diff options
author | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-02 12:04:08 +0000 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-03-07 20:04:58 +0000 |
commit | 19b7e950346fb1dde6505c45236eba6cd9b33b4b (patch) | |
tree | 4e582be23e08321bd04c591be3f37926199d6005 /meta/recipes-extended/cpio/cpio-2.8 | |
parent | 39f5a05152aa0c3503735e18dd3b4c066b284107 (diff) | |
download | openembedded-core-19b7e950346fb1dde6505c45236eba6cd9b33b4b.tar.gz openembedded-core-19b7e950346fb1dde6505c45236eba6cd9b33b4b.tar.bz2 openembedded-core-19b7e950346fb1dde6505c45236eba6cd9b33b4b.zip |
recipes: Move out stale GPLv2 versions to a seperate layeruninative-1.5
These are recipes where the upstream has moved to GPLv3 and these old
versions are the last ones under the GPLv2 license.
There are several reasons for making this move. There is a different
quality of service with these recipes in that they don't get security
fixes and upstream no longer care about them, in fact they're actively
hostile against people using old versions. The recipes tend to need a
different kind of maintenance to work with changes in the wider ecosystem
and there needs to be isolation between changes made in the v3 versions
and those in the v2 versions.
There are probably better ways to handle a "non-GPLv3" system but right
now having these in OE-Core makes them look like a first class citizen
when I believe they have potential for a variety of undesireable issues.
Moving them into a separate layer makes their different needs clearer, it
also makes it clear how many of these there are. Some are probably not
needed (e.g. mc), I also wonder whether some are useful (e.g. gmp)
since most things that use them are GPLv3 only already. Someone could
now more clearly see how to streamline the list of recipes here.
I'm proposing we mmove to this separate layer for 2.3 with its future
maintinership and testing to be determined in 2.4 and beyond.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-extended/cpio/cpio-2.8')
4 files changed, 0 insertions, 289 deletions
diff --git a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch deleted file mode 100644 index a31573510a..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch +++ /dev/null @@ -1,26 +0,0 @@ -Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624] -CVE: CVE-2010-0624 - -This patch avoids heap overflow reported by : -http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624 - -This is a clean patch for the GPLv2 tar recipe. - -the GPLv2 tar recipe patch is also applicable to this GPLv2 cpio -recipe, as they share code. - -Nitin A Kamble <nitin.a.kamble@intel.com> 2011/04/25 - -Index: tar-1.17/lib/rtapelib.c -=================================================================== ---- tar-1.17.orig/lib/rtapelib.c -+++ tar-1.17/lib/rtapelib.c -@@ -570,7 +570,7 @@ rmt_read__ (int handle, char *buffer, si - - sprintf (command_buffer, "R%lu\n", (unsigned long) length); - if (do_command (handle, command_buffer) == -1 -- || (status = get_status (handle)) == SAFE_READ_ERROR) -+ || ((status = get_status (handle)) == SAFE_READ_ERROR) || (status > length)) - return SAFE_READ_ERROR; - - for (counter = 0; counter < status; counter += rlen, buffer += rlen) diff --git a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch b/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch deleted file mode 100644 index 0148e70797..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch +++ /dev/null @@ -1,217 +0,0 @@ -cpio: Fix memory overrun on reading improperly created link records - -Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com> - -http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d - - * src/copyin.c (get_link_name): New function. - (list_file, copyin_link): use get_link_name - - * tests/symlink-bad-length.at: New file. - * tests/symlink-long.at: New file. - * tests/Makefile.am: Add new files. - * tests/testsuite.at: Likewise. - - See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html - -Upstream-Status: Backport - -Signed-off-by: Sergey Poznyakoff <gray@gnu.org.ua> - -diff -Nurp cpio-2.8.orig/src/copyin.c cpio-2.8/src/copyin.c ---- cpio-2.8.orig/src/copyin.c 2007-06-07 19:58:03.000000000 +0800 -+++ cpio-2.8/src/copyin.c 2014-12-08 11:30:01.159791484 +0800 -@@ -126,6 +126,28 @@ tape_skip_padding (int in_file_des, int - } - - -+static char * -+get_link_name (struct cpio_file_stat *file_hdr, int in_file_des) -+{ -+ off_t n = file_hdr->c_filesize + 1; -+ char *link_name; -+ -+ if (n == 0 || n > SIZE_MAX) -+ { -+ error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name); -+ link_name = NULL; -+ } -+ else -+ { -+ link_name = xmalloc (n); -+ tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -+ link_name[file_hdr->c_filesize] = '\0'; -+ tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ } -+ return link_name; -+} -+ -+ - static void - list_file(struct cpio_file_stat* file_hdr, int in_file_des) - { -@@ -136,21 +158,16 @@ list_file(struct cpio_file_stat* file_hd - { - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- char *link_name = NULL; /* Name of hard and symbolic links. */ -- -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- long_format (file_hdr, link_name); -- free (link_name); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -- return; -+ char *link_name = get_link_name (file_hdr, in_file_des); -+ if (link_name) -+ { -+ long_format (file_hdr, link_name); -+ free (link_name); -+ } - } - else -- { - long_format (file_hdr, file_hdr->c_tar_linkname); -- return; -- } -+ return; - } - else - #endif -@@ -732,10 +749,7 @@ copyin_link(struct cpio_file_stat *file_ - - if (archive_format != arf_tar && archive_format != arf_ustar) - { -- link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1); -- link_name[file_hdr->c_filesize] = '\0'; -- tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize); -- tape_skip_padding (in_file_des, file_hdr->c_filesize); -+ link_name = get_link_name (file_hdr, in_file_des); - } - else - { -diff -Nurp cpio-2.8.orig/tests/Makefile.am cpio-2.8/tests/Makefile.am ---- cpio-2.8.orig/tests/Makefile.am 2006-10-24 18:32:13.000000000 +0800 -+++ cpio-2.8/tests/Makefile.am 2014-12-08 11:30:52.387789482 +0800 -@@ -45,6 +45,8 @@ TESTSUITE_AT = \ - testsuite.at\ - inout.at\ - symlink.at\ -+ symlink-bad-length.at\ -+ symlink-long.at\ - version.at - - TESTSUITE = $(srcdir)/testsuite -diff -Nurp cpio-2.8.orig/tests/symlink-bad-length.at cpio-2.8/tests/symlink-bad-length.at ---- cpio-2.8.orig/tests/symlink-bad-length.at 1970-01-01 08:00:00.000000000 +0800 -+++ cpio-2.8/tests/symlink-bad-length.at 2014-12-08 11:33:25.283783507 +0800 -@@ -0,0 +1,49 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11 did segfault with badly set symlink length. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-bad-length]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_DATA([ARCHIVE.base64], -+[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv -+JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF -+UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA= -+]) -+ -+AT_CHECK([ -+base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST -+cpio -ntv < ARCHIVE -+test $? -eq 2 -+], -+[0], -+[-rw-rw-r-- 1 10029 10031 13 Nov 25 13:52 FILE -+],[cpio: LINK: stored filename length too big -+cpio: premature end of file -+]) -+ -+AT_CLEANUP -diff -Nurp cpio-2.8.orig/tests/symlink-long.at cpio-2.8/tests/symlink-long.at ---- cpio-2.8.orig/tests/symlink-long.at 1970-01-01 08:00:00.000000000 +0800 -+++ cpio-2.8/tests/symlink-long.at 2014-12-08 11:34:28.807781024 +0800 -@@ -0,0 +1,46 @@ -+# Process this file with autom4te to create testsuite. -*- Autotest -*- -+# Copyright (C) 2014 Free Software Foundation, Inc. -+ -+# This program is free software; you can redistribute it and/or modify -+# it under the terms of the GNU General Public License as published by -+# the Free Software Foundation; either version 3, or (at your option) -+# any later version. -+ -+# This program is distributed in the hope that it will be useful, -+# but WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+# GNU General Public License for more details. -+ -+# You should have received a copy of the GNU General Public License -+# along with this program; if not, write to the Free Software -+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -+# 02110-1301 USA. -+ -+# Cpio v2.11.90 changed the way symlink name is read from archive. -+# References: -+# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html -+ -+AT_SETUP([symlink-long]) -+AT_KEYWORDS([symlink-long copyout]) -+ -+AT_CHECK([ -+ -+# len(dirname) > READBUFSIZE -+dirname= -+for i in {1..52}; do -+ dirname="xxxxxxxxx/$dirname" -+ mkdir "$dirname" -+done -+ln -s "$dirname" x || AT_SKIP_TEST -+ -+echo x | cpio -o > ar -+list=`cpio -tv < ar | sed 's|.*-> ||'` -+test "$list" = "$dirname" && echo success || echo fail -+], -+[0], -+[success -+],[2 blocks -+2 blocks -+]) -+ -+AT_CLEANUP -diff -Nurp cpio-2.8.orig/tests/testsuite.at cpio-2.8/tests/testsuite.at ---- cpio-2.8.orig/tests/testsuite.at 2006-10-24 18:32:13.000000000 +0800 -+++ cpio-2.8/tests/testsuite.at 2014-12-08 11:34:56.515779942 +0800 -@@ -31,3 +31,5 @@ m4_include([version.at]) - - m4_include([inout.at]) - m4_include([symlink.at]) -+m4_include([symlink-bad-length.at]) -+m4_include([symlink-long.at]) diff --git a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch b/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch deleted file mode 100644 index e16585dd3f..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch +++ /dev/null @@ -1,31 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Define AC_USE_SYSTEM_EXTENSIONS only if it was previously undefined. -# This is needed to configure correctly with newer versions of autoconf. - -diff -urN cpio-2.8.orig/m4/extensions.m4 cpio-2.8/m4/extensions.m4 ---- cpio-2.8.orig/m4/extensions.m4 2006-10-12 04:34:45.000000000 -0700 -+++ cpio-2.8/m4/extensions.m4 2010-07-23 14:37:36.000000000 -0700 -@@ -1,4 +1,4 @@ --# serial 4 -*- Autoconf -*- -+# serial 5 -*- Autoconf -*- - # Enable extensions on systems that normally disable them. - - # Copyright (C) 2003, 2006 Free Software Foundation, Inc. -@@ -16,6 +16,7 @@ - # ------------------------ - # Enable extensions on systems that normally disable them, - # typically due to standards-conformance issues. -+m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [], [ - AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS], - [ - AC_BEFORE([$0], [AC_COMPILE_IFELSE]) -@@ -48,7 +49,7 @@ - AC_DEFINE([__EXTENSIONS__]) - AC_DEFINE([_POSIX_PTHREAD_SEMANTICS]) - AC_DEFINE([_TANDEM_SOURCE]) --]) -+])]) - - # gl_USE_SYSTEM_EXTENSIONS - # ------------------------ diff --git a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch b/meta/recipes-extended/cpio/cpio-2.8/statdef.patch deleted file mode 100644 index a00799fea9..0000000000 --- a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch +++ /dev/null @@ -1,15 +0,0 @@ -Upstream-Status: Inappropriate [licensing] - -# Avoid multiple stat definitions -# Patch taken from cpio mailing list posting 2010-03-19 - -diff -urN cpio-2.11.orig/src/filetypes.h cpio-2.11/src/filetypes.h ---- cpio-2.11.orig/src/filetypes.h 2010-02-12 02:19:23.000000000 -0800 -+++ cpio-2.11/src/filetypes.h 2010-07-23 13:17:25.000000000 -0700 -@@ -82,4 +82,6 @@ - #define lstat stat - #endif - int lstat (); -+#ifndef stat - int stat (); -+#endif |