aboutsummaryrefslogtreecommitdiffstats
path: root/package/utils
Commit message (Collapse)AuthorAgeFilesLines
* bsdiff: Add patches for CVEsHauke Mehrtens2023-11-194-13/+433
| | | | | | | | | | | | | Add two patches from Debian fixing CVEs in the bsdiff application. CVE-2014-9862: Heap vulnerability in bspatch CVE-2020-14315: Memory Corruption Vulnerability in bspatch Copied the patches from this location: https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit cac723e8b8748938b8d80603578c60189fc32b24)
* packages: assign PKG_CPE_ID for all missing packagesAlexander Couzens2023-09-275-0/+5
| | | | | | | | | The PKG_CPE_ID links to NIST CPE version 2.2. Assign PKG_CPE_ID to all remaining package which have a CPE ID. Not every package has CPE id. Related: https://github.com/openwrt/packages/issues/8534 Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* lua: fix integer overflow in LNUM patchAdam Bailey2023-08-122-16/+16
| | | | | | | | | | | Safely detect integer overflow in try_addint() and try_subint(). Old code relied on undefined behavior, and recent versions of GCC on x86 optimized away the if-statements. This caused integer overflow in Lua code instead of falling back to floating-point numbers. Signed-off-by: Adam Bailey <aebailey@gmail.com> (cherry picked from commit 3a2e7c30d3e6a187ba1df740cdb24c8ad84dfe48)
* treewide: Trigger reinstall of all wolfssl dependenciesHauke Mehrtens2023-01-012-2/+2
| | | | | | | | | The ABI of the wolfssl library changed a bit between version 5.5.3 and 5.5.4. This release update will trigger a rebuild of all packages which are using wolfssl to make sure they are adapted to the new ABI. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit ee47a28cec01c7943238bae45f65a98e4fc9abbe)
* e2fsprogs: Fix CVE-2022-1304Hauke Mehrtens2022-12-062-1/+51
| | | | | | | | | | This fixes CVE-2022-1304: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 60e335b76ea0aeedd9f8e01d247f9aaa617076da)
* ucode: update to latest Git HEADJo-Philipp Wich2022-12-061-3/+3
| | | | | | | | | | | | | | | | | | 46d93c9 tests: fixup testcases 4c654df types: adjust double printing format eac2add compiler: fix bytecode for logical assignments of properties 3903b18 fs: add `realpath()` function 8366102 math: add isnan() function eef83d3 tests: relax sleep() test 394e901 lib: uc_json(): accept trailing whitespace when parsing strings 1867c8b uloop: terminate parent uloop in task child processes d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()` 6c5ee53 compiler: ensure that arrow functions with block bodies return no value fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics 88dcca7 add cmake to install requires for debian Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit a4d67066e39bd93c7011c8e07b740a326e4e9803)
* busybox: awk: fix use after free (CVE-2022-30065)Hauke Mehrtens2022-11-051-0/+42
| | | | | | | | | | | | This backports a commit which fixes a use after free bug in awk. CVE-2022-30065 description: A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 8b383ee2a0d21144258346ad39006fc499d04b4f)
* util-linux: Update to version 2.37.4Hauke Mehrtens2022-11-051-2/+2
| | | | | | | | | This update contains only a security fix for an issue in chsh and chfn, but OpenWrt is not packaging these applications so OpenWrt is not affected. In OpenWrt master this was already fixed by the update to util-linux 2.38. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ucode: update to latest Git HEADJo-Philipp Wich2022-10-181-3/+3
| | | | | | | | 00af065 fs: expose `getdelim()` functionality through `fd.read()` 21ace5e lexer: fixes for regex literal parsing Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 1b90c7441b81aee7b1212e8918e3ec7144375d96)
* ucode: update to latest Git HEADJo-Philipp Wich2022-10-151-3/+3
| | | | | | | | | | | | | | | | | | | | | | | 4ae7072 fs: use `getline()` for line wise read operations 21ace5e lexer: fixes for regex literal parsing 00965fa lib: implement slice() function 76d396d main: implement print mode 7bbba78 compiler: optimize function return opcode generation a45f2a3 lexer: improve regex literal handling d64d5d6 vm: maintain export symbol tables per program f4b4ded uloop: task: gracefully handle absent output callback a58fe47 ubus: hold reference to underlying connection until deferred is concluded e23b58a lib: uc_system(): retry waitpid() on EINTR cc4eb79 ubus: support obtaining numeric error code 01c412c ubus: add toplevel constants for ubus status codes 8e240fa ubus: allow object method call handlers to return a numeric status code 5cdddd3 lib: add limit support to split() and replace() 0ba9c3e fs: add optional third permission argument to fs.open() c1f7b3b lib: remove fixed capture group limit in match() and regex replace() Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commits 639754e36d849553e288f8e34f51f793761c07db and 5110dcb1fa44fc1aac737c63b31474daa471de89)
* ramips: add support for ZyXEL NWA50AX / NWA55AXEDavid Bauer2022-10-144-0/+392
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Hardware -------- CPU: Mediatek MT7621 RAM: 256M DDR3 FLASH: 128M NAND ETH: 1x Gigabit Ethernet WiFi: Mediatek MT7915 (2.4/5GHz 802.11ax 2x2 DBDC) BTN: 1x Reset (NWA50AX only) LED: 1x Multi-Color (NWA50AX only) UART Console ------------ NWA50AX: Available below the rubber cover next to the ethernet port. NWA55AXE: Available on the board when disassembling the device. Settings: 115200 8N1 Layout: <12V> <LAN> GND-RX-TX-VCC Logic-Level is 3V3. Don't connect VCC to your UART adapter! Installation Web-UI ------------------- Upload the Factory image using the devices Web-Interface. As the device uses a dual-image partition layout, OpenWrt can only installed on Slot A. This requires the current active image prior flashing the device to be on Slot B. If the currently installed image is started from Slot A, the device will flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case and the device will return to the ZyXEL firmware upon next boot. If this happens, first install a ZyXEL firmware upgrade of any version and install OpenWrt after that. Installation TFTP ----------------- This installation routine is especially useful in case * unknown device password (NWA55AXE lacks reset button) * bricked device Attach to the UART console header of the device. Interrupt the boot procedure by pressing Enter. The bootloader has a reduced command-set available from CLI, but more commands can be executed by abusing the atns command. Boot a OpenWrt initramfs image available on a TFTP server at 192.168.1.66. Rename the image to owrt.bin $ atnf owrt.bin $ atna 192.168.1.88 $ atns "192.168.1.66; tftpboot; bootm" Upon booting, set the booted image to the correct slot: $ zyxel-bootconfig /dev/mtd10 get-status $ zyxel-bootconfig /dev/mtd10 set-image-status 0 valid $ zyxel-bootconfig /dev/mtd10 set-active-image 0 Copy the OpenWrt ramboot-factory image to the device using scp. Write the factory image to NAND and reboot the device. $ mtd write ramboot-factory.bin firmware $ reboot Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit a0b7fef0ffe4cd9cca39a652a37e4f3ce8f0a681)
* busybox: nslookup: ensure unique transaction IDs for the DNS queriesUwe Kleine-König2022-10-141-0/+42
| | | | | | | | | | | | | On machines with a coarse monotonic clock (here: TP-Link RE200 powered by a MediaTek MT7620A) it can happen that the two DNS requests (for A and AAAA) share the same transaction ID. If this happens the second reply is wrongly dropped and nslookup reports "No answer". Fix this by ensuring that the transaction IDs are unique. Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org> (cherry picked from commit 63e5ba8e69f03a584b707520db0a0821eda3024f) Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* treewide: fix security issues by bumping all packages using libwolfsslPetr Štetiar2022-10-042-2/+2
| | | | | | | | | | | | | | | | | | As wolfSSL is having hard time maintaining ABI compatibility between releases, we need to manually force rebuild of packages depending on libwolfssl and thus force their upgrade. Otherwise due to the ABI handling we would endup with possibly two libwolfssl libraries in the system, including the patched libwolfssl-5.5.1, but still have vulnerable services running using the vulnerable libwolfssl-5.4.0. So in order to propagate update of libwolfssl to latest stable release done in commit ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely exploitable vulnerabilities, we need to bump PKG_RELEASE of all packages using wolfSSL library. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit f1b7e1434f66a3cb09cb9e70b40add354a22e458)
* ucode: update to latest Git HEADJo-Philipp Wich2022-08-311-3/+3
| | | | | | | | | 344fa9e lib: extend render() to support function values 89452b2 lib: improve getenv() and split() implementations Signed-off-by: Jo-Philipp Wich <jo@mein.io> [fix commit subject] (cherry picked from commit c6d6306827e9296faad26981996825ce3e90259d)
* ucode: update to latest Git HEADJo-Philipp Wich2022-08-251-4/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | bcdd2cb examples: add module search path initialization and freeing ee1946f ubus: fix GCC strncpy() truncation warning 131d99c lib: introduce three new functions call(), loadstring() and loadfile() 8e8dae0 lib: introduce helper function for indenting error messages 476f02b lib: simplify include_path() d84b53a source: avoid null pointer access in uc_source_runpath_set() c43a54f types: gracefully handle unpatched upvalues in ucv_free() e2fb11a README.md: document gc() function b41cb2d main: introduce -g flag to allow enabling periodic gc from cli 85d7885 lib: implement gc() 47528f0 vm: support automatic periodic GC runs 381cc75 types: treat vm->exports as GC roots fcc49e6 compiler: add import statement support for dynamic extensions c9442f1 vm: introduce new I_DYNLOAD opcode b6fd8a2 lib: internally expose new uc_require_library() helper a486adc vm: don't treat offset 0 special for exceptions 41ccd19 compiler: don't treat offset 0 special at syntax errors b4a3f68 compiler: improve formatting of nested syntax error messages 5d5dadc program: remove now unused uc_program_export_lookup() 304995b compiler: rework export index allocation 506cc37 compiler: fix deriving module path from source runpath 54b7fac compiler: enforce stricter module compilation rules d62e372 vm: don't initialize upvalues for module functions b856602 program: add serialization and deserialization for module function flag d7d1bde compiler: add a flag denoting module functions 156d584 treewide: unexport libucode internal functions 10e056d compiler: add support for import/export statements 862e49d compiler: resolve predeclared upvalues 78dfb08 compiler: require a name in function declarations afd78c1 compiler: fix reported source position in inc/dec operator error e1c3db0 tests: run_tests.sh: substitute dynamic test directory path in output 3c168b5 vm, cli: move search path into global configuration structure d85bc71 vm: introduce import and export opcodes 365782e vm: honor constant flag of objects and arrays 6becc64 vm: transparently resolve upvalue references 3418967 vm: gracefully handle unresolved upvalues 50cf572 program: add function to globally lookup exported name c441f65 program: add infrastructure to handle multiple sources per program 2322468 program: fix reporting source position of first instruction 9c9a9ec program: fix en/decoding debuginfo upvalue slots in precompiled bytecode 41114a0 source: add tracking of exported symbols 70ae304 lib: honor constant flag of arrays 3c104f5 types: resolve upvalue references on stringification 3a6f9cb types: add ability to mark array and object values as constant b738f3a lexer: recognize module related keywords 03c8e4b lexer: rewrite token scanner fd433aa lexer: fix parsing with disabled block left stripping 557577a rtnl: fix parsing/creation of IFLA_AF_SPEC RTA for the AF_BRIDGE family 35c6b73 compiler: fix stack mismatch on continue statements nested in switches f673096 uloop: end uloop on exceptions in managed code 2e5426c ubus: end uloop on exceptions in managed code c024270 rtnl: expose IFLA_STATS64 contents d3c58c0 rtnl: expose ifinfomsg.ifi_change member c4dde50 rtnl: update NETLINK_GET_STRICT_CHK socket flag with every request 7ef0d02 nl80211: fix NL80211_SURVEY_INFO_NOISE datatype 9a2e592 compiler: fix stack mismatch on nonmatching switch statements with locals 03c8ca5 nl80211: recognize further NL80211_STA_INFO_* NLAs a1ed566 struct: add optional offset argument to `unpack()` 230e595 rtnl: fix segmentation fault on parsing linkinfo RTA without data 523566d rtnl: zero request message headers 56be30d rtnl: fix premature netlink reply receive abort 1347440 rtnl: avoid stray "netlink: %d bytes leftover after parsing attributes." 44b0a3b struct: fix packing `*` format after other repeated formats Also package uloop binding module which has been introduced by a previous ucode update and introduce a host build with the basic set of modules. Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 3446d32616efad335c4eeeafc2f542089839bf20)
* uencrypt: add package to decrypt WG4хх223 configEneas U de Queiroz2022-08-193-0/+194
| | | | | | | | | This adds a simple AES-128-CBC encryption/decryption program using either wolfSSL or OpenSSL as backend to decrypt Arcadyan WG4xx223 configuration partitions. The ipk size is 3,355 bytes. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (cherry picked from commit bc43ad88ed18722c0621fd6dfef0ff68268f4e14)
* sdk: add spidev-test to the bundle of userspace sourcesChristian Lamparter2022-07-221-2/+3
| | | | | | | | | | | | | | moves and extends the current facilities, which have been added some time ago for the the usbip utility, to support more utilites that are shipped with the Linux kernel tree to the SDK. this allows to drop all the hand-waving and code for failed previous attempts to mitigate the SDK build failures. Fixes: bdaaf66e28bd ("utils/spidev_test: build package directly from Linux") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (cherry picked from commit b479db9062b721776be44b976961a1031c1344ea)
* packages: nvram: add NVRAM quirks for bcm53xx targetArınç ÜNAL2022-06-073-4/+48
| | | | | | | | | | | | Add NVRAM quirks script for the bcm53xx target. Split NVRAM quirks for the bcm47xx and bcm53xx targets. Move clear partialboot NVRAM quirk for Linksys EA9500 here. Add set wireless LED behaviour quirk for Asus RT-AC88U. Use boot() instead of start() as nvram commands are meant to be executed only once, at boot. Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com> (cherry picked from commit f4e219fd5e6cfa33d234dad134fb105cc1620f54)
* ucode: update to latest Git HEADJo-Philipp Wich2022-06-011-3/+3
| | | | | | | | | | | | d996047 syntax: adjust number literal parsing and string to number conversion 9efbe18 lib: refactor `uc_int()` da3f089 lib: rework uc_index() implementation 559029e ci: make jobs faster during pull request testing Fixes: #9923 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commits 251e70c88725fb33960ca60202dd55a84ae6b4d7 and 7f998088f01baf0da24a9fd20de5d5389023361a)
* ucode: update to latest Git HEADJo-Philipp Wich2022-05-201-3/+3
| | | | | | | | | | 081871e compiler: fix segmentation fault on compiling unexpected unary expressions 090b426 fs: avoid input buffering with small limits in fs.readfile() 8da140f lib: introduce hexenc() and hexdec() 9a72423 Update README.md Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit e2ce2a8d3cd3c885eb61a8b577abf9508ffad7d2)
* f2fs-tools: fix resize.f2fs (#9800)Kerma Gérald2022-05-012-1/+47
| | | | | | | | | | resolve issue - https://github.com/openwrt/openwrt/issues/9800 add the upstream patch: - f2fs-tools.git/patch/?id=f056fbeff08d30a6d9acdb9e06704461ceee3500 Signed-off-by: Kerma Gérald <gandalf@gk2.net> (cherry picked from commit 1aac1b36d3cf44c8bfa8d4a6d8df6e815fc06529)
* ucode: reorder BuildPackage callsJo-Philipp Wich2022-04-281-1/+1
| | | | | | | | | | Ensure that the libucode recipe is processed before the ucode one in order to reliably encode the ABI version into ucode's libucode dependency. Fixes: #9788 Ref: https://forum.openwrt.org/t/fw4-wont-start-after-upgrade/126308 Signed-off-by: Jo-Philipp Wich <jo@mein.io> (cherry picked from commit 573ce80ca612b0f642b7cbd5d9d33d89b7e96670)
* ucode: update to latest Git HEADJo-Philipp Wich2022-04-251-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | e14b099 syntax: implement support for ES6 template literals 111cf06 vm: stop executing bytecode on return of nested calls 33f1e0b treewide: move json-c compat shims into internal header file e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()` 2b59140 vm: fix callframe double free on unhanded exceptions 7d7e950 main: abort when failing to load a preload library 1032a67 lib: let `json()` accept input objects implementing `read()` method 5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()` df6b861 ci: debian: change path before attempting to invoke Git operations dfaf05a ci: debian: automatically update changelog from Git tag 34f3c45 ci: fix YAML syntax of Debian workflow e956bcf fs: fix off-by-one in fs.dirname() function 6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv 7c2e082 build: remove legacy json-c check 77942af build: add polyfills for older libjson-c versions 0b4aaa3 CI: build Debian package f404285 debian: Add package definition a37f654 types: fix escape sequence encoding of high byte values in JSON strings aae5312 Update README.md 8134e25 build: fix symlink install target 87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore 7d27ad5 build: only stage ucc symlink if compile support is enabled 171402f lib: add date and time related functions 8b5dc60 lib: provide API function to obtain stdlib function implementations eb0d2f1 main: turn ucode into multicall executable 28ee7e1 uloop: add support for tasks 753dea9 CI: build on macOS 668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()` ab46fdf treewide: remove legacy json-c include directives b8f49b1 tests: 21_regex_literals: generalize syntax error test case fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X 2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag 55c4a90 lib: disallow zero padding for %s formats 0d05cb5 tests: run_tests.sh: use greadlink if available 271e520 resolv: make OS X compatible d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X 33397a3 uloop: use execvp() on OS X bafdc8f lib: add naive sigtimedwait() stub for OS X ada1585 build: consolidate CMakeLists.txt and cover OS X deviations befbb69 include: add OS X compatible endian.h header 49838a8 include: rename include guards to avoid clashes with system headers 91f65de nl80211: add missing attributes and correct some attribute flags b4a1fd5 lib: adjust require(), render() and include() raw mode semantics 4618807 main: rework CLI frontend 73dcd78 lib: fix potential integer underflow on empty render output c402551 vm: fix crash on object literals with non-string computed properties efe8a02 syntax: support add new operators 078d686 ubus: add event support 6c66c83 ubus: refactor error and argument handling 1cb04f9 ubus: add object publishing, notify and subscribe support 0e85974 uloop: clear errno before integer conversion attempts 05bd7ed types: treat resource type prototypes as GC roots a2a26ca lib: introduce uloop binding 6b6d01f vm: release this context on exception in managed method call 1af23a9 tests: fix proto() testcase 4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush() Signed-off-by: Jo-Philipp Wich <jo@mein.io> (backported from commits cef3e6a69c4751189e946cf2ff0e00304f9fff6e, 0400774a1001835b912ecf2097bba1306deba9f8 and c59704334c4a01bc18ab489f86d4ca7d2ea3cb8f)
* busybox: Fix snprintf arguments in lockHauke Mehrtens2022-04-051-1/+1
| | | | | | | | | | The first argument for snprintf is the buffer and the 2. one is the size. Fix the order. This broke the lock application. Fixes: 9d2b26d5a705 ("busybox: fix busybox lock applet pidstr buffer overflow") Reported-by: Hartmut Birr <e9hack@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit d80336e1a970b088c235dcf2773052537e6f5d72)
* busybox: fix busybox lock applet pidstr buffer overflowQichao Zhang2022-04-051-3/+3
| | | | | | | | | | | Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7 digits) which will cause buffer overflow in busbox lock patch, this often happens when running in a rootfs container environment. This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer for pid number and an additional char '\n'. Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com> (cherry picked from commit 34567750db2c3a84fc9f971189c223e2eefd93b0)
* util-linux: add lsnsOskari Rauta2022-03-051-0/+16
| | | | | | lsns lists system namespaces Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
* usbmode: update to version 2022-02-24Petr Štetiar2022-02-261-4/+4
| | | | | | * usbmode: add config #0 and delay before actual config Signed-off-by: Petr Štetiar <ynezz@true.cz>
* jsonfilter: update makefile urlVladislav Grigoryev2022-02-261-1/+1
| | | | | | Specify URL as PKG_SOURCE_URL in the jsonfilter Makefile. Signed-off-by: Vladislav Grigoryev <vg.aetera@gmail.com>
* ucode: update to latest Git HEADJo-Philipp Wich2022-02-121-3/+3
| | | | | | | | a29bad9 compiler: fix patchlist corruption on switch statement syntax errors 86f0662 lib: change `ord()` to always return single byte value 116a8ce vallist: fix storing/retrieving short strings with 8bit byte value Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ucode: update to latest Git HEADJo-Philipp Wich2022-02-081-4/+4
| | | | | | a317c17 compiler: fix incorrect loop break targets Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ucode: update to latest Git HEADJo-Philipp Wich2022-02-071-3/+3
| | | | | | | | | | | | | | | | | | | | | 11adf0c source: convert source objects into proper uc_value_t type 3a49192 treewide: rework function memory model 7edad5c tests: add functional tests for builtin functions d5003fd lib: fix leaking tokener in uc_json() on parse exception 5d0ecd9 lib: fix infinite loop on empty regexp matches in uc_replace() 3ad57f1 lib: fix infinite loop on empty regexp matches in uc_match() 32d596d lib: fix infinite loop on empty regexp matches in uc_split() 3e3f38d vm: ensure consistent trace output between gcc and clang compiled ucode 3600ded vm: fix leaking function value on call exception 3059295 vm: NULL-initialize pointer to make cppcheck happy 98e59bf source: zero-initialize conversion union to make cppcheck happy 7a65c14 run_tests.sh: change workdir to testcase directory during execution afec8d7 run_tests.sh: support placing supplemental testcase files 3ada6e0 run_tests.sh: always treat outputs as text data 2cb627f program: rename bytecode load/write functions, track path of executed file 1094ffa lib: fix memory leak in uc_require_ucode() Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* util-linux: package ipcs commandStijn Tintel2022-02-051-0/+18
| | | | | | | Add a package for util-linux' ipcs command, to show information about System V inter-process communication facilities. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* e2fsprogs: Update to version 1.46.5Hauke Mehrtens2022-02-013-32/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The sizes of the ipk changed on MIPS 24Kc like this: 8788 badblocks_1.45.6-2_mips_24kc.ipk 8861 badblocks_1.46.5-1_mips_24kc.ipk 3652 chattr_1.45.6-2_mips_24kc.ipk 3657 chattr_1.46.5-1_mips_24kc.ipk 58128 debugfs_1.45.6-2_mips_24kc.ipk 60279 debugfs_1.46.5-1_mips_24kc.ipk 8551 dumpe2fs_1.45.6-2_mips_24kc.ipk 8567 dumpe2fs_1.46.5-1_mips_24kc.ipk 4797 e2freefrag_1.45.6-2_mips_24kc.ipk 4791 e2freefrag_1.46.5-1_mips_24kc.ipk 159790 e2fsprogs_1.45.6-2_mips_24kc.ipk 168212 e2fsprogs_1.46.5-1_mips_24kc.ipk 7083 e4crypt_1.45.6-2_mips_24kc.ipk 7134 e4crypt_1.46.5-1_mips_24kc.ipk 5749 filefrag_1.45.6-2_mips_24kc.ipk 6233 filefrag_1.46.5-1_mips_24kc.ipk 4361 libcomerr0_1.45.6-2_mips_24kc.ipk 4355 libcomerr0_1.46.5-1_mips_24kc.ipk 168040 libext2fs2_1.45.6-2_mips_24kc.ipk 174209 libext2fs2_1.46.5-1_mips_24kc.ipk 8514 libss2_1.45.6-2_mips_24kc.ipk 8613 libss2_1.46.5-1_mips_24kc.ipk 3148 lsattr_1.45.6-2_mips_24kc.ipk 3227 lsattr_1.46.5-1_mips_24kc.ipk 22530 resize2fs_1.45.6-2_mips_24kc.ipk 22909 resize2fs_1.46.5-1_mips_24kc.ipk 33315 tune2fs_1.45.6-2_mips_24kc.ipk 34511 tune2fs_1.46.5-1_mips_24kc.ipk Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* util-linux: Update to version 2.37.3Hauke Mehrtens2022-02-011-2/+2
| | | | | | | | | | | | | | | This release fixes two security mount(8) and umount(8) issues: CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID. CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* util-linux: Do not build raw any more.Hauke Mehrtens2022-02-011-0/+1
| | | | | | | | | | | | | The man page of the raw tool does not build because the disk-utils/raw.8 file is missing. It looks like it should be in the tar.xz file we download, but it is missing. We do not package the raw tool, so this is not a problem. This fixes the following build error: No rule to make target 'disk-utils/raw.8', needed by 'all-am'. Stop. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* util-linux: add lslocksRoman Azarenko2022-01-281-0/+16
| | | | | | This change adds the "lslocks" utility from util-linux. Signed-off-by: Roman Azarenko <roman.azarenko@iopsys.eu>
* ucode: update to latest Git HEADJo-Philipp Wich2022-01-282-16/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | c6dae42 LICENSE: add ISC license file 402f603 lib: introduce struct library dcb6ffd struct: fix PowerPC specific compiler pragma name a0512ea treewide: fix typo in exported function names and types eaaaf88 nl80211: fix wiphy dump reply merge logic e6efadb fs: add utility functions 54ef6c0 nl80211: fix premature netlink reply receive abort 07802f3 syntax: disallow keywords in object property shorthand notation 3489b75 vm: support object property access on resource value types dc8027c types: consider resource prototypes when marking reachable objects 5680fab treewide: fix upvalue reference type name 0d29b25 treewide: fix "resource" misspellings 99fdafd vm: introduce value registry 66f7c00 ubus: add support for async requests 5c77dd5 fs: implement fdopen(), file.fileno() and proc.fileno() b605dbf treewide: rework numeric value handling 599d233 vallist: store double values in a platform neutral manner 5bb9ab7 struct: reuse double packing routines from core 2fd7ab5 vm: optimize string concatenation eafa321 lib: implement uniq() function 6b2e79a types: add initial infrastructure for function serialization 725bb75 compiler, vm: use a program wide constant list 6c2caf9 source: refactor source file handling 371ba45 program: implement support for precompiling source files 3578afe build: support building without compile capabilities 61d0a34 lib: replace usages of vasprintf() with xvasprintf() 03b6a8e syntax: drop legacy syntax support 01132db lib: fix %J string formats with precision specifier 3f44c42 lib: rework format string handling a1b3c5d struct: implement `*` format, fix invalid memory accesses 34a04a2 run_tests.sh: fix exitcode evaluation abe38e7 run_tests.sh: add ability to define environment variables for testcases 04fa2ba tests: reorganize testcase files 6a55d10 lib: fix exists() error return value aa860a3 vm: fix `null` loose equality/inequality checks 3f6d199 vallist: uc_number_parse(): parse empty strings as `0`, not `NaN` ddc5aa7 vm: fix NaN strict equality tests Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ucode: add temporary fix for integer formatting on 32bit systemsJo-Philipp Wich2022-01-232-1/+12
| | | | | | | | | | | | The ucode VM always passes 64bit integer values to sprintf implementation while the `%d` format expects 32bit integers on 32bit platforms, leading to incorrect formatting results. Temporarily solve the issue by casting the numeric argument to int until a more thorough fix arrives with the next update. Fixes: FS#4234 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* util-linux: Add tasksetHauke Mehrtens2022-01-211-0/+15
| | | | | | | This adds the taskset application from util Linux. It is already built, but not packaged yet. Signed-off-by: Hauke Mehrtens <hmehrtens@maxlinear.com>
* mtd-utils: update to 2.1.4Nick Hainke2022-01-162-6/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changes from 2.1.3 to 2.1.4: Features: - ubiscan debugging and statistics utility Fixes: - Some mtd-tests erroneously using sub-pages instead of the full page size - Buffer overrun in fectest - Missing jffs2 kernel header in the last release, leading to build failures on some systems. Changes from 2.1.2 to 2.1.3: Features: flashcp: Add new function that copy only different blocks flash_erase: Add flash erase chip Add flash_otp_erase Add an ubifs mount helper Add nandflipbits tool Fixes: mkfs.ubifs: Fix runtime assertions when running without crypto mtd-utils: Use AC_SYS_LARGEFILE Fix test binary installation libmtd: avoid divide by zero ubihealthd: fix UBIFS build dependency mkfs.ubifs: remove OPENSSL_no_config() misc-utils: Add fectest to build system mkfs.ubifs: Fix build with SELinux Fix typos found by Debian's lintian tool Fix jffs2 build if zlib or lzo headers are not in default paths Signed-off-by: Nick Hainke <vincent@systemli.org>
* busybox: update to 1.35.0Hannu Nyman2022-01-0810-208/+314
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update busybox to 1.35.0 * refresh patches Config refresh: Refresh commands, run after busybox is first built once: cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0 cd .. ./convert_defaults.pl ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0/.config > Config-defaults.in Manual edits needed after config refresh: * Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6 * Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec) * Config-defaults.in: OpenWrt logic applied to BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917) * config/editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090) * config/shell/Config.in : change at "Options common to all shells" the symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.) * Edit Config.in files by adding quotes to sourced items in config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f) Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
* utils/mdadm: fix build on hosts without /run dirSergey V. Lobanov2022-01-081-1/+1
| | | | | | | CHECK_RUN_DIR=0 must be a part of MAKE_FLAGS, not MAKE_VARS, otherwise it is not possible to compile mdadm on host without /run dir. Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* lua: add HOST_FPIC for host buildsPaul Spooren2022-01-032-4/+4
| | | | | | | | | Compiling without fPIC causes linking issues for packages using liblua. Add $(HOST_FPIC) to host builds for both lua and lua5.3. Suggested-by: Rosen Penev <rosenp@gmail.com> Signed-off-by: Paul Spooren <mail@aparcar.org>
* utils/px5g-wolfssl: make selfsigned certicates compatible with chromiumSergey V. Lobanov2021-12-292-1/+21
| | | | | | | | | | | | | | Chromium based web-browsers (version >58) checks x509v3 extended attributes. If this check fails then chromium does not allow to click "Proceed to ... (unsafe)" link. This patch add three x509v3 extended attributes to self-signed certificate: 1. SAN (Subject Alternative Name) (DNS Name) = CN (common name) 2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment 3. Extended Key Usage = TLS Web Server Authentication SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
* otrx: update to the latest masterRafał Miłecki2021-12-131-3/+3
| | | | | | | | | | | 56e8e19 otrx: support TRX from stdin when extracting a37ccaf otrx: support unsorted partitions offsets 1fa145e otrx: extract shared code opening & parsing TRX format 4ecefda otrx: allow validating TRX from stdin cf01e69 otrx: avoid unneeded fseek() when calculating CRC32 Fixes: 80041dea7094 ("bcm53xx: sysupgrade: refactor handling different firmware formats") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* dtc: support printing binary data with fdtgetRafał Miłecki2021-12-131-0/+137
| | | | | | | It's needed for extracting binary images. Cc: Yousong Zhou <yszhou4tech@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* dtc: import package for dtc & fdt from packages feedRafał Miłecki2021-12-131-0/+93
| | | | | | | | | | | | | | | fdt* utils are needed by targets that use U-Boot FIT images for sysupgrade. It includes all recent BCM4908 SoC routers as Broadcom switched from CFE to U-Boot. fdtget is required for extracting images (bootfs & rootfs) from Broadcom's ITB. Extracted images can be then flashed to UBI volumes. sysupgrade is core functionality so it needs dtc as part of base code base. Cc: Yousong Zhou <yszhou4tech@gmail.com> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* f2fstools: set each library package VARIANTEneas U de Queiroz2021-11-011-1/+3
| | | | | | | Set the different libf2fs packages's VARIANT, so that the right settings will be used by each different variant, if they are both being built. Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
* secilc: update to version 3.3Dominick Grift2021-10-311-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | Update VERSIONs to 3.3 for release. Update VERSIONs to 3.3-rc3 for release. Correct some typos Update VERSIONs to 3.3-rc2 for release. Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/secilc/docs: Update the CIL documentation secilc: fix memory leaks in secilc2conf secilc: fix memory leaks in secilc libsepol/cil: Add support for using qualified names to secil2conf libsepol/cil: Add support for using qualified names to secil2tree secilc: Add support for using qualified names to secilc secilc/test: Add test for anonymous args secilc/docs: Relocate and reword macro call name resolution order secilc/docs: Document the order that inherited rules are resolved in secilc: Create the new program called secil2tree to write out CIL AST secilc/docs: Update the CIL documentation for various blocks secilc.c: Don't fail if input file is empty cil_conditional_statements.md: fix expr definition secilc/docs: Lists are now allowed in constraint expressions Signed-off-by: Daniel Golle <daniel@makrotopia.org> [re-apply now that libsepol is up-to-date as well] Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
* Revert "secilc: update to version 3.3"Daniel Golle2021-10-291-3/+3
| | | | | | | | This reverts commit 2da891e7357c83c54a30075fcddbb63eeca0af99. secilc 3.3 requires libsepol to be version 3.3 as well and doesn't build otherwise. Revert for now. Signed-off-by: Daniel Golle <daniel@makrotopia.org>