From 881258043c2a90ddd1653505e30351a03f7a97e2 Mon Sep 17 00:00:00 2001 From: jchzhou Date: Fri, 10 May 2024 10:59:58 +0800 Subject: [PATCH] fix undefined behavior in scmp_bpf_sim.c causing issues when building with clang Signed-off-by: jchzhou (cherry picked from commit e258642b09c628e0fe81795bf579905504edf8cf) --- fix_undefined_behavior_in_scmp_bpf_sim.patch | 25 ++++++++++++++++++++ libseccomp.spec | 7 +++++- 2 files changed, 31 insertions(+), 1 deletion(-) create mode 100644 fix_undefined_behavior_in_scmp_bpf_sim.patch diff --git a/fix_undefined_behavior_in_scmp_bpf_sim.patch b/fix_undefined_behavior_in_scmp_bpf_sim.patch new file mode 100644 index 0000000..ecf3f96 --- /dev/null +++ b/fix_undefined_behavior_in_scmp_bpf_sim.patch @@ -0,0 +1,25 @@ +From 3292da1d4dafab2d18c7b750fa278bcc8a362d04 Mon Sep 17 00:00:00 2001 +From: q66 +Date: Wed, 20 Dec 2023 04:01:42 +0100 +Subject: [PATCH] fix UB-ass UB in scmp_bpf_sim + +--- + tools/scmp_bpf_sim.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/tools/scmp_bpf_sim.c b/tools/scmp_bpf_sim.c +index a381314..eeaa5bc 100644 +--- a/tools/scmp_bpf_sim.c ++++ b/tools/scmp_bpf_sim.c +@@ -182,7 +182,8 @@ static void bpf_execute(const struct bpf_program *prg, + switch (code) { + case BPF_LD+BPF_W+BPF_ABS: + if (k < BPF_SYSCALL_MAX) { +- uint32_t val = *((uint32_t *)&sys_data_b[k]); ++ uint32_t val; ++ memcpy(&val, &sys_data_b[k], sizeof(val)); + state.acc = ttoh32(arch, val); + } else + exit_error(ERANGE, ip_c); +-- +2.43.0 diff --git a/libseccomp.spec b/libseccomp.spec index a77ad61..a842e66 100644 --- a/libseccomp.spec +++ b/libseccomp.spec @@ -1,6 +1,6 @@ Name: libseccomp Version: 2.5.4 -Release: 2 +Release: 3 Summary: Interface to the syscall filtering mechanism License: LGPLv2 URL: https://github.com/seccomp/libseccomp @@ -9,6 +9,8 @@ Source0: https://github.com/seccomp/libseccomp/releases/download/v%{version}/%{n Patch2: backport-arch-disambiguate-in-arch-syscall-validate.patch Patch3: Add-64-bit-LoongArch-support.patch Patch4: fix-build-error-for-libseccomp.patch +# https://github.com/chimera-linux/cports/pull/1099 +Patch5: fix_undefined_behavior_in_scmp_bpf_sim.patch BuildRequires: gcc gperf autoconf automake @@ -79,6 +81,9 @@ make check %{_mandir}/man*/* %changelog +* Fri May 10 2024 jchzhou - 2.5.4-3 +- fix undefined behavior in scmp_bpf_sim.c causing issues when building with clang + * Mon Jul 31 2023 Jingyun Hua - 2.5.4-2 - add loongarch64 support for libseccomp -- Gitee