meta-openembedded and poky: subtree updates
Squash of the following due to dependencies among them
and OpenBMC changes:
meta-openembedded: subtree update:d0748372d2..9201611135
meta-openembedded: subtree update:9201611135..17fd382f34
poky: subtree update:9052e5b32a..2e11d97b6c
poky: subtree update:2e11d97b6c..a8544811d7
The change log was too large for the jenkins plugin
to handle therefore it has been removed. Here is
the first and last commit of each subtree:
meta-openembedded:d0748372d2
cppzmq: bump to version 4.6.0
meta-openembedded:17fd382f34
mpv: Remove X11 dependency
poky:9052e5b32a
package_ipk: Remove pointless comment to trigger rebuild
poky:a8544811d7
pbzip2: Fix license warning
Change-Id: If0fc6c37629642ee207a4ca2f7aa501a2c673cd6
Signed-off-by: Andrew Geissler <geissonator@yahoo.com>
diff --git a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch b/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch
deleted file mode 100644
index 0a30544..0000000
--- a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch
+++ /dev/null
@@ -1,346 +0,0 @@
-From ebf9a2d776474181936a720ce811d72bbd1da3b6 Mon Sep 17 00:00:00 2001
-From: Pavel Raiskup <praiskup@redhat.com>
-Date: Tue, 26 Jan 2016 23:17:54 +0100
-Subject: [PATCH] CVE-2016-2037 - 1 byte out-of-bounds write
-
-Ensure that cpio_safer_name_suffix always works with dynamically
-allocated buffer, and that it has size of at least 32 bytes.
-Then, any call to cpio_safer_name_suffix is safe (it requires at
-least 2 bytes in the buffer).
-
-Also ensure that c_namesize is always correctly initialized (by
-cpio_set_c_name) to avoid undefined behavior when reading
-file_hdr.c_namesize (previously happened for tar archives).
-
-References:
-http://www.mail-archive.com/bug-cpio@gnu.org/msg00545.html
-
-* src/copyin.c (query_rename): Drop the hack, as we now work with
-dynamically allocated buffer. Use cpio_set_c_name.
-(create_defered_links_to_skipped): Use cpio_set_c_name rather than
-manual assignment.
-(read_name_from_file): New function to avoid C&P.
-(read_in_old_ascii, read_in_new_ascii, read_in_binary): Use
-read_name_from_file.
-(process_copy_in): Initialize file_hdr.c_namesize.
-* src/copyout.c (process_copy_out): Use cpio_set_c_name.
-* src/cpiohdr.h (cpio_set_c_name): New prototype.
-* src/tar.c (read_in_tar_header): Use cpio_set_c_name.
-* src/util.c (cpio_set_c_name): New function to set
-file_hdr->c_name and c_namesize from arbitrary string.
-(cpio_safer_name_suffix): Some docs fixes.
-* tests/inout.at: Also test copy-in, and try various formats.
-
-CVE: CVE-2016-2037
-
-Upstream-Status: Backport [http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=d36ec5f4e93130efb24fb9678aafd88e8070095b]
-
-Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
----
- src/copyin.c | 68 +++++++++++++++++++---------------------------------------
- src/copyout.c | 13 +++++------
- src/cpiohdr.h | 1 +
- src/tar.c | 10 +++++----
- src/util.c | 32 ++++++++++++++++++++++++++-
- tests/inout.at | 19 ++++++++++++++--
- 6 files changed, 82 insertions(+), 61 deletions(-)
-
-diff --git a/src/copyin.c b/src/copyin.c
-index cde911e..972f8a6 100644
---- a/src/copyin.c
-+++ b/src/copyin.c
-@@ -76,28 +76,7 @@ query_rename(struct cpio_file_stat* file_hdr, FILE *tty_in, FILE *tty_out,
- return -1;
- }
- else
-- /* Debian hack: file_hrd.c_name is sometimes set to
-- point to static memory by code in tar.c. This
-- causes a segfault. This has been fixed and an
-- additional check to ensure that the file name
-- is not too long has been added. (Reported by
-- Horst Knobloch.) This bug has been reported to
-- "bug-gnu-utils@prep.ai.mit.edu". (99/1/6) -BEM */
-- {
-- if (archive_format != arf_tar && archive_format != arf_ustar)
-- {
-- free (file_hdr->c_name);
-- file_hdr->c_name = xstrdup (new_name.ds_string);
-- }
-- else
-- {
-- if (is_tar_filename_too_long (new_name.ds_string))
-- error (0, 0, _("%s: file name too long"),
-- new_name.ds_string);
-- else
-- strcpy (file_hdr->c_name, new_name.ds_string);
-- }
-- }
-+ cpio_set_c_name (file_hdr, new_name.ds_string);
- return 0;
- }
- �
-@@ -344,8 +323,7 @@ create_defered_links_to_skipped (struct cpio_file_stat *file_hdr,
- d_prev->next = d->next;
- else
- deferments = d->next;
-- free (file_hdr->c_name);
-- file_hdr->c_name = xstrdup(d->header.c_name);
-+ cpio_set_c_name (file_hdr, d->header.c_name);
- free_deferment (d);
- copyin_regular_file(file_hdr, in_file_des);
- return 0;
-@@ -1064,6 +1042,22 @@ read_in_header (struct cpio_file_stat *file_hdr, int in_des)
- }
- }
-
-+static void
-+read_name_from_file (struct cpio_file_stat *file_hdr, int fd, uintmax_t len)
-+{
-+ static char *tmp_filename;
-+ static size_t buflen;
-+
-+ if (buflen < len)
-+ {
-+ buflen = len;
-+ tmp_filename = xrealloc (tmp_filename, buflen);
-+ }
-+
-+ tape_buffered_read (tmp_filename, fd, len);
-+ cpio_set_c_name (file_hdr, tmp_filename);
-+}
-+
- /* Fill in FILE_HDR by reading an old-format ASCII format cpio header from
- file descriptor IN_DES, except for the magic number, which is
- already filled in. */
-@@ -1090,14 +1084,8 @@ read_in_old_ascii (struct cpio_file_stat *file_hdr, int in_des)
- file_hdr->c_rdev_min = minor (dev);
-
- file_hdr->c_mtime = FROM_OCTAL (ascii_header.c_mtime);
-- file_hdr->c_namesize = FROM_OCTAL (ascii_header.c_namesize);
- file_hdr->c_filesize = FROM_OCTAL (ascii_header.c_filesize);
--
-- /* Read file name from input. */
-- if (file_hdr->c_name != NULL)
-- free (file_hdr->c_name);
-- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize + 1);
-- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize);
-+ read_name_from_file (file_hdr, in_des, FROM_OCTAL (ascii_header.c_namesize));
-
- /* HP/UX cpio creates archives that look just like ordinary archives,
- but for devices it sets major = 0, minor = 1, and puts the
-@@ -1152,14 +1140,8 @@ read_in_new_ascii (struct cpio_file_stat *file_hdr, int in_des)
- file_hdr->c_dev_min = FROM_HEX (ascii_header.c_dev_min);
- file_hdr->c_rdev_maj = FROM_HEX (ascii_header.c_rdev_maj);
- file_hdr->c_rdev_min = FROM_HEX (ascii_header.c_rdev_min);
-- file_hdr->c_namesize = FROM_HEX (ascii_header.c_namesize);
- file_hdr->c_chksum = FROM_HEX (ascii_header.c_chksum);
--
-- /* Read file name from input. */
-- if (file_hdr->c_name != NULL)
-- free (file_hdr->c_name);
-- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize);
-- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize);
-+ read_name_from_file (file_hdr, in_des, FROM_HEX (ascii_header.c_namesize));
-
- /* In SVR4 ASCII format, the amount of space allocated for the header
- is rounded up to the next long-word, so we might need to drop
-@@ -1207,16 +1189,9 @@ read_in_binary (struct cpio_file_stat *file_hdr,
- file_hdr->c_rdev_min = minor (short_hdr->c_rdev);
- file_hdr->c_mtime = (unsigned long) short_hdr->c_mtimes[0] << 16
- | short_hdr->c_mtimes[1];
--
-- file_hdr->c_namesize = short_hdr->c_namesize;
- file_hdr->c_filesize = (unsigned long) short_hdr->c_filesizes[0] << 16
- | short_hdr->c_filesizes[1];
--
-- /* Read file name from input. */
-- if (file_hdr->c_name != NULL)
-- free (file_hdr->c_name);
-- file_hdr->c_name = (char *) xmalloc (file_hdr->c_namesize);
-- tape_buffered_read (file_hdr->c_name, in_des, (long) file_hdr->c_namesize);
-+ read_name_from_file (file_hdr, in_des, short_hdr->c_namesize);
-
- /* In binary mode, the amount of space allocated in the header for
- the filename is `c_namesize' rounded up to the next short-word,
-@@ -1297,6 +1272,7 @@ process_copy_in ()
- read_pattern_file ();
- }
- file_hdr.c_name = NULL;
-+ file_hdr.c_namesize = 0;
-
- if (rename_batch_file)
- {
-diff --git a/src/copyout.c b/src/copyout.c
-index 1f0987a..bb39559 100644
---- a/src/copyout.c
-+++ b/src/copyout.c
-@@ -660,8 +660,7 @@ process_copy_out ()
- cpio_safer_name_suffix (input_name.ds_string, false,
- !no_abs_paths_flag, true);
- #ifndef HPUX_CDF
-- file_hdr.c_name = input_name.ds_string;
-- file_hdr.c_namesize = strlen (input_name.ds_string) + 1;
-+ cpio_set_c_name (&file_hdr, input_name.ds_string);
- #else
- if ( (archive_format != arf_tar) && (archive_format != arf_ustar) )
- {
-@@ -670,16 +669,15 @@ process_copy_out ()
- properly recreate the directory as hidden (in case the
- files of a directory go into the archive before the
- directory itself (e.g from "find ... -depth ... | cpio")). */
-- file_hdr.c_name = add_cdf_double_slashes (input_name.ds_string);
-- file_hdr.c_namesize = strlen (file_hdr.c_name) + 1;
-+ cpio_set_c_name (&file_hdr,
-+ add_cdf_double_slashes (input_name.ds_string));
- }
- else
- {
- /* We don't mark CDF's in tar files. We assume the "hidden"
- directory will always go into the archive before any of
- its files. */
-- file_hdr.c_name = input_name.ds_string;
-- file_hdr.c_namesize = strlen (input_name.ds_string) + 1;
-+ cpio_set_c_name (&file_hdr, input_name.ds_string);
- }
- #endif
-
-@@ -866,8 +864,7 @@ process_copy_out ()
- file_hdr.c_chksum = 0;
-
- file_hdr.c_filesize = 0;
-- file_hdr.c_namesize = 11;
-- file_hdr.c_name = CPIO_TRAILER_NAME;
-+ cpio_set_c_name (&file_hdr, CPIO_TRAILER_NAME);
- if (archive_format != arf_tar && archive_format != arf_ustar)
- write_out_header (&file_hdr, out_file_des);
- else
-diff --git a/src/cpiohdr.h b/src/cpiohdr.h
-index b29e6fb..f4c63be 100644
---- a/src/cpiohdr.h
-+++ b/src/cpiohdr.h
-@@ -129,5 +129,6 @@ struct cpio_file_stat /* Internal representation of a CPIO header */
- char *c_tar_linkname;
- };
-
-+void cpio_set_c_name(struct cpio_file_stat *file_hdr, char *name);
-
- #endif /* cpiohdr.h */
-diff --git a/src/tar.c b/src/tar.c
-index a2ce171..e41f89d 100644
---- a/src/tar.c
-+++ b/src/tar.c
-@@ -282,7 +282,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des)
- if (null_block ((long *) &tar_rec, TARRECORDSIZE))
- #endif
- {
-- file_hdr->c_name = CPIO_TRAILER_NAME;
-+ cpio_set_c_name (file_hdr, CPIO_TRAILER_NAME);
- return;
- }
- #if 0
-@@ -316,9 +316,11 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des)
- }
-
- if (archive_format != arf_ustar)
-- file_hdr->c_name = stash_tar_filename (NULL, tar_hdr->name);
-+ cpio_set_c_name (file_hdr, stash_tar_filename (NULL, tar_hdr->name));
- else
-- file_hdr->c_name = stash_tar_filename (tar_hdr->prefix, tar_hdr->name);
-+ cpio_set_c_name (file_hdr, stash_tar_filename (tar_hdr->prefix,
-+ tar_hdr->name));
-+
- file_hdr->c_nlink = 1;
- file_hdr->c_mode = FROM_OCTAL (tar_hdr->mode);
- file_hdr->c_mode = file_hdr->c_mode & 07777;
-@@ -398,7 +400,7 @@ read_in_tar_header (struct cpio_file_stat *file_hdr, int in_des)
- case AREGTYPE:
- /* Old tar format; if the last char in filename is '/' then it is
- a directory, otherwise it's a regular file. */
-- if (file_hdr->c_name[strlen (file_hdr->c_name) - 1] == '/')
-+ if (file_hdr->c_name[file_hdr->c_namesize - 1] == '/')
- file_hdr->c_mode |= CP_IFDIR;
- else
- file_hdr->c_mode |= CP_IFREG;
-diff --git a/src/util.c b/src/util.c
-index 6ff6032..4f3c073 100644
---- a/src/util.c
-+++ b/src/util.c
-@@ -1410,8 +1410,34 @@ set_file_times (int fd,
- utime_error (name);
- }
-
-+
-+void
-+cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name)
-+{
-+ static size_t buflen = 0;
-+ size_t len = strlen (name) + 1;
-+
-+ if (buflen == 0)
-+ {
-+ buflen = len;
-+ if (buflen < 32)
-+ buflen = 32;
-+ file_hdr->c_name = xmalloc (buflen);
-+ }
-+ else if (buflen < len)
-+ {
-+ buflen = len;
-+ file_hdr->c_name = xrealloc (file_hdr->c_name, buflen);
-+ }
-+
-+ file_hdr->c_namesize = len;
-+ memmove (file_hdr->c_name, name, len);
-+}
-+
- /* Do we have to ignore absolute paths, and if so, does the filename
-- have an absolute path? */
-+ have an absolute path? Before calling this function make sure that the
-+ allocated NAME buffer has capacity at least 2 bytes. */
-+
- void
- cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names,
- bool strip_leading_dots)
-@@ -1426,6 +1452,10 @@ cpio_safer_name_suffix (char *name, bool link_target, bool absolute_names,
- ++p;
- }
- if (p != name)
-+ /* The 'p' string is shortened version of 'name' with one exception; when
-+ the 'name' points to an empty string (buffer where name[0] == '\0') the
-+ 'p' then points to static string ".". So caller needs to ensure there
-+ are at least two bytes available in 'name' buffer so memmove succeeds. */
- memmove (name, p, (size_t)(strlen (p) + 1));
- }
-
-diff --git a/tests/inout.at b/tests/inout.at
-index 60c3716..730cbd2 100644
---- a/tests/inout.at
-+++ b/tests/inout.at
-@@ -35,7 +35,22 @@ while read NAME LENGTH
- do
- genfile --length $LENGTH > $NAME
- echo $NAME
--done < filelist |
-- cpio --quiet -o > archive])
-+done < filelist > filelist_raw
-+
-+for format in bin odc newc crc tar ustar hpbin hpodc
-+do
-+ cpio --format=$format --quiet -o < filelist_raw > archive.$format
-+ rm -rf output
-+ mkdir output && cd output
-+ cpio -i --quiet < ../archive.$format
-+
-+ while read file
-+ do
-+ test -f $file || echo "$file not found"
-+ done < ../filelist_raw
-+
-+ cd ..
-+done
-+])
-
- AT_CLEANUP
---
-1.9.1
-
diff --git a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch b/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
deleted file mode 100644
index 5c99919..0000000
--- a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-CVE-2015-1197.patch
+++ /dev/null
@@ -1,178 +0,0 @@
-From dcee489f821c1260a0136fcdfdb6ff4dd11086ac Mon Sep 17 00:00:00 2001
-From: Alexander Kanavin <alex.kanavin@gmail.com>
-Date: Wed, 9 Dec 2015 17:58:03 +0200
-Subject: [PATCH] Fix CVE-2015-1197
-
-Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197.
-Upstream is dormant or no longer existing. To restore the old
-behaviour use --extract-over-symlinks (Closes: #774669)
-This issue has been discovered by Alexander Cherepanov.
-Author: Vitezslav Cizek <vcizek@suse.cz>
-Bug-Debian: https://bugs.debian.org/774669
-
-Upstream-Status: Pending
-CVE: CVE-2015-1197
-Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
-Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
-
----
- doc/cpio.1 | 1 +
- src/copyin.c | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- src/extern.h | 1 +
- src/global.c | 3 +++
- src/main.c | 7 +++++++
- 5 files changed, 74 insertions(+)
-
-diff --git a/doc/cpio.1 b/doc/cpio.1
-index 2a68241..dc4676c 100644
---- a/doc/cpio.1
-+++ b/doc/cpio.1
-@@ -49,6 +49,7 @@ cpio \- copy files to and from archives
- [\fB\-\-no\-preserve\-owner\fR] [\fB\-\-message=\fIMESSAGE\fR]
- [\fB\-\-force\-local\fR] [\fB\-\-no\-absolute\-filenames\fR] [\fB\-\-sparse\fR]
- [\fB\-\-only\-verify\-crc\fR] [\fB\-\-to\-stdout\fR] [\fB\-\-quiet\fR]
-+[\fB\-\-extract\-over\-symlinks\fR]
- [\fB\-\-rsh\-command=\fICOMMAND\fR]
- [\fIpattern\fR...] [\fB<\fR \fIarchive\fR]
-
-diff --git a/src/copyin.c b/src/copyin.c
-index cde911e..053afe7 100644
---- a/src/copyin.c
-+++ b/src/copyin.c
-@@ -695,6 +695,51 @@ copyin_link (struct cpio_file_stat *file_hdr, int in_file_des)
- free (link_name);
- }
- �
-+
-+static int
-+path_contains_symlink(char *path)
-+{
-+ struct stat st;
-+ char *slash;
-+ char *nextslash;
-+
-+ /* we got NULL pointer or empty string */
-+ if (!path || !*path) {
-+ return false;
-+ }
-+
-+ slash = path;
-+
-+ while ((nextslash = strchr(slash + 1, '/')) != NULL) {
-+ slash = nextslash;
-+ *slash = '\0';
-+
-+ if (lstat(path, &st) != 0) {
-+ if (errno == ELOOP) {
-+ /* ELOOP - too many symlinks */
-+ *slash = '/';
-+ return true;
-+ } else if (errno == ENOMEM) {
-+ /* No memory for lstat - terminate */
-+ xalloc_die();
-+ } else {
-+ /* cannot lstat path - give up */
-+ *slash = '/';
-+ return false;
-+ }
-+ }
-+
-+ if (S_ISLNK(st.st_mode)) {
-+ *slash = '/';
-+ return true;
-+ }
-+
-+ *slash = '/';
-+ }
-+
-+ return false;
-+}
-+
- static void
- copyin_file (struct cpio_file_stat *file_hdr, int in_file_des)
- {
-@@ -1468,6 +1513,23 @@ process_copy_in ()
- {
- /* Copy the input file into the directory structure. */
-
-+ /* Can we write files over symlinks? */
-+ if (!extract_over_symlinks)
-+ {
-+ if (path_contains_symlink(file_hdr.c_name))
-+ {
-+ /* skip the file */
-+ /*
-+ fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name);
-+ tape_toss_input (in_file_des, file_hdr.c_filesize);
-+ tape_skip_padding (in_file_des, file_hdr.c_filesize);
-+ continue;
-+ */
-+ /* terminate */
-+ error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name);
-+ }
-+ }
-+
- /* Do we need to rename the file? */
- if (rename_flag || rename_batch_file)
- {
-diff --git a/src/extern.h b/src/extern.h
-index e27d662..d864bde 100644
---- a/src/extern.h
-+++ b/src/extern.h
-@@ -96,6 +96,7 @@ extern char input_is_special;
- extern char output_is_special;
- extern char input_is_seekable;
- extern char output_is_seekable;
-+extern bool extract_over_symlinks;
- extern int (*xstat) ();
- extern void (*copy_function) ();
- extern char *change_directory_option;
-diff --git a/src/global.c b/src/global.c
-index 57e505a..336fce4 100644
---- a/src/global.c
-+++ b/src/global.c
-@@ -187,6 +187,9 @@ bool to_stdout_option = false;
- /* The name this program was run with. */
- char *program_name;
-
-+/* Extract files over symbolic links */
-+bool extract_over_symlinks;
-+
- /* A pointer to either lstat or stat, depending on whether
- dereferencing of symlinks is done for input files. */
- int (*xstat) ();
-diff --git a/src/main.c b/src/main.c
-index a13861f..87cb309 100644
---- a/src/main.c
-+++ b/src/main.c
-@@ -59,6 +59,7 @@ enum cpio_options {
- DEBUG_OPTION,
- BLOCK_SIZE_OPTION,
- TO_STDOUT_OPTION,
-+ EXTRACT_OVER_SYMLINKS,
- RENUMBER_INODES_OPTION,
- IGNORE_DEVNO_OPTION,
- DEVICE_INDEPENDENT_OPTION
-@@ -243,6 +244,8 @@ static struct argp_option options[] = {
- N_("Create leading directories where needed"), GRID+1 },
- {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0,
- N_("Do not change the ownership of the files"), GRID+1 },
-+ {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0,
-+ N_("Force writing over symbolic links"), GRID+1 },
- {"unconditional", 'u', NULL, 0,
- N_("Replace all files unconditionally"), GRID+1 },
- {"sparse", SPARSE_OPTION, NULL, 0,
-@@ -432,6 +435,10 @@ crc newc odc bin ustar tar (all-caps also recognized)"), arg));
- no_chown_flag = true;
- break;
-
-+ case EXTRACT_OVER_SYMLINKS: /* --extract-over-symlinks */
-+ extract_over_symlinks = true;
-+ break;
-+
- case 'o': /* Copy-out mode. */
- if (copy_function != 0)
- USAGE_ERROR ((0, 0, _("Mode already defined")));
---
-2.6.2
-
diff --git a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch b/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch
deleted file mode 100644
index ec8b303..0000000
--- a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Fix-segfault-with-append.patch
+++ /dev/null
@@ -1,51 +0,0 @@
-Upstream-Status: Backport
-Signed-off-by: Ross Burton <ross.burton@intel.com>
-
-From 32d95fe0c90c59352a0ce3102fc9866cbfb0f629 Mon Sep 17 00:00:00 2001
-From: Sergey Poznyakoff <gray@gnu.org>
-Date: Sat, 1 Dec 2018 11:40:02 +0200
-Subject: [PATCH] Fix sigfault when appending to archive
-
-Bug reported by Ross Burton. See
-<http://lists.gnu.org/archive/html/bug-cpio/2018-11/msg00000.html>
-
-* src/util.c: Keep static copy of the buffer pointer; always
-assign it to file_hdr->c_name. Use x2realloc for memory management.
----
- src/util.c | 17 ++++-------------
- 1 file changed, 4 insertions(+), 13 deletions(-)
-
-diff --git a/src/util.c b/src/util.c
-index 10486dc..4e49124 100644
---- a/src/util.c
-+++ b/src/util.c
-@@ -1413,22 +1413,13 @@ set_file_times (int fd,
- void
- cpio_set_c_name (struct cpio_file_stat *file_hdr, char *name)
- {
-+ static char *buf = NULL;
- static size_t buflen = 0;
- size_t len = strlen (name) + 1;
-
-- if (buflen == 0)
-- {
-- buflen = len;
-- if (buflen < 32)
-- buflen = 32;
-- file_hdr->c_name = xmalloc (buflen);
-- }
-- else if (buflen < len)
-- {
-- buflen = len;
-- file_hdr->c_name = xrealloc (file_hdr->c_name, buflen);
-- }
--
-+ while (buflen < len)
-+ buf = x2realloc (buf, &buflen);
-+ file_hdr->c_name = buf;
- file_hdr->c_namesize = len;
- memmove (file_hdr->c_name, name, len);
- }
---
-2.18.0
-
diff --git a/poky/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch b/poky/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch
similarity index 100%
rename from poky/meta/recipes-extended/cpio/cpio-2.12/0001-Unset-need_charset_alias-when-building-for-musl.patch
rename to poky/meta/recipes-extended/cpio/cpio-2.13/0001-Unset-need_charset_alias-when-building-for-musl.patch
diff --git a/poky/meta/recipes-extended/cpio/cpio_2.12.bb b/poky/meta/recipes-extended/cpio/cpio_2.13.bb
similarity index 80%
rename from poky/meta/recipes-extended/cpio/cpio_2.12.bb
rename to poky/meta/recipes-extended/cpio/cpio_2.13.bb
index 3713bf0..ecea8c6 100644
--- a/poky/meta/recipes-extended/cpio/cpio_2.12.bb
+++ b/poky/meta/recipes-extended/cpio/cpio_2.13.bb
@@ -8,13 +8,10 @@
SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
file://0001-Unset-need_charset_alias-when-building-for-musl.patch \
- file://0001-Fix-CVE-2015-1197.patch \
- file://0001-CVE-2016-2037-1-byte-out-of-bounds-write.patch \
- file://0001-Fix-segfault-with-append.patch \
"
-SRC_URI[md5sum] = "fc207561a86b63862eea4b8300313e86"
-SRC_URI[sha256sum] = "08a35e92deb3c85d269a0059a27d4140a9667a6369459299d08c17f713a92e73"
+SRC_URI[md5sum] = "389c5452d667c23b5eceb206f5000810"
+SRC_URI[sha256sum] = "e87470d9c984317f658567c03bfefb6b0c829ff17dbf6b0de48d71a4c8f3db88"
inherit autotools gettext texinfo