diff options
Diffstat (limited to 'meta-openembedded/meta-networking/recipes-connectivity/mbedtls')
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch | 57 | ||||
-rw-r--r-- | meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb (renamed from meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb) | 10 |
2 files changed, 63 insertions, 4 deletions
diff --git a/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch b/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch new file mode 100644 index 0000000000..836fce91e6 --- /dev/null +++ b/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls/fix-incorrect-EOF-check-in-ssl_context_info.patch @@ -0,0 +1,57 @@ +From d696e7d91e42a190d06760279d2e396392143454 Mon Sep 17 00:00:00 2001 +From: Nayna Jain <nayna@linux.ibm.com> +Date: Thu, 13 Aug 2020 19:17:53 +0000 +Subject: [PATCH] programs/ssl: Fix incorrect EOF check in ssl_context_info.c + +In `read_next_b64_code()`, the result of fgetc() is stored into a char, +but later compared against EOF, which is generally -1. On platforms +where char is unsigned, this generates a compiler warning/error that the +comparison will never be true (causing a build failure). The value will +never match, with the function ultimately bailing with a "Too many bad +symbols are detected" error. + +On platforms with signed char, EOF is detected, but a file containing a +0xFF character will causes a premature end of file exit of the loop. + +Fix this by changing the result to an int. + +Fixes #3794. + +Signed-off-by: Nayna Jain <nayna@linux.ibm.com> +Signed-off-by: David Brown <david.brown@linaro.org> +--- + ChangeLog.d/bugfix_3794.txt | 4 ++++ + programs/ssl/ssl_context_info.c | 4 ++-- + 2 files changed, 6 insertions(+), 2 deletions(-) + create mode 100644 ChangeLog.d/bugfix_3794.txt + +diff --git a/ChangeLog.d/bugfix_3794.txt b/ChangeLog.d/bugfix_3794.txt +new file mode 100644 +index 0000000000..a483ea76ae +--- /dev/null ++++ b/ChangeLog.d/bugfix_3794.txt +@@ -0,0 +1,4 @@ ++Bugfix ++ * Fix handling of EOF against 0xff bytes and on platforms with ++ unsigned chars. Fixes a build failure on platforms where char is ++ unsigned. Fixes #3794. +diff --git a/programs/ssl/ssl_context_info.c b/programs/ssl/ssl_context_info.c +index df8819a804..d109c1e6f7 100644 +--- a/programs/ssl/ssl_context_info.c ++++ b/programs/ssl/ssl_context_info.c +@@ -377,13 +377,13 @@ size_t read_next_b64_code( uint8_t **b64, size_t *max_len ) + int valid_balance = 0; /* balance between valid and invalid characters */ + size_t len = 0; + char pad = 0; +- char c = 0; ++ int c = 0; + + while( EOF != c ) + { + char c_valid = 0; + +- c = (char) fgetc( b64_file ); ++ c = fgetc( b64_file ); + + if( pad > 0 ) + { diff --git a/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb b/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb index 8e4b6c86c5..e3a0169566 100644 --- a/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.16.6.bb +++ b/meta-openembedded/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.24.0.bb @@ -18,13 +18,15 @@ understand what the code does. It features: \ HOMEPAGE = "https://tls.mbed.org/" LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=302d50a6369f5f22efdb674db908167a" +LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SECTION = "libs" -SRC_URI = "https://tls.mbed.org/download/mbedtls-${PV}-apache.tgz" -SRC_URI[md5sum] = "1f629a43c166de2eca808f3e30aa961d" -SRC_URI[sha256sum] = "66455e23a6190a30142cdc1113f7418158839331a9d8e6b0778631d077281770" +S = "${WORKDIR}/git" +SRCREV = "523f0554b6cdc7ace5d360885c3f5bbcc73ec0e8" +SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=development \ + file://fix-incorrect-EOF-check-in-ssl_context_info.patch \ +" inherit cmake |