lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <rroqnszmdjpue4q5celbqbo43hij7lqlzpdtm7odmkfwb6vc2b@qp6lgyzlxwt6>
Date: Mon, 1 Jul 2024 20:01:46 +0200
From: Uwe Kleine-König <u.kleine-koenig@...libre.com>
To: Paul Menzel <pmenzel@...gen.mpg.de>
Cc: Andrew Morton <akpm@...ux-foundation.org>, 
	Nicolas Schier <nicolas@...sle.eu>, Ahmad Fatoum <a.fatoum@...gutronix.de>, 
	Masahiro Yamada <masahiroy@...nel.org>, kernel@...gutronix.de, it+linux-kconfig@...gen.mpg.de, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH] lib/build_OID_registry: Avoid non-destructive
 substitution for Perl < 5.13.2 compat

Hello Paul,

On Mon, Jul 01, 2024 at 05:58:01PM +0200, Paul Menzel wrote:
> On a system with Perl 5.12.1, commit 5ef6dc08cfde
> ("lib/build_OID_registry: don't mention the full path of the script in
> output") causes the build to fail with the error below.
> 
>      Bareword found where operator expected at ./lib/build_OID_registry line 41, near "s#^\Q$abs_srctree/\E##r"
>      syntax error at ./lib/build_OID_registry line 41, near "s#^\Q$abs_srctree/\E##r"
>      Execution of ./lib/build_OID_registry aborted due to compilation errors.
>      make[3]: *** [lib/Makefile:352: lib/oid_registry_data.c] Error 255
> 
> Ahmad Fatoum analyzed that non-destructive substitution is only supported since
> Perl 5.13.2. Instead of dropping `r` and having the side effect of modifying
> `$0`, introduce a dedicated variable to support older Perl versions.
> 
> Fixes: 5ef6dc08cfde ("lib/build_OID_registry: don't mention the full path of
> the script in output")

No real objection from my side. But if this is an issue for you, I
recommend to upgrade your build system. Looking at Debian releases
(because they are known for their up-to-date software) and their
included versions of Perl, we have:

	release  | releaseno | Perl version | release date
	---------+-----------+--------------+-------------------
	squeeze  |     6     |    5.10.1    | February 6th, 2011
	wheezy   |     7     |    5.14.2    | May 4th, 2013
	jessie   |     8     |    5.20.2    | April 26th, 2015
	stretch  |     9     |    5.24.1    | June 17th, 2017
	buster   |    10     |    5.28.1    | July 6th, 2019
	bullseye |    11     |    5.32.1    | August 14th, 2021
	bookworm |    12     |    5.36.0    | June 10th, 2023

So wheezy is new enough, and that's 11 years old.
Perl 5.13.2 was released June 22, 2010---that's 14 years ago.

I don't know about your build environment, but I wonder if a system that
old can really build a recent kernel (if the patch under discussion is
applied).

Best regards
Uwe

Download attachment "signature.asc" of type "application/pgp-signature" (489 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ