mirror of
https://git.yoctoproject.org/poky
synced 2026-05-08 05:09:24 +00:00
zlib: upgrade 1.2.12 -> 1.2.13
Drop a number of patches whicih have been merged upstream. (From OE-Core rev: 115eb5326dc7f9256d58147b3655cd13d5994cfc) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This commit is contained in:
Ross Burton
committed by
Richard Purdie
Richard Purdie
parent
607c8f5809
commit
92de327c68
-54
@@ -1,54 +0,0 @@
|
||||
From ec3df00224d4b396e2ac6586ab5d25f673caa4c2 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Adler <madler@alumni.caltech.edu>
|
||||
Date: Wed, 30 Mar 2022 11:14:53 -0700
|
||||
Subject: [PATCH] Correct incorrect inputs provided to the CRC functions.
|
||||
|
||||
The previous releases of zlib were not sensitive to incorrect CRC
|
||||
inputs with bits set above the low 32. This commit restores that
|
||||
behavior, so that applications with such bugs will continue to
|
||||
operate as before.
|
||||
|
||||
Upstream-Status: Backport [https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2]
|
||||
Signed-off-by: Jacob Kroon <jacob.kroon@gmail.com>
|
||||
---
|
||||
crc32.c | 8 ++++----
|
||||
1 file changed, 4 insertions(+), 4 deletions(-)
|
||||
|
||||
diff --git a/crc32.c b/crc32.c
|
||||
index a1bdce5..451887b 100644
|
||||
--- a/crc32.c
|
||||
+++ b/crc32.c
|
||||
@@ -630,7 +630,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
|
||||
#endif /* DYNAMIC_CRC_TABLE */
|
||||
|
||||
/* Pre-condition the CRC */
|
||||
- crc ^= 0xffffffff;
|
||||
+ crc = (~crc) & 0xffffffff;
|
||||
|
||||
/* Compute the CRC up to a word boundary. */
|
||||
while (len && ((z_size_t)buf & 7) != 0) {
|
||||
@@ -749,7 +749,7 @@ unsigned long ZEXPORT crc32_z(crc, buf, len)
|
||||
#endif /* DYNAMIC_CRC_TABLE */
|
||||
|
||||
/* Pre-condition the CRC */
|
||||
- crc ^= 0xffffffff;
|
||||
+ crc = (~crc) & 0xffffffff;
|
||||
|
||||
#ifdef W
|
||||
|
||||
@@ -1077,7 +1077,7 @@ uLong ZEXPORT crc32_combine64(crc1, crc2, len2)
|
||||
#ifdef DYNAMIC_CRC_TABLE
|
||||
once(&made, make_crc_table);
|
||||
#endif /* DYNAMIC_CRC_TABLE */
|
||||
- return multmodp(x2nmodp(len2, 3), crc1) ^ crc2;
|
||||
+ return multmodp(x2nmodp(len2, 3), crc1) ^ (crc2 & 0xffffffff);
|
||||
}
|
||||
|
||||
/* ========================================================================= */
|
||||
@@ -1112,5 +1112,5 @@ uLong crc32_combine_op(crc1, crc2, op)
|
||||
uLong crc2;
|
||||
uLong op;
|
||||
{
|
||||
- return multmodp(op, crc1) ^ crc2;
|
||||
+ return multmodp(op, crc1) ^ (crc2 & 0xffffffff);
|
||||
}
|
||||
-38
@@ -1,38 +0,0 @@
|
||||
From eff308af425b67093bab25f80f1ae950166bece1 Mon Sep 17 00:00:00 2001
|
||||
From: Mark Adler <fork@madler.net>
|
||||
Date: Sat, 30 Jul 2022 15:51:11 -0700
|
||||
Subject: [PATCH] Fix a bug when getting a gzip header extra field with inflate().
|
||||
|
||||
If the extra field was larger than the space the user provided with
|
||||
inflateGetHeader(), and if multiple calls of inflate() delivered
|
||||
the extra header data, then there could be a buffer overflow of the
|
||||
provided space. This commit assures that provided space is not
|
||||
exceeded.
|
||||
|
||||
CVE: CVE-2022-37434
|
||||
Upstream-Status: Backport [https://github.com/madler/zlib/commit/eff308af425b67093bab25f80f1ae950166be]
|
||||
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
||||
---
|
||||
inflate.c | 5 +++--
|
||||
1 file changed, 3 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/inflate.c b/inflate.c
|
||||
index 7be8c63..7a72897 100644
|
||||
--- a/inflate.c
|
||||
+++ b/inflate.c
|
||||
@@ -763,9 +763,10 @@ int flush;
|
||||
copy = state->length;
|
||||
if (copy > have) copy = have;
|
||||
if (copy) {
|
||||
+ len = state->head->extra_len - state->length;
|
||||
if (state->head != Z_NULL &&
|
||||
- state->head->extra != Z_NULL) {
|
||||
- len = state->head->extra_len - state->length;
|
||||
+ state->head->extra != Z_NULL &&
|
||||
+ len < state->head->extra_max) {
|
||||
zmemcpy(state->head->extra + len, next,
|
||||
len + copy > state->head->extra_max ?
|
||||
state->head->extra_max - len : copy);
|
||||
--
|
||||
2.37.2
|
||||
|
||||
-36
@@ -1,36 +0,0 @@
|
||||
From 1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d Mon Sep 17 00:00:00 2001
|
||||
From: Mark Adler <fork@madler.net>
|
||||
Date: Mon, 8 Aug 2022 10:50:09 -0700
|
||||
Subject: [PATCH] Fix extra field processing bug that dereferences NULL
|
||||
state->head.
|
||||
|
||||
The recent commit to fix a gzip header extra field processing bug
|
||||
introduced the new bug fixed here.
|
||||
|
||||
CVE: CVE-2022-37434
|
||||
Upstream-Status: Backport [https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d]
|
||||
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
||||
---
|
||||
inflate.c | 4 ++--
|
||||
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||
|
||||
diff --git a/inflate.c b/inflate.c
|
||||
index 7a72897..2a3c4fe 100644
|
||||
--- a/inflate.c
|
||||
+++ b/inflate.c
|
||||
@@ -763,10 +763,10 @@ int flush;
|
||||
copy = state->length;
|
||||
if (copy > have) copy = have;
|
||||
if (copy) {
|
||||
- len = state->head->extra_len - state->length;
|
||||
if (state->head != Z_NULL &&
|
||||
state->head->extra != Z_NULL &&
|
||||
- len < state->head->extra_max) {
|
||||
+ (len = state->head->extra_len - state->length) <
|
||||
+ state->head->extra_max) {
|
||||
zmemcpy(state->head->extra + len, next,
|
||||
len + copy > state->head->extra_max ?
|
||||
state->head->extra_max - len : copy);
|
||||
--
|
||||
2.37.2
|
||||
|
||||
@@ -1,27 +0,0 @@
|
||||
Upstream-Status: Backport
|
||||
Signed-off-by: Ross Burton <ross.burton@arm.com>
|
||||
|
||||
From 05796d3d8d5546cf1b4dfe2cd72ab746afae505d Mon Sep 17 00:00:00 2001
|
||||
From: Mark Adler <madler@alumni.caltech.edu>
|
||||
Date: Mon, 28 Mar 2022 18:34:10 -0700
|
||||
Subject: [PATCH] Fix configure issue that discarded provided CC definition.
|
||||
|
||||
---
|
||||
configure | 3 +++
|
||||
1 file changed, 3 insertions(+)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index 52ff4a04e..3fa3e8618 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -174,7 +174,10 @@ if test -z "$CC"; then
|
||||
else
|
||||
cc=${CROSS_PREFIX}cc
|
||||
fi
|
||||
+else
|
||||
+ cc=${CC}
|
||||
fi
|
||||
+
|
||||
cflags=${CFLAGS-"-O3"}
|
||||
# to force the asm version use: CFLAGS="-O3 -DASMV" ./configure
|
||||
case "$cc" in
|
||||
@@ -1,45 +0,0 @@
|
||||
Obey LDFLAGS for tests
|
||||
|
||||
Upstream-Status: Submitted [https://github.com/madler/zlib/pull/409]
|
||||
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
||||
|
||||
--- zlib-1.2.8.orig/Makefile.in
|
||||
+++ zlib-1.2.8/Makefile.in
|
||||
@@ -26,7 +26,7 @@ CFLAGS=-O
|
||||
|
||||
SFLAGS=-O
|
||||
LDFLAGS=
|
||||
-TEST_LDFLAGS=-L. libz.a
|
||||
+TEST_LDFLAGS=-L. $(LDFLAGS)
|
||||
LDSHARED=$(CC)
|
||||
CPP=$(CC) -E
|
||||
|
||||
@@ -176,22 +176,22 @@ placebo $(SHAREDLIBV): $(PIC_OBJS) libz.
|
||||
-@rmdir objs
|
||||
|
||||
example$(EXE): example.o $(STATICLIB)
|
||||
- $(CC) $(CFLAGS) -o $@ example.o $(TEST_LDFLAGS)
|
||||
+ $(CC) $(CFLAGS) -o $@ example.o $(TEST_LDFLAGS) $(STATICLIB)
|
||||
|
||||
minigzip$(EXE): minigzip.o $(STATICLIB)
|
||||
- $(CC) $(CFLAGS) -o $@ minigzip.o $(TEST_LDFLAGS)
|
||||
+ $(CC) $(CFLAGS) -o $@ minigzip.o $(TEST_LDFLAGS) $(STATICLIB)
|
||||
|
||||
examplesh$(EXE): example.o $(SHAREDLIBV)
|
||||
- $(CC) $(CFLAGS) -o $@ example.o -L. $(SHAREDLIBV)
|
||||
+ $(CC) $(CFLAGS) -o $@ example.o $(TEST_LDFLAGS) $(SHAREDLIBV)
|
||||
|
||||
minigzipsh$(EXE): minigzip.o $(SHAREDLIBV)
|
||||
- $(CC) $(CFLAGS) -o $@ minigzip.o -L. $(SHAREDLIBV)
|
||||
+ $(CC) $(CFLAGS) -o $@ minigzip.o $(TEST_LDFLAGS) $(SHAREDLIBV)
|
||||
|
||||
example64$(EXE): example64.o $(STATICLIB)
|
||||
- $(CC) $(CFLAGS) -o $@ example64.o $(TEST_LDFLAGS)
|
||||
+ $(CC) $(CFLAGS) -o $@ example64.o $(TEST_LDFLAGS) $(STATICLIB)
|
||||
|
||||
minigzip64$(EXE): minigzip64.o $(STATICLIB)
|
||||
- $(CC) $(CFLAGS) -o $@ minigzip64.o $(TEST_LDFLAGS)
|
||||
+ $(CC) $(CFLAGS) -o $@ minigzip64.o $(TEST_LDFLAGS) $(STATICLIB)
|
||||
|
||||
install-libs: $(LIBS)
|
||||
-@if [ ! -d $(DESTDIR)$(exec_prefix) ]; then mkdir -p $(DESTDIR)$(exec_prefix); fi
|
||||
@@ -8,17 +8,12 @@ LIC_FILES_CHKSUM = "file://zlib.h;beginline=6;endline=23;md5=5377232268e952e9ef6
|
||||
|
||||
# The source tarball needs to be .gz as only the .gz ends up in fossils/
|
||||
SRC_URI = "https://zlib.net/${BP}.tar.gz \
|
||||
file://cc.patch \
|
||||
file://ldflags-tests.patch \
|
||||
file://0001-configure-Pass-LDFLAGS-to-link-tests.patch \
|
||||
file://run-ptest \
|
||||
file://0001-Correct-incorrect-inputs-provided-to-the-CRC-functio.patch \
|
||||
file://0001-Fix-a-bug-when-getting-a-gzip-header-extra-field-wit.patch \
|
||||
file://0001-Fix-extra-field-processing-bug-that-dereferences-NUL.patch \
|
||||
"
|
||||
UPSTREAM_CHECK_URI = "http://zlib.net/"
|
||||
|
||||
SRC_URI[sha256sum] = "91844808532e5ce316b3c010929493c0244f3d37593afd6de04f71821d5136d9"
|
||||
SRC_URI[sha256sum] = "b3a24de97a8fdbc835b9833169501030b8977031bcb54b3b3ac13740f846ab30"
|
||||
|
||||
# When a new release is made the previous release is moved to fossils/, so add this
|
||||
# to PREMIRRORS so it is also searched automatically.
|
||||
Reference in New Issue
Block a user