4 files changed, 1 insertions, 179 deletions
diff --git a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch b/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch
deleted file mode 100644
index 805517900d..0000000000
--- a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch
+++ /dev/null
@@ -1,37 +0,0 @@
-From 1d685477c254e5b10a81e32c87786e0f001b70f1 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex@linutronix.de>
-Date: Mon, 24 Jul 2023 18:06:51 +0200
-Subject: [PATCH] po/fr.po: address failures with gettext 0.22
-Specifically:
-| fr.1po:3027: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 4, the argument size specifier is invalid.
-| fr.1po:3820: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 1, the argument size specifier is invalid.
-Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/199]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
- po/fr.po | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-diff --git a/po/fr.po b/po/fr.po
-index 715c2b69..700834e1 100644
--- a/po/fr.po
-+++ b/po/fr.po
-@@ -3800,7 +3800,7 @@ msgid ""
- "Type 'q' or <Esc> to continue "
- msgstr ""
- "Aide pour les commandes interactives~2 - %s\n"
-"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2.  ~1Système~6: ~1Délai ~3%.1lf "
-+"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2.  ~1Système~6: ~1Délai ~3%.1f "
- "secs~2; ~1Mode sûr ~3%s~2.\n"
- "\n"
- "  Z~5,~1B~5,E,e   Global: «~1Z~2» couleurs; «~1B~2» gras; «~1E~2»/«~1e~2» "
-@@ -4723,7 +4723,7 @@ msgstr " -v, --version  affiche les informations de version et sort\n"
- #: src/watch.c:486
- #, c-format
- msgid "Every %.1fs: "
-msgstr "Toutes les %.1lfs: "
-+msgstr "Toutes les %.1fs: "
- 
- #: src/watch.c:487
- #, c-format
diff --git a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch b/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch
deleted file mode 100644
index 23c91ec775..0000000000
--- a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch
+++ /dev/null
@@ -1,65 +0,0 @@
-From c41b3be62fbb78e0939fddaebad519360cbd8702 Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex@linutronix.de>
-Date: Mon, 6 Mar 2023 09:27:57 +0100
-Subject: [PATCH] src/w.c: use only utmpx
-Nowadays this works both on musl and glibc systems, however on musl
-utmp.h is also needed to avoid the following failure:
-| ../git/src/w.c: In function 'print_from':
-| ../git/src/w.c:73:28: error: '__UT_HOSTSIZE' undeclared (first use in this function); did you mean 'UT_HOSTSIZE'?
-|    73 | #       define UT_HOSTSIZE __UT_HOSTSIZE
-|       |                            ^~~~~~~~~~~~~
-| ../git/src/w.c:233:64: note: in expansion of macro 'UT_HOSTSIZE'
-|   233 |                         print_display_or_interface(u->ut_host, UT_HOSTSIZE, fromlen - len);
-|       |                                                                ^~~~~~~~~~~
-|
-It is caused by including utmpx.h, but not utmp.h, which (on musl)
-lacks the needed definitions.
-I have verified that both musl and glibc based builds continue to work.
-Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/171]
-Signed-off-by: Alexander Kanavin <alex@linutronix.de>
---
- src/w.c | 17 ++---------------
- 1 file changed, 2 insertions(+), 15 deletions(-)
-diff --git a/src/w.c b/src/w.c
-index 5e878f04..912c5df3 100644
--- a/src/w.c
-+++ b/src/w.c
-@@ -46,11 +46,8 @@
- #include <termios.h>
- #include <time.h>
- #include <unistd.h>
-#ifdef HAVE_UTMPX_H
-#      include <utmpx.h>
-#else
-#      include <utmp.h>
-#endif
-+#include <utmp.h>
-+#include <utmpx.h>
- #include <arpa/inet.h>
- 
- #include "c.h"
-@@ -63,17 +60,7 @@
- static int ignoreuser = 0;     /* for '-u' */
- static int oldstyle = 0;       /* for '-o' */
- 
-#ifdef HAVE_UTMPX_H
- typedef struct utmpx utmp_t;
-#else
-typedef struct utmp utmp_t;
-#endif
-
-#if !defined(UT_HOSTSIZE) || defined(__UT_HOSTSIZE)
-#      define UT_HOSTSIZE __UT_HOSTSIZE
-#      define UT_LINESIZE __UT_LINESIZE
-#      define UT_NAMESIZE __UT_NAMESIZE
-#endif
- 
- #ifdef W_SHOWFROM
- # define FROM_STRING "on"
diff --git a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch b/meta/recipes-extended/procps/procps/CVE-2023-4016.patch
deleted file mode 100644
index 202fea91f1..0000000000
--- a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch
+++ /dev/null
@@ -1,73 +0,0 @@
-From 2c933ecba3bb1d3041a5a7a53a7b4078a6003413 Mon Sep 17 00:00:00 2001
-From: Craig Small <csmall@dropbear.xyz>
-Date: Thu, 10 Aug 2023 21:18:38 +1000
-Subject: [PATCH] ps: Fix possible buffer overflow in -C option
-ps allocates memory using malloc(length of arg * len of struct).
-In certain strange circumstances, the arg length could be very large
-and the multiplecation will overflow, allocating a small amount of
-memory.
-Subsequent strncpy() will then write into unallocated memory.
-The fix is to use calloc. It's slower but this is a one-time
-allocation. Other malloc(x * y) calls have also been replaced
-by calloc(x, y)
-References:
- https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016
- https://nvd.nist.gov/vuln/detail/CVE-2023-4016
- https://gitlab.com/procps-ng/procps/-/issues/297
- https://bugs.debian.org/1042887
-Signed-off-by: Craig Small <csmall@dropbear.xyz>
-CVE: CVE-2023-4016
-Upstream-Status: Backport [https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413]
-Signed-off-by: Ross Burton <ross.burton@arm.com>
---
- NEWS            | 1 +
- src/ps/parser.c | 8 ++++----
- 2 files changed, 5 insertions(+), 4 deletions(-)
-diff --git a/src/ps/parser.c b/src/ps/parser.c
-index 248aa741..15873dfa 100644
--- a/src/ps/parser.c
-+++ b/src/ps/parser.c
-@@ -189,7 +189,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
-   const char *err;       /* error code that could or did happen */
-   /*** prepare to operate ***/
-   node = xmalloc(sizeof(selection_node));
-  node->u = xmalloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */
-   node->n = 0;
-   buf = strdup(arg);
-   /*** sanity check and count items ***/
-@@ -210,6 +209,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s
-   } while (*++walk);
-   if(need_item) goto parse_error;
-   node->n = items;
-+  node->u = xcalloc(items, sizeof(sel_union));
-   /*** actually parse the list ***/
-   walk = buf;
-   while(items--){
-@@ -1050,15 +1050,15 @@ static const char *parse_trailing_pids(void){
-   thisarg = ps_argc - 1;   /* we must be at the end now */
- 
-   pidnode = xmalloc(sizeof(selection_node));
-  pidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  pidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
-   pidnode->n = 0;
- 
-   grpnode = xmalloc(sizeof(selection_node));
-  grpnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  grpnode->u = xcalloc(i,sizeof(sel_union)); /* waste is insignificant */
-   grpnode->n = 0;
- 
-   sidnode = xmalloc(sizeof(selection_node));
-  sidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */
-+  sidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
-   sidnode->n = 0;
- 
-   while(i--){
-- 
-GitLab
diff --git a/meta/recipes-extended/procps/procps_4.0.3.bb b/meta/recipes-extended/procps/procps_4.0.4.bb
index 9ef679c6bd..800384f22f 100644
--- a/meta/recipes-extended/procps/procps_4.0.3.bb
+++ b/meta/recipes-extended/procps/procps_4.0.4.bb
@@ -14,11 +14,8 @@ inherit autotools gettext pkgconfig update-alternatives
 SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \
           file://sysctl.conf \
-           file://0001-src-w.c-use-utmp.h-only.patch \
-           file://0001-po-fr.po-address-failures-with-gettext-0.22.patch \
-           file://CVE-2023-4016.patch \
           "
-SRCREV = "806eb270f217ff7e1e745c7bda2b002b5be74be4"
+SRCREV = "4ddcef2fd843170c8e2d59a83042978f41037a2b"
 S = "${WORKDIR}/git"

diff --git a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch b/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch deleted file mode 100644 index 805517900d..0000000000 --- a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch +++ /dev/null
@@ -1,37 +0,0 @@
1	From 1d685477c254e5b10a81e32c87786e0f001b70f1 Mon Sep 17 00:00:00 2001
2	From: Alexander Kanavin <alex@linutronix.de>
3	Date: Mon, 24 Jul 2023 18:06:51 +0200
4	Subject: [PATCH] po/fr.po: address failures with gettext 0.22
5
6	Specifically:
7	\| fr.1po:3027: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 4, the argument size specifier is invalid.
8	\| fr.1po:3820: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 1, the argument size specifier is invalid.
9
10	Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/199]
11	Signed-off-by: Alexander Kanavin <alex@linutronix.de>
12	---
13	po/fr.po \| 4 ++--
14	1 file changed, 2 insertions(+), 2 deletions(-)
15
16	diff --git a/po/fr.po b/po/fr.po
17	index 715c2b69..700834e1 100644
18	--- a/po/fr.po
19	+++ b/po/fr.po
20	@@ -3800,7 +3800,7 @@ msgid ""
21	"Type 'q' or <Esc> to continue "
22	msgstr ""
23	"Aide pour les commandes interactives~2 - %s\n"
24	-"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2. ~1Système~6: ~1Délai ~3%.1lf "
25	+"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2. ~1Système~6: ~1Délai ~3%.1f "
26	"secs~2; ~1Mode sûr ~3%s~2.\n"
27	"\n"
28	" Z~5,~1B~5,E,e Global: «~1Z~2» couleurs; «~1B~2» gras; «~1E~2»/«~1e~2» "
29	@@ -4723,7 +4723,7 @@ msgstr " -v, --version affiche les informations de version et sort\n"
30	#: src/watch.c:486
31	#, c-format
32	msgid "Every %.1fs: "
33	-msgstr "Toutes les %.1lfs: "
34	+msgstr "Toutes les %.1fs: "
35
36	#: src/watch.c:487
37	#, c-format


diff --git a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch b/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch deleted file mode 100644 index 23c91ec775..0000000000 --- a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch +++ /dev/null
@@ -1,65 +0,0 @@
1	From c41b3be62fbb78e0939fddaebad519360cbd8702 Mon Sep 17 00:00:00 2001
2	From: Alexander Kanavin <alex@linutronix.de>
3	Date: Mon, 6 Mar 2023 09:27:57 +0100
4	Subject: [PATCH] src/w.c: use only utmpx
5
6	Nowadays this works both on musl and glibc systems, however on musl
7	utmp.h is also needed to avoid the following failure:
8
9	\| ../git/src/w.c: In function 'print_from':
10	\| ../git/src/w.c:73:28: error: '__UT_HOSTSIZE' undeclared (first use in this function); did you mean 'UT_HOSTSIZE'?
11	\| 73 \| # define UT_HOSTSIZE __UT_HOSTSIZE
12	\| \| ^~~~~~~~~~~~~
13	\| ../git/src/w.c:233:64: note: in expansion of macro 'UT_HOSTSIZE'
14	\| 233 \| print_display_or_interface(u->ut_host, UT_HOSTSIZE, fromlen - len);
15	\| \| ^~~~~~~~~~~
16	\|
17
18	It is caused by including utmpx.h, but not utmp.h, which (on musl)
19	lacks the needed definitions.
20
21	I have verified that both musl and glibc based builds continue to work.
22
23	Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/171]
24	Signed-off-by: Alexander Kanavin <alex@linutronix.de>
25
26	---
27	src/w.c \| 17 ++---------------
28	1 file changed, 2 insertions(+), 15 deletions(-)
29
30	diff --git a/src/w.c b/src/w.c
31	index 5e878f04..912c5df3 100644
32	--- a/src/w.c
33	+++ b/src/w.c
34	@@ -46,11 +46,8 @@
35	#include <termios.h>
36	#include <time.h>
37	#include <unistd.h>
38	-#ifdef HAVE_UTMPX_H
39	-# include <utmpx.h>
40	-#else
41	-# include <utmp.h>
42	-#endif
43	+#include <utmp.h>
44	+#include <utmpx.h>
45	#include <arpa/inet.h>
46
47	#include "c.h"
48	@@ -63,17 +60,7 @@
49	static int ignoreuser = 0; /* for '-u' */
50	static int oldstyle = 0; /* for '-o' */
51
52	-#ifdef HAVE_UTMPX_H
53	typedef struct utmpx utmp_t;
54	-#else
55	-typedef struct utmp utmp_t;
56	-#endif
57	-
58	-#if !defined(UT_HOSTSIZE) \|\| defined(__UT_HOSTSIZE)
59	-# define UT_HOSTSIZE __UT_HOSTSIZE
60	-# define UT_LINESIZE __UT_LINESIZE
61	-# define UT_NAMESIZE __UT_NAMESIZE
62	-#endif
63
64	#ifdef W_SHOWFROM
65	# define FROM_STRING "on"


diff --git a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch b/meta/recipes-extended/procps/procps/CVE-2023-4016.patch deleted file mode 100644 index 202fea91f1..0000000000 --- a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch +++ /dev/null
@@ -1,73 +0,0 @@
1	From 2c933ecba3bb1d3041a5a7a53a7b4078a6003413 Mon Sep 17 00:00:00 2001
2	From: Craig Small <csmall@dropbear.xyz>
3	Date: Thu, 10 Aug 2023 21:18:38 +1000
4	Subject: [PATCH] ps: Fix possible buffer overflow in -C option
5
6	ps allocates memory using malloc(length of arg * len of struct).
7	In certain strange circumstances, the arg length could be very large
8	and the multiplecation will overflow, allocating a small amount of
9	memory.
10
11	Subsequent strncpy() will then write into unallocated memory.
12	The fix is to use calloc. It's slower but this is a one-time
13	allocation. Other malloc(x * y) calls have also been replaced
14	by calloc(x, y)
15
16	References:
17	https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016
18	https://nvd.nist.gov/vuln/detail/CVE-2023-4016
19	https://gitlab.com/procps-ng/procps/-/issues/297
20	https://bugs.debian.org/1042887
21
22	Signed-off-by: Craig Small <csmall@dropbear.xyz>
23
24	CVE: CVE-2023-4016
25	Upstream-Status: Backport [https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413]
26	Signed-off-by: Ross Burton <ross.burton@arm.com>
27	---
28	NEWS \| 1 +
29	src/ps/parser.c \| 8 ++++----
30	2 files changed, 5 insertions(+), 4 deletions(-)
31
32	diff --git a/src/ps/parser.c b/src/ps/parser.c
33	index 248aa741..15873dfa 100644
34	--- a/src/ps/parser.c
35	+++ b/src/ps/parser.c
36	@@ -189,7 +189,6 @@ static const char parse_list(const char arg, const char (parse_fn)(char *, s
37	const char err; / error code that could or did happen */
38	/* prepare to operate */
39	node = xmalloc(sizeof(selection_node));
40	- node->u = xmalloc(strlen(arg)sizeof(sel_union)); / waste is insignificant */
41	node->n = 0;
42	buf = strdup(arg);
43	/* sanity check and count items */
44	@@ -210,6 +209,7 @@ static const char parse_list(const char arg, const char (parse_fn)(char *, s
45	} while (*++walk);
46	if(need_item) goto parse_error;
47	node->n = items;
48	+ node->u = xcalloc(items, sizeof(sel_union));
49	/* actually parse the list */
50	walk = buf;
51	while(items--){
52	@@ -1050,15 +1050,15 @@ static const char *parse_trailing_pids(void){
53	thisarg = ps_argc - 1; /* we must be at the end now */
54
55	pidnode = xmalloc(sizeof(selection_node));
56	- pidnode->u = xmalloc(isizeof(sel_union)); / waste is insignificant */
57	+ pidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
58	pidnode->n = 0;
59
60	grpnode = xmalloc(sizeof(selection_node));
61	- grpnode->u = xmalloc(isizeof(sel_union)); / waste is insignificant */
62	+ grpnode->u = xcalloc(i,sizeof(sel_union)); /* waste is insignificant */
63	grpnode->n = 0;
64
65	sidnode = xmalloc(sizeof(selection_node));
66	- sidnode->u = xmalloc(isizeof(sel_union)); / waste is insignificant */
67	+ sidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */
68	sidnode->n = 0;
69
70	while(i--){
71	--
72	GitLab
73


diff --git a/meta/recipes-extended/procps/procps_4.0.3.bb b/meta/recipes-extended/procps/procps_4.0.4.bb index 9ef679c6bd..800384f22f 100644 --- a/meta/recipes-extended/procps/procps_4.0.3.bb +++ b/meta/recipes-extended/procps/procps_4.0.4.bb
@@ -14,11 +14,8 @@ inherit autotools gettext pkgconfig update-alternatives
14		14
15	SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \	15	SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \
16	file://sysctl.conf \	16	file://sysctl.conf \
17	file://0001-src-w.c-use-utmp.h-only.patch \
18	file://0001-po-fr.po-address-failures-with-gettext-0.22.patch \
19	file://CVE-2023-4016.patch \
20	"	17	"
21	SRCREV = "806eb270f217ff7e1e745c7bda2b002b5be74be4"	18	SRCREV = "4ddcef2fd843170c8e2d59a83042978f41037a2b"
22		19
23	S = "${WORKDIR}/git"	20	S = "${WORKDIR}/git"
24		21