diff options
author | William A. Kennington III <wak@google.com> | 2021-09-16 02:19:36 +0300 |
---|---|---|
committer | Andrew Geissler <geissonator@yahoo.com> | 2021-09-19 20:39:58 +0300 |
commit | 49e9566eb60669f7b1535f0653aa52a1c9ea8af0 (patch) | |
tree | d9b5df56dd979a0d096c11d8b14711c9a7aefe57 /meta-openembedded/meta-oe/recipes-devtools/lua | |
parent | 7f8954e7a7576c28a6773be2f0e306551c0aa754 (diff) | |
download | openbmc-49e9566eb60669f7b1535f0653aa52a1c9ea8af0.tar.xz |
meta-openembedded: subtree update:9fdc7960ba..e4a3c66505
Alexander Kanavin (4):
msgpack-c: update 3.2.1 -> 4.0.0, add msgpack-cpp
can-utils: rrecommend iproute2 to make it possible to configure can interfaces
fmt: update 7.1.3 -> 8.0.1
spdlog: update 1.8.2 -> 1.9.2
Changqing Li (3):
ndpi: upgrade 3.4 -> 4.0
ntopng: upgrade 4.2 -> 5.0
postgresql: upgrade 13.3 -> 13.4
Jan-Simon Moeller (1):
Remove patch that produces a segfault in the ptest of lua
Joe Slater (1):
redis: advance to version 6.2.5
Khem Raj (10):
gjs: Remove valgrind dependency on rv32/rv64
toybox-inittab: Use 0BSD for LIC_FILES_CHKSUM
python3-kivy: Remove hardcoded include paths
python3-kivy: Check for x11 and opengl before enabling the recipe
packagegroup-meta-python: Add python3-kivy
packagegroup-meta-python: Add python3-portalocker
gst-shark: Define SRCREV_FORMAT
android-tools: Define SRCREV_FORMAT
packagegroup-meta-oe: Add pahole
pahole: Add missing rdep for python
Kristian Klausen (1):
cryptsetup: Add runtime dependency on lvm2-udevrules for udev
Martin Jansa (1):
python3-regex: upgrade to 2021.8.28
Matteo Croce (2):
recipes-devtools: add pahole
libbpf: bump to 0.5.0
Mingli Yu (1):
polkit: add the CVE tag
Patrick Williams (2):
gjs: fix typo in RDEPENDS variable name
ndisc6: fix typo in DESCRIPTION variable name
Peter Morrow (1):
libbpf: remove kernel configuration dependency
Samuel Dolt (4):
python3-alembic: add native and nativesdk to BBCLASSEXTEND
python3-editor: add native and nativesdk to BBCLASSEXTEND
python3-sqlalchemy: add native and nativesdk to BBCLASSEXTEND
python3-portalocker: add recipe
Trevor Gamblin (2):
python3-pytest-subtests: add recipe
python3-pillow: upgrade 8.3.1 -> 8.3.2
Wang Mingyu (3):
python3-cryptography-vectors: upgrade 3.4.7 -> 3.4.8
python3-google-api-python-client: upgrade 2.18.0 -> 2.19.1
dnf-plugin-tui: upgrade 1.2 -> 1.3
William A. Kennington III (1):
ndisc6: Upgrade 1.0.4 -> 1.0.5
William Huang (1):
recipes-devtools: python: add support for Kivy
Yi Zhao (4):
krb5: fix CVE-2021-36222
krb5: fix CVE-2021-37750
net-snmp: drop unused patch
net-snmp: make sure snmpd always exit after displaying usage
wangmy (10):
cjson: upgrade 1.7.14 -> 1.7.15
libwebsockets: upgrade 4.2.1 -> 4.2.2
monit: upgrade 5.28.1 -> 5.29.0
nlohmann-json: upgrade 3.9.1 -> 3.10.2
cppzmq: upgrade 4.7.1 -> 4.8.0
dfu-util: upgrade 0.10 -> 0.11
libqmi: upgrade 1.30.0 -> 1.30.2
lockfile-progs: upgrade 0.1.18 -> 0.1.19
poppler-data: upgrade 0.4.10 -> 0.4.11
dnsmasq: upgrade 2.85 -> 2.86
zangrc (11):
python3-ipython: upgrade 7.26.0 -> 7.27.0
python3-kiwisolver: upgrade 1.3.1 -> 1.3.2
python3-ruamel-yaml: upgrade 0.17.13 -> 0.17.16
python3-traitlets: upgrade 5.0.5 -> 5.1.0
gsl: upgrade 2.6 -> 2.7
crash: upgrade 7.2.9 -> 7.3.0
dash: upgrade 0.5.11.3 -> 0.5.11.5
python3-bitarray: upgrade 2.3.2 -> 2.3.3
python3-lrparsing: upgrade 1.0.16 -> 1.0.17
python3-transitions: upgrade 0.8.8 -> 0.8.9
libxmlb: upgrade 0.3.1 -> 0.3.2
zhengruoqin (15):
wireshark: upgrade 3.4.7 -> 3.4.8
uhubctl: upgrade 2.3.0 -> 2.4.0
unclutter-xfixes: upgrade 1.5 -> 1.6
avro-c: upgrade 1.9.2 -> 1.10.2
ctags: upgrade 5.9.20210815 -> 5.9.20210905
xf86-video-nouveau: upgrade 1.0.16 -> 1.0.17
fuse3: upgrade 3.10.4 -> 3.10.5
mosquitto: upgrade 2.0.11 -> 2.0.12
poppler: upgrade 21.08.0 -> 21.09.0
libbytesize: upgrade 2.4 -> 2.6
libeigen: upgrade 3.3.9 -> 3.4.0
libjcat: upgrade 0.1.7 -> 0.1.8
unbound: upgrade 1.12.0 -> 1.13.2
xterm: upgrade 367 -> 368
zchunk: upgrade 1.1.9 -> 1.1.16
Change-Id: I5a866e7773b8c906bc2bd8a4ddf99f006534bf53
Signed-off-by: William A. Kennington III <wak@google.com>
Diffstat (limited to 'meta-openembedded/meta-oe/recipes-devtools/lua')
-rw-r--r-- | meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch | 167 | ||||
-rw-r--r-- | meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb | 1 |
2 files changed, 0 insertions, 168 deletions
diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch b/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch deleted file mode 100644 index 89ce49148..000000000 --- a/meta-openembedded/meta-oe/recipes-devtools/lua/lua/CVE-2020-15945.patch +++ /dev/null @@ -1,167 +0,0 @@ -From d8d344365945a534f700c82c5dd26f704f89fef3 Mon Sep 17 00:00:00 2001 -From: Roberto Ierusalimschy <roberto@inf.puc-rio.br> -Date: Wed, 5 Aug 2020 16:59:58 +0800 -Subject: [PATCH] Fixed bug: invalid 'oldpc' when returning to a function - -The field 'L->oldpc' is not always updated when control returns to a -function; an invalid value can seg. fault when computing 'changedline'. -(One example is an error in a finalizer; control can return to -'luaV_execute' without executing 'luaD_poscall'.) Instead of trying to -fix all possible corner cases, it seems safer to be resilient to invalid -values for 'oldpc'. Valid but wrong values at most cause an extra call -to a line hook. - -CVE: CVE-2020-15945 - -[Adjust the code to be applicable to the tree] - -Upstream-Status: Backport [https://github.com/lua/lua/commit/a2195644d89812e5b157ce7bac35543e06db05e3] - -Signed-off-by: Wenlin Kang <wenlin.kang@windriver.com> -Signed-off-by: Joe Slater <joe.slater@@windriver.com> - ---- - src/ldebug.c | 30 +++++++++++++++--------------- - src/ldebug.h | 4 ++++ - src/ldo.c | 2 +- - src/lstate.c | 1 + - src/lstate.h | 2 +- - 5 files changed, 22 insertions(+), 17 deletions(-) - -diff --git a/src/ldebug.c b/src/ldebug.c -index 239affb..832b16c 100644 ---- a/src/ldebug.c -+++ b/src/ldebug.c -@@ -34,9 +34,8 @@ - #define noLuaClosure(f) ((f) == NULL || (f)->c.tt == LUA_TCCL) - - --/* Active Lua function (given call info) */ --#define ci_func(ci) (clLvalue((ci)->func)) -- -+/* inverse of 'pcRel' */ -+#define invpcRel(pc, p) ((p)->code + (pc) + 1) - - static const char *funcnamefromcode (lua_State *L, CallInfo *ci, - const char **name); -@@ -71,20 +70,18 @@ static void swapextra (lua_State *L) { - - /* - ** This function can be called asynchronously (e.g. during a signal). --** Fields 'oldpc', 'basehookcount', and 'hookcount' (set by --** 'resethookcount') are for debug only, and it is no problem if they --** get arbitrary values (causes at most one wrong hook call). 'hookmask' --** is an atomic value. We assume that pointers are atomic too (e.g., gcc --** ensures that for all platforms where it runs). Moreover, 'hook' is --** always checked before being called (see 'luaD_hook'). -+** Fields 'basehookcount' and 'hookcount' (set by 'resethookcount') -+** are for debug only, and it is no problem if they get arbitrary -+** values (causes at most one wrong hook call). 'hookmask' is an atomic -+** value. We assume that pointers are atomic too (e.g., gcc ensures that -+** for all platforms where it runs). Moreover, 'hook' is always checked -+** before being called (see 'luaD_hook'). - */ - LUA_API void lua_sethook (lua_State *L, lua_Hook func, int mask, int count) { - if (func == NULL || mask == 0) { /* turn off hooks? */ - mask = 0; - func = NULL; - } -- if (isLua(L->ci)) -- L->oldpc = L->ci->u.l.savedpc; - L->hook = func; - L->basehookcount = count; - resethookcount(L); -@@ -665,7 +662,10 @@ l_noret luaG_runerror (lua_State *L, const char *fmt, ...) { - void luaG_traceexec (lua_State *L) { - CallInfo *ci = L->ci; - lu_byte mask = L->hookmask; -+ const Proto *p = ci_func(ci)->p; - int counthook = (--L->hookcount == 0 && (mask & LUA_MASKCOUNT)); -+ /* 'L->oldpc' may be invalid; reset it in this case */ -+ int oldpc = (L->oldpc < p->sizecode) ? L->oldpc : 0; - if (counthook) - resethookcount(L); /* reset count */ - else if (!(mask & LUA_MASKLINE)) -@@ -677,15 +677,15 @@ void luaG_traceexec (lua_State *L) { - if (counthook) - luaD_hook(L, LUA_HOOKCOUNT, -1); /* call count hook */ - if (mask & LUA_MASKLINE) { -- Proto *p = ci_func(ci)->p; - int npc = pcRel(ci->u.l.savedpc, p); - int newline = getfuncline(p, npc); - if (npc == 0 || /* call linehook when enter a new function, */ -- ci->u.l.savedpc <= L->oldpc || /* when jump back (loop), or when */ -- newline != getfuncline(p, pcRel(L->oldpc, p))) /* enter a new line */ -+ ci->u.l.savedpc <= invpcRel(oldpc, p) || /* when jump back (loop), or when */ -+ newline != getfuncline(p, oldpc)) /* enter a new line */ - luaD_hook(L, LUA_HOOKLINE, newline); /* call line hook */ -+ -+ L->oldpc = npc; /* 'pc' of last call to line hook */ - } -- L->oldpc = ci->u.l.savedpc; - if (L->status == LUA_YIELD) { /* did hook yield? */ - if (counthook) - L->hookcount = 1; /* undo decrement to zero */ -diff --git a/src/ldebug.h b/src/ldebug.h -index 0e31546..c224cc4 100644 ---- a/src/ldebug.h -+++ b/src/ldebug.h -@@ -13,6 +13,10 @@ - - #define pcRel(pc, p) (cast(int, (pc) - (p)->code) - 1) - -+/* Active Lua function (given call info) */ -+#define ci_func(ci) (clLvalue((ci)->func)) -+ -+ - #define getfuncline(f,pc) (((f)->lineinfo) ? (f)->lineinfo[pc] : -1) - - #define resethookcount(L) (L->hookcount = L->basehookcount) -diff --git a/src/ldo.c b/src/ldo.c -index 90b695f..f66ac1a 100644 ---- a/src/ldo.c -+++ b/src/ldo.c -@@ -382,7 +382,7 @@ int luaD_poscall (lua_State *L, CallInfo *ci, StkId firstResult, int nres) { - luaD_hook(L, LUA_HOOKRET, -1); - firstResult = restorestack(L, fr); - } -- L->oldpc = ci->previous->u.l.savedpc; /* 'oldpc' for caller function */ -+ L->oldpc = pcRel(ci->u.l.savedpc, ci_func(ci)->p); /* 'oldpc' for caller function */ - } - res = ci->func; /* res == final position of 1st result */ - L->ci = ci->previous; /* back to caller */ -diff --git a/src/lstate.c b/src/lstate.c -index 9194ac3..3573e36 100644 ---- a/src/lstate.c -+++ b/src/lstate.c -@@ -236,6 +236,7 @@ static void preinit_thread (lua_State *L, global_State *g) { - L->nny = 1; - L->status = LUA_OK; - L->errfunc = 0; -+ L->oldpc = 0; - } - - -diff --git a/src/lstate.h b/src/lstate.h -index a469466..d75eadf 100644 ---- a/src/lstate.h -+++ b/src/lstate.h -@@ -164,7 +164,6 @@ struct lua_State { - StkId top; /* first free slot in the stack */ - global_State *l_G; - CallInfo *ci; /* call info for current function */ -- const Instruction *oldpc; /* last pc traced */ - StkId stack_last; /* last free slot in the stack */ - StkId stack; /* stack base */ - UpVal *openupval; /* list of open upvalues in this stack */ -@@ -174,6 +173,7 @@ struct lua_State { - CallInfo base_ci; /* CallInfo for first level (C calling Lua) */ - volatile lua_Hook hook; - ptrdiff_t errfunc; /* current error handling function (stack index) */ -+ int oldpc; /* last pc traced */ - int stacksize; - int basehookcount; - int hookcount; --- -2.13.3 - diff --git a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb index f830e0925..af3054dcb 100644 --- a/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb +++ b/meta-openembedded/meta-oe/recipes-devtools/lua/lua_5.3.6.bb @@ -8,7 +8,6 @@ SRC_URI = "http://www.lua.org/ftp/lua-${PV}.tar.gz;name=tarballsrc \ file://lua.pc.in \ file://0001-Allow-building-lua-without-readline-on-Linux.patch \ file://CVE-2020-15888.patch \ - file://CVE-2020-15945.patch \ file://0001-Fixed-bug-barriers-cannot-be-active-during-sweep.patch \ " |