diff --git a/0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch b/0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch new file mode 100644 index 0000000000000000000000000000000000000000..d72236a28314a99b35005c5e42d82e5580083931 --- /dev/null +++ b/0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch @@ -0,0 +1,126 @@ +From 42e892d96e47b1f6e29844cc705e148ec4856448 Mon Sep 17 00:00:00 2001 +From: Jessica Clarke +Date: Wed, 12 Jan 2022 21:27:16 +0000 +Subject: [PATCH] Use default rather than hard-coded 8 for maximum aggregate + member alignment (#1378) + +On CHERI, and thus Arm's Morello prototype, pointers are represented as +hardware capabilities. These capabilities are comprised of not just an +integer address, as is the representation for traditional pointers, but +also bounds, permissions and other metadata, plus a tag bit used as the +validity bit, which provides fine-grained spatial and referential safety +for C and C++ in hardware. This tag bit is not part of the data itself +and is instead kept on the side, flowing with the capability between +registers and the memory subsystem, and any attempt to amplify the +privilege of or corrupt a capability clears this tag (or, in some cases, +traps), rendering them impossible to forge; you can only create +capabilities that are (possibly trivial) subsets of existing ones. + +When the capability is stored in memory, this tag bit needs to be +preserved, which is done through the use of tagged memory. Every +capability-sized word gains an additional non-addressable (from the +CPU's perspective; depending on the implementation the tag bits may be +stored in a small block of memory carved out of normal DRAM that the CPU +is blocked from accessing) bit. This means that capabilities can only be +stored to aligned locations; attempting to store them to unaligned +locations will trap with an alignment fault or, if you end up using a +memcpy call, will copy the raw bytes of the capability's representation +but lose the tag, so when it is eventually loaded back as a capability +and dereferenced it will fault. + +Since, on 64-bit architectures, our capabilities, used to implement C +language pointers, are 128-bit quantities, this means they need 16-byte +alignment. Currently the various #pragma pack directives, used to work +around (extremely broken and bogus) code that includes jsoncpp in a +context where the maximum alignment has been overridden, hard-code 8 as +the maximum alignment to use, and so do not sufficiently align CHERI / +Morello capabilities on 64-bit architectures. On Windows x64, the +default is also not 8 but 16 (ARM64 is supposedly 8), so this is +slightly dodgy to do there too, but in practice likely not an issue so +long as you don't use any 128-bit types there. + +Instead of hard-coding a width, use a directive that resets the packing +back to the default. Unfortunately, whilst GCC and Clang both accept +using #pragma pack(push, 0) as shorthand like for any non-zero value, +MSVC does not, so this needs to be two directives. +--- + include/json/allocator.h | 3 ++- + include/json/json_features.h | 3 ++- + include/json/reader.h | 3 ++- + include/json/value.h | 3 ++- + include/json/writer.h | 3 ++- + 5 files changed, 10 insertions(+), 5 deletions(-) + +diff --git a/include/json/allocator.h b/include/json/allocator.h +index 95ef8a5..7540642 100644 +--- a/include/json/allocator.h ++++ b/include/json/allocator.h +@@ -9,7 +9,8 @@ + #include + #include + +-#pragma pack(push, 8) ++#pragma pack(push) ++#pragma pack() + + namespace Json { + template class SecureAllocator { +diff --git a/include/json/json_features.h b/include/json/json_features.h +index 7c7e9f5..e4a61d6 100644 +--- a/include/json/json_features.h ++++ b/include/json/json_features.h +@@ -10,7 +10,8 @@ + #include "forwards.h" + #endif // if !defined(JSON_IS_AMALGAMATION) + +-#pragma pack(push, 8) ++#pragma pack(push) ++#pragma pack() + + namespace Json { + +diff --git a/include/json/reader.h b/include/json/reader.h +index be0d767..46975d8 100644 +--- a/include/json/reader.h ++++ b/include/json/reader.h +@@ -23,7 +23,8 @@ + #pragma warning(disable : 4251) + #endif // if defined(JSONCPP_DISABLE_DLL_INTERFACE_WARNING) + +-#pragma pack(push, 8) ++#pragma pack(push) ++#pragma pack() + + namespace Json { + +diff --git a/include/json/value.h b/include/json/value.h +index 0edeb05..57ecb13 100644 +--- a/include/json/value.h ++++ b/include/json/value.h +@@ -53,7 +53,8 @@ + #pragma warning(disable : 4251 4275) + #endif // if defined(JSONCPP_DISABLE_DLL_INTERFACE_WARNING) + +-#pragma pack(push, 8) ++#pragma pack(push) ++#pragma pack() + + /** \brief JSON (JavaScript Object Notation). + */ +diff --git a/include/json/writer.h b/include/json/writer.h +index 03f9906..7d8cf4d 100644 +--- a/include/json/writer.h ++++ b/include/json/writer.h +@@ -20,7 +20,8 @@ + #pragma warning(disable : 4251) + #endif // if defined(JSONCPP_DISABLE_DLL_INTERFACE_WARNING) + +-#pragma pack(push, 8) ++#pragma pack(push) ++#pragma pack() + + namespace Json { + +-- +2.42.0.windows.2 + diff --git a/jsoncpp.spec b/jsoncpp.spec index ef510c16077b98fc5d3c365245001b0bd37a3317..0f81952871b293ed75f7bdc77add2711e3923d46 100644 --- a/jsoncpp.spec +++ b/jsoncpp.spec @@ -1,6 +1,6 @@ Name: jsoncpp Version: 1.9.5 -Release: 4 +Release: 5 Summary: JSON C++ library License: Public Domain or MIT URL: https://github.com/open-source-parsers/jsoncpp @@ -8,6 +8,7 @@ Source0: https://github.com/open-source-parsers/jsoncpp/archive/%{version BuildRequires: gcc-c++ cmake >= 3.1 python3-devel Patch0001: 0001-Parse-large-floats-as-infinity-1349-1353.patch +Patch0002: 0001-Use-default-rather-than-hard-coded-8-for-maximum-agg.patch %description JsonCpp is a C++ library that allows manipulating JSON values, @@ -93,6 +94,9 @@ hardlink -cfv %{buildroot}%{_docdir}/%{name} %changelog +* Thu Nov 16 2023 liubo - 1.9.5-5 +- Use default rather than hard-coded 8 for maximum aggregate member alignment + * Wed Oct 18 2023 liubo - 1.9.5-4 - Parse large floats as infinity