diff options
Diffstat (limited to 'meta-openbmc-mods/meta-common/recipes-core/glibc')
3 files changed, 67 insertions, 0 deletions
diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0035-Fix-build-error.patch b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0035-Fix-build-error.patch new file mode 100644 index 000000000..6cf56c64f --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0035-Fix-build-error.patch @@ -0,0 +1,26 @@ +From 2a246ee8129e7cd4660fe76f7ab656191be7bc5e Mon Sep 17 00:00:00 2001 +From: Jae Hyun Yoo <jae.hyun.yoo@intel.com> +Date: Thu, 11 Mar 2021 11:23:00 -0800 +Subject: [PATCH] Fix build error + +Signed-off-by: Jae Hyun Yoo <jae.hyun.yoo@intel.com> +--- + stdlib/canonicalize.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/stdlib/canonicalize.c b/stdlib/canonicalize.c +index 698f9ede2557..cac1f73d7471 100644 +--- a/stdlib/canonicalize.c ++++ b/stdlib/canonicalize.c +@@ -198,7 +198,7 @@ static char * + realpath_stk (const char *name, char *resolved, + struct scratch_buffer *rname_buf) + { +- char *dest; ++ char *dest = NULL; + char const *start; + char const *end; + int num_links = 0; +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0036-sunrpc-use-snprintf-to-guard-against-buffer-overflow.patch b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0036-sunrpc-use-snprintf-to-guard-against-buffer-overflow.patch new file mode 100644 index 000000000..079ce0faa --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc/0036-sunrpc-use-snprintf-to-guard-against-buffer-overflow.patch @@ -0,0 +1,35 @@ +From 174f4391195960b0b728fb5ee4959fcb9e12d59a Mon Sep 17 00:00:00 2001 +From: Philipp Tomsich <philipp.tomsich@vrull.eu> +Date: Wed, 2 Dec 2020 20:04:11 +0100 +Subject: [PATCH] sunrpc: use snprintf to guard against buffer overflow + +GCC11 has improved detection of buffer overflows detectable through the analysis +of format strings and parameters, which identifies the following issue: + netname.c:52:28: error: '%s' directive writing up to 255 bytes into a region + of size between 239 and 249 [-Werror=format-overflow=] + +This rewrites user2netname() to use snprintf to guard against overflows. +--- + sunrpc/netname.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/sunrpc/netname.c b/sunrpc/netname.c +index ceed23b1a72d..1a18b7a39453 100644 +--- a/sunrpc/netname.c ++++ b/sunrpc/netname.c +@@ -49,8 +49,10 @@ user2netname (char netname[MAXNETNAMELEN + 1], const uid_t uid, + if ((strlen (dfltdom) + OPSYS_LEN + 3 + MAXIPRINT) > (size_t) MAXNETNAMELEN) + return 0; + +- sprintf (netname, "%s.%d@%s", OPSYS, uid, dfltdom); +- i = strlen (netname); ++ i = snprintf (netname, MAXNETNAMELEN + 1, "%s.%d@%s", OPSYS, uid, dfltdom); ++ if (i > (size_t) MAXNETNAMELEN) ++ return 0; ++ + if (netname[i - 1] == '.') + netname[i - 1] = '\0'; + return 1; +-- +2.17.1 + diff --git a/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend new file mode 100644 index 000000000..19e136238 --- /dev/null +++ b/meta-openbmc-mods/meta-common/recipes-core/glibc/glibc_%.bbappend @@ -0,0 +1,6 @@ +FILESEXTRAPATHS:prepend := "${THISDIR}/${PN}:" + +SRC_URI += " \ + file://0035-Fix-build-error.patch \ + file://0036-sunrpc-use-snprintf-to-guard-against-buffer-overflow.patch \ + " |