This changes adds a fix for an unused variable issue in gnulib. It is a part of a security series [1].
[1] https://lists.gnu.org/archive/html/grub-devel/2021-03/msg00007.html Signed-off-by: Marta Rybczynska <marta.rybczyn...@huawei.com> --- ...ulib-regexec-Resolve-unused-variable.patch | 59 +++++++++++++++++++ meta/recipes-bsp/grub/grub2.inc | 1 + 2 files changed, 60 insertions(+) create mode 100644 meta/recipes-bsp/grub/files/0008-gnulib-regexec-Resolve-unused-variable.patch diff --git a/meta/recipes-bsp/grub/files/0008-gnulib-regexec-Resolve-unused-variable.patch b/meta/recipes-bsp/grub/files/0008-gnulib-regexec-Resolve-unused-variable.patch new file mode 100644 index 0000000000..74ffb559e9 --- /dev/null +++ b/meta/recipes-bsp/grub/files/0008-gnulib-regexec-Resolve-unused-variable.patch @@ -0,0 +1,59 @@ +From 9d36bce5d516b6379ba3a0dd1a94a9c035838827 Mon Sep 17 00:00:00 2001 +From: Darren Kenny <darren.ke...@oracle.com> +Date: Wed, 21 Oct 2020 14:41:27 +0000 +Subject: [PATCH] gnulib/regexec: Resolve unused variable + +This is a really minor issue where a variable is being assigned to but +not checked before it is overwritten again. + +The reason for this issue is that we are not building with DEBUG set and +this in turn means that the assert() that reads the value of the +variable match_last is being processed out. + +The solution, move the assignment to match_last in to an ifdef DEBUG too. + +Fixes: CID 292459 + +Signed-off-by: Darren Kenny <darren.ke...@oracle.com> +Reviewed-by: Daniel Kiper <daniel.ki...@oracle.com> + +Upstream-Status: Backport [https://git.savannah.gnu.org/cgit/grub.git/commit/?id=a983d36bd9178d377d2072fd4b11c635fdc404b4] +Signed-off-by: Marta Rybczynska <marta.rybczyn...@huawei.com> +--- + conf/Makefile.extra-dist | 1 + + .../lib/gnulib-patches/fix-unused-value.patch | 14 ++++++++++++++ + 2 files changed, 15 insertions(+) + create mode 100644 grub-core/lib/gnulib-patches/fix-unused-value.patch + +diff --git a/conf/Makefile.extra-dist b/conf/Makefile.extra-dist +index 46c4e95..9b01152 100644 +--- a/conf/Makefile.extra-dist ++++ b/conf/Makefile.extra-dist +@@ -29,6 +29,7 @@ EXTRA_DIST += grub-core/genemuinit.sh + EXTRA_DIST += grub-core/genemuinitheader.sh + + EXTRA_DIST += grub-core/lib/gnulib-patches/fix-null-deref.patch ++EXTRA_DIST += grub-core/lib/gnulib-patches/fix-unused-value.patch + EXTRA_DIST += grub-core/lib/gnulib-patches/fix-width.patch + EXTRA_DIST += grub-core/lib/gnulib-patches/no-abort.patch + +diff --git a/grub-core/lib/gnulib-patches/fix-unused-value.patch b/grub-core/lib/gnulib-patches/fix-unused-value.patch +new file mode 100644 +index 0000000..ba51f1b +--- /dev/null ++++ b/grub-core/lib/gnulib-patches/fix-unused-value.patch +@@ -0,0 +1,14 @@ ++--- a/lib/regexec.c 2020-10-21 14:25:35.310195912 +0000 +++++ b/lib/regexec.c 2020-10-21 14:32:07.961765604 +0000 ++@@ -828,7 +828,11 @@ ++ break; ++ if (__glibc_unlikely (err != REG_NOMATCH)) ++ goto free_return; +++#ifdef DEBUG +++ /* Only used for assertion below when DEBUG is set, otherwise +++ it will be over-written when we loop around. */ ++ match_last = -1; +++#endif ++ } ++ else ++ break; /* We found a match. */ diff --git a/meta/recipes-bsp/grub/grub2.inc b/meta/recipes-bsp/grub/grub2.inc index 46d65d8609..d2a1502d56 100644 --- a/meta/recipes-bsp/grub/grub2.inc +++ b/meta/recipes-bsp/grub/grub2.inc @@ -54,6 +54,7 @@ SRC_URI = "${GNU_MIRROR}/grub/grub-${PV}.tar.gz \ file://0005-efi-Fix-some-malformed-device-path-arithmetic-errors.patch \ file://0006-kern-efi-Fix-memory-leak-on-failure.patch \ file://0007-kern-efi-mm-Fix-possible-NULL-pointer-dereference.patch \ + file://0008-gnulib-regexec-Resolve-unused-variable.patch \ " SRC_URI[md5sum] = "5ce674ca6b2612d8939b9e6abed32934" SRC_URI[sha256sum] = "f10c85ae3e204dbaec39ae22fa3c5e99f0665417e91c2cb49b7e5031658ba6ea" -- 2.33.0
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#161896): https://lists.openembedded.org/g/openembedded-core/message/161896 Mute This Topic: https://lists.openembedded.org/mt/89229680/21656 Group Owner: openembedded-core+ow...@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
