[LEDE-DEV] [PATCH] musl: update to 1.1.17

John Crispin john at phrozen.org
Mon Nov 6 05:46:52 PST 2017



On 19/10/17 23:41, Christian Lamparter wrote:
> This patch updates musl to the latest 1.1.17 release.
>
> Rick Felker stated in his release note: "
> This release fixes numerous bugs affecting visible behavior and
> safety/internal consistency, including a stack-based buffer overflow
> in dns parsing and multiple sources of invalid memory accesses that
> may lead to crashes. See the release notes in WHATSNEW for details.
>
> Many new features have also been added, including deferred symbol
> binding in the dynamic linker (RTLD_LAZY emulation), an option to
> overrid argv[0] when running ldso to execute a program, support for
> starting new sessions via posix_spawn (POSIX_SPAWN_SETSID, accepted
> for standardization), and ability to query the active thread-local
> locale (via _NL_LOCALE_NAME extension). Improvements in compatibility
> with applications, build tools, and platforms have also been made.
> " <http://www.openwall.com/lists/musl/2017/10/19/1>
>
> The stack-based buffer overflow in dns parsing can be mitigated by:
> "running a caching nameserver on localhost and pointing resolv.conf
> to 127.0.0.1." <http://www.openwall.com/lists/musl/2017/10/19/2>
> Which is the case on the default LEDE installation (dnsmasq).
>
> Signed-off-by: Christian Lamparter <chunkeey at gmail.com>
> ---
>   toolchain/musl/common.mk                         | 6 +++---
>   toolchain/musl/patches/900-iconv_size_hack.patch | 4 ++--
>   2 files changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/toolchain/musl/common.mk b/toolchain/musl/common.mk
> index 0a45828f79..4c4e5b47ae 100644
> --- a/toolchain/musl/common.mk
> +++ b/toolchain/musl/common.mk
> @@ -8,13 +8,13 @@ include $(TOPDIR)/rules.mk
>   include $(INCLUDE_DIR)/target.mk
>   
>   PKG_NAME:=musl
> -PKG_VERSION:=1.1.16
> +PKG_VERSION:=1.1.17
>   PKG_RELEASE=1
>   
>   PKG_SOURCE_PROTO:=git
>   PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
> -PKG_SOURCE_VERSION:=5f7efb87a28a311ad377dd26adf53715dedb096d
> -PKG_MIRROR_HASH:=da18ef24f270e5cae6bc4c440479da17bec1949ae5a1bc990352ca04f24c4378
> +PKG_SOURCE_VERSION:=2cd663fb2d576d590a08c1e40386c07b378d5ad6
> +PKG_MIRROR_HASH:=e3140faaa9aff51c4f56f36c15d677265a5bed39aa6d9ab5d252f1c49b7c13ca
>   PKG_SOURCE_URL:=git://git.musl-libc.org/musl
>   PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
>   
> diff --git a/toolchain/musl/patches/900-iconv_size_hack.patch b/toolchain/musl/patches/900-iconv_size_hack.patch
> index 343915fb06..cfbb7ee5f7 100644
> --- a/toolchain/musl/patches/900-iconv_size_hack.patch
> +++ b/toolchain/musl/patches/900-iconv_size_hack.patch
> @@ -32,7 +32,7 @@
>    
>    static int fuzzycmp(const unsigned char *a, const unsigned char *b)
>    {
> -@@ -216,6 +220,7 @@ size_t iconv(iconv_t cd0, char **restric
> +@@ -224,6 +228,7 @@ size_t iconv(iconv_t cd0, char **restric
>    				c = ((c-0xd7c0)<<10) + (d-0xdc00);
>    			}
>    			break;
> @@ -47,7 +47,7 @@
>   +#endif
>    		default:
>    			if (c < 128+type) break;
> - 			c -= 128+type;
> + 			c = legacy_map(map, c);
>   --- a/src/locale/codepages.h
>   +++ b/src/locale/codepages.h
>   @@ -118,6 +118,7 @@

Hi,

1.1.18 is out, we we go directly to that version please ?

     John




More information about the Lede-dev mailing list