Staging tree of Christian Lamparter https://git.openwrt.org/openwrt/staging/chunkeey/atom?h=v19.07.7 2021-01-01T13:31:49Z 2021-01-01T13:31:49Z Hauke Mehrtens 2020-12-31T17:22:49Z urn:sha1:e29002471734dbba927d43f0b23818ddc5f551a7 daf88b1dd1 Add NEWS entry for CVE-2020-6096 (bug 25620) b29853702e arm: CVE-2020-6096: Fix multiarch memcpy for negative length [BZ #25620] bad8d5ff60 arm: CVE-2020-6096: fix memcpy and memmove for negative length [BZ #25620] d64ad0a517 Fix use-after-free in glob when expanding ~user (bug 25414) 34ce87638c Fix array overflow in backtrace on PowerPC (bug 25423) 0df8ecff9e misc/test-errno-linux: Handle EINVAL from quotactl 26f5442ec1 <string.h>: Define __CORRECT_ISO_CPP_STRING_H_PROTO for Clang [BZ #25232] 4b64a4245c intl/tst-gettext: fix failure with newest msgfmt dc7f51bda9 aarch64: Fix DT_AARCH64_VARIANT_PCS handling [BZ #26798] 8edc96aa33 aarch64: add HWCAP_ATOMICS to HWCAP_IMPORTANT 599ebfacc0 aarch64: Remove HWCAP_CPUID from HWCAP_IMPORTANT Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> 2020-12-05T19:50:19Z Petr Štetiar 2020-11-21T14:59:50Z urn:sha1:d83040313390f56c22ff020f0f20da8f05e98e35 Allow setting of mirror hash for Git kernel tree. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 796d51834c5be85771d26e433fd509cd3bef72e3) 2020-12-05T19:50:19Z Petr Štetiar 2020-11-21T15:05:08Z urn:sha1:8c2bb1d9b6b71be31ff79c1783b42b457d305cd0 Currently the check target fails if the kernel Git tree is used: $ make toolchain/kernel-headers/{download,check} make[2]: Entering directory 'toolchain/kernel-headers' Makefile:105: *** ERROR: Unknown pack format for file openwrt/tmp/dl/. Stop. make[2]: Leaving directory 'toolchain/kernel-headers' toolchain/Makefile:100: recipe for target 'toolchain/kernel-headers/check' failed Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit bb7ba6b6a81d1fb7ac6075edfd8e8b713dd61db2) 2020-11-23T21:37:03Z Petr Štetiar 2020-11-20T12:13:27Z urn:sha1:733a48273383e2337fcd7c0eb5ee8958f42dc4c0 The wcsnrtombs function in all musl libc versions up through 1.2.1 has been found to have multiple bugs in handling of destination buffer size when limiting the input character count, which can lead to infinite loop with no forward progress (no overflow) or writing past the end of the destination buffera. This function is not used internally in musl and is not widely used, but does appear in some applications. The non-input-limiting form wcsrtombs is not affected. All users of musl 1.2.1 and prior versions should apply the attached patch, which replaces the overly complex and erroneous implementation. The upcoming 1.2.2 release will adopt this new implementation. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 4d4ef1058c0f10aa2fa4070cd6b9db4d48b94148) 2020-05-26T21:49:40Z Matthias Schiffer 2020-05-23T19:16:44Z urn:sha1:83b714a27ff3f3a394dfb1c8f6f05467a093a91a Import proposed upstream fix [2] for the critical locking synchronization bug recently found in musl [1]. This affects all programs that are temporarily multithreaded, but then return to single-threaded operation. [1] https://www.openwall.com/lists/musl/2020/05/22/3 [2] https://www.openwall.com/lists/musl/2020/05/22/10 Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net> (cherry picked from commit 10c211031ccd4703230493025a5a3b9d6fcad2f2) 2019-12-22T23:31:20Z Jeffery To 2019-11-18T22:04:59Z urn:sha1:d2e87c780089a74b6c0ad84e21f73021fb5ec27a This backports the patch for GCC PR target/89587 (gcc's rs6000 configuration unconditionally sets MULTIARCH_DIRNAME, even when multiarch is disabled). This currently affects apm821xx and may cause issues when cross-compiling packages, e.g. Python 3[1]. This includes patches for GCC 8 (with the changelog diff removed); this change is already included in GCC 9.2 and 7.5. [1]: https://github.com/openwrt/packages/issues/10552 Signed-off-by: Jeffery To <jeffery.to@gmail.com> [Removed patch for GCC 7.4.0, GCC 7.5.0 already contains this] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit c102f702e7dc976c2ad2c04c0ce4462373e62365) 2019-12-22T23:31:13Z Yorkie Liu 2019-11-19T05:41:10Z urn:sha1:a7d880e830cf786941c14f5fd410a7e918ffcb5d This fixes gcc build error within clang 11.0, it tweaks the version string from LLVM to clang. Signed-off-by: Yorkie Liu <yorkiefixer@gmail.com> (cherry picked from commit 65a561fd0919eafff2363ae8324db64be2a57f77) 2019-12-14T13:06:33Z Hans Dedecker 2019-12-11T21:27:26Z urn:sha1:3959f11005965eb536396a8c258f0ab944eb598d bef0b1cb31 libio: Disable vtable validation for pre-2.1 interposed handles [BZ #25203] 4d5cfeb510 rtld: Check __libc_enable_secure before honoring LD_PREFER_MAP_32BIT_EXEC (CVE-2019-19126) [BZ #25204] 92f04eedb5 mips: Force RWX stack for hard-float builds that can run on pre-4.8 kernels Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> 2019-12-14T13:06:22Z Alin Nastac 2019-11-21T13:06:18Z urn:sha1:a50c2190d31d2d95755d55183e9f420dc0a82869 Problem found by AddressSanitizer[1]: Latest `grep` (git commit 1019e6e) compiled with asan may cause a heap-buffer-overflow when `-i` is specified. ./grep -i '\(\(\)*.\)*\(\)\(\)\1' /bin/chvt ================================================================= ==16206==ERROR: AddressSanitizer: heap-buffer-overflow on address 1. https://debbugs.gnu.org/34140 Ref: https://sourceware.org/bugzilla/show_bug.cgi?id=24114 Signed-off-by: Alin Nastac <alin.nastac@gmail.com> [commit title and description facelift] Signed-off-by: Petr Štetiar <ynezz@true.cz> 2019-12-14T13:06:03Z Hans Dedecker 2019-09-17T20:11:26Z urn:sha1:929c6d733a05a8dd137de13b026812d13476181a 5b4f7382af Add undef to fix test failure. 9456483fb2 Improve performance of memmem 373f8b06a3 Improve performance of strstr 4ec1b9e913 Fix strstr bug with huge needles (bug 23637) ecd6271ed8 Speedup first memmem match bba6b9288f Simplify and speedup strstr/strcasestr first match 7a4da6ef7a Improve strstr performance Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>