openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Complete Yocto mirror with license table for TQMa6UL (2038-compliance)

Browse Source 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
This commit is contained in:
Siggi (OpenClaw Agent)
2026-03-01 20:58:18 +00:00
commit 16accb6b24
15086 changed files with 1292356 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

199
sources/poky/meta/recipes-connectivity/avahi/avahi_0.8.bb Normal file
View File

@@ -0,0 +1,199 @@
SUMMARY = "Avahi IPv4LL network address configuration daemon"
DESCRIPTION = 'Avahi is a fully LGPL framework for Multicast DNS Service Discovery. It \
allows programs to publish and discover services and hosts running on a local network \
with no specific configuration. This tool implements IPv4LL, "Dynamic Configuration of \
IPv4 Link-Local Addresses" (IETF RFC3927), a protocol for automatic IP address \
configuration from the link-local 169.254.0.0/16 range without the need for a central \
server.'
HOMEPAGE = "http://avahi.org"
BUGTRACKER = "https://github.com/avahi/avahi/issues"
SECTION = "network"
# major part is under LGPL-2.1-or-later, but several .dtd, .xsl, initscripts and
# python scripts are under GPL-2.0-or-later
LICENSE = "GPL-2.0-or-later & LGPL-2.1-or-later"
LIC_FILES_CHKSUM = "file://LICENSE;md5=2d5025d4aa3495befef8f17206a5b0a1 \
file://avahi-common/address.h;endline=25;md5=b1d1d2cda1c07eb848ea7d6215712d9d \
file://avahi-core/dns.h;endline=23;md5=6fe82590b81aa0ddea5095b548e2fdcb \
file://avahi-daemon/main.c;endline=21;md5=9ee77368c5407af77caaef1b07285969 \
file://avahi-client/client.h;endline=23;md5=f4ac741a25c4f434039ba3e18c8674cf"
SRC_URI = "${GITHUB_BASE_URI}/download/v${PV}/avahi-${PV}.tar.gz \
file://00avahi-autoipd \
file://99avahi-autoipd \
file://initscript.patch \
file://0001-Fix-opening-etc-resolv.conf-error.patch \
file://handle-hup.patch \
file://local-ping.patch \
file://invalid-service.patch \
file://CVE-2023-1981.patch \
file://CVE-2023-38469-1.patch \
file://CVE-2023-38469-2.patch \
file://CVE-2023-38470-1.patch \
file://CVE-2023-38470-2.patch \
file://CVE-2023-38471-1.patch \
file://CVE-2023-38471-2.patch \
file://CVE-2023-38472.patch \
file://CVE-2023-38473.patch \
file://CVE-2024-52616.patch \
"
GITHUB_BASE_URI = "https://github.com/avahi/avahi/releases/"
SRC_URI[sha256sum] = "060309d7a333d38d951bc27598c677af1796934dbd98e1024e7ad8de798fedda"
CVE_STATUS[CVE-2021-26720] = "not-applicable-platform: Issue only affects Debian/SUSE"
DEPENDS = "expat libcap libdaemon glib-2.0 glib-2.0-native"
# For gtk related PACKAGECONFIGs: gtk, gtk3
AVAHI_GTK ?= ""
PACKAGECONFIG ??= "dbus ${@bb.utils.contains_any('DISTRO_FEATURES','x11 wayland','${AVAHI_GTK}','',d)}"
PACKAGECONFIG[dbus] = "--enable-dbus,--disable-dbus,dbus"
PACKAGECONFIG[gtk] = "--enable-gtk,--disable-gtk,gtk+"
PACKAGECONFIG[gtk3] = "--enable-gtk3,--disable-gtk3,gtk+3"
PACKAGECONFIG[libdns_sd] = "--enable-compat-libdns_sd --enable-dbus,,dbus"
PACKAGECONFIG[libevent] = "--enable-libevent,--disable-libevent,libevent"
PACKAGECONFIG[qt5] = "--enable-qt5,--disable-qt5,qtbase"
inherit autotools pkgconfig gettext gobject-introspection github-releases
EXTRA_OECONF = "--with-avahi-priv-access-group=adm \
--disable-stack-protector \
--disable-gdbm \
--disable-dbm \
--disable-mono \
--disable-monodoc \
--disable-qt3 \
--disable-qt4 \
--disable-python \
--disable-doxygen-doc \
--enable-manpages \
${EXTRA_OECONF_SYSVINIT} \
${EXTRA_OECONF_SYSTEMD} \
"
# The distro choice determines what init scripts are installed
EXTRA_OECONF_SYSVINIT = "${@bb.utils.contains('DISTRO_FEATURES','sysvinit','--with-distro=debian','--with-distro=none',d)}"
EXTRA_OECONF_SYSTEMD = "${@bb.utils.contains('DISTRO_FEATURES','systemd','--with-systemdsystemunitdir=${systemd_system_unitdir}/','--without-systemdsystemunitdir',d)}"
do_configure:prepend() {
# This m4 file will get in the way of our introspection.m4 with special cross-compilation fixes
rm "${S}/common/introspection.m4" || true
}
do_compile:prepend() {
export GIR_EXTRA_LIBS_PATH="${B}/avahi-gobject/.libs:${B}/avahi-common/.libs:${B}/avahi-client/.libs:${B}/avahi-glib/.libs"
}
RRECOMMENDS:${PN}:append:libc-glibc = " libnss-mdns"
do_install() {
autotools_do_install
rm -rf ${D}/run
test -d ${D}${datadir}/dbus-1 && rmdir --ignore-fail-on-non-empty ${D}${datadir}/dbus-1
rm -rf ${D}${libdir}/avahi
# Move example service files out of /etc/avahi/services so we don't
# advertise ssh & sftp-ssh by default
install -d ${D}${docdir}/avahi
mv ${D}${sysconfdir}/avahi/services/* ${D}${docdir}/avahi
}
PACKAGES =+ "${@bb.utils.contains("PACKAGECONFIG", "libdns_sd", "libavahi-compat-libdnssd", "", d)}"
FILES:libavahi-compat-libdnssd = "${libdir}/libdns_sd.so.*"
RPROVIDES:libavahi-compat-libdnssd = "libdns-sd"
inherit update-rc.d systemd useradd
PACKAGES =+ "libavahi-gobject avahi-daemon libavahi-common libavahi-core libavahi-client avahi-dnsconfd libavahi-glib avahi-autoipd avahi-utils avahi-discover avahi-ui"
FILES:avahi-ui = "${libdir}/libavahi-ui*.so.*"
FILES:avahi-discover = "${datadir}/applications/avahi-discover.desktop \
${datadir}/avahi/interfaces/avahi-discover.ui \
${bindir}/avahi-discover-standalone \
"
LICENSE:libavahi-gobject = "LGPL-2.1-or-later"
LICENSE:avahi-daemon = "LGPL-2.1-or-later"
LICENSE:libavahi-common = "LGPL-2.1-or-later"
LICENSE:libavahi-core = "LGPL-2.1-or-later"
LICENSE:libavahi-client = "LGPL-2.1-or-later"
LICENSE:avahi-dnsconfd = "LGPL-2.1-or-later"
LICENSE:libavahi-glib = "LGPL-2.1-or-later"
LICENSE:avahi-autoipd = "LGPL-2.1-or-later"
LICENSE:avahi-utils = "LGPL-2.1-or-later"
# As avahi doesn't put any files into PN, clear the files list to avoid problems
# if extra libraries appear.
FILES:${PN} = ""
FILES:avahi-autoipd = "${sbindir}/avahi-autoipd \
${sysconfdir}/avahi/avahi-autoipd.action \
${sysconfdir}/dhcp/*/avahi-autoipd \
${sysconfdir}/udhcpc.d/00avahi-autoipd \
${sysconfdir}/udhcpc.d/99avahi-autoipd"
FILES:libavahi-common = "${libdir}/libavahi-common.so.*"
FILES:libavahi-core = "${libdir}/libavahi-core.so.* ${libdir}/girepository-1.0/AvahiCore*.typelib"
FILES:avahi-daemon = "${sbindir}/avahi-daemon \
${sysconfdir}/avahi/avahi-daemon.conf \
${sysconfdir}/avahi/hosts \
${sysconfdir}/avahi/services \
${sysconfdir}/dbus-1 \
${sysconfdir}/init.d/avahi-daemon \
${datadir}/dbus-1/interfaces \
${datadir}/avahi/avahi-service.dtd \
${datadir}/avahi/service-types \
${datadir}/dbus-1/system-services"
FILES:libavahi-client = "${libdir}/libavahi-client.so.*"
FILES:avahi-dnsconfd = "${sbindir}/avahi-dnsconfd \
${sysconfdir}/avahi/avahi-dnsconfd.action \
${sysconfdir}/init.d/avahi-dnsconfd"
FILES:libavahi-glib = "${libdir}/libavahi-glib.so.*"
FILES:libavahi-gobject = "${libdir}/libavahi-gobject.so.* ${libdir}/girepository-1.0/Avahi*.typelib"
FILES:avahi-utils = "${bindir}/avahi-* ${bindir}/b* ${datadir}/applications/b*"
DEV_PKG_DEPENDENCY = "avahi-daemon (= ${EXTENDPKGV}) libavahi-core (= ${EXTENDPKGV})"
DEV_PKG_DEPENDENCY += "${@["", " libavahi-client (= ${EXTENDPKGV})"][bb.utils.contains('PACKAGECONFIG', 'dbus', 1, 0, d)]}"
RDEPENDS:${PN}-dnsconfd = "${PN}-daemon"
RRECOMMENDS:avahi-daemon:append:libc-glibc = " libnss-mdns"
CONFFILES:avahi-daemon = "${sysconfdir}/avahi/avahi-daemon.conf"
USERADD_PACKAGES = "avahi-daemon avahi-autoipd"
USERADD_PARAM:avahi-daemon = "--system --home /run/avahi-daemon \
--no-create-home --shell /bin/false \
--user-group avahi"
USERADD_PARAM:avahi-autoipd = "--system --home /run/avahi-autoipd \
--no-create-home --shell /bin/false \
--user-group \
-c \"Avahi autoip daemon\" \
avahi-autoipd"
INITSCRIPT_PACKAGES = "avahi-daemon avahi-dnsconfd"
INITSCRIPT_NAME:avahi-daemon = "avahi-daemon"
INITSCRIPT_PARAMS:avahi-daemon = "defaults 21 19"
INITSCRIPT_NAME:avahi-dnsconfd = "avahi-dnsconfd"
INITSCRIPT_PARAMS:avahi-dnsconfd = "defaults 22 19"
SYSTEMD_PACKAGES = "${PN}-daemon ${PN}-dnsconfd"
SYSTEMD_SERVICE:${PN}-daemon = "avahi-daemon.service"
SYSTEMD_SERVICE:${PN}-dnsconfd = "avahi-dnsconfd.service"
do_install:append() {
install -d ${D}${sysconfdir}/udhcpc.d
install ${WORKDIR}/00avahi-autoipd ${D}${sysconfdir}/udhcpc.d
install ${WORKDIR}/99avahi-autoipd ${D}${sysconfdir}/udhcpc.d
}
# At the time the postinst runs, dbus might not be setup so only restart if running
# Don't exit early, because update-rc.d needs to run subsequently.
pkg_postinst:avahi-daemon () {
if [ -z "$D" ]; then
killall -q -HUP dbus-daemon || true
fi
}

45
sources/poky/meta/recipes-connectivity/avahi/files/0001-Fix-opening-etc-resolv.conf-error.patch Normal file
View File

@@ -0,0 +1,45 @@
From 78967814f5c37ed67f4cf64d70c9f76a03ee89bc Mon Sep 17 00:00:00 2001
From: Chen Qi <Qi.Chen@windriver.com>
Date: Wed, 20 Jun 2018 13:57:35 +0800
Subject: [PATCH] Fix opening /etc/resolv.conf error
Fix to start avahi-daemon after systemd-resolved.service. This is because
/etc/resolv.conf is a link to /etc/resolv-conf.systemd which in turn is
a symlink to /run/systemd/resolve/resolv.conf. And /run/systemd/resolve/resolv.conf
is created by systemd-resolved.service by default in current OE's systemd
based systems.
This fixes errro like below.
Failed to open /etc/resolv.conf: Invalid argument
In fact, handling of /etc/resolv.conf is quite distro specific. So this patch
is marked as OE specific.
Upstream-Status: Inappropriate [OE Specific]
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
When connman installed to image, /etc/resolv.conf is link to
/etc/resolv-conf.connman. So launch avahi-daemon after connman too.
Signed-off-by: Kai Kang <kai.kang@windriver.com>
---
avahi-daemon/avahi-daemon.service.in | 1 +
1 file changed, 1 insertion(+)
diff --git a/avahi-daemon/avahi-daemon.service.in b/avahi-daemon/avahi-daemon.service.in
index 548c834..63e28e4 100644
--- a/avahi-daemon/avahi-daemon.service.in
+++ b/avahi-daemon/avahi-daemon.service.in
@@ -18,6 +18,7 @@
[Unit]
Description=Avahi mDNS/DNS-SD Stack
Requires=avahi-daemon.socket
+After=systemd-resolved.service connman.service
[Service]
Type=dbus
--
2.11.0

10
sources/poky/meta/recipes-connectivity/avahi/files/00avahi-autoipd Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
case "$1" in
deconfig|renew|bound)
/usr/sbin/avahi-autoipd -k $interface 2> /dev/null
;;
esac

10
sources/poky/meta/recipes-connectivity/avahi/files/99avahi-autoipd Normal file
View File

@@ -0,0 +1,10 @@
#!/bin/sh
[ -z "$1" ] && echo "Error: should be called from udhcpc" && exit 1
case "$1" in
leasefail)
/usr/sbin/avahi-autoipd -wD $interface 2> /dev/null
;;
esac

58
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-1981.patch Normal file
View File

@@ -0,0 +1,58 @@
From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 17 Nov 2022 01:51:53 +0100
Subject: [PATCH] Emit error if requested service is not found
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
Fixes #375
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-1981.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f]
CVE: CVE-2023-1981
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
index 70d7687bc..406d0b441 100644
--- a/avahi-daemon/dbus-protocol.c
+++ b/avahi-daemon/dbus-protocol.c
@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
}
t = avahi_alternative_host_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
+ }
}
static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
}
t = avahi_alternative_service_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
+ }
}
static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {

48
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469-1.patch Normal file
View File

@@ -0,0 +1,48 @@
From 72842945085cc3adaccfdfa2853771b0e75ef991 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Mon, 23 Oct 2023 20:29:31 +0000
Subject: [PATCH] avahi: core: reject overly long TXT resource records
Closes https://github.com/lathiat/avahi/issues/455
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/a337a1ba7d15853fb56deef1f464529af6e3a1cf]
CVE: CVE-2023-38469
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-core/rr.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/avahi-core/rr.c b/avahi-core/rr.c
index 7fa0bee..b03a24c 100644
--- a/avahi-core/rr.c
+++ b/avahi-core/rr.c
@@ -32,6 +32,7 @@
#include <avahi-common/malloc.h>
#include <avahi-common/defs.h>
+#include "dns.h"
#include "rr.h"
#include "log.h"
#include "util.h"
@@ -688,11 +689,17 @@ int avahi_record_is_valid(AvahiRecord *r) {
case AVAHI_DNS_TYPE_TXT: {
AvahiStringList *strlst;
+ size_t used = 0;
- for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next)
+ for (strlst = r->data.txt.string_list; strlst; strlst = strlst->next) {
if (strlst->size > 255 || strlst->size <= 0)
return 0;
+ used += 1+strlst->size;
+ if (used > AVAHI_DNS_RDATA_MAX)
+ return 0;
+ }
+
return 1;
}
}
--
2.40.0

65
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38469-2.patch Normal file
View File

@@ -0,0 +1,65 @@
From c6cab87df290448a63323c8ca759baa516166237 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Wed, 25 Oct 2023 18:15:42 +0000
Subject: [PATCH] tests: pass overly long TXT resource records
to make sure they don't crash avahi any more.
It reproduces https://github.com/lathiat/avahi/issues/455
Canonical notes:
nickgalanis> removed first hunk since there is no .github dir in this release
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38469-2.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/c6cab87df290448a63323c8ca759baa516166237]
CVE: CVE-2023-38469
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-client/client-test.c | 14 ++++++++++++++
1 files changed, 14 insertions(+)
Index: avahi-0.8/avahi-client/client-test.c
===================================================================
--- avahi-0.8.orig/avahi-client/client-test.c
+++ avahi-0.8/avahi-client/client-test.c
@@ -22,6 +22,7 @@
#endif
#include <stdio.h>
+#include <string.h>
#include <assert.h>
#include <avahi-client/client.h>
@@ -33,6 +34,8 @@
#include <avahi-common/malloc.h>
#include <avahi-common/timeval.h>
+#include <avahi-core/dns.h>
+
static const AvahiPoll *poll_api = NULL;
static AvahiSimplePoll *simple_poll = NULL;
@@ -222,6 +225,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
uint32_t cookie;
struct timeval tv;
AvahiAddress a;
+ uint8_t rdata[AVAHI_DNS_RDATA_MAX+1];
+ AvahiStringList *txt = NULL;
+ int r;
simple_poll = avahi_simple_poll_new();
poll_api = avahi_simple_poll_get(simple_poll);
@@ -258,6 +264,14 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
printf("%s\n", avahi_strerror(avahi_entry_group_add_service (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "Lathiat's Site", "_http._tcp", NULL, NULL, 80, "foo=bar", NULL)));
printf("add_record: %d\n", avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "\5booya", 6));
+ memset(rdata, 1, sizeof(rdata));
+ r = avahi_string_list_parse(rdata, sizeof(rdata), &txt);
+ assert(r >= 0);
+ assert(avahi_string_list_serialize(txt, NULL, 0) == sizeof(rdata));
+ error = avahi_entry_group_add_service_strlst(group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", "_qotd._tcp", NULL, NULL, 123, txt);
+ assert(error == AVAHI_ERR_INVALID_RECORD);
+ avahi_string_list_free(txt);
+
avahi_entry_group_commit (group);
domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");

59
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470-1.patch Normal file
View File

@@ -0,0 +1,59 @@
From af7bfad67ca53a7c4042a4a2d85456b847e9f249 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Tue, 11 Apr 2023 15:29:59 +0200
Subject: [PATCH] avahi: Ensure each label is at least one byte long
The only allowed exception is single dot, where it should return empty
string.
Fixes #454.
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/94cb6489114636940ac683515417990b55b5d66c]
CVE: CVE-2023-38470
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-common/domain-test.c | 14 ++++++++++++++
avahi-common/domain.c | 2 +-
2 files changed, 15 insertions(+), 1 deletion(-)
diff --git a/avahi-common/domain-test.c b/avahi-common/domain-test.c
index cf763ec..3acc1c1 100644
--- a/avahi-common/domain-test.c
+++ b/avahi-common/domain-test.c
@@ -45,6 +45,20 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
printf("%s\n", s = avahi_normalize_name_strdup("fo\\\\o\\..f oo."));
avahi_free(s);
+ printf("%s\n", s = avahi_normalize_name_strdup("."));
+ avahi_free(s);
+
+ s = avahi_normalize_name_strdup(",.=.}.=.?-.}.=.?.?.}.}.?.?.?.z.?.?.}.}."
+ "}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.}.}.}"
+ ".?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.=.=.?.?.}.}.?.?.?.zM.?`"
+ "?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}??.}.}.?.?."
+ "?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM.?`?.}.}.}."
+ "??.?.zM.?`?.}.}.}.?.?.?.r.=.?.}.=.?.?.}.?.?.?.}.=.?.?.}?"
+ "?.}.}.?.?.?.z.?.?.}.}.}.?.?.?.r.=.=.}.=.?.}}.}.?.?.?.zM."
+ "?`?.}.}.}.?.?.?.r.=.=.?.?`.?.?}.}.}.?.?.?.r.=.?.}.=.?.?."
+ "}.?.?.?.}.=.?.?.}");
+ assert(s == NULL);
+
printf("%i\n", avahi_domain_equal("\\065aa bbb\\.\\046cc.cc\\\\.dee.fff.", "Aaa BBB\\.\\.cc.cc\\\\.dee.fff"));
printf("%i\n", avahi_domain_equal("A", "a"));
diff --git a/avahi-common/domain.c b/avahi-common/domain.c
index 3b1ab68..e66d241 100644
--- a/avahi-common/domain.c
+++ b/avahi-common/domain.c
@@ -201,7 +201,7 @@ char *avahi_normalize_name(const char *s, char *ret_s, size_t size) {
}
if (!empty) {
- if (size < 1)
+ if (size < 2)
return NULL;
*(r++) = '.';
--
2.40.0

52
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38470-2.patch Normal file
View File

@@ -0,0 +1,52 @@
From 20dec84b2480821704258bc908e7b2bd2e883b24 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 19 Sep 2023 03:21:25 +0000
Subject: [PATCH] [common] bail out when escaped labels can't fit into ret
Fixes:
```
==93410==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7f9e76f14c16 at pc 0x00000047208d bp 0x7ffee90a6a00 sp 0x7ffee90a61c8
READ of size 1110 at 0x7f9e76f14c16 thread T0
#0 0x47208c in __interceptor_strlen (out/fuzz-domain+0x47208c) (BuildId: 731b20c1eef22c2104e75a6496a399b10cfc7cba)
#1 0x534eb0 in avahi_strdup avahi/avahi-common/malloc.c:167:12
#2 0x53862c in avahi_normalize_name_strdup avahi/avahi-common/domain.c:226:12
```
and
```
fuzz-domain: fuzz/fuzz-domain.c:38: int LLVMFuzzerTestOneInput(const uint8_t *, size_t): Assertion `avahi_domain_equal(s, t)' failed.
==101571== ERROR: libFuzzer: deadly signal
#0 0x501175 in __sanitizer_print_stack_trace (/home/vagrant/avahi/out/fuzz-domain+0x501175) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#1 0x45ad2c in fuzzer::PrintStackTrace() (/home/vagrant/avahi/out/fuzz-domain+0x45ad2c) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#2 0x43fc07 in fuzzer::Fuzzer::CrashCallback() (/home/vagrant/avahi/out/fuzz-domain+0x43fc07) (BuildId: 682bf6400aff9d41b64b6e2cc3ef5ad600216ea8)
#3 0x7f1581d7ebaf (/lib64/libc.so.6+0x3dbaf) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#4 0x7f1581dcf883 in __pthread_kill_implementation (/lib64/libc.so.6+0x8e883) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#5 0x7f1581d7eafd in gsignal (/lib64/libc.so.6+0x3dafd) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#6 0x7f1581d6787e in abort (/lib64/libc.so.6+0x2687e) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#7 0x7f1581d6779a in __assert_fail_base.cold (/lib64/libc.so.6+0x2679a) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#8 0x7f1581d77186 in __assert_fail (/lib64/libc.so.6+0x36186) (BuildId: c9f62793b9e886eb1b95077d4f26fe2b4aa1ac25)
#9 0x5344a4 in LLVMFuzzerTestOneInput /home/vagrant/avahi/fuzz/fuzz-domain.c:38:9
```
It's a follow-up to 94cb6489114636940ac683515417990b55b5d66c
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38470-2.patch?h=ubuntu/jammy-security
CVE: CVE-2023-38470 #Follow-up patch
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-common/domain.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Index: avahi-0.8/avahi-common/domain.c
===================================================================
--- avahi-0.8.orig/avahi-common/domain.c
+++ avahi-0.8/avahi-common/domain.c
@@ -210,7 +210,8 @@ char *avahi_normalize_name(const char *s
} else
empty = 0;
- avahi_escape_label(label, strlen(label), &r, &size);
+ if (!(avahi_escape_label(label, strlen(label), &r, &size)))
+ return NULL;
}
return ret_s;

73
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471-1.patch Normal file
View File

@@ -0,0 +1,73 @@
From 48d745db7fd554fc33e96ec86d3675ebd530bb8e Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Mon, 23 Oct 2023 13:38:35 +0200
Subject: [PATCH] avahi: core: extract host name using avahi_unescape_label()
Previously we could create invalid escape sequence when we split the
string on dot. For example, from valid host name "foo\\.bar" we have
created invalid name "foo\\" and tried to set that as the host name
which crashed the daemon.
Fixes #453
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/894f085f402e023a98cbb6f5a3d117bd88d93b09]
CVE: CVE-2023-38471
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-core/server.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
diff --git a/avahi-core/server.c b/avahi-core/server.c
index e507750..40f1d68 100644
--- a/avahi-core/server.c
+++ b/avahi-core/server.c
@@ -1295,7 +1295,11 @@ static void update_fqdn(AvahiServer *s) {
}
int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
- char *hn = NULL;
+ char label_escaped[AVAHI_LABEL_MAX*4+1];
+ char label[AVAHI_LABEL_MAX];
+ char *hn = NULL, *h;
+ size_t len;
+
assert(s);
AVAHI_CHECK_VALIDITY(s, !host_name || avahi_is_valid_host_name(host_name), AVAHI_ERR_INVALID_HOST_NAME);
@@ -1305,17 +1309,28 @@ int avahi_server_set_host_name(AvahiServer *s, const char *host_name) {
else
hn = avahi_normalize_name_strdup(host_name);
- hn[strcspn(hn, ".")] = 0;
+ h = hn;
+ if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
+ avahi_free(h);
+ return AVAHI_ERR_INVALID_HOST_NAME;
+ }
+
+ avahi_free(h);
+
+ h = label_escaped;
+ len = sizeof(label_escaped);
+ if (!avahi_escape_label(label, strlen(label), &h, &len))
+ return AVAHI_ERR_INVALID_HOST_NAME;
- if (avahi_domain_equal(s->host_name, hn) && s->state != AVAHI_SERVER_COLLISION) {
- avahi_free(hn);
+ if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
- }
withdraw_host_rrs(s);
avahi_free(s->host_name);
- s->host_name = hn;
+ s->host_name = avahi_strdup(label_escaped);
+ if (!s->host_name)
+ return AVAHI_ERR_NO_MEMORY;
update_fqdn(s);
--
2.40.0

52
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38471-2.patch Normal file
View File

@@ -0,0 +1,52 @@
From b675f70739f404342f7f78635d6e2dcd85a13460 Mon Sep 17 00:00:00 2001
From: Evgeny Vereshchagin <evvers@ya.ru>
Date: Tue, 24 Oct 2023 22:04:51 +0000
Subject: [PATCH] core: return errors from avahi_server_set_host_name properly
It's a follow-up to 894f085f402e023a98cbb6f5a3d117bd88d93b09
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38471-2.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/b675f70739f404342f7f78635d6e2dcd85a13460]
CVE: CVE-2023-38471 #Follow-up Patch
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-core/server.c | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
Index: avahi-0.8/avahi-core/server.c
===================================================================
--- avahi-0.8.orig/avahi-core/server.c
+++ avahi-0.8/avahi-core/server.c
@@ -1309,10 +1309,13 @@ int avahi_server_set_host_name(AvahiServ
else
hn = avahi_normalize_name_strdup(host_name);
+ if (!hn)
+ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
+
h = hn;
if (!avahi_unescape_label((const char **)&hn, label, sizeof(label))) {
avahi_free(h);
- return AVAHI_ERR_INVALID_HOST_NAME;
+ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
}
avahi_free(h);
@@ -1320,7 +1323,7 @@ int avahi_server_set_host_name(AvahiServ
h = label_escaped;
len = sizeof(label_escaped);
if (!avahi_escape_label(label, strlen(label), &h, &len))
- return AVAHI_ERR_INVALID_HOST_NAME;
+ return avahi_server_set_errno(s, AVAHI_ERR_INVALID_HOST_NAME);
if (avahi_domain_equal(s->host_name, label_escaped) && s->state != AVAHI_SERVER_COLLISION)
return avahi_server_set_errno(s, AVAHI_ERR_NO_CHANGE);
@@ -1330,7 +1333,7 @@ int avahi_server_set_host_name(AvahiServ
avahi_free(s->host_name);
s->host_name = avahi_strdup(label_escaped);
if (!s->host_name)
- return AVAHI_ERR_NO_MEMORY;
+ return avahi_server_set_errno(s, AVAHI_ERR_NO_MEMORY);
update_fqdn(s);

46
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38472.patch Normal file
View File

@@ -0,0 +1,46 @@
From b024ae5749f4aeba03478e6391687c3c9c8dee40 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Thu, 19 Oct 2023 17:36:44 +0200
Subject: [PATCH] core: make sure there is rdata to process before parsing it
Fixes #452
CVE-2023-38472
Upstream-Status: Backport [import from ubuntu https://git.launchpad.net/ubuntu/+source/avahi/tree/debian/patches/CVE-2023-38472.patch?h=ubuntu/jammy-security
Upstream commit https://github.com/lathiat/avahi/commit/b024ae5749f4aeba03478e6391687c3c9c8dee40]
CVE: CVE-2023-38472
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
avahi-client/client-test.c | 3 +++
avahi-daemon/dbus-entry-group.c | 2 +-
2 files changed, 4 insertions(+), 1 deletion(-)
Index: avahi-0.8/avahi-client/client-test.c
===================================================================
--- avahi-0.8.orig/avahi-client/client-test.c
+++ avahi-0.8/avahi-client/client-test.c
@@ -272,6 +272,9 @@ int main (AVAHI_GCC_UNUSED int argc, AVA
assert(error == AVAHI_ERR_INVALID_RECORD);
avahi_string_list_free(txt);
+ error = avahi_entry_group_add_record (group, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, 0, "TestX", 0x01, 0x10, 120, "", 0);
+ assert(error != AVAHI_OK);
+
avahi_entry_group_commit (group);
domain = avahi_domain_browser_new (avahi, AVAHI_IF_UNSPEC, AVAHI_PROTO_UNSPEC, NULL, AVAHI_DOMAIN_BROWSER_BROWSE, 0, avahi_domain_browser_callback, (char*) "omghai3u");
Index: avahi-0.8/avahi-daemon/dbus-entry-group.c
===================================================================
--- avahi-0.8.orig/avahi-daemon/dbus-entry-group.c
+++ avahi-0.8/avahi-daemon/dbus-entry-group.c
@@ -340,7 +340,7 @@ DBusHandlerResult avahi_dbus_msg_entry_g
if (!(r = avahi_record_new_full (name, clazz, type, ttl)))
return avahi_dbus_respond_error(c, m, AVAHI_ERR_NO_MEMORY, NULL);
- if (avahi_rdata_parse (r, rdata, size) < 0) {
+ if (!rdata || avahi_rdata_parse (r, rdata, size) < 0) {
avahi_record_unref (r);
return avahi_dbus_respond_error(c, m, AVAHI_ERR_INVALID_RDATA, NULL);
}

110
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2023-38473.patch Normal file
View File

@@ -0,0 +1,110 @@
From 88cbbc48d5efff9726694557ca6c3f698f3affe4 Mon Sep 17 00:00:00 2001
From: Michal Sekletar <msekleta@redhat.com>
Date: Wed, 11 Oct 2023 17:45:44 +0200
Subject: [PATCH] avahi: common: derive alternative host name from its
unescaped version
Normalization of input makes sure we don't have to deal with special
cases like unescaped dot at the end of label.
Fixes #451 #487
Upstream-Status: Backport [https://github.com/lathiat/avahi/commit/b448c9f771bada14ae8de175695a9729f8646797]
CVE: CVE-2023-38473
Signed-off-by: Meenali Gupta <meenali.gupta@windriver.com>
---
avahi-common/alternative-test.c | 3 +++
avahi-common/alternative.c | 27 +++++++++++++++++++--------
2 files changed, 22 insertions(+), 8 deletions(-)
diff --git a/avahi-common/alternative-test.c b/avahi-common/alternative-test.c
index 9255435..681fc15 100644
--- a/avahi-common/alternative-test.c
+++ b/avahi-common/alternative-test.c
@@ -31,6 +31,9 @@ int main(AVAHI_GCC_UNUSED int argc, AVAHI_GCC_UNUSED char *argv[]) {
const char* const test_strings[] = {
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
"XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXüüüüüüü",
+ ").",
+ "\\.",
+ "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\\\\",
"gurke",
"-",
" #",
diff --git a/avahi-common/alternative.c b/avahi-common/alternative.c
index b3d39f0..a094e6d 100644
--- a/avahi-common/alternative.c
+++ b/avahi-common/alternative.c
@@ -49,15 +49,20 @@ static void drop_incomplete_utf8(char *c) {
}
char *avahi_alternative_host_name(const char *s) {
+ char label[AVAHI_LABEL_MAX], alternative[AVAHI_LABEL_MAX*4+1];
+ char *alt, *r, *ret;
const char *e;
- char *r;
+ size_t len;
assert(s);
if (!avahi_is_valid_host_name(s))
return NULL;
- if ((e = strrchr(s, '-'))) {
+ if (!avahi_unescape_label(&s, label, sizeof(label)))
+ return NULL;
+
+ if ((e = strrchr(label, '-'))) {
const char *p;
e++;
@@ -74,19 +79,18 @@ char *avahi_alternative_host_name(const char *s) {
if (e) {
char *c, *m;
- size_t l;
int n;
n = atoi(e)+1;
if (!(m = avahi_strdup_printf("%i", n)))
return NULL;
- l = e-s-1;
+ len = e-label-1;
- if (l >= AVAHI_LABEL_MAX-1-strlen(m)-1)
- l = AVAHI_LABEL_MAX-1-strlen(m)-1;
+ if (len >= AVAHI_LABEL_MAX-1-strlen(m)-1)
+ len = AVAHI_LABEL_MAX-1-strlen(m)-1;
- if (!(c = avahi_strndup(s, l))) {
+ if (!(c = avahi_strndup(label, len))) {
avahi_free(m);
return NULL;
}
@@ -100,7 +104,7 @@ char *avahi_alternative_host_name(const char *s) {
} else {
char *c;
- if (!(c = avahi_strndup(s, AVAHI_LABEL_MAX-1-2)))
+ if (!(c = avahi_strndup(label, AVAHI_LABEL_MAX-1-2)))
return NULL;
drop_incomplete_utf8(c);
@@ -109,6 +113,13 @@ char *avahi_alternative_host_name(const char *s) {
avahi_free(c);
}
+ alt = alternative;
+ len = sizeof(alternative);
+ ret = avahi_escape_label(r, strlen(r), &alt, &len);
+
+ avahi_free(r);
+ r = avahi_strdup(ret);
+
assert(avahi_is_valid_host_name(r));
return r;
--
2.40.0

104
sources/poky/meta/recipes-connectivity/avahi/files/CVE-2024-52616.patch Normal file
View File

@@ -0,0 +1,104 @@
From f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Mon, 11 Nov 2024 00:56:09 +0100
Subject: [PATCH] Properly randomize query id of DNS packets
CVE: CVE-2024-52616
Upstream-Status: Backport [https://github.com/avahi/avahi/commit/f8710bdc8b29ee1176fe3bfaeabebbda1b7a79f7]
Signed-off-by: Zhang Peng <peng.zhang1.cn@windriver.com>
---
avahi-core/wide-area.c | 36 ++++++++++++++++++++++++++++--------
configure.ac | 3 ++-
2 files changed, 30 insertions(+), 9 deletions(-)
diff --git a/avahi-core/wide-area.c b/avahi-core/wide-area.c
index 971f5e714..00a15056e 100644
--- a/avahi-core/wide-area.c
+++ b/avahi-core/wide-area.c
@@ -40,6 +40,13 @@
#include "addr-util.h"
#include "rr-util.h"
+#ifdef HAVE_SYS_RANDOM_H
+#include <sys/random.h>
+#endif
+#ifndef HAVE_GETRANDOM
+# define getrandom(d, len, flags) (-1)
+#endif
+
#define CACHE_ENTRIES_MAX 500
typedef struct AvahiWideAreaCacheEntry AvahiWideAreaCacheEntry;
@@ -84,8 +91,6 @@ struct AvahiWideAreaLookupEngine {
int fd_ipv4, fd_ipv6;
AvahiWatch *watch_ipv4, *watch_ipv6;
- uint16_t next_id;
-
/* Cache */
AVAHI_LLIST_HEAD(AvahiWideAreaCacheEntry, cache);
AvahiHashmap *cache_by_key;
@@ -201,6 +206,26 @@ static void sender_timeout_callback(AvahiTimeEvent *e, void *userdata) {
avahi_time_event_update(e, avahi_elapse_time(&tv, 1000, 0));
}
+static uint16_t get_random_uint16(void) {
+ uint16_t next_id;
+
+ if (getrandom(&next_id, sizeof(next_id), 0) == -1)
+ next_id = (uint16_t) rand();
+ return next_id;
+}
+
+static uint16_t avahi_wide_area_next_id(AvahiWideAreaLookupEngine *e) {
+ uint16_t next_id;
+
+ next_id = get_random_uint16();
+ while (find_lookup(e, next_id)) {
+ /* This ID is already used, get new. */
+ next_id = get_random_uint16();
+ }
+ return next_id;
+}
+
+
AvahiWideAreaLookup *avahi_wide_area_lookup_new(
AvahiWideAreaLookupEngine *e,
AvahiKey *key,
@@ -227,11 +252,7 @@ AvahiWideAreaLookup *avahi_wide_area_lookup_new(
/* If more than 65K wide area quries are issued simultaneously,
* this will break. This should be limited by some higher level */
- for (;; e->next_id++)
- if (!find_lookup(e, e->next_id))
- break; /* This ID is not yet used. */
-
- l->id = e->next_id++;
+ l->id = avahi_wide_area_next_id(e);
/* We keep the packet around in case we need to repeat our query */
l->packet = avahi_dns_packet_new(0);
@@ -604,7 +625,6 @@ AvahiWideAreaLookupEngine *avahi_wide_area_engine_new(AvahiServer *s) {
e->watch_ipv6 = s->poll_api->watch_new(e->server->poll_api, e->fd_ipv6, AVAHI_WATCH_IN, socket_event, e);
e->n_dns_servers = e->current_dns_server = 0;
- e->next_id = (uint16_t) rand();
/* Initialize cache */
AVAHI_LLIST_HEAD_INIT(AvahiWideAreaCacheEntry, e->cache);
diff --git a/configure.ac b/configure.ac
index a3211b80e..31bce3d76 100644
--- a/configure.ac
+++ b/configure.ac
@@ -367,7 +367,8 @@ AC_FUNC_SELECT_ARGTYPES
# whether libc's malloc does too. (Same for realloc.)
#AC_FUNC_MALLOC
#AC_FUNC_REALLOC
-AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname])
+AC_CHECK_FUNCS([gethostname memchr memmove memset mkdir select socket strchr strcspn strdup strerror strrchr strspn strstr uname setresuid setreuid setresgid setregid strcasecmp gettimeofday putenv strncasecmp strlcpy gethostbyname seteuid setegid setproctitle getprogname getrandom])
+AC_CHECK_HEADERS([sys/random.h])
AC_FUNC_CHOWN
AC_FUNC_STAT

41
sources/poky/meta/recipes-connectivity/avahi/files/handle-hup.patch Normal file
View File

@@ -0,0 +1,41 @@
CVE: CVE-2021-3468
Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/330]
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 447affe29991ee99c6b9732fc5f2c1048a611d3b Mon Sep 17 00:00:00 2001
From: Riccardo Schirone <sirmy15@gmail.com>
Date: Fri, 26 Mar 2021 11:50:24 +0100
Subject: [PATCH] Avoid infinite-loop in avahi-daemon by handling HUP event in
client_work
If a client fills the input buffer, client_work() disables the
AVAHI_WATCH_IN event, thus preventing the function from executing the
`read` syscall the next times it is called. However, if the client then
terminates the connection, the socket file descriptor receives a HUP
event, which is not handled, thus the kernel keeps marking the HUP event
as occurring. While iterating over the file descriptors that triggered
an event, the client file descriptor will keep having the HUP event and
the client_work() function is always called with AVAHI_WATCH_HUP but
without nothing being done, thus entering an infinite loop.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=984938
---
avahi-daemon/simple-protocol.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/avahi-daemon/simple-protocol.c b/avahi-daemon/simple-protocol.c
index 3e0ebb11..6c0274d6 100644
--- a/avahi-daemon/simple-protocol.c
+++ b/avahi-daemon/simple-protocol.c
@@ -424,6 +424,11 @@ static void client_work(AvahiWatch *watch, AVAHI_GCC_UNUSED int fd, AvahiWatchEv
}
}
+ if (events & AVAHI_WATCH_HUP) {
+ client_free(c);
+ return;
+ }
+
c->server->poll_api->watch_update(
watch,
(c->outbuf_length > 0 ? AVAHI_WATCH_OUT : 0) |

47
sources/poky/meta/recipes-connectivity/avahi/files/initscript.patch Normal file
View File

@@ -0,0 +1,47 @@
Upstream-Status: Pending
Index: avahi-0.7/initscript/debian/avahi-daemon.in
===================================================================
--- avahi-0.7.orig/initscript/debian/avahi-daemon.in
+++ avahi-0.7/initscript/debian/avahi-daemon.in
@@ -1,5 +1,17 @@
#!/bin/sh
-
+### BEGIN INIT INFO
+# Provides: avahi
+# Required-Start: $remote_fs dbus
+# Required-Stop: $remote_fs dbus
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Avahi mDNS/DNS-SD Daemon
+# Description: Zeroconf daemon for configuring your network
+# automatically
+### END INIT INFO
+#
# This file is part of avahi.
#
# avahi is free software; you can redistribute it and/or modify it
Index: avahi-0.7/initscript/debian/avahi-dnsconfd.in
===================================================================
--- avahi-0.7.orig/initscript/debian/avahi-dnsconfd.in
+++ avahi-0.7/initscript/debian/avahi-dnsconfd.in
@@ -1,4 +1,17 @@
#!/bin/sh
+### BEGIN INIT INFO
+# Provides: avahi-dnsconfd
+# Required-Start: $remote_fs avahi
+# Required-Stop: $remote_fs avahi
+# Should-Start: $syslog
+# Should-Stop: $syslog
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: Avahi mDNS/DNS-SD DNS configuration
+# Description: Zeroconf daemon for configuring your network
+# automatically
+### END INIT INFO
+#
# This file is part of avahi.
#

29
sources/poky/meta/recipes-connectivity/avahi/files/invalid-service.patch Normal file
View File

@@ -0,0 +1,29 @@
From 46490e95151d415cd22f02565e530eb5efcef680 Mon Sep 17 00:00:00 2001
From: Asger Hautop Drewsen <asger@princh.com>
Date: Mon, 9 Aug 2021 14:25:08 +0200
Subject: [PATCH] Fix avahi-browse: Invalid service type
Invalid service types will stop the browse from completing, or
in simple terms "my washing machine stops me from printing".
Upstream-Status: Submitted [https://github.com/lathiat/avahi/pull/472]
Signed-off-by: Ross Burton <ross.burton@arm.com>
---
avahi-core/browse-service.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
index 63e0275a..ac3d2ecb 100644
--- a/avahi-core/browse-service.c
+++ b/avahi-core/browse-service.c
@@ -103,7 +103,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_prepare(
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_PROTO_VALID(protocol), AVAHI_ERR_INVALID_PROTOCOL);
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, !domain || avahi_is_valid_domain_name(domain), AVAHI_ERR_INVALID_DOMAIN_NAME);
AVAHI_CHECK_VALIDITY_RETURN_NULL(server, AVAHI_FLAGS_VALID(flags, AVAHI_LOOKUP_USE_WIDE_AREA|AVAHI_LOOKUP_USE_MULTICAST), AVAHI_ERR_INVALID_FLAGS);
- AVAHI_CHECK_VALIDITY_RETURN_NULL(server, avahi_is_valid_service_type_generic(service_type), AVAHI_ERR_INVALID_SERVICE_TYPE);
+
+ if (!avahi_is_valid_service_type_generic(service_type))
+ service_type = "_invalid._tcp";
if (!domain)
domain = server->domain_name;

153
sources/poky/meta/recipes-connectivity/avahi/files/local-ping.patch Normal file
View File

@@ -0,0 +1,153 @@
CVE: CVE-2021-36217
CVE: CVE-2021-3502
Upstream-Status: Backport
Signed-off-by: Ross Burton <ross.burton@arm.com>
From 9d31939e55280a733d930b15ac9e4dda4497680c Mon Sep 17 00:00:00 2001
From: Tommi Rantala <tommi.t.rantala@nokia.com>
Date: Mon, 8 Feb 2021 11:04:43 +0200
Subject: [PATCH] Fix NULL pointer crashes from #175
avahi-daemon is crashing when running "ping .local".
The crash is due to failing assertion from NULL pointer.
Add missing NULL pointer checks to fix it.
Introduced in #175 - merge commit 8f75a045709a780c8cf92a6a21e9d35b593bdecd
---
avahi-core/browse-dns-server.c | 5 ++++-
avahi-core/browse-domain.c | 5 ++++-
avahi-core/browse-service-type.c | 3 +++
avahi-core/browse-service.c | 3 +++
avahi-core/browse.c | 3 +++
avahi-core/resolve-address.c | 5 ++++-
avahi-core/resolve-host-name.c | 5 ++++-
avahi-core/resolve-service.c | 5 ++++-
8 files changed, 29 insertions(+), 5 deletions(-)
diff --git a/avahi-core/browse-dns-server.c b/avahi-core/browse-dns-server.c
index 049752e9..c2d914fa 100644
--- a/avahi-core/browse-dns-server.c
+++ b/avahi-core/browse-dns-server.c
@@ -343,7 +343,10 @@ AvahiSDNSServerBrowser *avahi_s_dns_server_browser_new(
AvahiSDNSServerBrowser* b;
b = avahi_s_dns_server_browser_prepare(server, interface, protocol, domain, type, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_dns_server_browser_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-domain.c b/avahi-core/browse-domain.c
index f145d56a..06fa70c0 100644
--- a/avahi-core/browse-domain.c
+++ b/avahi-core/browse-domain.c
@@ -253,7 +253,10 @@ AvahiSDomainBrowser *avahi_s_domain_browser_new(
AvahiSDomainBrowser *b;
b = avahi_s_domain_browser_prepare(server, interface, protocol, domain, type, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_domain_browser_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/browse-service-type.c b/avahi-core/browse-service-type.c
index fdd22dcd..b1fc7af8 100644
--- a/avahi-core/browse-service-type.c
+++ b/avahi-core/browse-service-type.c
@@ -171,6 +171,9 @@ AvahiSServiceTypeBrowser *avahi_s_service_type_browser_new(
AvahiSServiceTypeBrowser *b;
b = avahi_s_service_type_browser_prepare(server, interface, protocol, domain, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_type_browser_start(b);
return b;
diff --git a/avahi-core/browse-service.c b/avahi-core/browse-service.c
index 5531360c..63e0275a 100644
--- a/avahi-core/browse-service.c
+++ b/avahi-core/browse-service.c
@@ -184,6 +184,9 @@ AvahiSServiceBrowser *avahi_s_service_browser_new(
AvahiSServiceBrowser *b;
b = avahi_s_service_browser_prepare(server, interface, protocol, service_type, domain, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_browser_start(b);
return b;
diff --git a/avahi-core/browse.c b/avahi-core/browse.c
index 2941e579..e8a915e9 100644
--- a/avahi-core/browse.c
+++ b/avahi-core/browse.c
@@ -634,6 +634,9 @@ AvahiSRecordBrowser *avahi_s_record_browser_new(
AvahiSRecordBrowser *b;
b = avahi_s_record_browser_prepare(server, interface, protocol, key, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_record_browser_start_query(b);
return b;
diff --git a/avahi-core/resolve-address.c b/avahi-core/resolve-address.c
index ac0b29b1..e61dd242 100644
--- a/avahi-core/resolve-address.c
+++ b/avahi-core/resolve-address.c
@@ -286,7 +286,10 @@ AvahiSAddressResolver *avahi_s_address_resolver_new(
AvahiSAddressResolver *b;
b = avahi_s_address_resolver_prepare(server, interface, protocol, address, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_address_resolver_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-host-name.c b/avahi-core/resolve-host-name.c
index 808b0e72..4e8e5973 100644
--- a/avahi-core/resolve-host-name.c
+++ b/avahi-core/resolve-host-name.c
@@ -318,7 +318,10 @@ AvahiSHostNameResolver *avahi_s_host_name_resolver_new(
AvahiSHostNameResolver *b;
b = avahi_s_host_name_resolver_prepare(server, interface, protocol, host_name, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_host_name_resolver_start(b);
return b;
-}
\ No newline at end of file
+}
diff --git a/avahi-core/resolve-service.c b/avahi-core/resolve-service.c
index 66bf3cae..43771763 100644
--- a/avahi-core/resolve-service.c
+++ b/avahi-core/resolve-service.c
@@ -519,7 +519,10 @@ AvahiSServiceResolver *avahi_s_service_resolver_new(
AvahiSServiceResolver *b;
b = avahi_s_service_resolver_prepare(server, interface, protocol, name, type, domain, aprotocol, flags, callback, userdata);
+ if (!b)
+ return NULL;
+
avahi_s_service_resolver_start(b);
return b;
-}
\ No newline at end of file
+}