lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Y2jfB2YErvi+EIvN@google.com>
Date:   Mon, 7 Nov 2022 10:33:43 +0000
From:   Lee Jones <lee@...nel.org>
To:     Rob Herring <robh@...nel.org>
Cc:     Frank Rowand <frowand.list@...il.com>, devicetree@...r.kernel.org,
        linux-kernel@...r.kernel.org, stable@...r.kernel.org
Subject: Re: [PATCH] scripts/dtc: Update to upstream version
 v1.6.1-63-g55778a03df61

On Tue, 01 Nov 2022, Rob Herring wrote:

> It's been a while since the last sync and Lee needs commit 73590342fc85
> ("libfdt: prevent integer overflow in fdt_next_tag").
> 
> This adds the following commits from upstream:
> 
> 55778a03df61 libfdt: tests: add get_next_tag_invalid_prop_len
> 73590342fc85 libfdt: prevent integer overflow in fdt_next_tag
> 035fb90d5375 libfdt: add fdt_get_property_by_offset_w helper
> 98a07006c48d Makefile: fix infinite recursion by dropping non-existent `%.output`
> a036cc7b0c10 Makefile: limit make re-execution to avoid infinite spin
> c6e92108bcd9 libdtc: remove duplicate judgments
> e37c25677dc9 Don't generate erroneous fixups from reference to path
> 50454658f2b5 libfdt: Don't mask fdt_get_name() returned error
> e64a204196c9 manual.txt: Follow README.md and remove Jon
> f508c83fe6f0 Update README in MANIFEST.in and setup.py to README.md
> c2ccf8a77dd2 Add description of Signed-off-by lines
> 90b9d9de42ca Split out information for contributors to CONTRIBUTING.md
> 0ee1d479b23a Remove Jon Loeliger from maintainers list
> b33a73c62c1c Convert README to README.md
> 7ad60734b1c1 Allow static building with meson
> fd9b8c96c780 Allow static building with make
> fda71da26e7f libfdt: Handle failed get_name() on BEGIN_NODE
> c7c7f17a83d5 Fix test script to run also on dash shell
> 01f23ffe1679 Add missing relref_merge test to meson test list
> ed310803ea89 pylibfdt: add FdtRo.get_path()
> c001fc01a43e pylibfdt: fix swig build in install
> 26c54f840d23 tests: add test cases for label-relative path references
> ec7986e682cf dtc: introduce label relative path references
> 651410e54cb9 util: introduce xstrndup helper
> 4048aed12b81 setup.py: fix out of tree build
> ff5afb96d0c0 Handle integer overflow in check_property_phandle_args()
> ca7294434309 README: Explain how to add a new API function
> c0c2e115f82e Fix a UB when fdt_get_string return null
> cd5f69cbc0d4 tests: setprop_inplace: use xstrdup instead of unchecked strdup
> a04f69025003 pylibfdt: add Property.as_*int*_array()
> 83102717d7c4 pylibfdt: add Property.as_stringlist()
> d152126bb029 Fix Python crash on getprop deallocation
> 17739b7ef510 Support 'r' format for printing raw bytes with fdtget
> 45f3d1a095dd libfdt: overlay: make overlay_get_target() public
> c19a4bafa514 libfdt: fix an incorrect integer promotion
> 1cc41b1c969f pylibfdt: Add packaging metadata
> db72398cd437 README: Update pylibfdt install instructions
> 383e148b70a4 pylibfdt: fix with Python 3.10
> 23b56cb7e189 pylibfdt: Move setup.py to the top level
> 69a760747d8d pylibfdt: Split setup.py author name and email
> 0b106a77dbdc pylibfdt: Use setuptools_scm for the version
> c691776ddb26 pylibfdt: Use setuptools instead of distutils
> 5216f3f1bbb7 libfdt: Add static lib to meson build
> 4eda2590f481 CI: Cirrus: bump used FreeBSD from 12.1 to 13.0

At least one of these patches fixes security concerns.

Could we also have this in Stable please?

> Signed-off-by: Rob Herring <robh@...nel.org>
> ---
>  scripts/dtc/checks.c               | 15 +++++++-----
>  scripts/dtc/dtc-lexer.l            |  2 +-
>  scripts/dtc/dtc-parser.y           | 13 ++++++++++
>  scripts/dtc/libfdt/fdt.c           | 20 +++++++++------
>  scripts/dtc/libfdt/fdt.h           |  4 +--
>  scripts/dtc/libfdt/fdt_addresses.c |  2 +-
>  scripts/dtc/libfdt/fdt_overlay.c   | 29 ++++++----------------
>  scripts/dtc/libfdt/fdt_ro.c        |  2 +-
>  scripts/dtc/libfdt/libfdt.h        | 25 +++++++++++++++++++
>  scripts/dtc/livetree.c             | 39 +++++++++++++++++++++++++++---
>  scripts/dtc/util.c                 | 15 ++++++++++--
>  scripts/dtc/util.h                 |  4 ++-
>  scripts/dtc/version_gen.h          |  2 +-
>  13 files changed, 124 insertions(+), 48 deletions(-)

-- 
Lee Jones [李琼斯]

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ