Sync from SUSE:SLFO:1.1 orc revision 21b67d0f75c9047a6db061bbcdbc2bde

0001-Use-vasprintf-if-available-for-error-messages-and.patch

@@ -0,0 +1,147 @@
+From fb7db9ae3e8ac271651d1884a3611d30bac04a98 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
+Date: Tue, 9 Jul 2024 12:11:37 +0300
+Subject: [PATCH 1/2] Use vasprintf() if available for error messages and
+ otherwise vsnprintf()
+
+vasprintf() is a GNU/BSD extension and would allocate as much memory as required
+on the heap, similar to g_strdup_printf(). It's ridiculous that such a function
+is still not provided as part of standard C.
+
+If it's not available, use vsnprintf() to at least avoid stack/heap buffer
+overflows, which can lead to arbitrary code execution.
+
+Thanks to Noriko Totsuka for reporting.
+
+Fixes JVN#02030803 / JPCERT#92912620 / CVE-2024-40897
+Fixes #69
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/orc/-/merge_requests/191>
+---
+ meson.build       |  1 +
+ orc/orccompiler.c |  6 +++++-
+ orc/orcparse.c    | 14 +++++++++++---
+ 3 files changed, 17 insertions(+), 4 deletions(-)
+
+diff --git a/meson.build b/meson.build
+index c7ba5d7d..fe8c6016 100644
+--- a/meson.build
++++ b/meson.build
+@@ -136,6 +136,7 @@ int main() {
+ '''
+ cdata.set('HAVE_MONOTONIC_CLOCK', cc.compiles(monotonic_test))
+ cdata.set('HAVE_GETTIMEOFDAY', cc.has_function('gettimeofday'))
++cdata.set('HAVE_VASPRINTF', cc.has_function('vasprintf'))
+ cdata.set('HAVE_POSIX_MEMALIGN', cc.has_function('posix_memalign', prefix : '#include <stdlib.h>'))
+ cdata.set('HAVE_MMAP', cc.has_function('mmap'))
+ cdata.set('HAVE_SYS_TIME_H', cc.has_header('sys/time.h'))
+diff --git a/orc/orccompiler.c b/orc/orccompiler.c
+index 1e24b8a3..d3394612 100644
+--- a/orc/orccompiler.c
++++ b/orc/orccompiler.c
+@@ -1489,8 +1489,12 @@ orc_compiler_error_valist (OrcCompiler *compiler, const char *fmt,
+ 
+   if (compiler->error_msg) return;
+ 
++#ifdef HAVE_VASPRINTF
++  vasprintf (&s, fmt, args);
++#else
+   s = malloc (ORC_COMPILER_ERROR_BUFFER_SIZE);
+-  vsprintf (s, fmt, args);
++  vsnprintf (s, ORC_COMPILER_ERROR_BUFFER_SIZE, fmt, args);
++#endif
+   compiler->error_msg = s;
+   compiler->error = TRUE;
+   compiler->result = ORC_COMPILE_RESULT_UNKNOWN_COMPILE;
+diff --git a/orc/orcparse.c b/orc/orcparse.c
+index b0d67095..ae4f1b6b 100644
+--- a/orc/orcparse.c
++++ b/orc/orcparse.c
+@@ -424,17 +424,25 @@ orc_parse_get_error_where (OrcParser *parser)
+ static void
+ orc_parse_add_error_valist (OrcParser *parser, const char *format, va_list args)
+ {
+-  char text[ORC_ERROR_LENGTH] = { '\0' };
+-
+   if (parser->error_program != parser->program) {
+     parser->error_program = parser->program;
+   }
+ 
+-  vsprintf (text, format, args);
++#ifdef HAVE_VASPRINTF
++  char *text;
++  vasprintf (&text, format, args);
++#else
++  char text[ORC_ERROR_LENGTH] = { '\0' };
++  vsnprintf (text, sizeof (text), format, args);
++#endif
+ 
+   orc_vector_append (&parser->errors,
+                      orc_parse_error_new (orc_parse_get_error_where (parser),
+                                           parser->line_number, -1, text));
++
++#ifdef HAVE_VASPRINTF
++  free (text);
++#endif
+ }
+ 
+ static void
+-- 
+GitLab
+
+
+From abd75edff9de9a06d0531b9db50963a0da42145c Mon Sep 17 00:00:00 2001
+From: "L. E. Segovia" <amy@centricular.com>
+Date: Tue, 9 Jul 2024 12:03:53 -0300
+Subject: [PATCH 2/2] orccompiler, orcparse: Use secure UCRT printing functions
+ on Windows
+
+See #69
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/orc/-/merge_requests/191>
+---
+ orc/orccompiler.c | 5 ++++-
+ orc/orcparse.c    | 5 ++++-
+ 2 files changed, 8 insertions(+), 2 deletions(-)
+
+diff --git a/orc/orccompiler.c b/orc/orccompiler.c
+index d3394612..617ae295 100644
+--- a/orc/orccompiler.c
++++ b/orc/orccompiler.c
+@@ -1485,12 +1485,15 @@ static void
+ orc_compiler_error_valist (OrcCompiler *compiler, const char *fmt,
+     va_list args)
+ {
+-  char *s;
++  char *s = NULL;
+ 
+   if (compiler->error_msg) return;
+ 
+ #ifdef HAVE_VASPRINTF
+   vasprintf (&s, fmt, args);
++#elif defined(_UCRT)
++  s = malloc (ORC_COMPILER_ERROR_BUFFER_SIZE);
++  vsnprintf_s (s, ORC_COMPILER_ERROR_BUFFER_SIZE, _TRUNCATE, fmt, args);
+ #else
+   s = malloc (ORC_COMPILER_ERROR_BUFFER_SIZE);
+   vsnprintf (s, ORC_COMPILER_ERROR_BUFFER_SIZE, fmt, args);
+diff --git a/orc/orcparse.c b/orc/orcparse.c
+index ae4f1b6b..abeb9f59 100644
+--- a/orc/orcparse.c
++++ b/orc/orcparse.c
+@@ -429,8 +429,11 @@ orc_parse_add_error_valist (OrcParser *parser, const char *format, va_list args)
+   }
+ 
+ #ifdef HAVE_VASPRINTF
+-  char *text;
++  char *text = NULL;
+   vasprintf (&text, format, args);
++#elif defined(_UCRT)
++  char text[ORC_ERROR_LENGTH] = { '\0' };
++  vsnprintf_s (text, ORC_ERROR_LENGTH, _TRUNCATE, format, args);
+ #else
+   char text[ORC_ERROR_LENGTH] = { '\0' };
+   vsnprintf (text, sizeof (text), format, args);
+-- 
+GitLab
+

orc-check-return-value-of-vasprintf.patch

@@ -0,0 +1,54 @@
+From 13ad22b4bc75feb71cefc6b9c0c9cb81ff8c73c4 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Sebastian=20Dr=C3=B6ge?= <sebastian@centricular.com>
+Date: Mon, 5 Aug 2024 13:35:03 +0300
+Subject: [PATCH] Check return value of vasprintf()
+
+With glibc, on allocation failure it doesn't set the pointer to NULL but instead
+conveniently leaves it undefined.
+
+The BSD version is defined in a better way and sets the pointer to NULL to avoid
+further footguns.
+
+Simply abort() on allocation failure. In the other code paths where malloc() is
+used, allocation failures are not checked like everywhere else in orc but it is
+assumed that dereferencing a NULL pointer simply crashes the process.
+Technically this is of course still undefined behaviour.
+
+Part-of: <https://gitlab.freedesktop.org/gstreamer/orc/-/merge_requests/199>
+---
+ orc/orccompiler.c | 3 ++-
+ orc/orcparse.c    | 3 ++-
+ 2 files changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/orc/orccompiler.c b/orc/orccompiler.c
+index 617ae295..3bc7da61 100644
+--- a/orc/orccompiler.c
++++ b/orc/orccompiler.c
+@@ -1490,7 +1490,8 @@ orc_compiler_error_valist (OrcCompiler *compiler, const char *fmt,
+   if (compiler->error_msg) return;
+ 
+ #ifdef HAVE_VASPRINTF
+-  vasprintf (&s, fmt, args);
++  if (vasprintf (&s, fmt, args) < 0)
++    ORC_ASSERT (0);
+ #elif defined(_UCRT)
+   s = malloc (ORC_COMPILER_ERROR_BUFFER_SIZE);
+   vsnprintf_s (s, ORC_COMPILER_ERROR_BUFFER_SIZE, _TRUNCATE, fmt, args);
+diff --git a/orc/orcparse.c b/orc/orcparse.c
+index abeb9f59..aa91395e 100644
+--- a/orc/orcparse.c
++++ b/orc/orcparse.c
+@@ -430,7 +430,8 @@ orc_parse_add_error_valist (OrcParser *parser, const char *format, va_list args)
+ 
+ #ifdef HAVE_VASPRINTF
+   char *text = NULL;
+-  vasprintf (&text, format, args);
++  if (vasprintf (&text, format, args) < 0)
++    ORC_ASSERT (0);
+ #elif defined(_UCRT)
+   char text[ORC_ERROR_LENGTH] = { '\0' };
+   vsnprintf_s (text, ORC_ERROR_LENGTH, _TRUNCATE, format, args);
+-- 
+GitLab
+
+

orc.changes

@@ -1,126 +1,18 @@
 -------------------------------------------------------------------
-Mon Mar  3 08:59:17 UTC 2025 - Valentin Lefebvre <valentin.lefebvre@suse.com>
+Thu Jan 30 09:59:20 UTC 2025 - pgajdos@suse.com
 
-- Removing patches after update
-  - 0001-Use-vasprintf-if-available-for-error-messages-and.patch
-  - orc-check-return-value-of-vasprintf.patch
+- follow up of CVE-2024-40897 fix [bsc#1228184]
+- added patches
+  fix https://gitlab.freedesktop.org/gstreamer/orc/-/commit/13ad22b4bc75feb71cefc6b9c0c9cb81ff8c73c4
+  + orc-check-return-value-of-vasprintf.patch
 
 -------------------------------------------------------------------
-Tue Feb 18 11:52:33 UTC 2025 - Bjørn Lie <bjorn.lie@gmail.com>
+Mon Jul 22 12:10:45 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
 
-- Update to version 0.4.41:
-  + orccodemem: Don't modify the process umask, which caused race
-    conditions with other threads
-  + x86: various SSE and MMX fixes
-  + avx: Fix sqrtps encoding causing an illegal instruction crash
-  + Hide internal symbols from ABI and do not install internal
-    headers
-  + Rename backend to target, including `orc-backend` meson option
-    and `ORC_BACKEND` environment variable
-  + Testsuite, tools: Disambiguate OrcProgram naming conventions
-  + Build: Fix `_clear_cache` call for Clang and error out on
-    implicit function declarations
-  + opcodes: Use MIN instead of CLAMP for known unsigned values to
-    fix compiler warnings
-  + Spelling fix in debug log message
-
--------------------------------------------------------------------
-Mon Sep 23 13:26:01 UTC 2024 - Bjørn Lie <bjorn.lie@gmail.com>
-
-- Update to version 0.4.40:
-  + Security: Minor follow-up fixes for CVE-2024-40897
-  + Fix include header use from C++
-  + orccodemem: Assorted memory mapping fixes
-  + powerpc: fix div255w which still used the inexact substitution
-  + powerpc: Disable VSX and ISA 2.07 for Apple targets
-  + powerpc: Allow detection of ppc64 in Mac OS
-  + x86: work around old GCC versions (pre 9.0) having broken
-    xgetbv implementationsv
-  + x86: consider MSYS2/Cygwin as Windows for ABI purposes only
-  + x86: handle unnatural and misaligned array pointers
-  + x86: Fix non-C11 typedefs
-  + x86: try fixing AVX detection again by adding check for XSAVE
-  + Some compatibility fixes for Musl
-  + meson: Fix detecting XSAVE on older AppleClangv
-  + Check return values of malloc() and realloc()
-
--------------------------------------------------------------------
-Mon Jul 22 10:52:35 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
-
-- Update to version 0.4.39:
-  - Security: Fix error message printing buffer overflow leading
-    to possible code execution in orcc with specific input files
-    (CVE-2024-40897). This only affects developers and CI
-    environments using orcc, not users of liborc (boo#1228184)
-  - div255w: fix off-by-one error in the implementations
-  - x86: only run AVX detection if xgetbv is available
-  - x86: fix AVX detection by implementing the check recommended
-    by Intel
-  - Only enable JIT compilation on Apple arm64 if running on macOS,
-    fixes crashes on iOS
-  - Fix potential crash in emulation mode if logging is enabled
-  - Handle undefined TARGET_OS_OSX correctly
-  - orconce: Fix typo in GCC __sync-based implementation
-  - orconce: Fix usage of __STDC_NO_ATOMICS__
-  - Fix build with MSVC 17.10 + C11
-  - Support stack unwinding on Windows
-  - Major opcode and instruction set code clean-ups and refactoring
-  - Refactor allocation and chunk initialization of code regions
-  - Fall back to emulation on Linux if JIT support is not
-    available, e.g. because of SELinux sandboxing or noexec
-    mounting)
-
--------------------------------------------------------------------
-Wed Mar  6 13:10:24 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
-
-- Backport patch from SLE
-- Add relax-tests.patch to increase test timeouts to 2 minutes,
-  also limit the max value for memcpy_speed.c test bsc#1130085
-- Enable tests
-
--------------------------------------------------------------------
-Tue Mar  5 07:06:08 UTC 2024 - Antonio Larrosa <alarrosa@suse.com>
-
-- version update to 0.4.38
-  0.4.38
-  ======
-  - x86: account for XSAVE when checking for AVX support, fixing
-    usage on hardened linux kernels where AVX support has been
-    disabled (L. E. Segovia)
-  - neon: Use the real intrinsics for divf and sqrtf
-    (L. E. Segovia)
-  - orc.m4 for autotools is no longer shipped. If anyone still uses
-    it they can copy it into their source tree (Tim-Philipp Müller)
-
--------------------------------------------------------------------
-Thu Feb 15 09:26:15 UTC 2024 - pgajdos@suse.com
-
-- version update to 0.4.37
-  0.4.37
-  ======
-  - enable neon instructions on Apple ARM64 (Aleix Conchillo Flaqué)
-  - orcc: Fix regression, was hard-coded to use "sse" as default target (Sebastian Dröge)
-  - MMX backend fixes (L. E. Segovia, Jorge Zapata)
-  - testsuite: Build fixes for Clang (L. E. Segovia)
-  - testsuite, tools: Fix warning caused by inserting unneeded source operands (L. E. Segovia)
-  - orccompiler: call sys_icache_invalidate() to invalidate macos inst cache (Aleix Conchillo Flaqué)
-  - macOS/iOS version/target check build fixes (Aleix Conchillo Flaqué)
-  0.4.36
-  ======
-  - Only use AVX / AVX2 instructions on CPUs that support both AVX and AVX2
-    (fixes crash on machines that only support AVX) (L. E. Segovia)
-  0.4.35
-  ======
-  - Add support for AVX / AVX2 (L. E. Segovia)
-  - SSE backend improvements (L. E. Segovia)
-  - New `orf` and `andf` opcodes for bitwise AND and OR for single precision floats (Jorge Zapata)
-  - Add support for `convwf`, int16 to float conversion (Jorge Zapata)
-  - Allow backend selection through ORC_TARGET environment variable (L. E. Segovia)
-  - Documentation improvements (Jorge Zapata, L. E. Segovia, Tim-Philipp Müller)
-  - orconce: Use Win32 once implementation with MSVC (Seungha Yang, L. E. Segovia)
-  - orcc: add --binary option to output raw machine code for functions (L. E. Segovia)
-  - orcprofile: Implement Windows high-resolution timestamp for MSVC
-    to allow benchmarking on MSVC builds (L. E. Segovia)
+- Add patch from upstream to fix a stack-based buffer overflow
+  in the Orc compiler when formatting error messages (bsc#1228184,
+  CVE-2024-40897):
+  * 0001-Use-vasprintf-if-available-for-error-messages-and.patch 
 
 -------------------------------------------------------------------
 Wed Jun  7 13:37:52 UTC 2023 - pgajdos@suse.com

orc.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package orc
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 # Copyright (c) 2010 Dominique Leuenberger, Amsterdam, Netherlands.
 #
 # All modifications and additions to the file contributed by third parties
@@ -18,7 +18,7 @@
 
 
 Name:           orc
-Version:        0.4.41
+Version:        0.4.34
 Release:        0
 Summary:        The Oil Runtime Compiler
 License:        BSD-3-Clause
@@ -26,7 +26,9 @@ Group:          Productivity/Multimedia/Other
 URL:            https://gitlab.freedesktop.org/gstreamer/orc
 Source:         https://gstreamer.freedesktop.org/src/orc/%{name}-%{version}.tar.xz
 Source99:       baselibs.conf
-Patch0:         relax-tests.patch
+Patch0:         0001-Use-vasprintf-if-available-for-error-messages-and.patch
+# https://gitlab.freedesktop.org/gstreamer/orc/-/commit/13ad22b4bc75feb71cefc6b9c0c9cb81ff8c73c4
+Patch1:         orc-check-return-value-of-vasprintf.patch
 BuildRequires:  gtk-doc >= 1.12
 BuildRequires:  meson >= 0.47.0
 BuildRequires:  pkgconfig
@@ -67,22 +69,14 @@ arithmetic operations.
 
 %build
 %meson \
-	-Dorc-test=enabled \
+	-Dorc-test=disabled \
 	-Dexamples=disabled \
-	-Dtests=enabled \
+	-Dtests=disabled \
 	%{nil}
 %meson_build
 
 %install
 %meson_install
-rm %{buildroot}%{_bindir}/orc-bugreport
-rm %{buildroot}%{_libdir}/pkgconfig/orc-test-0.4.pc
-
-%check
-# Disable testsuite for almost all arches, it's only stable on x86_64
-%ifnarch aarch64 %{arm} %{ix86} ppc64le
-%meson_test
-%endif
 
 %post -n liborc-0_4-0 -p /sbin/ldconfig
 %postun -n liborc-0_4-0 -p /sbin/ldconfig
@@ -92,6 +86,7 @@ rm %{buildroot}%{_libdir}/pkgconfig/orc-test-0.4.pc
 %{_includedir}/orc-0.4/
 %{_libdir}/*.so
 %{_libdir}/pkgconfig/orc-0.4.pc
+%{_datadir}/aclocal/orc.m4
 
 %files doc
 %dir %{_datadir}/gtk-doc

relax-tests.patch

@@ -1,35 +0,0 @@
-Index: orc-orc-0.4.28/testsuite/memcpy_speed.c
-===================================================================
---- orc-orc-0.4.28.orig/testsuite/memcpy_speed.c
-+++ orc-orc-0.4.28/testsuite/memcpy_speed.c
-@@ -102,6 +102,10 @@ main(int argc, char *argv[])
-     max = 140;
-   }
- 
-+  /* There is a pathological slow down for max > 150 or so
-+     so set a lower value. */
-+  max = 140;
-+
-   for(i=0;i<max;i+=2){
-     double x = i*0.1 + 6.0;
-     int size = (int) pow(2.0, x);
-Index: orc-orc-0.4.28/testsuite/meson.build
-===================================================================
---- orc-orc-0.4.28.orig/testsuite/meson.build
-+++ orc-orc-0.4.28/testsuite/meson.build
-@@ -31,6 +31,7 @@ foreach test : tests
-     test(
-       test,
-       t,
-+      timeout: 120,
-       env: {
-         'testfile': meson.current_source_dir() + '/test.orc',
-         'ORC_TARGET': i,
-@@ -43,6 +44,7 @@ foreach test : tests
-   test(
-       test,
-       t,
-+      timeout: 120,
-       env: {
-         'testfile': meson.current_source_dir() + '/test.orc',
-       },