summaryrefslogtreecommitdiffstats
path: root/meta/recipes-core/ncurses
diff options
context:
space:
mode:
authorPeter Marko <peter.marko@siemens.com>2024-05-18 23:29:54 +0200
committerRichard Purdie <richard.purdie@linuxfoundation.org>2024-05-22 10:21:26 +0100
commit95e812313fdbac17cf60f1a6467b4f1b34fb687d (patch)
treea61183831414ac0c6dfa28bf1b6bd28303008113 /meta/recipes-core/ncurses
parentd803a25c823f266f0e9d2c982b5c25c50ade3b85 (diff)
downloadpoky-95e812313fdbac17cf60f1a6467b4f1b34fb687d.tar.gz
ncurses: Upgrade 6.4 -> 6.5
Removed 4 backported patched included in this release. Updated patches by devtool. License-Update: copyright years refreshed (From OE-Core rev: e9962f7033f717591a168e694311523c82c67608) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-core/ncurses')
-rw-r--r--meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch462
-rw-r--r--meta/recipes-core/ncurses/files/0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch499
-rw-r--r--meta/recipes-core/ncurses/files/0001-tic-hang.patch11
-rw-r--r--meta/recipes-core/ncurses/files/0002-configure-reproducible.patch7
-rw-r--r--meta/recipes-core/ncurses/files/0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch5
-rw-r--r--meta/recipes-core/ncurses/files/CVE-2023-45918.patch180
-rw-r--r--meta/recipes-core/ncurses/files/CVE-2023-50495.patch301
-rw-r--r--meta/recipes-core/ncurses/files/exit_prototype.patch11
-rw-r--r--meta/recipes-core/ncurses/ncurses.inc2
-rw-r--r--meta/recipes-core/ncurses/ncurses_6.5.bb (renamed from meta/recipes-core/ncurses/ncurses_6.4.bb)6
10 files changed, 16 insertions, 1468 deletions
diff --git a/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch b/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
deleted file mode 100644
index 1232c8c2a8..0000000000
--- a/meta/recipes-core/ncurses/files/0001-Fix-CVE-2023-29491.patch
+++ /dev/null
@@ -1,462 +0,0 @@
1From 3d54a41f12e9aa059f06e66e72d872f2283395b6 Mon Sep 17 00:00:00 2001
2From: Chen Qi <Qi.Chen@windriver.com>
3Date: Sun, 30 Jul 2023 21:14:00 -0700
4Subject: [PATCH] Fix CVE-2023-29491
5
6CVE: CVE-2023-29491
7
8Upstream-Status: Backport [http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=eb51b1ea1f75a0ec17c9c5937cb28df1e8eeec56]
9
10Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
11---
12 ncurses/tinfo/lib_tgoto.c | 10 +++-
13 ncurses/tinfo/lib_tparm.c | 116 ++++++++++++++++++++++++++++++++-----
14 ncurses/tinfo/read_entry.c | 3 +
15 progs/tic.c | 6 ++
16 progs/tparm_type.c | 9 +++
17 progs/tparm_type.h | 2 +
18 progs/tput.c | 61 ++++++++++++++++---
19 7 files changed, 185 insertions(+), 22 deletions(-)
20
21diff --git a/ncurses/tinfo/lib_tgoto.c b/ncurses/tinfo/lib_tgoto.c
22index 9cf5e100..c50ed4df 100644
23--- a/ncurses/tinfo/lib_tgoto.c
24+++ b/ncurses/tinfo/lib_tgoto.c
25@@ -207,6 +207,14 @@ tgoto(const char *string, int x, int y)
26 result = tgoto_internal(string, x, y);
27 else
28 #endif
29- result = TIPARM_2(string, y, x);
30+ if ((result = TIPARM_2(string, y, x)) == NULL) {
31+ /*
32+ * Because termcap did not provide a more general solution such as
33+ * tparm(), it was necessary to handle single-parameter capabilities
34+ * using tgoto(). The internal _nc_tiparm() function returns a NULL
35+ * for that case; retry for the single-parameter case.
36+ */
37+ result = TIPARM_1(string, y);
38+ }
39 returnPtr(result);
40 }
41diff --git a/ncurses/tinfo/lib_tparm.c b/ncurses/tinfo/lib_tparm.c
42index d9bdfd8f..a10a3877 100644
43--- a/ncurses/tinfo/lib_tparm.c
44+++ b/ncurses/tinfo/lib_tparm.c
45@@ -1086,6 +1086,64 @@ tparam_internal(TPARM_STATE *tps, const char *string, TPARM_DATA *data)
46 return (TPS(out_buff));
47 }
48
49+#ifdef CUR
50+/*
51+ * Only a few standard capabilities accept string parameters. The others that
52+ * are parameterized accept only numeric parameters.
53+ */
54+static bool
55+check_string_caps(TPARM_DATA *data, const char *string)
56+{
57+ bool result = FALSE;
58+
59+#define CHECK_CAP(name) (VALID_STRING(name) && !strcmp(name, string))
60+
61+ /*
62+ * Disallow string parameters unless we can check them against a terminal
63+ * description.
64+ */
65+ if (cur_term != NULL) {
66+ int want_type = 0;
67+
68+ if (CHECK_CAP(pkey_key))
69+ want_type = 2; /* function key #1, type string #2 */
70+ else if (CHECK_CAP(pkey_local))
71+ want_type = 2; /* function key #1, execute string #2 */
72+ else if (CHECK_CAP(pkey_xmit))
73+ want_type = 2; /* function key #1, transmit string #2 */
74+ else if (CHECK_CAP(plab_norm))
75+ want_type = 2; /* label #1, show string #2 */
76+ else if (CHECK_CAP(pkey_plab))
77+ want_type = 6; /* function key #1, type string #2, show string #3 */
78+#if NCURSES_XNAMES
79+ else {
80+ char *check;
81+
82+ check = tigetstr("Cs");
83+ if (CHECK_CAP(check))
84+ want_type = 1; /* style #1 */
85+
86+ check = tigetstr("Ms");
87+ if (CHECK_CAP(check))
88+ want_type = 3; /* storage unit #1, content #2 */
89+ }
90+#endif
91+
92+ if (want_type == data->tparm_type) {
93+ result = TRUE;
94+ } else {
95+ T(("unexpected string-parameter"));
96+ }
97+ }
98+ return result;
99+}
100+
101+#define ValidCap() (myData.tparm_type == 0 || \
102+ check_string_caps(&myData, string))
103+#else
104+#define ValidCap() 1
105+#endif
106+
107 #if NCURSES_TPARM_VARARGS
108
109 NCURSES_EXPORT(char *)
110@@ -1100,7 +1158,7 @@ tparm(const char *string, ...)
111 tps->tname = "tparm";
112 #endif /* TRACE */
113
114- if (tparm_setup(cur_term, string, &myData) == OK) {
115+ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) {
116 va_list ap;
117
118 va_start(ap, string);
119@@ -1135,7 +1193,7 @@ tparm(const char *string,
120 tps->tname = "tparm";
121 #endif /* TRACE */
122
123- if (tparm_setup(cur_term, string, &myData) == OK) {
124+ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) {
125
126 myData.param[0] = a1;
127 myData.param[1] = a2;
128@@ -1166,7 +1224,7 @@ tiparm(const char *string, ...)
129 tps->tname = "tiparm";
130 #endif /* TRACE */
131
132- if (tparm_setup(cur_term, string, &myData) == OK) {
133+ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) {
134 va_list ap;
135
136 va_start(ap, string);
137@@ -1179,7 +1237,25 @@ tiparm(const char *string, ...)
138 }
139
140 /*
141- * The internal-use flavor ensures that the parameters are numbers, not strings
142+ * The internal-use flavor ensures that parameters are numbers, not strings.
143+ * In addition to ensuring that they are numbers, it ensures that the parameter
144+ * count is consistent with intended usage.
145+ *
146+ * Unlike the general-purpose tparm/tiparm, these internal calls are fairly
147+ * well defined:
148+ *
149+ * expected == 0 - not applicable
150+ * expected == 1 - set color, or vertical/horizontal addressing
151+ * expected == 2 - cursor addressing
152+ * expected == 4 - initialize color or color pair
153+ * expected == 9 - set attributes
154+ *
155+ * Only for the last case (set attributes) should a parameter be optional.
156+ * Also, a capability which calls for more parameters than expected should be
157+ * ignored.
158+ *
159+ * Return a null if the parameter-checks fail. Otherwise, return a pointer to
160+ * the formatted capability string.
161 */
162 NCURSES_EXPORT(char *)
163 _nc_tiparm(int expected, const char *string, ...)
164@@ -1189,22 +1265,36 @@ _nc_tiparm(int expected, const char *string, ...)
165 char *result = NULL;
166
167 _nc_tparm_err = 0;
168+ T((T_CALLED("_nc_tiparm(%d, %s, ...)"), expected, _nc_visbuf(string)));
169 #ifdef TRACE
170 tps->tname = "_nc_tiparm";
171 #endif /* TRACE */
172
173- if (tparm_setup(cur_term, string, &myData) == OK
174- && myData.num_actual <= expected
175- && myData.tparm_type == 0) {
176- va_list ap;
177+ if (tparm_setup(cur_term, string, &myData) == OK && ValidCap()) {
178+ if (myData.num_actual == 0) {
179+ T(("missing parameter%s, expected %s%d",
180+ expected > 1 ? "s" : "",
181+ expected == 9 ? "up to " : "",
182+ expected));
183+ } else if (myData.num_actual > expected) {
184+ T(("too many parameters, have %d, expected %d",
185+ myData.num_actual,
186+ expected));
187+ } else if (expected != 9 && myData.num_actual != expected) {
188+ T(("expected %d parameters, have %d",
189+ myData.num_actual,
190+ expected));
191+ } else {
192+ va_list ap;
193
194- va_start(ap, string);
195- tparm_copy_valist(&myData, FALSE, ap);
196- va_end(ap);
197+ va_start(ap, string);
198+ tparm_copy_valist(&myData, FALSE, ap);
199+ va_end(ap);
200
201- result = tparam_internal(tps, string, &myData);
202+ result = tparam_internal(tps, string, &myData);
203+ }
204 }
205- return result;
206+ returnPtr(result);
207 }
208
209 /*
210diff --git a/ncurses/tinfo/read_entry.c b/ncurses/tinfo/read_entry.c
211index 2b1875ed..341337d2 100644
212--- a/ncurses/tinfo/read_entry.c
213+++ b/ncurses/tinfo/read_entry.c
214@@ -323,6 +323,9 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit)
215 || bool_count < 0
216 || num_count < 0
217 || str_count < 0
218+ || bool_count > BOOLCOUNT
219+ || num_count > NUMCOUNT
220+ || str_count > STRCOUNT
221 || str_size < 0) {
222 returnDB(TGETENT_NO);
223 }
224diff --git a/progs/tic.c b/progs/tic.c
225index 93a0b491..888927e2 100644
226--- a/progs/tic.c
227+++ b/progs/tic.c
228@@ -2270,9 +2270,15 @@ check_1_infotocap(const char *name, NCURSES_CONST char *value, int count)
229
230 _nc_reset_tparm(NULL);
231 switch (actual) {
232+ case Str:
233+ result = TPARM_1(value, strings[1]);
234+ break;
235 case Num_Str:
236 result = TPARM_2(value, numbers[1], strings[2]);
237 break;
238+ case Str_Str:
239+ result = TPARM_2(value, strings[1], strings[2]);
240+ break;
241 case Num_Str_Str:
242 result = TPARM_3(value, numbers[1], strings[2], strings[3]);
243 break;
244diff --git a/progs/tparm_type.c b/progs/tparm_type.c
245index 3da4a077..644aa62a 100644
246--- a/progs/tparm_type.c
247+++ b/progs/tparm_type.c
248@@ -47,6 +47,7 @@ tparm_type(const char *name)
249 {code, {longname} }, \
250 {code, {ti} }, \
251 {code, {tc} }
252+#define XD(code, onlyname) TD(code, onlyname, onlyname, onlyname)
253 TParams result = Numbers;
254 /* *INDENT-OFF* */
255 static const struct {
256@@ -58,6 +59,10 @@ tparm_type(const char *name)
257 TD(Num_Str, "pkey_xmit", "pfx", "px"),
258 TD(Num_Str, "plab_norm", "pln", "pn"),
259 TD(Num_Str_Str, "pkey_plab", "pfxl", "xl"),
260+#if NCURSES_XNAMES
261+ XD(Str, "Cs"),
262+ XD(Str_Str, "Ms"),
263+#endif
264 };
265 /* *INDENT-ON* */
266
267@@ -80,12 +85,16 @@ guess_tparm_type(int nparam, char **p_is_s)
268 case 1:
269 if (!p_is_s[0])
270 result = Numbers;
271+ if (p_is_s[0])
272+ result = Str;
273 break;
274 case 2:
275 if (!p_is_s[0] && !p_is_s[1])
276 result = Numbers;
277 if (!p_is_s[0] && p_is_s[1])
278 result = Num_Str;
279+ if (p_is_s[0] && p_is_s[1])
280+ result = Str_Str;
281 break;
282 case 3:
283 if (!p_is_s[0] && !p_is_s[1] && !p_is_s[2])
284diff --git a/progs/tparm_type.h b/progs/tparm_type.h
285index 7c102a30..af5bcf0f 100644
286--- a/progs/tparm_type.h
287+++ b/progs/tparm_type.h
288@@ -45,8 +45,10 @@
289 typedef enum {
290 Other = -1
291 ,Numbers = 0
292+ ,Str
293 ,Num_Str
294 ,Num_Str_Str
295+ ,Str_Str
296 } TParams;
297
298 extern TParams tparm_type(const char *name);
299diff --git a/progs/tput.c b/progs/tput.c
300index 4cd0c5ba..41508b72 100644
301--- a/progs/tput.c
302+++ b/progs/tput.c
303@@ -1,5 +1,5 @@
304 /****************************************************************************
305- * Copyright 2018-2021,2022 Thomas E. Dickey *
306+ * Copyright 2018-2022,2023 Thomas E. Dickey *
307 * Copyright 1998-2016,2017 Free Software Foundation, Inc. *
308 * *
309 * Permission is hereby granted, free of charge, to any person obtaining a *
310@@ -47,12 +47,15 @@
311 #include <transform.h>
312 #include <tty_settings.h>
313
314-MODULE_ID("$Id: tput.c,v 1.99 2022/02/26 23:19:31 tom Exp $")
315+MODULE_ID("$Id: tput.c,v 1.102 2023/04/08 16:26:36 tom Exp $")
316
317 #define PUTS(s) fputs(s, stdout)
318
319 const char *_nc_progname = "tput";
320
321+static bool opt_v = FALSE; /* quiet, do not show warnings */
322+static bool opt_x = FALSE; /* clear scrollback if possible */
323+
324 static bool is_init = FALSE;
325 static bool is_reset = FALSE;
326 static bool is_clear = FALSE;
327@@ -81,6 +84,7 @@ usage(const char *optstring)
328 KEEP(" -S << read commands from standard input")
329 KEEP(" -T TERM use this instead of $TERM")
330 KEEP(" -V print curses-version")
331+ KEEP(" -v verbose, show warnings")
332 KEEP(" -x do not try to clear scrollback")
333 KEEP("")
334 KEEP("Commands:")
335@@ -148,7 +152,7 @@ exit_code(int token, int value)
336 * Returns nonzero on error.
337 */
338 static int
339-tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used)
340+tput_cmd(int fd, TTY * settings, int argc, char **argv, int *used)
341 {
342 NCURSES_CONST char *name;
343 char *s;
344@@ -231,7 +235,9 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used)
345 } else if (VALID_STRING(s)) {
346 if (argc > 1) {
347 int k;
348+ int narg;
349 int analyzed;
350+ int provided;
351 int popcount;
352 long numbers[1 + NUM_PARM];
353 char *strings[1 + NUM_PARM];
354@@ -271,14 +277,45 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used)
355
356 popcount = 0;
357 _nc_reset_tparm(NULL);
358+ /*
359+ * Count the number of numeric parameters which are provided.
360+ */
361+ provided = 0;
362+ for (narg = 1; narg < argc; ++narg) {
363+ char *ending = NULL;
364+ long check = strtol(argv[narg], &ending, 10);
365+ if (check < 0 || ending == argv[narg] || *ending != '\0')
366+ break;
367+ provided = narg;
368+ }
369 switch (paramType) {
370+ case Str:
371+ s = TPARM_1(s, strings[1]);
372+ analyzed = 1;
373+ if (provided == 0 && argc >= 1)
374+ provided++;
375+ break;
376+ case Str_Str:
377+ s = TPARM_2(s, strings[1], strings[2]);
378+ analyzed = 2;
379+ if (provided == 0 && argc >= 1)
380+ provided++;
381+ if (provided == 1 && argc >= 2)
382+ provided++;
383+ break;
384 case Num_Str:
385 s = TPARM_2(s, numbers[1], strings[2]);
386 analyzed = 2;
387+ if (provided == 1 && argc >= 2)
388+ provided++;
389 break;
390 case Num_Str_Str:
391 s = TPARM_3(s, numbers[1], strings[2], strings[3]);
392 analyzed = 3;
393+ if (provided == 1 && argc >= 2)
394+ provided++;
395+ if (provided == 2 && argc >= 3)
396+ provided++;
397 break;
398 case Numbers:
399 analyzed = _nc_tparm_analyze(NULL, s, p_is_s, &popcount);
400@@ -316,7 +353,13 @@ tput_cmd(int fd, TTY * settings, bool opt_x, int argc, char **argv, int *used)
401 if (analyzed < popcount) {
402 analyzed = popcount;
403 }
404- *used += analyzed;
405+ if (opt_v && (analyzed != provided)) {
406+ fprintf(stderr, "%s: %s parameters for \"%s\"\n",
407+ _nc_progname,
408+ (analyzed < provided ? "extra" : "missing"),
409+ argv[0]);
410+ }
411+ *used += provided;
412 }
413
414 /* use putp() in order to perform padding */
415@@ -339,7 +382,6 @@ main(int argc, char **argv)
416 int used;
417 TTY old_settings;
418 TTY tty_settings;
419- bool opt_x = FALSE; /* clear scrollback if possible */
420 bool is_alias;
421 bool need_tty;
422
423@@ -348,7 +390,7 @@ main(int argc, char **argv)
424
425 term = getenv("TERM");
426
427- while ((c = getopt(argc, argv, is_alias ? "T:Vx" : "ST:Vx")) != -1) {
428+ while ((c = getopt(argc, argv, is_alias ? "T:Vvx" : "ST:Vvx")) != -1) {
429 switch (c) {
430 case 'S':
431 cmdline = FALSE;
432@@ -361,6 +403,9 @@ main(int argc, char **argv)
433 case 'V':
434 puts(curses_version());
435 ExitProgram(EXIT_SUCCESS);
436+ case 'v': /* verbose */
437+ opt_v = TRUE;
438+ break;
439 case 'x': /* do not try to clear scrollback */
440 opt_x = TRUE;
441 break;
442@@ -404,7 +449,7 @@ main(int argc, char **argv)
443 usage(NULL);
444 while (argc > 0) {
445 tty_settings = old_settings;
446- code = tput_cmd(fd, &tty_settings, opt_x, argc, argv, &used);
447+ code = tput_cmd(fd, &tty_settings, argc, argv, &used);
448 if (code != 0)
449 break;
450 argc -= used;
451@@ -439,7 +484,7 @@ main(int argc, char **argv)
452 while (argnum > 0) {
453 int code;
454 tty_settings = old_settings;
455- code = tput_cmd(fd, &tty_settings, opt_x, argnum, argnow, &used);
456+ code = tput_cmd(fd, &tty_settings, argnum, argnow, &used);
457 if (code != 0) {
458 if (result == 0)
459 result = ErrSystem(0); /* will return value >4 */
460--
4612.40.0
462
diff --git a/meta/recipes-core/ncurses/files/0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch b/meta/recipes-core/ncurses/files/0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch
deleted file mode 100644
index 121db6bffe..0000000000
--- a/meta/recipes-core/ncurses/files/0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch
+++ /dev/null
@@ -1,499 +0,0 @@
1From 135d37072755704b8d018e5de74e62ff3f28c930 Mon Sep 17 00:00:00 2001
2From: Thomas E. Dickey <dickey@invisible-island.net>
3Date: Sun, 5 Nov 2023 05:54:54 +0530
4Subject: [PATCH] Updating reset code - ncurses 6.4 - patch 20231104
5
6+ modify reset command to avoid altering clocal if the terminal uses a
7 modem (prompted by discussion with Werner Fink, Michal Suchanek,
8 OpenSUSE #1201384, Debian #60377).
9+ build-fixes for --with-caps variations.
10+ correct a couple of section-references in INSTALL.
11
12Signed-off-by: Thomas E. Dickey <dickey@invisible-island.net>
13
14Upstream-Status: Backport [https://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=135d37072755704b8d018e5de74e62ff3f28c930]
15
16Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
17---
18 INSTALL | 8 +-
19 include/curses.events | 2 +-
20 ncurses/tinfo/lib_tparm.c | 2 +
21 progs/reset_cmd.c | 281 +++++++++++++++++++++-----------------
22 progs/tabs.c | 10 +-
23 progs/tic.c | 4 +
24 6 files changed, 176 insertions(+), 131 deletions(-)
25
26diff --git a/INSTALL b/INSTALL
27index d9c1dd12..d0a39af0 100644
28--- a/INSTALL
29+++ b/INSTALL
30@@ -47,7 +47,7 @@ If you are converting from BSD curses and do not have root access, be sure
31 to read the BSD CONVERSION NOTES section below.
32
33 If you are trying to build applications using gpm with ncurses,
34-read the USING NCURSES WITH GPM section below.
35+read the USING GPM section below.
36
37 If you are cross-compiling, see the note below on BUILDING WITH A CROSS-COMPILER.
38
39@@ -79,7 +79,7 @@ INSTALLATION PROCEDURE:
40 The --prefix option to configure changes the root directory for installing
41 ncurses. The default is normally in subdirectories of /usr/local, except
42 for systems where ncurses is normally installed as a system library (see
43- "IF YOU ARE A SYSTEM INTEGRATOR"). Use --prefix=/usr to replace your
44+ "FOR SYSTEM INTEGRATORS"). Use --prefix=/usr to replace your
45 default curses distribution.
46
47 The package gets installed beneath the --prefix directory as follows:
48@@ -176,7 +176,7 @@ INSTALLATION PROCEDURE:
49 You can make curses and terminfo fall back to an existing file of termcap
50 definitions by configuring with --enable-termcap. If you do this, the
51 library will search /etc/termcap before the terminfo database, and will
52- also interpret the contents of the TERM environment variable. See the
53+ also interpret the contents of the $TERM environment variable. See the
54 section BSD CONVERSION NOTES below.
55
56 3. Type `make'. Ignore any warnings, no error messages should be produced.
57@@ -1231,7 +1231,7 @@ CONFIGURE OPTIONS:
58 Specify a search-list of terminfo directories which will be compiled
59 into the ncurses library (default: DATADIR/terminfo)
60
61- This is a colon-separated list, like the TERMINFO_DIRS environment
62+ This is a colon-separated list, like the $TERMINFO_DIRS environment
63 variable.
64
65 --with-termlib[=XXX]
66diff --git a/include/curses.events b/include/curses.events
67index 25a2583f..468bde18 100644
68--- a/include/curses.events
69+++ b/include/curses.events
70@@ -50,6 +50,6 @@ typedef struct
71 extern NCURSES_EXPORT(int) wgetch_events (WINDOW *, _nc_eventlist *) GCC_DEPRECATED(experimental option); /* experimental */
72 extern NCURSES_EXPORT(int) wgetnstr_events (WINDOW *,char *,int,_nc_eventlist *) GCC_DEPRECATED(experimental option); /* experimental */
73
74-#define KEY_EVENT 0633 /* We were interrupted by an event */
75+#define KEY_EVENT 0634 /* We were interrupted by an event */
76
77 #endif /* NCURSES_WGETCH_EVENTS */
78diff --git a/ncurses/tinfo/lib_tparm.c b/ncurses/tinfo/lib_tparm.c
79index a10a3877..cd972c0f 100644
80--- a/ncurses/tinfo/lib_tparm.c
81+++ b/ncurses/tinfo/lib_tparm.c
82@@ -1113,8 +1113,10 @@ check_string_caps(TPARM_DATA *data, const char *string)
83 want_type = 2; /* function key #1, transmit string #2 */
84 else if (CHECK_CAP(plab_norm))
85 want_type = 2; /* label #1, show string #2 */
86+#ifdef pkey_plab
87 else if (CHECK_CAP(pkey_plab))
88 want_type = 6; /* function key #1, type string #2, show string #3 */
89+#endif
90 #if NCURSES_XNAMES
91 else {
92 char *check;
93diff --git a/progs/reset_cmd.c b/progs/reset_cmd.c
94index eff3af72..aec4b077 100644
95--- a/progs/reset_cmd.c
96+++ b/progs/reset_cmd.c
97@@ -75,6 +75,9 @@ MODULE_ID("$Id: reset_cmd.c,v 1.28 2021/10/02 18:08:44 tom Exp $")
98 # endif
99 #endif
100
101+#define set_flags(target, mask) target |= mask
102+#define clear_flags(target, mask) target &= ~((unsigned)(mask))
103+
104 static FILE *my_file;
105
106 static bool use_reset = FALSE; /* invoked as reset */
107@@ -188,6 +191,79 @@ out_char(int c)
108 #define reset_char(item, value) \
109 tty_settings->c_cc[item] = CHK(tty_settings->c_cc[item], value)
110
111+/*
112+ * Simplify ifdefs
113+ */
114+#ifndef BSDLY
115+#define BSDLY 0
116+#endif
117+#ifndef CRDLY
118+#define CRDLY 0
119+#endif
120+#ifndef ECHOCTL
121+#define ECHOCTL 0
122+#endif
123+#ifndef ECHOKE
124+#define ECHOKE 0
125+#endif
126+#ifndef ECHOPRT
127+#define ECHOPRT 0
128+#endif
129+#ifndef FFDLY
130+#define FFDLY 0
131+#endif
132+#ifndef IMAXBEL
133+#define IMAXBEL 0
134+#endif
135+#ifndef IUCLC
136+#define IUCLC 0
137+#endif
138+#ifndef IXANY
139+#define IXANY 0
140+#endif
141+#ifndef NLDLY
142+#define NLDLY 0
143+#endif
144+#ifndef OCRNL
145+#define OCRNL 0
146+#endif
147+#ifndef OFDEL
148+#define OFDEL 0
149+#endif
150+#ifndef OFILL
151+#define OFILL 0
152+#endif
153+#ifndef OLCUC
154+#define OLCUC 0
155+#endif
156+#ifndef ONLCR
157+#define ONLCR 0
158+#endif
159+#ifndef ONLRET
160+#define ONLRET 0
161+#endif
162+#ifndef ONOCR
163+#define ONOCR 0
164+#endif
165+#ifndef OXTABS
166+#define OXTABS 0
167+#endif
168+#ifndef TAB3
169+#define TAB3 0
170+#endif
171+#ifndef TABDLY
172+#define TABDLY 0
173+#endif
174+#ifndef TOSTOP
175+#define TOSTOP 0
176+#endif
177+#ifndef VTDLY
178+#define VTDLY 0
179+#endif
180+#ifndef XCASE
181+#define XCASE 0
182+#endif
183+
184 /*
185 * Reset the terminal mode bits to a sensible state. Very useful after
186 * a child program dies in raw mode.
187@@ -195,6 +271,10 @@ out_char(int c)
188 void
189 reset_tty_settings(int fd, TTY * tty_settings, int noset)
190 {
191+ unsigned mask;
192+#ifdef TIOCMGET
193+ int modem_bits;
194+#endif
195 GET_TTY(fd, tty_settings);
196
197 #ifdef TERMIOS
198@@ -228,106 +308,65 @@ reset_tty_settings(int fd, TTY * tty_settings, int noset)
199 reset_char(VWERASE, CWERASE);
200 #endif
201
202- tty_settings->c_iflag &= ~((unsigned) (IGNBRK
203- | PARMRK
204- | INPCK
205- | ISTRIP
206- | INLCR
207- | IGNCR
208-#ifdef IUCLC
209- | IUCLC
210-#endif
211-#ifdef IXANY
212- | IXANY
213-#endif
214- | IXOFF));
215-
216- tty_settings->c_iflag |= (BRKINT
217- | IGNPAR
218- | ICRNL
219- | IXON
220-#ifdef IMAXBEL
221- | IMAXBEL
222-#endif
223- );
224-
225- tty_settings->c_oflag &= ~((unsigned) (0
226-#ifdef OLCUC
227- | OLCUC
228-#endif
229-#ifdef OCRNL
230- | OCRNL
231-#endif
232-#ifdef ONOCR
233- | ONOCR
234-#endif
235-#ifdef ONLRET
236- | ONLRET
237-#endif
238-#ifdef OFILL
239- | OFILL
240-#endif
241-#ifdef OFDEL
242- | OFDEL
243-#endif
244-#ifdef NLDLY
245- | NLDLY
246-#endif
247-#ifdef CRDLY
248- | CRDLY
249-#endif
250-#ifdef TABDLY
251- | TABDLY
252-#endif
253-#ifdef BSDLY
254- | BSDLY
255-#endif
256-#ifdef VTDLY
257- | VTDLY
258-#endif
259-#ifdef FFDLY
260- | FFDLY
261-#endif
262- ));
263-
264- tty_settings->c_oflag |= (OPOST
265-#ifdef ONLCR
266- | ONLCR
267-#endif
268- );
269-
270- tty_settings->c_cflag &= ~((unsigned) (CSIZE
271- | CSTOPB
272- | PARENB
273- | PARODD
274- | CLOCAL));
275- tty_settings->c_cflag |= (CS8 | CREAD);
276- tty_settings->c_lflag &= ~((unsigned) (ECHONL
277- | NOFLSH
278-#ifdef TOSTOP
279- | TOSTOP
280-#endif
281-#ifdef ECHOPTR
282- | ECHOPRT
283-#endif
284-#ifdef XCASE
285- | XCASE
286-#endif
287- ));
288-
289- tty_settings->c_lflag |= (ISIG
290- | ICANON
291- | ECHO
292- | ECHOE
293- | ECHOK
294-#ifdef ECHOCTL
295- | ECHOCTL
296-#endif
297-#ifdef ECHOKE
298- | ECHOKE
299-#endif
300- );
301-#endif
302+ clear_flags(tty_settings->c_iflag, (IGNBRK
303+ | PARMRK
304+ | INPCK
305+ | ISTRIP
306+ | INLCR
307+ | IGNCR
308+ | IUCLC
309+ | IXANY
310+ | IXOFF));
311+
312+ set_flags(tty_settings->c_iflag, (BRKINT
313+ | IGNPAR
314+ | ICRNL
315+ | IXON
316+ | IMAXBEL));
317+
318+ clear_flags(tty_settings->c_oflag, (0
319+ | OLCUC
320+ | OCRNL
321+ | ONOCR
322+ | ONLRET
323+ | OFILL
324+ | OFDEL
325+ | NLDLY
326+ | CRDLY
327+ | TABDLY
328+ | BSDLY
329+ | VTDLY
330+ | FFDLY));
331+
332+ set_flags(tty_settings->c_oflag, (OPOST
333+ | ONLCR));
334+
335+ mask = (CSIZE | CSTOPB | PARENB | PARODD);
336+#ifdef TIOCMGET
337+ /* leave clocal alone if this appears to use a modem */
338+ if (ioctl(fd, TIOCMGET, &modem_bits) == -1)
339+ mask |= CLOCAL;
340+#else
341+ /* cannot check - use the behavior from tset */
342+ mask |= CLOCAL;
343+#endif
344+ clear_flags(tty_settings->c_cflag, mask);
345+
346+ set_flags(tty_settings->c_cflag, (CS8 | CREAD));
347+ clear_flags(tty_settings->c_lflag, (ECHONL
348+ | NOFLSH
349+ | TOSTOP
350+ | ECHOPRT
351+ | XCASE));
352+
353+ set_flags(tty_settings->c_lflag, (ISIG
354+ | ICANON
355+ | ECHO
356+ | ECHOE
357+ | ECHOK
358+ | ECHOCTL
359+ | ECHOKE));
360+#endif /* TERMIOS */
361
362 if (!noset) {
363 SET_TTY(fd, tty_settings);
364@@ -402,29 +441,23 @@ set_conversions(TTY * tty_settings)
365 #if defined(EXP_WIN32_DRIVER)
366 /* FIXME */
367 #else
368-#ifdef ONLCR
369- tty_settings->c_oflag |= ONLCR;
370-#endif
371- tty_settings->c_iflag |= ICRNL;
372- tty_settings->c_lflag |= ECHO;
373-#ifdef OXTABS
374- tty_settings->c_oflag |= OXTABS;
375-#endif /* OXTABS */
376+ set_flags(tty_settings->c_oflag, ONLCR);
377+ set_flags(tty_settings->c_iflag, ICRNL);
378+ set_flags(tty_settings->c_lflag, ECHO);
379+ set_flags(tty_settings->c_oflag, OXTABS);
380
381 /* test used to be tgetflag("NL") */
382 if (VALID_STRING(newline) && newline[0] == '\n' && !newline[1]) {
383 /* Newline, not linefeed. */
384-#ifdef ONLCR
385- tty_settings->c_oflag &= ~((unsigned) ONLCR);
386-#endif
387- tty_settings->c_iflag &= ~((unsigned) ICRNL);
388+ clear_flags(tty_settings->c_oflag, ONLCR);
389+ clear_flags(tty_settings->c_iflag, ICRNL);
390 }
391-#ifdef OXTABS
392+#if OXTABS
393 /* test used to be tgetflag("pt") */
394 if (VALID_STRING(set_tab) && VALID_STRING(clear_all_tabs))
395- tty_settings->c_oflag &= ~OXTABS;
396+ clear_flags(tty_settings->c_oflag, OXTABS);
397 #endif /* OXTABS */
398- tty_settings->c_lflag |= (ECHOE | ECHOK);
399+ set_flags(tty_settings->c_lflag, (ECHOE | ECHOK));
400 #endif
401 }
402
403@@ -490,7 +523,7 @@ send_init_strings(int fd GCC_UNUSED, TTY * old_settings)
404 bool need_flush = FALSE;
405
406 (void) old_settings;
407-#ifdef TAB3
408+#if TAB3
409 if (old_settings != 0 &&
410 old_settings->c_oflag & (TAB3 | ONLCR | OCRNL | ONLRET)) {
411 old_settings->c_oflag &= (TAB3 | ONLCR | OCRNL | ONLRET);
412@@ -512,22 +545,22 @@ send_init_strings(int fd GCC_UNUSED, TTY * old_settings)
413
414 if (VALID_STRING(clear_margins)) {
415 need_flush |= sent_string(clear_margins);
416- } else
417+ }
418 #if defined(set_lr_margin)
419- if (VALID_STRING(set_lr_margin)) {
420+ else if (VALID_STRING(set_lr_margin)) {
421 need_flush |= sent_string(TIPARM_2(set_lr_margin, 0, columns - 1));
422- } else
423+ }
424 #endif
425 #if defined(set_left_margin_parm) && defined(set_right_margin_parm)
426- if (VALID_STRING(set_left_margin_parm)
427- && VALID_STRING(set_right_margin_parm)) {
428+ else if (VALID_STRING(set_left_margin_parm)
429+ && VALID_STRING(set_right_margin_parm)) {
430 need_flush |= sent_string(TIPARM_1(set_left_margin_parm, 0));
431 need_flush |= sent_string(TIPARM_1(set_right_margin_parm,
432 columns - 1));
433- } else
434+ }
435 #endif
436- if (VALID_STRING(set_left_margin)
437- && VALID_STRING(set_right_margin)) {
438+ else if (VALID_STRING(set_left_margin)
439+ && VALID_STRING(set_right_margin)) {
440 need_flush |= to_left_margin();
441 need_flush |= sent_string(set_left_margin);
442 if (VALID_STRING(parm_right_cursor)) {
443diff --git a/progs/tabs.c b/progs/tabs.c
444index 7378d116..d904330b 100644
445--- a/progs/tabs.c
446+++ b/progs/tabs.c
447@@ -370,7 +370,9 @@ do_set_margin(int margin, bool no_op)
448 }
449 tputs(set_left_margin, 1, putch);
450 }
451- } else if (VALID_STRING(set_left_margin_parm)) {
452+ }
453+#if defined(set_left_margin_parm) && defined(set_right_margin_parm)
454+ else if (VALID_STRING(set_left_margin_parm)) {
455 result = TRUE;
456 if (!no_op) {
457 if (VALID_STRING(set_right_margin_parm)) {
458@@ -379,12 +381,16 @@ do_set_margin(int margin, bool no_op)
459 tputs(TIPARM_2(set_left_margin_parm, margin, max_cols), 1, putch);
460 }
461 }
462- } else if (VALID_STRING(set_lr_margin)) {
463+ }
464+#endif
465+#if defined(set_lr_margin)
466+ else if (VALID_STRING(set_lr_margin)) {
467 result = TRUE;
468 if (!no_op) {
469 tputs(TIPARM_2(set_lr_margin, margin, max_cols), 1, putch);
470 }
471 }
472+#endif
473 return result;
474 }
475
476diff --git a/progs/tic.c b/progs/tic.c
477index 888927e2..78b568fa 100644
478--- a/progs/tic.c
479+++ b/progs/tic.c
480@@ -3142,6 +3142,7 @@ guess_ANSI_VTxx(TERMTYPE2 *tp)
481 * In particular, any ECMA-48 terminal should support these, though the details
482 * for u9 are implementation dependent.
483 */
484+#if defined(user6) && defined(user7) && defined(user8) && defined(user9)
485 static void
486 check_user_6789(TERMTYPE2 *tp)
487 {
488@@ -3177,6 +3178,9 @@ check_user_6789(TERMTYPE2 *tp)
489 break;
490 }
491 }
492+#else
493+#define check_user_6789(tp) /* nothing */
494+#endif
495
496 /* other sanity-checks (things that we don't want in the normal
497 * logic that reads a terminfo entry)
498--
4992.40.0
diff --git a/meta/recipes-core/ncurses/files/0001-tic-hang.patch b/meta/recipes-core/ncurses/files/0001-tic-hang.patch
index f98a943e5c..8cb92a3939 100644
--- a/meta/recipes-core/ncurses/files/0001-tic-hang.patch
+++ b/meta/recipes-core/ncurses/files/0001-tic-hang.patch
@@ -1,7 +1,7 @@
1From 168ba7a681be73ac024438e33e14fde1d5aea97d Mon Sep 17 00:00:00 2001 1From a51a53f0eecfd4d083aba8dfcd47c65e93978ff1 Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com> 2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Fri, 30 Mar 2018 10:02:24 +0800 3Date: Fri, 30 Mar 2018 10:02:24 +0800
4Subject: [PATCH 1/2] tic hang 4Subject: [PATCH] tic hang
5 5
6Upstream-Status: Inappropriate [configuration] 6Upstream-Status: Inappropriate [configuration]
7 7
@@ -17,10 +17,10 @@ Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
17 1 file changed, 5 insertions(+), 6 deletions(-) 17 1 file changed, 5 insertions(+), 6 deletions(-)
18 18
19diff --git a/misc/terminfo.src b/misc/terminfo.src 19diff --git a/misc/terminfo.src b/misc/terminfo.src
20index 84f4810..6b385ec 100644 20index 5d575b8e..f9cc6880 100644
21--- a/misc/terminfo.src 21--- a/misc/terminfo.src
22+++ b/misc/terminfo.src 22+++ b/misc/terminfo.src
23@@ -5562,12 +5562,11 @@ konsole-xf3x|KDE console window with keyboard for XFree86 3.x xterm, 23@@ -6518,12 +6518,11 @@ konsole-xf3x|KDE console window with keyboard for XFree86 3.x xterm,
24 # The value for kbs (see konsole-vt100) reflects local customization rather 24 # The value for kbs (see konsole-vt100) reflects local customization rather
25 # than the settings used for XFree86 xterm. 25 # than the settings used for XFree86 xterm.
26 konsole-xf4x|KDE console window with keyboard for XFree86 4.x xterm, 26 konsole-xf4x|KDE console window with keyboard for XFree86 4.x xterm,
@@ -38,6 +38,3 @@ index 84f4810..6b385ec 100644
38 38
39 # Obsolete: vt100.keymap 39 # Obsolete: vt100.keymap
40 # KDE's "vt100" keyboard has no relationship to any terminal that DEC made, but 40 # KDE's "vt100" keyboard has no relationship to any terminal that DEC made, but
41--
421.8.3.1
43
diff --git a/meta/recipes-core/ncurses/files/0002-configure-reproducible.patch b/meta/recipes-core/ncurses/files/0002-configure-reproducible.patch
index 66f26c06ab..11ca66c8e8 100644
--- a/meta/recipes-core/ncurses/files/0002-configure-reproducible.patch
+++ b/meta/recipes-core/ncurses/files/0002-configure-reproducible.patch
@@ -1,4 +1,4 @@
1From ec87e53066a9942e9aaba817d71268342f5e83b9 Mon Sep 17 00:00:00 2001 1From 63cf58044f4ab3297c5a2d0e132e87ebfa80c753 Mon Sep 17 00:00:00 2001
2From: Hongxu Jia <hongxu.jia@windriver.com> 2From: Hongxu Jia <hongxu.jia@windriver.com>
3Date: Wed, 16 Aug 2017 14:45:27 +0800 3Date: Wed, 16 Aug 2017 14:45:27 +0800
4Subject: [PATCH] configure: reproducible 4Subject: [PATCH] configure: reproducible
@@ -13,16 +13,15 @@ Signed-off-by: Juro Bystricky <juro.bystricky@intel.com>
13Rebase to 6.1 13Rebase to 6.1
14 14
15Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com> 15Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
16
17--- 16---
18 configure | 2 +- 17 configure | 2 +-
19 1 file changed, 1 insertion(+), 1 deletion(-) 18 1 file changed, 1 insertion(+), 1 deletion(-)
20 19
21diff --git a/configure b/configure 20diff --git a/configure b/configure
22index 421cf859..a1b7840d 100755 21index 488d93fc..005d44e2 100755
23--- a/configure 22--- a/configure
24+++ b/configure 23+++ b/configure
25@@ -5072,7 +5072,7 @@ else 24@@ -5129,7 +5129,7 @@ else
26 ;; 25 ;;
27 (*) 26 (*)
28 cf_cv_ar_flags=unknown 27 cf_cv_ar_flags=unknown
diff --git a/meta/recipes-core/ncurses/files/0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch b/meta/recipes-core/ncurses/files/0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch
index a15694d4d4..d89399bbe5 100644
--- a/meta/recipes-core/ncurses/files/0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch
+++ b/meta/recipes-core/ncurses/files/0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch
@@ -1,4 +1,4 @@
1From 10cd0c12a6e14fb4f0498c299c1dd32720b710da Mon Sep 17 00:00:00 2001 1From 5962a5ee2885f67a396f7e8955ac1bbd7f15d4aa Mon Sep 17 00:00:00 2001
2From: Nathan Rossi <nathan@nathanrossi.com> 2From: Nathan Rossi <nathan@nathanrossi.com>
3Date: Mon, 14 Dec 2020 13:39:02 +1000 3Date: Mon, 14 Dec 2020 13:39:02 +1000
4Subject: [PATCH] gen-pkgconfig.in: Do not include LDFLAGS in generated pc 4Subject: [PATCH] gen-pkgconfig.in: Do not include LDFLAGS in generated pc
@@ -10,13 +10,12 @@ includes build host specific paths and options (e.g. uninative and
10 10
11Upstream-Status: Inappropriate [OE Specific] 11Upstream-Status: Inappropriate [OE Specific]
12Signed-off-by: Nathan Rossi <nathan@nathanrossi.com> 12Signed-off-by: Nathan Rossi <nathan@nathanrossi.com>
13
14--- 13---
15 misc/gen-pkgconfig.in | 2 +- 14 misc/gen-pkgconfig.in | 2 +-
16 1 file changed, 1 insertion(+), 1 deletion(-) 15 1 file changed, 1 insertion(+), 1 deletion(-)
17 16
18diff --git a/misc/gen-pkgconfig.in b/misc/gen-pkgconfig.in 17diff --git a/misc/gen-pkgconfig.in b/misc/gen-pkgconfig.in
19index a45dd54f..85273054 100644 18index 89a5cd4a..07d94d17 100644
20--- a/misc/gen-pkgconfig.in 19--- a/misc/gen-pkgconfig.in
21+++ b/misc/gen-pkgconfig.in 20+++ b/misc/gen-pkgconfig.in
22@@ -83,7 +83,7 @@ if [ "$includedir" != "/usr/include" ]; then 21@@ -83,7 +83,7 @@ if [ "$includedir" != "/usr/include" ]; then
diff --git a/meta/recipes-core/ncurses/files/CVE-2023-45918.patch b/meta/recipes-core/ncurses/files/CVE-2023-45918.patch
deleted file mode 100644
index fbdae49a61..0000000000
--- a/meta/recipes-core/ncurses/files/CVE-2023-45918.patch
+++ /dev/null
@@ -1,180 +0,0 @@
1From bcf02d3242f1c7d57224a95f7903fcf4b5e7695d Mon Sep 17 00:00:00 2001
2From: Thomas E. Dickey <dickey@invisible-island.net>
3Date: Fri, 16 Jun 2023 02:54:29 +0530
4Subject: [PATCH] Fix CVE-2023-45918
5
6CVE: CVE-2023-45918
7
8Upstream-Status: Backport [https://ncurses.scripts.mit.edu/?p=ncurses.git;a=commit;h=bcf02d3242f1c7d57224a95f7903fcf4b5e7695d]
9
10Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
11---
12 ncurses/tinfo/comp_error.c | 15 ++++++---
13 ncurses/tinfo/read_entry.c | 65 ++++++++++++++++++++++++++------------
14 2 files changed, 56 insertions(+), 24 deletions(-)
15
16diff --git a/ncurses/tinfo/comp_error.c b/ncurses/tinfo/comp_error.c
17index 48f48784..ee518e28 100644
18--- a/ncurses/tinfo/comp_error.c
19+++ b/ncurses/tinfo/comp_error.c
20@@ -60,8 +60,15 @@ _nc_get_source(void)
21 NCURSES_EXPORT(void)
22 _nc_set_source(const char *const name)
23 {
24- FreeIfNeeded(SourceName);
25- SourceName = strdup(name);
26+ if (name == NULL) {
27+ free(SourceName);
28+ SourceName = NULL;
29+ } else if (SourceName == NULL) {
30+ SourceName = strdup(name);
31+ } else if (strcmp(name, SourceName)) {
32+ free(SourceName);
33+ SourceName = strdup(name);
34+ }
35 }
36
37 NCURSES_EXPORT(void)
38@@ -95,9 +102,9 @@ static NCURSES_INLINE void
39 where_is_problem(void)
40 {
41 fprintf(stderr, "\"%s\"", SourceName ? SourceName : "?");
42- if (_nc_curr_line >= 0)
43+ if (_nc_curr_line > 0)
44 fprintf(stderr, ", line %d", _nc_curr_line);
45- if (_nc_curr_col >= 0)
46+ if (_nc_curr_col > 0)
47 fprintf(stderr, ", col %d", _nc_curr_col);
48 if (TermType != 0 && TermType[0] != '\0')
49 fprintf(stderr, ", terminal '%s'", TermType);
50diff --git a/ncurses/tinfo/read_entry.c b/ncurses/tinfo/read_entry.c
51index 341337d2..b0c3ad26 100644
52--- a/ncurses/tinfo/read_entry.c
53+++ b/ncurses/tinfo/read_entry.c
54@@ -138,12 +138,13 @@ convert_16bits(char *buf, NCURSES_INT2 *Numbers, int count)
55 }
56 #endif
57
58-static void
59-convert_strings(char *buf, char **Strings, int count, int size, char *table)
60+static bool
61+convert_strings(char *buf, char **Strings, int count, int size,
62+ char *table, bool always)
63 {
64 int i;
65 char *p;
66- bool corrupt = FALSE;
67+ bool success = TRUE;
68
69 for (i = 0; i < count; i++) {
70 if (IS_NEG1(buf + 2 * i)) {
71@@ -159,13 +160,10 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table)
72 TR(TRACE_DATABASE, ("Strings[%d] = %s", i,
73 _nc_visbuf(Strings[i])));
74 } else {
75- if (!corrupt) {
76- corrupt = TRUE;
77- TR(TRACE_DATABASE,
78- ("ignore out-of-range index %d to Strings[]", nn));
79- _nc_warning("corrupt data found in convert_strings");
80- }
81- Strings[i] = ABSENT_STRING;
82+ TR(TRACE_DATABASE,
83+ ("found out-of-range index %d to Strings[%d]", nn, i));
84+ success = FALSE;
85+ break;
86 }
87 }
88
89@@ -175,10 +173,25 @@ convert_strings(char *buf, char **Strings, int count, int size, char *table)
90 if (*p == '\0')
91 break;
92 /* if there is no NUL, ignore the string */
93- if (p >= table + size)
94+ if (p >= table + size) {
95 Strings[i] = ABSENT_STRING;
96+ } else if (p == Strings[i] && always) {
97+ TR(TRACE_DATABASE,
98+ ("found empty but required Strings[%d]", i));
99+ success = FALSE;
100+ break;
101+ }
102+ } else if (always) { /* names are always needed */
103+ TR(TRACE_DATABASE,
104+ ("found invalid but required Strings[%d]", i));
105+ success = FALSE;
106+ break;
107 }
108 }
109+ if (!success) {
110+ _nc_warning("corrupt data found in convert_strings");
111+ }
112+ return success;
113 }
114
115 static int
116@@ -382,7 +395,10 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit)
117 if (Read(string_table, (unsigned) str_size) != str_size) {
118 returnDB(TGETENT_NO);
119 }
120- convert_strings(buf, ptr->Strings, str_count, str_size, string_table);
121+ if (!convert_strings(buf, ptr->Strings, str_count, str_size,
122+ string_table, FALSE)) {
123+ returnDB(TGETENT_NO);
124+ }
125 }
126 #if NCURSES_XNAMES
127
128@@ -483,8 +499,10 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit)
129 ("Before computing extended-string capabilities "
130 "str_count=%d, ext_str_count=%d",
131 str_count, ext_str_count));
132- convert_strings(buf, ptr->Strings + str_count, ext_str_count,
133- ext_str_limit, ptr->ext_str_table);
134+ if (!convert_strings(buf, ptr->Strings + str_count, ext_str_count,
135+ ext_str_limit, ptr->ext_str_table, FALSE)) {
136+ returnDB(TGETENT_NO);
137+ }
138 for (i = ext_str_count - 1; i >= 0; i--) {
139 TR(TRACE_DATABASE, ("MOVE from [%d:%d] %s",
140 i, i + str_count,
141@@ -516,10 +534,13 @@ _nc_read_termtype(TERMTYPE2 *ptr, char *buffer, int limit)
142 TR(TRACE_DATABASE,
143 ("ext_NAMES starting @%d in extended_strings, first = %s",
144 base, _nc_visbuf(ptr->ext_str_table + base)));
145- convert_strings(buf + (2 * ext_str_count),
146- ptr->ext_Names,
147- (int) need,
148- ext_str_limit, ptr->ext_str_table + base);
149+ if (!convert_strings(buf + (2 * ext_str_count),
150+ ptr->ext_Names,
151+ (int) need,
152+ ext_str_limit, ptr->ext_str_table + base,
153+ TRUE)) {
154+ returnDB(TGETENT_NO);
155+ }
156 }
157
158 TR(TRACE_DATABASE,
159@@ -572,13 +593,17 @@ _nc_read_file_entry(const char *const filename, TERMTYPE2 *ptr)
160 int limit;
161 char buffer[MAX_ENTRY_SIZE + 1];
162
163- if ((limit = (int) fread(buffer, sizeof(char), sizeof(buffer), fp))
164- > 0) {
165+ limit = (int) fread(buffer, sizeof(char), sizeof(buffer), fp);
166+ if (limit > 0) {
167+ const char *old_source = _nc_get_source();
168
169 TR(TRACE_DATABASE, ("read terminfo %s", filename));
170+ if (old_source == NULL)
171+ _nc_set_source(filename);
172 if ((code = _nc_read_termtype(ptr, buffer, limit)) == TGETENT_NO) {
173 _nc_free_termtype2(ptr);
174 }
175+ _nc_set_source(old_source);
176 } else {
177 code = TGETENT_NO;
178 }
179--
1802.40.0
diff --git a/meta/recipes-core/ncurses/files/CVE-2023-50495.patch b/meta/recipes-core/ncurses/files/CVE-2023-50495.patch
deleted file mode 100644
index 7d90ddd30f..0000000000
--- a/meta/recipes-core/ncurses/files/CVE-2023-50495.patch
+++ /dev/null
@@ -1,301 +0,0 @@
1From 7daae3f2139a678fe0ae0b42fcf8d807cbff485c Mon Sep 17 00:00:00 2001
2From: Mingli Yu <mingli.yu@windriver.com>
3Date: Sun, 4 Feb 2024 13:42:38 +0800
4Subject: [PATCH] parse_entry.c: check return value of _nc_save_str
5
6* check return value of _nc_save_str(), in special case for tic where
7extended capabilities are processed but the terminal description was
8not initialized (report by Ziqiao Kong).
9
10* regenerate llib-* files.
11
12CVE: CVE-2023-50495
13
14Upstream-Status: Backport [http://ncurses.scripts.mit.edu/?p=ncurses.git;a=commitdiff;h=7723dd6799ab10b32047ec73b14df9f107bafe99]
15
16Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
17---
18 ncurses/llib-lncurses | 15 +++++++++++++++
19 ncurses/llib-lncursest | 15 +++++++++++++++
20 ncurses/llib-lncursestw | 15 +++++++++++++++
21 ncurses/llib-lncursesw | 15 +++++++++++++++
22 ncurses/llib-ltinfo | 15 +++++++++++++++
23 ncurses/llib-ltinfot | 15 +++++++++++++++
24 ncurses/llib-ltinfotw | 15 +++++++++++++++
25 ncurses/llib-ltinfow | 15 +++++++++++++++
26 ncurses/tinfo/parse_entry.c | 23 ++++++++++++++++-------
27 9 files changed, 136 insertions(+), 7 deletions(-)
28
29diff --git a/ncurses/llib-lncurses b/ncurses/llib-lncurses
30index 211cf3b7..e4190aa2 100644
31--- a/ncurses/llib-lncurses
32+++ b/ncurses/llib-lncurses
33@@ -3656,6 +3656,21 @@ char *tiparm(
34 ...)
35 { return(*(char **)0); }
36
37+#undef tiparm_s
38+char *tiparm_s(
39+ int num_expected,
40+ int tparm_type,
41+ const char *string,
42+ ...)
43+ { return(*(char **)0); }
44+
45+#undef tiscan_s
46+int tiscan_s(
47+ int *num_expected,
48+ int *tparm_type,
49+ const char *string)
50+ { return(*(int *)0); }
51+
52 #undef _nc_tiparm
53 char *_nc_tiparm(
54 int expected,
55diff --git a/ncurses/llib-lncursest b/ncurses/llib-lncursest
56index 1b09d676..e07abba6 100644
57--- a/ncurses/llib-lncursest
58+++ b/ncurses/llib-lncursest
59@@ -3741,6 +3741,21 @@ char *tiparm(
60 ...)
61 { return(*(char **)0); }
62
63+#undef tiparm_s
64+char *tiparm_s(
65+ int num_expected,
66+ int tparm_type,
67+ const char *string,
68+ ...)
69+ { return(*(char **)0); }
70+
71+#undef tiscan_s
72+int tiscan_s(
73+ int *num_expected,
74+ int *tparm_type,
75+ const char *string)
76+ { return(*(int *)0); }
77+
78 #undef _nc_tiparm
79 char *_nc_tiparm(
80 int expected,
81diff --git a/ncurses/llib-lncursestw b/ncurses/llib-lncursestw
82index 4576e0fc..747c6be8 100644
83--- a/ncurses/llib-lncursestw
84+++ b/ncurses/llib-lncursestw
85@@ -4702,6 +4702,21 @@ char *tiparm(
86 ...)
87 { return(*(char **)0); }
88
89+#undef tiparm_s
90+char *tiparm_s(
91+ int num_expected,
92+ int tparm_type,
93+ const char *string,
94+ ...)
95+ { return(*(char **)0); }
96+
97+#undef tiscan_s
98+int tiscan_s(
99+ int *num_expected,
100+ int *tparm_type,
101+ const char *string)
102+ { return(*(int *)0); }
103+
104 #undef _nc_tiparm
105 char *_nc_tiparm(
106 int expected,
107diff --git a/ncurses/llib-lncursesw b/ncurses/llib-lncursesw
108index 127350d2..862305d9 100644
109--- a/ncurses/llib-lncursesw
110+++ b/ncurses/llib-lncursesw
111@@ -4617,6 +4617,21 @@ char *tiparm(
112 ...)
113 { return(*(char **)0); }
114
115+#undef tiparm_s
116+char *tiparm_s(
117+ int num_expected,
118+ int tparm_type,
119+ const char *string,
120+ ...)
121+ { return(*(char **)0); }
122+
123+#undef tiscan_s
124+int tiscan_s(
125+ int *num_expected,
126+ int *tparm_type,
127+ const char *string)
128+ { return(*(int *)0); }
129+
130 #undef _nc_tiparm
131 char *_nc_tiparm(
132 int expected,
133diff --git a/ncurses/llib-ltinfo b/ncurses/llib-ltinfo
134index a5cd7cd3..31e5e9a6 100644
135--- a/ncurses/llib-ltinfo
136+++ b/ncurses/llib-ltinfo
137@@ -927,6 +927,21 @@ char *tiparm(
138 ...)
139 { return(*(char **)0); }
140
141+#undef tiparm_s
142+char *tiparm_s(
143+ int num_expected,
144+ int tparm_type,
145+ const char *string,
146+ ...)
147+ { return(*(char **)0); }
148+
149+#undef tiscan_s
150+int tiscan_s(
151+ int *num_expected,
152+ int *tparm_type,
153+ const char *string)
154+ { return(*(int *)0); }
155+
156 #undef _nc_tiparm
157 char *_nc_tiparm(
158 int expected,
159diff --git a/ncurses/llib-ltinfot b/ncurses/llib-ltinfot
160index bd3de812..48e5c25a 100644
161--- a/ncurses/llib-ltinfot
162+++ b/ncurses/llib-ltinfot
163@@ -1003,6 +1003,21 @@ char *tiparm(
164 ...)
165 { return(*(char **)0); }
166
167+#undef tiparm_s
168+char *tiparm_s(
169+ int num_expected,
170+ int tparm_type,
171+ const char *string,
172+ ...)
173+ { return(*(char **)0); }
174+
175+#undef tiscan_s
176+int tiscan_s(
177+ int *num_expected,
178+ int *tparm_type,
179+ const char *string)
180+ { return(*(int *)0); }
181+
182 #undef _nc_tiparm
183 char *_nc_tiparm(
184 int expected,
185diff --git a/ncurses/llib-ltinfotw b/ncurses/llib-ltinfotw
186index 4d35a1e1..64dfdfa5 100644
187--- a/ncurses/llib-ltinfotw
188+++ b/ncurses/llib-ltinfotw
189@@ -1025,6 +1025,21 @@ char *tiparm(
190 ...)
191 { return(*(char **)0); }
192
193+#undef tiparm_s
194+char *tiparm_s(
195+ int num_expected,
196+ int tparm_type,
197+ const char *string,
198+ ...)
199+ { return(*(char **)0); }
200+
201+#undef tiscan_s
202+int tiscan_s(
203+ int *num_expected,
204+ int *tparm_type,
205+ const char *string)
206+ { return(*(int *)0); }
207+
208 #undef _nc_tiparm
209 char *_nc_tiparm(
210 int expected,
211diff --git a/ncurses/llib-ltinfow b/ncurses/llib-ltinfow
212index db846764..7e17a35f 100644
213--- a/ncurses/llib-ltinfow
214+++ b/ncurses/llib-ltinfow
215@@ -949,6 +949,21 @@ char *tiparm(
216 ...)
217 { return(*(char **)0); }
218
219+#undef tiparm_s
220+char *tiparm_s(
221+ int num_expected,
222+ int tparm_type,
223+ const char *string,
224+ ...)
225+ { return(*(char **)0); }
226+
227+#undef tiscan_s
228+int tiscan_s(
229+ int *num_expected,
230+ int *tparm_type,
231+ const char *string)
232+ { return(*(int *)0); }
233+
234 #undef _nc_tiparm
235 char *_nc_tiparm(
236 int expected,
237diff --git a/ncurses/tinfo/parse_entry.c b/ncurses/tinfo/parse_entry.c
238index 14bcb67e..0a0b5637 100644
239--- a/ncurses/tinfo/parse_entry.c
240+++ b/ncurses/tinfo/parse_entry.c
241@@ -110,7 +110,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
242 /* Well, we are given a cancel for a name that we don't recognize */
243 return _nc_extend_names(entryp, name, STRING);
244 default:
245- return 0;
246+ return NULL;
247 }
248
249 /* Adjust the 'offset' (insertion-point) to keep the lists of extended
250@@ -142,6 +142,11 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
251 for (last = (unsigned) (max - 1); last > tindex; last--)
252
253 if (!found) {
254+ char *saved;
255+
256+ if ((saved = _nc_save_str(name)) == NULL)
257+ return NULL;
258+
259 switch (token_type) {
260 case BOOLEAN:
261 tp->ext_Booleans++;
262@@ -169,7 +174,7 @@ _nc_extend_names(ENTRY * entryp, const char *name, int token_type)
263 TYPE_REALLOC(char *, actual, tp->ext_Names);
264 while (--actual > offset)
265 tp->ext_Names[actual] = tp->ext_Names[actual - 1];
266- tp->ext_Names[offset] = _nc_save_str(name);
267+ tp->ext_Names[offset] = saved;
268 }
269
270 temp.nte_name = tp->ext_Names[offset];
271@@ -364,6 +369,8 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
272 bool is_use = (strcmp(_nc_curr_token.tk_name, "use") == 0);
273 bool is_tc = !is_use && (strcmp(_nc_curr_token.tk_name, "tc") == 0);
274 if (is_use || is_tc) {
275+ char *saved;
276+
277 if (!VALID_STRING(_nc_curr_token.tk_valstring)
278 || _nc_curr_token.tk_valstring[0] == '\0') {
279 _nc_warning("missing name for use-clause");
280@@ -377,11 +384,13 @@ _nc_parse_entry(ENTRY * entryp, int literal, bool silent)
281 _nc_curr_token.tk_valstring);
282 continue;
283 }
284- entryp->uses[entryp->nuses].name = _nc_save_str(_nc_curr_token.tk_valstring);
285- entryp->uses[entryp->nuses].line = _nc_curr_line;
286- entryp->nuses++;
287- if (entryp->nuses > 1 && is_tc) {
288- BAD_TC_USAGE
289+ if ((saved = _nc_save_str(_nc_curr_token.tk_valstring)) != NULL) {
290+ entryp->uses[entryp->nuses].name = saved;
291+ entryp->uses[entryp->nuses].line = _nc_curr_line;
292+ entryp->nuses++;
293+ if (entryp->nuses > 1 && is_tc) {
294+ BAD_TC_USAGE
295+ }
296 }
297 } else {
298 /* normal token lookup */
299--
3002.25.1
301
diff --git a/meta/recipes-core/ncurses/files/exit_prototype.patch b/meta/recipes-core/ncurses/files/exit_prototype.patch
index fd961512e0..299852d2c0 100644
--- a/meta/recipes-core/ncurses/files/exit_prototype.patch
+++ b/meta/recipes-core/ncurses/files/exit_prototype.patch
@@ -1,28 +1,27 @@
1From 4a769a441d7e57a23017c3037cde3e53fb9f35fe Mon Sep 17 00:00:00 2001 1From af798dceafec8a9ea3f83fc250d784511ca0a29c Mon Sep 17 00:00:00 2001
2From: Khem Raj <raj.khem@gmail.com> 2From: Khem Raj <raj.khem@gmail.com>
3Date: Tue, 30 Aug 2022 15:58:32 -0700 3Date: Tue, 30 Aug 2022 15:58:32 -0700
4Subject: [PATCH] Add needed headers for including mbstate_t and exit() 4Subject: [PATCH] Add needed headers for including mbstate_t and exit()
5 5
6Upstream-Status: Inappropriate [Reconfigure will solve it] 6Upstream-Status: Inappropriate [Reconfigure will solve it]
7Signed-off-by: Khem Raj <raj.khem@gmail.com> 7Signed-off-by: Khem Raj <raj.khem@gmail.com>
8
9--- 8---
10 configure | 2 ++ 9 configure | 2 ++
11 1 file changed, 2 insertions(+) 10 1 file changed, 2 insertions(+)
12 11
13diff --git a/configure b/configure 12diff --git a/configure b/configure
14index f377f551..163f8899 100755 13index 005d44e2..72fa6c23 100755
15--- a/configure 14--- a/configure
16+++ b/configure 15+++ b/configure
17@@ -3423,6 +3423,7 @@ rm -f "conftest.$ac_objext" "conftest.$ac_ext" 16@@ -3462,6 +3462,7 @@ rm -f "conftest.$ac_objext" "conftest.$ac_ext"
18 cat >"conftest.$ac_ext" <<_ACEOF 17 cat >"conftest.$ac_ext" <<_ACEOF
19 #line 3424 "configure" 18 #line 3463 "configure"
20 #include "confdefs.h" 19 #include "confdefs.h"
21+#include <stdlib.h> 20+#include <stdlib.h>
22 $ac_declaration 21 $ac_declaration
23 int 22 int
24 main (void) 23 main (void)
25@@ -13111,6 +13112,7 @@ cat >"conftest.$ac_ext" <<_ACEOF 24@@ -13533,6 +13534,7 @@ cat >"conftest.$ac_ext" <<_ACEOF
26 #include <stdlib.h> 25 #include <stdlib.h>
27 #include <stdarg.h> 26 #include <stdarg.h>
28 #include <stdio.h> 27 #include <stdio.h>
diff --git a/meta/recipes-core/ncurses/ncurses.inc b/meta/recipes-core/ncurses/ncurses.inc
index 3b72f3efdd..2a3fd4f2c5 100644
--- a/meta/recipes-core/ncurses/ncurses.inc
+++ b/meta/recipes-core/ncurses/ncurses.inc
@@ -2,7 +2,7 @@ SUMMARY = "The New Curses library"
2DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo tools including tic, infocmp, captoinfo. Supports color, multiple highlights, forms-drawing characters, and automatic recognition of keypad and function-key sequences. Extensions include resizable windows and mouse support on both xterm and Linux console using the gpm library." 2DESCRIPTION = "SVr4 and XSI-Curses compatible curses library and terminfo tools including tic, infocmp, captoinfo. Supports color, multiple highlights, forms-drawing characters, and automatic recognition of keypad and function-key sequences. Extensions include resizable windows and mouse support on both xterm and Linux console using the gpm library."
3HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html" 3HOMEPAGE = "http://www.gnu.org/software/ncurses/ncurses.html"
4LICENSE = "MIT" 4LICENSE = "MIT"
5LIC_FILES_CHKSUM = "file://COPYING;md5=c5a4600fdef86384c41ca33ecc70a4b8;endline=27" 5LIC_FILES_CHKSUM = "file://COPYING;md5=6f291ee54551d9d8d992ecd623fe4bc7;endline=27"
6SECTION = "libs" 6SECTION = "libs"
7DEPENDS = "ncurses-native" 7DEPENDS = "ncurses-native"
8DEPENDS:class-native = "" 8DEPENDS:class-native = ""
diff --git a/meta/recipes-core/ncurses/ncurses_6.4.bb b/meta/recipes-core/ncurses/ncurses_6.5.bb
index 61558ecfa8..2e3ee337ea 100644
--- a/meta/recipes-core/ncurses/ncurses_6.4.bb
+++ b/meta/recipes-core/ncurses/ncurses_6.5.bb
@@ -4,13 +4,9 @@ SRC_URI += "file://0001-tic-hang.patch \
4 file://0002-configure-reproducible.patch \ 4 file://0002-configure-reproducible.patch \
5 file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \ 5 file://0003-gen-pkgconfig.in-Do-not-include-LDFLAGS-in-generated.patch \
6 file://exit_prototype.patch \ 6 file://exit_prototype.patch \
7 file://0001-Fix-CVE-2023-29491.patch \
8 file://0001-Updating-reset-code-ncurses-6.4-patch-20231104.patch \
9 file://CVE-2023-50495.patch \
10 file://CVE-2023-45918.patch \
11 " 7 "
12# commit id corresponds to the revision in package version 8# commit id corresponds to the revision in package version
13SRCREV = "1003914e200fd622a27237abca155ce6bf2e6030" 9SRCREV = "1c55d64d9d3e00399a21f04e9cac1e472ab5f70a"
14S = "${WORKDIR}/git" 10S = "${WORKDIR}/git"
15EXTRA_OECONF += "--with-abi-version=5" 11EXTRA_OECONF += "--with-abi-version=5"
16UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+_\d+)$" 12UPSTREAM_CHECK_GITTAGREGEX = "v(?P<pver>\d+_\d+)$"