openclaw/tqma6-yocto-mirror
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
16accb6b246789ef1d36dd79b6f9da4d83cc4a76
tqma6-yocto-mirror/sources/poky/meta/recipes-support/libsoup/libsoup-3.4.4/CVE-2025-32907-2.patch
Siggi (OpenClaw Agent) 16accb6b24 Complete Yocto mirror with license table for TQMa6UL (2038-compliance) 
- 264 license table entries with exact download URLs (224/264 resolved)
- Complete sources/ directory with all BitBake recipes
- Build configuration: tqma6ul-multi-mba6ulx, spaetzle (musl)
- Full traceability for Softwarefreigabeantrag
- GCC 13.4.0, Linux 6.6.102, U-Boot 2023.04, musl 1.2.4
- License distribution: GPL-2.0 (24), MIT (23), GPL-2.0+ (18), BSD-3 (16)
2026-03-01 21:14:11 +00:00

69 lines
2.4 KiB
Diff
Raw Blame History

From 85716d2769b3e1acda024d2c7cbfb68139c5d90b Mon Sep 17 00:00:00 2001
From: Milan Crha <mcrha@redhat.com>
Date: Tue, 13 May 2025 14:20:46 +0200
Subject: [PATCH 2/2] server-mem-limit-test: Limit memory usage only when not
built witha sanitizer
A build with -Db_sanitize=address crashes with failed mmap(), which is done
inside libasan. The test requires 20.0TB of virtual memory when running with
the sanitizer, which is beyond unsigned integer limits and may not trigger
the bug anyway.
Part-of: <https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452>
CVE: CVE-2025-32907
Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/commits]
Signed-off-by: Changqing Li <changqing.li@windriver.com>
---
meson.build | 4 ++++
tests/server-mem-limit-test.c | 13 +++++++++----
2 files changed, 13 insertions(+), 4 deletions(-)
diff --git a/meson.build b/meson.build
index 73a9fa0..a9531a4 100644
--- a/meson.build
+++ b/meson.build
@@ -374,6 +374,10 @@ configinc = include_directories('.')
prefix = get_option('prefix')
+if get_option('b_sanitize') != 'none'
+ cdata.set_quoted('B_SANITIZE_OPTION', get_option('b_sanitize'))
+endif
+
cdata.set_quoted('PACKAGE_VERSION', soup_version)
cdata.set_quoted('LOCALEDIR', join_paths(prefix, get_option('localedir')))
cdata.set_quoted('GETTEXT_PACKAGE', libsoup_api_name)
diff --git a/tests/server-mem-limit-test.c b/tests/server-mem-limit-test.c
index 98f1c40..65dc875 100644
--- a/tests/server-mem-limit-test.c
+++ b/tests/server-mem-limit-test.c
@@ -126,14 +126,19 @@ main (int argc, char **argv)
{
int ret;
- test_init (argc, argv, NULL);
-
- #ifndef G_OS_WIN32
- struct rlimit new_rlimit = { 1024 * 1024 * 64, 1024 * 1024 * 64 };
+ /* a build with an address sanitizer may crash on mmap() with the limit,
+ thus skip the limit set in such case, even it may not necessarily
+ trigger the bug if it regresses */
+ #if !defined(G_OS_WIN32) && !defined(B_SANITIZE_OPTION)
+ struct rlimit new_rlimit = { 1024UL * 1024UL * 1024UL * 2UL, 1024UL * 1024UL * 1024UL * 2UL };
/* limit memory usage, to trigger too large memory allocation abort */
g_assert_cmpint (setrlimit (RLIMIT_DATA, &new_rlimit), ==, 0);
+ #else
+ g_message ("server-mem-limit-test: Running without memory limit");
#endif
+ test_init (argc, argv, NULL);
+
g_test_add ("/server-mem/range-overlaps", ServerData, NULL,
server_setup, do_ranges_overlaps_test, server_teardown);
--
2.34.1
Reference in New Issue View Git Blame Copy Permalink