import libffi-3.1-21.el8
This commit is contained in:
		
							parent
							
								
									0c912ff67f
								
							
						
					
					
						commit
						69277f34cd
					
				| @ -0,0 +1,79 @@ | |||||||
|  | From 8daeed9570af72eb135c8ded460d2888f05b2e68 Mon Sep 17 00:00:00 2001 | ||||||
|  | From: =?UTF-8?q?Micka=C3=ABl=20Sala=C3=BCn?= <mic@digikod.net> | ||||||
|  | Date: Sun, 11 May 2014 22:54:58 +0200 | ||||||
|  | Subject: [PATCH 626/627] closures: Create temporary file with O_TMPFILE and | ||||||
|  |  O_CLOEXEC when available | ||||||
|  | 
 | ||||||
|  | The open_temp_exec_file_dir function can create a temporary file without | ||||||
|  | file system accessible link. If the O_TMPFILE flag is not defined (old | ||||||
|  | Linux kernel or libc) the behavior is unchanged. | ||||||
|  | 
 | ||||||
|  | The open_temp_exec_file_name function now need a new argument "flags" | ||||||
|  | (like O_CLOEXEC) used for temporary file creation. | ||||||
|  | 
 | ||||||
|  | The O_TMPFILE flag allow temporary file creation without race condition. | ||||||
|  | This feature/fix prevent another process to access the (future) | ||||||
|  | executable file from the file system. | ||||||
|  | 
 | ||||||
|  | The O_CLOEXEC flag automatically close the temporary file for any | ||||||
|  | execve. This avoid transmitting (executable) file descriptor to a child | ||||||
|  | process. | ||||||
|  | ---
 | ||||||
|  |  src/closures.c | 29 ++++++++++++++++++++++++----- | ||||||
|  |  1 file changed, 24 insertions(+), 5 deletions(-) | ||||||
|  | 
 | ||||||
|  | diff -rup a/src/closures.c b/src/closures.c
 | ||||||
|  | --- a/src/closures.c	2019-06-14 14:24:01.510844835 -0400
 | ||||||
|  | +++ b/src/closures.c	2019-06-14 14:26:48.248924350 -0400
 | ||||||
|  | @@ -265,9 +265,9 @@ static size_t execsize = 0;
 | ||||||
|  |   | ||||||
|  |  /* Open a temporary file name, and immediately unlink it.  */ | ||||||
|  |  static int | ||||||
|  | -open_temp_exec_file_name (char *name)
 | ||||||
|  | +open_temp_exec_file_name (char *name, int flags)
 | ||||||
|  |  { | ||||||
|  | -  int fd = mkstemp (name);
 | ||||||
|  | +  int fd = mkostemp (name, flags);
 | ||||||
|  |   | ||||||
|  |    if (fd != -1) | ||||||
|  |      unlink (name); | ||||||
|  | @@ -280,8 +280,28 @@ static int
 | ||||||
|  |  open_temp_exec_file_dir (const char *dir) | ||||||
|  |  { | ||||||
|  |    static const char suffix[] = "/ffiXXXXXX"; | ||||||
|  | -  size_t lendir = strlen (dir);
 | ||||||
|  | -  char *tempname = __builtin_alloca (lendir + sizeof (suffix));
 | ||||||
|  | +  size_t lendir;
 | ||||||
|  | +  int flags, fd;
 | ||||||
|  | +  char *tempname;
 | ||||||
|  | +
 | ||||||
|  | +#ifdef O_CLOEXEC
 | ||||||
|  | +  flags = O_CLOEXEC;
 | ||||||
|  | +#else
 | ||||||
|  | +  flags = 0;
 | ||||||
|  | +#endif
 | ||||||
|  | +
 | ||||||
|  | +#ifdef O_TMPFILE
 | ||||||
|  | +  fd = open (dir, flags | O_RDWR | O_EXCL | O_TMPFILE, 0700);
 | ||||||
|  | +  /* If the running system does not support the O_TMPFILE flag then retry without it. */
 | ||||||
|  | +  if (fd != -1 || (errno != EINVAL && errno != EISDIR && errno != EOPNOTSUPP)) {
 | ||||||
|  | +    return fd;
 | ||||||
|  | +  } else {
 | ||||||
|  | +    errno = 0;
 | ||||||
|  | +  }
 | ||||||
|  | +#endif
 | ||||||
|  | +
 | ||||||
|  | +  lendir = strlen (dir);
 | ||||||
|  | +  tempname = __builtin_alloca (lendir + sizeof (suffix));
 | ||||||
|  |   | ||||||
|  |    if (!tempname) | ||||||
|  |      return -1; | ||||||
|  | @@ -289,7 +309,7 @@ open_temp_exec_file_dir (const char *dir
 | ||||||
|  |    memcpy (tempname, dir, lendir); | ||||||
|  |    memcpy (tempname + lendir, suffix, sizeof (suffix)); | ||||||
|  |   | ||||||
|  | -  return open_temp_exec_file_name (tempname);
 | ||||||
|  | +  return open_temp_exec_file_name (tempname, flags);
 | ||||||
|  |  } | ||||||
|  |   | ||||||
|  |  /* Open a temporary file in the directory in the named environment | ||||||
| @ -2,7 +2,7 @@ | |||||||
| 
 | 
 | ||||||
| Name:		libffi | Name:		libffi | ||||||
| Version:	3.1 | Version:	3.1 | ||||||
| Release:	18%{?dist} | Release:	21%{?dist} | ||||||
| Summary:	A portable foreign function interface library | Summary:	A portable foreign function interface library | ||||||
| 
 | 
 | ||||||
| Group:		System Environment/Libraries | Group:		System Environment/Libraries | ||||||
| @ -15,6 +15,7 @@ Patch0:		libffi-3.1-fix-include-path.patch | |||||||
| Patch1:		libffi-3.1-fix-exec-stack.patch | Patch1:		libffi-3.1-fix-exec-stack.patch | ||||||
| Patch2:		libffi-aarch64-rhbz1174037.patch | Patch2:		libffi-aarch64-rhbz1174037.patch | ||||||
| Patch3:		libffi-3.1-aarch64-fix-exec-stack.patch | Patch3:		libffi-3.1-aarch64-fix-exec-stack.patch | ||||||
|  | Patch5:		libffi-3.1-closures-Create-temporary-file-with-O_TMPFILE-and-O_.patch | ||||||
| 
 | 
 | ||||||
| %description | %description | ||||||
| Compilers for high level languages generate code that follow certain | Compilers for high level languages generate code that follow certain | ||||||
| @ -63,6 +64,7 @@ developing applications that use %{name}. | |||||||
| %patch1 -p1 -b .execstack | %patch1 -p1 -b .execstack | ||||||
| %patch2 -p1 -b .aarch64 | %patch2 -p1 -b .aarch64 | ||||||
| %patch3 -p1 -b .aarch64execstack | %patch3 -p1 -b .aarch64execstack | ||||||
|  | %patch5 -p1 | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| %build | %build | ||||||
| @ -123,6 +125,15 @@ fi | |||||||
| %{_infodir}/libffi.info.gz | %{_infodir}/libffi.info.gz | ||||||
| 
 | 
 | ||||||
| %changelog | %changelog | ||||||
|  | * Thu Aug 1 2019 DJ Delorie <dj@redhat.com> - 3.1-21 | ||||||
|  | - Revert 1652930 until 1721569 can be fixed (#1652930) | ||||||
|  | 
 | ||||||
|  | * Fri Jun 14 2019 DJ Delorie <dj@redhat.com> - 3.1-20 | ||||||
|  | - closures: Create temporary file with O_TMPFILE and O_CLOEXEC (#1720600) | ||||||
|  | 
 | ||||||
|  | * Fri Jun 14 2019 Florian Weimer <fweimer@redhat.com> - 3.1-19 | ||||||
|  | - aarch64: Flush code alias mapping after creating closure (#1652930) | ||||||
|  | 
 | ||||||
| * Tue Nov 27 2018 Severin Gehwolf <sgehwolf@redhat.com> - 3.1-18 | * Tue Nov 27 2018 Severin Gehwolf <sgehwolf@redhat.com> - 3.1-18 | ||||||
| - Compile with -Wa,--generate-missing-build-notes=yes | - Compile with -Wa,--generate-missing-build-notes=yes | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user