llvm: Fix CVE-2023-46049

[Bitcode] Add some missing GetTypeByID failure checks Print an error instead of crashing. (From OE-Core rev: 9cc4518226488693942ad325d6264e52006bd061) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> 2024-07-29 03:10:42 -0700
committer: Steve Sakoman <steve@sakoman.com> 2024-08-05 06:02:01 -0700
commit: e13522777906f85a89f685e1c28e815c6a7508b0 (patch)
tree: 702940b5f17ef1e85bbfaf51e6cee2934b61a203 /meta
parent: e781bf1095ce8f1f96ec86412c0ac385907d6d8f (diff)
download: poky-e13522777906f85a89f685e1c28e815c6a7508b0.tar.gz
2 files changed, 35 insertions, 0 deletions
diff --git a/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch b/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch
new file mode 100644
index 0000000000..c34e9ae69c
--- /dev/null
+++ b/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch
@@ -0,0 +1,34 @@
+commit c2515a8f2be5dd23354c9891f41ad104000f88c4
+Author: Nikita Popov <npopov@redhat.com>
+Date:   Tue Sep 26 16:51:40 2023 +0200
+    [Bitcode] Add some missing GetTypeByID failure checks
+    Print an error instead of crashing.
+    Fixes https://github.com/llvm/llvm-project/issues/67388.
+Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/c2515a8f2be5dd23354c9891f41ad104000f88c4]
+CVE: CVE-2023-46049
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+--- a/llvm/lib/Bitcode/Reader/MetadataLoader.cpp        2022-01-20 13:31:59.000000000 -0800
+++ b/llvm/lib/Bitcode/Reader/MetadataLoader.cpp        2024-07-28 21:35:31.062992219 -0700
+@@ -1235,7 +1235,7 @@
+     }
+ 
+     Type *Ty = getTypeByID(Record[0]);
+-    if (Ty->isMetadataTy() || Ty->isVoidTy()) {
+    if (!Ty || Ty->isMetadataTy() || Ty->isVoidTy()) {
+       dropRecord();
+       break;
+     }
+@@ -1277,7 +1277,7 @@
+       return error("Invalid record");
+ 
+     Type *Ty = getTypeByID(Record[0]);
+-    if (Ty->isMetadataTy() || Ty->isVoidTy())
+    if (!Ty || Ty->isMetadataTy() || Ty->isVoidTy())
+       return error("Invalid record");
+ 
+     MetadataList.assignValue(
diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb
index cedbfb138e..dbf1ff45d4 100644
--- a/meta/recipes-devtools/llvm/llvm_git.bb
+++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -33,6 +33,7 @@ SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=http
           file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
           file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
           file://0001-Support-Add-missing-cstdint-header-to-Signals.h.patch;striplevel=2 \
+           file://CVE-2023-46049.patch;striplevel=2 \
           "
 UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)"
author	Deepthi Hemraj <Deepthi.Hemraj@windriver.com>	2024-07-29 03:10:42 -0700
committer	Steve Sakoman <steve@sakoman.com>	2024-08-05 06:02:01 -0700
commit	e13522777906f85a89f685e1c28e815c6a7508b0 (patch)
tree	702940b5f17ef1e85bbfaf51e6cee2934b61a203 /meta
parent	e781bf1095ce8f1f96ec86412c0ac385907d6d8f (diff)
download	poky-e13522777906f85a89f685e1c28e815c6a7508b0.tar.gz

diff --git a/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch b/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch new file mode 100644 index 0000000000..c34e9ae69c --- /dev/null +++ b/meta/recipes-devtools/llvm/llvm/CVE-2023-46049.patch
@@ -0,0 +1,34 @@
		1	commit c2515a8f2be5dd23354c9891f41ad104000f88c4
		2	Author: Nikita Popov <npopov@redhat.com>
		3	Date: Tue Sep 26 16:51:40 2023 +0200
		4
		5	[Bitcode] Add some missing GetTypeByID failure checks
		6
		7	Print an error instead of crashing.
		8
		9	Fixes https://github.com/llvm/llvm-project/issues/67388.
		10
		11	Upstream-Status: Backport [https://github.com/llvm/llvm-project/commit/c2515a8f2be5dd23354c9891f41ad104000f88c4]
		12	CVE: CVE-2023-46049
		13	Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
		14
		15	--- a/llvm/lib/Bitcode/Reader/MetadataLoader.cpp 2022-01-20 13:31:59.000000000 -0800
		16	+++ b/llvm/lib/Bitcode/Reader/MetadataLoader.cpp 2024-07-28 21:35:31.062992219 -0700
		17	@@ -1235,7 +1235,7 @@
		18	}
		19
		20	Type *Ty = getTypeByID(Record[0]);
		21	- if (Ty->isMetadataTy() \|\| Ty->isVoidTy()) {
		22	+ if (!Ty \|\| Ty->isMetadataTy() \|\| Ty->isVoidTy()) {
		23	dropRecord();
		24	break;
		25	}
		26	@@ -1277,7 +1277,7 @@
		27	return error("Invalid record");
		28
		29	Type *Ty = getTypeByID(Record[0]);
		30	- if (Ty->isMetadataTy() \|\| Ty->isVoidTy())
		31	+ if (!Ty \|\| Ty->isMetadataTy() \|\| Ty->isVoidTy())
		32	return error("Invalid record");
		33
		34	MetadataList.assignValue(


diff --git a/meta/recipes-devtools/llvm/llvm_git.bb b/meta/recipes-devtools/llvm/llvm_git.bb index cedbfb138e..dbf1ff45d4 100644 --- a/meta/recipes-devtools/llvm/llvm_git.bb +++ b/meta/recipes-devtools/llvm/llvm_git.bb
@@ -33,6 +33,7 @@ SRC_URI = "git://github.com/llvm/llvm-project.git;branch=${BRANCH};protocol=http
33	file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \	33	file://0007-llvm-allow-env-override-of-exe-path.patch;striplevel=2 \
34	file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \	34	file://0001-AsmMatcherEmitter-sort-ClassInfo-lists-by-name-as-we.patch;striplevel=2 \
35	file://0001-Support-Add-missing-cstdint-header-to-Signals.h.patch;striplevel=2 \	35	file://0001-Support-Add-missing-cstdint-header-to-Signals.h.patch;striplevel=2 \
		36	file://CVE-2023-46049.patch;striplevel=2 \
36	"	37	"
37		38
38	UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)"	39	UPSTREAM_CHECK_GITTAGREGEX = "llvmorg-(?P<pver>\d+(\.\d+)+)"