From bb2b5b31a80eb164e47649036878773614e4dbdf Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sat, 23 Apr 2022 06:59:40 -0700 Subject: [PATCH 001/600] meta-openemnedded: Add myself as kirkstone maintainer Signed-off-by: Armin Kuster Signed-off-by: Khem Raj --- README | 2 +- meta-filesystems/README | 10 +++++----- meta-gnome/README | 10 +++++----- meta-initramfs/README | 8 ++++---- meta-multimedia/README | 10 +++++----- meta-networking/MAINTAINERS | 15 +++------------ meta-networking/README | 9 ++++----- meta-oe/README | 8 ++++---- meta-perl/README | 11 +++++------ meta-python/README | 13 +++++-------- meta-webserver/README | 11 +++++++---- meta-xfce/README | 11 +++++------ 12 files changed, 53 insertions(+), 65 deletions(-) diff --git a/README b/README index 7318f09cdba..82f2e9699ac 100644 --- a/README +++ b/README @@ -1,6 +1,6 @@ Collection of layers for the OE-core universe -Main layer maintainer: Khem Raj +Main layer maintainer: Armin Kuster This repository is a collection of layers to suppliment OE-Core with additional packages, Each layer have designated maintainer diff --git a/meta-filesystems/README b/meta-filesystems/README index 78a4429ce2e..a1cf6d99ba0 100644 --- a/meta-filesystems/README +++ b/meta-filesystems/README @@ -11,26 +11,26 @@ This layer depends on: URI: git://git.openembedded.org/openembedded-core layers: meta - branch: master + branch: kirkstone URI: git://git.openembedded.org/meta-openembedded layers: meta-oe - branch: master + branch: kirkstone Patches ======= Please submit any patches against the filesystems layer to the OpenEmbedded development mailing list (openembedded-devel@lists.openembedded.org) -with '[meta-filesystems]' in the subject. +with '[meta-filesystems][kirkstone]' in the subject. -Layer maintainer: Khem Raj +Layer maintainer: Armin Kuster When sending single patches, please use something like: git send-email -1 -M \ --to openembedded-devel@lists.openembedded.org \ - --subject-prefix='meta-filesystems][PATCH' + --subject-prefix='meta-filesystems][kirkstone][PATCH' Table of Contents diff --git a/meta-gnome/README b/meta-gnome/README index fbb0d724767..99ce43a332c 100644 --- a/meta-gnome/README +++ b/meta-gnome/README @@ -3,14 +3,14 @@ Dependencies This layer depends on: URI: git://git.openembedded.org/openembedded-core -branch: master +branch: kirkstone URI: git://git.openembedded.org/meta-openembedded -branch: master +branch: kirkstone -Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-gnome]' in the subject' +Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-gnome][kirkstone]' in the subject' When sending single patches, please using something like: -git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-gnome][PATCH' +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-gnome][kirkstone][PATCH' -Layer maintainer: Andreas Müller +Layer maintainer: Armin Kuster diff --git a/meta-initramfs/README b/meta-initramfs/README index 119293a741c..75c229dbf56 100644 --- a/meta-initramfs/README +++ b/meta-initramfs/README @@ -12,19 +12,19 @@ Dependencies This layer depends on: URI: git://git.openembedded.org/meta-openembedded -branch: master +branch: kirkstone Maintenance ----------- Send patches / pull requests to openembedded-devel@lists.openembedded.org -with '[meta-initramfs]' in the subject. +with '[meta-initramfs][kirkstone]' in the subject. When sending single patches, please using something like: -git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-initramfs][PATCH' +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-initramfs][kirkstone][PATCH' -Interm layer maintainer: Khem Raj +Interm layer maintainer: Armin Kuster License diff --git a/meta-multimedia/README b/meta-multimedia/README index 235c34331ba..f76f45b1010 100644 --- a/meta-multimedia/README +++ b/meta-multimedia/README @@ -1,17 +1,17 @@ This layer depends on: URI: git://git.openembedded.org/openembedded-core -branch: master +branch: kirkstone URI: git://git.openembedded.org/meta-openembedded layers: meta-oe -branch: master +branch: kirkstone -Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-multimedia]' in the subject +Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-multimedia][kirkstone]' in the subject When sending single patches, please use something like: -git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-multimedia][PATCH' +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-multimedia][kirkstone][PATCH' You are encouraged to fork the mirror on github https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch. Other services like GitLab, repo.or.cz or self hosted setups are of course accepted as well, 'git fetch ' works the same on all of them. We recommend github because it is free, easy to use, has been proven to be reliable and has a really good web GUI. -Layer maintainer: Andreas Müller +Layer maintainer: Armin Kuster diff --git a/meta-networking/MAINTAINERS b/meta-networking/MAINTAINERS index ce53ec471bc..0c569e5b9ad 100644 --- a/meta-networking/MAINTAINERS +++ b/meta-networking/MAINTAINERS @@ -2,13 +2,13 @@ This file contains a list of maintainers for the meta-networking layer. Please submit any patches against meta-networking to the OpenEmbedded development mailing list (openembedded-devel@lists.openembedded.org) with -'[meta-networking]' in the subject. +'[meta-networking][kirkstone]' in the subject. When sending single patches, please use something like: git send-email -1 -M \ --to openembedded-devel@lists.openembedded.org \ - --subject-prefix='meta-networking][PATCH' + --subject-prefix='meta-networking][kirkstone][PATCH' You may also contact the maintainers directly. @@ -26,18 +26,9 @@ Please keep this list in alphabetical order. Maintainers List (try to look for most precise areas first) COMMON -M: Khem Raj -M: "Joe MacDonald (backup)" +M: Armin Kuster L: openembedded-devel@lists.openembedded.org Q: https://patchwork.openembedded.org/project/oe/ S: Maintained F: conf F: recipes-* - -NETKIT -M: Armin Kuster -F: recipes-netkit - -OPENTHREAD -M: Stefan Schmidt -F: recipes-connectivity/openthread/ diff --git a/meta-networking/README b/meta-networking/README index 34e11a96dd1..e84bc66003f 100644 --- a/meta-networking/README +++ b/meta-networking/README @@ -18,22 +18,21 @@ Dependencies This layer depends on: URI: git://git.openembedded.org/openembedded-core -branch: master +branch: kirkstone For some recipes, the meta-oe layer is required: URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-oe -branch: master +branch: kirkstone URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-python -branch: master +branch: kirkstone Maintenance ----------- -Layer maintainers: Khem Raj - Armin Kuster (recipes-netkit) +Layer maintainers: Armin Kuster Please see the MAINTAINERS file for information on contacting the diff --git a/meta-oe/README b/meta-oe/README index 676a2c89252..a7149f76bcd 100644 --- a/meta-oe/README +++ b/meta-oe/README @@ -4,7 +4,7 @@ meta-oe This layer depends on: URI: git://github.com/openembedded/openembedded-core.git -branch: master +branch: kirkstone luajit recipe requires host compiler to be able to generate 32bit code when target is 32bit e.g. arm, so ensure that $CC -m32 is functional on build host, if building this recipe, needed @@ -16,10 +16,10 @@ pacman -S lib32-gcc-libs lib32-glibc Ubuntu sudo apt-get install gcc-multilib linux-libc-dev:i386 -Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe]' in the subject' +Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-oe][kirkstone]' in the subject' When sending single patches, please use something like: -'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][PATCH"' +'git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix="meta-oe][kirkstone][PATCH"' You are encouraged to fork the mirror on GitHub https://github.com/openembedded/meta-openembedded to share your patches, this is preferred for patch sets consisting of more than one patch. @@ -28,4 +28,4 @@ Other services like GitLab, repo.or.cz or self-hosted setups are of course accep 'git fetch ' works the same on all of them. We recommend GitHub because it is free, easy to use, has been proven to be reliable and has a really good web GUI. -layer maintainer: Khem Raj +layer maintainer: Armin Kuster diff --git a/meta-perl/README b/meta-perl/README index 13014b0ff31..91c4f5b9bf4 100644 --- a/meta-perl/README +++ b/meta-perl/README @@ -52,7 +52,7 @@ Dependencies This layer depends on: URI: git://git.openembedded.org/openembedded-core - branch: master + branch: kirkstone Adding the meta-perl layer to your build --------------------------------------- @@ -73,14 +73,13 @@ Maintenance ----------- Send patches / pull requests to openembedded-devel@lists.openembedded.org with -'[meta-perl]' in the subject. +'[meta-perl][kirkstone]' in the subject. When sending single patches, please using something like: -git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-perl][PATCH' +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-perl][kirkstone][PATCH' -Layer maintainers: - Hongxu Jia - Tim "moto-timo" Orling +Layer maintainers: Armin Kuster + License ------- diff --git a/meta-python/README b/meta-python/README index 8b62ad32b35..d2d363f337e 100644 --- a/meta-python/README +++ b/meta-python/README @@ -13,11 +13,11 @@ The meta-python layer depends on: URI: git://git.openembedded.org/openembedded-core layers: meta - branch: master + branch: kirkstone URI: git://git.openembedded.org/meta-openembedded layers: meta-oe - branch: master + branch: kirkstone Please follow the recommended setup procedures of your OE distribution. For Angstrom that is: @@ -33,15 +33,12 @@ comments and patch review. It is subscriber only, so please register before posting. Send pull requests to openembedded-devel@lists.openembedded.org with -'[meta-python]' in the subject. +'[meta-python][kirkstone]' in the subject. When sending single patches, please use something like: -git send-email -M -1 --to=openembedded-devel@lists.openembedded.org --subject-prefix='meta-python][PATCH' +git send-email -M -1 --to=openembedded-devel@lists.openembedded.org --subject-prefix='meta-python][kirkstone][PATCH' Maintenance ------------------------- -Layer maintainers: - Tim "moto-timo" Orling - Derek Straka - Trevor Gamblin +Layer maintainers: Armin Kuster diff --git a/meta-webserver/README b/meta-webserver/README index d23f6cc65c2..57bd0a72c69 100644 --- a/meta-webserver/README +++ b/meta-webserver/README @@ -13,13 +13,13 @@ This layer depends on: URI: git://git.openembedded.org/openembedded-core subdirectory: meta -branch: master +branch: kirkstone For some recipes, the meta-oe layer is required: URI: git://git.openembedded.org/meta-openembedded subdirectory: meta-oe -branch: master +branch: kirkstone @@ -50,9 +50,12 @@ Maintenance ----------- Send patches / pull requests to openembedded-devel@lists.openembedded.org -with '[meta-webserver]' in the subject. +with '[meta-webserver][kirkstone]' in the subject. -Layer maintainer: Derek Straka +When sending single patches, please using something like: +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-webserver][kirkstone][PATCH' + +Layer maintainer: Armin Kuster License diff --git a/meta-xfce/README b/meta-xfce/README index 3d6158628fc..03d23a9ad5c 100644 --- a/meta-xfce/README +++ b/meta-xfce/README @@ -1,10 +1,10 @@ This layer depends on: URI: git://git.openembedded.org/openembedded-core -branch: master +branch: kirkstone URI: git://git.openembedded.org/meta-openembedded -branch: master +branch: kirkstone meta-xfce depends on meta-oe, meta-gnome and meta-multimedia in this repository. @@ -13,10 +13,9 @@ this to local.conf: BBMASK = "meta-xfce/recipes-multimedia" -Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-xfce]' in the subject' +Send pull requests to openembedded-devel@lists.openembedded.org with '[meta-xfce][kirkstone]' in the subject' When sending single patches, please using something like: -git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-xfce][PATCH' +git send-email -M -1 --to openembedded-devel@lists.openembedded.org --subject-prefix='meta-xfce][kirkstone][PATCH' -Layer maintainer: Kai Kang -Layer maintainer: Andreas Müller +Layer maintainer: Armin Kuster From 2cd60a50035669079ef7206fb1eb7468c41625d8 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Fri, 22 Apr 2022 11:07:30 +0800 Subject: [PATCH 002/600] crash: Upgrade to 8.0.0 The bundled gdb upgraded to 10.2 [1] and remove related patches against the previous gdb 7.6. [1] https://github.com/crash-utility/crash/commit/ec568e2ea515b66343d3488d5d4b9a625d55b7ae Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit c7ce2371c021d713f5328a0a50b23a21f2e4792b) Signed-off-by: Armin Kuster --- ...error-unknown-type-name-gdb_fpregset.patch | 36 --------- ...tect-the-sysroot-s-glibc-header-file.patch | 33 -------- ...unrecognized-gcc-option-m32-for-mips.patch | 33 -------- ...im-arange-fix-extern-inline-handling.patch | 79 ------------------- ...m-ppc-drop-LIBS-from-psim-dependency.patch | 37 --------- .../crash/{crash_7.3.0.bb => crash_8.0.0.bb} | 12 +-- 6 files changed, 3 insertions(+), 227 deletions(-) delete mode 100644 meta-oe/recipes-kernel/crash/crash/0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch delete mode 100644 meta-oe/recipes-kernel/crash/crash/0003-crash-detect-the-sysroot-s-glibc-header-file.patch delete mode 100644 meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch delete mode 100644 meta-oe/recipes-kernel/crash/crash/sim-common-sim-arange-fix-extern-inline-handling.patch delete mode 100644 meta-oe/recipes-kernel/crash/crash/sim-ppc-drop-LIBS-from-psim-dependency.patch rename meta-oe/recipes-kernel/crash/{crash_7.3.0.bb => crash_8.0.0.bb} (87%) diff --git a/meta-oe/recipes-kernel/crash/crash/0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch b/meta-oe/recipes-kernel/crash/crash/0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch deleted file mode 100644 index 8355fe44ea4..00000000000 --- a/meta-oe/recipes-kernel/crash/crash/0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 52fc1a7c17768fd52c3577d21dad84e8babb94b5 Mon Sep 17 00:00:00 2001 -From: Dengke Du -Date: Thu, 6 Apr 2017 23:01:14 -0400 -Subject: [PATCH 2/3] crash: fix build error unknown type name 'gdb_fpregset_t' - -Upstream-Status: Pending - -Signed-off-by: Dengke Du ---- - gdb-7.6/gdb/gdb_proc_service.h | 3 +-- - 1 file changed, 1 insertion(+), 2 deletions(-) - -diff --git a/gdb-7.6/gdb/gdb_proc_service.h b/gdb-7.6/gdb/gdb_proc_service.h -index 8bc6088..99c6496 100644 ---- a/gdb-7.6/gdb/gdb_proc_service.h -+++ b/gdb-7.6/gdb/gdb_proc_service.h -@@ -20,6 +20,7 @@ - #define GDB_PROC_SERVICE_H - - #include -+#include "gregset.h" - - #ifdef HAVE_PROC_SERVICE_H - #include -@@ -53,8 +54,6 @@ - #include - #endif - --#include "gregset.h" -- - /* Functions in this interface return one of these status codes. */ - typedef enum - { --- -2.8.1 - diff --git a/meta-oe/recipes-kernel/crash/crash/0003-crash-detect-the-sysroot-s-glibc-header-file.patch b/meta-oe/recipes-kernel/crash/crash/0003-crash-detect-the-sysroot-s-glibc-header-file.patch deleted file mode 100644 index 1f4bd01da46..00000000000 --- a/meta-oe/recipes-kernel/crash/crash/0003-crash-detect-the-sysroot-s-glibc-header-file.patch +++ /dev/null @@ -1,33 +0,0 @@ -From c7950ef5228adc52a500b4fc67d7e48c3c09c1df Mon Sep 17 00:00:00 2001 -From: Dengke Du -Date: Thu, 6 Apr 2017 23:02:44 -0400 -Subject: [PATCH 3/3] crash: detect the sysroot's glibc header file - -This is cross compile, so let the Makefile detect the sysroot's glibc -header file, not the host's glibc header file. - -Upstream-Status: Pending - -Signed-off-by: Dengke Du ---- - Makefile | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Makefile b/Makefile -index b6b7e80..94f21a5 100644 ---- a/Makefile -+++ b/Makefile -@@ -264,8 +264,8 @@ gdb_patch: - if [ "${ARCH}" = "x86_64" ] && [ "${TARGET}" = "PPC64" ] && [ -f ${GDB}-ppc64le-support.patch ]; then \ - patch -d ${GDB} -p1 -F0 < ${GDB}-ppc64le-support.patch ; \ - fi -- if [ -f /usr/include/proc_service.h ]; then \ -- grep 'extern ps_err_e ps_get_thread_area (struct' /usr/include/proc_service.h; \ -+ if [ -f ${RECIPE_SYSROOT}/usr/include/proc_service.h ]; then \ -+ grep 'extern ps_err_e ps_get_thread_area (struct' ${RECIPE_SYSROOT}/usr/include/proc_service.h; \ - if [ $$? -eq 0 ]; then \ - patch -p0 < ${GDB}-proc_service.h.patch; \ - fi; \ --- -2.8.1 - diff --git a/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch b/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch deleted file mode 100644 index 37d43b88874..00000000000 --- a/meta-oe/recipes-kernel/crash/crash/remove-unrecognized-gcc-option-m32-for-mips.patch +++ /dev/null @@ -1,33 +0,0 @@ -Upstream-Status: Pending - -It fails to build crash for mips with error: - -| mips-wrs-linux-gcc: error: unrecognized command line option '-m32' -| Makefile:291: recipe for target 'make_build_data' failed - -So remove the unrecognized option '-m32' for mips. - -Signed-off-by: Kai Kang ---- -diff --git a/configure.c b/configure.c -index cf1973b..71e97b3 100644 ---- a/configure.c -+++ b/configure.c -@@ -155,7 +155,7 @@ void add_extra_lib(char *); - #define TARGET_CFLAGS_PPC64_ON_X86_64 "TARGET_CFLAGS=" - #define TARGET_CFLAGS_MIPS "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64" - #define TARGET_CFLAGS_MIPS_ON_X86 "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64" --#define TARGET_CFLAGS_MIPS_ON_X86_64 "TARGET_CFLAGS=-m32 -D_FILE_OFFSET_BITS=64" -+#define TARGET_CFLAGS_MIPS_ON_X86_64 "TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64" - #define TARGET_CFLAGS_MIPS64 "TARGET_CFLAGS=" - #define TARGET_CFLAGS_SPARC64 "TARGET_CFLAGS=" - -@@ -167,7 +167,7 @@ void add_extra_lib(char *); - #define GDB_TARGET_ARM64_ON_X86_64 "GDB_CONF_FLAGS=--target=aarch64-elf-linux" /* TBD */ - #define GDB_TARGET_PPC64_ON_X86_64 "GDB_CONF_FLAGS=--target=powerpc64le-unknown-linux-gnu" - #define GDB_TARGET_MIPS_ON_X86 "GDB_CONF_FLAGS=--target=mipsel-elf-linux" --#define GDB_TARGET_MIPS_ON_X86_64 "GDB_CONF_FLAGS=--target=mipsel-elf-linux CFLAGS=-m32" -+#define GDB_TARGET_MIPS_ON_X86_64 "GDB_CONF_FLAGS=--target=mipsel-elf-linux" - - /* - * The original plan was to allow the use of a particular version diff --git a/meta-oe/recipes-kernel/crash/crash/sim-common-sim-arange-fix-extern-inline-handling.patch b/meta-oe/recipes-kernel/crash/crash/sim-common-sim-arange-fix-extern-inline-handling.patch deleted file mode 100644 index 0185b570457..00000000000 --- a/meta-oe/recipes-kernel/crash/crash/sim-common-sim-arange-fix-extern-inline-handling.patch +++ /dev/null @@ -1,79 +0,0 @@ -Upstream-Status: Backport - -https://sourceware.org/git/?p=binutils-gdb.git;a=commit;h=92fc615 - -Signed-off-by: Kai Kang --- -From 92fc6153a6fdf2a027d9780f5945712aafad4a9e Mon Sep 17 00:00:00 2001 -From: Mike Frysinger -Date: Sun, 29 Mar 2015 15:59:01 -0400 -Subject: [PATCH] sim: common: sim-arange: fix extern inline handling - -With newer versions of gcc (5.x), the extern inline we're using with the -sim-arange module no longer works. Since this code really wants the gnu -inline semantics, use that attribute explicitly. - -Reported-by: DJ Delorie -Reported-by: Joel Sherrill ---- - gdb-7.6/sim/common/sim-arange.h | 20 ++++++++++++-------- - gdb-7.6/sim/common/sim-inline.h | 4 +++- - 2 files changed, 15 insertions(+), 9 deletions(-) - -diff --git a/gdb-7.6/sim/common/sim-arange.h b/gdb-7.6/sim/common/sim-arange.h -index 73117f3..de842c9 100644 ---- a/gdb-7.6/sim/common/sim-arange.h -+++ b/gdb-7.6/sim/common/sim-arange.h -@@ -60,22 +60,26 @@ extern void sim_addr_range_delete (ADDR_RANGE * /*ar*/, - address_word /*start*/, - address_word /*end*/); - -+/* TODO: This should get moved into sim-inline.h. */ -+#ifdef HAVE_INLINE -+#ifdef SIM_ARANGE_C -+#define SIM_ARANGE_INLINE INLINE -+#else -+#define SIM_ARANGE_INLINE EXTERN_INLINE -+#endif -+#else -+#define SIM_ARANGE_INLINE EXTERN -+#endif -+ - /* Return non-zero if ADDR is in range AR, traversing the entire tree. - If no range is specified, that is defined to mean "everything". */ --extern INLINE int -+SIM_ARANGE_INLINE int - sim_addr_range_hit_p (ADDR_RANGE * /*ar*/, address_word /*addr*/); - #define ADDR_RANGE_HIT_P(ar, addr) \ - ((ar)->range_tree == NULL || sim_addr_range_hit_p ((ar), (addr))) - - #ifdef HAVE_INLINE --#ifdef SIM_ARANGE_C --#define SIM_ARANGE_INLINE INLINE --#else --#define SIM_ARANGE_INLINE EXTERN_INLINE --#endif - #include "sim-arange.c" --#else --#define SIM_ARANGE_INLINE - #endif - #define SIM_ARANGE_C_INCLUDED - -diff --git a/gdb-7.6/sim/common/sim-inline.h b/gdb-7.6/sim/common/sim-inline.h -index af75562..8a9c286 100644 ---- a/gdb-7.6/sim/common/sim-inline.h -+++ b/gdb-7.6/sim/common/sim-inline.h -@@ -303,7 +303,9 @@ - /* ??? Temporary, pending decision to always use extern inline and do a vast - cleanup of inline support. */ - #ifndef INLINE2 --#if defined (__GNUC__) -+#if defined (__GNUC_GNU_INLINE__) || defined (__GNUC_STDC_INLINE__) -+#define INLINE2 __inline__ __attribute__ ((__gnu_inline__)) -+#elif defined (__GNUC__) - #define INLINE2 __inline__ - #else - #define INLINE2 /*inline*/ --- -2.6.1 - diff --git a/meta-oe/recipes-kernel/crash/crash/sim-ppc-drop-LIBS-from-psim-dependency.patch b/meta-oe/recipes-kernel/crash/crash/sim-ppc-drop-LIBS-from-psim-dependency.patch deleted file mode 100644 index 77a287f1460..00000000000 --- a/meta-oe/recipes-kernel/crash/crash/sim-ppc-drop-LIBS-from-psim-dependency.patch +++ /dev/null @@ -1,37 +0,0 @@ -Upstream-Status: Backport - -https://sourceware.org/git/?p=binutils-gdb.git;h=0d8a6ab - -Signed-off-by: Kai Kang ---- -From 0d8a6ab7d39d28fb1557e2a62e9e4b336341ab34 Mon Sep 17 00:00:00 2001 -From: Aaro Koskinen -Date: Mon, 17 Feb 2014 17:12:59 -0500 -Subject: [PATCH] sim: ppc: drop $(LIBS) from psim dependency - -When cross-compiling GDB for PPC, there's a prerequisite "-lz" for psim -that results in a build failure. With such prerequisite, GNU Make will -try to search the library from build machine's /usr/lib which is wrong. -On 64-bit Linux build machines the compilation will fail because of this. - -URL: https://sourceware.org/bugzilla/show_bug.cgi?id=12202 ---- - sim/ppc/Makefile.in | 2 +- - 1 files changed, 1 insertions(+), 1 deletions(-) - -diff --git a/gdb-7.6/sim/ppc/Makefile.in b/gdb-7.6/sim/ppc/Makefile.in -index b811f6f..740bdb0 100644 ---- a/gdb-7.6/sim/ppc/Makefile.in -+++ b/gdb-7.6/sim/ppc/Makefile.in -@@ -552,7 +552,7 @@ PACKAGE_SRC = @sim_pk_src@ - PACKAGE_OBJ = @sim_pk_obj@ - - --psim: $(TARGETLIB) main.o $(LIBIBERTY_LIB) $(BFD_LIB) $(LIBS) $(LIBINTL_DEP) -+psim: $(TARGETLIB) main.o $(LIBIBERTY_LIB) $(BFD_LIB) $(LIBINTL_DEP) - $(CC) $(CFLAGS) $(SIM_CFLAGS) $(LDFLAGS) -o psim$(EXEEXT) main.o $(TARGETLIB) $(BFD_LIB) $(LIBINTL) $(LIBIBERTY_LIB) $(LIBS) - - run: psim --- -1.9.4 - diff --git a/meta-oe/recipes-kernel/crash/crash_7.3.0.bb b/meta-oe/recipes-kernel/crash/crash_8.0.0.bb similarity index 87% rename from meta-oe/recipes-kernel/crash/crash_7.3.0.bb rename to meta-oe/recipes-kernel/crash/crash_8.0.0.bb index d4aa0d52b0d..4ea5b67de19 100644 --- a/meta-oe/recipes-kernel/crash/crash_7.3.0.bb +++ b/meta-oe/recipes-kernel/crash/crash_8.0.0.bb @@ -14,22 +14,16 @@ DEPENDS = "zlib readline coreutils-native ncurses-native" S = "${WORKDIR}/git" SRC_URI = "git://github.com/crash-utility/${BPN}.git;branch=master;protocol=https \ - ${GNU_MIRROR}/gdb/gdb-7.6.tar.gz;name=gdb;subdir=git \ + ${GNU_MIRROR}/gdb/gdb-10.2.tar.gz;name=gdb;subdir=git \ file://7001force_define_architecture.patch \ file://7003cross_ranlib.patch \ file://0001-cross_add_configure_option.patch \ - file://sim-ppc-drop-LIBS-from-psim-dependency.patch \ - file://sim-common-sim-arange-fix-extern-inline-handling.patch \ file://donnot-extract-gdb-during-do-compile.patch \ file://gdb_build_jobs_and_not_write_crash_target.patch \ - file://remove-unrecognized-gcc-option-m32-for-mips.patch \ - file://0002-crash-fix-build-error-unknown-type-name-gdb_fpregset.patch \ - file://0003-crash-detect-the-sysroot-s-glibc-header-file.patch \ " -SRCREV = "2a3e546942ab560f050ab77e8c7828b06513b3f0" +SRCREV = "ec568e2ea515b66343d3488d5d4b9a625d55b7ae" -SRC_URI[gdb.md5sum] = "a9836707337e5f7bf76a009a8904f470" -SRC_URI[gdb.sha256sum] = "8070389a5dcc104eb0be483d582729f98ed4d761ad19cedd3f17b5d2502faa36" +SRC_URI[gdb.sha256sum] = "b33ad58d687487a821ec8d878daab0f716be60d0936f2e3ac5cf08419ce70350" UPSTREAM_CHECK_URI = "https://github.com/crash-utility/crash/releases" From 2acf451b1b661a32ad75eea0dbaa06ba45298c1c Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 22 Apr 2022 17:53:35 -0700 Subject: [PATCH 003/600] crash: Fix build for mips target The patch to remove these options is removed therefore instrument them via sed operations Signed-off-by: Khem Raj Cc: Mingli Yu (cherry picked from commit 224d8a8cbeef0c5ccdf03e9f6660203af7abead6) Signed-off-by: Armin Kuster --- meta-oe/recipes-kernel/crash/crash_8.0.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-kernel/crash/crash_8.0.0.bb b/meta-oe/recipes-kernel/crash/crash_8.0.0.bb index 4ea5b67de19..55de6a604b7 100644 --- a/meta-oe/recipes-kernel/crash/crash_8.0.0.bb +++ b/meta-oe/recipes-kernel/crash/crash_8.0.0.bb @@ -72,6 +72,7 @@ do_compile:prepend() { sed -i s/FORCE_DEFINE_ARCH/"${ARCH}"/g ${S}/configure.c sed -i -e 's/#define TARGET_CFLAGS_ARM_ON_X86_64.*/#define TARGET_CFLAGS_ARM_ON_X86_64\t\"TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64\"/g' ${S}/configure.c + sed -i -e 's/#define TARGET_CFLAGS_MIPS_ON_X86_64.*/#define TARGET_CFLAGS_MIPS_ON_X86_64\t\"TARGET_CFLAGS=-D_FILE_OFFSET_BITS=64\"/g' ${S}/configure.c sed -i 's/>/>/g' ${S}/Makefile } From 0af5a288541b808005147e3b2ae58f99d148d35b Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 07:47:52 -0700 Subject: [PATCH 004/600] tcsh: Do not install symlinks into /bin with usrmerge Signed-off-by: Khem Raj (cherry picked from commit e059bf5da05dd895ac5fde665f283022ad5c59d2) Signed-off-by: Armin Kuster --- meta-oe/recipes-shells/tcsh/tcsh_6.22.04.bb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-shells/tcsh/tcsh_6.22.04.bb b/meta-oe/recipes-shells/tcsh/tcsh_6.22.04.bb index c4da5cd8355..f7282bf1fdb 100644 --- a/meta-oe/recipes-shells/tcsh/tcsh_6.22.04.bb +++ b/meta-oe/recipes-shells/tcsh/tcsh_6.22.04.bb @@ -27,8 +27,10 @@ do_install:append () { oe_runmake install.man DESTDIR=${D} install -d ${D}${base_bindir} - ln -s /usr/bin/tcsh ${D}${base_bindir}/tcsh - ln -s /usr/bin/tcsh ${D}${base_bindir}/csh + if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then + ln -s /usr/bin/tcsh ${D}${base_bindir}/tcsh + ln -s /usr/bin/tcsh ${D}${base_bindir}/csh + fi install -d ${D}${sysconfdir}/csh/login.d install -m 0644 ${S}/csh.cshrc ${S}/csh.login ${S}/csh.logout ${S}/complete.tcsh ${D}${sysconfdir} install -D -m 0644 ${S}/csh-mode.el ${D}${datadir}/emacs/site-lisp/csh-mode.el From 9d811bf27b3386cd1d0ab3bb4705f135d9b518b3 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 07:53:24 -0700 Subject: [PATCH 005/600] arno-iptables-firewall: Do not use bitbake variable inside S Location of file inside sourcedir fixed but bitbake variable systemd_unitdir varies depending on usrmerge feature hence can not be used here Signed-off-by: Khem Raj (cherry picked from commit 2b643dcefe8ae4ef0cd3066bd31bae41e322b84c) Signed-off-by: Armin Kuster --- .../arno-iptables-firewall/arno-iptables-firewall_2.1.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.1.bb b/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.1.bb index bba11a8c645..e124fd29062 100644 --- a/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.1.bb +++ b/meta-networking/recipes-filter/arno-iptables-firewall/arno-iptables-firewall_2.1.1.bb @@ -20,7 +20,7 @@ do_install() { install -m 0755 ${S}/bin/arno-fwfilter ${D}${bindir} cp -r ${S}/share/arno-iptables-firewall/* ${D}${datadir}/arno-iptables-firewall cp -r ${S}/etc/arno-iptables-firewall/* ${D}${sysconfdir}/arno-iptables-firewall - install -m 0644 ${S}/${systemd_unitdir}/system/arno-iptables-firewall.service ${D}${systemd_unitdir}/system + install -m 0644 ${S}/lib/systemd/system/arno-iptables-firewall.service ${D}${systemd_unitdir}/system sed -i -e 's%/usr/local/sbin%${bindir}%g' ${D}${systemd_unitdir}/system/arno-iptables-firewall.service sed -i -e 's%/usr/local/sbin%${sbindir}%g' ${D}${bindir}/arno-iptables-firewall sed -i -e 's%/usr/local%${exec_prefix}%g' ${D}${sysconfdir}/arno-iptables-firewall/firewall.conf From 33e7b9608820962b0a8245b307b26843f1666865 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 08:35:11 -0700 Subject: [PATCH 006/600] fluentbit: Fix build with usrmerge distro feature Signed-off-by: Khem Raj (cherry picked from commit ae8e0ae77f74d966d687fef38bc1bccc76268f8f) Signed-off-by: Armin Kuster --- ...nit-install-location-with-SYSTEM_DIR.patch | 28 +++++++++++++++++++ .../fluentbit/fluentbit_1.3.5.bb | 3 +- 2 files changed, 30 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch new file mode 100644 index 00000000000..b90a62ef196 --- /dev/null +++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch @@ -0,0 +1,28 @@ +From 5571f949fa2048b79c197b5b10a11ecb1891cbe9 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sat, 23 Apr 2022 08:24:34 -0700 +Subject: [PATCH] Control sytemd unit install location with SYSTEM_DIR + +This helps building when usrmerge is on + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + src/CMakeLists.txt | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -323,7 +323,11 @@ if(FLB_BINARY) + "${PROJECT_SOURCE_DIR}/init/systemd.in" + ${FLB_SYSTEMD_SCRIPT} + ) +- install(FILES ${FLB_SYSTEMD_SCRIPT} DESTINATION /lib/systemd/system) ++ if(SYSTEMD_DIR) ++ install(FILES ${FLB_SYSTEMD_SCRIPT} DESTINATION ${SYSTEMD_DIR}) ++ else() ++ install(FILES ${FLB_SYSTEMD_SCRIPT} DESTINATION /lib/systemd/system) ++ endif() + install(DIRECTORY DESTINATION ${FLB_INSTALL_CONFDIR}) + elseif(IS_DIRECTORY /usr/share/upstart OR FLB_UPSTART) + set(FLB_UPSTART_SCRIPT "${PROJECT_SOURCE_DIR}/init/${FLB_OUT_NAME}.conf") diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb b/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb index 670d596cad9..e586262a606 100644 --- a/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb +++ b/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb @@ -18,6 +18,7 @@ SRC_URI = "http://fluentbit.io/releases/1.3/fluent-bit-${PV}.tar.gz \ file://0001-ppc-Fix-signature-for-co_create-API.patch \ file://0001-bin-fix-SIGSEGV-caused-by-using-flb_free-instead-of-.patch \ file://0002-parser-Fix-SIGSEGV-caused-by-using-flb_free-instead-.patch \ + file://0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch \ " SRC_URI[md5sum] = "6eae6dfd0a874e5dd270c36e9c68f747" SRC_URI[sha256sum] = "e037c76c89269c8dc4027a08e442fefd2751b0f1e0f9c38f9a4b12d781a9c789" @@ -47,7 +48,7 @@ EXTRA_OECMAKE += "-DFLB_LUAJIT=Off -DFLB_FILTER_LUA=Off " # Disable Library and examples EXTRA_OECMAKE += "-DFLB_SHARED_LIB=Off -DFLB_EXAMPLES=Off " -EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEMD=On','',d)}" +EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEMD=On -DSYSTEMD_DIR=${systemd_system_unitdir}','',d)}" EXTRA_OECMAKE:append:riscv64 = " -DFLB_DEPS='atomic'" EXTRA_OECMAKE:append:riscv32 = " -DFLB_DEPS='atomic'" From 6ac64c0376430ae9013b95c528a3b95034b5c683 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 09:08:32 -0700 Subject: [PATCH 007/600] tomoyo-tools: Define SBINDIR default SBINDIR is hardcoded to /sbin which does not work when using usrmerge Signed-off-by: Khem Raj (cherry picked from commit 8c7ffffa07d3c5bb8156a90f4f37dc0cc3166153) Signed-off-by: Armin Kuster --- meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb b/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb index a1c4cc9eb93..d9f09d1744c 100644 --- a/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb +++ b/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb @@ -26,5 +26,5 @@ do_compile () { } do_install() { - oe_runmake install INSTALLDIR=${D} + oe_runmake install SBINDIR=${base_sbindir} INSTALLDIR=${D} } From d2b014de51b460c6a73fefb4ec74a8b6ccb4be6f Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 09:09:41 -0700 Subject: [PATCH 008/600] tomoyo-tools: Drop md5sum Signed-off-by: Khem Raj (cherry picked from commit 984bc7eaca68923299797fae0fc6f89e2c6749e2) Signed-off-by: Armin Kuster --- meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb | 1 - 1 file changed, 1 deletion(-) diff --git a/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb b/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb index d9f09d1744c..2fcdb6bd612 100644 --- a/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb +++ b/meta-oe/recipes-security/tomoyo-tools/tomoyo-tools_2.5.0.bb @@ -6,7 +6,6 @@ HOMEPAGE = "http://tomoyo.sourceforge.jp/" SECTION = "System Environment/Kernel" SRC_URI = "http://jaist.dl.sourceforge.jp/tomoyo/53357/${BP}-20170102.tar.gz" -SRC_URI[md5sum] = "888804d58742452fe213a68f7eadd0ad" SRC_URI[sha256sum] = "00fedfac5e514321250bbe69eaccc732c8a8158596f77a785c2e3ae9f9968283" S = "${WORKDIR}/${BPN}" From f9164cfdd511bd46b51bb8dffb88b8dbc3c6f00e Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 10:22:24 -0700 Subject: [PATCH 009/600] dietsplash: specify install rootdir This takes care of rootdir being different when using usrmerge Signed-off-by: Khem Raj (cherry picked from commit 8cec1f1fd9ea585039d985943f3f20b37aff9a3b) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb b/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb index 44fc2d08ca4..2c28fde347a 100644 --- a/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb +++ b/meta-oe/recipes-graphics/dietsplash/dietsplash_git.bb @@ -17,6 +17,6 @@ inherit autotools S = "${WORKDIR}/git" EXTRA_OECONF = " --with-systemdsystemunitdir=${systemd_unitdir}/system \ - --disable-staticimages" + --disable-staticimages --with-rootdir=${root_prefix}" FILES:${PN} += "${systemd_unitdir}/system/" From 594d95b226ce2d81866f8059bdec38bfce9d4543 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 10:23:31 -0700 Subject: [PATCH 010/600] linux-atm: Add knob to root prefix Fixes build with usrmerge Signed-off-by: Khem Raj (cherry picked from commit d69c0da9d2ad86a5d57e7359eaba8fe26c1ed820) Signed-off-by: Armin Kuster --- .../linux-atm/0001-make-Add-PREFIX-knob.patch | 31 +++++++++++++++++++ .../linux-atm/linux-atm_2.5.2.bb | 7 ++--- 2 files changed, 34 insertions(+), 4 deletions(-) create mode 100644 meta-networking/recipes-support/linux-atm/linux-atm/0001-make-Add-PREFIX-knob.patch diff --git a/meta-networking/recipes-support/linux-atm/linux-atm/0001-make-Add-PREFIX-knob.patch b/meta-networking/recipes-support/linux-atm/linux-atm/0001-make-Add-PREFIX-knob.patch new file mode 100644 index 00000000000..9c83ef0af43 --- /dev/null +++ b/meta-networking/recipes-support/linux-atm/linux-atm/0001-make-Add-PREFIX-knob.patch @@ -0,0 +1,31 @@ +From 94cb952207e44a5c29578c9c56912190a5422876 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Sat, 23 Apr 2022 09:41:51 -0700 +Subject: [PATCH] make: Add PREFIX knob + +This will be used to pass appropriate root prefix which is different +when using usrmerge + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + src/extra/Makefile.am | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +--- a/src/extra/Makefile.am ++++ b/src/extra/Makefile.am +@@ -8,10 +8,10 @@ BUILT_SOURCES = pca200e.bin pca200e_ecd. + CLEANFILES = pca200e.bin pca200e_ecd.bin2 sba200e_ecd.bin2 + + install-exec-hook: +- $(MKDIR_P) $(DESTDIR)/lib/firmware +- $(INSTALL_DATA) $(builddir)/pca200e.bin $(DESTDIR)/lib/firmware +- $(INSTALL_DATA) $(builddir)/pca200e_ecd.bin2 $(DESTDIR)/lib/firmware +- $(INSTALL_DATA) $(builddir)/sba200e_ecd.bin2 $(DESTDIR)/lib/firmware ++ $(MKDIR_P) $(DESTDIR)$(ROOTPREFIX)/lib/firmware ++ $(INSTALL_DATA) $(builddir)/pca200e.bin $(DESTDIR)$(ROOTPREFIX)/lib/firmware ++ $(INSTALL_DATA) $(builddir)/pca200e_ecd.bin2 $(DESTDIR)$(ROOTPREFIX)/lib/firmware ++ $(INSTALL_DATA) $(builddir)/sba200e_ecd.bin2 $(DESTDIR)$(ROOTPREFIX)/lib/firmware + + %.bin %.bin2: %.data + objcopy -Iihex $< -Obinary $@.gz diff --git a/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb b/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb index effd7502ff6..bb79b785687 100644 --- a/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb +++ b/meta-networking/recipes-support/linux-atm/linux-atm_2.5.2.bb @@ -13,11 +13,11 @@ SRC_URI = "http://nchc.dl.sourceforge.net/project/${BPN}/${BPN}/${PV}/${BPN}-${P file://0003-mpoad-Drop-old-hack-to-compile-with-very-old-glibc.patch \ file://0001-IFNAMSIZ-is-defined-in-net-if.h.patch \ file://0001-saaldump-atmdump-Include-linux-sockios.h-for-SIOCGST.patch \ + file://0001-make-Add-PREFIX-knob.patch \ " SRC_URI:append:libc-musl = " file://musl-no-on_exit.patch" -SRC_URI[md5sum] = "d49499368c3cf15f73a05d9bce8824a8" SRC_URI[sha256sum] = "9645481a2b16476b59220aa2d6bc5bc41043f291326c9b37581018fbd16dd53a" LIC_FILES_CHKSUM = "\ @@ -27,7 +27,6 @@ file://COPYING.LGPL;md5=6e29c688d912da12b66b73e32b03d812" inherit autotools pkgconfig -# The firmware is explicitly put under /lib when installed. -# +EXTRA_OEMAKE += "ROOTPREFIX=${root_prefix}" -FILES:${PN} += "/lib/firmware" +FILES:${PN} += "${nonarch_base_libdir}/firmware" From 84560ca1cde0f0c0c7dafc6323c2559e8ef389b1 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 18:04:05 -0700 Subject: [PATCH 011/600] ufw: Fix build with usrmerge distro feature Signed-off-by: Khem Raj (cherry picked from commit a47c833126334404fcad459cc683e304fee54595) Signed-off-by: Armin Kuster --- meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb index 70216a85e3b..6dca784bf47 100644 --- a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb +++ b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb @@ -38,6 +38,13 @@ RRECOMMENDS:${PN} = " \ kernel-module-nf-recent \ " + +do_configure:prepend() { + if ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)}; then + sed -i -e 's|/lib|${nonarch_base_libdir}|' ${S}/setup.py + fi +} + do_install:append() { install -d ${D}${systemd_unitdir}/system/ install -m 0644 ${S}/doc/systemd.example ${D}${systemd_unitdir}/system/ufw.service From 99bf17042362d8a9b5219e44cee9b1e881424d98 Mon Sep 17 00:00:00 2001 From: Robert Yang Date: Sun, 24 Apr 2022 02:27:56 -0700 Subject: [PATCH 012/600] libldb: Fix installed-vs-shipped and rebuild error Fixed when multilib is disabled on intel-x86-64: MULITLIBS = "" $ bitbake sssd ERROR: sssd-2.5.2-r0 do_package: QA Issue: sssd: Files/directories were installed but not shipped in any package: /usr/lib/ldb /usr/lib64/ldb/modules/ldb/memberof.so Please set FILES such that these items are packaged. Alternatively if they are unneeded, avoid installing them or delete them within do_install. sssd: 2 installed and not shipped files. [installed-vs-shipped] And also remove bin/ got get a clean rebuild, otherwise, the rebuild result may be incorrect. Signed-off-by: Robert Yang Signed-off-by: Khem Raj (cherry picked from commit 5f6156c0ef842bd39e9eb1f7ce02eb7c7c961d3a) Signed-off-by: Armin Kuster --- .../recipes-support/libldb/libldb_2.3.3.bb | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/meta-networking/recipes-support/libldb/libldb_2.3.3.bb b/meta-networking/recipes-support/libldb/libldb_2.3.3.bb index c46a9784e38..6dd3ec3a9aa 100644 --- a/meta-networking/recipes-support/libldb/libldb_2.3.3.bb +++ b/meta-networking/recipes-support/libldb/libldb_2.3.3.bb @@ -68,3 +68,14 @@ FILES:pyldb = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/* \ FILES:pyldb-dbg = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/.debug \ ${libdir}/.debug/libpyldb-util.*.so.*" FILES:pyldb-dev = "${libdir}/libpyldb-util.*.so" + +# Prevent third_party/waf/waflib/Configure.py checking host's path which is +# incorrect for cross building. +export PREFIX = "/" +export LIBDIR = "${libdir}" +export BINDIR = "${bindir}" + +do_configure:prepend() { + # For a clean rebuild + rm -fr bin/ +} From ecaa905714490111aace0901dfdd7cb1da4937ca Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 24 Apr 2022 10:19:37 -0700 Subject: [PATCH 013/600] klibc: Recognise --dyld-prefix clang option This is added when usrmerge is enabled in distro Signed-off-by: Khem Raj (cherry picked from commit 6a52b84dbc41c8c831e5ce82b21900210ef1a8c4) Signed-off-by: Armin Kuster --- .../klibc/files/klcc-cross-accept-clang-options.patch | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta-initramfs/recipes-devtools/klibc/files/klcc-cross-accept-clang-options.patch b/meta-initramfs/recipes-devtools/klibc/files/klcc-cross-accept-clang-options.patch index 431c75e3afc..a3a06956378 100644 --- a/meta-initramfs/recipes-devtools/klibc/files/klcc-cross-accept-clang-options.patch +++ b/meta-initramfs/recipes-devtools/klibc/files/klcc-cross-accept-clang-options.patch @@ -5,7 +5,7 @@ Signed-off-by: Khem Raj --- a/klcc/klcc.in +++ b/klcc/klcc.in -@@ -207,6 +207,27 @@ while ( defined($a = shift(@ARGV)) ) { +@@ -207,6 +207,30 @@ while ( defined($a = shift(@ARGV)) ) { } elsif ( $a =~ /^--([sysroot=])(.*)$/ ) { # Override gcc encoded sysroot push(@ccopt, $a); @@ -29,6 +29,9 @@ Signed-off-by: Khem Raj + push(@ccopt, $a); + } elsif ( $a =~ '-rtlib=.*' ) { + # Allow clang options ++ push(@ccopt, $a); ++ } elsif ( $a =~ '--dyld-prefix=.*' ) { ++ # Allow clang options + push(@ccopt, $a); } else { die "$0: unknown option: $a\n"; From 00b970a87a6e10eb07f4b98d1e5fd3f9305e98a1 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 24 Apr 2022 10:20:42 -0700 Subject: [PATCH 014/600] mozjs: Use vendored icu on ppc/clang This helps compile gjs, external icu is needed with gcc-12 but not with clang Signed-off-by: Khem Raj (cherry picked from commit 78180b6c21638b41a5bab9ed706211304d5f2552) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/mozjs/mozjs-91_91.8.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-extended/mozjs/mozjs-91_91.8.0.bb b/meta-oe/recipes-extended/mozjs/mozjs-91_91.8.0.bb index af9256860c1..9b990ecdf35 100644 --- a/meta-oe/recipes-extended/mozjs/mozjs-91_91.8.0.bb +++ b/meta-oe/recipes-extended/mozjs/mozjs-91_91.8.0.bb @@ -24,6 +24,7 @@ inherit pkgconfig perlnative python3native rust DEPENDS += "zlib cargo-native python3 icu" DEPENDS:remove:mipsarch = "icu" +DEPENDS:remove:powerpc:toolchain-clang = "icu" B = "${WORKDIR}/build" @@ -43,6 +44,7 @@ JIT ?= "" JIT:mipsarch = "--disable-jit" ICU ?= "--with-system-icu" ICU:mipsarch = "" +ICU:powerpc:toolchain-clang = "" do_configure() { cd ${B} From 0105be9ed2f0a430394350f6e2e6ae9e76097878 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 08:06:04 -0700 Subject: [PATCH 015/600] boinc-client: Do not overwrite same file when using usrmerge in case usrmerge is enabled, unit file is already in expected location Signed-off-by: Khem Raj (cherry picked from commit b8e97f5b2a11c0d4be9f61821aead402780a4be7) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb b/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb index 5e991d30995..abcb304d30f 100644 --- a/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb +++ b/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb @@ -76,7 +76,8 @@ do_compile:prepend () { } do_install:append() { - if [ -e ${D}${nonarch_libdir}/systemd/system/boinc-client.service ]; then + if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)} -a \ + -e ${D}${nonarch_libdir}/systemd/system/boinc-client.service; then install -d ${D}${systemd_system_unitdir} mv \ ${D}${nonarch_libdir}/systemd/system/boinc-client.service \ From 0d5b77f988a2b03d88f53a27ede484062fc2d742 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 24 Apr 2022 20:17:22 -0700 Subject: [PATCH 016/600] pam-ssh-agent-auth: Use specific versions of BSD licenses Signed-off-by: Khem Raj (cherry picked from commit 088e40179871c6528eff5c328c68f061acd77ccb) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/pam/pam-ssh-agent-auth_0.10.3.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/pam/pam-ssh-agent-auth_0.10.3.bb b/meta-oe/recipes-extended/pam/pam-ssh-agent-auth_0.10.3.bb index f7cf4a03ff6..70655293263 100644 --- a/meta-oe/recipes-extended/pam/pam-ssh-agent-auth_0.10.3.bb +++ b/meta-oe/recipes-extended/pam/pam-ssh-agent-auth_0.10.3.bb @@ -2,7 +2,7 @@ SUMMARY = "pam-ssh-agent-auth" DESCRIPTION = "A PAM module which permits authentication via ssh-agent." HOMEPAGE = "http://sourceforge.net/projects/pamsshagentauth/" SECTION = "libs" -LICENSE = "OpenSSL & BSD" +LICENSE = "OpenSSL & BSD-2-Clause & BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.OpenSSL;md5=8ab01146141ded59b75f8ba7811ed05a \ file://OPENSSH_LICENSE;md5=7ae09218173be1643c998a4b71027f9b \ " From 1582f81805ee3114bc1a44bd5cf52d21f96702ca Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 23 Apr 2022 21:51:05 -0700 Subject: [PATCH 017/600] fwupd: Enable build with musl It does not fail anymore as the qemu options has been sorted Signed-off-by: Khem Raj (cherry picked from commit 1fa927eba97561d00e3a249c41356a482d68b402) Signed-off-by: Armin Kuster --- meta-oe/recipes-bsp/fwupd/fwupd_1.7.6.bb | 2 -- 1 file changed, 2 deletions(-) diff --git a/meta-oe/recipes-bsp/fwupd/fwupd_1.7.6.bb b/meta-oe/recipes-bsp/fwupd/fwupd_1.7.6.bb index 20dccc2356e..53f1720b046 100644 --- a/meta-oe/recipes-bsp/fwupd/fwupd_1.7.6.bb +++ b/meta-oe/recipes-bsp/fwupd/fwupd_1.7.6.bb @@ -4,8 +4,6 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=4fbd65380cdd255951079008b364516c" DEPENDS = "glib-2.0 libxmlb json-glib sqlite3 libjcat gcab vala-native" -COMPATIBLE_HOST:libc-musl = 'null' - SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${PV}/${BP}.tar.xz \ file://run-ptest" SRC_URI[sha256sum] = "7ebe1514acb688d2649cecc392db929094da3f03cfc98a9c0faccabb084912fa" From 828ff23e095ce316f42f5fa31cd1abce449eaadd Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:29:33 +0800 Subject: [PATCH 018/600] evince: upgrade 42.1 -> 42.2 Changelog: ========== comics: * Fix use-after-free (#1776) Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 4aa174ef75aa363d2ca6a45e433bbb51a5c53ef8) Signed-off-by: Armin Kuster --- .../recipes-gnome/evince/{evince_42.1.bb => evince_42.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/evince/{evince_42.1.bb => evince_42.2.bb} (92%) diff --git a/meta-gnome/recipes-gnome/evince/evince_42.1.bb b/meta-gnome/recipes-gnome/evince/evince_42.2.bb similarity index 92% rename from meta-gnome/recipes-gnome/evince/evince_42.1.bb rename to meta-gnome/recipes-gnome/evince/evince_42.2.bb index 2e22f2e7035..af6d74c1a0c 100644 --- a/meta-gnome/recipes-gnome/evince/evince_42.1.bb +++ b/meta-gnome/recipes-gnome/evince/evince_42.2.bb @@ -24,7 +24,7 @@ inherit gnomebase itstool gnome-help pkgconfig gsettings gobject-introspection g def gnome_verdir(v): return oe.utils.trim_version(v, 1) -SRC_URI[archive.sha256sum] = "b24767bb3d5103b4e35b0e15cf033dbe2488f88700cdd882d22a43adeec2e80a" +SRC_URI[archive.sha256sum] = "ff7f81f308cf8d4956ed97fb724a7e49448c214beeab998812ef9efbb38df8ae" GTKDOC_MESON_OPTION = "gtk_doc" From 7d8535aa304dafd9ad74566a7e0d755fb222a920 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:29:35 +0800 Subject: [PATCH 019/600] gspell: upgrade 1.9.1 -> 1.10.0 News in 1.10.0, 2022-04-16 -------------------------- * Build from git: some updates, take newer version of autoconf-archive. * Build: distribute more files in tarballs. * Documentation improvements. * Translation updates. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 2e84305baaf951caf84a31834a7ce0cf06890745) Signed-off-by: Armin Kuster --- .../recipes-gnome/gspell/{gspell_1.9.1.bb => gspell_1.10.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/gspell/{gspell_1.9.1.bb => gspell_1.10.0.bb} (76%) diff --git a/meta-gnome/recipes-gnome/gspell/gspell_1.9.1.bb b/meta-gnome/recipes-gnome/gspell/gspell_1.10.0.bb similarity index 76% rename from meta-gnome/recipes-gnome/gspell/gspell_1.9.1.bb rename to meta-gnome/recipes-gnome/gspell/gspell_1.10.0.bb index 15f1cadbaba..fe1b3ea67cc 100644 --- a/meta-gnome/recipes-gnome/gspell/gspell_1.9.1.bb +++ b/meta-gnome/recipes-gnome/gspell/gspell_1.10.0.bb @@ -7,4 +7,4 @@ DEPENDS = "gtk+3 iso-codes enchant2" inherit gnomebase gettext gobject-introspection vala -SRC_URI[archive.sha256sum] = "dcbb769dfdde8e3c0a8ed3102ce7e661abbf7ddf85df08b29915e92cd723abdd" +SRC_URI[archive.sha256sum] = "803bb884c0215d3fd22a85d7f30423aff88d9792f05a5199d8a489a2ffaae1da" From c6efbc40df8d55aa20478cc4233d4db9ebb24b45 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:29:36 +0800 Subject: [PATCH 020/600] gtksourceview5: upgrade 5.4.0 -> 5.4.1 News in 5.4.1, 2022-04-21 ------------------------- * Improved styling for style scheme preview widgets * Improved styling and positioning of completion windows * Improved styling for various style schemes * Unit test fixes * Hover assistants will no longer be showed if no providers completed successfully to add widgets * GtkSourceVimIMContext tries to handle various corner cases better with regards to reuse and being removed from an event controller or widget * GtkSourceCompletionCell has improved fast-paths for resetting cells to empty state when already empty * Improved sizing and placement of assistants including hover popovers, interactive tooltips, and completion windows * The overview map has improved it's fallback styling * The overview map will now properly update when the sourceview's right-margin-position changes * Fixes to vala.lang for regex detection * Translation updates Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 98840e726d251e39e14f30c8107c238f12251213) Signed-off-by: Armin Kuster --- .../{gtksourceview5_5.4.0.bb => gtksourceview5_5.4.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/gtksourceview/{gtksourceview5_5.4.0.bb => gtksourceview5_5.4.1.bb} (90%) diff --git a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.0.bb b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb similarity index 90% rename from meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.0.bb rename to meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb index 51ff4c898a0..3be392da81c 100644 --- a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.0.bb +++ b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb @@ -25,7 +25,7 @@ inherit gnomebase lib_package gettext features_check gtk-doc gtk-icon-cache gobj REQUIRED_DISTRO_FEATURES = "x11" SRC_URI = "https://download.gnome.org/sources/gtksourceview/5.4/${PNAME}-${PV}.tar.xz" -SRC_URI[sha256sum] = "003bc217e670a8ec8aa3aece994b70e70b7d6b8074938adda21718555d84e637" +SRC_URI[sha256sum] = "eb3584099cfa0adc9a0b1ede08def6320bd099e79e74a2d0aefb4057cd93d68e" GIR_MESON_ENABLE_FLAG = 'enabled' GIR_MESON_DISABLE_FLAG = 'disabled' From 0e49269ea0881737147d7d151365fa6cad6c5227 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:31:14 +0800 Subject: [PATCH 021/600] libadwaita: upgrade 1.1.0 -> 1.1.1 Changelog: ========== - AdwAvatar - Fix initials not updating after setting custom-image - AdwSplitButton: - Avoid state changes during dispose - AdwViewSwitcherTitle - Clear pending idle callback on unrealize - AdwPreferencesGroup - Annotation fixes - AdwPreferencesGroup - Annotation fixes - AdwTabBar - Ensure indicators are clickable with inverted=true - Fix resize deferring with non-expanded tabs - Fix scroll animation stopping too early - Mention AdwComboRow:selected type in migration guide - Fix a Meson error when using as a subproject - Translation updates: - Abkhazian - British English - Bulgarian - Catalan - Dutch Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 6d73127ced18b6702f4bddb9c9ffb1cdcf41b71c) Signed-off-by: Armin Kuster --- .../libadwaita/{libadwaita_1.1.0.bb => libadwaita_1.1.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/libadwaita/{libadwaita_1.1.0.bb => libadwaita_1.1.1.bb} (86%) diff --git a/meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.0.bb b/meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.1.bb similarity index 86% rename from meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.0.bb rename to meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.1.bb index d4820d12442..8ca3be352ee 100644 --- a/meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.0.bb +++ b/meta-gnome/recipes-gnome/libadwaita/libadwaita_1.1.1.bb @@ -11,7 +11,7 @@ DEPENDS = " \ inherit gnomebase gobject-introspection gtk-doc vala features_check -SRC_URI[archive.sha256sum] = "aff598803e810cc28266472cf5bf65e5ed5b90bb3523e206b06b14527325010e" +SRC_URI[archive.sha256sum] = "491169d4f6a11765328996bc088272d05c7235453bc0ee73c20dfd4bd67b401c" ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" REQUIRED_DISTRO_FEATURES = "opengl" From dc8106d8736dbd90426492d07ac905678d7cb3d4 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:36:14 +0800 Subject: [PATCH 022/600] nautilus: upgrade 42.0 -> 42.1.1 Major changes in 42.1.1 ========================= Revert wrongly introduced dependency on unstable gnome-desktop. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 2ff1569067ceb4fb9e16d0b03db0d01475731c34) Signed-off-by: Armin Kuster --- .../nautilus/{nautilus_42.0.bb => nautilus_42.1.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/nautilus/{nautilus_42.0.bb => nautilus_42.1.1.bb} (92%) diff --git a/meta-gnome/recipes-gnome/nautilus/nautilus_42.0.bb b/meta-gnome/recipes-gnome/nautilus/nautilus_42.1.1.bb similarity index 92% rename from meta-gnome/recipes-gnome/nautilus/nautilus_42.0.bb rename to meta-gnome/recipes-gnome/nautilus/nautilus_42.1.1.bb index 08277416f34..6d942204f67 100644 --- a/meta-gnome/recipes-gnome/nautilus/nautilus_42.0.bb +++ b/meta-gnome/recipes-gnome/nautilus/nautilus_42.1.1.bb @@ -21,7 +21,7 @@ inherit gnomebase gsettings gobject-introspection gtk-doc gettext features_check def gnome_verdir(v): return oe.utils.trim_version(v, 1) -SRC_URI[archive.sha256sum] = "3c904f33ba2d2a078892bee2af71484cd608923cd78ec7e8a1517bc2155113d5" +SRC_URI[archive.sha256sum] = "8519d4565e842aa3d31d0fe39b21d48ac54edc0f0658fe1d8ea2da4e704c1b66" REQUIRED_DISTRO_FEATURES = "x11" From f9e26e29611a91875f97c214b893e2f8a18da245 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:31:13 +0800 Subject: [PATCH 023/600] htpdate: upgrade 1.3.3 -> 1.3.4 Changes in 1.3.4 ---------------- - fix small memory leak in strdup - fix free in case of DNS lookup failure - other minor updates Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit b82354a2acce0370564426f7f824e628a27df2f8) Signed-off-by: Armin Kuster --- .../htpdate/{htpdate_1.3.3.bb => htpdate_1.3.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/htpdate/{htpdate_1.3.3.bb => htpdate_1.3.4.bb} (92%) diff --git a/meta-networking/recipes-support/htpdate/htpdate_1.3.3.bb b/meta-networking/recipes-support/htpdate/htpdate_1.3.4.bb similarity index 92% rename from meta-networking/recipes-support/htpdate/htpdate_1.3.3.bb rename to meta-networking/recipes-support/htpdate/htpdate_1.3.4.bb index d0cc414a64b..d25600645e4 100644 --- a/meta-networking/recipes-support/htpdate/htpdate_1.3.3.bb +++ b/meta-networking/recipes-support/htpdate/htpdate_1.3.4.bb @@ -14,7 +14,7 @@ LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://htpdate.c;beginline=26;endline=30;md5=2b6cdb94bd5349646d7e33f9f501eef7" SRC_URI = "http://www.vervest.org/htp/archive/c/htpdate-${PV}.tar.gz" -SRC_URI[sha256sum] = "74f34b013eba6f99369819fa4b3d48e9ab5e531ad04f6af59cc04e8777c76ed7" +SRC_URI[sha256sum] = "744f9200cfd3b008a5516c5eb6da727af532255a329126a7b8f49a5623985642" TARGET_CC_ARCH += "${LDFLAGS}" From af3643de41c7224ce48a2c01d7ad78ae199d34ac Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:31:12 +0800 Subject: [PATCH 024/600] hexedit: upgrade 1.5 -> 1.6 april 2022 - 1.6 - configure script must error-out when (n)curses isn't found - Move SIGWINCH handling from handler to NCURSES - Make configure.ac compliant with autoconf >= 2.70 - Check that malloc did not return NULL - Fix a possible memory leak in findFile() - Prevent division by zero on empty files. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit c4d4e192f48e98a0386980baa415218cb496048f) Signed-off-by: Armin Kuster --- .../recipes-extended/hexedit/{hexedit_1.5.bb => hexedit_1.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/hexedit/{hexedit_1.5.bb => hexedit_1.6.bb} (90%) diff --git a/meta-oe/recipes-extended/hexedit/hexedit_1.5.bb b/meta-oe/recipes-extended/hexedit/hexedit_1.6.bb similarity index 90% rename from meta-oe/recipes-extended/hexedit/hexedit_1.5.bb rename to meta-oe/recipes-extended/hexedit/hexedit_1.6.bb index e996593135d..d2b23b41b4f 100644 --- a/meta-oe/recipes-extended/hexedit/hexedit_1.5.bb +++ b/meta-oe/recipes-extended/hexedit/hexedit_1.6.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" SRC_URI = "git://github.com/pixel/hexedit.git;branch=master;protocol=https \ " -SRCREV = "baf45a289360a39a05253949fb9d1b50e4668d8a" +SRCREV = "eab92dcaa34b66bc5182772afc9fda4ac8a27597" S = "${WORKDIR}/git" From 02a62c79189abda4032ed17e73c55ec5ee12a54d Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:41:25 +0800 Subject: [PATCH 025/600] lsscsi: upgrade 0.31 -> 0.32 Changelog for released lsscsi-0.32 [20210505] [svn: r167] - improve NVMe device parsing (e.g. /dev/nvme0c1n2) - print nr_hw_queues when available for SCSI hosts - Remove blank line after NVMe device name with -HL - collect_disk_wwn_nodes: Fix WWN string copy - make WWN printing for NVMe more consistent with output from SCSI devices (e.g. with -u and -t) - logic to select best SCSI id (--scsi_id) to output - clean up warnings for gcc-10 - build with autoconf 2.70 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 4812d74accbfeeadb87a303e8fd1fc1eba8e2193) Signed-off-by: Armin Kuster --- meta-oe/recipes-bsp/lsscsi/{lsscsi_0.31.bb => lsscsi_0.32.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-oe/recipes-bsp/lsscsi/{lsscsi_0.31.bb => lsscsi_0.32.bb} (70%) diff --git a/meta-oe/recipes-bsp/lsscsi/lsscsi_0.31.bb b/meta-oe/recipes-bsp/lsscsi/lsscsi_0.32.bb similarity index 70% rename from meta-oe/recipes-bsp/lsscsi/lsscsi_0.31.bb rename to meta-oe/recipes-bsp/lsscsi/lsscsi_0.32.bb index 54faaa384b4..9e6eb7b7244 100644 --- a/meta-oe/recipes-bsp/lsscsi/lsscsi_0.31.bb +++ b/meta-oe/recipes-bsp/lsscsi/lsscsi_0.32.bb @@ -6,8 +6,7 @@ LIC_FILES_CHKSUM="file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3" SRC_URI = "http://sg.danny.cz/scsi/${BP}.tgz" -SRC_URI[md5sum] = "efb68946f51860e8eedc18d6784afdae" -SRC_URI[sha256sum] = "12bf1973014803c6fd6d547e7594a4c049f0eef3bf5d22190d4be29d7c09f3ca" +SRC_URI[sha256sum] = "0a800e9e94dca2ab702d65d72777ae8cae078e3d74d0bcbed64ba0849e8029a1" inherit autotools From 44affc28fa9a68d71ef668d26d1be4940e19a4d1 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:31:16 +0800 Subject: [PATCH 026/600] libencode-perl: upgrade 3.16 -> 3.17 Changelog: ========== ! bin/enc2xs t/enc_data.t t/enc_module.t t/encoding.t t/jperl.t Pulled: Fix Issue #144, spurious warnings from -Wc++-compate, and a few related nits https://github.com/dankogai/p5-encode/pull/168 ! MANIFEST add t/utf32warnings.t which was missing ! t/taint.t Pulled: Skip taint tests if your perl was built without taint support https://github.com/dankogai/p5-encode/pull/167 ! Unicode/Unicode.pm Pulled: fix link to Unicode standard https://github.com/dankogai/p5-encode/pull/165 ! t/Unicode_trailing_nul.t Pulled: Use note() instead of diag() https://github.com/dankogai/p5-encode/pull/164 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit a21bab91bd8eeb22aca87dd93d5499ad1e481450) Signed-off-by: Armin Kuster --- .../{libencode-perl_3.16.bb => libencode-perl_3.17.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-perl/recipes-perl/libencode/{libencode-perl_3.16.bb => libencode-perl_3.17.bb} (97%) diff --git a/meta-perl/recipes-perl/libencode/libencode-perl_3.16.bb b/meta-perl/recipes-perl/libencode/libencode-perl_3.17.bb similarity index 97% rename from meta-perl/recipes-perl/libencode/libencode-perl_3.16.bb rename to meta-perl/recipes-perl/libencode/libencode-perl_3.17.bb index 8d239e7e2e7..8b4f292a350 100644 --- a/meta-perl/recipes-perl/libencode/libencode-perl_3.16.bb +++ b/meta-perl/recipes-perl/libencode/libencode-perl_3.17.bb @@ -15,7 +15,7 @@ LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://META.json;beginline=8;endline=10;md5=b12e3be1e17a7e99ca4f429ff32c28b5" SRC_URI = "${CPAN_MIRROR}/authors/id/D/DA/DANKOGAI/Encode-${PV}.tar.gz" -SRC_URI[sha256sum] = "e5e91d98a97de70dccecc2a25d049a0b5f5f12228c618680020d73043355294c" +SRC_URI[sha256sum] = "b44cbf7dd60ec6128ec575dd348484975086522611bc7580cfd305a095faa6d2" UPSTREAM_CHECK_REGEX = "Encode\-(?P(\d+\.\d+))(?!_\d+).tar" From 418bd51840468ee746a9cf198a46c27668081f11 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:36:12 +0800 Subject: [PATCH 027/600] libextutils-cppguess-perl: upgrade 0.23 -> 0.26 Changelog from 0.23 to 0.26 ============================= - fix test-failure caused if CXX is set - ignore environment variables CXXFLAGS, CXXLDFLAGS (#26) - support environment variables CXX, CXXFLAGS, CXXLDFLAGS Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit e709705f411440e5a732e7e453bb6654264851e7) Signed-off-by: Armin Kuster --- ...-cppguess-perl_0.23.bb => libextutils-cppguess-perl_0.26.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-perl/recipes-perl/libextutils/{libextutils-cppguess-perl_0.23.bb => libextutils-cppguess-perl_0.26.bb} (92%) diff --git a/meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.23.bb b/meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.26.bb similarity index 92% rename from meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.23.bb rename to meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.26.bb index fd6347b3d0f..04a29fdc216 100644 --- a/meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.23.bb +++ b/meta-perl/recipes-perl/libextutils/libextutils-cppguess-perl_0.26.bb @@ -12,7 +12,7 @@ LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=81;endline=84;md5=84c0390b90ea8c6702ce659b67bed699" SRC_URI = "${CPAN_MIRROR}/authors/id/E/ET/ETJ/ExtUtils-CppGuess-${PV}.tar.gz" -SRC_URI[sha256sum] = "f96c48984eb6d8efb7d933b34f361d0c8b38335e3e5382e9aeccc0aa519a002c" +SRC_URI[sha256sum] = "c8b362b860172a4076acee00438f52b86464f2c500702cfcf7527811ff9a683e" S = "${WORKDIR}/ExtUtils-CppGuess-${PV}" From cac98ae0ab6454dd0b68d03b5202eca31d352f44 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 25 Apr 2022 15:41:26 +0800 Subject: [PATCH 028/600] libtest-harness-perl: upgrade 3.42 -> 3.44 Changelog: ========== - Fix skipping SEGV test - Fix failing SEGV test on Windows - Remove ASCII-isms to better work on EBCDIC - Move timer initialization - Fix YAMLish behaviour with empty values - fix eintr error handling in TAP::Parser::Multiplexer - Parse out signal name & core dump. - Let the aggregator finish gracefully after bailout - Make prove respect HARNESS_VERBOSE if no verbosity flags are passed License-Update: the following removed from README ================================================== To use Module::Build (preferred) do: perl NotBuild.PL ./Build ./Build test ./Build install Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit ddb6ca36b82dba3daccc2a8913e1a4764e30a549) Signed-off-by: Armin Kuster --- ...est-harness-perl_3.42.bb => libtest-harness-perl_3.44.bb} | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) rename meta-perl/recipes-perl/libtest/{libtest-harness-perl_3.42.bb => libtest-harness-perl_3.44.bb} (95%) diff --git a/meta-perl/recipes-perl/libtest/libtest-harness-perl_3.42.bb b/meta-perl/recipes-perl/libtest/libtest-harness-perl_3.44.bb similarity index 95% rename from meta-perl/recipes-perl/libtest/libtest-harness-perl_3.42.bb rename to meta-perl/recipes-perl/libtest/libtest-harness-perl_3.44.bb index b8547cb1fe9..58ca70b9e11 100644 --- a/meta-perl/recipes-perl/libtest/libtest-harness-perl_3.42.bb +++ b/meta-perl/recipes-perl/libtest/libtest-harness-perl_3.44.bb @@ -23,11 +23,10 @@ SECTION = "libs" HOMEPAGE = "http://testanything.org" LICENSE = "Artistic-1.0 | GPL-1.0-or-later" -LIC_FILES_CHKSUM = "file://README;beginline=29;endline=30;md5=b08db4360eec119e875dddd7cb8a5ddd" +LIC_FILES_CHKSUM = "file://README;beginline=29;endline=30;md5=d41d8cd98f00b204e9800998ecf8427e" SRC_URI = "${CPAN_MIRROR}/authors/id/L/LE/LEONT/Test-Harness-${PV}.tar.gz" -SRC_URI[md5sum] = "c794906473f88d6b74194e2d56f16bd6" -SRC_URI[sha256sum] = "0fd90d4efea82d6e262e6933759e85d27cbcfa4091b14bf4042ae20bab528e53" +SRC_URI[sha256sum] = "7eb591ea6b499ece6745ff3e80e60cee669f0037f9ccbc4e4511425f593e5297" UPSTREAM_CHECK_REGEX = "Test\-Harness\-(?P(\d+\.\d+))(?!_\d+).tar" From 9b7cbd177eee03d4a973916467ce7f514dcfb640 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Mon, 25 Apr 2022 12:00:01 +0800 Subject: [PATCH 029/600] makedumpfile: Upgrade to 1.7.1 Remove related man pages gz logic as it's removed in new version [1]. [1] https://github.com/makedumpfile/makedumpfile/commit/2169de66ecd4504a3e69e0be0330f492f966ce5e Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit f2748082e84b70c0a73d7d494b0f02338fedded1) Signed-off-by: Armin Kuster --- ...makedumpfile-replace-hardcode-CFLAGS.patch | 53 +++++++++---------- ...umpfile_1.7.0.bb => makedumpfile_1.7.1.bb} | 8 +-- 2 files changed, 26 insertions(+), 35 deletions(-) rename meta-oe/recipes-kernel/makedumpfile/{makedumpfile_1.7.0.bb => makedumpfile_1.7.1.bb} (85%) diff --git a/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch b/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch index 1dd87c8b11b..f3dc8a466a6 100644 --- a/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch +++ b/meta-oe/recipes-kernel/makedumpfile/makedumpfile/0001-makedumpfile-replace-hardcode-CFLAGS.patch @@ -1,6 +1,6 @@ -From af97e2ad643334b4c7c3d66f971ce9ebb2b596af Mon Sep 17 00:00:00 2001 +From 71b5a3905d5cd0feca88a0d61d7657ba5296a052 Mon Sep 17 00:00:00 2001 From: Mingli Yu -Date: Thu, 21 Jul 2016 18:06:21 +0800 +Date: Sun, 24 Apr 2022 17:25:33 +0800 Subject: [PATCH] makedumpfile: replace hardcode CFLAGS * Create alias for target such as powerpc as powerpc32 @@ -16,9 +16,12 @@ Signed-off-by: Mingli Yu [2021-11-18] Patch updated to use CFLAGS_COMMON for zstd Signed-off-by: Fathi Boudra + +Rebase to 1.7.1 +Signed-off-by: Mingli Yu --- - Makefile | 47 ++++++++++++++++++++++++----------------------- - 1 file changed, 24 insertions(+), 23 deletions(-) + Makefile | 42 ++++++++++++++++++++++-------------------- + 1 file changed, 22 insertions(+), 20 deletions(-) --- a/Makefile +++ b/Makefile @@ -35,19 +38,13 @@ Signed-off-by: Fathi Boudra HOST_ARCH := $(shell uname -m) # Use TARGET as the target architecture if specified. # Defaults to uname -m -@@ -21,29 +15,36 @@ ifeq ($(strip($TARGET)),) - TARGET := $(HOST_ARCH) - endif - --ARCH := $(shell echo ${TARGET} | sed -e s/i.86/x86/ -e s/sun4u/sparc64/ \ -- -e s/arm.*/arm/ -e s/sa110/arm/ \ -- -e s/s390x/s390/ -e s/parisc64/parisc/ \ +@@ -24,26 +18,34 @@ endif + ARCH := $(shell echo ${TARGET} | sed -e s/i.86/x86/ -e s/sun4u/sparc64/ \ + -e s/arm.*/arm/ -e s/sa110/arm/ \ + -e s/s390x/s390/ -e s/parisc64/parisc/ \ - -e s/ppc64/powerpc64/ -e s/ppc/powerpc32/) -+ARCH := $(shell echo __${TARGET}__ | sed -e s/i.86/x86/ -e s/sun4u/sparc64/ \ -+ -e s/arm.*/arm/ -e s/sa110/arm/ \ -+ -e s/s390x/s390/ -e s/parisc64/parisc/ \ -+ -e s/ppc64/powerpc64/ -e s/ppc/powerpc32/ \ -+ -e s/_powerpc_/_powerpc32_/) ++ -e s/ppc64/powerpc64/ -e s/ppc/powerpc32/ \ ++ -e s/_powerpc_/_powerpc32_/) CROSS := ifneq ($(TARGET), $(HOST_ARCH)) @@ -55,8 +52,7 @@ Signed-off-by: Fathi Boudra endif -CFLAGS += -D__$(ARCH)__ $(CROSS) --CFLAGS_ARCH += -D__$(ARCH)__ $(CROSS) -+CFLAGS_ARCH += -D$(ARCH) $(CROSS) + CFLAGS_ARCH += -D__$(ARCH)__ $(CROSS) -ifeq ($(ARCH), powerpc64) -CFLAGS += -m64 @@ -78,11 +74,12 @@ Signed-off-by: Fathi Boudra +CFLAGS_COMMON = $(CFLAGS_ARCH) \ + -DVERSION='"$(VERSION)"' \ + -DRELEASE_DATE='"$(DATE)"' ++ + SRC_BASE = makedumpfile.c makedumpfile.h diskdump_mod.h sadump_mod.h sadump_info.h - SRC_PART = print_info.c dwarf_info.c elf_info.c erase_info.c sadump_info.c cache.c tools.c printk.c + SRC_PART = print_info.c dwarf_info.c elf_info.c erase_info.c sadump_info.c cache.c tools.c printk.c detect_cycle.c OBJ_PART=$(patsubst %.c,%.o,$(SRC_PART)) -@@ -52,12 +53,12 @@ OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH)) +@@ -52,12 +54,12 @@ OBJ_ARCH=$(patsubst %.c,%.o,$(SRC_ARCH)) LIBS = -ldw -lbz2 -ldl -lelf -lz ifneq ($(LINKTYPE), dynamic) @@ -97,7 +94,7 @@ Signed-off-by: Fathi Boudra endif ifeq ($(USESNAPPY), on) -@@ -65,12 +66,12 @@ LIBS := -lsnappy $(LIBS) +@@ -65,12 +67,12 @@ LIBS := -lsnappy $(LIBS) ifneq ($(LINKTYPE), dynamic) LIBS := $(LIBS) -lstdc++ endif @@ -112,7 +109,7 @@ Signed-off-by: Fathi Boudra endif ifeq ($(DEBUG), on) -@@ -104,14 +105,14 @@ LIBS := $(LIBS) $(call try-run,\ +@@ -104,14 +106,14 @@ LIBS := $(LIBS) $(call try-run,\ all: makedumpfile $(OBJ_PART): $(SRC_PART) @@ -126,15 +123,15 @@ Signed-off-by: Fathi Boudra makedumpfile: $(SRC_BASE) $(OBJ_PART) $(OBJ_ARCH) - $(CC) $(CFLAGS) $(LDFLAGS) $(OBJ_PART) $(OBJ_ARCH) -rdynamic -o $@ $< $(LIBS) + $(CC) $(CFLAGS_COMMON) $(LDFLAGS) $(OBJ_PART) $(OBJ_ARCH) -rdynamic -o $@ $< $(LIBS) - echo .TH MAKEDUMPFILE 8 \"$(DATE)\" \"makedumpfile v$(VERSION)\" \"Linux System Administrator\'s Manual\" > temp.8 - grep -v "^.TH MAKEDUMPFILE 8" $(VPATH)makedumpfile.8 >> temp.8 - mv temp.8 makedumpfile.8 -@@ -122,7 +123,7 @@ makedumpfile: $(SRC_BASE) $(OBJ_PART) $( - gzip -c ./makedumpfile.conf.5 > ./makedumpfile.conf.5.gz + @sed -e "s/@DATE@/$(DATE)/" \ + -e "s/@VERSION@/$(VERSION)/" \ + $(VPATH)makedumpfile.8.in > $(VPATH)makedumpfile.8 +@@ -120,7 +122,7 @@ makedumpfile: $(SRC_BASE) $(OBJ_PART) $( + $(VPATH)makedumpfile.conf.5.in > $(VPATH)makedumpfile.conf.5 eppic_makedumpfile.so: extension_eppic.c - $(CC) $(CFLAGS) $(LDFLAGS) -shared -rdynamic -o $@ extension_eppic.c -fPIC -leppic -ltinfo + $(CC) $(CFLAGS_COMMON) $(LDFLAGS) -shared -rdynamic -o $@ extension_eppic.c -fPIC -leppic -ltinfo clean: - rm -f $(OBJ) $(OBJ_PART) $(OBJ_ARCH) makedumpfile makedumpfile.8.gz makedumpfile.conf.5.gz + rm -f $(OBJ) $(OBJ_PART) $(OBJ_ARCH) makedumpfile makedumpfile.8 makedumpfile.conf.5 diff --git a/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.0.bb b/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb similarity index 85% rename from meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.0.bb rename to meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb index d4da0318663..c3f965b041d 100644 --- a/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.0.bb +++ b/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb @@ -11,7 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" LICENSE = "GPL-2.0-only" SRCBRANCH ?= "master" -SRCREV = "06ef8e2b814feb08a668b7a3783c86674e49a7b1" +SRCREV = "74bbdd14ec861552ace1ca63953eb2ef73e1f965" DEPENDS = "bzip2 zlib elfutils xz" RDEPENDS:${PN}-tools = "perl ${PN}" @@ -52,12 +52,6 @@ do_install () { install -m 755 ${S}/makedumpfile ${D}/usr/bin install -m 755 ${S}/makedumpfile-R.pl ${D}/usr/bin - mkdir -p ${D}/usr/share/man/man8 - install -m 644 ${S}/makedumpfile.8.gz ${D}/usr/share/man/man8 - - mkdir -p ${D}/usr/share/man/man5 - install -m 644 ${S}/makedumpfile.conf.5.gz ${D}/usr/share/man/man5 - mkdir -p ${D}/etc/ install -m 644 ${S}/makedumpfile.conf ${D}/etc/makedumpfile.conf.sample } From 29a3311dccca8f1fd1457e5675091675194791a9 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 11:57:28 -0700 Subject: [PATCH 030/600] lirc: install systemd units only when using systemd distro feature These files are not needed when init system is not systemd Signed-off-by: Khem Raj (cherry picked from commit f0d0034e26934852a8d92176f87b4dfc4c7c2438) Signed-off-by: Armin Kuster --- .../meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb index c8929b75a31..f2b751928a2 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb @@ -68,12 +68,14 @@ do_install:append() { install -m 0755 -d ${D}${sysconfdir} install -m 0755 -d ${D}${sysconfdir}/lirc - install -m 0755 -d ${D}${systemd_unitdir}/system install -m 0755 -d ${D}${libdir}/tmpfiles.d install -m 0644 ${WORKDIR}/lircd.conf ${D}${sysconfdir}/lirc/ install -m 0644 ${WORKDIR}/lirc_options.conf ${D}${sysconfdir}/lirc/ - install -m 0644 ${WORKDIR}/lircd.service ${D}${systemd_unitdir}/system/ - install -m 0755 ${WORKDIR}/lircexec.init ${D}${systemd_unitdir}/system/ + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then + install -m 0755 -d ${D}${systemd_unitdir}/system + install -m 0644 ${WORKDIR}/lircd.service ${D}${systemd_unitdir}/system/ + install -m 0755 ${WORKDIR}/lircexec.init ${D}${systemd_unitdir}/system/ + fi install -m 0644 ${WORKDIR}/lirc.tmpfiles ${D}${libdir}/tmpfiles.d/lirc.conf rm -rf ${D}${libdir}/lirc/plugins/*.la rmdir ${D}/var/run/lirc ${D}/var/run From f18762a6d13d22c5b6137d4818cb229ce32316bf Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 11:54:23 -0700 Subject: [PATCH 031/600] fluentbit: Disable systemd support when systemd distro feature is disabled Signed-off-by: Khem Raj (cherry picked from commit f9a935ac8e0129fa91279ec8bff9f8ced93734f2) Signed-off-by: Armin Kuster --- ...Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch | 2 +- .../fluentbit/cross-build-init-system-detection.patch | 4 ++-- meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb | 3 ++- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch index b90a62ef196..bf4cda08f0b 100644 --- a/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch +++ b/meta-oe/recipes-extended/fluentbit/fluentbit/0001-Control-sytemd-unit-install-location-with-SYSTEM_DIR.patch @@ -24,5 +24,5 @@ Signed-off-by: Khem Raj + install(FILES ${FLB_SYSTEMD_SCRIPT} DESTINATION /lib/systemd/system) + endif() install(DIRECTORY DESTINATION ${FLB_INSTALL_CONFDIR}) - elseif(IS_DIRECTORY /usr/share/upstart OR FLB_UPSTART) + elseif(FLB_UPSTART) set(FLB_UPSTART_SCRIPT "${PROJECT_SOURCE_DIR}/init/${FLB_OUT_NAME}.conf") diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit/cross-build-init-system-detection.patch b/meta-oe/recipes-extended/fluentbit/fluentbit/cross-build-init-system-detection.patch index a1857899926..d3822fc8dab 100644 --- a/meta-oe/recipes-extended/fluentbit/fluentbit/cross-build-init-system-detection.patch +++ b/meta-oe/recipes-extended/fluentbit/fluentbit/cross-build-init-system-detection.patch @@ -12,7 +12,7 @@ Signed-off-by: Khem Raj # Detect init system, install upstart, systemd or init.d script - if(IS_DIRECTORY /lib/systemd/system) -+ if(IS_DIRECTORY /lib/systemd/system OR FLB_SYSTEMD) ++ if(FLB_SYSTEMD) set(FLB_SYSTEMD_SCRIPT "${PROJECT_SOURCE_DIR}/init/${FLB_OUT_NAME}.service") configure_file( "${PROJECT_SOURCE_DIR}/init/systemd.in" @@ -21,7 +21,7 @@ Signed-off-by: Khem Raj install(FILES ${FLB_SYSTEMD_SCRIPT} DESTINATION /lib/systemd/system) install(DIRECTORY DESTINATION ${FLB_INSTALL_CONFDIR}) - elseif(IS_DIRECTORY /usr/share/upstart) -+ elseif(IS_DIRECTORY /usr/share/upstart OR FLB_UPSTART) ++ elseif(FLB_UPSTART) set(FLB_UPSTART_SCRIPT "${PROJECT_SOURCE_DIR}/init/${FLB_OUT_NAME}.conf") configure_file( "${PROJECT_SOURCE_DIR}/init/upstart.in" diff --git a/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb b/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb index e586262a606..b231cc28787 100644 --- a/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb +++ b/meta-oe/recipes-extended/fluentbit/fluentbit_1.3.5.bb @@ -48,7 +48,8 @@ EXTRA_OECMAKE += "-DFLB_LUAJIT=Off -DFLB_FILTER_LUA=Off " # Disable Library and examples EXTRA_OECMAKE += "-DFLB_SHARED_LIB=Off -DFLB_EXAMPLES=Off " -EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEMD=On -DSYSTEMD_DIR=${systemd_system_unitdir}','',d)}" +# Enable systemd iff systemd is in DISTRO_FEATURES +EXTRA_OECMAKE += "${@bb.utils.contains('DISTRO_FEATURES','systemd','-DFLB_SYSTEMD=On -DSYSTEMD_DIR=${systemd_system_unitdir}','-DFLB_SYSTEMD=Off',d)}" EXTRA_OECMAKE:append:riscv64 = " -DFLB_DEPS='atomic'" EXTRA_OECMAKE:append:riscv32 = " -DFLB_DEPS='atomic'" From 198e3431176948f529d21be18d924bfd41e46ddf Mon Sep 17 00:00:00 2001 From: Willy Tu Date: Mon, 25 Apr 2022 15:35:03 -0700 Subject: [PATCH 032/600] absil-cpp: Update SRC_URI to to the latest google internal sync https://github.com/abseil/abseil-cpp/commit/7c6608d0dbe43cf9bdf7f77787bc6bc89cc42f8b The internal sync are tested within Google and ready for use. Signed-off-by: Willy Tu Signed-off-by: Khem Raj (cherry picked from commit 3c1c07e9a5477df68bfa1f739b38f10a5e78b07e) Signed-off-by: Armin Kuster --- .../abseil-cpp/abseil-ppc-fixes.patch | 20 +++++++++---------- .../abseil-cpp/abseil-cpp_git.bb | 4 ++-- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/abseil-ppc-fixes.patch b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/abseil-ppc-fixes.patch index 95210565c2c..ef3f50d9e72 100644 --- a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/abseil-ppc-fixes.patch +++ b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp/abseil-ppc-fixes.patch @@ -14,39 +14,39 @@ Signed-off-by: Khem Raj @@ -20,7 +20,7 @@ #include #endif - + -#if defined(__powerpc__) || defined(__ppc__) +#if (defined(__powerpc__) || defined(__ppc__)) && defined(__GLIBC__) #ifdef __GLIBC__ #include #elif defined(__FreeBSD__) -@@ -59,7 +59,7 @@ double UnscaledCycleClock::Frequency() { +@@ -53,7 +53,7 @@ double UnscaledCycleClock::Frequency() { return base_internal::NominalCPUFrequency(); } - + -#elif defined(__powerpc__) || defined(__ppc__) +#elif (defined(__powerpc__) || defined(__ppc__)) && defined(__GLIBC__) - + int64_t UnscaledCycleClock::Now() { #ifdef __GLIBC__ --- a/absl/base/internal/unscaledcycleclock.h +++ b/absl/base/internal/unscaledcycleclock.h @@ -46,7 +46,8 @@ - + // The following platforms have an implementation of a hardware counter. #if defined(__i386__) || defined(__x86_64__) || defined(__aarch64__) || \ - defined(__powerpc__) || defined(__ppc__) || defined(__riscv) || \ + ((defined(__powerpc__) || defined(__ppc__)) && defined(__GLIBC__)) || \ + defined(__riscv) || \ - defined(_M_IX86) || defined(_M_X64) + defined(_M_IX86) || (defined(_M_X64) && !defined(_M_ARM64EC)) #define ABSL_HAVE_UNSCALED_CYCLECLOCK_IMPLEMENTATION 1 #else --- a/absl/debugging/internal/examine_stack.cc +++ b/absl/debugging/internal/examine_stack.cc -@@ -27,6 +27,10 @@ +@@ -33,6 +33,10 @@ #include #include - + +#if defined(__powerpc__) +#include +#endif @@ -54,7 +54,7 @@ Signed-off-by: Khem Raj #include "absl/base/attributes.h" #include "absl/base/internal/raw_logging.h" #include "absl/base/macros.h" -@@ -63,8 +67,10 @@ void* GetProgramCounter(void* vuc) { +@@ -174,8 +178,10 @@ void* GetProgramCounter(void* const vuc) { return reinterpret_cast(context->uc_mcontext.pc); #elif defined(__powerpc64__) return reinterpret_cast(context->uc_mcontext.gp_regs[32]); @@ -68,7 +68,7 @@ Signed-off-by: Khem Raj #elif defined(__s390__) && !defined(__s390x__) --- a/absl/debugging/internal/stacktrace_config.h +++ b/absl/debugging/internal/stacktrace_config.h -@@ -59,7 +59,7 @@ +@@ -60,7 +60,7 @@ #elif defined(__i386__) || defined(__x86_64__) #define ABSL_STACKTRACE_INL_HEADER \ "absl/debugging/internal/stacktrace_x86-inl.inc" diff --git a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb index 82124c1083a..1bb27d43692 100644 --- a/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb +++ b/meta-oe/recipes-devtools/abseil-cpp/abseil-cpp_git.bb @@ -8,8 +8,8 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=df52c6edb7adc22e533b2bacc3bd3915" PV = "20211102.0+git${SRCPV}" -SRCREV = "215105818dfde3174fe799600bb0f3cae233d0bf" -BRANCH = "lts_2021_11_02" +SRCREV = "7c6608d0dbe43cf9bdf7f77787bc6bc89cc42f8b" +BRANCH = "master" SRC_URI = "git://github.com/abseil/abseil-cpp;branch=${BRANCH};protocol=https \ file://0001-absl-always-use-asm-sgidefs.h.patch \ file://0002-Remove-maes-option-from-cross-compilation.patch \ From 4efe181cd1a534af3e481a7628d77d64666ce4e9 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 22:40:42 -0700 Subject: [PATCH 033/600] gtksourceview5: Allow wayland or x11 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit bcfec90e909afc6a7db290219b789892653b62b5) Signed-off-by: Armin Kuster --- meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb index 3be392da81c..f667238e655 100644 --- a/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb +++ b/meta-gnome/recipes-gnome/gtksourceview/gtksourceview5_5.4.1.bb @@ -22,7 +22,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase lib_package gettext features_check gtk-doc gtk-icon-cache gobject-introspection vala -REQUIRED_DISTRO_FEATURES = "x11" +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI = "https://download.gnome.org/sources/gtksourceview/5.4/${PNAME}-${PV}.tar.xz" SRC_URI[sha256sum] = "eb3584099cfa0adc9a0b1ede08def6320bd099e79e74a2d0aefb4057cd93d68e" From 2c361302eb261c01b4e8a441f0094626bfb79d4d Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 22:41:52 -0700 Subject: [PATCH 034/600] gtkmm3: Allow wayland or x11 in distro features MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes build with no-x11 distros Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 3b311b6c1ec36dcdaf199f51b719bcdb9e0e50b1) Signed-off-by: Armin Kuster --- meta-oe/recipes-gnome/gtk+/gtkmm3_3.24.5.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-gnome/gtk+/gtkmm3_3.24.5.bb b/meta-oe/recipes-gnome/gtk+/gtkmm3_3.24.5.bb index 46c335860b0..0546814d8ed 100644 --- a/meta-oe/recipes-gnome/gtk+/gtkmm3_3.24.5.bb +++ b/meta-oe/recipes-gnome/gtk+/gtkmm3_3.24.5.bb @@ -14,7 +14,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase features_check -REQUIRED_DISTRO_FEATURES = "x11" +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI[archive.sha256sum] = "856333de86689f6a81c123f2db15d85db9addc438bc3574c36f15736aeae22e6" From cbd06deb96acbd465ef1d15103f95820272b90a8 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 22:42:29 -0700 Subject: [PATCH 035/600] gparted: Allow wayland or x11 distro features MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes build with no-X11 distros Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 528b1699ec248b272839c301c1d77ea6995f19e2) Signed-off-by: Armin Kuster --- meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb b/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb index 6f774904b70..dde5a02abbc 100644 --- a/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb +++ b/meta-gnome/recipes-extended/gparted/gparted_1.4.0.bb @@ -3,8 +3,9 @@ HOMEPAGE = "http://gparted.org/index.php" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" -inherit autotools pkgconfig python3native gnome-help gtk-icon-cache +inherit autotools pkgconfig python3native gnome-help gtk-icon-cache features_check +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI = " \ ${SOURCEFORGE_MIRROR}/project/${BPN}/${BPN}/${BPN}-${PV}/${BPN}-${PV}.tar.gz \ From 66866c48e3faac4704e9a7abf0a29a266dbfa4ca Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 25 Apr 2022 22:57:20 -0700 Subject: [PATCH 036/600] lirc: Delete systemd unit files on non systemd distros Signed-off-by: Khem Raj (cherry picked from commit 5255b6a0d93daeccc4238dee5148686168d52a06) Signed-off-by: Armin Kuster --- .../meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb index f2b751928a2..fe9685924b0 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-connectivity/lirc/lirc_0.10.1.bb @@ -68,15 +68,16 @@ do_install:append() { install -m 0755 -d ${D}${sysconfdir} install -m 0755 -d ${D}${sysconfdir}/lirc - install -m 0755 -d ${D}${libdir}/tmpfiles.d install -m 0644 ${WORKDIR}/lircd.conf ${D}${sysconfdir}/lirc/ install -m 0644 ${WORKDIR}/lirc_options.conf ${D}${sysconfdir}/lirc/ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then - install -m 0755 -d ${D}${systemd_unitdir}/system + install -m 0755 -d ${D}${systemd_unitdir}/system ${D}${libdir}/tmpfiles.d install -m 0644 ${WORKDIR}/lircd.service ${D}${systemd_unitdir}/system/ install -m 0755 ${WORKDIR}/lircexec.init ${D}${systemd_unitdir}/system/ + install -m 0644 ${WORKDIR}/lirc.tmpfiles ${D}${libdir}/tmpfiles.d/lirc.conf + else + rm -rf ${D}/lib fi - install -m 0644 ${WORKDIR}/lirc.tmpfiles ${D}${libdir}/tmpfiles.d/lirc.conf rm -rf ${D}${libdir}/lirc/plugins/*.la rmdir ${D}/var/run/lirc ${D}/var/run chown -R root:root ${D}${datadir}/lirc/contrib From ad5424492f4baf796b714a44d899bb291f0dfd51 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 26 Apr 2022 08:11:11 -0700 Subject: [PATCH 037/600] atkmm: Allow build with wayland MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 572510de18c6eedd9256b1c90ff42265ff0b836c) Signed-off-by: Armin Kuster --- meta-oe/recipes-gnome/atk/atkmm-2.36_2.36.1.bb | 2 +- meta-oe/recipes-gnome/atk/atkmm_2.28.2.bb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-gnome/atk/atkmm-2.36_2.36.1.bb b/meta-oe/recipes-gnome/atk/atkmm-2.36_2.36.1.bb index 9a5b1a1b834..0342b8a9f89 100644 --- a/meta-oe/recipes-gnome/atk/atkmm-2.36_2.36.1.bb +++ b/meta-oe/recipes-gnome/atk/atkmm-2.36_2.36.1.bb @@ -12,7 +12,7 @@ GNOMEBN = "atkmm" inherit gnomebase features_check -REQUIRED_DISTRO_FEATURES = "x11" +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI[archive.sha256sum] = "e11324bfed1b6e330a02db25cecc145dca03fb0dff47f0710c85e317687da458" diff --git a/meta-oe/recipes-gnome/atk/atkmm_2.28.2.bb b/meta-oe/recipes-gnome/atk/atkmm_2.28.2.bb index 1f9c28e5308..f6cb0a1e150 100644 --- a/meta-oe/recipes-gnome/atk/atkmm_2.28.2.bb +++ b/meta-oe/recipes-gnome/atk/atkmm_2.28.2.bb @@ -11,7 +11,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase features_check -REQUIRED_DISTRO_FEATURES = "x11" +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" SRC_URI[archive.sha256sum] = "a0bb49765ceccc293ab2c6735ba100431807d384ffa14c2ebd30e07993fd2fa4" From 775b1ebee45f129ea02421527c6ff0213e4683d2 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 26 Apr 2022 08:11:48 -0700 Subject: [PATCH 038/600] pangomm: Allow building with wayland MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 9abe74eb0bd53316b0bb3fe1d241c83e2674e72e) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/pango/pangomm_2.46.2.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/pango/pangomm_2.46.2.bb b/meta-oe/recipes-graphics/pango/pangomm_2.46.2.bb index 9959bdf0f0a..42074c14a15 100644 --- a/meta-oe/recipes-graphics/pango/pangomm_2.46.2.bb +++ b/meta-oe/recipes-graphics/pango/pangomm_2.46.2.bb @@ -10,8 +10,9 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase features_check +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" + SRC_URI[archive.sha256sum] = "57442ab4dc043877bfe3839915731ab2d693fc6634a71614422fb530c9eaa6f4" -REQUIRED_DISTRO_FEATURES = "x11" FILES:${PN} = "${libdir}/lib*.so.*" FILES:${PN}-dev += "${libdir}/*/include/ ${libdir}/pangomm-*/" From e7b312de5b098c79b53f9fa1d46ca20790e91718 Mon Sep 17 00:00:00 2001 From: Carlos Rafael Giani Date: Tue, 26 Apr 2022 11:43:47 +0200 Subject: [PATCH 039/600] pipewire: Upgrade to version 0.3.50 This is a bugfix release. Notably, this makes pw-dot work again - it required workarounds via pw-dump to output a non-empty dot graph in 0.3.49. Full changelog: https://gitlab.freedesktop.org/pipewire/pipewire/-/releases/0.3.50 0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch is no no longer needed since it has been merged and is part of 0.3.50. Signed-off-by: Carlos Rafael Giani Signed-off-by: Khem Raj (cherry picked from commit 9754901bb0bc85b4a41f0944a4dd18fddcd87d8e) Signed-off-by: Armin Kuster --- ...-to-enable-disable-legacy-RTKit-modu.patch | 44 ------------------- ...{pipewire_0.3.49.bb => pipewire_0.3.50.bb} | 6 +-- 2 files changed, 2 insertions(+), 48 deletions(-) delete mode 100644 meta-multimedia/recipes-multimedia/pipewire/files/0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch rename meta-multimedia/recipes-multimedia/pipewire/{pipewire_0.3.49.bb => pipewire_0.3.50.bb} (98%) diff --git a/meta-multimedia/recipes-multimedia/pipewire/files/0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch b/meta-multimedia/recipes-multimedia/pipewire/files/0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch deleted file mode 100644 index 61bcdb3dd43..00000000000 --- a/meta-multimedia/recipes-multimedia/pipewire/files/0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch +++ /dev/null @@ -1,44 +0,0 @@ -From b311f9e75f13205fd0738f7e89fd2062b9e7b237 Mon Sep 17 00:00:00 2001 -From: Carlos Rafael Giani -Date: Wed, 30 Mar 2022 19:44:38 +0200 -Subject: [PATCH] meson: Add option to enable/disable legacy RTKit module - -The RTKit module is being replaced by the RT module. Currently, it is -always built if D-Bus is present. For packagers, it can be beneficial to -be able to disable the legacy module. Add a Meson option to allow for -exactly that. Make it enabled by default to not change default behavior. - -Upstream-Status: Submitted [https://gitlab.freedesktop.org/pipewire/pipewire/-/merge_requests/1204] ---- - meson_options.txt | 4 ++++ - src/modules/meson.build | 2 +- - 2 files changed, 5 insertions(+), 1 deletion(-) - -diff --git a/meson_options.txt b/meson_options.txt -index 49d5b2203..2687bfe7e 100644 ---- a/meson_options.txt -+++ b/meson_options.txt -@@ -237,3 +237,7 @@ option('libcanberra', - description: 'Enable code that depends on libcanberra', - type: 'feature', - value: 'auto') -+option('legacy-rtkit', -+ description: 'Build legacy rtkit module', -+ type: 'boolean', -+ value: 'true') -diff --git a/src/modules/meson.build b/src/modules/meson.build -index ee724bf52..2d26cc459 100644 ---- a/src/modules/meson.build -+++ b/src/modules/meson.build -@@ -139,7 +139,7 @@ pipewire_module_rt = shared_library('pipewire-module-rt', [ 'module-rt.c' ], - dependencies : [dbus_dep, mathlib, dl_lib, pipewire_dep], - ) - --build_module_rtkit = dbus_dep.found() -+build_module_rtkit = dbus_dep.found() and (get_option('legacy-rtkit') == true) - if build_module_rtkit - # TODO: This serves as a temporary alias to prevent breaking existing setups - # while `module-rtkit` is being migrated to `module-rt` --- -2.32.0 - diff --git a/meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.49.bb b/meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.50.bb similarity index 98% rename from meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.49.bb rename to meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.50.bb index b821f4400bb..0d725b9ee20 100644 --- a/meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.49.bb +++ b/meta-multimedia/recipes-multimedia/pipewire/pipewire_0.3.50.bb @@ -13,10 +13,8 @@ LIC_FILES_CHKSUM = " \ DEPENDS = "dbus ncurses" -SRCREV = "075e7b266876802eab0077afd13ea8e1cee5e1fd" -SRC_URI = "git://gitlab.freedesktop.org/pipewire/pipewire.git;branch=master;protocol=https \ - file://0001-meson-Add-option-to-enable-disable-legacy-RTKit-modu.patch \ - " +SRCREV = "64cf5e80e6240284e6b757907b900507fe56f1b5" +SRC_URI = "git://gitlab.freedesktop.org/pipewire/pipewire.git;branch=master;protocol=https" S = "${WORKDIR}/git" From 5357c7a40eaf8d1bcf7ff58edbba8e9527e40c7d Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 27 Apr 2022 09:23:51 -0700 Subject: [PATCH 040/600] boinc-client: Make script install not depend on host install paths The install target is checking for install paths on build host assuming thats where it will run too, which breaks cross builds. Add a patch to aide the install from recipe. Signed-off-by: Khem Raj (cherry picked from commit bbc6fa72c378c792bdae35cae9b6ff165ee196c9) Signed-off-by: Armin Kuster --- ...Do-not-check-for-files-on-build-host.patch | 52 +++++++++++++++++++ .../boinc/boinc-client_7.18.1.bb | 18 +++---- 2 files changed, 60 insertions(+), 10 deletions(-) create mode 100644 meta-oe/recipes-extended/boinc/boinc-client/0001-scripts-Do-not-check-for-files-on-build-host.patch diff --git a/meta-oe/recipes-extended/boinc/boinc-client/0001-scripts-Do-not-check-for-files-on-build-host.patch b/meta-oe/recipes-extended/boinc/boinc-client/0001-scripts-Do-not-check-for-files-on-build-host.patch new file mode 100644 index 00000000000..6d9e94cb8a0 --- /dev/null +++ b/meta-oe/recipes-extended/boinc/boinc-client/0001-scripts-Do-not-check-for-files-on-build-host.patch @@ -0,0 +1,52 @@ +From 8a8305c78143438e2bd497d55188a0da3442db08 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Wed, 27 Apr 2022 09:11:38 -0700 +Subject: [PATCH] scripts: Do not check for files on build host + +This will result in varied behaviour depending upon what kind of host is +used to build it. We dont want that. Instead check for these files and +dirs in staging area and create these markers in recipe via a +do_install_prepend to aide install piece a bit here ( systemd vs +sysvinit ) etc. + +Upstream-Status: Inappropriate [OE-Specific] + +Signed-off-by: Khem Raj +--- + client/scripts/Makefile.am | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/client/scripts/Makefile.am b/client/scripts/Makefile.am +index 2a53203d84..62a0defa93 100644 +--- a/client/scripts/Makefile.am ++++ b/client/scripts/Makefile.am +@@ -2,21 +2,21 @@ + + install-exec-hook: + chmod +x boinc-client +- if [ -d /etc/init.d ] ; then \ ++ if [ -d $(DESTDIR)/etc/init.d ] ; then \ + $(INSTALL) -d $(DESTDIR)$(sysconfdir)/init.d ; \ + $(INSTALL) -b boinc-client $(DESTDIR)$(sysconfdir)/init.d/boinc-client ; \ + fi +- if [ -d /usr/lib/systemd/system ] ; then \ ++ if [ -d $(DESTDIR)/usr/lib/systemd/system ] ; then \ + $(INSTALL) -d $(DESTDIR)/usr/lib/systemd/system/ ; \ + $(INSTALL_DATA) boinc-client.service $(DESTDIR)/usr/lib/systemd/system/boinc-client.service ; \ +- elif [ -d /lib/systemd/system ] ; then \ ++ elif [ -d $(DESTDIR)/lib/systemd/system ] ; then \ + $(INSTALL) -d $(DESTDIR)/lib/systemd/system/ ; \ + $(INSTALL_DATA) boinc-client.service $(DESTDIR)/lib/systemd/system/boinc-client.service ; \ + fi +- if [ -d /etc/sysconfig ] ; then \ ++ if [ -d $(DESTDIR)/etc/sysconfig ] ; then \ + $(INSTALL) -d $(DESTDIR)$(sysconfdir)/sysconfig ; \ + $(INSTALL_DATA) $(srcdir)/boinc-client.conf $(DESTDIR)$(sysconfdir)/sysconfig/boinc-client ; \ +- elif [ -d /etc/default ] ; then \ ++ elif [ -d $(DESTDIR)/etc/default ] ; then \ + $(INSTALL) -d $(DESTDIR)$(sysconfdir)/default ; \ + $(INSTALL_DATA) $(srcdir)/boinc-client.conf $(DESTDIR)$(sysconfdir)/default/boinc-client ; \ + else \ +-- +2.36.0 + diff --git a/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb b/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb index abcb304d30f..8f85a508e7f 100644 --- a/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb +++ b/meta-oe/recipes-extended/boinc/boinc-client_7.18.1.bb @@ -35,6 +35,7 @@ SRC_URI = "git://github.com/BOINC/boinc;protocol=https;branch=${BRANCH} \ file://boinc-AM_CONDITIONAL.patch \ file://gtk-configure.patch \ file://4563.patch \ + file://0001-scripts-Do-not-check-for-files-on-build-host.patch \ " inherit gettext autotools pkgconfig features_check systemd @@ -75,17 +76,14 @@ do_compile:prepend () { sed -i -e 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' ${B}/libtool } -do_install:append() { - if ! ${@bb.utils.contains('DISTRO_FEATURES','usrmerge','true','false',d)} -a \ - -e ${D}${nonarch_libdir}/systemd/system/boinc-client.service; then - install -d ${D}${systemd_system_unitdir} - mv \ - ${D}${nonarch_libdir}/systemd/system/boinc-client.service \ - ${D}${systemd_system_unitdir}/boinc-client.service - rmdir --ignore-fail-on-non-empty ${D}${nonarch_libdir}/systemd/system \ - ${D}${nonarch_libdir}/systemd \ - ${D}${nonarch_libdir} +do_install:prepend() { + # help script install a bit to do right thing for OE + if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then + mkdir -p ${D}${systemd_system_unitdir} + else + mkdir -p ${D}${sysconfdir}/init.d fi + mkdir -p ${D}${sysconfdir}/default } SYSTEMD_SERVICE:${PN} = "boinc-client.service" From 99ae5037e5420ad72343027f7bac6d46428f4b04 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Thu, 28 Apr 2022 11:09:22 -0700 Subject: [PATCH 041/600] meta-oe-image: fix build depends add only when various DISTRO_FEATURES are enabled Signed-off-by: Armin Kuster Signed-off-by: Khem Raj (cherry picked from commit 73d50d2b4b61b44266e03722db295d0da7866d2d) Signed-off-by: Armin Kuster --- .../recipes-core/packagegroups/packagegroup-meta-oe.bb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb b/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb index bc3d4fefeb4..765edc5c5fb 100644 --- a/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb +++ b/meta-oe/recipes-core/packagegroups/packagegroup-meta-oe.bb @@ -96,7 +96,7 @@ RDEPENDS:packagegroup-meta-oe-bsp ="\ acpitool \ cpufrequtils \ edac-utils \ - firmwared \ + ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "firmwared", "", d)} \ flashrom \ fwupd \ fwupd-efi \ @@ -611,12 +611,12 @@ RDEPENDS:packagegroup-meta-oe-graphics ="\ surf \ tesseract-lang \ tesseract \ - tigervnc \ + ${@bb.utils.contains("DISTRO_FEATURES", "x11 pam", "tigervnc", "", d)} \ tslib \ unclutter-xfixes \ libvdpau \ xcursorgen \ - xscreensaver \ + ${@bb.utils.contains("DISTRO_FEATURES", "x11 pam", "xscreensaver", "", d)} \ yad \ parallel-deqp-runner \ ${@bb.utils.contains("DISTRO_FEATURES", "opengl", "opengl-es-cts", "", d)} \ @@ -729,7 +729,7 @@ RDEPENDS:packagegroup-meta-oe-support ="\ anthy \ atop \ ace-cloud-editor \ - driverctl \ + ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "driverctl", "", d)} \ frame \ ${@bb.utils.contains("DISTRO_FEATURES", "x11", "geis", "", d)} \ grail \ From 49a170035676d89add87bcf30c3249dcb2740b36 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 29 Apr 2022 21:51:10 +0800 Subject: [PATCH 042/600] frr: inherit autotools-brokensep instead of autotools There is a parallel build error in separate build directory: | /home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/8.2.2-r0/recipe-sysroot-native/usr/lib/clippy ../git/python/clidef.py -o isisd/isis_cli_clippy.c ../git/isisd/isis_cli.c | Traceback (most recent call last): | File "../git/python/clidef.py", line 466, in | clippy.wrdiff( | File "/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/8.2.2-r0/git/python/clippy/__init__.py", line 78, in wrdiff | with open(newname, "w") as out: | FileNotFoundError: [Errno 2] No such file or directory: 'isisd/isis_cli_clippy.c.new-372541' | make[1]: Leaving directory '/home/pokybuild/yocto-worker/meta-oe/build/build/tmp/work/core2-64-poky-linux/frr/8.2.2-r0/build' | make[1]: *** [Makefile:17386: isisd/isis_cli_clippy.c] Error 1 This is beacuse clidef.py only creates new file but doesn't check if parent directory exists. Inherit autotools-brokensep can fix this issue as these parent directories always exist in source directory. Also set ac_cv_path_PERL to '/usr/bin/env perl' to avoid path too long. Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 09a97158f80a779c3f45b3189adcddbd535e5baf) Signed-off-by: Armin Kuster --- meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 91e306f08ba..ceb94109dea 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -26,7 +26,7 @@ COMPATIBLE_HOST:armv5 = "null" # Error: PC-relative reference to a different section COMPATIBLE_HOST:mips64 = "null" -inherit autotools python3native pkgconfig useradd systemd +inherit autotools-brokensep python3native pkgconfig useradd systemd DEPENDS:class-native = "bison-native elfutils-native" DEPENDS:class-target = "bison-native json-c readline c-ares libyang frr-native" @@ -63,6 +63,8 @@ EXTRA_OECONF:class-target = "--sbindir=${libdir}/frr \ --with-clippy=${RECIPE_SYSROOT_NATIVE}/usr/lib/clippy \ " +CACHED_CONFIGUREVARS += "ac_cv_path_PERL='/usr/bin/env perl'" + LDFLAGS:append:mips = " -latomic" LDFLAGS:append:mipsel = " -latomic" LDFLAGS:append:powerpc = " -latomic" @@ -77,7 +79,7 @@ do_compile:class-native () { do_install:class-native () { install -d ${D}${libdir} - install -m 755 ${WORKDIR}/build/lib/clippy ${D}${libdir}/clippy + install -m 755 ${S}/lib/clippy ${D}${libdir}/clippy } do_install:append:class-target () { From 21b475078b9a89c4fe99099d0e376f51e8c78527 Mon Sep 17 00:00:00 2001 From: Bassem Boubaker Date: Fri, 29 Apr 2022 17:17:56 +0200 Subject: [PATCH 043/600] conntrack-tools: Fix missing capability The commit fix this error message: Do not forget that you need *root* or CAP_NET_ADMIN capabilities ;-) Signed-off-by: Khem Raj (cherry picked from commit 77c2fda04e406c210fe2a1870c8473748302bfb5) Signed-off-by: Armin Kuster --- .../recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb index de6a72e78af..e76238fe0a2 100644 --- a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb +++ b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb @@ -32,3 +32,8 @@ do_install:append() { sed -i 's!/var/!${localstatedir}/!g' ${D}/${sysconfdir}/init.d/conntrack-failover ${D}/${sysconfdir}/init.d/conntrackd ${D}/${sysconfdir}/conntrackd/conntrackd.conf.sample sed -i 's!^export PATH=.*!export PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}/${sysconfdir}/init.d/conntrackd } + +# fix error message: Do not forget that you need *root* or CAP_NET_ADMIN capabilities ;-) +pkg_postinst:${PN} () { + setcap cap_net_admin+ep $D/${sbindir}/conntrack" +} \ No newline at end of file From 3a34f2f641770ccd16a92930d2cda4b6c74e3615 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 30 Apr 2022 06:31:48 -0700 Subject: [PATCH 044/600] ufw: Fix packaging errors found with ppc64 default baselib in ppc64 is lib64 which catches this latent issue ERROR: ufw-0.36.1-r0 do_package: QA Issue: ufw: Files/directories were installed but not shipped in any package: /usr/lib/ufw /usr/lib/ufw/ufw-init /usr/lib/ufw/ufw-init-functions Signed-off-by: Khem Raj (cherry picked from commit 42e6f16583e36857152ccb53b177e74f20b02667) Signed-off-by: Armin Kuster --- meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb index 6dca784bf47..b6a768e08ad 100644 --- a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb +++ b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb @@ -63,7 +63,7 @@ INITSCRIPT_PARAMS = "defaults" FILES:${PN} += " \ ${sbindir}/* \ ${datadir}/ufw/* \ - /lib/ufw/* \ + ${nonarch_base_libdir}/ufw/* \ ${sysconfdir}/ufw/* \ ${sysconfdir}/default/ufw \ " From 353934eb66fc819622c86b856962af776dd6f242 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 30 Apr 2022 07:36:02 -0700 Subject: [PATCH 045/600] libcereal: Enable for glibc/ppc The error is not observed with glibc latest clang 14 Signed-off-by: Khem Raj (cherry picked from commit f3d8e41b9d9b6fa6df92178f379d18f7e7a6478a) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb index fc4fad708ad..80c962ead46 100644 --- a/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb +++ b/meta-oe/recipes-support/libcereal/libcereal_1.3.2.bb @@ -45,6 +45,6 @@ RDEPENDS:${PN}-dev = "" BBCLASSEXTEND = "native nativesdk" -#it needs to work with CXXFLAGS += " -mlong-double-64" but ppc64 only supports 128bit long double -COMPATIBLE_HOST:powerpc64le = "null" -COMPATIBLE_HOST:powerpc = "null" +#it needs to work with CXXFLAGS += " -mlong-double-64" but ppc only supports 128bit long double +COMPATIBLE_HOST:powerpc:libc-musl = "null" +COMPATIBLE_HOST:powerpc64le:libc-musl = "null" From 802b41d217c0f4556b6550f32712899b153c3664 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 30 Apr 2022 09:50:25 -0700 Subject: [PATCH 046/600] mimic: Use special rateconv.c license rateconv.c looks like BSD-2 but it has second clause modified significantly, therefore be specific about it. Signed-off-by: Khem Raj Cc: Alistair Francis (cherry picked from commit d901de434d2fee62e2a37c4150108921b2dd13e5) Signed-off-by: Armin Kuster --- .../recipes-multimedia/mimic/mimic_1.3.0.1.bb | 2 +- meta-oe/licenses/rateconv | 27 +++++++++++++++++++ 2 files changed, 28 insertions(+), 1 deletion(-) create mode 100644 meta-oe/licenses/rateconv diff --git a/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb b/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb index ac0165a5d07..76f51196aa7 100644 --- a/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb +++ b/meta-multimedia/recipes-multimedia/mimic/mimic_1.3.0.1.bb @@ -7,7 +7,7 @@ SECTION = "multimedia" LICENSE = "MIT & \ PD & \ CMU-Tex & \ - BSD & \ + rateconv & \ BSD-2-Clause & \ BSD-3-Clause & \ flite & \ diff --git a/meta-oe/licenses/rateconv b/meta-oe/licenses/rateconv new file mode 100644 index 00000000000..a0f5683a058 --- /dev/null +++ b/meta-oe/licenses/rateconv @@ -0,0 +1,27 @@ +Authors: Markus Mummert + +Copyright (c) 1992, 1995 by Markus Mummert + +License: + Redistribution and use of this software, modifcation and inclusion + into other forms of software are permitted provided that the following + conditions are met: + + 1. Redistributions of this software must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. If this software is redistributed in a modified condition + it must reveal clearly that it has been modified. + + THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A + PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR + CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR + PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY + OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE + USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + DAMAGE. + From 35b74d369a37cf79b781d969a761e746f61027b3 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 1 May 2022 07:58:36 -0700 Subject: [PATCH 047/600] makedumpfile: Use right TARGET for ppc32 Signed-off-by: Khem Raj (cherry picked from commit f994a19220ab42d3d8002adc89a04b3904020feb) Signed-off-by: Armin Kuster --- meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb b/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb index c3f965b041d..eb004c2ed5e 100644 --- a/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb +++ b/meta-oe/recipes-kernel/makedumpfile/makedumpfile_1.7.1.bb @@ -36,9 +36,13 @@ SECTION = "base" # If we do not specify TARGET, makedumpfile will build for the host but use the # target gcc. # + +MAKEDUMPFILE_TARGET ?= "${TARGET_ARCH}" +MAKEDUMPFILE_TARGET:powerpc = "ppc" + EXTRA_OEMAKE = "\ LINKTYPE=static \ - TARGET=${TARGET_ARCH} \ + TARGET=${MAKEDUMPFILE_TARGET} \ ${PACKAGECONFIG_CONFARGS} \ " From 9f4bdefa4153c9a07306c9729418dad7603a1eb7 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 1 May 2022 08:04:49 -0700 Subject: [PATCH 048/600] evince: Add dbus to depnedencies on non-x11 builds MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Fixes | Run-time dependency dbus-1 found: NO (tried pkgconfig) | | ../evince-42.2/meson.build:206:4: ERROR: Dependency "dbus-1" not found, tried pkgconfig Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 00f18248b93e0377d5e8a56fa2f7c859a39f661f) Signed-off-by: Armin Kuster --- meta-gnome/recipes-gnome/evince/evince_42.2.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-gnome/recipes-gnome/evince/evince_42.2.bb b/meta-gnome/recipes-gnome/evince/evince_42.2.bb index af6d74c1a0c..c9e5617e7eb 100644 --- a/meta-gnome/recipes-gnome/evince/evince_42.2.bb +++ b/meta-gnome/recipes-gnome/evince/evince_42.2.bb @@ -14,7 +14,7 @@ DEPENDS = " \ orc \ adwaita-icon-theme \ libhandy \ - ${@bb.utils.contains('DISTRO_FEATURES','x11','gnome-desktop','',d)} \ + ${@bb.utils.contains('DISTRO_FEATURES','x11','gnome-desktop','dbus',d)} \ " GNOMEBASEBUILDCLASS = "meson" From 947ff549c93c745bedcfbdbfd6ee1a84fbe72cbf Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 2 May 2022 10:42:19 -0700 Subject: [PATCH 049/600] evolution-data-server: Do not pass --library-path to gir compiler MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This is using LIB_INSTALL_DIR which is pointing to target libdir e.g. /usr/lib which is essentially a path inside sysroot but when passing it via --library-path, it ends up adding this to linker commandline via LD_LIBRARY_PATH and -rpath options which is flagged by gcc correctly as arm-yoe-linux-gnueabi/12.0.1/ld: warning: library search path "/usr/lib" is unsafe for cross-compilation | /usr/lib/libgio-2.0.so: file not recognized: file format not recognized | collect2: error: ld returned 1 exit status Signed-off-by: Khem Raj Cc: Andreas Müller (cherry picked from commit 578b9996891e0990b507efd635667339cbd101dd) Signed-off-by: Armin Kuster --- ...-cmake-Do-not-export-CC-into-gir-compiler.patch | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch b/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch index 8fd077cedcd..fda84acae7c 100644 --- a/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch +++ b/meta-gnome/recipes-gnome/evolution-data-server/evolution-data-server/0001-cmake-Do-not-export-CC-into-gir-compiler.patch @@ -1,6 +1,6 @@ ---- a/cmake/modules/GObjectIntrospection.cmake 2022-03-06 18:10:47.724184883 +0100 -+++ b/cmake/modules/GObjectIntrospection.cmake 2022-03-06 18:10:12.560450948 +0100 -@@ -122,9 +122,7 @@ +--- a/cmake/modules/GObjectIntrospection.cmake ++++ b/cmake/modules/GObjectIntrospection.cmake +@@ -122,9 +122,7 @@ macro(gir_add_introspection gir) file(WRITE ${CMAKE_CURRENT_BINARY_DIR}/${_gir_name}_files "${_gir_files}") add_custom_command( @@ -11,3 +11,11 @@ ${INTROSPECTION_SCANNER_ARGS} --namespace=${_gir_namespace} --nsversion=${_gir_version} +@@ -240,7 +238,6 @@ macro(gir_add_introspection_simple gir_l + ${_gir_identifies_prefixes} + ${_gir_deps} + --add-include-path=${SHARE_INSTALL_PREFIX}/gir-1.0 +- --library-path=${LIB_INSTALL_DIR} + ${_extra_library_path} + --pkg-export ${pkg_export_prefix}-${gir_library_version} + --c-include=${c_include} From aebfc98d89314df4321b54067e80246c82b61b32 Mon Sep 17 00:00:00 2001 From: Xu Huan Date: Thu, 28 Apr 2022 15:03:31 +0800 Subject: [PATCH 050/600] python3-astroid: upgrade 2.11.2 -> 2.11.3 Changelog: ========== Fixed an error in the Qt brain when building instance_attrs. Fixed a crash in the gi brain. Signed-off-by: Xu Huan Signed-off-by: Khem Raj (cherry picked from commit 890bf7dffe0446feec625aa5eaf8e49fa88659a9) Signed-off-by: Armin Kuster --- .../{python3-astroid_2.11.2.bb => python3-astroid_2.11.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-astroid_2.11.2.bb => python3-astroid_2.11.3.bb} (89%) diff --git a/meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb b/meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb similarity index 89% rename from meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb rename to meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb index c52008ee654..a2e91113744 100644 --- a/meta-python/recipes-devtools/python/python3-astroid_2.11.2.bb +++ b/meta-python/recipes-devtools/python/python3-astroid_2.11.3.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "LGPL-2.1-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=a70cf540abf41acb644ac3b621b2fad1" -SRC_URI[sha256sum] = "8d0a30fe6481ce919f56690076eafbb2fb649142a89dc874f1ec0e7a011492d0" +SRC_URI[sha256sum] = "4e5ba10571e197785e312966ea5efb2f5783176d4c1a73fa922d474ae2be59f7" inherit pypi setuptools3 From 204fd35a3d9581fbf6493cde7a72c0aa2ba7beac Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Fri, 29 Apr 2022 06:54:24 -0700 Subject: [PATCH 051/600] meta-python-image: Fix build depends Signed-off-by: Armin Kuster Signed-off-by: Khem Raj (cherry picked from commit 91f01ce558e27dea6c5307d58a0426f5ca54fa58) Signed-off-by: Armin Kuster --- .../packagegroups/packagegroup-meta-python.bb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb index f7bf3651921..fdeb83c42a6 100644 --- a/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb +++ b/meta-python/recipes-core/packagegroups/packagegroup-meta-python.bb @@ -12,9 +12,9 @@ PACKAGES = ' \ # FORTRAN:forcevariable = ",fortran" RDEPENDS:packagegroup-meta-python3 = "\ ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-systemd", "", d)} \ - ${@bb.utils.contains("DISTRO_FEATURES", "x11", "python3-blivetgui", "", d)} \ + ${@bb.utils.contains("DISTRO_FEATURES", "x11 systemd", "python3-blivetgui", "", d)} \ gyp \ - pamela \ + ${@bb.utils.contains("DISTRO_FEATURES", "pam", "pamela", "", d)} \ pyrtm \ python3-absl \ python3-aenum \ @@ -52,7 +52,7 @@ RDEPENDS:packagegroup-meta-python3 = "\ python3-bitstring \ python3-bitstruct \ python3-blinker \ - python3-blivet \ + ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-blivet", "", d)} \ python3-booleanpy \ python3-cachecontrol \ python3-cached-property \ @@ -84,7 +84,7 @@ RDEPENDS:packagegroup-meta-python3 = "\ python3-croniter \ python3-cson \ python3-custom-inherit \ - python3-cvxopt \ + ${@bb.utils.contains_any('FORTRAN', [',fortran',',f77'], 'python3-cvxopt', '', d)} \ python3-cycler \ python3-dateparser \ python3-dateutil \ @@ -327,7 +327,7 @@ RDEPENDS:packagegroup-meta-python3 = "\ python3-pyscaffold \ python3-pyserial \ python3-pysonos \ - python3-pystemd \ + ${@bb.utils.contains("DISTRO_FEATURES", "systemd", "python3-pystemd", "", d)} \ python3-pytest-asyncio \ python3-pytest-benchmark \ python3-pytest-cache \ From 94ca1426931e91e452ffeb014e7158cc9ce850f8 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 1 May 2022 09:14:36 -0700 Subject: [PATCH 052/600] python3-wxgtk4: Needs x11 for sip module sip/cpp/sip_corewxWindow.cpp requires gdk/gdkx.h which wont be built when gtk is built without x11, therefore require x11 when building this recipe, if gdkx.h is removed form includes then it fails ../../../../sip/cpp/sip_corewxWindow.cpp:56:16: error: unknown type name 'XID' static XID GetXWindow(const wxWindow* wxwin) { ^ ../../../../sip/cpp/sip_corewxWindow.cpp:59:28: error: use of undeclared identifier 'GDK_WINDOW_XID' return GDK_WINDOW_XID(gtk_widget_get_window((wxwin)->m_wxwindow)); ^ ../../../../sip/cpp/sip_corewxWindow.cpp:64:28: error: use of undeclared identifier 'GDK_WINDOW_XID' return GDK_WINDOW_XID(gtk_widget_get_window((wxwin)->m_widget)); ^ so it is using it and will need some work to get it going without x11 until then disable building it on non-x11 distros Signed-off-by: Khem Raj Cc: Robert Yang (cherry picked from commit e347168b10a69febd106d758faf20d95c4bd8b62) Signed-off-by: Armin Kuster --- .../recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb index 3583acc9cdf..6ec92c2ceca 100644 --- a/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb +++ b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb @@ -18,7 +18,7 @@ S = "${WORKDIR}/wxPython-${PV}" inherit pypi setuptools3 pkgconfig features_check -ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" +REQUIRED_DISTRO_FEATURES = "x11" export WX_CONFIG = "'${RECIPE_SYSROOT_NATIVE}${bindir}/wx-config --prefix=${STAGING_EXECPREFIXDIR} --baselib=${baselib}'" From 26f6e69689b20c36996deb67f520115332b42809 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Mon, 2 May 2022 15:00:56 -0700 Subject: [PATCH 053/600] meta-gnome: fix layer depends. meta-networking no longer depends on meta-python so add it separatily. Signed-off-by: Armin Kuster Signed-off-by: Khem Raj (cherry picked from commit f264601e7ddbc357ce294b4e23bc7b00d276f382) Signed-off-by: Armin Kuster --- meta-gnome/conf/layer.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-gnome/conf/layer.conf b/meta-gnome/conf/layer.conf index 2fb34851559..2406f5fca84 100644 --- a/meta-gnome/conf/layer.conf +++ b/meta-gnome/conf/layer.conf @@ -15,7 +15,7 @@ IMAGE_LINGUAS_COMPLEMENTARY:append = " ${@bb.utils.contains('DISTRO_FEATURES','h # cause compatibility issues with other layers LAYERVERSION_gnome-layer = "1" -LAYERDEPENDS_gnome-layer = "core openembedded-layer networking-layer" +LAYERDEPENDS_gnome-layer = "core openembedded-layer networking-layer meta-python" LAYERSERIES_COMPAT_gnome-layer = "kirkstone" From f2f81539dc348e8d42ec96aea74963e644b5c5d5 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Wed, 4 May 2022 11:44:16 +0800 Subject: [PATCH 054/600] networkmanager: fix parallel build failure Add dependency libnm_client_public_dep to libnm-client-test to fix parallel build error: | In file included from ../NetworkManager-1.36.0/src/libnm-client-test/nm-test-utils-impl.c:10: | ../NetworkManager-1.36.0/src/libnm-client-public/NetworkManager.h:47:10: fatal error: nm-enum-types.h: No such file or directory | 47 | #include "nm-enum-types.h" | | ^~~~~~~~~~~~~~~~~ Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit dedf55890abd21a198e16fca59ab8c7e5ff2ce62) Signed-off-by: Armin Kuster --- ...t-add-dependency-libnm_client_public.patch | 34 +++++++++++++++++++ .../networkmanager/networkmanager_1.36.2.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch diff --git a/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch b/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch new file mode 100644 index 00000000000..6be2d4bed17 --- /dev/null +++ b/meta-networking/recipes-connectivity/networkmanager/networkmanager/0001-libnm-client-test-add-dependency-libnm_client_public.patch @@ -0,0 +1,34 @@ +From 7b5dc04e1fcc28dc653fb7bf0e9dda3700d93218 Mon Sep 17 00:00:00 2001 +From: Yi Zhao +Date: Tue, 3 May 2022 15:30:37 +0800 +Subject: [PATCH] libnm-client-test: add dependency libnm_client_public_dep + +Fix parallel build error: +| In file included from ../NetworkManager-1.36.0/src/libnm-client-test/nm-test-utils-impl.c:10: +| ../NetworkManager-1.36.0/src/libnm-client-public/NetworkManager.h:47:10: fatal error: nm-enum-types.h: No such file or directory +| 47 | #include "nm-enum-types.h" +| | ^~~~~~~~~~~~~~~~~ + +Upstream-Status: Submitted +[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1206] + +Signed-off-by: Yi Zhao +--- + src/libnm-client-test/meson.build | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/libnm-client-test/meson.build b/src/libnm-client-test/meson.build +index 8e2fba1130..bcac437702 100644 +--- a/src/libnm-client-test/meson.build ++++ b/src/libnm-client-test/meson.build +@@ -13,6 +13,7 @@ libnm_client_test = static_library( + ], + dependencies: [ + libnm_core_public_dep, ++ libnm_client_public_dep, + glib_dep, + ], + ) +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb index b09ff18bf70..6c665d53bb5 100644 --- a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb +++ b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb @@ -29,6 +29,7 @@ SRC_URI = " \ file://enable-dhcpcd.conf \ file://enable-iwd.conf \ file://0001-do-not-ask-host-for-ifcfg-defaults.patch \ + file://0001-libnm-client-test-add-dependency-libnm_client_public.patch \ " SRC_URI[sha256sum] = "ab855cbe3b41832e9a3b003810e7c7313dfe19e630d29806d14d87fdd1470cab" From 6c63579af1bcbdfd92c97d1e268a2d6120a79016 Mon Sep 17 00:00:00 2001 From: Jiaqing Zhao Date: Thu, 5 May 2022 10:55:52 +0800 Subject: [PATCH 055/600] openldap: Remove libgcrypt dependency Since OpenLDAP 2.5.0, it uses nettle instead of gcrypt. Signed-off-by: Jiaqing Zhao Signed-off-by: Khem Raj (cherry picked from commit a5512ab27231d33f08a58cab4422c60b080c9067) Signed-off-by: Armin Kuster --- .../openldap/openldap-2.4.28-gnutls-gcrypt.patch | 15 --------------- .../recipes-support/openldap/openldap_2.5.9.bb | 3 +-- 2 files changed, 1 insertion(+), 17 deletions(-) delete mode 100644 meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch diff --git a/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch b/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch deleted file mode 100644 index 8cfd0033c8b..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/openldap-2.4.28-gnutls-gcrypt.patch +++ /dev/null @@ -1,15 +0,0 @@ -From http://sources.gentoo.org/cgi-bin/viewvc.cgi/gentoo-x86/net-nds/openldap/files/ - -Upstream-Status: Pending - ---- a/configure.ac -+++ b/configure.ac -@@ -1263,7 +1263,7 @@ if test $ol_link_tls = no ; then - ol_link_tls=yes - WITH_TLS_TYPE=gnutls - -- TLS_LIBS="-lgnutls" -+ TLS_LIBS="-lgnutls -lgcrypt" - - AC_DEFINE(HAVE_GNUTLS, 1, - [define if you have GNUtls]) diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.9.bb b/meta-oe/recipes-support/openldap/openldap_2.5.9.bb index 5ac5660cdfe..958a21b9c11 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.9.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.9.bb @@ -15,7 +15,6 @@ SECTION = "libs" LDAP_VER = "${@'.'.join(d.getVar('PV').split('.')[0:2])}" SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/${BP}.tgz \ - file://openldap-2.4.28-gnutls-gcrypt.patch \ file://use-urandom.patch \ file://initscript \ file://slapd.service \ @@ -51,7 +50,7 @@ PACKAGECONFIG ??= "asyncmeta gnutls modules \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " #--with-tls with TLS/SSL support auto|openssl|gnutls [auto] -PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls libgcrypt" +PACKAGECONFIG[gnutls] = "--with-tls=gnutls,,gnutls" PACKAGECONFIG[openssl] = "--with-tls=openssl,,openssl" PACKAGECONFIG[sasl] = "--with-cyrus-sasl,--without-cyrus-sasl,cyrus-sasl" From fe57c67d29e4974a294fc3c3e3411c9de0be6f22 Mon Sep 17 00:00:00 2001 From: Jiaqing Zhao Date: Thu, 5 May 2022 10:55:53 +0800 Subject: [PATCH 056/600] openldap: Upgrade 2.5.9 -> 2.5.12 License-Update: Copyright year updated to 2022 Signed-off-by: Jiaqing Zhao Signed-off-by: Khem Raj (cherry picked from commit 6c2bd3c0fae072e23f6572d5448fce5e5f4fae08) Signed-off-by: Armin Kuster --- .../openldap/{openldap_2.5.9.bb => openldap_2.5.12.bb} | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) rename meta-oe/recipes-support/openldap/{openldap_2.5.9.bb => openldap_2.5.12.bb} (97%) diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.9.bb b/meta-oe/recipes-support/openldap/openldap_2.5.12.bb similarity index 97% rename from meta-oe/recipes-support/openldap/openldap_2.5.9.bb rename to meta-oe/recipes-support/openldap/openldap_2.5.12.bb index 958a21b9c11..e4475e5069b 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.9.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.12.bb @@ -7,7 +7,7 @@ HOMEPAGE = "http://www.OpenLDAP.org/license.html" # basically BSD. opensource.org does not record this license # at present (so it is apparently not OSI certified). LICENSE = "OpenLDAP" -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=5cc6ef74da4ad25d707c4f5903d64975 \ +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=beceb5ac7100b6430640c61655b25c1f \ file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972 \ " SECTION = "libs" @@ -25,8 +25,7 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$ file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \ " -SRC_URI[md5sum] = "237fc2d881c27f8dd5d9f396e2865c11" -SRC_URI[sha256sum] = "c08e12f4ca5803d5d9f9948c70ad3491282cda3c17ec8b655dcbcb2364e6fb9e" +SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96" DEPENDS = "util-linux groff-native" From a6556526d1fb58d8a9805d1c8d6d8f754e17dd70 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Thu, 5 May 2022 17:33:08 +0800 Subject: [PATCH 057/600] s-nail: Set VAL_MTA Some build server may provide sendmail like /usr/lib/sendmail which may result the VAL_MTA to be /usr/lib/sendmail during do_configure, but the sendmail is actually /usr/sbin/sendmail on the target. Fixes: # echo "invalide address email" | s-nail -s "test mail" -r test@test.com tester@test.com s-nail: Cannot start /usr/lib/sendmail: executable not found (adjust *mta* variable) /home/root/dead.letter 10/234 s-nail: ... message not sent # which sendmail /usr/sbin/sendmail Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit f334a009472136b266c4f72612b549846df20c0e) Signed-off-by: Armin Kuster --- .../files/0001-make.rc-set-VAL_MTA.patch | 48 +++++++++++++++++++ .../recipes-extended/s-nail/s-nail_14.9.24.bb | 3 +- 2 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch diff --git a/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch b/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch new file mode 100644 index 00000000000..f4decda1413 --- /dev/null +++ b/meta-oe/recipes-extended/s-nail/files/0001-make.rc-set-VAL_MTA.patch @@ -0,0 +1,48 @@ +From da8c7a027390de7828d4272a3c8bcdbffbac25ad Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Thu, 5 May 2022 16:57:48 +0800 +Subject: [PATCH] make.rc: set VAL_MTA + +Some build server may provide sendmail like /usr/lib/sendmail which +may result the VAL_MTA to be /usr/lib/sendmail, but the sendmail +is actually /usr/sbin/sendmail on the target. + +Fixes: + # echo "invalide address email" | s-nail -s "test mail" -r test@test.com tester@test.com + s-nail: Cannot start /usr/lib/sendmail: executable not found (adjust *mta* variable) + /home/root/dead.letter 10/234 + s-nail: ... message not sent + + # which sendmail + /usr/sbin/sendmail + +Upstream-Status: Inappropriate[oe-specific] + +Signed-off-by: Mingli Yu +--- + make.rc | 9 +-------- + 1 file changed, 1 insertion(+), 8 deletions(-) + +diff --git a/make.rc b/make.rc +index 98bd968..45ac0d4 100644 +--- a/make.rc ++++ b/make.rc +@@ -96,14 +96,7 @@ VAL_MAIL=`\ + + # Path to the local MTA (Mail-Transfer-Agent). + # MTA aliases (aliases(5)) are optionally supported via OPT_MTA_ALIASES. +-VAL_MTA=`\ +- if [ -x /usr/bin/sendmail ]; then \ +- echo /usr/bin/sendmail;\ +- elif [ -x /usr/lib/sendmail ]; then \ +- echo /usr/lib/sendmail;\ +- else \ +- echo /usr/sbin/sendmail;\ +- fi` ++VAL_MTA=/usr/sbin/sendmail + + # Today a lot of systems no longer use sendmail(1), but a different MTA. + # To ensure compatibility with sendmail(1), a system called +-- +2.25.1 + diff --git a/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb b/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb index bc514b577a3..539f9c3c823 100644 --- a/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb +++ b/meta-oe/recipes-extended/s-nail/s-nail_14.9.24.bb @@ -6,7 +6,8 @@ LICENSE = "ISC & BSD-3-Clause & BSD-4-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=87266591c81260f10221f1f38872d023" SRC_URI = "https://ftp.sdaoden.eu/${BP}.tar.xz \ - file://make-errors.patch" + file://make-errors.patch \ + file://0001-make.rc-set-VAL_MTA.patch" SRC_URI[sha256sum] = "2714d6b8fb2af3b363fc7c79b76d058753716345d1b6ebcd8870ecd0e4f7ef8c" DEPENDS = "coreutils-native" From c8f5b7a278ad83e4c208e2aa56fa6d5542a3df6c Mon Sep 17 00:00:00 2001 From: Denys Dmytriyenko Date: Thu, 5 May 2022 21:51:25 +0000 Subject: [PATCH 058/600] devmem2: reinstate previous patches, removed by mistake This reverts commit 5e8f4720aaa3da7350ead06959cae0492133cd61. Signed-off-by: Denys Dmytriyenko Signed-off-by: Khem Raj (cherry picked from commit e192bd13ff2f39cc9762ca73d65a1c5537a70335) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/devmem2/devmem2.bb | 3 +- ...word-is-32-bit-and-add-support-for-6.patch | 70 ++++++++++++++ .../devmem2/devmem2/devmem2-fixups-2.patch | 91 +++++++++++++++++++ 3 files changed, 163 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch create mode 100644 meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb index 92c05fe065d..c6b8df5e47e 100644 --- a/meta-oe/recipes-support/devmem2/devmem2.bb +++ b/meta-oe/recipes-support/devmem2/devmem2.bb @@ -4,7 +4,8 @@ LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf9862 PR = "r7" SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \ - " + file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \ + file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch" S = "${WORKDIR}" diff --git a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch new file mode 100644 index 00000000000..2a57f29891d --- /dev/null +++ b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch @@ -0,0 +1,70 @@ +From 1360a907879dd24041797a3b709d49aeac2ab444 Mon Sep 17 00:00:00 2001 +From: Denys Dmytriyenko +Date: Tue, 29 May 2018 16:55:42 -0400 +Subject: [PATCH] devmem.c: ensure word is 32-bit and add support for 64-bit + long + +Signed-off-by: Denys Dmytriyenko +--- + devmem2.c | 23 +++++++++++++++++------ + 1 file changed, 17 insertions(+), 6 deletions(-) + +diff --git a/devmem2.c b/devmem2.c +index 5845381..68131b2 100644 +--- a/devmem2.c ++++ b/devmem2.c +@@ -39,6 +39,7 @@ + + #include + #include ++#include + #include + #include + #include +@@ -69,7 +70,7 @@ int main(int argc, char **argv) { + if(argc < 2) { + fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" + "\taddress : memory address to act upon\n" +- "\ttype : access operation type : [b]yte, [h]alfword, [w]ord\n" ++ "\ttype : access operation type : [b]yte, [h]alfword, [w]ord, [l]ong\n" + "\tdata : data to be written\n\n", + argv[0]); + exit(1); +@@ -103,9 +104,14 @@ int main(int argc, char **argv) { + read_result = *((unsigned short *) virt_addr); + break; + case 'w': +- data_size = sizeof(unsigned long); ++ data_size = sizeof(uint32_t); + virt_addr = fixup_addr(virt_addr, data_size); +- read_result = *((unsigned long *) virt_addr); ++ read_result = *((uint32_t *) virt_addr); ++ break; ++ case 'l': ++ data_size = sizeof(uint64_t); ++ virt_addr = fixup_addr(virt_addr, data_size); ++ read_result = *((uint64_t *) virt_addr); + break; + default: + fprintf(stderr, "Illegal data type '%c'.\n", access_type); +@@ -129,9 +135,14 @@ int main(int argc, char **argv) { + read_result = *((unsigned short *) virt_addr); + break; + case 'w': +- virt_addr = fixup_addr(virt_addr, sizeof(unsigned long)); +- *((unsigned long *) virt_addr) = write_val; +- read_result = *((unsigned long *) virt_addr); ++ virt_addr = fixup_addr(virt_addr, sizeof(uint32_t)); ++ *((uint32_t *) virt_addr) = write_val; ++ read_result = *((uint32_t *) virt_addr); ++ break; ++ case 'l': ++ virt_addr = fixup_addr(virt_addr, sizeof(uint64_t)); ++ *((uint64_t *) virt_addr) = write_val; ++ read_result = *((uint64_t *) virt_addr); + break; + } + sprintf(fmt_str, "Write at address 0x%%08lX (%%p): 0x%%0%dlX, " +-- +2.7.4 + diff --git a/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch b/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch new file mode 100644 index 00000000000..4517797fc74 --- /dev/null +++ b/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch @@ -0,0 +1,91 @@ +--- devmem2.c 2004-08-05 01:55:25.000000000 +0200 ++++ devmem2_modif.c 2011-01-13 15:48:37.798799784 +0100 +@@ -45,12 +45,16 @@ + #define MAP_SIZE 4096UL + #define MAP_MASK (MAP_SIZE - 1) + ++static inline void *fixup_addr(void *addr, size_t size); ++ + int main(int argc, char **argv) { + int fd; + void *map_base, *virt_addr; +- unsigned long read_result, writeval; ++ unsigned long read_result, write_val; + off_t target; + int access_type = 'w'; ++ char fmt_str[128]; ++ size_t data_size; + + if(argc < 2) { + fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" +@@ -79,38 +83,51 @@ + virt_addr = map_base + (target & MAP_MASK); + switch(access_type) { + case 'b': ++ data_size = sizeof(unsigned char); ++ virt_addr = fixup_addr(virt_addr, data_size); + read_result = *((unsigned char *) virt_addr); + break; + case 'h': ++ data_size = sizeof(unsigned short); ++ virt_addr = fixup_addr(virt_addr, data_size); + read_result = *((unsigned short *) virt_addr); + break; + case 'w': ++ data_size = sizeof(unsigned long); ++ virt_addr = fixup_addr(virt_addr, data_size); + read_result = *((unsigned long *) virt_addr); + break; + default: + fprintf(stderr, "Illegal data type '%c'.\n", access_type); + exit(2); + } +- printf("Value at address 0x%X (%p): 0x%X\n", target, virt_addr, read_result); ++ sprintf(fmt_str, "Read at address 0x%%08lX (%%p): 0x%%0%dlX\n", 2*data_size); ++ printf(fmt_str, (unsigned long)target, virt_addr, read_result); + fflush(stdout); + + if(argc > 3) { +- writeval = strtoul(argv[3], 0, 0); ++ write_val = strtoul(argv[3], 0, 0); + switch(access_type) { + case 'b': +- *((unsigned char *) virt_addr) = writeval; ++ virt_addr = fixup_addr(virt_addr, sizeof(unsigned char)); ++ *((unsigned char *) virt_addr) = write_val; + read_result = *((unsigned char *) virt_addr); + break; + case 'h': +- *((unsigned short *) virt_addr) = writeval; ++ virt_addr = fixup_addr(virt_addr, sizeof(unsigned short)); ++ *((unsigned short *) virt_addr) = write_val; + read_result = *((unsigned short *) virt_addr); + break; + case 'w': +- *((unsigned long *) virt_addr) = writeval; ++ virt_addr = fixup_addr(virt_addr, sizeof(unsigned long)); ++ *((unsigned long *) virt_addr) = write_val; + read_result = *((unsigned long *) virt_addr); + break; + } +- printf("Written 0x%X; readback 0x%X\n", writeval, read_result); ++ sprintf(fmt_str, "Write at address 0x%%08lX (%%p): 0x%%0%dlX, " ++ "readback 0x%%0%dlX\n", 2*data_size, 2*data_size); ++ printf(fmt_str, (unsigned long)target, virt_addr, ++ write_val, read_result); + fflush(stdout); + } + +@@ -119,3 +136,12 @@ + return 0; + } + ++static inline void *fixup_addr(void *addr, size_t size) ++{ ++#ifdef FORCE_STRICT_ALIGNMENT ++ unsigned long aligned_addr = (unsigned long)addr; ++ aligned_addr &= ~(size - 1); ++ addr = (void *)aligned_addr; ++#endif ++ return addr; ++} From b095a248cc9bcca613ff9277ecb8a704cde084e8 Mon Sep 17 00:00:00 2001 From: Denys Dmytriyenko Date: Thu, 5 May 2022 21:51:26 +0000 Subject: [PATCH 059/600] devmem2: add support for different page sizes Instead of hardcoding 4K page size, query the system and use the value for memory mapping. Signed-off-by: Denys Dmytriyenko Signed-off-by: Khem Raj (cherry picked from commit 3af1d119de53a92f4d0fbfb8a61f999d1d541253) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/devmem2/devmem2.bb | 4 ++- ...ort-different-page-sizes-at-run-time.patch | 35 +++++++++++++++++++ 2 files changed, 38 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb index c6b8df5e47e..ba7aad8ab9d 100644 --- a/meta-oe/recipes-support/devmem2/devmem2.bb +++ b/meta-oe/recipes-support/devmem2/devmem2.bb @@ -5,7 +5,9 @@ PR = "r7" SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \ file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \ - file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch" + file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \ + file://0001-devmem2-support-different-page-sizes-at-run-time.patch \ +" S = "${WORKDIR}" diff --git a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch new file mode 100644 index 00000000000..0da0732c57a --- /dev/null +++ b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch @@ -0,0 +1,35 @@ +From 0f6af48b2fbc71ec8abe862d3e9eb6da7b03538b Mon Sep 17 00:00:00 2001 +From: Denys Dmytriyenko +Date: Wed, 8 Aug 2018 14:38:00 -0400 +Subject: [PATCH] devmem2: support different page sizes at run-time + +Signed-off-by: Denys Dmytriyenko +--- + devmem2.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/devmem2.c b/devmem2.c +index 68131b2..76af2d6 100644 +--- a/devmem2.c ++++ b/devmem2.c +@@ -53,8 +53,6 @@ + #define FATAL do { fprintf(stderr, "Error at line %d, file %s (%d) [%s]\n", \ + __LINE__, __FILE__, errno, strerror(errno)); exit(1); } while(0) + +-#define MAP_SIZE 4096UL +-#define MAP_MASK (MAP_SIZE - 1) + + static inline void *fixup_addr(void *addr, size_t size); + +@@ -66,6 +64,8 @@ int main(int argc, char **argv) { + int access_type = 'w'; + char fmt_str[128]; + size_t data_size; ++ unsigned long MAP_SIZE = sysconf(_SC_PAGE_SIZE); ++ unsigned long MAP_MASK = (MAP_SIZE - 1); + + if(argc < 2) { + fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" +-- +2.7.4 + From 122685c98dfb7157ef9bade0e1addc1de9b2aff2 Mon Sep 17 00:00:00 2001 From: Michael Opdenacker Date: Fri, 6 May 2022 11:20:41 +0200 Subject: [PATCH 060/600] devmem2: update SRC_URI according to redirect http://www.free-electrons.com now redirects to https://bootlin.com Signed-off-by: Michael Opdenacker Signed-off-by: Khem Raj (cherry picked from commit 1c3465b4d79400e5a197328ec36a755b7b558aa9) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/devmem2/devmem2.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb index ba7aad8ab9d..70d4135216f 100644 --- a/meta-oe/recipes-support/devmem2/devmem2.bb +++ b/meta-oe/recipes-support/devmem2/devmem2.bb @@ -3,7 +3,7 @@ LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf" PR = "r7" -SRC_URI = "http://www.free-electrons.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \ +SRC_URI = "https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \ file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \ file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \ file://0001-devmem2-support-different-page-sizes-at-run-time.patch \ From 91bcdd0a70e4344c6da12c3ee11f838aacf279c1 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Fri, 6 May 2022 08:01:39 +0200 Subject: [PATCH 061/600] vboxguestdrivers: upgrade 6.1.32 -> 6.1.34 Signed-off-by: Gianfranco Costamagna Signed-off-by: Gianfranco Costamagna Signed-off-by: Khem Raj (cherry picked from commit 0716b34c88e47458ef2d068474ddabfdca7fc779) Signed-off-by: Armin Kuster --- .../{vboxguestdrivers_6.1.32.bb => vboxguestdrivers_6.1.34.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-support/vboxguestdrivers/{vboxguestdrivers_6.1.32.bb => vboxguestdrivers_6.1.34.bb} (97%) diff --git a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb similarity index 97% rename from meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb rename to meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb index a8cf32658c1..5e0accb2375 100644 --- a/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.32.bb +++ b/meta-oe/recipes-support/vboxguestdrivers/vboxguestdrivers_6.1.34.bb @@ -16,7 +16,7 @@ SRC_URI = "http://download.virtualbox.org/virtualbox/${PV}/${VBOX_NAME}.tar.bz2 file://0001-utils-fix-build-against-5.15-libc-headers-headers.patch \ " -SRC_URI[sha256sum] = "5d11384200b4e943ad0056d2cf75980ae4bee852c89650e2914e1b34eedc2d2c" +SRC_URI[sha256sum] = "9c3ce1829432e5b8374f950698587038f45fb0492147dc200e59edb9bb75eb49" S ?= "${WORKDIR}/vbox_module" S:task-patch = "${WORKDIR}/${VBOX_NAME}" From 166ef8dbb14ad98b2094a77fcf352f6c63d5abf2 Mon Sep 17 00:00:00 2001 From: Markus Volk Date: Fri, 6 May 2022 19:23:27 +0200 Subject: [PATCH 062/600] minidlna: fix obsolete license warning Signed-off-by: Markus Volk Signed-off-by: Khem Raj (cherry picked from commit f26d0085d7bbbffd5fcfe6a1bb67cc338ebd1cbb) Signed-off-by: Armin Kuster --- meta-multimedia/recipes-multimedia/minidlna/minidlna.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc b/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc index b913a839313..4959a3c8d70 100644 --- a/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc +++ b/meta-multimedia/recipes-multimedia/minidlna/minidlna.inc @@ -1,6 +1,6 @@ DESCRIPTION = "MiniDLNA (aka ReadyDLNA) is server software with the aim of \ being fully compliant with DLNA/UPnP-AV clients." -LICENSE = "GPL-2.0|BSD-3-Clause" +LICENSE = "GPL-2.0-only|BSD-3-Clause" DEPENDS = "ffmpeg flac libav jpeg sqlite3 libexif libogg libid3tag libvorbis" # because it depends on libav which has commercial flag From ab1e209414623d76c70835c058889a9750d9607a Mon Sep 17 00:00:00 2001 From: Nicolas Dechesne Date: Mon, 16 May 2022 20:05:42 +0200 Subject: [PATCH 063/600] imlib2: update SRC_URI The upstream repo location has changed, it's now https://git.enlightenment.org/old/legacy-imlib2 It's not clear when or why it happened, but the the commit hash we use in SRCREV exists in the 'new' location, so let's at least update the SRC_URI for now, and fix this warning: WARNING: imlib2-1.7.1-r0 do_fetch: Failed to fetch URL git://git.enlightenment.org/legacy/imlib2.git;protocol=https;branch=master, attempting MIRRORS if available Signed-off-by: Nicolas Dechesne Signed-off-by: Khem Raj (cherry picked from commit 62becef1091d21f487e826df7be7dcef3ab8f94c) Signed-off-by: Nicolas Dechesne Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/imlib2/imlib2_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/imlib2/imlib2_git.bb b/meta-oe/recipes-graphics/imlib2/imlib2_git.bb index 56d41cd394f..869f8123dbd 100644 --- a/meta-oe/recipes-graphics/imlib2/imlib2_git.bb +++ b/meta-oe/recipes-graphics/imlib2/imlib2_git.bb @@ -14,7 +14,7 @@ inherit autotools pkgconfig lib_package AUTO_LIBNAME_PKGS = "" -SRC_URI = "git://git.enlightenment.org/legacy/${BPN}.git;protocol=https;branch=master" +SRC_URI = "git://git.enlightenment.org/old/legacy-${BPN}.git;protocol=https;branch=master" S = "${WORKDIR}/git" PACKAGECONFIG ??= "jpeg png zlib ${@bb.utils.filter('DISTRO_FEATURES', 'x11', d)}" From 797684d24fd90a1cd713acd64b8c495d95df5933 Mon Sep 17 00:00:00 2001 From: Richard Neill Date: Thu, 12 May 2022 13:44:05 +0100 Subject: [PATCH 064/600] bats: Add patch to fix false-negatives caused by teardown code BATS v1.6.0 has a regression which can result in test case failures being ignored when teardown code executes successfully. This patch applies the accepted bug-fix until the next BATS release. Also, fix a comment that wasn't updated during the BATS upgrade, to match the correct release (v1.6.0) associated with the SRCREV. Signed-off-by: Richard Neill Signed-off-by: Armin Kuster --- meta-oe/recipes-test/bats/bats_1.6.0.bb | 8 +- ...tus-in-teardown-overriding-exit-code.patch | 150 ++++++++++++++++++ 2 files changed, 156 insertions(+), 2 deletions(-) create mode 100644 meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch diff --git a/meta-oe/recipes-test/bats/bats_1.6.0.bb b/meta-oe/recipes-test/bats/bats_1.6.0.bb index 7ea1aa8f3d0..df81595c92b 100644 --- a/meta-oe/recipes-test/bats/bats_1.6.0.bb +++ b/meta-oe/recipes-test/bats/bats_1.6.0.bb @@ -6,8 +6,12 @@ HOMEPAGE = "https://github.com/bats-core/bats-core" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2970203aedf9e829edb96a137a4fe81b" -SRC_URI = "git://github.com/bats-core/bats-core.git;branch=master;protocol=https" -# v1.4.1 +SRC_URI = "\ + git://github.com/bats-core/bats-core.git;branch=master;protocol=https \ + file://0001-Fix-status-in-teardown-overriding-exit-code.patch \ + " + +# v1.6.0 SRCREV = "210acf3a8ed318ddedad3137c15451739beba7d4" S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch b/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch new file mode 100644 index 00000000000..f4b1db93197 --- /dev/null +++ b/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch @@ -0,0 +1,150 @@ +From aa628ccdc4dec1c129c1bd98b53ef94d8c2e119a Mon Sep 17 00:00:00 2001 +From: Richard Neill +Date: Mon, 9 May 2022 12:20:48 +0100 +Subject: [PATCH] Fix status in teardown* overriding exit code + +Patch fixes regression which produces false-negatives in v1.6.0, where the +teardown function can cause BATS to report success even if test cases fail. +Fixes: https://github.com/bats-core/bats-core/issues/575 + +Upstream-Status: Backport [Adapted from https://github.com/bats-core/bats-core/commit/5f372058b05f817e4e3a8dab27f83c30fd467504] +Signed-off-by: Richard Neill +--- + libexec/bats-core/bats-exec-file | 18 ++++++++---------- + libexec/bats-core/bats-exec-suite | 12 ++++++------ + libexec/bats-core/bats-exec-test | 8 ++++---- + 3 files changed, 18 insertions(+), 20 deletions(-) + +diff --git a/libexec/bats-core/bats-exec-file b/libexec/bats-core/bats-exec-file +index 298441b..63452c7 100755 +--- a/libexec/bats-core/bats-exec-file ++++ b/libexec/bats-core/bats-exec-file +@@ -118,7 +118,6 @@ bats_run_teardown_file() { + + bats_file_teardown_trap() { + bats_run_teardown_file +- local status=0 + bats_file_exit_trap + } + +@@ -144,9 +143,9 @@ bats_file_exit_trap() { + bats_print_failed_command "${stack_trace[@]}" >&3 + bats_prefix_lines_for_tap_output < "$BATS_OUT" | bats_replace_filename >&3 + rm -rf "$BATS_OUT" +- status=1 ++ bats_exec_file_status=1 + fi +- exit $status ++ exit $bats_exec_file_status + } + + function setup_file() { +@@ -250,15 +249,15 @@ bats_read_tests_list_file() { + } + + bats_run_tests() { +- status=0 ++ bats_exec_file_status=0 + + if [[ "$num_jobs" != 1 && "${BATS_NO_PARALLELIZE_WITHIN_FILE-False}" == False ]]; then + export BATS_SEMAPHORE_NUMBER_OF_SLOTS="$num_jobs" +- bats_run_tests_in_parallel "$BATS_RUN_TMPDIR/parallel_output" || status=1 ++ bats_run_tests_in_parallel "$BATS_RUN_TMPDIR/parallel_output" || bats_exec_file_status=1 + else + for test_name in "${tests_to_run[@]}"; do + if [[ "${BATS_INTERRUPTED-NOTSET}" != NOTSET ]]; then +- status=130 # bash's code for SIGINT exits ++ bats_exec_file_status=130 # bash's code for SIGINT exits + break + fi + # Only handle non-empty lines +@@ -267,14 +266,13 @@ bats_run_tests() { + ((++test_number_in_file)) + # deal with empty flags to avoid spurious "unbound variable" errors on Bash 4.3 and lower + if [[ "${#flags[@]}" -gt 0 ]]; then +- "$BATS_LIBEXEC/bats-exec-test" "${flags[@]}" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || status=1 ++ "$BATS_LIBEXEC/bats-exec-test" "${flags[@]}" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || bats_exec_file_status=1 + else +- "$BATS_LIBEXEC/bats-exec-test" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || status=1 ++ "$BATS_LIBEXEC/bats-exec-test" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || bats_exec_file_status=1 + fi + fi + done + fi +- export status + } + + bats_create_file_tempdirs() { +@@ -322,4 +320,4 @@ bats_run_tests + trap bats_interrupt_trap INT + bats_run_teardown_file + +-exit $status ++exit $bats_exec_file_status +diff --git a/libexec/bats-core/bats-exec-suite b/libexec/bats-core/bats-exec-suite +index 05c66f4..4d440ae 100755 +--- a/libexec/bats-core/bats-exec-suite ++++ b/libexec/bats-core/bats-exec-suite +@@ -135,10 +135,10 @@ bats_exit_trap() { + if [[ ${BATS_INTERRUPTED-NOTSET} != NOTSET ]]; then + printf "\n# Received SIGINT, aborting ...\n\n" + fi +- exit "$status" ++ exit "$bats_exec_suite_status" + } + +-status=0 ++bats_exec_suite_status=0 + printf '1..%d\n' "${test_count}" + + # No point on continuing if there's no tests. +@@ -163,15 +163,15 @@ if [[ "$num_jobs" -gt 1 ]] && [[ -z "$bats_no_parallelize_across_files" ]]; then + # shellcheck disable=SC2086,SC2068 + # we need to handle the quoting of ${flags[@]} ourselves, + # because parallel can only quote it as one +- parallel --keep-order --jobs "$num_jobs" bats-exec-file "$(printf "%q " "${flags[@]}")" "{}" "$TESTS_LIST_FILE" ::: "${BATS_UNIQUE_TEST_FILENAMES[@]}" 2>&1 || status=1 ++ parallel --keep-order --jobs "$num_jobs" bats-exec-file "$(printf "%q " "${flags[@]}")" "{}" "$TESTS_LIST_FILE" ::: "${BATS_UNIQUE_TEST_FILENAMES[@]}" 2>&1 || bats_exec_suite_status=1 + else + for filename in "${BATS_UNIQUE_TEST_FILENAMES[@]}"; do + if [[ "${BATS_INTERRUPTED-NOTSET}" != NOTSET ]]; then +- status=130 # bash's code for SIGINT exits ++ bats_exec_suite_status=130 # bash's code for SIGINT exits + break + fi +- bats-exec-file "${flags[@]}" "$filename" "${TESTS_LIST_FILE}" || status=1 ++ bats-exec-file "${flags[@]}" "$filename" "${TESTS_LIST_FILE}" || bats_exec_suite_status=1 + done + fi + +-exit "$status" ++exit "$bats_exec_suite_status" +diff --git a/libexec/bats-core/bats-exec-test b/libexec/bats-core/bats-exec-test +index aae4572..57bdf18 100755 +--- a/libexec/bats-core/bats-exec-test ++++ b/libexec/bats-core/bats-exec-test +@@ -94,18 +94,18 @@ source "$BATS_ROOT/lib/bats-core/tracing.bash" + + bats_teardown_trap() { + bats_check_status_from_trap +- local status=0 ++ local bats_teardown_trap_status=0 + # mark the start of this function to distinguish where skip is called + # parameter 1 will signify the reason why this function was called + # this is used to identify when this is called as exit trap function + BATS_TEARDOWN_STARTED=${1:-1} +- teardown >>"$BATS_OUT" 2>&1 || status="$?" ++ teardown >>"$BATS_OUT" 2>&1 || bats_teardown_trap_status="$?" + +- if [[ $status -eq 0 ]]; then ++ if [[ $bats_teardown_trap_status -eq 0 ]]; then + BATS_TEARDOWN_COMPLETED=1 + elif [[ -n "$BATS_TEST_COMPLETED" ]]; then + BATS_DEBUG_LAST_STACK_TRACE_IS_VALID=1 +- BATS_ERROR_STATUS="$status" ++ BATS_ERROR_STATUS="$bats_teardown_trap_status" + fi + + bats_exit_trap +-- +2.25.1 + From 8c0dca4053dfb7305151be384a06021ec723358e Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Sat, 14 May 2022 09:51:20 +0200 Subject: [PATCH 065/600] ostree: prevent ostree-native depending on target virtual/kernel to provide kernel-module-overlay Signed-off-by: Martin Jansa Signed-off-by: Khem Raj (cherry picked from commit c06c5b71eefaa29c5d1b0f3b3cdcfb03663e4d75) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/ostree/ostree_2021.6.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/ostree/ostree_2021.6.bb b/meta-oe/recipes-extended/ostree/ostree_2021.6.bb index cf149aef9d3..b186ba14801 100644 --- a/meta-oe/recipes-extended/ostree/ostree_2021.6.bb +++ b/meta-oe/recipes-extended/ostree/ostree_2021.6.bb @@ -201,7 +201,7 @@ RDEPENDS:${PN}-ptest += " \ " RDEPENDS:${PN}-ptest:append:libc-glibc = " glibc-utils glibc-localedata-en-us" -RRECOMMENDS:${PN} += "kernel-module-overlay" +RRECOMMENDS:${PN}:append:class-target = " kernel-module-overlay" SYSTEMD_SERVICE:${PN} = "ostree-remount.service ostree-finalize-staged.path" SYSTEMD_SERVICE:${PN}-switchroot = "ostree-prepare-root.service" From 3a76ff41af4a3496c0f06e685352b2a7ea3156c6 Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Thu, 19 May 2022 16:10:11 +0100 Subject: [PATCH 066/600] conntrack-tools: fix postinst script Fix error caused by postinst script of conntrack-tools: | /var/tmp/rpm-tmp.or09Iq: line 4: unexpected EOF while looking for matching `"' | %post(conntrack-tools-1.4.6-r0.core2_64): waitpid(1173) rc 1173 status 200 | warning: %post(conntrack-tools-1.4.6-r0.core2_64) scriptlet failed, exit status 2 Signed-off-by: Kai Kang Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- .../recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb index e76238fe0a2..50f7ced88de 100644 --- a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb +++ b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb @@ -35,5 +35,5 @@ do_install:append() { # fix error message: Do not forget that you need *root* or CAP_NET_ADMIN capabilities ;-) pkg_postinst:${PN} () { - setcap cap_net_admin+ep $D/${sbindir}/conntrack" -} \ No newline at end of file + setcap cap_net_admin+ep "$D/${sbindir}/conntrack" +} From 0b78362654262145415df8211052442823b9ec9b Mon Sep 17 00:00:00 2001 From: Diego Sueiro Date: Mon, 16 May 2022 13:28:48 +0100 Subject: [PATCH 067/600] bats: upgrade 1.6.0 -> 1.6.1 The 1.6.1 incorporates the 0001-Fix-status-in-teardown-overriding-exit-code.patch backport patch. Changelog: ========== Fixed: ------ prevent teardown, teardown_file, and teardown_suite from overriding bats' exit code by setting $status (e.g. via calling run) (#581, #575) CRITICAL: this can return exit code 0 despite failed tests, thus preventing your CI from reporting test failures! The regression happened in version 1.6.0. Documentation: -------------- corrected invalid documentation of run -N (had =N instead) (#579) CRITICAL: using the incorrect form can lead to silent errors. See issue #578 for more details and how to find out if your tests are affected. Signed-off-by: Diego Sueiro Signed-off-by: Khem Raj (cherry picked from commit 72fbb8379fc47ec77cdcb1c15e992d99d205ced2) Signed-off-by: Armin Kuster --- .../bats/{bats_1.6.0.bb => bats_1.6.1.bb} | 7 +- ...tus-in-teardown-overriding-exit-code.patch | 150 ------------------ 2 files changed, 3 insertions(+), 154 deletions(-) rename meta-oe/recipes-test/bats/{bats_1.6.0.bb => bats_1.6.1.bb} (82%) delete mode 100644 meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch diff --git a/meta-oe/recipes-test/bats/bats_1.6.0.bb b/meta-oe/recipes-test/bats/bats_1.6.1.bb similarity index 82% rename from meta-oe/recipes-test/bats/bats_1.6.0.bb rename to meta-oe/recipes-test/bats/bats_1.6.1.bb index df81595c92b..7d72a5198bf 100644 --- a/meta-oe/recipes-test/bats/bats_1.6.0.bb +++ b/meta-oe/recipes-test/bats/bats_1.6.1.bb @@ -7,12 +7,11 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE.md;md5=2970203aedf9e829edb96a137a4fe81b" SRC_URI = "\ - git://github.com/bats-core/bats-core.git;branch=master;protocol=https \ - file://0001-Fix-status-in-teardown-overriding-exit-code.patch \ + git://github.com/bats-core/bats-core.git;branch=version/1.6.x;protocol=https \ " -# v1.6.0 -SRCREV = "210acf3a8ed318ddedad3137c15451739beba7d4" +# v1.6.1 +SRCREV = "1977254c2a7faa2e0af17355856f91dc471d1daa" S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch b/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch deleted file mode 100644 index f4b1db93197..00000000000 --- a/meta-oe/recipes-test/bats/files/0001-Fix-status-in-teardown-overriding-exit-code.patch +++ /dev/null @@ -1,150 +0,0 @@ -From aa628ccdc4dec1c129c1bd98b53ef94d8c2e119a Mon Sep 17 00:00:00 2001 -From: Richard Neill -Date: Mon, 9 May 2022 12:20:48 +0100 -Subject: [PATCH] Fix status in teardown* overriding exit code - -Patch fixes regression which produces false-negatives in v1.6.0, where the -teardown function can cause BATS to report success even if test cases fail. -Fixes: https://github.com/bats-core/bats-core/issues/575 - -Upstream-Status: Backport [Adapted from https://github.com/bats-core/bats-core/commit/5f372058b05f817e4e3a8dab27f83c30fd467504] -Signed-off-by: Richard Neill ---- - libexec/bats-core/bats-exec-file | 18 ++++++++---------- - libexec/bats-core/bats-exec-suite | 12 ++++++------ - libexec/bats-core/bats-exec-test | 8 ++++---- - 3 files changed, 18 insertions(+), 20 deletions(-) - -diff --git a/libexec/bats-core/bats-exec-file b/libexec/bats-core/bats-exec-file -index 298441b..63452c7 100755 ---- a/libexec/bats-core/bats-exec-file -+++ b/libexec/bats-core/bats-exec-file -@@ -118,7 +118,6 @@ bats_run_teardown_file() { - - bats_file_teardown_trap() { - bats_run_teardown_file -- local status=0 - bats_file_exit_trap - } - -@@ -144,9 +143,9 @@ bats_file_exit_trap() { - bats_print_failed_command "${stack_trace[@]}" >&3 - bats_prefix_lines_for_tap_output < "$BATS_OUT" | bats_replace_filename >&3 - rm -rf "$BATS_OUT" -- status=1 -+ bats_exec_file_status=1 - fi -- exit $status -+ exit $bats_exec_file_status - } - - function setup_file() { -@@ -250,15 +249,15 @@ bats_read_tests_list_file() { - } - - bats_run_tests() { -- status=0 -+ bats_exec_file_status=0 - - if [[ "$num_jobs" != 1 && "${BATS_NO_PARALLELIZE_WITHIN_FILE-False}" == False ]]; then - export BATS_SEMAPHORE_NUMBER_OF_SLOTS="$num_jobs" -- bats_run_tests_in_parallel "$BATS_RUN_TMPDIR/parallel_output" || status=1 -+ bats_run_tests_in_parallel "$BATS_RUN_TMPDIR/parallel_output" || bats_exec_file_status=1 - else - for test_name in "${tests_to_run[@]}"; do - if [[ "${BATS_INTERRUPTED-NOTSET}" != NOTSET ]]; then -- status=130 # bash's code for SIGINT exits -+ bats_exec_file_status=130 # bash's code for SIGINT exits - break - fi - # Only handle non-empty lines -@@ -267,14 +266,13 @@ bats_run_tests() { - ((++test_number_in_file)) - # deal with empty flags to avoid spurious "unbound variable" errors on Bash 4.3 and lower - if [[ "${#flags[@]}" -gt 0 ]]; then -- "$BATS_LIBEXEC/bats-exec-test" "${flags[@]}" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || status=1 -+ "$BATS_LIBEXEC/bats-exec-test" "${flags[@]}" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || bats_exec_file_status=1 - else -- "$BATS_LIBEXEC/bats-exec-test" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || status=1 -+ "$BATS_LIBEXEC/bats-exec-test" "$filename" "$test_name" "$test_number_in_suite" "$test_number_in_file" || bats_exec_file_status=1 - fi - fi - done - fi -- export status - } - - bats_create_file_tempdirs() { -@@ -322,4 +320,4 @@ bats_run_tests - trap bats_interrupt_trap INT - bats_run_teardown_file - --exit $status -+exit $bats_exec_file_status -diff --git a/libexec/bats-core/bats-exec-suite b/libexec/bats-core/bats-exec-suite -index 05c66f4..4d440ae 100755 ---- a/libexec/bats-core/bats-exec-suite -+++ b/libexec/bats-core/bats-exec-suite -@@ -135,10 +135,10 @@ bats_exit_trap() { - if [[ ${BATS_INTERRUPTED-NOTSET} != NOTSET ]]; then - printf "\n# Received SIGINT, aborting ...\n\n" - fi -- exit "$status" -+ exit "$bats_exec_suite_status" - } - --status=0 -+bats_exec_suite_status=0 - printf '1..%d\n' "${test_count}" - - # No point on continuing if there's no tests. -@@ -163,15 +163,15 @@ if [[ "$num_jobs" -gt 1 ]] && [[ -z "$bats_no_parallelize_across_files" ]]; then - # shellcheck disable=SC2086,SC2068 - # we need to handle the quoting of ${flags[@]} ourselves, - # because parallel can only quote it as one -- parallel --keep-order --jobs "$num_jobs" bats-exec-file "$(printf "%q " "${flags[@]}")" "{}" "$TESTS_LIST_FILE" ::: "${BATS_UNIQUE_TEST_FILENAMES[@]}" 2>&1 || status=1 -+ parallel --keep-order --jobs "$num_jobs" bats-exec-file "$(printf "%q " "${flags[@]}")" "{}" "$TESTS_LIST_FILE" ::: "${BATS_UNIQUE_TEST_FILENAMES[@]}" 2>&1 || bats_exec_suite_status=1 - else - for filename in "${BATS_UNIQUE_TEST_FILENAMES[@]}"; do - if [[ "${BATS_INTERRUPTED-NOTSET}" != NOTSET ]]; then -- status=130 # bash's code for SIGINT exits -+ bats_exec_suite_status=130 # bash's code for SIGINT exits - break - fi -- bats-exec-file "${flags[@]}" "$filename" "${TESTS_LIST_FILE}" || status=1 -+ bats-exec-file "${flags[@]}" "$filename" "${TESTS_LIST_FILE}" || bats_exec_suite_status=1 - done - fi - --exit "$status" -+exit "$bats_exec_suite_status" -diff --git a/libexec/bats-core/bats-exec-test b/libexec/bats-core/bats-exec-test -index aae4572..57bdf18 100755 ---- a/libexec/bats-core/bats-exec-test -+++ b/libexec/bats-core/bats-exec-test -@@ -94,18 +94,18 @@ source "$BATS_ROOT/lib/bats-core/tracing.bash" - - bats_teardown_trap() { - bats_check_status_from_trap -- local status=0 -+ local bats_teardown_trap_status=0 - # mark the start of this function to distinguish where skip is called - # parameter 1 will signify the reason why this function was called - # this is used to identify when this is called as exit trap function - BATS_TEARDOWN_STARTED=${1:-1} -- teardown >>"$BATS_OUT" 2>&1 || status="$?" -+ teardown >>"$BATS_OUT" 2>&1 || bats_teardown_trap_status="$?" - -- if [[ $status -eq 0 ]]; then -+ if [[ $bats_teardown_trap_status -eq 0 ]]; then - BATS_TEARDOWN_COMPLETED=1 - elif [[ -n "$BATS_TEST_COMPLETED" ]]; then - BATS_DEBUG_LAST_STACK_TRACE_IS_VALID=1 -- BATS_ERROR_STATUS="$status" -+ BATS_ERROR_STATUS="$bats_teardown_trap_status" - fi - - bats_exit_trap --- -2.25.1 - From 6104aead933382cd1d627bb6b9fe1b68195c878d Mon Sep 17 00:00:00 2001 From: Julien STEPHAN Date: Wed, 11 May 2022 10:14:09 +0200 Subject: [PATCH 068/600] libcamera: fix packaging libcamera.so.0 and libcamera-base.so.0 are packaged in ${PN}-dev although they should be packaged in ${PN}. See poky/meta/conf/bitbake.conf. This trigger the following error when trying to run the `cam` utility (packaged inside ${PN}): $ cam -l cam: error while loading shared libraries: libcamera.so.0: cannot open shared object file: No such file or directory $ read-elf -d /usr/bin/cam Dynamic section at offset 0x2c740 contains 37 entries: Tag Type Name/Value 0x0000000000000001 (NEEDED) Shared library: [libcamera.so.0] 0x0000000000000001 (NEEDED) Shared library: [libcamera-base.so.0] [...] So package libcamera is broken and need to be installed along with libcamera-dev to be functionnal. Fix it by packaging libcamera.so.0 and libcamera-base.so.0 into ${PN} Signed-off-by: Julien STEPHAN Signed-off-by: Khem Raj (cherry picked from commit 3de996474e0b7fdff1d265fcad747bd60851b1eb) Signed-off-by: Armin Kuster --- meta-multimedia/recipes-multimedia/libcamera/libcamera.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb b/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb index 71362606994..0b9f3f7a5d6 100644 --- a/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb +++ b/meta-multimedia/recipes-multimedia/libcamera/libcamera.bb @@ -64,10 +64,10 @@ do_recalculate_ipa_signatures_package() { FILES:${PN}-dev = "${includedir} ${libdir}/pkgconfig" FILES:${PN}-dev += " ${libdir}/libcamera.so" -FILES:${PN}-dev += " ${libdir}/libcamera.so.0" +FILES:${PN} += " ${libdir}/libcamera.so.0" FILES:${PN} += " ${libdir}/libcamera.so.0.0.0" FILES:${PN}-dev += " ${libdir}/libcamera-base.so" -FILES:${PN}-dev += " ${libdir}/libcamera-base.so.0" +FILES:${PN} += " ${libdir}/libcamera-base.so.0" FILES:${PN} += " ${libdir}/libcamera-base.so.0.0.0" FILES:${PN} += " ${libdir}/v4l2-compat.so" FILES:${PN}-gst = "${libdir}/gstreamer-1.0/libgstlibcamera.so" From 2c051c65a4618d8f832af888ac275b9040641178 Mon Sep 17 00:00:00 2001 From: Joerg Vehlow Date: Thu, 12 May 2022 11:03:32 +0200 Subject: [PATCH 069/600] jq: Fix typo OE_EXTRACONF -> EXTRA_OECONF Signed-off-by: Joerg Vehlow Signed-off-by: Khem Raj (cherry picked from commit 1aa9d7d53d05b01727a8fdc2079f7c00e273fc13) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/jq/jq_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/jq/jq_git.bb b/meta-oe/recipes-devtools/jq/jq_git.bb index d0c70da76f5..8b0218c83e7 100644 --- a/meta-oe/recipes-devtools/jq/jq_git.bb +++ b/meta-oe/recipes-devtools/jq/jq_git.bb @@ -21,7 +21,7 @@ PACKAGECONFIG[docs] = "--enable-docs,--disable-docs,ruby-native" PACKAGECONFIG[maintainer-mode] = "--enable-maintainer-mode,--disable-maintainer-mode,flex-native bison-native" PACKAGECONFIG[oniguruma] = "--with-oniguruma,--without-oniguruma,onig" -OE_EXTRACONF += " \ +EXTRA_OECONF += " \ --disable-valgrind \ " From a104444d2bc037b3b1044021ff34b10d66a56e9b Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Mon, 16 May 2022 09:31:11 +0800 Subject: [PATCH 070/600] python3-wxgtk4: backport patch to fix svg issue Backport patch to fix import svg issue: | $ python3 -c 'from wx.svg import SVGimage' | | ImportError: /usr/lib64/python3.10/site-packages/wx/svg/_nanosvg.cpython-310-x86_64-linux-gnu.so: undefined symbol: _PyGen_Send Signed-off-by: Kai Kang Signed-off-by: Khem Raj (cherry picked from commit 8246a9cef2956c66772b23f00d3feedec43ab1f7) Signed-off-by: Armin Kuster --- ...rsion-to-fix-NanoSVG-issues-with-Pyt.patch | 861 ++++++++++++++++++ .../python3-wxgtk4/python3-wxgtk4_4.1.1.bb | 1 + 2 files changed, 862 insertions(+) create mode 100644 meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch diff --git a/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch new file mode 100644 index 00000000000..6be56cb908d --- /dev/null +++ b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4/0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch @@ -0,0 +1,861 @@ +Upstream-Status: Backport [https://github.com/wxWidgets/Phoenix/commit/b40ab0f8] + +Signed-off-by: Kai Kang + +From b40ab0f806bdf7aa0c0a51a8c4876ac47754515d Mon Sep 17 00:00:00 2001 +From: Scott Talbert +Date: Thu, 7 Oct 2021 17:53:05 -0400 +Subject: [PATCH] Update Cython version to fix NanoSVG issues with Python 3.10 + +--- + requirements/devel.txt | 2 +- + wx/svg/_nanosvg.c | 554 ++++++++++++++++++++++++++--------------- + 2 files changed, 359 insertions(+), 197 deletions(-) + +diff --git a/requirements/devel.txt b/requirements/devel.txt +index 1d427be0..18164bdc 100644 +--- a/requirements/devel.txt ++++ b/requirements/devel.txt +@@ -9,7 +9,7 @@ wheel + twine + requests + requests[security] +-cython==0.29.21 ++cython==0.29.24 + pytest + pytest-xdist + pytest-forked +diff --git a/wx/svg/_nanosvg.c b/wx/svg/_nanosvg.c +index d8f1e158..fd4a5a67 100644 +--- a/wx/svg/_nanosvg.c ++++ b/wx/svg/_nanosvg.c +@@ -1,4 +1,4 @@ +-/* Generated by Cython 0.29.21 */ ++/* Generated by Cython 0.29.24 */ + + /* BEGIN: Cython Metadata + { +@@ -33,15 +33,17 @@ + } + END: Cython Metadata */ + ++#ifndef PY_SSIZE_T_CLEAN + #define PY_SSIZE_T_CLEAN ++#endif /* PY_SSIZE_T_CLEAN */ + #include "Python.h" + #ifndef Py_PYTHON_H + #error Python headers needed to compile C extensions, please install development version of Python. + #elif PY_VERSION_HEX < 0x02060000 || (0x03000000 <= PY_VERSION_HEX && PY_VERSION_HEX < 0x03030000) + #error Cython requires Python 2.6+ or Python 3.3+. + #else +-#define CYTHON_ABI "0_29_21" +-#define CYTHON_HEX_VERSION 0x001D15F0 ++#define CYTHON_ABI "0_29_24" ++#define CYTHON_HEX_VERSION 0x001D18F0 + #define CYTHON_FUTURE_DIVISION 0 + #include + #ifndef offsetof +@@ -459,8 +461,12 @@ static CYTHON_INLINE void * PyThread_tss_get(Py_tss_t *key) { + #endif + #if PY_VERSION_HEX > 0x03030000 && defined(PyUnicode_KIND) + #define CYTHON_PEP393_ENABLED 1 ++ #if defined(PyUnicode_IS_READY) + #define __Pyx_PyUnicode_READY(op) (likely(PyUnicode_IS_READY(op)) ?\ + 0 : _PyUnicode_Ready((PyObject *)(op))) ++ #else ++ #define __Pyx_PyUnicode_READY(op) (0) ++ #endif + #define __Pyx_PyUnicode_GET_LENGTH(u) PyUnicode_GET_LENGTH(u) + #define __Pyx_PyUnicode_READ_CHAR(u, i) PyUnicode_READ_CHAR(u, i) + #define __Pyx_PyUnicode_MAX_CHAR_VALUE(u) PyUnicode_MAX_CHAR_VALUE(u) +@@ -469,7 +475,11 @@ static CYTHON_INLINE void * PyThread_tss_get(Py_tss_t *key) { + #define __Pyx_PyUnicode_READ(k, d, i) PyUnicode_READ(k, d, i) + #define __Pyx_PyUnicode_WRITE(k, d, i, ch) PyUnicode_WRITE(k, d, i, ch) + #if defined(PyUnicode_IS_READY) && defined(PyUnicode_GET_SIZE) ++ #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03090000 ++ #define __Pyx_PyUnicode_IS_TRUE(u) (0 != (likely(PyUnicode_IS_READY(u)) ? PyUnicode_GET_LENGTH(u) : ((PyCompactUnicodeObject *)(u))->wstr_length)) ++ #else + #define __Pyx_PyUnicode_IS_TRUE(u) (0 != (likely(PyUnicode_IS_READY(u)) ? PyUnicode_GET_LENGTH(u) : PyUnicode_GET_SIZE(u))) ++ #endif + #else + #define __Pyx_PyUnicode_IS_TRUE(u) (0 != PyUnicode_GET_LENGTH(u)) + #endif +@@ -1736,33 +1746,38 @@ static void __pyx_insert_code_object(int code_line, PyCodeObject* code_object); + static void __Pyx_AddTraceback(const char *funcname, int c_line, + int py_line, const char *filename); + ++/* GCCDiagnostics.proto */ ++#if defined(__GNUC__) && (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 6)) ++#define __Pyx_HAS_GCC_DIAGNOSTIC ++#endif ++ + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value); + ++/* CIntFromPy.proto */ ++static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *); ++ + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value); + + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value); + ++/* CIntFromPy.proto */ ++static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *); ++ + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value); + ++/* CIntFromPy.proto */ ++static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *); ++ + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value); + + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value); + +-/* CIntFromPy.proto */ +-static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *); +- +-/* CIntFromPy.proto */ +-static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *); +- +-/* CIntFromPy.proto */ +-static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *); +- + /* CIntToPy.proto */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGfillRule(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule value); + +@@ -1844,6 +1859,7 @@ typedef struct { + PyObject *gi_qualname; + PyObject *gi_modulename; + PyObject *gi_code; ++ PyObject *gi_frame; + int resume_label; + char is_running; + } __pyx_CoroutineObject; +@@ -14641,11 +14657,9 @@ if (!__Pyx_RefNanny) { + #endif + /*--- Library function declarations ---*/ + /*--- Threads initialization code ---*/ +- #if defined(__PYX_FORCE_INIT_THREADS) && __PYX_FORCE_INIT_THREADS +- #ifdef WITH_THREAD /* Python build with threading support? */ ++ #if defined(WITH_THREAD) && PY_VERSION_HEX < 0x030700F0 && defined(__PYX_FORCE_INIT_THREADS) && __PYX_FORCE_INIT_THREADS + PyEval_InitThreads(); + #endif +- #endif + /*--- Module creation code ---*/ + #if CYTHON_PEP489_MULTI_PHASE_INIT + __pyx_m = __pyx_pyinit_module; +@@ -16766,7 +16780,7 @@ invalid_keyword: + #if CYTHON_COMPILING_IN_CPYTHON + static CYTHON_INLINE PyObject* __Pyx_PyObject_Call(PyObject *func, PyObject *arg, PyObject *kw) { + PyObject *result; +- ternaryfunc call = func->ob_type->tp_call; ++ ternaryfunc call = Py_TYPE(func)->tp_call; + if (unlikely(!call)) + return PyObject_Call(func, arg, kw); + if (unlikely(Py_EnterRecursiveCall((char*)" while calling a Python object"))) +@@ -17149,7 +17163,7 @@ static CYTHON_INLINE PyObject* __Pyx_PyObject_CallOneArg(PyObject *func, PyObjec + if (likely(PyCFunction_GET_FLAGS(func) & METH_O)) { + return __Pyx_PyObject_CallMethO(func, arg); + #if CYTHON_FAST_PYCCALL +- } else if (PyCFunction_GET_FLAGS(func) & METH_FASTCALL) { ++ } else if (__Pyx_PyFastCFunction_Check(func)) { + return __Pyx_PyCFunction_FastCall(func, &arg, 1); + #endif + } +@@ -18800,7 +18814,8 @@ static PyObject * + __Pyx_CyFunction_reduce(__pyx_CyFunctionObject *m, CYTHON_UNUSED PyObject *args) + { + #if PY_MAJOR_VERSION >= 3 +- return PyUnicode_FromString(m->func.m_ml->ml_name); ++ Py_INCREF(m->func_qualname); ++ return m->func_qualname; + #else + return PyString_FromString(m->func.m_ml->ml_name); + #endif +@@ -19443,37 +19458,6 @@ bad: + Py_XDECREF(py_frame); + } + +-/* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) { +- const long neg_one = (long) ((long) 0 - (long) 1), const_zero = (long) 0; +- const int is_unsigned = neg_one > const_zero; +- if (is_unsigned) { +- if (sizeof(long) < sizeof(long)) { +- return PyInt_FromLong((long) value); +- } else if (sizeof(long) <= sizeof(unsigned long)) { +- return PyLong_FromUnsignedLong((unsigned long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(long) <= sizeof(unsigned PY_LONG_LONG)) { +- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); +-#endif +- } +- } else { +- if (sizeof(long) <= sizeof(long)) { +- return PyInt_FromLong((long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(long) <= sizeof(PY_LONG_LONG)) { +- return PyLong_FromLongLong((PY_LONG_LONG) value); +-#endif +- } +- } +- { +- int one = 1; int little = (int)*(unsigned char *)&one; +- unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(long), +- little, !is_unsigned); +- } +-} +- + /* CIntFromPyVerify */ + #define __PYX_VERIFY_RETURN_INT(target_type, func_type, func_value)\ + __PYX__VERIFY_RETURN_INT(target_type, func_type, func_value, 0) +@@ -19497,148 +19481,31 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) { + } + + /* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value) { +- const int neg_one = (int) ((int) 0 - (int) 1), const_zero = (int) 0; +- const int is_unsigned = neg_one > const_zero; +- if (is_unsigned) { +- if (sizeof(int) < sizeof(long)) { +- return PyInt_FromLong((long) value); +- } else if (sizeof(int) <= sizeof(unsigned long)) { +- return PyLong_FromUnsignedLong((unsigned long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(int) <= sizeof(unsigned PY_LONG_LONG)) { +- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); +-#endif +- } +- } else { +- if (sizeof(int) <= sizeof(long)) { +- return PyInt_FromLong((long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(int) <= sizeof(PY_LONG_LONG)) { +- return PyLong_FromLongLong((PY_LONG_LONG) value); +-#endif +- } +- } +- { +- int one = 1; int little = (int)*(unsigned char *)&one; +- unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(int), +- little, !is_unsigned); +- } +-} +- +-/* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value) { +- const char neg_one = (char) ((char) 0 - (char) 1), const_zero = (char) 0; +- const int is_unsigned = neg_one > const_zero; +- if (is_unsigned) { +- if (sizeof(char) < sizeof(long)) { +- return PyInt_FromLong((long) value); +- } else if (sizeof(char) <= sizeof(unsigned long)) { +- return PyLong_FromUnsignedLong((unsigned long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(char) <= sizeof(unsigned PY_LONG_LONG)) { +- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); +-#endif +- } +- } else { +- if (sizeof(char) <= sizeof(long)) { +- return PyInt_FromLong((long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(char) <= sizeof(PY_LONG_LONG)) { +- return PyLong_FromLongLong((PY_LONG_LONG) value); +-#endif +- } +- } +- { +- int one = 1; int little = (int)*(unsigned char *)&one; +- unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(char), +- little, !is_unsigned); +- } +-} +- +-/* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value) { +- const unsigned char neg_one = (unsigned char) ((unsigned char) 0 - (unsigned char) 1), const_zero = (unsigned char) 0; +- const int is_unsigned = neg_one > const_zero; +- if (is_unsigned) { +- if (sizeof(unsigned char) < sizeof(long)) { +- return PyInt_FromLong((long) value); +- } else if (sizeof(unsigned char) <= sizeof(unsigned long)) { +- return PyLong_FromUnsignedLong((unsigned long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(unsigned char) <= sizeof(unsigned PY_LONG_LONG)) { +- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); +-#endif +- } +- } else { +- if (sizeof(unsigned char) <= sizeof(long)) { +- return PyInt_FromLong((long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(unsigned char) <= sizeof(PY_LONG_LONG)) { +- return PyLong_FromLongLong((PY_LONG_LONG) value); +-#endif +- } +- } +- { +- int one = 1; int little = (int)*(unsigned char *)&one; +- unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(unsigned char), +- little, !is_unsigned); +- } +-} +- +-/* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0; +- const int is_unsigned = neg_one > const_zero; +- if (is_unsigned) { +- if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) < sizeof(long)) { +- return PyInt_FromLong((long) value); +- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned long)) { +- return PyLong_FromUnsignedLong((unsigned long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned PY_LONG_LONG)) { +- return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_long(long value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" + #endif +- } +- } else { +- if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(long)) { +- return PyInt_FromLong((long) value); +-#ifdef HAVE_LONG_LONG +- } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(PY_LONG_LONG)) { +- return PyLong_FromLongLong((PY_LONG_LONG) value); ++ const long neg_one = (long) -1, const_zero = (long) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop + #endif +- } +- } +- { +- int one = 1; int little = (int)*(unsigned char *)&one; +- unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType), +- little, !is_unsigned); +- } +-} +- +-/* CIntToPy */ +-static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value) { +- const unsigned int neg_one = (unsigned int) ((unsigned int) 0 - (unsigned int) 1), const_zero = (unsigned int) 0; + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { +- if (sizeof(unsigned int) < sizeof(long)) { ++ if (sizeof(long) < sizeof(long)) { + return PyInt_FromLong((long) value); +- } else if (sizeof(unsigned int) <= sizeof(unsigned long)) { ++ } else if (sizeof(long) <= sizeof(unsigned long)) { + return PyLong_FromUnsignedLong((unsigned long) value); + #ifdef HAVE_LONG_LONG +- } else if (sizeof(unsigned int) <= sizeof(unsigned PY_LONG_LONG)) { ++ } else if (sizeof(long) <= sizeof(unsigned PY_LONG_LONG)) { + return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); + #endif + } + } else { +- if (sizeof(unsigned int) <= sizeof(long)) { ++ if (sizeof(long) <= sizeof(long)) { + return PyInt_FromLong((long) value); + #ifdef HAVE_LONG_LONG +- } else if (sizeof(unsigned int) <= sizeof(PY_LONG_LONG)) { ++ } else if (sizeof(long) <= sizeof(PY_LONG_LONG)) { + return PyLong_FromLongLong((PY_LONG_LONG) value); + #endif + } +@@ -19646,14 +19513,21 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value) + { + int one = 1; int little = (int)*(unsigned char *)&one; + unsigned char *bytes = (unsigned char *)&value; +- return _PyLong_FromByteArray(bytes, sizeof(unsigned int), ++ return _PyLong_FromByteArray(bytes, sizeof(long), + little, !is_unsigned); + } + } + + /* CIntFromPy */ + static CYTHON_INLINE int __Pyx_PyInt_As_int(PyObject *x) { +- const int neg_one = (int) ((int) 0 - (int) 1), const_zero = (int) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const int neg_one = (int) -1, const_zero = (int) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + #if PY_MAJOR_VERSION < 3 + if (likely(PyInt_Check(x))) { +@@ -19840,9 +19714,92 @@ raise_neg_overflow: + return (int) -1; + } + ++/* CIntToPy */ ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_int(int value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const int neg_one = (int) -1, const_zero = (int) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif ++ const int is_unsigned = neg_one > const_zero; ++ if (is_unsigned) { ++ if (sizeof(int) < sizeof(long)) { ++ return PyInt_FromLong((long) value); ++ } else if (sizeof(int) <= sizeof(unsigned long)) { ++ return PyLong_FromUnsignedLong((unsigned long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(int) <= sizeof(unsigned PY_LONG_LONG)) { ++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++#endif ++ } ++ } else { ++ if (sizeof(int) <= sizeof(long)) { ++ return PyInt_FromLong((long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(int) <= sizeof(PY_LONG_LONG)) { ++ return PyLong_FromLongLong((PY_LONG_LONG) value); ++#endif ++ } ++ } ++ { ++ int one = 1; int little = (int)*(unsigned char *)&one; ++ unsigned char *bytes = (unsigned char *)&value; ++ return _PyLong_FromByteArray(bytes, sizeof(int), ++ little, !is_unsigned); ++ } ++} ++ ++/* CIntToPy */ ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_char(char value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const char neg_one = (char) -1, const_zero = (char) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif ++ const int is_unsigned = neg_one > const_zero; ++ if (is_unsigned) { ++ if (sizeof(char) < sizeof(long)) { ++ return PyInt_FromLong((long) value); ++ } else if (sizeof(char) <= sizeof(unsigned long)) { ++ return PyLong_FromUnsignedLong((unsigned long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(char) <= sizeof(unsigned PY_LONG_LONG)) { ++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++#endif ++ } ++ } else { ++ if (sizeof(char) <= sizeof(long)) { ++ return PyInt_FromLong((long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(char) <= sizeof(PY_LONG_LONG)) { ++ return PyLong_FromLongLong((PY_LONG_LONG) value); ++#endif ++ } ++ } ++ { ++ int one = 1; int little = (int)*(unsigned char *)&one; ++ unsigned char *bytes = (unsigned char *)&value; ++ return _PyLong_FromByteArray(bytes, sizeof(char), ++ little, !is_unsigned); ++ } ++} ++ + /* CIntFromPy */ + static CYTHON_INLINE char __Pyx_PyInt_As_char(PyObject *x) { +- const char neg_one = (char) ((char) 0 - (char) 1), const_zero = (char) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const char neg_one = (char) -1, const_zero = (char) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + #if PY_MAJOR_VERSION < 3 + if (likely(PyInt_Check(x))) { +@@ -20029,9 +19986,54 @@ raise_neg_overflow: + return (char) -1; + } + ++/* CIntToPy */ ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_char(unsigned char value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const unsigned char neg_one = (unsigned char) -1, const_zero = (unsigned char) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif ++ const int is_unsigned = neg_one > const_zero; ++ if (is_unsigned) { ++ if (sizeof(unsigned char) < sizeof(long)) { ++ return PyInt_FromLong((long) value); ++ } else if (sizeof(unsigned char) <= sizeof(unsigned long)) { ++ return PyLong_FromUnsignedLong((unsigned long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(unsigned char) <= sizeof(unsigned PY_LONG_LONG)) { ++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++#endif ++ } ++ } else { ++ if (sizeof(unsigned char) <= sizeof(long)) { ++ return PyInt_FromLong((long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(unsigned char) <= sizeof(PY_LONG_LONG)) { ++ return PyLong_FromLongLong((PY_LONG_LONG) value); ++#endif ++ } ++ } ++ { ++ int one = 1; int little = (int)*(unsigned char *)&one; ++ unsigned char *bytes = (unsigned char *)&value; ++ return _PyLong_FromByteArray(bytes, sizeof(unsigned char), ++ little, !is_unsigned); ++ } ++} ++ + /* CIntFromPy */ + static CYTHON_INLINE long __Pyx_PyInt_As_long(PyObject *x) { +- const long neg_one = (long) ((long) 0 - (long) 1), const_zero = (long) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const long neg_one = (long) -1, const_zero = (long) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + #if PY_MAJOR_VERSION < 3 + if (likely(PyInt_Check(x))) { +@@ -20218,9 +20220,92 @@ raise_neg_overflow: + return (long) -1; + } + ++/* CIntToPy */ ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGpaintType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif ++ const int is_unsigned = neg_one > const_zero; ++ if (is_unsigned) { ++ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) < sizeof(long)) { ++ return PyInt_FromLong((long) value); ++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned long)) { ++ return PyLong_FromUnsignedLong((unsigned long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(unsigned PY_LONG_LONG)) { ++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++#endif ++ } ++ } else { ++ if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(long)) { ++ return PyInt_FromLong((long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType) <= sizeof(PY_LONG_LONG)) { ++ return PyLong_FromLongLong((PY_LONG_LONG) value); ++#endif ++ } ++ } ++ { ++ int one = 1; int little = (int)*(unsigned char *)&one; ++ unsigned char *bytes = (unsigned char *)&value; ++ return _PyLong_FromByteArray(bytes, sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGpaintType), ++ little, !is_unsigned); ++ } ++} ++ ++/* CIntToPy */ ++static CYTHON_INLINE PyObject* __Pyx_PyInt_From_unsigned_int(unsigned int value) { ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const unsigned int neg_one = (unsigned int) -1, const_zero = (unsigned int) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif ++ const int is_unsigned = neg_one > const_zero; ++ if (is_unsigned) { ++ if (sizeof(unsigned int) < sizeof(long)) { ++ return PyInt_FromLong((long) value); ++ } else if (sizeof(unsigned int) <= sizeof(unsigned long)) { ++ return PyLong_FromUnsignedLong((unsigned long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(unsigned int) <= sizeof(unsigned PY_LONG_LONG)) { ++ return PyLong_FromUnsignedLongLong((unsigned PY_LONG_LONG) value); ++#endif ++ } ++ } else { ++ if (sizeof(unsigned int) <= sizeof(long)) { ++ return PyInt_FromLong((long) value); ++#ifdef HAVE_LONG_LONG ++ } else if (sizeof(unsigned int) <= sizeof(PY_LONG_LONG)) { ++ return PyLong_FromLongLong((PY_LONG_LONG) value); ++#endif ++ } ++ } ++ { ++ int one = 1; int little = (int)*(unsigned char *)&one; ++ unsigned char *bytes = (unsigned char *)&value; ++ return _PyLong_FromByteArray(bytes, sizeof(unsigned int), ++ little, !is_unsigned); ++ } ++} ++ + /* CIntToPy */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGfillRule(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { + if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGfillRule) < sizeof(long)) { +@@ -20251,7 +20336,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg + + /* CIntToPy */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGflags(enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { + if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGflags) < sizeof(long)) { +@@ -20282,7 +20374,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg + + /* CIntToPy */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGlineCap(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { + if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineCap) < sizeof(long)) { +@@ -20313,7 +20412,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg + + /* CIntToPy */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { + if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGlineJoin) < sizeof(long)) { +@@ -20344,7 +20450,14 @@ static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg + + /* CIntToPy */ + static CYTHON_INLINE PyObject* __Pyx_PyInt_From_enum____pyx_t_2wx_3svg_8_nanosvg_SVGspreadType(enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType value) { +- const enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) ((enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0 - (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 1), const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic push ++#pragma GCC diagnostic ignored "-Wconversion" ++#endif ++ const enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType neg_one = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) -1, const_zero = (enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) 0; ++#ifdef __Pyx_HAS_GCC_DIAGNOSTIC ++#pragma GCC diagnostic pop ++#endif + const int is_unsigned = neg_one > const_zero; + if (is_unsigned) { + if (sizeof(enum __pyx_t_2wx_3svg_8_nanosvg_SVGspreadType) < sizeof(long)) { +@@ -20907,6 +21020,30 @@ PyObject *__Pyx_Coroutine_MethodReturn(CYTHON_UNUSED PyObject* gen, PyObject *re + } + return retval; + } ++#if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3) ++static CYTHON_INLINE ++PyObject *__Pyx_PyGen_Send(PyGenObject *gen, PyObject *arg) { ++#if PY_VERSION_HEX <= 0x030A00A1 ++ return _PyGen_Send(gen, arg); ++#else ++ PyObject *result; ++ if (PyIter_Send((PyObject*)gen, arg ? arg : Py_None, &result) == PYGEN_RETURN) { ++ if (PyAsyncGen_CheckExact(gen)) { ++ assert(result == Py_None); ++ PyErr_SetNone(PyExc_StopAsyncIteration); ++ } ++ else if (result == Py_None) { ++ PyErr_SetNone(PyExc_StopIteration); ++ } ++ else { ++ _PyGen_SetStopIterationValue(result); ++ } ++ Py_CLEAR(result); ++ } ++ return result; ++#endif ++} ++#endif + static CYTHON_INLINE + PyObject *__Pyx_Coroutine_FinishDelegation(__pyx_CoroutineObject *gen) { + PyObject *ret; +@@ -20943,12 +21080,12 @@ static PyObject *__Pyx_Coroutine_Send(PyObject *self, PyObject *value) { + #endif + #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3) + if (PyGen_CheckExact(yf)) { +- ret = _PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value); ++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value); + } else + #endif + #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03050000 && defined(PyCoro_CheckExact) && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3) + if (PyCoro_CheckExact(yf)) { +- ret = _PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value); ++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, value == Py_None ? NULL : value); + } else + #endif + { +@@ -21032,7 +21169,7 @@ static PyObject *__Pyx_Generator_Next(PyObject *self) { + #endif + #if CYTHON_COMPILING_IN_CPYTHON && PY_VERSION_HEX >= 0x03030000 && (defined(__linux__) || PY_VERSION_HEX >= 0x030600B3) + if (PyGen_CheckExact(yf)) { +- ret = _PyGen_Send((PyGenObject*)yf, NULL); ++ ret = __Pyx_PyGen_Send((PyGenObject*)yf, NULL); + } else + #endif + #ifdef __Pyx_Coroutine_USED +@@ -21192,6 +21329,7 @@ static int __Pyx_Coroutine_clear(PyObject *self) { + } + #endif + Py_CLEAR(gen->gi_code); ++ Py_CLEAR(gen->gi_frame); + Py_CLEAR(gen->gi_name); + Py_CLEAR(gen->gi_qualname); + Py_CLEAR(gen->gi_modulename); +@@ -21208,7 +21346,7 @@ static void __Pyx_Coroutine_dealloc(PyObject *self) { + if (PyObject_CallFinalizerFromDealloc(self)) + #else + Py_TYPE(gen)->tp_del(self); +- if (self->ob_refcnt > 0) ++ if (Py_REFCNT(self) > 0) + #endif + { + return; +@@ -21235,7 +21373,7 @@ static void __Pyx_Coroutine_del(PyObject *self) { + } + #if !CYTHON_USE_TP_FINALIZE + assert(self->ob_refcnt == 0); +- self->ob_refcnt = 1; ++ __Pyx_SET_REFCNT(self, 1); + #endif + __Pyx_PyThreadState_assign + __Pyx_ErrFetch(&error_type, &error_value, &error_traceback); +@@ -21302,17 +21440,17 @@ static void __Pyx_Coroutine_del(PyObject *self) { + } + __Pyx_ErrRestore(error_type, error_value, error_traceback); + #if !CYTHON_USE_TP_FINALIZE +- assert(self->ob_refcnt > 0); ++ assert(Py_REFCNT(self) > 0); + if (--self->ob_refcnt == 0) { + return; + } + { +- Py_ssize_t refcnt = self->ob_refcnt; ++ Py_ssize_t refcnt = Py_REFCNT(self); + _Py_NewReference(self); +- self->ob_refcnt = refcnt; ++ __Pyx_SET_REFCNT(self, refcnt); + } + #if CYTHON_COMPILING_IN_CPYTHON +- assert(PyType_IS_GC(self->ob_type) && ++ assert(PyType_IS_GC(Py_TYPE(self)) && + _Py_AS_GC(self)->gc.gc_refs != _PyGC_REFS_UNTRACKED); + _Py_DEC_REFTOTAL; + #endif +@@ -21378,6 +21516,27 @@ __Pyx_Coroutine_set_qualname(__pyx_CoroutineObject *self, PyObject *value, CYTHO + Py_XDECREF(tmp); + return 0; + } ++static PyObject * ++__Pyx_Coroutine_get_frame(__pyx_CoroutineObject *self, CYTHON_UNUSED void *context) ++{ ++ PyObject *frame = self->gi_frame; ++ if (!frame) { ++ if (unlikely(!self->gi_code)) { ++ Py_RETURN_NONE; ++ } ++ frame = (PyObject *) PyFrame_New( ++ PyThreadState_Get(), /*PyThreadState *tstate,*/ ++ (PyCodeObject*) self->gi_code, /*PyCodeObject *code,*/ ++ __pyx_d, /*PyObject *globals,*/ ++ 0 /*PyObject *locals*/ ++ ); ++ if (unlikely(!frame)) ++ return NULL; ++ self->gi_frame = frame; ++ } ++ Py_INCREF(frame); ++ return frame; ++} + static __pyx_CoroutineObject *__Pyx__Coroutine_New( + PyTypeObject* type, __pyx_coroutine_body_t body, PyObject *code, PyObject *closure, + PyObject *name, PyObject *qualname, PyObject *module_name) { +@@ -21411,6 +21570,7 @@ static __pyx_CoroutineObject *__Pyx__Coroutine_NewInit( + gen->gi_modulename = module_name; + Py_XINCREF(code); + gen->gi_code = code; ++ gen->gi_frame = NULL; + PyObject_GC_Track(gen); + return gen; + } +@@ -21534,6 +21694,8 @@ static PyGetSetDef __pyx_Generator_getsets[] = { + (char*) PyDoc_STR("name of the generator"), 0}, + {(char *) "__qualname__", (getter)__Pyx_Coroutine_get_qualname, (setter)__Pyx_Coroutine_set_qualname, + (char*) PyDoc_STR("qualified name of the generator"), 0}, ++ {(char *) "gi_frame", (getter)__Pyx_Coroutine_get_frame, NULL, ++ (char*) PyDoc_STR("Frame of the generator"), 0}, + {0, 0, 0, 0, 0} + }; + static PyTypeObject __pyx_GeneratorType_type = { +-- +2.33.0 + diff --git a/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb index 6ec92c2ceca..4d739b86f7a 100644 --- a/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb +++ b/meta-python/recipes-devtools/python3-wxgtk4/python3-wxgtk4_4.1.1.bb @@ -11,6 +11,7 @@ PYPI_PACKAGE = "wxPython" SRC_URI += "file://add-back-option-build-base.patch \ file://wxgtk-fixup-build-scripts.patch \ file://sip-fix-override-functions.patch \ + file://0001-Update-Cython-version-to-fix-NanoSVG-issues-with-Pyt.patch \ " SRC_URI[sha256sum] = "00e5e3180ac7f2852f342ad341d57c44e7e4326de0b550b9a5c4a8361b6c3528" From 7566c789da7850a2a35d1a8aa0f3e0b721e2cb1d Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 29 Apr 2022 16:13:10 +0800 Subject: [PATCH 071/600] php: upgrade 8.1.4 -> 8.1.5 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 412638c21b09ecc6dbe4bd480fbc8a0a83d05da5) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.4.bb => php_8.1.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.4.bb => php_8.1.5.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.4.bb b/meta-oe/recipes-devtools/php/php_8.1.5.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.4.bb rename to meta-oe/recipes-devtools/php/php_8.1.5.bb index bf6c543097d..e3af9f69841 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.4.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.5.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "b3f688cb69758523838b8e7f509aaef0152133d9b84a84a0b7cf68eeafc1df76" +SRC_URI[sha256sum] = "827de56771c3ab8313a069812f15f6ec49989d510aebd0dce180839c6d8d6ff3" inherit autotools pkgconfig python3native gettext From 71613a9fa18a689a23b22d10da8745af6239a221 Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 6 May 2022 22:51:01 +0800 Subject: [PATCH 072/600] php: upgrade 8.1.5 -> 8.1.6 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit b7bef320005a7e44f28f871d3ecd825dae9c14b8) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.5.bb => php_8.1.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.5.bb => php_8.1.6.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.5.bb b/meta-oe/recipes-devtools/php/php_8.1.6.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.5.bb rename to meta-oe/recipes-devtools/php/php_8.1.6.bb index e3af9f69841..96af595a45a 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.5.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.6.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "827de56771c3ab8313a069812f15f6ec49989d510aebd0dce180839c6d8d6ff3" +SRC_URI[sha256sum] = "7b353304b7407554f70d3e101a226a1fc22decae5c4c42ed270c4e389bfa1b66" inherit autotools pkgconfig python3native gettext From 133d2c20031dd573fbc2fcd8f3b537a358e425c1 Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 6 May 2022 22:51:02 +0800 Subject: [PATCH 073/600] postgresql: upgrade 14.2 -> 14.3 0001-configure.ac-bypass-autoconf-2.69-version-check.patch refreshed for new version. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit b3aa90d11d0b6dbf705a0ed08d256e4980766902) Signed-off-by: Armin Kuster --- ...01-configure.ac-bypass-autoconf-2.69-version-check.patch | 6 +++--- .../postgresql/{postgresql_14.2.bb => postgresql_14.3.bb} | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename meta-oe/recipes-dbs/postgresql/{postgresql_14.2.bb => postgresql_14.3.bb} (80%) diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch index 39ec7c2c8c2..78f24585e80 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -1,4 +1,4 @@ -From 9c9ac8b64f940bf69ecdc92abca9b58f12b401c3 Mon Sep 17 00:00:00 2001 +From f7084ba49758a6b8db46b917b7c0f831bd65a08f Mon Sep 17 00:00:00 2001 From: Yi Fan Yu Date: Fri, 5 Feb 2021 17:15:42 -0500 Subject: [PATCH] configure.ac: bypass autoconf 2.69 version check @@ -14,12 +14,12 @@ Signed-off-by: Yi Fan Yu 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac -index 3b148b6..94f39c5 100644 +index d3c55f2..9120184 100644 --- a/configure.ac +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [14.2], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [14.3], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb similarity index 80% rename from meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb rename to meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb index 52e88671429..c686c9b3581 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.2.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb @@ -10,4 +10,4 @@ SRC_URI += "\ file://remove_duplicate.patch \ " -SRC_URI[sha256sum] = "2cf78b2e468912f8101d695db5340cf313c2e9f68a612fb71427524e8c9a977a" +SRC_URI[sha256sum] = "279057368bf59a919c05ada8f95c5e04abb43e74b9a2a69c3d46a20e07a9af38" From b23cd103136d9728b686d905dd47b100b7d2575d Mon Sep 17 00:00:00 2001 From: Gianfranco Date: Thu, 19 May 2022 15:45:58 +0200 Subject: [PATCH 074/600] sdbus-c++-libsystemd: Bump SRCREV to last commit of 250-stable branch Signed-off-by: Gianfranco Costamagna Signed-off-by: Gianfranco Costamagna Signed-off-by: Khem Raj (cherry picked from commit 32581a7a4653b590118e53b5fabdec72f1d3d0c2) Signed-off-by: Armin Kuster --- meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb index 6bb5f7abb89..d5c799aac39 100644 --- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb +++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd_250.3.bb @@ -10,7 +10,7 @@ inherit meson pkgconfig DEPENDS += "gperf-native gettext-native util-linux libcap util-linux python3-jinja2-native" -SRCREV = "1b003bbc806198dbdd57b405d968f30565495e70" +SRCREV = "73be9643910c3f7f3ff84765d63060846c110016" SRCBRANCH = "v250-stable" SRC_URI = "git://github.com/systemd/systemd-stable.git;protocol=https;branch=${SRCBRANCH} \ file://static-libsystemd-pkgconfig.patch \ From ff3a018b2b66170a560d8373dbbef3f15ebba849 Mon Sep 17 00:00:00 2001 From: Gianfranco Date: Thu, 19 May 2022 14:13:02 +0200 Subject: [PATCH 075/600] libmtp: Add doxygen-native dependency in case documentation build is enabled in PACKAGECONFIG. This fixes a FTBFS due to missing dependency. Signed-off-by: Gianfranco Costamagna Signed-off-by: Gianfranco Costamagna Signed-off-by: Khem Raj (cherry picked from commit a9e6d16e6640d105ecf3470ab891598034c9ef33) Signed-off-by: Armin Kuster --- meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb b/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb index b4cbb792cef..3483db3c834 100644 --- a/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb +++ b/meta-oe/recipes-connectivity/libmtp/libmtp_1.1.19.bb @@ -30,7 +30,7 @@ EXTRA_OECONF += " \ " PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'largefile', d)}" -PACKAGECONFIG[doxygen] = "--enable-doxygen,--disable-doxygen" +PACKAGECONFIG[doxygen] = "--enable-doxygen,--disable-doxygen,doxygen-native" PACKAGECONFIG[largefile] = "--enable-largefile,--disable-largefile" PACKAGECONFIG[mtpz] = "--enable-mtpz,--disable-mtpz,libgcrypt" From 367e8927b9df348edfb9a761895c36f9c6454fba Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Thu, 26 May 2022 12:32:24 -0700 Subject: [PATCH 076/600] mariadb: update to 10.7.4 LTS version, bugfix only update. Drop clang-64bit-atomics.patch as the patched code was removed in this update. https://github.com/MariaDB/server/commit/cf483a7766d0730872232fdedd727d30a493fe29 Includes these CVES: CVE-2022-27458 CVE-2022-27457 CVE-2022-27456 CVE-2022-27455 CVE-2022-27452 CVE-2022-27451 CVE-2022-27449 CVE-2022-27448 CVE-2022-27447 CVE-2022-27446 CVE-2022-27445 CVE-2022-27444 CVE-2022-27387 CVE-2022-27386 CVE-2022-27384 CVE-2022-27383 CVE-2022-27382 CVE-2022-27381 CVE-2022-27380 CVE-2022-27379 CVE-2022-27378 CVE-2022-27377 CVE-2022-27376 Signed-off-by: Armin Kuster Signed-off-by: Khem Raj (cherry picked from commit c1720935bd80fa6023f2fcec7c252c0fea183029) Signed-off-by: Armin Kuster --- ...ive_10.7.3.bb => mariadb-native_10.7.4.bb} | 0 meta-oe/recipes-dbs/mysql/mariadb.inc | 3 +- .../mysql/mariadb/clang-64bit-atomics.patch | 178 ------------------ .../{mariadb_10.7.3.bb => mariadb_10.7.4.bb} | 0 4 files changed, 1 insertion(+), 180 deletions(-) rename meta-oe/recipes-dbs/mysql/{mariadb-native_10.7.3.bb => mariadb-native_10.7.4.bb} (100%) delete mode 100644 meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch rename meta-oe/recipes-dbs/mysql/{mariadb_10.7.3.bb => mariadb_10.7.4.bb} (100%) diff --git a/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb b/meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb similarity index 100% rename from meta-oe/recipes-dbs/mysql/mariadb-native_10.7.3.bb rename to meta-oe/recipes-dbs/mysql/mariadb-native_10.7.4.bb diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc index 855f1248346..3f246dc0a51 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -20,11 +20,10 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \ file://mm_malloc.patch \ file://sys_futex.patch \ file://mariadb-openssl3.patch \ - file://clang-64bit-atomics.patch \ " SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch" -SRC_URI[sha256sum] = "da286919ffc9c913282202349709b6ba4ebcd342815e8dae0aa6b6bd8f515cd4" +SRC_URI[sha256sum] = "73dd9c9d325520f20ca5e0ef16f94b7be1146bed7e4a78e735c20daebf3a4173" UPSTREAM_CHECK_URI = "https://github.com/MariaDB/server/releases" diff --git a/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch b/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch deleted file mode 100644 index cdc2947b7bc..00000000000 --- a/meta-oe/recipes-dbs/mysql/mariadb/clang-64bit-atomics.patch +++ /dev/null @@ -1,178 +0,0 @@ -Prevent Clang from emitting atomic libcalls - -Clang expects 8-byte alignment for some 64-bit atomic operations -in some 32-bit targets. Native instruction lock cmpxchg8b (for x86) -should only require 4-byte alignment. - -This patch tries to add 8-byte alignents to data needing atomic ops -which helps clang to not generate the libatomic calls but emit -builtins directly. - -Upstream-Status: Submitted[https://jira.mariadb.org/browse/MDEV-28162] -Signed-off-by: Khem Raj - ---- a/include/my_atomic.h -+++ b/include/my_atomic.h -@@ -115,6 +115,16 @@ - #include "atomic/gcc_builtins.h" - #endif - -+#include -+ -+# ifdef __GNUC__ -+typedef __attribute__((__aligned__(8))) int64 ATOMIC_I64; -+typedef __attribute__((__aligned__(8))) uint64 ATOMIC_U64; -+# else -+typedef int64 ATOMIC_I64; -+typedef uint64 ATOMIC_U64; -+# endif -+ - #if SIZEOF_LONG == 4 - #define my_atomic_addlong(A,B) my_atomic_add32((int32*) (A), (B)) - #define my_atomic_loadlong(A) my_atomic_load32((int32*) (A)) -@@ -123,12 +133,12 @@ - #define my_atomic_faslong(A,B) my_atomic_fas32((int32*) (A), (B)) - #define my_atomic_caslong(A,B,C) my_atomic_cas32((int32*) (A), (int32*) (B), (C)) - #else --#define my_atomic_addlong(A,B) my_atomic_add64((int64*) (A), (B)) --#define my_atomic_loadlong(A) my_atomic_load64((int64*) (A)) --#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((int64*) (A), (O)) --#define my_atomic_storelong(A,B) my_atomic_store64((int64*) (A), (B)) --#define my_atomic_faslong(A,B) my_atomic_fas64((int64*) (A), (B)) --#define my_atomic_caslong(A,B,C) my_atomic_cas64((int64*) (A), (int64*) (B), (C)) -+#define my_atomic_addlong(A,B) my_atomic_add64((ATOMIC_I64*) (A), (B)) -+#define my_atomic_loadlong(A) my_atomic_load64((ATOMIC_I64*) (A)) -+#define my_atomic_loadlong_explicit(A,O) my_atomic_load64_explicit((ATOMIC_I64*) (A), (O)) -+#define my_atomic_storelong(A,B) my_atomic_store64((ATOMIC_I64*) (A), (B)) -+#define my_atomic_faslong(A,B) my_atomic_fas64((ATOMIC_I64*) (A), (B)) -+#define my_atomic_caslong(A,B,C) my_atomic_cas64((ATOMIC_I64*) (A), (ATOMIC_I64*) (B), (C)) - #endif - - #ifndef MY_MEMORY_ORDER_SEQ_CST ---- a/storage/perfschema/pfs_atomic.h -+++ b/storage/perfschema/pfs_atomic.h -@@ -41,7 +41,7 @@ public: - } - - /** Atomic load. */ -- static inline int64 load_64(int64 *ptr) -+ static inline int64 load_64(ATOMIC_I64 *ptr) - { - return my_atomic_load64(ptr); - } -@@ -53,9 +53,9 @@ public: - } - - /** Atomic load. */ -- static inline uint64 load_u64(uint64 *ptr) -+ static inline uint64 load_u64(ATOMIC_U64 *ptr) - { -- return (uint64) my_atomic_load64((int64*) ptr); -+ return (uint64) my_atomic_load64((ATOMIC_I64*) ptr); - } - - /** Atomic store. */ -@@ -65,7 +65,7 @@ public: - } - - /** Atomic store. */ -- static inline void store_64(int64 *ptr, int64 value) -+ static inline void store_64(ATOMIC_I64 *ptr, int64 value) - { - my_atomic_store64(ptr, value); - } -@@ -77,9 +77,9 @@ public: - } - - /** Atomic store. */ -- static inline void store_u64(uint64 *ptr, uint64 value) -+ static inline void store_u64(ATOMIC_U64 *ptr, uint64 value) - { -- my_atomic_store64((int64*) ptr, (int64) value); -+ my_atomic_store64((ATOMIC_I64*) ptr, (int64) value); - } - - /** Atomic add. */ -@@ -89,7 +89,7 @@ public: - } - - /** Atomic add. */ -- static inline int64 add_64(int64 *ptr, int64 value) -+ static inline int64 add_64(ATOMIC_I64 *ptr, int64 value) - { - return my_atomic_add64(ptr, value); - } -@@ -101,9 +101,9 @@ public: - } - - /** Atomic add. */ -- static inline uint64 add_u64(uint64 *ptr, uint64 value) -+ static inline uint64 add_u64(ATOMIC_U64 *ptr, uint64 value) - { -- return (uint64) my_atomic_add64((int64*) ptr, (int64) value); -+ return (uint64) my_atomic_add64((ATOMIC_I64*) ptr, (int64) value); - } - - /** Atomic compare and swap. */ -@@ -114,7 +114,7 @@ public: - } - - /** Atomic compare and swap. */ -- static inline bool cas_64(int64 *ptr, int64 *old_value, -+ static inline bool cas_64(ATOMIC_I64 *ptr, ATOMIC_I64 *old_value, - int64 new_value) - { - return my_atomic_cas64(ptr, old_value, new_value); -@@ -129,10 +129,10 @@ public: - } - - /** Atomic compare and swap. */ -- static inline bool cas_u64(uint64 *ptr, uint64 *old_value, -+ static inline bool cas_u64(ATOMIC_U64 *ptr, ATOMIC_U64 *old_value, - uint64 new_value) - { -- return my_atomic_cas64((int64*) ptr, (int64*) old_value, -+ return my_atomic_cas64((ATOMIC_I64*) ptr, (ATOMIC_I64*) old_value, - (uint64) new_value); - } - }; ---- a/sql/sql_class.h -+++ b/sql/sql_class.h -@@ -1049,7 +1049,7 @@ static inline void update_global_memory_ - (longlong) global_status_var.global_memory_used, - size)); - // workaround for gcc 4.2.4-1ubuntu4 -fPIE (from DEB_BUILD_HARDENING=1) -- int64 volatile * volatile ptr= &global_status_var.global_memory_used; -+ ATOMIC_I64 volatile * volatile ptr= &global_status_var.global_memory_used; - my_atomic_add64_explicit(ptr, size, MY_MEMORY_ORDER_RELAXED); - } - ---- a/storage/innobase/include/srv0mon.h -+++ b/storage/innobase/include/srv0mon.h -@@ -49,7 +49,7 @@ enum monitor_running_status { - typedef enum monitor_running_status monitor_running_t; - - /** Monitor counter value type */ --typedef int64_t mon_type_t; -+typedef ATOMIC_I64 mon_type_t; - - /** Two monitor structures are defined in this file. One is - "monitor_value_t" which contains dynamic counter values for each -@@ -568,7 +568,7 @@ Use MONITOR_INC if appropriate mutex pro - if (enabled) { \ - ib_uint64_t value; \ - value = my_atomic_add64_explicit( \ -- (int64*) &MONITOR_VALUE(monitor), 1, \ -+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), 1, \ - MY_MEMORY_ORDER_RELAXED) + 1; \ - /* Note: This is not 100% accurate because of the \ - inherent race, we ignore it due to performance. */ \ -@@ -585,7 +585,7 @@ Use MONITOR_DEC if appropriate mutex pro - if (enabled) { \ - ib_uint64_t value; \ - value = my_atomic_add64_explicit( \ -- (int64*) &MONITOR_VALUE(monitor), -1, \ -+ (ATOMIC_I64*) &MONITOR_VALUE(monitor), -1, \ - MY_MEMORY_ORDER_RELAXED) - 1; \ - /* Note: This is not 100% accurate because of the \ - inherent race, we ignore it due to performance. */ \ diff --git a/meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb b/meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb similarity index 100% rename from meta-oe/recipes-dbs/mysql/mariadb_10.7.3.bb rename to meta-oe/recipes-dbs/mysql/mariadb_10.7.4.bb From 4895c4d652b2abdef2d1b7a0407f7081e11b8f70 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Fri, 27 May 2022 11:05:52 -0700 Subject: [PATCH 077/600] mariadb: Fix i386 Clang builds Signed-off-by: Armin Kuster Signed-off-by: Khem Raj (cherry picked from commit d59578a8170266d0d7e62c132495c0e06a17e0c9) Signed-off-by: Armin Kuster --- meta-oe/recipes-dbs/mysql/mariadb.inc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc index 3f246dc0a51..922373b633e 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -77,6 +77,8 @@ LDFLAGS += " -pthread" BUILD_CFLAGS += "-fuse-ld=bfd" BUILD_CXXFLAGS += "-fuse-ld=bfd" +LDFLAGS:x86:toolchain-clang = "-latomic" + EXTRA_OECMAKE = "-DWITH_EMBEDDED_SERVER=ON \ -DWITH_JEMALLOC=no \ -DWITHOUT_TOKUDB=TRUE \ From 442af705f0dc1d8211892bd0e1de5135fee6e1fa Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 23 May 2022 11:25:36 -0700 Subject: [PATCH 078/600] unattended-upgrades: Disable auto-detecting modules Signed-off-by: Khem Raj (cherry picked from commit e7193af6c94436a577ebd472c6294eaef7c7cd15) Signed-off-by: Armin Kuster --- ...up.py-Disable-autodection-of-modules.patch | 28 +++++++++++++++++++ .../unattended-upgrades_2.6.bb | 1 + 2 files changed, 29 insertions(+) create mode 100644 meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch diff --git a/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch b/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch new file mode 100644 index 00000000000..ec70dd65708 --- /dev/null +++ b/meta-oe/recipes-devtools/unattended-upgrades/files/0001-setup.py-Disable-autodection-of-modules.patch @@ -0,0 +1,28 @@ +From 8fd80ead718ffc53d7182b9df6f49974113ff8fc Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 23 May 2022 11:23:58 -0700 +Subject: [PATCH] setup.py: Disable autodection of modules + +This helps to fix build with latest setuptools + +Upstream-Status: Pending +Signed-off-by: Khem Raj +--- + setup.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/setup.py b/setup.py +index 932bf01..fd5a092 100755 +--- a/setup.py ++++ b/setup.py +@@ -12,6 +12,7 @@ if __name__ == "__main__": + name='unattended-upgrades', + version='0.1', + scripts=['unattended-upgrade'], ++ py_modules=[], + data_files=[ + ('../etc/logrotate.d/', + ["data/logrotate.d/unattended-upgrades"]), +-- +2.36.1 + diff --git a/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb b/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb index 1ec205f8b81..d4f5b8d0cb5 100644 --- a/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb +++ b/meta-oe/recipes-devtools/unattended-upgrades/unattended-upgrades_2.6.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe \ SRC_URI = "git://github.com/mvo5/unattended-upgrades.git;protocol=https;branch=master \ file://0001-unattended-upgrade-Remove-distro_info-usage-to-check.patch \ + file://0001-setup.py-Disable-autodection-of-modules.patch \ " SRCREV = "c6db6fad26a2b83ba301b52ff5dee98cef7558ca" From 79e28d1c8748e6ac1044d01fcf0e17daedf137e0 Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Fri, 27 May 2022 10:45:21 +0800 Subject: [PATCH 079/600] libportal: add distro features check Add distro features check for libportal because it depends on gtk+3 which requires one of ${GTK3DISTROFEATURES}. Signed-off-by: Kai Kang Signed-off-by: Khem Raj (cherry picked from commit 0baa7793e0df81a21a130e6f0513f27b322cd4ad) Signed-off-by: Armin Kuster --- meta-gnome/recipes-gnome/libportal/libportal_0.6.bb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb b/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb index ec728d78b9c..9784f048180 100644 --- a/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb +++ b/meta-gnome/recipes-gnome/libportal/libportal_0.6.bb @@ -10,7 +10,9 @@ SRC_URI = "git://github.com/flatpak/${BPN}.git;protocol=https;branch=main" SRCREV = "13df0b887a7eb7b0f9b14069561a41f62e813155" S = "${WORKDIR}/git" -inherit meson gtk-doc gobject-introspection +inherit meson gtk-doc gobject-introspection features_check + +ANY_OF_DISTRO_FEATURES = "${GTK3DISTROFEATURES}" DEPENDS += "glib-2.0 glib-2.0-native gtk+3" From db3a802f8e869e284c199bf721e85923a109feee Mon Sep 17 00:00:00 2001 From: Kai Kang Date: Fri, 27 May 2022 10:51:45 +0800 Subject: [PATCH 080/600] graphviz: rrecommends on liberation-fonts There will be tofos in output pictures without any font, so make graphviz rrecommends on liberation-fonts. Signed-off-by: Kai Kang Signed-off-by: Khem Raj (cherry picked from commit 0e036cb1bc0c272b27cbd7e42eacbae48edc685e) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb index a9258e979ac..aa597cd8e49 100644 --- a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb +++ b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb @@ -114,4 +114,6 @@ INSANE_SKIP:${PN}-python = "dev-so" FILES_SOLIBSDEV:append = " ${libdir}/graphviz/lib*${SOLIBSDEV}" +RRECOMMENDS:${PN} = "liberation-fonts" + BBCLASSEXTEND = "native nativesdk" From 16f08eb5aafc2851ab6a78fa72f2c2890a2d85d1 Mon Sep 17 00:00:00 2001 From: Adrian Freihofer Date: Fri, 27 May 2022 12:28:45 +0200 Subject: [PATCH 081/600] conntrack-tools: fix postinst script Fix error caused by postinst script of conntrack-tools: do_rootfs: Postinstall scriptlets of ['conntrack-tools'] have failed... Configuring ... rootfs//var/lib/opkg/info/conntrack-tools.postinst: line 2: setcap: command not found conntrack-tools.postinst returned 127, marking as unpacked only... Signed-off-by: Adrian Freihofer Signed-off-by: Khem Raj (cherry picked from commit 55fd9844830bc835c2bf8def9406edc9e2df0e16) Signed-off-by: Armin Kuster --- .../recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb index 50f7ced88de..8f57e823b88 100644 --- a/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb +++ b/meta-networking/recipes-filter/conntrack-tools/conntrack-tools_1.4.6.bb @@ -37,3 +37,4 @@ do_install:append() { pkg_postinst:${PN} () { setcap cap_net_admin+ep "$D/${sbindir}/conntrack" } +PACKAGE_WRITE_DEPS += "libcap-native" From 9a2029553030f3da607c209b50581274e9e7335e Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Thu, 19 May 2022 13:35:12 -0700 Subject: [PATCH 082/600] sdbus-c++: Link with libatomic on mips/ppc32 Signed-off-by: Khem Raj Cc: Gianfranco Costamagna (cherry picked from commit 366663527aa5efd4e43a62919edcdf9caf14e77c) Signed-off-by: Armin Kuster --- meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb index 39f0b4c5607..e1a7033a209 100644 --- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb +++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb @@ -27,6 +27,11 @@ EXTRA_OECMAKE = "-DBUILD_CODE_GEN=OFF \ S = "${WORKDIR}/git" +# Link libatomic on architectures without 64bit atomics fixes +# libsdbus-c++.so.1.1.0: undefined reference to `__atomic_load_8' +LDFLAGS:append:mips = " -Wl,--no-as-needed -latomic -Wl,--as-needed" +LDFLAGS:append:powerpc = " -Wl,--no-as-needed -latomic -Wl,--as-needed" + do_install:append() { if ! ${@bb.utils.contains('PTEST_ENABLED', '1', 'true', 'false', d)}; then rm -rf ${D}${sysconfdir}/dbus-1 From 99496d2b3cbe44d86cc7c899a0c486f9ea4c3b3a Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 28 May 2022 15:23:25 -0700 Subject: [PATCH 083/600] sdbus-c++: Link with libatomic for rv32 Fixes libsdbus-c++.so.1.1.0: undefined reference to `__atomic_load_8' Signed-off-by: Khem Raj (cherry picked from commit 5029571d689f80bfa5c3a391f088d1484c61d583) Signed-off-by: Armin Kuster --- meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb index e1a7033a209..76fd6b65b1a 100644 --- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb +++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb @@ -31,6 +31,7 @@ S = "${WORKDIR}/git" # libsdbus-c++.so.1.1.0: undefined reference to `__atomic_load_8' LDFLAGS:append:mips = " -Wl,--no-as-needed -latomic -Wl,--as-needed" LDFLAGS:append:powerpc = " -Wl,--no-as-needed -latomic -Wl,--as-needed" +LDFLAGS:append:riscv32 = " -Wl,--no-as-needed -latomic -Wl,--as-needed" do_install:append() { if ! ${@bb.utils.contains('PTEST_ENABLED', '1', 'true', 'false', d)}; then From 18a923d20b1885f508dfed83daaf5a8fe0d45de9 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sun, 29 May 2022 06:37:31 -0700 Subject: [PATCH 084/600] sdbus-c++-libsystemd: Fix patch fuzz Signed-off-by: Khem Raj (cherry picked from commit 397f4f054fd3600f7305055c724607973f5f5511) Signed-off-by: Armin Kuster --- .../0005-src-basic-missing.h-check-for-missing-strndupa.patch | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch index 36545c2f60c..005ef022fda 100644 --- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch +++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++-libsystemd/0005-src-basic-missing.h-check-for-missing-strndupa.patch @@ -322,8 +322,8 @@ Signed-off-by: Luca Boccassi --- a/src/libsystemd/sd-bus/bus-objects.c +++ b/src/libsystemd/sd-bus/bus-objects.c -@@ -12,6 +12,7 @@ - #include "set.h" +@@ -11,6 +11,7 @@ + #include "missing_capability.h" #include "string-util.h" #include "strv.h" +#include "missing_stdlib.h" From 17da928a8de487a8c7f7c41eb8db7f8f00aa1564 Mon Sep 17 00:00:00 2001 From: Bartosz Golaszewski Date: Thu, 19 May 2022 15:18:26 +0200 Subject: [PATCH 085/600] python3-speedtest-cli: fix RDEPENDS There are packages missing in RDEPENDS needed to run speedtest-cli. Add them and use += for the assignment as we don't know what inherited classes may have added. Signed-off-by: Bartosz Golaszewski Signed-off-by: Khem Raj (cherry picked from commit 3413265185dd199da0f54ef6d83abca2c8ec9b50) Signed-off-by: Armin Kuster --- .../recipes-devtools/python/python3-speedtest-cli_2.1.3.bb | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb b/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb index 06d98cbe1e4..472113b059c 100644 --- a/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb +++ b/meta-python/recipes-devtools/python/python3-speedtest-cli_2.1.3.bb @@ -7,4 +7,8 @@ SRC_URI[sha256sum] = "5e2773233cedb5fa3d8120eb7f97bcc4974b5221b254d33ff16e2f1d41 inherit pypi setuptools3 -RDEPENDS:${PN} = "${PYTHON_PN}-misc" +RDEPENDS:${PN} += " \ + python3-misc \ + python3-threading \ + python3-xml \ +" From 4e66373fe9653317400098cf4ce8d29ec1a99026 Mon Sep 17 00:00:00 2001 From: Denys Dmytriyenko Date: Mon, 30 May 2022 16:26:01 +0000 Subject: [PATCH 086/600] devmem2: the source and patches moved to github repo To cleanup metadata and improve source code management, github repo was created here with all patches integrated: https://github.com/denix0/devmem2 Update recipe accordingly, bump the version while at it to distinguish from the original. Signed-off-by: Denys Dmytriyenko Signed-off-by: Khem Raj (cherry picked from commit 356b488fb06bcacb0aa553518442b2d9574f16af) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/devmem2/devmem2.bb | 30 ------ ...word-is-32-bit-and-add-support-for-6.patch | 70 -------------- ...ort-different-page-sizes-at-run-time.patch | 35 ------- .../devmem2/devmem2/devmem2-fixups-2.patch | 91 ------------------- .../recipes-support/devmem2/devmem2_2.0.bb | 19 ++++ 5 files changed, 19 insertions(+), 226 deletions(-) delete mode 100644 meta-oe/recipes-support/devmem2/devmem2.bb delete mode 100644 meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch delete mode 100644 meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch delete mode 100644 meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch create mode 100644 meta-oe/recipes-support/devmem2/devmem2_2.0.bb diff --git a/meta-oe/recipes-support/devmem2/devmem2.bb b/meta-oe/recipes-support/devmem2/devmem2.bb deleted file mode 100644 index 70d4135216f..00000000000 --- a/meta-oe/recipes-support/devmem2/devmem2.bb +++ /dev/null @@ -1,30 +0,0 @@ -SUMMARY = "Simple program to read/write from/to any location in memory" -LICENSE = "GPL-2.0-or-later" -LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf" -PR = "r7" - -SRC_URI = "https://bootlin.com/pub/mirror/devmem2.c;downloadfilename=devmem2-new.c \ - file://devmem2-fixups-2.patch;apply=yes;striplevel=0 \ - file://0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch \ - file://0001-devmem2-support-different-page-sizes-at-run-time.patch \ -" - -S = "${WORKDIR}" - -CFLAGS += "-DFORCE_STRICT_ALIGNMENT" - -python do_unpack:append() { - os.rename("devmem2-new.c", "devmem2.c") -} - -do_compile() { - ${CC} -o devmem2 devmem2.c ${CFLAGS} ${LDFLAGS} -} - -do_install() { - install -d ${D}${bindir} - install devmem2 ${D}${bindir} -} - -SRC_URI[md5sum] = "e23f236e94be4c429aa1ceac0f01544b" -SRC_URI[sha256sum] = "3b15515693bae1ebd14d914e46d388edfec2175829ea1576a7a0c8606ebbe639" diff --git a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch deleted file mode 100644 index 2a57f29891d..00000000000 --- a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem.c-ensure-word-is-32-bit-and-add-support-for-6.patch +++ /dev/null @@ -1,70 +0,0 @@ -From 1360a907879dd24041797a3b709d49aeac2ab444 Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko -Date: Tue, 29 May 2018 16:55:42 -0400 -Subject: [PATCH] devmem.c: ensure word is 32-bit and add support for 64-bit - long - -Signed-off-by: Denys Dmytriyenko ---- - devmem2.c | 23 +++++++++++++++++------ - 1 file changed, 17 insertions(+), 6 deletions(-) - -diff --git a/devmem2.c b/devmem2.c -index 5845381..68131b2 100644 ---- a/devmem2.c -+++ b/devmem2.c -@@ -39,6 +39,7 @@ - - #include - #include -+#include - #include - #include - #include -@@ -69,7 +70,7 @@ int main(int argc, char **argv) { - if(argc < 2) { - fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" - "\taddress : memory address to act upon\n" -- "\ttype : access operation type : [b]yte, [h]alfword, [w]ord\n" -+ "\ttype : access operation type : [b]yte, [h]alfword, [w]ord, [l]ong\n" - "\tdata : data to be written\n\n", - argv[0]); - exit(1); -@@ -103,9 +104,14 @@ int main(int argc, char **argv) { - read_result = *((unsigned short *) virt_addr); - break; - case 'w': -- data_size = sizeof(unsigned long); -+ data_size = sizeof(uint32_t); - virt_addr = fixup_addr(virt_addr, data_size); -- read_result = *((unsigned long *) virt_addr); -+ read_result = *((uint32_t *) virt_addr); -+ break; -+ case 'l': -+ data_size = sizeof(uint64_t); -+ virt_addr = fixup_addr(virt_addr, data_size); -+ read_result = *((uint64_t *) virt_addr); - break; - default: - fprintf(stderr, "Illegal data type '%c'.\n", access_type); -@@ -129,9 +135,14 @@ int main(int argc, char **argv) { - read_result = *((unsigned short *) virt_addr); - break; - case 'w': -- virt_addr = fixup_addr(virt_addr, sizeof(unsigned long)); -- *((unsigned long *) virt_addr) = write_val; -- read_result = *((unsigned long *) virt_addr); -+ virt_addr = fixup_addr(virt_addr, sizeof(uint32_t)); -+ *((uint32_t *) virt_addr) = write_val; -+ read_result = *((uint32_t *) virt_addr); -+ break; -+ case 'l': -+ virt_addr = fixup_addr(virt_addr, sizeof(uint64_t)); -+ *((uint64_t *) virt_addr) = write_val; -+ read_result = *((uint64_t *) virt_addr); - break; - } - sprintf(fmt_str, "Write at address 0x%%08lX (%%p): 0x%%0%dlX, " --- -2.7.4 - diff --git a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch b/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch deleted file mode 100644 index 0da0732c57a..00000000000 --- a/meta-oe/recipes-support/devmem2/devmem2/0001-devmem2-support-different-page-sizes-at-run-time.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 0f6af48b2fbc71ec8abe862d3e9eb6da7b03538b Mon Sep 17 00:00:00 2001 -From: Denys Dmytriyenko -Date: Wed, 8 Aug 2018 14:38:00 -0400 -Subject: [PATCH] devmem2: support different page sizes at run-time - -Signed-off-by: Denys Dmytriyenko ---- - devmem2.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/devmem2.c b/devmem2.c -index 68131b2..76af2d6 100644 ---- a/devmem2.c -+++ b/devmem2.c -@@ -53,8 +53,6 @@ - #define FATAL do { fprintf(stderr, "Error at line %d, file %s (%d) [%s]\n", \ - __LINE__, __FILE__, errno, strerror(errno)); exit(1); } while(0) - --#define MAP_SIZE 4096UL --#define MAP_MASK (MAP_SIZE - 1) - - static inline void *fixup_addr(void *addr, size_t size); - -@@ -66,6 +64,8 @@ int main(int argc, char **argv) { - int access_type = 'w'; - char fmt_str[128]; - size_t data_size; -+ unsigned long MAP_SIZE = sysconf(_SC_PAGE_SIZE); -+ unsigned long MAP_MASK = (MAP_SIZE - 1); - - if(argc < 2) { - fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" --- -2.7.4 - diff --git a/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch b/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch deleted file mode 100644 index 4517797fc74..00000000000 --- a/meta-oe/recipes-support/devmem2/devmem2/devmem2-fixups-2.patch +++ /dev/null @@ -1,91 +0,0 @@ ---- devmem2.c 2004-08-05 01:55:25.000000000 +0200 -+++ devmem2_modif.c 2011-01-13 15:48:37.798799784 +0100 -@@ -45,12 +45,16 @@ - #define MAP_SIZE 4096UL - #define MAP_MASK (MAP_SIZE - 1) - -+static inline void *fixup_addr(void *addr, size_t size); -+ - int main(int argc, char **argv) { - int fd; - void *map_base, *virt_addr; -- unsigned long read_result, writeval; -+ unsigned long read_result, write_val; - off_t target; - int access_type = 'w'; -+ char fmt_str[128]; -+ size_t data_size; - - if(argc < 2) { - fprintf(stderr, "\nUsage:\t%s { address } [ type [ data ] ]\n" -@@ -79,38 +83,51 @@ - virt_addr = map_base + (target & MAP_MASK); - switch(access_type) { - case 'b': -+ data_size = sizeof(unsigned char); -+ virt_addr = fixup_addr(virt_addr, data_size); - read_result = *((unsigned char *) virt_addr); - break; - case 'h': -+ data_size = sizeof(unsigned short); -+ virt_addr = fixup_addr(virt_addr, data_size); - read_result = *((unsigned short *) virt_addr); - break; - case 'w': -+ data_size = sizeof(unsigned long); -+ virt_addr = fixup_addr(virt_addr, data_size); - read_result = *((unsigned long *) virt_addr); - break; - default: - fprintf(stderr, "Illegal data type '%c'.\n", access_type); - exit(2); - } -- printf("Value at address 0x%X (%p): 0x%X\n", target, virt_addr, read_result); -+ sprintf(fmt_str, "Read at address 0x%%08lX (%%p): 0x%%0%dlX\n", 2*data_size); -+ printf(fmt_str, (unsigned long)target, virt_addr, read_result); - fflush(stdout); - - if(argc > 3) { -- writeval = strtoul(argv[3], 0, 0); -+ write_val = strtoul(argv[3], 0, 0); - switch(access_type) { - case 'b': -- *((unsigned char *) virt_addr) = writeval; -+ virt_addr = fixup_addr(virt_addr, sizeof(unsigned char)); -+ *((unsigned char *) virt_addr) = write_val; - read_result = *((unsigned char *) virt_addr); - break; - case 'h': -- *((unsigned short *) virt_addr) = writeval; -+ virt_addr = fixup_addr(virt_addr, sizeof(unsigned short)); -+ *((unsigned short *) virt_addr) = write_val; - read_result = *((unsigned short *) virt_addr); - break; - case 'w': -- *((unsigned long *) virt_addr) = writeval; -+ virt_addr = fixup_addr(virt_addr, sizeof(unsigned long)); -+ *((unsigned long *) virt_addr) = write_val; - read_result = *((unsigned long *) virt_addr); - break; - } -- printf("Written 0x%X; readback 0x%X\n", writeval, read_result); -+ sprintf(fmt_str, "Write at address 0x%%08lX (%%p): 0x%%0%dlX, " -+ "readback 0x%%0%dlX\n", 2*data_size, 2*data_size); -+ printf(fmt_str, (unsigned long)target, virt_addr, -+ write_val, read_result); - fflush(stdout); - } - -@@ -119,3 +136,12 @@ - return 0; - } - -+static inline void *fixup_addr(void *addr, size_t size) -+{ -+#ifdef FORCE_STRICT_ALIGNMENT -+ unsigned long aligned_addr = (unsigned long)addr; -+ aligned_addr &= ~(size - 1); -+ addr = (void *)aligned_addr; -+#endif -+ return addr; -+} diff --git a/meta-oe/recipes-support/devmem2/devmem2_2.0.bb b/meta-oe/recipes-support/devmem2/devmem2_2.0.bb new file mode 100644 index 00000000000..aee6bfe3da1 --- /dev/null +++ b/meta-oe/recipes-support/devmem2/devmem2_2.0.bb @@ -0,0 +1,19 @@ +SUMMARY = "Simple program to read/write from/to any location in memory" +LICENSE = "GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://devmem2.c;endline=38;md5=a9eb9f3890384519f435aedf986297cf" + +SRC_URI = "git://github.com/denix0/devmem2.git;protocol=https;branch=main" +SRCREV = "5b395a946894eb4f4ef5d07c80a50a88573a541e" + +S = "${WORKDIR}/git" + +CFLAGS += "-DFORCE_STRICT_ALIGNMENT" + +do_compile() { + ${CC} -o devmem2 devmem2.c ${CFLAGS} ${LDFLAGS} +} + +do_install() { + install -d ${D}${bindir} + install devmem2 ${D}${bindir} +} From fcc7d7eae82be4c180f2e8fa3db90a8ab3be07b7 Mon Sep 17 00:00:00 2001 From: Adrian Fiergolski Date: Wed, 1 Jun 2022 16:22:25 +0200 Subject: [PATCH 087/600] python3-matplotlib: add missing dependency In order to fix the dependency issue on PIL module, python3-pillow is required. Signed-off-by: Adrian Fiergolski Signed-off-by: Khem Raj (cherry picked from commit d4e70a19600bee178d81b467dd9e118cbf057f65) Signed-off-by: Armin Kuster --- meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb b/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb index b9eab3c931e..cd05b455d44 100644 --- a/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb +++ b/meta-python/recipes-devtools/python/python3-matplotlib_3.5.1.bb @@ -50,6 +50,7 @@ RDEPENDS:${PN} = "\ ${PYTHON_PN}-dateutil \ ${PYTHON_PN}-kiwisolver \ ${PYTHON_PN}-pytz \ + ${PYTHON_PN}-pillow \ " ENABLELTO:toolchain-clang:riscv64 = "echo enable_lto = False >> ${S}/mplsetup.cfg" From caab54d5930ad8c97100c237ce70c3e79bb0de43 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Tue, 14 Jun 2022 10:45:01 +0200 Subject: [PATCH 088/600] leveldb: switch from master branch to main Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb b/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb index 87750ec79d7..6afc45ab7e5 100644 --- a/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb +++ b/meta-oe/recipes-dbs/leveldb/leveldb_1.22.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/google/leveldb" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=92d1b128950b11ba8495b64938fc164d" -SRC_URI = "git://github.com/google/${BPN}.git;branch=master;protocol=https \ +SRC_URI = "git://github.com/google/${BPN}.git;branch=main;protocol=https \ file://run-ptest" SRCREV = "78b39d68c15ba020c0d60a3906fb66dbf1697595" From 14023da4dea9b6ca92e7ba6cc8d7bc29e215f303 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Mon, 13 Jun 2022 23:03:02 +0530 Subject: [PATCH 089/600] netserver: don't change permissions on /dev/null Source: MontaVista Software, LLC MR: 117141 Type: Defect Fix Disposition: Backport from [https://github.com/HewlettPackard/netperf/pull/27/commits/78c9ae7d9a6735575bc72dd28a19b2bc3a251981] ChangeID: 199f8618971de15d177dab9651f82f5696ff1aa1 Description: the (now default) suppress_debug=1 changes permissions on /dev/null to 0644. Don't do this. Signed-off-by: Ashish Sharma Signed-off-by: Armin Kuster --- .../netperf/files/netserver_permissions.patch | 29 +++++++++++++++++++ .../recipes-support/netperf/netperf_git.bb | 1 + 2 files changed, 30 insertions(+) create mode 100644 meta-networking/recipes-support/netperf/files/netserver_permissions.patch diff --git a/meta-networking/recipes-support/netperf/files/netserver_permissions.patch b/meta-networking/recipes-support/netperf/files/netserver_permissions.patch new file mode 100644 index 00000000000..55316363e07 --- /dev/null +++ b/meta-networking/recipes-support/netperf/files/netserver_permissions.patch @@ -0,0 +1,29 @@ +From 78c9ae7d9a6735575bc72dd28a19b2bc3a251981 Mon Sep 17 00:00:00 2001 +From: Andrew Elble +Date: Mon, 8 Oct 2018 14:31:20 -0400 +Subject: [PATCH] netserver: don't change permissions on /dev/null + +the (now default) suppress_debug=1 changes permissions on /dev/null +to 0644. Don't do this. + +Upstream-Status: Pending [https://github.com/HewlettPackard/netperf/pull/27/commits/78c9ae7d9a6735575bc72dd28a19b2bc3a251981] +Signed-off-by: Ashish Sharma + +--- + src/netserver.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/netserver.c b/src/netserver.c +index 00c8d23..86a1c45 100644 +--- a/src/netserver.c ++++ b/src/netserver.c +@@ -278,7 +278,8 @@ open_debug_file() + + #if !defined(WIN32) + +- chmod(FileName,0644); ++ if (!suppress_debug) ++ chmod(FileName,0644); + + /* redirect stdin to "/dev/null" */ + rd_null_fp = fopen(NETPERF_NULL,"r"); diff --git a/meta-networking/recipes-support/netperf/netperf_git.bb b/meta-networking/recipes-support/netperf/netperf_git.bb index 62ba966d01b..06b2eddbb6e 100644 --- a/meta-networking/recipes-support/netperf/netperf_git.bb +++ b/meta-networking/recipes-support/netperf/netperf_git.bb @@ -14,6 +14,7 @@ SRC_URI = "git://github.com/HewlettPackard/netperf.git;branch=master;protocol=ht file://netserver.service \ file://0001-netlib.c-Move-including-sched.h-out-og-function.patch \ file://0001-nettest_omni-Remove-duplicate-variable-definitions.patch \ + file://netserver_permissions.patch \ " SRCREV = "3bc455b23f901dae377ca0a558e1e32aa56b31c4" From 3a019f2b2d675e8c190e6247aaa1d24fda033ae9 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Tue, 14 Jun 2022 10:38:14 +0200 Subject: [PATCH 090/600] tesseract-lang: switch from master branch to main Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb b/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb index 2f7fcac7840..0d45ee765c3 100644 --- a/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb +++ b/meta-oe/recipes-graphics/tesseract/tesseract-lang_4.1.0.bb @@ -4,7 +4,7 @@ LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SRCREV = "4767ea922bcc460e70b87b1d303ebdfed0897da8" -SRC_URI = "git://github.com/tesseract-ocr/tessdata.git;branch=master;protocol=https" +SRC_URI = "git://github.com/tesseract-ocr/tessdata.git;branch=main;protocol=https" S = "${WORKDIR}/git" From fad4c407c9cb58353fc94133888c898abb969b50 Mon Sep 17 00:00:00 2001 From: Akash Hadke Date: Tue, 14 Jun 2022 16:54:57 +0200 Subject: [PATCH 091/600] ntfs-3g-ntfsprogs: Set CVE_PRODUCT to "tuxera:ntfs-3g" Set CVE_PRODUCT to 'tuxera:ntfs-3g' for ntfs-3g-ntfsprogs recipe, cve-check class is setting default CVE_PRODUCT to 'ntfs-3g-ntfsprogs' which ignores the ntfs-3g-ntfsprogs CVEs from NVD Database. Reference: CVE-2019-9755 Link: https://nvd.nist.gov/vuln/detail/CVE-2019-9755 Signed-off-by: Akash Hadke Signed-off-by: Akash Hadke Signed-off-by: Armin Kuster --- .../ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb index aa1b4c2e950..c7702878599 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb @@ -50,3 +50,5 @@ do_install:append() { # Satisfy the -dev runtime dependency ALLOW_EMPTY:${PN} = "1" + +CVE_PRODUCT = "tuxera:ntfs-3g" From 9c3976adde37272cdcb56d0791fc87a3dcd5be2e Mon Sep 17 00:00:00 2001 From: Akash Hadke Date: Tue, 14 Jun 2022 16:47:47 +0200 Subject: [PATCH 092/600] iperf: Set CVE_PRODUCT to "iperf_project:iperf" Set CVE_PRODUCT as 'iperf_project:iperf' for iperf2 and iperf3 recipes, cve-check class is setting default CVE_PRODUCT to 'iperf2' and 'iperf3' respectively which ignores the iperf CVEs from NVD Database. Reference: CVE-2016-4303 Link: https://nvd.nist.gov/vuln/detail/CVE-2016-4303 Signed-off-by: Akash Hadke Signed-off-by: Akash Hadke Signed-off-by: Armin Kuster --- meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb | 2 ++ meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb | 2 ++ 2 files changed, 4 insertions(+) diff --git a/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb b/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb index 4a520e3be58..86e5fef5303 100644 --- a/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb +++ b/meta-oe/recipes-benchmark/iperf2/iperf2_2.0.13.bb @@ -19,3 +19,5 @@ EXTRA_OECONF = "--exec-prefix=${STAGING_DIR_HOST}${layout_exec_prefix}" PACKAGECONFIG ??= "${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'ipv6', '', d)}" PACKAGECONFIG[ipv6] = "--enable-ipv6,--disable-ipv6," + +CVE_PRODUCT = "iperf_project:iperf" diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb index a6af23aec9a..2142a8ef1d4 100644 --- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb +++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb @@ -30,3 +30,5 @@ PACKAGECONFIG[lksctp] = "ac_cv_header_netinet_sctp_h=yes,ac_cv_header_netinet_sc PACKAGECONFIG[openssl] = "--with-openssl=${RECIPE_SYSROOT}${prefix},--without-openssl,openssl" CFLAGS += "-D_GNU_SOURCE" + +CVE_PRODUCT = "iperf_project:iperf" From 16621ac526d287c3764109b2fbc71d2f5146433e Mon Sep 17 00:00:00 2001 From: Bartosz Golaszewski Date: Tue, 14 Jun 2022 13:59:06 +0200 Subject: [PATCH 093/600] python3-pybluez: fix a runtime issue with python 3.10 Add an upstream patch that's not part of any release yet that addresses an issue with python 3.10 (related to a missing macro). Link: https://github.com/pybluez/pybluez/issues/426 Signed-off-by: Bartosz Golaszewski Signed-off-by: Armin Kuster --- ...hen-parsing-buffer-length-fix-426-42.patch | 153 ++++++++++++++++++ .../python/python3-pybluez_0.23.bb | 1 + 2 files changed, 154 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch diff --git a/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch b/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch new file mode 100644 index 00000000000..9126aba8d31 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pybluez/0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch @@ -0,0 +1,153 @@ +From aa8ee5e5e934908f0357364f6ec90a3ecda62880 Mon Sep 17 00:00:00 2001 +From: Nicolas Schodet +Date: Mon, 3 Jan 2022 02:37:01 +0100 +Subject: [PATCH] Use Py_ssize_t when parsing buffer length, fix #426 (#427) + +From python 3.9 documentation: + +> For all # variants of formats (s#, y#, etc.), the macro +> PY_SSIZE_T_CLEAN must be defined before including Python.h. On Python +> 3.9 and older, the type of the length argument is Py_ssize_t if the +> PY_SSIZE_T_CLEAN macro is defined, or int otherwise. + +From python 3.8 changes: + +> Use of # variants of formats in parsing or building value (e.g. +> PyArg_ParseTuple(), Py_BuildValue(), PyObject_CallFunction(), etc.) +> without PY_SSIZE_T_CLEAN defined raises DeprecationWarning now. It +> will be removed in 3.10 or 4.0. Read Parsing arguments and building +> values for detail. (Contributed by Inada Naoki in bpo-36381.) + +Fixes https://github.com/pybluez/pybluez/issues/426 +--- +Upstream-Status: Accepted + + bluez/btmodule.c | 23 ++++++++++++++--------- + msbt/_msbt.c | 6 ++++-- + 2 files changed, 18 insertions(+), 11 deletions(-) + +diff --git a/bluez/btmodule.c b/bluez/btmodule.c +index 518b723..912a489 100644 +--- a/bluez/btmodule.c ++++ b/bluez/btmodule.c +@@ -16,7 +16,8 @@ Local naming conventions: + - names starting with bt_ are module-level functions + + */ +- ++#define PY_SSIZE_T_CLEAN 1 ++#include "Python.h" + #include "btmodule.h" + #include "structmember.h" + +@@ -732,7 +733,7 @@ sock_setsockopt(PySocketSockObject *s, PyObject *args) + int optname; + int res; + void *buf; +- int buflen; ++ Py_ssize_t buflen; + int flag; + + if (PyArg_ParseTuple(args, "iii:setsockopt", &level, &optname, &flag)) { +@@ -2001,7 +2002,8 @@ static PyObject * + bt_hci_send_cmd(PyObject *self, PyObject *args) + { + PySocketSockObject *socko = NULL; +- int err, plen = 0; ++ int err; ++ Py_ssize_t plen = 0; + uint16_t ogf, ocf; + char *param = NULL; + int dd = 0; +@@ -2036,6 +2038,7 @@ bt_hci_send_req(PyObject *self, PyObject *args, PyObject *kwds) + int err; + int to=0; + char rparam[256]; ++ Py_ssize_t req_clen; + struct hci_request req = { 0 }; + int dd = 0; + +@@ -2043,9 +2046,10 @@ bt_hci_send_req(PyObject *self, PyObject *args, PyObject *kwds) + "timeout", 0 }; + + if( !PyArg_ParseTupleAndKeywords(args, kwds, "OHHii|s#i", keywords, +- &socko, &req.ogf, &req.ocf, &req.event, &req.rlen, +- &req.cparam, &req.clen, &to) ) ++ &socko, &req.ogf, &req.ocf, &req.event, &req.rlen, ++ &req.cparam, &req_clen, &to) ) + return 0; ++ req.clen = req_clen; + + req.rparam = rparam; + dd = socko->sock_fd; +@@ -2274,7 +2278,8 @@ Returns the name of the device, or raises an error on failure"); + static PyObject * bt_hci_filter_ ## name (PyObject *self, PyObject *args )\ + { \ + char *param; \ +- int len, arg; \ ++ Py_ssize_t len; \ ++ int arg; \ + if( !PyArg_ParseTuple(args,"s#i", ¶m, &len, &arg) ) \ + return 0; \ + if( len != sizeof(struct hci_filter) ) { \ +@@ -2303,7 +2308,7 @@ DECL_HCI_FILTER_OP_1(test_opcode, "test opcode!") + static PyObject * bt_hci_filter_ ## name (PyObject *self, PyObject *args )\ + { \ + char *param; \ +- int len; \ ++ Py_ssize_t len; \ + if( !PyArg_ParseTuple(args,"s#", ¶m, &len) ) \ + return 0; \ + if( len != sizeof(struct hci_filter) ) { \ +@@ -2364,7 +2369,7 @@ static PyObject * + bt_ba2str(PyObject *self, PyObject *args) + { + char *data=NULL; +- int len=0; ++ Py_ssize_t len=0; + char ba_str[19] = {0}; + if (!PyArg_ParseTuple(args, "s#", &data, &len)) return 0; + ba2str((bdaddr_t*)data, ba_str); +@@ -2579,7 +2584,7 @@ bt_sdp_advertise_service( PyObject *self, PyObject *args ) + *provider = NULL, + *description = NULL; + PyObject *service_classes, *profiles, *protocols; +- int namelen = 0, provlen = 0, desclen = 0; ++ Py_ssize_t namelen = 0, provlen = 0, desclen = 0; + uuid_t svc_uuid = { 0 }; + int i; + char addrbuf[256] = { 0 }; +diff --git a/msbt/_msbt.c b/msbt/_msbt.c +index b3d27ff..81f5ee9 100644 +--- a/msbt/_msbt.c ++++ b/msbt/_msbt.c +@@ -2,6 +2,8 @@ + #define UNICODE + #endif + ++#define PY_SSIZE_T_CLEAN 1 ++ + #include + #include + #include +@@ -155,7 +157,7 @@ static PyObject * + msbt_bind(PyObject *self, PyObject *args) + { + wchar_t *addrstr = NULL; +- int addrstrlen = -1; ++ Py_ssize_t addrstrlen = -1; + int sockfd = -1; + int port = -1; + char buf[100] = { 0 }; +@@ -765,7 +767,7 @@ msbt_set_service_raw(PyObject *self, PyObject *args) + WSAESETSERVICEOP op; + + char *record = NULL; +- int reclen = -1; ++ Py_ssize_t reclen = -1; + BTH_SET_SERVICE *si = NULL; + int silen = -1; + ULONG sdpVersion = BTH_SDP_VERSION; +-- +2.34.1 + diff --git a/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb b/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb index b32f3a36277..6a1df273a25 100644 --- a/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb +++ b/meta-python/recipes-devtools/python/python3-pybluez_0.23.bb @@ -7,6 +7,7 @@ DEPENDS = "bluez5" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=8a71d0475d08eee76d8b6d0c6dbec543" +SRC_URI += "file://0001-Use-Py_ssize_t-when-parsing-buffer-length-fix-426-42.patch" SRC_URI[md5sum] = "afbe8429bb82d2c46a3d0f5f4f898f9d" SRC_URI[sha256sum] = "c8f04d2e78951eaa9de486b4d49381704e8943d0a6e6e58f55fcd7b8582e90de" From 18767f177dc66e94055bf3ff39d846b739cfaf5c Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Fri, 20 May 2022 10:58:43 +0200 Subject: [PATCH 094/600] libgpiod: move test dependencies to ptest package This reverts and reworks commit e75cc87c4f944dff766c426fafafd48c378544fe These tools are needed by test-suites, not the package itself. I do not want bash (gpl3) or python (big/lot of dependencies) in my release image when I have ptest enabled in my distro for sdk/testing image. Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb b/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb index 35e68b7e24b..2cccf93bd5f 100644 --- a/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb +++ b/meta-oe/recipes-support/libgpiod/libgpiod_1.6.3.bb @@ -14,7 +14,7 @@ SRC_URI[sha256sum] = "841be9d788f00bab08ef22c4be5c39866f0e46cb100a3ae49ed816ac9c inherit autotools pkgconfig python3native ptest -PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,kmod udev glib-2.0 catch2,bats python3-packaging" +PACKAGECONFIG[tests] = "--enable-tests,--disable-tests,kmod udev glib-2.0 catch2" PACKAGECONFIG[cxx] = "--enable-bindings-cxx,--disable-bindings-cxx" PACKAGECONFIG[python3] = "--enable-bindings-python,--disable-bindings-python,python3" @@ -54,6 +54,7 @@ RRECOMMENDS:${PN}-ptest += " \ coreutils \ ${@bb.utils.contains('PACKAGECONFIG', 'python3', 'python3-unittest', '', d)} \ " +RDEPENDS:${PN}-ptest += "bats python3-packaging" PACKAGECONFIG:append = " ${@bb.utils.contains('DISTRO_FEATURES', 'ptest', 'tests', '', d)}" From 3d47772a01210433b6394585f213128a7be5c585 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Mon, 20 Jun 2022 16:48:39 +0800 Subject: [PATCH 095/600] dnsmasq: Security fix CVE-2022-0934 CVE-2022-0934: Heap use after free in dhcp6_no_relay Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-0934 Patch from: https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe Signed-off-by: Yi Zhao Signed-off-by: Armin Kuster --- .../dnsmasq/dnsmasq/CVE-2022-0934.patch | 191 ++++++++++++++++++ .../recipes-support/dnsmasq/dnsmasq_2.86.bb | 1 + 2 files changed, 192 insertions(+) create mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch b/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch new file mode 100644 index 00000000000..6bd734d756c --- /dev/null +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch @@ -0,0 +1,191 @@ +From 3cdecc159e0f417a2f8d43d99632af26beea630f Mon Sep 17 00:00:00 2001 +From: Simon Kelley +Date: Thu, 31 Mar 2022 21:35:20 +0100 +Subject: [PATCH] Fix write-after-free error in DHCPv6 code. CVE-2022-0934 + refers. + +CVE: CVE-2022-0934 + +Upstream-Status: Backport +[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe] + +Signed-off-by: Yi Zhao +--- + CHANGELOG | 3 +++ + src/rfc3315.c | 48 +++++++++++++++++++++++++++--------------------- + 2 files changed, 30 insertions(+), 21 deletions(-) + +diff --git a/CHANGELOG b/CHANGELOG +index 5e54df9..a28da2a 100644 +--- a/CHANGELOG ++++ b/CHANGELOG +@@ -1,4 +1,7 @@ + version 2.86 ++ Fix write-after-free error in DHCPv6 server code. ++ CVE-2022-0934 refers. ++ + Handle DHCPREBIND requests in the DHCPv6 server code. + Thanks to Aichun Li for spotting this omission, and the initial + patch. +diff --git a/src/rfc3315.c b/src/rfc3315.c +index 5c2ff97..6ecfeeb 100644 +--- a/src/rfc3315.c ++++ b/src/rfc3315.c +@@ -33,9 +33,9 @@ struct state { + unsigned int mac_len, mac_type; + }; + +-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, ++static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, + struct in6_addr *client_addr, int is_unicast, time_t now); +-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now); ++static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now); + static void log6_opts(int nest, unsigned int xid, void *start_opts, void *end_opts); + static void log6_packet(struct state *state, char *type, struct in6_addr *addr, char *string); + static void log6_quiet(struct state *state, char *type, struct in6_addr *addr, char *string); +@@ -104,12 +104,12 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if + } + + /* This cost me blood to write, it will probably cost you blood to understand - srk. */ +-static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, ++static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, + struct in6_addr *client_addr, int is_unicast, time_t now) + { + void *end = inbuff + sz; + void *opts = inbuff + 34; +- int msg_type = *((unsigned char *)inbuff); ++ int msg_type = *inbuff; + unsigned char *outmsgtypep; + void *opt; + struct dhcp_vendor *vendor; +@@ -259,15 +259,15 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, + return 1; + } + +-static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now) ++static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now) + { + void *opt; +- int i, o, o1, start_opts; ++ int i, o, o1, start_opts, start_msg; + struct dhcp_opt *opt_cfg; + struct dhcp_netid *tagif; + struct dhcp_config *config = NULL; + struct dhcp_netid known_id, iface_id, v6_id; +- unsigned char *outmsgtypep; ++ unsigned char outmsgtype; + struct dhcp_vendor *vendor; + struct dhcp_context *context_tmp; + struct dhcp_mac *mac_opt; +@@ -296,12 +296,13 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + v6_id.next = state->tags; + state->tags = &v6_id; + +- /* copy over transaction-id, and save pointer to message type */ +- if (!(outmsgtypep = put_opt6(inbuff, 4))) ++ start_msg = save_counter(-1); ++ /* copy over transaction-id */ ++ if (!put_opt6(inbuff, 4)) + return 0; + start_opts = save_counter(-1); +- state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16; +- ++ state->xid = inbuff[3] | inbuff[2] << 8 | inbuff[1] << 16; ++ + /* We're going to be linking tags from all context we use. + mark them as unused so we don't link one twice and break the list */ + for (context_tmp = state->context; context_tmp; context_tmp = context_tmp->current) +@@ -347,7 +348,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE)) + + { +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + o1 = new_opt6(OPTION6_STATUS_CODE); + put_opt6_short(DHCP6USEMULTI); + put_opt6_string("Use multicast"); +@@ -619,11 +620,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + struct dhcp_netid *solicit_tags; + struct dhcp_context *c; + +- *outmsgtypep = DHCP6ADVERTISE; ++ outmsgtype = DHCP6ADVERTISE; + + if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0)) + { +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + state->lease_allocate = 1; + o = new_opt6(OPTION6_RAPID_COMMIT); + end_opt6(o); +@@ -809,7 +810,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + int start = save_counter(-1); + + /* set reply message type */ +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + state->lease_allocate = 1; + + log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL); +@@ -924,7 +925,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + int address_assigned = 0; + + /* set reply message type */ +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + + log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL); + +@@ -1057,7 +1058,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + int good_addr = 0; + + /* set reply message type */ +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + + log6_quiet(state, "DHCPCONFIRM", NULL, NULL); + +@@ -1121,7 +1122,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname); + if (ignore) + return 0; +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + tagif = add_options(state, 1); + break; + } +@@ -1130,7 +1131,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + case DHCP6RELEASE: + { + /* set reply message type */ +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + + log6_quiet(state, "DHCPRELEASE", NULL, NULL); + +@@ -1195,7 +1196,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + case DHCP6DECLINE: + { + /* set reply message type */ +- *outmsgtypep = DHCP6REPLY; ++ outmsgtype = DHCP6REPLY; + + log6_quiet(state, "DHCPDECLINE", NULL, NULL); + +@@ -1275,7 +1276,12 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ + } + + } +- ++ ++ /* Fill in the message type. Note that we store the offset, ++ not a direct pointer, since the packet memory may have been ++ reallocated. */ ++ ((unsigned char *)(daemon->outpacket.iov_base))[start_msg] = outmsgtype; ++ + log_tags(tagif, state->xid); + log6_opts(0, state->xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1)); + +-- +2.25.1 + diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb index 31ca51ec602..0f7880ce8c7 100644 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb @@ -3,5 +3,6 @@ require dnsmasq.inc SRC_URI[dnsmasq-2.86.sha256sum] = "ef15f608a83ee2b1d1d2c1f11d089a7e0ac401ffb0991de73fc01ce5f290e512" SRC_URI += "\ file://lua.patch \ + file://CVE-2022-0934.patch \ " From d7aaee2c377cb4852f7cd602681967524d81126a Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Wed, 22 Jun 2022 17:38:17 +0800 Subject: [PATCH 096/600] chrony: create /var/lib/chrony by systemd-tmpfiles Ensure /var/lib/chrony exist to avoid error like: chronyd.service: Failed to set up mount namespacing: /run/systemd/unit-root/var/lib/chrony: No such> chronyd.service: Failed at step NAMESPACE spawning /usr/sbin/chronyd: No such file or directory Signed-off-by: Changqing Li Signed-off-by: Armin Kuster --- meta-networking/recipes-support/chrony/chrony_4.2.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-support/chrony/chrony_4.2.bb b/meta-networking/recipes-support/chrony/chrony_4.2.bb index 57dd635dc38..8ce9e1db553 100644 --- a/meta-networking/recipes-support/chrony/chrony_4.2.bb +++ b/meta-networking/recipes-support/chrony/chrony_4.2.bb @@ -126,6 +126,10 @@ do_install() { ${D}${systemd_unitdir}/system/chronyd.service sed -i 's!^PATH=.*!PATH=${base_sbindir}:${base_bindir}:${sbindir}:${bindir}!' ${D}${sysconfdir}/init.d/chronyd sed -i 's!^EnvironmentFile=.*!EnvironmentFile=-${sysconfdir}/default/chronyd!' ${D}${systemd_unitdir}/system/chronyd.service + + install -d ${D}${sysconfdir}/tmpfiles.d + echo "d /var/lib/chrony 0755 root root -" > ${D}${sysconfdir}/tmpfiles.d/chronyd.conf + } FILES:${PN} = "${sbindir}/chronyd ${sysconfdir} ${localstatedir}/lib/chrony ${localstatedir}" From 7040cffbb06b2ae0a03b5353b2698a5c5ead9172 Mon Sep 17 00:00:00 2001 From: Javier Viguera Date: Mon, 27 Jun 2022 15:39:14 +0200 Subject: [PATCH 097/600] networkmanager: fix build with enabled ppp If 'ppp' packageconfig option is enabled, but the build system does NOT have pppd binary installed, the build fails with: | Has header "pppd/pppd.h" : YES | Program pppd /sbin/pppd /usr/sbin/pppd found: NO | | ../NetworkManager-1.36.2/meson.build:570:4: ERROR: Assert failed: pppd required but not found, please provide a valid pppd path or use -Dppp=false to disable it This is due to meson trying to look for the 'pppd' binary in the build system when it should not. If the build system does not contain pppd, the build fails. Signed-off-by: Javier Viguera Signed-off-by: Armin Kuster --- .../networkmanager/networkmanager_1.36.2.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb index 6c665d53bb5..e3b1296a6bc 100644 --- a/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb +++ b/meta-networking/recipes-connectivity/networkmanager/networkmanager_1.36.2.bb @@ -83,7 +83,7 @@ PACKAGECONFIG[bluez5] = "-Dbluez5_dun=true,-Dbluez5_dun=false,bluez5" # consolekit is not picked by shlibs, so add it to RDEPENDS too PACKAGECONFIG[consolekit] = "-Dsession_tracking_consolekit=true,-Dsession_tracking_consolekit=false,consolekit,consolekit" PACKAGECONFIG[modemmanager] = "-Dmodem_manager=true,-Dmodem_manager=false,modemmanager mobile-broadband-provider-info" -PACKAGECONFIG[ppp] = "-Dppp=true,-Dppp=false,ppp,ppp" +PACKAGECONFIG[ppp] = "-Dppp=true -Dpppd=/usr/sbin/pppd,-Dppp=false,ppp,ppp" PACKAGECONFIG[dnsmasq] = "-Ddnsmasq=${bindir}/dnsmasq" PACKAGECONFIG[nss] = "-Dcrypto=nss,,nss" PACKAGECONFIG[resolvconf] = "-Dresolvconf=${base_sbindir}/resolvconf,-Dresolvconf=no,,resolvconf" From 6ff027e8d33414fe03fa41ae80c065a54c0cb1ad Mon Sep 17 00:00:00 2001 From: Yue Tao Date: Wed, 29 Jun 2022 16:56:50 +0800 Subject: [PATCH 098/600] exo: upgrade 4.16.3 -> 4.16.4 To fix CVE-2022-32278 Upstream fix is: https://gitlab.xfce.org/xfce/exo/-/commit/c71c04ff5882b2866a0d8506fb460d4ef796de9f Signed-off-by: Yue Tao Signed-off-by: Armin Kuster --- meta-xfce/recipes-xfce/exo/{exo_4.16.3.bb => exo_4.16.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-xfce/recipes-xfce/exo/{exo_4.16.3.bb => exo_4.16.4.bb} (88%) diff --git a/meta-xfce/recipes-xfce/exo/exo_4.16.3.bb b/meta-xfce/recipes-xfce/exo/exo_4.16.4.bb similarity index 88% rename from meta-xfce/recipes-xfce/exo/exo_4.16.3.bb rename to meta-xfce/recipes-xfce/exo/exo_4.16.4.bb index 2b164442f8e..b97d9943f42 100644 --- a/meta-xfce/recipes-xfce/exo/exo_4.16.3.bb +++ b/meta-xfce/recipes-xfce/exo/exo_4.16.4.bb @@ -14,7 +14,7 @@ SRC_URI += " \ file://configure.patch \ " -SRC_URI[sha256sum] = "722dff3c3fe23f0a65405e63889cf247c99d092d3f9fb16dec78d062cfb8fae6" +SRC_URI[sha256sum] = "82a50c67e78f1e5c420b7615515bcca759b86eeab99224ab8eca4306b89d2eca" # Note: python bindings did not work in oe-dev and are about to be moved to # pyxfce see http://comments.gmane.org/gmane.comp.desktop.xfce.devel.version4/19560 From e4c5f5b3593c4dc058053e92b28306bf7e765d75 Mon Sep 17 00:00:00 2001 From: wangmy Date: Mon, 27 Jun 2022 15:00:25 +0800 Subject: [PATCH 099/600] postgresql: upgrade 14.3 -> 14.4 0001-configure.ac-bypass-autoconf-2.69-version-check.patch refreshed for new version. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit a9db38fa9a1fc50eca653816a7bfeda0251f0b6b) Signed-off-by: Armin Kuster --- ...01-configure.ac-bypass-autoconf-2.69-version-check.patch | 6 +++--- .../postgresql/{postgresql_14.3.bb => postgresql_14.4.bb} | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename meta-oe/recipes-dbs/postgresql/{postgresql_14.3.bb => postgresql_14.4.bb} (80%) diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch index 78f24585e80..2256bccecec 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -1,4 +1,4 @@ -From f7084ba49758a6b8db46b917b7c0f831bd65a08f Mon Sep 17 00:00:00 2001 +From 07e605015fad0621c3e67133ff9330a5c6318daa Mon Sep 17 00:00:00 2001 From: Yi Fan Yu Date: Fri, 5 Feb 2021 17:15:42 -0500 Subject: [PATCH] configure.ac: bypass autoconf 2.69 version check @@ -14,12 +14,12 @@ Signed-off-by: Yi Fan Yu 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac -index d3c55f2..9120184 100644 +index 04ef7be..0eb595b 100644 --- a/configure.ac +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [14.3], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [14.4], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb similarity index 80% rename from meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb rename to meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb index c686c9b3581..01a6ee635e6 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.3.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb @@ -10,4 +10,4 @@ SRC_URI += "\ file://remove_duplicate.patch \ " -SRC_URI[sha256sum] = "279057368bf59a919c05ada8f95c5e04abb43e74b9a2a69c3d46a20e07a9af38" +SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a" From 1cd38eed74a1e1700f83b65193e421e67bbf9aaa Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Wed, 29 Jun 2022 14:53:05 +0800 Subject: [PATCH 100/600] strongswan: upgrade 5.9.5 -> 5.9.6 * Drop backport patch 0001-openssl-Don-t-unload-providers.patch * Backport a patch to fix the build error: src/libstrongswan/utils/enum.c: In function 'enum_flags_to_string': src/libstrongswan/utils/enum.c:100:9: error: format not a string literal and no format arguments [-Werror=format-security] 100 | if (snprintf(buf, len, e->names[0]) >= len) | ^~ Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 689e8422b836d804d9ab102cb3de0a4f6e1f24c8) Signed-off-by: Armin Kuster --- .../0001-enum-Fix-compiler-warning.patch | 31 +++++++ .../0001-openssl-Don-t-unload-providers.patch | 92 ------------------- ...trongswan_5.9.5.bb => strongswan_5.9.6.bb} | 4 +- 3 files changed, 33 insertions(+), 94 deletions(-) create mode 100644 meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch delete mode 100644 meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch rename meta-networking/recipes-support/strongswan/{strongswan_5.9.5.bb => strongswan_5.9.6.bb} (98%) diff --git a/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch b/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch new file mode 100644 index 00000000000..e730fe1cd0f --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/0001-enum-Fix-compiler-warning.patch @@ -0,0 +1,31 @@ +From d23c0ea81e630af3cfda89aeeb52146c0c84c960 Mon Sep 17 00:00:00 2001 +From: Tobias Brunner +Date: Mon, 2 May 2022 09:31:49 +0200 +Subject: [PATCH] enum: Fix compiler warning + +Closes strongswan/strongswan#1025 + +Upstream-Status: Backport +[https://github.com/strongswan/strongswan/commit/d23c0ea81e630af3cfda89aeeb52146c0c84c960] + +Signed-off-by: Yi Zhao +--- + src/libstrongswan/utils/enum.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/libstrongswan/utils/enum.c b/src/libstrongswan/utils/enum.c +index 79da450f0c..1e77489f6f 100644 +--- a/src/libstrongswan/utils/enum.c ++++ b/src/libstrongswan/utils/enum.c +@@ -97,7 +97,7 @@ char *enum_flags_to_string(enum_name_t *e, u_int val, char *buf, size_t len) + return buf; + } + +- if (snprintf(buf, len, e->names[0]) >= len) ++ if (snprintf(buf, len, "%s", e->names[0]) >= len) + { + return NULL; + } +-- +2.25.1 + diff --git a/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch b/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch deleted file mode 100644 index 7da48cd2cfe..00000000000 --- a/meta-networking/recipes-support/strongswan/files/0001-openssl-Don-t-unload-providers.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 3eecd40cec6415fc033f8d9141ab652047e71524 Mon Sep 17 00:00:00 2001 -From: Tobias Brunner -Date: Wed, 23 Feb 2022 17:29:02 +0100 -Subject: [PATCH] openssl: Don't unload providers - -There is a conflict between atexit() handlers registered by OpenSSL and -some executables (e.g. swanctl or pki) to deinitialize libstrongswan. -Because plugins are usually loaded after atexit() has been called, the -handler registered by OpenSSL will run before our handler. So when the -latter destroys the plugins it's a bad idea to try to access any OpenSSL -objects as they might already be invalid. - -Fixes: f556fce16b60 ("openssl: Load "legacy" provider in OpenSSL 3 for algorithms like MD4, DES etc.") -Closes strongswan/strongswan#921 - -Upstream-Status: Backport -[https://github.com/strongswan/strongswan/commit/3eecd40cec6415fc033f8d9141ab652047e71524] - -Signed-off-by: Yi Zhao ---- - .../plugins/openssl/openssl_plugin.c | 27 +++---------------- - 1 file changed, 3 insertions(+), 24 deletions(-) - -diff --git a/src/libstrongswan/plugins/openssl/openssl_plugin.c b/src/libstrongswan/plugins/openssl/openssl_plugin.c -index 6b4923649..1491d5cf8 100644 ---- a/src/libstrongswan/plugins/openssl/openssl_plugin.c -+++ b/src/libstrongswan/plugins/openssl/openssl_plugin.c -@@ -16,7 +16,6 @@ - - #include - #include --#include - #include - #include - #include -@@ -74,13 +73,6 @@ struct private_openssl_plugin_t { - * public functions - */ - openssl_plugin_t public; -- --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- /** -- * Loaded providers -- */ -- array_t *providers; --#endif - }; - - /** -@@ -887,15 +879,6 @@ METHOD(plugin_t, get_features, int, - METHOD(plugin_t, destroy, void, - private_openssl_plugin_t *this) - { --#if OPENSSL_VERSION_NUMBER >= 0x30000000L -- OSSL_PROVIDER *provider; -- while (array_remove(this->providers, ARRAY_TAIL, &provider)) -- { -- OSSL_PROVIDER_unload(provider); -- } -- array_destroy(this->providers); --#endif /* OPENSSL_VERSION_NUMBER */ -- - /* OpenSSL 1.1.0 cleans up itself at exit and while OPENSSL_cleanup() exists we - * can't call it as we couldn't re-initialize the library (as required by the - * unit tests and the Android app) */ -@@ -1009,20 +992,16 @@ plugin_t *openssl_plugin_create() - DBG1(DBG_LIB, "unable to load OpenSSL FIPS provider"); - return NULL; - } -- array_insert_create(&this->providers, ARRAY_TAIL, fips); - /* explicitly load the base provider containing encoding functions */ -- array_insert_create(&this->providers, ARRAY_TAIL, -- OSSL_PROVIDER_load(NULL, "base")); -+ OSSL_PROVIDER_load(NULL, "base"); - } - else if (lib->settings->get_bool(lib->settings, "%s.plugins.openssl.load_legacy", - TRUE, lib->ns)) - { - /* load the legacy provider for algorithms like MD4, DES, BF etc. */ -- array_insert_create(&this->providers, ARRAY_TAIL, -- OSSL_PROVIDER_load(NULL, "legacy")); -+ OSSL_PROVIDER_load(NULL, "legacy"); - /* explicitly load the default provider, as mentioned by crypto(7) */ -- array_insert_create(&this->providers, ARRAY_TAIL, -- OSSL_PROVIDER_load(NULL, "default")); -+ OSSL_PROVIDER_load(NULL, "default"); - } - ossl_provider_names_t data = {}; - OSSL_PROVIDER_do_all(NULL, concat_ossl_providers, &data); --- -2.25.1 - diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb b/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb similarity index 98% rename from meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb rename to meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb index cfb7b41fa4b..1b82dceac2f 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.5.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb @@ -9,10 +9,10 @@ DEPENDS = "flex-native flex bison-native" DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}" SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ - file://0001-openssl-Don-t-unload-providers.patch \ + file://0001-enum-Fix-compiler-warning.patch \ " -SRC_URI[sha256sum] = "983e4ef4a4c6c9d69f5fe6707c7fe0b2b9a9291943bbf4e008faab6bf91c0bdd" +SRC_URI[sha256sum] = "91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7" UPSTREAM_CHECK_REGEX = "strongswan-(?P\d+(\.\d+)+)\.tar" From fb7b26b0fb243620f52a61296f4eda6af6ad1af6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Aur=C3=A9lien=20Bertron?= Date: Mon, 20 Jun 2022 20:05:32 +0200 Subject: [PATCH 101/600] fix(syslog-ng): warning about conf version The service warned on startup about running in compatibility mode since the configuration version was "3.31" instead of "3.36". Signed-off-by: Khem Raj (cherry picked from commit e80ce510e187c00d6932027ac495a1d06f6a702f) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd | 2 +- meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd index b63f46ddc35..851bf252b7e 100644 --- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.systemd @@ -1,4 +1,4 @@ -@version: 3.31 +@version: 3.36 # # Syslog-ng configuration file, compatible with default Debian syslogd # installation. Originally written by anonymous (I can't find his name) diff --git a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit index 07cd3b0868a..70afd0da847 100644 --- a/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit +++ b/meta-oe/recipes-support/syslog-ng/files/syslog-ng.conf.sysvinit @@ -1,4 +1,4 @@ -@version: 3.31 +@version: 3.36 # # Syslog-ng configuration file, compatible with default Debian syslogd # installation. Originally written by anonymous (I can't find his name) From c455cbab36b49403fd1b8190a3acb9604145c086 Mon Sep 17 00:00:00 2001 From: Jeremy Puhlman Date: Fri, 1 Jul 2022 11:52:44 -0700 Subject: [PATCH 102/600] freeradius: mutlilib fixes Define raddbdir based on multilib Add multilib headers and scripts for conflicting content Signed-off-by: Khem Raj (cherry picked from commit 8687d488f7352fa0c5c7dbc919aa14e577ce153e) Signed-off-by: Armin Kuster --- .../freeradius/freeradius_3.0.21.bb | 34 ++++++++++++------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index da7e60419ec..453e514b671 100644 --- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -34,6 +34,8 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0 file://check-openssl-cmds-in-script-bootstrap.patch \ " +raddbdir="${sysconfdir}/${MLPREFIX}raddb" + SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" PARALLEL_MAKE = "" @@ -48,6 +50,7 @@ EXTRA_OECONF = " --enable-strict-dependencies \ --with-docdir=${docdir}/freeradius-${PV} \ --with-openssl-includes=${STAGING_INCDIR} \ --with-openssl-libraries=${STAGING_LIBDIR} \ + --with-raddbdir=${raddbdir} \ --without-rlm_ippool \ --without-rlm_cache_memcached \ --without-rlm_counter \ @@ -98,7 +101,9 @@ PACKAGECONFIG[openssl] = "--with-openssl, --without-openssl" PACKAGECONFIG[rlm-eap-fast] = "--with-rlm_eap_fast, --without-rlm_eap_fast" PACKAGECONFIG[rlm-eap-pwd] = "--with-rlm_eap_pwd, --without-rlm_eap_pwd" -inherit useradd autotools-brokensep update-rc.d systemd +inherit useradd autotools-brokensep update-rc.d systemd multilib_script multilib_header + +MULTILIB_SCRIPTS = "${PN}:${sbindir}/checkrad" # This is not a cpan or python based package, but it needs some definitions # from cpan-base and python3-dir bbclasses for building rlm_perl and rlm_python @@ -141,7 +146,7 @@ do_install() { oe_runmake install R=${D} INSTALLSTRIP="" # remove unsupported config files - rm -f ${D}/${sysconfdir}/raddb/experimental.conf + rm -f ${D}/${raddbdir}/experimental.conf # remove scripts that required Perl(DBI) rm -rf ${D}/${bindir}/radsqlrelay @@ -153,7 +158,7 @@ do_install() { rm -rf ${D}/${localstatedir}/log/ install -m 0644 ${WORKDIR}/volatiles.58_radiusd ${D}${sysconfdir}/default/volatiles/58_radiusd - chown -R radiusd:radiusd ${D}/${sysconfdir}/raddb/ + chown -R radiusd:radiusd ${D}/${raddbdir} chown -R radiusd:radiusd ${D}/${localstatedir}/lib/radiusd # For systemd @@ -169,6 +174,9 @@ do_install() { install -d ${D}${sysconfdir}/tmpfiles.d/ install -m 0644 ${WORKDIR}/radiusd-volatiles.conf ${D}${sysconfdir}/tmpfiles.d/radiusd.conf fi + oe_multilib_header freeradius/autoconf.h + oe_multilib_header freeradius/missing.h + oe_multilib_header freeradius/radpaths.h } # This is only needed when we install/update on a running target. @@ -183,7 +191,7 @@ pkg_postinst:${PN} () { fi # Fix ownership for /etc/raddb/*, /var/lib/radiusd - chown -R radiusd:radiusd ${sysconfdir}/raddb + chown -R radiusd:radiusd ${raddbdir} chown -R radiusd:radiusd ${localstatedir}/lib/radiusd fi } @@ -204,30 +212,30 @@ PACKAGES =+ "${PN}-utils ${PN}-ldap ${PN}-krb5 ${PN}-perl \ FILES:${PN}-utils = "${bindir}/*" FILES:${PN}-ldap = "${libdir}/rlm_ldap.so* \ - ${sysconfdir}/raddb/mods-available/ldap \ + ${raddbdir}/mods-available/ldap \ " FILES:${PN}-krb5 = "${libdir}/rlm_krb5.so* \ - ${sysconfdir}/raddb/mods-available/krb5 \ + ${raddbdir}/mods-available/krb5 \ " FILES:${PN}-perl = "${libdir}/rlm_perl.so* \ - ${sysconfdir}/raddb/mods-config/perl \ - ${sysconfdir}/raddb/mods-available/perl \ + ${raddbdir}/mods-config/perl \ + ${raddbdir}/mods-available/perl \ " FILES:${PN}-python = "${libdir}/rlm_python3.so* \ - ${sysconfdir}/raddb/mods-config/python3 \ - ${sysconfdir}/raddb/mods-available/python3 \ + ${raddbdir}/mods-config/python3 \ + ${raddbdir}/mods-available/python3 \ " FILES:${PN}-mysql = "${libdir}/rlm_sql_mysql.so* \ - ${sysconfdir}/raddb/mods-config/sql/*/mysql \ - ${sysconfdir}/raddb/mods-available/sql \ + ${raddbdir}/mods-config/sql/*/mysql \ + ${raddbdir}/mods-available/sql \ " FILES:${PN}-postgresql = "${libdir}/rlm_sql_postgresql.so* \ - ${sysconfdir}/raddb/mods-config/sql/*/postgresql \ + ${raddbdir}/mods-config/sql/*/postgresql \ " FILES:${PN}-unixodbc = "${libdir}/rlm_sql_unixodbc.so*" From 97375c77128ab2ac51f480ebb1c1c10974b71287 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 4 Jul 2022 11:40:55 +0200 Subject: [PATCH 103/600] emlog: ignore unrelated CVEs This product is not present in the NVD database but another one with exactly the same name is in fact present. For that reason cve-check is outputting CVEs that are unrelated so they can be ignored. Signed-off-by: Davide Gardenal Signed-off-by: Armin Kuster --- meta-oe/recipes-core/emlog/emlog_git.bb | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index be9ae58232c..05fa0c334cb 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -24,3 +24,14 @@ do_install() { } RRECOMMENDS:${PN} += "kernel-module-emlog" + +# The NVD database doesn't have a CPE for this product, +# the name of this product is exactly the same as github.com/emlog/emlog +# but it's not related in any way. The following CVEs are from that project +# so they can be safely ignored +CVE_CHECK_IGNORE += "\ + CVE-2019-16868 \ + CVE-2019-17073 \ + CVE-2021-44584 \ + CVE-2022-1526 \ +" From bf2822d59919c729d388d3c2a4c6d72b309969f5 Mon Sep 17 00:00:00 2001 From: Yue Tao Date: Mon, 4 Jul 2022 16:03:25 +0800 Subject: [PATCH 104/600] dlt-daemon: upgrade to commit 6a3bd901d8 to fix CVE-2022-31291 The upstream commit fcb676a79d introduced new option WITH_DLT_ADAPTOR_UDP to select dlt-adaptor-udp.service instread of WITH_DLT_ADAPTOR, so update the PACKAGECONFIG. Signed-off-by: Yue Tao Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb index 2cea50dfb04..7a613bcc939 100644 --- a/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb +++ b/meta-oe/recipes-extended/dlt-daemon/dlt-daemon_2.18.8.bb @@ -19,7 +19,7 @@ SRC_URI = "git://github.com/GENIVI/${BPN}.git;protocol=https;branch=master \ file://0004-Modify-systemd-config-directory.patch \ file://0001-cmake-Link-with-libatomic-on-rv32-rv64.patch \ " -SRCREV = "0138c00811c86eab4ff6bff3c6528163885ade19" +SRCREV = "6a3bd901d825c7206797e36ea98e10a218f5aad2" PV .= "+2.18.9git${SRCPV}" @@ -27,7 +27,7 @@ S = "${WORKDIR}/git" LDFLAGS:append:riscv64 = " -latomic" -PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd systemd-watchdog systemd-journal dlt-examples dlt-adaptor dlt-console ', '', d)} \ +PACKAGECONFIG ?= "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', ' systemd systemd-watchdog systemd-journal dlt-examples dlt-adaptor dlt-adaptor-udp dlt-console ', '', d)} \ udp-connection dlt-system dlt-filetransfer " # dlt-dbus @@ -44,6 +44,7 @@ PACKAGECONFIG[udp-connection] = "-DWITH_UDP_CONNECTION=ON,-DWITH_UDP_CONNECTION= # Command line options PACKAGECONFIG[dlt-system] = "-DWITH_DLT_SYSTEM=ON,-DWITH_DLT_SYSTEM=OFF" PACKAGECONFIG[dlt-adaptor] = "-DWITH_DLT_ADAPTOR=ON,-DWITH_DLT_ADAPTOR=OFF,,dlt-daemon-systemd" +PACKAGECONFIG[dlt-adaptor-udp] = "-DWITH_DLT_ADAPTOR_UDP=ON,-DWITH_DLT_ADAPTOR_UDP=OFF,,dlt-daemon-systemd" PACKAGECONFIG[dlt-filetransfer] = "-DWITH_DLT_FILETRANSFER=ON,-DWITH_DLT_FILETRANSFER=OFF" PACKAGECONFIG[dlt-console] = "-DWITH_DLT_CONSOLE=ON,-DWITH_DLT_CONSOLE=OFF,,dlt-daemon-systemd" @@ -58,7 +59,7 @@ SYSTEMD_SERVICE:${PN} = " ${@bb.utils.contains('PACKAGECONFIG', 'systemd', 'dlt. ${@bb.utils.contains('PACKAGECONFIG', 'dlt-dbus', 'dlt-dbus.service', '', d)}" SYSTEMD_AUTO_ENABLE:${PN} = "enable" SYSTEMD_SERVICE:${PN}-systemd = " \ - ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor', 'dlt-adaptor-udp.service', '', d)} \ + ${@bb.utils.contains('PACKAGECONFIG', 'dlt-adaptor-udp', 'dlt-adaptor-udp.service', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples', 'dlt-example-user.service', '', d)} \ ${@bb.utils.contains('PACKAGECONFIG', 'dlt-examples dlt-console', 'dlt-receive.service', '', d)} \ " From e5b177aea4e1fe7607bd87fb8566a3c6e5ec1a57 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Tue, 5 Jul 2022 09:41:54 +0530 Subject: [PATCH 105/600] cyrus-sasl: CVE-2022-24407 failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands Source: https://github.com/cyrusimap/cyrus-sasl MR: 118497 Type: Security Fix Disposition: Backport from https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc ChangeID: 4736aae2b7d8986787b1666cfd6eecd590915120 Description: CVE-2022-24407 cyrus-sasl: failure to properly escape SQL input allows an attacker to execute arbitrary SQL commands. Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../cyrus-sasl/CVE-2022-24407.patch | 27 +++++++++++++++++++ .../cyrus-sasl/cyrus-sasl_2.1.28.bb | 1 + 2 files changed, 28 insertions(+) create mode 100644 meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch new file mode 100644 index 00000000000..3d67f474146 --- /dev/null +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl/CVE-2022-24407.patch @@ -0,0 +1,27 @@ +From 078f98ea154475d953ce5b7cd851732f4dc270a7 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Tue, 5 Jul 2022 09:31:07 +0530 +Subject: [PATCH] CVE-2022-24407 + +Upstream-Status: Backport [https://github.com/cyrusimap/cyrus-sasl/commit/9eff746c9daecbcc0041b09a5a51ba30738cdcbc] +CVE: CVE-2022-24407 +Signed-off-by: Hitendra Prajapati +--- + plugins/sql.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/plugins/sql.c b/plugins/sql.c +index 6ac81c2f..d90dbac9 100644 +--- a/plugins/sql.c ++++ b/plugins/sql.c +@@ -1127,6 +1127,7 @@ static int sql_auxprop_lookup(void *glob_context, + done: + if (escap_userid) sparams->utils->free(escap_userid); + if (escap_realm) sparams->utils->free(escap_realm); ++ if (escap_passwd) sparams->utils->free(escap_passwd); + if (conn) settings->sql_engine->sql_close(conn); + if (userid) sparams->utils->free(userid); + if (realm) sparams->utils->free(realm); +-- +2.25.1 + diff --git a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb index 98899dfd5e5..e344733ef4c 100644 --- a/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb +++ b/meta-networking/recipes-daemons/cyrus-sasl/cyrus-sasl_2.1.28.bb @@ -14,6 +14,7 @@ SRC_URI = "git://github.com/cyrusimap/cyrus-sasl;protocol=https;branch=cyrus-sas file://saslauthd.service \ file://saslauthd.conf \ file://CVE-2019-19906.patch \ + file://CVE-2022-24407.patch \ " UPSTREAM_CHECK_URI = "https://github.com/cyrusimap/cyrus-sasl/archives" From 1a09e4ffd29af497dcf7e6e88e75611f5ff89636 Mon Sep 17 00:00:00 2001 From: wangmy Date: Tue, 5 Jul 2022 13:35:30 +0800 Subject: [PATCH 106/600] php: upgrade 8.1.6 -> 8.1.7 Changelog: ========== https://www.php.net/ChangeLog-8.php#8.1.7 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 75749fa360f32ed0b5c2e09c359e245e58cc7131) Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.6.bb => php_8.1.7.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.6.bb => php_8.1.7.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.6.bb b/meta-oe/recipes-devtools/php/php_8.1.7.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.6.bb rename to meta-oe/recipes-devtools/php/php_8.1.7.bb index 96af595a45a..e9e8eccf3a6 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.6.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.7.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "7b353304b7407554f70d3e101a226a1fc22decae5c4c42ed270c4e389bfa1b66" +SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d" inherit autotools pkgconfig python3native gettext From 4eaa3091e65723730a2fdbf84f8fc57a98f5db47 Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 5 Jul 2022 20:52:33 -0700 Subject: [PATCH 107/600] ntfs-3g-ntfsprogs: upgrade to 2022.5.17 Upgrade from 2021.8.22 to 2022.5.17. This upgrade mainly include CVE fixes. According to https://github.com/tuxera/ntfs-3g/releases: """ Changelog: * Improved defence against maliciously tampered NTFS partitions * Improved defence against improper use of options * Updated the documentation """ Signed-off-by: Chen Qi Signed-off-by: Armin Kuster --- ...g-ntfsprogs_2021.8.22.bb => ntfs-3g-ntfsprogs_2022.5.17.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2021.8.22.bb => ntfs-3g-ntfsprogs_2022.5.17.bb} (93%) diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb similarity index 93% rename from meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb rename to meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb index c7702878599..b29716ad493 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2021.8.22.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb @@ -10,8 +10,7 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -SRC_URI[md5sum] = "90da343e78877d388eb34cefae6799ae" -SRC_URI[sha256sum] = "55b883aa05d94b2ec746ef3966cb41e66bed6db99f22ddd41d1b8b94bb202efb" +SRC_URI[sha256sum] = "0489fbb6972581e1b417ab578d543f6ae522e7fa648c3c9b49c789510fd5eb93" UPSTREAM_CHECK_URI = "https://www.tuxera.com/community/open-source-ntfs-3g/" UPSTREAM_CHECK_REGEX = "ntfs-3g_ntfsprogs-(?P\d+(\.\d+)+)\.tgz" From 2dd643aa8cdc01245383325c88527fcd72cbe5c3 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Tue, 5 Jul 2022 10:45:14 +0200 Subject: [PATCH 108/600] imagemagick: upgrade 7.0.10-25 -> 7.0.10-62 This upgrade includes patches for the following CVEs: - CVE-2020-13902 - CVE-2020-27829 - CVE-2020-29599 - CVE-2021-20176 - CVE-2021-20241 - CVE-2021-20243 - CVE-2021-20244 - CVE-2021-20245 - CVE-2021-20246 - CVE-2021-3596 Signed-off-by: Davide Gardenal Signed-off-by: Armin Kuster --- meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb index 008a83f46d7..b8167f5a726 100644 --- a/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb +++ b/meta-oe/recipes-support/imagemagick/imagemagick_7.0.10.bb @@ -4,15 +4,15 @@ HOMEPAGE = "https://www.imagemagick.org/" DESCRIPTION = "ImageMagick is a collection of tools for displaying, converting, and \ editing raster and vector image files. It can read and write over 200 image file formats." LICENSE = "ImageMagick" -LIC_FILES_CHKSUM = "file://LICENSE;md5=41b4fa9af60c88e61484b02c0561181a \ - file://NOTICE;md5=a2aa6e41f8a40700196a9ce301693e34" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b97c12a9213df1499565d69b92c73dd7 \ + file://NOTICE;md5=d8b9d2ccf273687ad12ebd06e5d8478f" # FIXME: There are many more checked libraries. All should be added or explicitly disabled to get consistent results. DEPENDS = "lcms bzip2 jpeg libpng tiff zlib fftw freetype libtool" BASE_PV := "${PV}" -PV .= "_25" +PV .= "-62" SRC_URI = "git://github.com/ImageMagick/ImageMagick.git;branch=main;protocol=https" -SRCREV = "8b4e00829eb84d4e7b4da11acf1f98f1e8166e5b" +SRCREV = "35b4991eb0939a327f3489988c366e21068b0178" S = "${WORKDIR}/git" From 6d1dbf79a0ede44e4fcfe1eb6cefe7ec0770a307 Mon Sep 17 00:00:00 2001 From: Adrian Freihofer Date: Thu, 7 Jul 2022 11:48:48 +0200 Subject: [PATCH 109/600] modemmanager: update to 1.18.8 * A new connection status dispatcher setup is provided, where users can provide custom scripts that will be called on bearer connect/disconnect events. This dispatcher will make the netifd integration in openwrt work much better, as we'll be able to report network-initiated disconnections cleanly to netifd. There are no default connection status dispatcher scripts installed, but it's suggested distributions make sure the following directories exist: - ${sysconfdir}/ModemManager/connection.d/ - ${libdir}/ModemManager/connection.d/ * API: ** Add missing Simple interface definitions in ModemManager-names.h. * Build: ** meson: fix daemon enums dependencies. ** meson: fix port enums includes. ** meson: fix 'export_packages' in GIR setup. ** meson: fix simtech plugin module name. ** systemd: don't run ModemManager in containers. * Core: ** serial: ensure the port object is valid after BUFFER_FULL handling. ** netlink: use unaligned netlink attribute length. ** netlink: only change IFF_UP flag. ** bearer: match unknown auth to chap in loose comparisons. ** charsets: return error if UTF-8 validation fails. ** fcc-unlock: make scripts POSIX shell compatible. ** modem-helpers: consider minimum ID when choosing best profile. ** modem-helpers: fix reading given in COPS=? responses. ** sms: prevent crash if date is out of range. ** profile-manager: fix copy-paste error on tags for quarks. * QMI: ** Ignore slot status indications until initial status is known. ** Return error when loading capabilities if none is found. * MBIM: ** Default initial EPS bearer's auth to chap when unknown. ** Update default error when network error is out of range. * mmcli: ** Fix key length when printing list of items. * Plugins: ** linktop: new port type hints. ** cinterion: add support for PLSx3w modems ** huawei: disable +CPOL based features in Huawei E226 * Several other minor improvements and fixes. Signed-off-by: Adrian Freihofer Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- ...-shell-scripts-to-use-bin-sh-for-use.patch | 42 ++++---- ...-Make-scripts-POSIX-shell-compatible.patch | 100 ------------------ ...nager_1.18.6.bb => modemmanager_1.18.8.bb} | 5 +- 3 files changed, 24 insertions(+), 123 deletions(-) delete mode 100644 meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch rename meta-oe/recipes-connectivity/modemmanager/{modemmanager_1.18.6.bb => modemmanager_1.18.8.bb} (92%) diff --git a/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch b/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch index 7c3e7750af1..914760512a7 100644 --- a/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch +++ b/meta-oe/recipes-connectivity/modemmanager/files/0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch @@ -1,42 +1,44 @@ -From f7a3292c1c753b29384e216693f51a4213fea7d0 Mon Sep 17 00:00:00 2001 +From 35173fa04d0116ba30a86dc1a19f859f2be14a24 Mon Sep 17 00:00:00 2001 From: "Bruce A. Johnson" Date: Wed, 22 Dec 2021 14:24:02 -0500 -Subject: [PATCH 1/2] core: switch bash shell scripts to use /bin/sh for use +Subject: [PATCH] core: switch bash shell scripts to use /bin/sh for use w/Busybox. Fixes https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/issues/483 + +%% original patch: 0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch --- - data/fcc-unlock/105b | 2 +- - data/fcc-unlock/1199 | 2 +- - data/fcc-unlock/1eac | 2 +- - test/mmcli-test-sms | 2 +- - tools/tests/test-wrapper.sh.in | 2 +- + data/dispatcher-fcc-unlock/105b | 2 +- + data/dispatcher-fcc-unlock/1199 | 2 +- + data/dispatcher-fcc-unlock/1eac | 2 +- + test/mmcli-test-sms | 2 +- + tools/tests/test-wrapper.sh.in | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) -diff --git a/data/fcc-unlock/105b b/data/fcc-unlock/105b -index 21fe5329..f276050f 100644 ---- a/data/fcc-unlock/105b -+++ b/data/fcc-unlock/105b +diff --git a/data/dispatcher-fcc-unlock/105b b/data/dispatcher-fcc-unlock/105b +index 444bd51f..772c90f4 100644 +--- a/data/dispatcher-fcc-unlock/105b ++++ b/data/dispatcher-fcc-unlock/105b @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # SPDX-License-Identifier: CC0-1.0 # 2021 Aleksander Morgado -diff --git a/data/fcc-unlock/1199 b/data/fcc-unlock/1199 -index 0109c6ab..e1d3804c 100644 ---- a/data/fcc-unlock/1199 -+++ b/data/fcc-unlock/1199 +diff --git a/data/dispatcher-fcc-unlock/1199 b/data/dispatcher-fcc-unlock/1199 +index 83ab2c9e..6dbf8d1b 100644 +--- a/data/dispatcher-fcc-unlock/1199 ++++ b/data/dispatcher-fcc-unlock/1199 @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh # SPDX-License-Identifier: CC0-1.0 # 2021 Aleksander Morgado -diff --git a/data/fcc-unlock/1eac b/data/fcc-unlock/1eac -index 1068d9c2..d9342852 100644 ---- a/data/fcc-unlock/1eac -+++ b/data/fcc-unlock/1eac +diff --git a/data/dispatcher-fcc-unlock/1eac b/data/dispatcher-fcc-unlock/1eac +index 1a048dc8..44ce46d7 100644 +--- a/data/dispatcher-fcc-unlock/1eac ++++ b/data/dispatcher-fcc-unlock/1eac @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/sh @@ -64,5 +66,5 @@ index d64ea4cb..fcdb56de 100644 # For debugging behavior of test-modemmanager-service.py, you can modify # this line to add --log-file option -- -2.34.1 +2.35.3 diff --git a/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch b/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch deleted file mode 100644 index d911d54ce45..00000000000 --- a/meta-oe/recipes-connectivity/modemmanager/files/0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch +++ /dev/null @@ -1,100 +0,0 @@ -From ddf634b92bf96b35f521db6da329628b4525c2eb Mon Sep 17 00:00:00 2001 -From: Sven Schwermer -Date: Fri, 25 Feb 2022 21:37:13 +0100 -Subject: [PATCH 2/2] fcc-unlock: Make scripts POSIX shell compatible - -This allows us to not rely on bash which may not be available on -constrained systems, e.g. Yocto-built embedded systems. The scripts now -pass shellcheck. - -Signed-off-by: Sven Schwermer ---- - data/fcc-unlock/105b | 8 ++++---- - data/fcc-unlock/1199 | 6 +++--- - data/fcc-unlock/1eac | 8 ++++---- - 3 files changed, 11 insertions(+), 11 deletions(-) - -diff --git a/data/fcc-unlock/105b b/data/fcc-unlock/105b -index f276050f..772c90f4 100644 ---- a/data/fcc-unlock/105b -+++ b/data/fcc-unlock/105b -@@ -15,20 +15,20 @@ shift - # second and next arguments are control port names - for PORT in "$@"; do - # match port type in Linux 5.14 and newer -- grep -q MBIM /sys/class/wwan/${PORT}/type 2>/dev/null && { -+ grep -q MBIM "/sys/class/wwan/$PORT/type" 2>/dev/null && { - MBIM_PORT=$PORT - break - } - # match port name in Linux 5.13 -- [[ $PORT == *"MBIM"* ]] && { -+ echo "$PORT" | grep -q MBIM && { - MBIM_PORT=$PORT - break - } - done - - # fail if no MBIM port exposed --[ -n "${MBIM_PORT}" ] || exit 2 -+[ -n "$MBIM_PORT" ] || exit 2 - - # run qmicli operation over MBIM --qmicli --device-open-proxy --device=/dev/${MBIM_PORT} --dms-foxconn-set-fcc-authentication=0 -+qmicli --device-open-proxy --device="/dev/$MBIM_PORT" --dms-foxconn-set-fcc-authentication=0 - exit $? -diff --git a/data/fcc-unlock/1199 b/data/fcc-unlock/1199 -index e1d3804c..6dbf8d1b 100644 ---- a/data/fcc-unlock/1199 -+++ b/data/fcc-unlock/1199 -@@ -19,15 +19,15 @@ shift - # second and next arguments are control port names - for PORT in "$@"; do - # match port name -- [[ $PORT == *"cdc-wdm"* ]] && { -+ echo "$PORT" | grep -q cdc-wdm && { - CDC_WDM_PORT=$PORT - break - } - done - - # fail if no cdc-wdm port exposed --[ -n "${CDC_WDM_PORT}" ] || exit 2 -+[ -n "$CDC_WDM_PORT" ] || exit 2 - - # run qmicli operation --qmicli --device-open-proxy --device=/dev/${CDC_WDM_PORT} --dms-set-fcc-authentication -+qmicli --device-open-proxy --device="/dev/$CDC_WDM_PORT" --dms-set-fcc-authentication - exit $? -diff --git a/data/fcc-unlock/1eac b/data/fcc-unlock/1eac -index d9342852..44ce46d7 100644 ---- a/data/fcc-unlock/1eac -+++ b/data/fcc-unlock/1eac -@@ -15,20 +15,20 @@ shift - # second and next arguments are control port names - for PORT in "$@"; do - # match port type in Linux 5.14 and newer -- grep -q MBIM /sys/class/wwan/${PORT}/type 2>/dev/null && { -+ grep -q MBIM "/sys/class/wwan/$PORT/type" 2>/dev/null && { - MBIM_PORT=$PORT - break - } - # match port name in Linux 5.13 -- [[ $PORT == *"MBIM"* ]] && { -+ echo "$PORT" | grep -q MBIM && { - MBIM_PORT=$PORT - break - } - done - - # fail if no MBIM port exposed --[ -n "${MBIM_PORT}" ] || exit 2 -+[ -n "$MBIM_PORT" ] || exit 2 - - # run mbimcli operation --mbimcli --device-open-proxy --device=/dev/${MBIM_PORT} --quectel-set-radio-state=on -+mbimcli --device-open-proxy --device="/dev/$MBIM_PORT" --quectel-set-radio-state=on - exit $? --- -2.34.1 - diff --git a/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb b/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb similarity index 92% rename from meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb rename to meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb index 14d9942c026..28f81ba6e53 100644 --- a/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.6.bb +++ b/meta-oe/recipes-connectivity/modemmanager/modemmanager_1.18.8.bb @@ -12,13 +12,12 @@ inherit gnomebase gettext systemd gobject-introspection bash-completion DEPENDS = "glib-2.0 libgudev libxslt-native dbus" -SRCREV ?= "a7bcf2036b34d5043dbc33fee7d98bae5859c4d3" +SRCREV ?= "0d8b5e93fc62eb0f41e18a2d9d845331d7af36ec" -# Patches 0001, 0002 will be in ModemManager > 1.18.6 +# Patch 0001 will be in ModemManager > 1.19 SRC_URI = " \ git://gitlab.freedesktop.org/mobile-broadband/ModemManager.git;protocol=https;branch=mm-1-18 \ file://0001-core-switch-bash-shell-scripts-to-use-bin-sh-for-use.patch \ - file://0002-fcc-unlock-Make-scripts-POSIX-shell-compatible.patch \ " S = "${WORKDIR}/git" From b9bbc38bfba702194a71c5a9dcb747ddacc9d66b Mon Sep 17 00:00:00 2001 From: Wentao Zhang Date: Tue, 12 Jul 2022 09:29:47 +0800 Subject: [PATCH 110/600] protobuf-c: update to 1.4.1 fix CVE-2022-33070 Signed-off-by: Wentao Zhang Signed-off-by: Khem Raj (cherry picked from commit 95904cca4a23de395069b01f1518d98fa8502afc) Signed-off-by: Armin Kuster --- .../protobuf/{protobuf-c_1.4.0.bb => protobuf-c_1.4.1.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-oe/recipes-devtools/protobuf/{protobuf-c_1.4.0.bb => protobuf-c_1.4.1.bb} (90%) diff --git a/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb b/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb similarity index 90% rename from meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb rename to meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb index b3423ba84d2..d724287d668 100644 --- a/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.0.bb +++ b/meta-oe/recipes-devtools/protobuf/protobuf-c_1.4.1.bb @@ -8,12 +8,12 @@ has been split out into the protobuf-c-rpc project." HOMEPAGE = "https://github.com/protobuf-c/protobuf-c" SECTION = "console/tools" LICENSE = "BSD-2-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=cb901168715f4782a2b06c3ddaefa558" +LIC_FILES_CHKSUM = "file://LICENSE;md5=9f725889e0d77383e26cb42b0b62cea2" DEPENDS = "protobuf-native protobuf" SRC_URI = "git://github.com/protobuf-c/protobuf-c.git;branch=master;protocol=https" -SRCREV = "f224ab2eeb648a818eb20687d7150a285442c907" +SRCREV = "abc67a11c6db271bedbb9f58be85d6f4e2ea8389" S = "${WORKDIR}/git" From b1091691f8a653431b6218461fd65610d40fd9de Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Wed, 29 Jun 2022 09:20:15 +0800 Subject: [PATCH 111/600] redis: upgrade 6.2.6 -> 6.2.7 This upgrade include CVE fix: CVE-2022-24735 CVE-2022-24736 Signed-off-by: Changqing Li --- .../recipes-extended/redis/redis/GNU_SOURCE.patch | 14 ++++++++------ .../redis/{redis_6.2.6.bb => redis_6.2.7.bb} | 2 +- 2 files changed, 9 insertions(+), 7 deletions(-) rename meta-oe/recipes-extended/redis/{redis_6.2.6.bb => redis_6.2.7.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch b/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch index 12994da5699..20f689bd0b2 100644 --- a/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch +++ b/meta-oe/recipes-extended/redis/redis/GNU_SOURCE.patch @@ -1,4 +1,4 @@ -From 18dc1457db8f66237e016b85a04dc50833c33c50 Mon Sep 17 00:00:00 2001 +From 98d526f76049be21bf3d77158236b2189419a78e Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 21 Dec 2019 12:09:51 -0800 Subject: [PATCH] Define _GNU_SOURCE to get PTHREAD_MUTEX_INITIALIZER @@ -10,20 +10,22 @@ Fixes Upstream-Status: Pending Signed-off-by: Khem Raj - --- src/zmalloc.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/zmalloc.c b/src/zmalloc.c -index ba03685..322304f 100644 +index 1f33d09..5e182d1 100644 --- a/src/zmalloc.c +++ b/src/zmalloc.c -@@ -32,6 +32,7 @@ - #include "config.h" - #include "solarisfixes.h" +@@ -28,6 +28,7 @@ + * POSSIBILITY OF SUCH DAMAGE. + */ +#define _GNU_SOURCE #include #include #include +-- +2.25.1 + diff --git a/meta-oe/recipes-extended/redis/redis_6.2.6.bb b/meta-oe/recipes-extended/redis/redis_6.2.7.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_6.2.6.bb rename to meta-oe/recipes-extended/redis/redis_6.2.7.bb index 87fade7e043..7f922a4e0f6 100644 --- a/meta-oe/recipes-extended/redis/redis_6.2.6.bb +++ b/meta-oe/recipes-extended/redis/redis_6.2.7.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "5b2b8b7a50111ef395bf1c1d5be11e6e167ac018125055daa8b5c2317ae131ab" +SRC_URI[sha256sum] = "b7a79cc3b46d3c6eb52fa37dde34a4a60824079ebdfb3abfbbfa035947c55319" inherit autotools-brokensep update-rc.d systemd useradd From ffe6e46314b934efae6c0431e8f730e6384e8938 Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Wed, 29 Jun 2022 09:20:22 +0800 Subject: [PATCH 112/600] redis: upgrade 7.0-rc3 -> 7.0.2 This upgrade include CVE fix: CVE-2022-24735 CVE-2022-24736 Signed-off-by: Changqing Li --- .../recipes-extended/redis/{redis_7.0-rc3.bb => redis_7.0.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/redis/{redis_7.0-rc3.bb => redis_7.0.2.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis_7.0-rc3.bb b/meta-oe/recipes-extended/redis/redis_7.0.2.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_7.0-rc3.bb rename to meta-oe/recipes-extended/redis/redis_7.0.2.bb index e977d67f6b6..b188278e1c3 100644 --- a/meta-oe/recipes-extended/redis/redis_7.0-rc3.bb +++ b/meta-oe/recipes-extended/redis/redis_7.0.2.bb @@ -19,7 +19,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "66b2ecc2e4b53c62940589434ea8af3a85546df131001680ed294028cd84ecdc" +SRC_URI[sha256sum] = "5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb" inherit autotools-brokensep update-rc.d systemd useradd From d1e28ae06915d805fdc4eff2c957998fda3c2ba5 Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Wed, 29 Jun 2022 09:20:32 +0800 Subject: [PATCH 113/600] apache2: upgrade 2.4.53 -> 2.4.54 This upgrade include CVE fixes: CVE-2022-30522 CVE-2022-31813 CVE-2022-28615 CVE-2022-30556 CVE-2022-29404 CVE-2022-26377 CVE-2022-28614 CVE-2022-28330 Signed-off-by: Changqing Li --- .../0004-apache2-log-the-SELinux-context-at-startup.patch | 8 ++++---- .../apache2/{apache2_2.4.53.bb => apache2_2.4.54.bb} | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.53.bb => apache2_2.4.54.bb} (99%) diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch index 5d82919685b..a652b7969ae 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch +++ b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch @@ -1,4 +1,4 @@ -From 37699e9be04d83c5923644e298f400e077f76e85 Mon Sep 17 00:00:00 2001 +From abd5b40c9b094e721e91a5d75132639149d7952f Mon Sep 17 00:00:00 2001 From: Paul Eggleton Date: Tue, 17 Jul 2012 11:27:39 +0100 Subject: [PATCH] Log the SELinux context at startup. @@ -14,7 +14,7 @@ Note: unlikely to be any interest in this upstream 2 files changed, 31 insertions(+) diff --git a/configure.in b/configure.in -index c799aec..76811e7 100644 +index ea6cec3..92b74b7 100644 --- a/configure.in +++ b/configure.in @@ -491,6 +491,11 @@ getloadavg @@ -30,7 +30,7 @@ index c799aec..76811e7 100644 [AC_TRY_RUN(#define _GNU_SOURCE #include diff --git a/server/core.c b/server/core.c -index 3020090..8fef5fd 100644 +index 4da7209..d3ca25b 100644 --- a/server/core.c +++ b/server/core.c @@ -65,6 +65,10 @@ @@ -43,7 +43,7 @@ index 3020090..8fef5fd 100644 + /* LimitRequestBody handling */ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) - #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) + #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */ @@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte } #endif diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb similarity index 99% rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb index 8413f537908..4b0ed2f622e 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.53.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb @@ -26,7 +26,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "d0bbd1121a57b5f2a6ff92d7b96f8050c5a45d3f14db118f64979d525858db63" +SRC_URI[sha256sum] = "eb397feeefccaf254f8d45de3768d9d68e8e73851c49afd5b7176d1ecf80c340" S = "${WORKDIR}/httpd-${PV}" From 0af58eb63d4d5a53a8981304132d4856f1de7924 Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Wed, 29 Jun 2022 09:20:39 +0800 Subject: [PATCH 114/600] zabbix: upgrade 5.2.6 -> 5.4.12 This upgrade CVE fix: CVE-2022-24349 CVE-2022-24917 CVE-2022-24918 CVE-2022-24919 Signed-off-by: Changqing Li --- .../zabbix/{zabbix_5.2.6.bb => zabbix_5.4.12.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-oe/recipes-connectivity/zabbix/{zabbix_5.2.6.bb => zabbix_5.4.12.bb} (92%) diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb similarity index 92% rename from meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb rename to meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb index 66c80758cec..f5d89d6c3db 100644 --- a/meta-oe/recipes-connectivity/zabbix/zabbix_5.2.6.bb +++ b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb @@ -23,13 +23,13 @@ DEPENDS = "libevent libpcre openldap virtual/libiconv zlib" PACKAGE_ARCH = "${MACHINE_ARCH}" -SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.2/${BPN}-${PV}.tar.gz \ +SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.4/${BPN}-${PV}.tar.gz \ file://0001-Fix-configure.ac.patch \ file://zabbix-agent.service \ " -SRC_URI[md5sum] = "31dab3535a1fa212f5724902727f6d4d" -SRC_URI[sha256sum] = "76cb704f2a04fbc87bb3eff44fa71339c355d467f7bbd8fb53f8927c760e1680" +SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e" +SRC_URI[sha256sum] = "d60d5515807c30c05d0900b83a7e6ef6479929aef7d6f248fba481c4816bacf4" inherit autotools-brokensep linux-kernel-base pkgconfig systemd useradd From 9bb44349a5966091a89b896ba78946adee1d2c34 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 4 Jul 2022 11:59:13 +0200 Subject: [PATCH 115/600] usrsctp: add CVE_VERSION to correctly check for CVEs The current version of usrsctp is not a release so cve-check is not able to find the product version. CVE_VERSION is now set to 0.9.3.0 that is the nearest version in the past starting from the revision we have. This is done because we don't have the complete 0.9.4.0 release. Signed-off-by: Davide Gardenal --- meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb b/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb index 4f8e4d42824..dcfa7406d22 100644 --- a/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb +++ b/meta-networking/recipes-protocols/usrsctp/usrsctp_git.bb @@ -23,3 +23,5 @@ PACKAGECONFIG[inet] = "--enable-inet,--disable-inet," PACKAGECONFIG[inet6] = "--enable-inet6,--disable-inet6," EXTRA_OECONF += "--disable-debug" + +CVE_VERSION = "0.9.3.0" From c1e7b0b993c294d52737e8e631badb5aaaefd2e3 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 4 Jul 2022 12:45:48 +0200 Subject: [PATCH 116/600] openflow: ignore CVE-2018-1078 CVE-2018-1078 is not for openflow but in the NVD database the CVE is for a specific implementation that we don't have so we can ignore it. Signed-off-by: Davide Gardenal --- meta-networking/recipes-protocols/openflow/openflow.inc | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-networking/recipes-protocols/openflow/openflow.inc index 15eb65ad320..ccafaf0de40 100644 --- a/meta-networking/recipes-protocols/openflow/openflow.inc +++ b/meta-networking/recipes-protocols/openflow/openflow.inc @@ -53,3 +53,7 @@ do_install:append() { } FILES:${PN} += "${nonarch_libdir}/tmpfiles.d" + +# This CVE is not for this product but cve-check assumes it is +# because two CPE collides when checking the NVD database +CVE_CHECK_IGNORE = "CVE-2018-1078" From 743f6e70faaa6f01df78b8bade2a66ca0244494f Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 4 Jul 2022 16:58:36 +0200 Subject: [PATCH 117/600] ntp: ignore many CVEs cve-check is not able to correctly identify many of the patched CVEs because of the non standard version number. All the ignored CVEs were manually checked with the NVD database and deemed not applicable to the current version. Signed-off-by: Davide Gardenal --- .../recipes-support/ntp/ntp_4.2.8p15.bb | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb index fe2bd0773c8..a30f720bb5b 100644 --- a/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb +++ b/meta-networking/recipes-support/ntp/ntp_4.2.8p15.bb @@ -29,7 +29,31 @@ SRC_URI = "http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-${PV}.tar.g SRC_URI[sha256sum] = "f65840deab68614d5d7ceb2d0bb9304ff70dcdedd09abb79754a87536b849c19" # CVE-2016-9312 is only for windows. -CVE_CHECK_IGNORE += "CVE-2016-9312" +# The other CVEs are not correctly identified because cve-check +# is not able to check the version correctly (it only checks for 4.2.8 omitting p15 that makes the difference) +CVE_CHECK_IGNORE += "\ + CVE-2016-9312 \ + CVE-2015-5146 \ + CVE-2015-5300 \ + CVE-2015-7975 \ + CVE-2015-7976 \ + CVE-2015-7977 \ + CVE-2015-7978 \ + CVE-2015-7979 \ + CVE-2015-8138 \ + CVE-2015-8139 \ + CVE-2015-8140 \ + CVE-2015-8158 \ + CVE-2016-1547 \ + CVE-2016-2516 \ + CVE-2016-2517 \ + CVE-2016-2519 \ + CVE-2016-7429 \ + CVE-2016-7433 \ + CVE-2016-9310 \ + CVE-2016-9311 \ +" + inherit autotools update-rc.d useradd systemd pkgconfig From 7e1a69d73d0b947657a82284a9b04f838080abe8 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Tue, 5 Jul 2022 16:59:21 +0200 Subject: [PATCH 118/600] wireshark: upgrade 3.4.11 -> 3.4.12 This upgrade includes the following CVE fixes: - CVE-2021-4190 - CVE-2022-0581 - CVE-2022-0582 - CVE-2022-0583 - CVE-2022-0585 - CVE-2022-0586 Signed-off-by: Davide Gardenal --- .../wireshark/{wireshark_3.4.11.bb => wireshark_3.4.12.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/wireshark/{wireshark_3.4.11.bb => wireshark_3.4.12.bb} (97%) diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb similarity index 97% rename from meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb rename to meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index f1dba227ac6..38fdbce8927 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.11.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -19,7 +19,7 @@ SRC_URI += " \ UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" -SRC_URI[sha256sum] = "a0e227bce2cc3a51ef3301891a0243231990b52a39b68a84a6e32f69c4e75279" +SRC_URI[sha256sum] = "881a13303e263b7dc7fe337534c8a541d4914552287879bed30bbe76c5bf68ca" PE = "1" From 5166896a02630392fa0ad6e29869ac12cdda3d17 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Wed, 6 Jul 2022 09:59:57 +0200 Subject: [PATCH 119/600] thrift: add CVE_PRODUCT to fix CVE reporting Without CVE_PRODUCT set to apache:thrift cve-check was catching CVEs form facebook:thrift that are not related with this product. Now the report is correct. Signed-off-by: Davide Gardenal --- meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb b/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb index 2d601a2f9d7..8141abef51d 100644 --- a/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb +++ b/meta-oe/recipes-connectivity/thrift/thrift_0.16.0.bb @@ -15,6 +15,8 @@ SRC_URI[sha256sum] = "f460b5c1ca30d8918ff95ea3eb6291b3951cf518553566088f3f2be898 BBCLASSEXTEND = "native nativesdk" +CVE_PRODUCT = "apache:thrift" + inherit pkgconfig cmake python3native export STAGING_INCDIR From 66106e15b97a8d2db24db0f62f6795ad256e7cae Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Wed, 6 Jul 2022 11:42:07 +0200 Subject: [PATCH 120/600] spice: ignore patched CVEs The following CVEs are already patched so we can ignore them: - CVE-2016-0749 - CVE-2016-2150 - CVE-2018-10893 This is caused by inaccurate CPE in the NVD database. Signed-off-by: Davide Gardenal --- meta-networking/recipes-support/spice/spice_git.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-networking/recipes-support/spice/spice_git.bb b/meta-networking/recipes-support/spice/spice_git.bb index d9083bcbe87..1887a5582fa 100644 --- a/meta-networking/recipes-support/spice/spice_git.bb +++ b/meta-networking/recipes-support/spice/spice_git.bb @@ -30,6 +30,12 @@ SRC_URI = " \ S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2016-0749 \ + CVE-2016-2150 \ + CVE-2018-10893 \ +" + inherit autotools gettext python3native python3-dir pkgconfig DEPENDS += "spice-protocol jpeg pixman alsa-lib glib-2.0 python3-pyparsing-native python3-six-native glib-2.0-native" From b7c6c47d4d5ceb4d9c5affa7e86744f0b8c2faf4 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Wed, 6 Jul 2022 12:24:19 +0200 Subject: [PATCH 121/600] quagga: ignore CVE-2016-4049 CVE-2016-4049 is not affecting our version, so we can ignore it. This is caused because the CPE in the NVD database doesn't specify a vulnerable version range. Signed-off-by: Davide Gardenal --- meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb b/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb index a7697a1ae93..984264a30f9 100644 --- a/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb +++ b/meta-networking/recipes-protocols/quagga/quagga_1.2.4.bb @@ -2,3 +2,7 @@ require quagga.inc SRC_URI[md5sum] = "eced21b054d71c9e1b7c6ac43286a166" SRC_URI[sha256sum] = "e364c082c3309910e1eb7b068bf39ee298e2f2f3f31a6431a5c115193bd653d3" + +CVE_CHECK_IGNORE += "\ + CVE-2016-4049 \ +" From 4b4c6f4a8a2a9944b6d56fbf33db7ecfb9b8a128 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Fri, 15 Jul 2022 15:35:15 +0200 Subject: [PATCH 122/600] freeradius: ignore patched CVEs CVE-2002-0318 and CVE-2011-4966 are both patched in our version of freeradius. The CPE in the NVD database doesn't reflect correctly the vulnerable versions that's why they are incorrectly picked up. Signed-off-by: Davide Gardenal --- .../recipes-connectivity/freeradius/freeradius_3.0.21.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index 453e514b671..d6477e340e4 100644 --- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -38,6 +38,11 @@ raddbdir="${sysconfdir}/${MLPREFIX}raddb" SRCREV = "af428abda249b2279ba0582180985a9f6f4a144a" +CVE_CHECK_IGNORE = "\ + CVE-2002-0318 \ + CVE-2011-4966 \ +" + PARALLEL_MAKE = "" S = "${WORKDIR}/git" From a47ef046619d639dfbd3be2a13ef6d5b40fd40a1 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Fri, 15 Jul 2022 15:48:41 +0200 Subject: [PATCH 123/600] openflow: ignore unrelated CVEs CVE-2015-1611 and CVE-2015-1612 are not referred to our implementation of openflow as specified by the NVD database, ignore them. Signed-off-by: Davide Gardenal --- meta-networking/recipes-protocols/openflow/openflow.inc | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-networking/recipes-protocols/openflow/openflow.inc b/meta-networking/recipes-protocols/openflow/openflow.inc index ccafaf0de40..aaad0e00e1e 100644 --- a/meta-networking/recipes-protocols/openflow/openflow.inc +++ b/meta-networking/recipes-protocols/openflow/openflow.inc @@ -13,6 +13,11 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=e870c934e2c3d6ccf085fd7cf0a1e2e2" SRC_URI = "git://gitosis.stanford.edu/openflow.git;protocol=git;branch=master" +CVE_CHECK_IGNORE = "\ + CVE-2015-1611 \ + CVE-2015-1612 \ +" + DEPENDS = "virtual/libc" PACKAGECONFIG ??= "" From cd54a3b37d31d2e293235dfee8acc1b99fe2f794 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 13:07:05 +0200 Subject: [PATCH 124/600] libplist: ignore patched CVEs CVE-2017-5834, CVE-2017-5835 and CVE-2017-5836 are patched in our version of libplist but they don't have a vulnerable version range in the NVD database, that's why they need to be ignored. Signed-off-by: Davide Gardenal Signed-off-by: Khem Raj (cherry picked from commit 261465eb6e2bd8f83e6841f8e42e1fb1be6d1499) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb b/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb index db4f507b7c3..daaff003955 100644 --- a/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb +++ b/meta-oe/recipes-extended/libimobiledevice/libplist_2.2.0.bb @@ -13,6 +13,12 @@ SRC_URI = "git://github.com/libimobiledevice/libplist;protocol=https;branch=mast S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2017-5834 \ + CVE-2017-5835 \ + CVE-2017-5836 \ +" + do_install:append () { if [ -e ${D}${libdir}/python*/site-packages/plist/_plist.so ]; then chrpath -d ${D}${libdir}/python*/site-packages/plist/_plist.so From bd8f5fa080beba824b5d08c34df53768224857eb Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 13:07:06 +0200 Subject: [PATCH 125/600] meta-oe: ignore patched CVEs Some old CVEs don't have a vulnerable version range in the NVD database, this causes come mismatch with cve-check. Ignore many CVEs that are picked up by the class but are patched in our products. Signed-off-by: Davide Gardenal Signed-off-by: Khem Raj (cherry picked from commit efa12676dd0676fd0aa63457d7ba360fe8a6fae2) Signed-off-by: Armin Kuster --- meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb | 4 ++++ meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb | 4 ++++ meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb | 4 ++++ meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb | 4 ++++ meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb | 4 ++++ meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb | 4 ++++ meta-oe/recipes-support/atop/atop_2.4.0.bb | 4 ++++ meta-oe/recipes-support/emacs/emacs_27.2.bb | 4 ++++ meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb | 5 +++++ 9 files changed, 37 insertions(+) diff --git a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb index 2fa24b29b3f..28a3e1e77ae 100644 --- a/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb +++ b/meta-oe/recipes-connectivity/libtorrent/libtorrent_git.bb @@ -11,6 +11,10 @@ SRC_URI = "git://github.com/rakshasa/libtorrent;branch=master;protocol=https \ " SRCREV = "756f70010779927dc0691e1e722ed433d5d295e1" +CVE_CHECK_IGNORE += "\ + CVE-2009-1760 \ +" + PV = "0.13.8" S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb index e9cb7adb812..df90b629a98 100644 --- a/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb +++ b/meta-oe/recipes-devtools/uw-imap/uw-imap_2007f.bb @@ -18,6 +18,10 @@ SRC_URI[sha256sum] = "53e15a2b5c1bc80161d42e9f69792a3fa18332b7b771910131004eb520 S = "${WORKDIR}/imap-${PV}" +CVE_CHECK_IGNORE += "\ + CVE-2005-0198 \ +" + PACKAGECONFIG ??= "${@bb.utils.filter('DISTRO_FEATURES', 'pam', d)}" PACKAGECONFIG[pam] = ",,libpam" diff --git a/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb b/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb index ecbfad394d9..a59a5c41dff 100644 --- a/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb +++ b/meta-oe/recipes-extended/sanlock/sanlock_3.8.4.bb @@ -21,6 +21,10 @@ SRCREV = "a181e951376d49a82eef17920c8ebedec80b4823" S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2012-5638 \ +" + DEPENDS = "libaio util-linux" inherit setuptools3 useradd diff --git a/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb b/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb index 7e00f150d32..4b9ae4758fd 100644 --- a/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb +++ b/meta-oe/recipes-extended/sblim-sfcb/sblim-sfcb_1.4.9.bb @@ -32,6 +32,10 @@ SRC_URI = "http://downloads.sourceforge.net/sblim/${BP}.tar.bz2 \ SRC_URI[md5sum] = "28021cdabc73690a94f4f9d57254ce30" SRC_URI[sha256sum] = "634a67b2f7ac3b386a79160eb44413d618e33e4e7fc74ae68b0240484af149dd" +CVE_CHECK_IGNORE += "\ + CVE-2012-3381 \ +" + inherit autotools inherit systemd diff --git a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb index aa597cd8e49..4c51af669c3 100644 --- a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb +++ b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb @@ -31,6 +31,10 @@ SRC_URI:append:class-nativesdk = "\ SRC_URI[sha256sum] = "6b16bf990df114195be669773a1dae975dbbffada45e1de2849ddeb5851bb9a8" +CVE_CHECK_IGNORE += "\ + CVE-2014-9157 \ +" + PACKAGECONFIG ??= "librsvg" PACKAGECONFIG[librsvg] = "--with-librsvg,--without-librsvg,librsvg" diff --git a/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb b/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb index 4c17105a992..27dff82df53 100644 --- a/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb +++ b/meta-oe/recipes-graphics/jasper/jasper_2.0.33.bb @@ -6,6 +6,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=a80440d1d8f17d041c71c7271d6e06eb" SRC_URI = "git://github.com/jasper-software/jasper.git;protocol=https;branch=master" SRCREV = "fe00207dc10db1d7cc6f2757961c5c6bdfd10973" +CVE_CHECK_IGNORE += "\ + CVE-2015-8751 \ +" + S = "${WORKDIR}/git" inherit cmake diff --git a/meta-oe/recipes-support/atop/atop_2.4.0.bb b/meta-oe/recipes-support/atop/atop_2.4.0.bb index 35540b3b8f0..b1d2abde73d 100644 --- a/meta-oe/recipes-support/atop/atop_2.4.0.bb +++ b/meta-oe/recipes-support/atop/atop_2.4.0.bb @@ -24,6 +24,10 @@ SRC_URI = "http://www.atoptool.nl/download/${BP}.tar.gz \ SRC_URI[md5sum] = "1077da884ed94f2bc3c81ac3ab970436" SRC_URI[sha256sum] = "be1c010a77086b7d98376fce96514afcd73c3f20a8d1fe01520899ff69a73d69" +CVE_CHECK_IGNORE += "\ + CVE-2011-3618 \ +" + do_compile() { oe_runmake all } diff --git a/meta-oe/recipes-support/emacs/emacs_27.2.bb b/meta-oe/recipes-support/emacs/emacs_27.2.bb index b78dc5e4502..4a7e7aba5c3 100644 --- a/meta-oe/recipes-support/emacs/emacs_27.2.bb +++ b/meta-oe/recipes-support/emacs/emacs_27.2.bb @@ -11,6 +11,10 @@ SRC_URI:append:class-target = " file://usemake-docfile-native.patch" SRC_URI[sha256sum] = "b4a7cc4e78e63f378624e0919215b910af5bb2a0afc819fad298272e9f40c1b9" +CVE_CHECK_IGNORE = "\ + CVE-2007-6109 \ +" + PACKAGECONFIG[gnutls] = "--with-gnutls=yes,--with-gnutls=no,gnutls" PACKAGECONFIG[kerberos] = "--with-kerberos=yes,--with-kerberos=no,krb5" PACKAGECONFIG[libgmp] = "--with-libgmp=yes,--with-libgmp=no,gmp" diff --git a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb index 14b1aaf01c1..3d8a45786de 100644 --- a/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb +++ b/meta-oe/recipes-support/pidgin/pidgin_2.14.2.bb @@ -15,6 +15,11 @@ SRC_URI = "\ SRC_URI[sha256sum] = "19654ad276b149646371fbdac21bc7620742f2975f7399fed0ffc1a18fbaf603" +CVE_CHECK_IGNORE += "\ + CVE-2010-1624 \ + CVE-2011-3594 \ +" + PACKAGECONFIG ??= "gnutls consoleui avahi dbus idn nss \ ${@bb.utils.contains('DISTRO_FEATURES', 'x11', 'x11 gtk startup-notification', '', d)} \ " From aca019a2d0a61799441f36ff57c39496ca6577f3 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 14:56:56 +0200 Subject: [PATCH 126/600] mongodb: ignore unrelated CVEs CVE-2014-8180, CVE-2017-18381 and CVE-2017-2665 are not affecting our configuration so they can be safely ignored. Signed-off-by: Davide Gardenal Signed-off-by: Khem Raj (cherry picked from commit ed904e65418416a96ec199b2ed4b9c82f11f5b64) Signed-off-by: Armin Kuster --- .../meta-python/recipes-dbs/mongodb/mongodb_git.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb b/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb index 7ea728aad4c..ff4a16e9f21 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-dbs/mongodb/mongodb_git.bb @@ -45,6 +45,12 @@ SRC_URI:append:toolchain-clang = "\ S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2014-8180 \ + CVE-2017-18381 \ + CVE-2017-2665 \ +" + COMPATIBLE_HOST ?= '(x86_64|i.86|powerpc64|arm|aarch64).*-linux' PACKAGECONFIG ??= "tcmalloc system-pcre" From b0bf2829a26e5bc834048642ed8ce0adbd51f0d3 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 13:07:09 +0200 Subject: [PATCH 127/600] php: ignore patched CVEs CVE-2007-2728, CVE-2007-3205 and CVE-2007-4596 are patched in our version of php but they don't have a vulnerable version range in the NVD database, that's why they need to be ignored. Signed-off-by: Davide Gardenal Signed-off-by: Khem Raj (cherry picked from commit 1642bfcb071aadb542c488bf79922842e32f1db5) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/php_8.1.7.bb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/meta-oe/recipes-devtools/php/php_8.1.7.bb b/meta-oe/recipes-devtools/php/php_8.1.7.bb index e9e8eccf3a6..cf4f6be3fa7 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.7.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.7.bb @@ -35,6 +35,12 @@ SRC_URI:append:class-target = " \ S = "${WORKDIR}/php-${PV}" SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d" +CVE_CHECK_IGNORE += "\ + CVE-2007-2728 \ + CVE-2007-3205 \ + CVE-2007-4596 \ +" + inherit autotools pkgconfig python3native gettext # phpize is not scanned for absolute paths by default (but php-config is). From 4f0231595fb51ea2dd7bc0626bca3711040f19b4 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 13:07:10 +0200 Subject: [PATCH 128/600] postgresql: ignore unrelated CVE CVE-2017-8806 doesn't apply to out configuration of postgresql so we can safely ignore it. Signed-off-by: Davide Gardenal Signed-off-by: Khem Raj (cherry picked from commit de4097f2304b2031265173c7d09aa1a2e983b81c) Signed-off-by: Armin Kuster --- meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb index 01a6ee635e6..64e83b2cdea 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb @@ -11,3 +11,7 @@ SRC_URI += "\ " SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a" + +CVE_CHECK_IGNORE += "\ + CVE-2017-8806 \ +" From f1d7666dceffc807fd5eabf8f18ba18826aff0ea Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 19 Jul 2022 22:01:46 -0700 Subject: [PATCH 129/600] catfish: fix buildpaths issue Signed-off-by: Chen Qi Signed-off-by: Khem Raj (cherry picked from commit c2fb0bd1ebe04f91e97913e1e15405af0e127078) Signed-off-by: Armin Kuster --- meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb b/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb index 98cd251d2d0..8fe879b8169 100644 --- a/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb +++ b/meta-xfce/recipes-apps/catfish/catfish_4.16.3.bb @@ -12,3 +12,12 @@ SRC_URI[sha256sum] = "e9a99a62d10981391508dd43f3cbfa2d50a69bd6b7d1eeef7d30ba4c67 FILES:${PN} += "${datadir}/metainfo" RDEPENDS:${PN} += "python3-pygobject python3-dbus" + +do_install:append() { + # + # Until catfish upstream figures out a way to overcome this buildpath issue, we need to do such adjustments here. + # + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${D}${datadir}/applications/org.xfce.Catfish.desktop + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${D}${PYTHON_SITEPACKAGES_DIR}/catfish_lib/catfishconfig.py + rm -f ${D}${PYTHON_SITEPACKAGES_DIR}/catfish_lib/__pycache__/catfishconfig.*.pyc +} From db866d51f8c1f764deca5163c82b9efe2801050e Mon Sep 17 00:00:00 2001 From: Aryaman Gupta Date: Fri, 15 Jul 2022 11:58:13 -0400 Subject: [PATCH 130/600] rsyslog: update 8.2202->8.2206 Package changes mainly include performance improvements to tcpsrv/imtcp, bug fixes and additional/updated tests: https://github.com/rsyslog/rsyslog/blob/master/ChangeLog ptest results for qemux86-64 with kvm and increasing filesystem space to 4GB using IMAGE_ROOTFS_EXTRA_SPACE : Version | Passed | Failed | Skipped 8.2202 | 456 | 0 | 5 8.2206 | 465 | 0 | 5 Signed-off-by: Aryaman Gupta Signed-off-by: Khem Raj (cherry picked from commit 0f048c4c46fd4b377b7aacc236a23249ae05fdaa) Signed-off-by: Armin Kuster --- .../rsyslog/{rsyslog_8.2202.0.bb => rsyslog_8.2206.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/rsyslog/{rsyslog_8.2202.0.bb => rsyslog_8.2206.0.bb} (98%) diff --git a/meta-oe/recipes-extended/rsyslog/rsyslog_8.2202.0.bb b/meta-oe/recipes-extended/rsyslog/rsyslog_8.2206.0.bb similarity index 98% rename from meta-oe/recipes-extended/rsyslog/rsyslog_8.2202.0.bb rename to meta-oe/recipes-extended/rsyslog/rsyslog_8.2206.0.bb index ebb8ecf9bd2..a39de3acb5c 100644 --- a/meta-oe/recipes-extended/rsyslog/rsyslog_8.2202.0.bb +++ b/meta-oe/recipes-extended/rsyslog/rsyslog_8.2206.0.bb @@ -31,7 +31,7 @@ SRC_URI:append:libc-musl = " \ file://0001-Include-sys-time-h.patch \ " -SRC_URI[sha256sum] = "e41308a5a171939b3cbc246e9d4bd30be44e801521e04cd95d051fa3867d6738" +SRC_URI[sha256sum] = "a1377218b26c0767a7a3f67d166d5338af7c24b455d35ec99974e18e6845ba27" UPSTREAM_CHECK_URI = "https://github.com/rsyslog/rsyslog/releases" UPSTREAM_CHECK_REGEX = "(?P\d+(\.\d+)+)" From 7eb9e5004af3ca65fc2973accc4c77c39f087f8d Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Tue, 19 Jul 2022 14:18:53 +0800 Subject: [PATCH 131/600] php: upgrade 8.1.7 -> 8.1.8 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 8d7b56ff235ea3b6da8e2b8a391176a99ca07327) [Bug fix only update] Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.7.bb => php_8.1.8.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.7.bb => php_8.1.8.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.7.bb b/meta-oe/recipes-devtools/php/php_8.1.8.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.7.bb rename to meta-oe/recipes-devtools/php/php_8.1.8.bb index cf4f6be3fa7..d5cf7d8b216 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.7.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.8.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "b816753eb005511e695d90945c27093c3236cc73db1262656d9fadd73ead7e9d" +SRC_URI[sha256sum] = "b8815a5a02431453d4261e3598bd1f28516e4c0354f328c12890f257870e4c01" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ From 44d773044f0be14d8d520c7a644b171c222577e8 Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Wed, 20 Jul 2022 09:01:47 +0800 Subject: [PATCH 132/600] ndisc6: upgrade 1.0.5 -> 1.0.6 Changelog: ========== # ndisc6: print NAT64 prefix if present. # rdnssd: fix timeout calculation. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit c77bc200813dec8a1317ea6651d0f398a3fa5d65) Signed-off-by: Armin Kuster --- .../recipes-support/ndisc6/{ndisc6_git.bb => ndisc6_1.0.6.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-networking/recipes-support/ndisc6/{ndisc6_git.bb => ndisc6_1.0.6.bb} (97%) diff --git a/meta-networking/recipes-support/ndisc6/ndisc6_git.bb b/meta-networking/recipes-support/ndisc6/ndisc6_1.0.6.bb similarity index 97% rename from meta-networking/recipes-support/ndisc6/ndisc6_git.bb rename to meta-networking/recipes-support/ndisc6/ndisc6_1.0.6.bb index f5467794e6f..6861314a0a9 100644 --- a/meta-networking/recipes-support/ndisc6/ndisc6_git.bb +++ b/meta-networking/recipes-support/ndisc6/ndisc6_1.0.6.bb @@ -5,8 +5,7 @@ HOMEPAGE = "http://www.remlab.net/ndisc6/" LICENSE = "GPL-2.0-only" LIC_FILES_CHKSUM = "file://COPYING;md5=751419260aa954499f7abaabaa882bbe" -PV = "1.0.5" -SRCREV = "b706f5f01aa82aa0db678fffd15a1527f330c507" +SRCREV = "7e314b23329f9c24c4c097b8513673fed7e7158a" SRC_URI = "git://git.remlab.net/git/ndisc6.git;protocol=http;branch=master \ file://0001-autogen-Do-not-symlink-gettext.h-from-build-host.patch \ " From 7430daa22dda374561ce5e47955a84705b3b8953 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sun, 24 Jul 2022 10:08:18 -0700 Subject: [PATCH 133/600] bigbuckbunny-1080p: update SRC_URI fixes: ERROR: bigbuckbunny-1080p-1.0-r0 do_fetch: Bitbake Fetcher Error: FetchError('Unable to fetch URL from any source.', 'https://www.mediaspip.net/IMG/avi/big_buck_bunny_1080p_surround.avi') Signed-off-by: Armin Kuster --- .../recipes-multimedia/sample-content/bigbuckbunny-1080p.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb b/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb index b848b820c3e..cb919d79e3b 100644 --- a/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb +++ b/meta-multimedia/recipes-multimedia/sample-content/bigbuckbunny-1080p.bb @@ -3,7 +3,7 @@ LICENSE = "CC-BY-3.0" # http://www.bigbuckbunny.org/index.php/about/ LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/CC-BY-3.0;md5=dfa02b5755629022e267f10b9c0a2ab7" -SRC_URI = "https://www.mediaspip.net/IMG/avi/big_buck_bunny_1080p_surround.avi" +SRC_URI = "http://www.peach.themazzone.com/big_buck_bunny_1080p_surround.avi" SRC_URI[md5sum] = "223991c8b33564eb77988a4c13c1c76a" SRC_URI[sha256sum] = "69fe2cfe7154a6e752688e3a0d7d6b07b1605bbaf75b56f6470dc7b4c20c06ea" From 2763eaf35f9b2b1ed410809cadfbdce27c1fa5e5 Mon Sep 17 00:00:00 2001 From: Davide Gardenal Date: Mon, 18 Jul 2022 13:07:07 +0200 Subject: [PATCH 134/600] openjpeg: ignore CVE-2015-1239 This CVE is patched in our version of openjpeg. The NVD database doesn't include a version range this is why it's still reported. Signed-off-by: Davide Gardenal --- meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb index f248619ec8e..42d2b4efb01 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb @@ -15,6 +15,10 @@ SRC_URI = " \ SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505" S = "${WORKDIR}/git" +CVE_CHECK_IGNORE += "\ + CVE-2015-1239 \ +" + inherit cmake # for multilib From cb4e7fb4b08b7ebbdc21485e9a21845931132759 Mon Sep 17 00:00:00 2001 From: Yue Tao Date: Mon, 25 Jul 2022 15:54:57 +0800 Subject: [PATCH 135/600] python3-lxml: Security fix CVE-2022-2309 CVE-2022-0934: lxml: NULL Pointer Dereference in lxml Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-2309 Patch from: https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f Signed-off-by: Yue Tao --- .../python/python3-lxml/CVE-2022-2309.patch | 99 +++++++++++++++++++ .../python/python3-lxml_4.8.0.bb | 3 +- 2 files changed, 101 insertions(+), 1 deletion(-) create mode 100644 meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch diff --git a/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch b/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch new file mode 100644 index 00000000000..5ec55dfd2a3 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch @@ -0,0 +1,99 @@ +From 86368e9cf70a0ad23cccd5ee32de847149af0c6f Mon Sep 17 00:00:00 2001 +From: Stefan Behnel +Date: Fri, 1 Jul 2022 21:06:10 +0200 +Subject: [PATCH] Fix a crash when incorrect parser input occurs together with + usages of iterwalk() on trees generated by the same parser. + +CVE: CVE-2022-2309 + +Upstream-Status: Backport +[https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f] + +Signed-off-by: Yue Tao + +--- + src/lxml/apihelpers.pxi | 7 ++++--- + src/lxml/iterparse.pxi | 11 ++++++----- + src/lxml/tests/test_etree.py | 20 ++++++++++++++++++++ + 3 files changed, 30 insertions(+), 8 deletions(-) + +diff --git a/src/lxml/apihelpers.pxi b/src/lxml/apihelpers.pxi +index c1662762..9fae9fb1 100644 +--- a/src/lxml/apihelpers.pxi ++++ b/src/lxml/apihelpers.pxi +@@ -246,9 +246,10 @@ cdef dict _build_nsmap(xmlNode* c_node): + while c_node is not NULL and c_node.type == tree.XML_ELEMENT_NODE: + c_ns = c_node.nsDef + while c_ns is not NULL: +- prefix = funicodeOrNone(c_ns.prefix) +- if prefix not in nsmap: +- nsmap[prefix] = funicodeOrNone(c_ns.href) ++ if c_ns.prefix or c_ns.href: ++ prefix = funicodeOrNone(c_ns.prefix) ++ if prefix not in nsmap: ++ nsmap[prefix] = funicodeOrNone(c_ns.href) + c_ns = c_ns.next + c_node = c_node.parent + return nsmap +diff --git a/src/lxml/iterparse.pxi b/src/lxml/iterparse.pxi +index 138c23a6..a7299da6 100644 +--- a/src/lxml/iterparse.pxi ++++ b/src/lxml/iterparse.pxi +@@ -420,7 +420,7 @@ cdef int _countNsDefs(xmlNode* c_node): + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- count += 1 ++ count += (c_ns.href is not NULL) + c_ns = c_ns.next + return count + +@@ -431,9 +431,10 @@ cdef int _appendStartNsEvents(xmlNode* c_node, list event_list) except -1: + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- ns_tuple = (funicode(c_ns.prefix) if c_ns.prefix is not NULL else '', +- funicode(c_ns.href)) +- event_list.append( (u"start-ns", ns_tuple) ) +- count += 1 ++ if c_ns.href: ++ ns_tuple = (funicodeOrEmpty(c_ns.prefix), ++ funicode(c_ns.href)) ++ event_list.append( (u"start-ns", ns_tuple) ) ++ count += 1 + c_ns = c_ns.next + return count +diff --git a/src/lxml/tests/test_etree.py b/src/lxml/tests/test_etree.py +index e5f08469..285313f6 100644 +--- a/src/lxml/tests/test_etree.py ++++ b/src/lxml/tests/test_etree.py +@@ -1460,6 +1460,26 @@ class ETreeOnlyTestCase(HelperTestCase): + [1,2,1,4], + counts) + ++ def test_walk_after_parse_failure(self): ++ # This used to be an issue because libxml2 can leak empty namespaces ++ # between failed parser runs. iterwalk() failed to handle such a tree. ++ try: ++ etree.XML('''''') ++ except etree.XMLSyntaxError: ++ pass ++ else: ++ assert False, "invalid input did not fail to parse" ++ ++ et = etree.XML(''' ''') ++ try: ++ ns = next(etree.iterwalk(et, events=('start-ns',))) ++ except StopIteration: ++ # This would be the expected result, because there was no namespace ++ pass ++ else: ++ # This is a bug in libxml2 ++ assert not ns, repr(ns) ++ + def test_itertext_comment_pi(self): + # https://bugs.launchpad.net/lxml/+bug/1844674 + XML = self.etree.XML +-- +2.17.1 + diff --git a/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb b/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb index c4d4df383a9..0c78d97abdb 100644 --- a/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb +++ b/meta-python/recipes-devtools/python/python3-lxml_4.8.0.bb @@ -20,7 +20,8 @@ DEPENDS += "libxml2 libxslt" SRC_URI[sha256sum] = "f63f62fc60e6228a4ca9abae28228f35e1bd3ce675013d1dfb828688d50c6e23" -SRC_URI += "${PYPI_SRC_URI}" +SRC_URI += "${PYPI_SRC_URI} \ + file://CVE-2022-2309.patch " inherit pkgconfig pypi setuptools3 # {standard input}: Assembler messages: From b9c0df23f96170d6a2ab30985c7d6e669771f693 Mon Sep 17 00:00:00 2001 From: wangmy Date: Fri, 29 Apr 2022 16:13:13 +0800 Subject: [PATCH 136/600] stunnel: upgrade 5.63 -> 5.64 Changelog: ========== Security bugfixes OpenSSL DLLs updated to version 3.0.3. New features Updated the pkcs11 engine for Windows. Bugfixes Removed the SERVICE_INTERACTIVE_PROCESS flag in "stunnel -install". Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 6f3b52f4589bfa942e473488f91ecef85d339e78) [New feature does not affect linux] Signed-off-by: Armin Kuster --- .../stunnel/{stunnel_5.63.bb => stunnel_5.64.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/stunnel/{stunnel_5.63.bb => stunnel_5.64.bb} (93%) diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.63.bb b/meta-networking/recipes-support/stunnel/stunnel_5.64.bb similarity index 93% rename from meta-networking/recipes-support/stunnel/stunnel_5.63.bb rename to meta-networking/recipes-support/stunnel/stunnel_5.64.bb index 325737e8c9c..13ecd5c5bf0 100644 --- a/meta-networking/recipes-support/stunnel/stunnel_5.63.bb +++ b/meta-networking/recipes-support/stunnel/stunnel_5.64.bb @@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ file://fix-openssl-no-des.patch \ " -SRC_URI[sha256sum] = "c74c4e15144a3ae34b8b890bb31c909207301490bd1e51bfaaa5ffeb0a994617" +SRC_URI[sha256sum] = "eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" inherit autotools bash-completion pkgconfig From ab72f6b1aef628d296ea0905b98d72badb3b18a5 Mon Sep 17 00:00:00 2001 From: wangmy Date: Sat, 23 Jul 2022 13:38:22 +0800 Subject: [PATCH 137/600] stunnel: upgrade 5.64 -> 5.65 fix-openssl-no-des.patch refreshed for version 5.65 Changelog: ========== Security bugfixes OpenSSL DLLs updated to version 3.0.5. Bugfixes Fixed handling globally enabled FIPS. Fixed the default openssl.cnf path in stunnel.exe. Fixed a number of MSVC warnings. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 72f84335cb372dbf00d2d07429a595fced0c4f4f) Signed-off-by: Armin Kuster --- .../stunnel/stunnel/fix-openssl-no-des.patch | 24 +++++++++++++------ .../{stunnel_5.64.bb => stunnel_5.65.bb} | 2 +- 2 files changed, 18 insertions(+), 8 deletions(-) rename meta-networking/recipes-support/stunnel/{stunnel_5.64.bb => stunnel_5.65.bb} (93%) diff --git a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch index aeb0bece971..0840cbbd8b3 100644 --- a/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch +++ b/meta-networking/recipes-support/stunnel/stunnel/fix-openssl-no-des.patch @@ -1,3 +1,8 @@ +From 7ff4eba20b5c4fc7365e5ee0dfb775ed29bdd5ce Mon Sep 17 00:00:00 2001 +From: Kai Kang +Date: Wed, 1 Nov 2017 09:23:41 -0400 +Subject: [PATCH] stunnel: fix compile error when openssl disable des support + Upstream-Status: Pending When openssl disable des support with configure option 'no-des', it doesn't @@ -6,12 +11,17 @@ failed. Fix it by checking macro OPENSSL_NO_DES to use openssl des related library conditionaly. Signed-off-by: Kai Kang + --- + src/common.h | 2 ++ + src/protocol.c | 6 +++--- + 2 files changed, 5 insertions(+), 3 deletions(-) + diff --git a/src/common.h b/src/common.h -index f7d38b0..bf485af 100644 +index bc37eb5..03ee3e5 100644 --- a/src/common.h +++ b/src/common.h -@@ -478,7 +478,9 @@ extern char *sys_errlist[]; +@@ -486,7 +486,9 @@ extern char *sys_errlist[]; #ifndef OPENSSL_NO_MD4 #include #endif /* !defined(OPENSSL_NO_MD4) */ @@ -22,19 +32,19 @@ index f7d38b0..bf485af 100644 #include #if OPENSSL_VERSION_NUMBER<0x10100000L diff --git a/src/protocol.c b/src/protocol.c -index 587df09..8198eb6 100644 +index 804f115..d9b2b50 100644 --- a/src/protocol.c +++ b/src/protocol.c -@@ -67,7 +67,7 @@ NOEXPORT char *imap_server(CLI *, SERVICE_OPTIONS *, const PHASE); +@@ -66,7 +66,7 @@ NOEXPORT char *nntp_client(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *ldap_client(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *connect_server(CLI *, SERVICE_OPTIONS *, const PHASE); NOEXPORT char *connect_client(CLI *, SERVICE_OPTIONS *, const PHASE); -#ifndef OPENSSL_NO_MD4 +#if !defined(OPENSSL_NO_MD4) && !defined(OPENSSL_NO_DES) NOEXPORT void ntlm(CLI *, SERVICE_OPTIONS *); - NOEXPORT char *ntlm1(); + NOEXPORT char *ntlm1(void); NOEXPORT char *ntlm3(char *, char *, char *, char *); -@@ -1332,7 +1332,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { +@@ -1351,7 +1351,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { fd_printf(c, c->remote_fd.fd, "Host: %s", opt->protocol_host); if(opt->protocol_username && opt->protocol_password) { if(!strcasecmp(opt->protocol_authentication, "ntlm")) { @@ -43,7 +53,7 @@ index 587df09..8198eb6 100644 ntlm(c, opt); #else s_log(LOG_ERR, "NTLM authentication is not available"); -@@ -1376,7 +1376,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { +@@ -1395,7 +1395,7 @@ NOEXPORT char *connect_client(CLI *c, SERVICE_OPTIONS *opt, const PHASE phase) { return NULL; } diff --git a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb similarity index 93% rename from meta-networking/recipes-support/stunnel/stunnel_5.64.bb rename to meta-networking/recipes-support/stunnel/stunnel_5.65.bb index 13ecd5c5bf0..ab7ff432230 100644 --- a/meta-networking/recipes-support/stunnel/stunnel_5.64.bb +++ b/meta-networking/recipes-support/stunnel/stunnel_5.65.bb @@ -11,7 +11,7 @@ SRC_URI = "https://stunnel.org/archive/5.x/${BP}.tar.gz \ file://fix-openssl-no-des.patch \ " -SRC_URI[sha256sum] = "eebe53ed116ba43b2e786762b0c2b91511e7b74857ad4765824e7199e6faf883" +SRC_URI[sha256sum] = "60c500063bd1feff2877f5726e38278c086f96c178f03f09d264a2012d6bf7fc" inherit autotools bash-completion pkgconfig From d3e5c086bcb684960150789fad6629973c84cacc Mon Sep 17 00:00:00 2001 From: wangmy Date: Sat, 23 Jul 2022 13:38:20 +0800 Subject: [PATCH 138/600] redis: upgrade 7.0.2 -> 7.0.4 Changelog: ========== Upgrade urgency: SECURITY, contains fixes to security issues. Security Fixes: ---------------- (CVE-2022-31144) A specially crafted XAUTOCLAIM command on a stream key in a specific state may result with heap overflow, and potentially remote code execution. The problem affects Redis versions 7.0.0 or newer. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit d9f8d015a45188c3cf2d6841ea05319032930dbc) Signed-off-by: Armin Kuster --- .../recipes-extended/redis/{redis_7.0.2.bb => redis_7.0.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/redis/{redis_7.0.2.bb => redis_7.0.4.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis_7.0.2.bb b/meta-oe/recipes-extended/redis/redis_7.0.4.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_7.0.2.bb rename to meta-oe/recipes-extended/redis/redis_7.0.4.bb index b188278e1c3..993ff34b101 100644 --- a/meta-oe/recipes-extended/redis/redis_7.0.2.bb +++ b/meta-oe/recipes-extended/redis/redis_7.0.4.bb @@ -19,7 +19,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "5e57eafe7d4ac5ecb6a7d64d6b61db775616dbf903293b3fcc660716dbda5eeb" +SRC_URI[sha256sum] = "f0e65fda74c44a3dd4fa9d512d4d4d833dd0939c934e946a5c622a630d057f2f" inherit autotools-brokensep update-rc.d systemd useradd From 6f3b39ffb6b11444e7fee199965982cfa33e8c87 Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Mon, 6 Jun 2022 20:22:44 +0800 Subject: [PATCH 139/600] tracker: upgrade 3.3.0 -> 3.3.1 Changelog: ========= * Fixed blank nodes to return the correct identifier in certain queries. * Fixes to FTS consistency after updates * Fixes to HTTP module linking * Fix handling of STRING_LITERAL_LONG1/2 terminals * Fix handling of negated property paths * Use .so suffix for modules on all platforms * Added code examples in JS/Python * Developer documentation improvements Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 91d468a051f90d4df3550b911a4604db490d8d50) Signed-off-by: Armin Kuster --- .../tracker/{tracker_3.3.0.bb => tracker_3.3.1.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/tracker/{tracker_3.3.0.bb => tracker_3.3.1.bb} (93%) diff --git a/meta-gnome/recipes-gnome/tracker/tracker_3.3.0.bb b/meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb similarity index 93% rename from meta-gnome/recipes-gnome/tracker/tracker_3.3.0.bb rename to meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb index bb2396af7cb..42f44863ba5 100644 --- a/meta-gnome/recipes-gnome/tracker/tracker_3.3.0.bb +++ b/meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb @@ -22,7 +22,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase gsettings gobject-introspection vala gtk-doc manpages bash-completion features_check python3native -SRC_URI[archive.sha256sum] = "0706f96fe7f95df42acec812c1de7b4593a0d648321ca83506a9d71e22417bda" +SRC_URI[archive.sha256sum] = "5ad6f5bc97781ebf55ecd6947cd4ae7ff4192516580d10bd8380f1dd47196ed2" # gobject-introspection is mandatory and cannot be configured REQUIRED_DISTRO_FEATURES = "gobject-introspection-data" From 8f2dc1023482863e2630d1b94052c41ce748b38f Mon Sep 17 00:00:00 2001 From: wangmy Date: Sat, 23 Jul 2022 13:40:45 +0800 Subject: [PATCH 140/600] tracker: upgrade 3.3.1 -> 3.3.2 Changelog: ========== * Avoid redundant queries in TrackerNotifiers proxied through an D-Bus connection * Do not attempt to rebuild non-existing FTS tables on parser updates * Convert values to the right type when propagating insertions over superproperties * Fix test to handle SQLite >= 3.39.0 * Fix handling of nrl:modified after opening existing databases * Linking fixes to CLI executables Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit a7f5d549e6152292e73e0039f4b7b0a2936a395c) Signed-off-by: Armin Kuster --- .../tracker/{tracker_3.3.1.bb => tracker_3.3.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-gnome/recipes-gnome/tracker/{tracker_3.3.1.bb => tracker_3.3.2.bb} (93%) diff --git a/meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb b/meta-gnome/recipes-gnome/tracker/tracker_3.3.2.bb similarity index 93% rename from meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb rename to meta-gnome/recipes-gnome/tracker/tracker_3.3.2.bb index 42f44863ba5..eaa0e065d1a 100644 --- a/meta-gnome/recipes-gnome/tracker/tracker_3.3.1.bb +++ b/meta-gnome/recipes-gnome/tracker/tracker_3.3.2.bb @@ -22,7 +22,7 @@ GNOMEBASEBUILDCLASS = "meson" inherit gnomebase gsettings gobject-introspection vala gtk-doc manpages bash-completion features_check python3native -SRC_URI[archive.sha256sum] = "5ad6f5bc97781ebf55ecd6947cd4ae7ff4192516580d10bd8380f1dd47196ed2" +SRC_URI[archive.sha256sum] = "0ed2b98918956d6f16429c607dd8a14c84f4da0a48970fd2eb8c93aba3cf9913" # gobject-introspection is mandatory and cannot be configured REQUIRED_DISTRO_FEATURES = "gobject-introspection-data" From a8b879b58a375ab8839a5ebaed1a3a47637b41ff Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Tue, 14 Jun 2022 12:07:19 +0200 Subject: [PATCH 141/600] glmark2: fix compatibility with python-3.11 Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- ...b-fix-compatibility-with-python-3.11.patch | 76 +++++++++++++++++++ .../recipes-benchmark/glmark2/glmark2_git.bb | 3 +- 2 files changed, 78 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch diff --git a/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch b/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch new file mode 100644 index 00000000000..c56fa64e580 --- /dev/null +++ b/meta-oe/recipes-benchmark/glmark2/files/0001-waflib-fix-compatibility-with-python-3.11.patch @@ -0,0 +1,76 @@ +From b85ba8c3ff3fb9ae708576ccef03434d2ef73054 Mon Sep 17 00:00:00 2001 +From: Martin Jansa +Date: Tue, 14 Jun 2022 09:54:18 +0000 +Subject: [PATCH] waflib: fix compatibility with python-3.11 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +* https://docs.python.org/3.11/whatsnew/3.11.html#changes-in-the-python-api + + open(), io.open(), codecs.open() and fileinput.FileInput no longer + accept 'U' (“universal newline”) in the file mode. This flag was + deprecated since Python 3.3. In Python 3, the “universal newline” is + used by default when a file is open in text mode. The newline parameter + of open() controls how universal newlines works. (Contributed by Victor + Stinner in bpo-37330.) + +* fixes: +Waf: The wscript in '/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git' is unreadable +Traceback (most recent call last): + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Scripting.py", line 104, in waf_entry_point + set_main_module(os.path.normpath(os.path.join(Context.run_dir,Context.WSCRIPT_FILE))) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Scripting.py", line 135, in set_main_module + Context.g_module=Context.load_module(file_path) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Context.py", line 343, in load_module + code=Utils.readf(path,m='rU',encoding=encoding) + ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ + File "/OE/build/luneos-langdale/webos-ports/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Utils.py", line 117, in readf + f=open(fname,m) + ^^^^^^^^^^^^^ +ValueError: invalid mode: 'rUb' + +Upstream-Status: Submitted [https://github.com/glmark2/glmark2/pull/178] +Signed-off-by: Martin Jansa +--- + waflib/ConfigSet.py | 2 +- + waflib/Context.py | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/waflib/ConfigSet.py b/waflib/ConfigSet.py +index 16142a2..87de4ad 100644 +--- a/waflib/ConfigSet.py ++++ b/waflib/ConfigSet.py +@@ -140,7 +140,7 @@ class ConfigSet(object): + Utils.writef(filename,''.join(buf)) + def load(self,filename): + tbl=self.table +- code=Utils.readf(filename,m='rU') ++ code=Utils.readf(filename,m='r') + for m in re_imp.finditer(code): + g=m.group + tbl[g(2)]=eval(g(3)) +diff --git a/waflib/Context.py b/waflib/Context.py +index 8f2cbfb..f3e35ae 100644 +--- a/waflib/Context.py ++++ b/waflib/Context.py +@@ -109,7 +109,7 @@ class Context(ctx): + cache[node]=True + self.pre_recurse(node) + try: +- function_code=node.read('rU',encoding) ++ function_code=node.read('r',encoding) + exec(compile(function_code,node.abspath(),'exec'),self.exec_dict) + finally: + self.post_recurse(node) +@@ -340,7 +340,7 @@ def load_module(path,encoding=None): + pass + module=imp.new_module(WSCRIPT_FILE) + try: +- code=Utils.readf(path,m='rU',encoding=encoding) ++ code=Utils.readf(path,encoding=encoding) + except EnvironmentError: + raise Errors.WafError('Could not read the file %r'%path) + module_dir=os.path.dirname(path) diff --git a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb index 1406f68b05f..188d4e5bdf1 100644 --- a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb +++ b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb @@ -18,7 +18,8 @@ SRC_URI = " \ file://0001-fix-dispmanx-build.patch \ file://0002-run-dispmanx-fullscreen.patch \ file://0001-libmatrix-Include-missing-utility-header.patch \ - " + file://0001-waflib-fix-compatibility-with-python-3.11.patch \ +" SRCREV = "0858b450cd88c84a15b99dda9698d44e7f7e8c70" S = "${WORKDIR}/git" From 64f95345ad3814aa7cdf7b21b2177b8052c59610 Mon Sep 17 00:00:00 2001 From: Vyacheslav Yurkov Date: Thu, 12 May 2022 09:35:40 +0200 Subject: [PATCH 142/600] polkit: add udisks2 rule The rule allows non-priviledged users from plugdev group to mount/unmount block devices Signed-off-by: Vyacheslav Yurkov Signed-off-by: Khem Raj (cherry picked from commit d7ff4a77241fc79fc704a0d9d6b414b52f025531) Signed-off-by: Armin Kuster --- .../files/50-org.freedesktop.udiskie.rules | 24 +++++++++++++++++++ .../polkit/polkit-group-rule-udisks2.bb | 17 +++++++++++++ 2 files changed, 41 insertions(+) create mode 100644 meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules create mode 100644 meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb diff --git a/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules new file mode 100644 index 00000000000..2ffa4087a80 --- /dev/null +++ b/meta-oe/recipes-extended/polkit/files/50-org.freedesktop.udiskie.rules @@ -0,0 +1,24 @@ +polkit.addRule(function(action, subject) { + var YES = polkit.Result.YES; + var permission = { + // required for udisks1: + "org.freedesktop.udisks.filesystem-mount": YES, + "org.freedesktop.udisks.luks-unlock": YES, + "org.freedesktop.udisks.drive-eject": YES, + "org.freedesktop.udisks.drive-detach": YES, + // required for udisks2: + "org.freedesktop.udisks2.filesystem-mount": YES, + "org.freedesktop.udisks2.encrypted-unlock": YES, + "org.freedesktop.udisks2.eject-media": YES, + "org.freedesktop.udisks2.power-off-drive": YES, + // required for udisks2 if using udiskie from another seat (e.g. systemd): + "org.freedesktop.udisks2.filesystem-mount-other-seat": YES, + "org.freedesktop.udisks2.filesystem-unmount-others": YES, + "org.freedesktop.udisks2.encrypted-unlock-other-seat": YES, + "org.freedesktop.udisks2.eject-media-other-seat": YES, + "org.freedesktop.udisks2.power-off-drive-other-seat": YES + }; + if (subject.isInGroup("plugdev")) { + return permission[action.id]; + } +}); diff --git a/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb new file mode 100644 index 00000000000..ae024d0328b --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb @@ -0,0 +1,17 @@ +DESCRIPTION = "Polkit rule to allow non-priviledged users mount/umount block devices via udisks2" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/MIT;md5=0835ade698e0bcf8506ecda2f7b4f302" + +require polkit-group-rule.inc + +# The file originates from https://github.com/coldfix/udiskie/wiki/Permissions +SRC_URI = "file://50-org.freedesktop.udiskie.rules" + +RDEPENDS_${PN} += "udisks2" + +do_install() { + install -m 0755 ${WORKDIR}/50-org.freedesktop.udiskie.rules ${D}${sysconfdir}/polkit-1/rules.d +} + +USERADD_PACKAGES = "${PN}" +GROUPADD_PARAM:${PN} = "--system plugdev" From 5b7f7f31ffd330a7ac7b78f436ce07587d33af1c Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Tue, 14 Jun 2022 10:59:07 +0800 Subject: [PATCH 143/600] polkit-group-rule-udisks2: fix override syntax in RDEPENDS RDEPENDS_${PN} -> RDEPENDS:${PN} Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 10b508deacd8ff588b1511d077fcdd708deb653a) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb index ae024d0328b..db2ed015b46 100644 --- a/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb +++ b/meta-oe/recipes-extended/polkit/polkit-group-rule-udisks2.bb @@ -7,7 +7,7 @@ require polkit-group-rule.inc # The file originates from https://github.com/coldfix/udiskie/wiki/Permissions SRC_URI = "file://50-org.freedesktop.udiskie.rules" -RDEPENDS_${PN} += "udisks2" +RDEPENDS:${PN} += "udisks2" do_install() { install -m 0755 ${WORKDIR}/50-org.freedesktop.udiskie.rules ${D}${sysconfdir}/polkit-1/rules.d From eb9a5dcbf3b9b0bcfd2607587b5e351ab03c23b4 Mon Sep 17 00:00:00 2001 From: Akash Hadke Date: Thu, 28 Jul 2022 14:33:12 +0200 Subject: [PATCH 144/600] polkit: Add --shell /bin/nologin to polkitd user polkitd user has default access to /bin/sh, add --shell /bin/nologin to remove default access to /bin/sh and avoid login through it. Signed-off-by: Akash Hadke Signed-off-by: Khem Raj (cherry picked from commit 7ca63e5454bd7cbdb5ac58f6b5913e3387b64201) Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/polkit/polkit_0.119.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb index 66bbf735f0b..9444cb9f2df 100644 --- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb +++ b/meta-oe/recipes-extended/polkit/polkit_0.119.bb @@ -58,7 +58,7 @@ FILES:${PN}:append = " \ FILES:${PN}-examples = "${bindir}/*example*" USERADD_PACKAGES = "${PN}" -USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 polkitd" +USERADD_PARAM:${PN} = "--system --no-create-home --user-group --home-dir ${sysconfdir}/${BPN}-1 --shell /bin/nologin polkitd" SYSTEMD_SERVICE:${PN} = "${BPN}.service" SYSTEMD_AUTO_ENABLE = "disable" From 3207be50c5b56f5edd3cbf8fa46a203246494519 Mon Sep 17 00:00:00 2001 From: Marta Rybczynska Date: Fri, 29 Jul 2022 13:24:13 +0200 Subject: [PATCH 145/600] polkit: update patches for musl compilation Update the patch to make netgroup support optional to fit the commit merged upstream [1], update the other patch depending on one of the changes. Without this update, a compilation using duktape with musl fails with: | ../../../polkit-0.119/src/polkitbackend/polkitbackendduktapeauthority.c: In function 'js_polkit_user_is_in_netgroup': | ../../../polkit-0.119/src/polkitbackend/polkitbackendduktapeauthority.c:1039:7: warning: implicit declaration of function 'innetgr' [-Wimplicit-function-declaration] | 1039 | if (innetgr (netgroup, | | ^~~~~~~ The main patch has been split in two, to apply the duktape part only when duktape is applied. [1] https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66 Signed-off-by: Marta Rybczynska Signed-off-by: Khem Raj (cherry picked from commit 271282b1a5579179241748d5f0bdb8d2ea013dd6) {Fixup for kirkstone content; exlude Ducktape chages] Signed-off-by: Armin Kuster --- ...ded-support-for-duktape-as-JS-engine.patch | 20 ++-- ...0004-Make-netgroup-support-optional.patch} | 103 +++++++++--------- ...ke-netgroup-support-optional-duktape.patch | 34 ++++++ .../recipes-extended/polkit/polkit_0.119.bb | 2 +- 4 files changed, 96 insertions(+), 63 deletions(-) rename meta-oe/recipes-extended/polkit/polkit/{0003-make-netgroup-support-optional.patch => 0004-Make-netgroup-support-optional.patch} (74%) create mode 100644 meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch b/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch index e44e4f6e4aa..b8562f8ce2f 100644 --- a/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch +++ b/meta-oe/recipes-extended/polkit/polkit/0003-Added-support-for-duktape-as-JS-engine.patch @@ -1,15 +1,18 @@ -From eaecfb21e1bca42e99321cc731e21dbfc1ea0d0c Mon Sep 17 00:00:00 2001 +From 4af72493cb380ab5ce0dd7c5bcd25a8b5457d770 Mon Sep 17 00:00:00 2001 From: Gustavo Lima Chaves Date: Tue, 25 Jan 2022 09:43:21 +0000 -Subject: [PATCH 3/3] Added support for duktape as JS engine +Subject: [PATCH] Added support for duktape as JS engine Original author: Wu Xiaotian (@yetist) Resurrection author, runaway-killer author: Gustavo Lima Chaves (@limachaves) Signed-off-by: Mikko Rapeli +Upstream-Status: Backport [c7fc4e1b61f0fd82fc697c19c604af7e9fb291a2] +Dropped change to .gitlab-ci.yml and adapted configure.ac due to other +patches in meta-oe. + --- - .gitlab-ci.yml | 1 + buildutil/ax_pthread.m4 | 522 ++++++++ configure.ac | 34 +- docs/man/polkit.xml | 4 +- @@ -23,16 +26,12 @@ Signed-off-by: Mikko Rapeli .../polkitbackendjsauthority.cpp | 721 +---------- .../etc/polkit-1/rules.d/10-testing.rules | 6 +- .../test-polkitbackendjsauthority.c | 2 +- - 14 files changed, 2399 insertions(+), 678 deletions(-) + 13 files changed, 2398 insertions(+), 678 deletions(-) create mode 100644 buildutil/ax_pthread.m4 create mode 100644 src/polkitbackend/polkitbackendcommon.c create mode 100644 src/polkitbackend/polkitbackendcommon.h create mode 100644 src/polkitbackend/polkitbackendduktapeauthority.c -Upstream-Status: Backport [c7fc4e1b61f0fd82fc697c19c604af7e9fb291a2] -Dropped change to .gitlab-ci.yml and adapted configure.ac due to other -patches in meta-oe. - diff --git a/buildutil/ax_pthread.m4 b/buildutil/ax_pthread.m4 new file mode 100644 index 0000000..9f35d13 @@ -603,7 +602,7 @@ index b625743..bbf4768 100644 +CC="$PTHREAD_CC" +AC_CHECK_FUNCS([pthread_condattr_setclock]) + - AC_CHECK_FUNCS(clearenv fdatasync setnetgrent) + AC_CHECK_FUNCS(clearenv fdatasync) if test "x$GCC" = "xyes"; then @@ -581,6 +598,13 @@ echo " @@ -3458,6 +3457,3 @@ index f97e0e0..2103b17 100644 }, { --- -2.20.1 - diff --git a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch b/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch similarity index 74% rename from meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch rename to meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch index 1a268f2d0db..fa273d4503f 100644 --- a/meta-oe/recipes-extended/polkit/polkit/0003-make-netgroup-support-optional.patch +++ b/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch @@ -1,36 +1,43 @@ -From 0c1debb380fee7f5b2bc62406e45856dc9c9e1a1 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Wed, 22 May 2019 13:18:55 -0700 -Subject: [PATCH] make netgroup support optional +From 7ef2621ab7adcedc099ed39acfb73c6fa835cbc3 Mon Sep 17 00:00:00 2001 +From: "A. Wilcox" +Date: Sun, 15 May 2022 05:04:10 +0000 +Subject: [PATCH] Make netgroup support optional -On at least Linux/musl and Linux/uclibc, netgroup -support is not available. PolKit fails to compile on these systems -for that reason. +On at least Linux/musl and Linux/uclibc, netgroup support is not +available. PolKit fails to compile on these systems for that reason. This change makes netgroup support conditional on the presence of the setnetgrent(3) function which is required for the support to work. If that function is not available on the system, an error will be returned to the administrator if unix-netgroup: is specified in configuration. -Fixes bug 50145. +(sam: rebased for Meson and Duktape.) -Closes polkit/polkit#14. +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/14 +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/issues/163 +Closes: https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/52 Signed-off-by: A. Wilcox -Signed-off-by: Khem Raj + +Ported back the change in configure.ac (upstream removed autotools +support). + +Upstream-Status: Backport [https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66] +Signed-off-by: Marta Rybczynska --- - configure.ac | 2 +- - src/polkit/polkitidentity.c | 16 ++++++++++++++++ - src/polkit/polkitunixnetgroup.c | 3 +++ - .../polkitbackendinteractiveauthority.c | 14 ++++++++------ - src/polkitbackend/polkitbackendjsauthority.cpp | 3 +++ - test/polkit/polkitidentitytest.c | 9 ++++++++- - test/polkit/polkitunixnetgrouptest.c | 3 +++ - .../test-polkitbackendjsauthority.c | 2 ++ - 8 files changed, 44 insertions(+), 8 deletions(-) + configure.ac | 2 +- + meson.build | 1 + + src/polkit/polkitidentity.c | 17 +++++++++++++++++ + src/polkit/polkitunixnetgroup.c | 3 +++ + .../polkitbackendinteractiveauthority.c | 14 ++++++++------ + src/polkitbackend/polkitbackendjsauthority.cpp | 2 ++ + test/polkit/polkitidentitytest.c | 8 +++++++- + test/polkit/polkitunixnetgrouptest.c | 2 ++ + .../test-polkitbackendjsauthority.c | 2 ++ + 9 files changed, 43 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac -index b625743..d807086 100644 +index 59858df..5a7fc11 100644 --- a/configure.ac +++ b/configure.ac @@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], @@ -42,8 +49,20 @@ index b625743..d807086 100644 if test "x$GCC" = "xyes"; then LDFLAGS="-Wl,--as-needed $LDFLAGS" +diff --git a/meson.build b/meson.build +index 733bbff..d840926 100644 +--- a/meson.build ++++ b/meson.build +@@ -82,6 +82,7 @@ config_h.set('_GNU_SOURCE', true) + check_functions = [ + 'clearenv', + 'fdatasync', ++ 'setnetgrent', + ] + + foreach func: check_functions diff --git a/src/polkit/polkitidentity.c b/src/polkit/polkitidentity.c -index 3aa1f7f..10e9c17 100644 +index 3aa1f7f..793f17d 100644 --- a/src/polkit/polkitidentity.c +++ b/src/polkit/polkitidentity.c @@ -182,7 +182,15 @@ polkit_identity_from_string (const gchar *str, @@ -62,7 +81,7 @@ index 3aa1f7f..10e9c17 100644 } if (identity == NULL && (error != NULL && *error == NULL)) -@@ -344,6 +352,13 @@ polkit_identity_new_for_gvariant (GVariant *variant, +@@ -344,6 +352,14 @@ polkit_identity_new_for_gvariant (GVariant *variant, GVariant *v; const char *name; @@ -73,10 +92,11 @@ index 3aa1f7f..10e9c17 100644 + "Netgroups are not available on this machine"); + goto out; +#else ++ v = lookup_asv (details_gvariant, "name", G_VARIANT_TYPE_STRING, error); if (v == NULL) { -@@ -353,6 +368,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, +@@ -353,6 +369,7 @@ polkit_identity_new_for_gvariant (GVariant *variant, name = g_variant_get_string (v, NULL); ret = polkit_unix_netgroup_new (name); g_variant_unref (v); @@ -144,10 +164,10 @@ index 056d9a8..36c2f3d 100644 } diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index ca17108..41d8d5c 100644 +index 5027815..bcb040c 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -1520,6 +1520,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1524,6 +1524,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, JS::CallArgs args = JS::CallArgsFromVp (argc, vp); @@ -155,28 +175,19 @@ index ca17108..41d8d5c 100644 JS::RootedString usrstr (authority->priv->cx); usrstr = args[0].toString(); user = JS_EncodeStringToUTF8 (cx, usrstr); -@@ -1535,6 +1536,8 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1538,6 +1539,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, + { is_in_netgroup = true; } - +#endif -+ + ret = true; - args.rval ().setBoolean (is_in_netgroup); diff --git a/test/polkit/polkitidentitytest.c b/test/polkit/polkitidentitytest.c -index e91967b..e829aaa 100644 +index e91967b..2635c4c 100644 --- a/test/polkit/polkitidentitytest.c +++ b/test/polkit/polkitidentitytest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen - */ - -+#include "config.h" - #include "glib.h" - #include - #include -@@ -145,11 +146,15 @@ struct ComparisonTestData comparison_test_data [] = { +@@ -145,11 +145,15 @@ struct ComparisonTestData comparison_test_data [] = { {"unix-group:root", "unix-group:jane", FALSE}, {"unix-group:jane", "unix-group:jane", TRUE}, @@ -192,7 +203,7 @@ index e91967b..e829aaa 100644 {NULL}, }; -@@ -181,11 +186,13 @@ main (int argc, char *argv[]) +@@ -181,11 +185,13 @@ main (int argc, char *argv[]) g_test_add_data_func ("/PolkitIdentity/group_string_2", "unix-group:jane", test_string); g_test_add_data_func ("/PolkitIdentity/group_string_3", "unix-group:users", test_string); @@ -208,18 +219,10 @@ index e91967b..e829aaa 100644 add_comparison_tests (); diff --git a/test/polkit/polkitunixnetgrouptest.c b/test/polkit/polkitunixnetgrouptest.c -index 3701ba1..e3352eb 100644 +index 3701ba1..e1d211e 100644 --- a/test/polkit/polkitunixnetgrouptest.c +++ b/test/polkit/polkitunixnetgrouptest.c -@@ -19,6 +19,7 @@ - * Author: Nikki VonHollen - */ - -+#include "config.h" - #include "glib.h" - #include - #include -@@ -69,7 +70,9 @@ int +@@ -69,7 +69,9 @@ int main (int argc, char *argv[]) { g_test_init (&argc, &argv, NULL); diff --git a/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch b/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch new file mode 100644 index 00000000000..12988ad94fa --- /dev/null +++ b/meta-oe/recipes-extended/polkit/polkit/0005-Make-netgroup-support-optional-duktape.patch @@ -0,0 +1,34 @@ +From 792f8e2151c120ec51b50a4098e4f9642409cbec Mon Sep 17 00:00:00 2001 +From: Marta Rybczynska +Date: Fri, 29 Jul 2022 11:52:59 +0200 +Subject: [PATCH] Make netgroup support optional + +This patch adds a fragment of the netgroup patch to apply on the duktape-related +code. This change is needed to compile with duktape+musl. + +Upstream-Status: Backport [https://gitlab.freedesktop.org/polkit/polkit/-/commit/b57deee8178190a7ecc75290fa13cf7daabc2c66] +Signed-off-by: Marta Rybczynska +--- + src/polkitbackend/polkitbackendduktapeauthority.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/polkitbackend/polkitbackendduktapeauthority.c b/src/polkitbackend/polkitbackendduktapeauthority.c +index c89dbcf..58a5936 100644 +--- a/src/polkitbackend/polkitbackendduktapeauthority.c ++++ b/src/polkitbackend/polkitbackendduktapeauthority.c +@@ -1036,6 +1036,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) + user = duk_require_string (cx, 0); + netgroup = duk_require_string (cx, 1); + ++#ifdef HAVE_SETNETGRENT + if (innetgr (netgroup, + NULL, /* host */ + user, +@@ -1043,6 +1044,7 @@ js_polkit_user_is_in_netgroup (duk_context *cx) + { + is_in_netgroup = TRUE; + } ++#endif + + duk_push_boolean (cx, is_in_netgroup); + return 1; diff --git a/meta-oe/recipes-extended/polkit/polkit_0.119.bb b/meta-oe/recipes-extended/polkit/polkit_0.119.bb index 9444cb9f2df..eff80cd43dc 100644 --- a/meta-oe/recipes-extended/polkit/polkit_0.119.bb +++ b/meta-oe/recipes-extended/polkit/polkit_0.119.bb @@ -24,10 +24,10 @@ PACKAGECONFIG[consolekit] = ",,,consolekit" PAM_SRC_URI = "file://polkit-1_pam.patch" SRC_URI = "http://www.freedesktop.org/software/polkit/releases/polkit-${PV}.tar.gz \ ${@bb.utils.contains('DISTRO_FEATURES', 'pam', '${PAM_SRC_URI}', '', d)} \ - file://0003-make-netgroup-support-optional.patch \ file://0001-pkexec-local-privilege-escalation-CVE-2021-4034.patch \ file://0002-CVE-2021-4115-GHSL-2021-077-fix.patch \ file://0003-Added-support-for-duktape-as-JS-engine.patch \ + file://0004-Make-netgroup-support-optional.patch \ " SRC_URI[sha256sum] = "c8579fdb86e94295404211285fee0722ad04893f0213e571bd75c00972fd1f5c" From 72d3abde62f208f4f9a1e19cd8a773c93b6e6aa7 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Sat, 6 Aug 2022 08:45:58 -0700 Subject: [PATCH 146/600] ibus: Swith to use main branch instead of master Upstream has switched to using main for tip of trunk, therefore follow it here in SRC_URI as well. Signed-off-by: Khem Raj Suggested-by: Fabio Estevam Reported-by: Markus Volk (cherry picked from commit ca5f1dde541689f6a479a914ec742a3bf46dfbe1) Signed-off-by: Armin Kuster --- meta-gnome/recipes-support/ibus/ibus.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-gnome/recipes-support/ibus/ibus.inc b/meta-gnome/recipes-support/ibus/ibus.inc index 37a490abe0c..bb662f2ec99 100644 --- a/meta-gnome/recipes-support/ibus/ibus.inc +++ b/meta-gnome/recipes-support/ibus/ibus.inc @@ -10,7 +10,7 @@ PV = "1.5.26" DEPENDS = "unicode-ucd" SRC_URI = " \ - git://github.com/ibus/ibus.git;branch=master;protocol=https \ + git://github.com/ibus/ibus.git;branch=main;protocol=https \ file://0001-Do-not-try-to-start-dbus-we-do-not-have-dbus-lauch.patch \ " SRCREV = "6a70ab0338206bd1c7d01a4e1874ea0ee5b3a9d3" From 2594e977785f3ba5116125927de17e51f3b6a07d Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Mon, 1 Aug 2022 17:33:59 +0800 Subject: [PATCH 147/600] net-snmp: set ac_cv_path_PSPROG Fixes: WARNING: net-snmp-5.9.1-r0 do_package_qa: QA Issue: File /usr/include/net-snmp/net-snmp-config-64.h in package net-snmp-dev contains reference to TMPDIR File /usr/bin/net-snmp-create-v3-user in package net-snmp-dev contains reference to TMPDIR [buildpaths] WARNING: net-snmp-5.9.1-r0 do_package_qa: QA Issue: File /usr/lib/net-snmp/ptest/include/net-snmp/net-snmp-config.h in package net-snmp-ptest contains reference to TMPDIR [buildpaths] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 1bf83255aee9850bf5ce5138c4bdefbe9eeb120c) Signed-off-by: Armin Kuster --- meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb index 5f887b88687..30c0ce74cb4 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb @@ -72,6 +72,7 @@ CACHED_CONFIGUREVARS = " \ ac_cv_ETC_MNTTAB=/etc/mtab \ lt_cv_shlibpath_overrides_runpath=yes \ ac_cv_path_UNAMEPROG=${base_bindir}/uname \ + ac_cv_path_PSPROG=${base_bindir}/ps \ ac_cv_file__etc_printcap=no \ NETSNMP_CONFIGURE_OPTIONS= \ " From fe7250a321829e9ea96a185ae31e6c6307dfa25d Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Mon, 1 Aug 2022 17:04:32 +0800 Subject: [PATCH 148/600] postgresql: Fix the buildpaths issue Fixes: WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/bin/postgres in package postgresql contains reference to TMPDIR File /usr/bin/pg_config in package postgresql contains reference to TMPDIR [buildpaths] WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/include/pg_config.h in package libpq-dev contains reference to TMPDIR [buildpaths] WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/include/postgresql/server/pg_config.h in package postgresql-server-dev contains reference to TMPDIR File /usr/lib/postgresql/pgxs/src/Makefile.global in package postgresql-server-dev contains reference to TMPDIR [buildpaths] WARNING: postgresql-14.4-r0 do_package_qa: QA Issue: File /usr/lib/libpgcommon.a in package postgresql-staticdev contains reference to TMPDIR File /usr/lib/libpgcommon_shlib.a in package postgresql-staticdev contains reference to TMPDIR [buildpaths] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 59eff6269c4f4c150d976054d585872c92f20207) Signed-off-by: Armin Kuster --- ...-config_info.c-not-expose-build-info.patch | 110 ++++++++++++++++++ meta-oe/recipes-dbs/postgresql/postgresql.inc | 8 ++ .../recipes-dbs/postgresql/postgresql_14.4.bb | 1 + 3 files changed, 119 insertions(+) create mode 100644 meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch b/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch new file mode 100644 index 00000000000..101a748776e --- /dev/null +++ b/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch @@ -0,0 +1,110 @@ +From b92eebe8b0760fee7bd55c6c22318620c2c07579 Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Mon, 1 Aug 2022 15:44:38 +0800 +Subject: [PATCH] config_info.c: not expose build info + +Don't collect the build information to fix the buildpaths issue. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu +--- + configure.ac | 2 +- + src/common/config_info.c | 68 ---------------------------------------- + 2 files changed, 1 insertion(+), 69 deletions(-) + +diff --git a/configure.ac b/configure.ac +index 0eb595b..508487b 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -23,7 +23,7 @@ AC_COPYRIGHT([Copyright (c) 1996-2021, PostgreSQL Global Development Group]) + AC_CONFIG_SRCDIR([src/backend/access/common/heaptuple.c]) + AC_CONFIG_AUX_DIR(config) + AC_PREFIX_DEFAULT(/usr/local/pgsql) +-AC_DEFINE_UNQUOTED(CONFIGURE_ARGS, ["$ac_configure_args"], [Saved arguments from configure]) ++AC_DEFINE_UNQUOTED(CONFIGURE_ARGS, ["ac_configure_args"], [Saved arguments from configure]) + + [PG_MAJORVERSION=`expr "$PACKAGE_VERSION" : '\([0-9][0-9]*\)'`] + [PG_MINORVERSION=`expr "$PACKAGE_VERSION" : '.*\.\([0-9][0-9]*\)'`] +diff --git a/src/common/config_info.c b/src/common/config_info.c +index e72e729..b482c20 100644 +--- a/src/common/config_info.c ++++ b/src/common/config_info.c +@@ -123,74 +123,6 @@ get_configdata(const char *my_exec_path, size_t *configdata_len) + configdata[i].setting = pstrdup(path); + i++; + +- configdata[i].name = pstrdup("CONFIGURE"); +- configdata[i].setting = pstrdup(CONFIGURE_ARGS); +- i++; +- +- configdata[i].name = pstrdup("CC"); +-#ifdef VAL_CC +- configdata[i].setting = pstrdup(VAL_CC); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CPPFLAGS"); +-#ifdef VAL_CPPFLAGS +- configdata[i].setting = pstrdup(VAL_CPPFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CFLAGS"); +-#ifdef VAL_CFLAGS +- configdata[i].setting = pstrdup(VAL_CFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("CFLAGS_SL"); +-#ifdef VAL_CFLAGS_SL +- configdata[i].setting = pstrdup(VAL_CFLAGS_SL); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS"); +-#ifdef VAL_LDFLAGS +- configdata[i].setting = pstrdup(VAL_LDFLAGS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS_EX"); +-#ifdef VAL_LDFLAGS_EX +- configdata[i].setting = pstrdup(VAL_LDFLAGS_EX); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LDFLAGS_SL"); +-#ifdef VAL_LDFLAGS_SL +- configdata[i].setting = pstrdup(VAL_LDFLAGS_SL); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- +- configdata[i].name = pstrdup("LIBS"); +-#ifdef VAL_LIBS +- configdata[i].setting = pstrdup(VAL_LIBS); +-#else +- configdata[i].setting = pstrdup(_("not recorded")); +-#endif +- i++; +- + configdata[i].name = pstrdup("VERSION"); + configdata[i].setting = pstrdup("PostgreSQL " PG_VERSION); + i++; +-- +2.25.1 + diff --git a/meta-oe/recipes-dbs/postgresql/postgresql.inc b/meta-oe/recipes-dbs/postgresql/postgresql.inc index 00c01074693..bef33e6bb4f 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql.inc +++ b/meta-oe/recipes-dbs/postgresql/postgresql.inc @@ -215,6 +215,14 @@ do_install:append() { install -m 0644 ${WORKDIR}/postgresql.service ${D}${systemd_unitdir}/system sed -i -e 's,@BINDIR@,${bindir},g' \ ${D}${systemd_unitdir}/system/postgresql.service + # Remove the build path + if [ -f ${D}${libdir}/${BPN}/pgxs/src/Makefile.global ]; then + sed -i -e 's#${RECIPE_SYSROOT}##g' \ + -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ + -e 's#${WORKDIR}##g' \ + -e 's#${TMPDIR}##g' \ + ${D}${libdir}/${BPN}/pgxs/src/Makefile.global + fi } SSTATE_SCAN_FILES += "Makefile.global" diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb index 64e83b2cdea..1daab22f920 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb @@ -8,6 +8,7 @@ SRC_URI += "\ file://0001-Improve-reproducibility.patch \ file://0001-configure.ac-bypass-autoconf-2.69-version-check.patch \ file://remove_duplicate.patch \ + file://0001-config_info.c-not-expose-build-info.patch \ " SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a" From 055f26ce9a2607b7412730de728abd6305fd4c80 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 3 Aug 2022 16:56:01 +0800 Subject: [PATCH 149/600] freeradius: Fix buildpaths issue Fixes: WARNING: freeradius-3.0.21-r0 do_package_qa: QA Issue: File /usr/bin/radeapclient in package freeradius-utils contains reference to TMPDIR [buildpaths] WARNING: freeradius-3.0.21-r0 do_package_qa: QA Issue: File /usr/lib/libfreeradius-server.so.0.0.0 in package freeradius contains reference to TMPDIR [buildpaths] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 1c91de67b4981f62ddc7308bf88c1a6f4a844fdb) Signed-off-by: Armin Kuster --- ...01-version.c-don-t-print-build-flags.patch | 41 +++++++++++++++++++ .../freeradius/freeradius_3.0.21.bb | 1 + 2 files changed, 42 insertions(+) create mode 100644 meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch diff --git a/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch b/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch new file mode 100644 index 00000000000..697205efe0b --- /dev/null +++ b/meta-networking/recipes-connectivity/freeradius/files/0001-version.c-don-t-print-build-flags.patch @@ -0,0 +1,41 @@ +From cbc64dcf6aa2a1be63f45ea6dd7d2c49b70a0bee Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Wed, 3 Aug 2022 16:44:29 +0800 +Subject: [PATCH] version.c: don't print build flags + +Don't print the build flags to avoid collecting the build environment info. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu +--- + src/main/version.c | 13 ------------- + 1 file changed, 13 deletions(-) + +diff --git a/src/main/version.c b/src/main/version.c +index 62972d9f53..cf81de72c9 100644 +--- a/src/main/version.c ++++ b/src/main/version.c +@@ -589,19 +589,6 @@ void version_print(void) + DEBUG2(" unknown"); + #endif + +- DEBUG2("Compilation flags:"); +-#ifdef BUILT_WITH_CPPFLAGS +- DEBUG2(" cppflags : " BUILT_WITH_CPPFLAGS); +-#endif +-#ifdef BUILT_WITH_CFLAGS +- DEBUG2(" cflags : " BUILT_WITH_CFLAGS); +-#endif +-#ifdef BUILT_WITH_LDFLAGS +- DEBUG2(" ldflags : " BUILT_WITH_LDFLAGS); +-#endif +-#ifdef BUILT_WITH_LIBS +- DEBUG2(" libs : " BUILT_WITH_LIBS); +-#endif + DEBUG2(" "); + } + INFO("FreeRADIUS Version " RADIUSD_VERSION_STRING); +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb index d6477e340e4..1407b798b5c 100644 --- a/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb +++ b/meta-networking/recipes-connectivity/freeradius/freeradius_3.0.21.bb @@ -32,6 +32,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.0.x;lfs=0 file://radiusd.service \ file://radiusd-volatiles.conf \ file://check-openssl-cmds-in-script-bootstrap.patch \ + file://0001-version.c-don-t-print-build-flags.patch \ " raddbdir="${sysconfdir}/${MLPREFIX}raddb" From bbfdaf4cb6a2244c34982f1468139936d0f26500 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 3 Aug 2022 15:42:33 +0800 Subject: [PATCH 150/600] openipmi: Fix buildpaths issue Fixes: WARNING: openipmi-2.0.32-r0 do_package_qa: QA Issue: File /usr/src/debug/openipmi/2.0.32-r0/OpenIPMI-2.0.32/swig/perl/OpenIPMI_wrap.c in package openipmi-src contains reference to TMPDIR [buildpaths] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 5abd81567d5ed091ed870abf24e51f260747d593) Signed-off-by: Armin Kuster --- meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb index c61303b81ec..8625afaa740 100644 --- a/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb +++ b/meta-networking/recipes-support/openipmi/openipmi_2.0.32.bb @@ -85,6 +85,10 @@ do_configure () { done } +do_compile:append () { + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' ${S}/swig/perl/OpenIPMI_wrap.c +} + do_install:append () { echo "SAL: D = $D" echo "SAL: libdir = $libdir" From 78e65e77992252f0d348f5a7d3a8f86313ed1beb Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 3 Aug 2022 13:28:04 +0800 Subject: [PATCH 151/600] apache2: Fix the buildpaths issue Fixes: WARNING: apache2-2.4.54-r0 do_package_qa: QA Issue: File /usr/src/debug/apache2/2.4.54-r0/build/server/exports.c in package apache2-src contains reference to TMPDIR [buildpaths] Before the patch: # cat ./build/server/exports.c [snip] #include "mpm_fdqueue.h" const void *ap_ugly_hack = NULL; /* * /buildarea/build/tmp-glibc/work/core2-32-wrs-linux/apache2/2.4.54-r0/httpd-2.4.54/include/ap_expr.h */ const void *ap_hack_ap_expr_exec = (const void *)ap_expr_exec; [snip] After the patch: # cat ./build/server/exports.c [snip] #include "mpm_fdqueue.h" const void *ap_ugly_hack = NULL; /* * ap_expr.h */ const void *ap_hack_ap_expr_exec = (const void *)ap_expr_exec; [snip] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 4f2025e8d2f1626e97f7e9e675ce3c7d45477807) Signed-off-by: Armin Kuster --- ...make_exports.awk-not-expose-the-path.patch | 32 +++++++++++++++++++ .../recipes-httpd/apache2/apache2_2.4.54.bb | 1 + 2 files changed, 33 insertions(+) create mode 100644 meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch b/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch new file mode 100644 index 00000000000..78f23f0f2d5 --- /dev/null +++ b/meta-webserver/recipes-httpd/apache2/apache2/0001-make_exports.awk-not-expose-the-path.patch @@ -0,0 +1,32 @@ +From 5b5eae9cdf3bae91756c717349f2f33a31888f24 Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Wed, 3 Aug 2022 12:35:16 +0800 +Subject: [PATCH] make_exports.awk: not expose the path + +Don't print the full path in the comment line. + +Upstream-Status: Inappropriate [oe specific] + +Signed-off-by: Mingli Yu +--- + build/make_exports.awk | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/build/make_exports.awk b/build/make_exports.awk +index 1cf0568..44d93c5 100644 +--- a/build/make_exports.awk ++++ b/build/make_exports.awk +@@ -47,7 +47,9 @@ function push(line) { + + function do_output() { + printf("/*\n") +- printf(" * %s\n", FILENAME) ++ file = FILENAME ++ sub("([^/]*[/])*", "", file) ++ printf(" * %s\n", file) + printf(" */\n") + + for (i = 0; i < stackptr; i++) { +-- +2.25.1 + diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb index 4b0ed2f622e..37d498f52e8 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.54.bb @@ -15,6 +15,7 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://0007-apache2-allow-to-disable-selinux-support.patch \ file://0008-Fix-perl-install-directory-to-usr-bin.patch \ file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \ + file://0001-make_exports.awk-not-expose-the-path.patch \ " SRC_URI:append:class-target = " \ From 73a17ff992d2f33dd95cd2fcd10453712874e362 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Fri, 5 Aug 2022 16:33:42 +0800 Subject: [PATCH 152/600] frr: fix buildpaths issue Fixes: WARNING: frr-8.2.2-r0 do_package_qa: QA Issue: File /usr/lib/libfrr.a in package frr-staticdev contains reference to TMPDIR [buildpaths] WARNING: frr-8.2.2-r0 do_package_qa: QA Issue: File /usr/src/debug/frr/8.2.2-r0/git/lib/version.h in package frr-src contains reference to TMPDIR [buildpaths] WARNING: frr-8.2.2-r0 do_package_qa: QA Issue: File /usr/include/frr/version.h in package frr-dev contains reference to TMPDIR [buildpaths] WARNING: frr-8.2.2-r0 do_package_qa: QA Issue: File /usr/bin/vtysh in package frr contains reference to TMPDIR File /usr/lib/libfrr.so.0.0.0 in package frr contains reference to TMPDIR [buildpaths] Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit 8b76b6c8e3ffdb30da839408084289c57e292752) Signed-off-by: Armin Kuster --- meta-networking/recipes-protocols/frr/frr_8.2.2.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index ceb94109dea..96be49b53fc 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -73,6 +73,11 @@ SYSTEMD_PACKAGES = "${PN}" SYSTEMD_SERVICE:${PN} = "frr.service" SYSTEMD_AUTO_ENABLE = "disable" +do_compile:prepend () { + sed -i -e 's#${RECIPE_SYSROOT_NATIVE}##g' \ + -e 's#${RECIPE_SYSROOT}##g' ${S}/lib/version.h +} + do_compile:class-native () { oe_runmake clippy-only } From 9165fb0d1fde9a99e6ce3ec37e8c2ca43757756e Mon Sep 17 00:00:00 2001 From: Anuj Mittal Date: Thu, 4 Aug 2022 14:13:23 +0800 Subject: [PATCH 153/600] yasm: fix buildpaths warning ax_create_stdint_h.m4 includes $CC as a comment in the generated header which leads to buildpaths warning: | WARNING: yasm-1.3.0+gitAUTOINC+ba463d3c26-r0 do_package_qa: QA Issue: File /usr/include/libyasm-stdint.h in package yasm-dev contains reference to TMPDIR [buildpaths] Signed-off-by: Anuj Mittal Signed-off-by: Khem Raj (cherry picked from commit a7346d2bb1a60289225cce78d760e4d264d1b2a2) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/yasm/yasm_git.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index b5cd35ab3ac..044fcbea741 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -22,3 +22,8 @@ CACHED_CONFIGUREVARS = "CCLD_FOR_BUILD='${CC_FOR_BUILD}'" BBCLASSEXTEND = "native" PARALLEL_MAKE = "" + +do_configure:prepend() { + # Don't include $CC (which includes path to sysroot) in generated header. + sed -i -e "s/^echo \"\/\* generated \$ac_cv_stdint_message \*\/\" >>\$ac_stdint$"// ${S}/m4/ax_create_stdint_h.m4 +} From ce74ad4b5167f4430cbe8e123df3e5f64810aa3a Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt Date: Tue, 9 Aug 2022 16:17:28 +0200 Subject: [PATCH 154/600] libwebsockets: Avoid absolute paths in *.cmake files in the sysroot Signed-off-by: Peter Kjellerstedt Signed-off-by: Armin Kuster --- .../recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb index a5fcb8d72dc..2a3a4ebd065 100644 --- a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb +++ b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb @@ -41,3 +41,6 @@ RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libuv', '${PN}-evlib- RDEPENDS:${PN} += " ${@bb.utils.contains('PACKAGECONFIG', 'libev', '${PN}-evlib-ev', '', d)}" RDEPENDS:${PN}-dev += " ${@bb.utils.contains('PACKAGECONFIG', 'static', '${PN}-staticdev', '', d)}" + +# Avoid absolute paths to end up in the sysroot. +SSTATE_SCAN_FILES += "*.cmake" From acbe74879807fc6f82b62525d32c823899e19036 Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt Date: Tue, 9 Aug 2022 16:17:29 +0200 Subject: [PATCH 155/600] cryptsetup: Add support for building without SSH tokens Cryptsetup SSH tokens is the only feature that has a dependency on libssh. Add a packageconfig to control this dependency. Signed-off-by: Peter Kjellerstedt Signed-off-by: Armin Kuster --- meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb index 8f9f663a33e..4f8bbf0358d 100644 --- a/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb +++ b/meta-oe/recipes-crypto/cryptsetup/cryptsetup_2.4.3.bb @@ -14,7 +14,6 @@ DEPENDS = " \ libdevmapper \ popt \ util-linux-libuuid \ - libssh \ " DEPENDS:append:libc-musl = " argp-standalone" @@ -39,6 +38,7 @@ PACKAGECONFIG ??= " \ blkid \ luks-adjust-xts-keysize \ openssl \ + ssh-token \ " PACKAGECONFIG:append:class-target = " \ udev \ @@ -69,6 +69,7 @@ PACKAGECONFIG[nss] = "--with-crypto_backend=nss,,nss" PACKAGECONFIG[kernel] = "--with-crypto_backend=kernel" PACKAGECONFIG[nettle] = "--with-crypto_backend=nettle,,nettle" PACKAGECONFIG[luks2] = "--with-default-luks-format=LUKS2,--with-default-luks-format=LUKS1" +PACKAGECONFIG[ssh-token] = "--enable-ssh-token,--disable-ssh-token,libssh" EXTRA_OECONF = "--enable-static" # Building without largefile is not supported by upstream @@ -78,6 +79,14 @@ EXTRA_OECONF += "--disable-static-cryptsetup" # There's no recipe for libargon2 yet EXTRA_OECONF += "--disable-libargon2" +do_install:append() { + # The /usr/lib/cryptsetup directory is always created, even when ssh-token + # is disabled. In that case it is empty and causes a packaging error. Since + # there is no reason to distribute the empty directory, the easiest solution + # is to remove it if it is empty. + rmdir -p --ignore-fail-on-non-empty ${D}${libdir}/${BPN} +} + FILES:${PN} += "${@bb.utils.contains('DISTRO_FEATURES','systemd','${exec_prefix}/lib/tmpfiles.d/cryptsetup.conf', '', d)}" RDEPENDS:${PN} = " \ From d15e41f86c5737f1111515afa87f852b96f56847 Mon Sep 17 00:00:00 2001 From: Lei Maohui Date: Mon, 8 Aug 2022 15:01:26 +0800 Subject: [PATCH 156/600] xrdp: Fix buildpaths warning. Don't print configure message. Signed-off-by: Lei Maohui Signed-off-by: Khem Raj (cherry picked from commit abe35f5953af99da4bf6b8d023ee4516ec4710fa) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb b/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb index 7ec6ae15f67..947ca75388e 100644 --- a/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb +++ b/meta-oe/recipes-support/xrdp/xrdp_0.9.18.bb @@ -49,6 +49,7 @@ do_configure:prepend() { do_compile:prepend() { sed -i 's/(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am/(MAKE) $(AM_MAKEFLAGS) install-exec-am/g' ${S}/keygen/Makefile.in + echo "" > ${B}/xrdp_configure_options.h } do_install:append() { From 3a6f77e5166e4300071773a45187c7b01b87d119 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 8 Aug 2022 11:33:18 -0700 Subject: [PATCH 157/600] audit: Upgrade to 3.0.8 and fix build with linux 5.17+ audit errors out due to swig munging it does with kernel headers | audit_wrap.c: In function '_wrap_audit_rule_data_buf_set': | audit_wrap.c:4701:17: error: cast specifies array type | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4701:15: error: invalid use of flexible array member | 4701 | arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size)); | | ^ | audit_wrap.c:4703:15: error: invalid use of flexible array member | 4703 | arg1->buf = 0; | | ^ These errors are due to VLAIS from kernel headers, so we copy linux/audit.h and make the needed change in local audit.h and make needed arrangements in build to use it when building audit package Signed-off-by: Khem Raj Cc: Bruce Ashfield (cherry picked from commit ee3c680c300237c49a3c70610aa5794185c4adac) Signed-off-by: Armin Kuster --- .../audit/Fixed-swig-host-contamination-issue.patch | 13 +++---------- .../audit/{audit_3.0.7.bb => audit_3.0.8.bb} | 7 ++++++- 2 files changed, 9 insertions(+), 11 deletions(-) rename meta-oe/recipes-security/audit/{audit_3.0.7.bb => audit_3.0.8.bb} (93%) diff --git a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch index 740bcb5a7f6..b023c80ae40 100644 --- a/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch +++ b/meta-oe/recipes-security/audit/audit/Fixed-swig-host-contamination-issue.patch @@ -18,11 +18,9 @@ Signed-off-by: Yi Zhao bindings/swig/src/auditswig.i | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) -diff --git a/bindings/swig/python3/Makefile.am b/bindings/swig/python3/Makefile.am -index dd9d934..61b486d 100644 --- a/bindings/swig/python3/Makefile.am +++ b/bindings/swig/python3/Makefile.am -@@ -22,6 +22,7 @@ +@@ -23,6 +23,7 @@ CONFIG_CLEAN_FILES = *.loT *.rej *.orig AM_CFLAGS = -fPIC -DPIC -fno-strict-aliasing $(PYTHON3_CFLAGS) AM_CPPFLAGS = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES) @@ -30,7 +28,7 @@ index dd9d934..61b486d 100644 LIBS = $(top_builddir)/lib/libaudit.la SWIG_FLAGS = -python -py3 -modern SWIG_INCLUDES = -I. -I$(top_builddir) -I${top_srcdir}/lib $(PYTHON3_INCLUDES) -@@ -36,7 +37,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/lib/libaudit.h ${top_builddir}/lib/libaudi +@@ -37,7 +38,7 @@ _audit_la_DEPENDENCIES =${top_srcdir}/li _audit_la_LIBADD = ${top_builddir}/lib/libaudit.la nodist__audit_la_SOURCES = audit_wrap.c audit.py audit_wrap.c: ${srcdir}/../src/auditswig.i @@ -39,8 +37,6 @@ index dd9d934..61b486d 100644 CLEANFILES = audit.py* audit_wrap.c *~ -diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i -index 21aafca..dd0f62c 100644 --- a/bindings/swig/src/auditswig.i +++ b/bindings/swig/src/auditswig.i @@ -39,7 +39,7 @@ signed @@ -48,10 +44,7 @@ index 21aafca..dd0f62c 100644 typedef unsigned __u32; typedef unsigned uid_t; -%include "/usr/include/linux/audit.h" -+%include "linux/audit.h" ++%include "../lib/audit.h" #define __extension__ /*nothing*/ %include %include "../lib/libaudit.h" --- -2.17.1 - diff --git a/meta-oe/recipes-security/audit/audit_3.0.7.bb b/meta-oe/recipes-security/audit/audit_3.0.8.bb similarity index 93% rename from meta-oe/recipes-security/audit/audit_3.0.7.bb rename to meta-oe/recipes-security/audit/audit_3.0.8.bb index d77aec29643..3dbfc9e604e 100644 --- a/meta-oe/recipes-security/audit/audit_3.0.7.bb +++ b/meta-oe/recipes-security/audit/audit_3.0.8.bb @@ -15,7 +15,7 @@ SRC_URI = "git://github.com/linux-audit/${BPN}-userspace.git;branch=master;proto " S = "${WORKDIR}/git" -SRCREV = "f60b2d8f55c74be798a7f5bcbd6c587987f2578a" +SRCREV = "54a62e78792fe583267cf80da717ee480b8f42bc" inherit autotools python3native update-rc.d systemd @@ -71,6 +71,11 @@ FILES:${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}" CONFFILES:auditd = "${sysconfdir}/audit/audit.rules" +do_configure:prepend() { + sed -e 's|buf\[];|buf[0];|g' ${STAGING_INCDIR}/linux/audit.h > ${S}/lib/audit.h + sed -i -e 's|#include |#include "audit.h"|g' ${S}/lib/libaudit.h +} + do_install:append() { rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la From 0609aa408b174e34ff4f5a43abd3b0e0995946c2 Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Fri, 12 Aug 2022 15:56:52 +0800 Subject: [PATCH 158/600] fuse3: support ptest fuse3 test is designed to run under source dir, there are many places like "progname = pjoin(basename, 'example', 'ioctl')" in the testcases, which will try to find compiled program. As our S != B, and the don't run test under source dir. Test will fail with following errors: No such file or directory: '/usr/lib64/fuse3/ptest/test/../example/printcap' Fix by install needed programs for the test Signed-off-by: Changqing Li --- .../recipes-support/fuse/fuse3_3.10.5.bb | 25 ++++++++++++++++--- 1 file changed, 21 insertions(+), 4 deletions(-) diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb index e0cf2092a67..8b0d8ecab83 100644 --- a/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb +++ b/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb @@ -35,7 +35,28 @@ RDEPENDS:${PN}-ptest += " \ do_install_ptest() { install -d ${D}${PTEST_PATH}/test + install -d ${D}${PTEST_PATH}/example + install -d ${D}${PTEST_PATH}/util cp -rf ${S}/test/* ${D}${PTEST_PATH}/test/ + + example_excutables=`find ${B}/example -type f -executable` + util_excutables=`find ${B}/util -type f -executable` + test_excutables=`find ${B}/test -type f -executable` + + for e in $example_excutables + do + cp -rf $e ${D}${PTEST_PATH}/example/ + done + + for e in $util_excutables + do + cp -rf $e ${D}${PTEST_PATH}/util/ + done + + for e in $test_excutables + do + cp -rf $e ${D}${PTEST_PATH}/test + done } DEPENDS = "udev" @@ -49,10 +70,6 @@ RRECOMMENDS:${PN}:class-target = "kernel-module-fuse fuse3-utils" FILES:${PN} += "${libdir}/libfuse3.so.*" FILES:${PN}-dev += "${libdir}/libfuse3*.la" -EXTRA_OEMESON += " \ - -Dexamples=false \ -" - # Forbid auto-renaming to libfuse3-utils FILES:fuse3-utils = "${bindir} ${base_sbindir}" DEBIAN_NOAUTONAME:fuse3-utils = "1" From acdf9bafb0c7f19b58bf6627b02e59e67f80764a Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Tue, 16 Aug 2022 10:56:52 +0800 Subject: [PATCH 159/600] fuse3: fix ptest test_passthrough_hp failure fix test_passthrough_hp failure with error: 21 unlinked testfile checks failed Signed-off-by: Changqing Li --- ...lls.c-allow-EBADF-in-fcheck_stat-631.patch | 45 +++++++++++++++++++ .../recipes-support/fuse/fuse3_3.10.5.bb | 1 + 2 files changed, 46 insertions(+) create mode 100644 meta-filesystems/recipes-support/fuse/fuse3/0001-test-test_syscalls.c-allow-EBADF-in-fcheck_stat-631.patch diff --git a/meta-filesystems/recipes-support/fuse/fuse3/0001-test-test_syscalls.c-allow-EBADF-in-fcheck_stat-631.patch b/meta-filesystems/recipes-support/fuse/fuse3/0001-test-test_syscalls.c-allow-EBADF-in-fcheck_stat-631.patch new file mode 100644 index 00000000000..2207408bd26 --- /dev/null +++ b/meta-filesystems/recipes-support/fuse/fuse3/0001-test-test_syscalls.c-allow-EBADF-in-fcheck_stat-631.patch @@ -0,0 +1,45 @@ +From cee6de8d6619aeeb70f3318dfd35f2fdf5e43848 Mon Sep 17 00:00:00 2001 +From: Luis Henriques +Date: Sat, 20 Nov 2021 10:09:25 +0000 +Subject: [PATCH] test/test_syscalls.c: allow EBADF in fcheck_stat() (#631) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Test test/test_examples.py::test_passthrough_hp[False] fails because, on +kernels >= 5.14, fstat() will return -EBADF: + +3 [check_unlinked_testfile] fcheck_stat() - fstat: Bad file descriptor +4 [check_unlinked_testfile] fcheck_stat() - fstat: Bad file descriptor +5 [check_unlinked_testfile] fcheck_stat() - fstat: Bad file descriptor +9 [check_unlinked_testfile] fcheck_stat() - fstat: Bad file descriptor +... + +This patch simply whitelists the EBADF errno code. + +Signed-off-by: Luís Henriques +Co-authored-by: Luís Henriques + +Upstream-Status: Backport [https://github.com/libfuse/libfuse/commit/cee6de8d6619aeeb70f3318dfd35f2fdf5e43848] +Signed-off-by: Changqing Li +--- + test/test_syscalls.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/test/test_syscalls.c b/test/test_syscalls.c +index 160a2ac..65292ed 100644 +--- a/test/test_syscalls.c ++++ b/test/test_syscalls.c +@@ -277,7 +277,8 @@ static int fcheck_stat(int fd, int flags, struct stat *st) + if (flags & O_PATH) { + // With O_PATH fd, the server does not have to keep + // the inode alive so FUSE inode may be stale or bad +- if (errno == ESTALE || errno == EIO || errno == ENOENT) ++ if (errno == ESTALE || errno == EIO || ++ errno == ENOENT || errno == EBADF) + return 0; + } + PERROR("fstat"); +-- +2.25.1 + diff --git a/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb b/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb index 8b0d8ecab83..0f379afb927 100644 --- a/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb +++ b/meta-filesystems/recipes-support/fuse/fuse3_3.10.5.bb @@ -12,6 +12,7 @@ LIC_FILES_CHKSUM = "file://GPL2.txt;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://LICENSE;md5=a55c12a2d7d742ecb41ca9ae0a6ddc66" SRC_URI = "https://github.com/libfuse/libfuse/releases/download/fuse-${PV}/fuse-${PV}.tar.xz \ + file://0001-test-test_syscalls.c-allow-EBADF-in-fcheck_stat-631.patch \ " SRC_URI[sha256sum] = "b2e283485d47404ac896dd0bb7f7ba81e1470838e677e45f659804c3a3b69666" From 88aa77cc25a53217906db15c8739055328a8d719 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:05 -0700 Subject: [PATCH 160/600] libipc-signal-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libipc/libipc-signal-perl_1.00.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libipc/libipc-signal-perl_1.00.bb b/meta-perl/recipes-perl/libipc/libipc-signal-perl_1.00.bb index 389be2c16cc..203db7b10c1 100644 --- a/meta-perl/recipes-perl/libipc/libipc-signal-perl_1.00.bb +++ b/meta-perl/recipes-perl/libipc/libipc-signal-perl_1.00.bb @@ -5,7 +5,7 @@ dealing with signals." HOMEPAGE = "http://search.cpan.org/~rosch/IPC-Signal-1.00/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=16;endline=18;md5=f36550f59a0ae5e6e3b0be6a4da60d26" S = "${WORKDIR}/IPC-Signal-${PV}" From 55e15e8e1da733dcc2e82d3c1ba9b4320fa568c9 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:06 -0700 Subject: [PATCH 161/600] libdigest-hmac-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libdigest/libdigest-hmac-perl_1.03.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libdigest/libdigest-hmac-perl_1.03.bb b/meta-perl/recipes-perl/libdigest/libdigest-hmac-perl_1.03.bb index 51a2ad34987..43b7f4d5a91 100644 --- a/meta-perl/recipes-perl/libdigest/libdigest-hmac-perl_1.03.bb +++ b/meta-perl/recipes-perl/libdigest/libdigest-hmac-perl_1.03.bb @@ -3,7 +3,7 @@ DESCRIPTION = "Keyed-Hashing for Message Authentication" HOMEPAGE = "http://search.cpan.org/~gaas/Digest-HMAC-1.03/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=13;endline=17;md5=da980cdc026faa065e5d5004115334e6" RDEPENDS:${PN} = "libdigest-sha1-perl perl-module-extutils-makemaker perl-module-digest-md5" From aa2e9ba1036ae7ff64a83c2035ab4a66db2e5992 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:07 -0700 Subject: [PATCH 162/600] libio-socket-ssl-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb b/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb index 1d04f0054fc..6249fd1d788 100644 --- a/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb +++ b/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb @@ -9,7 +9,7 @@ mod_perl." HOMEPAGE = "http://search.cpan.org/dist/IO-Socket-SSL/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://META.yml;beginline=12;endline=12;md5=963ce28228347875ace682de56eef8e8" RDEPENDS:${PN} += "\ From 2c68902d19a4789c751de5b93a721c178918ef9c Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:08 -0700 Subject: [PATCH 163/600] libdigest-sha1-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libdigest/libdigest-sha1-perl_2.13.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libdigest/libdigest-sha1-perl_2.13.bb b/meta-perl/recipes-perl/libdigest/libdigest-sha1-perl_2.13.bb index cd63675128b..df89c9bcdba 100644 --- a/meta-perl/recipes-perl/libdigest/libdigest-sha1-perl_2.13.bb +++ b/meta-perl/recipes-perl/libdigest/libdigest-sha1-perl_2.13.bb @@ -3,7 +3,7 @@ DESCRIPTION = "Digest::SHA1 - Perl interface to the SHA-1 algorithm" HOMEPAGE = "http://search.cpan.org/~gaas/Digest-SHA1-2.13/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=10;endline=14;md5=ff5867ebb4bc1103a7a416aef2fce00a" SRC_URI = "http://search.cpan.org/CPAN/authors/id/G/GA/GAAS/Digest-SHA1-${PV}.tar.gz \ From 93c5e37e84ebd97ea31576222b0c43f4445e69d1 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:09 -0700 Subject: [PATCH 164/600] libmime-types-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libmime/libmime-types-perl_2.17.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libmime/libmime-types-perl_2.17.bb b/meta-perl/recipes-perl/libmime/libmime-types-perl_2.17.bb index 2c06728ed20..d1f6f8c59c1 100644 --- a/meta-perl/recipes-perl/libmime/libmime-types-perl_2.17.bb +++ b/meta-perl/recipes-perl/libmime/libmime-types-perl_2.17.bb @@ -8,7 +8,7 @@ one known mime type." HOMEPAGE = "http://search.cpan.org/~markov/MIME-Types-${PV}" SECTION = "libraries" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://META.yml;beginline=11;endline=11;md5=963ce28228347875ace682de56eef8e8" SRC_URI = "http://search.cpan.org/CPAN/authors/id/M/MA/MARKOV/MIME-Types-${PV}.tar.gz \ From eab9d17e5dd59389fc685dbf9ff3c76fda9572ae Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:10 -0700 Subject: [PATCH 165/600] libauthen-sasl-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libauthen/libauthen-sasl-perl_2.16.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libauthen/libauthen-sasl-perl_2.16.bb b/meta-perl/recipes-perl/libauthen/libauthen-sasl-perl_2.16.bb index 8545eb50f7c..a9eec695023 100644 --- a/meta-perl/recipes-perl/libauthen/libauthen-sasl-perl_2.16.bb +++ b/meta-perl/recipes-perl/libauthen/libauthen-sasl-perl_2.16.bb @@ -5,7 +5,7 @@ protocols should be able to share." HOMEPAGE = "http://search.cpan.org/dist/Authen-SASL/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://lib/Authen/SASL/Perl.pm;beginline=1;endline=3;md5=17123315bbcda19f484c07227594a609" DEPENDS = "perl" From 7e3599795a420d9a6e7b2fdb0747c6849909ff9b Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:11 -0700 Subject: [PATCH 166/600] libnet-ldap-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb b/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb index 293f421205b..dcc5ea88b1e 100644 --- a/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb +++ b/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb @@ -6,7 +6,7 @@ deleting or modifying entries." SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=3;endline=5;md5=4d6588c2fa0d38ae162f6314d201d89e" SRC_URI = "${CPAN_MIRROR}/authors/id/M/MA/MARSCHAP/perl-ldap-${PV}.tar.gz" From d933c7242c59bdda36fe8895ea730a7721f094f4 Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:12 -0700 Subject: [PATCH 167/600] libxml-libxml-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0134.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0134.bb b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0134.bb index c2898a9012c..c2ea47ae5b2 100644 --- a/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0134.bb +++ b/meta-perl/recipes-perl/libxml/libxml-libxml-perl_2.0134.bb @@ -8,7 +8,7 @@ your programs." HOMEPAGE = "http://search.cpan.org/dist/XML-LibXML-1.99/" SECTION = "libs" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" DEPENDS += "libxml2 \ libxml-sax-perl-native \ zlib \ From 7f3c8c3a6139269c12b429f1e24301951da1759f Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:13 -0700 Subject: [PATCH 168/600] libnet-telnet-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libnet/libnet-telnet-perl_3.05.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libnet/libnet-telnet-perl_3.05.bb b/meta-perl/recipes-perl/libnet/libnet-telnet-perl_3.05.bb index d7d4201048b..d1365f269c9 100644 --- a/meta-perl/recipes-perl/libnet/libnet-telnet-perl_3.05.bb +++ b/meta-perl/recipes-perl/libnet/libnet-telnet-perl_3.05.bb @@ -11,7 +11,7 @@ shell." HOMEPAGE = "http://search.cpan.org/dist/Net-Telnet/" SECTION = "Development/Libraries" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=4;endline=7;md5=e94ab3b72335e3cdadd6c1ff736dd714" SRC_URI = "http://search.cpan.org/CPAN/authors/id/J/JR/JROGERS/Net-Telnet-${PV}.tar.gz" From caa117e5ccd68ca5b472e0ffb0aac6a359d4c06a Mon Sep 17 00:00:00 2001 From: Saul Wold Date: Mon, 29 Aug 2022 08:24:14 -0700 Subject: [PATCH 169/600] libproc-waitstat-perl: Fix LICENSE string The create_spdx bbclass does not currently handle the lack of spaces around the op (| or &). For now fix the LICENSE string. Signed-off-by: Saul Wold Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-perl/recipes-perl/libproc/libproc-waitstat-perl_1.00.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-perl/recipes-perl/libproc/libproc-waitstat-perl_1.00.bb b/meta-perl/recipes-perl/libproc/libproc-waitstat-perl_1.00.bb index ffd87ed0b57..643a704a1dc 100644 --- a/meta-perl/recipes-perl/libproc/libproc-waitstat-perl_1.00.bb +++ b/meta-perl/recipes-perl/libproc/libproc-waitstat-perl_1.00.bb @@ -5,7 +5,7 @@ on wait status values." HOMEPAGE = "http://search.cpan.org/~rosch/Proc-WaitStat/" SECTION = "libraries" -LICENSE = "Artistic-1.0|GPL-1.0-or-later" +LICENSE = "Artistic-1.0 | GPL-1.0-or-later" LIC_FILES_CHKSUM = "file://README;beginline=21;endline=23;md5=f36550f59a0ae5e6e3b0be6a4da60d26" RDEPENDS:${PN} += "perl libipc-signal-perl" From 8f96c05f6d82fde052f2cb1652c13922814accb0 Mon Sep 17 00:00:00 2001 From: Justin Bronder Date: Wed, 31 Aug 2022 19:55:32 -0400 Subject: [PATCH 170/600] lmdb: only set SONAME on the shared library Setting soname in LDFLAGS means that the extra mdb tools also incorrectly get soname set. This then triggers package.bbclass to add a duplicate shlib_provider in /usr/bin for liblmdb.so.0.9.29. Then any other recipe depending on liblmdb is going to get a 'Multiple shlib provider' error. shlibs2/lmdb.list before: liblmdb.so.0.9.29:/usr/bin:0.9.29 liblmdb.so.0.9.29:/usr/lib:0.9.29 shlibs2/lmdb.list after: liblmdb.so.0.9.29:/usr/lib:0.9.29 Signed-off-by: Justin Bronder Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- .../0001-make-set-soname-on-liblmdb.patch | 22 +++++++++++++++++++ meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb | 3 +-- 2 files changed, 23 insertions(+), 2 deletions(-) create mode 100644 meta-oe/recipes-dbs/lmdb/files/0001-make-set-soname-on-liblmdb.patch diff --git a/meta-oe/recipes-dbs/lmdb/files/0001-make-set-soname-on-liblmdb.patch b/meta-oe/recipes-dbs/lmdb/files/0001-make-set-soname-on-liblmdb.patch new file mode 100644 index 00000000000..312809d1d2f --- /dev/null +++ b/meta-oe/recipes-dbs/lmdb/files/0001-make-set-soname-on-liblmdb.patch @@ -0,0 +1,22 @@ +From b4d418bf3f78748d84e3cfb110833443eef34284 Mon Sep 17 00:00:00 2001 +From: Justin Bronder +Date: Thu, 25 Aug 2022 17:22:20 -0400 +Subject: [PATCH] make: set soname on liblmdb + +--- + libraries/liblmdb/Makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libraries/liblmdb/Makefile b/libraries/liblmdb/Makefile +index 1ec74e6..ea08cd6 100644 +--- a/libraries/liblmdb/Makefile ++++ b/libraries/liblmdb/Makefile +@@ -66,7 +66,7 @@ liblmdb.a: mdb.o midl.o + + liblmdb$(SOEXT): mdb.lo midl.lo + # $(CC) $(LDFLAGS) -pthread -shared -Wl,-Bsymbolic -o $@ mdb.o midl.o $(SOLIBS) +- $(CC) $(LDFLAGS) -pthread -shared -o $@ mdb.lo midl.lo $(SOLIBS) ++ $(CC) $(LDFLAGS) -pthread -shared -Wl,-soname,$@ -o $@ mdb.lo midl.lo $(SOLIBS) + + mdb_stat: mdb_stat.o liblmdb.a + mdb_copy: mdb_copy.o liblmdb.a diff --git a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb index b58a36c4460..f23960f40a4 100644 --- a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb +++ b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=153d07ef052c4a37a8fac23bc6031972" SRC_URI = "git://github.com/LMDB/lmdb.git;nobranch=1;protocol=https \ file://run-ptest \ file://0001-Makefile-use-libprefix-instead-of-libdir.patch \ + file://0001-make-set-soname-on-liblmdb.patch;patchdir=../.. \ " SRCREV = "8ad7be2510414b9506ec9f9e24f24d04d9b04a1a" @@ -19,8 +20,6 @@ inherit base ptest S = "${WORKDIR}/git/libraries/liblmdb" -LDFLAGS += "-Wl,-soname,lib${PN}.so.${PV}" - do_compile() { oe_runmake CC="${CC}" SOEXT=".so.${PV}" LDFLAGS="${LDFLAGS}" } From 035d9c61e81b32cb62706cfdbfae08b1bac7ae88 Mon Sep 17 00:00:00 2001 From: Enrico Scholz Date: Tue, 13 Sep 2022 17:34:28 +0200 Subject: [PATCH 171/600] nodejs-oe-cache-native: initial checkin This implements an 'npm cache add' like functionality but allows to specify the key of the data and sets metadata which are required to find the data. It is used to cache information as done during 'npm install'. Keyformat and metadata are nodejs version specific. Signed-off-by: Enrico Scholz Signed-off-by: Khem Raj --- .../nodejs/nodejs-oe-cache-16.14/oe-npm-cache | 77 +++++++++++++++++++ .../nodejs/nodejs-oe-cache-native_16.14.bb | 21 +++++ 2 files changed, 98 insertions(+) create mode 100755 meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache create mode 100644 meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb diff --git a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache new file mode 100755 index 00000000000..f5962076485 --- /dev/null +++ b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache @@ -0,0 +1,77 @@ +#!/usr/bin/env node + +/// Usage: oe-npm-cache +/// ... meta - metainformation about package +/// tgz - tarball + +const process = require("node:process"); + +module.paths.unshift("@@libdir@@/node_modules/npm/node_modules"); + +const cacache = require('cacache') +const fs = require('fs') + +// argv[0] is 'node', argv[1] is this script +const cache_dir = process.argv[2] +const type = process.argv[3] +const key = process.argv[4] +const file = process.argv[5] + +const data = fs.readFileSync(file) + +// metadata content is highly nodejs dependent; when cache entries are not +// found, place debug statements in 'make-fetch-happen/lib/cache/policy.js' +// (CachePolicy::satisfies()) +const xlate = { + 'meta': { + 'key_prefix': 'make-fetch-happen:request-cache:', + 'metadata': function() { + return { + time: Date.now(), + url: key, + reqHeaders: { + 'accept': 'application/vnd.npm.install-v1+json; q=1.0, application/json; q=0.8, */*', + }, + resHeaders: { + "content-type": "application/json", + "status": 200, + }, + options: { + compress: true, + } + }; + }, + }, + + 'tgz': { + 'key_prefix': 'make-fetch-happen:request-cache:', + 'metadata': function() { + return { + time: Date.now(), + url: key, + reqHeaders: { + 'accept': '*/*', + }, + resHeaders: { + "content-type": "application/octet-stream", + "status": 200, + }, + options: { + compress: true, + }, + }; + }, + }, +}; + +const info = xlate[type]; +let opts = {} + +if (info.metadata) { + opts['metadata'] = info.metadata(); +} + +cacache.put(cache_dir, info.key_prefix + key, data, opts) + .then(integrity => { + console.log(`Saved content of ${key} (${file}).`); +}) diff --git a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb new file mode 100644 index 00000000000..a61dd5018f4 --- /dev/null +++ b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb @@ -0,0 +1,21 @@ +DESCRIPTION = "OE helper for manipulating npm cache" +LICENSE = "Apache-2.0" +LIC_FILES_CHKSUM = "file://${COMMON_LICENSE_DIR}/Apache-2.0;md5=89aea4e17d99a7cacdbeed46a0096b10" + +SRC_URI = "\ + file://oe-npm-cache \ +" + +inherit native + +B = "${WORKDIR}/build" + +do_configure() { + sed -e 's!@@libdir@@!${libdir}!g' < '${WORKDIR}/oe-npm-cache' > '${B}/oe-npm-cache' +} + +do_install() { + install -D -p -m 0755 ${B}/oe-npm-cache ${D}${bindir}/oe-npm-cache +} + +RDEPENDS:${PN} = "nodejs-native" From 4d804bdf92f7542217a7eef7c376bc9f277e4e16 Mon Sep 17 00:00:00 2001 From: Jose Quaresma Date: Mon, 22 Aug 2022 16:34:33 +0000 Subject: [PATCH 172/600] wireguard-module: 1.0.20210219 -> 1.0.20220627 Also change the git protocol to https. Relevant changes: - 18fbcd6 version: bump - 3ec3e82 compat: handle backported rng and blake2s - ba45dd6 qemu: give up on RHEL8 in CI - c7560fd qemu: set panic_on_warn=1 from cmdline - 33c87a1 qemu: use vports on arm - 894152a netns: limit parallelism to $(nproc) tests at once - f888673 netns: make routing loop test non-fatal - f9d9b4d device: check for metadata_dst with skb_valid_dst() - f909532 qemu: enable ACPI for SMP - ec89ca6 socket: ignore v6 endpoints when ipv6 is disabled - fa32671 socket: free skb in send6 when ipv6 is disabled - ffb8cd6 qemu: simplify RNG seeding - 4eff63d queueing: use CFI-safe ptr_ring cleanup function - 273018b crypto: curve25519-x86_64: use in/out register constraints more precisely - 4f4c019 compat: drop Ubuntu 14.04 - 743eef2 version: bump - 3c9f3b6 crypto: curve25519-x86_64: solve register constraints with reserved registers - 8e40dd6 compat: udp_tunnel: don't take reference to non-init namespace - ea6b8e7 compat: siphash: use _unaligned version by default - 5325bc8 ratelimiter: use kvcalloc() instead of kvzalloc() - e44c78c receive: drop handshakes if queue lock is contended - 5707d38 receive: use ring buffer for incoming handshakes - 68abb1b device: reset peer src endpoint when netns exits - ea3f5fb main: rename 'mod_init' & 'mod_exit' functions to be module-specific - cb001d4 netns: actually test for routing loops - 2715e64 compat: update for RHEL 8.5 - 2974725 compat: account for grsecurity backports and changes - 50dda8c compat: account for latest c8s backports - d378f93 version: bump - fb4a0da qemu: increase default dmesg log size - 8f4414d qemu: add disgusting hacks for RHEL 8 - fd7a462 allowedips: add missing __rcu annotation to satisfy sparse - 383461d allowedips: free empty intermediate nodes when removing single node - 03add82 allowedips: allocate nodes in kmem_cache - b56d48c allowedips: remove nodes in O(1) - 3c14c4b allowedips: initialize list head in selftest - 4d8b7ed peer: allocate in kmem_cache - 6fbc0e6 global: use synchronize_net rather than synchronize_rcu - 405caf0 kbuild: do not use -O3 - b50ef4d netns: make sure rp_filter is disabled on vethc - e67b722 version: bump - 1edffe2 Revert "compat: skb_mark_not_on_list will be backported to Ubuntu 18.04" - 2cf9543 compat: update and improve detection of CentOS Stream 8 - 122f06b compat: icmp_ndo_send functions were backported extensively Signed-off-by: Jose Quaresma Signed-off-by: Khem Raj (cherry picked from commit e2a2320a7953fd70e8b416f9f6741d0b6654f280) Signed-off-by: Armin Kuster --- ...odule_1.0.20210219.bb => wireguard-module_1.0.20220627.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-kernel/wireguard/{wireguard-module_1.0.20210219.bb => wireguard-module_1.0.20220627.bb} (85%) diff --git a/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20210219.bb b/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20220627.bb similarity index 85% rename from meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20210219.bb rename to meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20220627.bb index ce2ba65526b..d80bdd87ab3 100644 --- a/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20210219.bb +++ b/meta-networking/recipes-kernel/wireguard/wireguard-module_1.0.20220627.bb @@ -1,8 +1,8 @@ require wireguard.inc -SRCREV = "122f06bfd8fc7b06a0899fa9adc4ce8e06900d98" +SRCREV = "18fbcd68a35a892527345dc5679d0b2d860ee004" -SRC_URI = "git://git.zx2c4.com/wireguard-linux-compat;branch=master" +SRC_URI = "git://git.zx2c4.com/wireguard-linux-compat;protocol=https;branch=master" inherit module kernel-module-split From d230d1178f22fab3529c7eac3c438513c04b954e Mon Sep 17 00:00:00 2001 From: Jose Quaresma Date: Mon, 22 Aug 2022 16:34:34 +0000 Subject: [PATCH 173/600] wireguard-tools: Add a new package for wg-quick - This will move the dependencie of bash to wg-quick Signed-off-by: Jose Quaresma Signed-off-by: Khem Raj (cherry picked from commit f36a158aa0b6dc5d595c08f33733f889a7202b36) Signed-off-by: Armin Kuster --- .../wireguard/wireguard-tools_1.0.20210914.bb | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20210914.bb b/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20210914.bb index 0c686aae2aa..20435338c37 100644 --- a/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20210914.bb +++ b/meta-networking/recipes-kernel/wireguard/wireguard-tools_1.0.20210914.bb @@ -16,11 +16,19 @@ do_install () { install } +PACKAGES += "${PN}-wg-quick" + FILES:${PN} = " \ + ${bindir}/wg \ ${sysconfdir} \ +" +FILES:${PN}-wg-quick = " \ + ${bindir}/wg-quick \ ${systemd_system_unitdir} \ - ${bindir} \ " -RDEPENDS:${PN} = "bash" -RRECOMMENDS:${PN} = "kernel-module-wireguard" +RDEPENDS:${PN}-wg-quick = "${PN} bash" +RRECOMMENDS:${PN} = " \ + kernel-module-wireguard \ + ${PN}-wg-quick \ + " From 9f1013ba4555257989b640d3c37bf2f322a1a311 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 22 Aug 2022 21:29:32 -0700 Subject: [PATCH 174/600] ntpsec: Add -D_GNU_SOURCE and fix building with devtool wscript detects .git directory and if its present them invokes git describe --dirty which does not work on the devtool created git repository, since its synthesized. Add GNU_SOURCE define to get strptime() definition Signed-off-by: Khem Raj (cherry picked from commit 375be9fd60e22fb60b53d664983cb70d26d8a288) Signed-off-by: Armin Kuster --- ...01-wscript-Widen-the-search-for-tags.patch | 29 +++++++++++++++++++ .../recipes-support/ntpsec/ntpsec_1.2.1.bb | 6 ++-- 2 files changed, 33 insertions(+), 2 deletions(-) create mode 100644 meta-networking/recipes-support/ntpsec/ntpsec/0001-wscript-Widen-the-search-for-tags.patch diff --git a/meta-networking/recipes-support/ntpsec/ntpsec/0001-wscript-Widen-the-search-for-tags.patch b/meta-networking/recipes-support/ntpsec/ntpsec/0001-wscript-Widen-the-search-for-tags.patch new file mode 100644 index 00000000000..98c62eed497 --- /dev/null +++ b/meta-networking/recipes-support/ntpsec/ntpsec/0001-wscript-Widen-the-search-for-tags.patch @@ -0,0 +1,29 @@ +From 9a7dead72f41e79979625c9bdef2fb638427d3d6 Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 22 Aug 2022 20:54:17 -0700 +Subject: [PATCH] wscript: Widen the search for tags + +Default is to look for annotated tags, howveer when using devtool we +create our own git tree from release tarballs which will have tags but +they are not annotated, therefore broaden the search to include all tags + +Upstream-Status: Inappropriate [OE-specific] + +Signed-off-by: Khem Raj +--- + wscript | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/wscript b/wscript +index 879ded1..dff835d 100644 +--- a/wscript ++++ b/wscript +@@ -177,7 +177,7 @@ def configure(ctx): + if build_desc: + build_desc = ' ' + build_desc + if ctx.env.BIN_GIT: +- cmd = ctx.env.BIN_GIT + shlex.split("describe --dirty") ++ cmd = ctx.env.BIN_GIT + shlex.split("describe --tags --dirty") + git_short_hash = ctx.cmd_and_log(cmd).strip() + git_short_hash = '-'.join(git_short_hash.split('-')[1:]) + diff --git a/meta-networking/recipes-support/ntpsec/ntpsec_1.2.1.bb b/meta-networking/recipes-support/ntpsec/ntpsec_1.2.1.bb index 3efac7d9838..bed0e2e1081 100644 --- a/meta-networking/recipes-support/ntpsec/ntpsec_1.2.1.bb +++ b/meta-networking/recipes-support/ntpsec/ntpsec_1.2.1.bb @@ -16,7 +16,9 @@ SRC_URI = "https://ftp.ntpsec.org/pub/releases/ntpsec-${PV}.tar.gz \ file://0001-ntpd-ntp_sandbox.c-allow-clone3-for-glibc-2.34-in-se.patch \ file://0001-ntpd-ntp_sandbox.c-allow-newfstatat-on-all-archs-for.patch \ file://0002-ntpd-ntp_sandbox.c-match-riscv-to-aarch-in-seccomp-f.patch \ - file://volatiles.ntpsec" + file://volatiles.ntpsec \ + file://0001-wscript-Widen-the-search-for-tags.patch \ + " SRC_URI[sha256sum] = "f2684835116c80b8f21782a5959a805ba3c44e3a681dd6c17c7cb00cc242c27a" @@ -54,7 +56,7 @@ export PYTAG = "cpython${@ d.getVar('PYTHON_BASEVERSION').replace('.', '')}" export pyext_PATTERN = "%s.so" export PYTHON_LDFLAGS = "-lpthread -ldl" -CFLAGS:append = " -I${PYTHON_INCLUDE_DIR}" +CFLAGS:append = " -I${PYTHON_INCLUDE_DIR} -D_GNU_SOURCE" EXTRA_OECONF = "--cross-compiler='${CC}' \ --cross-cflags='${CFLAGS}' \ From 09acaf6b08477144c5f64202614884f4a94916d9 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 22 Aug 2022 22:52:11 -0700 Subject: [PATCH 175/600] gd: Fix build with clang-15 Signed-off-by: Khem Raj (cherry picked from commit e1e889bae41529770cb800aba3bfd1189e4ac39d) Signed-off-by: Armin Kuster --- ...1-Fix-deprecared-function-prototypes.patch | 115 ++++++++++++++++++ meta-oe/recipes-support/gd/gd_2.3.3.bb | 1 + 2 files changed, 116 insertions(+) create mode 100644 meta-oe/recipes-support/gd/gd/0001-Fix-deprecared-function-prototypes.patch diff --git a/meta-oe/recipes-support/gd/gd/0001-Fix-deprecared-function-prototypes.patch b/meta-oe/recipes-support/gd/gd/0001-Fix-deprecared-function-prototypes.patch new file mode 100644 index 00000000000..5ac51707210 --- /dev/null +++ b/meta-oe/recipes-support/gd/gd/0001-Fix-deprecared-function-prototypes.patch @@ -0,0 +1,115 @@ +From 6379331cd0647fc6f149f55e4505a9a92e4f159f Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 22 Aug 2022 22:43:26 -0700 +Subject: [PATCH] Fix deprecared function prototypes + +Fixes following errors: +error: a function definition without a prototype is deprecated in all versions of C and is not supported in C2x [-Werror,-Wdeprecated-non-prototype] + +Upstream-Status: Submitted [https://github.com/libgd/libgd/pull/835] +Signed-off-by: Khem Raj +--- + src/gd_nnquant.c | 32 +++++++------------------------- + src/gd_tiff.c | 4 +--- + 2 files changed, 8 insertions(+), 28 deletions(-) + +diff --git a/src/gd_nnquant.c b/src/gd_nnquant.c +index 8b9aa794..013f7160 100644 +--- a/src/gd_nnquant.c ++++ b/src/gd_nnquant.c +@@ -112,12 +112,7 @@ typedef struct { + + /* Initialise network in range (0,0,0,0) to (255,255,255,255) and set parameters + ----------------------------------------------------------------------- */ +-static void initnet(nnq, thepic, len, sample, colours) +-nn_quant *nnq; +-unsigned char *thepic; +-int len; +-int sample; +-int colours; ++static void initnet(nn_quant *nnq, unsigned char *thepic, int len, int sample, int colours) + { + register int i; + register int *p; +@@ -163,9 +158,7 @@ static void unbiasnet(nn_quant *nnq) + } + + /* Output colormap to unsigned char ptr in RGBA format */ +-static void getcolormap(nnq, map) +-nn_quant *nnq; +-unsigned char *map; ++static void getcolormap(nn_quant *nnq, unsigned char *map) + { + int i,j; + for(j=0; j < nnq->netsize; j++) { +@@ -232,9 +225,7 @@ static void inxbuild(nn_quant *nnq) + + /* Search for ABGR values 0..255 (after net is unbiased) and return colour index + ---------------------------------------------------------------------------- */ +-static unsigned int inxsearch(nnq, al,b,g,r) +-nn_quant *nnq; +-register int al, b, g, r; ++static unsigned int inxsearch(nn_quant *nnq, int al, int b, int g, int r) + { + register int i, j, dist, a, bestd; + register int *p; +@@ -306,9 +297,7 @@ register int al, b, g, r; + + /* Search for biased ABGR values + ---------------------------- */ +-static int contest(nnq, al,b,g,r) +-nn_quant *nnq; +-register int al,b,g,r; ++static int contest(nn_quant *nnq, int al, int b, int g, int r) + { + /* finds closest neuron (min dist) and updates freq */ + /* finds best neuron (min dist-bias) and returns position */ +@@ -362,9 +351,7 @@ register int al,b,g,r; + /* Move neuron i towards biased (a,b,g,r) by factor alpha + ---------------------------------------------------- */ + +-static void altersingle(nnq, alpha,i,al,b,g,r) +-nn_quant *nnq; +-register int alpha,i,al,b,g,r; ++static void altersingle(nn_quant *nnq, int alpha, int i,int al, int b, int g, int r) + { + register int *n; + +@@ -382,10 +369,7 @@ register int alpha,i,al,b,g,r; + /* Move adjacent neurons by precomputed alpha*(1-((i-j)^2/[r]^2)) in radpower[|i-j|] + --------------------------------------------------------------------------------- */ + +-static void alterneigh(nnq, rad,i,al,b,g,r) +-nn_quant *nnq; +-int rad,i; +-register int al,b,g,r; ++static void alterneigh(nn_quant *nnq, int rad, int i, int al,int b,int g, int r) + { + register int j,k,lo,hi,a; + register int *p, *q; +@@ -429,9 +413,7 @@ register int al,b,g,r; + /* Main Learning Loop + ------------------ */ + +-static void learn(nnq, verbose) /* Stu: N.B. added parameter so that main() could control verbosity. */ +-nn_quant *nnq; +-int verbose; ++static void learn(nn_quant *nnq, int verbose) /* Stu: N.B. added parameter so that main() could control verbosity. */ + { + register int i,j,al,b,g,r; + int radius,rad,alpha,step,delta,samplepixels; +diff --git a/src/gd_tiff.c b/src/gd_tiff.c +index 7f72b610..3d90e61a 100644 +--- a/src/gd_tiff.c ++++ b/src/gd_tiff.c +@@ -446,9 +446,7 @@ BGD_DECLARE(void) gdImageTiffCtx(gdImagePtr image, gdIOCtx *out) + } + + /* Check if we are really in 8bit mode */ +-static int checkColorMap(n, r, g, b) +-int n; +-uint16_t *r, *g, *b; ++static int checkColorMap(int n, uint16_t *r, uint16_t *g, uint16_t *b) + { + while (n-- > 0) + if (*r++ >= 256 || *g++ >= 256 || *b++ >= 256) diff --git a/meta-oe/recipes-support/gd/gd_2.3.3.bb b/meta-oe/recipes-support/gd/gd_2.3.3.bb index 9d4ee1fe4b6..cc2c1571e64 100644 --- a/meta-oe/recipes-support/gd/gd_2.3.3.bb +++ b/meta-oe/recipes-support/gd/gd_2.3.3.bb @@ -14,6 +14,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=ace63adfdac78400fc30fa22ee9c1bb1" DEPENDS = "freetype libpng jpeg zlib tiff" SRC_URI = "git://github.com/libgd/libgd.git;nobranch=1;protocol=https \ + file://0001-Fix-deprecared-function-prototypes.patch \ " SRCREV = "b5319a41286107b53daa0e08e402aa1819764bdc" From 8e8f36ef97b3c0b4d9f7b41a9d6bf02ec0156c3b Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Mon, 22 Aug 2022 23:50:19 -0700 Subject: [PATCH 176/600] safec: Remove unused variable 'len' Signed-off-by: Khem Raj (cherry picked from commit 8cb8931757214d63c9140cdba83ee5dfc968bc28) Signed-off-by: Armin Kuster --- ...strpbrk_s-Remove-unused-variable-len.patch | 42 +++++++++++++++++++ meta-oe/recipes-core/safec/safec_3.7.1.bb | 3 +- 2 files changed, 44 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-core/safec/safec/0001-strpbrk_s-Remove-unused-variable-len.patch diff --git a/meta-oe/recipes-core/safec/safec/0001-strpbrk_s-Remove-unused-variable-len.patch b/meta-oe/recipes-core/safec/safec/0001-strpbrk_s-Remove-unused-variable-len.patch new file mode 100644 index 00000000000..4fd36ab8ab2 --- /dev/null +++ b/meta-oe/recipes-core/safec/safec/0001-strpbrk_s-Remove-unused-variable-len.patch @@ -0,0 +1,42 @@ +From b1d7cc6495c541cdd99399b4d1a835997376dcbf Mon Sep 17 00:00:00 2001 +From: Khem Raj +Date: Mon, 22 Aug 2022 23:42:33 -0700 +Subject: [PATCH] strpbrk_s: Remove unused variable len + +Fixes +error: variable 'len' set but not used [-Werror,-Wunused-but-set-variable] + +Upstream-Status: Submitted [https://github.com/rurban/safeclib/pull/123] +Signed-off-by: Khem Raj +--- + src/extstr/strpbrk_s.c | 3 --- + 1 file changed, 3 deletions(-) + +diff --git a/src/extstr/strpbrk_s.c b/src/extstr/strpbrk_s.c +index 5bb7a0f8..2cf8a8be 100644 +--- a/src/extstr/strpbrk_s.c ++++ b/src/extstr/strpbrk_s.c +@@ -79,7 +79,6 @@ EXPORT errno_t _strpbrk_s_chk(char *dest, rsize_t dmax, char *src, rsize_t slen, + #endif + { + char *ps; +- rsize_t len; + + CHK_SRC_NULL("strpbrk_s", firstp) + *firstp = NULL; +@@ -121,7 +120,6 @@ EXPORT errno_t _strpbrk_s_chk(char *dest, rsize_t dmax, char *src, rsize_t slen, + while (*dest && dmax) { + + ps = src; +- len = slen; + while (*ps) { + + /* check for a match with the substring */ +@@ -130,7 +128,6 @@ EXPORT errno_t _strpbrk_s_chk(char *dest, rsize_t dmax, char *src, rsize_t slen, + return RCNEGATE(EOK); + } + ps++; +- len--; + } + dest++; + dmax--; diff --git a/meta-oe/recipes-core/safec/safec_3.7.1.bb b/meta-oe/recipes-core/safec/safec_3.7.1.bb index 5ffe7d7528f..9dd6f1c7cc9 100644 --- a/meta-oe/recipes-core/safec/safec_3.7.1.bb +++ b/meta-oe/recipes-core/safec/safec_3.7.1.bb @@ -9,7 +9,8 @@ inherit autotools pkgconfig S = "${WORKDIR}/git" SRCREV = "f9add9245b97c7bda6e28cceb0ee37fb7e254fd8" SRC_URI = "git://github.com/rurban/safeclib.git;branch=master;protocol=https \ -" + file://0001-strpbrk_s-Remove-unused-variable-len.patch \ + " COMPATIBLE_HOST = '(x86_64|i.86|powerpc|powerpc64|arm|aarch64|mips).*-linux' From 3cd6cc5dec3e8c5e692cf29b0293cb3955a982db Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Wed, 24 Aug 2022 08:59:51 +0800 Subject: [PATCH 177/600] php: upgrade 8.1.8 -> 8.1.9 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 610b8fdfd45467ae1007878cc98baae2e73fb0cb) Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.8.bb => php_8.1.9.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.8.bb => php_8.1.9.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.8.bb b/meta-oe/recipes-devtools/php/php_8.1.9.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.8.bb rename to meta-oe/recipes-devtools/php/php_8.1.9.bb index d5cf7d8b216..a93adeefe8c 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.8.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.9.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "b8815a5a02431453d4261e3598bd1f28516e4c0354f328c12890f257870e4c01" +SRC_URI[sha256sum] = "9ebb0e2e571db6fd5930428dcb2d19ed3e050338ec1f1347c282cae92fc086ff" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ From 02f2e6d762b660e12fd64dd1d638d7d43b2d5eb3 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 26 Aug 2022 09:19:28 +0800 Subject: [PATCH 178/600] libldb: upgrade 2.3.3 -> 2.3.4 Required by samba 4.14.14. Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 1cd743f8d8053cc9d34cd1a0204d4d333722e0f5) Signed-off-by: Armin Kuster --- .../libldb/{libldb_2.3.3.bb => libldb_2.3.4.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-support/libldb/{libldb_2.3.3.bb => libldb_2.3.4.bb} (95%) diff --git a/meta-networking/recipes-support/libldb/libldb_2.3.3.bb b/meta-networking/recipes-support/libldb/libldb_2.3.4.bb similarity index 95% rename from meta-networking/recipes-support/libldb/libldb_2.3.3.bb rename to meta-networking/recipes-support/libldb/libldb_2.3.4.bb index 6dd3ec3a9aa..af5f0427d47 100644 --- a/meta-networking/recipes-support/libldb/libldb_2.3.3.bb +++ b/meta-networking/recipes-support/libldb/libldb_2.3.4.bb @@ -32,8 +32,8 @@ LIC_FILES_CHKSUM = "file://pyldb.h;endline=24;md5=dfbd238cecad76957f7f860fbe9ada file://man/ldb.3.xml;beginline=261;endline=262;md5=137f9fd61040c1505d1aa1019663fd08 \ file://tools/ldbdump.c;endline=19;md5=a7d4fc5d1f75676b49df491575a86a42" -SRC_URI[md5sum] = "6824f69ea3bb58cb8a3be4c179e7569a" -SRC_URI[sha256sum] = "9ef39700ff05b3e8f5801d2a39fe1ba023218650f81c9d377caca22f49076807" +SRC_URI[md5sum] = "b01d6913a06901c22c5bc6caedc548ac" +SRC_URI[sha256sum] = "f2e88dcab7b6007d92724b62f8a16e7c6e77275885c60eb4f87097e4aa4082c1" inherit pkgconfig waf-samba From b19f3f8c40de3206566cdf092dcd8f329781ef7d Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 26 Aug 2022 09:19:29 +0800 Subject: [PATCH 179/600] samba: upgrade 4.14.13 -> 4.14.14 This is a security release in order to address the following defects: CVE-2022-2031: Samba AD users can bypass certain restrictions associated with changing passwords. https://www.samba.org/samba/security/CVE-2022-2031.html CVE-2022-32744: Samba AD users can forge password change requests for any user. https://www.samba.org/samba/security/CVE-2022-32744.html CVE-2022-32745: Samba AD users can crash the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32745.html CVE-2022-32746: Samba AD users can induce a use-after-free in the server process with an LDAP add or modify request. https://www.samba.org/samba/security/CVE-2022-32746.html CVE-2022-32742: Server memory information leak via SMB1. https://www.samba.org/samba/security/CVE-2022-32742.html Release Notes: https://www.samba.org/samba/history/samba-4.14.14.html Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 0afcb4be77acdb7af3624278ebd5869f0e88bdfe) Signed-off-by: Armin Kuster --- .../samba/{samba_4.14.13.bb => samba_4.14.14.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-connectivity/samba/{samba_4.14.13.bb => samba_4.14.14.bb} (99%) diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.13.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb similarity index 99% rename from meta-networking/recipes-connectivity/samba/samba_4.14.13.bb rename to meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 49e93fc5363..cb3678d7b6d 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.13.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -31,7 +31,7 @@ SRC_URI:append:libc-musl = " \ file://samba-fix-musl-lib-without-innetgr.patch \ " -SRC_URI[sha256sum] = "e1df792818a17d8d21faf33580d32939214694c92b84fb499464210d86a7ff75" +SRC_URI[sha256sum] = "abd5e9e6aa45e55114b188ba189ebdfc8fd3d7718d43f749e477ce7f791e5519" UPSTREAM_CHECK_REGEX = "samba\-(?P4\.14(\.\d+)+).tar.gz" From 13f1e688421fff4b24fbef311f7c47118633f0c5 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Sat, 27 Aug 2022 20:57:58 +0800 Subject: [PATCH 180/600] samba: fix buildpaths issue The test case tfork_cmd_send in smbtorture fails on target as it requries a script located in the source directory: $ smbtorture ncalrpc:localhost local.tfork.tfork_cmd_send test: tfork_cmd_send /buildarea/build/tmp/work/core2-64-poky-linux/samba/4.14.14-r0/samba-4.14.14/testprogs/blackbox/tfork.sh: Failed to exec child - No such file or directory This also triggers the buildpaths warning: QA Issue: File /usr/bin/smbtorture in package samba-testsuite contains reference to TMPDIR [buildpaths] Skip this test case in smbtorture to avoid the warning. Signed-off-by: Yi Zhao Signed-off-by: Khem Raj (cherry picked from commit 2b8b5dbe03cb83df1bb6c6dc1cfbf5c2bf836cf9) Signed-off-by: Armin Kuster --- ...orture-skip-test-case-tfork_cmd_send.patch | 38 +++++++++++++++++++ .../samba/samba_4.14.14.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/0001-smbtorture-skip-test-case-tfork_cmd_send.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-smbtorture-skip-test-case-tfork_cmd_send.patch b/meta-networking/recipes-connectivity/samba/samba/0001-smbtorture-skip-test-case-tfork_cmd_send.patch new file mode 100644 index 00000000000..90ee317860f --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0001-smbtorture-skip-test-case-tfork_cmd_send.patch @@ -0,0 +1,38 @@ +From 059b517f9ef6cbdc696e0983ce255b1728042827 Mon Sep 17 00:00:00 2001 +From: Yi Zhao +Date: Thu, 25 Aug 2022 16:46:04 +0800 +Subject: [PATCH] smbtorture: skip test case tfork_cmd_send + +The test case tfork_cmd_send fails on target as it requires a script +located in the source directory: + +$ smbtorture ncalrpc:localhost local.tfork.tfork_cmd_send +test: tfork_cmd_send +/buildarea/build/tmp/work/core2-64-poky-linux/samba/4.14.14-r0/samba-4.14.14/testprogs/blackbox/tfork.sh: +Failed to exec child - No such file or directory + +Upstream-Status: Inappropriate [embedded specific] + +Signed-off-by: Yi Zhao +--- + lib/util/tests/tfork.c | 4 ---- + 1 file changed, 4 deletions(-) + +diff --git a/lib/util/tests/tfork.c b/lib/util/tests/tfork.c +index 70ae975..4826ce6 100644 +--- a/lib/util/tests/tfork.c ++++ b/lib/util/tests/tfork.c +@@ -839,10 +839,6 @@ struct torture_suite *torture_local_tfork(TALLOC_CTX *mem_ctx) + "tfork_threads", + test_tfork_threads); + +- torture_suite_add_simple_test(suite, +- "tfork_cmd_send", +- test_tfork_cmd_send); +- + torture_suite_add_simple_test(suite, + "tfork_event_file_handle", + test_tfork_event_file_handle); +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index cb3678d7b6d..53526a26b65 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -21,6 +21,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://0004-Add-options-to-configure-the-use-of-libbsd.patch \ file://0005-samba-build-dnsserver_common-code.patch \ file://0001-Fix-pyext_PATTERN-for-cross-compilation.patch \ + file://0001-smbtorture-skip-test-case-tfork_cmd_send.patch \ " SRC_URI:append:libc-musl = " \ From 05dcac98473402d87e0af73bbc2c5a6a840abe93 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Mon, 29 Aug 2022 16:56:29 +0800 Subject: [PATCH 181/600] postgresql: make sure pam conf installed when pam enabled Update the pam check logic to make sure pam conf installed. Before the patch: root@intel-x86-64:~# rpm -ql postgresql | grep pam.d | grep postgresql root@intel-x86-64:~# After the patch: root@intel-x86-64:~# rpm -ql postgresql | grep pam.d | grep postgresql /etc/pam.d/postgresql root@intel-x86-64:~# Signed-off-by: Mingli Yu Signed-off-by: Khem Raj (cherry picked from commit a755af4fb5ca2e158b00214bb18e27ba69c200fd) Signed-off-by: Armin Kuster --- meta-oe/recipes-dbs/postgresql/postgresql.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-dbs/postgresql/postgresql.inc b/meta-oe/recipes-dbs/postgresql/postgresql.inc index bef33e6bb4f..60d44ce9791 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql.inc +++ b/meta-oe/recipes-dbs/postgresql/postgresql.inc @@ -205,7 +205,7 @@ do_install:append() { # multiple server config directory install -d -m 700 ${D}${sysconfdir}/default/${BPN} - if [ "${@d.getVar('enable_pam')}" = "pam" ]; then + if ${@bb.utils.contains('DISTRO_FEATURES', 'pam', 'true', 'false', d)}; then install -d ${D}${sysconfdir}/pam.d install -m 644 ${WORKDIR}/postgresql.pam ${D}${sysconfdir}/pam.d/postgresql fi From 8c62aaa67ecfdd46c4f55688a460084371710e39 Mon Sep 17 00:00:00 2001 From: wangmy Date: Tue, 13 Sep 2022 18:17:10 +0800 Subject: [PATCH 182/600] php: upgrade 8.1.9 -> 8.1.10 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 2e768a2846968bf306b3d70eb768aafa3ae6e3d1) [Bug fix only release] Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.9.bb => php_8.1.10.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.9.bb => php_8.1.10.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.9.bb b/meta-oe/recipes-devtools/php/php_8.1.10.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.9.bb rename to meta-oe/recipes-devtools/php/php_8.1.10.bb index a93adeefe8c..624ab2621a3 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.9.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.10.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "9ebb0e2e571db6fd5930428dcb2d19ed3e050338ec1f1347c282cae92fc086ff" +SRC_URI[sha256sum] = "2de8e0402285f7c56887defe651922308aded58ba60befcf3b77720209e31f10" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ From 73e66e5ea386baba17de08ef461e5e231a799aad Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Mon, 15 Aug 2022 14:39:23 +0800 Subject: [PATCH 183/600] postgresql: upgrade 14.4 -> 14.5 0001-configure.ac-bypass-autoconf-2.69-version-check.patch refreshed for new version. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit c484ec130065705a1b63462bd9c6aa4d480545c2) Signed-off-by: Armin Kuster --- ...01-configure.ac-bypass-autoconf-2.69-version-check.patch | 6 +++--- .../postgresql/{postgresql_14.4.bb => postgresql_14.5.bb} | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) rename meta-oe/recipes-dbs/postgresql/{postgresql_14.4.bb => postgresql_14.5.bb} (83%) diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch index 2256bccecec..4a576d71722 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -1,4 +1,4 @@ -From 07e605015fad0621c3e67133ff9330a5c6318daa Mon Sep 17 00:00:00 2001 +From 258c6bd2ad96f2c42f1cb5f4c84e4ca5865059f0 Mon Sep 17 00:00:00 2001 From: Yi Fan Yu Date: Fri, 5 Feb 2021 17:15:42 -0500 Subject: [PATCH] configure.ac: bypass autoconf 2.69 version check @@ -14,12 +14,12 @@ Signed-off-by: Yi Fan Yu 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac -index 04ef7be..0eb595b 100644 +index ffe878e..c39799b 100644 --- a/configure.ac +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [14.4], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [14.5], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb similarity index 83% rename from meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb rename to meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb index 1daab22f920..1551d34053d 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.4.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.5.bb @@ -11,7 +11,7 @@ SRC_URI += "\ file://0001-config_info.c-not-expose-build-info.patch \ " -SRC_URI[sha256sum] = "c23b6237c5231c791511bdc79098617d6852e9e3bdf360efd8b5d15a1a3d8f6a" +SRC_URI[sha256sum] = "d4f72cb5fb857c9a9f75ec8cf091a1771272802f2178f0b2e65b7b6ff64f4a30" CVE_CHECK_IGNORE += "\ CVE-2017-8806 \ From 088eaf9ea97b9f65a4629e0267ee905d33f7acee Mon Sep 17 00:00:00 2001 From: Steffen Olsen Date: Tue, 6 Sep 2022 17:09:39 +0200 Subject: [PATCH 184/600] postgreql: Fix pg_config not working after buildpaths patch The patch for removing 'QA issues' with pg_config was incomplete, it did not change the number of items supposed to be in the configdata stucture. This leads to get_configdata function asserting, and pg_config command does not work Signed-off-by: Steffen Olsen Signed-off-by: Khem Raj (cherry picked from commit 730c85613ec718919bc0d155addfb9a20af112ad) Signed-off-by: Armin Kuster --- .../0001-config_info.c-not-expose-build-info.patch | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch b/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch index 101a748776e..52ca276da61 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0001-config_info.c-not-expose-build-info.patch @@ -30,7 +30,16 @@ diff --git a/src/common/config_info.c b/src/common/config_info.c index e72e729..b482c20 100644 --- a/src/common/config_info.c +++ b/src/common/config_info.c -@@ -123,74 +123,6 @@ get_configdata(const char *my_exec_path, size_t *configdata_len) +@@ -38,7 +38,7 @@ + int i = 0; + + /* Adjust this to match the number of items filled below */ +- *configdata_len = 23; ++ *configdata_len = 14; + configdata = (ConfigData *) palloc(*configdata_len * sizeof(ConfigData)); + + configdata[i].name = pstrdup("BINDIR"); +@@ -123,74 +123,6 @@ configdata[i].setting = pstrdup(path); i++; From 7eff264695d09bdbf6a9e67a6d2eb6466107927d Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Wed, 21 Sep 2022 11:19:16 +0300 Subject: [PATCH 185/600] audit: Revert the tweak done in configure step in do_install This tweak is needed for building audit but not the interfaces it may expose via the headers, therefore undo the tweak before packaging things up Reported-By: Scott Murray Signed-off-by: Khem Raj (cherry picked from commit 4ff83dfb5a9f70188959814aa015910bd7363eca) --- meta-oe/recipes-security/audit/audit_3.0.8.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-security/audit/audit_3.0.8.bb b/meta-oe/recipes-security/audit/audit_3.0.8.bb index 3dbfc9e604e..c17899d4f6a 100644 --- a/meta-oe/recipes-security/audit/audit_3.0.8.bb +++ b/meta-oe/recipes-security/audit/audit_3.0.8.bb @@ -77,6 +77,8 @@ do_configure:prepend() { } do_install:append() { + sed -i -e 's|#include "audit.h"|#include |g' ${D}${includedir}/libaudit.h + rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.a rm -f ${D}/${libdir}/python${PYTHON_BASEVERSION}/site-packages/*.la From c5b5f631fc485e91f67827c536c06215a803d7cc Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Thu, 22 Sep 2022 10:12:55 +0200 Subject: [PATCH 186/600] lmdb: Don't inherit base base is always inherited so remove this code which will soon cause an error. Signed-off-by: Richard Purdie Signed-off-by: Khem Raj (cherry picked from commit a755af4fb5ca2e158b00214bb18e27ba69c200fd) Signed-off-by: Ming Liu --- meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb index f23960f40a4..a76d388d703 100644 --- a/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb +++ b/meta-oe/recipes-dbs/lmdb/lmdb_0.9.29.bb @@ -16,7 +16,7 @@ SRC_URI = "git://github.com/LMDB/lmdb.git;nobranch=1;protocol=https \ SRCREV = "8ad7be2510414b9506ec9f9e24f24d04d9b04a1a" -inherit base ptest +inherit ptest S = "${WORKDIR}/git/libraries/liblmdb" From fc9c8a3332e606aad4b398a77085208f61af6f44 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Sat, 24 Sep 2022 15:39:57 +0800 Subject: [PATCH 187/600] frr: Security fix CVE-2022-37035 CVE-2022-37035: An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-37035 Patch from: https://github.com/FRRouting/frr/commit/71ca5b09bc71e8cbe38177cf41e83fe164e52eee Signed-off-by: Yi Zhao --- .../frr/frr/CVE-2022-37035.patch | 151 ++++++++++++++++++ .../recipes-protocols/frr/frr_8.2.2.bb | 1 + 2 files changed, 152 insertions(+) create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2022-37035.patch diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2022-37035.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2022-37035.patch new file mode 100644 index 00000000000..3d18d0b90d0 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2022-37035.patch @@ -0,0 +1,151 @@ +From db24300d56ad5831d9f6e4545ff2999b99e71bac Mon Sep 17 00:00:00 2001 +From: Mark Stapp +Date: Thu, 8 Sep 2022 16:14:36 -0400 +Subject: [PATCH] bgpd: avoid notify race between io and main pthreads + +The "bgp_notify_" apis in bgp_packet.c generate a notification +to a peer, usually during error handling. The io pthread wants +to send notifications in a couple of cases during early +received-packet validation - but the existing api interacts +with the peer struct itself, and that's not safe. + +Add a new api for use by the io pthread, and adjust the main +notify api so that it can avoid touching the peer struct. + +Signed-off-by: Mark Stapp + +CVE: CVE-2022-37035 + +Upstream-Status: Backport +[https://github.com/FRRouting/frr/commit/71ca5b09bc71e8cbe38177cf41e83fe164e52eee] + +Signed-off-by: Yi Zhao +--- + bgpd/bgp_io.c | 17 ++++++++--------- + bgpd/bgp_packet.c | 32 ++++++++++++++++++++++++++++---- + bgpd/bgp_packet.h | 2 ++ + 3 files changed, 38 insertions(+), 13 deletions(-) + +diff --git a/bgpd/bgp_io.c b/bgpd/bgp_io.c +index 9b5a31f28..c736d02db 100644 +--- a/bgpd/bgp_io.c ++++ b/bgpd/bgp_io.c +@@ -37,7 +37,7 @@ + #include "bgpd/bgp_debug.h" // for bgp_debug_neighbor_events, bgp_type_str + #include "bgpd/bgp_errors.h" // for expanded error reference information + #include "bgpd/bgp_fsm.h" // for BGP_EVENT_ADD, bgp_event +-#include "bgpd/bgp_packet.h" // for bgp_notify_send_with_data, bgp_notify... ++#include "bgpd/bgp_packet.h" // for bgp_notify_io_invalid... + #include "bgpd/bgp_trace.h" // for frrtraces + #include "bgpd/bgpd.h" // for peer, BGP_MARKER_SIZE, bgp_master, bm + /* clang-format on */ +@@ -526,8 +526,8 @@ static bool validate_header(struct peer *peer) + return false; + + if (memcmp(m_correct, m_rx, BGP_MARKER_SIZE) != 0) { +- bgp_notify_send(peer, BGP_NOTIFY_HEADER_ERR, +- BGP_NOTIFY_HEADER_NOT_SYNC); ++ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, ++ BGP_NOTIFY_HEADER_NOT_SYNC, NULL, 0); + return false; + } + +@@ -547,9 +547,8 @@ static bool validate_header(struct peer *peer) + zlog_debug("%s unknown message type 0x%02x", peer->host, + type); + +- bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, +- BGP_NOTIFY_HEADER_BAD_MESTYPE, &type, +- 1); ++ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, ++ BGP_NOTIFY_HEADER_BAD_MESTYPE, &type, 1); + return false; + } + +@@ -574,9 +573,9 @@ static bool validate_header(struct peer *peer) + + uint16_t nsize = htons(size); + +- bgp_notify_send_with_data(peer, BGP_NOTIFY_HEADER_ERR, +- BGP_NOTIFY_HEADER_BAD_MESLEN, +- (unsigned char *)&nsize, 2); ++ bgp_notify_io_invalid(peer, BGP_NOTIFY_HEADER_ERR, ++ BGP_NOTIFY_HEADER_BAD_MESLEN, ++ (unsigned char *)&nsize, 2); + return false; + } + +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index 7c92a8d9e..a5ce5a527 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -736,8 +736,9 @@ static void bgp_write_notify(struct peer *peer) + * @param data Data portion + * @param datalen length of data portion + */ +-void bgp_notify_send_with_data(struct peer *peer, uint8_t code, +- uint8_t sub_code, uint8_t *data, size_t datalen) ++static void bgp_notify_send_internal(struct peer *peer, uint8_t code, ++ uint8_t sub_code, uint8_t *data, ++ size_t datalen, bool use_curr) + { + struct stream *s; + +@@ -769,8 +770,11 @@ void bgp_notify_send_with_data(struct peer *peer, uint8_t code, + * If possible, store last packet for debugging purposes. This check is + * in place because we are sometimes called with a doppelganger peer, + * who tends to have a plethora of fields nulled out. ++ * ++ * Some callers should not attempt this - the io pthread for example ++ * should not touch internals of the peer struct. + */ +- if (peer->curr) { ++ if (use_curr && peer->curr) { + size_t packetsize = stream_get_endp(peer->curr); + assert(packetsize <= peer->max_packet_size); + memcpy(peer->last_reset_cause, peer->curr->data, packetsize); +@@ -853,7 +857,27 @@ void bgp_notify_send_with_data(struct peer *peer, uint8_t code, + */ + void bgp_notify_send(struct peer *peer, uint8_t code, uint8_t sub_code) + { +- bgp_notify_send_with_data(peer, code, sub_code, NULL, 0); ++ bgp_notify_send_internal(peer, code, sub_code, NULL, 0, true); ++} ++ ++/* ++ * Enqueue notification; called from the main pthread, peer object access is ok. ++ */ ++void bgp_notify_send_with_data(struct peer *peer, uint8_t code, ++ uint8_t sub_code, uint8_t *data, size_t datalen) ++{ ++ bgp_notify_send_internal(peer, code, sub_code, data, datalen, true); ++} ++ ++/* ++ * For use by the io pthread, queueing a notification but avoiding access to ++ * the peer object. ++ */ ++void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code, ++ uint8_t *data, size_t datalen) ++{ ++ /* Avoid touching the peer object */ ++ bgp_notify_send_internal(peer, code, sub_code, data, datalen, false); + } + + /* +diff --git a/bgpd/bgp_packet.h b/bgpd/bgp_packet.h +index 280d3ec17..898f88ff5 100644 +--- a/bgpd/bgp_packet.h ++++ b/bgpd/bgp_packet.h +@@ -62,6 +62,8 @@ extern void bgp_open_send(struct peer *); + extern void bgp_notify_send(struct peer *, uint8_t, uint8_t); + extern void bgp_notify_send_with_data(struct peer *, uint8_t, uint8_t, + uint8_t *, size_t); ++void bgp_notify_io_invalid(struct peer *peer, uint8_t code, uint8_t sub_code, ++ uint8_t *data, size_t datalen); + extern void bgp_route_refresh_send(struct peer *peer, afi_t afi, safi_t safi, + uint8_t orf_type, uint8_t when_to_refresh, + int remove, uint8_t subtype); +-- +2.25.1 + diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 96be49b53fc..62f548f84d3 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -10,6 +10,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ file://COPYING-LGPLv2.1;md5=4fbd65380cdd255951079008b364516c" SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.2 \ + file://CVE-2022-37035.patch \ file://frr.pam \ " From de2bbc5ef443f4cb045f8b6b6c60f9e2ac103c2c Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Sat, 24 Sep 2022 12:10:49 +0200 Subject: [PATCH 188/600] libcec: fix runtime dependencies for ${PN}-examples * cec-client doesn't link with libcec, but uses LibCecInitialise to dlopen libcec, so do_package cannot add the runtime dependency automatically * fixes: root@rpi4:# cec-client -l libcec.so.6: cannot open shared object file: No such file or directory root@rpi4:# cecc-client -l libcec.so.6: cannot open shared object file: No such file or directory libcec.so.6: cannot open shared object file: No such file or directory libcec/6.0.2-r0 $ objdump -p ./build/src/cec-client/cec-client-6.0.2 | grep NEEDED NEEDED libncurses.so.5 NEEDED libtinfo.so.5 NEEDED libstdc++.so.6 NEEDED libgcc_s.so.1 NEEDED libc.so.6 Signed-off-by: Martin Jansa --- meta-oe/recipes-extended/libcec/libcec_6.0.2.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-extended/libcec/libcec_6.0.2.bb b/meta-oe/recipes-extended/libcec/libcec_6.0.2.bb index cd586897a4e..599416cb2a0 100644 --- a/meta-oe/recipes-extended/libcec/libcec_6.0.2.bb +++ b/meta-oe/recipes-extended/libcec/libcec_6.0.2.bb @@ -29,6 +29,9 @@ EXTRA_OECMAKE += "${PLATFORM_CMAKE_FLAGS}" PACKAGE_BEFORE_PN += "${PN}-examples-python ${PN}-examples" FILES:${PN}-examples-python = "${bindir}/py*" FILES:${PN}-examples = "${bindir}" +# cec-client doesn't link with libcec, but uses LibCecInitialise to dlopen libcec, so do_package +# cannot add the runtime dependency automatically +RDEPENDS:${PN}-examples = "${PN}" RDEPENDS:${PN}-examples-python = "python3-${BPN} python3-core" # Create the wrapper for python3 From bd2d8fba766f912bd1bc5cde7d6f0e72152f1547 Mon Sep 17 00:00:00 2001 From: Sakib Sajal Date: Thu, 22 Sep 2022 16:38:53 -0400 Subject: [PATCH 189/600] minicoredumper: retry elf parsing as long as needed Maximum number of tries, in rare cases, is insufficient for elf parse. Backport patch that fixes the issue. Signed-off-by: Sakib Sajal Signed-off-by: Khem Raj (cherry picked from commit e231c86e282eefff0e8164551f75f8e01682abe6) Signed-off-by: Sakib Sajal --- ...-retry-elf-parsing-as-long-as-needed.patch | 128 ++++++++++++++++++ .../minicoredumper/minicoredumper_2.0.1.bb | 1 + 2 files changed, 129 insertions(+) create mode 100644 meta-oe/recipes-kernel/minicoredumper/files/0001-minicoredumper-retry-elf-parsing-as-long-as-needed.patch diff --git a/meta-oe/recipes-kernel/minicoredumper/files/0001-minicoredumper-retry-elf-parsing-as-long-as-needed.patch b/meta-oe/recipes-kernel/minicoredumper/files/0001-minicoredumper-retry-elf-parsing-as-long-as-needed.patch new file mode 100644 index 00000000000..8d5b8b6cbb5 --- /dev/null +++ b/meta-oe/recipes-kernel/minicoredumper/files/0001-minicoredumper-retry-elf-parsing-as-long-as-needed.patch @@ -0,0 +1,128 @@ +From 7a8c6a06c86e133e4346b1dc66483bd8d0d3c716 Mon Sep 17 00:00:00 2001 +From: John Ogness +Date: Tue, 24 Aug 2021 21:10:43 +0200 +Subject: [PATCH] minicoredumper: retry elf parsing as long as needed + +As was reported in github issue #2 ("maximum number of tries +insufficient, in rare cases, for elf parse"), the number of retries +for parsing a process may be insufficient. Rather than setting an +upper limit on the maximum number of retries, track the number of +headers seen. As long as the number of seen headers is greater than +the previous try, try again. + +In order to avoid introducing any new issues, preserve the behavior +of retrying at least 10 times, even if no new headers are seen. + +Reported-by: github.com/ssajal-wr +Signed-off-by: John Ogness + +Upstream-Status: Backport [7a8c6a06c86e133e4346b1dc66483bd8d0d3c716] + +Signed-off-by: Sakib Sajal +--- + src/minicoredumper/corestripper.c | 30 +++++++++++++++++++++++------- + 1 file changed, 23 insertions(+), 7 deletions(-) + +diff --git a/src/minicoredumper/corestripper.c b/src/minicoredumper/corestripper.c +index d96d1df..c96b350 100644 +--- a/src/minicoredumper/corestripper.c ++++ b/src/minicoredumper/corestripper.c +@@ -761,7 +761,7 @@ static int init_log(struct dump_info *di) + typedef int elf_parse_cb(struct dump_info *di, Elf *elf, GElf_Phdr *phdr); + + static int do_elf_ph_parse(struct dump_info *di, GElf_Phdr *type, +- elf_parse_cb *callback) ++ elf_parse_cb *callback, size_t *phnum_found) + { + GElf_Ehdr ehdr_mem; + GElf_Ehdr *ehdr; +@@ -770,6 +770,9 @@ static int do_elf_ph_parse(struct dump_info *di, GElf_Phdr *type, + size_t phnum; + size_t cnt; + ++ if (phnum_found) ++ *phnum_found = 0; ++ + /* start from beginning of core */ + if (lseek64(di->elf_fd, 0, SEEK_SET) == -1) { + info("lseek failed: %s", strerror(errno)); +@@ -809,6 +812,9 @@ static int do_elf_ph_parse(struct dump_info *di, GElf_Phdr *type, + goto out; + } + ++ if (phnum_found) ++ *phnum_found = phnum; ++ + for (cnt = 0; cnt < phnum; cnt++) { + GElf_Phdr phdr_mem; + GElf_Phdr *phdr; +@@ -891,7 +897,7 @@ static int vma_cb(struct dump_info *di, Elf *elf, GElf_Phdr *phdr) + /* + * Tries to parse the found ELF headers and reads all vmas from it. + */ +-static int parse_vma_info(struct dump_info *di) ++static int parse_vma_info(struct dump_info *di, size_t *phnum_found) + { + unsigned long min_off = ULONG_MAX; + unsigned long max_len = 0; +@@ -911,7 +917,7 @@ static int parse_vma_info(struct dump_info *di) + memset(&type, 0, sizeof(type)); + type.p_type = PT_LOAD; + type.p_flags = PF_R; +- if (do_elf_ph_parse(di, &type, vma_cb) != 0) ++ if (do_elf_ph_parse(di, &type, vma_cb, phnum_found) != 0) + return -1; + + for (v = di->vma; v; v = v->next) { +@@ -1614,8 +1620,10 @@ int add_core_data(struct dump_info *di, off64_t dest_offset, size_t len, + */ + static int init_src_core(struct dump_info *di, int src) + { ++ size_t last_phnum = 0; + int tries = 0; + int ret = -1; ++ size_t phnum; + size_t len; + char *buf; + long pos; +@@ -1642,7 +1650,7 @@ again: + goto out; + + /* try to elf-parse the core to read vma info */ +- ret = parse_vma_info(di); ++ ret = parse_vma_info(di, &phnum); + + /* restore our position */ + if (lseek64(di->elf_fd, pos, SEEK_SET) == -1) +@@ -1653,9 +1661,17 @@ again: + + tries++; + +- /* maybe try again */ +- if (tries < 10) ++ if (phnum > last_phnum) { ++ /* new headers found, keep trying */ ++ last_phnum = phnum; + goto again; ++ } else if (tries < 10) { ++ /* ++ * even if no new headers are found, ++ * retry at least 10 times ++ */ ++ goto again; ++ } + + goto out; + } +@@ -2106,7 +2122,7 @@ static int dump_stacks(struct dump_info *di) + /* find and set the first task */ + memset(&type, 0, sizeof(type)); + type.p_type = PT_NOTE; +- do_elf_ph_parse(di, &type, note_cb); ++ do_elf_ph_parse(di, &type, note_cb, NULL); + } + + if (di->first_pid) +-- +2.25.1 + diff --git a/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb b/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb index bf991529427..0b934ee2d88 100644 --- a/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb +++ b/meta-oe/recipes-kernel/minicoredumper/minicoredumper_2.0.1.bb @@ -17,6 +17,7 @@ SRC_URI = "git://github.com/diamon/minicoredumper;protocol=https;branch=master \ file://0001-replace-pthread_mutexattr_setrobust_np-with-pthread_.patch \ file://minicoredumper.service \ file://minicoredumper.init \ + file://0001-minicoredumper-retry-elf-parsing-as-long-as-needed.patch \ " S = "${WORKDIR}/git" From 3423bc2b37bbc07fb29d1286262044e526c6720f Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Mon, 26 Sep 2022 17:10:55 +0530 Subject: [PATCH 190/600] wireshark: CVE-2022-3190 Infinite loop in legacy style dissector Source: https://gitlab.com/wireshark/wireshark/-/commit/67326401a595fffbc67eeed48eb6c55d66a55f67 MR: 122044 Type: Security Fix Disposition: Backport from https://gitlab.com/wireshark/wireshark/-/commit/67326401a595fffbc67eeed48eb6c55d66a55f67 ChangeID: 13f833dfbd8f76db1ea01984441b212f08e6e4f5 Description: CVE-2022-3190 wireshark: Infinite loop in legacy style dissector. Signed-off-by: Hitendra Prajapati Signed-off-by: Khem Raj (cherry picked from commit de66eb0c0dae0930f9e1ba7a358db1ae6b3f2849) Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2022-3190.patch | 145 ++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 146 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch b/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch new file mode 100644 index 00000000000..0b987700f5d --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2022-3190.patch @@ -0,0 +1,145 @@ +From 4585d515b962f3b3a5e81caa64e13e8d9ed2e431 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Mon, 26 Sep 2022 12:47:00 +0530 +Subject: [PATCH] CVE-2022-3190 + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/67326401a595fffbc67eeed48eb6c55d66a55f67] +CVE : CVE-2022-3190 +Signed-off-by: Hitendra Prajapati +--- + epan/dissectors/packet-f5ethtrailer.c | 108 +++++++++++++------------- + 1 file changed, 56 insertions(+), 52 deletions(-) + +diff --git a/epan/dissectors/packet-f5ethtrailer.c b/epan/dissectors/packet-f5ethtrailer.c +index ed77dfd..b15b0d4 100644 +--- a/epan/dissectors/packet-f5ethtrailer.c ++++ b/epan/dissectors/packet-f5ethtrailer.c +@@ -2741,69 +2741,73 @@ dissect_dpt_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *d + static gint + dissect_old_trailer(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void *data) + { +- proto_tree *type_tree = NULL; +- proto_item *ti = NULL; + guint offset = 0; +- guint processed = 0; +- f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; +- guint8 type; +- guint8 len; +- guint8 ver; + + /* While we still have data in the trailer. For old format trailers, this needs + * type, length, version (3 bytes) and for new format trailers, the magic header (4 bytes). + * All old format trailers are at least 4 bytes long, so just check for length of magic. + */ +- while (tvb_reported_length_remaining(tvb, offset)) { +- type = tvb_get_guint8(tvb, offset); +- len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; +- ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); +- +- if (len <= tvb_reported_length_remaining(tvb, offset) && type >= F5TYPE_LOW +- && type <= F5TYPE_HIGH && len >= F5_MIN_SANE && len <= F5_MAX_SANE +- && ver <= F5TRAILER_VER_MAX) { +- /* Parse out the specified trailer. */ +- switch (type) { +- case F5TYPE_LOW: +- ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); +- +- processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_low = 1; +- } +- break; +- case F5TYPE_MED: +- ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); +- +- processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_med = 1; +- } +- break; +- case F5TYPE_HIGH: +- ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); +- type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); +- +- processed = +- dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); +- if (processed > 0) { +- tdata->trailer_len += processed; +- tdata->noise_high = 1; +- } +- break; ++ while (tvb_reported_length_remaining(tvb, offset) >= F5_MIN_SANE) { ++ /* length field does not include the type and length bytes. Add them back in */ ++ guint8 len = tvb_get_guint8(tvb, offset + F5_OFF_LENGTH) + F5_OFF_VERSION; ++ if (len > tvb_reported_length_remaining(tvb, offset) ++ || len < F5_MIN_SANE || len > F5_MAX_SANE) { ++ /* Invalid length - either a malformed trailer, corrupt packet, or not f5ethtrailer */ ++ return offset; ++ } ++ guint8 type = tvb_get_guint8(tvb, offset); ++ guint8 ver = tvb_get_guint8(tvb, offset + F5_OFF_VERSION); ++ ++ /* Parse out the specified trailer. */ ++ proto_tree *type_tree = NULL; ++ proto_item *ti = NULL; ++ f5eth_tap_data_t *tdata = (f5eth_tap_data_t *)data; ++ guint processed = 0; ++ ++ switch (type) { ++ case F5TYPE_LOW: ++ ti = proto_tree_add_item(tree, hf_low_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_low); ++ ++ processed = dissect_low_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_low = 1; + } +- if (processed == 0) { +- proto_item_set_len(ti, 1); +- return offset; ++ break; ++ case F5TYPE_MED: ++ ti = proto_tree_add_item(tree, hf_med_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_med); ++ ++ processed = dissect_med_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_med = 1; ++ } ++ break; ++ case F5TYPE_HIGH: ++ ti = proto_tree_add_item(tree, hf_high_id, tvb, offset, len, ENC_NA); ++ type_tree = proto_item_add_subtree(ti, ett_f5ethtrailer_high); ++ ++ processed = ++ dissect_high_trailer(tvb, pinfo, type_tree, offset, len, ver, tdata); ++ if (processed > 0) { ++ tdata->trailer_len += processed; ++ tdata->noise_high = 1; + } ++ break; ++ default: ++ /* Unknown type - malformed trailer, corrupt packet, or not f5ethtrailer - bali out*/ ++ return offset; ++ } ++ if (processed == 0) { ++ /* couldn't process trailer - bali out */ ++ proto_item_set_len(ti, 1); ++ return offset; + } + offset += processed; + } +-return offset; ++ return offset; + } /* dissect_old_trailer() */ + + /*---------------------------------------------------------------------------*/ +-- +2.25.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 38fdbce8927..1a4aedc139e 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -15,6 +15,7 @@ SRC_URI += " \ file://0002-flex-Remove-line-directives.patch \ file://0003-bison-Remove-line-directives.patch \ file://0004-lemon-Remove-line-directives.patch \ + file://CVE-2022-3190.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From 87134241d2ad1f916846685687d67ec5dba9c28d Mon Sep 17 00:00:00 2001 From: wangmy Date: Tue, 27 Sep 2022 16:21:20 +0800 Subject: [PATCH 191/600] dnsmasq: upgrade 2.86 -> 2.87 License-Update : format of License file changed. CVE-2022-0934.patch deleted since it's included in 2.87. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 79ed6782a66590d769a516d8b4c15a4330bf7515) Signed-off-by: Armin Kuster --- .../recipes-support/dnsmasq/dnsmasq.inc | 5 +- .../dnsmasq/dnsmasq/CVE-2022-0934.patch | 191 ------------------ .../recipes-support/dnsmasq/dnsmasq_2.86.bb | 8 - .../recipes-support/dnsmasq/dnsmasq_2.87.bb | 7 + 4 files changed, 10 insertions(+), 201 deletions(-) delete mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch delete mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb create mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc index 136c65d8fd7..a8ff21a125c 100644 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc @@ -3,8 +3,9 @@ HOMEPAGE = "http://www.thekelleys.org.uk/dnsmasq/doc.html" SECTION = "net" # GPLv3 was added in version 2.41 as license option LICENSE = "GPL-2.0-only | GPL-3.0-only" -LIC_FILES_CHKSUM = "file://COPYING;md5=0636e73ff0215e8d672dc4c32c317bb3 \ - file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504" +LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ + file://COPYING-v3;md5=d32239bcb673463ab874e80d47fae504 \ + " #at least versions 2.69 and prior are moved to the archive folder on the server SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getVar('PV').split('.')[1]) > 69]}dnsmasq-${PV}.tar.gz;name=dnsmasq-${PV} \ diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch b/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch deleted file mode 100644 index 6bd734d756c..00000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq/CVE-2022-0934.patch +++ /dev/null @@ -1,191 +0,0 @@ -From 3cdecc159e0f417a2f8d43d99632af26beea630f Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Thu, 31 Mar 2022 21:35:20 +0100 -Subject: [PATCH] Fix write-after-free error in DHCPv6 code. CVE-2022-0934 - refers. - -CVE: CVE-2022-0934 - -Upstream-Status: Backport -[https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=03345ecefe] - -Signed-off-by: Yi Zhao ---- - CHANGELOG | 3 +++ - src/rfc3315.c | 48 +++++++++++++++++++++++++++--------------------- - 2 files changed, 30 insertions(+), 21 deletions(-) - -diff --git a/CHANGELOG b/CHANGELOG -index 5e54df9..a28da2a 100644 ---- a/CHANGELOG -+++ b/CHANGELOG -@@ -1,4 +1,7 @@ - version 2.86 -+ Fix write-after-free error in DHCPv6 server code. -+ CVE-2022-0934 refers. -+ - Handle DHCPREBIND requests in the DHCPv6 server code. - Thanks to Aichun Li for spotting this omission, and the initial - patch. -diff --git a/src/rfc3315.c b/src/rfc3315.c -index 5c2ff97..6ecfeeb 100644 ---- a/src/rfc3315.c -+++ b/src/rfc3315.c -@@ -33,9 +33,9 @@ struct state { - unsigned int mac_len, mac_type; - }; - --static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, -+static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, - struct in6_addr *client_addr, int is_unicast, time_t now); --static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now); -+static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now); - static void log6_opts(int nest, unsigned int xid, void *start_opts, void *end_opts); - static void log6_packet(struct state *state, char *type, struct in6_addr *addr, char *string); - static void log6_quiet(struct state *state, char *type, struct in6_addr *addr, char *string); -@@ -104,12 +104,12 @@ unsigned short dhcp6_reply(struct dhcp_context *context, int interface, char *if - } - - /* This cost me blood to write, it will probably cost you blood to understand - srk. */ --static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, -+static int dhcp6_maybe_relay(struct state *state, unsigned char *inbuff, size_t sz, - struct in6_addr *client_addr, int is_unicast, time_t now) - { - void *end = inbuff + sz; - void *opts = inbuff + 34; -- int msg_type = *((unsigned char *)inbuff); -+ int msg_type = *inbuff; - unsigned char *outmsgtypep; - void *opt; - struct dhcp_vendor *vendor; -@@ -259,15 +259,15 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz, - return 1; - } - --static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_t sz, int is_unicast, time_t now) -+static int dhcp6_no_relay(struct state *state, int msg_type, unsigned char *inbuff, size_t sz, int is_unicast, time_t now) - { - void *opt; -- int i, o, o1, start_opts; -+ int i, o, o1, start_opts, start_msg; - struct dhcp_opt *opt_cfg; - struct dhcp_netid *tagif; - struct dhcp_config *config = NULL; - struct dhcp_netid known_id, iface_id, v6_id; -- unsigned char *outmsgtypep; -+ unsigned char outmsgtype; - struct dhcp_vendor *vendor; - struct dhcp_context *context_tmp; - struct dhcp_mac *mac_opt; -@@ -296,12 +296,13 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - v6_id.next = state->tags; - state->tags = &v6_id; - -- /* copy over transaction-id, and save pointer to message type */ -- if (!(outmsgtypep = put_opt6(inbuff, 4))) -+ start_msg = save_counter(-1); -+ /* copy over transaction-id */ -+ if (!put_opt6(inbuff, 4)) - return 0; - start_opts = save_counter(-1); -- state->xid = outmsgtypep[3] | outmsgtypep[2] << 8 | outmsgtypep[1] << 16; -- -+ state->xid = inbuff[3] | inbuff[2] << 8 | inbuff[1] << 16; -+ - /* We're going to be linking tags from all context we use. - mark them as unused so we don't link one twice and break the list */ - for (context_tmp = state->context; context_tmp; context_tmp = context_tmp->current) -@@ -347,7 +348,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - (msg_type == DHCP6REQUEST || msg_type == DHCP6RENEW || msg_type == DHCP6RELEASE || msg_type == DHCP6DECLINE)) - - { -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - o1 = new_opt6(OPTION6_STATUS_CODE); - put_opt6_short(DHCP6USEMULTI); - put_opt6_string("Use multicast"); -@@ -619,11 +620,11 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - struct dhcp_netid *solicit_tags; - struct dhcp_context *c; - -- *outmsgtypep = DHCP6ADVERTISE; -+ outmsgtype = DHCP6ADVERTISE; - - if (opt6_find(state->packet_options, state->end, OPTION6_RAPID_COMMIT, 0)) - { -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - state->lease_allocate = 1; - o = new_opt6(OPTION6_RAPID_COMMIT); - end_opt6(o); -@@ -809,7 +810,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - int start = save_counter(-1); - - /* set reply message type */ -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - state->lease_allocate = 1; - - log6_quiet(state, "DHCPREQUEST", NULL, ignore ? _("ignored") : NULL); -@@ -924,7 +925,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - int address_assigned = 0; - - /* set reply message type */ -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - - log6_quiet(state, msg_type == DHCP6RENEW ? "DHCPRENEW" : "DHCPREBIND", NULL, NULL); - -@@ -1057,7 +1058,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - int good_addr = 0; - - /* set reply message type */ -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - - log6_quiet(state, "DHCPCONFIRM", NULL, NULL); - -@@ -1121,7 +1122,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - log6_quiet(state, "DHCPINFORMATION-REQUEST", NULL, ignore ? _("ignored") : state->hostname); - if (ignore) - return 0; -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - tagif = add_options(state, 1); - break; - } -@@ -1130,7 +1131,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - case DHCP6RELEASE: - { - /* set reply message type */ -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - - log6_quiet(state, "DHCPRELEASE", NULL, NULL); - -@@ -1195,7 +1196,7 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - case DHCP6DECLINE: - { - /* set reply message type */ -- *outmsgtypep = DHCP6REPLY; -+ outmsgtype = DHCP6REPLY; - - log6_quiet(state, "DHCPDECLINE", NULL, NULL); - -@@ -1275,7 +1276,12 @@ static int dhcp6_no_relay(struct state *state, int msg_type, void *inbuff, size_ - } - - } -- -+ -+ /* Fill in the message type. Note that we store the offset, -+ not a direct pointer, since the packet memory may have been -+ reallocated. */ -+ ((unsigned char *)(daemon->outpacket.iov_base))[start_msg] = outmsgtype; -+ - log_tags(tagif, state->xid); - log6_opts(0, state->xid, daemon->outpacket.iov_base + start_opts, daemon->outpacket.iov_base + save_counter(-1)); - --- -2.25.1 - diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb deleted file mode 100644 index 0f7880ce8c7..00000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.86.bb +++ /dev/null @@ -1,8 +0,0 @@ -require dnsmasq.inc - -SRC_URI[dnsmasq-2.86.sha256sum] = "ef15f608a83ee2b1d1d2c1f11d089a7e0ac401ffb0991de73fc01ce5f290e512" -SRC_URI += "\ - file://lua.patch \ - file://CVE-2022-0934.patch \ -" - diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb new file mode 100644 index 00000000000..793b61d7129 --- /dev/null +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb @@ -0,0 +1,7 @@ +require dnsmasq.inc + +SRC_URI[dnsmasq-2.87.sha256sum] = "ae39bffde9c37e4d64849b528afeb060be6bad6d1044a3bd94a49fce41357284" +SRC_URI += "\ + file://lua.patch \ +" + From 4d8ce5dfebb0a2762a208b4b426e8f0ca45f72c7 Mon Sep 17 00:00:00 2001 From: Hitomi Hasegawa Date: Thu, 29 Sep 2022 17:54:50 +0900 Subject: [PATCH 192/600] libsdl: add CVE-2019-14906 to allowlist CVE-2019-14906 is a Red Hat vulnerability and Yocto is not applicable. So add it to the allowlist. Signed-off-by: Hitomi Hasegawa Signed-off-by: Khem Raj (cherry picked from commit 8803be17aada56ec6a11fba4db9df74f16f9c58c) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb index 9085c6d2fe3..4ec0dc6ca33 100644 --- a/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb +++ b/meta-oe/recipes-graphics/libsdl/libsdl_1.2.15.bb @@ -82,3 +82,6 @@ do_configure:prepend() { } BBCLASSEXTEND = "native nativesdk" + +#CVE-2019-14906 is a RHEL specific vulnerability. +CVE_CHECK_IGNORE += "CVE-2019-14906" From 0b0086ca9acc1a5dc682c93217b9f8996214ae4c Mon Sep 17 00:00:00 2001 From: Chen Qi Date: Tue, 27 Sep 2022 01:18:17 -0700 Subject: [PATCH 193/600] polkit: refresh patch Refresh patch to avoid QA issue about patch fuzz. Signed-off-by: Chen Qi --- .../0004-Make-netgroup-support-optional.patch | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch b/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch index fa273d4503f..218c860fbd7 100644 --- a/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch +++ b/meta-oe/recipes-extended/polkit/polkit/0004-Make-netgroup-support-optional.patch @@ -1,4 +1,4 @@ -From 7ef2621ab7adcedc099ed39acfb73c6fa835cbc3 Mon Sep 17 00:00:00 2001 +From 5cf1a5fe6f8a24f1c95a749e3f347eeed2f591dd Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Sun, 15 May 2022 05:04:10 +0000 Subject: [PATCH] Make netgroup support optional @@ -37,12 +37,12 @@ Signed-off-by: Marta Rybczynska 9 files changed, 43 insertions(+), 8 deletions(-) diff --git a/configure.ac b/configure.ac -index 59858df..5a7fc11 100644 +index 18e4223..0f87ea0 100644 --- a/configure.ac +++ b/configure.ac -@@ -100,7 +100,7 @@ AC_CHECK_LIB(expat,XML_ParserCreate,[EXPAT_LIBS="-lexpat"], - [AC_MSG_ERROR([Can't find expat library. Please install expat.])]) - AC_SUBST(EXPAT_LIBS) +@@ -117,7 +117,7 @@ CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + CC="$PTHREAD_CC" + AC_CHECK_FUNCS([pthread_condattr_setclock]) -AC_CHECK_FUNCS(clearenv fdatasync) +AC_CHECK_FUNCS(clearenv fdatasync setnetgrent) @@ -50,7 +50,7 @@ index 59858df..5a7fc11 100644 if test "x$GCC" = "xyes"; then LDFLAGS="-Wl,--as-needed $LDFLAGS" diff --git a/meson.build b/meson.build -index 733bbff..d840926 100644 +index 7506231..2d9d67a 100644 --- a/meson.build +++ b/meson.build @@ -82,6 +82,7 @@ config_h.set('_GNU_SOURCE', true) @@ -164,10 +164,10 @@ index 056d9a8..36c2f3d 100644 } diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp -index 5027815..bcb040c 100644 +index 11e91c0..9ee0391 100644 --- a/src/polkitbackend/polkitbackendjsauthority.cpp +++ b/src/polkitbackend/polkitbackendjsauthority.cpp -@@ -1524,6 +1524,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1291,6 +1291,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, JS::CallArgs args = JS::CallArgsFromVp (argc, vp); @@ -175,7 +175,7 @@ index 5027815..bcb040c 100644 JS::RootedString usrstr (authority->priv->cx); usrstr = args[0].toString(); user = JS_EncodeStringToUTF8 (cx, usrstr); -@@ -1538,6 +1539,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, +@@ -1305,6 +1306,7 @@ js_polkit_user_is_in_netgroup (JSContext *cx, { is_in_netgroup = true; } @@ -233,7 +233,7 @@ index 3701ba1..e1d211e 100644 return g_test_run (); } diff --git a/test/polkitbackend/test-polkitbackendjsauthority.c b/test/polkitbackend/test-polkitbackendjsauthority.c -index f97e0e0..fc52149 100644 +index 2103b17..b187a2f 100644 --- a/test/polkitbackend/test-polkitbackendjsauthority.c +++ b/test/polkitbackend/test-polkitbackendjsauthority.c @@ -137,12 +137,14 @@ test_get_admin_identities (void) From 9702cc9ba38510bc715cf8f3ce734f0fda571a5c Mon Sep 17 00:00:00 2001 From: Ovidiu Panait Date: Thu, 11 Aug 2022 11:27:39 +0300 Subject: [PATCH 194/600] net-snmp: upgrade 5.9.1 -> 5.9.3 Upgrade summary: ---------------- - drop 0002-configure-fix-a-cc-check-issue.patch, as it was replaced with upstream commit https://github.com/net-snmp/net-snmp/commit/dbb49acfa2af - drop 0001-snmpd-always-exit-after-displaying-usage.patch backport - rebase net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch manually - refresh patches with devtool to get rid of fuzz Changelog: ---------- *5.9.3*: security: - These two CVEs can be exploited by a user with read-only credentials: - CVE-2022-24805 A buffer overflow in the handling of the INDEX of NET-SNMP-VACM-MIB can cause an out-of-bounds memory access. - CVE-2022-24809 A malformed OID in a GET-NEXT to the nsVacmAccessTable can cause a NULL pointer dereference. - These CVEs can be exploited by a user with read-write credentials: - CVE-2022-24806 Improper Input Validation when SETing malformed OIDs in master agent and subagent simultaneously - CVE-2022-24807 A malformed OID in a SET request to SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable can cause an out-of-bounds memory access. - CVE-2022-24808 A malformed OID in a SET request to NET-SNMP-AGENT-MIB::nsLogTable can cause a NULL pointer dereference - CVE-2022-24810 A malformed OID in a SET to the nsVacmAccessTable can cause a NULL pointer dereference. - To avoid these flaws, use strong SNMPv3 credentials and do not share them. If you must use SNMPv1 or SNMPv2c, use a complex community string and enhance the protection by restricting access to a given IP address range. - Thanks are due to Yu Zhang of VARAS@IIE and Nanyu Zhong of VARAS@IIE for reporting the following CVEs that have been fixed in this release, and to Arista Networks for providing fixes. Windows: - WinExtDLL: Fix multiple compiler warnings - WinExtDLL: Make long strings occupy a single line Make it easier to look up error messages in the source code by making long strings occupy a single source code line. - WinExtDLL: Restore MIB-II support Make winExtDLL work on 64-bit Windows systems") caused snmpd to skip MIB-II on 64-bit systems. IF-MIB: Update ifTable entries even if the interface name has changed At least on Linux a network interface index may be reused for a network interface with a different name. Hence this patch that enables replacing network interface information even if the network interface name has changed. unspecified: - Moved transport code into a separate subdirectory in snmplib - Snmplib: remove inline versions of container funcs". misc: - snmp-create-v3-user: Fix the snmpd.conf path @datadir@ is expanded in ${datarootdir} so datarootdir must be set before @datadir@ is used. *5.9.2*: skipped due to a last minute library versioning found bug -- use 5.9.3 instead Signed-off-by: Ovidiu Panait Signed-off-by: Khem Raj (cherry picked from commit bf4a826c7de51dcdac87f81fa2bd2301629d50db) Signed-off-by: Armin Kuster --- ...ath.m4-keep-consistent-between-32bit.patch | 11 ++-- .../0001-config_os_headers-Error-Fix.patch | 4 +- ...1-get_pid_from_inode-Include-limit.h.patch | 6 +- ...d-always-exit-after-displaying-usage.patch | 55 ------------------- ....c-Don-t-check-for-return-from-EVP_M.patch | 4 +- .../0002-configure-fix-a-cc-check-issue.patch | 28 ---------- ...004-configure-fix-incorrect-variable.patch | 6 +- .../net-snmp/fix-libtool-finish.patch | 6 +- ....7.2-fix-engineBoots-value-on-SIGHUP.patch | 26 ++++----- ...add-knob-whether-nlist.h-are-checked.patch | 4 +- .../net-snmp-fix-for-disable-des.patch | 4 +- ...ting-add-the-output-format-for-ptest.patch | 2 +- .../reproducibility-have-printcap.patch | 4 +- .../{net-snmp_5.9.1.bb => net-snmp_5.9.3.bb} | 4 +- 14 files changed, 38 insertions(+), 126 deletions(-) delete mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch delete mode 100644 meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch rename meta-networking/recipes-protocols/net-snmp/{net-snmp_5.9.1.bb => net-snmp_5.9.3.bb} (98%) diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch index 4cd72904478..0eeddf752ca 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch @@ -1,7 +1,8 @@ -From 6f8ea2e841ad45eed193310b599d3f3b410ae91d Mon Sep 17 00:00:00 2001 +From 98c62e24fdd05d7e8bd8149840bad8eb0feb3fb1 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Fri, 29 Jan 2021 08:49:15 +0000 -Subject: [PATCH] ac_add_search_path.m4: keep consistent between 32bit and 64bit +Subject: [PATCH] ac_add_search_path.m4: keep consistent between 32bit and + 64bit With configure option "--with-openssl=${STAGING_EXECPREFIXDIR}", it behaves differently between 32bit and 64bit system as the openssl lib resides under @@ -15,12 +16,13 @@ So add the patch to fix the gap between 32bit and 64bit system. Upstream-Status: Inappropriate [configuration specific] Signed-off-by: Mingli Yu + --- m4/ac_add_search_path.m4 | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/m4/ac_add_search_path.m4 b/m4/ac_add_search_path.m4 -index 8e0a819..961f587 100644 +index 8e0a819..e9585bc 100644 --- a/m4/ac_add_search_path.m4 +++ b/m4/ac_add_search_path.m4 @@ -3,8 +3,8 @@ dnl Add a search path to the LIBS and CPPFLAGS variables @@ -34,6 +36,3 @@ index 8e0a819..961f587 100644 fi if test -d $1/include; then CPPFLAGS="-I$1/include $CPPFLAGS" --- -2.29.2 - diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch index 05a47f61cee..f8a52a63f5f 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-config_os_headers-Error-Fix.patch @@ -1,4 +1,4 @@ -From 69d4c517c07f55c505090e48d96ace8cd599fb26 Mon Sep 17 00:00:00 2001 +From e86d5fd52f19b85da0b7cce660c6e65ec4c0f9bb Mon Sep 17 00:00:00 2001 From: Li xin Date: Fri, 21 Aug 2015 18:23:13 +0900 Subject: [PATCH] config_os_headers: Error Fix @@ -19,7 +19,7 @@ Signed-off-by: Li Xin 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers -index f07d512..2363b42 100644 +index 01c3376..6edd85f 100644 --- a/configure.d/config_os_headers +++ b/configure.d/config_os_headers @@ -395,8 +395,8 @@ then diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch index 22e591556a0..a7881a87133 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-get_pid_from_inode-Include-limit.h.patch @@ -1,4 +1,4 @@ -From 2bf1bbe1d428ed06d57aa76b03e394b72ff2216d Mon Sep 17 00:00:00 2001 +From 8097734b27fd146f358a4edd0d1a0d28309bd9a4 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 22 Jul 2016 18:34:39 +0000 Subject: [PATCH] get_pid_from_inode: Include limit.h @@ -14,7 +14,7 @@ Signed-off-by: Khem Raj 1 file changed, 1 insertion(+) diff --git a/agent/mibgroup/util_funcs/get_pid_from_inode.c b/agent/mibgroup/util_funcs/get_pid_from_inode.c -index aee907d..7abaec2 100644 +index 5788e1d..ea380a6 100644 --- a/agent/mibgroup/util_funcs/get_pid_from_inode.c +++ b/agent/mibgroup/util_funcs/get_pid_from_inode.c @@ -6,6 +6,7 @@ @@ -23,5 +23,5 @@ index aee907d..7abaec2 100644 #include +#include #include - #if HAVE_STDLIB_H + #ifdef HAVE_STDLIB_H #include diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch deleted file mode 100644 index 4fc9e54b497..00000000000 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmpd-always-exit-after-displaying-usage.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 94ca941e06bef157bf0e13251f8ca1471daa9393 Mon Sep 17 00:00:00 2001 -From: Kaarle Ritvanen -Date: Fri, 27 Aug 2021 14:21:45 +0300 -Subject: [PATCH] snmpd: always exit after displaying usage - -Currently, viewing the help text with -h results in snmpd being started -in the background, whereas this does not happen with --help. Similarly, -when an error is detected in command line syntax, the help text is -displayed but sometimes snmpd gets started anyway, depending on the -execution path. - -This patch makes snmpd consistently terminate whenever the usage -function gets called. It also removes the goto statements no longer -needed. - -Upstream-Status: Backport -[https://github.com/net-snmp/net-snmp/commit/94ca941e06bef157bf0e13251f8ca1471daa9393] - -Signed-off-by: Yi Zhao ---- - agent/snmpd.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/agent/snmpd.c b/agent/snmpd.c -index f5aab0af8..90de12d99 100644 ---- a/agent/snmpd.c -+++ b/agent/snmpd.c -@@ -289,6 +289,8 @@ usage(char *prog) - " -S d|i|0-7\t\tuse -Ls instead\n" - "\n" - ); -+ SOCK_CLEANUP; -+ exit(1); - } - - static void -@@ -494,7 +496,6 @@ main(int argc, char *argv[]) - case '-': - if (strcasecmp(optarg, "help") == 0) { - usage(argv[0]); -- goto out; - } - if (strcasecmp(optarg, "version") == 0) { - version(); -@@ -783,7 +784,6 @@ main(int argc, char *argv[]) - fprintf(stderr, "%s: Illegal argument -X:" - "AgentX support not compiled in.\n", argv[0]); - usage(argv[0]); -- goto out; - #endif - break; - --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch index 42352a6b00a..af6334f7263 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch @@ -1,4 +1,4 @@ -From f3ff99736b8cccbba77349b0d10a3cee366a4c87 Mon Sep 17 00:00:00 2001 +From f4e1acd4f509dd26cf88da872bd5adcf884f4a5f Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Fri, 18 Sep 2015 00:28:45 -0400 Subject: [PATCH] snmplib/keytools.c: Don't check for return from @@ -17,7 +17,7 @@ Signed-off-by: Ovidiu Panait 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/snmplib/keytools.c b/snmplib/keytools.c -index 129a7c0..2fc1efc 100644 +index 14a452a..fb1694b 100644 --- a/snmplib/keytools.c +++ b/snmplib/keytools.c @@ -183,10 +183,7 @@ generate_Ku(const oid * hashtype, u_int hashtype_len, diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch deleted file mode 100644 index c973bde7213..00000000000 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0002-configure-fix-a-cc-check-issue.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 0a02ac779c51a2b4af3b58cb96967bf3eff80367 Mon Sep 17 00:00:00 2001 -From: Wenlin Kang -Date: Wed, 24 May 2017 16:45:34 +0800 -Subject: [PATCH] configure: fix a cc check issue. - -When has "." in cc value, the expression -$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\w\s\/]+).;\s*/$1/);' -can't get corretly the cc's value. - -Signed-off-by: Wenlin Kang - ---- - configure.d/config_project_perl_python | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.d/config_project_perl_python b/configure.d/config_project_perl_python -index 475c843..22d2ad3 100644 ---- a/configure.d/config_project_perl_python -+++ b/configure.d/config_project_perl_python -@@ -87,7 +87,7 @@ if test "x$install_perl" != "xno" ; then - if test "x$enable_perl_cc_checks" != "xno" ; then - AC_MSG_CHECKING([for Perl cc]) - changequote(, ) -- PERLCC=`$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\w\s\/]+).;\s*/$1/);'` -+ PERLCC=`$myperl -V:cc | $myperl -n -e 'print if (s/^\s*cc=.([-=\.\w\s\/]+).;\s*/$1/);'` - changequote([, ]) - if test "x$PERLCC" != "x" ; then - AC_MSG_RESULT([$PERLCC]) diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch index bfddc63dd7b..6e224188a46 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/0004-configure-fix-incorrect-variable.patch @@ -1,4 +1,4 @@ -From 011bdcd07f2a289d0cfc1b411c03c0cc7c42dad1 Mon Sep 17 00:00:00 2001 +From 6d655ba677563ac9d62d4d8eee59fdb39d486c02 Mon Sep 17 00:00:00 2001 From: Wenlin Kang Date: Wed, 24 May 2017 17:10:20 +0800 Subject: [PATCH] configure: fix incorrect variable @@ -14,10 +14,10 @@ Signed-off-by: Wenlin Kang 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.in b/Makefile.in -index 912f6b2..a53d1b2 100644 +index f1cbbf5..1545be3 100644 --- a/Makefile.in +++ b/Makefile.in -@@ -174,7 +174,7 @@ OTHERCLEANTODOS=perlclean @PYTHONCLEANTARGS@ cleanfeatures perlcleanfeatures pyt +@@ -173,7 +173,7 @@ OTHERCLEANTODOS=perlclean @PYTHONCLEANTARGS@ cleanfeatures perlcleanfeatures pyt # # override LD_RUN_PATH to avoid dependencies on the build directory perlmodules: perlmakefiles subdirs diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch index 26dd014ce4b..409c1e03c88 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/fix-libtool-finish.patch @@ -1,4 +1,4 @@ -From 27444fbf8323679ea0551a3bd5f04c365143d8c0 Mon Sep 17 00:00:00 2001 +From ab1d77c52e84746e75506a2870783806bc77f396 Mon Sep 17 00:00:00 2001 From: "Roy.Li" Date: Fri, 16 Jan 2015 14:14:01 +0800 Subject: [PATCH] net-snmp: fix "libtool --finish" @@ -20,11 +20,11 @@ Signed-off-by: Roy.Li 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile.top b/Makefile.top -index 6315401..fc0ee06 100644 +index a962c54..1ba5607 100644 --- a/Makefile.top +++ b/Makefile.top @@ -89,7 +89,7 @@ LIBREVISION = 0 - LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) -o + LIB_LD_CMD = $(LIBTOOL) --mode=link $(LINKCC) $(CFLAGS) -rpath $(libdir) -version-info $(LIBCURRENT):$(LIBREVISION):$(LIBAGE) @LD_NO_UNDEFINED@ -o LIB_EXTENSION = la LIB_VERSION = -LIB_LDCONFIG_CMD = $(LIBTOOL) --mode=finish $(INSTALL_PREFIX)$(libdir) diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch index 022eb958f3f..35e93d636e5 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch @@ -1,4 +1,4 @@ -From 1e3178835217ba89aa355e2b6b88e490f17be16d Mon Sep 17 00:00:00 2001 +From 5ad4eab43c1ea63ff343bba64d576440e8783e75 Mon Sep 17 00:00:00 2001 From: Zheng Ruoqin Date: Wed, 9 Jun 2021 15:47:30 +0900 Subject: [PATCH] net snmp: fix engineBoots value on SIGHUP @@ -7,6 +7,7 @@ Upstream-Status: Pending Signed-off-by: Marian Florea Signed-off-by: Li Zhou +Signed-off-by: Ovidiu Panait --- agent/snmpd.c | 1 + @@ -14,19 +15,19 @@ Signed-off-by: Li Zhou 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/agent/snmpd.c b/agent/snmpd.c -index 1af439f..355b510 100644 +index 90de12d..1ccc4db 100644 --- a/agent/snmpd.c +++ b/agent/snmpd.c -@@ -1208,6 +1208,7 @@ receive(void) - snmp_log(LOG_INFO, "NET-SNMP version %s restarted\n", - netsnmp_get_version()); - update_config(); -+ snmp_store(app_name); - send_easy_trap(SNMP_TRAP_ENTERPRISESPECIFIC, 3); - #if HAVE_SIGPROCMASK - ret = sigprocmask(SIG_UNBLOCK, &set, NULL); +@@ -1169,6 +1169,7 @@ snmpd_reconfig(void) + snmp_log(LOG_INFO, "NET-SNMP version %s restarted\n", + netsnmp_get_version()); + update_config(); ++ snmp_store(app_name); + send_easy_trap(SNMP_TRAP_ENTERPRISESPECIFIC, 3); + #ifdef HAVE_SIGPROCMASK + ret = sigprocmask(SIG_UNBLOCK, &set, NULL); diff --git a/snmplib/snmpv3.c b/snmplib/snmpv3.c -index 29c2a0f..ada961c 100644 +index 7b1746b..4a17e0d 100644 --- a/snmplib/snmpv3.c +++ b/snmplib/snmpv3.c @@ -1059,9 +1059,9 @@ init_snmpv3_post_config(int majorid, int minorid, void *serverarg, @@ -41,6 +42,3 @@ index 29c2a0f..ada961c 100644 engineBoots = 1; } --- -2.25.1 - diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch index f1ebe2bb613..c5a453abe2d 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-add-knob-whether-nlist.h-are-checked.patch @@ -1,4 +1,4 @@ -From e507dcf8b29c55011f85d88bf05400d4717e4074 Mon Sep 17 00:00:00 2001 +From ad65b106d3cb3c6e595381be1c45a73c1ef6eb5e Mon Sep 17 00:00:00 2001 From: Chong Lu Date: Thu, 28 May 2020 09:46:34 -0500 Subject: [PATCH] net-snmp: add knob whether nlist.h are checked @@ -15,7 +15,7 @@ Signed-off-by: Chong Lu 1 file changed, 2 insertions(+) diff --git a/configure.d/config_os_headers b/configure.d/config_os_headers -index 76ef58a..f07d512 100644 +index b9c8c31..01c3376 100644 --- a/configure.d/config_os_headers +++ b/configure.d/config_os_headers @@ -37,6 +37,7 @@ AC_CHECK_HEADERS([getopt.h pthread.h regex.h ] dnl diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch index 2941a36092b..c382c02d897 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-fix-for-disable-des.patch @@ -1,4 +1,4 @@ -From 3ca4335ec1d6b7b384c134fc85d7a9e513c68376 Mon Sep 17 00:00:00 2001 +From b1b9980853b1083f0c8b9f628f8b4c3a484d4f91 Mon Sep 17 00:00:00 2001 From: Jackie Huang Date: Thu, 22 Jun 2017 10:25:08 +0800 Subject: [PATCH] net-snmp: fix for --disable-des @@ -15,7 +15,7 @@ Signed-off-by: Jackie Huang 1 file changed, 2 insertions(+) diff --git a/snmplib/scapi.c b/snmplib/scapi.c -index 00c9174..c6875e1 100644 +index 54fdd5c..0f7e931 100644 --- a/snmplib/scapi.c +++ b/snmplib/scapi.c @@ -85,7 +85,9 @@ netsnmp_feature_child_of(usm_scapi, usm_support); diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch index 807983f6127..09ca532a7ff 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/net-snmp-testing-add-the-output-format-for-ptest.patch @@ -1,4 +1,4 @@ -From 972df16e9599dffddf5d714a4cbf43008c771122 Mon Sep 17 00:00:00 2001 +From 36a5656db7ea75dd15f35a6c1728937c6e2b901c Mon Sep 17 00:00:00 2001 From: Jackie Huang Date: Wed, 14 Jan 2015 15:10:06 +0800 Subject: [PATCH] testing: add the output format for ptest diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch b/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch index bf1e7bedf2a..c0b51c51e38 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp/reproducibility-have-printcap.patch @@ -1,4 +1,4 @@ -From 84e362fe97f50fbad69f083bc2d8fe18f83eb2f7 Mon Sep 17 00:00:00 2001 +From b923cd38e2503b86aedf66b767fd7f51c9f25645 Mon Sep 17 00:00:00 2001 From: "douglas.royds" Date: Wed, 21 Nov 2018 13:52:18 +1300 Subject: [PATCH] net-snmp: Reproducibility: Don't check build host for @@ -13,7 +13,7 @@ set in the environment to "yes" or "no" as appropriate for the target platform. 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/configure.d/config_os_misc4 b/configure.d/config_os_misc4 -index 6f23c8e..8cea75a 100644 +index b6864d9..07ca922 100644 --- a/configure.d/config_os_misc4 +++ b/configure.d/config_os_misc4 @@ -99,9 +99,9 @@ if test x$LPSTAT_PATH != x; then diff --git a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb similarity index 98% rename from meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb rename to meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb index 30c0ce74cb4..7af51475664 100644 --- a/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.1.bb +++ b/meta-networking/recipes-protocols/net-snmp/net-snmp_5.9.3.bb @@ -21,15 +21,13 @@ SRC_URI = "${SOURCEFORGE_MIRROR}/net-snmp/net-snmp-${PV}.tar.gz \ file://0001-config_os_headers-Error-Fix.patch \ file://0001-snmplib-keytools.c-Don-t-check-for-return-from-EVP_M.patch \ file://0001-get_pid_from_inode-Include-limit.h.patch \ - file://0002-configure-fix-a-cc-check-issue.patch \ file://0004-configure-fix-incorrect-variable.patch \ file://net-snmp-5.7.2-fix-engineBoots-value-on-SIGHUP.patch \ file://net-snmp-fix-for-disable-des.patch \ file://reproducibility-have-printcap.patch \ file://0001-ac_add_search_path.m4-keep-consistent-between-32bit.patch \ - file://0001-snmpd-always-exit-after-displaying-usage.patch \ " -SRC_URI[sha256sum] = "eb7fd4a44de6cddbffd9a92a85ad1309e5c1054fb9d5a7dd93079c8953f48c3f" +SRC_URI[sha256sum] = "2097f29b7e1bf3f1300b4bae52fa2308d0bb8d5d3998dbe02f9462a413a2ef0a" UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/net-snmp/files/net-snmp/" UPSTREAM_CHECK_REGEX = "/net-snmp/(?P\d+(\.\d+)+)/" From 6b7c2efd68136de060ff1f9981d522ff1c091bb4 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Mon, 10 Oct 2022 15:30:07 +0800 Subject: [PATCH 195/600] open-vm-tools: Security fix CVE-2022-31676 CVE-2022-31676: VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-31676 Patch from: https://github.com/vmware/open-vm-tools/commit/70a74758bfe0042c27f15ce590fb21a2bc54d745 Signed-off-by: Yi Zhao Signed-off-by: Armin Kuster --- ...uthorization-on-incoming-guestOps-re.patch | 43 +++++++++++++++++++ .../open-vm-tools/open-vm-tools_11.3.5.bb | 1 + 2 files changed, 44 insertions(+) create mode 100644 meta-networking/recipes-support/open-vm-tools/open-vm-tools/0001-Properly-check-authorization-on-incoming-guestOps-re.patch diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools/0001-Properly-check-authorization-on-incoming-guestOps-re.patch b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/0001-Properly-check-authorization-on-incoming-guestOps-re.patch new file mode 100644 index 00000000000..4140c46d07d --- /dev/null +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/0001-Properly-check-authorization-on-incoming-guestOps-re.patch @@ -0,0 +1,43 @@ +From 70a74758bfe0042c27f15ce590fb21a2bc54d745 Mon Sep 17 00:00:00 2001 +From: John Wolfe +Date: Sun, 21 Aug 2022 07:56:49 -0700 +Subject: [PATCH] Properly check authorization on incoming guestOps requests. + +Fix public pipe request checks. Only a SessionRequest type should +be accepted on the public pipe. + +CVE: CVE-2022-31676 + +Upstream-Status: Backport +[https://github.com/vmware/open-vm-tools/commit/70a74758bfe0042c27f15ce590fb21a2bc54d745] + +Signed-off-by: Yi Zhao +--- + open-vm-tools/vgauth/serviceImpl/proto.c | 6 +++++- + 1 file changed, 5 insertions(+), 1 deletion(-) + +diff --git a/open-vm-tools/vgauth/serviceImpl/proto.c b/open-vm-tools/vgauth/serviceImpl/proto.c +index db7159ee..6c672601 100644 +--- a/open-vm-tools/vgauth/serviceImpl/proto.c ++++ b/open-vm-tools/vgauth/serviceImpl/proto.c +@@ -1,5 +1,5 @@ + /********************************************************* +- * Copyright (C) 2011-2016,2019-2021 VMware, Inc. All rights reserved. ++ * Copyright (C) 2011-2016,2019-2022 VMware, Inc. All rights reserved. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU Lesser General Public License as published +@@ -1201,6 +1201,10 @@ Proto_SecurityCheckRequest(ServiceConnection *conn, + VGAuthError err; + gboolean isSecure = ServiceNetworkIsConnectionPrivateSuperUser(conn); + ++ if (conn->isPublic && req->reqType != PROTO_REQUEST_SESSION_REQ) { ++ return VGAUTH_E_PERMISSION_DENIED; ++ } ++ + switch (req->reqType) { + /* + * This comes over the public connection; alwsys let it through. +-- +2.25.1 + diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb index 1c3545f960e..4670a85a674 100644 --- a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb @@ -44,6 +44,7 @@ SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=maste file://0001-Make-HgfsConvertFromNtTimeNsec-aware-of-64-bit-time_.patch;patchdir=.. \ file://0002-hgfsServerLinux-Consider-64bit-time_t-possibility.patch;patchdir=.. \ file://0001-open-vm-tools-Correct-include-path-for-poll.h.patch;patchdir=.. \ + file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ " UPSTREAM_CHECK_GITTAGREGEX = "stable-(?P\d+(\.\d+)+)" From a7b999dba0077c149dcb2b6b726f50a9cf6828fc Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Mon, 10 Oct 2022 15:30:08 +0800 Subject: [PATCH 196/600] tcpreplay: upgrade 4.4.1 -> 4.4.2 This release contains bug fixes only. The following CVEs have been addressed: CVE-2022-37049 CVE-2022-37048 CVE-2022-37047 CVE-2022-28487 CVE-2022-25484 CVE-2022-27939 CVE-2022-27940 CVE-2022-27941 CVE-2022-27942 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj Signed-off-by: Yi Zhao Signed-off-by: Armin Kuster --- .../tcpreplay/{tcpreplay_4.4.1.bb => tcpreplay_4.4.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/tcpreplay/{tcpreplay_4.4.1.bb => tcpreplay_4.4.2.bb} (85%) diff --git a/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.1.bb b/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.2.bb similarity index 85% rename from meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.1.bb rename to meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.2.bb index 56db66b8eb5..165a0e735b0 100644 --- a/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.1.bb +++ b/meta-networking/recipes-support/tcpreplay/tcpreplay_4.4.2.bb @@ -9,7 +9,7 @@ LIC_FILES_CHKSUM = "file://docs/LICENSE;md5=10f0474a2f0e5dccfca20f69d6598ad8" SRC_URI = "https://github.com/appneta/tcpreplay/releases/download/v${PV}/tcpreplay-${PV}.tar.gz" -SRC_URI[sha256sum] = "cb67b6491a618867fc4f9848f586019f1bb2ebd149f393afac5544ee55e4544f" +SRC_URI[sha256sum] = "5b272cd83b67d6288a234ea15f89ecd93b4fadda65eddc44e7b5fcb2f395b615" UPSTREAM_CHECK_URI = "https://github.com/appneta/tcpreplay/releases" From 744a4b6eda88b9a9ca1cf0df6e18be384d9054e3 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Thu, 13 Oct 2022 11:04:36 +0800 Subject: [PATCH 197/600] frr: Security fix CVE-2022-37032 CVE-2022-37032: An out-of-bounds read in the BGP daemon of FRRouting FRR before 8.4 may lead to a segmentation fault and denial of service. This occurs in bgp_capability_msg_parse in bgpd/bgp_packet.c. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-37032 Patch from: https://github.com/FRRouting/frr/commit/3c4821679f2362bcd38fcc7803f28a5210441ddb Signed-off-by: Yi Zhao Signed-off-by: Armin Kuster --- .../frr/frr/CVE-2022-37032.patch | 42 +++++++++++++++++++ .../recipes-protocols/frr/frr_8.2.2.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2022-37032.patch diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2022-37032.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2022-37032.patch new file mode 100644 index 00000000000..672bc9514a4 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2022-37032.patch @@ -0,0 +1,42 @@ +From 3c4821679f2362bcd38fcc7803f28a5210441ddb Mon Sep 17 00:00:00 2001 +From: Donald Sharp +Date: Thu, 21 Jul 2022 08:11:58 -0400 +Subject: [PATCH] bgpd: Make sure hdr length is at a minimum of what is + expected + +Ensure that if the capability length specified is enough data. + +Signed-off-by: Donald Sharp + +CVE: CVE-2022-37032 + +Upstream-Status: Backport +[https://github.com/FRRouting/frr/commit/3c4821679f2362bcd38fcc7803f28a5210441ddb] + +Signed-off-by: Yi Zhao +--- + bgpd/bgp_packet.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index 7c92a8d9e..bcd47e32d 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -2440,6 +2440,14 @@ static int bgp_capability_msg_parse(struct peer *peer, uint8_t *pnt, + "%s CAPABILITY has action: %d, code: %u, length %u", + peer->host, action, hdr->code, hdr->length); + ++ if (hdr->length < sizeof(struct capability_mp_data)) { ++ zlog_info( ++ "%s Capability structure is not properly filled out, expected at least %zu bytes but header length specified is %d", ++ peer->host, sizeof(struct capability_mp_data), ++ hdr->length); ++ return BGP_Stop; ++ } ++ + /* Capability length check. */ + if ((pnt + hdr->length + 3) > end) { + zlog_info("%s Capability length error", peer->host); +-- +2.25.1 + diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 62f548f84d3..658731567d8 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -11,6 +11,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263 \ SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.2 \ file://CVE-2022-37035.patch \ + file://CVE-2022-37032.patch \ file://frr.pam \ " From 0bfb2765759b0df9c1733bc27084f3de2b2e1c3c Mon Sep 17 00:00:00 2001 From: Mike Petersen Date: Fri, 29 Jul 2022 12:32:09 -0500 Subject: [PATCH 198/600] sshpass: add recipe Needed for automating ssh logins, used in auto-tests. Co-authored-by: Ioan-Adrian Ratiu Signed-off-by: Mike Petersen Signed-off-by: Khem Raj --- .../recipes-connectivity/sshpass/sshpass_1.09.bb | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 meta-networking/recipes-connectivity/sshpass/sshpass_1.09.bb diff --git a/meta-networking/recipes-connectivity/sshpass/sshpass_1.09.bb b/meta-networking/recipes-connectivity/sshpass/sshpass_1.09.bb new file mode 100644 index 00000000000..5c52437af83 --- /dev/null +++ b/meta-networking/recipes-connectivity/sshpass/sshpass_1.09.bb @@ -0,0 +1,11 @@ +DESCRIPTION = "Non-interactive ssh password auth" +HOMEPAGE = "http://sshpass.sourceforge.net/" +SECTION = "console/network" +LICENSE = "GPLv2" +LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" + +SRC_URI = "${SOURCEFORGE_MIRROR}/${BPN}/${BP}.tar.gz" + +SRC_URI[sha256sum] = "71746e5e057ffe9b00b44ac40453bf47091930cba96bbea8dc48717dedc49fb7" + +inherit autotools From 2d1726b2f83bdf92e6fd608c91834c84450b9a5b Mon Sep 17 00:00:00 2001 From: Sergey Kizunov Date: Fri, 3 Jan 2020 11:25:14 -0500 Subject: [PATCH 199/600] Add python3-pycares 3.1.0 Signed-off-by: Sergey Kizunov Acked-by: Alex Stewart Natinst-ReviewBoard-ID: 321878 --- .../recipes-devtools/python/python-pycares.inc | 15 +++++++++++++++ .../python/python3-pycares_3.1.0.bb | 2 ++ 2 files changed, 17 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python-pycares.inc create mode 100644 meta-python/recipes-devtools/python/python3-pycares_3.1.0.bb diff --git a/meta-python/recipes-devtools/python/python-pycares.inc b/meta-python/recipes-devtools/python/python-pycares.inc new file mode 100644 index 00000000000..63398ad5cab --- /dev/null +++ b/meta-python/recipes-devtools/python/python-pycares.inc @@ -0,0 +1,15 @@ +SUMMARY = "Python interface for c-ares" +DESCRIPTION = "pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously." +HOMEPAGE = "https://github.com/saghul/pycares" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE;md5=b1538fcaea82ebf2313ed648b96c69b1" + +SRC_URI[md5sum] = "9d71bb8654cd2f7f34bdfe0ba641b59c" +SRC_URI[sha256sum] = "663c000625725d3a63466a674df4ee7f62bf8ca1ae8a0b87a6411eb811e0e794" + +PYPI_PACKAGE = "pycares" +inherit pypi +RDEPENDS_${PN} = "\ + ${PYTHON_PN}-cffi \ + ${PYTHON_PN}-idna \ +" diff --git a/meta-python/recipes-devtools/python/python3-pycares_3.1.0.bb b/meta-python/recipes-devtools/python/python3-pycares_3.1.0.bb new file mode 100644 index 00000000000..caa1b05fcc4 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pycares_3.1.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-pycares.inc From d4dbba64b1f6a29fd786776ee0385aa34a067416 Mon Sep 17 00:00:00 2001 From: Sergey Kizunov Date: Fri, 3 Jan 2020 11:41:02 -0500 Subject: [PATCH 200/600] Add python3-aiodns 2.0.0 Signed-off-by: Sergey Kizunov Acked-by: Alex Stewart Natinst-ReviewBoard-ID: 321878 --- .../recipes-devtools/python/python-aiodns.inc | 14 ++++++++++++++ .../python/python3-aiodns_2.0.0.bb | 2 ++ 2 files changed, 16 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python-aiodns.inc create mode 100644 meta-python/recipes-devtools/python/python3-aiodns_2.0.0.bb diff --git a/meta-python/recipes-devtools/python/python-aiodns.inc b/meta-python/recipes-devtools/python/python-aiodns.inc new file mode 100644 index 00000000000..584fe64a681 --- /dev/null +++ b/meta-python/recipes-devtools/python/python-aiodns.inc @@ -0,0 +1,14 @@ +SUMMARY = "Simple DNS resolver for asyncio" +DESCRIPTION = "aiodns provides a simple way for doing asynchronous DNS resolutions using pycares." +HOMEPAGE = "https://github.com/saghul/aiodns" +LICENSE = "MIT" +LIC_FILES_CHKSUM = "file://LICENSE;md5=a565d8b5d06b9620968a135a2657b093" + +SRC_URI[md5sum] = "3e121f9eb7ef3ba3556ba7ec28c6f63a" +SRC_URI[sha256sum] = "815fdef4607474295d68da46978a54481dd1e7be153c7d60f9e72773cd38d77d" + +PYPI_PACKAGE = "aiodns" +inherit pypi +RDEPENDS_${PN} = "\ + ${PYTHON_PN}-pycares \ +" diff --git a/meta-python/recipes-devtools/python/python3-aiodns_2.0.0.bb b/meta-python/recipes-devtools/python/python3-aiodns_2.0.0.bb new file mode 100644 index 00000000000..44ff703ff54 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-aiodns_2.0.0.bb @@ -0,0 +1,2 @@ +inherit setuptools3 +require python-aiodns.inc From c4d328b669a97442d1258f0186e44eb11f6ff9ff Mon Sep 17 00:00:00 2001 From: Shruthi Ravichandran Date: Tue, 10 Nov 2020 11:06:05 -0600 Subject: [PATCH 201/600] python-pycares: Add build dependency on cffi-native Signed-off-by: Shruthi Ravichandran --- meta-python/recipes-devtools/python/python-pycares.inc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-python/recipes-devtools/python/python-pycares.inc b/meta-python/recipes-devtools/python/python-pycares.inc index 63398ad5cab..2db8fc134c3 100644 --- a/meta-python/recipes-devtools/python/python-pycares.inc +++ b/meta-python/recipes-devtools/python/python-pycares.inc @@ -9,6 +9,9 @@ SRC_URI[sha256sum] = "663c000625725d3a63466a674df4ee7f62bf8ca1ae8a0b87a6411eb811 PYPI_PACKAGE = "pycares" inherit pypi + +DEPENDS += "${PYTHON_PN}-cffi-native" + RDEPENDS_${PN} = "\ ${PYTHON_PN}-cffi \ ${PYTHON_PN}-idna \ From 8b22ea7faef2d89c8e44e9cff9fb98d78a8bfb7e Mon Sep 17 00:00:00 2001 From: Bill Pittman Date: Thu, 5 May 2022 09:50:45 -0500 Subject: [PATCH 202/600] openvpn: distribute sample-config-files The openvpn tarball has additional sample config files which are generally useful to users, and which are typically distributed in other distros' openvpn packages. Include these sample configs in the OE recipe. Signed-off-by: Bill Pittman Signed-off-by: Alex Stewart --- meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb index 218e72b7a80..41c3aa4893f 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb @@ -43,8 +43,12 @@ do_install:append() { install -d ${D}/${sysconfdir}/openvpn/sample install -m 755 ${S}/sample/sample-config-files/loopback-server ${D}${sysconfdir}/openvpn/sample/loopback-server.conf install -m 755 ${S}/sample/sample-config-files/loopback-client ${D}${sysconfdir}/openvpn/sample/loopback-client.conf + install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-config-files install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-keys + install -dm 755 ${D}${sysconfdir}/openvpn/sample/sample-scripts + install -m 644 ${S}/sample/sample-config-files/* ${D}${sysconfdir}/openvpn/sample/sample-config-files install -m 644 ${S}/sample/sample-keys/* ${D}${sysconfdir}/openvpn/sample/sample-keys + install -m 644 ${S}/sample/sample-scripts/* ${D}${sysconfdir}/openvpn/sample/sample-scripts if ${@bb.utils.contains('DISTRO_FEATURES','systemd','true','false',d)}; then install -d ${D}/${systemd_unitdir}/system From eeeec7d911875a3dd85f0c0007a9bdf21b94a2ef Mon Sep 17 00:00:00 2001 From: Howard Cochran Date: Thu, 15 Sep 2022 14:09:42 -0400 Subject: [PATCH 203/600] ufw: Fix "could not find required binary 'iptables'" Switch from using DISTUTILS_*_ARGS to SETUPTOOLS_*_ARGS to correspond with the earlier change to use setuptools3_legacy instead of distutils3. Without this change, you will get the following error if your build host does not have iptables installed: Fixes: ERROR: ufw-0.36.1-r0 do_compile: 'python3 setup.py build ' execution failed. Log data follows: | DEBUG: Executing shell function do_compile | ERROR: could not find required binary 'iptables' | ERROR: 'python3 setup.py build ' execution failed. | WARNING: exit code 1 from a shell command. ERROR: Task ([snip]/meta-openembedded/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb:do_compile) failed with exit code '1' Also, although the build will not fail on a host that has iptables, it could cause a problem if it is installed at a different path than where OpenEmbedded's iptables will be installed on the target. Fixes: 3e2ed1dcc088 ("ufw: port to setuptools, use setuptools_legacy") Signed-off-by: Howard Cochran Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb index b6a768e08ad..c479eefba06 100644 --- a/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb +++ b/meta-networking/recipes-connectivity/ufw/ufw_0.36.1.bb @@ -70,5 +70,5 @@ FILES:${PN} += " \ REQUIRED_DISTRO_FEATURES = "ipv6" -DISTUTILS_BUILD_ARGS:append = " --iptables-dir /usr/sbin" -DISTUTILS_INSTALL_ARGS:append = " --iptables-dir /usr/sbin" +SETUPTOOLS_BUILD_ARGS:append = " --iptables-dir /usr/sbin" +SETUPTOOLS_INSTALL_ARGS:append = " --iptables-dir /usr/sbin" From 4a97dcdc93c6c34a390d48a257d0255bb19573b1 Mon Sep 17 00:00:00 2001 From: Philippe Coval Date: Fri, 9 Sep 2022 11:41:46 +0200 Subject: [PATCH 204/600] pim435: Relocate sources to eclipse This driver is now part of Eclipse's oniro-blueprints project Note: Once transition is finished, existing copies will be need to be archived For history referer to related tickets if curious. Relate-to: https://gitlab.eclipse.org/eclipse/oniro-core/oniro/-/issues/787 Relate-to: https://gitlab.eclipse.org/eclipse/oniro-blueprints/vending-machine/meta-oniro-blueprints-vending-machine/-/issues/1 Relate-to: https://gitlab.eclipse.org/pcoval/pim435/-/issues/2 Relate-to: https://git.ostc-eu.org/distro/components/vending-machine-control-application/-/issues/2 Forwarded: https://github.com/openembedded/meta-openembedded/pull/603 Origin: https://github.com/astrolabe-coop/meta-openembedded Signed-off-by: Philippe Coval Signed-off-by: Khem Raj (cherry picked from commit 6b50ce8f07b61d111f82c3ca88c5125192c214a0) Signed-off-by: Armin Kuster --- meta-oe/recipes-core/pim435/pim435_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-core/pim435/pim435_git.bb b/meta-oe/recipes-core/pim435/pim435_git.bb index f73a0fd54ec..80e3cc62987 100644 --- a/meta-oe/recipes-core/pim435/pim435_git.bb +++ b/meta-oe/recipes-core/pim435/pim435_git.bb @@ -9,8 +9,8 @@ written in C" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSES/MIT.txt;md5=7dda4e90ded66ab88b86f76169f28663" -SRC_URI = "git://booting.oniroproject.org/distro/components/pim435;protocol=https;branch=main" -SRCREV = "ee07a83de4d0ecdf4b5de20a7e374d36a9a6f5d5" +SRC_URI = "git://gitlab.eclipse.org/eclipse/oniro-blueprints/core/pim435;protocol=https;branch=main" +SRCREV = "445ed623ec8d3ecbb1d566900b4ef3fb3031d689" S = "${WORKDIR}/git" DEPENDS = "i2c-tools" From 4822ca139444a50b87e9914e86060d6c0e0cab3b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carsten=20B=C3=A4cker?= <72093439+cbaecker@users.noreply.github.com> Date: Fri, 19 Aug 2022 12:10:03 +0200 Subject: [PATCH 205/600] spdlog: Fix CMake flag https://github.com/gabime/spdlog/blob/eb3220622e73a4889eee355ffa37972b3cac3df5/CMakeLists.txt#L72 Signed-off-by: Khem Raj (cherry picked from commit b20af98b5ad28e330c97770f7d0db75890784f98) Signed-off-by: Armin Kuster --- meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb b/meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb index d377241ad1b..6362fc7a4ba 100644 --- a/meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb +++ b/meta-oe/recipes-support/spdlog/spdlog_1.9.2.bb @@ -12,7 +12,7 @@ DEPENDS += "fmt" S = "${WORKDIR}/git" BBCLASSEXTEND = "native" -# no need to build example&text&benchmarks on pure yocto -EXTRA_OECMAKE += "-DSPDLOG_INSTALL=on -DSPDLOG_BUILD_SHARED=on -DSPDLOG_BUILD_EXAMPLES=off -DSPDLOG_BUILD_TESTS=off -DSPDLOG_BUILD_BENCH=off -DSPDLOG_FMT_EXTERNAL=on" +# no need to build example & tests & benchmarks on pure yocto +EXTRA_OECMAKE += "-DSPDLOG_INSTALL=on -DSPDLOG_BUILD_SHARED=on -DSPDLOG_BUILD_EXAMPLE=off -DSPDLOG_BUILD_TESTS=off -DSPDLOG_BUILD_BENCH=off -DSPDLOG_FMT_EXTERNAL=on" inherit cmake From b3b00a270edfd27e2dfc05d5a6a5cab94324ad65 Mon Sep 17 00:00:00 2001 From: Alexander Thoma Date: Tue, 26 Jul 2022 15:20:41 +0200 Subject: [PATCH 206/600] Fix tigervnc crash due to missing xkbcomp rdepends Signed-off-by: Khem Raj (cherry picked from commit 447de4d47ba2deba1af80201b91bb312f184fe0e) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb index 5f404f2aa2d..5cde7c9fb4f 100644 --- a/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb +++ b/meta-oe/recipes-graphics/tigervnc/tigervnc_1.11.0.bb @@ -3,7 +3,7 @@ HOMEPAGE = "http://www.tigervnc.com/" LICENSE = "GPL-2.0-or-later" SECTION = "x11/utils" DEPENDS = "xserver-xorg gnutls jpeg libxtst gettext-native fltk libpam" -RDEPENDS:${PN} = "coreutils hicolor-icon-theme perl bash" +RDEPENDS:${PN} = "coreutils hicolor-icon-theme perl bash xkbcomp" LIC_FILES_CHKSUM = "file://LICENCE.TXT;md5=75b02c2872421380bbd47781d2bd75d3" From d03e8eecce762f7a39c30b108c083a4e17287de7 Mon Sep 17 00:00:00 2001 From: Chase Qi Date: Fri, 6 May 2022 08:24:47 +0000 Subject: [PATCH 207/600] kernel-selftest: install kselftest runner Install kselftest runner and the required kselftest-list.txt. Signed-off-by: Chase Qi Signed-off-by: Khem Raj (cherry picked from commit fd330c4514ae5acefa5e472e6775419066d60385) Signed-off-by: Armin Kuster --- meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb b/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb index d5e8e4b497b..3d97ea0967c 100644 --- a/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb +++ b/meta-oe/recipes-kernel/kernel-selftest/kernel-selftest.bb @@ -85,7 +85,13 @@ do_install() { for i in ${TEST_LIST} do oe_runmake -C ${S}/tools/testing/selftests/${i} INSTALL_PATH=${D}/usr/kernel-selftest/${i} install + # Install kselftest-list.txt that required by kselftest runner. + oe_runmake -s --no-print-directory COLLECTION=${i} -C ${S}/tools/testing/selftests/${i} emit_tests \ + >> ${D}/usr/kernel-selftest/kselftest-list.txt done + # Install kselftest runner. + install -m 0755 ${S}/tools/testing/selftests/run_kselftest.sh ${D}/usr/kernel-selftest/ + cp -R --no-dereference --preserve=mode,links -v ${S}/tools/testing/selftests/kselftest ${D}/usr/kernel-selftest/ if [ -e ${D}/usr/kernel-selftest/bpf/test_offload.py ]; then sed -i -e '1s,#!.*python3,#! /usr/bin/env python3,' ${D}/usr/kernel-selftest/bpf/test_offload.py fi @@ -127,7 +133,7 @@ PACKAGE_ARCH = "${MACHINE_ARCH}" INHIBIT_PACKAGE_DEBUG_SPLIT="1" FILES:${PN} += "/usr/kernel-selftest" -RDEPENDS:${PN} += "python3" +RDEPENDS:${PN} += "python3 perl" # tools/testing/selftests/vm/Makefile doesn't respect LDFLAGS and tools/testing/selftests/Makefile explicitly overrides to empty INSANE_SKIP:${PN} += "ldflags" From 50d4a8d2a983a68383ef1ffec2c8e21adf0c1a79 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Thu, 13 Oct 2022 19:09:43 +0200 Subject: [PATCH 208/600] re2: fix branch name from master to main re2 $ git branch -a --contains 166dbbeb3b0ab7e733b278e8f42a84f6882b8a25 * main remotes/origin/HEAD -> origin/main remotes/origin/main Signed-off-by: Martin Jansa Signed-off-by: Khem Raj --- meta-oe/recipes-support/re2/re2_2020.11.01.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/re2/re2_2020.11.01.bb b/meta-oe/recipes-support/re2/re2_2020.11.01.bb index 698fe7e497e..5ec1c6b5ab0 100644 --- a/meta-oe/recipes-support/re2/re2_2020.11.01.bb +++ b/meta-oe/recipes-support/re2/re2_2020.11.01.bb @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b5c31eb512bdf3cb11ffd5713963760" SRCREV = "166dbbeb3b0ab7e733b278e8f42a84f6882b8a25" -SRC_URI = "git://github.com/google/re2.git;branch=master;protocol=https" +SRC_URI = "git://github.com/google/re2.git;branch=main;protocol=https" S = "${WORKDIR}/git" From 28ec4fd74629a4eb4c16c862308e5b89f0735b65 Mon Sep 17 00:00:00 2001 From: Alex Stewart Date: Mon, 7 Nov 2022 13:21:04 -0600 Subject: [PATCH 209/600] openssh: add native BBCLASSEXTEND A native `ssh` client binary is needed when compiling `gvfs` with the `sftp` option enabled. Add the native bbclass to openssh, so that openssh-native can be used by gvfs. Signed-off-by: Alex Stewart --- meta-gnome/recipes-connectivity/openssh/openssh_%.bbappend | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 meta-gnome/recipes-connectivity/openssh/openssh_%.bbappend diff --git a/meta-gnome/recipes-connectivity/openssh/openssh_%.bbappend b/meta-gnome/recipes-connectivity/openssh/openssh_%.bbappend new file mode 100644 index 00000000000..25dcaa27051 --- /dev/null +++ b/meta-gnome/recipes-connectivity/openssh/openssh_%.bbappend @@ -0,0 +1,2 @@ +# An ssh native client binary is needed by the gvfs do_configure. +BBCLASSEXTEND += "native" From e1e459d9894ba3384a108013c3091bc365042488 Mon Sep 17 00:00:00 2001 From: Alex Stewart Date: Mon, 7 Nov 2022 13:29:28 -0600 Subject: [PATCH 210/600] gvfs: stylize DEPENDS Use multiline styling in the gvfs DEPENDS variable assignment, so that diffs are easier to understand. Also alpha-sort the DEPENDS, since their order isn't meaningful. Signed-off-by: Alex Stewart --- meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb b/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb index 93f7f576174..9a747a4f110 100644 --- a/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb +++ b/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb @@ -5,8 +5,15 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=05df38dd77c35ec8431f212410a3329e" GNOMEBASEBUILDCLASS = "meson" inherit gnomebase gsettings bash-completion gettext upstream-version-is-even features_check useradd -DEPENDS += "libsecret glib-2.0 glib-2.0-native libgudev shadow-native \ - gsettings-desktop-schemas dbus" +DEPENDS += "\ + dbus \ + glib-2.0 \ + glib-2.0-native \ + gsettings-desktop-schemas \ + libgudev \ + libsecret \ + shadow-native \ +" RDEPENDS:${PN} += "gsettings-desktop-schemas" From 527cd024b4e5c66aa406e1732aac8f10ed812cf1 Mon Sep 17 00:00:00 2001 From: Alex Stewart Date: Mon, 7 Nov 2022 13:23:39 -0600 Subject: [PATCH 211/600] gvfs: use native ssh client When the `sftp` option is enabled in gvfs, meson tries to find a valid `ssh` binary in the build host's PATH during do_configure. If a -native implementation is not found, meson will try to satisfy the binary using the build machine's hosttools directly - which is generally undesirable. DEPEND on openssh-native, so that an ssh client implementation is always in the PATH during configuration. Signed-off-by: Alex Stewart --- meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb b/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb index 9a747a4f110..62aba8499f3 100644 --- a/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb +++ b/meta-gnome/recipes-gnome/gvfs/gvfs_1.50.0.bb @@ -12,6 +12,7 @@ DEPENDS += "\ gsettings-desktop-schemas \ libgudev \ libsecret \ + openssh-native \ shadow-native \ " From 38f75bab0a4d95757dd47040bc33e6563d5ac8a1 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Mon, 10 Oct 2022 10:28:26 +0530 Subject: [PATCH 212/600] dhcp: Fix CVE-2022-2928 & CVE-2022-2929 Source: https://downloads.isc.org/isc/dhcp MR: 122791, 122806 Type: Security Fix Disposition: Backport from https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/ ChangeID: e90f768e445b7d41b86f04c634cc125546998f0f Description: Fixed CVEs: 1. CVE-2022-2928 2. CVE-2022-2929 Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../dhcp/dhcp-relay_4.4.3.bb | 2 + .../dhcp/files/CVE-2022-2928.patch | 120 ++++++++++++++++++ .../dhcp/files/CVE-2022-2929.patch | 40 ++++++ 3 files changed, 162 insertions(+) create mode 100644 meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2928.patch create mode 100644 meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2929.patch diff --git a/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb b/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb index 92c648708e3..499b0350404 100644 --- a/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb +++ b/meta-networking/recipes-connectivity/dhcp/dhcp-relay_4.4.3.bb @@ -17,6 +17,8 @@ SRC_URI = "https://downloads.isc.org/isc/dhcp/${PV}/dhcp-${PV}.tar.gz \ file://0001-Makefile.am-only-build-dhcrelay.patch \ file://0002-bind-Makefile.in-disable-backtrace.patch \ file://0003-bind-Makefile.in-regenerate-configure.patch \ + file://CVE-2022-2928.patch \ + file://CVE-2022-2929.patch \ " SRC_URI[sha256sum] = "0e3ec6b4c2a05ec0148874bcd999a66d05518378d77421f607fb0bc9d0135818" diff --git a/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2928.patch b/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2928.patch new file mode 100644 index 00000000000..247e8dec68a --- /dev/null +++ b/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2928.patch @@ -0,0 +1,120 @@ +From 2e08d138ff852820a6e87a09088d2dc2cdd15e56 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Mon, 10 Oct 2022 09:57:15 +0530 +Subject: [PATCH 1/2] CVE-2022-2928 + +Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/] +CVE: CVE-2022-2928 +Signed-off-by: Hitendra Prajapati +--- + common/options.c | 7 +++++ + common/tests/option_unittest.c | 54 ++++++++++++++++++++++++++++++++++ + 2 files changed, 61 insertions(+) + +diff --git a/common/options.c b/common/options.c +index 92c8fee..f0959cb 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -4452,6 +4452,8 @@ add_option(struct option_state *options, + if (!option_cache_allocate(&oc, MDL)) { + log_error("No memory for option cache adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + return 0; + } + +@@ -4463,6 +4465,8 @@ add_option(struct option_state *options, + MDL)) { + log_error("No memory for constant data adding %s (option %d).", + option->name, option_num); ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); + option_cache_dereference(&oc, MDL); + return 0; + } +@@ -4471,6 +4475,9 @@ add_option(struct option_state *options, + save_option(&dhcp_universe, options, oc); + option_cache_dereference(&oc, MDL); + ++ /* Get rid of reference created during hash lookup. */ ++ option_dereference(&option, MDL); ++ + return 1; + } + +diff --git a/common/tests/option_unittest.c b/common/tests/option_unittest.c +index 600ebe6..963b566 100644 +--- a/common/tests/option_unittest.c ++++ b/common/tests/option_unittest.c +@@ -213,6 +213,59 @@ ATF_TC_BODY(parse_X, tc) + } + } + ++ATF_TC(add_option_ref_cnt); ++ ++ATF_TC_HEAD(add_option_ref_cnt, tc) ++{ ++ atf_tc_set_md_var(tc, "descr", ++ "Verify add_option() does not leak option ref counts."); ++} ++ ++ATF_TC_BODY(add_option_ref_cnt, tc) ++{ ++ struct option_state *options = NULL; ++ struct option *option = NULL; ++ unsigned int cid_code = DHO_DHCP_CLIENT_IDENTIFIER; ++ char *cid_str = "1234"; ++ int refcnt_before = 0; ++ ++ // Look up the option we're going to add. ++ initialize_common_option_spaces(); ++ if (!option_code_hash_lookup(&option, dhcp_universe.code_hash, ++ &cid_code, 0, MDL)) { ++ atf_tc_fail("cannot find option definition?"); ++ } ++ ++ // Get the option's reference count before we call add_options. ++ refcnt_before = option->refcnt; ++ ++ // Allocate a option_state to which to add an option. ++ if (!option_state_allocate(&options, MDL)) { ++ atf_tc_fail("cannot allocat options state"); ++ } ++ ++ // Call add_option() to add the option to the option state. ++ if (!add_option(options, cid_code, cid_str, strlen(cid_str))) { ++ atf_tc_fail("add_option returned 0"); ++ } ++ ++ // Verify that calling add_option() only adds 1 to the option ref count. ++ if (option->refcnt != (refcnt_before + 1)) { ++ atf_tc_fail("after add_option(), count is wrong, before %d, after: %d", ++ refcnt_before, option->refcnt); ++ } ++ ++ // Derefrence the option_state, this should reduce the ref count to ++ // it's starting value. ++ option_state_dereference(&options, MDL); ++ ++ // Verify that dereferencing option_state restores option ref count. ++ if (option->refcnt != refcnt_before) { ++ atf_tc_fail("after state deref, count is wrong, before %d, after: %d", ++ refcnt_before, option->refcnt); ++ } ++} ++ + /* This macro defines main() method that will call specified + test cases. tp and simple_test_case names can be whatever you want + as long as it is a valid variable identifier. */ +@@ -221,6 +274,7 @@ ATF_TP_ADD_TCS(tp) + ATF_TP_ADD_TC(tp, option_refcnt); + ATF_TP_ADD_TC(tp, pretty_print_option); + ATF_TP_ADD_TC(tp, parse_X); ++ ATF_TP_ADD_TC(tp, add_option_ref_cnt); + + return (atf_no_error()); + } +-- +2.25.1 + diff --git a/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2929.patch b/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2929.patch new file mode 100644 index 00000000000..faaac4868c6 --- /dev/null +++ b/meta-networking/recipes-connectivity/dhcp/files/CVE-2022-2929.patch @@ -0,0 +1,40 @@ +From 5436cafe1d7df409a44ff5f610248db57f0677ee Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Mon, 10 Oct 2022 09:58:04 +0530 +Subject: [PATCH 2/2] CVE-2022-2929 + +Upstream-Status: Backport [https://downloads.isc.org/isc/dhcp/4.4.3-P1/patches/] +CVE: CVE-2022-2929 +Signed-off-by: Hitendra Prajapati +--- + common/options.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/common/options.c b/common/options.c +index f0959cb..25450e1 100644 +--- a/common/options.c ++++ b/common/options.c +@@ -454,16 +454,16 @@ int fqdn_universe_decode (struct option_state *options, + while (s < &bp -> data[0] + length + 2) { + len = *s; + if (len > 63) { +- log_info ("fancy bits in fqdn option"); +- return 0; ++ log_info ("label length exceeds 63 in fqdn option"); ++ goto bad; + } + if (len == 0) { + terminated = 1; + break; + } + if (s + len > &bp -> data [0] + length + 3) { +- log_info ("fqdn tag longer than buffer"); +- return 0; ++ log_info ("fqdn label longer than buffer"); ++ goto bad; + } + + if (first_len == 0) { +-- +2.25.1 + From 5910870977eaa48a1adfa95797a0ca544f2198ea Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Fri, 11 Nov 2022 10:43:52 +0530 Subject: [PATCH 213/600] strongswan: CVE-2022-40617 A possible DoS in Using Untrusted URIs for Revocation Checking Upstream-Status: Backport from https://download.strongswan.org/security/CVE-2022-40617 Affects "strongswan < 5.9.8" Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../strongswan/files/CVE-2022-40617.patch | 157 ++++++++++++++++++ .../strongswan/strongswan_5.9.6.bb | 1 + 2 files changed, 158 insertions(+) create mode 100644 meta-networking/recipes-support/strongswan/files/CVE-2022-40617.patch diff --git a/meta-networking/recipes-support/strongswan/files/CVE-2022-40617.patch b/meta-networking/recipes-support/strongswan/files/CVE-2022-40617.patch new file mode 100644 index 00000000000..ffef6800ebf --- /dev/null +++ b/meta-networking/recipes-support/strongswan/files/CVE-2022-40617.patch @@ -0,0 +1,157 @@ +From 6a6c275534e31b41f6d203cfd92685b7526a45e8 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Fri, 11 Nov 2022 10:15:38 +0530 +Subject: [PATCH] CVE-2022-40617 + +Upstream-Status: Backport [https://download.strongswan.org/security/CVE-2022-40617] +CVE: CVE-2022-40617 +Signed-off-by: Hitendra Prajapati + +credential-manager: Do online revocation checks only after + basic trust chain validation + +This avoids querying URLs of potentially untrusted certificates, e.g. if +an attacker sends a specially crafted end-entity and intermediate CA +certificate with a CDP that points to a server that completes the +TCP handshake but then does not send any further data, which will block +the fetcher thread (depending on the plugin) for as long as the default +timeout for TCP. Doing that multiple times will block all worker threads, +leading to a DoS attack. + +The logging during the certificate verification obviously changes. +--- + .../credentials/credential_manager.c | 54 +++++++++++++++---- + 1 file changed, 45 insertions(+), 9 deletions(-) + +diff --git a/src/libstrongswan/credentials/credential_manager.c b/src/libstrongswan/credentials/credential_manager.c +index 3be0190..f65372b 100644 +--- a/src/libstrongswan/credentials/credential_manager.c ++++ b/src/libstrongswan/credentials/credential_manager.c +@@ -555,7 +555,7 @@ static void cache_queue(private_credential_manager_t *this) + */ + static bool check_lifetime(private_credential_manager_t *this, + certificate_t *cert, char *label, +- int pathlen, bool trusted, auth_cfg_t *auth) ++ int pathlen, bool anchor, auth_cfg_t *auth) + { + time_t not_before, not_after; + cert_validator_t *validator; +@@ -570,7 +570,7 @@ static bool check_lifetime(private_credential_manager_t *this, + continue; + } + status = validator->check_lifetime(validator, cert, +- pathlen, trusted, auth); ++ pathlen, anchor, auth); + if (status != NEED_MORE) + { + break; +@@ -603,13 +603,13 @@ static bool check_lifetime(private_credential_manager_t *this, + */ + static bool check_certificate(private_credential_manager_t *this, + certificate_t *subject, certificate_t *issuer, bool online, +- int pathlen, bool trusted, auth_cfg_t *auth) ++ int pathlen, bool anchor, auth_cfg_t *auth) + { + cert_validator_t *validator; + enumerator_t *enumerator; + + if (!check_lifetime(this, subject, "subject", pathlen, FALSE, auth) || +- !check_lifetime(this, issuer, "issuer", pathlen + 1, trusted, auth)) ++ !check_lifetime(this, issuer, "issuer", pathlen + 1, anchor, auth)) + { + return FALSE; + } +@@ -622,7 +622,7 @@ static bool check_certificate(private_credential_manager_t *this, + continue; + } + if (!validator->validate(validator, subject, issuer, +- online, pathlen, trusted, auth)) ++ online, pathlen, anchor, auth)) + { + enumerator->destroy(enumerator); + return FALSE; +@@ -725,6 +725,7 @@ static bool verify_trust_chain(private_credential_manager_t *this, + auth_cfg_t *auth; + signature_params_t *scheme; + int pathlen; ++ bool is_anchor = FALSE; + + auth = auth_cfg_create(); + get_key_strength(subject, auth); +@@ -742,7 +743,7 @@ static bool verify_trust_chain(private_credential_manager_t *this, + auth->add(auth, AUTH_RULE_CA_CERT, issuer->get_ref(issuer)); + DBG1(DBG_CFG, " using trusted ca certificate \"%Y\"", + issuer->get_subject(issuer)); +- trusted = TRUE; ++ trusted = is_anchor = TRUE; + } + else + { +@@ -777,11 +778,18 @@ static bool verify_trust_chain(private_credential_manager_t *this, + DBG1(DBG_CFG, " issuer is \"%Y\"", + current->get_issuer(current)); + call_hook(this, CRED_HOOK_NO_ISSUER, current); ++ if (trusted) ++ { ++ DBG1(DBG_CFG, " reached end of incomplete trust chain for " ++ "trusted certificate \"%Y\"", ++ subject->get_subject(subject)); ++ } + break; + } + } +- if (!check_certificate(this, current, issuer, online, +- pathlen, trusted, auth)) ++ /* don't do online verification here */ ++ if (!check_certificate(this, current, issuer, FALSE, ++ pathlen, is_anchor, auth)) + { + trusted = FALSE; + issuer->destroy(issuer); +@@ -793,7 +801,7 @@ static bool verify_trust_chain(private_credential_manager_t *this, + } + current->destroy(current); + current = issuer; +- if (trusted) ++ if (is_anchor) + { + DBG1(DBG_CFG, " reached self-signed root ca with a " + "path length of %d", pathlen); +@@ -806,6 +814,34 @@ static bool verify_trust_chain(private_credential_manager_t *this, + DBG1(DBG_CFG, "maximum path length of %d exceeded", MAX_TRUST_PATH_LEN); + call_hook(this, CRED_HOOK_EXCEEDED_PATH_LEN, subject); + } ++ else if (trusted && online) ++ { ++ enumerator_t *enumerator; ++ auth_rule_t rule; ++ ++ /* do online revocation checks after basic validation of the chain */ ++ pathlen = 0; ++ current = subject; ++ enumerator = auth->create_enumerator(auth); ++ while (enumerator->enumerate(enumerator, &rule, &issuer)) ++ { ++ if (rule == AUTH_RULE_CA_CERT || rule == AUTH_RULE_IM_CERT) ++ { ++ if (!check_certificate(this, current, issuer, TRUE, pathlen++, ++ rule == AUTH_RULE_CA_CERT, auth)) ++ { ++ trusted = FALSE; ++ break; ++ } ++ else if (rule == AUTH_RULE_CA_CERT) ++ { ++ break; ++ } ++ current = issuer; ++ } ++ } ++ enumerator->destroy(enumerator); ++ } + if (trusted) + { + result->merge(result, auth, FALSE); +-- +2.25.1 + diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb b/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb index 1b82dceac2f..b8d44db26bd 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb @@ -10,6 +10,7 @@ DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ file://0001-enum-Fix-compiler-warning.patch \ + file://CVE-2022-40617.patch \ " SRC_URI[sha256sum] = "91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7" From 2a9e9f919e0e09c39be71668534ada31f108b047 Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt Date: Sat, 12 Nov 2022 14:10:27 +0100 Subject: [PATCH 214/600] chrony: Remove the readline PACKAGECONFIG Support for readline was dropped in Chrony 4.2. Enabling the readline PACKAGECONFIG would result in no suppport for command line editing as only editline is supported and it would be disabled. Signed-off-by: Peter Kjellerstedt Signed-off-by: Armin Kuster --- .../recipes-support/chrony/chrony_4.2.bb | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/meta-networking/recipes-support/chrony/chrony_4.2.bb b/meta-networking/recipes-support/chrony/chrony_4.2.bb index 8ce9e1db553..dfa1ed86fd1 100644 --- a/meta-networking/recipes-support/chrony/chrony_4.2.bb +++ b/meta-networking/recipes-support/chrony/chrony_4.2.bb @@ -53,14 +53,6 @@ USERADD_PACKAGES = "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '${PN}', ' USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--system -d / -M --shell /bin/nologin chronyd;', '', d)}" # Configuration options: -# - For command line editing support in chronyc, you may specify either -# 'editline' or 'readline' but not both. editline is smaller, but -# many systems already have readline for other purposes so you might want -# to choose that instead. However, beware license incompatibility -# since chrony is GPLv2 and readline versions after 6.0 are GPLv3+. -# You can of course choose neither, but if you're that tight on space -# consider dropping chronyc entirely (you can use it remotely with -# appropriate chrony.conf options). # - Security-related: # - 'sechash' is omitted by default because it pulls in nss which is huge. # - 'privdrop' allows chronyd to run as non-root; would need changes to @@ -70,7 +62,6 @@ USERADD_PARAM:${PN} += "${@bb.utils.contains('PACKAGECONFIG', 'privdrop', '--sys PACKAGECONFIG ??= "editline \ ${@bb.utils.filter('DISTRO_FEATURES', 'ipv6', d)} \ " -PACKAGECONFIG[readline] = "--without-editline,--without-readline,readline" PACKAGECONFIG[editline] = ",--without-editline,libedit" PACKAGECONFIG[sechash] = "--without-tomcrypt,--disable-sechash,nss" PACKAGECONFIG[privdrop] = "--with-libcap,--disable-privdrop --without-libcap,libcap" @@ -79,6 +70,10 @@ PACKAGECONFIG[ipv6] = ",--disable-ipv6," PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap" +# This is left for backwards compatibility, to avoid breaking existing +# configurations. +PACKAGECONFIG[readline] = "" + # --disable-static isn't supported by chrony's configure script. DISABLE_STATIC = "" From 94d737223bf5f8c4fd035f73b5ff2b4b11b32c57 Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt Date: Sat, 12 Nov 2022 14:10:28 +0100 Subject: [PATCH 215/600] chrony: Remove the libcap and nss PACKAGECONFIGs There is no need for these configs on their own and they would only mess up the sechash and privdrop configs. To actually enable sechash one also had to enable nss, and to enable privdrop one also had to enable libcap. This also avoids passing --with-libcap if privdrop is enabled since the option does not exist. Signed-off-by: Peter Kjellerstedt Signed-off-by: Armin Kuster --- meta-networking/recipes-support/chrony/chrony_4.2.bb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/meta-networking/recipes-support/chrony/chrony_4.2.bb b/meta-networking/recipes-support/chrony/chrony_4.2.bb index dfa1ed86fd1..8d12cc75e29 100644 --- a/meta-networking/recipes-support/chrony/chrony_4.2.bb +++ b/meta-networking/recipes-support/chrony/chrony_4.2.bb @@ -64,14 +64,14 @@ PACKAGECONFIG ??= "editline \ " PACKAGECONFIG[editline] = ",--without-editline,libedit" PACKAGECONFIG[sechash] = "--without-tomcrypt,--disable-sechash,nss" -PACKAGECONFIG[privdrop] = "--with-libcap,--disable-privdrop --without-libcap,libcap" +PACKAGECONFIG[privdrop] = ",--disable-privdrop,libcap" PACKAGECONFIG[scfilter] = "--enable-scfilter,--without-seccomp,libseccomp" PACKAGECONFIG[ipv6] = ",--disable-ipv6," -PACKAGECONFIG[nss] = "--with-nss,--without-nss,nss" -PACKAGECONFIG[libcap] = "--with-libcap,--without-libcap,libcap" -# This is left for backwards compatibility, to avoid breaking existing +# These are left for backwards compatibility, to avoid breaking existing # configurations. +PACKAGECONFIG[libcap] = "" +PACKAGECONFIG[nss] = "" PACKAGECONFIG[readline] = "" # --disable-static isn't supported by chrony's configure script. From ba5ccfceb8bb63a127e70d84bfa95f8ccdca8233 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Wed, 16 Nov 2022 16:44:10 +0530 Subject: [PATCH 216/600] nginx: CVE-2022-41741, CVE-2022-41742 Memory corruption in the ngx_http_mp4_module Upstream-Status: Backport from https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../files/CVE-2022-41741-CVE-2022-41742.patch | 319 ++++++++++++++++++ .../recipes-httpd/nginx/nginx_1.20.1.bb | 4 +- 2 files changed, 322 insertions(+), 1 deletion(-) create mode 100644 meta-webserver/recipes-httpd/nginx/files/CVE-2022-41741-CVE-2022-41742.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2022-41741-CVE-2022-41742.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2022-41741-CVE-2022-41742.patch new file mode 100644 index 00000000000..d151256b37f --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2022-41741-CVE-2022-41742.patch @@ -0,0 +1,319 @@ +From 91a3b5302d6a2467df70d3b43450991a53f9946b Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati +Date: Wed, 16 Nov 2022 11:24:25 +0530 +Subject: [PATCH] CVE-2022-41741, CVE-2022-41742 + +Upstream-Status: Backport [https://github.com/nginx/nginx/commit/6b022a5556af22b6e18532e547a6ae46b0d8c6ea] +CVE: CVE-2022-41741, CVE-2022-41742 +Signed-off-by: Hitendra Prajapati + +Mp4: disabled duplicate atoms. + +Most atoms should not appear more than once in a container. Previously, +this was not enforced by the module, which could result in worker process +crash, memory corruption and disclosure. +--- + src/http/modules/ngx_http_mp4_module.c | 147 +++++++++++++++++++++++++ + 1 file changed, 147 insertions(+) + +diff --git a/src/http/modules/ngx_http_mp4_module.c b/src/http/modules/ngx_http_mp4_module.c +index 0e93fbd..4f4d89d 100644 +--- a/src/http/modules/ngx_http_mp4_module.c ++++ b/src/http/modules/ngx_http_mp4_module.c +@@ -1070,6 +1070,12 @@ ngx_http_mp4_read_ftyp_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + return NGX_ERROR; + } + ++ if (mp4->ftyp_atom.buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 ftyp atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size; + + ftyp_atom = ngx_palloc(mp4->request->pool, atom_size); +@@ -1128,6 +1134,12 @@ ngx_http_mp4_read_moov_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + return NGX_DECLINED; + } + ++ if (mp4->moov_atom.buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 moov atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + conf = ngx_http_get_module_loc_conf(mp4->request, ngx_http_mp4_module); + + if (atom_data_size > mp4->buffer_size) { +@@ -1195,6 +1207,12 @@ ngx_http_mp4_read_mdat_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "mp4 mdat atom"); + ++ if (mp4->mdat_atom.buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 mdat atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + data = &mp4->mdat_data_buf; + data->file = &mp4->file; + data->in_file = 1; +@@ -1321,6 +1339,12 @@ ngx_http_mp4_read_mvhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, mp4->file.log, 0, "mp4 mvhd atom"); + ++ if (mp4->mvhd_atom.buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 mvhd atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom_header = ngx_mp4_atom_header(mp4); + mvhd_atom = (ngx_mp4_mvhd_atom_t *) atom_header; + mvhd64_atom = (ngx_mp4_mvhd64_atom_t *) atom_header; +@@ -1586,6 +1610,13 @@ ngx_http_mp4_read_tkhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size; + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_TKHD_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 tkhd atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->tkhd_size = atom_size; + + ngx_mp4_set_32value(tkhd_atom->size, atom_size); +@@ -1624,6 +1655,12 @@ ngx_http_mp4_read_mdia_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_MDIA_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 mdia atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->mdia_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1747,6 +1784,13 @@ ngx_http_mp4_read_mdhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_size = sizeof(ngx_mp4_atom_header_t) + (size_t) atom_data_size; + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_MDHD_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 mdhd atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->mdhd_size = atom_size; + trak->timescale = timescale; + +@@ -1789,6 +1833,12 @@ ngx_http_mp4_read_hdlr_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_HDLR_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 hdlr atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->hdlr_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1817,6 +1867,12 @@ ngx_http_mp4_read_minf_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_MINF_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 minf atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->minf_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1860,6 +1916,15 @@ ngx_http_mp4_read_vmhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_VMHD_ATOM].buf ++ || trak->out[NGX_HTTP_MP4_SMHD_ATOM].buf) ++ { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 vmhd/smhd atom in \"%s\"", ++ mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->vmhd_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1891,6 +1956,15 @@ ngx_http_mp4_read_smhd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_VMHD_ATOM].buf ++ || trak->out[NGX_HTTP_MP4_SMHD_ATOM].buf) ++ { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 vmhd/smhd atom in \"%s\"", ++ mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->smhd_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1922,6 +1996,12 @@ ngx_http_mp4_read_dinf_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_DINF_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 dinf atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->dinf_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -1950,6 +2030,12 @@ ngx_http_mp4_read_stbl_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_STBL_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stbl atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->stbl_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -2018,6 +2104,12 @@ ngx_http_mp4_read_stsd_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + + trak = ngx_mp4_last_trak(mp4); + ++ if (trak->out[NGX_HTTP_MP4_STSD_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stsd atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + atom = &trak->stsd_atom_buf; + atom->temporary = 1; + atom->pos = atom_header; +@@ -2086,6 +2178,13 @@ ngx_http_mp4_read_stts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_end = atom_table + entries * sizeof(ngx_mp4_stts_entry_t); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STTS_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stts atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->time_to_sample_entries = entries; + + atom = &trak->stts_atom_buf; +@@ -2291,6 +2390,13 @@ ngx_http_mp4_read_stss_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + "sync sample entries:%uD", entries); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STSS_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stss atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->sync_samples_entries = entries; + + atom_table = atom_header + sizeof(ngx_http_mp4_stss_atom_t); +@@ -2489,6 +2595,13 @@ ngx_http_mp4_read_ctts_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + "composition offset entries:%uD", entries); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_CTTS_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 ctts atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->composition_offset_entries = entries; + + atom_table = atom_header + sizeof(ngx_mp4_ctts_atom_t); +@@ -2692,6 +2805,13 @@ ngx_http_mp4_read_stsc_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_end = atom_table + entries * sizeof(ngx_mp4_stsc_entry_t); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STSC_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stsc atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->sample_to_chunk_entries = entries; + + atom = &trak->stsc_atom_buf; +@@ -3024,6 +3144,13 @@ ngx_http_mp4_read_stsz_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + "sample uniform size:%uD, entries:%uD", size, entries); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STSZ_ATOM].buf) { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stsz atom in \"%s\"", mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->sample_sizes_entries = entries; + + atom_table = atom_header + sizeof(ngx_mp4_stsz_atom_t); +@@ -3207,6 +3334,16 @@ ngx_http_mp4_read_stco_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_end = atom_table + entries * sizeof(uint32_t); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STCO_ATOM].buf ++ || trak->out[NGX_HTTP_MP4_CO64_ATOM].buf) ++ { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stco/co64 atom in \"%s\"", ++ mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->chunks = entries; + + atom = &trak->stco_atom_buf; +@@ -3413,6 +3550,16 @@ ngx_http_mp4_read_co64_atom(ngx_http_mp4_file_t *mp4, uint64_t atom_data_size) + atom_end = atom_table + entries * sizeof(uint64_t); + + trak = ngx_mp4_last_trak(mp4); ++ ++ if (trak->out[NGX_HTTP_MP4_STCO_ATOM].buf ++ || trak->out[NGX_HTTP_MP4_CO64_ATOM].buf) ++ { ++ ngx_log_error(NGX_LOG_ERR, mp4->file.log, 0, ++ "duplicate mp4 stco/co64 atom in \"%s\"", ++ mp4->file.name.data); ++ return NGX_ERROR; ++ } ++ + trak->chunks = entries; + + atom = &trak->co64_atom_buf; +-- +2.25.1 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb index d686c627f2c..09a1b455918 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb @@ -1,6 +1,8 @@ require nginx.inc -SRC_URI += "file://CVE-2021-3618.patch" +SRC_URI += "file://CVE-2021-3618.patch \ + file://CVE-2022-41741-CVE-2022-41742.patch \ + " LIC_FILES_CHKSUM = "file://LICENSE;md5=206629dc7c7b3e87acb31162363ae505" From 1a2cc9656da5d8728f59b6823f1d9be96ca48f61 Mon Sep 17 00:00:00 2001 From: Zheng Qiu Date: Wed, 16 Nov 2022 16:28:24 -0500 Subject: [PATCH 217/600] redis: build with USE_SYSTEMD=yes when systemd is enabled Compile redis with full systemd support when the chosen init system is systemd. Enabling systemd supervision allows redis to communicate the actual server status (i.e. "Loading dataset", "Waiting for master<->replica sync") to systemd, instead of declaring readiness right after initializing the server process. Signed-off-by: Zheng Qiu Signed-off-by: Armin Kuster --- meta-oe/recipes-extended/redis/redis-7/redis.service | 1 + meta-oe/recipes-extended/redis/redis_7.0.4.bb | 8 ++++++-- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/meta-oe/recipes-extended/redis/redis-7/redis.service b/meta-oe/recipes-extended/redis/redis-7/redis.service index 36d29852da3..a52204cc701 100644 --- a/meta-oe/recipes-extended/redis/redis-7/redis.service +++ b/meta-oe/recipes-extended/redis/redis-7/redis.service @@ -9,6 +9,7 @@ ExecStart=/usr/bin/redis-server /etc/redis/redis.conf ExecStop=/usr/bin/redis-cli shutdown Restart=always LimitNOFILE=10032 +Type=notify [Install] WantedBy=multi-user.target diff --git a/meta-oe/recipes-extended/redis/redis_7.0.4.bb b/meta-oe/recipes-extended/redis/redis_7.0.4.bb index 993ff34b101..6eb65737685 100644 --- a/meta-oe/recipes-extended/redis/redis_7.0.4.bb +++ b/meta-oe/recipes-extended/redis/redis_7.0.4.bb @@ -35,7 +35,10 @@ USERADD_PACKAGES = "${PN}" USERADD_PARAM:${PN} = "--system --home-dir /var/lib/redis -g redis --shell /bin/false redis" GROUPADD_PARAM:${PN} = "--system redis" -REDIS_ON_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}" +PACKAGECONFIG = "${@bb.utils.filter('DISTRO_FEATURES', 'systemd', d)}" +PACKAGECONFIG[systemd] = "USE_SYSTEMD=yes,USE_SYSTEMD=no,systemd" + +EXTRA_OEMAKE += "${PACKAGECONFIG_CONFARGS}" do_compile:prepend() { (cd deps && oe_runmake hiredis lua linenoise) @@ -55,8 +58,9 @@ do_install() { install -m 0644 ${WORKDIR}/redis.service ${D}${systemd_system_unitdir} sed -i 's!/usr/sbin/!${sbindir}/!g' ${D}${systemd_system_unitdir}/redis.service - if [ "${REDIS_ON_SYSTEMD}" = true ]; then + if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)}; then sed -i 's!daemonize yes!# daemonize yes!' ${D}/${sysconfdir}/redis/redis.conf + sed -i 's!supervised no!supervised systemd!' ${D}/${sysconfdir}/redis/redis.conf fi } From a8369be5eecf8485619e018e788e04bd0efdffed Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Fri, 18 Nov 2022 11:49:15 +0000 Subject: [PATCH 218/600] python3-oauthlib: upgrade 3.2.0 -> 3.2.2 As per CVE reference, version 3.2.1 fixes the CVE-2022-36087 issue. But after upgrading the python3-oauthlib version to 3.2.1, observed that the vulnerable code lines are still available. The same observations were reported here in github at https://github.com/oauthlib/oauthlib/issues/837 and found that it was a mistake during 3.2.1 release preparation and due to which vulnerable code was still existing in 3.2.1 source code. To fix CVE-2022-36087 issue, we need to upgrade python3-oauthlib to 3.2.2 version and here are the changelog of version 3.2.2 https://github.com/oauthlib/oauthlib/blob/v3.2.2/CHANGELOG.rst Reference : https://nvd.nist.gov/vuln/detail/CVE-2022-36087 Upstream fix : https://github.com/oauthlib/oauthlib/commit/2e40b412c844ecc4673c3fa3f72181f228bdbacd Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-oauthlib_3.2.0.bb => python3-oauthlib_3.2.2.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-oauthlib_3.2.0.bb => python3-oauthlib_3.2.2.bb} (92%) diff --git a/meta-python/recipes-devtools/python/python3-oauthlib_3.2.0.bb b/meta-python/recipes-devtools/python/python3-oauthlib_3.2.2.bb similarity index 92% rename from meta-python/recipes-devtools/python/python3-oauthlib_3.2.0.bb rename to meta-python/recipes-devtools/python/python3-oauthlib_3.2.2.bb index e7f7f0b47bc..566279d71c5 100644 --- a/meta-python/recipes-devtools/python/python3-oauthlib_3.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-oauthlib_3.2.2.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/idan/oauthlib" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=abd2675e944a2011aed7e505290ba482" -SRC_URI[sha256sum] = "23a8208d75b902797ea29fd31fa80a15ed9dc2c6c16fe73f5d346f83f6fa27a2" +SRC_URI[sha256sum] = "9859c40929662bec5d64f34d01c99e093149682a3f38915dc0655d5a633dd918" inherit pypi setuptools3 From 08b6b6846a84d9a0459f42d1d730c9ea1d50c43f Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Fri, 18 Nov 2022 18:27:18 +0000 Subject: [PATCH 219/600] Nodejs - Upgrade to 16.18.1 * Drop Openssl legacy provider patch and install both binaries patch which are already available in 16.x * Refresh native binaries patch against 16.x base Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../oe-npm-cache | 0 ....14.bb => nodejs-oe-cache-native_16.18.bb} | 0 ...patch => 0001-Using-native-binaries.patch} | 40 +++-- ...Install-both-binaries-and-use-libdir.patch | 96 ----------- ...5-add-openssl-legacy-provider-option.patch | 151 ------------------ .../{nodejs_16.14.2.bb => nodejs_16.18.1.bb} | 8 +- 6 files changed, 27 insertions(+), 268 deletions(-) rename meta-oe/recipes-devtools/nodejs/{nodejs-oe-cache-16.14 => nodejs-oe-cache-16.18}/oe-npm-cache (100%) rename meta-oe/recipes-devtools/nodejs/{nodejs-oe-cache-native_16.14.bb => nodejs-oe-cache-native_16.18.bb} (100%) rename meta-oe/recipes-devtools/nodejs/nodejs/{0002-Using-native-binaries.patch => 0001-Using-native-binaries.patch} (70%) delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch delete mode 100644 meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch rename meta-oe/recipes-devtools/nodejs/{nodejs_16.14.2.bb => nodejs_16.18.1.bb} (94%) diff --git a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.18/oe-npm-cache similarity index 100% rename from meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.14/oe-npm-cache rename to meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-16.18/oe-npm-cache diff --git a/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb b/meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.18.bb similarity index 100% rename from meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.14.bb rename to meta-oe/recipes-devtools/nodejs/nodejs-oe-cache-native_16.18.bb diff --git a/meta-oe/recipes-devtools/nodejs/nodejs/0002-Using-native-binaries.patch b/meta-oe/recipes-devtools/nodejs/nodejs/0001-Using-native-binaries.patch similarity index 70% rename from meta-oe/recipes-devtools/nodejs/nodejs/0002-Using-native-binaries.patch rename to meta-oe/recipes-devtools/nodejs/nodejs/0001-Using-native-binaries.patch index 8db1f1dd545..445aaf8398c 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs/0002-Using-native-binaries.patch +++ b/meta-oe/recipes-devtools/nodejs/nodejs/0001-Using-native-binaries.patch @@ -3,14 +3,17 @@ From: Guillaume Burel Date: Fri, 3 Jan 2020 11:25:54 +0100 Subject: [PATCH] Using native binaries +Signed-off-by: Archana Polampalli --- - node.gyp | 4 ++-- - tools/v8_gypfiles/v8.gyp | 11 ++++------- - 2 files changed, 6 insertions(+), 9 deletions(-) + node.gyp | 2 ++ + tools/v8_gypfiles/v8.gyp | 5 +++++ + 2 files changed, 7 insertions(+) +diff --git a/node.gyp b/node.gyp +index 24505da7ba..7d41bd52db 100644 --- a/node.gyp +++ b/node.gyp -@@ -294,6 +294,7 @@ +@@ -319,6 +319,7 @@ 'action_name': 'run_mkcodecache', 'process_outputs_as_sources': 1, 'inputs': [ @@ -18,14 +21,16 @@ Subject: [PATCH] Using native binaries '<(mkcodecache_exec)', ], 'outputs': [ -@@ -319,6 +320,7 @@ - 'action_name': 'node_mksnapshot', - 'process_outputs_as_sources': 1, - 'inputs': [ -+ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', - '<(node_mksnapshot_exec)', - ], - 'outputs': [ +@@ -366,6 +367,7 @@ + 'action_name': 'node_mksnapshot', + 'process_outputs_as_sources': 1, + 'inputs': [ ++ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', + '<(node_mksnapshot_exec)', + ], + 'outputs': [ +diff --git a/tools/v8_gypfiles/v8.gyp b/tools/v8_gypfiles/v8.gyp +index ed042f8829..371b8e02c2 100644 --- a/tools/v8_gypfiles/v8.gyp +++ b/tools/v8_gypfiles/v8.gyp @@ -68,6 +68,7 @@ @@ -40,11 +45,11 @@ Subject: [PATCH] Using native binaries '<@(torque_outputs_inc)', ], 'action': [ -+ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', ++ '<(PRODUCT_DIR)/v8-qemu-wrapper.sh', '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)torque<(EXECUTABLE_SUFFIX)', '-o', '<(SHARED_INTERMEDIATE_DIR)/torque-generated', '-v8-root', '<(V8_ROOT)', -@@ -225,6 +227,7 @@ +@@ -211,6 +213,7 @@ { 'action_name': 'generate_bytecode_builtins_list_action', 'inputs': [ @@ -52,7 +57,7 @@ Subject: [PATCH] Using native binaries '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)bytecode_builtins_list_generator<(EXECUTABLE_SUFFIX)', ], 'outputs': [ -@@ -415,6 +418,7 @@ +@@ -395,6 +398,7 @@ ], }, 'inputs': [ @@ -60,7 +65,7 @@ Subject: [PATCH] Using native binaries '<(mksnapshot_exec)', ], 'outputs': [ -@@ -1548,6 +1552,7 @@ +@@ -1513,6 +1517,7 @@ { 'action_name': 'run_gen-regexp-special-case_action', 'inputs': [ @@ -68,3 +73,6 @@ Subject: [PATCH] Using native binaries '<(PRODUCT_DIR)/<(EXECUTABLE_PREFIX)gen-regexp-special-case<(EXECUTABLE_SUFFIX)', ], 'outputs': [ +-- +2.34.1 + diff --git a/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch b/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch deleted file mode 100644 index 5cb2e97015e..00000000000 --- a/meta-oe/recipes-devtools/nodejs/nodejs/0002-Install-both-binaries-and-use-libdir.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 62ddf8499747fb1e366477d666c0634ad50039a9 Mon Sep 17 00:00:00 2001 -From: Elliott Sales de Andrade -Date: Tue, 19 Mar 2019 23:22:40 -0400 -Subject: [PATCH 2/2] Install both binaries and use libdir. - -This allows us to build with a shared library for other users while -still providing the normal executable. - -Taken from - https://src.fedoraproject.org/rpms/nodejs/raw/rawhide/f/0002-Install-both-binaries-and-use-libdir.patch - -Upstream-Status: Pending - -Signed-off-by: Elliott Sales de Andrade -Signed-off-by: Andreas Müller -Signed-off-by: Khem Raj ---- - configure.py | 7 +++++++ - tools/install.py | 21 +++++++++------------ - 2 files changed, 16 insertions(+), 12 deletions(-) - -diff --git a/configure.py b/configure.py -index 6efb98c2316f089f3167e486282593245373af3f..a6d2ec939e4480dfae703f3978067537abf9f0f0 100755 ---- a/configure.py -+++ b/configure.py -@@ -721,10 +721,16 @@ parser.add_argument('--shared', - dest='shared', - default=None, - help='compile shared library for embedding node in another project. ' + - '(This mode is not officially supported for regular applications)') - -+parser.add_argument('--libdir', -+ action='store', -+ dest='libdir', -+ default='lib', -+ help='a directory to install the shared library into') -+ - parser.add_argument('--without-v8-platform', - action='store_true', - dest='without_v8_platform', - default=False, - help='do not initialize v8 platform during node.js startup. ' + -@@ -1305,10 +1311,11 @@ def configure_node(o): - o['variables']['debug_nghttp2'] = 'false' - - o['variables']['node_no_browser_globals'] = b(options.no_browser_globals) - - o['variables']['node_shared'] = b(options.shared) -+ o['variables']['libdir'] = options.libdir - node_module_version = getmoduleversion.get_version() - - if options.dest_os == 'android': - shlib_suffix = 'so' - elif sys.platform == 'darwin': -diff --git a/tools/install.py b/tools/install.py -index 41cc1cbc60a9480cc08df3aa0ebe582c2becc3a2..11208f9e7166ab60da46d5ace2257c239a7e9263 100755 ---- a/tools/install.py -+++ b/tools/install.py -@@ -128,26 +128,23 @@ def subdir_files(path, dest, action): - for subdir, files_in_path in ret.items(): - action(files_in_path, subdir + '/') - - def files(action): - is_windows = sys.platform == 'win32' -- output_file = 'node' - output_prefix = 'out/Release/' -+ output_libprefix = output_prefix - -- if 'false' == variables.get('node_shared'): -- if is_windows: -- output_file += '.exe' -+ if is_windows: -+ output_bin = 'node.exe' -+ output_lib = 'node.dll' - else: -- if is_windows: -- output_file += '.dll' -- else: -- output_file = 'lib' + output_file + '.' + variables.get('shlib_suffix') -+ output_bin = 'node' -+ output_lib = 'libnode.' + variables.get('shlib_suffix') - -- if 'false' == variables.get('node_shared'): -- action([output_prefix + output_file], 'bin/' + output_file) -- else: -- action([output_prefix + output_file], 'lib/' + output_file) -+ action([output_prefix + output_bin], 'bin/' + output_bin) -+ if 'true' == variables.get('node_shared'): -+ action([output_libprefix + output_lib], variables.get('libdir') + '/' + output_lib) - - if 'true' == variables.get('node_use_dtrace'): - action(['out/Release/node.d'], 'lib/dtrace/node.d') - - # behave similarly for systemtap --- -2.33.0 - diff --git a/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch b/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch deleted file mode 100644 index 4d238c03f47..00000000000 --- a/meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch +++ /dev/null @@ -1,151 +0,0 @@ -From 86d1c0cc6a5dcf57e413a1cc1c29203e87cf9a14 Mon Sep 17 00:00:00 2001 -From: Daniel Bevenius -Date: Sat, 16 Oct 2021 08:50:16 +0200 -Subject: [PATCH] src: add --openssl-legacy-provider option - -This commit adds an option to Node.js named --openssl-legacy-provider -and if specified will load OpenSSL 3.0 Legacy provider. - -$ ./node --help -... ---openssl-legacy-provider enable OpenSSL 3.0 legacy provider - -Example usage: - -$ ./node --openssl-legacy-provider -p 'crypto.createHash("md4")' -Hash { - _options: undefined, - [Symbol(kHandle)]: Hash {}, - [Symbol(kState)]: { [Symbol(kFinalized)]: false } -} - -Co-authored-by: Richard Lau -Signed-off-by: Signed-off-by: Andrej Valek -Upstream-Status: Backport [https://github.com/nodejs/node/issues/40455] ---- - doc/api/cli.md | 10 ++++++++++ - src/crypto/crypto_util.cc | 10 ++++++++++ - src/node_options.cc | 10 ++++++++++ - src/node_options.h | 7 +++++++ - .../test-process-env-allowed-flags-are-documented.js | 5 +++++ - 5 files changed, 42 insertions(+) - -diff --git a/doc/api/cli.md b/doc/api/cli.md -index 74057706bf8d..608b9cdeddf1 100644 ---- a/doc/api/cli.md -+++ b/doc/api/cli.md -@@ -687,6 +687,14 @@ Load an OpenSSL configuration file on startup. Among other uses, this can be - used to enable FIPS-compliant crypto if Node.js is built - against FIPS-enabled OpenSSL. - -+### `--openssl-legacy-provider` -+ -+ -+Enable OpenSSL 3.0 legacy provider. For more information please see -+[providers readme][]. -+ - ### `--pending-deprecation` - - >=1.2.0 <1.3.0-0 + // ~1.2.3, ~>1.2.3 --> >=1.2.3 <1.3.0-0 + // ~1.2.0, ~>1.2.0 --> >=1.2.0 <1.3.0-0 +-const replaceTildes = (comp, options) => +- comp.trim().split(/\s+/).map((c) => { +- return replaceTilde(c, options) +- }).join(' ') ++const replaceTildes = (comp, options) => { ++ return comp ++ .trim() ++ .split(/\s+/) ++ .map((c) => replaceTilde(c, options)) ++ .join(' ') ++} + + const replaceTilde = (comp, options) => { + const r = options.loose ? re[t.TILDELOOSE] : re[t.TILDE] +@@ -291,10 +294,13 @@ const replaceTilde = (comp, options) => { + // ^1.2, ^1.2.x --> >=1.2.0 <2.0.0-0 + // ^1.2.3 --> >=1.2.3 <2.0.0-0 + // ^1.2.0 --> >=1.2.0 <2.0.0-0 +-const replaceCarets = (comp, options) => +- comp.trim().split(/\s+/).map((c) => { +- return replaceCaret(c, options) +- }).join(' ') ++const replaceCarets = (comp, options) => { ++ return comp ++ .trim() ++ .split(/\s+/) ++ .map((c) => replaceCaret(c, options)) ++ .join(' ') ++} + + const replaceCaret = (comp, options) => { + debug('caret', comp, options) +@@ -351,9 +357,10 @@ const replaceCaret = (comp, options) => { + + const replaceXRanges = (comp, options) => { + debug('replaceXRanges', comp, options) +- return comp.split(/\s+/).map((c) => { +- return replaceXRange(c, options) +- }).join(' ') ++ return comp ++ .split(/\s+/) ++ .map((c) => replaceXRange(c, options)) ++ .join(' ') + } + + const replaceXRange = (comp, options) => { +@@ -436,12 +443,15 @@ const replaceXRange = (comp, options) => { + const replaceStars = (comp, options) => { + debug('replaceStars', comp, options) + // Looseness is ignored here. star is always as loose as it gets! +- return comp.trim().replace(re[t.STAR], '') ++ return comp ++ .trim() ++ .replace(re[t.STAR], '') + } + + const replaceGTE0 = (comp, options) => { + debug('replaceGTE0', comp, options) +- return comp.trim() ++ return comp ++ .trim() + .replace(re[options.includePrerelease ? t.GTE0PRE : t.GTE0], '') + } + +@@ -479,7 +489,7 @@ const hyphenReplace = incPr => ($0, + to = `<=${to}` + } + +- return (`${from} ${to}`).trim() ++ return `${from} ${to}`.trim() + } + + const testSet = (set, version, options) => { +diff --git a/deps/npm/node_modules/semver/classes/semver.js b/deps/npm/node_modules/semver/classes/semver.js +index af62955..ad4e877 100644 +--- a/deps/npm/node_modules/semver/classes/semver.js ++++ b/deps/npm/node_modules/semver/classes/semver.js +@@ -1,6 +1,6 @@ + const debug = require('../internal/debug') + const { MAX_LENGTH, MAX_SAFE_INTEGER } = require('../internal/constants') +-const { re, t } = require('../internal/re') ++const { safeRe: re, t } = require('../internal/re') + + const parseOptions = require('../internal/parse-options') + const { compareIdentifiers } = require('../internal/identifiers') +diff --git a/deps/npm/node_modules/semver/functions/coerce.js b/deps/npm/node_modules/semver/functions/coerce.js +index 2e01452..febbff9 100644 +--- a/deps/npm/node_modules/semver/functions/coerce.js ++++ b/deps/npm/node_modules/semver/functions/coerce.js +@@ -1,6 +1,6 @@ + const SemVer = require('../classes/semver') + const parse = require('./parse') +-const { re, t } = require('../internal/re') ++const { safeRe: re, t } = require('../internal/re') + + const coerce = (version, options) => { + if (version instanceof SemVer) { +diff --git a/deps/npm/node_modules/semver/internal/re.js b/deps/npm/node_modules/semver/internal/re.js +index ed88398..f73ef1a 100644 +--- a/deps/npm/node_modules/semver/internal/re.js ++++ b/deps/npm/node_modules/semver/internal/re.js +@@ -4,16 +4,27 @@ exports = module.exports = {} + + // The actual regexps go on exports.re + const re = exports.re = [] ++const safeRe = exports.safeRe = [] + const src = exports.src = [] + const t = exports.t = {} + let R = 0 + + const createToken = (name, value, isGlobal) => { ++ // Replace all greedy whitespace to prevent regex dos issues. These regex are ++ // used internally via the safeRe object since all inputs in this library get ++ // normalized first to trim and collapse all extra whitespace. The original ++ // regexes are exported for userland consumption and lower level usage. A ++ // future breaking change could export the safer regex only with a note that ++ // all input should have extra whitespace removed. ++ const safe = value ++ .split('\\s*').join('\\s{0,1}') ++ .split('\\s+').join('\\s') + const index = R++ + debug(name, index, value) + t[name] = index + src[index] = value + re[index] = new RegExp(value, isGlobal ? 'g' : undefined) ++ safeRe[index] = new RegExp(safe, isGlobal ? 'g' : undefined) + } + + // The following Regular Expressions can be used for tokenizing, +diff --git a/deps/npm/node_modules/semver/package.json b/deps/npm/node_modules/semver/package.json +index 7898f59..d8ae619 100644 +--- a/deps/npm/node_modules/semver/package.json ++++ b/deps/npm/node_modules/semver/package.json +@@ -40,7 +40,7 @@ + "range.bnf" + ], + "tap": { +- "check-coverage": true, ++ "timeout": 30, + "coverage-map": "map.js" + }, + "engines": { +-- +2.40.0 diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb index 4761bfb14fc..16593a0fe6e 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb +++ b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb @@ -26,6 +26,7 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \ file://0001-liftoff-Correct-function-signatures.patch \ file://0001-mips-Use-32bit-cast-for-operand-on-mips32.patch \ file://0001-Nodejs-Fixed-pipes-DeprecationWarning.patch \ + file://CVE-2022-25883.patch \ " SRC_URI:append:class-target = " \ file://0001-Using-native-binaries.patch \ From 68354157744e108f7b64a88badac952091f21fd6 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Mon, 4 Sep 2023 13:08:50 +0200 Subject: [PATCH 455/600] libiio: use main branch instead of master * the branch was renamed upstream Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libiio/libiio_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libiio/libiio_git.bb b/meta-oe/recipes-support/libiio/libiio_git.bb index bb253f421ab..612dd897be0 100644 --- a/meta-oe/recipes-support/libiio/libiio_git.bb +++ b/meta-oe/recipes-support/libiio/libiio_git.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://COPYING.txt;md5=7c13b3376cea0ce68d2d2da0a1b3a72c" SRCREV = "92d6a35f3d8d721cda7d6fe664b435311dd368b4" PV = "0.23" -SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https;branch=master \ +SRC_URI = "git://github.com/analogdevicesinc/libiio.git;protocol=https;branch=main \ file://0001-CMake-Move-include-CheckCSourceCompiles-before-its-m.patch \ " UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" From f67e45668ee0459f03584f658d4237810420f3fd Mon Sep 17 00:00:00 2001 From: Sourav Kumar Pramanik Date: Mon, 4 Sep 2023 18:02:19 +0530 Subject: [PATCH 456/600] meta-oe-components: Avoid usage of nobranch=1 The usage of nobranch=1 in SRC_URI allows using unprotected branches. This change updates the real branch name in place of nobranch=1 for these components. Signed-off-by: Sourav Kumar Pramanik Signed-off-by: Armin Kuster --- meta-gnome/recipes-connectivity/geary/geary_40.0.bb | 2 +- meta-networking/recipes-connectivity/libdnet/libdnet_1.14.bb | 2 +- .../dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb | 2 +- meta-oe/recipes-graphics/lvgl/lv-drivers_7.11.0.bb | 2 +- meta-oe/recipes-graphics/lvgl/lv-lib-png_8.0.2.bb | 2 +- meta-oe/recipes-graphics/lvgl/lvgl_8.1.0.bb | 2 +- meta-oe/recipes-support/glog/glog_0.5.0.bb | 2 +- meta-oe/recipes-support/libmxml/libmxml_3.3.bb | 2 +- 8 files changed, 8 insertions(+), 8 deletions(-) diff --git a/meta-gnome/recipes-connectivity/geary/geary_40.0.bb b/meta-gnome/recipes-connectivity/geary/geary_40.0.bb index 501b27a544e..7faa69c55c6 100644 --- a/meta-gnome/recipes-connectivity/geary/geary_40.0.bb +++ b/meta-gnome/recipes-connectivity/geary/geary_40.0.bb @@ -33,7 +33,7 @@ RDEPENDS:${PN} = "gnome-keyring" inherit meson pkgconfig mime-xdg gtk-icon-cache gobject-introspection vala features_check SRC_URI = " \ - git://github.com/GNOME/geary.git;nobranch=1;protocol=https \ + git://github.com/GNOME/geary.git;branch=main;protocol=https \ file://0001-Util.Cache.Lru-Workaround-missing-generic-type-argum.patch \ file://0002-Fix-accessibility-issues-with-initializer-of-constan.patch \ " diff --git a/meta-networking/recipes-connectivity/libdnet/libdnet_1.14.bb b/meta-networking/recipes-connectivity/libdnet/libdnet_1.14.bb index 9f2ff515767..c7cd21b6bf9 100644 --- a/meta-networking/recipes-connectivity/libdnet/libdnet_1.14.bb +++ b/meta-networking/recipes-connectivity/libdnet/libdnet_1.14.bb @@ -4,7 +4,7 @@ SECTION = "libs" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE;md5=0036c1b155f4e999f3e0a373490b5db9" -SRC_URI = "git://github.com/dugsong/libdnet.git;nobranch=1;protocol=https" +SRC_URI = "git://github.com/dugsong/libdnet.git;branch=master;protocol=https" SRCREV = "3e782472d2a58d5e1b94d04eda4a364c2d257600" UPSTREAM_CHECK_GITTAGREGEX = "libdnet-(?P\d+(\.\d+)+)" diff --git a/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb b/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb index 7bca24cc0a0..b59fc1bc95b 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb +++ b/meta-oe/dynamic-layers/meta-python/recipes-bsp/rwmem/rwmem_1.2.bb @@ -22,7 +22,7 @@ SRCREV_FORMAT = "rwmem_inih" SRC_URI = " \ git://github.com/tomba/rwmem.git;protocol=https;name=rwmem;branch=master \ - git://github.com/benhoyt/inih.git;protocol=https;name=inih;nobranch=1;destsuffix=git/ext/inih \ + git://github.com/benhoyt/inih.git;protocol=https;name=inih;branch=master;destsuffix=git/ext/inih \ " S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-graphics/lvgl/lv-drivers_7.11.0.bb b/meta-oe/recipes-graphics/lvgl/lv-drivers_7.11.0.bb index cf33c69048d..7f93f704e0f 100644 --- a/meta-oe/recipes-graphics/lvgl/lv-drivers_7.11.0.bb +++ b/meta-oe/recipes-graphics/lvgl/lv-drivers_7.11.0.bb @@ -9,7 +9,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=d6fc0df890c5270ef045981b516bb8f2" # TODO: Pin upstream release (current v7.11.0-80-g419a757) -SRC_URI = "git://github.com/lvgl/lv_drivers;protocol=https;nobranch=1" +SRC_URI = "git://github.com/lvgl/lv_drivers;protocol=https;branch=master" SRCREV = "419a757c23aaa67c676fe3a2196d64808fcf2254" DEPENDS = "libxkbcommon lvgl wayland" diff --git a/meta-oe/recipes-graphics/lvgl/lv-lib-png_8.0.2.bb b/meta-oe/recipes-graphics/lvgl/lv-lib-png_8.0.2.bb index 22b4826403e..0049bbe2374 100644 --- a/meta-oe/recipes-graphics/lvgl/lv-lib-png_8.0.2.bb +++ b/meta-oe/recipes-graphics/lvgl/lv-lib-png_8.0.2.bb @@ -8,7 +8,7 @@ DESCRIPTION = "Allow the use of PNG images in LVGL. This implementation uses lod LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=d6fc0df890c5270ef045981b516bb8f2" -SRC_URI = "git://github.com/lvgl/lv_lib_png;;protocol=https;nobranch=1" +SRC_URI = "git://github.com/lvgl/lv_lib_png;;protocol=https;branch=master" SRCREV = "bf1531afe07c9f861107559e29ab8a2d83e4715a" S = "${WORKDIR}/git" diff --git a/meta-oe/recipes-graphics/lvgl/lvgl_8.1.0.bb b/meta-oe/recipes-graphics/lvgl/lvgl_8.1.0.bb index ea74c591857..0021da01fb3 100644 --- a/meta-oe/recipes-graphics/lvgl/lvgl_8.1.0.bb +++ b/meta-oe/recipes-graphics/lvgl/lvgl_8.1.0.bb @@ -8,7 +8,7 @@ SUMMARY = "Light and Versatile Graphics Library" LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENCE.txt;md5=bf1198c89ae87f043108cea62460b03a" -SRC_URI = "gitsm://github.com/lvgl/lvgl;protocol=https;nobranch=1" +SRC_URI = "gitsm://github.com/lvgl/lvgl;protocol=https;branch=master" SRCREV = "d38eb1e689fa5a64c25e677275172d9c8a4ab2f0" REQUIRED_DISTRO_FEATURES = "wayland" diff --git a/meta-oe/recipes-support/glog/glog_0.5.0.bb b/meta-oe/recipes-support/glog/glog_0.5.0.bb index 61581d96d70..f0b12939651 100644 --- a/meta-oe/recipes-support/glog/glog_0.5.0.bb +++ b/meta-oe/recipes-support/glog/glog_0.5.0.bb @@ -7,7 +7,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=dc9db360e0bbd4e46672f3fd91dd6c4b" SRC_URI = " \ - git://github.com/google/glog.git;nobranch=1;protocol=https \ + git://github.com/google/glog.git;branch=master;protocol=https \ file://libexecinfo.patch \ " diff --git a/meta-oe/recipes-support/libmxml/libmxml_3.3.bb b/meta-oe/recipes-support/libmxml/libmxml_3.3.bb index c8e21677954..5169337f581 100644 --- a/meta-oe/recipes-support/libmxml/libmxml_3.3.bb +++ b/meta-oe/recipes-support/libmxml/libmxml_3.3.bb @@ -4,7 +4,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=86d3f3a95c324c9479bd8986968f4327" HOMEPAGE = "https://www.msweet.org/mxml/" BUGTRACKER = "https://github.com/michaelrsweet/mxml/issues" -SRC_URI = "git://github.com/michaelrsweet/mxml.git;nobranch=1;protocol=https" +SRC_URI = "git://github.com/michaelrsweet/mxml.git;branch=master;protocol=https" SRCREV = "0237559fdbcecae34157b547aa2b99e12de305a2" S = "${WORKDIR}/git" From 0ea4684032e4b79a7d8db7c2fdb0dcc6779344dd Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Fri, 30 Dec 2022 13:01:15 +0800 Subject: [PATCH 457/600] tcpdump: upgrade 4.99.1 -> 4.99.2 Changelog: ========== Updated printers: ----------------- BGP: Update cease notification decoding to RFC 9003. BGP: decode BGP link-bandwidth extended community properly. BGP: Fix parsing the AIGP attribute BGP: make sure the path attributes don't go past the end of the packet. BGP: Shutdown message can be up to 255 bytes length according to rfc9003 DSA: correctly determine VID. EAP: fix some length checks and output issues. 802.11: Fix the misleading comment regarding "From DS", "To DS" Frame Control Flags. 802.11: Fetch the CF and TIM IEs a field at a time. 802.15.4, BGP, LISP: fix some length checks, compiler warnings, and undefined behavior warnings. PFLOG: handle LINKTYPE_PFLOG/DLT_PFLOG files from all OSes on all OSes. RRCP: support more Realtek protocols than just RRCP. MPLS: show the EXP field as TC, as per RFC 5462. ICMP: redo MPLS Extension code as general ICMP Extension code. VQP: Do not print unknown error codes twice. Juniper: Add some bounds checks. Juniper: Don't treat known DLT_ types as "Unknown". lwres: Fix a length check, update a variable type. EAP: Fix some undefined behaviors at runtime. Ethernet: Rework the length checks, add a length check. IPX: Add two length checks. Zephyr: Avoid printing non-ASCII characters. VRRP: Print the protocol name before any GET_(). DCCP: Get rid of trailing commas in lists. Juniper: Report invalid packets as invalid, not truncated. IPv6: Remove an obsolete code in an always-false #if wrapper. ISAKMP: Use GET_U_1() to replace a direct dereference. RADIUS: Use GET_U_1() to replace a direct dereference. TCP: Fix an invalid check. RESP: Fix an invalid check. RESP: Remove an unnecessary test. Arista: Refine the output format and print HwInfo. sFlow: add support for IPv6 agent, add a length check. VRRP: add support for IPv6. OSPF: Update to match the Router Properties registry. OSPF: Remove two unnecessary dereferences. OSPF: Add support bit Nt RFC3101. OSPFv3: Remove two unnecessary dereferences. ICMPv6: Fix output for Router Renumbering messages. ICMPv6: Fix the Node Information flags. ICMPv6: Remove an unused macro and extra blank lines. ICMPv6: Add a length check in the rpl_dio_print() function. ICMPv6: Use GET_IP6ADDR_STRING() in the rpl_dio_print() function. IPv6: Add some checks for the Hop-by-Hop Options header IPv6: Add a check for the Jumbo Payload Hop-by-Hop option. NFS: Fix the format for printing an unsigned int PTP: fix printing of the correction fields PTP: Use ND_LCHECK_U for checking invalid length. WHOIS: Add its own printer source file and printer function MPTCP: print length before subtype inside MPTCP options ESP: Add a workaround to a "use-of-uninitialized-value". PPP: Add tests to avoid incorrectly re-entering ppp_hdlc(). PPP: Don't process further if protocol is unknown (-e option). PPP: Change the pointer to packet data. ZEP: Add three length checks. Add some const qualifiers. Building and testing: ---------------------- Update config.guess and config.sub. Use AS_HELP_STRING macro instead of AC_HELP_STRING. Handle some Autoconf/make errors better. Fix an error when cross-compiling. Use "git archive" for the "make releasetar" process. Remove the release candidate rcX targets. Mend "make check" on Solaris 9 with Autoconf. Address assorted compiler warnings. Fix auto-enabling of Capsicum on FreeBSD with Autoconf. Treat "msys" as Windows for test exit statuses. Clean up some help messages in configure. Use unified diff by default. Remove awk code from mkdep. Fix configure test errors with Clang 15 CMake: Prevent stripping of the RPATH on installation. AppVeyor CI: update Npcap site, update to 1.12 SDK. Cirrus CI: Use the same configuration as for the main branch. CI: Add back running tcpdump -J/-L and capture, now with Cirrus VMs. Remove four test files (They are now in the libpcap tests directory). On Solaris, for 64-bit builds, use the 64-bit pcap-config. Tell CMake not to check for a C++ compiler. CMake: Add a way to request -Werror and equivalents. configure: Special-case macOS /usr/bin/pcap-config as we do in CMake. configure: Use pcap-config --static-pcap-only if available. configure: Use ac_c_werror_flag to force unknown compiler flags to fail. configure: Use AC_COMPILE_IFELSE() and AC_LANG_SOURCE() for testing flags. Run the test that fails on OpenBSD only if we're not on OpenBSD. Source code: ------------- Fix some snapend-changing routines to protect against pointer underflow. Use __func__ from C99 in some function calls. Memory allocator: Update nd_add_alloc_list() to a static function. addrtoname.c: Fix two invalid tests. Use more S_SUCCESS and S_ERR_HOST_PROGRAM in main(). Add some comments about "don't use GET_IP6ADDR_STRING()". Assign ndo->ndo_packetp in pretty_print_packet(). Add ND_LCHECKMSG_U, ND_LCHECK_U, ND_LCHECKMSG_ZU and ND_LCHECK_ZU macros. Update tok2strbuf() to a static function. netdissect.h: Keep the link-layer dissectors names sorted. setsignal(): Set SA_RESTART on non-lethal signals (REQ_INFO, FLUSH_PCAP) to avoid corrupting binary pcap output. Use __builtin_unreachable(). Fail if nd_push_buffer() or nd_push_snaplen() fails. Improve code style and fix many typos. Documentation: --------------- Some man page cleanups. Update the print interface for the packet count to stdout. Note that we require compilers to support at least some of C99. Update AIX and Solaris-related specifics. INSTALL.txt: Add doc/README.*, delete the deleted win32 directory. Update README.md and README.Win32.md. Update some comments with new RFC numbers. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 68db0a388005c319784ec3b6ca533d0d9a142554) Signed-off-by: Armin Kuster --- .../tcpdump/{tcpdump_4.99.1.bb => tcpdump_4.99.2.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-networking/recipes-support/tcpdump/{tcpdump_4.99.1.bb => tcpdump_4.99.2.bb} (90%) diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.1.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb similarity index 90% rename from meta-networking/recipes-support/tcpdump/tcpdump_4.99.1.bb rename to meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb index 322a826f07f..0a541acfea1 100644 --- a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.1.bb +++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb @@ -26,8 +26,7 @@ SRC_URI = " \ file://run-ptest \ " -SRC_URI[md5sum] = "929a255c71a9933608bd7c31927760f7" -SRC_URI[sha256sum] = "79b36985fb2703146618d87c4acde3e068b91c553fb93f021a337f175fd10ebe" +SRC_URI[sha256sum] = "f4304357d34b79d46f4e17e654f1f91f9ce4e3d5608a1badbd53295a26fb44d5" UPSTREAM_CHECK_REGEX = "tcpdump-(?P\d+(\.\d+)+)\.tar" From 3e0b67a4fcdc55f7cdfe4b2e345745c6cd400e56 Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Tue, 17 Jan 2023 15:26:17 +0800 Subject: [PATCH 458/600] tcpdump: upgrade 4.99.2 -> 4.99.3 Changelog: ========== Updated printers: PTP: Use the proper values for the control field and print un-allocated values for the message field as "Reserved" instead of "none". Source code: smbutil.c: Replace obsolete function call (asctime) Building and testing: cmake: Update the minimum required version to 2.8.12 (except Windows). CI: Introduce and use TCPDUMP_CMAKE_TAINTED. Makefile.in: Add the releasecheck target. Makefile.in: Add "make -s install" in the releasecheck target. Cirrus CI: Run the "make releasecheck" command in the Linux task. Makefile.in: Add the whitespacecheck target. Cirrus CI: Run the "make whitespacecheck" command in the Linux task. Address all shellcheck warnings in update-test.sh. Makefile.in: Get rid of a remain of gnuc.h. Documentation: Reformat the installation notes (INSTALL.txt) in Markdown. Convert CONTRIBUTING to Markdown. CONTRIBUTING.md: Document the use of "protocol: " in a commit summary. Add a README file for NetBSD. Fix CMake build to set man page section numbers in tcpdump.1 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit dab75037cc9c4a5674e08c3a55fff172fd6eba75) Signed-off-by: Armin Kuster --- .../tcpdump/{tcpdump_4.99.2.bb => tcpdump_4.99.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/tcpdump/{tcpdump_4.99.2.bb => tcpdump_4.99.3.bb} (93%) diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb similarity index 93% rename from meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb rename to meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb index 0a541acfea1..03f1b76f974 100644 --- a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.2.bb +++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb @@ -26,7 +26,7 @@ SRC_URI = " \ file://run-ptest \ " -SRC_URI[sha256sum] = "f4304357d34b79d46f4e17e654f1f91f9ce4e3d5608a1badbd53295a26fb44d5" +SRC_URI[sha256sum] = "ad75a6ed3dc0d9732945b2e5483cb41dc8b4b528a169315e499c6861952e73b3" UPSTREAM_CHECK_REGEX = "tcpdump-(?P\d+(\.\d+)+)\.tar" From bef3ed137ba5cea67b8ed862b1af599d1c8e3867 Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Mon, 17 Apr 2023 16:01:03 +0800 Subject: [PATCH 459/600] tcpdump: upgrade 4.99.3 -> 4.99.4 Changelog: ========== Source code: ---------------- Fix spaces before tabs in indentation. Updated printers: ----------------- LSP ping: Fix "Unused value" warnings from Coverity. CVE-2023-1801: Fix an out-of-bounds write in the SMB printer. DNS: sync resource types with IANA. ICMPv6: Update the output to show a RPL DAO field name. Geneve: Fix the Geneve UDP port test. Building and testing: ---------------------- Require at least autoconf 2.69. Don't check for strftime(), as it's in C90 and beyond. Update config.{guess,sub}, timestamps 2023-01-01,2023-01-21. Documentation: ------------- man: Document TCP flag names better. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 2e782260d0b6018614dbdea95899a4a0921915e0) Signed-off-by: Armin Kuster --- .../tcpdump/{tcpdump_4.99.3.bb => tcpdump_4.99.4.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/tcpdump/{tcpdump_4.99.3.bb => tcpdump_4.99.4.bb} (93%) diff --git a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb similarity index 93% rename from meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb rename to meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb index 03f1b76f974..803a9bb5f50 100644 --- a/meta-networking/recipes-support/tcpdump/tcpdump_4.99.3.bb +++ b/meta-networking/recipes-support/tcpdump/tcpdump_4.99.4.bb @@ -26,7 +26,7 @@ SRC_URI = " \ file://run-ptest \ " -SRC_URI[sha256sum] = "ad75a6ed3dc0d9732945b2e5483cb41dc8b4b528a169315e499c6861952e73b3" +SRC_URI[sha256sum] = "0232231bb2f29d6bf2426e70a08a7e0c63a0d59a9b44863b7f5e2357a6e49fea" UPSTREAM_CHECK_REGEX = "tcpdump-(?P\d+(\.\d+)+)\.tar" From 0901bb4c6a315a48a0fcb49a51e0ff6547e37087 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 5 Sep 2023 13:12:21 +0000 Subject: [PATCH 460/600] frr: Fix CVE-2023-38802 and CVE-2023-41358 CVE-2023-38802: FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). CVE-2023-41358: An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. References: https://nvd.nist.gov/vuln/detail/CVE-2023-38802 https://nvd.nist.gov/vuln/detail/CVE-2023-41358 Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../frr/frr/CVE-2023-38802.patch | 136 ++++++++++++++++++ .../frr/frr/CVE-2023-41358.patch | 105 ++++++++++++++ .../recipes-protocols/frr/frr_8.2.2.bb | 2 + 3 files changed, 243 insertions(+) create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-38802.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-38802.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38802.patch new file mode 100644 index 00000000000..60801bf06e1 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38802.patch @@ -0,0 +1,136 @@ +From ad32e04f3db364694edc678327326ae6b771db9e Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Tue, 5 Sep 2023 11:30:53 +0000 +Subject: [PATCH 1/2] bgpd: Use treat-as-withdraw for tunnel encapsulation + attribute + +Before this path we used session reset method, which is discouraged by rfc7606. + +Handle this as rfc requires. + +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-38802 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/bcb6b58d9530173df41d3a3cbc4c600ee0b4b186] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_attr.c | 61 ++++++++++++++++++++----------------------------- + 1 file changed, 25 insertions(+), 36 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index 5d06991e2..b10a60351 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -1310,6 +1310,7 @@ bgp_attr_malformed(struct bgp_attr_parser_args *args, uint8_t subcode, + case BGP_ATTR_LARGE_COMMUNITIES: + case BGP_ATTR_ORIGINATOR_ID: + case BGP_ATTR_CLUSTER_LIST: ++ case BGP_ATTR_ENCAP: + return BGP_ATTR_PARSE_WITHDRAW; + case BGP_ATTR_MP_REACH_NLRI: + case BGP_ATTR_MP_UNREACH_NLRI: +@@ -2411,26 +2412,21 @@ bgp_attr_ipv6_ext_communities(struct bgp_attr_parser_args *args) + } + + /* Parse Tunnel Encap attribute in an UPDATE */ +-static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */ +- bgp_size_t length, /* IN: attr's length field */ +- struct attr *attr, /* IN: caller already allocated */ +- uint8_t flag, /* IN: attr's flags field */ +- uint8_t *startp) ++static int bgp_attr_encap(struct bgp_attr_parser_args *args) + { +- bgp_size_t total; + uint16_t tunneltype = 0; +- +- total = length + (CHECK_FLAG(flag, BGP_ATTR_FLAG_EXTLEN) ? 4 : 3); ++ struct peer *const peer = args->peer; ++ struct attr *const attr = args->attr; ++ bgp_size_t length = args->length; ++ uint8_t type = args->type; ++ uint8_t flag = args->flags; + + if (!CHECK_FLAG(flag, BGP_ATTR_FLAG_TRANS) + || !CHECK_FLAG(flag, BGP_ATTR_FLAG_OPTIONAL)) { +- zlog_info( +- "Tunnel Encap attribute flag isn't optional and transitive %d", +- flag); +- bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, +- BGP_NOTIFY_UPDATE_ATTR_FLAG_ERR, +- startp, total); +- return -1; ++ zlog_err("Tunnel Encap attribute flag isn't optional and transitive %d", ++ flag); ++ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, ++ args->total); + } + + if (BGP_ATTR_ENCAP == type) { +@@ -2438,12 +2434,11 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */ + uint16_t tlv_length; + + if (length < 4) { +- zlog_info( ++ zlog_err( + "Tunnel Encap attribute not long enough to contain outer T,L"); +- bgp_notify_send_with_data( +- peer, BGP_NOTIFY_UPDATE_ERR, +- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total); +- return -1; ++ return bgp_attr_malformed(args, ++ BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, ++ args->total); + } + tunneltype = stream_getw(BGP_INPUT(peer)); + tlv_length = stream_getw(BGP_INPUT(peer)); +@@ -2473,13 +2468,11 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */ + } + + if (sublength > length) { +- zlog_info( +- "Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d", +- sublength, length); +- bgp_notify_send_with_data( +- peer, BGP_NOTIFY_UPDATE_ERR, +- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, startp, total); +- return -1; ++ zlog_err("Tunnel Encap attribute sub-tlv length %d exceeds remaining length %d", ++ sublength, length); ++ return bgp_attr_malformed(args, ++ BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, ++ args->total); + } + + /* alloc and copy sub-tlv */ +@@ -2527,13 +2520,10 @@ static int bgp_attr_encap(uint8_t type, struct peer *peer, /* IN */ + + if (length) { + /* spurious leftover data */ +- zlog_info( +- "Tunnel Encap attribute length is bad: %d leftover octets", +- length); +- bgp_notify_send_with_data(peer, BGP_NOTIFY_UPDATE_ERR, +- BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, +- startp, total); +- return -1; ++ zlog_err("Tunnel Encap attribute length is bad: %d leftover octets", ++ length); ++ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_OPT_ATTR_ERR, ++ args->total); + } + + return 0; +@@ -3332,8 +3322,7 @@ bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr, + case BGP_ATTR_VNC: + #endif + case BGP_ATTR_ENCAP: +- ret = bgp_attr_encap(type, peer, length, attr, flag, +- startp); ++ ret = bgp_attr_encap(&attr_args); + break; + case BGP_ATTR_PREFIX_SID: + ret = bgp_attr_prefix_sid(&attr_args); +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch new file mode 100644 index 00000000000..e10d3e52672 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41358.patch @@ -0,0 +1,105 @@ +From ef9b66e742f9016b3bf283920b528cf20d2c969f Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Tue, 5 Sep 2023 11:36:13 +0000 +Subject: [PATCH 2/2] bgpd: Do not process NLRIs if the attribute length is + zero + +``` +3 0x00007f423aa42476 in __GI_raise (sig=sig@entry=11) at ../sysdeps/posix/raise.c:26 +4 0x00007f423aef9740 in core_handler (signo=11, siginfo=0x7fffc414deb0, context=) at lib/sigevent.c:246 +5 +6 0x0000564dea2fc71e in route_set_aspath_prepend (rule=0x564debd66d50, prefix=0x7fffc414ea30, object=0x7fffc414e400) + at bgpd/bgp_routemap.c:2258 +7 0x00007f423aeec7e0 in route_map_apply_ext (map=, prefix=prefix@entry=0x7fffc414ea30, + match_object=match_object@entry=0x7fffc414e400, set_object=set_object@entry=0x7fffc414e400, pref=pref@entry=0x0) at lib/routemap.c:2690 +8 0x0000564dea2d277e in bgp_input_modifier (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, attr=attr@entry=0x7fffc414e770, + afi=afi@entry=AFI_IP, safi=safi@entry=SAFI_UNICAST, rmap_name=rmap_name@entry=0x0, label=0x0, num_labels=0, dest=0x564debdd5130) + at bgpd/bgp_route.c:1772 +9 0x0000564dea2df762 in bgp_update (peer=peer@entry=0x7f4238f59010, p=p@entry=0x7fffc414ea30, addpath_id=addpath_id@entry=0, + attr=0x7fffc414eb50, afi=afi@entry=AFI_IP, safi=, safi@entry=SAFI_UNICAST, type=9, sub_type=0, prd=0x0, label=0x0, + num_labels=0, soft_reconfig=0, evpn=0x0) at bgpd/bgp_route.c:4374 +10 0x0000564dea2e2047 in bgp_nlri_parse_ip (peer=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, packet=0x7fffc414eaf0) + at bgpd/bgp_route.c:6249 +11 0x0000564dea2c5a58 in bgp_nlri_parse (peer=peer@entry=0x7f4238f59010, attr=attr@entry=0x7fffc414eb50, + packet=packet@entry=0x7fffc414eaf0, mp_withdraw=mp_withdraw@entry=false) at bgpd/bgp_packet.c:339 +12 0x0000564dea2c5d66 in bgp_update_receive (peer=peer@entry=0x7f4238f59010, size=size@entry=109) at bgpd/bgp_packet.c:2024 +13 0x0000564dea2c901d in bgp_process_packet (thread=) at bgpd/bgp_packet.c:2933 +14 0x00007f423af0bf71 in event_call (thread=thread@entry=0x7fffc414ee40) at lib/event.c:1995 +15 0x00007f423aebb198 in frr_run (master=0x564deb73c670) at lib/libfrr.c:1213 +16 0x0000564dea261b83 in main (argc=, argv=) at bgpd/bgp_main.c:505 +``` + +With the configuration: + +``` +frr version 9.1-dev-MyOwnFRRVersion +frr defaults traditional +hostname ip-172-31-13-140 +log file /tmp/debug.log +log syslog +service integrated-vtysh-config +! +debug bgp keepalives +debug bgp neighbor-events +debug bgp updates in +debug bgp updates out +! +router bgp 100 + bgp router-id 9.9.9.9 + no bgp ebgp-requires-policy + bgp bestpath aigp + neighbor 172.31.2.47 remote-as 200 + ! + address-family ipv4 unicast + neighbor 172.31.2.47 default-originate + neighbor 172.31.2.47 route-map RM_IN in + exit-address-family +exit +! +route-map RM_IN permit 10 + set as-path prepend 200 +exit +! +``` + +The issue is that we try to process NLRIs even if the attribute length is 0. + +Later bgp_update() will handle route-maps and a crash occurs because all the +attributes are NULL, including aspath, where we dereference. + +According to the RFC 4271: + +A value of 0 indicates that neither the Network Layer + Reachability Information field nor the Path Attribute field is + present in this UPDATE message. + +But with a fuzzed UPDATE message this can be faked. I think it's reasonable +to skip processing NLRIs if both update_len and attribute_len are 0. + +Reported-by: Iggy Frankovic +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-41358 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/pull/14260/commits/28ccc24d38df1d51ed8a563507e5d6f6171fdd38] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_packet.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index 0166dc6a2..2fd28aae3 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -1767,7 +1767,7 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size) + /* Network Layer Reachability Information. */ + update_len = end - stream_pnt(s); + +- if (update_len) { ++ if (update_len && attribute_len) { + /* Set NLRI portion to structure. */ + nlris[NLRI_UPDATE].afi = AFI_IP; + nlris[NLRI_UPDATE].safi = SAFI_UNICAST; +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 1897eb2abd2..7af584835fa 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -18,6 +18,8 @@ SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.2 \ file://CVE-2022-43681.patch \ file://CVE-2023-31489.patch \ file://CVE-2023-31490.patch \ + file://CVE-2023-38802.patch \ + file://CVE-2023-41358.patch \ file://frr.pam \ " From afd3440bf691bfb3d9e48c8ef25d21ccf614a849 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 6 Sep 2023 09:12:16 +0000 Subject: [PATCH 461/600] iperf3: upgrade 3.11 -> 3.14 Upgrade iperf3 to 3.14 Fix CVE-2023-38403 and other bugs. The iperf3 release notes are available at: https://github.com/esnet/iperf/blob/99d738f496c96fd4fb50f45142e0bbc96bf71698/RELNOTES.md The only change in the LICENSE file was the year update: https://github.com/esnet/iperf/commit/6bfe27d82a3f74ad1239aba987a4fb75c1005078 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../iperf3/{iperf3_3.11.bb => iperf3_3.14.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-oe/recipes-benchmark/iperf3/{iperf3_3.11.bb => iperf3_3.14.bb} (89%) diff --git a/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb b/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb similarity index 89% rename from meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb rename to meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb index 2142a8ef1d4..d181eb3b02a 100644 --- a/meta-oe/recipes-benchmark/iperf3/iperf3_3.11.bb +++ b/meta-oe/recipes-benchmark/iperf3/iperf3_3.14.bb @@ -11,14 +11,14 @@ BUGTRACKER = "https://github.com/esnet/iperf/issues" AUTHOR = "ESNET , Lawrence Berkeley National Laboratory " LICENSE = "BSD-3-Clause" -LIC_FILES_CHKSUM = "file://LICENSE;md5=68ae8cfc577a2c8c51bb51e9628e80b7" +LIC_FILES_CHKSUM = "file://LICENSE;md5=dc6301c8256ceb8f71c9e3c2ae9096b9" SRC_URI = "git://github.com/esnet/iperf.git;branch=master;protocol=https \ file://0002-Remove-pg-from-profile_CFLAGS.patch \ file://0001-configure.ac-check-for-CPP-prog.patch \ " -SRCREV = "76bd67f6e90e239a7686202d2b1b595159826d24" +SRCREV = "a0be85934144bc04712a6695b14ea6e45c379e1d" S = "${WORKDIR}/git" From a88cb922f91fda95e8a584cee3092083d5ad3e98 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 6 Sep 2023 09:23:01 +0000 Subject: [PATCH 462/600] hwloc: fix CVE-2022-47022 An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. References: https://nvd.nist.gov/vuln/detail/CVE-2022-47022 https://github.com/open-mpi/hwloc/issues/544 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../hwloc/files/CVE-2022-47022.patch | 77 +++++++++++++++++++ .../recipes-extended/hwloc/hwloc_1.11.13.bb | 4 +- 2 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch diff --git a/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch b/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch new file mode 100644 index 00000000000..bfeb9b405db --- /dev/null +++ b/meta-oe/recipes-extended/hwloc/files/CVE-2022-47022.patch @@ -0,0 +1,77 @@ +From ac1f8db9a0790d2bf153711ff4cbf6101f89aace Mon Sep 17 00:00:00 2001 +From: Brice Goglin +Date: Wed, 23 Aug 2023 19:52:47 +0200 +Subject: [PATCH] linux: handle glibc cpuset allocation failures + +Closes #544 +CVE-2022-47022 + +Signed-off-by: Brice Goglin + +CVE: CVE-2022-47022 + +Upstream-Status: Backport [https://github.com/open-mpi/hwloc/commit/ac1f8db9a0790d2bf153711ff4cbf6101f89aace] + +Signed-off-by: Soumya Sambu +--- + src/topology-linux.c | 15 ++++++++++++++- + 1 file changed, 14 insertions(+), 1 deletion(-) + +diff --git a/src/topology-linux.c b/src/topology-linux.c +index 62c3b44..86be150 100644 +--- a/src/topology-linux.c ++++ b/src/topology-linux.c +@@ -623,6 +623,8 @@ hwloc_linux_set_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused, + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + CPU_ZERO_S(setsize, plinux_set); + hwloc_bitmap_foreach_begin(cpu, hwloc_set) +@@ -703,7 +705,10 @@ hwloc_linux_find_kernel_nr_cpus(hwloc_topology_t topology) + while (1) { + cpu_set_t *set = CPU_ALLOC(nr_cpus); + size_t setsize = CPU_ALLOC_SIZE(nr_cpus); +- int err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */ ++ int err; ++ if (!set) ++ return -1; /* caller will return an error, and we'll try again later */ ++ err = sched_getaffinity(0, setsize, set); /* always works, unless setsize is too small */ + CPU_FREE(set); + nr_cpus = setsize * 8; /* that's the value that was actually tested */ + if (!err) +@@ -732,8 +737,12 @@ hwloc_linux_get_tid_cpubind(hwloc_topology_t topology __hwloc_attribute_unused, + + /* find the kernel nr_cpus so as to use a large enough cpu_set size */ + kernel_nr_cpus = hwloc_linux_find_kernel_nr_cpus(topology); ++ if (kernel_nr_cpus < 0) ++ return -1; + setsize = CPU_ALLOC_SIZE(kernel_nr_cpus); + plinux_set = CPU_ALLOC(kernel_nr_cpus); ++ if (!plinux_set) ++ return -1; + + err = sched_getaffinity(tid, setsize, plinux_set); + +@@ -1092,6 +1101,8 @@ hwloc_linux_set_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_c + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + CPU_ZERO_S(setsize, plinux_set); + hwloc_bitmap_foreach_begin(cpu, hwloc_set) +@@ -1184,6 +1195,8 @@ hwloc_linux_get_thread_cpubind(hwloc_topology_t topology, pthread_t tid, hwloc_b + + setsize = CPU_ALLOC_SIZE(last+1); + plinux_set = CPU_ALLOC(last+1); ++ if (!plinux_set) ++ return -1; + + err = pthread_getaffinity_np(tid, setsize, plinux_set); + if (err) { +-- +2.40.0 diff --git a/meta-oe/recipes-extended/hwloc/hwloc_1.11.13.bb b/meta-oe/recipes-extended/hwloc/hwloc_1.11.13.bb index e6fed584f93..83c85dbe3ec 100644 --- a/meta-oe/recipes-extended/hwloc/hwloc_1.11.13.bb +++ b/meta-oe/recipes-extended/hwloc/hwloc_1.11.13.bb @@ -7,7 +7,9 @@ SECTION = "base" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=3282e20dc3cec311deda3c6d4b1f990b" -SRC_URI = "https://www.open-mpi.org/software/${BPN}/v1.11/downloads/${BP}.tar.bz2" +SRC_URI = "https://www.open-mpi.org/software/${BPN}/v1.11/downloads/${BP}.tar.bz2 \ + file://CVE-2022-47022.patch \ + " SRC_URI[md5sum] = "3c792e23c209e9e1bafe9bdbc613d401" SRC_URI[sha256sum] = "a4494b7765f517c0990d1c7f09d98cb87755bb6b841e4e2cbfebca1b14bac9c8" From 484fb8db34a7ba6c2b2b41ec1b4e9bd957b1fb3c Mon Sep 17 00:00:00 2001 From: Jeffrey Pautler Date: Wed, 6 Sep 2023 12:57:07 -0500 Subject: [PATCH 463/600] onboard: fix package compile issues A recent upstream change to inherit setuptools3-base instead of setuptools caused the compile step to do nothing, which caused the resulting package to be missing many files and be broken. I suspect that change was driven by a desire to eliminate compile warnings about distutils support being deprecated in python 3.12 (the build currently uses python 3.10). This change restores the dependency on distutils and as a result generates the warnings again. This change also restores the gsettings inherit. I suspect that change seemed correct when the compile was unknowingly doing nothing, but is now needed to avoid compile errors. Signed-off-by: Jeffrey Pautler --- meta-gnome/recipes-support/onboard/onboard_1.4.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-gnome/recipes-support/onboard/onboard_1.4.1.bb b/meta-gnome/recipes-support/onboard/onboard_1.4.1.bb index e61b1376dd6..081492ba797 100644 --- a/meta-gnome/recipes-support/onboard/onboard_1.4.1.bb +++ b/meta-gnome/recipes-support/onboard/onboard_1.4.1.bb @@ -10,7 +10,7 @@ SRC_URI = "https://launchpad.net/onboard/1.4/${PV}/+download/${BPN}-${PV}.tar.gz SRC_URI[md5sum] = "1a2fbe82e934f5b37841d17ff51e80e8" SRC_URI[sha256sum] = "01cae1ac5b1ef1ab985bd2d2d79ded6fc99ee04b1535cc1bb191e43a231a3865" -inherit features_check setuptools3-base pkgconfig gtk-icon-cache mime-xdg +inherit features_check distutils3 pkgconfig gtk-icon-cache gsettings mime-xdg REQUIRED_DISTRO_FEATURES = "x11" From 04423e6ee7c1f90db38dd4bff8b1261b638c0774 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Mon, 11 Sep 2023 14:54:00 +0800 Subject: [PATCH 464/600] hdf5: Fix CVE-2021-37501 Backport a patch [1] to fix CVE-2021-37501. [1] https://github.com/HDFGroup/hdf5/commit/b16ec83d4bd79f9ffaad85de16056419f3532887 Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- .../hdf5/files/CVE-2021-37501.patch | 37 +++++++++++++++++++ meta-oe/recipes-support/hdf5/hdf5_1.8.21.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta-oe/recipes-support/hdf5/files/CVE-2021-37501.patch diff --git a/meta-oe/recipes-support/hdf5/files/CVE-2021-37501.patch b/meta-oe/recipes-support/hdf5/files/CVE-2021-37501.patch new file mode 100644 index 00000000000..01099f3438c --- /dev/null +++ b/meta-oe/recipes-support/hdf5/files/CVE-2021-37501.patch @@ -0,0 +1,37 @@ +From 602015eacc53bf2699bf4c4e5420b63c3f067547 Mon Sep 17 00:00:00 2001 +From: Mingli Yu +Date: Mon, 11 Sep 2023 14:01:37 +0800 +Subject: [PATCH] Check for overflow when calculating on-disk attribute data + size + +Bogus sizes in this test case causes the on-disk data size +calculation in H5O_attr_decode() to overflow so that the +calculated size becomes 0. This causes the read to overflow +and h5dump to segfault. + +CVE: CVE-2021-37501 + +Upstream-Status: Backport [https://github.com/HDFGroup/hdf5/commit/b16ec83d4bd79f9ffaad85de16056419f3532887] + +Signed-off-by: Mingli Yu +--- + src/H5Oattr.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/H5Oattr.c b/src/H5Oattr.c +index c2c0fe3..c289344 100644 +--- a/src/H5Oattr.c ++++ b/src/H5Oattr.c +@@ -217,6 +217,9 @@ H5O_attr_decode(H5F_t *f, hid_t dxpl_id, H5O_t *open_oh, unsigned H5_ATTR_UNUSED + + /* Compute the size of the data */ + H5_CHECKED_ASSIGN(attr->shared->data_size, size_t, H5S_GET_EXTENT_NPOINTS(attr->shared->ds) * H5T_get_size(attr->shared->dt), hsize_t); ++ /* Check if multiplication has overflown */ ++ if ((attr->shared->data_size / H5T_get_size(attr->shared->dt)) != H5S_GET_EXTENT_NPOINTS(attr->shared->ds)) ++ HGOTO_ERROR(H5E_RESOURCE, H5E_OVERFLOW, NULL, "data size exceeds addressable range"); + + /* Go get the data */ + if(attr->shared->data_size) { +-- +2.25.1 + diff --git a/meta-oe/recipes-support/hdf5/hdf5_1.8.21.bb b/meta-oe/recipes-support/hdf5/hdf5_1.8.21.bb index 7b886a4635b..4110e9cea40 100644 --- a/meta-oe/recipes-support/hdf5/hdf5_1.8.21.bb +++ b/meta-oe/recipes-support/hdf5/hdf5_1.8.21.bb @@ -17,6 +17,7 @@ SRC_URI = " \ file://0001-cross-compiling-support.patch \ file://0002-Remove-suffix-shared-from-shared-library-name.patch \ file://0001-cmake-remove-build-flags.patch \ + file://CVE-2021-37501.patch \ " SRC_URI[md5sum] = "2d2408f2a9dfb5c7b79998002e9a90e9" SRC_URI[sha256sum] = "e5b1b1dee44a64b795a91c3321ab7196d9e0871fe50d42969761794e3899f40d" From 43a4259f68b72228bd17b2b5bdf08cb2fa0e6edb Mon Sep 17 00:00:00 2001 From: Jose Quaresma Date: Wed, 13 Sep 2023 17:01:06 +0000 Subject: [PATCH 465/600] opensc: ignore CVE-2021-34193 The CVE-2021-34193 is a duplicate CVE covering the 5 individual already fixed. https://github.com/OpenSC/OpenSC/pull/2855 Signed-off-by: Jose Quaresma Signed-off-by: Armin Kuster --- meta-oe/recipes-support/opensc/opensc_0.22.0.bb | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb index 4590b85fa43..3bb79b9d926 100644 --- a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb +++ b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb @@ -16,6 +16,11 @@ SRCREV = "c902e1992195e00ada12d71beb1029287cd72037" SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ file://CVE-2023-2977.patch \ " + +# CVE-2021-34193 is a duplicate CVE covering the 5 individual +# https://github.com/OpenSC/OpenSC/pull/2855/commits/7a049fc3922060fb75cb9fea9e58eef9edc357ae +CVE_CHECK_IGNORE += "CVE-2021-34193" + DEPENDS = "virtual/libiconv openssl" S = "${WORKDIR}/git" From 6548426c43a43f5fefcd6b24320eef786309db9b Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 6 Sep 2023 13:22:04 +0000 Subject: [PATCH 466/600] rabbitmq-c: Fix CVE-2023-35789 An issue was discovered in the C AMQP client library (aka rabbitmq-c) through 0.13.0 for RabbitMQ. Credentials can only be entered on the command line (e.g., for amqp-publish or amqp-consume) and are thus visible to local attackers by listing a process and its arguments. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-35789 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../rabbitmq-c/files/CVE-2023-35789.patch | 135 ++++++++++++++++++ .../rabbitmq-c/rabbitmq-c_0.11.0.bb | 4 +- 2 files changed, 138 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch diff --git a/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch b/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch new file mode 100644 index 00000000000..93949fc21d7 --- /dev/null +++ b/meta-oe/recipes-connectivity/rabbitmq-c/files/CVE-2023-35789.patch @@ -0,0 +1,135 @@ +From 463054383fbeef889b409a7f843df5365288e2a0 Mon Sep 17 00:00:00 2001 +From: Christian Kastner +Date: Tue, 13 Jun 2023 14:21:52 +0200 +Subject: [PATCH] Add option to read username/password from file (#781) + +* Add option to read username/password from file + +CVE: CVE-2023-35789 + +Upstream-Status: Backport [https://github.com/alanxz/rabbitmq-c/commit/463054383fbeef889b409a7f843df5365288e2a0] + +Signed-off-by: Soumya Sambu +--- + tools/common.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 66 insertions(+) + +diff --git a/tools/common.c b/tools/common.c +index 53ea788..35b2b9f 100644 +--- a/tools/common.c ++++ b/tools/common.c +@@ -54,6 +54,11 @@ + #include "compat.h" + #endif + ++/* For when reading auth data from a file */ ++#define MAXAUTHTOKENLEN 128 ++#define USERNAMEPREFIX "username:" ++#define PASSWORDPREFIX "password:" ++ + void die(const char *fmt, ...) { + va_list ap; + va_start(ap, fmt); +@@ -161,6 +166,7 @@ static char *amqp_vhost; + static char *amqp_username; + static char *amqp_password; + static int amqp_heartbeat = 0; ++static char *amqp_authfile; + #ifdef WITH_SSL + static int amqp_ssl = 0; + static char *amqp_cacert = "/etc/ssl/certs/cacert.pem"; +@@ -183,6 +189,8 @@ struct poptOption connect_options[] = { + "the password to login with", "password"}, + {"heartbeat", 0, POPT_ARG_INT, &amqp_heartbeat, 0, + "heartbeat interval, set to 0 to disable", "heartbeat"}, ++ {"authfile", 0, POPT_ARG_STRING, &amqp_authfile, 0, ++ "path to file containing username/password for authentication", "file"}, + #ifdef WITH_SSL + {"ssl", 0, POPT_ARG_NONE, &amqp_ssl, 0, "connect over SSL/TLS", NULL}, + {"cacert", 0, POPT_ARG_STRING, &amqp_cacert, 0, +@@ -194,6 +202,50 @@ struct poptOption connect_options[] = { + #endif /* WITH_SSL */ + {NULL, '\0', 0, NULL, 0, NULL, NULL}}; + ++void read_authfile(const char *path) { ++ size_t n; ++ FILE *fp = NULL; ++ char token[MAXAUTHTOKENLEN]; ++ ++ if ((amqp_username = malloc(MAXAUTHTOKENLEN)) == NULL || ++ (amqp_password = malloc(MAXAUTHTOKENLEN)) == NULL) { ++ die("Out of memory"); ++ } else if ((fp = fopen(path, "r")) == NULL) { ++ die("Could not read auth data file %s", path); ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, USERNAMEPREFIX, strlen(USERNAMEPREFIX))) { ++ die("Malformed auth file (missing username)"); ++ } ++ strncpy(amqp_username, &token[strlen(USERNAMEPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_username); ++ if (amqp_username[n - 1] != '\n') { ++ die("Username too long"); ++ } else { ++ amqp_username[n - 1] = '\0'; ++ } ++ ++ if (fgets(token, MAXAUTHTOKENLEN, fp) == NULL || ++ strncmp(token, PASSWORDPREFIX, strlen(PASSWORDPREFIX))) { ++ die("Malformed auth file (missing password)"); ++ } ++ strncpy(amqp_password, &token[strlen(PASSWORDPREFIX)], MAXAUTHTOKENLEN); ++ /* Missing newline means token was cut off */ ++ n = strlen(amqp_password); ++ if (amqp_password[n - 1] != '\n') { ++ die("Password too long"); ++ } else { ++ amqp_password[n - 1] = '\0'; ++ } ++ ++ (void)fgetc(fp); ++ if (!feof(fp)) { ++ die("Malformed auth file (trailing data)"); ++ } ++} ++ + static void init_connection_info(struct amqp_connection_info *ci) { + ci->user = NULL; + ci->password = NULL; +@@ -269,6 +321,8 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_username) { + if (amqp_url) { + die("--username and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--username and --authfile options cannot be used at the same time"); + } + + ci->user = amqp_username; +@@ -277,11 +331,23 @@ static void init_connection_info(struct amqp_connection_info *ci) { + if (amqp_password) { + if (amqp_url) { + die("--password and --url options cannot be used at the same time"); ++ } else if (amqp_authfile) { ++ die("--password and --authfile options cannot be used at the same time"); + } + + ci->password = amqp_password; + } + ++ if (amqp_authfile) { ++ if (amqp_url) { ++ die("--authfile and --url options cannot be used at the same time"); ++ } ++ ++ read_authfile(amqp_authfile); ++ ci->user = amqp_username; ++ ci->password = amqp_password; ++ } ++ + if (amqp_vhost) { + if (amqp_url) { + die("--vhost and --url options cannot be used at the same time"); +-- +2.40.0 diff --git a/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.11.0.bb b/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.11.0.bb index 304171c88c2..1cc4ada3b58 100644 --- a/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.11.0.bb +++ b/meta-oe/recipes-connectivity/rabbitmq-c/rabbitmq-c_0.11.0.bb @@ -3,7 +3,9 @@ HOMEPAGE = "https://github.com/alanxz/rabbitmq-c" LIC_FILES_CHKSUM = "file://LICENSE-MIT;md5=6b7424f9db80cfb11fdd5c980b583f53" LICENSE = "MIT" -SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https" +SRC_URI = "git://github.com/alanxz/rabbitmq-c.git;branch=master;protocol=https \ + file://CVE-2023-35789.patch \ + " # v0.11.0-master SRCREV = "a64c08c68aff34d49a2ac152f04988cd921084f9" From fcfdcc38085ac5e5f33a813b51642e067ac0e1e0 Mon Sep 17 00:00:00 2001 From: "Polampalli, Archana" Date: Fri, 8 Sep 2023 06:34:24 +0000 Subject: [PATCH 467/600] redis: upgrade 7.0.12 -> 7.0.13 This release has only security and bug fixes. ChangeLog: https://github.com/redis/redis/releases/tag/7.0.13 Security Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-41053 $ git log --oneline 7.0.12..7.0.13 49dbedb1d (tag: 7.0.13, origin/7.0) Redis 7.0.13 0f14d3279 Fix sort_ro get-keys function return wrong key number (#12522) 4d67bb6af do not call handleClientsBlockedOnKeys inside yielding command (#12459) 37599fe75 Ensure that the function load timeout is disabled during loading from RDB/AOF and on replicas. (#12451) ea1bc6f62 Process loss of slot ownership in cluster bus (#12344) 646069a90 Skip test for sdsRemoveFreeSpace when mem_allocator is not jemalloc (#11878) Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../0001-src-Do-not-reset-FINAL_LIBS.patch | 0 .../0006-Define-correct-gregs-for-RISCV32.patch | 0 .../redis/{redis-7.0.12 => redis-7.0.13}/GNU_SOURCE-7.patch | 0 .../hiredis-use-default-CC-if-it-is-set.patch | 0 .../redis/{redis-7.0.12 => redis-7.0.13}/init-redis-server | 0 .../lua-update-Makefile-to-use-environment-build-setting.patch | 0 .../{redis-7.0.12 => redis-7.0.13}/oe-use-libc-malloc.patch | 0 .../redis/{redis-7.0.12 => redis-7.0.13}/redis.conf | 0 .../redis/{redis-7.0.12 => redis-7.0.13}/redis.service | 0 .../recipes-extended/redis/{redis_7.0.12.bb => redis_7.0.13.bb} | 2 +- 10 files changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/0001-src-Do-not-reset-FINAL_LIBS.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/0006-Define-correct-gregs-for-RISCV32.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/GNU_SOURCE-7.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/hiredis-use-default-CC-if-it-is-set.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/init-redis-server (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/lua-update-Makefile-to-use-environment-build-setting.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/oe-use-libc-malloc.patch (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/redis.conf (100%) rename meta-oe/recipes-extended/redis/{redis-7.0.12 => redis-7.0.13}/redis.service (100%) rename meta-oe/recipes-extended/redis/{redis_7.0.12.bb => redis_7.0.13.bb} (96%) diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/0001-src-Do-not-reset-FINAL_LIBS.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/0001-src-Do-not-reset-FINAL_LIBS.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/0001-src-Do-not-reset-FINAL_LIBS.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/0001-src-Do-not-reset-FINAL_LIBS.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/0006-Define-correct-gregs-for-RISCV32.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/0006-Define-correct-gregs-for-RISCV32.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/0006-Define-correct-gregs-for-RISCV32.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/0006-Define-correct-gregs-for-RISCV32.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/GNU_SOURCE-7.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/GNU_SOURCE-7.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/GNU_SOURCE-7.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/GNU_SOURCE-7.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/hiredis-use-default-CC-if-it-is-set.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/hiredis-use-default-CC-if-it-is-set.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/hiredis-use-default-CC-if-it-is-set.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/hiredis-use-default-CC-if-it-is-set.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/init-redis-server b/meta-oe/recipes-extended/redis/redis-7.0.13/init-redis-server similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/init-redis-server rename to meta-oe/recipes-extended/redis/redis-7.0.13/init-redis-server diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/lua-update-Makefile-to-use-environment-build-setting.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/lua-update-Makefile-to-use-environment-build-setting.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/lua-update-Makefile-to-use-environment-build-setting.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/lua-update-Makefile-to-use-environment-build-setting.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/oe-use-libc-malloc.patch b/meta-oe/recipes-extended/redis/redis-7.0.13/oe-use-libc-malloc.patch similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/oe-use-libc-malloc.patch rename to meta-oe/recipes-extended/redis/redis-7.0.13/oe-use-libc-malloc.patch diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/redis.conf b/meta-oe/recipes-extended/redis/redis-7.0.13/redis.conf similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/redis.conf rename to meta-oe/recipes-extended/redis/redis-7.0.13/redis.conf diff --git a/meta-oe/recipes-extended/redis/redis-7.0.12/redis.service b/meta-oe/recipes-extended/redis/redis-7.0.13/redis.service similarity index 100% rename from meta-oe/recipes-extended/redis/redis-7.0.12/redis.service rename to meta-oe/recipes-extended/redis/redis-7.0.13/redis.service diff --git a/meta-oe/recipes-extended/redis/redis_7.0.12.bb b/meta-oe/recipes-extended/redis/redis_7.0.13.bb similarity index 96% rename from meta-oe/recipes-extended/redis/redis_7.0.12.bb rename to meta-oe/recipes-extended/redis/redis_7.0.13.bb index 321b90dadf0..e88ab4ddf53 100644 --- a/meta-oe/recipes-extended/redis/redis_7.0.12.bb +++ b/meta-oe/recipes-extended/redis/redis_7.0.13.bb @@ -17,7 +17,7 @@ SRC_URI = "http://download.redis.io/releases/${BP}.tar.gz \ file://GNU_SOURCE-7.patch \ file://0006-Define-correct-gregs-for-RISCV32.patch \ " -SRC_URI[sha256sum] = "9dd83d5b278bb2bf0e39bfeb75c3e8170024edbaf11ba13b7037b2945cf48ab7" +SRC_URI[sha256sum] = "97065774d5fb8388eb0d8913458decfcb167d356e40d31dd01cd30c1cc391673" inherit autotools-brokensep update-rc.d systemd useradd From 919a2074586ff957362ae2dbd3438fa648bb9bee Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Fri, 8 Sep 2023 17:14:20 +0530 Subject: [PATCH 468/600] wireshark: Fix CVE-2023-2906 Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2023-2906.patch | 38 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 39 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch b/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch new file mode 100644 index 00000000000..fe210972869 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2023-2906.patch @@ -0,0 +1,38 @@ +From 44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d Mon Sep 17 00:00:00 2001 +From: Jaap Keuter +Date: Thu, 27 Jul 2023 20:21:19 +0200 +Subject: [PATCH] CP2179: Handle timetag info response without records + +Fixes #19229 + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/44dc70cc5aadca91cb8ba3710c59c3651b7b0d4d] +CVE: CVE-2023-2906 +Signed-off-by: Hitendra Prajapati +--- + epan/dissectors/packet-cp2179.c | 7 +++++-- + 1 file changed, 5 insertions(+), 2 deletions(-) + +diff --git a/epan/dissectors/packet-cp2179.c b/epan/dissectors/packet-cp2179.c +index 30f53f8..70fe033 100644 +--- a/epan/dissectors/packet-cp2179.c ++++ b/epan/dissectors/packet-cp2179.c +@@ -721,11 +721,14 @@ dissect_response_frame(tvbuff_t *tvb, proto_tree *tree, packet_info *pinfo, int + proto_tree_add_item(cp2179_proto_tree, hf_cp2179_timetag_numsets, tvb, offset, 1, ENC_LITTLE_ENDIAN); + + num_records = tvb_get_guint8(tvb, offset) & 0x7F; ++ offset += 1; ++ ++ if (num_records == 0 || numberofcharacters <= 1) ++ break; ++ + recordsize = (numberofcharacters-1) / num_records; + num_values = (recordsize-6) / 2; /* Determine how many 16-bit analog values are present in each event record */ + +- offset += 1; +- + for (x = 0; x < num_records; x++) + { + cp2179_event_tree = proto_tree_add_subtree_format(cp2179_proto_tree, tvb, offset, recordsize, ett_cp2179_event, NULL, "Event Record # %d", x+1); +-- +2.25.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index ec6e11edd21..19489a8bcbf 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -24,6 +24,7 @@ SRC_URI += " \ file://CVE-2023-0666.patch \ file://CVE-2023-0667.patch \ file://CVE-2023-0668.patch \ + file://CVE-2023-2906.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From dd5003603b47bff937123c85f27e03e0eb34a15c Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 10 Jan 2023 02:24:00 -0800 Subject: [PATCH 469/600] freeglut: Add packageconfigs for x11/wayland/gles helps it compiling on on different openGL implementations which may not implement fulll openGL specs Signed-off-by: Khem Raj (cherry picked from commit a9212722c1b1a2ab29215651063ca94fb114c39b) Signed-off-by: Armin Kuster --- .../freeglut/freeglut_3.2.1.bb | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/meta-oe/recipes-graphics/freeglut/freeglut_3.2.1.bb b/meta-oe/recipes-graphics/freeglut/freeglut_3.2.1.bb index 6ef9f74c70a..2f4f16589d9 100644 --- a/meta-oe/recipes-graphics/freeglut/freeglut_3.2.1.bb +++ b/meta-oe/recipes-graphics/freeglut/freeglut_3.2.1.bb @@ -7,14 +7,24 @@ SRC_URI = "https://sourceforge.net/projects/${BPN}/files/${BPN}/${PV}/${BPN}-${P SRC_URI[md5sum] = "cd5c670c1086358598a6d4a9d166949d" SRC_URI[sha256sum] = "d4000e02102acaf259998c870e25214739d1f16f67f99cb35e4f46841399da68" -inherit cmake features_check +inherit cmake features_check pkgconfig -# depends on virtual/libx11, virtual/libgl -REQUIRED_DISTRO_FEATURES = "x11 opengl" +# depends on virtual/libgl +REQUIRED_DISTRO_FEATURES = "opengl" +PACKAGECONFIG ?= "${@bb.utils.filter('DISTRO_FEATURES', 'wayland x11', d)}" +PACKAGECONFIG[gles] = "-DFREEGLUT_GLES=ON,-DFREEGLUT_GLES=OFF," +PACKAGECONFIG[wayland] = "-DFREEGLUT_WAYLAND=ON,-DFREEGLUT_WAYLAND=OFF,libxkbcommon" +PACKAGECONFIG[demos] = "-DFREEGLUT_BUILD_DEMOS=ON,-DFREEGLUT_BUILD_DEMOS=OFF," +PACKAGECONFIG[x11] = ",,virtual/libx11 libice libxmu libglu libxrandr libxext" # Do not use -fno-common, check back when upgrading to new version it might not be needed CFLAGS += "-fcommon" PROVIDES += "mesa-glut" -DEPENDS = "virtual/libx11 libxmu libxi virtual/libgl libglu libxrandr" +DEPENDS = "virtual/libgl libxi" + +do_install:append() { + # Remove buildpaths + sed -i "s#${RECIPE_SYSROOT}##g" ${D}${libdir}/cmake/FreeGLUT/FreeGLUTTargets.cmake +} From 799e0847cc4d1170151149cb896beec7e9ce5ef1 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Sat, 23 Sep 2023 13:37:33 -0400 Subject: [PATCH 470/600] frr: Fix CVE-2023-41909 An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. References: https://nvd.nist.gov/vuln/detail/CVE-2023-41909 https://security-tracker.debian.org/tracker/CVE-2023-41909 Signed-off-by: Narpat Mali [Minor fixup ] Signed-off-by: Armin Kuster --- .../frr/frr/CVE-2023-41909.patch | 42 +++++++++++++++++++ .../recipes-protocols/frr/frr_8.2.2.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-41909.patch diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-41909.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41909.patch new file mode 100644 index 00000000000..b27d7af166f --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-41909.patch @@ -0,0 +1,42 @@ +From 5966b6a1fc72d3698d08199922cc4f42ea7fc9eb Mon Sep 17 00:00:00 2001 +From: Donald Sharp +Date: Fri, 8 Sep 2023 11:46:12 +0000 +Subject: [PATCH] bgpd: Limit flowspec to no attribute means a implicit + withdrawal + +All other parsing functions done from bgp_nlri_parse() assume +no attributes == an implicit withdrawal. Let's move +bgp_nlri_parse_flowspec() into the same alignment. + +Reported-by: Matteo Memelli +Signed-off-by: Donald Sharp + +CVE: CVE-2023-41909 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/cfd04dcb3e689754a72507d086ba3b9709fc5ed8] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_flowspec.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/bgpd/bgp_flowspec.c b/bgpd/bgp_flowspec.c +index 341cfe9d0..3e2b1ac49 100644 +--- a/bgpd/bgp_flowspec.c ++++ b/bgpd/bgp_flowspec.c +@@ -112,6 +112,13 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr, + afi = packet->afi; + safi = packet->safi; + ++ /* ++ * All other AFI/SAFI's treat no attribute as a implicit ++ * withdraw. Flowspec should as well. ++ */ ++ if (!attr) ++ withdraw = 1; ++ + if (packet->length >= FLOWSPEC_NLRI_SIZELIMIT_EXTENDED) { + flog_err(EC_BGP_FLOWSPEC_PACKET, + "BGP flowspec nlri length maximum reached (%u)", +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 7af584835fa..58754b8256d 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -20,6 +20,7 @@ SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.2 \ file://CVE-2023-31490.patch \ file://CVE-2023-38802.patch \ file://CVE-2023-41358.patch \ + file://CVE-2023-41909.patch \ file://frr.pam \ " From 06c077155c6fa02967fa1ee75dc0fd1974264ce3 Mon Sep 17 00:00:00 2001 From: Armin Kuster Date: Wed, 27 Sep 2023 07:58:07 -0400 Subject: [PATCH 471/600] openldap: update to 2.5.16 2.5.x is an LTS version per the project. Drop patch now included. Signed-off-by: Armin Kuster Signed-off-by: Armin Kuster --- ...if-filter-fix-parallel-build-failure.patch | 32 -------- ...-Makefile.in-ignore-the-mkdir-errors.patch | 33 -------- ...de-ldap_pvt_thread.h-before-redefini.patch | 54 ------------- .../openldap/openldap/CVE-2023-2953-1.patch | 30 -------- .../openldap/openldap/CVE-2023-2953-2.patch | 76 ------------------- ...{openldap_2.5.12.bb => openldap_2.5.16.bb} | 7 +- 6 files changed, 1 insertion(+), 231 deletions(-) delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch delete mode 100644 meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch rename meta-oe/recipes-support/openldap/{openldap_2.5.12.bb => openldap_2.5.16.bb} (96%) diff --git a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch b/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch deleted file mode 100644 index b42bd9764f0..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-ldif-filter-fix-parallel-build-failure.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 9e4ccd1e78ceac8de1ab66ee62ee216f1fbd4956 Mon Sep 17 00:00:00 2001 -From: Yi Zhao -Date: Thu, 2 Dec 2021 11:38:15 +0800 -Subject: [PATCH] ldif-filter: fix parallel build failure - -Add slapd-common.o as dependency for ldif-filter to fix the parallel -build failure: - ld: cannot find slapd-common.o: No such file or directory - -Upstream-Status: Pending - -Signed-off-by: Yi Zhao ---- - tests/progs/Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/tests/progs/Makefile.in b/tests/progs/Makefile.in -index 13f1e8be2..e4f4ccf98 100644 ---- a/tests/progs/Makefile.in -+++ b/tests/progs/Makefile.in -@@ -56,7 +56,7 @@ slapd-modify: slapd-modify.o $(OBJS) $(XLIBS) - slapd-bind: slapd-bind.o $(OBJS) $(XLIBS) - $(LTLINK) -o $@ slapd-bind.o $(OBJS) $(LIBS) - --ldif-filter: ldif-filter.o $(XLIBS) -+ldif-filter: ldif-filter.o $(OBJS) $(XLIBS) - $(LTLINK) -o $@ ldif-filter.o $(OBJS) $(LIBS) - - slapd-mtread: slapd-mtread.o $(OBJS) $(XLIBS) --- -2.25.1 - diff --git a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch b/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch deleted file mode 100644 index 552726bb0af..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 690f69791eb6cd0d7e94b4d73219ee864de27f62 Mon Sep 17 00:00:00 2001 -From: Yi Zhao -Date: Mon, 10 Jan 2022 10:13:51 +0800 -Subject: [PATCH] libraries/Makefile.in: ignore the mkdir errors - -Ignore the mkdir errors to fix the parallel build failure: - -../../build/shtool mkdir -p TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib -mkdir: cannot create directory 'TOPDIR/tmp-glibc/work/cortexa15t2hf-neon-wrs-linux-gnueabi/openldap/2.5.9-r0/image/usr/lib': File exists - -Upstream-Status: Pending - -Signed-off-by: Yi Zhao ---- - libraries/Makefile.in | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/libraries/Makefile.in b/libraries/Makefile.in -index d9cb2ff..c6b251f 100644 ---- a/libraries/Makefile.in -+++ b/libraries/Makefile.in -@@ -24,7 +24,7 @@ PKGCONFIG_DIR=$(DESTDIR)$(libdir)/pkgconfig - PKGCONFIG_SRCDIRS=liblber libldap - - install-local: -- @$(MKDIR) $(PKGCONFIG_DIR) -+ @-$(MKDIR) $(PKGCONFIG_DIR) - @for i in $(PKGCONFIG_SRCDIRS); do \ - $(INSTALL_DATA) $$i/*.pc $(PKGCONFIG_DIR); \ - done --- -2.17.1 - diff --git a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch b/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch deleted file mode 100644 index bcd1525b670..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 79381ab335898c9184e22dd25b544adefa9bf6c5 Mon Sep 17 00:00:00 2001 -From: Khem Raj -Date: Mon, 7 Feb 2022 16:26:57 -0800 -Subject: [PATCH] librewrite: include ldap_pvt_thread.h before redefining - calloc - -This helps compiling with musl, where sched.h is included by -ldap_pvt_thread.h which provides prototype for calloc() and conflicts - -/usr/include/sched.h:84:7: error: conflicting types for 'ber_memcalloc' -| void *calloc(size_t, size_t); -| ^1 -| warning and 1 error generated. -| ./rewrite-int.h:44:21: note: expanded from macro 'calloc' -| #define calloc(x,y) ber_memcalloc(x,y) -| ^ - -Upstream-Status: Pending -Signed-off-by: Khem Raj ---- - libraries/librewrite/rewrite-int.h | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/libraries/librewrite/rewrite-int.h b/libraries/librewrite/rewrite-int.h -index 4481dd3..5ec226d 100644 ---- a/libraries/librewrite/rewrite-int.h -+++ b/libraries/librewrite/rewrite-int.h -@@ -40,6 +40,11 @@ - - #include - -+#ifndef NO_THREADS -+#define USE_REWRITE_LDAP_PVT_THREADS -+#include -+#endif -+ - #define malloc(x) ber_memalloc(x) - #define calloc(x,y) ber_memcalloc(x,y) - #define realloc(x,y) ber_memrealloc(x,y) -@@ -47,11 +52,6 @@ - #undef strdup - #define strdup(x) ber_strdup(x) - --#ifndef NO_THREADS --#define USE_REWRITE_LDAP_PVT_THREADS --#include --#endif -- - /* - * For details, see RATIONALE. - */ --- -2.35.1 - diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch deleted file mode 100644 index 2517dac3349..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-1.patch +++ /dev/null @@ -1,30 +0,0 @@ -From ea8dd2d279c5aeaf9d4672a4e95bebd99babcce1 Mon Sep 17 00:00:00 2001 -From: Howard Chu -Date: Wed, 24 Aug 2022 14:40:51 +0100 -Subject: [PATCH] ITS#9904 ldif_open_url: check for ber_strdup failure - -Code present since 1999, df8f7cbb9b79be3be9205d116d1dd0b263d6861a - -Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/752d320cf96e46f24c0900f1a8f6af0a3fc3c4ce] -CVE: CVE-2023-2953 -Signed-off-by: Ashish Sharma ---- - libraries/libldap/fetch.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/libraries/libldap/fetch.c b/libraries/libldap/fetch.c -index 9e426dc647..536871bcfe 100644 ---- a/libraries/libldap/fetch.c -+++ b/libraries/libldap/fetch.c -@@ -69,6 +69,8 @@ ldif_open_url( - } - - p = ber_strdup( urlstr ); -+ if ( p == NULL ) -+ return NULL; - - /* But we should convert to LDAP_DIRSEP before use */ - if ( LDAP_DIRSEP[0] != '/' ) { --- -GitLab - diff --git a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch b/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch deleted file mode 100644 index 2f24df9266a..00000000000 --- a/meta-oe/recipes-support/openldap/openldap/CVE-2023-2953-2.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 3f2abd0b2eeec8522e50d5c4ea4992e70e8f9915 Mon Sep 17 00:00:00 2001 -From: Howard Chu -Date: Thu, 25 Aug 2022 16:13:21 +0100 -Subject: [PATCH] ITS#9904 ldap_url_parsehosts: check for strdup failure - -Avoid unnecessary strdup in IPv6 addr parsing, check for strdup -failure when dup'ing scheme. - -Code present since 2000, 8da110a9e726dbc612b302feafe0109271e6bc59 - -Upstream-Status: Backport [https://git.openldap.org/openldap/openldap/-/commit/6563fab9e2feccb0a684d0398e78571d09fb808b] -CVE: CVE-2023-2953 -Signed-off-by: Ashish Sharma ---- - libraries/libldap/url.c | 21 ++++++++++++--------- - 1 file changed, 12 insertions(+), 9 deletions(-) - -diff --git a/libraries/libldap/url.c b/libraries/libldap/url.c -index 7e56564265..8df0abd044 100644 ---- a/libraries/libldap/url.c -+++ b/libraries/libldap/url.c -@@ -1386,24 +1386,22 @@ ldap_url_parsehosts( - } - ludp->lud_port = port; - ludp->lud_host = specs[i]; -- specs[i] = NULL; - p = strchr(ludp->lud_host, ':'); - if (p != NULL) { - /* more than one :, IPv6 address */ - if ( strchr(p+1, ':') != NULL ) { - /* allow [address] and [address]:port */ - if ( *ludp->lud_host == '[' ) { -- p = LDAP_STRDUP(ludp->lud_host+1); -- /* copied, make sure we free source later */ -- specs[i] = ludp->lud_host; -- ludp->lud_host = p; -- p = strchr( ludp->lud_host, ']' ); -+ p = strchr( ludp->lud_host+1, ']' ); - if ( p == NULL ) { - LDAP_FREE(ludp); - ldap_charray_free(specs); - return LDAP_PARAM_ERROR; - } -- *p++ = '\0'; -+ /* Truncate trailing ']' and shift hostname down 1 char */ -+ *p = '\0'; -+ AC_MEMCPY( ludp->lud_host, ludp->lud_host+1, p - ludp->lud_host ); -+ p++; - if ( *p != ':' ) { - if ( *p != '\0' ) { - LDAP_FREE(ludp); -@@ -1429,14 +1427,19 @@ ldap_url_parsehosts( - } - } - } -- ldap_pvt_hex_unescape(ludp->lud_host); - ludp->lud_scheme = LDAP_STRDUP("ldap"); -+ if ( ludp->lud_scheme == NULL ) { -+ LDAP_FREE(ludp); -+ ldap_charray_free(specs); -+ return LDAP_NO_MEMORY; -+ } -+ specs[i] = NULL; -+ ldap_pvt_hex_unescape(ludp->lud_host); - ludp->lud_next = *ludlist; - *ludlist = ludp; - } - - /* this should be an array of NULLs now */ -- /* except entries starting with [ */ - ldap_charray_free(specs); - return LDAP_SUCCESS; - } --- -GitLab - diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb similarity index 96% rename from meta-oe/recipes-support/openldap/openldap_2.5.12.bb rename to meta-oe/recipes-support/openldap/openldap_2.5.16.bb index cd29760b8c4..9e9d05917df 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.12.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb @@ -19,15 +19,10 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$ file://initscript \ file://slapd.service \ file://remove-user-host-pwd-from-version.patch \ - file://0001-ldif-filter-fix-parallel-build-failure.patch \ file://0001-build-top.mk-unset-STRIP_OPTS.patch \ - file://0001-libraries-Makefile.in-ignore-the-mkdir-errors.patch \ - file://0001-librewrite-include-ldap_pvt_thread.h-before-redefini.patch \ - file://CVE-2023-2953-1.patch \ - file://CVE-2023-2953-2.patch \ " -SRC_URI[sha256sum] = "d5086cbfc49597fa7d0670a429a9054552d441b16ee8b2435412797ab0e37b96" +SRC_URI[sha256sum] = "546ba591822e8bb0e467d40c4d4a30f89d937c3a507fe83a578f582f6a211327" DEPENDS = "util-linux groff-native" From b25e6a9e9111cbc0fc71e0e96c560c5cd2ee845d Mon Sep 17 00:00:00 2001 From: Shinu Chandran Date: Mon, 25 Sep 2023 11:12:56 +0530 Subject: [PATCH 472/600] c-ares: CVE-ID correction for CVE-2022-4904 - The c-ares commit https://github.com/c-ares/c-ares/commit/9903253c347f (Add str len check in config_sortlist to avoid stack overflow), fixes the CVE-2022-4904 instead of CVE-2022-4415 https://security-tracker.debian.org/tracker/CVE-2022-4904 - CVE-ID inside the CVE-2022-4904.patch is wrong in the OE commit[092e125f44f6] - Hence corrected the CVE-ID in CVE-2022-4904.patch Signed-off-by: Shinu Chandran Signed-off-by: Armin Kuster --- meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch b/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch index 0a0e8f0b61a..328075ca64a 100644 --- a/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch +++ b/meta-oe/recipes-support/c-ares/c-ares/CVE-2022-4904.patch @@ -20,7 +20,7 @@ fixes #496 Fix By: @hopper-vul -CVE: CVE-2022-4415 +CVE: CVE-2022-4904 Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/9903253c347f9e0bffd285ae3829aef251cc852d] Signed-off-by: Peter Marko From ab9a31fabcb959129798644cdac61e4606daf75c Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 26 Sep 2023 11:24:28 +0000 Subject: [PATCH 473/600] python3-django: fix CVE-2023-41164 In Django 3.2 before 3.2.21, 4 before 4.1.11, and 4.2 before 4.2.5, ``django.utils.encoding.uri_to_iri()`` was subject to potential denial of service attack via certain inputs with a very large number of Unicode characters. Since, there is no ptest available for python3-django so have not tested the patch changes at runtime. References: https://security-tracker.debian.org/tracker/CVE-2023-41164 https://www.djangoproject.com/weblog/2023/sep/04/security-releases/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../python3-django/CVE-2023-41164.patch | 105 ++++++++++++++++++ .../python/python3-django_2.2.28.bb | 1 + 2 files changed, 106 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2023-41164.patch diff --git a/meta-python/recipes-devtools/python/python3-django/CVE-2023-41164.patch b/meta-python/recipes-devtools/python/python3-django/CVE-2023-41164.patch new file mode 100644 index 00000000000..9bc38b0ccac --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-django/CVE-2023-41164.patch @@ -0,0 +1,105 @@ +From 9c95e8fec62153f8dfcc45a70b8a68d74333a66f Mon Sep 17 00:00:00 2001 +From: Mariusz Felisiak +Date: Tue, 26 Sep 2023 10:23:30 +0000 +Subject: [PATCH] Fixed CVE-2023-41164 -- Fixed potential DoS in + django.utils.encoding.uri_to_iri(). + +Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. + +Co-authored-by: nessita <124304+nessita@users.noreply.github.com> + +CVE: CVE-2023-41164 + +Upstream-Status: Backport [https://github.com/django/django/commit/3f41d6d62929dfe53eda8109b3b836f26645bdce] + +Signed-off-by: Narpat Mali +--- + django/utils/encoding.py | 6 ++++-- + docs/releases/2.2.28.txt | 9 +++++++++ + tests/utils_tests/test_encoding.py | 21 ++++++++++++++++++++- + 3 files changed, 33 insertions(+), 3 deletions(-) + +diff --git a/django/utils/encoding.py b/django/utils/encoding.py +index 98da647..3769702 100644 +--- a/django/utils/encoding.py ++++ b/django/utils/encoding.py +@@ -225,6 +225,7 @@ def repercent_broken_unicode(path): + repercent-encode any octet produced that is not part of a strictly legal + UTF-8 octet sequence. + """ ++ changed_parts = [] + while True: + try: + path.decode() +@@ -232,9 +233,10 @@ def repercent_broken_unicode(path): + # CVE-2019-14235: A recursion shouldn't be used since the exception + # handling uses massive amounts of memory + repercent = quote(path[e.start:e.end], safe=b"/#%[]=:;$&()+,!?*@'~") +- path = path[:e.start] + force_bytes(repercent) + path[e.end:] ++ changed_parts.append(path[: e.start] + repercent.encode()) ++ path = path[e.end :] + else: +- return path ++ return b"".join(changed_parts) + path + + + def filepath_to_uri(path): +diff --git a/docs/releases/2.2.28.txt b/docs/releases/2.2.28.txt +index ab4884b..40eb230 100644 +--- a/docs/releases/2.2.28.txt ++++ b/docs/releases/2.2.28.txt +@@ -47,3 +47,12 @@ CVE-2023-36053: Potential regular expression denial of service vulnerability in + ``EmailValidator`` and ``URLValidator`` were subject to potential regular + expression denial of service attack via a very large number of domain name + labels of emails and URLs. ++ ++Backporting the CVE-2023-41164 fix on Django 2.2.28. ++ ++CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.encoding.uri_to_iri()`` ++=================================================================================================== ++ ++``django.utils.encoding.uri_to_iri()`` was subject to potential denial of ++service attack via certain inputs with a very large number of Unicode ++characters. +diff --git a/tests/utils_tests/test_encoding.py b/tests/utils_tests/test_encoding.py +index ea7ba5f..93a3162 100644 +--- a/tests/utils_tests/test_encoding.py ++++ b/tests/utils_tests/test_encoding.py +@@ -1,8 +1,9 @@ + import datetime ++import inspect + import sys + import unittest + from unittest import mock +-from urllib.parse import quote_plus ++from urllib.parse import quote, quote_plus + + from django.test import SimpleTestCase + from django.utils.encoding import ( +@@ -100,6 +101,24 @@ class TestEncodingUtils(SimpleTestCase): + except RecursionError: + self.fail('Unexpected RecursionError raised.') + ++ def test_repercent_broken_unicode_small_fragments(self): ++ data = b"test\xfctest\xfctest\xfc" ++ decoded_paths = [] ++ ++ def mock_quote(*args, **kwargs): ++ # The second frame is the call to repercent_broken_unicode(). ++ decoded_paths.append(inspect.currentframe().f_back.f_locals["path"]) ++ return quote(*args, **kwargs) ++ ++ with mock.patch("django.utils.encoding.quote", mock_quote): ++ self.assertEqual(repercent_broken_unicode(data), b"test%FCtest%FCtest%FC") ++ ++ # decode() is called on smaller fragment of the path each time. ++ self.assertEqual( ++ decoded_paths, ++ [b"test\xfctest\xfctest\xfc", b"test\xfctest\xfc", b"test\xfc"], ++ ) ++ + + class TestRFC3987IEncodingUtils(unittest.TestCase): + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb index ec65a985da7..c35323f4557 100644 --- a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb +++ b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb @@ -7,6 +7,7 @@ inherit setuptools3 SRC_URI += "file://CVE-2023-31047.patch \ file://CVE-2023-36053.patch \ + file://CVE-2023-41164.patch \ " SRC_URI[sha256sum] = "0200b657afbf1bc08003845ddda053c7641b9b24951e52acd51f6abda33a7413" From 9842ff64127d4d1877035470c0abdae1b22960ed Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 26 Sep 2023 14:29:43 +0000 Subject: [PATCH 474/600] python3-django: upgrade 3.2.20 -> 3.2.21 The delta between 3.2.20 and 3.2.21 contains the CVE-2023-41164 fix and other bugfixes. git log --oneline 3.2.20..3.2.21 shows: fd0ccd7fb3 (tag: 3.2.21) [3.2.x] Bumped version for 3.2.21 release. 6f030b1149 [3.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri(). 73350a6369 [3.2.x] Added stub release notes for 3.2.21. 75418f8c0e [3.2.x] Fixed #34756 -- Fixed docs HTML build on Sphinx 7.1+. 848fe70f3e [3.2.x] Added CVE-2023-36053 to security archive. 4012a87a58 [3.2.x] Post-release version bump. Release Notes: https://docs.djangoproject.com/en/dev/releases/3.2.21/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-django_3.2.20.bb => python3-django_3.2.21.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-django_3.2.20.bb => python3-django_3.2.21.bb} (61%) diff --git a/meta-python/recipes-devtools/python/python3-django_3.2.20.bb b/meta-python/recipes-devtools/python/python3-django_3.2.21.bb similarity index 61% rename from meta-python/recipes-devtools/python/python3-django_3.2.20.bb rename to meta-python/recipes-devtools/python/python3-django_3.2.21.bb index b5224b41c6c..1148669860c 100644 --- a/meta-python/recipes-devtools/python/python3-django_3.2.20.bb +++ b/meta-python/recipes-devtools/python/python3-django_3.2.21.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "dec2a116787b8e14962014bf78e120bba454135108e1af9e9b91ade7b2964c40" +SRC_URI[sha256sum] = "a5de4c484e7b7418e6d3e52a5b8794f0e6b9f9e4ce3c037018cf1c489fa87f3c" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ @@ -9,5 +9,5 @@ RDEPENDS:${PN} += "\ # Set DEFAULT_PREFERENCE so that the LTS version of django is built by # default. To build the 3.x branch, -# PREFERRED_VERSION_python3-django = "3.2.20" can be added to local.conf +# PREFERRED_VERSION_python3-django = "3.2.21" can be added to local.conf DEFAULT_PREFERENCE = "-1" From 9c5541f7e18a1fac3b8dea71e1ebb8398d58e6ff Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Wed, 27 Sep 2023 07:42:11 +0000 Subject: [PATCH 475/600] python3-django: upgrade 4.2.3 -> 4.2.5 The delta between 4.2.3 and 4.2.5 contains the CVE-2023-41164 fix and other bugfixes. git log --oneline 4.2.3..4.2.5 shows: b8b2f74512 (tag: 4.2.5) [4.2.x] Bumped version for 4.2.5 release. 9c51b4dcfa [4.2.x] Fixed CVE-2023-41164 -- Fixed potential DoS in django.utils.encoding.uri_to_iri(). acfb427522 [4.2.x] Fixed #34803 -- Fixed queryset crash when filtering againts deeply nested OuterRef annotations. 55a0b9c32e [4.2.x] Added stub release notes and release date for 4.2.5, 4.1.11, and 3.2.21. 8e8c318449 [4.2.x] Avoided counting exceptions in AsyncClient docs. dcb9d7a0e4 [4.2.x] Improved formset docs by using a set instead of a list in the custom validation example. f55b420277 [4.2.x] Fixed #34781 -- Updated logging ref docs for django.server's request extra context value. 46b2b08e45 [4.2.x] Fixed #34779 -- Avoided unnecessary selection of non-nullable m2m fields without natural keys during serialization. d34db6602e [4.2.x] Fixed #34773 -- Fixed syncing DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings with STORAGES. a22aeef555 [4.2.x] Fixed #15799 -- Doc'd that Storage._open() should raise FileNotFoundError when file doesn't exist. 936afc2deb [4.2.x] Refs #34754 -- Added missing FullResultSet import. 3a1863319c [4.2.x] Fixed #34754 -- Fixed JSONField check constraints validation on NULL values. 951dcbb2e6 [4.2.x] Fixed #34756 -- Fixed docs HTML build on Sphinx 7.1+. a750fd0d7f [4.2.x] Added stub release notes for 4.2.5. a56c46642d [4.2.x] Post-release version bump. 6f4c7c124a (tag: 4.2.4) [4.2.x] Bumped version for 4.2.4 release. e53d6239df [4.2.x] Added release date for 4.2.4. 8808d9da6b [4.2.x] Fixed #34750 -- Fixed QuerySet.count() when grouping by unused multi-valued annotations. 2ef2b2ffc0 [4.2.x] Corrected pycon formatting in some docs. 8db9a0b5a0 [4.2.x] Fixed warnings per flake8 6.1.0. 739da73164 [4.2.x] Fixed #34748 -- Fixed queryset crash when grouping by a reference in a subquery. a52a2b6678 [4.2.x] Fixed #34749 -- Corrected QuerySet.acreate() signature in docs. 12ebd9a1ac [4.2.x] Refs #34712 -- Doc'd that defining STORAGES overrides the default configuration. 1f9d00ef9f [4.2.x] Added missing backticks in docs. c99d935600 [4.2.x] Fixed typo in docs/ref/models/querysets.txt. da92a971a0 [4.2.x] Refs #30052 -- Clarified that defer() and only() do not work with aggregated fields. 7a67b065d7 [4.2.x] Fixed #34717 -- Fixed QuerySet.aggregate() crash when referencing window functions. c646412a75 Added reference to TypedChoiceField in ChoiceField docs. f474ba4cb5 [4.2.x] Fixed #34309 -- Doc'd how to fully delete an app. e54f711d42 [4.2.x] Fixed #33405, Refs #7177 -- Clarified docs for filter escapejs regarding safe and unsafe usages. 047844270b [4.2.x] Added stub release notes for 4.2.4. Release Notes: https://docs.djangoproject.com/en/dev/releases/4.2.5/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-django_4.2.3.bb => python3-django_4.2.5.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-django_4.2.3.bb => python3-django_4.2.5.bb} (61%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.3.bb b/meta-python/recipes-devtools/python/python3-django_4.2.5.bb similarity index 61% rename from meta-python/recipes-devtools/python/python3-django_4.2.3.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.5.bb index 1b6ae83fa9a..7b81d427c42 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.3.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.5.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "45a747e1c5b3d6df1b141b1481e193b033fd1fdbda3ff52677dc81afdaacbaed" +SRC_URI[sha256sum] = "5e5c1c9548ffb7796b4a8a4782e9a2e5a3df3615259fc1bfd3ebc73b646146c1" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ @@ -9,5 +9,5 @@ RDEPENDS:${PN} += "\ # Set DEFAULT_PREFERENCE so that the LTS version of django is built by # default. To build the 4.x branch, -# PREFERRED_VERSION_python3-django = "4.2.3" can be added to local.conf +# PREFERRED_VERSION_python3-django = "4.2.5" can be added to local.conf DEFAULT_PREFERENCE = "-1" From 1c653352c55b534eccd0f81a82e6430ab50f5f10 Mon Sep 17 00:00:00 2001 From: Jeffrey Pautler Date: Fri, 29 Sep 2023 12:07:31 -0500 Subject: [PATCH 476/600] bolt: disable CVE checking for this recipe This bolt product does not currently have an entry in the CVE database. However, the default cve-check logic that maps recipes to products in the CVE database is incorrectly matching this package to a different bolt product made by bolt-cms. As a result, CVE checking incorrectly reports CVEs for that product for this package. Signed-off-by: Jeffrey Pautler Signed-off-by: Khem Raj (cherry picked from commit 722c4f16eb388abc6a0bd518ea991a3a6bebe790) Signed-off-by: Jeffrey Pautler --- meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb b/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb index b6ad6337ce7..583cc6378a1 100644 --- a/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb +++ b/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb @@ -12,6 +12,8 @@ SRCREV = "5a8a5866a847561566499847d46a97c612b4e6dd" S = "${WORKDIR}/git" +CVE_CHECK_SKIP_RECIPE = "${PN}" + inherit cmake pkgconfig meson features_check FILES:${PN} += "${datadir}/dbus-1/* \ From f8bf94192f8f97488070f5148d77d5fe7797a526 Mon Sep 17 00:00:00 2001 From: Jeffrey Pautler Date: Wed, 4 Oct 2023 15:13:09 -0500 Subject: [PATCH 477/600] bolt: change product name used for CVE checking This bolt product does not currently have an entry in the CVE database. However, the default cve-check logic that maps recipes to products in the CVE database is incorrectly matching this package to a different bolt product made by bolt-cms. As a result, CVE checking incorrectly reports CVEs for that product for this package. Signed-off-by: Jeffrey Pautler Signed-off-by: Khem Raj (cherry picked from commit c1ea15792baaa6c6c3d7005d110ad4689051ba20) Signed-off-by: Jeffrey Pautler --- meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb b/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb index 583cc6378a1..0cc9d85422e 100644 --- a/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb +++ b/meta-oe/recipes-bsp/bolt/bolt_0.9.5.bb @@ -12,7 +12,7 @@ SRCREV = "5a8a5866a847561566499847d46a97c612b4e6dd" S = "${WORKDIR}/git" -CVE_CHECK_SKIP_RECIPE = "${PN}" +CVE_PRODUCT = "freedesktop:bolt" inherit cmake pkgconfig meson features_check From 2715358a3d7e134ae7e2dc689f40c4fdd47f6d4f Mon Sep 17 00:00:00 2001 From: "Polampalli, Archana" Date: Fri, 29 Sep 2023 17:43:19 +0000 Subject: [PATCH 478/600] samba: fix CVE-2023-34966 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-34966_0001.patch | 78 ++++++++++ .../samba/samba/CVE-2023-34966_0002.patch | 140 ++++++++++++++++++ .../samba/samba_4.14.14.bb | 2 + 3 files changed, 220 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0001.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0002.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0001.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0001.patch new file mode 100644 index 00000000000..77a383f09ec --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0001.patch @@ -0,0 +1,78 @@ +From 38664163fcac985d87e4274d198568e0fe88595e Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Fri, 26 May 2023 13:06:19 +0200 +Subject: [PATCH] CVE-2023-34966: mdssvc: harden sl_unpack_loop() + +A malicious client could send a packet where subcount is zero, leading to a busy +loop because + + count -= subcount +=> count -= 0 +=> while (count > 0) + +loops forever. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15340 + +Signed-off-by: Ralph Boehme + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/38664163fcac985d87e4274d198568e0fe88595e] + +CVE: CVE-2023-34966 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/marshalling.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/source3/rpc_server/mdssvc/marshalling.c b/source3/rpc_server/mdssvc/marshalling.c +index 9ba6ef571f2..d794ba15838 100644 +--- a/source3/rpc_server/mdssvc/marshalling.c ++++ b/source3/rpc_server/mdssvc/marshalling.c +@@ -1119,7 +1119,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + sl_nil_t nil = 0; + + subcount = tag.count; +- if (subcount > count) { ++ if (subcount < 1 || subcount > count) { + return -1; + } + for (i = 0; i < subcount; i++) { +@@ -1147,7 +1147,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + + case SQ_TYPE_INT64: + subcount = sl_unpack_ints(query, buf, offset, bufsize, encoding); +- if (subcount == -1 || subcount > count) { ++ if (subcount < 1 || subcount > count) { + return -1; + } + offset += tag.size; +@@ -1156,7 +1156,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + + case SQ_TYPE_UUID: + subcount = sl_unpack_uuid(query, buf, offset, bufsize, encoding); +- if (subcount == -1 || subcount > count) { ++ if (subcount < 1 || subcount > count) { + return -1; + } + offset += tag.size; +@@ -1165,7 +1165,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + + case SQ_TYPE_FLOAT: + subcount = sl_unpack_floats(query, buf, offset, bufsize, encoding); +- if (subcount == -1 || subcount > count) { ++ if (subcount < 1 || subcount > count) { + return -1; + } + offset += tag.size; +@@ -1174,7 +1174,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + + case SQ_TYPE_DATE: + subcount = sl_unpack_date(query, buf, offset, bufsize, encoding); +- if (subcount == -1 || subcount > count) { ++ if (subcount < 1 || subcount > count) { + return -1; + } + offset += tag.size; +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0002.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0002.patch new file mode 100644 index 00000000000..a86d1729cf4 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34966_0002.patch @@ -0,0 +1,140 @@ +From 10b6890d26b3c7a829a9e9a05ad1d1ff54daeca9 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Wed, 31 May 2023 15:34:26 +0200 +Subject: [PATCH] CVE-2023-34966: CI: test for sl_unpack_loop() + +Send a maliciously crafted packet where a nil type has a subcount of 0. This +triggers an endless loop in mdssvc sl_unpack_loop(). + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15340 + +Signed-off-by: Ralph Boehme + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/10b6890d26b3c7a829a9e9a05ad1d1ff54daeca9] + +CVE: CVE-2023-34966 + +Signed-off-by: Archana Polampalli +--- + source4/torture/rpc/mdssvc.c | 100 +++++++++++++++++++++++++++++++++++ + 1 file changed, 100 insertions(+) + +diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c +index 2d2a8306412..a9956ef8f1d 100644 +--- a/source4/torture/rpc/mdssvc.c ++++ b/source4/torture/rpc/mdssvc.c +@@ -581,6 +581,102 @@ done: + return ok; + } + ++static uint8_t test_sl_unpack_loop_buf[] = { ++ 0x34, 0x33, 0x32, 0x31, 0x33, 0x30, 0x64, 0x6d, ++ 0x1d, 0x00, 0x00, 0x00, 0x16, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x01, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x02, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x03, 0x00, 0x00, 0x00, ++ 0x06, 0x00, 0x00, 0x07, 0x04, 0x00, 0x00, 0x00, ++ 0x66, 0x65, 0x74, 0x63, 0x68, 0x41, 0x74, 0x74, ++ 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x3a, ++ 0x66, 0x6f, 0x72, 0x4f, 0x49, 0x44, 0x41, 0x72, ++ 0x72, 0x61, 0x79, 0x3a, 0x63, 0x6f, 0x6e, 0x74, ++ 0x65, 0x78, 0x74, 0x3a, 0x00, 0x00, 0x00, 0xea, ++ 0x02, 0x00, 0x00, 0x84, 0x02, 0x00, 0x00, 0x00, ++ 0x0a, 0x50, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x04, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x05, 0x00, 0x00, 0x00, ++ 0x03, 0x00, 0x00, 0x07, 0x03, 0x00, 0x00, 0x00, ++ 0x6b, 0x4d, 0x44, 0x49, 0x74, 0x65, 0x6d, 0x50, ++ 0x61, 0x74, 0x68, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0x00, 0x02, 0x06, 0x00, 0x00, 0x00, ++ 0x03, 0x00, 0x00, 0x87, 0x08, 0x00, 0x00, 0x00, ++ 0x01, 0x00, 0xdd, 0x0a, 0x20, 0x00, 0x00, 0x6b, ++ 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x07, 0x00, 0x00, 0x88, 0x00, 0x00, 0x00, 0x00, ++ 0x02, 0x00, 0x00, 0x0a, 0x03, 0x00, 0x00, 0x00, ++ 0x03, 0x00, 0x00, 0x0a, 0x03, 0x00, 0x00, 0x00, ++ 0x04, 0x00, 0x00, 0x0c, 0x04, 0x00, 0x00, 0x00, ++ 0x0e, 0x00, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x00, ++ 0x0f, 0x00, 0x00, 0x0c, 0x03, 0x00, 0x00, 0x00, ++ 0x13, 0x00, 0x00, 0x1a, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x01, 0x00, 0x01, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, ++ 0x00, 0x00, 0x00, 0x00 ++}; ++ ++static bool test_mdssvc_sl_unpack_loop(struct torture_context *tctx, ++ void *data) ++{ ++ struct torture_mdsscv_state *state = talloc_get_type_abort( ++ data, struct torture_mdsscv_state); ++ struct dcerpc_binding_handle *b = state->p->binding_handle; ++ struct mdssvc_blob request_blob; ++ struct mdssvc_blob response_blob; ++ uint32_t device_id; ++ uint32_t unkn2; ++ uint32_t unkn9; ++ uint32_t fragment; ++ uint32_t flags; ++ NTSTATUS status; ++ bool ok = true; ++ ++ device_id = UINT32_C(0x2f000045); ++ unkn2 = 23; ++ unkn9 = 0; ++ fragment = 0; ++ flags = UINT32_C(0x6b000001); ++ ++ request_blob.spotlight_blob = test_sl_unpack_loop_buf; ++ request_blob.size = sizeof(test_sl_unpack_loop_buf); ++ request_blob.length = sizeof(test_sl_unpack_loop_buf); ++ ++ response_blob.spotlight_blob = talloc_array(state, ++ uint8_t, ++ 0); ++ torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, ++ ok, done, "dalloc_zero failed\n"); ++ response_blob.size = 0; ++ ++ status = dcerpc_mdssvc_cmd(b, ++ state, ++ &state->ph, ++ 0, ++ device_id, ++ unkn2, ++ 0, ++ flags, ++ request_blob, ++ 0, ++ 64 * 1024, ++ 1, ++ 64 * 1024, ++ 0, ++ 0, ++ &fragment, ++ &response_blob, ++ &unkn9); ++ torture_assert_ntstatus_ok_goto( ++ tctx, status, ok, done, ++ "dcerpc_mdssvc_unknown1 failed\n"); ++ ++done: ++ return ok; ++} ++ + static bool test_mdssvc_invalid_ph_close(struct torture_context *tctx, + void *data) + { +@@ -856,5 +952,9 @@ struct torture_suite *torture_rpc_mdssvc(TALLOC_CTX *mem_ctx) + "fetch_unknown_cnid", + test_mdssvc_fetch_attr_unknown_cnid); + ++ torture_tcase_add_simple_test(tcase, ++ "mdssvc_sl_unpack_loop", ++ test_mdssvc_sl_unpack_loop); ++ + return suite; + } +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 72021745b34..11b6ade405e 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -33,6 +33,8 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2022-45142.patch;patchdir=source4/heimdal \ file://CVE-2022-41916.patch;patchdir=source4/heimdal \ file://CVE-2021-44758.patch;patchdir=source4/heimdal \ + file://CVE-2023-34966_0001.patch \ + file://CVE-2023-34966_0002.patch \ " SRC_URI:append:libc-musl = " \ From 112397bdfe59c9479309d3838a34fc2ef579c44f Mon Sep 17 00:00:00 2001 From: "Polampalli, Archana" Date: Fri, 29 Sep 2023 17:43:20 +0000 Subject: [PATCH 479/600] samba: fix CVE-2022-2127 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2022-2127.patch | 44 +++++++++++++++++++ .../samba/samba_4.14.14.bb | 1 + 2 files changed, 45 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2022-2127.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2022-2127.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2022-2127.patch new file mode 100644 index 00000000000..e94d5d538bb --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2022-2127.patch @@ -0,0 +1,44 @@ +From 53838682570135b753fa622dfcde111528563c2d Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Fri, 16 Jun 2023 12:28:47 +0200 +Subject: [PATCH] CVE-2022-2127: ntlm_auth: cap lanman response length value + +We already copy at most sizeof(request.data.auth_crap.lm_resp) bytes to the +lm_resp buffer, but we don't cap the length indicator. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15072 + +Signed-off-by: Ralph Boehme + +CVE: CVE-2022-2127 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/53838682570135b753fa622dfcde111528563c2d] + +Signed-off-by: Archana Polampalli +--- + source3/utils/ntlm_auth.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c +index 02a2379..c82ea45 100644 +--- a/source3/utils/ntlm_auth.c ++++ b/source3/utils/ntlm_auth.c +@@ -574,10 +574,14 @@ NTSTATUS contact_winbind_auth_crap(const char *username, + memcpy(request.data.auth_crap.chal, challenge->data, MIN(challenge->length, 8)); + + if (lm_response && lm_response->length) { ++ size_t capped_lm_response_len = MIN( ++ lm_response->length, ++ sizeof(request.data.auth_crap.lm_resp)); ++ + memcpy(request.data.auth_crap.lm_resp, + lm_response->data, +- MIN(lm_response->length, sizeof(request.data.auth_crap.lm_resp))); +- request.data.auth_crap.lm_resp_len = lm_response->length; ++ capped_lm_response_len); ++ request.data.auth_crap.lm_resp_len = capped_lm_response_len; + } + + if (nt_response && nt_response->length) { +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 11b6ade405e..b71c4b3fcae 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -35,6 +35,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2021-44758.patch;patchdir=source4/heimdal \ file://CVE-2023-34966_0001.patch \ file://CVE-2023-34966_0002.patch \ + file://CVE-2022-2127.patch \ " SRC_URI:append:libc-musl = " \ From bbe79e4f1787b97ec6c227720ffee06a690e2ab5 Mon Sep 17 00:00:00 2001 From: "Polampalli, Archana" Date: Fri, 29 Sep 2023 17:43:21 +0000 Subject: [PATCH 480/600] samba:fix CVE-2023-34967 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-34967_0001.patch | 178 ++++++++++++++++++ .../samba/samba/CVE-2023-34967_0002.patch | 125 ++++++++++++ .../samba/samba_4.14.14.bb | 2 + 3 files changed, 305 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0001.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0002.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0001.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0001.patch new file mode 100644 index 00000000000..e30e54ab96b --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0001.patch @@ -0,0 +1,178 @@ +From 3b3c30e2acfb00d04c4013e32343bc277d5b1aa8 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Wed, 31 May 2023 16:26:14 +0200 +Subject: [PATCH] CVE-2023-34967: CI: add a test for type checking of + dalloc_value_for_key() + +Sends a maliciously crafted packet where the value in a key/value style +dictionary for the "scope" key is a simple string object whereas the server +expects an array. As the server doesn't perform type validation on the value, it +crashes when trying to use the "simple" object as a "complex" one. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15341 + +Signed-off-by: Ralph Boehme + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/3b3c30e2acfb00d04c4013e32343bc277d5b1aa8] + +CVE: CVE-2023-34967 + +Signed-off-by: Archana Polampalli +--- + source4/torture/rpc/mdssvc.c | 134 +++++++++++++++++++++++++++++++++++ + 1 file changed, 134 insertions(+) + +diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c +index f5f5939..1dce403 100644 +--- a/source4/torture/rpc/mdssvc.c ++++ b/source4/torture/rpc/mdssvc.c +@@ -666,6 +666,136 @@ done: + return ok; + } + ++static bool test_sl_dict_type_safety(struct torture_context *tctx, ++ void *data) ++{ ++ struct torture_mdsscv_state *state = talloc_get_type_abort( ++ data, struct torture_mdsscv_state); ++ struct dcerpc_binding_handle *b = state->p->binding_handle; ++ struct mdssvc_blob request_blob; ++ struct mdssvc_blob response_blob; ++ uint64_t ctx1 = 0xdeadbeef; ++ uint64_t ctx2 = 0xcafebabe; ++ uint32_t device_id; ++ uint32_t unkn2; ++ uint32_t unkn9; ++ uint32_t fragment; ++ uint32_t flags; ++ DALLOC_CTX *d = NULL; ++ sl_array_t *array1 = NULL, *array2 = NULL; ++ sl_dict_t *arg = NULL; ++ int result; ++ NTSTATUS status; ++ bool ok = true; ++ ++ device_id = UINT32_C(0x2f000045); ++ unkn2 = 23; ++ unkn9 = 0; ++ fragment = 0; ++ flags = UINT32_C(0x6b000001); ++ ++ d = dalloc_new(tctx); ++ torture_assert_not_null_goto(tctx, d, ++ ok, done, "dalloc_new failed\n"); ++ ++ array1 = dalloc_zero(d, sl_array_t); ++ torture_assert_not_null_goto(tctx, array1, ++ ok, done, "dalloc_zero failed\n"); ++ ++ array2 = dalloc_zero(d, sl_array_t); ++ torture_assert_not_null_goto(tctx, array2, ++ ok, done, "dalloc_new failed\n"); ++ ++ result = dalloc_stradd(array2, "openQueryWithParams:forContext:"); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_add_copy(array2, &ctx1, uint64_t); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_add_copy(array2, &ctx2, uint64_t); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ arg = dalloc_zero(array1, sl_dict_t); ++ torture_assert_not_null_goto(tctx, d, ++ ok, done, "dalloc_zero failed\n"); ++ ++ result = dalloc_stradd(arg, "kMDQueryString"); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_stradd(arg, "*"); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_stradd(arg, "kMDScopeArray"); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_stradd(arg, "AAAABBBB"); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_stradd failed\n"); ++ ++ result = dalloc_add(array1, array2, sl_array_t); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_add failed\n"); ++ ++ result = dalloc_add(array1, arg, sl_dict_t); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_add failed\n"); ++ ++ result = dalloc_add(d, array1, sl_array_t); ++ torture_assert_goto(tctx, result == 0, ++ ok, done, "dalloc_add failed\n"); ++ ++ torture_comment(tctx, "%s", dalloc_dump(d, 0)); ++ ++ request_blob.spotlight_blob = talloc_array(tctx, ++ uint8_t, ++ 64 * 1024); ++ torture_assert_not_null_goto(tctx, request_blob.spotlight_blob, ++ ok, done, "dalloc_new failed\n"); ++ request_blob.size = 64 * 1024; ++ ++ request_blob.length = sl_pack(d, ++ (char *)request_blob.spotlight_blob, ++ request_blob.size); ++ torture_assert_goto(tctx, request_blob.length > 0, ++ ok, done, "sl_pack failed\n"); ++ ++ response_blob.spotlight_blob = talloc_array(state, uint8_t, 0); ++ torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, ++ ok, done, "dalloc_zero failed\n"); ++ response_blob.size = 0; ++ ++ status = dcerpc_mdssvc_cmd(b, ++ state, ++ &state->ph, ++ 0, ++ device_id, ++ unkn2, ++ 0, ++ flags, ++ request_blob, ++ 0, ++ 64 * 1024, ++ 1, ++ 64 * 1024, ++ 0, ++ 0, ++ &fragment, ++ &response_blob, ++ &unkn9); ++ torture_assert_ntstatus_ok_goto( ++ tctx, status, ok, done, ++ "dcerpc_mdssvc_cmd failed\n"); ++ ++done: ++ return ok; ++} ++ + static bool test_mdssvc_invalid_ph_close(struct torture_context *tctx, + void *data) + { +@@ -940,6 +1070,10 @@ struct torture_suite *torture_rpc_mdssvc(TALLOC_CTX *mem_ctx) + torture_tcase_add_simple_test(tcase, + "mdssvc_sl_unpack_loop", + test_mdssvc_sl_unpack_loop); ++ torture_tcase_add_simple_test(tcase, ++ "sl_dict_type_safety", ++ test_sl_dict_type_safety); ++ + + return suite; + } +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0002.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0002.patch new file mode 100644 index 00000000000..2e4907ab62c --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34967_0002.patch @@ -0,0 +1,125 @@ +From 049c13245649fab412b61a5b55e5a7dea72d7c72 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Fri, 26 May 2023 15:06:38 +0200 +Subject: [PATCH] CVE-2023-34967: mdssvc: add type checking to + dalloc_value_for_key() + +Change the dalloc_value_for_key() function to require an additional final +argument which denotes the expected type of the value associated with a key. If +the types don't match, return NULL. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15341 + +Signed-off-by: Ralph Boehme + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/4c60e35add4a1abd04334012a8d6edf1c3f396ba] + +CVE: CVE-2023-34967 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/dalloc.c | 14 ++++++++++---- + source3/rpc_server/mdssvc/mdssvc.c | 17 +++++++++++++---- + 2 files changed, 23 insertions(+), 8 deletions(-) + +diff --git a/source3/rpc_server/mdssvc/dalloc.c b/source3/rpc_server/mdssvc/dalloc.c +index 007702d..8b79b41 100644 +--- a/source3/rpc_server/mdssvc/dalloc.c ++++ b/source3/rpc_server/mdssvc/dalloc.c +@@ -159,7 +159,7 @@ void *dalloc_value_for_key(const DALLOC_CTX *d, ...) + int result = 0; + void *p = NULL; + va_list args; +- const char *type; ++ const char *type = NULL; + int elem; + size_t array_len; + +@@ -170,7 +170,6 @@ void *dalloc_value_for_key(const DALLOC_CTX *d, ...) + array_len = talloc_array_length(d->dd_talloc_array); + elem = va_arg(args, int); + if (elem >= array_len) { +- va_end(args); + result = -1; + goto done; + } +@@ -178,8 +177,6 @@ void *dalloc_value_for_key(const DALLOC_CTX *d, ...) + type = va_arg(args, const char *); + } + +- va_end(args); +- + array_len = talloc_array_length(d->dd_talloc_array); + + for (elem = 0; elem + 1 < array_len; elem += 2) { +@@ -192,8 +189,17 @@ void *dalloc_value_for_key(const DALLOC_CTX *d, ...) + break; + } + } ++ if (p == NULL) { ++ goto done; ++ } ++ ++ type = va_arg(args, const char *); ++ if (strcmp(talloc_get_name(p), type) != 0) { ++ p = NULL; ++ } + + done: ++ va_end(args); + if (result != 0) { + p = NULL; + } +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index a983a88..fe6e0c2 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -884,7 +884,8 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, + + querystring = dalloc_value_for_key(query, "DALLOC_CTX", 0, + "DALLOC_CTX", 1, +- "kMDQueryString"); ++ "kMDQueryString", ++ "char *"); + if (querystring == NULL) { + DEBUG(1, ("missing kMDQueryString\n")); + goto error; +@@ -924,8 +925,11 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, + slq->ctx2 = *uint64p; + + path_scope = dalloc_value_for_key(query, "DALLOC_CTX", 0, +- "DALLOC_CTX", 1, "kMDScopeArray"); ++ "DALLOC_CTX", 1, ++ "kMDScopeArray", ++ "sl_array_t"); + if (path_scope == NULL) { ++ DBG_ERR("missing kMDScopeArray\n"); + goto error; + } + +@@ -940,8 +944,11 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, + } + + reqinfo = dalloc_value_for_key(query, "DALLOC_CTX", 0, +- "DALLOC_CTX", 1, "kMDAttributeArray"); ++ "DALLOC_CTX", 1, ++ "kMDAttributeArray", ++ "sl_array_t"); + if (reqinfo == NULL) { ++ DBG_ERR("missing kMDAttributeArray\n"); + goto error; + } + +@@ -949,7 +956,9 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, + DEBUG(10, ("requested attributes: %s", dalloc_dump(reqinfo, 0))); + + cnids = dalloc_value_for_key(query, "DALLOC_CTX", 0, +- "DALLOC_CTX", 1, "kMDQueryItemArray"); ++ "DALLOC_CTX", 1, ++ "kMDQueryItemArray", ++ "sl_array_t"); + if (cnids) { + ok = sort_cnids(slq, cnids->ca_cnids); + if (!ok) { +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index b71c4b3fcae..73e8a82e89b 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -36,6 +36,8 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2023-34966_0001.patch \ file://CVE-2023-34966_0002.patch \ file://CVE-2022-2127.patch \ + file://CVE-2023-34967_0001.patch \ + file://CVE-2023-34967_0002.patch \ " SRC_URI:append:libc-musl = " \ From baf6153112e416cf2fe05351a1b007d88f0ef1a4 Mon Sep 17 00:00:00 2001 From: "Polampalli, Archana" Date: Tue, 3 Oct 2023 11:47:40 +0000 Subject: [PATCH 481/600] samba: fix CVE-2023-34968 A path disclosure vulnerability was found in Samba. As part of the Spotlight protocol, Samba discloses the server-side absolute path of shares, files, and directories in the results for search queries. This flaw allows a malicious client or an attacker with a targeted RPC request to view the information that is part of the disclosed path. Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-34968_0001.patch | 104 ++++ .../samba/samba/CVE-2023-34968_0002.patch | 39 ++ .../samba/samba/CVE-2023-34968_0003.patch | 65 +++ .../samba/samba/CVE-2023-34968_0004.patch | 85 +++ .../samba/samba/CVE-2023-34968_0005.patch | 83 +++ .../samba/samba/CVE-2023-34968_0006.patch | 57 +++ .../samba/samba/CVE-2023-34968_0007.patch | 49 ++ .../samba/samba/CVE-2023-34968_0008.patch | 62 +++ .../samba/samba/CVE-2023-34968_0009.patch | 465 +++++++++++++++++ .../samba/samba/CVE-2023-34968_0010.patch | 484 ++++++++++++++++++ .../samba/samba/CVE-2023-34968_0011.patch | 295 +++++++++++ .../samba/samba_4.14.14.bb | 11 + 12 files changed, 1799 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0001.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0002.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0003.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0004.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0005.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0006.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0007.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0008.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0009.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0010.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0011.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0001.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0001.patch new file mode 100644 index 00000000000..ad8e3e4ce30 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0001.patch @@ -0,0 +1,104 @@ +From 98b2a013bc723cd660978d5a1db40b987816f90e Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 6 Jun 2023 15:17:26 +0200 +Subject: [PATCH] CVE-2023-34968: mdssvc: cache and reuse stat info in struct + sl_inode_path_map + +Prepare for the "path" being a fake path and not the real server-side +path where we won't be able to vfs_stat_fsp() this fake path. Luckily we already +got stat info for the object in mds_add_result() so we can just pass stat info +from there. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/98b2a013bc723cd660978d5a1db40b987816f90e] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/mdssvc.c | 32 +++++++----------------------- + source3/rpc_server/mdssvc/mdssvc.h | 1 + + 2 files changed, 8 insertions(+), 25 deletions(-) + +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index 26a3ec7..a6cc653 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -446,7 +446,10 @@ static int ino_path_map_destr_cb(struct sl_inode_path_map *entry) + * entries by calling talloc_free() on the query slq handles. + **/ + +-static bool inode_map_add(struct sl_query *slq, uint64_t ino, const char *path) ++static bool inode_map_add(struct sl_query *slq, ++ uint64_t ino, ++ const char *path, ++ struct stat_ex *st) + { + NTSTATUS status; + struct sl_inode_path_map *entry; +@@ -493,6 +496,7 @@ static bool inode_map_add(struct sl_query *slq, uint64_t ino, const char *path) + + entry->ino = ino; + entry->mds_ctx = slq->mds_ctx; ++ entry->st = *st; + entry->path = talloc_strdup(entry, path); + if (entry->path == NULL) { + DEBUG(1, ("talloc failed\n")); +@@ -629,7 +633,7 @@ bool mds_add_result(struct sl_query *slq, const char *path) + return false; + } + +- ok = inode_map_add(slq, ino64, path); ++ ok = inode_map_add(slq, ino64, path, &sb); + if (!ok) { + DEBUG(1, ("inode_map_add error\n")); + slq->state = SLQ_STATE_ERROR; +@@ -1350,29 +1354,7 @@ static bool slrpc_fetch_attributes(struct mds_ctx *mds_ctx, + elem = talloc_get_type_abort(p, struct sl_inode_path_map); + path = elem->path; + +- status = synthetic_pathref(talloc_tos(), +- mds_ctx->conn->cwd_fsp, +- path, +- NULL, +- NULL, +- 0, +- 0, +- &smb_fname); +- if (!NT_STATUS_IS_OK(status)) { +- /* This is not an error, the user may lack permissions */ +- DBG_DEBUG("synthetic_pathref [%s]: %s\n", +- smb_fname_str_dbg(smb_fname), +- nt_errstr(status)); +- return true; +- } +- +- result = SMB_VFS_FSTAT(smb_fname->fsp, &smb_fname->st); +- if (result != 0) { +- TALLOC_FREE(smb_fname); +- return true; +- } +- +- sp = &smb_fname->st; ++ sp = &elem->st; + } + + ok = add_filemeta(mds_ctx, reqinfo, fm_array, path, sp); +diff --git a/source3/rpc_server/mdssvc/mdssvc.h b/source3/rpc_server/mdssvc/mdssvc.h +index 3924827..a097991 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.h ++++ b/source3/rpc_server/mdssvc/mdssvc.h +@@ -105,6 +105,7 @@ struct sl_inode_path_map { + struct mds_ctx *mds_ctx; + uint64_t ino; + char *path; ++ struct stat_ex st; + }; + + /* Per process state */ +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0002.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0002.patch new file mode 100644 index 00000000000..21b98c4d7e8 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0002.patch @@ -0,0 +1,39 @@ +From 47a0c1681dd1e7ec407679793966ec8bdc08a24e Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 17 Jun 2023 13:39:55 +0200 +Subject: [PATCH] CVE-2023-34968: mdssvc: add missing "kMDSStoreMetaScopes" + dict key in slrpc_fetch_properties() + +We were adding the value, but not the key. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/47a0c1681dd1e7ec407679793966ec8bdc08a24e] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/mdssvc.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index a6d09a43b9c..9c23ef95753 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -730,6 +730,10 @@ static bool slrpc_fetch_properties(struct mds_ctx *mds_ctx, + } + + /* kMDSStoreMetaScopes array */ ++ result = dalloc_stradd(dict, "kMDSStoreMetaScopes"); ++ if (result != 0) { ++ return false; ++ } + array = dalloc_zero(dict, sl_array_t); + if (array == NULL) { + return NULL; +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0003.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0003.patch new file mode 100644 index 00000000000..42106d82b81 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0003.patch @@ -0,0 +1,65 @@ +From 56a21b3bc8fb24416ead9061f9305c8122bc7f86 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Mon, 19 Jun 2023 17:14:38 +0200 +Subject: [PATCH] CVE-2023-34968: mdscli: use correct TALLOC memory context + when allocating spotlight_blob + +d is talloc_free()d at the end of the functions and the buffer was later used +after beeing freed in the DCERPC layer when sending the packet. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/56a21b3bc8fb24416ead9061f9305c8122bc7f86] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_client/cli_mdssvc_util.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/source3/rpc_client/cli_mdssvc_util.c b/source3/rpc_client/cli_mdssvc_util.c +index fe5092c3790..892a844e71a 100644 +--- a/source3/rpc_client/cli_mdssvc_util.c ++++ b/source3/rpc_client/cli_mdssvc_util.c +@@ -209,7 +209,7 @@ NTSTATUS mdscli_blob_search(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(d, ++ blob->spotlight_blob = talloc_array(mem_ctx, + uint8_t, + ctx->max_fragment_size); + if (blob->spotlight_blob == NULL) { +@@ -293,7 +293,7 @@ NTSTATUS mdscli_blob_get_results(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(d, ++ blob->spotlight_blob = talloc_array(mem_ctx, + uint8_t, + ctx->max_fragment_size); + if (blob->spotlight_blob == NULL) { +@@ -426,7 +426,7 @@ NTSTATUS mdscli_blob_get_path(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(d, ++ blob->spotlight_blob = talloc_array(mem_ctx, + uint8_t, + ctx->max_fragment_size); + if (blob->spotlight_blob == NULL) { +@@ -510,7 +510,7 @@ NTSTATUS mdscli_blob_close_search(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(d, ++ blob->spotlight_blob = talloc_array(mem_ctx, + uint8_t, + ctx->max_fragment_size); + if (blob->spotlight_blob == NULL) { +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0004.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0004.patch new file mode 100644 index 00000000000..785908b5282 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0004.patch @@ -0,0 +1,85 @@ +From 0ae6084d1a9c4eb12e9f1ab1902e00f96bcbea55 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Mon, 19 Jun 2023 18:28:41 +0200 +Subject: [PATCH] CVE-2023-34968: mdscli: remove response blob allocation + +This is handled by the NDR code transparently. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher +--- + source3/rpc_client/cli_mdssvc.c | 36 --------------------------------- + 1 file changed, 36 deletions(-) + +diff --git a/source3/rpc_client/cli_mdssvc.c b/source3/rpc_client/cli_mdssvc.c +index 046d37135cb..474d7c0b150 100644 +--- a/source3/rpc_client/cli_mdssvc.c ++++ b/source3/rpc_client/cli_mdssvc.c +@@ -276,15 +276,6 @@ struct tevent_req *mdscli_search_send(TALLOC_CTX *mem_ctx, + return tevent_req_post(req, ev); + } + +- state->response_blob.spotlight_blob = talloc_array( +- state, +- uint8_t, +- mdscli_ctx->max_fragment_size); +- if (tevent_req_nomem(state->response_blob.spotlight_blob, req)) { +- return tevent_req_post(req, ev); +- } +- state->response_blob.size = mdscli_ctx->max_fragment_size; +- + subreq = dcerpc_mdssvc_cmd_send(state, + ev, + mdscli_ctx->bh, +@@ -457,15 +448,6 @@ struct tevent_req *mdscli_get_results_send( + return tevent_req_post(req, ev); + } + +- state->response_blob.spotlight_blob = talloc_array( +- state, +- uint8_t, +- mdscli_ctx->max_fragment_size); +- if (tevent_req_nomem(state->response_blob.spotlight_blob, req)) { +- return tevent_req_post(req, ev); +- } +- state->response_blob.size = mdscli_ctx->max_fragment_size; +- + subreq = dcerpc_mdssvc_cmd_send(state, + ev, + mdscli_ctx->bh, +@@ -681,15 +663,6 @@ struct tevent_req *mdscli_get_path_send(TALLOC_CTX *mem_ctx, + return tevent_req_post(req, ev); + } + +- state->response_blob.spotlight_blob = talloc_array( +- state, +- uint8_t, +- mdscli_ctx->max_fragment_size); +- if (tevent_req_nomem(state->response_blob.spotlight_blob, req)) { +- return tevent_req_post(req, ev); +- } +- state->response_blob.size = mdscli_ctx->max_fragment_size; +- + subreq = dcerpc_mdssvc_cmd_send(state, + ev, + mdscli_ctx->bh, +@@ -852,15 +825,6 @@ struct tevent_req *mdscli_close_search_send(TALLOC_CTX *mem_ctx, + return tevent_req_post(req, ev); + } + +- state->response_blob.spotlight_blob = talloc_array( +- state, +- uint8_t, +- mdscli_ctx->max_fragment_size); +- if (tevent_req_nomem(state->response_blob.spotlight_blob, req)) { +- return tevent_req_post(req, ev); +- } +- state->response_blob.size = mdscli_ctx->max_fragment_size; +- + subreq = dcerpc_mdssvc_cmd_send(state, + ev, + mdscli_ctx->bh, +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0005.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0005.patch new file mode 100644 index 00000000000..308b441e95b --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0005.patch @@ -0,0 +1,83 @@ +From 353a9ccea6ff93ea2cd604dcc2b0372f056f819d Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 20 Jun 2023 11:28:47 +0200 +Subject: [PATCH] CVE-2023-34968: smbtorture: remove response blob allocation + in mdssvc.c + +This is alreay done by NDR for us. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/353a9ccea6ff93ea2cd604dcc2b0372f056f819d] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli + +--- + source4/torture/rpc/mdssvc.c | 26 -------------------------- + 1 file changed, 26 deletions(-) + +diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c +index 3689692f7de..a16bd5b47e3 100644 +--- a/source4/torture/rpc/mdssvc.c ++++ b/source4/torture/rpc/mdssvc.c +@@ -536,13 +536,6 @@ static bool test_mdssvc_invalid_ph_cmd(struct torture_context *tctx, + request_blob.length = 0; + request_blob.size = 0; + +- response_blob.spotlight_blob = talloc_array(state, +- uint8_t, +- 0); +- torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, +- ok, done, "dalloc_zero failed\n"); +- response_blob.size = 0; +- + status = dcerpc_mdssvc_cmd(b, + state, + &ph, +@@ -632,13 +625,6 @@ static bool test_mdssvc_sl_unpack_loop(struct torture_context *tctx, + request_blob.size = sizeof(test_sl_unpack_loop_buf); + request_blob.length = sizeof(test_sl_unpack_loop_buf); + +- response_blob.spotlight_blob = talloc_array(state, +- uint8_t, +- 0); +- torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, +- ok, done, "dalloc_zero failed\n"); +- response_blob.size = 0; +- + status = dcerpc_mdssvc_cmd(b, + state, + &state->ph, +@@ -764,11 +750,6 @@ static bool test_sl_dict_type_safety(struct torture_context *tctx, + torture_assert_goto(tctx, request_blob.length > 0, + ok, done, "sl_pack failed\n"); + +- response_blob.spotlight_blob = talloc_array(state, uint8_t, 0); +- torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, +- ok, done, "dalloc_zero failed\n"); +- response_blob.size = 0; +- + status = dcerpc_mdssvc_cmd(b, + state, + &state->ph, +@@ -926,13 +907,6 @@ static bool test_mdssvc_fetch_attr_unknown_cnid(struct torture_context *tctx, + ret, done, "dalloc_zero failed\n"); + request_blob.size = max_fragment_size; + +- response_blob.spotlight_blob = talloc_array(state, +- uint8_t, +- max_fragment_size); +- torture_assert_not_null_goto(tctx, response_blob.spotlight_blob, +- ret, done, "dalloc_zero failed\n"); +- response_blob.size = max_fragment_size; +- + len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); + torture_assert_goto(tctx, len != -1, ret, done, "sl_pack failed\n"); + +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0006.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0006.patch new file mode 100644 index 00000000000..34526a8c8ee --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0006.patch @@ -0,0 +1,57 @@ +From 449f1280b718c6da3b8e309fe124be4e9bfd8184 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 20 Jun 2023 11:35:41 +0200 +Subject: [PATCH] CVE-2023-34968: rpcclient: remove response blob allocation + +This is alreay done by NDR for us. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/449f1280b718c6da3b8e309fe124be4e9bfd8184] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpcclient/cmd_spotlight.c | 16 ---------------- + 1 file changed, 16 deletions(-) + +diff --git a/source3/rpcclient/cmd_spotlight.c b/source3/rpcclient/cmd_spotlight.c +index 24db9893df6..64fe321089c 100644 +--- a/source3/rpcclient/cmd_spotlight.c ++++ b/source3/rpcclient/cmd_spotlight.c +@@ -144,13 +144,6 @@ static NTSTATUS cmd_mdssvc_fetch_properties( + } + request_blob.size = max_fragment_size; + +- response_blob.spotlight_blob = talloc_array(mem_ctx, uint8_t, max_fragment_size); +- if (response_blob.spotlight_blob == NULL) { +- status = NT_STATUS_INTERNAL_ERROR; +- goto done; +- } +- response_blob.size = max_fragment_size; +- + len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); + if (len == -1) { + status = NT_STATUS_INTERNAL_ERROR; +@@ -368,15 +361,6 @@ static NTSTATUS cmd_mdssvc_fetch_attributes( + } + request_blob.size = max_fragment_size; + +- response_blob.spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- max_fragment_size); +- if (response_blob.spotlight_blob == NULL) { +- status = NT_STATUS_INTERNAL_ERROR; +- goto done; +- } +- response_blob.size = max_fragment_size; +- + len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); + if (len == -1) { + status = NT_STATUS_INTERNAL_ERROR; +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0007.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0007.patch new file mode 100644 index 00000000000..679e174c050 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0007.patch @@ -0,0 +1,49 @@ +From cc593a6ac531f02f2fe70fd4f7dfe649a02f9206 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 20 Jun 2023 11:42:10 +0200 +Subject: [PATCH] CVE-2023-34968: mdssvc: remove response blob allocation + +This is alreay done by NDR for us. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/cc593a6ac531f02f2fe70fd4f7dfe649a02f9206] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 8 -------- + 1 file changed, 8 deletions(-) + +diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +index b8eed8b..714e6c1 100644 +--- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c ++++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +@@ -209,7 +209,6 @@ void _mdssvc_unknown1(struct pipes_struct *p, struct mdssvc_unknown1 *r) + void _mdssvc_cmd(struct pipes_struct *p, struct mdssvc_cmd *r) + { + bool ok; +- char *rbuf; + struct mds_ctx *mds_ctx; + NTSTATUS status; + +@@ -266,13 +265,6 @@ void _mdssvc_cmd(struct pipes_struct *p, struct mdssvc_cmd *r) + return; + } + +- rbuf = talloc_zero_array(p->mem_ctx, char, r->in.max_fragment_size1); +- if (rbuf == NULL) { +- p->fault_state = DCERPC_FAULT_CANT_PERFORM; +- return; +- } +- r->out.response_blob->spotlight_blob = (uint8_t *)rbuf; +- r->out.response_blob->size = r->in.max_fragment_size1; + + /* We currently don't use fragmentation at the mdssvc RPC layer */ + *r->out.fragment = 0; +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0008.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0008.patch new file mode 100644 index 00000000000..e65379fe835 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0008.patch @@ -0,0 +1,62 @@ +From 397919e82b493206ae9b60bb9c539d52c3207729 Mon Sep 17 00:00:00 2001 +From: Archana Polampalli +Date: Fri, 29 Sep 2023 08:59:31 +0000 +Subject: [PATCH] CVE-2023-34968: mdssvc: switch to doing an early return + +Just reduce indentation of the code handling the success case. No change in +behaviour. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/397919e82b493206ae9b60bb9c539d52c3207729] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_server/mdssvc/mdssvc.c | 26 ++++++++++++++------------ + 1 file changed, 14 insertions(+), 12 deletions(-) + +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index a6cc653..0e6a916 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -1798,19 +1798,21 @@ bool mds_dispatch(struct mds_ctx *mds_ctx, + } + + ok = slcmd->function(mds_ctx, query, reply); +- if (ok) { +- DBG_DEBUG("%s", dalloc_dump(reply, 0)); +- +- len = sl_pack(reply, +- (char *)response_blob->spotlight_blob, +- response_blob->size); +- if (len == -1) { +- DBG_ERR("error packing Spotlight RPC reply\n"); +- ok = false; +- goto cleanup; +- } +- response_blob->length = len; ++ if (!ok) { ++ goto cleanup; ++ } ++ ++ DBG_DEBUG("%s", dalloc_dump(reply, 0)); ++ ++ len = sl_pack(reply, ++ (char *)response_blob->spotlight_blob, ++ response_blob->size); ++ if (len == -1) { ++ DBG_ERR("error packing Spotlight RPC reply\n"); ++ ok = false; ++ goto cleanup; + } ++ response_blob->length = len; + + cleanup: + talloc_free(query); +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0009.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0009.patch new file mode 100644 index 00000000000..e21f2ba4bea --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0009.patch @@ -0,0 +1,465 @@ +From cb8313e7bee75454ce29d2b2f657927259298f52 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Mon, 19 Jun 2023 18:16:57 +0200 +Subject: [PATCH] CVE-2023-34968: mdssvc: introduce an allocating wrapper to + sl_pack() + +sl_pack_alloc() does the buffer allocation that previously all callers of +sl_pack() did themselves. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/cb8313e7bee75454ce29d2b2f657927259298f52] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/rpc_client/cli_mdssvc_util.c | 80 +++++------------------ + source3/rpc_server/mdssvc/marshalling.c | 35 ++++++++-- + source3/rpc_server/mdssvc/marshalling.h | 9 ++- + source3/rpc_server/mdssvc/mdssvc.c | 18 ++--- + source3/rpc_server/mdssvc/mdssvc.h | 5 +- + source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 5 +- + source3/rpcclient/cmd_spotlight.c | 32 ++------- + source4/torture/rpc/mdssvc.c | 24 ++----- + 8 files changed, 80 insertions(+), 128 deletions(-) + +diff --git a/source3/rpc_client/cli_mdssvc_util.c b/source3/rpc_client/cli_mdssvc_util.c +index 892a844..a39202d 100644 +--- a/source3/rpc_client/cli_mdssvc_util.c ++++ b/source3/rpc_client/cli_mdssvc_util.c +@@ -42,7 +42,7 @@ NTSTATUS mdscli_blob_search(TALLOC_CTX *mem_ctx, + sl_array_t *scope_array = NULL; + double dval; + uint64_t uint64val; +- ssize_t len; ++ NTSTATUS status; + int ret; + + d = dalloc_new(mem_ctx); +@@ -209,23 +209,11 @@ NTSTATUS mdscli_blob_search(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- ctx->max_fragment_size); +- if (blob->spotlight_blob == NULL) { +- TALLOC_FREE(d); +- return NT_STATUS_NO_MEMORY; +- } +- blob->size = ctx->max_fragment_size; +- +- len = sl_pack(d, (char *)blob->spotlight_blob, blob->size); ++ status = sl_pack_alloc(mem_ctx, d, blob, ctx->max_fragment_size); + TALLOC_FREE(d); +- if (len == -1) { +- return NT_STATUS_NO_MEMORY; ++ if (!NT_STATUS_IS_OK(status)) { ++ return status; + } +- +- blob->length = len; +- blob->size = len; + return NT_STATUS_OK; + } + +@@ -238,7 +226,7 @@ NTSTATUS mdscli_blob_get_results(TALLOC_CTX *mem_ctx, + uint64_t *uint64p = NULL; + sl_array_t *array = NULL; + sl_array_t *cmd_array = NULL; +- ssize_t len; ++ NTSTATUS status; + int ret; + + d = dalloc_new(mem_ctx); +@@ -293,23 +281,11 @@ NTSTATUS mdscli_blob_get_results(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- ctx->max_fragment_size); +- if (blob->spotlight_blob == NULL) { +- TALLOC_FREE(d); +- return NT_STATUS_NO_MEMORY; +- } +- blob->size = ctx->max_fragment_size; +- +- len = sl_pack(d, (char *)blob->spotlight_blob, blob->size); ++ status = sl_pack_alloc(mem_ctx, d, blob, ctx->max_fragment_size); + TALLOC_FREE(d); +- if (len == -1) { +- return NT_STATUS_NO_MEMORY; ++ if (!NT_STATUS_IS_OK(status)) { ++ return status; + } +- +- blob->length = len; +- blob->size = len; + return NT_STATUS_OK; + } + +@@ -325,7 +301,7 @@ NTSTATUS mdscli_blob_get_path(TALLOC_CTX *mem_ctx, + sl_array_t *cmd_array = NULL; + sl_array_t *attr_array = NULL; + sl_cnids_t *cnids = NULL; +- ssize_t len; ++ NTSTATUS status; + int ret; + + d = dalloc_new(mem_ctx); +@@ -426,23 +402,11 @@ NTSTATUS mdscli_blob_get_path(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- ctx->max_fragment_size); +- if (blob->spotlight_blob == NULL) { +- TALLOC_FREE(d); +- return NT_STATUS_NO_MEMORY; +- } +- blob->size = ctx->max_fragment_size; +- +- len = sl_pack(d, (char *)blob->spotlight_blob, blob->size); ++ status = sl_pack_alloc(mem_ctx, d, blob, ctx->max_fragment_size); + TALLOC_FREE(d); +- if (len == -1) { +- return NT_STATUS_NO_MEMORY; ++ if (!NT_STATUS_IS_OK(status)) { ++ return status; + } +- +- blob->length = len; +- blob->size = len; + return NT_STATUS_OK; + } + +@@ -455,7 +419,7 @@ NTSTATUS mdscli_blob_close_search(TALLOC_CTX *mem_ctx, + uint64_t *uint64p = NULL; + sl_array_t *array = NULL; + sl_array_t *cmd_array = NULL; +- ssize_t len; ++ NTSTATUS status; + int ret; + + d = dalloc_new(mem_ctx); +@@ -510,22 +474,10 @@ NTSTATUS mdscli_blob_close_search(TALLOC_CTX *mem_ctx, + return NT_STATUS_NO_MEMORY; + } + +- blob->spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- ctx->max_fragment_size); +- if (blob->spotlight_blob == NULL) { +- TALLOC_FREE(d); +- return NT_STATUS_NO_MEMORY; +- } +- blob->size = ctx->max_fragment_size; +- +- len = sl_pack(d, (char *)blob->spotlight_blob, blob->size); ++ status = sl_pack_alloc(mem_ctx, d, blob, ctx->max_fragment_size); + TALLOC_FREE(d); +- if (len == -1) { +- return NT_STATUS_NO_MEMORY; ++ if (!NT_STATUS_IS_OK(status)) { ++ return status; + } +- +- blob->length = len; +- blob->size = len; + return NT_STATUS_OK; + } +diff --git a/source3/rpc_server/mdssvc/marshalling.c b/source3/rpc_server/mdssvc/marshalling.c +index 441d411..34bfda5 100644 +--- a/source3/rpc_server/mdssvc/marshalling.c ++++ b/source3/rpc_server/mdssvc/marshalling.c +@@ -78,6 +78,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, const char *buf, + ssize_t offset, size_t bufsize, + int count, ssize_t toc_offset, + int encoding); ++static ssize_t sl_pack(DALLOC_CTX *query, char *buf, size_t bufsize); + + /****************************************************************************** + * Wrapper functions for the *VAL macros with bound checking +@@ -1190,11 +1191,7 @@ static ssize_t sl_unpack_loop(DALLOC_CTX *query, + return offset; + } + +-/****************************************************************************** +- * Global functions for packing und unpacking +- ******************************************************************************/ +- +-ssize_t sl_pack(DALLOC_CTX *query, char *buf, size_t bufsize) ++static ssize_t sl_pack(DALLOC_CTX *query, char *buf, size_t bufsize) + { + ssize_t result; + char *toc_buf; +@@ -1274,6 +1271,34 @@ ssize_t sl_pack(DALLOC_CTX *query, char *buf, size_t bufsize) + return len; + } + ++/****************************************************************************** ++ * Global functions for packing und unpacking ++ ******************************************************************************/ ++ ++NTSTATUS sl_pack_alloc(TALLOC_CTX *mem_ctx, ++ DALLOC_CTX *d, ++ struct mdssvc_blob *b, ++ size_t max_fragment_size) ++{ ++ ssize_t len; ++ ++ b->spotlight_blob = talloc_zero_array(mem_ctx, ++ uint8_t, ++ max_fragment_size); ++ if (b->spotlight_blob == NULL) { ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ len = sl_pack(d, (char *)b->spotlight_blob, max_fragment_size); ++ if (len == -1) { ++ return NT_STATUS_DATA_ERROR; ++ } ++ ++ b->length = len; ++ b->size = len; ++ return NT_STATUS_OK; ++} ++ + bool sl_unpack(DALLOC_CTX *query, const char *buf, size_t bufsize) + { + ssize_t result; +diff --git a/source3/rpc_server/mdssvc/marshalling.h b/source3/rpc_server/mdssvc/marshalling.h +index 086ca74..2cc1b44 100644 +--- a/source3/rpc_server/mdssvc/marshalling.h ++++ b/source3/rpc_server/mdssvc/marshalling.h +@@ -22,6 +22,9 @@ + #define _MDSSVC_MARSHALLING_H + + #include "dalloc.h" ++#include "libcli/util/ntstatus.h" ++#include "lib/util/data_blob.h" ++#include "librpc/gen_ndr/mdssvc.h" + + #define MAX_SL_FRAGMENT_SIZE 0xFFFFF + +@@ -49,7 +52,11 @@ typedef struct { + * Function declarations + ******************************************************************************/ + +-extern ssize_t sl_pack(DALLOC_CTX *query, char *buf, size_t bufsize); ++extern NTSTATUS sl_pack_alloc(TALLOC_CTX *mem_ctx, ++ DALLOC_CTX *d, ++ struct mdssvc_blob *b, ++ size_t max_fragment_size); ++ + extern bool sl_unpack(DALLOC_CTX *query, const char *buf, size_t bufsize); + + #endif +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index 0e6a916..19257e8 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -1726,11 +1726,11 @@ error: + **/ + bool mds_dispatch(struct mds_ctx *mds_ctx, + struct mdssvc_blob *request_blob, +- struct mdssvc_blob *response_blob) ++ struct mdssvc_blob *response_blob, ++ size_t max_fragment_size) + { + bool ok; + int ret; +- ssize_t len; + DALLOC_CTX *query = NULL; + DALLOC_CTX *reply = NULL; + char *rpccmd; +@@ -1738,6 +1738,7 @@ bool mds_dispatch(struct mds_ctx *mds_ctx, + const struct smb_filename conn_basedir = { + .base_name = mds_ctx->conn->connectpath, + }; ++ NTSTATUS status; + + if (CHECK_DEBUGLVL(10)) { + const struct sl_query *slq; +@@ -1804,15 +1805,14 @@ bool mds_dispatch(struct mds_ctx *mds_ctx, + + DBG_DEBUG("%s", dalloc_dump(reply, 0)); + +- len = sl_pack(reply, +- (char *)response_blob->spotlight_blob, +- response_blob->size); +- if (len == -1) { +- DBG_ERR("error packing Spotlight RPC reply\n"); +- ok = false; ++ status = sl_pack_alloc(response_blob, ++ reply, ++ response_blob, ++ max_fragment_size); ++ if (!NT_STATUS_IS_OK(status)) { ++ DBG_ERR("sl_pack_alloc() failed\n"); + goto cleanup; + } +- response_blob->length = len; + + cleanup: + talloc_free(query); +diff --git a/source3/rpc_server/mdssvc/mdssvc.h b/source3/rpc_server/mdssvc/mdssvc.h +index a097991..b3bd8b9 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.h ++++ b/source3/rpc_server/mdssvc/mdssvc.h +@@ -157,9 +157,10 @@ struct mds_ctx *mds_init_ctx(TALLOC_CTX *mem_ctx, + int snum, + const char *sharename, + const char *path); +-extern bool mds_dispatch(struct mds_ctx *query_ctx, ++extern bool mds_dispatch(struct mds_ctx *mds_ctx, + struct mdssvc_blob *request_blob, +- struct mdssvc_blob *response_blob); ++ struct mdssvc_blob *response_blob, ++ size_t max_fragment_size); + bool mds_add_result(struct sl_query *slq, const char *path); + + #endif /* _MDSSVC_H */ +diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +index 714e6c1..59e2a97 100644 +--- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c ++++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +@@ -269,7 +269,10 @@ void _mdssvc_cmd(struct pipes_struct *p, struct mdssvc_cmd *r) + /* We currently don't use fragmentation at the mdssvc RPC layer */ + *r->out.fragment = 0; + +- ok = mds_dispatch(mds_ctx, &r->in.request_blob, r->out.response_blob); ++ ok = mds_dispatch(mds_ctx, ++ &r->in.request_blob, ++ r->out.response_blob, ++ r->in.max_fragment_size1); + if (ok) { + *r->out.unkn9 = 0; + } else { +diff --git a/source3/rpcclient/cmd_spotlight.c b/source3/rpcclient/cmd_spotlight.c +index 64fe321..ba3f61f 100644 +--- a/source3/rpcclient/cmd_spotlight.c ++++ b/source3/rpcclient/cmd_spotlight.c +@@ -43,7 +43,6 @@ static NTSTATUS cmd_mdssvc_fetch_properties( + uint32_t unkn3; /* server always returns 0 ? */ + struct mdssvc_blob request_blob; + struct mdssvc_blob response_blob; +- ssize_t len; + uint32_t max_fragment_size = 64 * 1024; + DALLOC_CTX *d, *mds_reply; + uint64_t *uint64var; +@@ -137,20 +136,10 @@ static NTSTATUS cmd_mdssvc_fetch_properties( + goto done; + } + +- request_blob.spotlight_blob = talloc_array(mem_ctx, uint8_t, max_fragment_size); +- if (request_blob.spotlight_blob == NULL) { +- status = NT_STATUS_INTERNAL_ERROR; +- goto done; +- } +- request_blob.size = max_fragment_size; +- +- len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); +- if (len == -1) { +- status = NT_STATUS_INTERNAL_ERROR; ++ status = sl_pack_alloc(mem_ctx, d, &request_blob, max_fragment_size); ++ if (!NT_STATUS_IS_OK(status)) { + goto done; + } +- request_blob.length = len; +- request_blob.size = len; + + status = dcerpc_mdssvc_cmd(b, mem_ctx, + &share_handle, +@@ -204,7 +193,6 @@ static NTSTATUS cmd_mdssvc_fetch_attributes( + uint32_t unkn3; /* server always returns 0 ? */ + struct mdssvc_blob request_blob; + struct mdssvc_blob response_blob; +- ssize_t len; + uint32_t max_fragment_size = 64 * 1024; + DALLOC_CTX *d, *mds_reply; + uint64_t *uint64var; +@@ -352,22 +340,10 @@ static NTSTATUS cmd_mdssvc_fetch_attributes( + goto done; + } + +- request_blob.spotlight_blob = talloc_array(mem_ctx, +- uint8_t, +- max_fragment_size); +- if (request_blob.spotlight_blob == NULL) { +- status = NT_STATUS_INTERNAL_ERROR; +- goto done; +- } +- request_blob.size = max_fragment_size; +- +- len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); +- if (len == -1) { +- status = NT_STATUS_INTERNAL_ERROR; ++ status = sl_pack_alloc(mem_ctx, d, &request_blob, max_fragment_size); ++ if (!NT_STATUS_IS_OK(status)) { + goto done; + } +- request_blob.length = len; +- request_blob.size = len; + + status = dcerpc_mdssvc_cmd(b, mem_ctx, + &share_handle, +diff --git a/source4/torture/rpc/mdssvc.c b/source4/torture/rpc/mdssvc.c +index e99c82c..1305456 100644 +--- a/source4/torture/rpc/mdssvc.c ++++ b/source4/torture/rpc/mdssvc.c +@@ -745,11 +745,9 @@ static bool test_sl_dict_type_safety(struct torture_context *tctx, + ok, done, "dalloc_new failed\n"); + request_blob.size = 64 * 1024; + +- request_blob.length = sl_pack(d, +- (char *)request_blob.spotlight_blob, +- request_blob.size); +- torture_assert_goto(tctx, request_blob.length > 0, +- ok, done, "sl_pack failed\n"); ++ status = sl_pack_alloc(tctx, d, &request_blob, 64 * 1024); ++ torture_assert_ntstatus_ok_goto(tctx, status, ok, done, ++ "sl_pack_alloc() failed\n"); + + status = dcerpc_mdssvc_cmd(b, + state, +@@ -836,7 +834,6 @@ static bool test_mdssvc_fetch_attr_unknown_cnid(struct torture_context *tctx, + const char *path_type = NULL; + uint64_t ino64; + NTSTATUS status; +- ssize_t len; + int ret; + bool ok = true; + +@@ -901,19 +898,10 @@ static bool test_mdssvc_fetch_attr_unknown_cnid(struct torture_context *tctx, + ret = dalloc_add(array, cnids, sl_cnids_t); + torture_assert_goto(tctx, ret == 0, ret, done, "dalloc_add failed\n"); + +- request_blob.spotlight_blob = talloc_array(state, +- uint8_t, +- max_fragment_size); +- torture_assert_not_null_goto(tctx, request_blob.spotlight_blob, +- ret, done, "dalloc_zero failed\n"); +- request_blob.size = max_fragment_size; +- +- len = sl_pack(d, (char *)request_blob.spotlight_blob, request_blob.size); +- torture_assert_goto(tctx, len != -1, ret, done, "sl_pack failed\n"); +- +- request_blob.length = len; +- request_blob.size = len; + ++ status = sl_pack_alloc(tctx, d, &request_blob, max_fragment_size); ++ torture_assert_ntstatus_ok_goto(tctx, status, ok, done, ++ "sl_pack_alloc() failed\n"); + status = dcerpc_mdssvc_cmd(b, + state, + &state->ph, +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0010.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0010.patch new file mode 100644 index 00000000000..57668f5eef1 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0010.patch @@ -0,0 +1,484 @@ +From a5c570e262911874e43e82de601d809aa5b1b729 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Sat, 17 Jun 2023 13:53:27 +0200 +Subject: [PATCH] CVE-2023-34968: mdscli: return share relative paths The next + commit will change the Samba Spotlight server to return absolute paths that + start with the sharename as "/SHARENAME/..." followed by the share path + relative appended. +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +So given a share + + [spotlight] + path = /foo/bar + spotlight = yes + +and a file inside this share with a full path of + + /foo/bar/dir/file + +previously a search that matched this file would returns the absolute +server-side pato of the file, ie + + /foo/bar/dir/file + +This will be change to + + /spotlight/dir/file + +As currently the mdscli library and hence the mdsearch tool print out these +paths returned from the server, we have to change the output to accomodate these +fake paths. The only way to do this sensibly is by makeing the paths relative to +the containing share, so just + + dir/file + +in the example above. + +The client learns about the share root path prefix – real server-side of fake in +the future – in an initial handshake in the "share_path" out argument of the +mdssvc_open() RPC call, so the client can use this path to convert the absolute +path to relative. + +There is however an additional twist: the macOS Spotlight server prefixes this +absolute path with another prefix, typically "/System/Volumes/Data", so in the +example above the full path for the same search would be + + /System/Volumes/Data/foo/bar/dir/file + +So macOS does return the full server-side path too, just prefixed with an +additional path. This path prefixed can be queried by the client in the +mdssvc_cmd() RPC call with an Spotlight command of "fetchPropertiesForContext:" +and the path is returned in a dictionary with key "kMDSStorePathScopes". Samba +just returns "/" for this. + +Currently the mdscli library doesn't issue this Spotlight RPC +request (fetchPropertiesForContext), so this is added in this commit. In the +end, all search result paths are stripped of the combined prefix + + kMDSStorePathScopes + share_path (from mdssvc_open). + +eg + + kMDSStorePathScopes = /System/Volumes/Data + share_path = /foo/bar + search result = /System/Volumes/Data/foo/bar/dir/file + relative path returned by mdscli = dir/file + +Makes sense? :) + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/a5c570e262911874e43e82de601d809aa5b1b729] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + python/samba/tests/dcerpc/mdssvc.py | 26 ++-- + source3/rpc_client/cli_mdssvc.c | 155 +++++++++++++++++++++++- + source3/rpc_client/cli_mdssvc_private.h | 4 + + source3/rpc_client/cli_mdssvc_util.c | 68 +++++++++++ + source3/rpc_client/cli_mdssvc_util.h | 4 + + 5 files changed, 243 insertions(+), 14 deletions(-) + +diff --git a/python/samba/tests/dcerpc/mdssvc.py b/python/samba/tests/dcerpc/mdssvc.py +index b0df509..5002e5d 100644 +--- a/python/samba/tests/dcerpc/mdssvc.py ++++ b/python/samba/tests/dcerpc/mdssvc.py +@@ -84,10 +84,11 @@ class MdssvcTests(RpcInterfaceTestCase): + self.t = threading.Thread(target=MdssvcTests.http_server, args=(self,)) + self.t.setDaemon(True) + self.t.start() ++ self.sharepath = os.environ["LOCAL_PATH"] + time.sleep(1) + + conn = mdscli.conn(self.pipe, 'spotlight', '/foo') +- self.sharepath = conn.sharepath() ++ self.fakepath = conn.sharepath() + conn.disconnect(self.pipe) + + for file in testfiles: +@@ -105,12 +106,11 @@ class MdssvcTests(RpcInterfaceTestCase): + self.server.serve_forever() + + def run_test(self, query, expect, json_in, json_out): +- expect = [s.replace("%BASEPATH%", self.sharepath) for s in expect] + self.server.json_in = json_in.replace("%BASEPATH%", self.sharepath) + self.server.json_out = json_out.replace("%BASEPATH%", self.sharepath) + + self.conn = mdscli.conn(self.pipe, 'spotlight', '/foo') +- search = self.conn.search(self.pipe, query, self.sharepath) ++ search = self.conn.search(self.pipe, query, self.fakepath) + + # Give it some time, the get_results() below returns immediately + # what's available, so if we ask to soon, we might get back no results +@@ -141,7 +141,7 @@ class MdssvcTests(RpcInterfaceTestCase): + ] + } + }''' +- exp_results = ["%BASEPATH%/foo", "%BASEPATH%/bar"] ++ exp_results = ["foo", "bar"] + self.run_test('*=="samba*"', exp_results, exp_json_query, fake_json_response) + + def test_mdscli_search_escapes(self): +@@ -181,14 +181,14 @@ class MdssvcTests(RpcInterfaceTestCase): + } + }''' + exp_results = [ +- r"%BASEPATH%/x+x", +- r"%BASEPATH%/x*x", +- r"%BASEPATH%/x=x", +- r"%BASEPATH%/x'x", +- r"%BASEPATH%/x?x", +- r"%BASEPATH%/x x", +- r"%BASEPATH%/x(x", +- "%BASEPATH%/x\"x", +- r"%BASEPATH%/x\x", ++ r"x+x", ++ r"x*x", ++ r"x=x", ++ r"x'x", ++ r"x?x", ++ r"x x", ++ r"x(x", ++ "x\"x", ++ r"x\x", + ] + self.run_test(sl_query, exp_results, exp_json_query, fake_json_response) +diff --git a/source3/rpc_client/cli_mdssvc.c b/source3/rpc_client/cli_mdssvc.c +index 07c19b5..a047b91 100644 +--- a/source3/rpc_client/cli_mdssvc.c ++++ b/source3/rpc_client/cli_mdssvc.c +@@ -43,10 +43,12 @@ char *mdscli_get_basepath(TALLOC_CTX *mem_ctx, + struct mdscli_connect_state { + struct tevent_context *ev; + struct mdscli_ctx *mdscli_ctx; ++ struct mdssvc_blob response_blob; + }; + + static void mdscli_connect_open_done(struct tevent_req *subreq); + static void mdscli_connect_unknown1_done(struct tevent_req *subreq); ++static void mdscli_connect_fetch_props_done(struct tevent_req *subreq); + + struct tevent_req *mdscli_connect_send(TALLOC_CTX *mem_ctx, + struct tevent_context *ev, +@@ -111,6 +113,7 @@ static void mdscli_connect_open_done(struct tevent_req *subreq) + struct mdscli_connect_state *state = tevent_req_data( + req, struct mdscli_connect_state); + struct mdscli_ctx *mdscli_ctx = state->mdscli_ctx; ++ size_t share_path_len; + NTSTATUS status; + + status = dcerpc_mdssvc_open_recv(subreq, state); +@@ -120,6 +123,18 @@ static void mdscli_connect_open_done(struct tevent_req *subreq) + return; + } + ++ share_path_len = strlen(mdscli_ctx->mdscmd_open.share_path); ++ if (share_path_len < 1 || share_path_len > UINT16_MAX) { ++ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); ++ return; ++ } ++ mdscli_ctx->mdscmd_open.share_path_len = share_path_len; ++ ++ if (mdscli_ctx->mdscmd_open.share_path[share_path_len-1] == '/') { ++ mdscli_ctx->mdscmd_open.share_path[share_path_len-1] = '\0'; ++ mdscli_ctx->mdscmd_open.share_path_len--; ++ } ++ + subreq = dcerpc_mdssvc_unknown1_send( + state, + state->ev, +@@ -146,6 +161,8 @@ static void mdscli_connect_unknown1_done(struct tevent_req *subreq) + subreq, struct tevent_req); + struct mdscli_connect_state *state = tevent_req_data( + req, struct mdscli_connect_state); ++ struct mdscli_ctx *mdscli_ctx = state->mdscli_ctx; ++ struct mdssvc_blob request_blob; + NTSTATUS status; + + status = dcerpc_mdssvc_unknown1_recv(subreq, state); +@@ -153,6 +170,108 @@ static void mdscli_connect_unknown1_done(struct tevent_req *subreq) + if (tevent_req_nterror(req, status)) { + return; + } ++ status = mdscli_blob_fetch_props(state, ++ state->mdscli_ctx, ++ &request_blob); ++ if (tevent_req_nterror(req, status)) { ++ return; ++ } ++ ++ subreq = dcerpc_mdssvc_cmd_send(state, ++ state->ev, ++ mdscli_ctx->bh, ++ &mdscli_ctx->ph, ++ 0, ++ mdscli_ctx->dev, ++ mdscli_ctx->mdscmd_open.unkn2, ++ 0, ++ mdscli_ctx->flags, ++ request_blob, ++ 0, ++ mdscli_ctx->max_fragment_size, ++ 1, ++ mdscli_ctx->max_fragment_size, ++ 0, ++ 0, ++ &mdscli_ctx->mdscmd_cmd.fragment, ++ &state->response_blob, ++ &mdscli_ctx->mdscmd_cmd.unkn9); ++ if (tevent_req_nomem(subreq, req)) { ++ return; ++ } ++ tevent_req_set_callback(subreq, mdscli_connect_fetch_props_done, req); ++ mdscli_ctx->async_pending++; ++ return; ++} ++ ++static void mdscli_connect_fetch_props_done(struct tevent_req *subreq) ++{ ++ struct tevent_req *req = tevent_req_callback_data( ++ subreq, struct tevent_req); ++ struct mdscli_connect_state *state = tevent_req_data( ++ req, struct mdscli_connect_state); ++ struct mdscli_ctx *mdscli_ctx = state->mdscli_ctx; ++ DALLOC_CTX *d = NULL; ++ sl_array_t *path_scope_array = NULL; ++ char *path_scope = NULL; ++ NTSTATUS status; ++ bool ok; ++ ++ status = dcerpc_mdssvc_cmd_recv(subreq, state); ++ TALLOC_FREE(subreq); ++ state->mdscli_ctx->async_pending--; ++ if (tevent_req_nterror(req, status)) { ++ return; ++ } ++ ++ d = dalloc_new(state); ++ if (tevent_req_nomem(d, req)) { ++ return; ++ } ++ ++ ok = sl_unpack(d, ++ (char *)state->response_blob.spotlight_blob, ++ state->response_blob.length); ++ if (!ok) { ++ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); ++ return; ++ } ++ ++ path_scope_array = dalloc_value_for_key(d, ++ "DALLOC_CTX", 0, ++ "kMDSStorePathScopes", ++ "sl_array_t"); ++ if (path_scope_array == NULL) { ++ DBG_ERR("Missing kMDSStorePathScopes\n"); ++ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); ++ return; ++ } ++ ++ path_scope = dalloc_get(path_scope_array, "char *", 0); ++ if (path_scope == NULL) { ++ DBG_ERR("Missing path in kMDSStorePathScopes\n"); ++ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); ++ return; ++ } ++ ++ mdscli_ctx->path_scope_len = strlen(path_scope); ++ if (mdscli_ctx->path_scope_len < 1 || ++ mdscli_ctx->path_scope_len > UINT16_MAX) ++ { ++ DBG_ERR("Bad path_scope: %s\n", path_scope); ++ tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); ++ return; ++ } ++ mdscli_ctx->path_scope = talloc_strdup(mdscli_ctx, path_scope); ++ if (tevent_req_nomem(mdscli_ctx->path_scope, req)) { ++ return; ++ } ++ ++ if (mdscli_ctx->path_scope[mdscli_ctx->path_scope_len-1] == '/') { ++ mdscli_ctx->path_scope[mdscli_ctx->path_scope_len-1] = '\0'; ++ mdscli_ctx->path_scope_len--; ++ } ++ + + tevent_req_done(req); + } +@@ -697,7 +816,10 @@ static void mdscli_get_path_done(struct tevent_req *subreq) + struct mdscli_get_path_state *state = tevent_req_data( + req, struct mdscli_get_path_state); + DALLOC_CTX *d = NULL; ++ size_t pathlen; ++ size_t prefixlen; + char *path = NULL; ++ const char *p = NULL; + NTSTATUS status; + bool ok; + +@@ -732,7 +854,38 @@ static void mdscli_get_path_done(struct tevent_req *subreq) + tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR); + return; + } +- state->path = talloc_move(state, &path); ++ ++ /* Path is prefixed by /PATHSCOPE/SHARENAME/, strip it */ ++ pathlen = strlen(path); ++ ++ /* ++ * path_scope_len and share_path_len are already checked to be smaller ++ * then UINT16_MAX so this can't overflow ++ */ ++ prefixlen = state->mdscli_ctx->path_scope_len ++ + state->mdscli_ctx->mdscmd_open.share_path_len; ++ ++ if (pathlen < prefixlen) { ++ DBG_DEBUG("Bad path: %s\n", path); ++ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); ++ return; ++ } ++ ++ p = path + prefixlen; ++ while (*p == '/') { ++ p++; ++ } ++ if (*p == '\0') { ++ DBG_DEBUG("Bad path: %s\n", path); ++ tevent_req_nterror(req, NT_STATUS_INVALID_PARAMETER); ++ return; ++ } ++ ++ state->path = talloc_strdup(state, p); ++ if (state->path == NULL) { ++ tevent_req_nterror(req, NT_STATUS_NO_MEMORY); ++ return; ++ } + DBG_DEBUG("path: %s\n", state->path); + + tevent_req_done(req); +diff --git a/source3/rpc_client/cli_mdssvc_private.h b/source3/rpc_client/cli_mdssvc_private.h +index 031af85..b10aca0 100644 +--- a/source3/rpc_client/cli_mdssvc_private.h ++++ b/source3/rpc_client/cli_mdssvc_private.h +@@ -42,6 +42,7 @@ struct mdscli_ctx { + /* cmd specific or unknown fields */ + struct { + char share_path[1025]; ++ size_t share_path_len; + uint32_t unkn2; + uint32_t unkn3; + } mdscmd_open; +@@ -56,6 +57,9 @@ struct mdscli_ctx { + struct { + uint32_t status; + } mdscmd_close; ++ ++ char *path_scope; ++ size_t path_scope_len; + }; + + struct mdscli_search_ctx { +diff --git a/source3/rpc_client/cli_mdssvc_util.c b/source3/rpc_client/cli_mdssvc_util.c +index a39202d..1eaaca7 100644 +--- a/source3/rpc_client/cli_mdssvc_util.c ++++ b/source3/rpc_client/cli_mdssvc_util.c +@@ -28,6 +28,74 @@ + #include "rpc_server/mdssvc/dalloc.h" + #include "rpc_server/mdssvc/marshalling.h" + ++NTSTATUS mdscli_blob_fetch_props(TALLOC_CTX *mem_ctx, ++ struct mdscli_ctx *ctx, ++ struct mdssvc_blob *blob) ++{ ++ DALLOC_CTX *d = NULL; ++ uint64_t *uint64p = NULL; ++ sl_array_t *array = NULL; ++ sl_array_t *cmd_array = NULL; ++ NTSTATUS status; ++ int ret; ++ ++ d = dalloc_new(mem_ctx); ++ if (d == NULL) { ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ array = dalloc_zero(d, sl_array_t); ++ if (array == NULL) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ ret = dalloc_add(d, array, sl_array_t); ++ if (ret != 0) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ cmd_array = dalloc_zero(d, sl_array_t); ++ if (cmd_array == NULL) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ ret = dalloc_add(array, cmd_array, sl_array_t); ++ if (ret != 0) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ ret = dalloc_stradd(cmd_array, "fetchPropertiesForContext:"); ++ if (ret != 0) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ uint64p = talloc_zero_array(cmd_array, uint64_t, 2); ++ if (uint64p == NULL) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ talloc_set_name(uint64p, "uint64_t *"); ++ ++ ret = dalloc_add(cmd_array, uint64p, uint64_t *); ++ if (ret != 0) { ++ TALLOC_FREE(d); ++ return NT_STATUS_NO_MEMORY; ++ } ++ ++ status = sl_pack_alloc(mem_ctx, d, blob, ctx->max_fragment_size); ++ TALLOC_FREE(d); ++ if (!NT_STATUS_IS_OK(status)) { ++ return status; ++ } ++ return NT_STATUS_OK; ++} ++ + NTSTATUS mdscli_blob_search(TALLOC_CTX *mem_ctx, + struct mdscli_search_ctx *search, + struct mdssvc_blob *blob) +diff --git a/source3/rpc_client/cli_mdssvc_util.h b/source3/rpc_client/cli_mdssvc_util.h +index 7a98c85..3f32475 100644 +--- a/source3/rpc_client/cli_mdssvc_util.h ++++ b/source3/rpc_client/cli_mdssvc_util.h +@@ -21,6 +21,10 @@ + #ifndef _MDSCLI_UTIL_H_ + #define _MDSCLI_UTIL_H_ + ++NTSTATUS mdscli_blob_fetch_props(TALLOC_CTX *mem_ctx, ++ struct mdscli_ctx *ctx, ++ struct mdssvc_blob *blob); ++ + NTSTATUS mdscli_blob_search(TALLOC_CTX *mem_ctx, + struct mdscli_search_ctx *search, + struct mdssvc_blob *blob); +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0011.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0011.patch new file mode 100644 index 00000000000..d2bef187f7e --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-34968_0011.patch @@ -0,0 +1,295 @@ +From 091b0265fe42878d676def5d4f5b4f8f3977b0e2 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Mon, 5 Jun 2023 18:02:20 +0200 +Subject: [PATCH] CVE-2023-34968: mdssvc: return a fake share path Instead of + returning the real server-side absolute path of shares and search results, + return a fake absolute path replacing the path of the share with the share + name, iow for a share "test" with a server-side path of "/foo/bar", we + previously returned + + /foo/bar and + /foo/bar/search/result + +and now return + + /test and + /test/search/result + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15388 + +Signed-off-by: Ralph Boehme +Reviewed-by: Stefan Metzmacher + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/091b0265fe42878d676def5d4f5b4f8f3977b0e2] + +CVE: CVE-2023-34968 + +Signed-off-by: Archana Polampalli +--- + source3/lib/util_path.c | 52 ++++++++++++++++++++ + source3/lib/util_path.h | 5 ++ + source3/rpc_server/mdssvc/mdssvc.c | 60 +++++++++++++++++++++-- + source3/rpc_server/mdssvc/mdssvc.h | 1 + + source3/rpc_server/mdssvc/srv_mdssvc_nt.c | 17 +++++-- + 6 files changed, 128 insertions(+), 7 deletions(-) + mode change 100755 => 100644 source3/libads/ldap.c + +diff --git a/source3/lib/util_path.c b/source3/lib/util_path.c +index c34b734..5b5a51c 100644 +--- a/source3/lib/util_path.c ++++ b/source3/lib/util_path.c +@@ -21,8 +21,10 @@ + * along with this program. If not, see . + */ + ++#include "includes.h" + #include "replace.h" + #include ++#include "lib/util/debug.h" + #include "lib/util/samba_util.h" + #include "lib/util_path.h" + +@@ -210,3 +212,53 @@ char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *pathname_in) + *p++ = '\0'; + return pathname; + } ++ ++/* ++ * Take two absolute paths, figure out if "subdir" is a proper ++ * subdirectory of "parent". Return the component relative to the ++ * "parent" without the potential "/". Take care of "parent" ++ * possibly ending in "/". ++ */ ++bool subdir_of(const char *parent, ++ size_t parent_len, ++ const char *subdir, ++ const char **_relative) ++{ ++ const char *relative = NULL; ++ bool matched; ++ ++ SMB_ASSERT(parent[0] == '/'); ++ SMB_ASSERT(subdir[0] == '/'); ++ ++ if (parent_len == 1) { ++ /* ++ * Everything is below "/" ++ */ ++ *_relative = subdir+1; ++ return true; ++ } ++ ++ if (parent[parent_len-1] == '/') { ++ parent_len -= 1; ++ } ++ ++ matched = (strncmp(subdir, parent, parent_len) == 0); ++ if (!matched) { ++ return false; ++ } ++ ++ relative = &subdir[parent_len]; ++ ++ if (relative[0] == '\0') { ++ *_relative = relative; /* nothing left */ ++ return true; ++ } ++ ++ if (relative[0] == '/') { ++ /* End of parent must match a '/' in subdir. */ ++ *_relative = relative+1; ++ return true; ++ } ++ ++ return false; ++} +diff --git a/source3/lib/util_path.h b/source3/lib/util_path.h +index 3e7d04d..6d2155a 100644 +--- a/source3/lib/util_path.h ++++ b/source3/lib/util_path.h +@@ -31,5 +31,10 @@ char *lock_path(TALLOC_CTX *mem_ctx, const char *name); + char *state_path(TALLOC_CTX *mem_ctx, const char *name); + char *cache_path(TALLOC_CTX *mem_ctx, const char *name); + char *canonicalize_absolute_path(TALLOC_CTX *ctx, const char *abs_path); ++bool subdir_of(const char *parent, ++ size_t parent_len, ++ const char *subdir, ++ const char **_relative); ++ + + #endif +diff --git a/source3/rpc_server/mdssvc/mdssvc.c b/source3/rpc_server/mdssvc/mdssvc.c +index 19257e8..d442d8d 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.c ++++ b/source3/rpc_server/mdssvc/mdssvc.c +@@ -520,11 +520,14 @@ static bool inode_map_add(struct sl_query *slq, + bool mds_add_result(struct sl_query *slq, const char *path) + { + struct smb_filename *smb_fname = NULL; ++ char *fake_path = NULL; ++ const char *relative = NULL; + struct stat_ex sb; + uint32_t attr; + uint64_t ino64; + int result; + NTSTATUS status; ++ bool sub; + bool ok; + + /* +@@ -610,6 +613,17 @@ bool mds_add_result(struct sl_query *slq, const char *path) + } + } + ++ sub = subdir_of(slq->mds_ctx->spath, ++ slq->mds_ctx->spath_len, ++ path, ++ &relative); ++ if (!sub) { ++ DBG_ERR("[%s] is not inside [%s]\n", ++ path, slq->mds_ctx->spath); ++ slq->state = SLQ_STATE_ERROR; ++ return false; ++ } ++ + /* + * Add inode number and filemeta to result set, this is what + * we return as part of the result set of a query +@@ -622,18 +636,30 @@ bool mds_add_result(struct sl_query *slq, const char *path) + slq->state = SLQ_STATE_ERROR; + return false; + } ++ ++ fake_path = talloc_asprintf(slq, ++ "/%s/%s", ++ slq->mds_ctx->sharename, ++ relative); ++ if (fake_path == NULL) { ++ slq->state = SLQ_STATE_ERROR; ++ return false; ++ } ++ + ok = add_filemeta(slq->mds_ctx, + slq->reqinfo, + slq->query_results->fm_array, +- path, ++ fake_path, + &sb); + if (!ok) { + DBG_ERR("add_filemeta error\n"); ++ TALLOC_FREE(fake_path); + slq->state = SLQ_STATE_ERROR; + return false; + } + +- ok = inode_map_add(slq, ino64, path, &sb); ++ ok = inode_map_add(slq, ino64, fake_path, &sb); ++ TALLOC_FREE(fake_path); + if (!ok) { + DEBUG(1, ("inode_map_add error\n")); + slq->state = SLQ_STATE_ERROR; +@@ -840,6 +866,32 @@ static void slq_close_timer(struct tevent_context *ev, + } + } + ++/** ++ * Translate a fake scope from the client like /sharename/dir ++ * to the real server-side path, replacing the "/sharename" part ++ * with the absolute server-side path of the share. ++ **/ ++static bool mdssvc_real_scope(struct sl_query *slq, const char *fake_scope) ++{ ++ size_t sname_len = strlen(slq->mds_ctx->sharename); ++ size_t fake_scope_len = strlen(fake_scope); ++ ++ if (fake_scope_len < sname_len + 1) { ++ DBG_ERR("Short scope [%s] for share [%s]\n", ++ fake_scope, slq->mds_ctx->sharename); ++ return false; ++ } ++ ++ slq->path_scope = talloc_asprintf(slq, ++ "%s%s", ++ slq->mds_ctx->spath, ++ fake_scope + sname_len + 1); ++ if (slq->path_scope == NULL) { ++ return false; ++ } ++ return true; ++} ++ + /** + * Begin a search query + **/ +@@ -946,8 +998,8 @@ static bool slrpc_open_query(struct mds_ctx *mds_ctx, + goto error; + } + +- slq->path_scope = talloc_strdup(slq, scope); +- if (slq->path_scope == NULL) { ++ ok = mdssvc_real_scope(slq, scope); ++ if (!ok) { + goto error; + } + +diff --git a/source3/rpc_server/mdssvc/mdssvc.h b/source3/rpc_server/mdssvc/mdssvc.h +index b3bd8b9..8434812 100644 +--- a/source3/rpc_server/mdssvc/mdssvc.h ++++ b/source3/rpc_server/mdssvc/mdssvc.h +@@ -127,6 +127,7 @@ struct mds_ctx { + int snum; + const char *sharename; + const char *spath; ++ size_t spath_len; + struct connection_struct *conn; + struct sl_query *query_list; /* list of active queries */ + struct db_context *ino_path_map; /* dbwrap rbt for storing inode->path mappings */ +diff --git a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +index 59e2a97..b20bd2a 100644 +--- a/source3/rpc_server/mdssvc/srv_mdssvc_nt.c ++++ b/source3/rpc_server/mdssvc/srv_mdssvc_nt.c +@@ -121,6 +121,7 @@ void _mdssvc_open(struct pipes_struct *p, struct mdssvc_open *r) + loadparm_s3_global_substitution(); + int snum; + char *outpath = discard_const_p(char, r->out.share_path); ++ char *fake_path = NULL; + char *path; + NTSTATUS status; + +@@ -144,21 +145,31 @@ void _mdssvc_open(struct pipes_struct *p, struct mdssvc_open *r) + return; + } + ++ fake_path = talloc_asprintf(p->mem_ctx, "/%s", r->in.share_name); ++ if (fake_path == NULL) { ++ DBG_ERR("Couldn't create fake share path for %s\n", ++ r->in.share_name); ++ talloc_free(path); ++ p->fault_state = DCERPC_FAULT_CANT_PERFORM; ++ return; ++ } ++ + status = create_mdssvc_policy_handle(p->mem_ctx, p, + snum, + r->in.share_name, + path, + r->out.handle); + if (!NT_STATUS_IS_OK(status)) { +- DBG_ERR("Couldn't create policy handle for %s\n", ++ DBG_ERR("Couldn't create path for %s\n", + r->in.share_name); + talloc_free(path); ++ talloc_free(fake_path); + p->fault_state = DCERPC_FAULT_CANT_PERFORM; + return; + } + +- strlcpy(outpath, path, 1024); +- talloc_free(path); ++ strlcpy(outpath, fake_path, 1024); ++ talloc_free(fake_path); + return; + } + +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 73e8a82e89b..aa27592cb0c 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -38,6 +38,17 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2022-2127.patch \ file://CVE-2023-34967_0001.patch \ file://CVE-2023-34967_0002.patch \ + file://CVE-2023-34968_0001.patch \ + file://CVE-2023-34968_0002.patch \ + file://CVE-2023-34968_0003.patch \ + file://CVE-2023-34968_0004.patch \ + file://CVE-2023-34968_0005.patch \ + file://CVE-2023-34968_0006.patch \ + file://CVE-2023-34968_0007.patch \ + file://CVE-2023-34968_0008.patch \ + file://CVE-2023-34968_0009.patch \ + file://CVE-2023-34968_0010.patch \ + file://CVE-2023-34968_0011.patch \ " SRC_URI:append:libc-musl = " \ From e2b534cc3a9f178b909c1e15c4b5919c7c0395db Mon Sep 17 00:00:00 2001 From: Meenali Gupta Date: Thu, 5 Oct 2023 07:14:31 +0000 Subject: [PATCH 482/600] open-vm-tools: fix CVE-2023-20867 A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. Signed-off-by: Meenali Gupta Signed-off-by: Armin Kuster --- .../open-vm-tools/CVE-2023-20867.patch | 158 ++++++++++++++++++ .../open-vm-tools/open-vm-tools_11.3.5.bb | 1 + 2 files changed, 159 insertions(+) create mode 100644 meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20867.patch diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20867.patch b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20867.patch new file mode 100644 index 00000000000..071ddf45d19 --- /dev/null +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20867.patch @@ -0,0 +1,158 @@ +From 32fe1b6ac239255a91020020510453685459b28a Mon Sep 17 00:00:00 2001 +From: John Wolfe +Date: Mon, 8 May 2023 19:04:57 -0700 +Subject: [PATCH] open-vm-tools: Remove some dead code. + +Address CVE-2023-20867. +Remove some authentication types which were deprecated long +ago and are no longer in use. These are dead code. + +Upstream-Status: Backport [https://github.com/vmware/open-vm-tools/blob/CVE-2023-20867.patch/2023-20867-Remove-some-dead-code.patch] +CVE: CVE-2023-20867 + +Signed-off-by: Meenali Gupta +--- + open-vm-tools/services/plugins/vix/vixTools.c | 100 ------------------ + 1 file changed, 100 deletions(-) + +diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c +index bde74021..6e51d1f4 100644 +--- a/open-vm-tools/services/plugins/vix/vixTools.c ++++ b/open-vm-tools/services/plugins/vix/vixTools.c +@@ -254,7 +254,6 @@ char *gImpersonatedUsername = NULL; + #define VIX_TOOLS_CONFIG_API_AUTHENTICATION "Authentication" + #define VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS "InfrastructureAgents" + +-#define VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT TRUE + + /* + * The switch that controls all APIs +@@ -730,8 +729,6 @@ VixError GuestAuthSAMLAuthenticateAndImpersonate( + + void GuestAuthUnimpersonate(); + +-static Bool VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef, +- const char *typeName); + + #if SUPPORT_VGAUTH + +@@ -7913,29 +7910,6 @@ VixToolsImpersonateUser(VixCommandRequestHeader *requestMsg, // IN + userToken); + break; + } +- case VIX_USER_CREDENTIAL_ROOT: +- { +- if ((requestMsg->requestFlags & VIX_REQUESTMSG_HAS_HASHED_SHARED_SECRET) && +- !VixToolsCheckIfAuthenticationTypeEnabled(gConfDictRef, +- VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS)) { +- /* +- * Don't accept hashed shared secret if disabled. +- */ +- g_message("%s: Requested authentication type has been disabled.\n", +- __FUNCTION__); +- err = VIX_E_GUEST_AUTHTYPE_DISABLED; +- goto done; +- } +- } +- // fall through +- +- case VIX_USER_CREDENTIAL_CONSOLE_USER: +- err = VixToolsImpersonateUserImplEx(NULL, +- credentialType, +- NULL, +- loadUserProfile, +- userToken); +- break; + case VIX_USER_CREDENTIAL_NAME_PASSWORD: + case VIX_USER_CREDENTIAL_NAME_PASSWORD_OBFUSCATED: + case VIX_USER_CREDENTIAL_NAMED_INTERACTIVE_USER: +@@ -8104,36 +8078,6 @@ VixToolsImpersonateUserImplEx(char const *credentialTypeStr, // IN + } + } + +- /* +- * If the VMX asks to be root, then we allow them. +- * The VMX will make sure that only it will pass this value in, +- * and only when the VM and host are configured to allow this. +- */ +- if ((VIX_USER_CREDENTIAL_ROOT == credentialType) +- && (thisProcessRunsAsRoot)) { +- *userToken = PROCESS_CREATOR_USER_TOKEN; +- +- gImpersonatedUsername = Util_SafeStrdup("_ROOT_"); +- err = VIX_OK; +- goto quit; +- } +- +- /* +- * If the VMX asks to be root, then we allow them. +- * The VMX will make sure that only it will pass this value in, +- * and only when the VM and host are configured to allow this. +- * +- * XXX This has been deprecated XXX +- */ +- if ((VIX_USER_CREDENTIAL_CONSOLE_USER == credentialType) +- && ((allowConsoleUserOps) || !(thisProcessRunsAsRoot))) { +- *userToken = PROCESS_CREATOR_USER_TOKEN; +- +- gImpersonatedUsername = Util_SafeStrdup("_CONSOLE_USER_NAME_"); +- err = VIX_OK; +- goto quit; +- } +- + /* + * If the VMX asks us to run commands in the context of the current + * user, make sure that the user who requested the command is the +@@ -10814,50 +10758,6 @@ VixToolsCheckIfVixCommandEnabled(int opcode, // IN + } + + +-/* +- *----------------------------------------------------------------------------- +- * +- * VixToolsCheckIfAuthenticationTypeEnabled -- +- * +- * Checks to see if a given authentication type has been +- * disabled via the tools configuration. +- * +- * Return value: +- * TRUE if enabled, FALSE otherwise. +- * +- * Side effects: +- * None +- * +- *----------------------------------------------------------------------------- +- */ +- +-static Bool +-VixToolsCheckIfAuthenticationTypeEnabled(GKeyFile *confDictRef, // IN +- const char *typeName) // IN +-{ +- char authnDisabledName[64]; // Authentication..disabled +- gboolean disabled; +- +- Str_Snprintf(authnDisabledName, sizeof(authnDisabledName), +- VIX_TOOLS_CONFIG_API_AUTHENTICATION ".%s.disabled", +- typeName); +- +- ASSERT(confDictRef != NULL); +- +- /* +- * XXX Skip doing the strcmp() to verify the auth type since we only +- * have the one typeName (VIX_TOOLS_CONFIG_AUTHTYPE_AGENTS), and default +- * it to VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT. +- */ +- disabled = VMTools_ConfigGetBoolean(confDictRef, +- VIX_TOOLS_CONFIG_API_GROUPNAME, +- authnDisabledName, +- VIX_TOOLS_CONFIG_INFRA_AGENT_DISABLED_DEFAULT); +- +- return !disabled; +-} +- +- + /* + *----------------------------------------------------------------------------- + * +-- +2.40.0 diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb index 4670a85a674..c80827a9927 100644 --- a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb @@ -45,6 +45,7 @@ SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=maste file://0002-hgfsServerLinux-Consider-64bit-time_t-possibility.patch;patchdir=.. \ file://0001-open-vm-tools-Correct-include-path-for-poll.h.patch;patchdir=.. \ file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ + file://CVE-2023-20867.patch;patchdir=.. \ " UPSTREAM_CHECK_GITTAGREGEX = "stable-(?P\d+(\.\d+)+)" From 6432fee6d04bec8573f1afcc5a9301899d05ac0f Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Fri, 6 Oct 2023 14:13:49 +0000 Subject: [PATCH 483/600] python3-gevent: fix CVE-2023-41419 An issue in Gevent Gevent before version 23.9.1 allows a remote attacker to escalate privileges via a crafted script to the WSGIServer component. References: https://nvd.nist.gov/vuln/detail/CVE-2023-41419 https://github.com/advisories/GHSA-x7m3-jprg-wc5g Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../python3-gevent/CVE-2023-41419.patch | 673 ++++++++++++++++++ .../python/python3-gevent_21.12.0.bb | 2 + 2 files changed, 675 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-gevent/CVE-2023-41419.patch diff --git a/meta-python/recipes-devtools/python/python3-gevent/CVE-2023-41419.patch b/meta-python/recipes-devtools/python/python3-gevent/CVE-2023-41419.patch new file mode 100644 index 00000000000..c92ba876a8b --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-gevent/CVE-2023-41419.patch @@ -0,0 +1,673 @@ +From f80ee15e27b67b6fdd101d5f91cf584d19b2b26e Mon Sep 17 00:00:00 2001 +From: Jason Madden +Date: Fri, 6 Oct 2023 12:41:59 +0000 +Subject: [PATCH] gevent.pywsgi: Much improved handling of chunk trailers. + Validation is much stricter to the specification. + +Fixes #1989 + +CVE: CVE-2023-41419 + +Upstream-Status: Backport [https://github.com/gevent/gevent/commit/2f53c851eaf926767fbac62385615efd4886221c] + +Signed-off-by: Narpat Mali +--- + docs/changes/1989.bugfix | 26 ++++ + src/gevent/pywsgi.py | 229 ++++++++++++++++++++++++------- + src/gevent/subprocess.py | 7 +- + src/gevent/testing/testcase.py | 2 +- + src/gevent/tests/test__pywsgi.py | 193 ++++++++++++++++++++++++-- + 5 files changed, 390 insertions(+), 67 deletions(-) + create mode 100644 docs/changes/1989.bugfix + +diff --git a/docs/changes/1989.bugfix b/docs/changes/1989.bugfix +new file mode 100644 +index 0000000..7ce4a93 +--- /dev/null ++++ b/docs/changes/1989.bugfix +@@ -0,0 +1,26 @@ ++Make ``gevent.pywsgi`` comply more closely with the HTTP specification ++for chunked transfer encoding. In particular, we are much stricter ++about trailers, and trailers that are invalid (too long or featuring ++disallowed characters) forcibly close the connection to the client ++*after* the results have been sent. ++ ++Trailers otherwise continue to be ignored and are not available to the ++WSGI application. ++ ++Previously, carefully crafted invalid trailers in chunked requests on ++keep-alive connections might appear as two requests to ++``gevent.pywsgi``. Because this was handled exactly as a normal ++keep-alive connection with two requests, the WSGI application should ++handle it normally. However, if you were counting on some upstream ++server to filter incoming requests based on paths or header fields, ++and the upstream server simply passed trailers through without ++validating them, then this embedded second request would bypass those ++checks. (If the upstream server validated that the trailers meet the ++HTTP specification, this could not occur, because characters that are ++required in an HTTP request, like a space, are not allowed in ++trailers.) CVE-2023-41419 was reserved for this. ++ ++Our thanks to the original reporters, Keran Mu ++(mkr22@mails.tsinghua.edu.cn) and Jianjun Chen ++(jianjun@tsinghua.edu.cn), from Tsinghua University and Zhongguancun ++Laboratory. +diff --git a/src/gevent/pywsgi.py b/src/gevent/pywsgi.py +index 0ebe095..078398a 100644 +--- a/src/gevent/pywsgi.py ++++ b/src/gevent/pywsgi.py +@@ -1,13 +1,28 @@ + # Copyright (c) 2005-2009, eventlet contributors + # Copyright (c) 2009-2018, gevent contributors + """ +-A pure-Python, gevent-friendly WSGI server. ++A pure-Python, gevent-friendly WSGI server implementing HTTP/1.1. + + The server is provided in :class:`WSGIServer`, but most of the actual + WSGI work is handled by :class:`WSGIHandler` --- a new instance is + created for each request. The server can be customized to use + different subclasses of :class:`WSGIHandler`. + ++.. important:: ++ This server is intended primarily for development and testing, and ++ secondarily for other "safe" scenarios where it will not be exposed to ++ potentially malicious input. The code has not been security audited, ++ and is not intended for direct exposure to the public Internet. For production ++ usage on the Internet, either choose a production-strength server such as ++ gunicorn, or put a reverse proxy between gevent and the Internet. ++.. versionchanged:: NEXT ++ Complies more closely with the HTTP specification for chunked transfer encoding. ++ In particular, we are much stricter about trailers, and trailers that ++ are invalid (too long or featuring disallowed characters) forcibly close ++ the connection to the client *after* the results have been sent. ++ Trailers otherwise continue to be ignored and are not available to the ++ WSGI application. ++ + """ + from __future__ import absolute_import + +@@ -22,10 +37,7 @@ import time + import traceback + from datetime import datetime + +-try: +- from urllib import unquote +-except ImportError: +- from urllib.parse import unquote # python 2 pylint:disable=import-error,no-name-in-module ++from urllib.parse import unquote + + from gevent import socket + import gevent +@@ -53,29 +65,52 @@ __all__ = [ + + MAX_REQUEST_LINE = 8192 + # Weekday and month names for HTTP date/time formatting; always English! +-_WEEKDAYNAME = ["Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun"] +-_MONTHNAME = [None, # Dummy so we can use 1-based month numbers ++_WEEKDAYNAME = ("Mon", "Tue", "Wed", "Thu", "Fri", "Sat", "Sun") ++_MONTHNAME = (None, # Dummy so we can use 1-based month numbers + "Jan", "Feb", "Mar", "Apr", "May", "Jun", +- "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"] ++ "Jul", "Aug", "Sep", "Oct", "Nov", "Dec") + + # The contents of the "HEX" grammar rule for HTTP, upper and lowercase A-F plus digits, + # in byte form for comparing to the network. + _HEX = string.hexdigits.encode('ascii') + ++# The characters allowed in "token" rules. ++ ++# token = 1*tchar ++# tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" ++# / "+" / "-" / "." / "^" / "_" / "`" / "|" / "~" ++# / DIGIT / ALPHA ++# ; any VCHAR, except delimiters ++# ALPHA = %x41-5A / %x61-7A ; A-Z / a-z ++_ALLOWED_TOKEN_CHARS = frozenset( ++ # Remember we have to be careful because bytestrings ++ # inexplicably iterate as integers, which are not equal to bytes. ++ ++ # explicit chars then DIGIT ++ (c.encode('ascii') for c in "!#$%&'*+-.^_`|~0123456789") ++ # Then we add ALPHA ++) | {c.encode('ascii') for c in string.ascii_letters} ++assert b'A' in _ALLOWED_TOKEN_CHARS ++ ++ + # Errors + _ERRORS = {} + _INTERNAL_ERROR_STATUS = '500 Internal Server Error' + _INTERNAL_ERROR_BODY = b'Internal Server Error' +-_INTERNAL_ERROR_HEADERS = [('Content-Type', 'text/plain'), +- ('Connection', 'close'), +- ('Content-Length', str(len(_INTERNAL_ERROR_BODY)))] ++_INTERNAL_ERROR_HEADERS = ( ++ ('Content-Type', 'text/plain'), ++ ('Connection', 'close'), ++ ('Content-Length', str(len(_INTERNAL_ERROR_BODY))) ++) + _ERRORS[500] = (_INTERNAL_ERROR_STATUS, _INTERNAL_ERROR_HEADERS, _INTERNAL_ERROR_BODY) + + _BAD_REQUEST_STATUS = '400 Bad Request' + _BAD_REQUEST_BODY = '' +-_BAD_REQUEST_HEADERS = [('Content-Type', 'text/plain'), +- ('Connection', 'close'), +- ('Content-Length', str(len(_BAD_REQUEST_BODY)))] ++_BAD_REQUEST_HEADERS = ( ++ ('Content-Type', 'text/plain'), ++ ('Connection', 'close'), ++ ('Content-Length', str(len(_BAD_REQUEST_BODY))) ++) + _ERRORS[400] = (_BAD_REQUEST_STATUS, _BAD_REQUEST_HEADERS, _BAD_REQUEST_BODY) + + _REQUEST_TOO_LONG_RESPONSE = b"HTTP/1.1 414 Request URI Too Long\r\nConnection: close\r\nContent-length: 0\r\n\r\n" +@@ -204,23 +239,32 @@ class Input(object): + # Read and return the next integer chunk length. If no + # chunk length can be read, raises _InvalidClientInput. + +- # Here's the production for a chunk: +- # (http://www.w3.org/Protocols/rfc2616/rfc2616-sec3.html) +- # chunk = chunk-size [ chunk-extension ] CRLF +- # chunk-data CRLF +- # chunk-size = 1*HEX +- # chunk-extension= *( ";" chunk-ext-name [ "=" chunk-ext-val ] ) +- # chunk-ext-name = token +- # chunk-ext-val = token | quoted-string +- +- # To cope with malicious or broken clients that fail to send valid +- # chunk lines, the strategy is to read character by character until we either reach +- # a ; or newline. If at any time we read a non-HEX digit, we bail. If we hit a +- # ;, indicating an chunk-extension, we'll read up to the next +- # MAX_REQUEST_LINE characters +- # looking for the CRLF, and if we don't find it, we bail. If we read more than 16 hex characters, +- # (the number needed to represent a 64-bit chunk size), we bail (this protects us from +- # a client that sends an infinite stream of `F`, for example). ++ # Here's the production for a chunk (actually the whole body): ++ # (https://www.rfc-editor.org/rfc/rfc7230#section-4.1) ++ ++ # chunked-body = *chunk ++ # last-chunk ++ # trailer-part ++ # CRLF ++ # ++ # chunk = chunk-size [ chunk-ext ] CRLF ++ # chunk-data CRLF ++ # chunk-size = 1*HEXDIG ++ # last-chunk = 1*("0") [ chunk-ext ] CRLF ++ # trailer-part = *( header-field CRLF ) ++ # chunk-data = 1*OCTET ; a sequence of chunk-size octets ++ ++ # To cope with malicious or broken clients that fail to send ++ # valid chunk lines, the strategy is to read character by ++ # character until we either reach a ; or newline. If at any ++ # time we read a non-HEX digit, we bail. If we hit a ;, ++ # indicating an chunk-extension, we'll read up to the next ++ # MAX_REQUEST_LINE characters ("A server ought to limit the ++ # total length of chunk extensions received") looking for the ++ # CRLF, and if we don't find it, we bail. If we read more than ++ # 16 hex characters, (the number needed to represent a 64-bit ++ # chunk size), we bail (this protects us from a client that ++ # sends an infinite stream of `F`, for example). + + buf = BytesIO() + while 1: +@@ -228,16 +272,20 @@ class Input(object): + if not char: + self._chunked_input_error = True + raise _InvalidClientInput("EOF before chunk end reached") +- if char == b'\r': +- break +- if char == b';': ++ ++ if char in ( ++ b'\r', # Beginning EOL ++ b';', # Beginning extension ++ ): + break + +- if char not in _HEX: ++ if char not in _HEX: # Invalid data. + self._chunked_input_error = True + raise _InvalidClientInput("Non-hex data", char) ++ + buf.write(char) +- if buf.tell() > 16: ++ ++ if buf.tell() > 16: # Too many hex bytes + self._chunked_input_error = True + raise _InvalidClientInput("Chunk-size too large.") + +@@ -257,11 +305,72 @@ class Input(object): + if char == b'\r': + # We either got here from the main loop or from the + # end of an extension ++ self.__read_chunk_size_crlf(rfile, newline_only=True) ++ result = int(buf.getvalue(), 16) ++ if result == 0: ++ # The only time a chunk size of zero is allowed is the final ++ # chunk. It is either followed by another \r\n, or some trailers ++ # which are then followed by \r\n. ++ while self.__read_chunk_trailer(rfile): ++ pass ++ return result ++ ++ # Trailers have the following production (they are a header-field followed by CRLF) ++ # See above for the definition of "token". ++ # ++ # header-field = field-name ":" OWS field-value OWS ++ # field-name = token ++ # field-value = *( field-content / obs-fold ) ++ # field-content = field-vchar [ 1*( SP / HTAB ) field-vchar ] ++ # field-vchar = VCHAR / obs-text ++ # obs-fold = CRLF 1*( SP / HTAB ) ++ # ; obsolete line folding ++ # ; see Section 3.2.4 ++ ++ ++ def __read_chunk_trailer(self, rfile, ): ++ # With rfile positioned just after a \r\n, read a trailer line. ++ # Return a true value if a non-empty trailer was read, and ++ # return false if an empty trailer was read (meaning the trailers are ++ # done). ++ # If a single line exceeds the MAX_REQUEST_LINE, raise an exception. ++ # If the field-name portion contains invalid characters, raise an exception. ++ ++ i = 0 ++ empty = True ++ seen_field_name = False ++ while i < MAX_REQUEST_LINE: ++ char = rfile.read(1) ++ if char == b'\r': ++ # Either read the next \n or raise an error. ++ self.__read_chunk_size_crlf(rfile, newline_only=True) ++ break ++ # Not a \r, so we are NOT an empty chunk. ++ empty = False ++ if char == b':' and i > 0: ++ # We're ending the field-name part; stop validating characters. ++ # Unless : was the first character... ++ seen_field_name = True ++ if not seen_field_name and char not in _ALLOWED_TOKEN_CHARS: ++ raise _InvalidClientInput('Invalid token character: %r' % (char,)) ++ i += 1 ++ else: ++ # We read too much ++ self._chunked_input_error = True ++ raise _InvalidClientInput("Too large chunk trailer") ++ return not empty ++ ++ def __read_chunk_size_crlf(self, rfile, newline_only=False): ++ # Also for safety, correctly verify that we get \r\n when expected. ++ if not newline_only: + char = rfile.read(1) +- if char != b'\n': ++ if char != b'\r': + self._chunked_input_error = True +- raise _InvalidClientInput("Line didn't end in CRLF") +- return int(buf.getvalue(), 16) ++ raise _InvalidClientInput("Line didn't end in CRLF: %r" % (char,)) ++ char = rfile.read(1) ++ if char != b'\n': ++ self._chunked_input_error = True ++ raise _InvalidClientInput("Line didn't end in LF: %r" % (char,)) + + def _chunked_read(self, length=None, use_readline=False): + # pylint:disable=too-many-branches +@@ -294,7 +403,7 @@ class Input(object): + + self.position += datalen + if self.chunk_length == self.position: +- rfile.readline() ++ self.__read_chunk_size_crlf(rfile) + + if length is not None: + length -= datalen +@@ -307,9 +416,9 @@ class Input(object): + # determine the next size to read + self.chunk_length = self.__read_chunk_length(rfile) + self.position = 0 +- if self.chunk_length == 0: +- # Last chunk. Terminates with a CRLF. +- rfile.readline() ++ # If chunk_length was 0, we already read any trailers and ++ # validated that we have ended with \r\n\r\n. ++ + return b''.join(response) + + def read(self, length=None): +@@ -532,7 +641,8 @@ class WSGIHandler(object): + elif len(words) == 2: + self.command, self.path = words + if self.command != "GET": +- raise _InvalidClientRequest('Expected GET method: %r' % (raw_requestline,)) ++ raise _InvalidClientRequest('Expected GET method; Got command=%r; path=%r; raw=%r' % ( ++ self.command, self.path, raw_requestline,)) + self.request_version = "HTTP/0.9" + # QQQ I'm pretty sure we can drop support for HTTP/0.9 + else: +@@ -1000,14 +1110,28 @@ class WSGIHandler(object): + finally: + try: + self.wsgi_input._discard() +- except (socket.error, IOError): +- # Don't let exceptions during discarding ++ except _InvalidClientInput: ++ # This one is deliberately raised to the outer ++ # scope, because, with the incoming stream in some bad state, ++ # we can't be sure we can synchronize and properly parse the next ++ # request. ++ raise ++ except socket.error ++ # Don't let socket exceptions during discarding + # input override any exception that may have been + # raised by the application, such as our own _InvalidClientInput. + # In the general case, these aren't even worth logging (see the comment + # just below) + pass +- except _InvalidClientInput: ++ except _InvalidClientInput as ex: ++ # DO log this one because: ++ # - Some of the data may have been read and acted on by the ++ # application; ++ # - The response may or may not have been sent; ++ # - It's likely that the client is bad, or malicious, and ++ # users might wish to take steps to block the client. ++ self._handle_client_error(ex) ++ self.close_connection = True + self._send_error_response_if_possible(400) + except socket.error as ex: + if ex.args[0] in self.ignored_socket_errors: +@@ -1054,17 +1178,22 @@ class WSGIHandler(object): + def _handle_client_error(self, ex): + # Called for invalid client input + # Returns the appropriate error response. +- if not isinstance(ex, ValueError): ++ if not isinstance(ex, (ValueError, _InvalidClientInput)): + # XXX: Why not self._log_error to send it through the loop's + # handle_error method? ++ # _InvalidClientRequest is a ValueError; _InvalidClientInput is an IOError. + traceback.print_exc() + if isinstance(ex, _InvalidClientRequest): + # No formatting needed, that's already been handled. In fact, because the + # formatted message contains user input, it might have a % in it, and attempting + # to format that with no arguments would be an error. +- self.log_error(ex.formatted_message) ++ # However, the error messages do not include the requesting IP ++ # necessarily, so we do add that. ++ self.log_error('(from %s) %s', self.client_address, ex.formatted_message) + else: +- self.log_error('Invalid request: %s', str(ex) or ex.__class__.__name__) ++ self.log_error('Invalid request (from %s): %s', ++ self.client_address, ++ str(ex) or ex.__class__.__name__) + return ('400', _BAD_REQUEST_RESPONSE) + + def _headers(self): +diff --git a/src/gevent/subprocess.py b/src/gevent/subprocess.py +index 38c9bd3..8a8ccad 100644 +--- a/src/gevent/subprocess.py ++++ b/src/gevent/subprocess.py +@@ -352,10 +352,11 @@ def check_output(*popenargs, **kwargs): + + To capture standard error in the result, use ``stderr=STDOUT``:: + +- >>> print(check_output(["/bin/sh", "-c", ++ >>> output = check_output(["/bin/sh", "-c", + ... "ls -l non_existent_file ; exit 0"], +- ... stderr=STDOUT).decode('ascii').strip()) +- ls: non_existent_file: No such file or directory ++ ... stderr=STDOUT).decode('ascii').strip() ++ >>> print(output.rsplit(':', 1)[1].strip()) ++ No such file or directory + + There is an additional optional argument, "input", allowing you to + pass a string to the subprocess's stdin. If you use this argument +diff --git a/src/gevent/testing/testcase.py b/src/gevent/testing/testcase.py +index cd5db80..aa86dcf 100644 +--- a/src/gevent/testing/testcase.py ++++ b/src/gevent/testing/testcase.py +@@ -225,7 +225,7 @@ class TestCaseMetaClass(type): + classDict.pop(key) + # XXX: When did we stop doing this? + #value = wrap_switch_count_check(value) +- value = _wrap_timeout(timeout, value) ++ #value = _wrap_timeout(timeout, value) + error_fatal = getattr(value, 'error_fatal', error_fatal) + if error_fatal: + value = errorhandler.wrap_error_fatal(value) +diff --git a/src/gevent/tests/test__pywsgi.py b/src/gevent/tests/test__pywsgi.py +index d2125a8..d46030b 100644 +--- a/src/gevent/tests/test__pywsgi.py ++++ b/src/gevent/tests/test__pywsgi.py +@@ -25,21 +25,11 @@ from gevent import monkey + monkey.patch_all() + + from contextlib import contextmanager +-try: +- from urllib.parse import parse_qs +-except ImportError: +- # Python 2 +- from urlparse import parse_qs ++from urllib.parse import parse_qs + import os + import sys +-try: +- # On Python 2, we want the C-optimized version if +- # available; it has different corner-case behaviour than +- # the Python implementation, and it used by socket.makefile +- # by default. +- from cStringIO import StringIO +-except ImportError: +- from io import BytesIO as StringIO ++from io import BytesIO as StringIO ++ + import weakref + import unittest + from wsgiref.validate import validator +@@ -156,6 +146,10 @@ class Response(object): + @classmethod + def read(cls, fd, code=200, reason='default', version='1.1', + body=None, chunks=None, content_length=None): ++ """ ++ Read an HTTP response, optionally perform assertions, ++ and return the Response object. ++ """ + # pylint:disable=too-many-branches + _status_line, headers = read_headers(fd) + self = cls(_status_line, headers) +@@ -716,7 +710,14 @@ class TestNegativeReadline(TestCase): + + class TestChunkedPost(TestCase): + ++ calls = 0 ++ ++ def setUp(self): ++ super().setUp() ++ self.calls = 0 ++ + def application(self, env, start_response): ++ self.calls += 1 + self.assertTrue(env.get('wsgi.input_terminated')) + start_response('200 OK', [('Content-Type', 'text/plain')]) + if env['PATH_INFO'] == '/a': +@@ -730,6 +731,8 @@ class TestChunkedPost(TestCase): + if env['PATH_INFO'] == '/c': + return list(iter(lambda: env['wsgi.input'].read(1), b'')) + ++ return [b'We should not get here', env['PATH_INFO'].encode('ascii')] ++ + def test_014_chunked_post(self): + data = (b'POST /a HTTP/1.1\r\nHost: localhost\r\nConnection: close\r\n' + b'Transfer-Encoding: chunked\r\n\r\n' +@@ -797,6 +800,170 @@ class TestChunkedPost(TestCase): + fd.write(data) + read_http(fd, code=400) + ++ def test_trailers_keepalive_ignored(self): ++ # Trailers after a chunk are ignored. ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: keep-alive\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0\r\n' # last-chunk ++ # Normally the final CRLF would go here, but if you put in a ++ # trailer, it doesn't. ++ b'trailer1: value1\r\n' ++ b'trailer2: value2\r\n' ++ b'\r\n' # Really terminate the chunk. ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: close\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n bye\r\n' ++ b'0\r\n' # last-chunk ++ ) ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ read_http(fd, body='oh bye') ++ ++ self.assertEqual(self.calls, 2) ++ ++ def test_trailers_too_long(self): ++ # Trailers after a chunk are ignored. ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: keep-alive\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0\r\n' # last-chunk ++ # Normally the final CRLF would go here, but if you put in a ++ # trailer, it doesn't. ++ b'trailer2: value2' # not lack of \r\n ++ ) ++ data += b't' * pywsgi.MAX_REQUEST_LINE ++ # No termination, because we detect the trailer as being too ++ # long and abort the connection. ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ with self.assertRaises(ConnectionClosed): ++ read_http(fd, body='oh bye') ++ ++ def test_trailers_request_smuggling_missing_last_chunk_keep_alive(self): ++ # When something that looks like a request line comes in the trailer ++ # as the first line, immediately after an invalid last chunk. ++ # We detect this and abort the connection, because the ++ # whitespace in the GET line isn't a legal part of a trailer. ++ # If we didn't abort the connection, then, because we specified ++ # keep-alive, the server would be hanging around waiting for more input. ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: keep-alive\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0' # last-chunk, but missing the \r\n ++ # Normally the final CRLF would go here, but if you put in a ++ # trailer, it doesn't. ++ # b'\r\n' ++ b'GET /path2?a=:123 HTTP/1.1\r\n' ++ b'Host: a.com\r\n' ++ b'Connection: close\r\n' ++ b'\r\n' ++ ) ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ with self.assertRaises(ConnectionClosed): ++ read_http(fd) ++ ++ self.assertEqual(self.calls, 1) ++ ++ def test_trailers_request_smuggling_missing_last_chunk_close(self): ++ # Same as the above, except the trailers are actually valid ++ # and since we ask to close the connection we don't get stuck ++ # waiting for more input. ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: close\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0\r\n' # last-chunk ++ # Normally the final CRLF would go here, but if you put in a ++ # trailer, it doesn't. ++ # b'\r\n' ++ b'GETpath2a:123 HTTP/1.1\r\n' ++ b'Host: a.com\r\n' ++ b'Connection: close\r\n' ++ b'\r\n' ++ ) ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ with self.assertRaises(ConnectionClosed): ++ read_http(fd) ++ ++ def test_trailers_request_smuggling_header_first(self): ++ # When something that looks like a header comes in the first line. ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: keep-alive\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0\r\n' # last-chunk, but only one CRLF ++ b'Header: value\r\n' ++ b'GET /path2?a=:123 HTTP/1.1\r\n' ++ b'Host: a.com\r\n' ++ b'Connection: close\r\n' ++ b'\r\n' ++ ) ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ with self.assertRaises(ConnectionClosed): ++ read_http(fd, code=400) ++ ++ self.assertEqual(self.calls, 1) ++ ++ def test_trailers_request_smuggling_request_terminates_then_header(self): ++ data = ( ++ b'POST /a HTTP/1.1\r\n' ++ b'Host: localhost\r\n' ++ b'Connection: keep-alive\r\n' ++ b'Transfer-Encoding: chunked\r\n' ++ b'\r\n' ++ b'2\r\noh\r\n' ++ b'4\r\n hai\r\n' ++ b'0\r\n' # last-chunk ++ b'\r\n' ++ b'Header: value' ++ b'GET /path2?a=:123 HTTP/1.1\r\n' ++ b'Host: a.com\r\n' ++ b'Connection: close\r\n' ++ b'\r\n' ++ ) ++ with self.makefile() as fd: ++ fd.write(data) ++ read_http(fd, body='oh hai') ++ read_http(fd, code=400) ++ ++ self.assertEqual(self.calls, 1) ++ + + class TestUseWrite(TestCase): + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb b/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb index 9efeec4d9f7..fd6b0f531a5 100644 --- a/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb +++ b/meta-python/recipes-devtools/python/python3-gevent_21.12.0.bb @@ -13,6 +13,8 @@ RDEPENDS:${PN} = "${PYTHON_PN}-greenlet \ SRC_URI[sha256sum] = "f48b64578c367b91fa793bf8eaaaf4995cb93c8bc45860e473bf868070ad094e" +SRC_URI += "file://CVE-2023-41419.patch" + inherit pypi setuptools3 # Don't embed libraries, link to the system instead From ebfb34db782929f506f2afecdbd6c38614bdff3e Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Fri, 6 Oct 2023 23:05:03 +0200 Subject: [PATCH 484/600] mosquitto: upgrade 2.0.14 -> 2.0.15 Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- .../mosquitto/{mosquitto_2.0.14.bb => mosquitto_2.0.15.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-connectivity/mosquitto/{mosquitto_2.0.14.bb => mosquitto_2.0.15.bb} (97%) diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.14.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb similarity index 97% rename from meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.14.bb rename to meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb index 739b7de6259..d06dd2d9cae 100644 --- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.14.bb +++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb @@ -19,7 +19,7 @@ SRC_URI = "http://mosquitto.org/files/source/mosquitto-${PV}.tar.gz \ file://1571.patch \ " -SRC_URI[sha256sum] = "d0dde8fdb12caf6e2426b4f28081919a2fce3448773bdb8af0d3cd5fe5776925" +SRC_URI[sha256sum] = "4735b1d32e3f91c7a8896741d88a3022e89730a1ee897946decfa0df27039ac6" inherit systemd update-rc.d useradd cmake pkgconfig From f6c58b4f9f2118645f112a1e741c4abec9c465fb Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Fri, 6 Oct 2023 23:05:04 +0200 Subject: [PATCH 485/600] mosquitto: do not automatically depend on dlt-daemon, it's a non-mandatory logging system Signed-off-by: Khem Raj Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- .../recipes-connectivity/mosquitto/mosquitto_2.0.15.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb index d06dd2d9cae..eea672a7063 100644 --- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb +++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb @@ -23,7 +23,7 @@ SRC_URI[sha256sum] = "4735b1d32e3f91c7a8896741d88a3022e89730a1ee897946decfa0df27 inherit systemd update-rc.d useradd cmake pkgconfig -PACKAGECONFIG ??= "ssl dlt websockets \ +PACKAGECONFIG ??= "ssl websockets \ ${@bb.utils.filter('DISTRO_FEATURES','systemd', d)} \ " From f6f0669c1f9066ef8530eb45646bca16e616b5f0 Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Fri, 6 Oct 2023 23:05:05 +0200 Subject: [PATCH 486/600] mosquitto: upgrade 2.0.15 -> 2.0.17 Fix for CVE-2023-28366, CVE-2023-0809, CVE-2023-3592 Signed-off-by: Gianfranco Costamagna Signed-off-by: Khem Raj Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- .../mosquitto/files/mosquitto.init | 20 +++++++++---------- ...osquitto_2.0.15.bb => mosquitto_2.0.17.bb} | 2 +- 2 files changed, 11 insertions(+), 11 deletions(-) rename meta-networking/recipes-connectivity/mosquitto/{mosquitto_2.0.15.bb => mosquitto_2.0.17.bb} (97%) diff --git a/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init b/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init index 9d5963c418d..d0da219d6d4 100644 --- a/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init +++ b/meta-networking/recipes-connectivity/mosquitto/files/mosquitto.init @@ -1,18 +1,18 @@ -#! /bin/sh +#!/bin/sh # Based on the Debian initscript for mosquitto ### BEGIN INIT INFO -# Provides: mosquitto -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: mosquitto MQTT message broker -# Description: -# This is a message broker that supports version 3.1/3.1.1 of the MQ Telemetry +# Provides: mosquitto +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: mosquitto MQTT 3.1/3.1.1 message broker +# Description: +# This is a message broker that supports version 3.1 of the MQ Telemetry # Transport (MQTT) protocol. -# +# # MQTT provides a method of carrying out messaging using a publish/subscribe # model. It is lightweight, both in terms of bandwidth usage and ease of # implementation. This makes it particularly useful at the edge of the network diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb similarity index 97% rename from meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb rename to meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb index eea672a7063..690b6bc126e 100644 --- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.15.bb +++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb @@ -19,7 +19,7 @@ SRC_URI = "http://mosquitto.org/files/source/mosquitto-${PV}.tar.gz \ file://1571.patch \ " -SRC_URI[sha256sum] = "4735b1d32e3f91c7a8896741d88a3022e89730a1ee897946decfa0df27039ac6" +SRC_URI[sha256sum] = "3be7a911236567c1a9fbe25baf3e3167004ba4a0c151a448ef1f7fc077dba52f" inherit systemd update-rc.d useradd cmake pkgconfig From a818281425ef9d180835455fc04b63ff17245a2f Mon Sep 17 00:00:00 2001 From: Gianfranco Costamagna Date: Fri, 6 Oct 2023 23:05:06 +0200 Subject: [PATCH 487/600] mosquitto: upgrade 2.0.17 -> 2.0.18 Add two patches from Debian, pull requests proposed upstream as 2894 and 2895 to make it start only when board is online, and to fix dynamic websockets link failure Signed-off-by: Khem Raj Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- .../mosquitto/files/2894.patch | 23 +++++++++++++++++ .../mosquitto/files/2895.patch | 25 +++++++++++++++++++ ...osquitto_2.0.17.bb => mosquitto_2.0.18.bb} | 4 ++- 3 files changed, 51 insertions(+), 1 deletion(-) create mode 100644 meta-networking/recipes-connectivity/mosquitto/files/2894.patch create mode 100644 meta-networking/recipes-connectivity/mosquitto/files/2895.patch rename meta-networking/recipes-connectivity/mosquitto/{mosquitto_2.0.17.bb => mosquitto_2.0.18.bb} (95%) diff --git a/meta-networking/recipes-connectivity/mosquitto/files/2894.patch b/meta-networking/recipes-connectivity/mosquitto/files/2894.patch new file mode 100644 index 00000000000..3275e57e385 --- /dev/null +++ b/meta-networking/recipes-connectivity/mosquitto/files/2894.patch @@ -0,0 +1,23 @@ +From: Joachim Zobel +Date: Wed, 13 Sep 2023 09:55:34 +0200 +Subject: [PATCH] Link correctly with shared websockets library if needed see: + https://github.com/eclipse/mosquitto/pull/2751 + +Patch contributed by Joachim Zobel and Daniel Engberg +--- + src/CMakeLists.txt | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index 9380a04..dce8313 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -200,7 +200,7 @@ if (WITH_WEBSOCKETS) + link_directories(${mosquitto_SOURCE_DIR}) + endif (WIN32) + else (STATIC_WEBSOCKETS) +- set (MOSQ_LIBS ${MOSQ_LIBS} websockets) ++ set (MOSQ_LIBS ${MOSQ_LIBS} websockets_shared) + endif (STATIC_WEBSOCKETS) + endif (WITH_WEBSOCKETS) + diff --git a/meta-networking/recipes-connectivity/mosquitto/files/2895.patch b/meta-networking/recipes-connectivity/mosquitto/files/2895.patch new file mode 100644 index 00000000000..a9e9c97b83e --- /dev/null +++ b/meta-networking/recipes-connectivity/mosquitto/files/2895.patch @@ -0,0 +1,25 @@ +From: Joachim Zobel +Date: Wed, 13 Sep 2023 10:05:43 +0200 +Subject: [PATCH] Mosquitto now waits for network-online when starting + (Closes: #1036450) + +See: https://github.com/eclipse/mosquitto/issues/2878 +--- + service/systemd/mosquitto.service.simple | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/service/systemd/mosquitto.service.simple b/service/systemd/mosquitto.service.simple +index 15ee0d6..c2a330b 100644 +--- a/service/systemd/mosquitto.service.simple ++++ b/service/systemd/mosquitto.service.simple +@@ -1,8 +1,8 @@ + [Unit] + Description=Mosquitto MQTT Broker + Documentation=man:mosquitto.conf(5) man:mosquitto(8) +-After=network.target +-Wants=network.target ++After=network-online.target ++Wants=network-online.target + + [Service] + ExecStart=/usr/sbin/mosquitto -c /etc/mosquitto/mosquitto.conf diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb similarity index 95% rename from meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb rename to meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb index 690b6bc126e..0c9ccc810dd 100644 --- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.17.bb +++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb @@ -17,9 +17,11 @@ DEPENDS = "uthash cjson" SRC_URI = "http://mosquitto.org/files/source/mosquitto-${PV}.tar.gz \ file://mosquitto.init \ file://1571.patch \ + file://2894.patch \ + file://2895.patch \ " -SRC_URI[sha256sum] = "3be7a911236567c1a9fbe25baf3e3167004ba4a0c151a448ef1f7fc077dba52f" +SRC_URI[sha256sum] = "d665fe7d0032881b1371a47f34169ee4edab67903b2cd2b4c083822823f4448a" inherit systemd update-rc.d useradd cmake pkgconfig From 8808a69b6c1563f8d41ad34352afb8d274e967aa Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Fri, 6 Oct 2023 23:05:07 +0200 Subject: [PATCH 488/600] mosquitto: add missing Upstream-Status Signed-off-by: Martin Jansa Signed-off-by: Khem Raj Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- meta-networking/recipes-connectivity/mosquitto/files/2894.patch | 2 ++ meta-networking/recipes-connectivity/mosquitto/files/2895.patch | 2 ++ 2 files changed, 4 insertions(+) diff --git a/meta-networking/recipes-connectivity/mosquitto/files/2894.patch b/meta-networking/recipes-connectivity/mosquitto/files/2894.patch index 3275e57e385..7374cbd26fe 100644 --- a/meta-networking/recipes-connectivity/mosquitto/files/2894.patch +++ b/meta-networking/recipes-connectivity/mosquitto/files/2894.patch @@ -5,6 +5,8 @@ Subject: [PATCH] Link correctly with shared websockets library if needed see: Patch contributed by Joachim Zobel and Daniel Engberg --- +Upstream-Status: Pending + src/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/mosquitto/files/2895.patch b/meta-networking/recipes-connectivity/mosquitto/files/2895.patch index a9e9c97b83e..853f881754a 100644 --- a/meta-networking/recipes-connectivity/mosquitto/files/2895.patch +++ b/meta-networking/recipes-connectivity/mosquitto/files/2895.patch @@ -5,6 +5,8 @@ Subject: [PATCH] Mosquitto now waits for network-online when starting See: https://github.com/eclipse/mosquitto/issues/2878 --- +Upstream-Status: Pending + service/systemd/mosquitto.service.simple | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) From 1d0d7f6e776d93474759e4d28f7445646b9b8645 Mon Sep 17 00:00:00 2001 From: Denys Dmytriyenko Date: Sat, 7 Oct 2023 14:06:23 +0800 Subject: [PATCH 489/600] mbedtls: set up /usr/bin/hello as alternative As mbedtls installs this rather generically-named /usr/bin/hello binary, it conflicts with the one provided by lmbench, hence set it up as an alternative to avoid conflicts when both are installed to rootfs or SDK. Signed-off-by: Denys Dmytriyenko Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- .../recipes-connectivity/mbedtls/mbedtls_2.28.2.bb | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb index 5696f94b0e6..1553c718859 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb @@ -26,7 +26,7 @@ S = "${WORKDIR}/git" SRCREV = "89f040a5c938985c5f30728baed21e49d0846a53" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" -inherit cmake +inherit cmake update-alternatives PACKAGECONFIG ??= "shared-libs programs" PACKAGECONFIG[shared-libs] = "-DUSE_SHARED_MBEDTLS_LIBRARY=ON,-DUSE_SHARED_MBEDTLS_LIBRARY=OFF" @@ -41,4 +41,7 @@ RPROVIDES:${PN} = "polarssl" PACKAGES =+ "${PN}-programs" FILES:${PN}-programs = "${bindir}/" +ALTERNATIVE:${PN}-programs = "hello" +ALTERNATIVE_LINK_NAME[hello] = "${bindir}/hello" + BBCLASSEXTEND = "native nativesdk" From 8a8ff58c2b461e58c37a1d63d040985f46711205 Mon Sep 17 00:00:00 2001 From: Joe Slater Date: Tue, 10 Oct 2023 14:14:45 -0700 Subject: [PATCH 490/600] nginx: add configure option Support --with-http_xslt_module configure option via a PACKAGECONFIG option. The option is not added to the defaults. Signed-off-by: Joe Slater Signed-off-by: Khem Raj (cherry picked from commit e0ac8eec48ddddc93751cfcdef2557998bfe91c8) Signed-off-by: Armin Kuster --- .../files/0001-configure-libxslt-conf.patch | 39 +++++++++++++++++++ meta-webserver/recipes-httpd/nginx/nginx.inc | 3 ++ 2 files changed, 42 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch new file mode 100644 index 00000000000..7ba2a1fb85d --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/0001-configure-libxslt-conf.patch @@ -0,0 +1,39 @@ +From 0c3c669464a514cf8d0cac08282ecb2b486f440f Mon Sep 17 00:00:00 2001 +From: Joe Slater +Date: Tue, 3 Oct 2023 19:21:17 +0000 +Subject: [PATCH] configure: libxslt conf + +Modify to find libxslt related include files under sysroot. + +Upstream-Status: Pending + +Signed-off-by: Joe Slater +--- + auto/lib/libxslt/conf | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/auto/lib/libxslt/conf b/auto/lib/libxslt/conf +index 3063ac7..eb77886 100644 +--- a/auto/lib/libxslt/conf ++++ b/auto/lib/libxslt/conf +@@ -12,7 +12,7 @@ + #include + #include + #include " +- ngx_feature_path="/usr/include/libxml2" ++ ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lxml2 -lxslt" + ngx_feature_test="xmlParserCtxtPtr ctxt = NULL; + xsltStylesheetPtr sheet = NULL; +@@ -100,7 +100,7 @@ fi + ngx_feature_name=NGX_HAVE_EXSLT + ngx_feature_run=no + ngx_feature_incs="#include " +- ngx_feature_path="/usr/include/libxml2" ++ ngx_feature_path="=/usr/include/libxml2" + ngx_feature_libs="-lexslt" + ngx_feature_test="exsltRegisterAll();" + . auto/feature +-- +2.35.5 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 231c1d1ec97..9f93c7051de 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -22,6 +22,7 @@ SRC_URI = " \ file://nginx-volatile.conf \ file://nginx.service \ file://nginx-fix-pidfile.patch \ + file://0001-configure-libxslt-conf.patch \ " inherit siteinfo update-rc.d useradd systemd @@ -45,6 +46,8 @@ PACKAGECONFIG[ssl] = "--with-http_ssl_module,,openssl" PACKAGECONFIG[http-auth-request] = "--with-http_auth_request_module,," PACKAGECONFIG[stream] = "--with-stream,," +PACKAGECONFIG[xslt] = "--with-http_xslt_module,,libxslt" + do_configure () { if [ "${SITEINFO_BITS}" = "64" ]; then PTRSIZE=8 From 79a6f60dabad9e5b0e041efa91379447ef030482 Mon Sep 17 00:00:00 2001 From: Yi Zhao Date: Fri, 13 Oct 2023 15:12:36 +0800 Subject: [PATCH 491/600] mbedtls: upgrade 2.28.2 -> 2.28.5 This release includes security fix for CVE-2023-43615. Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-2.28.5 Signed-off-by: Yi Zhao [Minor tweak to get it to apply] Signed-off-by: Armin Kuster --- .../mbedtls/{mbedtls_2.28.2.bb => mbedtls_2.28.5.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.2.bb => mbedtls_2.28.5.bb} (97%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb similarity index 97% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb index 1553c718859..95688e29bb7 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.2.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb @@ -23,7 +23,7 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "89f040a5c938985c5f30728baed21e49d0846a53" +SRCREV = "47e8cc9db2e469d902b0e3093ae9e482c3d87188" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" inherit cmake update-alternatives From cc322bb5fac7f6fb75c561225c867c29898ebf0b Mon Sep 17 00:00:00 2001 From: Omkar Patil Date: Thu, 7 Sep 2023 12:26:17 +0530 Subject: [PATCH 492/600] ntfs-3g-ntfsprogs: Upgrade 2022.5.17 to 2022.10.3 Changes: Rejected zero-sized runs Avoided merging runlists with no runs Fix CVE-2022-40284 Dunfell and master both have latest version of ntfs-3g-ntfsprogs 2022.10.3. Therefore, upgrade the version on kirkstone too. Signed-off-by: Omkar Patil Signed-off-by: Khem Raj (cherry picked from commit 5d5e8854718dab02c2737e3faf288f830a514841) Signed-off-by: Sana Kazi Signed-off-by: Armin Kuster --- ...3g-ntfsprogs_2022.5.17.bb => ntfs-3g-ntfsprogs_2022.10.3.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/{ntfs-3g-ntfsprogs_2022.5.17.bb => ntfs-3g-ntfsprogs_2022.10.3.bb} (95%) diff --git a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.10.3.bb similarity index 95% rename from meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb rename to meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.10.3.bb index b29716ad493..37a8106bb0d 100644 --- a/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.5.17.bb +++ b/meta-filesystems/recipes-filesystems/ntfs-3g-ntfsprogs/ntfs-3g-ntfsprogs_2022.10.3.bb @@ -10,7 +10,7 @@ SRC_URI = "http://tuxera.com/opensource/ntfs-3g_ntfsprogs-${PV}.tgz \ file://0001-libntfs-3g-Makefile.am-fix-install-failed-while-host.patch \ " S = "${WORKDIR}/ntfs-3g_ntfsprogs-${PV}" -SRC_URI[sha256sum] = "0489fbb6972581e1b417ab578d543f6ae522e7fa648c3c9b49c789510fd5eb93" +SRC_URI[sha256sum] = "f20e36ee68074b845e3629e6bced4706ad053804cbaf062fbae60738f854170c" UPSTREAM_CHECK_URI = "https://www.tuxera.com/community/open-source-ntfs-3g/" UPSTREAM_CHECK_REGEX = "ntfs-3g_ntfsprogs-(?P\d+(\.\d+)+)\.tgz" From 54ebe876ba7f966d575bc7a6c0b699073437d685 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Thu, 26 Oct 2023 14:11:16 +0100 Subject: [PATCH 493/600] grubby: Update branchname to match upstream meta-oe master already made this change along with others. Update the branchname to match upstream repository changes to allow fetching to continue to work. Drop unneeded duplicate semicolon too. Signed-off-by: Richard Purdie Signed-off-by: Armin Kuster --- meta-initramfs/recipes-devtools/grubby/grubby_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-initramfs/recipes-devtools/grubby/grubby_git.bb b/meta-initramfs/recipes-devtools/grubby/grubby_git.bb index a276bf423c1..7c40c52cf62 100644 --- a/meta-initramfs/recipes-devtools/grubby/grubby_git.bb +++ b/meta-initramfs/recipes-devtools/grubby/grubby_git.bb @@ -14,7 +14,7 @@ DEPENDS:append:libc-musl = " libexecinfo" S = "${WORKDIR}/git" SRCREV = "a1d2ae93408c3408e672d7eba4550fdf27fb0201" -SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https;;branch=master \ +SRC_URI = "git://github.com/rhboot/grubby.git;protocol=https;branch=main \ file://grubby-rename-grub2-editenv-to-grub-editenv.patch \ file://run-ptest \ file://0001-Add-another-variable-LIBS-to-provides-libraries-from.patch \ From efe1115b0fd819f8b121ff0d407020084e3bdcb5 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Thu, 26 Oct 2023 14:11:17 +0100 Subject: [PATCH 494/600] python-blivet: Adapt to upstream branch name changes Signed-off-by: Richard Purdie Signed-off-by: Armin Kuster --- .../recipes-extended/python-blivet/python3-blivetgui_2.3.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.3.0.bb b/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.3.0.bb index 29e7a267d2a..36ab065b513 100644 --- a/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.3.0.bb +++ b/meta-python/recipes-extended/python-blivet/python3-blivetgui_2.3.0.bb @@ -9,7 +9,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "42512ee48494cee71febf04078d9774f0146a085" -SRC_URI = "git://github.com/storaged-project/blivet-gui.git;branch=master;protocol=https \ +SRC_URI = "git://github.com/storaged-project/blivet-gui.git;branch=main;protocol=https \ file://0001-Use-setuptools-instead-of-distutils-in-setup.py.patch \ file://0002-Use-symbolic-list-add-and-edit-icons.patch \ " From 8274d201cbe36b2fc5feb409b4fc9f84d85afa97 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Thu, 26 Oct 2023 14:11:18 +0100 Subject: [PATCH 495/600] suiteparse: Adapt to upstream branch name changes meta-oe master branch already made this change. Signed-off-by: Richard Purdie Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/suitesparse/suitesparse_5.10.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/suitesparse/suitesparse_5.10.1.bb b/meta-oe/recipes-devtools/suitesparse/suitesparse_5.10.1.bb index 38e34b93c6c..56cbfce20eb 100644 --- a/meta-oe/recipes-devtools/suitesparse/suitesparse_5.10.1.bb +++ b/meta-oe/recipes-devtools/suitesparse/suitesparse_5.10.1.bb @@ -1,6 +1,6 @@ LICENSE = "GPL-2.0-only & GPL-3.0-only & BSD-3-Clause & LGPL-2.0-only & Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=5fa987762101f748a6cdd951b64ffc6b" -SRC_URI = "git://github.com/DrTimothyAldenDavis/SuiteSparse;protocol=https;branch=master \ +SRC_URI = "git://github.com/DrTimothyAldenDavis/SuiteSparse;protocol=https;branch=stable \ file://0001-Preserve-CXXFLAGS-from-environment-in-Mongoose.patch \ file://0002-Preserve-links-when-installing-libmetis.patch \ file://0003-Add-version-information-to-libmetis.patch \ From 579558c87f25c74519f1fb9716952480f97087e7 Mon Sep 17 00:00:00 2001 From: Beniamin Sandu Date: Wed, 1 Nov 2023 19:26:29 +0000 Subject: [PATCH 496/600] mbedtls: upgrade 3.4.0 -> 3.5.0 * Includes security fix for CVE-2023-43615 - Buffer overread in TLS stream cipher suites * Includes security fix for CVE-2023-45199 - Buffer overflow in TLS handshake parsing with ECDH * Includes aesce compilation fixes Full changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/mbedtls-3.5.0 The extra patch fixes x86 32-bit builds. Signed-off-by: Beniamin Sandu Signed-off-by: Armin Kuster --- ...t-attributes-for-x86-32-bit-intrinsi.patch | 87 +++++++++++++++++++ ...cify-an-arch-version-when-enabling-c.patch | 33 ------- ...t-target-attribute-when-building-wit.patch | 34 -------- .../{mbedtls_3.4.0.bb => mbedtls_3.5.0.bb} | 10 +-- 4 files changed, 89 insertions(+), 75 deletions(-) create mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch delete mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch delete mode 100644 meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_3.4.0.bb => mbedtls_3.5.0.bb} (87%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch new file mode 100644 index 00000000000..5030fb99f90 --- /dev/null +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch @@ -0,0 +1,87 @@ +From 80d3e73ad0648f558a067a9dbfe3bc80e6b614f8 Mon Sep 17 00:00:00 2001 +From: Beniamin Sandu +Date: Mon, 30 Oct 2023 19:15:56 +0000 +Subject: [PATCH] AES-NI: use target attributes for x86 32-bit intrinsics + +This way we build with 32-bit gcc/clang out of the box. +We also fallback to assembly for 64-bit clang-cl if needed cpu +flags are not provided, instead of throwing an error. + +Upstream-Status: Backport [https://github.com/Mbed-TLS/mbedtls/commit/800f2b7c020678a84abfa9688962b91c36e6693d] + +Signed-off-by: Beniamin Sandu +--- + library/aesni.c | 20 ++++++++++++++++++++ + library/aesni.h | 8 +++++--- + 2 files changed, 25 insertions(+), 3 deletions(-) + +diff --git a/library/aesni.c b/library/aesni.c +index 5f25a8249..481fa3822 100644 +--- a/library/aesni.c ++++ b/library/aesni.c +@@ -41,6 +41,17 @@ + #include + #endif + ++#if defined(MBEDTLS_ARCH_IS_X86) ++#if defined(MBEDTLS_COMPILER_IS_GCC) ++#pragma GCC push_options ++#pragma GCC target ("pclmul,sse2,aes") ++#define MBEDTLS_POP_TARGET_PRAGMA ++#elif defined(__clang__) ++#pragma clang attribute push (__attribute__((target("pclmul,sse2,aes"))), apply_to=function) ++#define MBEDTLS_POP_TARGET_PRAGMA ++#endif ++#endif ++ + #if !defined(MBEDTLS_AES_USE_HARDWARE_ONLY) + /* + * AES-NI support detection routine +@@ -396,6 +407,15 @@ static void aesni_setkey_enc_256(unsigned char *rk_bytes, + } + #endif /* !MBEDTLS_AES_ONLY_128_BIT_KEY_LENGTH */ + ++#if defined(MBEDTLS_POP_TARGET_PRAGMA) ++#if defined(__clang__) ++#pragma clang attribute pop ++#elif defined(__GNUC__) ++#pragma GCC pop_options ++#endif ++#undef MBEDTLS_POP_TARGET_PRAGMA ++#endif ++ + #else /* MBEDTLS_AESNI_HAVE_CODE == 1 */ + + #if defined(__has_feature) +diff --git a/library/aesni.h b/library/aesni.h +index ba1429029..37ae02c82 100644 +--- a/library/aesni.h ++++ b/library/aesni.h +@@ -50,6 +50,10 @@ + #if defined(__GNUC__) && defined(__AES__) && defined(__PCLMUL__) + #define MBEDTLS_AESNI_HAVE_INTRINSICS + #endif ++/* For 32-bit, we only support intrinsics */ ++#if defined(MBEDTLS_ARCH_IS_X86) && (defined(__GNUC__) || defined(__clang__)) ++#define MBEDTLS_AESNI_HAVE_INTRINSICS ++#endif + + /* Choose the implementation of AESNI, if one is available. + * +@@ -60,13 +64,11 @@ + #if defined(MBEDTLS_AESNI_HAVE_INTRINSICS) + #define MBEDTLS_AESNI_HAVE_CODE 2 // via intrinsics + #elif defined(MBEDTLS_HAVE_ASM) && \ +- defined(__GNUC__) && defined(MBEDTLS_ARCH_IS_X64) ++ (defined(__GNUC__) || defined(__clang__)) && defined(MBEDTLS_ARCH_IS_X64) + /* Can we do AESNI with inline assembly? + * (Only implemented with gas syntax, only for 64-bit.) + */ + #define MBEDTLS_AESNI_HAVE_CODE 1 // via assembly +-#elif defined(__GNUC__) +-# error "Must use `-mpclmul -msse2 -maes` for MBEDTLS_AESNI_C" + #else + #error "MBEDTLS_AESNI_C defined, but neither intrinsics nor assembly available" + #endif +-- +2.34.1 diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch deleted file mode 100644 index d98d8fa575f..00000000000 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls/0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 2246925e3cb16183e25d4e2cfd13fb800df86270 Mon Sep 17 00:00:00 2001 -From: Beniamin Sandu -Date: Sun, 25 Jun 2023 19:58:08 +0300 -Subject: [PATCH] aesce: do not specify an arch version when enabling crypto - instructions - -Building mbedtls with different aarch64 tuning variations revealed -that we should use the crypto extensions without forcing a particular -architecture version or core, as that can create issues. - -Upstream-Status: Submitted [https://github.com/Mbed-TLS/mbedtls/pull/7834] - -Signed-off-by: Beniamin Sandu ---- - library/aesce.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/library/aesce.c b/library/aesce.c -index fe056dc4c..843de3973 100644 ---- a/library/aesce.c -+++ b/library/aesce.c -@@ -60,7 +60,7 @@ - # error "A more recent GCC is required for MBEDTLS_AESCE_C" - # endif - # pragma GCC push_options --# pragma GCC target ("arch=armv8-a+crypto") -+# pragma GCC target ("+crypto") - # define MBEDTLS_POP_TARGET_PRAGMA - # else - # error "Only GCC and Clang supported for MBEDTLS_AESCE_C" --- -2.25.1 - diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch b/meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch deleted file mode 100644 index 4775c8ddb77..00000000000 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls/0002-aesce-use-correct-target-attribute-when-building-wit.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 03d3523f974536f2358047382aadb0d4cc762f8a Mon Sep 17 00:00:00 2001 -From: Beniamin Sandu -Date: Mon, 26 Jun 2023 12:07:21 +0300 -Subject: [PATCH] aesce: use correct target attribute when building with clang - -Seems clang has its own issues when it comes to crypto extensions, -and right now the best way to avoid them is to accurately enable -the needed instructions instead of the broad crypto feature. - -E.g.: https://github.com/llvm/llvm-project/issues/61645 - -Upstream-Status: Pending - -Signed-off-by: Beniamin Sandu ---- - library/aesce.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/library/aesce.c b/library/aesce.c -index 843de3973..7bea088ba 100644 ---- a/library/aesce.c -+++ b/library/aesce.c -@@ -53,7 +53,7 @@ - # if __clang_major__ < 4 - # error "A more recent Clang is required for MBEDTLS_AESCE_C" - # endif --# pragma clang attribute push (__attribute__((target("crypto"))), apply_to=function) -+# pragma clang attribute push (__attribute__((target("aes"))), apply_to=function) - # define MBEDTLS_POP_TARGET_PRAGMA - # elif defined(__GNUC__) - # if __GNUC__ < 6 --- -2.25.1 - diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb similarity index 87% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb index 3a355bb43f4..d57e717bd8e 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.4.0.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb @@ -23,10 +23,9 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "1873d3bfc2da771672bd8e7e8f41f57e0af77f33" +SRCREV = "1ec69067fa1351427f904362c1221b31538c8b57" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=master \ - file://0001-aesce-do-not-specify-an-arch-version-when-enabling-c.patch \ - file://0002-aesce-use-correct-target-attribute-when-building-wit.patch \ + file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \ file://run-ptest" inherit cmake update-alternatives ptest @@ -61,11 +60,6 @@ BBCLASSEXTEND = "native nativesdk" CVE_PRODUCT = "mbed_tls" -# Fix merged upstream https://github.com/Mbed-TLS/mbedtls/pull/5310 -CVE_CHECK_IGNORE += "CVE-2021-43666" -# Fix merged upstream https://github.com/Mbed-TLS/mbedtls/commit/9a4a9c66a48edfe9ece03c7e4a53310adf73a86c -CVE_CHECK_IGNORE += "CVE-2021-45451" - # Strip host paths from autogenerated test files do_compile:append() { sed -i 's+${S}/++g' ${B}/tests/*.c 2>/dev/null || : From b4bee1f709f28bc70eab9666ce3010be0ee06f95 Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Fri, 29 Sep 2023 13:26:28 +0200 Subject: [PATCH 497/600] packagegroup-meta-multimedia: restore x11 restriction for projucer * it was removed in: https://git.openembedded.org/meta-openembedded/commit/?id=deb11a823c32d4090b3724a589641810e06df6bc * but still needed as shown in world build without x11 in DISTRO_FEATURES: ERROR: Nothing RPROVIDES 'projucer' (but /OE/build/luneos-nanbield/meta-openembedded/meta-multimedia/recipes-multimedia/packagegroups/packagegroup-meta-multimedia.bb RDEPENDS on or otherwise requires it) projucer was skipped: missing required distro feature 'x11' (not in DISTRO_FEATURES) NOTE: Runtime target 'projucer' is unbuildable, removing... Missing or unbuildable dependency chain was: ['projucer'] Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- .../packagegroups/packagegroup-meta-multimedia.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-multimedia/recipes-multimedia/packagegroups/packagegroup-meta-multimedia.bb b/meta-multimedia/recipes-multimedia/packagegroups/packagegroup-meta-multimedia.bb index 2b7a43b93d1..b0fce73b535 100644 --- a/meta-multimedia/recipes-multimedia/packagegroups/packagegroup-meta-multimedia.bb +++ b/meta-multimedia/recipes-multimedia/packagegroups/packagegroup-meta-multimedia.bb @@ -55,7 +55,7 @@ RDEPENDS:packagegroup-meta-multimedia = "\ tearsofsteel-1080p \ schroedinger \ pipewire \ - ${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", "projucer", "", d)} \ + ${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", bb.utils.contains("DISTRO_FEATURES", "x11", "projucer", "", d), "", d)} \ libcamera \ ${@bb.utils.contains("LICENSE_FLAGS_ACCEPTED", "commercial", "libde265 openh264", "", d)} \ vorbis-tools \ From 7da6cb848bc42b3e6bd5d2b37b52ba75510a6ca0 Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Fri, 20 Oct 2023 04:56:09 +0000 Subject: [PATCH 498/600] indent: fix CVE-2023-40305 GNU indent 2.2.13 has a heap-based buffer overflow in search_brace in indent.c via a crafted file. Reference: https://savannah.gnu.org/bugs/index.php?64503 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- .../indent/indent/CVE-2023-40305_0001.patch | 4196 ++++++++++++++++ .../indent/indent/CVE-2023-40305_0002.patch | 4254 +++++++++++++++++ .../recipes-extended/indent/indent_2.2.12.bb | 2 + 3 files changed, 8452 insertions(+) create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch create mode 100644 meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch diff --git a/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch b/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch new file mode 100644 index 00000000000..367202e3c55 --- /dev/null +++ b/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0001.patch @@ -0,0 +1,4196 @@ +From df4ab2d19e247d059e0025789ba513418073ab6f Mon Sep 17 00:00:00 2001 +From: Petr Písař +Date: Thu, 19 Oct 2023 07:36:32 +0000 +Subject: [PATCH] Fix an out-of-buffer read in search_brace()/lexi() on an + condition without parentheses followed with an overlong comment +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Reproducer: + +$ hexdump -C /tmp/short +00000000 69 66 20 30 3b 65 6c 73 65 2f 2a 0a 0a 0a 0a 0a |if 0;else/*.....| +00000010 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a |................| +* +00000800 0a 0a 2a 2f 78 0a |..*/x.| +00000806 + +$ valgrind -- ./indent -o /dev/null /tmp/short +[...] +==21830== Invalid read of size 1 +==21830== at 0x40586A: lexi (lexi.c:251) +==21830== by 0x40198C: search_brace (indent.c:387) +==21830== by 0x401CC2: indent_main_loop (indent.c:548) +==21830== by 0x402298: indent (indent.c:758) +==21830== by 0x402941: indent_single_file (indent.c:1003) +==21830== by 0x402A0F: indent_all (indent.c:1041) +==21830== by 0x402BC5: main (indent.c:1122) +==21830== Address 0x4ab2210 is 0 bytes inside a block of size 2,048 free'd +==21830== at 0x4847A40: realloc (vg_replace_malloc.c:1649) +==21830== by 0x408BC0: xrealloc (globs.c:64) +==21830== by 0x40BF03: need_chars (handletoken.c:89) +==21830== by 0x401433: sw_buffer (indent.c:149) +==21830== by 0x401973: search_brace (indent.c:380) +==21830== by 0x401CC2: indent_main_loop (indent.c:548) +==21830== by 0x402298: indent (indent.c:758) +==21830== by 0x402941: indent_single_file (indent.c:1003) +==21830== by 0x402A0F: indent_all (indent.c:1041) +==21830== by 0x402BC5: main (indent.c:1122) +==21830== Block was alloc'd at +==21830== at 0x4847A40: realloc (vg_replace_malloc.c:1649) +==21830== by 0x408BC0: xrealloc (globs.c:64) +==21830== by 0x40BF03: need_chars (handletoken.c:89) +==21830== by 0x401696: search_brace (indent.c:281) +==21830== by 0x401CC2: indent_main_loop (indent.c:548) +==21830== by 0x402298: indent (indent.c:758) +==21830== by 0x402941: indent_single_file (indent.c:1003) +==21830== by 0x402A0F: indent_all (indent.c:1041) +==21830== by 0x402BC5: main (indent.c:1122) + +The cause was that need_chars(&save_com, ...) could reallocate save_com.ptr +pointer keeping a dangling copy of that pointer saved to buf_ptr +a line above. + +Related to CVE-2023-40305 + +Signed-off-by: Petr Písař + +CVE: CVE-2023-40305 + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/indent.git/commit/?id=df4ab2d19e247d059e0025789ba513418073ab6f] + +Signed-off-by: Yogita Urade +--- + regression/TEST | 3 +- + regression/input/comment-heap-overread.c | 2040 ++++++++++++++++++ + regression/standard/comment-heap-overread.c | 2042 +++++++++++++++++++ + src/indent.c | 2 +- + 4 files changed, 4085 insertions(+), 2 deletions(-) + create mode 100644 regression/input/comment-heap-overread.c + create mode 100644 regression/standard/comment-heap-overread.c + +diff --git a/regression/TEST b/regression/TEST +index 56f41d9..a7a6747 100755 +--- a/regression/TEST ++++ b/regression/TEST +@@ -37,7 +37,8 @@ BUGS="case-label.c one-line-1.c one-line-2.c one-line-3.c \ + one-line-4.c struct-decl.c sizeof-in-while.c line-break-comment.c \ + macro.c enum.c elif.c nested.c wrapped-string.c minus_predecrement.c \ + bug-gnu-33364.c float-constant-suffix.c block-comments.c \ +- no-forced-nl-in-block-init.c hexadecimal_float.c" ++ no-forced-nl-in-block-init.c hexadecimal_float.c \ ++ comment-heap-overread.c" + + INDENTSRC="args.c backup.h backup.c dirent_def.h globs.c indent.h \ + indent.c indent_globs.h io.c lexi.c memcpy.c parse.c pr_comment.c \ +diff --git a/regression/input/comment-heap-overread.c b/regression/input/comment-heap-overread.c +new file mode 100644 +index 0000000..5b0b172 +--- /dev/null ++++ b/regression/input/comment-heap-overread.c +@@ -0,0 +1,2040 @@ ++if 0;else/* ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++*/x +diff --git a/regression/standard/comment-heap-overread.c b/regression/standard/comment-heap-overread.c +new file mode 100644 +index 0000000..e601fb4 +--- /dev/null ++++ b/regression/standard/comment-heap-overread.c +@@ -0,0 +1,2042 @@ ++if 0; ++else /* ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ */ ++ x +diff --git a/src/indent.c b/src/indent.c +index 0c2780b..208b48a 100644 +--- a/src/indent.c ++++ b/src/indent.c +@@ -145,8 +145,8 @@ static void sw_buffer(void) + parser_state_tos->search_brace = false; + bp_save = buf_ptr; + be_save = buf_end; +- buf_ptr = save_com.ptr; + need_chars (&save_com, 1); ++ buf_ptr = save_com.ptr; + buf_end = save_com.end; + save_com.end = save_com.ptr; /* make save_com empty */ + } +-- +2.35.5 diff --git a/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch b/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch new file mode 100644 index 00000000000..d02521bb069 --- /dev/null +++ b/meta-oe/recipes-extended/indent/indent/CVE-2023-40305_0002.patch @@ -0,0 +1,4254 @@ +From 2685cc0bef0200733b634932ea7399b6cf91b6d7 Mon Sep 17 00:00:00 2001 +From: Petr Písař +Date: Thu, 19 Oct 2023 08:42:59 +0000 +Subject: [PATCH] Fix a heap buffer overwrite in search_brace() + (CVE-2023-40305) +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +If there was a comment between if-condition and an statement opening +bracket and the comment size aligned to an indent-internal 1024 B +buffer for comments, indent attempted to write into a nonallocated +memory on heap. + +$ hexdump -C /tmp/write1 +00000000 69 66 20 30 3b 65 6c 73 65 2f 2a 0a 0a 0a 0a 0a |if 0;else/*.....| +00000010 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a 0a |................| +* +00000800 0a 0a 0a 0a 2a 2f 7b 0a |....*/{.| +00000808 + +$ valgrind -- ./indent -o /dev/null /tmp/write1 2>&1 | head -n 23 +==26345== Memcheck, a memory error detector +==26345== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al. +==26345== Using Valgrind-3.21.0 and LibVEX; rerun with -h for copyright info +==26345== Command: ./indent -o /dev/null /tmp/write1 +==26345== +==26345== Invalid write of size 1 +==26345== at 0x401558: search_brace (indent.c:232) +==26345== by 0x401CB2: indent_main_loop (indent.c:548) +==26345== by 0x402288: indent (indent.c:758) +==26345== by 0x402931: indent_single_file (indent.c:1003) +==26345== by 0x4029FF: indent_all (indent.c:1041) +==26345== by 0x402BA6: main (indent.c:1122) +==26345== Address 0x4aa7830 is 0 bytes after a block of size 2,048 alloc'd +==26345== at 0x4847A40: realloc (vg_replace_malloc.c:1649) +==26345== by 0x408BA1: xrealloc (globs.c:64) +==26345== by 0x40BEE4: need_chars (handletoken.c:89) +==26345== by 0x401686: search_brace (indent.c:281) +==26345== by 0x401CB2: indent_main_loop (indent.c:548) +==26345== by 0x402288: indent (indent.c:758) +==26345== by 0x402931: indent_single_file (indent.c:1003) +==26345== by 0x4029FF: indent_all (indent.c:1041) +==26345== by 0x402BA6: main (indent.c:1122) + +The cause was that the buffer was exhausted by the comment text and no +space left for the following new-line and curly bracket characters. + +This patch fixes it by enlarging the buffer two fit these two +additional characters. + + + +Signed-off-by: Petr Písař + +CVE: CVE-2023-40305 + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/indent.git/commit/?id=2685cc0bef0200733b634932ea7399b6cf91b6d7] + +Signed-off-by: Yogita Urade +--- + regression/TEST | 44 +- + regression/input/comment-heap-overwrite.c | 2042 ++++++++++++++++ + regression/standard/comment-heap-overwrite.c | 2044 +++++++++++++++++ + .../standard/comment-heap-overwrite.err | 1 + + src/indent.c | 1 + + 5 files changed, 4111 insertions(+), 21 deletions(-) + create mode 100644 regression/input/comment-heap-overwrite.c + create mode 100644 regression/standard/comment-heap-overwrite.c + create mode 100644 regression/standard/comment-heap-overwrite.err + +diff --git a/regression/TEST b/regression/TEST +index a7a6747..a76c112 100755 +--- a/regression/TEST ++++ b/regression/TEST +@@ -427,6 +427,7 @@ echo Testing new comment stuff...Done. + + + echo Testing bad code handling.... ++ERR=output/errors + + # print_comment() was reading past the end of the buffer... + echo -ne '/*' | $INDENT -npro -st > /dev/null 2>&1 +@@ -444,29 +445,30 @@ then + echo >> $ERR + fi + +-# This ends in a error from indent but it shouldn't coredump. +-$INDENT -npro input/bug206785.c -o output/bug206785.c 2>output/bug206785.err ++# This ends in an error from indent but it shouldn't coredump. ++for TEST in bug206785 comment-heap-overwrite; do ++ $INDENT -npro input/"$TEST".c -o output/"$TEST".c 2>output/"$TEST".err + +-if [ $? -ne 2 ] +-then +- printf ERROR: bad return status from indent. | tee -a $ERR +- echo >> $ERR +-fi +-cd output ++ if [ $? -ne 2 ] ++ then ++ printf "ERROR: bad return status from indent for %s.c" "$TEST" | tee -a $ERR ++ echo >> $ERR ++ fi + +-for i in bug206785.c bug206785.err +-do +- printf ...$i... +- diff --initial-tab ../standard/$i $i > $i-diffs 2>&1 +- if [ -s $i-diffs ] +- then +- printf ERROR: $i failed | tee -a $ERR +- echo >> $ERR +- else +- rm $i-diffs +- rm $i +- fi +- echo ++ for i in "$TEST".c "$TEST".err ++ do ++ printf "...%s..." "$i" ++ diff --initial-tab standard/"$i" output/"$i" > output/"$i"-diffs 2>&1 ++ if [ -s output/"$i"-diffs ] ++ then ++ printf "ERROR: %s failed" "$i" | tee -a $ERR ++ echo >> $ERR ++ else ++ rm output/"$i"-diffs ++ rm output/"$i" ++ fi ++ echo ++ done + done + + echo Testing bad code handling...Done. +diff --git a/regression/input/comment-heap-overwrite.c b/regression/input/comment-heap-overwrite.c +new file mode 100644 +index 0000000..5b1ca6a +--- /dev/null ++++ b/regression/input/comment-heap-overwrite.c +@@ -0,0 +1,2042 @@ ++if 0;else/* ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++*/{ +diff --git a/regression/standard/comment-heap-overwrite.c b/regression/standard/comment-heap-overwrite.c +new file mode 100644 +index 0000000..8650d51 +--- /dev/null ++++ b/regression/standard/comment-heap-overwrite.c +@@ -0,0 +1,2044 @@ ++if 0; ++else /* ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ ++ */ ++ { +diff --git a/regression/standard/comment-heap-overwrite.err b/regression/standard/comment-heap-overwrite.err +new file mode 100644 +index 0000000..fa571c8 +--- /dev/null ++++ b/regression/standard/comment-heap-overwrite.err +@@ -0,0 +1 @@ ++indent: input/comment-heap-overwrite.c:2044: Error:Unexpected end of file +diff --git a/src/indent.c b/src/indent.c +index 208b48a..a9f88a2 100644 +--- a/src/indent.c ++++ b/src/indent.c +@@ -228,6 +228,7 @@ static BOOLEAN search_brace( + * a `dump_line' call, thus ensuring that the brace + * will go into the right column. */ + ++ need_chars (&save_com, 2); + *save_com.end++ = EOL; + *save_com.end++ = '{'; + save_com.len += 2; +-- +2.35.5 diff --git a/meta-oe/recipes-extended/indent/indent_2.2.12.bb b/meta-oe/recipes-extended/indent/indent_2.2.12.bb index 1a7d61abc09..a846682c13a 100644 --- a/meta-oe/recipes-extended/indent/indent_2.2.12.bb +++ b/meta-oe/recipes-extended/indent/indent_2.2.12.bb @@ -17,6 +17,8 @@ SRC_URI = "${GNU_MIRROR}/${BPN}/${BP}.tar.gz \ file://0001-Makefile.am-remove-regression-dir.patch \ file://0001-Fix-builds-with-recent-gettext.patch \ file://0001-Remove-dead-paren_level-code.patch \ + file://CVE-2023-40305_0001.patch \ + file://CVE-2023-40305_0002.patch \ " SRC_URI[md5sum] = "4764b6ac98f6654a35da117b8e5e8e14" SRC_URI[sha256sum] = "e77d68c0211515459b8812118d606812e300097cfac0b4e9fb3472664263bb8b" From 90aa13dcd7cd3abfc74a17099ba2fcbad84d0134 Mon Sep 17 00:00:00 2001 From: Jeffrey Pautler Date: Fri, 10 Nov 2023 10:14:04 -0600 Subject: [PATCH 499/600] apache2: add vendor to product name used for CVE checking This recipe sets the product name used for CVE checking to "http_server". However, the cve-check logic matches that name to all products in the CVE database regardless of vendor. Currently, it is matching to products from vendors other than apache. As a result, CVE checking incorrectly reports CVEs for those vendors' products for this package. Signed-off-by: Jeffrey Pautler Signed-off-by: Khem Raj (cherry picked from commit 51f70eaaa5973e385645f574093ee860f5648f88) Signed-off-by: Jeffrey Pautler --- meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb index 9ffdf3265a0..3fbc975fca9 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb @@ -36,7 +36,7 @@ inherit autotools update-rc.d pkgconfig systemd update-alternatives DEPENDS = "openssl expat pcre apr apr-util apache2-native " -CVE_PRODUCT = "http_server" +CVE_PRODUCT = "apache:http_server" SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" From 0b1520a35c07ac98ce353605626b615dec2eedce Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Fri, 22 Sep 2023 12:11:26 +0000 Subject: [PATCH 500/600] open-vm-tools: fix CVE-2023-20900 A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID -6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download. vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31 e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . References: https://nvd.nist.gov/vuln/detail/CVE-2023-20900 https://security-tracker.debian.org/tracker/CVE-2023-20900 Signed-off-by: Narpat Mali [Minor fixup] Signed-off-by: Armin Kuster --- .../open-vm-tools/CVE-2023-20900.patch | 36 +++++++++++++++++++ .../open-vm-tools/open-vm-tools_11.3.5.bb | 1 + 2 files changed, 37 insertions(+) create mode 100644 meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20900.patch diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20900.patch b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20900.patch new file mode 100644 index 00000000000..1b51e500aa3 --- /dev/null +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-20900.patch @@ -0,0 +1,36 @@ +From 108d81c70d0a6792847051d121a660ef3511517d Mon Sep 17 00:00:00 2001 +From: Katy Feng +Date: Fri, 22 Sep 2023 10:15:58 +0000 +Subject: [PATCH] Allow only X509 certs to verify the SAML token signature. + +CVE: CVE-2023-20900 + +Upstream-Status: Backport [https://github.com/vmware/open-vm-tools/commit/74b6d0d9000eda1a2c8f31c40c725fb0b8520b16] + +Signed-off-by: Narpat Mali +--- + open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c | 9 ++++++++- + 1 file changed, 8 insertions(+), 1 deletion(-) + +diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +index aaa5082a..ad8fe304 100644 +--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c ++++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +@@ -1273,7 +1273,14 @@ VerifySignature(xmlDocPtr doc, + */ + bRet = RegisterID(xmlDocGetRootElement(doc), "ID"); + if (bRet == FALSE) { +- g_warning("failed to register ID\n"); ++ g_warning("Failed to register ID\n"); ++ goto done; ++ } ++ ++ /* Use only X509 certs to validate the signature */ ++ if (xmlSecPtrListAdd(&(dsigCtx->keyInfoReadCtx.enabledKeyData), ++ BAD_CAST xmlSecKeyDataX509Id) < 0) { ++ g_warning("Failed to limit allowed key data\n"); + goto done; + } + +-- +2.40.0 diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb index c80827a9927..bac9b694df7 100644 --- a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb @@ -46,6 +46,7 @@ SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=maste file://0001-open-vm-tools-Correct-include-path-for-poll.h.patch;patchdir=.. \ file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ file://CVE-2023-20867.patch;patchdir=.. \ + file://CVE-2023-20900.patch;patchdir=.. \ " UPSTREAM_CHECK_GITTAGREGEX = "stable-(?P\d+(\.\d+)+)" From 65cacf82582e527d42849c6dcb7eb4c9340ee833 Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Tue, 14 Nov 2023 05:50:09 +0000 Subject: [PATCH 501/600] open-vm-tools: fix CVE-2023-34058 A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias. Reference: https://nvd.nist.gov/vuln/detail/CVE-2023-34058 Signed-off-by: Archana Polampalli [minor fixup] Signed-off-by: Armin Kuster --- .../open-vm-tools/CVE-2023-34058.patch | 241 ++++++++++++++++++ .../open-vm-tools/open-vm-tools_11.3.5.bb | 1 + 2 files changed, 242 insertions(+) create mode 100644 meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-34058.patch diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-34058.patch b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-34058.patch new file mode 100644 index 00000000000..d24dd3695c1 --- /dev/null +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools/CVE-2023-34058.patch @@ -0,0 +1,241 @@ +From 6822b5a84f8cfa60d46479d6b8f1c63eb85eac87 Mon Sep 17 00:00:00 2001 +From: John Wolfe +Date: Wed, 18 Oct 2023 09:04:07 -0700 +Subject: [PATCH] Address CVE-2023-34058 + +VGAuth: don't accept tokens with unrelated certs. + +CVE: CVE-2023-34058 + +Upstream-Status: Backport [https://github.com/vmware/open-vm-tools/commit/e5be40b9cc025d03ccd5689ef9192d29abd68bfe] + +Signed-off-by: Archana Polampalli +--- + open-vm-tools/vgauth/common/certverify.c | 145 ++++++++++++++++++ + open-vm-tools/vgauth/common/certverify.h | 4 + + open-vm-tools/vgauth/common/prefs.h | 2 + + .../vgauth/serviceImpl/saml-xmlsec1.c | 14 ++ + 4 files changed, 165 insertions(+) + +diff --git a/open-vm-tools/vgauth/common/certverify.c b/open-vm-tools/vgauth/common/certverify.c +index edf54928..29b12df3 100644 +--- a/open-vm-tools/vgauth/common/certverify.c ++++ b/open-vm-tools/vgauth/common/certverify.c +@@ -893,3 +893,148 @@ done: + + return err; + } ++ ++ ++/* ++ * Finds a cert with a subject (if checkSubj is set) or issuer (if ++ * checkSUbj is unset), matching 'val' in the list ++ * of certs. Returns a match or NULL. ++ */ ++ ++static X509 * ++FindCert(GList *cList, ++ X509_NAME *val, ++ int checkSubj) ++{ ++ GList *l; ++ X509 *c; ++ X509_NAME *v; ++ ++ l = cList; ++ while (l != NULL) { ++ c = (X509 *) l->data; ++ if (checkSubj) { ++ v = X509_get_subject_name(c); ++ } else { ++ v = X509_get_issuer_name(c); ++ } ++ if (X509_NAME_cmp(val, v) == 0) { ++ return c; ++ } ++ l = l->next; ++ } ++ return NULL; ++} ++ ++ ++/* ++ ****************************************************************************** ++ * CertVerify_CheckForUnrelatedCerts -- */ /** ++ * ++ * Looks over a list of certs. If it finds that they are not all ++ * part of the same chain, returns failure. ++ * ++ * @param[in] numCerts The number of certs in the chain. ++ * @param[in] pemCerts The chain of certificates to verify. ++ * ++ * @return VGAUTH_E_OK on success, VGAUTH_E_FAIL if unrelated certs are found. ++ * ++ ****************************************************************************** ++ */ ++ ++VGAuthError ++CertVerify_CheckForUnrelatedCerts(int numCerts, ++ const char **pemCerts) ++{ ++ VGAuthError err = VGAUTH_E_FAIL; ++ int chainLen = 0; ++ int i; ++ X509 **certs = NULL; ++ GList *rawList = NULL; ++ X509 *baseCert; ++ X509 *curCert; ++ X509_NAME *subject; ++ X509_NAME *issuer; ++ ++ /* common single cert case; nothing to do */ ++ if (numCerts == 1) { ++ return VGAUTH_E_OK; ++ } ++ ++ /* convert all PEM to X509 objects */ ++ certs = g_malloc0(numCerts * sizeof(X509 *)); ++ for (i = 0; i < numCerts; i++) { ++ certs[i] = CertStringToX509(pemCerts[i]); ++ if (NULL == certs[i]) { ++ g_warning("%s: failed to convert cert to X509\n", __FUNCTION__); ++ goto done; ++ } ++ } ++ ++ /* choose the cert to start the chain. shouldn't matter which */ ++ baseCert = certs[0]; ++ ++ /* put the rest into a list */ ++ for (i = 1; i < numCerts; i++) { ++ rawList = g_list_append(rawList, certs[i]); ++ } ++ ++ /* now chase down to a leaf, looking for certs the baseCert issued */ ++ subject = X509_get_subject_name(baseCert); ++ while ((curCert = FindCert(rawList, subject, 0)) != NULL) { ++ /* pull it from the list */ ++ rawList = g_list_remove(rawList, curCert); ++ /* set up the next find */ ++ subject = X509_get_subject_name(curCert); ++ } ++ ++ /* ++ * walk up to the root cert, by finding a cert where the ++ * issuer equals the subject of the current ++ */ ++ issuer = X509_get_issuer_name(baseCert); ++ while ((curCert = FindCert(rawList, issuer, 1)) != NULL) { ++ /* pull it from the list */ ++ rawList = g_list_remove(rawList, curCert); ++ /* set up the next find */ ++ issuer = X509_get_issuer_name(curCert); ++ } ++ ++ /* ++ * At this point, anything on the list should be certs that are not part ++ * of the chain that includes the original 'baseCert'. ++ * ++ * For a valid token, the list should be empty. ++ */ ++ chainLen = g_list_length(rawList); ++ if (chainLen != 0 ) { ++ GList *l; ++ ++ g_warning("%s: %d unrelated certs found in list\n", ++ __FUNCTION__, chainLen); ++ ++ /* debug helper */ ++ l = rawList; ++ while (l != NULL) { ++ X509* c = (X509 *) l->data; ++ char *s = X509_NAME_oneline(X509_get_subject_name(c), NULL, 0); ++ ++ g_debug("%s: unrelated cert subject: %s\n", __FUNCTION__, s); ++ free(s); ++ l = l->next; ++ } ++ ++ goto done; ++ } ++ ++ g_debug("%s: Success! no unrelated certs found\n", __FUNCTION__); ++ err = VGAUTH_E_OK; ++ ++done: ++ g_list_free(rawList); ++ for (i = 0; i < numCerts; i++) { ++ X509_free(certs[i]); ++ } ++ g_free(certs); ++ return err; ++} +diff --git a/open-vm-tools/vgauth/common/certverify.h b/open-vm-tools/vgauth/common/certverify.h +index d7c6410b..f582bb82 100644 +--- a/open-vm-tools/vgauth/common/certverify.h ++++ b/open-vm-tools/vgauth/common/certverify.h +@@ -67,6 +67,10 @@ VGAuthError CertVerify_CheckSignatureUsingCert(VGAuthHashAlg hash, + size_t signatureLen, + const unsigned char *signature); + ++ ++VGAuthError CertVerify_CheckForUnrelatedCerts(int numCerts, ++ const char **pemCerts); ++ + gchar * CertVerify_StripPEMCert(const gchar *pemCert); + + gchar * CertVerify_CertToX509String(const gchar *pemCert); +diff --git a/open-vm-tools/vgauth/common/prefs.h b/open-vm-tools/vgauth/common/prefs.h +index ff116928..87ccc9b3 100644 +--- a/open-vm-tools/vgauth/common/prefs.h ++++ b/open-vm-tools/vgauth/common/prefs.h +@@ -136,6 +136,8 @@ msgCatalog = /etc/vmware-tools/vgauth/messages + #define VGAUTH_PREF_ALIASSTORE_DIR "aliasStoreDir" + /** The number of seconds slack allowed in either direction in SAML token date checks. */ + #define VGAUTH_PREF_CLOCK_SKEW_SECS "clockSkewAdjustment" ++/** If unrelated certificates are allowed in a SAML token */ ++#define VGAUTH_PREF_ALLOW_UNRELATED_CERTS "allowUnrelatedCerts" + + /** Ticket group name. */ + #define VGAUTH_PREF_GROUP_NAME_TICKET "ticket" +diff --git a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +index aaa5082a..17b56de9 100644 +--- a/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c ++++ b/open-vm-tools/vgauth/serviceImpl/saml-xmlsec1.c +@@ -47,6 +47,7 @@ + #include "vmxlog.h" + + static int gClockSkewAdjustment = VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS; ++static gboolean gAllowUnrelatedCerts = FALSE; + static xmlSchemaPtr gParsedSchemas = NULL; + static xmlSchemaValidCtxtPtr gSchemaValidateCtx = NULL; + +@@ -313,6 +314,10 @@ LoadPrefs(void) + VGAUTH_PREF_DEFAULT_CLOCK_SKEW_SECS); + Log("%s: Allowing %d of clock skew for SAML date validation\n", + __FUNCTION__, gClockSkewAdjustment); ++ gAllowUnrelatedCerts = Pref_GetBool(gPrefs, ++ VGAUTH_PREF_ALLOW_UNRELATED_CERTS, ++ VGAUTH_PREF_GROUP_NAME_SERVICE, ++ FALSE); + } + + +@@ -1526,6 +1531,15 @@ SAML_VerifyBearerTokenAndChain(const char *xmlText, + if (FALSE == bRet) { + return VGAUTH_E_AUTHENTICATION_DENIED; + } ++ if (!gAllowUnrelatedCerts) { ++ err = CertVerify_CheckForUnrelatedCerts(num, (const char **) certChain); ++ if (err != VGAUTH_E_OK) { ++ VMXLog_Log(VMXLOG_LEVEL_WARNING, ++ "Unrelated certs found in SAML token, failing\n"); ++ return VGAUTH_E_AUTHENTICATION_DENIED; ++ } ++ } ++ + + subj.type = SUBJECT_TYPE_NAMED; + subj.name = *subjNameOut; +-- +2.40.0 diff --git a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb index bac9b694df7..c54fd4de48b 100644 --- a/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb +++ b/meta-networking/recipes-support/open-vm-tools/open-vm-tools_11.3.5.bb @@ -47,6 +47,7 @@ SRC_URI = "git://github.com/vmware/open-vm-tools.git;protocol=https;branch=maste file://0001-Properly-check-authorization-on-incoming-guestOps-re.patch;patchdir=.. \ file://CVE-2023-20867.patch;patchdir=.. \ file://CVE-2023-20900.patch;patchdir=.. \ + file://CVE-2023-34058.patch;patchdir=.. \ " UPSTREAM_CHECK_GITTAGREGEX = "stable-(?P\d+(\.\d+)+)" From b6e275df7187d5afccf79950e5cfa8126549a621 Mon Sep 17 00:00:00 2001 From: Khem Raj Date: Tue, 14 Nov 2023 11:06:59 +0100 Subject: [PATCH 502/600] emlog: Add PV This is 0.70 release with few more commits on top. Signed-off-by: Khem Raj (cherry picked from commit 08edc0b6ace0d04688a5617cf05546a7b8ba6cca) Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- meta-oe/recipes-core/emlog/emlog.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-core/emlog/emlog.inc b/meta-oe/recipes-core/emlog/emlog.inc index 824787083a0..9d48e9cba3d 100644 --- a/meta-oe/recipes-core/emlog/emlog.inc +++ b/meta-oe/recipes-core/emlog/emlog.inc @@ -5,7 +5,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=94d55d512a9ba36caa9b7df079bae19f" SRC_URI = "git://github.com/nicupavel/emlog.git;protocol=http;branch=master;protocol=https" SRCREV = "aee53e8dee862f35291242ba41b0ca88010f6c71" - +PV = "0.70+git${SRCPV}" S = "${WORKDIR}/git" EXTRA_OEMAKE += " \ From 71d01121e771a3db034e081f3c796512be63df0a Mon Sep 17 00:00:00 2001 From: Yoann Congal Date: Tue, 14 Nov 2023 11:07:00 +0100 Subject: [PATCH 503/600] emlog: ignore CVE-2022-3968 & CVE-2023-43291 CVE-2022-3968 & CVE-2023-43291 apply to the other "emlog" and can be safely ignored. Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- meta-oe/recipes-core/emlog/emlog_git.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-core/emlog/emlog_git.bb b/meta-oe/recipes-core/emlog/emlog_git.bb index 05fa0c334cb..2ded3e204f9 100644 --- a/meta-oe/recipes-core/emlog/emlog_git.bb +++ b/meta-oe/recipes-core/emlog/emlog_git.bb @@ -34,4 +34,6 @@ CVE_CHECK_IGNORE += "\ CVE-2019-17073 \ CVE-2021-44584 \ CVE-2022-1526 \ + CVE-2022-3968 \ + CVE-2023-43291 \ " From a7e6f56a6862d4b1e9308bd51962510b4d1bf3b3 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 14 Nov 2023 13:43:55 +0000 Subject: [PATCH 504/600] traceroute: upgrade 2.1.0 -> 2.1.3 This upgrade incorporates the CVE-2023-46316 fix and other bug fixes. Changelog: ---------- - Interpret ipv4-mapped ipv6 addresses (::ffff:A.B.C.D) as true ipv4. - Return back more robast poll(2) loop handling. - Fix unprivileged ICMP tracerouting with Linux kernel >= 6.1 (Eric Dumazet, SF bug #14) - Fix command line parsing in wrappers. References: https://security-tracker.debian.org/tracker/CVE-2023-46316 https://sourceforge.net/projects/traceroute/files/traceroute/traceroute-2.1.3/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../traceroute/{traceroute_2.1.0.bb => traceroute_2.1.3.bb} | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) rename meta-networking/recipes-support/traceroute/{traceroute_2.1.0.bb => traceroute_2.1.3.bb} (91%) diff --git a/meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb b/meta-networking/recipes-support/traceroute/traceroute_2.1.3.bb similarity index 91% rename from meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb rename to meta-networking/recipes-support/traceroute/traceroute_2.1.3.bb index 9cac2049985..ed75ba34de4 100644 --- a/meta-networking/recipes-support/traceroute/traceroute_2.1.0.bb +++ b/meta-networking/recipes-support/traceroute/traceroute_2.1.3.bb @@ -17,8 +17,7 @@ UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/traceroute/files/tracerou SRC_URI = "${SOURCEFORGE_MIRROR}/traceroute/traceroute/${BP}/${BP}.tar.gz \ " -SRC_URI[md5sum] = "84d329d67abc3fb83fc8cb12aeaddaba" -SRC_URI[sha256sum] = "3669d22a34d3f38ed50caba18cd525ba55c5c00d5465f2d20d7472e5d81603b6" +SRC_URI[sha256sum] = "05ebc7aba28a9100f9bbae54ceecbf75c82ccf46bdfce8b5d64806459a7e0412" EXTRA_OEMAKE = "VPATH=${STAGING_LIBDIR}" LTOEXTRA += "-flto-partition=none" From 3f0d6ed420e3315264ca3c16fd95402fb4baada4 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 15 Nov 2023 13:47:20 +0800 Subject: [PATCH 505/600] nlohmann-json: Add ptest support * Fetch the test data during do_fetch phase to avoid internet access during test as some tests need test data. # ./run-ptest PASS: test-algorithms PASS: test-allocator PASS: test-alt-string PASS: test-assert_macro PASS: test-bson PASS: test-byte_container_with_subtype PASS: test-capacity PASS: test-cbor PASS: test-class_const_iterator PASS: test-class_iterator PASS: test-class_lexer PASS: test-class_parser PASS: test-comparison PASS: test-concepts PASS: test-constructor1 PASS: test-constructor2 PASS: test-convenience PASS: test-conversions PASS: test-conversions_cpp17 PASS: test-deserialization PASS: test-diagnostics PASS: test-disabled_exceptions PASS: test-element_access1 PASS: test-element_access2 PASS: test-hash PASS: test-inspection PASS: test-items PASS: test-items_cpp17 PASS: test-iterators1 PASS: test-iterators2 PASS: test-json_patch PASS: test-json_pointer PASS: test-large_json PASS: test-merge_patch PASS: test-meta PASS: test-modifiers PASS: test-msgpack PASS: test-noexcept PASS: test-ordered_json PASS: test-ordered_map PASS: test-pointer_access PASS: test-readme PASS: test-reference_access PASS: test-regression1 PASS: test-regression1_cpp17 PASS: test-regression2 PASS: test-regression2_cpp17 PASS: test-serialization PASS: test-testsuites PASS: test-to_chars PASS: test-ubjson PASS: test-udt PASS: test-udt_macro PASS: test-unicode1 PASS: test-unicode2 PASS: test-unicode3 PASS: test-unicode4 PASS: test-unicode5 PASS: test-user_defined_input PASS: test-wstring Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- .../nlohmann-json/files/run-ptest | 12 +++++++++++ .../nlohmann-json/nlohmann-json_3.10.5.bb | 20 ++++++++++++++++--- 2 files changed, 29 insertions(+), 3 deletions(-) create mode 100755 meta-oe/recipes-devtools/nlohmann-json/files/run-ptest diff --git a/meta-oe/recipes-devtools/nlohmann-json/files/run-ptest b/meta-oe/recipes-devtools/nlohmann-json/files/run-ptest new file mode 100755 index 00000000000..2f00267d500 --- /dev/null +++ b/meta-oe/recipes-devtools/nlohmann-json/files/run-ptest @@ -0,0 +1,12 @@ +#!/bin/sh + +cd tests +for atest in test-* ; do + rm -rf tests.log + ./${atest} > tests.log 2>&1 + if [ $? = 0 ] ; then + echo "PASS: ${atest}" + else + echo "FAIL: ${atest}" + fi +done diff --git a/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb b/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb index 7a1a7a9dbf2..8c459491421 100644 --- a/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb +++ b/meta-oe/recipes-devtools/nlohmann-json/nlohmann-json_3.10.5.bb @@ -7,22 +7,36 @@ LIC_FILES_CHKSUM = "file://LICENSE.MIT;md5=f969127d7b7ed0a8a63c2bbeae002588" CVE_PRODUCT = "json-for-modern-cpp" SRC_URI = "git://github.com/nlohmann/json.git;branch=develop;protocol=https \ - " + git://github.com/nlohmann/json_test_data.git;destsuffix=git/json_test_data;name=json-test-data;branch=master;protocol=https \ + file://run-ptest \ +" SRCREV = "4f8fba14066156b73f1189a2b8bd568bde5284c5" +SRCREV_json-test-data = "a1375cea09d27cc1c4cadb8d00470375b421ac37" + +SRCREV_FORMAT = "json-test-data" S = "${WORKDIR}/git" -inherit cmake +inherit cmake ptest -EXTRA_OECMAKE += "-DJSON_BuildTests=OFF" +EXTRA_OECMAKE += "${@bb.utils.contains('PTEST_ENABLED', '1', '-DJSON_BuildTests=ON -DJSON_TestDataDirectory=${PTEST_PATH}/json_test_data', '-DJSON_BuildTests=OFF', d)}" # nlohmann-json is a header only C++ library, so the main package will be empty. ALLOW_EMPTY:${PN} = "1" RDEPENDS:${PN}-dev = "" +RDEPENDS:${PN}-ptest = "perl" BBCLASSEXTEND = "native nativesdk" + +do_install_ptest () { + install -d ${D}${PTEST_PATH}/tests + cp -r ${S}/json_test_data/ ${D}${PTEST_PATH}/ + cp -r ${B}/test/test-* ${D}${PTEST_PATH}/tests +} + + # other packages commonly reference the file directly as "json.hpp" # create symlink to allow this usage do_install:append() { From e94b264db994d8cc2f1ccad08e35878ed4450f9c Mon Sep 17 00:00:00 2001 From: Yoann Congal Date: Thu, 16 Nov 2023 23:36:12 +0100 Subject: [PATCH 506/600] python3-soupsieve: Break circular dependency with beautifulsoup4 python3-beautifulsoup4 does depend on python3-soupsieve but python3-soupsieve does not depend on python3-beautifulsoup4. Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-devtools/python/python3-soupsieve_2.3.1.bb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/meta-python/recipes-devtools/python/python3-soupsieve_2.3.1.bb b/meta-python/recipes-devtools/python/python3-soupsieve_2.3.1.bb index 7cb76b426ff..631a45c99e3 100644 --- a/meta-python/recipes-devtools/python/python3-soupsieve_2.3.1.bb +++ b/meta-python/recipes-devtools/python/python3-soupsieve_2.3.1.bb @@ -12,10 +12,6 @@ SRC_URI += " \ file://run-ptest \ " -RDEPENDS:${PN} += "\ - ${PYTHON_PN}-beautifulsoup4 \ -" - RDEPENDS:${PN}-ptest += " \ ${PYTHON_PN}-pytest \ ${PYTHON_PN}-beautifulsoup4 \ From d6684037772a6e1ad548dac7aebf288b281e7a14 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Fri, 17 Nov 2023 10:09:21 +0100 Subject: [PATCH 507/600] meta-perl: Drop broken BBCLASSEXTEND variants The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie Signed-off-by: Khem Raj (cherry picked from commit 79e0a9d237343ad0af0a40128494155ccaa131ec) Backported: * Adapted paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-perl/libconfig/libconfig-autoconf-perl_0.319.bb | 2 +- meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb | 2 -- meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb | 2 -- meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb | 2 -- meta-perl/recipes-perl/libstatgrab/libunix-statgrab_0.112.bb | 2 -- 5 files changed, 1 insertion(+), 9 deletions(-) diff --git a/meta-perl/recipes-perl/libconfig/libconfig-autoconf-perl_0.319.bb b/meta-perl/recipes-perl/libconfig/libconfig-autoconf-perl_0.319.bb index 5db0bb42694..5c3701f16bf 100644 --- a/meta-perl/recipes-perl/libconfig/libconfig-autoconf-perl_0.319.bb +++ b/meta-perl/recipes-perl/libconfig/libconfig-autoconf-perl_0.319.bb @@ -38,4 +38,4 @@ S = "${WORKDIR}/Config-AutoConf-${PV}" inherit cpan ptest-perl -BBCLASSEXTEND = "native nativesdk" +BBCLASSEXTEND = "native" diff --git a/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb b/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb index 6249fd1d788..6e04e40dcf9 100644 --- a/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb +++ b/meta-perl/recipes-perl/libio/libio-socket-ssl-perl_2.074.bb @@ -42,5 +42,3 @@ do_install_ptest () { cp -r ${B}/t ${D}${PTEST_PATH} cp -r ${B}/certs ${D}${PTEST_PATH} } - -BBCLASSEXTEND = "native" diff --git a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb index 2c7d793a7b4..c768d64e320 100644 --- a/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb +++ b/meta-perl/recipes-perl/libnet/libnet-dns-perl_1.33.bb @@ -61,5 +61,3 @@ python __anonymous () { raise bb.parse.SkipRecipe("incompatible with %s C library" % d.getVar('TCLIBC')) } - -BBCLASSEXTEND = "native" diff --git a/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb b/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb index dcc5ea88b1e..a77381dce80 100644 --- a/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb +++ b/meta-perl/recipes-perl/libnet/libnet-ldap-perl_0.68.bb @@ -41,5 +41,3 @@ RDEPENDS:${PN}-ptest += " \ perl-module-perlio \ perl-module-test-more \ " - -BBCLASSEXTEND = "native" diff --git a/meta-perl/recipes-perl/libstatgrab/libunix-statgrab_0.112.bb b/meta-perl/recipes-perl/libstatgrab/libunix-statgrab_0.112.bb index c568ade9978..01261d547ac 100644 --- a/meta-perl/recipes-perl/libstatgrab/libunix-statgrab_0.112.bb +++ b/meta-perl/recipes-perl/libstatgrab/libunix-statgrab_0.112.bb @@ -36,5 +36,3 @@ S = "${WORKDIR}/Unix-Statgrab-${PV}" export LD = "${CCLD}" inherit cpan pkgconfig ptest-perl - -BBCLASSEXTEND = "native" From 866d658c9e8bfa7f4834cbfa99f7a2756a5bb8f9 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Fri, 17 Nov 2023 10:10:58 +0100 Subject: [PATCH 508/600] meta-networking: Drop broken BBCLASSEXTEND variants The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie Signed-off-by: Khem Raj (cherry picked from commit e1b332f2eff7df2336ff87917cd48249edf763a2) Backport: Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-connectivity/mosquitto/mosquitto_2.0.18.bb | 2 +- .../recipes-support/netsniff-ng/netsniff-ng_0.6.8.bb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb index 0c9ccc810dd..ea9eb4857b2 100644 --- a/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb +++ b/meta-networking/recipes-connectivity/mosquitto/mosquitto_2.0.18.bb @@ -89,4 +89,4 @@ USERADD_PACKAGES = "${PN}" USERADD_PARAM:${PN} = "--system --no-create-home --shell /bin/false \ --user-group mosquitto" -BBCLASSEXTEND += "native nativesdk" +BBCLASSEXTEND = "native" diff --git a/meta-networking/recipes-support/netsniff-ng/netsniff-ng_0.6.8.bb b/meta-networking/recipes-support/netsniff-ng/netsniff-ng_0.6.8.bb index 004330e1b4c..341eab015c0 100644 --- a/meta-networking/recipes-support/netsniff-ng/netsniff-ng_0.6.8.bb +++ b/meta-networking/recipes-support/netsniff-ng/netsniff-ng_0.6.8.bb @@ -33,4 +33,4 @@ do_install() { oe_runmake DESTDIR=${D} netsniff-ng_install } -BBCLASSEXTEND = "native nativesdk" +BBCLASSEXTEND = "native" From 2eb1a9e62ea297c69fedb3c2b29a21447c56c963 Mon Sep 17 00:00:00 2001 From: Yoann Congal Date: Fri, 17 Nov 2023 10:17:31 +0100 Subject: [PATCH 509/600] packagegroup-meta-oe-extended: RDEPENDS on an existing mozjs-91 package "mozjs" does not exist but "mozjs-91" does. Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-core/packagegroups/packagegroup-meta-oe.bbappend | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/dynamic-layers/meta-python/recipes-core/packagegroups/packagegroup-meta-oe.bbappend b/meta-oe/dynamic-layers/meta-python/recipes-core/packagegroups/packagegroup-meta-oe.bbappend index 09f3e34f4cf..e1db8bac9ea 100644 --- a/meta-oe/dynamic-layers/meta-python/recipes-core/packagegroups/packagegroup-meta-oe.bbappend +++ b/meta-oe/dynamic-layers/meta-python/recipes-core/packagegroups/packagegroup-meta-oe.bbappend @@ -11,7 +11,7 @@ RDEPENDS:packagegroup-meta-oe-connectivity += "\ RDEPENDS:packagegroup-meta-oe-extended += "\ lcdproc \ - mozjs \ + mozjs-91 \ " RDEPENDS:packagegroup-meta-oe-support += "\ smem \ From 1580553d0a9e23f4fb8474ddc7cd4c4f8b8ae0f8 Mon Sep 17 00:00:00 2001 From: Peter Kjellerstedt Date: Fri, 17 Nov 2023 10:17:32 +0100 Subject: [PATCH 510/600] libwebsockets: Support building for native This is needed to be able to build mosquitto-native. The dependency on libcap when building for native is needed because cmake will pick up the existence of libcap from the host, but then the build fails if it is not available in the sysroot. Unfortunately, there does not seem to be any way to explicitly tell cmake to not build with libcap. Signed-off-by: Peter Kjellerstedt Signed-off-by: Khem Raj (cherry picked from commit c083e0569ad80d11b4f5cfdfa89acdd4264d8152) Backported: Updated paths to follow PV changes. Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb index 2a3a4ebd065..24b9e9a0715 100644 --- a/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb +++ b/meta-oe/recipes-connectivity/libwebsockets/libwebsockets_4.2.2.bb @@ -4,6 +4,7 @@ LICENSE = "MIT & Zlib & BSD-3-Clause & Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE;md5=c8bea43a2eb5d713c338819a0be07797" DEPENDS = "zlib" +DEPENDS:append:class-native = " libcap-native" S = "${WORKDIR}/git" SRCREV = "8d605f0649ed1ab6d27a443c7688598ea21fdb75" @@ -44,3 +45,5 @@ RDEPENDS:${PN}-dev += " ${@bb.utils.contains('PACKAGECONFIG', 'static', '${PN}-s # Avoid absolute paths to end up in the sysroot. SSTATE_SCAN_FILES += "*.cmake" + +BBCLASSEXTEND = "native" From c6b90f27a4c13d70df498e800b50db234d1a62a0 Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Fri, 17 Nov 2023 10:17:33 +0100 Subject: [PATCH 511/600] meta-oe: Drop broken BBCLASSEXTEND variants The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie Signed-off-by: Khem Raj (cherry picked from commit 9962d57f7c235873de0a0bb192b5f56747762fc7) Backport: * Updated paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- meta-oe/recipes-connectivity/ser2net/ser2net_4.3.5.bb | 2 -- meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb | 2 -- meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb | 2 +- meta-oe/recipes-devtools/unifex/unifex_git.bb | 2 -- meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb | 2 +- meta-oe/recipes-graphics/xorg-app/xkbutils_1.0.4.bb | 2 -- meta-oe/recipes-graphics/xorg-app/xsetroot_1.1.2.bb | 1 - 7 files changed, 2 insertions(+), 11 deletions(-) diff --git a/meta-oe/recipes-connectivity/ser2net/ser2net_4.3.5.bb b/meta-oe/recipes-connectivity/ser2net/ser2net_4.3.5.bb index 79d54038eb3..a33265063c0 100644 --- a/meta-oe/recipes-connectivity/ser2net/ser2net_4.3.5.bb +++ b/meta-oe/recipes-connectivity/ser2net/ser2net_4.3.5.bb @@ -14,5 +14,3 @@ SRC_URI[sha256sum] = "848c4fe863806e506832f1ee85b8b68258f06eb19dad43dbeee16a2cfe UPSTREAM_CHECK_URI = "http://sourceforge.net/projects/ser2net/files/ser2net" inherit autotools pkgconfig - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb b/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb index 86fde7ccfb3..ce9d758d9fe 100644 --- a/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb +++ b/meta-oe/recipes-connectivity/zeromq/czmq_4.2.1.bb @@ -30,8 +30,6 @@ PACKAGECONFIG[nss] = "-DCZMQ_WITH_NSS=ON,-DCZMQ_WITH_NSS=OFF,nss" PACKAGECONFIG[systemd] = "-DCZMQ_WITH_SYSTEMD=ON,-DCZMQ_WITH_SYSTEMD=OFF,systemd" PACKAGECONFIG[uuid] = "-DCZMQ_WITH_UUID=ON,-DCZMQ_WITH_UUID=OFF,util-linux" -BBCLASSEXTEND = "nativesdk" - do_install:append() { mkdir -p ${D}/${includedir}/${BPN} mv ${D}/${includedir}/sha1.h ${D}/${includedir}/${BPN}/. diff --git a/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb b/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb index 29937e26d0c..be2c0f53947 100644 --- a/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb +++ b/meta-oe/recipes-devtools/heaptrack/heaptrack_1.2.0.bb @@ -29,4 +29,4 @@ EXTRA_OECMAKE += "-DHEAPTRACK_BUILD_GUI=OFF" COMPATIBLE_HOST:riscv32 = "null" COMPATIBLE_HOST:riscv64 = "null" -BBCLASSEXTEND = "native nativesdk" +BBCLASSEXTEND = "native" diff --git a/meta-oe/recipes-devtools/unifex/unifex_git.bb b/meta-oe/recipes-devtools/unifex/unifex_git.bb index 85fe39b6de7..f55d7e32c80 100644 --- a/meta-oe/recipes-devtools/unifex/unifex_git.bb +++ b/meta-oe/recipes-devtools/unifex/unifex_git.bb @@ -20,5 +20,3 @@ EXTRA_OECMAKE += " \ -DCMAKE_CXX_STANDARD=20 \ -DUNIFEX_BUILD_EXAMPLES=OFF \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb index 42d2b4efb01..1c090fdea5e 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb @@ -26,4 +26,4 @@ EXTRA_OECMAKE += "-DOPENJPEG_INSTALL_LIB_DIR=${@d.getVar('baselib').replace('/', FILES:${PN} += "${libdir}/openjpeg*" -BBCLASSEXTEND = "native nativesdk" +BBCLASSEXTEND = "native" diff --git a/meta-oe/recipes-graphics/xorg-app/xkbutils_1.0.4.bb b/meta-oe/recipes-graphics/xorg-app/xkbutils_1.0.4.bb index 6a05e98e328..d394b33de21 100644 --- a/meta-oe/recipes-graphics/xorg-app/xkbutils_1.0.4.bb +++ b/meta-oe/recipes-graphics/xorg-app/xkbutils_1.0.4.bb @@ -13,7 +13,5 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=64322fab5239f5c8d97cf6e0e14f1c62" DEPENDS += "libxaw libxkbfile" -BBCLASSEXTEND = "native" - SRC_URI[md5sum] = "502b14843f610af977dffc6cbf2102d5" SRC_URI[sha256sum] = "d2a18ab90275e8bca028773c44264d2266dab70853db4321bdbc18da75148130" diff --git a/meta-oe/recipes-graphics/xorg-app/xsetroot_1.1.2.bb b/meta-oe/recipes-graphics/xorg-app/xsetroot_1.1.2.bb index 30a1e089e3b..a9a8acf05ce 100644 --- a/meta-oe/recipes-graphics/xorg-app/xsetroot_1.1.2.bb +++ b/meta-oe/recipes-graphics/xorg-app/xsetroot_1.1.2.bb @@ -8,7 +8,6 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://COPYING;md5=6ea29dbee22324787c061f039e0529de" DEPENDS += "xbitmaps libxcursor" -BBCLASSEXTEND = "native" SRC_URI[md5sum] = "5fe769c8777a6e873ed1305e4ce2c353" SRC_URI[sha256sum] = "10c442ba23591fb5470cea477a0aa5f679371f4f879c8387a1d9d05637ae417c" From a3df85aa41edaa2b6c9b83635ac89f0a6785699b Mon Sep 17 00:00:00 2001 From: Bartosz Golaszewski Date: Sat, 18 Nov 2023 00:13:21 +0100 Subject: [PATCH 512/600] python3-cson: fix run-time dependencies Add the missing run-time dependency on python3-json. As a result we no longer need to pull python3 native and can drop other *DEPENDS. Signed-off-by: Bartosz Golaszewski Signed-off-by: Khem Raj (cherry picked from commit 40b4cf5a83098a5f1be873be5c29f26380bc7993) Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- meta-python/recipes-extended/python-cson/python3-cson_git.bb | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/meta-python/recipes-extended/python-cson/python3-cson_git.bb b/meta-python/recipes-extended/python-cson/python3-cson_git.bb index c4fcc61ec06..1187d12af8c 100644 --- a/meta-python/recipes-extended/python-cson/python3-cson_git.bb +++ b/meta-python/recipes-extended/python-cson/python3-cson_git.bb @@ -12,8 +12,7 @@ SRC_URI = "git://github.com/gt3389b/python-cson.git;branch=master;protocol=https S = "${WORKDIR}/git" -RDEPENDS:${PN}:class-native = "" -DEPENDS:append:class-native = " python-native " +RDEPENDS:${PN} = "python3-json" inherit setuptools3 From 32c6598ed32b209df1b436d880a2a66d09902d3a Mon Sep 17 00:00:00 2001 From: Richard Purdie Date: Fri, 17 Nov 2023 10:18:24 +0100 Subject: [PATCH 513/600] meta-python: Drop broken BBCLASSEXTEND variants The command "bitbake universe -c fetch" currently throws a ton of warnings as there are many 'impossible' dependencies. In some cases these variants may never have worked and were just added by copy and paste of recipes. In some cases they once clearly did work but became broken somewhere along the way. Users may also be carrying local bbappend files which add further BBCLASSEXTEND. Having universe fetch work without warnings is desireable so clean up the broken variants. Anyone actually needing something dropped here can propose adding it and the correct functional dependencies back quite easily. This also then ensures we're not carrying or fixing things nobody uses. Signed-off-by: Richard Purdie Signed-off-by: Khem Raj (cherry picked from commit d4aa17dc436beb96a804860bc6d18cf72283709e) Backport: * Adapted paths to follow PV changes * Adapted modified recipes to the ones generating warnings Signed-off-by: Yoann Congal Signed-off-by: Armin Kuster --- .../recipes-devtools/python/python3-aiohttp-jinja2_1.5.bb | 2 -- meta-python/recipes-devtools/python/python3-autobahn_22.3.2.bb | 2 -- meta-python/recipes-devtools/python/python3-pyudev_0.23.2.bb | 2 +- .../python/python3-robotframework-seriallibrary_0.3.1.bb | 2 -- meta-python/recipes-devtools/python/python3-snappy_0.6.1.bb | 2 -- meta-python/recipes-devtools/python/python3-txaio_22.2.1.bb | 2 -- .../recipes-extended/pywbemtools/python3-pywbemtools_1.0.0.bb | 2 -- 7 files changed, 1 insertion(+), 13 deletions(-) diff --git a/meta-python/recipes-devtools/python/python3-aiohttp-jinja2_1.5.bb b/meta-python/recipes-devtools/python/python3-aiohttp-jinja2_1.5.bb index c86ec092a6d..871eb7cae97 100644 --- a/meta-python/recipes-devtools/python/python3-aiohttp-jinja2_1.5.bb +++ b/meta-python/recipes-devtools/python/python3-aiohttp-jinja2_1.5.bb @@ -11,5 +11,3 @@ RDEPENDS:${PN} += " \ ${PYTHON_PN}-jinja2 \ ${PYTHON_PN}-aiohttp \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-autobahn_22.3.2.bb b/meta-python/recipes-devtools/python/python3-autobahn_22.3.2.bb index 78514a412fb..afb798bd714 100644 --- a/meta-python/recipes-devtools/python/python3-autobahn_22.3.2.bb +++ b/meta-python/recipes-devtools/python/python3-autobahn_22.3.2.bb @@ -19,5 +19,3 @@ RDEPENDS:${PN} += " \ ${PYTHON_PN}-txaio \ ${PYTHON_PN}-six \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-pyudev_0.23.2.bb b/meta-python/recipes-devtools/python/python3-pyudev_0.23.2.bb index 4c4c959eba4..035e149518c 100644 --- a/meta-python/recipes-devtools/python/python3-pyudev_0.23.2.bb +++ b/meta-python/recipes-devtools/python/python3-pyudev_0.23.2.bb @@ -21,4 +21,4 @@ RDEPENDS:${PN} = "\ libudev \ " -BBCLASSEXTEND = "native nativesdk" +BBCLASSEXTEND = "native" diff --git a/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb b/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb index d9465af081c..ecc15499cf3 100644 --- a/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb +++ b/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb @@ -16,5 +16,3 @@ RDEPENDS:${PN} += " \ ${PYTHON_PN}-pyserial \ ${PYTHON_PN}-robotframework \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-snappy_0.6.1.bb b/meta-python/recipes-devtools/python/python3-snappy_0.6.1.bb index 8a30f7cb787..bd0979d0b4f 100644 --- a/meta-python/recipes-devtools/python/python3-snappy_0.6.1.bb +++ b/meta-python/recipes-devtools/python/python3-snappy_0.6.1.bb @@ -11,5 +11,3 @@ inherit pypi setuptools3 PYPI_PACKAGE = "python-snappy" RDEPENDS:${PN} += "snappy" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-txaio_22.2.1.bb b/meta-python/recipes-devtools/python/python3-txaio_22.2.1.bb index e2102695ec8..50f14b17fd7 100644 --- a/meta-python/recipes-devtools/python/python3-txaio_22.2.1.bb +++ b/meta-python/recipes-devtools/python/python3-txaio_22.2.1.bb @@ -10,5 +10,3 @@ inherit pypi setuptools3 RDEPENDS:${PN} += " \ ${PYTHON_PN}-twisted \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-extended/pywbemtools/python3-pywbemtools_1.0.0.bb b/meta-python/recipes-extended/pywbemtools/python3-pywbemtools_1.0.0.bb index 3a9f0ad6fdc..976dd12d52d 100644 --- a/meta-python/recipes-extended/pywbemtools/python3-pywbemtools_1.0.0.bb +++ b/meta-python/recipes-extended/pywbemtools/python3-pywbemtools_1.0.0.bb @@ -35,5 +35,3 @@ RDEPENDS:${PN}:class-target += "\ ${PYTHON_PN}-nocaselist \ ${PYTHON_PN}-custom-inherit \ " - -BBCLASSEXTEND = "native" From 8a75c61cce2aa1d6e5a3597ab8fc5a7e6aeae1e4 Mon Sep 17 00:00:00 2001 From: Michael Haener Date: Mon, 17 Jul 2023 08:24:13 +0200 Subject: [PATCH 514/600] nginx: upgrade to 1.24.0 release According to http://nginx.org/en/CHANGES nginx supports the openssl 3.x component only from version 1.21.2. In Kirstone openssl 3.x is included but all provided versions of nginx are older, so there is currently an incompatibility. With this patch this incompatibility get removed. Signed-off-by: Michael Haener Signed-off-by: Armin Kuster --- meta-webserver/recipes-httpd/nginx/nginx_1.24.0.bb | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/nginx_1.24.0.bb diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.24.0.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.24.0.bb new file mode 100644 index 00000000000..2e865e400eb --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.24.0.bb @@ -0,0 +1,6 @@ +require nginx.inc + +LIC_FILES_CHKSUM = "file://LICENSE;md5=175abb631c799f54573dc481454c8632" + +SRC_URI[sha256sum] = "77a2541637b92a621e3ee76776c8b7b40cf6d707e69ba53a940283e30ff2f55d" + From 8803c4e4da0fc7a7a0d016c596f83879f97de116 Mon Sep 17 00:00:00 2001 From: Dylan Turner Date: Mon, 27 Nov 2023 10:14:29 -0600 Subject: [PATCH 515/600] apache2: v2.4.57 to v2.4.58 to fix CVE-2023-43622 Note that patch 0011-modules... is no longer needed as it's included in the upgrade as well. CVE: CVE-2023-43622 Signed-off-by: Dylan Turner Signed-off-by: Khem Raj (cherry picked from commit 9f0b5053410d5958e089351b93199efd3473d3de) Signed-off-by: Dylan Turner --- ...config9.m4-Add-server-directory-to-i.patch | 31 ------------------- .../{apache2_2.4.57.bb => apache2_2.4.58.bb} | 3 +- 2 files changed, 1 insertion(+), 33 deletions(-) delete mode 100644 meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.57.bb => apache2_2.4.58.bb} (98%) diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch b/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch deleted file mode 100644 index 996eabf586b..00000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 5c9257fa34335ff83f7c01581cf953111072a457 Mon Sep 17 00:00:00 2001 -From: Valeria Petrov -Date: Tue, 18 Apr 2023 15:38:53 +0200 -Subject: [PATCH] * modules/mappers/config9.m4: Add 'server' directory to - include path if mod_rewrite is enabled. - -Upstream-Status: Accepted [https://svn.apache.org/viewvc?view=revision&revision=1909241] - ---- - modules/mappers/config9.m4 | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/modules/mappers/config9.m4 b/modules/mappers/config9.m4 -index 55a97ab993..7120b729b7 100644 ---- a/modules/mappers/config9.m4 -+++ b/modules/mappers/config9.m4 -@@ -14,6 +14,11 @@ APACHE_MODULE(userdir, mapping of requests to user-specific directories, , , mos - APACHE_MODULE(alias, mapping of requests to different filesystem parts, , , yes) - APACHE_MODULE(rewrite, rule based URL manipulation, , , most) - -+if test "x$enable_rewrite" != "xno"; then -+ # mod_rewrite needs test_char.h -+ APR_ADDTO(INCLUDES, [-I\$(top_builddir)/server]) -+fi -+ - APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) - - APACHE_MODPATH_FINISH --- -2.25.1 - diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb similarity index 98% rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb index 3fbc975fca9..84b19de5922 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb @@ -16,7 +16,6 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://0008-Fix-perl-install-directory-to-usr-bin.patch \ file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \ file://0001-make_exports.awk-not-expose-the-path.patch \ - file://0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch \ " SRC_URI:append:class-target = " \ @@ -28,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "dbccb84aee95e095edfbb81e5eb926ccd24e6ada55dcd83caecb262e5cf94d2a" +SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5" S = "${WORKDIR}/httpd-${PV}" From cdab5037c9dea0eca042010d3b7af984edfc9f79 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 21 Nov 2023 08:02:36 +0000 Subject: [PATCH 516/600] frr: Fix for multiple CVE's Backport the below CVE fixes. CVE-2023-38406: https://security-tracker.debian.org/tracker/CVE-2023-38406 CVE-2023-38407: https://security-tracker.debian.org/tracker/CVE-2023-38407 CVE-2023-46752: https://security-tracker.debian.org/tracker/CVE-2023-46752 CVE-2023-46753: https://security-tracker.debian.org/tracker/CVE-2023-46753 CVE-2023-47234: https://security-tracker.debian.org/tracker/CVE-2023-47234 CVE-2023-47235: https://security-tracker.debian.org/tracker/CVE-2023-47235 Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../frr/frr/CVE-2023-38406.patch | 42 ++++++ .../frr/frr/CVE-2023-38407.patch | 63 +++++++++ .../frr/frr/CVE-2023-46752.patch | 127 ++++++++++++++++++ .../frr/frr/CVE-2023-46753.patch | 119 ++++++++++++++++ .../frr/frr/CVE-2023-47234.patch | 98 ++++++++++++++ .../frr/frr/CVE-2023-47235.patch | 114 ++++++++++++++++ .../recipes-protocols/frr/frr_8.2.2.bb | 6 + 7 files changed, 569 insertions(+) create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-38406.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-38407.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch create mode 100644 meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-38406.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38406.patch new file mode 100644 index 00000000000..9d5f306fe43 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38406.patch @@ -0,0 +1,42 @@ +From f2a5c583fc8f7c515f3d6e6f929dcbcc61f7e4b7 Mon Sep 17 00:00:00 2001 +From: Donald Sharp +Date: Mon, 20 Nov 2023 11:43:27 +0000 +Subject: [PATCH 1/6] bgpd: Flowspec overflow issue + +According to the flowspec RFC 8955 a flowspec nlri is > +Specifying 0 as a length makes BGP get all warm on the inside. Which +in this case is not a good thing at all. Prevent warmth, stay cold +on the inside. + +Reported-by: Iggy Frankovic +Signed-off-by: Donald Sharp + +CVE: CVE-2023-38406 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/0b999c886e241c52bd1f7ef0066700e4b618ebb3] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_flowspec.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/bgpd/bgp_flowspec.c b/bgpd/bgp_flowspec.c +index 3e2b1ac49..95fbd340a 100644 +--- a/bgpd/bgp_flowspec.c ++++ b/bgpd/bgp_flowspec.c +@@ -148,6 +148,13 @@ int bgp_nlri_parse_flowspec(struct peer *peer, struct attr *attr, + psize); + return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW; + } ++ ++ if (psize == 0) { ++ flog_err(EC_BGP_FLOWSPEC_PACKET, ++ "Flowspec NLRI length 0 which makes no sense"); ++ return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW; ++ } ++ + if (bgp_fs_nlri_validate(pnt, psize, afi) < 0) { + flog_err( + EC_BGP_FLOWSPEC_PACKET, +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-38407.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38407.patch new file mode 100644 index 00000000000..782b44615ad --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-38407.patch @@ -0,0 +1,63 @@ +From 3880f66bd053d1f56af74852ca57ba166d880920 Mon Sep 17 00:00:00 2001 +From: Donald Sharp +Date: Mon, 20 Nov 2023 12:03:29 +0000 +Subject: [PATCH 2/6] bgpd: Fix use beyond end of stream of labeled unicast + parsing + +Fixes a couple crashes associated with attempting to read +beyond the end of the stream. + +Reported-by: Iggy Frankovic +Signed-off-by: Donald Sharp + +CVE: CVE-2023-38407 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/7404a914b0cafe046703c8381903a80d3def8f8b] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_label.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/bgpd/bgp_label.c b/bgpd/bgp_label.c +index 4a20f2c09..b65c98e86 100644 +--- a/bgpd/bgp_label.c ++++ b/bgpd/bgp_label.c +@@ -299,6 +299,9 @@ static int bgp_nlri_get_labels(struct peer *peer, uint8_t *pnt, uint8_t plen, + uint8_t llen = 0; + uint8_t label_depth = 0; + ++ if (plen < BGP_LABEL_BYTES) ++ return 0; ++ + for (; data < lim; data += BGP_LABEL_BYTES) { + memcpy(label, data, BGP_LABEL_BYTES); + llen += BGP_LABEL_BYTES; +@@ -361,6 +364,9 @@ int bgp_nlri_parse_label(struct peer *peer, struct attr *attr, + memcpy(&addpath_id, pnt, BGP_ADDPATH_ID_LEN); + addpath_id = ntohl(addpath_id); + pnt += BGP_ADDPATH_ID_LEN; ++ ++ if (pnt >= lim) ++ return BGP_NLRI_PARSE_ERROR_PACKET_OVERFLOW; + } + + /* Fetch prefix length. */ +@@ -379,6 +385,15 @@ int bgp_nlri_parse_label(struct peer *peer, struct attr *attr, + + /* Fill in the labels */ + llen = bgp_nlri_get_labels(peer, pnt, psize, &label); ++ if (llen == 0) { ++ flog_err( ++ EC_BGP_UPDATE_RCV, ++ "%s [Error] Update packet error (wrong label length 0)", ++ peer->host); ++ bgp_notify_send(peer, BGP_NOTIFY_UPDATE_ERR, ++ BGP_NOTIFY_UPDATE_INVAL_NETWORK); ++ return BGP_NLRI_PARSE_ERROR_LABEL_LENGTH; ++ } + p.prefixlen = prefixlen - BSIZE(llen); + + /* There needs to be at least one label */ +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch new file mode 100644 index 00000000000..17ba41037c0 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-46752.patch @@ -0,0 +1,127 @@ +From 1c4882b83a1db705abd5d384dd0b7ef4c0e3b4ee Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 20 Nov 2023 14:11:13 +0000 +Subject: [PATCH 3/6] bgpd: Handle MP_REACH_NLRI malformed packets with session + reset + +Avoid crashing bgpd. + +``` +(gdb) +bgp_mp_reach_parse (args=, mp_update=0x7fffffffe140) at bgpd/bgp_attr.c:2341 +2341 stream_get(&attr->mp_nexthop_global, s, IPV6_MAX_BYTELEN); +(gdb) +stream_get (dst=0x7fffffffe1ac, s=0x7ffff0006e80, size=16) at lib/stream.c:320 +320 { +(gdb) +321 STREAM_VERIFY_SANE(s); +(gdb) +323 if (STREAM_READABLE(s) < size) { +(gdb) +34 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest)); +(gdb) + +Thread 1 "bgpd" received signal SIGSEGV, Segmentation fault. +0x00005555556e37be in route_set_aspath_prepend (rule=0x555555aac0d0, prefix=0x7fffffffe050, + object=0x7fffffffdb00) at bgpd/bgp_routemap.c:2282 +2282 if (path->attr->aspath->refcnt) +(gdb) +``` + +With the configuration: + +``` + neighbor 127.0.0.1 remote-as external + neighbor 127.0.0.1 passive + neighbor 127.0.0.1 ebgp-multihop + neighbor 127.0.0.1 disable-connected-check + neighbor 127.0.0.1 update-source 127.0.0.2 + neighbor 127.0.0.1 timers 3 90 + neighbor 127.0.0.1 timers connect 1 + address-family ipv4 unicast + redistribute connected + neighbor 127.0.0.1 default-originate + neighbor 127.0.0.1 route-map RM_IN in + exit-address-family +! +route-map RM_IN permit 10 + set as-path prepend 200 +exit +``` + +Reported-by: Iggy Frankovic +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-46752 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/b08afc81c60607a4f736f418f2e3eb06087f1a35] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_attr.c | 6 +----- + bgpd/bgp_attr.h | 1 - + bgpd/bgp_packet.c | 6 +----- + 3 files changed, 2 insertions(+), 11 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index b10a60351..e0542356c 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -2207,7 +2207,7 @@ int bgp_mp_reach_parse(struct bgp_attr_parser_args *args, + + mp_update->afi = afi; + mp_update->safi = safi; +- return BGP_ATTR_PARSE_EOR; ++ return bgp_attr_malformed(args, BGP_NOTIFY_UPDATE_MAL_ATTR, 0); + } + + mp_update->afi = afi; +@@ -3345,10 +3345,6 @@ bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr, + goto done; + } + +- if (ret == BGP_ATTR_PARSE_EOR) { +- goto done; +- } +- + if (ret == BGP_ATTR_PARSE_ERROR) { + flog_warn(EC_BGP_ATTRIBUTE_PARSE_ERROR, + "%s: Attribute %s, parse error", peer->host, +diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h +index 781bfdec3..69f962134 100644 +--- a/bgpd/bgp_attr.h ++++ b/bgpd/bgp_attr.h +@@ -378,7 +378,6 @@ typedef enum { + /* only used internally, send notify + convert to BGP_ATTR_PARSE_ERROR + */ + BGP_ATTR_PARSE_ERROR_NOTIFYPLS = -3, +- BGP_ATTR_PARSE_EOR = -4, + } bgp_attr_parse_ret_t; + + struct bpacket_attr_vec_arr; +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index 2fd28aae3..261695198 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -1843,8 +1843,7 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size) + * Non-MP IPv4/Unicast EoR is a completely empty UPDATE + * and MP EoR should have only an empty MP_UNREACH + */ +- if ((!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0) +- || (attr_parse_ret == BGP_ATTR_PARSE_EOR)) { ++ if (!update_len && !withdraw_len && nlris[NLRI_MP_UPDATE].length == 0) { + afi_t afi = 0; + safi_t safi; + struct graceful_restart_info *gr_info; +@@ -1865,9 +1864,6 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size) + && nlris[NLRI_MP_WITHDRAW].length == 0) { + afi = nlris[NLRI_MP_WITHDRAW].afi; + safi = nlris[NLRI_MP_WITHDRAW].safi; +- } else if (attr_parse_ret == BGP_ATTR_PARSE_EOR) { +- afi = nlris[NLRI_MP_UPDATE].afi; +- safi = nlris[NLRI_MP_UPDATE].safi; + } + + if (afi && peer->afc[afi][safi]) { +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch new file mode 100644 index 00000000000..855eb190db9 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-46753.patch @@ -0,0 +1,119 @@ +From 60bd794a9cf6df05503a062e113161dcbdbfac9d Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 20 Nov 2023 14:22:22 +0000 +Subject: [PATCH 4/6] bgpd: Check mandatory attributes more carefully for + UPDATE message + +If we send a crafted BGP UPDATE message without mandatory attributes, we do +not check if the length of the path attributes is zero or not. We only check +if attr->flag is at least set or not. Imagine we send only unknown transit +attribute, then attr->flag is always 0. Also, this is true only if graceful-restart +capability is received. + +A crash: + +``` +bgpd[7834]: [TJ23Y-GY0RH] 127.0.0.1 Unknown attribute is received (type 31, length 16) +bgpd[7834]: [PCFFM-WMARW] 127.0.0.1(donatas-pc) rcvd UPDATE wlen 0 attrlen 20 alen 17 +BGP[7834]: Received signal 11 at 1698089639 (si_addr 0x0, PC 0x55eefd375b4a); aborting... +BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_backtrace_sigsafe+0x6d) [0x7f3205ca939d] +BGP[7834]: /usr/local/lib/libfrr.so.0(zlog_signal+0xf3) [0x7f3205ca9593] +BGP[7834]: /usr/local/lib/libfrr.so.0(+0xf5181) [0x7f3205cdd181] +BGP[7834]: /lib/x86_64-linux-gnu/libpthread.so.0(+0x12980) [0x7f3204ff3980] +BGP[7834]: /usr/lib/frr/bgpd(+0x18ab4a) [0x55eefd375b4a] +BGP[7834]: /usr/local/lib/libfrr.so.0(route_map_apply_ext+0x310) [0x7f3205cd1290] +BGP[7834]: /usr/lib/frr/bgpd(+0x163610) [0x55eefd34e610] +BGP[7834]: /usr/lib/frr/bgpd(bgp_update+0x9a5) [0x55eefd35c1d5] +BGP[7834]: /usr/lib/frr/bgpd(bgp_nlri_parse_ip+0xb7) [0x55eefd35e867] +BGP[7834]: /usr/lib/frr/bgpd(+0x1555e6) [0x55eefd3405e6] +BGP[7834]: /usr/lib/frr/bgpd(bgp_process_packet+0x747) [0x55eefd345597] +BGP[7834]: /usr/local/lib/libfrr.so.0(event_call+0x83) [0x7f3205cef4a3] +BGP[7834]: /usr/local/lib/libfrr.so.0(frr_run+0xc0) [0x7f3205ca10a0] +BGP[7834]: /usr/lib/frr/bgpd(main+0x409) [0x55eefd2dc979] +``` + +Sending: + +``` +import socket +import time + +OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02" +b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02" +b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00" +b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d" +b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01" +b"\x80\x00\x00\x00") + +KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\xff\xff\xff\xff\x00\x13\x04") + +UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff003c0200000014ff1f001000040146464646460004464646464646664646f50d05800100010200ffff000000") + +s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +s.connect(('127.0.0.2', 179)) +s.send(OPEN) +data = s.recv(1024) +s.send(KEEPALIVE) +data = s.recv(1024) +s.send(UPDATE) +data = s.recv(1024) +time.sleep(1000) +s.close() +``` + +Reported-by: Iggy Frankovic +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-46753 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/d8482bf011cb2b173e85b65b4bf3d5061250cdb9] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_attr.c | 10 ++++++---- + 1 file changed, 6 insertions(+), 4 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index e0542356c..35122943e 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3044,13 +3044,15 @@ static bgp_attr_parse_ret_t bgp_attr_unknown(struct bgp_attr_parser_args *args) + } + + /* Well-known attribute check. */ +-static int bgp_attr_check(struct peer *peer, struct attr *attr) ++static int bgp_attr_check(struct peer *peer, struct attr *attr, ++ bgp_size_t length) + { + uint8_t type = 0; + + /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an + * empty UPDATE. */ +- if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag) ++ if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag && ++ !length) + return BGP_ATTR_PARSE_PROCEED; + + /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required +@@ -3101,7 +3103,7 @@ bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr, + bgp_attr_parse_ret_t ret; + uint8_t flag = 0; + uint8_t type = 0; +- bgp_size_t length; ++ bgp_size_t length = 0; + uint8_t *startp, *endp; + uint8_t *attr_endp; + uint8_t seen[BGP_ATTR_BITMAP_SIZE]; +@@ -3416,7 +3418,7 @@ bgp_attr_parse_ret_t bgp_attr_parse(struct peer *peer, struct attr *attr, + } + + /* Check all mandatory well-known attributes are present */ +- ret = bgp_attr_check(peer, attr); ++ ret = bgp_attr_check(peer, attr, length); + if (ret < 0) + goto done; + +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch new file mode 100644 index 00000000000..9bf63372a49 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-47234.patch @@ -0,0 +1,98 @@ +From 682f100cd8d1bf7510939faa033f69ce64f965e9 Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 20 Nov 2023 14:32:38 +0000 +Subject: [PATCH 5/6] bgpd: Ignore handling NLRIs if we received + MP_UNREACH_NLRI + +If we receive MP_UNREACH_NLRI, we should stop handling remaining NLRIs if +no mandatory path attributes received. + +In other words, if MP_UNREACH_NLRI received, the remaining NLRIs should be handled +as a new data, but without mandatory attributes, it's a malformed packet. + +In normal case, this MUST not happen at all, but to avoid crashing bgpd, we MUST +handle that. + +Reported-by: Iggy Frankovic +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-47234 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/c37119df45bbf4ef713bc10475af2ee06e12f3bf] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_attr.c | 19 ++++++++++--------- + bgpd/bgp_attr.h | 1 + + bgpd/bgp_packet.c | 7 ++++++- + 3 files changed, 17 insertions(+), 10 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index 35122943e..13da27e99 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3055,15 +3055,6 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + !length) + return BGP_ATTR_PARSE_PROCEED; + +- /* "An UPDATE message that contains the MP_UNREACH_NLRI is not required +- to carry any other path attributes.", though if MP_REACH_NLRI or NLRI +- are present, it should. Check for any other attribute being present +- instead. +- */ +- if ((!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) && +- CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI)))) +- return BGP_ATTR_PARSE_PROCEED; +- + if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN))) + type = BGP_ATTR_ORIGIN; + +@@ -3082,6 +3073,16 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + && !CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_LOCAL_PREF))) + type = BGP_ATTR_LOCAL_PREF; + ++ /* An UPDATE message that contains the MP_UNREACH_NLRI is not required ++ * to carry any other path attributes. Though if MP_REACH_NLRI or NLRI ++ * are present, it should. Check for any other attribute being present ++ * instead. ++ */ ++ if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_REACH_NLRI)) && ++ CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_MP_UNREACH_NLRI))) ++ return type ? BGP_ATTR_PARSE_MISSING_MANDATORY ++ : BGP_ATTR_PARSE_PROCEED; ++ + /* If any of the well-known mandatory attributes are not present + * in an UPDATE message, then "treat-as-withdraw" MUST be used. + */ +diff --git a/bgpd/bgp_attr.h b/bgpd/bgp_attr.h +index 69f962134..77640dd5b 100644 +--- a/bgpd/bgp_attr.h ++++ b/bgpd/bgp_attr.h +@@ -378,6 +378,7 @@ typedef enum { + /* only used internally, send notify + convert to BGP_ATTR_PARSE_ERROR + */ + BGP_ATTR_PARSE_ERROR_NOTIFYPLS = -3, ++ BGP_ATTR_PARSE_MISSING_MANDATORY = -4, + } bgp_attr_parse_ret_t; + + struct bpacket_attr_vec_arr; +diff --git a/bgpd/bgp_packet.c b/bgpd/bgp_packet.c +index 261695198..c1c28f344 100644 +--- a/bgpd/bgp_packet.c ++++ b/bgpd/bgp_packet.c +@@ -1767,7 +1767,12 @@ static int bgp_update_receive(struct peer *peer, bgp_size_t size) + /* Network Layer Reachability Information. */ + update_len = end - stream_pnt(s); + +- if (update_len && attribute_len) { ++ /* If we received MP_UNREACH_NLRI attribute, but also NLRIs, then ++ * NLRIs should be handled as a new data. Though, if we received ++ * NLRIs without mandatory attributes, they should be ignored. ++ */ ++ if (update_len && attribute_len && ++ attr_parse_ret != BGP_ATTR_PARSE_MISSING_MANDATORY) { + /* Set NLRI portion to structure. */ + nlris[NLRI_UPDATE].afi = AFI_IP; + nlris[NLRI_UPDATE].safi = SAFI_UNICAST; +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch b/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch new file mode 100644 index 00000000000..218dcba5105 --- /dev/null +++ b/meta-networking/recipes-protocols/frr/frr/CVE-2023-47235.patch @@ -0,0 +1,114 @@ +From 024bdfcdf1d52db3a74f00a3370c3834a4bb78d0 Mon Sep 17 00:00:00 2001 +From: Donatas Abraitis +Date: Mon, 20 Nov 2023 14:39:33 +0000 +Subject: [PATCH 6/6] bgpd: Treat EOR as withdrawn to avoid unwanted handling + of malformed attrs + +Treat-as-withdraw, otherwise if we just ignore it, we will pass it to be +processed as a normal UPDATE without mandatory attributes, that could lead +to harmful behavior. In this case, a crash for route-maps with the configuration +such as: + +``` +router bgp 65001 + no bgp ebgp-requires-policy + neighbor 127.0.0.1 remote-as external + neighbor 127.0.0.1 passive + neighbor 127.0.0.1 ebgp-multihop + neighbor 127.0.0.1 disable-connected-check + neighbor 127.0.0.1 update-source 127.0.0.2 + neighbor 127.0.0.1 timers 3 90 + neighbor 127.0.0.1 timers connect 1 + ! + address-family ipv4 unicast + neighbor 127.0.0.1 addpath-tx-all-paths + neighbor 127.0.0.1 default-originate + neighbor 127.0.0.1 route-map RM_IN in + exit-address-family +exit +! +route-map RM_IN permit 10 + set as-path prepend 200 +exit +``` + +Send a malformed optional transitive attribute: + +``` +import socket +import time + +OPEN = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\x00\x62\x01\x04\xfd\xea\x00\x5a\x0a\x00\x00\x01\x45\x02" +b"\x06\x01\x04\x00\x01\x00\x01\x02\x02\x02\x00\x02\x02\x46\x00\x02" +b"\x06\x41\x04\x00\x00\xfd\xea\x02\x02\x06\x00\x02\x06\x45\x04\x00" +b"\x01\x01\x03\x02\x0e\x49\x0c\x0a\x64\x6f\x6e\x61\x74\x61\x73\x2d" +b"\x70\x63\x00\x02\x04\x40\x02\x00\x78\x02\x09\x47\x07\x00\x01\x01" +b"\x80\x00\x00\x00") + +KEEPALIVE = (b"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff" +b"\xff\xff\xff\xff\xff\xff\x00\x13\x04") + +UPDATE = bytearray.fromhex("ffffffffffffffffffffffffffffffff002b0200000003c0ff00010100eb00ac100b0b001ad908ac100b0b") + +s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) +s.connect(('127.0.0.2', 179)) +s.send(OPEN) +data = s.recv(1024) +s.send(KEEPALIVE) +data = s.recv(1024) +s.send(UPDATE) +data = s.recv(1024) +time.sleep(100) +s.close() +``` + +Reported-by: Iggy Frankovic +Signed-off-by: Donatas Abraitis + +CVE: CVE-2023-47235 + +Upstream-Status: Backport [https://github.com/FRRouting/frr/commit/6814f2e0138a6ea5e1f83bdd9085d9a77999900b] + +Signed-off-by: Narpat Mali +--- + bgpd/bgp_attr.c | 15 ++++++++++++--- + 1 file changed, 12 insertions(+), 3 deletions(-) + +diff --git a/bgpd/bgp_attr.c b/bgpd/bgp_attr.c +index 13da27e99..1e08a218e 100644 +--- a/bgpd/bgp_attr.c ++++ b/bgpd/bgp_attr.c +@@ -3050,10 +3050,13 @@ static int bgp_attr_check(struct peer *peer, struct attr *attr, + uint8_t type = 0; + + /* BGP Graceful-Restart End-of-RIB for IPv4 unicast is signaled as an +- * empty UPDATE. */ ++ * empty UPDATE. Treat-as-withdraw, otherwise if we just ignore it, ++ * we will pass it to be processed as a normal UPDATE without mandatory ++ * attributes, that could lead to harmful behavior. ++ */ + if (CHECK_FLAG(peer->cap, PEER_CAP_RESTART_RCV) && !attr->flag && + !length) +- return BGP_ATTR_PARSE_PROCEED; ++ return BGP_ATTR_PARSE_WITHDRAW; + + if (!CHECK_FLAG(attr->flag, ATTR_FLAG_BIT(BGP_ATTR_ORIGIN))) + type = BGP_ATTR_ORIGIN; +@@ -3477,7 +3480,13 @@ done: + } + + transit = bgp_attr_get_transit(attr); +- if (ret != BGP_ATTR_PARSE_ERROR) { ++ /* If we received an UPDATE with mandatory attributes, then ++ * the unrecognized transitive optional attribute of that ++ * path MUST be passed. Otherwise, it's an error, and from ++ * security perspective it might be very harmful if we continue ++ * here with the unrecognized attributes. ++ */ ++ if (ret == BGP_ATTR_PARSE_PROCEED) { + /* Finally intern unknown attribute. */ + if (transit) + bgp_attr_set_transit(attr, transit_intern(transit)); +-- +2.40.0 diff --git a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb index 58754b8256d..03b106131f7 100644 --- a/meta-networking/recipes-protocols/frr/frr_8.2.2.bb +++ b/meta-networking/recipes-protocols/frr/frr_8.2.2.bb @@ -21,6 +21,12 @@ SRC_URI = "git://github.com/FRRouting/frr.git;protocol=https;branch=stable/8.2 \ file://CVE-2023-38802.patch \ file://CVE-2023-41358.patch \ file://CVE-2023-41909.patch \ + file://CVE-2023-38406.patch \ + file://CVE-2023-38407.patch \ + file://CVE-2023-46752.patch \ + file://CVE-2023-46753.patch \ + file://CVE-2023-47234.patch \ + file://CVE-2023-47235.patch \ file://frr.pam \ " From 01c0aaaf620f9eeb073f39ce5149f08bb6a32cb0 Mon Sep 17 00:00:00 2001 From: Poonam Jadhav Date: Tue, 21 Nov 2023 19:01:13 +0530 Subject: [PATCH 517/600] sdbus-c++: Update ptest path Update ptest path to run sdbus-c++ ptest Signed-off-by: Poonam Jadhav Signed-off-by: Armin Kuster --- meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb index 76fd6b65b1a..6fd826cbbd3 100644 --- a/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb +++ b/meta-oe/recipes-core/sdbus-c++/sdbus-c++_1.0.0.bb @@ -39,6 +39,11 @@ do_install:append() { fi } -PTEST_PATH = "${libdir}/${BPN}/tests" +PTEST_PATH = "${libdir}/${BPN}/ptest" +do_install_ptest() { + install -d ${D}${PTEST_PATH} + cp -r ${B}/tests/sdbus-c++-unit-tests ${D}${PTEST_PATH} +} + FILES:${PN}-ptest =+ "${sysconfdir}/dbus-1/system.d/" FILES:${PN}-dev += "${bindir}/sdbus-c++-xml2cpp" From ad3dc46c878ae8bd90e720c672d159fe5763dbe3 Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Thu, 23 Nov 2023 06:13:07 +0000 Subject: [PATCH 518/600] samba: fix CVE-2023-4091 A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only access but then implicitly truncates the opened file to 0 bytes if the client specifies a separate OVERWRITE create disposition request. The issue arises in configurations that bypass kernel file system permissions checks, relying solely on Samba's permissions. References: https://nvd.nist.gov/vuln/detail/CVE-2023-4091 Fix is patched to the function call smbd_check_access_rights_fsp() of open_file(), But in samba_4.14.14 smbd_check_access_rights() is used, from samba_4.15.0 onwards smbd_check_access_rights() was replaced with smbd_check_access_rights_fsp() and samba_4.14.14 is still vulnerable through smbd_check_access_rights(). Ref: https://github.com/samba-team/samba/commit/3f61369d153419158c0f223e6f81c0bb07275833 https://github.com/samba-team/samba/commit/26dc10bdb2cff3eece4a2874931b4058f9f87d68 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-4091-0001.patch | 193 ++++++++++++++++++ .../samba/samba/CVE-2023-4091-0002.patch | 59 ++++++ .../samba/samba_4.14.14.bb | 2 + 3 files changed, 254 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0001.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0002.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0001.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0001.patch new file mode 100644 index 00000000000..908ab85baf7 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0001.patch @@ -0,0 +1,193 @@ +From b08a60160e6ab8d982d31844bcbf7ab67ff3a8de Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 1 Aug 2023 12:30:00 +0200 +Subject: [PATCH 2/2] CVE-2023-4091: smbtorture: test overwrite dispositions on + read-only file + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439 + +Signed-off-by: Ralph Boehme + +CVE: CVE-2023-4091 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/b08a60160e6ab8d982d31844bcbf7ab67ff3a8de] + +Signed-off-by: Archana Polampalli +--- + selftest/knownfail.d/samba3.smb2.acls | 1 + + source4/torture/smb2/acls.c | 145 ++++++++++++++++++++++++++ + 2 files changed, 146 insertions(+) + create mode 100644 selftest/knownfail.d/samba3.smb2.acls + +diff --git a/selftest/knownfail.d/samba3.smb2.acls b/selftest/knownfail.d/samba3.smb2.acls +new file mode 100644 +index 0000000..18df260 +--- /dev/null ++++ b/selftest/knownfail.d/samba3.smb2.acls +@@ -0,0 +1 @@ ++^samba3.smb2.acls.OVERWRITE_READ_ONLY_FILE +diff --git a/source4/torture/smb2/acls.c b/source4/torture/smb2/acls.c +index 4f4538b..d26caeb 100644 +--- a/source4/torture/smb2/acls.c ++++ b/source4/torture/smb2/acls.c +@@ -3023,6 +3023,149 @@ done: + return ret; + } + ++static bool test_overwrite_read_only_file(struct torture_context *tctx, ++ struct smb2_tree *tree) ++{ ++ NTSTATUS status; ++ struct smb2_create c; ++ const char *fname = BASEDIR "\\test_overwrite_read_only_file.txt"; ++ struct smb2_handle handle = {{0}}; ++ union smb_fileinfo q; ++ union smb_setfileinfo set; ++ struct security_descriptor *sd = NULL, *sd_orig = NULL; ++ const char *owner_sid = NULL; ++ int i; ++ bool ret = true; ++ ++ struct tcase { ++ int disposition; ++ const char *disposition_string; ++ NTSTATUS expected_status; ++ } tcases[] = { ++#define TCASE(d, s) { \ ++ .disposition = d, \ ++ .disposition_string = #d, \ ++ .expected_status = s, \ ++ } ++ TCASE(NTCREATEX_DISP_OPEN, NT_STATUS_OK), ++ TCASE(NTCREATEX_DISP_SUPERSEDE, NT_STATUS_ACCESS_DENIED), ++ TCASE(NTCREATEX_DISP_OVERWRITE, NT_STATUS_ACCESS_DENIED), ++ TCASE(NTCREATEX_DISP_OVERWRITE_IF, NT_STATUS_ACCESS_DENIED), ++ }; ++#undef TCASE ++ ++ ret = smb2_util_setup_dir(tctx, tree, BASEDIR); ++ torture_assert_goto(tctx, ret, ret, done, "smb2_util_setup_dir not ok"); ++ ++ c = (struct smb2_create) { ++ .in.desired_access = SEC_STD_READ_CONTROL | ++ SEC_STD_WRITE_DAC | ++ SEC_STD_WRITE_OWNER, ++ .in.file_attributes = FILE_ATTRIBUTE_NORMAL, ++ .in.share_access = NTCREATEX_SHARE_ACCESS_READ | ++ NTCREATEX_SHARE_ACCESS_WRITE, ++ .in.create_disposition = NTCREATEX_DISP_OPEN_IF, ++ .in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS, ++ .in.fname = fname, ++ }; ++ ++ status = smb2_create(tree, tctx, &c); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_create failed\n"); ++ handle = c.out.file.handle; ++ ++ torture_comment(tctx, "get the original sd\n"); ++ ++ ZERO_STRUCT(q); ++ q.query_secdesc.level = RAW_FILEINFO_SEC_DESC; ++ q.query_secdesc.in.file.handle = handle; ++ q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER; ++ ++ status = smb2_getinfo_file(tree, tctx, &q); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_getinfo_file failed\n"); ++ sd_orig = q.query_secdesc.out.sd; ++ ++ owner_sid = dom_sid_string(tctx, sd_orig->owner_sid); ++ ++ sd = security_descriptor_dacl_create(tctx, ++ 0, NULL, NULL, ++ owner_sid, ++ SEC_ACE_TYPE_ACCESS_ALLOWED, ++ SEC_FILE_READ_DATA, ++ 0, ++ NULL); ++ ++ ZERO_STRUCT(set); ++ set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; ++ set.set_secdesc.in.file.handle = handle; ++ set.set_secdesc.in.secinfo_flags = SECINFO_DACL; ++ set.set_secdesc.in.sd = sd; ++ ++ status = smb2_setinfo_file(tree, &set); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_setinfo_file failed\n"); ++ ++ smb2_util_close(tree, handle); ++ ZERO_STRUCT(handle); ++ ++ for (i = 0; i < ARRAY_SIZE(tcases); i++) { ++ torture_comment(tctx, "Verify open with %s dispostion\n", ++ tcases[i].disposition_string); ++ ++ c = (struct smb2_create) { ++ .in.create_disposition = tcases[i].disposition, ++ .in.desired_access = SEC_FILE_READ_DATA, ++ .in.file_attributes = FILE_ATTRIBUTE_NORMAL, ++ .in.share_access = NTCREATEX_SHARE_ACCESS_MASK, ++ .in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS, ++ .in.fname = fname, ++ }; ++ ++ status = smb2_create(tree, tctx, &c); ++ smb2_util_close(tree, c.out.file.handle); ++ torture_assert_ntstatus_equal_goto( ++ tctx, status, tcases[i].expected_status, ret, done, ++ "smb2_create failed\n"); ++ }; ++ ++ torture_comment(tctx, "put back original sd\n"); ++ ++ c = (struct smb2_create) { ++ .in.desired_access = SEC_STD_WRITE_DAC, ++ .in.file_attributes = FILE_ATTRIBUTE_NORMAL, ++ .in.share_access = NTCREATEX_SHARE_ACCESS_MASK, ++ .in.create_disposition = NTCREATEX_DISP_OPEN_IF, ++ .in.impersonation_level = NTCREATEX_IMPERSONATION_ANONYMOUS, ++ .in.fname = fname, ++ }; ++ ++ status = smb2_create(tree, tctx, &c); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_create failed\n"); ++ handle = c.out.file.handle; ++ ++ ZERO_STRUCT(set); ++ set.set_secdesc.level = RAW_SFILEINFO_SEC_DESC; ++ set.set_secdesc.in.file.handle = handle; ++ set.set_secdesc.in.secinfo_flags = SECINFO_DACL; ++ set.set_secdesc.in.sd = sd_orig; ++ ++ status = smb2_setinfo_file(tree, &set); ++ torture_assert_ntstatus_ok_goto(tctx, status, ret, done, ++ "smb2_setinfo_file failed\n"); ++ ++ smb2_util_close(tree, handle); ++ ZERO_STRUCT(handle); ++ ++done: ++ smb2_util_close(tree, handle); ++ smb2_util_unlink(tree, fname); ++ smb2_deltree(tree, BASEDIR); ++ return ret; ++} ++ ++ + /* + basic testing of SMB2 ACLs + */ +@@ -3051,6 +3194,8 @@ struct torture_suite *torture_smb2_acls_init(TALLOC_CTX *ctx) + test_deny1); + torture_suite_add_1smb2_test(suite, "MXAC-NOT-GRANTED", + test_mxac_not_granted); ++ torture_suite_add_1smb2_test(suite, "OVERWRITE_READ_ONLY_FILE", ++ test_overwrite_read_only_file); + + suite->description = talloc_strdup(suite, "SMB2-ACLS tests"); + +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0002.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0002.patch new file mode 100644 index 00000000000..43d3b4929ff --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-4091-0002.patch @@ -0,0 +1,59 @@ +From 8b26f634372f11edcbea33dfd68a3d57889dfcc5 Mon Sep 17 00:00:00 2001 +From: Ralph Boehme +Date: Tue, 1 Aug 2023 13:04:36 +0200 +Subject: [PATCH] CVE-2023-4091: smbd: use open_access_mask for access check in + open_file() + +If the client requested FILE_OVERWRITE[_IF], we're implicitly adding +FILE_WRITE_DATA to the open_access_mask in open_file_ntcreate(), but for the +access check we're using access_mask which doesn't contain the additional +right, which means we can end up truncating a file for which the user has +only read-only access via an SD. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15439 + +Signed-off-by: Ralph Boehme + +CVE: CVE-2023-4091 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/8b26f634372f11edcbea33dfd68a3d57889dfcc5] + +Signed-off-by: Archana Polampalli +--- + selftest/knownfail.d/samba3.smb2.acls | 1 - + source3/smbd/open.c | 4 ++-- + 2 files changed, 2 insertions(+), 3 deletions(-) + delete mode 100644 selftest/knownfail.d/samba3.smb2.acls + +diff --git a/selftest/knownfail.d/samba3.smb2.acls b/selftest/knownfail.d/samba3.smb2.acls +deleted file mode 100644 +index 18df260..0000000 +--- a/selftest/knownfail.d/samba3.smb2.acls ++++ /dev/null +@@ -1 +0,0 @@ +-^samba3.smb2.acls.OVERWRITE_READ_ONLY_FILE +diff --git a/source3/smbd/open.c b/source3/smbd/open.c +index 2c3bf9e..4bec5cb 100644 +--- a/source3/smbd/open.c ++++ b/source3/smbd/open.c +@@ -1402,7 +1402,7 @@ static NTSTATUS open_file(files_struct *fsp, + conn->cwd_fsp, + smb_fname, + false, +- access_mask); ++ open_access_mask); + + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10, ("open_file: " +@@ -1585,7 +1585,7 @@ static NTSTATUS open_file(files_struct *fsp, + conn->cwd_fsp, + smb_fname, + false, +- access_mask); ++ open_access_mask); + + if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) && + (fsp->posix_flags & FSP_POSIX_FLAGS_OPEN) && +-- +2.40.0 + diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index aa27592cb0c..dcb4d8137f1 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -49,6 +49,8 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2023-34968_0009.patch \ file://CVE-2023-34968_0010.patch \ file://CVE-2023-34968_0011.patch \ + file://CVE-2023-4091-0001.patch \ + file://CVE-2023-4091-0002.patch \ " SRC_URI:append:libc-musl = " \ From a9f070da583f6dfb3089e94f1c7b2861eb13554e Mon Sep 17 00:00:00 2001 From: Christian Eggers Date: Fri, 24 Nov 2023 08:45:15 +0100 Subject: [PATCH 519/600] python3-gcovr: switch to main branch Branch "master" has been renamed to "main". Signed-off-by: Christian Eggers Signed-off-by: Armin Kuster --- meta-python/recipes-devtools/python/python3-gcovr_5.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-python/recipes-devtools/python/python3-gcovr_5.1.bb b/meta-python/recipes-devtools/python/python3-gcovr_5.1.bb index 9ab8aa9a894..5dcd9496c5a 100644 --- a/meta-python/recipes-devtools/python/python3-gcovr_5.1.bb +++ b/meta-python/recipes-devtools/python/python3-gcovr_5.1.bb @@ -4,7 +4,7 @@ SECTION = "devel/python" LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=08208c66520e8d69d5367483186d94ed" -SRC_URI = "git://github.com/gcovr/gcovr.git;branch=master;protocol=https" +SRC_URI = "git://github.com/gcovr/gcovr.git;branch=main;protocol=https" SRC_URI += "file://0001-Fix-parsing-of-gcov-metadata-601.patch" SRCREV = "e71e883521b78122c49016eb4e510e6da06c6916" From 3fdd2602091966f3e928243cd4bb632107618fb6 Mon Sep 17 00:00:00 2001 From: Jasper Orschulko Date: Mon, 27 Nov 2023 00:54:30 +0100 Subject: [PATCH 520/600] nginx: Mitigate HTTP/2 Stream Resets Flood impact Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product (CVE-2023-44487). See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ This patch only reduces the impact and does not completely mitigate the CVE in question, the latter being due to a design flaw in the HTTP/2 protocol itself. For transparancy reasons I therefore opted to not mark the CVE as resolved, so that integrators can decide for themselves, wheither to enable HTTP/2 support or allow HTTP/1.1 connections only. Signed-off-by: Jasper Orschulko Signed-off-by: Armin Kuster --- ...-per-iteration-stream-handling-limit.patch | 92 +++++++++++++++++++ .../recipes-httpd/nginx/nginx_1.20.1.bb | 1 + .../recipes-httpd/nginx/nginx_1.21.1.bb | 2 + 3 files changed, 95 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/0001-HTTP-2-per-iteration-stream-handling-limit.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/0001-HTTP-2-per-iteration-stream-handling-limit.patch b/meta-webserver/recipes-httpd/nginx/files/0001-HTTP-2-per-iteration-stream-handling-limit.patch new file mode 100644 index 00000000000..7dd1e721c0f --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/0001-HTTP-2-per-iteration-stream-handling-limit.patch @@ -0,0 +1,92 @@ +From 2b9667f36551406169e3e2a6a774466ac70a83c0 Mon Sep 17 00:00:00 2001 +From: Maxim Dounin +Date: Tue, 10 Oct 2023 15:13:39 +0300 +Subject: [PATCH] HTTP/2: per-iteration stream handling limit. + +To ensure that attempts to flood servers with many streams are detected +early, a limit of no more than 2 * max_concurrent_streams new streams per one +event loop iteration was introduced. This limit is applied even if +max_concurrent_streams is not yet reached - for example, if corresponding +streams are handled synchronously or reset. + +Further, refused streams are now limited to maximum of max_concurrent_streams +and 100, similarly to priority_limit initial value, providing some tolerance +to clients trying to open several streams at the connection start, yet +low tolerance to flooding attempts. + +Upstream-Status: Backport +[https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9] + +Reduces the impact of HTTP/2 Stream Reset flooding in the nginx product +(CVE-2023-44487). + +See: https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/ + +This patch only reduces the impact and does not completely mitigate the CVE +in question, the latter being due to a design flaw in the HTTP/2 protocol +itself. For transparancy reasons I therefore opted to not mark the +CVE as resolved, so that integrators can decide for themselves, wheither to +enable HTTP/2 support or allow HTTP/1.1 connections only. + +Signed-off-by: Jasper Orschulko +--- + src/http/v2/ngx_http_v2.c | 15 +++++++++++++++ + src/http/v2/ngx_http_v2.h | 2 ++ + 2 files changed, 17 insertions(+) + +diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c +index 3611a2e50..291677aca 100644 +--- a/src/http/v2/ngx_http_v2.c ++++ b/src/http/v2/ngx_http_v2.c +@@ -361,6 +361,7 @@ ngx_http_v2_read_handler(ngx_event_t *rev) + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http2 read handler"); + + h2c->blocked = 1; ++ h2c->new_streams = 0; + + if (c->close) { + c->close = 0; +@@ -1320,6 +1321,14 @@ ngx_http_v2_state_headers(ngx_http_v2_connection_t *h2c, u_char *pos, + goto rst_stream; + } + ++ if (h2c->new_streams++ >= 2 * h2scf->concurrent_streams) { ++ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, ++ "client sent too many streams at once"); ++ ++ status = NGX_HTTP_V2_REFUSED_STREAM; ++ goto rst_stream; ++ } ++ + if (!h2c->settings_ack + && !(h2c->state.flags & NGX_HTTP_V2_END_STREAM_FLAG) + && h2scf->preread_size < NGX_HTTP_V2_DEFAULT_WINDOW) +@@ -1385,6 +1394,12 @@ ngx_http_v2_state_headers(ngx_http_v2_connection_t *h2c, u_char *pos, + + rst_stream: + ++ if (h2c->refused_streams++ > ngx_max(h2scf->concurrent_streams, 100)) { ++ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, ++ "client sent too many refused streams"); ++ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_NO_ERROR); ++ } ++ + if (ngx_http_v2_send_rst_stream(h2c, h2c->state.sid, status) != NGX_OK) { + return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_INTERNAL_ERROR); + } +diff --git a/src/http/v2/ngx_http_v2.h b/src/http/v2/ngx_http_v2.h +index 349229711..6a7aaa62c 100644 +--- a/src/http/v2/ngx_http_v2.h ++++ b/src/http/v2/ngx_http_v2.h +@@ -125,6 +125,8 @@ struct ngx_http_v2_connection_s { + ngx_uint_t processing; + ngx_uint_t frames; + ngx_uint_t idle; ++ ngx_uint_t new_streams; ++ ngx_uint_t refused_streams; + ngx_uint_t priority_limit; + + ngx_uint_t pushing; +-- +2.42.1 + diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb index 09a1b455918..8bed04d6d82 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.20.1.bb @@ -2,6 +2,7 @@ require nginx.inc SRC_URI += "file://CVE-2021-3618.patch \ file://CVE-2022-41741-CVE-2022-41742.patch \ + file://0001-HTTP-2-per-iteration-stream-handling-limit.patch \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=206629dc7c7b3e87acb31162363ae505" diff --git a/meta-webserver/recipes-httpd/nginx/nginx_1.21.1.bb b/meta-webserver/recipes-httpd/nginx/nginx_1.21.1.bb index b69fd7dab0f..73b5c93c901 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx_1.21.1.bb +++ b/meta-webserver/recipes-httpd/nginx/nginx_1.21.1.bb @@ -1,5 +1,7 @@ require nginx.inc +SRC_URI += "file://0001-HTTP-2-per-iteration-stream-handling-limit.patch" + # 1.20.x branch is the current stable branch, the recommended default # 1.21.x is the current mainline branches containing all new features DEFAULT_PREFERENCE = "-1" From 1117be8983eb2441ee9721abd7665cc071c38c70 Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Wed, 29 Nov 2023 07:18:31 +0000 Subject: [PATCH 521/600] postgresql: fix CVE-2023-5868 CVE-2023-5869 CVE-2023-5870 CVE-2023-5868: postgresql: Compute aggregate argument types correctly in transformAggregateCall() CVE-2023-5869: postgresql: Detect integer overflow while computing new array dimensions CVE-2023-5870: postgresql: Ban role pg_signal_backend from more superuser backend types. References: https://nvd.nist.gov/vuln/detail/CVE-2023-5868 https://nvd.nist.gov/vuln/detail/CVE-2023-5869 https://nvd.nist.gov/vuln/detail/CVE-2023-5870 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- .../postgresql/files/CVE-2023-5868.patch | 125 ++++++++ .../postgresql/files/CVE-2023-5869.patch | 294 ++++++++++++++++++ .../postgresql/files/CVE-2023-5870.patch | 108 +++++++ .../recipes-dbs/postgresql/postgresql_14.9.bb | 3 + 4 files changed, 530 insertions(+) create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch create mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch new file mode 100644 index 00000000000..50953f49b25 --- /dev/null +++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch @@ -0,0 +1,125 @@ +From 3b0776fde56763c549df35ce9750f3399bc710b2 Mon Sep 17 00:00:00 2001 +From: Tom Lane +Date: Tue, 21 Nov 2023 11:37:27 +0000 +Subject: [PATCH] Compute aggregate argument types correctly in + + transformAggregateCall(). + +transformAggregateCall() captures the datatypes of the aggregate's +arguments immediately to construct the Aggref.aggargtypes list. +This seems reasonable because the arguments have already been +transformed --- but there is an edge case where they haven't been. +Specifically, if we have an unknown-type literal in an ANY argument +position, nothing will have been done with it earlier. But if we +also have DISTINCT, then addTargetToGroupList() converts the literal +to "text" type, resulting in the aggargtypes list not matching the +actual runtime type of the argument. The end result is that the +aggregate tries to interpret a "text" value as being of type +"unknown", that is a zero-terminated C string. If the text value +contains no zero bytes, this could result in disclosure of server +memory following the text literal value. + +To fix, move the collection of the aggargtypes list to the end +of transformAggregateCall(), after DISTINCT has been handled. +This requires slightly more code, but not a great deal. + +Our thanks to Jingzhou Fu for reporting this problem. + +Security: CVE-2023-5868 + +CVE: CVE-2023-5868 +Upstream-Status: Backport [https://github.com/postgres/postgres/commit/3b0776fde56763c549df35ce9750f3399bc710b2] + +Signed-off-by: Yogita Urade + +--- + src/backend/parser/parse_agg.c | 35 +++++++++++++++++++---------- + src/test/regress/expected/jsonb.out | 7 ++++++ + src/test/regress/sql/jsonb.sql | 3 +++ + 3 files changed, 33 insertions(+), 12 deletions(-) + +diff --git a/src/backend/parser/parse_agg.c b/src/backend/parser/parse_agg.c +index 828cd99..90cf150 100644 +--- a/src/backend/parser/parse_agg.c ++++ b/src/backend/parser/parse_agg.c +@@ -110,18 +110,6 @@ transformAggregateCall(ParseState *pstate, Aggref *agg, + int save_next_resno; + ListCell *lc; + +- /* +- * Before separating the args into direct and aggregated args, make a list +- * of their data type OIDs for use later. +- */ +- foreach(lc, args) +- { +- Expr *arg = (Expr *) lfirst(lc); +- +- argtypes = lappend_oid(argtypes, exprType((Node *) arg)); +- } +- agg->aggargtypes = argtypes; +- + if (AGGKIND_IS_ORDERED_SET(agg->aggkind)) + { + /* +@@ -233,6 +221,29 @@ transformAggregateCall(ParseState *pstate, Aggref *agg, + agg->aggorder = torder; + agg->aggdistinct = tdistinct; + ++ /* ++ * Now build the aggargtypes list with the type OIDs of the direct and ++ * aggregated args, ignoring any resjunk entries that might have been ++ * added by ORDER BY/DISTINCT processing. We can't do this earlier ++ * because said processing can modify some args' data types, in particular ++ * by resolving previously-unresolved "unknown" literals. ++ */ ++ foreach(lc, agg->aggdirectargs) ++ { ++ Expr *arg = (Expr *) lfirst(lc); ++ ++ argtypes = lappend_oid(argtypes, exprType((Node *) arg)); ++ } ++ foreach(lc, tlist) ++ { ++ TargetEntry *tle = (TargetEntry *) lfirst(lc); ++ ++ if (tle->resjunk) ++ continue; /* ignore junk */ ++ argtypes = lappend_oid(argtypes, exprType((Node *) tle->expr)); ++ } ++ agg->aggargtypes = argtypes; ++ + check_agglevels_and_constraints(pstate, (Node *) agg); + } + +diff --git a/src/test/regress/expected/jsonb.out b/src/test/regress/expected/jsonb.out +index bec355d..eb7f410 100644 +--- a/src/test/regress/expected/jsonb.out ++++ b/src/test/regress/expected/jsonb.out +@@ -1558,6 +1558,13 @@ SELECT jsonb_object_agg(name, type) FROM foo; + INSERT INTO foo VALUES (999999, NULL, 'bar'); + SELECT jsonb_object_agg(name, type) FROM foo; + ERROR: field name must not be null ++-- edge case for parser ++SELECT jsonb_object_agg(DISTINCT 'a', 'abc'); ++ jsonb_object_agg ++------------------ ++ {"a": "abc"} ++(1 row) ++ + -- jsonb_object + -- empty object, one dimension + SELECT jsonb_object('{}'); +diff --git a/src/test/regress/sql/jsonb.sql b/src/test/regress/sql/jsonb.sql +index f8d5960..040e1ba 100644 +--- a/src/test/regress/sql/jsonb.sql ++++ b/src/test/regress/sql/jsonb.sql +@@ -397,6 +397,9 @@ SELECT jsonb_object_agg(name, type) FROM foo; + INSERT INTO foo VALUES (999999, NULL, 'bar'); + SELECT jsonb_object_agg(name, type) FROM foo; + ++-- edge case for parser ++SELECT jsonb_object_agg(DISTINCT 'a', 'abc'); ++ + -- jsonb_object + + -- empty object, one dimension diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch new file mode 100644 index 00000000000..cef2ab2253f --- /dev/null +++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch @@ -0,0 +1,294 @@ +From 18b585155a891784ca8985f595ebc0dde94e0d43 Mon Sep 17 00:00:00 2001 +From: Tom Lane +Date: Tue, 21 Nov 2023 11:43:00 +0000 +Subject: [PATCH] Detect integer overflow while computing new array dimensions. + +array_set_element() and related functions allow an array to be +enlarged by assigning to subscripts outside the current array bounds. +While these places were careful to check that the new bounds are +allowable, they neglected to consider the risk of integer overflow +in computing the new bounds. In edge cases, we could compute new +bounds that are invalid but get past the subsequent checks, +allowing bad things to happen. Memory stomps that are potentially +exploitable for arbitrary code execution are possible, and so is +disclosure of server memory. + +To fix, perform the hazardous computations using overflow-detecting +arithmetic routines, which fortunately exist in all still-supported +branches. + +The test cases added for this generate (after patching) errors that +mention the value of MaxArraySize, which is platform-dependent. +Rather than introduce multiple expected-files, use psql's VERBOSITY +parameter to suppress the printing of the message text. v11 psql +lacks that parameter, so omit the tests in that branch. + +Our thanks to Pedro Gallegos for reporting this problem. + +Security: CVE-2023-5869 + +CVE: CVE-2023-5869 +Upstream-Status: Backport [https://github.com/postgres/postgres/commit/18b585155a891784ca8985f595ebc0dde94e0d43] + +Signed-off-by: Yogita Urade + +--- + src/backend/utils/adt/arrayfuncs.c | 85 ++++++++++++++++++++++------ + src/backend/utils/adt/arrayutils.c | 6 -- + src/include/utils/array.h | 7 +++ + src/test/regress/expected/arrays.out | 17 ++++++ + src/test/regress/sql/arrays.sql | 19 +++++++ + 5 files changed, 110 insertions(+), 24 deletions(-) + +diff --git a/src/backend/utils/adt/arrayfuncs.c b/src/backend/utils/adt/arrayfuncs.c +index 949737d..0071f7d 100644 +--- a/src/backend/utils/adt/arrayfuncs.c ++++ b/src/backend/utils/adt/arrayfuncs.c +@@ -19,6 +19,7 @@ + + #include "access/htup_details.h" + #include "catalog/pg_type.h" ++#include "common/int.h" + #include "funcapi.h" + #include "libpq/pqformat.h" + #include "nodes/nodeFuncs.h" +@@ -2334,22 +2335,38 @@ array_set_element(Datum arraydatum, + addedbefore = addedafter = 0; + + /* +- * Check subscripts ++ * Check subscripts. We assume the existing subscripts passed ++ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without ++ * overflow. But we must beware of other overflows in our calculations of ++ * new dim[] values. + */ + if (ndim == 1) + { + if (indx[0] < lb[0]) + { +- addedbefore = lb[0] - indx[0]; +- dim[0] += addedbefore; ++ /* addedbefore = lb[0] - indx[0]; */ ++ /* dim[0] += addedbefore; */ ++ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) || ++ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); + lb[0] = indx[0]; + if (addedbefore > 1) + newhasnulls = true; /* will insert nulls */ + } + if (indx[0] >= (dim[0] + lb[0])) + { +- addedafter = indx[0] - (dim[0] + lb[0]) + 1; +- dim[0] += addedafter; ++ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */ ++ /* dim[0] += addedafter; */ ++ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) || ++ pg_add_s32_overflow(addedafter, 1, &addedafter) || ++ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); + if (addedafter > 1) + newhasnulls = true; /* will insert nulls */ + } +@@ -2595,14 +2612,23 @@ array_set_element_expanded(Datum arraydatum, + addedbefore = addedafter = 0; + + /* +- * Check subscripts (this logic matches original array_set_element) ++ * Check subscripts (this logic must match array_set_element). We assume ++ * the existing subscripts passed ArrayCheckBounds, so that dim[i] + lb[i] ++ * can be computed without overflow. But we must beware of other ++ * overflows in our calculations of new dim[] values. + */ + if (ndim == 1) + { + if (indx[0] < lb[0]) + { +- addedbefore = lb[0] - indx[0]; +- dim[0] += addedbefore; ++ /* addedbefore = lb[0] - indx[0]; */ ++ /* dim[0] += addedbefore; */ ++ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) || ++ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); + lb[0] = indx[0]; + dimschanged = true; + if (addedbefore > 1) +@@ -2610,8 +2636,15 @@ array_set_element_expanded(Datum arraydatum, + } + if (indx[0] >= (dim[0] + lb[0])) + { +- addedafter = indx[0] - (dim[0] + lb[0]) + 1; +- dim[0] += addedafter; ++ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */ ++ /* dim[0] += addedafter; */ ++ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) || ++ pg_add_s32_overflow(addedafter, 1, &addedafter) || ++ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); + dimschanged = true; + if (addedafter > 1) + newhasnulls = true; /* will insert nulls */ +@@ -2894,7 +2927,10 @@ array_set_slice(Datum arraydatum, + addedbefore = addedafter = 0; + + /* +- * Check subscripts ++ * Check subscripts. We assume the existing subscripts passed ++ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without ++ * overflow. But we must beware of other overflows in our calculations of ++ * new dim[] values. + */ + if (ndim == 1) + { +@@ -2909,18 +2945,31 @@ array_set_slice(Datum arraydatum, + errmsg("upper bound cannot be less than lower bound"))); + if (lowerIndx[0] < lb[0]) + { +- if (upperIndx[0] < lb[0] - 1) +- newhasnulls = true; /* will insert nulls */ +- addedbefore = lb[0] - lowerIndx[0]; +- dim[0] += addedbefore; ++ /* addedbefore = lb[0] - lowerIndx[0]; */ ++ /* dim[0] += addedbefore; */ ++ if (pg_sub_s32_overflow(lb[0], lowerIndx[0], &addedbefore) || ++ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); + lb[0] = lowerIndx[0]; ++ if (addedbefore > 1) ++ newhasnulls = true; /* will insert nulls */ + } + if (upperIndx[0] >= (dim[0] + lb[0])) + { +- if (lowerIndx[0] > (dim[0] + lb[0])) ++ /* addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; */ ++ /* dim[0] += addedafter; */ ++ if (pg_sub_s32_overflow(upperIndx[0], dim[0] + lb[0], &addedafter) || ++ pg_add_s32_overflow(addedafter, 1, &addedafter) || ++ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) ++ ereport(ERROR, ++ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), ++ errmsg("array size exceeds the maximum allowed (%d)", ++ (int) MaxArraySize))); ++ if (addedafter > 1) + newhasnulls = true; /* will insert nulls */ +- addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; +- dim[0] += addedafter; + } + } + else +diff --git a/src/backend/utils/adt/arrayutils.c b/src/backend/utils/adt/arrayutils.c +index 6988edd..fdaf712 100644 +--- a/src/backend/utils/adt/arrayutils.c ++++ b/src/backend/utils/adt/arrayutils.c +@@ -64,10 +64,6 @@ ArrayGetOffset0(int n, const int *tup, const int *scale) + * This must do overflow checking, since it is used to validate that a user + * dimensionality request doesn't overflow what we can handle. + * +- * We limit array sizes to at most about a quarter billion elements, +- * so that it's not necessary to check for overflow in quite so many +- * places --- for instance when palloc'ing Datum arrays. +- * + * The multiplication overflow check only works on machines that have int64 + * arithmetic, but that is nearly all platforms these days, and doing check + * divides for those that don't seems way too expensive. +@@ -78,8 +74,6 @@ ArrayGetNItems(int ndim, const int *dims) + int32 ret; + int i; + +-#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum))) +- + if (ndim <= 0) + return 0; + ret = 1; +diff --git a/src/include/utils/array.h b/src/include/utils/array.h +index 4ae6c3b..0d6db51 100644 +--- a/src/include/utils/array.h ++++ b/src/include/utils/array.h +@@ -74,6 +74,13 @@ struct ExprContext; + */ + #define MAXDIM 6 + ++/* ++ * Maximum number of elements in an array. We limit this to at most about a ++ * quarter billion elements, so that it's not necessary to check for overflow ++ * in quite so many places --- for instance when palloc'ing Datum arrays. ++ */ ++#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum))) ++ + /* + * Arrays are varlena objects, so must meet the varlena convention that + * the first int32 of the object contains the total object size in bytes. +diff --git a/src/test/regress/expected/arrays.out b/src/test/regress/expected/arrays.out +index 4923cf3..7f9b693 100644 +--- a/src/test/regress/expected/arrays.out ++++ b/src/test/regress/expected/arrays.out +@@ -1380,6 +1380,23 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk) + -- then you didn't get an indexscan plan, and something is busted. + reset enable_seqscan; + reset enable_bitmapscan; ++-- test subscript overflow detection ++-- The normal error message includes a platform-dependent limit, ++-- so suppress it to avoid needing multiple expected-files. ++\set VERBOSITY sqlstate ++insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}'); ++update arr_pk_tbl set f1[2147483647] = 42 where pk = 10; ++ERROR: 54000 ++update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10; ++ERROR: 54000 ++-- also exercise the expanded-array case ++do $$ declare a int[]; ++begin ++ a := '[-2147483648:-2147483647]={1,2}'::int[]; ++ a[2147483647] := 42; ++end $$; ++ERROR: 54000 ++\set VERBOSITY default + -- test [not] (like|ilike) (any|all) (...) + select 'foo' like any (array['%a', '%o']); -- t + ?column? +diff --git a/src/test/regress/sql/arrays.sql b/src/test/regress/sql/arrays.sql +index 5eedc4c..3ad8bdf 100644 +--- a/src/test/regress/sql/arrays.sql ++++ b/src/test/regress/sql/arrays.sql +@@ -415,6 +415,25 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk) + reset enable_seqscan; + reset enable_bitmapscan; + ++-- test subscript overflow detection ++ ++-- The normal error message includes a platform-dependent limit, ++-- so suppress it to avoid needing multiple expected-files. ++\set VERBOSITY sqlstate ++ ++insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}'); ++update arr_pk_tbl set f1[2147483647] = 42 where pk = 10; ++update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10; ++ ++-- also exercise the expanded-array case ++do $$ declare a int[]; ++begin ++ a := '[-2147483648:-2147483647]={1,2}'::int[]; ++ a[2147483647] := 42; ++end $$; ++ ++\set VERBOSITY default ++ + -- test [not] (like|ilike) (any|all) (...) + select 'foo' like any (array['%a', '%o']); -- t + select 'foo' like any (array['%a', '%b']); -- f diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch new file mode 100644 index 00000000000..b1a16e46601 --- /dev/null +++ b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch @@ -0,0 +1,108 @@ +From 3a9b18b3095366cd0c4305441d426d04572d88c1 Mon Sep 17 00:00:00 2001 +From: Noah Misch +Date: Tue, 21 Nov 2023 11:49:50 +0000 +Subject: [PATCH] Ban role pg_signal_backend from more superuser backend types. + +Documentation says it cannot signal "a backend owned by a superuser". +On the contrary, it could signal background workers, including the +logical replication launcher. It could signal autovacuum workers and +the autovacuum launcher. Block all that. Signaling autovacuum workers +and those two launchers doesn't stall progress beyond what one could +achieve other ways. If a cluster uses a non-core extension with a +background worker that does not auto-restart, this could create a denial +of service with respect to that background worker. A background worker +with bugs in its code for responding to terminations or cancellations +could experience those bugs at a time the pg_signal_backend member +chooses. Back-patch to v11 (all supported versions). + +Reviewed by Jelte Fennema-Nio. Reported by Hemanth Sandrana and +Mahendrakar Srinivasarao. + +Security: CVE-2023-5870 + +CVE: CVE-2023-5870 +Upstream-Status: Backport [https://github.com/postgres/postgres/commit/3a9b18b3095366cd0c4305441d426d04572d88c1] + +Signed-off-by: Yogita Urade + +--- + src/backend/storage/ipc/signalfuncs.c | 9 +++++++-- + src/test/regress/expected/privileges.out | 18 ++++++++++++++++++ + src/test/regress/sql/privileges.sql | 15 +++++++++++++++ + 3 files changed, 40 insertions(+), 2 deletions(-) + +diff --git a/src/backend/storage/ipc/signalfuncs.c b/src/backend/storage/ipc/signalfuncs.c +index de69d60..b6ff412 100644 +--- a/src/backend/storage/ipc/signalfuncs.c ++++ b/src/backend/storage/ipc/signalfuncs.c +@@ -69,8 +69,13 @@ pg_signal_backend(int pid, int sig) + return SIGNAL_BACKEND_ERROR; + } + +- /* Only allow superusers to signal superuser-owned backends. */ +- if (superuser_arg(proc->roleId) && !superuser()) ++ /* ++ * Only allow superusers to signal superuser-owned backends. Any process ++ * not advertising a role might have the importance of a superuser-owned ++ * backend, so treat it that way. ++ */ ++ if ((!OidIsValid(proc->roleId) || superuser_arg(proc->roleId)) && ++ !superuser()) + return SIGNAL_BACKEND_NOSUPERUSER; + + /* Users can signal backends they have role membership in. */ +diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out +index b3c3b25..90e70f9 100644 +--- a/src/test/regress/expected/privileges.out ++++ b/src/test/regress/expected/privileges.out +@@ -1846,6 +1846,24 @@ SELECT * FROM pg_largeobject LIMIT 0; + SET SESSION AUTHORIZATION regress_priv_user1; + SELECT * FROM pg_largeobject LIMIT 0; -- to be denied + ERROR: permission denied for table pg_largeobject ++-- pg_signal_backend can't signal superusers ++RESET SESSION AUTHORIZATION; ++BEGIN; ++CREATE OR REPLACE FUNCTION terminate_nothrow(pid int) RETURNS bool ++ LANGUAGE plpgsql SECURITY DEFINER SET client_min_messages = error AS $$ ++BEGIN ++ RETURN pg_terminate_backend($1); ++EXCEPTION WHEN OTHERS THEN ++ RETURN false; ++END$$; ++ALTER FUNCTION terminate_nothrow OWNER TO pg_signal_backend; ++SELECT backend_type FROM pg_stat_activity ++WHERE CASE WHEN COALESCE(usesysid, 10) = 10 THEN terminate_nothrow(pid) END; ++ backend_type ++-------------- ++(0 rows) ++ ++ROLLBACK; + -- test pg_database_owner + RESET SESSION AUTHORIZATION; + GRANT pg_database_owner TO regress_priv_user1; +diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql +index af05f95..f96143e 100644 +--- a/src/test/regress/sql/privileges.sql ++++ b/src/test/regress/sql/privileges.sql +@@ -1133,6 +1133,21 @@ SELECT * FROM pg_largeobject LIMIT 0; + SET SESSION AUTHORIZATION regress_priv_user1; + SELECT * FROM pg_largeobject LIMIT 0; -- to be denied + ++-- pg_signal_backend can't signal superusers ++RESET SESSION AUTHORIZATION; ++BEGIN; ++CREATE OR REPLACE FUNCTION terminate_nothrow(pid int) RETURNS bool ++ LANGUAGE plpgsql SECURITY DEFINER SET client_min_messages = error AS $$ ++BEGIN ++ RETURN pg_terminate_backend($1); ++EXCEPTION WHEN OTHERS THEN ++ RETURN false; ++END$$; ++ALTER FUNCTION terminate_nothrow OWNER TO pg_signal_backend; ++SELECT backend_type FROM pg_stat_activity ++WHERE CASE WHEN COALESCE(usesysid, 10) = 10 THEN terminate_nothrow(pid) END; ++ROLLBACK; ++ + -- test pg_database_owner + RESET SESSION AUTHORIZATION; + GRANT pg_database_owner TO regress_priv_user1; diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb index f779ea7abdb..a879de20cc1 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb @@ -9,6 +9,9 @@ SRC_URI += "\ file://0001-configure.ac-bypass-autoconf-2.69-version-check.patch \ file://0001-config_info.c-not-expose-build-info.patch \ file://0001-postgresql-fix-ptest-failure-of-sysviews.patch \ + file://CVE-2023-5868.patch \ + file://CVE-2023-5869.patch \ + file://CVE-2023-5870.patch \ " SRC_URI[sha256sum] = "b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef" From 402affcc073db39f782c1ebfd718edd5f11eed4c Mon Sep 17 00:00:00 2001 From: vkumbhar Date: Wed, 29 Nov 2023 15:21:21 +0530 Subject: [PATCH 522/600] squid: fix CVE-2023-46847 Denial of Service in HTTP Digest Authentication Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../squid/files/CVE-2023-46847.patch | 47 +++++++++++++++++++ .../recipes-daemons/squid/squid_4.15.bb | 1 + 2 files changed, 48 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-46847.patch diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-46847.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-46847.patch new file mode 100644 index 00000000000..9071872c019 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-46847.patch @@ -0,0 +1,47 @@ +From 052cf082b0faaef4eaaa4e94119d7a1437aac4a3 Mon Sep 17 00:00:00 2001 +From: squidadm +Date: Wed, 18 Oct 2023 04:50:56 +1300 +Subject: [PATCH] Fix stack buffer overflow when parsing Digest Authorization + (#1517) + +The bug was discovered and detailed by Joshua Rogers at +https://megamansec.github.io/Squid-Security-Audit/digest-overflow.html +where it was filed as "Stack Buffer Overflow in Digest Authentication". + +--------- + +Co-authored-by: Alex Bason +Co-authored-by: Amos Jeffries + +Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/052cf082b0faaef4eaaa4e94119d7a1437aac4a3] +CVE: CVE-2023-46847 +Signed-off-by: Vivek Kumbhar +--- + src/auth/digest/Config.cc | 10 +++++++--- + 1 file changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/auth/digest/Config.cc b/src/auth/digest/Config.cc +index 6a9736f..0a883fa 100644 +--- a/src/auth/digest/Config.cc ++++ b/src/auth/digest/Config.cc +@@ -847,11 +847,15 @@ Auth::Digest::Config::decode(char const *proxy_auth, const char *aRequestRealm) + break; + + case DIGEST_NC: +- if (value.size() != 8) { ++ if (value.size() == 8) { ++ // for historical reasons, the nc value MUST be exactly 8 bytes ++ static_assert(sizeof(digest_request->nc) == 8 + 1, "bad nc buffer size"); ++ xstrncpy(digest_request->nc, value.rawBuf(), value.size() + 1); ++ debugs(29, 9, "Found noncecount '" << digest_request->nc << "'"); ++ } else { + debugs(29, 9, "Invalid nc '" << value << "' in '" << temp << "'"); ++ digest_request->nc[0] = 0; + } +- xstrncpy(digest_request->nc, value.rawBuf(), value.size() + 1); +- debugs(29, 9, "Found noncecount '" << digest_request->nc << "'"); + break; + + case DIGEST_CNONCE: +-- +2.40.1 diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index a1122a3cd45..3027806742d 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb @@ -25,6 +25,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 file://0001-tools.cc-fixed-unused-result-warning.patch \ file://0001-splay.cc-fix-bind-is-not-a-member-of-std.patch \ file://0001-Fix-build-on-Fedora-Rawhide-772.patch \ + file://CVE-2023-46847.patch \ " SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" From 7f5ded2c880947f6866509ea19a49ca4fe5e0357 Mon Sep 17 00:00:00 2001 From: Soumya Date: Fri, 18 Aug 2023 14:38:04 +0000 Subject: [PATCH 523/600] yasm: fix CVE-2023-37732 Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file. References: https://github.com/yasm/yasm/issues/233 https://nvd.nist.gov/vuln/detail/CVE-2023-37732 Signed-off-by: Soumya Signed-off-by: Armin Kuster (cherry picked from commit 41fffef6b044b2722aa13f7e7648a3f848231851) Signed-off-by: Armin Kuster --- .../yasm/yasm/CVE-2023-37732.patch | 41 +++++++++++++++++++ meta-oe/recipes-devtools/yasm/yasm_git.bb | 1 + 2 files changed, 42 insertions(+) create mode 100644 meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch diff --git a/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch new file mode 100644 index 00000000000..1ca33f0a92f --- /dev/null +++ b/meta-oe/recipes-devtools/yasm/yasm/CVE-2023-37732.patch @@ -0,0 +1,41 @@ +From 2cd3bb50e256f5ed5f611ac611d25fe673f2cec3 Mon Sep 17 00:00:00 2001 +From: Peter Johnson +Date: Fri, 11 Aug 2023 10:49:51 +0000 +Subject: [PATCH] elf.c: Fix NULL deref on bad xsize expression (#234) + +CVE: CVE-2023-37732 + +Upstream-Status: Backport [https://github.com/yasm/yasm/commit/2cd3bb50e256f5ed5f611ac611d25fe673f2cec3] + +Signed-off-by: Soumya +--- + modules/objfmts/elf/elf.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/modules/objfmts/elf/elf.c b/modules/objfmts/elf/elf.c +index 2486bba8..bab4c9ca 100644 +--- a/modules/objfmts/elf/elf.c ++++ b/modules/objfmts/elf/elf.c +@@ -482,15 +482,15 @@ elf_symtab_write_to_file(FILE *f, elf_symtab_head *symtab, + + /* get size (if specified); expr overrides stored integer */ + if (entry->xsize) { +- size_intn = yasm_intnum_copy( +- yasm_expr_get_intnum(&entry->xsize, 1)); +- if (!size_intn) { ++ yasm_intnum *intn = yasm_expr_get_intnum(&entry->xsize, 1); ++ if (!intn) { + yasm_error_set(YASM_ERROR_VALUE, + N_("size specifier not an integer expression")); + yasm_errwarn_propagate(errwarns, entry->xsize->line); +- } ++ } else ++ size_intn = yasm_intnum_copy(intn); + } +- else ++ if (!size_intn) + size_intn = yasm_intnum_create_uint(entry->size); + + /* get EQU value for constants */ +-- +2.40.0 diff --git a/meta-oe/recipes-devtools/yasm/yasm_git.bb b/meta-oe/recipes-devtools/yasm/yasm_git.bb index 5c3562300b1..60b00f7ff46 100644 --- a/meta-oe/recipes-devtools/yasm/yasm_git.bb +++ b/meta-oe/recipes-devtools/yasm/yasm_git.bb @@ -12,6 +12,7 @@ SRCREV = "ba463d3c26c0ece2e797b8d6381b161633b5971a" SRC_URI = "git://github.com/yasm/yasm.git;branch=master;protocol=https \ file://0001-Do-not-use-AC_HEADER_STDC.patch \ file://CVE-2023-31975.patch \ + file://CVE-2023-37732.patch \ " S = "${WORKDIR}/git" From e85ed04e3c91118b6081cbe9562fe234ee5be2c6 Mon Sep 17 00:00:00 2001 From: Wentao Zhang Date: Thu, 30 Nov 2023 11:05:55 +0800 Subject: [PATCH 524/600] libbytesize: update github branch to 'main' the repo of libbytesize doesn't have a branch named master. Change the branch from master to main. Signed-off-by: Zhang Xiao Signed-off-by: Wentao Zhang Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libbytesize/libbytesize_2.6.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libbytesize/libbytesize_2.6.bb b/meta-oe/recipes-support/libbytesize/libbytesize_2.6.bb index 154973254d7..abafaaf7a71 100644 --- a/meta-oe/recipes-support/libbytesize/libbytesize_2.6.bb +++ b/meta-oe/recipes-support/libbytesize/libbytesize_2.6.bb @@ -10,7 +10,7 @@ S = "${WORKDIR}/git" B = "${S}" SRCREV = "c9864f4dd03736839f40d225da494cb1eb64e654" -SRC_URI = "git://github.com/rhinstaller/libbytesize;branch=master;protocol=https" +SRC_URI = "git://github.com/rhinstaller/libbytesize;branch=main;protocol=https" inherit gettext autotools pkgconfig python3native From 8a042b540db5421785edcf21d5114be6358246fd Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Thu, 30 Nov 2023 13:17:54 +0100 Subject: [PATCH 525/600] glmark2: inherit python3native to fix build with python-3.12 on build host * fixes: | WARNING: Unable to execute waf --version, exit code 1. Assuming waf version without bindir/libdir support. | DEBUG: Python function waf_preconfigure finished | DEBUG: Executing shell function do_configure | Traceback (most recent call last): | File "/OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/./waf", line 163, in | from waflib import Scripting | File "/OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Scripting.py", line 6, in | from waflib import Utils,Configure,Logs,Options,ConfigSet,Context,Errors,Build,Node | File "/OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Configure.py", line 6, in | from waflib import ConfigSet,Utils,Options,Logs,Context,Build,Errors | File "/OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Options.py", line 6, in | from waflib import Logs,Utils,Context,Errors | File "/OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/git/waflib/Context.py", line 5, in | import os,re,imp,sys | ModuleNotFoundError: No module named 'imp' | WARNING: /OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/temp/run.do_configure.1263276:146 exit 1 from 'waf_do_configure' * this first issue can be fixed easily by backporting: https://gitlab.com/ita1024/waf/-/commit/d2060dfd8af4edb5824153ff24e207b39ecd67a2 * but then it still fails a bit later, because of SyntaxWarning in waf --version output: ERROR: glmark2-2021.12-r0 do_configure: Error executing a python function in exec_func_python() autogenerated: The stack trace of python calls that resulted in this exception/failure was: File: 'exec_func_python() autogenerated', lineno: 2, function: 0001: *** 0002:waf_preconfigure(d) 0003: File: '/OE/build/luneos-kirkstone/openembedded-core/meta/classes/waf.bbclass', lineno: 52, function: waf_preconfigure 0048: wafbin = os.path.join(subsrcdir, 'waf') 0049: try: 0050: result = subprocess.check_output([python, wafbin, '--version'], cwd=subsrcdir, stderr=subprocess.STDOUT) 0051: version = result.decode('utf-8').split()[1] *** 0052: if bb.utils.vercmp_string_op(version, "1.8.7", ">="): 0053: d.setVar("WAF_EXTRA_CONF", "--bindir=${bindir} --libdir=${libdir}") 0054: except subprocess.CalledProcessError as e: 0055: bb.warn("Unable to execute waf --version, exit code %d. Assuming waf version without bindir/libdir support." % e.returncode) 0056: except FileNotFoundError: File: '/OE/build/luneos-kirkstone/bitbake/lib/bb/utils.py', lineno: 148, function: vercmp_string_op 0144: Compare two versions and check if the specified comparison operator matches the result of the comparison. 0145: This function is fairly liberal about what operators it will accept since there are a variety of styles 0146: depending on the context. 0147: """ *** 0148: res = vercmp_string(a, b) 0149: if op in ('=', '=='): 0150: return res == 0 0151: elif op == '<=': 0152: return res <= 0 File: '/OE/build/luneos-kirkstone/bitbake/lib/bb/utils.py', lineno: 138, function: vercmp_string 0134: return r 0135: 0136:def vercmp_string(a, b): 0137: """ Split version strings and compare them """ *** 0138: ta = split_version(a) 0139: tb = split_version(b) 0140: return vercmp(ta, tb) 0141: 0142:def vercmp_string_op(a, b, op): File: '/OE/build/luneos-kirkstone/bitbake/lib/bb/utils.py', lineno: 89, function: split_version 0085: """Split a version string into its constituent parts (PE, PV, PR)""" 0086: s = s.strip(" <>=") 0087: e = 0 0088: if s.count(':'): *** 0089: e = int(s.split(":")[0]) 0090: s = s.split(":")[1] 0091: r = "" 0092: if s.count('-'): 0093: r = s.rsplit("-", 1)[1] Exception: ValueError: invalid literal for int() with base 10: 'SyntaxWarning' ERROR: Logfile of failure stored in: /OE/build/luneos-kirkstone/tmp-glibc/work/core2-64-webos-linux/glmark2/2021.12-r0/temp/log.do_configure.1264918 so it's safer to just use python3-native everywhere, instead of more patches for waf Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- meta-oe/recipes-benchmark/glmark2/glmark2_git.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb index 188d4e5bdf1..68c42b329a5 100644 --- a/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb +++ b/meta-oe/recipes-benchmark/glmark2/glmark2_git.bb @@ -24,7 +24,7 @@ SRCREV = "0858b450cd88c84a15b99dda9698d44e7f7e8c70" S = "${WORKDIR}/git" -inherit waf pkgconfig features_check +inherit waf pkgconfig features_check python3native ANY_OF_DISTRO_FEATURES = "opengl dispmanx" From fee55605480b07337a6dc953a848f6a7e31f9a85 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Thu, 30 Nov 2023 12:23:37 +0000 Subject: [PATCH 526/600] python3-django: Fix for CVE-2023-43665 and CVE-2023-46695 CVE-2023-43665: In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. CVE-2023-46695: An issue was discovered in Django 3.2 before 3.2.23, 4.1 before 4.1.13, and 4.2 before 4.2.7. The NFKC normalization is slow on Windows. As a consequence, django.contrib.auth.forms.UsernameField is subject to a potential DoS (denial of service) attack via certain inputs with a very large number of Unicode characters. References: https://www.djangoproject.com/weblog/2023/oct/04/security-releases/ https://www.djangoproject.com/weblog/2023/nov/01/security-releases/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../python3-django/CVE-2023-43665.patch | 199 ++++++++++++++++++ .../python3-django/CVE-2023-46695.patch | 90 ++++++++ .../python/python3-django_2.2.28.bb | 2 + 3 files changed, 291 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2023-43665.patch create mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2023-46695.patch diff --git a/meta-python/recipes-devtools/python/python3-django/CVE-2023-43665.patch b/meta-python/recipes-devtools/python/python3-django/CVE-2023-43665.patch new file mode 100644 index 00000000000..dbfb9b68a82 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-django/CVE-2023-43665.patch @@ -0,0 +1,199 @@ +From b269a0063e9b10a6c88c92b24d1b92c7421950de Mon Sep 17 00:00:00 2001 +From: Natalia <124304+nessita@users.noreply.github.com> +Date: Wed, 29 Nov 2023 12:20:01 +0000 +Subject: [PATCH 1/2] Fixed CVE-2023-43665 -- Mitigated potential DoS in + django.utils.text.Truncator when truncating HTML text. + +Thanks Wenchao Li of Alibaba Group for the report. + +CVE: CVE-2023-43665 + +Upstream-Status: Backport [https://github.com/django/django/commit/ccdade1a0262537868d7ca64374de3d957ca50c5] + +Signed-off-by: Narpat Mali +--- + django/utils/text.py | 18 ++++++++++++++++- + docs/ref/templates/builtins.txt | 20 +++++++++++++++++++ + docs/releases/2.2.28.txt | 20 +++++++++++++++++++ + tests/utils_tests/test_text.py | 35 ++++++++++++++++++++++++--------- + 4 files changed, 83 insertions(+), 10 deletions(-) + +diff --git a/django/utils/text.py b/django/utils/text.py +index 1fae7b2..06a377b 100644 +--- a/django/utils/text.py ++++ b/django/utils/text.py +@@ -57,7 +57,14 @@ def wrap(text, width): + class Truncator(SimpleLazyObject): + """ + An object used to truncate text, either by characters or words. ++ ++ When truncating HTML text (either chars or words), input will be limited to ++ at most `MAX_LENGTH_HTML` characters. + """ ++ ++ # 5 million characters are approximately 4000 text pages or 3 web pages. ++ MAX_LENGTH_HTML = 5_000_000 ++ + def __init__(self, text): + super().__init__(lambda: str(text)) + +@@ -154,6 +161,11 @@ class Truncator(SimpleLazyObject): + if words and length <= 0: + return '' + ++ size_limited = False ++ if len(text) > self.MAX_LENGTH_HTML: ++ text = text[: self.MAX_LENGTH_HTML] ++ size_limited = True ++ + html4_singlets = ( + 'br', 'col', 'link', 'base', 'img', + 'param', 'area', 'hr', 'input' +@@ -203,10 +215,14 @@ class Truncator(SimpleLazyObject): + # Add it to the start of the open tags list + open_tags.insert(0, tagname) + ++ truncate_text = self.add_truncation_text("", truncate) ++ + if current_len <= length: ++ if size_limited and truncate_text: ++ text += truncate_text + return text ++ + out = text[:end_text_pos] +- truncate_text = self.add_truncation_text('', truncate) + if truncate_text: + out += truncate_text + # Close any tags still open +diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt +index c4b0fa3..4faab38 100644 +--- a/docs/ref/templates/builtins.txt ++++ b/docs/ref/templates/builtins.txt +@@ -2318,6 +2318,16 @@ If ``value`` is ``"

Joel is a slug

"``, the output will be + + Newlines in the HTML content will be preserved. + ++.. admonition:: Size of input string ++ ++ Processing large, potentially malformed HTML strings can be ++ resource-intensive and impact service performance. ``truncatechars_html`` ++ limits input to the first five million characters. ++ ++.. versionchanged:: 2.2.28 ++ ++ In older versions, strings over five million characters were processed. ++ + .. templatefilter:: truncatewords + + ``truncatewords`` +@@ -2356,6 +2366,16 @@ If ``value`` is ``"

Joel is a slug

"``, the output will be + + Newlines in the HTML content will be preserved. + ++.. admonition:: Size of input string ++ ++ Processing large, potentially malformed HTML strings can be ++ resource-intensive and impact service performance. ``truncatewords_html`` ++ limits input to the first five million characters. ++ ++.. versionchanged:: 2.2.28 ++ ++ In older versions, strings over five million characters were processed. ++ + .. templatefilter:: unordered_list + + ``unordered_list`` +diff --git a/docs/releases/2.2.28.txt b/docs/releases/2.2.28.txt +index 40eb230..6a38e9c 100644 +--- a/docs/releases/2.2.28.txt ++++ b/docs/releases/2.2.28.txt +@@ -56,3 +56,23 @@ CVE-2023-41164: Potential denial of service vulnerability in ``django.utils.enco + ``django.utils.encoding.uri_to_iri()`` was subject to potential denial of + service attack via certain inputs with a very large number of Unicode + characters. ++ ++Backporting the CVE-2023-43665 fix on Django 2.2.28. ++ ++CVE-2023-43665: Denial-of-service possibility in ``django.utils.text.Truncator`` ++================================================================================ ++ ++Following the fix for :cve:`2019-14232`, the regular expressions used in the ++implementation of ``django.utils.text.Truncator``'s ``chars()`` and ``words()`` ++methods (with ``html=True``) were revised and improved. However, these regular ++expressions still exhibited linear backtracking complexity, so when given a ++very long, potentially malformed HTML input, the evaluation would still be ++slow, leading to a potential denial of service vulnerability. ++ ++The ``chars()`` and ``words()`` methods are used to implement the ++:tfilter:`truncatechars_html` and :tfilter:`truncatewords_html` template ++filters, which were thus also vulnerable. ++ ++The input processed by ``Truncator``, when operating in HTML mode, has been ++limited to the first five million characters in order to avoid potential ++performance and memory issues. +diff --git a/tests/utils_tests/test_text.py b/tests/utils_tests/test_text.py +index 27e440b..cb3063d 100644 +--- a/tests/utils_tests/test_text.py ++++ b/tests/utils_tests/test_text.py +@@ -1,5 +1,6 @@ + import json + import sys ++from unittest.mock import patch + + from django.core.exceptions import SuspiciousFileOperation + from django.test import SimpleTestCase +@@ -87,11 +88,17 @@ class TestUtilsText(SimpleTestCase): + # lazy strings are handled correctly + self.assertEqual(text.Truncator(lazystr('The quick brown fox')).chars(10), 'The quick…') + +- def test_truncate_chars_html(self): ++ @patch("django.utils.text.Truncator.MAX_LENGTH_HTML", 10_000) ++ def test_truncate_chars_html_size_limit(self): ++ max_len = text.Truncator.MAX_LENGTH_HTML ++ bigger_len = text.Truncator.MAX_LENGTH_HTML + 1 ++ valid_html = "

Joel is a slug

" # 14 chars + perf_test_values = [ +- (('', None), +- ('&' * 50000, '&' * 9 + '…'), +- ('_X<<<<<<<<<<<>', None), ++ ("", None), ++ ("", "", None), ++ (valid_html * bigger_len, "

Joel is a…

"), # 10 chars + ] + for value, expected in perf_test_values: + with self.subTest(value=value): +@@ -149,15 +156,25 @@ class TestUtilsText(SimpleTestCase): + truncator = text.Truncator('

I <3 python, what about you?

') + self.assertEqual('

I <3 python,…

', truncator.words(3, html=True)) + ++ @patch("django.utils.text.Truncator.MAX_LENGTH_HTML", 10_000) ++ def test_truncate_words_html_size_limit(self): ++ max_len = text.Truncator.MAX_LENGTH_HTML ++ bigger_len = text.Truncator.MAX_LENGTH_HTML + 1 ++ valid_html = "

Joel is a slug

" # 4 words + perf_test_values = [ +- ('', +- '&' * 50000, +- '_X<<<<<<<<<<<>', ++ ("", None), ++ ("", "", None), ++ (valid_html * bigger_len, valid_html * 12 + "

Joel is…

"), # 50 words + ] +- for value in perf_test_values: ++ for value, expected in perf_test_values: + with self.subTest(value=value): + truncator = text.Truncator(value) +- self.assertEqual(value, truncator.words(50, html=True)) ++ self.assertEqual( ++ expected if expected else value, truncator.words(50, html=True) ++ ) + + def test_wrap(self): + digits = '1234 67 9' +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-django/CVE-2023-46695.patch b/meta-python/recipes-devtools/python/python3-django/CVE-2023-46695.patch new file mode 100644 index 00000000000..b7dda41f8ff --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-django/CVE-2023-46695.patch @@ -0,0 +1,90 @@ +From 32bc7fa517be1d50239827520cc13f3112d3d748 Mon Sep 17 00:00:00 2001 +From: Mariusz Felisiak +Date: Wed, 29 Nov 2023 12:49:41 +0000 +Subject: [PATCH 2/2] Fixed CVE-2023-46695 -- Fixed potential DoS in + UsernameField on Windows. + +Thanks MProgrammer (https://hackerone.com/mprogrammer) for the report. + +CVE: CVE-2023-46695 + +Upstream-Status: Backport [https://github.com/django/django/commit/f9a7fb8466a7ba4857eaf930099b5258f3eafb2b] + +Signed-off-by: Narpat Mali +--- + django/contrib/auth/forms.py | 10 +++++++++- + docs/releases/2.2.28.txt | 14 ++++++++++++++ + tests/auth_tests/test_forms.py | 8 +++++++- + 3 files changed, 30 insertions(+), 2 deletions(-) + +diff --git a/django/contrib/auth/forms.py b/django/contrib/auth/forms.py +index e6f73fe..26d3ca7 100644 +--- a/django/contrib/auth/forms.py ++++ b/django/contrib/auth/forms.py +@@ -68,7 +68,15 @@ class ReadOnlyPasswordHashField(forms.Field): + + class UsernameField(forms.CharField): + def to_python(self, value): +- return unicodedata.normalize('NFKC', super().to_python(value)) ++ value = super().to_python(value) ++ if self.max_length is not None and len(value) > self.max_length: ++ # Normalization can increase the string length (e.g. ++ # "ff" -> "ff", "½" -> "1⁄2") but cannot reduce it, so there is no ++ # point in normalizing invalid data. Moreover, Unicode ++ # normalization is very slow on Windows and can be a DoS attack ++ # vector. ++ return value ++ return unicodedata.normalize("NFKC", value) + + + class UserCreationForm(forms.ModelForm): +diff --git a/docs/releases/2.2.28.txt b/docs/releases/2.2.28.txt +index 6a38e9c..c653cb6 100644 +--- a/docs/releases/2.2.28.txt ++++ b/docs/releases/2.2.28.txt +@@ -76,3 +76,17 @@ filters, which were thus also vulnerable. + The input processed by ``Truncator``, when operating in HTML mode, has been + limited to the first five million characters in order to avoid potential + performance and memory issues. ++ ++Backporting the CVE-2023-46695 fix on Django 2.2.28. ++ ++CVE-2023-46695: Potential denial of service vulnerability in ``UsernameField`` on Windows ++========================================================================================= ++ ++The :func:`NFKC normalization ` is slow on ++Windows. As a consequence, ``django.contrib.auth.forms.UsernameField`` was ++subject to a potential denial of service attack via certain inputs with a very ++large number of Unicode characters. ++ ++In order to avoid the vulnerability, invalid values longer than ++``UsernameField.max_length`` are no longer normalized, since they cannot pass ++validation anyway. +diff --git a/tests/auth_tests/test_forms.py b/tests/auth_tests/test_forms.py +index bed23af..e73d4b8 100644 +--- a/tests/auth_tests/test_forms.py ++++ b/tests/auth_tests/test_forms.py +@@ -6,7 +6,7 @@ from django import forms + from django.contrib.auth.forms import ( + AdminPasswordChangeForm, AuthenticationForm, PasswordChangeForm, + PasswordResetForm, ReadOnlyPasswordHashField, ReadOnlyPasswordHashWidget, +- SetPasswordForm, UserChangeForm, UserCreationForm, ++ SetPasswordForm, UserChangeForm, UserCreationForm, UsernameField, + ) + from django.contrib.auth.models import User + from django.contrib.auth.signals import user_login_failed +@@ -132,6 +132,12 @@ class UserCreationFormTest(TestDataMixin, TestCase): + self.assertNotEqual(user.username, ohm_username) + self.assertEqual(user.username, 'testΩ') # U+03A9 GREEK CAPITAL LETTER OMEGA + ++ def test_invalid_username_no_normalize(self): ++ field = UsernameField(max_length=254) ++ # Usernames are not normalized if they are too long. ++ self.assertEqual(field.to_python("½" * 255), "½" * 255) ++ self.assertEqual(field.to_python("ff" * 254), "ff" * 254) ++ + def test_duplicate_normalized_unicode(self): + """ + To prevent almost identical usernames, visually identical but differing +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb index c35323f4557..8c955e6bd86 100644 --- a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb +++ b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb @@ -8,6 +8,8 @@ inherit setuptools3 SRC_URI += "file://CVE-2023-31047.patch \ file://CVE-2023-36053.patch \ file://CVE-2023-41164.patch \ + file://CVE-2023-43665.patch \ + file://CVE-2023-46695.patch \ " SRC_URI[sha256sum] = "0200b657afbf1bc08003845ddda053c7641b9b24951e52acd51f6abda33a7413" From 5ddcdc8b0df1bdd1165c2c892f4f48deb710177b Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Thu, 30 Nov 2023 12:23:38 +0000 Subject: [PATCH 527/600] python3-django: upgrade 3.2.21 -> 3.2.23 The delta between 3.2.21 and 3.2.23 contains the fixes for CVE-2023-43665, CVE-2023-46695 and other bugfixes. git log --oneline 3.2.21..3.2.23 shows: 60e648a7ae (tag: 3.2.23) [3.2.x] Bumped version for 3.2.23 release. f9a7fb8466 [3.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows. e6d2591d9e [3.2.x] Added stub release notes for 3.2.23. 3c04b74293 [3.2.x] Added CVE-2023-43665 to security archive. 86a14d653f [3.2.x] Post release version bump. 3106e94e52 (tag: 3.2.22) [3.2.x] Bumped version for 3.2.22 release. ccdade1a02 [3.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 6caf7b313d [3.2.x] Added stub release notes for 3.2.22. 9e814c3a5e [3.2.x] Added CVE-2023-41164 to security archive. 4b439dcd05 [3.2.x] Post-release version bump. Release Notes: https://docs.djangoproject.com/en/dev/releases/3.2.23/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-django_3.2.21.bb => python3-django_3.2.23.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-django_3.2.21.bb => python3-django_3.2.23.bb} (61%) diff --git a/meta-python/recipes-devtools/python/python3-django_3.2.21.bb b/meta-python/recipes-devtools/python/python3-django_3.2.23.bb similarity index 61% rename from meta-python/recipes-devtools/python/python3-django_3.2.21.bb rename to meta-python/recipes-devtools/python/python3-django_3.2.23.bb index 1148669860c..beecaa607c3 100644 --- a/meta-python/recipes-devtools/python/python3-django_3.2.21.bb +++ b/meta-python/recipes-devtools/python/python3-django_3.2.23.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "a5de4c484e7b7418e6d3e52a5b8794f0e6b9f9e4ce3c037018cf1c489fa87f3c" +SRC_URI[sha256sum] = "82968f3640e29ef4a773af2c28448f5f7a08d001c6ac05b32d02aeee6509508b" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ @@ -9,5 +9,5 @@ RDEPENDS:${PN} += "\ # Set DEFAULT_PREFERENCE so that the LTS version of django is built by # default. To build the 3.x branch, -# PREFERRED_VERSION_python3-django = "3.2.21" can be added to local.conf +# PREFERRED_VERSION_python3-django = "3.2.23" can be added to local.conf DEFAULT_PREFERENCE = "-1" From 24ca8738a87c72810351b9394eceb68512d13729 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Thu, 30 Nov 2023 12:23:39 +0000 Subject: [PATCH 528/600] python3-django: upgrade 4.2.5 -> 4.2.7 The delta between 4.2.5 and 4.2.7 contains the fixes for CVE-2023-43665, CVE-2023-46695 and other bugfixes. git log --oneline 4.2.5..4.2.7 shows: d254a54e7f (tag: 4.2.7) [4.2.x] Bumped version for 4.2.7 release. 048a9ebb6e [4.2.x] Fixed CVE-2023-46695 -- Fixed potential DoS in UsernameField on Windows. 3fae5d92da [4.2.x] Refs #30601 -- Fixed typos in docs/topics/db/transactions.txt. a8aa94062b [4.2.x] Refs #15578 -- Made cosmetic edits to fixtures docs. 109f39a38b [4.2.x] Fixed #34932 -- Restored varchar_pattern_ops/text_pattern_ops index creation when deterministic collaction is set. 61612990d8 [4.2.x] Fixed typos in docs/ref/models/expressions.txt. 696fbc32d6 [4.2.x] Fixed #30601 -- Doc'd the need to manually revert all app state on transaction rollbacks. ffba63180c [4.2.x] Fixed typo in docs/ref/contrib/gis/geos.txt. 43a3646070 [4.2.x] Fixed #15578 -- Stated the processing order of fixtures in the fixtures docs. 0cd8b867a0 [4.2.x] Added stub release notes and release date for 4.2.7, 4.1.13, and 3.2.23. 510a512119 [4.2.x] Fixed typo in docs/releases/4.2.txt. b644f8bc1f [4.2.x] Corrected note about using accents in writing documentation contributing guide. a576ef98ae [4.2.x] Refs #34900, Refs #34118 -- Updated assertion in test_skip_class_unless_db_feature() test on Python 3.12.1+. 803caec60b [4.2.x] Fixed #34798 -- Fixed QuerySet.aggregate() crash when referencing expressions containing subqueries. caec4f4a6f [4.2.x] Refs #34840 -- Improved release note describing index regression. b6bb2f8099 [4.2.x] Refs #34840 -- Fixed test_validate_nullable_textfield_with_isnull_true() on databases that don's support table check constraints. e8fe48d3a0 [4.2.x] Fixed #34808 -- Doc'd aggregate function's default argument. 830990fa6c [4.2.x] Reorganized tutorial's part 4 to better understand changes needed in URLConf. 0cbc92bc3a [4.2.x] Refs #26029 -- Improved get_storage_class() deprecation warning with stacklevel=2. 9c7627da30 [4.2.x] Refs #34043 -- Clarified how to test UI changes. 0bd53ab86a [4.2.x] Added backticks to setuptools in docs. 99dcba90b4 [4.2.x] Refs #32275 -- Added scrypt password hasher to PASSWORD_HASHERS setting docs. 6697880219 [4.2.x] Refs #31435 -- Doc'd potential infinite recursion when accessing model fields in __init__. a9a3317a95 [4.2.x] Corrected wrap_socket() reference in docs/ref/settings.txt. 9962f94a97 [4.2.x] Added CVE-2023-43665 to security archive. b2d95bb301 [4.2.x] Added stub release notes for 4.2.7. 08d54f83a9 [4.2.x] Post release version bump. c22017bd1d (tag: 4.2.6) [4.2.x] Bumped version for 4.2.6 release. be9c27c4d1 [4.2.x] Fixed CVE-2023-43665 -- Mitigated potential DoS in django.utils.text.Truncator when truncating HTML text. 39fc3f46a8 [4.2.x] Added stub release notes and release date for 4.2.6, 4.1.12, and 3.2.22. dd0bf63d3e [4.2.x] Added warning about flatpages and untrusted users. fec4ed0a25 [4.2.x] Refs #34320 -- Skipped SchemaTests.test_rename_field_with_check_to_truncated_name on MariaBD 10.5.2+. a148461f1f [4.2.x] Fixed #34840 -- Avoided casting string base fields on PostgreSQL. b08f53ff46 [4.2.x] Refs #34808 -- Doc'd that aggregation functions on empty groups can return None. c70f08c4aa [4.2.x] Added updating the Django release process on Trac to release steps. d485aa2732 [4.2.x] Fixed typo in docs/howto/custom-file-storage.txt. ff26e6ad84 [4.2.x] Corrected QuerySet.prefetch_related() note about GenericRelation(). 866122690d [4.2.x] Doc'd HttpResponse.cookies. 97e8a2afb1 [4.2.x] Fixed #34821 -- Prevented DEFAULT_FILE_STORAGE/STATICFILES_STORAGE settings from mutating the main STORAGES. 39cb3b08bc [4.2.x] Bumped checkout version in Github actions configuration. 592ebd8920 [4.2.x] Added stub release notes for 4.2.6. a1dd785139 [4.2.x] Added CVE-2023-41164 to security archive. a9686cb871 [4.2.x] Post-release version bump. Release Notes: https://docs.djangoproject.com/en/dev/releases/4.2.7/ Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-django_4.2.5.bb => python3-django_4.2.7.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-python/recipes-devtools/python/{python3-django_4.2.5.bb => python3-django_4.2.7.bb} (61%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.5.bb b/meta-python/recipes-devtools/python/python3-django_4.2.7.bb similarity index 61% rename from meta-python/recipes-devtools/python/python3-django_4.2.5.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.7.bb index 7b81d427c42..580592d7023 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.5.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.7.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "5e5c1c9548ffb7796b4a8a4782e9a2e5a3df3615259fc1bfd3ebc73b646146c1" +SRC_URI[sha256sum] = "8e0f1c2c2786b5c0e39fe1afce24c926040fad47c8ea8ad30aaf1188df29fc41" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ @@ -9,5 +9,5 @@ RDEPENDS:${PN} += "\ # Set DEFAULT_PREFERENCE so that the LTS version of django is built by # default. To build the 4.x branch, -# PREFERRED_VERSION_python3-django = "4.2.5" can be added to local.conf +# PREFERRED_VERSION_python3-django = "4.2.7" can be added to local.conf DEFAULT_PREFERENCE = "-1" From b1e99bedbf03ea45309c5d15caccf6c3cbb6d523 Mon Sep 17 00:00:00 2001 From: Rob Woolley Date: Fri, 1 Dec 2023 19:09:49 -0800 Subject: [PATCH 529/600] sip3: Add sipconfig.py Add the destdir option to ensure that sipconfig.py gets installed to the site-packages directory and included in python3-sip3. Remove references to the build paths from sipconfig.py as part of the install stage. One may then prepend STAGING_DIR_NATIVE to sip_bin and STAGING_DIR_TARGET to *_dir in any recipe that uses sipconfig.py. Signed-off-by: Rob Woolley Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/sip/sip3_4.19.23.bb | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb b/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb index d6335585e2f..064ab0a0c7a 100644 --- a/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb +++ b/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb @@ -29,11 +29,28 @@ do_configure:prepend() { echo "sip_inc_dir = ${D}/${includedir}" >> sip.cfg echo "sip_module_dir = ${D}/${libdir}/python%(py_major).%(py_minor)/site-packages" >> sip.cfg echo "sip_sip_dir = ${D}/${datadir}/sip" >> sip.cfg - ${PYTHON} configure.py --configuration sip.cfg --sip-module PyQt5.sip --sysroot ${CONFIGURE_SYSROOT} CC="${CC}" CXX="${CXX}" LINK="${CXX}" STRIP="" LINK_SHLIB="${CXX}" CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" LFLAGS="${LDFLAGS}" + ${PYTHON} configure.py --configuration sip.cfg --destdir /${D}${libdir}/${PYTHON_DIR}/site-packages/ --sip-module PyQt5.sip --sysroot ${CONFIGURE_SYSROOT} CC="${CC}" CXX="${CXX}" LINK="${CXX}" STRIP="" LINK_SHLIB="${CXX}" CFLAGS="${CFLAGS}" CXXFLAGS="${CXXFLAGS}" LFLAGS="${LDFLAGS}" } do_install() { oe_runmake install + + sed -i \ + -e "s@[^ ]*-fdebug-prefix-map=[^ ']*@@g" \ + -e "s@[^ ]*-fmacro-prefix-map=[^ ']*@@g" \ + -e "s@[^ ]*-ffile-prefix-map=[^ ']*@@g" \ + ${D}${libdir}/${PYTHON_DIR}/site-packages/sipconfig.py + + # Remove the destination directory + sed -i -e "s@${D}/@@g" ${D}${libdir}/${PYTHON_DIR}/site-packages/sipconfig.py + + if [ -n "${STAGING_DIR_NATIVE}" ]; then + sed -i -e "s@${STAGING_DIR_NATIVE}@@g" ${D}${libdir}/${PYTHON_DIR}/site-packages/sipconfig.py + fi + + if [ -n "${STAGING_DIR_TARGET}" ]; then + sed -i -e "s@${STAGING_DIR_TARGET}@@g" ${D}${libdir}/${PYTHON_DIR}/site-packages/sipconfig.py + fi } FILES:python3-sip3 = "${libdir}/${PYTHON_DIR}/site-packages/" From 1cd6f3e074ce019080ea3bdd39e0b62ca0e50b07 Mon Sep 17 00:00:00 2001 From: Rob Woolley Date: Fri, 1 Dec 2023 19:09:50 -0800 Subject: [PATCH 530/600] sip3: Add py_ssize_t_clean argument An unintentional breakage was made upstream in sip4 which results in builds reporting: QtCoremod.sip:23: syntax error This was reported in Debian, but not resolved: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=998605 A backport of a fix from the upstream project fixes the parser to prevent it from complaining about the syntax error. Signed-off-by: Rob Woolley Signed-off-by: Armin Kuster --- ...ean-argument-to-the-module-directive.patch | 17679 ++++++++++++++++ meta-oe/recipes-devtools/sip/sip3_4.19.23.bb | 2 + 2 files changed, 17681 insertions(+) create mode 100644 meta-oe/recipes-devtools/sip/sip3/added-the-py_ssize_t_clean-argument-to-the-module-directive.patch diff --git a/meta-oe/recipes-devtools/sip/sip3/added-the-py_ssize_t_clean-argument-to-the-module-directive.patch b/meta-oe/recipes-devtools/sip/sip3/added-the-py_ssize_t_clean-argument-to-the-module-directive.patch new file mode 100644 index 00000000000..d7ed0770b21 --- /dev/null +++ b/meta-oe/recipes-devtools/sip/sip3/added-the-py_ssize_t_clean-argument-to-the-module-directive.patch @@ -0,0 +1,17679 @@ +Added the 'py_ssize_t_clean' argument to '%Module' directive + +This is based on an upstream changeset to SIP. It was backported to +sip-4.19.23 and the parser was regenerated with the following +commands: + + cd sipgen/metasrc + flex -o../lexer.c lexer.l + bison -y -d -o ../parser.c parser.y + +Signed-off-by: Rob Woolley + +# HG changeset patch +# User Phil Thompson +# Date 1635086052 -3600 +# Node ID 5d67349bb5a9954590a896ab35da93b2237b99c2 +# Parent d837f2a3147fc5eb364f1c54798b668da1a83333 +Added the 'py_ssize_t_clean' argument to the '%Module' directive. + +Index: sip-4.19.23/sipgen/gencode.c +=================================================================== +--- sip-4.19.23.orig/sipgen/gencode.c ++++ sip-4.19.23/sipgen/gencode.c +@@ -1138,6 +1138,12 @@ static void generateCompositeCpp(sipSpec + + declareLimitedAPI(py_debug, NULL, fp); + ++ if (isPY_SSIZE_T_CLEAN(mod)) ++ prcode(fp, ++"\n" ++"#define PY_SSIZE_T_CLEAN\n" ++ ); ++ + prcode(fp, + "\n" + "#include \n" +Index: sip-4.19.23/sipgen/metasrc/lexer.l +=================================================================== +--- sip-4.19.23.orig/sipgen/metasrc/lexer.l ++++ sip-4.19.23/sipgen/metasrc/lexer.l +@@ -155,6 +155,7 @@ SIP_RXOBJ_DIS {return TK_S + SIP_SLOT_CON {return TK_SIPSLOTCON;} + SIP_SLOT_DIS {return TK_SIPSLOTDIS;} + SIP_SSIZE_T {return TK_SIPSSIZET;} ++Py_ssize_t {return TK_SIPSSIZET;} + SIP_QOBJECT {return TK_QOBJECT;} + \.\.\. {return TK_ELLIPSIS;} + +@@ -173,6 +174,7 @@ SIP_QOBJECT {return TK_Q + timestamp {return TK_TIMESTAMP;} + type {return TK_TYPE;} + use_argument_names {return TK_USEARGNAMES;} ++py_ssize_t_clean {return TK_PYSSIZETCLEAN;} + use_limited_api {return TK_USELIMITEDAPI;} + all_raise_py_exception {return TK_ALLRAISEPYEXC;} + call_super_init {return TK_CALLSUPERINIT;} +Index: sip-4.19.23/sipgen/metasrc/parser.y +=================================================================== +--- sip-4.19.23.orig/sipgen/metasrc/parser.y ++++ sip-4.19.23/sipgen/metasrc/parser.y +@@ -182,9 +182,9 @@ static void addProperty(sipSpec *pt, mod + docstringDef *docstring); + static moduleDef *configureModule(sipSpec *pt, moduleDef *module, + const char *filename, const char *name, int c_module, KwArgs kwargs, +- int use_arg_names, int use_limited_api, int call_super_init, +- int all_raise_py_exc, const char *def_error_handler, +- docstringDef *docstring); ++ int use_arg_names, int py_ssize_t_clean, int use_limited_api, ++ int call_super_init, int all_raise_py_exc, ++ const char *def_error_handler, docstringDef *docstring); + static void addAutoPyName(moduleDef *mod, const char *remove_leading); + static KwArgs convertKwArgs(const char *kwargs); + static void checkAnnos(optFlags *annos, const char *valid[]); +@@ -389,6 +389,7 @@ static scopedNameDef *fullyQualifiedName + %token TK_TIMESTAMP + %token TK_TYPE + %token TK_USEARGNAMES ++%token TK_PYSSIZETCLEAN + %token TK_USELIMITEDAPI + %token TK_ALLRAISEPYEXC + %token TK_CALLSUPERINIT +@@ -1908,9 +1909,10 @@ module: TK_MODULE module_args module_bod + if (notSkipping()) + currentModule = configureModule(currentSpec, currentModule, + currentContext.filename, $2.name, $2.c_module, +- $2.kwargs, $2.use_arg_names, $2.use_limited_api, +- $2.call_super_init, $2.all_raise_py_exc, +- $2.def_error_handler, $3.docstring); ++ $2.kwargs, $2.use_arg_names, $2.py_ssize_t_clean, ++ $2.use_limited_api, $2.call_super_init, ++ $2.all_raise_py_exc, $2.def_error_handler, ++ $3.docstring); + } + | TK_CMODULE dottedname optnumber { + deprecated("%CModule is deprecated, use %Module and the 'language' argument instead"); +@@ -1918,7 +1920,7 @@ module: TK_MODULE module_args module_bod + if (notSkipping()) + currentModule = configureModule(currentSpec, currentModule, + currentContext.filename, $2, TRUE, defaultKwArgs, +- FALSE, FALSE, -1, FALSE, NULL, NULL); ++ FALSE, FALSE, FALSE, -1, FALSE, NULL, NULL); + } + ; + +@@ -1930,6 +1932,7 @@ module_args: dottedname {resetLexerSt + $$.kwargs = defaultKwArgs; + $$.name = $1; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -1950,6 +1953,7 @@ module_arg_list: module_arg + case TK_LANGUAGE: $$.c_module = $3.c_module; break; + case TK_NAME: $$.name = $3.name; break; + case TK_USEARGNAMES: $$.use_arg_names = $3.use_arg_names; break; ++ case TK_PYSSIZETCLEAN: $$.py_ssize_t_clean = $3.py_ssize_t_clean; break; + case TK_USELIMITEDAPI: $$.use_limited_api = $3.use_limited_api; break; + case TK_ALLRAISEPYEXC: $$.all_raise_py_exc = $3.all_raise_py_exc; break; + case TK_CALLSUPERINIT: $$.call_super_init = $3.call_super_init; break; +@@ -1965,6 +1969,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = convertKwArgs($3); + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -1983,6 +1988,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -1995,6 +2001,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = $3; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -2007,6 +2014,20 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = $3; ++ $$.py_ssize_t_clean = FALSE; ++ $$.use_limited_api = FALSE; ++ $$.all_raise_py_exc = FALSE; ++ $$.call_super_init = -1; ++ $$.def_error_handler = NULL; ++ } ++ | TK_PYSSIZETCLEAN '=' bool_value { ++ $$.token = TK_PYSSIZETCLEAN; ++ ++ $$.c_module = FALSE; ++ $$.kwargs = defaultKwArgs; ++ $$.name = NULL; ++ $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = $3; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -2019,6 +2040,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = $3; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -2031,6 +2053,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = $3; + $$.call_super_init = -1; +@@ -2043,6 +2066,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = $3; +@@ -2055,6 +2079,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -2072,6 +2097,7 @@ module_arg: TK_KWARGS '=' TK_STRING_VALU + $$.kwargs = defaultKwArgs; + $$.name = NULL; + $$.use_arg_names = FALSE; ++ $$.py_ssize_t_clean = FALSE; + $$.use_limited_api = FALSE; + $$.all_raise_py_exc = FALSE; + $$.call_super_init = -1; +@@ -9513,9 +9539,9 @@ static void addProperty(sipSpec *pt, mod + */ + static moduleDef *configureModule(sipSpec *pt, moduleDef *module, + const char *filename, const char *name, int c_module, KwArgs kwargs, +- int use_arg_names, int use_limited_api, int call_super_init, +- int all_raise_py_exc, const char *def_error_handler, +- docstringDef *docstring) ++ int use_arg_names, int py_ssize_t_clean, int use_limited_api, ++ int call_super_init, int all_raise_py_exc, ++ const char *def_error_handler, docstringDef *docstring) + { + moduleDef *mod; + +@@ -9549,6 +9575,9 @@ static moduleDef *configureModule(sipSpe + if (use_arg_names) + setUseArgNames(module); + ++ if (py_ssize_t_clean) ++ setPY_SSIZE_T_CLEAN(module); ++ + if (use_limited_api) + setUseLimitedAPI(module); + +Index: sip-4.19.23/sipgen/sip.h +=================================================================== +--- sip-4.19.23.orig/sipgen/sip.h ++++ sip-4.19.23/sipgen/sip.h +@@ -93,6 +93,7 @@ + #define MOD_SUPER_INIT_UNDEF 0x0000 /* Calling super().__init__() is undefined. */ + #define MOD_SUPER_INIT_MASK 0x0180 /* The mask for the above flags. */ + #define MOD_SETTING_IMPORTS 0x0200 /* Imports are being set. */ ++#define MOD_PY_SSIZE_T_CLEAN 0x0400 /* #define PY_SSIZE_T_CLEAN. */ + + #define hasDelayedDtors(m) ((m)->modflags & MOD_HAS_DELAYED_DTORS) + #define setHasDelayedDtors(m) ((m)->modflags |= MOD_HAS_DELAYED_DTORS) +@@ -116,6 +117,8 @@ + #define settingImports(m) ((m)->modflags & MOD_SETTING_IMPORTS) + #define setSettingImports(m) ((m)->modflags |= MOD_SETTING_IMPORTS) + #define resetSettingImports(m) ((m)->modflags &= ~MOD_SETTING_IMPORTS) ++#define setPY_SSIZE_T_CLEAN(m) ((m)->modflags |= MOD_PY_SSIZE_T_CLEAN) ++#define isPY_SSIZE_T_CLEAN(m) ((m)->modflags & MOD_PY_SSIZE_T_CLEAN) + + + /* Handle section flags. */ +@@ -1630,6 +1633,7 @@ typedef struct _moduleCfg { + KwArgs kwargs; + const char *name; + int use_arg_names; ++ int py_ssize_t_clean; + int use_limited_api; + int all_raise_py_exc; + int call_super_init; +Index: sip-4.19.23/sphinx/directives.rst +=================================================================== +--- sip-4.19.23.orig/sphinx/directives.rst ++++ sip-4.19.23/sphinx/directives.rst +@@ -1966,6 +1966,7 @@ then the pattern should instead be:: + [, default_VirtualErrorHandler = *name*] + [, keyword_arguments = ["None" | "All" | "Optional"]] + [, language = *string*] ++ [, py_ssize_t_clean = [True | False]] + [, use_argument_names = [True | False]] + [, use_limited_api = [True | False]] + [, version = *integer*]) +@@ -2004,6 +2005,9 @@ implied by the (deprecated) :option:`-k + ``language`` specifies the implementation language of the library being + wrapped. Its value is either ``"C++"`` (the default) or ``"C"``. + ++``py_ssize_t_clean`` specifies that the generated code should include ``#define ++PY_SSIZE_T_CLEAN`` before any ``#include ``. ++ + When providing handwritten code as part of either the :directive:`%MethodCode` + or :directive:`%VirtualCatcherCode` directives the names of the arguments of + the function or method are based on the number of the argument, i.e. the first +Index: sip-4.19.23/sipgen/lexer.c +=================================================================== +--- sip-4.19.23.orig/sipgen/lexer.c ++++ sip-4.19.23/sipgen/lexer.c +@@ -1,6 +1,6 @@ +-#line 2 "sip-4.19.23/sipgen/lexer.c" ++#line 2 "../lexer.c" + +-#line 4 "sip-4.19.23/sipgen/lexer.c" ++#line 4 "../lexer.c" + + #define YY_INT_ALIGNED short int + +@@ -8,8 +8,8 @@ + + #define FLEX_SCANNER + #define YY_FLEX_MAJOR_VERSION 2 +-#define YY_FLEX_MINOR_VERSION 5 +-#define YY_FLEX_SUBMINOR_VERSION 35 ++#define YY_FLEX_MINOR_VERSION 6 ++#define YY_FLEX_SUBMINOR_VERSION 4 + #if YY_FLEX_SUBMINOR_VERSION > 0 + #define FLEX_BETA + #endif +@@ -47,7 +47,6 @@ typedef int16_t flex_int16_t; + typedef uint16_t flex_uint16_t; + typedef int32_t flex_int32_t; + typedef uint32_t flex_uint32_t; +-typedef uint64_t flex_uint64_t; + #else + typedef signed char flex_int8_t; + typedef short int flex_int16_t; +@@ -55,7 +54,6 @@ typedef int flex_int32_t; + typedef unsigned char flex_uint8_t; + typedef unsigned short int flex_uint16_t; + typedef unsigned int flex_uint32_t; +-#endif /* ! C99 */ + + /* Limits of integral types. */ + #ifndef INT8_MIN +@@ -86,63 +84,61 @@ typedef unsigned int flex_uint32_t; + #define UINT32_MAX (4294967295U) + #endif + +-#endif /* ! FLEXINT_H */ +- +-#ifdef __cplusplus +- +-/* The "const" storage-class-modifier is valid. */ +-#define YY_USE_CONST +- +-#else /* ! __cplusplus */ ++#ifndef SIZE_MAX ++#define SIZE_MAX (~(size_t)0) ++#endif + +-/* C99 requires __STDC__ to be defined as 1. */ +-#if defined (__STDC__) ++#endif /* ! C99 */ + +-#define YY_USE_CONST ++#endif /* ! FLEXINT_H */ + +-#endif /* defined (__STDC__) */ +-#endif /* ! __cplusplus */ ++/* begin standard C++ headers. */ + +-#ifdef YY_USE_CONST ++/* TODO: this is always defined, so inline it */ + #define yyconst const ++ ++#if defined(__GNUC__) && __GNUC__ >= 3 ++#define yynoreturn __attribute__((__noreturn__)) + #else +-#define yyconst ++#define yynoreturn + #endif + + /* Returned upon end-of-file. */ + #define YY_NULL 0 + +-/* Promotes a possibly negative, possibly signed char to an unsigned +- * integer for use as an array index. If the signed char is negative, +- * we want to instead treat it as an 8-bit unsigned char, hence the +- * double cast. ++/* Promotes a possibly negative, possibly signed char to an ++ * integer in range [0..255] for use as an array index. + */ +-#define YY_SC_TO_UI(c) ((unsigned int) (unsigned char) c) ++#define YY_SC_TO_UI(c) ((YY_CHAR) (c)) + + /* Enter a start condition. This macro really ought to take a parameter, + * but we do it the disgusting crufty way forced on us by the ()-less + * definition of BEGIN. + */ + #define BEGIN (yy_start) = 1 + 2 * +- + /* Translate the current start state into a value that can be later handed + * to BEGIN to return to the state. The YYSTATE alias is for lex + * compatibility. + */ + #define YY_START (((yy_start) - 1) / 2) + #define YYSTATE YY_START +- + /* Action number for EOF rule of a given start state. */ + #define YY_STATE_EOF(state) (YY_END_OF_BUFFER + state + 1) +- + /* Special action meaning "start processing a new file". */ +-#define YY_NEW_FILE yyrestart(yyin ) +- ++#define YY_NEW_FILE yyrestart( yyin ) + #define YY_END_OF_BUFFER_CHAR 0 + + /* Size of default input buffer. */ + #ifndef YY_BUF_SIZE ++#ifdef __ia64__ ++/* On IA-64, the buffer size is 16k, not 8k. ++ * Moreover, YY_BUF_SIZE is 2*YY_READ_BUF_SIZE in the general case. ++ * Ditto for the __ia64__ case accordingly. ++ */ ++#define YY_BUF_SIZE 32768 ++#else + #define YY_BUF_SIZE 16384 ++#endif /* __ia64__ */ + #endif + + /* The state buf must be large enough to hold one state per character in the main buffer. +@@ -159,15 +155,16 @@ typedef struct yy_buffer_state *YY_BUFFE + typedef size_t yy_size_t; + #endif + +-extern yy_size_t yyleng; ++extern int yyleng; + + extern FILE *yyin, *yyout; + + #define EOB_ACT_CONTINUE_SCAN 0 + #define EOB_ACT_END_OF_FILE 1 + #define EOB_ACT_LAST_MATCH 2 +- ++ + #define YY_LESS_LINENO(n) ++ #define YY_LINENO_REWIND_TO(ptr) + + /* Return all but the first "n" matched characters back to the input stream. */ + #define yyless(n) \ +@@ -182,7 +179,6 @@ extern FILE *yyin, *yyout; + YY_DO_BEFORE_ACTION; /* set up yytext again */ \ + } \ + while ( 0 ) +- + #define unput(c) yyunput( c, (yytext_ptr) ) + + #ifndef YY_STRUCT_YY_BUFFER_STATE +@@ -197,12 +193,12 @@ struct yy_buffer_state + /* Size of input buffer in bytes, not including room for EOB + * characters. + */ +- yy_size_t yy_buf_size; ++ int yy_buf_size; + + /* Number of characters read into yy_ch_buf, not including EOB + * characters. + */ +- yy_size_t yy_n_chars; ++ int yy_n_chars; + + /* Whether we "own" the buffer - i.e., we know we created it, + * and can realloc() it to grow it, and should free() it to +@@ -225,7 +221,7 @@ struct yy_buffer_state + + int yy_bs_lineno; /**< The line count. */ + int yy_bs_column; /**< The column count. */ +- ++ + /* Whether to try to fill the input buffer when we reach the + * end of it. + */ +@@ -253,7 +249,7 @@ struct yy_buffer_state + /* Stack of input buffers. */ + static size_t yy_buffer_stack_top = 0; /**< index of top of stack. */ + static size_t yy_buffer_stack_max = 0; /**< capacity of stack. */ +-static YY_BUFFER_STATE * yy_buffer_stack = 0; /**< Stack as an array. */ ++static YY_BUFFER_STATE * yy_buffer_stack = NULL; /**< Stack as an array. */ + + /* We provide macros for accessing buffer states in case in the + * future we want to put the buffer states in a more general +@@ -264,7 +260,6 @@ static YY_BUFFER_STATE * yy_buffer_stack + #define YY_CURRENT_BUFFER ( (yy_buffer_stack) \ + ? (yy_buffer_stack)[(yy_buffer_stack_top)] \ + : NULL) +- + /* Same as previous macro, but useful when we know that the buffer stack is not + * NULL or when we need an lvalue. For internal use only. + */ +@@ -272,11 +267,11 @@ static YY_BUFFER_STATE * yy_buffer_stack + + /* yy_hold_char holds the character lost when yytext is formed. */ + static char yy_hold_char; +-static yy_size_t yy_n_chars; /* number of characters read into yy_ch_buf */ +-yy_size_t yyleng; ++static int yy_n_chars; /* number of characters read into yy_ch_buf */ ++int yyleng; + + /* Points to current character in buffer. */ +-static char *yy_c_buf_p = (char *) 0; ++static char *yy_c_buf_p = NULL; + static int yy_init = 0; /* whether we need to initialize */ + static int yy_start = 0; /* start state number */ + +@@ -285,84 +280,80 @@ static int yy_start = 0; /* start state + */ + static int yy_did_buffer_switch_on_eof; + +-void yyrestart (FILE *input_file ); +-void yy_switch_to_buffer (YY_BUFFER_STATE new_buffer ); +-YY_BUFFER_STATE yy_create_buffer (FILE *file,int size ); +-void yy_delete_buffer (YY_BUFFER_STATE b ); +-void yy_flush_buffer (YY_BUFFER_STATE b ); +-void yypush_buffer_state (YY_BUFFER_STATE new_buffer ); +-void yypop_buffer_state (void ); +- +-static void yyensure_buffer_stack (void ); +-static void yy_load_buffer_state (void ); +-static void yy_init_buffer (YY_BUFFER_STATE b,FILE *file ); +- +-#define YY_FLUSH_BUFFER yy_flush_buffer(YY_CURRENT_BUFFER ) +- +-YY_BUFFER_STATE yy_scan_buffer (char *base,yy_size_t size ); +-YY_BUFFER_STATE yy_scan_string (yyconst char *yy_str ); +-YY_BUFFER_STATE yy_scan_bytes (yyconst char *bytes,yy_size_t len ); +- +-void *yyalloc (yy_size_t ); +-void *yyrealloc (void *,yy_size_t ); +-void yyfree (void * ); ++void yyrestart ( FILE *input_file ); ++void yy_switch_to_buffer ( YY_BUFFER_STATE new_buffer ); ++YY_BUFFER_STATE yy_create_buffer ( FILE *file, int size ); ++void yy_delete_buffer ( YY_BUFFER_STATE b ); ++void yy_flush_buffer ( YY_BUFFER_STATE b ); ++void yypush_buffer_state ( YY_BUFFER_STATE new_buffer ); ++void yypop_buffer_state ( void ); ++ ++static void yyensure_buffer_stack ( void ); ++static void yy_load_buffer_state ( void ); ++static void yy_init_buffer ( YY_BUFFER_STATE b, FILE *file ); ++#define YY_FLUSH_BUFFER yy_flush_buffer( YY_CURRENT_BUFFER ) ++ ++YY_BUFFER_STATE yy_scan_buffer ( char *base, yy_size_t size ); ++YY_BUFFER_STATE yy_scan_string ( const char *yy_str ); ++YY_BUFFER_STATE yy_scan_bytes ( const char *bytes, int len ); ++ ++void *yyalloc ( yy_size_t ); ++void *yyrealloc ( void *, yy_size_t ); ++void yyfree ( void * ); + + #define yy_new_buffer yy_create_buffer +- + #define yy_set_interactive(is_interactive) \ + { \ + if ( ! YY_CURRENT_BUFFER ){ \ + yyensure_buffer_stack (); \ + YY_CURRENT_BUFFER_LVALUE = \ +- yy_create_buffer(yyin,YY_BUF_SIZE ); \ ++ yy_create_buffer( yyin, YY_BUF_SIZE ); \ + } \ + YY_CURRENT_BUFFER_LVALUE->yy_is_interactive = is_interactive; \ + } +- + #define yy_set_bol(at_bol) \ + { \ + if ( ! YY_CURRENT_BUFFER ){\ + yyensure_buffer_stack (); \ + YY_CURRENT_BUFFER_LVALUE = \ +- yy_create_buffer(yyin,YY_BUF_SIZE ); \ ++ yy_create_buffer( yyin, YY_BUF_SIZE ); \ + } \ + YY_CURRENT_BUFFER_LVALUE->yy_at_bol = at_bol; \ + } +- + #define YY_AT_BOL() (YY_CURRENT_BUFFER_LVALUE->yy_at_bol) + + /* Begin user sect3 */ ++typedef flex_uint8_t YY_CHAR; + +-typedef unsigned char YY_CHAR; +- +-FILE *yyin = (FILE *) 0, *yyout = (FILE *) 0; ++FILE *yyin = NULL, *yyout = NULL; + + typedef int yy_state_type; + + extern int yylineno; +- + int yylineno = 1; + + extern char *yytext; ++#ifdef yytext_ptr ++#undef yytext_ptr ++#endif + #define yytext_ptr yytext + +-static yy_state_type yy_get_previous_state (void ); +-static yy_state_type yy_try_NUL_trans (yy_state_type current_state ); +-static int yy_get_next_buffer (void ); +-static void yy_fatal_error (yyconst char msg[] ); ++static yy_state_type yy_get_previous_state ( void ); ++static yy_state_type yy_try_NUL_trans ( yy_state_type current_state ); ++static int yy_get_next_buffer ( void ); ++static void yynoreturn yy_fatal_error ( const char* msg ); + + /* Done after the current pattern has been matched and before the + * corresponding action - sets up yytext. + */ + #define YY_DO_BEFORE_ACTION \ + (yytext_ptr) = yy_bp; \ +- yyleng = (yy_size_t) (yy_cp - yy_bp); \ ++ yyleng = (int) (yy_cp - yy_bp); \ + (yy_hold_char) = *yy_cp; \ + *yy_cp = '\0'; \ + (yy_c_buf_p) = yy_cp; +- +-#define YY_NUM_RULES 168 +-#define YY_END_OF_BUFFER 169 ++#define YY_NUM_RULES 170 ++#define YY_END_OF_BUFFER 171 + /* This struct is not used in this scanner, + but its presence is necessary. */ + struct yy_trans_info +@@ -370,147 +361,149 @@ struct yy_trans_info + flex_int32_t yy_verify; + flex_int32_t yy_nxt; + }; +-static yyconst flex_int16_t yy_accept[1235] = ++static const flex_int16_t yy_accept[1261] = + { 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 169, 167, 106, 109, 167, 167, 167, 167, 167, 111, +- 111, 167, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 167, 106, 167, 166, 165, 166, 166, 121, 119, +- 121, 108, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 106, +- 167, 107, 106, 167, 0, 116, 0, 0, 117, 0, +- 111, 0, 115, 112, 115, 118, 110, 112, 0, 112, +- 111, 0, 64, 114, 114, 114, 114, 114, 114, 114, +- +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 65, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 120, +- 114, 114, 114, 114, 114, 114, 114, 86, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 0, 0, 0, 0, 0, 0, 112, 83, 115, +- 112, 110, 112, 0, 112, 113, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 42, +- +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 114, 114, 114, 114, 114, 114, +- 85, 114, 114, 114, 114, 114, 114, 114, 94, 114, +- 114, 114, 114, 114, 0, 0, 112, 55, 114, 114, +- 114, 40, 38, 114, 114, 114, 48, 114, 114, 114, +- 114, 43, 114, 114, 114, 114, 114, 114, 114, 114, +- +- 114, 114, 114, 114, 114, 53, 114, 114, 114, 46, +- 114, 1, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 157, 11, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 164, 114, 104, 114, 114, 114, +- 114, 114, 114, 114, 90, 114, 114, 114, 114, 114, +- 97, 114, 114, 12, 114, 114, 114, 114, 114, 114, +- 114, 27, 51, 114, 114, 54, 62, 44, 114, 114, +- 114, 114, 114, 41, 114, 114, 114, 35, 114, 114, +- +- 114, 59, 114, 114, 114, 114, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 105, 114, 114, 114, 114, 114, 114, 114, 114, 92, +- 114, 114, 114, 114, 114, 114, 114, 37, 114, 114, +- 114, 114, 114, 114, 114, 45, 114, 114, 114, 114, +- 114, 29, 114, 49, 63, 52, 28, 114, 114, 114, +- 114, 114, 0, 0, 0, 0, 0, 0, 0, 0, +- +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 114, 114, +- 114, 84, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 36, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 31, 114, 32, 114, 56, 114, 47, 39, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- +- 0, 0, 17, 0, 0, 0, 0, 0, 0, 0, +- 21, 0, 0, 0, 24, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 114, 103, 34, 114, 114, 114, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 75, 114, 60, 114, 58, +- 114, 61, 50, 0, 0, 0, 0, 0, 0, 0, +- 0, 3, 0, 0, 0, 122, 0, 0, 0, 0, +- 127, 14, 0, 0, 0, 161, 0, 18, 0, 0, +- 19, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- +- 0, 0, 0, 0, 0, 162, 0, 0, 0, 0, +- 0, 0, 0, 114, 114, 114, 114, 88, 89, 91, +- 114, 114, 114, 114, 114, 33, 114, 114, 114, 114, +- 114, 114, 114, 114, 114, 114, 114, 114, 114, 114, +- 57, 30, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 159, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 25, +- 0, 26, 137, 0, 0, 134, 0, 0, 0, 114, +- 114, 114, 114, 114, 95, 96, 114, 114, 114, 114, +- +- 114, 69, 68, 114, 114, 114, 72, 114, 114, 74, +- 114, 114, 114, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 156, +- 13, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 23, 0, 0, 0, +- 0, 153, 0, 0, 0, 0, 0, 114, 114, 114, +- 114, 114, 114, 114, 76, 114, 114, 114, 71, 67, +- 82, 114, 114, 114, 114, 81, 160, 2, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- +- 0, 0, 20, 138, 136, 0, 0, 151, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 114, 114, +- 114, 114, 114, 114, 114, 73, 114, 66, 114, 114, +- 79, 80, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 158, 0, 0, +- 0, 143, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 114, 114, +- 114, 114, 114, 114, 114, 114, 77, 78, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 150, +- +- 0, 0, 0, 0, 0, 0, 0, 155, 0, 0, +- 0, 0, 114, 114, 114, 114, 114, 114, 114, 70, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 15, +- 0, 0, 0, 0, 0, 139, 152, 0, 0, 0, +- 0, 0, 114, 114, 114, 114, 93, 114, 114, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 142, 0, 0, +- 0, 0, 0, 129, 0, 0, 0, 0, 114, 101, +- 114, 114, 114, 99, 144, 0, 0, 0, 0, 0, +- +- 4, 0, 0, 0, 0, 0, 8, 9, 0, 0, +- 0, 0, 0, 0, 22, 0, 0, 0, 140, 0, +- 0, 114, 114, 114, 114, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 10, 0, 0, 133, 0, +- 128, 0, 0, 0, 0, 0, 114, 114, 87, 114, +- 0, 0, 148, 0, 0, 0, 0, 0, 124, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 114, +- 114, 98, 0, 0, 0, 0, 5, 0, 0, 0, +- 0, 126, 0, 131, 0, 0, 0, 141, 0, 114, +- 114, 149, 146, 0, 145, 123, 0, 0, 0, 0, +- +- 0, 0, 135, 163, 114, 114, 147, 0, 0, 0, +- 154, 0, 0, 114, 114, 125, 0, 0, 0, 130, +- 100, 114, 6, 0, 132, 114, 0, 114, 0, 114, +- 7, 114, 102, 0 ++ 171, 169, 108, 111, 169, 169, 169, 169, 169, 113, ++ 113, 169, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 169, 108, 169, 168, 167, 168, 168, 123, ++ 121, 123, 110, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 108, 169, 109, 108, 169, 0, 118, 0, 0, ++ 119, 0, 113, 0, 117, 114, 117, 120, 112, 114, ++ 0, 114, 113, 0, 64, 116, 116, 116, 116, 116, ++ ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 65, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 122, 116, 116, 116, 116, 116, 116, 116, ++ 87, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 0, 0, 0, 0, 0, ++ 0, 114, 84, 117, 114, 112, 114, 0, 114, 115, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ ++ 116, 116, 116, 116, 42, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 116, ++ 116, 116, 116, 116, 116, 86, 116, 116, 116, 116, ++ 116, 116, 116, 116, 95, 116, 116, 116, 116, 116, ++ 0, 0, 114, 55, 116, 116, 116, 116, 40, 38, ++ 116, 116, 116, 48, 116, 116, 116, 116, 43, 116, ++ ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 53, 116, 116, 116, 46, 116, 1, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 159, 11, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 166, 116, 106, 116, 116, 116, 116, 116, 116, ++ 116, 91, 116, 116, 116, 116, 116, 116, 98, 116, ++ 116, 12, 116, 116, 116, 116, 116, 116, 116, 116, ++ 27, 51, 116, 116, 54, 62, 44, 116, 116, 116, ++ ++ 116, 116, 41, 116, 116, 116, 35, 116, 116, 116, ++ 59, 116, 116, 116, 116, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 107, ++ 116, 116, 116, 116, 116, 116, 116, 116, 93, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 37, 116, ++ 116, 116, 116, 116, 116, 116, 45, 116, 116, 116, ++ 116, 116, 29, 116, 49, 63, 52, 28, 116, 116, ++ ++ 116, 116, 116, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 116, ++ 116, 116, 85, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 36, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 31, 116, 32, 116, 56, 116, 47, ++ 39, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 17, 0, 0, 0, 0, ++ 0, 0, 0, 21, 0, 0, 0, 24, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 116, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 105, 116, 34, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 116, 116, ++ 75, 116, 60, 116, 58, 116, 61, 50, 0, 0, ++ 0, 0, 0, 0, 0, 0, 3, 0, 0, 0, ++ 124, 0, 0, 0, 0, 129, 14, 0, 0, 0, ++ ++ 163, 0, 18, 0, 0, 19, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 164, 0, 0, 0, 0, 0, 0, 0, 116, 116, ++ 116, 116, 89, 90, 92, 116, 116, 116, 116, 116, ++ 116, 116, 33, 116, 116, 116, 116, 116, 116, 116, ++ 116, 116, 116, 116, 116, 116, 116, 57, 30, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 161, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 25, 0, 26, 139, ++ ++ 0, 0, 136, 0, 0, 0, 116, 116, 116, 116, ++ 116, 116, 96, 97, 116, 116, 82, 116, 116, 116, ++ 69, 68, 116, 116, 116, 72, 116, 116, 74, 116, ++ 116, 116, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 158, 13, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 23, 0, 0, 0, 0, ++ 155, 0, 0, 0, 0, 0, 116, 116, 116, 116, ++ 116, 116, 116, 116, 76, 116, 116, 116, 71, 67, ++ 83, 116, 116, 116, 116, 81, 162, 2, 0, 0, ++ ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 20, 140, 138, 0, 0, 153, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 116, 116, ++ 116, 116, 116, 116, 116, 116, 73, 116, 66, 116, ++ 116, 79, 80, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 160, 0, ++ 0, 0, 145, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 116, ++ 116, 116, 116, 116, 116, 116, 116, 116, 77, 78, ++ ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 152, 0, 0, 0, 0, 0, 0, 0, 157, ++ 0, 0, 0, 0, 116, 116, 116, 116, 116, 116, ++ 116, 116, 70, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 15, 0, 0, 0, 0, 0, 141, 154, ++ 0, 0, 0, 0, 0, 116, 116, 116, 116, 116, ++ 94, 116, 116, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ ++ 0, 144, 0, 0, 0, 0, 0, 131, 0, 0, ++ 0, 0, 116, 103, 116, 116, 116, 116, 101, 146, ++ 0, 0, 0, 0, 0, 4, 0, 0, 0, 0, ++ 0, 8, 9, 0, 0, 0, 0, 0, 0, 22, ++ 0, 0, 0, 142, 0, 0, 116, 116, 116, 100, ++ 116, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 10, 0, 0, 135, 0, 130, 0, 0, 0, ++ 0, 0, 116, 116, 88, 116, 0, 0, 150, 0, ++ 0, 0, 0, 0, 126, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 116, 116, 99, 0, 0, ++ ++ 0, 0, 5, 0, 0, 0, 0, 128, 0, 133, ++ 0, 0, 0, 143, 0, 116, 116, 151, 148, 0, ++ 147, 125, 0, 0, 0, 0, 0, 0, 137, 165, ++ 116, 116, 149, 0, 0, 0, 156, 0, 0, 116, ++ 116, 127, 0, 0, 0, 132, 102, 116, 6, 0, ++ 134, 116, 0, 116, 0, 116, 7, 116, 104, 0 + } ; + +-static yyconst flex_int32_t yy_ec[256] = ++static const YY_CHAR yy_ec[256] = + { 0, + 1, 1, 1, 1, 1, 1, 1, 1, 2, 3, + 1, 1, 4, 1, 1, 1, 1, 1, 1, 1, +@@ -542,7 +535,7 @@ static yyconst flex_int32_t yy_ec[256] = + 1, 1, 1, 1, 1 + } ; + +-static yyconst flex_int32_t yy_meta[71] = ++static const YY_CHAR yy_meta[71] = + { 0, + 1, 1, 2, 1, 1, 1, 1, 1, 1, 1, + 1, 3, 3, 3, 4, 4, 1, 4, 4, 4, +@@ -553,614 +546,629 @@ static yyconst flex_int32_t yy_meta[71] + 3, 3, 3, 3, 3, 3, 3, 3, 3, 1 + } ; + +-static yyconst flex_int16_t yy_base[1243] = ++static const flex_int16_t yy_base[1269] = + { 0, +- 0, 69, 2841, 70, 71, 74, 76, 76, 2835, 81, +- 2842, 2845, 2845, 2845, 74, 83, 78, 88, 78, 129, +- 2774, 2823, 83, 95, 98, 103, 107, 135, 141, 147, +- 156, 150, 159, 163, 169, 185, 203, 208, 212, 218, +- 223, 2769, 144, 260, 2845, 2845, 172, 2816, 2845, 2845, +- 2823, 2845, 227, 230, 238, 288, 292, 299, 296, 303, +- 306, 311, 241, 314, 317, 323, 350, 326, 369, 184, +- 2814, 2845, 201, 2813, 121, 2845, 2831, 216, 2845, 90, +- 2766, 175, 250, 375, 192, 2845, 0, 379, 394, 2845, +- 2845, 0, 2845, 336, 402, 408, 420, 423, 426, 429, +- +- 433, 436, 442, 445, 448, 451, 454, 457, 464, 467, +- 471, 474, 480, 483, 489, 498, 502, 505, 517, 522, +- 525, 531, 537, 540, 547, 2845, 232, 0, 321, 2806, +- 154, 64, 134, 253, 225, 2777, 489, 2776, 518, 2769, +- 511, 2782, 2777, 179, 2768, 2771, 366, 2802, 2765, 2845, +- 561, 567, 570, 576, 583, 589, 592, 595, 598, 601, +- 606, 610, 615, 623, 626, 629, 632, 639, 635, 644, +- 648, 390, 2800, 2754, 406, 2798, 207, 648, 366, 665, +- 511, 0, 688, 141, 670, 0, 661, 693, 675, 700, +- 703, 711, 714, 718, 721, 728, 731, 734, 737, 740, +- +- 745, 748, 754, 757, 773, 776, 782, 787, 790, 793, +- 796, 799, 804, 807, 811, 815, 821, 825, 834, 838, +- 2793, 2770, 2754, 297, 2757, 717, 2764, 2766, 2764, 794, +- 2766, 2753, 191, 2747, 2760, 2845, 2748, 345, 2759, 311, +- 2743, 2756, 2741, 2755, 34, 2740, 439, 2747, 2737, 2742, +- 2738, 2743, 2735, 2746, 855, 858, 864, 867, 873, 877, +- 880, 883, 886, 889, 892, 898, 901, 908, 912, 915, +- 918, 931, 934, 923, 2745, 941, 946, 951, 958, 962, +- 974, 977, 986, 989, 992, 1000, 1003, 1006, 1009, 1012, +- 1015, 1018, 1021, 1024, 1027, 1030, 1033, 1036, 1040, 1049, +- +- 1052, 1062, 1079, 1083, 1088, 1091, 1094, 1097, 1105, 1108, +- 1111, 2845, 2743, 2733, 2741, 2740, 2740, 2728, 362, 2719, +- 2740, 2723, 2845, 2734, 2724, 2721, 2718, 2734, 2723, 2717, +- 2757, 2726, 2716, 2718, 2710, 2709, 2721, 2720, 2709, 2715, +- 2703, 2712, 2710, 2701, 2711, 2699, 1051, 2701, 2698, 2739, +- 2708, 2707, 2693, 2692, 2845, 1116, 1119, 1122, 1128, 1132, +- 1138, 1143, 1146, 1149, 1162, 1166, 1173, 1176, 1180, 1185, +- 1191, 1199, 1202, 2845, 1205, 1209, 1219, 1215, 1230, 1225, +- 1239, 1246, 1257, 1260, 1264, 1267, 1270, 1273, 1276, 1279, +- 1282, 1285, 1289, 1292, 1295, 1301, 1304, 1307, 1310, 1313, +- +- 1316, 1326, 1334, 1340, 1343, 1347, 2692, 2720, 2689, 2695, +- 2686, 2690, 2689, 2697, 2692, 2681, 2681, 2683, 2681, 2695, +- 2676, 2683, 2688, 2691, 2677, 2704, 2673, 2669, 2678, 2685, +- 2672, 2678, 2678, 2668, 2670, 2666, 2668, 2672, 2668, 2695, +- 2662, 2669, 2650, 2667, 2666, 2656, 2658, 546, 536, 2649, +- 1351, 1356, 1359, 1366, 1369, 1373, 1381, 1387, 1392, 1395, +- 1398, 1401, 1404, 1411, 1416, 1423, 1426, 1429, 1433, 1442, +- 1439, 1471, 1474, 1477, 1480, 1483, 1487, 1498, 1501, 1504, +- 1507, 1510, 1513, 1516, 1519, 1522, 1525, 1533, 1536, 1539, +- 1543, 1549, 2650, 2643, 1545, 2660, 2653, 2646, 2651, 2645, +- +- 2647, 2648, 2642, 2639, 2638, 2652, 2638, 2644, 2651, 2631, +- 2646, 2648, 2630, 2643, 2645, 2632, 2627, 2634, 2638, 2637, +- 2635, 2626, 2633, 2623, 2623, 2622, 2625, 2615, 2614, 2615, +- 2655, 2625, 2619, 2613, 363, 2612, 2611, 2623, 1554, 1559, +- 1564, 1570, 1579, 1588, 1591, 1597, 1601, 1604, 1607, 1612, +- 1617, 1620, 1623, 1635, 1643, 1646, 1649, 1657, 1663, 1668, +- 1678, 1681, 1684, 1687, 1690, 1696, 1700, 1703, 1712, 1715, +- 1718, 1722, 1725, 1728, 1732, 1735, 1738, 1741, 2648, 2636, +- 2602, 2612, 2614, 2613, 2601, 2615, 2610, 2605, 2604, 2594, +- 2604, 2592, 2600, 2599, 2602, 2588, 2600, 2587, 2587, 2597, +- +- 2596, 2588, 2845, 2594, 2587, 2594, 2591, 2584, 2602, 2618, +- 567, 2591, 2616, 2574, 2845, 2580, 2570, 2579, 2578, 2567, +- 2570, 2578, 2569, 2577, 2579, 2566, 2574, 2560, 2565, 1744, +- 1749, 1755, 1767, 1761, 1773, 1776, 1779, 1782, 1785, 1789, +- 1801, 1804, 1808, 1812, 1815, 1833, 1836, 1845, 1851, 1854, +- 1857, 1860, 1863, 1870, 1874, 1882, 1886, 1889, 1892, 1897, +- 1900, 1903, 1906, 2561, 2573, 2565, 2547, 2546, 2539, 2536, +- 2527, 2845, 2525, 2538, 593, 2845, 1313, 2528, 2526, 2535, +- 2845, 2845, 2537, 2562, 2520, 2845, 2530, 2845, 2525, 2528, +- 2845, 2527, 2506, 2514, 2513, 2521, 2514, 2510, 2511, 2503, +- +- 2511, 2505, 2504, 2493, 2511, 2845, 2509, 2508, 2508, 2493, +- 2505, 2491, 680, 1909, 1912, 1916, 1919, 1922, 1925, 1931, +- 1934, 1938, 1944, 1954, 1957, 1960, 1963, 1966, 1969, 1973, +- 1978, 1987, 1993, 2004, 2009, 2012, 2015, 2022, 2025, 2028, +- 2035, 2040, 2504, 2494, 2492, 2480, 2487, 2515, 2465, 2466, +- 2465, 2458, 2438, 2439, 2388, 2388, 2393, 2377, 2387, 2379, +- 837, 2373, 2373, 2368, 2367, 2362, 2399, 2845, 2334, 2340, +- 2338, 2340, 2336, 2311, 2297, 2291, 2297, 2293, 2268, 2845, +- 2268, 2845, 2845, 2259, 2286, 2845, 2277, 2255, 2239, 2043, +- 2049, 2052, 2055, 2058, 2062, 2065, 2068, 2071, 2077, 2080, +- +- 2083, 2086, 2095, 2099, 2110, 2113, 2116, 2124, 2127, 2130, +- 2137, 2140, 2143, 2245, 2243, 2242, 2241, 2233, 2188, 2196, +- 2225, 2213, 2163, 2166, 231, 2175, 2174, 2157, 2145, 2845, +- 2845, 2145, 2152, 2123, 2136, 2127, 2118, 2107, 2119, 2087, +- 2095, 2084, 2083, 2082, 2062, 2067, 2845, 2069, 2049, 2083, +- 2067, 2845, 2025, 2000, 2000, 673, 1989, 2146, 2150, 2158, +- 2161, 2165, 2169, 2172, 2175, 2180, 2184, 2187, 2195, 2198, +- 2204, 2216, 2219, 2222, 2225, 2228, 2845, 2845, 1983, 1979, +- 1966, 1955, 1995, 1948, 1949, 1953, 1945, 1933, 1928, 1932, +- 1934, 1918, 1913, 1913, 1914, 1894, 1894, 1891, 1920, 1861, +- +- 1828, 1840, 2845, 2845, 2845, 1829, 1813, 2845, 1804, 1800, +- 1793, 1792, 1820, 1790, 1789, 1780, 1786, 1774, 2237, 2242, +- 2245, 2250, 2253, 2256, 2259, 2262, 2265, 2268, 2271, 2274, +- 2277, 2285, 1811, 1779, 1768, 1752, 1744, 1756, 1756, 1755, +- 1746, 1735, 1717, 1708, 1721, 1702, 1703, 2845, 1710, 1672, +- 1662, 2845, 1659, 1657, 1634, 1636, 1624, 1617, 1618, 1604, +- 1616, 1605, 1592, 1600, 1589, 1624, 1589, 1578, 2299, 2303, +- 2308, 2311, 2315, 2318, 2321, 2324, 2327, 2335, 1579, 1571, +- 1556, 1543, 1547, 1546, 1531, 1564, 1522, 1568, 1536, 1518, +- 1520, 1501, 1496, 1508, 1518, 1522, 1491, 1458, 1448, 2845, +- +- 1485, 1440, 1440, 1435, 1430, 1427, 1427, 2845, 1409, 1410, +- 1418, 1441, 2338, 2341, 2344, 2352, 2357, 2362, 2365, 2368, +- 1411, 1409, 1383, 1411, 1375, 1370, 1363, 1344, 1337, 1340, +- 1371, 1336, 1330, 1317, 1307, 1313, 1312, 1285, 1291, 2845, +- 1274, 1272, 1262, 1254, 1204, 2845, 2845, 1214, 1214, 1212, +- 1193, 1203, 2371, 2379, 2384, 2387, 2391, 2398, 2394, 1198, +- 1174, 1159, 1150, 1158, 1145, 1151, 1151, 1145, 1145, 1123, +- 1123, 1125, 1121, 1110, 1148, 1109, 1116, 2845, 1144, 1104, +- 1098, 1084, 1084, 2845, 1087, 1076, 1095, 78, 2401, 2404, +- 2409, 2414, 2421, 2438, 2845, 175, 207, 199, 199, 268, +- +- 2845, 250, 302, 271, 294, 307, 2845, 2845, 310, 392, +- 389, 423, 415, 440, 2845, 445, 448, 488, 2845, 467, +- 483, 2441, 2444, 2447, 2450, 496, 517, 541, 579, 562, +- 569, 574, 606, 619, 756, 2845, 633, 671, 2845, 648, +- 2845, 649, 660, 678, 706, 707, 2453, 2456, 2459, 2462, +- 723, 732, 2845, 723, 742, 764, 777, 810, 2845, 772, +- 787, 794, 790, 803, 797, 840, 824, 832, 857, 2467, +- 2470, 2473, 866, 868, 884, 890, 2845, 891, 891, 893, +- 907, 2845, 917, 2845, 957, 919, 930, 2845, 922, 2480, +- 2476, 2845, 2845, 934, 2845, 2845, 944, 938, 938, 961, +- +- 998, 1009, 2845, 2845, 2483, 2489, 2845, 1017, 1023, 1025, +- 2845, 1023, 1029, 2494, 2498, 2845, 1019, 1022, 1038, 2845, +- 2506, 2509, 2845, 1025, 2845, 2513, 1037, 2519, 1062, 2526, +- 2845, 2533, 2536, 2845, 2594, 2598, 2602, 2606, 2608, 2610, +- 2614, 1109 ++ 0, 69, 2946, 70, 71, 74, 76, 76, 2940, 81, ++ 2947, 2950, 2950, 2950, 74, 83, 78, 88, 78, 129, ++ 2879, 2928, 83, 95, 98, 102, 136, 141, 151, 147, ++ 156, 159, 162, 169, 175, 178, 185, 189, 204, 212, ++ 217, 220, 2874, 115, 259, 2950, 2950, 117, 2921, 2950, ++ 2950, 2928, 2950, 223, 246, 249, 287, 261, 296, 301, ++ 290, 304, 310, 313, 316, 322, 348, 353, 358, 366, ++ 375, 206, 2919, 2950, 238, 2918, 151, 2950, 2936, 244, ++ 2950, 90, 2871, 172, 361, 421, 197, 2950, 0, 398, ++ 380, 2950, 2950, 0, 2950, 387, 418, 428, 438, 442, ++ ++ 445, 448, 451, 454, 464, 467, 470, 473, 476, 479, ++ 486, 489, 493, 496, 501, 504, 507, 510, 513, 523, ++ 528, 531, 540, 545, 551, 561, 564, 568, 2950, 284, ++ 0, 273, 2911, 189, 70, 183, 291, 299, 2882, 388, ++ 2881, 335, 2874, 532, 2887, 2882, 89, 2873, 2876, 351, ++ 2907, 2870, 2950, 582, 585, 588, 594, 597, 602, 611, ++ 614, 617, 620, 623, 627, 633, 639, 642, 645, 648, ++ 652, 655, 663, 667, 677, 391, 2905, 2859, 416, 2903, ++ 197, 677, 370, 694, 390, 0, 703, 162, 699, 0, ++ 717, 720, 723, 727, 730, 743, 746, 749, 752, 755, ++ ++ 761, 764, 767, 775, 771, 778, 781, 784, 788, 793, ++ 802, 806, 810, 815, 820, 823, 826, 829, 834, 837, ++ 847, 850, 857, 860, 864, 2898, 2875, 2859, 232, 2862, ++ 510, 2869, 2871, 2869, 284, 2871, 2858, 202, 2852, 2865, ++ 2950, 2853, 834, 2864, 303, 2848, 2861, 2846, 2860, 34, ++ 2845, 489, 2852, 2842, 2847, 2843, 2848, 2840, 2851, 867, ++ 886, 889, 893, 899, 902, 905, 909, 912, 918, 926, ++ 929, 934, 938, 942, 948, 953, 957, 960, 967, 973, ++ 2850, 976, 981, 1001, 1004, 1007, 1010, 1015, 1024, 1027, ++ 1031, 1040, 1043, 1046, 1050, 1055, 1058, 1061, 1064, 1067, ++ ++ 1070, 1073, 1076, 1082, 1088, 1094, 1097, 1108, 1118, 1121, ++ 1125, 1133, 1136, 1140, 1143, 1146, 1149, 1152, 2950, 2848, ++ 2838, 2846, 2845, 2845, 2833, 525, 2824, 2845, 2828, 2950, ++ 2839, 2829, 2826, 2823, 2839, 2828, 2822, 2862, 2831, 2821, ++ 2823, 2815, 2814, 2826, 2825, 2814, 2820, 2808, 2817, 2815, ++ 2806, 2816, 2804, 668, 2806, 2803, 2844, 2813, 2812, 2798, ++ 2797, 2950, 1161, 1164, 1170, 1173, 1178, 1184, 1188, 1191, ++ 1194, 1202, 1207, 1210, 1213, 1220, 1223, 1226, 1231, 1236, ++ 1244, 2950, 1247, 1264, 1277, 1290, 1293, 1296, 1299, 1303, ++ 1306, 1310, 1313, 1324, 1329, 1332, 1335, 1338, 1341, 1344, ++ ++ 1347, 1352, 1355, 1361, 1364, 1367, 1370, 1373, 1376, 1379, ++ 1389, 1396, 1402, 1406, 1410, 2797, 2825, 2794, 2800, 2791, ++ 2795, 2794, 2802, 2797, 2786, 2786, 2788, 2786, 2800, 2781, ++ 2788, 2793, 2796, 2782, 2809, 2778, 2774, 2783, 2790, 2777, ++ 2783, 2783, 2773, 2775, 2771, 2773, 2777, 2773, 2800, 2767, ++ 2774, 2755, 2772, 2771, 2761, 2763, 385, 233, 2754, 1414, ++ 1419, 1422, 1429, 1435, 1444, 1449, 1454, 1457, 1460, 1463, ++ 1468, 1474, 1477, 1480, 1488, 1494, 1497, 1507, 1500, 1510, ++ 1514, 1535, 1543, 1546, 1549, 1559, 1555, 1564, 1570, 1574, ++ 1577, 1580, 1583, 1586, 1589, 1592, 1595, 1598, 1601, 1607, ++ ++ 1610, 1616, 1622, 2755, 2748, 1606, 2765, 2758, 2751, 2756, ++ 2750, 2752, 2753, 2747, 2744, 2743, 2757, 2743, 2749, 2756, ++ 2736, 2751, 2753, 2735, 2748, 2750, 2737, 2732, 2739, 2743, ++ 2742, 2740, 2731, 2738, 2728, 2728, 2727, 2730, 2720, 2719, ++ 2720, 2760, 2730, 2724, 2718, 373, 2717, 2716, 2728, 1625, ++ 1637, 1640, 1643, 1649, 1653, 1656, 1661, 1664, 1668, 1674, ++ 1677, 1680, 1683, 1696, 1702, 1705, 1708, 1712, 1715, 1723, ++ 1730, 1733, 1748, 1737, 1751, 1756, 1759, 1763, 1767, 1772, ++ 1778, 1783, 1786, 1789, 1793, 1796, 1799, 1804, 1807, 1810, ++ 1813, 2753, 2741, 2707, 2717, 2719, 2718, 2706, 2720, 2715, ++ ++ 2710, 2709, 2699, 2709, 2697, 2705, 2704, 2707, 2693, 2705, ++ 2692, 2692, 2702, 2701, 2693, 2950, 2699, 2692, 2699, 2696, ++ 2689, 2707, 2723, 536, 2696, 2721, 2679, 2950, 2685, 2675, ++ 2682, 2659, 2648, 2651, 2659, 2650, 2658, 2660, 2647, 2655, ++ 2641, 2646, 1816, 1820, 1823, 1826, 1832, 1838, 1841, 1845, ++ 1848, 1851, 1860, 1863, 1871, 1877, 1886, 1880, 1889, 1896, ++ 1893, 1901, 1916, 1920, 1923, 1926, 1929, 1932, 1943, 1951, ++ 1954, 1959, 1962, 1965, 1970, 1973, 1976, 1979, 2641, 2652, ++ 2646, 2650, 2649, 2642, 2639, 2630, 2950, 2627, 2640, 566, ++ 2950, 1158, 2630, 2628, 2637, 2950, 2950, 2638, 2663, 2621, ++ ++ 2950, 2630, 2950, 2625, 2628, 2950, 2627, 2608, 2616, 2612, ++ 2620, 2598, 2594, 2594, 2559, 2567, 2557, 2555, 2532, 2550, ++ 2950, 2547, 2546, 2545, 2529, 2541, 2507, 395, 1982, 1988, ++ 1991, 1994, 1997, 2000, 2004, 2007, 2011, 2014, 2021, 2029, ++ 2032, 2035, 2041, 2044, 2054, 2058, 2066, 2070, 2077, 2080, ++ 2092, 2096, 2099, 2102, 2110, 2113, 2116, 2061, 2123, 2520, ++ 2476, 2477, 2463, 2470, 2491, 2437, 2449, 2447, 2446, 2429, ++ 2430, 2416, 2416, 2422, 2404, 2415, 2390, 957, 2384, 2386, ++ 2357, 2349, 2347, 2387, 2950, 2334, 2344, 2342, 2338, 2335, ++ 2304, 2282, 2277, 2283, 2268, 2250, 2950, 2246, 2950, 2950, ++ ++ 2244, 2273, 2950, 2253, 2222, 2206, 2128, 2131, 2136, 2139, ++ 2142, 2145, 2150, 2153, 2156, 2162, 2165, 2170, 2173, 2184, ++ 2196, 2201, 2204, 2207, 2213, 2218, 2224, 2227, 2230, 2237, ++ 2240, 2243, 2215, 2196, 2195, 2215, 2214, 2169, 2173, 2203, ++ 2181, 2141, 2144, 433, 2153, 2151, 2131, 2133, 2950, 2950, ++ 2130, 2138, 2113, 2126, 2123, 2121, 2100, 2100, 2079, 2082, ++ 2081, 2070, 2068, 2044, 2051, 2950, 2051, 2040, 2068, 2065, ++ 2950, 2008, 2006, 2005, 275, 2001, 2246, 2250, 2258, 2261, ++ 2264, 2269, 2272, 2275, 2278, 2285, 2288, 2291, 2298, 2302, ++ 2309, 2313, 2320, 2323, 2326, 2329, 2950, 2950, 1999, 1995, ++ ++ 1987, 1986, 2020, 1973, 1977, 1981, 1972, 1934, 1929, 1918, ++ 1902, 1914, 1908, 1905, 1905, 1890, 1889, 1876, 1904, 1877, ++ 1857, 1862, 2950, 2950, 2950, 1846, 1839, 2950, 1830, 1827, ++ 1820, 1811, 1849, 1818, 1818, 1792, 1794, 1755, 2335, 2338, ++ 2343, 2346, 2351, 2354, 2357, 2360, 2363, 2366, 2369, 2373, ++ 2376, 2384, 2388, 1768, 1736, 1731, 1716, 1694, 1706, 1706, ++ 1690, 1694, 1683, 1652, 1648, 1655, 1639, 1639, 2950, 1650, ++ 1634, 1625, 2950, 1612, 1611, 1593, 1595, 1583, 1584, 1578, ++ 1569, 1568, 1531, 1520, 1524, 1509, 1544, 1492, 1483, 2401, ++ 2404, 2409, 2412, 2415, 2418, 2421, 2424, 2427, 2430, 2438, ++ ++ 1480, 1487, 1481, 1468, 1478, 1453, 1439, 1469, 1429, 1476, ++ 1433, 1418, 1424, 1396, 1396, 1404, 1428, 1431, 1401, 1395, ++ 1385, 2950, 1420, 1374, 1375, 1383, 1362, 1361, 1357, 2950, ++ 1341, 1340, 1347, 1371, 2441, 2444, 2447, 2451, 2465, 2468, ++ 2471, 2474, 2482, 1345, 1321, 1320, 1342, 1283, 1283, 1275, ++ 1271, 1240, 1243, 1277, 1242, 1236, 1233, 1219, 1225, 1230, ++ 1224, 1231, 2950, 1221, 1215, 1223, 1224, 1205, 2950, 2950, ++ 1217, 1216, 1214, 1201, 1208, 2490, 2493, 2496, 2500, 2504, ++ 2509, 2513, 2518, 1203, 1190, 1185, 1182, 1179, 1167, 1167, ++ 1163, 1159, 1147, 1112, 1110, 1115, 1093, 1081, 1108, 1069, ++ ++ 1076, 2950, 1103, 1069, 1067, 1052, 1059, 2950, 1062, 1048, ++ 1077, 68, 2523, 2526, 2529, 2532, 2535, 2541, 2548, 2950, ++ 126, 174, 178, 226, 273, 2950, 248, 348, 376, 404, ++ 443, 2950, 2950, 446, 452, 469, 483, 512, 533, 2950, ++ 558, 558, 599, 2950, 561, 593, 2551, 2554, 2561, 2564, ++ 2567, 584, 611, 622, 653, 623, 630, 636, 635, 653, ++ 684, 2950, 664, 696, 2950, 675, 2950, 686, 689, 689, ++ 702, 714, 2570, 2573, 2576, 2590, 722, 754, 2950, 750, ++ 761, 775, 795, 832, 2950, 795, 801, 807, 807, 825, ++ 826, 865, 842, 842, 844, 2593, 2596, 2599, 845, 858, ++ ++ 878, 878, 2950, 883, 876, 876, 892, 2950, 904, 2950, ++ 937, 899, 913, 2950, 916, 2606, 2612, 2950, 2950, 939, ++ 2950, 2950, 949, 942, 944, 953, 946, 957, 2950, 2950, ++ 2615, 2619, 2950, 958, 963, 979, 2950, 977, 980, 2623, ++ 2626, 2950, 971, 983, 997, 2950, 2629, 2633, 2950, 997, ++ 2950, 2636, 1004, 2645, 1041, 2649, 2950, 2652, 2655, 2950, ++ 2713, 2717, 2721, 2725, 2727, 2729, 2733, 1088 + } ; + +-static yyconst flex_int16_t yy_def[1243] = ++static const flex_int16_t yy_def[1269] = + { 0, +- 1234, 1, 1235, 1235, 1236, 1236, 1, 7, 1, 1, +- 1234, 1234, 1234, 1234, 1237, 1238, 1234, 1239, 1234, 1234, +- 20, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1234, +- 44, 1234, 1234, 44, 1237, 1234, 1237, 1238, 1234, 1234, +- 20, 1239, 1239, 1239, 1239, 1234, 1241, 1234, 1234, 1234, +- 1234, 1242, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1234, 1234, 44, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1234, 44, 1234, 1234, 44, 1234, 1234, 1239, 1239, +- 1239, 1241, 1234, 1234, 1234, 1242, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1234, 1239, 1239, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1234, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- +- 1240, 1240, 1240, 1240, 1240, 1240, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, +- 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1240, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1240, 1240, 1240, 1240, 1240, 1240, 1240, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, +- 1240, 1240, 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1240, 1240, 1240, 1240, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1240, 1240, 1240, 1240, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, +- 1240, 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1240, +- 1240, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- +- 1234, 1234, 1234, 1234, 1240, 1240, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1240, 1240, 1234, 1234, 1234, 1234, 1234, +- 1240, 1240, 1234, 1234, 1234, 1240, 1234, 1240, 1234, 1240, +- 1234, 1240, 1240, 0, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234 ++ 1260, 1, 1261, 1261, 1262, 1262, 1, 7, 1, 1, ++ 1260, 1260, 1260, 1260, 1263, 1264, 1260, 1265, 1260, 1260, ++ 20, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1260, 45, 1260, 1260, 45, 1263, 1260, 1263, 1264, ++ 1260, 1260, 20, 1265, 1265, 1265, 1265, 1260, 1267, 1260, ++ 1260, 1260, 1260, 1268, 1260, 1266, 1266, 1266, 1266, 1266, ++ ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1260, 1260, ++ 45, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1260, 45, 1260, 1260, 45, ++ 1260, 1260, 1265, 1265, 1265, 1267, 1260, 1260, 1260, 1268, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1260, 1265, 1265, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ ++ 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1260, 1260, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, ++ 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1266, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1266, 1266, ++ 1266, 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1266, 1266, 1266, 1266, 1266, 1266, 1266, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1266, ++ 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1266, 1266, 1266, 1266, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1266, 1260, 1260, ++ ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1266, 1266, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1266, ++ 1266, 1260, 1260, 1260, 1260, 1260, 1266, 1266, 1260, 1260, ++ 1260, 1266, 1260, 1266, 1260, 1266, 1260, 1266, 1266, 0, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260 + } ; + +-static yyconst flex_int16_t yy_nxt[2916] = ++static const flex_int16_t yy_nxt[3021] = + { 0, + 12, 13, 14, 13, 15, 12, 16, 12, 12, 12, + 12, 17, 18, 19, 20, 21, 22, 23, 23, 23, + 23, 23, 23, 23, 23, 23, 23, 23, 23, 23, +- 24, 23, 23, 25, 23, 26, 23, 23, 23, 23, +- 23, 23, 23, 12, 23, 23, 27, 28, 29, 30, +- 31, 23, 23, 32, 23, 33, 23, 34, 35, 36, +- 23, 37, 38, 39, 40, 41, 23, 23, 23, 42, +- 43, 47, 46, 50, 44, 48, 50, 70, 76, 344, +- 51, 71, 73, 51, 52, 79, 74, 86, 72, 79, +- 80, 87, 81, 81, 82, 85, 82, 345, 53, 82, +- +- 83, 82, 84, 84, 178, 178, 82, 85, 82, 82, +- 85, 82, 54, 227, 82, 85, 82, 77, 82, 85, +- 82, 55, 228, 56, 57, 76, 58, 59, 97, 60, +- 61, 62, 95, 63, 64, 1121, 65, 66, 67, 68, +- 69, 88, 96, 81, 81, 127, 82, 85, 82, 128, +- 89, 90, 82, 85, 82, 185, 185, 91, 82, 85, +- 82, 82, 85, 82, 77, 98, 91, 82, 85, 82, +- 82, 85, 82, 147, 82, 85, 82, 148, 89, 90, +- 82, 85, 82, 225, 91, 172, 82, 99, 82, 173, +- 100, 229, 91, 101, 1126, 92, 82, 85, 82, 102, +- +- 230, 105, 175, 82, 103, 82, 176, 108, 110, 106, +- 329, 107, 226, 104, 82, 85, 82, 109, 79, 82, +- 85, 82, 79, 82, 85, 82, 1127, 330, 111, 82, +- 85, 82, 250, 127, 82, 85, 82, 128, 82, 85, +- 82, 82, 85, 82, 233, 112, 251, 1128, 113, 82, +- 85, 82, 82, 85, 82, 114, 115, 118, 116, 1129, +- 119, 82, 179, 82, 275, 117, 888, 889, 120, 122, +- 125, 123, 151, 230, 234, 121, 124, 129, 130, 131, +- 132, 133, 134, 135, 136, 137, 162, 1130, 138, 139, +- 152, 140, 141, 153, 142, 143, 144, 145, 146, 82, +- +- 85, 82, 231, 82, 85, 82, 232, 82, 85, 82, +- 82, 85, 82, 1131, 82, 85, 82, 82, 85, 82, +- 315, 1132, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 316, 1133, 154, 82, 85, 82, 82, 85, 82, +- 99, 155, 1134, 100, 105, 157, 101, 82, 85, 82, +- 102, 158, 106, 221, 107, 159, 160, 156, 1135, 1136, +- 108, 82, 85, 82, 161, 338, 165, 147, 222, 109, +- 339, 148, 166, 163, 164, 114, 167, 82, 116, 82, +- 82, 85, 82, 122, 223, 117, 82, 170, 82, 84, +- 84, 172, 334, 183, 183, 173, 180, 181, 335, 118, +- +- 89, 90, 119, 168, 184, 184, 336, 175, 185, 185, +- 120, 176, 625, 82, 85, 82, 626, 169, 171, 82, +- 85, 82, 123, 413, 180, 181, 414, 124, 89, 90, +- 187, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 188, 82, 85, 82, 82, 85, 82, +- 1137, 1138, 189, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 191, 1139, 1140, 192, 82, 85, 82, 82, 85, +- 82, 190, 82, 85, 82, 82, 85, 82, 347, 1141, +- 193, 82, 85, 82, 82, 85, 82, 348, 1142, 194, +- +- 82, 85, 82, 197, 196, 195, 1143, 1144, 198, 82, +- 85, 82, 199, 82, 85, 82, 82, 85, 82, 200, +- 203, 201, 82, 202, 82, 1145, 206, 204, 82, 85, +- 82, 1146, 205, 82, 85, 82, 82, 85, 82, 236, +- 208, 207, 82, 85, 82, 237, 238, 211, 82, 85, +- 82, 82, 85, 82, 1151, 536, 210, 209, 82, 85, +- 82, 213, 212, 240, 244, 534, 245, 241, 537, 246, +- 535, 247, 82, 85, 82, 1152, 242, 214, 82, 85, +- 82, 82, 85, 82, 216, 215, 695, 82, 85, 82, +- 1153, 696, 217, 219, 82, 85, 82, 218, 1154, 220, +- +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 753, 255, 82, 85, 82, +- 1155, 82, 85, 82, 1156, 257, 82, 85, 82, 754, +- 256, 258, 1157, 259, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 260, +- 82, 85, 82, 264, 261, 82, 85, 82, 263, 82, +- 85, 82, 178, 178, 203, 262, 265, 1158, 1159, 89, +- 90, 267, 82, 85, 82, 184, 276, 266, 82, 277, +- 277, 1162, 268, 270, 185, 185, 82, 85, 82, 278, +- 1163, 269, 90, 273, 272, 271, 1164, 89, 90, 788, +- +- 209, 789, 183, 183, 82, 85, 82, 1165, 274, 89, +- 90, 82, 85, 82, 82, 85, 82, 1166, 279, 281, +- 90, 280, 82, 85, 82, 82, 85, 82, 916, 82, +- 85, 82, 82, 85, 82, 917, 1167, 89, 90, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 1168, 282, 82, 85, 82, 82, +- 85, 82, 1169, 283, 286, 82, 85, 82, 82, 85, +- 82, 1173, 284, 318, 319, 285, 320, 287, 1160, 290, +- 1174, 1175, 291, 288, 82, 85, 82, 82, 85, 82, +- 1176, 1161, 289, 82, 85, 82, 292, 293, 82, 85, +- +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 1177, 294, 82, 85, 82, 82, 85, +- 82, 295, 82, 85, 82, 1178, 82, 85, 82, 1179, +- 1180, 297, 82, 85, 82, 296, 82, 85, 82, 300, +- 1181, 324, 298, 1182, 299, 82, 85, 82, 1183, 82, +- 85, 82, 1184, 325, 1185, 301, 326, 832, 302, 1186, +- 306, 833, 303, 304, 307, 305, 82, 85, 82, 82, +- 85, 82, 1187, 834, 308, 82, 85, 82, 82, 85, +- 82, 1188, 310, 311, 82, 85, 82, 309, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- +- 82, 85, 82, 82, 85, 82, 1189, 357, 358, 82, +- 85, 82, 82, 85, 82, 1192, 356, 1193, 360, 82, +- 85, 82, 359, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 1194, 361, 82, 85, 82, 363, 364, 1195, +- 1196, 365, 82, 85, 82, 82, 85, 82, 362, 1197, +- 367, 366, 82, 1198, 82, 277, 277, 82, 1199, 82, +- 277, 277, 82, 85, 82, 1200, 368, 370, 181, 82, +- 85, 82, 369, 82, 85, 82, 1201, 1202, 372, 1203, +- 371, 375, 1204, 1207, 373, 82, 85, 82, 82, 85, +- 82, 377, 1208, 376, 1209, 1210, 181, 82, 85, 82, +- +- 82, 85, 82, 82, 85, 82, 378, 379, 380, 381, +- 1211, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 382, 82, 85, 82, 383, 384, 1212, 1213, 386, 385, +- 82, 85, 82, 82, 85, 82, 1216, 387, 1217, 390, +- 1218, 1219, 391, 82, 85, 82, 441, 388, 1220, 392, +- 442, 1223, 389, 443, 1224, 395, 393, 1225, 1227, 396, +- 82, 85, 82, 397, 82, 85, 82, 1229, 394, 82, +- +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 1231, 186, 398, 1120, 399, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 1119, 400, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 1118, 1117, 401, 82, +- 85, 82, 403, 82, 85, 82, 1116, 1115, 404, 82, +- 85, 82, 1114, 402, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 1113, 1112, 451, 1111, 1110, 405, 1109, +- 1108, 406, 453, 82, 85, 82, 1107, 82, 85, 82, +- 1106, 1105, 452, 455, 82, 85, 82, 82, 85, 82, +- 1104, 82, 85, 82, 1103, 454, 82, 85, 82, 1102, +- +- 1101, 456, 82, 85, 82, 1100, 458, 1099, 1098, 457, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 1097, +- 82, 85, 82, 389, 459, 462, 82, 85, 82, 396, +- 82, 85, 82, 460, 1096, 467, 82, 85, 82, 403, +- 461, 82, 85, 82, 464, 468, 463, 1095, 1088, 469, +- 82, 85, 82, 1087, 465, 466, 470, 82, 85, 82, +- 1086, 471, 1085, 1084, 473, 472, 1083, 474, 82, 85, +- 82, 82, 85, 82, 475, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 1082, +- +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 476, +- 1081, 477, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 1080, 1079, 481, 755, 756, 478, 482, 82, 85, 82, +- 1078, 479, 757, 1077, 480, 82, 85, 82, 758, 484, +- 483, 82, 85, 82, 82, 85, 82, 486, 82, 85, +- 82, 488, 82, 85, 82, 1076, 485, 82, 85, 82, +- 82, 85, 82, 1075, 1074, 487, 1073, 82, 85, 82, +- 82, 85, 82, 489, 82, 85, 82, 1072, 491, 1071, +- 1070, 492, 82, 85, 82, 1069, 1068, 490, 82, 85, +- +- 82, 539, 1067, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 1066, 1065, +- 540, 541, 82, 85, 82, 1064, 544, 82, 85, 82, +- 1063, 542, 1062, 543, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 553, 82, 85, 82, 547, 545, 546, +- 82, 85, 82, 82, 85, 82, 483, 563, 1061, 1060, +- 556, 557, 558, 548, 554, 1052, 549, 1051, 1050, 551, +- 559, 550, 1049, 560, 555, 1048, 1047, 561, 562, 1046, +- 1045, 552, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 565, 82, 85, +- +- 82, 1044, 564, 1043, 1042, 567, 1041, 1040, 566, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 1039, +- 568, 1038, 1037, 569, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 571, 82, 85, 82, 1036, 1035, 570, +- 82, 85, 82, 581, 582, 82, 85, 82, 1034, 572, +- 82, 85, 82, 1033, 573, 82, 85, 82, 1032, 583, +- 584, 82, 85, 82, 585, 1031, 575, 1030, 576, 1029, +- 82, 85, 82, 1028, 1027, 574, 1026, 1025, 577, 82, +- +- 85, 82, 82, 85, 82, 1024, 1023, 630, 82, 85, +- 82, 578, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 1022, 631, 82, 85, 82, 632, 633, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 1021, 1012, 634, +- 635, 1011, 636, 1010, 1009, 637, 82, 85, 82, 1008, +- 1007, 643, 639, 1006, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 640, 1005, 1004, 646, 638, 82, 85, +- 82, 1003, 1002, 641, 82, 85, 82, 642, 644, 82, +- 85, 82, 647, 645, 1001, 1000, 649, 999, 648, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- +- 82, 82, 85, 82, 998, 654, 650, 82, 85, 82, +- 653, 82, 85, 82, 82, 85, 82, 997, 651, 996, +- 655, 995, 652, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 656, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 657, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 994, 659, +- 82, 85, 82, 993, 992, 658, 82, 85, 82, 991, +- 990, 661, 82, 85, 82, 660, 989, 662, 82, 85, +- 82, 988, 987, 663, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 716, +- +- 82, 85, 82, 986, 985, 714, 984, 983, 715, 982, +- 718, 717, 82, 85, 82, 82, 85, 82, 981, 82, +- 85, 82, 719, 82, 85, 82, 82, 85, 82, 980, +- 979, 720, 968, 967, 721, 966, 965, 728, 964, 963, +- 727, 723, 722, 726, 82, 85, 82, 82, 85, 82, +- 962, 961, 724, 960, 725, 730, 82, 85, 82, 959, +- 958, 729, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 732, 957, 733, +- 731, 82, 85, 82, 736, 82, 85, 82, 956, 734, +- 955, 738, 735, 82, 85, 82, 737, 82, 85, 82, +- +- 82, 85, 82, 82, 85, 82, 954, 740, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 739, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 953, +- 952, 741, 82, 85, 82, 82, 85, 82, 742, 82, +- 85, 82, 951, 950, 792, 82, 85, 82, 790, 949, +- 948, 791, 947, 946, 793, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 794, 82, 85, 82, 795, 800, 82, +- 85, 82, 945, 944, 799, 943, 942, 801, 82, 85, +- +- 82, 941, 940, 796, 82, 85, 82, 939, 804, 802, +- 797, 938, 805, 937, 803, 82, 85, 82, 936, 798, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 935, +- 807, 808, 806, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 934, 933, 811, 812, 82, 85, 82, 918, +- 810, 82, 85, 82, 82, 85, 82, 915, 914, 809, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 813, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 913, 912, 858, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- +- 867, 866, 911, 862, 910, 860, 82, 85, 82, 859, +- 82, 85, 82, 865, 909, 861, 908, 863, 868, 907, +- 864, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 906, 869, 905, 904, 870, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 903, 902, 872, 873, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 871, 82, 85, 82, 901, 875, 900, 899, 874, 82, +- 85, 82, 82, 85, 82, 898, 82, 85, 82, 876, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 897, +- 896, 82, 85, 82, 920, 82, 85, 82, 82, 85, +- +- 82, 895, 927, 894, 893, 919, 82, 85, 82, 82, +- 85, 82, 922, 923, 926, 82, 85, 82, 921, 892, +- 925, 891, 890, 928, 887, 886, 924, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 885, 884, 930, 883, 882, 929, 82, 85, +- 82, 881, 931, 82, 85, 82, 82, 85, 82, 880, +- 932, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 879, 878, 976, 877, 970, 82, 85, 82, 857, +- +- 856, 977, 855, 975, 969, 854, 973, 971, 853, 978, +- 82, 85, 82, 972, 82, 85, 82, 852, 974, 82, +- 85, 82, 82, 85, 82, 851, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 850, 849, 1013, 848, 1020, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 847, 846, +- 1014, 845, 1018, 82, 85, 82, 1019, 1016, 82, 85, +- 82, 1015, 1017, 82, 85, 82, 82, 85, 82, 82, +- 85, 82, 82, 85, 82, 844, 843, 1053, 842, 1055, +- 82, 85, 82, 841, 1054, 82, 85, 82, 82, 85, +- +- 82, 1056, 82, 85, 82, 82, 85, 82, 1057, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 840, 1058, +- 82, 85, 82, 839, 1059, 82, 85, 82, 838, 837, +- 1123, 836, 82, 85, 82, 835, 831, 1089, 830, 1091, +- 829, 1090, 828, 1093, 1092, 827, 826, 1094, 1122, 82, +- 85, 82, 82, 85, 82, 82, 85, 82, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 82, 85, 82, 82, 85, 82, 1124, 1125, 82, 85, +- 82, 82, 85, 82, 82, 85, 82, 82, 85, 82, +- 1147, 82, 85, 82, 82, 85, 82, 825, 824, 1150, +- +- 82, 85, 82, 823, 1148, 82, 85, 82, 1149, 82, +- 85, 82, 1170, 1215, 822, 821, 1171, 82, 85, 82, +- 82, 85, 82, 1172, 82, 85, 82, 820, 1191, 1190, +- 82, 85, 82, 1205, 819, 818, 1206, 82, 85, 82, +- 817, 1214, 816, 1222, 82, 85, 82, 82, 85, 82, +- 815, 1221, 814, 787, 786, 785, 784, 783, 782, 781, +- 780, 1228, 779, 778, 777, 776, 1226, 775, 774, 773, +- 772, 771, 770, 769, 1230, 1232, 768, 767, 766, 765, +- 764, 763, 762, 761, 760, 759, 752, 751, 750, 749, +- 748, 747, 746, 1233, 45, 45, 45, 45, 49, 49, +- +- 49, 49, 75, 75, 75, 75, 78, 78, 78, 78, +- 85, 85, 94, 94, 182, 745, 182, 182, 744, 743, +- 713, 712, 711, 710, 709, 708, 707, 706, 705, 704, +- 703, 702, 701, 700, 699, 698, 697, 694, 693, 692, ++ 24, 23, 25, 26, 23, 27, 23, 23, 23, 23, ++ 23, 23, 23, 12, 23, 23, 28, 29, 30, 31, ++ 32, 23, 23, 33, 23, 34, 23, 35, 36, 37, ++ 23, 38, 39, 40, 41, 42, 23, 23, 23, 43, ++ 44, 48, 47, 51, 45, 49, 51, 72, 78, 351, ++ 52, 73, 75, 52, 53, 81, 76, 88, 74, 81, ++ 82, 89, 83, 83, 84, 87, 84, 352, 54, 84, ++ ++ 85, 84, 86, 86, 182, 182, 84, 87, 84, 84, ++ 87, 84, 55, 84, 87, 84, 130, 79, 150, 232, ++ 131, 56, 151, 57, 58, 1146, 59, 60, 233, 61, ++ 62, 63, 97, 64, 65, 66, 67, 68, 69, 70, ++ 71, 90, 255, 83, 83, 1152, 99, 84, 87, 84, ++ 91, 92, 84, 87, 84, 78, 256, 93, 84, 87, ++ 84, 100, 84, 87, 84, 98, 93, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 189, 189, 91, 92, ++ 84, 87, 84, 84, 93, 84, 84, 87, 84, 84, ++ 87, 84, 93, 1153, 79, 94, 84, 87, 84, 101, ++ ++ 84, 87, 84, 102, 108, 105, 103, 176, 84, 104, ++ 84, 177, 109, 106, 110, 84, 87, 84, 230, 111, ++ 113, 336, 107, 84, 87, 84, 1154, 112, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 114, 337, 179, ++ 234, 117, 118, 180, 119, 115, 81, 231, 116, 235, ++ 81, 120, 547, 121, 281, 322, 122, 84, 87, 84, ++ 84, 87, 84, 235, 123, 548, 323, 128, 154, 125, ++ 126, 124, 84, 87, 84, 127, 132, 133, 134, 135, ++ 136, 137, 138, 139, 140, 130, 1155, 141, 142, 131, ++ 143, 144, 1156, 145, 146, 147, 148, 149, 84, 87, ++ ++ 84, 84, 87, 84, 156, 226, 155, 84, 87, 84, ++ 158, 1157, 84, 87, 84, 84, 87, 84, 238, 105, ++ 227, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 936, 331, 157, 84, 87, 84, 228, 937, 161, 102, ++ 236, 108, 103, 332, 237, 104, 333, 111, 239, 109, ++ 160, 110, 150, 162, 159, 163, 151, 345, 165, 84, ++ 87, 84, 346, 164, 84, 87, 84, 1158, 112, 84, ++ 87, 84, 84, 183, 84, 166, 167, 84, 87, 84, ++ 245, 84, 115, 84, 246, 116, 84, 87, 84, 168, ++ 188, 188, 176, 247, 189, 189, 177, 169, 84, 87, ++ ++ 84, 84, 170, 84, 545, 117, 171, 121, 119, 546, ++ 122, 172, 187, 187, 805, 120, 806, 179, 123, 91, ++ 92, 180, 638, 125, 175, 173, 639, 174, 126, 84, ++ 87, 84, 84, 127, 84, 86, 86, 1159, 241, 84, ++ 87, 84, 184, 185, 242, 243, 191, 91, 92, 84, ++ 87, 84, 1160, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 908, 909, ++ 184, 185, 192, 193, 194, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 196, 1161, 1162, 197, 84, 87, 84, ++ ++ 84, 87, 84, 195, 84, 87, 84, 84, 87, 84, ++ 1163, 198, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 199, 202, 201, ++ 200, 1164, 1165, 203, 84, 87, 84, 204, 354, 84, ++ 87, 84, 84, 87, 84, 208, 206, 355, 205, 207, ++ 211, 84, 87, 84, 209, 710, 84, 87, 84, 210, ++ 711, 213, 84, 87, 84, 212, 325, 326, 216, 327, ++ 1166, 215, 84, 87, 84, 84, 87, 84, 214, 84, ++ 87, 84, 1167, 217, 218, 249, 422, 250, 770, 423, ++ 251, 219, 252, 84, 87, 84, 84, 87, 84, 84, ++ ++ 87, 84, 771, 220, 221, 84, 87, 84, 84, 87, ++ 84, 1168, 222, 84, 87, 84, 1169, 224, 1170, 1171, ++ 225, 223, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 260, 84, 87, ++ 84, 1172, 1177, 262, 84, 87, 84, 264, 261, 263, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 265, 84, 87, 84, 84, 87, 84, 1178, ++ 269, 1179, 1180, 266, 84, 87, 84, 268, 84, 87, ++ 84, 1181, 208, 270, 267, 1182, 273, 272, 84, 87, ++ 84, 182, 182, 450, 1183, 271, 1184, 451, 91, 92, ++ ++ 452, 274, 1185, 276, 188, 282, 1186, 84, 283, 283, ++ 275, 277, 1188, 189, 189, 1189, 279, 187, 187, 1187, ++ 214, 92, 278, 1190, 91, 92, 91, 92, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 280, 84, 87, ++ 84, 84, 87, 84, 1191, 284, 1192, 1193, 286, 92, ++ 1194, 287, 91, 92, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 1195, ++ 1199, 288, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 285, 84, 87, 84, 289, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 293, 84, ++ ++ 87, 84, 1200, 290, 84, 87, 84, 291, 1201, 1202, ++ 292, 294, 297, 84, 87, 84, 295, 84, 87, 84, ++ 298, 84, 87, 84, 1203, 296, 84, 87, 84, 299, ++ 300, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 1204, 301, 84, 87, 84, 84, 87, ++ 84, 1205, 302, 1206, 1207, 303, 1208, 304, 84, 87, ++ 84, 84, 87, 84, 307, 1209, 305, 306, 84, 87, ++ 84, 84, 87, 84, 1210, 84, 87, 84, 84, 87, ++ 84, 341, 308, 1211, 1212, 309, 313, 342, 311, 310, ++ 1213, 1214, 312, 1215, 1218, 343, 314, 84, 87, 84, ++ ++ 84, 87, 84, 315, 84, 87, 84, 1219, 317, 318, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 316, ++ 84, 87, 84, 84, 87, 84, 1220, 1221, 363, 84, ++ 87, 84, 1222, 365, 1223, 364, 1224, 84, 87, 84, ++ 84, 87, 84, 1225, 367, 84, 87, 84, 366, 84, ++ 87, 84, 1226, 84, 87, 84, 1227, 1228, 368, 84, ++ 87, 84, 1229, 370, 84, 87, 84, 371, 84, 87, ++ 84, 84, 87, 84, 369, 372, 1230, 851, 84, 87, ++ 84, 852, 373, 374, 84, 87, 84, 84, 1233, 84, ++ 283, 283, 84, 853, 84, 283, 283, 1234, 1235, 375, ++ ++ 376, 1236, 1237, 185, 1238, 1239, 378, 1242, 1243, 379, ++ 377, 380, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 1244, 1245, 84, 87, 84, 1246, ++ 384, 185, 386, 1249, 381, 84, 87, 84, 84, 87, ++ 84, 385, 84, 87, 84, 1250, 1251, 387, 388, 389, ++ 390, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 1253, 84, 87, 84, 1255, 383, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 1257, 190, 391, 84, 87, 84, 1145, 1144, 393, 84, ++ ++ 87, 84, 392, 394, 395, 84, 87, 84, 84, 87, ++ 84, 1143, 1142, 396, 1141, 399, 1140, 1139, 400, 84, ++ 87, 84, 1138, 397, 1137, 401, 1136, 1135, 398, 84, ++ 87, 84, 84, 87, 84, 402, 84, 87, 84, 404, ++ 1134, 406, 1133, 405, 84, 87, 84, 84, 87, 84, ++ 403, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 1132, 1131, 409, 407, ++ 1130, 408, 84, 87, 84, 84, 87, 84, 772, 773, ++ 410, 84, 87, 84, 84, 87, 84, 774, 412, 84, ++ 87, 84, 1129, 775, 413, 84, 87, 84, 411, 84, ++ ++ 87, 84, 84, 87, 84, 84, 87, 84, 1128, 414, ++ 460, 1127, 415, 84, 87, 84, 1126, 462, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 1125, 1124, 464, ++ 461, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 1123, 463, 84, 87, 84, 1122, 465, 84, 87, 84, ++ 1121, 467, 1120, 1112, 466, 84, 87, 84, 84, 87, ++ 84, 1111, 1110, 398, 1109, 468, 1108, 1107, 472, 1106, ++ 469, 1105, 405, 1104, 470, 84, 87, 84, 1103, 412, ++ 1102, 474, 1101, 1100, 471, 1099, 1098, 473, 84, 87, ++ 84, 475, 1097, 1096, 478, 1095, 1094, 476, 1093, 1092, ++ ++ 477, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 479, 84, 87, 84, 84, 87, 84, ++ 480, 84, 87, 84, 84, 87, 84, 482, 484, 1091, ++ 1090, 485, 1089, 1088, 481, 84, 87, 84, 486, 483, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 1087, 487, 84, 87, 84, 84, 87, 84, 1086, ++ 1085, 488, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 1084, 492, 1075, 1074, 489, 1073, 493, ++ ++ 84, 87, 84, 490, 1072, 1071, 491, 84, 87, 84, ++ 1070, 1069, 495, 84, 87, 84, 494, 84, 87, 84, ++ 497, 84, 87, 84, 499, 84, 87, 84, 1068, 496, ++ 84, 87, 84, 84, 87, 84, 1067, 1066, 498, 1065, ++ 84, 87, 84, 1064, 1063, 500, 84, 87, 84, 1062, ++ 1061, 502, 1060, 1059, 503, 84, 87, 84, 1058, 501, ++ 84, 87, 84, 1057, 550, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 1056, 1055, 84, ++ 87, 84, 1054, 551, 552, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 555, 1053, 1052, 553, 1051, 84, ++ ++ 87, 84, 1050, 1049, 554, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 557, 556, 558, 559, 84, 87, ++ 84, 84, 87, 84, 566, 84, 87, 84, 1048, 494, ++ 1047, 1046, 569, 570, 571, 567, 560, 1045, 1044, 561, ++ 562, 563, 572, 1034, 1033, 573, 84, 87, 84, 574, ++ 575, 568, 564, 576, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 1032, 1031, 565, 84, 87, 84, 578, ++ 84, 87, 84, 1030, 577, 84, 87, 84, 1029, 1028, ++ 579, 84, 87, 84, 580, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 582, 1027, 581, 84, 87, ++ 84, 84, 87, 84, 594, 595, 584, 84, 87, 84, ++ 1026, 1025, 583, 84, 87, 84, 84, 87, 84, 1024, ++ 596, 597, 585, 1023, 1022, 598, 1021, 586, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 588, 1020, 589, ++ 84, 87, 84, 587, 84, 87, 84, 84, 87, 84, ++ 1019, 590, 84, 87, 84, 84, 87, 84, 643, 84, ++ 87, 84, 1018, 1017, 591, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 646, 1016, 1015, ++ ++ 644, 1014, 645, 1013, 647, 648, 649, 84, 87, 84, ++ 1012, 1011, 651, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 653, 84, 87, 84, 84, 87, 84, 1010, ++ 1009, 654, 650, 658, 84, 87, 84, 652, 1008, 655, ++ 661, 84, 87, 84, 84, 87, 84, 659, 84, 87, ++ 84, 657, 660, 656, 1007, 662, 1006, 1005, 663, 84, ++ 87, 84, 84, 87, 84, 665, 664, 84, 87, 84, ++ 84, 87, 84, 1004, 84, 87, 84, 669, 84, 87, ++ 84, 1003, 668, 84, 87, 84, 1002, 1001, 666, 84, ++ 87, 84, 667, 670, 84, 87, 84, 84, 87, 84, ++ ++ 84, 87, 84, 671, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 989, 672, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 674, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 673, 988, 676, 84, 87, 84, 675, 987, 677, 84, ++ 87, 84, 84, 87, 84, 678, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 986, 985, 731, 984, 983, ++ 732, 84, 87, 84, 84, 87, 84, 729, 982, 730, ++ 981, 733, 84, 87, 84, 980, 979, 734, 84, 87, ++ 84, 84, 87, 84, 736, 978, 735, 84, 87, 84, ++ ++ 84, 87, 84, 737, 84, 87, 84, 84, 87, 84, ++ 977, 738, 84, 87, 84, 743, 739, 744, 745, 976, ++ 747, 746, 975, 974, 741, 973, 740, 84, 87, 84, ++ 742, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 749, 972, 750, 971, ++ 970, 748, 969, 753, 84, 87, 84, 968, 751, 967, ++ 966, 752, 84, 87, 84, 84, 87, 84, 755, 754, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 965, ++ 757, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 964, 963, 756, 84, ++ ++ 87, 84, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 758, 84, 87, 84, 84, 87, ++ 84, 759, 84, 87, 84, 84, 87, 84, 962, 809, ++ 961, 807, 84, 87, 84, 960, 959, 808, 958, 810, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 957, ++ 956, 811, 84, 87, 84, 84, 87, 84, 955, 954, ++ 812, 938, 935, 813, 934, 84, 87, 84, 933, 84, ++ 87, 84, 84, 87, 84, 818, 819, 84, 87, 84, ++ 814, 84, 87, 84, 932, 815, 820, 931, 84, 87, ++ 84, 84, 87, 84, 816, 930, 929, 817, 823, 824, ++ ++ 928, 927, 821, 84, 87, 84, 822, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 926, 826, 827, 925, ++ 825, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 924, 923, 830, 831, 84, 87, 84, 922, 829, 84, ++ 87, 84, 84, 87, 84, 921, 828, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 920, ++ 832, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 919, 918, 877, 84, 87, 84, 84, 87, 84, 917, ++ 916, 84, 87, 84, 84, 87, 84, 915, 914, 879, ++ 882, 878, 913, 912, 886, 84, 87, 84, 911, 880, ++ ++ 910, 887, 907, 906, 881, 883, 885, 84, 87, 84, ++ 905, 884, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 904, 903, 888, 84, 87, 84, 902, 889, 84, ++ 87, 84, 901, 900, 890, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 899, 898, 892, 893, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 891, 84, 87, 84, 897, 895, 876, 875, 894, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 874, 896, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 873, 872, 940, 871, 84, 87, 84, 84, ++ ++ 87, 84, 84, 87, 84, 939, 948, 870, 943, 84, ++ 87, 84, 942, 84, 87, 84, 869, 944, 941, 947, ++ 84, 87, 84, 946, 84, 87, 84, 949, 868, 945, ++ 867, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 866, 950, 951, 84, 87, 84, 84, ++ 87, 84, 865, 952, 84, 87, 84, 84, 87, 84, ++ 864, 953, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 863, 84, 87, 84, 84, 87, 84, ++ 862, 991, 861, 860, 998, 84, 87, 84, 994, 84, ++ ++ 87, 84, 990, 999, 997, 992, 859, 995, 858, 993, ++ 857, 1000, 84, 87, 84, 84, 87, 84, 856, 996, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 855, 1035, 854, 850, 1043, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 1036, 84, 87, 84, 1041, 849, 848, 1038, 1042, ++ 1039, 847, 1037, 846, 845, 1040, 84, 87, 84, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 844, 843, ++ 1076, 842, 1078, 84, 87, 84, 841, 1077, 840, 839, ++ ++ 1079, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 838, 84, 87, 84, 1080, 84, 87, 84, 837, 1081, ++ 84, 87, 84, 836, 84, 87, 84, 835, 1082, 84, ++ 87, 84, 834, 1083, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 1117, ++ 1148, 1115, 84, 87, 84, 1114, 1113, 1116, 1118, 84, ++ 87, 84, 84, 87, 84, 84, 87, 84, 833, 804, ++ 1147, 1119, 84, 87, 84, 84, 87, 84, 84, 87, ++ 84, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 803, 802, 1150, 801, 1149, 800, 799, 1151, 798, 797, ++ ++ 1173, 84, 87, 84, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 796, 1174, 795, 1176, 84, 87, 84, ++ 794, 793, 1175, 84, 87, 84, 84, 87, 84, 1196, ++ 84, 87, 84, 1197, 84, 87, 84, 84, 87, 84, ++ 84, 87, 84, 1241, 84, 87, 84, 84, 87, 84, ++ 792, 1198, 791, 790, 1217, 1216, 84, 87, 84, 1231, ++ 84, 87, 84, 84, 87, 84, 84, 87, 84, 789, ++ 788, 1248, 1232, 1240, 787, 786, 785, 784, 783, 782, ++ 1247, 781, 780, 779, 1254, 778, 777, 776, 769, 768, ++ 1252, 767, 766, 765, 764, 763, 762, 761, 1258, 760, ++ ++ 1256, 728, 727, 726, 725, 724, 723, 722, 721, 720, ++ 719, 718, 1259, 46, 46, 46, 46, 50, 50, 50, ++ 50, 77, 77, 77, 77, 80, 80, 80, 80, 87, ++ 87, 96, 96, 186, 717, 186, 186, 716, 715, 714, ++ 713, 712, 709, 708, 707, 706, 705, 704, 703, 702, ++ 701, 700, 699, 698, 697, 696, 695, 694, 693, 692, + 691, 690, 689, 688, 687, 686, 685, 684, 683, 682, +- 681, 680, 679, 678, 677, 676, 675, 674, 673, 672, +- 671, 670, 669, 668, 667, 666, 665, 664, 629, 628, +- 627, 624, 623, 622, 621, 620, 619, 618, 617, 616, +- 615, 614, 613, 612, 611, 610, 609, 608, 607, 606, +- 605, 604, 603, 602, 601, 600, 599, 598, 597, 596, +- +- 595, 594, 593, 592, 591, 590, 589, 588, 587, 586, +- 580, 579, 538, 533, 532, 531, 530, 529, 528, 527, +- 526, 525, 524, 523, 522, 521, 520, 519, 518, 517, +- 516, 515, 514, 513, 512, 511, 510, 509, 508, 507, +- 506, 505, 504, 503, 502, 501, 500, 499, 498, 497, +- 496, 495, 494, 493, 450, 449, 448, 447, 446, 445, +- 444, 440, 439, 438, 437, 436, 435, 434, 433, 432, +- 431, 430, 429, 428, 427, 426, 425, 424, 423, 422, +- 421, 420, 419, 418, 417, 416, 415, 412, 411, 410, +- 409, 408, 407, 374, 355, 354, 353, 352, 351, 350, +- +- 349, 346, 343, 342, 341, 340, 337, 333, 332, 331, +- 328, 327, 323, 322, 321, 317, 314, 313, 312, 177, +- 230, 174, 254, 149, 253, 252, 249, 248, 243, 239, +- 235, 224, 1234, 1234, 177, 174, 150, 149, 126, 93, +- 1234, 1234, 72, 46, 11, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, ++ 681, 680, 679, 642, 641, 640, 637, 636, 635, 634, ++ 633, 632, 631, 630, 629, 628, 627, 626, 625, 624, ++ 623, 622, 621, 620, 619, 618, 617, 616, 615, 614, ++ ++ 613, 612, 611, 610, 609, 608, 607, 606, 605, 604, ++ 603, 602, 601, 600, 599, 593, 592, 549, 544, 543, ++ 542, 541, 540, 539, 538, 537, 536, 535, 534, 533, ++ 532, 531, 530, 529, 528, 527, 526, 525, 524, 523, ++ 522, 521, 520, 519, 518, 517, 516, 515, 514, 513, ++ 512, 511, 510, 509, 508, 507, 506, 505, 504, 459, ++ 458, 457, 456, 455, 454, 453, 449, 448, 447, 446, ++ 445, 444, 443, 442, 441, 440, 439, 438, 437, 436, ++ 435, 434, 433, 432, 431, 430, 429, 428, 427, 426, ++ 425, 424, 421, 420, 419, 418, 417, 416, 382, 362, ++ ++ 361, 360, 359, 358, 357, 356, 353, 350, 349, 348, ++ 347, 344, 340, 339, 338, 335, 334, 330, 329, 328, ++ 324, 321, 320, 319, 181, 235, 178, 259, 152, 258, ++ 257, 254, 253, 248, 244, 240, 229, 1260, 1260, 181, ++ 178, 153, 152, 129, 95, 1260, 1260, 74, 47, 11, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, + +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234 ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260 + } ; + +-static yyconst flex_int16_t yy_chk[2916] = ++static const flex_int16_t yy_chk[3021] = + { 0, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +@@ -1169,320 +1177,331 @@ static yyconst flex_int16_t yy_chk[2916] + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, + 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 2, 4, 4, 5, 2, 4, 6, 8, 15, 245, ++ 2, 4, 4, 5, 2, 4, 6, 8, 15, 250, + 5, 8, 10, 6, 7, 16, 10, 19, 10, 16, +- 17, 19, 17, 17, 23, 23, 23, 245, 7, 18, ++ 17, 19, 17, 17, 23, 23, 23, 250, 7, 18, + +- 18, 18, 18, 18, 80, 80, 24, 24, 24, 25, +- 25, 25, 7, 132, 26, 26, 26, 15, 27, 27, +- 27, 7, 132, 7, 7, 75, 7, 7, 26, 7, +- 7, 7, 24, 7, 7, 1088, 7, 7, 7, 7, +- 7, 20, 25, 20, 20, 43, 28, 28, 28, 43, +- 20, 20, 29, 29, 29, 184, 184, 20, 30, 30, +- 30, 32, 32, 32, 75, 27, 20, 31, 31, 31, +- 33, 33, 33, 47, 34, 34, 34, 47, 20, 20, +- 35, 35, 35, 131, 20, 70, 82, 28, 82, 70, +- 28, 133, 20, 28, 1096, 20, 36, 36, 36, 29, +- +- 133, 31, 73, 85, 30, 85, 73, 32, 34, 31, +- 233, 31, 131, 30, 37, 37, 37, 33, 78, 38, +- 38, 38, 78, 39, 39, 39, 1097, 233, 35, 40, +- 40, 40, 144, 127, 41, 41, 41, 127, 53, 53, +- 53, 54, 54, 54, 135, 36, 144, 1098, 36, 55, +- 55, 55, 63, 63, 63, 37, 37, 38, 37, 1099, +- 38, 83, 83, 83, 177, 37, 825, 825, 38, 39, +- 41, 40, 53, 177, 135, 38, 40, 44, 44, 44, +- 44, 44, 44, 44, 44, 44, 63, 1100, 44, 44, +- 54, 44, 44, 55, 44, 44, 44, 44, 44, 56, +- +- 56, 56, 134, 57, 57, 57, 134, 59, 59, 59, +- 58, 58, 58, 1102, 60, 60, 60, 61, 61, 61, +- 224, 1103, 62, 62, 62, 64, 64, 64, 65, 65, +- 65, 224, 1104, 56, 66, 66, 66, 68, 68, 68, +- 56, 57, 1105, 56, 58, 59, 56, 94, 94, 94, +- 57, 60, 58, 129, 58, 61, 62, 58, 1106, 1109, +- 60, 67, 67, 67, 62, 240, 65, 147, 129, 62, +- 240, 147, 66, 64, 64, 66, 66, 179, 66, 179, +- 69, 69, 69, 68, 129, 66, 84, 68, 84, 84, +- 84, 172, 238, 88, 88, 172, 84, 84, 238, 67, +- +- 88, 88, 67, 67, 89, 89, 238, 175, 89, 89, +- 67, 175, 535, 95, 95, 95, 535, 67, 69, 96, +- 96, 96, 69, 319, 84, 84, 319, 69, 88, 88, +- 95, 97, 97, 97, 98, 98, 98, 99, 99, 99, +- 100, 100, 100, 96, 101, 101, 101, 102, 102, 102, +- 1110, 1111, 97, 103, 103, 103, 104, 104, 104, 105, +- 105, 105, 106, 106, 106, 107, 107, 107, 108, 108, +- 108, 99, 1112, 1113, 100, 109, 109, 109, 110, 110, +- 110, 98, 111, 111, 111, 112, 112, 112, 247, 1114, +- 101, 113, 113, 113, 114, 114, 114, 247, 1116, 102, +- +- 115, 115, 115, 105, 104, 103, 1117, 1118, 106, 116, +- 116, 116, 107, 117, 117, 117, 118, 118, 118, 108, +- 111, 109, 181, 110, 181, 1120, 113, 112, 119, 119, +- 119, 1121, 112, 120, 120, 120, 121, 121, 121, 137, +- 115, 114, 122, 122, 122, 137, 137, 117, 123, 123, +- 123, 124, 124, 124, 1126, 449, 116, 115, 125, 125, +- 125, 118, 117, 139, 141, 448, 141, 139, 449, 141, +- 448, 141, 151, 151, 151, 1127, 139, 119, 152, 152, +- 152, 153, 153, 153, 121, 120, 611, 154, 154, 154, +- 1128, 611, 122, 124, 155, 155, 155, 123, 1129, 125, +- +- 156, 156, 156, 157, 157, 157, 158, 158, 158, 159, +- 159, 159, 160, 160, 160, 675, 151, 161, 161, 161, +- 1130, 162, 162, 162, 1131, 153, 163, 163, 163, 675, +- 152, 154, 1132, 155, 164, 164, 164, 165, 165, 165, +- 166, 166, 166, 167, 167, 167, 169, 169, 169, 156, +- 168, 168, 168, 161, 157, 170, 170, 170, 160, 171, +- 171, 171, 178, 178, 163, 159, 162, 1133, 1134, 178, +- 178, 164, 187, 187, 187, 180, 180, 163, 180, 180, +- 180, 1137, 165, 167, 185, 185, 189, 189, 189, 187, +- 1138, 166, 185, 170, 169, 168, 1140, 178, 178, 713, +- +- 167, 713, 183, 183, 188, 188, 188, 1142, 171, 183, +- 183, 190, 190, 190, 191, 191, 191, 1143, 188, 189, +- 185, 188, 192, 192, 192, 193, 193, 193, 856, 194, +- 194, 194, 195, 195, 195, 856, 1144, 183, 183, 196, +- 196, 196, 197, 197, 197, 198, 198, 198, 199, 199, +- 199, 200, 200, 200, 1145, 190, 201, 201, 201, 202, +- 202, 202, 1146, 191, 194, 203, 203, 203, 204, 204, +- 204, 1151, 192, 226, 226, 193, 226, 195, 1135, 198, +- 1152, 1154, 199, 196, 205, 205, 205, 206, 206, 206, +- 1155, 1135, 197, 207, 207, 207, 201, 202, 208, 208, +- +- 208, 209, 209, 209, 210, 210, 210, 211, 211, 211, +- 212, 212, 212, 1156, 203, 213, 213, 213, 214, 214, +- 214, 204, 215, 215, 215, 1157, 216, 216, 216, 1158, +- 1160, 206, 217, 217, 217, 205, 218, 218, 218, 209, +- 1161, 230, 207, 1162, 208, 219, 219, 219, 1163, 220, +- 220, 220, 1164, 230, 1165, 210, 230, 761, 211, 1166, +- 215, 761, 212, 213, 216, 214, 255, 255, 255, 256, +- 256, 256, 1167, 761, 217, 257, 257, 257, 258, 258, +- 258, 1168, 219, 220, 259, 259, 259, 218, 260, 260, +- 260, 261, 261, 261, 262, 262, 262, 263, 263, 263, +- +- 264, 264, 264, 265, 265, 265, 1169, 256, 257, 266, +- 266, 266, 267, 267, 267, 1173, 255, 1174, 259, 268, +- 268, 268, 258, 269, 269, 269, 270, 270, 270, 271, +- 271, 271, 1175, 260, 274, 274, 274, 263, 264, 1176, +- 1178, 265, 272, 272, 272, 273, 273, 273, 262, 1179, +- 267, 266, 276, 1180, 276, 276, 276, 277, 1181, 277, +- 277, 277, 278, 278, 278, 1183, 268, 271, 277, 279, +- 279, 279, 270, 280, 280, 280, 1185, 1186, 273, 1187, +- 272, 279, 1189, 1194, 274, 281, 281, 281, 282, 282, +- 282, 281, 1197, 280, 1198, 1199, 277, 283, 283, 283, +- +- 284, 284, 284, 285, 285, 285, 281, 281, 281, 281, +- 1200, 286, 286, 286, 287, 287, 287, 288, 288, 288, +- 289, 289, 289, 290, 290, 290, 291, 291, 291, 292, +- 292, 292, 293, 293, 293, 294, 294, 294, 295, 295, +- 295, 296, 296, 296, 297, 297, 297, 298, 298, 298, +- 284, 299, 299, 299, 285, 286, 1201, 1202, 289, 288, +- 300, 300, 300, 301, 301, 301, 1208, 290, 1209, 294, +- 1210, 1212, 295, 302, 302, 302, 347, 291, 1213, 296, +- 347, 1217, 293, 347, 1218, 299, 297, 1219, 1224, 299, +- 303, 303, 303, 300, 304, 304, 304, 1227, 298, 305, +- +- 305, 305, 306, 306, 306, 307, 307, 307, 308, 308, +- 308, 1229, 1242, 301, 1087, 302, 309, 309, 309, 310, +- 310, 310, 311, 311, 311, 1086, 303, 356, 356, 356, +- 357, 357, 357, 358, 358, 358, 1085, 1083, 304, 359, +- 359, 359, 307, 360, 360, 360, 1082, 1081, 308, 361, +- 361, 361, 1080, 305, 362, 362, 362, 363, 363, 363, +- 364, 364, 364, 1079, 1077, 356, 1076, 1075, 309, 1074, +- 1073, 311, 359, 365, 365, 365, 1072, 366, 366, 366, +- 1071, 1070, 358, 361, 367, 367, 367, 368, 368, 368, +- 1069, 369, 369, 369, 1068, 360, 370, 370, 370, 1067, +- +- 1066, 362, 371, 371, 371, 1065, 364, 1064, 1063, 363, +- 372, 372, 372, 373, 373, 373, 375, 375, 375, 1062, +- 376, 376, 376, 365, 366, 369, 378, 378, 378, 369, +- 377, 377, 377, 367, 1061, 375, 380, 380, 380, 371, +- 368, 379, 379, 379, 372, 376, 370, 1060, 1052, 377, +- 381, 381, 381, 1051, 372, 373, 378, 382, 382, 382, +- 1050, 379, 1049, 1048, 381, 380, 1045, 381, 383, 383, +- 383, 384, 384, 384, 381, 385, 385, 385, 386, 386, +- 386, 387, 387, 387, 388, 388, 388, 389, 389, 389, +- 390, 390, 390, 391, 391, 391, 392, 392, 392, 1044, +- +- 393, 393, 393, 394, 394, 394, 395, 395, 395, 384, +- 1043, 385, 396, 396, 396, 397, 397, 397, 398, 398, +- 398, 399, 399, 399, 400, 400, 400, 401, 401, 401, +- 1042, 1041, 392, 677, 677, 389, 393, 402, 402, 402, +- 1039, 390, 677, 1038, 391, 403, 403, 403, 677, 396, +- 395, 404, 404, 404, 405, 405, 405, 399, 406, 406, +- 406, 401, 451, 451, 451, 1037, 397, 452, 452, 452, +- 453, 453, 453, 1036, 1035, 400, 1034, 454, 454, 454, +- 455, 455, 455, 403, 456, 456, 456, 1033, 405, 1032, +- 1031, 406, 457, 457, 457, 1030, 1029, 404, 458, 458, +- +- 458, 452, 1028, 459, 459, 459, 460, 460, 460, 461, +- 461, 461, 462, 462, 462, 463, 463, 463, 1027, 1026, +- 453, 454, 464, 464, 464, 1025, 457, 465, 465, 465, +- 1024, 455, 1023, 456, 466, 466, 466, 467, 467, 467, +- 468, 468, 468, 467, 469, 469, 469, 461, 458, 459, +- 471, 471, 471, 470, 470, 470, 462, 471, 1022, 1021, +- 470, 470, 470, 462, 468, 1012, 463, 1011, 1010, 465, +- 470, 464, 1009, 470, 469, 1007, 1006, 470, 470, 1005, +- 1004, 466, 472, 472, 472, 473, 473, 473, 474, 474, +- 474, 475, 475, 475, 476, 476, 476, 473, 477, 477, +- +- 477, 1003, 472, 1002, 1001, 475, 999, 998, 474, 478, +- 478, 478, 479, 479, 479, 480, 480, 480, 481, 481, +- 481, 482, 482, 482, 483, 483, 483, 484, 484, 484, +- 485, 485, 485, 486, 486, 486, 487, 487, 487, 997, +- 477, 996, 995, 478, 488, 488, 488, 489, 489, 489, +- 490, 490, 490, 480, 491, 491, 491, 994, 993, 479, +- 492, 492, 492, 495, 495, 539, 539, 539, 992, 481, +- 540, 540, 540, 991, 483, 541, 541, 541, 990, 495, +- 495, 542, 542, 542, 495, 989, 489, 988, 490, 987, +- 543, 543, 543, 986, 985, 488, 984, 983, 491, 544, +- +- 544, 544, 545, 545, 545, 982, 981, 539, 546, 546, +- 546, 492, 547, 547, 547, 548, 548, 548, 549, 549, +- 549, 980, 540, 550, 550, 550, 541, 543, 551, 551, +- 551, 552, 552, 552, 553, 553, 553, 979, 968, 544, +- 545, 967, 546, 966, 965, 547, 554, 554, 554, 964, +- 963, 553, 549, 962, 555, 555, 555, 556, 556, 556, +- 557, 557, 557, 550, 961, 960, 557, 548, 558, 558, +- 558, 959, 958, 551, 559, 559, 559, 552, 555, 560, +- 560, 560, 558, 556, 957, 956, 560, 955, 559, 561, +- 561, 561, 562, 562, 562, 563, 563, 563, 564, 564, +- +- 564, 565, 565, 565, 954, 564, 561, 566, 566, 566, +- 563, 567, 567, 567, 568, 568, 568, 953, 562, 951, +- 565, 950, 562, 569, 569, 569, 570, 570, 570, 571, +- 571, 571, 566, 572, 572, 572, 573, 573, 573, 574, +- 574, 574, 567, 575, 575, 575, 576, 576, 576, 577, +- 577, 577, 578, 578, 578, 630, 630, 630, 949, 569, +- 631, 631, 631, 947, 946, 568, 632, 632, 632, 945, +- 944, 572, 634, 634, 634, 570, 943, 574, 633, 633, +- 633, 942, 941, 576, 635, 635, 635, 636, 636, 636, +- 637, 637, 637, 638, 638, 638, 639, 639, 639, 632, +- +- 640, 640, 640, 940, 939, 630, 938, 937, 631, 936, +- 634, 633, 641, 641, 641, 642, 642, 642, 935, 643, +- 643, 643, 635, 644, 644, 644, 645, 645, 645, 934, +- 933, 636, 918, 917, 637, 916, 915, 645, 914, 913, +- 644, 639, 638, 643, 646, 646, 646, 647, 647, 647, +- 912, 911, 640, 910, 641, 647, 648, 648, 648, 909, +- 907, 646, 649, 649, 649, 650, 650, 650, 651, 651, +- 651, 652, 652, 652, 653, 653, 653, 649, 906, 650, +- 648, 654, 654, 654, 653, 655, 655, 655, 902, 651, +- 901, 655, 652, 656, 656, 656, 654, 657, 657, 657, +- +- 658, 658, 658, 659, 659, 659, 900, 657, 660, 660, +- 660, 661, 661, 661, 662, 662, 662, 663, 663, 663, +- 714, 714, 714, 715, 715, 715, 656, 716, 716, 716, +- 717, 717, 717, 718, 718, 718, 719, 719, 719, 899, +- 898, 659, 720, 720, 720, 721, 721, 721, 661, 722, +- 722, 722, 897, 896, 716, 723, 723, 723, 714, 895, +- 894, 715, 893, 892, 717, 724, 724, 724, 725, 725, +- 725, 726, 726, 726, 727, 727, 727, 728, 728, 728, +- 729, 729, 729, 721, 730, 730, 730, 722, 728, 731, +- 731, 731, 891, 890, 727, 889, 888, 729, 732, 732, +- +- 732, 887, 886, 723, 733, 733, 733, 885, 732, 730, +- 724, 884, 733, 883, 731, 734, 734, 734, 882, 725, +- 735, 735, 735, 736, 736, 736, 737, 737, 737, 881, +- 735, 736, 734, 738, 738, 738, 739, 739, 739, 740, +- 740, 740, 880, 879, 739, 739, 741, 741, 741, 857, +- 738, 742, 742, 742, 790, 790, 790, 855, 854, 737, +- 791, 791, 791, 792, 792, 792, 793, 793, 793, 794, +- 794, 794, 740, 795, 795, 795, 796, 796, 796, 797, +- 797, 797, 798, 798, 798, 853, 851, 790, 799, 799, +- 799, 800, 800, 800, 801, 801, 801, 802, 802, 802, +- +- 801, 800, 850, 794, 849, 792, 803, 803, 803, 791, +- 804, 804, 804, 799, 848, 793, 846, 797, 804, 845, +- 798, 805, 805, 805, 806, 806, 806, 807, 807, 807, +- 844, 805, 843, 842, 806, 808, 808, 808, 809, 809, +- 809, 810, 810, 810, 841, 840, 809, 809, 811, 811, +- 811, 812, 812, 812, 813, 813, 813, 858, 858, 858, +- 808, 859, 859, 859, 839, 812, 838, 837, 811, 860, +- 860, 860, 861, 861, 861, 836, 862, 862, 862, 813, +- 863, 863, 863, 864, 864, 864, 865, 865, 865, 835, +- 834, 866, 866, 866, 859, 867, 867, 867, 868, 868, +- +- 868, 833, 867, 832, 829, 858, 869, 869, 869, 870, +- 870, 870, 861, 862, 866, 871, 871, 871, 860, 828, +- 864, 827, 826, 868, 824, 823, 863, 872, 872, 872, +- 873, 873, 873, 874, 874, 874, 875, 875, 875, 876, +- 876, 876, 822, 821, 873, 820, 819, 872, 919, 919, +- 919, 818, 874, 920, 920, 920, 921, 921, 921, 817, +- 875, 922, 922, 922, 923, 923, 923, 924, 924, 924, +- 925, 925, 925, 926, 926, 926, 927, 927, 927, 928, +- 928, 928, 929, 929, 929, 930, 930, 930, 931, 931, +- 931, 816, 815, 927, 814, 920, 932, 932, 932, 789, +- +- 788, 929, 787, 925, 919, 785, 923, 921, 784, 930, +- 969, 969, 969, 922, 970, 970, 970, 781, 924, 971, +- 971, 971, 972, 972, 972, 779, 973, 973, 973, 974, +- 974, 974, 975, 975, 975, 976, 976, 976, 977, 977, +- 977, 778, 777, 969, 776, 976, 978, 978, 978, 1013, +- 1013, 1013, 1014, 1014, 1014, 1015, 1015, 1015, 775, 774, +- 970, 773, 974, 1016, 1016, 1016, 975, 972, 1017, 1017, +- 1017, 971, 973, 1018, 1018, 1018, 1019, 1019, 1019, 1020, +- 1020, 1020, 1053, 1053, 1053, 772, 771, 1013, 770, 1015, +- 1054, 1054, 1054, 769, 1014, 1055, 1055, 1055, 1056, 1056, +- +- 1056, 1016, 1057, 1057, 1057, 1059, 1059, 1059, 1017, 1058, +- 1058, 1058, 1089, 1089, 1089, 1090, 1090, 1090, 767, 1018, +- 1091, 1091, 1091, 766, 1019, 1092, 1092, 1092, 765, 764, +- 1091, 763, 1093, 1093, 1093, 762, 760, 1053, 759, 1055, +- 758, 1054, 757, 1058, 1056, 756, 755, 1059, 1089, 1094, +- 1094, 1094, 1122, 1122, 1122, 1123, 1123, 1123, 1124, 1124, +- 1124, 1125, 1125, 1125, 1147, 1147, 1147, 1148, 1148, 1148, +- 1149, 1149, 1149, 1150, 1150, 1150, 1092, 1093, 1170, 1170, +- 1170, 1171, 1171, 1171, 1172, 1172, 1172, 1191, 1191, 1191, +- 1122, 1190, 1190, 1190, 1205, 1205, 1205, 754, 753, 1125, +- +- 1206, 1206, 1206, 752, 1123, 1214, 1214, 1214, 1124, 1215, +- 1215, 1215, 1147, 1206, 751, 750, 1148, 1221, 1221, 1221, +- 1222, 1222, 1222, 1150, 1226, 1226, 1226, 749, 1171, 1170, +- 1228, 1228, 1228, 1190, 748, 747, 1191, 1230, 1230, 1230, +- 746, 1205, 745, 1215, 1232, 1232, 1232, 1233, 1233, 1233, +- 744, 1214, 743, 712, 711, 710, 709, 708, 707, 705, +- 704, 1226, 703, 702, 701, 700, 1222, 699, 698, 697, +- 696, 695, 694, 693, 1228, 1230, 692, 690, 689, 687, +- 685, 684, 683, 680, 679, 678, 674, 673, 671, 670, +- 669, 668, 667, 1232, 1235, 1235, 1235, 1235, 1236, 1236, +- +- 1236, 1236, 1237, 1237, 1237, 1237, 1238, 1238, 1238, 1238, +- 1239, 1239, 1240, 1240, 1241, 666, 1241, 1241, 665, 664, +- 629, 628, 627, 626, 625, 624, 623, 622, 621, 620, +- 619, 618, 617, 616, 614, 613, 612, 610, 609, 608, +- 607, 606, 605, 604, 602, 601, 600, 599, 598, 597, +- 596, 595, 594, 593, 592, 591, 590, 589, 588, 587, +- 586, 585, 584, 583, 582, 581, 580, 579, 538, 537, +- 536, 534, 533, 532, 531, 530, 529, 528, 527, 526, +- 525, 524, 523, 522, 521, 520, 519, 518, 517, 516, +- 515, 514, 513, 512, 511, 510, 509, 508, 507, 506, +- +- 505, 504, 503, 502, 501, 500, 499, 498, 497, 496, +- 494, 493, 450, 447, 446, 445, 444, 443, 442, 441, +- 440, 439, 438, 437, 436, 435, 434, 433, 432, 431, +- 430, 429, 428, 427, 426, 425, 424, 423, 422, 421, +- 420, 419, 418, 417, 416, 415, 414, 413, 412, 411, +- 410, 409, 408, 407, 354, 353, 352, 351, 350, 349, +- 348, 346, 345, 344, 343, 342, 341, 340, 339, 338, +- 337, 336, 335, 334, 333, 332, 331, 330, 329, 328, +- 327, 326, 325, 324, 322, 321, 320, 318, 317, 316, +- 315, 314, 313, 275, 254, 253, 252, 251, 250, 249, +- +- 248, 246, 244, 243, 242, 241, 239, 237, 235, 234, +- 232, 231, 229, 228, 227, 225, 223, 222, 221, 176, +- 174, 173, 149, 148, 146, 145, 143, 142, 140, 138, +- 136, 130, 81, 77, 74, 71, 51, 48, 42, 22, +- 21, 11, 9, 3, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, ++ 18, 18, 18, 18, 82, 82, 24, 24, 24, 25, ++ 25, 25, 7, 26, 26, 26, 44, 15, 48, 135, ++ 44, 7, 48, 7, 7, 1112, 7, 7, 135, 7, ++ 7, 7, 24, 7, 7, 7, 7, 7, 7, 7, ++ 7, 20, 147, 20, 20, 1121, 26, 27, 27, 27, ++ 20, 20, 28, 28, 28, 77, 147, 20, 30, 30, ++ 30, 27, 29, 29, 29, 25, 20, 31, 31, 31, ++ 32, 32, 32, 33, 33, 33, 188, 188, 20, 20, ++ 34, 34, 34, 84, 20, 84, 35, 35, 35, 36, ++ 36, 36, 20, 1122, 77, 20, 37, 37, 37, 28, ++ ++ 38, 38, 38, 29, 32, 30, 29, 72, 87, 29, ++ 87, 72, 32, 31, 32, 39, 39, 39, 134, 33, ++ 35, 238, 31, 40, 40, 40, 1123, 34, 41, 41, ++ 41, 42, 42, 42, 54, 54, 54, 36, 238, 75, ++ 136, 38, 38, 75, 38, 37, 80, 134, 37, 136, ++ 80, 38, 458, 39, 181, 229, 39, 55, 55, 55, ++ 56, 56, 56, 181, 39, 458, 229, 42, 54, 40, ++ 41, 39, 58, 58, 58, 41, 45, 45, 45, 45, ++ 45, 45, 45, 45, 45, 130, 1124, 45, 45, 130, ++ 45, 45, 1125, 45, 45, 45, 45, 45, 57, 57, ++ ++ 57, 61, 61, 61, 56, 132, 55, 59, 59, 59, ++ 58, 1127, 60, 60, 60, 62, 62, 62, 138, 58, ++ 132, 63, 63, 63, 64, 64, 64, 65, 65, 65, ++ 875, 235, 57, 66, 66, 66, 132, 875, 61, 57, ++ 137, 59, 57, 235, 137, 57, 235, 61, 138, 59, ++ 60, 59, 150, 62, 59, 63, 150, 245, 64, 67, ++ 67, 67, 245, 63, 68, 68, 68, 1128, 63, 69, ++ 69, 69, 85, 85, 85, 65, 65, 70, 70, 70, ++ 142, 183, 66, 183, 142, 66, 71, 71, 71, 66, ++ 91, 91, 176, 142, 91, 91, 176, 67, 96, 96, ++ ++ 96, 185, 68, 185, 457, 68, 68, 69, 68, 457, ++ 69, 69, 90, 90, 728, 68, 728, 179, 69, 90, ++ 90, 179, 546, 70, 71, 69, 546, 70, 71, 97, ++ 97, 97, 86, 71, 86, 86, 86, 1129, 140, 98, ++ 98, 98, 86, 86, 140, 140, 97, 90, 90, 99, ++ 99, 99, 1130, 100, 100, 100, 101, 101, 101, 102, ++ 102, 102, 103, 103, 103, 104, 104, 104, 844, 844, ++ 86, 86, 98, 99, 100, 105, 105, 105, 106, 106, ++ 106, 107, 107, 107, 108, 108, 108, 109, 109, 109, ++ 110, 110, 110, 102, 1131, 1134, 103, 111, 111, 111, ++ ++ 112, 112, 112, 101, 113, 113, 113, 114, 114, 114, ++ 1135, 104, 115, 115, 115, 116, 116, 116, 117, 117, ++ 117, 118, 118, 118, 119, 119, 119, 105, 108, 107, ++ 106, 1136, 1137, 109, 120, 120, 120, 110, 252, 121, ++ 121, 121, 122, 122, 122, 114, 112, 252, 111, 113, ++ 116, 123, 123, 123, 115, 624, 124, 124, 124, 115, ++ 624, 118, 125, 125, 125, 117, 231, 231, 120, 231, ++ 1138, 119, 126, 126, 126, 127, 127, 127, 118, 128, ++ 128, 128, 1139, 120, 121, 144, 326, 144, 690, 326, ++ 144, 122, 144, 154, 154, 154, 155, 155, 155, 156, ++ ++ 156, 156, 690, 123, 124, 157, 157, 157, 158, 158, ++ 158, 1141, 125, 159, 159, 159, 1142, 127, 1143, 1145, ++ 128, 126, 160, 160, 160, 161, 161, 161, 162, 162, ++ 162, 163, 163, 163, 164, 164, 164, 154, 165, 165, ++ 165, 1146, 1152, 156, 166, 166, 166, 158, 155, 157, ++ 167, 167, 167, 168, 168, 168, 169, 169, 169, 170, ++ 170, 170, 159, 171, 171, 171, 172, 172, 172, 1153, ++ 164, 1154, 1155, 160, 173, 173, 173, 163, 174, 174, ++ 174, 1156, 166, 165, 162, 1157, 168, 167, 175, 175, ++ 175, 182, 182, 354, 1158, 166, 1159, 354, 182, 182, ++ ++ 354, 169, 1160, 171, 184, 184, 1161, 184, 184, 184, ++ 170, 172, 1163, 189, 189, 1164, 174, 187, 187, 1161, ++ 171, 189, 173, 1166, 187, 187, 182, 182, 191, 191, ++ 191, 192, 192, 192, 193, 193, 193, 175, 194, 194, ++ 194, 195, 195, 195, 1168, 191, 1169, 1170, 193, 189, ++ 1171, 193, 187, 187, 196, 196, 196, 197, 197, 197, ++ 198, 198, 198, 199, 199, 199, 200, 200, 200, 1172, ++ 1177, 194, 201, 201, 201, 202, 202, 202, 203, 203, ++ 203, 192, 205, 205, 205, 195, 204, 204, 204, 206, ++ 206, 206, 207, 207, 207, 208, 208, 208, 199, 209, ++ ++ 209, 209, 1178, 196, 210, 210, 210, 197, 1180, 1181, ++ 198, 200, 203, 211, 211, 211, 201, 212, 212, 212, ++ 204, 213, 213, 213, 1182, 202, 214, 214, 214, 206, ++ 207, 215, 215, 215, 216, 216, 216, 217, 217, 217, ++ 218, 218, 218, 1183, 208, 219, 219, 219, 220, 220, ++ 220, 1184, 209, 1186, 1187, 210, 1188, 211, 221, 221, ++ 221, 222, 222, 222, 214, 1189, 212, 213, 223, 223, ++ 223, 224, 224, 224, 1190, 225, 225, 225, 260, 260, ++ 260, 243, 215, 1191, 1192, 216, 220, 243, 218, 217, ++ 1193, 1194, 219, 1195, 1199, 243, 221, 261, 261, 261, ++ ++ 262, 262, 262, 222, 263, 263, 263, 1200, 224, 225, ++ 264, 264, 264, 265, 265, 265, 266, 266, 266, 223, ++ 267, 267, 267, 268, 268, 268, 1201, 1202, 260, 269, ++ 269, 269, 1204, 262, 1205, 261, 1206, 270, 270, 270, ++ 271, 271, 271, 1207, 264, 272, 272, 272, 263, 273, ++ 273, 273, 1209, 274, 274, 274, 1211, 1212, 265, 275, ++ 275, 275, 1213, 268, 276, 276, 276, 269, 277, 277, ++ 277, 278, 278, 278, 267, 270, 1215, 778, 279, 279, ++ 279, 778, 271, 272, 280, 280, 280, 282, 1220, 282, ++ 282, 282, 283, 778, 283, 283, 283, 1223, 1224, 273, ++ ++ 274, 1225, 1226, 283, 1227, 1228, 277, 1234, 1235, 278, ++ 276, 279, 284, 284, 284, 285, 285, 285, 286, 286, ++ 286, 287, 287, 287, 1236, 1238, 288, 288, 288, 1239, ++ 286, 283, 288, 1243, 280, 289, 289, 289, 290, 290, ++ 290, 287, 291, 291, 291, 1244, 1245, 288, 288, 288, ++ 288, 292, 292, 292, 293, 293, 293, 294, 294, 294, ++ 1250, 295, 295, 295, 1253, 285, 296, 296, 296, 297, ++ 297, 297, 298, 298, 298, 299, 299, 299, 300, 300, ++ 300, 301, 301, 301, 302, 302, 302, 303, 303, 303, ++ 1255, 1268, 291, 304, 304, 304, 1111, 1110, 293, 305, ++ ++ 305, 305, 292, 295, 296, 306, 306, 306, 307, 307, ++ 307, 1109, 1107, 297, 1106, 301, 1105, 1104, 302, 308, ++ 308, 308, 1103, 298, 1101, 303, 1100, 1099, 300, 309, ++ 309, 309, 310, 310, 310, 304, 311, 311, 311, 306, ++ 1098, 307, 1097, 306, 312, 312, 312, 313, 313, 313, ++ 305, 314, 314, 314, 315, 315, 315, 316, 316, 316, ++ 317, 317, 317, 318, 318, 318, 1096, 1095, 310, 308, ++ 1094, 309, 363, 363, 363, 364, 364, 364, 692, 692, ++ 311, 365, 365, 365, 366, 366, 366, 692, 314, 367, ++ 367, 367, 1093, 692, 315, 368, 368, 368, 312, 369, ++ ++ 369, 369, 370, 370, 370, 371, 371, 371, 1092, 316, ++ 363, 1091, 318, 372, 372, 372, 1090, 366, 373, 373, ++ 373, 374, 374, 374, 375, 375, 375, 1089, 1088, 368, ++ 365, 376, 376, 376, 377, 377, 377, 378, 378, 378, ++ 1087, 367, 379, 379, 379, 1086, 369, 380, 380, 380, ++ 1085, 371, 1084, 1075, 370, 381, 381, 381, 383, 383, ++ 383, 1074, 1073, 372, 1072, 373, 1071, 1068, 377, 1067, ++ 374, 1066, 377, 1065, 375, 384, 384, 384, 1064, 379, ++ 1062, 380, 1061, 1060, 376, 1059, 1058, 378, 385, 385, ++ 385, 380, 1057, 1056, 384, 1055, 1054, 381, 1053, 1052, ++ ++ 383, 386, 386, 386, 387, 387, 387, 388, 388, 388, ++ 389, 389, 389, 385, 390, 390, 390, 391, 391, 391, ++ 386, 392, 392, 392, 393, 393, 393, 388, 390, 1051, ++ 1050, 390, 1049, 1048, 387, 394, 394, 394, 390, 389, ++ 395, 395, 395, 396, 396, 396, 397, 397, 397, 398, ++ 398, 398, 399, 399, 399, 400, 400, 400, 401, 401, ++ 401, 1047, 393, 402, 402, 402, 403, 403, 403, 1046, ++ 1045, 394, 404, 404, 404, 405, 405, 405, 406, 406, ++ 406, 407, 407, 407, 408, 408, 408, 409, 409, 409, ++ 410, 410, 410, 1044, 401, 1034, 1033, 398, 1032, 402, ++ ++ 411, 411, 411, 399, 1031, 1029, 400, 412, 412, 412, ++ 1028, 1027, 405, 413, 413, 413, 404, 414, 414, 414, ++ 408, 415, 415, 415, 410, 460, 460, 460, 1026, 406, ++ 461, 461, 461, 462, 462, 462, 1025, 1024, 409, 1023, ++ 463, 463, 463, 1021, 1020, 412, 464, 464, 464, 1019, ++ 1018, 414, 1017, 1016, 415, 465, 465, 465, 1015, 413, ++ 466, 466, 466, 1014, 461, 467, 467, 467, 468, 468, ++ 468, 469, 469, 469, 470, 470, 470, 1013, 1012, 471, ++ 471, 471, 1011, 462, 463, 472, 472, 472, 473, 473, ++ 473, 474, 474, 474, 466, 1010, 1009, 464, 1008, 475, ++ ++ 475, 475, 1007, 1006, 465, 476, 476, 476, 477, 477, ++ 477, 479, 479, 479, 468, 467, 470, 471, 478, 478, ++ 478, 480, 480, 480, 478, 481, 481, 481, 1005, 472, ++ 1004, 1003, 481, 481, 481, 479, 472, 1002, 1001, 473, ++ 474, 475, 481, 989, 988, 481, 482, 482, 482, 481, ++ 481, 480, 476, 482, 483, 483, 483, 484, 484, 484, ++ 485, 485, 485, 987, 986, 477, 487, 487, 487, 484, ++ 486, 486, 486, 985, 483, 488, 488, 488, 984, 983, ++ 485, 489, 489, 489, 486, 490, 490, 490, 491, 491, ++ 491, 492, 492, 492, 493, 493, 493, 494, 494, 494, ++ ++ 495, 495, 495, 496, 496, 496, 497, 497, 497, 498, ++ 498, 498, 499, 499, 499, 489, 982, 488, 500, 500, ++ 500, 501, 501, 501, 506, 506, 491, 502, 502, 502, ++ 981, 980, 490, 503, 503, 503, 550, 550, 550, 979, ++ 506, 506, 492, 978, 977, 506, 976, 494, 551, 551, ++ 551, 552, 552, 552, 553, 553, 553, 500, 975, 501, ++ 554, 554, 554, 499, 555, 555, 555, 556, 556, 556, ++ 974, 502, 557, 557, 557, 558, 558, 558, 550, 559, ++ 559, 559, 972, 971, 503, 560, 560, 560, 561, 561, ++ 561, 562, 562, 562, 563, 563, 563, 554, 970, 968, ++ ++ 551, 967, 552, 966, 555, 556, 557, 564, 564, 564, ++ 965, 964, 559, 565, 565, 565, 566, 566, 566, 567, ++ 567, 567, 561, 568, 568, 568, 569, 569, 569, 963, ++ 962, 562, 558, 566, 570, 570, 570, 560, 961, 563, ++ 570, 571, 571, 571, 572, 572, 572, 568, 574, 574, ++ 574, 565, 569, 564, 960, 571, 959, 958, 572, 573, ++ 573, 573, 575, 575, 575, 574, 573, 576, 576, 576, ++ 577, 577, 577, 957, 578, 578, 578, 577, 579, 579, ++ 579, 956, 576, 580, 580, 580, 955, 954, 575, 581, ++ 581, 581, 575, 578, 582, 582, 582, 583, 583, 583, ++ ++ 584, 584, 584, 579, 585, 585, 585, 586, 586, 586, ++ 587, 587, 587, 938, 580, 588, 588, 588, 589, 589, ++ 589, 590, 590, 590, 591, 591, 591, 643, 643, 643, ++ 582, 644, 644, 644, 645, 645, 645, 646, 646, 646, ++ 581, 937, 585, 647, 647, 647, 583, 936, 587, 648, ++ 648, 648, 649, 649, 649, 589, 650, 650, 650, 651, ++ 651, 651, 652, 652, 652, 935, 934, 645, 933, 932, ++ 646, 653, 653, 653, 654, 654, 654, 643, 931, 644, ++ 930, 647, 655, 655, 655, 929, 927, 648, 656, 656, ++ 656, 658, 658, 658, 650, 926, 649, 657, 657, 657, ++ ++ 659, 659, 659, 651, 661, 661, 661, 660, 660, 660, ++ 922, 652, 662, 662, 662, 658, 653, 659, 660, 921, ++ 662, 661, 920, 919, 655, 918, 654, 663, 663, 663, ++ 657, 664, 664, 664, 665, 665, 665, 666, 666, 666, ++ 667, 667, 667, 668, 668, 668, 664, 917, 665, 916, ++ 915, 663, 914, 668, 669, 669, 669, 913, 666, 912, ++ 911, 667, 670, 670, 670, 671, 671, 671, 670, 669, ++ 672, 672, 672, 673, 673, 673, 674, 674, 674, 910, ++ 672, 675, 675, 675, 676, 676, 676, 677, 677, 677, ++ 678, 678, 678, 729, 729, 729, 909, 908, 671, 730, ++ ++ 730, 730, 731, 731, 731, 732, 732, 732, 733, 733, ++ 733, 734, 734, 734, 674, 735, 735, 735, 736, 736, ++ 736, 676, 737, 737, 737, 738, 738, 738, 907, 731, ++ 906, 729, 739, 739, 739, 905, 904, 730, 903, 732, ++ 740, 740, 740, 741, 741, 741, 742, 742, 742, 902, ++ 901, 736, 743, 743, 743, 744, 744, 744, 900, 899, ++ 737, 876, 874, 738, 873, 745, 745, 745, 872, 746, ++ 746, 746, 758, 758, 758, 744, 745, 747, 747, 747, ++ 739, 748, 748, 748, 870, 740, 746, 869, 749, 749, ++ 749, 750, 750, 750, 741, 868, 867, 742, 749, 750, ++ ++ 865, 864, 747, 751, 751, 751, 748, 752, 752, 752, ++ 753, 753, 753, 754, 754, 754, 863, 752, 753, 862, ++ 751, 755, 755, 755, 756, 756, 756, 757, 757, 757, ++ 861, 860, 756, 756, 759, 759, 759, 859, 755, 807, ++ 807, 807, 808, 808, 808, 858, 754, 809, 809, 809, ++ 810, 810, 810, 811, 811, 811, 812, 812, 812, 857, ++ 757, 813, 813, 813, 814, 814, 814, 815, 815, 815, ++ 856, 855, 807, 816, 816, 816, 817, 817, 817, 854, ++ 853, 818, 818, 818, 819, 819, 819, 852, 851, 809, ++ 812, 808, 848, 847, 819, 820, 820, 820, 846, 810, ++ ++ 845, 820, 843, 842, 811, 815, 818, 821, 821, 821, ++ 841, 816, 822, 822, 822, 823, 823, 823, 824, 824, ++ 824, 840, 839, 823, 825, 825, 825, 838, 824, 826, ++ 826, 826, 837, 836, 825, 827, 827, 827, 828, 828, ++ 828, 829, 829, 829, 835, 834, 828, 828, 830, 830, ++ 830, 831, 831, 831, 832, 832, 832, 877, 877, 877, ++ 827, 878, 878, 878, 833, 831, 806, 805, 830, 879, ++ 879, 879, 880, 880, 880, 881, 881, 881, 804, 832, ++ 882, 882, 882, 883, 883, 883, 884, 884, 884, 885, ++ 885, 885, 802, 801, 878, 798, 886, 886, 886, 887, ++ ++ 887, 887, 888, 888, 888, 877, 887, 796, 881, 889, ++ 889, 889, 880, 890, 890, 890, 795, 882, 879, 886, ++ 891, 891, 891, 884, 892, 892, 892, 888, 794, 883, ++ 793, 893, 893, 893, 894, 894, 894, 895, 895, 895, ++ 896, 896, 896, 792, 892, 893, 939, 939, 939, 940, ++ 940, 940, 791, 894, 941, 941, 941, 942, 942, 942, ++ 790, 895, 943, 943, 943, 944, 944, 944, 945, 945, ++ 945, 946, 946, 946, 947, 947, 947, 948, 948, 948, ++ 949, 949, 949, 789, 950, 950, 950, 951, 951, 951, ++ 788, 940, 787, 786, 948, 952, 952, 952, 943, 953, ++ ++ 953, 953, 939, 950, 946, 941, 784, 944, 783, 942, ++ 782, 951, 990, 990, 990, 991, 991, 991, 781, 945, ++ 992, 992, 992, 993, 993, 993, 994, 994, 994, 995, ++ 995, 995, 996, 996, 996, 997, 997, 997, 998, 998, ++ 998, 999, 999, 999, 780, 990, 779, 777, 998, 1000, ++ 1000, 1000, 1035, 1035, 1035, 1036, 1036, 1036, 1037, 1037, ++ 1037, 991, 1038, 1038, 1038, 996, 776, 775, 993, 997, ++ 994, 774, 992, 773, 772, 995, 1039, 1039, 1039, 1040, ++ 1040, 1040, 1041, 1041, 1041, 1042, 1042, 1042, 771, 770, ++ 1035, 769, 1037, 1043, 1043, 1043, 768, 1036, 767, 766, ++ ++ 1038, 1076, 1076, 1076, 1077, 1077, 1077, 1078, 1078, 1078, ++ 765, 1079, 1079, 1079, 1039, 1080, 1080, 1080, 764, 1040, ++ 1081, 1081, 1081, 763, 1082, 1082, 1082, 762, 1041, 1083, ++ 1083, 1083, 761, 1042, 1113, 1113, 1113, 1114, 1114, 1114, ++ 1115, 1115, 1115, 1116, 1116, 1116, 1117, 1117, 1117, 1080, ++ 1115, 1078, 1118, 1118, 1118, 1077, 1076, 1079, 1082, 1119, ++ 1119, 1119, 1147, 1147, 1147, 1148, 1148, 1148, 760, 727, ++ 1113, 1083, 1149, 1149, 1149, 1150, 1150, 1150, 1151, 1151, ++ 1151, 1173, 1173, 1173, 1174, 1174, 1174, 1175, 1175, 1175, ++ 726, 725, 1117, 724, 1116, 723, 722, 1118, 720, 719, ++ ++ 1147, 1176, 1176, 1176, 1196, 1196, 1196, 1197, 1197, 1197, ++ 1198, 1198, 1198, 718, 1148, 717, 1151, 1216, 1216, 1216, ++ 716, 715, 1149, 1217, 1217, 1217, 1231, 1231, 1231, 1173, ++ 1232, 1232, 1232, 1174, 1240, 1240, 1240, 1241, 1241, 1241, ++ 1247, 1247, 1247, 1232, 1248, 1248, 1248, 1252, 1252, 1252, ++ 714, 1176, 713, 712, 1197, 1196, 1254, 1254, 1254, 1216, ++ 1256, 1256, 1256, 1258, 1258, 1258, 1259, 1259, 1259, 711, ++ 710, 1241, 1217, 1231, 709, 708, 707, 705, 704, 702, ++ 1240, 700, 699, 698, 1252, 695, 694, 693, 689, 688, ++ 1248, 686, 685, 684, 683, 682, 681, 680, 1256, 679, ++ ++ 1254, 642, 641, 640, 639, 638, 637, 636, 635, 634, ++ 633, 632, 1258, 1261, 1261, 1261, 1261, 1262, 1262, 1262, ++ 1262, 1263, 1263, 1263, 1263, 1264, 1264, 1264, 1264, 1265, ++ 1265, 1266, 1266, 1267, 631, 1267, 1267, 630, 629, 627, ++ 626, 625, 623, 622, 621, 620, 619, 618, 617, 615, ++ 614, 613, 612, 611, 610, 609, 608, 607, 606, 605, ++ 604, 603, 602, 601, 600, 599, 598, 597, 596, 595, ++ 594, 593, 592, 549, 548, 547, 545, 544, 543, 542, ++ 541, 540, 539, 538, 537, 536, 535, 534, 533, 532, ++ 531, 530, 529, 528, 527, 526, 525, 524, 523, 522, ++ ++ 521, 520, 519, 518, 517, 516, 515, 514, 513, 512, ++ 511, 510, 509, 508, 507, 505, 504, 459, 456, 455, ++ 454, 453, 452, 451, 450, 449, 448, 447, 446, 445, ++ 444, 443, 442, 441, 440, 439, 438, 437, 436, 435, ++ 434, 433, 432, 431, 430, 429, 428, 427, 426, 425, ++ 424, 423, 422, 421, 420, 419, 418, 417, 416, 361, ++ 360, 359, 358, 357, 356, 355, 353, 352, 351, 350, ++ 349, 348, 347, 346, 345, 344, 343, 342, 341, 340, ++ 339, 338, 337, 336, 335, 334, 333, 332, 331, 329, ++ 328, 327, 325, 324, 323, 322, 321, 320, 281, 259, ++ ++ 258, 257, 256, 255, 254, 253, 251, 249, 248, 247, ++ 246, 244, 242, 240, 239, 237, 236, 234, 233, 232, ++ 230, 228, 227, 226, 180, 178, 177, 152, 151, 149, ++ 148, 146, 145, 143, 141, 139, 133, 83, 79, 76, ++ 73, 52, 49, 43, 22, 21, 11, 9, 3, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, + +- 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, 1234, +- 1234, 1234, 1234, 1234, 1234 ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, ++ 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260, 1260 + } ; + + static yy_state_type yy_last_accepting_state; +@@ -1499,7 +1518,7 @@ int yy_flex_debug = 0; + #define YY_MORE_ADJ 0 + #define YY_RESTORE_YY_MORE_OFFSET + char *yytext; +-#line 1 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 1 "lexer.l" + /* + * The SIP lexer. + * +@@ -1517,7 +1536,7 @@ char *yytext; + * SIP is supplied WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. + */ +-#line 20 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 20 "lexer.l" + #include + #include + #include +@@ -1563,11 +1582,9 @@ static int parenDepth = 0; + + static FILE *openFile(const char *); + static void fatallex(char *); ++#line 1586 "../lexer.c" + +- +- +- +-#line 1571 "sip-4.19.23/sipgen/lexer.c" ++#line 1588 "../lexer.c" + + #define INITIAL 0 + #define code 1 +@@ -1587,36 +1604,36 @@ static void fatallex(char *); + #define YY_EXTRA_TYPE void * + #endif + +-static int yy_init_globals (void ); ++static int yy_init_globals ( void ); + + /* Accessor methods to globals. + These are made visible to non-reentrant scanners for convenience. */ + +-int yylex_destroy (void ); ++int yylex_destroy ( void ); + +-int yyget_debug (void ); ++int yyget_debug ( void ); + +-void yyset_debug (int debug_flag ); ++void yyset_debug ( int debug_flag ); + +-YY_EXTRA_TYPE yyget_extra (void ); ++YY_EXTRA_TYPE yyget_extra ( void ); + +-void yyset_extra (YY_EXTRA_TYPE user_defined ); ++void yyset_extra ( YY_EXTRA_TYPE user_defined ); + +-FILE *yyget_in (void ); ++FILE *yyget_in ( void ); + +-void yyset_in (FILE * in_str ); ++void yyset_in ( FILE * _in_str ); + +-FILE *yyget_out (void ); ++FILE *yyget_out ( void ); + +-void yyset_out (FILE * out_str ); ++void yyset_out ( FILE * _out_str ); + +-yy_size_t yyget_leng (void ); ++ int yyget_leng ( void ); + +-char *yyget_text (void ); ++char *yyget_text ( void ); + +-int yyget_lineno (void ); ++int yyget_lineno ( void ); + +-void yyset_lineno (int line_number ); ++void yyset_lineno ( int _line_number ); + + /* Macros after this point can all be overridden by user definitions in + * section 1. +@@ -1624,28 +1641,31 @@ void yyset_lineno (int line_number ); + + #ifndef YY_SKIP_YYWRAP + #ifdef __cplusplus +-extern "C" int yywrap (void ); ++extern "C" int yywrap ( void ); + #else +-extern int yywrap (void ); ++extern int yywrap ( void ); + #endif + #endif + +- static void yyunput (int c,char *buf_ptr ); ++#ifndef YY_NO_UNPUT + ++ static void yyunput ( int c, char *buf_ptr ); ++ ++#endif ++ + #ifndef yytext_ptr +-static void yy_flex_strncpy (char *,yyconst char *,int ); ++static void yy_flex_strncpy ( char *, const char *, int ); + #endif + + #ifdef YY_NEED_STRLEN +-static int yy_flex_strlen (yyconst char * ); ++static int yy_flex_strlen ( const char * ); + #endif + + #ifndef YY_NO_INPUT +- + #ifdef __cplusplus +-static int yyinput (void ); ++static int yyinput ( void ); + #else +-static int input (void ); ++static int input ( void ); + #endif + + #endif +@@ -1654,15 +1674,20 @@ static int input (void ); + static int yy_start_stack_depth = 0; + static int *yy_start_stack = NULL; + +- static void yy_push_state (int new_state ); ++ static void yy_push_state ( int _new_state ); + +- static void yy_pop_state (void ); ++ static void yy_pop_state ( void ); + +- static int yy_top_state (void ); ++ static int yy_top_state ( void ); + + /* Amount of stuff to slurp up with each read. */ + #ifndef YY_READ_BUF_SIZE ++#ifdef __ia64__ ++/* On IA-64, the buffer size is 16k, not 8k */ ++#define YY_READ_BUF_SIZE 16384 ++#else + #define YY_READ_BUF_SIZE 8192 ++#endif /* __ia64__ */ + #endif + + /* Copy whatever the last rule matched to the standard output. */ +@@ -1670,7 +1695,7 @@ static int input (void ); + /* This used to be an fputs(), but since the string might contain NUL's, + * we now use fwrite(). + */ +-#define ECHO fwrite( yytext, yyleng, 1, yyout ) ++#define ECHO do { if (fwrite( yytext, (size_t) yyleng, 1, yyout )) {} } while (0) + #endif + + /* Gets input and stuffs it into "buf". number of characters read, or YY_NULL, +@@ -1681,7 +1706,7 @@ static int input (void ); + if ( YY_CURRENT_BUFFER_LVALUE->yy_is_interactive ) \ + { \ + int c = '*'; \ +- yy_size_t n; \ ++ int n; \ + for ( n = 0; n < max_size && \ + (c = getc( yyin )) != EOF && c != '\n'; ++n ) \ + buf[n] = (char) c; \ +@@ -1694,7 +1719,7 @@ static int input (void ); + else \ + { \ + errno=0; \ +- while ( (result = fread(buf, 1, max_size, yyin))==0 && ferror(yyin)) \ ++ while ( (result = (int) fread(buf, 1, (yy_size_t) max_size, yyin)) == 0 && ferror(yyin)) \ + { \ + if( errno != EINTR) \ + { \ +@@ -1749,7 +1774,7 @@ extern int yylex (void); + + /* Code executed at the end of each rule. */ + #ifndef YY_BREAK +-#define YY_BREAK break; ++#define YY_BREAK /*LINTED*/break; + #endif + + #define YY_RULE_SETUP \ +@@ -1762,15 +1787,10 @@ extern int yylex (void); + */ + YY_DECL + { +- register yy_state_type yy_current_state; +- register char *yy_cp, *yy_bp; +- register int yy_act; ++ yy_state_type yy_current_state; ++ char *yy_cp, *yy_bp; ++ int yy_act; + +-#line 74 "sip-4.19.23/sipgen/metasrc/lexer.l" +- +- +-#line 1773 "sip-4.19.23/sipgen/lexer.c" +- + if ( !(yy_init) ) + { + (yy_init) = 1; +@@ -1791,13 +1811,19 @@ YY_DECL + if ( ! YY_CURRENT_BUFFER ) { + yyensure_buffer_stack (); + YY_CURRENT_BUFFER_LVALUE = +- yy_create_buffer(yyin,YY_BUF_SIZE ); ++ yy_create_buffer( yyin, YY_BUF_SIZE ); + } + +- yy_load_buffer_state( ); ++ yy_load_buffer_state( ); + } + +- while ( 1 ) /* loops until end-of-file is reached */ ++ { ++#line 74 "lexer.l" ++ ++ ++#line 1825 "../lexer.c" ++ ++ while ( /*CONSTCOND*/1 ) /* loops until end-of-file is reached */ + { + yy_cp = (yy_c_buf_p); + +@@ -1814,7 +1840,7 @@ YY_DECL + yy_match: + do + { +- register YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)]; ++ YY_CHAR yy_c = yy_ec[YY_SC_TO_UI(*yy_cp)] ; + if ( yy_accept[yy_current_state] ) + { + (yy_last_accepting_state) = yy_current_state; +@@ -1823,13 +1849,13 @@ yy_match: + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; +- if ( yy_current_state >= 1235 ) +- yy_c = yy_meta[(unsigned int) yy_c]; ++ if ( yy_current_state >= 1261 ) ++ yy_c = yy_meta[yy_c]; + } +- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; ++ yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; + ++yy_cp; + } +- while ( yy_base[yy_current_state] != 2845 ); ++ while ( yy_base[yy_current_state] != 2950 ); + + yy_find_action: + yy_act = yy_accept[yy_current_state]; +@@ -1855,540 +1881,550 @@ do_action: /* This label is used only to + + case 1: + YY_RULE_SETUP +-#line 76 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 76 "lexer.l" + {BEGIN directive_start; return TK_API;} + YY_BREAK + case 2: + YY_RULE_SETUP +-#line 77 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 77 "lexer.l" + {BEGIN directive_start; return TK_AUTOPYNAME;} + YY_BREAK + case 3: + YY_RULE_SETUP +-#line 78 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 78 "lexer.l" + {return TK_CMODULE;} + YY_BREAK + case 4: + YY_RULE_SETUP +-#line 79 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 79 "lexer.l" + {BEGIN directive_start; return TK_COMPOMODULE;} + YY_BREAK + case 5: + YY_RULE_SETUP +-#line 80 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 80 "lexer.l" + {BEGIN directive_start; return TK_CONSMODULE;} + YY_BREAK + case 6: + YY_RULE_SETUP +-#line 81 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 81 "lexer.l" + {BEGIN directive_start; return TK_DEFDOCSTRFMT;} + YY_BREAK + case 7: + YY_RULE_SETUP +-#line 82 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 82 "lexer.l" + {BEGIN directive_start; return TK_DEFDOCSTRSIG;} + YY_BREAK + case 8: + YY_RULE_SETUP +-#line 83 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 83 "lexer.l" + {BEGIN directive_start; return TK_DEFENCODING;} + YY_BREAK + case 9: + YY_RULE_SETUP +-#line 84 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 84 "lexer.l" + {BEGIN directive_start; return TK_DEFMETATYPE;} + YY_BREAK + case 10: + YY_RULE_SETUP +-#line 85 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 85 "lexer.l" + {BEGIN directive_start; return TK_DEFSUPERTYPE;} + YY_BREAK + case 11: + YY_RULE_SETUP +-#line 86 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 86 "lexer.l" + {return TK_END;} + YY_BREAK + case 12: + YY_RULE_SETUP +-#line 87 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 87 "lexer.l" + {BEGIN INITIAL; return TK_END;} + YY_BREAK + case 13: + YY_RULE_SETUP +-#line 88 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 88 "lexer.l" + {return TK_EXCEPTION;} + YY_BREAK + case 14: + YY_RULE_SETUP +-#line 89 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 89 "lexer.l" + {BEGIN directive_start; return TK_FEATURE;} + YY_BREAK + case 15: + YY_RULE_SETUP +-#line 90 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 90 "lexer.l" + {BEGIN directive_start; return TK_HIDE_NS;} + YY_BREAK + case 16: + YY_RULE_SETUP +-#line 91 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 91 "lexer.l" + {return TK_IF;} + YY_BREAK + case 17: + YY_RULE_SETUP +-#line 92 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 92 "lexer.l" + {BEGIN directive_start; return TK_IMPORT;} + YY_BREAK + case 18: + YY_RULE_SETUP +-#line 93 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 93 "lexer.l" + {BEGIN directive_start; return TK_INCLUDE;} + YY_BREAK + case 19: + YY_RULE_SETUP +-#line 94 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 94 "lexer.l" + {BEGIN directive_start; return TK_LICENSE;} + YY_BREAK + case 20: + YY_RULE_SETUP +-#line 95 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 95 "lexer.l" + {return TK_MAPPEDTYPE;} + YY_BREAK + case 21: + YY_RULE_SETUP +-#line 96 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 96 "lexer.l" + {BEGIN directive_start; return TK_MODULE;} + YY_BREAK + case 22: + YY_RULE_SETUP +-#line 97 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 97 "lexer.l" + {return TK_OPTINCLUDE;} + YY_BREAK + case 23: + YY_RULE_SETUP +-#line 98 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 98 "lexer.l" + {return TK_PLATFORMS;} + YY_BREAK + case 24: + YY_RULE_SETUP +-#line 99 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 99 "lexer.l" + {BEGIN directive_start; return TK_PLUGIN;} + YY_BREAK + case 25: + YY_RULE_SETUP +-#line 100 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 100 "lexer.l" + {BEGIN directive_start; return TK_PROPERTY;} + YY_BREAK + case 26: + YY_RULE_SETUP +-#line 101 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 101 "lexer.l" + {return TK_TIMELINE;} + YY_BREAK + case 27: + YY_RULE_SETUP +-#line 103 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 103 "lexer.l" + {return TK_CLASS;} + YY_BREAK + case 28: + YY_RULE_SETUP +-#line 104 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 104 "lexer.l" + {return TK_STRUCT;} + YY_BREAK + case 29: + YY_RULE_SETUP +-#line 105 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 105 "lexer.l" + {return TK_PUBLIC;} + YY_BREAK + case 30: + YY_RULE_SETUP +-#line 106 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 106 "lexer.l" + {return TK_PROTECTED;} + YY_BREAK + case 31: + YY_RULE_SETUP +-#line 107 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 107 "lexer.l" + {return TK_PRIVATE;} + YY_BREAK + case 32: + YY_RULE_SETUP +-#line 108 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 108 "lexer.l" + {return TK_SIGNALS;} + YY_BREAK + case 33: + YY_RULE_SETUP +-#line 109 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 109 "lexer.l" + {return TK_SIGNALS;} + YY_BREAK + case 34: + YY_RULE_SETUP +-#line 110 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 110 "lexer.l" + {return TK_SIGNAL_METHOD;} + YY_BREAK + case 35: + YY_RULE_SETUP +-#line 111 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 111 "lexer.l" + {return TK_SLOTS;} + YY_BREAK + case 36: + YY_RULE_SETUP +-#line 112 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 112 "lexer.l" + {return TK_SLOTS;} + YY_BREAK + case 37: + YY_RULE_SETUP +-#line 113 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 113 "lexer.l" + {return TK_SLOT_METHOD;} + YY_BREAK + case 38: + YY_RULE_SETUP +-#line 114 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 114 "lexer.l" + {return TK_CHAR;} + YY_BREAK + case 39: + YY_RULE_SETUP +-#line 115 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 115 "lexer.l" + {return TK_WCHAR_T;} + YY_BREAK + case 40: + YY_RULE_SETUP +-#line 116 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 116 "lexer.l" + {return TK_BOOL;} + YY_BREAK + case 41: + YY_RULE_SETUP +-#line 117 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 117 "lexer.l" + {return TK_SHORT;} + YY_BREAK + case 42: + YY_RULE_SETUP +-#line 118 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 118 "lexer.l" + {return TK_INT;} + YY_BREAK + case 43: + YY_RULE_SETUP +-#line 119 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 119 "lexer.l" + {return TK_LONG;} + YY_BREAK + case 44: + YY_RULE_SETUP +-#line 120 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 120 "lexer.l" + {return TK_FLOAT;} + YY_BREAK + case 45: + YY_RULE_SETUP +-#line 121 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 121 "lexer.l" + {return TK_DOUBLE;} + YY_BREAK + case 46: + YY_RULE_SETUP +-#line 122 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 122 "lexer.l" + {return TK_VOID;} + YY_BREAK + case 47: + YY_RULE_SETUP +-#line 123 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 123 "lexer.l" + {return TK_VIRTUAL;} + YY_BREAK + case 48: + YY_RULE_SETUP +-#line 124 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 124 "lexer.l" + {return TK_ENUM;} + YY_BREAK + case 49: + YY_RULE_SETUP +-#line 125 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 125 "lexer.l" + {return TK_SIGNED;} + YY_BREAK + case 50: + YY_RULE_SETUP +-#line 126 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 126 "lexer.l" + {return TK_UNSIGNED;} + YY_BREAK + case 51: + YY_RULE_SETUP +-#line 127 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 127 "lexer.l" + {return TK_CONST;} + YY_BREAK + case 52: + YY_RULE_SETUP +-#line 128 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 128 "lexer.l" + {return TK_STATIC;} + YY_BREAK + case 53: + YY_RULE_SETUP +-#line 129 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 129 "lexer.l" + {return TK_TRUE_VALUE;} + YY_BREAK + case 54: + YY_RULE_SETUP +-#line 130 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 130 "lexer.l" + {return TK_FALSE_VALUE;} + YY_BREAK + case 55: + YY_RULE_SETUP +-#line 131 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 131 "lexer.l" + {return TK_NULL_VALUE;} + YY_BREAK + case 56: + YY_RULE_SETUP +-#line 132 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 132 "lexer.l" + {return TK_TYPEDEF;} + YY_BREAK + case 57: + YY_RULE_SETUP +-#line 133 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 133 "lexer.l" + {return TK_NAMESPACE;} + YY_BREAK + case 58: + YY_RULE_SETUP +-#line 134 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 134 "lexer.l" + {return TK_OPERATOR;} + YY_BREAK + case 59: + YY_RULE_SETUP +-#line 135 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 135 "lexer.l" + {return TK_THROW;} + YY_BREAK + case 60: + YY_RULE_SETUP +-#line 136 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 136 "lexer.l" + {return TK_EXPLICIT;} + YY_BREAK + case 61: + YY_RULE_SETUP +-#line 137 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 137 "lexer.l" + {return TK_TEMPLATE;} + YY_BREAK + case 62: + YY_RULE_SETUP +-#line 138 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 138 "lexer.l" + {return TK_FINAL;} + YY_BREAK + case 63: + YY_RULE_SETUP +-#line 139 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 139 "lexer.l" + {return TK_SIZET;} + YY_BREAK + case 64: + YY_RULE_SETUP +-#line 140 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 140 "lexer.l" + {return TK_SCOPE;} + YY_BREAK + case 65: + YY_RULE_SETUP +-#line 141 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 141 "lexer.l" + {return TK_LOGICAL_OR;} + YY_BREAK + case 66: + YY_RULE_SETUP +-#line 142 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 142 "lexer.l" + {return TK_PYOBJECT;} + YY_BREAK + case 67: + YY_RULE_SETUP +-#line 143 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 143 "lexer.l" + {return TK_PYTUPLE;} + YY_BREAK + case 68: + YY_RULE_SETUP +-#line 144 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 144 "lexer.l" + {return TK_PYLIST;} + YY_BREAK + case 69: + YY_RULE_SETUP +-#line 145 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 145 "lexer.l" + {return TK_PYDICT;} + YY_BREAK + case 70: + YY_RULE_SETUP +-#line 146 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 146 "lexer.l" + {return TK_PYCALLABLE;} + YY_BREAK + case 71: + YY_RULE_SETUP +-#line 147 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 147 "lexer.l" + {return TK_PYSLICE;} + YY_BREAK + case 72: + YY_RULE_SETUP +-#line 148 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 148 "lexer.l" + {return TK_PYTYPE;} + YY_BREAK + case 73: + YY_RULE_SETUP +-#line 149 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 149 "lexer.l" + {return TK_PYBUFFER;} + YY_BREAK + case 74: + YY_RULE_SETUP +-#line 150 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 150 "lexer.l" + {return TK_SIPSIGNAL;} + YY_BREAK + case 75: + YY_RULE_SETUP +-#line 151 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 151 "lexer.l" + {return TK_SIPSLOT;} + YY_BREAK + case 76: + YY_RULE_SETUP +-#line 152 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 152 "lexer.l" + {return TK_SIPANYSLOT;} + YY_BREAK + case 77: + YY_RULE_SETUP +-#line 153 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 153 "lexer.l" + {return TK_SIPRXCON;} + YY_BREAK + case 78: + YY_RULE_SETUP +-#line 154 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 154 "lexer.l" + {return TK_SIPRXDIS;} + YY_BREAK + case 79: + YY_RULE_SETUP +-#line 155 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 155 "lexer.l" + {return TK_SIPSLOTCON;} + YY_BREAK + case 80: + YY_RULE_SETUP +-#line 156 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 156 "lexer.l" + {return TK_SIPSLOTDIS;} + YY_BREAK + case 81: + YY_RULE_SETUP +-#line 157 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 157 "lexer.l" + {return TK_SIPSSIZET;} + YY_BREAK + case 82: + YY_RULE_SETUP +-#line 158 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_QOBJECT;} ++#line 158 "lexer.l" ++{return TK_SIPSSIZET;} + YY_BREAK + case 83: + YY_RULE_SETUP +-#line 159 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_ELLIPSIS;} ++#line 159 "lexer.l" ++{return TK_QOBJECT;} + YY_BREAK + case 84: + YY_RULE_SETUP +-#line 161 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_FORMAT;} ++#line 160 "lexer.l" ++{return TK_ELLIPSIS;} + YY_BREAK + case 85: + YY_RULE_SETUP +-#line 162 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_GET;} ++#line 162 "lexer.l" ++{return TK_FORMAT;} + YY_BREAK + case 86: + YY_RULE_SETUP +-#line 163 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_ID;} ++#line 163 "lexer.l" ++{return TK_GET;} + YY_BREAK + case 87: + YY_RULE_SETUP +-#line 164 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_KWARGS;} ++#line 164 "lexer.l" ++{return TK_ID;} + YY_BREAK + case 88: + YY_RULE_SETUP +-#line 165 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_LANGUAGE;} ++#line 165 "lexer.l" ++{return TK_KWARGS;} + YY_BREAK + case 89: + YY_RULE_SETUP +-#line 166 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_LICENSEE;} ++#line 166 "lexer.l" ++{return TK_LANGUAGE;} + YY_BREAK + case 90: + YY_RULE_SETUP +-#line 167 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_NAME;} ++#line 167 "lexer.l" ++{return TK_LICENSEE;} + YY_BREAK + case 91: + YY_RULE_SETUP +-#line 168 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_OPTIONAL;} ++#line 168 "lexer.l" ++{return TK_NAME;} + YY_BREAK + case 92: + YY_RULE_SETUP +-#line 169 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_ORDER;} ++#line 169 "lexer.l" ++{return TK_OPTIONAL;} + YY_BREAK + case 93: + YY_RULE_SETUP +-#line 170 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_REMOVELEADING;} ++#line 170 "lexer.l" ++{return TK_ORDER;} + YY_BREAK + case 94: + YY_RULE_SETUP +-#line 171 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_SET;} ++#line 171 "lexer.l" ++{return TK_REMOVELEADING;} + YY_BREAK + case 95: + YY_RULE_SETUP +-#line 172 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_SIGNATURE;} ++#line 172 "lexer.l" ++{return TK_SET;} + YY_BREAK + case 96: + YY_RULE_SETUP +-#line 173 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_TIMESTAMP;} ++#line 173 "lexer.l" ++{return TK_SIGNATURE;} + YY_BREAK + case 97: + YY_RULE_SETUP +-#line 174 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_TYPE;} ++#line 174 "lexer.l" ++{return TK_TIMESTAMP;} + YY_BREAK + case 98: + YY_RULE_SETUP +-#line 175 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_USEARGNAMES;} ++#line 175 "lexer.l" ++{return TK_TYPE;} + YY_BREAK + case 99: + YY_RULE_SETUP +-#line 176 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_USELIMITEDAPI;} ++#line 176 "lexer.l" ++{return TK_USEARGNAMES;} + YY_BREAK + case 100: + YY_RULE_SETUP +-#line 177 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_ALLRAISEPYEXC;} ++#line 177 "lexer.l" ++{return TK_PYSSIZETCLEAN;} + YY_BREAK + case 101: + YY_RULE_SETUP +-#line 178 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_CALLSUPERINIT;} ++#line 178 "lexer.l" ++{return TK_USELIMITEDAPI;} + YY_BREAK + case 102: + YY_RULE_SETUP +-#line 179 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_DEFERRORHANDLER;} ++#line 179 "lexer.l" ++{return TK_ALLRAISEPYEXC;} + YY_BREAK + case 103: + YY_RULE_SETUP +-#line 180 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_VERSION;} ++#line 180 "lexer.l" ++{return TK_CALLSUPERINIT;} + YY_BREAK + case 104: + YY_RULE_SETUP +-#line 182 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_TRUE_VALUE;} ++#line 181 "lexer.l" ++{return TK_DEFERRORHANDLER;} + YY_BREAK + case 105: + YY_RULE_SETUP +-#line 183 "sip-4.19.23/sipgen/metasrc/lexer.l" +-{return TK_FALSE_VALUE;} ++#line 182 "lexer.l" ++{return TK_VERSION;} + YY_BREAK + case 106: + YY_RULE_SETUP +-#line 186 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 184 "lexer.l" ++{return TK_TRUE_VALUE;} ++ YY_BREAK ++case 107: ++YY_RULE_SETUP ++#line 185 "lexer.l" ++{return TK_FALSE_VALUE;} ++ YY_BREAK ++case 108: ++YY_RULE_SETUP ++#line 188 "lexer.l" + { + /* Ignore whitespace. */ + ; + } + YY_BREAK +-case 107: ++case 109: + YY_RULE_SETUP +-#line 191 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 193 "lexer.l" + { + /* + * Maintain the parenthesis depth so that we don't enter the 'code' state +@@ -2401,9 +2437,9 @@ YY_RULE_SETUP + return '('; + } + YY_BREAK +-case 108: ++case 110: + YY_RULE_SETUP +-#line 203 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 205 "lexer.l" + { + /* Maintain the parenthesis depth. */ + --parenDepth; +@@ -2413,10 +2449,10 @@ YY_RULE_SETUP + return ')'; + } + YY_BREAK +-case 109: +-/* rule 109 can match eol */ ++case 111: ++/* rule 111 can match eol */ + YY_RULE_SETUP +-#line 212 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 214 "lexer.l" + { + /* Maintain the line number. */ + ++inputFileStack[currentFile].sloc.linenr; +@@ -2427,63 +2463,63 @@ YY_RULE_SETUP + } + } + YY_BREAK +-case 110: ++case 112: + YY_RULE_SETUP +-#line 222 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 224 "lexer.l" + { + /* Ignore C++ style comments. */ + ; + } + YY_BREAK +-case 111: ++case 113: + YY_RULE_SETUP +-#line 228 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 230 "lexer.l" + { + /* A signed decimal number. */ + yylval.number = strtol(yytext,NULL,0); + return TK_NUMBER_VALUE; + } + YY_BREAK +-case 112: ++case 114: + YY_RULE_SETUP +-#line 235 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 237 "lexer.l" + { + /* A floating point number. */ + yylval.real = strtod(yytext,NULL); + return TK_REAL_VALUE; + } + YY_BREAK +-case 113: ++case 115: + YY_RULE_SETUP +-#line 242 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 244 "lexer.l" + { + /* An unsigned hexadecimal number. */ + yylval.number = strtol(yytext,NULL,16); + return TK_NUMBER_VALUE; + } + YY_BREAK +-case 114: ++case 116: + YY_RULE_SETUP +-#line 249 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 251 "lexer.l" + { + /* An identifier name. */ + yylval.text = sipStrdup(yytext); + return TK_NAME_VALUE; + } + YY_BREAK +-case 115: ++case 117: + YY_RULE_SETUP +-#line 256 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 258 "lexer.l" + { + /* A relative pathname. */ + yylval.text = sipStrdup(yytext); + return TK_PATH_VALUE; + } + YY_BREAK +-case 116: +-/* rule 116 can match eol */ ++case 118: ++/* rule 118 can match eol */ + YY_RULE_SETUP +-#line 263 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 265 "lexer.l" + { + /* A double-quoted string. */ + char ch, *dp, *sp; +@@ -2519,10 +2555,10 @@ YY_RULE_SETUP + return TK_STRING_VALUE; + } + YY_BREAK +-case 117: +-/* rule 117 can match eol */ ++case 119: ++/* rule 119 can match eol */ + YY_RULE_SETUP +-#line 299 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 301 "lexer.l" + { + /* A single-quoted character. */ + if (strlen(yytext) != 3) +@@ -2533,84 +2569,84 @@ YY_RULE_SETUP + return TK_QCHAR_VALUE; + } + YY_BREAK +-case 118: ++case 120: + YY_RULE_SETUP +-#line 310 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 312 "lexer.l" + { + /* Ignore C-style comments. */ + yy_push_state(ccomment); + } + YY_BREAK +-case 119: +-/* rule 119 can match eol */ ++case 121: ++/* rule 121 can match eol */ + YY_RULE_SETUP +-#line 314 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 316 "lexer.l" + { + ++inputFileStack[currentFile].sloc.linenr; + } + YY_BREAK +-case 120: ++case 122: + YY_RULE_SETUP +-#line 317 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 319 "lexer.l" + { + yy_pop_state(); + } + YY_BREAK +-case 121: ++case 123: + YY_RULE_SETUP +-#line 320 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 322 "lexer.l" + { + ; + } + YY_BREAK +-case 122: ++case 124: + YY_RULE_SETUP +-#line 325 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 327 "lexer.l" + { + /* The software license. */ + codeIdx = 0; + return TK_COPYING; + } + YY_BREAK +-case 123: ++case 125: + YY_RULE_SETUP +-#line 331 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 333 "lexer.l" + { + /* The start of a from-type code block. */ + codeIdx = 0; + return TK_FROMTYPE; + } + YY_BREAK +-case 124: ++case 126: + YY_RULE_SETUP +-#line 337 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 339 "lexer.l" + { + /* The start of a to-type code block. */ + codeIdx = 0; + return TK_TOTYPE; + } + YY_BREAK +-case 125: ++case 127: + YY_RULE_SETUP +-#line 343 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 345 "lexer.l" + { + /* The start of a to-sub-class code block. */ + codeIdx = 0; + return TK_TOSUBCLASS; + } + YY_BREAK +-case 126: ++case 128: + YY_RULE_SETUP +-#line 349 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 351 "lexer.l" + { + /* The start of an exported header code block. */ + codeIdx = 0; + return TK_EXPHEADERCODE; + } + YY_BREAK +-case 127: ++case 129: + YY_RULE_SETUP +-#line 355 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 357 "lexer.l" + { + /* The start of part of an extract. */ + codeIdx = 0; +@@ -2620,225 +2656,225 @@ YY_RULE_SETUP + return TK_EXTRACT; + } + YY_BREAK +-case 128: ++case 130: + YY_RULE_SETUP +-#line 364 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 366 "lexer.l" + { + /* The start of a module header code block. */ + codeIdx = 0; + return TK_MODHEADERCODE; + } + YY_BREAK +-case 129: ++case 131: + YY_RULE_SETUP +-#line 370 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 372 "lexer.l" + { + /* The start of a type header code block. */ + codeIdx = 0; + return TK_TYPEHEADERCODE; + } + YY_BREAK +-case 130: ++case 132: + YY_RULE_SETUP +-#line 376 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 378 "lexer.l" + { + /* The start of a pre-initialisation code block. */ + codeIdx = 0; + return TK_PREINITCODE; + } + YY_BREAK +-case 131: ++case 133: + YY_RULE_SETUP +-#line 382 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 384 "lexer.l" + { + /* The start of an initialisation code block. */ + codeIdx = 0; + return TK_INITCODE; + } + YY_BREAK +-case 132: ++case 134: + YY_RULE_SETUP +-#line 388 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 390 "lexer.l" + { + /* The start of a post-initialisation code block. */ + codeIdx = 0; + return TK_POSTINITCODE; + } + YY_BREAK +-case 133: ++case 135: + YY_RULE_SETUP +-#line 394 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 396 "lexer.l" + { + /* The start of a class finalisation code block. */ + codeIdx = 0; + return TK_FINALCODE; + } + YY_BREAK +-case 134: ++case 136: + YY_RULE_SETUP +-#line 400 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 402 "lexer.l" + { + /* The start of a unit code block. */ + codeIdx = 0; + return TK_UNITCODE; + } + YY_BREAK +-case 135: ++case 137: + YY_RULE_SETUP +-#line 406 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 408 "lexer.l" + { + /* The start of a unit post-include code block. */ + codeIdx = 0; + return TK_UNITPOSTINCLUDECODE; + } + YY_BREAK +-case 136: ++case 138: + YY_RULE_SETUP +-#line 412 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 414 "lexer.l" + { + /* The start of a module code block. */ + codeIdx = 0; + return TK_MODCODE; + } + YY_BREAK +-case 137: ++case 139: + YY_RULE_SETUP +-#line 418 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 420 "lexer.l" + { + /* The start of a type code block. */ + codeIdx = 0; + return TK_TYPECODE; + } + YY_BREAK +-case 138: ++case 140: + YY_RULE_SETUP +-#line 424 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 426 "lexer.l" + { + /* The start of a C++ method code block. */ + codeIdx = 0; + return TK_METHODCODE; + } + YY_BREAK +-case 139: ++case 141: + YY_RULE_SETUP +-#line 430 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 432 "lexer.l" + { + /* The start of a C++ code block to insert before the MethodCode. */ + codeIdx = 0; + return TK_PREMETHODCODE; + } + YY_BREAK +-case 140: ++case 142: + YY_RULE_SETUP +-#line 436 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 438 "lexer.l" + { + /* The start of a C++ virtual call code block. */ + codeIdx = 0; + return TK_VIRTUALCALLCODE; + } + YY_BREAK +-case 141: ++case 143: + YY_RULE_SETUP +-#line 442 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 444 "lexer.l" + { + /* The start of a C++ virtual code block. */ + codeIdx = 0; + return TK_VIRTUALCATCHERCODE; + } + YY_BREAK +-case 142: ++case 144: + YY_RULE_SETUP +-#line 448 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 450 "lexer.l" + { + /* The start of a traverse code block. */ + codeIdx = 0; + return TK_TRAVERSECODE; + } + YY_BREAK +-case 143: ++case 145: + YY_RULE_SETUP +-#line 454 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 456 "lexer.l" + { + /* The start of a clear code block. */ + codeIdx = 0; + return TK_CLEARCODE; + } + YY_BREAK +-case 144: ++case 146: + YY_RULE_SETUP +-#line 460 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 462 "lexer.l" + { + /* The start of a get buffer code block. */ + codeIdx = 0; + return TK_GETBUFFERCODE; + } + YY_BREAK +-case 145: ++case 147: + YY_RULE_SETUP +-#line 466 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 468 "lexer.l" + { + /* The start of a release buffer code block. */ + codeIdx = 0; + return TK_RELEASEBUFFERCODE; + } + YY_BREAK +-case 146: ++case 148: + YY_RULE_SETUP +-#line 472 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 474 "lexer.l" + { + /* The start of a read buffer code block. */ + codeIdx = 0; + return TK_READBUFFERCODE; + } + YY_BREAK +-case 147: ++case 149: + YY_RULE_SETUP +-#line 478 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 480 "lexer.l" + { + /* The start of a write buffer code block. */ + codeIdx = 0; + return TK_WRITEBUFFERCODE; + } + YY_BREAK +-case 148: ++case 150: + YY_RULE_SETUP +-#line 484 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 486 "lexer.l" + { + /* The start of a segment count code block. */ + codeIdx = 0; + return TK_SEGCOUNTCODE; + } + YY_BREAK +-case 149: ++case 151: + YY_RULE_SETUP +-#line 490 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 492 "lexer.l" + { + /* The start of a char buffer code block. */ + codeIdx = 0; + return TK_CHARBUFFERCODE; + } + YY_BREAK +-case 150: ++case 152: + YY_RULE_SETUP +-#line 496 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 498 "lexer.l" + { + /* The start of a create instance code block. */ + codeIdx = 0; + return TK_INSTANCECODE; + } + YY_BREAK +-case 151: ++case 153: + YY_RULE_SETUP +-#line 502 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 504 "lexer.l" + { + /* The start of a pickle code block. */ + codeIdx = 0; + return TK_PICKLECODE; + } + YY_BREAK +-case 152: ++case 154: + YY_RULE_SETUP +-#line 508 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 510 "lexer.l" + { + /* The start of a pre-Python code block. */ + deprecated("%PrePythonCode is deprecated"); +@@ -2847,36 +2883,36 @@ YY_RULE_SETUP + return TK_PREPYCODE; + } + YY_BREAK +-case 153: ++case 155: + YY_RULE_SETUP +-#line 516 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 518 "lexer.l" + { + /* The start of a raise Python exception code block. */ + codeIdx = 0; + return TK_RAISECODE; + } + YY_BREAK +-case 154: ++case 156: + YY_RULE_SETUP +-#line 522 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 524 "lexer.l" + { + /* The start of an exported type hint code block. */ + codeIdx = 0; + return TK_EXPTYPEHINTCODE; + } + YY_BREAK +-case 155: ++case 157: + YY_RULE_SETUP +-#line 528 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 530 "lexer.l" + { + /* The start of a type hint code block. */ + codeIdx = 0; + return TK_TYPEHINTCODE; + } + YY_BREAK +-case 156: ++case 158: + YY_RULE_SETUP +-#line 534 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 536 "lexer.l" + { + /* The start of a docstring block. */ + codeIdx = 0; +@@ -2886,9 +2922,9 @@ YY_RULE_SETUP + return TK_DOCSTRING; + } + YY_BREAK +-case 157: ++case 159: + YY_RULE_SETUP +-#line 543 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 545 "lexer.l" + { + /* The start of a documentation block. */ + deprecated("%Doc is deprecated, use %Extract instead"); +@@ -2897,9 +2933,9 @@ YY_RULE_SETUP + return TK_DOC; + } + YY_BREAK +-case 158: ++case 160: + YY_RULE_SETUP +-#line 551 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 553 "lexer.l" + { + /* The start of an exported documentation block. */ + deprecated("%ExportedDoc is deprecated, use %Extract instead"); +@@ -2908,9 +2944,9 @@ YY_RULE_SETUP + return TK_EXPORTEDDOC; + } + YY_BREAK +-case 159: ++case 161: + YY_RULE_SETUP +-#line 559 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 561 "lexer.l" + { + /* The start of a Makefile code block. */ + deprecated("%Makefile is deprecated"); +@@ -2919,36 +2955,36 @@ YY_RULE_SETUP + return TK_MAKEFILE; + } + YY_BREAK +-case 160: ++case 162: + YY_RULE_SETUP +-#line 567 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 569 "lexer.l" + { + /* The start of an access code block. */ + codeIdx = 0; + return TK_ACCESSCODE; + } + YY_BREAK +-case 161: ++case 163: + YY_RULE_SETUP +-#line 573 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 575 "lexer.l" + { + /* The start of a get code block. */ + codeIdx = 0; + return TK_GETCODE; + } + YY_BREAK +-case 162: ++case 164: + YY_RULE_SETUP +-#line 579 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 581 "lexer.l" + { + /* The start of a set code block. */ + codeIdx = 0; + return TK_SETCODE; + } + YY_BREAK +-case 163: ++case 165: + YY_RULE_SETUP +-#line 585 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 587 "lexer.l" + { + /* The start of part of a virtual error handler. */ + codeIdx = 0; +@@ -2958,9 +2994,9 @@ YY_RULE_SETUP + return TK_VIRTERRORHANDLER; + } + YY_BREAK +-case 164: ++case 166: + YY_RULE_SETUP +-#line 594 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 596 "lexer.l" + { + /* The end of a code block. */ + BEGIN INITIAL; +@@ -2968,10 +3004,10 @@ YY_RULE_SETUP + return TK_END; + } + YY_BREAK +-case 165: +-/* rule 165 can match eol */ ++case 167: ++/* rule 167 can match eol */ + YY_RULE_SETUP +-#line 601 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 603 "lexer.l" + { + /* The end of a code line . */ + struct inputFile *ifp; +@@ -2991,9 +3027,9 @@ YY_RULE_SETUP + return TK_CODELINE; + } + YY_BREAK +-case 166: ++case 168: + YY_RULE_SETUP +-#line 620 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 622 "lexer.l" + { + /* The contents of a code line. */ + if (codeIdx == MAX_CODE_LINE_LENGTH) +@@ -3002,20 +3038,20 @@ YY_RULE_SETUP + codeLine[codeIdx++] = yytext[0]; + } + YY_BREAK +-case 167: ++case 169: + YY_RULE_SETUP +-#line 628 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 630 "lexer.l" + { + /* Anything else is returned as is. */ + return yytext[0]; + } + YY_BREAK +-case 168: ++case 170: + YY_RULE_SETUP +-#line 633 "sip-4.19.23/sipgen/metasrc/lexer.l" ++#line 635 "lexer.l" + ECHO; + YY_BREAK +-#line 3019 "sip-4.19.23/sipgen/lexer.c" ++#line 3055 "../lexer.c" + case YY_STATE_EOF(INITIAL): + case YY_STATE_EOF(code): + case YY_STATE_EOF(ccomment): +@@ -3097,7 +3133,7 @@ case YY_STATE_EOF(directive_start): + { + (yy_did_buffer_switch_on_eof) = 0; + +- if ( yywrap( ) ) ++ if ( yywrap( ) ) + { + /* Note: because we've taken care in + * yy_get_next_buffer() to have set up +@@ -3150,6 +3186,7 @@ case YY_STATE_EOF(directive_start): + "fatal flex scanner internal error--no action found" ); + } /* end of action switch */ + } /* end of scanning one token */ ++ } /* end of user's declarations */ + } /* end of yylex */ + + /* yy_get_next_buffer - try to read in a new buffer +@@ -3161,9 +3198,9 @@ case YY_STATE_EOF(directive_start): + */ + static int yy_get_next_buffer (void) + { +- register char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; +- register char *source = (yytext_ptr); +- register int number_to_move, i; ++ char *dest = YY_CURRENT_BUFFER_LVALUE->yy_ch_buf; ++ char *source = (yytext_ptr); ++ int number_to_move, i; + int ret_val; + + if ( (yy_c_buf_p) > &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[(yy_n_chars) + 1] ) +@@ -3192,7 +3229,7 @@ static int yy_get_next_buffer (void) + /* Try to read more data. */ + + /* First move last chars to start of buffer. */ +- number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr)) - 1; ++ number_to_move = (int) ((yy_c_buf_p) - (yytext_ptr) - 1); + + for ( i = 0; i < number_to_move; ++i ) + *(dest++) = *(source++); +@@ -3205,21 +3242,21 @@ static int yy_get_next_buffer (void) + + else + { +- yy_size_t num_to_read = ++ int num_to_read = + YY_CURRENT_BUFFER_LVALUE->yy_buf_size - number_to_move - 1; + + while ( num_to_read <= 0 ) + { /* Not enough room in the buffer - grow it. */ + + /* just a shorter name for the current buffer */ +- YY_BUFFER_STATE b = YY_CURRENT_BUFFER; ++ YY_BUFFER_STATE b = YY_CURRENT_BUFFER_LVALUE; + + int yy_c_buf_p_offset = + (int) ((yy_c_buf_p) - b->yy_ch_buf); + + if ( b->yy_is_our_buffer ) + { +- yy_size_t new_size = b->yy_buf_size * 2; ++ int new_size = b->yy_buf_size * 2; + + if ( new_size <= 0 ) + b->yy_buf_size += b->yy_buf_size / 8; +@@ -3228,11 +3265,12 @@ static int yy_get_next_buffer (void) + + b->yy_ch_buf = (char *) + /* Include room in for 2 EOB chars. */ +- yyrealloc((void *) b->yy_ch_buf,b->yy_buf_size + 2 ); ++ yyrealloc( (void *) b->yy_ch_buf, ++ (yy_size_t) (b->yy_buf_size + 2) ); + } + else + /* Can't grow it, we don't own it. */ +- b->yy_ch_buf = 0; ++ b->yy_ch_buf = NULL; + + if ( ! b->yy_ch_buf ) + YY_FATAL_ERROR( +@@ -3260,7 +3298,7 @@ static int yy_get_next_buffer (void) + if ( number_to_move == YY_MORE_ADJ ) + { + ret_val = EOB_ACT_END_OF_FILE; +- yyrestart(yyin ); ++ yyrestart( yyin ); + } + + else +@@ -3274,12 +3312,15 @@ static int yy_get_next_buffer (void) + else + ret_val = EOB_ACT_CONTINUE_SCAN; + +- if ((yy_size_t) ((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { ++ if (((yy_n_chars) + number_to_move) > YY_CURRENT_BUFFER_LVALUE->yy_buf_size) { + /* Extend the array by 50%, plus the number we really need. */ +- yy_size_t new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); +- YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc((void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf,new_size ); ++ int new_size = (yy_n_chars) + number_to_move + ((yy_n_chars) >> 1); ++ YY_CURRENT_BUFFER_LVALUE->yy_ch_buf = (char *) yyrealloc( ++ (void *) YY_CURRENT_BUFFER_LVALUE->yy_ch_buf, (yy_size_t) new_size ); + if ( ! YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_get_next_buffer()" ); ++ /* "- 2" to take care of EOB's */ ++ YY_CURRENT_BUFFER_LVALUE->yy_buf_size = (int) (new_size - 2); + } + + (yy_n_chars) += number_to_move; +@@ -3295,15 +3336,15 @@ static int yy_get_next_buffer (void) + + static yy_state_type yy_get_previous_state (void) + { +- register yy_state_type yy_current_state; +- register char *yy_cp; ++ yy_state_type yy_current_state; ++ char *yy_cp; + + yy_current_state = (yy_start); + yy_current_state += YY_AT_BOL(); + + for ( yy_cp = (yytext_ptr) + YY_MORE_ADJ; yy_cp < (yy_c_buf_p); ++yy_cp ) + { +- register YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); ++ YY_CHAR yy_c = (*yy_cp ? yy_ec[YY_SC_TO_UI(*yy_cp)] : 1); + if ( yy_accept[yy_current_state] ) + { + (yy_last_accepting_state) = yy_current_state; +@@ -3312,10 +3353,10 @@ static int yy_get_next_buffer (void) + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; +- if ( yy_current_state >= 1235 ) +- yy_c = yy_meta[(unsigned int) yy_c]; ++ if ( yy_current_state >= 1261 ) ++ yy_c = yy_meta[yy_c]; + } +- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; ++ yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; + } + + return yy_current_state; +@@ -3328,10 +3369,10 @@ static int yy_get_next_buffer (void) + */ + static yy_state_type yy_try_NUL_trans (yy_state_type yy_current_state ) + { +- register int yy_is_jam; +- register char *yy_cp = (yy_c_buf_p); ++ int yy_is_jam; ++ char *yy_cp = (yy_c_buf_p); + +- register YY_CHAR yy_c = 1; ++ YY_CHAR yy_c = 1; + if ( yy_accept[yy_current_state] ) + { + (yy_last_accepting_state) = yy_current_state; +@@ -3340,18 +3381,20 @@ static int yy_get_next_buffer (void) + while ( yy_chk[yy_base[yy_current_state] + yy_c] != yy_current_state ) + { + yy_current_state = (int) yy_def[yy_current_state]; +- if ( yy_current_state >= 1235 ) +- yy_c = yy_meta[(unsigned int) yy_c]; ++ if ( yy_current_state >= 1261 ) ++ yy_c = yy_meta[yy_c]; + } +- yy_current_state = yy_nxt[yy_base[yy_current_state] + (unsigned int) yy_c]; +- yy_is_jam = (yy_current_state == 1234); ++ yy_current_state = yy_nxt[yy_base[yy_current_state] + yy_c]; ++ yy_is_jam = (yy_current_state == 1260); + +- return yy_is_jam ? 0 : yy_current_state; ++ return yy_is_jam ? 0 : yy_current_state; + } + +- static void yyunput (int c, register char * yy_bp ) ++#ifndef YY_NO_UNPUT ++ ++ static void yyunput (int c, char * yy_bp ) + { +- register char *yy_cp; ++ char *yy_cp; + + yy_cp = (yy_c_buf_p); + +@@ -3361,10 +3404,10 @@ static int yy_get_next_buffer (void) + if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) + { /* need to shift things up to make room */ + /* +2 for EOB chars. */ +- register yy_size_t number_to_move = (yy_n_chars) + 2; +- register char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ ++ int number_to_move = (yy_n_chars) + 2; ++ char *dest = &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[ + YY_CURRENT_BUFFER_LVALUE->yy_buf_size + 2]; +- register char *source = ++ char *source = + &YY_CURRENT_BUFFER_LVALUE->yy_ch_buf[number_to_move]; + + while ( source > YY_CURRENT_BUFFER_LVALUE->yy_ch_buf ) +@@ -3373,7 +3416,7 @@ static int yy_get_next_buffer (void) + yy_cp += (int) (dest - source); + yy_bp += (int) (dest - source); + YY_CURRENT_BUFFER_LVALUE->yy_n_chars = +- (yy_n_chars) = YY_CURRENT_BUFFER_LVALUE->yy_buf_size; ++ (yy_n_chars) = (int) YY_CURRENT_BUFFER_LVALUE->yy_buf_size; + + if ( yy_cp < YY_CURRENT_BUFFER_LVALUE->yy_ch_buf + 2 ) + YY_FATAL_ERROR( "flex scanner push-back overflow" ); +@@ -3386,6 +3429,8 @@ static int yy_get_next_buffer (void) + (yy_c_buf_p) = yy_cp; + } + ++#endif ++ + #ifndef YY_NO_INPUT + #ifdef __cplusplus + static int yyinput (void) +@@ -3410,7 +3455,7 @@ static int yy_get_next_buffer (void) + + else + { /* need more input */ +- yy_size_t offset = (yy_c_buf_p) - (yytext_ptr); ++ int offset = (int) ((yy_c_buf_p) - (yytext_ptr)); + ++(yy_c_buf_p); + + switch ( yy_get_next_buffer( ) ) +@@ -3427,13 +3472,13 @@ static int yy_get_next_buffer (void) + */ + + /* Reset buffer status. */ +- yyrestart(yyin ); ++ yyrestart( yyin ); + + /*FALLTHROUGH*/ + + case EOB_ACT_END_OF_FILE: + { +- if ( yywrap( ) ) ++ if ( yywrap( ) ) + return 0; + + if ( ! (yy_did_buffer_switch_on_eof) ) +@@ -3473,11 +3518,11 @@ static int yy_get_next_buffer (void) + if ( ! YY_CURRENT_BUFFER ){ + yyensure_buffer_stack (); + YY_CURRENT_BUFFER_LVALUE = +- yy_create_buffer(yyin,YY_BUF_SIZE ); ++ yy_create_buffer( yyin, YY_BUF_SIZE ); + } + +- yy_init_buffer(YY_CURRENT_BUFFER,input_file ); +- yy_load_buffer_state( ); ++ yy_init_buffer( YY_CURRENT_BUFFER, input_file ); ++ yy_load_buffer_state( ); + } + + /** Switch to a different input buffer. +@@ -3505,7 +3550,7 @@ static int yy_get_next_buffer (void) + } + + YY_CURRENT_BUFFER_LVALUE = new_buffer; +- yy_load_buffer_state( ); ++ yy_load_buffer_state( ); + + /* We don't actually know whether we did this switch during + * EOF (yywrap()) processing, but the only time this flag +@@ -3533,7 +3578,7 @@ static void yy_load_buffer_state (void) + { + YY_BUFFER_STATE b; + +- b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); ++ b = (YY_BUFFER_STATE) yyalloc( sizeof( struct yy_buffer_state ) ); + if ( ! b ) + YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); + +@@ -3542,13 +3587,13 @@ static void yy_load_buffer_state (void) + /* yy_ch_buf has to be 2 characters longer than the size given because + * we need to put in 2 end-of-buffer characters. + */ +- b->yy_ch_buf = (char *) yyalloc(b->yy_buf_size + 2 ); ++ b->yy_ch_buf = (char *) yyalloc( (yy_size_t) (b->yy_buf_size + 2) ); + if ( ! b->yy_ch_buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_create_buffer()" ); + + b->yy_is_our_buffer = 1; + +- yy_init_buffer(b,file ); ++ yy_init_buffer( b, file ); + + return b; + } +@@ -3567,15 +3612,11 @@ static void yy_load_buffer_state (void) + YY_CURRENT_BUFFER_LVALUE = (YY_BUFFER_STATE) 0; + + if ( b->yy_is_our_buffer ) +- yyfree((void *) b->yy_ch_buf ); ++ yyfree( (void *) b->yy_ch_buf ); + +- yyfree((void *) b ); ++ yyfree( (void *) b ); + } + +-#ifndef __cplusplus +-extern int isatty (int ); +-#endif /* __cplusplus */ +- + /* Initializes or reinitializes a buffer. + * This function is sometimes called more than once on the same buffer, + * such as during a yyrestart() or at EOF. +@@ -3585,7 +3626,7 @@ extern int isatty (int ); + { + int oerrno = errno; + +- yy_flush_buffer(b ); ++ yy_flush_buffer( b ); + + b->yy_input_file = file; + b->yy_fill_buffer = 1; +@@ -3628,7 +3669,7 @@ extern int isatty (int ); + b->yy_buffer_status = YY_BUFFER_NEW; + + if ( b == YY_CURRENT_BUFFER ) +- yy_load_buffer_state( ); ++ yy_load_buffer_state( ); + } + + /** Pushes the new state onto the stack. The new state becomes +@@ -3659,7 +3700,7 @@ void yypush_buffer_state (YY_BUFFER_STAT + YY_CURRENT_BUFFER_LVALUE = new_buffer; + + /* copied from yy_switch_to_buffer. */ +- yy_load_buffer_state( ); ++ yy_load_buffer_state( ); + (yy_did_buffer_switch_on_eof) = 1; + } + +@@ -3678,7 +3719,7 @@ void yypop_buffer_state (void) + --(yy_buffer_stack_top); + + if (YY_CURRENT_BUFFER) { +- yy_load_buffer_state( ); ++ yy_load_buffer_state( ); + (yy_did_buffer_switch_on_eof) = 1; + } + } +@@ -3696,15 +3737,15 @@ static void yyensure_buffer_stack (void) + * scanner will even need a stack. We use 2 instead of 1 to avoid an + * immediate realloc on the next call. + */ +- num_to_alloc = 1; ++ num_to_alloc = 1; /* After all that talk, this was set to 1 anyways... */ + (yy_buffer_stack) = (struct yy_buffer_state**)yyalloc + (num_to_alloc * sizeof(struct yy_buffer_state*) + ); + if ( ! (yy_buffer_stack) ) + YY_FATAL_ERROR( "out of dynamic memory in yyensure_buffer_stack()" ); +- ++ + memset((yy_buffer_stack), 0, num_to_alloc * sizeof(struct yy_buffer_state*)); +- ++ + (yy_buffer_stack_max) = num_to_alloc; + (yy_buffer_stack_top) = 0; + return; +@@ -3713,7 +3754,7 @@ static void yyensure_buffer_stack (void) + if ((yy_buffer_stack_top) >= ((yy_buffer_stack_max)) - 1){ + + /* Increase the buffer to prepare for a possible push. */ +- int grow_size = 8 /* arbitrary grow size */; ++ yy_size_t grow_size = 8 /* arbitrary grow size */; + + num_to_alloc = (yy_buffer_stack_max) + grow_size; + (yy_buffer_stack) = (struct yy_buffer_state**)yyrealloc +@@ -3733,7 +3774,7 @@ static void yyensure_buffer_stack (void) + * @param base the character buffer + * @param size the size in bytes of the character buffer + * +- * @return the newly allocated buffer state object. ++ * @return the newly allocated buffer state object. + */ + YY_BUFFER_STATE yy_scan_buffer (char * base, yy_size_t size ) + { +@@ -3743,23 +3784,23 @@ YY_BUFFER_STATE yy_scan_buffer (char * + base[size-2] != YY_END_OF_BUFFER_CHAR || + base[size-1] != YY_END_OF_BUFFER_CHAR ) + /* They forgot to leave room for the EOB's. */ +- return 0; ++ return NULL; + +- b = (YY_BUFFER_STATE) yyalloc(sizeof( struct yy_buffer_state ) ); ++ b = (YY_BUFFER_STATE) yyalloc( sizeof( struct yy_buffer_state ) ); + if ( ! b ) + YY_FATAL_ERROR( "out of dynamic memory in yy_scan_buffer()" ); + +- b->yy_buf_size = size - 2; /* "- 2" to take care of EOB's */ ++ b->yy_buf_size = (int) (size - 2); /* "- 2" to take care of EOB's */ + b->yy_buf_pos = b->yy_ch_buf = base; + b->yy_is_our_buffer = 0; +- b->yy_input_file = 0; ++ b->yy_input_file = NULL; + b->yy_n_chars = b->yy_buf_size; + b->yy_is_interactive = 0; + b->yy_at_bol = 1; + b->yy_fill_buffer = 0; + b->yy_buffer_status = YY_BUFFER_NEW; + +- yy_switch_to_buffer(b ); ++ yy_switch_to_buffer( b ); + + return b; + } +@@ -3772,28 +3813,29 @@ YY_BUFFER_STATE yy_scan_buffer (char * + * @note If you want to scan bytes that may contain NUL values, then use + * yy_scan_bytes() instead. + */ +-YY_BUFFER_STATE yy_scan_string (yyconst char * yystr ) ++YY_BUFFER_STATE yy_scan_string (const char * yystr ) + { + +- return yy_scan_bytes(yystr,strlen(yystr) ); ++ return yy_scan_bytes( yystr, (int) strlen(yystr) ); + } + + /** Setup the input buffer state to scan the given bytes. The next call to yylex() will + * scan from a @e copy of @a bytes. +- * @param bytes the byte buffer to scan +- * @param len the number of bytes in the buffer pointed to by @a bytes. ++ * @param yybytes the byte buffer to scan ++ * @param _yybytes_len the number of bytes in the buffer pointed to by @a bytes. + * + * @return the newly allocated buffer state object. + */ +-YY_BUFFER_STATE yy_scan_bytes (yyconst char * yybytes, yy_size_t _yybytes_len ) ++YY_BUFFER_STATE yy_scan_bytes (const char * yybytes, int _yybytes_len ) + { + YY_BUFFER_STATE b; + char *buf; +- yy_size_t n, i; ++ yy_size_t n; ++ int i; + + /* Get memory for full buffer, including space for trailing EOB's. */ +- n = _yybytes_len + 2; +- buf = (char *) yyalloc(n ); ++ n = (yy_size_t) (_yybytes_len + 2); ++ buf = (char *) yyalloc( n ); + if ( ! buf ) + YY_FATAL_ERROR( "out of dynamic memory in yy_scan_bytes()" ); + +@@ -3802,7 +3844,7 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst + + buf[_yybytes_len] = buf[_yybytes_len+1] = YY_END_OF_BUFFER_CHAR; + +- b = yy_scan_buffer(buf,n ); ++ b = yy_scan_buffer( buf, n ); + if ( ! b ) + YY_FATAL_ERROR( "bad buffer in yy_scan_bytes()" ); + +@@ -3814,20 +3856,21 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst + return b; + } + +- static void yy_push_state (int new_state ) ++ static void yy_push_state (int _new_state ) + { + if ( (yy_start_stack_ptr) >= (yy_start_stack_depth) ) + { + yy_size_t new_size; + + (yy_start_stack_depth) += YY_START_STACK_INCR; +- new_size = (yy_start_stack_depth) * sizeof( int ); ++ new_size = (yy_size_t) (yy_start_stack_depth) * sizeof( int ); + + if ( ! (yy_start_stack) ) +- (yy_start_stack) = (int *) yyalloc(new_size ); ++ (yy_start_stack) = (int *) yyalloc( new_size ); + + else +- (yy_start_stack) = (int *) yyrealloc((void *) (yy_start_stack),new_size ); ++ (yy_start_stack) = (int *) yyrealloc( ++ (void *) (yy_start_stack), new_size ); + + if ( ! (yy_start_stack) ) + YY_FATAL_ERROR( "out of memory expanding start-condition stack" ); +@@ -3835,7 +3878,7 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst + + (yy_start_stack)[(yy_start_stack_ptr)++] = YY_START; + +- BEGIN(new_state); ++ BEGIN(_new_state); + } + + static void yy_pop_state (void) +@@ -3855,9 +3898,9 @@ YY_BUFFER_STATE yy_scan_bytes (yyconst + #define YY_EXIT_FAILURE 2 + #endif + +-static void yy_fatal_error (yyconst char* msg ) ++static void yynoreturn yy_fatal_error (const char* msg ) + { +- (void) fprintf( stderr, "%s\n", msg ); ++ fprintf( stderr, "%s\n", msg ); + exit( YY_EXIT_FAILURE ); + } + +@@ -3885,7 +3928,7 @@ static void yy_fatal_error (yyconst char + */ + int yyget_lineno (void) + { +- ++ + return yylineno; + } + +@@ -3908,7 +3951,7 @@ FILE *yyget_out (void) + /** Get the length of the current token. + * + */ +-yy_size_t yyget_leng (void) ++int yyget_leng (void) + { + return yyleng; + } +@@ -3923,29 +3966,29 @@ char *yyget_text (void) + } + + /** Set the current line number. +- * @param line_number ++ * @param _line_number line number + * + */ +-void yyset_lineno (int line_number ) ++void yyset_lineno (int _line_number ) + { + +- yylineno = line_number; ++ yylineno = _line_number; + } + + /** Set the input stream. This does not discard the current + * input buffer. +- * @param in_str A readable stream. ++ * @param _in_str A readable stream. + * + * @see yy_switch_to_buffer + */ +-void yyset_in (FILE * in_str ) ++void yyset_in (FILE * _in_str ) + { +- yyin = in_str ; ++ yyin = _in_str ; + } + +-void yyset_out (FILE * out_str ) ++void yyset_out (FILE * _out_str ) + { +- yyout = out_str ; ++ yyout = _out_str ; + } + + int yyget_debug (void) +@@ -3953,9 +3996,9 @@ int yyget_debug (void) + return yy_flex_debug; + } + +-void yyset_debug (int bdebug ) ++void yyset_debug (int _bdebug ) + { +- yy_flex_debug = bdebug ; ++ yy_flex_debug = _bdebug ; + } + + static int yy_init_globals (void) +@@ -3964,10 +4007,10 @@ static int yy_init_globals (void) + * This function is called from yylex_destroy(), so don't allocate here. + */ + +- (yy_buffer_stack) = 0; ++ (yy_buffer_stack) = NULL; + (yy_buffer_stack_top) = 0; + (yy_buffer_stack_max) = 0; +- (yy_c_buf_p) = (char *) 0; ++ (yy_c_buf_p) = NULL; + (yy_init) = 0; + (yy_start) = 0; + +@@ -3980,8 +4023,8 @@ static int yy_init_globals (void) + yyin = stdin; + yyout = stdout; + #else +- yyin = (FILE *) 0; +- yyout = (FILE *) 0; ++ yyin = NULL; ++ yyout = NULL; + #endif + + /* For future reference: Set errno on error, since we are called by +@@ -3996,7 +4039,7 @@ int yylex_destroy (void) + + /* Pop the buffer stack, destroying each element. */ + while(YY_CURRENT_BUFFER){ +- yy_delete_buffer(YY_CURRENT_BUFFER ); ++ yy_delete_buffer( YY_CURRENT_BUFFER ); + YY_CURRENT_BUFFER_LVALUE = NULL; + yypop_buffer_state(); + } +@@ -4006,7 +4049,7 @@ int yylex_destroy (void) + (yy_buffer_stack) = NULL; + + /* Destroy the start condition stack. */ +- yyfree((yy_start_stack) ); ++ yyfree( (yy_start_stack) ); + (yy_start_stack) = NULL; + + /* Reset the globals. This is important in a non-reentrant scanner so the next time +@@ -4021,18 +4064,19 @@ int yylex_destroy (void) + */ + + #ifndef yytext_ptr +-static void yy_flex_strncpy (char* s1, yyconst char * s2, int n ) ++static void yy_flex_strncpy (char* s1, const char * s2, int n ) + { +- register int i; ++ ++ int i; + for ( i = 0; i < n; ++i ) + s1[i] = s2[i]; + } + #endif + + #ifdef YY_NEED_STRLEN +-static int yy_flex_strlen (yyconst char * s ) ++static int yy_flex_strlen (const char * s ) + { +- register int n; ++ int n; + for ( n = 0; s[n]; ++n ) + ; + +@@ -4042,11 +4086,12 @@ static int yy_flex_strlen (yyconst char + + void *yyalloc (yy_size_t size ) + { +- return (void *) malloc( size ); ++ return malloc(size); + } + + void *yyrealloc (void * ptr, yy_size_t size ) + { ++ + /* The cast to (char *) in the following accommodates both + * implementations that use char* generic pointers, and those + * that use void* generic pointers. It works with the latter +@@ -4054,18 +4099,17 @@ void *yyrealloc (void * ptr, yy_size_t + * any pointer type to void*, and deal with argument conversions + * as though doing an assignment. + */ +- return (void *) realloc( (char *) ptr, size ); ++ return realloc(ptr, size); + } + + void yyfree (void * ptr ) + { +- free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ ++ free( (char *) ptr ); /* see yyrealloc() for (char *) cast */ + } + + #define YYTABLES_NAME "yytables" + +-#line 633 "sip-4.19.23/sipgen/metasrc/lexer.l" +- ++#line 635 "lexer.l" + + + /* +Index: sip-4.19.23/sipgen/parser.c +=================================================================== +--- sip-4.19.23.orig/sipgen/parser.c ++++ sip-4.19.23/sipgen/parser.c +@@ -1,14 +1,14 @@ +-/* A Bison parser, made by GNU Bison 2.3. */ ++/* A Bison parser, made by GNU Bison 3.8.2. */ + +-/* Skeleton implementation for Bison's Yacc-like parsers in C ++/* Bison implementation for Yacc-like parsers in C + +- Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +- Free Software Foundation, Inc. ++ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation, ++ Inc. + +- This program is free software; you can redistribute it and/or modify ++ This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +- the Free Software Foundation; either version 2, or (at your option) +- any later version. ++ the Free Software Foundation, either version 3 of the License, or ++ (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of +@@ -16,9 +16,7 @@ + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License +- along with this program; if not, write to the Free Software +- Foundation, Inc., 51 Franklin Street, Fifth Floor, +- Boston, MA 02110-1301, USA. */ ++ along with this program. If not, see . */ + + /* As a special exception, you may create a larger work that contains + part or all of the Bison parser skeleton and distribute that work +@@ -36,6 +34,10 @@ + /* C LALR(1) parser skeleton written by Richard Stallman, by + simplifying the original so-called "semantic" parser. */ + ++/* DO NOT RELY ON FEATURES THAT ARE NOT DOCUMENTED in the manual, ++ especially those whose name start with YY_ or yy_. They are ++ private implementation details that can be changed or removed. */ ++ + /* All symbols defined below should begin with yy or YY, to avoid + infringing on user name space. This should be done even for local + variables, as they might otherwise be expanded by user macros. +@@ -43,11 +45,11 @@ + define necessary library symbols; they are noted "INFRINGES ON + USER NAME SPACE" below. */ + +-/* Identify Bison output. */ +-#define YYBISON 1 ++/* Identify Bison output, and Bison version. */ ++#define YYBISON 30802 + +-/* Bison version. */ +-#define YYBISON_VERSION "2.3" ++/* Bison version string. */ ++#define YYBISON_VERSION "3.8.2" + + /* Skeleton name. */ + #define YYSKELETON_NAME "yacc.c" +@@ -55,324 +57,17 @@ + /* Pure parsers. */ + #define YYPURE 0 + +-/* Using locations. */ +-#define YYLSP_NEEDED 0 +- ++/* Push parsers. */ ++#define YYPUSH 0 + +- +-/* Tokens. */ +-#ifndef YYTOKENTYPE +-# define YYTOKENTYPE +- /* Put the tokens into the symbol table, so that GDB and other debuggers +- know about them. */ +- enum yytokentype { +- TK_API = 258, +- TK_AUTOPYNAME = 259, +- TK_DEFDOCSTRFMT = 260, +- TK_DEFDOCSTRSIG = 261, +- TK_DEFENCODING = 262, +- TK_PLUGIN = 263, +- TK_VIRTERRORHANDLER = 264, +- TK_EXPTYPEHINTCODE = 265, +- TK_TYPEHINTCODE = 266, +- TK_DOCSTRING = 267, +- TK_DOC = 268, +- TK_EXPORTEDDOC = 269, +- TK_EXTRACT = 270, +- TK_MAKEFILE = 271, +- TK_ACCESSCODE = 272, +- TK_GETCODE = 273, +- TK_SETCODE = 274, +- TK_PREINITCODE = 275, +- TK_INITCODE = 276, +- TK_POSTINITCODE = 277, +- TK_FINALCODE = 278, +- TK_UNITCODE = 279, +- TK_UNITPOSTINCLUDECODE = 280, +- TK_MODCODE = 281, +- TK_TYPECODE = 282, +- TK_PREPYCODE = 283, +- TK_COPYING = 284, +- TK_MAPPEDTYPE = 285, +- TK_CODELINE = 286, +- TK_IF = 287, +- TK_END = 288, +- TK_NAME_VALUE = 289, +- TK_PATH_VALUE = 290, +- TK_STRING_VALUE = 291, +- TK_VIRTUALCATCHERCODE = 292, +- TK_TRAVERSECODE = 293, +- TK_CLEARCODE = 294, +- TK_GETBUFFERCODE = 295, +- TK_RELEASEBUFFERCODE = 296, +- TK_READBUFFERCODE = 297, +- TK_WRITEBUFFERCODE = 298, +- TK_SEGCOUNTCODE = 299, +- TK_CHARBUFFERCODE = 300, +- TK_PICKLECODE = 301, +- TK_VIRTUALCALLCODE = 302, +- TK_METHODCODE = 303, +- TK_PREMETHODCODE = 304, +- TK_INSTANCECODE = 305, +- TK_FROMTYPE = 306, +- TK_TOTYPE = 307, +- TK_TOSUBCLASS = 308, +- TK_INCLUDE = 309, +- TK_OPTINCLUDE = 310, +- TK_IMPORT = 311, +- TK_EXPHEADERCODE = 312, +- TK_MODHEADERCODE = 313, +- TK_TYPEHEADERCODE = 314, +- TK_MODULE = 315, +- TK_CMODULE = 316, +- TK_CONSMODULE = 317, +- TK_COMPOMODULE = 318, +- TK_CLASS = 319, +- TK_STRUCT = 320, +- TK_PUBLIC = 321, +- TK_PROTECTED = 322, +- TK_PRIVATE = 323, +- TK_SIGNALS = 324, +- TK_SIGNAL_METHOD = 325, +- TK_SLOTS = 326, +- TK_SLOT_METHOD = 327, +- TK_BOOL = 328, +- TK_SHORT = 329, +- TK_INT = 330, +- TK_LONG = 331, +- TK_FLOAT = 332, +- TK_DOUBLE = 333, +- TK_CHAR = 334, +- TK_WCHAR_T = 335, +- TK_VOID = 336, +- TK_PYOBJECT = 337, +- TK_PYTUPLE = 338, +- TK_PYLIST = 339, +- TK_PYDICT = 340, +- TK_PYCALLABLE = 341, +- TK_PYSLICE = 342, +- TK_PYTYPE = 343, +- TK_PYBUFFER = 344, +- TK_VIRTUAL = 345, +- TK_ENUM = 346, +- TK_SIGNED = 347, +- TK_UNSIGNED = 348, +- TK_SCOPE = 349, +- TK_LOGICAL_OR = 350, +- TK_CONST = 351, +- TK_STATIC = 352, +- TK_SIPSIGNAL = 353, +- TK_SIPSLOT = 354, +- TK_SIPANYSLOT = 355, +- TK_SIPRXCON = 356, +- TK_SIPRXDIS = 357, +- TK_SIPSLOTCON = 358, +- TK_SIPSLOTDIS = 359, +- TK_SIPSSIZET = 360, +- TK_SIZET = 361, +- TK_NUMBER_VALUE = 362, +- TK_REAL_VALUE = 363, +- TK_TYPEDEF = 364, +- TK_NAMESPACE = 365, +- TK_TIMELINE = 366, +- TK_PLATFORMS = 367, +- TK_FEATURE = 368, +- TK_LICENSE = 369, +- TK_QCHAR_VALUE = 370, +- TK_TRUE_VALUE = 371, +- TK_FALSE_VALUE = 372, +- TK_NULL_VALUE = 373, +- TK_OPERATOR = 374, +- TK_THROW = 375, +- TK_QOBJECT = 376, +- TK_EXCEPTION = 377, +- TK_RAISECODE = 378, +- TK_EXPLICIT = 379, +- TK_TEMPLATE = 380, +- TK_FINAL = 381, +- TK_ELLIPSIS = 382, +- TK_DEFMETATYPE = 383, +- TK_DEFSUPERTYPE = 384, +- TK_PROPERTY = 385, +- TK_HIDE_NS = 386, +- TK_FORMAT = 387, +- TK_GET = 388, +- TK_ID = 389, +- TK_KWARGS = 390, +- TK_LANGUAGE = 391, +- TK_LICENSEE = 392, +- TK_NAME = 393, +- TK_OPTIONAL = 394, +- TK_ORDER = 395, +- TK_REMOVELEADING = 396, +- TK_SET = 397, +- TK_SIGNATURE = 398, +- TK_TIMESTAMP = 399, +- TK_TYPE = 400, +- TK_USEARGNAMES = 401, +- TK_USELIMITEDAPI = 402, +- TK_ALLRAISEPYEXC = 403, +- TK_CALLSUPERINIT = 404, +- TK_DEFERRORHANDLER = 405, +- TK_VERSION = 406 +- }; +-#endif +-/* Tokens. */ +-#define TK_API 258 +-#define TK_AUTOPYNAME 259 +-#define TK_DEFDOCSTRFMT 260 +-#define TK_DEFDOCSTRSIG 261 +-#define TK_DEFENCODING 262 +-#define TK_PLUGIN 263 +-#define TK_VIRTERRORHANDLER 264 +-#define TK_EXPTYPEHINTCODE 265 +-#define TK_TYPEHINTCODE 266 +-#define TK_DOCSTRING 267 +-#define TK_DOC 268 +-#define TK_EXPORTEDDOC 269 +-#define TK_EXTRACT 270 +-#define TK_MAKEFILE 271 +-#define TK_ACCESSCODE 272 +-#define TK_GETCODE 273 +-#define TK_SETCODE 274 +-#define TK_PREINITCODE 275 +-#define TK_INITCODE 276 +-#define TK_POSTINITCODE 277 +-#define TK_FINALCODE 278 +-#define TK_UNITCODE 279 +-#define TK_UNITPOSTINCLUDECODE 280 +-#define TK_MODCODE 281 +-#define TK_TYPECODE 282 +-#define TK_PREPYCODE 283 +-#define TK_COPYING 284 +-#define TK_MAPPEDTYPE 285 +-#define TK_CODELINE 286 +-#define TK_IF 287 +-#define TK_END 288 +-#define TK_NAME_VALUE 289 +-#define TK_PATH_VALUE 290 +-#define TK_STRING_VALUE 291 +-#define TK_VIRTUALCATCHERCODE 292 +-#define TK_TRAVERSECODE 293 +-#define TK_CLEARCODE 294 +-#define TK_GETBUFFERCODE 295 +-#define TK_RELEASEBUFFERCODE 296 +-#define TK_READBUFFERCODE 297 +-#define TK_WRITEBUFFERCODE 298 +-#define TK_SEGCOUNTCODE 299 +-#define TK_CHARBUFFERCODE 300 +-#define TK_PICKLECODE 301 +-#define TK_VIRTUALCALLCODE 302 +-#define TK_METHODCODE 303 +-#define TK_PREMETHODCODE 304 +-#define TK_INSTANCECODE 305 +-#define TK_FROMTYPE 306 +-#define TK_TOTYPE 307 +-#define TK_TOSUBCLASS 308 +-#define TK_INCLUDE 309 +-#define TK_OPTINCLUDE 310 +-#define TK_IMPORT 311 +-#define TK_EXPHEADERCODE 312 +-#define TK_MODHEADERCODE 313 +-#define TK_TYPEHEADERCODE 314 +-#define TK_MODULE 315 +-#define TK_CMODULE 316 +-#define TK_CONSMODULE 317 +-#define TK_COMPOMODULE 318 +-#define TK_CLASS 319 +-#define TK_STRUCT 320 +-#define TK_PUBLIC 321 +-#define TK_PROTECTED 322 +-#define TK_PRIVATE 323 +-#define TK_SIGNALS 324 +-#define TK_SIGNAL_METHOD 325 +-#define TK_SLOTS 326 +-#define TK_SLOT_METHOD 327 +-#define TK_BOOL 328 +-#define TK_SHORT 329 +-#define TK_INT 330 +-#define TK_LONG 331 +-#define TK_FLOAT 332 +-#define TK_DOUBLE 333 +-#define TK_CHAR 334 +-#define TK_WCHAR_T 335 +-#define TK_VOID 336 +-#define TK_PYOBJECT 337 +-#define TK_PYTUPLE 338 +-#define TK_PYLIST 339 +-#define TK_PYDICT 340 +-#define TK_PYCALLABLE 341 +-#define TK_PYSLICE 342 +-#define TK_PYTYPE 343 +-#define TK_PYBUFFER 344 +-#define TK_VIRTUAL 345 +-#define TK_ENUM 346 +-#define TK_SIGNED 347 +-#define TK_UNSIGNED 348 +-#define TK_SCOPE 349 +-#define TK_LOGICAL_OR 350 +-#define TK_CONST 351 +-#define TK_STATIC 352 +-#define TK_SIPSIGNAL 353 +-#define TK_SIPSLOT 354 +-#define TK_SIPANYSLOT 355 +-#define TK_SIPRXCON 356 +-#define TK_SIPRXDIS 357 +-#define TK_SIPSLOTCON 358 +-#define TK_SIPSLOTDIS 359 +-#define TK_SIPSSIZET 360 +-#define TK_SIZET 361 +-#define TK_NUMBER_VALUE 362 +-#define TK_REAL_VALUE 363 +-#define TK_TYPEDEF 364 +-#define TK_NAMESPACE 365 +-#define TK_TIMELINE 366 +-#define TK_PLATFORMS 367 +-#define TK_FEATURE 368 +-#define TK_LICENSE 369 +-#define TK_QCHAR_VALUE 370 +-#define TK_TRUE_VALUE 371 +-#define TK_FALSE_VALUE 372 +-#define TK_NULL_VALUE 373 +-#define TK_OPERATOR 374 +-#define TK_THROW 375 +-#define TK_QOBJECT 376 +-#define TK_EXCEPTION 377 +-#define TK_RAISECODE 378 +-#define TK_EXPLICIT 379 +-#define TK_TEMPLATE 380 +-#define TK_FINAL 381 +-#define TK_ELLIPSIS 382 +-#define TK_DEFMETATYPE 383 +-#define TK_DEFSUPERTYPE 384 +-#define TK_PROPERTY 385 +-#define TK_HIDE_NS 386 +-#define TK_FORMAT 387 +-#define TK_GET 388 +-#define TK_ID 389 +-#define TK_KWARGS 390 +-#define TK_LANGUAGE 391 +-#define TK_LICENSEE 392 +-#define TK_NAME 393 +-#define TK_OPTIONAL 394 +-#define TK_ORDER 395 +-#define TK_REMOVELEADING 396 +-#define TK_SET 397 +-#define TK_SIGNATURE 398 +-#define TK_TIMESTAMP 399 +-#define TK_TYPE 400 +-#define TK_USEARGNAMES 401 +-#define TK_USELIMITEDAPI 402 +-#define TK_ALLRAISEPYEXC 403 +-#define TK_CALLSUPERINIT 404 +-#define TK_DEFERRORHANDLER 405 +-#define TK_VERSION 406 ++/* Pull parsers. */ ++#define YYPULL 1 + + + + +-/* Copy the first part of user declarations. */ +-#line 19 "sip-4.19.23/sipgen/metasrc/parser.y" ++/* First part of user prologue. */ ++#line 19 "parser.y" + + #include + #include +@@ -539,9 +234,9 @@ static void addProperty(sipSpec *pt, mod + docstringDef *docstring); + static moduleDef *configureModule(sipSpec *pt, moduleDef *module, + const char *filename, const char *name, int c_module, KwArgs kwargs, +- int use_arg_names, int use_limited_api, int call_super_init, +- int all_raise_py_exc, const char *def_error_handler, +- docstringDef *docstring); ++ int use_arg_names, int py_ssize_t_clean, int use_limited_api, ++ int call_super_init, int all_raise_py_exc, ++ const char *def_error_handler, docstringDef *docstring); + static void addAutoPyName(moduleDef *mod, const char *remove_leading); + static KwArgs convertKwArgs(const char *kwargs); + static void checkAnnos(optFlags *annos, const char *valid[]); +@@ -555,117 +250,555 @@ static int isBackstop(qualDef *qd); + static void checkEllipsis(signatureDef *sd); + static scopedNameDef *fullyQualifiedName(scopedNameDef *snd); + ++#line 254 "../parser.c" + +-/* Enabling traces. */ +-#ifndef YYDEBUG +-# define YYDEBUG 0 +-#endif +- +-/* Enabling verbose error messages. */ +-#ifdef YYERROR_VERBOSE +-# undef YYERROR_VERBOSE +-# define YYERROR_VERBOSE 1 +-#else +-# define YYERROR_VERBOSE 0 +-#endif +- +-/* Enabling the token table. */ +-#ifndef YYTOKEN_TABLE +-# define YYTOKEN_TABLE 0 +-#endif +- +-#if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED +-typedef union YYSTYPE +-#line 202 "sip-4.19.23/sipgen/metasrc/parser.y" +-{ +- char qchar; +- char *text; +- long number; +- double real; +- argDef memArg; +- signatureDef signature; +- signatureDef *optsignature; +- throwArgs *throwlist; +- codeBlock *codeb; +- docstringDef *docstr; +- valueDef value; +- valueDef *valp; +- optFlags optflags; +- optFlag flag; +- scopedNameDef *scpvalp; +- fcallDef fcall; +- int boolean; +- exceptionDef exceptionbase; +- classDef *klass; +- apiCfg api; +- autoPyNameCfg autopyname; +- compModuleCfg compmodule; +- consModuleCfg consmodule; +- defDocstringFmtCfg defdocstringfmt; +- defDocstringSigCfg defdocstringsig; +- defEncodingCfg defencoding; +- defMetatypeCfg defmetatype; +- defSupertypeCfg defsupertype; +- hiddenNsCfg hiddenns; +- exceptionCfg exception; +- docstringCfg docstring; +- extractCfg extract; +- featureCfg feature; +- licenseCfg license; +- importCfg import; +- includeCfg include; +- moduleCfg module; +- pluginCfg plugin; +- propertyCfg property; +- variableCfg variable; +- vehCfg veh; +- int token; +-} +-/* Line 193 of yacc.c. */ +-#line 626 "sip-4.19.23/sipgen/parser.c" +- YYSTYPE; +-# define yystype YYSTYPE /* obsolescent; will be withdrawn */ +-# define YYSTYPE_IS_DECLARED 1 +-# define YYSTYPE_IS_TRIVIAL 1 +-#endif +- ++# ifndef YY_CAST ++# ifdef __cplusplus ++# define YY_CAST(Type, Val) static_cast (Val) ++# define YY_REINTERPRET_CAST(Type, Val) reinterpret_cast (Val) ++# else ++# define YY_CAST(Type, Val) ((Type) (Val)) ++# define YY_REINTERPRET_CAST(Type, Val) ((Type) (Val)) ++# endif ++# endif ++# ifndef YY_NULLPTR ++# if defined __cplusplus ++# if 201103L <= __cplusplus ++# define YY_NULLPTR nullptr ++# else ++# define YY_NULLPTR 0 ++# endif ++# else ++# define YY_NULLPTR ((void*)0) ++# endif ++# endif + ++#include "parser.h" ++/* Symbol kind. */ ++enum yysymbol_kind_t ++{ ++ YYSYMBOL_YYEMPTY = -2, ++ YYSYMBOL_YYEOF = 0, /* "end of file" */ ++ YYSYMBOL_YYerror = 1, /* error */ ++ YYSYMBOL_YYUNDEF = 2, /* "invalid token" */ ++ YYSYMBOL_TK_API = 3, /* TK_API */ ++ YYSYMBOL_TK_AUTOPYNAME = 4, /* TK_AUTOPYNAME */ ++ YYSYMBOL_TK_DEFDOCSTRFMT = 5, /* TK_DEFDOCSTRFMT */ ++ YYSYMBOL_TK_DEFDOCSTRSIG = 6, /* TK_DEFDOCSTRSIG */ ++ YYSYMBOL_TK_DEFENCODING = 7, /* TK_DEFENCODING */ ++ YYSYMBOL_TK_PLUGIN = 8, /* TK_PLUGIN */ ++ YYSYMBOL_TK_VIRTERRORHANDLER = 9, /* TK_VIRTERRORHANDLER */ ++ YYSYMBOL_TK_EXPTYPEHINTCODE = 10, /* TK_EXPTYPEHINTCODE */ ++ YYSYMBOL_TK_TYPEHINTCODE = 11, /* TK_TYPEHINTCODE */ ++ YYSYMBOL_TK_DOCSTRING = 12, /* TK_DOCSTRING */ ++ YYSYMBOL_TK_DOC = 13, /* TK_DOC */ ++ YYSYMBOL_TK_EXPORTEDDOC = 14, /* TK_EXPORTEDDOC */ ++ YYSYMBOL_TK_EXTRACT = 15, /* TK_EXTRACT */ ++ YYSYMBOL_TK_MAKEFILE = 16, /* TK_MAKEFILE */ ++ YYSYMBOL_TK_ACCESSCODE = 17, /* TK_ACCESSCODE */ ++ YYSYMBOL_TK_GETCODE = 18, /* TK_GETCODE */ ++ YYSYMBOL_TK_SETCODE = 19, /* TK_SETCODE */ ++ YYSYMBOL_TK_PREINITCODE = 20, /* TK_PREINITCODE */ ++ YYSYMBOL_TK_INITCODE = 21, /* TK_INITCODE */ ++ YYSYMBOL_TK_POSTINITCODE = 22, /* TK_POSTINITCODE */ ++ YYSYMBOL_TK_FINALCODE = 23, /* TK_FINALCODE */ ++ YYSYMBOL_TK_UNITCODE = 24, /* TK_UNITCODE */ ++ YYSYMBOL_TK_UNITPOSTINCLUDECODE = 25, /* TK_UNITPOSTINCLUDECODE */ ++ YYSYMBOL_TK_MODCODE = 26, /* TK_MODCODE */ ++ YYSYMBOL_TK_TYPECODE = 27, /* TK_TYPECODE */ ++ YYSYMBOL_TK_PREPYCODE = 28, /* TK_PREPYCODE */ ++ YYSYMBOL_TK_COPYING = 29, /* TK_COPYING */ ++ YYSYMBOL_TK_MAPPEDTYPE = 30, /* TK_MAPPEDTYPE */ ++ YYSYMBOL_TK_CODELINE = 31, /* TK_CODELINE */ ++ YYSYMBOL_TK_IF = 32, /* TK_IF */ ++ YYSYMBOL_TK_END = 33, /* TK_END */ ++ YYSYMBOL_TK_NAME_VALUE = 34, /* TK_NAME_VALUE */ ++ YYSYMBOL_TK_PATH_VALUE = 35, /* TK_PATH_VALUE */ ++ YYSYMBOL_TK_STRING_VALUE = 36, /* TK_STRING_VALUE */ ++ YYSYMBOL_TK_VIRTUALCATCHERCODE = 37, /* TK_VIRTUALCATCHERCODE */ ++ YYSYMBOL_TK_TRAVERSECODE = 38, /* TK_TRAVERSECODE */ ++ YYSYMBOL_TK_CLEARCODE = 39, /* TK_CLEARCODE */ ++ YYSYMBOL_TK_GETBUFFERCODE = 40, /* TK_GETBUFFERCODE */ ++ YYSYMBOL_TK_RELEASEBUFFERCODE = 41, /* TK_RELEASEBUFFERCODE */ ++ YYSYMBOL_TK_READBUFFERCODE = 42, /* TK_READBUFFERCODE */ ++ YYSYMBOL_TK_WRITEBUFFERCODE = 43, /* TK_WRITEBUFFERCODE */ ++ YYSYMBOL_TK_SEGCOUNTCODE = 44, /* TK_SEGCOUNTCODE */ ++ YYSYMBOL_TK_CHARBUFFERCODE = 45, /* TK_CHARBUFFERCODE */ ++ YYSYMBOL_TK_PICKLECODE = 46, /* TK_PICKLECODE */ ++ YYSYMBOL_TK_VIRTUALCALLCODE = 47, /* TK_VIRTUALCALLCODE */ ++ YYSYMBOL_TK_METHODCODE = 48, /* TK_METHODCODE */ ++ YYSYMBOL_TK_PREMETHODCODE = 49, /* TK_PREMETHODCODE */ ++ YYSYMBOL_TK_INSTANCECODE = 50, /* TK_INSTANCECODE */ ++ YYSYMBOL_TK_FROMTYPE = 51, /* TK_FROMTYPE */ ++ YYSYMBOL_TK_TOTYPE = 52, /* TK_TOTYPE */ ++ YYSYMBOL_TK_TOSUBCLASS = 53, /* TK_TOSUBCLASS */ ++ YYSYMBOL_TK_INCLUDE = 54, /* TK_INCLUDE */ ++ YYSYMBOL_TK_OPTINCLUDE = 55, /* TK_OPTINCLUDE */ ++ YYSYMBOL_TK_IMPORT = 56, /* TK_IMPORT */ ++ YYSYMBOL_TK_EXPHEADERCODE = 57, /* TK_EXPHEADERCODE */ ++ YYSYMBOL_TK_MODHEADERCODE = 58, /* TK_MODHEADERCODE */ ++ YYSYMBOL_TK_TYPEHEADERCODE = 59, /* TK_TYPEHEADERCODE */ ++ YYSYMBOL_TK_MODULE = 60, /* TK_MODULE */ ++ YYSYMBOL_TK_CMODULE = 61, /* TK_CMODULE */ ++ YYSYMBOL_TK_CONSMODULE = 62, /* TK_CONSMODULE */ ++ YYSYMBOL_TK_COMPOMODULE = 63, /* TK_COMPOMODULE */ ++ YYSYMBOL_TK_CLASS = 64, /* TK_CLASS */ ++ YYSYMBOL_TK_STRUCT = 65, /* TK_STRUCT */ ++ YYSYMBOL_TK_PUBLIC = 66, /* TK_PUBLIC */ ++ YYSYMBOL_TK_PROTECTED = 67, /* TK_PROTECTED */ ++ YYSYMBOL_TK_PRIVATE = 68, /* TK_PRIVATE */ ++ YYSYMBOL_TK_SIGNALS = 69, /* TK_SIGNALS */ ++ YYSYMBOL_TK_SIGNAL_METHOD = 70, /* TK_SIGNAL_METHOD */ ++ YYSYMBOL_TK_SLOTS = 71, /* TK_SLOTS */ ++ YYSYMBOL_TK_SLOT_METHOD = 72, /* TK_SLOT_METHOD */ ++ YYSYMBOL_TK_BOOL = 73, /* TK_BOOL */ ++ YYSYMBOL_TK_SHORT = 74, /* TK_SHORT */ ++ YYSYMBOL_TK_INT = 75, /* TK_INT */ ++ YYSYMBOL_TK_LONG = 76, /* TK_LONG */ ++ YYSYMBOL_TK_FLOAT = 77, /* TK_FLOAT */ ++ YYSYMBOL_TK_DOUBLE = 78, /* TK_DOUBLE */ ++ YYSYMBOL_TK_CHAR = 79, /* TK_CHAR */ ++ YYSYMBOL_TK_WCHAR_T = 80, /* TK_WCHAR_T */ ++ YYSYMBOL_TK_VOID = 81, /* TK_VOID */ ++ YYSYMBOL_TK_PYOBJECT = 82, /* TK_PYOBJECT */ ++ YYSYMBOL_TK_PYTUPLE = 83, /* TK_PYTUPLE */ ++ YYSYMBOL_TK_PYLIST = 84, /* TK_PYLIST */ ++ YYSYMBOL_TK_PYDICT = 85, /* TK_PYDICT */ ++ YYSYMBOL_TK_PYCALLABLE = 86, /* TK_PYCALLABLE */ ++ YYSYMBOL_TK_PYSLICE = 87, /* TK_PYSLICE */ ++ YYSYMBOL_TK_PYTYPE = 88, /* TK_PYTYPE */ ++ YYSYMBOL_TK_PYBUFFER = 89, /* TK_PYBUFFER */ ++ YYSYMBOL_TK_VIRTUAL = 90, /* TK_VIRTUAL */ ++ YYSYMBOL_TK_ENUM = 91, /* TK_ENUM */ ++ YYSYMBOL_TK_SIGNED = 92, /* TK_SIGNED */ ++ YYSYMBOL_TK_UNSIGNED = 93, /* TK_UNSIGNED */ ++ YYSYMBOL_TK_SCOPE = 94, /* TK_SCOPE */ ++ YYSYMBOL_TK_LOGICAL_OR = 95, /* TK_LOGICAL_OR */ ++ YYSYMBOL_TK_CONST = 96, /* TK_CONST */ ++ YYSYMBOL_TK_STATIC = 97, /* TK_STATIC */ ++ YYSYMBOL_TK_SIPSIGNAL = 98, /* TK_SIPSIGNAL */ ++ YYSYMBOL_TK_SIPSLOT = 99, /* TK_SIPSLOT */ ++ YYSYMBOL_TK_SIPANYSLOT = 100, /* TK_SIPANYSLOT */ ++ YYSYMBOL_TK_SIPRXCON = 101, /* TK_SIPRXCON */ ++ YYSYMBOL_TK_SIPRXDIS = 102, /* TK_SIPRXDIS */ ++ YYSYMBOL_TK_SIPSLOTCON = 103, /* TK_SIPSLOTCON */ ++ YYSYMBOL_TK_SIPSLOTDIS = 104, /* TK_SIPSLOTDIS */ ++ YYSYMBOL_TK_SIPSSIZET = 105, /* TK_SIPSSIZET */ ++ YYSYMBOL_TK_SIZET = 106, /* TK_SIZET */ ++ YYSYMBOL_TK_NUMBER_VALUE = 107, /* TK_NUMBER_VALUE */ ++ YYSYMBOL_TK_REAL_VALUE = 108, /* TK_REAL_VALUE */ ++ YYSYMBOL_TK_TYPEDEF = 109, /* TK_TYPEDEF */ ++ YYSYMBOL_TK_NAMESPACE = 110, /* TK_NAMESPACE */ ++ YYSYMBOL_TK_TIMELINE = 111, /* TK_TIMELINE */ ++ YYSYMBOL_TK_PLATFORMS = 112, /* TK_PLATFORMS */ ++ YYSYMBOL_TK_FEATURE = 113, /* TK_FEATURE */ ++ YYSYMBOL_TK_LICENSE = 114, /* TK_LICENSE */ ++ YYSYMBOL_TK_QCHAR_VALUE = 115, /* TK_QCHAR_VALUE */ ++ YYSYMBOL_TK_TRUE_VALUE = 116, /* TK_TRUE_VALUE */ ++ YYSYMBOL_TK_FALSE_VALUE = 117, /* TK_FALSE_VALUE */ ++ YYSYMBOL_TK_NULL_VALUE = 118, /* TK_NULL_VALUE */ ++ YYSYMBOL_TK_OPERATOR = 119, /* TK_OPERATOR */ ++ YYSYMBOL_TK_THROW = 120, /* TK_THROW */ ++ YYSYMBOL_TK_QOBJECT = 121, /* TK_QOBJECT */ ++ YYSYMBOL_TK_EXCEPTION = 122, /* TK_EXCEPTION */ ++ YYSYMBOL_TK_RAISECODE = 123, /* TK_RAISECODE */ ++ YYSYMBOL_TK_EXPLICIT = 124, /* TK_EXPLICIT */ ++ YYSYMBOL_TK_TEMPLATE = 125, /* TK_TEMPLATE */ ++ YYSYMBOL_TK_FINAL = 126, /* TK_FINAL */ ++ YYSYMBOL_TK_ELLIPSIS = 127, /* TK_ELLIPSIS */ ++ YYSYMBOL_TK_DEFMETATYPE = 128, /* TK_DEFMETATYPE */ ++ YYSYMBOL_TK_DEFSUPERTYPE = 129, /* TK_DEFSUPERTYPE */ ++ YYSYMBOL_TK_PROPERTY = 130, /* TK_PROPERTY */ ++ YYSYMBOL_TK_HIDE_NS = 131, /* TK_HIDE_NS */ ++ YYSYMBOL_TK_FORMAT = 132, /* TK_FORMAT */ ++ YYSYMBOL_TK_GET = 133, /* TK_GET */ ++ YYSYMBOL_TK_ID = 134, /* TK_ID */ ++ YYSYMBOL_TK_KWARGS = 135, /* TK_KWARGS */ ++ YYSYMBOL_TK_LANGUAGE = 136, /* TK_LANGUAGE */ ++ YYSYMBOL_TK_LICENSEE = 137, /* TK_LICENSEE */ ++ YYSYMBOL_TK_NAME = 138, /* TK_NAME */ ++ YYSYMBOL_TK_OPTIONAL = 139, /* TK_OPTIONAL */ ++ YYSYMBOL_TK_ORDER = 140, /* TK_ORDER */ ++ YYSYMBOL_TK_REMOVELEADING = 141, /* TK_REMOVELEADING */ ++ YYSYMBOL_TK_SET = 142, /* TK_SET */ ++ YYSYMBOL_TK_SIGNATURE = 143, /* TK_SIGNATURE */ ++ YYSYMBOL_TK_TIMESTAMP = 144, /* TK_TIMESTAMP */ ++ YYSYMBOL_TK_TYPE = 145, /* TK_TYPE */ ++ YYSYMBOL_TK_USEARGNAMES = 146, /* TK_USEARGNAMES */ ++ YYSYMBOL_TK_PYSSIZETCLEAN = 147, /* TK_PYSSIZETCLEAN */ ++ YYSYMBOL_TK_USELIMITEDAPI = 148, /* TK_USELIMITEDAPI */ ++ YYSYMBOL_TK_ALLRAISEPYEXC = 149, /* TK_ALLRAISEPYEXC */ ++ YYSYMBOL_TK_CALLSUPERINIT = 150, /* TK_CALLSUPERINIT */ ++ YYSYMBOL_TK_DEFERRORHANDLER = 151, /* TK_DEFERRORHANDLER */ ++ YYSYMBOL_TK_VERSION = 152, /* TK_VERSION */ ++ YYSYMBOL_153_ = 153, /* '(' */ ++ YYSYMBOL_154_ = 154, /* ')' */ ++ YYSYMBOL_155_ = 155, /* ',' */ ++ YYSYMBOL_156_ = 156, /* '=' */ ++ YYSYMBOL_157_ = 157, /* '{' */ ++ YYSYMBOL_158_ = 158, /* '}' */ ++ YYSYMBOL_159_ = 159, /* ';' */ ++ YYSYMBOL_160_ = 160, /* '!' */ ++ YYSYMBOL_161_ = 161, /* '-' */ ++ YYSYMBOL_162_ = 162, /* '+' */ ++ YYSYMBOL_163_ = 163, /* '*' */ ++ YYSYMBOL_164_ = 164, /* '/' */ ++ YYSYMBOL_165_ = 165, /* '&' */ ++ YYSYMBOL_166_ = 166, /* '|' */ ++ YYSYMBOL_167_ = 167, /* '~' */ ++ YYSYMBOL_168_ = 168, /* '<' */ ++ YYSYMBOL_169_ = 169, /* '>' */ ++ YYSYMBOL_170_ = 170, /* ':' */ ++ YYSYMBOL_171_ = 171, /* '[' */ ++ YYSYMBOL_172_ = 172, /* ']' */ ++ YYSYMBOL_173_ = 173, /* '%' */ ++ YYSYMBOL_174_ = 174, /* '^' */ ++ YYSYMBOL_YYACCEPT = 175, /* $accept */ ++ YYSYMBOL_specification = 176, /* specification */ ++ YYSYMBOL_statement = 177, /* statement */ ++ YYSYMBOL_178_1 = 178, /* $@1 */ ++ YYSYMBOL_modstatement = 179, /* modstatement */ ++ YYSYMBOL_nsstatement = 180, /* nsstatement */ ++ YYSYMBOL_defdocstringfmt = 181, /* defdocstringfmt */ ++ YYSYMBOL_defdocstringfmt_args = 182, /* defdocstringfmt_args */ ++ YYSYMBOL_defdocstringfmt_arg_list = 183, /* defdocstringfmt_arg_list */ ++ YYSYMBOL_defdocstringfmt_arg = 184, /* defdocstringfmt_arg */ ++ YYSYMBOL_defdocstringsig = 185, /* defdocstringsig */ ++ YYSYMBOL_defdocstringsig_args = 186, /* defdocstringsig_args */ ++ YYSYMBOL_defdocstringsig_arg_list = 187, /* defdocstringsig_arg_list */ ++ YYSYMBOL_defdocstringsig_arg = 188, /* defdocstringsig_arg */ ++ YYSYMBOL_defencoding = 189, /* defencoding */ ++ YYSYMBOL_defencoding_args = 190, /* defencoding_args */ ++ YYSYMBOL_defencoding_arg_list = 191, /* defencoding_arg_list */ ++ YYSYMBOL_defencoding_arg = 192, /* defencoding_arg */ ++ YYSYMBOL_plugin = 193, /* plugin */ ++ YYSYMBOL_plugin_args = 194, /* plugin_args */ ++ YYSYMBOL_plugin_arg_list = 195, /* plugin_arg_list */ ++ YYSYMBOL_plugin_arg = 196, /* plugin_arg */ ++ YYSYMBOL_virterrorhandler = 197, /* virterrorhandler */ ++ YYSYMBOL_veh_args = 198, /* veh_args */ ++ YYSYMBOL_veh_arg_list = 199, /* veh_arg_list */ ++ YYSYMBOL_veh_arg = 200, /* veh_arg */ ++ YYSYMBOL_api = 201, /* api */ ++ YYSYMBOL_api_args = 202, /* api_args */ ++ YYSYMBOL_api_arg_list = 203, /* api_arg_list */ ++ YYSYMBOL_api_arg = 204, /* api_arg */ ++ YYSYMBOL_exception = 205, /* exception */ ++ YYSYMBOL_baseexception = 206, /* baseexception */ ++ YYSYMBOL_exception_body = 207, /* exception_body */ ++ YYSYMBOL_exception_body_directives = 208, /* exception_body_directives */ ++ YYSYMBOL_exception_body_directive = 209, /* exception_body_directive */ ++ YYSYMBOL_raisecode = 210, /* raisecode */ ++ YYSYMBOL_mappedtype = 211, /* mappedtype */ ++ YYSYMBOL_212_2 = 212, /* $@2 */ ++ YYSYMBOL_mappedtypetmpl = 213, /* mappedtypetmpl */ ++ YYSYMBOL_214_3 = 214, /* $@3 */ ++ YYSYMBOL_mtdefinition = 215, /* mtdefinition */ ++ YYSYMBOL_mtbody = 216, /* mtbody */ ++ YYSYMBOL_mtline = 217, /* mtline */ ++ YYSYMBOL_mtfunction = 218, /* mtfunction */ ++ YYSYMBOL_namespace = 219, /* namespace */ ++ YYSYMBOL_220_4 = 220, /* $@4 */ ++ YYSYMBOL_optnsbody = 221, /* optnsbody */ ++ YYSYMBOL_nsbody = 222, /* nsbody */ ++ YYSYMBOL_platforms = 223, /* platforms */ ++ YYSYMBOL_224_5 = 224, /* $@5 */ ++ YYSYMBOL_platformlist = 225, /* platformlist */ ++ YYSYMBOL_platform = 226, /* platform */ ++ YYSYMBOL_feature = 227, /* feature */ ++ YYSYMBOL_feature_args = 228, /* feature_args */ ++ YYSYMBOL_feature_arg_list = 229, /* feature_arg_list */ ++ YYSYMBOL_feature_arg = 230, /* feature_arg */ ++ YYSYMBOL_timeline = 231, /* timeline */ ++ YYSYMBOL_232_6 = 232, /* $@6 */ ++ YYSYMBOL_qualifierlist = 233, /* qualifierlist */ ++ YYSYMBOL_qualifiername = 234, /* qualifiername */ ++ YYSYMBOL_ifstart = 235, /* ifstart */ ++ YYSYMBOL_236_7 = 236, /* $@7 */ ++ YYSYMBOL_oredqualifiers = 237, /* oredqualifiers */ ++ YYSYMBOL_qualifiers = 238, /* qualifiers */ ++ YYSYMBOL_ifend = 239, /* ifend */ ++ YYSYMBOL_license = 240, /* license */ ++ YYSYMBOL_license_args = 241, /* license_args */ ++ YYSYMBOL_license_arg_list = 242, /* license_arg_list */ ++ YYSYMBOL_license_arg = 243, /* license_arg */ ++ YYSYMBOL_defmetatype = 244, /* defmetatype */ ++ YYSYMBOL_defmetatype_args = 245, /* defmetatype_args */ ++ YYSYMBOL_defmetatype_arg_list = 246, /* defmetatype_arg_list */ ++ YYSYMBOL_defmetatype_arg = 247, /* defmetatype_arg */ ++ YYSYMBOL_defsupertype = 248, /* defsupertype */ ++ YYSYMBOL_defsupertype_args = 249, /* defsupertype_args */ ++ YYSYMBOL_defsupertype_arg_list = 250, /* defsupertype_arg_list */ ++ YYSYMBOL_defsupertype_arg = 251, /* defsupertype_arg */ ++ YYSYMBOL_hiddenns = 252, /* hiddenns */ ++ YYSYMBOL_hiddenns_args = 253, /* hiddenns_args */ ++ YYSYMBOL_hiddenns_arg_list = 254, /* hiddenns_arg_list */ ++ YYSYMBOL_hiddenns_arg = 255, /* hiddenns_arg */ ++ YYSYMBOL_consmodule = 256, /* consmodule */ ++ YYSYMBOL_consmodule_args = 257, /* consmodule_args */ ++ YYSYMBOL_consmodule_arg_list = 258, /* consmodule_arg_list */ ++ YYSYMBOL_consmodule_arg = 259, /* consmodule_arg */ ++ YYSYMBOL_consmodule_body = 260, /* consmodule_body */ ++ YYSYMBOL_consmodule_body_directives = 261, /* consmodule_body_directives */ ++ YYSYMBOL_consmodule_body_directive = 262, /* consmodule_body_directive */ ++ YYSYMBOL_compmodule = 263, /* compmodule */ ++ YYSYMBOL_compmodule_args = 264, /* compmodule_args */ ++ YYSYMBOL_compmodule_arg_list = 265, /* compmodule_arg_list */ ++ YYSYMBOL_compmodule_arg = 266, /* compmodule_arg */ ++ YYSYMBOL_compmodule_body = 267, /* compmodule_body */ ++ YYSYMBOL_compmodule_body_directives = 268, /* compmodule_body_directives */ ++ YYSYMBOL_compmodule_body_directive = 269, /* compmodule_body_directive */ ++ YYSYMBOL_module = 270, /* module */ ++ YYSYMBOL_module_args = 271, /* module_args */ ++ YYSYMBOL_272_8 = 272, /* $@8 */ ++ YYSYMBOL_module_arg_list = 273, /* module_arg_list */ ++ YYSYMBOL_module_arg = 274, /* module_arg */ ++ YYSYMBOL_module_body = 275, /* module_body */ ++ YYSYMBOL_module_body_directives = 276, /* module_body_directives */ ++ YYSYMBOL_module_body_directive = 277, /* module_body_directive */ ++ YYSYMBOL_dottedname = 278, /* dottedname */ ++ YYSYMBOL_optnumber = 279, /* optnumber */ ++ YYSYMBOL_include = 280, /* include */ ++ YYSYMBOL_include_args = 281, /* include_args */ ++ YYSYMBOL_include_arg_list = 282, /* include_arg_list */ ++ YYSYMBOL_include_arg = 283, /* include_arg */ ++ YYSYMBOL_optinclude = 284, /* optinclude */ ++ YYSYMBOL_import = 285, /* import */ ++ YYSYMBOL_import_args = 286, /* import_args */ ++ YYSYMBOL_import_arg_list = 287, /* import_arg_list */ ++ YYSYMBOL_import_arg = 288, /* import_arg */ ++ YYSYMBOL_optaccesscode = 289, /* optaccesscode */ ++ YYSYMBOL_optgetcode = 290, /* optgetcode */ ++ YYSYMBOL_optsetcode = 291, /* optsetcode */ ++ YYSYMBOL_copying = 292, /* copying */ ++ YYSYMBOL_exphdrcode = 293, /* exphdrcode */ ++ YYSYMBOL_modhdrcode = 294, /* modhdrcode */ ++ YYSYMBOL_typehdrcode = 295, /* typehdrcode */ ++ YYSYMBOL_travcode = 296, /* travcode */ ++ YYSYMBOL_clearcode = 297, /* clearcode */ ++ YYSYMBOL_getbufcode = 298, /* getbufcode */ ++ YYSYMBOL_releasebufcode = 299, /* releasebufcode */ ++ YYSYMBOL_readbufcode = 300, /* readbufcode */ ++ YYSYMBOL_writebufcode = 301, /* writebufcode */ ++ YYSYMBOL_segcountcode = 302, /* segcountcode */ ++ YYSYMBOL_charbufcode = 303, /* charbufcode */ ++ YYSYMBOL_instancecode = 304, /* instancecode */ ++ YYSYMBOL_picklecode = 305, /* picklecode */ ++ YYSYMBOL_finalcode = 306, /* finalcode */ ++ YYSYMBOL_modcode = 307, /* modcode */ ++ YYSYMBOL_typecode = 308, /* typecode */ ++ YYSYMBOL_preinitcode = 309, /* preinitcode */ ++ YYSYMBOL_initcode = 310, /* initcode */ ++ YYSYMBOL_postinitcode = 311, /* postinitcode */ ++ YYSYMBOL_unitcode = 312, /* unitcode */ ++ YYSYMBOL_unitpostinccode = 313, /* unitpostinccode */ ++ YYSYMBOL_prepycode = 314, /* prepycode */ ++ YYSYMBOL_exptypehintcode = 315, /* exptypehintcode */ ++ YYSYMBOL_modtypehintcode = 316, /* modtypehintcode */ ++ YYSYMBOL_classtypehintcode = 317, /* classtypehintcode */ ++ YYSYMBOL_doc = 318, /* doc */ ++ YYSYMBOL_exporteddoc = 319, /* exporteddoc */ ++ YYSYMBOL_autopyname = 320, /* autopyname */ ++ YYSYMBOL_autopyname_args = 321, /* autopyname_args */ ++ YYSYMBOL_autopyname_arg_list = 322, /* autopyname_arg_list */ ++ YYSYMBOL_autopyname_arg = 323, /* autopyname_arg */ ++ YYSYMBOL_docstring = 324, /* docstring */ ++ YYSYMBOL_docstring_args = 325, /* docstring_args */ ++ YYSYMBOL_docstring_arg_list = 326, /* docstring_arg_list */ ++ YYSYMBOL_docstring_arg = 327, /* docstring_arg */ ++ YYSYMBOL_optdocstring = 328, /* optdocstring */ ++ YYSYMBOL_extract = 329, /* extract */ ++ YYSYMBOL_extract_args = 330, /* extract_args */ ++ YYSYMBOL_extract_arg_list = 331, /* extract_arg_list */ ++ YYSYMBOL_extract_arg = 332, /* extract_arg */ ++ YYSYMBOL_makefile = 333, /* makefile */ ++ YYSYMBOL_codeblock = 334, /* codeblock */ ++ YYSYMBOL_codelines = 335, /* codelines */ ++ YYSYMBOL_enum = 336, /* enum */ ++ YYSYMBOL_337_9 = 337, /* $@9 */ ++ YYSYMBOL_optenumkey = 338, /* optenumkey */ ++ YYSYMBOL_optfilename = 339, /* optfilename */ ++ YYSYMBOL_optname = 340, /* optname */ ++ YYSYMBOL_optenumbody = 341, /* optenumbody */ ++ YYSYMBOL_enumbody = 342, /* enumbody */ ++ YYSYMBOL_enumline = 343, /* enumline */ ++ YYSYMBOL_optcomma = 344, /* optcomma */ ++ YYSYMBOL_optenumassign = 345, /* optenumassign */ ++ YYSYMBOL_optassign = 346, /* optassign */ ++ YYSYMBOL_expr = 347, /* expr */ ++ YYSYMBOL_binop = 348, /* binop */ ++ YYSYMBOL_optunop = 349, /* optunop */ ++ YYSYMBOL_value = 350, /* value */ ++ YYSYMBOL_optcast = 351, /* optcast */ ++ YYSYMBOL_scopedname = 352, /* scopedname */ ++ YYSYMBOL_scopednamehead = 353, /* scopednamehead */ ++ YYSYMBOL_scopepart = 354, /* scopepart */ ++ YYSYMBOL_bool_value = 355, /* bool_value */ ++ YYSYMBOL_simplevalue = 356, /* simplevalue */ ++ YYSYMBOL_exprlist = 357, /* exprlist */ ++ YYSYMBOL_typedef = 358, /* typedef */ ++ YYSYMBOL_struct = 359, /* struct */ ++ YYSYMBOL_360_10 = 360, /* $@10 */ ++ YYSYMBOL_361_11 = 361, /* $@11 */ ++ YYSYMBOL_classtmpl = 362, /* classtmpl */ ++ YYSYMBOL_363_12 = 363, /* $@12 */ ++ YYSYMBOL_template = 364, /* template */ ++ YYSYMBOL_class = 365, /* class */ ++ YYSYMBOL_366_13 = 366, /* $@13 */ ++ YYSYMBOL_367_14 = 367, /* $@14 */ ++ YYSYMBOL_superclasses = 368, /* superclasses */ ++ YYSYMBOL_superlist = 369, /* superlist */ ++ YYSYMBOL_superclass = 370, /* superclass */ ++ YYSYMBOL_class_access = 371, /* class_access */ ++ YYSYMBOL_optclassbody = 372, /* optclassbody */ ++ YYSYMBOL_classbody = 373, /* classbody */ ++ YYSYMBOL_classline = 374, /* classline */ ++ YYSYMBOL_property = 375, /* property */ ++ YYSYMBOL_property_args = 376, /* property_args */ ++ YYSYMBOL_property_arg_list = 377, /* property_arg_list */ ++ YYSYMBOL_property_arg = 378, /* property_arg */ ++ YYSYMBOL_property_body = 379, /* property_body */ ++ YYSYMBOL_property_body_directives = 380, /* property_body_directives */ ++ YYSYMBOL_property_body_directive = 381, /* property_body_directive */ ++ YYSYMBOL_name_or_string = 382, /* name_or_string */ ++ YYSYMBOL_optslot = 383, /* optslot */ ++ YYSYMBOL_dtor = 384, /* dtor */ ++ YYSYMBOL_385_15 = 385, /* $@15 */ ++ YYSYMBOL_dtor_decl = 386, /* dtor_decl */ ++ YYSYMBOL_ctor = 387, /* ctor */ ++ YYSYMBOL_388_16 = 388, /* $@16 */ ++ YYSYMBOL_simplector = 389, /* simplector */ ++ YYSYMBOL_optctorsig = 390, /* optctorsig */ ++ YYSYMBOL_391_17 = 391, /* $@17 */ ++ YYSYMBOL_optsig = 392, /* optsig */ ++ YYSYMBOL_393_18 = 393, /* $@18 */ ++ YYSYMBOL_function = 394, /* function */ ++ YYSYMBOL_operatorname = 395, /* operatorname */ ++ YYSYMBOL_optconst = 396, /* optconst */ ++ YYSYMBOL_optfinal = 397, /* optfinal */ ++ YYSYMBOL_optabstract = 398, /* optabstract */ ++ YYSYMBOL_optflags = 399, /* optflags */ ++ YYSYMBOL_flaglist = 400, /* flaglist */ ++ YYSYMBOL_flag = 401, /* flag */ ++ YYSYMBOL_flagvalue = 402, /* flagvalue */ ++ YYSYMBOL_virtualcallcode = 403, /* virtualcallcode */ ++ YYSYMBOL_methodcode = 404, /* methodcode */ ++ YYSYMBOL_premethodcode = 405, /* premethodcode */ ++ YYSYMBOL_virtualcatchercode = 406, /* virtualcatchercode */ ++ YYSYMBOL_arglist = 407, /* arglist */ ++ YYSYMBOL_rawarglist = 408, /* rawarglist */ ++ YYSYMBOL_argvalue = 409, /* argvalue */ ++ YYSYMBOL_varmember = 410, /* varmember */ ++ YYSYMBOL_411_19 = 411, /* $@19 */ ++ YYSYMBOL_412_20 = 412, /* $@20 */ ++ YYSYMBOL_simple_varmem = 413, /* simple_varmem */ ++ YYSYMBOL_414_21 = 414, /* $@21 */ ++ YYSYMBOL_varmem = 415, /* varmem */ ++ YYSYMBOL_member = 416, /* member */ ++ YYSYMBOL_417_22 = 417, /* $@22 */ ++ YYSYMBOL_variable = 418, /* variable */ ++ YYSYMBOL_variable_body = 419, /* variable_body */ ++ YYSYMBOL_variable_body_directives = 420, /* variable_body_directives */ ++ YYSYMBOL_variable_body_directive = 421, /* variable_body_directive */ ++ YYSYMBOL_cpptype = 422, /* cpptype */ ++ YYSYMBOL_argtype = 423, /* argtype */ ++ YYSYMBOL_optref = 424, /* optref */ ++ YYSYMBOL_deref = 425, /* deref */ ++ YYSYMBOL_basetype = 426, /* basetype */ ++ YYSYMBOL_cpptypelist = 427, /* cpptypelist */ ++ YYSYMBOL_optexceptions = 428, /* optexceptions */ ++ YYSYMBOL_exceptionlist = 429 /* exceptionlist */ ++}; ++typedef enum yysymbol_kind_t yysymbol_kind_t; + +-/* Copy the second part of user declarations. */ + + +-/* Line 216 of yacc.c. */ +-#line 639 "sip-4.19.23/sipgen/parser.c" + + #ifdef short + # undef short + #endif + +-#ifdef YYTYPE_UINT8 +-typedef YYTYPE_UINT8 yytype_uint8; +-#else +-typedef unsigned char yytype_uint8; ++/* On compilers that do not define __PTRDIFF_MAX__ etc., make sure ++ and (if available) are included ++ so that the code can choose integer types of a good width. */ ++ ++#ifndef __PTRDIFF_MAX__ ++# include /* INFRINGES ON USER NAME SPACE */ ++# if defined __STDC_VERSION__ && 199901 <= __STDC_VERSION__ ++# include /* INFRINGES ON USER NAME SPACE */ ++# define YY_STDINT_H ++# endif + #endif + +-#ifdef YYTYPE_INT8 +-typedef YYTYPE_INT8 yytype_int8; +-#elif (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) ++/* Narrow types that promote to a signed type and that can represent a ++ signed or unsigned integer of at least N bits. In tables they can ++ save space and decrease cache pressure. Promoting to a signed type ++ helps avoid bugs in integer arithmetic. */ ++ ++#ifdef __INT_LEAST8_MAX__ ++typedef __INT_LEAST8_TYPE__ yytype_int8; ++#elif defined YY_STDINT_H ++typedef int_least8_t yytype_int8; ++#else + typedef signed char yytype_int8; ++#endif ++ ++#ifdef __INT_LEAST16_MAX__ ++typedef __INT_LEAST16_TYPE__ yytype_int16; ++#elif defined YY_STDINT_H ++typedef int_least16_t yytype_int16; + #else +-typedef short int yytype_int8; ++typedef short yytype_int16; ++#endif ++ ++/* Work around bug in HP-UX 11.23, which defines these macros ++ incorrectly for preprocessor constants. This workaround can likely ++ be removed in 2023, as HPE has promised support for HP-UX 11.23 ++ (aka HP-UX 11i v2) only through the end of 2022; see Table 2 of ++ . */ ++#ifdef __hpux ++# undef UINT_LEAST8_MAX ++# undef UINT_LEAST16_MAX ++# define UINT_LEAST8_MAX 255 ++# define UINT_LEAST16_MAX 65535 + #endif + +-#ifdef YYTYPE_UINT16 +-typedef YYTYPE_UINT16 yytype_uint16; ++#if defined __UINT_LEAST8_MAX__ && __UINT_LEAST8_MAX__ <= __INT_MAX__ ++typedef __UINT_LEAST8_TYPE__ yytype_uint8; ++#elif (!defined __UINT_LEAST8_MAX__ && defined YY_STDINT_H \ ++ && UINT_LEAST8_MAX <= INT_MAX) ++typedef uint_least8_t yytype_uint8; ++#elif !defined __UINT_LEAST8_MAX__ && UCHAR_MAX <= INT_MAX ++typedef unsigned char yytype_uint8; + #else +-typedef unsigned short int yytype_uint16; ++typedef short yytype_uint8; + #endif + +-#ifdef YYTYPE_INT16 +-typedef YYTYPE_INT16 yytype_int16; ++#if defined __UINT_LEAST16_MAX__ && __UINT_LEAST16_MAX__ <= __INT_MAX__ ++typedef __UINT_LEAST16_TYPE__ yytype_uint16; ++#elif (!defined __UINT_LEAST16_MAX__ && defined YY_STDINT_H \ ++ && UINT_LEAST16_MAX <= INT_MAX) ++typedef uint_least16_t yytype_uint16; ++#elif !defined __UINT_LEAST16_MAX__ && USHRT_MAX <= INT_MAX ++typedef unsigned short yytype_uint16; + #else +-typedef short int yytype_int16; ++typedef int yytype_uint16; ++#endif ++ ++#ifndef YYPTRDIFF_T ++# if defined __PTRDIFF_TYPE__ && defined __PTRDIFF_MAX__ ++# define YYPTRDIFF_T __PTRDIFF_TYPE__ ++# define YYPTRDIFF_MAXIMUM __PTRDIFF_MAX__ ++# elif defined PTRDIFF_MAX ++# ifndef ptrdiff_t ++# include /* INFRINGES ON USER NAME SPACE */ ++# endif ++# define YYPTRDIFF_T ptrdiff_t ++# define YYPTRDIFF_MAXIMUM PTRDIFF_MAX ++# else ++# define YYPTRDIFF_T long ++# define YYPTRDIFF_MAXIMUM LONG_MAX ++# endif + #endif + + #ifndef YYSIZE_T +@@ -673,55 +806,106 @@ typedef short int yytype_int16; + # define YYSIZE_T __SIZE_TYPE__ + # elif defined size_t + # define YYSIZE_T size_t +-# elif ! defined YYSIZE_T && (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) ++# elif defined __STDC_VERSION__ && 199901 <= __STDC_VERSION__ + # include /* INFRINGES ON USER NAME SPACE */ + # define YYSIZE_T size_t + # else +-# define YYSIZE_T unsigned int ++# define YYSIZE_T unsigned + # endif + #endif + +-#define YYSIZE_MAXIMUM ((YYSIZE_T) -1) ++#define YYSIZE_MAXIMUM \ ++ YY_CAST (YYPTRDIFF_T, \ ++ (YYPTRDIFF_MAXIMUM < YY_CAST (YYSIZE_T, -1) \ ++ ? YYPTRDIFF_MAXIMUM \ ++ : YY_CAST (YYSIZE_T, -1))) ++ ++#define YYSIZEOF(X) YY_CAST (YYPTRDIFF_T, sizeof (X)) ++ ++ ++/* Stored state numbers (used for stacks). */ ++typedef yytype_int16 yy_state_t; ++ ++/* State numbers in computations. */ ++typedef int yy_state_fast_t; + + #ifndef YY_ + # if defined YYENABLE_NLS && YYENABLE_NLS + # if ENABLE_NLS + # include /* INFRINGES ON USER NAME SPACE */ +-# define YY_(msgid) dgettext ("bison-runtime", msgid) ++# define YY_(Msgid) dgettext ("bison-runtime", Msgid) + # endif + # endif + # ifndef YY_ +-# define YY_(msgid) msgid ++# define YY_(Msgid) Msgid ++# endif ++#endif ++ ++ ++#ifndef YY_ATTRIBUTE_PURE ++# if defined __GNUC__ && 2 < __GNUC__ + (96 <= __GNUC_MINOR__) ++# define YY_ATTRIBUTE_PURE __attribute__ ((__pure__)) ++# else ++# define YY_ATTRIBUTE_PURE ++# endif ++#endif ++ ++#ifndef YY_ATTRIBUTE_UNUSED ++# if defined __GNUC__ && 2 < __GNUC__ + (7 <= __GNUC_MINOR__) ++# define YY_ATTRIBUTE_UNUSED __attribute__ ((__unused__)) ++# else ++# define YY_ATTRIBUTE_UNUSED + # endif + #endif + + /* Suppress unused-variable warnings by "using" E. */ + #if ! defined lint || defined __GNUC__ +-# define YYUSE(e) ((void) (e)) ++# define YY_USE(E) ((void) (E)) + #else +-# define YYUSE(e) /* empty */ ++# define YY_USE(E) /* empty */ + #endif + +-/* Identity function, used to suppress warnings about constant conditions. */ +-#ifndef lint +-# define YYID(n) (n) +-#else +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static int +-YYID (int i) ++/* Suppress an incorrect diagnostic about yylval being uninitialized. */ ++#if defined __GNUC__ && ! defined __ICC && 406 <= __GNUC__ * 100 + __GNUC_MINOR__ ++# if __GNUC__ * 100 + __GNUC_MINOR__ < 407 ++# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ ++ _Pragma ("GCC diagnostic push") \ ++ _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"") ++# else ++# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \ ++ _Pragma ("GCC diagnostic push") \ ++ _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"") \ ++ _Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"") ++# endif ++# define YY_IGNORE_MAYBE_UNINITIALIZED_END \ ++ _Pragma ("GCC diagnostic pop") + #else +-static int +-YYID (i) +- int i; ++# define YY_INITIAL_VALUE(Value) Value + #endif +-{ +- return i; +-} ++#ifndef YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN ++# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN ++# define YY_IGNORE_MAYBE_UNINITIALIZED_END ++#endif ++#ifndef YY_INITIAL_VALUE ++# define YY_INITIAL_VALUE(Value) /* Nothing. */ ++#endif ++ ++#if defined __cplusplus && defined __GNUC__ && ! defined __ICC && 6 <= __GNUC__ ++# define YY_IGNORE_USELESS_CAST_BEGIN \ ++ _Pragma ("GCC diagnostic push") \ ++ _Pragma ("GCC diagnostic ignored \"-Wuseless-cast\"") ++# define YY_IGNORE_USELESS_CAST_END \ ++ _Pragma ("GCC diagnostic pop") + #endif ++#ifndef YY_IGNORE_USELESS_CAST_BEGIN ++# define YY_IGNORE_USELESS_CAST_BEGIN ++# define YY_IGNORE_USELESS_CAST_END ++#endif ++ ++ ++#define YY_ASSERT(E) ((void) (0 && (E))) + +-#if ! defined yyoverflow || YYERROR_VERBOSE ++#if !defined yyoverflow + + /* The parser invokes alloca or malloc; define the necessary symbols. */ + +@@ -738,11 +922,11 @@ YYID (i) + # define alloca _alloca + # else + # define YYSTACK_ALLOC alloca +-# if ! defined _ALLOCA_H && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) ++# if ! defined _ALLOCA_H && ! defined EXIT_SUCCESS + # include /* INFRINGES ON USER NAME SPACE */ +-# ifndef _STDLIB_H +-# define _STDLIB_H 1 ++ /* Use EXIT_SUCCESS as a witness for stdlib.h. */ ++# ifndef EXIT_SUCCESS ++# define EXIT_SUCCESS 0 + # endif + # endif + # endif +@@ -750,8 +934,8 @@ YYID (i) + # endif + + # ifdef YYSTACK_ALLOC +- /* Pacify GCC's `empty if-body' warning. */ +-# define YYSTACK_FREE(Ptr) do { /* empty */; } while (YYID (0)) ++ /* Pacify GCC's 'empty if-body' warning. */ ++# define YYSTACK_FREE(Ptr) do { /* empty */; } while (0) + # ifndef YYSTACK_ALLOC_MAXIMUM + /* The OS might guarantee only one guard page at the bottom of the stack, + and a page size can be as small as 4096 bytes. So we cannot safely +@@ -765,125 +949,131 @@ YYID (i) + # ifndef YYSTACK_ALLOC_MAXIMUM + # define YYSTACK_ALLOC_MAXIMUM YYSIZE_MAXIMUM + # endif +-# if (defined __cplusplus && ! defined _STDLIB_H \ ++# if (defined __cplusplus && ! defined EXIT_SUCCESS \ + && ! ((defined YYMALLOC || defined malloc) \ +- && (defined YYFREE || defined free))) ++ && (defined YYFREE || defined free))) + # include /* INFRINGES ON USER NAME SPACE */ +-# ifndef _STDLIB_H +-# define _STDLIB_H 1 ++# ifndef EXIT_SUCCESS ++# define EXIT_SUCCESS 0 + # endif + # endif + # ifndef YYMALLOC + # define YYMALLOC malloc +-# if ! defined malloc && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) ++# if ! defined malloc && ! defined EXIT_SUCCESS + void *malloc (YYSIZE_T); /* INFRINGES ON USER NAME SPACE */ + # endif + # endif + # ifndef YYFREE + # define YYFREE free +-# if ! defined free && ! defined _STDLIB_H && (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) ++# if ! defined free && ! defined EXIT_SUCCESS + void free (void *); /* INFRINGES ON USER NAME SPACE */ + # endif + # endif + # endif +-#endif /* ! defined yyoverflow || YYERROR_VERBOSE */ +- ++#endif /* !defined yyoverflow */ + + #if (! defined yyoverflow \ + && (! defined __cplusplus \ +- || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) ++ || (defined YYSTYPE_IS_TRIVIAL && YYSTYPE_IS_TRIVIAL))) + + /* A type that is properly aligned for any stack member. */ + union yyalloc + { +- yytype_int16 yyss; +- YYSTYPE yyvs; +- }; ++ yy_state_t yyss_alloc; ++ YYSTYPE yyvs_alloc; ++}; + + /* The size of the maximum gap between one aligned stack and the next. */ +-# define YYSTACK_GAP_MAXIMUM (sizeof (union yyalloc) - 1) ++# define YYSTACK_GAP_MAXIMUM (YYSIZEOF (union yyalloc) - 1) + + /* The size of an array large to enough to hold all stacks, each with + N elements. */ + # define YYSTACK_BYTES(N) \ +- ((N) * (sizeof (yytype_int16) + sizeof (YYSTYPE)) \ ++ ((N) * (YYSIZEOF (yy_state_t) + YYSIZEOF (YYSTYPE)) \ + + YYSTACK_GAP_MAXIMUM) + +-/* Copy COUNT objects from FROM to TO. The source and destination do +- not overlap. */ +-# ifndef YYCOPY +-# if defined __GNUC__ && 1 < __GNUC__ +-# define YYCOPY(To, From, Count) \ +- __builtin_memcpy (To, From, (Count) * sizeof (*(From))) +-# else +-# define YYCOPY(To, From, Count) \ +- do \ +- { \ +- YYSIZE_T yyi; \ +- for (yyi = 0; yyi < (Count); yyi++) \ +- (To)[yyi] = (From)[yyi]; \ +- } \ +- while (YYID (0)) +-# endif +-# endif ++# define YYCOPY_NEEDED 1 + + /* Relocate STACK from its old location to the new one. The + local variables YYSIZE and YYSTACKSIZE give the old and new number of + elements in the stack, and YYPTR gives the new location of the + stack. Advance YYPTR to a properly aligned location for the next + stack. */ +-# define YYSTACK_RELOCATE(Stack) \ +- do \ +- { \ +- YYSIZE_T yynewbytes; \ +- YYCOPY (&yyptr->Stack, Stack, yysize); \ +- Stack = &yyptr->Stack; \ +- yynewbytes = yystacksize * sizeof (*Stack) + YYSTACK_GAP_MAXIMUM; \ +- yyptr += yynewbytes / sizeof (*yyptr); \ +- } \ +- while (YYID (0)) ++# define YYSTACK_RELOCATE(Stack_alloc, Stack) \ ++ do \ ++ { \ ++ YYPTRDIFF_T yynewbytes; \ ++ YYCOPY (&yyptr->Stack_alloc, Stack, yysize); \ ++ Stack = &yyptr->Stack_alloc; \ ++ yynewbytes = yystacksize * YYSIZEOF (*Stack) + YYSTACK_GAP_MAXIMUM; \ ++ yyptr += yynewbytes / YYSIZEOF (*yyptr); \ ++ } \ ++ while (0) + + #endif + ++#if defined YYCOPY_NEEDED && YYCOPY_NEEDED ++/* Copy COUNT objects from SRC to DST. The source and destination do ++ not overlap. */ ++# ifndef YYCOPY ++# if defined __GNUC__ && 1 < __GNUC__ ++# define YYCOPY(Dst, Src, Count) \ ++ __builtin_memcpy (Dst, Src, YY_CAST (YYSIZE_T, (Count)) * sizeof (*(Src))) ++# else ++# define YYCOPY(Dst, Src, Count) \ ++ do \ ++ { \ ++ YYPTRDIFF_T yyi; \ ++ for (yyi = 0; yyi < (Count); yyi++) \ ++ (Dst)[yyi] = (Src)[yyi]; \ ++ } \ ++ while (0) ++# endif ++# endif ++#endif /* !YYCOPY_NEEDED */ ++ + /* YYFINAL -- State number of the termination state. */ + #define YYFINAL 4 + /* YYLAST -- Last index in YYTABLE. */ +-#define YYLAST 1630 ++#define YYLAST 1669 + + /* YYNTOKENS -- Number of terminals. */ +-#define YYNTOKENS 174 ++#define YYNTOKENS 175 + /* YYNNTS -- Number of nonterminals. */ + #define YYNNTS 255 + /* YYNRULES -- Number of rules. */ +-#define YYNRULES 597 +-/* YYNRULES -- Number of states. */ +-#define YYNSTATES 1047 +- +-/* YYTRANSLATE(YYLEX) -- Bison symbol number corresponding to YYLEX. */ +-#define YYUNDEFTOK 2 +-#define YYMAXUTOK 406 +- +-#define YYTRANSLATE(YYX) \ +- ((unsigned int) (YYX) <= YYMAXUTOK ? yytranslate[YYX] : YYUNDEFTOK) ++#define YYNRULES 598 ++/* YYNSTATES -- Number of states. */ ++#define YYNSTATES 1050 ++ ++/* YYMAXUTOK -- Last valid token kind. */ ++#define YYMAXUTOK 407 ++ ++ ++/* YYTRANSLATE(TOKEN-NUM) -- Symbol number corresponding to TOKEN-NUM ++ as returned by yylex, with out-of-bounds checking. */ ++#define YYTRANSLATE(YYX) \ ++ (0 <= (YYX) && (YYX) <= YYMAXUTOK \ ++ ? YY_CAST (yysymbol_kind_t, yytranslate[YYX]) \ ++ : YYSYMBOL_YYUNDEF) + +-/* YYTRANSLATE[YYLEX] -- Bison symbol number corresponding to YYLEX. */ ++/* YYTRANSLATE[TOKEN-NUM] -- Symbol number corresponding to TOKEN-NUM ++ as returned by yylex. */ + static const yytype_uint8 yytranslate[] = + { + 0, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 2, 2, 159, 2, 2, 2, 172, 164, 2, +- 152, 153, 162, 161, 154, 160, 2, 163, 2, 2, +- 2, 2, 2, 2, 2, 2, 2, 2, 169, 158, +- 167, 155, 168, 2, 2, 2, 2, 2, 2, 2, ++ 2, 2, 2, 160, 2, 2, 2, 173, 165, 2, ++ 153, 154, 163, 162, 155, 161, 2, 164, 2, 2, ++ 2, 2, 2, 2, 2, 2, 2, 2, 170, 159, ++ 168, 156, 169, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 170, 2, 171, 173, 2, 2, 2, 2, 2, ++ 2, 171, 2, 172, 174, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 2, 2, 156, 165, 157, 166, 2, 2, 2, ++ 2, 2, 2, 157, 166, 158, 167, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +@@ -911,334 +1101,97 @@ static const yytype_uint8 yytranslate[] + 115, 116, 117, 118, 119, 120, 121, 122, 123, 124, + 125, 126, 127, 128, 129, 130, 131, 132, 133, 134, + 135, 136, 137, 138, 139, 140, 141, 142, 143, 144, +- 145, 146, 147, 148, 149, 150, 151 ++ 145, 146, 147, 148, 149, 150, 151, 152 + }; + + #if YYDEBUG +-/* YYPRHS[YYN] -- Index of the first RHS symbol of rule number YYN in +- YYRHS. */ +-static const yytype_uint16 yyprhs[] = +-{ +- 0, 0, 3, 5, 8, 9, 12, 14, 16, 18, +- 20, 22, 24, 26, 28, 30, 32, 34, 36, 38, +- 40, 42, 44, 46, 48, 50, 52, 54, 56, 58, +- 60, 62, 64, 66, 68, 70, 72, 74, 76, 78, +- 80, 82, 84, 86, 88, 90, 92, 94, 96, 98, +- 100, 102, 104, 106, 108, 110, 112, 115, 117, 121, +- 123, 127, 131, 134, 136, 140, 142, 146, 150, 153, +- 155, 159, 161, 165, 169, 172, 174, 178, 180, 184, +- 188, 192, 194, 198, 200, 204, 208, 211, 214, 218, +- 220, 224, 228, 232, 238, 239, 243, 248, 250, 253, +- 255, 257, 259, 261, 264, 265, 271, 272, 279, 284, +- 286, 289, 291, 293, 295, 297, 300, 303, 305, 307, +- 309, 324, 325, 331, 332, 336, 338, 341, 342, 348, +- 350, 353, 355, 358, 360, 364, 366, 370, 374, 375, +- 381, 383, 386, 388, 389, 395, 397, 400, 404, 409, +- 411, 415, 417, 421, 422, 424, 428, 430, 434, 438, +- 442, 446, 450, 453, 455, 459, 461, 465, 469, 472, +- 474, 478, 480, 484, 488, 491, 493, 497, 499, 503, +- 507, 511, 513, 517, 519, 523, 527, 528, 533, 535, +- 538, 540, 542, 544, 548, 550, 554, 556, 560, 564, +- 565, 570, 572, 575, 577, 579, 581, 585, 589, 590, +- 594, 598, 600, 604, 608, 612, 616, 620, 624, 628, +- 632, 636, 640, 641, 646, 648, 651, 653, 655, 657, +- 659, 661, 663, 664, 666, 669, 671, 675, 677, 681, +- 685, 689, 692, 695, 697, 701, 703, 707, 711, 712, +- 715, 716, 719, 720, 723, 726, 729, 732, 735, 738, +- 741, 744, 747, 750, 753, 756, 759, 762, 765, 768, +- 771, 774, 777, 780, 783, 786, 789, 792, 795, 798, +- 801, 804, 807, 810, 814, 816, 820, 824, 828, 829, +- 831, 835, 837, 841, 845, 849, 850, 852, 856, 858, +- 862, 864, 868, 872, 876, 881, 884, 886, 889, 890, +- 900, 901, 903, 905, 906, 908, 909, 911, 912, 914, +- 916, 919, 921, 923, 928, 929, 931, 932, 935, 936, +- 939, 941, 945, 947, 949, 951, 953, 955, 957, 958, +- 960, 962, 964, 966, 968, 970, 974, 975, 979, 982, +- 984, 986, 990, 992, 994, 996, 998, 1003, 1006, 1008, +- 1010, 1012, 1014, 1016, 1018, 1019, 1021, 1025, 1032, 1045, +- 1046, 1047, 1056, 1057, 1061, 1066, 1067, 1068, 1077, 1078, +- 1081, 1083, 1087, 1090, 1091, 1093, 1095, 1097, 1098, 1102, +- 1103, 1105, 1108, 1110, 1112, 1114, 1116, 1118, 1120, 1122, +- 1124, 1126, 1128, 1130, 1132, 1134, 1136, 1138, 1140, 1142, +- 1144, 1146, 1148, 1150, 1152, 1154, 1156, 1158, 1160, 1162, +- 1164, 1167, 1170, 1173, 1177, 1181, 1185, 1188, 1192, 1196, +- 1198, 1202, 1206, 1210, 1214, 1215, 1220, 1222, 1225, 1227, +- 1229, 1231, 1233, 1235, 1236, 1238, 1239, 1243, 1245, 1257, +- 1258, 1262, 1264, 1276, 1277, 1278, 1285, 1286, 1287, 1295, +- 1313, 1321, 1339, 1356, 1358, 1360, 1362, 1364, 1366, 1368, +- 1370, 1372, 1375, 1378, 1381, 1384, 1387, 1390, 1393, 1396, +- 1399, 1402, 1406, 1410, 1412, 1415, 1418, 1420, 1423, 1426, +- 1429, 1431, 1434, 1435, 1437, 1438, 1440, 1441, 1444, 1445, +- 1449, 1451, 1455, 1457, 1461, 1463, 1469, 1471, 1473, 1474, +- 1477, 1478, 1481, 1482, 1485, 1486, 1489, 1491, 1492, 1494, +- 1498, 1503, 1508, 1513, 1517, 1521, 1528, 1535, 1539, 1542, +- 1543, 1547, 1548, 1552, 1554, 1555, 1559, 1561, 1563, 1565, +- 1566, 1570, 1572, 1581, 1582, 1586, 1588, 1591, 1593, 1595, +- 1598, 1601, 1604, 1609, 1613, 1617, 1618, 1620, 1621, 1625, +- 1628, 1630, 1635, 1638, 1641, 1643, 1645, 1648, 1650, 1652, +- 1655, 1658, 1662, 1664, 1666, 1668, 1671, 1674, 1676, 1678, +- 1680, 1682, 1684, 1686, 1688, 1690, 1692, 1694, 1696, 1698, +- 1700, 1702, 1704, 1708, 1709, 1714, 1715, 1717 +-}; +- +-/* YYRHS -- A `-1'-separated list of the rules' RHS. */ +-static const yytype_int16 yyrhs[] = +-{ +- 175, 0, -1, 176, -1, 175, 176, -1, -1, 177, +- 178, -1, 269, -1, 255, -1, 262, -1, 192, -1, +- 291, -1, 279, -1, 283, -1, 284, -1, 200, -1, +- 230, -1, 222, -1, 226, -1, 239, -1, 180, -1, +- 184, -1, 188, -1, 243, -1, 247, -1, 251, -1, +- 292, -1, 293, -1, 306, -1, 308, -1, 309, -1, +- 310, -1, 311, -1, 312, -1, 313, -1, 314, -1, +- 315, -1, 317, -1, 318, -1, 328, -1, 332, -1, +- 210, -1, 212, -1, 196, -1, 179, -1, 234, -1, +- 238, -1, 218, -1, 358, -1, 364, -1, 361, -1, +- 204, -1, 357, -1, 335, -1, 393, -1, 417, -1, +- 294, -1, 5, 181, -1, 36, -1, 152, 182, 153, +- -1, 183, -1, 182, 154, 183, -1, 138, 155, 36, +- -1, 6, 185, -1, 36, -1, 152, 186, 153, -1, +- 187, -1, 186, 154, 187, -1, 138, 155, 36, -1, +- 7, 189, -1, 36, -1, 152, 190, 153, -1, 191, +- -1, 190, 154, 191, -1, 138, 155, 36, -1, 8, +- 193, -1, 34, -1, 152, 194, 153, -1, 195, -1, +- 194, 154, 195, -1, 138, 155, 34, -1, 9, 197, +- 333, -1, 34, -1, 152, 198, 153, -1, 199, -1, +- 198, 154, 199, -1, 138, 155, 34, -1, 3, 201, +- -1, 34, 107, -1, 152, 202, 153, -1, 203, -1, +- 202, 154, 203, -1, 138, 155, 381, -1, 151, 155, +- 107, -1, 122, 351, 205, 398, 206, -1, -1, 152, +- 351, 153, -1, 156, 207, 157, 158, -1, 208, -1, +- 207, 208, -1, 234, -1, 238, -1, 209, -1, 294, +- -1, 123, 333, -1, -1, 30, 425, 398, 211, 214, +- -1, -1, 363, 30, 425, 398, 213, 214, -1, 156, +- 215, 157, 158, -1, 216, -1, 215, 216, -1, 234, +- -1, 238, -1, 294, -1, 307, -1, 51, 333, -1, +- 52, 333, -1, 303, -1, 335, -1, 217, -1, 97, +- 421, 34, 152, 406, 153, 395, 427, 398, 391, 158, +- 327, 404, 403, -1, -1, 110, 34, 219, 220, 158, +- -1, -1, 156, 221, 157, -1, 179, -1, 221, 179, +- -1, -1, 112, 223, 156, 224, 157, -1, 225, -1, +- 224, 225, -1, 34, -1, 113, 227, -1, 34, -1, +- 152, 228, 153, -1, 229, -1, 228, 154, 229, -1, +- 138, 155, 381, -1, -1, 111, 231, 156, 232, 157, +- -1, 233, -1, 232, 233, -1, 34, -1, -1, 32, +- 152, 235, 237, 153, -1, 34, -1, 159, 34, -1, +- 236, 95, 34, -1, 236, 95, 159, 34, -1, 236, +- -1, 339, 160, 339, -1, 33, -1, 114, 240, 398, +- -1, -1, 36, -1, 152, 241, 153, -1, 242, -1, +- 241, 154, 242, -1, 145, 155, 36, -1, 137, 155, +- 36, -1, 143, 155, 36, -1, 144, 155, 36, -1, +- 128, 244, -1, 277, -1, 152, 245, 153, -1, 246, +- -1, 245, 154, 246, -1, 138, 155, 277, -1, 129, +- 248, -1, 277, -1, 152, 249, 153, -1, 250, -1, +- 249, 154, 250, -1, 138, 155, 277, -1, 131, 252, +- -1, 351, -1, 152, 253, 153, -1, 254, -1, 253, +- 154, 254, -1, 138, 155, 351, -1, 62, 256, 259, +- -1, 277, -1, 152, 257, 153, -1, 258, -1, 257, +- 154, 258, -1, 138, 155, 277, -1, -1, 156, 260, +- 157, 158, -1, 261, -1, 260, 261, -1, 234, -1, +- 238, -1, 323, -1, 63, 263, 266, -1, 277, -1, +- 152, 264, 153, -1, 265, -1, 264, 154, 265, -1, +- 138, 155, 277, -1, -1, 156, 267, 157, 158, -1, +- 268, -1, 267, 268, -1, 234, -1, 238, -1, 323, +- -1, 60, 270, 274, -1, 61, 277, 278, -1, -1, +- 277, 271, 278, -1, 152, 272, 153, -1, 273, -1, +- 272, 154, 273, -1, 135, 155, 36, -1, 136, 155, +- 36, -1, 138, 155, 277, -1, 146, 155, 354, -1, +- 147, 155, 354, -1, 148, 155, 354, -1, 149, 155, +- 354, -1, 150, 155, 34, -1, 151, 155, 107, -1, +- -1, 156, 275, 157, 158, -1, 276, -1, 275, 276, +- -1, 234, -1, 238, -1, 319, -1, 323, -1, 34, +- -1, 35, -1, -1, 107, -1, 54, 280, -1, 35, +- -1, 152, 281, 153, -1, 282, -1, 281, 154, 282, +- -1, 138, 155, 35, -1, 139, 155, 354, -1, 55, +- 35, -1, 56, 285, -1, 35, -1, 152, 286, 153, +- -1, 287, -1, 286, 154, 287, -1, 138, 155, 35, +- -1, -1, 17, 333, -1, -1, 18, 333, -1, -1, +- 19, 333, -1, 29, 333, -1, 57, 333, -1, 58, +- 333, -1, 59, 333, -1, 38, 333, -1, 39, 333, +- -1, 40, 333, -1, 41, 333, -1, 42, 333, -1, +- 43, 333, -1, 44, 333, -1, 45, 333, -1, 50, +- 333, -1, 46, 333, -1, 23, 333, -1, 26, 333, +- -1, 27, 333, -1, 20, 333, -1, 21, 333, -1, +- 22, 333, -1, 24, 333, -1, 25, 333, -1, 28, +- 333, -1, 10, 333, -1, 11, 333, -1, 11, 333, +- -1, 13, 333, -1, 14, 333, -1, 4, 320, -1, +- 152, 321, 153, -1, 322, -1, 321, 154, 322, -1, +- 141, 155, 36, -1, 12, 324, 333, -1, -1, 36, +- -1, 152, 325, 153, -1, 326, -1, 325, 154, 326, +- -1, 132, 155, 36, -1, 143, 155, 36, -1, -1, +- 323, -1, 15, 329, 333, -1, 34, -1, 152, 330, +- 153, -1, 331, -1, 330, 154, 331, -1, 134, 155, +- 34, -1, 140, 155, 107, -1, 16, 35, 338, 333, +- -1, 334, 33, -1, 31, -1, 334, 31, -1, -1, +- 91, 337, 339, 398, 336, 156, 340, 157, 158, -1, +- -1, 64, -1, 65, -1, -1, 35, -1, -1, 34, +- -1, -1, 341, -1, 342, -1, 341, 342, -1, 234, +- -1, 238, -1, 34, 344, 398, 343, -1, -1, 154, +- -1, -1, 155, 349, -1, -1, 155, 346, -1, 349, +- -1, 346, 347, 349, -1, 160, -1, 161, -1, 162, +- -1, 163, -1, 164, -1, 165, -1, -1, 159, -1, +- 166, -1, 160, -1, 161, -1, 162, -1, 164, -1, +- 350, 348, 355, -1, -1, 152, 351, 153, -1, 94, +- 352, -1, 352, -1, 353, -1, 352, 94, 353, -1, +- 34, -1, 116, -1, 117, -1, 351, -1, 425, 152, +- 356, 153, -1, 156, 157, -1, 108, -1, 107, -1, +- 354, -1, 118, -1, 36, -1, 115, -1, -1, 346, +- -1, 356, 154, 346, -1, 109, 421, 34, 398, 158, +- 327, -1, 109, 421, 152, 162, 34, 153, 152, 426, +- 153, 398, 158, 327, -1, -1, -1, 65, 351, 359, +- 367, 398, 360, 371, 158, -1, -1, 363, 362, 364, +- -1, 125, 167, 426, 168, -1, -1, -1, 64, 351, +- 365, 367, 398, 366, 371, 158, -1, -1, 169, 368, +- -1, 369, -1, 368, 154, 369, -1, 370, 351, -1, +- -1, 66, -1, 67, -1, 68, -1, -1, 156, 372, +- 157, -1, -1, 373, -1, 372, 373, -1, 234, -1, +- 238, -1, 218, -1, 358, -1, 364, -1, 361, -1, +- 204, -1, 357, -1, 335, -1, 374, -1, 323, -1, +- 307, -1, 294, -1, 295, -1, 296, -1, 297, -1, +- 298, -1, 299, -1, 300, -1, 301, -1, 302, -1, +- 303, -1, 304, -1, 305, -1, 316, -1, 386, -1, +- 383, -1, 409, -1, 53, 333, -1, 52, 333, -1, +- 51, 333, -1, 66, 382, 169, -1, 67, 382, 169, +- -1, 68, 382, 169, -1, 69, 169, -1, 130, 375, +- 378, -1, 152, 376, 153, -1, 377, -1, 376, 154, +- 377, -1, 133, 155, 34, -1, 138, 155, 381, -1, +- 142, 155, 34, -1, -1, 156, 379, 157, 158, -1, +- 380, -1, 379, 380, -1, 234, -1, 238, -1, 323, +- -1, 34, -1, 36, -1, -1, 71, -1, -1, 90, +- 384, 385, -1, 385, -1, 166, 34, 152, 153, 427, +- 397, 398, 158, 404, 403, 405, -1, -1, 124, 387, +- 388, -1, 388, -1, 34, 152, 406, 153, 427, 398, +- 389, 158, 327, 404, 403, -1, -1, -1, 170, 390, +- 152, 406, 153, 171, -1, -1, -1, 170, 392, 421, +- 152, 406, 153, 171, -1, 421, 34, 152, 406, 153, +- 395, 396, 427, 397, 398, 391, 158, 327, 404, 403, +- 405, 402, -1, 421, 119, 155, 152, 421, 153, 158, +- -1, 421, 119, 394, 152, 406, 153, 395, 396, 427, +- 397, 398, 391, 158, 404, 403, 405, 402, -1, 119, +- 421, 152, 406, 153, 395, 396, 427, 397, 398, 391, +- 158, 404, 403, 405, 402, -1, 161, -1, 160, -1, +- 162, -1, 163, -1, 172, -1, 164, -1, 165, -1, +- 173, -1, 167, 167, -1, 168, 168, -1, 161, 155, +- -1, 160, 155, -1, 162, 155, -1, 163, 155, -1, +- 172, 155, -1, 164, 155, -1, 165, 155, -1, 173, +- 155, -1, 167, 167, 155, -1, 168, 168, 155, -1, +- 166, -1, 152, 153, -1, 170, 171, -1, 167, -1, +- 167, 155, -1, 155, 155, -1, 159, 155, -1, 168, +- -1, 168, 155, -1, -1, 96, -1, -1, 126, -1, +- -1, 155, 107, -1, -1, 163, 399, 163, -1, 400, +- -1, 399, 154, 400, -1, 34, -1, 34, 155, 401, +- -1, 277, -1, 34, 169, 278, 160, 278, -1, 36, +- -1, 107, -1, -1, 47, 333, -1, -1, 48, 333, +- -1, -1, 49, 333, -1, -1, 37, 333, -1, 407, +- -1, -1, 408, -1, 407, 154, 408, -1, 98, 339, +- 398, 345, -1, 99, 339, 398, 345, -1, 100, 339, +- 398, 345, -1, 101, 339, 398, -1, 102, 339, 398, +- -1, 103, 152, 406, 153, 339, 398, -1, 104, 152, +- 406, 153, 339, 398, -1, 121, 339, 398, -1, 422, +- 345, -1, -1, 70, 410, 412, -1, -1, 72, 411, +- 412, -1, 412, -1, -1, 97, 413, 414, -1, 414, +- -1, 415, -1, 417, -1, -1, 90, 416, 393, -1, +- 393, -1, 421, 34, 398, 418, 158, 288, 289, 290, +- -1, -1, 156, 419, 157, -1, 420, -1, 419, 420, +- -1, 234, -1, 238, -1, 17, 333, -1, 18, 333, +- -1, 19, 333, -1, 96, 425, 424, 423, -1, 425, +- 424, 423, -1, 421, 339, 398, -1, -1, 164, -1, +- -1, 424, 162, 96, -1, 424, 162, -1, 351, -1, +- 351, 167, 426, 168, -1, 65, 351, -1, 93, 74, +- -1, 74, -1, 93, -1, 93, 75, -1, 75, -1, +- 76, -1, 93, 76, -1, 76, 76, -1, 93, 76, +- 76, -1, 77, -1, 78, -1, 73, -1, 92, 79, +- -1, 93, 79, -1, 79, -1, 80, -1, 81, -1, +- 82, -1, 83, -1, 84, -1, 85, -1, 86, -1, +- 87, -1, 88, -1, 89, -1, 105, -1, 106, -1, +- 127, -1, 421, -1, 426, 154, 421, -1, -1, 120, +- 152, 428, 153, -1, -1, 351, -1, 428, 154, 351, +- -1 +-}; +- +-/* YYRLINE[YYN] -- source line where rule number YYN was defined. */ +-static const yytype_uint16 yyrline[] = ++/* YYRLINE[YYN] -- Source line where rule number YYN was defined. */ ++static const yytype_int16 yyrline[] = + { +- 0, 574, 574, 575, 578, 578, 597, 598, 599, 600, +- 601, 602, 603, 604, 605, 606, 607, 608, 609, 610, +- 611, 612, 613, 614, 615, 616, 617, 618, 619, 620, +- 621, 622, 623, 624, 625, 626, 627, 628, 629, 630, +- 631, 632, 633, 634, 637, 638, 639, 640, 641, 642, +- 643, 644, 645, 646, 647, 648, 661, 667, 672, 677, +- 678, 688, 695, 701, 706, 711, 712, 722, 729, 738, +- 743, 748, 749, 759, 766, 777, 782, 787, 788, 798, +- 805, 834, 839, 844, 845, 855, 862, 888, 896, 901, +- 902, 913, 919, 927, 974, 978, 1085, 1090, 1091, 1102, +- 1105, 1108, 1122, 1138, 1143, 1143, 1166, 1166, 1233, 1247, +- 1248, 1251, 1252, 1253, 1257, 1261, 1270, 1279, 1288, 1289, +- 1292, 1307, 1307, 1344, 1345, 1348, 1349, 1352, 1352, 1381, +- 1382, 1385, 1391, 1397, 1402, 1407, 1408, 1418, 1425, 1425, +- 1451, 1452, 1455, 1461, 1461, 1480, 1483, 1486, 1489, 1494, +- 1495, 1500, 1508, 1545, 1553, 1559, 1564, 1565, 1578, 1586, +- 1594, 1602, 1612, 1623, 1628, 1633, 1634, 1644, 1651, 1662, +- 1667, 1672, 1673, 1683, 1690, 1702, 1707, 1712, 1713, 1723, +- 1730, 1750, 1755, 1760, 1761, 1771, 1778, 1782, 1787, 1788, +- 1798, 1801, 1804, 1818, 1836, 1841, 1846, 1847, 1857, 1864, +- 1868, 1873, 1874, 1884, 1887, 1890, 1904, 1915, 1925, 1925, +- 1938, 1943, 1944, 1961, 1973, 1991, 2003, 2015, 2027, 2039, +- 2051, 2063, 2082, 2086, 2091, 2092, 2102, 2105, 2108, 2111, +- 2125, 2126, 2142, 2145, 2148, 2157, 2163, 2168, 2169, 2180, +- 2186, 2194, 2202, 2208, 2213, 2218, 2219, 2229, 2236, 2239, +- 2244, 2247, 2252, 2255, 2260, 2266, 2272, 2278, 2283, 2288, +- 2293, 2298, 2303, 2308, 2313, 2318, 2323, 2328, 2333, 2338, +- 2344, 2349, 2355, 2361, 2367, 2373, 2379, 2384, 2390, 2396, +- 2401, 2407, 2413, 2419, 2424, 2425, 2435, 2442, 2526, 2530, +- 2536, 2541, 2542, 2553, 2559, 2567, 2570, 2573, 2582, 2588, +- 2593, 2594, 2605, 2611, 2622, 2627, 2630, 2631, 2641, 2641, +- 2665, 2668, 2671, 2676, 2679, 2684, 2687, 2692, 2693, 2696, +- 2697, 2700, 2701, 2702, 2746, 2747, 2750, 2751, 2754, 2757, +- 2762, 2763, 2781, 2784, 2787, 2790, 2793, 2796, 2801, 2804, +- 2807, 2810, 2813, 2816, 2819, 2824, 2839, 2842, 2847, 2853, +- 2856, 2857, 2865, 2870, 2873, 2878, 2887, 2897, 2900, 2904, +- 2908, 2912, 2916, 2920, 2926, 2931, 2937, 2955, 2977, 3016, +- 3022, 3016, 3066, 3066, 3092, 3097, 3103, 3097, 3143, 3144, +- 3147, 3148, 3151, 3203, 3206, 3209, 3212, 3217, 3220, 3225, +- 3226, 3227, 3230, 3231, 3232, 3233, 3234, 3235, 3236, 3237, +- 3238, 3239, 3240, 3251, 3255, 3259, 3270, 3281, 3292, 3303, +- 3314, 3325, 3336, 3347, 3358, 3369, 3380, 3391, 3392, 3393, +- 3394, 3405, 3416, 3427, 3434, 3441, 3448, 3457, 3470, 3475, +- 3476, 3488, 3495, 3502, 3511, 3515, 3520, 3521, 3531, 3534, +- 3537, 3551, 3552, 3555, 3558, 3564, 3564, 3565, 3568, 3634, +- 3634, 3635, 3638, 3684, 3687, 3687, 3698, 3701, 3701, 3713, +- 3731, 3751, 3795, 3876, 3877, 3878, 3879, 3880, 3881, 3882, +- 3883, 3884, 3885, 3886, 3887, 3888, 3889, 3890, 3891, 3892, +- 3893, 3894, 3895, 3896, 3897, 3898, 3899, 3900, 3901, 3902, +- 3903, 3904, 3907, 3910, 3915, 3918, 3923, 3926, 3934, 3937, +- 3943, 3947, 3959, 3963, 3969, 3973, 3996, 4000, 4006, 4009, +- 4014, 4017, 4022, 4025, 4030, 4033, 4038, 4090, 4095, 4101, +- 4124, 4136, 4148, 4160, 4179, 4190, 4207, 4224, 4233, 4240, +- 4240, 4241, 4241, 4242, 4246, 4246, 4247, 4251, 4252, 4256, +- 4256, 4257, 4260, 4315, 4321, 4326, 4327, 4339, 4342, 4345, +- 4360, 4375, 4392, 4397, 4411, 4521, 4524, 4532, 4535, 4538, +- 4543, 4551, 4562, 4577, 4581, 4585, 4589, 4593, 4597, 4601, +- 4605, 4609, 4613, 4617, 4621, 4625, 4629, 4633, 4637, 4641, +- 4645, 4649, 4653, 4657, 4661, 4665, 4669, 4673, 4677, 4681, +- 4685, 4691, 4697, 4713, 4716, 4724, 4730, 4737 ++ 0, 575, 575, 576, 579, 579, 598, 599, 600, 601, ++ 602, 603, 604, 605, 606, 607, 608, 609, 610, 611, ++ 612, 613, 614, 615, 616, 617, 618, 619, 620, 621, ++ 622, 623, 624, 625, 626, 627, 628, 629, 630, 631, ++ 632, 633, 634, 635, 638, 639, 640, 641, 642, 643, ++ 644, 645, 646, 647, 648, 649, 662, 668, 673, 678, ++ 679, 689, 696, 702, 707, 712, 713, 723, 730, 739, ++ 744, 749, 750, 760, 767, 778, 783, 788, 789, 799, ++ 806, 835, 840, 845, 846, 856, 863, 889, 897, 902, ++ 903, 914, 920, 928, 975, 979, 1086, 1091, 1092, 1103, ++ 1106, 1109, 1123, 1139, 1144, 1144, 1167, 1167, 1234, 1248, ++ 1249, 1252, 1253, 1254, 1258, 1262, 1271, 1280, 1289, 1290, ++ 1293, 1308, 1308, 1345, 1346, 1349, 1350, 1353, 1353, 1382, ++ 1383, 1386, 1392, 1398, 1403, 1408, 1409, 1419, 1426, 1426, ++ 1452, 1453, 1456, 1462, 1462, 1481, 1484, 1487, 1490, 1495, ++ 1496, 1501, 1509, 1546, 1554, 1560, 1565, 1566, 1579, 1587, ++ 1595, 1603, 1613, 1624, 1629, 1634, 1635, 1645, 1652, 1663, ++ 1668, 1673, 1674, 1684, 1691, 1703, 1708, 1713, 1714, 1724, ++ 1731, 1751, 1756, 1761, 1762, 1772, 1779, 1783, 1788, 1789, ++ 1799, 1802, 1805, 1819, 1837, 1842, 1847, 1848, 1858, 1865, ++ 1869, 1874, 1875, 1885, 1888, 1891, 1905, 1917, 1927, 1927, ++ 1941, 1946, 1947, 1965, 1978, 1997, 2010, 2023, 2036, 2049, ++ 2062, 2075, 2088, 2108, 2112, 2117, 2118, 2128, 2131, 2134, ++ 2137, 2151, 2152, 2168, 2171, 2174, 2183, 2189, 2194, 2195, ++ 2206, 2212, 2220, 2228, 2234, 2239, 2244, 2245, 2255, 2262, ++ 2265, 2270, 2273, 2278, 2281, 2286, 2292, 2298, 2304, 2309, ++ 2314, 2319, 2324, 2329, 2334, 2339, 2344, 2349, 2354, 2359, ++ 2364, 2370, 2375, 2381, 2387, 2393, 2399, 2405, 2410, 2416, ++ 2422, 2427, 2433, 2439, 2445, 2450, 2451, 2461, 2468, 2552, ++ 2556, 2562, 2567, 2568, 2579, 2585, 2593, 2596, 2599, 2608, ++ 2614, 2619, 2620, 2631, 2637, 2648, 2653, 2656, 2657, 2667, ++ 2667, 2691, 2694, 2697, 2702, 2705, 2710, 2713, 2718, 2719, ++ 2722, 2723, 2726, 2727, 2728, 2772, 2773, 2776, 2777, 2780, ++ 2783, 2788, 2789, 2807, 2810, 2813, 2816, 2819, 2822, 2827, ++ 2830, 2833, 2836, 2839, 2842, 2845, 2850, 2865, 2868, 2873, ++ 2879, 2882, 2883, 2891, 2896, 2899, 2904, 2913, 2923, 2926, ++ 2930, 2934, 2938, 2942, 2946, 2952, 2957, 2963, 2981, 3003, ++ 3042, 3048, 3042, 3092, 3092, 3118, 3123, 3129, 3123, 3169, ++ 3170, 3173, 3174, 3177, 3229, 3232, 3235, 3238, 3243, 3246, ++ 3251, 3252, 3253, 3256, 3257, 3258, 3259, 3260, 3261, 3262, ++ 3263, 3264, 3265, 3266, 3277, 3281, 3285, 3296, 3307, 3318, ++ 3329, 3340, 3351, 3362, 3373, 3384, 3395, 3406, 3417, 3418, ++ 3419, 3420, 3431, 3442, 3453, 3460, 3467, 3474, 3483, 3496, ++ 3501, 3502, 3514, 3521, 3528, 3537, 3541, 3546, 3547, 3557, ++ 3560, 3563, 3577, 3578, 3581, 3584, 3590, 3590, 3591, 3594, ++ 3660, 3660, 3661, 3664, 3710, 3713, 3713, 3724, 3727, 3727, ++ 3739, 3757, 3777, 3821, 3902, 3903, 3904, 3905, 3906, 3907, ++ 3908, 3909, 3910, 3911, 3912, 3913, 3914, 3915, 3916, 3917, ++ 3918, 3919, 3920, 3921, 3922, 3923, 3924, 3925, 3926, 3927, ++ 3928, 3929, 3930, 3933, 3936, 3941, 3944, 3949, 3952, 3960, ++ 3963, 3969, 3973, 3985, 3989, 3995, 3999, 4022, 4026, 4032, ++ 4035, 4040, 4043, 4048, 4051, 4056, 4059, 4064, 4116, 4121, ++ 4127, 4150, 4162, 4174, 4186, 4205, 4216, 4233, 4250, 4259, ++ 4266, 4266, 4267, 4267, 4268, 4272, 4272, 4273, 4277, 4278, ++ 4282, 4282, 4283, 4286, 4341, 4347, 4352, 4353, 4365, 4368, ++ 4371, 4386, 4401, 4418, 4423, 4437, 4547, 4550, 4558, 4561, ++ 4564, 4569, 4577, 4588, 4603, 4607, 4611, 4615, 4619, 4623, ++ 4627, 4631, 4635, 4639, 4643, 4647, 4651, 4655, 4659, 4663, ++ 4667, 4671, 4675, 4679, 4683, 4687, 4691, 4695, 4699, 4703, ++ 4707, 4711, 4717, 4723, 4739, 4742, 4750, 4756, 4763 + }; + #endif + +-#if YYDEBUG || YYERROR_VERBOSE || YYTOKEN_TABLE ++/** Accessing symbol of state STATE. */ ++#define YY_ACCESSING_SYMBOL(State) YY_CAST (yysymbol_kind_t, yystos[State]) ++ ++#if YYDEBUG || 0 ++/* The user-facing name of the symbol whose (internal) number is ++ YYSYMBOL. No bounds checking. */ ++static const char *yysymbol_name (yysymbol_kind_t yysymbol) YY_ATTRIBUTE_UNUSED; ++ + /* YYTNAME[SYMBOL-NUM] -- String name of the symbol SYMBOL-NUM. + First, the terminals, then, starting at YYNTOKENS, nonterminals. */ + static const char *const yytname[] = + { +- "$end", "error", "$undefined", "TK_API", "TK_AUTOPYNAME", +- "TK_DEFDOCSTRFMT", "TK_DEFDOCSTRSIG", "TK_DEFENCODING", "TK_PLUGIN", +- "TK_VIRTERRORHANDLER", "TK_EXPTYPEHINTCODE", "TK_TYPEHINTCODE", +- "TK_DOCSTRING", "TK_DOC", "TK_EXPORTEDDOC", "TK_EXTRACT", "TK_MAKEFILE", +- "TK_ACCESSCODE", "TK_GETCODE", "TK_SETCODE", "TK_PREINITCODE", +- "TK_INITCODE", "TK_POSTINITCODE", "TK_FINALCODE", "TK_UNITCODE", +- "TK_UNITPOSTINCLUDECODE", "TK_MODCODE", "TK_TYPECODE", "TK_PREPYCODE", +- "TK_COPYING", "TK_MAPPEDTYPE", "TK_CODELINE", "TK_IF", "TK_END", +- "TK_NAME_VALUE", "TK_PATH_VALUE", "TK_STRING_VALUE", ++ "\"end of file\"", "error", "\"invalid token\"", "TK_API", ++ "TK_AUTOPYNAME", "TK_DEFDOCSTRFMT", "TK_DEFDOCSTRSIG", "TK_DEFENCODING", ++ "TK_PLUGIN", "TK_VIRTERRORHANDLER", "TK_EXPTYPEHINTCODE", ++ "TK_TYPEHINTCODE", "TK_DOCSTRING", "TK_DOC", "TK_EXPORTEDDOC", ++ "TK_EXTRACT", "TK_MAKEFILE", "TK_ACCESSCODE", "TK_GETCODE", "TK_SETCODE", ++ "TK_PREINITCODE", "TK_INITCODE", "TK_POSTINITCODE", "TK_FINALCODE", ++ "TK_UNITCODE", "TK_UNITPOSTINCLUDECODE", "TK_MODCODE", "TK_TYPECODE", ++ "TK_PREPYCODE", "TK_COPYING", "TK_MAPPEDTYPE", "TK_CODELINE", "TK_IF", ++ "TK_END", "TK_NAME_VALUE", "TK_PATH_VALUE", "TK_STRING_VALUE", + "TK_VIRTUALCATCHERCODE", "TK_TRAVERSECODE", "TK_CLEARCODE", + "TK_GETBUFFERCODE", "TK_RELEASEBUFFERCODE", "TK_READBUFFERCODE", + "TK_WRITEBUFFERCODE", "TK_SEGCOUNTCODE", "TK_CHARBUFFERCODE", +@@ -1264,13 +1217,13 @@ static const char *const yytname[] = + "TK_DEFSUPERTYPE", "TK_PROPERTY", "TK_HIDE_NS", "TK_FORMAT", "TK_GET", + "TK_ID", "TK_KWARGS", "TK_LANGUAGE", "TK_LICENSEE", "TK_NAME", + "TK_OPTIONAL", "TK_ORDER", "TK_REMOVELEADING", "TK_SET", "TK_SIGNATURE", +- "TK_TIMESTAMP", "TK_TYPE", "TK_USEARGNAMES", "TK_USELIMITEDAPI", +- "TK_ALLRAISEPYEXC", "TK_CALLSUPERINIT", "TK_DEFERRORHANDLER", +- "TK_VERSION", "'('", "')'", "','", "'='", "'{'", "'}'", "';'", "'!'", +- "'-'", "'+'", "'*'", "'/'", "'&'", "'|'", "'~'", "'<'", "'>'", "':'", +- "'['", "']'", "'%'", "'^'", "$accept", "specification", "statement", +- "@1", "modstatement", "nsstatement", "defdocstringfmt", +- "defdocstringfmt_args", "defdocstringfmt_arg_list", ++ "TK_TIMESTAMP", "TK_TYPE", "TK_USEARGNAMES", "TK_PYSSIZETCLEAN", ++ "TK_USELIMITEDAPI", "TK_ALLRAISEPYEXC", "TK_CALLSUPERINIT", ++ "TK_DEFERRORHANDLER", "TK_VERSION", "'('", "')'", "','", "'='", "'{'", ++ "'}'", "';'", "'!'", "'-'", "'+'", "'*'", "'/'", "'&'", "'|'", "'~'", ++ "'<'", "'>'", "':'", "'['", "']'", "'%'", "'^'", "$accept", ++ "specification", "statement", "$@1", "modstatement", "nsstatement", ++ "defdocstringfmt", "defdocstringfmt_args", "defdocstringfmt_arg_list", + "defdocstringfmt_arg", "defdocstringsig", "defdocstringsig_args", + "defdocstringsig_arg_list", "defdocstringsig_arg", "defencoding", + "defencoding_args", "defencoding_arg_list", "defencoding_arg", "plugin", +@@ -1278,13 +1231,13 @@ static const char *const yytname[] = + "veh_args", "veh_arg_list", "veh_arg", "api", "api_args", "api_arg_list", + "api_arg", "exception", "baseexception", "exception_body", + "exception_body_directives", "exception_body_directive", "raisecode", +- "mappedtype", "@2", "mappedtypetmpl", "@3", "mtdefinition", "mtbody", +- "mtline", "mtfunction", "namespace", "@4", "optnsbody", "nsbody", +- "platforms", "@5", "platformlist", "platform", "feature", "feature_args", +- "feature_arg_list", "feature_arg", "timeline", "@6", "qualifierlist", +- "qualifiername", "ifstart", "@7", "oredqualifiers", "qualifiers", +- "ifend", "license", "license_args", "license_arg_list", "license_arg", +- "defmetatype", "defmetatype_args", "defmetatype_arg_list", ++ "mappedtype", "$@2", "mappedtypetmpl", "$@3", "mtdefinition", "mtbody", ++ "mtline", "mtfunction", "namespace", "$@4", "optnsbody", "nsbody", ++ "platforms", "$@5", "platformlist", "platform", "feature", ++ "feature_args", "feature_arg_list", "feature_arg", "timeline", "$@6", ++ "qualifierlist", "qualifiername", "ifstart", "$@7", "oredqualifiers", ++ "qualifiers", "ifend", "license", "license_args", "license_arg_list", ++ "license_arg", "defmetatype", "defmetatype_args", "defmetatype_arg_list", + "defmetatype_arg", "defsupertype", "defsupertype_args", + "defsupertype_arg_list", "defsupertype_arg", "hiddenns", "hiddenns_args", + "hiddenns_arg_list", "hiddenns_arg", "consmodule", "consmodule_args", +@@ -1292,7 +1245,7 @@ static const char *const yytname[] = + "consmodule_body_directives", "consmodule_body_directive", "compmodule", + "compmodule_args", "compmodule_arg_list", "compmodule_arg", + "compmodule_body", "compmodule_body_directives", +- "compmodule_body_directive", "module", "module_args", "@8", ++ "compmodule_body_directive", "module", "module_args", "$@8", + "module_arg_list", "module_arg", "module_body", "module_body_directives", + "module_body_directive", "dottedname", "optnumber", "include", + "include_args", "include_arg_list", "include_arg", "optinclude", +@@ -1307,1011 +1260,950 @@ static const char *const yytname[] = + "autopyname_args", "autopyname_arg_list", "autopyname_arg", "docstring", + "docstring_args", "docstring_arg_list", "docstring_arg", "optdocstring", + "extract", "extract_args", "extract_arg_list", "extract_arg", "makefile", +- "codeblock", "codelines", "enum", "@9", "optenumkey", "optfilename", ++ "codeblock", "codelines", "enum", "$@9", "optenumkey", "optfilename", + "optname", "optenumbody", "enumbody", "enumline", "optcomma", + "optenumassign", "optassign", "expr", "binop", "optunop", "value", + "optcast", "scopedname", "scopednamehead", "scopepart", "bool_value", +- "simplevalue", "exprlist", "typedef", "struct", "@10", "@11", +- "classtmpl", "@12", "template", "class", "@13", "@14", "superclasses", ++ "simplevalue", "exprlist", "typedef", "struct", "$@10", "$@11", ++ "classtmpl", "$@12", "template", "class", "$@13", "$@14", "superclasses", + "superlist", "superclass", "class_access", "optclassbody", "classbody", + "classline", "property", "property_args", "property_arg_list", + "property_arg", "property_body", "property_body_directives", +- "property_body_directive", "name_or_string", "optslot", "dtor", "@15", +- "dtor_decl", "ctor", "@16", "simplector", "optctorsig", "@17", "optsig", +- "@18", "function", "operatorname", "optconst", "optfinal", "optabstract", +- "optflags", "flaglist", "flag", "flagvalue", "virtualcallcode", +- "methodcode", "premethodcode", "virtualcatchercode", "arglist", +- "rawarglist", "argvalue", "varmember", "@19", "@20", "simple_varmem", +- "@21", "varmem", "member", "@22", "variable", "variable_body", +- "variable_body_directives", "variable_body_directive", "cpptype", +- "argtype", "optref", "deref", "basetype", "cpptypelist", "optexceptions", +- "exceptionlist", 0 ++ "property_body_directive", "name_or_string", "optslot", "dtor", "$@15", ++ "dtor_decl", "ctor", "$@16", "simplector", "optctorsig", "$@17", ++ "optsig", "$@18", "function", "operatorname", "optconst", "optfinal", ++ "optabstract", "optflags", "flaglist", "flag", "flagvalue", ++ "virtualcallcode", "methodcode", "premethodcode", "virtualcatchercode", ++ "arglist", "rawarglist", "argvalue", "varmember", "$@19", "$@20", ++ "simple_varmem", "$@21", "varmem", "member", "$@22", "variable", ++ "variable_body", "variable_body_directives", "variable_body_directive", ++ "cpptype", "argtype", "optref", "deref", "basetype", "cpptypelist", ++ "optexceptions", "exceptionlist", YY_NULLPTR + }; ++ ++static const char * ++yysymbol_name (yysymbol_kind_t yysymbol) ++{ ++ return yytname[yysymbol]; ++} + #endif + +-# ifdef YYPRINT +-/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to +- token YYLEX-NUM. */ +-static const yytype_uint16 yytoknum[] = +-{ +- 0, 256, 257, 258, 259, 260, 261, 262, 263, 264, +- 265, 266, 267, 268, 269, 270, 271, 272, 273, 274, +- 275, 276, 277, 278, 279, 280, 281, 282, 283, 284, +- 285, 286, 287, 288, 289, 290, 291, 292, 293, 294, +- 295, 296, 297, 298, 299, 300, 301, 302, 303, 304, +- 305, 306, 307, 308, 309, 310, 311, 312, 313, 314, +- 315, 316, 317, 318, 319, 320, 321, 322, 323, 324, +- 325, 326, 327, 328, 329, 330, 331, 332, 333, 334, +- 335, 336, 337, 338, 339, 340, 341, 342, 343, 344, +- 345, 346, 347, 348, 349, 350, 351, 352, 353, 354, +- 355, 356, 357, 358, 359, 360, 361, 362, 363, 364, +- 365, 366, 367, 368, 369, 370, 371, 372, 373, 374, +- 375, 376, 377, 378, 379, 380, 381, 382, 383, 384, +- 385, 386, 387, 388, 389, 390, 391, 392, 393, 394, +- 395, 396, 397, 398, 399, 400, 401, 402, 403, 404, +- 405, 406, 40, 41, 44, 61, 123, 125, 59, 33, +- 45, 43, 42, 47, 38, 124, 126, 60, 62, 58, +- 91, 93, 37, 94 +-}; +-# endif ++#define YYPACT_NINF (-840) + +-/* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */ +-static const yytype_uint16 yyr1[] = +-{ +- 0, 174, 175, 175, 177, 176, 178, 178, 178, 178, +- 178, 178, 178, 178, 178, 178, 178, 178, 178, 178, +- 178, 178, 178, 178, 178, 178, 178, 178, 178, 178, +- 178, 178, 178, 178, 178, 178, 178, 178, 178, 178, +- 178, 178, 178, 178, 179, 179, 179, 179, 179, 179, +- 179, 179, 179, 179, 179, 179, 180, 181, 181, 182, +- 182, 183, 184, 185, 185, 186, 186, 187, 188, 189, +- 189, 190, 190, 191, 192, 193, 193, 194, 194, 195, +- 196, 197, 197, 198, 198, 199, 200, 201, 201, 202, +- 202, 203, 203, 204, 205, 205, 206, 207, 207, 208, +- 208, 208, 208, 209, 211, 210, 213, 212, 214, 215, +- 215, 216, 216, 216, 216, 216, 216, 216, 216, 216, +- 217, 219, 218, 220, 220, 221, 221, 223, 222, 224, +- 224, 225, 226, 227, 227, 228, 228, 229, 231, 230, +- 232, 232, 233, 235, 234, 236, 236, 236, 236, 237, +- 237, 238, 239, 240, 240, 240, 241, 241, 242, 242, +- 242, 242, 243, 244, 244, 245, 245, 246, 247, 248, +- 248, 249, 249, 250, 251, 252, 252, 253, 253, 254, +- 255, 256, 256, 257, 257, 258, 259, 259, 260, 260, +- 261, 261, 261, 262, 263, 263, 264, 264, 265, 266, +- 266, 267, 267, 268, 268, 268, 269, 269, 271, 270, +- 270, 272, 272, 273, 273, 273, 273, 273, 273, 273, +- 273, 273, 274, 274, 275, 275, 276, 276, 276, 276, +- 277, 277, 278, 278, 279, 280, 280, 281, 281, 282, +- 282, 283, 284, 285, 285, 286, 286, 287, 288, 288, +- 289, 289, 290, 290, 291, 292, 293, 294, 295, 296, +- 297, 298, 299, 300, 301, 302, 303, 304, 305, 306, +- 307, 308, 309, 310, 311, 312, 313, 314, 315, 316, +- 317, 318, 319, 320, 321, 321, 322, 323, 324, 324, +- 324, 325, 325, 326, 326, 327, 327, 328, 329, 329, +- 330, 330, 331, 331, 332, 333, 334, 334, 336, 335, +- 337, 337, 337, 338, 338, 339, 339, 340, 340, 341, +- 341, 342, 342, 342, 343, 343, 344, 344, 345, 345, +- 346, 346, 347, 347, 347, 347, 347, 347, 348, 348, +- 348, 348, 348, 348, 348, 349, 350, 350, 351, 351, +- 352, 352, 353, 354, 354, 355, 355, 355, 355, 355, +- 355, 355, 355, 355, 356, 356, 356, 357, 357, 359, +- 360, 358, 362, 361, 363, 365, 366, 364, 367, 367, +- 368, 368, 369, 370, 370, 370, 370, 371, 371, 372, +- 372, 372, 373, 373, 373, 373, 373, 373, 373, 373, +- 373, 373, 373, 373, 373, 373, 373, 373, 373, 373, +- 373, 373, 373, 373, 373, 373, 373, 373, 373, 373, +- 373, 373, 373, 373, 373, 373, 373, 374, 375, 376, +- 376, 377, 377, 377, 378, 378, 379, 379, 380, 380, +- 380, 381, 381, 382, 382, 384, 383, 383, 385, 387, +- 386, 386, 388, 389, 390, 389, 391, 392, 391, 393, +- 393, 393, 393, 394, 394, 394, 394, 394, 394, 394, +- 394, 394, 394, 394, 394, 394, 394, 394, 394, 394, +- 394, 394, 394, 394, 394, 394, 394, 394, 394, 394, +- 394, 394, 395, 395, 396, 396, 397, 397, 398, 398, +- 399, 399, 400, 400, 401, 401, 401, 401, 402, 402, +- 403, 403, 404, 404, 405, 405, 406, 407, 407, 407, +- 408, 408, 408, 408, 408, 408, 408, 408, 408, 410, +- 409, 411, 409, 409, 413, 412, 412, 414, 414, 416, +- 415, 415, 417, 418, 418, 419, 419, 420, 420, 420, +- 420, 420, 421, 421, 422, 423, 423, 424, 424, 424, +- 425, 425, 425, 425, 425, 425, 425, 425, 425, 425, +- 425, 425, 425, 425, 425, 425, 425, 425, 425, 425, +- 425, 425, 425, 425, 425, 425, 425, 425, 425, 425, +- 425, 426, 426, 427, 427, 428, 428, 428 +-}; ++#define yypact_value_is_default(Yyn) \ ++ ((Yyn) == YYPACT_NINF) + +-/* YYR2[YYN] -- Number of symbols composing right hand side of rule YYN. */ +-static const yytype_uint8 yyr2[] = ++#define YYTABLE_NINF (-564) ++ ++#define yytable_value_is_error(Yyn) \ ++ 0 ++ ++/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing ++ STATE-NUM. */ ++static const yytype_int16 yypact[] = + { +- 0, 2, 1, 2, 0, 2, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 2, 1, 3, 1, +- 3, 3, 2, 1, 3, 1, 3, 3, 2, 1, +- 3, 1, 3, 3, 2, 1, 3, 1, 3, 3, +- 3, 1, 3, 1, 3, 3, 2, 2, 3, 1, +- 3, 3, 3, 5, 0, 3, 4, 1, 2, 1, +- 1, 1, 1, 2, 0, 5, 0, 6, 4, 1, +- 2, 1, 1, 1, 1, 2, 2, 1, 1, 1, +- 14, 0, 5, 0, 3, 1, 2, 0, 5, 1, +- 2, 1, 2, 1, 3, 1, 3, 3, 0, 5, +- 1, 2, 1, 0, 5, 1, 2, 3, 4, 1, +- 3, 1, 3, 0, 1, 3, 1, 3, 3, 3, +- 3, 3, 2, 1, 3, 1, 3, 3, 2, 1, +- 3, 1, 3, 3, 2, 1, 3, 1, 3, 3, +- 3, 1, 3, 1, 3, 3, 0, 4, 1, 2, +- 1, 1, 1, 3, 1, 3, 1, 3, 3, 0, +- 4, 1, 2, 1, 1, 1, 3, 3, 0, 3, +- 3, 1, 3, 3, 3, 3, 3, 3, 3, 3, +- 3, 3, 0, 4, 1, 2, 1, 1, 1, 1, +- 1, 1, 0, 1, 2, 1, 3, 1, 3, 3, +- 3, 2, 2, 1, 3, 1, 3, 3, 0, 2, +- 0, 2, 0, 2, 2, 2, 2, 2, 2, 2, +- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 2, 2, 3, 1, 3, 3, 3, 0, 1, +- 3, 1, 3, 3, 3, 0, 1, 3, 1, 3, +- 1, 3, 3, 3, 4, 2, 1, 2, 0, 9, +- 0, 1, 1, 0, 1, 0, 1, 0, 1, 1, +- 2, 1, 1, 4, 0, 1, 0, 2, 0, 2, +- 1, 3, 1, 1, 1, 1, 1, 1, 0, 1, +- 1, 1, 1, 1, 1, 3, 0, 3, 2, 1, +- 1, 3, 1, 1, 1, 1, 4, 2, 1, 1, +- 1, 1, 1, 1, 0, 1, 3, 6, 12, 0, +- 0, 8, 0, 3, 4, 0, 0, 8, 0, 2, +- 1, 3, 2, 0, 1, 1, 1, 0, 3, 0, +- 1, 2, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 2, 2, 2, 3, 3, 3, 2, 3, 3, 1, +- 3, 3, 3, 3, 0, 4, 1, 2, 1, 1, +- 1, 1, 1, 0, 1, 0, 3, 1, 11, 0, +- 3, 1, 11, 0, 0, 6, 0, 0, 7, 17, +- 7, 17, 16, 1, 1, 1, 1, 1, 1, 1, +- 1, 2, 2, 2, 2, 2, 2, 2, 2, 2, +- 2, 3, 3, 1, 2, 2, 1, 2, 2, 2, +- 1, 2, 0, 1, 0, 1, 0, 2, 0, 3, +- 1, 3, 1, 3, 1, 5, 1, 1, 0, 2, +- 0, 2, 0, 2, 0, 2, 1, 0, 1, 3, +- 4, 4, 4, 3, 3, 6, 6, 3, 2, 0, +- 3, 0, 3, 1, 0, 3, 1, 1, 1, 0, +- 3, 1, 8, 0, 3, 1, 2, 1, 1, 2, +- 2, 2, 4, 3, 3, 0, 1, 0, 3, 2, +- 1, 4, 2, 2, 1, 1, 2, 1, 1, 2, +- 2, 3, 1, 1, 1, 2, 2, 1, 1, 1, +- 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, +- 1, 1, 3, 0, 4, 0, 1, 3 ++ -840, 125, -840, 1218, -840, -840, 42, -2, 54, 55, ++ 58, 74, 100, 100, 100, 100, 75, 181, 100, 100, ++ 100, 100, 100, 100, 100, 100, 1542, 51, -840, -840, ++ 23, 228, 46, 100, 100, 100, 48, 238, 62, 64, ++ 84, 84, -840, -840, -840, 190, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, 218, ++ 224, 277, 279, 1542, -840, -840, 1506, 309, -840, -840, ++ 76, 59, 1506, 84, 203, -840, 66, 68, 53, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, 206, 285, -840, -840, -840, -840, ++ 359, -840, -840, -840, 79, -840, 297, -26, -840, -840, ++ 254, -840, -840, 268, -840, -840, 271, -840, -840, 281, ++ -840, -840, 286, 100, -840, -840, 257, -840, -840, -840, ++ -840, 101, 100, 395, -840, -840, -840, -840, -840, -840, ++ -840, -840, 84, 276, -840, -840, 158, -840, -840, -840, ++ 298, -840, -840, -840, -840, -840, -840, 338, 287, -840, ++ 335, 324, 342, -840, 331, 344, -840, -840, 18, -840, ++ -840, -840, 418, -840, -840, -840, 447, -840, 285, -840, ++ 77, -840, 378, 380, -840, 400, -840, -840, 171, 276, ++ 388, 390, 1506, 404, -840, -840, 406, -840, -840, 407, ++ -840, -840, 1506, 279, 1542, 482, -49, 234, 146, -840, ++ 391, 392, 169, -840, 393, 210, -840, 396, 214, -840, ++ 399, 222, -840, 401, 295, -840, 402, 306, -840, -840, ++ -840, -840, 403, 405, 312, -840, -840, -840, 100, -840, ++ 516, -840, 4, 408, 409, 316, -840, 410, 323, -840, ++ 412, 413, 414, 416, 417, 419, 420, 421, 422, 423, ++ 326, -840, 244, -840, 335, -840, -840, 424, 337, -840, ++ 267, -840, 425, 339, -840, 267, -840, 381, 381, -840, ++ 276, -840, 146, 276, 397, 426, 528, 529, 428, 341, ++ -840, 429, 430, 431, 432, 343, -840, -840, 1279, 84, ++ 276, -840, -21, 433, 349, -840, 435, 352, -840, 436, ++ 354, -840, -9, -840, 276, -840, 1279, 437, 439, 105, ++ 440, 441, 442, 443, 444, 449, 450, -840, 34, -34, ++ 438, 451, 452, 456, 486, -840, -840, 314, 488, -840, ++ -26, 567, -840, 254, 575, -840, 268, 576, -840, 271, ++ 579, -840, 281, 580, -840, 286, 581, 513, -840, 101, ++ -840, 465, -11, -840, 466, 461, 590, 530, 472, 467, ++ 592, 394, -840, 158, 594, -840, 298, 595, 596, 238, ++ 394, 394, 394, 394, 394, 599, 523, -840, 338, 485, ++ 81, -840, -840, 36, -840, -840, -840, -840, 238, -840, ++ 324, -840, -840, 38, -840, -840, 238, -840, 331, -840, ++ -840, 45, -840, -840, 315, 276, 276, -840, -840, 480, ++ 606, 253, 483, -840, -1, -840, -840, 33, -840, 314, ++ -840, 400, 605, 607, 608, 609, -840, 171, 418, 418, ++ 418, 418, 418, 493, 494, 418, 495, 497, -840, 418, ++ 492, 496, 498, 1506, -840, 238, -840, 404, 238, -840, ++ 406, 84, -840, 407, -840, -840, 499, 288, 500, -840, ++ 1506, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ 502, -840, 504, -840, -840, -840, 1279, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, 93, 516, -840, 334, ++ -840, -840, 11, -840, 418, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, 515, -840, -840, 128, 100, 505, -840, ++ -840, -840, 506, -840, -840, -840, 507, -840, -840, -840, ++ -840, 508, -840, 84, -840, -840, 510, 642, 517, -840, ++ 735, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, 276, 276, 276, 276, 276, 1279, ++ 1279, 276, 573, 1279, 276, 519, -840, -840, 232, -840, ++ -840, -840, -840, -840, -840, -840, -840, 466, 573, 100, ++ 100, 100, -840, -840, 56, -840, 656, 520, -840, -840, ++ 521, 509, -840, -840, -840, -840, -840, 100, 100, 100, ++ 100, 1506, 134, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, 643, -840, 522, 358, -840, 525, 526, 360, ++ -840, -840, -840, -840, -840, 315, -840, 527, 527, 389, ++ -840, -840, 533, -840, -840, 492, 492, 492, -840, -840, ++ 535, 536, -840, -840, 561, -840, -840, 84, 293, -840, ++ 272, 100, 47, -840, -840, -840, -840, -840, -840, 561, ++ -840, -840, -840, -840, -840, 100, 673, 534, 573, 335, ++ -840, -840, -840, -840, 658, 537, -840, -840, 659, -840, ++ 515, 661, 662, -840, 128, -840, 1092, 540, 541, 538, ++ -840, -840, 545, 389, -840, 1506, -840, -840, -840, 418, ++ 418, -840, 584, 552, -840, -840, -840, -840, -840, -840, ++ 519, -840, -840, -840, -840, -840, -840, 843, -840, 548, ++ -840, 584, -840, 100, 690, -840, 561, 549, 558, -840, ++ -840, -840, -840, -840, -840, 100, 100, 559, 100, 100, ++ 100, 100, 100, 100, 100, 100, 100, 100, 100, 100, ++ 644, 644, 644, 543, -840, -840, 547, -840, -840, 563, ++ 683, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, 983, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, -840, -840, ++ 519, 276, 562, -840, 362, 276, 276, 565, 564, -840, ++ -840, -840, -840, -840, -840, -840, 568, -30, -840, -840, ++ 569, -840, 564, -840, 100, -840, 584, 335, 1279, -840, ++ -840, 1279, -840, -840, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, 553, 555, 560, -840, 1336, ++ 1336, 566, 1450, 1393, 694, 156, 572, 578, -840, -840, ++ -840, 577, -840, 276, -840, -840, 84, 627, 276, -840, ++ 274, 276, -840, 564, -840, 583, 585, -840, -840, -840, ++ -840, -840, -840, -840, -840, 90, -840, 559, -840, 582, ++ 586, 587, 364, -840, 267, -840, 593, -840, -840, 589, ++ -840, 367, -840, 570, 293, 373, 570, 276, 573, 584, ++ 591, 701, 314, 712, -840, 156, -840, -840, -840, 52, ++ -840, 584, 642, -840, 84, -840, 597, -840, 519, 600, ++ 570, 584, 276, -840, -840, -840, -840, 602, -840, 564, ++ -840, -840, 1506, 700, 293, 642, 603, 276, 616, -840, ++ 276, 598, 100, 702, 700, 700, 570, -840, 611, 612, ++ 1279, -840, 100, 715, 702, 702, 615, 601, 642, 700, ++ 604, -840, 100, 706, 715, 715, 642, 1279, 700, 702, ++ 617, -840, 100, -840, 706, 706, 700, 610, 702, 715, ++ -840, -840, -840, -840, 702, 618, -840, -840, -840, -840 + }; + +-/* YYDEFACT[STATE-NAME] -- Default rule to reduce with in state +- STATE-NUM when YYTABLE doesn't specify something else to do. Zero ++/* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM. ++ Performed when YYTABLE does not specify something else to do. Zero + means the default is an error. */ +-static const yytype_uint16 yydefact[] = ++static const yytype_int16 yydefact[] = + { + 4, 4, 2, 0, 1, 3, 0, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 151, 352, ++ 0, 0, 0, 0, 0, 0, 0, 0, 151, 353, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 574, 564, 567, 568, 572, 573, 577, 578, +- 579, 580, 581, 582, 583, 584, 585, 586, 587, 310, +- 0, 565, 0, 0, 588, 589, 0, 0, 138, 127, +- 0, 153, 0, 0, 0, 590, 0, 0, 0, 5, ++ 0, 0, 575, 565, 568, 569, 573, 574, 578, 579, ++ 580, 581, 582, 583, 584, 585, 586, 587, 588, 311, ++ 0, 566, 0, 0, 589, 590, 0, 0, 138, 127, ++ 0, 153, 0, 0, 0, 591, 0, 0, 0, 5, + 43, 19, 20, 21, 9, 42, 14, 50, 40, 41, + 46, 16, 17, 15, 44, 45, 18, 22, 23, 24, + 7, 8, 6, 11, 12, 13, 10, 25, 26, 55, + 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, +- 37, 38, 39, 52, 560, 349, 350, 51, 47, 49, +- 372, 48, 53, 54, 0, 557, 0, 0, 86, 57, ++ 37, 38, 39, 52, 561, 350, 351, 51, 47, 49, ++ 373, 48, 53, 54, 0, 558, 0, 0, 86, 57, + 0, 56, 63, 0, 62, 69, 0, 68, 75, 0, +- 74, 81, 0, 0, 306, 277, 0, 278, 280, 281, +- 298, 0, 0, 313, 271, 272, 273, 274, 275, 269, +- 276, 254, 0, 498, 143, 235, 0, 234, 241, 243, +- 0, 242, 255, 256, 257, 230, 231, 0, 222, 208, +- 232, 0, 186, 181, 0, 199, 194, 375, 369, 570, +- 311, 312, 315, 575, 563, 566, 569, 576, 348, 557, +- 0, 121, 0, 0, 133, 0, 132, 154, 0, 498, ++ 74, 81, 0, 0, 307, 278, 0, 279, 281, 282, ++ 299, 0, 0, 314, 272, 273, 274, 275, 276, 270, ++ 277, 255, 0, 499, 143, 236, 0, 235, 242, 244, ++ 0, 243, 256, 257, 258, 231, 232, 0, 223, 208, ++ 233, 0, 186, 181, 0, 199, 194, 376, 370, 571, ++ 312, 313, 316, 576, 564, 567, 570, 577, 349, 558, ++ 0, 121, 0, 0, 133, 0, 132, 154, 0, 499, + 0, 94, 0, 0, 162, 163, 0, 168, 169, 0, +- 174, 175, 0, 0, 0, 0, 498, 0, 555, 87, ++ 174, 175, 0, 0, 0, 0, 499, 0, 556, 87, + 0, 0, 0, 89, 0, 0, 59, 0, 0, 65, + 0, 0, 71, 0, 0, 77, 0, 0, 83, 80, +- 307, 305, 0, 0, 0, 300, 297, 314, 0, 562, +- 0, 104, 315, 0, 0, 0, 237, 0, 0, 245, ++ 308, 306, 0, 0, 0, 301, 298, 315, 0, 563, ++ 0, 104, 316, 0, 0, 0, 238, 0, 0, 246, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 211, 0, 206, 232, 233, 207, 0, 0, 183, 0, +- 180, 0, 0, 196, 0, 193, 378, 378, 316, 498, +- 571, 555, 498, 0, 123, 0, 0, 0, 0, 135, +- 0, 0, 0, 0, 0, 156, 152, 517, 0, 498, +- 591, 0, 0, 0, 165, 0, 0, 171, 0, 0, +- 177, 0, 351, 498, 373, 517, 543, 0, 0, 0, +- 464, 463, 465, 466, 468, 469, 483, 486, 490, 0, +- 467, 470, 0, 559, 556, 553, 0, 0, 88, 0, +- 0, 58, 0, 0, 64, 0, 0, 70, 0, 0, +- 76, 0, 0, 82, 0, 0, 0, 299, 0, 304, +- 502, 0, 500, 0, 145, 0, 149, 0, 0, 0, +- 0, 236, 0, 0, 244, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 210, 0, 0, 288, 226, +- 227, 0, 224, 228, 229, 209, 0, 182, 0, 190, +- 191, 0, 188, 192, 0, 195, 0, 203, 204, 0, +- 201, 205, 383, 498, 498, 308, 552, 0, 0, 0, +- 0, 142, 0, 140, 131, 0, 129, 0, 134, 0, +- 0, 0, 0, 0, 155, 0, 315, 315, 315, 315, +- 315, 0, 0, 315, 0, 516, 518, 315, 328, 0, +- 0, 0, 374, 0, 164, 0, 0, 170, 0, 0, +- 176, 0, 561, 106, 0, 0, 0, 484, 0, 488, +- 489, 474, 473, 475, 476, 478, 479, 487, 471, 491, +- 472, 485, 477, 480, 517, 558, 441, 442, 91, 92, +- 90, 61, 60, 67, 66, 73, 72, 79, 78, 85, +- 84, 302, 303, 301, 0, 0, 499, 0, 105, 146, +- 0, 144, 315, 239, 353, 354, 240, 238, 247, 246, +- 213, 214, 215, 216, 217, 218, 219, 220, 221, 212, +- 0, 282, 289, 0, 0, 0, 225, 185, 184, 0, +- 189, 198, 197, 0, 202, 384, 385, 386, 379, 380, +- 0, 376, 370, 0, 295, 0, 125, 0, 372, 122, +- 139, 141, 128, 130, 137, 136, 159, 160, 161, 158, +- 157, 498, 498, 498, 498, 498, 517, 517, 498, 492, +- 0, 498, 346, 528, 95, 0, 93, 592, 167, 166, +- 173, 172, 179, 178, 0, 492, 0, 0, 0, 547, +- 548, 0, 545, 248, 0, 481, 482, 0, 230, 506, +- 507, 504, 503, 501, 0, 0, 0, 0, 0, 0, +- 109, 119, 111, 112, 113, 117, 114, 118, 147, 0, +- 150, 0, 0, 284, 0, 0, 0, 291, 287, 223, +- 187, 200, 383, 382, 387, 387, 317, 296, 367, 0, +- 124, 126, 328, 328, 328, 523, 524, 0, 0, 527, +- 493, 494, 519, 554, 0, 329, 330, 338, 0, 0, +- 97, 101, 99, 100, 102, 107, 494, 549, 550, 551, +- 544, 546, 0, 250, 0, 492, 232, 270, 266, 115, +- 116, 0, 0, 110, 148, 0, 283, 0, 0, 0, +- 290, 0, 381, 389, 0, 0, 326, 321, 322, 0, +- 318, 319, 0, 520, 521, 522, 315, 315, 495, 593, +- 0, 332, 333, 334, 335, 336, 337, 346, 339, 341, +- 342, 343, 344, 340, 0, 103, 0, 98, 593, 249, +- 0, 252, 460, 494, 0, 0, 108, 286, 285, 293, +- 294, 292, 0, 0, 352, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 443, 443, 443, +- 0, 529, 531, 539, 534, 449, 0, 0, 398, 394, +- 392, 393, 404, 405, 406, 407, 408, 409, 410, 411, +- 412, 413, 414, 415, 403, 416, 402, 400, 399, 395, +- 397, 396, 0, 390, 401, 418, 447, 417, 451, 541, +- 419, 533, 536, 537, 538, 377, 371, 346, 498, 0, +- 320, 0, 498, 498, 0, 496, 347, 331, 362, 359, +- 358, 363, 361, 0, 355, 360, 345, 0, 96, 496, +- 251, 0, 542, 593, 232, 517, 279, 268, 517, 258, +- 259, 260, 261, 262, 263, 264, 265, 267, 422, 421, +- 420, 444, 0, 0, 0, 426, 0, 0, 0, 0, +- 0, 0, 0, 434, 0, 388, 391, 327, 324, 309, +- 498, 525, 526, 595, 0, 498, 357, 346, 498, 253, +- 496, 505, 0, 0, 423, 424, 425, 539, 530, 532, +- 446, 540, 0, 535, 0, 450, 0, 0, 0, 0, +- 429, 0, 427, 0, 325, 323, 0, 596, 0, 497, +- 456, 365, 0, 456, 498, 492, 593, 0, 0, 0, +- 0, 428, 0, 438, 439, 440, 0, 436, 593, 295, +- 594, 0, 457, 0, 356, 346, 0, 456, 593, 498, +- 431, 432, 433, 430, 0, 437, 496, 368, 597, 0, +- 512, 366, 295, 0, 498, 453, 435, 498, 0, 0, +- 510, 512, 512, 456, 454, 0, 0, 517, 513, 0, +- 514, 510, 510, 0, 0, 295, 512, 0, 511, 0, +- 508, 514, 514, 295, 517, 512, 510, 0, 515, 0, +- 462, 508, 508, 512, 0, 510, 514, 458, 509, 459, +- 461, 510, 0, 452, 448, 120, 455 ++ 0, 211, 0, 206, 233, 234, 207, 0, 0, 183, ++ 0, 180, 0, 0, 196, 0, 193, 379, 379, 317, ++ 499, 572, 556, 499, 0, 123, 0, 0, 0, 0, ++ 135, 0, 0, 0, 0, 0, 156, 152, 518, 0, ++ 499, 592, 0, 0, 0, 165, 0, 0, 171, 0, ++ 0, 177, 0, 352, 499, 374, 518, 544, 0, 0, ++ 0, 465, 464, 466, 467, 469, 470, 484, 487, 491, ++ 0, 468, 471, 0, 560, 557, 554, 0, 0, 88, ++ 0, 0, 58, 0, 0, 64, 0, 0, 70, 0, ++ 0, 76, 0, 0, 82, 0, 0, 0, 300, 0, ++ 305, 503, 0, 501, 0, 145, 0, 149, 0, 0, ++ 0, 0, 237, 0, 0, 245, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 210, 0, 0, ++ 289, 227, 228, 0, 225, 229, 230, 209, 0, 182, ++ 0, 190, 191, 0, 188, 192, 0, 195, 0, 203, ++ 204, 0, 201, 205, 384, 499, 499, 309, 553, 0, ++ 0, 0, 0, 142, 0, 140, 131, 0, 129, 0, ++ 134, 0, 0, 0, 0, 0, 155, 0, 316, 316, ++ 316, 316, 316, 0, 0, 316, 0, 517, 519, 316, ++ 329, 0, 0, 0, 375, 0, 164, 0, 0, 170, ++ 0, 0, 176, 0, 562, 106, 0, 0, 0, 485, ++ 0, 489, 490, 475, 474, 476, 477, 479, 480, 488, ++ 472, 492, 473, 486, 478, 481, 518, 559, 442, 443, ++ 91, 92, 90, 61, 60, 67, 66, 73, 72, 79, ++ 78, 85, 84, 303, 304, 302, 0, 0, 500, 0, ++ 105, 146, 0, 144, 316, 240, 354, 355, 241, 239, ++ 248, 247, 213, 214, 215, 216, 217, 218, 219, 220, ++ 221, 222, 212, 0, 283, 290, 0, 0, 0, 226, ++ 185, 184, 0, 189, 198, 197, 0, 202, 385, 386, ++ 387, 380, 381, 0, 377, 371, 0, 296, 0, 125, ++ 0, 373, 122, 139, 141, 128, 130, 137, 136, 159, ++ 160, 161, 158, 157, 499, 499, 499, 499, 499, 518, ++ 518, 499, 493, 0, 499, 347, 529, 95, 0, 93, ++ 593, 167, 166, 173, 172, 179, 178, 0, 493, 0, ++ 0, 0, 548, 549, 0, 546, 249, 0, 482, 483, ++ 0, 231, 507, 508, 505, 504, 502, 0, 0, 0, ++ 0, 0, 0, 109, 119, 111, 112, 113, 117, 114, ++ 118, 147, 0, 150, 0, 0, 285, 0, 0, 0, ++ 292, 288, 224, 187, 200, 384, 383, 388, 388, 318, ++ 297, 368, 0, 124, 126, 329, 329, 329, 524, 525, ++ 0, 0, 528, 494, 495, 520, 555, 0, 330, 331, ++ 339, 0, 0, 97, 101, 99, 100, 102, 107, 495, ++ 550, 551, 552, 545, 547, 0, 251, 0, 493, 233, ++ 271, 267, 115, 116, 0, 0, 110, 148, 0, 284, ++ 0, 0, 0, 291, 0, 382, 390, 0, 0, 327, ++ 322, 323, 0, 319, 320, 0, 521, 522, 523, 316, ++ 316, 496, 594, 0, 333, 334, 335, 336, 337, 338, ++ 347, 340, 342, 343, 344, 345, 341, 0, 103, 0, ++ 98, 594, 250, 0, 253, 461, 495, 0, 0, 108, ++ 287, 286, 294, 295, 293, 0, 0, 353, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 444, 444, 444, 0, 530, 532, 540, 535, 450, 0, ++ 0, 399, 395, 393, 394, 405, 406, 407, 408, 409, ++ 410, 411, 412, 413, 414, 415, 416, 404, 417, 403, ++ 401, 400, 396, 398, 397, 0, 391, 402, 419, 448, ++ 418, 452, 542, 420, 534, 537, 538, 539, 378, 372, ++ 347, 499, 0, 321, 0, 499, 499, 0, 497, 348, ++ 332, 363, 360, 359, 364, 362, 0, 356, 361, 346, ++ 0, 96, 497, 252, 0, 543, 594, 233, 518, 280, ++ 269, 518, 259, 260, 261, 262, 263, 264, 265, 266, ++ 268, 423, 422, 421, 445, 0, 0, 0, 427, 0, ++ 0, 0, 0, 0, 0, 0, 435, 0, 389, 392, ++ 328, 325, 310, 499, 526, 527, 596, 0, 499, 358, ++ 347, 499, 254, 497, 506, 0, 0, 424, 425, 426, ++ 540, 531, 533, 447, 541, 0, 536, 0, 451, 0, ++ 0, 0, 0, 430, 0, 428, 0, 326, 324, 0, ++ 597, 0, 498, 457, 366, 0, 457, 499, 493, 594, ++ 0, 0, 0, 0, 429, 0, 439, 440, 441, 0, ++ 437, 594, 296, 595, 0, 458, 0, 357, 347, 0, ++ 457, 594, 499, 432, 433, 434, 431, 0, 438, 497, ++ 369, 598, 0, 513, 367, 296, 0, 499, 454, 436, ++ 499, 0, 0, 511, 513, 513, 457, 455, 0, 0, ++ 518, 514, 0, 515, 511, 511, 0, 0, 296, 513, ++ 0, 512, 0, 509, 515, 515, 296, 518, 513, 511, ++ 0, 516, 0, 463, 509, 509, 513, 0, 511, 515, ++ 459, 510, 460, 462, 511, 0, 453, 449, 120, 456 ++}; ++ ++/* YYPGOTO[NTERM-NUM]. */ ++static const yytype_int16 yypgoto[] = ++{ ++ -840, -840, 754, -840, -840, -408, -840, -840, -840, 434, ++ -840, -840, -840, 415, -840, -840, -840, 386, -840, -840, ++ -840, 384, -840, -840, -840, 411, -840, -840, -840, 427, ++ -622, -840, -840, -840, 91, -840, -840, -840, -840, -840, ++ 165, -840, 143, -840, -615, -840, -840, -840, -840, -840, ++ -840, 345, -840, -840, -840, 340, -840, -840, -840, 350, ++ -264, -840, -840, -840, -261, -840, -840, -840, 363, -840, ++ -840, -840, 311, -840, -840, -840, 346, -840, -840, -840, ++ 332, -840, -840, -840, 375, -840, -840, 445, -840, -840, ++ -840, 446, -840, -840, 398, -840, -840, -840, -840, 448, ++ -840, -840, 453, 17, -276, -840, -840, -840, 455, -840, ++ -840, -840, -840, 457, -840, -840, -840, -840, -840, -840, ++ -513, -840, -840, -840, -840, -840, -840, -840, -840, -595, ++ -840, -840, -840, -593, -840, -840, -840, -840, -840, -840, ++ -840, -840, -840, -840, -840, -840, -840, -840, 102, -268, ++ -840, -840, 99, -839, -840, -840, -840, 454, -840, -13, ++ -840, -510, -840, -840, -840, -225, -840, -840, 94, -840, ++ -840, -239, -790, -840, -840, -653, -840, -27, 772, 613, ++ -351, -840, -840, -578, -573, -840, -840, -561, -840, 835, ++ -216, -840, -840, 539, -840, 167, -840, 170, -840, 15, ++ -840, -840, -840, -116, -840, -840, -118, -436, -272, -840, ++ -840, -48, -840, -840, -52, -840, -840, -788, -840, 12, ++ -840, -598, -644, -837, -194, -840, 318, -840, -503, -734, ++ -735, -786, -342, -840, 243, -840, -840, -840, -366, -840, ++ -44, -840, -840, 14, -840, -840, 230, 0, -840, 556, ++ 660, -10, -205, -722, -840 + }; + + /* YYDEFGOTO[NTERM-NUM]. */ + static const yytype_int16 yydefgoto[] = + { +- -1, 1, 2, 3, 79, 80, 81, 141, 245, 246, ++ 0, 1, 2, 3, 79, 80, 81, 141, 245, 246, + 82, 144, 248, 249, 83, 147, 251, 252, 84, 150, + 254, 255, 85, 153, 257, 258, 86, 138, 242, 243, +- 87, 329, 616, 699, 700, 701, 88, 393, 89, 624, +- 538, 649, 650, 651, 90, 314, 450, 587, 91, 213, +- 455, 456, 92, 216, 318, 319, 93, 212, 452, 453, +- 94, 272, 396, 397, 95, 96, 219, 324, 325, 97, +- 224, 333, 334, 98, 227, 336, 337, 99, 230, 339, +- 340, 100, 192, 297, 298, 300, 431, 432, 101, 195, +- 302, 303, 305, 439, 440, 102, 188, 293, 289, 290, +- 292, 421, 422, 189, 295, 103, 177, 275, 276, 104, +- 105, 181, 278, 279, 713, 771, 872, 106, 107, 108, +- 109, 813, 814, 815, 816, 817, 818, 819, 820, 655, +- 822, 823, 110, 656, 111, 112, 113, 114, 115, 116, +- 117, 118, 825, 119, 120, 423, 561, 662, 663, 677, +- 564, 666, 667, 678, 121, 162, 264, 265, 122, 155, +- 156, 123, 583, 202, 268, 309, 739, 740, 741, 945, +- 848, 613, 695, 757, 764, 696, 697, 124, 125, 126, +- 546, 866, 952, 127, 128, 307, 675, 129, 235, 588, +- 131, 306, 674, 443, 578, 579, 580, 734, 832, 833, +- 834, 903, 939, 940, 942, 966, 967, 518, 892, 835, +- 898, 836, 837, 901, 838, 1005, 1014, 973, 989, 839, +- 362, 691, 749, 915, 271, 391, 392, 642, 1030, 1010, +- 1000, 1020, 474, 475, 476, 840, 896, 897, 841, 900, +- 842, 843, 899, 844, 496, 631, 632, 477, 478, 365, +- 238, 135, 331, 855, 948 +-}; +- +-/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing +- STATE-NUM. */ +-#define YYPACT_NINF -823 +-static const yytype_int16 yypact[] = +-{ +- -823, 143, -823, 1215, -823, -823, -1, 60, 86, 87, +- 68, 69, 119, 119, 119, 119, 71, 24, 119, 119, +- 119, 119, 119, 119, 119, 119, 1503, 8, -823, -823, +- 13, 137, 34, 119, 119, 119, 46, 322, 50, 52, +- 85, 85, -823, -823, -823, 111, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, 364, +- 154, 296, 217, 1503, -823, -823, 497, 270, -823, -823, +- 74, 89, 497, 85, 102, -823, 63, 65, 67, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, 140, 167, -823, -823, -823, -823, +- 311, -823, -823, -823, 94, -823, 219, 160, -823, -823, +- 207, -823, -823, 214, -823, -823, 216, -823, -823, 221, +- -823, -823, 231, 119, -823, -823, 175, -823, -823, -823, +- -823, 28, 119, 341, -823, -823, -823, -823, -823, -823, +- -823, -823, 85, 215, -823, -823, 309, -823, -823, -823, +- 243, -823, -823, -823, -823, -823, -823, 295, 242, -823, +- 276, 263, 249, -823, 285, 265, -823, -823, 45, -823, +- -823, -823, 405, -823, -823, -823, 384, -823, 167, -823, +- 75, -823, 308, 366, -823, 406, -823, -823, 259, 215, +- 336, 345, 497, 407, -823, -823, 408, -823, -823, 409, +- -823, -823, 497, 217, 1503, 479, 107, 227, 138, -823, +- 393, 394, 313, -823, 395, 320, -823, 399, 324, -823, +- 400, 326, -823, 401, 329, -823, 402, 331, -823, -823, +- -823, -823, 403, 410, 333, -823, -823, -823, 119, -823, +- 518, -823, 18, 411, 414, 337, -823, 433, 340, -823, +- 437, 439, 440, 441, 442, 443, 445, 449, 450, 342, +- -823, 332, -823, 276, -823, -823, 451, 346, -823, 306, +- -823, 452, 348, -823, 306, -823, 390, 390, -823, 215, +- -823, 138, 215, 398, 453, 527, 529, 455, 350, -823, +- 457, 462, 463, 464, 352, -823, -823, 1276, 85, 215, +- -823, -22, 465, 354, -823, 466, 356, -823, 467, 358, +- -823, 29, -823, 215, -823, 1276, 469, 470, 108, 471, +- 472, 473, 474, 475, 480, 481, -823, -40, 185, 468, +- 482, 483, 456, 544, -823, -823, 287, 534, -823, 160, +- 606, -823, 207, 607, -823, 214, 608, -823, 216, 611, +- -823, 221, 612, -823, 231, 613, 542, -823, 28, -823, +- 495, -21, -823, 496, 491, 620, 560, 503, 499, 625, +- 397, -823, 309, 626, -823, 243, 627, 628, 322, 397, +- 397, 397, 397, 631, 555, -823, 295, 516, 90, -823, +- -823, 38, -823, -823, -823, -823, 322, -823, 263, -823, +- -823, 25, -823, -823, 322, -823, 285, -823, -823, 35, +- -823, -823, 359, 215, 215, -823, -823, 511, 636, 842, +- 513, -823, 21, -823, -823, 31, -823, 287, -823, 406, +- 638, 639, 642, 643, -823, 259, 405, 405, 405, 405, +- 405, 520, 528, 405, 531, 532, -823, 405, 526, 535, +- 533, 497, -823, 322, -823, 407, 322, -823, 408, 85, +- -823, 409, -823, -823, 537, 330, 524, -823, 497, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, 536, -823, +- 538, -823, -823, -823, 1276, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, 103, 518, -823, 283, -823, -823, +- 22, -823, 405, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- 546, -823, -823, 171, 119, 539, -823, -823, -823, 545, +- -823, -823, -823, 547, -823, -823, -823, -823, 540, -823, +- 85, -823, -823, 548, 680, 543, -823, 203, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, 215, 215, 215, 215, 215, 1276, 1276, 215, 599, +- 1276, 215, 554, -823, -823, 152, -823, -823, -823, -823, +- -823, -823, -823, -823, 496, 599, 119, 119, 119, -823, +- -823, 59, -823, 683, 556, -823, -823, 557, 549, -823, +- -823, -823, -823, -823, 119, 119, 119, 119, 497, 61, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, 673, +- -823, 553, 362, -823, 558, 559, 365, -823, -823, -823, +- -823, -823, 359, -823, 561, 561, 404, -823, -823, 564, +- -823, -823, 526, 526, 526, -823, -823, 566, 568, -823, +- -823, 585, -823, -823, 85, 294, -823, 258, 119, 57, +- -823, -823, -823, -823, -823, -823, 585, -823, -823, -823, +- -823, -823, 119, 694, 567, 599, 276, -823, -823, -823, +- -823, 688, 569, -823, -823, 690, -823, 546, 692, 693, +- -823, 171, -823, 1089, 572, 573, 577, -823, -823, 578, +- 404, -823, 497, -823, -823, -823, 405, 405, -823, 604, +- 581, -823, -823, -823, -823, -823, -823, 554, -823, -823, +- -823, -823, -823, -823, 732, -823, 580, -823, 604, -823, +- 119, 717, -823, 585, 579, 588, -823, -823, -823, -823, +- -823, -823, 119, 119, 589, 119, 119, 119, 119, 119, +- 119, 119, 119, 119, 119, 119, 119, 672, 672, 672, +- 575, -823, -823, 582, -823, -823, 593, 712, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, 980, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, 554, 215, 591, +- -823, 367, 215, 215, 595, 596, -823, -823, -823, -823, +- -823, -823, -823, 598, -31, -823, -823, 600, -823, 596, +- -823, 119, -823, 604, 276, 1276, -823, -823, 1276, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, -823, -823, +- -823, -823, 584, 587, 592, -823, 1333, 1333, 594, 1447, +- 1390, 716, 235, 602, 610, -823, -823, -823, 609, -823, +- 215, -823, -823, 85, 657, 215, -823, 298, 215, -823, +- 596, -823, 614, 618, -823, -823, -823, -823, -823, -823, +- -823, -823, 121, -823, 589, -823, 630, 632, 633, 372, +- -823, 306, -823, 637, -823, -823, 634, -823, 376, -823, +- 616, 294, 379, 616, 215, 599, 604, 641, 731, 287, +- 755, -823, 235, -823, -823, -823, 42, -823, 604, 680, +- -823, 85, -823, 640, -823, 554, 645, 616, 604, 215, +- -823, -823, -823, -823, 646, -823, 596, -823, -823, 497, +- 742, 294, 680, 664, 215, 624, -823, 215, 644, 119, +- 747, 742, 742, 616, -823, 665, 669, 1276, -823, 119, +- 763, 747, 747, 670, 649, 680, 742, 676, -823, 119, +- 783, 763, 763, 680, 1276, 742, 747, 660, -823, 119, +- -823, 783, 783, 742, 681, 747, 763, -823, -823, -823, +- -823, 747, 662, -823, -823, -823, -823 ++ 87, 330, 619, 702, 703, 704, 88, 394, 89, 627, ++ 540, 652, 653, 654, 90, 315, 452, 590, 91, 213, ++ 457, 458, 92, 216, 319, 320, 93, 212, 454, 455, ++ 94, 272, 397, 398, 95, 96, 219, 325, 326, 97, ++ 224, 334, 335, 98, 227, 337, 338, 99, 230, 340, ++ 341, 100, 192, 298, 299, 301, 433, 434, 101, 195, ++ 303, 304, 306, 441, 442, 102, 188, 294, 290, 291, ++ 293, 423, 424, 189, 296, 103, 177, 275, 276, 104, ++ 105, 181, 278, 279, 716, 774, 875, 106, 107, 108, ++ 109, 816, 817, 818, 819, 820, 821, 822, 823, 658, ++ 825, 826, 110, 659, 111, 112, 113, 114, 115, 116, ++ 117, 118, 828, 119, 120, 425, 564, 665, 666, 680, ++ 567, 669, 670, 681, 121, 162, 264, 265, 122, 155, ++ 156, 123, 586, 202, 268, 310, 742, 743, 744, 948, ++ 851, 616, 698, 760, 767, 699, 700, 124, 125, 126, ++ 548, 869, 955, 127, 128, 308, 678, 129, 235, 591, ++ 131, 307, 677, 445, 581, 582, 583, 737, 835, 836, ++ 837, 906, 942, 943, 945, 969, 970, 520, 895, 838, ++ 901, 839, 840, 904, 841, 1008, 1017, 976, 992, 842, ++ 363, 694, 752, 918, 271, 392, 393, 645, 1033, 1013, ++ 1003, 1023, 476, 477, 478, 843, 899, 900, 844, 903, ++ 845, 846, 902, 847, 498, 634, 635, 479, 480, 366, ++ 238, 135, 332, 858, 951 + }; + +-/* YYPGOTO[NTERM-NUM]. */ +-static const yytype_int16 yypgoto[] = +-{ +- -823, -823, 834, -823, -823, -411, -823, -823, -823, 484, +- -823, -823, -823, 461, -823, -823, -823, 476, -823, -823, +- -823, 460, -823, -823, -823, 458, -823, -823, -823, 477, +- -638, -823, -823, -823, 144, -823, -823, -823, -823, -823, +- 220, -823, 196, -823, -629, -823, -823, -823, -823, -823, +- -823, 396, -823, -823, -823, 412, -823, -823, -823, 413, +- -265, -823, -823, -823, -264, -823, -823, -823, 387, -823, +- -823, -823, 368, -823, -823, -823, 369, -823, -823, -823, +- 370, -823, -823, -823, 427, -823, -823, 429, -823, -823, +- -823, 426, -823, -823, 424, -823, -823, -823, -823, 448, +- -823, -823, 446, 6, -263, -823, -823, -823, 478, -823, +- -823, -823, -823, 485, -823, -823, -823, -823, -823, -823, +- -508, -823, -823, -823, -823, -823, -823, -823, -823, -627, +- -823, -823, -823, -603, -823, -823, -823, -823, -823, -823, +- -823, -823, -823, -823, -823, -823, -823, -823, 139, -268, +- -823, -823, 141, -822, -823, -823, -823, 489, -823, -13, +- -823, -505, -823, -823, -823, -223, -823, -823, 128, -823, +- -823, -212, -786, -823, -823, -647, -823, -27, 807, 648, +- -349, -823, -823, -598, -579, -823, -823, -574, -823, 867, +- -216, -823, -823, 571, -823, 201, -823, 204, -823, 51, +- -823, -823, -823, -80, -823, -823, -82, -432, -260, -823, +- -823, -11, -823, -823, -16, -823, -823, -660, -823, 12, +- -823, -597, -577, -796, -195, -823, 357, -823, -496, -680, +- -696, -765, -341, -823, 279, -823, -823, -823, -355, -823, +- -9, -823, -823, 14, -823, -823, 262, 0, -823, 583, +- 686, -10, -214, -704, -823 +-}; +- +-/* YYTABLE[YYPACT[STATE-NUM]]. What to do in state STATE-NUM. If +- positive, shift that token. If negative, reduce the rule which +- number is the opposite. If zero, do what YYDEFACT says. +- If YYTABLE_NINF, syntax error. */ +-#define YYTABLE_NINF -563 ++/* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If ++ positive, shift that token. If negative, reduce the rule whose ++ number is the opposite. If YYTABLE_NINF, syntax error. */ + static const yytype_int16 yytable[] = + { +- 157, 158, 159, 134, 494, 164, 165, 166, 167, 168, +- 169, 170, 171, 197, 198, 132, 173, 133, 341, 344, +- 182, 183, 184, 424, 326, 594, 419, 420, 706, 654, +- 425, 433, 657, 136, 429, 430, 441, 418, 586, 437, +- 438, 346, 417, 190, 193, 196, 221, 418, 175, 398, +- 418, 231, 394, 209, 418, 451, 658, 27, 28, 163, +- 553, 554, 555, 556, 869, 454, 210, 27, 28, 179, +- 27, 28, 220, 918, 27, 28, 626, 627, 628, -562, +- 185, 186, 225, 228, 185, 186, 185, 186, 644, 27, +- 28, 27, 28, 27, 28, 808, 139, 185, 186, 185, +- 186, 29, 148, 151, 809, 160, 821, 704, 214, 312, +- 857, 645, 646, 647, 445, 507, 35, 447, 773, 29, +- 35, -560, 142, 145, 954, 217, 562, 508, 236, 768, +- 824, 951, 481, 535, 480, 828, 232, 638, 186, 639, +- 259, 654, 536, 4, 657, 269, 482, 987, 493, 266, +- 154, 137, 59, 424, 829, 957, 419, 420, 648, 830, +- 174, 62, 262, 433, -562, 176, 429, 430, 263, 920, +- 1001, 441, 178, 637, 437, 438, 681, 395, 590, 62, +- 698, 659, 569, 481, 27, 28, 180, 199, 592, 991, +- 997, 704, 573, 1025, 808, 565, 873, 492, 187, 984, +- 907, 1033, 191, 809, 194, 821, 260, -562, 261, -562, +- 640, 35, 140, 237, 766, 223, 710, 226, 722, 229, +- 149, 152, 330, 161, 343, 812, 215, 313, 827, 824, +- 629, 630, 330, 203, 828, 27, 28, 29, 143, 146, +- 237, 218, 563, 601, 602, 603, 604, 605, 581, 582, +- 608, 29, 979, 829, 611, 389, 1031, 1032, 830, 345, +- 498, 233, 35, 499, 986, 687, 688, 40, 41, 222, +- 270, 1044, 652, 653, 994, 698, 42, 43, 44, 45, ++ 157, 158, 159, 134, 496, 164, 165, 166, 167, 168, ++ 169, 170, 171, 197, 198, 132, 173, 133, 427, 345, ++ 182, 183, 184, 597, 426, 327, 657, 342, 421, 660, ++ 709, 422, 435, 453, 139, 921, 431, 443, 395, 432, ++ 419, 439, 347, 589, 440, 661, 221, 399, 420, 872, ++ 420, 231, -563, 209, 190, 193, 196, 420, 175, 555, ++ 556, 557, 558, 559, 420, 771, 210, 456, 27, 28, ++ 27, 28, 220, 629, 630, 631, 136, 27, 28, 27, ++ 28, 179, 185, 186, 27, 28, 957, 29, 27, 28, ++ 142, 145, 148, 225, 228, 217, 185, 186, 185, 186, ++ 185, 186, 185, 186, 346, 707, 35, 860, 151, 160, ++ 214, 313, 240, 236, 811, 270, 447, 565, 29, 449, ++ 776, 812, 511, -561, 960, 4, 241, 641, 186, 642, ++ 954, 154, 876, 990, 483, 512, 482, -563, 232, 657, ++ 259, 824, 660, 827, 537, 269, 483, 62, 484, 266, ++ 495, 140, 1000, 538, 923, 426, 1004, 593, 831, 421, ++ 494, 647, 422, 832, 396, 435, 27, 28, 979, 431, ++ 701, 662, 432, 443, 640, 833, 176, 439, 62, 1028, ++ 440, -563, 684, -563, 648, 649, 650, 1036, 994, 707, ++ 509, 595, 996, 35, 568, 137, 572, 910, 237, 180, ++ 643, 187, 510, 576, 174, 769, 229, 143, 146, 237, ++ 987, 149, 218, 811, 713, 191, 163, 194, 1016, 223, ++ 812, 226, 331, 815, 344, 59, 830, 152, 161, 215, ++ 314, 651, 331, 632, 566, 262, 633, 982, 1034, 1035, ++ 824, 263, 827, 604, 605, 606, 607, 608, 419, 989, ++ 611, 584, 585, 1047, 614, 390, 420, 831, 500, 997, ++ 667, 501, 832, 178, 27, 28, 199, 690, 691, 1014, ++ 1015, 668, 185, 186, 833, 655, 27, 28, 656, 420, ++ 1024, 1025, 200, 201, 1029, 27, 28, 29, 260, 939, ++ 261, 35, 725, 1038, 940, 1039, 273, 274, 941, 27, ++ 28, 1044, 481, 203, 1046, 629, 630, 631, 321, 364, ++ 1048, 365, 35, 29, 322, 323, 324, 40, 41, 663, ++ 27, 28, 815, 369, 370, 830, 42, 43, 44, 45, + 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, +- 56, 57, 58, 976, 59, 60, 61, 62, 240, 63, +- 363, 479, 364, 664, 211, 1011, 1012, 232, 64, 65, +- 644, 241, 66, 67, 665, 27, 28, 993, 418, 660, +- 1026, 516, 72, 517, 812, 73, 239, 827, 74, 1035, +- 75, 1021, 1022, 645, 646, 647, 417, 1041, 27, 28, +- 509, 234, 35, 1013, 418, 244, 1036, 626, 627, 628, +- 702, 703, 247, 510, 250, 1043, 185, 186, 978, 253, +- 680, 1045, 27, 28, 27, 28, 629, 630, 936, 256, +- 204, 205, 206, 937, 59, 207, 267, 938, 270, 347, +- 648, 277, 348, 294, 652, 653, 349, 350, 351, 352, +- 353, 354, 355, 356, 357, 358, 320, 359, 291, 360, +- 361, 296, 321, 322, 323, 299, 682, 683, 684, 685, +- 686, 737, 738, 689, 552, 865, 693, 758, 759, 760, +- 761, 304, 762, 301, 763, 575, 576, 577, 200, 201, +- 280, 281, 567, 282, 702, 703, 27, 28, 736, 308, +- 571, 283, 284, 285, 286, 287, 288, 273, 274, 134, +- 694, -364, -364, 774, 751, 752, 753, 754, 755, 756, +- 310, 132, 622, 133, 315, 826, 368, 369, 810, 811, +- 743, 744, 745, 371, 372, 737, 738, 374, 375, 377, +- 378, 617, 380, 381, 383, 384, 387, 388, 327, 618, +- 401, 402, 620, 404, 405, 415, 416, 328, 634, 427, +- 428, 435, 436, 458, 459, 464, 465, 484, 485, 487, +- 488, 490, 491, 544, 545, 726, 727, 831, 730, 731, +- 910, 481, 316, 852, 853, 961, 962, 981, 851, 970, +- 971, 29, 974, 975, 922, 1039, 1040, 923, 893, 894, +- 641, 928, 929, 40, 317, 332, 335, 338, 366, 367, +- 370, 668, 390, 673, 373, 376, 379, 382, 385, 442, +- 448, 451, 172, 454, 826, 386, 399, 810, 811, 400, +- 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, +- 52, 53, 54, 55, 56, 57, 58, 134, 403, 60, +- 61, 62, 406, 63, 407, 408, 409, 410, 411, 132, +- 412, 133, 64, 65, 413, 414, 426, 434, 514, 449, +- 457, 921, 460, 707, 708, 709, 831, 461, 462, 463, +- 483, 486, 489, 497, 75, 495, 500, 501, 502, 503, +- 504, 717, 718, 719, 720, 505, 506, 512, 513, 511, +- 515, 519, 521, 523, 525, 527, 529, 531, 721, 532, +- 534, -316, 537, 908, 539, 540, 541, 911, 912, 542, +- 543, 548, 558, 550, 551, 557, 1017, 750, 560, 584, +- 585, 589, 606, 965, 596, 597, 963, 964, 598, 599, +- 607, 612, 633, 1034, 609, 765, 610, 661, 614, 615, +- 625, 635, 418, 636, 672, 690, 679, 669, 965, 769, +- 712, 963, 964, 670, 676, 671, 694, 724, 725, 714, +- 715, 748, 770, 728, 729, 946, 742, 733, 716, 746, +- 950, 747, 775, 953, 854, 772, 777, 776, 779, 780, +- 845, 846, 847, 134, 856, 849, 871, 864, 868, 874, +- 875, 878, 330, 891, 895, 902, 904, 913, -445, 909, +- 934, 914, 917, 924, 867, 916, 925, 870, 941, 977, +- 807, 926, 943, 944, 949, 980, 29, 955, 858, 876, +- 877, 956, 879, 880, 881, 882, 883, 884, 885, 886, +- 887, 888, 889, 890, 995, 958, 972, 959, 960, 982, +- 968, 999, 969, 345, 1004, 1009, 1007, 172, 990, 1003, +- 1019, 1024, 1006, 992, 996, 42, 43, 44, 45, 46, +- 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, +- 57, 58, 1002, 1015, 60, 61, 62, 1016, 1023, 1027, +- 1029, 1037, 134, 1046, 1042, 5, 524, 64, 65, 859, +- 860, 528, 530, 767, 705, 723, 520, 861, 544, 545, +- 862, 593, 600, 619, 526, 568, 522, 621, 919, 75, +- 570, 623, 572, 574, 559, 591, 778, 566, 850, 208, +- 130, 595, 781, 732, 27, 28, 29, 533, 444, 735, +- 547, 342, 983, 906, 985, 935, 947, 930, 863, 692, +- 549, 933, 643, 711, 446, 311, 134, 134, 0, 932, +- 134, 35, 0, 0, 0, 0, 40, 41, 0, 0, +- 0, 931, 0, 0, 0, 42, 43, 44, 45, 46, ++ 56, 57, 58, 211, 59, 60, 61, 62, 518, 63, ++ 519, 204, 205, 206, 705, 701, 207, 706, 64, 65, ++ 981, 647, 66, 67, 372, 373, 27, 28, 375, 376, ++ 632, 222, 72, 633, 232, 73, 378, 379, 74, 233, ++ 75, 578, 579, 580, 648, 649, 650, 348, 655, 234, ++ 349, 656, 244, 35, 350, 351, 352, 353, 354, 355, ++ 356, 357, 358, 359, 239, 360, 247, 361, 362, 250, ++ 685, 686, 687, 688, 689, 740, 868, 692, 741, 253, ++ 696, 27, 28, 739, 256, 59, 554, 697, -365, -365, ++ 267, 651, 761, 762, 763, 764, 277, 765, 705, 766, ++ 270, 706, 295, 777, 292, 570, 746, 747, 748, 381, ++ 382, 134, 309, 574, 754, 755, 756, 757, 758, 759, ++ 384, 385, 297, 132, 625, 133, 388, 389, 829, 302, ++ 402, 403, 813, 280, 281, 814, 282, 405, 406, 740, ++ 417, 418, 741, 620, 283, 284, 285, 286, 287, 288, ++ 289, 429, 430, 437, 438, 460, 461, 466, 467, 300, ++ 637, 305, 621, 486, 487, 623, 489, 490, 492, 493, ++ 546, 547, 729, 730, 733, 734, 913, 483, 964, 965, ++ 834, 973, 974, 311, 855, 856, 984, 977, 978, 896, ++ 897, 1042, 1043, 931, 932, 316, 925, 317, 318, 926, ++ 854, 328, 333, 329, 336, 339, 40, 367, 368, 371, ++ 391, 444, 374, 644, 671, 377, 676, 380, 383, 386, ++ 450, 387, 453, 456, 400, 401, 404, 829, 407, 408, ++ 409, 813, 410, 411, 814, 412, 413, 414, 415, 416, ++ 428, 436, 517, 451, 459, 462, 463, 464, 465, 485, ++ 134, 488, 491, 499, 497, 521, 502, 503, 504, 505, ++ 506, 924, 132, 523, 133, 507, 508, 514, 515, 516, ++ 513, 525, 527, 529, 531, 533, 710, 711, 712, 834, ++ 534, 536, -317, 539, 541, 542, 543, 545, 544, 550, ++ 561, 552, 553, 560, 720, 721, 722, 723, 563, 587, ++ 588, 599, 592, 600, 601, 602, 609, 610, 615, 612, ++ 617, 724, 613, 628, 420, 618, 664, 911, 638, 636, ++ 639, 914, 915, 675, 672, 673, 674, 679, 1020, 693, ++ 753, 682, 697, 715, 717, 718, 968, 727, 728, 719, ++ 966, 731, 732, 967, 736, 1037, 745, 751, 768, 749, ++ 750, 773, 778, 775, 850, 780, 779, 782, 783, 848, ++ 849, 968, 772, 852, 857, 966, 859, 871, 967, 874, ++ 877, 878, 881, 898, -446, 894, 905, 907, 916, 949, ++ 917, 912, 920, 927, 953, 928, 919, 956, 937, 944, ++ 929, 946, 947, 810, 952, 983, 134, 958, 961, 959, ++ 867, 975, 962, 963, 346, 331, 985, 971, 972, 1002, ++ 1012, 1010, 1022, 1032, 1027, 5, 993, 870, 1030, 995, ++ 873, 999, 1005, 980, 1045, 528, 530, 27, 28, 29, ++ 1018, 1019, 879, 880, 1026, 882, 883, 884, 885, 886, ++ 887, 888, 889, 890, 891, 892, 893, 1007, 998, 1040, ++ 1049, 526, 708, 770, 35, 726, 532, 522, 622, 40, ++ 41, 598, 596, 1006, 594, 571, 1009, 524, 42, 43, ++ 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, ++ 54, 55, 56, 57, 58, 626, 59, 60, 61, 62, ++ 603, 63, 781, 784, 208, 134, 624, 853, 130, 577, ++ 64, 65, 735, 535, 66, 67, 343, 446, 738, 986, ++ 909, 988, 938, 933, 72, 646, 695, 73, 549, 936, ++ 74, 922, 75, 551, 714, 0, 562, 0, 448, 312, ++ 0, 0, 0, 0, 0, 0, 569, 29, 573, 861, ++ 0, 0, 0, 0, 575, 0, 0, 0, 0, 950, ++ 0, 0, 0, 683, 0, 0, 0, 0, 0, 134, ++ 134, 0, 935, 134, 0, 0, 0, 0, 172, 0, ++ 0, 0, 0, 0, 934, 0, 42, 43, 44, 45, ++ 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, ++ 56, 57, 58, 0, 0, 60, 61, 62, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 991, 64, 65, ++ 862, 863, 0, 0, 0, 0, 0, 0, 864, 546, ++ 547, 865, 0, 0, 0, 0, 0, 0, 0, 0, ++ 75, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 1011, ++ 0, 0, 1001, 0, 785, 420, 0, 0, 0, 1021, ++ 866, 0, 0, 0, 0, 0, 786, 0, 0, 1031, ++ 647, 0, 0, 0, 0, 27, 28, 787, 0, 1041, ++ 0, 788, 789, 790, 791, 792, 793, 794, 795, 796, ++ 0, 0, 0, 648, 797, 798, 799, 0, 0, 0, ++ 0, 0, 35, 0, 0, 0, 0, 40, 41, 800, ++ 801, 802, 803, 804, 0, 805, 42, 43, 44, 45, ++ 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, ++ 56, 57, 58, 806, 59, 60, 61, 62, 0, 63, ++ 807, 0, 0, 0, 0, 0, 0, 0, 64, 65, ++ 0, 0, 66, 67, 0, 0, 0, 0, 0, 0, ++ 0, 0, 72, 785, 420, 73, 0, 808, 74, 0, ++ 75, 0, 0, 809, 0, 786, 0, 0, 0, 647, ++ 0, 0, 0, 0, 27, 28, 787, 0, 0, 0, ++ 788, 789, 790, 791, 792, 793, 794, 795, 796, 0, ++ 0, 908, 648, 797, 798, 799, 0, 0, 0, 0, ++ 810, 35, 0, 0, 0, 0, 40, 41, 800, 801, ++ 802, 803, 804, 0, 805, 42, 43, 44, 45, 46, + 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, +- 57, 58, 0, 59, 60, 61, 62, 0, 63, 0, +- 0, 0, 0, 0, 988, 0, 0, 64, 65, 0, ++ 57, 58, 806, 59, 60, 61, 62, 0, 63, 807, ++ 0, 0, 0, 0, 0, 0, 0, 64, 65, 0, + 0, 66, 67, 0, 0, 0, 0, 0, 0, 0, +- 0, 72, 0, 0, 73, 0, 0, 74, 0, 75, ++ 0, 72, 0, 0, 73, 0, 808, 74, 0, 75, ++ 0, 6, 809, 7, 8, 9, 10, 11, 12, 13, ++ 0, 14, 15, 16, 17, 0, 0, 0, 18, 19, ++ 20, 0, 21, 22, 23, 0, 24, 25, 26, 0, ++ 27, 28, 29, 0, 0, 0, 0, 0, 0, 810, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 1008, 0, 0, 998, +- 0, 782, 418, 0, 0, 0, 1018, 0, 0, 0, +- 0, 0, 0, 783, 0, 0, 1028, 644, 0, 0, +- 0, 0, 27, 28, 784, 0, 1038, 0, 785, 786, +- 787, 788, 789, 790, 791, 792, 793, 0, 0, 0, +- 645, 794, 795, 796, 0, 0, 0, 0, 0, 35, +- 0, 0, 0, 0, 40, 41, 797, 798, 799, 800, +- 801, 0, 802, 42, 43, 44, 45, 46, 47, 48, +- 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, +- 803, 59, 60, 61, 62, 0, 63, 804, 0, 0, +- 0, 0, 0, 0, 0, 64, 65, 0, 0, 66, +- 67, 0, 0, 0, 0, 0, 0, 0, 0, 72, +- 782, 418, 73, 0, 805, 74, 0, 75, 0, 0, +- 806, 0, 783, 0, 0, 0, 644, 0, 0, 0, +- 0, 27, 28, 784, 0, 0, 0, 785, 786, 787, +- 788, 789, 790, 791, 792, 793, 0, 905, 0, 645, +- 794, 795, 796, 0, 0, 0, 807, 0, 35, 0, +- 0, 0, 0, 40, 41, 797, 798, 799, 800, 801, +- 0, 802, 42, 43, 44, 45, 46, 47, 48, 49, +- 50, 51, 52, 53, 54, 55, 56, 57, 58, 803, +- 59, 60, 61, 62, 0, 63, 804, 0, 0, 0, +- 0, 0, 0, 0, 64, 65, 0, 0, 66, 67, +- 0, 0, 0, 0, 0, 0, 0, 0, 72, 0, +- 0, 73, 0, 805, 74, 0, 75, 0, 6, 806, +- 7, 8, 9, 10, 11, 12, 13, 0, 14, 15, +- 16, 17, 0, 0, 0, 18, 19, 20, 0, 21, +- 22, 23, 0, 24, 25, 26, 0, 27, 28, 29, +- 0, 0, 0, 0, 0, 807, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 30, +- 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, +- 41, 0, 0, 0, 0, 0, 0, 0, 42, 43, +- 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, +- 54, 55, 56, 57, 58, 0, 59, 60, 61, 62, +- 29, 63, 0, 0, 0, 0, 0, 0, 0, 0, +- 64, 65, 0, 0, 66, 67, 68, 69, 70, 71, +- 0, 0, 0, 0, 72, 0, 0, 73, 0, 0, +- 74, 172, 75, 76, 77, 0, 78, 0, 0, 42, ++ 0, 0, 30, 31, 32, 33, 34, 35, 36, 37, ++ 38, 39, 40, 41, 0, 0, 0, 0, 0, 0, ++ 0, 42, 43, 44, 45, 46, 47, 48, 49, 50, ++ 51, 52, 53, 54, 55, 56, 57, 58, 0, 59, ++ 60, 61, 62, 29, 63, 0, 0, 0, 0, 0, ++ 0, 0, 0, 64, 65, 0, 0, 66, 67, 68, ++ 69, 70, 71, 0, 0, 0, 0, 72, 0, 0, ++ 73, 0, 0, 74, 172, 75, 76, 77, 0, 78, ++ 0, 0, 42, 43, 44, 45, 46, 47, 48, 49, ++ 50, 51, 52, 53, 54, 55, 56, 57, 58, 0, ++ 29, 60, 61, 62, 0, 63, 0, 468, 469, 470, ++ 471, 472, 473, 474, 64, 65, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 475, 172, 0, 0, 0, 0, 75, 0, 0, 42, + 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, +- 53, 54, 55, 56, 57, 58, 0, 29, 60, 61, +- 62, 0, 63, 0, 466, 467, 468, 469, 470, 471, +- 472, 64, 65, 0, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 473, 172, 0, ++ 53, 54, 55, 56, 57, 58, 930, 29, 60, 61, ++ 62, 0, 63, 807, 0, 0, 0, 0, 0, 0, ++ 0, 64, 65, 0, 0, 0, 0, 0, 0, 0, ++ 0, 0, 0, 0, 0, 72, 0, 0, 172, 0, + 0, 0, 0, 75, 0, 0, 42, 43, 44, 45, + 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, +- 56, 57, 58, 927, 29, 60, 61, 62, 0, 63, +- 804, 0, 0, 0, 0, 0, 0, 0, 64, 65, ++ 56, 57, 58, 930, 29, 60, 61, 62, 0, 63, ++ 0, 0, 0, 0, 0, 0, 0, 0, 64, 65, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, + 0, 0, 72, 0, 0, 172, 0, 0, 0, 0, + 75, 0, 0, 42, 43, 44, 45, 46, 47, 48, + 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, +- 927, 29, 60, 61, 62, 0, 63, 0, 0, 0, ++ 29, 0, 60, 61, 62, 0, 63, 0, 0, 0, + 0, 0, 0, 0, 0, 64, 65, 0, 0, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 72, +- 0, 0, 172, 0, 0, 0, 0, 75, 0, 0, +- 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, +- 52, 53, 54, 55, 56, 57, 58, 29, 0, 60, +- 61, 62, 0, 63, 0, 0, 0, 0, 0, 0, +- 0, 0, 64, 65, 0, 0, 0, 0, 0, 0, +- 0, 0, 0, 0, 0, 0, 72, 0, 172, 0, +- 0, 0, 0, 0, 75, 0, 42, 43, 44, 45, +- 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, +- 56, 57, 58, 0, 0, 60, 61, 62, 0, 0, +- 0, 0, 0, 0, 0, 0, 0, 0, 64, 65, +- 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, ++ 0, 172, 0, 0, 0, 0, 29, 75, 0, 42, ++ 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, ++ 53, 54, 55, 56, 57, 58, 0, 0, 60, 61, ++ 62, 0, 63, 0, 0, 0, 0, 172, 0, 0, ++ 0, 64, 65, 0, 0, 42, 43, 44, 45, 46, ++ 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, ++ 57, 58, 0, 75, 60, 61, 62, 0, 0, 0, ++ 0, 0, 0, 0, 0, 0, 0, 64, 65, 0, + 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, +- 75 ++ 0, 0, 0, 0, 0, 0, 0, 0, 0, 75 + }; + + static const yytype_int16 yycheck[] = + { +- 13, 14, 15, 3, 345, 18, 19, 20, 21, 22, +- 23, 24, 25, 40, 41, 3, 26, 3, 232, 235, +- 33, 34, 35, 291, 219, 457, 291, 291, 625, 537, +- 293, 299, 537, 34, 299, 299, 304, 12, 449, 304, +- 304, 236, 4, 37, 38, 39, 73, 12, 35, 272, +- 12, 78, 34, 63, 12, 34, 34, 32, 33, 35, +- 409, 410, 411, 412, 768, 34, 66, 32, 33, 35, +- 32, 33, 72, 869, 32, 33, 17, 18, 19, 34, +- 34, 35, 76, 77, 34, 35, 34, 35, 27, 32, +- 33, 32, 33, 32, 33, 733, 36, 34, 35, 34, +- 35, 34, 34, 34, 733, 34, 733, 615, 34, 34, +- 757, 50, 51, 52, 309, 155, 59, 312, 715, 34, +- 59, 152, 36, 36, 920, 36, 36, 167, 34, 706, +- 733, 917, 154, 154, 329, 733, 167, 34, 35, 36, +- 153, 649, 163, 0, 649, 172, 168, 969, 343, 162, +- 31, 152, 91, 421, 733, 34, 421, 421, 97, 733, +- 152, 94, 134, 431, 119, 152, 431, 431, 140, 873, +- 992, 439, 35, 514, 439, 439, 587, 159, 157, 94, +- 123, 159, 157, 154, 32, 33, 152, 76, 157, 975, +- 986, 699, 157, 1015, 832, 157, 773, 168, 152, 157, +- 847, 1023, 152, 832, 152, 832, 31, 162, 33, 164, +- 107, 59, 152, 119, 157, 152, 157, 152, 157, 152, +- 152, 152, 222, 152, 234, 733, 152, 152, 733, 832, +- 495, 495, 232, 79, 832, 32, 33, 34, 152, 152, +- 119, 152, 152, 466, 467, 468, 469, 470, 443, 444, +- 473, 34, 956, 832, 477, 268, 1021, 1022, 832, 152, +- 152, 94, 59, 155, 968, 606, 607, 64, 65, 167, +- 163, 1036, 537, 537, 978, 123, 73, 74, 75, 76, ++ 13, 14, 15, 3, 346, 18, 19, 20, 21, 22, ++ 23, 24, 25, 40, 41, 3, 26, 3, 294, 235, ++ 33, 34, 35, 459, 292, 219, 539, 232, 292, 539, ++ 628, 292, 300, 34, 36, 872, 300, 305, 34, 300, ++ 4, 305, 236, 451, 305, 34, 73, 272, 12, 771, ++ 12, 78, 34, 63, 37, 38, 39, 12, 35, 410, ++ 411, 412, 413, 414, 12, 709, 66, 34, 32, 33, ++ 32, 33, 72, 17, 18, 19, 34, 32, 33, 32, ++ 33, 35, 34, 35, 32, 33, 923, 34, 32, 33, ++ 36, 36, 34, 76, 77, 36, 34, 35, 34, 35, ++ 34, 35, 34, 35, 153, 618, 59, 760, 34, 34, ++ 34, 34, 138, 34, 736, 164, 310, 36, 34, 313, ++ 718, 736, 156, 153, 34, 0, 152, 34, 35, 36, ++ 920, 31, 776, 972, 155, 169, 330, 119, 168, 652, ++ 153, 736, 652, 736, 155, 172, 155, 94, 169, 162, ++ 344, 153, 989, 164, 876, 423, 995, 158, 736, 423, ++ 169, 27, 423, 736, 160, 433, 32, 33, 956, 433, ++ 123, 160, 433, 441, 516, 736, 153, 441, 94, 1018, ++ 441, 163, 590, 165, 50, 51, 52, 1026, 978, 702, ++ 156, 158, 980, 59, 158, 153, 158, 850, 119, 153, ++ 107, 153, 168, 158, 153, 158, 153, 153, 153, 119, ++ 158, 153, 153, 835, 158, 153, 35, 153, 1006, 153, ++ 835, 153, 222, 736, 234, 91, 736, 153, 153, 153, ++ 153, 97, 232, 497, 153, 134, 497, 959, 1024, 1025, ++ 835, 140, 835, 468, 469, 470, 471, 472, 4, 971, ++ 475, 445, 446, 1039, 479, 268, 12, 835, 153, 981, ++ 132, 156, 835, 35, 32, 33, 76, 609, 610, 1004, ++ 1005, 143, 34, 35, 835, 539, 32, 33, 539, 12, ++ 1014, 1015, 64, 65, 1019, 32, 33, 34, 31, 133, ++ 33, 59, 158, 1028, 138, 1029, 138, 139, 142, 32, ++ 33, 1036, 329, 79, 1038, 17, 18, 19, 137, 163, ++ 1044, 165, 59, 34, 143, 144, 145, 64, 65, 544, ++ 32, 33, 835, 154, 155, 835, 73, 74, 75, 76, + 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, +- 87, 88, 89, 953, 91, 92, 93, 94, 138, 96, +- 162, 328, 164, 132, 34, 1001, 1002, 167, 105, 106, +- 27, 151, 109, 110, 143, 32, 33, 977, 12, 542, +- 1016, 34, 119, 36, 832, 122, 107, 832, 125, 1025, +- 127, 1011, 1012, 50, 51, 52, 4, 1033, 32, 33, +- 155, 30, 59, 1003, 12, 138, 1026, 17, 18, 19, +- 615, 615, 138, 168, 138, 1035, 34, 35, 955, 138, +- 157, 1041, 32, 33, 32, 33, 631, 631, 133, 138, +- 74, 75, 76, 138, 91, 79, 35, 142, 163, 152, +- 97, 138, 155, 107, 649, 649, 159, 160, 161, 162, +- 163, 164, 165, 166, 167, 168, 137, 170, 156, 172, +- 173, 138, 143, 144, 145, 156, 601, 602, 603, 604, +- 605, 676, 676, 608, 408, 764, 611, 159, 160, 161, +- 162, 156, 164, 138, 166, 66, 67, 68, 64, 65, +- 135, 136, 426, 138, 699, 699, 32, 33, 34, 34, +- 434, 146, 147, 148, 149, 150, 151, 138, 139, 449, +- 152, 153, 154, 716, 160, 161, 162, 163, 164, 165, +- 76, 449, 489, 449, 156, 733, 153, 154, 733, 733, +- 682, 683, 684, 153, 154, 740, 740, 153, 154, 153, +- 154, 481, 153, 154, 153, 154, 153, 154, 152, 483, +- 153, 154, 486, 153, 154, 153, 154, 152, 498, 153, +- 154, 153, 154, 153, 154, 153, 154, 153, 154, 153, +- 154, 153, 154, 116, 117, 153, 154, 733, 153, 154, +- 153, 154, 156, 746, 747, 153, 154, 959, 742, 153, +- 154, 34, 153, 154, 875, 1031, 1032, 878, 798, 799, +- 534, 896, 897, 64, 138, 138, 138, 138, 155, 155, +- 155, 564, 34, 580, 155, 155, 155, 155, 155, 169, +- 162, 34, 65, 34, 832, 155, 155, 832, 832, 155, +- 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, +- 83, 84, 85, 86, 87, 88, 89, 587, 155, 92, +- 93, 94, 155, 96, 155, 155, 155, 155, 155, 587, +- 155, 587, 105, 106, 155, 155, 155, 155, 152, 156, +- 155, 874, 155, 626, 627, 628, 832, 155, 155, 155, +- 155, 155, 155, 153, 127, 156, 155, 155, 155, 155, +- 155, 644, 645, 646, 647, 155, 155, 155, 155, 171, +- 96, 107, 36, 36, 36, 34, 34, 34, 648, 107, +- 155, 160, 156, 848, 34, 95, 153, 852, 853, 160, +- 35, 35, 107, 36, 36, 34, 1007, 694, 152, 158, +- 34, 158, 152, 941, 36, 36, 941, 941, 36, 36, +- 152, 155, 158, 1024, 153, 698, 154, 141, 153, 156, +- 153, 155, 12, 155, 154, 96, 153, 158, 966, 712, +- 17, 966, 966, 158, 156, 158, 152, 34, 155, 153, +- 153, 126, 18, 155, 155, 910, 152, 156, 169, 153, +- 915, 153, 34, 918, 120, 158, 36, 158, 36, 36, +- 158, 158, 155, 733, 153, 157, 19, 764, 158, 160, +- 152, 152, 742, 71, 169, 152, 34, 152, 166, 158, +- 34, 155, 152, 169, 764, 157, 169, 770, 156, 954, +- 166, 169, 152, 154, 107, 34, 34, 153, 36, 782, +- 783, 153, 785, 786, 787, 788, 789, 790, 791, 792, +- 793, 794, 795, 796, 979, 155, 170, 155, 155, 34, +- 153, 49, 158, 152, 170, 48, 152, 65, 158, 994, +- 37, 152, 997, 158, 158, 73, 74, 75, 76, 77, +- 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, +- 88, 89, 158, 158, 92, 93, 94, 158, 158, 153, +- 47, 171, 832, 171, 153, 1, 375, 105, 106, 107, +- 108, 381, 384, 699, 624, 649, 369, 115, 116, 117, +- 118, 455, 465, 485, 378, 428, 372, 488, 871, 127, +- 431, 491, 436, 439, 416, 452, 727, 421, 740, 62, +- 3, 459, 731, 672, 32, 33, 34, 388, 307, 675, +- 402, 233, 962, 832, 966, 901, 913, 898, 156, 610, +- 405, 900, 535, 631, 311, 209, 896, 897, -1, 899, +- 900, 59, -1, -1, -1, -1, 64, 65, -1, -1, +- -1, 899, -1, -1, -1, 73, 74, 75, 76, 77, ++ 87, 88, 89, 34, 91, 92, 93, 94, 34, 96, ++ 36, 74, 75, 76, 618, 123, 79, 618, 105, 106, ++ 958, 27, 109, 110, 154, 155, 32, 33, 154, 155, ++ 634, 168, 119, 634, 168, 122, 154, 155, 125, 94, ++ 127, 66, 67, 68, 50, 51, 52, 153, 652, 30, ++ 156, 652, 138, 59, 160, 161, 162, 163, 164, 165, ++ 166, 167, 168, 169, 107, 171, 138, 173, 174, 138, ++ 604, 605, 606, 607, 608, 679, 767, 611, 679, 138, ++ 614, 32, 33, 34, 138, 91, 409, 153, 154, 155, ++ 35, 97, 160, 161, 162, 163, 138, 165, 702, 167, ++ 164, 702, 107, 719, 157, 428, 685, 686, 687, 154, ++ 155, 451, 34, 436, 161, 162, 163, 164, 165, 166, ++ 154, 155, 138, 451, 491, 451, 154, 155, 736, 138, ++ 154, 155, 736, 135, 136, 736, 138, 154, 155, 743, ++ 154, 155, 743, 483, 146, 147, 148, 149, 150, 151, ++ 152, 154, 155, 154, 155, 154, 155, 154, 155, 157, ++ 500, 157, 485, 154, 155, 488, 154, 155, 154, 155, ++ 116, 117, 154, 155, 154, 155, 154, 155, 154, 155, ++ 736, 154, 155, 76, 749, 750, 962, 154, 155, 801, ++ 802, 1034, 1035, 899, 900, 157, 878, 157, 138, 881, ++ 745, 153, 138, 153, 138, 138, 64, 156, 156, 156, ++ 34, 170, 156, 536, 567, 156, 583, 156, 156, 156, ++ 163, 156, 34, 34, 156, 156, 156, 835, 156, 156, ++ 156, 835, 156, 156, 835, 156, 156, 156, 156, 156, ++ 156, 156, 96, 157, 156, 156, 156, 156, 156, 156, ++ 590, 156, 156, 154, 157, 107, 156, 156, 156, 156, ++ 156, 877, 590, 36, 590, 156, 156, 156, 156, 153, ++ 172, 36, 36, 34, 34, 34, 629, 630, 631, 835, ++ 107, 156, 161, 157, 34, 95, 154, 35, 161, 35, ++ 107, 36, 36, 34, 647, 648, 649, 650, 153, 159, ++ 34, 36, 159, 36, 36, 36, 153, 153, 156, 154, ++ 154, 651, 155, 154, 12, 157, 141, 851, 156, 159, ++ 156, 855, 856, 155, 159, 159, 159, 157, 1010, 96, ++ 697, 154, 153, 17, 154, 154, 944, 34, 156, 170, ++ 944, 156, 156, 944, 157, 1027, 153, 126, 701, 154, ++ 154, 18, 34, 159, 156, 36, 159, 36, 36, 159, ++ 159, 969, 715, 158, 120, 969, 154, 159, 969, 19, ++ 161, 153, 153, 170, 167, 71, 153, 34, 153, 913, ++ 156, 159, 153, 170, 918, 170, 158, 921, 34, 157, ++ 170, 153, 155, 167, 107, 34, 736, 154, 156, 154, ++ 767, 171, 156, 156, 153, 745, 34, 154, 159, 49, ++ 48, 153, 37, 47, 153, 1, 159, 767, 154, 159, ++ 773, 159, 159, 957, 154, 379, 382, 32, 33, 34, ++ 159, 159, 785, 786, 159, 788, 789, 790, 791, 792, ++ 793, 794, 795, 796, 797, 798, 799, 171, 982, 172, ++ 172, 376, 627, 702, 59, 652, 385, 370, 487, 64, ++ 65, 461, 457, 997, 454, 430, 1000, 373, 73, 74, ++ 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, ++ 85, 86, 87, 88, 89, 493, 91, 92, 93, 94, ++ 467, 96, 730, 734, 62, 835, 490, 743, 3, 441, ++ 105, 106, 675, 389, 109, 110, 233, 308, 678, 965, ++ 835, 969, 904, 901, 119, 537, 613, 122, 403, 903, ++ 125, 874, 127, 406, 634, -1, 418, -1, 312, 209, ++ -1, -1, -1, -1, -1, -1, 423, 34, 433, 36, ++ -1, -1, -1, -1, 438, -1, -1, -1, -1, 916, ++ -1, -1, -1, 158, -1, -1, -1, -1, -1, 899, ++ 900, -1, 902, 903, -1, -1, -1, -1, 65, -1, ++ -1, -1, -1, -1, 902, -1, 73, 74, 75, 76, ++ 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, ++ 87, 88, 89, -1, -1, 92, 93, 94, -1, -1, ++ -1, -1, -1, -1, -1, -1, -1, 974, 105, 106, ++ 107, 108, -1, -1, -1, -1, -1, -1, 115, 116, ++ 117, 118, -1, -1, -1, -1, -1, -1, -1, -1, ++ 127, -1, -1, -1, -1, -1, -1, -1, -1, -1, ++ -1, -1, -1, -1, -1, -1, -1, -1, -1, 1002, ++ -1, -1, 992, -1, 11, 12, -1, -1, -1, 1012, ++ 157, -1, -1, -1, -1, -1, 23, -1, -1, 1022, ++ 27, -1, -1, -1, -1, 32, 33, 34, -1, 1032, ++ -1, 38, 39, 40, 41, 42, 43, 44, 45, 46, ++ -1, -1, -1, 50, 51, 52, 53, -1, -1, -1, ++ -1, -1, 59, -1, -1, -1, -1, 64, 65, 66, ++ 67, 68, 69, 70, -1, 72, 73, 74, 75, 76, ++ 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, ++ 87, 88, 89, 90, 91, 92, 93, 94, -1, 96, ++ 97, -1, -1, -1, -1, -1, -1, -1, 105, 106, ++ -1, -1, 109, 110, -1, -1, -1, -1, -1, -1, ++ -1, -1, 119, 11, 12, 122, -1, 124, 125, -1, ++ 127, -1, -1, 130, -1, 23, -1, -1, -1, 27, ++ -1, -1, -1, -1, 32, 33, 34, -1, -1, -1, ++ 38, 39, 40, 41, 42, 43, 44, 45, 46, -1, ++ -1, 158, 50, 51, 52, 53, -1, -1, -1, -1, ++ 167, 59, -1, -1, -1, -1, 64, 65, 66, 67, ++ 68, 69, 70, -1, 72, 73, 74, 75, 76, 77, + 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, +- 88, 89, -1, 91, 92, 93, 94, -1, 96, -1, +- -1, -1, -1, -1, 971, -1, -1, 105, 106, -1, ++ 88, 89, 90, 91, 92, 93, 94, -1, 96, 97, ++ -1, -1, -1, -1, -1, -1, -1, 105, 106, -1, + -1, 109, 110, -1, -1, -1, -1, -1, -1, -1, +- -1, 119, -1, -1, 122, -1, -1, 125, -1, 127, ++ -1, 119, -1, -1, 122, -1, 124, 125, -1, 127, ++ -1, 3, 130, 5, 6, 7, 8, 9, 10, 11, ++ -1, 13, 14, 15, 16, -1, -1, -1, 20, 21, ++ 22, -1, 24, 25, 26, -1, 28, 29, 30, -1, ++ 32, 33, 34, -1, -1, -1, -1, -1, -1, 167, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, 999, -1, -1, 989, +- -1, 11, 12, -1, -1, -1, 1009, -1, -1, -1, +- -1, -1, -1, 23, -1, -1, 1019, 27, -1, -1, +- -1, -1, 32, 33, 34, -1, 1029, -1, 38, 39, +- 40, 41, 42, 43, 44, 45, 46, -1, -1, -1, +- 50, 51, 52, 53, -1, -1, -1, -1, -1, 59, +- -1, -1, -1, -1, 64, 65, 66, 67, 68, 69, +- 70, -1, 72, 73, 74, 75, 76, 77, 78, 79, +- 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, +- 90, 91, 92, 93, 94, -1, 96, 97, -1, -1, +- -1, -1, -1, -1, -1, 105, 106, -1, -1, 109, +- 110, -1, -1, -1, -1, -1, -1, -1, -1, 119, +- 11, 12, 122, -1, 124, 125, -1, 127, -1, -1, +- 130, -1, 23, -1, -1, -1, 27, -1, -1, -1, +- -1, 32, 33, 34, -1, -1, -1, 38, 39, 40, +- 41, 42, 43, 44, 45, 46, -1, 157, -1, 50, +- 51, 52, 53, -1, -1, -1, 166, -1, 59, -1, +- -1, -1, -1, 64, 65, 66, 67, 68, 69, 70, +- -1, 72, 73, 74, 75, 76, 77, 78, 79, 80, +- 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, +- 91, 92, 93, 94, -1, 96, 97, -1, -1, -1, +- -1, -1, -1, -1, 105, 106, -1, -1, 109, 110, +- -1, -1, -1, -1, -1, -1, -1, -1, 119, -1, +- -1, 122, -1, 124, 125, -1, 127, -1, 3, 130, +- 5, 6, 7, 8, 9, 10, 11, -1, 13, 14, +- 15, 16, -1, -1, -1, 20, 21, 22, -1, 24, +- 25, 26, -1, 28, 29, 30, -1, 32, 33, 34, +- -1, -1, -1, -1, -1, 166, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, -1, 54, +- 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, +- 65, -1, -1, -1, -1, -1, -1, -1, 73, 74, +- 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, +- 85, 86, 87, 88, 89, -1, 91, 92, 93, 94, +- 34, 96, -1, -1, -1, -1, -1, -1, -1, -1, +- 105, 106, -1, -1, 109, 110, 111, 112, 113, 114, +- -1, -1, -1, -1, 119, -1, -1, 122, -1, -1, +- 125, 65, 127, 128, 129, -1, 131, -1, -1, 73, ++ -1, -1, 54, 55, 56, 57, 58, 59, 60, 61, ++ 62, 63, 64, 65, -1, -1, -1, -1, -1, -1, ++ -1, 73, 74, 75, 76, 77, 78, 79, 80, 81, ++ 82, 83, 84, 85, 86, 87, 88, 89, -1, 91, ++ 92, 93, 94, 34, 96, -1, -1, -1, -1, -1, ++ -1, -1, -1, 105, 106, -1, -1, 109, 110, 111, ++ 112, 113, 114, -1, -1, -1, -1, 119, -1, -1, ++ 122, -1, -1, 125, 65, 127, 128, 129, -1, 131, ++ -1, -1, 73, 74, 75, 76, 77, 78, 79, 80, ++ 81, 82, 83, 84, 85, 86, 87, 88, 89, -1, ++ 34, 92, 93, 94, -1, 96, -1, 98, 99, 100, ++ 101, 102, 103, 104, 105, 106, -1, -1, -1, -1, ++ -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, ++ 121, 65, -1, -1, -1, -1, 127, -1, -1, 73, + 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, +- 84, 85, 86, 87, 88, 89, -1, 34, 92, 93, +- 94, -1, 96, -1, 98, 99, 100, 101, 102, 103, +- 104, 105, 106, -1, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, 121, 65, -1, ++ 84, 85, 86, 87, 88, 89, 90, 34, 92, 93, ++ 94, -1, 96, 97, -1, -1, -1, -1, -1, -1, ++ -1, 105, 106, -1, -1, -1, -1, -1, -1, -1, ++ -1, -1, -1, -1, -1, 119, -1, -1, 65, -1, + -1, -1, -1, 127, -1, -1, 73, 74, 75, 76, + 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, + 87, 88, 89, 90, 34, 92, 93, 94, -1, 96, +- 97, -1, -1, -1, -1, -1, -1, -1, 105, 106, ++ -1, -1, -1, -1, -1, -1, -1, -1, 105, 106, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, + -1, -1, 119, -1, -1, 65, -1, -1, -1, -1, + 127, -1, -1, 73, 74, 75, 76, 77, 78, 79, + 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, +- 90, 34, 92, 93, 94, -1, 96, -1, -1, -1, ++ 34, -1, 92, 93, 94, -1, 96, -1, -1, -1, + -1, -1, -1, -1, -1, 105, 106, -1, -1, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, 119, +- -1, -1, 65, -1, -1, -1, -1, 127, -1, -1, +- 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, +- 83, 84, 85, 86, 87, 88, 89, 34, -1, 92, +- 93, 94, -1, 96, -1, -1, -1, -1, -1, -1, +- -1, -1, 105, 106, -1, -1, -1, -1, -1, -1, +- -1, -1, -1, -1, -1, -1, 119, -1, 65, -1, +- -1, -1, -1, -1, 127, -1, 73, 74, 75, 76, +- 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, +- 87, 88, 89, -1, -1, 92, 93, 94, -1, -1, +- -1, -1, -1, -1, -1, -1, -1, -1, 105, 106, +- -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, ++ -1, 65, -1, -1, -1, -1, 34, 127, -1, 73, ++ 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, ++ 84, 85, 86, 87, 88, 89, -1, -1, 92, 93, ++ 94, -1, 96, -1, -1, -1, -1, 65, -1, -1, ++ -1, 105, 106, -1, -1, 73, 74, 75, 76, 77, ++ 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, ++ 88, 89, -1, 127, 92, 93, 94, -1, -1, -1, ++ -1, -1, -1, -1, -1, -1, -1, 105, 106, -1, + -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, +- 127 ++ -1, -1, -1, -1, -1, -1, -1, -1, -1, 127 + }; + +-/* YYSTOS[STATE-NUM] -- The (internal number of the) accessing +- symbol of state STATE-NUM. */ +-static const yytype_uint16 yystos[] = ++/* YYSTOS[STATE-NUM] -- The symbol kind of the accessing symbol of ++ state STATE-NUM. */ ++static const yytype_int16 yystos[] = + { +- 0, 175, 176, 177, 0, 176, 3, 5, 6, 7, ++ 0, 176, 177, 178, 0, 177, 3, 5, 6, 7, + 8, 9, 10, 11, 13, 14, 15, 16, 20, 21, + 22, 24, 25, 26, 28, 29, 30, 32, 33, 34, + 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, + 64, 65, 73, 74, 75, 76, 77, 78, 79, 80, + 81, 82, 83, 84, 85, 86, 87, 88, 89, 91, + 92, 93, 94, 96, 105, 106, 109, 110, 111, 112, +- 113, 114, 119, 122, 125, 127, 128, 129, 131, 178, +- 179, 180, 184, 188, 192, 196, 200, 204, 210, 212, +- 218, 222, 226, 230, 234, 238, 239, 243, 247, 251, +- 255, 262, 269, 279, 283, 284, 291, 292, 293, 294, +- 306, 308, 309, 310, 311, 312, 313, 314, 315, 317, +- 318, 328, 332, 335, 351, 352, 353, 357, 358, 361, +- 363, 364, 393, 417, 421, 425, 34, 152, 201, 36, +- 152, 181, 36, 152, 185, 36, 152, 189, 34, 152, +- 193, 34, 152, 197, 31, 333, 334, 333, 333, 333, +- 34, 152, 329, 35, 333, 333, 333, 333, 333, 333, +- 333, 333, 65, 425, 152, 35, 152, 280, 35, 35, +- 152, 285, 333, 333, 333, 34, 35, 152, 270, 277, +- 277, 152, 256, 277, 152, 263, 277, 351, 351, 76, +- 64, 65, 337, 79, 74, 75, 76, 79, 352, 425, +- 421, 34, 231, 223, 34, 152, 227, 36, 152, 240, +- 421, 351, 167, 152, 244, 277, 152, 248, 277, 152, +- 252, 351, 167, 94, 30, 362, 34, 119, 424, 107, +- 138, 151, 202, 203, 138, 182, 183, 138, 186, 187, +- 138, 190, 191, 138, 194, 195, 138, 198, 199, 333, +- 31, 33, 134, 140, 330, 331, 333, 35, 338, 351, +- 163, 398, 235, 138, 139, 281, 282, 138, 286, 287, +- 135, 136, 138, 146, 147, 148, 149, 150, 151, 272, +- 273, 156, 274, 271, 107, 278, 138, 257, 258, 156, +- 259, 138, 264, 265, 156, 266, 365, 359, 34, 339, +- 76, 424, 34, 152, 219, 156, 156, 138, 228, 229, +- 137, 143, 144, 145, 241, 242, 398, 152, 152, 205, +- 421, 426, 138, 245, 246, 138, 249, 250, 138, 253, +- 254, 426, 353, 425, 364, 152, 398, 152, 155, 159, +- 160, 161, 162, 163, 164, 165, 166, 167, 168, 170, +- 172, 173, 394, 162, 164, 423, 155, 155, 153, 154, +- 155, 153, 154, 155, 153, 154, 155, 153, 154, 155, +- 153, 154, 155, 153, 154, 155, 155, 153, 154, 333, +- 34, 399, 400, 211, 34, 159, 236, 237, 339, 155, +- 155, 153, 154, 155, 153, 154, 155, 155, 155, 155, +- 155, 155, 155, 155, 155, 153, 154, 4, 12, 234, +- 238, 275, 276, 319, 323, 278, 155, 153, 154, 234, +- 238, 260, 261, 323, 155, 153, 154, 234, 238, 267, +- 268, 323, 169, 367, 367, 398, 423, 398, 162, 156, +- 220, 34, 232, 233, 34, 224, 225, 155, 153, 154, +- 155, 155, 155, 155, 153, 154, 98, 99, 100, 101, +- 102, 103, 104, 121, 406, 407, 408, 421, 422, 351, +- 398, 154, 168, 155, 153, 154, 155, 153, 154, 155, +- 153, 154, 168, 398, 406, 156, 418, 153, 152, 155, +- 155, 155, 155, 155, 155, 155, 155, 155, 167, 155, +- 168, 171, 155, 155, 152, 96, 34, 36, 381, 107, +- 203, 36, 183, 36, 187, 36, 191, 34, 195, 34, +- 199, 34, 107, 331, 155, 154, 163, 156, 214, 34, +- 95, 153, 160, 35, 116, 117, 354, 282, 35, 287, +- 36, 36, 277, 354, 354, 354, 354, 34, 107, 273, +- 152, 320, 36, 152, 324, 157, 276, 277, 258, 157, +- 261, 277, 265, 157, 268, 66, 67, 68, 368, 369, +- 370, 398, 398, 336, 158, 34, 179, 221, 363, 158, +- 157, 233, 157, 225, 381, 229, 36, 36, 36, 36, +- 242, 339, 339, 339, 339, 339, 152, 152, 339, 153, +- 154, 339, 155, 345, 153, 156, 206, 421, 277, 246, +- 277, 250, 351, 254, 213, 153, 17, 18, 19, 234, +- 238, 419, 420, 158, 421, 155, 155, 406, 34, 36, +- 107, 277, 401, 400, 27, 50, 51, 52, 97, 215, +- 216, 217, 234, 238, 294, 303, 307, 335, 34, 159, +- 339, 141, 321, 322, 132, 143, 325, 326, 333, 158, +- 158, 158, 154, 351, 366, 360, 156, 323, 327, 153, +- 157, 179, 398, 398, 398, 398, 398, 406, 406, 398, +- 96, 395, 408, 398, 152, 346, 349, 350, 123, 207, +- 208, 209, 234, 238, 294, 214, 395, 333, 333, 333, +- 157, 420, 17, 288, 153, 153, 169, 333, 333, 333, +- 333, 421, 157, 216, 34, 155, 153, 154, 155, 155, +- 153, 154, 369, 156, 371, 371, 34, 234, 238, 340, +- 341, 342, 152, 345, 345, 345, 153, 153, 126, 396, +- 351, 160, 161, 162, 163, 164, 165, 347, 159, 160, +- 161, 162, 164, 166, 348, 333, 157, 208, 396, 333, +- 18, 289, 158, 395, 278, 34, 158, 36, 322, 36, +- 36, 326, 11, 23, 34, 38, 39, 40, 41, 42, +- 43, 44, 45, 46, 51, 52, 53, 66, 67, 68, +- 69, 70, 72, 90, 97, 124, 130, 166, 204, 218, +- 234, 238, 294, 295, 296, 297, 298, 299, 300, 301, +- 302, 303, 304, 305, 307, 316, 323, 335, 357, 358, +- 361, 364, 372, 373, 374, 383, 385, 386, 388, 393, +- 409, 412, 414, 415, 417, 158, 158, 155, 344, 157, +- 342, 426, 339, 339, 120, 427, 153, 349, 36, 107, +- 108, 115, 118, 156, 351, 354, 355, 425, 158, 427, +- 333, 19, 290, 396, 160, 152, 333, 333, 152, 333, +- 333, 333, 333, 333, 333, 333, 333, 333, 333, 333, +- 333, 71, 382, 382, 382, 169, 410, 411, 384, 416, +- 413, 387, 152, 375, 34, 157, 373, 349, 398, 158, +- 153, 398, 398, 152, 155, 397, 157, 152, 397, 333, +- 427, 278, 406, 406, 169, 169, 169, 90, 412, 412, +- 385, 393, 421, 414, 34, 388, 133, 138, 142, 376, +- 377, 156, 378, 152, 154, 343, 398, 351, 428, 107, +- 398, 346, 356, 398, 397, 153, 153, 34, 155, 155, +- 155, 153, 154, 234, 238, 323, 379, 380, 153, 158, +- 153, 154, 170, 391, 153, 154, 391, 398, 395, 427, +- 34, 381, 34, 377, 157, 380, 427, 327, 351, 392, +- 158, 346, 158, 391, 427, 398, 158, 397, 421, 49, +- 404, 327, 158, 398, 170, 389, 398, 152, 333, 48, +- 403, 404, 404, 391, 390, 158, 158, 406, 333, 37, +- 405, 403, 403, 158, 152, 327, 404, 153, 333, 47, +- 402, 405, 405, 327, 406, 404, 403, 171, 333, 402, +- 402, 404, 153, 403, 405, 403, 171 ++ 113, 114, 119, 122, 125, 127, 128, 129, 131, 179, ++ 180, 181, 185, 189, 193, 197, 201, 205, 211, 213, ++ 219, 223, 227, 231, 235, 239, 240, 244, 248, 252, ++ 256, 263, 270, 280, 284, 285, 292, 293, 294, 295, ++ 307, 309, 310, 311, 312, 313, 314, 315, 316, 318, ++ 319, 329, 333, 336, 352, 353, 354, 358, 359, 362, ++ 364, 365, 394, 418, 422, 426, 34, 153, 202, 36, ++ 153, 182, 36, 153, 186, 36, 153, 190, 34, 153, ++ 194, 34, 153, 198, 31, 334, 335, 334, 334, 334, ++ 34, 153, 330, 35, 334, 334, 334, 334, 334, 334, ++ 334, 334, 65, 426, 153, 35, 153, 281, 35, 35, ++ 153, 286, 334, 334, 334, 34, 35, 153, 271, 278, ++ 278, 153, 257, 278, 153, 264, 278, 352, 352, 76, ++ 64, 65, 338, 79, 74, 75, 76, 79, 353, 426, ++ 422, 34, 232, 224, 34, 153, 228, 36, 153, 241, ++ 422, 352, 168, 153, 245, 278, 153, 249, 278, 153, ++ 253, 352, 168, 94, 30, 363, 34, 119, 425, 107, ++ 138, 152, 203, 204, 138, 183, 184, 138, 187, 188, ++ 138, 191, 192, 138, 195, 196, 138, 199, 200, 334, ++ 31, 33, 134, 140, 331, 332, 334, 35, 339, 352, ++ 164, 399, 236, 138, 139, 282, 283, 138, 287, 288, ++ 135, 136, 138, 146, 147, 148, 149, 150, 151, 152, ++ 273, 274, 157, 275, 272, 107, 279, 138, 258, 259, ++ 157, 260, 138, 265, 266, 157, 267, 366, 360, 34, ++ 340, 76, 425, 34, 153, 220, 157, 157, 138, 229, ++ 230, 137, 143, 144, 145, 242, 243, 399, 153, 153, ++ 206, 422, 427, 138, 246, 247, 138, 250, 251, 138, ++ 254, 255, 427, 354, 426, 365, 153, 399, 153, 156, ++ 160, 161, 162, 163, 164, 165, 166, 167, 168, 169, ++ 171, 173, 174, 395, 163, 165, 424, 156, 156, 154, ++ 155, 156, 154, 155, 156, 154, 155, 156, 154, 155, ++ 156, 154, 155, 156, 154, 155, 156, 156, 154, 155, ++ 334, 34, 400, 401, 212, 34, 160, 237, 238, 340, ++ 156, 156, 154, 155, 156, 154, 155, 156, 156, 156, ++ 156, 156, 156, 156, 156, 156, 156, 154, 155, 4, ++ 12, 235, 239, 276, 277, 320, 324, 279, 156, 154, ++ 155, 235, 239, 261, 262, 324, 156, 154, 155, 235, ++ 239, 268, 269, 324, 170, 368, 368, 399, 424, 399, ++ 163, 157, 221, 34, 233, 234, 34, 225, 226, 156, ++ 154, 155, 156, 156, 156, 156, 154, 155, 98, 99, ++ 100, 101, 102, 103, 104, 121, 407, 408, 409, 422, ++ 423, 352, 399, 155, 169, 156, 154, 155, 156, 154, ++ 155, 156, 154, 155, 169, 399, 407, 157, 419, 154, ++ 153, 156, 156, 156, 156, 156, 156, 156, 156, 156, ++ 168, 156, 169, 172, 156, 156, 153, 96, 34, 36, ++ 382, 107, 204, 36, 184, 36, 188, 36, 192, 34, ++ 196, 34, 200, 34, 107, 332, 156, 155, 164, 157, ++ 215, 34, 95, 154, 161, 35, 116, 117, 355, 283, ++ 35, 288, 36, 36, 278, 355, 355, 355, 355, 355, ++ 34, 107, 274, 153, 321, 36, 153, 325, 158, 277, ++ 278, 259, 158, 262, 278, 266, 158, 269, 66, 67, ++ 68, 369, 370, 371, 399, 399, 337, 159, 34, 180, ++ 222, 364, 159, 158, 234, 158, 226, 382, 230, 36, ++ 36, 36, 36, 243, 340, 340, 340, 340, 340, 153, ++ 153, 340, 154, 155, 340, 156, 346, 154, 157, 207, ++ 422, 278, 247, 278, 251, 352, 255, 214, 154, 17, ++ 18, 19, 235, 239, 420, 421, 159, 422, 156, 156, ++ 407, 34, 36, 107, 278, 402, 401, 27, 50, 51, ++ 52, 97, 216, 217, 218, 235, 239, 295, 304, 308, ++ 336, 34, 160, 340, 141, 322, 323, 132, 143, 326, ++ 327, 334, 159, 159, 159, 155, 352, 367, 361, 157, ++ 324, 328, 154, 158, 180, 399, 399, 399, 399, 399, ++ 407, 407, 399, 96, 396, 409, 399, 153, 347, 350, ++ 351, 123, 208, 209, 210, 235, 239, 295, 215, 396, ++ 334, 334, 334, 158, 421, 17, 289, 154, 154, 170, ++ 334, 334, 334, 334, 422, 158, 217, 34, 156, 154, ++ 155, 156, 156, 154, 155, 370, 157, 372, 372, 34, ++ 235, 239, 341, 342, 343, 153, 346, 346, 346, 154, ++ 154, 126, 397, 352, 161, 162, 163, 164, 165, 166, ++ 348, 160, 161, 162, 163, 165, 167, 349, 334, 158, ++ 209, 397, 334, 18, 290, 159, 396, 279, 34, 159, ++ 36, 323, 36, 36, 327, 11, 23, 34, 38, 39, ++ 40, 41, 42, 43, 44, 45, 46, 51, 52, 53, ++ 66, 67, 68, 69, 70, 72, 90, 97, 124, 130, ++ 167, 205, 219, 235, 239, 295, 296, 297, 298, 299, ++ 300, 301, 302, 303, 304, 305, 306, 308, 317, 324, ++ 336, 358, 359, 362, 365, 373, 374, 375, 384, 386, ++ 387, 389, 394, 410, 413, 415, 416, 418, 159, 159, ++ 156, 345, 158, 343, 427, 340, 340, 120, 428, 154, ++ 350, 36, 107, 108, 115, 118, 157, 352, 355, 356, ++ 426, 159, 428, 334, 19, 291, 397, 161, 153, 334, ++ 334, 153, 334, 334, 334, 334, 334, 334, 334, 334, ++ 334, 334, 334, 334, 71, 383, 383, 383, 170, 411, ++ 412, 385, 417, 414, 388, 153, 376, 34, 158, 374, ++ 350, 399, 159, 154, 399, 399, 153, 156, 398, 158, ++ 153, 398, 334, 428, 279, 407, 407, 170, 170, 170, ++ 90, 413, 413, 386, 394, 422, 415, 34, 389, 133, ++ 138, 142, 377, 378, 157, 379, 153, 155, 344, 399, ++ 352, 429, 107, 399, 347, 357, 399, 398, 154, 154, ++ 34, 156, 156, 156, 154, 155, 235, 239, 324, 380, ++ 381, 154, 159, 154, 155, 171, 392, 154, 155, 392, ++ 399, 396, 428, 34, 382, 34, 378, 158, 381, 428, ++ 328, 352, 393, 159, 347, 159, 392, 428, 399, 159, ++ 398, 422, 49, 405, 328, 159, 399, 171, 390, 399, ++ 153, 334, 48, 404, 405, 405, 392, 391, 159, 159, ++ 407, 334, 37, 406, 404, 404, 159, 153, 328, 405, ++ 154, 334, 47, 403, 406, 406, 328, 407, 405, 404, ++ 172, 334, 403, 403, 405, 154, 404, 406, 404, 172 + }; + +-#define yyerrok (yyerrstatus = 0) +-#define yyclearin (yychar = YYEMPTY) +-#define YYEMPTY (-2) +-#define YYEOF 0 +- +-#define YYACCEPT goto yyacceptlab +-#define YYABORT goto yyabortlab +-#define YYERROR goto yyerrorlab +- ++/* YYR1[RULE-NUM] -- Symbol kind of the left-hand side of rule RULE-NUM. */ ++static const yytype_int16 yyr1[] = ++{ ++ 0, 175, 176, 176, 178, 177, 179, 179, 179, 179, ++ 179, 179, 179, 179, 179, 179, 179, 179, 179, 179, ++ 179, 179, 179, 179, 179, 179, 179, 179, 179, 179, ++ 179, 179, 179, 179, 179, 179, 179, 179, 179, 179, ++ 179, 179, 179, 179, 180, 180, 180, 180, 180, 180, ++ 180, 180, 180, 180, 180, 180, 181, 182, 182, 183, ++ 183, 184, 185, 186, 186, 187, 187, 188, 189, 190, ++ 190, 191, 191, 192, 193, 194, 194, 195, 195, 196, ++ 197, 198, 198, 199, 199, 200, 201, 202, 202, 203, ++ 203, 204, 204, 205, 206, 206, 207, 208, 208, 209, ++ 209, 209, 209, 210, 212, 211, 214, 213, 215, 216, ++ 216, 217, 217, 217, 217, 217, 217, 217, 217, 217, ++ 218, 220, 219, 221, 221, 222, 222, 224, 223, 225, ++ 225, 226, 227, 228, 228, 229, 229, 230, 232, 231, ++ 233, 233, 234, 236, 235, 237, 237, 237, 237, 238, ++ 238, 239, 240, 241, 241, 241, 242, 242, 243, 243, ++ 243, 243, 244, 245, 245, 246, 246, 247, 248, 249, ++ 249, 250, 250, 251, 252, 253, 253, 254, 254, 255, ++ 256, 257, 257, 258, 258, 259, 260, 260, 261, 261, ++ 262, 262, 262, 263, 264, 264, 265, 265, 266, 267, ++ 267, 268, 268, 269, 269, 269, 270, 270, 272, 271, ++ 271, 273, 273, 274, 274, 274, 274, 274, 274, 274, ++ 274, 274, 274, 275, 275, 276, 276, 277, 277, 277, ++ 277, 278, 278, 279, 279, 280, 281, 281, 282, 282, ++ 283, 283, 284, 285, 286, 286, 287, 287, 288, 289, ++ 289, 290, 290, 291, 291, 292, 293, 294, 295, 296, ++ 297, 298, 299, 300, 301, 302, 303, 304, 305, 306, ++ 307, 308, 309, 310, 311, 312, 313, 314, 315, 316, ++ 317, 318, 319, 320, 321, 322, 322, 323, 324, 325, ++ 325, 325, 326, 326, 327, 327, 328, 328, 329, 330, ++ 330, 331, 331, 332, 332, 333, 334, 335, 335, 337, ++ 336, 338, 338, 338, 339, 339, 340, 340, 341, 341, ++ 342, 342, 343, 343, 343, 344, 344, 345, 345, 346, ++ 346, 347, 347, 348, 348, 348, 348, 348, 348, 349, ++ 349, 349, 349, 349, 349, 349, 350, 351, 351, 352, ++ 352, 353, 353, 354, 355, 355, 356, 356, 356, 356, ++ 356, 356, 356, 356, 356, 357, 357, 357, 358, 358, ++ 360, 361, 359, 363, 362, 364, 366, 367, 365, 368, ++ 368, 369, 369, 370, 371, 371, 371, 371, 372, 372, ++ 373, 373, 373, 374, 374, 374, 374, 374, 374, 374, ++ 374, 374, 374, 374, 374, 374, 374, 374, 374, 374, ++ 374, 374, 374, 374, 374, 374, 374, 374, 374, 374, ++ 374, 374, 374, 374, 374, 374, 374, 374, 375, 376, ++ 377, 377, 378, 378, 378, 379, 379, 380, 380, 381, ++ 381, 381, 382, 382, 383, 383, 385, 384, 384, 386, ++ 388, 387, 387, 389, 390, 391, 390, 392, 393, 392, ++ 394, 394, 394, 394, 395, 395, 395, 395, 395, 395, ++ 395, 395, 395, 395, 395, 395, 395, 395, 395, 395, ++ 395, 395, 395, 395, 395, 395, 395, 395, 395, 395, ++ 395, 395, 395, 396, 396, 397, 397, 398, 398, 399, ++ 399, 400, 400, 401, 401, 402, 402, 402, 402, 403, ++ 403, 404, 404, 405, 405, 406, 406, 407, 408, 408, ++ 408, 409, 409, 409, 409, 409, 409, 409, 409, 409, ++ 411, 410, 412, 410, 410, 414, 413, 413, 415, 415, ++ 417, 416, 416, 418, 419, 419, 420, 420, 421, 421, ++ 421, 421, 421, 422, 422, 423, 424, 424, 425, 425, ++ 425, 426, 426, 426, 426, 426, 426, 426, 426, 426, ++ 426, 426, 426, 426, 426, 426, 426, 426, 426, 426, ++ 426, 426, 426, 426, 426, 426, 426, 426, 426, 426, ++ 426, 426, 427, 427, 428, 428, 429, 429, 429 ++}; + +-/* Like YYERROR except do call yyerror. This remains here temporarily +- to ease the transition to the new meaning of YYERROR, for GCC. +- Once GCC version 2 has supplanted version 1, this can go. */ ++/* YYR2[RULE-NUM] -- Number of symbols on the right-hand side of rule RULE-NUM. */ ++static const yytype_int8 yyr2[] = ++{ ++ 0, 2, 1, 2, 0, 2, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 2, 1, 3, 1, ++ 3, 3, 2, 1, 3, 1, 3, 3, 2, 1, ++ 3, 1, 3, 3, 2, 1, 3, 1, 3, 3, ++ 3, 1, 3, 1, 3, 3, 2, 2, 3, 1, ++ 3, 3, 3, 5, 0, 3, 4, 1, 2, 1, ++ 1, 1, 1, 2, 0, 5, 0, 6, 4, 1, ++ 2, 1, 1, 1, 1, 2, 2, 1, 1, 1, ++ 14, 0, 5, 0, 3, 1, 2, 0, 5, 1, ++ 2, 1, 2, 1, 3, 1, 3, 3, 0, 5, ++ 1, 2, 1, 0, 5, 1, 2, 3, 4, 1, ++ 3, 1, 3, 0, 1, 3, 1, 3, 3, 3, ++ 3, 3, 2, 1, 3, 1, 3, 3, 2, 1, ++ 3, 1, 3, 3, 2, 1, 3, 1, 3, 3, ++ 3, 1, 3, 1, 3, 3, 0, 4, 1, 2, ++ 1, 1, 1, 3, 1, 3, 1, 3, 3, 0, ++ 4, 1, 2, 1, 1, 1, 3, 3, 0, 3, ++ 3, 1, 3, 3, 3, 3, 3, 3, 3, 3, ++ 3, 3, 3, 0, 4, 1, 2, 1, 1, 1, ++ 1, 1, 1, 0, 1, 2, 1, 3, 1, 3, ++ 3, 3, 2, 2, 1, 3, 1, 3, 3, 0, ++ 2, 0, 2, 0, 2, 2, 2, 2, 2, 2, ++ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, ++ 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, ++ 2, 2, 2, 2, 3, 1, 3, 3, 3, 0, ++ 1, 3, 1, 3, 3, 3, 0, 1, 3, 1, ++ 3, 1, 3, 3, 3, 4, 2, 1, 2, 0, ++ 9, 0, 1, 1, 0, 1, 0, 1, 0, 1, ++ 1, 2, 1, 1, 4, 0, 1, 0, 2, 0, ++ 2, 1, 3, 1, 1, 1, 1, 1, 1, 0, ++ 1, 1, 1, 1, 1, 1, 3, 0, 3, 2, ++ 1, 1, 3, 1, 1, 1, 1, 4, 2, 1, ++ 1, 1, 1, 1, 1, 0, 1, 3, 6, 12, ++ 0, 0, 8, 0, 3, 4, 0, 0, 8, 0, ++ 2, 1, 3, 2, 0, 1, 1, 1, 0, 3, ++ 0, 1, 2, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 2, 2, 2, 3, 3, 3, 2, 3, 3, ++ 1, 3, 3, 3, 3, 0, 4, 1, 2, 1, ++ 1, 1, 1, 1, 0, 1, 0, 3, 1, 11, ++ 0, 3, 1, 11, 0, 0, 6, 0, 0, 7, ++ 17, 7, 17, 16, 1, 1, 1, 1, 1, 1, ++ 1, 1, 2, 2, 2, 2, 2, 2, 2, 2, ++ 2, 2, 3, 3, 1, 2, 2, 1, 2, 2, ++ 2, 1, 2, 0, 1, 0, 1, 0, 2, 0, ++ 3, 1, 3, 1, 3, 1, 5, 1, 1, 0, ++ 2, 0, 2, 0, 2, 0, 2, 1, 0, 1, ++ 3, 4, 4, 4, 3, 3, 6, 6, 3, 2, ++ 0, 3, 0, 3, 1, 0, 3, 1, 1, 1, ++ 0, 3, 1, 8, 0, 3, 1, 2, 1, 1, ++ 2, 2, 2, 4, 3, 3, 0, 1, 0, 3, ++ 2, 1, 4, 2, 2, 1, 1, 2, 1, 1, ++ 2, 2, 3, 1, 1, 1, 2, 2, 1, 1, ++ 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, ++ 1, 1, 1, 3, 0, 4, 0, 1, 3 ++}; + +-#define YYFAIL goto yyerrlab + +-#define YYRECOVERING() (!!yyerrstatus) ++enum { YYENOMEM = -2 }; + +-#define YYBACKUP(Token, Value) \ +-do \ +- if (yychar == YYEMPTY && yylen == 1) \ +- { \ +- yychar = (Token); \ +- yylval = (Value); \ +- yytoken = YYTRANSLATE (yychar); \ +- YYPOPSTACK (1); \ +- goto yybackup; \ +- } \ +- else \ +- { \ +- yyerror (YY_("syntax error: cannot back up")); \ +- YYERROR; \ +- } \ +-while (YYID (0)) +- +- +-#define YYTERROR 1 +-#define YYERRCODE 256 +- +- +-/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N]. +- If N is 0, then set CURRENT to the empty location which ends +- the previous symbol: RHS[0] (always defined). */ +- +-#define YYRHSLOC(Rhs, K) ((Rhs)[K]) +-#ifndef YYLLOC_DEFAULT +-# define YYLLOC_DEFAULT(Current, Rhs, N) \ +- do \ +- if (YYID (N)) \ +- { \ +- (Current).first_line = YYRHSLOC (Rhs, 1).first_line; \ +- (Current).first_column = YYRHSLOC (Rhs, 1).first_column; \ +- (Current).last_line = YYRHSLOC (Rhs, N).last_line; \ +- (Current).last_column = YYRHSLOC (Rhs, N).last_column; \ +- } \ +- else \ +- { \ +- (Current).first_line = (Current).last_line = \ +- YYRHSLOC (Rhs, 0).last_line; \ +- (Current).first_column = (Current).last_column = \ +- YYRHSLOC (Rhs, 0).last_column; \ +- } \ +- while (YYID (0)) +-#endif ++#define yyerrok (yyerrstatus = 0) ++#define yyclearin (yychar = YYEMPTY) + ++#define YYACCEPT goto yyacceptlab ++#define YYABORT goto yyabortlab ++#define YYERROR goto yyerrorlab ++#define YYNOMEM goto yyexhaustedlab + +-/* YY_LOCATION_PRINT -- Print the location on the stream. +- This macro was not mandated originally: define only if we know +- we won't break user code: when these are the locations we know. */ +- +-#ifndef YY_LOCATION_PRINT +-# if defined YYLTYPE_IS_TRIVIAL && YYLTYPE_IS_TRIVIAL +-# define YY_LOCATION_PRINT(File, Loc) \ +- fprintf (File, "%d.%d-%d.%d", \ +- (Loc).first_line, (Loc).first_column, \ +- (Loc).last_line, (Loc).last_column) +-# else +-# define YY_LOCATION_PRINT(File, Loc) ((void) 0) +-# endif +-#endif + ++#define YYRECOVERING() (!!yyerrstatus) + +-/* YYLEX -- calling `yylex' with the right arguments. */ ++#define YYBACKUP(Token, Value) \ ++ do \ ++ if (yychar == YYEMPTY) \ ++ { \ ++ yychar = (Token); \ ++ yylval = (Value); \ ++ YYPOPSTACK (yylen); \ ++ yystate = *yyssp; \ ++ goto yybackup; \ ++ } \ ++ else \ ++ { \ ++ yyerror (YY_("syntax error: cannot back up")); \ ++ YYERROR; \ ++ } \ ++ while (0) ++ ++/* Backward compatibility with an undocumented macro. ++ Use YYerror or YYUNDEF. */ ++#define YYERRCODE YYUNDEF + +-#ifdef YYLEX_PARAM +-# define YYLEX yylex (YYLEX_PARAM) +-#else +-# define YYLEX yylex () +-#endif + + /* Enable debugging if requested. */ + #if YYDEBUG +@@ -2321,80 +2213,58 @@ while (YYID (0)) + # define YYFPRINTF fprintf + # endif + +-# define YYDPRINTF(Args) \ +-do { \ +- if (yydebug) \ +- YYFPRINTF Args; \ +-} while (YYID (0)) +- +-# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \ +-do { \ +- if (yydebug) \ +- { \ +- YYFPRINTF (stderr, "%s ", Title); \ +- yy_symbol_print (stderr, \ +- Type, Value); \ +- YYFPRINTF (stderr, "\n"); \ +- } \ +-} while (YYID (0)) +- +- +-/*--------------------------------. +-| Print this symbol on YYOUTPUT. | +-`--------------------------------*/ +- +-/*ARGSUSED*/ +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static void +-yy_symbol_value_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) +-#else ++# define YYDPRINTF(Args) \ ++do { \ ++ if (yydebug) \ ++ YYFPRINTF Args; \ ++} while (0) ++ ++ ++ ++ ++# define YY_SYMBOL_PRINT(Title, Kind, Value, Location) \ ++do { \ ++ if (yydebug) \ ++ { \ ++ YYFPRINTF (stderr, "%s ", Title); \ ++ yy_symbol_print (stderr, \ ++ Kind, Value); \ ++ YYFPRINTF (stderr, "\n"); \ ++ } \ ++} while (0) ++ ++ ++/*-----------------------------------. ++| Print this symbol's value on YYO. | ++`-----------------------------------*/ ++ + static void +-yy_symbol_value_print (yyoutput, yytype, yyvaluep) +- FILE *yyoutput; +- int yytype; +- YYSTYPE const * const yyvaluep; +-#endif ++yy_symbol_value_print (FILE *yyo, ++ yysymbol_kind_t yykind, YYSTYPE const * const yyvaluep) + { ++ FILE *yyoutput = yyo; ++ YY_USE (yyoutput); + if (!yyvaluep) + return; +-# ifdef YYPRINT +- if (yytype < YYNTOKENS) +- YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep); +-# else +- YYUSE (yyoutput); +-# endif +- switch (yytype) +- { +- default: +- break; +- } ++ YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN ++ YY_USE (yykind); ++ YY_IGNORE_MAYBE_UNINITIALIZED_END + } + + +-/*--------------------------------. +-| Print this symbol on YYOUTPUT. | +-`--------------------------------*/ ++/*---------------------------. ++| Print this symbol on YYO. | ++`---------------------------*/ + +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static void +-yy_symbol_print (FILE *yyoutput, int yytype, YYSTYPE const * const yyvaluep) +-#else + static void +-yy_symbol_print (yyoutput, yytype, yyvaluep) +- FILE *yyoutput; +- int yytype; +- YYSTYPE const * const yyvaluep; +-#endif ++yy_symbol_print (FILE *yyo, ++ yysymbol_kind_t yykind, YYSTYPE const * const yyvaluep) + { +- if (yytype < YYNTOKENS) +- YYFPRINTF (yyoutput, "token %s (", yytname[yytype]); +- else +- YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]); ++ YYFPRINTF (yyo, "%s %s (", ++ yykind < YYNTOKENS ? "token" : "nterm", yysymbol_name (yykind)); + +- yy_symbol_value_print (yyoutput, yytype, yyvaluep); +- YYFPRINTF (yyoutput, ")"); ++ yy_symbol_value_print (yyo, yykind, yyvaluep); ++ YYFPRINTF (yyo, ")"); + } + + /*------------------------------------------------------------------. +@@ -2402,80 +2272,68 @@ yy_symbol_print (yyoutput, yytype, yyval + | TOP (included). | + `------------------------------------------------------------------*/ + +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static void +-yy_stack_print (yytype_int16 *bottom, yytype_int16 *top) +-#else + static void +-yy_stack_print (bottom, top) +- yytype_int16 *bottom; +- yytype_int16 *top; +-#endif ++yy_stack_print (yy_state_t *yybottom, yy_state_t *yytop) + { + YYFPRINTF (stderr, "Stack now"); +- for (; bottom <= top; ++bottom) +- YYFPRINTF (stderr, " %d", *bottom); ++ for (; yybottom <= yytop; yybottom++) ++ { ++ int yybot = *yybottom; ++ YYFPRINTF (stderr, " %d", yybot); ++ } + YYFPRINTF (stderr, "\n"); + } + +-# define YY_STACK_PRINT(Bottom, Top) \ +-do { \ +- if (yydebug) \ +- yy_stack_print ((Bottom), (Top)); \ +-} while (YYID (0)) ++# define YY_STACK_PRINT(Bottom, Top) \ ++do { \ ++ if (yydebug) \ ++ yy_stack_print ((Bottom), (Top)); \ ++} while (0) + + + /*------------------------------------------------. + | Report that the YYRULE is going to be reduced. | + `------------------------------------------------*/ + +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) + static void +-yy_reduce_print (YYSTYPE *yyvsp, int yyrule) +-#else +-static void +-yy_reduce_print (yyvsp, yyrule) +- YYSTYPE *yyvsp; +- int yyrule; +-#endif ++yy_reduce_print (yy_state_t *yyssp, YYSTYPE *yyvsp, ++ int yyrule) + { ++ int yylno = yyrline[yyrule]; + int yynrhs = yyr2[yyrule]; + int yyi; +- unsigned long int yylno = yyrline[yyrule]; +- YYFPRINTF (stderr, "Reducing stack by rule %d (line %lu):\n", +- yyrule - 1, yylno); ++ YYFPRINTF (stderr, "Reducing stack by rule %d (line %d):\n", ++ yyrule - 1, yylno); + /* The symbols being reduced. */ + for (yyi = 0; yyi < yynrhs; yyi++) + { +- fprintf (stderr, " $%d = ", yyi + 1); +- yy_symbol_print (stderr, yyrhs[yyprhs[yyrule] + yyi], +- &(yyvsp[(yyi + 1) - (yynrhs)]) +- ); +- fprintf (stderr, "\n"); ++ YYFPRINTF (stderr, " $%d = ", yyi + 1); ++ yy_symbol_print (stderr, ++ YY_ACCESSING_SYMBOL (+yyssp[yyi + 1 - yynrhs]), ++ &yyvsp[(yyi + 1) - (yynrhs)]); ++ YYFPRINTF (stderr, "\n"); + } + } + +-# define YY_REDUCE_PRINT(Rule) \ +-do { \ +- if (yydebug) \ +- yy_reduce_print (yyvsp, Rule); \ +-} while (YYID (0)) ++# define YY_REDUCE_PRINT(Rule) \ ++do { \ ++ if (yydebug) \ ++ yy_reduce_print (yyssp, yyvsp, Rule); \ ++} while (0) + + /* Nonzero means print parse trace. It is left uninitialized so that + multiple parsers can coexist. */ + int yydebug; + #else /* !YYDEBUG */ +-# define YYDPRINTF(Args) +-# define YY_SYMBOL_PRINT(Title, Type, Value, Location) ++# define YYDPRINTF(Args) ((void) 0) ++# define YY_SYMBOL_PRINT(Title, Kind, Value, Location) + # define YY_STACK_PRINT(Bottom, Top) + # define YY_REDUCE_PRINT(Rule) + #endif /* !YYDEBUG */ + + + /* YYINITDEPTH -- initial size of the parser's stacks. */ +-#ifndef YYINITDEPTH ++#ifndef YYINITDEPTH + # define YYINITDEPTH 200 + #endif + +@@ -2490,478 +2348,219 @@ int yydebug; + # define YYMAXDEPTH 10000 + #endif + +- + +-#if YYERROR_VERBOSE + +-# ifndef yystrlen +-# if defined __GLIBC__ && defined _STRING_H +-# define yystrlen strlen +-# else +-/* Return the length of YYSTR. */ +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static YYSIZE_T +-yystrlen (const char *yystr) +-#else +-static YYSIZE_T +-yystrlen (yystr) +- const char *yystr; +-#endif +-{ +- YYSIZE_T yylen; +- for (yylen = 0; yystr[yylen]; yylen++) +- continue; +- return yylen; +-} +-# endif +-# endif + +-# ifndef yystpcpy +-# if defined __GLIBC__ && defined _STRING_H && defined _GNU_SOURCE +-# define yystpcpy stpcpy +-# else +-/* Copy YYSRC to YYDEST, returning the address of the terminating '\0' in +- YYDEST. */ +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static char * +-yystpcpy (char *yydest, const char *yysrc) +-#else +-static char * +-yystpcpy (yydest, yysrc) +- char *yydest; +- const char *yysrc; +-#endif +-{ +- char *yyd = yydest; +- const char *yys = yysrc; + +- while ((*yyd++ = *yys++) != '\0') +- continue; +- +- return yyd - 1; +-} +-# endif +-# endif +- +-# ifndef yytnamerr +-/* Copy to YYRES the contents of YYSTR after stripping away unnecessary +- quotes and backslashes, so that it's suitable for yyerror. The +- heuristic is that double-quoting is unnecessary unless the string +- contains an apostrophe, a comma, or backslash (other than +- backslash-backslash). YYSTR is taken from yytname. If YYRES is +- null, do not copy; instead, return the length of what the result +- would have been. */ +-static YYSIZE_T +-yytnamerr (char *yyres, const char *yystr) +-{ +- if (*yystr == '"') +- { +- YYSIZE_T yyn = 0; +- char const *yyp = yystr; +- +- for (;;) +- switch (*++yyp) +- { +- case '\'': +- case ',': +- goto do_not_strip_quotes; +- +- case '\\': +- if (*++yyp != '\\') +- goto do_not_strip_quotes; +- /* Fall through. */ +- default: +- if (yyres) +- yyres[yyn] = *yyp; +- yyn++; +- break; +- +- case '"': +- if (yyres) +- yyres[yyn] = '\0'; +- return yyn; +- } +- do_not_strip_quotes: ; +- } +- +- if (! yyres) +- return yystrlen (yystr); +- +- return yystpcpy (yyres, yystr) - yyres; +-} +-# endif +- +-/* Copy into YYRESULT an error message about the unexpected token +- YYCHAR while in state YYSTATE. Return the number of bytes copied, +- including the terminating null byte. If YYRESULT is null, do not +- copy anything; just return the number of bytes that would be +- copied. As a special case, return 0 if an ordinary "syntax error" +- message will do. Return YYSIZE_MAXIMUM if overflow occurs during +- size calculation. */ +-static YYSIZE_T +-yysyntax_error (char *yyresult, int yystate, int yychar) +-{ +- int yyn = yypact[yystate]; +- +- if (! (YYPACT_NINF < yyn && yyn <= YYLAST)) +- return 0; +- else +- { +- int yytype = YYTRANSLATE (yychar); +- YYSIZE_T yysize0 = yytnamerr (0, yytname[yytype]); +- YYSIZE_T yysize = yysize0; +- YYSIZE_T yysize1; +- int yysize_overflow = 0; +- enum { YYERROR_VERBOSE_ARGS_MAXIMUM = 5 }; +- char const *yyarg[YYERROR_VERBOSE_ARGS_MAXIMUM]; +- int yyx; +- +-# if 0 +- /* This is so xgettext sees the translatable formats that are +- constructed on the fly. */ +- YY_("syntax error, unexpected %s"); +- YY_("syntax error, unexpected %s, expecting %s"); +- YY_("syntax error, unexpected %s, expecting %s or %s"); +- YY_("syntax error, unexpected %s, expecting %s or %s or %s"); +- YY_("syntax error, unexpected %s, expecting %s or %s or %s or %s"); +-# endif +- char *yyfmt; +- char const *yyf; +- static char const yyunexpected[] = "syntax error, unexpected %s"; +- static char const yyexpecting[] = ", expecting %s"; +- static char const yyor[] = " or %s"; +- char yyformat[sizeof yyunexpected +- + sizeof yyexpecting - 1 +- + ((YYERROR_VERBOSE_ARGS_MAXIMUM - 2) +- * (sizeof yyor - 1))]; +- char const *yyprefix = yyexpecting; +- +- /* Start YYX at -YYN if negative to avoid negative indexes in +- YYCHECK. */ +- int yyxbegin = yyn < 0 ? -yyn : 0; +- +- /* Stay within bounds of both yycheck and yytname. */ +- int yychecklim = YYLAST - yyn + 1; +- int yyxend = yychecklim < YYNTOKENS ? yychecklim : YYNTOKENS; +- int yycount = 1; +- +- yyarg[0] = yytname[yytype]; +- yyfmt = yystpcpy (yyformat, yyunexpected); +- +- for (yyx = yyxbegin; yyx < yyxend; ++yyx) +- if (yycheck[yyx + yyn] == yyx && yyx != YYTERROR) +- { +- if (yycount == YYERROR_VERBOSE_ARGS_MAXIMUM) +- { +- yycount = 1; +- yysize = yysize0; +- yyformat[sizeof yyunexpected - 1] = '\0'; +- break; +- } +- yyarg[yycount++] = yytname[yyx]; +- yysize1 = yysize + yytnamerr (0, yytname[yyx]); +- yysize_overflow |= (yysize1 < yysize); +- yysize = yysize1; +- yyfmt = yystpcpy (yyfmt, yyprefix); +- yyprefix = yyor; +- } +- +- yyf = YY_(yyformat); +- yysize1 = yysize + yystrlen (yyf); +- yysize_overflow |= (yysize1 < yysize); +- yysize = yysize1; +- +- if (yysize_overflow) +- return YYSIZE_MAXIMUM; +- +- if (yyresult) +- { +- /* Avoid sprintf, as that infringes on the user's name space. +- Don't have undefined behavior even if the translation +- produced a string with the wrong number of "%s"s. */ +- char *yyp = yyresult; +- int yyi = 0; +- while ((*yyp = *yyf) != '\0') +- { +- if (*yyp == '%' && yyf[1] == 's' && yyi < yycount) +- { +- yyp += yytnamerr (yyp, yyarg[yyi++]); +- yyf += 2; +- } +- else +- { +- yyp++; +- yyf++; +- } +- } +- } +- return yysize; +- } +-} +-#endif /* YYERROR_VERBOSE */ +- + + /*-----------------------------------------------. + | Release the memory associated to this symbol. | + `-----------------------------------------------*/ + +-/*ARGSUSED*/ +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-static void +-yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep) +-#else + static void +-yydestruct (yymsg, yytype, yyvaluep) +- const char *yymsg; +- int yytype; +- YYSTYPE *yyvaluep; +-#endif ++yydestruct (const char *yymsg, ++ yysymbol_kind_t yykind, YYSTYPE *yyvaluep) + { +- YYUSE (yyvaluep); +- ++ YY_USE (yyvaluep); + if (!yymsg) + yymsg = "Deleting"; +- YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp); +- +- switch (yytype) +- { ++ YY_SYMBOL_PRINT (yymsg, yykind, yyvaluep, yylocationp); + +- default: +- break; +- } ++ YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN ++ YY_USE (yykind); ++ YY_IGNORE_MAYBE_UNINITIALIZED_END + } +- +- +-/* Prevent warnings from -Wmissing-prototypes. */ +- +-#ifdef YYPARSE_PARAM +-#if defined __STDC__ || defined __cplusplus +-int yyparse (void *YYPARSE_PARAM); +-#else +-int yyparse (); +-#endif +-#else /* ! YYPARSE_PARAM */ +-#if defined __STDC__ || defined __cplusplus +-int yyparse (void); +-#else +-int yyparse (); +-#endif +-#endif /* ! YYPARSE_PARAM */ +- + + +-/* The look-ahead symbol. */ ++/* Lookahead token kind. */ + int yychar; + +-/* The semantic value of the look-ahead symbol. */ ++/* The semantic value of the lookahead symbol. */ + YYSTYPE yylval; +- + /* Number of syntax errors so far. */ + int yynerrs; + + + ++ + /*----------. + | yyparse. | + `----------*/ + +-#ifdef YYPARSE_PARAM +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) +-int +-yyparse (void *YYPARSE_PARAM) +-#else +-int +-yyparse (YYPARSE_PARAM) +- void *YYPARSE_PARAM; +-#endif +-#else /* ! YYPARSE_PARAM */ +-#if (defined __STDC__ || defined __C99__FUNC__ \ +- || defined __cplusplus || defined _MSC_VER) + int + yyparse (void) +-#else +-int +-yyparse () +- +-#endif +-#endif + { +- +- int yystate; ++ yy_state_fast_t yystate = 0; ++ /* Number of tokens to shift before error messages enabled. */ ++ int yyerrstatus = 0; ++ ++ /* Refer to the stacks through separate pointers, to allow yyoverflow ++ to reallocate them elsewhere. */ ++ ++ /* Their size. */ ++ YYPTRDIFF_T yystacksize = YYINITDEPTH; ++ ++ /* The state stack: array, bottom, top. */ ++ yy_state_t yyssa[YYINITDEPTH]; ++ yy_state_t *yyss = yyssa; ++ yy_state_t *yyssp = yyss; ++ ++ /* The semantic value stack: array, bottom, top. */ ++ YYSTYPE yyvsa[YYINITDEPTH]; ++ YYSTYPE *yyvs = yyvsa; ++ YYSTYPE *yyvsp = yyvs; ++ + int yyn; ++ /* The return value of yyparse. */ + int yyresult; +- /* Number of tokens to shift before error messages enabled. */ +- int yyerrstatus; +- /* Look-ahead token as an internal (translated) token number. */ +- int yytoken = 0; +-#if YYERROR_VERBOSE +- /* Buffer for error messages, and its allocated size. */ +- char yymsgbuf[128]; +- char *yymsg = yymsgbuf; +- YYSIZE_T yymsg_alloc = sizeof yymsgbuf; +-#endif +- +- /* Three stacks and their tools: +- `yyss': related to states, +- `yyvs': related to semantic values, +- `yyls': related to locations. +- +- Refer to the stacks thru separate pointers, to allow yyoverflow +- to reallocate them elsewhere. */ +- +- /* The state stack. */ +- yytype_int16 yyssa[YYINITDEPTH]; +- yytype_int16 *yyss = yyssa; +- yytype_int16 *yyssp; +- +- /* The semantic value stack. */ +- YYSTYPE yyvsa[YYINITDEPTH]; +- YYSTYPE *yyvs = yyvsa; +- YYSTYPE *yyvsp; +- +- +- +-#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) +- +- YYSIZE_T yystacksize = YYINITDEPTH; +- ++ /* Lookahead symbol kind. */ ++ yysymbol_kind_t yytoken = YYSYMBOL_YYEMPTY; + /* The variables used to return semantic value and location from the + action routines. */ + YYSTYPE yyval; + + ++ ++#define YYPOPSTACK(N) (yyvsp -= (N), yyssp -= (N)) ++ + /* The number of symbols on the RHS of the reduced rule. + Keep to zero when no symbol should be popped. */ + int yylen = 0; + + YYDPRINTF ((stderr, "Starting parse\n")); + +- yystate = 0; +- yyerrstatus = 0; +- yynerrs = 0; +- yychar = YYEMPTY; /* Cause a token to be read. */ +- +- /* Initialize stack pointers. +- Waste one element of value and location stack +- so that they stay on the same level as the state stack. +- The wasted elements are never initialized. */ +- +- yyssp = yyss; +- yyvsp = yyvs; ++ yychar = YYEMPTY; /* Cause a token to be read. */ + + goto yysetstate; + ++ + /*------------------------------------------------------------. +-| yynewstate -- Push a new state, which is found in yystate. | ++| yynewstate -- push a new state, which is found in yystate. | + `------------------------------------------------------------*/ +- yynewstate: ++yynewstate: + /* In all cases, when you get here, the value and location stacks + have just been pushed. So pushing a state here evens the stacks. */ + yyssp++; + +- yysetstate: +- *yyssp = yystate; ++ ++/*--------------------------------------------------------------------. ++| yysetstate -- set current state (the top of the stack) to yystate. | ++`--------------------------------------------------------------------*/ ++yysetstate: ++ YYDPRINTF ((stderr, "Entering state %d\n", yystate)); ++ YY_ASSERT (0 <= yystate && yystate < YYNSTATES); ++ YY_IGNORE_USELESS_CAST_BEGIN ++ *yyssp = YY_CAST (yy_state_t, yystate); ++ YY_IGNORE_USELESS_CAST_END ++ YY_STACK_PRINT (yyss, yyssp); + + if (yyss + yystacksize - 1 <= yyssp) ++#if !defined yyoverflow && !defined YYSTACK_RELOCATE ++ YYNOMEM; ++#else + { + /* Get the current used size of the three stacks, in elements. */ +- YYSIZE_T yysize = yyssp - yyss + 1; ++ YYPTRDIFF_T yysize = yyssp - yyss + 1; + +-#ifdef yyoverflow ++# if defined yyoverflow + { +- /* Give user a chance to reallocate the stack. Use copies of +- these so that the &'s don't force the real ones into +- memory. */ +- YYSTYPE *yyvs1 = yyvs; +- yytype_int16 *yyss1 = yyss; +- +- +- /* Each stack pointer address is followed by the size of the +- data in use in that stack, in bytes. This used to be a +- conditional around just the two extra args, but that might +- be undefined if yyoverflow is a macro. */ +- yyoverflow (YY_("memory exhausted"), +- &yyss1, yysize * sizeof (*yyssp), +- &yyvs1, yysize * sizeof (*yyvsp), +- +- &yystacksize); +- +- yyss = yyss1; +- yyvs = yyvs1; ++ /* Give user a chance to reallocate the stack. Use copies of ++ these so that the &'s don't force the real ones into ++ memory. */ ++ yy_state_t *yyss1 = yyss; ++ YYSTYPE *yyvs1 = yyvs; ++ ++ /* Each stack pointer address is followed by the size of the ++ data in use in that stack, in bytes. This used to be a ++ conditional around just the two extra args, but that might ++ be undefined if yyoverflow is a macro. */ ++ yyoverflow (YY_("memory exhausted"), ++ &yyss1, yysize * YYSIZEOF (*yyssp), ++ &yyvs1, yysize * YYSIZEOF (*yyvsp), ++ &yystacksize); ++ yyss = yyss1; ++ yyvs = yyvs1; + } +-#else /* no yyoverflow */ +-# ifndef YYSTACK_RELOCATE +- goto yyexhaustedlab; +-# else ++# else /* defined YYSTACK_RELOCATE */ + /* Extend the stack our own way. */ + if (YYMAXDEPTH <= yystacksize) +- goto yyexhaustedlab; ++ YYNOMEM; + yystacksize *= 2; + if (YYMAXDEPTH < yystacksize) +- yystacksize = YYMAXDEPTH; ++ yystacksize = YYMAXDEPTH; + + { +- yytype_int16 *yyss1 = yyss; +- union yyalloc *yyptr = +- (union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize)); +- if (! yyptr) +- goto yyexhaustedlab; +- YYSTACK_RELOCATE (yyss); +- YYSTACK_RELOCATE (yyvs); +- ++ yy_state_t *yyss1 = yyss; ++ union yyalloc *yyptr = ++ YY_CAST (union yyalloc *, ++ YYSTACK_ALLOC (YY_CAST (YYSIZE_T, YYSTACK_BYTES (yystacksize)))); ++ if (! yyptr) ++ YYNOMEM; ++ YYSTACK_RELOCATE (yyss_alloc, yyss); ++ YYSTACK_RELOCATE (yyvs_alloc, yyvs); + # undef YYSTACK_RELOCATE +- if (yyss1 != yyssa) +- YYSTACK_FREE (yyss1); ++ if (yyss1 != yyssa) ++ YYSTACK_FREE (yyss1); + } + # endif +-#endif /* no yyoverflow */ + + yyssp = yyss + yysize - 1; + yyvsp = yyvs + yysize - 1; + +- +- YYDPRINTF ((stderr, "Stack size increased to %lu\n", +- (unsigned long int) yystacksize)); ++ YY_IGNORE_USELESS_CAST_BEGIN ++ YYDPRINTF ((stderr, "Stack size increased to %ld\n", ++ YY_CAST (long, yystacksize))); ++ YY_IGNORE_USELESS_CAST_END + + if (yyss + yystacksize - 1 <= yyssp) +- YYABORT; ++ YYABORT; + } ++#endif /* !defined yyoverflow && !defined YYSTACK_RELOCATE */ + +- YYDPRINTF ((stderr, "Entering state %d\n", yystate)); ++ ++ if (yystate == YYFINAL) ++ YYACCEPT; + + goto yybackup; + ++ + /*-----------. + | yybackup. | + `-----------*/ + yybackup: +- + /* Do appropriate processing given the current state. Read a +- look-ahead token if we need one and don't already have one. */ ++ lookahead token if we need one and don't already have one. */ + +- /* First try to decide what to do without reference to look-ahead token. */ ++ /* First try to decide what to do without reference to lookahead token. */ + yyn = yypact[yystate]; +- if (yyn == YYPACT_NINF) ++ if (yypact_value_is_default (yyn)) + goto yydefault; + +- /* Not known => get a look-ahead token if don't already have one. */ ++ /* Not known => get a lookahead token if don't already have one. */ + +- /* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */ ++ /* YYCHAR is either empty, or end-of-input, or a valid lookahead. */ + if (yychar == YYEMPTY) + { +- YYDPRINTF ((stderr, "Reading a token: ")); +- yychar = YYLEX; ++ YYDPRINTF ((stderr, "Reading a token\n")); ++ yychar = yylex (); + } + + if (yychar <= YYEOF) + { +- yychar = yytoken = YYEOF; ++ yychar = YYEOF; ++ yytoken = YYSYMBOL_YYEOF; + YYDPRINTF ((stderr, "Now at end of input.\n")); + } ++ else if (yychar == YYerror) ++ { ++ /* The scanner already issued an error message, process directly ++ to error recovery. But do not keep the error token as ++ lookahead, it is too special and may lead us to an endless ++ loop in error recovery. */ ++ yychar = YYUNDEF; ++ yytoken = YYSYMBOL_YYerror; ++ goto yyerrlab1; ++ } + else + { + yytoken = YYTRANSLATE (yychar); +@@ -2976,30 +2575,26 @@ yybackup: + yyn = yytable[yyn]; + if (yyn <= 0) + { +- if (yyn == 0 || yyn == YYTABLE_NINF) +- goto yyerrlab; ++ if (yytable_value_is_error (yyn)) ++ goto yyerrlab; + yyn = -yyn; + goto yyreduce; + } + +- if (yyn == YYFINAL) +- YYACCEPT; +- + /* Count tokens shifted since error; after three, turn off error + status. */ + if (yyerrstatus) + yyerrstatus--; + +- /* Shift the look-ahead token. */ ++ /* Shift the lookahead token. */ + YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc); +- +- /* Discard the shifted token unless it is eof. */ +- if (yychar != YYEOF) +- yychar = YYEMPTY; +- + yystate = yyn; ++ YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + *++yyvsp = yylval; ++ YY_IGNORE_MAYBE_UNINITIALIZED_END + ++ /* Discard the shifted token. */ ++ yychar = YYEMPTY; + goto yynewstate; + + +@@ -3014,14 +2609,14 @@ yydefault: + + + /*-----------------------------. +-| yyreduce -- Do a reduction. | ++| yyreduce -- do a reduction. | + `-----------------------------*/ + yyreduce: + /* yyn is the number of a rule to reduce with. */ + yylen = yyr2[yyn]; + + /* If YYLEN is nonzero, implement the default value of the action: +- `$$ = $1'. ++ '$$ = $1'. + + Otherwise, the following line sets YYVAL to garbage. + This behavior is undocumented and Bison +@@ -3034,9 +2629,9 @@ yyreduce: + YY_REDUCE_PRINT (yyn); + switch (yyn) + { +- case 4: +-#line 578 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 4: /* $@1: %empty */ ++#line 579 "parser.y" ++ { + /* + * We don't do these in parserEOF() because the parser is reading + * ahead and that would be too early. +@@ -3053,11 +2648,12 @@ yyreduce: + previousFile = NULL; + } + } ++#line 2652 "../parser.c" + break; + +- case 55: +-#line 648 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 55: /* nsstatement: typehdrcode */ ++#line 649 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -3065,203 +2661,224 @@ yyreduce: + if (scope == NULL) + yyerror("%TypeHeaderCode can only be used in a namespace, class or mapped type"); + +- appendCodeBlock(&scope->iff->hdrcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->iff->hdrcode, (yyvsp[0].codeb)); + } + } ++#line 2668 "../parser.c" + break; + +- case 56: +-#line 661 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 56: /* defdocstringfmt: TK_DEFDOCSTRFMT defdocstringfmt_args */ ++#line 662 "parser.y" ++ { + if (notSkipping()) +- currentModule->defdocstringfmt = convertFormat((yyvsp[(2) - (2)].defdocstringfmt).name); ++ currentModule->defdocstringfmt = convertFormat((yyvsp[0].defdocstringfmt).name); + } ++#line 2677 "../parser.c" + break; + +- case 57: +-#line 667 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 57: /* defdocstringfmt_args: TK_STRING_VALUE */ ++#line 668 "parser.y" ++ { + resetLexerState(); + +- (yyval.defdocstringfmt).name = (yyvsp[(1) - (1)].text); ++ (yyval.defdocstringfmt).name = (yyvsp[0].text); + } ++#line 2687 "../parser.c" + break; + +- case 58: +-#line 672 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defdocstringfmt) = (yyvsp[(2) - (3)].defdocstringfmt); ++ case 58: /* defdocstringfmt_args: '(' defdocstringfmt_arg_list ')' */ ++#line 673 "parser.y" ++ { ++ (yyval.defdocstringfmt) = (yyvsp[-1].defdocstringfmt); + } ++#line 2695 "../parser.c" + break; + +- case 60: +-#line 678 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defdocstringfmt) = (yyvsp[(1) - (3)].defdocstringfmt); ++ case 60: /* defdocstringfmt_arg_list: defdocstringfmt_arg_list ',' defdocstringfmt_arg */ ++#line 679 "parser.y" ++ { ++ (yyval.defdocstringfmt) = (yyvsp[-2].defdocstringfmt); + +- switch ((yyvsp[(3) - (3)].defdocstringfmt).token) ++ switch ((yyvsp[0].defdocstringfmt).token) + { +- case TK_NAME: (yyval.defdocstringfmt).name = (yyvsp[(3) - (3)].defdocstringfmt).name; break; ++ case TK_NAME: (yyval.defdocstringfmt).name = (yyvsp[0].defdocstringfmt).name; break; + } + } ++#line 2708 "../parser.c" + break; + +- case 61: +-#line 688 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 61: /* defdocstringfmt_arg: TK_NAME '=' TK_STRING_VALUE */ ++#line 689 "parser.y" ++ { + (yyval.defdocstringfmt).token = TK_NAME; + +- (yyval.defdocstringfmt).name = (yyvsp[(3) - (3)].text); ++ (yyval.defdocstringfmt).name = (yyvsp[0].text); + } ++#line 2718 "../parser.c" + break; + +- case 62: +-#line 695 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 62: /* defdocstringsig: TK_DEFDOCSTRSIG defdocstringsig_args */ ++#line 696 "parser.y" ++ { + if (notSkipping()) +- currentModule->defdocstringsig = convertSignature((yyvsp[(2) - (2)].defdocstringsig).name); ++ currentModule->defdocstringsig = convertSignature((yyvsp[0].defdocstringsig).name); + } ++#line 2727 "../parser.c" + break; + +- case 63: +-#line 701 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 63: /* defdocstringsig_args: TK_STRING_VALUE */ ++#line 702 "parser.y" ++ { + resetLexerState(); + +- (yyval.defdocstringsig).name = (yyvsp[(1) - (1)].text); ++ (yyval.defdocstringsig).name = (yyvsp[0].text); + } ++#line 2737 "../parser.c" + break; + +- case 64: +-#line 706 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defdocstringsig) = (yyvsp[(2) - (3)].defdocstringsig); ++ case 64: /* defdocstringsig_args: '(' defdocstringsig_arg_list ')' */ ++#line 707 "parser.y" ++ { ++ (yyval.defdocstringsig) = (yyvsp[-1].defdocstringsig); + } ++#line 2745 "../parser.c" + break; + +- case 66: +-#line 712 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defdocstringsig) = (yyvsp[(1) - (3)].defdocstringsig); ++ case 66: /* defdocstringsig_arg_list: defdocstringsig_arg_list ',' defdocstringsig_arg */ ++#line 713 "parser.y" ++ { ++ (yyval.defdocstringsig) = (yyvsp[-2].defdocstringsig); + +- switch ((yyvsp[(3) - (3)].defdocstringsig).token) ++ switch ((yyvsp[0].defdocstringsig).token) + { +- case TK_NAME: (yyval.defdocstringsig).name = (yyvsp[(3) - (3)].defdocstringsig).name; break; ++ case TK_NAME: (yyval.defdocstringsig).name = (yyvsp[0].defdocstringsig).name; break; + } + } ++#line 2758 "../parser.c" + break; + +- case 67: +-#line 722 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 67: /* defdocstringsig_arg: TK_NAME '=' TK_STRING_VALUE */ ++#line 723 "parser.y" ++ { + (yyval.defdocstringsig).token = TK_NAME; + +- (yyval.defdocstringsig).name = (yyvsp[(3) - (3)].text); ++ (yyval.defdocstringsig).name = (yyvsp[0].text); + } ++#line 2768 "../parser.c" + break; + +- case 68: +-#line 729 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 68: /* defencoding: TK_DEFENCODING defencoding_args */ ++#line 730 "parser.y" ++ { + if (notSkipping()) + { +- if ((currentModule->encoding = convertEncoding((yyvsp[(2) - (2)].defencoding).name)) == no_type) ++ if ((currentModule->encoding = convertEncoding((yyvsp[0].defencoding).name)) == no_type) + yyerror("The %DefaultEncoding name must be one of \"ASCII\", \"Latin-1\", \"UTF-8\" or \"None\""); + } + } ++#line 2780 "../parser.c" + break; + +- case 69: +-#line 738 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 69: /* defencoding_args: TK_STRING_VALUE */ ++#line 739 "parser.y" ++ { + resetLexerState(); + +- (yyval.defencoding).name = (yyvsp[(1) - (1)].text); ++ (yyval.defencoding).name = (yyvsp[0].text); + } ++#line 2790 "../parser.c" + break; + +- case 70: +-#line 743 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defencoding) = (yyvsp[(2) - (3)].defencoding); ++ case 70: /* defencoding_args: '(' defencoding_arg_list ')' */ ++#line 744 "parser.y" ++ { ++ (yyval.defencoding) = (yyvsp[-1].defencoding); + } ++#line 2798 "../parser.c" + break; + +- case 72: +-#line 749 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defencoding) = (yyvsp[(1) - (3)].defencoding); ++ case 72: /* defencoding_arg_list: defencoding_arg_list ',' defencoding_arg */ ++#line 750 "parser.y" ++ { ++ (yyval.defencoding) = (yyvsp[-2].defencoding); + +- switch ((yyvsp[(3) - (3)].defencoding).token) ++ switch ((yyvsp[0].defencoding).token) + { +- case TK_NAME: (yyval.defencoding).name = (yyvsp[(3) - (3)].defencoding).name; break; ++ case TK_NAME: (yyval.defencoding).name = (yyvsp[0].defencoding).name; break; + } + } ++#line 2811 "../parser.c" + break; + +- case 73: +-#line 759 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 73: /* defencoding_arg: TK_NAME '=' TK_STRING_VALUE */ ++#line 760 "parser.y" ++ { + (yyval.defencoding).token = TK_NAME; + +- (yyval.defencoding).name = (yyvsp[(3) - (3)].text); ++ (yyval.defencoding).name = (yyvsp[0].text); + } ++#line 2821 "../parser.c" + break; + +- case 74: +-#line 766 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 74: /* plugin: TK_PLUGIN plugin_args */ ++#line 767 "parser.y" ++ { + /* + * Note that %Plugin is internal in SIP v4. The current thinking + * is that it won't be needed for SIP v5. + */ + + if (notSkipping()) +- appendString(¤tSpec->plugins, (yyvsp[(2) - (2)].plugin).name); ++ appendString(¤tSpec->plugins, (yyvsp[0].plugin).name); + } ++#line 2835 "../parser.c" + break; + +- case 75: +-#line 777 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 75: /* plugin_args: TK_NAME_VALUE */ ++#line 778 "parser.y" ++ { + resetLexerState(); + +- (yyval.plugin).name = (yyvsp[(1) - (1)].text); ++ (yyval.plugin).name = (yyvsp[0].text); + } ++#line 2845 "../parser.c" + break; + +- case 76: +-#line 782 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.plugin) = (yyvsp[(2) - (3)].plugin); ++ case 76: /* plugin_args: '(' plugin_arg_list ')' */ ++#line 783 "parser.y" ++ { ++ (yyval.plugin) = (yyvsp[-1].plugin); + } ++#line 2853 "../parser.c" + break; + +- case 78: +-#line 788 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.plugin) = (yyvsp[(1) - (3)].plugin); ++ case 78: /* plugin_arg_list: plugin_arg_list ',' plugin_arg */ ++#line 789 "parser.y" ++ { ++ (yyval.plugin) = (yyvsp[-2].plugin); + +- switch ((yyvsp[(3) - (3)].plugin).token) ++ switch ((yyvsp[0].plugin).token) + { +- case TK_NAME: (yyval.plugin).name = (yyvsp[(3) - (3)].plugin).name; break; ++ case TK_NAME: (yyval.plugin).name = (yyvsp[0].plugin).name; break; + } + } ++#line 2866 "../parser.c" + break; + +- case 79: +-#line 798 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 79: /* plugin_arg: TK_NAME '=' TK_NAME_VALUE */ ++#line 799 "parser.y" ++ { + (yyval.plugin).token = TK_NAME; + +- (yyval.plugin).name = (yyvsp[(3) - (3)].text); ++ (yyval.plugin).name = (yyvsp[0].text); + } ++#line 2876 "../parser.c" + break; + +- case 80: +-#line 805 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (3)].veh).name == NULL) ++ case 80: /* virterrorhandler: TK_VIRTERRORHANDLER veh_args codeblock */ ++#line 806 "parser.y" ++ { ++ if ((yyvsp[-1].veh).name == NULL) + yyerror("%VirtualErrorHandler must have a 'name' argument"); + + if (notSkipping()) +@@ -3270,7 +2887,7 @@ yyreduce: + + /* Check there isn't already a handler with the same name. */ + for (tailp = ¤tSpec->errorhandlers; (veh = *tailp) != NULL; tailp = &veh->next) +- if (strcmp(veh->name, (yyvsp[(2) - (3)].veh).name) == 0) ++ if (strcmp(veh->name, (yyvsp[-1].veh).name) == 0) + break; + + if (veh != NULL) +@@ -3278,8 +2895,8 @@ yyreduce: + + veh = sipMalloc(sizeof (virtErrorHandler)); + +- veh->name = (yyvsp[(2) - (3)].veh).name; +- appendCodeBlock(&veh->code, (yyvsp[(3) - (3)].codeb)); ++ veh->name = (yyvsp[-1].veh).name; ++ appendCodeBlock(&veh->code, (yyvsp[0].codeb)); + veh->mod = currentModule; + veh->index = -1; + veh->next = NULL; +@@ -3287,62 +2904,67 @@ yyreduce: + *tailp = veh; + } + } ++#line 2908 "../parser.c" + break; + +- case 81: +-#line 834 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 81: /* veh_args: TK_NAME_VALUE */ ++#line 835 "parser.y" ++ { + resetLexerState(); + +- (yyval.veh).name = (yyvsp[(1) - (1)].text); ++ (yyval.veh).name = (yyvsp[0].text); + } ++#line 2918 "../parser.c" + break; + +- case 82: +-#line 839 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.veh) = (yyvsp[(2) - (3)].veh); ++ case 82: /* veh_args: '(' veh_arg_list ')' */ ++#line 840 "parser.y" ++ { ++ (yyval.veh) = (yyvsp[-1].veh); + } ++#line 2926 "../parser.c" + break; + +- case 84: +-#line 845 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.veh) = (yyvsp[(1) - (3)].veh); ++ case 84: /* veh_arg_list: veh_arg_list ',' veh_arg */ ++#line 846 "parser.y" ++ { ++ (yyval.veh) = (yyvsp[-2].veh); + +- switch ((yyvsp[(3) - (3)].veh).token) ++ switch ((yyvsp[0].veh).token) + { +- case TK_NAME: (yyval.veh).name = (yyvsp[(3) - (3)].veh).name; break; ++ case TK_NAME: (yyval.veh).name = (yyvsp[0].veh).name; break; + } + } ++#line 2939 "../parser.c" + break; + +- case 85: +-#line 855 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 85: /* veh_arg: TK_NAME '=' TK_NAME_VALUE */ ++#line 856 "parser.y" ++ { + (yyval.veh).token = TK_NAME; + +- (yyval.veh).name = (yyvsp[(3) - (3)].text); ++ (yyval.veh).name = (yyvsp[0].text); + } ++#line 2949 "../parser.c" + break; + +- case 86: +-#line 862 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 86: /* api: TK_API api_args */ ++#line 863 "parser.y" ++ { + if (notSkipping()) + { + apiVersionRangeDef *avd; + +- if (findAPI(currentSpec, (yyvsp[(2) - (2)].api).name) != NULL) ++ if (findAPI(currentSpec, (yyvsp[0].api).name) != NULL) + yyerror("The API name in the %API directive has already been defined"); + +- if ((yyvsp[(2) - (2)].api).version < 1) ++ if ((yyvsp[0].api).version < 1) + yyerror("The version number in the %API directive must be greater than or equal to 1"); + + avd = sipMalloc(sizeof (apiVersionRangeDef)); + +- avd->api_name = cacheName(currentSpec, (yyvsp[(2) - (2)].api).name); +- avd->from = (yyvsp[(2) - (2)].api).version; ++ avd->api_name = cacheName(currentSpec, (yyvsp[0].api).name); ++ avd->from = (yyvsp[0].api).version; + avd->to = -1; + + avd->next = currentModule->api_versions; +@@ -3352,63 +2974,69 @@ yyreduce: + setIsUsedName(avd->api_name); + } + } ++#line 2978 "../parser.c" + break; + +- case 87: +-#line 888 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 87: /* api_args: TK_NAME_VALUE TK_NUMBER_VALUE */ ++#line 889 "parser.y" ++ { + resetLexerState(); + + deprecated("%API name and version number should be specified using the 'name' and 'version' arguments"); + +- (yyval.api).name = (yyvsp[(1) - (2)].text); +- (yyval.api).version = (yyvsp[(2) - (2)].number); ++ (yyval.api).name = (yyvsp[-1].text); ++ (yyval.api).version = (yyvsp[0].number); + } ++#line 2991 "../parser.c" + break; + +- case 88: +-#line 896 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.api) = (yyvsp[(2) - (3)].api); ++ case 88: /* api_args: '(' api_arg_list ')' */ ++#line 897 "parser.y" ++ { ++ (yyval.api) = (yyvsp[-1].api); + } ++#line 2999 "../parser.c" + break; + +- case 90: +-#line 902 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.api) = (yyvsp[(1) - (3)].api); ++ case 90: /* api_arg_list: api_arg_list ',' api_arg */ ++#line 903 "parser.y" ++ { ++ (yyval.api) = (yyvsp[-2].api); + +- switch ((yyvsp[(3) - (3)].api).token) ++ switch ((yyvsp[0].api).token) + { +- case TK_NAME: (yyval.api).name = (yyvsp[(3) - (3)].api).name; break; +- case TK_VERSION: (yyval.api).version = (yyvsp[(3) - (3)].api).version; break; ++ case TK_NAME: (yyval.api).name = (yyvsp[0].api).name; break; ++ case TK_VERSION: (yyval.api).version = (yyvsp[0].api).version; break; + } + } ++#line 3013 "../parser.c" + break; + +- case 91: +-#line 913 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 91: /* api_arg: TK_NAME '=' name_or_string */ ++#line 914 "parser.y" ++ { + (yyval.api).token = TK_NAME; + +- (yyval.api).name = (yyvsp[(3) - (3)].text); ++ (yyval.api).name = (yyvsp[0].text); + (yyval.api).version = 0; + } ++#line 3024 "../parser.c" + break; + +- case 92: +-#line 919 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 92: /* api_arg: TK_VERSION '=' TK_NUMBER_VALUE */ ++#line 920 "parser.y" ++ { + (yyval.api).token = TK_VERSION; + + (yyval.api).name = NULL; +- (yyval.api).version = (yyvsp[(3) - (3)].number); ++ (yyval.api).version = (yyvsp[0].number); + } ++#line 3035 "../parser.c" + break; + +- case 93: +-#line 927 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 93: /* exception: TK_EXCEPTION scopedname baseexception optflags exception_body */ ++#line 928 "parser.y" ++ { + if (notSkipping()) + { + static const char *annos[] = { +@@ -3420,20 +3048,20 @@ yyreduce: + exceptionDef *xd; + const char *pyname; + +- checkAnnos(&(yyvsp[(4) - (5)].optflags), annos); ++ checkAnnos(&(yyvsp[-1].optflags), annos); + + if (currentSpec->genc) + yyerror("%Exception not allowed in a C module"); + +- if ((yyvsp[(5) - (5)].exception).raise_code == NULL) ++ if ((yyvsp[0].exception).raise_code == NULL) + yyerror("%Exception must have a %RaiseCode sub-directive"); + +- pyname = getPythonName(currentModule, &(yyvsp[(4) - (5)].optflags), scopedNameTail((yyvsp[(2) - (5)].scpvalp))); ++ pyname = getPythonName(currentModule, &(yyvsp[-1].optflags), scopedNameTail((yyvsp[-3].scpvalp))); + + checkAttributes(currentSpec, currentModule, NULL, NULL, + pyname, FALSE); + +- xd = findException(currentSpec, (yyvsp[(2) - (5)].scpvalp), TRUE); ++ xd = findException(currentSpec, (yyvsp[-3].scpvalp), TRUE); + + if (xd->cd != NULL) + yyerror("%Exception name has already been seen as a class name - it must be defined before being used"); +@@ -3443,29 +3071,31 @@ yyreduce: + + /* Complete the definition. */ + xd->iff->module = currentModule; +- appendCodeBlock(&xd->iff->hdrcode, (yyvsp[(5) - (5)].exception).type_header_code); ++ appendCodeBlock(&xd->iff->hdrcode, (yyvsp[0].exception).type_header_code); + xd->pyname = pyname; +- xd->bibase = (yyvsp[(3) - (5)].exceptionbase).bibase; +- xd->base = (yyvsp[(3) - (5)].exceptionbase).base; +- appendCodeBlock(&xd->raisecode, (yyvsp[(5) - (5)].exception).raise_code); ++ xd->bibase = (yyvsp[-2].exceptionbase).bibase; ++ xd->base = (yyvsp[-2].exceptionbase).base; ++ appendCodeBlock(&xd->raisecode, (yyvsp[0].exception).raise_code); + +- if (getOptFlag(&(yyvsp[(4) - (5)].optflags), "Default", bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[-1].optflags), "Default", bool_flag) != NULL) + currentModule->defexception = xd; + } + } ++#line 3085 "../parser.c" + break; + +- case 94: +-#line 974 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 94: /* baseexception: %empty */ ++#line 975 "parser.y" ++ { + (yyval.exceptionbase).bibase = NULL; + (yyval.exceptionbase).base = NULL; + } ++#line 3094 "../parser.c" + break; + +- case 95: +-#line 978 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 95: /* baseexception: '(' scopedname ')' */ ++#line 979 "parser.y" ++ { + exceptionDef *xd; + + (yyval.exceptionbase).bibase = NULL; +@@ -3473,13 +3103,13 @@ yyreduce: + + /* See if it is a defined exception. */ + for (xd = currentSpec->exceptions; xd != NULL; xd = xd->next) +- if (compareScopedNames(xd->iff->fqcname, (yyvsp[(2) - (3)].scpvalp)) == 0) ++ if (compareScopedNames(xd->iff->fqcname, (yyvsp[-1].scpvalp)) == 0) + { + (yyval.exceptionbase).base = xd; + break; + } + +- if (xd == NULL && (yyvsp[(2) - (3)].scpvalp)->next == NULL && strncmp((yyvsp[(2) - (3)].scpvalp)->name, "SIP_", 4) == 0) ++ if (xd == NULL && (yyvsp[-1].scpvalp)->next == NULL && strncmp((yyvsp[-1].scpvalp)->name, "SIP_", 4) == 0) + { + /* See if it is a builtin exception. */ + +@@ -3560,7 +3190,7 @@ yyreduce: + char **cp; + + for (cp = builtins; *cp != NULL; ++cp) +- if (strcmp((yyvsp[(2) - (3)].scpvalp)->name + 4, *cp) == 0) ++ if (strcmp((yyvsp[-1].scpvalp)->name + 4, *cp) == 0) + { + (yyval.exceptionbase).bibase = *cp; + break; +@@ -3570,49 +3200,54 @@ yyreduce: + if ((yyval.exceptionbase).bibase == NULL && (yyval.exceptionbase).base == NULL) + yyerror("Unknown exception base type"); + } ++#line 3204 "../parser.c" + break; + +- case 96: +-#line 1085 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.exception) = (yyvsp[(2) - (4)].exception); ++ case 96: /* exception_body: '{' exception_body_directives '}' ';' */ ++#line 1086 "parser.y" ++ { ++ (yyval.exception) = (yyvsp[-2].exception); + } ++#line 3212 "../parser.c" + break; + +- case 98: +-#line 1091 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.exception) = (yyvsp[(1) - (2)].exception); ++ case 98: /* exception_body_directives: exception_body_directives exception_body_directive */ ++#line 1092 "parser.y" ++ { ++ (yyval.exception) = (yyvsp[-1].exception); + +- switch ((yyvsp[(2) - (2)].exception).token) ++ switch ((yyvsp[0].exception).token) + { +- case TK_RAISECODE: (yyval.exception).raise_code = (yyvsp[(2) - (2)].exception).raise_code; break; +- case TK_TYPEHEADERCODE: (yyval.exception).type_header_code = (yyvsp[(2) - (2)].exception).type_header_code; break; ++ case TK_RAISECODE: (yyval.exception).raise_code = (yyvsp[0].exception).raise_code; break; ++ case TK_TYPEHEADERCODE: (yyval.exception).type_header_code = (yyvsp[0].exception).type_header_code; break; + } + } ++#line 3226 "../parser.c" + break; + +- case 99: +-#line 1102 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 99: /* exception_body_directive: ifstart */ ++#line 1103 "parser.y" ++ { + (yyval.exception).token = TK_IF; + } ++#line 3234 "../parser.c" + break; + +- case 100: +-#line 1105 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 100: /* exception_body_directive: ifend */ ++#line 1106 "parser.y" ++ { + (yyval.exception).token = TK_END; + } ++#line 3242 "../parser.c" + break; + +- case 101: +-#line 1108 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 101: /* exception_body_directive: raisecode */ ++#line 1109 "parser.y" ++ { + if (notSkipping()) + { + (yyval.exception).token = TK_RAISECODE; +- (yyval.exception).raise_code = (yyvsp[(1) - (1)].codeb); ++ (yyval.exception).raise_code = (yyvsp[0].codeb); + } + else + { +@@ -3622,15 +3257,16 @@ yyreduce: + + (yyval.exception).type_header_code = NULL; + } ++#line 3261 "../parser.c" + break; + +- case 102: +-#line 1122 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 102: /* exception_body_directive: typehdrcode */ ++#line 1123 "parser.y" ++ { + if (notSkipping()) + { + (yyval.exception).token = TK_TYPEHEADERCODE; +- (yyval.exception).type_header_code = (yyvsp[(1) - (1)].codeb); ++ (yyval.exception).type_header_code = (yyvsp[0].codeb); + } + else + { +@@ -3640,18 +3276,20 @@ yyreduce: + + (yyval.exception).raise_code = NULL; + } ++#line 3280 "../parser.c" + break; + +- case 103: +-#line 1138 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 103: /* raisecode: TK_RAISECODE codeblock */ ++#line 1139 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 3288 "../parser.c" + break; + +- case 104: +-#line 1143 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 104: /* $@2: %empty */ ++#line 1144 "parser.y" ++ { + if (notSkipping()) + { + static const char *annos[] = { +@@ -3667,16 +3305,17 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(3) - (3)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + +- currentMappedType = newMappedType(currentSpec, &(yyvsp[(2) - (3)].memArg), &(yyvsp[(3) - (3)].optflags)); ++ currentMappedType = newMappedType(currentSpec, &(yyvsp[-1].memArg), &(yyvsp[0].optflags)); + } + } ++#line 3314 "../parser.c" + break; + +- case 106: +-#line 1166 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 106: /* $@3: %empty */ ++#line 1167 "parser.y" ++ { + if (notSkipping()) + { + static const char *annos[] = { +@@ -3694,7 +3333,7 @@ yyreduce: + mappedTypeTmplDef *mtt; + ifaceFileDef *iff; + +- checkAnnos(&(yyvsp[(4) - (4)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + + if (currentSpec->genc) + yyerror("%MappedType templates not allowed in a C module"); +@@ -3703,32 +3342,32 @@ yyreduce: + * Check the template arguments are basic types or simple + * names. + */ +- for (a = 0; a < (yyvsp[(1) - (4)].signature).nrArgs; ++a) ++ for (a = 0; a < (yyvsp[-3].signature).nrArgs; ++a) + { +- argDef *ad = &(yyvsp[(1) - (4)].signature).args[a]; ++ argDef *ad = &(yyvsp[-3].signature).args[a]; + + if (ad->atype == defined_type && ad->u.snd->next != NULL) + yyerror("%MappedType template arguments must be simple names"); + } + +- if ((yyvsp[(3) - (4)].memArg).atype != template_type) ++ if ((yyvsp[-1].memArg).atype != template_type) + yyerror("%MappedType template must map a template type"); + +- (yyvsp[(3) - (4)].memArg).u.td->fqname = fullyQualifiedName((yyvsp[(3) - (4)].memArg).u.td->fqname); ++ (yyvsp[-1].memArg).u.td->fqname = fullyQualifiedName((yyvsp[-1].memArg).u.td->fqname); + + /* Check a template hasn't already been provided. */ + for (mtt = currentSpec->mappedtypetemplates; mtt != NULL; mtt = mtt->next) +- if (compareScopedNames(mtt->mt->type.u.td->fqname, (yyvsp[(3) - (4)].memArg).u.td->fqname ) == 0 && sameTemplateSignature(&mtt->mt->type.u.td->types, &(yyvsp[(3) - (4)].memArg).u.td->types, TRUE)) ++ if (compareScopedNames(mtt->mt->type.u.td->fqname, (yyvsp[-1].memArg).u.td->fqname ) == 0 && sameTemplateSignature(&mtt->mt->type.u.td->types, &(yyvsp[-1].memArg).u.td->types, TRUE)) + yyerror("%MappedType template for this type has already been defined"); + +- (yyvsp[(3) - (4)].memArg).nrderefs = 0; +- (yyvsp[(3) - (4)].memArg).argflags = 0; ++ (yyvsp[-1].memArg).nrderefs = 0; ++ (yyvsp[-1].memArg).argflags = 0; + + mtt = sipMalloc(sizeof (mappedTypeTmplDef)); + +- mtt->sig = (yyvsp[(1) - (4)].signature); +- mtt->mt = allocMappedType(currentSpec, &(yyvsp[(3) - (4)].memArg)); +- mappedTypeAnnos(mtt->mt, &(yyvsp[(4) - (4)].optflags)); ++ mtt->sig = (yyvsp[-3].signature); ++ mtt->mt = allocMappedType(currentSpec, &(yyvsp[-1].memArg)); ++ mappedTypeAnnos(mtt->mt, &(yyvsp[0].optflags)); + mtt->next = currentSpec->mappedtypetemplates; + + currentSpec->mappedtypetemplates = mtt; +@@ -3741,11 +3380,12 @@ yyreduce: + mtt->mt->iff = iff; + } + } ++#line 3384 "../parser.c" + break; + +- case 108: +-#line 1233 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 108: /* mtdefinition: '{' mtbody '}' ';' */ ++#line 1234 "parser.y" ++ { + if (notSkipping()) + { + if (currentMappedType->convfromcode == NULL) +@@ -3757,83 +3397,90 @@ yyreduce: + currentMappedType = NULL; + } + } ++#line 3401 "../parser.c" + break; + +- case 113: +-#line 1253 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 113: /* mtline: typehdrcode */ ++#line 1254 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tMappedType->iff->hdrcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(¤tMappedType->iff->hdrcode, (yyvsp[0].codeb)); + } ++#line 3410 "../parser.c" + break; + +- case 114: +-#line 1257 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 114: /* mtline: typecode */ ++#line 1258 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tMappedType->typecode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(¤tMappedType->typecode, (yyvsp[0].codeb)); + } ++#line 3419 "../parser.c" + break; + +- case 115: +-#line 1261 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 115: /* mtline: TK_FROMTYPE codeblock */ ++#line 1262 "parser.y" ++ { + if (notSkipping()) + { + if (currentMappedType->convfromcode != NULL) + yyerror("%MappedType has more than one %ConvertFromTypeCode directive"); + +- appendCodeBlock(¤tMappedType->convfromcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tMappedType->convfromcode, (yyvsp[0].codeb)); + } + } ++#line 3433 "../parser.c" + break; + +- case 116: +-#line 1270 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 116: /* mtline: TK_TOTYPE codeblock */ ++#line 1271 "parser.y" ++ { + if (notSkipping()) + { + if (currentMappedType->convtocode != NULL) + yyerror("%MappedType has more than one %ConvertToTypeCode directive"); + +- appendCodeBlock(¤tMappedType->convtocode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tMappedType->convtocode, (yyvsp[0].codeb)); + } + } ++#line 3447 "../parser.c" + break; + +- case 117: +-#line 1279 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 117: /* mtline: instancecode */ ++#line 1280 "parser.y" ++ { + if (notSkipping()) + { + if (currentMappedType->instancecode != NULL) + yyerror("%MappedType has more than one %InstanceCode directive"); + +- appendCodeBlock(¤tMappedType->instancecode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(¤tMappedType->instancecode, (yyvsp[0].codeb)); + } + } ++#line 3461 "../parser.c" + break; + +- case 120: +-#line 1292 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 120: /* mtfunction: TK_STATIC cpptype TK_NAME_VALUE '(' arglist ')' optconst optexceptions optflags optsig ';' optdocstring premethodcode methodcode */ ++#line 1293 "parser.y" ++ { + if (notSkipping()) + { +- applyTypeFlags(currentModule, &(yyvsp[(2) - (14)].memArg), &(yyvsp[(9) - (14)].optflags)); ++ applyTypeFlags(currentModule, &(yyvsp[-12].memArg), &(yyvsp[-5].optflags)); + +- (yyvsp[(5) - (14)].signature).result = (yyvsp[(2) - (14)].memArg); ++ (yyvsp[-9].signature).result = (yyvsp[-12].memArg); + + newFunction(currentSpec, currentModule, NULL, NULL, +- currentMappedType, 0, TRUE, FALSE, FALSE, FALSE, (yyvsp[(3) - (14)].text), +- &(yyvsp[(5) - (14)].signature), (yyvsp[(7) - (14)].number), FALSE, &(yyvsp[(9) - (14)].optflags), (yyvsp[(14) - (14)].codeb), NULL, NULL, (yyvsp[(8) - (14)].throwlist), (yyvsp[(10) - (14)].optsignature), (yyvsp[(12) - (14)].docstr), +- FALSE, (yyvsp[(13) - (14)].codeb)); ++ currentMappedType, 0, TRUE, FALSE, FALSE, FALSE, (yyvsp[-11].text), ++ &(yyvsp[-9].signature), (yyvsp[-7].number), FALSE, &(yyvsp[-5].optflags), (yyvsp[0].codeb), NULL, NULL, (yyvsp[-6].throwlist), (yyvsp[-4].optsignature), (yyvsp[-2].docstr), ++ FALSE, (yyvsp[-1].codeb)); + } + } ++#line 3479 "../parser.c" + break; + +- case 121: +-#line 1307 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 121: /* $@4: %empty */ ++#line 1308 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("namespace definition not allowed in a C module"); + +@@ -3848,18 +3495,19 @@ yyreduce: + scope = NULL; + + ns = newClass(currentSpec, namespace_iface, NULL, +- text2scopedName(scope, (yyvsp[(2) - (2)].text)), NULL, NULL, NULL, NULL); ++ text2scopedName(scope, (yyvsp[0].text)), NULL, NULL, NULL, NULL); + + pushScope(ns); + + sectionFlags = 0; + } + } ++#line 3506 "../parser.c" + break; + +- case 122: +-#line 1328 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 122: /* namespace: TK_NAMESPACE TK_NAME_VALUE $@4 optnsbody ';' */ ++#line 1329 "parser.y" ++ { + if (notSkipping()) + { + if (inMainModule()) +@@ -3873,11 +3521,12 @@ yyreduce: + popScope(); + } + } ++#line 3525 "../parser.c" + break; + +- case 127: +-#line 1352 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 127: /* $@5: %empty */ ++#line 1353 "parser.y" ++ { + if (notSkipping()) + { + qualDef *qd; +@@ -3887,11 +3536,12 @@ yyreduce: + yyerror("%Platforms has already been defined for this module"); + } + } ++#line 3540 "../parser.c" + break; + +- case 128: +-#line 1362 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 128: /* platforms: TK_PLATFORMS $@5 '{' platformlist '}' */ ++#line 1363 "parser.y" ++ { + if (notSkipping()) + { + qualDef *qd; +@@ -3908,71 +3558,79 @@ yyreduce: + yyerror("No more than one of these %Platforms must be specified with the -t flag"); + } + } ++#line 3562 "../parser.c" + break; + +- case 131: +-#line 1385 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- newQualifier(currentModule, -1, -1, notSkipping(), (yyvsp[(1) - (1)].text), ++ case 131: /* platform: TK_NAME_VALUE */ ++#line 1386 "parser.y" ++ { ++ newQualifier(currentModule, -1, -1, notSkipping(), (yyvsp[0].text), + platform_qualifier); + } ++#line 3571 "../parser.c" + break; + +- case 132: +-#line 1391 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- newQualifier(currentModule, -1, -1, notSkipping(), (yyvsp[(2) - (2)].feature).name, ++ case 132: /* feature: TK_FEATURE feature_args */ ++#line 1392 "parser.y" ++ { ++ newQualifier(currentModule, -1, -1, notSkipping(), (yyvsp[0].feature).name, + feature_qualifier); + } ++#line 3580 "../parser.c" + break; + +- case 133: +-#line 1397 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 133: /* feature_args: TK_NAME_VALUE */ ++#line 1398 "parser.y" ++ { + resetLexerState(); + +- (yyval.feature).name = (yyvsp[(1) - (1)].text); ++ (yyval.feature).name = (yyvsp[0].text); + } ++#line 3590 "../parser.c" + break; + +- case 134: +-#line 1402 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.feature) = (yyvsp[(2) - (3)].feature); ++ case 134: /* feature_args: '(' feature_arg_list ')' */ ++#line 1403 "parser.y" ++ { ++ (yyval.feature) = (yyvsp[-1].feature); + } ++#line 3598 "../parser.c" + break; + +- case 136: +-#line 1408 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.feature) = (yyvsp[(1) - (3)].feature); ++ case 136: /* feature_arg_list: feature_arg_list ',' feature_arg */ ++#line 1409 "parser.y" ++ { ++ (yyval.feature) = (yyvsp[-2].feature); + +- switch ((yyvsp[(3) - (3)].feature).token) ++ switch ((yyvsp[0].feature).token) + { +- case TK_NAME: (yyval.feature).name = (yyvsp[(3) - (3)].feature).name; break; ++ case TK_NAME: (yyval.feature).name = (yyvsp[0].feature).name; break; + } + } ++#line 3611 "../parser.c" + break; + +- case 137: +-#line 1418 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 137: /* feature_arg: TK_NAME '=' name_or_string */ ++#line 1419 "parser.y" ++ { + (yyval.feature).token = TK_NAME; + +- (yyval.feature).name = (yyvsp[(3) - (3)].text); ++ (yyval.feature).name = (yyvsp[0].text); + } ++#line 3621 "../parser.c" + break; + +- case 138: +-#line 1425 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 138: /* $@6: %empty */ ++#line 1426 "parser.y" ++ { + currentTimelineOrder = 0; + } ++#line 3629 "../parser.c" + break; + +- case 139: +-#line 1428 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 139: /* timeline: TK_TIMELINE $@6 '{' qualifierlist '}' */ ++#line 1429 "parser.y" ++ { + if (notSkipping()) + { + qualDef *qd; +@@ -3993,129 +3651,140 @@ yyreduce: + currentModule->nrtimelines++; + } + } ++#line 3655 "../parser.c" + break; + +- case 142: +-#line 1455 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 142: /* qualifiername: TK_NAME_VALUE */ ++#line 1456 "parser.y" ++ { + newQualifier(currentModule, currentModule->nrtimelines, +- currentTimelineOrder++, TRUE, (yyvsp[(1) - (1)].text), time_qualifier); ++ currentTimelineOrder++, TRUE, (yyvsp[0].text), time_qualifier); + } ++#line 3664 "../parser.c" + break; + +- case 143: +-#line 1461 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 143: /* $@7: %empty */ ++#line 1462 "parser.y" ++ { + currentPlatforms = NULL; + } ++#line 3672 "../parser.c" + break; + +- case 144: +-#line 1463 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 144: /* ifstart: TK_IF '(' $@7 qualifiers ')' */ ++#line 1464 "parser.y" ++ { + if (stackPtr >= MAX_NESTED_IF) + yyerror("Internal error: increase the value of MAX_NESTED_IF"); + + /* Nested %Ifs are implicit logical ands. */ + + if (stackPtr > 0) +- (yyvsp[(4) - (5)].boolean) = ((yyvsp[(4) - (5)].boolean) && skipStack[stackPtr - 1]); ++ (yyvsp[-1].boolean) = ((yyvsp[-1].boolean) && skipStack[stackPtr - 1]); + +- skipStack[stackPtr] = (yyvsp[(4) - (5)].boolean); ++ skipStack[stackPtr] = (yyvsp[-1].boolean); + + platformStack[stackPtr] = currentPlatforms; + + ++stackPtr; + } ++#line 3692 "../parser.c" + break; + +- case 145: +-#line 1480 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.boolean) = platOrFeature((yyvsp[(1) - (1)].text), FALSE); ++ case 145: /* oredqualifiers: TK_NAME_VALUE */ ++#line 1481 "parser.y" ++ { ++ (yyval.boolean) = platOrFeature((yyvsp[0].text), FALSE); + } ++#line 3700 "../parser.c" + break; + +- case 146: +-#line 1483 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.boolean) = platOrFeature((yyvsp[(2) - (2)].text), TRUE); ++ case 146: /* oredqualifiers: '!' TK_NAME_VALUE */ ++#line 1484 "parser.y" ++ { ++ (yyval.boolean) = platOrFeature((yyvsp[0].text), TRUE); + } ++#line 3708 "../parser.c" + break; + +- case 147: +-#line 1486 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.boolean) = (platOrFeature((yyvsp[(3) - (3)].text), FALSE) || (yyvsp[(1) - (3)].boolean)); ++ case 147: /* oredqualifiers: oredqualifiers TK_LOGICAL_OR TK_NAME_VALUE */ ++#line 1487 "parser.y" ++ { ++ (yyval.boolean) = (platOrFeature((yyvsp[0].text), FALSE) || (yyvsp[-2].boolean)); + } ++#line 3716 "../parser.c" + break; + +- case 148: +-#line 1489 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.boolean) = (platOrFeature((yyvsp[(4) - (4)].text), TRUE) || (yyvsp[(1) - (4)].boolean)); ++ case 148: /* oredqualifiers: oredqualifiers TK_LOGICAL_OR '!' TK_NAME_VALUE */ ++#line 1490 "parser.y" ++ { ++ (yyval.boolean) = (platOrFeature((yyvsp[0].text), TRUE) || (yyvsp[-3].boolean)); + } ++#line 3724 "../parser.c" + break; + +- case 150: +-#line 1495 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.boolean) = timePeriod((yyvsp[(1) - (3)].text), (yyvsp[(3) - (3)].text)); ++ case 150: /* qualifiers: optname '-' optname */ ++#line 1496 "parser.y" ++ { ++ (yyval.boolean) = timePeriod((yyvsp[-2].text), (yyvsp[0].text)); + } ++#line 3732 "../parser.c" + break; + +- case 151: +-#line 1500 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 151: /* ifend: TK_END */ ++#line 1501 "parser.y" ++ { + if (stackPtr-- <= 0) + yyerror("Too many %End directives"); + + currentPlatforms = (stackPtr == 0 ? NULL : platformStack[stackPtr - 1]); + } ++#line 3743 "../parser.c" + break; + +- case 152: +-#line 1508 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 152: /* license: TK_LICENSE license_args optflags */ ++#line 1509 "parser.y" ++ { + optFlag *of; + +- if ((yyvsp[(3) - (3)].optflags).nrFlags != 0) ++ if ((yyvsp[0].optflags).nrFlags != 0) + deprecated("%License annotations are deprecated, use arguments instead"); + +- if ((yyvsp[(2) - (3)].license).type == NULL) +- if ((of = getOptFlag(&(yyvsp[(3) - (3)].optflags), "Type", string_flag)) != NULL) +- (yyvsp[(2) - (3)].license).type = of->fvalue.sval; +- +- if ((yyvsp[(2) - (3)].license).licensee == NULL) +- if ((of = getOptFlag(&(yyvsp[(3) - (3)].optflags), "Licensee", string_flag)) != NULL) +- (yyvsp[(2) - (3)].license).licensee = of->fvalue.sval; +- +- if ((yyvsp[(2) - (3)].license).signature == NULL) +- if ((of = getOptFlag(&(yyvsp[(3) - (3)].optflags), "Signature", string_flag)) != NULL) +- (yyvsp[(2) - (3)].license).signature = of->fvalue.sval; +- +- if ((yyvsp[(2) - (3)].license).timestamp == NULL) +- if ((of = getOptFlag(&(yyvsp[(3) - (3)].optflags), "Timestamp", string_flag)) != NULL) +- (yyvsp[(2) - (3)].license).timestamp = of->fvalue.sval; ++ if ((yyvsp[-1].license).type == NULL) ++ if ((of = getOptFlag(&(yyvsp[0].optflags), "Type", string_flag)) != NULL) ++ (yyvsp[-1].license).type = of->fvalue.sval; ++ ++ if ((yyvsp[-1].license).licensee == NULL) ++ if ((of = getOptFlag(&(yyvsp[0].optflags), "Licensee", string_flag)) != NULL) ++ (yyvsp[-1].license).licensee = of->fvalue.sval; ++ ++ if ((yyvsp[-1].license).signature == NULL) ++ if ((of = getOptFlag(&(yyvsp[0].optflags), "Signature", string_flag)) != NULL) ++ (yyvsp[-1].license).signature = of->fvalue.sval; ++ ++ if ((yyvsp[-1].license).timestamp == NULL) ++ if ((of = getOptFlag(&(yyvsp[0].optflags), "Timestamp", string_flag)) != NULL) ++ (yyvsp[-1].license).timestamp = of->fvalue.sval; + +- if ((yyvsp[(2) - (3)].license).type == NULL) ++ if ((yyvsp[-1].license).type == NULL) + yyerror("%License must have a 'type' argument"); + + if (notSkipping()) + { + currentModule->license = sipMalloc(sizeof (licenseDef)); + +- currentModule->license->type = (yyvsp[(2) - (3)].license).type; +- currentModule->license->licensee = (yyvsp[(2) - (3)].license).licensee; +- currentModule->license->sig = (yyvsp[(2) - (3)].license).signature; +- currentModule->license->timestamp = (yyvsp[(2) - (3)].license).timestamp; ++ currentModule->license->type = (yyvsp[-1].license).type; ++ currentModule->license->licensee = (yyvsp[-1].license).licensee; ++ currentModule->license->sig = (yyvsp[-1].license).signature; ++ currentModule->license->timestamp = (yyvsp[-1].license).timestamp; + } + } ++#line 3783 "../parser.c" + break; + +- case 153: +-#line 1545 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 153: /* license_args: %empty */ ++#line 1546 "parser.y" ++ { + resetLexerState(); + + (yyval.license).type = NULL; +@@ -4123,242 +3792,265 @@ yyreduce: + (yyval.license).signature = NULL; + (yyval.license).timestamp = NULL; + } ++#line 3796 "../parser.c" + break; + +- case 154: +-#line 1553 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.license).type = (yyvsp[(1) - (1)].text); ++ case 154: /* license_args: TK_STRING_VALUE */ ++#line 1554 "parser.y" ++ { ++ (yyval.license).type = (yyvsp[0].text); + (yyval.license).licensee = NULL; + (yyval.license).signature = NULL; + (yyval.license).timestamp = NULL; + } ++#line 3807 "../parser.c" + break; + +- case 155: +-#line 1559 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.license) = (yyvsp[(2) - (3)].license); ++ case 155: /* license_args: '(' license_arg_list ')' */ ++#line 1560 "parser.y" ++ { ++ (yyval.license) = (yyvsp[-1].license); + } ++#line 3815 "../parser.c" + break; + +- case 157: +-#line 1565 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.license) = (yyvsp[(1) - (3)].license); ++ case 157: /* license_arg_list: license_arg_list ',' license_arg */ ++#line 1566 "parser.y" ++ { ++ (yyval.license) = (yyvsp[-2].license); + +- switch ((yyvsp[(3) - (3)].license).token) ++ switch ((yyvsp[0].license).token) + { +- case TK_TYPE: (yyval.license).type = (yyvsp[(3) - (3)].license).type; break; +- case TK_LICENSEE: (yyval.license).licensee = (yyvsp[(3) - (3)].license).licensee; break; +- case TK_SIGNATURE: (yyval.license).signature = (yyvsp[(3) - (3)].license).signature; break; +- case TK_TIMESTAMP: (yyval.license).timestamp = (yyvsp[(3) - (3)].license).timestamp; break; ++ case TK_TYPE: (yyval.license).type = (yyvsp[0].license).type; break; ++ case TK_LICENSEE: (yyval.license).licensee = (yyvsp[0].license).licensee; break; ++ case TK_SIGNATURE: (yyval.license).signature = (yyvsp[0].license).signature; break; ++ case TK_TIMESTAMP: (yyval.license).timestamp = (yyvsp[0].license).timestamp; break; + } + } ++#line 3831 "../parser.c" + break; + +- case 158: +-#line 1578 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 158: /* license_arg: TK_TYPE '=' TK_STRING_VALUE */ ++#line 1579 "parser.y" ++ { + (yyval.license).token = TK_NAME; + +- (yyval.license).type = (yyvsp[(3) - (3)].text); ++ (yyval.license).type = (yyvsp[0].text); + (yyval.license).licensee = NULL; + (yyval.license).signature = NULL; + (yyval.license).timestamp = NULL; + } ++#line 3844 "../parser.c" + break; + +- case 159: +-#line 1586 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 159: /* license_arg: TK_LICENSEE '=' TK_STRING_VALUE */ ++#line 1587 "parser.y" ++ { + (yyval.license).token = TK_LICENSEE; + + (yyval.license).type = NULL; +- (yyval.license).licensee = (yyvsp[(3) - (3)].text); ++ (yyval.license).licensee = (yyvsp[0].text); + (yyval.license).signature = NULL; + (yyval.license).timestamp = NULL; + } ++#line 3857 "../parser.c" + break; + +- case 160: +-#line 1594 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 160: /* license_arg: TK_SIGNATURE '=' TK_STRING_VALUE */ ++#line 1595 "parser.y" ++ { + (yyval.license).token = TK_SIGNATURE; + + (yyval.license).type = NULL; + (yyval.license).licensee = NULL; +- (yyval.license).signature = (yyvsp[(3) - (3)].text); ++ (yyval.license).signature = (yyvsp[0].text); + (yyval.license).timestamp = NULL; + } ++#line 3870 "../parser.c" + break; + +- case 161: +-#line 1602 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 161: /* license_arg: TK_TIMESTAMP '=' TK_STRING_VALUE */ ++#line 1603 "parser.y" ++ { + (yyval.license).token = TK_TIMESTAMP; + + (yyval.license).type = NULL; + (yyval.license).licensee = NULL; + (yyval.license).signature = NULL; +- (yyval.license).timestamp = (yyvsp[(3) - (3)].text); ++ (yyval.license).timestamp = (yyvsp[0].text); + } ++#line 3883 "../parser.c" + break; + +- case 162: +-#line 1612 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 162: /* defmetatype: TK_DEFMETATYPE defmetatype_args */ ++#line 1613 "parser.y" ++ { + if (notSkipping()) + { + if (currentModule->defmetatype != NULL) + yyerror("%DefaultMetatype has already been defined for this module"); + +- currentModule->defmetatype = cacheName(currentSpec, (yyvsp[(2) - (2)].defmetatype).name); ++ currentModule->defmetatype = cacheName(currentSpec, (yyvsp[0].defmetatype).name); + } + } ++#line 3897 "../parser.c" + break; + +- case 163: +-#line 1623 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 163: /* defmetatype_args: dottedname */ ++#line 1624 "parser.y" ++ { + resetLexerState(); + +- (yyval.defmetatype).name = (yyvsp[(1) - (1)].text); ++ (yyval.defmetatype).name = (yyvsp[0].text); + } ++#line 3907 "../parser.c" + break; + +- case 164: +-#line 1628 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defmetatype) = (yyvsp[(2) - (3)].defmetatype); ++ case 164: /* defmetatype_args: '(' defmetatype_arg_list ')' */ ++#line 1629 "parser.y" ++ { ++ (yyval.defmetatype) = (yyvsp[-1].defmetatype); + } ++#line 3915 "../parser.c" + break; + +- case 166: +-#line 1634 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defmetatype) = (yyvsp[(1) - (3)].defmetatype); ++ case 166: /* defmetatype_arg_list: defmetatype_arg_list ',' defmetatype_arg */ ++#line 1635 "parser.y" ++ { ++ (yyval.defmetatype) = (yyvsp[-2].defmetatype); + +- switch ((yyvsp[(3) - (3)].defmetatype).token) ++ switch ((yyvsp[0].defmetatype).token) + { +- case TK_NAME: (yyval.defmetatype).name = (yyvsp[(3) - (3)].defmetatype).name; break; ++ case TK_NAME: (yyval.defmetatype).name = (yyvsp[0].defmetatype).name; break; + } + } ++#line 3928 "../parser.c" + break; + +- case 167: +-#line 1644 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 167: /* defmetatype_arg: TK_NAME '=' dottedname */ ++#line 1645 "parser.y" ++ { + (yyval.defmetatype).token = TK_NAME; + +- (yyval.defmetatype).name = (yyvsp[(3) - (3)].text); ++ (yyval.defmetatype).name = (yyvsp[0].text); + } ++#line 3938 "../parser.c" + break; + +- case 168: +-#line 1651 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 168: /* defsupertype: TK_DEFSUPERTYPE defsupertype_args */ ++#line 1652 "parser.y" ++ { + if (notSkipping()) + { + if (currentModule->defsupertype != NULL) + yyerror("%DefaultSupertype has already been defined for this module"); + +- currentModule->defsupertype = cacheName(currentSpec, (yyvsp[(2) - (2)].defsupertype).name); ++ currentModule->defsupertype = cacheName(currentSpec, (yyvsp[0].defsupertype).name); + } + } ++#line 3952 "../parser.c" + break; + +- case 169: +-#line 1662 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 169: /* defsupertype_args: dottedname */ ++#line 1663 "parser.y" ++ { + resetLexerState(); + +- (yyval.defsupertype).name = (yyvsp[(1) - (1)].text); ++ (yyval.defsupertype).name = (yyvsp[0].text); + } ++#line 3962 "../parser.c" + break; + +- case 170: +-#line 1667 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defsupertype) = (yyvsp[(2) - (3)].defsupertype); ++ case 170: /* defsupertype_args: '(' defsupertype_arg_list ')' */ ++#line 1668 "parser.y" ++ { ++ (yyval.defsupertype) = (yyvsp[-1].defsupertype); + } ++#line 3970 "../parser.c" + break; + +- case 172: +-#line 1673 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.defsupertype) = (yyvsp[(1) - (3)].defsupertype); ++ case 172: /* defsupertype_arg_list: defsupertype_arg_list ',' defsupertype_arg */ ++#line 1674 "parser.y" ++ { ++ (yyval.defsupertype) = (yyvsp[-2].defsupertype); + +- switch ((yyvsp[(3) - (3)].defsupertype).token) ++ switch ((yyvsp[0].defsupertype).token) + { +- case TK_NAME: (yyval.defsupertype).name = (yyvsp[(3) - (3)].defsupertype).name; break; ++ case TK_NAME: (yyval.defsupertype).name = (yyvsp[0].defsupertype).name; break; + } + } ++#line 3983 "../parser.c" + break; + +- case 173: +-#line 1683 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 173: /* defsupertype_arg: TK_NAME '=' dottedname */ ++#line 1684 "parser.y" ++ { + (yyval.defsupertype).token = TK_NAME; + +- (yyval.defsupertype).name = (yyvsp[(3) - (3)].text); ++ (yyval.defsupertype).name = (yyvsp[0].text); + } ++#line 3993 "../parser.c" + break; + +- case 174: +-#line 1690 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 174: /* hiddenns: TK_HIDE_NS hiddenns_args */ ++#line 1691 "parser.y" ++ { + if (notSkipping()) + { + classDef *ns; + + ns = newClass(currentSpec, namespace_iface, NULL, +- fullyQualifiedName((yyvsp[(2) - (2)].hiddenns).name), NULL, NULL, NULL, NULL); ++ fullyQualifiedName((yyvsp[0].hiddenns).name), NULL, NULL, NULL, NULL); + setHiddenNamespace(ns); + } + } ++#line 4008 "../parser.c" + break; + +- case 175: +-#line 1702 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 175: /* hiddenns_args: scopedname */ ++#line 1703 "parser.y" ++ { + resetLexerState(); + +- (yyval.hiddenns).name = (yyvsp[(1) - (1)].scpvalp); ++ (yyval.hiddenns).name = (yyvsp[0].scpvalp); + } ++#line 4018 "../parser.c" + break; + +- case 176: +-#line 1707 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.hiddenns) = (yyvsp[(2) - (3)].hiddenns); ++ case 176: /* hiddenns_args: '(' hiddenns_arg_list ')' */ ++#line 1708 "parser.y" ++ { ++ (yyval.hiddenns) = (yyvsp[-1].hiddenns); + } ++#line 4026 "../parser.c" + break; + +- case 178: +-#line 1713 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.hiddenns) = (yyvsp[(1) - (3)].hiddenns); ++ case 178: /* hiddenns_arg_list: hiddenns_arg_list ',' hiddenns_arg */ ++#line 1714 "parser.y" ++ { ++ (yyval.hiddenns) = (yyvsp[-2].hiddenns); + +- switch ((yyvsp[(3) - (3)].hiddenns).token) ++ switch ((yyvsp[0].hiddenns).token) + { +- case TK_NAME: (yyval.hiddenns).name = (yyvsp[(3) - (3)].hiddenns).name; break; ++ case TK_NAME: (yyval.hiddenns).name = (yyvsp[0].hiddenns).name; break; + } + } ++#line 4039 "../parser.c" + break; + +- case 179: +-#line 1723 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 179: /* hiddenns_arg: TK_NAME '=' scopedname */ ++#line 1724 "parser.y" ++ { + (yyval.hiddenns).token = TK_NAME; + +- (yyval.hiddenns).name = (yyvsp[(3) - (3)].scpvalp); ++ (yyval.hiddenns).name = (yyvsp[0].scpvalp); + } ++#line 4049 "../parser.c" + break; + +- case 180: +-#line 1730 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 180: /* consmodule: TK_CONSMODULE consmodule_args consmodule_body */ ++#line 1731 "parser.y" ++ { + deprecated("%ConsolidatedModule is deprecated and will not be supported by SIP v5"); + + if (notSkipping()) +@@ -4370,99 +4062,109 @@ yyreduce: + if (currentModule->fullname != NULL) + yyerror("%ConsolidatedModule must appear before any %Module or %CModule directive"); + +- setModuleName(currentSpec, currentModule, (yyvsp[(2) - (3)].consmodule).name); +- currentModule->docstring = (yyvsp[(3) - (3)].consmodule).docstring; ++ setModuleName(currentSpec, currentModule, (yyvsp[-1].consmodule).name); ++ currentModule->docstring = (yyvsp[0].consmodule).docstring; + + setIsConsolidated(currentModule); + } + } ++#line 4072 "../parser.c" + break; + +- case 181: +-#line 1750 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 181: /* consmodule_args: dottedname */ ++#line 1751 "parser.y" ++ { + resetLexerState(); + +- (yyval.consmodule).name = (yyvsp[(1) - (1)].text); ++ (yyval.consmodule).name = (yyvsp[0].text); + } ++#line 4082 "../parser.c" + break; + +- case 182: +-#line 1755 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.consmodule) = (yyvsp[(2) - (3)].consmodule); ++ case 182: /* consmodule_args: '(' consmodule_arg_list ')' */ ++#line 1756 "parser.y" ++ { ++ (yyval.consmodule) = (yyvsp[-1].consmodule); + } ++#line 4090 "../parser.c" + break; + +- case 184: +-#line 1761 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.consmodule) = (yyvsp[(1) - (3)].consmodule); ++ case 184: /* consmodule_arg_list: consmodule_arg_list ',' consmodule_arg */ ++#line 1762 "parser.y" ++ { ++ (yyval.consmodule) = (yyvsp[-2].consmodule); + +- switch ((yyvsp[(3) - (3)].consmodule).token) ++ switch ((yyvsp[0].consmodule).token) + { +- case TK_NAME: (yyval.consmodule).name = (yyvsp[(3) - (3)].consmodule).name; break; ++ case TK_NAME: (yyval.consmodule).name = (yyvsp[0].consmodule).name; break; + } + } ++#line 4103 "../parser.c" + break; + +- case 185: +-#line 1771 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 185: /* consmodule_arg: TK_NAME '=' dottedname */ ++#line 1772 "parser.y" ++ { + (yyval.consmodule).token = TK_NAME; + +- (yyval.consmodule).name = (yyvsp[(3) - (3)].text); ++ (yyval.consmodule).name = (yyvsp[0].text); + } ++#line 4113 "../parser.c" + break; + +- case 186: +-#line 1778 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 186: /* consmodule_body: %empty */ ++#line 1779 "parser.y" ++ { + (yyval.consmodule).token = 0; + (yyval.consmodule).docstring = NULL; + } ++#line 4122 "../parser.c" + break; + +- case 187: +-#line 1782 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.consmodule) = (yyvsp[(2) - (4)].consmodule); ++ case 187: /* consmodule_body: '{' consmodule_body_directives '}' ';' */ ++#line 1783 "parser.y" ++ { ++ (yyval.consmodule) = (yyvsp[-2].consmodule); + } ++#line 4130 "../parser.c" + break; + +- case 189: +-#line 1788 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.consmodule) = (yyvsp[(1) - (2)].consmodule); ++ case 189: /* consmodule_body_directives: consmodule_body_directives consmodule_body_directive */ ++#line 1789 "parser.y" ++ { ++ (yyval.consmodule) = (yyvsp[-1].consmodule); + +- switch ((yyvsp[(2) - (2)].consmodule).token) ++ switch ((yyvsp[0].consmodule).token) + { +- case TK_DOCSTRING: (yyval.consmodule).docstring = (yyvsp[(2) - (2)].consmodule).docstring; break; ++ case TK_DOCSTRING: (yyval.consmodule).docstring = (yyvsp[0].consmodule).docstring; break; + } + } ++#line 4143 "../parser.c" + break; + +- case 190: +-#line 1798 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 190: /* consmodule_body_directive: ifstart */ ++#line 1799 "parser.y" ++ { + (yyval.consmodule).token = TK_IF; + } ++#line 4151 "../parser.c" + break; + +- case 191: +-#line 1801 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 191: /* consmodule_body_directive: ifend */ ++#line 1802 "parser.y" ++ { + (yyval.consmodule).token = TK_END; + } ++#line 4159 "../parser.c" + break; + +- case 192: +-#line 1804 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 192: /* consmodule_body_directive: docstring */ ++#line 1805 "parser.y" ++ { + if (notSkipping()) + { + (yyval.consmodule).token = TK_DOCSTRING; +- (yyval.consmodule).docstring = (yyvsp[(1) - (1)].docstr); ++ (yyval.consmodule).docstring = (yyvsp[0].docstr); + } + else + { +@@ -4470,11 +4172,12 @@ yyreduce: + (yyval.consmodule).docstring = NULL; + } + } ++#line 4176 "../parser.c" + break; + +- case 193: +-#line 1818 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 193: /* compmodule: TK_COMPOMODULE compmodule_args compmodule_body */ ++#line 1819 "parser.y" ++ { + if (notSkipping()) + { + /* Make sure this is the first mention of a module. */ +@@ -4484,99 +4187,109 @@ yyreduce: + if (currentModule->fullname != NULL) + yyerror("%CompositeModule must appear before any %Module directive"); + +- setModuleName(currentSpec, currentModule, (yyvsp[(2) - (3)].compmodule).name); +- currentModule->docstring = (yyvsp[(3) - (3)].compmodule).docstring; ++ setModuleName(currentSpec, currentModule, (yyvsp[-1].compmodule).name); ++ currentModule->docstring = (yyvsp[0].compmodule).docstring; + + setIsComposite(currentModule); + } + } ++#line 4197 "../parser.c" + break; + +- case 194: +-#line 1836 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 194: /* compmodule_args: dottedname */ ++#line 1837 "parser.y" ++ { + resetLexerState(); + +- (yyval.compmodule).name = (yyvsp[(1) - (1)].text); ++ (yyval.compmodule).name = (yyvsp[0].text); + } ++#line 4207 "../parser.c" + break; + +- case 195: +-#line 1841 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.compmodule) = (yyvsp[(2) - (3)].compmodule); ++ case 195: /* compmodule_args: '(' compmodule_arg_list ')' */ ++#line 1842 "parser.y" ++ { ++ (yyval.compmodule) = (yyvsp[-1].compmodule); + } ++#line 4215 "../parser.c" + break; + +- case 197: +-#line 1847 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.compmodule) = (yyvsp[(1) - (3)].compmodule); ++ case 197: /* compmodule_arg_list: compmodule_arg_list ',' compmodule_arg */ ++#line 1848 "parser.y" ++ { ++ (yyval.compmodule) = (yyvsp[-2].compmodule); + +- switch ((yyvsp[(3) - (3)].compmodule).token) ++ switch ((yyvsp[0].compmodule).token) + { +- case TK_NAME: (yyval.compmodule).name = (yyvsp[(3) - (3)].compmodule).name; break; ++ case TK_NAME: (yyval.compmodule).name = (yyvsp[0].compmodule).name; break; + } + } ++#line 4228 "../parser.c" + break; + +- case 198: +-#line 1857 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 198: /* compmodule_arg: TK_NAME '=' dottedname */ ++#line 1858 "parser.y" ++ { + (yyval.compmodule).token = TK_NAME; + +- (yyval.compmodule).name = (yyvsp[(3) - (3)].text); ++ (yyval.compmodule).name = (yyvsp[0].text); + } ++#line 4238 "../parser.c" + break; + +- case 199: +-#line 1864 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 199: /* compmodule_body: %empty */ ++#line 1865 "parser.y" ++ { + (yyval.compmodule).token = 0; + (yyval.compmodule).docstring = NULL; + } ++#line 4247 "../parser.c" + break; + +- case 200: +-#line 1868 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.compmodule) = (yyvsp[(2) - (4)].compmodule); ++ case 200: /* compmodule_body: '{' compmodule_body_directives '}' ';' */ ++#line 1869 "parser.y" ++ { ++ (yyval.compmodule) = (yyvsp[-2].compmodule); + } ++#line 4255 "../parser.c" + break; + +- case 202: +-#line 1874 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.compmodule) = (yyvsp[(1) - (2)].compmodule); ++ case 202: /* compmodule_body_directives: compmodule_body_directives compmodule_body_directive */ ++#line 1875 "parser.y" ++ { ++ (yyval.compmodule) = (yyvsp[-1].compmodule); + +- switch ((yyvsp[(2) - (2)].compmodule).token) ++ switch ((yyvsp[0].compmodule).token) + { +- case TK_DOCSTRING: (yyval.compmodule).docstring = (yyvsp[(2) - (2)].compmodule).docstring; break; ++ case TK_DOCSTRING: (yyval.compmodule).docstring = (yyvsp[0].compmodule).docstring; break; + } + } ++#line 4268 "../parser.c" + break; + +- case 203: +-#line 1884 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 203: /* compmodule_body_directive: ifstart */ ++#line 1885 "parser.y" ++ { + (yyval.compmodule).token = TK_IF; + } ++#line 4276 "../parser.c" + break; + +- case 204: +-#line 1887 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 204: /* compmodule_body_directive: ifend */ ++#line 1888 "parser.y" ++ { + (yyval.compmodule).token = TK_END; + } ++#line 4284 "../parser.c" + break; + +- case 205: +-#line 1890 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 205: /* compmodule_body_directive: docstring */ ++#line 1891 "parser.y" ++ { + if (notSkipping()) + { + (yyval.compmodule).token = TK_DOCSTRING; +- (yyval.compmodule).docstring = (yyvsp[(1) - (1)].docstr); ++ (yyval.compmodule).docstring = (yyvsp[0].docstr); + } + else + { +@@ -4584,107 +4297,119 @@ yyreduce: + (yyval.compmodule).docstring = NULL; + } + } ++#line 4301 "../parser.c" + break; + +- case 206: +-#line 1904 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (3)].module).name == NULL) ++ case 206: /* module: TK_MODULE module_args module_body */ ++#line 1905 "parser.y" ++ { ++ if ((yyvsp[-1].module).name == NULL) + yyerror("%Module must have a 'name' argument"); + + if (notSkipping()) + currentModule = configureModule(currentSpec, currentModule, +- currentContext.filename, (yyvsp[(2) - (3)].module).name, (yyvsp[(2) - (3)].module).c_module, +- (yyvsp[(2) - (3)].module).kwargs, (yyvsp[(2) - (3)].module).use_arg_names, (yyvsp[(2) - (3)].module).use_limited_api, +- (yyvsp[(2) - (3)].module).call_super_init, (yyvsp[(2) - (3)].module).all_raise_py_exc, +- (yyvsp[(2) - (3)].module).def_error_handler, (yyvsp[(3) - (3)].module).docstring); +- } ++ currentContext.filename, (yyvsp[-1].module).name, (yyvsp[-1].module).c_module, ++ (yyvsp[-1].module).kwargs, (yyvsp[-1].module).use_arg_names, (yyvsp[-1].module).py_ssize_t_clean, ++ (yyvsp[-1].module).use_limited_api, (yyvsp[-1].module).call_super_init, ++ (yyvsp[-1].module).all_raise_py_exc, (yyvsp[-1].module).def_error_handler, ++ (yyvsp[0].module).docstring); ++ } ++#line 4318 "../parser.c" + break; + +- case 207: +-#line 1915 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 207: /* module: TK_CMODULE dottedname optnumber */ ++#line 1917 "parser.y" ++ { + deprecated("%CModule is deprecated, use %Module and the 'language' argument instead"); + + if (notSkipping()) + currentModule = configureModule(currentSpec, currentModule, +- currentContext.filename, (yyvsp[(2) - (3)].text), TRUE, defaultKwArgs, +- FALSE, FALSE, -1, FALSE, NULL, NULL); ++ currentContext.filename, (yyvsp[-1].text), TRUE, defaultKwArgs, ++ FALSE, FALSE, FALSE, -1, FALSE, NULL, NULL); + } ++#line 4331 "../parser.c" + break; + +- case 208: +-#line 1925 "sip-4.19.23/sipgen/metasrc/parser.y" +- {resetLexerState();} ++ case 208: /* $@8: %empty */ ++#line 1927 "parser.y" ++ {resetLexerState();} ++#line 4337 "../parser.c" + break; + +- case 209: +-#line 1925 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(3) - (3)].number) >= 0) ++ case 209: /* module_args: dottedname $@8 optnumber */ ++#line 1927 "parser.y" ++ { ++ if ((yyvsp[0].number) >= 0) + deprecated("%Module version number should be specified using the 'version' argument"); + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; +- (yyval.module).name = (yyvsp[(1) - (3)].text); ++ (yyval.module).name = (yyvsp[-2].text); + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4356 "../parser.c" + break; + +- case 210: +-#line 1938 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.module) = (yyvsp[(2) - (3)].module); ++ case 210: /* module_args: '(' module_arg_list ')' */ ++#line 1941 "parser.y" ++ { ++ (yyval.module) = (yyvsp[-1].module); + } ++#line 4364 "../parser.c" + break; + +- case 212: +-#line 1944 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.module) = (yyvsp[(1) - (3)].module); ++ case 212: /* module_arg_list: module_arg_list ',' module_arg */ ++#line 1947 "parser.y" ++ { ++ (yyval.module) = (yyvsp[-2].module); + +- switch ((yyvsp[(3) - (3)].module).token) ++ switch ((yyvsp[0].module).token) + { +- case TK_KWARGS: (yyval.module).kwargs = (yyvsp[(3) - (3)].module).kwargs; break; +- case TK_LANGUAGE: (yyval.module).c_module = (yyvsp[(3) - (3)].module).c_module; break; +- case TK_NAME: (yyval.module).name = (yyvsp[(3) - (3)].module).name; break; +- case TK_USEARGNAMES: (yyval.module).use_arg_names = (yyvsp[(3) - (3)].module).use_arg_names; break; +- case TK_USELIMITEDAPI: (yyval.module).use_limited_api = (yyvsp[(3) - (3)].module).use_limited_api; break; +- case TK_ALLRAISEPYEXC: (yyval.module).all_raise_py_exc = (yyvsp[(3) - (3)].module).all_raise_py_exc; break; +- case TK_CALLSUPERINIT: (yyval.module).call_super_init = (yyvsp[(3) - (3)].module).call_super_init; break; +- case TK_DEFERRORHANDLER: (yyval.module).def_error_handler = (yyvsp[(3) - (3)].module).def_error_handler; break; ++ case TK_KWARGS: (yyval.module).kwargs = (yyvsp[0].module).kwargs; break; ++ case TK_LANGUAGE: (yyval.module).c_module = (yyvsp[0].module).c_module; break; ++ case TK_NAME: (yyval.module).name = (yyvsp[0].module).name; break; ++ case TK_USEARGNAMES: (yyval.module).use_arg_names = (yyvsp[0].module).use_arg_names; break; ++ case TK_PYSSIZETCLEAN: (yyval.module).py_ssize_t_clean = (yyvsp[0].module).py_ssize_t_clean; break; ++ case TK_USELIMITEDAPI: (yyval.module).use_limited_api = (yyvsp[0].module).use_limited_api; break; ++ case TK_ALLRAISEPYEXC: (yyval.module).all_raise_py_exc = (yyvsp[0].module).all_raise_py_exc; break; ++ case TK_CALLSUPERINIT: (yyval.module).call_super_init = (yyvsp[0].module).call_super_init; break; ++ case TK_DEFERRORHANDLER: (yyval.module).def_error_handler = (yyvsp[0].module).def_error_handler; break; + } + } ++#line 4385 "../parser.c" + break; + +- case 213: +-#line 1961 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 213: /* module_arg: TK_KWARGS '=' TK_STRING_VALUE */ ++#line 1965 "parser.y" ++ { + (yyval.module).token = TK_KWARGS; + + (yyval.module).c_module = FALSE; +- (yyval.module).kwargs = convertKwArgs((yyvsp[(3) - (3)].text)); ++ (yyval.module).kwargs = convertKwArgs((yyvsp[0].text)); + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4403 "../parser.c" + break; + +- case 214: +-#line 1973 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 214: /* module_arg: TK_LANGUAGE '=' TK_STRING_VALUE */ ++#line 1978 "parser.y" ++ { + (yyval.module).token = TK_LANGUAGE; + +- if (strcmp((yyvsp[(3) - (3)].text), "C++") == 0) ++ if (strcmp((yyvsp[0].text), "C++") == 0) + (yyval.module).c_module = FALSE; +- else if (strcmp((yyvsp[(3) - (3)].text), "C") == 0) ++ else if (strcmp((yyvsp[0].text), "C") == 0) + (yyval.module).c_module = TRUE; + else + yyerror("%Module 'language' argument must be either \"C++\" or \"C\""); +@@ -4692,115 +4417,147 @@ yyreduce: + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4427 "../parser.c" + break; + +- case 215: +-#line 1991 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 215: /* module_arg: TK_NAME '=' dottedname */ ++#line 1997 "parser.y" ++ { + (yyval.module).token = TK_NAME; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; +- (yyval.module).name = (yyvsp[(3) - (3)].text); ++ (yyval.module).name = (yyvsp[0].text); + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4445 "../parser.c" + break; + +- case 216: +-#line 2003 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 216: /* module_arg: TK_USEARGNAMES '=' bool_value */ ++#line 2010 "parser.y" ++ { + (yyval.module).token = TK_USEARGNAMES; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; +- (yyval.module).use_arg_names = (yyvsp[(3) - (3)].boolean); ++ (yyval.module).use_arg_names = (yyvsp[0].boolean); ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4463 "../parser.c" + break; + +- case 217: +-#line 2015 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 217: /* module_arg: TK_PYSSIZETCLEAN '=' bool_value */ ++#line 2023 "parser.y" ++ { ++ (yyval.module).token = TK_PYSSIZETCLEAN; ++ ++ (yyval.module).c_module = FALSE; ++ (yyval.module).kwargs = defaultKwArgs; ++ (yyval.module).name = NULL; ++ (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = (yyvsp[0].boolean); ++ (yyval.module).use_limited_api = FALSE; ++ (yyval.module).all_raise_py_exc = FALSE; ++ (yyval.module).call_super_init = -1; ++ (yyval.module).def_error_handler = NULL; ++ } ++#line 4481 "../parser.c" ++ break; ++ ++ case 218: /* module_arg: TK_USELIMITEDAPI '=' bool_value */ ++#line 2036 "parser.y" ++ { + (yyval.module).token = TK_USELIMITEDAPI; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; +- (yyval.module).use_limited_api = (yyvsp[(3) - (3)].boolean); ++ (yyval.module).py_ssize_t_clean = FALSE; ++ (yyval.module).use_limited_api = (yyvsp[0].boolean); + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4499 "../parser.c" + break; + +- case 218: +-#line 2027 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 219: /* module_arg: TK_ALLRAISEPYEXC '=' bool_value */ ++#line 2049 "parser.y" ++ { + (yyval.module).token = TK_ALLRAISEPYEXC; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; +- (yyval.module).all_raise_py_exc = (yyvsp[(3) - (3)].boolean); ++ (yyval.module).all_raise_py_exc = (yyvsp[0].boolean); + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4517 "../parser.c" + break; + +- case 219: +-#line 2039 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 220: /* module_arg: TK_CALLSUPERINIT '=' bool_value */ ++#line 2062 "parser.y" ++ { + (yyval.module).token = TK_CALLSUPERINIT; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; +- (yyval.module).call_super_init = (yyvsp[(3) - (3)].boolean); ++ (yyval.module).call_super_init = (yyvsp[0].boolean); + (yyval.module).def_error_handler = NULL; + } ++#line 4535 "../parser.c" + break; + +- case 220: +-#line 2051 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 221: /* module_arg: TK_DEFERRORHANDLER '=' TK_NAME_VALUE */ ++#line 2075 "parser.y" ++ { + (yyval.module).token = TK_DEFERRORHANDLER; + + (yyval.module).c_module = FALSE; + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; +- (yyval.module).def_error_handler = (yyvsp[(3) - (3)].text); ++ (yyval.module).def_error_handler = (yyvsp[0].text); + } ++#line 4553 "../parser.c" + break; + +- case 221: +-#line 2063 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 222: /* module_arg: TK_VERSION '=' TK_NUMBER_VALUE */ ++#line 2088 "parser.y" ++ { + deprecated("%Module version numbers are deprecated and ignored"); + +- if ((yyvsp[(3) - (3)].number) < 0) ++ if ((yyvsp[0].number) < 0) + yyerror("%Module 'version' argument cannot be negative"); + + (yyval.module).token = TK_VERSION; +@@ -4809,68 +4566,76 @@ yyreduce: + (yyval.module).kwargs = defaultKwArgs; + (yyval.module).name = NULL; + (yyval.module).use_arg_names = FALSE; ++ (yyval.module).py_ssize_t_clean = FALSE; + (yyval.module).use_limited_api = FALSE; + (yyval.module).all_raise_py_exc = FALSE; + (yyval.module).call_super_init = -1; + (yyval.module).def_error_handler = NULL; + } ++#line 4576 "../parser.c" + break; + +- case 222: +-#line 2082 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 223: /* module_body: %empty */ ++#line 2108 "parser.y" ++ { + (yyval.module).token = 0; + (yyval.module).docstring = NULL; + } ++#line 4585 "../parser.c" + break; + +- case 223: +-#line 2086 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.module) = (yyvsp[(2) - (4)].module); ++ case 224: /* module_body: '{' module_body_directives '}' ';' */ ++#line 2112 "parser.y" ++ { ++ (yyval.module) = (yyvsp[-2].module); + } ++#line 4593 "../parser.c" + break; + +- case 225: +-#line 2092 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.module) = (yyvsp[(1) - (2)].module); ++ case 226: /* module_body_directives: module_body_directives module_body_directive */ ++#line 2118 "parser.y" ++ { ++ (yyval.module) = (yyvsp[-1].module); + +- switch ((yyvsp[(2) - (2)].module).token) ++ switch ((yyvsp[0].module).token) + { +- case TK_DOCSTRING: (yyval.module).docstring = (yyvsp[(2) - (2)].module).docstring; break; ++ case TK_DOCSTRING: (yyval.module).docstring = (yyvsp[0].module).docstring; break; + } + } ++#line 4606 "../parser.c" + break; + +- case 226: +-#line 2102 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 227: /* module_body_directive: ifstart */ ++#line 2128 "parser.y" ++ { + (yyval.module).token = TK_IF; + } ++#line 4614 "../parser.c" + break; + +- case 227: +-#line 2105 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 228: /* module_body_directive: ifend */ ++#line 2131 "parser.y" ++ { + (yyval.module).token = TK_END; + } ++#line 4622 "../parser.c" + break; + +- case 228: +-#line 2108 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 229: /* module_body_directive: autopyname */ ++#line 2134 "parser.y" ++ { + (yyval.module).token = TK_AUTOPYNAME; + } ++#line 4630 "../parser.c" + break; + +- case 229: +-#line 2111 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 230: /* module_body_directive: docstring */ ++#line 2137 "parser.y" ++ { + if (notSkipping()) + { + (yyval.module).token = TK_DOCSTRING; +- (yyval.module).docstring = (yyvsp[(1) - (1)].docstr); ++ (yyval.module).docstring = (yyvsp[0].docstr); + } + else + { +@@ -4878,11 +4643,12 @@ yyreduce: + (yyval.module).docstring = NULL; + } + } ++#line 4647 "../parser.c" + break; + +- case 231: +-#line 2126 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 232: /* dottedname: TK_PATH_VALUE */ ++#line 2152 "parser.y" ++ { + /* + * The grammar design is a bit broken and this is the easiest way + * to allow periods in names. +@@ -4890,435 +4656,487 @@ yyreduce: + + char *cp; + +- for (cp = (yyvsp[(1) - (1)].text); *cp != '\0'; ++cp) ++ for (cp = (yyvsp[0].text); *cp != '\0'; ++cp) + if (*cp != '.' && *cp != '_' && !isalnum(*cp)) + yyerror("Invalid character in name"); + +- (yyval.text) = (yyvsp[(1) - (1)].text); ++ (yyval.text) = (yyvsp[0].text); + } ++#line 4666 "../parser.c" + break; + +- case 232: +-#line 2142 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 233: /* optnumber: %empty */ ++#line 2168 "parser.y" ++ { + (yyval.number) = -1; + } ++#line 4674 "../parser.c" + break; + +- case 234: +-#line 2148 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (2)].include).name == NULL) ++ case 235: /* include: TK_INCLUDE include_args */ ++#line 2174 "parser.y" ++ { ++ if ((yyvsp[0].include).name == NULL) + yyerror("%Include must have a 'name' argument"); + + if (notSkipping()) +- parseFile(NULL, (yyvsp[(2) - (2)].include).name, NULL, (yyvsp[(2) - (2)].include).optional); ++ parseFile(NULL, (yyvsp[0].include).name, NULL, (yyvsp[0].include).optional); + } ++#line 4686 "../parser.c" + break; + +- case 235: +-#line 2157 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 236: /* include_args: TK_PATH_VALUE */ ++#line 2183 "parser.y" ++ { + resetLexerState(); + +- (yyval.include).name = (yyvsp[(1) - (1)].text); ++ (yyval.include).name = (yyvsp[0].text); + (yyval.include).optional = FALSE; + } ++#line 4697 "../parser.c" + break; + +- case 236: +-#line 2163 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.include) = (yyvsp[(2) - (3)].include); ++ case 237: /* include_args: '(' include_arg_list ')' */ ++#line 2189 "parser.y" ++ { ++ (yyval.include) = (yyvsp[-1].include); + } ++#line 4705 "../parser.c" + break; + +- case 238: +-#line 2169 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.include) = (yyvsp[(1) - (3)].include); ++ case 239: /* include_arg_list: include_arg_list ',' include_arg */ ++#line 2195 "parser.y" ++ { ++ (yyval.include) = (yyvsp[-2].include); + +- switch ((yyvsp[(3) - (3)].include).token) ++ switch ((yyvsp[0].include).token) + { +- case TK_NAME: (yyval.include).name = (yyvsp[(3) - (3)].include).name; break; +- case TK_OPTIONAL: (yyval.include).optional = (yyvsp[(3) - (3)].include).optional; break; ++ case TK_NAME: (yyval.include).name = (yyvsp[0].include).name; break; ++ case TK_OPTIONAL: (yyval.include).optional = (yyvsp[0].include).optional; break; + } + } ++#line 4719 "../parser.c" + break; + +- case 239: +-#line 2180 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 240: /* include_arg: TK_NAME '=' TK_PATH_VALUE */ ++#line 2206 "parser.y" ++ { + (yyval.include).token = TK_NAME; + +- (yyval.include).name = (yyvsp[(3) - (3)].text); ++ (yyval.include).name = (yyvsp[0].text); + (yyval.include).optional = FALSE; + } ++#line 4730 "../parser.c" + break; + +- case 240: +-#line 2186 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 241: /* include_arg: TK_OPTIONAL '=' bool_value */ ++#line 2212 "parser.y" ++ { + (yyval.include).token = TK_OPTIONAL; + + (yyval.include).name = NULL; +- (yyval.include).optional = (yyvsp[(3) - (3)].boolean); ++ (yyval.include).optional = (yyvsp[0].boolean); + } ++#line 4741 "../parser.c" + break; + +- case 241: +-#line 2194 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 242: /* optinclude: TK_OPTINCLUDE TK_PATH_VALUE */ ++#line 2220 "parser.y" ++ { + deprecated("%OptionalInclude is deprecated, use %Include and the 'optional' argument instead"); + + if (notSkipping()) +- parseFile(NULL, (yyvsp[(2) - (2)].text), NULL, TRUE); ++ parseFile(NULL, (yyvsp[0].text), NULL, TRUE); + } ++#line 4752 "../parser.c" + break; + +- case 242: +-#line 2202 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 243: /* import: TK_IMPORT import_args */ ++#line 2228 "parser.y" ++ { + if (notSkipping()) +- newImport((yyvsp[(2) - (2)].import).name); ++ newImport((yyvsp[0].import).name); + } ++#line 4761 "../parser.c" + break; + +- case 243: +-#line 2208 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 244: /* import_args: TK_PATH_VALUE */ ++#line 2234 "parser.y" ++ { + resetLexerState(); + +- (yyval.import).name = (yyvsp[(1) - (1)].text); ++ (yyval.import).name = (yyvsp[0].text); + } ++#line 4771 "../parser.c" + break; + +- case 244: +-#line 2213 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.import) = (yyvsp[(2) - (3)].import); ++ case 245: /* import_args: '(' import_arg_list ')' */ ++#line 2239 "parser.y" ++ { ++ (yyval.import) = (yyvsp[-1].import); + } ++#line 4779 "../parser.c" + break; + +- case 246: +-#line 2219 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.import) = (yyvsp[(1) - (3)].import); ++ case 247: /* import_arg_list: import_arg_list ',' import_arg */ ++#line 2245 "parser.y" ++ { ++ (yyval.import) = (yyvsp[-2].import); + +- switch ((yyvsp[(3) - (3)].import).token) ++ switch ((yyvsp[0].import).token) + { +- case TK_NAME: (yyval.import).name = (yyvsp[(3) - (3)].import).name; break; ++ case TK_NAME: (yyval.import).name = (yyvsp[0].import).name; break; + } + } ++#line 4792 "../parser.c" + break; + +- case 247: +-#line 2229 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 248: /* import_arg: TK_NAME '=' TK_PATH_VALUE */ ++#line 2255 "parser.y" ++ { + (yyval.import).token = TK_NAME; + +- (yyval.import).name = (yyvsp[(3) - (3)].text); ++ (yyval.import).name = (yyvsp[0].text); + } ++#line 4802 "../parser.c" + break; + +- case 248: +-#line 2236 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 249: /* optaccesscode: %empty */ ++#line 2262 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 4810 "../parser.c" + break; + +- case 249: +-#line 2239 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 250: /* optaccesscode: TK_ACCESSCODE codeblock */ ++#line 2265 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4818 "../parser.c" + break; + +- case 250: +-#line 2244 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 251: /* optgetcode: %empty */ ++#line 2270 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 4826 "../parser.c" + break; + +- case 251: +-#line 2247 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 252: /* optgetcode: TK_GETCODE codeblock */ ++#line 2273 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4834 "../parser.c" + break; + +- case 252: +-#line 2252 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 253: /* optsetcode: %empty */ ++#line 2278 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 4842 "../parser.c" + break; + +- case 253: +-#line 2255 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 254: /* optsetcode: TK_SETCODE codeblock */ ++#line 2281 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4850 "../parser.c" + break; + +- case 254: +-#line 2260 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 255: /* copying: TK_COPYING codeblock */ ++#line 2286 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->copying, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->copying, (yyvsp[0].codeb)); + } ++#line 4859 "../parser.c" + break; + +- case 255: +-#line 2266 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 256: /* exphdrcode: TK_EXPHEADERCODE codeblock */ ++#line 2292 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tSpec->exphdrcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tSpec->exphdrcode, (yyvsp[0].codeb)); + } ++#line 4868 "../parser.c" + break; + +- case 256: +-#line 2272 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 257: /* modhdrcode: TK_MODHEADERCODE codeblock */ ++#line 2298 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->hdrcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->hdrcode, (yyvsp[0].codeb)); + } ++#line 4877 "../parser.c" + break; + +- case 257: +-#line 2278 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 258: /* typehdrcode: TK_TYPEHEADERCODE codeblock */ ++#line 2304 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4885 "../parser.c" + break; + +- case 258: +-#line 2283 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 259: /* travcode: TK_TRAVERSECODE codeblock */ ++#line 2309 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4893 "../parser.c" + break; + +- case 259: +-#line 2288 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 260: /* clearcode: TK_CLEARCODE codeblock */ ++#line 2314 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4901 "../parser.c" + break; + +- case 260: +-#line 2293 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 261: /* getbufcode: TK_GETBUFFERCODE codeblock */ ++#line 2319 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4909 "../parser.c" + break; + +- case 261: +-#line 2298 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 262: /* releasebufcode: TK_RELEASEBUFFERCODE codeblock */ ++#line 2324 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4917 "../parser.c" + break; + +- case 262: +-#line 2303 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 263: /* readbufcode: TK_READBUFFERCODE codeblock */ ++#line 2329 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4925 "../parser.c" + break; + +- case 263: +-#line 2308 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 264: /* writebufcode: TK_WRITEBUFFERCODE codeblock */ ++#line 2334 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4933 "../parser.c" + break; + +- case 264: +-#line 2313 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 265: /* segcountcode: TK_SEGCOUNTCODE codeblock */ ++#line 2339 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4941 "../parser.c" + break; + +- case 265: +-#line 2318 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 266: /* charbufcode: TK_CHARBUFFERCODE codeblock */ ++#line 2344 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4949 "../parser.c" + break; + +- case 266: +-#line 2323 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 267: /* instancecode: TK_INSTANCECODE codeblock */ ++#line 2349 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4957 "../parser.c" + break; + +- case 267: +-#line 2328 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 268: /* picklecode: TK_PICKLECODE codeblock */ ++#line 2354 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4965 "../parser.c" + break; + +- case 268: +-#line 2333 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 269: /* finalcode: TK_FINALCODE codeblock */ ++#line 2359 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4973 "../parser.c" + break; + +- case 269: +-#line 2338 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 270: /* modcode: TK_MODCODE codeblock */ ++#line 2364 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->cppcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->cppcode, (yyvsp[0].codeb)); + } ++#line 4982 "../parser.c" + break; + +- case 270: +-#line 2344 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 271: /* typecode: TK_TYPECODE codeblock */ ++#line 2370 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 4990 "../parser.c" + break; + +- case 271: +-#line 2349 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 272: /* preinitcode: TK_PREINITCODE codeblock */ ++#line 2375 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->preinitcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->preinitcode, (yyvsp[0].codeb)); + } ++#line 4999 "../parser.c" + break; + +- case 272: +-#line 2355 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 273: /* initcode: TK_INITCODE codeblock */ ++#line 2381 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->initcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->initcode, (yyvsp[0].codeb)); + } ++#line 5008 "../parser.c" + break; + +- case 273: +-#line 2361 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 274: /* postinitcode: TK_POSTINITCODE codeblock */ ++#line 2387 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->postinitcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->postinitcode, (yyvsp[0].codeb)); + } ++#line 5017 "../parser.c" + break; + +- case 274: +-#line 2367 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 275: /* unitcode: TK_UNITCODE codeblock */ ++#line 2393 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->unitcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->unitcode, (yyvsp[0].codeb)); + } ++#line 5026 "../parser.c" + break; + +- case 275: +-#line 2373 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 276: /* unitpostinccode: TK_UNITPOSTINCLUDECODE codeblock */ ++#line 2399 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->unitpostinccode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->unitpostinccode, (yyvsp[0].codeb)); + } ++#line 5035 "../parser.c" + break; + +- case 276: +-#line 2379 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 277: /* prepycode: TK_PREPYCODE codeblock */ ++#line 2405 "parser.y" ++ { + /* Deprecated. */ + } ++#line 5043 "../parser.c" + break; + +- case 277: +-#line 2384 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 278: /* exptypehintcode: TK_EXPTYPEHINTCODE codeblock */ ++#line 2410 "parser.y" ++ { + if (notSkipping() && !inMainModule()) +- appendCodeBlock(¤tSpec->exptypehintcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tSpec->exptypehintcode, (yyvsp[0].codeb)); + } ++#line 5052 "../parser.c" + break; + +- case 278: +-#line 2390 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 279: /* modtypehintcode: TK_TYPEHINTCODE codeblock */ ++#line 2416 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tModule->typehintcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tModule->typehintcode, (yyvsp[0].codeb)); + } ++#line 5061 "../parser.c" + break; + +- case 279: +-#line 2396 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 280: /* classtypehintcode: TK_TYPEHINTCODE codeblock */ ++#line 2422 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 5069 "../parser.c" + break; + +- case 280: +-#line 2401 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 281: /* doc: TK_DOC codeblock */ ++#line 2427 "parser.y" ++ { + if (notSkipping() && inMainModule()) +- appendCodeBlock(¤tSpec->docs, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tSpec->docs, (yyvsp[0].codeb)); + } ++#line 5078 "../parser.c" + break; + +- case 281: +-#line 2407 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 282: /* exporteddoc: TK_EXPORTEDDOC codeblock */ ++#line 2433 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tSpec->docs, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(¤tSpec->docs, (yyvsp[0].codeb)); + } ++#line 5087 "../parser.c" + break; + +- case 282: +-#line 2413 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 283: /* autopyname: TK_AUTOPYNAME autopyname_args */ ++#line 2439 "parser.y" ++ { + if (notSkipping()) +- addAutoPyName(currentModule, (yyvsp[(2) - (2)].autopyname).remove_leading); ++ addAutoPyName(currentModule, (yyvsp[0].autopyname).remove_leading); + } ++#line 5096 "../parser.c" + break; + +- case 283: +-#line 2419 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.autopyname) = (yyvsp[(2) - (3)].autopyname); ++ case 284: /* autopyname_args: '(' autopyname_arg_list ')' */ ++#line 2445 "parser.y" ++ { ++ (yyval.autopyname) = (yyvsp[-1].autopyname); + } ++#line 5104 "../parser.c" + break; + +- case 285: +-#line 2425 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.autopyname) = (yyvsp[(1) - (3)].autopyname); ++ case 286: /* autopyname_arg_list: autopyname_arg_list ',' autopyname_arg */ ++#line 2451 "parser.y" ++ { ++ (yyval.autopyname) = (yyvsp[-2].autopyname); + +- switch ((yyvsp[(3) - (3)].autopyname).token) ++ switch ((yyvsp[0].autopyname).token) + { +- case TK_REMOVELEADING: (yyval.autopyname).remove_leading = (yyvsp[(3) - (3)].autopyname).remove_leading; break; ++ case TK_REMOVELEADING: (yyval.autopyname).remove_leading = (yyvsp[0].autopyname).remove_leading; break; + } + } ++#line 5117 "../parser.c" + break; + +- case 286: +-#line 2435 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 287: /* autopyname_arg: TK_REMOVELEADING '=' TK_STRING_VALUE */ ++#line 2461 "parser.y" ++ { + (yyval.autopyname).token = TK_REMOVELEADING; + +- (yyval.autopyname).remove_leading = (yyvsp[(3) - (3)].text); ++ (yyval.autopyname).remove_leading = (yyvsp[0].text); + } ++#line 5127 "../parser.c" + break; + +- case 287: +-#line 2442 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 288: /* docstring: TK_DOCSTRING docstring_args codeblock */ ++#line 2468 "parser.y" ++ { + (yyval.docstr) = sipMalloc(sizeof(docstringDef)); + +- (yyval.docstr)->signature = (yyvsp[(2) - (3)].docstring).signature; +- (yyval.docstr)->text = (yyvsp[(3) - (3)].codeb)->frag; +- free((yyvsp[(3) - (3)].codeb)); ++ (yyval.docstr)->signature = (yyvsp[-1].docstring).signature; ++ (yyval.docstr)->text = (yyvsp[0].codeb)->frag; ++ free((yyvsp[0].codeb)); + + /* Format the docstring. */ +- if ((yyvsp[(2) - (3)].docstring).format == deindented) ++ if ((yyvsp[-1].docstring).format == deindented) + { + const char *cp; + char *dp; +@@ -5392,159 +5210,175 @@ yyreduce: + *dp = '\0'; + } + } ++#line 5214 "../parser.c" + break; + +- case 288: +-#line 2526 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 289: /* docstring_args: %empty */ ++#line 2552 "parser.y" ++ { + (yyval.docstring).format = currentModule->defdocstringfmt; + (yyval.docstring).signature = currentModule->defdocstringsig; + } ++#line 5223 "../parser.c" + break; + +- case 289: +-#line 2530 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 290: /* docstring_args: TK_STRING_VALUE */ ++#line 2556 "parser.y" ++ { + resetLexerState(); + +- (yyval.docstring).format = convertFormat((yyvsp[(1) - (1)].text)); ++ (yyval.docstring).format = convertFormat((yyvsp[0].text)); + (yyval.docstring).signature = currentModule->defdocstringsig; + } ++#line 5234 "../parser.c" + break; + +- case 290: +-#line 2536 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.docstring) = (yyvsp[(2) - (3)].docstring); ++ case 291: /* docstring_args: '(' docstring_arg_list ')' */ ++#line 2562 "parser.y" ++ { ++ (yyval.docstring) = (yyvsp[-1].docstring); + } ++#line 5242 "../parser.c" + break; + +- case 292: +-#line 2542 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.docstring) = (yyvsp[(1) - (3)].docstring); ++ case 293: /* docstring_arg_list: docstring_arg_list ',' docstring_arg */ ++#line 2568 "parser.y" ++ { ++ (yyval.docstring) = (yyvsp[-2].docstring); + +- switch ((yyvsp[(3) - (3)].docstring).token) ++ switch ((yyvsp[0].docstring).token) + { +- case TK_FORMAT: (yyval.docstring).format = (yyvsp[(3) - (3)].docstring).format; break; +- case TK_SIGNATURE: (yyval.docstring).signature = (yyvsp[(3) - (3)].docstring).signature; break; ++ case TK_FORMAT: (yyval.docstring).format = (yyvsp[0].docstring).format; break; ++ case TK_SIGNATURE: (yyval.docstring).signature = (yyvsp[0].docstring).signature; break; + } + } ++#line 5256 "../parser.c" + break; + +- case 293: +-#line 2553 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 294: /* docstring_arg: TK_FORMAT '=' TK_STRING_VALUE */ ++#line 2579 "parser.y" ++ { + (yyval.docstring).token = TK_FORMAT; + +- (yyval.docstring).format = convertFormat((yyvsp[(3) - (3)].text)); ++ (yyval.docstring).format = convertFormat((yyvsp[0].text)); + (yyval.docstring).signature = currentModule->defdocstringsig; + } ++#line 5267 "../parser.c" + break; + +- case 294: +-#line 2559 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 295: /* docstring_arg: TK_SIGNATURE '=' TK_STRING_VALUE */ ++#line 2585 "parser.y" ++ { + (yyval.docstring).token = TK_SIGNATURE; + + (yyval.docstring).format = currentModule->defdocstringfmt; +- (yyval.docstring).signature = convertSignature((yyvsp[(3) - (3)].text)); ++ (yyval.docstring).signature = convertSignature((yyvsp[0].text)); + } ++#line 5278 "../parser.c" + break; + +- case 295: +-#line 2567 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 296: /* optdocstring: %empty */ ++#line 2593 "parser.y" ++ { + (yyval.docstr) = NULL; + } ++#line 5286 "../parser.c" + break; + +- case 297: +-#line 2573 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (3)].extract).id == NULL) ++ case 298: /* extract: TK_EXTRACT extract_args codeblock */ ++#line 2599 "parser.y" ++ { ++ if ((yyvsp[-1].extract).id == NULL) + yyerror("%Extract must have an 'id' argument"); + + if (notSkipping()) +- addExtractPart(currentSpec, (yyvsp[(2) - (3)].extract).id, (yyvsp[(2) - (3)].extract).order, (yyvsp[(3) - (3)].codeb)); ++ addExtractPart(currentSpec, (yyvsp[-1].extract).id, (yyvsp[-1].extract).order, (yyvsp[0].codeb)); + } ++#line 5298 "../parser.c" + break; + +- case 298: +-#line 2582 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 299: /* extract_args: TK_NAME_VALUE */ ++#line 2608 "parser.y" ++ { + resetLexerState(); + +- (yyval.extract).id = (yyvsp[(1) - (1)].text); ++ (yyval.extract).id = (yyvsp[0].text); + (yyval.extract).order = -1; + } ++#line 5309 "../parser.c" + break; + +- case 299: +-#line 2588 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.extract) = (yyvsp[(2) - (3)].extract); ++ case 300: /* extract_args: '(' extract_arg_list ')' */ ++#line 2614 "parser.y" ++ { ++ (yyval.extract) = (yyvsp[-1].extract); + } ++#line 5317 "../parser.c" + break; + +- case 301: +-#line 2594 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.extract) = (yyvsp[(1) - (3)].extract); ++ case 302: /* extract_arg_list: extract_arg_list ',' extract_arg */ ++#line 2620 "parser.y" ++ { ++ (yyval.extract) = (yyvsp[-2].extract); + +- switch ((yyvsp[(3) - (3)].extract).token) ++ switch ((yyvsp[0].extract).token) + { +- case TK_ID: (yyval.extract).id = (yyvsp[(3) - (3)].extract).id; break; +- case TK_ORDER: (yyval.extract).order = (yyvsp[(3) - (3)].extract).order; break; ++ case TK_ID: (yyval.extract).id = (yyvsp[0].extract).id; break; ++ case TK_ORDER: (yyval.extract).order = (yyvsp[0].extract).order; break; + } + } ++#line 5331 "../parser.c" + break; + +- case 302: +-#line 2605 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 303: /* extract_arg: TK_ID '=' TK_NAME_VALUE */ ++#line 2631 "parser.y" ++ { + (yyval.extract).token = TK_ID; + +- (yyval.extract).id = (yyvsp[(3) - (3)].text); ++ (yyval.extract).id = (yyvsp[0].text); + (yyval.extract).order = -1; + } ++#line 5342 "../parser.c" + break; + +- case 303: +-#line 2611 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 304: /* extract_arg: TK_ORDER '=' TK_NUMBER_VALUE */ ++#line 2637 "parser.y" ++ { + (yyval.extract).token = TK_ORDER; + +- if ((yyvsp[(3) - (3)].number) < 0) ++ if ((yyvsp[0].number) < 0) + yyerror("The 'order' of an %Extract directive must not be negative"); + + (yyval.extract).id = NULL; +- (yyval.extract).order = (yyvsp[(3) - (3)].number); ++ (yyval.extract).order = (yyvsp[0].number); + } ++#line 5356 "../parser.c" + break; + +- case 304: +-#line 2622 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 305: /* makefile: TK_MAKEFILE TK_PATH_VALUE optfilename codeblock */ ++#line 2648 "parser.y" ++ { + /* Deprecated. */ + } ++#line 5364 "../parser.c" + break; + +- case 307: +-#line 2631 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(1) - (2)].codeb); ++ case 308: /* codelines: codelines TK_CODELINE */ ++#line 2657 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[-1].codeb); + +- append(&(yyval.codeb)->frag, (yyvsp[(2) - (2)].codeb)->frag); ++ append(&(yyval.codeb)->frag, (yyvsp[0].codeb)->frag); + +- free((yyvsp[(2) - (2)].codeb)->frag); +- free((yyvsp[(2) - (2)].codeb)); ++ free((yyvsp[0].codeb)->frag); ++ free((yyvsp[0].codeb)); + } ++#line 5377 "../parser.c" + break; + +- case 308: +-#line 2641 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 309: /* $@9: %empty */ ++#line 2667 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -5554,72 +5388,80 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(4) - (4)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + + if (sectionFlags != 0 && (sectionFlags & ~(SECT_IS_PUBLIC | SECT_IS_PROT)) != 0) + yyerror("Class enums must be in the public or protected sections"); + +- if (currentSpec->genc && (yyvsp[(2) - (4)].boolean)) ++ if (currentSpec->genc && (yyvsp[-2].boolean)) + yyerror("Scoped enums not allowed in a C module"); + + currentEnum = newEnum(currentSpec, currentModule, +- currentMappedType, (yyvsp[(3) - (4)].text), &(yyvsp[(4) - (4)].optflags), sectionFlags, (yyvsp[(2) - (4)].boolean)); ++ currentMappedType, (yyvsp[-1].text), &(yyvsp[0].optflags), sectionFlags, (yyvsp[-2].boolean)); + } + } ++#line 5404 "../parser.c" + break; + +- case 310: +-#line 2665 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 311: /* optenumkey: %empty */ ++#line 2691 "parser.y" ++ { + (yyval.boolean) = FALSE; + } ++#line 5412 "../parser.c" + break; + +- case 311: +-#line 2668 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 312: /* optenumkey: TK_CLASS */ ++#line 2694 "parser.y" ++ { + (yyval.boolean) = TRUE; + } ++#line 5420 "../parser.c" + break; + +- case 312: +-#line 2671 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 313: /* optenumkey: TK_STRUCT */ ++#line 2697 "parser.y" ++ { + (yyval.boolean) = TRUE; + } ++#line 5428 "../parser.c" + break; + +- case 313: +-#line 2676 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 314: /* optfilename: %empty */ ++#line 2702 "parser.y" ++ { + (yyval.text) = NULL; + } ++#line 5436 "../parser.c" + break; + +- case 314: +-#line 2679 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.text) = (yyvsp[(1) - (1)].text); ++ case 315: /* optfilename: TK_PATH_VALUE */ ++#line 2705 "parser.y" ++ { ++ (yyval.text) = (yyvsp[0].text); + } ++#line 5444 "../parser.c" + break; + +- case 315: +-#line 2684 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 316: /* optname: %empty */ ++#line 2710 "parser.y" ++ { + (yyval.text) = NULL; + } ++#line 5452 "../parser.c" + break; + +- case 316: +-#line 2687 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.text) = (yyvsp[(1) - (1)].text); ++ case 317: /* optname: TK_NAME_VALUE */ ++#line 2713 "parser.y" ++ { ++ (yyval.text) = (yyvsp[0].text); + } ++#line 5460 "../parser.c" + break; + +- case 323: +-#line 2702 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 324: /* enumline: TK_NAME_VALUE optenumassign optflags optcomma */ ++#line 2728 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -5630,15 +5472,15 @@ yyreduce: + + enumMemberDef *emd, **tail; + +- checkAnnos(&(yyvsp[(3) - (4)].optflags), annos); ++ checkAnnos(&(yyvsp[-1].optflags), annos); + + /* Note that we don't use the assigned value. */ + emd = sipMalloc(sizeof (enumMemberDef)); + + emd->pyname = cacheName(currentSpec, +- getPythonName(currentModule, &(yyvsp[(3) - (4)].optflags), (yyvsp[(1) - (4)].text))); +- emd->cname = (yyvsp[(1) - (4)].text); +- emd->no_typehint = getNoTypeHint(&(yyvsp[(3) - (4)].optflags)); ++ getPythonName(currentModule, &(yyvsp[-1].optflags), (yyvsp[-3].text))); ++ emd->cname = (yyvsp[-3].text); ++ emd->no_typehint = getNoTypeHint(&(yyvsp[-1].optflags)); + emd->ed = currentEnum; + emd->platforms = currentPlatforms; + emd->next = NULL; +@@ -5661,309 +5503,345 @@ yyreduce: + setIsUsedName(emd->pyname); + } + } ++#line 5507 "../parser.c" + break; + +- case 328: +-#line 2754 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 329: /* optassign: %empty */ ++#line 2780 "parser.y" ++ { + (yyval.valp) = NULL; + } ++#line 5515 "../parser.c" + break; + +- case 329: +-#line 2757 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.valp) = (yyvsp[(2) - (2)].valp); ++ case 330: /* optassign: '=' expr */ ++#line 2783 "parser.y" ++ { ++ (yyval.valp) = (yyvsp[0].valp); + } ++#line 5523 "../parser.c" + break; + +- case 331: +-#line 2763 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 332: /* expr: expr binop value */ ++#line 2789 "parser.y" ++ { + valueDef *vd; + +- if ((yyvsp[(1) - (3)].valp) -> vtype == string_value || (yyvsp[(3) - (3)].valp) -> vtype == string_value) ++ if ((yyvsp[-2].valp) -> vtype == string_value || (yyvsp[0].valp) -> vtype == string_value) + yyerror("Invalid binary operator for string"); + + /* Find the last value in the existing expression. */ + +- for (vd = (yyvsp[(1) - (3)].valp); vd -> next != NULL; vd = vd -> next) ++ for (vd = (yyvsp[-2].valp); vd -> next != NULL; vd = vd -> next) + ; + +- vd -> vbinop = (yyvsp[(2) - (3)].qchar); +- vd -> next = (yyvsp[(3) - (3)].valp); ++ vd -> vbinop = (yyvsp[-1].qchar); ++ vd -> next = (yyvsp[0].valp); + +- (yyval.valp) = (yyvsp[(1) - (3)].valp); ++ (yyval.valp) = (yyvsp[-2].valp); + } ++#line 5544 "../parser.c" + break; + +- case 332: +-#line 2781 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 333: /* binop: '-' */ ++#line 2807 "parser.y" ++ { + (yyval.qchar) = '-'; + } ++#line 5552 "../parser.c" + break; + +- case 333: +-#line 2784 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 334: /* binop: '+' */ ++#line 2810 "parser.y" ++ { + (yyval.qchar) = '+'; + } ++#line 5560 "../parser.c" + break; + +- case 334: +-#line 2787 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 335: /* binop: '*' */ ++#line 2813 "parser.y" ++ { + (yyval.qchar) = '*'; + } ++#line 5568 "../parser.c" + break; + +- case 335: +-#line 2790 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 336: /* binop: '/' */ ++#line 2816 "parser.y" ++ { + (yyval.qchar) = '/'; + } ++#line 5576 "../parser.c" + break; + +- case 336: +-#line 2793 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 337: /* binop: '&' */ ++#line 2819 "parser.y" ++ { + (yyval.qchar) = '&'; + } ++#line 5584 "../parser.c" + break; + +- case 337: +-#line 2796 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 338: /* binop: '|' */ ++#line 2822 "parser.y" ++ { + (yyval.qchar) = '|'; + } ++#line 5592 "../parser.c" + break; + +- case 338: +-#line 2801 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 339: /* optunop: %empty */ ++#line 2827 "parser.y" ++ { + (yyval.qchar) = '\0'; + } ++#line 5600 "../parser.c" + break; + +- case 339: +-#line 2804 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 340: /* optunop: '!' */ ++#line 2830 "parser.y" ++ { + (yyval.qchar) = '!'; + } ++#line 5608 "../parser.c" + break; + +- case 340: +-#line 2807 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 341: /* optunop: '~' */ ++#line 2833 "parser.y" ++ { + (yyval.qchar) = '~'; + } ++#line 5616 "../parser.c" + break; + +- case 341: +-#line 2810 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 342: /* optunop: '-' */ ++#line 2836 "parser.y" ++ { + (yyval.qchar) = '-'; + } ++#line 5624 "../parser.c" + break; + +- case 342: +-#line 2813 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 343: /* optunop: '+' */ ++#line 2839 "parser.y" ++ { + (yyval.qchar) = '+'; + } ++#line 5632 "../parser.c" + break; + +- case 343: +-#line 2816 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 344: /* optunop: '*' */ ++#line 2842 "parser.y" ++ { + (yyval.qchar) = '*'; + } ++#line 5640 "../parser.c" + break; + +- case 344: +-#line 2819 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 345: /* optunop: '&' */ ++#line 2845 "parser.y" ++ { + (yyval.qchar) = '&'; + } ++#line 5648 "../parser.c" + break; + +- case 345: +-#line 2824 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (3)].qchar) != '\0' && (yyvsp[(3) - (3)].value).vtype == string_value) ++ case 346: /* value: optcast optunop simplevalue */ ++#line 2850 "parser.y" ++ { ++ if ((yyvsp[-1].qchar) != '\0' && (yyvsp[0].value).vtype == string_value) + yyerror("Invalid unary operator for string"); + + /* Convert the value to a simple expression on the heap. */ + (yyval.valp) = sipMalloc(sizeof (valueDef)); + +- *(yyval.valp) = (yyvsp[(3) - (3)].value); +- (yyval.valp)->vunop = (yyvsp[(2) - (3)].qchar); ++ *(yyval.valp) = (yyvsp[0].value); ++ (yyval.valp)->vunop = (yyvsp[-1].qchar); + (yyval.valp)->vbinop = '\0'; +- (yyval.valp)->cast = (yyvsp[(1) - (3)].scpvalp); ++ (yyval.valp)->cast = (yyvsp[-2].scpvalp); + (yyval.valp)->next = NULL; + } ++#line 5666 "../parser.c" + break; + +- case 346: +-#line 2839 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 347: /* optcast: %empty */ ++#line 2865 "parser.y" ++ { + (yyval.scpvalp) = NULL; + } ++#line 5674 "../parser.c" + break; + +- case 347: +-#line 2842 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.scpvalp) = (yyvsp[(2) - (3)].scpvalp); ++ case 348: /* optcast: '(' scopedname ')' */ ++#line 2868 "parser.y" ++ { ++ (yyval.scpvalp) = (yyvsp[-1].scpvalp); + } ++#line 5682 "../parser.c" + break; + +- case 348: +-#line 2847 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 349: /* scopedname: TK_SCOPE scopednamehead */ ++#line 2873 "parser.y" ++ { + if (currentSpec->genc) + yyerror("Scoped names are not allowed in a C module"); + +- (yyval.scpvalp) = scopeScopedName(NULL, (yyvsp[(2) - (2)].scpvalp)); ++ (yyval.scpvalp) = scopeScopedName(NULL, (yyvsp[0].scpvalp)); + } ++#line 5693 "../parser.c" + break; + +- case 351: +-#line 2857 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 352: /* scopednamehead: scopednamehead TK_SCOPE scopepart */ ++#line 2883 "parser.y" ++ { + if (currentSpec->genc) + yyerror("Scoped names are not allowed in a C module"); + +- appendScopedName(&(yyvsp[(1) - (3)].scpvalp), (yyvsp[(3) - (3)].scpvalp)); ++ appendScopedName(&(yyvsp[-2].scpvalp), (yyvsp[0].scpvalp)); + } ++#line 5704 "../parser.c" + break; + +- case 352: +-#line 2865 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.scpvalp) = text2scopePart((yyvsp[(1) - (1)].text)); ++ case 353: /* scopepart: TK_NAME_VALUE */ ++#line 2891 "parser.y" ++ { ++ (yyval.scpvalp) = text2scopePart((yyvsp[0].text)); + } ++#line 5712 "../parser.c" + break; + +- case 353: +-#line 2870 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 354: /* bool_value: TK_TRUE_VALUE */ ++#line 2896 "parser.y" ++ { + (yyval.boolean) = TRUE; + } ++#line 5720 "../parser.c" + break; + +- case 354: +-#line 2873 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 355: /* bool_value: TK_FALSE_VALUE */ ++#line 2899 "parser.y" ++ { + (yyval.boolean) = FALSE; + } ++#line 5728 "../parser.c" + break; + +- case 355: +-#line 2878 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 356: /* simplevalue: scopedname */ ++#line 2904 "parser.y" ++ { + /* + * We let the C++ compiler decide if the value is a valid one - no + * point in building a full C++ parser here. + */ + + (yyval.value).vtype = scoped_value; +- (yyval.value).u.vscp = (yyvsp[(1) - (1)].scpvalp); ++ (yyval.value).u.vscp = (yyvsp[0].scpvalp); + } ++#line 5742 "../parser.c" + break; + +- case 356: +-#line 2887 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 357: /* simplevalue: basetype '(' exprlist ')' */ ++#line 2913 "parser.y" ++ { + fcallDef *fcd; + + fcd = sipMalloc(sizeof (fcallDef)); +- *fcd = (yyvsp[(3) - (4)].fcall); +- fcd -> type = (yyvsp[(1) - (4)].memArg); ++ *fcd = (yyvsp[-1].fcall); ++ fcd -> type = (yyvsp[-3].memArg); + + (yyval.value).vtype = fcall_value; + (yyval.value).u.fcd = fcd; + } ++#line 5757 "../parser.c" + break; + +- case 357: +-#line 2897 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 358: /* simplevalue: '{' '}' */ ++#line 2923 "parser.y" ++ { + (yyval.value).vtype = empty_value; + } ++#line 5765 "../parser.c" + break; + +- case 358: +-#line 2900 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 359: /* simplevalue: TK_REAL_VALUE */ ++#line 2926 "parser.y" ++ { + (yyval.value).vtype = real_value; +- (yyval.value).u.vreal = (yyvsp[(1) - (1)].real); ++ (yyval.value).u.vreal = (yyvsp[0].real); + } ++#line 5774 "../parser.c" + break; + +- case 359: +-#line 2904 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 360: /* simplevalue: TK_NUMBER_VALUE */ ++#line 2930 "parser.y" ++ { + (yyval.value).vtype = numeric_value; +- (yyval.value).u.vnum = (yyvsp[(1) - (1)].number); ++ (yyval.value).u.vnum = (yyvsp[0].number); + } ++#line 5783 "../parser.c" + break; + +- case 360: +-#line 2908 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 361: /* simplevalue: bool_value */ ++#line 2934 "parser.y" ++ { + (yyval.value).vtype = numeric_value; +- (yyval.value).u.vnum = (yyvsp[(1) - (1)].boolean); ++ (yyval.value).u.vnum = (yyvsp[0].boolean); + } ++#line 5792 "../parser.c" + break; + +- case 361: +-#line 2912 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 362: /* simplevalue: TK_NULL_VALUE */ ++#line 2938 "parser.y" ++ { + (yyval.value).vtype = numeric_value; + (yyval.value).u.vnum = 0; + } ++#line 5801 "../parser.c" + break; + +- case 362: +-#line 2916 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 363: /* simplevalue: TK_STRING_VALUE */ ++#line 2942 "parser.y" ++ { + (yyval.value).vtype = string_value; +- (yyval.value).u.vstr = (yyvsp[(1) - (1)].text); ++ (yyval.value).u.vstr = (yyvsp[0].text); + } ++#line 5810 "../parser.c" + break; + +- case 363: +-#line 2920 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 364: /* simplevalue: TK_QCHAR_VALUE */ ++#line 2946 "parser.y" ++ { + (yyval.value).vtype = qchar_value; +- (yyval.value).u.vqchar = (yyvsp[(1) - (1)].qchar); ++ (yyval.value).u.vqchar = (yyvsp[0].qchar); + } ++#line 5819 "../parser.c" + break; + +- case 364: +-#line 2926 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 365: /* exprlist: %empty */ ++#line 2952 "parser.y" ++ { + /* No values. */ + + (yyval.fcall).nrArgs = 0; + } ++#line 5829 "../parser.c" + break; + +- case 365: +-#line 2931 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 366: /* exprlist: expr */ ++#line 2957 "parser.y" ++ { + /* The single or first expression. */ + +- (yyval.fcall).args[0] = (yyvsp[(1) - (1)].valp); ++ (yyval.fcall).args[0] = (yyvsp[0].valp); + (yyval.fcall).nrArgs = 1; + } ++#line 5840 "../parser.c" + break; + +- case 366: +-#line 2937 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 367: /* exprlist: exprlist ',' expr */ ++#line 2963 "parser.y" ++ { + /* Check that it wasn't ...(,expression...). */ + + if ((yyval.fcall).nrArgs == 0) +@@ -5971,19 +5849,20 @@ yyreduce: + + /* Check there is room. */ + +- if ((yyvsp[(1) - (3)].fcall).nrArgs == MAX_NR_ARGS) ++ if ((yyvsp[-2].fcall).nrArgs == MAX_NR_ARGS) + yyerror("Internal error - increase the value of MAX_NR_ARGS"); + +- (yyval.fcall) = (yyvsp[(1) - (3)].fcall); ++ (yyval.fcall) = (yyvsp[-2].fcall); + +- (yyval.fcall).args[(yyval.fcall).nrArgs] = (yyvsp[(3) - (3)].valp); ++ (yyval.fcall).args[(yyval.fcall).nrArgs] = (yyvsp[0].valp); + (yyval.fcall).nrArgs++; + } ++#line 5861 "../parser.c" + break; + +- case 367: +-#line 2955 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 368: /* typedef: TK_TYPEDEF cpptype TK_NAME_VALUE optflags ';' optdocstring */ ++#line 2981 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -5999,17 +5878,18 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(4) - (6)].optflags), annos); ++ checkAnnos(&(yyvsp[-2].optflags), annos); + +- applyTypeFlags(currentModule, &(yyvsp[(2) - (6)].memArg), &(yyvsp[(4) - (6)].optflags)); +- newTypedef(currentSpec, currentModule, (yyvsp[(3) - (6)].text), &(yyvsp[(2) - (6)].memArg), &(yyvsp[(4) - (6)].optflags), (yyvsp[(6) - (6)].docstr)); ++ applyTypeFlags(currentModule, &(yyvsp[-4].memArg), &(yyvsp[-2].optflags)); ++ newTypedef(currentSpec, currentModule, (yyvsp[-3].text), &(yyvsp[-4].memArg), &(yyvsp[-2].optflags), (yyvsp[0].docstr)); + } + } ++#line 5888 "../parser.c" + break; + +- case 368: +-#line 2977 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 369: /* typedef: TK_TYPEDEF cpptype '(' '*' TK_NAME_VALUE ')' '(' cpptypelist ')' optflags ';' optdocstring */ ++#line 3003 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -6027,41 +5907,43 @@ yyreduce: + signatureDef *sig; + argDef ftype; + +- checkAnnos(&(yyvsp[(10) - (12)].optflags), annos); ++ checkAnnos(&(yyvsp[-2].optflags), annos); + +- applyTypeFlags(currentModule, &(yyvsp[(2) - (12)].memArg), &(yyvsp[(10) - (12)].optflags)); ++ applyTypeFlags(currentModule, &(yyvsp[-10].memArg), &(yyvsp[-2].optflags)); + + memset(&ftype, 0, sizeof (argDef)); + + /* Create the full signature on the heap. */ + sig = sipMalloc(sizeof (signatureDef)); +- *sig = (yyvsp[(8) - (12)].signature); +- sig->result = (yyvsp[(2) - (12)].memArg); ++ *sig = (yyvsp[-4].signature); ++ sig->result = (yyvsp[-10].memArg); + + /* Create the full type. */ + ftype.atype = function_type; + ftype.nrderefs = 1; + ftype.u.sa = sig; + +- newTypedef(currentSpec, currentModule, (yyvsp[(5) - (12)].text), &ftype, &(yyvsp[(10) - (12)].optflags), (yyvsp[(12) - (12)].docstr)); ++ newTypedef(currentSpec, currentModule, (yyvsp[-7].text), &ftype, &(yyvsp[-2].optflags), (yyvsp[0].docstr)); + } + } ++#line 5930 "../parser.c" + break; + +- case 369: +-#line 3016 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if (currentSpec -> genc && (yyvsp[(2) - (2)].scpvalp)->next != NULL) ++ case 370: /* $@10: %empty */ ++#line 3042 "parser.y" ++ { ++ if (currentSpec -> genc && (yyvsp[0].scpvalp)->next != NULL) + yyerror("Namespaces not allowed in a C module"); + + if (notSkipping()) + currentSupers = NULL; + } ++#line 5942 "../parser.c" + break; + +- case 370: +-#line 3022 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 371: /* $@11: %empty */ ++#line 3048 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -6091,33 +5973,36 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(5) - (5)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + + if (currentSpec->genc && currentSupers != NULL) + yyerror("Super-classes not allowed in a C module struct"); + +- defineClass((yyvsp[(2) - (5)].scpvalp), currentSupers, &(yyvsp[(5) - (5)].optflags)); ++ defineClass((yyvsp[-3].scpvalp), currentSupers, &(yyvsp[0].optflags)); + sectionFlags = SECT_IS_PUBLIC; + } + } ++#line 5986 "../parser.c" + break; + +- case 371: +-#line 3060 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 372: /* struct: TK_STRUCT scopedname $@10 superclasses optflags $@11 optclassbody ';' */ ++#line 3086 "parser.y" ++ { + if (notSkipping()) +- completeClass((yyvsp[(2) - (8)].scpvalp), &(yyvsp[(5) - (8)].optflags), (yyvsp[(7) - (8)].boolean)); ++ completeClass((yyvsp[-6].scpvalp), &(yyvsp[-3].optflags), (yyvsp[-1].boolean)); + } ++#line 5995 "../parser.c" + break; + +- case 372: +-#line 3066 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsTemplate = TRUE;} ++ case 373: /* $@12: %empty */ ++#line 3092 "parser.y" ++ {currentIsTemplate = TRUE;} ++#line 6001 "../parser.c" + break; + +- case 373: +-#line 3066 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 374: /* classtmpl: template $@12 class */ ++#line 3092 "parser.y" ++ { + if (currentSpec->genc) + yyerror("Class templates not allowed in a C module"); + +@@ -6128,12 +6013,12 @@ yyreduce: + /* + * Make sure there is room for the extra class name argument. + */ +- if ((yyvsp[(1) - (3)].signature).nrArgs == MAX_NR_ARGS) ++ if ((yyvsp[-2].signature).nrArgs == MAX_NR_ARGS) + yyerror("Internal error - increase the value of MAX_NR_ARGS"); + + tcd = sipMalloc(sizeof (classTmplDef)); +- tcd->sig = (yyvsp[(1) - (3)].signature); +- tcd->cd = (yyvsp[(3) - (3)].klass); ++ tcd->sig = (yyvsp[-2].signature); ++ tcd->cd = (yyvsp[0].klass); + tcd->next = currentSpec->classtemplates; + + currentSpec->classtemplates = tcd; +@@ -6141,29 +6026,32 @@ yyreduce: + + currentIsTemplate = FALSE; + } ++#line 6030 "../parser.c" + break; + +- case 374: +-#line 3092 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.signature) = (yyvsp[(3) - (4)].signature); ++ case 375: /* template: TK_TEMPLATE '<' cpptypelist '>' */ ++#line 3118 "parser.y" ++ { ++ (yyval.signature) = (yyvsp[-1].signature); + } ++#line 6038 "../parser.c" + break; + +- case 375: +-#line 3097 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 376: /* $@13: %empty */ ++#line 3123 "parser.y" ++ { + if (currentSpec->genc) + yyerror("Class definition not allowed in a C module"); + + if (notSkipping()) + currentSupers = NULL; + } ++#line 6050 "../parser.c" + break; + +- case 376: +-#line 3103 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 377: /* $@14: %empty */ ++#line 3129 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -6192,30 +6080,32 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(5) - (5)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + +- defineClass((yyvsp[(2) - (5)].scpvalp), currentSupers, &(yyvsp[(5) - (5)].optflags)); ++ defineClass((yyvsp[-3].scpvalp), currentSupers, &(yyvsp[0].optflags)); + sectionFlags = SECT_IS_PRIVATE; + } + } ++#line 6090 "../parser.c" + break; + +- case 377: +-#line 3137 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 378: /* class: TK_CLASS scopedname $@13 superclasses optflags $@14 optclassbody ';' */ ++#line 3163 "parser.y" ++ { + if (notSkipping()) +- (yyval.klass) = completeClass((yyvsp[(2) - (8)].scpvalp), &(yyvsp[(5) - (8)].optflags), (yyvsp[(7) - (8)].boolean)); ++ (yyval.klass) = completeClass((yyvsp[-6].scpvalp), &(yyvsp[-3].optflags), (yyvsp[-1].boolean)); + } ++#line 6099 "../parser.c" + break; + +- case 382: +-#line 3151 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if (notSkipping() && (yyvsp[(1) - (2)].token) == TK_PUBLIC) ++ case 383: /* superclass: class_access scopedname */ ++#line 3177 "parser.y" ++ { ++ if (notSkipping() && (yyvsp[-1].token) == TK_PUBLIC) + { + argDef ad; + classDef *super; +- scopedNameDef *snd = (yyvsp[(2) - (2)].scpvalp); ++ scopedNameDef *snd = (yyvsp[0].scpvalp); + + /* + * This is a hack to allow typedef'ed classes to be used before +@@ -6260,53 +6150,60 @@ yyreduce: + appendToClassList(¤tSupers, super); + } + } ++#line 6154 "../parser.c" + break; + +- case 383: +-#line 3203 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 384: /* class_access: %empty */ ++#line 3229 "parser.y" ++ { + (yyval.token) = TK_PUBLIC; + } ++#line 6162 "../parser.c" + break; + +- case 384: +-#line 3206 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 385: /* class_access: TK_PUBLIC */ ++#line 3232 "parser.y" ++ { + (yyval.token) = TK_PUBLIC; + } ++#line 6170 "../parser.c" + break; + +- case 385: +-#line 3209 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 386: /* class_access: TK_PROTECTED */ ++#line 3235 "parser.y" ++ { + (yyval.token) = TK_PROTECTED; + } ++#line 6178 "../parser.c" + break; + +- case 386: +-#line 3212 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 387: /* class_access: TK_PRIVATE */ ++#line 3238 "parser.y" ++ { + (yyval.token) = TK_PRIVATE; + } ++#line 6186 "../parser.c" + break; + +- case 387: +-#line 3217 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 388: /* optclassbody: %empty */ ++#line 3243 "parser.y" ++ { + (yyval.boolean) = FALSE; + } ++#line 6194 "../parser.c" + break; + +- case 388: +-#line 3220 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 389: /* optclassbody: '{' classbody '}' */ ++#line 3246 "parser.y" ++ { + (yyval.boolean) = TRUE; + } ++#line 6202 "../parser.c" + break; + +- case 402: +-#line 3240 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 403: /* classline: docstring */ ++#line 3266 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6314,30 +6211,33 @@ yyreduce: + if (scope->docstring != NULL) + yyerror("%Docstring already given for class"); + +- scope->docstring = (yyvsp[(1) - (1)].docstr); ++ scope->docstring = (yyvsp[0].docstr); + } + } ++#line 6218 "../parser.c" + break; + +- case 403: +-#line 3251 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 404: /* classline: typecode */ ++#line 3277 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tScope()->cppcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(¤tScope()->cppcode, (yyvsp[0].codeb)); + } ++#line 6227 "../parser.c" + break; + +- case 404: +-#line 3255 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 405: /* classline: typehdrcode */ ++#line 3281 "parser.y" ++ { + if (notSkipping()) +- appendCodeBlock(¤tScope()->iff->hdrcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(¤tScope()->iff->hdrcode, (yyvsp[0].codeb)); + } ++#line 6236 "../parser.c" + break; + +- case 405: +-#line 3259 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 406: /* classline: travcode */ ++#line 3285 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6345,14 +6245,15 @@ yyreduce: + if (scope->travcode != NULL) + yyerror("%GCTraverseCode already given for class"); + +- appendCodeBlock(&scope->travcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->travcode, (yyvsp[0].codeb)); + } + } ++#line 6252 "../parser.c" + break; + +- case 406: +-#line 3270 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 407: /* classline: clearcode */ ++#line 3296 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6360,14 +6261,15 @@ yyreduce: + if (scope->clearcode != NULL) + yyerror("%GCClearCode already given for class"); + +- appendCodeBlock(&scope->clearcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->clearcode, (yyvsp[0].codeb)); + } + } ++#line 6268 "../parser.c" + break; + +- case 407: +-#line 3281 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 408: /* classline: getbufcode */ ++#line 3307 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6375,14 +6277,15 @@ yyreduce: + if (scope->getbufcode != NULL) + yyerror("%BIGetBufferCode already given for class"); + +- appendCodeBlock(&scope->getbufcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->getbufcode, (yyvsp[0].codeb)); + } + } ++#line 6284 "../parser.c" + break; + +- case 408: +-#line 3292 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 409: /* classline: releasebufcode */ ++#line 3318 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6390,14 +6293,15 @@ yyreduce: + if (scope->releasebufcode != NULL) + yyerror("%BIReleaseBufferCode already given for class"); + +- appendCodeBlock(&scope->releasebufcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->releasebufcode, (yyvsp[0].codeb)); + } + } ++#line 6300 "../parser.c" + break; + +- case 409: +-#line 3303 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 410: /* classline: readbufcode */ ++#line 3329 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6405,14 +6309,15 @@ yyreduce: + if (scope->readbufcode != NULL) + yyerror("%BIGetReadBufferCode already given for class"); + +- appendCodeBlock(&scope->readbufcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->readbufcode, (yyvsp[0].codeb)); + } + } ++#line 6316 "../parser.c" + break; + +- case 410: +-#line 3314 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 411: /* classline: writebufcode */ ++#line 3340 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6420,14 +6325,15 @@ yyreduce: + if (scope->writebufcode != NULL) + yyerror("%BIGetWriteBufferCode already given for class"); + +- appendCodeBlock(&scope->writebufcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->writebufcode, (yyvsp[0].codeb)); + } + } ++#line 6332 "../parser.c" + break; + +- case 411: +-#line 3325 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 412: /* classline: segcountcode */ ++#line 3351 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6435,14 +6341,15 @@ yyreduce: + if (scope->segcountcode != NULL) + yyerror("%BIGetSegCountCode already given for class"); + +- appendCodeBlock(&scope->segcountcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->segcountcode, (yyvsp[0].codeb)); + } + } ++#line 6348 "../parser.c" + break; + +- case 412: +-#line 3336 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 413: /* classline: charbufcode */ ++#line 3362 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6450,14 +6357,15 @@ yyreduce: + if (scope->charbufcode != NULL) + yyerror("%BIGetCharBufferCode already given for class"); + +- appendCodeBlock(&scope->charbufcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->charbufcode, (yyvsp[0].codeb)); + } + } ++#line 6364 "../parser.c" + break; + +- case 413: +-#line 3347 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 414: /* classline: instancecode */ ++#line 3373 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6465,14 +6373,15 @@ yyreduce: + if (scope->instancecode != NULL) + yyerror("%InstanceCode already given for class"); + +- appendCodeBlock(&scope->instancecode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->instancecode, (yyvsp[0].codeb)); + } + } ++#line 6380 "../parser.c" + break; + +- case 414: +-#line 3358 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 415: /* classline: picklecode */ ++#line 3384 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6480,14 +6389,15 @@ yyreduce: + if (scope->picklecode != NULL) + yyerror("%PickleCode already given for class"); + +- appendCodeBlock(&scope->picklecode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->picklecode, (yyvsp[0].codeb)); + } + } ++#line 6396 "../parser.c" + break; + +- case 415: +-#line 3369 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 416: /* classline: finalcode */ ++#line 3395 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6495,14 +6405,15 @@ yyreduce: + if (scope->finalcode != NULL) + yyerror("%FinalisationCode already given for class"); + +- appendCodeBlock(&scope->finalcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->finalcode, (yyvsp[0].codeb)); + } + } ++#line 6412 "../parser.c" + break; + +- case 416: +-#line 3380 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 417: /* classline: classtypehintcode */ ++#line 3406 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6510,14 +6421,15 @@ yyreduce: + if (scope->typehintcode != NULL) + yyerror("%TypeHintCode already given for class"); + +- appendCodeBlock(&scope->typehintcode, (yyvsp[(1) - (1)].codeb)); ++ appendCodeBlock(&scope->typehintcode, (yyvsp[0].codeb)); + } + } ++#line 6428 "../parser.c" + break; + +- case 420: +-#line 3394 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 421: /* classline: TK_TOSUBCLASS codeblock */ ++#line 3420 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6525,14 +6437,15 @@ yyreduce: + if (scope->convtosubcode != NULL) + yyerror("Class has more than one %ConvertToSubClassCode directive"); + +- appendCodeBlock(&scope->convtosubcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(&scope->convtosubcode, (yyvsp[0].codeb)); + } + } ++#line 6444 "../parser.c" + break; + +- case 421: +-#line 3405 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 422: /* classline: TK_TOTYPE codeblock */ ++#line 3431 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6540,14 +6453,15 @@ yyreduce: + if (scope->convtocode != NULL) + yyerror("Class has more than one %ConvertToTypeCode directive"); + +- appendCodeBlock(&scope->convtocode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(&scope->convtocode, (yyvsp[0].codeb)); + } + } ++#line 6460 "../parser.c" + break; + +- case 422: +-#line 3416 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 423: /* classline: TK_FROMTYPE codeblock */ ++#line 3442 "parser.y" ++ { + if (notSkipping()) + { + classDef *scope = currentScope(); +@@ -6555,172 +6469,188 @@ yyreduce: + if (scope->convfromcode != NULL) + yyerror("Class has more than one %ConvertFromTypeCode directive"); + +- appendCodeBlock(&scope->convfromcode, (yyvsp[(2) - (2)].codeb)); ++ appendCodeBlock(&scope->convfromcode, (yyvsp[0].codeb)); + } + } ++#line 6476 "../parser.c" + break; + +- case 423: +-#line 3427 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 424: /* classline: TK_PUBLIC optslot ':' */ ++#line 3453 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("public section not allowed in a C module"); + + if (notSkipping()) +- sectionFlags = SECT_IS_PUBLIC | (yyvsp[(2) - (3)].number); ++ sectionFlags = SECT_IS_PUBLIC | (yyvsp[-1].number); + } ++#line 6488 "../parser.c" + break; + +- case 424: +-#line 3434 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 425: /* classline: TK_PROTECTED optslot ':' */ ++#line 3460 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("protected section not allowed in a C module"); + + if (notSkipping()) +- sectionFlags = SECT_IS_PROT | (yyvsp[(2) - (3)].number); ++ sectionFlags = SECT_IS_PROT | (yyvsp[-1].number); + } ++#line 6500 "../parser.c" + break; + +- case 425: +-#line 3441 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 426: /* classline: TK_PRIVATE optslot ':' */ ++#line 3467 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("private section not allowed in a C module"); + + if (notSkipping()) +- sectionFlags = SECT_IS_PRIVATE | (yyvsp[(2) - (3)].number); ++ sectionFlags = SECT_IS_PRIVATE | (yyvsp[-1].number); + } ++#line 6512 "../parser.c" + break; + +- case 426: +-#line 3448 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 427: /* classline: TK_SIGNALS ':' */ ++#line 3474 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("signals section not allowed in a C module"); + + if (notSkipping()) + sectionFlags = SECT_IS_SIGNAL; + } ++#line 6524 "../parser.c" + break; + +- case 427: +-#line 3457 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (3)].property).name == NULL) ++ case 428: /* property: TK_PROPERTY property_args property_body */ ++#line 3483 "parser.y" ++ { ++ if ((yyvsp[-1].property).name == NULL) + yyerror("A %Property directive must have a 'name' argument"); + +- if ((yyvsp[(2) - (3)].property).get == NULL) ++ if ((yyvsp[-1].property).get == NULL) + yyerror("A %Property directive must have a 'get' argument"); + + if (notSkipping()) + addProperty(currentSpec, currentModule, currentScope(), +- (yyvsp[(2) - (3)].property).name, (yyvsp[(2) - (3)].property).get, (yyvsp[(2) - (3)].property).set, (yyvsp[(3) - (3)].property).docstring); ++ (yyvsp[-1].property).name, (yyvsp[-1].property).get, (yyvsp[-1].property).set, (yyvsp[0].property).docstring); + } ++#line 6540 "../parser.c" + break; + +- case 428: +-#line 3470 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.property) = (yyvsp[(2) - (3)].property); ++ case 429: /* property_args: '(' property_arg_list ')' */ ++#line 3496 "parser.y" ++ { ++ (yyval.property) = (yyvsp[-1].property); + } ++#line 6548 "../parser.c" + break; + +- case 430: +-#line 3476 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.property) = (yyvsp[(1) - (3)].property); ++ case 431: /* property_arg_list: property_arg_list ',' property_arg */ ++#line 3502 "parser.y" ++ { ++ (yyval.property) = (yyvsp[-2].property); + +- switch ((yyvsp[(3) - (3)].property).token) ++ switch ((yyvsp[0].property).token) + { +- case TK_GET: (yyval.property).get = (yyvsp[(3) - (3)].property).get; break; +- case TK_NAME: (yyval.property).name = (yyvsp[(3) - (3)].property).name; break; +- case TK_SET: (yyval.property).set = (yyvsp[(3) - (3)].property).set; break; ++ case TK_GET: (yyval.property).get = (yyvsp[0].property).get; break; ++ case TK_NAME: (yyval.property).name = (yyvsp[0].property).name; break; ++ case TK_SET: (yyval.property).set = (yyvsp[0].property).set; break; + } + } ++#line 6563 "../parser.c" + break; + +- case 431: +-#line 3488 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 432: /* property_arg: TK_GET '=' TK_NAME_VALUE */ ++#line 3514 "parser.y" ++ { + (yyval.property).token = TK_GET; + +- (yyval.property).get = (yyvsp[(3) - (3)].text); ++ (yyval.property).get = (yyvsp[0].text); + (yyval.property).name = NULL; + (yyval.property).set = NULL; + } ++#line 6575 "../parser.c" + break; + +- case 432: +-#line 3495 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 433: /* property_arg: TK_NAME '=' name_or_string */ ++#line 3521 "parser.y" ++ { + (yyval.property).token = TK_NAME; + + (yyval.property).get = NULL; +- (yyval.property).name = (yyvsp[(3) - (3)].text); ++ (yyval.property).name = (yyvsp[0].text); + (yyval.property).set = NULL; + } ++#line 6587 "../parser.c" + break; + +- case 433: +-#line 3502 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 434: /* property_arg: TK_SET '=' TK_NAME_VALUE */ ++#line 3528 "parser.y" ++ { + (yyval.property).token = TK_SET; + + (yyval.property).get = NULL; + (yyval.property).name = NULL; +- (yyval.property).set = (yyvsp[(3) - (3)].text); ++ (yyval.property).set = (yyvsp[0].text); + } ++#line 6599 "../parser.c" + break; + +- case 434: +-#line 3511 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 435: /* property_body: %empty */ ++#line 3537 "parser.y" ++ { + (yyval.property).token = 0; + (yyval.property).docstring = NULL; + } ++#line 6608 "../parser.c" + break; + +- case 435: +-#line 3515 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.property) = (yyvsp[(2) - (4)].property); ++ case 436: /* property_body: '{' property_body_directives '}' ';' */ ++#line 3541 "parser.y" ++ { ++ (yyval.property) = (yyvsp[-2].property); + } ++#line 6616 "../parser.c" + break; + +- case 437: +-#line 3521 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.property) = (yyvsp[(1) - (2)].property); ++ case 438: /* property_body_directives: property_body_directives property_body_directive */ ++#line 3547 "parser.y" ++ { ++ (yyval.property) = (yyvsp[-1].property); + +- switch ((yyvsp[(2) - (2)].property).token) ++ switch ((yyvsp[0].property).token) + { +- case TK_DOCSTRING: (yyval.property).docstring = (yyvsp[(2) - (2)].property).docstring; break; ++ case TK_DOCSTRING: (yyval.property).docstring = (yyvsp[0].property).docstring; break; + } + } ++#line 6629 "../parser.c" + break; + +- case 438: +-#line 3531 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 439: /* property_body_directive: ifstart */ ++#line 3557 "parser.y" ++ { + (yyval.property).token = TK_IF; + } ++#line 6637 "../parser.c" + break; + +- case 439: +-#line 3534 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 440: /* property_body_directive: ifend */ ++#line 3560 "parser.y" ++ { + (yyval.property).token = TK_END; + } ++#line 6645 "../parser.c" + break; + +- case 440: +-#line 3537 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 441: /* property_body_directive: docstring */ ++#line 3563 "parser.y" ++ { + if (notSkipping()) + { + (yyval.property).token = TK_DOCSTRING; +- (yyval.property).docstring = (yyvsp[(1) - (1)].docstr); ++ (yyval.property).docstring = (yyvsp[0].docstr); + } + else + { +@@ -6728,30 +6658,34 @@ yyreduce: + (yyval.property).docstring = NULL; + } + } ++#line 6662 "../parser.c" + break; + +- case 443: +-#line 3555 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 444: /* optslot: %empty */ ++#line 3581 "parser.y" ++ { + (yyval.number) = 0; + } ++#line 6670 "../parser.c" + break; + +- case 444: +-#line 3558 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 445: /* optslot: TK_SLOTS */ ++#line 3584 "parser.y" ++ { + (yyval.number) = SECT_IS_SLOT; + } ++#line 6678 "../parser.c" + break; + +- case 445: +-#line 3564 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsVirt = TRUE;} ++ case 446: /* $@15: %empty */ ++#line 3590 "parser.y" ++ {currentIsVirt = TRUE;} ++#line 6684 "../parser.c" + break; + +- case 448: +-#line 3568 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 449: /* dtor_decl: '~' TK_NAME_VALUE '(' ')' optexceptions optabstract optflags ';' premethodcode methodcode virtualcatchercode */ ++#line 3594 "parser.y" ++ { + /* Note that we allow non-virtual dtors in C modules. */ + + if (notSkipping()) +@@ -6764,22 +6698,22 @@ yyreduce: + + classDef *cd = currentScope(); + +- checkAnnos(&(yyvsp[(7) - (11)].optflags), annos); ++ checkAnnos(&(yyvsp[-4].optflags), annos); + +- if (strcmp(classBaseName(cd),(yyvsp[(2) - (11)].text)) != 0) ++ if (strcmp(classBaseName(cd),(yyvsp[-9].text)) != 0) + yyerror("Destructor doesn't have the same name as its class"); + + if (isDtor(cd)) + yyerror("Destructor has already been defined"); + +- if (currentSpec -> genc && (yyvsp[(9) - (11)].codeb) == NULL) ++ if (currentSpec -> genc && (yyvsp[-2].codeb) == NULL) + yyerror("Destructor in C modules must include %MethodCode"); + + +- appendCodeBlock(&cd->dealloccode, (yyvsp[(9) - (11)].codeb)); /* premethodcode */ +- appendCodeBlock(&cd->dealloccode, (yyvsp[(10) - (11)].codeb)); /* methodcode */ +- appendCodeBlock(&cd->dtorcode, (yyvsp[(11) - (11)].codeb)); +- cd -> dtorexceptions = (yyvsp[(5) - (11)].throwlist); ++ appendCodeBlock(&cd->dealloccode, (yyvsp[-2].codeb)); /* premethodcode */ ++ appendCodeBlock(&cd->dealloccode, (yyvsp[-1].codeb)); /* methodcode */ ++ appendCodeBlock(&cd->dtorcode, (yyvsp[0].codeb)); ++ cd -> dtorexceptions = (yyvsp[-6].throwlist); + + /* + * Note that we don't apply the protected/public hack to dtors +@@ -6787,7 +6721,7 @@ yyreduce: + */ + cd->classflags |= sectionFlags; + +- if ((yyvsp[(6) - (11)].number)) ++ if ((yyvsp[-5].number)) + { + if (!currentIsVirt) + yyerror("Abstract destructor must be virtual"); +@@ -6799,7 +6733,7 @@ yyreduce: + * The class has a shadow if we have a virtual dtor or some + * dtor code. + */ +- if (currentIsVirt || (yyvsp[(10) - (11)].codeb) != NULL) ++ if (currentIsVirt || (yyvsp[-1].codeb) != NULL) + { + if (currentSpec -> genc) + yyerror("Virtual destructor or %VirtualCatcherCode not allowed in a C module"); +@@ -6807,24 +6741,26 @@ yyreduce: + setNeedsShadow(cd); + } + +- if (getReleaseGIL(&(yyvsp[(7) - (11)].optflags))) ++ if (getReleaseGIL(&(yyvsp[-4].optflags))) + setIsReleaseGILDtor(cd); +- else if (getHoldGIL(&(yyvsp[(7) - (11)].optflags))) ++ else if (getHoldGIL(&(yyvsp[-4].optflags))) + setIsHoldGILDtor(cd); + } + + currentIsVirt = FALSE; + } ++#line 6753 "../parser.c" + break; + +- case 449: +-#line 3634 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentCtorIsExplicit = TRUE;} ++ case 450: /* $@16: %empty */ ++#line 3660 "parser.y" ++ {currentCtorIsExplicit = TRUE;} ++#line 6759 "../parser.c" + break; + +- case 452: +-#line 3638 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 453: /* simplector: TK_NAME_VALUE '(' arglist ')' optexceptions optflags optctorsig ';' optdocstring premethodcode methodcode */ ++#line 3664 "parser.y" ++ { + /* Note that we allow ctors in C modules. */ + + if (notSkipping()) +@@ -6846,11 +6782,11 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(6) - (11)].optflags), annos); ++ checkAnnos(&(yyvsp[-5].optflags), annos); + + if (currentSpec -> genc) + { +- if ((yyvsp[(10) - (11)].codeb) == NULL && (yyvsp[(3) - (11)].signature).nrArgs != 0) ++ if ((yyvsp[-1].codeb) == NULL && (yyvsp[-8].signature).nrArgs != 0) + yyerror("Constructors with arguments in C modules must include %MethodCode"); + + if (currentCtorIsExplicit) +@@ -6860,80 +6796,87 @@ yyreduce: + if ((sectionFlags & (SECT_IS_PUBLIC | SECT_IS_PROT | SECT_IS_PRIVATE)) == 0) + yyerror("Constructor must be in the public, private or protected sections"); + +- newCtor(currentModule, (yyvsp[(1) - (11)].text), sectionFlags, &(yyvsp[(3) - (11)].signature), &(yyvsp[(6) - (11)].optflags), (yyvsp[(11) - (11)].codeb), (yyvsp[(5) - (11)].throwlist), (yyvsp[(7) - (11)].optsignature), +- currentCtorIsExplicit, (yyvsp[(9) - (11)].docstr), (yyvsp[(10) - (11)].codeb)); ++ newCtor(currentModule, (yyvsp[-10].text), sectionFlags, &(yyvsp[-8].signature), &(yyvsp[-5].optflags), (yyvsp[0].codeb), (yyvsp[-6].throwlist), (yyvsp[-4].optsignature), ++ currentCtorIsExplicit, (yyvsp[-2].docstr), (yyvsp[-1].codeb)); + } + +- free((yyvsp[(1) - (11)].text)); ++ free((yyvsp[-10].text)); + + currentCtorIsExplicit = FALSE; + } ++#line 6808 "../parser.c" + break; + +- case 453: +-#line 3684 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 454: /* optctorsig: %empty */ ++#line 3710 "parser.y" ++ { + (yyval.optsignature) = NULL; + } ++#line 6816 "../parser.c" + break; + +- case 454: +-#line 3687 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 455: /* $@17: %empty */ ++#line 3713 "parser.y" ++ { + parsingCSignature = TRUE; + } ++#line 6824 "../parser.c" + break; + +- case 455: +-#line 3689 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 456: /* optctorsig: '[' $@17 '(' arglist ')' ']' */ ++#line 3715 "parser.y" ++ { + (yyval.optsignature) = sipMalloc(sizeof (signatureDef)); + +- *(yyval.optsignature) = (yyvsp[(4) - (6)].signature); ++ *(yyval.optsignature) = (yyvsp[-2].signature); + + parsingCSignature = FALSE; + } ++#line 6836 "../parser.c" + break; + +- case 456: +-#line 3698 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 457: /* optsig: %empty */ ++#line 3724 "parser.y" ++ { + (yyval.optsignature) = NULL; + } ++#line 6844 "../parser.c" + break; + +- case 457: +-#line 3701 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 458: /* $@18: %empty */ ++#line 3727 "parser.y" ++ { + parsingCSignature = TRUE; + } ++#line 6852 "../parser.c" + break; + +- case 458: +-#line 3703 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 459: /* optsig: '[' $@18 cpptype '(' arglist ')' ']' */ ++#line 3729 "parser.y" ++ { + (yyval.optsignature) = sipMalloc(sizeof (signatureDef)); + +- *(yyval.optsignature) = (yyvsp[(5) - (7)].signature); +- (yyval.optsignature)->result = (yyvsp[(3) - (7)].memArg); ++ *(yyval.optsignature) = (yyvsp[-2].signature); ++ (yyval.optsignature)->result = (yyvsp[-4].memArg); + + parsingCSignature = FALSE; + } ++#line 6865 "../parser.c" + break; + +- case 459: +-#line 3713 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 460: /* function: cpptype TK_NAME_VALUE '(' arglist ')' optconst optfinal optexceptions optabstract optflags optsig ';' optdocstring premethodcode methodcode virtualcatchercode virtualcallcode */ ++#line 3739 "parser.y" ++ { + if (notSkipping()) + { +- applyTypeFlags(currentModule, &(yyvsp[(1) - (17)].memArg), &(yyvsp[(10) - (17)].optflags)); ++ applyTypeFlags(currentModule, &(yyvsp[-16].memArg), &(yyvsp[-7].optflags)); + +- (yyvsp[(4) - (17)].signature).result = (yyvsp[(1) - (17)].memArg); ++ (yyvsp[-13].signature).result = (yyvsp[-16].memArg); + + newFunction(currentSpec, currentModule, currentScope(), NULL, + NULL, sectionFlags, currentIsStatic, currentIsSignal, +- currentIsSlot, currentIsVirt, (yyvsp[(2) - (17)].text), &(yyvsp[(4) - (17)].signature), (yyvsp[(6) - (17)].number), (yyvsp[(9) - (17)].number), &(yyvsp[(10) - (17)].optflags), +- (yyvsp[(15) - (17)].codeb), (yyvsp[(16) - (17)].codeb), (yyvsp[(17) - (17)].codeb), (yyvsp[(8) - (17)].throwlist), (yyvsp[(11) - (17)].optsignature), (yyvsp[(13) - (17)].docstr), (yyvsp[(7) - (17)].number), (yyvsp[(14) - (17)].codeb)); ++ currentIsSlot, currentIsVirt, (yyvsp[-15].text), &(yyvsp[-13].signature), (yyvsp[-11].number), (yyvsp[-8].number), &(yyvsp[-7].optflags), ++ (yyvsp[-2].codeb), (yyvsp[-1].codeb), (yyvsp[0].codeb), (yyvsp[-9].throwlist), (yyvsp[-6].optsignature), (yyvsp[-4].docstr), (yyvsp[-10].number), (yyvsp[-3].codeb)); + } + + currentIsStatic = FALSE; +@@ -6941,11 +6884,12 @@ yyreduce: + currentIsSlot = FALSE; + currentIsVirt = FALSE; + } ++#line 6888 "../parser.c" + break; + +- case 460: +-#line 3731 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 461: /* function: cpptype TK_OPERATOR '=' '(' cpptype ')' ';' */ ++#line 3757 "parser.y" ++ { + /* + * It looks like an assignment operator (though we don't bother to + * check the types) so make sure it is private. +@@ -6965,11 +6909,12 @@ yyreduce: + currentIsSlot = FALSE; + currentIsVirt = FALSE; + } ++#line 6913 "../parser.c" + break; + +- case 461: +-#line 3751 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 462: /* function: cpptype TK_OPERATOR operatorname '(' arglist ')' optconst optfinal optexceptions optabstract optflags optsig ';' premethodcode methodcode virtualcatchercode virtualcallcode */ ++#line 3777 "parser.y" ++ { + if (notSkipping()) + { + classDef *cd = currentScope(); +@@ -6989,23 +6934,23 @@ yyreduce: + ns_scope = NULL; + } + +- applyTypeFlags(currentModule, &(yyvsp[(1) - (17)].memArg), &(yyvsp[(11) - (17)].optflags)); ++ applyTypeFlags(currentModule, &(yyvsp[-16].memArg), &(yyvsp[-6].optflags)); + + /* Handle the unary '+' and '-' operators. */ +- if ((cd != NULL && (yyvsp[(5) - (17)].signature).nrArgs == 0) || (cd == NULL && (yyvsp[(5) - (17)].signature).nrArgs == 1)) ++ if ((cd != NULL && (yyvsp[-12].signature).nrArgs == 0) || (cd == NULL && (yyvsp[-12].signature).nrArgs == 1)) + { +- if (strcmp((yyvsp[(3) - (17)].text), "__add__") == 0) +- (yyvsp[(3) - (17)].text) = "__pos__"; +- else if (strcmp((yyvsp[(3) - (17)].text), "__sub__") == 0) +- (yyvsp[(3) - (17)].text) = "__neg__"; ++ if (strcmp((yyvsp[-14].text), "__add__") == 0) ++ (yyvsp[-14].text) = "__pos__"; ++ else if (strcmp((yyvsp[-14].text), "__sub__") == 0) ++ (yyvsp[-14].text) = "__neg__"; + } + +- (yyvsp[(5) - (17)].signature).result = (yyvsp[(1) - (17)].memArg); ++ (yyvsp[-12].signature).result = (yyvsp[-16].memArg); + + newFunction(currentSpec, currentModule, cd, ns_scope, NULL, + sectionFlags, currentIsStatic, currentIsSignal, +- currentIsSlot, currentIsVirt, (yyvsp[(3) - (17)].text), &(yyvsp[(5) - (17)].signature), (yyvsp[(7) - (17)].number), (yyvsp[(10) - (17)].number), &(yyvsp[(11) - (17)].optflags), +- (yyvsp[(15) - (17)].codeb), (yyvsp[(16) - (17)].codeb), (yyvsp[(17) - (17)].codeb), (yyvsp[(9) - (17)].throwlist), (yyvsp[(12) - (17)].optsignature), NULL, (yyvsp[(8) - (17)].number), (yyvsp[(14) - (17)].codeb)); ++ currentIsSlot, currentIsVirt, (yyvsp[-14].text), &(yyvsp[-12].signature), (yyvsp[-10].number), (yyvsp[-7].number), &(yyvsp[-6].optflags), ++ (yyvsp[-2].codeb), (yyvsp[-1].codeb), (yyvsp[0].codeb), (yyvsp[-8].throwlist), (yyvsp[-5].optsignature), NULL, (yyvsp[-9].number), (yyvsp[-3].codeb)); + } + + currentIsStatic = FALSE; +@@ -7013,22 +6958,23 @@ yyreduce: + currentIsSlot = FALSE; + currentIsVirt = FALSE; + } ++#line 6962 "../parser.c" + break; + +- case 462: +-#line 3795 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 463: /* function: TK_OPERATOR cpptype '(' arglist ')' optconst optfinal optexceptions optabstract optflags optsig ';' premethodcode methodcode virtualcatchercode virtualcallcode */ ++#line 3821 "parser.y" ++ { + if (notSkipping()) + { + char *sname; + classDef *scope = currentScope(); + +- if (scope == NULL || (yyvsp[(4) - (16)].signature).nrArgs != 0) ++ if (scope == NULL || (yyvsp[-12].signature).nrArgs != 0) + yyerror("Operator casts must be specified in a class and have no arguments"); + +- applyTypeFlags(currentModule, &(yyvsp[(2) - (16)].memArg), &(yyvsp[(10) - (16)].optflags)); ++ applyTypeFlags(currentModule, &(yyvsp[-14].memArg), &(yyvsp[-6].optflags)); + +- switch ((yyvsp[(2) - (16)].memArg).atype) ++ switch ((yyvsp[-14].memArg).atype) + { + case defined_type: + sname = NULL; +@@ -7067,12 +7013,12 @@ yyreduce: + + if (sname != NULL) + { +- (yyvsp[(4) - (16)].signature).result = (yyvsp[(2) - (16)].memArg); ++ (yyvsp[-12].signature).result = (yyvsp[-14].memArg); + + newFunction(currentSpec, currentModule, scope, NULL, NULL, + sectionFlags, currentIsStatic, currentIsSignal, +- currentIsSlot, currentIsVirt, sname, &(yyvsp[(4) - (16)].signature), (yyvsp[(6) - (16)].number), (yyvsp[(9) - (16)].number), +- &(yyvsp[(10) - (16)].optflags), (yyvsp[(14) - (16)].codeb), (yyvsp[(15) - (16)].codeb), (yyvsp[(16) - (16)].codeb), (yyvsp[(8) - (16)].throwlist), (yyvsp[(11) - (16)].optsignature), NULL, (yyvsp[(7) - (16)].number), (yyvsp[(13) - (16)].codeb)); ++ currentIsSlot, currentIsVirt, sname, &(yyvsp[-12].signature), (yyvsp[-10].number), (yyvsp[-7].number), ++ &(yyvsp[-6].optflags), (yyvsp[-2].codeb), (yyvsp[-1].codeb), (yyvsp[0].codeb), (yyvsp[-8].throwlist), (yyvsp[-5].optsignature), NULL, (yyvsp[-9].number), (yyvsp[-3].codeb)); + } + else + { +@@ -7080,11 +7026,11 @@ yyreduce: + + /* Check it doesn't already exist. */ + for (al = scope->casts; al != NULL; al = al->next) +- if (compareScopedNames((yyvsp[(2) - (16)].memArg).u.snd, al->arg.u.snd) == 0) ++ if (compareScopedNames((yyvsp[-14].memArg).u.snd, al->arg.u.snd) == 0) + yyerror("This operator cast has already been specified in this class"); + + al = sipMalloc(sizeof (argList)); +- al->arg = (yyvsp[(2) - (16)].memArg); ++ al->arg = (yyvsp[-14].memArg); + al->next = scope->casts; + + scope->casts = al; +@@ -7096,367 +7042,421 @@ yyreduce: + currentIsSlot = FALSE; + currentIsVirt = FALSE; + } ++#line 7046 "../parser.c" + break; + +- case 463: +-#line 3876 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__add__";} ++ case 464: /* operatorname: '+' */ ++#line 3902 "parser.y" ++ {(yyval.text) = "__add__";} ++#line 7052 "../parser.c" + break; + +- case 464: +-#line 3877 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__sub__";} ++ case 465: /* operatorname: '-' */ ++#line 3903 "parser.y" ++ {(yyval.text) = "__sub__";} ++#line 7058 "../parser.c" + break; + +- case 465: +-#line 3878 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__mul__";} ++ case 466: /* operatorname: '*' */ ++#line 3904 "parser.y" ++ {(yyval.text) = "__mul__";} ++#line 7064 "../parser.c" + break; + +- case 466: +-#line 3879 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__div__";} ++ case 467: /* operatorname: '/' */ ++#line 3905 "parser.y" ++ {(yyval.text) = "__div__";} ++#line 7070 "../parser.c" + break; + +- case 467: +-#line 3880 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__mod__";} ++ case 468: /* operatorname: '%' */ ++#line 3906 "parser.y" ++ {(yyval.text) = "__mod__";} ++#line 7076 "../parser.c" + break; + +- case 468: +-#line 3881 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__and__";} ++ case 469: /* operatorname: '&' */ ++#line 3907 "parser.y" ++ {(yyval.text) = "__and__";} ++#line 7082 "../parser.c" + break; + +- case 469: +-#line 3882 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__or__";} ++ case 470: /* operatorname: '|' */ ++#line 3908 "parser.y" ++ {(yyval.text) = "__or__";} ++#line 7088 "../parser.c" + break; + +- case 470: +-#line 3883 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__xor__";} ++ case 471: /* operatorname: '^' */ ++#line 3909 "parser.y" ++ {(yyval.text) = "__xor__";} ++#line 7094 "../parser.c" + break; + +- case 471: +-#line 3884 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__lshift__";} ++ case 472: /* operatorname: '<' '<' */ ++#line 3910 "parser.y" ++ {(yyval.text) = "__lshift__";} ++#line 7100 "../parser.c" + break; + +- case 472: +-#line 3885 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__rshift__";} ++ case 473: /* operatorname: '>' '>' */ ++#line 3911 "parser.y" ++ {(yyval.text) = "__rshift__";} ++#line 7106 "../parser.c" + break; + +- case 473: +-#line 3886 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__iadd__";} ++ case 474: /* operatorname: '+' '=' */ ++#line 3912 "parser.y" ++ {(yyval.text) = "__iadd__";} ++#line 7112 "../parser.c" + break; + +- case 474: +-#line 3887 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__isub__";} ++ case 475: /* operatorname: '-' '=' */ ++#line 3913 "parser.y" ++ {(yyval.text) = "__isub__";} ++#line 7118 "../parser.c" + break; + +- case 475: +-#line 3888 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__imul__";} ++ case 476: /* operatorname: '*' '=' */ ++#line 3914 "parser.y" ++ {(yyval.text) = "__imul__";} ++#line 7124 "../parser.c" + break; + +- case 476: +-#line 3889 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__idiv__";} ++ case 477: /* operatorname: '/' '=' */ ++#line 3915 "parser.y" ++ {(yyval.text) = "__idiv__";} ++#line 7130 "../parser.c" + break; + +- case 477: +-#line 3890 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__imod__";} ++ case 478: /* operatorname: '%' '=' */ ++#line 3916 "parser.y" ++ {(yyval.text) = "__imod__";} ++#line 7136 "../parser.c" + break; + +- case 478: +-#line 3891 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__iand__";} ++ case 479: /* operatorname: '&' '=' */ ++#line 3917 "parser.y" ++ {(yyval.text) = "__iand__";} ++#line 7142 "../parser.c" + break; + +- case 479: +-#line 3892 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__ior__";} ++ case 480: /* operatorname: '|' '=' */ ++#line 3918 "parser.y" ++ {(yyval.text) = "__ior__";} ++#line 7148 "../parser.c" + break; + +- case 480: +-#line 3893 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__ixor__";} ++ case 481: /* operatorname: '^' '=' */ ++#line 3919 "parser.y" ++ {(yyval.text) = "__ixor__";} ++#line 7154 "../parser.c" + break; + +- case 481: +-#line 3894 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__ilshift__";} ++ case 482: /* operatorname: '<' '<' '=' */ ++#line 3920 "parser.y" ++ {(yyval.text) = "__ilshift__";} ++#line 7160 "../parser.c" + break; + +- case 482: +-#line 3895 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__irshift__";} ++ case 483: /* operatorname: '>' '>' '=' */ ++#line 3921 "parser.y" ++ {(yyval.text) = "__irshift__";} ++#line 7166 "../parser.c" + break; + +- case 483: +-#line 3896 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__invert__";} ++ case 484: /* operatorname: '~' */ ++#line 3922 "parser.y" ++ {(yyval.text) = "__invert__";} ++#line 7172 "../parser.c" + break; + +- case 484: +-#line 3897 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__call__";} ++ case 485: /* operatorname: '(' ')' */ ++#line 3923 "parser.y" ++ {(yyval.text) = "__call__";} ++#line 7178 "../parser.c" + break; + +- case 485: +-#line 3898 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__getitem__";} ++ case 486: /* operatorname: '[' ']' */ ++#line 3924 "parser.y" ++ {(yyval.text) = "__getitem__";} ++#line 7184 "../parser.c" + break; + +- case 486: +-#line 3899 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__lt__";} ++ case 487: /* operatorname: '<' */ ++#line 3925 "parser.y" ++ {(yyval.text) = "__lt__";} ++#line 7190 "../parser.c" + break; + +- case 487: +-#line 3900 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__le__";} ++ case 488: /* operatorname: '<' '=' */ ++#line 3926 "parser.y" ++ {(yyval.text) = "__le__";} ++#line 7196 "../parser.c" + break; + +- case 488: +-#line 3901 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__eq__";} ++ case 489: /* operatorname: '=' '=' */ ++#line 3927 "parser.y" ++ {(yyval.text) = "__eq__";} ++#line 7202 "../parser.c" + break; + +- case 489: +-#line 3902 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__ne__";} ++ case 490: /* operatorname: '!' '=' */ ++#line 3928 "parser.y" ++ {(yyval.text) = "__ne__";} ++#line 7208 "../parser.c" + break; + +- case 490: +-#line 3903 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__gt__";} ++ case 491: /* operatorname: '>' */ ++#line 3929 "parser.y" ++ {(yyval.text) = "__gt__";} ++#line 7214 "../parser.c" + break; + +- case 491: +-#line 3904 "sip-4.19.23/sipgen/metasrc/parser.y" +- {(yyval.text) = "__ge__";} ++ case 492: /* operatorname: '>' '=' */ ++#line 3930 "parser.y" ++ {(yyval.text) = "__ge__";} ++#line 7220 "../parser.c" + break; + +- case 492: +-#line 3907 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 493: /* optconst: %empty */ ++#line 3933 "parser.y" ++ { + (yyval.number) = FALSE; + } ++#line 7228 "../parser.c" + break; + +- case 493: +-#line 3910 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 494: /* optconst: TK_CONST */ ++#line 3936 "parser.y" ++ { + (yyval.number) = TRUE; + } ++#line 7236 "../parser.c" + break; + +- case 494: +-#line 3915 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 495: /* optfinal: %empty */ ++#line 3941 "parser.y" ++ { + (yyval.number) = FALSE; + } ++#line 7244 "../parser.c" + break; + +- case 495: +-#line 3918 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 496: /* optfinal: TK_FINAL */ ++#line 3944 "parser.y" ++ { + (yyval.number) = TRUE; + } ++#line 7252 "../parser.c" + break; + +- case 496: +-#line 3923 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 497: /* optabstract: %empty */ ++#line 3949 "parser.y" ++ { + (yyval.number) = 0; + } ++#line 7260 "../parser.c" + break; + +- case 497: +-#line 3926 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- if ((yyvsp[(2) - (2)].number) != 0) ++ case 498: /* optabstract: '=' TK_NUMBER_VALUE */ ++#line 3952 "parser.y" ++ { ++ if ((yyvsp[0].number) != 0) + yyerror("Abstract virtual function '= 0' expected"); + + (yyval.number) = TRUE; + } ++#line 7271 "../parser.c" + break; + +- case 498: +-#line 3934 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 499: /* optflags: %empty */ ++#line 3960 "parser.y" ++ { + (yyval.optflags).nrFlags = 0; + } ++#line 7279 "../parser.c" + break; + +- case 499: +-#line 3937 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.optflags) = (yyvsp[(2) - (3)].optflags); ++ case 500: /* optflags: '/' flaglist '/' */ ++#line 3963 "parser.y" ++ { ++ (yyval.optflags) = (yyvsp[-1].optflags); + } ++#line 7287 "../parser.c" + break; + +- case 500: +-#line 3943 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.optflags).flags[0] = (yyvsp[(1) - (1)].flag); ++ case 501: /* flaglist: flag */ ++#line 3969 "parser.y" ++ { ++ (yyval.optflags).flags[0] = (yyvsp[0].flag); + (yyval.optflags).nrFlags = 1; + } ++#line 7296 "../parser.c" + break; + +- case 501: +-#line 3947 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 502: /* flaglist: flaglist ',' flag */ ++#line 3973 "parser.y" ++ { + /* Check there is room. */ + +- if ((yyvsp[(1) - (3)].optflags).nrFlags == MAX_NR_FLAGS) ++ if ((yyvsp[-2].optflags).nrFlags == MAX_NR_FLAGS) + yyerror("Too many optional flags"); + +- (yyval.optflags) = (yyvsp[(1) - (3)].optflags); ++ (yyval.optflags) = (yyvsp[-2].optflags); + +- (yyval.optflags).flags[(yyval.optflags).nrFlags++] = (yyvsp[(3) - (3)].flag); ++ (yyval.optflags).flags[(yyval.optflags).nrFlags++] = (yyvsp[0].flag); + } ++#line 7311 "../parser.c" + break; + +- case 502: +-#line 3959 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 503: /* flag: TK_NAME_VALUE */ ++#line 3985 "parser.y" ++ { + (yyval.flag).ftype = bool_flag; +- (yyval.flag).fname = (yyvsp[(1) - (1)].text); ++ (yyval.flag).fname = (yyvsp[0].text); + } ++#line 7320 "../parser.c" + break; + +- case 503: +-#line 3963 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.flag) = (yyvsp[(3) - (3)].flag); +- (yyval.flag).fname = (yyvsp[(1) - (3)].text); ++ case 504: /* flag: TK_NAME_VALUE '=' flagvalue */ ++#line 3989 "parser.y" ++ { ++ (yyval.flag) = (yyvsp[0].flag); ++ (yyval.flag).fname = (yyvsp[-2].text); + } ++#line 7329 "../parser.c" + break; + +- case 504: +-#line 3969 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.flag).ftype = (strchr((yyvsp[(1) - (1)].text), '.') != NULL) ? dotted_name_flag : name_flag; +- (yyval.flag).fvalue.sval = (yyvsp[(1) - (1)].text); ++ case 505: /* flagvalue: dottedname */ ++#line 3995 "parser.y" ++ { ++ (yyval.flag).ftype = (strchr((yyvsp[0].text), '.') != NULL) ? dotted_name_flag : name_flag; ++ (yyval.flag).fvalue.sval = (yyvsp[0].text); + } ++#line 7338 "../parser.c" + break; + +- case 505: +-#line 3973 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 506: /* flagvalue: TK_NAME_VALUE ':' optnumber '-' optnumber */ ++#line 3999 "parser.y" ++ { + apiVersionRangeDef *avd; + int from, to; + + (yyval.flag).ftype = api_range_flag; + + /* Check that the API is known. */ +- if ((avd = findAPI(currentSpec, (yyvsp[(1) - (5)].text))) == NULL) ++ if ((avd = findAPI(currentSpec, (yyvsp[-4].text))) == NULL) + yyerror("unknown API name in API annotation"); + + if (inMainModule()) + setIsUsedName(avd->api_name); + + /* Unbounded values are represented by 0. */ +- if ((from = (yyvsp[(3) - (5)].number)) < 0) ++ if ((from = (yyvsp[-2].number)) < 0) + from = 0; + +- if ((to = (yyvsp[(5) - (5)].number)) < 0) ++ if ((to = (yyvsp[0].number)) < 0) + to = 0; + + (yyval.flag).fvalue.aval = convertAPIRange(currentModule, avd->api_name, + from, to); + } ++#line 7366 "../parser.c" + break; + +- case 506: +-#line 3996 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 507: /* flagvalue: TK_STRING_VALUE */ ++#line 4022 "parser.y" ++ { + (yyval.flag).ftype = string_flag; +- (yyval.flag).fvalue.sval = convertFeaturedString((yyvsp[(1) - (1)].text)); ++ (yyval.flag).fvalue.sval = convertFeaturedString((yyvsp[0].text)); + } ++#line 7375 "../parser.c" + break; + +- case 507: +-#line 4000 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 508: /* flagvalue: TK_NUMBER_VALUE */ ++#line 4026 "parser.y" ++ { + (yyval.flag).ftype = integer_flag; +- (yyval.flag).fvalue.ival = (yyvsp[(1) - (1)].number); ++ (yyval.flag).fvalue.ival = (yyvsp[0].number); + } ++#line 7384 "../parser.c" + break; + +- case 508: +-#line 4006 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 509: /* virtualcallcode: %empty */ ++#line 4032 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 7392 "../parser.c" + break; + +- case 509: +-#line 4009 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 510: /* virtualcallcode: TK_VIRTUALCALLCODE codeblock */ ++#line 4035 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 7400 "../parser.c" + break; + +- case 510: +-#line 4014 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 511: /* methodcode: %empty */ ++#line 4040 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 7408 "../parser.c" + break; + +- case 511: +-#line 4017 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 512: /* methodcode: TK_METHODCODE codeblock */ ++#line 4043 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 7416 "../parser.c" + break; + +- case 512: +-#line 4022 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 513: /* premethodcode: %empty */ ++#line 4048 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 7424 "../parser.c" + break; + +- case 513: +-#line 4025 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 514: /* premethodcode: TK_PREMETHODCODE codeblock */ ++#line 4051 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 7432 "../parser.c" + break; + +- case 514: +-#line 4030 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 515: /* virtualcatchercode: %empty */ ++#line 4056 "parser.y" ++ { + (yyval.codeb) = NULL; + } ++#line 7440 "../parser.c" + break; + +- case 515: +-#line 4033 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.codeb) = (yyvsp[(2) - (2)].codeb); ++ case 516: /* virtualcatchercode: TK_VIRTUALCATCHERCODE codeblock */ ++#line 4059 "parser.y" ++ { ++ (yyval.codeb) = (yyvsp[0].codeb); + } ++#line 7448 "../parser.c" + break; + +- case 516: +-#line 4038 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 517: /* arglist: rawarglist */ ++#line 4064 "parser.y" ++ { + int a, nrrxcon, nrrxdis, nrslotcon, nrslotdis, nrarray, nrarraysize; + + nrrxcon = nrrxdis = nrslotcon = nrslotdis = nrarray = nrarraysize = 0; + +- for (a = 0; a < (yyvsp[(1) - (1)].signature).nrArgs; ++a) ++ for (a = 0; a < (yyvsp[0].signature).nrArgs; ++a) + { +- argDef *ad = &(yyvsp[(1) - (1)].signature).args[a]; ++ argDef *ad = &(yyvsp[0].signature).args[a]; + + switch (ad -> atype) + { +@@ -7497,226 +7497,243 @@ yyreduce: + if (nrarray != nrarraysize || nrarray > 1) + yyerror("/Array/ and /ArraySize/ must both be given and at most once"); + +- (yyval.signature) = (yyvsp[(1) - (1)].signature); ++ (yyval.signature) = (yyvsp[0].signature); + } ++#line 7503 "../parser.c" + break; + +- case 517: +-#line 4090 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 518: /* rawarglist: %empty */ ++#line 4116 "parser.y" ++ { + /* No arguments. */ + + (yyval.signature).nrArgs = 0; + } ++#line 7513 "../parser.c" + break; + +- case 518: +-#line 4095 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 519: /* rawarglist: argvalue */ ++#line 4121 "parser.y" ++ { + /* The single or first argument. */ + +- (yyval.signature).args[0] = (yyvsp[(1) - (1)].memArg); ++ (yyval.signature).args[0] = (yyvsp[0].memArg); + (yyval.signature).nrArgs = 1; + } ++#line 7524 "../parser.c" + break; + +- case 519: +-#line 4101 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 520: /* rawarglist: rawarglist ',' argvalue */ ++#line 4127 "parser.y" ++ { + /* Check that it wasn't ...(,arg...). */ +- if ((yyvsp[(1) - (3)].signature).nrArgs == 0) ++ if ((yyvsp[-2].signature).nrArgs == 0) + yyerror("First argument of the list is missing"); + + /* + * If this argument has no default value, then the + * previous one mustn't either. + */ +- if ((yyvsp[(3) - (3)].memArg).defval == NULL && (yyvsp[(1) - (3)].signature).args[(yyvsp[(1) - (3)].signature).nrArgs - 1].defval != NULL) ++ if ((yyvsp[0].memArg).defval == NULL && (yyvsp[-2].signature).args[(yyvsp[-2].signature).nrArgs - 1].defval != NULL) + yyerror("Compulsory argument given after optional argument"); + + /* Check there is room. */ +- if ((yyvsp[(1) - (3)].signature).nrArgs == MAX_NR_ARGS) ++ if ((yyvsp[-2].signature).nrArgs == MAX_NR_ARGS) + yyerror("Internal error - increase the value of MAX_NR_ARGS"); + +- (yyval.signature) = (yyvsp[(1) - (3)].signature); ++ (yyval.signature) = (yyvsp[-2].signature); + +- (yyval.signature).args[(yyval.signature).nrArgs] = (yyvsp[(3) - (3)].memArg); ++ (yyval.signature).args[(yyval.signature).nrArgs] = (yyvsp[0].memArg); + (yyval.signature).nrArgs++; + } ++#line 7550 "../parser.c" + break; + +- case 520: +-#line 4124 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 521: /* argvalue: TK_SIPSIGNAL optname optflags optassign */ ++#line 4150 "parser.y" ++ { + deprecated("SIP_SIGNAL is deprecated\n"); +- checkNoAnnos(&(yyvsp[(3) - (4)].optflags), "SIP_SIGNAL has no annotations"); ++ checkNoAnnos(&(yyvsp[-1].optflags), "SIP_SIGNAL has no annotations"); + + (yyval.memArg).atype = signal_type; + (yyval.memArg).argflags = ARG_IS_CONST; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (4)].text)); +- (yyval.memArg).defval = (yyvsp[(4) - (4)].valp); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-2].text)); ++ (yyval.memArg).defval = (yyvsp[0].valp); + + currentSpec -> sigslots = TRUE; + } ++#line 7567 "../parser.c" + break; + +- case 521: +-#line 4136 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 522: /* argvalue: TK_SIPSLOT optname optflags optassign */ ++#line 4162 "parser.y" ++ { + deprecated("SIP_SLOT is deprecated\n"); +- checkNoAnnos(&(yyvsp[(3) - (4)].optflags), "SIP_SLOT has no annotations"); ++ checkNoAnnos(&(yyvsp[-1].optflags), "SIP_SLOT has no annotations"); + + (yyval.memArg).atype = slot_type; + (yyval.memArg).argflags = ARG_IS_CONST; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (4)].text)); +- (yyval.memArg).defval = (yyvsp[(4) - (4)].valp); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-2].text)); ++ (yyval.memArg).defval = (yyvsp[0].valp); + + currentSpec -> sigslots = TRUE; + } ++#line 7584 "../parser.c" + break; + +- case 522: +-#line 4148 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 523: /* argvalue: TK_SIPANYSLOT optname optflags optassign */ ++#line 4174 "parser.y" ++ { + deprecated("SIP_ANYSLOT is deprecated\n"); +- checkNoAnnos(&(yyvsp[(3) - (4)].optflags), "SIP_ANYSLOT has no annotations"); ++ checkNoAnnos(&(yyvsp[-1].optflags), "SIP_ANYSLOT has no annotations"); + + (yyval.memArg).atype = anyslot_type; + (yyval.memArg).argflags = ARG_IS_CONST; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (4)].text)); +- (yyval.memArg).defval = (yyvsp[(4) - (4)].valp); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-2].text)); ++ (yyval.memArg).defval = (yyvsp[0].valp); + + currentSpec -> sigslots = TRUE; + } ++#line 7601 "../parser.c" + break; + +- case 523: +-#line 4160 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 524: /* argvalue: TK_SIPRXCON optname optflags */ ++#line 4186 "parser.y" ++ { + const char *annos[] = { + "SingleShot", + NULL + }; + + deprecated("SIP_RXOBJ_CON is deprecated\n"); +- checkAnnos(&(yyvsp[(3) - (3)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + + (yyval.memArg).atype = rxcon_type; + (yyval.memArg).argflags = 0; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (3)].text)); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags), "SingleShot", bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags), "SingleShot", bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_SINGLE_SHOT; + + currentSpec -> sigslots = TRUE; + } ++#line 7625 "../parser.c" + break; + +- case 524: +-#line 4179 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 525: /* argvalue: TK_SIPRXDIS optname optflags */ ++#line 4205 "parser.y" ++ { + deprecated("SIP_RXOBJ_DIS is deprecated\n"); +- checkNoAnnos(&(yyvsp[(3) - (3)].optflags), "SIP_RXOBJ_DIS has no annotations"); ++ checkNoAnnos(&(yyvsp[0].optflags), "SIP_RXOBJ_DIS has no annotations"); + + (yyval.memArg).atype = rxdis_type; + (yyval.memArg).argflags = 0; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (3)].text)); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + + currentSpec -> sigslots = TRUE; + } ++#line 7641 "../parser.c" + break; + +- case 525: +-#line 4190 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 526: /* argvalue: TK_SIPSLOTCON '(' arglist ')' optname optflags */ ++#line 4216 "parser.y" ++ { + deprecated("SIP_SLOT_CON is deprecated\n"); +- checkNoAnnos(&(yyvsp[(6) - (6)].optflags), "SIP_SLOT_CON has no annotations"); ++ checkNoAnnos(&(yyvsp[0].optflags), "SIP_SLOT_CON has no annotations"); + + (yyval.memArg).atype = slotcon_type; + (yyval.memArg).argflags = ARG_IS_CONST; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(5) - (6)].text)); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + +- memset(&(yyvsp[(3) - (6)].signature).result, 0, sizeof (argDef)); +- (yyvsp[(3) - (6)].signature).result.atype = void_type; ++ memset(&(yyvsp[-3].signature).result, 0, sizeof (argDef)); ++ (yyvsp[-3].signature).result.atype = void_type; + + (yyval.memArg).u.sa = sipMalloc(sizeof (signatureDef)); +- *(yyval.memArg).u.sa = (yyvsp[(3) - (6)].signature); ++ *(yyval.memArg).u.sa = (yyvsp[-3].signature); + + currentSpec -> sigslots = TRUE; + } ++#line 7663 "../parser.c" + break; + +- case 526: +-#line 4207 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 527: /* argvalue: TK_SIPSLOTDIS '(' arglist ')' optname optflags */ ++#line 4233 "parser.y" ++ { + deprecated("SIP_SLOT_DIS is deprecated\n"); +- checkNoAnnos(&(yyvsp[(6) - (6)].optflags), "SIP_SLOT_DIS has no annotations"); ++ checkNoAnnos(&(yyvsp[0].optflags), "SIP_SLOT_DIS has no annotations"); + + (yyval.memArg).atype = slotdis_type; + (yyval.memArg).argflags = ARG_IS_CONST; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(5) - (6)].text)); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + +- memset(&(yyvsp[(3) - (6)].signature).result, 0, sizeof (argDef)); +- (yyvsp[(3) - (6)].signature).result.atype = void_type; ++ memset(&(yyvsp[-3].signature).result, 0, sizeof (argDef)); ++ (yyvsp[-3].signature).result.atype = void_type; + + (yyval.memArg).u.sa = sipMalloc(sizeof (signatureDef)); +- *(yyval.memArg).u.sa = (yyvsp[(3) - (6)].signature); ++ *(yyval.memArg).u.sa = (yyvsp[-3].signature); + + currentSpec -> sigslots = TRUE; + } ++#line 7685 "../parser.c" + break; + +- case 527: +-#line 4224 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 528: /* argvalue: TK_QOBJECT optname optflags */ ++#line 4250 "parser.y" ++ { + deprecated("SIP_QOBJECT is deprecated\n"); +- checkNoAnnos(&(yyvsp[(3) - (3)].optflags), "SIP_QOBJECT has no annotations"); ++ checkNoAnnos(&(yyvsp[0].optflags), "SIP_QOBJECT has no annotations"); + + (yyval.memArg).atype = qobject_type; + (yyval.memArg).argflags = 0; + (yyval.memArg).nrderefs = 0; +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (3)].text)); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + } ++#line 7699 "../parser.c" + break; + +- case 528: +-#line 4233 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.memArg) = (yyvsp[(1) - (2)].memArg); +- (yyval.memArg).defval = (yyvsp[(2) - (2)].valp); ++ case 529: /* argvalue: argtype optassign */ ++#line 4259 "parser.y" ++ { ++ (yyval.memArg) = (yyvsp[-1].memArg); ++ (yyval.memArg).defval = (yyvsp[0].valp); + } ++#line 7708 "../parser.c" + break; + +- case 529: +-#line 4240 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsSignal = TRUE;} ++ case 530: /* $@19: %empty */ ++#line 4266 "parser.y" ++ {currentIsSignal = TRUE;} ++#line 7714 "../parser.c" + break; + +- case 531: +-#line 4241 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsSlot = TRUE;} ++ case 532: /* $@20: %empty */ ++#line 4267 "parser.y" ++ {currentIsSlot = TRUE;} ++#line 7720 "../parser.c" + break; + +- case 534: +-#line 4246 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsStatic = TRUE;} ++ case 535: /* $@21: %empty */ ++#line 4272 "parser.y" ++ {currentIsStatic = TRUE;} ++#line 7726 "../parser.c" + break; + +- case 539: +-#line 4256 "sip-4.19.23/sipgen/metasrc/parser.y" +- {currentIsVirt = TRUE;} ++ case 540: /* $@22: %empty */ ++#line 4282 "parser.y" ++ {currentIsVirt = TRUE;} ++#line 7732 "../parser.c" + break; + +- case 542: +-#line 4260 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 543: /* variable: cpptype TK_NAME_VALUE optflags variable_body ';' optaccesscode optgetcode optsetcode */ ++#line 4286 "parser.y" ++ { + if (notSkipping()) + { + const char *annos[] = { +@@ -7730,99 +7747,105 @@ yyreduce: + NULL + }; + +- checkAnnos(&(yyvsp[(3) - (8)].optflags), annos); ++ checkAnnos(&(yyvsp[-5].optflags), annos); + +- if ((yyvsp[(6) - (8)].codeb) != NULL) ++ if ((yyvsp[-2].codeb) != NULL) + { +- if ((yyvsp[(4) - (8)].variable).access_code != NULL) ++ if ((yyvsp[-4].variable).access_code != NULL) + yyerror("%AccessCode already defined"); + +- (yyvsp[(4) - (8)].variable).access_code = (yyvsp[(6) - (8)].codeb); ++ (yyvsp[-4].variable).access_code = (yyvsp[-2].codeb); + + deprecated("%AccessCode should be used as a sub-directive"); + } + +- if ((yyvsp[(7) - (8)].codeb) != NULL) ++ if ((yyvsp[-1].codeb) != NULL) + { +- if ((yyvsp[(4) - (8)].variable).get_code != NULL) ++ if ((yyvsp[-4].variable).get_code != NULL) + yyerror("%GetCode already defined"); + +- (yyvsp[(4) - (8)].variable).get_code = (yyvsp[(7) - (8)].codeb); ++ (yyvsp[-4].variable).get_code = (yyvsp[-1].codeb); + + deprecated("%GetCode should be used as a sub-directive"); + } + +- if ((yyvsp[(8) - (8)].codeb) != NULL) ++ if ((yyvsp[0].codeb) != NULL) + { +- if ((yyvsp[(4) - (8)].variable).set_code != NULL) ++ if ((yyvsp[-4].variable).set_code != NULL) + yyerror("%SetCode already defined"); + +- (yyvsp[(4) - (8)].variable).set_code = (yyvsp[(8) - (8)].codeb); ++ (yyvsp[-4].variable).set_code = (yyvsp[0].codeb); + + deprecated("%SetCode should be used as a sub-directive"); + } + +- newVar(currentSpec, currentModule, (yyvsp[(2) - (8)].text), currentIsStatic, &(yyvsp[(1) - (8)].memArg), +- &(yyvsp[(3) - (8)].optflags), (yyvsp[(4) - (8)].variable).access_code, (yyvsp[(4) - (8)].variable).get_code, (yyvsp[(4) - (8)].variable).set_code, ++ newVar(currentSpec, currentModule, (yyvsp[-6].text), currentIsStatic, &(yyvsp[-7].memArg), ++ &(yyvsp[-5].optflags), (yyvsp[-4].variable).access_code, (yyvsp[-4].variable).get_code, (yyvsp[-4].variable).set_code, + sectionFlags); + } + + currentIsStatic = FALSE; + } ++#line 7790 "../parser.c" + break; + +- case 543: +-#line 4315 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 544: /* variable_body: %empty */ ++#line 4341 "parser.y" ++ { + (yyval.variable).token = 0; + (yyval.variable).access_code = NULL; + (yyval.variable).get_code = NULL; + (yyval.variable).set_code = NULL; + } ++#line 7801 "../parser.c" + break; + +- case 544: +-#line 4321 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.variable) = (yyvsp[(2) - (3)].variable); ++ case 545: /* variable_body: '{' variable_body_directives '}' */ ++#line 4347 "parser.y" ++ { ++ (yyval.variable) = (yyvsp[-1].variable); + } ++#line 7809 "../parser.c" + break; + +- case 546: +-#line 4327 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.variable) = (yyvsp[(1) - (2)].variable); ++ case 547: /* variable_body_directives: variable_body_directives variable_body_directive */ ++#line 4353 "parser.y" ++ { ++ (yyval.variable) = (yyvsp[-1].variable); + +- switch ((yyvsp[(2) - (2)].variable).token) ++ switch ((yyvsp[0].variable).token) + { +- case TK_ACCESSCODE: (yyval.variable).access_code = (yyvsp[(2) - (2)].variable).access_code; break; +- case TK_GETCODE: (yyval.variable).get_code = (yyvsp[(2) - (2)].variable).get_code; break; +- case TK_SETCODE: (yyval.variable).set_code = (yyvsp[(2) - (2)].variable).set_code; break; ++ case TK_ACCESSCODE: (yyval.variable).access_code = (yyvsp[0].variable).access_code; break; ++ case TK_GETCODE: (yyval.variable).get_code = (yyvsp[0].variable).get_code; break; ++ case TK_SETCODE: (yyval.variable).set_code = (yyvsp[0].variable).set_code; break; + } + } ++#line 7824 "../parser.c" + break; + +- case 547: +-#line 4339 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 548: /* variable_body_directive: ifstart */ ++#line 4365 "parser.y" ++ { + (yyval.variable).token = TK_IF; + } ++#line 7832 "../parser.c" + break; + +- case 548: +-#line 4342 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 549: /* variable_body_directive: ifend */ ++#line 4368 "parser.y" ++ { + (yyval.variable).token = TK_END; + } ++#line 7840 "../parser.c" + break; + +- case 549: +-#line 4345 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 550: /* variable_body_directive: TK_ACCESSCODE codeblock */ ++#line 4371 "parser.y" ++ { + if (notSkipping()) + { + (yyval.variable).token = TK_ACCESSCODE; +- (yyval.variable).access_code = (yyvsp[(2) - (2)].codeb); ++ (yyval.variable).access_code = (yyvsp[0].codeb); + } + else + { +@@ -7833,15 +7856,16 @@ yyreduce: + (yyval.variable).get_code = NULL; + (yyval.variable).set_code = NULL; + } ++#line 7860 "../parser.c" + break; + +- case 550: +-#line 4360 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 551: /* variable_body_directive: TK_GETCODE codeblock */ ++#line 4386 "parser.y" ++ { + if (notSkipping()) + { + (yyval.variable).token = TK_GETCODE; +- (yyval.variable).get_code = (yyvsp[(2) - (2)].codeb); ++ (yyval.variable).get_code = (yyvsp[0].codeb); + } + else + { +@@ -7852,15 +7876,16 @@ yyreduce: + (yyval.variable).access_code = NULL; + (yyval.variable).set_code = NULL; + } ++#line 7880 "../parser.c" + break; + +- case 551: +-#line 4375 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 552: /* variable_body_directive: TK_SETCODE codeblock */ ++#line 4401 "parser.y" ++ { + if (notSkipping()) + { + (yyval.variable).token = TK_SETCODE; +- (yyval.variable).set_code = (yyvsp[(2) - (2)].codeb); ++ (yyval.variable).set_code = (yyvsp[0].codeb); + } + else + { +@@ -7871,36 +7896,39 @@ yyreduce: + (yyval.variable).access_code = NULL; + (yyval.variable).get_code = NULL; + } ++#line 7900 "../parser.c" + break; + +- case 552: +-#line 4392 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.memArg) = (yyvsp[(2) - (4)].memArg); +- add_derefs(&(yyval.memArg), &(yyvsp[(3) - (4)].memArg)); +- (yyval.memArg).argflags |= ARG_IS_CONST | (yyvsp[(4) - (4)].number); ++ case 553: /* cpptype: TK_CONST basetype deref optref */ ++#line 4418 "parser.y" ++ { ++ (yyval.memArg) = (yyvsp[-2].memArg); ++ add_derefs(&(yyval.memArg), &(yyvsp[-1].memArg)); ++ (yyval.memArg).argflags |= ARG_IS_CONST | (yyvsp[0].number); + } ++#line 7910 "../parser.c" + break; + +- case 553: +-#line 4397 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- (yyval.memArg) = (yyvsp[(1) - (3)].memArg); +- add_derefs(&(yyval.memArg), &(yyvsp[(2) - (3)].memArg)); +- (yyval.memArg).argflags |= (yyvsp[(3) - (3)].number); ++ case 554: /* cpptype: basetype deref optref */ ++#line 4423 "parser.y" ++ { ++ (yyval.memArg) = (yyvsp[-2].memArg); ++ add_derefs(&(yyval.memArg), &(yyvsp[-1].memArg)); ++ (yyval.memArg).argflags |= (yyvsp[0].number); + + /* PyObject * is a synonym for SIP_PYOBJECT. */ +- if ((yyvsp[(1) - (3)].memArg).atype == defined_type && strcmp((yyvsp[(1) - (3)].memArg).u.snd->name, "PyObject") == 0 && (yyvsp[(1) - (3)].memArg).u.snd->next == NULL && (yyvsp[(2) - (3)].memArg).nrderefs == 1 && (yyvsp[(3) - (3)].number) == 0) ++ if ((yyvsp[-2].memArg).atype == defined_type && strcmp((yyvsp[-2].memArg).u.snd->name, "PyObject") == 0 && (yyvsp[-2].memArg).u.snd->next == NULL && (yyvsp[-1].memArg).nrderefs == 1 && (yyvsp[0].number) == 0) + { + (yyval.memArg).atype = pyobject_type; + (yyval.memArg).nrderefs = 0; + } + } ++#line 7927 "../parser.c" + break; + +- case 554: +-#line 4411 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 555: /* argtype: cpptype optname optflags */ ++#line 4437 "parser.y" ++ { + const char *annos[] = { + "AllowNone", + "Array", +@@ -7930,54 +7958,54 @@ yyreduce: + + optFlag *of; + +- checkAnnos(&(yyvsp[(3) - (3)].optflags), annos); ++ checkAnnos(&(yyvsp[0].optflags), annos); + +- (yyval.memArg) = (yyvsp[(1) - (3)].memArg); +- (yyval.memArg).name = cacheName(currentSpec, (yyvsp[(2) - (3)].text)); ++ (yyval.memArg) = (yyvsp[-2].memArg); ++ (yyval.memArg).name = cacheName(currentSpec, (yyvsp[-1].text)); + +- handleKeepReference(&(yyvsp[(3) - (3)].optflags), &(yyval.memArg), currentModule); ++ handleKeepReference(&(yyvsp[0].optflags), &(yyval.memArg), currentModule); + +- if ((of = getOptFlag(&(yyvsp[(3) - (3)].optflags), "ScopesStripped", opt_integer_flag)) != NULL) ++ if ((of = getOptFlag(&(yyvsp[0].optflags), "ScopesStripped", opt_integer_flag)) != NULL) + if (((yyval.memArg).scopes_stripped = of->fvalue.ival) <= 0) + yyerror("/ScopesStripped/ must be greater than 0"); + +- if (getAllowNone(&(yyvsp[(3) - (3)].optflags))) ++ if (getAllowNone(&(yyvsp[0].optflags))) + (yyval.memArg).argflags |= ARG_ALLOW_NONE; + +- if (getDisallowNone(&(yyvsp[(3) - (3)].optflags))) ++ if (getDisallowNone(&(yyvsp[0].optflags))) + (yyval.memArg).argflags |= ARG_DISALLOW_NONE; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"GetWrapper",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"GetWrapper",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_GET_WRAPPER; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"Array",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"Array",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_ARRAY; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"ArraySize",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"ArraySize",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_ARRAY_SIZE; + +- if (getTransfer(&(yyvsp[(3) - (3)].optflags))) ++ if (getTransfer(&(yyvsp[0].optflags))) + (yyval.memArg).argflags |= ARG_XFERRED; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"TransferThis",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"TransferThis",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_THIS_XFERRED; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"TransferBack",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"TransferBack",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_XFERRED_BACK; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"In",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"In",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_IN; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"Out",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"Out",bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_OUT; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags), "ResultSize", bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags), "ResultSize", bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_RESULT_SIZE; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags), "NoCopy", bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags), "NoCopy", bool_flag) != NULL) + (yyval.memArg).argflags |= ARG_NO_COPY; + +- if (getOptFlag(&(yyvsp[(3) - (3)].optflags),"Constrained",bool_flag) != NULL) ++ if (getOptFlag(&(yyvsp[0].optflags),"Constrained",bool_flag) != NULL) + { + (yyval.memArg).argflags |= ARG_CONSTRAINED; + +@@ -8005,499 +8033,518 @@ yyreduce: + } + } + +- applyTypeFlags(currentModule, &(yyval.memArg), &(yyvsp[(3) - (3)].optflags)); +- (yyval.memArg).typehint_value = getTypeHintValue(&(yyvsp[(3) - (3)].optflags)); ++ applyTypeFlags(currentModule, &(yyval.memArg), &(yyvsp[0].optflags)); ++ (yyval.memArg).typehint_value = getTypeHintValue(&(yyvsp[0].optflags)); + } ++#line 8040 "../parser.c" + break; + +- case 555: +-#line 4521 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 556: /* optref: %empty */ ++#line 4547 "parser.y" ++ { + (yyval.number) = 0; + } ++#line 8048 "../parser.c" + break; + +- case 556: +-#line 4524 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 557: /* optref: '&' */ ++#line 4550 "parser.y" ++ { + if (currentSpec -> genc) + yyerror("References not allowed in a C module"); + + (yyval.number) = ARG_IS_REF; + } ++#line 8059 "../parser.c" + break; + +- case 557: +-#line 4532 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 558: /* deref: %empty */ ++#line 4558 "parser.y" ++ { + (yyval.memArg).nrderefs = 0; + } ++#line 8067 "../parser.c" + break; + +- case 558: +-#line 4535 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- add_new_deref(&(yyval.memArg), &(yyvsp[(1) - (3)].memArg), TRUE); ++ case 559: /* deref: deref '*' TK_CONST */ ++#line 4561 "parser.y" ++ { ++ add_new_deref(&(yyval.memArg), &(yyvsp[-2].memArg), TRUE); + } ++#line 8075 "../parser.c" + break; + +- case 559: +-#line 4538 "sip-4.19.23/sipgen/metasrc/parser.y" +- { +- add_new_deref(&(yyval.memArg), &(yyvsp[(1) - (2)].memArg), FALSE); ++ case 560: /* deref: deref '*' */ ++#line 4564 "parser.y" ++ { ++ add_new_deref(&(yyval.memArg), &(yyvsp[-1].memArg), FALSE); + } ++#line 8083 "../parser.c" + break; + +- case 560: +-#line 4543 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 561: /* basetype: scopedname */ ++#line 4569 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = defined_type; +- (yyval.memArg).u.snd = (yyvsp[(1) - (1)].scpvalp); ++ (yyval.memArg).u.snd = (yyvsp[0].scpvalp); + + /* Try and resolve typedefs as early as possible. */ + resolveAnyTypedef(currentSpec, &(yyval.memArg)); + } ++#line 8096 "../parser.c" + break; + +- case 561: +-#line 4551 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 562: /* basetype: scopedname '<' cpptypelist '>' */ ++#line 4577 "parser.y" ++ { + templateDef *td; + + td = sipMalloc(sizeof(templateDef)); +- td->fqname = (yyvsp[(1) - (4)].scpvalp); +- td->types = (yyvsp[(3) - (4)].signature); ++ td->fqname = (yyvsp[-3].scpvalp); ++ td->types = (yyvsp[-1].signature); + + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = template_type; + (yyval.memArg).u.td = td; + } ++#line 8112 "../parser.c" + break; + +- case 562: +-#line 4562 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 563: /* basetype: TK_STRUCT scopedname */ ++#line 4588 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + + /* In a C module all structures must be defined. */ + if (currentSpec -> genc) + { + (yyval.memArg).atype = defined_type; +- (yyval.memArg).u.snd = (yyvsp[(2) - (2)].scpvalp); ++ (yyval.memArg).u.snd = (yyvsp[0].scpvalp); + } + else + { + (yyval.memArg).atype = struct_type; +- (yyval.memArg).u.sname = (yyvsp[(2) - (2)].scpvalp); ++ (yyval.memArg).u.sname = (yyvsp[0].scpvalp); + } + } ++#line 8132 "../parser.c" + break; + +- case 563: +-#line 4577 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 564: /* basetype: TK_UNSIGNED TK_SHORT */ ++#line 4603 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ushort_type; + } ++#line 8141 "../parser.c" + break; + +- case 564: +-#line 4581 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 565: /* basetype: TK_SHORT */ ++#line 4607 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = short_type; + } ++#line 8150 "../parser.c" + break; + +- case 565: +-#line 4585 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 566: /* basetype: TK_UNSIGNED */ ++#line 4611 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = uint_type; + } ++#line 8159 "../parser.c" + break; + +- case 566: +-#line 4589 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 567: /* basetype: TK_UNSIGNED TK_INT */ ++#line 4615 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = uint_type; + } ++#line 8168 "../parser.c" + break; + +- case 567: +-#line 4593 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 568: /* basetype: TK_INT */ ++#line 4619 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = int_type; + } ++#line 8177 "../parser.c" + break; + +- case 568: +-#line 4597 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 569: /* basetype: TK_LONG */ ++#line 4623 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = long_type; + } ++#line 8186 "../parser.c" + break; + +- case 569: +-#line 4601 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 570: /* basetype: TK_UNSIGNED TK_LONG */ ++#line 4627 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ulong_type; + } ++#line 8195 "../parser.c" + break; + +- case 570: +-#line 4605 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 571: /* basetype: TK_LONG TK_LONG */ ++#line 4631 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = longlong_type; + } ++#line 8204 "../parser.c" + break; + +- case 571: +-#line 4609 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 572: /* basetype: TK_UNSIGNED TK_LONG TK_LONG */ ++#line 4635 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ulonglong_type; + } ++#line 8213 "../parser.c" + break; + +- case 572: +-#line 4613 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 573: /* basetype: TK_FLOAT */ ++#line 4639 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = float_type; + } ++#line 8222 "../parser.c" + break; + +- case 573: +-#line 4617 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 574: /* basetype: TK_DOUBLE */ ++#line 4643 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = double_type; + } ++#line 8231 "../parser.c" + break; + +- case 574: +-#line 4621 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 575: /* basetype: TK_BOOL */ ++#line 4647 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = bool_type; + } ++#line 8240 "../parser.c" + break; + +- case 575: +-#line 4625 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 576: /* basetype: TK_SIGNED TK_CHAR */ ++#line 4651 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = sstring_type; + } ++#line 8249 "../parser.c" + break; + +- case 576: +-#line 4629 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 577: /* basetype: TK_UNSIGNED TK_CHAR */ ++#line 4655 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ustring_type; + } ++#line 8258 "../parser.c" + break; + +- case 577: +-#line 4633 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 578: /* basetype: TK_CHAR */ ++#line 4659 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = string_type; + } ++#line 8267 "../parser.c" + break; + +- case 578: +-#line 4637 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 579: /* basetype: TK_WCHAR_T */ ++#line 4663 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = wstring_type; + } ++#line 8276 "../parser.c" + break; + +- case 579: +-#line 4641 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 580: /* basetype: TK_VOID */ ++#line 4667 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = void_type; + } ++#line 8285 "../parser.c" + break; + +- case 580: +-#line 4645 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 581: /* basetype: TK_PYOBJECT */ ++#line 4671 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pyobject_type; + } ++#line 8294 "../parser.c" + break; + +- case 581: +-#line 4649 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 582: /* basetype: TK_PYTUPLE */ ++#line 4675 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pytuple_type; + } ++#line 8303 "../parser.c" + break; + +- case 582: +-#line 4653 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 583: /* basetype: TK_PYLIST */ ++#line 4679 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pylist_type; + } ++#line 8312 "../parser.c" + break; + +- case 583: +-#line 4657 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 584: /* basetype: TK_PYDICT */ ++#line 4683 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pydict_type; + } ++#line 8321 "../parser.c" + break; + +- case 584: +-#line 4661 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 585: /* basetype: TK_PYCALLABLE */ ++#line 4687 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pycallable_type; + } ++#line 8330 "../parser.c" + break; + +- case 585: +-#line 4665 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 586: /* basetype: TK_PYSLICE */ ++#line 4691 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pyslice_type; + } ++#line 8339 "../parser.c" + break; + +- case 586: +-#line 4669 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 587: /* basetype: TK_PYTYPE */ ++#line 4695 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pytype_type; + } ++#line 8348 "../parser.c" + break; + +- case 587: +-#line 4673 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 588: /* basetype: TK_PYBUFFER */ ++#line 4699 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = pybuffer_type; + } ++#line 8357 "../parser.c" + break; + +- case 588: +-#line 4677 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 589: /* basetype: TK_SIPSSIZET */ ++#line 4703 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ssize_type; + } ++#line 8366 "../parser.c" + break; + +- case 589: +-#line 4681 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 590: /* basetype: TK_SIZET */ ++#line 4707 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = size_type; + } ++#line 8375 "../parser.c" + break; + +- case 590: +-#line 4685 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 591: /* basetype: TK_ELLIPSIS */ ++#line 4711 "parser.y" ++ { + memset(&(yyval.memArg), 0, sizeof (argDef)); + (yyval.memArg).atype = ellipsis_type; + } ++#line 8384 "../parser.c" + break; + +- case 591: +-#line 4691 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 592: /* cpptypelist: cpptype */ ++#line 4717 "parser.y" ++ { + /* The single or first type. */ + +- (yyval.signature).args[0] = (yyvsp[(1) - (1)].memArg); ++ (yyval.signature).args[0] = (yyvsp[0].memArg); + (yyval.signature).nrArgs = 1; + } ++#line 8395 "../parser.c" + break; + +- case 592: +-#line 4697 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 593: /* cpptypelist: cpptypelist ',' cpptype */ ++#line 4723 "parser.y" ++ { + /* Check there is nothing after an ellipsis. */ +- if ((yyvsp[(1) - (3)].signature).args[(yyvsp[(1) - (3)].signature).nrArgs - 1].atype == ellipsis_type) ++ if ((yyvsp[-2].signature).args[(yyvsp[-2].signature).nrArgs - 1].atype == ellipsis_type) + yyerror("An ellipsis must be at the end of the argument list"); + + /* Check there is room. */ +- if ((yyvsp[(1) - (3)].signature).nrArgs == MAX_NR_ARGS) ++ if ((yyvsp[-2].signature).nrArgs == MAX_NR_ARGS) + yyerror("Internal error - increase the value of MAX_NR_ARGS"); + +- (yyval.signature) = (yyvsp[(1) - (3)].signature); ++ (yyval.signature) = (yyvsp[-2].signature); + +- (yyval.signature).args[(yyval.signature).nrArgs] = (yyvsp[(3) - (3)].memArg); ++ (yyval.signature).args[(yyval.signature).nrArgs] = (yyvsp[0].memArg); + (yyval.signature).nrArgs++; + } ++#line 8414 "../parser.c" + break; + +- case 593: +-#line 4713 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 594: /* optexceptions: %empty */ ++#line 4739 "parser.y" ++ { + (yyval.throwlist) = NULL; + } ++#line 8422 "../parser.c" + break; + +- case 594: +-#line 4716 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 595: /* optexceptions: TK_THROW '(' exceptionlist ')' */ ++#line 4742 "parser.y" ++ { + if (currentSpec->genc) + yyerror("Exceptions not allowed in a C module"); + +- (yyval.throwlist) = (yyvsp[(3) - (4)].throwlist); ++ (yyval.throwlist) = (yyvsp[-1].throwlist); + } ++#line 8433 "../parser.c" + break; + +- case 595: +-#line 4724 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 596: /* exceptionlist: %empty */ ++#line 4750 "parser.y" ++ { + /* Empty list so use a blank. */ + + (yyval.throwlist) = sipMalloc(sizeof (throwArgs)); + (yyval.throwlist) -> nrArgs = 0; + } ++#line 8444 "../parser.c" + break; + +- case 596: +-#line 4730 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 597: /* exceptionlist: scopedname */ ++#line 4756 "parser.y" ++ { + /* The only or first exception. */ + + (yyval.throwlist) = sipMalloc(sizeof (throwArgs)); + (yyval.throwlist) -> nrArgs = 1; +- (yyval.throwlist) -> args[0] = findException(currentSpec, (yyvsp[(1) - (1)].scpvalp), FALSE); ++ (yyval.throwlist) -> args[0] = findException(currentSpec, (yyvsp[0].scpvalp), FALSE); + } ++#line 8456 "../parser.c" + break; + +- case 597: +-#line 4737 "sip-4.19.23/sipgen/metasrc/parser.y" +- { ++ case 598: /* exceptionlist: exceptionlist ',' scopedname */ ++#line 4763 "parser.y" ++ { + /* Check that it wasn't ...(,arg...). */ + +- if ((yyvsp[(1) - (3)].throwlist) -> nrArgs == 0) ++ if ((yyvsp[-2].throwlist) -> nrArgs == 0) + yyerror("First exception of throw specifier is missing"); + + /* Check there is room. */ + +- if ((yyvsp[(1) - (3)].throwlist) -> nrArgs == MAX_NR_ARGS) ++ if ((yyvsp[-2].throwlist) -> nrArgs == MAX_NR_ARGS) + yyerror("Internal error - increase the value of MAX_NR_ARGS"); + +- (yyval.throwlist) = (yyvsp[(1) - (3)].throwlist); +- (yyval.throwlist) -> args[(yyval.throwlist) -> nrArgs++] = findException(currentSpec, (yyvsp[(3) - (3)].scpvalp), FALSE); ++ (yyval.throwlist) = (yyvsp[-2].throwlist); ++ (yyval.throwlist) -> args[(yyval.throwlist) -> nrArgs++] = findException(currentSpec, (yyvsp[0].scpvalp), FALSE); + } ++#line 8475 "../parser.c" + break; + + +-/* Line 1267 of yacc.c. */ +-#line 8408 "sip-4.19.23/sipgen/parser.c" ++#line 8479 "../parser.c" ++ + default: break; + } +- YY_SYMBOL_PRINT ("-> $$ =", yyr1[yyn], &yyval, &yyloc); ++ /* User semantic actions sometimes alter yychar, and that requires ++ that yytoken be updated with the new translation. We take the ++ approach of translating immediately before every use of yytoken. ++ One alternative is translating here after every semantic action, ++ but that translation would be missed if the semantic action invokes ++ YYABORT, YYACCEPT, or YYERROR immediately after altering yychar or ++ if it invokes YYBACKUP. In the case of YYABORT or YYACCEPT, an ++ incorrect destructor might then be invoked immediately. In the ++ case of YYERROR or YYBACKUP, subsequent parser actions might lead ++ to an incorrect destructor call or verbose syntax error message ++ before the lookahead is translated. */ ++ YY_SYMBOL_PRINT ("-> $$ =", YY_CAST (yysymbol_kind_t, yyr1[yyn]), &yyval, &yyloc); + + YYPOPSTACK (yylen); + yylen = 0; +- YY_STACK_PRINT (yyss, yyssp); + + *++yyvsp = yyval; + +- +- /* Now `shift' the result of the reduction. Determine what state ++ /* Now 'shift' the result of the reduction. Determine what state + that goes to, based on the state we popped back to and the rule + number reduced by. */ +- +- yyn = yyr1[yyn]; +- +- yystate = yypgoto[yyn - YYNTOKENS] + *yyssp; +- if (0 <= yystate && yystate <= YYLAST && yycheck[yystate] == *yyssp) +- yystate = yytable[yystate]; +- else +- yystate = yydefgoto[yyn - YYNTOKENS]; ++ { ++ const int yylhs = yyr1[yyn] - YYNTOKENS; ++ const int yyi = yypgoto[yylhs] + *yyssp; ++ yystate = (0 <= yyi && yyi <= YYLAST && yycheck[yyi] == *yyssp ++ ? yytable[yyi] ++ : yydefgoto[yylhs]); ++ } + + goto yynewstate; + + +-/*------------------------------------. +-| yyerrlab -- here on detecting error | +-`------------------------------------*/ ++/*--------------------------------------. ++| yyerrlab -- here on detecting error. | ++`--------------------------------------*/ + yyerrlab: ++ /* Make sure we have latest lookahead translation. See comments at ++ user semantic actions for why this is necessary. */ ++ yytoken = yychar == YYEMPTY ? YYSYMBOL_YYEMPTY : YYTRANSLATE (yychar); + /* If not already recovering from an error, report this error. */ + if (!yyerrstatus) + { + ++yynerrs; +-#if ! YYERROR_VERBOSE + yyerror (YY_("syntax error")); +-#else +- { +- YYSIZE_T yysize = yysyntax_error (0, yystate, yychar); +- if (yymsg_alloc < yysize && yymsg_alloc < YYSTACK_ALLOC_MAXIMUM) +- { +- YYSIZE_T yyalloc = 2 * yysize; +- if (! (yysize <= yyalloc && yyalloc <= YYSTACK_ALLOC_MAXIMUM)) +- yyalloc = YYSTACK_ALLOC_MAXIMUM; +- if (yymsg != yymsgbuf) +- YYSTACK_FREE (yymsg); +- yymsg = (char *) YYSTACK_ALLOC (yyalloc); +- if (yymsg) +- yymsg_alloc = yyalloc; +- else +- { +- yymsg = yymsgbuf; +- yymsg_alloc = sizeof yymsgbuf; +- } +- } +- +- if (0 < yysize && yysize <= yymsg_alloc) +- { +- (void) yysyntax_error (yymsg, yystate, yychar); +- yyerror (yymsg); +- } +- else +- { +- yyerror (YY_("syntax error")); +- if (yysize != 0) +- goto yyexhaustedlab; +- } +- } +-#endif + } + +- +- + if (yyerrstatus == 3) + { +- /* If just tried and failed to reuse look-ahead token after an +- error, discard it. */ ++ /* If just tried and failed to reuse lookahead token after an ++ error, discard it. */ + + if (yychar <= YYEOF) +- { +- /* Return failure if at end of input. */ +- if (yychar == YYEOF) +- YYABORT; +- } ++ { ++ /* Return failure if at end of input. */ ++ if (yychar == YYEOF) ++ YYABORT; ++ } + else +- { +- yydestruct ("Error: discarding", +- yytoken, &yylval); +- yychar = YYEMPTY; +- } ++ { ++ yydestruct ("Error: discarding", ++ yytoken, &yylval); ++ yychar = YYEMPTY; ++ } + } + +- /* Else will try to reuse look-ahead token after shifting the error ++ /* Else will try to reuse lookahead token after shifting the error + token. */ + goto yyerrlab1; + +@@ -8506,14 +8553,13 @@ yyerrlab: + | yyerrorlab -- error raised explicitly by YYERROR. | + `---------------------------------------------------*/ + yyerrorlab: ++ /* Pacify compilers when the user code never invokes YYERROR and the ++ label yyerrorlab therefore never appears in user code. */ ++ if (0) ++ YYERROR; ++ ++yynerrs; + +- /* Pacify compilers like GCC when the user code never invokes +- YYERROR and the label yyerrorlab therefore never appears in user +- code. */ +- if (/*CONSTCOND*/ 0) +- goto yyerrorlab; +- +- /* Do not reclaim the symbols of the rule which action triggered ++ /* Do not reclaim the symbols of the rule whose action triggered + this YYERROR. */ + YYPOPSTACK (yylen); + yylen = 0; +@@ -8526,42 +8572,42 @@ yyerrorlab: + | yyerrlab1 -- common code for both syntax error and YYERROR. | + `-------------------------------------------------------------*/ + yyerrlab1: +- yyerrstatus = 3; /* Each real token shifted decrements this. */ ++ yyerrstatus = 3; /* Each real token shifted decrements this. */ + ++ /* Pop stack until we find a state that shifts the error token. */ + for (;;) + { + yyn = yypact[yystate]; +- if (yyn != YYPACT_NINF) +- { +- yyn += YYTERROR; +- if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYTERROR) +- { +- yyn = yytable[yyn]; +- if (0 < yyn) +- break; +- } +- } ++ if (!yypact_value_is_default (yyn)) ++ { ++ yyn += YYSYMBOL_YYerror; ++ if (0 <= yyn && yyn <= YYLAST && yycheck[yyn] == YYSYMBOL_YYerror) ++ { ++ yyn = yytable[yyn]; ++ if (0 < yyn) ++ break; ++ } ++ } + + /* Pop the current state because it cannot handle the error token. */ + if (yyssp == yyss) +- YYABORT; ++ YYABORT; + + + yydestruct ("Error: popping", +- yystos[yystate], yyvsp); ++ YY_ACCESSING_SYMBOL (yystate), yyvsp); + YYPOPSTACK (1); + yystate = *yyssp; + YY_STACK_PRINT (yyss, yyssp); + } + +- if (yyn == YYFINAL) +- YYACCEPT; +- ++ YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN + *++yyvsp = yylval; ++ YY_IGNORE_MAYBE_UNINITIALIZED_END + + + /* Shift the error token. */ +- YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp); ++ YY_SYMBOL_PRINT ("Shifting", YY_ACCESSING_SYMBOL (yyn), yyvsp, yylsp); + + yystate = yyn; + goto yynewstate; +@@ -8572,53 +8618,57 @@ yyerrlab1: + `-------------------------------------*/ + yyacceptlab: + yyresult = 0; +- goto yyreturn; ++ goto yyreturnlab; ++ + + /*-----------------------------------. + | yyabortlab -- YYABORT comes here. | + `-----------------------------------*/ + yyabortlab: + yyresult = 1; +- goto yyreturn; ++ goto yyreturnlab; + +-#ifndef yyoverflow +-/*-------------------------------------------------. +-| yyexhaustedlab -- memory exhaustion comes here. | +-`-------------------------------------------------*/ ++ ++/*-----------------------------------------------------------. ++| yyexhaustedlab -- YYNOMEM (memory exhaustion) comes here. | ++`-----------------------------------------------------------*/ + yyexhaustedlab: + yyerror (YY_("memory exhausted")); + yyresult = 2; +- /* Fall through. */ +-#endif ++ goto yyreturnlab; ++ + +-yyreturn: +- if (yychar != YYEOF && yychar != YYEMPTY) +- yydestruct ("Cleanup: discarding lookahead", +- yytoken, &yylval); +- /* Do not reclaim the symbols of the rule which action triggered ++/*----------------------------------------------------------. ++| yyreturnlab -- parsing is finished, clean up and return. | ++`----------------------------------------------------------*/ ++yyreturnlab: ++ if (yychar != YYEMPTY) ++ { ++ /* Make sure we have latest lookahead translation. See comments at ++ user semantic actions for why this is necessary. */ ++ yytoken = YYTRANSLATE (yychar); ++ yydestruct ("Cleanup: discarding lookahead", ++ yytoken, &yylval); ++ } ++ /* Do not reclaim the symbols of the rule whose action triggered + this YYABORT or YYACCEPT. */ + YYPOPSTACK (yylen); + YY_STACK_PRINT (yyss, yyssp); + while (yyssp != yyss) + { + yydestruct ("Cleanup: popping", +- yystos[*yyssp], yyvsp); ++ YY_ACCESSING_SYMBOL (+*yyssp), yyvsp); + YYPOPSTACK (1); + } + #ifndef yyoverflow + if (yyss != yyssa) + YYSTACK_FREE (yyss); + #endif +-#if YYERROR_VERBOSE +- if (yymsg != yymsgbuf) +- YYSTACK_FREE (yymsg); +-#endif +- /* Make sure YYID is used. */ +- return YYID (yyresult); +-} + ++ return yyresult; ++} + +-#line 4753 "sip-4.19.23/sipgen/metasrc/parser.y" ++#line 4779 "parser.y" + + + +@@ -13382,9 +13432,9 @@ static void addProperty(sipSpec *pt, mod + */ + static moduleDef *configureModule(sipSpec *pt, moduleDef *module, + const char *filename, const char *name, int c_module, KwArgs kwargs, +- int use_arg_names, int use_limited_api, int call_super_init, +- int all_raise_py_exc, const char *def_error_handler, +- docstringDef *docstring) ++ int use_arg_names, int py_ssize_t_clean, int use_limited_api, ++ int call_super_init, int all_raise_py_exc, ++ const char *def_error_handler, docstringDef *docstring) + { + moduleDef *mod; + +@@ -13418,6 +13468,9 @@ static moduleDef *configureModule(sipSpe + if (use_arg_names) + setUseArgNames(module); + ++ if (py_ssize_t_clean) ++ setPY_SSIZE_T_CLEAN(module); ++ + if (use_limited_api) + setUseLimitedAPI(module); + +@@ -13597,4 +13650,3 @@ static void checkEllipsis(signatureDef * + if (sd->args[a].atype == ellipsis_type && a < sd->nrArgs - 1) + yyerror("An ellipsis must be at the end of the argument list if /NoArgParser/ is not specified"); + } +- +Index: sip-4.19.23/sipgen/parser.h +=================================================================== +--- sip-4.19.23.orig/sipgen/parser.h ++++ sip-4.19.23/sipgen/parser.h +@@ -1,14 +1,14 @@ +-/* A Bison parser, made by GNU Bison 2.3. */ ++/* A Bison parser, made by GNU Bison 3.8.2. */ + +-/* Skeleton interface for Bison's Yacc-like parsers in C ++/* Bison interface for Yacc-like parsers in C + +- Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004, 2005, 2006 +- Free Software Foundation, Inc. ++ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software Foundation, ++ Inc. + +- This program is free software; you can redistribute it and/or modify ++ This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by +- the Free Software Foundation; either version 2, or (at your option) +- any later version. ++ the Free Software Foundation, either version 3 of the License, or ++ (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of +@@ -16,9 +16,7 @@ + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License +- along with this program; if not, write to the Free Software +- Foundation, Inc., 51 Franklin Street, Fifth Floor, +- Boston, MA 02110-1301, USA. */ ++ along with this program. If not, see . */ + + /* As a special exception, you may create a larger work that contains + part or all of the Bison parser skeleton and distribute that work +@@ -33,164 +31,187 @@ + This special exception was added by the Free Software Foundation in + version 2.2 of Bison. */ + +-/* Tokens. */ ++/* DO NOT RELY ON FEATURES THAT ARE NOT DOCUMENTED in the manual, ++ especially those whose name start with YY_ or yy_. They are ++ private implementation details that can be changed or removed. */ ++ ++#ifndef YY_YY_PARSER_H_INCLUDED ++# define YY_YY_PARSER_H_INCLUDED ++/* Debug traces. */ ++#ifndef YYDEBUG ++# define YYDEBUG 0 ++#endif ++#if YYDEBUG ++extern int yydebug; ++#endif ++ ++/* Token kinds. */ + #ifndef YYTOKENTYPE + # define YYTOKENTYPE +- /* Put the tokens into the symbol table, so that GDB and other debuggers +- know about them. */ +- enum yytokentype { +- TK_API = 258, +- TK_AUTOPYNAME = 259, +- TK_DEFDOCSTRFMT = 260, +- TK_DEFDOCSTRSIG = 261, +- TK_DEFENCODING = 262, +- TK_PLUGIN = 263, +- TK_VIRTERRORHANDLER = 264, +- TK_EXPTYPEHINTCODE = 265, +- TK_TYPEHINTCODE = 266, +- TK_DOCSTRING = 267, +- TK_DOC = 268, +- TK_EXPORTEDDOC = 269, +- TK_EXTRACT = 270, +- TK_MAKEFILE = 271, +- TK_ACCESSCODE = 272, +- TK_GETCODE = 273, +- TK_SETCODE = 274, +- TK_PREINITCODE = 275, +- TK_INITCODE = 276, +- TK_POSTINITCODE = 277, +- TK_FINALCODE = 278, +- TK_UNITCODE = 279, +- TK_UNITPOSTINCLUDECODE = 280, +- TK_MODCODE = 281, +- TK_TYPECODE = 282, +- TK_PREPYCODE = 283, +- TK_COPYING = 284, +- TK_MAPPEDTYPE = 285, +- TK_CODELINE = 286, +- TK_IF = 287, +- TK_END = 288, +- TK_NAME_VALUE = 289, +- TK_PATH_VALUE = 290, +- TK_STRING_VALUE = 291, +- TK_VIRTUALCATCHERCODE = 292, +- TK_TRAVERSECODE = 293, +- TK_CLEARCODE = 294, +- TK_GETBUFFERCODE = 295, +- TK_RELEASEBUFFERCODE = 296, +- TK_READBUFFERCODE = 297, +- TK_WRITEBUFFERCODE = 298, +- TK_SEGCOUNTCODE = 299, +- TK_CHARBUFFERCODE = 300, +- TK_PICKLECODE = 301, +- TK_VIRTUALCALLCODE = 302, +- TK_METHODCODE = 303, +- TK_PREMETHODCODE = 304, +- TK_INSTANCECODE = 305, +- TK_FROMTYPE = 306, +- TK_TOTYPE = 307, +- TK_TOSUBCLASS = 308, +- TK_INCLUDE = 309, +- TK_OPTINCLUDE = 310, +- TK_IMPORT = 311, +- TK_EXPHEADERCODE = 312, +- TK_MODHEADERCODE = 313, +- TK_TYPEHEADERCODE = 314, +- TK_MODULE = 315, +- TK_CMODULE = 316, +- TK_CONSMODULE = 317, +- TK_COMPOMODULE = 318, +- TK_CLASS = 319, +- TK_STRUCT = 320, +- TK_PUBLIC = 321, +- TK_PROTECTED = 322, +- TK_PRIVATE = 323, +- TK_SIGNALS = 324, +- TK_SIGNAL_METHOD = 325, +- TK_SLOTS = 326, +- TK_SLOT_METHOD = 327, +- TK_BOOL = 328, +- TK_SHORT = 329, +- TK_INT = 330, +- TK_LONG = 331, +- TK_FLOAT = 332, +- TK_DOUBLE = 333, +- TK_CHAR = 334, +- TK_WCHAR_T = 335, +- TK_VOID = 336, +- TK_PYOBJECT = 337, +- TK_PYTUPLE = 338, +- TK_PYLIST = 339, +- TK_PYDICT = 340, +- TK_PYCALLABLE = 341, +- TK_PYSLICE = 342, +- TK_PYTYPE = 343, +- TK_PYBUFFER = 344, +- TK_VIRTUAL = 345, +- TK_ENUM = 346, +- TK_SIGNED = 347, +- TK_UNSIGNED = 348, +- TK_SCOPE = 349, +- TK_LOGICAL_OR = 350, +- TK_CONST = 351, +- TK_STATIC = 352, +- TK_SIPSIGNAL = 353, +- TK_SIPSLOT = 354, +- TK_SIPANYSLOT = 355, +- TK_SIPRXCON = 356, +- TK_SIPRXDIS = 357, +- TK_SIPSLOTCON = 358, +- TK_SIPSLOTDIS = 359, +- TK_SIPSSIZET = 360, +- TK_SIZET = 361, +- TK_NUMBER_VALUE = 362, +- TK_REAL_VALUE = 363, +- TK_TYPEDEF = 364, +- TK_NAMESPACE = 365, +- TK_TIMELINE = 366, +- TK_PLATFORMS = 367, +- TK_FEATURE = 368, +- TK_LICENSE = 369, +- TK_QCHAR_VALUE = 370, +- TK_TRUE_VALUE = 371, +- TK_FALSE_VALUE = 372, +- TK_NULL_VALUE = 373, +- TK_OPERATOR = 374, +- TK_THROW = 375, +- TK_QOBJECT = 376, +- TK_EXCEPTION = 377, +- TK_RAISECODE = 378, +- TK_EXPLICIT = 379, +- TK_TEMPLATE = 380, +- TK_FINAL = 381, +- TK_ELLIPSIS = 382, +- TK_DEFMETATYPE = 383, +- TK_DEFSUPERTYPE = 384, +- TK_PROPERTY = 385, +- TK_HIDE_NS = 386, +- TK_FORMAT = 387, +- TK_GET = 388, +- TK_ID = 389, +- TK_KWARGS = 390, +- TK_LANGUAGE = 391, +- TK_LICENSEE = 392, +- TK_NAME = 393, +- TK_OPTIONAL = 394, +- TK_ORDER = 395, +- TK_REMOVELEADING = 396, +- TK_SET = 397, +- TK_SIGNATURE = 398, +- TK_TIMESTAMP = 399, +- TK_TYPE = 400, +- TK_USEARGNAMES = 401, +- TK_USELIMITEDAPI = 402, +- TK_ALLRAISEPYEXC = 403, +- TK_CALLSUPERINIT = 404, +- TK_DEFERRORHANDLER = 405, +- TK_VERSION = 406 +- }; ++ enum yytokentype ++ { ++ YYEMPTY = -2, ++ YYEOF = 0, /* "end of file" */ ++ YYerror = 256, /* error */ ++ YYUNDEF = 257, /* "invalid token" */ ++ TK_API = 258, /* TK_API */ ++ TK_AUTOPYNAME = 259, /* TK_AUTOPYNAME */ ++ TK_DEFDOCSTRFMT = 260, /* TK_DEFDOCSTRFMT */ ++ TK_DEFDOCSTRSIG = 261, /* TK_DEFDOCSTRSIG */ ++ TK_DEFENCODING = 262, /* TK_DEFENCODING */ ++ TK_PLUGIN = 263, /* TK_PLUGIN */ ++ TK_VIRTERRORHANDLER = 264, /* TK_VIRTERRORHANDLER */ ++ TK_EXPTYPEHINTCODE = 265, /* TK_EXPTYPEHINTCODE */ ++ TK_TYPEHINTCODE = 266, /* TK_TYPEHINTCODE */ ++ TK_DOCSTRING = 267, /* TK_DOCSTRING */ ++ TK_DOC = 268, /* TK_DOC */ ++ TK_EXPORTEDDOC = 269, /* TK_EXPORTEDDOC */ ++ TK_EXTRACT = 270, /* TK_EXTRACT */ ++ TK_MAKEFILE = 271, /* TK_MAKEFILE */ ++ TK_ACCESSCODE = 272, /* TK_ACCESSCODE */ ++ TK_GETCODE = 273, /* TK_GETCODE */ ++ TK_SETCODE = 274, /* TK_SETCODE */ ++ TK_PREINITCODE = 275, /* TK_PREINITCODE */ ++ TK_INITCODE = 276, /* TK_INITCODE */ ++ TK_POSTINITCODE = 277, /* TK_POSTINITCODE */ ++ TK_FINALCODE = 278, /* TK_FINALCODE */ ++ TK_UNITCODE = 279, /* TK_UNITCODE */ ++ TK_UNITPOSTINCLUDECODE = 280, /* TK_UNITPOSTINCLUDECODE */ ++ TK_MODCODE = 281, /* TK_MODCODE */ ++ TK_TYPECODE = 282, /* TK_TYPECODE */ ++ TK_PREPYCODE = 283, /* TK_PREPYCODE */ ++ TK_COPYING = 284, /* TK_COPYING */ ++ TK_MAPPEDTYPE = 285, /* TK_MAPPEDTYPE */ ++ TK_CODELINE = 286, /* TK_CODELINE */ ++ TK_IF = 287, /* TK_IF */ ++ TK_END = 288, /* TK_END */ ++ TK_NAME_VALUE = 289, /* TK_NAME_VALUE */ ++ TK_PATH_VALUE = 290, /* TK_PATH_VALUE */ ++ TK_STRING_VALUE = 291, /* TK_STRING_VALUE */ ++ TK_VIRTUALCATCHERCODE = 292, /* TK_VIRTUALCATCHERCODE */ ++ TK_TRAVERSECODE = 293, /* TK_TRAVERSECODE */ ++ TK_CLEARCODE = 294, /* TK_CLEARCODE */ ++ TK_GETBUFFERCODE = 295, /* TK_GETBUFFERCODE */ ++ TK_RELEASEBUFFERCODE = 296, /* TK_RELEASEBUFFERCODE */ ++ TK_READBUFFERCODE = 297, /* TK_READBUFFERCODE */ ++ TK_WRITEBUFFERCODE = 298, /* TK_WRITEBUFFERCODE */ ++ TK_SEGCOUNTCODE = 299, /* TK_SEGCOUNTCODE */ ++ TK_CHARBUFFERCODE = 300, /* TK_CHARBUFFERCODE */ ++ TK_PICKLECODE = 301, /* TK_PICKLECODE */ ++ TK_VIRTUALCALLCODE = 302, /* TK_VIRTUALCALLCODE */ ++ TK_METHODCODE = 303, /* TK_METHODCODE */ ++ TK_PREMETHODCODE = 304, /* TK_PREMETHODCODE */ ++ TK_INSTANCECODE = 305, /* TK_INSTANCECODE */ ++ TK_FROMTYPE = 306, /* TK_FROMTYPE */ ++ TK_TOTYPE = 307, /* TK_TOTYPE */ ++ TK_TOSUBCLASS = 308, /* TK_TOSUBCLASS */ ++ TK_INCLUDE = 309, /* TK_INCLUDE */ ++ TK_OPTINCLUDE = 310, /* TK_OPTINCLUDE */ ++ TK_IMPORT = 311, /* TK_IMPORT */ ++ TK_EXPHEADERCODE = 312, /* TK_EXPHEADERCODE */ ++ TK_MODHEADERCODE = 313, /* TK_MODHEADERCODE */ ++ TK_TYPEHEADERCODE = 314, /* TK_TYPEHEADERCODE */ ++ TK_MODULE = 315, /* TK_MODULE */ ++ TK_CMODULE = 316, /* TK_CMODULE */ ++ TK_CONSMODULE = 317, /* TK_CONSMODULE */ ++ TK_COMPOMODULE = 318, /* TK_COMPOMODULE */ ++ TK_CLASS = 319, /* TK_CLASS */ ++ TK_STRUCT = 320, /* TK_STRUCT */ ++ TK_PUBLIC = 321, /* TK_PUBLIC */ ++ TK_PROTECTED = 322, /* TK_PROTECTED */ ++ TK_PRIVATE = 323, /* TK_PRIVATE */ ++ TK_SIGNALS = 324, /* TK_SIGNALS */ ++ TK_SIGNAL_METHOD = 325, /* TK_SIGNAL_METHOD */ ++ TK_SLOTS = 326, /* TK_SLOTS */ ++ TK_SLOT_METHOD = 327, /* TK_SLOT_METHOD */ ++ TK_BOOL = 328, /* TK_BOOL */ ++ TK_SHORT = 329, /* TK_SHORT */ ++ TK_INT = 330, /* TK_INT */ ++ TK_LONG = 331, /* TK_LONG */ ++ TK_FLOAT = 332, /* TK_FLOAT */ ++ TK_DOUBLE = 333, /* TK_DOUBLE */ ++ TK_CHAR = 334, /* TK_CHAR */ ++ TK_WCHAR_T = 335, /* TK_WCHAR_T */ ++ TK_VOID = 336, /* TK_VOID */ ++ TK_PYOBJECT = 337, /* TK_PYOBJECT */ ++ TK_PYTUPLE = 338, /* TK_PYTUPLE */ ++ TK_PYLIST = 339, /* TK_PYLIST */ ++ TK_PYDICT = 340, /* TK_PYDICT */ ++ TK_PYCALLABLE = 341, /* TK_PYCALLABLE */ ++ TK_PYSLICE = 342, /* TK_PYSLICE */ ++ TK_PYTYPE = 343, /* TK_PYTYPE */ ++ TK_PYBUFFER = 344, /* TK_PYBUFFER */ ++ TK_VIRTUAL = 345, /* TK_VIRTUAL */ ++ TK_ENUM = 346, /* TK_ENUM */ ++ TK_SIGNED = 347, /* TK_SIGNED */ ++ TK_UNSIGNED = 348, /* TK_UNSIGNED */ ++ TK_SCOPE = 349, /* TK_SCOPE */ ++ TK_LOGICAL_OR = 350, /* TK_LOGICAL_OR */ ++ TK_CONST = 351, /* TK_CONST */ ++ TK_STATIC = 352, /* TK_STATIC */ ++ TK_SIPSIGNAL = 353, /* TK_SIPSIGNAL */ ++ TK_SIPSLOT = 354, /* TK_SIPSLOT */ ++ TK_SIPANYSLOT = 355, /* TK_SIPANYSLOT */ ++ TK_SIPRXCON = 356, /* TK_SIPRXCON */ ++ TK_SIPRXDIS = 357, /* TK_SIPRXDIS */ ++ TK_SIPSLOTCON = 358, /* TK_SIPSLOTCON */ ++ TK_SIPSLOTDIS = 359, /* TK_SIPSLOTDIS */ ++ TK_SIPSSIZET = 360, /* TK_SIPSSIZET */ ++ TK_SIZET = 361, /* TK_SIZET */ ++ TK_NUMBER_VALUE = 362, /* TK_NUMBER_VALUE */ ++ TK_REAL_VALUE = 363, /* TK_REAL_VALUE */ ++ TK_TYPEDEF = 364, /* TK_TYPEDEF */ ++ TK_NAMESPACE = 365, /* TK_NAMESPACE */ ++ TK_TIMELINE = 366, /* TK_TIMELINE */ ++ TK_PLATFORMS = 367, /* TK_PLATFORMS */ ++ TK_FEATURE = 368, /* TK_FEATURE */ ++ TK_LICENSE = 369, /* TK_LICENSE */ ++ TK_QCHAR_VALUE = 370, /* TK_QCHAR_VALUE */ ++ TK_TRUE_VALUE = 371, /* TK_TRUE_VALUE */ ++ TK_FALSE_VALUE = 372, /* TK_FALSE_VALUE */ ++ TK_NULL_VALUE = 373, /* TK_NULL_VALUE */ ++ TK_OPERATOR = 374, /* TK_OPERATOR */ ++ TK_THROW = 375, /* TK_THROW */ ++ TK_QOBJECT = 376, /* TK_QOBJECT */ ++ TK_EXCEPTION = 377, /* TK_EXCEPTION */ ++ TK_RAISECODE = 378, /* TK_RAISECODE */ ++ TK_EXPLICIT = 379, /* TK_EXPLICIT */ ++ TK_TEMPLATE = 380, /* TK_TEMPLATE */ ++ TK_FINAL = 381, /* TK_FINAL */ ++ TK_ELLIPSIS = 382, /* TK_ELLIPSIS */ ++ TK_DEFMETATYPE = 383, /* TK_DEFMETATYPE */ ++ TK_DEFSUPERTYPE = 384, /* TK_DEFSUPERTYPE */ ++ TK_PROPERTY = 385, /* TK_PROPERTY */ ++ TK_HIDE_NS = 386, /* TK_HIDE_NS */ ++ TK_FORMAT = 387, /* TK_FORMAT */ ++ TK_GET = 388, /* TK_GET */ ++ TK_ID = 389, /* TK_ID */ ++ TK_KWARGS = 390, /* TK_KWARGS */ ++ TK_LANGUAGE = 391, /* TK_LANGUAGE */ ++ TK_LICENSEE = 392, /* TK_LICENSEE */ ++ TK_NAME = 393, /* TK_NAME */ ++ TK_OPTIONAL = 394, /* TK_OPTIONAL */ ++ TK_ORDER = 395, /* TK_ORDER */ ++ TK_REMOVELEADING = 396, /* TK_REMOVELEADING */ ++ TK_SET = 397, /* TK_SET */ ++ TK_SIGNATURE = 398, /* TK_SIGNATURE */ ++ TK_TIMESTAMP = 399, /* TK_TIMESTAMP */ ++ TK_TYPE = 400, /* TK_TYPE */ ++ TK_USEARGNAMES = 401, /* TK_USEARGNAMES */ ++ TK_PYSSIZETCLEAN = 402, /* TK_PYSSIZETCLEAN */ ++ TK_USELIMITEDAPI = 403, /* TK_USELIMITEDAPI */ ++ TK_ALLRAISEPYEXC = 404, /* TK_ALLRAISEPYEXC */ ++ TK_CALLSUPERINIT = 405, /* TK_CALLSUPERINIT */ ++ TK_DEFERRORHANDLER = 406, /* TK_DEFERRORHANDLER */ ++ TK_VERSION = 407 /* TK_VERSION */ ++ }; ++ typedef enum yytokentype yytoken_kind_t; + #endif +-/* Tokens. */ ++/* Token kinds. */ ++#define YYEMPTY -2 ++#define YYEOF 0 ++#define YYerror 256 ++#define YYUNDEF 257 + #define TK_API 258 + #define TK_AUTOPYNAME 259 + #define TK_DEFDOCSTRFMT 260 +@@ -335,19 +356,19 @@ + #define TK_TIMESTAMP 399 + #define TK_TYPE 400 + #define TK_USEARGNAMES 401 +-#define TK_USELIMITEDAPI 402 +-#define TK_ALLRAISEPYEXC 403 +-#define TK_CALLSUPERINIT 404 +-#define TK_DEFERRORHANDLER 405 +-#define TK_VERSION 406 +- +- +- ++#define TK_PYSSIZETCLEAN 402 ++#define TK_USELIMITEDAPI 403 ++#define TK_ALLRAISEPYEXC 404 ++#define TK_CALLSUPERINIT 405 ++#define TK_DEFERRORHANDLER 406 ++#define TK_VERSION 407 + ++/* Value type. */ + #if ! defined YYSTYPE && ! defined YYSTYPE_IS_DECLARED +-typedef union YYSTYPE +-#line 202 "sip-4.19.23/sipgen/metasrc/parser.y" ++union YYSTYPE + { ++#line 202 "parser.y" ++ + char qchar; + char *text; + long number; +@@ -390,14 +411,20 @@ typedef union YYSTYPE + variableCfg variable; + vehCfg veh; + int token; +-} +-/* Line 1529 of yacc.c. */ +-#line 396 "sip-4.19.23/sipgen/parser.h" +- YYSTYPE; +-# define yystype YYSTYPE /* obsolescent; will be withdrawn */ +-# define YYSTYPE_IS_DECLARED 1 ++ ++#line 416 "../parser.h" ++ ++}; ++typedef union YYSTYPE YYSTYPE; + # define YYSTYPE_IS_TRIVIAL 1 ++# define YYSTYPE_IS_DECLARED 1 + #endif + ++ + extern YYSTYPE yylval; + ++ ++int yyparse (void); ++ ++ ++#endif /* !YY_YY_PARSER_H_INCLUDED */ diff --git a/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb b/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb index 064ab0a0c7a..dc3db1fcd40 100644 --- a/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb +++ b/meta-oe/recipes-devtools/sip/sip3_4.19.23.bb @@ -5,7 +5,9 @@ LICENSE = "GPL-2.0-or-later" LIC_FILES_CHKSUM = "file://LICENSE-GPL2;md5=e91355d8a6f8bd8f7c699d62863c7303" SRC_URI = "https://www.riverbankcomputing.com/static/Downloads/sip/${PV}/sip-${PV}.tar.gz \ + file://added-the-py_ssize_t_clean-argument-to-the-module-directive.patch \ " + SRC_URI[md5sum] = "70adc0c9734e2d9dcd241d3f931dfc74" SRC_URI[sha256sum] = "22ca9bcec5388114e40d4aafd7ccd0c4fe072297b628d0c5cdfa2f010c0bc7e7" From e80ffdd368644ae5646f3a8206a3aef1f872fad0 Mon Sep 17 00:00:00 2001 From: vkumbhar Date: Fri, 8 Dec 2023 10:08:06 +0530 Subject: [PATCH 531/600] wireshark: fix CVE-2023-1992 RPCoRDMA dissector crash Upstream-Status: Backport from https://gitlab.com/colin.mcinnes/wireshark/-/commit/3c8be14c827f1587da3c2b3bb0d9c04faff5741 Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2023-1992.patch | 61 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 62 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-1992.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2023-1992.patch b/meta-networking/recipes-support/wireshark/files/CVE-2023-1992.patch new file mode 100644 index 00000000000..6bddf975d0d --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2023-1992.patch @@ -0,0 +1,61 @@ +From 3c8be14c827f1587da3c2b3bb0d9c04faff57413 Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Sun, 19 Mar 2023 15:16:39 -0400 +Subject: [PATCH] RPCoRDMA: Frame end cleanup for global write offsets + +Add a frame end routine for a global which is assigned to packet +scoped memory. It really should be made proto data, but is used +in a function in the header (that doesn't take the packet info +struct as an argument) and this fix needs to be made in stable +branches. + +Fix #18852 + +Upstream-Status: Backport [https://gitlab.com/colin.mcinnes/wireshark/-/commit/3c8be14c827f1587da3c2b3bb0d9c04faff5741] +CVE: CVE-2023-1992 +Signed-off-by: Vivek Kumbhar +--- + epan/dissectors/packet-rpcrdma.c | 14 ++++++++++++++ + 1 file changed, 14 insertions(+) + +diff --git a/epan/dissectors/packet-rpcrdma.c b/epan/dissectors/packet-rpcrdma.c +index 76085c7..9d57bae 100644 +--- a/epan/dissectors/packet-rpcrdma.c ++++ b/epan/dissectors/packet-rpcrdma.c +@@ -24,6 +24,7 @@ + #include + + #include "packet-rpcrdma.h" ++#include "packet-frame.h" + #include "packet-infiniband.h" + #include "packet-iwarp-ddp-rdmap.h" + +@@ -270,6 +271,18 @@ void rpcrdma_insert_offset(gint offset) + wmem_array_append_one(gp_rdma_write_offsets, offset); + } + ++/* ++ * Reset the array of write offsets at the end of the frame. These ++ * are packet scoped, so they don't need to be freed, but we want ++ * to ensure that the global doesn't point to no longer allocated ++ * memory in a later packet. ++ */ ++static void ++reset_write_offsets(void) ++{ ++ gp_rdma_write_offsets = NULL; ++} ++ + /* Get conversation state, it is created if it does not exist */ + static rdma_conv_info_t *get_rdma_conv_info(packet_info *pinfo) + { +@@ -1392,6 +1405,7 @@ dissect_rpcrdma(tvbuff_t *tvb, packet_info *pinfo, proto_tree *tree, void* data + if (write_size > 0 && !pinfo->fd->visited) { + /* Initialize array of write chunk offsets */ + gp_rdma_write_offsets = wmem_array_new(wmem_packet_scope(), sizeof(gint)); ++ register_frame_end_routine(pinfo, reset_write_offsets); + TRY { + /* + * Call the upper layer dissector to get a list of offsets +-- +2.40.1 diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 19489a8bcbf..f233b425322 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -25,6 +25,7 @@ SRC_URI += " \ file://CVE-2023-0667.patch \ file://CVE-2023-0668.patch \ file://CVE-2023-2906.patch \ + file://CVE-2023-1992.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From 52e23d3fcd48a64af71f5423233f261af6c59f60 Mon Sep 17 00:00:00 2001 From: vkumbhar Date: Wed, 13 Dec 2023 12:07:01 +0530 Subject: [PATCH 532/600] wireshark: fix CVE-2022-4345 multiple (BPv6, OpenFlow, and Kafka protocol) dissector infinite loops Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/39db474f80af87449ce0f034522dccc80ed4153f Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2022-4345.patch | 52 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 53 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2022-4345.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2022-4345.patch b/meta-networking/recipes-support/wireshark/files/CVE-2022-4345.patch new file mode 100644 index 00000000000..ccf04459e8a --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2022-4345.patch @@ -0,0 +1,52 @@ +From 39db474f80af87449ce0f034522dccc80ed4153f Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Thu, 1 Dec 2022 20:46:15 -0500 +Subject: [PATCH] openflow_v6: Prevent infinite loops in too short ofp_stats + +The ofp_stats struct length field includes the fixed 4 bytes. +If the length is smaller than that, report the length error +and break out. In particular, a value of zero can cause +infinite loops if this isn't done. + + +(cherry picked from commit 13823bb1059cf70f401892ba1b1eaa2400cdf3db) + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/39db474f80af87449ce0f034522dccc80ed4153f] +CVE: CVE-2022-4345 +Signed-off-by: Vivek Kumbhar +--- + epan/dissectors/packet-openflow_v6.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/epan/dissectors/packet-openflow_v6.c b/epan/dissectors/packet-openflow_v6.c +index 16016af..3e24d76 100644 +--- a/epan/dissectors/packet-openflow_v6.c ++++ b/epan/dissectors/packet-openflow_v6.c +@@ -1118,17 +1118,23 @@ dissect_openflow_v6_oxs(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, + static int + dissect_openflow_stats_v6(tvbuff_t *tvb, packet_info *pinfo _U_, proto_tree *tree, int offset, guint16 length _U_) + { ++ proto_item *ti; + guint32 stats_length; + int oxs_end; + guint32 padding; + + proto_tree_add_item(tree, hf_openflow_v6_stats_reserved, tvb, offset, 2, ENC_NA); + +- proto_tree_add_item_ret_uint(tree, hf_openflow_v6_stats_length, tvb, offset+2, 2, ENC_BIG_ENDIAN, &stats_length); ++ ti = proto_tree_add_item_ret_uint(tree, hf_openflow_v6_stats_length, tvb, offset+2, 2, ENC_BIG_ENDIAN, &stats_length); + + oxs_end = offset + stats_length; + offset+=4; + ++ if (stats_length < 4) { ++ expert_add_info(pinfo, ti, &ei_openflow_v6_length_too_short); ++ return offset; ++ } ++ + while (offset < oxs_end) { + offset = dissect_openflow_v6_oxs(tvb, pinfo, tree, offset, oxs_end - offset); + } +-- +2.40.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index f233b425322..365ec5e90a4 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -26,6 +26,7 @@ SRC_URI += " \ file://CVE-2023-0668.patch \ file://CVE-2023-2906.patch \ file://CVE-2023-1992.patch \ + file://CVE-2022-4345.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From dd23a9930360f540c919ddfd35fd1f6088174ef3 Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Mon, 18 Dec 2023 03:34:59 +0000 Subject: [PATCH 533/600] strongswan: upgrade 5.9.6 -> 5.9.12 * Drop backport patch 0001-enum-Fix-compiler-warning.patch. * Drop backport patch CVE-2022-40617.patch * Update RDEPENDS to fix strongswan startup failures: plugin 'mgf1': failed to load - mgf1_plugin_create not found and no plugin file available plugin 'fips-prf': failed to load - fips_prf_plugin_create not found and no plugin file available plugin 'kdf': failed to load - kdf_plugin_create not found and no plugin file available plugin 'drbg': failed to load - drbg_plugin_create not found and no plugin file available * Drop PACKAGECONFIG[scep] as scepclient has been removed. * Add plugin-gcm to RDEPENDS as gcm plugin has been added to the default plugins. ChangeLog: https://github.com/strongswan/strongswan/releases/tag/5.9.7 https://github.com/strongswan/strongswan/releases/tag/5.9.8 https://github.com/strongswan/strongswan/releases/tag/5.9.9 https://github.com/strongswan/strongswan/releases/tag/5.9.10 https://github.com/strongswan/strongswan/releases/tag/5.9.11 https://github.com/strongswan/strongswan/releases/tag/5.9.12 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../{strongswan_5.9.6.bb => strongswan_5.9.12.bb} | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) rename meta-networking/recipes-support/strongswan/{strongswan_5.9.6.bb => strongswan_5.9.12.bb} (96%) diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb b/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb similarity index 96% rename from meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb rename to meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb index b8d44db26bd..c734b43b64d 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.6.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb @@ -8,12 +8,10 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" DEPENDS = "flex-native flex bison-native" DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', '', d)}" -SRC_URI = "http://download.strongswan.org/strongswan-${PV}.tar.bz2 \ - file://0001-enum-Fix-compiler-warning.patch \ - file://CVE-2022-40617.patch \ +SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2 \ " -SRC_URI[sha256sum] = "91d0978ac448912759b85452d8ff0d578aafd4507aaf4f1c1719f9d0c7318ab7" +SRC_URI[sha256sum] = "5e6018b07cbe9f72c044c129955a13be3e2f799ceb53f53a4459da6a922b95e5" UPSTREAM_CHECK_REGEX = "strongswan-(?P\d+(\.\d+)+)\.tar" @@ -41,7 +39,6 @@ PACKAGECONFIG[gmp] = "--enable-gmp,--disable-gmp,gmp,${PN}-plugin-gmp" PACKAGECONFIG[ldap] = "--enable-ldap,--disable-ldap,openldap,${PN}-plugin-ldap" PACKAGECONFIG[mysql] = "--enable-mysql,--disable-mysql,mysql5,${PN}-plugin-mysql" PACKAGECONFIG[openssl] = "--enable-openssl,--disable-openssl,openssl,${PN}-plugin-openssl" -PACKAGECONFIG[scep] = "--enable-scepclient,--disable-scepclient," PACKAGECONFIG[soup] = "--enable-soup,--disable-soup,libsoup-2.4,${PN}-plugin-soup" PACKAGECONFIG[sqlite3] = "--enable-sqlite,--disable-sqlite,sqlite3,${PN}-plugin-sqlite" PACKAGECONFIG[stroke] = "--enable-stroke,--disable-stroke,,${PN}-plugin-stroke" @@ -146,11 +143,16 @@ RDEPENDS:${PN} += "\ ${PN}-plugin-attr \ ${PN}-plugin-cmac \ ${PN}-plugin-constraints \ + ${PN}-plugin-drbg \ + ${PN}-plugin-fips-prf \ ${PN}-plugin-des \ ${PN}-plugin-dnskey \ + ${PN}-plugin-gcm \ ${PN}-plugin-hmac \ + ${PN}-plugin-kdf \ ${PN}-plugin-kernel-netlink \ ${PN}-plugin-md5 \ + ${PN}-plugin-mgf1 \ ${PN}-plugin-nonce \ ${PN}-plugin-pem \ ${PN}-plugin-pgp \ From 20cc355db603c172e5a3e9a2aedeab85bdfdc393 Mon Sep 17 00:00:00 2001 From: dnyandev Date: Fri, 22 Dec 2023 12:56:35 +0530 Subject: [PATCH 534/600] python3-pillow: Fix CVE-2023-44271 Add patch to fix CVE-2023-44271 Reference: https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7 Signed-off-by: Dnyandev Padalkar Signed-off-by: Armin Kuster --- .../python3-pillow/CVE-2023-44271.patch | 156 ++++++++++++++++++ .../python/python3-pillow_9.4.0.bb | 1 + 2 files changed, 157 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-44271.patch diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-44271.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-44271.patch new file mode 100644 index 00000000000..ad51f17288e --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-44271.patch @@ -0,0 +1,156 @@ +From 1fe1bb49c452b0318cad12ea9d97c3bef188e9a7 Mon Sep 17 00:00:00 2001 +From: Andrew Murray +Date: Fri, 30 Jun 2023 23:32:26 +1000 +Subject: [PATCH] Added ImageFont.MAX_STRING_LENGTH + +Upstream-status: Backport [https://github.com/python-pillow/Pillow/commit/1fe1bb49c452b0318cad12ea9d97c3bef188e9a7] +CVE: CVE-2023-44271 +Comment: Refresh hunk for test_imagefont.py, ImageFont.py and +Remove hunk 10.0.0.rst because in our version it is 9.4.0 + +Signed-off-by: Pawan Badganchi +Signed-off-by: Dnyandev Padalkar +--- + Tests/test_imagefont.py | 19 +++++++++++++++++++ + docs/reference/ImageFont.rst | 18 ++++++++++++++++++ + src/PIL/ImageFont.py | 15 +++++++++++++++ + 3 files changed, 52 insertions(+) + +diff --git a/Tests/test_imagefont.py b/Tests/test_imagefont.py +index 7fa8ff8cbfd..c50447a153d 100644 +--- a/Tests/test_imagefont.py ++++ b/Tests/test_imagefont.py +@@ -1107,6 +1107,25 @@ + assert_image_equal_tofile(im, "Tests/images/text_mono.gif") + + ++def test_too_many_characters(font): ++ with pytest.raises(ValueError): ++ font.getlength("A" * 1000001) ++ with pytest.raises(ValueError): ++ font.getbbox("A" * 1000001) ++ with pytest.raises(ValueError): ++ font.getmask2("A" * 1000001) ++ ++ transposed_font = ImageFont.TransposedFont(font) ++ with pytest.raises(ValueError): ++ transposed_font.getlength("A" * 1000001) ++ ++ default_font = ImageFont.load_default() ++ with pytest.raises(ValueError): ++ default_font.getlength("A" * 1000001) ++ with pytest.raises(ValueError): ++ default_font.getbbox("A" * 1000001) ++ ++ + @pytest.mark.parametrize( + "test_file", + [ +diff --git a/docs/reference/ImageFont.rst b/docs/reference/ImageFont.rst +index 946bd3c4bed..2abfa0cc997 100644 +--- a/docs/reference/ImageFont.rst ++++ b/docs/reference/ImageFont.rst +@@ -18,6 +18,15 @@ OpenType fonts (as well as other font formats supported by the FreeType + library). For earlier versions, TrueType support is only available as part of + the imToolkit package. + ++.. warning:: ++ To protect against potential DOS attacks when using arbitrary strings as ++ text input, Pillow will raise a ``ValueError`` if the number of characters ++ is over a certain limit, :py:data:`MAX_STRING_LENGTH`. ++ ++ This threshold can be changed by setting ++ :py:data:`MAX_STRING_LENGTH`. It can be disabled by setting ++ ``ImageFont.MAX_STRING_LENGTH = None``. ++ + Example + ------- + +@@ -73,3 +82,12 @@ Constants + + Requires Raqm, you can check support using + :py:func:`PIL.features.check_feature` with ``feature="raqm"``. ++ ++Constants ++--------- ++ ++.. data:: MAX_STRING_LENGTH ++ ++ Set to 1,000,000, to protect against potential DOS attacks. Pillow will ++ raise a ``ValueError`` if the number of characters is over this limit. The ++ check can be disabled by setting ``ImageFont.MAX_STRING_LENGTH = None``. +diff --git a/src/PIL/ImageFont.py b/src/PIL/ImageFont.py +index 3ddc1aaad64..1030985ebc4 100644 +--- a/src/PIL/ImageFont.py ++++ b/src/PIL/ImageFont.py +@@ -43,6 +43,9 @@ + RAQM = 1 + + ++MAX_STRING_LENGTH = 1000000 ++ ++ + def __getattr__(name): + for enum, prefix in {Layout: "LAYOUT_"}.items(): + if name.startswith(prefix): +@@ -67,6 +67,12 @@ + core = _ImagingFtNotInstalled() + + ++def _string_length_check(text): ++ if MAX_STRING_LENGTH is not None and len(text) > MAX_STRING_LENGTH: ++ msg = "too many characters in string" ++ raise ValueError(msg) ++ ++ + _UNSPECIFIED = object() + + +@@ -192,6 +192,7 @@ + + :return: ``(left, top, right, bottom)`` bounding box + """ ++ _string_length_check(text) + width, height = self.font.getsize(text) + return 0, 0, width, height + +@@ -202,6 +202,7 @@ + + .. versionadded:: 9.2.0 + """ ++ _string_length_check(text) + width, height = self.font.getsize(text) + return width + +@@ -359,6 +359,7 @@ + + :return: Width for horizontal, height for vertical text. + """ ++ _string_length_check(text) + return self.font.getlength(text, mode, direction, features, language) / 64 + + def getbbox( +@@ -418,6 +418,7 @@ + + :return: ``(left, top, right, bottom)`` bounding box + """ ++ _string_length_check(text) + size, offset = self.font.getsize( + text, mode, direction, features, language, anchor + ) +@@ -762,6 +762,7 @@ + :py:mod:`PIL.Image.core` interface module, and the text offset, the + gap between the starting coordinate and the first marking + """ ++ _string_length_check(text) + if fill is _UNSPECIFIED: + fill = Image.core.fill + else: +@@ -924,6 +924,7 @@ + if self.orientation in (Image.Transpose.ROTATE_90, Image.Transpose.ROTATE_270): + msg = "text length is undefined for text rotated by 90 or 270 degrees" + raise ValueError(msg) ++ _string_length_check(text) + return self.font.getlength(text, *args, **kwargs) + + diff --git a/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb b/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb index 86705d2d8eb..b9c09127c59 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb @@ -9,6 +9,7 @@ SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=main;protocol=https file://0001-support-cross-compiling.patch \ file://0001-explicitly-set-compile-options.patch \ file://run-ptest \ + file://CVE-2023-44271.patch \ " SRCREV ?= "82541b6dec8452cb612067fcebba1c5a1a2bfdc8" From caef5591303834e453e8097f6d9b53259827782e Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Tue, 26 Dec 2023 08:23:03 +0000 Subject: [PATCH 535/600] cjson: upgrade 1.7.15 -> 1.7.17 The following CVEs are addressed in this release. CVE-2023-50471 CVE-2023-50472 https://github.com/DaveGamble/cJSON/releases/tag/v1.7.17 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../recipes-devtools/cjson/{cjson_1.7.15.bb => cjson_1.7.17.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/cjson/{cjson_1.7.15.bb => cjson_1.7.17.bb} (91%) diff --git a/meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb b/meta-oe/recipes-devtools/cjson/cjson_1.7.17.bb similarity index 91% rename from meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb rename to meta-oe/recipes-devtools/cjson/cjson_1.7.17.bb index 200f7516697..c9c38a9fe33 100644 --- a/meta-oe/recipes-devtools/cjson/cjson_1.7.15.bb +++ b/meta-oe/recipes-devtools/cjson/cjson_1.7.17.bb @@ -6,7 +6,7 @@ LICENSE = "MIT" LIC_FILES_CHKSUM = "file://LICENSE;md5=218947f77e8cb8e2fa02918dc41c50d0" SRC_URI = "git://github.com/DaveGamble/cJSON.git;branch=master;protocol=https" -SRCREV = "d348621ca93571343a56862df7de4ff3bc9b5667" +SRCREV = "87d8f0961a01bf09bef98ff89bae9fdec42181ee" S = "${WORKDIR}/git" From 9843839b2374e02fa9e7c998fd8d642b1c0626f9 Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Wed, 22 Nov 2023 04:55:24 +0000 Subject: [PATCH 536/600] samba: fix CVE-2023-42669 A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the "rpcecho" server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as "rpcecho" runs in the main RPC task. References: https://nvd.nist.gov/vuln/detail/CVE-2023-42669 Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-42669.patch | 94 +++++++++++++++++++ .../samba/samba_4.14.14.bb | 1 + 2 files changed, 95 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-42669.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-42669.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-42669.patch new file mode 100644 index 00000000000..dfa6aeb0235 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-42669.patch @@ -0,0 +1,94 @@ +From 9989568b20c8f804140c22f51548d766a18ed887 Mon Sep 17 00:00:00 2001 +From: Andrew Bartlett +Date: Tue, 12 Sep 2023 18:59:44 +1200 +Subject: [PATCH] CVE-2023-42669 s4-rpc_server: Disable rpcecho server by + default + +The rpcecho server is useful in development and testing, but should never +have been allowed into production, as it includes the facility to +do a blocking sleep() in the single-threaded rpc worker. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15474 + +Signed-off-by: Andrew Bartlett + +CVE: CVE-2023-42669 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/9989568b20c8f804140c22f51548d766a18ed887] + +Signed-off-by: Archana Polampalli +--- + docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml | 2 +- + lib/param/loadparm.c | 2 +- + selftest/target/Samba4.pm | 2 +- + source3/param/loadparm.c | 2 +- + source4/rpc_server/wscript_build | 3 ++- + 5 files changed, 6 insertions(+), 5 deletions(-) + +diff --git a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml +index 8a217cc..c6642b7 100644 +--- a/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml ++++ b/docs-xml/smbdotconf/protocol/dcerpcendpointservers.xml +@@ -6,6 +6,6 @@ + Specifies which DCE/RPC endpoint servers should be run. + + +-epmapper, wkssvc, rpcecho, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver ++epmapper, wkssvc, samr, netlogon, lsarpc, drsuapi, dssetup, unixinfo, browser, eventlog6, backupkey, dnsserver + rpcecho + +diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c +index eedfa00..75687f5 100644 +--- a/lib/param/loadparm.c ++++ b/lib/param/loadparm.c +@@ -2717,7 +2717,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) + lpcfg_do_global_parameter(lp_ctx, "ntvfs handler", "unixuid default"); + lpcfg_do_global_parameter(lp_ctx, "max connections", "0"); + +- lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver"); ++ lpcfg_do_global_parameter(lp_ctx, "dcerpc endpoint servers", "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver"); + lpcfg_do_global_parameter(lp_ctx, "server services", "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns"); + lpcfg_do_global_parameter(lp_ctx, "kccsrv:samba_kcc", "true"); + /* the winbind method for domain controllers is for both RODC +diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm +index 651faa7..c7b33d2 100755 +--- a/selftest/target/Samba4.pm ++++ b/selftest/target/Samba4.pm +@@ -773,7 +773,7 @@ sub provision_raw_step1($$) + wins support = yes + server role = $ctx->{server_role} + server services = +echo $services +- dcerpc endpoint servers = +winreg +srvsvc ++ dcerpc endpoint servers = +winreg +srvsvc +rpcecho + notify:inotify = false + ldb:nosync = true + ldap server require strong auth = yes +diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c +index 8bcd35f..a99ab35 100644 +--- a/source3/param/loadparm.c ++++ b/source3/param/loadparm.c +@@ -879,7 +879,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) + + Globals.server_services = str_list_make_v3_const(NULL, "s3fs rpc nbt wrepl ldap cldap kdc drepl winbindd ntp_signd kcc dnsupdate dns", NULL); + +- Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc rpcecho samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL); ++ Globals.dcerpc_endpoint_servers = str_list_make_v3_const(NULL, "epmapper wkssvc samr netlogon lsarpc drsuapi dssetup unixinfo browser eventlog6 backupkey dnsserver", NULL); + + Globals.tls_enabled = true; + Globals.tls_verify_peer = TLS_VERIFY_PEER_AS_STRICT_AS_POSSIBLE; +diff --git a/source4/rpc_server/wscript_build b/source4/rpc_server/wscript_build +index 8c75672..a2520da 100644 +--- a/source4/rpc_server/wscript_build ++++ b/source4/rpc_server/wscript_build +@@ -29,7 +29,8 @@ bld.SAMBA_MODULE('dcerpc_rpcecho', + source='echo/rpc_echo.c', + subsystem='dcerpc_server', + init_function='dcerpc_server_rpcecho_init', +- deps='ndr-standard events' ++ deps='ndr-standard events', ++ enabled=bld.CONFIG_GET('ENABLE_SELFTEST') + ) + + +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index dcb4d8137f1..17d12e4392f 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -51,6 +51,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2023-34968_0011.patch \ file://CVE-2023-4091-0001.patch \ file://CVE-2023-4091-0002.patch \ + file://CVE-2023-42669.patch \ " SRC_URI:append:libc-musl = " \ From f026a9c41bfbaa71c6111e221716fb683f552ba7 Mon Sep 17 00:00:00 2001 From: Jeffrey Pautler Date: Fri, 10 Nov 2023 10:14:04 -0600 Subject: [PATCH 537/600] apache2: add vendor to product name used for CVE checking This recipe sets the product name used for CVE checking to "http_server". However, the cve-check logic matches that name to all products in the CVE database regardless of vendor. Currently, it is matching to products from vendors other than apache. As a result, CVE checking incorrectly reports CVEs for those vendors' products for this package. Signed-off-by: Jeffrey Pautler Signed-off-by: Khem Raj (cherry picked from commit 51f70eaaa5973e385645f574093ee860f5648f88) Signed-off-by: Armin Kuster --- meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb index 9ffdf3265a0..3fbc975fca9 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb @@ -36,7 +36,7 @@ inherit autotools update-rc.d pkgconfig systemd update-alternatives DEPENDS = "openssl expat pcre apr apr-util apache2-native " -CVE_PRODUCT = "http_server" +CVE_PRODUCT = "apache:http_server" SSTATE_SCAN_FILES += "apxs config_vars.mk config.nice" From 764c779a19f1be68979a3a3b61e8174c73dc5bca Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Mon, 4 Dec 2023 15:48:47 +0000 Subject: [PATCH 538/600] apache2: upgrade 2.4.57 -> 2.4.58 This upgrade incorporates the CVE-2023-31122, CVE-2023-43622 & CVE-2023-45802 fixes and other bugfixes. The "0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch" is no longer needed as it's included in this upgrade. Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.58 References: https://httpd.apache.org/security/vulnerabilities_24.html https://security-tracker.debian.org/tracker/CVE-2023-31122 https://security-tracker.debian.org/tracker/CVE-2023-43622 https://security-tracker.debian.org/tracker/CVE-2023-45802 Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- ...config9.m4-Add-server-directory-to-i.patch | 31 ------------------- .../{apache2_2.4.57.bb => apache2_2.4.58.bb} | 3 +- 2 files changed, 1 insertion(+), 33 deletions(-) delete mode 100644 meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.57.bb => apache2_2.4.58.bb} (98%) diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch b/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch deleted file mode 100644 index 996eabf586b..00000000000 --- a/meta-webserver/recipes-httpd/apache2/apache2/0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch +++ /dev/null @@ -1,31 +0,0 @@ -From 5c9257fa34335ff83f7c01581cf953111072a457 Mon Sep 17 00:00:00 2001 -From: Valeria Petrov -Date: Tue, 18 Apr 2023 15:38:53 +0200 -Subject: [PATCH] * modules/mappers/config9.m4: Add 'server' directory to - include path if mod_rewrite is enabled. - -Upstream-Status: Accepted [https://svn.apache.org/viewvc?view=revision&revision=1909241] - ---- - modules/mappers/config9.m4 | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/modules/mappers/config9.m4 b/modules/mappers/config9.m4 -index 55a97ab993..7120b729b7 100644 ---- a/modules/mappers/config9.m4 -+++ b/modules/mappers/config9.m4 -@@ -14,6 +14,11 @@ APACHE_MODULE(userdir, mapping of requests to user-specific directories, , , mos - APACHE_MODULE(alias, mapping of requests to different filesystem parts, , , yes) - APACHE_MODULE(rewrite, rule based URL manipulation, , , most) - -+if test "x$enable_rewrite" != "xno"; then -+ # mod_rewrite needs test_char.h -+ APR_ADDTO(INCLUDES, [-I\$(top_builddir)/server]) -+fi -+ - APR_ADDTO(INCLUDES, [-I\$(top_srcdir)/$modpath_current]) - - APACHE_MODPATH_FINISH --- -2.25.1 - diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb similarity index 98% rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb index 3fbc975fca9..84b19de5922 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.57.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb @@ -16,7 +16,6 @@ SRC_URI = "${APACHE_MIRROR}/httpd/httpd-${PV}.tar.bz2 \ file://0008-Fix-perl-install-directory-to-usr-bin.patch \ file://0009-support-apxs.in-force-destdir-to-be-empty-string.patch \ file://0001-make_exports.awk-not-expose-the-path.patch \ - file://0011-modules-mappers-config9.m4-Add-server-directory-to-i.patch \ " SRC_URI:append:class-target = " \ @@ -28,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "dbccb84aee95e095edfbb81e5eb926ccd24e6ada55dcd83caecb262e5cf94d2a" +SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5" S = "${WORKDIR}/httpd-${PV}" From 730e44900a0a86265bad93a16b5a5ff344a07266 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Wed, 3 Jan 2024 14:31:28 +0530 Subject: [PATCH 539/600] proftpd: Fix CVE-2023-51713 Out-of-bounds buffer read Upstream-Status: Backport from https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592 Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../proftpd/files/CVE-2023-51713.patch | 277 ++++++++++++++++++ .../recipes-daemons/proftpd/proftpd_1.3.7c.bb | 1 + 2 files changed, 278 insertions(+) create mode 100644 meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch diff --git a/meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch b/meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch new file mode 100644 index 00000000000..4b2cac18707 --- /dev/null +++ b/meta-networking/recipes-daemons/proftpd/files/CVE-2023-51713.patch @@ -0,0 +1,277 @@ +From 97bbe68363ccf2de0c07f67170ec64a8b4d62592 Mon Sep 17 00:00:00 2001 +From: TJ Saunders +Date: Sun, 6 Aug 2023 13:16:26 -0700 +Subject: [PATCH] Issue #1683: Avoid an edge case when handling unexpectedly + formatted input text from client, caused by quote/backslash semantics, by + skipping those semantics. + +Upstream-Status: Backport [https://github.com/proftpd/proftpd/commit/97bbe68363ccf2de0c07f67170ec64a8b4d62592] +CVE: CVE-2023-51713 +Signed-off-by: Hitendra Prajapati +--- + include/str.h | 3 ++- + src/main.c | 34 +++++++++++++++++++++++++++++---- + src/str.c | 22 +++++++++++++--------- + tests/api/str.c | 50 ++++++++++++++++++++++++++++++++++++++++++++++++- + 4 files changed, 94 insertions(+), 15 deletions(-) + +diff --git a/include/str.h b/include/str.h +index f08398017..1261ae2c2 100644 +--- a/include/str.h ++++ b/include/str.h +@@ -1,6 +1,6 @@ + /* + * ProFTPD - FTP server daemon +- * Copyright (c) 2008-2020 The ProFTPD Project team ++ * Copyright (c) 2008-2023 The ProFTPD Project team + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -131,6 +131,7 @@ const char *pr_gid2str(pool *, gid_t); + #define PR_STR_FL_PRESERVE_COMMENTS 0x0001 + #define PR_STR_FL_PRESERVE_WHITESPACE 0x0002 + #define PR_STR_FL_IGNORE_CASE 0x0004 ++#define PR_STR_FL_IGNORE_QUOTES 0x0008 + + char *pr_str_get_token(char **, char *); + char *pr_str_get_token2(char **, char *, size_t *); +diff --git a/src/main.c b/src/main.c +index ee9c1eecb..e6b70731d 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -811,8 +811,24 @@ static cmd_rec *make_ftp_cmd(pool *p, char *buf, size_t buflen, int flags) { + return NULL; + } + ++ /* By default, pr_str_get_word will handle quotes and backslashes for ++ * escaping characters. This can produce words which are shorter, use ++ * fewer bytes than the corresponding input buffer. ++ * ++ * In this particular situation, we use the length of this initial word ++ * for determining the length of the remaining buffer bytes, assumed to ++ * contain the FTP command arguments. If this initial word is thus ++ * unexpectedly "shorter", due to nonconformant FTP text, it can lead ++ * the subsequent buffer scan, looking for CRNUL sequencees, to access ++ * unexpected memory addresses (Issue #1683). ++ * ++ * Thus for this particular situation, we tell the function to ignore/skip ++ * such quote/backslash semantics, and treat them as any other character ++ * using the IGNORE_QUOTES flag. ++ */ ++ + ptr = buf; +- wrd = pr_str_get_word(&ptr, str_flags); ++ wrd = pr_str_get_word(&ptr, str_flags|PR_STR_FL_IGNORE_QUOTES); + if (wrd == NULL) { + /* Nothing there...bail out. */ + pr_trace_msg("ctrl", 5, "command '%s' is empty, ignoring", buf); +@@ -820,6 +836,11 @@ static cmd_rec *make_ftp_cmd(pool *p, char *buf, size_t buflen, int flags) { + return NULL; + } + ++ /* Note that this first word is the FTP command. This is why we make ++ * use of the ptr buffer, which advances through the input buffer as ++ * we read words from the buffer. ++ */ ++ + subpool = make_sub_pool(p); + pr_pool_tag(subpool, "make_ftp_cmd pool"); + cmd = pcalloc(subpool, sizeof(cmd_rec)); +@@ -846,6 +867,7 @@ static cmd_rec *make_ftp_cmd(pool *p, char *buf, size_t buflen, int flags) { + arg_len = buflen - strlen(wrd); + arg = pcalloc(cmd->pool, arg_len + 1); + ++ /* Remember that ptr here is advanced past the first word. */ + for (i = 0, j = 0; i < arg_len; i++) { + pr_signals_handle(); + if (i > 1 && +@@ -854,14 +876,13 @@ static cmd_rec *make_ftp_cmd(pool *p, char *buf, size_t buflen, int flags) { + + /* Strip out the NUL by simply not copying it into the new buffer. */ + have_crnul = TRUE; ++ + } else { + arg[j++] = ptr[i]; + } + } + +- cmd->arg = arg; +- +- if (have_crnul) { ++ if (have_crnul == TRUE) { + char *dup_arg; + + /* Now make a copy of the stripped argument; this is what we need to +@@ -871,6 +892,11 @@ static cmd_rec *make_ftp_cmd(pool *p, char *buf, size_t buflen, int flags) { + ptr = dup_arg; + } + ++ cmd->arg = arg; ++ ++ /* Now we can read the remamining words, as command arguments, from the ++ * input buffer. ++ */ + while ((wrd = pr_str_get_word(&ptr, str_flags)) != NULL) { + pr_signals_handle(); + *((char **) push_array(tarr)) = pstrdup(cmd->pool, wrd); +diff --git a/src/str.c b/src/str.c +index bcca4ae4d..a2ff74daf 100644 +--- a/src/str.c ++++ b/src/str.c +@@ -1,6 +1,6 @@ + /* + * ProFTPD - FTP server daemon +- * Copyright (c) 2008-2017 The ProFTPD Project team ++ * Copyright (c) 2008-2023 The ProFTPD Project team + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -1209,7 +1209,7 @@ int pr_str_get_nbytes(const char *str, const char *units, off_t *nbytes) { + + char *pr_str_get_word(char **cp, int flags) { + char *res, *dst; +- char quote_mode = 0; ++ int quote_mode = FALSE; + + if (cp == NULL || + !*cp || +@@ -1238,24 +1238,28 @@ char *pr_str_get_word(char **cp, int flags) { + } + } + +- if (**cp == '\"') { +- quote_mode++; +- (*cp)++; ++ if (!(flags & PR_STR_FL_IGNORE_QUOTES)) { ++ if (**cp == '\"') { ++ quote_mode = TRUE; ++ (*cp)++; ++ } + } + + while (**cp && (quote_mode ? (**cp != '\"') : !PR_ISSPACE(**cp))) { + pr_signals_handle(); + +- if (**cp == '\\' && quote_mode) { +- ++ if (**cp == '\\' && ++ quote_mode == TRUE) { + /* Escaped char */ + if (*((*cp)+1)) { +- *dst = *(++(*cp)); ++ *dst++ = *(++(*cp)); ++ (*cp)++; ++ continue; + } + } + + *dst++ = **cp; +- ++(*cp); ++ (*cp)++; + } + + if (**cp) { +diff --git a/tests/api/str.c b/tests/api/str.c +index 050f5c563..bc64f0fb0 100644 +--- a/tests/api/str.c ++++ b/tests/api/str.c +@@ -1,6 +1,6 @@ + /* + * ProFTPD - FTP server testsuite +- * Copyright (c) 2008-2017 The ProFTPD Project team ++ * Copyright (c) 2008-2023 The ProFTPD Project team + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by +@@ -695,19 +695,23 @@ END_TEST + START_TEST (get_word_test) { + char *ok, *res, *str; + ++ mark_point(); + res = pr_str_get_word(NULL, 0); + fail_unless(res == NULL, "Failed to handle null arguments"); + fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); + ++ mark_point(); + str = NULL; + res = pr_str_get_word(&str, 0); + fail_unless(res == NULL, "Failed to handle null str argument"); + fail_unless(errno == EINVAL, "Failed to set errno to EINVAL"); + ++ mark_point(); + str = pstrdup(p, " "); + res = pr_str_get_word(&str, 0); + fail_unless(res == NULL, "Failed to handle whitespace argument"); + ++ mark_point(); + str = pstrdup(p, " foo"); + res = pr_str_get_word(&str, PR_STR_FL_PRESERVE_WHITESPACE); + fail_unless(res != NULL, "Failed to handle whitespace argument: %s", +@@ -723,6 +727,7 @@ START_TEST (get_word_test) { + ok = "foo"; + fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); + ++ mark_point(); + str = pstrdup(p, " # foo"); + res = pr_str_get_word(&str, 0); + fail_unless(res == NULL, "Failed to handle commented argument"); +@@ -742,6 +747,8 @@ START_TEST (get_word_test) { + fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); + + /* Test multiple embedded quotes. */ ++ ++ mark_point(); + str = pstrdup(p, "foo \"bar baz\" qux \"quz norf\""); + res = pr_str_get_word(&str, 0); + fail_unless(res != NULL, "Failed to handle quoted argument: %s", +@@ -770,6 +777,47 @@ START_TEST (get_word_test) { + + ok = "quz norf"; + fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); ++ ++ ++ /* Test embedded quotes with backslashes (Issue #1683). */ ++ mark_point(); ++ ++ str = pstrdup(p, "\"\\\\SYST\""); ++ res = pr_str_get_word(&str, 0); ++ fail_unless(res != NULL, "Failed to handle quoted argument: %s", ++ strerror(errno)); ++ ++ ok = "\\SYST"; ++ fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); ++ ++ mark_point(); ++ str = pstrdup(p, "\"\"\\\\SYST"); ++ res = pr_str_get_word(&str, 0); ++ fail_unless(res != NULL, "Failed to handle quoted argument: %s", ++ strerror(errno)); ++ ++ /* Note that pr_str_get_word() is intended to be called multiple times ++ * on an advancing buffer, effectively tokenizing the buffer. This is ++ * why the function does NOT decrement its quote mode. ++ */ ++ ok = ""; ++ fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); ++ ++ /* Now do the same tests with the IGNORE_QUOTES flag */ ++ mark_point(); ++ ++ str = ok = pstrdup(p, "\"\\\\SYST\""); ++ res = pr_str_get_word(&str, PR_STR_FL_IGNORE_QUOTES); ++ fail_unless(res != NULL, "Failed to handle quoted argument: %s", ++ strerror(errno)); ++ fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); ++ ++ mark_point(); ++ str = ok = pstrdup(p, "\"\"\\\\SYST"); ++ res = pr_str_get_word(&str, PR_STR_FL_IGNORE_QUOTES); ++ fail_unless(res != NULL, "Failed to handle quoted argument: %s", ++ strerror(errno)); ++ fail_unless(strcmp(res, ok) == 0, "Expected '%s', got '%s'", ok, res); + } + END_TEST + +-- +2.25.1 + diff --git a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb index 686f1e5cdf4..9d846f46a2a 100644 --- a/meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb +++ b/meta-networking/recipes-daemons/proftpd/proftpd_1.3.7c.bb @@ -15,6 +15,7 @@ SRC_URI = "git://github.com/proftpd/proftpd.git;branch=${BRANCH};protocol=https file://contrib.patch \ file://build_fixup.patch \ file://proftpd.service \ + file://CVE-2023-51713.patch \ " S = "${WORKDIR}/git" From ce9c0d76171ce9d07e4bcb702b750416b265562a Mon Sep 17 00:00:00 2001 From: Wang Mingyu Date: Fri, 15 Dec 2023 13:58:59 +0800 Subject: [PATCH 540/600] strongswan: upgrade 5.9.12 -> 5.9.13 Changelog: - Fixes a regression with handling OCSP error responses and adds a new option to specify the length of nonces in OCSP requests. Also adds some other improvements for OCSP handling and fuzzers for OCSP requests/responses. Signed-off-by: Wang Mingyu Signed-off-by: Khem Raj (cherry picked from commit 5be2e20157f3025f9e2370933267a56fd526c58e) Signed-off-by: Armin Kuster (cherry picked from commit b135007c8ff43c18dd0593b5115d46dc6362675f) Signed-off-by: Armin Kuster --- .../strongswan/{strongswan_5.9.12.bb => strongswan_5.9.13.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-networking/recipes-support/strongswan/{strongswan_5.9.12.bb => strongswan_5.9.13.bb} (99%) diff --git a/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bb similarity index 99% rename from meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb rename to meta-networking/recipes-support/strongswan/strongswan_5.9.13.bb index c734b43b64d..afa1a684b1e 100644 --- a/meta-networking/recipes-support/strongswan/strongswan_5.9.12.bb +++ b/meta-networking/recipes-support/strongswan/strongswan_5.9.13.bb @@ -11,7 +11,7 @@ DEPENDS:append = "${@bb.utils.contains('DISTRO_FEATURES', 'tpm2', ' tpm2-tss', SRC_URI = "https://download.strongswan.org/strongswan-${PV}.tar.bz2 \ " -SRC_URI[sha256sum] = "5e6018b07cbe9f72c044c129955a13be3e2f799ceb53f53a4459da6a922b95e5" +SRC_URI[sha256sum] = "56e30effb578fd9426d8457e3b76c8c3728cd8a5589594b55649b2719308ba55" UPSTREAM_CHECK_REGEX = "strongswan-(?P\d+(\.\d+)+)\.tar" From 1b1cf2be1e0606024753dd02e0265cbfc37b1a24 Mon Sep 17 00:00:00 2001 From: Zahir Hussain Date: Fri, 5 Jan 2024 22:02:46 +0530 Subject: [PATCH 541/600] p7zip: fix CVE-2018-5996 & CVE-2016-9296 References: https://nvd.nist.gov/vuln/detail/CVE-2018-5996 https://nvd.nist.gov/vuln/detail/CVE-2016-9296 Upstream patches: https://sources.debian.org/data/non-free/p/p7zip-rar/16.02-3/debian/patches/06-CVE-2018-5996.patch https://snapshot.debian.org/archive/debian-debug/20180205T215659Z/pool/main/p/p7zip/p7zip_16.02%2Bdfsg-6.debian.tar.xz Signed-off-by: Zahir Hussain Signed-off-by: aszh07 Signed-off-by: Armin Kuster --- .../p7zip/files/CVE-2016-9296.patch | 30 +++ .../p7zip/files/CVE-2018-5996.patch | 228 ++++++++++++++++++ meta-oe/recipes-extended/p7zip/p7zip_16.02.bb | 2 + 3 files changed, 260 insertions(+) create mode 100644 meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch create mode 100644 meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch diff --git a/meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch b/meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch new file mode 100644 index 00000000000..42ea716bea3 --- /dev/null +++ b/meta-oe/recipes-extended/p7zip/files/CVE-2016-9296.patch @@ -0,0 +1,30 @@ +From: Robert Luberda +Date: Sat, 19 Nov 2016 08:48:08 +0100 +Subject: Fix nullptr dereference (CVE-2016-9296) + +Patch taken from https://sourceforge.net/p/p7zip/bugs/185/ + +CVE: CVE-2016-9296 + +Upstream-Status: Backport [https://snapshot.debian.org/archive/debian-debug/20180205T215659Z/pool/main/p/p7zip/p7zip_16.02%2Bdfsg-6.debian.tar.xz] + +Signed-off-by: Zahir Hussain +Signed-off-by: aszh07 +--- + CPP/7zip/Archive/7z/7zIn.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/CPP/7zip/Archive/7z/7zIn.cpp b/CPP/7zip/Archive/7z/7zIn.cpp +index b0c6b98..7c6dde2 100644 +--- a/CPP/7zip/Archive/7z/7zIn.cpp ++++ b/CPP/7zip/Archive/7z/7zIn.cpp +@@ -1097,7 +1097,8 @@ HRESULT CInArchive::ReadAndDecodePackedStreams( + if (CrcCalc(data, unpackSize) != folders.FolderCRCs.Vals[i]) + ThrowIncorrect(); + } +- HeadersSize += folders.PackPositions[folders.NumPackStreams]; ++ if (folders.PackPositions) ++ HeadersSize += folders.PackPositions[folders.NumPackStreams]; + return S_OK; + } + diff --git a/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch b/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch new file mode 100644 index 00000000000..6b337b8d2d5 --- /dev/null +++ b/meta-oe/recipes-extended/p7zip/files/CVE-2018-5996.patch @@ -0,0 +1,228 @@ +From: Robert Luberda +Date: Sun, 28 Jan 2018 23:47:40 +0100 +Subject: CVE-2018-5996 + +Hopefully fix Memory Corruptions via RAR PPMd (CVE-2018-5996) by +applying a few changes from 7Zip 18.00-beta. + +Bug-Debian: https://bugs.debian.org/#888314 + +CVE: CVE-2018-5996 + +Upstream-Status: Backport [https://sources.debian.org/data/non-free/p/p7zip-rar/16.02-3/debian/patches/06-CVE-2018-5996.patch] + +Signed-off-by: Zahir Hussain +Signed-off-by: aszh07 +--- + CPP/7zip/Compress/Rar1Decoder.cpp | 13 +++++++++---- + CPP/7zip/Compress/Rar1Decoder.h | 1 + + CPP/7zip/Compress/Rar2Decoder.cpp | 10 +++++++++- + CPP/7zip/Compress/Rar2Decoder.h | 1 + + CPP/7zip/Compress/Rar3Decoder.cpp | 23 ++++++++++++++++++++--- + CPP/7zip/Compress/Rar3Decoder.h | 2 ++ + 6 files changed, 42 insertions(+), 8 deletions(-) + +diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp +index 1aaedcc..68030c7 100644 +--- a/CPP/7zip/Compress/Rar1Decoder.cpp ++++ b/CPP/7zip/Compress/Rar1Decoder.cpp +@@ -29,7 +29,7 @@ public: + }; + */ + +-CDecoder::CDecoder(): m_IsSolid(false) { } ++CDecoder::CDecoder(): m_IsSolid(false), _errorMode(false) { } + + void CDecoder::InitStructures() + { +@@ -406,9 +406,14 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + InitData(); + if (!m_IsSolid) + { ++ _errorMode = false; + InitStructures(); + InitHuff(); + } ++ ++ if (_errorMode) ++ return S_FALSE; ++ + if (m_UnpackSize > 0) + { + GetFlagsBuf(); +@@ -477,9 +482,9 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream + const UInt64 *inSize, const UInt64 *outSize, ICompressProgressInfo *progress) + { + try { return CodeReal(inStream, outStream, inSize, outSize, progress); } +- catch(const CInBufferException &e) { return e.ErrorCode; } +- catch(const CLzOutWindowException &e) { return e.ErrorCode; } +- catch(...) { return S_FALSE; } ++ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(const CLzOutWindowException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(...) { _errorMode = true; return S_FALSE; } + } + + STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size) +diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h +index 630f089..01b606b 100644 +--- a/CPP/7zip/Compress/Rar1Decoder.h ++++ b/CPP/7zip/Compress/Rar1Decoder.h +@@ -39,6 +39,7 @@ public: + + Int64 m_UnpackSize; + bool m_IsSolid; ++ bool _errorMode; + + UInt32 ReadBits(int numBits); + HRESULT CopyBlock(UInt32 distance, UInt32 len); +diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp +index b3f2b4b..0580c8d 100644 +--- a/CPP/7zip/Compress/Rar2Decoder.cpp ++++ b/CPP/7zip/Compress/Rar2Decoder.cpp +@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20; + static const UInt32 kWindowReservSize = (1 << 22) + 256; + + CDecoder::CDecoder(): +- m_IsSolid(false) ++ m_IsSolid(false), ++ m_TablesOK(false) + { + } + +@@ -100,6 +101,8 @@ UInt32 CDecoder::ReadBits(unsigned numBits) { return m_InBitStream.ReadBits(numB + + bool CDecoder::ReadTables(void) + { ++ m_TablesOK = false; ++ + Byte levelLevels[kLevelTableSize]; + Byte newLevels[kMaxTableSize]; + m_AudioMode = (ReadBits(1) == 1); +@@ -170,6 +173,8 @@ bool CDecoder::ReadTables(void) + } + + memcpy(m_LastLevels, newLevels, kMaxTableSize); ++ m_TablesOK = true; ++ + return true; + } + +@@ -344,6 +349,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream * + return S_FALSE; + } + ++ if (!m_TablesOK) ++ return S_FALSE; ++ + UInt64 startPos = m_OutWindowStream.GetProcessedSize(); + while (pos < unPackSize) + { +diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h +index 3a0535c..0e9005f 100644 +--- a/CPP/7zip/Compress/Rar2Decoder.h ++++ b/CPP/7zip/Compress/Rar2Decoder.h +@@ -139,6 +139,7 @@ class CDecoder : + + UInt64 m_PackSize; + bool m_IsSolid; ++ bool m_TablesOK; + + void InitStructures(); + UInt32 ReadBits(unsigned numBits); +diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp +index 3bf2513..6cb8a6a 100644 +--- a/CPP/7zip/Compress/Rar3Decoder.cpp ++++ b/CPP/7zip/Compress/Rar3Decoder.cpp +@@ -92,7 +92,8 @@ CDecoder::CDecoder(): + _writtenFileSize(0), + _vmData(0), + _vmCode(0), +- m_IsSolid(false) ++ m_IsSolid(false), ++ _errorMode(false) + { + Ppmd7_Construct(&_ppmd); + } +@@ -545,6 +546,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + return InitPPM(); + } + ++ TablesRead = false; ++ TablesOK = false; ++ + _lzMode = true; + PrevAlignBits = 0; + PrevAlignCount = 0; +@@ -606,6 +610,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + } + } + } ++ if (InputEofError()) ++ return S_FALSE; ++ + TablesRead = true; + + // original code has check here: +@@ -623,6 +630,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing) + RIF(m_LenDecoder.Build(&newLevels[kMainTableSize + kDistTableSize + kAlignTableSize])); + + memcpy(m_LastLevels, newLevels, kTablesSizesSum); ++ ++ TablesOK = true; ++ + return S_OK; + } + +@@ -824,7 +834,12 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) + PpmEscChar = 2; + PpmError = true; + InitFilters(); ++ _errorMode = false; + } ++ ++ if (_errorMode) ++ return S_FALSE; ++ + if (!m_IsSolid || !TablesRead) + { + bool keepDecompressing; +@@ -838,6 +853,8 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress) + bool keepDecompressing; + if (_lzMode) + { ++ if (!TablesOK) ++ return S_FALSE; + RINOK(DecodeLZ(keepDecompressing)) + } + else +@@ -901,8 +918,8 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream + _unpackSize = outSize ? *outSize : (UInt64)(Int64)-1; + return CodeReal(progress); + } +- catch(const CInBufferException &e) { return e.ErrorCode; } +- catch(...) { return S_FALSE; } ++ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; } ++ catch(...) { _errorMode = true; return S_FALSE; } + // CNewException is possible here. But probably CNewException is caused + // by error in data stream. + } +diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h +index c130cec..2f72d7d 100644 +--- a/CPP/7zip/Compress/Rar3Decoder.h ++++ b/CPP/7zip/Compress/Rar3Decoder.h +@@ -192,6 +192,7 @@ class CDecoder: + UInt32 _lastFilter; + + bool m_IsSolid; ++ bool _errorMode; + + bool _lzMode; + bool _unsupportedFilter; +@@ -200,6 +201,7 @@ class CDecoder: + UInt32 PrevAlignCount; + + bool TablesRead; ++ bool TablesOK; + + CPpmd7 _ppmd; + int PpmEscChar; diff --git a/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb b/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb index 04923116cfc..e795482eb6c 100644 --- a/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb +++ b/meta-oe/recipes-extended/p7zip/p7zip_16.02.bb @@ -10,6 +10,8 @@ SRC_URI = "http://downloads.sourceforge.net/p7zip/p7zip/${PV}/p7zip_${PV}_src_al file://CVE-2017-17969.patch \ file://0001-Fix-narrowing-errors-Wc-11-narrowing.patch \ file://change_numMethods_from_bool_to_unsigned.patch \ + file://CVE-2018-5996.patch \ + file://CVE-2016-9296.patch \ " SRC_URI[md5sum] = "a0128d661cfe7cc8c121e73519c54fbf" From 901ddf5a3d1985fc9956bf40fa6fdaa7626c9e3d Mon Sep 17 00:00:00 2001 From: Jose Quaresma Date: Wed, 3 Jan 2024 14:57:03 +0000 Subject: [PATCH 542/600] layer.conf: Add libdevmapper-native PREFERRED_RPROVIDER The libdevmapper recipe don't provide any package and is only there to resolve circular dependencies [1]. We already have the libdevmapper PREFERRED_RPROVIDER but the native it's missing. Fixes: | NOTE: Multiple providers are available for runtime libdevmapper-native (libdevmapper-native, lvm2-native) | Consider defining a PREFERRED_RPROVIDER entry to match libdevmapper-native [1] https://git.openembedded.org/meta-openembedded/commit/meta-oe/recipes-support/lvm2?id=3f64779eae2d8312f569bee863f90ec4f8176e6c Signed-off-by: Jose Quaresma Signed-off-by: Armin Kuster --- meta-oe/conf/layer.conf | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/conf/layer.conf b/meta-oe/conf/layer.conf index 0ca7d7d7dad..a0c644a2f4d 100644 --- a/meta-oe/conf/layer.conf +++ b/meta-oe/conf/layer.conf @@ -47,6 +47,7 @@ LAYERSERIES_COMPAT_openembedded-layer = "kirkstone" LICENSE_PATH += "${LAYERDIR}/licenses" PREFERRED_RPROVIDER_libdevmapper = "lvm2" +PREFERRED_RPROVIDER_libdevmapper-native = "lvm2-native" PREFERRED_PROVIDER_android-tools-conf ?= "android-tools-conf" SIGGEN_EXCLUDERECIPES_ABISAFE += " \ From b72149572d948ae312c7bdac0e443348e5236ad5 Mon Sep 17 00:00:00 2001 From: Vivek Kumbhar Date: Mon, 8 Jan 2024 18:37:13 +0530 Subject: [PATCH 543/600] squid: Backport fix for CVE-2023-49285 Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b] Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../squid/files/CVE-2023-49285.patch | 37 +++++++++++++++++++ .../recipes-daemons/squid/squid_4.15.bb | 1 + 2 files changed, 38 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch new file mode 100644 index 00000000000..6909f754f31 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-49285.patch @@ -0,0 +1,37 @@ +From 77b3fb4df0f126784d5fd4967c28ed40eb8d521b Mon Sep 17 00:00:00 2001 +From: Alex Rousskov +Date: Wed, 25 Oct 2023 19:41:45 +0000 +Subject: [PATCH] RFC 1123: Fix date parsing (#1538) + +The bug was discovered and detailed by Joshua Rogers at +https://megamansec.github.io/Squid-Security-Audit/datetime-overflow.html +where it was filed as "1-Byte Buffer OverRead in RFC 1123 date/time +Handling". + +Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/77b3fb4df0f126784d5fd4967c28ed40eb8d521b] +CVE: CVE-2023-49285 +Signed-off-by: Vivek Kumbhar +--- + lib/rfc1123.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/lib/rfc1123.c b/lib/rfc1123.c +index 2d889cc..add63f0 100644 +--- a/lib/rfc1123.c ++++ b/lib/rfc1123.c +@@ -50,7 +50,13 @@ make_month(const char *s) + char month[3]; + + month[0] = xtoupper(*s); ++ if (!month[0]) ++ return -1; // protects *(s + 1) below ++ + month[1] = xtolower(*(s + 1)); ++ if (!month[1]) ++ return -1; // protects *(s + 2) below ++ + month[2] = xtolower(*(s + 2)); + + for (i = 0; i < 12; i++) +-- +2.39.3 diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index 3027806742d..fb293453f1c 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb @@ -26,6 +26,7 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 file://0001-splay.cc-fix-bind-is-not-a-member-of-std.patch \ file://0001-Fix-build-on-Fedora-Rawhide-772.patch \ file://CVE-2023-46847.patch \ + file://CVE-2023-49285.patch \ " SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" From cda1751e2e936b21d1a2fa0dc93440704a645406 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Tue, 9 Jan 2024 11:28:01 +0530 Subject: [PATCH 544/600] wireshark: fix CVE-2024-0208 GVCP dissector crash Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/a8586fde3a6512466afb2a660538ef3fe712076b Signed-off-by: Hitendra Prajapati Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2024-0208.patch | 42 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2024-0208.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2024-0208.patch b/meta-networking/recipes-support/wireshark/files/CVE-2024-0208.patch new file mode 100644 index 00000000000..4c9f8d29c06 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2024-0208.patch @@ -0,0 +1,42 @@ +From a8586fde3a6512466afb2a660538ef3fe712076b Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Thu, 23 Nov 2023 13:47:51 -0500 +Subject: [PATCH] gvcp: Don't try to add a NULL string to a column + +This was caught as an invalid argument by g_strlcpy before 4.2, +but it was never a good idea. + +Fix #19496 + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/a8586fde3a6512466afb2a660538ef3fe712076b] +CVE: CVE-2024-0208 +Signed-off-by: Hitendra Prajapati +--- + epan/dissectors/packet-gvcp.c | 7 ++----- + 1 file changed, 2 insertions(+), 5 deletions(-) + +diff --git a/epan/dissectors/packet-gvcp.c b/epan/dissectors/packet-gvcp.c +index 6a17cff..eb849c0 100644 +--- a/epan/dissectors/packet-gvcp.c ++++ b/epan/dissectors/packet-gvcp.c +@@ -2222,15 +2222,12 @@ static void dissect_readreg_ack(proto_tree *gvcp_telegram_tree, tvbuff_t *tvb, p + if (addr_list_size > 0) + { + address_string = get_register_name_from_address(*((guint32*)wmem_array_index(gvcp_trans->addr_list, 0)), gvcp_info, &is_custom_register); ++ col_append_str(pinfo->cinfo, COL_INFO, address_string); + } + + if (num_registers) + { +- col_append_fstr(pinfo->cinfo, COL_INFO, "%s Value=0x%08X", address_string, tvb_get_ntohl(tvb, offset)); +- } +- else +- { +- col_append_str(pinfo->cinfo, COL_INFO, address_string); ++ col_append_sep_fstr(pinfo->cinfo, COL_INFO, " ", "Value=0x%08X", tvb_get_ntohl(tvb, offset)); + } + } + } +-- +2.25.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 365ec5e90a4..f5e316d9dc1 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -27,6 +27,7 @@ SRC_URI += " \ file://CVE-2023-2906.patch \ file://CVE-2023-1992.patch \ file://CVE-2022-4345.patch \ + file://CVE-2024-0208.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From 4af7df792940b42378ed9181d8a01bb7c7b09487 Mon Sep 17 00:00:00 2001 From: Narpat Mali Date: Tue, 9 Jan 2024 10:02:15 +0000 Subject: [PATCH 545/600] python3-aiohttp: upgrade 3.8.5 -> 3.8.6 The delta between 3.8.5 & 3.8.6 contains the CVE-2023-47627 fix and other bugfixes. https://github.com/aio-libs/aiohttp/security/advisories/GHSA-gfw2-4jvh-wgfg Changelog: ---------- https://docs.aiohttp.org/en/stable/changes.html#id72 The git log --oneline v3.8.5..v3.8.6 shows: 996de262 (tag: v3.8.6) Release v3.8.6 (#7668) 8c128d4f [PR #7651/45f98b7d backport][3.8] Fix BadStatusLine message (#7666) 89b7df15 Allow lax response parsing on Py parser (#7663) (#7664) d5c12ba8 [PR #7661/85713a48 backport][3.8] Update Python parser for RFCs 9110/9112 (#7662) 8a3977ac [PR #7272/b2a7983a backport][3.8] Fix Read The Docs config (#7650) bcc416e5 [PR #7647/1303350e backport][3.8] Upgrade to llhttp 9.1.3 (#7648) b30c0cd2 Remove chardet/charset-normalizer. (#7589) 5946c743 CookieJar - return 'best-match' and not LIFO (#7577) (#7588) 8c4ec62f [PR #7518/8bd42e74 backport][3.8] Fix GunicornWebWorker max_requests_jitter not work (#7519) a0d234df Use lenient headers for response parser (#7490) (#7492) f92b27b0 Update to LLHTTP 9 (#7485) (#7487) 8129d26f [PR #7480/1fb06bbc backport][3.8] Fix error pointer on linebreaks (#7482) 8d701c3d Fix PermissionError when loading .netrc (#7237) (#7378) (#7395) Signed-off-by: Narpat Mali Signed-off-by: Armin Kuster --- .../{python3-aiohttp_3.8.5.bb => python3-aiohttp_3.8.6.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-aiohttp_3.8.5.bb => python3-aiohttp_3.8.6.bb} (89%) diff --git a/meta-python/recipes-devtools/python/python3-aiohttp_3.8.5.bb b/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb similarity index 89% rename from meta-python/recipes-devtools/python/python3-aiohttp_3.8.5.bb rename to meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb index d04279ed974..f8ca9a4739a 100644 --- a/meta-python/recipes-devtools/python/python3-aiohttp_3.8.5.bb +++ b/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb @@ -4,7 +4,7 @@ HOMEPAGE = "https://github.com/aio-libs/aiohttp" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=748073912af33aa59430d3702aa32d41" -SRC_URI[sha256sum] = "b9552ec52cc147dbf1944ac7ac98af7602e51ea2dcd076ed194ca3c0d1c7d0bc" +SRC_URI[sha256sum] = "b0cf2a4501bff9330a8a5248b4ce951851e415bdcce9dc158e76cfd55e15085c" PYPI_PACKAGE = "aiohttp" inherit python_setuptools_build_meta pypi From de760c31d1534cf6c0fefbbd455f7e82662913fd Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Mon, 15 Jan 2024 11:24:16 +0000 Subject: [PATCH 546/600] zabbix: fix CVE-2023-32726 and CVE-2023-32727 CVE-2023-32726: The vulnerability is caused by improper check for check if RDLENGTH does not overflow the buffer in response from DNS server. CVE-2023-32727: An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. Refernces: https://nvd.nist.gov/vuln/detail/CVE-2023-32726 https://security-tracker.debian.org/tracker/CVE-2023-32726 https://nvd.nist.gov/vuln/detail/CVE-2023-32727 https://security-tracker.debian.org/tracker/CVE-2023-32727 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- .../zabbix/zabbix/CVE-2023-32726.patch | 160 +++++++++++++++ .../zabbix/zabbix/CVE-2023-32727_0001.patch | 193 ++++++++++++++++++ .../zabbix/zabbix/CVE-2023-32727_0002.patch | 49 +++++ .../zabbix/zabbix_5.4.12.bb | 3 + 4 files changed, 405 insertions(+) create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32726.patch create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0001.patch create mode 100644 meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32726.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32726.patch new file mode 100644 index 00000000000..b9c37bc045e --- /dev/null +++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32726.patch @@ -0,0 +1,160 @@ +From 53ef2b7119f57f4140e6bd9c5cd2d3c6af228179 Mon Sep 17 00:00:00 2001 +From: Armands Arseniuss Skolmeisters +Date: Thu, 11 Jan 2024 12:00:24 +0000 +Subject: [PATCH] ...G...... [DEV-2702] fixed buffer overread in DNS response + +* commit '893902999ab7f0b15cce91e8555cb251b32b6df4': + ...G...... [DEV-2702] fixed DNS record data length check + ...G...... [DEV-2702] improved DNS error messages + ...G...... [DEV-2702] fixed DNS error messages + ...G...... [DEV-2702] improved DNS error messages + ...G...... [DEV-2702] fixed buffer overread in DNS response + +CVE: CVE-2023-32726 +Upstream-Status: Backport [https://github.com/zabbix/zabbix/commit/53ef2b7119f57f4140e6bd9c5cd2d3c6af228179] + +Signed-off-by: Yogita Urade +--- + src/libs/zbxsysinfo/common/dns.c | 65 +++++++++++++++++++++++++++----- + 1 file changed, 56 insertions(+), 9 deletions(-) + +diff --git a/src/libs/zbxsysinfo/common/dns.c b/src/libs/zbxsysinfo/common/dns.c +index e8938d8..bf456f2 100644 +--- a/src/libs/zbxsysinfo/common/dns.c ++++ b/src/libs/zbxsysinfo/common/dns.c +@@ -638,7 +638,8 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + { + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, ++ "Cannot decode DNS response: cannot expand domain name.")); + ret = SYSINFO_RET_FAIL; + goto clean; + } +@@ -651,6 +652,13 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + GETSHORT(q_len, msg_ptr); + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %-8s", decode_type(q_type)); + ++ if (msg_ptr + q_len > msg_end) ++ { ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response: record overflow.")); ++ ret = SYSINFO_RET_FAIL; ++ goto clean; ++ } ++ + switch (q_type) + { + case T_A: +@@ -695,8 +703,40 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + case T_PTR: + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++#define ERR_MSG_PREFIX "Cannot decode DNS response: cannot expand " ++ const char *err_msg = NULL; ++ ++ switch (q_type) ++ { ++ case T_NS: ++ err_msg = ERR_MSG_PREFIX "name server name."; ++ break; ++ case T_CNAME: ++ err_msg = ERR_MSG_PREFIX "canonical name."; ++ break; ++ case T_MB: ++ err_msg = ERR_MSG_PREFIX "mailbox name."; ++ break; ++ case T_MD: ++ err_msg = ERR_MSG_PREFIX "mail destination name."; ++ break; ++ case T_MF: ++ err_msg = ERR_MSG_PREFIX "mail forwarder name."; ++ break; ++ case T_MG: ++ err_msg = ERR_MSG_PREFIX "mail group name."; ++ break; ++ case T_MR: ++ err_msg = ERR_MSG_PREFIX "renamed mailbox name."; ++ break; ++ case T_PTR: ++ err_msg = ERR_MSG_PREFIX "PTR name."; ++ break; ++ } ++ ++ SET_MSG_RESULT(result, zbx_strdup(NULL, err_msg)); + return SYSINFO_RET_FAIL; ++#undef ERR_MSG_PREFIX + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); + break; +@@ -706,7 +746,8 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* exchange */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand mail exchange name.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); +@@ -715,14 +756,16 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + case T_SOA: + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* source host */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand source nameserver name.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); + + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* administrator */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand administrator mailbox name.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); +@@ -750,7 +793,8 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + case T_WKS: + if (INT32SZ + 1 > q_len) + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " malformed WKS resource record.")); + return SYSINFO_RET_FAIL; + } + +@@ -816,14 +860,16 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + case T_MINFO: + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* mailbox responsible for mailing lists */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand mailbox responsible for mailing lists.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); + + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* mailbox for error messages */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand mailbox for error messages.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); +@@ -854,7 +900,8 @@ static int dns_query(AGENT_REQUEST *request, AGENT_RESULT *result, int short_ans + + if (NULL == (name = get_name(answer.buffer, msg_end, &msg_ptr))) /* target */ + { +- SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response.")); ++ SET_MSG_RESULT(result, zbx_strdup(NULL, "Cannot decode DNS response:" ++ " cannot expand service target hostname.")); + return SYSINFO_RET_FAIL; + } + offset += zbx_snprintf(buffer + offset, sizeof(buffer) - offset, " %s", name); +-- +2.40.0 diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0001.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0001.patch new file mode 100644 index 00000000000..5c1e0c5af6e --- /dev/null +++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0001.patch @@ -0,0 +1,193 @@ +From 93e090592fc6de7ec5d3d42c1bb9074ad1f3ba34 Mon Sep 17 00:00:00 2001 +From: Andris Zeila +Date: Fri, 12 Jan 2024 05:48:31 +0000 +Subject: [PATCH] .......PS. [DEV-2695] changed fping tests to read address + from file + +Merge in ZBX/zabbix from feature/DEV-2695-6.0 to release/6.0 + +* commit '6603893ff94620e28fc543d5d0d4c86b9be3342e': + .......PS. [DEV-2695] fixed signal blocking + .......PS. [DEV-2695] added target hostname/ip validation in fping feature tests + .......PS. [DEV-2695] added error messages when failed to prepare temporary file for fping tests + .......PS. [DEV-2695] changed fping tests to read address from file + +CVE: CVE-2023-32727 +Upstream-Status: BAckport [https://github.com/zabbix/zabbix/commit/93e090592fc6de7ec5d3d42c1bb9074ad1f3ba34] + +Signed-off-by: Yogita Urade +--- + src/libs/zbxicmpping/icmpping.c | 125 ++++++++++++++++++++++++++++---- + 1 file changed, 112 insertions(+), 13 deletions(-) + +diff --git a/src/libs/zbxicmpping/icmpping.c b/src/libs/zbxicmpping/icmpping.c +index 72f7e86..9a751b7 100644 +--- a/src/libs/zbxicmpping/icmpping.c ++++ b/src/libs/zbxicmpping/icmpping.c +@@ -59,6 +59,8 @@ static void get_source_ip_option(const char *fping, const char **option, unsigne + + zbx_snprintf(tmp, sizeof(tmp), "%s -h 2>&1", fping); + ++ zabbix_log(LOG_LEVEL_DEBUG, "executing %s", tmp); ++ + if (NULL == (f = popen(tmp, "r"))) + return; + +@@ -85,6 +87,110 @@ static void get_source_ip_option(const char *fping, const char **option, unsigne + *checked = 1; + } + ++/****************************************************************************** ++ * * ++ * Purpose: execute external program and return stdout and stderr values * ++ * * ++ * Parameters: fping - [IN] location of fping program * ++ * out - [OUT] stdout and stderr values * ++ * error - [OUT] error string if function fails * ++ * max_error_len - [IN] length of error buffer * ++ * * ++ * Return value: SUCCEED if processed successfully or FAIL otherwise * ++ * * ++ ******************************************************************************/ ++static int get_fping_out(const char *fping, const char *address, char **out, char *error, size_t max_error_len) ++{ ++ FILE *f; ++ size_t buf_size = 0, offset = 0, len; ++ ssize_t n; ++ char tmp[MAX_STRING_LEN], *buffer = NULL; ++ int ret = FAIL, fd; ++ sigset_t mask, orig_mask; ++ char filename[MAX_STRING_LEN]; ++ ++ if (FAIL == zbx_validate_hostname(address) && FAIL == is_supported_ip(address)) ++ { ++ zbx_strlcpy(error, "Invalid host name or IP address", max_error_len); ++ return FAIL; ++ } ++ ++ zbx_snprintf(filename, sizeof(filename), "%s/%s_XXXXXX", CONFIG_TMPDIR, progname); ++ if (-1 == (fd = mkstemp(filename))) ++ { ++ zbx_snprintf(error, max_error_len, "Cannot create temporary file \"%s\": %s", filename, ++ zbx_strerror(errno)); ++ ++ return FAIL; ++ } ++ ++ sigemptyset(&mask); ++ sigaddset(&mask, SIGINT); ++ sigaddset(&mask, SIGQUIT); ++ ++ len = strlen(address); ++ if (-1 == (n = write(fd, address, len))) ++ { ++ zbx_snprintf(error, max_error_len, "Cannot write address into temporary file: %s", zbx_strerror(errno)); ++ (void)close(fd); ++ goto out; ++ } ++ ++ if (n != (ssize_t)len) ++ { ++ zbx_strlcpy(error, "Cannot write full address into temporary file", max_error_len); ++ (void)close(fd); ++ goto out; ++ } ++ ++ if (-1 == close(fd)) ++ { ++ zbx_snprintf(error, max_error_len, "Cannot close temporary file: %s", zbx_strerror(errno)); ++ goto out; ++ } ++ ++ zbx_snprintf(tmp, sizeof(tmp), "%s 2>&1 < %s", fping, filename); ++ ++ if (0 > sigprocmask(SIG_BLOCK, &mask, &orig_mask)) ++ zbx_error("cannot set sigprocmask to block the user signal"); ++ ++ zabbix_log(LOG_LEVEL_DEBUG, "executing %s", tmp); ++ ++ if (NULL == (f = popen(tmp, "r"))) ++ { ++ zbx_strlcpy(error, zbx_strerror(errno), max_error_len); ++ goto out; ++ } ++ ++ while (NULL != zbx_fgets(tmp, sizeof(tmp), f)) ++ { ++ len = strlen(tmp); ++ ++ if (MAX_EXECUTE_OUTPUT_LEN < offset + len) ++ break; ++ ++ zbx_strncpy_alloc(&buffer, &buf_size, &offset, tmp, len); ++ } ++ ++ pclose(f); ++ ++ if (NULL == buffer) ++ { ++ zbx_strlcpy(error, "Cannot obtain the program output", max_error_len); ++ goto out; ++ } ++ ++ *out = buffer; ++ ret = SUCCEED; ++out: ++ unlink(filename); ++ ++ if (0 > sigprocmask(SIG_SETMASK, &orig_mask, NULL)) ++ zbx_error("cannot restore sigprocmask"); ++ ++ return ret; ++} ++ + /****************************************************************************** + * * + * Function: get_interval_option * +@@ -137,19 +243,12 @@ static int get_interval_option(const char *fping, ZBX_FPING_HOST *hosts, int hos + + zabbix_log(LOG_LEVEL_DEBUG, "testing fping interval %u ms", intervals[j]); + +- zbx_snprintf(tmp, sizeof(tmp), "%s -c1 -t50 -i%u %s", fping, intervals[j], dst); ++ zbx_snprintf(tmp, sizeof(tmp), "%s -c1 -t50 -i%u", fping, intervals[j]); + + zbx_free(out); + + /* call fping, ignore its exit code but mind execution failures */ +- if (TIMEOUT_ERROR == (ret_exec = zbx_execute(tmp, &out, err, sizeof(err), 1, +- ZBX_EXIT_CODE_CHECKS_DISABLED, NULL))) +- { +- zbx_snprintf(error, max_error_len, "Timeout while executing \"%s\"", tmp); +- goto out; +- } +- +- if (FAIL == ret_exec) ++ if (SUCCEED != (ret_exec = get_fping_out(tmp, dst, &out, err, sizeof(err)))) + { + zbx_snprintf(error, max_error_len, "Cannot execute \"%s\": %s", tmp, err); + goto out; +@@ -251,10 +350,10 @@ static int get_ipv6_support(const char * fping, const char *dst) + int ret; + char tmp[MAX_STRING_LEN], error[255], *out = NULL; + +- zbx_snprintf(tmp, sizeof(tmp), "%s -6 -c1 -t50 %s", fping, dst); ++ zbx_snprintf(tmp, sizeof(tmp), "%s -6 -c1 -t50", fping); + +- if ((SUCCEED == (ret = zbx_execute(tmp, &out, error, sizeof(error), 1, ZBX_EXIT_CODE_CHECKS_DISABLED, NULL)) && +- ZBX_KIBIBYTE > strlen(out) && NULL != strstr(out, dst)) || TIMEOUT_ERROR == ret) ++ if (SUCCEED == (ret = get_fping_out(tmp, dst, &out, error, sizeof(error)) && ++ ZBX_KIBIBYTE > strlen(out) && NULL != strstr(out, dst))) + { + ret = SUCCEED; + } +@@ -538,7 +637,7 @@ static int process_ping(ZBX_FPING_HOST *hosts, int hosts_count, int count, int i + + fclose(f); + +- zabbix_log(LOG_LEVEL_DEBUG, "%s", tmp); ++ zabbix_log(LOG_LEVEL_DEBUG, "executing %s", tmp); + + sigemptyset(&mask); + sigaddset(&mask, SIGINT); +-- +2.40.0 diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch new file mode 100644 index 00000000000..aabc675b6a8 --- /dev/null +++ b/meta-oe/recipes-connectivity/zabbix/zabbix/CVE-2023-32727_0002.patch @@ -0,0 +1,49 @@ +From 610f9fdbb86667f4094972547deb936c6cdfc6d5 Mon Sep 17 00:00:00 2001 +From: Andris Zeila +Date: Fri, 12 Jan 2024 06:06:02 +0000 +Subject: [PATCH] .......PS. [DEV-2695] removed group/all access flags for + fping temporary files + +Merge in ZBX/zabbix from feature/DEV-2695-6.5 to master + +* commit 'cf07db1d5c2b8fe4a9de85fed22cf05035e08914': + .......PS. [DEV-2695] remove group/all access flags when creating fping input file for testing fping features + +(cherry picked from commit cd12f0a2d89c3ef05f0e9f50dcb73fdaf3a7e8a9) + +CVE: CVE-2023-32727 +Upstream_Status: Backport [https://github.com/zabbix/zabbix/commit/610f9fdbb86667f4094972547deb936c6cdfc6d5] + +Signed-off-by: Yogita Urade +--- + src/libs/zbxicmpping/icmpping.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/src/libs/zbxicmpping/icmpping.c b/src/libs/zbxicmpping/icmpping.c +index 9a751b7..bab3d09 100644 +--- a/src/libs/zbxicmpping/icmpping.c ++++ b/src/libs/zbxicmpping/icmpping.c +@@ -108,6 +108,7 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha + int ret = FAIL, fd; + sigset_t mask, orig_mask; + char filename[MAX_STRING_LEN]; ++ mode_t mode; + + if (FAIL == zbx_validate_hostname(address) && FAIL == is_supported_ip(address)) + { +@@ -116,7 +117,12 @@ static int get_fping_out(const char *fping, const char *address, char **out, cha + } + + zbx_snprintf(filename, sizeof(filename), "%s/%s_XXXXXX", CONFIG_TMPDIR, progname); +- if (-1 == (fd = mkstemp(filename))) ++ ++ mode = umask(077); ++ fd = mkstemp(filename); ++ umask(mode); ++ ++ if (-1 == fd) + { + zbx_snprintf(error, max_error_len, "Cannot create temporary file \"%s\": %s", filename, + zbx_strerror(errno)); +-- +2.40.0 diff --git a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb index 9bed74b214d..2793f0ca5f9 100644 --- a/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb +++ b/meta-oe/recipes-connectivity/zabbix/zabbix_5.4.12.bb @@ -31,6 +31,9 @@ SRC_URI = "https://cdn.zabbix.com/zabbix/sources/stable/5.4/${BPN}-${PV}.tar.gz file://CVE-2023-29451.patch \ file://CVE-2023-29449.patch \ file://CVE-2023-29450.patch \ + file://CVE-2023-32726.patch \ + file://CVE-2023-32727_0001.patch \ + file://CVE-2023-32727_0002.patch \ " SRC_URI[md5sum] = "f295fd2df86143d72f6ff26e47d9e39e" From 2c3c2d25b6177b38464d766ead45cddde95278b3 Mon Sep 17 00:00:00 2001 From: virendra thakur Date: Mon, 15 Jan 2024 18:40:14 +0530 Subject: [PATCH 547/600] opensc: Fix CVE-2023-40660 Add patch file to fix CVE Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533] Signed-off-by: virendra thakur Signed-off-by: Armin Kuster --- .../opensc/opensc/CVE-2023-40660.patch | 55 +++++++++++++++++++ .../recipes-support/opensc/opensc_0.22.0.bb | 1 + 2 files changed, 56 insertions(+) create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch new file mode 100644 index 00000000000..74e547298f0 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40660.patch @@ -0,0 +1,55 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/868f76fb31255fd3fdacfc3e476452efeb61c3e7 +From: Frank Morgner +Date: Wed, 21 Jun 2023 12:27:23 +0200 +Subject: Fixed PIN authentication bypass + +If two processes are accessing a token, then one process may leave the +card usable with an authenticated PIN so that a key may sign/decrypt any +data. This is especially the case if the token does not support a way of +resetting the authentication status (logout). + +We have some tracking of the authentication status in software via +PKCS#11, Minidriver (os-wise) and CryptoTokenKit, which is why a +PIN-prompt will appear even though the card may technically be unlocked +as described in the above example. However, before this change, an empty +PIN was not verified (likely yielding an error during PIN-verification), +but it was just checked whether the PIN is authenticated. This defeats +the purpose of the PIN verification, because an empty PIN is not the +correct one. Especially during OS Logon, we don't want that kind of +shortcut, but we want the user to verify the correct PIN (even though +the token was left unattended and authentication at the computer). + +This essentially reverts commit e6f7373ef066cfab6e3162e8b5f692683db23864. + +CVE: CVE-2023-40660 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/940e8bc764047c873f88bb1396933a5368d03533] +Signed-off-by: Virendra Thakur +--- + src/libopensc/pkcs15-pin.c | 13 ------------- + 1 file changed, 13 deletions(-) + +diff --git a/src/libopensc/pkcs15-pin.c b/src/libopensc/pkcs15-pin.c +index 80a185fecd..393234efe4 100644 +--- a/src/libopensc/pkcs15-pin.c ++++ b/src/libopensc/pkcs15-pin.c +@@ -307,19 +307,6 @@ + LOG_FUNC_RETURN(ctx, SC_ERROR_INVALID_PIN_REFERENCE); + auth_info = (struct sc_pkcs15_auth_info *)pin_obj->data; + +- /* +- * if pin cache is disabled, we can get here with no PIN data. +- * in this case, to avoid error or unnecessary pin prompting on pinpad, +- * check if the PIN has been already verified and the access condition +- * is still open on card. +- */ +- if (pinlen == 0) { +- r = sc_pkcs15_get_pin_info(p15card, pin_obj); +- +- if (r == SC_SUCCESS && auth_info->logged_in == SC_PIN_STATE_LOGGED_IN) +- LOG_FUNC_RETURN(ctx, r); +- } +- + r = _validate_pin(p15card, auth_info, pinlen); + + if (r) + diff --git a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb index 3bb79b9d926..816d9a3a102 100644 --- a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb +++ b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb @@ -15,6 +15,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=cb8aedd3bced19bd8026d96a8b6876d7" SRCREV = "c902e1992195e00ada12d71beb1029287cd72037" SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ file://CVE-2023-2977.patch \ + file://CVE-2023-40660.patch \ " # CVE-2021-34193 is a duplicate CVE covering the 5 individual From d54a73ac5f714f04cbacb08935815234dffbaffe Mon Sep 17 00:00:00 2001 From: virendra thakur Date: Mon, 15 Jan 2024 18:40:15 +0530 Subject: [PATCH 548/600] opensc: Fix CVE-2023-40661 Add patch file to fix CVE Upstream-Status: Backport[https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] Signed-off-by: virendra thakur Signed-off-by: Armin Kuster --- .../opensc/opensc/CVE-2023-40661-1.patch | 47 +++++++++++++++++++ .../opensc/opensc/CVE-2023-40661-2.patch | 32 +++++++++++++ .../opensc/opensc/CVE-2023-40661-3.patch | 31 ++++++++++++ .../opensc/opensc/CVE-2023-40661-4.patch | 28 +++++++++++ .../opensc/opensc/CVE-2023-40661-5.patch | 30 ++++++++++++ .../opensc/opensc/CVE-2023-40661-6.patch | 30 ++++++++++++ .../opensc/opensc/CVE-2023-40661-7.patch | 40 ++++++++++++++++ .../recipes-support/opensc/opensc_0.22.0.bb | 7 +++ 8 files changed, 245 insertions(+) create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-1.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-2.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-3.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-5.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-6.patch create mode 100644 meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-7.patch diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-1.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-1.patch new file mode 100644 index 00000000000..3ecff558cfe --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-1.patch @@ -0,0 +1,47 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/245efe608d083fd4e4ec96793fdefd218e26fde7 +From: Jakub Jelen +Date: Thu, 17 Aug 2023 13:54:42 +0200 +Subject: pkcs15: Avoid buffer overflow when getting last update + +Thanks oss-fuzz + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60769 + +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. + +--- + src/libopensc/pkcs15.c | 16 +++++++++------- + 1 file changed, 9 insertions(+), 7 deletions(-) + +diff --git a/src/libopensc/pkcs15.c b/src/libopensc/pkcs15.c +index eb7fc6afcd..4215b733a8 100644 +--- a/src/libopensc/pkcs15.c ++++ b/src/libopensc/pkcs15.c +@@ -528,7 +528,7 @@ + struct sc_context *ctx = p15card->card->ctx; + struct sc_file *file = NULL; + struct sc_asn1_entry asn1_last_update[C_ASN1_LAST_UPDATE_SIZE]; +- unsigned char *content, last_update[32]; ++ unsigned char *content, last_update[32] = {0}; + size_t lupdate_len = sizeof(last_update) - 1; + int r, content_len; + size_t size; +@@ -564,9 +564,11 @@ + if (r < 0) + return NULL; + +- p15card->tokeninfo->last_update.gtime = strdup((char *)last_update); +- if (!p15card->tokeninfo->last_update.gtime) +- return NULL; ++ if (asn1_last_update[0].flags & SC_ASN1_PRESENT) { ++ p15card->tokeninfo->last_update.gtime = strdup((char *)last_update); ++ if (!p15card->tokeninfo->last_update.gtime) ++ return NULL; ++ } + done: + sc_log(ctx, "lastUpdate.gtime '%s'", p15card->tokeninfo->last_update.gtime); + return p15card->tokeninfo->last_update.gtime; + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-2.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-2.patch new file mode 100644 index 00000000000..39e729c5a9f --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-2.patch @@ -0,0 +1,32 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/440ca666eff10cc7011901252d20f3fc4ea23651 +From: Jakub Jelen +Date: Thu, 17 Aug 2023 13:41:36 +0200 +Subject: setcos: Avoid buffer underflow + +Thanks oss-fuzz + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60672 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/pkcs15init/pkcs15-setcos.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/pkcs15init/pkcs15-setcos.c b/src/pkcs15init/pkcs15-setcos.c +index 1b56afe6d9..1907b47f9d 100644 +--- a/src/pkcs15init/pkcs15-setcos.c ++++ b/src/pkcs15init/pkcs15-setcos.c +@@ -346,6 +346,10 @@ + + /* Replace the path of instantiated key template by the path from the object data. */ + memcpy(&file->path, &key_info->path, sizeof(file->path)); ++ if (file->path.len < 2) { ++ sc_file_free(file); ++ LOG_TEST_RET(ctx, SC_ERROR_INVALID_DATA, "Invalid path"); ++ } + file->id = file->path.value[file->path.len - 2] * 0x100 + + file->path.value[file->path.len - 1]; + + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-3.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-3.patch new file mode 100644 index 00000000000..7950cf91df2 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-3.patch @@ -0,0 +1,31 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/41d61da8481582e12710b5858f8b635e0a71ab5e +From: Jakub Jelen +Date: Wed, 20 Sep 2023 10:13:57 +0200 +Subject: oberthur: Avoid buffer overflow + +Thanks oss-fuzz + +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60650 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/pkcs15init/pkcs15-oberthur.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/pkcs15init/pkcs15-oberthur.c b/src/pkcs15init/pkcs15-oberthur.c +index ad2cabd530..c441ab1e76 100644 +--- a/src/pkcs15init/pkcs15-oberthur.c ++++ b/src/pkcs15init/pkcs15-oberthur.c +@@ -688,6 +688,9 @@ + if (object->type != SC_PKCS15_TYPE_PRKEY_RSA) + LOG_TEST_RET(ctx, SC_ERROR_NOT_SUPPORTED, "Create key failed: RSA only supported"); + ++ if (key_info->path.len < 2) ++ LOG_TEST_RET(ctx, SC_ERROR_OBJECT_NOT_VALID, "The path needs to be at least to bytes long"); ++ + sc_log(ctx, "create private key ID:%s", sc_pkcs15_print_id(&key_info->id)); + /* Here, the path of private key file should be defined. + * Nevertheless, we need to instantiate private key to get the ACLs. */ + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch new file mode 100644 index 00000000000..797f8ad3b18 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-4.patch @@ -0,0 +1,28 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/578aed8391ef117ca64a9e0cba8e5c264368a0ec +From: Frank Morgner +Date: Thu, 8 Dec 2022 00:27:18 +0100 +Subject: sc_pkcs15init_rmdir: prevent out of bounds write + +fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=53927 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/pkcs15init/pkcs15-lib.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/src/pkcs15init/pkcs15-lib.c b/src/pkcs15init/pkcs15-lib.c +index 91cee37310..3df03c6e1f 100644 +--- a/src/pkcs15init/pkcs15-lib.c ++++ b/src/pkcs15init/pkcs15-lib.c +@@ -666,6 +666,8 @@ + + path = df->path; + path.len += 2; ++ if (path.len > SC_MAX_PATH_SIZE) ++ return SC_ERROR_INTERNAL; + + nfids = r / 2; + while (r >= 0 && nfids--) { + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-5.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-5.patch new file mode 100644 index 00000000000..e173e655759 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-5.patch @@ -0,0 +1,30 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/c449a181a6988cc1e8dc8764d23574e48cdc3fa6 +From: =?UTF-8?q?Veronika=20Hanul=C3=ADkov=C3=A1?= +Date: Mon, 19 Jun 2023 16:14:51 +0200 +Subject: pkcs15-cflex: check path length to prevent underflow + +Thanks OSS-Fuzz +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=58932 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/pkcs15init/pkcs15-cflex.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/pkcs15init/pkcs15-cflex.c b/src/pkcs15init/pkcs15-cflex.c +index d06568073d..ce1d48e62c 100644 +--- a/src/pkcs15init/pkcs15-cflex.c ++++ b/src/pkcs15init/pkcs15-cflex.c +@@ -56,6 +56,9 @@ + int r = 0; + /* Select the parent DF */ + path = df->path; ++ if (path.len < 2) { ++ return SC_ERROR_INVALID_ARGUMENTS; ++ } + path.len -= 2; + r = sc_select_file(p15card->card, &path, &parent); + if (r < 0) + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-6.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-6.patch new file mode 100644 index 00000000000..abb524de29c --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-6.patch @@ -0,0 +1,30 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/df5a176bfdf8c52ba89c7fef1f82f6f3b9312bc1 +From: Veronika Hanulikova +Date: Fri, 10 Feb 2023 11:47:34 +0100 +Subject: Check array bounds + +Thanks OSS-Fuzz +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=54312 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/libopensc/muscle.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git a/src/libopensc/muscle.c b/src/libopensc/muscle.c +index 61a4ec24d8..9d01e0c113 100644 +--- a/src/libopensc/muscle.c ++++ b/src/libopensc/muscle.c +@@ -183,6 +183,9 @@ + sc_apdu_t apdu; + int r; + ++ if (dataLength + 9 > MSC_MAX_APDU) ++ return SC_ERROR_INVALID_ARGUMENTS; ++ + sc_format_apdu(card, &apdu, SC_APDU_CASE_3_SHORT, 0x54, 0x00, 0x00); + apdu.lc = dataLength + 9; + if (card->ctx->debug >= 2) + diff --git a/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-7.patch b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-7.patch new file mode 100644 index 00000000000..858a996ed76 --- /dev/null +++ b/meta-oe/recipes-support/opensc/opensc/CVE-2023-40661-7.patch @@ -0,0 +1,40 @@ +Origin: https://github.com/OpenSC/OpenSC/commit/5631e9843c832a99769def85b7b9b68b4e3e3959 +From: Veronika Hanulikova +Date: Fri, 3 Mar 2023 16:07:38 +0100 +Subject: Check length of string before making copy + +Thanks OSS-Fuzz +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55851 +https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=55998 +CVE: CVE-2023-40661 +Upstream-Status: Backport [https://salsa.debian.org/opensc-team/opensc/-/commit/8026fb4ca0ed53d970c6c497252eb264d4192d50] +Signed-off-by: Virendra Thakur +Comment: Hunk refreshed based on codebase. +--- + src/pkcs15init/profile.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/src/pkcs15init/profile.c b/src/pkcs15init/profile.c +index 2b793b0282..3bad1e8536 100644 +--- a/src/pkcs15init/profile.c ++++ b/src/pkcs15init/profile.c +@@ -1465,6 +1465,8 @@ + while (argc--) { + unsigned int op, method, id; + ++ if (strlen(*argv) >= sizeof(oper)) ++ goto bad; + strlcpy(oper, *argv++, sizeof(oper)); + if ((what = strchr(oper, '=')) == NULL) + goto bad; +@@ -2128,6 +2130,9 @@ + return get_uint(cur, value, type); + } + ++ if (strlen(value) >= sizeof(temp)) ++ return 1; ++ + n = strcspn(value, "0123456789x"); + strlcpy(temp, value, (sizeof(temp) > n) ? n + 1 : sizeof(temp)); + + diff --git a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb index 816d9a3a102..770c2d686bd 100644 --- a/meta-oe/recipes-support/opensc/opensc_0.22.0.bb +++ b/meta-oe/recipes-support/opensc/opensc_0.22.0.bb @@ -16,6 +16,13 @@ SRCREV = "c902e1992195e00ada12d71beb1029287cd72037" SRC_URI = "git://github.com/OpenSC/OpenSC;branch=master;protocol=https \ file://CVE-2023-2977.patch \ file://CVE-2023-40660.patch \ + file://CVE-2023-40661-1.patch \ + file://CVE-2023-40661-2.patch \ + file://CVE-2023-40661-3.patch \ + file://CVE-2023-40661-4.patch \ + file://CVE-2023-40661-5.patch \ + file://CVE-2023-40661-6.patch \ + file://CVE-2023-40661-7.patch \ " # CVE-2021-34193 is a duplicate CVE covering the 5 individual From 08d5b4bf9f61c888b1faaf9ee2f60ac7cc2da718 Mon Sep 17 00:00:00 2001 From: Joao Marcos Costa Date: Mon, 15 Jan 2024 17:00:53 +0100 Subject: [PATCH 549/600] xscreensaver: Add osuosl backup MIRROR old tarballs disappear from main location, use a backup location to fetch it in such cases. Signed-off-by: Khem Raj Signed-off-by: Joao Marcos Costa Backported from Nanbield (cherry-picked from commit 8d34444c749a466f35445fd4c2212b3fbdb8d844) Signed-off-by: Armin Kuster --- meta-oe/recipes-graphics/xscreensaver/xscreensaver_6.01.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-graphics/xscreensaver/xscreensaver_6.01.bb b/meta-oe/recipes-graphics/xscreensaver/xscreensaver_6.01.bb index 2ab52979496..a5271f08bd5 100644 --- a/meta-oe/recipes-graphics/xscreensaver/xscreensaver_6.01.bb +++ b/meta-oe/recipes-graphics/xscreensaver/xscreensaver_6.01.bb @@ -6,6 +6,8 @@ LIC_FILES_CHKSUM = "file://driver/xscreensaver.h;endline=10;md5=c3ce41cdff745eb1 SRC_URI = "https://www.jwz.org/${BPN}/${BP}.tar.gz" SRC_URI[sha256sum] = "085484665d91f60b4a1dedacd94bcf9b74b0fb096bcedc89ff1c245168e5473b" +MIRRORS += "https://www.jwz.org/${BPN} https://ftp.osuosl.org/pub/blfs/conglomeration/${BPN}" + SRC_URI += " \ file://xscreensaver.service \ file://0001-build-Do-not-build-po-files.patch \ From dbb7b798f96ab652628743ceb6c7eaa9b593121d Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Tue, 16 Jan 2024 14:11:25 +0000 Subject: [PATCH 550/600] samba: fix CVE-2018-14628 An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but unprivileged attacker could discover the names and preserved attributes of deleted objects in the LDAP store. Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2018-14628-0001.patch | 147 ++++++++++++++++++ .../samba/samba/CVE-2018-14628-0002.patch | 72 +++++++++ .../samba/samba/CVE-2018-14628-0003.patch | 106 +++++++++++++ .../samba/samba/CVE-2018-14628-0004.patch | 64 ++++++++ .../samba/samba/CVE-2018-14628-0005.patch | 98 ++++++++++++ .../samba/samba/CVE-2018-14628-0006.patch | 51 ++++++ .../samba/samba_4.14.14.bb | 6 + 7 files changed, 544 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0001.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0002.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0003.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0006.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0001.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0001.patch new file mode 100644 index 00000000000..d938e8cd667 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0001.patch @@ -0,0 +1,147 @@ +From cbbfc917b9635bc62825ea64a157028297f54fb7 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Fri, 29 Jan 2016 23:35:31 +0100 +Subject: [PATCH] CVE-2018-14628: python:descriptor: let samba-tool dbcheck fix + the nTSecurityDescriptor on CN=Deleted Objects containers + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 97e4aab1a6e2feda7c6c6fdeaa7c3e1818c55566) + +Autobuild-User(v4-18-test): Jule Anger +Autobuild-Date(v4-18-test): Mon Oct 23 09:52:22 UTC 2023 on atb-devel-224 + +CVE: CVE-2018-14628 + +Upstream-Status: Backport[https://github.com/samba-team/samba/commit/cbbfc917b9635bc62825ea64a157028297f54fb7] + +Signed-off-by: Archana Polampalli +--- + python/samba/dbchecker.py | 10 ++++++++-- + python/samba/descriptor.py | 15 ++++++++++++++- + testprogs/blackbox/dbcheck-links.sh | 12 ++++++++++++ + 3 files changed, 34 insertions(+), 3 deletions(-) + +diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py +index d10d765..d8c2341 100644 +--- a/python/samba/dbchecker.py ++++ b/python/samba/dbchecker.py +@@ -2433,7 +2433,7 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) + error_count += 1 + continue + +- if self.reset_well_known_acls: ++ if dn == deleted_objects_dn or self.reset_well_known_acls: + try: + well_known_sd = self.get_wellknown_sd(dn) + except KeyError: +@@ -2442,7 +2442,13 @@ newSuperior: %s""" % (str(from_dn), str(to_rdn), str(to_base))) + current_sd = ndr_unpack(security.descriptor, + obj[attrname][0]) + +- diff = get_diff_sds(well_known_sd, current_sd, security.dom_sid(self.samdb.get_domain_sid())) ++ ignoreAdditionalACEs = False ++ if not self.reset_well_known_acls: ++ ignoreAdditionalACEs = True ++ ++ diff = get_diff_sds(well_known_sd, current_sd, ++ security.dom_sid(self.samdb.get_domain_sid()), ++ ignoreAdditionalACEs=ignoreAdditionalACEs) + if diff != "": + self.err_wrong_default_sd(dn, well_known_sd, diff) + error_count += 1 +diff --git a/python/samba/descriptor.py b/python/samba/descriptor.py +index 0998348..08cfab0 100644 +--- a/python/samba/descriptor.py ++++ b/python/samba/descriptor.py +@@ -407,6 +407,7 @@ def get_wellknown_sds(samdb): + # Then subcontainers + subcontainers = [ + (ldb.Dn(samdb, "%s" % str(samdb.domain_dn())), get_domain_descriptor), ++ (ldb.Dn(samdb, "CN=Deleted Objects,%s" % str(samdb.domain_dn())), get_deletedobjects_descriptor), + (ldb.Dn(samdb, "CN=LostAndFound,%s" % str(samdb.domain_dn())), get_domain_delete_protected2_descriptor), + (ldb.Dn(samdb, "CN=System,%s" % str(samdb.domain_dn())), get_domain_delete_protected1_descriptor), + (ldb.Dn(samdb, "CN=Infrastructure,%s" % str(samdb.domain_dn())), get_domain_infrastructure_descriptor), +@@ -417,6 +418,7 @@ def get_wellknown_sds(samdb): + (ldb.Dn(samdb, "CN=MicrosoftDNS,CN=System,%s" % str(samdb.domain_dn())), get_dns_domain_microsoft_dns_descriptor), + + (ldb.Dn(samdb, "%s" % str(samdb.get_config_basedn())), get_config_descriptor), ++ (ldb.Dn(samdb, "CN=Deleted Objects,%s" % str(samdb.get_config_basedn())), get_deletedobjects_descriptor), + (ldb.Dn(samdb, "CN=NTDS Quotas,%s" % str(samdb.get_config_basedn())), get_config_ntds_quotas_descriptor), + (ldb.Dn(samdb, "CN=LostAndFoundConfig,%s" % str(samdb.get_config_basedn())), get_config_delete_protected1wd_descriptor), + (ldb.Dn(samdb, "CN=Services,%s" % str(samdb.get_config_basedn())), get_config_delete_protected1_descriptor), +@@ -441,6 +443,9 @@ def get_wellknown_sds(samdb): + if ldb.Dn(samdb, nc.decode('utf8')) == dnsforestdn: + c = (ldb.Dn(samdb, "%s" % str(dnsforestdn)), get_dns_partition_descriptor) + subcontainers.append(c) ++ c = (ldb.Dn(samdb, "CN=Deleted Objects,%s" % str(dnsforestdn)), ++ get_deletedobjects_descriptor) ++ subcontainers.append(c) + c = (ldb.Dn(samdb, "CN=Infrastructure,%s" % str(dnsforestdn)), + get_domain_delete_protected1_descriptor) + subcontainers.append(c) +@@ -456,6 +461,9 @@ def get_wellknown_sds(samdb): + if ldb.Dn(samdb, nc.decode('utf8')) == dnsdomaindn: + c = (ldb.Dn(samdb, "%s" % str(dnsdomaindn)), get_dns_partition_descriptor) + subcontainers.append(c) ++ c = (ldb.Dn(samdb, "CN=Deleted Objects,%s" % str(dnsdomaindn)), ++ get_deletedobjects_descriptor) ++ subcontainers.append(c) + c = (ldb.Dn(samdb, "CN=Infrastructure,%s" % str(dnsdomaindn)), + get_domain_delete_protected1_descriptor) + subcontainers.append(c) +@@ -548,7 +556,8 @@ def get_clean_sd(sd): + return sd_clean + + +-def get_diff_sds(refsd, cursd, domainsid, checkSacl=True): ++def get_diff_sds(refsd, cursd, domainsid, checkSacl=True, ++ ignoreAdditionalACEs=False): + """Get the difference between 2 sd + + This function split the textual representation of ACL into smaller +@@ -603,6 +612,10 @@ def get_diff_sds(refsd, cursd, domainsid, checkSacl=True): + h_ref.remove(k) + + if len(h_cur) + len(h_ref) > 0: ++ if txt == "" and len(h_ref) == 0: ++ if ignoreAdditionalACEs: ++ return "" ++ + txt = "%s\tPart %s is different between reference" \ + " and current here is the detail:\n" % (txt, part) + +diff --git a/testprogs/blackbox/dbcheck-links.sh b/testprogs/blackbox/dbcheck-links.sh +index f00fe46..06b24fb 100755 +--- a/testprogs/blackbox/dbcheck-links.sh ++++ b/testprogs/blackbox/dbcheck-links.sh +@@ -58,6 +58,16 @@ dbcheck() { + fi + } + ++dbcheck_acl_reset() ++{ ++ $PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --cross-ncs --fix --yes --attrs=nTSecurityDescriptor ++} ++ ++dbcheck_acl_clean() ++{ ++ $PYTHON $BINDIR/samba-tool dbcheck -H tdb://$PREFIX_ABS/${RELEASE}/private/sam.ldb --cross-ncs --attrs=nTSecurityDescriptor ++} ++ + dbcheck_dangling() { + dbcheck "" "1" "--selftest-check-expired-tombstones" + return $? +@@ -893,6 +903,8 @@ EOF + remove_directory $PREFIX_ABS/${RELEASE} + + testit $RELEASE undump || failed=`expr $failed + 1` ++testit_expect_failure "dbcheck_acl_reset" dbcheck_acl_reset || failed=$(expr $failed + 1) ++testit "dbcheck_acl_clean" dbcheck_acl_clean || failed=$(expr $failed + 1) + testit "add_two_more_users" add_two_more_users || failed=`expr $failed + 1` + testit "add_four_more_links" add_four_more_links || failed=`expr $failed + 1` + testit "remove_one_link" remove_one_link || failed=`expr $failed + 1` +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0002.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0002.patch new file mode 100644 index 00000000000..e3d45627a5e --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0002.patch @@ -0,0 +1,72 @@ +From f967b91da76f86a9feb4c1469fccfce93be8bc79 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Wed, 7 Jun 2023 18:18:58 +0200 +Subject: [PATCH] CVE-2018-14628: dbchecker: use get_deletedobjects_descriptor + for missing deleted objects container + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 70586061128f90afa33f25e104d4570a1cf778db) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport +[https://github.com/samba-team/samba/commit/f967b91da76f86a9feb4c1469fccfce93be8bc79] + +Signed-off-by: Archana Polampalli +--- + python/samba/dbchecker.py | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py +index d8c2341..35b6eeb 100644 +--- a/python/samba/dbchecker.py ++++ b/python/samba/dbchecker.py +@@ -21,7 +21,7 @@ from __future__ import print_function + import ldb + import samba + import time +-from base64 import b64decode ++from base64 import b64decode, b64encode + from samba import dsdb + from samba import common + from samba.dcerpc import misc +@@ -30,7 +30,11 @@ from samba.ndr import ndr_unpack, ndr_pack + from samba.dcerpc import drsblobs + from samba.samdb import dsdb_Dn + from samba.dcerpc import security +-from samba.descriptor import get_wellknown_sds, get_diff_sds ++from samba.descriptor import ( ++ get_wellknown_sds, ++ get_deletedobjects_descriptor, ++ get_diff_sds ++) + from samba.auth import system_session, admin_session + from samba.netcmd import CommandError + from samba.netcmd.fsmo import get_fsmo_roleowner +@@ -340,6 +344,11 @@ class dbcheck(object): + wko_prefix = "B:32:%s" % dsdb.DS_GUID_DELETED_OBJECTS_CONTAINER + listwko.append('%s:%s' % (wko_prefix, dn)) + guid_suffix = "" ++ ++ domain_sid = security.dom_sid(self.samdb.get_domain_sid()) ++ sec_desc = get_deletedobjects_descriptor(domain_sid, ++ name_map=self.name_map) ++ sec_desc_b64 = b64encode(sec_desc).decode('utf8') + + # Insert a brand new Deleted Objects container + self.samdb.add_ldif("""dn: %s +@@ -349,7 +358,8 @@ description: Container for deleted objects + isDeleted: TRUE + isCriticalSystemObject: TRUE + showInAdvancedViewOnly: TRUE +-systemFlags: -1946157056%s""" % (dn, guid_suffix), ++nTSecurityDescriptor:: %s ++systemFlags: -1946157056%s""" % (dn, sec_desc_b64, guid_suffix), + controls=["relax:0", "provision:0"]) + + delta = ldb.Message() +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0003.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0003.patch new file mode 100644 index 00000000000..df30e0c1066 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0003.patch @@ -0,0 +1,106 @@ +From edac27f5408191567233983562091484ebbbad0a Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Mon, 26 Jun 2023 15:14:24 +0200 +Subject: [PATCH] CVE-2018-14628: s4:dsdb: remove unused code in + dirsync_filter_entry() + +This makes the next change easier to understand. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 498542be0bbf4f26558573c1f87b77b8e3509371) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/edac27f5408191567233983562091484ebbbad0a] + +Signed-off-by: Archana Polampalli +--- + source4/dsdb/samdb/ldb_modules/dirsync.c | 53 +++--------------------- + 1 file changed, 5 insertions(+), 48 deletions(-) + +diff --git a/source4/dsdb/samdb/ldb_modules/dirsync.c b/source4/dsdb/samdb/ldb_modules/dirsync.c +index e61ade8..e7fb27f 100644 +--- a/source4/dsdb/samdb/ldb_modules/dirsync.c ++++ b/source4/dsdb/samdb/ldb_modules/dirsync.c +@@ -152,10 +152,6 @@ static int dirsync_filter_entry(struct ldb_request *req, + * list only the attribute that have been modified since last interogation + * + */ +- newmsg = ldb_msg_new(dsc->req); +- if (newmsg == NULL) { +- return ldb_oom(ldb); +- } + for (i = msg->num_elements - 1; i >= 0; i--) { + if (ldb_attr_cmp(msg->elements[i].name, "uSNChanged") == 0) { + int error = 0; +@@ -202,11 +198,6 @@ static int dirsync_filter_entry(struct ldb_request *req, + */ + return LDB_SUCCESS; + } +- newmsg->dn = ldb_dn_new(newmsg, ldb, ""); +- if (newmsg->dn == NULL) { +- return ldb_oom(ldb); +- } +- + el = ldb_msg_find_element(msg, "objectGUID"); + if ( el != NULL) { + guidfound = true; +@@ -217,48 +208,14 @@ static int dirsync_filter_entry(struct ldb_request *req, + * well will uncomment the code bellow + */ + SMB_ASSERT(guidfound == true); +- /* +- if (guidfound == false) { +- struct GUID guid; +- struct ldb_val *new_val; +- DATA_BLOB guid_blob; +- +- tmp[0] = '\0'; +- txt = strrchr(txt, ':'); +- if (txt == NULL) { +- return ldb_module_done(dsc->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); +- } +- txt++; +- +- status = GUID_from_string(txt, &guid); +- if (!NT_STATUS_IS_OK(status)) { +- return ldb_module_done(dsc->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); +- } +- +- status = GUID_to_ndr_blob(&guid, msg, &guid_blob); +- if (!NT_STATUS_IS_OK(status)) { +- return ldb_module_done(dsc->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); +- } +- +- new_val = talloc(msg, struct ldb_val); +- if (new_val == NULL) { +- return ldb_oom(ldb); +- } +- new_val->data = talloc_steal(new_val, guid_blob.data); +- new_val->length = guid_blob.length; +- if (ldb_msg_add_value(msg, "objectGUID", new_val, NULL) != 0) { +- return ldb_module_done(dsc->req, NULL, NULL, LDB_ERR_OPERATIONS_ERROR); +- } +- } +- */ +- ldb_msg_add(newmsg, el, LDB_FLAG_MOD_ADD); +- talloc_steal(newmsg->elements, el->name); +- talloc_steal(newmsg->elements, el->values); +- +- talloc_steal(newmsg->elements, msg); + return ldb_module_send_entry(dsc->req, msg, controls); + } + ++ newmsg = ldb_msg_new(dsc->req); ++ if (newmsg == NULL) { ++ return ldb_oom(ldb); ++ } ++ + ndr_err = ndr_pull_struct_blob(replMetaData, dsc, &rmd, + (ndr_pull_flags_fn_t)ndr_pull_replPropertyMetaDataBlob); + if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) { +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch new file mode 100644 index 00000000000..6fa4ef10dd6 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0004.patch @@ -0,0 +1,64 @@ +From 74a508b39e6fd5036a2adc99d559bd3852f8ce8d Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Fri, 29 Jan 2016 23:34:15 +0100 +Subject: [PATCH] CVE-2018-14628: s4:setup: set the correct + nTSecurityDescriptor on the CN=Deleted Objects container + +This revealed a bug in our dirsync code, so we mark +test_search_with_dirsync_deleted_objects as knownfail. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 7f8b15faa76d05023c987fac2c4c31f9ac61bb47) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/74a508b39e6fd5036a2adc99d559bd3852f8ce8d] + +Signed-off-by: Archana Polampalli +--- + source4/setup/provision.ldif | 1 + + source4/setup/provision_configuration.ldif | 1 + + source4/setup/provision_dnszones_add.ldif | 1 + + 3 files changed, 3 insertions(+) + +diff --git a/source4/setup/provision.ldif b/source4/setup/provision.ldif +index 5d9eba4..7f966fd 100644 +--- a/source4/setup/provision.ldif ++++ b/source4/setup/provision.ldif +@@ -34,6 +34,7 @@ isDeleted: TRUE + isCriticalSystemObject: TRUE + showInAdvancedViewOnly: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + # Computers located in "provision_computers*.ldif" + # Users/Groups located in "provision_users*.ldif" +diff --git a/source4/setup/provision_configuration.ldif b/source4/setup/provision_configuration.ldif +index 53c9c85..8fcbddb 100644 +--- a/source4/setup/provision_configuration.ldif ++++ b/source4/setup/provision_configuration.ldif +@@ -14,6 +14,7 @@ description: Container for deleted objects + isDeleted: TRUE + isCriticalSystemObject: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + # Extended rights + +diff --git a/source4/setup/provision_dnszones_add.ldif b/source4/setup/provision_dnszones_add.ldif +index 860aa4b..a2d6b6b 100644 +--- a/source4/setup/provision_dnszones_add.ldif ++++ b/source4/setup/provision_dnszones_add.ldif +@@ -8,6 +8,7 @@ description: Deleted objects + isDeleted: TRUE + isCriticalSystemObject: TRUE + systemFlags: -1946157056 ++nTSecurityDescriptor:: ${DELETEDOBJECTS_DESCRIPTOR} + + dn: CN=LostAndFound,${ZONE_DN} + objectClass: top +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch new file mode 100644 index 00000000000..b0a8ef2535f --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0005.patch @@ -0,0 +1,98 @@ +From 46a168c9a89e82ccaf8d27669d1ae5459f7becb9 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Fri, 29 Jan 2016 23:33:37 +0100 +Subject: [PATCH] CVE-2018-14628: python:provision: make + DELETEDOBJECTS_DESCRIPTOR available in the ldif files + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 0c329a0fda37d87ed737e4b579b6d04ec907604c) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport +[https://github.com/samba-team/samba/commit/46a168c9a89e82ccaf8d27669d1ae5459f7becb9] + +Signed-off-by: Archana Polampalli +--- + python/samba/provision/__init__.py | 5 +++++ + python/samba/provision/sambadns.py | 4 ++++ + 2 files changed, 9 insertions(+) + +diff --git a/python/samba/provision/__init__.py b/python/samba/provision/__init__.py +index e8903ad..0c52cc1 100644 +--- a/python/samba/provision/__init__.py ++++ b/python/samba/provision/__init__.py +@@ -79,6 +79,7 @@ from samba.provision.backend import ( + LDBBackend, + ) + from samba.descriptor import ( ++ get_deletedobjects_descriptor, + get_empty_descriptor, + get_config_descriptor, + get_config_partitions_descriptor, +@@ -1441,6 +1442,8 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + msg["subRefs"] = ldb.MessageElement(names.configdn, ldb.FLAG_MOD_ADD, + "subRefs") + ++ deletedobjects_descr = b64encode(get_deletedobjects_descriptor(names.domainsid)).decode('utf8') ++ + samdb.invocation_id = invocationid + + # If we are setting up a subdomain, then this has been replicated in, so we don't need to add it +@@ -1472,6 +1475,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + "FOREST_FUNCTIONALITY": str(forestFunctionality), + "DOMAIN_FUNCTIONALITY": str(domainFunctionality), + "NTDSQUOTAS_DESCRIPTOR": ntdsquotas_descr, ++ "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, + "LOSTANDFOUND_DESCRIPTOR": protected1wd_descr, + "SERVICES_DESCRIPTOR": protected1_descr, + "PHYSICALLOCATIONS_DESCRIPTOR": protected1wd_descr, +@@ -1536,6 +1540,7 @@ def fill_samdb(samdb, lp, names, logger, policyguid, + "RIDAVAILABLESTART": str(next_rid + 600), + "POLICYGUID_DC": policyguid_dc, + "INFRASTRUCTURE_DESCRIPTOR": infrastructure_desc, ++ "DELETEDOBJECTS_DESCRIPTOR": deletedobjects_descr, + "LOSTANDFOUND_DESCRIPTOR": lostandfound_desc, + "SYSTEM_DESCRIPTOR": system_desc, + "BUILTIN_DESCRIPTOR": builtin_desc, +diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py +index 8a5d8a9..61beb16 100644 +--- a/python/samba/provision/sambadns.py ++++ b/python/samba/provision/sambadns.py +@@ -41,6 +41,7 @@ from samba.dsdb import ( + DS_DOMAIN_FUNCTION_2016 + ) + from samba.descriptor import ( ++ get_deletedobjects_descriptor, + get_domain_descriptor, + get_domain_delete_protected1_descriptor, + get_domain_delete_protected2_descriptor, +@@ -245,6 +246,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + domainzone_dn = "DC=DomainDnsZones,%s" % domaindn + forestzone_dn = "DC=ForestDnsZones,%s" % forestdn + descriptor = get_dns_partition_descriptor(domainsid) ++ deletedobjects_desc = get_deletedobjects_descriptor(domainsid) + + setup_add_ldif(samdb, setup_path("provision_dnszones_partitions.ldif"), { + "ZONE_DN": domainzone_dn, +@@ -268,6 +270,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + "ZONE_DNS": domainzone_dns, + "CONFIGDN": configdn, + "SERVERDN": serverdn, ++ "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8'), + "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), + "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), + }) +@@ -288,6 +291,7 @@ def setup_dns_partitions(samdb, domainsid, domaindn, forestdn, configdn, + "ZONE_DNS": forestzone_dns, + "CONFIGDN": configdn, + "SERVERDN": serverdn, ++ "DELETEDOBJECTS_DESCRIPTOR": b64encode(deletedobjects_desc).decode('utf8') + "LOSTANDFOUND_DESCRIPTOR": b64encode(protected2_desc).decode('utf8'), + "INFRASTRUCTURE_DESCRIPTOR": b64encode(protected1_desc).decode('utf8'), + }) +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0006.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0006.patch new file mode 100644 index 00000000000..d92ad41df1e --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2018-14628-0006.patch @@ -0,0 +1,51 @@ +From e884fc791e59bd6ebd41b4a2ab7c9d7dc45415f4 Mon Sep 17 00:00:00 2001 +From: Stefan Metzmacher +Date: Fri, 29 Jan 2016 23:30:59 +0100 +Subject: [PATCH] CVE-2018-14628: python:descriptor: add + get_deletedobjects_descriptor() + +samba-tool drs clone-dc-database was quite useful to find +the true value of nTSecurityDescriptor of the CN=Delete Objects +containers. + +Only the auto inherited SACL is available via a ldap search. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 + +Signed-off-by: Stefan Metzmacher +Reviewed-by: Andrew Bartlett +(cherry picked from commit 3be190dcf7153e479383f7f3d29ddca43fe121b8) + +CVE: CVE-2018-14628 + +Upstream-Status: Backport +[https://github.com/samba-team/samba/commit/e884fc791e59bd6ebd41b4a2ab7c9d7dc45415f4] + +Signed-off-by: Archana Polampalli +--- + python/samba/descriptor.py | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/python/samba/descriptor.py b/python/samba/descriptor.py +index 08cfab0..0141f38 100644 +--- a/python/samba/descriptor.py ++++ b/python/samba/descriptor.py +@@ -52,6 +52,16 @@ def get_empty_descriptor(domain_sid, name_map={}): + # "get_schema_descriptor" is located in "schema.py" + + ++def get_deletedobjects_descriptor(domain_sid, name_map=None): ++ if name_map is None: ++ name_map = {} ++ ++ sddl = "O:SYG:SYD:PAI" \ ++ "(A;;RPWPCCDCLCRCWOWDSDSW;;;SY)" \ ++ "(A;;RPLC;;;BA)" ++ return sddl2binary(sddl, domain_sid, name_map) ++ ++ + def get_config_descriptor(domain_sid, name_map={}): + sddl = "O:EAG:EAD:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ + "(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ +-- +2.40.0 diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 17d12e4392f..6838ac12f2a 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -52,6 +52,12 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2023-4091-0001.patch \ file://CVE-2023-4091-0002.patch \ file://CVE-2023-42669.patch \ + file://CVE-2018-14628-0001.patch \ + file://CVE-2018-14628-0002.patch \ + file://CVE-2018-14628-0003.patch \ + file://CVE-2018-14628-0004.patch \ + file://CVE-2018-14628-0005.patch \ + file://CVE-2018-14628-0006.patch \ " SRC_URI:append:libc-musl = " \ From 8ce84b09e5877200e4dfaad6d0f8443fbcb6a954 Mon Sep 17 00:00:00 2001 From: Vijay Anusuri Date: Fri, 19 Jan 2024 08:56:19 +0530 Subject: [PATCH 551/600] libssh: Backport fix for CVE-2023-48795 Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/4cef5e965a46e9271aed62631b152e4bd23c1e3c & https://gitlab.com/libssh/libssh-mirror/-/commit/0870c8db28be9eb457ee3d4f9a168959d9507efd & https://gitlab.com/libssh/libssh-mirror/-/commit/5846e57538c750c5ce67df887d09fa99861c79c6] Signed-off-by: Vijay Anusuri Signed-off-by: Armin Kuster --- .../libssh/libssh/CVE-2023-48795-1.patch | 385 ++++++++++++++++++ .../libssh/libssh/CVE-2023-48795-2.patch | 126 ++++++ .../libssh/libssh/CVE-2023-48795-3.patch | 47 +++ .../recipes-support/libssh/libssh_0.8.9.bb | 3 + 4 files changed, 561 insertions(+) create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-1.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-2.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-3.patch diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-1.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-1.patch new file mode 100644 index 00000000000..413e5b3d114 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-1.patch @@ -0,0 +1,385 @@ +From 4cef5e965a46e9271aed62631b152e4bd23c1e3c Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis +Date: Tue, 12 Dec 2023 23:09:57 +0100 +Subject: [PATCH] CVE-2023-48795: client side mitigation + +Signed-off-by: Aris Adamantiadis +Signed-off-by: Jakub Jelen +Reviewed-by: Andreas Schneider + +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/4cef5e965a46e9271aed62631b152e4bd23c1e3c] +CVE: CVE-2023-48795 +Signed-off-by: Vijay Anusuri +--- + include/libssh/packet.h | 1 + + include/libssh/session.h | 6 +++++ + src/curve25519.c | 18 +++---------- + src/dh.c | 6 +---- + src/ecdh.c | 7 +---- + src/ecdh_crypto.c | 10 ++----- + src/ecdh_gcrypt.c | 10 +++---- + src/ecdh_mbedcrypto.c | 11 +++----- + src/kex.c | 34 ++++++++++++++++++++---- + src/packet.c | 56 +++++++++++++++++++++++++++++++++++++++- + src/packet_cb.c | 12 +++++++++ + 11 files changed, 118 insertions(+), 53 deletions(-) + +diff --git a/include/libssh/packet.h b/include/libssh/packet.h +index fbe09700..8800e16b 100644 +--- a/include/libssh/packet.h ++++ b/include/libssh/packet.h +@@ -63,6 +63,7 @@ SSH_PACKET_CALLBACK(ssh_packet_ext_info); + SSH_PACKET_CALLBACK(ssh_packet_kexdh_init); + #endif + ++int ssh_packet_send_newkeys(ssh_session session); + int ssh_packet_send_unimplemented(ssh_session session, uint32_t seqnum); + int ssh_packet_parse_type(ssh_session session); + //int packet_flush(ssh_session session, int enforce_blocking); +diff --git a/include/libssh/session.h b/include/libssh/session.h +index 23633cc2..b8810f54 100644 +--- a/include/libssh/session.h ++++ b/include/libssh/session.h +@@ -69,6 +69,12 @@ enum ssh_pending_call_e { + /* Client successfully authenticated */ + #define SSH_SESSION_FLAG_AUTHENTICATED 2 + ++/* The current SSH2 session implements the "strict KEX" feature and should behave ++ * differently on SSH2_MSG_NEWKEYS. */ ++#define SSH_SESSION_FLAG_KEX_STRICT 0x0010 ++/* Unexpected packets have been sent while the session was still unencrypted */ ++#define SSH_SESSION_FLAG_KEX_TAINTED 0x0020 ++ + /* codes to use with ssh_handle_packets*() */ + /* Infinite timeout */ + #define SSH_TIMEOUT_INFINITE -1 +diff --git a/src/curve25519.c b/src/curve25519.c +index 167209f4..6eda5feb 100644 +--- a/src/curve25519.c ++++ b/src/curve25519.c +@@ -166,12 +166,7 @@ int ssh_client_curve25519_reply(ssh_session session, ssh_buffer packet){ + } + + /* Send the MSG_NEWKEYS */ +- if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { +- goto error; +- } +- +- rc=ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); ++ rc = ssh_packet_send_newkeys(session); + return rc; + error: + return SSH_ERROR; +@@ -297,15 +292,10 @@ int ssh_server_curve25519_init(ssh_session session, ssh_buffer packet){ + return SSH_ERROR; + } + +- /* Send the MSG_NEWKEYS */ +- rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); +- if (rc < 0) { +- goto error; +- } +- + session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; +- rc = ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); ++ ++ /* Send the MSG_NEWKEYS */ ++ rc = ssh_packet_send_newkeys(session); + + return rc; + error: +diff --git a/src/dh.c b/src/dh.c +index cc12fd46..33883f2d 100644 +--- a/src/dh.c ++++ b/src/dh.c +@@ -735,11 +735,7 @@ int ssh_client_dh_reply(ssh_session session, ssh_buffer packet){ + } + + /* Send the MSG_NEWKEYS */ +- if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { +- goto error; +- } +- +- rc=ssh_packet_send(session); ++ rc = ssh_packet_send_newkeys(session); + SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); + return rc; + error: +diff --git a/src/ecdh.c b/src/ecdh.c +index f7fcaf13..1fef7ec9 100644 +--- a/src/ecdh.c ++++ b/src/ecdh.c +@@ -72,12 +72,7 @@ int ssh_client_ecdh_reply(ssh_session session, ssh_buffer packet){ + } + + /* Send the MSG_NEWKEYS */ +- if (ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS) < 0) { +- goto error; +- } +- +- rc=ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); ++ rc = ssh_packet_send_newkeys(session); + return rc; + error: + return SSH_ERROR; +diff --git a/src/ecdh_crypto.c b/src/ecdh_crypto.c +index 24f21c03..7e5f0cc7 100644 +--- a/src/ecdh_crypto.c ++++ b/src/ecdh_crypto.c +@@ -318,15 +318,9 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet){ + return SSH_ERROR; + } + +- /* Send the MSG_NEWKEYS */ +- rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); +- if (rc < 0) { +- return SSH_ERROR;; +- } +- + session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; +- rc = ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); ++ /* Send the MSG_NEWKEYS */ ++ rc = ssh_packet_send_newkeys(session); + + return rc; + } +diff --git a/src/ecdh_gcrypt.c b/src/ecdh_gcrypt.c +index e43cacea..c1db7f5d 100644 +--- a/src/ecdh_gcrypt.c ++++ b/src/ecdh_gcrypt.c +@@ -362,17 +362,13 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) { + goto out; + } + +- ++ session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; + /* Send the MSG_NEWKEYS */ +- rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); +- if (rc != SSH_OK) { ++ rc = ssh_packet_send_newkeys(session); ++ if (rc == SSH_ERROR) { + goto out; + } + +- session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; +- rc = ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); +- + out: + gcry_sexp_release(param); + gcry_sexp_release(key); +diff --git a/src/ecdh_mbedcrypto.c b/src/ecdh_mbedcrypto.c +index fa350028..24924508 100644 +--- a/src/ecdh_mbedcrypto.c ++++ b/src/ecdh_mbedcrypto.c +@@ -293,16 +293,13 @@ int ssh_server_ecdh_init(ssh_session session, ssh_buffer packet) + goto out; + } + +- rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); +- if (rc < 0) { +- rc = SSH_ERROR; ++ session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; ++ /* Send the MSG_NEWKEYS */ ++ rc = ssh_packet_send_newkeys(session); ++ if (rc == SSH_ERROR) { + goto out; + } + +- session->dh_handshake_state = DH_STATE_NEWKEYS_SENT; +- rc = ssh_packet_send(session); +- SSH_LOG(SSH_LOG_PROTOCOL, "SSH_MSG_NEWKEYS sent"); +- + out: + mbedtls_ecp_group_free(&grp); + return rc; +diff --git a/src/kex.c b/src/kex.c +index 82686e4b..7f1bb324 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -105,6 +105,9 @@ + + /* RFC 8308 */ + #define KEX_EXTENSION_CLIENT "ext-info-c" ++/* Strict kex mitigation against CVE-2023-48795 */ ++#define KEX_STRICT_CLIENT "kex-strict-c-v00@openssh.com" ++#define KEX_STRICT_SERVER "kex-strict-s-v00@openssh.com" + + /* NOTE: This is a fixed API and the index is defined by ssh_kex_types_e */ + static const char *default_methods[] = { +@@ -521,6 +524,27 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit){ + goto error; + } + ++ /* ++ * handle the "strict KEX" feature. If supported by peer, then set up the ++ * flag and verify packet sequence numbers. ++ */ ++ if (server_kex) { ++ ok = ssh_match_group(session->next_crypto->client_kex.methods[SSH_KEX], ++ KEX_STRICT_CLIENT); ++ if (ok) { ++ SSH_LOG(SSH_LOG_DEBUG, "Client supports strict kex, enabling."); ++ session->flags |= SSH_SESSION_FLAG_KEX_STRICT; ++ } ++ } else { ++ /* client kex */ ++ ok = ssh_match_group(session->next_crypto->server_kex.methods[SSH_KEX], ++ KEX_STRICT_SERVER); ++ if (ok) { ++ SSH_LOG(SSH_LOG_DEBUG, "Server supports strict kex, enabling."); ++ session->flags |= SSH_SESSION_FLAG_KEX_STRICT; ++ } ++ } ++ + /* + * If client sent a ext-info-c message in the kex list, it supports + * RFC 8308 extension negotiation. +@@ -778,21 +802,21 @@ int ssh_set_client_kex(ssh_session session) + return SSH_OK; + } + +- /* Here we append ext-info-c to the list of kex algorithms */ ++ /* Here we append ext-info-c and kex-strict-c-v00@openssh.com to the list of kex algorithms */ + kex = client->methods[SSH_KEX]; + len = strlen(kex); +- if (len + strlen(KEX_EXTENSION_CLIENT) + 2 < len) { ++ /* Comma, comma, nul byte */ ++ kex_len = len + 1 + strlen(KEX_EXTENSION_CLIENT) + 1 + strlen(KEX_STRICT_CLIENT ) + 1; ++ if (kex_len >= MAX_PACKET_LEN) { + /* Overflow */ + return SSH_ERROR; + } +- kex_len = len + strlen(KEX_EXTENSION_CLIENT) + 2; /* comma, NULL */ + kex_tmp = realloc(kex, kex_len); + if (kex_tmp == NULL) { +- free(kex); + ssh_set_error_oom(session); + return SSH_ERROR; + } +- snprintf(kex_tmp + len, kex_len - len, ",%s", KEX_EXTENSION_CLIENT); ++ snprintf(kex_tmp + len, kex_len - len, ",%s,%s", KEX_EXTENSION_CLIENT, KEX_STRICT_CLIENT); + client->methods[SSH_KEX] = kex_tmp; + + return SSH_OK; +diff --git a/src/packet.c b/src/packet.c +index 61a44237..8025a7ff 100644 +--- a/src/packet.c ++++ b/src/packet.c +@@ -1126,6 +1126,19 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) + } + #endif /* WITH_ZLIB */ + payloadsize = ssh_buffer_get_len(session->in_buffer); ++ if (session->recv_seq == UINT32_MAX) { ++ /* Overflowing sequence numbers is always fishy */ ++ if (session->current_crypto == NULL) { ++ /* don't allow sequence number overflow when unencrypted */ ++ ssh_set_error(session, ++ SSH_FATAL, ++ "Incoming sequence number overflow"); ++ goto error; ++ } else { ++ SSH_LOG(SSH_LOG_WARNING, ++ "Incoming sequence number overflow"); ++ } ++ } + session->recv_seq++; + if (session->raw_counter != NULL) { + session->raw_counter->in_bytes += payloadsize; +@@ -1141,7 +1154,19 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) + SSH_LOG(SSH_LOG_PACKET, + "packet: read type %hhd [len=%d,padding=%hhd,comp=%d,payload=%d]", + session->in_packet.type, packet_len, padding, compsize, payloadsize); +- ++ if (session->current_crypto == NULL) { ++ /* In strict kex, only a few packets are allowed. Taint the session ++ * if we received packets that are normally allowed but to be ++ * refused if we are in strict kex when KEX is over. ++ */ ++ uint8_t type = session->in_packet.type; ++ ++ if (type != SSH2_MSG_KEXINIT && type != SSH2_MSG_NEWKEYS && ++ (type < SSH2_MSG_KEXDH_INIT || ++ type > SSH2_MSG_KEX_DH_GEX_REQUEST)) { ++ session->flags |= SSH_SESSION_FLAG_KEX_TAINTED; ++ } ++ } + /* Check if the packet is expected */ + filter_result = ssh_packet_incoming_filter(session); + +@@ -1153,6 +1178,9 @@ int ssh_packet_socket_callback(const void *data, size_t receivedlen, void *user) + case SSH_PACKET_DENIED: + goto error; + case SSH_PACKET_UNKNOWN: ++ if (session->current_crypto == NULL) { ++ session->flags |= SSH_SESSION_FLAG_KEX_TAINTED; ++ } + ssh_packet_send_unimplemented(session, session->recv_seq - 1); + break; + } +@@ -1276,9 +1304,35 @@ void ssh_packet_process(ssh_session session, uint8_t type){ + if(r==SSH_PACKET_NOT_USED){ + SSH_LOG(SSH_LOG_RARE,"Couldn't do anything with packet type %d",type); + ssh_packet_send_unimplemented(session, session->recv_seq-1); ++ if (session->current_crypto == NULL) { ++ session->flags |= SSH_SESSION_FLAG_KEX_TAINTED; ++ } + } + } + ++/** @internal ++ * @brief sends a SSH_MSG_NEWKEYS when enabling the new negotiated ciphers ++ * @param session the SSH session ++ * @return SSH_ERROR on error, else SSH_OK ++ */ ++int ssh_packet_send_newkeys(ssh_session session) ++{ ++ int rc; ++ ++ /* Send the MSG_NEWKEYS */ ++ rc = ssh_buffer_add_u8(session->out_buffer, SSH2_MSG_NEWKEYS); ++ if (rc < 0) { ++ return rc; ++ } ++ ++ rc = ssh_packet_send(session); ++ if (rc == SSH_ERROR) { ++ return rc; ++ } ++ SSH_LOG(SSH_LOG_DEBUG, "SSH_MSG_NEWKEYS sent"); ++ return rc; ++} ++ + /** @internal + * @brief sends a SSH_MSG_UNIMPLEMENTED answer to an unhandled packet + * @param session the SSH session +diff --git a/src/packet_cb.c b/src/packet_cb.c +index 6aa64766..de03fb07 100644 +--- a/src/packet_cb.c ++++ b/src/packet_cb.c +@@ -154,6 +154,18 @@ SSH_PACKET_CALLBACK(ssh_packet_newkeys){ + goto error; + } + ++ if (session->flags & SSH_SESSION_FLAG_KEX_STRICT) { ++ /* reset packet sequence number when running in strict kex mode */ ++ session->recv_seq = 0; ++ /* Check that we aren't tainted */ ++ if (session->flags & SSH_SESSION_FLAG_KEX_TAINTED) { ++ ssh_set_error(session, ++ SSH_FATAL, ++ "Received unexpected packets in strict KEX mode."); ++ goto error; ++ } ++} ++ + if(session->server){ + /* server things are done in server.c */ + session->dh_handshake_state=DH_STATE_FINISHED; +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-2.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-2.patch new file mode 100644 index 00000000000..fe3300503f7 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-2.patch @@ -0,0 +1,126 @@ +From 0870c8db28be9eb457ee3d4f9a168959d9507efd Mon Sep 17 00:00:00 2001 +From: Aris Adamantiadis +Date: Tue, 12 Dec 2023 23:30:26 +0100 +Subject: [PATCH] CVE-2023-48795: Server side mitigations + +Signed-off-by: Aris Adamantiadis +Signed-off-by: Jakub Jelen +Reviewed-by: Andreas Schneider + +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/0870c8db28be9eb457ee3d4f9a168959d9507efd] +CVE: CVE-2023-48795 +Signed-off-by: Vijay Anusuri +--- + include/libssh/kex.h | 1 + + src/kex.c | 46 ++++++++++++++++++++++++++++++++++---------- + src/server.c | 8 +++++++- + 3 files changed, 44 insertions(+), 11 deletions(-) + +diff --git a/include/libssh/kex.h b/include/libssh/kex.h +index a626d105..2b1a74d5 100644 +--- a/include/libssh/kex.h ++++ b/include/libssh/kex.h +@@ -36,6 +36,7 @@ SSH_PACKET_CALLBACK(ssh_packet_kexinit); + int ssh_send_kex(ssh_session session, int server_kex); + void ssh_list_kex(struct ssh_kex_struct *kex); + int ssh_set_client_kex(ssh_session session); ++int ssh_kex_append_extensions(ssh_session session, struct ssh_kex_struct *pkex); + int ssh_kex_select_methods(ssh_session session); + int ssh_verify_existing_algo(enum ssh_kex_types_e algo, const char *name); + char *ssh_keep_known_algos(enum ssh_kex_types_e algo, const char *list); +diff --git a/src/kex.c b/src/kex.c +index 2ed90235..b03e6484 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -766,11 +766,8 @@ int ssh_set_client_kex(ssh_session session) + { + struct ssh_kex_struct *client= &session->next_crypto->client_kex; + const char *wanted; +- char *kex = NULL; +- char *kex_tmp = NULL; + int ok; + int i; +- size_t kex_len, len; + + ok = ssh_get_random(client->cookie, 16, 0); + if (!ok) { +@@ -802,11 +799,33 @@ int ssh_set_client_kex(ssh_session session) + return SSH_OK; + } + +- /* Here we append ext-info-c and kex-strict-c-v00@openssh.com to the list of kex algorithms */ +- kex = client->methods[SSH_KEX]; ++ ok = ssh_kex_append_extensions(session, client); ++ if (ok != SSH_OK){ ++ return ok; ++ } ++ ++ return SSH_OK; ++} ++ ++int ssh_kex_append_extensions(ssh_session session, struct ssh_kex_struct *pkex) ++{ ++ char *kex = NULL; ++ char *kex_tmp = NULL; ++ size_t kex_len, len; ++ ++ /* Here we append ext-info-c and kex-strict-c-v00@openssh.com for client ++ * and kex-strict-s-v00@openssh.com for server to the list of kex algorithms ++ */ ++ kex = pkex->methods[SSH_KEX]; + len = strlen(kex); +- /* Comma, comma, nul byte */ +- kex_len = len + 1 + strlen(KEX_EXTENSION_CLIENT) + 1 + strlen(KEX_STRICT_CLIENT ) + 1; ++ if (session->server) { ++ /* Comma, nul byte */ ++ kex_len = len + 1 + strlen(KEX_STRICT_SERVER) + 1; ++ } else { ++ /* Comma, comma, nul byte */ ++ kex_len = len + 1 + strlen(KEX_EXTENSION_CLIENT) + 1 + ++ strlen(KEX_STRICT_CLIENT) + 1; ++ } + if (kex_len >= MAX_PACKET_LEN) { + /* Overflow */ + return SSH_ERROR; +@@ -816,9 +835,16 @@ int ssh_set_client_kex(ssh_session session) + ssh_set_error_oom(session); + return SSH_ERROR; + } +- snprintf(kex_tmp + len, kex_len - len, ",%s,%s", KEX_EXTENSION_CLIENT, KEX_STRICT_CLIENT); +- client->methods[SSH_KEX] = kex_tmp; +- ++ if (session->server){ ++ snprintf(kex_tmp + len, kex_len - len, ",%s", KEX_STRICT_SERVER); ++ } else { ++ snprintf(kex_tmp + len, ++ kex_len - len, ++ ",%s,%s", ++ KEX_EXTENSION_CLIENT, ++ KEX_STRICT_CLIENT); ++ } ++ pkex->methods[SSH_KEX] = kex_tmp; + return SSH_OK; + } + +diff --git a/src/server.c b/src/server.c +index bc98da4f..f3d24a7b 100644 +--- a/src/server.c ++++ b/src/server.c +@@ -158,7 +158,13 @@ static int server_set_kex(ssh_session session) { + } + } + +- return 0; ++ /* Do not append the extensions during rekey */ ++ if (session->flags & SSH_SESSION_FLAG_AUTHENTICATED) { ++ return SSH_OK; ++ } ++ ++ rc = ssh_kex_append_extensions(session, server); ++ return rc; + } + + int ssh_server_init_kex(ssh_session session) { +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-3.patch b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-3.patch new file mode 100644 index 00000000000..1635a4c2dc4 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/CVE-2023-48795-3.patch @@ -0,0 +1,47 @@ +From 5846e57538c750c5ce67df887d09fa99861c79c6 Mon Sep 17 00:00:00 2001 +From: Jakub Jelen +Date: Thu, 14 Dec 2023 12:22:01 +0100 +Subject: [PATCH] CVE-2023-48795: Strip extensions from both kex lists for + matching + +Signed-off-by: Jakub Jelen +Reviewed-by: Andreas Schneider + +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/5846e57538c750c5ce67df887d09fa99861c79c6] +CVE: CVE-2023-48795 +Signed-off-by: Vijay Anusuri +--- + src/kex.c | 16 ++++++++++++---- + 1 file changed, 12 insertions(+), 4 deletions(-) + +diff --git a/src/kex.c b/src/kex.c +index b03e6484..c100d908 100644 +--- a/src/kex.c ++++ b/src/kex.c +@@ -857,11 +857,19 @@ int ssh_kex_select_methods (ssh_session session){ + char *ext_start = NULL; + int i; + +- /* Here we should drop the ext-info-c from the list so we avoid matching. ++ /* Here we should drop the extensions from the list so we avoid matching. + * it. We added it to the end, so we can just truncate the string here */ +- ext_start = strstr(client->methods[SSH_KEX], ","KEX_EXTENSION_CLIENT); +- if (ext_start != NULL) { +- ext_start[0] = '\0'; ++ if (session->client) { ++ ext_start = strstr(client->methods[SSH_KEX], "," KEX_EXTENSION_CLIENT); ++ if (ext_start != NULL) { ++ ext_start[0] = '\0'; ++ } ++ } ++ if (session->server) { ++ ext_start = strstr(server->methods[SSH_KEX], "," KEX_STRICT_SERVER); ++ if (ext_start != NULL) { ++ ext_start[0] = '\0'; ++ } + } + + for (i = 0; i < KEX_METHODS_SIZE; i++) { +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb index 061f13912fb..530dda1f4a4 100644 --- a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb +++ b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb @@ -8,6 +8,9 @@ DEPENDS = "zlib openssl" SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable-0.8 \ file://CVE-2020-16135.patch \ + file://CVE-2023-48795-1.patch \ + file://CVE-2023-48795-2.patch \ + file://CVE-2023-48795-3.patch \ " SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8" From 306837707cdb7dd0809e3c80790468a208307add Mon Sep 17 00:00:00 2001 From: Changqing Li Date: Tue, 23 Jan 2024 18:32:58 +0100 Subject: [PATCH 552/600] linuxptp: fix do_compile error with make 4.4, linuxptp do_compile will failed with error: In file included from clock.c:35: missing.h:61:9: error: redeclaration of enumerator 'HWTSTAMP_TX_ONESTEP_P2P' 61 | HWTSTAMP_TX_ONESTEP_P2P = 3, | ^~~~~~~~~~~~~~~~~~~~~~~ In file included from clock.c:21: /buildarea2/WRLCD_Regression/Rerun/build_dir/11201532-build_scp_world_Feature_Test/qemux86-64-standard-std-OE/build/tmp-glibc/work/core2-64-wrs-linux/linuxptp/3.1.1-r0/recipe-sysroot/usr/include/linux/net_tstamp.h:128:9: note: previous definition of 'HWTSTAMP_TX_ONESTEP_P2P' with type 'enum hwtstamp_tx_types' 128 | HWTSTAMP_TX_ONESTEP_P2P, | Following change of make 4.4 changes behavior of shell function: * WARNING: Backward-incompatibility! Previously makefile variables marked as export were not exported to commands started by the $(shell ...) function. Now, all exported variables are exported to $(shell ...). Signed-off-by: Changqing Li Signed-off-by: Khem Raj Backport of commit 05c1003c4 ("linuxptp: fix do_compile error"). This is present in dunfell/kirkstone as well. If net_tstamp.h of the build host disagrees with net_tstamp.h of the OE kernel or I remove the build host's net_tstamp.h do_compile fails. Changed Upstream Status to Backport with the git sha as the commit is now applied upstream. Signed-off-by: Max Krummenacher Signed-off-by: Armin Kuster --- ...ditional-assignment-for-KBUILD_OUTPU.patch | 42 +++++++++++++++++++ .../linuxptp/linuxptp_3.1.1.bb | 1 + 2 files changed, 43 insertions(+) create mode 100644 meta-oe/recipes-connectivity/linuxptp/linuxptp/0001-makefile-use-conditional-assignment-for-KBUILD_OUTPU.patch diff --git a/meta-oe/recipes-connectivity/linuxptp/linuxptp/0001-makefile-use-conditional-assignment-for-KBUILD_OUTPU.patch b/meta-oe/recipes-connectivity/linuxptp/linuxptp/0001-makefile-use-conditional-assignment-for-KBUILD_OUTPU.patch new file mode 100644 index 00000000000..83bdae858f2 --- /dev/null +++ b/meta-oe/recipes-connectivity/linuxptp/linuxptp/0001-makefile-use-conditional-assignment-for-KBUILD_OUTPU.patch @@ -0,0 +1,42 @@ +From dfd38cb29c0768692f886d3ab9158bd2b3132582 Mon Sep 17 00:00:00 2001 +From: Changqing Li +Date: Tue, 22 Nov 2022 15:20:48 +0800 +Subject: [PATCH] makefile: use conditional assignment for KBUILD_OUTPUT + +Refer [1],from make 4.4, all variables that are marked as export will +also be passed to the shell started by the shell function. use "=" will +make KBUILD_OUTPUT always empty for shell function, use "?=" to make +"export KBUILD_OUTPUT" in enrironment can work. + +[snip of 4.4 NEWS] +* WARNING: Backward-incompatibility! + Previously makefile variables marked as export were not exported to commands + started by the $(shell ...) function. Now, all exported variables are + exported to $(shell ...). +[snip] + +[1] https://git.savannah.gnu.org/cgit/make.git/tree/NEWS?h=4.4&id=ed493f6c9116cc217b99c2cfa6a95f15803235a2#n74 + +Upstream-Status: Backport [d3dd51ba611802d7cbb28631cb943cb882fa4aac] + +Signed-off-by: Changqing Li +--- + makefile | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/makefile b/makefile +index 529d8a0..3db60fa 100644 +--- a/makefile ++++ b/makefile +@@ -15,7 +15,7 @@ + # with this program; if not, write to the Free Software Foundation, Inc., + # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +-KBUILD_OUTPUT = ++KBUILD_OUTPUT ?= + + DEBUG = + CC ?= $(CROSS_COMPILE)gcc +-- +2.25.1 + diff --git a/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb b/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb index 9c0f56e7369..9c8e649b1a5 100644 --- a/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb +++ b/meta-oe/recipes-connectivity/linuxptp/linuxptp_3.1.1.bb @@ -6,6 +6,7 @@ LIC_FILES_CHKSUM = "file://COPYING;md5=b234ee4d69f5fce4486a80fdaf4a4263" SRC_URI = "http://sourceforge.net/projects/linuxptp/files/v3.1/linuxptp-${PV}.tgz \ file://build-Allow-CC-and-prefix-to-be-overriden.patch \ file://Use-cross-cpp-in-incdefs.patch \ + file://0001-makefile-use-conditional-assignment-for-KBUILD_OUTPU.patch \ " UPSTREAM_CHECK_URI = "https://sourceforge.net/projects/linuxptp/files/" From c5008af2c57a215d3394af1e96b33fc173dd984e Mon Sep 17 00:00:00 2001 From: Archana Polampalli Date: Thu, 25 Jan 2024 10:04:43 +0000 Subject: [PATCH 553/600] samba: fix CVE-2023-0922 The Samba AD DC administration tool, when operating against a remote LDAP server, will by default send new or reset passwords over a signed-only connection. References: https://nvd.nist.gov/vuln/detail/CVE-2023-0922 Upstream patches: https://github.com/samba-team/samba/commit/04e5a7eb03a Signed-off-by: Archana Polampalli Signed-off-by: Armin Kuster --- .../samba/samba/CVE-2023-0922.patch | 111 ++++++++++++++++++ .../samba/samba_4.14.14.bb | 1 + 2 files changed, 112 insertions(+) create mode 100644 meta-networking/recipes-connectivity/samba/samba/CVE-2023-0922.patch diff --git a/meta-networking/recipes-connectivity/samba/samba/CVE-2023-0922.patch b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-0922.patch new file mode 100644 index 00000000000..b8cb06bee1c --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/CVE-2023-0922.patch @@ -0,0 +1,111 @@ +From 04e5a7eb03a1e913f34d77b7b6c2353b41ef546a Mon Sep 17 00:00:00 2001 +From: Rob van der Linde +Date: Mon, 27 Feb 2023 14:06:23 +1300 +Subject: [PATCH] CVE-2023-0922 set default ldap client sasl wrapping to seal + +This avoids sending new or reset passwords in the clear +(integrity protected only) from samba-tool in particular. + +BUG: https://bugzilla.samba.org/show_bug.cgi?id=15315 + +Signed-off-by: Rob van der Linde +Signed-off-by: Andrew Bartlett +Reviewed-by: Joseph Sutton + +CVE: CVE-2023-0922 + +Upstream-Status: Backport [https://github.com/samba-team/samba/commit/04e5a7eb03a] + +Signed-off-by: Archana Polampalli +--- + .../ldap/clientldapsaslwrapping.xml | 27 +++++++++---------- + lib/param/loadparm.c | 2 +- + python/samba/tests/auth_log.py | 2 +- + source3/param/loadparm.c | 2 +- + 4 files changed, 16 insertions(+), 17 deletions(-) + +diff --git a/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml b/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml +index 3152f06..21bd209 100644 +--- a/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml ++++ b/docs-xml/smbdotconf/ldap/clientldapsaslwrapping.xml +@@ -18,25 +18,24 @@ + + + +- This option is needed in the case of Domain Controllers enforcing +- the usage of signed LDAP connections (e.g. Windows 2000 SP3 or higher). +- LDAP sign and seal can be controlled with the registry key +- "HKLM\System\CurrentControlSet\Services\ +- NTDS\Parameters\LDAPServerIntegrity" +- on the Windows server side. +- ++ This option is needed firstly to secure the privacy of ++ administrative connections from samba-tool, ++ including in particular new or reset passwords for users. For ++ this reason the default is seal. + +- +- Depending on the used KRB5 library (MIT and older Heimdal versions) +- it is possible that the message "integrity only" is not supported. +- In this case, sign is just an alias for +- seal. ++ Additionally, winbindd and the ++ net tool can use LDAP to communicate with ++ Domain Controllers, so this option also controls the level of ++ privacy for those connections. All supported AD DC versions ++ will enforce the usage of at least signed LDAP connections by ++ default, so a value of at least sign is ++ required in practice. + + + +- The default value is sign. That implies synchronizing the time ++ The default value is seal. That implies synchronizing the time + with the KDC in the case of using Kerberos. + + +-sign ++seal + +diff --git a/lib/param/loadparm.c b/lib/param/loadparm.c +index 75687f5..d260691 100644 +--- a/lib/param/loadparm.c ++++ b/lib/param/loadparm.c +@@ -2970,7 +2970,7 @@ struct loadparm_context *loadparm_init(TALLOC_CTX *mem_ctx) + + lpcfg_do_global_parameter(lp_ctx, "ldap debug threshold", "10"); + +- lpcfg_do_global_parameter(lp_ctx, "client ldap sasl wrapping", "sign"); ++ lpcfg_do_global_parameter(lp_ctx, "client ldap sasl wrapping", "seal"); + + lpcfg_do_global_parameter(lp_ctx, "mdns name", "netbios"); + +diff --git a/python/samba/tests/auth_log.py b/python/samba/tests/auth_log.py +index 8ac76fe..d2db380 100644 +--- a/python/samba/tests/auth_log.py ++++ b/python/samba/tests/auth_log.py +@@ -471,7 +471,7 @@ class AuthLogTests(samba.tests.auth_log_base.AuthLogTestBase): + def isLastExpectedMessage(msg): + return (msg["type"] == "Authorization" and + msg["Authorization"]["serviceDescription"] == "LDAP" and +- msg["Authorization"]["transportProtection"] == "SIGN" and ++ msg["Authorization"]["transportProtection"] == "SEAL" and + msg["Authorization"]["authType"] == "krb5") + + self.samdb = SamDB(url="ldap://%s" % os.environ["SERVER"], +diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c +index a99ab35..c47c5f6 100644 +--- a/source3/param/loadparm.c ++++ b/source3/param/loadparm.c +@@ -754,7 +754,7 @@ static void init_globals(struct loadparm_context *lp_ctx, bool reinit_globals) + Globals.ldap_debug_level = 0; + Globals.ldap_debug_threshold = 10; + +- Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SIGN; ++ Globals.client_ldap_sasl_wrapping = ADS_AUTH_SASL_SEAL; + + Globals.ldap_server_require_strong_auth = + LDAP_SERVER_REQUIRE_STRONG_AUTH_YES; +-- +2.40.0 + diff --git a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb index 6838ac12f2a..2fb93be0a9b 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.14.14.bb @@ -58,6 +58,7 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://CVE-2018-14628-0004.patch \ file://CVE-2018-14628-0005.patch \ file://CVE-2018-14628-0006.patch \ + file://CVE-2023-0922.patch \ " SRC_URI:append:libc-musl = " \ From 182c4742c6f4f91ce51e66978f961ef2c2923bd5 Mon Sep 17 00:00:00 2001 From: Li Wang Date: Mon, 29 Jan 2024 14:23:28 +0800 Subject: [PATCH 554/600] radvd: add '--shell /sbin/nologin' to /etc/passwd the default setting USERADD_PARAM of yocto: -s /bin/sh follow redhat policy: radvd/redhat/systemd/radvd.spec useradd ... -s /sbin/nologin ... Signed-off-by: Li Wang Signed-off-by: Khem Raj Signed-off-by: Armin Kuster --- meta-networking/recipes-daemons/radvd/radvd.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-networking/recipes-daemons/radvd/radvd.inc b/meta-networking/recipes-daemons/radvd/radvd.inc index 219d88f4999..5da31b3f0e1 100644 --- a/meta-networking/recipes-daemons/radvd/radvd.inc +++ b/meta-networking/recipes-daemons/radvd/radvd.inc @@ -59,7 +59,7 @@ do_install:append () { USERADD_PACKAGES = "${PN}" GROUPADD_PARAM:${PN} = "--system nogroup" -USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/radvd/ -M -g nogroup radvd" +USERADD_PARAM:${PN} = "--system --home ${localstatedir}/run/radvd/ -M -g nogroup --shell /sbin/nologin radvd" pkg_postinst:${PN} () { if [ -z "$D" -a -x /etc/init.d/populate-volatile.sh ]; then From 5f46d71fca49dc6347dbf022e4f7ca1b262a082f Mon Sep 17 00:00:00 2001 From: Vijay Anusuri Date: Tue, 30 Jan 2024 10:45:51 +0530 Subject: [PATCH 555/600] wireshark: Fix for CVE-2023-4511 Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/ef9c79ae81b00a63aa8638076ec81dc9482972e9 Signed-off-by: Vijay Anusuri Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2023-4511.patch | 81 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 82 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-4511.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2023-4511.patch b/meta-networking/recipes-support/wireshark/files/CVE-2023-4511.patch new file mode 100644 index 00000000000..6a2f20163c3 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2023-4511.patch @@ -0,0 +1,81 @@ +From ef9c79ae81b00a63aa8638076ec81dc9482972e9 Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Thu, 10 Aug 2023 05:29:09 -0400 +Subject: [PATCH] btsdp: Keep offset advancing + +hf_data_element_value is a FT_NONE, so we can add the item with +the expected length and get_hfi_length() will adjust the length +without throwing an exception. There's no need to add it with +zero length and call proto_item_set_len. Also, don't increment +the offset by 0 instead of the real length when there isn't +enough data in the packet, as that can lead to failing to advance +the offset. + +When dissecting a sequence type (sequence or alternative) and +recursing into the sequence member, instead of using the main +packet tvb directly, create a subset using the indicated length +of the sequence. That will properly throw an exception if a +contained item is larger than the containing sequence, instead of +dissecting the same bytes as several different items (inside +the sequence recursively, as well in the outer loop.) + +Fix #19258 + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/ef9c79ae81b00a63aa8638076ec81dc9482972e9] +CVE: CVE-2023-4511 +Signed-off-by: Vijay Anusuri +--- + epan/dissectors/packet-btsdp.c | 15 ++++++++------- + 1 file changed, 8 insertions(+), 7 deletions(-) + +diff --git a/epan/dissectors/packet-btsdp.c b/epan/dissectors/packet-btsdp.c +index 397ece7..eb7f5fa 100644 +--- a/epan/dissectors/packet-btsdp.c ++++ b/epan/dissectors/packet-btsdp.c +@@ -1925,13 +1925,11 @@ dissect_data_element(proto_tree *tree, proto_tree **next_tree, + offset += len - length; + } + +- pitem = proto_tree_add_item(ptree, hf_data_element_value, tvb, offset, 0, ENC_NA); ++ pitem = proto_tree_add_item(ptree, hf_data_element_value, tvb, offset, length, ENC_NA); + if (length > tvb_reported_length_remaining(tvb, offset)) { + expert_add_info(pinfo, pitem, &ei_data_element_value_large); +- length = 0; +- } +- proto_item_set_len(pitem, length); +- if (length == 0) ++ proto_item_append_text(pitem, ": MISSING"); ++ } else if (length == 0) + proto_item_append_text(pitem, ": MISSING"); + + if (next_tree) *next_tree = proto_item_add_subtree(pitem, ett_btsdp_data_element_value); +@@ -3523,6 +3521,8 @@ dissect_sdp_type(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, + gint bytes_to_go = size; + gint first = 1; + wmem_strbuf_t *substr; ++ tvbuff_t *next_tvb = tvb_new_subset_length(tvb, offset, size); ++ gint next_offset = 0; + + ti = proto_tree_add_item(next_tree, (type == 6) ? hf_data_element_value_sequence : hf_data_element_value_alternative, + tvb, offset, size, ENC_NA); +@@ -3537,14 +3537,15 @@ dissect_sdp_type(proto_tree *tree, packet_info *pinfo, tvbuff_t *tvb, + first = 0; + } + +- size = dissect_sdp_type(st, pinfo, tvb, offset, attribute, service_uuid, ++ size = dissect_sdp_type(st, pinfo, next_tvb, next_offset, ++ attribute, service_uuid, + service_did_vendor_id, service_did_vendor_id_source, + service_hdp_data_exchange_specification, service_info, &substr); + if (size < 1) { + break; + } + wmem_strbuf_append_printf(info_buf, "%s ", wmem_strbuf_get_str(substr)); +- offset += size ; ++ next_offset += size; + bytes_to_go -= size; + } + +-- +2.25.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index f5e316d9dc1..41c363ad300 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -28,6 +28,7 @@ SRC_URI += " \ file://CVE-2023-1992.patch \ file://CVE-2022-4345.patch \ file://CVE-2024-0208.patch \ + file://CVE-2023-4511.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From f81b181933f33e477c3e81af7f238f0724c05d33 Mon Sep 17 00:00:00 2001 From: Vijay Anusuri Date: Wed, 31 Jan 2024 07:57:35 +0530 Subject: [PATCH 556/600] squid: backport Debian patch for CVE-2023-46728 and CVE-2023-46846 import patches from ubuntu to fix CVE-2023-46728 CVE-2023-46846 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa Upstream commit https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3 & https://github.com/squid-cache/squid/commit/417da4006cf5c97d44e74431b816fc58fec9e270 & https://github.com/squid-cache/squid/commit/05f6af2f4c85cc99323cfff6149c3d74af661b6d] Signed-off-by: Vijay Anusuri Signed-off-by: Armin Kuster --- .../squid/files/CVE-2023-46728.patch | 608 +++++++++ .../squid/files/CVE-2023-46846-pre1.patch | 1154 +++++++++++++++++ .../squid/files/CVE-2023-46846.patch | 169 +++ .../recipes-daemons/squid/squid_4.15.bb | 3 + 4 files changed, 1934 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-46728.patch create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-46846-pre1.patch create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-46846.patch diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-46728.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-46728.patch new file mode 100644 index 00000000000..b11721041e4 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-46728.patch @@ -0,0 +1,608 @@ +Partial backport of: + +From 6ea12e8fb590ac6959e9356a81aa3370576568c3 Mon Sep 17 00:00:00 2001 +From: Alex Rousskov +Date: Tue, 26 Jul 2022 15:05:54 +0000 +Subject: [PATCH] Remove support for Gopher protocol (#1092) + +Gopher code quality remains too low for production use in most +environments. The code is a persistent source of vulnerabilities and +fixing it requires significant effort. We should not be spending scarce +Project resources on improving that code, especially given the lack of +strong demand for Gopher support. + +With this change, Gopher requests will be handled like any other request +with an unknown (to Squid) protocol. For example, HTTP requests with +Gopher URI scheme result in ERR_UNSUP_REQ. + +Default Squid configuration still considers TCP port 70 "safe". The +corresponding Safe_ports ACL rule has not been removed for consistency +sake: We consider WAIS port safe even though Squid refuses to forward +WAIS requests: + + acl Safe_ports port 70 # gopher + acl Safe_ports port 210 # wais + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches/CVE-2023-46728.patch?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa +Upstream commit https://github.com/squid-cache/squid/commit/6ea12e8fb590ac6959e9356a81aa3370576568c3] +CVE: CVE-2023-46728 +Signed-off-by: Vijay Anusuri +--- + doc/Programming-Guide/Groups.dox | 5 - + doc/debug-sections.txt | 1 - + doc/manuals/de.po | 2 +- + doc/manuals/en.po | 2 +- + doc/manuals/en_AU.po | 2 +- + doc/manuals/es.po | 2 +- + doc/manuals/fr.po | 2 +- + doc/manuals/it.po | 2 +- + errors/af.po | 6 +- + errors/az.po | 6 +- + errors/bg.po | 6 +- + errors/ca.po | 6 +- + errors/cs.po | 6 +- + errors/da.po | 6 +- + errors/de.po | 6 +- + errors/el.po | 4 +- + errors/en.po | 6 +- + errors/errorpage.css | 2 +- + errors/es-mx.po | 3 +- + errors/es.po | 4 +- + errors/et.po | 6 +- + errors/fi.po | 7 +- + errors/fr.po | 6 +- + errors/he.po | 6 +- + errors/hu.po | 6 +- + errors/hy.po | 6 +- + errors/it.po | 4 +- + errors/ja.po | 6 +- + errors/ko.po | 6 +- + errors/lt.po | 6 +- + errors/lv.po | 6 +- + errors/nl.po | 6 +- + errors/pl.po | 6 +- + errors/pt-br.po | 6 +- + errors/pt.po | 6 +- + errors/ro.po | 4 +- + errors/ru.po | 6 +- + errors/sk.po | 6 +- + errors/sl.po | 6 +- + errors/sr-latn.po | 4 +- + errors/sv.po | 6 +- + errors/templates/ERR_UNSUP_REQ | 2 +- + errors/tr.po | 6 +- + errors/uk.po | 6 +- + errors/vi.po | 4 +- + errors/zh-hans.po | 6 +- + errors/zh-hant.po | 7 +- + src/FwdState.cc | 5 - + src/HttpRequest.cc | 6 - + src/IoStats.h | 2 +- + src/Makefile.am | 8 - + src/adaptation/ecap/Host.cc | 1 - + src/adaptation/ecap/MessageRep.cc | 2 - + src/anyp/ProtocolType.h | 1 - + src/anyp/Uri.cc | 1 - + src/anyp/UriScheme.cc | 3 - + src/cf.data.pre | 5 +- + src/client_side_request.cc | 4 - + src/error/forward.h | 2 +- + src/gopher.cc | 993 ----------------------- + src/gopher.h | 29 - + src/http/Message.h | 1 - + src/mgr/IoAction.cc | 3 - + src/mgr/IoAction.h | 2 - + src/squid.8.in | 2 +- + src/stat.cc | 19 - + src/tests/Stub.am | 1 - + src/tests/stub_gopher.cc | 17 - + test-suite/squidconf/regressions-3.4.0.1 | 1 - + 69 files changed, 88 insertions(+), 1251 deletions(-) + delete mode 100644 src/gopher.cc + delete mode 100644 src/gopher.h + delete mode 100644 src/tests/stub_gopher.cc + +--- a/src/FwdState.cc ++++ b/src/FwdState.cc +@@ -28,7 +28,6 @@ + #include "fde.h" + #include "FwdState.h" + #include "globals.h" +-#include "gopher.h" + #include "hier_code.h" + #include "http.h" + #include "http/Stream.h" +@@ -1004,10 +1003,6 @@ FwdState::dispatch() + httpStart(this); + break; + +- case AnyP::PROTO_GOPHER: +- gopherStart(this); +- break; +- + case AnyP::PROTO_FTP: + if (request->flags.ftpNative) + Ftp::StartRelay(this); +--- a/src/HttpRequest.cc ++++ b/src/HttpRequest.cc +@@ -18,7 +18,6 @@ + #include "Downloader.h" + #include "err_detail_type.h" + #include "globals.h" +-#include "gopher.h" + #include "http.h" + #include "http/one/RequestParser.h" + #include "http/Stream.h" +@@ -556,11 +555,6 @@ HttpRequest::maybeCacheable() + return false; + break; + +- case AnyP::PROTO_GOPHER: +- if (!gopherCachable(this)) +- return false; +- break; +- + case AnyP::PROTO_CACHE_OBJECT: + return false; + +--- a/src/IoStats.h ++++ b/src/IoStats.h +@@ -22,7 +22,7 @@ public: + int writes; + int write_hist[histSize]; + } +- Http, Ftp, Gopher; ++ Http, Ftp; + }; + + #endif /* SQUID_IOSTATS_H_ */ +--- a/src/Makefile.am ++++ b/src/Makefile.am +@@ -306,8 +306,6 @@ squid_SOURCES = \ + FwdState.h \ + Generic.h \ + globals.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + helper.h \ + hier_code.h \ +@@ -1259,8 +1257,6 @@ tests_testCacheManager_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + hier_code.h \ + helper.cc \ + $(HTCPSOURCE) \ +@@ -1678,8 +1674,6 @@ tests_testEvent_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -1914,8 +1908,6 @@ tests_testEventLoop_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -2145,8 +2137,6 @@ tests_test_http_range_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -2461,8 +2451,6 @@ tests_testHttpRequest_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -3307,8 +3295,6 @@ tests_testURL_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +--- a/src/adaptation/ecap/Host.cc ++++ b/src/adaptation/ecap/Host.cc +@@ -49,7 +49,6 @@ Adaptation::Ecap::Host::Host() + libecap::protocolHttp.assignHostId(AnyP::PROTO_HTTP); + libecap::protocolHttps.assignHostId(AnyP::PROTO_HTTPS); + libecap::protocolFtp.assignHostId(AnyP::PROTO_FTP); +- libecap::protocolGopher.assignHostId(AnyP::PROTO_GOPHER); + libecap::protocolWais.assignHostId(AnyP::PROTO_WAIS); + libecap::protocolUrn.assignHostId(AnyP::PROTO_URN); + libecap::protocolWhois.assignHostId(AnyP::PROTO_WHOIS); +--- a/src/adaptation/ecap/MessageRep.cc ++++ b/src/adaptation/ecap/MessageRep.cc +@@ -140,8 +140,6 @@ Adaptation::Ecap::FirstLineRep::protocol + return libecap::protocolHttps; + case AnyP::PROTO_FTP: + return libecap::protocolFtp; +- case AnyP::PROTO_GOPHER: +- return libecap::protocolGopher; + case AnyP::PROTO_WAIS: + return libecap::protocolWais; + case AnyP::PROTO_WHOIS: +--- a/src/anyp/ProtocolType.h ++++ b/src/anyp/ProtocolType.h +@@ -27,7 +27,6 @@ typedef enum { + PROTO_HTTPS, + PROTO_COAP, + PROTO_COAPS, +- PROTO_GOPHER, + PROTO_WAIS, + PROTO_CACHE_OBJECT, + PROTO_ICP, +--- a/src/anyp/Uri.cc ++++ b/src/anyp/Uri.cc +@@ -852,8 +852,6 @@ urlCheckRequest(const HttpRequest * r) + if (r->method == Http::METHOD_PUT) + rc = 1; + +- case AnyP::PROTO_GOPHER: +- + case AnyP::PROTO_WAIS: + + case AnyP::PROTO_WHOIS: +--- a/src/anyp/UriScheme.cc ++++ b/src/anyp/UriScheme.cc +@@ -87,9 +87,6 @@ AnyP::UriScheme::defaultPort() const + // Assuming IANA policy of allocating same port for base and TLS protocol versions will occur. + return 5683; + +- case AnyP::PROTO_GOPHER: +- return 70; +- + case AnyP::PROTO_WAIS: + return 210; + +--- a/src/client_side_request.cc ++++ b/src/client_side_request.cc +@@ -33,7 +33,6 @@ + #include "fd.h" + #include "fde.h" + #include "format/Token.h" +-#include "gopher.h" + #include "helper.h" + #include "helper/Reply.h" + #include "http.h" +@@ -965,9 +964,6 @@ clientHierarchical(ClientHttpRequest * h + if (request->url.getScheme() == AnyP::PROTO_HTTP) + return method.respMaybeCacheable(); + +- if (request->url.getScheme() == AnyP::PROTO_GOPHER) +- return gopherCachable(request); +- + if (request->url.getScheme() == AnyP::PROTO_CACHE_OBJECT) + return 0; + +--- a/src/err_type.h ++++ b/src/err_type.h +@@ -65,7 +65,7 @@ typedef enum { + ERR_GATEWAY_FAILURE, + + /* Special Cases */ +- ERR_DIR_LISTING, /* Display of remote directory (FTP, Gopher) */ ++ ERR_DIR_LISTING, /* Display of remote directory (FTP) */ + ERR_SQUID_SIGNATURE, /* not really an error */ + ERR_SHUTTING_DOWN, + ERR_PROTOCOL_UNKNOWN, +--- a/src/HttpMsg.h ++++ b/src/HttpMsg.h +@@ -38,7 +38,6 @@ public: + srcFtp = 1 << (16 + 1), ///< ftp_port or FTP server + srcIcap = 1 << (16 + 2), ///< traditional ICAP service without encryption + srcEcap = 1 << (16 + 3), ///< eCAP service that uses insecure libraries/daemons +- srcGopher = 1 << (16 + 14), ///< Gopher server + srcWhois = 1 << (16 + 15), ///< Whois server + srcUnsafe = 0xFFFF0000, ///< Unsafe sources mask + srcSafe = 0x0000FFFF ///< Safe sources mask +--- a/src/mgr/IoAction.cc ++++ b/src/mgr/IoAction.cc +@@ -35,9 +35,6 @@ Mgr::IoActionData::operator += (const Io + ftp_reads += stats.ftp_reads; + for (int i = 0; i < IoStats::histSize; ++i) + ftp_read_hist[i] += stats.ftp_read_hist[i]; +- gopher_reads += stats.gopher_reads; +- for (int i = 0; i < IoStats::histSize; ++i) +- gopher_read_hist[i] += stats.gopher_read_hist[i]; + + return *this; + } +--- a/src/mgr/IoAction.h ++++ b/src/mgr/IoAction.h +@@ -27,10 +27,8 @@ public: + public: + double http_reads; + double ftp_reads; +- double gopher_reads; + double http_read_hist[IoStats::histSize]; + double ftp_read_hist[IoStats::histSize]; +- double gopher_read_hist[IoStats::histSize]; + }; + + /// implement aggregated 'io' action +--- a/src/stat.cc ++++ b/src/stat.cc +@@ -206,12 +206,6 @@ GetIoStats(Mgr::IoActionData& stats) + for (i = 0; i < IoStats::histSize; ++i) { + stats.ftp_read_hist[i] = IOStats.Ftp.read_hist[i]; + } +- +- stats.gopher_reads = IOStats.Gopher.reads; +- +- for (i = 0; i < IoStats::histSize; ++i) { +- stats.gopher_read_hist[i] = IOStats.Gopher.read_hist[i]; +- } + } + + void +@@ -245,19 +239,6 @@ DumpIoStats(Mgr::IoActionData& stats, St + } + + storeAppendPrintf(sentry, "\n"); +- storeAppendPrintf(sentry, "Gopher I/O\n"); +- storeAppendPrintf(sentry, "number of reads: %.0f\n", stats.gopher_reads); +- storeAppendPrintf(sentry, "Read Histogram:\n"); +- +- for (i = 0; i < IoStats::histSize; ++i) { +- storeAppendPrintf(sentry, "%5d-%5d: %9.0f %2.0f%%\n", +- i ? (1 << (i - 1)) + 1 : 1, +- 1 << i, +- stats.gopher_read_hist[i], +- Math::doublePercent(stats.gopher_read_hist[i], stats.gopher_reads)); +- } +- +- storeAppendPrintf(sentry, "\n"); + } + + static const char * +--- a/src/Makefile.in ++++ b/src/Makefile.in +@@ -263,7 +263,7 @@ am__squid_SOURCES_DIST = AclRegs.cc Auth + ExternalACL.h ExternalACLEntry.cc ExternalACLEntry.h \ + FadingCounter.h FadingCounter.cc fatal.h fatal.cc fd.h fd.cc \ + fde.cc fde.h FileMap.h filemap.cc fqdncache.h fqdncache.cc \ +- FwdState.cc FwdState.h Generic.h globals.h gopher.h gopher.cc \ ++ FwdState.cc FwdState.h Generic.h globals.h \ + helper.cc helper.h hier_code.h HierarchyLogEntry.h htcp.cc \ + htcp.h http.cc http.h HttpHeaderFieldStat.h HttpHdrCc.h \ + HttpHdrCc.cc HttpHdrCc.cci HttpHdrRange.cc HttpHdrSc.cc \ +@@ -352,7 +352,7 @@ am_squid_OBJECTS = $(am__objects_1) Acce + EventLoop.$(OBJEXT) external_acl.$(OBJEXT) \ + ExternalACLEntry.$(OBJEXT) FadingCounter.$(OBJEXT) \ + fatal.$(OBJEXT) fd.$(OBJEXT) fde.$(OBJEXT) filemap.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpHdrCc.$(OBJEXT) HttpHdrRange.$(OBJEXT) HttpHdrSc.$(OBJEXT) \ + HttpHdrScTarget.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \ +@@ -539,7 +539,7 @@ am__tests_testCacheManager_SOURCES_DIST + tests/stub_ETag.cc event.cc external_acl.cc \ + ExternalACLEntry.cc fatal.h tests/stub_fatal.cc fd.h fd.cc \ + fde.cc FileMap.h filemap.cc fqdncache.h fqdncache.cc \ +- FwdState.cc FwdState.h gopher.h gopher.cc hier_code.h \ ++ FwdState.cc FwdState.h hier_code.h \ + helper.cc htcp.cc htcp.h http.cc HttpBody.h HttpBody.cc \ + HttpHeader.h HttpHeader.cc HttpHeaderFieldInfo.h \ + HttpHeaderTools.h HttpHeaderTools.cc HttpHeaderFieldStat.h \ +@@ -594,7 +594,7 @@ am_tests_testCacheManager_OBJECTS = Acce + event.$(OBJEXT) external_acl.$(OBJEXT) \ + ExternalACLEntry.$(OBJEXT) tests/stub_fatal.$(OBJEXT) \ + fd.$(OBJEXT) fde.$(OBJEXT) filemap.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpBody.$(OBJEXT) HttpHeader.$(OBJEXT) \ + HttpHeaderTools.$(OBJEXT) HttpHdrCc.$(OBJEXT) \ +@@ -838,7 +838,7 @@ am__tests_testEvent_SOURCES_DIST = Acces + EventLoop.h EventLoop.cc external_acl.cc ExternalACLEntry.cc \ + FadingCounter.cc fatal.h tests/stub_fatal.cc fd.h fd.cc fde.cc \ + FileMap.h filemap.cc fqdncache.h fqdncache.cc FwdState.cc \ +- FwdState.h gopher.h gopher.cc helper.cc hier_code.h htcp.cc \ ++ FwdState.h helper.cc hier_code.h htcp.cc \ + htcp.h http.cc HttpBody.h HttpBody.cc \ + tests/stub_HttpControlMsg.cc HttpHeader.h HttpHeader.cc \ + HttpHeaderFieldInfo.h HttpHeaderTools.h HttpHeaderTools.cc \ +@@ -891,7 +891,7 @@ am_tests_testEvent_OBJECTS = AccessLogEn + external_acl.$(OBJEXT) ExternalACLEntry.$(OBJEXT) \ + FadingCounter.$(OBJEXT) tests/stub_fatal.$(OBJEXT) \ + fd.$(OBJEXT) fde.$(OBJEXT) filemap.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpBody.$(OBJEXT) tests/stub_HttpControlMsg.$(OBJEXT) \ + HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \ +@@ -975,8 +975,8 @@ am__tests_testEventLoop_SOURCES_DIST = A + tests/stub_ETag.cc EventLoop.h EventLoop.cc event.cc \ + external_acl.cc ExternalACLEntry.cc FadingCounter.cc fatal.h \ + tests/stub_fatal.cc fd.h fd.cc fde.cc FileMap.h filemap.cc \ +- fqdncache.h fqdncache.cc FwdState.cc FwdState.h gopher.h \ +- gopher.cc helper.cc hier_code.h htcp.cc htcp.h http.cc \ ++ fqdncache.h fqdncache.cc FwdState.cc FwdState.h \ ++ helper.cc hier_code.h htcp.cc htcp.h http.cc \ + HttpBody.h HttpBody.cc tests/stub_HttpControlMsg.cc \ + HttpHeader.h HttpHeader.cc HttpHeaderFieldInfo.h \ + HttpHeaderTools.h HttpHeaderTools.cc HttpHeaderFieldStat.h \ +@@ -1029,7 +1029,7 @@ am_tests_testEventLoop_OBJECTS = AccessL + external_acl.$(OBJEXT) ExternalACLEntry.$(OBJEXT) \ + FadingCounter.$(OBJEXT) tests/stub_fatal.$(OBJEXT) \ + fd.$(OBJEXT) fde.$(OBJEXT) filemap.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpBody.$(OBJEXT) tests/stub_HttpControlMsg.$(OBJEXT) \ + HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \ +@@ -1187,7 +1187,7 @@ am__tests_testHttpRequest_SOURCES_DIST = + fs_io.cc dlink.h dlink.cc dns_internal.cc errorpage.cc \ + tests/stub_ETag.cc external_acl.cc ExternalACLEntry.cc fatal.h \ + tests/stub_fatal.cc fd.h fd.cc fde.cc fqdncache.h fqdncache.cc \ +- FwdState.cc FwdState.h gopher.h gopher.cc helper.cc \ ++ FwdState.cc FwdState.h helper.cc \ + hier_code.h htcp.cc htcp.h http.cc HttpBody.h HttpBody.cc \ + tests/stub_HttpControlMsg.cc HttpHeader.h HttpHeader.cc \ + HttpHeaderFieldInfo.h HttpHeaderTools.h HttpHeaderTools.cc \ +@@ -1243,7 +1243,7 @@ am_tests_testHttpRequest_OBJECTS = Acces + $(am__objects_4) errorpage.$(OBJEXT) tests/stub_ETag.$(OBJEXT) \ + external_acl.$(OBJEXT) ExternalACLEntry.$(OBJEXT) \ + tests/stub_fatal.$(OBJEXT) fd.$(OBJEXT) fde.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpBody.$(OBJEXT) tests/stub_HttpControlMsg.$(OBJEXT) \ + HttpHeader.$(OBJEXT) HttpHeaderTools.$(OBJEXT) \ +@@ -1670,8 +1670,8 @@ am__tests_testURL_SOURCES_DIST = AccessL + fs_io.cc dlink.h dlink.cc dns_internal.cc errorpage.cc ETag.cc \ + event.cc external_acl.cc ExternalACLEntry.cc fatal.h \ + tests/stub_fatal.cc fd.h fd.cc fde.cc FileMap.h filemap.cc \ +- fqdncache.h fqdncache.cc FwdState.cc FwdState.h gopher.h \ +- gopher.cc helper.cc hier_code.h htcp.cc htcp.h http.cc \ ++ fqdncache.h fqdncache.cc FwdState.cc FwdState.h \ ++ helper.cc hier_code.h htcp.cc htcp.h http.cc \ + HttpBody.h HttpBody.cc tests/stub_HttpControlMsg.cc \ + HttpHeaderFieldStat.h HttpHdrCc.h HttpHdrCc.cc HttpHdrCc.cci \ + HttpHdrContRange.cc HttpHdrRange.cc HttpHdrSc.cc \ +@@ -1725,7 +1725,7 @@ am_tests_testURL_OBJECTS = AccessLogEntr + event.$(OBJEXT) external_acl.$(OBJEXT) \ + ExternalACLEntry.$(OBJEXT) tests/stub_fatal.$(OBJEXT) \ + fd.$(OBJEXT) fde.$(OBJEXT) filemap.$(OBJEXT) \ +- fqdncache.$(OBJEXT) FwdState.$(OBJEXT) gopher.$(OBJEXT) \ ++ fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ + helper.$(OBJEXT) $(am__objects_5) http.$(OBJEXT) \ + HttpBody.$(OBJEXT) tests/stub_HttpControlMsg.$(OBJEXT) \ + HttpHdrCc.$(OBJEXT) HttpHdrContRange.$(OBJEXT) \ +@@ -1925,8 +1925,8 @@ am__tests_test_http_range_SOURCES_DIST = + dns_internal.cc errorpage.cc tests/stub_ETag.cc event.cc \ + FadingCounter.cc fatal.h tests/stub_libauth.cc \ + tests/stub_fatal.cc fd.h fd.cc fde.cc FileMap.h filemap.cc \ +- fqdncache.h fqdncache.cc FwdState.cc FwdState.h gopher.h \ +- gopher.cc helper.cc hier_code.h htcp.cc htcp.h http.cc \ ++ fqdncache.h fqdncache.cc FwdState.cc FwdState.h \ ++ helper.cc hier_code.h htcp.cc htcp.h http.cc \ + HttpBody.h HttpBody.cc tests/stub_HttpControlMsg.cc \ + HttpHeaderFieldStat.h HttpHdrCc.h HttpHdrCc.cc HttpHdrCc.cci \ + HttpHdrContRange.cc HttpHdrRange.cc HttpHdrSc.cc \ +@@ -1979,7 +1979,7 @@ am_tests_test_http_range_OBJECTS = Acces + FadingCounter.$(OBJEXT) tests/stub_libauth.$(OBJEXT) \ + tests/stub_fatal.$(OBJEXT) fd.$(OBJEXT) fde.$(OBJEXT) \ + filemap.$(OBJEXT) fqdncache.$(OBJEXT) FwdState.$(OBJEXT) \ +- gopher.$(OBJEXT) helper.$(OBJEXT) $(am__objects_5) \ ++ helper.$(OBJEXT) $(am__objects_5) \ + http.$(OBJEXT) HttpBody.$(OBJEXT) \ + tests/stub_HttpControlMsg.$(OBJEXT) HttpHdrCc.$(OBJEXT) \ + HttpHdrContRange.$(OBJEXT) HttpHdrRange.$(OBJEXT) \ +@@ -2131,7 +2131,7 @@ am__depfiles_remade = ./$(DEPDIR)/Access + ./$(DEPDIR)/external_acl.Po ./$(DEPDIR)/fatal.Po \ + ./$(DEPDIR)/fd.Po ./$(DEPDIR)/fde.Po ./$(DEPDIR)/filemap.Po \ + ./$(DEPDIR)/fqdncache.Po ./$(DEPDIR)/fs_io.Po \ +- ./$(DEPDIR)/globals.Po ./$(DEPDIR)/gopher.Po \ ++ ./$(DEPDIR)/globals.Po \ + ./$(DEPDIR)/helper.Po ./$(DEPDIR)/hier_code.Po \ + ./$(DEPDIR)/htcp.Po ./$(DEPDIR)/http.Po \ + ./$(DEPDIR)/icp_opcode.Po ./$(DEPDIR)/icp_v2.Po \ +@@ -3043,7 +3043,7 @@ squid_SOURCES = $(ACL_REGISTRATION_SOURC + ExternalACL.h ExternalACLEntry.cc ExternalACLEntry.h \ + FadingCounter.h FadingCounter.cc fatal.h fatal.cc fd.h fd.cc \ + fde.cc fde.h FileMap.h filemap.cc fqdncache.h fqdncache.cc \ +- FwdState.cc FwdState.h Generic.h globals.h gopher.h gopher.cc \ ++ FwdState.cc FwdState.h Generic.h globals.h \ + helper.cc helper.h hier_code.h HierarchyLogEntry.h \ + $(HTCPSOURCE) http.cc http.h HttpHeaderFieldStat.h HttpHdrCc.h \ + HttpHdrCc.cc HttpHdrCc.cci HttpHdrRange.cc HttpHdrSc.cc \ +@@ -3708,8 +3708,6 @@ tests_testCacheManager_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + hier_code.h \ + helper.cc \ + $(HTCPSOURCE) \ +@@ -4134,8 +4132,6 @@ tests_testEvent_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -4371,8 +4367,6 @@ tests_testEventLoop_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -4604,8 +4598,6 @@ tests_test_http_range_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -4924,8 +4916,6 @@ tests_testHttpRequest_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -5777,8 +5767,6 @@ tests_testURL_SOURCES = \ + fqdncache.cc \ + FwdState.cc \ + FwdState.h \ +- gopher.h \ +- gopher.cc \ + helper.cc \ + hier_code.h \ + $(HTCPSOURCE) \ +@@ -6823,7 +6811,6 @@ distclean-compile: + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fqdncache.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fs_io.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/globals.Po@am__quote@ # am--include-marker +-@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gopher.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/helper.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/hier_code.Po@am__quote@ # am--include-marker + @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/htcp.Po@am__quote@ # am--include-marker +@@ -7804,7 +7791,6 @@ distclean: distclean-recursive + -rm -f ./$(DEPDIR)/fqdncache.Po + -rm -f ./$(DEPDIR)/fs_io.Po + -rm -f ./$(DEPDIR)/globals.Po +- -rm -f ./$(DEPDIR)/gopher.Po + -rm -f ./$(DEPDIR)/helper.Po + -rm -f ./$(DEPDIR)/hier_code.Po + -rm -f ./$(DEPDIR)/htcp.Po +@@ -8129,7 +8115,6 @@ maintainer-clean: maintainer-clean-recur + -rm -f ./$(DEPDIR)/fqdncache.Po + -rm -f ./$(DEPDIR)/fs_io.Po + -rm -f ./$(DEPDIR)/globals.Po +- -rm -f ./$(DEPDIR)/gopher.Po + -rm -f ./$(DEPDIR)/helper.Po + -rm -f ./$(DEPDIR)/hier_code.Po + -rm -f ./$(DEPDIR)/htcp.Po diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-46846-pre1.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-46846-pre1.patch new file mode 100644 index 00000000000..5b4e370d497 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-46846-pre1.patch @@ -0,0 +1,1154 @@ +Backport of: + +From 417da4006cf5c97d44e74431b816fc58fec9e270 Mon Sep 17 00:00:00 2001 +From: Eduard Bagdasaryan +Date: Mon, 18 Mar 2019 17:48:21 +0000 +Subject: [PATCH] Fix incremental parsing of chunked quoted extensions (#310) + +Before this change, incremental parsing of quoted chunked extensions +was broken for two reasons: + +* Http::One::Parser::skipLineTerminator() unexpectedly threw after + partially received quoted chunk extension value. + +* When Http::One::Tokenizer was unable to parse a quoted extension, + it incorrectly restored the input buffer to the beginning of the + extension value (instead of the extension itself), thus making + further incremental parsing iterations impossible. + +IMO, the reason for this problem was that Http::One::Tokenizer::qdText() +could not distinguish two cases (returning false in both): + +* the end of the quoted string not yet reached + +* an input error, e.g., wrong/unexpected character + +A possible approach could be to improve Http::One::Tokenizer, making it +aware about "needs more data" state. However, to be acceptable, +these improvements should be done in the base Parser::Tokenizer +class instead. These changes seem to be non-trivial and could be +done separately and later. + +Another approach, used here, is to simplify the complex and error-prone +chunked extensions parsing algorithm, fixing incremental parsing bugs +and still parse incrementally in almost all cases. The performance +regression could be expected only in relatively rare cases of partially +received or malformed extensions. + +Also: +* fixed parsing of partial use-original-body extension values +* do not treat an invalid use-original-body as an unknown extension +* optimization: parse use-original-body extension only in ICAP context + (i.e., where it is expected) +* improvement: added a new API to TeChunkedParser to specify known + chunked extensions list + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches/CVE-2023-46846-pre1.patch?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa +Upstream commit https://github.com/squid-cache/squid/commit/417da4006cf5c97d44e74431b816fc58fec9e270] +CVE: CVE-2023-46846 #Dependency Patch1 +Signed-off-by: Vijay Anusuri +--- + src/adaptation/icap/ModXact.cc | 21 ++++- + src/adaptation/icap/ModXact.h | 20 +++++ + src/http/one/Parser.cc | 35 ++++---- + src/http/one/Parser.h | 10 ++- + src/http/one/RequestParser.cc | 16 ++-- + src/http/one/RequestParser.h | 8 +- + src/http/one/ResponseParser.cc | 17 ++-- + src/http/one/ResponseParser.h | 2 +- + src/http/one/TeChunkedParser.cc | 139 ++++++++++++++++++-------------- + src/http/one/TeChunkedParser.h | 41 ++++++++-- + src/http/one/Tokenizer.cc | 104 ++++++++++++------------ + src/http/one/Tokenizer.h | 89 ++++++++------------ + src/http/one/forward.h | 3 + + src/parser/BinaryTokenizer.h | 3 +- + src/parser/Makefile.am | 1 + + src/parser/Tokenizer.cc | 40 +++++++++ + src/parser/Tokenizer.h | 13 +++ + src/parser/forward.h | 22 +++++ + 18 files changed, 364 insertions(+), 220 deletions(-) + create mode 100644 src/parser/forward.h + +--- a/src/adaptation/icap/ModXact.cc ++++ b/src/adaptation/icap/ModXact.cc +@@ -25,12 +25,13 @@ + #include "comm.h" + #include "comm/Connection.h" + #include "err_detail_type.h" +-#include "http/one/TeChunkedParser.h" + #include "HttpHeaderTools.h" + #include "HttpMsg.h" + #include "HttpReply.h" + #include "HttpRequest.h" + #include "MasterXaction.h" ++#include "parser/Tokenizer.h" ++#include "sbuf/Stream.h" + #include "SquidTime.h" + + // flow and terminology: +@@ -44,6 +45,8 @@ CBDATA_NAMESPACED_CLASS_INIT(Adaptation: + + static const size_t TheBackupLimit = BodyPipe::MaxCapacity; + ++const SBuf Adaptation::Icap::ChunkExtensionValueParser::UseOriginalBodyName("use-original-body"); ++ + Adaptation::Icap::ModXact::State::State() + { + memset(this, 0, sizeof(*this)); +@@ -1108,6 +1111,7 @@ void Adaptation::Icap::ModXact::decideOn + state.parsing = State::psBody; + replyHttpBodySize = 0; + bodyParser = new Http1::TeChunkedParser; ++ bodyParser->parseExtensionValuesWith(&extensionParser); + makeAdaptedBodyPipe("adapted response from the ICAP server"); + Must(state.sending == State::sendingAdapted); + } else { +@@ -1142,9 +1146,8 @@ void Adaptation::Icap::ModXact::parseBod + } + + if (parsed) { +- if (state.readyForUob && bodyParser->useOriginBody >= 0) { +- prepPartialBodyEchoing( +- static_cast(bodyParser->useOriginBody)); ++ if (state.readyForUob && extensionParser.sawUseOriginalBody()) { ++ prepPartialBodyEchoing(extensionParser.useOriginalBody()); + stopParsing(); + return; + } +@@ -2014,3 +2017,14 @@ void Adaptation::Icap::ModXactLauncher:: + } + } + ++void ++Adaptation::Icap::ChunkExtensionValueParser::parse(Tokenizer &tok, const SBuf &extName) ++{ ++ if (extName == UseOriginalBodyName) { ++ useOriginalBody_ = tok.udec64("use-original-body"); ++ assert(useOriginalBody_ >= 0); ++ } else { ++ Ignore(tok, extName); ++ } ++} ++ +--- a/src/adaptation/icap/ModXact.h ++++ b/src/adaptation/icap/ModXact.h +@@ -15,6 +15,7 @@ + #include "adaptation/icap/Xaction.h" + #include "BodyPipe.h" + #include "http/one/forward.h" ++#include "http/one/TeChunkedParser.h" + + /* + * ICAPModXact implements ICAP REQMOD and RESPMOD transaction using +@@ -105,6 +106,23 @@ private: + enum State { stDisabled, stWriting, stIeof, stDone } theState; + }; + ++/// handles ICAP-specific chunk extensions supported by Squid ++class ChunkExtensionValueParser: public Http1::ChunkExtensionValueParser ++{ ++public: ++ /* Http1::ChunkExtensionValueParser API */ ++ virtual void parse(Tokenizer &tok, const SBuf &extName) override; ++ ++ bool sawUseOriginalBody() const { return useOriginalBody_ >= 0; } ++ uint64_t useOriginalBody() const { assert(sawUseOriginalBody()); return static_cast(useOriginalBody_); } ++ ++private: ++ static const SBuf UseOriginalBodyName; ++ ++ /// the value of the parsed use-original-body chunk extension (or -1) ++ int64_t useOriginalBody_ = -1; ++}; ++ + class ModXact: public Xaction, public BodyProducer, public BodyConsumer + { + CBDATA_CLASS(ModXact); +@@ -270,6 +288,8 @@ private: + + int adaptHistoryId; ///< adaptation history slot reservation + ++ ChunkExtensionValueParser extensionParser; ++ + class State + { + +--- a/src/http/one/Parser.cc ++++ b/src/http/one/Parser.cc +@@ -7,10 +7,11 @@ + */ + + #include "squid.h" ++#include "base/CharacterSet.h" + #include "Debug.h" + #include "http/one/Parser.h" +-#include "http/one/Tokenizer.h" + #include "mime_header.h" ++#include "parser/Tokenizer.h" + #include "SquidConfig.h" + + /// RFC 7230 section 2.6 - 7 magic octets +@@ -61,20 +62,19 @@ Http::One::Parser::DelimiterCharacters() + RelaxedDelimiterCharacters() : CharacterSet::SP; + } + +-bool +-Http::One::Parser::skipLineTerminator(Http1::Tokenizer &tok) const ++void ++Http::One::Parser::skipLineTerminator(Tokenizer &tok) const + { + if (tok.skip(Http1::CrLf())) +- return true; ++ return; + + if (Config.onoff.relaxed_header_parser && tok.skipOne(CharacterSet::LF)) +- return true; ++ return; + + if (tok.atEnd() || (tok.remaining().length() == 1 && tok.remaining().at(0) == '\r')) +- return false; // need more data ++ throw InsufficientInput(); + + throw TexcHere("garbage instead of CRLF line terminator"); +- return false; // unreachable, but make naive compilers happy + } + + /// all characters except the LF line terminator +@@ -102,7 +102,7 @@ LineCharacters() + void + Http::One::Parser::cleanMimePrefix() + { +- Http1::Tokenizer tok(mimeHeaderBlock_); ++ Tokenizer tok(mimeHeaderBlock_); + while (tok.skipOne(RelaxedDelimiterCharacters())) { + (void)tok.skipAll(LineCharacters()); // optional line content + // LF terminator is required. +@@ -137,7 +137,7 @@ Http::One::Parser::cleanMimePrefix() + void + Http::One::Parser::unfoldMime() + { +- Http1::Tokenizer tok(mimeHeaderBlock_); ++ Tokenizer tok(mimeHeaderBlock_); + const auto szLimit = mimeHeaderBlock_.length(); + mimeHeaderBlock_.clear(); + // prevent the mime sender being able to make append() realloc/grow multiple times. +@@ -228,7 +228,7 @@ Http::One::Parser::getHostHeaderField() + debugs(25, 5, "looking for " << name); + + // while we can find more LF in the SBuf +- Http1::Tokenizer tok(mimeHeaderBlock_); ++ Tokenizer tok(mimeHeaderBlock_); + SBuf p; + + while (tok.prefix(p, LineCharacters())) { +@@ -250,7 +250,7 @@ Http::One::Parser::getHostHeaderField() + p.consume(namelen + 1); + + // TODO: optimize SBuf::trim to take CharacterSet directly +- Http1::Tokenizer t(p); ++ Tokenizer t(p); + t.skipAll(CharacterSet::WSP); + p = t.remaining(); + +@@ -278,10 +278,15 @@ Http::One::ErrorLevel() + } + + // BWS = *( SP / HTAB ) ; WhitespaceCharacters() may relax this RFC 7230 rule +-bool +-Http::One::ParseBws(Tokenizer &tok) ++void ++Http::One::ParseBws(Parser::Tokenizer &tok) + { +- if (const auto count = tok.skipAll(Parser::WhitespaceCharacters())) { ++ const auto count = tok.skipAll(Parser::WhitespaceCharacters()); ++ ++ if (tok.atEnd()) ++ throw InsufficientInput(); // even if count is positive ++ ++ if (count) { + // Generating BWS is a MUST-level violation so warn about it as needed. + debugs(33, ErrorLevel(), "found " << count << " BWS octets"); + // RFC 7230 says we MUST parse BWS, so we fall through even if +@@ -289,6 +294,6 @@ Http::One::ParseBws(Tokenizer &tok) + } + // else we successfully "parsed" an empty BWS sequence + +- return true; ++ // success: no more BWS characters expected + } + +--- a/src/http/one/Parser.h ++++ b/src/http/one/Parser.h +@@ -12,6 +12,7 @@ + #include "anyp/ProtocolVersion.h" + #include "http/one/forward.h" + #include "http/StatusCode.h" ++#include "parser/forward.h" + #include "sbuf/SBuf.h" + + namespace Http { +@@ -40,6 +41,7 @@ class Parser : public RefCountable + { + public: + typedef SBuf::size_type size_type; ++ typedef ::Parser::Tokenizer Tokenizer; + + Parser() : parseStatusCode(Http::scNone), parsingStage_(HTTP_PARSE_NONE), hackExpectsMime_(false) {} + virtual ~Parser() {} +@@ -118,11 +120,11 @@ protected: + * detect and skip the CRLF or (if tolerant) LF line terminator + * consume from the tokenizer. + * +- * throws if non-terminator is detected. ++ * \throws exception on bad or InsuffientInput. + * \retval true only if line terminator found. + * \retval false incomplete or missing line terminator, need more data. + */ +- bool skipLineTerminator(Http1::Tokenizer &tok) const; ++ void skipLineTerminator(Tokenizer &) const; + + /** + * Scan to find the mime headers block for current message. +@@ -159,8 +161,8 @@ private: + }; + + /// skips and, if needed, warns about RFC 7230 BWS ("bad" whitespace) +-/// \returns true (always; unlike all the skip*() functions) +-bool ParseBws(Tokenizer &tok); ++/// \throws InsufficientInput when the end of BWS cannot be confirmed ++void ParseBws(Parser::Tokenizer &); + + /// the right debugs() level for logging HTTP violation messages + int ErrorLevel(); +--- a/src/http/one/RequestParser.cc ++++ b/src/http/one/RequestParser.cc +@@ -9,8 +9,8 @@ + #include "squid.h" + #include "Debug.h" + #include "http/one/RequestParser.h" +-#include "http/one/Tokenizer.h" + #include "http/ProtocolVersion.h" ++#include "parser/Tokenizer.h" + #include "profiler/Profiler.h" + #include "SquidConfig.h" + +@@ -64,7 +64,7 @@ Http::One::RequestParser::skipGarbageLin + * RFC 7230 section 2.6, 3.1 and 3.5 + */ + bool +-Http::One::RequestParser::parseMethodField(Http1::Tokenizer &tok) ++Http::One::RequestParser::parseMethodField(Tokenizer &tok) + { + // method field is a sequence of TCHAR. + // Limit to 32 characters to prevent overly long sequences of non-HTTP +@@ -145,7 +145,7 @@ Http::One::RequestParser::RequestTargetC + } + + bool +-Http::One::RequestParser::parseUriField(Http1::Tokenizer &tok) ++Http::One::RequestParser::parseUriField(Tokenizer &tok) + { + /* Arbitrary 64KB URI upper length limit. + * +@@ -178,7 +178,7 @@ Http::One::RequestParser::parseUriField( + } + + bool +-Http::One::RequestParser::parseHttpVersionField(Http1::Tokenizer &tok) ++Http::One::RequestParser::parseHttpVersionField(Tokenizer &tok) + { + static const SBuf http1p0("HTTP/1.0"); + static const SBuf http1p1("HTTP/1.1"); +@@ -253,7 +253,7 @@ Http::One::RequestParser::skipDelimiter( + + /// Parse CRs at the end of request-line, just before the terminating LF. + bool +-Http::One::RequestParser::skipTrailingCrs(Http1::Tokenizer &tok) ++Http::One::RequestParser::skipTrailingCrs(Tokenizer &tok) + { + if (Config.onoff.relaxed_header_parser) { + (void)tok.skipAllTrailing(CharacterSet::CR); // optional; multiple OK +@@ -289,12 +289,12 @@ Http::One::RequestParser::parseRequestFi + // Earlier, skipGarbageLines() took care of any leading LFs (if allowed). + // Now, the request line has to end at the first LF. + static const CharacterSet lineChars = CharacterSet::LF.complement("notLF"); +- ::Parser::Tokenizer lineTok(buf_); ++ Tokenizer lineTok(buf_); + if (!lineTok.prefix(line, lineChars) || !lineTok.skip('\n')) { + if (buf_.length() >= Config.maxRequestHeaderSize) { + /* who should we blame for our failure to parse this line? */ + +- Http1::Tokenizer methodTok(buf_); ++ Tokenizer methodTok(buf_); + if (!parseMethodField(methodTok)) + return -1; // blame a bad method (or its delimiter) + +@@ -308,7 +308,7 @@ Http::One::RequestParser::parseRequestFi + return 0; + } + +- Http1::Tokenizer tok(line); ++ Tokenizer tok(line); + + if (!parseMethodField(tok)) + return -1; +--- a/src/http/one/RequestParser.h ++++ b/src/http/one/RequestParser.h +@@ -54,11 +54,11 @@ private: + bool doParse(const SBuf &aBuf); + + /* all these return false and set parseStatusCode on parsing failures */ +- bool parseMethodField(Http1::Tokenizer &); +- bool parseUriField(Http1::Tokenizer &); +- bool parseHttpVersionField(Http1::Tokenizer &); ++ bool parseMethodField(Tokenizer &); ++ bool parseUriField(Tokenizer &); ++ bool parseHttpVersionField(Tokenizer &); + bool skipDelimiter(const size_t count, const char *where); +- bool skipTrailingCrs(Http1::Tokenizer &tok); ++ bool skipTrailingCrs(Tokenizer &tok); + + bool http0() const {return !msgProtocol_.major;} + static const CharacterSet &RequestTargetCharacters(); +--- a/src/http/one/ResponseParser.cc ++++ b/src/http/one/ResponseParser.cc +@@ -9,8 +9,8 @@ + #include "squid.h" + #include "Debug.h" + #include "http/one/ResponseParser.h" +-#include "http/one/Tokenizer.h" + #include "http/ProtocolVersion.h" ++#include "parser/Tokenizer.h" + #include "profiler/Profiler.h" + #include "SquidConfig.h" + +@@ -47,7 +47,7 @@ Http::One::ResponseParser::firstLineSize + // NP: we found the protocol version and consumed it already. + // just need the status code and reason phrase + int +-Http::One::ResponseParser::parseResponseStatusAndReason(Http1::Tokenizer &tok, const CharacterSet &WspDelim) ++Http::One::ResponseParser::parseResponseStatusAndReason(Tokenizer &tok, const CharacterSet &WspDelim) + { + if (!completedStatus_) { + debugs(74, 9, "seek status-code in: " << tok.remaining().substr(0,10) << "..."); +@@ -87,14 +87,13 @@ Http::One::ResponseParser::parseResponse + static const CharacterSet phraseChars = CharacterSet::WSP + CharacterSet::VCHAR + CharacterSet::OBSTEXT; + (void)tok.prefix(reasonPhrase_, phraseChars); // optional, no error if missing + try { +- if (skipLineTerminator(tok)) { +- debugs(74, DBG_DATA, "parse remaining buf={length=" << tok.remaining().length() << ", data='" << tok.remaining() << "'}"); +- buf_ = tok.remaining(); // resume checkpoint +- return 1; +- } ++ skipLineTerminator(tok); ++ buf_ = tok.remaining(); // resume checkpoint ++ debugs(74, DBG_DATA, Raw("leftovers", buf_.rawContent(), buf_.length())); ++ return 1; ++ } catch (const InsufficientInput &) { + reasonPhrase_.clear(); + return 0; // need more to be sure we have it all +- + } catch (const std::exception &ex) { + debugs(74, 6, "invalid status-line: " << ex.what()); + } +@@ -119,7 +118,7 @@ Http::One::ResponseParser::parseResponse + int + Http::One::ResponseParser::parseResponseFirstLine() + { +- Http1::Tokenizer tok(buf_); ++ Tokenizer tok(buf_); + + const CharacterSet &WspDelim = DelimiterCharacters(); + +--- a/src/http/one/ResponseParser.h ++++ b/src/http/one/ResponseParser.h +@@ -43,7 +43,7 @@ public: + + private: + int parseResponseFirstLine(); +- int parseResponseStatusAndReason(Http1::Tokenizer&, const CharacterSet &); ++ int parseResponseStatusAndReason(Tokenizer&, const CharacterSet &); + + /// magic prefix for identifying ICY response messages + static const SBuf IcyMagic; +--- a/src/http/one/TeChunkedParser.cc ++++ b/src/http/one/TeChunkedParser.cc +@@ -13,10 +13,13 @@ + #include "http/one/Tokenizer.h" + #include "http/ProtocolVersion.h" + #include "MemBuf.h" ++#include "parser/Tokenizer.h" + #include "Parsing.h" ++#include "sbuf/Stream.h" + #include "SquidConfig.h" + +-Http::One::TeChunkedParser::TeChunkedParser() ++Http::One::TeChunkedParser::TeChunkedParser(): ++ customExtensionValueParser(nullptr) + { + // chunked encoding only exists in HTTP/1.1 + Http1::Parser::msgProtocol_ = Http::ProtocolVersion(1,1); +@@ -31,7 +34,11 @@ Http::One::TeChunkedParser::clear() + buf_.clear(); + theChunkSize = theLeftBodySize = 0; + theOut = NULL; +- useOriginBody = -1; ++ // XXX: We do not reset customExtensionValueParser here. Based on the ++ // clear() API description, we must, but it makes little sense and could ++ // break method callers if they appear because some of them may forget to ++ // reset customExtensionValueParser. TODO: Remove Http1::Parser as our ++ // parent class and this unnecessary method with it. + } + + bool +@@ -49,14 +56,14 @@ Http::One::TeChunkedParser::parse(const + if (parsingStage_ == Http1::HTTP_PARSE_NONE) + parsingStage_ = Http1::HTTP_PARSE_CHUNK_SZ; + +- Http1::Tokenizer tok(buf_); ++ Tokenizer tok(buf_); + + // loop for as many chunks as we can + // use do-while instead of while so that we can incrementally + // restart in the middle of a chunk/frame + do { + +- if (parsingStage_ == Http1::HTTP_PARSE_CHUNK_EXT && !parseChunkExtension(tok, theChunkSize)) ++ if (parsingStage_ == Http1::HTTP_PARSE_CHUNK_EXT && !parseChunkMetadataSuffix(tok)) + return false; + + if (parsingStage_ == Http1::HTTP_PARSE_CHUNK && !parseChunkBody(tok)) +@@ -80,7 +87,7 @@ Http::One::TeChunkedParser::needsMoreSpa + + /// RFC 7230 section 4.1 chunk-size + bool +-Http::One::TeChunkedParser::parseChunkSize(Http1::Tokenizer &tok) ++Http::One::TeChunkedParser::parseChunkSize(Tokenizer &tok) + { + Must(theChunkSize <= 0); // Should(), really + +@@ -104,66 +111,75 @@ Http::One::TeChunkedParser::parseChunkSi + return false; // should not be reachable + } + +-/** +- * Parses chunk metadata suffix, looking for interesting extensions and/or +- * getting to the line terminator. RFC 7230 section 4.1.1 and its Errata #4667: +- * +- * chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) +- * chunk-ext-name = token +- * chunk-ext-val = token / quoted-string +- * +- * ICAP 'use-original-body=N' extension is supported. +- */ +-bool +-Http::One::TeChunkedParser::parseChunkExtension(Http1::Tokenizer &tok, bool skipKnown) +-{ +- SBuf ext; +- SBuf value; +- while ( +- ParseBws(tok) && // Bug 4492: IBM_HTTP_Server sends SP after chunk-size +- tok.skip(';') && +- ParseBws(tok) && // Bug 4492: ICAP servers send SP before chunk-ext-name +- tok.prefix(ext, CharacterSet::TCHAR)) { // chunk-ext-name +- +- // whole value part is optional. if no '=' expect next chunk-ext +- if (ParseBws(tok) && tok.skip('=') && ParseBws(tok)) { +- +- if (!skipKnown) { +- if (ext.cmp("use-original-body",17) == 0 && tok.int64(useOriginBody, 10)) { +- debugs(94, 3, "Found chunk extension " << ext << "=" << useOriginBody); +- buf_ = tok.remaining(); // parse checkpoint +- continue; +- } +- } +- +- debugs(94, 5, "skipping unknown chunk extension " << ext); +- +- // unknown might have a value token or quoted-string +- if (tok.quotedStringOrToken(value) && !tok.atEnd()) { +- buf_ = tok.remaining(); // parse checkpoint +- continue; +- } +- +- // otherwise need more data OR corrupt syntax +- break; +- } +- +- if (!tok.atEnd()) +- buf_ = tok.remaining(); // parse checkpoint (unless there might be more token name) +- } +- +- if (skipLineTerminator(tok)) { +- buf_ = tok.remaining(); // checkpoint +- // non-0 chunk means data, 0-size means optional Trailer follows ++/// Parses "[chunk-ext] CRLF" from RFC 7230 section 4.1.1: ++/// chunk = chunk-size [ chunk-ext ] CRLF chunk-data CRLF ++/// last-chunk = 1*"0" [ chunk-ext ] CRLF ++bool ++Http::One::TeChunkedParser::parseChunkMetadataSuffix(Tokenizer &tok) ++{ ++ // Code becomes much simpler when incremental parsing functions throw on ++ // bad or insufficient input, like in the code below. TODO: Expand up. ++ try { ++ parseChunkExtensions(tok); // a possibly empty chunk-ext list ++ skipLineTerminator(tok); ++ buf_ = tok.remaining(); + parsingStage_ = theChunkSize ? Http1::HTTP_PARSE_CHUNK : Http1::HTTP_PARSE_MIME; + return true; ++ } catch (const InsufficientInput &) { ++ tok.reset(buf_); // backtrack to the last commit point ++ return false; + } ++ // other exceptions bubble up to kill message parsing ++} ++ ++/// Parses the chunk-ext list (RFC 7230 section 4.1.1 and its Errata #4667): ++/// chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) ++void ++Http::One::TeChunkedParser::parseChunkExtensions(Tokenizer &tok) ++{ ++ do { ++ ParseBws(tok); // Bug 4492: IBM_HTTP_Server sends SP after chunk-size + +- return false; ++ if (!tok.skip(';')) ++ return; // reached the end of extensions (if any) ++ ++ parseOneChunkExtension(tok); ++ buf_ = tok.remaining(); // got one extension ++ } while (true); ++} ++ ++void ++Http::One::ChunkExtensionValueParser::Ignore(Tokenizer &tok, const SBuf &extName) ++{ ++ const auto ignoredValue = tokenOrQuotedString(tok); ++ debugs(94, 5, extName << " with value " << ignoredValue); ++} ++ ++/// Parses a single chunk-ext list element: ++/// chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) ++void ++Http::One::TeChunkedParser::parseOneChunkExtension(Tokenizer &tok) ++{ ++ ParseBws(tok); // Bug 4492: ICAP servers send SP before chunk-ext-name ++ ++ const auto extName = tok.prefix("chunk-ext-name", CharacterSet::TCHAR); ++ ++ ParseBws(tok); ++ ++ if (!tok.skip('=')) ++ return; // parsed a valueless chunk-ext ++ ++ ParseBws(tok); ++ ++ // optimization: the only currently supported extension needs last-chunk ++ if (!theChunkSize && customExtensionValueParser) ++ customExtensionValueParser->parse(tok, extName); ++ else ++ ChunkExtensionValueParser::Ignore(tok, extName); + } + + bool +-Http::One::TeChunkedParser::parseChunkBody(Http1::Tokenizer &tok) ++Http::One::TeChunkedParser::parseChunkBody(Tokenizer &tok) + { + if (theLeftBodySize > 0) { + buf_ = tok.remaining(); // sync buffers before buf_ use +@@ -188,17 +204,20 @@ Http::One::TeChunkedParser::parseChunkBo + } + + bool +-Http::One::TeChunkedParser::parseChunkEnd(Http1::Tokenizer &tok) ++Http::One::TeChunkedParser::parseChunkEnd(Tokenizer &tok) + { + Must(theLeftBodySize == 0); // Should(), really + +- if (skipLineTerminator(tok)) { ++ try { ++ skipLineTerminator(tok); + buf_ = tok.remaining(); // parse checkpoint + theChunkSize = 0; // done with the current chunk + parsingStage_ = Http1::HTTP_PARSE_CHUNK_SZ; + return true; + } +- +- return false; ++ catch (const InsufficientInput &) { ++ return false; ++ } ++ // other exceptions bubble up to kill message parsing + } + +--- a/src/http/one/TeChunkedParser.h ++++ b/src/http/one/TeChunkedParser.h +@@ -18,6 +18,26 @@ namespace Http + namespace One + { + ++using ::Parser::InsufficientInput; ++ ++// TODO: Move this class into http/one/ChunkExtensionValueParser.* ++/// A customizable parser of a single chunk extension value (chunk-ext-val). ++/// From RFC 7230 section 4.1.1 and its Errata #4667: ++/// chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) ++/// chunk-ext-name = token ++/// chunk-ext-val = token / quoted-string ++class ChunkExtensionValueParser ++{ ++public: ++ typedef ::Parser::Tokenizer Tokenizer; ++ ++ /// extracts and ignores the value of a named extension ++ static void Ignore(Tokenizer &tok, const SBuf &extName); ++ ++ /// extracts and then interprets (or ignores) the extension value ++ virtual void parse(Tokenizer &tok, const SBuf &extName) = 0; ++}; ++ + /** + * An incremental parser for chunked transfer coding + * defined in RFC 7230 section 4.1. +@@ -25,7 +45,7 @@ namespace One + * + * The parser shovels content bytes from the raw + * input buffer into the content output buffer, both caller-supplied. +- * Ignores chunk extensions except for ICAP's ieof. ++ * Chunk extensions like use-original-body are handled via parseExtensionValuesWith(). + * Trailers are available via mimeHeader() if wanted. + */ + class TeChunkedParser : public Http1::Parser +@@ -37,6 +57,10 @@ public: + /// set the buffer to be used to store decoded chunk data + void setPayloadBuffer(MemBuf *parsedContent) {theOut = parsedContent;} + ++ /// Instead of ignoring all chunk extension values, give the supplied ++ /// parser a chance to handle them. Only applied to last-chunk (for now). ++ void parseExtensionValuesWith(ChunkExtensionValueParser *parser) { customExtensionValueParser = parser; } ++ + bool needsMoreSpace() const; + + /* Http1::Parser API */ +@@ -45,17 +69,20 @@ public: + virtual Parser::size_type firstLineSize() const {return 0;} // has no meaning with multiple chunks + + private: +- bool parseChunkSize(Http1::Tokenizer &tok); +- bool parseChunkExtension(Http1::Tokenizer &tok, bool skipKnown); +- bool parseChunkBody(Http1::Tokenizer &tok); +- bool parseChunkEnd(Http1::Tokenizer &tok); ++ bool parseChunkSize(Tokenizer &tok); ++ bool parseChunkMetadataSuffix(Tokenizer &); ++ void parseChunkExtensions(Tokenizer &); ++ void parseOneChunkExtension(Tokenizer &); ++ bool parseChunkBody(Tokenizer &tok); ++ bool parseChunkEnd(Tokenizer &tok); + + MemBuf *theOut; + uint64_t theChunkSize; + uint64_t theLeftBodySize; + +-public: +- int64_t useOriginBody; ++ /// An optional plugin for parsing and interpreting custom chunk-ext-val. ++ /// This "visitor" object is owned by our creator. ++ ChunkExtensionValueParser *customExtensionValueParser; + }; + + } // namespace One +--- a/src/http/one/Tokenizer.cc ++++ b/src/http/one/Tokenizer.cc +@@ -8,35 +8,18 @@ + + #include "squid.h" + #include "Debug.h" ++#include "http/one/Parser.h" + #include "http/one/Tokenizer.h" ++#include "parser/Tokenizer.h" ++#include "sbuf/Stream.h" + +-bool +-Http::One::Tokenizer::quotedString(SBuf &returnedToken, const bool http1p0) ++/// Extracts quoted-string after the caller removes the initial '"'. ++/// \param http1p0 whether to prohibit \-escaped characters in quoted strings ++/// \throws InsufficientInput when input can be a token _prefix_ ++/// \returns extracted quoted string (without quotes and with chars unescaped) ++static SBuf ++parseQuotedStringSuffix(Parser::Tokenizer &tok, const bool http1p0) + { +- checkpoint(); +- +- if (!skip('"')) +- return false; +- +- return qdText(returnedToken, http1p0); +-} +- +-bool +-Http::One::Tokenizer::quotedStringOrToken(SBuf &returnedToken, const bool http1p0) +-{ +- checkpoint(); +- +- if (!skip('"')) +- return prefix(returnedToken, CharacterSet::TCHAR); +- +- return qdText(returnedToken, http1p0); +-} +- +-bool +-Http::One::Tokenizer::qdText(SBuf &returnedToken, const bool http1p0) +-{ +- // the initial DQUOTE has been skipped by the caller +- + /* + * RFC 1945 - defines qdtext: + * inclusive of LWS (which includes CR and LF) +@@ -61,12 +44,17 @@ Http::One::Tokenizer::qdText(SBuf &retur + // best we can do is a conditional reference since http1p0 value may change per-client + const CharacterSet &tokenChars = (http1p0 ? qdtext1p0 : qdtext1p1); + +- for (;;) { +- SBuf::size_type prefixLen = buf().findFirstNotOf(tokenChars); +- returnedToken.append(consume(prefixLen)); ++ SBuf parsedToken; ++ ++ while (!tok.atEnd()) { ++ SBuf qdText; ++ if (tok.prefix(qdText, tokenChars)) ++ parsedToken.append(qdText); ++ ++ if (!http1p0 && tok.skip('\\')) { // HTTP/1.1 allows quoted-pair, HTTP/1.0 does not ++ if (tok.atEnd()) ++ break; + +- // HTTP/1.1 allows quoted-pair, HTTP/1.0 does not +- if (!http1p0 && skip('\\')) { + /* RFC 7230 section 3.2.6 + * + * The backslash octet ("\") can be used as a single-octet quoting +@@ -78,32 +66,42 @@ Http::One::Tokenizer::qdText(SBuf &retur + */ + static const CharacterSet qPairChars = CharacterSet::HTAB + CharacterSet::SP + CharacterSet::VCHAR + CharacterSet::OBSTEXT; + SBuf escaped; +- if (!prefix(escaped, qPairChars, 1)) { +- returnedToken.clear(); +- restoreLastCheckpoint(); +- return false; +- } +- returnedToken.append(escaped); ++ if (!tok.prefix(escaped, qPairChars, 1)) ++ throw TexcHere("invalid escaped character in quoted-pair"); ++ ++ parsedToken.append(escaped); + continue; ++ } + +- } else if (skip('"')) { +- break; // done ++ if (tok.skip('"')) ++ return parsedToken; // may be empty + +- } else if (atEnd()) { +- // need more data +- returnedToken.clear(); +- restoreLastCheckpoint(); +- return false; +- } ++ if (tok.atEnd()) ++ break; + +- // else, we have an error +- debugs(24, 8, "invalid bytes for set " << tokenChars.name); +- returnedToken.clear(); +- restoreLastCheckpoint(); +- return false; ++ throw TexcHere(ToSBuf("invalid bytes for set ", tokenChars.name)); + } + +- // found the whole string +- return true; ++ throw Http::One::InsufficientInput(); ++} ++ ++SBuf ++Http::One::tokenOrQuotedString(Parser::Tokenizer &tok, const bool http1p0) ++{ ++ if (tok.skip('"')) ++ return parseQuotedStringSuffix(tok, http1p0); ++ ++ if (tok.atEnd()) ++ throw InsufficientInput(); ++ ++ SBuf parsedToken; ++ if (!tok.prefix(parsedToken, CharacterSet::TCHAR)) ++ throw TexcHere("invalid input while expecting an HTTP token"); ++ ++ if (tok.atEnd()) ++ throw InsufficientInput(); ++ ++ // got the complete token ++ return parsedToken; + } + +--- a/src/http/one/Tokenizer.h ++++ b/src/http/one/Tokenizer.h +@@ -9,68 +9,47 @@ + #ifndef SQUID_SRC_HTTP_ONE_TOKENIZER_H + #define SQUID_SRC_HTTP_ONE_TOKENIZER_H + +-#include "parser/Tokenizer.h" ++#include "parser/forward.h" ++#include "sbuf/forward.h" + + namespace Http { + namespace One { + + /** +- * Lexical processor extended to tokenize HTTP/1.x syntax. ++ * Extracts either an HTTP/1 token or quoted-string while dealing with ++ * possibly incomplete input typical for incremental text parsers. ++ * Unescapes escaped characters in HTTP/1.1 quoted strings. + * +- * \see ::Parser::Tokenizer for more detail ++ * \param http1p0 whether to prohibit \-escaped characters in quoted strings ++ * \throws InsufficientInput as appropriate, including on unterminated tokens ++ * \returns extracted token or quoted string (without quotes) ++ * ++ * Governed by: ++ * - RFC 1945 section 2.1 ++ * " ++ * A string of text is parsed as a single word if it is quoted using ++ * double-quote marks. ++ * ++ * quoted-string = ( <"> *(qdtext) <"> ) ++ * ++ * qdtext = and CTLs, ++ * but including LWS> ++ * ++ * Single-character quoting using the backslash ("\") character is not ++ * permitted in HTTP/1.0. ++ * " ++ * ++ * - RFC 7230 section 3.2.6 ++ * " ++ * A string of text is parsed as a single value if it is quoted using ++ * double-quote marks. ++ * ++ * quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE ++ * qdtext = HTAB / SP /%x21 / %x23-5B / %x5D-7E / obs-text ++ * obs-text = %x80-FF ++ * " + */ +-class Tokenizer : public ::Parser::Tokenizer +-{ +-public: +- Tokenizer(SBuf &s) : ::Parser::Tokenizer(s), savedStats_(0) {} +- +- /** +- * Attempt to parse a quoted-string lexical construct. +- * +- * Governed by: +- * - RFC 1945 section 2.1 +- * " +- * A string of text is parsed as a single word if it is quoted using +- * double-quote marks. +- * +- * quoted-string = ( <"> *(qdtext) <"> ) +- * +- * qdtext = and CTLs, +- * but including LWS> +- * +- * Single-character quoting using the backslash ("\") character is not +- * permitted in HTTP/1.0. +- * " +- * +- * - RFC 7230 section 3.2.6 +- * " +- * A string of text is parsed as a single value if it is quoted using +- * double-quote marks. +- * +- * quoted-string = DQUOTE *( qdtext / quoted-pair ) DQUOTE +- * qdtext = HTAB / SP /%x21 / %x23-5B / %x5D-7E / obs-text +- * obs-text = %x80-FF +- * " +- * +- * \param escaped HTTP/1.0 does not permit \-escaped characters +- */ +- bool quotedString(SBuf &value, const bool http1p0 = false); +- +- /** +- * Attempt to parse a (token / quoted-string ) lexical construct. +- */ +- bool quotedStringOrToken(SBuf &value, const bool http1p0 = false); +- +-private: +- /// parse the internal component of a quote-string, and terminal DQUOTE +- bool qdText(SBuf &value, const bool http1p0); +- +- void checkpoint() { savedCheckpoint_ = buf(); savedStats_ = parsedSize(); } +- void restoreLastCheckpoint() { undoParse(savedCheckpoint_, savedStats_); } +- +- SBuf savedCheckpoint_; +- SBuf::size_type savedStats_; +-}; ++SBuf tokenOrQuotedString(Parser::Tokenizer &tok, const bool http1p0 = false); + + } // namespace One + } // namespace Http +--- a/src/http/one/forward.h ++++ b/src/http/one/forward.h +@@ -10,6 +10,7 @@ + #define SQUID_SRC_HTTP_ONE_FORWARD_H + + #include "base/RefCount.h" ++#include "parser/forward.h" + #include "sbuf/forward.h" + + namespace Http { +@@ -31,6 +32,8 @@ typedef RefCount + #if HAVE_CTYPE_H +@@ -96,6 +98,23 @@ Parser::Tokenizer::prefix(SBuf &returned + return true; + } + ++SBuf ++Parser::Tokenizer::prefix(const char *description, const CharacterSet &tokenChars, const SBuf::size_type limit) ++{ ++ if (atEnd()) ++ throw InsufficientInput(); ++ ++ SBuf result; ++ ++ if (!prefix(result, tokenChars, limit)) ++ throw TexcHere(ToSBuf("cannot parse ", description)); ++ ++ if (atEnd()) ++ throw InsufficientInput(); ++ ++ return result; ++} ++ + bool + Parser::Tokenizer::suffix(SBuf &returnedToken, const CharacterSet &tokenChars, const SBuf::size_type limit) + { +@@ -283,3 +302,24 @@ Parser::Tokenizer::int64(int64_t & resul + return success(s - range.rawContent()); + } + ++int64_t ++Parser::Tokenizer::udec64(const char *description, const SBuf::size_type limit) ++{ ++ if (atEnd()) ++ throw InsufficientInput(); ++ ++ int64_t result = 0; ++ ++ // Since we only support unsigned decimals, a parsing failure with a ++ // non-empty input always implies invalid/malformed input (or a buggy ++ // limit=0 caller). TODO: Support signed and non-decimal integers by ++ // refactoring int64() to detect insufficient input. ++ if (!int64(result, 10, false, limit)) ++ throw TexcHere(ToSBuf("cannot parse ", description)); ++ ++ if (atEnd()) ++ throw InsufficientInput(); // more digits may be coming ++ ++ return result; ++} ++ +--- a/src/parser/Tokenizer.h ++++ b/src/parser/Tokenizer.h +@@ -143,6 +143,19 @@ public: + */ + bool int64(int64_t &result, int base = 0, bool allowSign = true, SBuf::size_type limit = SBuf::npos); + ++ /* ++ * The methods below mimic their counterparts documented above, but they ++ * throw on errors, including InsufficientInput. The field description ++ * parameter is used for error reporting and debugging. ++ */ ++ ++ /// prefix() wrapper but throws InsufficientInput if input contains ++ /// nothing but the prefix (i.e. if the prefix is not "terminated") ++ SBuf prefix(const char *description, const CharacterSet &tokenChars, SBuf::size_type limit = SBuf::npos); ++ ++ /// int64() wrapper but limited to unsigned decimal integers (for now) ++ int64_t udec64(const char *description, SBuf::size_type limit = SBuf::npos); ++ + protected: + SBuf consume(const SBuf::size_type n); + SBuf::size_type success(const SBuf::size_type n); +--- /dev/null ++++ b/src/parser/forward.h +@@ -0,0 +1,22 @@ ++/* ++ * Copyright (C) 1996-2019 The Squid Software Foundation and contributors ++ * ++ * Squid software is distributed under GPLv2+ license and includes ++ * contributions from numerous individuals and organizations. ++ * Please see the COPYING and CONTRIBUTORS files for details. ++ */ ++ ++#ifndef SQUID_PARSER_FORWARD_H ++#define SQUID_PARSER_FORWARD_H ++ ++namespace Parser { ++class Tokenizer; ++class BinaryTokenizer; ++ ++// TODO: Move this declaration (to parser/Elements.h) if we need more like it. ++/// thrown by modern "incremental" parsers when they need more data ++class InsufficientInput {}; ++} // namespace Parser ++ ++#endif /* SQUID_PARSER_FORWARD_H */ ++ diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-46846.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-46846.patch new file mode 100644 index 00000000000..a6d0965e7ab --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-46846.patch @@ -0,0 +1,169 @@ +From 05f6af2f4c85cc99323cfff6149c3d74af661b6d Mon Sep 17 00:00:00 2001 +From: Amos Jeffries +Date: Fri, 13 Oct 2023 08:44:16 +0000 +Subject: [PATCH] RFC 9112: Improve HTTP chunked encoding compliance (#1498) + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches/CVE-2023-46846.patch?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa +Upstream commit https://github.com/squid-cache/squid/commit/05f6af2f4c85cc99323cfff6149c3d74af661b6d] +CVE: CVE-2023-46846 +Signed-off-by: Vijay Anusuri +--- + src/http/one/Parser.cc | 8 +------- + src/http/one/Parser.h | 4 +--- + src/http/one/TeChunkedParser.cc | 23 ++++++++++++++++++----- + src/parser/Tokenizer.cc | 12 ++++++++++++ + src/parser/Tokenizer.h | 7 +++++++ + 5 files changed, 39 insertions(+), 15 deletions(-) + +--- a/src/http/one/Parser.cc ++++ b/src/http/one/Parser.cc +@@ -65,16 +65,10 @@ Http::One::Parser::DelimiterCharacters() + void + Http::One::Parser::skipLineTerminator(Tokenizer &tok) const + { +- if (tok.skip(Http1::CrLf())) +- return; +- + if (Config.onoff.relaxed_header_parser && tok.skipOne(CharacterSet::LF)) + return; + +- if (tok.atEnd() || (tok.remaining().length() == 1 && tok.remaining().at(0) == '\r')) +- throw InsufficientInput(); +- +- throw TexcHere("garbage instead of CRLF line terminator"); ++ tok.skipRequired("line-terminating CRLF", Http1::CrLf()); + } + + /// all characters except the LF line terminator +--- a/src/http/one/Parser.h ++++ b/src/http/one/Parser.h +@@ -120,9 +120,7 @@ protected: + * detect and skip the CRLF or (if tolerant) LF line terminator + * consume from the tokenizer. + * +- * \throws exception on bad or InsuffientInput. +- * \retval true only if line terminator found. +- * \retval false incomplete or missing line terminator, need more data. ++ * \throws exception on bad or InsufficientInput + */ + void skipLineTerminator(Tokenizer &) const; + +--- a/src/http/one/TeChunkedParser.cc ++++ b/src/http/one/TeChunkedParser.cc +@@ -91,6 +91,11 @@ Http::One::TeChunkedParser::parseChunkSi + { + Must(theChunkSize <= 0); // Should(), really + ++ static const SBuf bannedHexPrefixLower("0x"); ++ static const SBuf bannedHexPrefixUpper("0X"); ++ if (tok.skip(bannedHexPrefixLower) || tok.skip(bannedHexPrefixUpper)) ++ throw TextException("chunk starts with 0x", Here()); ++ + int64_t size = -1; + if (tok.int64(size, 16, false) && !tok.atEnd()) { + if (size < 0) +@@ -121,7 +126,7 @@ Http::One::TeChunkedParser::parseChunkMe + // bad or insufficient input, like in the code below. TODO: Expand up. + try { + parseChunkExtensions(tok); // a possibly empty chunk-ext list +- skipLineTerminator(tok); ++ tok.skipRequired("CRLF after [chunk-ext]", Http1::CrLf()); + buf_ = tok.remaining(); + parsingStage_ = theChunkSize ? Http1::HTTP_PARSE_CHUNK : Http1::HTTP_PARSE_MIME; + return true; +@@ -132,12 +137,14 @@ Http::One::TeChunkedParser::parseChunkMe + // other exceptions bubble up to kill message parsing + } + +-/// Parses the chunk-ext list (RFC 7230 section 4.1.1 and its Errata #4667): ++/// Parses the chunk-ext list (RFC 9112 section 7.1.1: + /// chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) + void +-Http::One::TeChunkedParser::parseChunkExtensions(Tokenizer &tok) ++Http::One::TeChunkedParser::parseChunkExtensions(Tokenizer &callerTok) + { + do { ++ auto tok = callerTok; ++ + ParseBws(tok); // Bug 4492: IBM_HTTP_Server sends SP after chunk-size + + if (!tok.skip(';')) +@@ -145,6 +152,7 @@ Http::One::TeChunkedParser::parseChunkEx + + parseOneChunkExtension(tok); + buf_ = tok.remaining(); // got one extension ++ callerTok = tok; + } while (true); + } + +@@ -158,11 +166,14 @@ Http::One::ChunkExtensionValueParser::Ig + /// Parses a single chunk-ext list element: + /// chunk-ext = *( BWS ";" BWS chunk-ext-name [ BWS "=" BWS chunk-ext-val ] ) + void +-Http::One::TeChunkedParser::parseOneChunkExtension(Tokenizer &tok) ++Http::One::TeChunkedParser::parseOneChunkExtension(Tokenizer &callerTok) + { ++ auto tok = callerTok; ++ + ParseBws(tok); // Bug 4492: ICAP servers send SP before chunk-ext-name + + const auto extName = tok.prefix("chunk-ext-name", CharacterSet::TCHAR); ++ callerTok = tok; // in case we determine that this is a valueless chunk-ext + + ParseBws(tok); + +@@ -176,6 +187,8 @@ Http::One::TeChunkedParser::parseOneChun + customExtensionValueParser->parse(tok, extName); + else + ChunkExtensionValueParser::Ignore(tok, extName); ++ ++ callerTok = tok; + } + + bool +@@ -209,7 +222,7 @@ Http::One::TeChunkedParser::parseChunkEn + Must(theLeftBodySize == 0); // Should(), really + + try { +- skipLineTerminator(tok); ++ tok.skipRequired("chunk CRLF", Http1::CrLf()); + buf_ = tok.remaining(); // parse checkpoint + theChunkSize = 0; // done with the current chunk + parsingStage_ = Http1::HTTP_PARSE_CHUNK_SZ; +--- a/src/parser/Tokenizer.cc ++++ b/src/parser/Tokenizer.cc +@@ -147,6 +147,18 @@ Parser::Tokenizer::skipAll(const Charact + return success(prefixLen); + } + ++void ++Parser::Tokenizer::skipRequired(const char *description, const SBuf &tokenToSkip) ++{ ++ if (skip(tokenToSkip) || tokenToSkip.isEmpty()) ++ return; ++ ++ if (tokenToSkip.startsWith(buf_)) ++ throw InsufficientInput(); ++ ++ throw TextException(ToSBuf("cannot skip ", description), Here()); ++} ++ + bool + Parser::Tokenizer::skipOne(const CharacterSet &chars) + { +--- a/src/parser/Tokenizer.h ++++ b/src/parser/Tokenizer.h +@@ -115,6 +115,13 @@ public: + */ + SBuf::size_type skipAll(const CharacterSet &discardables); + ++ /** skips a given character sequence (string); ++ * does nothing if the sequence is empty ++ * ++ * \throws exception on mismatching prefix or InsufficientInput ++ */ ++ void skipRequired(const char *description, const SBuf &tokenToSkip); ++ + /** Removes a single trailing character from the set. + * + * \return whether a character was removed diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index fb293453f1c..d0cf596fa07 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb @@ -27,6 +27,9 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 file://0001-Fix-build-on-Fedora-Rawhide-772.patch \ file://CVE-2023-46847.patch \ file://CVE-2023-49285.patch \ + file://CVE-2023-46728.patch \ + file://CVE-2023-46846-pre1.patch \ + file://CVE-2023-46846.patch \ " SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" From 667850f0860379fe643beccfb9bb2a7adb036de8 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Wed, 31 Jan 2024 21:53:42 +0530 Subject: [PATCH 557/600] postfix: Backport fix for CVE-2023-51764 Import patches from ubuntu launchpad fix CVE-2023-51764 Upstream-Status: Backport from [https://launchpad.net/ubuntu/+source/postfix/3.6.4-1ubuntu1.3] Signed-off-by: Ashish Sharma Signed-off-by: Armin Kuster --- .../postfix/files/CVE-2023-51764-1.patch | 377 +++++++ .../postfix/files/CVE-2023-51764-2.patch | 978 ++++++++++++++++++ .../recipes-daemons/postfix/postfix_3.6.7.bb | 2 + 3 files changed, 1357 insertions(+) create mode 100644 meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-1.patch create mode 100644 meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-2.patch diff --git a/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-1.patch b/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-1.patch new file mode 100644 index 00000000000..65436b704e0 --- /dev/null +++ b/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-1.patch @@ -0,0 +1,377 @@ +From a6596ec37a4892e1d9c2498ecbfc4b8e6be5156a Mon Sep 17 00:00:00 2001 +From: Wietse Venema +Date: Fri, 22 Dec 2023 00:00:00 -0500 +Subject: [PATCH] postfix-3.6.13 +--- +Upstream-Status: Backport from [https://launchpad.net/ubuntu/+source/postfix/3.6.4-1ubuntu1.3] +CVE: CVE-2023-51764 +Signed-off-by: Ashish Sharma + + man/man5/postconf.5 | 55 +++++++++++++++++++++++++++++++++++++++++++++++ + man/man8/smtpd.8 | 9 +++++++ + mantools/postlink | 2 + + proto/postconf.proto | 52 ++++++++++++++++++++++++++++++++++++++++++++ + src/global/mail_params.h | 11 ++++++++- + src/global/smtp_stream.c | 14 +++++++++++ + src/global/smtp_stream.h | 2 + + src/smtpd/smtpd.c | 42 +++++++++++++++++++++++++++++++++++ + 8 files changed, 185 insertions(+), 2 deletions(-) + +--- a/man/man5/postconf.5 ++++ b/man/man5/postconf.5 +@@ -10412,6 +10412,61 @@ + parameter $name expansion. + .PP + This feature is available in Postfix 2.0 and later. ++.SH smtpd_forbid_bare_newline (default: Postfix < 3.9: no) ++Reply with "Error: bare received" and disconnect ++when a remote SMTP client sends a line ending in , violating ++the RFC 5321 requirement that lines must end in . ++This feature is disbled by default with Postfix < 3.9. Use ++smtpd_forbid_bare_newline_exclusions to exclude non\-standard clients ++such as netcat. Specify "smtpd_forbid_bare_newline = no" to disable ++(not recommended for an Internet\-connected MTA). ++.PP ++See ++https://www.postfix.org/smtp\-smuggling.html for details. ++.PP ++Example: ++.sp ++.in +4 ++.nf ++.na ++.ft C ++# Disconnect remote SMTP clients that send bare newlines, but allow ++# local clients with non\-standard SMTP implementations such as netcat, ++# fax machines, or load balancer health checks. ++# ++smtpd_forbid_bare_newline = yes ++smtpd_forbid_bare_newline_exclusions = $mynetworks ++.fi ++.ad ++.ft R ++.in -4 ++.PP ++This feature is available in Postfix >= 3.9, 3.8.4, 3.7.9, ++3.6.13, and 3.5.23. ++.SH smtpd_forbid_bare_newline_exclusions (default: $mynetworks) ++Exclude the specified clients from smtpd_forbid_bare_newline ++enforcement. It uses the same syntax and parent\-domain matching ++behavior as mynetworks. ++.PP ++Example: ++.sp ++.in +4 ++.nf ++.na ++.ft C ++# Disconnect remote SMTP clients that send bare newlines, but allow ++# local clients with non\-standard SMTP implementations such as netcat, ++# fax machines, or load balancer health checks. ++# ++smtpd_forbid_bare_newline = yes ++smtpd_forbid_bare_newline_exclusions = $mynetworks ++.fi ++.ad ++.ft R ++.in -4 ++.PP ++This feature is available in Postfix >= 3.9, 3.8.4, 3.7.9, ++3.6.13, and 3.5.23. + .SH smtpd_forbidden_commands (default: CONNECT, GET, POST) + List of commands that cause the Postfix SMTP server to immediately + terminate the session with a 221 code. This can be used to disconnect +--- a/man/man8/smtpd.8 ++++ b/man/man8/smtpd.8 +@@ -808,6 +808,15 @@ + The maximal number of AUTH commands that any client is allowed to + send to this service per time unit, regardless of whether or not + Postfix actually accepts those commands. ++.PP ++Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later: ++.IP "\fBsmtpd_forbid_bare_newline (Postfix < 3.9: no)\fR" ++Reply with "Error: bare received" and disconnect ++when a remote SMTP client sends a line ending in , violating ++the RFC 5321 requirement that lines must end in . ++.IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR" ++Exclude the specified clients from smtpd_forbid_bare_newline ++enforcement. + .SH "TARPIT CONTROLS" + .na + .nf +--- a/mantools/postlink ++++ b/mantools/postlink +@@ -547,6 +547,8 @@ + s;\bsmtpd_error_sleep_time\b;$&;g; + s;\bsmtpd_etrn_restrictions\b;$&;g; + s;\bsmtpd_expansion_filter\b;$&;g; ++ s;\bsmtpd_for[-]*\n*[ ]*bid_bare_newline\b;$&;g; ++ s;\bsmtpd_for[-]*\n*[ ]*bid_bare_newline_exclusions\b;$&;g; + s;\bsmtpd_for[-]*\n*[ ]*bidden_commands\b;$&;g; + s;\bsmtpd_hard_error_limit\b;$&;g; + s;\bsmtpd_helo_required\b;$&;g; +--- a/proto/postconf.proto ++++ b/proto/postconf.proto +@@ -18058,3 +18058,55 @@ + name or port number.

+ +

This feature is available in Postfix 3.6 and later.

++ ++%PARAM smtpd_forbid_bare_newline Postfix < 3.9: no ++ ++

Reply with "Error: bare <LF> received" and disconnect ++when a remote SMTP client sends a line ending in <LF>, violating ++the RFC 5321 requirement that lines must end in <CR><LF>. ++This feature is disbled by default with Postfix < 3.9. Use ++smtpd_forbid_bare_newline_exclusions to exclude non-standard clients ++such as netcat. Specify "smtpd_forbid_bare_newline = no" to disable ++(not recommended for an Internet-connected MTA).

++ ++

See ++https://www.postfix.org/smtp-smuggling.html for details. ++ ++

Example:

++ ++
++
++# Disconnect remote SMTP clients that send bare newlines, but allow
++# local clients with non-standard SMTP implementations such as netcat,
++# fax machines, or load balancer health checks.
++#
++smtpd_forbid_bare_newline = yes
++smtpd_forbid_bare_newline_exclusions = $mynetworks
++
++
++ ++

This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9, ++3.6.13, and 3.5.23.

++ ++%PARAM smtpd_forbid_bare_newline_exclusions $mynetworks ++ ++

Exclude the specified clients from smtpd_forbid_bare_newline ++enforcement. It uses the same syntax and parent-domain matching ++behavior as mynetworks.

++ ++

Example:

++ ++
++
++# Disconnect remote SMTP clients that send bare newlines, but allow
++# local clients with non-standard SMTP implementations such as netcat,
++# fax machines, or load balancer health checks.
++#
++smtpd_forbid_bare_newline = yes
++smtpd_forbid_bare_newline_exclusions = $mynetworks
++
++
++ ++

This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9, ++3.6.13, and 3.5.23.

++ +--- a/src/global/mail_params.h ++++ b/src/global/mail_params.h +@@ -4170,7 +4170,16 @@ + extern char *var_smtpd_dns_re_filter; + + /* +- * Share TLS sessions through tlproxy(8). ++ * Backwards compatibility. ++ */ ++#define VAR_SMTPD_FORBID_BARE_LF "smtpd_forbid_bare_newline" ++#define DEF_SMTPD_FORBID_BARE_LF 0 ++ ++#define VAR_SMTPD_FORBID_BARE_LF_EXCL "smtpd_forbid_bare_newline_exclusions" ++#define DEF_SMTPD_FORBID_BARE_LF_EXCL "$" VAR_MYNETWORKS ++ ++ /* ++ * Share TLS sessions through tlsproxy(8). + */ + #define VAR_SMTP_TLS_CONN_REUSE "smtp_tls_connection_reuse" + #define DEF_SMTP_TLS_CONN_REUSE 0 +--- a/src/global/smtp_stream.c ++++ b/src/global/smtp_stream.c +@@ -50,6 +50,8 @@ + /* VSTREAM *stream; + /* char *format; + /* va_list ap; ++/* ++/* int smtp_forbid_bare_lf; + /* AUXILIARY API + /* int smtp_get_noexcept(vp, stream, maxlen, flags) + /* VSTRING *vp; +@@ -124,11 +126,16 @@ + /* smtp_vprintf() is the machine underneath smtp_printf(). + /* + /* smtp_get_noexcept() implements the subset of smtp_get() +-/* without timeouts and without making long jumps. Instead, ++/* without long jumps for timeout or EOF errors. Instead, + /* query the stream status with vstream_feof() etc. ++/* This function will make a VSTREAM long jump (error code ++/* SMTP_ERR_LF) when rejecting input with a bare newline byte. + /* + /* smtp_timeout_setup() is a backwards-compatibility interface + /* for programs that don't require per-record deadline support. ++/* ++/* smtp_forbid_bare_lf controls whether smtp_get_noexcept() ++/* will reject input with a bare newline byte. + /* DIAGNOSTICS + /* .fi + /* .ad +@@ -201,6 +208,8 @@ + + #include "smtp_stream.h" + ++int smtp_forbid_bare_lf; ++ + /* smtp_timeout_reset - reset per-stream error flags, restart deadline timer */ + + static void smtp_timeout_reset(VSTREAM *stream) +@@ -404,6 +413,9 @@ + */ + case '\n': + vstring_truncate(vp, VSTRING_LEN(vp) - 1); ++ if (smtp_forbid_bare_lf ++ && (VSTRING_LEN(vp) == 0 || vstring_end(vp)[-1] != '\r')) ++ vstream_longjmp(stream, SMTP_ERR_LF); + while (VSTRING_LEN(vp) > 0 && vstring_end(vp)[-1] == '\r') + vstring_truncate(vp, VSTRING_LEN(vp) - 1); + VSTRING_TERMINATE(vp); +--- a/src/global/smtp_stream.h ++++ b/src/global/smtp_stream.h +@@ -32,6 +32,7 @@ + #define SMTP_ERR_QUIET 3 /* silent cleanup (application) */ + #define SMTP_ERR_NONE 4 /* non-error case */ + #define SMTP_ERR_DATA 5 /* application data error */ ++#define SMTP_ERR_LF 6 /* bare protocol error */ + + extern void smtp_stream_setup(VSTREAM *, int, int); + extern void PRINTFLIKE(2, 3) smtp_printf(VSTREAM *, const char *,...); +@@ -43,6 +44,7 @@ + extern void smtp_fwrite(const char *, ssize_t len, VSTREAM *); + extern void smtp_fread_buf(VSTRING *, ssize_t len, VSTREAM *); + extern void smtp_fputc(int, VSTREAM *); ++extern int smtp_forbid_bare_lf; + + extern void smtp_vprintf(VSTREAM *, const char *, va_list); + +--- a/src/smtpd/smtpd.c ++++ b/src/smtpd/smtpd.c +@@ -762,6 +762,15 @@ + /* The maximal number of AUTH commands that any client is allowed to + /* send to this service per time unit, regardless of whether or not + /* Postfix actually accepts those commands. ++/* .PP ++/* Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later: ++/* .IP "\fBsmtpd_forbid_bare_newline (Postfix < 3.9: no)\fR" ++/* Reply with "Error: bare received" and disconnect ++/* when a remote SMTP client sends a line ending in , violating ++/* the RFC 5321 requirement that lines must end in . ++/* .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR" ++/* Exclude the specified clients from smtpd_forbid_bare_newline ++/* enforcement. + /* TARPIT CONTROLS + /* .ad + /* .fi +@@ -1467,6 +1476,10 @@ + int var_smtpd_uproxy_tmout; + bool var_relay_before_rcpt_checks; + ++bool var_smtpd_forbid_bare_lf; ++char *var_smtpd_forbid_bare_lf_excl; ++static NAMADR_LIST *bare_lf_excl; ++ + /* + * Silly little macros. + */ +@@ -1541,6 +1554,7 @@ + #define REASON_TIMEOUT "timeout" + #define REASON_LOST_CONNECTION "lost connection" + #define REASON_ERROR_LIMIT "too many errors" ++#define REASON_BARE_LF "bare received" + + #ifdef USE_TLS + +@@ -3967,6 +3981,7 @@ + */ + done = 0; + do { ++ int payload_err; + + /* + * Do not skip the smtp_fread_buf() call if read_len == 0. We still +@@ -3980,6 +3995,10 @@ + smtp_fread_buf(state->buffer, read_len, state->client); + state->bdat_get_stream = vstream_memreopen( + state->bdat_get_stream, state->buffer, O_RDONLY); ++ vstream_control(state->bdat_get_stream, CA_VSTREAM_CTL_EXCEPT, ++ CA_VSTREAM_CTL_END); ++ if ((payload_err = vstream_setjmp(state->bdat_get_stream)) != 0) ++ vstream_longjmp(state->client, payload_err); + + /* + * Read lines from the fragment. The last line may continue in the +@@ -4655,6 +4674,9 @@ + */ + xclient_allowed = + namadr_list_match(xclient_hosts, state->name, state->addr); ++ smtp_forbid_bare_lf = SMTPD_STAND_ALONE((state)) == 0 ++ && var_smtpd_forbid_bare_lf ++ && !namadr_list_match(bare_lf_excl, state->name, state->addr); + /* NOT: tls_reset() */ + if (got_helo == 0) + helo_reset(state); +@@ -5446,6 +5468,13 @@ + var_myhostname); + break; + ++ case SMTP_ERR_LF: ++ state->reason = REASON_BARE_LF; ++ if (vstream_setjmp(state->client) == 0) ++ smtpd_chat_reply(state, "521 5.5.2 %s Error: bare received", ++ var_myhostname); ++ break; ++ + case 0: + + /* +@@ -5995,6 +6024,13 @@ + namadr_list_match(xforward_hosts, state.name, state.addr); + + /* ++ * Enforce strict SMTP line endings, with compatibility exclusions. ++ */ ++ smtp_forbid_bare_lf = SMTPD_STAND_ALONE((&state)) == 0 ++ && var_smtpd_forbid_bare_lf ++ && !namadr_list_match(bare_lf_excl, state.name, state.addr); ++ ++ /* + * See if we need to turn on verbose logging for this client. + */ + debug_peer_check(state.name, state.addr); +@@ -6055,6 +6091,10 @@ + hogger_list = namadr_list_init(VAR_SMTPD_HOGGERS, MATCH_FLAG_RETURN + | match_parent_style(VAR_SMTPD_HOGGERS), + var_smtpd_hoggers); ++ bare_lf_excl = namadr_list_init(VAR_SMTPD_FORBID_BARE_LF_EXCL, ++ MATCH_FLAG_RETURN ++ | match_parent_style(VAR_MYNETWORKS), ++ var_smtpd_forbid_bare_lf_excl); + + /* + * Open maps before dropping privileges so we can read passwords etc. +@@ -6412,6 +6452,7 @@ + VAR_SMTPD_PEERNAME_LOOKUP, DEF_SMTPD_PEERNAME_LOOKUP, &var_smtpd_peername_lookup, + VAR_SMTPD_DELAY_OPEN, DEF_SMTPD_DELAY_OPEN, &var_smtpd_delay_open, + VAR_SMTPD_CLIENT_PORT_LOG, DEF_SMTPD_CLIENT_PORT_LOG, &var_smtpd_client_port_log, ++ VAR_SMTPD_FORBID_BARE_LF, DEF_SMTPD_FORBID_BARE_LF, &var_smtpd_forbid_bare_lf, + 0, + }; + static const CONFIG_NBOOL_TABLE nbool_table[] = { +@@ -6527,6 +6568,7 @@ + VAR_SMTPD_POLICY_CONTEXT, DEF_SMTPD_POLICY_CONTEXT, &var_smtpd_policy_context, 0, 0, + VAR_SMTPD_DNS_RE_FILTER, DEF_SMTPD_DNS_RE_FILTER, &var_smtpd_dns_re_filter, 0, 0, + VAR_SMTPD_REJ_FTR_MAPS, DEF_SMTPD_REJ_FTR_MAPS, &var_smtpd_rej_ftr_maps, 0, 0, ++ VAR_SMTPD_FORBID_BARE_LF_EXCL, DEF_SMTPD_FORBID_BARE_LF_EXCL, &var_smtpd_forbid_bare_lf_excl, 0, 0, + 0, + }; + static const CONFIG_RAW_TABLE raw_table[] = { diff --git a/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-2.patch b/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-2.patch new file mode 100644 index 00000000000..e97a0885574 --- /dev/null +++ b/meta-networking/recipes-daemons/postfix/files/CVE-2023-51764-2.patch @@ -0,0 +1,978 @@ +From cb3b1cbda3dec086a7f4541fe64751d9bb2988bd Mon Sep 17 00:00:00 2001 +From: Wietse Venema +Date: Sun, 21 Jan 2024 00:00:00 -0500 +Subject: [PATCH] postfix-3.6.14 + +--- + +Upstream-Status: Backport from [https://launchpad.net/ubuntu/+source/postfix/3.6.4-1ubuntu1.3] +CVE: CVE-2023-51764 +Signed-off-by: Ashish Sharma + + man/man5/postconf.5 | 173 +++++++++++++++++++++++++++++++++++------- + man/man8/cleanup.8 | 8 + + man/man8/smtpd.8 | 11 +- + mantools/postlink | 6 - + proto/postconf.proto | 142 +++++++++++++++++++++++++++------- + src/cleanup/cleanup.c | 8 + + src/cleanup/cleanup_init.c | 2 + src/cleanup/cleanup_message.c | 17 ++++ + src/global/cleanup_strerror.c | 1 + src/global/cleanup_user.h | 6 + + src/global/mail_params.h | 9 +- + src/global/smtp_stream.c | 34 +++++--- + src/global/smtp_stream.h | 4 + src/smtpd/smtpd.c | 114 ++++++++++++++++++++------- + src/smtpd/smtpd_check.c | 14 ++- + src/smtpd/smtpd_check.h | 1 + 16 files changed, 443 insertions(+), 107 deletions(-) + +--- a/man/man5/postconf.5 ++++ b/man/man5/postconf.5 +@@ -845,6 +845,32 @@ + .fi + .ad + .ft R ++.SH cleanup_replace_stray_cr_lf (default: yes) ++Replace each stray or character in message ++content with a space character, to prevent outbound SMTP smuggling, ++and to make the evaluation of Postfix\-added DKIM or other signatures ++independent from how a remote mail server handles such characters. ++.PP ++SMTP does not allow such characters unless they are part of a ++ sequence, and different mail systems handle ++such stray characters in an implementation\-dependent manner. Stray ++ or characters could be used for outbound ++SMTP smuggling, where an attacker uses a Postfix server to send ++message content with a non\-standard End\-of\-DATA sequence that ++triggers inbound SMTP smuggling at a remote SMTP server. ++.PP ++The replacement happens before all other content management, ++and before Postfix may add a DKIM etc. signature; if the signature ++were created first, the replacement could invalidate the signature. ++.PP ++In addition to preventing SMTP smuggling, replacing stray ++ or characters ensures that the result of ++signature validation by later mail system will not depend on how ++that mail system handles those stray characters in an ++implementation\-dependent manner. ++.PP ++This feature is available in Postfix >= 3.9, 3.8.5, 3.7.10, ++3.6.14, and 3.5.24. + .SH cleanup_service_name (default: cleanup) + The name of the \fBcleanup\fR(8) service. This service rewrites addresses + into the standard form, and performs \fBcanonical\fR(5) address mapping +@@ -10413,60 +10439,153 @@ + .PP + This feature is available in Postfix 2.0 and later. + .SH smtpd_forbid_bare_newline (default: Postfix < 3.9: no) +-Reply with "Error: bare received" and disconnect +-when a remote SMTP client sends a line ending in , violating +-the RFC 5321 requirement that lines must end in . +-This feature is disbled by default with Postfix < 3.9. Use +-smtpd_forbid_bare_newline_exclusions to exclude non\-standard clients +-such as netcat. Specify "smtpd_forbid_bare_newline = no" to disable +-(not recommended for an Internet\-connected MTA). +-.PP +-See +-https://www.postfix.org/smtp\-smuggling.html for details. ++Reject or restrict input lines from an SMTP client that end in ++ instead of the standard . Such line ++endings are commonly allowed with UNIX\-based SMTP servers, but they ++violate RFC 5321, and allowing such line endings can make a server ++vulnerable to ++SMTP smuggling. ++.PP ++Specify one of the following values (case does not matter): ++.IP "\fBnormalize\fR" ++Require the standard ++End\-of\-DATA sequence .. ++Otherwise, allow command or message content lines ending in the ++non\-standard , and process them as if the client sent the ++standard . ++.br ++.br ++This maintains compatibility ++with many legitimate SMTP client applications that send a mix of ++standard and non\-standard line endings, but will fail to receive ++email from client implementations that do not terminate DATA content ++with the standard End\-of\-DATA sequence ++.. ++.br ++.br ++Such clients ++can be excluded with smtpd_forbid_bare_newline_exclusions. ++.br ++.IP "\fByes\fR" ++Compatibility alias for \fBnormalize\fR. ++.br ++.IP "\fBreject\fR" ++Require the standard End\-of\-DATA ++sequence .. Reject a command ++or message content when a line contains bare , log a "bare ++ received" error, and reply with the SMTP status code in ++$smtpd_forbid_bare_newline_reject_code. ++.br ++.br ++This will reject ++email from SMTP clients that send any non\-standard line endings ++such as web applications, netcat, or load balancer health checks. ++.br ++.br ++This will also reject email from services that use BDAT ++to send MIME text containing a bare newline (RFC 3030 Section 3 ++requires canonical MIME format for text message types, defined in ++RFC 2045 Sections 2.7 and 2.8). ++.br ++.br ++Such clients can be ++excluded with smtpd_forbid_bare_newline_exclusions (or, in the case ++of BDAT violations, BDAT can be selectively disabled with ++smtpd_discard_ehlo_keyword_address_maps, or globally disabled with ++smtpd_discard_ehlo_keywords). ++.br ++.IP "\fBno\fR (default)" ++Do not require the standard ++End\-of\-DATA ++sequence .. Always process ++a bare as if the client sent . This ++option is fully backwards compatible, but is not recommended for ++an Internet\-facing SMTP server, because it is vulnerable to SMTP smuggling. ++.br ++.br + .PP +-Example: ++Recommended settings: + .sp + .in +4 + .nf + .na + .ft C +-# Disconnect remote SMTP clients that send bare newlines, but allow +-# local clients with non\-standard SMTP implementations such as netcat, +-# fax machines, or load balancer health checks. ++# Require the standard End\-of\-DATA sequence .. ++# Otherwise, allow bare and process it as if the client sent ++# . + # +-smtpd_forbid_bare_newline = yes ++# This maintains compatibility with many legitimate SMTP client ++# applications that send a mix of standard and non\-standard line ++# endings, but will fail to receive email from client implementations ++# that do not terminate DATA content with the standard End\-of\-DATA ++# sequence .. ++# ++# Such clients can be allowlisted with smtpd_forbid_bare_newline_exclusions. ++# The example below allowlists SMTP clients in trusted networks. ++# ++smtpd_forbid_bare_newline = normalize + smtpd_forbid_bare_newline_exclusions = $mynetworks + .fi + .ad + .ft R + .in -4 + .PP +-This feature is available in Postfix >= 3.9, 3.8.4, 3.7.9, +-3.6.13, and 3.5.23. +-.SH smtpd_forbid_bare_newline_exclusions (default: $mynetworks) +-Exclude the specified clients from smtpd_forbid_bare_newline +-enforcement. It uses the same syntax and parent\-domain matching +-behavior as mynetworks. +-.PP +-Example: ++Alternative: + .sp + .in +4 + .nf + .na + .ft C +-# Disconnect remote SMTP clients that send bare newlines, but allow +-# local clients with non\-standard SMTP implementations such as netcat, +-# fax machines, or load balancer health checks. ++# Reject input lines that contain and log a "bare received" ++# error. Require that input lines end in , and require the ++# standard End\-of\-DATA sequence .. ++# ++# This will reject email from SMTP clients that send any non\-standard ++# line endings such as web applications, netcat, or load balancer ++# health checks. + # +-smtpd_forbid_bare_newline = yes ++# This will also reject email from services that use BDAT to send ++# MIME text containing a bare newline (RFC 3030 Section 3 requires ++# canonical MIME format for text message types, defined in RFC 2045 ++# Sections 2.7 and 2.8). ++# ++# Such clients can be allowlisted with smtpd_forbid_bare_newline_exclusions. ++# The example below allowlists SMTP clients in trusted networks. ++# ++smtpd_forbid_bare_newline = reject + smtpd_forbid_bare_newline_exclusions = $mynetworks ++# ++# Alternatively, in the case of BDAT violations, BDAT can be selectively ++# disabled with smtpd_discard_ehlo_keyword_address_maps, or globally ++# disabled with smtpd_discard_ehlo_keywords. ++# ++# smtpd_discard_ehlo_keyword_address_maps = cidr:/path/to/file ++# /path/to/file: ++# 10.0.0.0/24 chunking, silent\-discard ++# smtpd_discard_ehlo_keywords = chunking, silent\-discard + .fi + .ad + .ft R + .in -4 + .PP ++This feature with settings \fByes\fR and \fBno\fR is available ++in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the ++settings \fBreject\fR, and \fBnormalize\fR are available with ++Postfix >= 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24. ++.SH smtpd_forbid_bare_newline_exclusions (default: $mynetworks) ++Exclude the specified clients from smtpd_forbid_bare_newline ++enforcement. This setting uses the same syntax and parent\-domain ++matching behavior as mynetworks. ++.PP + This feature is available in Postfix >= 3.9, 3.8.4, 3.7.9, + 3.6.13, and 3.5.23. ++.SH smtpd_forbid_bare_newline_reject_code (default: 550) ++The numerical Postfix SMTP server response code when rejecting a ++request with "smtpd_forbid_bare_newline = reject". ++Specify a 5XX status code (521 to disconnect). ++.PP ++This feature is available in Postfix >= 3.9, 3.8.5, 3.7.10, ++3.6.14, and 3.5.24. + .SH smtpd_forbidden_commands (default: CONNECT, GET, POST) + List of commands that cause the Postfix SMTP server to immediately + terminate the session with a 221 code. This can be used to disconnect +--- a/man/man8/cleanup.8 ++++ b/man/man8/cleanup.8 +@@ -163,6 +163,14 @@ + .IP "\fBmessage_strip_characters (empty)\fR" + The set of characters that Postfix will remove from message + content. ++.PP ++Available in Postfix version 3.9, 3.8.5, 3.7.10, 3.6.14, ++3.5.24, and later: ++.IP "\fBcleanup_replace_stray_cr_lf (yes)\fR" ++Replace each stray or character in message ++content with a space character, to prevent outbound SMTP smuggling, ++and to make the evaluation of Postfix\-added DKIM or other signatures ++independent from how a remote mail server handles such characters. + .SH "BEFORE QUEUE MILTER CONTROLS" + .na + .nf +--- a/man/man8/smtpd.8 ++++ b/man/man8/smtpd.8 +@@ -811,12 +811,17 @@ + .PP + Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later: + .IP "\fBsmtpd_forbid_bare_newline (Postfix < 3.9: no)\fR" +-Reply with "Error: bare received" and disconnect +-when a remote SMTP client sends a line ending in , violating +-the RFC 5321 requirement that lines must end in . ++Reject or restrict input lines from an SMTP client that end in ++ instead of the standard . + .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR" + Exclude the specified clients from smtpd_forbid_bare_newline + enforcement. ++.PP ++Available in Postfix 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24 and ++later: ++.IP "\fBsmtpd_forbid_bare_newline_reject_code (550)\fR" ++The numerical Postfix SMTP server response code when rejecting a ++request with "smtpd_forbid_bare_newline = reject". + .SH "TARPIT CONTROLS" + .na + .nf +--- a/mantools/postlink ++++ b/mantools/postlink +@@ -547,8 +547,10 @@ + s;\bsmtpd_error_sleep_time\b;$&;g; + s;\bsmtpd_etrn_restrictions\b;$&;g; + s;\bsmtpd_expansion_filter\b;$&;g; +- s;\bsmtpd_for[-]*\n*[ ]*bid_bare_newline\b;$&;g; +- s;\bsmtpd_for[-]*\n*[ ]*bid_bare_newline_exclusions\b;$&;g; ++ s;\bsmtpd_for[-]*\n*[ ]*bid_bare_new[-]*\n*[ ]*line\b;$&;g; ++ s;\bsmtpd_for[-]*\n*[ ]*bid_bare_new[-]*\n*[ ]*line_reject_code\b;$&;g; ++ s;\bsmtpd_for[-]*\n*[ ]*bid_bare_new[-]*\n*[ ]*line_exclusions\b;$&;g; ++ s;\bcleanup_replace_stray_cr_lf\b;$&;g; + s;\bsmtpd_for[-]*\n*[ ]*bidden_commands\b;$&;g; + s;\bsmtpd_hard_error_limit\b;$&;g; + s;\bsmtpd_helo_required\b;$&;g; +--- a/proto/postconf.proto ++++ b/proto/postconf.proto +@@ -18061,52 +18061,138 @@ + + %PARAM smtpd_forbid_bare_newline Postfix < 3.9: no + +-

Reply with "Error: bare <LF> received" and disconnect +-when a remote SMTP client sends a line ending in <LF>, violating +-the RFC 5321 requirement that lines must end in <CR><LF>. +-This feature is disbled by default with Postfix < 3.9. Use +-smtpd_forbid_bare_newline_exclusions to exclude non-standard clients +-such as netcat. Specify "smtpd_forbid_bare_newline = no" to disable +-(not recommended for an Internet-connected MTA).

++

Reject or restrict input lines from an SMTP client that end in ++<LF> instead of the standard <CR><LF>. Such line ++endings are commonly allowed with UNIX-based SMTP servers, but they ++violate RFC 5321, and allowing such line endings can make a server ++vulnerable to ++SMTP smuggling.

++ ++

Specify one of the following values (case does not matter):

++ ++
++ ++
normalize
Require the standard ++End-of-DATA sequence <CR><LF>.<CR><LF>. ++Otherwise, allow command or message content lines ending in the ++non-standard <LF>, and process them as if the client sent the ++standard <CR><LF>.

This maintains compatibility ++with many legitimate SMTP client applications that send a mix of ++standard and non-standard line endings, but will fail to receive ++email from client implementations that do not terminate DATA content ++with the standard End-of-DATA sequence ++<CR><LF>.<CR><LF>.

Such clients ++can be excluded with smtpd_forbid_bare_newline_exclusions.
++ ++
yes
Compatibility alias for normalize.
++ ++
reject
Require the standard End-of-DATA ++sequence <CR><LF>.<CR><LF>. Reject a command ++or message content when a line contains bare <LF>, log a "bare ++<LF> received" error, and reply with the SMTP status code in ++$smtpd_forbid_bare_newline_reject_code.

This will reject ++email from SMTP clients that send any non-standard line endings ++such as web applications, netcat, or load balancer health checks. ++

This will also reject email from services that use BDAT ++to send MIME text containing a bare newline (RFC 3030 Section 3 ++requires canonical MIME format for text message types, defined in ++RFC 2045 Sections 2.7 and 2.8).

Such clients can be ++excluded with smtpd_forbid_bare_newline_exclusions (or, in the case ++of BDAT violations, BDAT can be selectively disabled with ++smtpd_discard_ehlo_keyword_address_maps, or globally disabled with ++smtpd_discard_ehlo_keywords).
++ ++
no (default)
Do not require the standard ++End-of-DATA ++sequence <CR><LF>.<CR><LF>. Always process ++a bare <LF> as if the client sent <CR><LF>. This ++option is fully backwards compatible, but is not recommended for ++an Internet-facing SMTP server, because it is vulnerable to SMTP smuggling. ++
+ +-

See +-https://www.postfix.org/smtp-smuggling.html for details. ++

+ +-

Example:

++

Recommended settings:

+ +
+ 
+-# Disconnect remote SMTP clients that send bare newlines, but allow
+-# local clients with non-standard SMTP implementations such as netcat,
+-# fax machines, or load balancer health checks.
++# Require the standard End-of-DATA sequence <CR><LF>.<CR><LF>.
++# Otherwise, allow bare <LF> and process it as if the client sent
++# <CR><LF>.
+ #
+-smtpd_forbid_bare_newline = yes
++# This maintains compatibility with many legitimate SMTP client
++# applications that send a mix of standard and non-standard line
++# endings, but will fail to receive email from client implementations
++# that do not terminate DATA content with the standard End-of-DATA
++# sequence <CR><LF>.<CR><LF>.
++#
++# Such clients can be allowlisted with smtpd_forbid_bare_newline_exclusions.
++# The example below allowlists SMTP clients in trusted networks.
++#
++smtpd_forbid_bare_newline = normalize
+ smtpd_forbid_bare_newline_exclusions = $mynetworks
+
+
+ +-

This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9, +-3.6.13, and 3.5.23.

+- +-%PARAM smtpd_forbid_bare_newline_exclusions $mynetworks +- +-

Exclude the specified clients from smtpd_forbid_bare_newline +-enforcement. It uses the same syntax and parent-domain matching +-behavior as mynetworks.

+- +-

Example:

++

Alternative:

+ +
+ 
+-# Disconnect remote SMTP clients that send bare newlines, but allow
+-# local clients with non-standard SMTP implementations such as netcat,
+-# fax machines, or load balancer health checks.
++# Reject input lines that contain <LF> and log a "bare <LF> received"
++# error. Require that input lines end in <CR><LF>, and require the
++# standard End-of-DATA sequence <CR><LF>.<CR><LF>.
++#
++# This will reject email from SMTP clients that send any non-standard
++# line endings such as web applications, netcat, or load balancer
++# health checks.
++#
++# This will also reject email from services that use BDAT to send
++# MIME text containing a bare newline (RFC 3030 Section 3 requires
++# canonical MIME format for text message types, defined in RFC 2045
++# Sections 2.7 and 2.8).
++#
++# Such clients can be allowlisted with smtpd_forbid_bare_newline_exclusions.
++# The example below allowlists SMTP clients in trusted networks.
+ #
+-smtpd_forbid_bare_newline = yes
++smtpd_forbid_bare_newline = reject
+ smtpd_forbid_bare_newline_exclusions = $mynetworks
++#
++# Alternatively, in the case of BDAT violations, BDAT can be selectively
++# disabled with smtpd_discard_ehlo_keyword_address_maps, or globally
++# disabled with smtpd_discard_ehlo_keywords.
++#
++# smtpd_discard_ehlo_keyword_address_maps = cidr:/path/to/file
++# /path/to/file:
++#     10.0.0.0/24 chunking, silent-discard
++# smtpd_discard_ehlo_keywords = chunking, silent-discard
+
+
+ ++

This feature with settings yes and no is available ++in Postfix 3.8.4, 3.7.9, 3.6.13, and 3.5.23. Additionally, the ++settings reject, and normalize are available with ++Postfix ≥ 3.9, 3.8.5, 3.7.10, 3.6.14, and 3.5.24.

++ ++%PARAM smtpd_forbid_bare_newline_exclusions $mynetworks ++ ++

Exclude the specified clients from smtpd_forbid_bare_newline ++enforcement. This setting uses the same syntax and parent-domain ++matching behavior as mynetworks.

++ +

This feature is available in Postfix ≥ 3.9, 3.8.4, 3.7.9, + 3.6.13, and 3.5.23.

+ ++%PARAM smtpd_forbid_bare_newline_reject_code 550 ++ ++

++The numerical Postfix SMTP server response code when rejecting a ++request with "smtpd_forbid_bare_newline = reject". ++Specify a 5XX status code (521 to disconnect). ++

++ ++

This feature is available in Postfix ≥ 3.9, 3.8.5, 3.7.10, ++3.6.14, and 3.5.24.

++ ++%PARAM cleanup_replace_stray_cr_lf yes ++ +--- a/src/cleanup/cleanup.c ++++ b/src/cleanup/cleanup.c +@@ -145,6 +145,14 @@ + /* .IP "\fBmessage_strip_characters (empty)\fR" + /* The set of characters that Postfix will remove from message + /* content. ++/* .PP ++/* Available in Postfix version 3.9, 3.8.5, 3.7.10, 3.6.14, ++/* 3.5.24, and later: ++/* .IP "\fBcleanup_replace_stray_cr_lf (yes)\fR" ++/* Replace each stray or character in message ++/* content with a space character, to prevent outbound SMTP smuggling, ++/* and to make the evaluation of Postfix-added DKIM or other signatures ++/* independent from how a remote mail server handles such characters. + /* BEFORE QUEUE MILTER CONTROLS + /* .ad + /* .fi +--- a/src/cleanup/cleanup_init.c ++++ b/src/cleanup/cleanup_init.c +@@ -173,6 +173,7 @@ + int var_always_add_hdrs; /* always add missing headers */ + int var_virt_addrlen_limit; /* stop exponential growth */ + char *var_hfrom_format; /* header_from_format */ ++int var_cleanup_mask_stray_cr_lf; /* replace stray CR or LF with space */ + + const CONFIG_INT_TABLE cleanup_int_table[] = { + VAR_HOPCOUNT_LIMIT, DEF_HOPCOUNT_LIMIT, &var_hopcount_limit, 1, 0, +@@ -189,6 +190,7 @@ + VAR_VERP_BOUNCE_OFF, DEF_VERP_BOUNCE_OFF, &var_verp_bounce_off, + VAR_AUTO_8BIT_ENC_HDR, DEF_AUTO_8BIT_ENC_HDR, &var_auto_8bit_enc_hdr, + VAR_ALWAYS_ADD_HDRS, DEF_ALWAYS_ADD_HDRS, &var_always_add_hdrs, ++ VAR_CLEANUP_MASK_STRAY_CR_LF, DEF_CLEANUP_MASK_STRAY_CR_LF, &var_cleanup_mask_stray_cr_lf, + 0, + }; + +--- a/src/cleanup/cleanup_message.c ++++ b/src/cleanup/cleanup_message.c +@@ -930,6 +930,23 @@ + char *dst; + + /* ++ * Replace each stray CR or LF with one space. These are not allowed in ++ * SMTP, and can be used to enable outbound (remote) SMTP smuggling. ++ * Replacing these early ensures that our later DKIM etc. signature will ++ * not be invalidated. Besides preventing SMTP smuggling, replacing stray ++ * or ensures that the result of signature validation by a ++ * later mail system will not depend on how that mail system handles ++ * those stray characters in an implementation-dependent manner. ++ * ++ * The input length is not changed, therefore it is safe to overwrite the ++ * input. ++ */ ++ if (var_cleanup_mask_stray_cr_lf) ++ for (dst = (char *) buf; dst < buf + len; dst++) ++ if (*dst == '\r' || *dst == '\n') ++ *dst = ' '; ++ ++ /* + * Reject unwanted characters. + * + * XXX Possible optimization: simplify the loop when the "reject" set +--- a/src/global/cleanup_strerror.c ++++ b/src/global/cleanup_strerror.c +@@ -73,6 +73,7 @@ + CLEANUP_STAT_CONT, 550, "5.7.1", "message content rejected", + CLEANUP_STAT_WRITE, 451, "4.3.0", "queue file write error", + CLEANUP_STAT_NOPERM, 550, "5.7.1", "service denied", ++ CLEANUP_STAT_BARE_LF, 521, "5.5.2", "bare received", + }; + + static CLEANUP_STAT_DETAIL cleanup_stat_success = { +--- a/src/global/cleanup_user.h ++++ b/src/global/cleanup_user.h +@@ -65,6 +65,12 @@ + #define CLEANUP_STAT_NOPERM (1<<9) /* Denied by non-content policy */ + + /* ++ * Non-cleanup errors that live in the same bitmask space, to centralize ++ * error handling. ++ */ ++#define CLEANUP_STAT_BARE_LF (1<<16) /* Bare received */ ++ ++ /* + * These are set when we can't bounce even if we were asked to. + */ + #define CLEANUP_STAT_MASK_CANT_BOUNCE \ +--- a/src/global/mail_params.h ++++ b/src/global/mail_params.h +@@ -4173,11 +4173,18 @@ + * Backwards compatibility. + */ + #define VAR_SMTPD_FORBID_BARE_LF "smtpd_forbid_bare_newline" +-#define DEF_SMTPD_FORBID_BARE_LF 0 ++#define DEF_SMTPD_FORBID_BARE_LF "no" + + #define VAR_SMTPD_FORBID_BARE_LF_EXCL "smtpd_forbid_bare_newline_exclusions" + #define DEF_SMTPD_FORBID_BARE_LF_EXCL "$" VAR_MYNETWORKS + ++#define VAR_SMTPD_FORBID_BARE_LF_CODE "smtpd_forbid_bare_newline_reject_code" ++#define DEF_SMTPD_FORBID_BARE_LF_CODE 550 ++ ++#define VAR_CLEANUP_MASK_STRAY_CR_LF "cleanup_replace_stray_cr_lf" ++#define DEF_CLEANUP_MASK_STRAY_CR_LF 1 ++extern int var_cleanup_mask_stray_cr_lf; ++ + /* + * Share TLS sessions through tlsproxy(8). + */ +--- a/src/global/smtp_stream.c ++++ b/src/global/smtp_stream.c +@@ -51,7 +51,8 @@ + /* char *format; + /* va_list ap; + /* +-/* int smtp_forbid_bare_lf; ++/* int smtp_detect_bare_lf; ++/* int smtp_got_bare_lf; + /* AUXILIARY API + /* int smtp_get_noexcept(vp, stream, maxlen, flags) + /* VSTRING *vp; +@@ -126,16 +127,16 @@ + /* smtp_vprintf() is the machine underneath smtp_printf(). + /* + /* smtp_get_noexcept() implements the subset of smtp_get() +-/* without long jumps for timeout or EOF errors. Instead, ++/* without timeouts and without making long jumps. Instead, + /* query the stream status with vstream_feof() etc. +-/* This function will make a VSTREAM long jump (error code +-/* SMTP_ERR_LF) when rejecting input with a bare newline byte. ++/* ++/* This function assigns smtp_got_bare_lf = smtp_detect_bare_lf, ++/* if smtp_detect_bare_lf is non-zero and the last read line ++/* was terminated with a bare newline. Otherwise, this function ++/* sets smtp_got_bare_lf to zero. + /* + /* smtp_timeout_setup() is a backwards-compatibility interface + /* for programs that don't require per-record deadline support. +-/* +-/* smtp_forbid_bare_lf controls whether smtp_get_noexcept() +-/* will reject input with a bare newline byte. + /* DIAGNOSTICS + /* .fi + /* .ad +@@ -208,7 +209,8 @@ + + #include "smtp_stream.h" + +-int smtp_forbid_bare_lf; ++int smtp_detect_bare_lf; ++int smtp_got_bare_lf; + + /* smtp_timeout_reset - reset per-stream error flags, restart deadline timer */ + +@@ -371,6 +373,8 @@ + int last_char; + int next_char; + ++ smtp_got_bare_lf = 0; ++ + /* + * It's painful to do I/O with records that may span multiple buffers. + * Allow for partial long lines (we will read the remainder later) and +@@ -413,11 +417,15 @@ + */ + case '\n': + vstring_truncate(vp, VSTRING_LEN(vp) - 1); +- if (smtp_forbid_bare_lf +- && (VSTRING_LEN(vp) == 0 || vstring_end(vp)[-1] != '\r')) +- vstream_longjmp(stream, SMTP_ERR_LF); +- while (VSTRING_LEN(vp) > 0 && vstring_end(vp)[-1] == '\r') +- vstring_truncate(vp, VSTRING_LEN(vp) - 1); ++ if (smtp_detect_bare_lf) { ++ if (VSTRING_LEN(vp) == 0 || vstring_end(vp)[-1] != '\r') ++ smtp_got_bare_lf = smtp_detect_bare_lf; ++ else ++ vstring_truncate(vp, VSTRING_LEN(vp) - 1); ++ } else { ++ while (VSTRING_LEN(vp) > 0 && vstring_end(vp)[-1] == '\r') ++ vstring_truncate(vp, VSTRING_LEN(vp) - 1); ++ } + VSTRING_TERMINATE(vp); + /* FALLTRHOUGH */ + +--- a/src/global/smtp_stream.h ++++ b/src/global/smtp_stream.h +@@ -32,7 +32,6 @@ + #define SMTP_ERR_QUIET 3 /* silent cleanup (application) */ + #define SMTP_ERR_NONE 4 /* non-error case */ + #define SMTP_ERR_DATA 5 /* application data error */ +-#define SMTP_ERR_LF 6 /* bare protocol error */ + + extern void smtp_stream_setup(VSTREAM *, int, int); + extern void PRINTFLIKE(2, 3) smtp_printf(VSTREAM *, const char *,...); +@@ -44,7 +43,8 @@ + extern void smtp_fwrite(const char *, ssize_t len, VSTREAM *); + extern void smtp_fread_buf(VSTRING *, ssize_t len, VSTREAM *); + extern void smtp_fputc(int, VSTREAM *); +-extern int smtp_forbid_bare_lf; ++extern int smtp_detect_bare_lf; ++extern int smtp_got_bare_lf; + + extern void smtp_vprintf(VSTREAM *, const char *, va_list); + +--- a/src/smtpd/smtpd.c ++++ b/src/smtpd/smtpd.c +@@ -765,12 +765,17 @@ + /* .PP + /* Available in Postfix 3.9, 3.8.4, 3.7.9, 3.6.13, 3.5.23 and later: + /* .IP "\fBsmtpd_forbid_bare_newline (Postfix < 3.9: no)\fR" +-/* Reply with "Error: bare received" and disconnect +-/* when a remote SMTP client sends a line ending in , violating +-/* the RFC 5321 requirement that lines must end in . ++/* Reject or restrict input lines from an SMTP client that end in ++/* instead of the standard . + /* .IP "\fBsmtpd_forbid_bare_newline_exclusions ($mynetworks)\fR" + /* Exclude the specified clients from smtpd_forbid_bare_newline + /* enforcement. ++/* .PP ++/* Available in Postfix 3.9, 3.8.5, 3.7.10, 3.6.14, 3.5.24 and ++/* later: ++/* .IP "\fBsmtpd_forbid_bare_newline_reject_code (550)\fR" ++/* The numerical Postfix SMTP server response code when rejecting a ++/* request with "smtpd_forbid_bare_newline = reject". + /* TARPIT CONTROLS + /* .ad + /* .fi +@@ -1476,8 +1481,10 @@ + int var_smtpd_uproxy_tmout; + bool var_relay_before_rcpt_checks; + +-bool var_smtpd_forbid_bare_lf; ++char *var_smtpd_forbid_bare_lf; + char *var_smtpd_forbid_bare_lf_excl; ++int var_smtpd_forbid_bare_lf_code; ++static int bare_lf_mask; + static NAMADR_LIST *bare_lf_excl; + + /* +@@ -1554,7 +1561,6 @@ + #define REASON_TIMEOUT "timeout" + #define REASON_LOST_CONNECTION "lost connection" + #define REASON_ERROR_LIMIT "too many errors" +-#define REASON_BARE_LF "bare received" + + #ifdef USE_TLS + +@@ -1573,6 +1579,40 @@ + */ + static DICT *smtpd_cmd_filter; + ++ /* ++ * Bare LF and End-of-DATA controls (bare CR is handled elsewhere). ++ * ++ * At the smtp_get*() line reader level, setting any of these flags in the ++ * smtp_detect_bare_lf variable enables the detection of bare newlines. The ++ * line reader will set the same flags in the smtp_got_bare_lf variable ++ * after it detects a bare newline, otherwise it clears smtp_got_bare_lf. ++ * ++ * At the SMTP command level, the flags in smtp_got_bare_lf control whether ++ * commands ending in a bare newline are rejected. ++ * ++ * At the DATA and BDAT content level, the flags in smtp_got_bare_lf control ++ * whether the standard End-of-DATA sequence CRLF.CRLF is required, and ++ * whether lines ending in bare newlines are rejected. ++ * ++ * Postfix implements "delayed reject" after detecting a bare newline in BDAT ++ * or DATA content. The SMTP server delays a REJECT response until the ++ * command is finished, instead of replying and hanging up immediately. The ++ * End-of-DATA detection is secured with BARE_LF_FLAG_WANT_STD_EOD. ++ */ ++#define BARE_LF_FLAG_WANT_STD_EOD (1<<0) /* Require CRLF.CRLF */ ++#define BARE_LF_FLAG_REPLY_REJECT (1<<1) /* Reject bare newline */ ++ ++#define IS_BARE_LF_WANT_STD_EOD(m) ((m) & BARE_LF_FLAG_WANT_STD_EOD) ++#define IS_BARE_LF_REPLY_REJECT(m) ((m) & BARE_LF_FLAG_REPLY_REJECT) ++ ++static const NAME_CODE bare_lf_mask_table[] = { ++ "normalize", BARE_LF_FLAG_WANT_STD_EOD, /* Default */ ++ "yes", BARE_LF_FLAG_WANT_STD_EOD, /* Migration aid */ ++ "reject", BARE_LF_FLAG_WANT_STD_EOD | BARE_LF_FLAG_REPLY_REJECT, ++ "no", 0, ++ 0, -1, /* error */ ++}; ++ + #ifdef USE_SASL_AUTH + + /* +@@ -3515,6 +3555,7 @@ + int curr_rec_type; + int prev_rec_type; + int first = 1; ++ int prev_got_bare_lf = 0; + + /* + * Copy the message content. If the cleanup process has a problem, keep +@@ -3528,12 +3569,15 @@ + * XXX Deal with UNIX-style From_ lines at the start of message content + * because sendmail permits it. + */ +- for (prev_rec_type = 0; /* void */ ; prev_rec_type = curr_rec_type) { ++ for (prev_rec_type = 0; /* void */ ; prev_rec_type = curr_rec_type, ++ prev_got_bare_lf = smtp_got_bare_lf) { + if (smtp_get(state->buffer, state->client, var_line_limit, + SMTP_GET_FLAG_NONE) == '\n') + curr_rec_type = REC_TYPE_NORM; + else + curr_rec_type = REC_TYPE_CONT; ++ if (IS_BARE_LF_REPLY_REJECT(smtp_got_bare_lf)) ++ state->err |= CLEANUP_STAT_BARE_LF; + start = vstring_str(state->buffer); + len = VSTRING_LEN(state->buffer); + if (first) { +@@ -3546,9 +3590,14 @@ + if (len > 0 && IS_SPACE_TAB(start[0])) + out_record(out_stream, REC_TYPE_NORM, "", 0); + } +- if (prev_rec_type != REC_TYPE_CONT && *start == '.' +- && (proxy == 0 ? (++start, --len) == 0 : len == 1)) +- break; ++ if (prev_rec_type != REC_TYPE_CONT && *start == '.') { ++ if (len == 1 && IS_BARE_LF_WANT_STD_EOD(smtp_detect_bare_lf) ++ && (smtp_got_bare_lf || prev_got_bare_lf)) ++ /* Do not store or send to proxy filter. */ ++ continue; ++ if (proxy == 0 ? (++start, --len) == 0 : len == 1) ++ break; ++ } + if (state->err == CLEANUP_STAT_OK) { + if (ENFORCING_SIZE_LIMIT(var_message_limit) + && var_message_limit - state->act_size < len + 2) { +@@ -3701,6 +3750,11 @@ + else + smtpd_chat_reply(state, + "250 2.0.0 Ok: queued as %s", state->queue_id); ++ } else if ((state->err & CLEANUP_STAT_BARE_LF) != 0) { ++ state->error_mask |= MAIL_ERROR_PROTOCOL; ++ log_whatsup(state, "reject", "bare received"); ++ smtpd_chat_reply(state, "%d 5.5.2 %s Error: bare received", ++ var_smtpd_forbid_bare_lf_code, var_myhostname); + } else if (why && IS_SMTP_REJECT(STR(why))) { + state->error_mask |= MAIL_ERROR_POLICY; + smtpd_chat_reply(state, "%s", STR(why)); +@@ -3981,7 +4035,6 @@ + */ + done = 0; + do { +- int payload_err; + + /* + * Do not skip the smtp_fread_buf() call if read_len == 0. We still +@@ -3995,10 +4048,6 @@ + smtp_fread_buf(state->buffer, read_len, state->client); + state->bdat_get_stream = vstream_memreopen( + state->bdat_get_stream, state->buffer, O_RDONLY); +- vstream_control(state->bdat_get_stream, CA_VSTREAM_CTL_EXCEPT, +- CA_VSTREAM_CTL_END); +- if ((payload_err = vstream_setjmp(state->bdat_get_stream)) != 0) +- vstream_longjmp(state->client, payload_err); + + /* + * Read lines from the fragment. The last line may continue in the +@@ -4023,6 +4072,8 @@ + /* Skip the out_record() and VSTRING_RESET() calls below. */ + break; + } ++ if (IS_BARE_LF_REPLY_REJECT(smtp_got_bare_lf)) ++ state->err |= CLEANUP_STAT_BARE_LF; + start = vstring_str(state->bdat_get_buffer); + len = VSTRING_LEN(state->bdat_get_buffer); + if (state->err == CLEANUP_STAT_OK) { +@@ -4674,9 +4725,9 @@ + */ + xclient_allowed = + namadr_list_match(xclient_hosts, state->name, state->addr); +- smtp_forbid_bare_lf = SMTPD_STAND_ALONE((state)) == 0 +- && var_smtpd_forbid_bare_lf +- && !namadr_list_match(bare_lf_excl, state->name, state->addr); ++ smtp_detect_bare_lf = (SMTPD_STAND_ALONE((state)) == 0 && bare_lf_mask ++ && !namadr_list_match(bare_lf_excl, state->name, state->addr)) ? ++ bare_lf_mask : 0; + /* NOT: tls_reset() */ + if (got_helo == 0) + helo_reset(state); +@@ -5468,13 +5519,6 @@ + var_myhostname); + break; + +- case SMTP_ERR_LF: +- state->reason = REASON_BARE_LF; +- if (vstream_setjmp(state->client) == 0) +- smtpd_chat_reply(state, "521 5.5.2 %s Error: bare received", +- var_myhostname); +- break; +- + case 0: + + /* +@@ -5676,6 +5720,13 @@ + } + watchdog_pat(); + smtpd_chat_query(state); ++ if (IS_BARE_LF_REPLY_REJECT(smtp_got_bare_lf)) { ++ log_whatsup(state, "reject", "bare received"); ++ state->error_mask |= MAIL_ERROR_PROTOCOL; ++ smtpd_chat_reply(state, "%d 5.5.2 %s Error: bare received", ++ var_smtpd_forbid_bare_lf_code, var_myhostname); ++ break; ++ } + /* Safety: protect internal interfaces against malformed UTF-8. */ + if (var_smtputf8_enable && valid_utf8_string(STR(state->buffer), + LEN(state->buffer)) == 0) { +@@ -6024,11 +6075,11 @@ + namadr_list_match(xforward_hosts, state.name, state.addr); + + /* +- * Enforce strict SMTP line endings, with compatibility exclusions. ++ * Reject or normalize bare LF, with compatibility exclusions. + */ +- smtp_forbid_bare_lf = SMTPD_STAND_ALONE((&state)) == 0 +- && var_smtpd_forbid_bare_lf +- && !namadr_list_match(bare_lf_excl, state.name, state.addr); ++ smtp_detect_bare_lf = (SMTPD_STAND_ALONE((&state)) == 0 && bare_lf_mask ++ && !namadr_list_match(bare_lf_excl, state.name, state.addr)) ? ++ bare_lf_mask : 0; + + /* + * See if we need to turn on verbose logging for this client. +@@ -6095,6 +6146,10 @@ + MATCH_FLAG_RETURN + | match_parent_style(VAR_MYNETWORKS), + var_smtpd_forbid_bare_lf_excl); ++ if ((bare_lf_mask = name_code(bare_lf_mask_table, NAME_CODE_FLAG_NONE, ++ var_smtpd_forbid_bare_lf)) < 0) ++ msg_fatal("bad parameter value: '%s = %s'", ++ VAR_SMTPD_FORBID_BARE_LF, var_smtpd_forbid_bare_lf); + + /* + * Open maps before dropping privileges so we can read passwords etc. +@@ -6390,6 +6445,7 @@ + VAR_VIRT_MAILBOX_CODE, DEF_VIRT_MAILBOX_CODE, &var_virt_mailbox_code, 0, 0, + VAR_RELAY_RCPT_CODE, DEF_RELAY_RCPT_CODE, &var_relay_rcpt_code, 0, 0, + VAR_PLAINTEXT_CODE, DEF_PLAINTEXT_CODE, &var_plaintext_code, 0, 0, ++ VAR_SMTPD_FORBID_BARE_LF_CODE, DEF_SMTPD_FORBID_BARE_LF_CODE, &var_smtpd_forbid_bare_lf_code, 500, 599, + VAR_SMTPD_CRATE_LIMIT, DEF_SMTPD_CRATE_LIMIT, &var_smtpd_crate_limit, 0, 0, + VAR_SMTPD_CCONN_LIMIT, DEF_SMTPD_CCONN_LIMIT, &var_smtpd_cconn_limit, 0, 0, + VAR_SMTPD_CMAIL_LIMIT, DEF_SMTPD_CMAIL_LIMIT, &var_smtpd_cmail_limit, 0, 0, +@@ -6452,7 +6508,6 @@ + VAR_SMTPD_PEERNAME_LOOKUP, DEF_SMTPD_PEERNAME_LOOKUP, &var_smtpd_peername_lookup, + VAR_SMTPD_DELAY_OPEN, DEF_SMTPD_DELAY_OPEN, &var_smtpd_delay_open, + VAR_SMTPD_CLIENT_PORT_LOG, DEF_SMTPD_CLIENT_PORT_LOG, &var_smtpd_client_port_log, +- VAR_SMTPD_FORBID_BARE_LF, DEF_SMTPD_FORBID_BARE_LF, &var_smtpd_forbid_bare_lf, + 0, + }; + static const CONFIG_NBOOL_TABLE nbool_table[] = { +@@ -6569,6 +6624,7 @@ + VAR_SMTPD_DNS_RE_FILTER, DEF_SMTPD_DNS_RE_FILTER, &var_smtpd_dns_re_filter, 0, 0, + VAR_SMTPD_REJ_FTR_MAPS, DEF_SMTPD_REJ_FTR_MAPS, &var_smtpd_rej_ftr_maps, 0, 0, + VAR_SMTPD_FORBID_BARE_LF_EXCL, DEF_SMTPD_FORBID_BARE_LF_EXCL, &var_smtpd_forbid_bare_lf_excl, 0, 0, ++ VAR_SMTPD_FORBID_BARE_LF, DEF_SMTPD_FORBID_BARE_LF, &var_smtpd_forbid_bare_lf, 1, 0, + 0, + }; + static const CONFIG_RAW_TABLE raw_table[] = { +--- a/src/smtpd/smtpd_check.c ++++ b/src/smtpd/smtpd_check.c +@@ -48,6 +48,11 @@ + /* + /* char *smtpd_check_queue(state) + /* SMTPD_STATE *state; ++/* AUXILIARY FUNCTIONS ++/* void log_whatsup(state, action, text) ++/* SMTPD_STATE *state; ++/* const char *action; ++/* const char *text; + /* DESCRIPTION + /* This module implements additional checks on SMTP client requests. + /* A client request is validated in the context of the session state. +@@ -146,6 +151,11 @@ + /* The recipient address given with the RCPT TO or VRFY command. + /* .IP size + /* The message size given with the MAIL FROM command (zero if unknown). ++/* .PP ++/* log_whatsup() logs ": : ++/* from: : " plus the protocol ++/* (SMTP or ESMTP), and if available, EHLO, MAIL FROM, or RCPT ++/* TO. + /* BUGS + /* Policies like these should not be hard-coded in C, but should + /* be user-programmable instead. +@@ -987,8 +997,8 @@ + + /* log_whatsup - log as much context as we have */ + +-static void log_whatsup(SMTPD_STATE *state, const char *whatsup, +- const char *text) ++void log_whatsup(SMTPD_STATE *state, const char *whatsup, ++ const char *text) + { + VSTRING *buf = vstring_alloc(100); + +--- a/src/smtpd/smtpd_check.h ++++ b/src/smtpd/smtpd_check.h +@@ -25,6 +25,7 @@ + extern char *smtpd_check_data(SMTPD_STATE *); + extern char *smtpd_check_eod(SMTPD_STATE *); + extern char *smtpd_check_policy(SMTPD_STATE *, char *); ++extern void log_whatsup(SMTPD_STATE *, const char *, const char *); + + /* LICENSE + /* .ad diff --git a/meta-networking/recipes-daemons/postfix/postfix_3.6.7.bb b/meta-networking/recipes-daemons/postfix/postfix_3.6.7.bb index 17864b89155..fdda2e749ef 100644 --- a/meta-networking/recipes-daemons/postfix/postfix_3.6.7.bb +++ b/meta-networking/recipes-daemons/postfix/postfix_3.6.7.bb @@ -13,6 +13,8 @@ SRC_URI += "ftp://ftp.porcupine.org/mirrors/postfix-release/official/postfix-${P file://0004-Fix-icu-config.patch \ file://0005-makedefs-add-lnsl-and-lresolv-to-SYSLIBS-by-default.patch \ file://0006-makedefs-Account-for-linux-6.x-version.patch \ + file://CVE-2023-51764-1.patch \ + file://CVE-2023-51764-2.patch \ " SRC_URI[sha256sum] = "e471df7e0eb11c4a1e574b6d7298f635386e2843b6b3584c25a04543d587e07f" UPSTREAM_CHECK_REGEX = "postfix\-(?P3\.6(\.\d+)+).tar.gz" From 8609de00952d65bb813a48c535c937324efeb18a Mon Sep 17 00:00:00 2001 From: Martin Jansa Date: Tue, 6 Feb 2024 11:24:22 +0100 Subject: [PATCH 558/600] Revert "libcroco: Add fix for CVE-2020-12825" This reverts commit 522603beb6d88ad6ea443806bb986096d5b766e6. This change was for oe-core not meta-oe repository, creating unused directory "meta" which doesn't belong here. Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- .../libcroco/libcroco/CVE-2020-12825.patch | 190 ------------------ .../libcroco/libcroco_0.6.13.bb | 22 -- 2 files changed, 212 deletions(-) delete mode 100644 meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch delete mode 100644 meta/recipes-support/libcroco/libcroco_0.6.13.bb diff --git a/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch b/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch deleted file mode 100644 index 8e58f73097e..00000000000 --- a/meta/recipes-support/libcroco/libcroco/CVE-2020-12825.patch +++ /dev/null @@ -1,190 +0,0 @@ -From 203d62efefe6f79080863dda61593003b4c31f25 Mon Sep 17 00:00:00 2001 -From: Michael Catanzaro -Date: Thu, 13 Aug 2020 20:03:05 -0500 -Subject: [PATCH] libcroco parser: limit recursion in block and any productions - -If we don't have any limits, we can recurse forever and overflow the -stack. - -This is for CVE-2020-12825: Stack overflow in cr_parser_parse_any_core -in cr-parser.c. - -Bug: https://gitlab.gnome.org/Archive/libcroco/-/issues/8 -Patch from https://gitlab.gnome.org/Archive/libcroco/-/merge_requests/5 - -CVE: CVE-2020-12825 -Upstream Status: Backport [https://gitlab.com/inkscape/inkscape/-/commit/203d62efefe6f79080863dda61593003b4c31f25.patch] ---- - src/cr-parser.c | 44 ++++++++++++++++++++----------- - 1 file changed, 29 insertions(+), 15 deletions(-) - -diff --git a/src/cr-parser.c b/src/cr-parser.c -index d85e71f0fc..cd7b6ebd4a 100644 ---- a/src/cr-parser.c -+++ b/src/cr-parser.c -@@ -136,6 +136,8 @@ struct _CRParserPriv { - - #define CHARS_TAB_SIZE 12 - -+#define RECURSIVE_CALLERS_LIMIT 100 -+ - /** - * IS_NUM: - *@a_char: the char to test. -@@ -343,9 +345,11 @@ static enum CRStatus cr_parser_parse_selector_core (CRParser * a_this); - - static enum CRStatus cr_parser_parse_declaration_core (CRParser * a_this); - --static enum CRStatus cr_parser_parse_any_core (CRParser * a_this); -+static enum CRStatus cr_parser_parse_any_core (CRParser * a_this, -+ guint n_calls); - --static enum CRStatus cr_parser_parse_block_core (CRParser * a_this); -+static enum CRStatus cr_parser_parse_block_core (CRParser * a_this, -+ guint n_calls); - - static enum CRStatus cr_parser_parse_value_core (CRParser * a_this); - -@@ -783,7 +787,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) - cr_parser_try_to_skip_spaces_and_comments (a_this); - - do { -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, 0); - } while (status == CR_OK); - - status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, -@@ -794,7 +798,7 @@ cr_parser_parse_atrule_core (CRParser * a_this) - cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, - token); - token = NULL; -- status = cr_parser_parse_block_core (a_this); -+ status = cr_parser_parse_block_core (a_this, 0); - CHECK_PARSING_STATUS (status, - FALSE); - goto done; -@@ -929,11 +933,11 @@ cr_parser_parse_selector_core (CRParser * a_this) - - RECORD_INITIAL_POS (a_this, &init_pos); - -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, 0); - CHECK_PARSING_STATUS (status, FALSE); - - do { -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, 0); - - } while (status == CR_OK); - -@@ -955,10 +959,12 @@ cr_parser_parse_selector_core (CRParser * a_this) - *in chapter 4.1 of the css2 spec. - *block ::= '{' S* [ any | block | ATKEYWORD S* | ';' ]* '}' S*; - *@param a_this the current instance of #CRParser. -+ *@param n_calls used to limit recursion depth - *FIXME: code this function. - */ - static enum CRStatus --cr_parser_parse_block_core (CRParser * a_this) -+cr_parser_parse_block_core (CRParser * a_this, -+ guint n_calls) - { - CRToken *token = NULL; - CRInputPos init_pos; -@@ -966,6 +972,9 @@ cr_parser_parse_block_core (CRParser * a_this) - - g_return_val_if_fail (a_this && PRIVATE (a_this), CR_BAD_PARAM_ERROR); - -+ if (n_calls > RECURSIVE_CALLERS_LIMIT) -+ return CR_ERROR; -+ - RECORD_INITIAL_POS (a_this, &init_pos); - - status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token); -@@ -995,13 +1004,13 @@ cr_parser_parse_block_core (CRParser * a_this) - } else if (token->type == CBO_TK) { - cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); - token = NULL; -- status = cr_parser_parse_block_core (a_this); -+ status = cr_parser_parse_block_core (a_this, n_calls + 1); - CHECK_PARSING_STATUS (status, FALSE); - goto parse_block_content; - } else { - cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, token); - token = NULL; -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, n_calls + 1); - CHECK_PARSING_STATUS (status, FALSE); - goto parse_block_content; - } -@@ -1108,7 +1117,7 @@ cr_parser_parse_value_core (CRParser * a_this) - status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, - token); - token = NULL; -- status = cr_parser_parse_block_core (a_this); -+ status = cr_parser_parse_block_core (a_this, 0); - CHECK_PARSING_STATUS (status, FALSE); - ref++; - goto continue_parsing; -@@ -1122,7 +1131,7 @@ cr_parser_parse_value_core (CRParser * a_this) - status = cr_tknzr_unget_token (PRIVATE (a_this)->tknzr, - token); - token = NULL; -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, 0); - if (status == CR_OK) { - ref++; - goto continue_parsing; -@@ -1162,10 +1162,12 @@ - * | FUNCTION | DASHMATCH | '(' any* ')' | '[' any* ']' ] S*; - * - *@param a_this the current instance of #CRParser. -+ *@param n_calls used to limit recursion depth - *@return CR_OK upon successfull completion, an error code otherwise. - */ - static enum CRStatus --cr_parser_parse_any_core (CRParser * a_this) -+cr_parser_parse_any_core (CRParser * a_this, -+ guint n_calls) - { - CRToken *token1 = NULL, - *token2 = NULL; -@@ -1173,6 +1184,9 @@ cr_parser_parse_any_core (CRParser * a_this) - - g_return_val_if_fail (a_this, CR_BAD_PARAM_ERROR); - -+ if (n_calls > RECURSIVE_CALLERS_LIMIT) -+ return CR_ERROR; -+ - RECORD_INITIAL_POS (a_this, &init_pos); - - status = cr_tknzr_get_next_token (PRIVATE (a_this)->tknzr, &token1); -@@ -1211,7 +1225,7 @@ cr_parser_parse_any_core (CRParser * a_this) - *We consider parameter as being an "any*" production. - */ - do { -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, n_calls + 1); - } while (status == CR_OK); - - ENSURE_PARSING_COND (status == CR_PARSING_ERROR); -@@ -1236,7 +1250,7 @@ cr_parser_parse_any_core (CRParser * a_this) - } - - do { -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, n_calls + 1); - } while (status == CR_OK); - - ENSURE_PARSING_COND (status == CR_PARSING_ERROR); -@@ -1264,7 +1278,7 @@ cr_parser_parse_any_core (CRParser * a_this) - } - - do { -- status = cr_parser_parse_any_core (a_this); -+ status = cr_parser_parse_any_core (a_this, n_calls + 1); - } while (status == CR_OK); - - ENSURE_PARSING_COND (status == CR_PARSING_ERROR); --- -GitLab diff --git a/meta/recipes-support/libcroco/libcroco_0.6.13.bb b/meta/recipes-support/libcroco/libcroco_0.6.13.bb deleted file mode 100644 index fd5927e0144..00000000000 --- a/meta/recipes-support/libcroco/libcroco_0.6.13.bb +++ /dev/null @@ -1,22 +0,0 @@ -SUMMARY = "Cascading Style Sheet (CSS) parsing and manipulation toolkit" -HOMEPAGE = "http://www.gnome.org/" -BUGTRACKER = "https://bugzilla.gnome.org/" - -LICENSE = "LGPLv2 & LGPLv2.1" -LIC_FILES_CHKSUM = "file://COPYING;md5=55ca817ccb7d5b5b66355690e9abc605 \ - file://src/cr-rgb.c;endline=22;md5=31d5f0944d556c8589d04ea6055fcc66 \ - file://tests/cr-test-utils.c;endline=21;md5=2382c27934cae1d3792fcb17a6142c4e" - -SECTION = "x11/utils" -DEPENDS = "glib-2.0 libxml2 zlib" -BBCLASSEXTEND = "native nativesdk" -EXTRA_OECONF += "--enable-Bsymbolic=auto" - -BINCONFIG = "${bindir}/croco-0.6-config" - -inherit gnomebase gtk-doc binconfig-disabled - -SRC_URI += "file://CVE-2020-12825.patch" - -SRC_URI[archive.md5sum] = "c80c5a8385011a0260dce6bd0da93dce" -SRC_URI[archive.sha256sum] = "767ec234ae7aa684695b3a735548224888132e063f92db585759b422570621d4" From 1915dcb8e821404045e698ab871c0a12edc11e39 Mon Sep 17 00:00:00 2001 From: virendra thakur Date: Fri, 9 Feb 2024 11:41:05 +0530 Subject: [PATCH 559/600] nodejs: Set CVE_PRODUCT to "node.js" Set CVE_PRODUCT to 'node.js' for nodjs recipe Signed-off-by: virendra thakur Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb index 16593a0fe6e..da1f621ee00 100644 --- a/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb +++ b/meta-oe/recipes-devtools/nodejs/nodejs_16.20.2.bb @@ -41,6 +41,8 @@ SRC_URI[sha256sum] = "576f1a03c455e491a8d132b587eb6b3b84651fc8974bb3638433dd44d2 S = "${WORKDIR}/node-v${PV}" +CVE_PRODUCT += "node.js" + # v8 errors out if you have set CCACHE CCACHE = "" From 7f2e0e1d38773965941f18b2666e97ba6213efc2 Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Fri, 9 Feb 2024 10:12:22 +0000 Subject: [PATCH 560/600] mariadb: fix CVE-2023-22084 Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). References: https://nvd.nist.gov/vuln/detail/CVE-2023-22084 https://security-tracker.debian.org/tracker/CVE-2023-22084 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- meta-oe/recipes-dbs/mysql/mariadb.inc | 1 + .../mysql/mariadb/CVE-2023-22084.patch | 91 +++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 meta-oe/recipes-dbs/mysql/mariadb/CVE-2023-22084.patch diff --git a/meta-oe/recipes-dbs/mysql/mariadb.inc b/meta-oe/recipes-dbs/mysql/mariadb.inc index a84f8d134fd..7c4b0a467f0 100644 --- a/meta-oe/recipes-dbs/mysql/mariadb.inc +++ b/meta-oe/recipes-dbs/mysql/mariadb.inc @@ -22,6 +22,7 @@ SRC_URI = "https://archive.mariadb.org/${BP}/source/${BP}.tar.gz \ file://cross-compiling.patch \ file://0001-sql-CMakeLists.txt-fix-gen_lex_hash-not-found.patch \ file://0001-MDEV-29644-a-potential-bug-of-null-pointer-dereferen.patch \ + file://CVE-2023-22084.patch \ " SRC_URI:append:libc-musl = " file://ppc-remove-glibc-dep.patch" diff --git a/meta-oe/recipes-dbs/mysql/mariadb/CVE-2023-22084.patch b/meta-oe/recipes-dbs/mysql/mariadb/CVE-2023-22084.patch new file mode 100644 index 00000000000..3053614854d --- /dev/null +++ b/meta-oe/recipes-dbs/mysql/mariadb/CVE-2023-22084.patch @@ -0,0 +1,91 @@ +From 15ae97b1c2c14f1263cdc853673c4129625323de Mon Sep 17 00:00:00 2001 +From: Marko Mäkelä +Date: Thu, 8 Feb 2024 08:09:20 +0000 +Subject: [PATCH] MDEV-32578 row_merge_fts_doc_tokenize() handles parser plugin + inconsistently + +When mysql/mysql-server@0c954c2 +added a plugin interface for FULLTEXT INDEX tokenization to MySQL 5.7, +fts_tokenize_ctx::processed_len got a second meaning, which is only +partly implemented in row_merge_fts_doc_tokenize(). + +This inconsistency could cause a crash when using FULLTEXT...WITH PARSER. +A test case that would crash MySQL 8.0 when using an n-gram parser and +single-character words would fail to crash in MySQL 5.7, because the +buf_full condition in row_merge_fts_doc_tokenize() was not met. + +This change is inspired by +mysql/mysql-server@38e9a07 +that appeared in MySQL 5.7.44. + +CVE: CVE-2023-22084 +Upstream-Status: Backport [https://github.com/MariaDB/server/commit/15ae97b1c2c1] + +Signed-off-by: Yogita Urade +--- + storage/innobase/include/row0ftsort.h | 6 +++++- + storage/innobase/row/row0ftsort.cc | 11 ++++++++--- + 2 files changed, 13 insertions(+), 4 deletions(-) + +diff --git a/storage/innobase/include/row0ftsort.h b/storage/innobase/include/row0ftsort.h +index 65508caf..3ffa8243 100644 +--- a/storage/innobase/include/row0ftsort.h ++++ b/storage/innobase/include/row0ftsort.h +@@ -104,7 +104,10 @@ typedef UT_LIST_BASE_NODE_T(row_fts_token_t) fts_token_list_t; + + /** Structure stores information from string tokenization operation */ + struct fts_tokenize_ctx { +- ulint processed_len; /*!< processed string length */ ++ /** the processed string length in bytes ++ (when using the built-in tokenizer), ++ or the number of row_merge_fts_doc_tokenize_by_parser() calls */ ++ ulint processed_len; + ulint init_pos; /*!< doc start position */ + ulint buf_used; /*!< the sort buffer (ID) when + tokenization stops, which +@@ -115,6 +118,7 @@ struct fts_tokenize_ctx { + ib_rbt_t* cached_stopword;/*!< in: stopword list */ + dfield_t sort_field[FTS_NUM_FIELDS_SORT]; + /*!< in: sort field */ ++ /** parsed tokens (when using an external parser) */ + fts_token_list_t fts_token_list; + + fts_tokenize_ctx() : +diff --git a/storage/innobase/row/row0ftsort.cc b/storage/innobase/row/row0ftsort.cc +index 86e96624..406ff60f 100644 +--- a/storage/innobase/row/row0ftsort.cc ++++ b/storage/innobase/row/row0ftsort.cc +@@ -491,7 +491,10 @@ row_merge_fts_doc_tokenize( + + /* Tokenize the data and add each word string, its corresponding + doc id and position to sort buffer */ +- while (t_ctx->processed_len < doc->text.f_len) { ++ while (parser ++ ? (!t_ctx->processed_len ++ || UT_LIST_GET_LEN(t_ctx->fts_token_list)) ++ : t_ctx->processed_len < doc->text.f_len) { + ulint idx = 0; + ulint cur_len; + doc_id_t write_doc_id; +@@ -831,7 +834,8 @@ void fts_parallel_tokenization( + /* Not yet finish processing the "doc" on hand, + continue processing it */ + ut_ad(doc.text.f_str); +- ut_ad(t_ctx.processed_len < doc.text.f_len); ++ ut_ad(buf[0]->index->parser ++ || t_ctx.processed_len < doc.text.f_len); + } + + processed = row_merge_fts_doc_tokenize( +@@ -841,7 +845,8 @@ void fts_parallel_tokenization( + + /* Current sort buffer full, need to recycle */ + if (!processed) { +- ut_ad(t_ctx.processed_len < doc.text.f_len); ++ ut_ad(buf[0]->index->parser ++ || t_ctx.processed_len < doc.text.f_len); + ut_ad(t_ctx.rows_added[t_ctx.buf_used]); + break; + } +-- +2.40.0 From 5800571ad7adb79186a79d96b89de2f43b86a21d Mon Sep 17 00:00:00 2001 From: Vijay Anusuri Date: Mon, 12 Feb 2024 09:29:19 +0530 Subject: [PATCH 561/600] squid: Backport fix for CVE-2023-49286 and CVE-2023-50269 import patches from ubuntu to fix CVE-2023-49286 CVE-2023-50269 Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa Upstream commit https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264 & https://github.com/squid-cache/squid/commit/9f7136105bff920413042a8806cc5de3f6086d6d] Signed-off-by: Vijay Anusuri Signed-off-by: Armin Kuster --- .../squid/files/CVE-2023-49286.patch | 87 +++++++++++++++++++ .../squid/files/CVE-2023-50269.patch | 62 +++++++++++++ .../recipes-daemons/squid/squid_4.15.bb | 2 + 3 files changed, 151 insertions(+) create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-49286.patch create mode 100644 meta-networking/recipes-daemons/squid/files/CVE-2023-50269.patch diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-49286.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-49286.patch new file mode 100644 index 00000000000..8e0bdf387c7 --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-49286.patch @@ -0,0 +1,87 @@ +From 6014c6648a2a54a4ecb7f952ea1163e0798f9264 Mon Sep 17 00:00:00 2001 +From: Alex Rousskov +Date: Fri, 27 Oct 2023 21:27:20 +0000 +Subject: [PATCH] Exit without asserting when helper process startup fails + (#1543) + +... to dup() after fork() and before execvp(). + +Assertions are for handling program logic errors. Helper initialization +code already handled system call errors correctly (i.e. by exiting the +newly created helper process with an error), except for a couple of +assert()s that could be triggered by dup(2) failures. + +This bug was discovered and detailed by Joshua Rogers at +https://megamansec.github.io/Squid-Security-Audit/ipc-assert.html +where it was filed as 'Assertion in Squid "Helper" Process Creator'. + +Origin: http://www.squid-cache.org/Versions/v6/SQUID-2023_8.patch + +Upstream-Status: Backport [https://github.com/squid-cache/squid/commit/6014c6648a2a54a4ecb7f952ea1163e0798f9264] +CVE: CVE-2023-49286 +Signed-off-by: Vijay Anusuri +--- + src/ipc.cc | 33 +++++++++++++++++++++++++++------ + 1 file changed, 27 insertions(+), 6 deletions(-) + +--- a/src/ipc.cc ++++ b/src/ipc.cc +@@ -20,6 +20,12 @@ + #include "SquidIpc.h" + #include "tools.h" + ++#include ++ ++#if HAVE_UNISTD_H ++#include ++#endif ++ + static const char *hello_string = "hi there\n"; + #ifndef HELLO_BUF_SZ + #define HELLO_BUF_SZ 32 +@@ -365,6 +371,22 @@ + } + + PutEnvironment(); ++ ++ // A dup(2) wrapper that reports and exits the process on errors. The ++ // exiting logic is only suitable for this child process context. ++ const auto dupOrExit = [prog,name](const int oldFd) { ++ const auto newFd = dup(oldFd); ++ if (newFd < 0) { ++ const auto savedErrno = errno; ++ debugs(54, DBG_CRITICAL, "ERROR: Helper process initialization failure: " << name); ++ debugs(54, DBG_CRITICAL, "helper (CHILD) PID: " << getpid()); ++ debugs(54, DBG_CRITICAL, "helper program name: " << prog); ++ debugs(54, DBG_CRITICAL, "dup(2) system call error for FD " << oldFd << ": " << xstrerr(savedErrno)); ++ _exit(1); ++ } ++ return newFd; ++ }; ++ + /* + * This double-dup stuff avoids problems when one of + * crfd, cwfd, or debug_log are in the rage 0-2. +@@ -372,17 +394,16 @@ + + do { + /* First make sure 0-2 is occupied by something. Gets cleaned up later */ +- x = dup(crfd); +- assert(x > -1); +- } while (x < 3 && x > -1); ++ x = dupOrExit(crfd); ++ } while (x < 3); + + close(x); + +- t1 = dup(crfd); ++ t1 = dupOrExit(crfd); + +- t2 = dup(cwfd); ++ t2 = dupOrExit(cwfd); + +- t3 = dup(fileno(debug_log)); ++ t3 = dupOrExit(fileno(debug_log)); + + assert(t1 > 2 && t2 > 2 && t3 > 2); + diff --git a/meta-networking/recipes-daemons/squid/files/CVE-2023-50269.patch b/meta-networking/recipes-daemons/squid/files/CVE-2023-50269.patch new file mode 100644 index 00000000000..51c895e0efb --- /dev/null +++ b/meta-networking/recipes-daemons/squid/files/CVE-2023-50269.patch @@ -0,0 +1,62 @@ +From: Markus Koschany +Date: Tue, 26 Dec 2023 19:58:12 +0100 +Subject: CVE-2023-50269 + +Bug-Debian: https://bugs.debian.org/1058721 +Origin: http://www.squid-cache.org/Versions/v5/SQUID-2023_10.patch + +Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/squid/tree/debian/patches/CVE-2023-50269.patch?h=ubuntu/focal-security&id=9ccd217ca9428c9a6597e9310a99552026b245fa +Upstream commit https://github.com/squid-cache/squid/commit/9f7136105bff920413042a8806cc5de3f6086d6d] +CVE: CVE-2023-50269 +Signed-off-by: Vijay Anusuri +--- + src/ClientRequestContext.h | 4 ++++ + src/client_side_request.cc | 17 +++++++++++++++-- + 2 files changed, 19 insertions(+), 2 deletions(-) + +--- a/src/ClientRequestContext.h ++++ b/src/ClientRequestContext.h +@@ -81,6 +81,10 @@ + #endif + ErrorState *error; ///< saved error page for centralized/delayed processing + bool readNextRequest; ///< whether Squid should read after error handling ++ ++#if FOLLOW_X_FORWARDED_FOR ++ size_t currentXffHopNumber = 0; ///< number of X-Forwarded-For header values processed so far ++#endif + }; + + #endif /* SQUID_CLIENTREQUESTCONTEXT_H */ +--- a/src/client_side_request.cc ++++ b/src/client_side_request.cc +@@ -78,6 +78,11 @@ + static const char *const crlf = "\r\n"; + + #if FOLLOW_X_FORWARDED_FOR ++ ++#if !defined(SQUID_X_FORWARDED_FOR_HOP_MAX) ++#define SQUID_X_FORWARDED_FOR_HOP_MAX 64 ++#endif ++ + static void clientFollowXForwardedForCheck(allow_t answer, void *data); + #endif /* FOLLOW_X_FORWARDED_FOR */ + +@@ -485,8 +490,16 @@ + /* override the default src_addr tested if we have to go deeper than one level into XFF */ + Filled(calloutContext->acl_checklist)->src_addr = request->indirect_client_addr; + } +- calloutContext->acl_checklist->nonBlockingCheck(clientFollowXForwardedForCheck, data); +- return; ++ if (++calloutContext->currentXffHopNumber < SQUID_X_FORWARDED_FOR_HOP_MAX) { ++ calloutContext->acl_checklist->nonBlockingCheck(clientFollowXForwardedForCheck, data); ++ return; ++ } ++ const auto headerName = Http::HeaderLookupTable.lookup(Http::HdrType::X_FORWARDED_FOR).name; ++ debugs(28, DBG_CRITICAL, "ERROR: Ignoring trailing " << headerName << " addresses"); ++ debugs(28, DBG_CRITICAL, "addresses allowed by follow_x_forwarded_for: " << calloutContext->currentXffHopNumber); ++ debugs(28, DBG_CRITICAL, "last/accepted address: " << request->indirect_client_addr); ++ debugs(28, DBG_CRITICAL, "ignored trailing addresses: " << request->x_forwarded_for_iterator); ++ // fall through to resume clientAccessCheck() processing + } + } + diff --git a/meta-networking/recipes-daemons/squid/squid_4.15.bb b/meta-networking/recipes-daemons/squid/squid_4.15.bb index d0cf596fa07..69b62aa5a51 100644 --- a/meta-networking/recipes-daemons/squid/squid_4.15.bb +++ b/meta-networking/recipes-daemons/squid/squid_4.15.bb @@ -30,6 +30,8 @@ SRC_URI = "http://www.squid-cache.org/Versions/v${MAJ_VER}/${BPN}-${PV}.tar.bz2 file://CVE-2023-46728.patch \ file://CVE-2023-46846-pre1.patch \ file://CVE-2023-46846.patch \ + file://CVE-2023-49286.patch \ + file://CVE-2023-50269.patch \ " SRC_URI:remove:toolchain-clang = "file://0001-configure-Check-for-Wno-error-format-truncation-comp.patch" From ab7c9bea36833c439321272a2bdf98e15483672b Mon Sep 17 00:00:00 2001 From: Meenali Gupta Date: Tue, 13 Feb 2024 11:13:03 +0000 Subject: [PATCH 562/600] graphviz: fix CVE-2023-46045 Graphviz 2.36 before 10.0.0 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because this file is typically owned by root. Signed-off-by: Meenali Gupta Signed-off-by: Armin Kuster --- .../graphviz/graphviz/CVE-2023-46045-1.patch | 38 ++++++++++++++++++ .../graphviz/graphviz/CVE-2023-46045-2.patch | 39 +++++++++++++++++++ .../graphviz/graphviz/CVE-2023-46045-3.patch | 31 +++++++++++++++ .../graphviz/graphviz_2.50.0.bb | 3 ++ 4 files changed, 111 insertions(+) create mode 100644 meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-1.patch create mode 100644 meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-2.patch create mode 100644 meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-1.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-1.patch new file mode 100644 index 00000000000..a48f8aa06ab --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-1.patch @@ -0,0 +1,38 @@ +From 361f274ca901c3c476697a6404662d95f4dd43cb Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez +Date: Fri, 12 Jan 2024 17:06:17 +1100 +Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope + 'gv_api' + +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/361f274ca901c3c476697a6404662d95f4dd43cb] +CVE: CVE-2023-46045 + +Signed-off-by: Meenali Gupta +--- + lib/gvc/gvconfig.c | 3 +-- + 1 file changed, 1 insertion(+), 2 deletions(-) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index 2d86321..f9d1dcc 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -173,7 +173,6 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + { + char *package_path, *name, *api; + const char *type; +- api_t gv_api; + int quality, rc; + int nest = 0; + gvplugin_package_t *package; +@@ -188,7 +187,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + package = gvplugin_package_record(gvc, package_path, name); + do { + api = token(&nest, &s); +- gv_api = gvplugin_api(api); ++ const api_t gv_api = gvplugin_api(api); + do { + if (nest == 2) { + type = token(&nest, &s); +-- +2.40.0 + diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-2.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-2.patch new file mode 100644 index 00000000000..4c70b1a8773 --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-2.patch @@ -0,0 +1,39 @@ +From 3f31704cafd7da3e86bb2861accf5e90c973e62a Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez +Date: Fri, 12 Jan 2024 17:06:17 +1100 +Subject: [PATCH] gvc gvconfig_plugin_install_from_config: more tightly scope + 'api' + +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/3f31704cafd7da3e86bb2861accf5e90c973e62a] +CVE: CVE-2023-46045 + +Signed-off-by: Meenali Gupta +--- + lib/gvc/gvconfig.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index f9d1dcc..95e8c6c 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -171,7 +171,7 @@ static char *token(int *nest, char **tokens) + + static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + { +- char *package_path, *name, *api; ++ char *package_path, *name; + const char *type; + int quality, rc; + int nest = 0; +@@ -186,7 +186,7 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + name = "x"; + package = gvplugin_package_record(gvc, package_path, name); + do { +- api = token(&nest, &s); ++ const char *api = token(&nest, &s); + const api_t gv_api = gvplugin_api(api); + do { + if (nest == 2) { +-- +2.40.0 + diff --git a/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch new file mode 100644 index 00000000000..4746265eeb3 --- /dev/null +++ b/meta-oe/recipes-graphics/graphviz/graphviz/CVE-2023-46045-3.patch @@ -0,0 +1,31 @@ +From a95f977f5d809915ec4b14836d2b5b7f5e74881e Mon Sep 17 00:00:00 2001 +From: Matthew Fernandez +Date: Fri, 12 Jan 2024 17:06:17 +1100 +Subject: [PATCH] gvc: detect plugin installation failure and display an error + +Upstream-Status: Backport [https://gitlab.com/graphviz/graphviz/-/commit/a95f977f5d809915ec4b14836d2b5b7f5e74881e] +CVE: CVE-2023-46045 + +Signed-off-by: Meenali Gupta +--- + lib/gvc/gvconfig.c | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/lib/gvc/gvconfig.c b/lib/gvc/gvconfig.c +index 95e8c6c..77d0865 100644 +--- a/lib/gvc/gvconfig.c ++++ b/lib/gvc/gvconfig.c +@@ -188,6 +188,10 @@ static int gvconfig_plugin_install_from_config(GVC_t * gvc, char *s) + do { + const char *api = token(&nest, &s); + const api_t gv_api = gvplugin_api(api); ++ if (gv_api == (api_t)-1) { ++ agerr(AGERR, "config error: %s %s not found\n", package_path, api); ++ return 0; ++ } + do { + if (nest == 2) { + type = token(&nest, &s); +-- +2.40.0 + diff --git a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb index 4c51af669c3..f06e2adb029 100644 --- a/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb +++ b/meta-oe/recipes-graphics/graphviz/graphviz_2.50.0.bb @@ -20,6 +20,9 @@ DEPENDS:append:class-nativesdk = " ${BPN}-native" inherit autotools-brokensep pkgconfig gettext qemu SRC_URI = "https://gitlab.com/api/v4/projects/4207231/packages/generic/${BPN}-releases/${PV}/${BP}.tar.xz \ + file://CVE-2023-46045-1.patch \ + file://CVE-2023-46045-2.patch \ + file://CVE-2023-46045-3.patch \ " # Use native mkdefs SRC_URI:append:class-target = "\ From dc2b819291a4632381c114f193abe8583bfcbd12 Mon Sep 17 00:00:00 2001 From: Fathi Boudra Date: Fri, 16 Feb 2024 14:43:40 +0100 Subject: [PATCH 563/600] python3-django: upgrade from 4.2.7 to 4.2.10 Upgrade to the latest 4.x LTS release. Bugs fixes only. Fix CVE: CVE-2024-24680: Potential denial-of-service in intcomma template filter Signed-off-by: Fathi Boudra Signed-off-by: Armin Kuster --- .../{python3-django_4.2.7.bb => python3-django_4.2.10.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-python/recipes-devtools/python/{python3-django_4.2.7.bb => python3-django_4.2.10.bb} (77%) diff --git a/meta-python/recipes-devtools/python/python3-django_4.2.7.bb b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb similarity index 77% rename from meta-python/recipes-devtools/python/python3-django_4.2.7.bb rename to meta-python/recipes-devtools/python/python3-django_4.2.10.bb index 580592d7023..a9f25ac2b39 100644 --- a/meta-python/recipes-devtools/python/python3-django_4.2.7.bb +++ b/meta-python/recipes-devtools/python/python3-django_4.2.10.bb @@ -1,7 +1,7 @@ require python-django.inc inherit setuptools3 -SRC_URI[sha256sum] = "8e0f1c2c2786b5c0e39fe1afce24c926040fad47c8ea8ad30aaf1188df29fc41" +SRC_URI[sha256sum] = "b1260ed381b10a11753c73444408e19869f3241fc45c985cd55a30177c789d13" RDEPENDS:${PN} += "\ ${PYTHON_PN}-sqlparse \ From 7d07ad57002a0af09ceb0fbe59b48ccd2ce4a740 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Mon, 19 Feb 2024 12:46:27 +0000 Subject: [PATCH 564/600] mbedtls: upgrade 2.28.5 -> 2.28.7 Includes security fixes for: CVE-2024-23170 - Timing side channel in private key RSA operations CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension() License updated to dual Apache-2.0 OR GPL-2.0-or-later. Changelog: https://github.com/Mbed-TLS/mbedtls/blob/v2.28.7/ChangeLog Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../mbedtls/{mbedtls_2.28.5.bb => mbedtls_2.28.7.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.5.bb => mbedtls_2.28.7.bb} (91%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb similarity index 91% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb index 95688e29bb7..793cdcaff7d 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.5.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb @@ -17,13 +17,13 @@ understand what the code does. It features: \ HOMEPAGE = "https://tls.mbed.org/" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" +LICENSE = "Apache-2.0 | GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "47e8cc9db2e469d902b0e3093ae9e482c3d87188" +SRCREV = "555f84735aecdbd76a566cf087ec8425dfb0c8ab" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" inherit cmake update-alternatives From fda737ec0cc1d2a5217548a560074a8e4d5ec580 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Mon, 19 Feb 2024 12:46:57 +0000 Subject: [PATCH 565/600] mbedtls: Upgrade 3.5.0 -> 3.5.2 * Includes security fix for CVE-2024-23170 - Timing side channel in private key RSA operations * Includes security fix for CVE-2024-23775 - Buffer overflow in mbedtls_x509_set_extension() Use canonical URL, add UPSTREAM_CHECK_GITTAGREGEX. License-update: Upstream clarified licensing as dual Apache-2.0 or GPL-2.0 or later Changelog: https://github.com/Mbed-TLS/mbedtls/blob/v3.5.2/ChangeLog Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../mbedtls/{mbedtls_3.5.0.bb => mbedtls_3.5.2.bb} | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_3.5.0.bb => mbedtls_3.5.2.bb} (93%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb similarity index 93% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb index d57e717bd8e..2fedac48cfb 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.0.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_3.5.2.bb @@ -17,16 +17,17 @@ understand what the code does. It features: \ HOMEPAGE = "https://tls.mbed.org/" -LICENSE = "Apache-2.0" -LIC_FILES_CHKSUM = "file://LICENSE;md5=3b83ef96387f14655fc854ddc3c6bd57" +LICENSE = "Apache-2.0 | GPL-2.0-or-later" +LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "1ec69067fa1351427f904362c1221b31538c8b57" +SRCREV = "daca7a3979c22da155ec9dce49ab1abf3b65d3a9" SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=master \ file://0001-AES-NI-use-target-attributes-for-x86-32-bit-intrinsi.patch \ file://run-ptest" +UPSTREAM_CHECK_GITTAGREGEX = "v(?P\d+(\.\d+)+)" inherit cmake update-alternatives ptest From 4f2d6f6a8bd64c012adc63c3ace2e25e86df5d97 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Thu, 7 Mar 2024 01:21:32 -0800 Subject: [PATCH 566/600] openvpn: ignore CVE-2023-7235 This CVE is related to OpenVPN 2.x GUI on Windows. References: https://community.openvpn.net/openvpn/wiki/CVE-2023-7235 https://security-tracker.debian.org/tracker/CVE-2023-7235 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb | 3 +++ 1 file changed, 3 insertions(+) diff --git a/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb b/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb index 218e72b7a80..828cd5033ed 100644 --- a/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb +++ b/meta-networking/recipes-support/openvpn/openvpn_2.5.6.bb @@ -19,6 +19,9 @@ SRC_URI[sha256sum] = "333a7ef3d5b317968aca2c77bdc29aa7c6d6bb3316eb3f79743b59c532 # CVE-2020-7224 and CVE-2020-27569 are for Aviatrix OpenVPN client, not for openvpn. CVE_CHECK_IGNORE += "CVE-2020-7224 CVE-2020-27569" +# CVE-2023-7235 is specific to Windows platform +CVE_CHECK_IGNORE += "CVE-2023-7235" + SYSTEMD_SERVICE:${PN} += "openvpn@loopback-server.service openvpn@loopback-client.service" SYSTEMD_AUTO_ENABLE = "disable" From 938a3ff43cfe534521a3b36527d496ff931b0d2e Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 13 Mar 2024 07:06:44 +0000 Subject: [PATCH 567/600] postgresql: Upgrade to 14.11 Addresses CVEs and other bug fixes. Remove patches that are fixed in this release. Release notes are available at: https://www.postgresql.org/docs/release/14.10/ https://www.postgresql.org/docs/release/14.11/ 0001-configure.ac-bypass-autoconf-2.69-version-check.patch refreshed for new version. License-Update: Copyright year updated Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- ...c-bypass-autoconf-2.69-version-check.patch | 6 +- .../postgresql/files/CVE-2023-5868.patch | 125 -------- .../postgresql/files/CVE-2023-5869.patch | 294 ------------------ .../postgresql/files/CVE-2023-5870.patch | 108 ------- ...postgresql_14.9.bb => postgresql_14.11.bb} | 7 +- 5 files changed, 5 insertions(+), 535 deletions(-) delete mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch delete mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch delete mode 100644 meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch rename meta-oe/recipes-dbs/postgresql/{postgresql_14.9.bb => postgresql_14.11.bb} (61%) diff --git a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch index 8ffefbe341b..807eac219bf 100644 --- a/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch +++ b/meta-oe/recipes-dbs/postgresql/files/0001-configure.ac-bypass-autoconf-2.69-version-check.patch @@ -1,4 +1,4 @@ -From 2d3ac7b2eab1bba53c1729e8edb9f8a86700b60f Mon Sep 17 00:00:00 2001 +From c48f2f132744a0b4a2473ec178d63c1d4d1a4a86 Mon Sep 17 00:00:00 2001 From: Yi Fan Yu Date: Fri, 5 Feb 2021 17:15:42 -0500 Subject: [PATCH] configure.ac: bypass autoconf 2.69 version check @@ -14,12 +14,12 @@ Signed-off-by: Yi Fan Yu 1 file changed, 4 deletions(-) diff --git a/configure.ac b/configure.ac -index d0f0b14..54a539e 100644 +index e59dc99..41b4732 100644 --- a/configure.ac +++ b/configure.ac @@ -19,10 +19,6 @@ m4_pattern_forbid(^PGAC_)dnl to catch undefined macros - AC_INIT([PostgreSQL], [14.9], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) + AC_INIT([PostgreSQL], [14.11], [pgsql-bugs@lists.postgresql.org], [], [https://www.postgresql.org/]) -m4_if(m4_defn([m4_PACKAGE_VERSION]), [2.69], [], [m4_fatal([Autoconf version 2.69 is required. -Untested combinations of 'autoconf' and PostgreSQL versions are not diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch deleted file mode 100644 index 50953f49b25..00000000000 --- a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5868.patch +++ /dev/null @@ -1,125 +0,0 @@ -From 3b0776fde56763c549df35ce9750f3399bc710b2 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Tue, 21 Nov 2023 11:37:27 +0000 -Subject: [PATCH] Compute aggregate argument types correctly in - - transformAggregateCall(). - -transformAggregateCall() captures the datatypes of the aggregate's -arguments immediately to construct the Aggref.aggargtypes list. -This seems reasonable because the arguments have already been -transformed --- but there is an edge case where they haven't been. -Specifically, if we have an unknown-type literal in an ANY argument -position, nothing will have been done with it earlier. But if we -also have DISTINCT, then addTargetToGroupList() converts the literal -to "text" type, resulting in the aggargtypes list not matching the -actual runtime type of the argument. The end result is that the -aggregate tries to interpret a "text" value as being of type -"unknown", that is a zero-terminated C string. If the text value -contains no zero bytes, this could result in disclosure of server -memory following the text literal value. - -To fix, move the collection of the aggargtypes list to the end -of transformAggregateCall(), after DISTINCT has been handled. -This requires slightly more code, but not a great deal. - -Our thanks to Jingzhou Fu for reporting this problem. - -Security: CVE-2023-5868 - -CVE: CVE-2023-5868 -Upstream-Status: Backport [https://github.com/postgres/postgres/commit/3b0776fde56763c549df35ce9750f3399bc710b2] - -Signed-off-by: Yogita Urade - ---- - src/backend/parser/parse_agg.c | 35 +++++++++++++++++++---------- - src/test/regress/expected/jsonb.out | 7 ++++++ - src/test/regress/sql/jsonb.sql | 3 +++ - 3 files changed, 33 insertions(+), 12 deletions(-) - -diff --git a/src/backend/parser/parse_agg.c b/src/backend/parser/parse_agg.c -index 828cd99..90cf150 100644 ---- a/src/backend/parser/parse_agg.c -+++ b/src/backend/parser/parse_agg.c -@@ -110,18 +110,6 @@ transformAggregateCall(ParseState *pstate, Aggref *agg, - int save_next_resno; - ListCell *lc; - -- /* -- * Before separating the args into direct and aggregated args, make a list -- * of their data type OIDs for use later. -- */ -- foreach(lc, args) -- { -- Expr *arg = (Expr *) lfirst(lc); -- -- argtypes = lappend_oid(argtypes, exprType((Node *) arg)); -- } -- agg->aggargtypes = argtypes; -- - if (AGGKIND_IS_ORDERED_SET(agg->aggkind)) - { - /* -@@ -233,6 +221,29 @@ transformAggregateCall(ParseState *pstate, Aggref *agg, - agg->aggorder = torder; - agg->aggdistinct = tdistinct; - -+ /* -+ * Now build the aggargtypes list with the type OIDs of the direct and -+ * aggregated args, ignoring any resjunk entries that might have been -+ * added by ORDER BY/DISTINCT processing. We can't do this earlier -+ * because said processing can modify some args' data types, in particular -+ * by resolving previously-unresolved "unknown" literals. -+ */ -+ foreach(lc, agg->aggdirectargs) -+ { -+ Expr *arg = (Expr *) lfirst(lc); -+ -+ argtypes = lappend_oid(argtypes, exprType((Node *) arg)); -+ } -+ foreach(lc, tlist) -+ { -+ TargetEntry *tle = (TargetEntry *) lfirst(lc); -+ -+ if (tle->resjunk) -+ continue; /* ignore junk */ -+ argtypes = lappend_oid(argtypes, exprType((Node *) tle->expr)); -+ } -+ agg->aggargtypes = argtypes; -+ - check_agglevels_and_constraints(pstate, (Node *) agg); - } - -diff --git a/src/test/regress/expected/jsonb.out b/src/test/regress/expected/jsonb.out -index bec355d..eb7f410 100644 ---- a/src/test/regress/expected/jsonb.out -+++ b/src/test/regress/expected/jsonb.out -@@ -1558,6 +1558,13 @@ SELECT jsonb_object_agg(name, type) FROM foo; - INSERT INTO foo VALUES (999999, NULL, 'bar'); - SELECT jsonb_object_agg(name, type) FROM foo; - ERROR: field name must not be null -+-- edge case for parser -+SELECT jsonb_object_agg(DISTINCT 'a', 'abc'); -+ jsonb_object_agg -+------------------ -+ {"a": "abc"} -+(1 row) -+ - -- jsonb_object - -- empty object, one dimension - SELECT jsonb_object('{}'); -diff --git a/src/test/regress/sql/jsonb.sql b/src/test/regress/sql/jsonb.sql -index f8d5960..040e1ba 100644 ---- a/src/test/regress/sql/jsonb.sql -+++ b/src/test/regress/sql/jsonb.sql -@@ -397,6 +397,9 @@ SELECT jsonb_object_agg(name, type) FROM foo; - INSERT INTO foo VALUES (999999, NULL, 'bar'); - SELECT jsonb_object_agg(name, type) FROM foo; - -+-- edge case for parser -+SELECT jsonb_object_agg(DISTINCT 'a', 'abc'); -+ - -- jsonb_object - - -- empty object, one dimension diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch deleted file mode 100644 index cef2ab2253f..00000000000 --- a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5869.patch +++ /dev/null @@ -1,294 +0,0 @@ -From 18b585155a891784ca8985f595ebc0dde94e0d43 Mon Sep 17 00:00:00 2001 -From: Tom Lane -Date: Tue, 21 Nov 2023 11:43:00 +0000 -Subject: [PATCH] Detect integer overflow while computing new array dimensions. - -array_set_element() and related functions allow an array to be -enlarged by assigning to subscripts outside the current array bounds. -While these places were careful to check that the new bounds are -allowable, they neglected to consider the risk of integer overflow -in computing the new bounds. In edge cases, we could compute new -bounds that are invalid but get past the subsequent checks, -allowing bad things to happen. Memory stomps that are potentially -exploitable for arbitrary code execution are possible, and so is -disclosure of server memory. - -To fix, perform the hazardous computations using overflow-detecting -arithmetic routines, which fortunately exist in all still-supported -branches. - -The test cases added for this generate (after patching) errors that -mention the value of MaxArraySize, which is platform-dependent. -Rather than introduce multiple expected-files, use psql's VERBOSITY -parameter to suppress the printing of the message text. v11 psql -lacks that parameter, so omit the tests in that branch. - -Our thanks to Pedro Gallegos for reporting this problem. - -Security: CVE-2023-5869 - -CVE: CVE-2023-5869 -Upstream-Status: Backport [https://github.com/postgres/postgres/commit/18b585155a891784ca8985f595ebc0dde94e0d43] - -Signed-off-by: Yogita Urade - ---- - src/backend/utils/adt/arrayfuncs.c | 85 ++++++++++++++++++++++------ - src/backend/utils/adt/arrayutils.c | 6 -- - src/include/utils/array.h | 7 +++ - src/test/regress/expected/arrays.out | 17 ++++++ - src/test/regress/sql/arrays.sql | 19 +++++++ - 5 files changed, 110 insertions(+), 24 deletions(-) - -diff --git a/src/backend/utils/adt/arrayfuncs.c b/src/backend/utils/adt/arrayfuncs.c -index 949737d..0071f7d 100644 ---- a/src/backend/utils/adt/arrayfuncs.c -+++ b/src/backend/utils/adt/arrayfuncs.c -@@ -19,6 +19,7 @@ - - #include "access/htup_details.h" - #include "catalog/pg_type.h" -+#include "common/int.h" - #include "funcapi.h" - #include "libpq/pqformat.h" - #include "nodes/nodeFuncs.h" -@@ -2334,22 +2335,38 @@ array_set_element(Datum arraydatum, - addedbefore = addedafter = 0; - - /* -- * Check subscripts -+ * Check subscripts. We assume the existing subscripts passed -+ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without -+ * overflow. But we must beware of other overflows in our calculations of -+ * new dim[] values. - */ - if (ndim == 1) - { - if (indx[0] < lb[0]) - { -- addedbefore = lb[0] - indx[0]; -- dim[0] += addedbefore; -+ /* addedbefore = lb[0] - indx[0]; */ -+ /* dim[0] += addedbefore; */ -+ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) || -+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); - lb[0] = indx[0]; - if (addedbefore > 1) - newhasnulls = true; /* will insert nulls */ - } - if (indx[0] >= (dim[0] + lb[0])) - { -- addedafter = indx[0] - (dim[0] + lb[0]) + 1; -- dim[0] += addedafter; -+ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */ -+ /* dim[0] += addedafter; */ -+ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) || -+ pg_add_s32_overflow(addedafter, 1, &addedafter) || -+ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); - if (addedafter > 1) - newhasnulls = true; /* will insert nulls */ - } -@@ -2595,14 +2612,23 @@ array_set_element_expanded(Datum arraydatum, - addedbefore = addedafter = 0; - - /* -- * Check subscripts (this logic matches original array_set_element) -+ * Check subscripts (this logic must match array_set_element). We assume -+ * the existing subscripts passed ArrayCheckBounds, so that dim[i] + lb[i] -+ * can be computed without overflow. But we must beware of other -+ * overflows in our calculations of new dim[] values. - */ - if (ndim == 1) - { - if (indx[0] < lb[0]) - { -- addedbefore = lb[0] - indx[0]; -- dim[0] += addedbefore; -+ /* addedbefore = lb[0] - indx[0]; */ -+ /* dim[0] += addedbefore; */ -+ if (pg_sub_s32_overflow(lb[0], indx[0], &addedbefore) || -+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); - lb[0] = indx[0]; - dimschanged = true; - if (addedbefore > 1) -@@ -2610,8 +2636,15 @@ array_set_element_expanded(Datum arraydatum, - } - if (indx[0] >= (dim[0] + lb[0])) - { -- addedafter = indx[0] - (dim[0] + lb[0]) + 1; -- dim[0] += addedafter; -+ /* addedafter = indx[0] - (dim[0] + lb[0]) + 1; */ -+ /* dim[0] += addedafter; */ -+ if (pg_sub_s32_overflow(indx[0], dim[0] + lb[0], &addedafter) || -+ pg_add_s32_overflow(addedafter, 1, &addedafter) || -+ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); - dimschanged = true; - if (addedafter > 1) - newhasnulls = true; /* will insert nulls */ -@@ -2894,7 +2927,10 @@ array_set_slice(Datum arraydatum, - addedbefore = addedafter = 0; - - /* -- * Check subscripts -+ * Check subscripts. We assume the existing subscripts passed -+ * ArrayCheckBounds, so that dim[i] + lb[i] can be computed without -+ * overflow. But we must beware of other overflows in our calculations of -+ * new dim[] values. - */ - if (ndim == 1) - { -@@ -2909,18 +2945,31 @@ array_set_slice(Datum arraydatum, - errmsg("upper bound cannot be less than lower bound"))); - if (lowerIndx[0] < lb[0]) - { -- if (upperIndx[0] < lb[0] - 1) -- newhasnulls = true; /* will insert nulls */ -- addedbefore = lb[0] - lowerIndx[0]; -- dim[0] += addedbefore; -+ /* addedbefore = lb[0] - lowerIndx[0]; */ -+ /* dim[0] += addedbefore; */ -+ if (pg_sub_s32_overflow(lb[0], lowerIndx[0], &addedbefore) || -+ pg_add_s32_overflow(dim[0], addedbefore, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); - lb[0] = lowerIndx[0]; -+ if (addedbefore > 1) -+ newhasnulls = true; /* will insert nulls */ - } - if (upperIndx[0] >= (dim[0] + lb[0])) - { -- if (lowerIndx[0] > (dim[0] + lb[0])) -+ /* addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; */ -+ /* dim[0] += addedafter; */ -+ if (pg_sub_s32_overflow(upperIndx[0], dim[0] + lb[0], &addedafter) || -+ pg_add_s32_overflow(addedafter, 1, &addedafter) || -+ pg_add_s32_overflow(dim[0], addedafter, &dim[0])) -+ ereport(ERROR, -+ (errcode(ERRCODE_PROGRAM_LIMIT_EXCEEDED), -+ errmsg("array size exceeds the maximum allowed (%d)", -+ (int) MaxArraySize))); -+ if (addedafter > 1) - newhasnulls = true; /* will insert nulls */ -- addedafter = upperIndx[0] - (dim[0] + lb[0]) + 1; -- dim[0] += addedafter; - } - } - else -diff --git a/src/backend/utils/adt/arrayutils.c b/src/backend/utils/adt/arrayutils.c -index 6988edd..fdaf712 100644 ---- a/src/backend/utils/adt/arrayutils.c -+++ b/src/backend/utils/adt/arrayutils.c -@@ -64,10 +64,6 @@ ArrayGetOffset0(int n, const int *tup, const int *scale) - * This must do overflow checking, since it is used to validate that a user - * dimensionality request doesn't overflow what we can handle. - * -- * We limit array sizes to at most about a quarter billion elements, -- * so that it's not necessary to check for overflow in quite so many -- * places --- for instance when palloc'ing Datum arrays. -- * - * The multiplication overflow check only works on machines that have int64 - * arithmetic, but that is nearly all platforms these days, and doing check - * divides for those that don't seems way too expensive. -@@ -78,8 +74,6 @@ ArrayGetNItems(int ndim, const int *dims) - int32 ret; - int i; - --#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum))) -- - if (ndim <= 0) - return 0; - ret = 1; -diff --git a/src/include/utils/array.h b/src/include/utils/array.h -index 4ae6c3b..0d6db51 100644 ---- a/src/include/utils/array.h -+++ b/src/include/utils/array.h -@@ -74,6 +74,13 @@ struct ExprContext; - */ - #define MAXDIM 6 - -+/* -+ * Maximum number of elements in an array. We limit this to at most about a -+ * quarter billion elements, so that it's not necessary to check for overflow -+ * in quite so many places --- for instance when palloc'ing Datum arrays. -+ */ -+#define MaxArraySize ((Size) (MaxAllocSize / sizeof(Datum))) -+ - /* - * Arrays are varlena objects, so must meet the varlena convention that - * the first int32 of the object contains the total object size in bytes. -diff --git a/src/test/regress/expected/arrays.out b/src/test/regress/expected/arrays.out -index 4923cf3..7f9b693 100644 ---- a/src/test/regress/expected/arrays.out -+++ b/src/test/regress/expected/arrays.out -@@ -1380,6 +1380,23 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk) - -- then you didn't get an indexscan plan, and something is busted. - reset enable_seqscan; - reset enable_bitmapscan; -+-- test subscript overflow detection -+-- The normal error message includes a platform-dependent limit, -+-- so suppress it to avoid needing multiple expected-files. -+\set VERBOSITY sqlstate -+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}'); -+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10; -+ERROR: 54000 -+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10; -+ERROR: 54000 -+-- also exercise the expanded-array case -+do $$ declare a int[]; -+begin -+ a := '[-2147483648:-2147483647]={1,2}'::int[]; -+ a[2147483647] := 42; -+end $$; -+ERROR: 54000 -+\set VERBOSITY default - -- test [not] (like|ilike) (any|all) (...) - select 'foo' like any (array['%a', '%o']); -- t - ?column? -diff --git a/src/test/regress/sql/arrays.sql b/src/test/regress/sql/arrays.sql -index 5eedc4c..3ad8bdf 100644 ---- a/src/test/regress/sql/arrays.sql -+++ b/src/test/regress/sql/arrays.sql -@@ -415,6 +415,25 @@ insert into arr_pk_tbl(pk, f1[1:2]) values (1, '{6,7,8}') on conflict (pk) - reset enable_seqscan; - reset enable_bitmapscan; - -+-- test subscript overflow detection -+ -+-- The normal error message includes a platform-dependent limit, -+-- so suppress it to avoid needing multiple expected-files. -+\set VERBOSITY sqlstate -+ -+insert into arr_pk_tbl values(10, '[-2147483648:-2147483647]={1,2}'); -+update arr_pk_tbl set f1[2147483647] = 42 where pk = 10; -+update arr_pk_tbl set f1[2147483646:2147483647] = array[4,2] where pk = 10; -+ -+-- also exercise the expanded-array case -+do $$ declare a int[]; -+begin -+ a := '[-2147483648:-2147483647]={1,2}'::int[]; -+ a[2147483647] := 42; -+end $$; -+ -+\set VERBOSITY default -+ - -- test [not] (like|ilike) (any|all) (...) - select 'foo' like any (array['%a', '%o']); -- t - select 'foo' like any (array['%a', '%b']); -- f diff --git a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch b/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch deleted file mode 100644 index b1a16e46601..00000000000 --- a/meta-oe/recipes-dbs/postgresql/files/CVE-2023-5870.patch +++ /dev/null @@ -1,108 +0,0 @@ -From 3a9b18b3095366cd0c4305441d426d04572d88c1 Mon Sep 17 00:00:00 2001 -From: Noah Misch -Date: Tue, 21 Nov 2023 11:49:50 +0000 -Subject: [PATCH] Ban role pg_signal_backend from more superuser backend types. - -Documentation says it cannot signal "a backend owned by a superuser". -On the contrary, it could signal background workers, including the -logical replication launcher. It could signal autovacuum workers and -the autovacuum launcher. Block all that. Signaling autovacuum workers -and those two launchers doesn't stall progress beyond what one could -achieve other ways. If a cluster uses a non-core extension with a -background worker that does not auto-restart, this could create a denial -of service with respect to that background worker. A background worker -with bugs in its code for responding to terminations or cancellations -could experience those bugs at a time the pg_signal_backend member -chooses. Back-patch to v11 (all supported versions). - -Reviewed by Jelte Fennema-Nio. Reported by Hemanth Sandrana and -Mahendrakar Srinivasarao. - -Security: CVE-2023-5870 - -CVE: CVE-2023-5870 -Upstream-Status: Backport [https://github.com/postgres/postgres/commit/3a9b18b3095366cd0c4305441d426d04572d88c1] - -Signed-off-by: Yogita Urade - ---- - src/backend/storage/ipc/signalfuncs.c | 9 +++++++-- - src/test/regress/expected/privileges.out | 18 ++++++++++++++++++ - src/test/regress/sql/privileges.sql | 15 +++++++++++++++ - 3 files changed, 40 insertions(+), 2 deletions(-) - -diff --git a/src/backend/storage/ipc/signalfuncs.c b/src/backend/storage/ipc/signalfuncs.c -index de69d60..b6ff412 100644 ---- a/src/backend/storage/ipc/signalfuncs.c -+++ b/src/backend/storage/ipc/signalfuncs.c -@@ -69,8 +69,13 @@ pg_signal_backend(int pid, int sig) - return SIGNAL_BACKEND_ERROR; - } - -- /* Only allow superusers to signal superuser-owned backends. */ -- if (superuser_arg(proc->roleId) && !superuser()) -+ /* -+ * Only allow superusers to signal superuser-owned backends. Any process -+ * not advertising a role might have the importance of a superuser-owned -+ * backend, so treat it that way. -+ */ -+ if ((!OidIsValid(proc->roleId) || superuser_arg(proc->roleId)) && -+ !superuser()) - return SIGNAL_BACKEND_NOSUPERUSER; - - /* Users can signal backends they have role membership in. */ -diff --git a/src/test/regress/expected/privileges.out b/src/test/regress/expected/privileges.out -index b3c3b25..90e70f9 100644 ---- a/src/test/regress/expected/privileges.out -+++ b/src/test/regress/expected/privileges.out -@@ -1846,6 +1846,24 @@ SELECT * FROM pg_largeobject LIMIT 0; - SET SESSION AUTHORIZATION regress_priv_user1; - SELECT * FROM pg_largeobject LIMIT 0; -- to be denied - ERROR: permission denied for table pg_largeobject -+-- pg_signal_backend can't signal superusers -+RESET SESSION AUTHORIZATION; -+BEGIN; -+CREATE OR REPLACE FUNCTION terminate_nothrow(pid int) RETURNS bool -+ LANGUAGE plpgsql SECURITY DEFINER SET client_min_messages = error AS $$ -+BEGIN -+ RETURN pg_terminate_backend($1); -+EXCEPTION WHEN OTHERS THEN -+ RETURN false; -+END$$; -+ALTER FUNCTION terminate_nothrow OWNER TO pg_signal_backend; -+SELECT backend_type FROM pg_stat_activity -+WHERE CASE WHEN COALESCE(usesysid, 10) = 10 THEN terminate_nothrow(pid) END; -+ backend_type -+-------------- -+(0 rows) -+ -+ROLLBACK; - -- test pg_database_owner - RESET SESSION AUTHORIZATION; - GRANT pg_database_owner TO regress_priv_user1; -diff --git a/src/test/regress/sql/privileges.sql b/src/test/regress/sql/privileges.sql -index af05f95..f96143e 100644 ---- a/src/test/regress/sql/privileges.sql -+++ b/src/test/regress/sql/privileges.sql -@@ -1133,6 +1133,21 @@ SELECT * FROM pg_largeobject LIMIT 0; - SET SESSION AUTHORIZATION regress_priv_user1; - SELECT * FROM pg_largeobject LIMIT 0; -- to be denied - -+-- pg_signal_backend can't signal superusers -+RESET SESSION AUTHORIZATION; -+BEGIN; -+CREATE OR REPLACE FUNCTION terminate_nothrow(pid int) RETURNS bool -+ LANGUAGE plpgsql SECURITY DEFINER SET client_min_messages = error AS $$ -+BEGIN -+ RETURN pg_terminate_backend($1); -+EXCEPTION WHEN OTHERS THEN -+ RETURN false; -+END$$; -+ALTER FUNCTION terminate_nothrow OWNER TO pg_signal_backend; -+SELECT backend_type FROM pg_stat_activity -+WHERE CASE WHEN COALESCE(usesysid, 10) = 10 THEN terminate_nothrow(pid) END; -+ROLLBACK; -+ - -- test pg_database_owner - RESET SESSION AUTHORIZATION; - GRANT pg_database_owner TO regress_priv_user1; diff --git a/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb b/meta-oe/recipes-dbs/postgresql/postgresql_14.11.bb similarity index 61% rename from meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb rename to meta-oe/recipes-dbs/postgresql/postgresql_14.11.bb index a879de20cc1..8a8c3b9f1e2 100644 --- a/meta-oe/recipes-dbs/postgresql/postgresql_14.9.bb +++ b/meta-oe/recipes-dbs/postgresql/postgresql_14.11.bb @@ -1,6 +1,6 @@ require postgresql.inc -LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=c31f662bb2bfb3b4187fe9a53e0ffe7c" +LIC_FILES_CHKSUM = "file://COPYRIGHT;md5=89afbb2d7716371015101c2b2cb4297a" SRC_URI += "\ file://not-check-libperl.patch \ @@ -9,12 +9,9 @@ SRC_URI += "\ file://0001-configure.ac-bypass-autoconf-2.69-version-check.patch \ file://0001-config_info.c-not-expose-build-info.patch \ file://0001-postgresql-fix-ptest-failure-of-sysviews.patch \ - file://CVE-2023-5868.patch \ - file://CVE-2023-5869.patch \ - file://CVE-2023-5870.patch \ " -SRC_URI[sha256sum] = "b1fe3ba9b1a7f3a9637dd1656dfdad2889016073fd4d35f13b50143cbbb6a8ef" +SRC_URI[sha256sum] = "a670bd7dce22dcad4297b261136b3b1d4a09a6f541719562aa14ca63bf2968a8" CVE_CHECK_IGNORE += "\ CVE-2017-8806 \ From da98a75f37830e69ded0207cc6c73182ab00ec50 Mon Sep 17 00:00:00 2001 From: Anuj Mittal Date: Thu, 7 Mar 2024 07:30:46 -0800 Subject: [PATCH 568/600] opencv: fix reproducibility issues Download and unpack contrib modules and other repositories in S instead of WORKDIR so they don't escape file-prefix-map substitutions. Fixes a number of reproducibility problems because of OpenCV check macros that were embedding path to files in contrib/. MJ: this is backport from langdale and fixes not only reproducibility issues but also pseudo aborts in do_install when do_install is executed again after do_package (in incremental builds): | DEBUG: Executing shell function do_install | NOTE: DESTDIR=opencv/4.5.5-r0/image VERBOSE=1 cmake --build opencv/4.5.5-r0/build --target install -- | abort()ing pseudo client by server request. See https://wiki.yoctoproject.org/wiki/Pseudo_Abort for more details on this. | Check logfile: opencv/4.5.5-r0/pseudo//pseudo.log | Subprocess aborted and pseudo.log file shows: path mismatch [3 links]: ino 214373575 db 'opencv/4.5.5-r0/package/usr/src/debug/lib32-opencv/4.5.5-r0/contrib/modules/intensity_transform/src/bimef.cpp' req 'opencv/4.5.5-r0/contrib/modules/intensity_transform/src/bimef.cpp'. easily reproducible with: bitbake -c cleansstate opencv; bitbake -c package opencv; bitbake -c install -f opencv unlike ${S} ${WORKDIR}/contrib isn't in default PSEUDO_IGNORE_PATHS Signed-off-by: Anuj Mittal Signed-off-by: Khem Raj Signed-off-by: Martin Jansa Signed-off-by: Armin Kuster --- .../recipes-support/opencv/opencv_4.5.5.bb | 34 +++++++++---------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/meta-oe/recipes-support/opencv/opencv_4.5.5.bb b/meta-oe/recipes-support/opencv/opencv_4.5.5.bb index a7700a37434..5b5685f9905 100644 --- a/meta-oe/recipes-support/opencv/opencv_4.5.5.bb +++ b/meta-oe/recipes-support/opencv/opencv_4.5.5.bb @@ -39,12 +39,12 @@ IPP_MD5 = "${@ipp_md5sum(d)}" SRCREV_FORMAT = "opencv_contrib_ipp_boostdesc_vgg" SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol=https \ - git://github.com/opencv/opencv_contrib.git;destsuffix=contrib;name=contrib;branch=master;protocol=https \ - git://github.com/opencv/opencv_3rdparty.git;branch=ippicv/master_20191018;destsuffix=ipp;name=ipp;protocol=https \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_boostdesc_20161012;destsuffix=boostdesc;name=boostdesc;protocol=https \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_vgg_20160317;destsuffix=vgg;name=vgg;protocol=https \ - git://github.com/opencv/opencv_3rdparty.git;branch=contrib_face_alignment_20170818;destsuffix=face;name=face;protocol=https \ - git://github.com/WeChatCV/opencv_3rdparty.git;branch=wechat_qrcode;destsuffix=wechat_qrcode;name=wechat-qrcode;protocol=https \ + git://github.com/opencv/opencv_contrib.git;destsuffix=git/contrib;name=contrib;branch=master;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=ippicv/master_20191018;destsuffix=git/ipp;name=ipp;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_boostdesc_20161012;destsuffix=git/boostdesc;name=boostdesc;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_xfeatures2d_vgg_20160317;destsuffix=git/vgg;name=vgg;protocol=https \ + git://github.com/opencv/opencv_3rdparty.git;branch=contrib_face_alignment_20170818;destsuffix=git/face;name=face;protocol=https \ + git://github.com/WeChatCV/opencv_3rdparty.git;branch=wechat_qrcode;destsuffix=git/wechat_qrcode;name=wechat-qrcode;protocol=https \ file://0001-3rdparty-ippicv-Use-pre-downloaded-ipp.patch \ file://0003-To-fix-errors-as-following.patch \ file://0001-Temporarliy-work-around-deprecated-ffmpeg-RAW-functi.patch \ @@ -52,10 +52,10 @@ SRC_URI = "git://github.com/opencv/opencv.git;name=opencv;branch=master;protocol file://download.patch \ file://0001-Make-ts-module-external.patch \ file://0001-core-vsx-update-vec_absd-workaround-condition.patch \ - file://CVE-2023-2617.patch;patchdir=../contrib \ - file://CVE-2023-2618.patch;patchdir=../contrib \ + file://CVE-2023-2617.patch;patchdir=contrib \ + file://CVE-2023-2618.patch;patchdir=contrib \ " -SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=../contrib" +SRC_URI:append:riscv64 = " file://0001-Use-Os-to-compile-tinyxml2.cpp.patch;patchdir=contrib" S = "${WORKDIR}/git" @@ -64,7 +64,7 @@ S = "${WORKDIR}/git" OPENCV_DLDIR = "${WORKDIR}/downloads" do_unpack_extra() { - tar xzf ${WORKDIR}/ipp/ippicv/${IPP_FILENAME} -C ${WORKDIR} + tar xzf ${S}/ipp/ippicv/${IPP_FILENAME} -C ${S} md5() { # Return the MD5 of $1 @@ -79,22 +79,22 @@ do_unpack_extra() { test -e $DEST || ln -s $F $DEST done } - cache xfeatures2d/boostdesc ${WORKDIR}/boostdesc/*.i - cache xfeatures2d/vgg ${WORKDIR}/vgg/*.i - cache data ${WORKDIR}/face/*.dat - cache wechat_qrcode ${WORKDIR}/wechat_qrcode/*.caffemodel - cache wechat_qrcode ${WORKDIR}/wechat_qrcode/*.prototxt + cache xfeatures2d/boostdesc ${S}/boostdesc/*.i + cache xfeatures2d/vgg ${S}/vgg/*.i + cache data ${S}/face/*.dat + cache wechat_qrcode ${S}/wechat_qrcode/*.caffemodel + cache wechat_qrcode ${S}/wechat_qrcode/*.prototxt } addtask unpack_extra after do_unpack before do_patch CMAKE_VERBOSE = "VERBOSE=1" -EXTRA_OECMAKE = "-DOPENCV_EXTRA_MODULES_PATH=${WORKDIR}/contrib/modules \ +EXTRA_OECMAKE = "-DOPENCV_EXTRA_MODULES_PATH=${S}/contrib/modules \ -DWITH_1394=OFF \ -DENABLE_PRECOMPILED_HEADERS=OFF \ -DCMAKE_SKIP_RPATH=ON \ -DOPENCV_ICV_HASH=${IPP_MD5} \ - -DIPPROOT=${WORKDIR}/ippicv_lnx \ + -DIPPROOT=${S}/ippicv_lnx \ -DOPENCV_GENERATE_PKGCONFIG=ON \ -DOPENCV_DOWNLOAD_PATH=${OPENCV_DLDIR} \ -DOPENCV_ALLOW_DOWNLOADS=OFF \ From 1a3b9da20a4744afaae4a74d0f16c47d888fa235 Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Tue, 12 Mar 2024 11:44:23 +0000 Subject: [PATCH 569/600] c-ares: fix CVE-2024-25629 c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist. References: https://nvd.nist.gov/vuln/detail/CVE-2024-25629 https://github.com/c-ares/c-ares/security/advisories/GHSA-mg26-v6qh-x48q https://security-tracker.debian.org/tracker/CVE-2024-25629 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- .../c-ares/c-ares/CVE-2024-25629.patch | 34 +++++++++++++++++++ .../recipes-support/c-ares/c-ares_1.18.1.bb | 1 + 2 files changed, 35 insertions(+) create mode 100644 meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch diff --git a/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch b/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch new file mode 100644 index 00000000000..4c97eda3c7e --- /dev/null +++ b/meta-oe/recipes-support/c-ares/c-ares/CVE-2024-25629.patch @@ -0,0 +1,34 @@ +From: a804c04ddc8245fc8adf0e92368709639125e183 Mon Sep 17 00:00:00 2001 +From: Brad House +Date: Mon, 11 Mar 2024 14:29:39 +0000 +Subject: [PATCH] Merge pull request from GHSA-mg26-v6qh-x48q + +CVE: CVE-2024-25629 +Upstream-Status: Backport [https://github.com/c-ares/c-ares/commit/a804c04ddc8245fc8adf0e92368709639125e183] + +Signed-off-by: Yogita Urade +--- + src/lib/ares__read_line.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/lib/ares__read_line.c b/src/lib/ares__read_line.c +index c62ad2a..d6625a3 100644 +--- a/src/lib/ares__read_line.c ++++ b/src/lib/ares__read_line.c +@@ -49,6 +49,14 @@ int ares__read_line(FILE *fp, char **buf, size_t *bufsize) + if (!fgets(*buf + offset, bytestoread, fp)) + return (offset != 0) ? 0 : (ferror(fp)) ? ARES_EFILE : ARES_EOF; + len = offset + strlen(*buf + offset); ++ ++ /* Probably means there was an embedded NULL as the first character in ++ * the line, throw away line */ ++ if (len == 0) { ++ offset = 0; ++ continue; ++ } ++ + if ((*buf)[len - 1] == '\n') + { + (*buf)[len - 1] = 0; +-- +2.40.0 diff --git a/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb b/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb index b6cdd801e59..838046146fb 100644 --- a/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb +++ b/meta-oe/recipes-support/c-ares/c-ares_1.18.1.bb @@ -10,6 +10,7 @@ SRC_URI = "git://github.com/c-ares/c-ares.git;branch=main;protocol=https \ file://CVE-2023-31130.patch \ file://CVE-2023-32067.patch \ file://CVE-2023-31147.patch \ + file://CVE-2024-25629.patch \ " SRCREV = "2aa086f822aad5017a6f2061ef656f237a62d0ed" From 9a22be4267b39bcdbcea4d7496a6867a40153c93 Mon Sep 17 00:00:00 2001 From: Vivek Kumbhar Date: Fri, 15 Mar 2024 10:50:07 +0530 Subject: [PATCH 570/600] openjpeg: Backport fix CVE-2021-3575 Upstream-Status: Backport from https://github.com/uclouvain/openjpeg/commit/7bd884f8750892de4f50bf4642fcfbe7011c6bdf Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../openjpeg/openjpeg/CVE-2021-3575.patch | 45 +++++++++++++++++++ .../openjpeg/openjpeg_2.4.0.bb | 1 + 2 files changed, 46 insertions(+) create mode 100644 meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-3575.patch diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-3575.patch b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-3575.patch new file mode 100644 index 00000000000..0322f55cc77 --- /dev/null +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg/CVE-2021-3575.patch @@ -0,0 +1,45 @@ +From 7bd884f8750892de4f50bf4642fcfbe7011c6bdf Mon Sep 17 00:00:00 2001 +From: Even Rouault +Date: Sun, 18 Feb 2024 17:02:25 +0100 +Subject: [PATCH] opj_decompress: fix off-by-one read heap-buffer-overflow in + sycc420_to_rgb() when x0 and y0 are odd (CVE-2021-3575, fixes #1347) + +Upstream-Status: Backport [https://github.com/uclouvain/openjpeg/commit/7bd884f8750892de4f50bf4642fcfbe7011c6bdf] +CVE: CVE-2021-3575 +Signed-off-by: Vivek Kumbhar +--- + src/bin/common/color.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/src/bin/common/color.c b/src/bin/common/color.c +index 27f15f13..ae5d648d 100644 +--- a/src/bin/common/color.c ++++ b/src/bin/common/color.c +@@ -358,7 +358,15 @@ static void sycc420_to_rgb(opj_image_t *img) + if (i < loopmaxh) { + size_t j; + +- for (j = 0U; j < (maxw & ~(size_t)1U); j += 2U) { ++ if (offx > 0U) { ++ sycc_to_rgb(offset, upb, *y, 0, 0, r, g, b); ++ ++y; ++ ++r; ++ ++g; ++ ++b; ++ } ++ ++ for (j = 0U; j < (loopmaxw & ~(size_t)1U); j += 2U) { + sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b); + + ++y; +@@ -375,7 +383,7 @@ static void sycc420_to_rgb(opj_image_t *img) + ++cb; + ++cr; + } +- if (j < maxw) { ++ if (j < loopmaxw) { + sycc_to_rgb(offset, upb, *y, *cb, *cr, r, g, b); + } + } +-- +2.39.3 diff --git a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb index 1c090fdea5e..a619c07aa4c 100644 --- a/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb +++ b/meta-oe/recipes-graphics/openjpeg/openjpeg_2.4.0.bb @@ -11,6 +11,7 @@ SRC_URI = " \ file://0001-This-patch-fixed-include-dir-to-usr-include-.-Obviou.patch \ file://CVE-2021-29338.patch \ file://CVE-2022-1122.patch \ + file://CVE-2021-3575.patch \ " SRCREV = "37ac30ceff6640bbab502388c5e0fa0bff23f505" S = "${WORKDIR}/git" From bb16c640dd4604063a0c2aa6ee7cb4d9d5746e58 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 20 Mar 2024 12:35:50 +0000 Subject: [PATCH 571/600] unixodbc: Fix CVE-2024-1013 An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken. References: https://nvd.nist.gov/vuln/detail/CVE-2024-1013 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../unixodbc/files/CVE-2024-1013.patch | 53 +++++++++++++++++++ .../unixodbc/unixodbc_2.3.9.bb | 1 + 2 files changed, 54 insertions(+) create mode 100644 meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch diff --git a/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch b/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch new file mode 100644 index 00000000000..7d37ad6042c --- /dev/null +++ b/meta-oe/recipes-support/unixodbc/files/CVE-2024-1013.patch @@ -0,0 +1,53 @@ +From 45f501e1be2db6b017cc242c79bfb9de32b332a1 Mon Sep 17 00:00:00 2001 +From: Florian Weimer +Date: Mon, 29 Jan 2024 08:27:29 +0100 +Subject: [PATCH] PostgreSQL driver: Fix incompatible pointer-to-integer types + +These result in out-of-bounds stack writes on 64-bit architectures +(caller has 4 bytes, callee writes 8 bytes), and seem to have gone +unnoticed on little-endian architectures (although big-endian +architectures must be broken). + +This change is required to avoid a build failure with GCC 14. + +CVE: CVE-2024-1013 + +Upstream-Status: Backport [https://github.com/lurcher/unixODBC/commit/45f501e1be2db6b017cc242c79bfb9de32b332a1] + +Signed-off-by: Soumya Sambu +--- + Drivers/Postgre7.1/info.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/Drivers/Postgre7.1/info.c b/Drivers/Postgre7.1/info.c +index 63ac91f..2216ecd 100755 +--- a/Drivers/Postgre7.1/info.c ++++ b/Drivers/Postgre7.1/info.c +@@ -1779,14 +1779,14 @@ char *table_name; + char index_name[MAX_INFO_STRING]; + short fields_vector[8]; + char isunique[10], isclustered[10]; +-SDWORD index_name_len, fields_vector_len; ++SQLLEN index_name_len, fields_vector_len; + TupleNode *row; + int i; + HSTMT hcol_stmt; + StatementClass *col_stmt, *indx_stmt; + char column_name[MAX_INFO_STRING], relhasrules[MAX_INFO_STRING]; + char **column_names = 0; +-Int4 column_name_len; ++SQLLEN column_name_len; + int total_columns = 0; + char error = TRUE; + ConnInfo *ci; +@@ -2136,7 +2136,7 @@ HSTMT htbl_stmt; + StatementClass *tbl_stmt; + char tables_query[STD_STATEMENT_LEN]; + char attname[MAX_INFO_STRING]; +-SDWORD attname_len; ++SQLLEN attname_len; + char pktab[MAX_TABLE_LEN + 1]; + Int2 result_cols; + +-- +2.40.0 diff --git a/meta-oe/recipes-support/unixodbc/unixodbc_2.3.9.bb b/meta-oe/recipes-support/unixodbc/unixodbc_2.3.9.bb index c194739cb14..283546cf0e9 100644 --- a/meta-oe/recipes-support/unixodbc/unixodbc_2.3.9.bb +++ b/meta-oe/recipes-support/unixodbc/unixodbc_2.3.9.bb @@ -10,6 +10,7 @@ DEPENDS = "libtool readline" SRC_URI = "http://ftp.unixodbc.org/unixODBC-${PV}.tar.gz \ file://do-not-use-libltdl-source-directory.patch \ + file://CVE-2024-1013.patch \ " SRC_URI[sha256sum] = "52833eac3d681c8b0c9a5a65f2ebd745b3a964f208fc748f977e44015a31b207" From 8bb16533532b6abc2eded7d9961ab2a108fd7a5b Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Thu, 21 Mar 2024 12:07:15 +0000 Subject: [PATCH 572/600] dnsmasq: Upgrade 2.87 -> 2.90 Fixes CVE-2023-50387 and CVE-2023-50868 Remove backported CVE patch. Remove patch for lua as hardcoding lua version was removed. Changelog: =========== https://thekelleys.org.uk/dnsmasq/CHANGELOG Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../recipes-support/dnsmasq/dnsmasq.inc | 1 - .../recipes-support/dnsmasq/dnsmasq/lua.patch | 31 ------------ .../recipes-support/dnsmasq/dnsmasq_2.87.bb | 7 --- .../recipes-support/dnsmasq/dnsmasq_2.90.bb | 3 ++ .../dnsmasq/files/CVE-2023-28450.patch | 48 ------------------- 5 files changed, 3 insertions(+), 87 deletions(-) delete mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch delete mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb create mode 100644 meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb delete mode 100644 meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc index 9e0f529ec1e..a8ff21a125c 100644 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq.inc +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq.inc @@ -14,7 +14,6 @@ SRC_URI = "http://www.thekelleys.org.uk/dnsmasq/${@['archive/', ''][float(d.getV file://dnsmasq-resolvconf.service \ file://dnsmasq-noresolvconf.service \ file://dnsmasq-resolved.conf \ - file://CVE-2023-28450.patch \ " inherit pkgconfig update-rc.d systemd diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch b/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch deleted file mode 100644 index be2bb42fc2c..00000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq/lua.patch +++ /dev/null @@ -1,31 +0,0 @@ -From be1b3d2d0f1608cba5efee73d6aac5ad0709041b Mon Sep 17 00:00:00 2001 -From: Joe MacDonald -Date: Tue, 9 Sep 2014 10:24:58 -0400 -Subject: [PATCH] Upstream-Status: Inappropriate [OE specific] - -Signed-off-by: Christopher Larson -Signed-off-by: Paul Eggleton - ---- - Makefile | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/Makefile b/Makefile -index 73ea23e..ed3eeb9 100644 ---- a/Makefile -+++ b/Makefile -@@ -60,8 +60,8 @@ idn2_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LIBIDN2 $(PKG_CONFI - idn2_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LIBIDN2 $(PKG_CONFIG) --libs libidn2` - ct_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --cflags libnetfilter_conntrack` - ct_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_CONNTRACK $(PKG_CONFIG) --libs libnetfilter_conntrack` --lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua5.2` --lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua5.2` -+lua_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --cflags lua` -+lua_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_LUASCRIPT $(PKG_CONFIG) --libs lua` - nettle_cflags = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_DNSSEC $(PKG_CONFIG) --cflags 'nettle hogweed' \ - HAVE_CRYPTOHASH $(PKG_CONFIG) --cflags nettle \ - HAVE_NETTLEHASH $(PKG_CONFIG) --cflags nettle` - --- -2.9.5 - diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb deleted file mode 100644 index 793b61d7129..00000000000 --- a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.87.bb +++ /dev/null @@ -1,7 +0,0 @@ -require dnsmasq.inc - -SRC_URI[dnsmasq-2.87.sha256sum] = "ae39bffde9c37e4d64849b528afeb060be6bad6d1044a3bd94a49fce41357284" -SRC_URI += "\ - file://lua.patch \ -" - diff --git a/meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb new file mode 100644 index 00000000000..6e4c3311021 --- /dev/null +++ b/meta-networking/recipes-support/dnsmasq/dnsmasq_2.90.bb @@ -0,0 +1,3 @@ +require dnsmasq.inc + +SRC_URI[dnsmasq-2.90.sha256sum] = "8f6666b542403b5ee7ccce66ea73a4a51cf19dd49392aaccd37231a2c51b303b" diff --git a/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch b/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch deleted file mode 100644 index 129c9043e8a..00000000000 --- a/meta-networking/recipes-support/dnsmasq/files/CVE-2023-28450.patch +++ /dev/null @@ -1,48 +0,0 @@ -From eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5 Mon Sep 17 00:00:00 2001 -From: Simon Kelley -Date: Tue, 7 Mar 2023 22:07:46 +0000 -Subject: [PATCH] Set the default maximum DNS UDP packet size to 1232. - -http://www.dnsflagday.net/2020/ refers. - -Thanks to Xiang Li for the prompt. - -CVE: CVE-2023-28450 -Upstream-Status: Backport [https://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=eb92fb32b746f2104b0f370b5b295bb8dd4bd5e5] - -Signed-off-by: Peter Marko ---- - man/dnsmasq.8 | 3 ++- - src/config.h | 2 +- - 2 files changed, 3 insertions(+), 2 deletions(-) - -diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 -index 41e2e04..5acb935 100644 ---- a/man/dnsmasq.8 -+++ b/man/dnsmasq.8 -@@ -183,7 +183,8 @@ to zero completely disables DNS function, leaving only DHCP and/or TFTP. - .TP - .B \-P, --edns-packet-max= - Specify the largest EDNS.0 UDP packet which is supported by the DNS --forwarder. Defaults to 4096, which is the RFC5625-recommended size. -+forwarder. Defaults to 1232, which is the recommended size following the -+DNS flag day in 2020. Only increase if you know what you are doing. - .TP - .B \-Q, --query-port= - Send outbound DNS queries from, and listen for their replies on, the -diff --git a/src/config.h b/src/config.h -index 1e7b30f..37b374e 100644 ---- a/src/config.h -+++ b/src/config.h -@@ -19,7 +19,7 @@ - #define CHILD_LIFETIME 150 /* secs 'till terminated (RFC1035 suggests > 120s) */ - #define TCP_MAX_QUERIES 100 /* Maximum number of queries per incoming TCP connection */ - #define TCP_BACKLOG 32 /* kernel backlog limit for TCP connections */ --#define EDNS_PKTSZ 4096 /* default max EDNS.0 UDP packet from RFC5625 */ -+#define EDNS_PKTSZ 1232 /* default max EDNS.0 UDP packet from from /dnsflagday.net/2020 */ - #define SAFE_PKTSZ 1232 /* "go anywhere" UDP packet size, see https://dnsflagday.net/2020/ */ - #define KEYBLOCK_LEN 40 /* choose to minimise fragmentation when storing DNSSEC keys */ - #define DNSSEC_WORK 50 /* Max number of queries to validate one question */ --- -2.20.1 - From c944af7d5761b77ea91f1e11ba4cdab5196c7806 Mon Sep 17 00:00:00 2001 From: Derek Straka Date: Wed, 27 Mar 2024 15:16:34 +0800 Subject: [PATCH 573/600] python3-pyyaml-include: add initial recipe for version 1.3.2 Add a recipe for the pyyaml-include package that extends PyYAML to include YAML files within YAML files. Add a ptest to run the unit tests and include the tests as part of the package lists in meta-python Signed-off-by: Derek Straka Signed-off-by: Khem Raj (cherry picked from commit bf011a9f5e89186b338b6a335d10ef84929be0ce) Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- .../python/python3-pyyaml-include/run-ptest | 3 ++ .../python/python3-pyyaml-include_1.3.2.bb | 28 +++++++++++++++++++ 2 files changed, 31 insertions(+) create mode 100755 meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest create mode 100644 meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest new file mode 100755 index 00000000000..3385d68939d --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest @@ -0,0 +1,3 @@ +#!/bin/sh + +pytest -o log_cli=true -o log_cli_level=INFO | sed -e 's/\[...%\]//g'| sed -e 's/PASSED/PASS/g'| sed -e 's/FAILED/FAIL/g'|sed -e 's/SKIPED/SKIP/g'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS"){printf "%s: %s\n", $NF, $0}else{print}}'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS") {$NF="";print $0}else{print}}' diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb new file mode 100644 index 00000000000..9bfaa219463 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb @@ -0,0 +1,28 @@ +SUMMARY = "Extending PyYAML with a custom constructor for including YAML files within YAML files" +HOMEPAGE = "https://github.com/tanbro/pyyaml-include" +LICENSE = "GPL-3.0-only" +LIC_FILES_CHKSUM = "file://LICENSE;md5=d32239bcb673463ab874e80d47fae504" +DEPENDS += "${PYTHON_PN}-setuptools-scm-native" +SRCREV = "36b6975aa8fc7a6cbf37de40aa2ed6d996b2f7be" + +SRC_URI = " \ + git://github.com/tanbro/pyyaml-include;protocol=https;branch=main \ + file://run-ptest \ + " + +S = "${WORKDIR}/git" + +inherit python_setuptools_build_meta ptest + +do_install_ptest() { + install -d ${D}${PTEST_PATH}/tests + cp -rf ${S}/tests/* ${D}${PTEST_PATH}/tests/ +} + +RDEPENDS:${PN} += " \ + ${PYTHON_PN}-pyyaml \ +" +RDEPENDS:${PN}-ptest += " \ + ${PYTHON_PN}-pytest \ +" + From b0e6f9c1de07fe3456e9e5902174719f56b086f1 Mon Sep 17 00:00:00 2001 From: Tim Orling Date: Wed, 27 Mar 2024 15:16:35 +0800 Subject: [PATCH 574/600] python3-pyyaml-include: switch to pytest --automake * Also replace ${PYTHON_PN} with python3 Signed-off-by: Tim Orling Signed-off-by: Khem Raj (cherry picked from commit 182f31a182f6572a3538b875cec7ee761e2da1e6) Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- .../python/python3-pyyaml-include/run-ptest | 2 +- .../python/python3-pyyaml-include_1.3.2.bb | 7 ++++--- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest index 3385d68939d..8d2017d39ce 100755 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest @@ -1,3 +1,3 @@ #!/bin/sh -pytest -o log_cli=true -o log_cli_level=INFO | sed -e 's/\[...%\]//g'| sed -e 's/PASSED/PASS/g'| sed -e 's/FAILED/FAIL/g'|sed -e 's/SKIPED/SKIP/g'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS"){printf "%s: %s\n", $NF, $0}else{print}}'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS") {$NF="";print $0}else{print}}' +pytest --automake diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb index 9bfaa219463..3a5bd99a786 100644 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb @@ -2,7 +2,7 @@ SUMMARY = "Extending PyYAML with a custom constructor for including YAML files w HOMEPAGE = "https://github.com/tanbro/pyyaml-include" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=d32239bcb673463ab874e80d47fae504" -DEPENDS += "${PYTHON_PN}-setuptools-scm-native" +DEPENDS += "python3-setuptools-scm-native" SRCREV = "36b6975aa8fc7a6cbf37de40aa2ed6d996b2f7be" SRC_URI = " \ @@ -20,9 +20,10 @@ do_install_ptest() { } RDEPENDS:${PN} += " \ - ${PYTHON_PN}-pyyaml \ + python3-pyyaml \ " RDEPENDS:${PN}-ptest += " \ - ${PYTHON_PN}-pytest \ + python3-pytest \ + python3-unittest-automake-output \ " From a246e26a4686863290998a1be2d4989cbe996ba9 Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Wed, 27 Mar 2024 15:16:36 +0800 Subject: [PATCH 575/600] python3-pyyaml-include: Upgrade 1.3.2 -> 1.4.1 * Upgrade to 1.4.1 to make it work with setuptools 59.x as it doesn't support pep 621 [1], so remove pyproject.toml and add setup.cfg back [2]. * Add python3-toml to RDEPENDS to fix below error: self = def __call__(self): if sys.version_info >= (3, 11): with open(self._path, "rb") as fp: return tomllib.load(fp) else: try: import toml except ImportError as err: # pragma: no cover > raise ImportError(f'Un-supported file "{self._path}".\n`pip install toml` should solve the problem.\n\n{err}') E ImportError: Un-supported file "tests/data/include.d/1.toml". E `pip install toml` should solve the problem. E E No module named 'toml' ../../python3.10/site-packages/yamlinclude/readers.py:69: ImportError [1] https://setuptools.pypa.io/en/latest/userguide/pyproject_config.html [2] https://github.com/tanbro/pyyaml-include/issues/43 Signed-off-by: Mingli Yu Signed-off-by: Armin Kuster --- ...aml-include_1.3.2.bb => python3-pyyaml-include_1.4.1.bb} | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) rename meta-python/recipes-devtools/python/{python3-pyyaml-include_1.3.2.bb => python3-pyyaml-include_1.4.1.bb} (86%) diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb similarity index 86% rename from meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb rename to meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb index 3a5bd99a786..6768e959f43 100644 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.3.2.bb +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb @@ -2,11 +2,10 @@ SUMMARY = "Extending PyYAML with a custom constructor for including YAML files w HOMEPAGE = "https://github.com/tanbro/pyyaml-include" LICENSE = "GPL-3.0-only" LIC_FILES_CHKSUM = "file://LICENSE;md5=d32239bcb673463ab874e80d47fae504" -DEPENDS += "python3-setuptools-scm-native" -SRCREV = "36b6975aa8fc7a6cbf37de40aa2ed6d996b2f7be" +SRCREV = "0f86bf16343d2ad52b53b793e0b35bb7ed7cd85b" SRC_URI = " \ - git://github.com/tanbro/pyyaml-include;protocol=https;branch=main \ + git://github.com/tanbro/pyyaml-include;protocol=https;branch=1.x \ file://run-ptest \ " @@ -21,6 +20,7 @@ do_install_ptest() { RDEPENDS:${PN} += " \ python3-pyyaml \ + python3-toml \ " RDEPENDS:${PN}-ptest += " \ python3-pytest \ From c0fbf5751a29afef71d7c9b8d3f9bfbe3e199819 Mon Sep 17 00:00:00 2001 From: Ashish Sharma Date: Thu, 28 Mar 2024 15:49:31 +0530 Subject: [PATCH 576/600] wireshark: Backport fix for CVE-2024-2955 Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/6fd3af5e999c71df67c2cdcefb96d0dc4afa5341] Signed-off-by: Ashish Sharma Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2024-2955.patch | 52 +++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 53 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch b/meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch new file mode 100644 index 00000000000..347943d4223 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2024-2955.patch @@ -0,0 +1,52 @@ +From 6fd3af5e999c71df67c2cdcefb96d0dc4afa5341 Mon Sep 17 00:00:00 2001 +From: John Thacker +Date: Wed, 6 Mar 2024 20:40:42 -0500 +Subject: [PATCH] t38: Allocate forced defragmented memory in correct scope + +Fragment data can't be allocated in pinfo->pool scope, as it +outlives the frame. Set it to be freed when the associated tvb +is freed, as done in the main reassemble.c code. + +Fix #19695 + +CVE: CVE-2024-2955 +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/6fd3af5e999c71df67c2cdcefb96d0dc4afa5341] +Signed-off-by: Ashish Sharma + + epan/dissectors/asn1/t38/packet-t38-template.c | 3 ++- + epan/dissectors/packet-t38.c | 3 ++- + 2 files changed, 4 insertions(+), 2 deletions(-) + +diff --git a/epan/dissectors/asn1/t38/packet-t38-template.c b/epan/dissectors/asn1/t38/packet-t38-template.c +index 7b856626865..526b313d054 100644 +--- a/epan/dissectors/asn1/t38/packet-t38-template.c ++++ b/epan/dissectors/asn1/t38/packet-t38-template.c +@@ -325,8 +325,9 @@ force_reassemble_seq(reassembly_table *table, packet_info *pinfo, guint32 id) + last_fd=fd_i; + } + +- data = (guint8 *) wmem_alloc(pinfo->pool, size); ++ data = (guint8 *) g_malloc(size); + fd_head->tvb_data = tvb_new_real_data(data, size, size); ++ tvb_set_free_cb(fd_head->tvb_data, g_free); + fd_head->len = size; /* record size for caller */ + + /* add all data fragments */ +diff --git a/epan/dissectors/packet-t38.c b/epan/dissectors/packet-t38.c +index ca95ae8b64e..5083c936c5a 100644 +--- a/epan/dissectors/packet-t38.c ++++ b/epan/dissectors/packet-t38.c +@@ -355,8 +355,9 @@ force_reassemble_seq(reassembly_table *table, packet_info *pinfo, guint32 id) + last_fd=fd_i; + } + +- data = (guint8 *) wmem_alloc(pinfo->pool, size); ++ data = (guint8 *) g_malloc(size); + fd_head->tvb_data = tvb_new_real_data(data, size, size); ++ tvb_set_free_cb(fd_head->tvb_data, g_free); + fd_head->len = size; /* record size for caller */ + + /* add all data fragments */ +-- +GitLab + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 41c363ad300..75c35328340 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -29,6 +29,7 @@ SRC_URI += " \ file://CVE-2022-4345.patch \ file://CVE-2024-0208.patch \ file://CVE-2023-4511.patch \ + file://CVE-2024-2955.patch \ " UPSTREAM_CHECK_URI = "https://1.as.dl.wireshark.org/src" From 0fffd4d4221461efd0d0600634af1f5dcbd846e4 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Thu, 28 Mar 2024 12:13:56 +0000 Subject: [PATCH 577/600] iniparser: Fix CVE-2023-33461 iniparser v4.1 is vulnerable to NULL Pointer Dereference in function iniparser_getlongint which misses check NULL for function iniparser_getstring's return. References: https://nvd.nist.gov/vuln/detail/CVE-2023-33461 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- .../iniparser/iniparser/CVE-2023-33461.patch | 51 +++++++++++++++++++ .../iniparser/iniparser_4.1.bb | 4 +- 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch diff --git a/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch b/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch new file mode 100644 index 00000000000..1b577fa334e --- /dev/null +++ b/meta-oe/recipes-support/iniparser/iniparser/CVE-2023-33461.patch @@ -0,0 +1,51 @@ +From ace9871f65d11b5d73f0b9ee8cf5d2807439442d Mon Sep 17 00:00:00 2001 +From: Antonio +Date: Fri, 2 Jun 2023 15:03:10 -0300 +Subject: [PATCH] Handle null return from iniparser_getstring + +Fix handling of NULL returns from iniparser_getstring in +iniparser_getboolean, iniparser_getlongint and iniparser_getdouble, +avoiding a crash. + +CVE: CVE-2023-33461 + +Upstream-Status: Backport [https://github.com/ndevilla/iniparser/commit/ace9871f65d11b5d73f0b9ee8cf5d2807439442d] + +Signed-off-by: Soumya Sambu +--- + src/iniparser.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/src/iniparser.c b/src/iniparser.c +index f1d1658..dbceb20 100644 +--- a/src/iniparser.c ++++ b/src/iniparser.c +@@ -456,7 +456,7 @@ long int iniparser_getlongint(const dictionary * d, const char * key, long int n + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return strtol(str, NULL, 0); + } + +@@ -511,7 +511,7 @@ double iniparser_getdouble(const dictionary * d, const char * key, double notfou + const char * str ; + + str = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (str==INI_INVALID_KEY) return notfound ; ++ if (str==NULL || str==INI_INVALID_KEY) return notfound ; + return atof(str); + } + +@@ -553,7 +553,7 @@ int iniparser_getboolean(const dictionary * d, const char * key, int notfound) + const char * c ; + + c = iniparser_getstring(d, key, INI_INVALID_KEY); +- if (c==INI_INVALID_KEY) return notfound ; ++ if (c==NULL || c==INI_INVALID_KEY) return notfound ; + if (c[0]=='y' || c[0]=='Y' || c[0]=='1' || c[0]=='t' || c[0]=='T') { + ret = 1 ; + } else if (c[0]=='n' || c[0]=='N' || c[0]=='0' || c[0]=='f' || c[0]=='F') { +-- +2.40.0 diff --git a/meta-oe/recipes-support/iniparser/iniparser_4.1.bb b/meta-oe/recipes-support/iniparser/iniparser_4.1.bb index 2810a4f6518..7c23b514bd2 100644 --- a/meta-oe/recipes-support/iniparser/iniparser_4.1.bb +++ b/meta-oe/recipes-support/iniparser/iniparser_4.1.bb @@ -10,7 +10,9 @@ PV .= "+git${SRCPV}" SRC_URI = "git://github.com/ndevilla/iniparser.git;protocol=https;branch=master \ file://0001-iniparser.pc-Make-libpath-a-variable.patch \ - file://Add-CMake-support.patch" + file://Add-CMake-support.patch \ + file://CVE-2023-33461.patch \ +" SRCREV= "deb85ad4936d4ca32cc2260ce43323d47936410d" From 717462f81159d00336733c62208b55db22ea1fdb Mon Sep 17 00:00:00 2001 From: Rahul Janani Pandi Date: Mon, 8 Apr 2024 09:42:28 +0000 Subject: [PATCH 578/600] python3-pillow: Fix CVE-2023-50447 Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter). References: https://security-tracker.debian.org/tracker/CVE-2023-50447 https://github.com/python-pillow/Pillow/blob/10.2.0/CHANGES.rst Signed-off-by: Rahul Janani Pandi Signed-off-by: Armin Kuster --- .../python3-pillow/CVE-2023-50447-1.patch | 29 ++++++++ .../python3-pillow/CVE-2023-50447-2.patch | 31 +++++++++ .../python3-pillow/CVE-2023-50447-3.patch | 56 ++++++++++++++++ .../python3-pillow/CVE-2023-50447-4.patch | 66 +++++++++++++++++++ .../python/python3-pillow_9.4.0.bb | 4 ++ 5 files changed, 186 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch create mode 100644 meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch new file mode 100644 index 00000000000..7de12be5d58 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch @@ -0,0 +1,29 @@ +From 3652f431c2d8b9c10bf20b70f284d300d12e814a +From: Andrew Murray +Date: Sat Oct 28 14:22:39 2023 +1100 +Subject: [PATCH] python3-pillow: Simplified code + +CVE: CVE-2023-50447 + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/3652f431c2d8b9c10bf20b70f284d300d12e814a] + +Signed-off-by: Rahul Janani Pandi +--- + src/PIL/ImageMath.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index ac7d36b69..71872a3fb 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -239,7 +239,7 @@ def eval(expression, _dict={}, **kw): + args = ops.copy() + args.update(_dict) + args.update(kw) +- for k, v in list(args.items()): ++ for k, v in args.items(): + if hasattr(v, "im"): + args[k] = _Operand(v) + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch new file mode 100644 index 00000000000..13fbaf6d788 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch @@ -0,0 +1,31 @@ +From 45c726fd4daa63236a8f3653530f297dc87b160a +From: Eric Soroos +Date: Fri Oct 27 11:21:18 2023 +0200 +Subject: [PATCH] python3-pillow: Don't allow __ or builtins in env dictionarys + +CVE: CVE-2023-50447 + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/45c726fd4daa63236a8f3653530f297dc87b160a] + +Signed-off-by: Rahul Janani Pandi +--- + src/PIL/ImageMath.py | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index 71872a3fb..923a8eeae 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -240,6 +240,10 @@ def eval(expression, _dict={}, **kw): + args.update(_dict) + args.update(kw) + for k, v in args.items(): ++ if '__' in k or hasattr(__builtins__, k): ++ msg = f"'{k}' not allowed" ++ raise ValueError(msg) ++ + if hasattr(v, "im"): + args[k] = _Operand(v) + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch new file mode 100644 index 00000000000..bbfc32a6c7c --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch @@ -0,0 +1,56 @@ +From 0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80 +From: Andrew Murray +Date: Sat, 28 Oct 2023 15:58:52 +1100 +Subject: [PATCH] python3-pillow: Allow ops + +CVE: CVE-2023-50447 + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80] + +Signed-off-by: Rahul Janani Pandi +--- + Tests/test_imagemath.py | 5 +++++ + src/PIL/ImageMath.py | 9 +++++---- + 2 files changed, 10 insertions(+), 4 deletions(-) + +diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py +index fe7ac9a7a..ded8c0011 100644 +--- a/Tests/test_imagemath.py ++++ b/Tests/test_imagemath.py +@@ -63,6 +63,11 @@ def test_prevent_exec(expression): + ImageMath.eval(expression) + + ++def test_prevent_double_underscores(): ++ with pytest.raises(ValueError): ++ ImageMath.eval("1", {"__": None}) ++ ++ + def test_logical(): + assert pixel(ImageMath.eval("not A", images)) == 0 + assert pixel(ImageMath.eval("A and B", images)) == "L 2" +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index 923a8eeae..c14598a4c 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -237,13 +237,14 @@ def eval(expression, _dict={}, **kw): + + # build execution namespace + args = ops.copy() +- args.update(_dict) +- args.update(kw) +- for k, v in args.items(): +- if '__' in k or hasattr(__builtins__, k): ++ for k in list(_dict.keys()) + list(kw.keys()): ++ if "__" in k or hasattr(__builtins__, k): + msg = f"'{k}' not allowed" + raise ValueError(msg) + ++ args.update(_dict) ++ args.update(kw) ++ for k, v in args.items(): + if hasattr(v, "im"): + args[k] = _Operand(v) + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch new file mode 100644 index 00000000000..da3e2c19747 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-4.patch @@ -0,0 +1,66 @@ +From 557ba59d13de919d04b3fd4cdef8634f7d4b3348 +From: Andrew Murray +Date: Sat Dec 30 09:30:12 2023 +1100 +Subject: [PATCH] python3-pillow: Include further builtins + +CVE: CVE-2023-50447 + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/557ba59d13de919d04b3fd4cdef8634f7d4b3348] + +Signed-off-by: Rahul Janani Pandi +--- + Tests/test_imagemath.py | 5 +++++ + docs/releasenotes/9.4.0.rst | 8 ++++++++ + src/PIL/ImageMath.py | 2 +- + 3 files changed, 14 insertions(+), 1 deletion(-) + +diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py +index ded8c0011..124687478 100644 +--- a/Tests/test_imagemath.py ++++ b/Tests/test_imagemath.py +@@ -67,6 +67,11 @@ def test_prevent_double_underscores(): + with pytest.raises(ValueError): + ImageMath.eval("1", {"__": None}) + ++def test_prevent_builtins(): ++ with pytest.raises(ValueError): ++ ImageMath.eval("(lambda: exec('exit()'))()", {"exec": None}) ++ ++ + + def test_logical(): + assert pixel(ImageMath.eval("not A", images)) == 0 +diff --git a/docs/releasenotes/9.4.0.rst b/docs/releasenotes/9.4.0.rst +index 0af5bc8ca..9ca7c9f6f 100644 +--- a/docs/releasenotes/9.4.0.rst ++++ b/docs/releasenotes/9.4.0.rst +@@ -88,6 +88,14 @@ Pillow attempted to dereference a null pointer in ``ImageFont``, leading to a + crash. An error is now raised instead. This has been present since + Pillow 8.0.0. + ++Restricted environment keys for ImageMath.eval ++^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ++ ++:cve:`2023-50447`: If an attacker has control over the keys passed to the ++``environment`` argument of :py:meth:`PIL.ImageMath.eval`, they may be able to execute ++arbitrary code. To prevent this, keys matching the names of builtins and keys ++containing double underscores will now raise a :py:exc:`ValueError`. ++ + Other Changes + ============= + +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index c14598a4c..b2c50bc5b 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -238,7 +238,7 @@ def eval(expression, _dict={}, **kw): + # build execution namespace + args = ops.copy() + for k in list(_dict.keys()) + list(kw.keys()): +- if "__" in k or hasattr(__builtins__, k): ++ if "__" in k or hasattr(builtins, k): + msg = f"'{k}' not allowed" + raise ValueError(msg) + +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb b/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb index b9c09127c59..e1d0b30860d 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_9.4.0.bb @@ -10,6 +10,10 @@ SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=main;protocol=https file://0001-explicitly-set-compile-options.patch \ file://run-ptest \ file://CVE-2023-44271.patch \ + file://CVE-2023-50447-1.patch \ + file://CVE-2023-50447-2.patch \ + file://CVE-2023-50447-3.patch \ + file://CVE-2023-50447-4.patch \ " SRCREV ?= "82541b6dec8452cb612067fcebba1c5a1a2bfdc8" From 7a49f1e0165a040ecbb64a87911be3027109786f Mon Sep 17 00:00:00 2001 From: Rohini Sangam Date: Fri, 12 Apr 2024 12:29:37 +0530 Subject: [PATCH 579/600] xterm: Security fix for CVE-2023-40359 CVE fixed: - CVE-2023-40359 xterm: ReGIS reporting for character-set names containing characters other than alphanumerics or underscore Upstream-Status: Backport from https://github.com/ThomasDickey/xterm-snapshots/commit/41ba5cf31da5e43477811b28009d64d3f643fd29 Note: The CVE patch is part of minor version-up and is extracted from the snapshot of xterm-379c. Documentation of the commit shows 2 different overflows being fixed and hence the fix was extracted from the commit. Signed-off-by: Rohini Sangam Signed-off-by: Siddharth Doshi Signed-off-by: Armin Kuster --- .../xorg-app/xterm/CVE-2023-40359.patch | 388 ++++++++++++++++++ .../recipes-graphics/xorg-app/xterm_372.bb | 1 + 2 files changed, 389 insertions(+) create mode 100644 meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch diff --git a/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch b/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch new file mode 100644 index 00000000000..342a8d87253 --- /dev/null +++ b/meta-oe/recipes-graphics/xorg-app/xterm/CVE-2023-40359.patch @@ -0,0 +1,388 @@ +From 41ba5cf31da5e43477811b28009d64d3f643fd29 Mon Sep 17 00:00:00 2001 +From: "Thomas E. Dickey" +Date: Wed, 8 Mar 2023 01:06:03 +0000 +Subject: [PATCH] snapshot of project "xterm", label xterm-379c + +Upstream-Status: Backport from https://github.com/ThomasDickey/xterm-snapshots/commit/41ba5cf31da5e43477811b28009d64d3f643fd29 +CVE: CVE-2023-40359 + +Signed-off-by: Rohini Sangam + +--- + graphics_regis.c | 235 +++++++++++++++++++++++++++-------------------- + 1 file changed, 133 insertions(+), 102 deletions(-) + +diff --git a/graphics_regis.c b/graphics_regis.c +index 479bb79..cf14437 100644 +--- a/graphics_regis.c ++++ b/graphics_regis.c +@@ -1,8 +1,8 @@ +-/* $XTermId: graphics_regis.c,v 1.129 2022/02/21 13:33:08 tom Exp $ */ ++/* $XTermId: graphics_regis.c,v 1.139 2023/03/08 01:06:03 tom Exp $ */ + + /* +- * Copyright 2014-2021,2022 by Ross Combs +- * Copyright 2014-2021,2022 by Thomas E. Dickey ++ * Copyright 2014-2022,2023 by Ross Combs ++ * Copyright 2014-2022,2023 by Thomas E. Dickeiy + * + * All Rights Reserved + * +@@ -119,6 +119,14 @@ typedef struct RegisTextControls { + int slant; /* for italic/oblique */ + } RegisTextControls; + ++#define S_QUOTE '\'' ++#define D_QUOTE '"' ++ ++#define isQuote(ch) ((ch) == S_QUOTE || (ch) == D_QUOTE) ++#define PickQuote(ch) ((ch) == S_QUOTE ? D_QUOTE : S_QUOTE) ++ ++#define isName(c) ((c) == '_' || isalnum(CharOf(c))) ++ + #define FixedCopy(dst, src, len) strncpy(dst, src, len - 1)[len - 1] = '\0' + #define CopyFontname(dst, src) FixedCopy(dst, src, (size_t) REGIS_FONTNAME_LEN) + +@@ -538,8 +546,8 @@ draw_or_save_patterned_pixel(RegisGraphicsContext *context, int x, int y) + static int + sort_points(void const *l, void const *r) + { +- RegisPoint const *const lp = l; +- RegisPoint const *const rp = r; ++ RegisPoint const *const lp = (RegisPoint const *) l; ++ RegisPoint const *const rp = (RegisPoint const *) r; + + if (lp->y < rp->y) + return -1; +@@ -3151,6 +3159,37 @@ extract_regis_command(RegisDataFragment *input, char *command) + return 1; + } + ++/* ++ * * Check a ReGIS alphabet name before reporting it, to pick an appropriate ++ * * delimiter. If the string is empty, or contains nonreportable characters, ++ * * just return NUL. ++ * */ ++static int ++pick_quote(const char *value) ++{ ++ Bool s_quote = False; ++ Bool d_quote = False; ++ ++ if (*value != '\0') { ++ while (*value != '\0') { ++ int ch = CharOf(*value++); ++ if (ch == D_QUOTE) ++ d_quote = True; ++ else if (ch == S_QUOTE) ++ s_quote = True; ++ else if (!isName(ch)) ++ s_quote = d_quote = True; ++ } ++ } else { ++ s_quote = d_quote = True; ++ } ++ return ((s_quote && d_quote) ++ ? 0 ++ : (s_quote ++ ? D_QUOTE ++ : S_QUOTE)); ++} ++ + static int + extract_regis_string(RegisDataFragment *input, char *out, unsigned maxlen) + { +@@ -3166,7 +3205,7 @@ extract_regis_string(RegisDataFragment *input, char *out, unsigned maxlen) + return 0; + + ch = peek_fragment(input); +- if (ch != '\'' && ch != '"') ++ if (!isQuote(ch)) + return 0; + open_quote_ch = ch; + outlen = 0U; +@@ -3246,7 +3285,7 @@ extract_regis_parenthesized_data(RegisDataFragment *input, + for (; input->pos < input->len; input->pos++, output->len++) { + char prev_ch = ch; + ch = input->start[input->pos]; +- if (ch == '\'' || ch == '"') { ++ if (isQuote(ch)) { + if (open_quote_ch == '\0') { + open_quote_ch = ch; + } else { +@@ -3314,7 +3353,7 @@ extract_regis_option(RegisDataFragment *input, + if (ch == ';' || ch == ',' || + ch == '(' || ch == ')' || + ch == '[' || ch == ']' || +- ch == '"' || ch == '\'' || ++ isQuote(ch) || + isdigit(CharOf(ch))) { + return 0; + } +@@ -3330,7 +3369,7 @@ extract_regis_option(RegisDataFragment *input, + TRACE(("looking at char '%c' in option '%c'\n", ch, *option)); + /* FIXME: any special rules for commas? */ + /* FIXME: handle escaped quotes */ +- if (ch == '\'' || ch == '"') { ++ if (isQuote(ch)) { + if (open_quote_ch == ch) { + open_quote_ch = '\0'; + } else { +@@ -5008,6 +5047,7 @@ parse_regis_command(RegisParseState *state) + static int + parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + { ++ XtermWidget xw = context->display_graphic->xw; + RegisDataFragment optionarg; + + if (!extract_regis_option(&state->input, &state->option, &optionarg)) +@@ -5586,13 +5626,18 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + state->option, fragment_to_tempstr(&optionarg))); + break; + } { +- char reply[64]; ++ unsigned err_code = 0U; ++ unsigned err_char = 0U; + + TRACE(("got report last error condition\n")); + /* FIXME: implement after adding error tracking */ +- sprintf(reply, "\"%u,%u\"\r", 0U, 0U); +- unparseputs(context->display_graphic->xw, reply); +- unparse_end(context->display_graphic->xw); ++ unparseputc(xw, D_QUOTE); ++ unparseputn(xw, err_code); ++ unparseputc(xw, ','); ++ unparseputn(xw, err_char); ++ unparseputc(xw, D_QUOTE); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + } + break; + case 'I': +@@ -5639,8 +5684,8 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + /* FIXME: implement arrow key movement */ + /* FIXME: implement button/key collection */ + +- unparseputs(context->display_graphic->xw, "\r"); +- unparse_end(context->display_graphic->xw); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + + skip_regis_whitespace(&optionarg); + if (!fragment_consumed(&optionarg)) { +@@ -5657,25 +5702,22 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + if (!fragment_consumed(&optionarg)) { + TRACE(("DATA_ERROR: unexpected arguments to ReGIS report command option '%c' arg \"%s\"\n", + state->option, fragment_to_tempstr(&optionarg))); +- break; +- } { +- char buffer[32]; +- +- if (state->load_index == MAX_REGIS_ALPHABETS) { +- /* If this happens something went wrong elsewhere. */ +- TRACE(("DATA_ERROR: unable to report current load alphabet\n")); +- unparseputs(context->display_graphic->xw, "A0\"\"\r"); +- unparse_end(context->display_graphic->xw); +- break; ++ } else if (state->load_index == MAX_REGIS_ALPHABETS) { ++ /* If this happens something went wrong elsewhere. */ ++ TRACE(("DATA_ERROR: unable to report current load alphabet\n")); ++ unparseputs(xw, "A0\"\"\r"); ++ unparse_end(xw); ++ } else { ++ int delim = pick_quote(state->load_name); ++ if (delim != '\0') { ++ unparseputs(xw, "A"); ++ unparseputn(xw, state->load_alphabet); ++ unparseputc(xw, delim); ++ unparseputs(xw, state->load_name); ++ unparseputc(xw, delim); + } +- +- unparseputs(context->display_graphic->xw, "A"); +- sprintf(buffer, "%u", state->load_alphabet); +- unparseputs(context->display_graphic->xw, buffer); +- unparseputs(context->display_graphic->xw, "\""); +- unparseputs(context->display_graphic->xw, state->load_name); +- unparseputs(context->display_graphic->xw, "\"\r"); +- unparse_end(context->display_graphic->xw); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + } + break; + case 'M': +@@ -5717,13 +5759,18 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + } + + if (name == '=') { +- char reply[64]; ++ unsigned max_available = 1000U; ++ unsigned cur_available = max_available; + + TRACE(("got report macrograph storage request\n")); + /* FIXME: Implement when macrographs are supported. */ +- sprintf(reply, "\"%u,%u\"\r", 1000U, 1000U); +- unparseputs(context->display_graphic->xw, reply); +- unparse_end(context->display_graphic->xw); ++ unparseputc(xw, D_QUOTE); ++ unparseputn(xw, cur_available); ++ unparseputc(xw, ','); ++ unparseputn(xw, max_available); ++ unparseputc(xw, D_QUOTE); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + } else if (name < 'A' || name > 'Z') { + TRACE(("DATA_ERROR: invalid macrograph name: \"%c\"\n", name)); + /* FIXME: what should happen? */ +@@ -5732,12 +5779,13 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + char temp[8]; + + TRACE(("got report macrograph request for name '%c'\n", name)); +- sprintf(temp, "@=%c", name); +- unparseputs(context->display_graphic->xw, temp); ++ unparseputs(xw, "@="); ++ unparseputc(xw, name); + /* FIXME: Allow this to be disabled for security reasons. */ + /* FIXME: implement when macrographs are supported. */ +- unparseputs(context->display_graphic->xw, "@;\r"); +- unparse_end(context->display_graphic->xw); ++ unparseputs(xw, "@;"); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + } + } + break; +@@ -5785,78 +5833,61 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + TRACE(("got report cursor position (output=%d)\n", output)); + + /* FIXME: look into supporting ANSI locator reports (DECLRP) */ ++ unparseputc(xw, L_BLOK); + if (output == 1) { +- char reply[64]; ++ /* FIXME: verify in absolute, not user, coordinates */ ++ unparseputn(xw, (unsigned) context->graphics_output_cursor_x); ++ unparseputc(xw, ','); ++ unparseputn(xw, (unsigned) context->graphics_output_cursor_y); ++ } else if (context->multi_input_mode) { ++ /* FIXME: track input coordinates */ ++ unsigned x = 0, y = 0; /* placeholders */ ++ ++ /* send CSI240~[x,y]\r with current input cursor location */ ++ ++ /* FIXME: verify no leading char or button sequence */ ++ /* FIXME: should we ever send an eight-bit CSI? */ + + /* FIXME: verify in absolute, not user, coordinates */ +- sprintf(reply, "[%d,%d]\r", +- context->graphics_output_cursor_x, +- context->graphics_output_cursor_y); +- unparseputs(context->display_graphic->xw, reply); +- unparse_end(context->display_graphic->xw); ++ TRACE(("sending multi-mode input report at %u,%u\n", x, y)); ++ unparseputn(xw, x); ++ unparseputc(xw, ','); ++ unparseputn(xw, y); + } else { +- char reply[64]; +- int x, y; +- +- if (context->multi_input_mode) { +- /* FIXME: track input coordinates */ +- x = y = 0; /* placeholders */ +- +- /* send CSI240~[x,y]\r with current input cursor location */ +- +- /* FIXME: verify no leading char or button sequence */ +- /* FIXME: should we ever send an eight-bit CSI? */ +- /* FIXME: verify in absolute, not user, coordinates */ +- TRACE(("sending multi-mode input report at %d,%d\n", +- x, y)); +- sprintf(reply, "[%d,%d]\r", x, y); +- unparseputs(context->display_graphic->xw, reply); +- unparse_end(context->display_graphic->xw); +- break; +- } else { +- char ch; +- +- /* FIXME: wait for first non-arrow keypress or mouse click, and don't update graphics while waiting */ +- ch = ' '; /* placeholder */ +- x = y = 0; /* placeholders */ +- +- /* send [x,y]\r to report input cursor location */ +- +- /* null button: CSI240~ */ +- /* left button: CSI241~ */ +- /* middle button: CSI243~ */ +- /* right button: CSI245~ */ +- /* extra button: CSI247~ */ +- /* FIXME: support DECLBD to change button assignments */ +- /* FIXME: verify no leading char or button sequence */ +- TRACE(("sending one-shot input report with %c at %d,%d\n", +- ch, x, y)); +-#if 0 /* FIXME - dead code */ +- if (ch == '\r') { +- /* Return only reports the location. */ +- sprintf(reply, "[%d,%d]\r", x, y); +- } else if (ch == '\177') { +- /* DEL exits locator mode reporting nothing. */ +- sprintf(reply, "\r"); +- } else +-#endif +- { +- sprintf(reply, "%c[%d,%d]\r", ch, x, y); +- } +- unparseputs(context->display_graphic->xw, reply); +- unparse_end(context->display_graphic->xw); +- /* FIXME: exit one-shot mode and disable input cursor */ +- break; ++ ++ char ch = ' '; /* placeholder */ ++ unsigned x = 0, y = 0; /* placeholders */ ++ ++ /* FIXME: wait for first non-arrow keypress or mouse click, and don't update graphics while waiting */ ++ /* send [x,y]\r to report input cursor location */ ++ ++ /* null button: CSI240~ */ ++ /* left button: CSI241~ */ ++ /* middle button: CSI243~ */ ++ /* right button: CSI245~ */ ++ /* extra button: CSI247~ */ ++ /* FIXME: support DECLBD to change button assignments */ ++ /* FIXME: verify no leading char or button sequence */ ++ TRACE(("sending one-shot input report with %c at %u,%u\n", ++ ch, x, y)); ++ if (ch != '\177') { ++ unparseputn(xw, x); ++ unparseputc(xw, ','); ++ unparseputn(xw, y); + } ++ /* FIXME: exit one-shot mode and disable input cursor */ + } ++ unparseputc(xw, R_BLOK); ++ unparseputc(xw, '\r'); ++ unparse_end(xw); + } + break; + default: + TRACE(("DATA_ERROR: sending empty report for unknown ReGIS report command option '%c' arg \"%s\"\n", + state->option, fragment_to_tempstr(&optionarg))); + /* Unknown report request types must receive empty reports. */ +- unparseputs(context->display_graphic->xw, "\r"); +- unparse_end(context->display_graphic->xw); ++ unparseputs(xw, "\r"); ++ unparse_end(xw); + break; + } + break; +@@ -6154,7 +6185,7 @@ parse_regis_option(RegisParseState *state, RegisGraphicsContext *context) + + TRACE(("using display page number: %d\n", page)); + context->display_page = (unsigned) page; +- map_regis_graphics_pages(context->display_graphic->xw, context); ++ map_regis_graphics_pages(xw, context); + } + break; + case 'T': +-- +2.35.7 + diff --git a/meta-oe/recipes-graphics/xorg-app/xterm_372.bb b/meta-oe/recipes-graphics/xorg-app/xterm_372.bb index 223bc0a4989..84308b18482 100644 --- a/meta-oe/recipes-graphics/xorg-app/xterm_372.bb +++ b/meta-oe/recipes-graphics/xorg-app/xterm_372.bb @@ -7,6 +7,7 @@ LIC_FILES_CHKSUM = "file://xterm.h;beginline=3;endline=31;md5=5ec6748ed90e588caa SRC_URI = "http://invisible-mirror.net/archives/${BPN}/${BP}.tgz \ file://0001-Add-configure-time-check-for-setsid.patch \ file://CVE-2022-45063.patch \ + file://CVE-2023-40359.patch \ " SRC_URI[sha256sum] = "c6d08127cb2409c3a04bcae559b7025196ed770bb7bf26630abcb45d95f60ab1" From bd7b2ebf21b4b9e382d05b685aba18a08b224249 Mon Sep 17 00:00:00 2001 From: Xiangyu Chen Date: Mon, 15 Apr 2024 13:59:37 +0800 Subject: [PATCH 580/600] bats: fix bats-format-pretty report error when multilib enabled bat-format-pretty hardcoded the lib folder that cause it reports missing formatter.bash error when multilib is enabled. Signed-off-by: Xiangyu Chen Signed-off-by: Armin Kuster --- meta-oe/recipes-test/bats/bats_1.6.1.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-oe/recipes-test/bats/bats_1.6.1.bb b/meta-oe/recipes-test/bats/bats_1.6.1.bb index 7d72a5198bf..3dcb51972d8 100644 --- a/meta-oe/recipes-test/bats/bats_1.6.1.bb +++ b/meta-oe/recipes-test/bats/bats_1.6.1.bb @@ -19,6 +19,7 @@ do_configure:prepend() { sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-file sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-exec-test + sed -i 's:\$BATS_ROOT/lib:\$BATS_ROOT/${baselib}:g' ${S}/libexec/bats-core/bats-format-pretty } do_install() { From ac06a6540499c2492c6f4eb87481ba4df83a21cb Mon Sep 17 00:00:00 2001 From: Rahul Janani Pandi Date: Tue, 16 Apr 2024 10:40:54 +0000 Subject: [PATCH 581/600] python3-django: fix CVE-2024-24680 An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings. Since, there is no ptest available for python3-django so have not tested the patch changes at runtime. References: https://security-tracker.debian.org/tracker/CVE-2024-24680 https://docs.djangoproject.com/en/dev/releases/4.2.10/ Signed-off-by: Rahul Janani Pandi Signed-off-by: Armin Kuster --- .../python3-django/CVE-2024-24680.patch | 48 +++++++++++++++++++ .../python/python3-django_2.2.28.bb | 1 + 2 files changed, 49 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch diff --git a/meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch b/meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch new file mode 100644 index 00000000000..aec67453ae9 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-django/CVE-2024-24680.patch @@ -0,0 +1,48 @@ +From 572ea07e84b38ea8de0551f4b4eda685d91d09d2 +From: Adam Johnson +Date: Mon Jan 22 13:21:13 2024 +0000 +Subject: [PATCH] Fixed CVE-2024-24680 -- Mitigated potential DoS in intcomma + template filter + +Thanks Seokchan Yoon for the report. + +Co-authored-by: Mariusz Felisiak +Co-authored-by: Natalia <124304+nessita@users.noreply.github.com> +Co-authored-by: Shai Berger + +CVE: CVE-2024-24680 + +Upstream-Status: Backport [https://github.com/django/django/commit/572ea07e84b38ea8de0551f4b4eda685d91d09d2] + +Signed-off-by: Rahul Janani Pandi +--- + django/contrib/humanize/templatetags/humanize.py | 13 +++++++------ + 1 file changed, 7 insertions(+), 6 deletions(-) + +diff --git a/django/contrib/humanize/templatetags/humanize.py b/django/contrib/humanize/templatetags/humanize.py +index 194c7e8..ee22a45 100644 +--- a/django/contrib/humanize/templatetags/humanize.py ++++ b/django/contrib/humanize/templatetags/humanize.py +@@ -71,13 +71,14 @@ def intcomma(value, use_l10n=True): + return intcomma(value, False) + else: + return number_format(value, force_grouping=True) +- orig = str(value) +- new = re.sub(r"^(-?\d+)(\d{3})", r'\g<1>,\g<2>', orig) +- if orig == new: +- return new +- else: +- return intcomma(new, use_l10n) + ++ result = str(value) ++ match = re.match(r"-?\d+", result) ++ if match: ++ prefix = match[0] ++ prefix_with_commas = re.sub(r"\d{3}", r"\g<0>,", prefix[::-1])[::-1] ++ result = prefix_with_commas + result[len(prefix) :] ++ return result + + # A tuple of standard large number to their converters + intword_converters = ( +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb index 8c955e6bd86..cbd2c69c052 100644 --- a/meta-python/recipes-devtools/python/python3-django_2.2.28.bb +++ b/meta-python/recipes-devtools/python/python3-django_2.2.28.bb @@ -10,6 +10,7 @@ SRC_URI += "file://CVE-2023-31047.patch \ file://CVE-2023-41164.patch \ file://CVE-2023-43665.patch \ file://CVE-2023-46695.patch \ + file://CVE-2024-24680.patch \ " SRC_URI[sha256sum] = "0200b657afbf1bc08003845ddda053c7641b9b24951e52acd51f6abda33a7413" From ca4f69e66c30249ca7e0ed9ecf038bbf425cae50 Mon Sep 17 00:00:00 2001 From: nikhil Date: Wed, 17 Apr 2024 11:25:23 +0530 Subject: [PATCH 582/600] giflib: Fix CVE CVE-2022-28506 There is a heap buffer overflow in DumpScreen2RGB() in gif2rgb.c. This occurs when a crafted gif file, where size of color table is < 256 but image data contains pixels with color code highier than size of color table. This causes oferflow of ColorMap->Colors array. Fix the issue by checking if value of each pixel is within bounds of given color table. If the value is out of color table, print error message and exit. Signed-off-by: Nikhil R Signed-off-by: Armin Kuster --- .../giflib/files/CVE-2022-28506.patch | 40 +++++++++++++++++++ .../recipes-devtools/giflib/giflib_5.2.1.bb | 4 +- 2 files changed, 43 insertions(+), 1 deletion(-) create mode 100644 meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch diff --git a/meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch b/meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch new file mode 100644 index 00000000000..221e10811a2 --- /dev/null +++ b/meta-oe/recipes-devtools/giflib/files/CVE-2022-28506.patch @@ -0,0 +1,40 @@ +From 368f28c0034ecfb6dd4b3412af4cc589a56e0611 Mon Sep 17 00:00:00 2001 +From: Matej Muzila +Date: Mon, 30 May 2022 09:04:27 +0200 +Subject: [PATCH] Fix heap-buffer overflow (CVE-2022-28506) + +There is a heap buffer overflow in DumpScreen2RGB() in gif2rgb.c. This +occurs when a crafted gif file, where size of color table is < 256 but +image data contains pixels with color code highier than size of color +table. This causes oferflow of ColorMap->Colors array. + +Fix the issue by checking if value of each pixel is within bounds of +given color table. If the value is out of color table, print error +message and exit. + +Fixes: #159 + +Upstream-Status: Backport [https://sourceforge.net/p/giflib/code/ci/5b74cdd9c1285514eaa4675347ba3eea81d32c65/] +Signed-off-by: nikhil r +--- + gif2rgb.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/gif2rgb.c b/gif2rgb.c +index 8d7c0ff..d9a469f 100644 +--- a/gif2rgb.c ++++ b/gif2rgb.c +@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileName, int OneFileFlag, + GifRow = ScreenBuffer[i]; + GifQprintf("\b\b\b\b%-4d", ScreenHeight - i); + for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) { ++ /* Check if color is within color palete */ ++ if (GifRow[j] >= ColorMap->ColorCount) ++ { ++ GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT)); ++ } + ColorMapEntry = &ColorMap->Colors[GifRow[j]]; + *BufferP++ = ColorMapEntry->Red; + *BufferP++ = ColorMapEntry->Green; +-- +2.25.1 diff --git a/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb b/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb index 79afe9a70f3..011ca1ffb70 100644 --- a/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb +++ b/meta-oe/recipes-devtools/giflib/giflib_5.2.1.bb @@ -7,7 +7,9 @@ CVE_PRODUCT = "giflib_project:giflib" DEPENDS = "xmlto-native" -SRC_URI = "${SOURCEFORGE_MIRROR}/giflib/${BP}.tar.gz" +SRC_URI = "${SOURCEFORGE_MIRROR}/giflib/${BP}.tar.gz \ + file://CVE-2022-28506.patch" + SRC_URI[sha256sum] = "31da5562f44c5f15d63340a09a4fd62b48c45620cd302f77a6d9acf0077879bd" do_install() { From fdc54c502951bde8ad91aeaa9678813b25ff54e7 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Fri, 19 Apr 2024 13:23:45 +0000 Subject: [PATCH 583/600] apache2: Upgrade v2.4.58 -> v2.4.59 This upgrade incorporates the fixes for CVE-2024-27316, CVE-2024-24795,CVE-2023-38709 and other bugfixes. Adjusted 0004-apache2-log-the-SELinux-context-at-startup.patch and 0007-apache2-allow-to-disable-selinux-support.patch to align with upgraded version. Changelog: https://downloads.apache.org/httpd/CHANGES_2.4.59 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- ...che2-log-the-SELinux-context-at-startup.patch | 16 ++++++++-------- ...pache2-allow-to-disable-selinux-support.patch | 10 +++++----- .../{apache2_2.4.58.bb => apache2_2.4.59.bb} | 2 +- 3 files changed, 14 insertions(+), 14 deletions(-) rename meta-webserver/recipes-httpd/apache2/{apache2_2.4.58.bb => apache2_2.4.59.bb} (99%) diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch index a652b7969ae..9723db1c918 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch +++ b/meta-webserver/recipes-httpd/apache2/apache2/0004-apache2-log-the-SELinux-context-at-startup.patch @@ -14,10 +14,10 @@ Note: unlikely to be any interest in this upstream 2 files changed, 31 insertions(+) diff --git a/configure.in b/configure.in -index ea6cec3..92b74b7 100644 +index 352711a..f58620f 100644 --- a/configure.in +++ b/configure.in -@@ -491,6 +491,11 @@ getloadavg +@@ -514,6 +514,11 @@ gettid dnl confirm that a void pointer is large enough to store a long integer APACHE_CHECK_VOID_PTR_LEN @@ -26,11 +26,11 @@ index ea6cec3..92b74b7 100644 + APR_ADDTO(AP_LIBS, [-lselinux]) +]) + - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE - #include + if test $ac_cv_func_gettid = no; then + # On Linux before glibc 2.30, gettid() is only usable via syscall() + AC_CACHE_CHECK([for gettid() via syscall], ap_cv_gettid, diff --git a/server/core.c b/server/core.c -index 4da7209..d3ca25b 100644 +index 30b317e..81f145f 100644 --- a/server/core.c +++ b/server/core.c @@ -65,6 +65,10 @@ @@ -44,7 +44,7 @@ index 4da7209..d3ca25b 100644 /* LimitRequestBody handling */ #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */ -@@ -5126,6 +5130,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte +@@ -5139,6 +5143,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte } #endif @@ -74,5 +74,5 @@ index 4da7209..d3ca25b 100644 } -- -2.25.1 +2.40.0 diff --git a/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch index 3ff6894409b..7163dc2b80a 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch +++ b/meta-webserver/recipes-httpd/apache2/apache2/0007-apache2-allow-to-disable-selinux-support.patch @@ -11,10 +11,10 @@ Signed-off-by: Wenzong Fan 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/configure.in b/configure.in -index 76811e7..4df3ff3 100644 +index f58620f..b5971b7 100644 --- a/configure.in +++ b/configure.in -@@ -491,10 +491,16 @@ getloadavg +@@ -514,10 +514,16 @@ gettid dnl confirm that a void pointer is large enough to store a long integer APACHE_CHECK_VOID_PTR_LEN @@ -33,8 +33,8 @@ index 76811e7..4df3ff3 100644 + ]) +fi - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE + if test $ac_cv_func_gettid = no; then + # On Linux before glibc 2.30, gettid() is only usable via syscall() -- -2.25.1 +2.40.0 diff --git a/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb similarity index 99% rename from meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb rename to meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb index 84b19de5922..7740b4e33db 100644 --- a/meta-webserver/recipes-httpd/apache2/apache2_2.4.58.bb +++ b/meta-webserver/recipes-httpd/apache2/apache2_2.4.59.bb @@ -27,7 +27,7 @@ SRC_URI:append:class-target = " \ " LIC_FILES_CHKSUM = "file://LICENSE;md5=bddeddfac80b2c9a882241d008bb41c3" -SRC_URI[sha256sum] = "fa16d72a078210a54c47dd5bef2f8b9b8a01d94909a51453956b3ec6442ea4c5" +SRC_URI[sha256sum] = "ec51501ec480284ff52f637258135d333230a7d229c3afa6f6c2f9040e321323" S = "${WORKDIR}/httpd-${PV}" From a9a49989479b47c5f1158023f1040e4ad7b7b4a2 Mon Sep 17 00:00:00 2001 From: Rahul Janani Pandi Date: Thu, 25 Apr 2024 07:10:52 +0000 Subject: [PATCH 584/600] python3-aiohttp: Fix CVE-2024-23334 aiohttp is an asynchronous HTTP client/server framework for asyncio and Python.When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'follow_symlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'follow_symlinks' is set to True, there is no validation to check if reading a file is within the root directory. This can lead to directory traversal vulnerabilities, resulting in unauthorized access to arbitrary files on the system, even when symlinks are not present. Disabling follow_symlinks and using a reverse proxy are encouraged mitigations. Version 3.9.2 fixes this issue. References: https://security-tracker.debian.org/tracker/CVE-2024-23334 https://github.com/aio-libs/aiohttp/releases/tag/v3.9.2 Signed-off-by: Rahul Janani Pandi Signed-off-by: Armin Kuster --- .../python3-aiohttp/CVE-2024-23334.patch | 222 ++++++++++++++++++ .../python/python3-aiohttp_3.8.6.bb | 3 + 2 files changed, 225 insertions(+) create mode 100644 meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch diff --git a/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch b/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch new file mode 100644 index 00000000000..29909529aa7 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-aiohttp/CVE-2024-23334.patch @@ -0,0 +1,222 @@ +From 1c335944d6a8b1298baf179b7c0b3069f10c514b +From: Sam Bull +Date: Sun Jan 28 18:13:06 2024 +0000 +Subject: [PATCH] python3-aiohttp: Validate static paths (#8079) + +Co-authored-by: J. Nick Koston + +CVE: CVE-2024-23334 + +Upstream-Status: Backport [https://github.com/aio-libs/aiohttp/commit/1c335944d6a8b1298baf179b7c0b3069f10c514b] + +Signed-off-by: Rahul Janani Pandi +--- + CHANGES/8079.bugfix.rst | 1 + + aiohttp/web_urldispatcher.py | 18 +++++-- + docs/web_advanced.rst | 16 ++++-- + docs/web_reference.rst | 12 +++-- + tests/test_web_urldispatcher.py | 91 +++++++++++++++++++++++++++++++++ + 5 files changed, 128 insertions(+), 10 deletions(-) + create mode 100644 CHANGES/8079.bugfix.rst + +diff --git a/CHANGES/8079.bugfix.rst b/CHANGES/8079.bugfix.rst +new file mode 100644 +index 0000000..57bc8bf +--- /dev/null ++++ b/CHANGES/8079.bugfix.rst +@@ -0,0 +1 @@ ++Improved validation of paths for static resources -- by :user:`bdraco`. +diff --git a/aiohttp/web_urldispatcher.py b/aiohttp/web_urldispatcher.py +index 5942e35..e8a8023 100644 +--- a/aiohttp/web_urldispatcher.py ++++ b/aiohttp/web_urldispatcher.py +@@ -593,9 +593,14 @@ class StaticResource(PrefixResource): + url = url / filename + + if append_version: ++ unresolved_path = self._directory.joinpath(filename) + try: +- filepath = self._directory.joinpath(filename).resolve() +- if not self._follow_symlinks: ++ if self._follow_symlinks: ++ normalized_path = Path(os.path.normpath(unresolved_path)) ++ normalized_path.relative_to(self._directory) ++ filepath = normalized_path.resolve() ++ else: ++ filepath = unresolved_path.resolve() + filepath.relative_to(self._directory) + except (ValueError, FileNotFoundError): + # ValueError for case when path point to symlink +@@ -660,8 +665,13 @@ class StaticResource(PrefixResource): + # /static/\\machine_name\c$ or /static/D:\path + # where the static dir is totally different + raise HTTPForbidden() +- filepath = self._directory.joinpath(filename).resolve() +- if not self._follow_symlinks: ++ unresolved_path = self._directory.joinpath(filename) ++ if self._follow_symlinks: ++ normalized_path = Path(os.path.normpath(unresolved_path)) ++ normalized_path.relative_to(self._directory) ++ filepath = normalized_path.resolve() ++ else: ++ filepath = unresolved_path.resolve() + filepath.relative_to(self._directory) + except (ValueError, FileNotFoundError) as error: + # relatively safe +diff --git a/docs/web_advanced.rst b/docs/web_advanced.rst +index 3a98b78..5129397 100644 +--- a/docs/web_advanced.rst ++++ b/docs/web_advanced.rst +@@ -136,12 +136,22 @@ instead could be enabled with ``show_index`` parameter set to ``True``:: + + web.static('/prefix', path_to_static_folder, show_index=True) + +-When a symlink from the static directory is accessed, the server responses to +-client with ``HTTP/404 Not Found`` by default. To allow the server to follow +-symlinks, parameter ``follow_symlinks`` should be set to ``True``:: ++When a symlink that leads outside the static directory is accessed, the server ++responds to the client with ``HTTP/404 Not Found`` by default. To allow the server to ++follow symlinks that lead outside the static root, the parameter ``follow_symlinks`` ++should be set to ``True``:: + + web.static('/prefix', path_to_static_folder, follow_symlinks=True) + ++.. caution:: ++ ++ Enabling ``follow_symlinks`` can be a security risk, and may lead to ++ a directory transversal attack. You do NOT need this option to follow symlinks ++ which point to somewhere else within the static directory, this option is only ++ used to break out of the security sandbox. Enabling this option is highly ++ discouraged, and only expected to be used for edge cases in a local ++ development setting where remote users do not have access to the server. ++ + When you want to enable cache busting, + parameter ``append_version`` can be set to ``True`` + +diff --git a/docs/web_reference.rst b/docs/web_reference.rst +index a156f47..b100676 100644 +--- a/docs/web_reference.rst ++++ b/docs/web_reference.rst +@@ -1836,9 +1836,15 @@ Router is any object that implements :class:`~aiohttp.abc.AbstractRouter` interf + by default it's not allowed and HTTP/403 will + be returned on directory access. + +- :param bool follow_symlinks: flag for allowing to follow symlinks from +- a directory, by default it's not allowed and +- HTTP/404 will be returned on access. ++ :param bool follow_symlinks: flag for allowing to follow symlinks that lead ++ outside the static root directory, by default it's not allowed and ++ HTTP/404 will be returned on access. Enabling ``follow_symlinks`` ++ can be a security risk, and may lead to a directory transversal attack. ++ You do NOT need this option to follow symlinks which point to somewhere ++ else within the static directory, this option is only used to break out ++ of the security sandbox. Enabling this option is highly discouraged, ++ and only expected to be used for edge cases in a local development ++ setting where remote users do not have access to the server. + + :param bool append_version: flag for adding file version (hash) + to the url query string, this value will +diff --git a/tests/test_web_urldispatcher.py b/tests/test_web_urldispatcher.py +index f24f451..f40f6a5 100644 +--- a/tests/test_web_urldispatcher.py ++++ b/tests/test_web_urldispatcher.py +@@ -123,6 +123,97 @@ async def test_follow_symlink(tmp_dir_path, aiohttp_client) -> None: + assert (await r.text()) == data + + ++async def test_follow_symlink_directory_traversal( ++ tmp_path: pathlib.Path, aiohttp_client: AiohttpClient ++) -> None: ++ # Tests that follow_symlinks does not allow directory transversal ++ data = "private" ++ ++ private_file = tmp_path / "private_file" ++ private_file.write_text(data) ++ ++ safe_path = tmp_path / "safe_dir" ++ safe_path.mkdir() ++ ++ app = web.Application() ++ ++ # Register global static route: ++ app.router.add_static("/", str(safe_path), follow_symlinks=True) ++ client = await aiohttp_client(app) ++ ++ await client.start_server() ++ # We need to use a raw socket to test this, as the client will normalize ++ # the path before sending it to the server. ++ reader, writer = await asyncio.open_connection(client.host, client.port) ++ writer.write(b"GET /../private_file HTTP/1.1\r\n\r\n") ++ response = await reader.readuntil(b"\r\n\r\n") ++ assert b"404 Not Found" in response ++ writer.close() ++ await writer.wait_closed() ++ await client.close() ++ ++ ++async def test_follow_symlink_directory_traversal_after_normalization( ++ tmp_path: pathlib.Path, aiohttp_client: AiohttpClient ++) -> None: ++ # Tests that follow_symlinks does not allow directory transversal ++ # after normalization ++ # ++ # Directory structure ++ # |-- secret_dir ++ # | |-- private_file (should never be accessible) ++ # | |-- symlink_target_dir ++ # | |-- symlink_target_file (should be accessible via the my_symlink symlink) ++ # | |-- sandbox_dir ++ # | |-- my_symlink -> symlink_target_dir ++ # ++ secret_path = tmp_path / "secret_dir" ++ secret_path.mkdir() ++ ++ # This file is below the symlink target and should not be reachable ++ private_file = secret_path / "private_file" ++ private_file.write_text("private") ++ ++ symlink_target_path = secret_path / "symlink_target_dir" ++ symlink_target_path.mkdir() ++ ++ sandbox_path = symlink_target_path / "sandbox_dir" ++ sandbox_path.mkdir() ++ ++ # This file should be reachable via the symlink ++ symlink_target_file = symlink_target_path / "symlink_target_file" ++ symlink_target_file.write_text("readable") ++ ++ my_symlink_path = sandbox_path / "my_symlink" ++ pathlib.Path(str(my_symlink_path)).symlink_to(str(symlink_target_path), True) ++ ++ app = web.Application() ++ ++ # Register global static route: ++ app.router.add_static("/", str(sandbox_path), follow_symlinks=True) ++ client = await aiohttp_client(app) ++ ++ await client.start_server() ++ # We need to use a raw socket to test this, as the client will normalize ++ # the path before sending it to the server. ++ reader, writer = await asyncio.open_connection(client.host, client.port) ++ writer.write(b"GET /my_symlink/../private_file HTTP/1.1\r\n\r\n") ++ response = await reader.readuntil(b"\r\n\r\n") ++ assert b"404 Not Found" in response ++ writer.close() ++ await writer.wait_closed() ++ ++ reader, writer = await asyncio.open_connection(client.host, client.port) ++ writer.write(b"GET /my_symlink/symlink_target_file HTTP/1.1\r\n\r\n") ++ response = await reader.readuntil(b"\r\n\r\n") ++ assert b"200 OK" in response ++ response = await reader.readuntil(b"readable") ++ assert response == b"readable" ++ writer.close() ++ await writer.wait_closed() ++ await client.close() ++ ++ + @pytest.mark.parametrize( + "dir_name,filename,data", + [ +-- +2.40.0 diff --git a/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb b/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb index f8ca9a4739a..c805e17d867 100644 --- a/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb +++ b/meta-python/recipes-devtools/python/python3-aiohttp_3.8.6.bb @@ -4,6 +4,9 @@ HOMEPAGE = "https://github.com/aio-libs/aiohttp" LICENSE = "Apache-2.0" LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=748073912af33aa59430d3702aa32d41" +SRC_URI += "file://CVE-2024-23334.patch \ + " + SRC_URI[sha256sum] = "b0cf2a4501bff9330a8a5248b4ce951851e415bdcce9dc158e76cfd55e15085c" PYPI_PACKAGE = "aiohttp" From a5000c12a29f646be2127a52e9ca5ddbb4ab9256 Mon Sep 17 00:00:00 2001 From: Hitendra Prajapati Date: Fri, 29 Mar 2024 15:06:21 +0530 Subject: [PATCH 585/600] wireshark: fix CVE-2023-6175 Upstream-Status: Backport from https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e Signed-off-by: Hitendra Prajapati [manual fixed up] Signed-off-by: Armin Kuster --- .../wireshark/files/CVE-2023-6175.patch | 246 ++++++++++++++++++ .../wireshark/wireshark_3.4.12.bb | 1 + 2 files changed, 247 insertions(+) create mode 100644 meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch diff --git a/meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch b/meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch new file mode 100644 index 00000000000..a08610f8d28 --- /dev/null +++ b/meta-networking/recipes-support/wireshark/files/CVE-2023-6175.patch @@ -0,0 +1,246 @@ +From 2d59b26d3b554960c777003c431add89d018b0a6 Mon Sep 17 00:00:00 2001 +From: Guy Harris +Date: Tue, 17 Oct 2023 22:08:42 -0700 +Subject: [PATCH] netscreen: do bounds checking for each byte of packet data. + +Make sure each byte we add to the packet data from the file fits in the +buffer, rather than stuffing bytes into the buffer and checking +afterwards. + +This prevents a buffer overflow. + +Fixes #19404, which was filed as part of Trend Micro's Zero Day +Initiative as ZDI-CAN-22164. + +While we're at it, expand a comment and make error messages give some +more detail. + +Upstream-Status: Backport [https://gitlab.com/wireshark/wireshark/-/commit/3be1c99180a6fc48c34ae4bfc79bfd840b29ae3e] +CVE: CVE-2023-6175 +Signed-off-by: Hitendra Prajapati +--- + wiretap/netscreen.c | 125 +++++++++++++++++++++++++++++++++----------- + 1 file changed, 94 insertions(+), 31 deletions(-) + +diff --git a/wiretap/netscreen.c b/wiretap/netscreen.c +index 9ad825f..ffcb689 100644 +--- a/wiretap/netscreen.c ++++ b/wiretap/netscreen.c +@@ -59,7 +59,12 @@ static gboolean netscreen_seek_read(wtap *wth, gint64 seek_off, + static gboolean parse_netscreen_packet(FILE_T fh, wtap_rec *rec, + Buffer* buf, char *line, int *err, gchar **err_info); + static int parse_single_hex_dump_line(char* rec, guint8 *buf, +- guint byte_offset); ++ guint byte_offset, guint pkt_len); ++ ++/* Error returns from parse_single_hex_dump_line() */ ++#define PARSE_LINE_INVALID_CHARACTER -1 ++#define PARSE_LINE_NO_BYTES_SEEN -2 ++#define PARSE_LINE_TOO_MANY_BYTES_SEEN -3 + + /* Returns TRUE if the line appears to be a line with protocol info. + Otherwise it returns FALSE. */ +@@ -241,13 +246,40 @@ netscreen_seek_read(wtap *wth, gint64 seek_off, wtap_rec *rec, Buffer *buf, + 2c 21 b6 d3 20 60 0c 8c 35 98 88 cf 20 91 0e a9 ,!...`..5....... + 1d 0b .. + ++ * The first line of a packet is in the form ++ ++.: ({i,o}) len=:> + ++ * where: ++ * ++ * and are a time stamp in seconds and deciseconds, ++ * giving the time since the firewall was booted; ++ * ++ * is the name of the interface on which the packet was ++ * received or on which it was transmitted; ++ * ++ * {i,o} is i for a received packet and o for a transmitted packet; ++ * ++ * is the length of the packet on the network; ++ * ++ * , at least for Ethernet, appears to be a source MAC ++ * address, folowed by "->", folowed by a destination MAC ++ * address, followed by a sequence of Ethertypes, each ++ * preceded by a "/" (multiple Ethertypes if there are VLAN ++ * tags and the like), possibly followed by ", tag ". ++ * ++ * Following that may be some "info lines", each of which is indented ++ * by 14 spaces, giving a dissection of the payload after the ++ * link-layer header. ++ * ++ * Following that is a hex/ASCII dump of the contents of the ++ * packet, with 16 octets per line. + */ + static gboolean + parse_netscreen_packet(FILE_T fh, wtap_rec *rec, Buffer* buf, + char *line, int *err, gchar **err_info) + { +- int pkt_len; ++ guint pkt_len; + int sec; + int dsec; + char cap_int[NETSCREEN_MAX_INT_NAME_LENGTH]; +@@ -266,17 +298,12 @@ parse_netscreen_packet(FILE_T fh, wtap_rec *rec, Buffer* buf, + memset(cap_int, 0, sizeof(cap_int)); + memset(cap_dst, 0, sizeof(cap_dst)); + +- if (sscanf(line, "%9d.%9d: %15[a-z0-9/:.-](%1[io]) len=%9d:%12s->%12s/", ++ if (sscanf(line, "%9d.%9d: %15[a-z0-9/:.-](%1[io]) len=%9u:%12s->%12s/", + &sec, &dsec, cap_int, direction, &pkt_len, cap_src, cap_dst) < 5) { + *err = WTAP_ERR_BAD_FILE; + *err_info = g_strdup("netscreen: Can't parse packet-header"); + return -1; + } +- if (pkt_len < 0) { +- *err = WTAP_ERR_BAD_FILE; +- *err_info = g_strdup("netscreen: packet header has a negative packet length"); +- return FALSE; +- } + if (pkt_len > WTAP_MAX_PACKET_SIZE_STANDARD) { + /* + * Probably a corrupt capture file; don't blow up trying +@@ -323,44 +350,71 @@ parse_netscreen_packet(FILE_T fh, wtap_rec *rec, Buffer* buf, + break; + } + +- n = parse_single_hex_dump_line(p, pd, offset); ++ n = parse_single_hex_dump_line(p, pd, offset, pkt_len); + +- /* the smallest packet has a length of 6 bytes, if +- * the first hex-data is less then check whether +- * it is a info-line and act accordingly ++ /* ++ * The smallest packet has a length of 6 bytes. ++ * If the first line either gets an error when ++ * parsed as hex data, or has fewer than 6 ++ * bytes of hex data, check whether it's an ++ * info line by see if it has at least ++ * NETSCREEN_SPACES_ON_INFO_LINE spaces at the ++ * beginning. ++ * ++ * If it does, count this line and, if we have, ++ * so far, skipped no more than NETSCREEN_MAX_INFOLINES ++ * lines, skip this line. + */ + if (offset == 0 && n < 6) { + if (info_line(line)) { ++ /* Info line */ + if (++i <= NETSCREEN_MAX_INFOLINES) { ++ /* Skip this line */ + continue; + } + } else { +- *err = WTAP_ERR_BAD_FILE; +- *err_info = g_strdup("netscreen: cannot parse hex-data"); +- return FALSE; ++ if (n >= 0) { ++ *err = WTAP_ERR_BAD_FILE; ++ *err_info = g_strdup("netscreen: first line of packet data has only %d hex bytes, < 6"); ++ return FALSE; ++ } ++ /* Otherwise, fall through to report error */ + } + } + + /* If there is no more data and the line was not empty, + * then there must be an error in the file + */ +- if (n == -1) { +- *err = WTAP_ERR_BAD_FILE; +- *err_info = g_strdup("netscreen: cannot parse hex-data"); ++ if (n < 0) { ++ switch (n) { ++ ++ case PARSE_LINE_INVALID_CHARACTER: ++ *err = WTAP_ERR_BAD_FILE; ++ *err_info = g_strdup("netscreen: invalid character in hex data"); ++ break; ++ ++ case PARSE_LINE_NO_BYTES_SEEN: ++ *err = WTAP_ERR_BAD_FILE; ++ *err_info = g_strdup("netscreen: no hex bytes seen in hex data"); ++ break; ++ ++ case PARSE_LINE_TOO_MANY_BYTES_SEEN: ++ *err = WTAP_ERR_BAD_FILE; ++ *err_info = g_strdup("netscreen: number of hex bytes seen in hex data is greater than the packet length"); ++ break; ++ ++ default: ++ *err = WTAP_ERR_INTERNAL; ++ *err_info = g_strdup_printf("netscreen: unknown error %d from parse_single_hex_dump_line()", n); ++ break; ++ } ++ + return FALSE; + } + + /* Adjust the offset to the data that was just added to the buffer */ + offset += n; + +- /* If there was more hex-data than was announced in the len=x +- * header, then then there must be an error in the file +- */ +- if (offset > pkt_len) { +- *err = WTAP_ERR_BAD_FILE; +- *err_info = g_strdup("netscreen: too much hex-data"); +- return FALSE; +- } + } + + /* +@@ -400,7 +454,7 @@ parse_netscreen_packet(FILE_T fh, wtap_rec *rec, Buffer* buf, + * + * Returns number of bytes successfully read, -1 if bad. */ + static int +-parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset) ++parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset, guint pkt_len) + { + int num_items_scanned; + guint8 character; +@@ -419,7 +473,7 @@ parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset) + /* Nothing more to parse */ + break; + } else +- return -1; /* not a hex digit, space before ASCII dump, or EOL */ ++ return PARSE_LINE_INVALID_CHARACTER; /* not a hex digit, space before ASCII dump, or EOL */ + byte <<= 4; + character = *rec++ & 0xFF; + if (character >= '0' && character <= '9') +@@ -429,7 +483,16 @@ parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset) + else if (character >= 'a' && character <= 'f') + byte += character - 'a' + 0xa; + else +- return -1; /* not a hex digit */ ++ return PARSE_LINE_INVALID_CHARACTER; /* not a hex digit */ ++ ++ /* If there was more hex-data than was announced in the len=x ++ * header, then there must be an error in the file; quit ++ * now, as adding this byte will overflow the buffer. ++ */ ++ if (byte_offset + num_items_scanned >= pkt_len) { ++ return PARSE_LINE_TOO_MANY_BYTES_SEEN; ++ } ++ + buf[byte_offset + num_items_scanned] = byte; + character = *rec++ & 0xFF; + if (character == '\0' || character == '\r' || character == '\n') { +@@ -437,11 +500,11 @@ parse_single_hex_dump_line(char* rec, guint8 *buf, guint byte_offset) + break; + } else if (character != ' ') { + /* not space before ASCII dump */ +- return -1; ++ return PARSE_LINE_INVALID_CHARACTER; + } + } + if (num_items_scanned == 0) +- return -1; ++ return PARSE_LINE_NO_BYTES_SEEN; + + return num_items_scanned; + } +-- +2.25.1 + diff --git a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb index 75c35328340..0a523013ca5 100644 --- a/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb +++ b/meta-networking/recipes-support/wireshark/wireshark_3.4.12.bb @@ -29,6 +29,7 @@ SRC_URI += " \ file://CVE-2022-4345.patch \ file://CVE-2024-0208.patch \ file://CVE-2023-4511.patch \ + file://CVE-2023-6175.patch \ file://CVE-2024-2955.patch \ " From 8d40d6e3b9d74a41042222dae3e2ce34cf9b7010 Mon Sep 17 00:00:00 2001 From: Hains van den Bosch Date: Sun, 11 Dec 2022 11:44:12 +0100 Subject: [PATCH 586/600] python3-twisted: Add python3-asyncio to RDEPENDS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To fix crash due to missing module: from twisted.internet import defer File "/usr/lib/python3.11/site-packages/twisted/internet/defer.py", line 14, in from asyncio import AbstractEventLoop, Future, iscoroutine ModuleNotFoundError: No module named 'asyncio' Signed-off-by: Hains van den Bosch Signed-off-by: Khem Raj Signed-off-by: Guðni Már Gilbert Signed-off-by: Armin Kuster --- meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb b/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb index f4575c9c2e3..0e1153fa4a4 100644 --- a/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb @@ -57,6 +57,7 @@ RDEPENDS:${PN} = "\ " RDEPENDS:${PN}-core = "${PYTHON_PN}-appdirs \ + ${PYTHON_PN}-asyncio \ ${PYTHON_PN}-automat \ ${PYTHON_PN}-constantly \ ${PYTHON_PN}-core \ From 5a6f7925bd2b885955c942573f70a5594f231563 Mon Sep 17 00:00:00 2001 From: Hains van den Bosch Date: Sun, 11 Dec 2022 11:50:44 +0100 Subject: [PATCH 587/600] python3-twisted: Add python3-typing-extensions to RDEPENDS MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit To fix crash due to missing module: File "/usr/lib/python3.11/site-packages/twisted/internet/defer.py", line 42, in from typing_extensions import Literal, ParamSpec, Protocol ModuleNotFoundError: No module named 'typing_extensions' Signed-off-by: Hains van den Bosch Signed-off-by: Khem Raj Signed-off-by: Guðni Már Gilbert Signed-off-by: Armin Kuster --- meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb | 1 + 1 file changed, 1 insertion(+) diff --git a/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb b/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb index 0e1153fa4a4..c55c86ea507 100644 --- a/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb +++ b/meta-python/recipes-devtools/python/python3-twisted_22.2.0.bb @@ -66,6 +66,7 @@ RDEPENDS:${PN}-core = "${PYTHON_PN}-appdirs \ ${PYTHON_PN}-incremental \ ${PYTHON_PN}-pyhamcrest \ ${PYTHON_PN}-pyserial \ + ${PYTHON_PN}-typing-extensions \ ${PYTHON_PN}-unixadmin \ ${PYTHON_PN}-zopeinterface \ " From 70b217ecc812296d98e1aa027a7d182a8019dded Mon Sep 17 00:00:00 2001 From: Mingli Yu Date: Tue, 30 Apr 2024 16:53:08 +0800 Subject: [PATCH 588/600] python3-pyyaml-include: Drop pytest --automake The python3-unittest-automake-output is not supported [1], so drop "pytest --automake". [1] https://lore.kernel.org/all/20240327072236.2221619-1-mingli.yu@windriver.com/T/#mda91919809cf156aba24f099bef65142067cd318 Signed-off-by: Mingli Yu Signed-off-by: Khem Raj --- .../recipes-devtools/python/python3-pyyaml-include/run-ptest | 2 +- .../recipes-devtools/python/python3-pyyaml-include_1.4.1.bb | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest index 8d2017d39ce..3385d68939d 100755 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include/run-ptest @@ -1,3 +1,3 @@ #!/bin/sh -pytest --automake +pytest -o log_cli=true -o log_cli_level=INFO | sed -e 's/\[...%\]//g'| sed -e 's/PASSED/PASS/g'| sed -e 's/FAILED/FAIL/g'|sed -e 's/SKIPED/SKIP/g'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS"){printf "%s: %s\n", $NF, $0}else{print}}'| awk '{if ($NF=="PASS" || $NF=="FAIL" || $NF=="SKIP" || $NF=="XFAIL" || $NF=="XPASS") {$NF="";print $0}else{print}}' diff --git a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb index 6768e959f43..b60a0f9c890 100644 --- a/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb +++ b/meta-python/recipes-devtools/python/python3-pyyaml-include_1.4.1.bb @@ -24,6 +24,5 @@ RDEPENDS:${PN} += " \ " RDEPENDS:${PN}-ptest += " \ python3-pytest \ - python3-unittest-automake-output \ " From 85102dd2dff41945997b983f7c2bfc954dd3bc47 Mon Sep 17 00:00:00 2001 From: Meenali Gupta Date: Mon, 29 Apr 2024 06:23:51 +0000 Subject: [PATCH 589/600] nginx: fix CVE-2023-44487 The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. References: https://nvd.nist.gov/vuln/detail/CVE-2023-44487 Signed-off-by: Meenali Gupta Signed-off-by: Armin Kuster --- .../nginx/files/CVE-2023-44487.patch | 79 +++++++++++++++++++ meta-webserver/recipes-httpd/nginx/nginx.inc | 1 + 2 files changed, 80 insertions(+) create mode 100644 meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch diff --git a/meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch b/meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch new file mode 100644 index 00000000000..7df62fd61a4 --- /dev/null +++ b/meta-webserver/recipes-httpd/nginx/files/CVE-2023-44487.patch @@ -0,0 +1,79 @@ +From 95d09cafae12d4b314df32027b97e828ecf798de Mon Sep 17 00:00:00 2001 +From: Maxim Dounin +Date: Tue, 10 Oct 2023 15:13:39 +0300 +Subject: [PATCH] HTTP/2: per-iteration stream handling limit. To ensure that +attempts to flood servers with many streams are detected early, a limit of no +more than 2 * max_concurrent_streams new streams per one event loop iteration +was introduced. This limit is applied even if max_concurrent_streams is not +yet reached - for example, if corresponding streams are handled synchronously +or reset. + +Further, refused streams are now limited to maximum of max_concurrent_streams +and 100, similarly to priority_limit initial value, providing some tolerance +to clients trying to open several streams at the connection start, yet +low tolerance to flooding attempts. + +Upstream-Status: Backport [https://github.com/nginx/nginx/commit/6ceef192e7af1c507826ac38a2d43f08bf265fb9] +CVE: CVE-2023-44487 + +Signed-off-by: Meenali Gupta +--- + src/http/v2/ngx_http_v2.c | 15 +++++++++++++++ + src/http/v2/ngx_http_v2.h | 2 ++ + 2 files changed, 17 insertions(+) + +diff --git a/src/http/v2/ngx_http_v2.c b/src/http/v2/ngx_http_v2.c +index ea3f27c..1116e56 100644 +--- a/src/http/v2/ngx_http_v2.c ++++ b/src/http/v2/ngx_http_v2.c +@@ -361,6 +361,7 @@ ngx_http_v2_read_handler(ngx_event_t *rev) + ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0, "http2 read handler"); + + h2c->blocked = 1; ++ h2c->new_streams = 0; + + if (c->close) { + c->close = 0; +@@ -1321,6 +1322,14 @@ ngx_http_v2_state_headers(ngx_http_v2_connection_t *h2c, u_char *pos, + goto rst_stream; + } + ++ if (h2c->new_streams++ >= 2 * h2scf->concurrent_streams) { ++ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, ++ "client sent too many streams at once"); ++ ++ status = NGX_HTTP_V2_REFUSED_STREAM; ++ goto rst_stream; ++ } ++ + if (!h2c->settings_ack + && !(h2c->state.flags & NGX_HTTP_V2_END_STREAM_FLAG) + && h2scf->preread_size < NGX_HTTP_V2_DEFAULT_WINDOW) +@@ -1386,6 +1395,12 @@ ngx_http_v2_state_headers(ngx_http_v2_connection_t *h2c, u_char *pos, + + rst_stream: + ++ if (h2c->refused_streams++ > ngx_max(h2scf->concurrent_streams, 100)) { ++ ngx_log_error(NGX_LOG_INFO, h2c->connection->log, 0, ++ "client sent too many refused streams"); ++ return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_NO_ERROR); ++ } ++ + if (ngx_http_v2_send_rst_stream(h2c, h2c->state.sid, status) != NGX_OK) { + return ngx_http_v2_connection_error(h2c, NGX_HTTP_V2_INTERNAL_ERROR); + } +diff --git a/src/http/v2/ngx_http_v2.h b/src/http/v2/ngx_http_v2.h +index 4e25293..b9daf92 100644 +--- a/src/http/v2/ngx_http_v2.h ++++ b/src/http/v2/ngx_http_v2.h +@@ -124,6 +124,8 @@ struct ngx_http_v2_connection_s { + ngx_uint_t processing; + ngx_uint_t frames; + ngx_uint_t idle; ++ ngx_uint_t new_streams; ++ ngx_uint_t refused_streams; + ngx_uint_t priority_limit; + + ngx_uint_t pushing; +-- +2.40.0 diff --git a/meta-webserver/recipes-httpd/nginx/nginx.inc b/meta-webserver/recipes-httpd/nginx/nginx.inc index 9f93c7051de..9cbe35a13a8 100644 --- a/meta-webserver/recipes-httpd/nginx/nginx.inc +++ b/meta-webserver/recipes-httpd/nginx/nginx.inc @@ -23,6 +23,7 @@ SRC_URI = " \ file://nginx.service \ file://nginx-fix-pidfile.patch \ file://0001-configure-libxslt-conf.patch \ + file://CVE-2023-44487.patch \ " inherit siteinfo update-rc.d useradd systemd From 6952dfc09eb4ee224a592a5744ae9c2cf3c85f8b Mon Sep 17 00:00:00 2001 From: akash hadke Date: Thu, 12 Oct 2023 17:51:55 +0530 Subject: [PATCH 590/600] libeigen: Update GPL-3.0-only to GPL-2.0-only libeigen source contains GPL-3.0-only code but it is not being packaged hence update LICENSE with GPL-2.0-only Below are the GPL-3.0-only files from libeigen source bench/btl/actions/action_aat_product.hh bench/btl/actions/action_ata_product.hh bench/btl/actions/action_atv_product.hh bench/btl/actions/action_axpby.hh bench/btl/actions/action_axpy.hh bench/btl/actions/action_cholesky.hh bench/btl/actions/action_ger.hh bench/btl/actions/action_hessenberg.hh bench/btl/actions/action_lu_decomp.hh bench/btl/actions/action_lu_solve.hh bench/btl/actions/action_matrix_matrix_product_bis.hh bench/btl/actions/action_matrix_matrix_product.hh bench/btl/actions/action_matrix_vector_product.hh bench/btl/actions/action_partial_lu.hh bench/btl/actions/action_rot.hh bench/btl/actions/action_symv.hh bench/btl/actions/action_syr2.hh bench/btl/actions/action_trisolve.hh bench/btl/actions/action_trisolve_matrix.hh bench/btl/actions/action_trmm.hh bench/btl/COPYING bench/btl/data/mean.cxx bench/btl/data/regularize.cxx bench/btl/data/smooth.cxx bench/btl/generic_bench/bench.hh bench/btl/generic_bench/bench_parameter.hh bench/btl/generic_bench/btl.hh bench/btl/generic_bench/init/init_function.hh bench/btl/generic_bench/init/init_matrix.hh bench/btl/generic_bench/init/init_vector.hh bench/btl/generic_bench/static/bench_static.hh bench/btl/generic_bench/static/intel_bench_fixed_size.hh bench/btl/generic_bench/static/static_size_generator.hh bench/btl/generic_bench/timers/mixed_perf_analyzer.hh bench/btl/generic_bench/timers/portable_perf_analyzer.hh bench/btl/generic_bench/timers/portable_perf_analyzer_old.hh bench/btl/generic_bench/timers/portable_timer.hh bench/btl/generic_bench/timers/STL_perf_analyzer.hh bench/btl/generic_bench/timers/STL_timer.hh bench/btl/generic_bench/utils/size_lin_log.hh bench/btl/generic_bench/utils/size_log.hh bench/btl/generic_bench/utils/xy_file.hh bench/btl/libs/BLAS/blas_interface.hh bench/btl/libs/BLAS/main.cpp bench/btl/libs/blaze/blaze_interface.hh bench/btl/libs/blaze/main.cpp bench/btl/libs/blitz/blitz_interface.hh bench/btl/libs/blitz/blitz_LU_solve_interface.hh bench/btl/libs/blitz/btl_blitz.cpp bench/btl/libs/blitz/btl_tiny_blitz.cpp bench/btl/libs/blitz/tiny_blitz_interface.hh bench/btl/libs/eigen2/btl_tiny_eigen2.cpp bench/btl/libs/eigen2/eigen2_interface.hh bench/btl/libs/eigen2/main_adv.cpp bench/btl/libs/eigen2/main_linear.cpp bench/btl/libs/eigen2/main_matmat.cpp bench/btl/libs/eigen2/main_vecmat.cpp bench/btl/libs/eigen3/btl_tiny_eigen3.cpp bench/btl/libs/eigen3/eigen3_interface.hh bench/btl/libs/eigen3/main_adv.cpp bench/btl/libs/eigen3/main_linear.cpp bench/btl/libs/eigen3/main_matmat.cpp bench/btl/libs/eigen3/main_vecmat.cpp bench/btl/libs/gmm/gmm_interface.hh bench/btl/libs/gmm/gmm_LU_solve_interface.hh bench/btl/libs/gmm/main.cpp bench/btl/libs/mtl4/main.cpp bench/btl/libs/mtl4/mtl4_interface.hh bench/btl/libs/mtl4/mtl4_LU_solve_interface.hh bench/btl/libs/STL/main.cpp bench/btl/libs/STL/STL_interface.hh bench/btl/libs/tvmet/main.cpp bench/btl/libs/tvmet/tvmet_interface.hh bench/btl/libs/ublas/main.cpp bench/btl/libs/ublas/ublas_interface.hh libeigen project dropped all GPL code in their 'master' branch and moved to 'Apache-2.0' Signed-off-by: Akash Hadke Signed-off-by: Armin Kuster --- meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb b/meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb index 1cae76b422b..144d79dd150 100644 --- a/meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb +++ b/meta-oe/recipes-support/libeigen/libeigen_3.4.0.bb @@ -1,7 +1,7 @@ DESCRIPTION = "Eigen is a C++ template library for linear algebra: matrices, vectors, numerical solvers, and related algorithms." AUTHOR = "Benoît Jacob and Gaël Guennebaud and others" HOMEPAGE = "http://eigen.tuxfamily.org/" -LICENSE = "MPL-2.0 & Apache-2.0 & BSD-3-Clause & GPL-3.0-only & LGPL-2.1-only & MINPACK" +LICENSE = "MPL-2.0 & Apache-2.0 & BSD-3-Clause & GPL-2.0-only & LGPL-2.1-only & MINPACK" LIC_FILES_CHKSUM = "file://COPYING.MPL2;md5=815ca599c9df247a0c7f619bab123dad \ file://COPYING.BSD;md5=2dd0510ee95e59ca28834b875bc96596 \ file://COPYING.GPL;md5=d32239bcb673463ab874e80d47fae504 \ From 8c7363cd3c9d43406d7d4ea3f49bda92dee04d21 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sat, 4 May 2024 22:59:26 +0200 Subject: [PATCH 591/600] nss: patch CVE-2023-5388 https://nvd.nist.gov/vuln/detail/CVE-2023-5388 mentions bug 1780432 as tracking fix for this issue. Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- ...2023-5388-Timing-attack-against-RSA-.patch | 681 ++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.74.bb | 1 + 2 files changed, 682 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch diff --git a/meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch b/meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch new file mode 100644 index 00000000000..d7c5aae50a0 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch @@ -0,0 +1,681 @@ +From 765b89613b16866c3f3241605d84917e5c5baf0d Mon Sep 17 00:00:00 2001 +From: Robert Relyea +Date: Wed, 14 Feb 2024 18:55:02 +0000 +Subject: [PATCH] Bug 1780432 (CVE-2023-5388) Timing attack against RSA + decryption (in TLS) r=jschanck + +1. Add Constant time mult mod functions. + a. constant time mul + b. use constant time montgomery reduce. + +2. Use montgomery values for blinding. + +Differential Revision: https://phabricator.services.mozilla.com/D197807 + +--HG-- +extra : moz-landing-system : lando + +CVE: CVE-2023-5388 +Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/765b89613b16866c3f3241605d84917e5c5baf0d] + +Signed-off-by: Peter Marko +--- + lib/freebl/mpi/mpi-priv.h | 3 + + lib/freebl/mpi/mpi.c | 300 +++++++++++++++++++++++++++++++++++--- + lib/freebl/mpi/mpi.h | 41 ++++++ + lib/freebl/mpi/mpmontg.c | 29 ++-- + lib/freebl/rsa.c | 16 +- + 5 files changed, 358 insertions(+), 31 deletions(-) + +diff --git a/lib/freebl/mpi/mpi-priv.h b/lib/freebl/mpi/mpi-priv.h +index 9447a818f..b4333fb6b 100644 +--- a/lib/freebl/mpi/mpi-priv.h ++++ b/lib/freebl/mpi/mpi-priv.h +@@ -204,6 +204,9 @@ void MPI_ASM_DECL s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, + void MPI_ASM_DECL s_mpv_mul_d_add_prop(const mp_digit *a, + mp_size a_len, mp_digit b, + mp_digit *c); ++void MPI_ASM_DECL s_mpv_mul_d_add_propCT(const mp_digit *a, ++ mp_size a_len, mp_digit b, ++ mp_digit *c, mp_size c_len); + void MPI_ASM_DECL s_mpv_sqr_add_prop(const mp_digit *a, + mp_size a_len, + mp_digit *sqrs); +diff --git a/lib/freebl/mpi/mpi.c b/lib/freebl/mpi/mpi.c +index 2e6cd8466..7749dc710 100644 +--- a/lib/freebl/mpi/mpi.c ++++ b/lib/freebl/mpi/mpi.c +@@ -13,6 +13,8 @@ + #include + #endif + ++#include ++ + #if defined(__arm__) && \ + ((defined(__thumb__) && !defined(__thumb2__)) || defined(__ARM_ARCH_3__)) + /* 16-bit thumb or ARM v3 doesn't work inlined assember version */ +@@ -805,15 +807,18 @@ CLEANUP: + + /* }}} */ + +-/* {{{ mp_mul(a, b, c) */ ++/* {{{ s_mp_mulg(a, b, c) */ + + /* +- mp_mul(a, b, c) ++ s_mp_mulg(a, b, c) + +- Compute c = a * b. All parameters may be identical. ++ Compute c = a * b. All parameters may be identical. if constantTime is set, ++ then the operations are done in constant time. The original is mostly ++ constant time as long as s_mpv_mul_d_add() is constant time. This is true ++ of the x86 assembler, as well as the current c code. + */ + mp_err +-mp_mul(const mp_int *a, const mp_int *b, mp_int *c) ++s_mp_mulg(const mp_int *a, const mp_int *b, mp_int *c, int constantTime) + { + mp_digit *pb; + mp_int tmp; +@@ -849,7 +854,14 @@ mp_mul(const mp_int *a, const mp_int *b, mp_int *c) + goto CLEANUP; + + #ifdef NSS_USE_COMBA +- if ((MP_USED(a) == MP_USED(b)) && IS_POWER_OF_2(MP_USED(b))) { ++ /* comba isn't constant time because it clamps! If we cared ++ * (we needed a constant time version of multiply that was 'faster' ++ * we could easily pass constantTime down to the comba code and ++ * get it to skip the clamp... but here are assembler versions ++ * which add comba to platforms that can't compile the normal ++ * comba's imbedded assembler which would also need to change, so ++ * for now we just skip comba when we are running constant time. */ ++ if (!constantTime && (MP_USED(a) == MP_USED(b)) && IS_POWER_OF_2(MP_USED(b))) { + if (MP_USED(a) == 4) { + s_mp_mul_comba_4(a, b, c); + goto CLEANUP; +@@ -879,13 +891,15 @@ mp_mul(const mp_int *a, const mp_int *b, mp_int *c) + mp_digit b_i = *pb++; + + /* Inner product: Digits of a */ +- if (b_i) ++ if (constantTime || b_i) + s_mpv_mul_d_add(MP_DIGITS(a), useda, b_i, MP_DIGITS(c) + ib); + else + MP_DIGIT(c, ib + useda) = b_i; + } + +- s_mp_clamp(c); ++ if (!constantTime) { ++ s_mp_clamp(c); ++ } + + if (SIGN(a) == SIGN(b) || s_mp_cmp_d(c, 0) == MP_EQ) + SIGN(c) = ZPOS; +@@ -895,10 +909,54 @@ mp_mul(const mp_int *a, const mp_int *b, mp_int *c) + CLEANUP: + mp_clear(&tmp); + return res; ++} /* end smp_mulg() */ ++ ++/* }}} */ ++ ++/* {{{ mp_mul(a, b, c) */ ++ ++/* ++ mp_mul(a, b, c) ++ ++ Compute c = a * b. All parameters may be identical. ++ */ ++ ++mp_err ++mp_mul(const mp_int *a, const mp_int *b, mp_int *c) ++{ ++ return s_mp_mulg(a, b, c, 0); + } /* end mp_mul() */ + + /* }}} */ + ++/* {{{ mp_mulCT(a, b, c) */ ++ ++/* ++ mp_mulCT(a, b, c) ++ ++ Compute c = a * b. In constant time. Parameters may not be identical. ++ NOTE: a and b may be modified. ++ */ ++ ++mp_err ++mp_mulCT(mp_int *a, mp_int *b, mp_int *c, mp_size setSize) ++{ ++ mp_err res; ++ ++ /* make the multiply values fixed length so multiply ++ * doesn't leak the length. at this point all the ++ * values are blinded, but once we finish we want the ++ * output size to be hidden (so no clamping the out put) */ ++ MP_CHECKOK(s_mp_pad(a, setSize)); ++ MP_CHECKOK(s_mp_pad(b, setSize)); ++ MP_CHECKOK(s_mp_pad(c, 2 * setSize)); ++ MP_CHECKOK(s_mp_mulg(a, b, c, 1)); ++CLEANUP: ++ return res; ++} /* end mp_mulCT() */ ++ ++/* }}} */ ++ + /* {{{ mp_sqr(a, sqr) */ + + #if MP_SQUARE +@@ -1271,6 +1329,138 @@ mp_mod(const mp_int *a, const mp_int *m, mp_int *c) + + /* }}} */ + ++/* {{{ s_mp_subCT_d(a, b, borrow, c) */ ++ ++/* ++ s_mp_subCT_d(a, b, borrow, c) ++ ++ Compute c = (a -b) - subtract in constant time. returns borrow ++ */ ++mp_digit ++s_mp_subCT_d(mp_digit a, mp_digit b, mp_digit borrow, mp_digit *ret) ++{ ++ *ret = a - b - borrow; ++ return MP_CT_LTU(a, *ret) | (MP_CT_EQ(a, *ret) & borrow); ++} /* s_mp_subCT_d() */ ++ ++/* }}} */ ++ ++/* {{{ mp_subCT(a, b, ret, borrow) */ ++ ++/* return ret= a - b and borrow in borrow. done in constant time. ++ * b could be modified. ++ */ ++mp_err ++mp_subCT(const mp_int *a, mp_int *b, mp_int *ret, mp_digit *borrow) ++{ ++ mp_size used_a = MP_USED(a); ++ mp_size i; ++ mp_err res; ++ ++ MP_CHECKOK(s_mp_pad(b, used_a)); ++ MP_CHECKOK(s_mp_pad(ret, used_a)); ++ *borrow = 0; ++ for (i = 0; i < used_a; i++) { ++ *borrow = s_mp_subCT_d(MP_DIGIT(a, i), MP_DIGIT(b, i), *borrow, ++ &MP_DIGIT(ret, i)); ++ } ++ ++ res = MP_OKAY; ++CLEANUP: ++ return res; ++} /* end mp_subCT() */ ++ ++/* }}} */ ++ ++/* {{{ mp_selectCT(cond, a, b, ret) */ ++ ++/* ++ * return ret= cond ? a : b; cond should be either 0 or 1 ++ */ ++mp_err ++mp_selectCT(mp_digit cond, const mp_int *a, const mp_int *b, mp_int *ret) ++{ ++ mp_size used_a = MP_USED(a); ++ mp_err res; ++ mp_size i; ++ ++ cond *= MP_DIGIT_MAX; ++ ++ /* we currently require these to be equal on input, ++ * we could use pad to extend one of them, but that might ++ * leak data as it wouldn't be constant time */ ++ if (used_a != MP_USED(b)) { ++ return MP_BADARG; ++ } ++ ++ MP_CHECKOK(s_mp_pad(ret, used_a)); ++ for (i = 0; i < used_a; i++) { ++ MP_DIGIT(ret, i) = MP_CT_SEL_DIGIT(cond, MP_DIGIT(a, i), MP_DIGIT(b, i)); ++ } ++ res = MP_OKAY; ++CLEANUP: ++ return res; ++} /* end mp_selectCT() */ ++ ++/* {{{ mp_reduceCT(a, m, c) */ ++ ++/* ++ mp_reduceCT(a, m, c) ++ ++ Compute c = aR^-1 (mod m) in constant time. ++ input should be in montgomery form. If input is the ++ result of a montgomery multiply then out put will be ++ in mongomery form. ++ Result will be reduced to MP_USED(m), but not be ++ clamped. ++ */ ++ ++mp_err ++mp_reduceCT(const mp_int *a, const mp_int *m, mp_digit n0i, mp_int *c) ++{ ++ mp_size used_m = MP_USED(m); ++ mp_size used_c = used_m * 2 + 1; ++ mp_digit *m_digits, *c_digits; ++ mp_size i; ++ mp_digit borrow, carry; ++ mp_err res; ++ mp_int sub; ++ ++ MP_DIGITS(&sub) = 0; ++ MP_CHECKOK(mp_init_size(&sub, used_m)); ++ ++ if (a != c) { ++ MP_CHECKOK(mp_copy(a, c)); ++ } ++ MP_CHECKOK(s_mp_pad(c, used_c)); ++ m_digits = MP_DIGITS(m); ++ c_digits = MP_DIGITS(c); ++ for (i = 0; i < used_m; i++) { ++ mp_digit m_i = MP_DIGIT(c, i) * n0i; ++ s_mpv_mul_d_add_propCT(m_digits, used_m, m_i, c_digits++, used_c--); ++ } ++ s_mp_rshd(c, used_m); ++ /* MP_USED(c) should be used_m+1 with the high word being any carry ++ * from the previous multiply, save that carry and drop the high ++ * word for the substraction below */ ++ carry = MP_DIGIT(c, used_m); ++ MP_DIGIT(c, used_m) = 0; ++ MP_USED(c) = used_m; ++ /* mp_subCT wants c and m to be the same size, we've already ++ * guarrenteed that in the previous statement, so mp_subCT won't actually ++ * modify m, so it's safe to recast */ ++ MP_CHECKOK(mp_subCT(c, (mp_int *)m, &sub, &borrow)); ++ ++ /* we return c-m if c >= m no borrow or there was a borrow and a carry */ ++ MP_CHECKOK(mp_selectCT(borrow ^ carry, c, &sub, c)); ++ res = MP_OKAY; ++CLEANUP: ++ mp_clear(&sub); ++ return res; ++} /* end mp_reduceCT() */ ++ ++/* }}} */ ++ + /* {{{ mp_mod_d(a, d, c) */ + + /* +@@ -1387,6 +1577,37 @@ mp_mulmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c) + + /* }}} */ + ++/* {{{ mp_mulmontmodCT(a, b, m, c) */ ++ ++/* ++ mp_mulmontmodCT(a, b, m, c) ++ ++ Compute c = (a * b) mod m in constant time wrt a and b. either a or b ++ should be in montgomery form and the output is native. If both a and b ++ are in montgomery form, then the output will also be in montgomery form ++ and can be recovered with an mp_reduceCT call. ++ NOTE: a and b may be modified. ++ */ ++ ++mp_err ++mp_mulmontmodCT(mp_int *a, mp_int *b, const mp_int *m, mp_digit n0i, ++ mp_int *c) ++{ ++ mp_err res; ++ ++ ARGCHK(a != NULL && b != NULL && m != NULL && c != NULL, MP_BADARG); ++ ++ if ((res = mp_mulCT(a, b, c, MP_USED(m))) != MP_OKAY) ++ return res; ++ ++ if ((res = mp_reduceCT(c, m, n0i, c)) != MP_OKAY) ++ return res; ++ ++ return MP_OKAY; ++} ++ ++/* }}} */ ++ + /* {{{ mp_sqrmod(a, m, c) */ + + #if MP_SQUARE +@@ -3946,15 +4167,63 @@ s_mp_mul(mp_int *a, const mp_int *b) + a1b0 = (a >> MP_HALF_DIGIT_BIT) * (b & MP_HALF_DIGIT_MAX); \ + a1b0 += a0b1; \ + Phi += a1b0 >> MP_HALF_DIGIT_BIT; \ +- if (a1b0 < a0b1) \ +- Phi += MP_HALF_RADIX; \ ++ Phi += (MP_CT_LTU(a1b0, a0b1)) << MP_HALF_DIGIT_BIT; \ + a1b0 <<= MP_HALF_DIGIT_BIT; \ + Plo += a1b0; \ +- if (Plo < a1b0) \ +- ++Phi; \ ++ Phi += MP_CT_LTU(Plo, a1b0); \ + } + #endif + ++/* Constant time version of s_mpv_mul_d_add_prop. ++ * Presently, this is only used by the Constant time Montgomery arithmetic code. */ ++/* c += a * b */ ++void ++s_mpv_mul_d_add_propCT(const mp_digit *a, mp_size a_len, mp_digit b, ++ mp_digit *c, mp_size c_len) ++{ ++#if !defined(MP_NO_MP_WORD) && !defined(MP_NO_MUL_WORD) ++ mp_digit d = 0; ++ ++ c_len -= a_len; ++ /* Inner product: Digits of a */ ++ while (a_len--) { ++ mp_word w = ((mp_word)b * *a++) + *c + d; ++ *c++ = ACCUM(w); ++ d = CARRYOUT(w); ++ } ++ ++ /* propagate the carry to the end, even if carry is zero */ ++ while (c_len--) { ++ mp_word w = (mp_word)*c + d; ++ *c++ = ACCUM(w); ++ d = CARRYOUT(w); ++ } ++#else ++ mp_digit carry = 0; ++ c_len -= a_len; ++ while (a_len--) { ++ mp_digit a_i = *a++; ++ mp_digit a0b0, a1b1; ++ MP_MUL_DxD(a_i, b, a1b1, a0b0); ++ ++ a0b0 += carry; ++ a1b1 += MP_CT_LTU(a0b0, carry); ++ a0b0 += a_i = *c; ++ a1b1 += MP_CT_LTU(a0b0, a_i); ++ ++ *c++ = a0b0; ++ carry = a1b1; ++ } ++ /* propagate the carry to the end, even if carry is zero */ ++ while (c_len--) { ++ mp_digit c_i = *c; ++ carry += c_i; ++ *c++ = carry; ++ carry = MP_CT_LTU(carry, c_i); ++ } ++#endif ++} ++ + #if !defined(MP_ASSEMBLY_MULTIPLY) + /* c = a * b */ + void +@@ -3979,8 +4248,7 @@ s_mpv_mul_d(const mp_digit *a, mp_size a_len, mp_digit b, mp_digit *c) + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; +- if (a0b0 < carry) +- ++a1b1; ++ a1b1 += MP_CT_LTU(a0b0, carry); + *c++ = a0b0; + carry = a1b1; + } +@@ -4012,11 +4280,9 @@ s_mpv_mul_d_add(const mp_digit *a, mp_size a_len, mp_digit b, + MP_MUL_DxD(a_i, b, a1b1, a0b0); + + a0b0 += carry; +- if (a0b0 < carry) +- ++a1b1; ++ a1b1 += MP_CT_LTU(a0b0, carry); + a0b0 += a_i = *c; +- if (a0b0 < a_i) +- ++a1b1; ++ a1b1 += MP_CT_LTU(a0b0, a_i); + *c++ = a0b0; + carry = a1b1; + } +diff --git a/lib/freebl/mpi/mpi.h b/lib/freebl/mpi/mpi.h +index 4ba9b6a4b..dd129db0d 100644 +--- a/lib/freebl/mpi/mpi.h ++++ b/lib/freebl/mpi/mpi.h +@@ -150,6 +150,38 @@ typedef int mp_sword; + /* This defines the maximum I/O base (minimum is 2) */ + #define MP_MAX_RADIX 64 + ++/* Constant Time Macros on mp_digits */ ++#define MP_CT_HIGH_TO_LOW(x) ((mp_digit)((mp_digit)(x) >> (MP_DIGIT_BIT - 1))) ++#define MP_CT_TRUE ((mp_digit)1) ++#define MP_CT_FALSE ((mp_digit)0) ++ ++/* basic zero and non zero tests */ ++#define MP_CT_NOT_ZERO(x) (MP_CT_HIGH_TO_LOW(((x) | (((mp_digit)0) - (x))))) ++#define MP_CT_ZERO(x) (MP_CT_TRUE ^ MP_CT_HIGH_TO_LOW(((x) | (((mp_digit)0) - (x))))) ++ ++/* basic constant-time helper macro for equalities and inequalities. ++ * The inequalities will produce incorrect results if ++ * abs(a-b) >= MP_DIGIT_SIZE/2. This can be avoided if unsigned values stay ++ * within the range 0-MP_DIGIT_MAX/2. */ ++#define MP_CT_EQ(a, b) MP_CT_ZERO(((a) ^ (b))) ++#define MP_CT_NE(a, b) MP_CT_NOT_ZERO(((a) ^ (b))) ++#define MP_CT_GT(a, b) MP_CT_HIGH_TO_LOW((b) - (a)) ++#define MP_CT_LT(a, b) MP_CT_HIGH_TO_LOW((a) - (b)) ++#define MP_CT_GE(a, b) (MP_CT_TRUE ^ MP_CT_LT(a, b)) ++#define MP_CT_LE(a, b) (MP_CT_TRUE ^ MP_CT_GT(a, b)) ++ ++/* use constant time result to select a boolean value ++ * or an mp digit depending on the args */ ++#define MP_CT_SEL(m, l, r) ((r) ^ ((m) & ((r) ^ (l)))) ++#define MP_CT_SELB(m, l, r) MP_CT_SEL(m, l, r) /* mask, l and r are booleans */ ++#define MP_CT_SEL_DIGIT(m, l, r) MP_CT_SEL(m, l, r) /*mask, l, and r are mp_digit */ ++ ++/* full inequalities that work with full mp_digit values */ ++#define MP_CT_OVERFLOW(a, b, c, d) \ ++ MP_CT_SELB(MP_CT_HIGH_TO_LOW((a) ^ (b)), \ ++ (MP_CT_HIGH_TO_LOW(d)), c) ++#define MP_CT_LTU(a, b) MP_CT_OVERFLOW(a, b, MP_CT_LT(a, b), b) ++ + typedef struct { + mp_sign sign; /* sign of this quantity */ + mp_size alloc; /* how many digits allocated */ +@@ -190,7 +222,9 @@ mp_err mp_neg(const mp_int *a, mp_int *b); + /* Full arithmetic */ + mp_err mp_add(const mp_int *a, const mp_int *b, mp_int *c); + mp_err mp_sub(const mp_int *a, const mp_int *b, mp_int *c); ++mp_err mp_subCT(const mp_int *a, mp_int *b, mp_int *c, mp_digit *borrow); + mp_err mp_mul(const mp_int *a, const mp_int *b, mp_int *c); ++mp_err mp_mulCT(mp_int *a, mp_int *b, mp_int *c, mp_size setSize); + #if MP_SQUARE + mp_err mp_sqr(const mp_int *a, mp_int *b); + #else +@@ -217,6 +251,12 @@ mp_err mp_exptmod(const mp_int *a, const mp_int *b, const mp_int *m, mp_int *c); + mp_err mp_exptmod_d(const mp_int *a, mp_digit d, const mp_int *m, mp_int *c); + #endif /* MP_MODARITH */ + ++/* montgomery math */ ++mp_err mp_to_mont(const mp_int *x, const mp_int *N, mp_int *xMont); ++mp_digit mp_calculate_mont_n0i(const mp_int *N); ++mp_err mp_reduceCT(const mp_int *a, const mp_int *m, mp_digit n0i, mp_int *ct); ++mp_err mp_mulmontmodCT(mp_int *a, mp_int *b, const mp_int *m, mp_digit n0i, mp_int *c); ++ + /* Comparisons */ + int mp_cmp_z(const mp_int *a); + int mp_cmp_d(const mp_int *a, mp_digit d); +@@ -224,6 +264,7 @@ int mp_cmp(const mp_int *a, const mp_int *b); + int mp_cmp_mag(const mp_int *a, const mp_int *b); + int mp_isodd(const mp_int *a); + int mp_iseven(const mp_int *a); ++mp_err mp_selectCT(mp_digit cond, const mp_int *a, const mp_int *b, mp_int *ret); + + /* Number theoretic */ + mp_err mp_gcd(mp_int *a, mp_int *b, mp_int *c); +diff --git a/lib/freebl/mpi/mpmontg.c b/lib/freebl/mpi/mpmontg.c +index 58f5cde2a..63842c631 100644 +--- a/lib/freebl/mpi/mpmontg.c ++++ b/lib/freebl/mpi/mpmontg.c +@@ -129,20 +129,27 @@ CLEANUP: + } + #endif + +-STATIC + mp_err +-s_mp_to_mont(const mp_int *x, mp_mont_modulus *mmm, mp_int *xMont) ++mp_to_mont(const mp_int *x, const mp_int *N, mp_int *xMont) + { + mp_err res; + + /* xMont = x * R mod N where N is modulus */ +- MP_CHECKOK(mp_copy(x, xMont)); +- MP_CHECKOK(s_mp_lshd(xMont, MP_USED(&mmm->N))); /* xMont = x << b */ +- MP_CHECKOK(mp_div(xMont, &mmm->N, 0, xMont)); /* mod N */ ++ if (x != xMont) { ++ MP_CHECKOK(mp_copy(x, xMont)); ++ } ++ MP_CHECKOK(s_mp_lshd(xMont, MP_USED(N))); /* xMont = x << b */ ++ MP_CHECKOK(mp_div(xMont, N, 0, xMont)); /* mod N */ + CLEANUP: + return res; + } + ++mp_digit ++mp_calculate_mont_n0i(const mp_int *N) ++{ ++ return 0 - s_mp_invmod_radix(MP_DIGIT(N, 0)); ++} ++ + #ifdef MP_USING_MONT_MULF + + /* the floating point multiply is already cache safe, +@@ -198,7 +205,7 @@ mp_exptmod_f(const mp_int *montBase, + MP_CHECKOK(mp_init_size(&accum1, 3 * nLen + 2)); + + mp_set(&accum1, 1); +- MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1)); ++ MP_CHECKOK(mp_to_mont(&accum1, &(mmm->N), &accum1)); + MP_CHECKOK(s_mp_pad(&accum1, nLen)); + + oddPowSize = 2 * nLen + 1; +@@ -478,7 +485,7 @@ mp_exptmod_i(const mp_int *montBase, + + /* set accumulator to montgomery residue of 1 */ + mp_set(&accum1, 1); +- MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1)); ++ MP_CHECKOK(mp_to_mont(&accum1, &(mmm->N), &accum1)); + pa1 = &accum1; + pa2 = &accum2; + +@@ -865,7 +872,7 @@ mp_exptmod_safe_i(const mp_int *montBase, + MP_CHECKOK(mp_init_size(&accum[2], 3 * nLen + 2)); + MP_CHECKOK(mp_init_size(&accum[3], 3 * nLen + 2)); + mp_set(&accum[0], 1); +- MP_CHECKOK(s_mp_to_mont(&accum[0], mmm, &accum[0])); ++ MP_CHECKOK(mp_to_mont(&accum[0], &(mmm->N), &accum[0])); + MP_CHECKOK(mp_copy(montBase, &accum[1])); + SQR(montBase, &accum[2]); + MUL_NOWEAVE(montBase, &accum[2], &accum[3]); +@@ -884,7 +891,7 @@ mp_exptmod_safe_i(const mp_int *montBase, + } else { + if (first_window == 0) { + mp_set(&accum1, 1); +- MP_CHECKOK(s_mp_to_mont(&accum1, mmm, &accum1)); ++ MP_CHECKOK(mp_to_mont(&accum1, &(mmm->N), &accum1)); + } else { + /* assert first_window == 1? */ + MP_CHECKOK(mp_copy(montBase, &accum1)); +@@ -1055,9 +1062,9 @@ mp_exptmod(const mp_int *inBase, const mp_int *exponent, + /* compute n0', given n0, n0' = -(n0 ** -1) mod MP_RADIX + ** where n0 = least significant mp_digit of N, the modulus. + */ +- mmm.n0prime = 0 - s_mp_invmod_radix(MP_DIGIT(modulus, 0)); ++ mmm.n0prime = mp_calculate_mont_n0i(modulus); + +- MP_CHECKOK(s_mp_to_mont(base, &mmm, &montBase)); ++ MP_CHECKOK(mp_to_mont(base, modulus, &montBase)); + + bits_in_exponent = mpl_significant_bits(exponent); + #ifdef MP_USING_CACHE_SAFE_MOD_EXP +diff --git a/lib/freebl/rsa.c b/lib/freebl/rsa.c +index 200f1bd55..67d65ba2b 100644 +--- a/lib/freebl/rsa.c ++++ b/lib/freebl/rsa.c +@@ -64,6 +64,8 @@ struct RSABlindingParamsStr { + SECItem modulus; /* list element "key" */ + blindingParams *free, *bp; /* Blinding parameters queue */ + blindingParams array[RSA_BLINDING_PARAMS_MAX_CACHE_SIZE]; ++ /* precalculate montegomery reduction value */ ++ mp_digit n0i; /* n0i = -( n & MP_DIGIT) ** -1 mod mp_RADIX */ + }; + typedef struct RSABlindingParamsStr RSABlindingParams; + +@@ -1146,6 +1148,8 @@ generate_blinding_params(RSAPrivateKey *key, mp_int *f, mp_int *g, mp_int *n, + CHECK_MPI_OK(mp_exptmod(&k, &e, n, f)); + /* g = k**-1 mod n */ + CHECK_MPI_OK(mp_invmod(&k, n, g)); ++ /* g in montgomery form.. */ ++ CHECK_MPI_OK(mp_to_mont(g, n, g)); + cleanup: + if (kb) + PORT_ZFree(kb, modLen); +@@ -1182,13 +1186,16 @@ init_blinding_params(RSABlindingParams *rsabp, RSAPrivateKey *key, + rsabp->bp = NULL; + rsabp->free = bp; + ++ /* precalculate montgomery reduction parameter */ ++ rsabp->n0i = mp_calculate_mont_n0i(n); ++ + /* List elements are keyed using the modulus */ + return SECITEM_CopyItem(NULL, &rsabp->modulus, &key->modulus); + } + + static SECStatus + get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen, +- mp_int *f, mp_int *g) ++ mp_int *f, mp_int *g, mp_digit *n0i) + { + RSABlindingParams *rsabp = NULL; + blindingParams *bpUnlinked = NULL; +@@ -1248,6 +1255,7 @@ get_blinding_params(RSAPrivateKey *key, mp_int *n, unsigned int modLen, + /* We've found (or created) the RSAblindingParams struct for this key. + * Now, search its list of ready blinding params for a usable one. + */ ++ *n0i = rsabp->n0i; + while (0 != (bp = rsabp->bp)) { + #ifndef UNSAFE_FUZZER_MODE + if (--(bp->counter) > 0) +@@ -1355,6 +1363,7 @@ cleanup: + if (err) { + MP_TO_SEC_ERROR(err); + } ++ *n0i = 0; + return SECFailure; + } + +@@ -1374,6 +1383,7 @@ rsa_PrivateKeyOp(RSAPrivateKey *key, + mp_err err; + mp_int n, c, m; + mp_int f, g; ++ mp_digit n0i; + if (!key || !output || !input) { + PORT_SetError(SEC_ERROR_INVALID_ARGS); + return SECFailure; +@@ -1401,7 +1411,7 @@ rsa_PrivateKeyOp(RSAPrivateKey *key, + ** blinding factor + */ + if (nssRSAUseBlinding) { +- CHECK_SEC_OK(get_blinding_params(key, &n, modLen, &f, &g)); ++ CHECK_SEC_OK(get_blinding_params(key, &n, modLen, &f, &g, &n0i)); + /* c' = c*f mod n */ + CHECK_MPI_OK(mp_mulmod(&c, &f, &n, &c)); + } +@@ -1422,7 +1432,7 @@ rsa_PrivateKeyOp(RSAPrivateKey *key, + */ + if (nssRSAUseBlinding) { + /* m = m'*g mod n */ +- CHECK_MPI_OK(mp_mulmod(&m, &g, &n, &m)); ++ CHECK_MPI_OK(mp_mulmontmodCT(&m, &g, &n, n0i, &m)); + } + err = mp_to_fixlen_octets(&m, output, modLen); + if (err >= 0) +-- +2.30.2 + diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index 333bbdfef08..c394c82e691 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb @@ -32,6 +32,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://system-pkcs11.txt \ file://nss-fix-nsinstall-build.patch \ file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \ + file://0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch;patchdir=nss \ " SRC_URI[sha256sum] = "88928811f9f40f87d42e2eaccdf6e454562e51486067f2ddbe90aa47ea6cd056" From 9c9224811bef48b95711f9367ab59897db119e29 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Sat, 4 May 2024 22:59:27 +0200 Subject: [PATCH 592/600] nss: patch CVE-2024-0743 https://nvd.nist.gov/vuln/detail/CVE-2024-0743 mentions bug 1867408 as tracking fix for this issue. Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- ...a-defensive-check-for-large-ssl_DefS.patch | 40 +++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.74.bb | 1 + 2 files changed, 41 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch diff --git a/meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch b/meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch new file mode 100644 index 00000000000..af32c42aec8 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch @@ -0,0 +1,40 @@ +From 2e75513a13e3cf4a16626ef654242b3b07cc8f29 Mon Sep 17 00:00:00 2001 +From: John Schanck +Date: Mon, 11 Dec 2023 19:24:14 +0000 +Subject: [PATCH] Bug 1867408 - add a defensive check for large ssl_DefSend + return values. r=nkulatova + +Differential Revision: https://phabricator.services.mozilla.com/D195054 + +--HG-- +extra : moz-landing-system : lando + +CVE: CVE-2024-0743 +Upstream-Status: Backport [https://github.com/nss-dev/nss/commit/2e75513a13e3cf4a16626ef654242b3b07cc8f29] + +Signed-off-by: Peter Marko +--- + lib/ssl/sslsecur.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c +index 59ef064c9..9e994f4b5 100644 +--- a/lib/ssl/sslsecur.c ++++ b/lib/ssl/sslsecur.c +@@ -453,7 +453,12 @@ ssl_SendSavedWriteData(sslSocket *ss) + if (rv < 0) { + return rv; + } +- ss->pendingBuf.len -= rv; ++ if (rv > ss->pendingBuf.len) { ++ PORT_Assert(0); /* This shouldn't happen */ ++ ss->pendingBuf.len = 0; ++ } else { ++ ss->pendingBuf.len -= rv; ++ } + if (ss->pendingBuf.len > 0 && rv > 0) { + /* UGH !! This shifts the whole buffer down by copying it */ + PORT_Memmove(ss->pendingBuf.buf, ss->pendingBuf.buf + rv, +-- +2.30.2 + diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index c394c82e691..26baf669d1e 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb @@ -33,6 +33,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://nss-fix-nsinstall-build.patch \ file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \ file://0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch;patchdir=nss \ + file://0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch;patchdir=nss \ " SRC_URI[sha256sum] = "88928811f9f40f87d42e2eaccdf6e454562e51486067f2ddbe90aa47ea6cd056" From 31d0f02673018a0d0a2555be181aaceb5db63da2 Mon Sep 17 00:00:00 2001 From: nikhil Date: Tue, 7 May 2024 17:45:09 +0530 Subject: [PATCH 593/600] libssh: Fix CVE CVE-2023-6004 A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter Signed-off-by: Nikhil R Signed-off-by: Armin Kuster --- ...on-parser-functions-to-config_parser.patch | 464 ++++++++++++++++++ .../libssh/libssh/001_CVE-2023-6004.patch | 30 ++ .../libssh/libssh/002_CVE-2023-6004.patch | 83 ++++ .../libssh/libssh/003_CVE-2023-6004.patch | 117 +++++ .../libssh/libssh/004_CVE-2023-6004.patch | 57 +++ .../libssh/libssh/005_CVE-2023-6004.patch | 142 ++++++ .../libssh/libssh/006_CVE-2023-6004.patch | 117 +++++ .../recipes-support/libssh/libssh_0.8.9.bb | 7 + 8 files changed, 1017 insertions(+) create mode 100644 meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch create mode 100644 meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch diff --git a/meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch b/meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch new file mode 100644 index 00000000000..f26b6441022 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/0001-config-Move-common-parser-functions-to-config_parser.patch @@ -0,0 +1,464 @@ +From 79049981a513f9a10fac0f153e9b0b588326021f Mon Sep 17 00:00:00 2001 +From: Anderson Toshiyuki Sasaki +Date: Fri, 22 Feb 2019 13:06:49 +0100 +Subject: [PATCH] config: Move common parser functions to config_parser.c + +This will allow the moved functions to be used in the server side +configuration parser implementation. + +Signed-off-by: Anderson Toshiyuki Sasaki +Reviewed-by: Andreas Schneider + +CVE:CVE-2023-6004 +Upstream-Status: Backport [https://git.libssh.org/projects/libssh.git/commit/?id=79049981a513f9a10fac0f153e9b0b588326021f] +Signed-off-by: nikhil r +Comment: Removed 1 hunk from config.c as the function was intoduced in +later version + +--- + include/libssh/config_parser.h | 57 ++++++++ + src/CMakeLists.txt | 1 + + src/config.c | 216 +----------------------------- + src/config_parser.c | 238 +++++++++++++++++++++++++++++++++ + 4 files changed, 297 insertions(+), 215 deletions(-) + create mode 100644 include/libssh/config_parser.h + create mode 100644 src/config_parser.c + +diff --git a/include/libssh/config_parser.h b/include/libssh/config_parser.h +new file mode 100644 +index 00000000..e974917c +--- /dev/null ++++ b/include/libssh/config_parser.h +@@ -0,0 +1,57 @@ ++/* ++ * config_parser.h - Common configuration file parser functions ++ * ++ * This file is part of the SSH Library ++ * ++ * Copyright (c) 2019 by Red Hat, Inc. ++ * ++ * Author: Anderson Toshiyuki Sasaki ++ * ++ * The SSH Library is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU Lesser General Public License as published by ++ * the Free Software Foundation; either version 2.1 of the License, or (at your ++ * option) any later version. ++ * ++ * The SSH Library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public ++ * License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with the SSH Library; see the file COPYING. If not, write to ++ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, ++ * MA 02111-1307, USA. ++ */ ++ ++#ifndef CONFIG_PARSER_H_ ++#define CONFIG_PARSER_H_ ++ ++char *ssh_config_get_cmd(char **str); ++ ++char *ssh_config_get_token(char **str); ++ ++long ssh_config_get_long(char **str, long notfound); ++ ++const char *ssh_config_get_str_tok(char **str, const char *def); ++ ++int ssh_config_get_yesno(char **str, int notfound); ++ ++/* @brief Parse SSH URI in format [user@]host[:port] from the given string ++ * ++ * @param[in] tok String to parse ++ * @param[out] username Pointer to the location, where the new username will ++ * be stored or NULL if we do not care about the result. ++ * @param[out] hostname Pointer to the location, where the new hostname will ++ * be stored or NULL if we do not care about the result. ++ * @param[out] port Pointer to the location, where the new port will ++ * be stored or NULL if we do not care about the result. ++ * ++ * @returns SSH_OK if the provided string is in format of SSH URI, ++ * SSH_ERROR on failure ++ */ ++int ssh_config_parse_uri(const char *tok, ++ char **username, ++ char **hostname, ++ char **port); ++ ++#endif /* LIBSSH_CONFIG_H_ */ +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index fdb53baf..de66f056 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -163,6 +163,7 @@ set(libssh_SRCS + external/poly1305.c + external/sc25519.c + chachapoly.c ++ config_parser.c + ) + + if (CMAKE_USE_PTHREADS_INIT) +diff --git a/src/config.c b/src/config.c +index 85ecd96a..4268545d 100644 +--- a/src/config.c ++++ b/src/config.c +@@ -22,7 +22,7 @@ + */ + + #include "config.h" +- ++#include "libssh/config_parser.h" + #include + #include + #include +@@ -228,102 +228,6 @@ static enum ssh_config_opcode_e ssh_config_get_opcode(char *keyword) { + return SOC_UNKNOWN; + } + +-static char *ssh_config_get_cmd(char **str) { +- register char *c; +- char *r; +- +- /* Ignore leading spaces */ +- for (c = *str; *c; c++) { +- if (! isblank(*c)) { +- break; +- } +- } +- +- if (*c == '\"') { +- for (r = ++c; *c; c++) { +- if (*c == '\"') { +- *c = '\0'; +- goto out; +- } +- } +- } +- +- for (r = c; *c; c++) { +- if (*c == '\n') { +- *c = '\0'; +- goto out; +- } +- } +- +-out: +- *str = c + 1; +- +- return r; +-} +- +-static char *ssh_config_get_token(char **str) { +- register char *c; +- char *r; +- +- c = ssh_config_get_cmd(str); +- +- for (r = c; *c; c++) { +- if (isblank(*c) || *c == '=') { +- *c = '\0'; +- goto out; +- } +- } +- +-out: +- *str = c + 1; +- +- return r; +-} +- +-static long ssh_config_get_long(char **str, long notfound) { +- char *p, *endp; +- long i; +- +- p = ssh_config_get_token(str); +- if (p && *p) { +- i = strtol(p, &endp, 10); +- if (p == endp) { +- return notfound; +- } +- return i; +- } +- +- return notfound; +-} +- +-static const char *ssh_config_get_str_tok(char **str, const char *def) { +- char *p; +- +- p = ssh_config_get_token(str); +- if (p && *p) { +- return p; +- } +- +- return def; +-} +- +-static int ssh_config_get_yesno(char **str, int notfound) { +- const char *p; +- +- p = ssh_config_get_str_tok(str, NULL); +- if (p == NULL) { +- return notfound; +- } +- +- if (strncasecmp(p, "yes", 3) == 0) { +- return 1; +- } else if (strncasecmp(p, "no", 2) == 0) { +- return 0; +- } +- +- return notfound; +-} +- + static void local_parse_file(ssh_session session, const char *filename, int *parsing, int seen[]) { + FILE *f; + char line[MAX_LINE_SIZE] = {0}; +diff --git a/src/config_parser.c b/src/config_parser.c +new file mode 100644 +index 00000000..ae2aa2c8 +--- /dev/null ++++ b/src/config_parser.c +@@ -0,0 +1,238 @@ ++/* ++ * config_parser.c - Common configuration file parser functions ++ * ++ * This file is part of the SSH Library ++ * ++ * Copyright (c) 2009-2013 by Andreas Schneider ++ * ++ * The SSH Library is free software; you can redistribute it and/or modify ++ * it under the terms of the GNU Lesser General Public License as published by ++ * the Free Software Foundation; either version 2.1 of the License, or (at your ++ * option) any later version. ++ * ++ * The SSH Library is distributed in the hope that it will be useful, but ++ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY ++ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public ++ * License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public License ++ * along with the SSH Library; see the file COPYING. If not, write to ++ * the Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, ++ * MA 02111-1307, USA. ++ */ ++ ++#include "config.h" ++ ++#include ++#include ++#include ++#include ++ ++#include "libssh/config_parser.h" ++#include "libssh/priv.h" ++ ++char *ssh_config_get_cmd(char **str) ++{ ++ register char *c; ++ char *r; ++ ++ /* Ignore leading spaces */ ++ for (c = *str; *c; c++) { ++ if (! isblank(*c)) { ++ break; ++ } ++ } ++ ++ if (*c == '\"') { ++ for (r = ++c; *c; c++) { ++ if (*c == '\"') { ++ *c = '\0'; ++ goto out; ++ } ++ } ++ } ++ ++ for (r = c; *c; c++) { ++ if (*c == '\n') { ++ *c = '\0'; ++ goto out; ++ } ++ } ++ ++out: ++ *str = c + 1; ++ ++ return r; ++} ++ ++char *ssh_config_get_token(char **str) ++{ ++ register char *c; ++ char *r; ++ ++ c = ssh_config_get_cmd(str); ++ ++ for (r = c; *c; c++) { ++ if (isblank(*c) || *c == '=') { ++ *c = '\0'; ++ goto out; ++ } ++ } ++ ++out: ++ *str = c + 1; ++ ++ return r; ++} ++ ++long ssh_config_get_long(char **str, long notfound) ++{ ++ char *p, *endp; ++ long i; ++ ++ p = ssh_config_get_token(str); ++ if (p && *p) { ++ i = strtol(p, &endp, 10); ++ if (p == endp) { ++ return notfound; ++ } ++ return i; ++ } ++ ++ return notfound; ++} ++ ++const char *ssh_config_get_str_tok(char **str, const char *def) ++{ ++ char *p; ++ ++ p = ssh_config_get_token(str); ++ if (p && *p) { ++ return p; ++ } ++ ++ return def; ++} ++ ++int ssh_config_get_yesno(char **str, int notfound) ++{ ++ const char *p; ++ ++ p = ssh_config_get_str_tok(str, NULL); ++ if (p == NULL) { ++ return notfound; ++ } ++ ++ if (strncasecmp(p, "yes", 3) == 0) { ++ return 1; ++ } else if (strncasecmp(p, "no", 2) == 0) { ++ return 0; ++ } ++ ++ return notfound; ++} ++ ++int ssh_config_parse_uri(const char *tok, ++ char **username, ++ char **hostname, ++ char **port) ++{ ++ char *endp = NULL; ++ long port_n; ++ ++ /* Sanitize inputs */ ++ if (username != NULL) { ++ *username = NULL; ++ } ++ if (hostname != NULL) { ++ *hostname = NULL; ++ } ++ if (port != NULL) { ++ *port = NULL; ++ } ++ ++ /* Username part (optional) */ ++ endp = strchr(tok, '@'); ++ if (endp != NULL) { ++ /* Zero-length username is not valid */ ++ if (tok == endp) { ++ goto error; ++ } ++ if (username != NULL) { ++ *username = strndup(tok, endp - tok); ++ if (*username == NULL) { ++ goto error; ++ } ++ } ++ tok = endp + 1; ++ /* If there is second @ character, this does not look like our URI */ ++ endp = strchr(tok, '@'); ++ if (endp != NULL) { ++ goto error; ++ } ++ } ++ ++ /* Hostname */ ++ if (*tok == '[') { ++ /* IPv6 address is enclosed with square brackets */ ++ tok++; ++ endp = strchr(tok, ']'); ++ if (endp == NULL) { ++ goto error; ++ } ++ } else { ++ /* Hostnames or aliases expand to the last colon or to the end */ ++ endp = strrchr(tok, ':'); ++ if (endp == NULL) { ++ endp = strchr(tok, '\0'); ++ } ++ } ++ if (tok == endp) { ++ /* Zero-length hostnames are not valid */ ++ goto error; ++ } ++ if (hostname != NULL) { ++ *hostname = strndup(tok, endp - tok); ++ if (*hostname == NULL) { ++ goto error; ++ } ++ } ++ /* Skip also the closing bracket */ ++ if (*endp == ']') { ++ endp++; ++ } ++ ++ /* Port (optional) */ ++ if (*endp != '\0') { ++ char *port_end = NULL; ++ ++ /* Verify the port is valid positive number */ ++ port_n = strtol(endp + 1, &port_end, 10); ++ if (port_n < 1 || *port_end != '\0') { ++ SSH_LOG(SSH_LOG_WARN, "Failed to parse port number." ++ " The value '%ld' is invalid or there are some" ++ " trailing characters: '%s'", port_n, port_end); ++ goto error; ++ } ++ if (port != NULL) { ++ *port = strdup(endp + 1); ++ if (*port == NULL) { ++ goto error; ++ } ++ } ++ } ++ ++ return SSH_OK; ++ ++error: ++ if (username != NULL) { ++ SAFE_FREE(*username); ++ } ++ if (hostname != NULL) { ++ SAFE_FREE(*hostname); ++ } ++ if (port != NULL) { ++ SAFE_FREE(*port); ++ } ++ return SSH_ERROR; ++} +-- +2.25.1 + diff --git a/meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch new file mode 100644 index 00000000000..e02cae182a2 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/001_CVE-2023-6004.patch @@ -0,0 +1,30 @@ +From a66b4a6eae6614d200a3625862d77565b96a7cd3 Mon Sep 17 00:00:00 2001 +From: Norbert Pocs +Date: Wed, 1 Nov 2023 11:24:43 +0100 +Subject: [PATCH] CVE-2023-6004: config_parser: Allow multiple '@' in usernames + +Signed-off-by: Norbert Pocs +Reviewed-by: Andreas Schneider +Reviewed-by: Jakub Jelen + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/a66b4a6eae6614d200a3625862d77565b96a7cd3] +Signed-off-by: nikhil r + +--- + src/config_parser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/config_parser.c b/src/config_parser.c +index 0d988fec0..cf83e2c5e 100644 +--- a/src/config_parser.c ++++ b/src/config_parser.c +@@ -180,7 +180,7 @@ int ssh_config_parse_uri(const char *tok, + } + + /* Username part (optional) */ +- endp = strchr(tok, '@'); ++ endp = strrchr(tok, '@'); + if (endp != NULL) { + /* Zero-length username is not valid */ + if (tok == endp) { diff --git a/meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch new file mode 100644 index 00000000000..a77783453a8 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/002_CVE-2023-6004.patch @@ -0,0 +1,83 @@ +From 8615c24647f773a5e04203c7459512715d698be1 Mon Sep 17 00:00:00 2001 +From: Norbert Pocs +Date: Tue, 31 Oct 2023 09:48:52 +0100 +Subject: [PATCH] CVE-2023-6004: options: Simplify the hostname parsing in + ssh_options_set + +Using ssh_config_parse_uri can simplify the parsing of the host +parsing inside the function of ssh_options_set + +Signed-off-by: Norbert Pocs +Reviewed-by: Andreas Schneider +Reviewed-by: Jakub Jelen + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/8615c24647f773a5e04203c7459512715d698be1] +Signed-off-by: nikhil r +Comment: Refreshed hunk 2 from option.c + +--- + src/options.c | 40 ++++++++++++++++------------------------ + 1 file changed, 16 insertions(+), 24 deletions(-) + +diff --git a/src/options.c b/src/options.c +index 6f2c9397e..385114555 100644 +--- a/src/options.c ++++ b/src/options.c +@@ -36,6 +36,7 @@ + #include "libssh/session.h" + #include "libssh/misc.h" + #include "libssh/options.h" ++#include "libssh/config_parser.h" + #ifdef WITH_SERVER + #include "libssh/server.h" + #include "libssh/bind.h" +@@ -415,33 +416,24 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, + ssh_set_error_invalid(session); + return -1; + } else { +- q = strdup(value); +- if (q == NULL) { +- ssh_set_error_oom(session); ++ char *username = NULL, *hostname = NULL, *port = NULL; ++ rc = ssh_config_parse_uri(value, &username, &hostname, &port); ++ if (rc != SSH_OK) { + return -1; + } +- p = strchr(q, '@'); +- +- SAFE_FREE(session->opts.host); +- +- if (p) { +- *p = '\0'; +- session->opts.host = strdup(p + 1); +- if (session->opts.host == NULL) { +- SAFE_FREE(q); +- ssh_set_error_oom(session); +- return -1; +- } +- ++ if (port != NULL) { ++ SAFE_FREE(username); ++ SAFE_FREE(hostname); ++ SAFE_FREE(port); ++ return -1; ++ } ++ if (username != NULL) { + SAFE_FREE(session->opts.username); +- session->opts.username = strdup(q); +- SAFE_FREE(q); +- if (session->opts.username == NULL) { +- ssh_set_error_oom(session); +- return -1; +- } +- } else { +- session->opts.host = q; ++ session->opts.username = username; ++ } ++ if (hostname != NULL) { ++ SAFE_FREE(session->opts.host); ++ session->opts.host = hostname; + } + } + break; diff --git a/meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch new file mode 100644 index 00000000000..a4e790ed0cf --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/003_CVE-2023-6004.patch @@ -0,0 +1,117 @@ +From c6180409677c765e6b9ae2b18a3a7a9671ac1dbe Mon Sep 17 00:00:00 2001 +From: Norbert Pocs +Date: Tue, 10 Oct 2023 12:44:16 +0200 +Subject: [PATCH] CVE-2023-6004: misc: Add function to check allowed characters + of a hostname + +The hostname can be a domain name or an ip address. The colon has to be +allowed because of IPv6 even it is prohibited in domain names. + +Signed-off-by: Norbert Pocs +Reviewed-by: Andreas Schneider +Reviewed-by: Jakub Jelen + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/c6180409677c765e6b9ae2b18a3a7a9671ac1dbe] +Signed-off-by: nikhil r +Comment: Refreshed hunk 1 from misc.h and hunk 2 from misc.c +--- + include/libssh/misc.h | 3 ++ + src/misc.c | 68 +++++++++++++++++++++++++++++++++++++++++++ + 2 files changed, 71 insertions(+) + +diff --git a/include/libssh/misc.h b/include/libssh/misc.h +index 924da5336..0924ba7fb 100644 +--- a/include/libssh/misc.h ++++ b/include/libssh/misc.h +@@ -89,4 +89,6 @@ int ssh_match_group(const char *group, const char *object); + + int ssh_quote_file_name(const char *file_name, char *buf, size_t buf_len); + ++int ssh_check_hostname_syntax(const char *hostname); ++ + #endif /* MISC_H_ */ + +diff --git a/src/misc.c b/src/misc.c +index 7c478a773..be6ee836e 100644 +--- a/src/misc.c ++++ b/src/misc.c +@@ -94,6 +94,8 @@ + #define ZLIB_STRING "" + #endif + ++#define ARPA_DOMAIN_MAX_LEN 63 ++ + /** + * @defgroup libssh_misc The SSH helper functions. + * @ingroup libssh +@@ -1292,4 +1294,69 @@ error: + return SSH_ERROR; + } + ++/** ++ * @brief Checks syntax of a domain name ++ * ++ * The check is made based on the RFC1035 section 2.3.1 ++ * Allowed characters are: hyphen, period, digits (0-9) and letters (a-zA-Z) ++ * ++ * The label should be no longer than 63 characters ++ * The label should start with a letter and end with a letter or number ++ * The label in this implementation can start with a number to allow virtual ++ * URLs to pass. Note that this will make IPv4 addresses to pass ++ * this check too. ++ * ++ * @param hostname The domain name to be checked, has to be null terminated ++ * ++ * @return SSH_OK if the hostname passes syntax check ++ * SSH_ERROR otherwise or if hostname is NULL or empty string ++ */ ++int ssh_check_hostname_syntax(const char *hostname) ++{ ++ char *it = NULL, *s = NULL, *buf = NULL; ++ size_t it_len; ++ char c; ++ ++ if (hostname == NULL || strlen(hostname) == 0) { ++ return SSH_ERROR; ++ } ++ ++ /* strtok_r writes into the string, keep the input clean */ ++ s = strdup(hostname); ++ if (s == NULL) { ++ return SSH_ERROR; ++ } ++ ++ it = strtok_r(s, ".", &buf); ++ /* if the token has 0 length */ ++ if (it == NULL) { ++ free(s); ++ return SSH_ERROR; ++ } ++ do { ++ it_len = strlen(it); ++ if (it_len > ARPA_DOMAIN_MAX_LEN || ++ /* the first char must be a letter, but some virtual urls start ++ * with a number */ ++ isalnum(it[0]) == 0 || ++ isalnum(it[it_len - 1]) == 0) { ++ free(s); ++ return SSH_ERROR; ++ } ++ while (*it != '\0') { ++ c = *it; ++ /* the "." is allowed too, but tokenization removes it from the ++ * string */ ++ if (isalnum(c) == 0 && c != '-') { ++ free(s); ++ return SSH_ERROR; ++ } ++ it++; ++ } ++ } while ((it = strtok_r(NULL, ".", &buf)) != NULL); ++ ++ free(s); ++ ++ return SSH_OK; ++} + /** @} */ diff --git a/meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch new file mode 100644 index 00000000000..39e6d947884 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/004_CVE-2023-6004.patch @@ -0,0 +1,57 @@ +From 22492b69bba22b102342afc574800d354a08e405 Mon Sep 17 00:00:00 2001 +From: Norbert Pocs +Date: Tue, 10 Oct 2023 18:33:56 +0200 +Subject: [PATCH] CVE-2023-6004: config_parser: Check for valid syntax of a + hostname if it is a domain name + +This prevents code injection. +The domain name syntax checker is based on RFC1035. + +Signed-off-by: Norbert Pocs +Reviewed-by: Andreas Schneider +Reviewed-by: Jakub Jelen + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/22492b69bba22b102342afc574800d354a08e405] +Signed-off-by: nikhil r +Comment: Refreshed hunk 2 and 3 from config_parser.c + +--- + src/config_parser.c | 12 +++++++++++- + 1 file changed, 11 insertions(+), 1 deletion(-) + +diff --git a/src/config_parser.c b/src/config_parser.c +index cf83e2c5e..b8b94611a 100644 +--- a/src/config_parser.c ++++ b/src/config_parser.c +@@ -30,6 +30,7 @@ + + #include "libssh/config_parser.h" + #include "libssh/priv.h" ++#include "libssh/misc.h" + + char *ssh_config_get_cmd(char **str) + { +@@ -139,6 +140,7 @@ int ssh_config_parse_uri(const char *tok, + { + char *endp = NULL; + long port_n; ++ int rc; + + /* Sanitize inputs */ + if (username != NULL) { +@@ -196,6 +198,14 @@ int ssh_config_parse_uri(const char *tok, + if (*hostname == NULL) { + goto error; + } ++ /* if not an ip, check syntax */ ++ rc = ssh_is_ipaddr(*hostname); ++ if (rc == 0) { ++ rc = ssh_check_hostname_syntax(*hostname); ++ if (rc != SSH_OK) { ++ goto error; ++ } ++ } + } + /* Skip also the closing bracket */ + if (*endp == ']') { diff --git a/meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch new file mode 100644 index 00000000000..c86aba4d884 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/005_CVE-2023-6004.patch @@ -0,0 +1,142 @@ +From cea841d71c025f9c998b7d5fc9f2a2839df62921 Mon Sep 17 00:00:00 2001 +From: Norbert Pocs +Date: Tue, 28 Nov 2023 15:26:45 +0100 +Subject: [PATCH] CVE-2023-6004 misc: Add ipv6 link-local check for an ip + address + +Signed-off-by: Norbert Pocs +Reviewed-by: Andreas Schneider +Reviewed-by: Jakub Jelen + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/cea841d71c025f9c998b7d5fc9f2a2839df62921] +Signed-off-by: nikhil r +Comment: Refreshed hunk 1 from CMakeLists.txt, hunk 1 from connect.c and +hunks 2,3,4 from misc.c +--- + src/CMakeLists.txt | 1 + + src/connect.c | 2 +- + src/misc.c | 44 ++++++++++++++++++++++++++++++++++++++------ + 3 files changed, 40 insertions(+), 7 deletions(-) + +diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt +index d6245c0db..807313b59 100644 +--- a/src/CMakeLists.txt ++++ b/src/CMakeLists.txt +@@ -14,6 +14,7 @@ set(LIBSSH_LINK_LIBRARIES + if (WIN32) + set(LIBSSH_LINK_LIBRARIES + ${LIBSSH_LINK_LIBRARIES} ++ iphlpapi + ws2_32 + ) + endif (WIN32) +diff --git a/src/connect.c b/src/connect.c +index 57e37e634..15cae6444 100644 +--- a/src/connect.c ++++ b/src/connect.c +@@ -130,7 +130,7 @@ static int getai(const char *host, int port, struct addrinfo **ai) { + #endif + } + +- if (ssh_is_ipaddr(host)) { ++ if (ssh_is_ipaddr(host) == 1) { + /* this is an IP address */ + SSH_LOG(SSH_LOG_PACKET,"host %s matches an IP address",host); + hints.ai_flags |= AI_NUMERICHOST; +diff --git a/src/misc.c b/src/misc.c +index be6ee836e..7081f12ae 100644 +--- a/src/misc.c ++++ b/src/misc.c +@@ -32,6 +32,7 @@ + #include + #include + #include ++#include + + #endif /* _WIN32 */ + +@@ -59,6 +60,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_IO_H + #include +@@ -191,22 +191,37 @@ int ssh_is_ipaddr_v4(const char *str) { + + int ssh_is_ipaddr(const char *str) { + int rc = SOCKET_ERROR; ++ char *s = strdup(str); + +- if (strchr(str, ':')) { ++ if (s == NULL) { ++ return -1; ++ } ++ if (strchr(s, ':')) { + struct sockaddr_storage ss; + int sslen = sizeof(ss); ++ char *network_interface = strchr(s, '%'); + +- /* TODO link-local (IP:v6:addr%ifname). */ +- rc = WSAStringToAddressA((LPSTR) str, ++ /* link-local (IP:v6:addr%ifname). */ ++ if (network_interface != NULL) { ++ rc = if_nametoindex(network_interface + 1); ++ if (rc == 0) { ++ free(s); ++ return 0; ++ } ++ *network_interface = '\0'; ++ } ++ rc = WSAStringToAddressA((LPSTR) s, + AF_INET6, + NULL, + (struct sockaddr*)&ss, + &sslen); + if (rc == 0) { ++ free(s); + return 1; + } + } + ++ free(s); + return ssh_is_ipaddr_v4(str); + } + #else /* _WIN32 */ +@@ -285,17 +300,32 @@ int ssh_is_ipaddr_v4(const char *str) { + + int ssh_is_ipaddr(const char *str) { + int rc = -1; ++ char *s = strdup(str); + +- if (strchr(str, ':')) { ++ if (s == NULL) { ++ return -1; ++ } ++ if (strchr(s, ':')) { + struct in6_addr dest6; ++ char *network_interface = strchr(s, '%'); + +- /* TODO link-local (IP:v6:addr%ifname). */ +- rc = inet_pton(AF_INET6, str, &dest6); ++ /* link-local (IP:v6:addr%ifname). */ ++ if (network_interface != NULL) { ++ rc = if_nametoindex(network_interface + 1); ++ if (rc == 0) { ++ free(s); ++ return 0; ++ } ++ *network_interface = '\0'; ++ } ++ rc = inet_pton(AF_INET6, s, &dest6); + if (rc > 0) { ++ free(s); + return 1; + } + } + ++ free(s); + return ssh_is_ipaddr_v4(str); + } diff --git a/meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch b/meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch new file mode 100644 index 00000000000..f3cb2b998e0 --- /dev/null +++ b/meta-oe/recipes-support/libssh/libssh/006_CVE-2023-6004.patch @@ -0,0 +1,117 @@ +From 1a02364b5107a4125ea3cb76fcdb6beabaebf3be Mon Sep 17 00:00:00 2001 +From: Jakub Jelen +Date: Fri, 22 Dec 2023 10:32:40 +0100 +Subject: [PATCH] Fix regression in IPv6 addresses in hostname parsing + +Signed-off-by: Jakub Jelen +Reviewed-by: Andreas Schneider +(cherry picked from commit 4f997aee7c7d7ea346b3e8ba505da0b7601ff318) + +CVE: CVE-2023-6004 +Upstream-Status: Backport [https://gitlab.com/libssh/libssh-mirror/-/commit/1a02364b5107a4125ea3cb76fcdb6beabaebf3be] +Signed-off-by: nikhil r +Comment: Removed 1 hunk from config_parser.c as the function was intoduced in +later version + +--- + include/libssh/config_parser.h | 11 ++++++++--- + src/config.c | 4 ++-- + src/config_parser.c | 16 +++++++++++----- + src/options.c | 10 ++-------- + 4 files changed, 23 insertions(+), 18 deletions(-) + +diff --git a/include/libssh/config_parser.h b/include/libssh/config_parser.h +index a7dd42a2c..ca353432b 100644 +--- a/include/libssh/config_parser.h ++++ b/include/libssh/config_parser.h +@@ -26,6 +26,8 @@ + #ifndef CONFIG_PARSER_H_ + #define CONFIG_PARSER_H_ + ++#include ++ + char *ssh_config_get_cmd(char **str); + + char *ssh_config_get_token(char **str); +@@ -45,13 +47,16 @@ int ssh_config_get_yesno(char **str, int notfound); + * be stored or NULL if we do not care about the result. + * @param[out] port Pointer to the location, where the new port will + * be stored or NULL if we do not care about the result. ++ * @param[in] ignore_port Set to true if the we should not attempt to parse ++ * port number. + * + * @returns SSH_OK if the provided string is in format of SSH URI, + * SSH_ERROR on failure + */ + int ssh_config_parse_uri(const char *tok, +- char **username, +- char **hostname, +- char **port); ++ char **username, ++ char **hostname, ++ char **port, ++ bool ignore_port); + + #endif /* LIBSSH_CONFIG_H_ */ +diff --git a/src/config_parser.c b/src/config_parser.c +index b8b94611a..d4b2d2c3b 100644 +--- a/src/config_parser.c ++++ b/src/config_parser.c +@@ -162,9 +162,10 @@ int ssh_config_get_yesno(char **str, int notfound) + } + + int ssh_config_parse_uri(const char *tok, +- char **username, +- char **hostname, +- char **port) ++ char **username, ++ char **hostname, ++ char **port, ++ bool ignore_port) + { + char *endp = NULL; + long port_n; +@@ -210,12 +211,17 @@ int ssh_config_parse_uri(const char *tok, + if (endp == NULL) { + goto error; + } +- } else { +- /* Hostnames or aliases expand to the last colon or to the end */ ++ } else if (!ignore_port) { ++ /* Hostnames or aliases expand to the last colon (if port is requested) ++ * or to the end */ + endp = strrchr(tok, ':'); + if (endp == NULL) { + endp = strchr(tok, '\0'); + } ++ } else { ++ /* If no port is requested, expand to the end of line ++ * (to accommodate the IPv6 addresses) */ ++ endp = strchr(tok, '\0'); + } + if (tok == endp) { + /* Zero-length hostnames are not valid */ +diff --git a/src/options.c b/src/options.c +index 385114555..b3ecffe15 100644 +--- a/src/options.c ++++ b/src/options.c +@@ -416,17 +416,11 @@ int ssh_options_set(ssh_session session, enum ssh_options_e type, + ssh_set_error_invalid(session); + return -1; + } else { +- char *username = NULL, *hostname = NULL, *port = NULL; +- rc = ssh_config_parse_uri(value, &username, &hostname, &port); ++ char *username = NULL, *hostname = NULL; ++ rc = ssh_config_parse_uri(value, &username, &hostname, NULL, true); + if (rc != SSH_OK) { + return -1; + } +- if (port != NULL) { +- SAFE_FREE(username); +- SAFE_FREE(hostname); +- SAFE_FREE(port); +- return -1; +- } + if (username != NULL) { + SAFE_FREE(session->opts.username); + session->opts.username = username; diff --git a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb index 530dda1f4a4..98910d30689 100644 --- a/meta-oe/recipes-support/libssh/libssh_0.8.9.bb +++ b/meta-oe/recipes-support/libssh/libssh_0.8.9.bb @@ -11,6 +11,13 @@ SRC_URI = "git://git.libssh.org/projects/libssh.git;protocol=https;branch=stable file://CVE-2023-48795-1.patch \ file://CVE-2023-48795-2.patch \ file://CVE-2023-48795-3.patch \ + file://0001-config-Move-common-parser-functions-to-config_parser.patch \ + file://001_CVE-2023-6004.patch \ + file://002_CVE-2023-6004.patch \ + file://003_CVE-2023-6004.patch \ + file://004_CVE-2023-6004.patch \ + file://005_CVE-2023-6004.patch \ + file://006_CVE-2023-6004.patch \ " SRCREV = "04685a74df9ce1db1bc116a83a0da78b4f4fa1f8" From 5085c443d0bbfc9405ce377dc78aef72da9c19d9 Mon Sep 17 00:00:00 2001 From: Soumya Sambu Date: Wed, 8 May 2024 11:25:43 +0000 Subject: [PATCH 594/600] php: upgrade 8.1.22 -> 8.1.28 Upgrade php to 8.1.28 Security fixes: CVE-2024-3096 CVE-2024-2756 https://www.php.net/ChangeLog-8.php#8.1.28 Signed-off-by: Soumya Sambu Signed-off-by: Armin Kuster --- meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-devtools/php/{php_8.1.22.bb => php_8.1.28.bb} (99%) diff --git a/meta-oe/recipes-devtools/php/php_8.1.22.bb b/meta-oe/recipes-devtools/php/php_8.1.28.bb similarity index 99% rename from meta-oe/recipes-devtools/php/php_8.1.22.bb rename to meta-oe/recipes-devtools/php/php_8.1.28.bb index ffa33184413..e7eb75c1a8f 100644 --- a/meta-oe/recipes-devtools/php/php_8.1.22.bb +++ b/meta-oe/recipes-devtools/php/php_8.1.28.bb @@ -33,7 +33,7 @@ SRC_URI:append:class-target = " \ " S = "${WORKDIR}/php-${PV}" -SRC_URI[sha256sum] = "992354e382c6c618d01ed4be06beea8dec3178b14153df64d3c8c48b85e9fbc2" +SRC_URI[sha256sum] = "8be450096e0153c47d75384e7dd595cc897f1d53ce0060708ce9589bcc3141ee" CVE_CHECK_IGNORE += "\ CVE-2007-2728 \ From d02d0149c7b1630f12a8e2283e7516d712fc0aca Mon Sep 17 00:00:00 2001 From: Yogita Urade Date: Fri, 26 Apr 2024 13:04:43 +0000 Subject: [PATCH 595/600] mbedtls: upgrade 2.28.7->2.28.8 Includes security fixes for: CVE-2024-28960 - Insecure handling of shared memory in PSA Crypto APIs Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8 Signed-off-by: Yogita Urade Signed-off-by: Armin Kuster --- .../mbedtls/{mbedtls_2.28.7.bb => mbedtls_2.28.8.bb} | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) rename meta-networking/recipes-connectivity/mbedtls/{mbedtls_2.28.7.bb => mbedtls_2.28.8.bb} (93%) diff --git a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.8.bb similarity index 93% rename from meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb rename to meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.8.bb index 793cdcaff7d..e47092c5616 100644 --- a/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.7.bb +++ b/meta-networking/recipes-connectivity/mbedtls/mbedtls_2.28.8.bb @@ -23,8 +23,8 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=379d5819937a6c2f1ef1630d341e026d" SECTION = "libs" S = "${WORKDIR}/git" -SRCREV = "555f84735aecdbd76a566cf087ec8425dfb0c8ab" -SRC_URI = "git://github.com/ARMmbed/mbedtls.git;protocol=https;branch=mbedtls-2.28" +SRCREV = "5a764e5555c64337ed17444410269ff21cb617b1" +SRC_URI = "git://github.com/Mbed-TLS/mbedtls.git;protocol=https;branch=mbedtls-2.28" inherit cmake update-alternatives From b93ba321e4d53c6924b1aed8aafb0c517792c723 Mon Sep 17 00:00:00 2001 From: Peter Marko Date: Tue, 21 May 2024 23:33:52 +0200 Subject: [PATCH 596/600] uriparser: upgrade 0.9.6 -> 0.9.8 Handle CVEs: * https://nvd.nist.gov/vuln/detail/CVE-2024-34402 * https://nvd.nist.gov/vuln/detail/CVE-2024-34403 Cherry-pick from master was not possible due to usage of github-releases class which is not in kirkstone yet. Signed-off-by: Peter Marko Signed-off-by: Armin Kuster --- .../uriparser/{uriparser_0.9.6.bb => uriparser_0.9.8.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-support/uriparser/{uriparser_0.9.6.bb => uriparser_0.9.8.bb} (84%) diff --git a/meta-oe/recipes-support/uriparser/uriparser_0.9.6.bb b/meta-oe/recipes-support/uriparser/uriparser_0.9.8.bb similarity index 84% rename from meta-oe/recipes-support/uriparser/uriparser_0.9.6.bb rename to meta-oe/recipes-support/uriparser/uriparser_0.9.8.bb index 0d45a155954..bfe191a6c4e 100644 --- a/meta-oe/recipes-support/uriparser/uriparser_0.9.6.bb +++ b/meta-oe/recipes-support/uriparser/uriparser_0.9.8.bb @@ -5,7 +5,7 @@ LICENSE = "BSD-3-Clause" LIC_FILES_CHKSUM = "file://COPYING;md5=fcc5a53146c2401f4b4f6a3bdf3f0168" SRC_URI = "https://github.com/${BPN}/${BPN}/releases/download/${BP}/${BP}.tar.gz" -SRC_URI[sha256sum] = "10e6f90d359c1087c45f907f95e527a8aca84422251081d1533231e031a084ff" +SRC_URI[sha256sum] = "4cd0e4f93b477272fabceeb0202f269169fe6ec3044e10fac6acbcdf354bb080" UPSTREAM_CHECK_URI = "https://github.com/${BPN}/${BPN}/releases" From 3a08bebf43f7284b76d99c5438319e7c03ebba35 Mon Sep 17 00:00:00 2001 From: Vivek Kumbhar Date: Fri, 24 May 2024 13:22:33 +0530 Subject: [PATCH 597/600] nss: Backport fix CVE-2023-0767 Upstream-Status: Backport from [https://hg.mozilla.org/projects/nss/rev/684586ec163ad4fbbf15ea2cd1ee5c2da43036ad] Signed-off-by: Vivek Kumbhar Signed-off-by: Armin Kuster --- .../nss/nss/CVE-2023-0767.patch | 102 ++++++++++++++++++ meta-oe/recipes-support/nss/nss_3.74.bb | 1 + 2 files changed, 103 insertions(+) create mode 100644 meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch diff --git a/meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch b/meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch new file mode 100644 index 00000000000..0e0725b5f56 --- /dev/null +++ b/meta-oe/recipes-support/nss/nss/CVE-2023-0767.patch @@ -0,0 +1,102 @@ +# HG changeset patch +# User John M. Schanck +# Date 1675974326 0 +# Node ID 684586ec163ad4fbbf15ea2cd1ee5c2da43036ad +# Parent 58d7a8a55aea6a363bb8c7a9a7752739c4d32823 +Bug 1804640 - improve handling of unknown PKCS#12 safe bag types. r=rrelyea + +Differential Revision: https://phabricator.services.mozilla.com/D167443 + +Upstream-Status: Backport [https://hg.mozilla.org/projects/nss/rev/684586ec163ad4fbbf15ea2cd1ee5c2da43036ad] +CVE: CVE-2023-0767 +Signed-off-by: Vivek Kumbhar +--- + nss/lib/pkcs12/p12d.c | 23 +++++++++++++++-------- + nss/lib/pkcs12/p12t.h | 1 + + nss/lib/pkcs12/p12tmpl.c | 4 ++-- + 3 files changed, 18 insertions(+), 10 deletions(-) + +diff --git a/nss/lib/pkcs12/p12d.c b/nss/lib/pkcs12/p12d.c +index 676f33b..decddc5 100644 +--- a/nss/lib/pkcs12/p12d.c ++++ b/nss/lib/pkcs12/p12d.c +@@ -337,31 +337,38 @@ sec_pkcs12_decoder_safe_bag_update(void *arg, const char *data, + SEC_PKCS12DecoderContext *p12dcx; + SECStatus rv; + +- /* make sure that we are not skipping the current safeBag, +- * and that there are no errors. If so, just return rather +- * than continuing to process. +- */ +- if (!safeContentsCtx || !safeContentsCtx->p12dcx || +- safeContentsCtx->p12dcx->error || safeContentsCtx->skipCurrentSafeBag) { ++ if (!safeContentsCtx || !safeContentsCtx->p12dcx || !safeContentsCtx->currentSafeBagA1Dcx) { + return; + } + p12dcx = safeContentsCtx->p12dcx; + ++ /* make sure that there are no errors and we are not skipping the current safeBag */ ++ if (p12dcx->error || safeContentsCtx->skipCurrentSafeBag) { ++ goto loser; ++ } ++ + rv = SEC_ASN1DecoderUpdate(safeContentsCtx->currentSafeBagA1Dcx, data, len); + if (rv != SECSuccess) { + p12dcx->errorValue = PORT_GetError(); ++ p12dcx->error = PR_TRUE; ++ goto loser; ++ } ++ ++ /* The update may have set safeContentsCtx->skipCurrentSafeBag, and we ++ * may not get another opportunity to clean up the decoder context. ++ */ ++ if (safeContentsCtx->skipCurrentSafeBag) { + goto loser; + } + + return; + + loser: +- /* set the error, and finish the decoder context. because there ++ /* Finish the decoder context. Because there + * is not a way of returning an error message, it may be worth + * while to do a check higher up and finish any decoding contexts + * that are still open. + */ +- p12dcx->error = PR_TRUE; + SEC_ASN1DecoderFinish(safeContentsCtx->currentSafeBagA1Dcx); + safeContentsCtx->currentSafeBagA1Dcx = NULL; + return; +diff --git a/nss/lib/pkcs12/p12t.h b/nss/lib/pkcs12/p12t.h +index b22f0dd..d449afd 100644 +--- a/nss/lib/pkcs12/p12t.h ++++ b/nss/lib/pkcs12/p12t.h +@@ -73,6 +73,7 @@ struct sec_PKCS12SafeBagStr { + sec_PKCS12CRLBag *crlBag; + sec_PKCS12SecretBag *secretBag; + sec_PKCS12SafeContents *safeContents; ++ SECItem *unknownBag; + } safeBagContent; + + sec_PKCS12Attribute **attribs; +diff --git a/nss/lib/pkcs12/p12tmpl.c b/nss/lib/pkcs12/p12tmpl.c +index 7437cbc..b08384f 100644 +--- a/nss/lib/pkcs12/p12tmpl.c ++++ b/nss/lib/pkcs12/p12tmpl.c +@@ -30,12 +30,12 @@ sec_pkcs12_choose_safe_bag_type(void *src_or_dest, PRBool encoding) + + oiddata = SECOID_FindOID(&safeBag->safeBagType); + if (oiddata == NULL) { +- return SEC_ASN1_GET(SEC_AnyTemplate); ++ return SEC_ASN1_GET(SEC_PointerToAnyTemplate); + } + + switch (oiddata->offset) { + default: +- theTemplate = SEC_ASN1_GET(SEC_AnyTemplate); ++ theTemplate = SEC_ASN1_GET(SEC_PointerToAnyTemplate); + break; + case SEC_OID_PKCS12_V1_KEY_BAG_ID: + theTemplate = SEC_ASN1_GET(SECKEY_PointerToPrivateKeyInfoTemplate); +-- +2.34.1 diff --git a/meta-oe/recipes-support/nss/nss_3.74.bb b/meta-oe/recipes-support/nss/nss_3.74.bb index 26baf669d1e..ce4137a67f0 100644 --- a/meta-oe/recipes-support/nss/nss_3.74.bb +++ b/meta-oe/recipes-support/nss/nss_3.74.bb @@ -34,6 +34,7 @@ SRC_URI = "http://ftp.mozilla.org/pub/mozilla.org/security/nss/releases/${VERSIO file://0001-freebl-add-a-configure-option-to-disable-ARM-HW-cryp.patch \ file://0001-Bug-1780432-CVE-2023-5388-Timing-attack-against-RSA-.patch;patchdir=nss \ file://0001-Bug-1867408-add-a-defensive-check-for-large-ssl_DefS.patch;patchdir=nss \ + file://CVE-2023-0767.patch \ " SRC_URI[sha256sum] = "88928811f9f40f87d42e2eaccdf6e454562e51486067f2ddbe90aa47ea6cd056" From 0560b848996a0feb410a8cd8ca07c60fe2f3b5bc Mon Sep 17 00:00:00 2001 From: Priyal Doshi Date: Mon, 13 May 2024 17:50:45 +0530 Subject: [PATCH 598/600] ITS#10094 libldap/OpenSSL: fix setting ciphersuites Backport-from: https://git.openldap.org/openldap/openldap/-/merge_requests/654/diffs?commit_id=8c482cec9a68e74b3609b1e44738bee352f6577a Signed-off-by: Priyal Doshi Signed-off-by: Armin Kuster --- ...dap-OpenSSL-fix-setting-ciphersuites.patch | 69 +++++++++++++++++++ .../openldap/openldap_2.5.16.bb | 1 + 2 files changed, 70 insertions(+) create mode 100644 meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch diff --git a/meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch b/meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch new file mode 100644 index 00000000000..211dbe99bf5 --- /dev/null +++ b/meta-oe/recipes-support/openldap/openldap/0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch @@ -0,0 +1,69 @@ +From 7cee69298857e2393799780ee472dfe0a378ee2d Mon Sep 17 00:00:00 2001 +From: Howard Chu +Date: Thu, 12 Oct 2023 17:22:48 +0100 +Subject: [PATCH] ITS#10094 libldap/OpenSSL: fix setting ciphersuites + +Don't try old-style ciphersuite list if only v1.3 or newer ciphers were specified + +Upstream-Status: Backport from https://git.openldap.org/openldap/openldap/-/merge_requests/654/diffs?commit_id=8c482cec9a68e74b3609b1e44738bee352f6577a + +Signed-off-by: Priyal Doshi +--- + libraries/libldap/tls_o.c | 16 +++++++++++++--- + 1 file changed, 13 insertions(+), 3 deletions(-) + +diff --git a/libraries/libldap/tls_o.c b/libraries/libldap/tls_o.c +index d6405bc..4123a9b 100644 +--- a/libraries/libldap/tls_o.c ++++ b/libraries/libldap/tls_o.c +@@ -294,7 +294,7 @@ tlso_stecpy( char *dst, const char *src, const char *end ) + * Try to find any TLS1.3 ciphers in the given list of suites. + */ + static void +-tlso_ctx_cipher13( tlso_ctx *ctx, char *suites ) ++tlso_ctx_cipher13( tlso_ctx *ctx, char *suites, char **oldsuites ) + { + char tls13_suites[1024], *ts = tls13_suites, *te = tls13_suites + sizeof(tls13_suites); + char *ptr, *colon, *nptr; +@@ -303,6 +303,8 @@ tlso_ctx_cipher13( tlso_ctx *ctx, char *suites ) + SSL *s = SSL_new( ctx ); + int ret; + ++ *oldsuites = NULL; ++ + if ( !s ) + return; + +@@ -334,8 +336,15 @@ tlso_ctx_cipher13( tlso_ctx *ctx, char *suites ) + if ( tls13_suites[0] ) + ts = tlso_stecpy( ts, ":", te ); + ts = tlso_stecpy( ts, nptr, te ); ++ } else if (! *oldsuites) { ++ /* should never happen, set_ciphersuites should ++ * only succeed for TLSv1.3 and above ++ */ ++ *oldsuites = ptr; + } + } ++ } else if (! *oldsuites) { ++ *oldsuites = ptr; + } + if ( !colon || ts >= te ) + break; +@@ -415,10 +424,11 @@ tlso_ctx_init( struct ldapoptions *lo, struct ldaptls *lt, int is_server ) + } + + if ( lo->ldo_tls_ciphersuite ) { ++ char *oldsuites = lt->lt_ciphersuite; + #if OPENSSL_VERSION_NUMBER >= 0x10101000 +- tlso_ctx_cipher13( ctx, lt->lt_ciphersuite ); ++ tlso_ctx_cipher13( ctx, lt->lt_ciphersuite, &oldsuites ); + #endif +- if ( !SSL_CTX_set_cipher_list( ctx, lt->lt_ciphersuite ) ) ++ if ( oldsuites && !SSL_CTX_set_cipher_list( ctx, oldsuites ) ) + { + Debug1( LDAP_DEBUG_ANY, + "TLS: could not set cipher list %s.\n", +-- +2.34.1 + diff --git a/meta-oe/recipes-support/openldap/openldap_2.5.16.bb b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb index 9e9d05917df..7e1c8fde19d 100644 --- a/meta-oe/recipes-support/openldap/openldap_2.5.16.bb +++ b/meta-oe/recipes-support/openldap/openldap_2.5.16.bb @@ -20,6 +20,7 @@ SRC_URI = "http://www.openldap.org/software/download/OpenLDAP/openldap-release/$ file://slapd.service \ file://remove-user-host-pwd-from-version.patch \ file://0001-build-top.mk-unset-STRIP_OPTS.patch \ + file://0001-ITS-10094-libldap-OpenSSL-fix-setting-ciphersuites.patch \ " SRC_URI[sha256sum] = "546ba591822e8bb0e467d40c4d4a30f89d937c3a507fe83a578f582f6a211327" From ba7e425be5d4ef9f6f7bdf2630deddefc441ecbe Mon Sep 17 00:00:00 2001 From: Chaitanya Vadrevu Date: Wed, 29 May 2024 15:36:15 -0500 Subject: [PATCH 599/600] pv: Update from 1.6.20 to 1.7.0 Signed-off-by: Chaitanya Vadrevu --- meta-oe/recipes-support/pv/{pv_1.6.20.bb => pv_1.7.0.bb} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename meta-oe/recipes-support/pv/{pv_1.6.20.bb => pv_1.7.0.bb} (91%) diff --git a/meta-oe/recipes-support/pv/pv_1.6.20.bb b/meta-oe/recipes-support/pv/pv_1.7.0.bb similarity index 91% rename from meta-oe/recipes-support/pv/pv_1.6.20.bb rename to meta-oe/recipes-support/pv/pv_1.7.0.bb index 867a621d1a0..187e27be926 100644 --- a/meta-oe/recipes-support/pv/pv_1.6.20.bb +++ b/meta-oe/recipes-support/pv/pv_1.7.0.bb @@ -7,7 +7,7 @@ LIC_FILES_CHKSUM = "file://doc/COPYING;md5=9c50db2589ee3ef10a9b7b2e50ce1d02" SRC_URI = "https://www.ivarch.com/programs/sources/${BP}.tar.bz2 \ file://run-ptest \ " -SRC_URI[sha256sum] = "e831951eff0718fba9b1ef286128773b9d0e723e1fbfae88d5a3188814fdc603" +SRC_URI[sha256sum] = "1372b41053881a05e2df10cb054304decc0233261c0aa0e96185842fa5a422ad" UPSTREAM_CHECK_URI = "http://www.ivarch.com/programs/pv.shtml" UPSTREAM_CHECK_REGEX = "pv-(?P\d+(\.\d+)+).tar.bz2" From 328bf24680888839c4a56c87ba323e20b2c725e5 Mon Sep 17 00:00:00 2001 From: pratheekshasn Date: Mon, 15 Jul 2024 17:34:16 +0530 Subject: [PATCH 600/600] Install fonts after target boots Signed-off by: Pratheeksha S N --- meta-oe/recipes-graphics/ttf-fonts/ttf-pt-sans_1.1.bb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/meta-oe/recipes-graphics/ttf-fonts/ttf-pt-sans_1.1.bb b/meta-oe/recipes-graphics/ttf-fonts/ttf-pt-sans_1.1.bb index e9aa5721f79..901f0e757f9 100644 --- a/meta-oe/recipes-graphics/ttf-fonts/ttf-pt-sans_1.1.bb +++ b/meta-oe/recipes-graphics/ttf-fonts/ttf-pt-sans_1.1.bb @@ -26,7 +26,7 @@ do_install () { FILES:${PN} += "${datadir}" -pkg_postinst:${PN} () { +pkg_postinst_ontarget:${PN} () { set -x for fontdir in `find $D/usr/lib/X11/fonts -type d`; do mkfontdir $fontdir