mainco;
+ 
+@@ -1095,12 +1126,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           else {
+             fail:
+             /* failure, clear up the allocated chain and return NULL */
+-            while(mainco) {
+-              co = mainco->next;
+-              free(mainco);
+-              mainco = co;
+-            }
+-
++            Curl_cookie_freelist(mainco);
+             return NULL;
+           }
+         }
+@@ -1152,7 +1178,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+ void Curl_cookie_clearall(struct CookieInfo *cookies)
+ {
+   if(cookies) {
+-    Curl_cookie_freelist(cookies->cookies, TRUE);
++    Curl_cookie_freelist(cookies->cookies);
+     cookies->cookies = NULL;
+     cookies->numcookies = 0;
+   }
+@@ -1164,21 +1190,14 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
+  *
+  * Free a list of cookies previously returned by Curl_cookie_getlist();
+  *
+- * The 'cookiestoo' argument tells this function whether to just free the
+- * list or actually also free all cookies within the list as well.
+- *
+  ****************************************************************************/
+ 
+-void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
++void Curl_cookie_freelist(struct Cookie *co)
+ {
+   struct Cookie *next;
+   while(co) {
+     next = co->next;
+-    if(cookiestoo)
+-      freecookie(co);
+-    else
+-      free(co); /* we only free the struct since the "members" are all just
+-                   pointed out in the main cookie list! */
++    freecookie(co);
+     co = next;
+   }
+ }
+@@ -1233,7 +1252,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
+ {
+   if(c) {
+     free(c->filename);
+-    Curl_cookie_freelist(c->cookies, TRUE);
++    Curl_cookie_freelist(c->cookies);
+     free(c); /* free the base struct as well */
+   }
+ }
+diff --git a/lib/cookie.h b/lib/cookie.h
+index cd7c54a..a9a4578 100644
+--- a/lib/cookie.h
++++ b/lib/cookie.h
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -82,7 +82,7 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data,
+ 
+ struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
+                                    const char *, bool);
+-void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
++void Curl_cookie_freelist(struct Cookie *cookies);
+ void Curl_cookie_clearall(struct CookieInfo *cookies);
+ void Curl_cookie_clearsess(struct CookieInfo *cookies);
+ 
+diff --git a/lib/http.c b/lib/http.c
+index 65c145a..e6e7d37 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -2384,7 +2384,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
+         }
+         co = co->next; /* next cookie please */
+       }
+-      Curl_cookie_freelist(store, FALSE); /* free the cookie list */
++      Curl_cookie_freelist(store);
+     }
+     if(addcookies && !result) {
+       if(!count)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8624.patch b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
new file mode 100644
index 0000000..fb62282
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
@@ -0,0 +1,55 @@
+From 3bb273db7e40ebc284cff45f3ce3f0475c8339c2 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 11 Oct 2016 00:48:35 +0200
+Subject: [PATCH] urlparse: accept '#' as end of host name
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+'http://example.com#@127.0.0.1/x.txt' equals a request to example.com
+for the '/' document with the rest of the URL being a fragment.
+
+CVE: CVE-2016-8624
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102J.html
+Reported-by: Fernando Muñoz
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 10:16:13.562089428 +0100
+@@ -4086,7 +4086,7 @@
+     path[0]=0;
+ 
+     if(2 > sscanf(data->change.url,
+-                   "%15[^\n:]://%[^\n/?]%[^\n]",
++                   "%15[^\n:]://%[^\n/?#]%[^\n]",
+                    protobuf,
+                    conn->host.name, path)) {
+ 
+@@ -4094,7 +4094,7 @@
+        * The URL was badly formatted, let's try the browser-style _without_
+        * protocol specified like 'http://'.
+        */
+-      rc = sscanf(data->change.url, "%[^\n/?]%[^\n]", conn->host.name, path);
++      rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
+       if(1 > rc) {
+         /*
+          * We couldn't even get this format.
+@@ -4184,10 +4184,10 @@
+   }
+ 
+   /* If the URL is malformatted (missing a '/' after hostname before path) we
+-   * insert a slash here. The only letter except '/' we accept to start a path
+-   * is '?'.
++   * insert a slash here. The only letters except '/' that can start a path is
++   * '?' and '#' - as controlled by the two sscanf() patterns above.
+    */
+-  if(path[0] == '?') {
++  if(path[0] != '/') {
+     /* We need this function to deal with overlapping memory areas. We know
+        that the memory area 'path' points to is 'urllen' bytes big and that
+        is bigger than the path. Use +1 to move the zero byte too. */
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8625.patch b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
new file mode 100644
index 0000000..a385cc3
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
@@ -0,0 +1,615 @@
+commit 914aae739463ec72340130ea9ad42e04b02a5338
+Author: Daniel Stenberg <daniel@haxx.se>
+Date:   Wed Oct 12 09:01:06 2016 +0200
+
+idn: switch to libidn2 use and IDNA2008 support
+    
+CVE: CVE-2016-8625
+    
+Bug: https://curl.haxx.se/docs/adv_20161102K.html
+Reported-by: Christian Heimes
+    
+Conflicts:
+    CMakeLists.txt
+    lib/url.c
+
+Signed-off-by: Martin Borg <martin.borg@enea.com>
+Signen-off-by: Sona Sarmadi <sona.sarmadi@enea.com> 
+
+diff --git a/CMakeLists.txt b/CMakeLists.txt
+index 06f18cf..c3e5c7c 100644
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -440,7 +440,7 @@ if(NOT CURL_DISABLE_LDAPS)
+ endif()
+ 
+ # Check for idn
+-check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
++check_library_exists_concat("idn2" idn2_lookup_ul HAVE_LIBIDN2)
+ 
+ # Check for symbol dlopen (same as HAVE_LIBDL)
+ check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
+@@ -608,7 +608,7 @@ check_include_file_concat("des.h"            HAVE_DES_H)
+ check_include_file_concat("err.h"            HAVE_ERR_H)
+ check_include_file_concat("errno.h"          HAVE_ERRNO_H)
+ check_include_file_concat("fcntl.h"          HAVE_FCNTL_H)
+-check_include_file_concat("idn-free.h"       HAVE_IDN_FREE_H)
++check_include_file_concat("idn2.h"           HAVE_IDN2_H)
+ check_include_file_concat("ifaddrs.h"        HAVE_IFADDRS_H)
+ check_include_file_concat("io.h"             HAVE_IO_H)
+ check_include_file_concat("krb.h"            HAVE_KRB_H)
+@@ -638,7 +638,6 @@ check_include_file_concat("stropts.h"        HAVE_STROPTS_H)
+ check_include_file_concat("termio.h"         HAVE_TERMIO_H)
+ check_include_file_concat("termios.h"        HAVE_TERMIOS_H)
+ check_include_file_concat("time.h"           HAVE_TIME_H)
+-check_include_file_concat("tld.h"            HAVE_TLD_H)
+ check_include_file_concat("unistd.h"         HAVE_UNISTD_H)
+ check_include_file_concat("utime.h"          HAVE_UTIME_H)
+ check_include_file_concat("x509.h"           HAVE_X509_H)
+@@ -652,9 +651,6 @@ check_include_file_concat("netinet/if_ether.h" HAVE_NETINET_IF_ETHER_H)
+ check_include_file_concat("stdint.h"        HAVE_STDINT_H)
+ check_include_file_concat("sockio.h"        HAVE_SOCKIO_H)
+ check_include_file_concat("sys/utsname.h"   HAVE_SYS_UTSNAME_H)
+-check_include_file_concat("idna.h"          HAVE_IDNA_H)
+-
+-
+ 
+ check_type_size(size_t  SIZEOF_SIZE_T)
+ check_type_size(ssize_t  SIZEOF_SSIZE_T)
+@@ -802,9 +798,6 @@ check_symbol_exists(pipe           "${CURL_INCLUDES}" HAVE_PIPE)
+ check_symbol_exists(ftruncate      "${CURL_INCLUDES}" HAVE_FTRUNCATE)
+ check_symbol_exists(getprotobyname "${CURL_INCLUDES}" HAVE_GETPROTOBYNAME)
+ check_symbol_exists(getrlimit      "${CURL_INCLUDES}" HAVE_GETRLIMIT)
+-check_symbol_exists(idn_free       "${CURL_INCLUDES}" HAVE_IDN_FREE)
+-check_symbol_exists(idna_strerror  "${CURL_INCLUDES}" HAVE_IDNA_STRERROR)
+-check_symbol_exists(tld_strerror   "${CURL_INCLUDES}" HAVE_TLD_STRERROR)
+ check_symbol_exists(setlocale      "${CURL_INCLUDES}" HAVE_SETLOCALE)
+ check_symbol_exists(setrlimit      "${CURL_INCLUDES}" HAVE_SETRLIMIT)
+ check_symbol_exists(fcntl          "${CURL_INCLUDES}" HAVE_FCNTL)
+@@ -1067,7 +1060,7 @@ _add_if("IPv6"          ENABLE_IPV6)
+ _add_if("unix-sockets"  USE_UNIX_SOCKETS)
+ _add_if("libz"          HAVE_LIBZ)
+ _add_if("AsynchDNS"     USE_ARES OR USE_THREADS_POSIX)
+-_add_if("IDN"           HAVE_LIBIDN)
++_add_if("IDN"           HAVE_LIBIDN2)
+ # TODO SSP1 (WinSSL) check is missing
+ _add_if("SSPI"          USE_WINDOWS_SSPI)
+ _add_if("GSS-API"       HAVE_GSSAPI)
+diff --git a/configure.ac b/configure.ac
+index 4c9862f..c8e2721 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -157,7 +157,7 @@ curl_tls_srp_msg="no      (--enable-tls-srp)"
+     curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
+    curl_ipv6_msg="no      (--enable-ipv6)"
+ curl_unix_sockets_msg="no      (--enable-unix-sockets)"
+-    curl_idn_msg="no      (--with-{libidn,winidn})"
++    curl_idn_msg="no      (--with-{libidn2,winidn})"
+  curl_manual_msg="no      (--enable-manual)"
+ curl_libcurl_msg="enabled (--disable-libcurl-option)"
+ curl_verbose_msg="enabled (--disable-verbose)"
+@@ -2825,15 +2825,15 @@ dnl **********************************************************************
+ dnl Check for the presence of IDN libraries and headers
+ dnl **********************************************************************
+ 
+-AC_MSG_CHECKING([whether to build with libidn])
++AC_MSG_CHECKING([whether to build with libidn2])
+ OPT_IDN="default"
+ AC_ARG_WITH(libidn,
+-AC_HELP_STRING([--with-libidn=PATH],[Enable libidn usage])
+-AC_HELP_STRING([--without-libidn],[Disable libidn usage]),
++AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
++AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
+   [OPT_IDN=$withval])
+ case "$OPT_IDN" in
+   no)
+-    dnl --without-libidn option used
++    dnl --without-libidn2 option used
+     want_idn="no"
+     AC_MSG_RESULT([no])
+     ;;
+@@ -2844,13 +2844,13 @@ case "$OPT_IDN" in
+     AC_MSG_RESULT([(assumed) yes])
+     ;;
+   yes)
+-    dnl --with-libidn option used without path
++    dnl --with-libidn2 option used without path
+     want_idn="yes"
+     want_idn_path="default"
+     AC_MSG_RESULT([yes])
+     ;;
+   *)
+-    dnl --with-libidn option used with path
++    dnl --with-libidn2 option used with path
+     want_idn="yes"
+     want_idn_path="$withval"
+     AC_MSG_RESULT([yes ($withval)])
+@@ -2867,33 +2867,33 @@ if test "$want_idn" = "yes"; then
+   if test "$want_idn_path" != "default"; then
+     dnl path has been specified
+     IDN_PCDIR="$want_idn_path/lib$libsuff/pkgconfig"
+-    CURL_CHECK_PKGCONFIG(libidn, [$IDN_PCDIR])
++    CURL_CHECK_PKGCONFIG(libidn2, [$IDN_PCDIR])
+     if test "$PKGCONFIG" != "no"; then
+       IDN_LIBS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-l libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-l libidn2 2>/dev/null`
+       IDN_LDFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-L libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-L libidn2 2>/dev/null`
+       IDN_CPPFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++        $PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+       IDN_LDFLAGS="-L$want_idn_path/lib$libsuff"
+       IDN_CPPFLAGS="-I$want_idn_path/include"
+       IDN_DIR="$want_idn_path/lib$libsuff"
+     fi
+   else
+     dnl path not specified
+-    CURL_CHECK_PKGCONFIG(libidn)
++    CURL_CHECK_PKGCONFIG(libidn2)
+     if test "$PKGCONFIG" != "no"; then
+-      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn 2>/dev/null`
+-      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn 2>/dev/null`
+-      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn2 2>/dev/null`
++      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn2 2>/dev/null`
++      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+     fi
+   fi
+   #
+@@ -2913,9 +2913,9 @@ if test "$want_idn" = "yes"; then
+   LDFLAGS="$IDN_LDFLAGS $LDFLAGS"
+   LIBS="$IDN_LIBS $LIBS"
+   #
+-  AC_MSG_CHECKING([if idna_to_ascii_4i can be linked])
++  AC_MSG_CHECKING([if idn2_lookup_ul can be linked])
+   AC_LINK_IFELSE([
+-    AC_LANG_FUNC_LINK_TRY([idna_to_ascii_4i])
++    AC_LANG_FUNC_LINK_TRY([idn2_lookup_ul])
+   ],[
+     AC_MSG_RESULT([yes])
+     tst_links_libidn="yes"
+@@ -2923,37 +2923,19 @@ if test "$want_idn" = "yes"; then
+     AC_MSG_RESULT([no])
+     tst_links_libidn="no"
+   ])
+-  if test "$tst_links_libidn" = "no"; then
+-    AC_MSG_CHECKING([if idna_to_ascii_lz can be linked])
+-    AC_LINK_IFELSE([
+-      AC_LANG_FUNC_LINK_TRY([idna_to_ascii_lz])
+-    ],[
+-      AC_MSG_RESULT([yes])
+-      tst_links_libidn="yes"
+-    ],[
+-      AC_MSG_RESULT([no])
+-      tst_links_libidn="no"
+-    ])
+-  fi
+   #
++  AC_CHECK_HEADERS( idn2.h )
++
+   if test "$tst_links_libidn" = "yes"; then
+-    AC_DEFINE(HAVE_LIBIDN, 1, [Define to 1 if you have the `idn' library (-lidn).])
++    AC_DEFINE(HAVE_LIBIDN2, 1, [Define to 1 if you have the `idn2' library (-lidn2).])
+     dnl different versions of libidn have different setups of these:
+-    AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror )
+-    AC_CHECK_HEADERS( idn-free.h tld.h )
+-    if test "x$ac_cv_header_tld_h" = "xyes"; then
+-      AC_SUBST([IDN_ENABLED], [1])
+-      curl_idn_msg="enabled"
+-      if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
+-        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
+-        export LD_LIBRARY_PATH
+-        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+-      fi
+-    else
+-      AC_MSG_WARN([Libraries for IDN support too old: IDN disabled])
+-      CPPFLAGS="$clean_CPPFLAGS"
+-      LDFLAGS="$clean_LDFLAGS"
+-      LIBS="$clean_LIBS"
++
++    AC_SUBST([IDN_ENABLED], [1])
++    curl_idn_msg="enabled (libidn2)"
++    if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
++      LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
++      export LD_LIBRARY_PATH
++      AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+     fi
+   else
+     AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
+diff --git a/lib/curl_setup.h b/lib/curl_setup.h
+index 33ad129..5fb241b 100644
+--- a/lib/curl_setup.h
++++ b/lib/curl_setup.h
+@@ -590,10 +590,9 @@ int netware_init(void);
+ #endif
+ #endif
+ 
+-#if defined(HAVE_LIBIDN) && defined(HAVE_TLD_H)
+-/* The lib was present and the tld.h header (which is missing in libidn 0.3.X
+-   but we only work with libidn 0.4.1 or later) */
+-#define USE_LIBIDN
++#if defined(HAVE_LIBIDN2) && defined(HAVE_IDN2_H)
++/* The lib and header are present */
++#define USE_LIBIDN2
+ #endif
+ 
+ #ifndef SIZEOF_TIME_T
+diff --git a/lib/easy.c b/lib/easy.c
+index d529da8..51d57e3 100644
+--- a/lib/easy.c
++++ b/lib/easy.c
+@@ -144,28 +144,6 @@ static CURLcode win32_init(void)
+   return CURLE_OK;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Initialise use of IDNA library.
+- * It falls back to ASCII if $CHARSET isn't defined. This doesn't work for
+- * idna_to_ascii_lz().
+- */
+-static void idna_init (void)
+-{
+-#ifdef WIN32
+-  char buf[60];
+-  UINT cp = GetACP();
+-
+-  if(!getenv("CHARSET") && cp > 0) {
+-    snprintf(buf, sizeof(buf), "CHARSET=cp%u", cp);
+-    putenv(buf);
+-  }
+-#else
+-  /* to do? */
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ /* true globals -- for curl_global_init() and curl_global_cleanup() */
+ static unsigned int  initialized;
+ static long          init_flags;
+@@ -262,10 +240,6 @@ static CURLcode global_init(long flags, bool memoryfuncs)
+   }
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-  idna_init();
+-#endif
+-
+   if(Curl_resolver_global_init()) {
+     DEBUGF(fprintf(stderr, "Error: resolver_global_init failed\n"));
+     return CURLE_FAILED_INIT;
+diff --git a/lib/strerror.c b/lib/strerror.c
+index d222a1f..bf4faae 100644
+--- a/lib/strerror.c
++++ b/lib/strerror.c
+@@ -35,8 +35,8 @@
+ 
+ #include <curl/curl.h>
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_WINDOWS_SSPI
+@@ -723,83 +723,6 @@ const char *Curl_strerror(struct connectdata *conn, int err)
+   return buf;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Return error-string for libidn status as returned from idna_to_ascii_lz().
+- */
+-const char *Curl_idn_strerror (struct connectdata *conn, int err)
+-{
+-#ifdef HAVE_IDNA_STRERROR
+-  (void)conn;
+-  return idna_strerror((Idna_rc) err);
+-#else
+-  const char *str;
+-  char *buf;
+-  size_t max;
+-
+-  DEBUGASSERT(conn);
+-
+-  buf = conn->syserr_buf;
+-  max = sizeof(conn->syserr_buf)-1;
+-  *buf = '\0';
+-
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  switch ((Idna_rc)err) {
+-    case IDNA_SUCCESS:
+-      str = "No error";
+-      break;
+-    case IDNA_STRINGPREP_ERROR:
+-      str = "Error in string preparation";
+-      break;
+-    case IDNA_PUNYCODE_ERROR:
+-      str = "Error in Punycode operation";
+-      break;
+-    case IDNA_CONTAINS_NON_LDH:
+-      str = "Illegal ASCII characters";
+-      break;
+-    case IDNA_CONTAINS_MINUS:
+-      str = "Contains minus";
+-      break;
+-    case IDNA_INVALID_LENGTH:
+-      str = "Invalid output length";
+-      break;
+-    case IDNA_NO_ACE_PREFIX:
+-      str = "No ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ROUNDTRIP_VERIFY_ERROR:
+-      str = "Round trip verify error";
+-      break;
+-    case IDNA_CONTAINS_ACE_PREFIX:
+-      str = "Already have ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ICONV_ERROR:
+-      str = "Locale conversion failed";
+-      break;
+-    case IDNA_MALLOC_ERROR:
+-      str = "Allocation failed";
+-      break;
+-    case IDNA_DLOPEN_ERROR:
+-      str = "dlopen() error";
+-      break;
+-    default:
+-      snprintf(buf, max, "error %d", err);
+-      str = NULL;
+-      break;
+-  }
+-#else
+-  if((Idna_rc)err == IDNA_SUCCESS)
+-    str = "No error";
+-  else
+-    str = "Error";
+-#endif
+-  if(str)
+-    strncpy(buf, str, max);
+-  buf[max] = '\0';
+-  return (buf);
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ #ifdef USE_WINDOWS_SSPI
+ const char *Curl_sspi_strerror (struct connectdata *conn, int err)
+ {
+diff --git a/lib/strerror.h b/lib/strerror.h
+index ae8c96b..627273e 100644
+--- a/lib/strerror.h
++++ b/lib/strerror.h
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -26,7 +26,7 @@
+ 
+ const char *Curl_strerror (struct connectdata *conn, int err);
+ 
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+ const char *Curl_idn_strerror (struct connectdata *conn, int err);
+ #endif
+ 
+diff --git a/lib/url.c b/lib/url.c
+index 8832989..8d52152 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -59,24 +59,15 @@
+ #include <limits.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
+-#include <tld.h>
+-#include <stringprep.h>
+-#ifdef HAVE_IDN_FREE_H
+-#include <idn-free.h>
+-#else
+-/* prototype from idn-free.h, not provided by libidn 0.4.5's make install! */
+-void idn_free (void *ptr);
+-#endif
+-#ifndef HAVE_IDN_FREE
+-/* if idn_free() was not found in this version of libidn use free() instead */
+-#define idn_free(x) (free)(x)
+-#endif
++#ifdef USE_LIBIDN2
++#include <idn2.h>
++
+ #elif defined(USE_WIN32_IDN)
+ /* prototype for curl_win32_idn_to_ascii() */
+ int curl_win32_idn_to_ascii(const char *in, char **out);
+-#endif  /* USE_LIBIDN */
++#endif  /* USE_LIBIDN2 */
++
++#include <idn2.h>
+ 
+ #include "urldata.h"
+ #include "netrc.h"
+@@ -3693,59 +3684,15 @@ static bool is_ASCII_name(const char *hostname)
+   return TRUE;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Check if characters in hostname is allowed in Top Level Domain.
+- */
+-static bool tld_check_name(struct SessionHandle *data,
+-                           const char *ace_hostname)
+-{
+-  size_t err_pos;
+-  char *uc_name = NULL;
+-  int rc;
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  const char *tld_errmsg = "<no msg>";
+-#else
+-  (void)data;
+-#endif
+-
+-  /* Convert (and downcase) ACE-name back into locale's character set */
+-  rc = idna_to_unicode_lzlz(ace_hostname, &uc_name, 0);
+-  if(rc != IDNA_SUCCESS)
+-    return FALSE;
+-
+-  rc = tld_check_lz(uc_name, &err_pos, NULL);
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-#ifdef HAVE_TLD_STRERROR
+-  if(rc != TLD_SUCCESS)
+-    tld_errmsg = tld_strerror((Tld_rc)rc);
+-#endif
+-  if(rc == TLD_INVALID)
+-    infof(data, "WARNING: %s; pos %u = `%c'/0x%02X\n",
+-          tld_errmsg, err_pos, uc_name[err_pos],
+-          uc_name[err_pos] & 255);
+-  else if(rc != TLD_SUCCESS)
+-    infof(data, "WARNING: TLD check for %s failed; %s\n",
+-          uc_name, tld_errmsg);
+-#endif /* CURL_DISABLE_VERBOSE_STRINGS */
+-  if(uc_name)
+-     idn_free(uc_name);
+-  if(rc != TLD_SUCCESS)
+-    return FALSE;
+-
+-  return TRUE;
+-}
+-#endif
+-
+ /*
+  * Perform any necessary IDN conversion of hostname
+  */
+-static void fix_hostname(struct SessionHandle *data,
+-                         struct connectdata *conn, struct hostname *host)
++static void fix_hostname(struct connectdata *conn, struct hostname *host)
+ {
+   size_t len;
++  struct Curl_easy *data = conn->data;
+ 
+-#ifndef USE_LIBIDN
++#ifndef USE_LIBIDN2
+   (void)data;
+   (void)conn;
+ #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
+@@ -3762,26 +3709,18 @@ static void fix_hostname(struct SessionHandle *data,
+     host->name[len-1]=0;
+ 
+   if(!is_ASCII_name(host->name)) {
+-#ifdef USE_LIBIDN
+-  /*************************************************************
+-   * Check name for non-ASCII and convert hostname to ACE form.
+-   *************************************************************/
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
+-    char *ace_hostname = NULL;
+-    int rc = idna_to_ascii_lz(host->name, &ace_hostname, 0);
+-    infof (data, "Input domain encoded as `%s'\n",
+-           stringprep_locale_charset ());
+-    if(rc != IDNA_SUCCESS)
+-      infof(data, "Failed to convert %s to ACE; %s\n",
+-            host->name, Curl_idn_strerror(conn, rc));
+-    else {
+-      /* tld_check_name() displays a warning if the host name contains
+-         "illegal" characters for this TLD */
+-      (void)tld_check_name(data, ace_hostname);
+-
+-      host->encalloc = ace_hostname;
+-      /* change the name pointer to point to the encoded hostname */
+-      host->name = host->encalloc;
++#ifdef USE_LIBIDN2
++    if(idn2_check_version(IDN2_VERSION)) {
++      char *ace_hostname = NULL;
++      int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, 0);
++      if(rc == IDN2_OK) {
++        host->encalloc = (char *)ace_hostname;
++        /* change the name pointer to point to the encoded hostname */
++        host->name = host->encalloc;
++      }
++      else
++        infof(data, "Failed to convert %s to ACE; %s\n", host->name,
++              idn2_strerror(rc));
+     }
+   }
+ #elif defined(USE_WIN32_IDN)
+@@ -3809,9 +3748,9 @@ static void fix_hostname(struct SessionHandle *data,
+  */
+ static void free_fixed_hostname(struct hostname *host)
+ {
+-#if defined(USE_LIBIDN)
++#if defined(USE_LIBIDN2)
+   if(host->encalloc) {
+-    idn_free(host->encalloc); /* must be freed with idn_free() since this was
++    idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
+                                  allocated by libidn */
+     host->encalloc = NULL;
+   }
+@@ -5707,9 +5646,9 @@ static CURLcode create_conn(struct SessionHandle *data,
+   /*************************************************************
+    * IDN-fix the hostnames
+    *************************************************************/
+-  fix_hostname(data, conn, &conn->host);
++  fix_hostname(conn, &conn->host);
+   if(conn->proxy.name && *conn->proxy.name)
+-    fix_hostname(data, conn, &conn->proxy);
++    fix_hostname(conn, &conn->proxy);
+ 
+   /*************************************************************
+    * Setup internals depending on protocol. Needs to be done after
+diff --git a/lib/version.c b/lib/version.c
+index 7f14fa5..a5c9811 100644
+--- a/lib/version.c
++++ b/lib/version.c
+@@ -36,8 +36,8 @@
+ #  include <ares.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <stringprep.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_LIBPSL
+@@ -97,9 +97,9 @@ char *curl_version(void)
+   left -= len;
+   ptr += len;
+ #endif
+-#ifdef USE_LIBIDN
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
+-    len = snprintf(ptr, left, " libidn/%s", stringprep_check_version(NULL));
++#ifdef USE_LIBIDN2
++  if(idn2_check_version(IDN2_VERSION)) {
++    len = snprintf(ptr, left, " libidn2/%s", idn2_check_version(NULL));
+     left -= len;
+     ptr += len;
+   }
+@@ -344,10 +344,10 @@ curl_version_info_data *curl_version_info(CURLversion stamp)
+     version_info.ares_num = aresnum;
+   }
+ #endif
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+   /* This returns a version string if we use the given version or later,
+      otherwise it returns NULL */
+-  version_info.libidn = stringprep_check_version(LIBIDN_REQUIRED_VERSION);
++  version_info.libidn = idn2_check_version(IDN2_VERSION);
+   if(version_info.libidn)
+     version_info.features |= CURL_VERSION_IDN;
+ #elif defined(USE_WIN32_IDN)
diff --git a/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
new file mode 100644
index 0000000..7e2287d
--- /dev/null
+++ b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
@@ -0,0 +1,29 @@
+From c27013c05d99d92370b57e1a7af1b854eef4e7c1 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 31 Oct 2016 09:49:50 +0100
+Subject: [PATCH] url: remove unconditional idn2.h include
+
+Mistake brought by 9c91ec778104a
+
+Upstream-Status: Backport
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/url.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index c90a1c5..b997f41 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -67,8 +67,6 @@
+ bool curl_win32_idn_to_ascii(const char *in, char **out);
+ #endif  /* USE_LIBIDN2 */
+ 
+-#include <idn2.h>
+-
+ #include "urldata.h"
+ #include "netrc.h"
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl_7.47.1.bb b/meta/recipes-support/curl/curl_7.47.1.bb
index 3670a11..7fab7cf 100644
--- a/meta/recipes-support/curl/curl_7.47.1.bb
+++ b/meta/recipes-support/curl/curl_7.47.1.bb
@@ -15,6 +15,18 @@ SRC_URI += " file://configure_ac.patch \
              file://CVE-2016-5420.patch \
              file://CVE-2016-5421.patch \
              file://CVE-2016-7141.patch \
+             file://CVE-2016-8615.patch \
+             file://CVE-2016-8616.patch \
+             file://CVE-2016-8617.patch \
+             file://CVE-2016-8618.patch \
+             file://CVE-2016-8619.patch \
+             file://CVE-2016-8620.patch \
+             file://CVE-2016-8621.patch \
+             file://CVE-2016-8622.patch \
+             file://CVE-2016-8623.patch \
+             file://CVE-2016-8624.patch \
+             file://CVE-2016-8625.patch \
+             file://url-remove-unconditional-idn2.h-include.patch \
            "
 
 SRC_URI[md5sum] = "9ea3123449439bbd960cd25cf98796fb"
-- 
1.9.1



^ permalink raw reply related

* [PATCH v2 10/10] wic: selftest: add tests for --fixed-size partition flags
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

wic has a new flag for setting a fixed parition size --fixed-size. Add
tests that verify if partition is indeed sized properly and that errors
are signaled when there is not enough space to fit partition data.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 meta/lib/oeqa/selftest/wic.py | 65 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 65 insertions(+)

diff --git a/meta/lib/oeqa/selftest/wic.py b/meta/lib/oeqa/selftest/wic.py
index 799886c164a734bcc3226baf97f20d789ae55b56..954f8911eff6da6880d25b4fcd2d82fe0a26c4ba 100644
--- a/meta/lib/oeqa/selftest/wic.py
+++ b/meta/lib/oeqa/selftest/wic.py
@@ -27,6 +27,7 @@ import os
 
 from glob import glob
 from shutil import rmtree
+from tempfile import NamedTemporaryFile
 
 from oeqa.selftest.base import oeSelfTest
 from oeqa.utils.commands import runCmd, bitbake, get_bb_var, runqemu
@@ -341,3 +342,67 @@ class Wic(oeSelfTest):
         self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
                                    % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
+
+    def _make_fixed_size_wks(self, size):
+        """
+        Create a wks of an image with a single partition. Size of the partition is set
+        using --fixed-size flag. Returns a tuple: (path to wks file, wks image name)
+        """
+        with NamedTemporaryFile("w", suffix=".wks", delete=False) as tf:
+            wkspath = tf.name
+            tf.write("part " \
+                     "--source rootfs --ondisk hda --align 4 --fixed-size %d "
+                     "--fstype=ext4\n" % size)
+        wksname = os.path.splitext(os.path.basename(wkspath))[0]
+
+        return (wkspath, wksname)
+
+    def test_fixed_size(self):
+        """
+        Test creation of a simple image with partition size controlled through
+        --fixed-size flag
+        """
+        wkspath, wksname = self._make_fixed_size_wks(200)
+
+        wic_cmd_vars = {
+            'wks': wkspath,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
+        os.remove(wkspath)
+        wicout = glob(self.resultdir + "%s-*direct" % wksname)
+        self.assertEqual(1, len(wicout))
+
+        wicimg = wicout[0]
+
+        # verify partition size with wic
+        res = runCmd("parted -m %s unit mib p 2>/dev/null" % wicimg, ignore_status=True)
+        self.assertEqual(0, res.status)
+
+        # parse parted output which looks like this:
+        # BYT;\n
+        # /var/tmp/wic/build/tmpfwvjjkf_-201611101222-hda.direct:200MiB:file:512:512:msdos::;\n
+        # 1:0,00MiB:200MiB:200MiB:ext4::;\n
+        partlns = res.output.splitlines()[2:]
+
+        self.assertEqual(1, len(partlns))
+        self.assertEqual("1:0,00MiB:200MiB:200MiB:ext4::;", partlns[0])
+
+    def test_fixed_size_error(self):
+        """
+        Test creation of a simple image with partition size controlled through
+        --fixed-size flag. The size of partition is intentionally set to 1MiB
+        in order to trigger an error in wic.
+        """
+        wkspath, wksname = self._make_fixed_size_wks(1)
+
+        wic_cmd_vars = {
+            'wks': wkspath,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(1, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars, ignore_status=True).status)
+        os.remove(wkspath)
+        wicout = glob(self.resultdir + "%s-*direct" % wksname)
+        self.assertEqual(0, len(wicout))
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 09/10] wic: selftest: do not assume bzImage kernel image
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

Instead of assuming that bzImage is available, query bitbake enviroment
for KERNEL_IMAGETYPE.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 meta/lib/oeqa/selftest/wic.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/meta/lib/oeqa/selftest/wic.py b/meta/lib/oeqa/selftest/wic.py
index 8b86acb917134b389e38c8215a8dff6c7f91c005..799886c164a734bcc3226baf97f20d789ae55b56 100644
--- a/meta/lib/oeqa/selftest/wic.py
+++ b/meta/lib/oeqa/selftest/wic.py
@@ -332,7 +332,8 @@ class Wic(oeSelfTest):
     def test_sdimage_bootpart(self):
         """Test creation of sdimage-bootpart image"""
         image = "sdimage-bootpart"
-        self.write_config('IMAGE_BOOT_FILES = "bzImage"\n')
+        kimgtype = get_bb_var('KERNEL_IMAGETYPE', self.OE_IMAGE)
+        self.write_config('IMAGE_BOOT_FILES = "%s"\n' % kimgtype)
         wic_cmd_vars = {
             'wks': image,
             'image': self.OE_IMAGE,
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 08/10] wic: selftest: do not repeat core-image-minimal
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

Replace repeated core-image-minimal with Wic class field.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 meta/lib/oeqa/selftest/wic.py | 111 +++++++++++++++++++++++++++---------------
 1 file changed, 73 insertions(+), 38 deletions(-)

diff --git a/meta/lib/oeqa/selftest/wic.py b/meta/lib/oeqa/selftest/wic.py
index 60e31de5825c84fca21d4dbe946e5cc7af8df511..8b86acb917134b389e38c8215a8dff6c7f91c005 100644
--- a/meta/lib/oeqa/selftest/wic.py
+++ b/meta/lib/oeqa/selftest/wic.py
@@ -39,6 +39,8 @@ class Wic(oeSelfTest):
     resultdir = "/var/tmp/wic/build/"
     image_is_ready = False
 
+    OE_IMAGE = "core-image-minimal"
+
     def setUpLocal(self):
         """This code is executed before each test method."""
         targetarch = get_bb_var('TARGET_ARCH', 'core-image-minimal')
@@ -56,7 +58,7 @@ class Wic(oeSelfTest):
                 tools += 'syslinux syslinux-native'
             bitbake(tools)
 
-            bitbake('core-image-minimal')
+            bitbake(self.OE_IMAGE)
             Wic.image_is_ready = True
 
         rmtree(self.resultdir, ignore_errors=True)
@@ -80,13 +82,13 @@ class Wic(oeSelfTest):
     def test_build_image_name(self):
         """Test wic create directdisk --image-name core-image-minimal"""
         self.assertEqual(0, runCmd("wic create directdisk "
-                                   "--image-name core-image-minimal").status)
+                                   "--image-name %s" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + "directdisk-*.direct")))
 
     @testcase(1212)
     def test_build_artifacts(self):
         """Test wic create directdisk providing all artifacts."""
-        bbvars = dict((var.lower(), get_bb_var(var, 'core-image-minimal')) \
+        bbvars = dict((var.lower(), get_bb_var(var, self.OE_IMAGE)) \
                         for var in ('STAGING_DATADIR', 'DEPLOY_DIR_IMAGE',
                                     'STAGING_DIR_NATIVE', 'IMAGE_ROOTFS'))
         status = runCmd("wic create directdisk "
@@ -101,7 +103,7 @@ class Wic(oeSelfTest):
     def test_gpt_image(self):
         """Test creation of core-image-minimal with gpt table and UUID boot"""
         self.assertEqual(0, runCmd("wic create directdisk-gpt "
-                                   "--image-name core-image-minimal").status)
+                                   "--image-name %s" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + "directdisk-*.direct")))
 
     @testcase(1213)
@@ -134,8 +136,8 @@ class Wic(oeSelfTest):
     def test_compress_gzip(self):
         """Test compressing an image with gzip"""
         self.assertEqual(0, runCmd("wic create directdisk "
-                                   "--image-name core-image-minimal "
-                                   "-c gzip").status)
+                                   "--image-name %s "
+                                   "-c gzip" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + \
                                          "directdisk-*.direct.gz")))
 
@@ -143,8 +145,8 @@ class Wic(oeSelfTest):
     def test_compress_bzip2(self):
         """Test compressing an image with bzip2"""
         self.assertEqual(0, runCmd("wic create directdisk "
-                                   "--image-name core-image-minimal "
-                                   "-c bzip2").status)
+                                   "--image-name %s "
+                                   "-c bzip2" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + \
                                          "directdisk-*.direct.bz2")))
 
@@ -152,8 +154,8 @@ class Wic(oeSelfTest):
     def test_compress_xz(self):
         """Test compressing an image with xz"""
         self.assertEqual(0, runCmd("wic create directdisk "
-                                   "--image-name core-image-minimal "
-                                   "-c xz").status)
+                                   "--image-name %s "
+                                   "-c xz" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + \
                                          "directdisk-*.direct.xz")))
 
@@ -161,24 +163,29 @@ class Wic(oeSelfTest):
     def test_wrong_compressor(self):
         """Test how wic breaks if wrong compressor is provided"""
         self.assertEqual(2, runCmd("wic create directdisk "
-                                   "--image-name core-image-minimal "
-                                   "-c wrong", ignore_status=True).status)
+                                   "--image-name %s "
+                                   "-c wrong" % self.OE_IMAGE,
+                                   ignore_status=True).status)
 
     @testcase(1268)
     def test_rootfs_indirect_recipes(self):
         """Test usage of rootfs plugin with rootfs recipes"""
         wks = "directdisk-multi-rootfs"
-        self.assertEqual(0, runCmd("wic create %s "
-                                   "--image-name core-image-minimal "
-                                   "--rootfs rootfs1=core-image-minimal "
-                                   "--rootfs rootfs2=core-image-minimal" \
-                                   % wks).status)
+        wic_cmd_vars = {
+            'wks': wks,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s "
+                                   "--image-name %(image)s "
+                                   "--rootfs rootfs1=%(image)s "
+                                   "--rootfs rootfs2=%(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s*.direct" % wks)))
 
     @testcase(1269)
     def test_rootfs_artifacts(self):
         """Test usage of rootfs plugin with rootfs paths"""
-        bbvars = dict((var.lower(), get_bb_var(var, 'core-image-minimal')) \
+        bbvars = dict((var.lower(), get_bb_var(var, self.OE_IMAGE)) \
                         for var in ('STAGING_DATADIR', 'DEPLOY_DIR_IMAGE',
                                     'STAGING_DIR_NATIVE', 'IMAGE_ROOTFS'))
         bbvars['wks'] = "directdisk-multi-rootfs"
@@ -197,24 +204,23 @@ class Wic(oeSelfTest):
     def test_iso_image(self):
         """Test creation of hybrid iso image with legacy and EFI boot"""
         self.assertEqual(0, runCmd("wic create mkhybridiso "
-                                   "--image-name core-image-minimal").status)
+                                   "--image-name %s" % self.OE_IMAGE).status)
         self.assertEqual(1, len(glob(self.resultdir + "HYBRID_ISO_IMG-*.direct")))
         self.assertEqual(1, len(glob(self.resultdir + "HYBRID_ISO_IMG-*.iso")))
 
     @testcase(1347)
     def test_image_env(self):
         """Test generation of <image>.env files."""
-        image = 'core-image-minimal'
-        self.assertEqual(0, bitbake('%s -c do_rootfs_wicenv' % image).status)
-        stdir = get_bb_var('STAGING_DIR_TARGET', image)
+        self.assertEqual(0, bitbake('%s -c do_rootfs_wicenv' % self.OE_IMAGE).status)
+        stdir = get_bb_var('STAGING_DIR_TARGET', self.OE_IMAGE)
         imgdatadir = os.path.join(stdir, 'imgdata')
 
-        basename = get_bb_var('IMAGE_BASENAME', image)
-        self.assertEqual(basename, image)
+        basename = get_bb_var('IMAGE_BASENAME', self.OE_IMAGE)
+        self.assertEqual(basename, self.OE_IMAGE)
         path = os.path.join(imgdatadir, basename) + '.env'
         self.assertTrue(os.path.isfile(path))
 
-        wicvars = set(get_bb_var('WICVARS', image).split())
+        wicvars = set(get_bb_var('WICVARS', self.OE_IMAGE).split())
         # filter out optional variables
         wicvars = wicvars.difference(('HDDDIR', 'IMAGE_BOOT_FILES',
                                       'INITRD', 'ISODIR'))
@@ -244,32 +250,48 @@ class Wic(oeSelfTest):
     def test_qemux86_directdisk(self):
         """Test creation of qemux-86-directdisk image"""
         image = "qemux86-directdisk"
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
 
     @testcase(1349)
     def test_mkgummidisk(self):
         """Test creation of mkgummidisk image"""
         image = "mkgummidisk"
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
 
     @testcase(1350)
     def test_mkefidisk(self):
         """Test creation of mkefidisk image"""
         image = "mkefidisk"
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
 
     @testcase(1385)
     def test_directdisk_bootloader_config(self):
         """Test creation of directdisk-bootloader-config image"""
         image = "directdisk-bootloader-config"
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
 
     @testcase(1422)
@@ -286,7 +308,12 @@ class Wic(oeSelfTest):
     def test_bmap(self):
         """Test generation of .bmap file"""
         image = "directdisk"
-        status = runCmd("wic create %s -e core-image-minimal --bmap" % image).status
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        status = runCmd("wic create %(wks)s -e %(image)s --bmap" \
+                        % wic_cmd_vars).status
         self.assertEqual(0, status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct.bmap" % image)))
@@ -294,14 +321,22 @@ class Wic(oeSelfTest):
     def test_systemd_bootdisk(self):
         """Test creation of systemd-bootdisk image"""
         image = "systemd-bootdisk"
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wic)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
 
     def test_sdimage_bootpart(self):
         """Test creation of sdimage-bootpart image"""
         image = "sdimage-bootpart"
         self.write_config('IMAGE_BOOT_FILES = "bzImage"\n')
-        self.assertEqual(0, runCmd("wic create %s -e core-image-minimal" \
-                                   % image).status)
+        wic_cmd_vars = {
+            'wks': image,
+            'image': self.OE_IMAGE,
+        }
+        self.assertEqual(0, runCmd("wic create %(wks)s -e %(image)s" \
+                                   % wic_cmd_vars).status)
         self.assertEqual(1, len(glob(self.resultdir + "%s-*direct" % image)))
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 07/10] wic: selftest: avoid COMPATIBLE_HOST issues
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

wic tests will unconditionally attempt to build syslinux and add
configuration options that may not be compatible with current machine.

Resolve this by consulting TARGET_ARCH first and performing
configuration changes or recipe builds for targets that are known to be
compatible.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 meta/lib/oeqa/selftest/wic.py | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/meta/lib/oeqa/selftest/wic.py b/meta/lib/oeqa/selftest/wic.py
index faac11e21643e4c32a83b649b6ae986fead498f1..60e31de5825c84fca21d4dbe946e5cc7af8df511 100644
--- a/meta/lib/oeqa/selftest/wic.py
+++ b/meta/lib/oeqa/selftest/wic.py
@@ -41,15 +41,21 @@ class Wic(oeSelfTest):
 
     def setUpLocal(self):
         """This code is executed before each test method."""
-        self.write_config('IMAGE_FSTYPES += " hddimg"\n'
-                          'MACHINE_FEATURES_append = " efi"\n')
+        targetarch = get_bb_var('TARGET_ARCH', 'core-image-minimal')
+        if 'x86' in targetarch:
+            self.write_config('IMAGE_FSTYPES += " hddimg"\n'
+                              'MACHINE_FEATURES_append = " efi"\n')
 
         # Do this here instead of in setUpClass as the base setUp does some
         # clean up which can result in the native tools built earlier in
         # setUpClass being unavailable.
         if not Wic.image_is_ready:
-            bitbake('syslinux syslinux-native parted-native gptfdisk-native '
-                    'dosfstools-native mtools-native bmap-tools-native')
+            tools = 'parted-native gptfdisk-native ' \
+                    'dosfstools-native mtools-native bmap-tools-native'
+            if 'x86' in targetarch:
+                tools += 'syslinux syslinux-native'
+            bitbake(tools)
+
             bitbake('core-image-minimal')
             Wic.image_is_ready = True
 
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 06/10] oe-selftest: fix handling of test cases without ID in --list-tests-by
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

Running `oe-selftest --list-tests-by module wic` will produce the
following backtrace:

Traceback (most recent call last):
  File "<snip>/poky/scripts/oe-selftest", line 668, in <module>
    ret = main()
  File "<snip>/poky/scripts/oe-selftest", line 486, in main
    list_testsuite_by(criteria, keyword)
  File "<snip>/poky/scripts/oe-selftest", line 340, in list_testsuite_by
    ts = sorted([ (tc.tcid, tc.tctag, tc.tcname, tc.tcclass, tc.tcmodule) for tc in get_testsuite_by(criteria, keyword) ])
TypeError: unorderable types: int() < NoneType()

The root cause is that a test case does not necessarily have an ID
assigned, hence its value is None. Since Python 3 does not allow
comparison of heterogeneous types, TypeError is raised.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/oe-selftest | 13 +++++++++----
 1 file changed, 9 insertions(+), 4 deletions(-)

diff --git a/scripts/oe-selftest b/scripts/oe-selftest
index d9ffd40e8c4caa734cd490d77304cc600cc75b73..c3215ea6592e128d17da550d778272985f5bd1a6 100755
--- a/scripts/oe-selftest
+++ b/scripts/oe-selftest
@@ -336,10 +336,15 @@ def list_testsuite_by(criteria, keyword):
     # Get a testsuite based on 'keyword'
     # criteria: name, class, module, id, tag
     # keyword: a list of tests, classes, modules, ids, tags
-
-    ts = sorted([ (tc.tcid, tc.tctag, tc.tcname, tc.tcclass, tc.tcmodule) for tc in get_testsuite_by(criteria, keyword) ])
-
-    print('%-4s\t%-20s\t%-60s\t%-25s\t%-20s' % ('id', 'tag', 'name', 'class', 'module'))
+    def tc_key(t):
+        if t[0] is None:
+            return  (0,) + t[1:]
+        return t
+    # tcid may be None if no ID was assigned, in which case sorted() will throw
+    # a TypeError as Python 3 does not allow comparison (<,<=,>=,>) of
+    # heterogeneous types, handle this by using a custom key generator
+    ts = sorted([ (tc.tcid, tc.tctag, tc.tcname, tc.tcclass, tc.tcmodule) \
+                  for tc in get_testsuite_by(criteria, keyword) ], key=tc_key)
     print('_' * 150)
     for t in ts:
         if isinstance(t[1], (tuple, list)):
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 05/10] wic: add --fixed-size wks option
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

Added new option --fixed-size to wks. The option can be used to indicate
the exact size of a partition. The option cannot be added together with
--size, in which case an error will be raised. Other options that
influence automatic partition size (--extra-space, --overhead-factor),
if specifiec along with --fixed-size, will raise an error.

If it partition data is larger than the amount of space specified with
--fixed-size option wic will raise an error.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/lib/wic/help.py                | 14 ++++--
 scripts/lib/wic/imager/direct.py       |  2 +-
 scripts/lib/wic/ksparser.py            | 41 ++++++++++++++--
 scripts/lib/wic/partition.py           | 88 +++++++++++++++++++++-------------
 scripts/lib/wic/utils/partitionedfs.py |  2 +-
 5 files changed, 105 insertions(+), 42 deletions(-)

diff --git a/scripts/lib/wic/help.py b/scripts/lib/wic/help.py
index e5347ec4b7c900c68fc64351a5293e75de0672b3..daa11bf489c135627ddfe4cef968e48f8e3ad1d8 100644
--- a/scripts/lib/wic/help.py
+++ b/scripts/lib/wic/help.py
@@ -646,6 +646,12 @@ DESCRIPTION
                  not specified, the size is in MB.
                  You do not need this option if you use --source.
 
+         --fixed-size: Exact partition size. Value format is the same
+                       as for --size option. This option cannot be
+                       specified along with --size. If partition data
+                       is larger than --fixed-size and error will be
+                       raised when assembling disk image.
+
          --source: This option is a wic-specific option that names the
                    source of the data that will populate the
                    partition.  The most common value for this option
@@ -719,13 +725,15 @@ DESCRIPTION
                         space after the space filled by the content
                         of the partition. The final size can go
                         beyond the size specified by --size.
-                        By default, 10MB.
+                        By default, 10MB. This option cannot be used
+                        with --fixed-size option.
 
          --overhead-factor: This option is specific to wic. The
                             size of the partition is multiplied by
                             this factor. It has to be greater than or
-                            equal to 1.
-                            The default value is 1.3.
+                            equal to 1. The default value is 1.3.
+                            This option cannot be used with --fixed-size
+                            option.
 
          --part-type: This option is specific to wic. It specifies partition
                       type GUID for GPT partitions.
diff --git a/scripts/lib/wic/imager/direct.py b/scripts/lib/wic/imager/direct.py
index 2bedef08d6450096c786def6f75a9ee53fcd4b3b..11ec15e33f65885618c7adc83e55c6a39fedbe99 100644
--- a/scripts/lib/wic/imager/direct.py
+++ b/scripts/lib/wic/imager/direct.py
@@ -290,7 +290,7 @@ class DirectImageCreator(BaseImageCreator):
                          self.bootimg_dir, self.kernel_dir, self.native_sysroot)
 
 
-            self.__image.add_partition(int(part.size),
+            self.__image.add_partition(part.disk_size,
                                        part.disk,
                                        part.mountpoint,
                                        part.source_file,
diff --git a/scripts/lib/wic/ksparser.py b/scripts/lib/wic/ksparser.py
index 0894e2b199a299fbbed272f2e1c95e9d692e3ab1..62c490274aa92bf82aac304d9323250e3b728d0c 100644
--- a/scripts/lib/wic/ksparser.py
+++ b/scripts/lib/wic/ksparser.py
@@ -113,6 +113,9 @@ def systemidtype(arg):
 class KickStart():
     """"Kickstart parser implementation."""
 
+    DEFAULT_EXTRA_SPACE = 10*1024
+    DEFAULT_OVERHEAD_FACTOR = 1.3
+
     def __init__(self, confpath):
 
         self.partitions = []
@@ -127,16 +130,24 @@ class KickStart():
         part.add_argument('mountpoint', nargs='?')
         part.add_argument('--active', action='store_true')
         part.add_argument('--align', type=int)
-        part.add_argument("--extra-space", type=sizetype, default=10*1024)
+        part.add_argument("--extra-space", type=sizetype)
         part.add_argument('--fsoptions', dest='fsopts')
         part.add_argument('--fstype')
         part.add_argument('--label')
         part.add_argument('--no-table', action='store_true')
         part.add_argument('--ondisk', '--ondrive', dest='disk')
-        part.add_argument("--overhead-factor", type=overheadtype, default=1.3)
+        part.add_argument("--overhead-factor", type=overheadtype)
         part.add_argument('--part-type')
         part.add_argument('--rootfs-dir')
-        part.add_argument('--size', type=sizetype, default=0)
+
+        # --size and --fixed-size cannot be specified together; options
+        # ----extra-space and --overhead-factor should also raise a parser
+        # --error, but since nesting mutually exclusive groups does not work,
+        # ----extra-space/--overhead-factor are handled later
+        sizeexcl = part.add_mutually_exclusive_group()
+        sizeexcl.add_argument('--size', type=sizetype, default=0)
+        sizeexcl.add_argument('--fixed-size', type=sizetype, default=0)
+
         part.add_argument('--source')
         part.add_argument('--sourceparams')
         part.add_argument('--system-id', type=systemidtype)
@@ -170,11 +181,33 @@ class KickStart():
                 lineno += 1
                 if line and line[0] != '#':
                     try:
-                        parsed = parser.parse_args(shlex.split(line))
+                        line_args = shlex.split(line)
+                        parsed = parser.parse_args(line_args)
                     except ArgumentError as err:
                         raise KickStartError('%s:%d: %s' % \
                                              (confpath, lineno, err))
                     if line.startswith('part'):
+                        # using ArgumentParser one cannot easily tell if option
+                        # was passed as argument, if said option has a default
+                        # value; --overhead-factor/--extra-space cannot be used
+                        # with --fixed-size, so at least detect when these were
+                        # passed with non-0 values ...
+                        if parsed.fixed_size:
+                            if parsed.overhead_factor or parsed.extra_space:
+                                err = "%s:%d: arguments --overhead-factor and --extra-space not "\
+                                      "allowed with argument --fixed-size" \
+                                      % (confpath, lineno)
+                                raise KickStartError(err)
+                        else:
+                            # ... and provide defaults if not using
+                            # --fixed-size iff given option was not used
+                            # (again, one cannot tell if option was passed but
+                            # with value equal to 0)
+                            if '--overhead-factor' not in line_args:
+                                parsed.overhead_factor = self.DEFAULT_OVERHEAD_FACTOR
+                            if '--extra-space' not in line_args:
+                                parsed.extra_space = self.DEFAULT_EXTRA_SPACE
+
                         self.partnum += 1
                         self.partitions.append(Partition(parsed, self.partnum))
                     elif line.startswith('include'):
diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index ac4c836bdb53300d3a4e4c09926b7b1514b8faf2..8cf966ebc6d07490c44cefc93acbe5868be30ac7 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -54,6 +54,7 @@ class Partition():
         self.part_type = args.part_type
         self.rootfs_dir = args.rootfs_dir
         self.size = args.size
+        self.fixed_size = args.fixed_size
         self.source = args.source
         self.sourceparams = args.sourceparams
         self.system_id = args.system_id
@@ -87,6 +88,41 @@ class Partition():
         else:
             return 0
 
+    def get_rootfs_size(self, actual_rootfs_size=0):
+        """
+        Calculate the required size of rootfs taking into consideration
+        --size/--fixed-size flags as well as overhead and extra space, as
+        specified in kickstart file. Raises an error if the
+        `actual_rootfs_size` is larger than fixed-size rootfs.
+
+        """
+        if self.fixed_size:
+            rootfs_size = self.fixed_size
+            if actual_rootfs_size > rootfs_size:
+                msger.error("Actual rootfs size (%d kB) is larger than allowed size %d kB" \
+                            %(actual_rootfs_size, rootfs_size))
+        else:
+            extra_blocks = self.get_extra_block_count(actual_rootfs_size)
+            if extra_blocks < self.extra_space:
+                extra_blocks = self.extra_space
+
+            rootfs_size = actual_rootfs_size + extra_blocks
+            rootfs_size *= self.overhead_factor
+
+            msger.debug("Added %d extra blocks to %s to get to %d total blocks" % \
+                        (extra_blocks, self.mountpoint, rootfs_size))
+
+        return rootfs_size
+
+    @property
+    def disk_size(self):
+        """
+        Obtain on-disk size of partition taking into consideration
+        --size/--fixed-size options.
+
+        """
+        return self.fixed_size if self.fixed_size else self.size
+
     def prepare(self, creator, cr_workdir, oe_builddir, rootfs_dir,
                 bootimg_dir, kernel_dir, native_sysroot):
         """
@@ -97,9 +133,9 @@ class Partition():
             self.sourceparams_dict = parse_sourceparams(self.sourceparams)
 
         if not self.source:
-            if not self.size:
-                msger.error("The %s partition has a size of zero.  Please "
-                            "specify a non-zero --size for that partition." % \
+            if not self.size and not self.fixed_size:
+                msger.error("The %s partition has a size of zero. Please "
+                            "specify a non-zero --size/--fixed-size for that partition." % \
                             self.mountpoint)
             if self.fstype and self.fstype == "swap":
                 self.prepare_swap_partition(cr_workdir, oe_builddir,
@@ -146,6 +182,7 @@ class Partition():
                                                      oe_builddir,
                                                      bootimg_dir, kernel_dir, rootfs_dir,
                                                      native_sysroot)
+
         # further processing required Partition.size to be an integer, make
         # sure that it is one
         if type(self.size) is not int:
@@ -153,6 +190,12 @@ class Partition():
                           "This a bug in source plugin %s and needs to be fixed." \
                           % (self.mountpoint, self.source))
 
+        if self.fixed_size and self.size > self.fixed_size:
+            msger.error("File system image of partition %s is larger (%d kB) than its"\
+                        "allowed size %d kB" % (self.mountpoint,
+                                                self.size, self.fixed_size))
+
+
     def prepare_rootfs_from_fs_image(self, cr_workdir, oe_builddir,
                                      rootfs_dir):
         """
@@ -217,15 +260,7 @@ class Partition():
         out = exec_cmd(du_cmd)
         actual_rootfs_size = int(out.split()[0])
 
-        extra_blocks = self.get_extra_block_count(actual_rootfs_size)
-        if extra_blocks < self.extra_space:
-            extra_blocks = self.extra_space
-
-        rootfs_size = actual_rootfs_size + extra_blocks
-        rootfs_size *= self.overhead_factor
-
-        msger.debug("Added %d extra blocks to %s to get to %d total blocks" % \
-                    (extra_blocks, self.mountpoint, rootfs_size))
+        rootfs_size = self.get_rootfs_size(actual_rootfs_size)
 
         with open(rootfs, 'w') as sparse:
             os.ftruncate(sparse.fileno(), rootfs_size * 1024)
@@ -251,15 +286,7 @@ class Partition():
         out = exec_cmd(du_cmd)
         actual_rootfs_size = int(out.split()[0])
 
-        extra_blocks = self.get_extra_block_count(actual_rootfs_size)
-        if extra_blocks < self.extra_space:
-            extra_blocks = self.extra_space
-
-        rootfs_size = actual_rootfs_size + extra_blocks
-        rootfs_size *= self.overhead_factor
-
-        msger.debug("Added %d extra blocks to %s to get to %d total blocks" % \
-                    (extra_blocks, self.mountpoint, rootfs_size))
+        rootfs_size = self.get_rootfs_size(actual_rootfs_size)
 
         with open(rootfs, 'w') as sparse:
             os.ftruncate(sparse.fileno(), rootfs_size * 1024)
@@ -281,20 +308,13 @@ class Partition():
         out = exec_cmd(du_cmd)
         blocks = int(out.split()[0])
 
-        extra_blocks = self.get_extra_block_count(blocks)
-        if extra_blocks < self.extra_space:
-            extra_blocks = self.extra_space
-
-        blocks += extra_blocks
-
-        msger.debug("Added %d extra blocks to %s to get to %d total blocks" % \
-                    (extra_blocks, self.mountpoint, blocks))
+        rootfs_size = self.get_rootfs_size(blocks)
 
         label_str = "-n boot"
         if self.label:
             label_str = "-n %s" % self.label
 
-        dosfs_cmd = "mkdosfs %s -S 512 -C %s %d" % (label_str, rootfs, blocks)
+        dosfs_cmd = "mkdosfs %s -S 512 -C %s %d" % (label_str, rootfs, rootfs_size)
         exec_native_cmd(dosfs_cmd, native_sysroot)
 
         mcopy_cmd = "mcopy -i %s -s %s/* ::/" % (rootfs, rootfs_dir)
@@ -317,8 +337,9 @@ class Partition():
         """
         Prepare an empty ext2/3/4 partition.
         """
+        size = self.disk_size
         with open(rootfs, 'w') as sparse:
-            os.ftruncate(sparse.fileno(), self.size * 1024)
+            os.ftruncate(sparse.fileno(), size * 1024)
 
         extra_imagecmd = "-i 8192"
 
@@ -335,8 +356,9 @@ class Partition():
         """
         Prepare an empty btrfs partition.
         """
+        size = self.disk_size
         with open(rootfs, 'w') as sparse:
-            os.ftruncate(sparse.fileno(), self.size * 1024)
+            os.ftruncate(sparse.fileno(), size * 1024)
 
         label_str = ""
         if self.label:
@@ -351,7 +373,7 @@ class Partition():
         """
         Prepare an empty vfat partition.
         """
-        blocks = self.size
+        blocks = self.disk_size
 
         label_str = "-n boot"
         if self.label:
diff --git a/scripts/lib/wic/utils/partitionedfs.py b/scripts/lib/wic/utils/partitionedfs.py
index 9e76487844eebfffc7227d053a65dc9fdab3678b..cfa5f5ce09b764c1c2a9b7a3f7bf7d677a6811c4 100644
--- a/scripts/lib/wic/utils/partitionedfs.py
+++ b/scripts/lib/wic/utils/partitionedfs.py
@@ -209,7 +209,7 @@ class Image():
             msger.debug("Assigned %s to %s%d, sectors range %d-%d size %d "
                         "sectors (%d bytes)." \
                             % (part['mountpoint'], part['disk_name'], part['num'],
-                               part['start'], part['start'] + part['size'] - 1,
+                               part['start'], disk['offset'] - 1,
                                part['size'], part['size'] * self.sector_size))
 
         # Once all the partitions have been layed out, we can calculate the
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 04/10] wic: fix function comment typos
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

Fix typos in documentation of Image.add_partition() and
Image.__format_disks().

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/lib/wic/utils/partitionedfs.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/lib/wic/utils/partitionedfs.py b/scripts/lib/wic/utils/partitionedfs.py
index cb03009fc7e3c97305079629ded7d2ff01eba4c4..9e76487844eebfffc7227d053a65dc9fdab3678b 100644
--- a/scripts/lib/wic/utils/partitionedfs.py
+++ b/scripts/lib/wic/utils/partitionedfs.py
@@ -92,7 +92,7 @@ class Image():
     def add_partition(self, size, disk_name, mountpoint, source_file=None, fstype=None,
                       label=None, fsopts=None, boot=False, align=None, no_table=False,
                       part_type=None, uuid=None, system_id=None):
-        """ Add the next partition. Prtitions have to be added in the
+        """ Add the next partition. Partitions have to be added in the
         first-to-last order. """
 
         ks_pnum = len(self.partitions)
@@ -292,7 +292,7 @@ class Image():
             # even number of sectors.
             if part['mountpoint'] == "/boot" and part['fstype'] in ["vfat", "msdos"] \
                and part['size'] % 2:
-                msger.debug("Substracting one sector from '%s' partition to " \
+                msger.debug("Subtracting one sector from '%s' partition to " \
                             "get even number of sectors for the partition" % \
                             part['mountpoint'])
                 part['size'] -= 1
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 03/10] wic: check that filesystem is specified for a rootfs partition
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

We explicitly check for --fstype if no source was provided for a
partition. However, this was not the case for rootfs partitions. Make
sure to raise an error if filesystem was left unspecified when preparing
a rootfs partition image.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/lib/wic/partition.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index f3835339afc5091604ffd7f0d0acf1d1ad4351cc..ac4c836bdb53300d3a4e4c09926b7b1514b8faf2 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -190,6 +190,10 @@ class Partition():
         if os.path.isfile(rootfs):
             os.remove(rootfs)
 
+        if not self.fstype:
+            msger.error("File system for partition %s not specified in kickstart, " \
+                        "use --fstype option" % (self.mountpoint))
+
         for prefix in ("ext", "btrfs", "vfat", "squashfs"):
             if self.fstype.startswith(prefix):
                 method = getattr(self, "prepare_rootfs_" + prefix)
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 02/10] wic: use partition size when creating empty partition files
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

It seems that prepare_empty_partition_ext() and
prepare_empty_partition_btrfs() got broken in commit
c8669749e37fe865c197c98d5671d9de176ff4dd, thus one could observe the
following backtrace:

Backtrace:
  File "<snip>/poky/scripts/lib/wic/plugins/imager/direct_plugin.py", line 93, in do_create
    creator.create()
  File "<snip>/poky/scripts/lib/wic/imager/baseimager.py", line 159, in create
    self._create()
  File "<snip>/poky/scripts/lib/wic/imager/direct.py", line 290, in _create
    self.bootimg_dir, self.kernel_dir, self.native_sysroot)
  File "<snip>/poky/scripts/lib/wic/partition.py", line 146, in prepare
    method(rootfs, oe_builddir, native_sysroot)
  File "<snip>/poky/scripts/lib/wic/partition.py", line 325, in prepare_empty_partition_ext
    os.ftruncate(sparse.fileno(), rootfs_size * 1024)
NameError: name 'rootfs_size' is not defined

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/lib/wic/partition.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index 959035a97110244ffe56e95a886e122c400d4779..f3835339afc5091604ffd7f0d0acf1d1ad4351cc 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -314,7 +314,7 @@ class Partition():
         Prepare an empty ext2/3/4 partition.
         """
         with open(rootfs, 'w') as sparse:
-            os.ftruncate(sparse.fileno(), rootfs_size * 1024)
+            os.ftruncate(sparse.fileno(), self.size * 1024)
 
         extra_imagecmd = "-i 8192"
 
@@ -332,7 +332,7 @@ class Partition():
         Prepare an empty btrfs partition.
         """
         with open(rootfs, 'w') as sparse:
-            os.ftruncate(sparse.fileno(), rootfs_size * 1024)
+            os.ftruncate(sparse.fileno(), self.size * 1024)
 
         label_str = ""
         if self.label:
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 01/10] wic: make sure that partition size is always an integer in internal processing
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki
In-Reply-To: <cover.1478779674.git.maciej.borzecki@rndity.com>

The size field of Partition class is expected to be an integer and ought
to be set inside prepare_*() method. Make sure that this is always the
case.

Signed-off-by: Maciej Borzecki <maciej.borzecki@rndity.com>
---
 scripts/lib/wic/partition.py                  | 12 +++++++++---
 scripts/lib/wic/plugins/source/bootimg-efi.py |  2 +-
 scripts/lib/wic/plugins/source/rawcopy.py     |  4 ++--
 3 files changed, 12 insertions(+), 6 deletions(-)

diff --git a/scripts/lib/wic/partition.py b/scripts/lib/wic/partition.py
index 89c33ab8b7d54bb14678b2e07e706e3feb6ae57a..959035a97110244ffe56e95a886e122c400d4779 100644
--- a/scripts/lib/wic/partition.py
+++ b/scripts/lib/wic/partition.py
@@ -146,6 +146,12 @@ class Partition():
                                                      oe_builddir,
                                                      bootimg_dir, kernel_dir, rootfs_dir,
                                                      native_sysroot)
+        # further processing required Partition.size to be an integer, make
+        # sure that it is one
+        if type(self.size) is not int:
+            msger.error("Partition %s internal size is not an integer. " \
+                          "This a bug in source plugin %s and needs to be fixed." \
+                          % (self.mountpoint, self.source))
 
     def prepare_rootfs_from_fs_image(self, cr_workdir, oe_builddir,
                                      rootfs_dir):
@@ -157,7 +163,7 @@ class Partition():
         out = exec_cmd(du_cmd)
         rootfs_size = out.split()[0]
 
-        self.size = rootfs_size
+        self.size = int(rootfs_size)
         self.source_file = rootfs
 
     def prepare_rootfs(self, cr_workdir, oe_builddir, rootfs_dir,
@@ -194,7 +200,7 @@ class Partition():
                 # get the rootfs size in the right units for kickstart (kB)
                 du_cmd = "du -Lbks %s" % rootfs
                 out = exec_cmd(du_cmd)
-                self.size = out.split()[0]
+                self.size = int(out.split()[0])
 
                 break
 
@@ -379,7 +385,7 @@ class Partition():
         out = exec_cmd(du_cmd)
         fs_size = out.split()[0]
 
-        self.size = fs_size
+        self.size = int(fs_size)
 
     def prepare_swap_partition(self, cr_workdir, oe_builddir, native_sysroot):
         """
diff --git a/scripts/lib/wic/plugins/source/bootimg-efi.py b/scripts/lib/wic/plugins/source/bootimg-efi.py
index 8bc362254d8c06511aa2cf0d5e1bf6f5aa93804b..4adb80becc11a6d30ffeae64ff87ebeb959dde86 100644
--- a/scripts/lib/wic/plugins/source/bootimg-efi.py
+++ b/scripts/lib/wic/plugins/source/bootimg-efi.py
@@ -234,5 +234,5 @@ class BootimgEFIPlugin(SourcePlugin):
         out = exec_cmd(du_cmd)
         bootimg_size = out.split()[0]
 
-        part.size = bootimg_size
+        part.size = int(bootimg_size)
         part.source_file = bootimg
diff --git a/scripts/lib/wic/plugins/source/rawcopy.py b/scripts/lib/wic/plugins/source/rawcopy.py
index e0b11f95adb5a2c55fdc3b5e3ff1f4b463e2be9d..5bd22fdeb55bc2f0b38ffcc2a46cf18ade5425ef 100644
--- a/scripts/lib/wic/plugins/source/rawcopy.py
+++ b/scripts/lib/wic/plugins/source/rawcopy.py
@@ -78,9 +78,9 @@ class RawCopyPlugin(SourcePlugin):
         # get the size in the right units for kickstart (kB)
         du_cmd = "du -Lbks %s" % dst
         out = exec_cmd(du_cmd)
-        filesize = out.split()[0]
+        filesize = int(out.split()[0])
 
-        if int(filesize) > int(part.size):
+        if filesize > part.size:
             part.size = filesize
 
         part.source_file = dst
-- 
2.5.0



^ permalink raw reply related

* [PATCH v2 00/10] wic: bugfixes & --fixed-size support, tests, selftest: minor fixes
From: Maciej Borzecki @ 2016-11-10 12:18 UTC (permalink / raw)
  To: openembedded-core; +Cc: Paul Eggleton, Maciej Borzecki

v2 of patch series previously posted here [1].

The series introduces anumber of fixes to wic, as well as a new --fixed-size
option applicable to `part` entries in kickstart files. The option makes it
possible to have a fixed size partition, with additional verification that the
file system image fits into the allocated disk space. This is in cotrast with
--size option, which the minimum size, and partition may in fact be larger in
the final disk image.

The series introduces two tests that verify if wic has created the image with
properly sized partition and that partition size checks work as expected.

Patch `oe-selftest: fix handling of test cases without ID in --list-tests-by` is
a small bugfix for oe-selftes tool which resolves an issue triggered by Python
3.x being more strict than 2.x.

[1]. http://lists.openembedded.org/pipermail/openembedded-core/2016-November/128540.html

Maciej Borzecki (10):
  wic: make sure that partition size is always an integer in internal
    processing
  wic: use partition size when creating empty partition files
  wic: check that filesystem is specified for a rootfs partition
  wic: fix function comment typos
  wic: add --fixed-size wks option
  oe-selftest: fix handling of test cases without ID in --list-tests-by
  wic: selftest: avoid COMPATIBLE_HOST issues
  wic: selftest: do not repeat core-image-minimal
  wic: selftest: do not assume bzImage kernel image
  wic: selftest: add tests for --fixed-size partition flags

 meta/lib/oeqa/selftest/wic.py                 | 193 ++++++++++++++++++++------
 scripts/lib/wic/help.py                       |  14 +-
 scripts/lib/wic/imager/direct.py              |   2 +-
 scripts/lib/wic/ksparser.py                   |  41 +++++-
 scripts/lib/wic/partition.py                  | 104 +++++++++-----
 scripts/lib/wic/plugins/source/bootimg-efi.py |   2 +-
 scripts/lib/wic/plugins/source/rawcopy.py     |   4 +-
 scripts/lib/wic/utils/partitionedfs.py        |   6 +-
 scripts/oe-selftest                           |  13 +-
 9 files changed, 282 insertions(+), 97 deletions(-)

-- 
2.5.0



^ permalink raw reply

* [PATCH] python3-native: Extend RPROVIDES list
From: Otavio Salvador @ 2016-11-10 12:14 UTC (permalink / raw)
  To: OpenEmbedded Core Mailing List; +Cc: Otavio Salvador

This extends the RPROVIDES list to include:

 - python3-datetime-native
 - python3-enum-native
 - python3-terminal-native

Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
---

 meta/recipes-devtools/python/python3-native_3.5.2.bb | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/meta/recipes-devtools/python/python3-native_3.5.2.bb b/meta/recipes-devtools/python/python3-native_3.5.2.bb
index 594f15c..93bcc33 100644
--- a/meta/recipes-devtools/python/python3-native_3.5.2.bb
+++ b/meta/recipes-devtools/python/python3-native_3.5.2.bb
@@ -46,6 +46,9 @@ RPROVIDES += " \
     python3-compression-native \
     python3-core-native \
     python3-distutils-native \
+    python3-datetime-native \
+    python3-enum-native \
+    python3-terminal-native \
     python3-email-native \
     python3-importlib-native \
     python3-io-native \
-- 
2.10.2



^ permalink raw reply related

* Re: [Patch v2 12/14] ltp: Reduce duplication in MIPS variants.
From: Zubair Lutfullah Kakakhel @ 2016-11-10 11:37 UTC (permalink / raw)
  To: Khem Raj, Burton, Ross; +Cc: OE-core
In-Reply-To: <5ac79668-0555-5329-e9d3-048ee217d3ff@gmail.com>

Hi,

On 11/09/2016 12:46 AM, Khem Raj wrote:
>
>
> On 11/8/16 4:13 PM, Burton, Ross wrote:
>>
>> On 8 November 2016 at 17:12, Zubair Lutfullah Kakakhel
>> <Zubair.Kakakhel@imgtec.com <mailto:Zubair.Kakakhel@imgtec.com>> wrote:
>>
>>     Reduce duplication in MIPS variants now that the MACHINEOVERRIDES
>>     variable is defined
>>
>>
>> I'm guessing that this is the cause of this error for qemumips64:
>>
>> http://errors.yoctoproject.org/Errors/Details/99744/
>
> seems to be yes.

I can't seem to be able to reproduce this error using just my patches on top of poky master.

Regards,
ZubairLK

>
>>
>> Ross
>>
>>
>


^ permalink raw reply

* [PATCH] sysvinit-inittab: make TERM=vt102 on serial consoles
From: André Draszik @ 2016-11-10 10:47 UTC (permalink / raw)
  To: openembedded-core

From: André Draszik <adraszik@tycoint.com>

This makes more sense than the default TERM=linux (as set
by the linux kernel).
In addition, when using busybox init, it tries to achieve
the same (in a different way).

Both agetty, and busybox getty support the terminal type as
the last argument.

Signed-off-by: André Draszik <adraszik@tycoint.com>
---
 meta/recipes-core/sysvinit/sysvinit-inittab/start_getty | 2 +-
 meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb  | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty b/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
index 6eaeb7a..e3d052a 100644
--- a/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
+++ b/meta/recipes-core/sysvinit/sysvinit-inittab/start_getty
@@ -1,5 +1,5 @@
 #!/bin/sh
 if [ -c /dev/$2 ]
 then 
-	/sbin/getty -L $1 $2
+	/sbin/getty -L $1 $2 $3
 fi
diff --git a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
index f136ad8..c219cbf 100644
--- a/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
+++ b/meta/recipes-core/sysvinit/sysvinit-inittab_2.88dsf.bb
@@ -28,7 +28,7 @@ do_install() {
 	j=`echo ${i} | sed s/\;/\ /g`
 	l=`echo ${i} | sed -e 's/tty//' -e 's/^.*;//' -e 's/;.*//'`
 	label=`echo $l | sed 's/.*\(....\)/\1/'`
-	echo "$label:12345:respawn:${base_bindir}/start_getty ${j}" >> ${D}${sysconfdir}/inittab
+	echo "$label:12345:respawn:${base_bindir}/start_getty ${j} vt102" >> ${D}${sysconfdir}/inittab
     done
 
     if [ "${USE_VT}" = "1" ]; then
-- 
2.10.2



^ permalink raw reply related

* [PATCH] opkg-utils: clear update-alternatives database on uninstall
From: André Draszik @ 2016-11-10 10:46 UTC (permalink / raw)
  To: openembedded-core

From: André Draszik <adraszik@tycoint.com>

When uninstalling update-alternatives, it doesn't seem to
make much sense to keep the update-alternatives database
around.
In particular when removing packaging data, e.g. due to
read-only rootfs, update-alternatives is removed from
the target file system. Leaving its database around
serves no purpose in that case as there is no way to
use it afterwards anyway.

This frees close to 700KB of (uncompressed) space in
a busybox based environment.

Signed-off-by: André Draszik <adraszik@tycoint.com>
---
 meta/recipes-devtools/opkg-utils/opkg-utils_git.bb | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb b/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb
index a7aec45..19a852e 100644
--- a/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb
+++ b/meta/recipes-devtools/opkg-utils/opkg-utils_git.bb
@@ -43,4 +43,9 @@ RPROVIDES_update-alternatives-opkg = "update-alternatives update-alternatives-cw
 RREPLACES_update-alternatives-opkg = "update-alternatives-cworth"
 RCONFLICTS_update-alternatives-opkg = "update-alternatives-cworth"
 
+pkg_postrm_update-alternatives-opkg() {
+	rm -rf $OPKG_OFFLINE_ROOT${nonarch_libdir}/opkg/alternatives
+	rmdir --ignore-fail-on-non-empty $OPKG_OFFLINE_ROOT${nonarch_libdir}/opkg
+}
+
 BBCLASSEXTEND = "native nativesdk"
-- 
2.10.2



^ permalink raw reply related

* Re: [PATCH] u-boot: mkimage: fix build
From: Stefan Müller-Klieser @ 2016-11-10 10:01 UTC (permalink / raw)
  To: Burton, Ross; +Cc: OE-core
In-Reply-To: <CAJTo0Lb1-FjGzvxn6Lsc6Lme4LB6=Rs8rv_vggS8SkXPHRcduw@mail.gmail.com>

On 07.11.2016 16:00, Burton, Ross wrote:
> On 4 November 2016 at 11:06, Stefan Müller-Klieser <
> s.mueller-klieser@phytec.de> wrote:
> 
>> This fixes the mkimage build for situations where HOSTCC and friends
>> need to be overridden and the u-boot makefile defaults don't work.
>>
> 
> I applied this on top of the u-boot upgrades and it still breaks:
> 
> make -f ./scripts/Makefile.build obj=tools
>   x86_64-poky-linux-gcc  -m64 -march=corei7 -mtune=corei7 -mfpmath=sse
> -msse4.2 --sysroot=/data/poky-master/tmp-glibc/sysroots/intel-corei7-64
> -Wp,-MD,tools/.bin2header.d -O2 -pipe -g -feliminate-unused-debug-types
> -fdebug-prefix-map=/data/poky-master/tmp-glibc/work/corei7-64-poky-linux/u-boot-mkimage/2016.09.01-r0=/usr/src/debug/u-boot-mkimage/2016.09.01-r0
> -fdebug-prefix-map=/data/poky-master/tmp-glibc/sysroots/x86_64-linux=
> -fdebug-prefix-map=/data/poky-master/tmp-glibc/sysroots/intel-corei7-64=
>  -fstack-protector-strong -pie -fpie -D_FORTIFY_SOURCE=2 -Wformat
> -Wformat-security -Werror=format-security   -DCONFIG_FIT_SIGNATURE -include
> ./include/libfdt_env.h -idirafterinclude -idirafter./arch/sandbox/include
> -I./lib/libfdt -I./tools -DCONFIG_SYS_TEXT_BASE=0 -DUSE_HOSTCC
> -D__KERNEL_STRICT_NAMES -D_GNU_SOURCE  -o tools/bin2header
> tools/bin2header.c
> ...
> cat ./Licenses/gpl-2.0.txt | gzip -9 -c | \
> tools/bin2header license_gzip > ./include/license.h
> /bin/sh: 2: tools/bin2header: not found
> tools/Makefile:256: recipe for target 'include/license.h' failed
> 
> Looks like HOSTCC isn't being set correctly.

Ok, this bin2header issue seems to be unrelated, as Marek sent a v1 upstream, fixing
the execution path. I am not in a hurry with the oe-core, so please ignore the patch.
I will send it upstream first.

Stefan

> 
> Ross
> 


^ permalink raw reply

* [PATCHv2][krogoth] curl: fix multiple CVEs
From: Sona Sarmadi @ 2016-11-10  9:23 UTC (permalink / raw)
  To: openembedded-core

CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

[url-remove-unconditional-idn2.h-include.patch is needed
for CVE-2016-8625]

Reference:
https://curl.haxx.se/docs/security.html

Fixes [Yocto #10617]

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-support/curl/curl/CVE-2016-8615.patch |  70 +++
 meta/recipes-support/curl/curl/CVE-2016-8616.patch |  50 ++
 meta/recipes-support/curl/curl/CVE-2016-8617.patch |  29 +
 meta/recipes-support/curl/curl/CVE-2016-8618.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8619.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8620.patch |  47 ++
 meta/recipes-support/curl/curl/CVE-2016-8621.patch | 104 ++++
 meta/recipes-support/curl/curl/CVE-2016-8622.patch |  95 ++++
 meta/recipes-support/curl/curl/CVE-2016-8623.patch | 174 ++++++
 meta/recipes-support/curl/curl/CVE-2016-8624.patch |  55 ++
 meta/recipes-support/curl/curl/CVE-2016-8625.patch | 593 +++++++++++++++++++++
 .../url-remove-unconditional-idn2.h-include.patch  |  29 +
 meta/recipes-support/curl/curl_7.47.1.bb           |  12 +
 13 files changed, 1356 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8615.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8616.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8617.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8618.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8619.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8620.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8621.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8622.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8623.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8624.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8625.patch
 create mode 100644 meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2016-8615.patch b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
new file mode 100644
index 0000000..95070f4
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
@@ -0,0 +1,70 @@
+From cff89bc088b7884098ea0c5378bbda3d49c437bc Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 17:36:19 +0200
+Subject: [PATCH] cookie: replace use of fgets() with custom version
+
+... that will ignore lines that are too long to fit in the buffer.
+
+CVE: CVE-2016-8615
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102A.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 31 ++++++++++++++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 4932ab1..1b3e645 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -902,6 +902,35 @@ Curl_cookie_add(struct Curl_easy *data,
+   return co;
+ }
+ 
++/*
++ * get_line() makes sure to only return complete whole lines that fit in 'len'
++ * bytes and end with a newline.
++ */
++static char *get_line(char *buf, int len, FILE *input)
++{
++  bool partial = FALSE;
++  while(1) {
++    char *b = fgets(buf, len, input);
++    if(b) {
++      size_t rlen = strlen(b);
++      if(rlen && (b[rlen-1] == '\n')) {
++        if(partial) {
++          partial = FALSE;
++          continue;
++        }
++        return b;
++      }
++      else
++        /* read a partial, discard the next piece that ends with newline */
++        partial = TRUE;
++    }
++    else
++      break;
++  }
++  return NULL;
++}
++
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_init()
+@@ -958,7 +987,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
+     line = malloc(MAX_COOKIE_LINE);
+     if(!line)
+       goto fail;
+-    while(fgets(line, MAX_COOKIE_LINE, fp)) {
++    while(get_line(line, MAX_COOKIE_LINE, fp)) {
+       if(checkprefix("Set-Cookie:", line)) {
+         /* This is a cookie line, get it! */
+         lineptr=&line[11];
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8616.patch b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
new file mode 100644
index 0000000..2849d28
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
@@ -0,0 +1,50 @@
+From b3ee26c5df75d97f6895e6ec4538894ebaf76e48 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 18:01:53 +0200
+Subject: [PATCH] connectionexists: use case sensitive user/password
+ comparisons
+
+CVE: CVE-2016-8616
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102B.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 09:16:20.459836564 +0100
+@@ -3305,8 +3305,8 @@
+       if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
+         /* This protocol requires credentials per connection,
+            so verify that we're using the same name and password as well */
+-        if(!strequal(needle->user, check->user) ||
+-           !strequal(needle->passwd, check->passwd)) {
++        if(strcmp(needle->user, check->user) ||
++           strcmp(needle->passwd, check->passwd)) {
+           /* one of them was different */
+           continue;
+         }
+@@ -3369,8 +3369,8 @@
+            possible. (Especially we must not reuse the same connection if
+            partway through a handshake!) */
+         if(wantNTLMhttp) {
+-          if(!strequal(needle->user, check->user) ||
+-             !strequal(needle->passwd, check->passwd))
++          if(strcmp(needle->user, check->user) ||
++             strcmp(needle->passwd, check->passwd))
+             continue;
+         }
+         else if(check->ntlm.state != NTLMSTATE_NONE) {
+@@ -3380,8 +3380,8 @@
+ 
+         /* Same for Proxy NTLM authentication */
+         if(wantProxyNTLMhttp) {
+-          if(!strequal(needle->proxyuser, check->proxyuser) ||
+-             !strequal(needle->proxypasswd, check->proxypasswd))
++          if(strcmp(needle->proxyuser, check->proxyuser) ||
++             strcmp(needle->proxypasswd, check->proxypasswd))
+             continue;
+         }
+         else if(check->proxyntlm.state != NTLMSTATE_NONE) {
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8617.patch b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
new file mode 100644
index 0000000..a9bb509
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
@@ -0,0 +1,29 @@
+From efd24d57426bd77c9b5860e6b297904703750412 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 00:05:12 +0200
+Subject: [PATCH] base64: check for integer overflow on large input
+
+CVE: CVE-2016-8617
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102C.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+diff -ruN a/lib/base64.c b/lib/base64.c
+--- a/lib/base64.c	2016-02-03 00:02:43.000000000 +0100
++++ b/lib/base64.c	2016-11-07 09:22:07.918167530 +0100
+@@ -190,6 +190,11 @@
+   if(0 == insize)
+     insize = strlen(indata);
+ 
++#if SIZEOF_SIZE_T == 4
++  if(insize > UINT_MAX/4)
++    return CURLE_OUT_OF_MEMORY;
++#endif
++
+   base64data = output = malloc(insize*4/3+4);
+   if(NULL == output)
+     return CURLE_OUT_OF_MEMORY;
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8618.patch b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
new file mode 100644
index 0000000..57b3397
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
@@ -0,0 +1,49 @@
+From 8732ec40db652c53fa58cd13e2acb8eab6e40874 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 10:15:34 +0200
+Subject: [PATCH] aprintf: detect wrap-around when growing allocation
+
+On 32bit systems we could otherwise wrap around after 2GB and allocate 0
+bytes and crash.
+
+CVE: CVE-2016-8618
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102D.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/mprintf.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/mprintf.c b/lib/mprintf.c
+index dbedeaa..2c88aa8 100644
+--- a/lib/mprintf.c
++++ b/lib/mprintf.c
+@@ -1036,16 +1036,19 @@ static int alloc_addbyter(int output, FILE *data)
+     infop->len =0;
+   }
+   else if(infop->len+1 >= infop->alloc) {
+-    char *newptr;
++    char *newptr = NULL;
++    size_t newsize = infop->alloc*2;
+ 
+-    newptr = realloc(infop->buffer, infop->alloc*2);
++    /* detect wrap-around or other overflow problems */
++    if(newsize > infop->alloc)
++      newptr = realloc(infop->buffer, newsize);
+ 
+     if(!newptr) {
+       infop->fail = 1;
+       return -1; /* fail */
+     }
+     infop->buffer = newptr;
+-    infop->alloc *= 2;
++    infop->alloc = newsize;
+   }
+ 
+   infop->buffer[ infop->len ] = outc;
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8619.patch b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
new file mode 100644
index 0000000..13c67c2
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
@@ -0,0 +1,49 @@
+From 3d6460edeee21d7d790ec570d0887bed1f4366dd Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 12:56:02 +0200
+Subject: [PATCH] krb5: avoid realloc(0)
+
+If the requested size is zero, bail out with error instead of doing a
+realloc() that would cause a double-free: realloc(0) acts as a free()
+and then there's a second free in the cleanup path.
+
+CVE: CVE-2016-8619
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102E.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/security.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/security.c b/lib/security.c
+index a268d4a..4cef8f8 100644
+--- a/lib/security.c
++++ b/lib/security.c
+@@ -192,15 +192,18 @@ static CURLcode read_data(struct connectdata *conn,
+                           struct krb5buffer *buf)
+ {
+   int len;
+-  void* tmp;
++  void *tmp = NULL;
+   CURLcode result;
+ 
+   result = socket_read(fd, &len, sizeof(len));
+   if(result)
+     return result;
+ 
+-  len = ntohl(len);
+-  tmp = realloc(buf->data, len);
++  if(len) {
++    /* only realloc if there was a length */
++    len = ntohl(len);
++    tmp = realloc(buf->data, len);
++  }
+   if(tmp == NULL)
+     return CURLE_OUT_OF_MEMORY;
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8620.patch b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
new file mode 100644
index 0000000..9cea298
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
@@ -0,0 +1,47 @@
+From fbb5f1aa0326d485d5a7ac643b48481897ca667f Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 3 Oct 2016 17:27:16 +0200
+Subject: [PATCH] range: prevent negative end number in a glob range
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CVE: CVE-2016-8620
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102F.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ src/tool_urlglob.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
+index a357b8b..64c75ba 100644
+--- a/src/tool_urlglob.c
++++ b/src/tool_urlglob.c
+@@ -257,6 +257,12 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+         endp = NULL;
+       else {
+         pattern = endp+1;
++        while(*pattern && ISBLANK(*pattern))
++          pattern++;
++        if(!ISDIGIT(*pattern)) {
++          endp = NULL;
++          goto fail;
++        }
+         errno = 0;
+         max_n = strtoul(pattern, &endp, 10);
+         if(errno || (*endp == ':')) {
+@@ -277,6 +283,7 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+       }
+     }
+ 
++    fail:
+     *posp += (pattern - *patternp);
+ 
+     if(!endp || (min_n > max_n) || (step_n > (max_n - min_n)) || !step_n)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8621.patch b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
new file mode 100644
index 0000000..c05968e
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
@@ -0,0 +1,104 @@
+From 96a80b5a262fb6dd2ddcea7987296f3b9a405618 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 16:59:38 +0200
+Subject: [PATCH] parsedate: handle cut off numbers better
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+... and don't read outside of the given buffer!
+
+CVE: CVE-2016-8621
+
+Upstream-Status: Backport
+
+bug: https://curl.haxx.se/docs/adv_20161102G.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/parsedate.c        | 12 +++++++-----
+ tests/data/test517     |  6 ++++++
+ tests/libtest/lib517.c |  8 +++++++-
+ 3 files changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/lib/parsedate.c b/lib/parsedate.c
+index dfcf855..8e932f4 100644
+--- a/lib/parsedate.c
++++ b/lib/parsedate.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -386,15 +386,17 @@ static int parsedate(const char *date, time_t *output)
+       /* a digit */
+       int val;
+       char *end;
++      int len=0;
+       if((secnum == -1) &&
+-         (3 == sscanf(date, "%02d:%02d:%02d", &hournum, &minnum, &secnum))) {
++         (3 == sscanf(date, "%02d:%02d:%02d%n",
++                      &hournum, &minnum, &secnum, &len))) {
+         /* time stamp! */
+-        date += 8;
++        date += len;
+       }
+       else if((secnum == -1) &&
+-              (2 == sscanf(date, "%02d:%02d", &hournum, &minnum))) {
++              (2 == sscanf(date, "%02d:%02d%n", &hournum, &minnum, &len))) {
+         /* time stamp without seconds */
+-        date += 5;
++        date += len;
+         secnum = 0;
+       }
+       else {
+diff --git a/tests/data/test517 b/tests/data/test517
+index c81a45e..513634f 100644
+--- a/tests/data/test517
++++ b/tests/data/test517
+@@ -116,6 +116,12 @@ nothing
+ 81: 20111323 12:34:56 => -1
+ 82: 20110623 12:34:79 => -1
+ 83: Wed, 31 Dec 2008 23:59:60 GMT => 1230768000
++84: 20110623 12:3 => 1308830580
++85: 20110623 1:3 => 1308790980
++86: 20110623 1:30 => 1308792600
++87: 20110623 12:12:3 => 1308831123
++88: 20110623 01:12:3 => 1308791523
++89: 20110623 01:99:30 => -1
+ </stdout>
+ 
+ # This test case previously tested an overflow case ("2094 Nov 6 =>
+diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
+index 2f68ebd..22162ff 100644
+--- a/tests/libtest/lib517.c
++++ b/tests/libtest/lib517.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -116,6 +116,12 @@ static const char * const dates[]={
+   "20111323 12:34:56",
+   "20110623 12:34:79",
+   "Wed, 31 Dec 2008 23:59:60 GMT", /* leap second */
++  "20110623 12:3",
++  "20110623 1:3",
++  "20110623 1:30",
++  "20110623 12:12:3",
++  "20110623 01:12:3",
++  "20110623 01:99:30",
+   NULL
+ };
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8622.patch b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
new file mode 100644
index 0000000..aedc85b
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
@@ -0,0 +1,95 @@
+From 53e71e47d6b81650d26ec33a58d0dca24c7ffb2c Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 18:56:45 +0200
+Subject: [PATCH] unescape: avoid integer overflow
+
+CVE: CVE-2016-8622
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102H.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/docs/libcurl/curl_easy_unescape.3 b/docs/libcurl/curl_easy_unescape.3
+--- a/docs/libcurl/curl_easy_unescape.3	2016-02-03 00:08:02.000000000 +0100
++++ b/docs/libcurl/curl_easy_unescape.3	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+ .\" *                            | (__| |_| |  _ <| |___
+ .\" *                             \___|\___/|_| \_\_____|
+ .\" *
+-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ .\" *
+ .\" * This software is licensed as described in the file COPYING, which
+ .\" * you should have received as part of this distribution. The terms
+@@ -40,7 +40,10 @@
+ 
+ If \fBoutlength\fP is non-NULL, the function will write the length of the
+ returned string in the integer it points to. This allows an escaped string
+-containing %00 to still get used properly after unescaping.
++containing %00 to still get used properly after unescaping. Since this is a
++pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no
++longer string can be unescaped if the string length is returned in this
++parameter.
+ 
+ You must \fIcurl_free(3)\fP the returned string when you're done with it.
+ .SH AVAILABILITY
+diff -ruN a/lib/dict.c b/lib/dict.c
+--- a/lib/dict.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/dict.c	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -52,7 +52,7 @@
+ #include <curl/curl.h>
+ #include "transfer.h"
+ #include "sendf.h"
+-
++#include "escape.h"
+ #include "progress.h"
+ #include "strequal.h"
+ #include "dict.h"
+@@ -96,12 +96,12 @@
+   char *newp;
+   char *dictp;
+   char *ptr;
+-  int len;
++  size_t len;
+   char ch;
+   int olen=0;
+ 
+-  newp = curl_easy_unescape(data, inputbuff, 0, &len);
+-  if(!newp)
++  CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE);
++  if(!newp || result)
+     return NULL;
+ 
+   dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */
+diff -ruN a/lib/escape.c b/lib/escape.c
+--- a/lib/escape.c	2016-02-05 10:02:03.000000000 +0100
++++ b/lib/escape.c	2016-11-07 09:29:43.073671606 +0100
+@@ -217,8 +217,14 @@
+                                 FALSE);
+   if(res)
+     return NULL;
+-  if(olen)
+-    *olen = curlx_uztosi(outputlen);
++
++    if(olen) {
++      if(outputlen <= (size_t) INT_MAX)
++        *olen = curlx_uztosi(outputlen);
++      else
++        /* too large to return in an int, fail! */
++        Curl_safefree(str);
++    }
+   return str;
+ }
+ 
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8623.patch b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
new file mode 100644
index 0000000..e791ecd
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
@@ -0,0 +1,174 @@
+From c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 23:26:13 +0200
+Subject: [PATCH] cookies: getlist() now holds deep copies of all cookies
+
+Previously it only held references to them, which was reckless as the
+thread lock was released so the cookies could get modified by other
+handles that share the same cookie jar over the share interface.
+
+CVE: CVE-2016-8623
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102I.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 61 +++++++++++++++++++++++++++++++++++++++---------------------
+ lib/cookie.h |  4 ++--
+ lib/http.c   |  2 +-
+ 3 files changed, 43 insertions(+), 24 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 0f05da2..8607ce3 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -1024,6 +1024,40 @@ static int cookie_sort(const void *p1, const void *p2)
+   return 0;
+ }
+ 
++#define CLONE(field)                     \
++  do {                                   \
++    if(src->field) {                     \
++      dup->field = strdup(src->field);   \
++      if(!dup->field)                    \
++        goto fail;                       \
++    }                                    \
++  } while(0)
++
++static struct Cookie *dup_cookie(struct Cookie *src)
++{
++  struct Cookie *dup = calloc(sizeof(struct Cookie), 1);
++  if(dup) {
++    CLONE(expirestr);
++    CLONE(domain);
++    CLONE(path);
++    CLONE(spath);
++    CLONE(name);
++    CLONE(value);
++    CLONE(maxage);
++    CLONE(version);
++    dup->expires = src->expires;
++    dup->tailmatch = src->tailmatch;
++    dup->secure = src->secure;
++    dup->livecookie = src->livecookie;
++    dup->httponly = src->httponly;
++  }
++  return dup;
++
++  fail:
++  freecookie(dup);
++  return NULL;
++}
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_getlist()
+@@ -1079,11 +1113,8 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           /* and now, we know this is a match and we should create an
+              entry for the return-linked-list */
+ 
+-          newco = malloc(sizeof(struct Cookie));
++          newco = dup_cookie(co);
+           if(newco) {
+-            /* first, copy the whole source cookie: */
+-            memcpy(newco, co, sizeof(struct Cookie));
+-
+             /* then modify our next */
+             newco->next = mainco;
+ 
+@@ -1095,12 +1126,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           else {
+             fail:
+             /* failure, clear up the allocated chain and return NULL */
+-            while(mainco) {
+-              co = mainco->next;
+-              free(mainco);
+-              mainco = co;
+-            }
+-
++            Curl_cookie_freelist(mainco);
+             return NULL;
+           }
+         }
+@@ -1152,7 +1178,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+ void Curl_cookie_clearall(struct CookieInfo *cookies)
+ {
+   if(cookies) {
+-    Curl_cookie_freelist(cookies->cookies, TRUE);
++    Curl_cookie_freelist(cookies->cookies);
+     cookies->cookies = NULL;
+     cookies->numcookies = 0;
+   }
+@@ -1164,21 +1190,14 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
+  *
+  * Free a list of cookies previously returned by Curl_cookie_getlist();
+  *
+- * The 'cookiestoo' argument tells this function whether to just free the
+- * list or actually also free all cookies within the list as well.
+- *
+  ****************************************************************************/
+ 
+-void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
++void Curl_cookie_freelist(struct Cookie *co)
+ {
+   struct Cookie *next;
+   while(co) {
+     next = co->next;
+-    if(cookiestoo)
+-      freecookie(co);
+-    else
+-      free(co); /* we only free the struct since the "members" are all just
+-                   pointed out in the main cookie list! */
++    freecookie(co);
+     co = next;
+   }
+ }
+@@ -1233,7 +1252,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
+ {
+   if(c) {
+     free(c->filename);
+-    Curl_cookie_freelist(c->cookies, TRUE);
++    Curl_cookie_freelist(c->cookies);
+     free(c); /* free the base struct as well */
+   }
+ }
+diff --git a/lib/cookie.h b/lib/cookie.h
+index cd7c54a..a9a4578 100644
+--- a/lib/cookie.h
++++ b/lib/cookie.h
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -82,7 +82,7 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data,
+ 
+ struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
+                                    const char *, bool);
+-void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
++void Curl_cookie_freelist(struct Cookie *cookies);
+ void Curl_cookie_clearall(struct CookieInfo *cookies);
+ void Curl_cookie_clearsess(struct CookieInfo *cookies);
+ 
+diff --git a/lib/http.c b/lib/http.c
+index 65c145a..e6e7d37 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -2384,7 +2384,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
+         }
+         co = co->next; /* next cookie please */
+       }
+-      Curl_cookie_freelist(store, FALSE); /* free the cookie list */
++      Curl_cookie_freelist(store);
+     }
+     if(addcookies && !result) {
+       if(!count)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8624.patch b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
new file mode 100644
index 0000000..fb62282
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
@@ -0,0 +1,55 @@
+From 3bb273db7e40ebc284cff45f3ce3f0475c8339c2 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 11 Oct 2016 00:48:35 +0200
+Subject: [PATCH] urlparse: accept '#' as end of host name
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+'http://example.com#@127.0.0.1/x.txt' equals a request to example.com
+for the '/' document with the rest of the URL being a fragment.
+
+CVE: CVE-2016-8624
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102J.html
+Reported-by: Fernando Muñoz
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 10:16:13.562089428 +0100
+@@ -4086,7 +4086,7 @@
+     path[0]=0;
+ 
+     if(2 > sscanf(data->change.url,
+-                   "%15[^\n:]://%[^\n/?]%[^\n]",
++                   "%15[^\n:]://%[^\n/?#]%[^\n]",
+                    protobuf,
+                    conn->host.name, path)) {
+ 
+@@ -4094,7 +4094,7 @@
+        * The URL was badly formatted, let's try the browser-style _without_
+        * protocol specified like 'http://'.
+        */
+-      rc = sscanf(data->change.url, "%[^\n/?]%[^\n]", conn->host.name, path);
++      rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
+       if(1 > rc) {
+         /*
+          * We couldn't even get this format.
+@@ -4184,10 +4184,10 @@
+   }
+ 
+   /* If the URL is malformatted (missing a '/' after hostname before path) we
+-   * insert a slash here. The only letter except '/' we accept to start a path
+-   * is '?'.
++   * insert a slash here. The only letters except '/' that can start a path is
++   * '?' and '#' - as controlled by the two sscanf() patterns above.
+    */
+-  if(path[0] == '?') {
++  if(path[0] != '/') {
+     /* We need this function to deal with overlapping memory areas. We know
+        that the memory area 'path' points to is 'urllen' bytes big and that
+        is bigger than the path. Use +1 to move the zero byte too. */
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8625.patch b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
new file mode 100644
index 0000000..eb21e60
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
@@ -0,0 +1,593 @@
+commit 9c91ec778104ae3b744b39444d544e82d5ee9ece
+Author: Daniel Stenberg <daniel@haxx.se>
+Date:   Wed Oct 12 09:01:06 2016 +0200
+
+idn: switch to libidn2 use and IDNA2008 support
+
+CVE: CVE-2016-8625
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102K.html
+Reported-by: Christian Heimes
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/CMakeLists.txt b/CMakeLists.txt
+--- a/CMakeLists.txt	2016-02-03 00:08:44.000000000 +0100
++++ b/CMakeLists.txt	2016-11-08 13:05:14.055757175 +0100
+@@ -440,7 +440,7 @@
+ endif()
+ 
+ # Check for idn
+-check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
++check_library_exists_concat("idn2" idn2_lookup_ul HAVE_LIBIDN2)
+ 
+ # Check for symbol dlopen (same as HAVE_LIBDL)
+ check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
+@@ -608,7 +608,7 @@
+ check_include_file_concat("err.h"            HAVE_ERR_H)
+ check_include_file_concat("errno.h"          HAVE_ERRNO_H)
+ check_include_file_concat("fcntl.h"          HAVE_FCNTL_H)
+-check_include_file_concat("idn-free.h"       HAVE_IDN_FREE_H)
++check_include_file_concat("idn2.h"           HAVE_IDN2_H)
+ check_include_file_concat("ifaddrs.h"        HAVE_IFADDRS_H)
+ check_include_file_concat("io.h"             HAVE_IO_H)
+ check_include_file_concat("krb.h"            HAVE_KRB_H)
+@@ -638,7 +638,6 @@
+ check_include_file_concat("termio.h"         HAVE_TERMIO_H)
+ check_include_file_concat("termios.h"        HAVE_TERMIOS_H)
+ check_include_file_concat("time.h"           HAVE_TIME_H)
+-check_include_file_concat("tld.h"            HAVE_TLD_H)
+ check_include_file_concat("unistd.h"         HAVE_UNISTD_H)
+ check_include_file_concat("utime.h"          HAVE_UTIME_H)
+ check_include_file_concat("x509.h"           HAVE_X509_H)
+@@ -652,9 +651,6 @@
+ check_include_file_concat("stdint.h"        HAVE_STDINT_H)
+ check_include_file_concat("sockio.h"        HAVE_SOCKIO_H)
+ check_include_file_concat("sys/utsname.h"   HAVE_SYS_UTSNAME_H)
+-check_include_file_concat("idna.h"          HAVE_IDNA_H)
+-
+-
+ 
+ check_type_size(size_t  SIZEOF_SIZE_T)
+ check_type_size(ssize_t  SIZEOF_SSIZE_T)
+@@ -802,9 +798,6 @@
+ check_symbol_exists(ftruncate      "${CURL_INCLUDES}" HAVE_FTRUNCATE)
+ check_symbol_exists(getprotobyname "${CURL_INCLUDES}" HAVE_GETPROTOBYNAME)
+ check_symbol_exists(getrlimit      "${CURL_INCLUDES}" HAVE_GETRLIMIT)
+-check_symbol_exists(idn_free       "${CURL_INCLUDES}" HAVE_IDN_FREE)
+-check_symbol_exists(idna_strerror  "${CURL_INCLUDES}" HAVE_IDNA_STRERROR)
+-check_symbol_exists(tld_strerror   "${CURL_INCLUDES}" HAVE_TLD_STRERROR)
+ check_symbol_exists(setlocale      "${CURL_INCLUDES}" HAVE_SETLOCALE)
+ check_symbol_exists(setrlimit      "${CURL_INCLUDES}" HAVE_SETRLIMIT)
+ check_symbol_exists(fcntl          "${CURL_INCLUDES}" HAVE_FCNTL)
+@@ -1067,7 +1060,7 @@
+ _add_if("unix-sockets"  USE_UNIX_SOCKETS)
+ _add_if("libz"          HAVE_LIBZ)
+ _add_if("AsynchDNS"     USE_ARES OR USE_THREADS_POSIX)
+-_add_if("IDN"           HAVE_LIBIDN)
++_add_if("IDN"           HAVE_LIBIDN2)
+ # TODO SSP1 (WinSSL) check is missing
+ _add_if("SSPI"          USE_WINDOWS_SSPI)
+ _add_if("GSS-API"       HAVE_GSSAPI)
+diff -ruN a/configure.ac b/configure.ac
+--- a/configure.ac	2016-11-08 11:36:12.569919895 +0100
++++ b/configure.ac	2016-11-08 13:05:14.059756325 +0100
+@@ -157,7 +157,7 @@
+     curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
+    curl_ipv6_msg="no      (--enable-ipv6)"
+ curl_unix_sockets_msg="no      (--enable-unix-sockets)"
+-    curl_idn_msg="no      (--with-{libidn,winidn})"
++    curl_idn_msg="no      (--with-{libidn2,winidn})"
+  curl_manual_msg="no      (--enable-manual)"
+ curl_libcurl_msg="enabled (--disable-libcurl-option)"
+ curl_verbose_msg="enabled (--disable-verbose)"
+@@ -2825,15 +2825,15 @@
+ dnl Check for the presence of IDN libraries and headers
+ dnl **********************************************************************
+ 
+-AC_MSG_CHECKING([whether to build with libidn])
++AC_MSG_CHECKING([whether to build with libidn2])
+ OPT_IDN="default"
+ AC_ARG_WITH(libidn,
+-AC_HELP_STRING([--with-libidn=PATH],[Enable libidn usage])
+-AC_HELP_STRING([--without-libidn],[Disable libidn usage]),
++AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
++AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
+   [OPT_IDN=$withval])
+ case "$OPT_IDN" in
+   no)
+-    dnl --without-libidn option used
++    dnl --without-libidn2 option used
+     want_idn="no"
+     AC_MSG_RESULT([no])
+     ;;
+@@ -2844,13 +2844,13 @@
+     AC_MSG_RESULT([(assumed) yes])
+     ;;
+   yes)
+-    dnl --with-libidn option used without path
++    dnl --with-libidn2 option used without path
+     want_idn="yes"
+     want_idn_path="default"
+     AC_MSG_RESULT([yes])
+     ;;
+   *)
+-    dnl --with-libidn option used with path
++    dnl --with-libidn2 option used with path
+     want_idn="yes"
+     want_idn_path="$withval"
+     AC_MSG_RESULT([yes ($withval)])
+@@ -2867,33 +2867,33 @@
+   if test "$want_idn_path" != "default"; then
+     dnl path has been specified
+     IDN_PCDIR="$want_idn_path/lib$libsuff/pkgconfig"
+-    CURL_CHECK_PKGCONFIG(libidn, [$IDN_PCDIR])
++    CURL_CHECK_PKGCONFIG(libidn2, [$IDN_PCDIR])
+     if test "$PKGCONFIG" != "no"; then
+       IDN_LIBS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-l libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-l libidn2 2>/dev/null`
+       IDN_LDFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-L libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-L libidn2 2>/dev/null`
+       IDN_CPPFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++        $PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+       IDN_LDFLAGS="-L$want_idn_path/lib$libsuff"
+       IDN_CPPFLAGS="-I$want_idn_path/include"
+       IDN_DIR="$want_idn_path/lib$libsuff"
+     fi
+   else
+     dnl path not specified
+-    CURL_CHECK_PKGCONFIG(libidn)
++    CURL_CHECK_PKGCONFIG(libidn2)
+     if test "$PKGCONFIG" != "no"; then
+-      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn 2>/dev/null`
+-      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn 2>/dev/null`
+-      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn2 2>/dev/null`
++      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn2 2>/dev/null`
++      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+     fi
+   fi
+   #
+@@ -2913,9 +2913,9 @@
+   LDFLAGS="$IDN_LDFLAGS $LDFLAGS"
+   LIBS="$IDN_LIBS $LIBS"
+   #
+-  AC_MSG_CHECKING([if idna_to_ascii_4i can be linked])
++  AC_MSG_CHECKING([if idn2_lookup_ul can be linked])
+   AC_LINK_IFELSE([
+-    AC_LANG_FUNC_LINK_TRY([idna_to_ascii_4i])
++    AC_LANG_FUNC_LINK_TRY([idn2_lookup_ul])
+   ],[
+     AC_MSG_RESULT([yes])
+     tst_links_libidn="yes"
+@@ -2923,37 +2923,19 @@
+     AC_MSG_RESULT([no])
+     tst_links_libidn="no"
+   ])
+-  if test "$tst_links_libidn" = "no"; then
+-    AC_MSG_CHECKING([if idna_to_ascii_lz can be linked])
+-    AC_LINK_IFELSE([
+-      AC_LANG_FUNC_LINK_TRY([idna_to_ascii_lz])
+-    ],[
+-      AC_MSG_RESULT([yes])
+-      tst_links_libidn="yes"
+-    ],[
+-      AC_MSG_RESULT([no])
+-      tst_links_libidn="no"
+-    ])
+-  fi
+   #
++  AC_CHECK_HEADERS( idn2.h )
++
+   if test "$tst_links_libidn" = "yes"; then
+-    AC_DEFINE(HAVE_LIBIDN, 1, [Define to 1 if you have the `idn' library (-lidn).])
++    AC_DEFINE(HAVE_LIBIDN2, 1, [Define to 1 if you have the `idn2' library (-lidn2).])
+     dnl different versions of libidn have different setups of these:
+-    AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror )
+-    AC_CHECK_HEADERS( idn-free.h tld.h )
+-    if test "x$ac_cv_header_tld_h" = "xyes"; then
+-      AC_SUBST([IDN_ENABLED], [1])
+-      curl_idn_msg="enabled"
+-      if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
+-        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
+-        export LD_LIBRARY_PATH
+-        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+-      fi
+-    else
+-      AC_MSG_WARN([Libraries for IDN support too old: IDN disabled])
+-      CPPFLAGS="$clean_CPPFLAGS"
+-      LDFLAGS="$clean_LDFLAGS"
+-      LIBS="$clean_LIBS"
++
++    AC_SUBST([IDN_ENABLED], [1])
++    curl_idn_msg="enabled (libidn2)"
++    if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
++      LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
++      export LD_LIBRARY_PATH
++      AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+     fi
+   else
+     AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
+diff -ruN a/lib/curl_setup.h b/lib/curl_setup.h
+--- a/lib/curl_setup.h	2016-02-04 23:00:56.000000000 +0100
++++ b/lib/curl_setup.h	2016-11-08 13:05:14.059756325 +0100
+@@ -590,10 +590,9 @@
+ #endif
+ #endif
+ 
+-#if defined(HAVE_LIBIDN) && defined(HAVE_TLD_H)
+-/* The lib was present and the tld.h header (which is missing in libidn 0.3.X
+-   but we only work with libidn 0.4.1 or later) */
+-#define USE_LIBIDN
++#if defined(HAVE_LIBIDN2) && defined(HAVE_IDN2_H)
++/* The lib and header are present */
++#define USE_LIBIDN2
+ #endif
+ 
+ #ifndef SIZEOF_TIME_T
+diff -ruN a/lib/easy.c b/lib/easy.c
+--- a/lib/easy.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/easy.c	2016-11-08 13:05:14.063755476 +0100
+@@ -144,28 +144,6 @@
+   return CURLE_OK;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Initialise use of IDNA library.
+- * It falls back to ASCII if $CHARSET isn't defined. This doesn't work for
+- * idna_to_ascii_lz().
+- */
+-static void idna_init (void)
+-{
+-#ifdef WIN32
+-  char buf[60];
+-  UINT cp = GetACP();
+-
+-  if(!getenv("CHARSET") && cp > 0) {
+-    snprintf(buf, sizeof(buf), "CHARSET=cp%u", cp);
+-    putenv(buf);
+-  }
+-#else
+-  /* to do? */
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ /* true globals -- for curl_global_init() and curl_global_cleanup() */
+ static unsigned int  initialized;
+ static long          init_flags;
+@@ -262,10 +240,6 @@
+   }
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-  idna_init();
+-#endif
+-
+   if(Curl_resolver_global_init()) {
+     DEBUGF(fprintf(stderr, "Error: resolver_global_init failed\n"));
+     return CURLE_FAILED_INIT;
+diff -ruN a/lib/strerror.c b/lib/strerror.c
+--- a/lib/strerror.c	2016-02-04 15:49:31.000000000 +0100
++++ b/lib/strerror.c	2016-11-08 13:05:14.063755476 +0100
+@@ -35,8 +35,8 @@
+ 
+ #include <curl/curl.h>
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_WINDOWS_SSPI
+@@ -723,83 +723,6 @@
+   return buf;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Return error-string for libidn status as returned from idna_to_ascii_lz().
+- */
+-const char *Curl_idn_strerror (struct connectdata *conn, int err)
+-{
+-#ifdef HAVE_IDNA_STRERROR
+-  (void)conn;
+-  return idna_strerror((Idna_rc) err);
+-#else
+-  const char *str;
+-  char *buf;
+-  size_t max;
+-
+-  DEBUGASSERT(conn);
+-
+-  buf = conn->syserr_buf;
+-  max = sizeof(conn->syserr_buf)-1;
+-  *buf = '\0';
+-
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  switch ((Idna_rc)err) {
+-    case IDNA_SUCCESS:
+-      str = "No error";
+-      break;
+-    case IDNA_STRINGPREP_ERROR:
+-      str = "Error in string preparation";
+-      break;
+-    case IDNA_PUNYCODE_ERROR:
+-      str = "Error in Punycode operation";
+-      break;
+-    case IDNA_CONTAINS_NON_LDH:
+-      str = "Illegal ASCII characters";
+-      break;
+-    case IDNA_CONTAINS_MINUS:
+-      str = "Contains minus";
+-      break;
+-    case IDNA_INVALID_LENGTH:
+-      str = "Invalid output length";
+-      break;
+-    case IDNA_NO_ACE_PREFIX:
+-      str = "No ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ROUNDTRIP_VERIFY_ERROR:
+-      str = "Round trip verify error";
+-      break;
+-    case IDNA_CONTAINS_ACE_PREFIX:
+-      str = "Already have ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ICONV_ERROR:
+-      str = "Locale conversion failed";
+-      break;
+-    case IDNA_MALLOC_ERROR:
+-      str = "Allocation failed";
+-      break;
+-    case IDNA_DLOPEN_ERROR:
+-      str = "dlopen() error";
+-      break;
+-    default:
+-      snprintf(buf, max, "error %d", err);
+-      str = NULL;
+-      break;
+-  }
+-#else
+-  if((Idna_rc)err == IDNA_SUCCESS)
+-    str = "No error";
+-  else
+-    str = "Error";
+-#endif
+-  if(str)
+-    strncpy(buf, str, max);
+-  buf[max] = '\0';
+-  return (buf);
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ #ifdef USE_WINDOWS_SSPI
+ const char *Curl_sspi_strerror (struct connectdata *conn, int err)
+ {
+diff -ruN a/lib/strerror.h b/lib/strerror.h
+--- a/lib/strerror.h	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/strerror.h	2016-11-08 13:05:14.063755476 +0100
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -26,7 +26,7 @@
+ 
+ const char *Curl_strerror (struct connectdata *conn, int err);
+ 
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+ const char *Curl_idn_strerror (struct connectdata *conn, int err);
+ #endif
+ 
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-08 11:36:14.789448511 +0100
++++ b/lib/url.c	2016-11-08 14:28:29.402683080 +0100
+@@ -59,24 +59,15 @@
+ #include <limits.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
+-#include <tld.h>
+-#include <stringprep.h>
+-#ifdef HAVE_IDN_FREE_H
+-#include <idn-free.h>
+-#else
+-/* prototype from idn-free.h, not provided by libidn 0.4.5's make install! */
+-void idn_free (void *ptr);
+-#endif
+-#ifndef HAVE_IDN_FREE
+-/* if idn_free() was not found in this version of libidn use free() instead */
+-#define idn_free(x) (free)(x)
+-#endif
++#ifdef USE_LIBIDN2
++#include <idn2.h>
++
+ #elif defined(USE_WIN32_IDN)
+ /* prototype for curl_win32_idn_to_ascii() */
+ int curl_win32_idn_to_ascii(const char *in, char **out);
+-#endif  /* USE_LIBIDN */
++#endif  /* USE_LIBIDN2 */
++
++#include <idn2.h>
+ 
+ #include "urldata.h"
+ #include "netrc.h"
+@@ -3693,59 +3684,15 @@
+   return TRUE;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Check if characters in hostname is allowed in Top Level Domain.
+- */
+-static bool tld_check_name(struct SessionHandle *data,
+-                           const char *ace_hostname)
+-{
+-  size_t err_pos;
+-  char *uc_name = NULL;
+-  int rc;
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  const char *tld_errmsg = "<no msg>";
+-#else
+-  (void)data;
+-#endif
+-
+-  /* Convert (and downcase) ACE-name back into locale's character set */
+-  rc = idna_to_unicode_lzlz(ace_hostname, &uc_name, 0);
+-  if(rc != IDNA_SUCCESS)
+-    return FALSE;
+-
+-  rc = tld_check_lz(uc_name, &err_pos, NULL);
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-#ifdef HAVE_TLD_STRERROR
+-  if(rc != TLD_SUCCESS)
+-    tld_errmsg = tld_strerror((Tld_rc)rc);
+-#endif
+-  if(rc == TLD_INVALID)
+-    infof(data, "WARNING: %s; pos %u = `%c'/0x%02X\n",
+-          tld_errmsg, err_pos, uc_name[err_pos],
+-          uc_name[err_pos] & 255);
+-  else if(rc != TLD_SUCCESS)
+-    infof(data, "WARNING: TLD check for %s failed; %s\n",
+-          uc_name, tld_errmsg);
+-#endif /* CURL_DISABLE_VERBOSE_STRINGS */
+-  if(uc_name)
+-     idn_free(uc_name);
+-  if(rc != TLD_SUCCESS)
+-    return FALSE;
+-
+-  return TRUE;
+-}
+-#endif
+-
+ /*
+  * Perform any necessary IDN conversion of hostname
+  */
+-static void fix_hostname(struct SessionHandle *data,
+-                         struct connectdata *conn, struct hostname *host)
++static void fix_hostname(struct connectdata *conn, struct hostname *host)
+ {
+   size_t len;
++  struct Curl_easy *data = conn->data;
+ 
+-#ifndef USE_LIBIDN
++#ifndef USE_LIBIDN2
+   (void)data;
+   (void)conn;
+ #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
+@@ -3762,24 +3709,15 @@
+     host->name[len-1]=0;
+ 
+   if(!is_ASCII_name(host->name)) {
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+   /*************************************************************
+    * Check name for non-ASCII and convert hostname to ACE form.
+    *************************************************************/
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
++  if(stringprep_check_version(IDN2_VERSION)) {
+     char *ace_hostname = NULL;
+-    int rc = idna_to_ascii_lz(host->name, &ace_hostname, 0);
+-    infof (data, "Input domain encoded as `%s'\n",
+-           stringprep_locale_charset ());
+-    if(rc != IDNA_SUCCESS)
+-      infof(data, "Failed to convert %s to ACE; %s\n",
+-            host->name, Curl_idn_strerror(conn, rc));
+-    else {
+-      /* tld_check_name() displays a warning if the host name contains
+-         "illegal" characters for this TLD */
+-      (void)tld_check_name(data, ace_hostname);
+-
+-      host->encalloc = ace_hostname;
++      int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, 0);
++      if(rc == IDN2_OK) {
++        host->encalloc = (char *)ace_hostname;
+       /* change the name pointer to point to the encoded hostname */
+       host->name = host->encalloc;
+     }
+@@ -3809,9 +3747,9 @@
+  */
+ static void free_fixed_hostname(struct hostname *host)
+ {
+-#if defined(USE_LIBIDN)
++#if defined(USE_LIBIDN2)
+   if(host->encalloc) {
+-    idn_free(host->encalloc); /* must be freed with idn_free() since this was
++    idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
+                                  allocated by libidn */
+     host->encalloc = NULL;
+   }
+@@ -5708,9 +5646,9 @@
+   /*************************************************************
+    * IDN-fix the hostnames
+    *************************************************************/
+-  fix_hostname(data, conn, &conn->host);
++  fix_hostname(conn, &conn->host);
+   if(conn->proxy.name && *conn->proxy.name)
+-    fix_hostname(data, conn, &conn->proxy);
++    fix_hostname(conn, &conn->proxy);
+ 
+   /*************************************************************
+    * Setup internals depending on protocol. Needs to be done after
+diff -ruN a/lib/version.c b/lib/version.c
+--- a/lib/version.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/version.c	2016-11-08 13:05:14.071753778 +0100
+@@ -36,8 +36,8 @@
+ #  include <ares.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <stringprep.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_LIBPSL
+@@ -97,9 +97,9 @@
+   left -= len;
+   ptr += len;
+ #endif
+-#ifdef USE_LIBIDN
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
+-    len = snprintf(ptr, left, " libidn/%s", stringprep_check_version(NULL));
++#ifdef USE_LIBIDN2
++  if(idn2_check_version(IDN2_VERSION)) {
++    len = snprintf(ptr, left, " libidn2/%s", idn2_check_version(NULL));
+     left -= len;
+     ptr += len;
+   }
+@@ -344,10 +344,10 @@
+     version_info.ares_num = aresnum;
+   }
+ #endif
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+   /* This returns a version string if we use the given version or later,
+      otherwise it returns NULL */
+-  version_info.libidn = stringprep_check_version(LIBIDN_REQUIRED_VERSION);
++  version_info.libidn = idn2_check_version(IDN2_VERSION);
+   if(version_info.libidn)
+     version_info.features |= CURL_VERSION_IDN;
+ #elif defined(USE_WIN32_IDN)
diff --git a/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
new file mode 100644
index 0000000..7e2287d
--- /dev/null
+++ b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
@@ -0,0 +1,29 @@
+From c27013c05d99d92370b57e1a7af1b854eef4e7c1 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 31 Oct 2016 09:49:50 +0100
+Subject: [PATCH] url: remove unconditional idn2.h include
+
+Mistake brought by 9c91ec778104a
+
+Upstream-Status: Backport
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/url.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index c90a1c5..b997f41 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -67,8 +67,6 @@
+ bool curl_win32_idn_to_ascii(const char *in, char **out);
+ #endif  /* USE_LIBIDN2 */
+ 
+-#include <idn2.h>
+-
+ #include "urldata.h"
+ #include "netrc.h"
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl_7.47.1.bb b/meta/recipes-support/curl/curl_7.47.1.bb
index 3670a11..7fab7cf 100644
--- a/meta/recipes-support/curl/curl_7.47.1.bb
+++ b/meta/recipes-support/curl/curl_7.47.1.bb
@@ -15,6 +15,18 @@ SRC_URI += " file://configure_ac.patch \
              file://CVE-2016-5420.patch \
              file://CVE-2016-5421.patch \
              file://CVE-2016-7141.patch \
+             file://CVE-2016-8615.patch \
+             file://CVE-2016-8616.patch \
+             file://CVE-2016-8617.patch \
+             file://CVE-2016-8618.patch \
+             file://CVE-2016-8619.patch \
+             file://CVE-2016-8620.patch \
+             file://CVE-2016-8621.patch \
+             file://CVE-2016-8622.patch \
+             file://CVE-2016-8623.patch \
+             file://CVE-2016-8624.patch \
+             file://CVE-2016-8625.patch \
+             file://url-remove-unconditional-idn2.h-include.patch \
            "
 
 SRC_URI[md5sum] = "9ea3123449439bbd960cd25cf98796fb"
-- 
1.9.1



^ permalink raw reply related

* [PATCH][krogoth] curl: fix multiple CVEs
From: Sona Sarmadi @ 2016-11-10  9:16 UTC (permalink / raw)
  To: openembedded-core

CVE-2016-8615: cookie injection for other servers
CVE-2016-8616: case insensitive password comparison
CVE-2016-8617: OOB write via unchecked multiplication
CVE-2016-8618: double-free in curl_maprintf
CVE-2016-8619: double-free in krb5 code
CVE-2016-8620: glob parser write/read out of bounds
CVE-2016-8621: curl_getdate read out of bounds
CVE-2016-8622: URL unescape heap overflow via integer truncation
CVE-2016-8623: Use-after-free via shared cookies
CVE-2016-8624: invalid URL parsing with '#'
CVE-2016-8625: IDNA 2003 makes curl use wrong host

[url-remove-unconditional-idn2.h-include.patch is needed
for CVE-2016-8625]

Reference:
https://curl.haxx.se/docs/security.html

Fixes [Yocto #10617]

Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
---
 meta/recipes-support/curl/curl/CVE-2016-8615.patch |  70 +++
 meta/recipes-support/curl/curl/CVE-2016-8616.patch |  50 ++
 meta/recipes-support/curl/curl/CVE-2016-8617.patch |  29 ++
 meta/recipes-support/curl/curl/CVE-2016-8618.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8619.patch |  49 ++
 meta/recipes-support/curl/curl/CVE-2016-8620.patch |  47 ++
 meta/recipes-support/curl/curl/CVE-2016-8621.patch | 104 ++++
 meta/recipes-support/curl/curl/CVE-2016-8622.patch |  95 ++++
 meta/recipes-support/curl/curl/CVE-2016-8623.patch | 174 +++++++
 meta/recipes-support/curl/curl/CVE-2016-8624.patch |  55 ++
 meta/recipes-support/curl/curl/CVE-2016-8625.patch | 580 +++++++++++++++++++++
 .../url-remove-unconditional-idn2.h-include.patch  |  29 ++
 meta/recipes-support/curl/curl_7.47.1.bb           |  12 +
 13 files changed, 1343 insertions(+)
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8615.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8616.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8617.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8618.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8619.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8620.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8621.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8622.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8623.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8624.patch
 create mode 100644 meta/recipes-support/curl/curl/CVE-2016-8625.patch
 create mode 100644 meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch

diff --git a/meta/recipes-support/curl/curl/CVE-2016-8615.patch b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
new file mode 100644
index 0000000..95070f4
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8615.patch
@@ -0,0 +1,70 @@
+From cff89bc088b7884098ea0c5378bbda3d49c437bc Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 17:36:19 +0200
+Subject: [PATCH] cookie: replace use of fgets() with custom version
+
+... that will ignore lines that are too long to fit in the buffer.
+
+CVE: CVE-2016-8615
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102A.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 31 ++++++++++++++++++++++++++++++-
+ 1 file changed, 30 insertions(+), 1 deletion(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 4932ab1..1b3e645 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -902,6 +902,35 @@ Curl_cookie_add(struct Curl_easy *data,
+   return co;
+ }
+ 
++/*
++ * get_line() makes sure to only return complete whole lines that fit in 'len'
++ * bytes and end with a newline.
++ */
++static char *get_line(char *buf, int len, FILE *input)
++{
++  bool partial = FALSE;
++  while(1) {
++    char *b = fgets(buf, len, input);
++    if(b) {
++      size_t rlen = strlen(b);
++      if(rlen && (b[rlen-1] == '\n')) {
++        if(partial) {
++          partial = FALSE;
++          continue;
++        }
++        return b;
++      }
++      else
++        /* read a partial, discard the next piece that ends with newline */
++        partial = TRUE;
++    }
++    else
++      break;
++  }
++  return NULL;
++}
++
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_init()
+@@ -958,7 +987,7 @@ struct CookieInfo *Curl_cookie_init(struct Curl_easy *data,
+     line = malloc(MAX_COOKIE_LINE);
+     if(!line)
+       goto fail;
+-    while(fgets(line, MAX_COOKIE_LINE, fp)) {
++    while(get_line(line, MAX_COOKIE_LINE, fp)) {
+       if(checkprefix("Set-Cookie:", line)) {
+         /* This is a cookie line, get it! */
+         lineptr=&line[11];
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8616.patch b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
new file mode 100644
index 0000000..2849d28
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8616.patch
@@ -0,0 +1,50 @@
+From b3ee26c5df75d97f6895e6ec4538894ebaf76e48 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 27 Sep 2016 18:01:53 +0200
+Subject: [PATCH] connectionexists: use case sensitive user/password
+ comparisons
+
+CVE: CVE-2016-8616
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102B.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 09:16:20.459836564 +0100
+@@ -3305,8 +3305,8 @@
+       if(!(needle->handler->flags & PROTOPT_CREDSPERREQUEST)) {
+         /* This protocol requires credentials per connection,
+            so verify that we're using the same name and password as well */
+-        if(!strequal(needle->user, check->user) ||
+-           !strequal(needle->passwd, check->passwd)) {
++        if(strcmp(needle->user, check->user) ||
++           strcmp(needle->passwd, check->passwd)) {
+           /* one of them was different */
+           continue;
+         }
+@@ -3369,8 +3369,8 @@
+            possible. (Especially we must not reuse the same connection if
+            partway through a handshake!) */
+         if(wantNTLMhttp) {
+-          if(!strequal(needle->user, check->user) ||
+-             !strequal(needle->passwd, check->passwd))
++          if(strcmp(needle->user, check->user) ||
++             strcmp(needle->passwd, check->passwd))
+             continue;
+         }
+         else if(check->ntlm.state != NTLMSTATE_NONE) {
+@@ -3380,8 +3380,8 @@
+ 
+         /* Same for Proxy NTLM authentication */
+         if(wantProxyNTLMhttp) {
+-          if(!strequal(needle->proxyuser, check->proxyuser) ||
+-             !strequal(needle->proxypasswd, check->proxypasswd))
++          if(strcmp(needle->proxyuser, check->proxyuser) ||
++             strcmp(needle->proxypasswd, check->proxypasswd))
+             continue;
+         }
+         else if(check->proxyntlm.state != NTLMSTATE_NONE) {
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8617.patch b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
new file mode 100644
index 0000000..a9bb509
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8617.patch
@@ -0,0 +1,29 @@
+From efd24d57426bd77c9b5860e6b297904703750412 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 00:05:12 +0200
+Subject: [PATCH] base64: check for integer overflow on large input
+
+CVE: CVE-2016-8617
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102C.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+diff -ruN a/lib/base64.c b/lib/base64.c
+--- a/lib/base64.c	2016-02-03 00:02:43.000000000 +0100
++++ b/lib/base64.c	2016-11-07 09:22:07.918167530 +0100
+@@ -190,6 +190,11 @@
+   if(0 == insize)
+     insize = strlen(indata);
+ 
++#if SIZEOF_SIZE_T == 4
++  if(insize > UINT_MAX/4)
++    return CURLE_OUT_OF_MEMORY;
++#endif
++
+   base64data = output = malloc(insize*4/3+4);
+   if(NULL == output)
+     return CURLE_OUT_OF_MEMORY;
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8618.patch b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
new file mode 100644
index 0000000..57b3397
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8618.patch
@@ -0,0 +1,49 @@
+From 8732ec40db652c53fa58cd13e2acb8eab6e40874 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 10:15:34 +0200
+Subject: [PATCH] aprintf: detect wrap-around when growing allocation
+
+On 32bit systems we could otherwise wrap around after 2GB and allocate 0
+bytes and crash.
+
+CVE: CVE-2016-8618
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102D.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/mprintf.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/mprintf.c b/lib/mprintf.c
+index dbedeaa..2c88aa8 100644
+--- a/lib/mprintf.c
++++ b/lib/mprintf.c
+@@ -1036,16 +1036,19 @@ static int alloc_addbyter(int output, FILE *data)
+     infop->len =0;
+   }
+   else if(infop->len+1 >= infop->alloc) {
+-    char *newptr;
++    char *newptr = NULL;
++    size_t newsize = infop->alloc*2;
+ 
+-    newptr = realloc(infop->buffer, infop->alloc*2);
++    /* detect wrap-around or other overflow problems */
++    if(newsize > infop->alloc)
++      newptr = realloc(infop->buffer, newsize);
+ 
+     if(!newptr) {
+       infop->fail = 1;
+       return -1; /* fail */
+     }
+     infop->buffer = newptr;
+-    infop->alloc *= 2;
++    infop->alloc = newsize;
+   }
+ 
+   infop->buffer[ infop->len ] = outc;
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8619.patch b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
new file mode 100644
index 0000000..13c67c2
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8619.patch
@@ -0,0 +1,49 @@
+From 3d6460edeee21d7d790ec570d0887bed1f4366dd Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Wed, 28 Sep 2016 12:56:02 +0200
+Subject: [PATCH] krb5: avoid realloc(0)
+
+If the requested size is zero, bail out with error instead of doing a
+realloc() that would cause a double-free: realloc(0) acts as a free()
+and then there's a second free in the cleanup path.
+
+CVE: CVE-2016-8619
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102E.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/security.c | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/lib/security.c b/lib/security.c
+index a268d4a..4cef8f8 100644
+--- a/lib/security.c
++++ b/lib/security.c
+@@ -192,15 +192,18 @@ static CURLcode read_data(struct connectdata *conn,
+                           struct krb5buffer *buf)
+ {
+   int len;
+-  void* tmp;
++  void *tmp = NULL;
+   CURLcode result;
+ 
+   result = socket_read(fd, &len, sizeof(len));
+   if(result)
+     return result;
+ 
+-  len = ntohl(len);
+-  tmp = realloc(buf->data, len);
++  if(len) {
++    /* only realloc if there was a length */
++    len = ntohl(len);
++    tmp = realloc(buf->data, len);
++  }
+   if(tmp == NULL)
+     return CURLE_OUT_OF_MEMORY;
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8620.patch b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
new file mode 100644
index 0000000..9cea298
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8620.patch
@@ -0,0 +1,47 @@
+From fbb5f1aa0326d485d5a7ac643b48481897ca667f Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 3 Oct 2016 17:27:16 +0200
+Subject: [PATCH] range: prevent negative end number in a glob range
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+CVE: CVE-2016-8620
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102F.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ src/tool_urlglob.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/src/tool_urlglob.c b/src/tool_urlglob.c
+index a357b8b..64c75ba 100644
+--- a/src/tool_urlglob.c
++++ b/src/tool_urlglob.c
+@@ -257,6 +257,12 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+         endp = NULL;
+       else {
+         pattern = endp+1;
++        while(*pattern && ISBLANK(*pattern))
++          pattern++;
++        if(!ISDIGIT(*pattern)) {
++          endp = NULL;
++          goto fail;
++        }
+         errno = 0;
+         max_n = strtoul(pattern, &endp, 10);
+         if(errno || (*endp == ':')) {
+@@ -277,6 +283,7 @@ static CURLcode glob_range(URLGlob *glob, char **patternp,
+       }
+     }
+ 
++    fail:
+     *posp += (pattern - *patternp);
+ 
+     if(!endp || (min_n > max_n) || (step_n > (max_n - min_n)) || !step_n)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8621.patch b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
new file mode 100644
index 0000000..c05968e
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8621.patch
@@ -0,0 +1,104 @@
+From 96a80b5a262fb6dd2ddcea7987296f3b9a405618 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 16:59:38 +0200
+Subject: [PATCH] parsedate: handle cut off numbers better
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+... and don't read outside of the given buffer!
+
+CVE: CVE-2016-8621
+
+Upstream-Status: Backport
+
+bug: https://curl.haxx.se/docs/adv_20161102G.html
+Reported-by: Luật Nguyễn
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/parsedate.c        | 12 +++++++-----
+ tests/data/test517     |  6 ++++++
+ tests/libtest/lib517.c |  8 +++++++-
+ 3 files changed, 20 insertions(+), 6 deletions(-)
+
+diff --git a/lib/parsedate.c b/lib/parsedate.c
+index dfcf855..8e932f4 100644
+--- a/lib/parsedate.c
++++ b/lib/parsedate.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -386,15 +386,17 @@ static int parsedate(const char *date, time_t *output)
+       /* a digit */
+       int val;
+       char *end;
++      int len=0;
+       if((secnum == -1) &&
+-         (3 == sscanf(date, "%02d:%02d:%02d", &hournum, &minnum, &secnum))) {
++         (3 == sscanf(date, "%02d:%02d:%02d%n",
++                      &hournum, &minnum, &secnum, &len))) {
+         /* time stamp! */
+-        date += 8;
++        date += len;
+       }
+       else if((secnum == -1) &&
+-              (2 == sscanf(date, "%02d:%02d", &hournum, &minnum))) {
++              (2 == sscanf(date, "%02d:%02d%n", &hournum, &minnum, &len))) {
+         /* time stamp without seconds */
+-        date += 5;
++        date += len;
+         secnum = 0;
+       }
+       else {
+diff --git a/tests/data/test517 b/tests/data/test517
+index c81a45e..513634f 100644
+--- a/tests/data/test517
++++ b/tests/data/test517
+@@ -116,6 +116,12 @@ nothing
+ 81: 20111323 12:34:56 => -1
+ 82: 20110623 12:34:79 => -1
+ 83: Wed, 31 Dec 2008 23:59:60 GMT => 1230768000
++84: 20110623 12:3 => 1308830580
++85: 20110623 1:3 => 1308790980
++86: 20110623 1:30 => 1308792600
++87: 20110623 12:12:3 => 1308831123
++88: 20110623 01:12:3 => 1308791523
++89: 20110623 01:99:30 => -1
+ </stdout>
+ 
+ # This test case previously tested an overflow case ("2094 Nov 6 =>
+diff --git a/tests/libtest/lib517.c b/tests/libtest/lib517.c
+index 2f68ebd..22162ff 100644
+--- a/tests/libtest/lib517.c
++++ b/tests/libtest/lib517.c
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -116,6 +116,12 @@ static const char * const dates[]={
+   "20111323 12:34:56",
+   "20110623 12:34:79",
+   "Wed, 31 Dec 2008 23:59:60 GMT", /* leap second */
++  "20110623 12:3",
++  "20110623 1:3",
++  "20110623 1:30",
++  "20110623 12:12:3",
++  "20110623 01:12:3",
++  "20110623 01:99:30",
+   NULL
+ };
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8622.patch b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
new file mode 100644
index 0000000..aedc85b
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8622.patch
@@ -0,0 +1,95 @@
+From 53e71e47d6b81650d26ec33a58d0dca24c7ffb2c Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 18:56:45 +0200
+Subject: [PATCH] unescape: avoid integer overflow
+
+CVE: CVE-2016-8622
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102H.html
+Reported-by: Cure53
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/docs/libcurl/curl_easy_unescape.3 b/docs/libcurl/curl_easy_unescape.3
+--- a/docs/libcurl/curl_easy_unescape.3	2016-02-03 00:08:02.000000000 +0100
++++ b/docs/libcurl/curl_easy_unescape.3	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+ .\" *                            | (__| |_| |  _ <| |___
+ .\" *                             \___|\___/|_| \_\_____|
+ .\" *
+-.\" * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++.\" * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+ .\" *
+ .\" * This software is licensed as described in the file COPYING, which
+ .\" * you should have received as part of this distribution. The terms
+@@ -40,7 +40,10 @@
+ 
+ If \fBoutlength\fP is non-NULL, the function will write the length of the
+ returned string in the integer it points to. This allows an escaped string
+-containing %00 to still get used properly after unescaping.
++containing %00 to still get used properly after unescaping. Since this is a
++pointer to an \fIint\fP type, it can only return a value up to INT_MAX so no
++longer string can be unescaped if the string length is returned in this
++parameter.
+ 
+ You must \fIcurl_free(3)\fP the returned string when you're done with it.
+ .SH AVAILABILITY
+diff -ruN a/lib/dict.c b/lib/dict.c
+--- a/lib/dict.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/dict.c	2016-11-07 09:25:45.999933275 +0100
+@@ -5,7 +5,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -52,7 +52,7 @@
+ #include <curl/curl.h>
+ #include "transfer.h"
+ #include "sendf.h"
+-
++#include "escape.h"
+ #include "progress.h"
+ #include "strequal.h"
+ #include "dict.h"
+@@ -96,12 +96,12 @@
+   char *newp;
+   char *dictp;
+   char *ptr;
+-  int len;
++  size_t len;
+   char ch;
+   int olen=0;
+ 
+-  newp = curl_easy_unescape(data, inputbuff, 0, &len);
+-  if(!newp)
++  CURLcode result = Curl_urldecode(data, inputbuff, 0, &newp, &len, FALSE);
++  if(!newp || result)
+     return NULL;
+ 
+   dictp = malloc(((size_t)len)*2 + 1); /* add one for terminating zero */
+diff -ruN a/lib/escape.c b/lib/escape.c
+--- a/lib/escape.c	2016-02-05 10:02:03.000000000 +0100
++++ b/lib/escape.c	2016-11-07 09:29:43.073671606 +0100
+@@ -217,8 +217,14 @@
+                                 FALSE);
+   if(res)
+     return NULL;
+-  if(olen)
+-    *olen = curlx_uztosi(outputlen);
++
++    if(olen) {
++      if(outputlen <= (size_t) INT_MAX)
++        *olen = curlx_uztosi(outputlen);
++      else
++        /* too large to return in an int, fail! */
++        Curl_safefree(str);
++    }
+   return str;
+ }
+ 
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8623.patch b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
new file mode 100644
index 0000000..e791ecd
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8623.patch
@@ -0,0 +1,174 @@
+From c5be3d7267c725dbd093ff3a883e07ee8cf2a1d5 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 4 Oct 2016 23:26:13 +0200
+Subject: [PATCH] cookies: getlist() now holds deep copies of all cookies
+
+Previously it only held references to them, which was reckless as the
+thread lock was released so the cookies could get modified by other
+handles that share the same cookie jar over the share interface.
+
+CVE: CVE-2016-8623
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102I.html
+Reported-by: Cure53
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/cookie.c | 61 +++++++++++++++++++++++++++++++++++++++---------------------
+ lib/cookie.h |  4 ++--
+ lib/http.c   |  2 +-
+ 3 files changed, 43 insertions(+), 24 deletions(-)
+
+diff --git a/lib/cookie.c b/lib/cookie.c
+index 0f05da2..8607ce3 100644
+--- a/lib/cookie.c
++++ b/lib/cookie.c
+@@ -1024,6 +1024,40 @@ static int cookie_sort(const void *p1, const void *p2)
+   return 0;
+ }
+ 
++#define CLONE(field)                     \
++  do {                                   \
++    if(src->field) {                     \
++      dup->field = strdup(src->field);   \
++      if(!dup->field)                    \
++        goto fail;                       \
++    }                                    \
++  } while(0)
++
++static struct Cookie *dup_cookie(struct Cookie *src)
++{
++  struct Cookie *dup = calloc(sizeof(struct Cookie), 1);
++  if(dup) {
++    CLONE(expirestr);
++    CLONE(domain);
++    CLONE(path);
++    CLONE(spath);
++    CLONE(name);
++    CLONE(value);
++    CLONE(maxage);
++    CLONE(version);
++    dup->expires = src->expires;
++    dup->tailmatch = src->tailmatch;
++    dup->secure = src->secure;
++    dup->livecookie = src->livecookie;
++    dup->httponly = src->httponly;
++  }
++  return dup;
++
++  fail:
++  freecookie(dup);
++  return NULL;
++}
++
+ /*****************************************************************************
+  *
+  * Curl_cookie_getlist()
+@@ -1079,11 +1113,8 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           /* and now, we know this is a match and we should create an
+              entry for the return-linked-list */
+ 
+-          newco = malloc(sizeof(struct Cookie));
++          newco = dup_cookie(co);
+           if(newco) {
+-            /* first, copy the whole source cookie: */
+-            memcpy(newco, co, sizeof(struct Cookie));
+-
+             /* then modify our next */
+             newco->next = mainco;
+ 
+@@ -1095,12 +1126,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+           else {
+             fail:
+             /* failure, clear up the allocated chain and return NULL */
+-            while(mainco) {
+-              co = mainco->next;
+-              free(mainco);
+-              mainco = co;
+-            }
+-
++            Curl_cookie_freelist(mainco);
+             return NULL;
+           }
+         }
+@@ -1152,7 +1178,7 @@ struct Cookie *Curl_cookie_getlist(struct CookieInfo *c,
+ void Curl_cookie_clearall(struct CookieInfo *cookies)
+ {
+   if(cookies) {
+-    Curl_cookie_freelist(cookies->cookies, TRUE);
++    Curl_cookie_freelist(cookies->cookies);
+     cookies->cookies = NULL;
+     cookies->numcookies = 0;
+   }
+@@ -1164,21 +1190,14 @@ void Curl_cookie_clearall(struct CookieInfo *cookies)
+  *
+  * Free a list of cookies previously returned by Curl_cookie_getlist();
+  *
+- * The 'cookiestoo' argument tells this function whether to just free the
+- * list or actually also free all cookies within the list as well.
+- *
+  ****************************************************************************/
+ 
+-void Curl_cookie_freelist(struct Cookie *co, bool cookiestoo)
++void Curl_cookie_freelist(struct Cookie *co)
+ {
+   struct Cookie *next;
+   while(co) {
+     next = co->next;
+-    if(cookiestoo)
+-      freecookie(co);
+-    else
+-      free(co); /* we only free the struct since the "members" are all just
+-                   pointed out in the main cookie list! */
++    freecookie(co);
+     co = next;
+   }
+ }
+@@ -1233,7 +1252,7 @@ void Curl_cookie_cleanup(struct CookieInfo *c)
+ {
+   if(c) {
+     free(c->filename);
+-    Curl_cookie_freelist(c->cookies, TRUE);
++    Curl_cookie_freelist(c->cookies);
+     free(c); /* free the base struct as well */
+   }
+ }
+diff --git a/lib/cookie.h b/lib/cookie.h
+index cd7c54a..a9a4578 100644
+--- a/lib/cookie.h
++++ b/lib/cookie.h
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2011, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -82,7 +82,7 @@ struct Cookie *Curl_cookie_add(struct Curl_easy *data,
+ 
+ struct Cookie *Curl_cookie_getlist(struct CookieInfo *, const char *,
+                                    const char *, bool);
+-void Curl_cookie_freelist(struct Cookie *cookies, bool cookiestoo);
++void Curl_cookie_freelist(struct Cookie *cookies);
+ void Curl_cookie_clearall(struct CookieInfo *cookies);
+ void Curl_cookie_clearsess(struct CookieInfo *cookies);
+ 
+diff --git a/lib/http.c b/lib/http.c
+index 65c145a..e6e7d37 100644
+--- a/lib/http.c
++++ b/lib/http.c
+@@ -2384,7 +2384,7 @@ CURLcode Curl_http(struct connectdata *conn, bool *done)
+         }
+         co = co->next; /* next cookie please */
+       }
+-      Curl_cookie_freelist(store, FALSE); /* free the cookie list */
++      Curl_cookie_freelist(store);
+     }
+     if(addcookies && !result) {
+       if(!count)
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8624.patch b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
new file mode 100644
index 0000000..fb62282
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8624.patch
@@ -0,0 +1,55 @@
+From 3bb273db7e40ebc284cff45f3ce3f0475c8339c2 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Tue, 11 Oct 2016 00:48:35 +0200
+Subject: [PATCH] urlparse: accept '#' as end of host name
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+'http://example.com#@127.0.0.1/x.txt' equals a request to example.com
+for the '/' document with the rest of the URL being a fragment.
+
+CVE: CVE-2016-8624
+
+Upstream-Status: Backport
+
+Bug: https://curl.haxx.se/docs/adv_20161102J.html
+Reported-by: Fernando Muñoz
+
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-07 08:50:23.030126833 +0100
++++ b/lib/url.c	2016-11-07 10:16:13.562089428 +0100
+@@ -4086,7 +4086,7 @@
+     path[0]=0;
+ 
+     if(2 > sscanf(data->change.url,
+-                   "%15[^\n:]://%[^\n/?]%[^\n]",
++                   "%15[^\n:]://%[^\n/?#]%[^\n]",
+                    protobuf,
+                    conn->host.name, path)) {
+ 
+@@ -4094,7 +4094,7 @@
+        * The URL was badly formatted, let's try the browser-style _without_
+        * protocol specified like 'http://'.
+        */
+-      rc = sscanf(data->change.url, "%[^\n/?]%[^\n]", conn->host.name, path);
++      rc = sscanf(data->change.url, "%[^\n/?#]%[^\n]", conn->host.name, path);
+       if(1 > rc) {
+         /*
+          * We couldn't even get this format.
+@@ -4184,10 +4184,10 @@
+   }
+ 
+   /* If the URL is malformatted (missing a '/' after hostname before path) we
+-   * insert a slash here. The only letter except '/' we accept to start a path
+-   * is '?'.
++   * insert a slash here. The only letters except '/' that can start a path is
++   * '?' and '#' - as controlled by the two sscanf() patterns above.
+    */
+-  if(path[0] == '?') {
++  if(path[0] != '/') {
+     /* We need this function to deal with overlapping memory areas. We know
+        that the memory area 'path' points to is 'urllen' bytes big and that
+        is bigger than the path. Use +1 to move the zero byte too. */
diff --git a/meta/recipes-support/curl/curl/CVE-2016-8625.patch b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
new file mode 100644
index 0000000..0aac977
--- /dev/null
+++ b/meta/recipes-support/curl/curl/CVE-2016-8625.patch
@@ -0,0 +1,580 @@
+diff -ruN a/CMakeLists.txt b/CMakeLists.txt
+--- a/CMakeLists.txt	2016-02-03 00:08:44.000000000 +0100
++++ b/CMakeLists.txt	2016-11-08 13:05:14.055757175 +0100
+@@ -440,7 +440,7 @@
+ endif()
+ 
+ # Check for idn
+-check_library_exists_concat("idn" idna_to_ascii_lz HAVE_LIBIDN)
++check_library_exists_concat("idn2" idn2_lookup_ul HAVE_LIBIDN2)
+ 
+ # Check for symbol dlopen (same as HAVE_LIBDL)
+ check_library_exists("${CURL_LIBS}" dlopen "" HAVE_DLOPEN)
+@@ -608,7 +608,7 @@
+ check_include_file_concat("err.h"            HAVE_ERR_H)
+ check_include_file_concat("errno.h"          HAVE_ERRNO_H)
+ check_include_file_concat("fcntl.h"          HAVE_FCNTL_H)
+-check_include_file_concat("idn-free.h"       HAVE_IDN_FREE_H)
++check_include_file_concat("idn2.h"           HAVE_IDN2_H)
+ check_include_file_concat("ifaddrs.h"        HAVE_IFADDRS_H)
+ check_include_file_concat("io.h"             HAVE_IO_H)
+ check_include_file_concat("krb.h"            HAVE_KRB_H)
+@@ -638,7 +638,6 @@
+ check_include_file_concat("termio.h"         HAVE_TERMIO_H)
+ check_include_file_concat("termios.h"        HAVE_TERMIOS_H)
+ check_include_file_concat("time.h"           HAVE_TIME_H)
+-check_include_file_concat("tld.h"            HAVE_TLD_H)
+ check_include_file_concat("unistd.h"         HAVE_UNISTD_H)
+ check_include_file_concat("utime.h"          HAVE_UTIME_H)
+ check_include_file_concat("x509.h"           HAVE_X509_H)
+@@ -652,9 +651,6 @@
+ check_include_file_concat("stdint.h"        HAVE_STDINT_H)
+ check_include_file_concat("sockio.h"        HAVE_SOCKIO_H)
+ check_include_file_concat("sys/utsname.h"   HAVE_SYS_UTSNAME_H)
+-check_include_file_concat("idna.h"          HAVE_IDNA_H)
+-
+-
+ 
+ check_type_size(size_t  SIZEOF_SIZE_T)
+ check_type_size(ssize_t  SIZEOF_SSIZE_T)
+@@ -802,9 +798,6 @@
+ check_symbol_exists(ftruncate      "${CURL_INCLUDES}" HAVE_FTRUNCATE)
+ check_symbol_exists(getprotobyname "${CURL_INCLUDES}" HAVE_GETPROTOBYNAME)
+ check_symbol_exists(getrlimit      "${CURL_INCLUDES}" HAVE_GETRLIMIT)
+-check_symbol_exists(idn_free       "${CURL_INCLUDES}" HAVE_IDN_FREE)
+-check_symbol_exists(idna_strerror  "${CURL_INCLUDES}" HAVE_IDNA_STRERROR)
+-check_symbol_exists(tld_strerror   "${CURL_INCLUDES}" HAVE_TLD_STRERROR)
+ check_symbol_exists(setlocale      "${CURL_INCLUDES}" HAVE_SETLOCALE)
+ check_symbol_exists(setrlimit      "${CURL_INCLUDES}" HAVE_SETRLIMIT)
+ check_symbol_exists(fcntl          "${CURL_INCLUDES}" HAVE_FCNTL)
+@@ -1067,7 +1060,7 @@
+ _add_if("unix-sockets"  USE_UNIX_SOCKETS)
+ _add_if("libz"          HAVE_LIBZ)
+ _add_if("AsynchDNS"     USE_ARES OR USE_THREADS_POSIX)
+-_add_if("IDN"           HAVE_LIBIDN)
++_add_if("IDN"           HAVE_LIBIDN2)
+ # TODO SSP1 (WinSSL) check is missing
+ _add_if("SSPI"          USE_WINDOWS_SSPI)
+ _add_if("GSS-API"       HAVE_GSSAPI)
+diff -ruN a/configure.ac b/configure.ac
+--- a/configure.ac	2016-11-08 11:36:12.569919895 +0100
++++ b/configure.ac	2016-11-08 13:05:14.059756325 +0100
+@@ -157,7 +157,7 @@
+     curl_res_msg="default (--enable-ares / --enable-threaded-resolver)"
+    curl_ipv6_msg="no      (--enable-ipv6)"
+ curl_unix_sockets_msg="no      (--enable-unix-sockets)"
+-    curl_idn_msg="no      (--with-{libidn,winidn})"
++    curl_idn_msg="no      (--with-{libidn2,winidn})"
+  curl_manual_msg="no      (--enable-manual)"
+ curl_libcurl_msg="enabled (--disable-libcurl-option)"
+ curl_verbose_msg="enabled (--disable-verbose)"
+@@ -2825,15 +2825,15 @@
+ dnl Check for the presence of IDN libraries and headers
+ dnl **********************************************************************
+ 
+-AC_MSG_CHECKING([whether to build with libidn])
++AC_MSG_CHECKING([whether to build with libidn2])
+ OPT_IDN="default"
+ AC_ARG_WITH(libidn,
+-AC_HELP_STRING([--with-libidn=PATH],[Enable libidn usage])
+-AC_HELP_STRING([--without-libidn],[Disable libidn usage]),
++AC_HELP_STRING([--with-libidn2=PATH],[Enable libidn2 usage])
++AC_HELP_STRING([--without-libidn2],[Disable libidn2 usage]),
+   [OPT_IDN=$withval])
+ case "$OPT_IDN" in
+   no)
+-    dnl --without-libidn option used
++    dnl --without-libidn2 option used
+     want_idn="no"
+     AC_MSG_RESULT([no])
+     ;;
+@@ -2844,13 +2844,13 @@
+     AC_MSG_RESULT([(assumed) yes])
+     ;;
+   yes)
+-    dnl --with-libidn option used without path
++    dnl --with-libidn2 option used without path
+     want_idn="yes"
+     want_idn_path="default"
+     AC_MSG_RESULT([yes])
+     ;;
+   *)
+-    dnl --with-libidn option used with path
++    dnl --with-libidn2 option used with path
+     want_idn="yes"
+     want_idn_path="$withval"
+     AC_MSG_RESULT([yes ($withval)])
+@@ -2867,33 +2867,33 @@
+   if test "$want_idn_path" != "default"; then
+     dnl path has been specified
+     IDN_PCDIR="$want_idn_path/lib$libsuff/pkgconfig"
+-    CURL_CHECK_PKGCONFIG(libidn, [$IDN_PCDIR])
++    CURL_CHECK_PKGCONFIG(libidn2, [$IDN_PCDIR])
+     if test "$PKGCONFIG" != "no"; then
+       IDN_LIBS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-l libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-l libidn2 2>/dev/null`
+       IDN_LDFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --libs-only-L libidn 2>/dev/null`
++        $PKGCONFIG --libs-only-L libidn2 2>/dev/null`
+       IDN_CPPFLAGS=`CURL_EXPORT_PCDIR([$IDN_PCDIR]) dnl
+-        $PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++        $PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+       IDN_LDFLAGS="-L$want_idn_path/lib$libsuff"
+       IDN_CPPFLAGS="-I$want_idn_path/include"
+       IDN_DIR="$want_idn_path/lib$libsuff"
+     fi
+   else
+     dnl path not specified
+-    CURL_CHECK_PKGCONFIG(libidn)
++    CURL_CHECK_PKGCONFIG(libidn2)
+     if test "$PKGCONFIG" != "no"; then
+-      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn 2>/dev/null`
+-      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn 2>/dev/null`
+-      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn 2>/dev/null`
++      IDN_LIBS=`$PKGCONFIG --libs-only-l libidn2 2>/dev/null`
++      IDN_LDFLAGS=`$PKGCONFIG --libs-only-L libidn2 2>/dev/null`
++      IDN_CPPFLAGS=`$PKGCONFIG --cflags-only-I libidn2 2>/dev/null`
+       IDN_DIR=`echo $IDN_LDFLAGS | $SED -e 's/-L//'`
+     else
+       dnl pkg-config not available or provides no info
+-      IDN_LIBS="-lidn"
++      IDN_LIBS="-lidn2"
+     fi
+   fi
+   #
+@@ -2913,9 +2913,9 @@
+   LDFLAGS="$IDN_LDFLAGS $LDFLAGS"
+   LIBS="$IDN_LIBS $LIBS"
+   #
+-  AC_MSG_CHECKING([if idna_to_ascii_4i can be linked])
++  AC_MSG_CHECKING([if idn2_lookup_ul can be linked])
+   AC_LINK_IFELSE([
+-    AC_LANG_FUNC_LINK_TRY([idna_to_ascii_4i])
++    AC_LANG_FUNC_LINK_TRY([idn2_lookup_ul])
+   ],[
+     AC_MSG_RESULT([yes])
+     tst_links_libidn="yes"
+@@ -2923,37 +2923,19 @@
+     AC_MSG_RESULT([no])
+     tst_links_libidn="no"
+   ])
+-  if test "$tst_links_libidn" = "no"; then
+-    AC_MSG_CHECKING([if idna_to_ascii_lz can be linked])
+-    AC_LINK_IFELSE([
+-      AC_LANG_FUNC_LINK_TRY([idna_to_ascii_lz])
+-    ],[
+-      AC_MSG_RESULT([yes])
+-      tst_links_libidn="yes"
+-    ],[
+-      AC_MSG_RESULT([no])
+-      tst_links_libidn="no"
+-    ])
+-  fi
+   #
++  AC_CHECK_HEADERS( idn2.h )
++
+   if test "$tst_links_libidn" = "yes"; then
+-    AC_DEFINE(HAVE_LIBIDN, 1, [Define to 1 if you have the `idn' library (-lidn).])
++    AC_DEFINE(HAVE_LIBIDN2, 1, [Define to 1 if you have the `idn2' library (-lidn2).])
+     dnl different versions of libidn have different setups of these:
+-    AC_CHECK_FUNCS( idn_free idna_strerror tld_strerror )
+-    AC_CHECK_HEADERS( idn-free.h tld.h )
+-    if test "x$ac_cv_header_tld_h" = "xyes"; then
+-      AC_SUBST([IDN_ENABLED], [1])
+-      curl_idn_msg="enabled"
+-      if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
+-        LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
+-        export LD_LIBRARY_PATH
+-        AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+-      fi
+-    else
+-      AC_MSG_WARN([Libraries for IDN support too old: IDN disabled])
+-      CPPFLAGS="$clean_CPPFLAGS"
+-      LDFLAGS="$clean_LDFLAGS"
+-      LIBS="$clean_LIBS"
++
++    AC_SUBST([IDN_ENABLED], [1])
++    curl_idn_msg="enabled (libidn2)"
++    if test -n "$IDN_DIR" -a "x$cross_compiling" != "xyes"; then
++      LD_LIBRARY_PATH="$LD_LIBRARY_PATH:$IDN_DIR"
++      export LD_LIBRARY_PATH
++      AC_MSG_NOTICE([Added $IDN_DIR to LD_LIBRARY_PATH])
+     fi
+   else
+     AC_MSG_WARN([Cannot find libraries for IDN support: IDN disabled])
+diff -ruN a/lib/curl_setup.h b/lib/curl_setup.h
+--- a/lib/curl_setup.h	2016-02-04 23:00:56.000000000 +0100
++++ b/lib/curl_setup.h	2016-11-08 13:05:14.059756325 +0100
+@@ -590,10 +590,9 @@
+ #endif
+ #endif
+ 
+-#if defined(HAVE_LIBIDN) && defined(HAVE_TLD_H)
+-/* The lib was present and the tld.h header (which is missing in libidn 0.3.X
+-   but we only work with libidn 0.4.1 or later) */
+-#define USE_LIBIDN
++#if defined(HAVE_LIBIDN2) && defined(HAVE_IDN2_H)
++/* The lib and header are present */
++#define USE_LIBIDN2
+ #endif
+ 
+ #ifndef SIZEOF_TIME_T
+diff -ruN a/lib/easy.c b/lib/easy.c
+--- a/lib/easy.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/easy.c	2016-11-08 13:05:14.063755476 +0100
+@@ -144,28 +144,6 @@
+   return CURLE_OK;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Initialise use of IDNA library.
+- * It falls back to ASCII if $CHARSET isn't defined. This doesn't work for
+- * idna_to_ascii_lz().
+- */
+-static void idna_init (void)
+-{
+-#ifdef WIN32
+-  char buf[60];
+-  UINT cp = GetACP();
+-
+-  if(!getenv("CHARSET") && cp > 0) {
+-    snprintf(buf, sizeof(buf), "CHARSET=cp%u", cp);
+-    putenv(buf);
+-  }
+-#else
+-  /* to do? */
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ /* true globals -- for curl_global_init() and curl_global_cleanup() */
+ static unsigned int  initialized;
+ static long          init_flags;
+@@ -262,10 +240,6 @@
+   }
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-  idna_init();
+-#endif
+-
+   if(Curl_resolver_global_init()) {
+     DEBUGF(fprintf(stderr, "Error: resolver_global_init failed\n"));
+     return CURLE_FAILED_INIT;
+diff -ruN a/lib/strerror.c b/lib/strerror.c
+--- a/lib/strerror.c	2016-02-04 15:49:31.000000000 +0100
++++ b/lib/strerror.c	2016-11-08 13:05:14.063755476 +0100
+@@ -35,8 +35,8 @@
+ 
+ #include <curl/curl.h>
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_WINDOWS_SSPI
+@@ -723,83 +723,6 @@
+   return buf;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Return error-string for libidn status as returned from idna_to_ascii_lz().
+- */
+-const char *Curl_idn_strerror (struct connectdata *conn, int err)
+-{
+-#ifdef HAVE_IDNA_STRERROR
+-  (void)conn;
+-  return idna_strerror((Idna_rc) err);
+-#else
+-  const char *str;
+-  char *buf;
+-  size_t max;
+-
+-  DEBUGASSERT(conn);
+-
+-  buf = conn->syserr_buf;
+-  max = sizeof(conn->syserr_buf)-1;
+-  *buf = '\0';
+-
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  switch ((Idna_rc)err) {
+-    case IDNA_SUCCESS:
+-      str = "No error";
+-      break;
+-    case IDNA_STRINGPREP_ERROR:
+-      str = "Error in string preparation";
+-      break;
+-    case IDNA_PUNYCODE_ERROR:
+-      str = "Error in Punycode operation";
+-      break;
+-    case IDNA_CONTAINS_NON_LDH:
+-      str = "Illegal ASCII characters";
+-      break;
+-    case IDNA_CONTAINS_MINUS:
+-      str = "Contains minus";
+-      break;
+-    case IDNA_INVALID_LENGTH:
+-      str = "Invalid output length";
+-      break;
+-    case IDNA_NO_ACE_PREFIX:
+-      str = "No ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ROUNDTRIP_VERIFY_ERROR:
+-      str = "Round trip verify error";
+-      break;
+-    case IDNA_CONTAINS_ACE_PREFIX:
+-      str = "Already have ACE prefix (\"xn--\")";
+-      break;
+-    case IDNA_ICONV_ERROR:
+-      str = "Locale conversion failed";
+-      break;
+-    case IDNA_MALLOC_ERROR:
+-      str = "Allocation failed";
+-      break;
+-    case IDNA_DLOPEN_ERROR:
+-      str = "dlopen() error";
+-      break;
+-    default:
+-      snprintf(buf, max, "error %d", err);
+-      str = NULL;
+-      break;
+-  }
+-#else
+-  if((Idna_rc)err == IDNA_SUCCESS)
+-    str = "No error";
+-  else
+-    str = "Error";
+-#endif
+-  if(str)
+-    strncpy(buf, str, max);
+-  buf[max] = '\0';
+-  return (buf);
+-#endif
+-}
+-#endif  /* USE_LIBIDN */
+-
+ #ifdef USE_WINDOWS_SSPI
+ const char *Curl_sspi_strerror (struct connectdata *conn, int err)
+ {
+diff -ruN a/lib/strerror.h b/lib/strerror.h
+--- a/lib/strerror.h	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/strerror.h	2016-11-08 13:05:14.063755476 +0100
+@@ -7,7 +7,7 @@
+  *                            | (__| |_| |  _ <| |___
+  *                             \___|\___/|_| \_\_____|
+  *
+- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
++ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
+  *
+  * This software is licensed as described in the file COPYING, which
+  * you should have received as part of this distribution. The terms
+@@ -26,7 +26,7 @@
+ 
+ const char *Curl_strerror (struct connectdata *conn, int err);
+ 
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+ const char *Curl_idn_strerror (struct connectdata *conn, int err);
+ #endif
+ 
+diff -ruN a/lib/url.c b/lib/url.c
+--- a/lib/url.c	2016-11-08 11:36:14.789448511 +0100
++++ b/lib/url.c	2016-11-08 14:28:29.402683080 +0100
+@@ -59,24 +59,15 @@
+ #include <limits.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <idna.h>
+-#include <tld.h>
+-#include <stringprep.h>
+-#ifdef HAVE_IDN_FREE_H
+-#include <idn-free.h>
+-#else
+-/* prototype from idn-free.h, not provided by libidn 0.4.5's make install! */
+-void idn_free (void *ptr);
+-#endif
+-#ifndef HAVE_IDN_FREE
+-/* if idn_free() was not found in this version of libidn use free() instead */
+-#define idn_free(x) (free)(x)
+-#endif
++#ifdef USE_LIBIDN2
++#include <idn2.h>
++
+ #elif defined(USE_WIN32_IDN)
+ /* prototype for curl_win32_idn_to_ascii() */
+ int curl_win32_idn_to_ascii(const char *in, char **out);
+-#endif  /* USE_LIBIDN */
++#endif  /* USE_LIBIDN2 */
++
++#include <idn2.h>
+ 
+ #include "urldata.h"
+ #include "netrc.h"
+@@ -3693,59 +3684,15 @@
+   return TRUE;
+ }
+ 
+-#ifdef USE_LIBIDN
+-/*
+- * Check if characters in hostname is allowed in Top Level Domain.
+- */
+-static bool tld_check_name(struct SessionHandle *data,
+-                           const char *ace_hostname)
+-{
+-  size_t err_pos;
+-  char *uc_name = NULL;
+-  int rc;
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-  const char *tld_errmsg = "<no msg>";
+-#else
+-  (void)data;
+-#endif
+-
+-  /* Convert (and downcase) ACE-name back into locale's character set */
+-  rc = idna_to_unicode_lzlz(ace_hostname, &uc_name, 0);
+-  if(rc != IDNA_SUCCESS)
+-    return FALSE;
+-
+-  rc = tld_check_lz(uc_name, &err_pos, NULL);
+-#ifndef CURL_DISABLE_VERBOSE_STRINGS
+-#ifdef HAVE_TLD_STRERROR
+-  if(rc != TLD_SUCCESS)
+-    tld_errmsg = tld_strerror((Tld_rc)rc);
+-#endif
+-  if(rc == TLD_INVALID)
+-    infof(data, "WARNING: %s; pos %u = `%c'/0x%02X\n",
+-          tld_errmsg, err_pos, uc_name[err_pos],
+-          uc_name[err_pos] & 255);
+-  else if(rc != TLD_SUCCESS)
+-    infof(data, "WARNING: TLD check for %s failed; %s\n",
+-          uc_name, tld_errmsg);
+-#endif /* CURL_DISABLE_VERBOSE_STRINGS */
+-  if(uc_name)
+-     idn_free(uc_name);
+-  if(rc != TLD_SUCCESS)
+-    return FALSE;
+-
+-  return TRUE;
+-}
+-#endif
+-
+ /*
+  * Perform any necessary IDN conversion of hostname
+  */
+-static void fix_hostname(struct SessionHandle *data,
+-                         struct connectdata *conn, struct hostname *host)
++static void fix_hostname(struct connectdata *conn, struct hostname *host)
+ {
+   size_t len;
++  struct Curl_easy *data = conn->data;
+ 
+-#ifndef USE_LIBIDN
++#ifndef USE_LIBIDN2
+   (void)data;
+   (void)conn;
+ #elif defined(CURL_DISABLE_VERBOSE_STRINGS)
+@@ -3762,24 +3709,15 @@
+     host->name[len-1]=0;
+ 
+   if(!is_ASCII_name(host->name)) {
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+   /*************************************************************
+    * Check name for non-ASCII and convert hostname to ACE form.
+    *************************************************************/
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
++  if(stringprep_check_version(IDN2_VERSION)) {
+     char *ace_hostname = NULL;
+-    int rc = idna_to_ascii_lz(host->name, &ace_hostname, 0);
+-    infof (data, "Input domain encoded as `%s'\n",
+-           stringprep_locale_charset ());
+-    if(rc != IDNA_SUCCESS)
+-      infof(data, "Failed to convert %s to ACE; %s\n",
+-            host->name, Curl_idn_strerror(conn, rc));
+-    else {
+-      /* tld_check_name() displays a warning if the host name contains
+-         "illegal" characters for this TLD */
+-      (void)tld_check_name(data, ace_hostname);
+-
+-      host->encalloc = ace_hostname;
++      int rc = idn2_lookup_ul((const char *)host->name, &ace_hostname, 0);
++      if(rc == IDN2_OK) {
++        host->encalloc = (char *)ace_hostname;
+       /* change the name pointer to point to the encoded hostname */
+       host->name = host->encalloc;
+     }
+@@ -3809,9 +3747,9 @@
+  */
+ static void free_fixed_hostname(struct hostname *host)
+ {
+-#if defined(USE_LIBIDN)
++#if defined(USE_LIBIDN2)
+   if(host->encalloc) {
+-    idn_free(host->encalloc); /* must be freed with idn_free() since this was
++    idn2_free(host->encalloc); /* must be freed with idn2_free() since this was
+                                  allocated by libidn */
+     host->encalloc = NULL;
+   }
+@@ -5708,9 +5646,9 @@
+   /*************************************************************
+    * IDN-fix the hostnames
+    *************************************************************/
+-  fix_hostname(data, conn, &conn->host);
++  fix_hostname(conn, &conn->host);
+   if(conn->proxy.name && *conn->proxy.name)
+-    fix_hostname(data, conn, &conn->proxy);
++    fix_hostname(conn, &conn->proxy);
+ 
+   /*************************************************************
+    * Setup internals depending on protocol. Needs to be done after
+diff -ruN a/lib/version.c b/lib/version.c
+--- a/lib/version.c	2016-02-03 00:02:44.000000000 +0100
++++ b/lib/version.c	2016-11-08 13:05:14.071753778 +0100
+@@ -36,8 +36,8 @@
+ #  include <ares.h>
+ #endif
+ 
+-#ifdef USE_LIBIDN
+-#include <stringprep.h>
++#ifdef USE_LIBIDN2
++#include <idn2.h>
+ #endif
+ 
+ #ifdef USE_LIBPSL
+@@ -97,9 +97,9 @@
+   left -= len;
+   ptr += len;
+ #endif
+-#ifdef USE_LIBIDN
+-  if(stringprep_check_version(LIBIDN_REQUIRED_VERSION)) {
+-    len = snprintf(ptr, left, " libidn/%s", stringprep_check_version(NULL));
++#ifdef USE_LIBIDN2
++  if(idn2_check_version(IDN2_VERSION)) {
++    len = snprintf(ptr, left, " libidn2/%s", idn2_check_version(NULL));
+     left -= len;
+     ptr += len;
+   }
+@@ -344,10 +344,10 @@
+     version_info.ares_num = aresnum;
+   }
+ #endif
+-#ifdef USE_LIBIDN
++#ifdef USE_LIBIDN2
+   /* This returns a version string if we use the given version or later,
+      otherwise it returns NULL */
+-  version_info.libidn = stringprep_check_version(LIBIDN_REQUIRED_VERSION);
++  version_info.libidn = idn2_check_version(IDN2_VERSION);
+   if(version_info.libidn)
+     version_info.features |= CURL_VERSION_IDN;
+ #elif defined(USE_WIN32_IDN)
diff --git a/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
new file mode 100644
index 0000000..7e2287d
--- /dev/null
+++ b/meta/recipes-support/curl/curl/url-remove-unconditional-idn2.h-include.patch
@@ -0,0 +1,29 @@
+From c27013c05d99d92370b57e1a7af1b854eef4e7c1 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg <daniel@haxx.se>
+Date: Mon, 31 Oct 2016 09:49:50 +0100
+Subject: [PATCH] url: remove unconditional idn2.h include
+
+Mistake brought by 9c91ec778104a
+
+Upstream-Status: Backport
+Signed-off-by: Sona Sarmadi <sona.sarmadi@enea.com>
+---
+ lib/url.c | 2 --
+ 1 file changed, 2 deletions(-)
+
+diff --git a/lib/url.c b/lib/url.c
+index c90a1c5..b997f41 100644
+--- a/lib/url.c
++++ b/lib/url.c
+@@ -67,8 +67,6 @@
+ bool curl_win32_idn_to_ascii(const char *in, char **out);
+ #endif  /* USE_LIBIDN2 */
+ 
+-#include <idn2.h>
+-
+ #include "urldata.h"
+ #include "netrc.h"
+ 
+-- 
+1.9.1
+
diff --git a/meta/recipes-support/curl/curl_7.47.1.bb b/meta/recipes-support/curl/curl_7.47.1.bb
index 3670a11..7fab7cf 100644
--- a/meta/recipes-support/curl/curl_7.47.1.bb
+++ b/meta/recipes-support/curl/curl_7.47.1.bb
@@ -15,6 +15,18 @@ SRC_URI += " file://configure_ac.patch \
              file://CVE-2016-5420.patch \
              file://CVE-2016-5421.patch \
              file://CVE-2016-7141.patch \
+             file://CVE-2016-8615.patch \
+             file://CVE-2016-8616.patch \
+             file://CVE-2016-8617.patch \
+             file://CVE-2016-8618.patch \
+             file://CVE-2016-8619.patch \
+             file://CVE-2016-8620.patch \
+             file://CVE-2016-8621.patch \
+             file://CVE-2016-8622.patch \
+             file://CVE-2016-8623.patch \
+             file://CVE-2016-8624.patch \
+             file://CVE-2016-8625.patch \
+             file://url-remove-unconditional-idn2.h-include.patch \
            "
 
 SRC_URI[md5sum] = "9ea3123449439bbd960cd25cf98796fb"
-- 
1.9.1



^ permalink raw reply related

* [PATCH 4/4] qemu: update run-ptest script
From: kai.kang @ 2016-11-10  7:01 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1478760924.git.kai.kang@windriver.com>

From: Kai Kang <kai.kang@windriver.com>

The Makefile in directory tests has been renamed, then update script
run-ptest to follow the change.

Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
 meta/recipes-devtools/qemu/qemu/run-ptest | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/meta/recipes-devtools/qemu/qemu/run-ptest b/meta/recipes-devtools/qemu/qemu/run-ptest
index f4b8e97..2206b31 100644
--- a/meta/recipes-devtools/qemu/qemu/run-ptest
+++ b/meta/recipes-devtools/qemu/qemu/run-ptest
@@ -1,8 +1,10 @@
 #!/bin/sh
 #
 #This script is used to run qemu test suites
-ptestdir=$(pwd)
-cd tests
+#
 
+ptestdir=$(dirname "$(readlink -f "$0")")
 export SRC_PATH=$ptestdir
-make -k runtest-TESTS | sed '/: OK/ s/^/PASS: /g'
+
+cd $ptestdir/tests
+make -f Makefile.include -k runtest-TESTS | sed '/: OK/ s/^/PASS: /g'
-- 
2.10.1



^ permalink raw reply related

* [PATCH 3/4] qemu: fix CVE-2016-7909
From: kai.kang @ 2016-11-10  7:01 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1478760924.git.kai.kang@windriver.com>

From: Kai Kang <kai.kang@windriver.com>

Backport patch to fix CVE-2016-7909 of qemu.

Ref:
https://security-tracker.debian.org/tracker/CVE-2016-7909

Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
 .../qemu/qemu/0004-fix-CVE-2016-7909.patch         | 42 ++++++++++++++++++++++
 meta/recipes-devtools/qemu/qemu_2.7.0.bb           |  1 +
 2 files changed, 43 insertions(+)
 create mode 100644 meta/recipes-devtools/qemu/qemu/0004-fix-CVE-2016-7909.patch

diff --git a/meta/recipes-devtools/qemu/qemu/0004-fix-CVE-2016-7909.patch b/meta/recipes-devtools/qemu/qemu/0004-fix-CVE-2016-7909.patch
new file mode 100644
index 0000000..e71bbf6
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0004-fix-CVE-2016-7909.patch
@@ -0,0 +1,42 @@
+Upstream-Status: Backport [http://git.qemu.org/?p=qemu.git;a=commit;h=34e29ce]
+CVE: CVE-2016-7909
+
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+From 34e29ce754c02bb6b3bdd244fbb85033460feaff Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Fri, 30 Sep 2016 00:27:33 +0530
+Subject: [PATCH] net: pcnet: check rx/tx descriptor ring length
+
+The AMD PC-Net II emulator has set of control and status(CSR)
+registers. Of these, CSR76 and CSR78 hold receive and transmit
+descriptor ring length respectively. This ring length could range
+from 1 to 65535. Setting ring length to zero leads to an infinite
+loop in pcnet_rdra_addr() or pcnet_transmit(). Add check to avoid it.
+
+Reported-by: Li Qiang <liqiang6-s@360.cn>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+---
+ hw/net/pcnet.c | 3 +++
+ 1 file changed, 3 insertions(+)
+
+diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
+index 198a01f..3078de8 100644
+--- a/hw/net/pcnet.c
++++ b/hw/net/pcnet.c
+@@ -1429,8 +1429,11 @@ static void pcnet_csr_writew(PCNetState *s, uint32_t rap, uint32_t new_value)
+     case 47: /* POLLINT */
+     case 72:
+     case 74:
++        break;
+     case 76: /* RCVRL */
+     case 78: /* XMTRL */
++        val = (val > 0) ? val : 512;
++        break;
+     case 112:
+        if (CSR_STOP(s) || CSR_SPND(s))
+            break;
+-- 
+2.10.1
+
diff --git a/meta/recipes-devtools/qemu/qemu_2.7.0.bb b/meta/recipes-devtools/qemu/qemu_2.7.0.bb
index a75bcdf..cef181d 100644
--- a/meta/recipes-devtools/qemu/qemu_2.7.0.bb
+++ b/meta/recipes-devtools/qemu/qemu_2.7.0.bb
@@ -12,6 +12,7 @@ SRC_URI += "file://configure-fix-Darwin-target-detection.patch \
             file://0001-virtio-zero-vq-inuse-in-virtio_reset.patch \
             file://0002-fix-CVE-2016-7423.patch \
             file://0003-fix-CVE-2016-7908.patch \
+            file://0004-fix-CVE-2016-7909.patch \
 "
 
 SRC_URI_prepend = "http://wiki.qemu-project.org/download/${BP}.tar.bz2"
-- 
2.10.1



^ permalink raw reply related

* [PATCH 2/4] glibc: fix CVE-2016-6323
From: kai.kang @ 2016-11-10  7:01 UTC (permalink / raw)
  To: openembedded-core
In-Reply-To: <cover.1478760924.git.kai.kang@windriver.com>

From: Kai Kang <kai.kang@windriver.com>

Backport patch to fix CVE-2016-6323 of glibc. And remove the section of
file ChangeLog which can't be applied.

Ref:
https://sourceware.org/bugzilla/show_bug.cgi?id=20435

Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
 ...k-__startcontext-as-.cantunwind-bug-20435.patch | 46 ++++++++++++++++++++++
 meta/recipes-core/glibc/glibc_2.24.bb              |  1 +
 2 files changed, 47 insertions(+)
 create mode 100644 meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch

diff --git a/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch
new file mode 100644
index 0000000..95067d3
--- /dev/null
+++ b/meta/recipes-core/glibc/glibc/0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch
@@ -0,0 +1,46 @@
+Backport patch to fix CVE-2016-6323 for glibc. And remove the section of
+ChangeLog which can't be applied.
+
+Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c]
+CVE: CVE-2016-6323
+Signed-off-by: Kai Kang <kai.kang@windriver.com>
+---
+From 9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617 Mon Sep 17 00:00:00 2001
+From: Andreas Schwab <schwab@suse.de>
+Date: Mon, 8 Aug 2016 09:29:18 +0200
+Subject: [PATCH] arm: mark __startcontext as .cantunwind (bug 20435)
+
+__startcontext marks the bottom of the call stack of the contexts created
+by makecontext.
+---
+ ChangeLog                                | 6 ++++++
+ sysdeps/unix/sysv/linux/arm/setcontext.S | 7 +++++++
+ 2 files changed, 13 insertions(+)
+
+diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S
+index 603e508..d1f168f 100644
+--- a/sysdeps/unix/sysv/linux/arm/setcontext.S
++++ b/sysdeps/unix/sysv/linux/arm/setcontext.S
+@@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext)
+ 
+ 	/* Called when a makecontext() context returns.  Start the
+ 	   context in R4 or fall through to exit().  */
++	/* Unwind descriptors are looked up based on PC - 2, so we have to
++	   make sure to mark the instruction preceding the __startcontext
++	   label as .cantunwind.  */
++	.fnstart
++	.cantunwind
++	nop
+ ENTRY(__startcontext)
+ 	movs    r0, r4
+ 	bne     PLTJMP(__setcontext)
+ 
+ 	@ New context was 0 - exit
+ 	b       PLTJMP(HIDDEN_JUMPTARGET(exit))
++	.fnend
+ END(__startcontext)
+ 
+ #ifdef PIC
+-- 
+2.10.1
+
diff --git a/meta/recipes-core/glibc/glibc_2.24.bb b/meta/recipes-core/glibc/glibc_2.24.bb
index f5a21b2..475c133 100644
--- a/meta/recipes-core/glibc/glibc_2.24.bb
+++ b/meta/recipes-core/glibc/glibc_2.24.bb
@@ -37,6 +37,7 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
            file://0024-eglibc-Forward-port-cross-locale-generation-support.patch \
            file://0025-Define-DUMMY_LOCALE_T-if-not-defined.patch \
            file://0026-build_local_scope.patch \
+           file://0027-arm-mark-__startcontext-as-.cantunwind-bug-20435.patch \
 "
 
 SRC_URI += "\
-- 
2.10.1



^ permalink raw reply related


This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox