1 files changed, 78 insertions, 14 deletions
diff --git a/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch b/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch
index bd9169381f..2d620a5354 100644
--- a/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch
+++ b/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch
@@ -1,19 +1,15 @@
-There are cases, especially on PPC and MIPS, where the data address
+During the recalculation of the buildid, it's necessary to change the word
-returned is 0, but the size is not 0.
+back to the original endian.  However, if we do this in-place, we've also
+affected the headers that we're also working on.  The side effect of this is
+we can no longer rely on 'sh_type' as it may have been changed.
-It appears to happen when the sections headers are similar to:
+This patch ensures that any time we translate the loaded data to the machine
+format, we only do it in a backup copy and never the original copy.
-  [21] .data             PROGBITS        000239c0 0139c0 000010 00  WA  0   0  8
+Note: in all other places a backup copy was used, just not buildid processing.
-  [22] .got              PROGBITS        000239d0 0139d0 000014 04 WAX  0   0  4
-  [23] .plt              NOBITS          000239e4 0139e4 000234 00 WAX  0   0  4
-  [24] .bss              NOBITS          00023c18 0139e4 0001c8 00  WA  0   0  8
-  [25] .comment          PROGBITS        00000000 0139e4 000011 01  MS  0   0  1
-  [26] .debug_aranges    PROGBITS        00000000 0139f8 000d68 00      0   0  8
-Sections 23 and 24 (.plt and .bss) which are NOBITS have a loaded data address
+Also the process (...) function was modified to verify the data is not
-of 0, but a size != 0.
+NULL as well.  This is an extra check and is not strictly necessary.
-This could be a bug in libelf...
 Upstream-status: Pending
@@ -23,7 +19,7 @@ Index: rpm-5.4.9/tools/debugedit.c
 ===================================================================
 --- rpm-5.4.9.orig/tools/debugedit.c
 +++ rpm-5.4.9/tools/debugedit.c
-@@ -1434,7 +1434,8 @@ handle_build_id (DSO *dso, Elf_Data *bui
+@@ -1432,21 +1432,24 @@ handle_build_id (DSO *dso, Elf_Data *bui
     auto inline void process (const void *data, size_t size)
     {
       memchunk chunk = { .data = (void *) data, .size = size };
@@ -33,3 +29,71 @@ Index: rpm-5.4.9/tools/debugedit.c
     }
     union
     {
+       GElf_Ehdr ehdr;
+       GElf_Phdr phdr;
+       GElf_Shdr shdr;
+-    } u;
+-    Elf_Data x = { .d_version = EV_CURRENT, .d_buf = &u };
+-
+-    x.d_type = ELF_T_EHDR;
+-    x.d_size = sizeof u.ehdr;
+-    u.ehdr = dso->ehdr;
+-    u.ehdr.e_phoff = u.ehdr.e_shoff = 0;
+-    if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
+    } u1, u2;
+    Elf_Data src  = { .d_version = EV_CURRENT, .d_buf = &u1 };
+    Elf_Data dest = { .d_version = EV_CURRENT, .d_buf = &u2 };
+
+    src.d_type = ELF_T_EHDR;
+    src.d_size = sizeof u1.ehdr;
+    dest.d_size = sizeof u2.ehdr;
+    u1.ehdr = dso->ehdr;
+    u1.ehdr.e_phoff = u1.ehdr.e_shoff = 0;
+    if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
+       {
+       bad:
+        fprintf (stderr, "Failed to compute header checksum: %s\n",
+@@ -1454,29 +1457,31 @@ handle_build_id (DSO *dso, Elf_Data *bui
+        exit (1);
+       }
+ 
+-    x.d_type = ELF_T_PHDR;
+-    x.d_size = sizeof u.phdr;
+    src.d_type = ELF_T_PHDR;
+    src.d_size = sizeof u1.phdr;
+    dest.d_size = sizeof u2.phdr;
+     for (i = 0; i < dso->ehdr.e_phnum; ++i)
+       {
+-       if (gelf_getphdr (dso->elf, i, &u.phdr) == NULL)
+       if (gelf_getphdr (dso->elf, i, &u1.phdr) == NULL)
+          goto bad;
+-       if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
+       if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
+          goto bad;
+-       process (x.d_buf, x.d_size);
+       process (dest.d_buf, dest.d_size);
+       }
+ 
+-    x.d_type = ELF_T_SHDR;
+-    x.d_size = sizeof u.shdr;
+    src.d_type = ELF_T_SHDR;
+    src.d_size = sizeof u1.shdr;
+    dest.d_size = sizeof u2.shdr;
+     for (i = 0; i < dso->ehdr.e_shnum; ++i)
+       if (dso->scn[i] != NULL)
+        {
+-         u.shdr = dso->shdr[i];
+-         u.shdr.sh_offset = 0;
+-         if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
+         u1.shdr = dso->shdr[i];
+         u1.shdr.sh_offset = 0;
+         if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
+            goto bad;
+-         process (x.d_buf, x.d_size);
+         process (dest.d_buf, dest.d_size);
+ 
+-         if (u.shdr.sh_type != SHT_NOBITS)
+         if (u1.shdr.sh_type != SHT_NOBITS)
+            {
+              Elf_Data *d = elf_rawdata (dso->scn[i], NULL);
+              if (d == NULL)

diff --git a/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch b/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch index bd9169381f..2d620a5354 100644 --- a/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch +++ b/meta/recipes-devtools/rpm/rpm/debugedit-segv.patch
@@ -1,19 +1,15 @@
1	There are cases, especially on PPC and MIPS, where the data address	1	During the recalculation of the buildid, it's necessary to change the word
2	returned is 0, but the size is not 0.	2	back to the original endian. However, if we do this in-place, we've also
		3	affected the headers that we're also working on. The side effect of this is
		4	we can no longer rely on 'sh_type' as it may have been changed.
3		5
4	It appears to happen when the sections headers are similar to:	6	This patch ensures that any time we translate the loaded data to the machine
		7	format, we only do it in a backup copy and never the original copy.
5		8
6	[21] .data PROGBITS 000239c0 0139c0 000010 00 WA 0 0 8	9	Note: in all other places a backup copy was used, just not buildid processing.
7	[22] .got PROGBITS 000239d0 0139d0 000014 04 WAX 0 0 4
8	[23] .plt NOBITS 000239e4 0139e4 000234 00 WAX 0 0 4
9	[24] .bss NOBITS 00023c18 0139e4 0001c8 00 WA 0 0 8
10	[25] .comment PROGBITS 00000000 0139e4 000011 01 MS 0 0 1
11	[26] .debug_aranges PROGBITS 00000000 0139f8 000d68 00 0 0 8
12		10
13	Sections 23 and 24 (.plt and .bss) which are NOBITS have a loaded data address	11	Also the process (...) function was modified to verify the data is not
14	of 0, but a size != 0.	12	NULL as well. This is an extra check and is not strictly necessary.
15
16	This could be a bug in libelf...
17		13
18	Upstream-status: Pending	14	Upstream-status: Pending
19		15
@@ -23,7 +19,7 @@ Index: rpm-5.4.9/tools/debugedit.c
23	===================================================================	19	===================================================================
24	--- rpm-5.4.9.orig/tools/debugedit.c	20	--- rpm-5.4.9.orig/tools/debugedit.c
25	+++ rpm-5.4.9/tools/debugedit.c	21	+++ rpm-5.4.9/tools/debugedit.c
26	@@ -1434,7 +1434,8 @@ handle_build_id (DSO dso, Elf_Data bui	22	@@ -1432,21 +1432,24 @@ handle_build_id (DSO dso, Elf_Data bui
27	auto inline void process (const void *data, size_t size)	23	auto inline void process (const void *data, size_t size)
28	{	24	{
29	memchunk chunk = { .data = (void *) data, .size = size };	25	memchunk chunk = { .data = (void *) data, .size = size };
@@ -33,3 +29,71 @@ Index: rpm-5.4.9/tools/debugedit.c
33	}	29	}
34	union	30	union
35	{	31	{
		32	GElf_Ehdr ehdr;
		33	GElf_Phdr phdr;
		34	GElf_Shdr shdr;
		35	- } u;
		36	- Elf_Data x = { .d_version = EV_CURRENT, .d_buf = &u };
		37	-
		38	- x.d_type = ELF_T_EHDR;
		39	- x.d_size = sizeof u.ehdr;
		40	- u.ehdr = dso->ehdr;
		41	- u.ehdr.e_phoff = u.ehdr.e_shoff = 0;
		42	- if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
		43	+ } u1, u2;
		44	+ Elf_Data src = { .d_version = EV_CURRENT, .d_buf = &u1 };
		45	+ Elf_Data dest = { .d_version = EV_CURRENT, .d_buf = &u2 };
		46	+
		47	+ src.d_type = ELF_T_EHDR;
		48	+ src.d_size = sizeof u1.ehdr;
		49	+ dest.d_size = sizeof u2.ehdr;
		50	+ u1.ehdr = dso->ehdr;
		51	+ u1.ehdr.e_phoff = u1.ehdr.e_shoff = 0;
		52	+ if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
		53	{
		54	bad:
		55	fprintf (stderr, "Failed to compute header checksum: %s\n",
		56	@@ -1454,29 +1457,31 @@ handle_build_id (DSO dso, Elf_Data bui
		57	exit (1);
		58	}
		59
		60	- x.d_type = ELF_T_PHDR;
		61	- x.d_size = sizeof u.phdr;
		62	+ src.d_type = ELF_T_PHDR;
		63	+ src.d_size = sizeof u1.phdr;
		64	+ dest.d_size = sizeof u2.phdr;
		65	for (i = 0; i < dso->ehdr.e_phnum; ++i)
		66	{
		67	- if (gelf_getphdr (dso->elf, i, &u.phdr) == NULL)
		68	+ if (gelf_getphdr (dso->elf, i, &u1.phdr) == NULL)
		69	goto bad;
		70	- if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
		71	+ if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
		72	goto bad;
		73	- process (x.d_buf, x.d_size);
		74	+ process (dest.d_buf, dest.d_size);
		75	}
		76
		77	- x.d_type = ELF_T_SHDR;
		78	- x.d_size = sizeof u.shdr;
		79	+ src.d_type = ELF_T_SHDR;
		80	+ src.d_size = sizeof u1.shdr;
		81	+ dest.d_size = sizeof u2.shdr;
		82	for (i = 0; i < dso->ehdr.e_shnum; ++i)
		83	if (dso->scn[i] != NULL)
		84	{
		85	- u.shdr = dso->shdr[i];
		86	- u.shdr.sh_offset = 0;
		87	- if (elf64_xlatetom (&x, &x, dso->ehdr.e_ident[EI_DATA]) == NULL)
		88	+ u1.shdr = dso->shdr[i];
		89	+ u1.shdr.sh_offset = 0;
		90	+ if (elf64_xlatetom (&dest, &src, dso->ehdr.e_ident[EI_DATA]) == NULL)
		91	goto bad;
		92	- process (x.d_buf, x.d_size);
		93	+ process (dest.d_buf, dest.d_size);
		94
		95	- if (u.shdr.sh_type != SHT_NOBITS)
		96	+ if (u1.shdr.sh_type != SHT_NOBITS)
		97	{
		98	Elf_Data *d = elf_rawdata (dso->scn[i], NULL);
		99	if (d == NULL)