Commit Graph

95 Commits

Author SHA1 Message Date
Peter Korsgaard
54a9495123 bash: add upstream security fixes to patch level 12
Fixes CVE-2017-5932 - Shell code execution on tab completion of specially
crafted files. For details, see the report:

https://github.com/jheyens/bash_completion_vuln/raw/master/2017-01-17.bash_completion_report.pdf

We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash with the following script:

for i in 06 07 08 09 10 11 12; do
	cat > bash44-0$i.patch << EOF
>From https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

EOF
	curl https://ftp.gnu.org/gnu/bash/bash-4.4-patches/bash44-0$i | \
		sed -e 's|^\*\*\* \.\./|*** |' -e 's|^--- |--- b/|' >> bash44-0$i.patch
done

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-08 09:46:13 +01:00
Peter Korsgaard
7841dd2dc2 bash: add upstream fixes to patch level 5
We unfortunately cannot easily download these because of the file names (not
ending in patch) and patch format (p0), so convert to p1 format and include
in package/bash.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-01-08 20:05:07 +01:00
Vicente Olivert Riera
cde22e1fd3 bash: bump version to 4.4
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-11-30 12:02:19 +01:00
Thomas Petazzoni
1dbd7b9910 package: move busybox show others dependency to per-package
Having the BR2_PACKAGE_BUSYBOX_SHOW_OTHERS dependencies in
package/Config.in is not very practical: it makes this file not very
readable, and puts the dependency away from the package itself, which
can sometimes be confusing. Therefore, this commit moves the dependency
in each package Config.in file.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-07-04 16:12:38 +02:00
Bernd Kuhls
e63ea7faa2 package/bash: bump to patchlevel 46
Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-06-29 22:07:48 +02:00
Gustavo Zacarias
b9d61200f6 bash re-enable parallel builds
They don't seem to be causing any issues after bumping to the 4.3.x
series and several tests.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Tested-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2016-03-12 23:55:06 +01:00
Gustavo Zacarias
4a37f3316c bash: bump to patchlevel 42
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2016-01-08 18:48:12 +01:00
James Knight
0610de1490 package/bash: indicate getcwd is malloc-supported
When Bash attempts to find the current working directory, it uses a C
library call `getcwd` to resolve it. When cross-compiling, the
configuration process cannot determine if the target system's C library
can support an "unfixed" path length. Therefore, Bash will fallback to a
size of `PATH_MAX` for determining the current working directory. When
using OverlayFS (and possible other file systems), this becomes an issue
since file paths can commonly exceed standard `PATH_MAX` length. This
typically results in the following error appearing:

   error retrieving current directory: [...]

Common C library `getcwd` calls can default to a higher limit (usually
the system's page size). The current configurable C libraries (as of at
least 2015.08) support a zero (0) size buffer length. Most use the
system's page size; musl, being an exception, which defaults to
`PATH_MAX` (as Bash was doing). Since these C libraries support
allocating buffer space with a zero (0) provided size, the following
configuration change allows Bash to support getting a larger-length'ed
working directory on target's that support it.

Signed-off-by: James Knight <james.knight@rockwellcollins.com>
Acked-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2015-09-04 16:45:42 +02:00
Gustavo Zacarias
47df048f8d bash: bump to patchlevel 33
Misc fixes.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-03-18 14:39:28 +01:00
Thomas Petazzoni
665e13c85e Rename BR2_PREFER_STATIC_LIB to BR2_STATIC_LIBS
Since a while, the semantic of BR2_PREFER_STATIC_LIB has been changed
from "prefer static libraries when possible" to "use only static
libraries". The former semantic didn't make much sense, since the user
had absolutely no control/idea of which package would use static
libraries, and which packages would not. Therefore, for quite some
time, we have been starting to enforce that BR2_PREFER_STATIC_LIB
should really build everything with static libraries.

As a consequence, this patch renames BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS, and adjust the Config.in option accordingly.

This also helps preparing the addition of other options to select
shared, shared+static or just static.

Note that we have verified that this commit can be reproduced by
simply doing a global rename of BR2_PREFER_STATIC_LIB to
BR2_STATIC_LIBS plus adding BR2_PREFER_STATIC_LIB to Config.in.legacy.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
2014-12-11 22:48:13 +01:00
Gustavo Zacarias
e97171db81 bash: switch to release tarball
Yay!
The release tarball allows us to drop sizable in-tree patches, so switch
to it.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-11-07 19:32:00 +01:00
Vicente Olivert Riera
9623ff651f bash: fix linking for static builds with uClibc toolchains
bash fails to link for static builds with uClibc toolchains due to
getenv redefinitions. This is caused because bash is unable to check if
getenv is already defined when cross-compiling, so it defaults to 'yes':

configure:14438: WARNING: cannot check getenv redefinition if cross
compiling -- defaulting to yes

We can avoid this redefinition by passing bash_cv_getenv_redef=no to the
configure script.

Related:
	http://lists.gnu.org/archive/html/bug-bash/2012-03/msg00052.html

Fixes:
	http://autobuild.buildroot.net/results/a20/a2007e6dbcfe53e7cd837ae642869ee26376826a/

Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Signed-off-by: Vicente Olivert Riera <Vincent.Riera@imgtec.com>
Reviewed-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-25 12:45:08 +02:00
Yann E. MORIN
02e5cef14c system: add option to choose what /bin/sh points to
Not all our shells do install a pointer to /bin/sh. Besides, between
those that do and multiple ones are enabled, the last one to install
wins the the symlink.

Add a new config choice in the system sub-menu that allows the user to
explicitly select the shell to provide /bin/sh. If busybox is not
enabled, default to using dash, a POSIX shell.

Remove the symlink creation from bash.mk at the same time.

Note: for every shell, we select them, except busybox, on which we
depend, on the assumption that we do not want to force busybox in case
the user decided not to enable it.

[Peter: remove redundant !BR2_PACKAGE_BUSYBOX dependency]
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Gustavo Zacarias <gustavo@zacarias.com.ar>
Cc: Arnout Vandecappelle <arnout@mind.be>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-12 15:51:38 +02:00
Gustavo Zacarias
350bd00ec5 bash: minor install tweaks
Remove the old symlink backup since we don't do uninstalls now.
Make the busybox dependency conditional shorter.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-10-08 19:28:34 +02:00
Gustavo Zacarias
acfa0ef4c7 bash: security bump to patchlevel 30
More security issues, sigh.
Also fix typo in pl29 patch.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-06 21:00:33 +02:00
Thomas De Schampheleire
aaffd209fa packages: rename FOO_CONF_OPT into FOO_CONF_OPTS
To be consistent with the recent change of FOO_MAKE_OPT into FOO_MAKE_OPTS,
make the same change for FOO_CONF_OPT.

Sed command used:
   find * -type f | xargs sed -i 's#_CONF_OPT\>#&S#g'

Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Reviewed-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-04 18:54:16 +02:00
Gustavo Zacarias
7e18438a70 bash: add more security patches
Apply new patches for a buffer overflow fix (pl28) and an invalid memory
access (pl29).
Rename combined patchlevel patch to be more graphic about the range.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-10-03 20:54:45 +02:00
Gustavo Zacarias
0905e9826a bash: update to patchlevel 27
Patches 26 and 27 are refiniments/improved checks on the CVE.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-28 21:51:13 +02:00
Gustavo Zacarias
d32d1d3e6a bash: security bump to patchlevel 25
Fixes CVE-2014-6271:

Under certain circumstances, bash will execute user code while
processing the environment for exported function definitions.

Also add hash file.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2014-09-24 22:55:54 +02:00
Gustavo Zacarias
7a95111e48 bash: always prefix readline
Always prefix the readline directory otherwise autodetection may pick up
the host readline when headers are available and target == host (or are
link-compatible). Fixes:
http://autobuild.buildroot.org/results/44a/44a962623be757143a3d6d37fc6cd14964094f79/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-03-01 20:39:35 +01:00
Gustavo Zacarias
3f5061a02d bash: bump to version 4.3
Switch to external readline support to potentially reduce target size.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2014-03-01 14:47:17 +01:00
Thomas De Schampheleire
eb7bd9ef61 packages: remove uninstall commands
Signed-off-by: Thomas De Schampheleire <thomas.de.schampheleire@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2013-12-06 09:40:40 +01:00
Arnout Vandecappelle
339868d244 bash: fails in parallel build
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-08-28 23:58:27 +02:00
Gustavo Zacarias
9e0f48c831 bash: fix static build
The static build needs some trickery, so make it happen. Fixes:
http://autobuild.buildroot.net/results/2b12868f8297a96d7abf7fcf526ca5eace73d66d/

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2013-08-13 10:17:57 +02:00
Alexandre Belloni
8dfd59d114 Normalize separator size to 80
Signed-off-by: Alexandre Belloni <alexandre.belloni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-06-06 22:30:24 +02:00
Thomas Petazzoni
895c6ce9b1 bash: add missing dependency on host-bison
Fixes:
http://autobuild.buildroot.org/results/dfedb4377a95e36e590c9a5a5853e3ed0ecbc247/build-end.log

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2013-03-26 08:45:15 +01:00
Arnout Vandecappelle (Essensium/Mind)
ef2d26003f bash: add license info
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-11-14 22:31:37 +01:00
Gustavo Zacarias
8add5064c3 bash: security bump to version 4.2 pl37
Bump bash to version 4.2 patchlevel 37.
Fixes CVE-2012-3410.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-08-24 23:47:56 +02:00
Thomas Petazzoni
99492e0dfa bash: add depends on MMU
Fixes the build failure at

  http://autobuild.buildroot.org/results/0434d99b51f535ac73bfcf1968b1c2b81b44ba61/build-end.log.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-30 21:20:02 +02:00
Arnout Vandecappelle (Essensium/Mind)
e1502ebc0c all packages: rename XXXTARGETS to xxx-package
Also remove the redundant $(call ...).

This is a purely mechanical change, performed with
find package linux toolchain boot -name \*.mk | \
  xargs sed -i -e 's/$(eval $(call GENTARGETS))/$(eval $(generic-package))/' \
               -e 's/$(eval $(call AUTOTARGETS))/$(eval $(autotools-package))/' \
               -e 's/$(eval $(call CMAKETARGETS))/$(eval $(cmake-package))/'

Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2012-07-17 20:23:05 +02:00
Gustavo Zacarias
5bedeb2fb3 bash: bump to version 4.2 pl20
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-01-24 23:41:22 +01:00
Arnout Vandecappelle (Essensium/Mind)
b367ca32e5 bash: Adding features that can not be automatically detected while cross-compiling
There are some bash features that can not be detected automatically during
configure stage while cross-compiling. This commit forces them on.

Signed-off-by: Arkady Gilinsky <arcadyg@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2012-01-20 09:06:00 +01:00
Gustavo Zacarias
6ba2d9e28c bash: bump to version 4.2 pl10
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-11-14 09:24:53 +01:00
Thomas Petazzoni
300f9c9c9d package: remove useless arguments from AUTOTARGETS
Thanks to the pkgparentdir and pkgname functions, we can rewrite the
AUTOTARGETS macro in a way that avoids the need for each package to
repeat its name and the directory in which it is present.

[Peter: pkgdir->pkgparentdir]
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-09-29 23:12:27 +02:00
Gustavo Zacarias
0cce9228a1 bash: build after busybox
Make sure bash builds after busybox when it's enabled to override
busybox's /bin/sh symlink with bash.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2011-01-17 21:06:38 +01:00
Gustavo Zacarias
d51948317b bash: fix build issues reported by Dmitry Ivanov, update to pl9
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-11-19 10:16:16 +01:00
Gustavo Zacarias
3404ad7c4f bash: bump to 4.1.7(1) and migrate to autotargets
Closes #1993

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-07-01 21:42:32 +02:00
Thomas Petazzoni
ef785f61ad Do not let packages remove man pages, info pages and documentation
The cleanup of $(TARGET_DIR)/usr/share/man, $(TARGET_DIR)/usr/man,
$(TARGET_DIR)/usr/share/info, $(TARGET_DIR)/usr/info,
$(TARGET_DIR)/usr/share/doc and $(TARGET_DIR)/usr/doc is already done
globally in the main Makefile. Therefore, there's no need to handle
that on a per-package basis.

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2010-04-11 06:01:08 +02:00
Lionel Landwerlin
5082e476d1 bash: fix configuration
Patch bash32-011 modifies the configure.in script. Therefor we need to
run autoconf before launching the configure script. Otherwise, once
the configure script called, the makefile's dependencies over
configure.in will relaunch autoconf without options/environnement
variables we usually set when calling configure.

[Peter: use our own host-autoconf instead of what's on the host]
Signed-off-by: Lionel Landwerlin <llandwerlin@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-01-28 17:50:54 +01:00
Lionel Landwerlin
21ebd57287 bash: remove CC variable when calling make
So "/opt/whatever_toolchain/gcc --sysroot $(STAGING_DIR)" isn't
stripped to "/opt/whatever_toolchain/gcc", making gcc to look at
$(ORIGINAL_TOOLCHAIN_DIRECTORY)/usr/include instead of
$(STAGING_DIR)/usr/include. For more CC is already filled when
running the configure script.

This problem should only be visible with an external toolchain.

Signed-off-by: Lionel Landwerlin <llandwerlin@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2010-01-28 16:34:59 +01:00
Peter Korsgaard
3fdf0bffb8 buildroot: silence ./configure step when building with 'make -s'
We have been passing -q to ./configure when using 'make -s' for
packages using Makefile.autotools.in for some time. Do the same
for packages using autotools, but not using the
Makefile.autotools.in infrastructure, taking care to not do it
for packages with hand written configure scripts.

Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-10-01 21:24:42 +02:00
Will Newton
422ce6536b package: Remove unnecessary dependencies on uclibc.
A C library will have been built by the toolchain makefiles, so there is no
need for packages to explicitly depend on uclibc.

Signed-off-by: Will Newton <will.newton@gmail.com>
Signed-off-by: Peter Korsgaard <jacmet@sunsite.dk>
2009-09-03 20:22:38 +02:00
Peter Korsgaard
4a7bfd2775 package/: convert to DOWNLOAD helper 2009-01-16 11:42:52 +00:00
Peter Korsgaard
ac1d92c425 package/: get rid of unneeded $(strip ..) 2008-12-08 08:15:27 +00:00
Wade Berrier
6f6893c633 bash.mk:
-Force some autoconf options so that job control
 is turned on.
 (Otherwise these checks fail when cross compiling.
  And when job control is disabled, bash can't be
  the default shell)
2008-10-06 19:09:14 +00:00
Peter Korsgaard
4683420c4c Kconfig: remove 'default n'
'default n' is the default, so there's no need to say it explicitly.
2008-07-17 20:01:44 +00:00
Nigel Kukard
02d713dcdd * Fixed bash patches 2008-05-01 19:07:58 +00:00
Nigel Kukard
4b751965ef * Sync'd bash patches to upstream 2008-04-29 20:03:03 +00:00
Hamish Moffatt
af510f4e19 Applied patch from Nathanael D. Noblet <nathanael@gnat.ca> to fix
broken GNU download paths. Also fix gnuchess, xboard and classpath
packages to use $(BR2_GNU_MIRROR) rather than hardcoded urls.
2008-03-26 03:28:09 +00:00
John Voltz
1163cf741c added debug option 2008-03-11 18:12:15 +00:00