diff options
Diffstat (limited to 'external/poky/meta/recipes-extended/cpio')
5 files changed, 689 insertions, 0 deletions
diff --git a/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch new file mode 100644 index 00000000..0a305448 --- /dev/null +++ b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch @@ -0,0 +1,346 @@ +From ebf9a2d776474181936a720ce811d72bbd1da3b6 Mon Sep 17 00:00:00 2001 +From: Pavel Raiskup <praiskup@redhat.com> +Date: Tue, 26 Jan 2016 23:17:54 +0100 +Subject: [PATCH] CVE-2016-2037 - 1 byte out-of-bounds write + +Ensure that cpio_safer_name_suffix always works with dynamically +allocated buffer, and that it has size of at least 32 bytes. +Then, any call to cpio_safer_name_suffix is safe (it requires at +least 2 bytes in the buffer). + +Also ensure that c_namesize is always correctly initialized (by +cpio_set_c_name) to avoid undefined behavior when reading +file_hdr.c_namesize (previously happened for tar archives). + +References: +http://www.mail-archive.com/bug-cpio@gnu.org/msg00545.html + +* src/copyin.c (query_rename): Drop the hack, as we now work with +dynamically allocated buffer. Use cpio_set_c_name. +(create_defered_links_to_skipped): Use cpio_set_c_name rather than +manual assignment. +(read_name_from_file): New function to avoid C&P. +(read_in_old_ascii, read_in_new_ascii, read_in_binary): Use +read_name_from_file. +(process_copy_in): Initialize file_hdr.c_namesize. +* src/copyout.c (process_copy_out): Use cpio_set_c_name. +* src/cpiohdr.h (cpio_set_c_name): New prototype. +* src/tar.c (read_in_tar_header): Use cpio_set_c_name. +* src/util.c (cpio_set_c_name): New function to set +file_hdr->c_name and c_namesize from arbitrary string. +(cpio_safer_name_suffix): Some docs fixes. +* tests/inout.at: Also test copy-in, and try various formats. + +CVE: CVE-2016-2037 + +Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b] + +Signed-off-by: Andre McCurdy <armccurdy@gmail.com> +--- + src/copyin.c | 68 +++++++++++++++++++--------------------------------------- + src/copyout.c | 13 +++++------ + src/cpiohdr.h | 1 + + src/tar.c | 10 +++++---- + src/util.c | 32 ++++++++++++++++++++++++++- + tests/inout.at | 19 ++++++++++++++-- + 6 files changed, 82 insertions(+), 61 deletions(-) + +diff --git a/src/copyin.c b/src/copyin.c +index cde911e..972f8a6 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -76,28 +76,7 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out, + return -1; + } + else +- /* Debian hack: file_hrd.c_name is sometimes set to +- point to static memory by code in tar.c. This +- causes a segfault. This has been fixed and an +- additional check to ensure that the file name +- is not too long has been added. (Reported by +- Horst Knobloch.) This bug has been reported to +- "bug-gnu-utils@prep.ai.mit.edu". (99/1/6) -BEM */ +- { +- if (archive_format != arf_tar && archive_format != arf_ustar) +- { +- free (file_hdr->c_name); +- file_hdr->c_name = xstrdup (new_name.ds_string); +- } +- else +- { +- if (is_tar_filename_too_long (new_name.ds_string)) +- error (0, 0, _("%s: file name too long"), +- new_name.ds_string); +- else +- strcpy (file_hdr->c_name, new_name.ds_string); +- } +- } ++ cpio_set_c_name (file_hdr, new_name.ds_string); + return 0; + } + +@@ -344,8 +323,7 @@ create_defered_links_to_skipped (struct cpio_file_stat *file_hdr, + d_prev->next = d->next; + else + deferments = d->next; +- free (file_hdr->c_name); +- file_hdr->c_name = xstrdup(d->header.c_name); ++ cpio_set_c_name (file_hdr, d->header.c_name); + free_deferment (d); + copyin_regular_file(file_hdr, in_file_des); + return 0; +@@ -1064,6 +1042,22 @@ read_in_header (struct cpio_file_stat *file_hdr, int in_des) + } + } + ++static void ++read_name_from_file (struct cpio_file_stat *file_hdr, int fd, uintmax_t len) ++{ ++ static char *tmp_filename; ++ static size_t buflen; ++ ++ if (buflen < len) ++ { ++ buflen = len; ++ tmp_filename = xrealloc (tmp_filename, buflen); ++ } ++ ++ tape_buffered_read (tmp_filename, fd, len); ++ cpio_set_c_name (file_hdr, tmp_filename); ++} ++ + /* Fill in FILE_HDR by reading an old-format ASCII format cpio header from + file descriptor IN_DES, except for the magic number, which is + already filled in. */ +@@ -1090,14 +1084,8 @@ read_in_old_ascii (struct cpio_file_stat *file_hdr, int in_des) + file_hdr->c_rdev_min = minor (dev); + + file_hdr->c_mtime = FROM_OCTAL (ascii_header.c_mtime); +- file_hdr->c_namesize = FROM_OCTAL (ascii_header.c_namesize); + file_hdr->c_filesize = FROM_OCTAL (ascii_header.c_filesize); +- +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize + 1); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, FROM_OCTAL (ascii_header.c_namesize)); + + /* HP/UX cpio creates archives that look just like ordinary archives, + but for devices it sets major = 0, minor = 1, and puts the +@@ -1152,14 +1140,8 @@ read_in_new_ascii (struct cpio_file_stat *file_hdr, int in_des) + file_hdr->c_dev_min = FROM_HEX (ascii_header.c_dev_min); + file_hdr->c_rdev_maj = FROM_HEX (ascii_header.c_rdev_maj); + file_hdr->c_rdev_min = FROM_HEX (ascii_header.c_rdev_min); +- file_hdr->c_namesize = FROM_HEX (ascii_header.c_namesize); + file_hdr->c_chksum = FROM_HEX (ascii_header.c_chksum); +- +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, FROM_HEX (ascii_header.c_namesize)); + + /* In SVR4 ASCII format, the amount of space allocated for the header + is rounded up to the next long-word, so we might need to drop +@@ -1207,16 +1189,9 @@ read_in_binary (struct cpio_file_stat *file_hdr, + file_hdr->c_rdev_min = minor (short_hdr->c_rdev); + file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16 + | short_hdr->c_mtimes[1]; +- +- file_hdr->c_namesize = short_hdr->c_namesize; + file_hdr->c_filesize = (unsigned long) short_hdr->c_filesizes[0] << 16 + | short_hdr->c_filesizes[1]; +- +- /* Read file name from input. */ +- if (file_hdr->c_name != NULL) +- free (file_hdr->c_name); +- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize); +- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize); ++ read_name_from_file (file_hdr, in_des, short_hdr->c_namesize); + + /* In binary mode, the amount of space allocated in the header for + the filename is `c_namesize' rounded up to the next short-word, +@@ -1297,6 +1272,7 @@ process_copy_in () + read_pattern_file (); + } + file_hdr.c_name = NULL; ++ file_hdr.c_namesize = 0; + + if (rename_batch_file) + { +diff --git a/src/copyout.c b/src/copyout.c +index 1f0987a..bb39559 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -660,8 +660,7 @@ process_copy_out () + cpio_safer_name_suffix (input_name.ds_string, false, + !no_abs_paths_flag, true); + #ifndef HPUX_CDF +- file_hdr.c_name = input_name.ds_string; +- file_hdr.c_namesize = strlen (input_name.ds_string) + 1; ++ cpio_set_c_name (&file_hdr, input_name.ds_string); + #else + if ( (archive_format != arf_tar) && (archive_format != arf_ustar) ) + { +@@ -670,16 +669,15 @@ process_copy_out () + properly recreate the directory as hidden (in case the + files of a directory go into the archive before the + directory itself (e.g from "find ... -depth ... | cpio")). */ +- file_hdr.c_name = add_cdf_double_slashes (input_name.ds_string); +- file_hdr.c_namesize = strlen (file_hdr.c_name) + 1; ++ cpio_set_c_name (&file_hdr, ++ add_cdf_double_slashes (input_name.ds_string)); + } + else + { + /* We don't mark CDF's in tar files. We assume the "hidden" + directory will always go into the archive before any of + its files. */ +- file_hdr.c_name = input_name.ds_string; +- file_hdr.c_namesize = strlen (input_name.ds_string) + 1; ++ cpio_set_c_name (&file_hdr, input_name.ds_string); + } + #endif + +@@ -866,8 +864,7 @@ process_copy_out () + file_hdr.c_chksum = 0; + + file_hdr.c_filesize = 0; +- file_hdr.c_namesize = 11; +- file_hdr.c_name = CPIO_TRAILER_NAME; ++ cpio_set_c_name (&file_hdr, CPIO_TRAILER_NAME); + if (archive_format != arf_tar && archive_format != arf_ustar) + write_out_header (&file_hdr, out_file_des); + else +diff --git a/src/cpiohdr.h b/src/cpiohdr.h +index b29e6fb..f4c63be 100644 +--- a/src/cpiohdr.h ++++ b/src/cpiohdr.h +@@ -129,5 +129,6 @@ struct cpio_file_stat /* Internal representation of a CPIO header */ + char *c_tar_linkname; + }; + ++void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name); + + #endif /* cpiohdr.h */ +diff --git a/src/tar.c b/src/tar.c +index a2ce171..e41f89d 100644 +--- a/src/tar.c ++++ b/src/tar.c +@@ -282,7 +282,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + if (null_block ((long *) &tar_rec, TARRECORDSIZE)) + #endif + { +- file_hdr->c_name = CPIO_TRAILER_NAME; ++ cpio_set_c_name (file_hdr, CPIO_TRAILER_NAME); + return; + } + #if 0 +@@ -316,9 +316,11 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + } + + if (archive_format != arf_ustar) +- file_hdr->c_name = stash_tar_filename (NULL, tar_hdr->name); ++ cpio_set_c_name (file_hdr, stash_tar_filename (NULL, tar_hdr->name)); + else +- file_hdr->c_name = stash_tar_filename (tar_hdr->prefix, tar_hdr->name); ++ cpio_set_c_name (file_hdr, stash_tar_filename (tar_hdr->prefix, ++ tar_hdr->name)); ++ + file_hdr->c_nlink = 1; + file_hdr->c_mode = FROM_OCTAL (tar_hdr->mode); + file_hdr->c_mode = file_hdr->c_mode & 07777; +@@ -398,7 +400,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des) + case AREGTYPE: + /* Old tar format; if the last char in filename is '/' then it is + a directory, otherwise it's a regular file. */ +- if (file_hdr->c_name[strlen (file_hdr->c_name) - 1] == '/') ++ if (file_hdr->c_name[file_hdr->c_namesize - 1] == '/') + file_hdr->c_mode |= CP_IFDIR; + else + file_hdr->c_mode |= CP_IFREG; +diff --git a/src/util.c b/src/util.c +index 6ff6032..4f3c073 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -1410,8 +1410,34 @@ set_file_times (int fd, + utime_error (name); + } + ++ ++void ++cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) ++{ ++ static size_t buflen = 0; ++ size_t len = strlen (name) + 1; ++ ++ if (buflen == 0) ++ { ++ buflen = len; ++ if (buflen < 32) ++ buflen = 32; ++ file_hdr->c_name = xmalloc (buflen); ++ } ++ else if (buflen < len) ++ { ++ buflen = len; ++ file_hdr->c_name = xrealloc (file_hdr->c_name, buflen); ++ } ++ ++ file_hdr->c_namesize = len; ++ memmove (file_hdr->c_name, name, len); ++} ++ + /* Do we have to ignore absolute paths, and if so, does the filename +- have an absolute path? */ ++ have an absolute path? Before calling this function make sure that the ++ allocated NAME buffer has capacity at least 2 bytes. */ ++ + void + cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names, + bool strip_leading_dots) +@@ -1426,6 +1452,10 @@ cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names, + ++p; + } + if (p != name) ++ /* The 'p' string is shortened version of 'name' with one exception; when ++ the 'name' points to an empty string (buffer where name[0] == '\0') the ++ 'p' then points to static string ".". So caller needs to ensure there ++ are at least two bytes available in 'name' buffer so memmove succeeds. */ + memmove (name, p, (size_t)(strlen (p) + 1)); + } + +diff --git a/tests/inout.at b/tests/inout.at +index 60c3716..730cbd2 100644 +--- a/tests/inout.at ++++ b/tests/inout.at +@@ -35,7 +35,22 @@ while read NAME LENGTH + do + genfile --length $LENGTH > $NAME + echo $NAME +-done < filelist | +- cpio --quiet -o > archive]) ++done < filelist > filelist_raw ++ ++for format in bin odc newc crc tar ustar hpbin hpodc ++do ++ cpio --format=$format --quiet -o < filelist_raw > archive.$format ++ rm -rf output ++ mkdir output && cd output ++ cpio -i --quiet < ../archive.$format ++ ++ while read file ++ do ++ test -f $file || echo "$file not found" ++ done < ../filelist_raw ++ ++ cd .. ++done ++]) + + AT_CLEANUP +-- +1.9.1 + diff --git a/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch new file mode 100644 index 00000000..5c999197 --- /dev/null +++ b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch @@ -0,0 +1,178 @@ +From dcee489f821c1260a0136fcdfdb6ff4dd11086ac Mon Sep 17 00:00:00 2001 +From: Alexander Kanavin <alex.kanavin@gmail.com> +Date: Wed, 9 Dec 2015 17:58:03 +0200 +Subject: [PATCH] Fix CVE-2015-1197 + +Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197. +Upstream is dormant or no longer existing. To restore the old +behaviour use --extract-over-symlinks (Closes: #774669) +This issue has been discovered by Alexander Cherepanov. +Author: Vitezslav Cizek <vcizek@suse.cz> +Bug-Debian: https://bugs.debian.org/774669 + +Upstream-Status: Pending +CVE: CVE-2015-1197 +Signed-off-by: Robert Yang <liezhi.yang@windriver.com> +Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> + +--- + doc/cpio.1 | 1 + + src/copyin.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + src/extern.h | 1 + + src/global.c | 3 +++ + src/main.c | 7 +++++++ + 5 files changed, 74 insertions(+) + +diff --git a/doc/cpio.1 b/doc/cpio.1 +index 2a68241..dc4676c 100644 +--- a/doc/cpio.1 ++++ b/doc/cpio.1 +@@ -49,6 +49,7 @@ cpio \- copy files to and from archives + [\fB\-\-no\-preserve\-owner\fR] [\fB\-\-message=\fIMESSAGE\fR] + [\fB\-\-force\-local\fR] [\fB\-\-no\-absolute\-filenames\fR] [\fB\-\-sparse\fR] + [\fB\-\-only\-verify\-crc\fR] [\fB\-\-to\-stdout\fR] [\fB\-\-quiet\fR] ++[\fB\-\-extract\-over\-symlinks\fR] + [\fB\-\-rsh\-command=\fICOMMAND\fR] + [\fIpattern\fR...] [\fB<\fR \fIarchive\fR] + +diff --git a/src/copyin.c b/src/copyin.c +index cde911e..053afe7 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -695,6 +695,51 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des) + free (link_name); + } + ++ ++static int ++path_contains_symlink(char *path) ++{ ++ struct stat st; ++ char *slash; ++ char *nextslash; ++ ++ /* we got NULL pointer or empty string */ ++ if (!path || !*path) { ++ return false; ++ } ++ ++ slash = path; ++ ++ while ((nextslash = strchr(slash + 1, '/')) != NULL) { ++ slash = nextslash; ++ *slash = '\0'; ++ ++ if (lstat(path, &st) != 0) { ++ if (errno == ELOOP) { ++ /* ELOOP - too many symlinks */ ++ *slash = '/'; ++ return true; ++ } else if (errno == ENOMEM) { ++ /* No memory for lstat - terminate */ ++ xalloc_die(); ++ } else { ++ /* cannot lstat path - give up */ ++ *slash = '/'; ++ return false; ++ } ++ } ++ ++ if (S_ISLNK(st.st_mode)) { ++ *slash = '/'; ++ return true; ++ } ++ ++ *slash = '/'; ++ } ++ ++ return false; ++} ++ + static void + copyin_file (struct cpio_file_stat *file_hdr, int in_file_des) + { +@@ -1468,6 +1513,23 @@ process_copy_in () + { + /* Copy the input file into the directory structure. */ + ++ /* Can we write files over symlinks? */ ++ if (!extract_over_symlinks) ++ { ++ if (path_contains_symlink(file_hdr.c_name)) ++ { ++ /* skip the file */ ++ /* ++ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name); ++ tape_toss_input (in_file_des, file_hdr.c_filesize); ++ tape_skip_padding (in_file_des, file_hdr.c_filesize); ++ continue; ++ */ ++ /* terminate */ ++ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name); ++ } ++ } ++ + /* Do we need to rename the file? */ + if (rename_flag || rename_batch_file) + { +diff --git a/src/extern.h b/src/extern.h +index e27d662..d864bde 100644 +--- a/src/extern.h ++++ b/src/extern.h +@@ -96,6 +96,7 @@ extern char input_is_special; + extern char output_is_special; + extern char input_is_seekable; + extern char output_is_seekable; ++extern bool extract_over_symlinks; + extern int (*xstat) (); + extern void (*copy_function) (); + extern char *change_directory_option; +diff --git a/src/global.c b/src/global.c +index 57e505a..336fce4 100644 +--- a/src/global.c ++++ b/src/global.c +@@ -187,6 +187,9 @@ bool to_stdout_option = false; + /* The name this program was run with. */ + char *program_name; + ++/* Extract files over symbolic links */ ++bool extract_over_symlinks; ++ + /* A pointer to either lstat or stat, depending on whether + dereferencing of symlinks is done for input files. */ + int (*xstat) (); +diff --git a/src/main.c b/src/main.c +index a13861f..87cb309 100644 +--- a/src/main.c ++++ b/src/main.c +@@ -59,6 +59,7 @@ enum cpio_options { + DEBUG_OPTION, + BLOCK_SIZE_OPTION, + TO_STDOUT_OPTION, ++ EXTRACT_OVER_SYMLINKS, + RENUMBER_INODES_OPTION, + IGNORE_DEVNO_OPTION, + DEVICE_INDEPENDENT_OPTION +@@ -243,6 +244,8 @@ static struct argp_option options[] = { + N_("Create leading directories where needed"), GRID+1 }, + {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0, + N_("Do not change the ownership of the files"), GRID+1 }, ++ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0, ++ N_("Force writing over symbolic links"), GRID+1 }, + {"unconditional", 'u', NULL, 0, + N_("Replace all files unconditionally"), GRID+1 }, + {"sparse", SPARSE_OPTION, NULL, 0, +@@ -432,6 +435,10 @@ crc newc odc bin ustar tar (all-caps also recognized)"), arg)); + no_chown_flag = true; + break; + ++ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */ ++ extract_over_symlinks = true; ++ break; ++ + case 'o': /* Copy-out mode. */ + if (copy_function != 0) + USAGE_ERROR ((0, 0, _("Mode already defined"))); +-- +2.6.2 + diff --git a/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch new file mode 100644 index 00000000..2043c890 --- /dev/null +++ b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch @@ -0,0 +1,87 @@ +Upstream-Status: Submitted [bugs-cpio] +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 3f0bd5a40ad0ceaee78c74a52a7166ed7f08db81 Mon Sep 17 00:00:00 2001 +From: Pavel Raiskup <praiskup@redhat.com> +Date: Thu, 29 Nov 2018 07:03:48 +0100 +Subject: [PATCH] Fix segfault with --append + +The --append mode combines both process_copy_in() and +process_copy_out() methods, each of them working with different +(local) file_hdr->c_name buffers. So ensure that +cpio_set_c_name() isn't using the same static variable for +maintaining length of different buffers. + +Complements d36ec5f4e93130efb24fb9. Thanks to Ross Burton. + +* src/copyin.c (process_copy_in): Always initialize file_hdr. +* src/copyout.c (process_copy_out): Likewise. +* src/cpiohdr.h (cpio_file_stat): Add c_name_buflen variable. +* src/util.c (cpio_set_c_name): Use file_hdr->c_name_buflen. +--- + src/copyin.c | 1 + + src/copyout.c | 1 + + src/cpiohdr.h | 1 + + src/util.c | 3 ++- + 4 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/src/copyin.c b/src/copyin.c +index ba887ae..767c2f8 100644 +--- a/src/copyin.c ++++ b/src/copyin.c +@@ -1213,6 +1213,7 @@ process_copy_in () + + newdir_umask = umask (0); /* Reset umask to preserve modes of + created files */ ++ memset (&file_hdr, 0, sizeof (struct cpio_file_stat)); + + /* Initialize the copy in. */ + if (pattern_file_name) +diff --git a/src/copyout.c b/src/copyout.c +index 7532dac..fb890cb 100644 +--- a/src/copyout.c ++++ b/src/copyout.c +@@ -594,6 +594,7 @@ process_copy_out () + + /* Initialize the copy out. */ + ds_init (&input_name, 128); ++ memset (&file_hdr, 0, sizeof (struct cpio_file_stat)); + file_hdr.c_magic = 070707; + + /* Check whether the output file might be a tape. */ +diff --git a/src/cpiohdr.h b/src/cpiohdr.h +index 588135b..cf64f3e 100644 +--- a/src/cpiohdr.h ++++ b/src/cpiohdr.h +@@ -127,6 +127,7 @@ struct cpio_file_stat /* Internal representation of a CPIO header */ + uint32_t c_chksum; + char *c_name; + char *c_tar_linkname; ++ size_t c_name_buflen; + }; + + void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name); +diff --git a/src/util.c b/src/util.c +index 10486dc..1256469 100644 +--- a/src/util.c ++++ b/src/util.c +@@ -1413,7 +1413,7 @@ set_file_times (int fd, + void + cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) + { +- static size_t buflen = 0; ++ size_t buflen = file_hdr->c_name_buflen; + size_t len = strlen (name) + 1; + + if (buflen == 0) +@@ -1430,6 +1430,7 @@ cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name) + } + + file_hdr->c_namesize = len; ++ file_hdr->c_name_buflen = buflen; + memmove (file_hdr->c_name, name, len); + } + +-- +2.11.0 + diff --git a/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch new file mode 100644 index 00000000..6ae21394 --- /dev/null +++ b/external/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch @@ -0,0 +1,30 @@ +From b9565dc2fe0c4f7daaec91b7e83bc7313dee2f4a Mon Sep 17 00:00:00 2001 +From: Khem Raj <raj.khem@gmail.com> +Date: Mon, 13 Apr 2015 17:02:13 -0700 +Subject: [PATCH] Unset need_charset_alias when building for musl + +localcharset uses ac_cv_gnu_library_2_1 from glibc21.m4 +which actually shoudl be fixed in gnulib and then all downstream +projects will get it eventually. For now we apply the fix to +coreutils + +Upstream-Status: Pending + +Signed-off-by: Khem Raj <raj.khem@gmail.com> +--- + lib/gnulib.mk | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +Index: cpio-2.11/gnu/Makefile.am +=================================================================== +--- cpio-2.11.orig/gnu/Makefile.am ++++ cpio-2.11/gnu/Makefile.am +@@ -734,7 +734,7 @@ install-exec-localcharset: all-local + case '$(host_os)' in \ + darwin[56]*) \ + need_charset_alias=true ;; \ +- darwin* | cygwin* | mingw* | pw32* | cegcc*) \ ++ darwin* | cygwin* | mingw* | pw32* | cegcc* | linux-musl*) \ + need_charset_alias=false ;; \ + *) \ + need_charset_alias=true ;; \ diff --git a/external/poky/meta/recipes-extended/cpio/cpio_2.12.bb b/external/poky/meta/recipes-extended/cpio/cpio_2.12.bb new file mode 100644 index 00000000..6ba8337e --- /dev/null +++ b/external/poky/meta/recipes-extended/cpio/cpio_2.12.bb @@ -0,0 +1,48 @@ +SUMMARY = "GNU cpio is a program to manage archives of files" +DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \ +another. It handles a number of cpio formats as well as reading and writing tar files." +HOMEPAGE = "http://www.gnu.org/software/cpio/" +SECTION = "base" +LICENSE = "GPLv3" +LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949" + +SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \ + file://0001-Unset-need_charset_alias-when-building-for-musl.patch \ + file://0001-Fix-CVE-2015-1197.patch \ + file://0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch \ + file://0001-Fix-segfault-with-append.patch \ + " + +SRC_URI[md5sum] = "fc207561a86b63862eea4b8300313e86" +SRC_URI[sha256sum] = "08a35e92deb3c85d269a0059a27d4140a9667a6369459299d08c17f713a92e73" + +inherit autotools gettext texinfo + +EXTRA_OECONF += "DEFAULT_RMT_DIR=${base_sbindir}" + +do_install () { + autotools_do_install + if [ "${base_bindir}" != "${bindir}" ]; then + install -d ${D}${base_bindir}/ + mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio" + rmdir ${D}${bindir}/ + fi +} + +PACKAGES =+ "${PN}-rmt" + +FILES_${PN}-rmt = "${base_sbindir}/rmt*" + +inherit update-alternatives + +ALTERNATIVE_PRIORITY = "100" + +ALTERNATIVE_${PN} = "cpio" +ALTERNATIVE_${PN}-rmt = "rmt" + +ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio" + +ALTERNATIVE_PRIORITY[rmt] = "50" +ALTERNATIVE_LINK_NAME[rmt] = "${base_sbindir}/rmt" + +BBCLASSEXTEND = "native" |