| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <68C4DE68-D996-43FA-BC16-06F13557E494@kloenk.dev>
Date: Thu, 04 Jul 2024 16:47:37 +0200
From: Finn Behrens <me@...enk.dev>
To: Miguel Ojeda <ojeda@...nel.org>
Cc: Wedson Almeida Filho <wedsonaf@...il.com>,
Alex Gaynor <alex.gaynor@...il.com>, Boqun Feng <boqun.feng@...il.com>,
Gary Guo <gary@...yguo.net>,
Björn Roy Baron <bjorn3_gh@...tonmail.com>,
Benno Lossin <benno.lossin@...ton.me>,
Andreas Hindborg <a.hindborg@...sung.com>, Alice Ryhl <aliceryhl@...gle.com>,
rust-for-linux@...r.kernel.org, linux-kernel@...r.kernel.org,
patches@...ts.linux.dev
Subject: Re: [PATCH 07/13] rust: warn about `bindgen` versions 0.66.0 and
0.66.1
On 1 Jul 2024, at 20:36, Miguel Ojeda wrote:
> `bindgen` versions 0.66.0 and 0.66.1 panic due to C string literals with
> NUL characters [1]:
>
> panicked at .cargo/registry/src/index.crates.io-6f17d22bba15001f/bindgen-0.66.0/codegen/mod.rs:717:71:
> called `Result::unwrap()` on an `Err` value: FromBytesWithNulError { kind: InteriorNul(4) }
>
> Thus, in preparation for supporting several `bindgen` versions, add a
> version check to warn the user about it.
>
> We could make it an error, but 1) it is going to fail anyway later in the
> build, 2) we would disable `RUST` automatically, which is also painful,
> 3) someone could be using a patched `bindgen` at that version, 4) the
> interior NUL may go away in the headers (however unlikely). Thus just
> warn about it so that users know why it is failing.
>
> In addition, add a test for the new case.
>
> Link: https://github.com/rust-lang/rust-bindgen/pull/2567 [1]
> Signed-off-by: Miguel Ojeda <ojeda@...nel.org>
Reviewed-by: Finn Behrens <me@...enk.dev>
> ---
> scripts/rust_is_available.sh | 8 ++++++++
> scripts/rust_is_available_test.py | 7 +++++++
> 2 files changed, 15 insertions(+)
>
> diff --git a/scripts/rust_is_available.sh b/scripts/rust_is_available.sh
> index 67cb900124cc..33bbd01ffe51 100755
> --- a/scripts/rust_is_available.sh
> +++ b/scripts/rust_is_available.sh
> @@ -165,6 +165,14 @@ if [ "$rust_bindings_generator_cversion" -gt "$rust_bindings_generator_min_cvers
> echo >&2 "***"
> warning=1
> fi
> +if [ "$rust_bindings_generator_cversion" -eq 6600 ] || [ "$rust_bindings_generator_cversion" -eq 6601 ]; then
> + echo >&2 "***"
> + echo >&2 "*** Rust bindings generator '$BINDGEN' versions 0.66.0 and 0.66.1 may not"
> + echo >&2 "*** work due to a bug (https://github.com/rust-lang/rust-bindgen/pull/2567)."
> + echo >&2 "*** Your version: $rust_bindings_generator_version"
> + echo >&2 "***"
> + warning=1
> +fi
>
> # Check that the `libclang` used by the Rust bindings generator is suitable.
> #
> diff --git a/scripts/rust_is_available_test.py b/scripts/rust_is_available_test.py
> index a255f79aafc2..2b887098c19d 100755
> --- a/scripts/rust_is_available_test.py
> +++ b/scripts/rust_is_available_test.py
> @@ -226,6 +226,13 @@ else:
> result = self.run_script(self.Expected.SUCCESS_WITH_WARNINGS, { "BINDGEN": bindgen })
> self.assertIn(f"Rust bindings generator '{bindgen}' is too new. This may or may not work.", result.stderr)
>
> + def test_bindgen_bad_version_0_66_0_and_0_66_1(self):
> + for version in ("0.66.0", "0.66.1"):
> + with self.subTest(version=version):
> + bindgen = self.generate_bindgen_version(f"bindgen {version}")
> + result = self.run_script(self.Expected.SUCCESS_WITH_WARNINGS, { "BINDGEN": bindgen })
> + self.assertIn(f"Rust bindings generator '{bindgen}' versions 0.66.0 and 0.66.1 may not", result.stderr)
> +
> def test_bindgen_libclang_failure(self):
> for env in (
> { "LLVM_CONFIG_PATH": self.missing },
> --
> 2.45.2
Powered by blists - more mailing lists