diff --git a/CVE-2024-2002.patch b/CVE-2024-2002.patch deleted file mode 100644 index b201175a9c31e4f30cda47d1d0effe014f66a3f8..0000000000000000000000000000000000000000 --- a/CVE-2024-2002.patch +++ /dev/null @@ -1,164 +0,0 @@ -From 404e6b1b14f60c81388d50b4239f81d461b3c3ad Mon Sep 17 00:00:00 2001 -From: David Anderson -Date: Sat, 17 Feb 2024 13:33:39 -0800 -Subject: [PATCH] Fixing DW202402-002, corrupt object caused various libdwarf - crashes with some tailored/fuzzed object files. modified: - src/lib/libdwarf/dwarf_alloc.c modified: - src/lib/libdwarf/dwarf_error.c - -Origin: https://github.com/davea42/libdwarf-code/commit/404e6b1b14f60c81388d50b4239f81d461b3c3ad - ---- - src/lib/libdwarf/dwarf_alloc.c | 56 ++++++++++++++++++++++++++++++++-- - src/lib/libdwarf/dwarf_error.c | 5 +-- - 2 files changed, 57 insertions(+), 4 deletions(-) - -diff --git a/src/lib/libdwarf/dwarf_alloc.c b/src/lib/libdwarf/dwarf_alloc.c -index 9ef9b16f4..a73b8abf9 100644 ---- a/src/lib/libdwarf/dwarf_alloc.c -+++ b/src/lib/libdwarf/dwarf_alloc.c -@@ -143,6 +143,7 @@ _dwarf_error_destructor(void *m) - #if DEBUG_ALLOC - printf("libdwarfdetector DEALLOC Now destruct error " - "string %s\n",dwarfstring_string(erm)); -+ fflush(stdout); - #endif /* DEBUG_ALLOC */ - dwarfstring_destructor(erm); - free(erm); -@@ -182,6 +183,8 @@ struct reserve_data_s { - - #define STATIC_ALLOWED 10 /* arbitrary, must be > 2, see below*/ - static unsigned static_used = 0; -+/* entries in this list point to allocations of -+ type DW_DLA_ERROR. */ - static Dwarf_Error staticerrlist[STATIC_ALLOWED]; - - /* Clean this out if found */ -@@ -215,7 +218,7 @@ dw_empty_errlist_item(Dwarf_Error e_in) - } - } - --/* If the userr calls dwarf_dealloc on an error -+/* If the user calls dwarf_dealloc on an error - out of a dwarf_init*() call, this will find - it in the static err list. Here dbg is NULL - so not mentioned. */ -@@ -226,11 +229,21 @@ _dwarf_add_to_static_err_list(Dwarf_Error error) - if (!error) { - return; - } -+#ifdef DEBUG_ALLOC -+ printf("\nlibdwarfdetector add to static err list " -+ " 0x%lx\n",(unsigned long)(uintptr_t)error); -+ fflush(stdout); -+#endif /* DEBUG_ALLOC */ - for ( ; i er_static_alloc == DE_MALLOC) { - /* This is special, we had no arena - but have a full special area as normal. */ -+#if 0 -+ check_errmsg_list = TRUE; -+#endif - #ifdef DEBUG_ALLOC - printf("DEALLOC does free, DE_MALLOC line %d %s\n", - __LINE__,__FILE__); - fflush(stdout); - #endif /* DEBUG_ALLOC*/ -+ _dwarf_remove_from_staticerrlist(space); - } - /* Was normal alloc, use normal dealloc. */ - /* DW_DLA_ERROR has a specialdestructor */ -diff --git a/src/lib/libdwarf/dwarf_error.c b/src/lib/libdwarf/dwarf_error.c -index e49706693..73f60f2b3 100644 ---- a/src/lib/libdwarf/dwarf_error.c -+++ b/src/lib/libdwarf/dwarf_error.c -@@ -140,7 +140,8 @@ _dwarf_error_string(Dwarf_Debug dbg, Dwarf_Error * error, - errptr = &_dwarf_failsafe_error; - errptr->er_static_alloc = DE_STATIC; - #ifdef DEBUG -- printf("libdwarf no dbg, fullystatic, " -+ printf("libdwarf no dbg to dwarf_error_string," -+ " fullystatic, " - "using DE_STATIC alloc, addr" - " 0x%lx line %d %s\n", - (unsigned long)errptr, -@@ -150,7 +151,7 @@ _dwarf_error_string(Dwarf_Debug dbg, Dwarf_Error * error, - errptr->er_static_alloc = DE_MALLOC; - - #ifdef DEBUG -- printf("libdwarf no dbg,leaks, " -+ printf("libdwarf no dbg, add to static_err_list " - "static DE_MALLOC alloc, addr" - " 0x%lx line %d %s\n", - (unsigned long)errptr, diff --git a/libdwarf-0.11.1.tar.xz b/libdwarf-0.11.1.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..0d9e50becf3b0e2d2585275d0735cd904a540933 Binary files /dev/null and b/libdwarf-0.11.1.tar.xz differ diff --git a/libdwarf-0.9.1.tar.xz b/libdwarf-0.9.1.tar.xz deleted file mode 100644 index bc099e40033b9efb79f93ca3bce701e2c4ff9ce4..0000000000000000000000000000000000000000 Binary files a/libdwarf-0.9.1.tar.xz and /dev/null differ diff --git a/libdwarf-both.patch b/libdwarf-both.patch new file mode 100644 index 0000000000000000000000000000000000000000..e7625a3e486e249efa485fb1a9370d90bf55a823 --- /dev/null +++ b/libdwarf-both.patch @@ -0,0 +1,49 @@ +From 472a7ff891d1847b0f3a98325a0bfc2a60a8df82 Mon Sep 17 00:00:00 2001 +From: Tom Hughes +Date: Tue, 25 Jun 2024 08:55:46 +0100 +Subject: [PATCH] Make default-library=both work on linux + +--- + src/lib/libdwarf/meson.build | 6 +++--- + src/lib/libdwarfp/meson.build | 6 +++--- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/lib/libdwarf/meson.build b/src/lib/libdwarf/meson.build +index a958b732..c0753db4 100644 +--- a/src/lib/libdwarf/meson.build ++++ b/src/lib/libdwarf/meson.build +@@ -120,10 +120,10 @@ else + libzstd_deps = dependency('',required: false) + endif + +-if (lib_type == 'shared') +- compiler_flags = ['-DLIBDWARF_BUILD'] +-else ++if (lib_type == 'static') + compiler_flags = ['-DLIBDWARF_STATIC'] ++else ++ compiler_flags = ['-DLIBDWARF_BUILD'] + endif + + libdwarf_lib = library('dwarf', libdwarf_src, +diff --git a/src/lib/libdwarfp/meson.build b/src/lib/libdwarfp/meson.build +index 33b5340e..9c527111 100644 +--- a/src/lib/libdwarfp/meson.build ++++ b/src/lib/libdwarfp/meson.build +@@ -31,10 +31,10 @@ libdwarfp_src = [ + ] + + libdwarf_dir = include_directories('../libdwarf') +-if (lib_type == 'shared') +- compiler_flags = ['-DLIBDWARF_BUILD'] +-else ++if (lib_type == 'static') + compiler_flags = ['-DLIBDWARF_STATIC'] ++else ++ compiler_flags = ['-DLIBDWARF_BUILD'] + endif + + +-- +2.45.2 + diff --git a/libdwarf.spec b/libdwarf.spec index 3c6ba55060fc8615fa7b69171cd85ff180d3129d..8ece03de7eb448323b9ed80781909054aa682155 100644 --- a/libdwarf.spec +++ b/libdwarf.spec @@ -1,13 +1,17 @@ Name: libdwarf Epoch: 1 -Version: 0.9.1 +Version: 0.11.1 Release: 1 Summary: Library to access DWARF debugging information -License: LGPLv2 -URL: http://www.prevanders.net/dwarf.html +License: LGPL-2.1-only and BSD-2-Clause +URL: https://www.prevanders.net/dwarf.html Source0: https://www.prevanders.net/%{name}-%{version}.tar.xz -Patch0: CVE-2024-2002.patch -BuildRequires: gcc make python3 +# Make default-library=both work on linux +Patch1: libdwarf-both.patch +BuildRequires: gcc +BuildRequires: meson >= 0.54 +BuildRequires: pkgconfig(libzstd) +BuildRequires: pkgconfig(zlib) %description Libdwarf is a library of functions to provide read/write DWARF @@ -34,50 +38,50 @@ Libdwarf-tools contains dwarfdump, a tool to access DWARF debug information. %prep %autosetup -n %{name}-%{version} -p1 - %build -%configure --enable-shared -sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool -sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool -%make_build +%meson -Ddwarfgen=true --default-library=both +%meson_build %install -%make_install +%meson_install %check - -LD_LIBRARY_PATH=$PWD/src/lib/libdwarf/.libs TZ=:America/Los_Angeles %__make check +%meson_test %files -%defattr(-,root,root) %license src/lib/libdwarf/{COPYING,LIBDWARFCOPYRIGHT,LGPL.txt} %{_libdir}/libdwarf.so.0 %{_libdir}/libdwarf.so.0.* +%{_libdir}/libdwarfp.so.0 +%{_libdir}/libdwarfp.so.0.* %files devel -%defattr(-,root,root) %{_includedir}/libdwarf-0 %{_libdir}/pkgconfig/libdwarf.pc %{_libdir}/libdwarf.so +%{_libdir}/libdwarfp.so %{_libdir}/libdwarf.a -%exclude %{_libdir}/*.la +%{_libdir}/libdwarfp.a %files tools -%defattr(-,root,root) %license src/bin/dwarfdump/{COPYING,DWARFDUMPCOPYRIGHT,GPL.txt} %{_bindir}/dwarfdump +%{_bindir}/dwarfgen %{_datadir}/dwarfdump/dwarfdump.conf %files help -%defattr(-,root,root) %doc src/lib/libdwarf/{ChangeLog,README} doc/*.pdf -%{_mandir}/man1/dwarfdump.1.gz +%{_mandir}/man1/dwarfdump.1* +%{_mandir}/man1/dwarfgen.1* %changelog +* Mon Dec 09 2024 Funda Wang - 1:0.11.1-1 +- update to 0.11.1 + * Mon Mar 25 2024 wangkai <13474090681@163.com> - 1:0.9.1-1 - Update to 0.9.1 and fix CVE-2024-2002 -* Thu Jun 15 2023 liyanan - 0.7.0-1 +* Thu Jun 15 2023 liyanan - 1:0.7.0-1 - Update to 0.7.0 * Tue Jul 26 2022 panys - 20210528-1