[openwrt/openwrt] elfutils: Update to 0.192

Thu Nov 28 10:57:50 PST 2024

ynezz pushed a commit to openwrt/openwrt.git, branch openwrt-24.10:
https://git.openwrt.org/4166aaf98abc848496fbe3b8be3f4ec59bbb5cac

commit 4166aaf98abc848496fbe3b8be3f4ec59bbb5cac
Author: Ryan Keane <the.ra2.ifv at gmail.com>
AuthorDate: Thu Nov 7 21:50:58 2024 -0800

    elfutils: Update to 0.192
    
    Add a patch still under review to fix some errors.
    
    Refresh patch:
    - 003-libintl-compatibility.patch
    - 005-build_only_libs.patch
    - 006-Fix-build-on-aarch64-musl.patch
    
    Add patch:
    - 102-fix-potential-deref-of-null-error.patch
    
    Release notes are in the link below.
    
    Link: https://inbox.sourceware.org/elfutils-devel/CAJDtP-T3+gXqHWp3T0mejWWbPr0_1tHetEXwfB67-o+zz7ShiA@mail.gmail.com/T/#u
    Signed-off-by: Ryan Keane <the.ra2.ifv at gmail.com>
    Link: https://github.com/openwrt/openwrt/pull/16886
    Signed-off-by: Robert Marko <robimarko at gmail.com>
    (cherry picked from commit f5132df69db50a99e556e6fbd165002aac0e3e38)
    Link: https://github.com/openwrt/openwrt/pull/17097
    Signed-off-by: Petr Štetiar <ynezz at true.cz>
---
 package/libs/elfutils/Makefile                     |  4 +-
 .../patches/003-libintl-compatibility.patch        |  2 +-
 .../elfutils/patches/005-build_only_libs.patch     |  2 +-
 .../patches/006-Fix-build-on-aarch64-musl.patch    |  4 +-
 .../102-fix-potential-deref-of-null-error.patch    | 55 ++++++++++++++++++++++
 5 files changed, 61 insertions(+), 6 deletions(-)

diff --git a/package/libs/elfutils/Makefile b/package/libs/elfutils/Makefile
index ac5841c604..b8bb50b564 100644
--- a/package/libs/elfutils/Makefile
+++ b/package/libs/elfutils/Makefile
@@ -7,12 +7,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=elfutils
-PKG_VERSION:=0.191
+PKG_VERSION:=0.192
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
 PKG_SOURCE_URL:=https://sourceware.org/$(PKG_NAME)/ftp/$(PKG_VERSION)
-PKG_HASH:=df76db71366d1d708365fc7a6c60ca48398f14367eb2b8954efc8897147ad871
+PKG_HASH:=616099beae24aba11f9b63d86ca6cc8d566d968b802391334c91df54eab416b4
 
 PKG_MAINTAINER:=Luiz Angelo Daros de Luca <luizluca at gmail.com>
 PKG_LICENSE:=GPL-3.0-or-later
diff --git a/package/libs/elfutils/patches/003-libintl-compatibility.patch b/package/libs/elfutils/patches/003-libintl-compatibility.patch
index 1271796af5..eda9f2204a 100644
--- a/package/libs/elfutils/patches/003-libintl-compatibility.patch
+++ b/package/libs/elfutils/patches/003-libintl-compatibility.patch
@@ -11,7 +11,7 @@
  Requires.private: zlib @LIBZSTD@
 --- a/configure.ac
 +++ b/configure.ac
-@@ -717,6 +717,9 @@ dnl AM_GNU_GETTEXT_REQUIRE_VERSION suppo
+@@ -728,6 +728,9 @@ dnl AM_GNU_GETTEXT_REQUIRE_VERSION suppo
  AM_GNU_GETTEXT_VERSION([0.19.6])
  AM_GNU_GETTEXT_REQUIRE_VERSION([0.19.6])
  
diff --git a/package/libs/elfutils/patches/005-build_only_libs.patch b/package/libs/elfutils/patches/005-build_only_libs.patch
index 598b734874..177ac659e6 100644
--- a/package/libs/elfutils/patches/005-build_only_libs.patch
+++ b/package/libs/elfutils/patches/005-build_only_libs.patch
@@ -8,4 +8,4 @@
 +	  libasm
  
  EXTRA_DIST = elfutils.spec GPG-KEY NOTES CONTRIBUTING SECURITY \
- 	     COPYING COPYING-GPLV2 COPYING-LGPLV3
+ 	     COPYING COPYING-GPLV2 COPYING-LGPLV3 CONDUCT
diff --git a/package/libs/elfutils/patches/006-Fix-build-on-aarch64-musl.patch b/package/libs/elfutils/patches/006-Fix-build-on-aarch64-musl.patch
index d8066c5ca7..a7786ed2c0 100644
--- a/package/libs/elfutils/patches/006-Fix-build-on-aarch64-musl.patch
+++ b/package/libs/elfutils/patches/006-Fix-build-on-aarch64-musl.patch
@@ -32,8 +32,8 @@ Signed-off-by: Hongxu Jia <hongxu.jia at windriver.com>
 +# include <sys/uio.h>
  # include <sys/user.h>
  # include <sys/ptrace.h>
- /* Deal with old glibc defining user_pt_regs instead of user_regs_struct.  */
-@@ -82,7 +82,7 @@ aarch64_set_initial_registers_tid (pid_t
+ # include <asm/ptrace.h>
+@@ -94,7 +94,7 @@ aarch64_set_initial_registers_tid (pid_t
  
    Dwarf_Word dwarf_fregs[32];
    for (int r = 0; r < 32; r++)
diff --git a/package/libs/elfutils/patches/102-fix-potential-deref-of-null-error.patch b/package/libs/elfutils/patches/102-fix-potential-deref-of-null-error.patch
new file mode 100644
index 0000000000..6710e4ef9c
--- /dev/null
+++ b/package/libs/elfutils/patches/102-fix-potential-deref-of-null-error.patch
@@ -0,0 +1,55 @@
+strip.c: Pointer `arhdr` created at strip.c:2741 and then dereferenced without NULL-check.
+The same situation for the `arhdr` pointer at the objdump.c:313 and
+the `h` pointer at the readelf.c:13545.
+
+Triggers found by static analyzer Svace.
+
+Signed-off-by: Maks Mishin <maks.mishinFZ at gmail.com>
+---
+ src/objdump.c | 5 +++++
+ src/readelf.c | 5 +++++
+ src/strip.c   | 5 +++++
+ 3 files changed, 15 insertions(+)
+
+--- a/src/objdump.c
++++ b/src/objdump.c
+@@ -311,6 +311,11 @@ handle_ar (int fd, Elf *elf, const char
+     {
+       /* The the header for this element.  */
+       Elf_Arhdr *arhdr = elf_getarhdr (subelf);
++      if (arhdr == NULL)
++	{
++	  printf ("cannot get arhdr: %s\n", elf_errmsg (-1));
++	  exit (1);
++	}
+ 
+       /* Skip over the index entries.  */
+       if (strcmp (arhdr->ar_name, "/") != 0
+--- a/src/readelf.c
++++ b/src/readelf.c
+@@ -13543,6 +13543,11 @@ dump_archive_index (Elf *elf, const char
+ 			  as_off, fname, elf_errmsg (-1));
+ 
+ 	  const Elf_Arhdr *h = elf_getarhdr (subelf);
++	  if (h == NULL)
++	{
++	  printf ("cannot get arhdr: %s\n", elf_errmsg (-1));
++	  exit (1);
++	}
+ 
+ 	  printf (_("Archive member '%s' contains:\n"), h->ar_name);
+ 
+--- a/src/strip.c
++++ b/src/strip.c
+@@ -2739,6 +2739,11 @@ handle_ar (int fd, Elf *elf, const char
+     {
+       /* The the header for this element.  */
+       Elf_Arhdr *arhdr = elf_getarhdr (subelf);
++	  if (arhdr == NULL)
++	{
++	  printf ("cannot get arhdr: %s\n", elf_errmsg (-1));
++	  exit (1);
++	}
+ 
+       if (elf_kind (subelf) == ELF_K_ELF)
+ 	result |= handle_elf (fd, subelf, new_prefix, arhdr->ar_name, 0, NULL);


