qemu/build-Do-not-apply-WORKAROUND_CFLAGS-for.patch

68 lines
2.7 KiB
Diff
Raw Normal View History

From: Michael Brown <mcb30@ipxe.org>
Date: Mon, 22 Jul 2019 14:51:28 +0100
Accepting request 822154 from home:bfrogers:branches:Virtualization - Updating to Sphinx v3.1.2 in Factory is exposing an issue in qemu doc sources. Fix it docs-fix-trace-docs-build-with-sphinx-3..patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) nbd-server-Avoid-long-error-message-asse.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix legacy IGD passthrough hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch - The latest gcc10 available in Factory has the fix for the issue this patch was created to avoid, so drop it build-Work-around-gcc10-bug-by-not-using.patch - Switch to upstream versions of some patches we carry add-enum-cast-to-avoid-gcc10-warning.patch -> golan-Add-explicit-type-casts-for-nodnic.patch Be-explicit-about-fcommon-compiler-direc.patch -> build-Be-explicit-about-fcommon-compiler.patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch Fix-s-directive-argument-is-null-error.patch -> build-Fix-s-directive-argument-is-null-e.patch Workaround-compilation-error-with-gcc-9..patch -> build-Workaround-compilation-error-with-.patch work-around-gcc10-problem-with-zero-leng.patch -> intel-Avoid-spurious-compiler-warning-on.patch - Fix vgabios issue for cirrus graphics emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch OBS-URL: https://build.opensuse.org/request/show/822154 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
2020-07-22 06:19:22 +02:00
Subject: [build] Do not apply WORKAROUND_CFLAGS for host compiler
Git-commit: a4f8c6e31f6c62522cfc633bbbffa81b22f9d6f3
Include-If: %ifarch aarch64
The WORKAROUND_CFLAGS list is constructed based on running tests on
the target compiler, and the results may not be valid for the host
compiler.
The only relevant workaround required for the host compiler is
-Wno-stringop-truncation, which is needed to avoid a spurious compiler
warning for a totally correct usage of strncpy() in util/elf2efi.c.
Duplicating the workaround tests for the host compiler is messy, as is
conditionally applying __attribute__((nonstring)). Fix instead by
disapplying WORKAROUND_CFLAGS for the host compiler, and using
memcpy() with an explicitly calculated length instead of strncpy() in
util/elf2efi.c.
Reported-by: Ignat Korchagin <ignat@cloudflare.com>
Reported-by: Christopher Clark <christopher.w.clark@gmail.com>
Signed-off-by: Michael Brown <mcb30@ipxe.org>
Signed-off-by: Bruce Rogers <brogers@suse.com>
---
src/Makefile.housekeeping | 2 +-
src/util/elf2efi.c | 6 +++++-
2 files changed, 6 insertions(+), 2 deletions(-)
diff --git a/roms/ipxe/src/Makefile.housekeeping b/roms/ipxe/src/Makefile.housekeeping
Accepting request 822154 from home:bfrogers:branches:Virtualization - Updating to Sphinx v3.1.2 in Factory is exposing an issue in qemu doc sources. Fix it docs-fix-trace-docs-build-with-sphinx-3..patch - Fix DoS possibility in ati-vga emulation (CVE-2020-13800 bsc#1172495) ati-vga-check-mm_index-before-recursive-.patch - Fix DoS possibility in Network Block Device (nbd) support infrastructure (CVE-2020-10761 bsc#1172710) nbd-server-Avoid-long-error-message-asse.patch - Fix null pointer dereference possibility (DoS) in MegaRAID SAS 8708EM2 emulation (CVE-2020-13659 bsc#1172386) exec-set-map-length-to-zero-when-returni.patch - Fix OOB access possibility in MegaRAID SAS 8708EM2 emulation (CVE-2020-13362 bsc#1172383) megasas-use-unsigned-type-for-reply_queu.patch - Fix legacy IGD passthrough hw-vfio-pci-quirks-Fix-broken-legacy-IGD.patch - The latest gcc10 available in Factory has the fix for the issue this patch was created to avoid, so drop it build-Work-around-gcc10-bug-by-not-using.patch - Switch to upstream versions of some patches we carry add-enum-cast-to-avoid-gcc10-warning.patch -> golan-Add-explicit-type-casts-for-nodnic.patch Be-explicit-about-fcommon-compiler-direc.patch -> build-Be-explicit-about-fcommon-compiler.patch Do-not-apply-WORKAROUND_CFLAGS-for-host-.patch -> build-Do-not-apply-WORKAROUND_CFLAGS-for.patch Fix-s-directive-argument-is-null-error.patch -> build-Fix-s-directive-argument-is-null-e.patch Workaround-compilation-error-with-gcc-9..patch -> build-Workaround-compilation-error-with-.patch work-around-gcc10-problem-with-zero-leng.patch -> intel-Avoid-spurious-compiler-warning-on.patch - Fix vgabios issue for cirrus graphics emulation, which effectively downgraded it to standard VGA behavior vga-fix-cirrus-bios.patch - Fix OOB access possibility in ES1370 audio device emulation (CVE-2020-13361 bsc#1172384) es1370-check-total-frame-count-against-c.patch OBS-URL: https://build.opensuse.org/request/show/822154 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=553
2020-07-22 06:19:22 +02:00
index 4b09e81f0b1eb82e79f6af11986d..1b175b9508c0d20f169801f8763d 100644
--- a/roms/ipxe/src/Makefile.housekeeping
+++ b/roms/ipxe/src/Makefile.housekeeping
@@ -454,7 +454,7 @@ endif
CFLAGS += $(WORKAROUND_CFLAGS) $(EXTRA_CFLAGS)
ASFLAGS += $(WORKAROUND_ASFLAGS) $(EXTRA_ASFLAGS)
LDFLAGS += $(WORKAROUND_LDFLAGS) $(EXTRA_LDFLAGS)
-HOST_CFLAGS += $(WORKAROUND_CFLAGS) -O2 -g
+HOST_CFLAGS += -O2 -g
# Inhibit -Werror if NO_WERROR is specified on make command line
#
diff --git a/roms/ipxe/src/util/elf2efi.c b/roms/ipxe/src/util/elf2efi.c
index 2c5b9df8aae853bfce4d5d3bae89..bcd53c9afda7880d42ec80c07f17 100644
--- a/roms/ipxe/src/util/elf2efi.c
+++ b/roms/ipxe/src/util/elf2efi.c
@@ -458,6 +458,7 @@ static struct pe_section * process_section ( struct elf_file *elf,
struct pe_header *pe_header ) {
struct pe_section *new;
const char *name;
+ size_t name_len;
size_t section_memsz;
size_t section_filesz;
unsigned long code_start;
@@ -494,7 +495,10 @@ static struct pe_section * process_section ( struct elf_file *elf,
memset ( new, 0, sizeof ( *new ) + section_filesz );
/* Fill in section header details */
- strncpy ( ( char * ) new->hdr.Name, name, sizeof ( new->hdr.Name ) );
+ name_len = strlen ( name );
+ if ( name_len > sizeof ( new->hdr.Name ) )
+ name_len = sizeof ( new->hdr.Name );
+ memcpy ( new->hdr.Name, name, name_len );
new->hdr.Misc.VirtualSize = section_memsz;
new->hdr.VirtualAddress = shdr->sh_addr;
new->hdr.SizeOfRawData = section_filesz;