agl-basesystem

8 files changed, 321 insertions, 0 deletions

diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2016-3189.patch b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2016-3189.patch
new file mode 100644
index 00000000..1d0c3a6d
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2016-3189.patch
@@ -0,0 +1,18 @@
+Upstream-Status: Backport
+https://bugzilla.suse.com/attachment.cgi?id=681334
+
+CVE: CVE-2016-3189
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+Index: bzip2-1.0.6/bzip2recover.c
+===================================================================
+--- bzip2-1.0.6.orig/bzip2recover.c
++++ bzip2-1.0.6/bzip2recover.c
+@@ -457,6 +457,7 @@ Int32 main ( Int32 argc, Char** argv )
+             bsPutUChar ( bsWr, 0x50 ); bsPutUChar ( bsWr, 0x90 );
+             bsPutUInt32 ( bsWr, blockCRC );
+             bsClose ( bsWr );
++            outFile = NULL;
+          }
+          if (wrBlock >= rbCtr) break;
+          wrBlock++;
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch
new file mode 100644
index 00000000..98416448
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/CVE-2019-12900.patch
@@ -0,0 +1,33 @@
+From 11e1fac27eb8a3076382200736874c78e09b75d6 Mon Sep 17 00:00:00 2001
+From: Albert Astals Cid <aacid@kde.org>
+Date: Tue, 28 May 2019 19:35:18 +0200
+Subject: [PATCH] Make sure nSelectors is not out of range
+
+nSelectors is used in a loop from 0 to nSelectors to access selectorMtf
+which is
+	UChar    selectorMtf[BZ_MAX_SELECTORS];
+so if nSelectors is bigger than BZ_MAX_SELECTORS it'll do an invalid memory
+access
+
+Fixes out of bounds access discovered while fuzzying karchive
+CVE: CVE-2019-12900
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+---
+ decompress.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/decompress.c b/decompress.c
+index 311f566..b6e0a29 100644
+--- a/decompress.c
++++ b/decompress.c
+@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s )
+       GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
+       if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
+       GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
+-      if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
++      if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
+       for (i = 0; i < nSelectors; i++) {
+          j = 0;
+          while (True) {
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/Makefile.am b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/Makefile.am
new file mode 100644
index 00000000..dcf64584
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/Makefile.am
@@ -0,0 +1,73 @@
+
+lib_LTLIBRARIES = libbz2.la
+libbz2_la_LDFLAGS = -version-info 1:6:0
+
+libbz2_la_SOURCES = blocksort.c  \
+                    huffman.c    \
+                    crctable.c   \
+                    randtable.c  \
+                    compress.c   \
+                    decompress.c \
+                    bzlib.c
+
+bin_PROGRAMS = bzip2 bzip2recover
+
+bzip2_SOURCES = bzip2.c
+bzip2_LDADD = libbz2.la
+bzip2_DEPENDENCIES = libbz2.la
+
+include_HEADERS = bzlib.h
+
+bzip2recover_SOURCES = bzip2recover.c
+bzip2recover_LDADD = libbz2.la
+bzip2recover_DEPENDENCIES = libbz2.la
+
+bin_SCRIPTS = bzgrep bzmore bzdiff
+
+man_MANS = bzip2.1 bzgrep.1 bzmore.1 bzdiff.1
+EXTRA_DIST = $(man_MANS)
+
+runtest:
+	./bzip2 -1  < sample1.ref > sample1.rb2
+	./bzip2 -2  < sample2.ref > sample2.rb2
+	./bzip2 -3  < sample3.ref > sample3.rb2
+	./bzip2 -d  < sample1.bz2 > sample1.tst
+	./bzip2 -d  < sample2.bz2 > sample2.tst
+	./bzip2 -ds < sample3.bz2 > sample3.tst
+	@if cmp sample1.bz2 sample1.rb2; then echo "PASS: sample1 compress";\
+	else echo "FAIL: sample1 compress"; fi
+	@if cmp sample2.bz2 sample2.rb2; then echo "PASS: sample2 compress";\
+	else echo "FAIL: sample2 compress"; fi
+	@if cmp sample3.bz2 sample3.rb2; then echo "PASS: sample3 compress";\
+	else echo "FAIL: sample3 compress"; fi
+	@if cmp sample1.tst sample1.ref; then echo "PASS: sample1 decompress";\
+	else echo "FAIL: sample1 decompress"; fi
+	@if cmp sample2.tst sample2.ref; then echo "PASS: sample2 decompress";\
+	else echo "FAIL: sample2 decompress"; fi
+	@if cmp sample3.tst sample3.ref; then echo "PASS: sample3 decompress";\
+	else echo "FAIL: sample3 decompress"; fi
+
+install-ptest:
+	sed  -n '/^runtest:/,/^install-ptest:/{/^install-ptest:/!p}' \
+           $(srcdir)/Makefile.am      > $(DESTDIR)/Makefile
+	cp $(srcdir)/sample1.ref	$(DESTDIR)/
+	cp $(srcdir)/sample2.ref	$(DESTDIR)/
+	cp $(srcdir)/sample3.ref	$(DESTDIR)/
+	cp $(srcdir)/sample1.bz2	$(DESTDIR)/
+	cp $(srcdir)/sample2.bz2	$(DESTDIR)/
+	cp $(srcdir)/sample3.bz2	$(DESTDIR)/
+	ln -s $(bindir)/bzip2		$(DESTDIR)/bzip2
+
+install-exec-hook:
+	ln -s $(bindir)/bzip2$(EXEEXT) $(DESTDIR)$(bindir)/bunzip2$(EXEEXT)
+	ln -s $(bindir)/bzip2$(EXEEXT) $(DESTDIR)$(bindir)/bzcat$(EXEEXT)
+	ln -s $(bindir)/bzgrep$(EXEEXT) $(DESTDIR)$(bindir)/bzegrep$(EXEEXT)
+	ln -s $(bindir)/bzgrep$(EXEEXT) $(DESTDIR)$(bindir)/bzfgrep$(EXEEXT)
+	ln -s $(bindir)/bzmore$(EXEEXT) $(DESTDIR)$(bindir)/bzless$(EXEEXT)
+	ln -s $(bindir)/bzdiff$(EXEEXT) $(DESTDIR)$(bindir)/bzcmp$(EXEEXT)
+
+install-data-hook:
+	echo ".so man1/bzgrep.1" > $(DESTDIR)$(mandir)/man1/bzegrep.1
+	echo ".so man1/bzgrep.1" > $(DESTDIR)$(mandir)/man1/bzfgrep.1
+	echo ".so man1/bzmore.1" > $(DESTDIR)$(mandir)/man1/bzless.1
+	echo ".so man1/bzdiff.1" > $(DESTDIR)$(mandir)/man1/bzcmp.1
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/configure.ac b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/configure.ac
new file mode 100644
index 00000000..e2bf1bf1
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/configure.ac
@@ -0,0 +1,11 @@
+AC_PREREQ([2.57])
+
+AC_INIT(bzip2, 1.0.6)
+AM_INIT_AUTOMAKE(foreign)
+AM_MAINTAINER_MODE
+
+AC_PROG_CC
+AC_PROG_LIBTOOL
+
+AC_OUTPUT([Makefile])
+
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
new file mode 100644
index 00000000..ece90d94
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-bunzip2-qt-returns-0-for-corrupt-archives.patch
@@ -0,0 +1,55 @@
+From 8068659388127e8e63f2d2297ba2348c72b20705 Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan@windriver.com>
+Date: Mon, 12 Oct 2015 03:19:51 -0400
+Subject: [PATCH] bzip2: fix bunzip2 -qt returns 0 for corrupt archives
+
+"bzip2 -t FILE" returns 2 if FILE exists, but is not a valid bzip2 file.
+"bzip2 -qt FILE" returns 0 when this happens, although it does print out
+an error message as is does so.
+
+This has been fix by Debian, just port changes from Debian patch file
+"20-legacy.patch".
+
+Debian defect:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=279025
+
+Fix item from changelog:
+http://archive.debian.net/changelogs/pool/main/b/bzip2/bzip2_1.0.2-7/changelog
+
+  * Fixed "bunzip2 -qt returns 0 for corrupt archives" (Closes: #279025).
+
+Upstream-Status: Pending
+
+Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
+---
+ bzip2.c | 14 ++++++++------
+ 1 file changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/bzip2.c b/bzip2.c
+index 6de9d1d..f2ce668 100644
+--- a/bzip2.c
++++ b/bzip2.c
+@@ -2003,12 +2003,14 @@ IntNative main ( IntNative argc, Char *argv[] )
+             testf ( aa->name );
+ 	 }
+       }
+-      if (testFailsExist && noisy) {
+-         fprintf ( stderr,
+-           "\n"
+-           "You can use the `bzip2recover' program to attempt to recover\n"
+-           "data from undamaged sections of corrupted files.\n\n"
+-         );
++      if (testFailsExist) {
++         if (noisy) {
++            fprintf ( stderr,
++              "\n"
++              "You can use the `bzip2recover' program to attempt to recover\n"
++              "data from undamaged sections of corrupted files.\n\n"
++            );
++         }
+          setExit(2);
+          exit(exitValue);
+       }
+-- 
+1.9.1
+
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-regression-CVE-2019-12900.patch b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-regression-CVE-2019-12900.patch
new file mode 100644
index 00000000..362e6cf3
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/fix-regression-CVE-2019-12900.patch
@@ -0,0 +1,82 @@
+From 212f3ed7ac3931c9e0e9167a0bdc16eeb3c76af4 Mon Sep 17 00:00:00 2001
+From: Mark Wielaard <mark@klomp.org>
+Date: Wed, 3 Jul 2019 01:28:11 +0200
+Subject: [PATCH] Accept as many selectors as the file format allows.
+
+But ignore any larger than the theoretical maximum, BZ_MAX_SELECTORS.
+
+The theoretical maximum number of selectors depends on the maximum
+blocksize (900000 bytes) and the number of symbols (50) that can be
+encoded with a different Huffman tree. BZ_MAX_SELECTORS is 18002.
+
+But the bzip2 file format allows the number of selectors to be encoded
+with 15 bits (because 18002 isn't a factor of 2 and doesn't fit in
+14 bits). So the file format maximum is 32767 selectors.
+
+Some bzip2 encoders might actually have written out more selectors
+than the theoretical maximum because they rounded up the number of
+selectors to some convenient factor of 8.
+
+The extra 14766 selectors can never be validly used by the decompression
+algorithm. So we can read them, but then discard them.
+
+This is effectively what was done (by accident) before we added a
+check for nSelectors to be at most BZ_MAX_SELECTORS to mitigate
+CVE-2019-12900.
+
+The extra selectors were written out after the array inside the
+EState struct. But the struct has extra space allocated after the
+selector arrays of 18060 bytes (which is larger than 14766).
+All of which will be initialized later (so the overwrite of that
+space with extra selector values would have been harmless).
+
+Upstream-Status: Backport
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+
+---
+ compress.c   |  2 +-
+ decompress.c | 10 ++++++++--
+ 2 files changed, 9 insertions(+), 3 deletions(-)
+
+diff --git a/compress.c b/compress.c
+index caf7696..19b662b 100644
+--- a/compress.c
++++ b/compress.c
+@@ -454,7 +454,7 @@ void sendMTFValues ( EState* s )
+ 
+    AssertH( nGroups < 8, 3002 );
+    AssertH( nSelectors < 32768 &&
+-            nSelectors <= (2 + (900000 / BZ_G_SIZE)),
++            nSelectors <= BZ_MAX_SELECTORS,
+             3003 );
+ 
+ 
+diff --git a/decompress.c b/decompress.c
+index b6e0a29..78060c9 100644
+--- a/decompress.c
++++ b/decompress.c
+@@ -287,7 +287,7 @@ Int32 BZ2_decompress ( DState* s )
+       GET_BITS(BZ_X_SELECTOR_1, nGroups, 3);
+       if (nGroups < 2 || nGroups > 6) RETURN(BZ_DATA_ERROR);
+       GET_BITS(BZ_X_SELECTOR_2, nSelectors, 15);
+-      if (nSelectors < 1 || nSelectors > BZ_MAX_SELECTORS) RETURN(BZ_DATA_ERROR);
++      if (nSelectors < 1) RETURN(BZ_DATA_ERROR);
+       for (i = 0; i < nSelectors; i++) {
+          j = 0;
+          while (True) {
+@@ -296,8 +296,14 @@ Int32 BZ2_decompress ( DState* s )
+             j++;
+             if (j >= nGroups) RETURN(BZ_DATA_ERROR);
+          }
+-         s->selectorMtf[i] = j;
++         /* Having more than BZ_MAX_SELECTORS doesn't make much sense
++            since they will never be used, but some implementations might
++            "round up" the number of selectors, so just ignore those. */
++         if (i < BZ_MAX_SELECTORS)
++           s->selectorMtf[i] = j;
+       }
++      if (nSelectors > BZ_MAX_SELECTORS)
++        nSelectors = BZ_MAX_SELECTORS;
+ 
+       /*--- Undo the MTF values for the selectors. ---*/
+       {
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/run-ptest b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/run-ptest
new file mode 100644
index 00000000..3b20fce1
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2-1.0.6/run-ptest
@@ -0,0 +1,2 @@
+#!/bin/sh
+make -k runtest
diff --git a/external/poky/meta/recipes-extended/bzip2/bzip2_1.0.6.bb b/external/poky/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
new file mode 100644
index 00000000..33cb8dda
--- /dev/null
+++ b/external/poky/meta/recipes-extended/bzip2/bzip2_1.0.6.bb
@@ -0,0 +1,47 @@
+SUMMARY = "Very high-quality data compression program"
+DESCRIPTION = "bzip2 compresses files using the Burrows-Wheeler block-sorting text compression algorithm, and \
+Huffman coding. Compression is generally considerably better than that achieved by more conventional \
+LZ77/LZ78-based compressors, and approaches the performance of the PPM family of statistical compressors."
+HOMEPAGE = "https://sourceware.org/bzip2/"
+SECTION = "console/utils"
+LICENSE = "bzip2"
+LIC_FILES_CHKSUM = "file://LICENSE;beginline=4;endline=37;md5=39406315f540c69bd05b1531daedd2ae"
+PR = "r5"
+
+SRC_URI = "http://downloads.yoctoproject.org/mirror/sources/${BP}.tar.gz \
+           file://fix-bunzip2-qt-returns-0-for-corrupt-archives.patch \
+           file://configure.ac;subdir=${BP} \
+           file://Makefile.am;subdir=${BP} \
+           file://run-ptest \
+           file://CVE-2016-3189.patch \
+           file://CVE-2019-12900.patch \
+           file://fix-regression-CVE-2019-12900.patch \
+           "
+
+SRC_URI[md5sum] = "00b516f4704d4a7cb50a1d97e6e8e15b"
+SRC_URI[sha256sum] = "a2848f34fcd5d6cf47def00461fcb528a0484d8edef8208d6d2e2909dc61d9cd"
+
+UPSTREAM_CHECK_URI = "https://www.sourceware.org/bzip2/"
+UPSTREAM_VERSION_UNKNOWN = "1"
+
+PACKAGES =+ "libbz2"
+
+CFLAGS_append = " -fPIC -fpic -Winline -fno-strength-reduce -D_FILE_OFFSET_BITS=64"
+
+inherit autotools update-alternatives ptest relative_symlinks
+
+ALTERNATIVE_PRIORITY = "100"
+ALTERNATIVE_${PN} = "bunzip2 bzcat"
+
+#install binaries to bzip2-native under sysroot for replacement-native
+EXTRA_OECONF_append_class-native = " --bindir=${STAGING_BINDIR_NATIVE}/${PN}"
+
+do_install_ptest () {
+	sed -i -e "s|^Makefile:|_Makefile:|" ${D}${PTEST_PATH}/Makefile
+}
+
+FILES_libbz2 = "${libdir}/lib*${SOLIBS}"
+
+PROVIDES_append_class-native = " bzip2-replacement-native"
+BBCLASSEXTEND = "native nativesdk"
+