diff options
Diffstat (limited to 'meta/recipes-devtools/perl/files')
8 files changed, 297 insertions, 51 deletions
diff --git a/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch b/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch new file mode 100644 index 0000000000..0f3a2c6327 --- /dev/null +++ b/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch | |||
@@ -0,0 +1,27 @@ | |||
1 | From b0d53cfd785f64002128ac5eecc4aed0663d9c30 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alexander Kanavin <alex.kanavin@gmail.com> | ||
3 | Date: Thu, 9 Jan 2020 17:26:55 +0100 | ||
4 | Subject: [PATCH] tests: adjust to correctly exclude unbuilt extensions | ||
5 | |||
6 | Issue is reported here: | ||
7 | https://github.com/arsv/perl-cross/issues/85 | ||
8 | |||
9 | Upstream-Status: Inappropriate [issue caused by perl-cross] | ||
10 | Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> | ||
11 | --- | ||
12 | t/TEST | 2 +- | ||
13 | 1 file changed, 1 insertion(+), 1 deletion(-) | ||
14 | |||
15 | diff --git a/t/TEST b/t/TEST | ||
16 | index a9c844f..8d3505f 100755 | ||
17 | --- a/t/TEST | ||
18 | +++ b/t/TEST | ||
19 | @@ -419,7 +419,7 @@ sub _tests_from_manifest { | ||
20 | while (<MANI>) { | ||
21 | if (m!^((?:cpan|dist|ext)/(\S+)/+(?:[^/\s]+\.t|test\.pl)|lib/\S+?(?:\.t|test\.pl))\s!) { | ||
22 | my $t = $1; | ||
23 | - my $extension = $2; | ||
24 | + my $extension = $1."/".$2; | ||
25 | |||
26 | # XXX Generates way too many error lines currently. Skip for | ||
27 | # v5.22 | ||
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10543.patch b/meta/recipes-devtools/perl/files/CVE-2020-10543.patch new file mode 100644 index 0000000000..36dff0aac9 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10543.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | From 897d1f7fd515b828e4b198d8b8bef76c6faf03ed Mon Sep 17 00:00:00 2001 | ||
2 | From: John Lightsey <jd@cpanel.net> | ||
3 | Date: Wed, 20 Nov 2019 20:02:45 -0600 | ||
4 | Subject: [PATCH] regcomp.c: Prevent integer overflow from nested regex | ||
5 | quantifiers. | ||
6 | |||
7 | (CVE-2020-10543) On 32bit systems the size calculations for nested regular | ||
8 | expression quantifiers could overflow causing heap memory corruption. | ||
9 | |||
10 | Fixes: Perl/perl5-security#125 | ||
11 | (cherry picked from commit bfd31397db5dc1a5c5d3e0a1f753a4f89a736e71) | ||
12 | |||
13 | Upstream-Status: Backport [https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed] | ||
14 | CVE: CVE-2020-10543 | ||
15 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
16 | --- | ||
17 | regcomp.c | 6 ++++++ | ||
18 | 1 file changed, 6 insertions(+) | ||
19 | |||
20 | diff --git a/regcomp.c b/regcomp.c | ||
21 | index 93c8d98fbb0..5f86be8086d 100644 | ||
22 | --- a/regcomp.c | ||
23 | +++ b/regcomp.c | ||
24 | @@ -5489,6 +5489,12 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, | ||
25 | RExC_precomp))); | ||
26 | } | ||
27 | |||
28 | + if ( ( minnext > 0 && mincount >= SSize_t_MAX / minnext ) | ||
29 | + || min >= SSize_t_MAX - minnext * mincount ) | ||
30 | + { | ||
31 | + FAIL("Regexp out of space"); | ||
32 | + } | ||
33 | + | ||
34 | min += minnext * mincount; | ||
35 | is_inf_internal |= deltanext == SSize_t_MAX | ||
36 | || (maxcount == REG_INFTY && minnext + deltanext > 0); | ||
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch new file mode 100644 index 0000000000..b86085a551 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch | |||
@@ -0,0 +1,152 @@ | |||
1 | From 0a320d753fe7fca03df259a4dfd8e641e51edaa8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Hugo van der Sanden <hv@crypt.org> | ||
3 | Date: Tue, 18 Feb 2020 13:51:16 +0000 | ||
4 | Subject: [PATCH] study_chunk: extract rck_elide_nothing | ||
5 | |||
6 | (CVE-2020-10878) | ||
7 | |||
8 | (cherry picked from commit 93dee06613d4e1428fb10905ce1c3c96f53113dc) | ||
9 | |||
10 | Upstream-Status: Backport [https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8] | ||
11 | CVE: CVE-2020-10878 | ||
12 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
13 | --- | ||
14 | embed.fnc | 1 + | ||
15 | embed.h | 1 + | ||
16 | proto.h | 3 +++ | ||
17 | regcomp.c | 70 ++++++++++++++++++++++++++++++++++--------------------- | ||
18 | 4 files changed, 48 insertions(+), 27 deletions(-) | ||
19 | |||
20 | diff --git a/embed.fnc b/embed.fnc | ||
21 | index aedb4baef19..d7cd04d3fc3 100644 | ||
22 | --- a/embed.fnc | ||
23 | +++ b/embed.fnc | ||
24 | @@ -2481,6 +2481,7 @@ Es |SSize_t|study_chunk |NN RExC_state_t *pRExC_state \ | ||
25 | |I32 stopparen|U32 recursed_depth \ | ||
26 | |NULLOK regnode_ssc *and_withp \ | ||
27 | |U32 flags|U32 depth | ||
28 | +Es |void |rck_elide_nothing|NN regnode *node | ||
29 | EsR |SV * |get_ANYOFM_contents|NN const regnode * n | ||
30 | EsRn |U32 |add_data |NN RExC_state_t* const pRExC_state \ | ||
31 | |NN const char* const s|const U32 n | ||
32 | diff --git a/embed.h b/embed.h | ||
33 | index 75c91f77f45..356a8b98d96 100644 | ||
34 | --- a/embed.h | ||
35 | +++ b/embed.h | ||
36 | @@ -1208,6 +1208,7 @@ | ||
37 | #define parse_lparen_question_flags(a) S_parse_lparen_question_flags(aTHX_ a) | ||
38 | #define parse_uniprop_string(a,b,c,d,e,f,g,h,i) Perl_parse_uniprop_string(aTHX_ a,b,c,d,e,f,g,h,i) | ||
39 | #define populate_ANYOF_from_invlist(a,b) S_populate_ANYOF_from_invlist(aTHX_ a,b) | ||
40 | +#define rck_elide_nothing(a) S_rck_elide_nothing(aTHX_ a) | ||
41 | #define reg(a,b,c,d) S_reg(aTHX_ a,b,c,d) | ||
42 | #define reg2Lanode(a,b,c,d) S_reg2Lanode(aTHX_ a,b,c,d) | ||
43 | #define reg_node(a,b) S_reg_node(aTHX_ a,b) | ||
44 | diff --git a/proto.h b/proto.h | ||
45 | index 141ddbaee6d..f316fe134e1 100644 | ||
46 | --- a/proto.h | ||
47 | +++ b/proto.h | ||
48 | @@ -5543,6 +5543,9 @@ PERL_CALLCONV SV * Perl_parse_uniprop_string(pTHX_ const char * const name, cons | ||
49 | STATIC void S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr); | ||
50 | #define PERL_ARGS_ASSERT_POPULATE_ANYOF_FROM_INVLIST \ | ||
51 | assert(node); assert(invlist_ptr) | ||
52 | +STATIC void S_rck_elide_nothing(pTHX_ regnode *node); | ||
53 | +#define PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING \ | ||
54 | + assert(node) | ||
55 | PERL_STATIC_NO_RET void S_re_croak2(pTHX_ bool utf8, const char* pat1, const char* pat2, ...) | ||
56 | __attribute__noreturn__; | ||
57 | #define PERL_ARGS_ASSERT_RE_CROAK2 \ | ||
58 | diff --git a/regcomp.c b/regcomp.c | ||
59 | index 5f86be8086d..4ba2980db66 100644 | ||
60 | --- a/regcomp.c | ||
61 | +++ b/regcomp.c | ||
62 | @@ -4450,6 +4450,44 @@ S_unwind_scan_frames(pTHX_ const void *p) | ||
63 | } while (f); | ||
64 | } | ||
65 | |||
66 | +/* Follow the next-chain of the current node and optimize away | ||
67 | + all the NOTHINGs from it. | ||
68 | + */ | ||
69 | +STATIC void | ||
70 | +S_rck_elide_nothing(pTHX_ regnode *node) | ||
71 | +{ | ||
72 | + dVAR; | ||
73 | + | ||
74 | + PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING; | ||
75 | + | ||
76 | + if (OP(node) != CURLYX) { | ||
77 | + const int max = (reg_off_by_arg[OP(node)] | ||
78 | + ? I32_MAX | ||
79 | + /* I32 may be smaller than U16 on CRAYs! */ | ||
80 | + : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX)); | ||
81 | + int off = (reg_off_by_arg[OP(node)] ? ARG(node) : NEXT_OFF(node)); | ||
82 | + int noff; | ||
83 | + regnode *n = node; | ||
84 | + | ||
85 | + /* Skip NOTHING and LONGJMP. */ | ||
86 | + while ( | ||
87 | + (n = regnext(n)) | ||
88 | + && ( | ||
89 | + (PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n))) | ||
90 | + || ((OP(n) == LONGJMP) && (noff = ARG(n))) | ||
91 | + ) | ||
92 | + && off + noff < max | ||
93 | + ) { | ||
94 | + off += noff; | ||
95 | + } | ||
96 | + if (reg_off_by_arg[OP(node)]) | ||
97 | + ARG(node) = off; | ||
98 | + else | ||
99 | + NEXT_OFF(node) = off; | ||
100 | + } | ||
101 | + return; | ||
102 | +} | ||
103 | + | ||
104 | /* the return from this sub is the minimum length that could possibly match */ | ||
105 | STATIC SSize_t | ||
106 | S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, | ||
107 | @@ -4550,28 +4588,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp, | ||
108 | */ | ||
109 | JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0); | ||
110 | |||
111 | - /* Follow the next-chain of the current node and optimize | ||
112 | - away all the NOTHINGs from it. */ | ||
113 | - if (OP(scan) != CURLYX) { | ||
114 | - const int max = (reg_off_by_arg[OP(scan)] | ||
115 | - ? I32_MAX | ||
116 | - /* I32 may be smaller than U16 on CRAYs! */ | ||
117 | - : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX)); | ||
118 | - int off = (reg_off_by_arg[OP(scan)] ? ARG(scan) : NEXT_OFF(scan)); | ||
119 | - int noff; | ||
120 | - regnode *n = scan; | ||
121 | - | ||
122 | - /* Skip NOTHING and LONGJMP. */ | ||
123 | - while ((n = regnext(n)) | ||
124 | - && ((PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n))) | ||
125 | - || ((OP(n) == LONGJMP) && (noff = ARG(n)))) | ||
126 | - && off + noff < max) | ||
127 | - off += noff; | ||
128 | - if (reg_off_by_arg[OP(scan)]) | ||
129 | - ARG(scan) = off; | ||
130 | - else | ||
131 | - NEXT_OFF(scan) = off; | ||
132 | - } | ||
133 | + /* Follow the next-chain of the current node and optimize | ||
134 | + away all the NOTHINGs from it. | ||
135 | + */ | ||
136 | + rck_elide_nothing(scan); | ||
137 | |||
138 | /* The principal pseudo-switch. Cannot be a switch, since we | ||
139 | look into several different things. */ | ||
140 | @@ -5745,11 +5765,7 @@ Perl_re_printf( aTHX_ "LHS=%" UVuf " RHS=%" UVuf "\n", | ||
141 | if (data && (fl & SF_HAS_EVAL)) | ||
142 | data->flags |= SF_HAS_EVAL; | ||
143 | optimize_curly_tail: | ||
144 | - if (OP(oscan) != CURLYX) { | ||
145 | - while (PL_regkind[OP(next = regnext(oscan))] == NOTHING | ||
146 | - && NEXT_OFF(next)) | ||
147 | - NEXT_OFF(oscan) += NEXT_OFF(next); | ||
148 | - } | ||
149 | + rck_elide_nothing(oscan); | ||
150 | continue; | ||
151 | |||
152 | default: | ||
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch new file mode 100644 index 0000000000..0bacd6b192 --- /dev/null +++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch | |||
@@ -0,0 +1,36 @@ | |||
1 | From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001 | ||
2 | From: Karl Williamson <khw@cpan.org> | ||
3 | Date: Thu, 20 Feb 2020 17:49:36 +0000 | ||
4 | Subject: [PATCH] regcomp: use long jumps if there is any possibility of | ||
5 | overflow | ||
6 | |||
7 | (CVE-2020-10878) Be conservative for backporting, we'll aim to do | ||
8 | something more aggressive for bleadperl. | ||
9 | |||
10 | (cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6) | ||
11 | |||
12 | Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c] | ||
13 | CVE: CVE-2020-10878 | ||
14 | Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com> | ||
15 | --- | ||
16 | regcomp.c | 7 +++++++ | ||
17 | 1 file changed, 7 insertions(+) | ||
18 | |||
19 | diff --git a/regcomp.c b/regcomp.c | ||
20 | index 4ba2980db66..73c35a67020 100644 | ||
21 | --- a/regcomp.c | ||
22 | +++ b/regcomp.c | ||
23 | @@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count, | ||
24 | |||
25 | /* We have that number in RExC_npar */ | ||
26 | RExC_total_parens = RExC_npar; | ||
27 | + | ||
28 | + /* XXX For backporting, use long jumps if there is any possibility of | ||
29 | + * overflow */ | ||
30 | + if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) { | ||
31 | + RExC_use_BRANCHJ = TRUE; | ||
32 | + flags |= RESTART_PARSE; | ||
33 | + } | ||
34 | } | ||
35 | else if (! MUST_RESTART(flags)) { | ||
36 | ReREFCNT_dec(Rx); | ||
diff --git a/meta/recipes-devtools/perl/files/encodefix.patch b/meta/recipes-devtools/perl/files/encodefix.patch new file mode 100644 index 0000000000..396ed0d53e --- /dev/null +++ b/meta/recipes-devtools/perl/files/encodefix.patch | |||
@@ -0,0 +1,20 @@ | |||
1 | The code is encoding host compiler parameters into target builds. Avoid | ||
2 | this for our target builds (patch is target specific, not native) | ||
3 | |||
4 | Upstream-Status: Inappropriate [Cross compile hack] | ||
5 | RP 2020/2/18 | ||
6 | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
7 | |||
8 | Index: perl-5.30.1/cpan/Encode/bin/enc2xs | ||
9 | =================================================================== | ||
10 | --- perl-5.30.1.orig/cpan/Encode/bin/enc2xs | ||
11 | +++ perl-5.30.1/cpan/Encode/bin/enc2xs | ||
12 | @@ -195,7 +195,7 @@ sub compiler_info { | ||
13 | # above becomes false. | ||
14 | my $sized = $declaration && !($compat && !$pedantic); | ||
15 | |||
16 | - return ($cpp, $static, $sized); | ||
17 | + return (0, 1, 1); | ||
18 | } | ||
19 | |||
20 | |||
diff --git a/meta/recipes-devtools/perl/files/fix-setgroup.patch b/meta/recipes-devtools/perl/files/fix-setgroup.patch deleted file mode 100644 index 2b490e6067..0000000000 --- a/meta/recipes-devtools/perl/files/fix-setgroup.patch +++ /dev/null | |||
@@ -1,49 +0,0 @@ | |||
1 | Test script to reproduce the problem: | ||
2 | |||
3 | #!/usr/bin/env perl | ||
4 | $) = "2 2"; | ||
5 | print $!; | ||
6 | |||
7 | Result from perl 5.28 under strace: | ||
8 | |||
9 | setgroups(1, [2]) = 0 | ||
10 | setresgid(-1, 2, -1) = 0 | ||
11 | |||
12 | Result from perl 5.30 under strace: | ||
13 | |||
14 | setgroups(1, [-1]) = -1 EINVAL (Invalid argument) | ||
15 | setresgid(-1, 2, -1) = 0 | ||
16 | |||
17 | Patch which broke this upstream: | ||
18 | https://perl5.git.perl.org/perl.git/commitdiff/5d4a52b5c68a11bfc97c2e24806993b84a61eade | ||
19 | |||
20 | Issue is that the new function changes the endptr to the end of the | ||
21 | scanned number and needs to be reset to the end of the string for | ||
22 | each iteration of the loop. | ||
23 | |||
24 | [YOCTO #13391] | ||
25 | |||
26 | RP | ||
27 | 2019/6/14 | ||
28 | Upstream-Status: Pending | ||
29 | |||
30 | Index: perl-5.30.0/mg.c | ||
31 | =================================================================== | ||
32 | --- perl-5.30.0.orig/mg.c | ||
33 | +++ perl-5.30.0/mg.c | ||
34 | @@ -3179,6 +3256,7 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) | ||
35 | const char *p = SvPV_const(sv, len); | ||
36 | Groups_t *gary = NULL; | ||
37 | const char* endptr = p + len; | ||
38 | + const char* realend = p + len; | ||
39 | UV uv; | ||
40 | #ifdef _SC_NGROUPS_MAX | ||
41 | int maxgrp = sysconf(_SC_NGROUPS_MAX); | ||
42 | @@ -3209,6 +3287,7 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg) | ||
43 | Newx(gary, i + 1, Groups_t); | ||
44 | else | ||
45 | Renew(gary, i + 1, Groups_t); | ||
46 | + endptr = realend; | ||
47 | if (grok_atoUV(p, &uv, &endptr)) | ||
48 | gary[i] = (Groups_t)uv; | ||
49 | else { | ||
diff --git a/meta/recipes-devtools/perl/files/perl-configpm-switch.patch b/meta/recipes-devtools/perl/files/perl-configpm-switch.patch index 3c2cecb8c1..80ce4a6de7 100644 --- a/meta/recipes-devtools/perl/files/perl-configpm-switch.patch +++ b/meta/recipes-devtools/perl/files/perl-configpm-switch.patch | |||
@@ -1,4 +1,4 @@ | |||
1 | From 7f313cac31c55cbe62a4d0cdfa8321cc05a8eb3a Mon Sep 17 00:00:00 2001 | 1 | From 5120acaa2be5787d9657f6b91bc8ee3c2d664fbe Mon Sep 17 00:00:00 2001 |
2 | From: Alexander Kanavin <alex.kanavin@gmail.com> | 2 | From: Alexander Kanavin <alex.kanavin@gmail.com> |
3 | Date: Sun, 27 May 2007 21:04:11 +0000 | 3 | Date: Sun, 27 May 2007 21:04:11 +0000 |
4 | Subject: [PATCH] perl: 5.8.7 -> 5.8.8 (from OE) | 4 | Subject: [PATCH] perl: 5.8.7 -> 5.8.8 (from OE) |
@@ -20,7 +20,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> | |||
20 | 1 file changed, 16 insertions(+), 2 deletions(-) | 20 | 1 file changed, 16 insertions(+), 2 deletions(-) |
21 | 21 | ||
22 | diff --git a/configpm b/configpm | 22 | diff --git a/configpm b/configpm |
23 | index 09c4a3b..6a0a680 100755 | 23 | index c8de8bf..204613c 100755 |
24 | --- a/configpm | 24 | --- a/configpm |
25 | +++ b/configpm | 25 | +++ b/configpm |
26 | @@ -687,7 +687,7 @@ sub FETCH { | 26 | @@ -687,7 +687,7 @@ sub FETCH { |
diff --git a/meta/recipes-devtools/perl/files/racefix.patch b/meta/recipes-devtools/perl/files/racefix.patch new file mode 100644 index 0000000000..bac42d26ae --- /dev/null +++ b/meta/recipes-devtools/perl/files/racefix.patch | |||
@@ -0,0 +1,24 @@ | |||
1 | In our builds Config_heavy.pl sometimes has lines: | ||
2 | cwarnflags=XXX | ||
3 | ccstdflags=XXX | ||
4 | and sometimes does not. | ||
5 | The reason is that this information is pulled from cflags by configpm and yet | ||
6 | there is no dependency in the Makefile. Add one to fix this. | ||
7 | |||
8 | Upstream-Status: Submitted [https://github.com/arsv/perl-cross/pull/89] | ||
9 | RP 2020/2/19 | ||
10 | Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> | ||
11 | |||
12 | Index: perl-5.30.1/Makefile | ||
13 | =================================================================== | ||
14 | --- perl-5.30.1.orig/Makefile | ||
15 | +++ perl-5.30.1/Makefile | ||
16 | @@ -204,7 +204,7 @@ configpod: $(CONFIGPOD) | ||
17 | git_version.h lib/Config_git.pl: make_patchnum.pl | miniperl$X | ||
18 | ./miniperl_top make_patchnum.pl | ||
19 | |||
20 | -lib/Config.pm lib/Config_heavy.pl lib/Config.pod: config.sh \ | ||
21 | +lib/Config.pm lib/Config_heavy.pl lib/Config.pod: config.sh cflags \ | ||
22 | lib/Config_git.pl Porting/Glossary | miniperl$X | ||
23 | ./miniperl_top configpm | ||
24 | |||