From: "Petr Vaněk" <arkamar@gentoo.org>
To: gentoo-commits@lists.gentoo.org
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-libs/musl/
Date: Thu, 13 Feb 2025 18:18:14 +0000 (UTC) [thread overview]
Message-ID: <1739470662.8d6f6351b58cc6ca60ea848c7c9032b2295b4691.arkamar@gentoo> (raw)
commit: 8d6f6351b58cc6ca60ea848c7c9032b2295b4691
Author: Petr Vaněk <arkamar <AT> gentoo <DOT> org>
AuthorDate: Thu Feb 13 18:16:29 2025 +0000
Commit: Petr Vaněk <arkamar <AT> gentoo <DOT> org>
CommitDate: Thu Feb 13 18:17:42 2025 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8d6f6351
sys-libs/musl: fix for input-controlled out-of-bounds write in iconv
Bug: https://bugs.gentoo.org/949712
Signed-off-by: Petr Vaněk <arkamar <AT> gentoo.org>
sys-libs/musl/musl-1.2.4-r4.ebuild | 209 +++++++++++++++++++++++++++++++++++++
1 file changed, 209 insertions(+)
diff --git a/sys-libs/musl/musl-1.2.4-r4.ebuild b/sys-libs/musl/musl-1.2.4-r4.ebuild
new file mode 100644
index 000000000000..79f9d494100f
--- /dev/null
+++ b/sys-libs/musl/musl-1.2.4-r4.ebuild
@@ -0,0 +1,209 @@
+# Copyright 1999-2025 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+inherit crossdev flag-o-matic toolchain-funcs prefix
+if [[ ${PV} == "9999" ]] ; then
+ EGIT_REPO_URI="https://git.musl-libc.org/git/musl"
+ inherit git-r3
+else
+ VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/musl.asc
+ inherit verify-sig
+
+ SRC_URI="https://musl.libc.org/releases/${P}.tar.gz"
+ SRC_URI+=" verify-sig? ( https://musl.libc.org/releases/${P}.tar.gz.asc )"
+ KEYWORDS="-* ~amd64 ~arm ~arm64 ~m68k ~mips ~ppc ~ppc64 ~riscv ~x86"
+
+ BDEPEND="verify-sig? ( sec-keys/openpgp-keys-musl )"
+fi
+GETENT_COMMIT="93a08815f8598db442d8b766b463d0150ed8e2ab"
+GETENT_FILE="musl-getent-${GETENT_COMMIT}.c"
+SRC_URI+="
+ https://dev.gentoo.org/~blueness/musl-misc/getconf.c
+ https://gitlab.alpinelinux.org/alpine/aports/-/raw/${GETENT_COMMIT}/main/musl/getent.c -> ${GETENT_FILE}
+ https://dev.gentoo.org/~blueness/musl-misc/iconv.c
+"
+
+DESCRIPTION="Light, fast and simple C library focused on standards-conformance and safety"
+HOMEPAGE="https://musl.libc.org"
+
+LICENSE="MIT LGPL-2 GPL-2"
+SLOT="0"
+IUSE="crypt headers-only split-usr"
+
+QA_SONAME="usr/lib/libc.so"
+QA_DT_NEEDED="usr/lib/libc.so"
+# bug #830213
+QA_PRESTRIPPED="usr/lib/crtn.o"
+
+# We want crypt on by default for this as sys-libs/libxcrypt isn't (yet?)
+# built as part as crossdev. Also, elide the blockers when in cross-*,
+# as it doesn't make sense to block the normal CBUILD libxcrypt at all
+# there when we're installing into /usr/${CHOST} anyway.
+if is_crosspkg ; then
+ IUSE="${IUSE/crypt/+crypt}"
+else
+ RDEPEND="crypt? ( !sys-libs/libxcrypt[system] )"
+ PDEPEND="!crypt? ( sys-libs/libxcrypt[system] )"
+fi
+
+PATCHES=(
+ "${FILESDIR}"/${P}-elfutils-0.190-relr.patch
+ "${FILESDIR}"/${PN}-1.2.4-arm64-crti-alignment.patch
+ "${FILESDIR}"/${PN}-sched.h-reduce-namespace-conflicts.patch
+ "${FILESDIR}"/${PN}-iconv-out-of-bound-fix.patch
+)
+
+just_headers() {
+ use headers-only && target_is_not_host
+}
+
+pkg_setup() {
+ if [[ ${CTARGET} == ${CHOST} ]] ; then
+ case ${CHOST} in
+ *-musl*) ;;
+ *) die "Use sys-devel/crossdev to build a musl toolchain" ;;
+ esac
+ fi
+
+ # fix for #667126, copied from glibc ebuild
+ # make sure host make.conf doesn't pollute us
+ if target_is_not_host || tc-is-cross-compiler ; then
+ CHOST=${CTARGET} strip-unsupported-flags
+ fi
+}
+
+src_unpack() {
+ if [[ ${PV} == 9999 ]] ; then
+ git-r3_src_unpack
+ elif use verify-sig ; then
+ # We only verify the release; not the additional (fixed, safe) files
+ # we download.
+ # (Seem to get IPC error on verifying in cross?)
+ ! target_is_not_host && verify-sig_verify_detached "${DISTDIR}"/${P}.tar.gz{,.asc}
+ fi
+
+ default
+}
+
+src_prepare() {
+ default
+
+ mkdir "${WORKDIR}"/misc || die
+ cp "${DISTDIR}"/getconf.c "${WORKDIR}"/misc/getconf.c || die
+ cp "${DISTDIR}/${GETENT_FILE}" "${WORKDIR}"/misc/getent.c || die
+ cp "${DISTDIR}"/iconv.c "${WORKDIR}"/misc/iconv.c || die
+}
+
+src_configure() {
+ strip-flags && filter-lto # Prevent issues caused by aggressive optimizations & bug #877343
+ tc-getCC ${CTARGET}
+
+ just_headers && export CC=true
+
+ local sysroot
+ target_is_not_host && sysroot=/usr/${CTARGET}
+ ./configure \
+ --target=${CTARGET} \
+ --prefix="${EPREFIX}${sysroot}/usr" \
+ --syslibdir="${EPREFIX}${sysroot}/lib" \
+ --disable-gcc-wrapper || die
+}
+
+src_compile() {
+ emake obj/include/bits/alltypes.h
+ just_headers && return 0
+
+ emake
+ if ! is_crosspkg ; then
+ emake -C "${T}" getconf getent iconv \
+ CC="$(tc-getCC)" \
+ CFLAGS="${CFLAGS}" \
+ CPPFLAGS="${CPPFLAGS}" \
+ LDFLAGS="${LDFLAGS}" \
+ VPATH="${WORKDIR}/misc"
+ fi
+
+ $(tc-getCC) ${CFLAGS} -c -o libssp_nonshared.o "${FILESDIR}"/stack_chk_fail_local.c || die
+ $(tc-getAR) -rcs libssp_nonshared.a libssp_nonshared.o || die
+}
+
+src_install() {
+ local target="install"
+ just_headers && target="install-headers"
+ emake DESTDIR="${D}" ${target}
+ just_headers && return 0
+
+ # musl provides ldd via a sym link to its ld.so
+ local sysroot=
+ target_is_not_host && sysroot=/usr/${CTARGET}
+ local ldso=$(basename "${ED}${sysroot}"/lib/ld-musl-*)
+ dosym -r "${sysroot}/lib/${ldso}" "${sysroot}/usr/bin/ldd"
+
+ if ! use crypt ; then
+ # Allow sys-libs/libxcrypt[system] to provide it instead
+ rm "${ED}${sysroot}/usr/include/crypt.h" || die
+ rm "${ED}${sysroot}"/usr/*/libcrypt.a || die
+ fi
+
+ if ! is_crosspkg ; then
+ # Fish out of config:
+ # ARCH = ...
+ # SUBARCH = ...
+ # and print $(ARCH)$(SUBARCH).
+ local arch=$(awk '{ k[$1] = $3 } END { printf("%s%s", k["ARCH"], k["SUBARCH"]); }' config.mak)
+
+ # The musl build system seems to create a symlink:
+ # ${D}/lib/ld-musl-${arch}.so.1 -> /usr/lib/libc.so.1 (absolute)
+ # During cross or within prefix, there's no guarantee that the host is
+ # using musl so that file may not exist. Use a relative symlink within
+ # ${D} instead.
+ rm "${ED}"/lib/ld-musl-${arch}.so.1 || die
+ if use split-usr; then
+ dosym ../usr/lib/libc.so /lib/ld-musl-${arch}.so.1
+ # If it's still a dead symlink, OK, we really do need to abort.
+ [[ -e "${ED}"/lib/ld-musl-${arch}.so.1 ]] || die
+ else
+ dosym libc.so /usr/lib/ld-musl-${arch}.so.1
+ [[ -e "${ED}"/usr/lib/ld-musl-${arch}.so.1 ]] || die
+ fi
+
+ cp "${FILESDIR}"/ldconfig.in-r3 "${T}"/ldconfig.in || die
+ sed -e "s|@@ARCH@@|${arch}|" "${T}"/ldconfig.in > "${T}"/ldconfig || die
+ eprefixify "${T}"/ldconfig
+ into /
+ dosbin "${T}"/ldconfig
+ into /usr
+ dobin "${T}"/getconf
+ dobin "${T}"/getent
+ dobin "${T}"/iconv
+ newenvd - "00musl" <<-EOF
+ # 00musl autogenerated by sys-libs/musl ebuild; DO NOT EDIT.
+ LDPATH="include ld.so.conf.d/*.conf"
+ EOF
+ fi
+
+ if target_is_not_host ; then
+ into /usr/${CTARGET}
+ dolib.a libssp_nonshared.a
+ else
+ dolib.a libssp_nonshared.a
+ fi
+}
+
+pkg_preinst() {
+ # nothing to do if just installing headers
+ just_headers && return
+
+ # prepare /etc/ld.so.conf.d/ for files
+ mkdir -p "${EROOT}"/etc/ld.so.conf.d
+}
+
+pkg_postinst() {
+ target_is_not_host && return 0
+
+ [ -n "${ROOT}" ] && return 0
+
+ ldconfig || die
+}
next reply other threads:[~2025-02-13 18:18 UTC|newest]
Thread overview: 203+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-02-13 18:18 Petr Vaněk [this message]
-- strict thread matches above, loose matches on Subject: below --
2025-04-14 22:24 [gentoo-commits] repo/gentoo:master commit in: sys-libs/musl/ Sam James
2025-02-15 17:36 Petr Vaněk
2025-02-15 15:19 Arthur Zamarin
2025-02-15 15:19 Arthur Zamarin
2025-02-15 15:19 Arthur Zamarin
2025-02-15 15:19 Arthur Zamarin
2025-02-15 15:19 Arthur Zamarin
2025-02-15 15:19 Arthur Zamarin
2025-02-14 18:15 Arthur Zamarin
2025-02-14 18:15 Arthur Zamarin
2025-02-14 18:13 Arthur Zamarin
2025-02-14 18:13 Arthur Zamarin
2025-02-14 18:13 Arthur Zamarin
2025-02-14 18:13 Arthur Zamarin
2025-02-14 5:29 Sam James
2025-02-14 5:29 Sam James
2025-02-14 5:29 Sam James
2025-02-14 5:29 Sam James
2025-02-14 5:29 Sam James
2025-02-13 18:18 Petr Vaněk
2025-02-13 17:58 Petr Vaněk
2025-02-04 17:13 Sam James
2025-01-12 11:25 Sam James
2025-01-03 10:51 Sam James
2025-01-03 10:51 Sam James
2025-01-03 10:51 Sam James
2025-01-03 10:51 Sam James
2025-01-03 10:51 Sam James
2025-01-03 10:51 Sam James
2024-12-31 17:18 Sam James
2024-12-31 15:40 Sam James
2024-07-08 3:38 Sam James
2024-07-08 3:38 Sam James
2024-07-08 3:38 Sam James
2024-07-08 3:38 Sam James
2024-05-02 7:31 Andreas K. Hüttel
2024-03-07 17:45 Sam James
2024-03-07 17:45 Sam James
2024-03-07 17:45 Sam James
2024-03-07 17:45 Sam James
2024-03-07 17:45 Sam James
2024-03-07 17:45 Sam James
2024-03-04 10:24 Sam James
2024-03-01 7:55 Sam James
2024-01-01 2:20 Sam James
2023-12-30 6:59 Arthur Zamarin
2023-12-30 6:59 Arthur Zamarin
2023-12-30 6:59 Arthur Zamarin
2023-12-30 6:59 Arthur Zamarin
2023-12-30 6:59 Arthur Zamarin
2023-12-30 6:59 Arthur Zamarin
2023-12-28 3:53 Sam James
2023-12-28 3:53 Sam James
2023-12-17 11:45 Sam James
2023-08-22 18:04 Sam James
2023-05-09 11:38 Sam James
2023-05-02 19:11 Sam James
2023-04-03 19:06 Mike Gilbert
2023-04-03 19:06 Mike Gilbert
2023-04-03 19:06 Mike Gilbert
2023-03-31 11:59 Arthur Zamarin
2023-03-31 11:59 Arthur Zamarin
2023-03-31 11:59 Arthur Zamarin
2023-03-31 11:59 Arthur Zamarin
2023-03-31 11:59 Arthur Zamarin
2023-03-31 11:59 Arthur Zamarin
2023-02-15 9:56 Sam James
2023-02-05 19:08 James Le Cuirot
2023-01-29 8:45 Sam James
2023-01-15 22:41 Sam James
2022-12-29 19:01 Sam James
2022-11-08 1:30 Sam James
2022-10-17 20:31 Sam James
2022-09-23 1:56 Sam James
2022-09-23 1:56 Sam James
2022-09-19 15:50 Sam James
2022-09-13 23:46 Sam James
2022-09-12 17:18 Sam James
2022-09-11 17:27 Sam James
2022-09-10 11:28 Sam James
2022-08-06 14:57 Jory Pratt
2022-07-18 16:03 Sam James
2022-07-18 16:03 Sam James
2022-06-22 23:12 Sam James
2022-04-23 2:09 Sam James
2022-04-15 16:39 Arthur Zamarin
2022-04-12 7:15 Sam James
2022-04-07 22:38 Sam James
2022-04-07 20:55 Sam James
2022-04-07 20:55 Sam James
2022-02-26 17:32 Andreas K. Hüttel
2022-02-10 4:12 Sam James
2021-12-01 21:57 Anthony G. Basile
2021-11-19 3:05 Sam James
2021-11-18 0:48 Sam James
2021-11-18 0:02 Sam James
2021-11-16 2:59 Sam James
2021-11-15 7:19 Sam James
2021-11-10 3:39 Sam James
2021-11-10 3:32 Sam James
2021-08-16 0:59 Jory Pratt
2021-06-06 9:31 Sergei Trofimovich
2021-04-24 12:37 Sergei Trofimovich
2021-04-03 11:52 Anthony G. Basile
2021-02-16 20:09 Jory Pratt
2021-02-15 0:32 Sam James
2021-02-14 17:09 Jory Pratt
2021-01-21 15:43 Mike Gilbert
2021-01-20 18:02 Mike Gilbert
2021-01-20 9:09 Sergei Trofimovich
2021-01-19 21:56 Anthony G. Basile
2021-01-03 18:58 Fabian Groffen
2020-12-06 21:21 Anthony G. Basile
2020-11-30 14:21 Anthony G. Basile
2020-11-30 0:06 Anthony G. Basile
2020-11-27 20:57 Anthony G. Basile
2020-08-20 13:15 Anthony G. Basile
2020-08-06 14:38 Anthony G. Basile
2020-05-25 9:22 Sergei Trofimovich
2020-05-20 22:12 Jory Pratt
2020-03-03 1:45 Anthony G. Basile
2020-02-26 3:24 Jory Pratt
2020-02-02 13:04 Sergei Trofimovich
2020-01-30 2:06 Anthony G. Basile
2020-01-30 2:06 Anthony G. Basile
2020-01-05 19:56 Anthony G. Basile
2020-01-05 19:23 Anthony G. Basile
2019-11-22 17:17 Anthony G. Basile
2019-11-17 16:58 Anthony G. Basile
2019-11-10 1:30 Anthony G. Basile
2019-10-14 13:57 Jory Pratt
2019-09-08 20:41 Anthony G. Basile
2019-09-07 14:26 Anthony G. Basile
2019-09-03 14:40 Anthony G. Basile
2019-09-03 11:18 Anthony G. Basile
2019-09-03 11:18 Anthony G. Basile
2019-09-03 11:18 Anthony G. Basile
2019-07-18 17:23 Anthony G. Basile
2019-05-12 23:47 Anthony G. Basile
2019-04-28 19:44 Anthony G. Basile
2019-04-14 15:43 Anthony G. Basile
2019-04-10 19:53 Anthony G. Basile
2019-04-06 20:15 Anthony G. Basile
2019-03-31 14:57 Anthony G. Basile
2019-02-02 17:28 Sergei Trofimovich
2019-01-27 16:13 Anthony G. Basile
2019-01-27 15:59 Anthony G. Basile
2019-01-27 12:44 Anthony G. Basile
2019-01-27 12:44 Anthony G. Basile
2018-12-31 18:26 Anthony G. Basile
2018-10-04 21:39 Anthony G. Basile
2018-09-13 18:56 Anthony G. Basile
2018-09-13 2:24 Anthony G. Basile
2018-09-12 21:28 Anthony G. Basile
2018-08-02 23:31 Anthony G. Basile
2018-08-02 23:13 Anthony G. Basile
2018-08-02 23:13 Anthony G. Basile
2018-03-04 0:37 Anthony G. Basile
2018-02-23 16:08 Anthony G. Basile
2018-01-07 19:39 Sergei Trofimovich
2018-01-01 9:59 Anthony G. Basile
2017-12-29 18:22 Sergei Trofimovich
2017-11-27 14:46 Anthony G. Basile
2017-11-27 14:46 Anthony G. Basile
2017-11-12 13:51 Anthony G. Basile
2017-11-02 1:07 Anthony G. Basile
2017-11-02 1:07 Anthony G. Basile
2017-10-31 20:39 Anthony G. Basile
2017-10-31 20:35 Anthony G. Basile
2017-10-20 23:38 Anthony G. Basile
2017-09-06 21:00 Michał Górny
2017-04-23 1:07 Anthony G. Basile
2017-01-08 23:00 Anthony G. Basile
2017-01-01 16:57 Anthony G. Basile
2016-10-23 9:11 Anthony G. Basile
2016-10-20 3:49 Anthony G. Basile
2016-10-20 3:49 Anthony G. Basile
2016-09-24 20:15 Anthony G. Basile
2016-09-24 13:51 Anthony G. Basile
2016-09-20 9:19 Anthony G. Basile
2016-07-06 23:42 Anthony G. Basile
2016-06-05 8:02 Anthony G. Basile
2016-06-05 0:39 Anthony G. Basile
2016-06-05 0:35 Anthony G. Basile
2016-02-22 11:52 Anthony G. Basile
2016-02-22 8:50 Anthony G. Basile
2016-02-20 18:52 Anthony G. Basile
2016-02-17 4:42 Anthony G. Basile
2016-02-17 0:51 Anthony G. Basile
2016-02-17 0:48 Anthony G. Basile
2015-11-29 2:06 Anthony G. Basile
2015-10-25 14:52 Anthony G. Basile
2015-10-22 11:07 Anthony G. Basile
2015-10-21 19:40 Anthony G. Basile
2015-10-21 19:37 Anthony G. Basile
2015-10-21 19:33 Anthony G. Basile
2015-10-21 1:21 Anthony G. Basile
2015-09-08 22:15 Anthony G. Basile
2015-08-31 3:02 Anthony G. Basile
2015-08-30 14:37 Anthony G. Basile
2015-08-09 9:23 Anthony G. Basile
2015-08-09 9:18 Anthony G. Basile
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1739470662.8d6f6351b58cc6ca60ea848c7c9032b2295b4691.arkamar@gentoo \
--to=arkamar@gentoo.org \
--cc=gentoo-commits@lists.gentoo.org \
--cc=gentoo-dev@lists.gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox