diff options
Diffstat (limited to 'gnu/packages/patches')
| -rw-r--r-- | gnu/packages/patches/icu4c-CVE-2020-10531.patch | 127 | ||||
| -rw-r--r-- | gnu/packages/patches/libffi-3.3-powerpc-fixes.patch | 138 | ||||
| -rw-r--r-- | gnu/packages/patches/zziplib-CVE-2018-16548.patch | 49 |
3 files changed, 138 insertions, 176 deletions
diff --git a/gnu/packages/patches/icu4c-CVE-2020-10531.patch b/gnu/packages/patches/icu4c-CVE-2020-10531.patch deleted file mode 100644 index c2ab923bdc..0000000000 --- a/gnu/packages/patches/icu4c-CVE-2020-10531.patch +++ /dev/null @@ -1,127 +0,0 @@ -Fix CVE-2020-10531: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10531 - -Patch copied from upstream source repository (changes to the test suite -are commented out): - -https://github.com/unicode-org/icu/commit/b7d08bc04a4296982fcef8b6b8a354a9e4e7afca - -From b7d08bc04a4296982fcef8b6b8a354a9e4e7afca Mon Sep 17 00:00:00 2001 -From: Frank Tang <ftang@chromium.org> -Date: Sat, 1 Feb 2020 02:39:04 +0000 -Subject: [PATCH] ICU-20958 Prevent SEGV_MAPERR in append - -See #971 ---- - icu4c/source/common/unistr.cpp | 6 ++- - icu4c/source/test/intltest/ustrtest.cpp | 62 +++++++++++++++++++++++++ - icu4c/source/test/intltest/ustrtest.h | 1 + - 3 files changed, 68 insertions(+), 1 deletion(-) - -diff --git a/icu4c/source/common/unistr.cpp b/icu4c/source/common/unistr.cpp -index 901bb3358ba..077b4d6ef20 100644 ---- a/icu4c/source/common/unistr.cpp -+++ b/icu4c/source/common/unistr.cpp -@@ -1563,7 +1563,11 @@ UnicodeString::doAppend(const UChar *srcChars, int32_t srcStart, int32_t srcLeng - } - - int32_t oldLength = length(); -- int32_t newLength = oldLength + srcLength; -+ int32_t newLength; -+ if (uprv_add32_overflow(oldLength, srcLength, &newLength)) { -+ setToBogus(); -+ return *this; -+ } - - // Check for append onto ourself - const UChar* oldArray = getArrayStart(); -#diff --git a/icu4c/source/test/intltest/ustrtest.cpp b/icu4c/source/test/intltest/ustrtest.cpp -#index b6515ea813c..ad38bdf53a3 100644 -#--- a/icu4c/source/test/intltest/ustrtest.cpp -#+++ b/icu4c/source/test/intltest/ustrtest.cpp -#@@ -67,6 +67,7 @@ void UnicodeStringTest::runIndexedTest( int32_t index, UBool exec, const char* & -# TESTCASE_AUTO(TestWCharPointers); -# TESTCASE_AUTO(TestNullPointers); -# TESTCASE_AUTO(TestUnicodeStringInsertAppendToSelf); -#+ TESTCASE_AUTO(TestLargeAppend); -# TESTCASE_AUTO_END; -# } -# -#@@ -2310,3 +2311,64 @@ void UnicodeStringTest::TestUnicodeStringInsertAppendToSelf() { -# str.insert(2, sub); -# assertEquals("", u"abbcdcde", str); -# } -#+ -#+void UnicodeStringTest::TestLargeAppend() { -#+ if(quick) return; -#+ -#+ IcuTestErrorCode status(*this, "TestLargeAppend"); -#+ // Make a large UnicodeString -#+ int32_t len = 0xAFFFFFF; -#+ UnicodeString str; -#+ char16_t *buf = str.getBuffer(len); -#+ // A fast way to set buffer to valid Unicode. -#+ // 4E4E is a valid unicode character -#+ uprv_memset(buf, 0x4e, len * 2); -#+ str.releaseBuffer(len); -#+ UnicodeString dest; -#+ // Append it 16 times -#+ // 0xAFFFFFF times 16 is 0xA4FFFFF1, -#+ // which is greater than INT32_MAX, which is 0x7FFFFFFF. -#+ int64_t total = 0; -#+ for (int32_t i = 0; i < 16; i++) { -#+ dest.append(str); -#+ total += len; -#+ if (total <= INT32_MAX) { -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ } else { -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } -#+ } -#+ dest.remove(); -#+ total = 0; -#+ for (int32_t i = 0; i < 16; i++) { -#+ dest.append(str); -#+ total += len; -#+ if (total + len <= INT32_MAX) { -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ } else if (total <= INT32_MAX) { -#+ // Check that a string of exactly the maximum size works -#+ UnicodeString str2; -#+ int32_t remain = INT32_MAX - total; -#+ char16_t *buf2 = str2.getBuffer(remain); -#+ if (buf2 == nullptr) { -#+ // if somehow memory allocation fail, return the test -#+ return; -#+ } -#+ uprv_memset(buf2, 0x4e, remain * 2); -#+ str2.releaseBuffer(remain); -#+ dest.append(str2); -#+ total += remain; -#+ assertEquals("When a string of exactly the maximum size works", (int64_t)INT32_MAX, total); -#+ assertEquals("When a string of exactly the maximum size works", INT32_MAX, dest.length()); -#+ assertFalse("dest is not bogus", dest.isBogus()); -#+ -#+ // Check that a string size+1 goes bogus -#+ str2.truncate(1); -#+ dest.append(str2); -#+ total++; -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } else { -#+ assertTrue("dest should be bogus", dest.isBogus()); -#+ } -#+ } -#+} -#diff --git a/icu4c/source/test/intltest/ustrtest.h b/icu4c/source/test/intltest/ustrtest.h -#index 218befdcc68..4a356a92c7a 100644 -#--- a/icu4c/source/test/intltest/ustrtest.h -#+++ b/icu4c/source/test/intltest/ustrtest.h -#@@ -97,6 +97,7 @@ class UnicodeStringTest: public IntlTest { -# void TestWCharPointers(); -# void TestNullPointers(); -# void TestUnicodeStringInsertAppendToSelf(); -#+ void TestLargeAppend(); -# }; -# -# #endif diff --git a/gnu/packages/patches/libffi-3.3-powerpc-fixes.patch b/gnu/packages/patches/libffi-3.3-powerpc-fixes.patch new file mode 100644 index 0000000000..971ed26180 --- /dev/null +++ b/gnu/packages/patches/libffi-3.3-powerpc-fixes.patch @@ -0,0 +1,138 @@ +This is a combination of the following 4 commits: +https://github.com/libffi/libffi/commit/01a75ed76ea7e57f1b7a5c183e2b1e890e6aa0fd.patch +https://github.com/libffi/libffi/commit/6663047f56c2932a6b10a790f4ac6666dd181326.patch +https://github.com/libffi/libffi/commit/e50b9ef8b910fa642ef158f6642e60d54d7ad740.patch +https://github.com/libffi/libffi/commit/4d6d2866ae43e55325e8ee96561221804602cd7a.patch + +From 2dbfa92a95e3bacabca431b89d2a5925e48a0e40 Mon Sep 17 00:00:00 2001 +From: Sergei Trofimovich <slyfox@gentoo.org> +Date: Thu, 28 Nov 2019 12:42:41 +0000 + +powerpc: fix build failure on power7 and older (#532) + +Build failure looks as: +``` +libtool: compile: powerpc-unknown-linux-gnu-gcc \ + -O2 -mcpu=powerpc -mtune=powerpc -pipe ... -c src/powerpc/ffi.c ... +In file included from src/powerpc/ffi.c:33: +src/powerpc/ffi_powerpc.h:65:9: error: '__int128' is not supported on this target + 65 | typedef __int128 float128; + | ^~~~~~~~ +``` + +The fix avoids using __int128 in favour of aligned char[16]. + +Closes: https://github.com/libffi/libffi/issues/531 +Signed-off-by: Sergei Trofimovich <slyfox@gentoo.org> + +Address platforms with no __int128. + +powerpc64: Use memcpy to help platforms with no __int128. (#534) + +Signed-off-by: Khem Raj <raj.khem@gmail.com> + +Update powerpc sysv assembly for ffi_powerpc.h changes (#541) + +Some of the flag bits were moved when adding powerpc64 vector support. + +Fixes #536 +--- + src/powerpc/ffi_linux64.c | 12 ++++++------ + src/powerpc/ffi_powerpc.h | 2 +- + src/powerpc/sysv.S | 12 +++++------- + 3 files changed, 12 insertions(+), 14 deletions(-) + +diff --git a/src/powerpc/ffi_linux64.c b/src/powerpc/ffi_linux64.c +index de0d033..4d50878 100644 +--- a/src/powerpc/ffi_linux64.c ++++ b/src/powerpc/ffi_linux64.c +@@ -547,9 +547,9 @@ ffi_prep_args64 (extended_cif *ecif, unsigned long *const stack) + if (next_arg.ul == gpr_end.ul) + next_arg.ul = rest.ul; + if (vecarg_count < NUM_VEC_ARG_REGISTERS64 && i < nfixedargs) +- *vec_base.f128++ = **p_argv.f128; ++ memcpy (vec_base.f128++, *p_argv.f128, sizeof (float128)); + else +- *next_arg.f128 = **p_argv.f128; ++ memcpy (next_arg.f128, *p_argv.f128, sizeof (float128)); + if (++next_arg.f128 == gpr_end.f128) + next_arg.f128 = rest.f128; + vecarg_count++; +@@ -680,9 +680,9 @@ ffi_prep_args64 (extended_cif *ecif, unsigned long *const stack) + { + if (vecarg_count < NUM_VEC_ARG_REGISTERS64 + && i < nfixedargs) +- *vec_base.f128++ = *arg.f128++; ++ memcpy (vec_base.f128++, arg.f128, sizeof (float128)); + else +- *next_arg.f128 = *arg.f128++; ++ memcpy (next_arg.f128, arg.f128++, sizeof (float128)); + if (++next_arg.f128 == gpr_end.f128) + next_arg.f128 = rest.f128; + vecarg_count++; +@@ -986,9 +986,9 @@ ffi_closure_helper_LINUX64 (ffi_cif *cif, + do + { + if (pvec < end_pvec && i < nfixedargs) +- *to.f128 = *pvec++; ++ memcpy (to.f128, pvec++, sizeof (float128)); + else +- *to.f128 = *from.f128; ++ memcpy (to.f128, from.f128, sizeof (float128)); + to.f128++; + from.f128++; + } +diff --git a/src/powerpc/ffi_powerpc.h b/src/powerpc/ffi_powerpc.h +index 5ee2a70..8e2f2f0 100644 +--- a/src/powerpc/ffi_powerpc.h ++++ b/src/powerpc/ffi_powerpc.h +@@ -62,7 +62,7 @@ typedef _Float128 float128; + #elif defined(__FLOAT128__) + typedef __float128 float128; + #else +-typedef __int128 float128; ++typedef char float128[16] __attribute__((aligned(16))); + #endif + + void FFI_HIDDEN ffi_closure_SYSV (void); +diff --git a/src/powerpc/sysv.S b/src/powerpc/sysv.S +index 1474ce7..df97734 100644 +--- a/src/powerpc/sysv.S ++++ b/src/powerpc/sysv.S +@@ -104,17 +104,16 @@ ENTRY(ffi_call_SYSV) + bctrl + + /* Now, deal with the return value. */ +- mtcrf 0x01,%r31 /* cr7 */ ++ mtcrf 0x03,%r31 /* cr6-cr7 */ + bt- 31,L(small_struct_return_value) + bt- 30,L(done_return_value) + #ifndef __NO_FPRS__ + bt- 29,L(fp_return_value) + #endif + stw %r3,0(%r30) +- bf+ 28,L(done_return_value) ++ bf+ 27,L(done_return_value) + stw %r4,4(%r30) +- mtcrf 0x02,%r31 /* cr6 */ +- bf 27,L(done_return_value) ++ bf 26,L(done_return_value) + stw %r5,8(%r30) + stw %r6,12(%r30) + /* Fall through... */ +@@ -145,10 +144,9 @@ L(done_return_value): + #ifndef __NO_FPRS__ + L(fp_return_value): + .cfi_restore_state +- bf 28,L(float_return_value) ++ bf 27,L(float_return_value) + stfd %f1,0(%r30) +- mtcrf 0x02,%r31 /* cr6 */ +- bf 27,L(done_return_value) ++ bf 26,L(done_return_value) + stfd %f2,8(%r30) + b L(done_return_value) + L(float_return_value): +-- +2.26.0 + diff --git a/gnu/packages/patches/zziplib-CVE-2018-16548.patch b/gnu/packages/patches/zziplib-CVE-2018-16548.patch deleted file mode 100644 index a17c6a9768..0000000000 --- a/gnu/packages/patches/zziplib-CVE-2018-16548.patch +++ /dev/null @@ -1,49 +0,0 @@ -The following 3 patches applied to 0.13.69 in this order, combined: -https://github.com/gdraheim/zziplib/commit/9411bde3e4a70a81ff3ffd256b71927b2d90dcbb.patch -https://github.com/gdraheim/zziplib/commit/d2e5d5c53212e54a97ad64b793a4389193fec687.patch -https://github.com/gdraheim/zziplib/commit/0e1dadb05c1473b9df2d7b8f298dab801778ef99.patch - -diff --git a/test/test.zip b/test/test.zip -index 2c992ea..952d475 100644 -Binary files a/test/test.zip and b/test/test.zip differ -diff --git a/zzip/zip.c b/zzip/zip.c -index 14e2e06..f97a40a 100644 ---- a/zzip/zip.c -+++ b/zzip/zip.c -@@ -472,9 +472,15 @@ __zzip_parse_root_directory(int fd, - } else - { - if (io->fd.seeks(fd, zz_rootseek + zz_offset, SEEK_SET) < 0) -+ { -+ free(hdr0); - return ZZIP_DIR_SEEK; -+ } - if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent)) -+ { -+ free(hdr0); - return ZZIP_DIR_READ; -+ } - d = &dirent; - } - -@@ -574,11 +580,18 @@ __zzip_parse_root_directory(int fd, - - if (hdr_return) - *hdr_return = hdr0; -+ else -+ { -+ /* If it is not assigned to *hdr_return, it will never be free()'d */ -+ free(hdr0); -+ } - } /* else zero (sane) entries */ -+ else -+ free(hdr0); - # ifndef ZZIP_ALLOW_MODULO_ENTRIES -- return (entries != zz_entries ? ZZIP_CORRUPTED : 0); -+ return (entries != zz_entries) ? ZZIP_CORRUPTED : 0; - # else -- return ((entries & (unsigned)0xFFFF) != zz_entries ? ZZIP_CORRUPTED : 0); -+ return ((entries & (unsigned)0xFFFF) != zz_entries) ? ZZIP_CORRUPTED : 0; - # endif - } - |