Fix CVE-2021-32765: Hiredis is a minimalistic C client library for the
Redis database. In affected versions Hiredis is vulnurable to integer
overflow if provided maliciously crafted or corrupted `RESP` `mult-bulk`
protocol data. When parsing `multi-bulk` (array-like) replies, hiredis
fails to check if `count * sizeof(redisReply*)` can be represented in
`SIZE_MAX`. If it can not, and the `calloc()` call doesn't itself make
this check, it would result in a short allocation and subsequent buffer
overflow.
https://github.com/redis/hiredis/blob/v1.0.2/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Changelog (since 1.68):
- 1.69, 2021-03-30 Added link to Ada bindings by Tama McGlinn.
Fixed problem with undefined off_t on some compilers.
- 1.70, Patch to ensure compilation with gcc -std=c99, as reported by
John Blaiklock. Fix some inconsistencies in version numbers.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Commit b36c4e594c forgot to remove
board/qemu/csky abd configs/qemu_csky* from DEVELOPERS file
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Provide convenience links for BCM43455/CYW43455 based RPi3A+, RPi3B+
and RPi4B WIFI firmware configuration files to avoid runtime firmware
loading warning in the kernel logs, e.g. (RPi3B+):
brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,3-model-b-plus.txt failed with error -2
or (RP4B):
brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.raspberrypi,4-model-b.txt failed with error -2
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[me: slight rewording/rewrapping in commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add option for the debug set of start/fixup boot files.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Try to be less smart (focused on the one target/one use-case),
instead reduce the rpi-firmware package to a selectable list
of (verbatim) installed firmware files.
- change rpi-firmware config handling from rpi-variant/rpi-flavour
choices to bootcode.bin, pi-default/-extended/-cut-down and
pi4-/default/-extended/-cut-down selection
- add BR2_PACKAGE_RPI_FIRMWARE_CONFIG_FILE option to select installable
config.txt file
- remove config.txt modify code/handling from raspberry post-image.sh
script
- add different customized config.txt files to the raspberry board
section
- change dtoverlay krnbt from 'dtoverlay=miniuart-bt,krnbt=on' to extra line
with explanation comment
- change raspberry defconfigs to select appropiate rpi-firmware
and config.txt files
- change genimage-raspberrypi4.cfg/genimage-raspberrypi4-64.cfg to
use start4.elf and fixup4.dat
- update board/raspberrypi/readme.txt (add optional files fixup4.dat,
start4.elf and zImage)
With this changes a better support for custom use-cases should
be possible, specially multi-target SD cards as suggested by
Stefan Agner ([1]).
[1] http://lists.busybox.net/pipermail/buildroot/2021-February/303318.html
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: fix case of no config.txt provided]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Since the ubi/ubifs test has been introduced, it's not possible to
boot the same ubi image twice [1]:
"TODO: if you boot Qemu twice on the same UBI image, it fails to
attach the image the second time, with "ubi0 error:
ubi_read_volume_table: the layout volume was not found"."
For some reason, the kernel corrupt the ubi image if the ubifs
rootfs is mounted with write access. Use a custom config file
to mount the rootfs readonly (vol_type=static). Doing so requires
to add the flash size (vol_size=64MiB).
At least it allows to boot several times the same ubi image.
[1] bf4a6490e4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The current ubi/ubifs test (test_ubi.py) rely on a Qemu bug present in
2.8.0 that was fixed in Qemu 2.9.0 [1]. The ubi/ubifs settings is
updated to run with Qemu >= 2.9.0 using the new multiple chip handling.
If needed, the old behavior can be enabled using the pflash01 property
"old-multiple-chip-handling" [2].
The issue was not detected until now since we are sill using an old
qemu (2.8 from Debian stretch) for testing in gitlab (using the
Buildroot Docker image used by gitlab-ci.yml).
First the logical eraseblock size (LEB) must be updated to the value
0x3ff80 reported by the kernel when using qemu >= 2.9.0.
UBIFS (ubi0:0): Mounting in unauthenticated mode
UBIFS error (ubi0:0 pid 1): ubifs_read_superblock: LEB size mismatch: 524160 in superblock, 262016 real
UBIFS error (ubi0:0 pid 1): ubifs_read_superblock: bad superblock, error 1
But the system is still failing to boot:
UBIFS error (ubi0:0 pid 1): ubifs_scan: garbage
UBIFS error (ubi0:0 pid 1): ubifs_recover_master_node: failed to recover master node
ubifs is reading garbage since Qemu >= 2.9.0 report a sector
length per device divided by the number of devices (see commit [1]).
The kernel detect two flash devices (dmesg):
Concatenating MTD devices:
(0): "40000000.flash"
(1): "40000000.flash"
into device "40000000.flash"
Divide the physical eraseblock (PEB) size by two.
Tested with qemu 2.9.0, 5.1.0.
Fixes:
https://gitlab.com/kubu93/buildroot/-/jobs/1543100932
[1] https://git.qemu.org/?p=qemu.git;a=commitdiff;h=feb0b1aa11f14ee71660aba46b46387d1f923c9e
[2] http://lists.busybox.net/pipermail/buildroot/2021-September/622069.html
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Adding the Image format on the Qemu command line avoid this warning:
"WARNING: Image format was not specified for 'output/TestUbi/images/rootfs.ubi' and probing guessed raw.
Automatically detecting the format is dangerous for raw images, write operations on block 0 will be restricted.
Specify the 'raw' format explicitly to remove the restrictions."
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 71b8322712 updated the Dockerfile
to be used in CI tests. In order to actually use this new docker image,
update .gitlab-ci.yml to point to the docker image that was created with
the updated Dockerfile.
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Reviewed-by: Romain Naour <romain.naour@gmail.com>
Tested-by: Romain Naour <romain.naour@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Binutils is the last part of the csky toolchain fork.
The csky support has been merged in binutils 2.32 [1].
[1] https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=9d24df82ece4e87a0328173d6bd31cb9ff558bb4
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We are going to remove the gcc fork for csky, first disable
the internal toolchain backend.
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
We are going to remove the gcc fork for csky since it doesn't build
with the latest compilers (gcc 8, 10, 11 tested) [1].
Removing theses defconfigs and the csky gcc fork has become unavoidable
since the Buildroot Docker image used by the gitlab CI will switch soon
to Debian bullseye soon [2].
The cksy gcc fork based on gcc 6 has not been updated since it has been
added to Buildroot [3]. Since then, csky has been added to binutils and
gcc but using the latest upstream version (binutils 2.37 and gcc 11) is
not yet possible due to build issue with glibc 2.34 [4].
Moreover, qemu_csky defconfigs was to be used with the csky qemu fork
(based on Qemu 3.x) added by commit [5] and removed by commit [6].
Since then it's not possible to do a runtime test with theses
defconfigs.
Theses defconfigs can be added back later if the csky toolchain support
is fixed and csky supported by upstream Qemu.
[1] http://lists.busybox.net/pipermail/buildroot/2021-August/621504.html
[2] 71b8322712
[3] 7873a5bd5e
[4] http://lists.busybox.net/pipermail/buildroot/2021-October/624596.html
[5] f816e5b276
[6] 58af9a70cc
Signed-off-by: Romain Naour <romain.naour@gmail.com>
Cc: Guo Ren <ren_guo@c-sky.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Asked-by: Guo Ren <guoren@kernel.org>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Buildroot CI has been failing due to 404 error on older U-Boot. Updating
the U-Boot version should fix it and it doesn't hurt to use the latest
U-Boot anyway.
Signed-off-by: David Lechner <david@lechnology.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a comment when kernel is not enabled (missing since the addition of
the package in commit 5b13fc05b3)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Add a comment when kernel is not enabled (missing since the addition of
the package in commit de591c5c3a)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the following build failure without C++ raised since bump to version
0.11.0 in commit c3a907a770:
../output-1/build/usbredir-0.11.0/meson.build:1:0: ERROR: Unknown compiler(s): [['/home/buildroot/autobuild/instance-3/output-1/host/bin/arm-linux-g++']]
The following exception(s) were encountered:
Running "/home/buildroot/autobuild/instance-3/output-1/host/bin/arm-linux-g++ --version" gave "[Errno 2] No such file or directory: '/home/buildroot/autobuild/instance-3/output-1/host/bin/arm-linux-g++'"
Fixes:
- http://autobuild.buildroot.org/results/eca1d8a2b73a769354ab1d24c7996be30f152138
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes CVE-2021-37600 (although the CVE is disputed).
Signed-off-by: Adam Duskett <aduskett@gmail.com>
[yann.morin.1998@free.fr: add reference to the CVE]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- MMU is mandatory since version 1.11 and
09b8935aba
- DESTDIR must be used since version 1.10 and
e35f9eabcb
so drop custom commands (LIBLOCKFILE_INSTALL_{STAGING,TARGET}_CMDS)
and replace patch by an upstreamable one
- Update hash of COPYRIGHT and add licenses/{GPL-2,LGPL-2} to license
files:
40f8d8092b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
nftbles' --with-debug option enables both debugging symbols (with -g)
and debugging macros (with -DDEBUG).
The former are globally driven by the BR2_ENABLE_DEBUG and BR2_DEBUG_n
set of options, and enforced in our toolchain wrapper; the latter should
be driven by the BR2_ENABLE_RUNTIME_DEBUG, but nftables only uses it to
activate an assert-like macro in its json output generator, so we can
well live without that.
So we just unconditionally disable debug in nftables.
Signed-off-by: Peter Seiderer <ps.report@gmx.net>
[yann.morin.1998@free.fr: write a commit log]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
- Update indentation in hash file (two spaces)
- Update hash of license file (update in year and authors)
https://www.inet.no/dante/announce-1.4.3
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
CVE-2020-7747 applies to the Javascript lightning-server project, and
not to the GNU Lightning project:
https://nvd.nist.gov/vuln/detail/CVE-2020-7747
Signed-off-by: Paul Cercueil <paul@crapouillou.net>
[yann.morin.1998@free.fr: reword commit log; add URL]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the follownig build failure on xtensa since bump to version 4.1.0 in
commit a47f332a20 and
eb7d894f22:
In file included from ./deps/double-conversion/double-conversion/bignum-dtoa.h:31,
from ./deps/double-conversion/double-conversion/bignum-dtoa.cc:30:
./deps/double-conversion/double-conversion/utils.h:92:2: error: #error Target architecture was not detected as supported by Double-Conversion.
92 | #error Target architecture was not detected as supported by Double-Conversion.
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/c75157538d7784809d935aefcb166e89c137c9b7
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the follownig build failure on microblaze since bump to version
4.1.0 in commit a47f332a20 and
eb7d894f22:
In file included from ./deps/double-conversion/double-conversion/bignum-dtoa.h:31,
from ./deps/double-conversion/double-conversion/bignum-dtoa.cc:30:
./deps/double-conversion/double-conversion/utils.h:92:2: error: #error Target architecture was not detected as supported by Double-Conversion.
92 | #error Target architecture was not detected as supported by Double-Conversion.
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/3cf5f266e0101a6c43f97801157fb6b2edce1ed0
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the follownig build failure on arc since bump to version 4.1.0 in
commit a47f332a20 and
eb7d894f22:
In file included from ./deps/double-conversion/double-conversion/bignum-dtoa.h:31,
from ./deps/double-conversion/double-conversion/bignum-dtoa.cc:30:
./deps/double-conversion/double-conversion/utils.h:92:2: error: #error Target architecture was not detected as supported by Double-Conversion.
92 | #error Target architecture was not detected as supported by Double-Conversion.
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/93f231c4a860f4467029a2c2e4fc0b67096b14f6
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fix the follownig build failure on or1k since bump to version 4.1.0 in
commit a47f332a20 and
eb7d894f22:
In file included from ./deps/double-conversion/double-conversion/bignum-dtoa.h:31,
from ./deps/double-conversion/double-conversion/bignum-dtoa.cc:30:
./deps/double-conversion/double-conversion/utils.h:92:2: error: #error Target architecture was not detected as supported by Double-Conversion.
92 | #error Target architecture was not detected as supported by Double-Conversion.
| ^~~~~
Fixes:
- http://autobuild.buildroot.org/results/a82f794f130b0c8d5d626c507bae2e22d15f801b
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
