From 556ac3ec46ffaf635d12e29778b30dcab298efdc Mon Sep 17 00:00:00 2001 From: Alexander Kanavin Date: Sun, 17 Sep 2023 11:38:55 +0200 Subject: procps: update 4.0.3 -> 4.0.4 Drop patches as all issues resolved upstream; one of them is a CVE backport. (From OE-Core rev: 8b5f6565a16bd17cf0cce62d5e7438a01e0cc1c3) Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie --- ...-fr.po-address-failures-with-gettext-0.22.patch | 37 -------- .../procps/0001-src-w.c-use-utmp.h-only.patch | 65 -------------- .../procps/procps/CVE-2023-4016.patch | 73 --------------- meta/recipes-extended/procps/procps_4.0.3.bb | 100 --------------------- meta/recipes-extended/procps/procps_4.0.4.bb | 97 ++++++++++++++++++++ 5 files changed, 97 insertions(+), 275 deletions(-) delete mode 100644 meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch delete mode 100644 meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch delete mode 100644 meta/recipes-extended/procps/procps/CVE-2023-4016.patch delete mode 100644 meta/recipes-extended/procps/procps_4.0.3.bb create mode 100644 meta/recipes-extended/procps/procps_4.0.4.bb diff --git a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch b/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch deleted file mode 100644 index 805517900d..0000000000 --- a/meta/recipes-extended/procps/procps/0001-po-fr.po-address-failures-with-gettext-0.22.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 1d685477c254e5b10a81e32c87786e0f001b70f1 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Mon, 24 Jul 2023 18:06:51 +0200 -Subject: [PATCH] po/fr.po: address failures with gettext 0.22 - -Specifically: -| fr.1po:3027: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 4, the argument size specifier is invalid. -| fr.1po:3820: 'msgstr' is not a valid C format string, unlike 'msgid'. Reason: In the directive number 1, the argument size specifier is invalid. - -Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/199] -Signed-off-by: Alexander Kanavin ---- - po/fr.po | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/po/fr.po b/po/fr.po -index 715c2b69..700834e1 100644 ---- a/po/fr.po -+++ b/po/fr.po -@@ -3800,7 +3800,7 @@ msgid "" - "Type 'q' or to continue " - msgstr "" - "Aide pour les commandes interactives~2 - %s\n" --"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2. ~1Système~6: ~1Délai ~3%.1lf " -+"Fenêtre ~1%s~6: ~1Mode cumulatif ~3%s~2. ~1Système~6: ~1Délai ~3%.1f " - "secs~2; ~1Mode sûr ~3%s~2.\n" - "\n" - " Z~5,~1B~5,E,e Global: «~1Z~2» couleurs; «~1B~2» gras; «~1E~2»/«~1e~2» " -@@ -4723,7 +4723,7 @@ msgstr " -v, --version affiche les informations de version et sort\n" - #: src/watch.c:486 - #, c-format - msgid "Every %.1fs: " --msgstr "Toutes les %.1lfs: " -+msgstr "Toutes les %.1fs: " - - #: src/watch.c:487 - #, c-format diff --git a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch b/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch deleted file mode 100644 index 23c91ec775..0000000000 --- a/meta/recipes-extended/procps/procps/0001-src-w.c-use-utmp.h-only.patch +++ /dev/null @@ -1,65 +0,0 @@ -From c41b3be62fbb78e0939fddaebad519360cbd8702 Mon Sep 17 00:00:00 2001 -From: Alexander Kanavin -Date: Mon, 6 Mar 2023 09:27:57 +0100 -Subject: [PATCH] src/w.c: use only utmpx - -Nowadays this works both on musl and glibc systems, however on musl -utmp.h is also needed to avoid the following failure: - -| ../git/src/w.c: In function 'print_from': -| ../git/src/w.c:73:28: error: '__UT_HOSTSIZE' undeclared (first use in this function); did you mean 'UT_HOSTSIZE'? -| 73 | # define UT_HOSTSIZE __UT_HOSTSIZE -| | ^~~~~~~~~~~~~ -| ../git/src/w.c:233:64: note: in expansion of macro 'UT_HOSTSIZE' -| 233 | print_display_or_interface(u->ut_host, UT_HOSTSIZE, fromlen - len); -| | ^~~~~~~~~~~ -| - -It is caused by including utmpx.h, but not utmp.h, which (on musl) -lacks the needed definitions. - -I have verified that both musl and glibc based builds continue to work. - -Upstream-Status: Submitted [https://gitlab.com/procps-ng/procps/-/merge_requests/171] -Signed-off-by: Alexander Kanavin - ---- - src/w.c | 17 ++--------------- - 1 file changed, 2 insertions(+), 15 deletions(-) - -diff --git a/src/w.c b/src/w.c -index 5e878f04..912c5df3 100644 ---- a/src/w.c -+++ b/src/w.c -@@ -46,11 +46,8 @@ - #include - #include - #include --#ifdef HAVE_UTMPX_H --# include --#else --# include --#endif -+#include -+#include - #include - - #include "c.h" -@@ -63,17 +60,7 @@ - static int ignoreuser = 0; /* for '-u' */ - static int oldstyle = 0; /* for '-o' */ - --#ifdef HAVE_UTMPX_H - typedef struct utmpx utmp_t; --#else --typedef struct utmp utmp_t; --#endif -- --#if !defined(UT_HOSTSIZE) || defined(__UT_HOSTSIZE) --# define UT_HOSTSIZE __UT_HOSTSIZE --# define UT_LINESIZE __UT_LINESIZE --# define UT_NAMESIZE __UT_NAMESIZE --#endif - - #ifdef W_SHOWFROM - # define FROM_STRING "on" diff --git a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch b/meta/recipes-extended/procps/procps/CVE-2023-4016.patch deleted file mode 100644 index 202fea91f1..0000000000 --- a/meta/recipes-extended/procps/procps/CVE-2023-4016.patch +++ /dev/null @@ -1,73 +0,0 @@ -From 2c933ecba3bb1d3041a5a7a53a7b4078a6003413 Mon Sep 17 00:00:00 2001 -From: Craig Small -Date: Thu, 10 Aug 2023 21:18:38 +1000 -Subject: [PATCH] ps: Fix possible buffer overflow in -C option - -ps allocates memory using malloc(length of arg * len of struct). -In certain strange circumstances, the arg length could be very large -and the multiplecation will overflow, allocating a small amount of -memory. - -Subsequent strncpy() will then write into unallocated memory. -The fix is to use calloc. It's slower but this is a one-time -allocation. Other malloc(x * y) calls have also been replaced -by calloc(x, y) - -References: - https://www.freelists.org/post/procps/ps-buffer-overflow-CVE-20234016 - https://nvd.nist.gov/vuln/detail/CVE-2023-4016 - https://gitlab.com/procps-ng/procps/-/issues/297 - https://bugs.debian.org/1042887 - -Signed-off-by: Craig Small - -CVE: CVE-2023-4016 -Upstream-Status: Backport [https://gitlab.com/procps-ng/procps/-/commit/2c933ecba3bb1d3041a5a7a53a7b4078a6003413] -Signed-off-by: Ross Burton ---- - NEWS | 1 + - src/ps/parser.c | 8 ++++---- - 2 files changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/ps/parser.c b/src/ps/parser.c -index 248aa741..15873dfa 100644 ---- a/src/ps/parser.c -+++ b/src/ps/parser.c -@@ -189,7 +189,6 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s - const char *err; /* error code that could or did happen */ - /*** prepare to operate ***/ - node = xmalloc(sizeof(selection_node)); -- node->u = xmalloc(strlen(arg)*sizeof(sel_union)); /* waste is insignificant */ - node->n = 0; - buf = strdup(arg); - /*** sanity check and count items ***/ -@@ -210,6 +209,7 @@ static const char *parse_list(const char *arg, const char *(*parse_fn)(char *, s - } while (*++walk); - if(need_item) goto parse_error; - node->n = items; -+ node->u = xcalloc(items, sizeof(sel_union)); - /*** actually parse the list ***/ - walk = buf; - while(items--){ -@@ -1050,15 +1050,15 @@ static const char *parse_trailing_pids(void){ - thisarg = ps_argc - 1; /* we must be at the end now */ - - pidnode = xmalloc(sizeof(selection_node)); -- pidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ pidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */ - pidnode->n = 0; - - grpnode = xmalloc(sizeof(selection_node)); -- grpnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ grpnode->u = xcalloc(i,sizeof(sel_union)); /* waste is insignificant */ - grpnode->n = 0; - - sidnode = xmalloc(sizeof(selection_node)); -- sidnode->u = xmalloc(i*sizeof(sel_union)); /* waste is insignificant */ -+ sidnode->u = xcalloc(i, sizeof(sel_union)); /* waste is insignificant */ - sidnode->n = 0; - - while(i--){ --- -GitLab - diff --git a/meta/recipes-extended/procps/procps_4.0.3.bb b/meta/recipes-extended/procps/procps_4.0.3.bb deleted file mode 100644 index 9ef679c6bd..0000000000 --- a/meta/recipes-extended/procps/procps_4.0.3.bb +++ /dev/null @@ -1,100 +0,0 @@ -SUMMARY = "System and process monitoring utilities" -DESCRIPTION = "Procps contains a set of system utilities that provide system information about processes using \ -the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill, and skill." -HOMEPAGE = "https://gitlab.com/procps-ng/procps" -SECTION = "base" -LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later" -LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ - file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \ - " - -DEPENDS = "ncurses" - -inherit autotools gettext pkgconfig update-alternatives - -SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ - file://sysctl.conf \ - file://0001-src-w.c-use-utmp.h-only.patch \ - file://0001-po-fr.po-address-failures-with-gettext-0.22.patch \ - file://CVE-2023-4016.patch \ - " -SRCREV = "806eb270f217ff7e1e745c7bda2b002b5be74be4" - -S = "${WORKDIR}/git" - -# Upstream has a custom autogen.sh which invokes po/update-potfiles as they -# don't ship a po/POTFILES.in (which is silly). Without that file gettext -# doesn't believe po/ is a gettext directory and won't generate po/Makefile. -do_configure:prepend() { - ( cd ${S} && po/update-potfiles ) -} - -EXTRA_OECONF = "--enable-skill --disable-modern-top" - -PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" -PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" - -do_install:append () { - install -d ${D}${base_bindir} - [ "${bindir}" != "${base_bindir}" ] && for i in ${base_bindir_progs}; do mv ${D}${bindir}/$i ${D}${base_bindir}/$i; done - install -d ${D}${base_sbindir} - [ "${sbindir}" != "${base_sbindir}" ] && for i in ${base_sbindir_progs}; do mv ${D}${sbindir}/$i ${D}${base_sbindir}/$i; done - if [ "${base_sbindir}" != "${sbindir}" ]; then - rmdir ${D}${sbindir} - fi - - install -d ${D}${sysconfdir} - install -m 0644 ${WORKDIR}/sysctl.conf ${D}${sysconfdir}/sysctl.conf - if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then - install -d ${D}${sysconfdir}/sysctl.d - ln -sf ../sysctl.conf ${D}${sysconfdir}/sysctl.d/99-sysctl.conf - fi -} - -CONFFILES:${PN} = "${sysconfdir}/sysctl.conf" - -bindir_progs = "free pkill pmap pgrep pwdx skill snice top uptime w" -base_bindir_progs += "kill pidof ps watch" -base_sbindir_progs += "sysctl" - -ALTERNATIVE_PRIORITY = "200" -ALTERNATIVE_PRIORITY[pidof] = "150" - -ALTERNATIVE:${PN} = "${bindir_progs} ${base_bindir_progs} ${base_sbindir_progs}" - -ALTERNATIVE:${PN}-doc = "kill.1 uptime.1" -ALTERNATIVE_LINK_NAME[kill.1] = "${mandir}/man1/kill.1" -ALTERNATIVE_LINK_NAME[uptime.1] = "${mandir}/man1/uptime.1" - -python __anonymous() { - for prog in d.getVar('base_bindir_progs').split(): - d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_bindir'), prog)) - - for prog in d.getVar('base_sbindir_progs').split(): - d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog)) -} - -PROCPS_PACKAGES = "${PN}-lib \ - ${PN}-ps \ - ${PN}-sysctl" - -PACKAGE_BEFORE_PN = "${PROCPS_PACKAGES}" -RDEPENDS:${PN} += "${PROCPS_PACKAGES}" - -RDEPENDS:${PN}-ps += "${PN}-lib" -RDEPENDS:${PN}-sysctl += "${PN}-lib" - -FILES:${PN}-lib = "${libdir}" -FILES:${PN}-ps = "${base_bindir}/ps.${BPN}" -FILES:${PN}-sysctl = "${base_sbindir}/sysctl.${BPN} ${sysconfdir}/sysctl.conf ${sysconfdir}/sysctl.d" - -ALTERNATIVE:${PN}:remove = "ps" -ALTERNATIVE:${PN}:remove = "sysctl" - -ALTERNATIVE:${PN}-ps = "ps" -ALTERNATIVE_TARGET[ps] = "${base_bindir}/ps" -ALTERNATIVE_LINK_NAME[ps] = "${base_bindir}/ps" - -ALTERNATIVE:${PN}-sysctl = "sysctl" -ALTERNATIVE_TARGET[sysctl] = "${base_sbindir}/sysctl" -ALTERNATIVE_LINK_NAME[sysctl] = "${base_sbindir}/sysctl" diff --git a/meta/recipes-extended/procps/procps_4.0.4.bb b/meta/recipes-extended/procps/procps_4.0.4.bb new file mode 100644 index 0000000000..800384f22f --- /dev/null +++ b/meta/recipes-extended/procps/procps_4.0.4.bb @@ -0,0 +1,97 @@ +SUMMARY = "System and process monitoring utilities" +DESCRIPTION = "Procps contains a set of system utilities that provide system information about processes using \ +the /proc filesystem. The package includes the programs ps, top, vmstat, w, kill, and skill." +HOMEPAGE = "https://gitlab.com/procps-ng/procps" +SECTION = "base" +LICENSE = "GPL-2.0-or-later & LGPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING.LIB;md5=4cf66a4984120007c9881cc871cf49db \ + " + +DEPENDS = "ncurses" + +inherit autotools gettext pkgconfig update-alternatives + +SRC_URI = "git://gitlab.com/procps-ng/procps.git;protocol=https;branch=master \ + file://sysctl.conf \ + " +SRCREV = "4ddcef2fd843170c8e2d59a83042978f41037a2b" + +S = "${WORKDIR}/git" + +# Upstream has a custom autogen.sh which invokes po/update-potfiles as they +# don't ship a po/POTFILES.in (which is silly). Without that file gettext +# doesn't believe po/ is a gettext directory and won't generate po/Makefile. +do_configure:prepend() { + ( cd ${S} && po/update-potfiles ) +} + +EXTRA_OECONF = "--enable-skill --disable-modern-top" + +PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" +PACKAGECONFIG[systemd] = "--with-systemd,--without-systemd,systemd" + +do_install:append () { + install -d ${D}${base_bindir} + [ "${bindir}" != "${base_bindir}" ] && for i in ${base_bindir_progs}; do mv ${D}${bindir}/$i ${D}${base_bindir}/$i; done + install -d ${D}${base_sbindir} + [ "${sbindir}" != "${base_sbindir}" ] && for i in ${base_sbindir_progs}; do mv ${D}${sbindir}/$i ${D}${base_sbindir}/$i; done + if [ "${base_sbindir}" != "${sbindir}" ]; then + rmdir ${D}${sbindir} + fi + + install -d ${D}${sysconfdir} + install -m 0644 ${WORKDIR}/sysctl.conf ${D}${sysconfdir}/sysctl.conf + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + install -d ${D}${sysconfdir}/sysctl.d + ln -sf ../sysctl.conf ${D}${sysconfdir}/sysctl.d/99-sysctl.conf + fi +} + +CONFFILES:${PN} = "${sysconfdir}/sysctl.conf" + +bindir_progs = "free pkill pmap pgrep pwdx skill snice top uptime w" +base_bindir_progs += "kill pidof ps watch" +base_sbindir_progs += "sysctl" + +ALTERNATIVE_PRIORITY = "200" +ALTERNATIVE_PRIORITY[pidof] = "150" + +ALTERNATIVE:${PN} = "${bindir_progs} ${base_bindir_progs} ${base_sbindir_progs}" + +ALTERNATIVE:${PN}-doc = "kill.1 uptime.1" +ALTERNATIVE_LINK_NAME[kill.1] = "${mandir}/man1/kill.1" +ALTERNATIVE_LINK_NAME[uptime.1] = "${mandir}/man1/uptime.1" + +python __anonymous() { + for prog in d.getVar('base_bindir_progs').split(): + d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_bindir'), prog)) + + for prog in d.getVar('base_sbindir_progs').split(): + d.setVarFlag('ALTERNATIVE_LINK_NAME', prog, '%s/%s' % (d.getVar('base_sbindir'), prog)) +} + +PROCPS_PACKAGES = "${PN}-lib \ + ${PN}-ps \ + ${PN}-sysctl" + +PACKAGE_BEFORE_PN = "${PROCPS_PACKAGES}" +RDEPENDS:${PN} += "${PROCPS_PACKAGES}" + +RDEPENDS:${PN}-ps += "${PN}-lib" +RDEPENDS:${PN}-sysctl += "${PN}-lib" + +FILES:${PN}-lib = "${libdir}" +FILES:${PN}-ps = "${base_bindir}/ps.${BPN}" +FILES:${PN}-sysctl = "${base_sbindir}/sysctl.${BPN} ${sysconfdir}/sysctl.conf ${sysconfdir}/sysctl.d" + +ALTERNATIVE:${PN}:remove = "ps" +ALTERNATIVE:${PN}:remove = "sysctl" + +ALTERNATIVE:${PN}-ps = "ps" +ALTERNATIVE_TARGET[ps] = "${base_bindir}/ps" +ALTERNATIVE_LINK_NAME[ps] = "${base_bindir}/ps" + +ALTERNATIVE:${PN}-sysctl = "sysctl" +ALTERNATIVE_TARGET[sysctl] = "${base_sbindir}/sysctl" +ALTERNATIVE_LINK_NAME[sysctl] = "${base_sbindir}/sysctl" -- cgit v1.2.3-54-g00ecf