Update to 1.71.1.

Security fix for CVE-2023-38497

Resolves: rhbz#2228138
This commit is contained in:
Josh Stone 2023-08-08 14:41:54 -07:00
parent 2ee658390a
commit 325b33079e
7 changed files with 56 additions and 295 deletions

1
.gitignore vendored
View File

@ -9,3 +9,4 @@ SOURCES/wasi-libc-wasi-sdk-17.tar.gz
/rustc-1.70.0-src.tar.xz
/wasi-libc-wasi-sdk-20.tar.gz
/rustc-1.71.0-src.tar.xz
/rustc-1.71.1-src.tar.xz

View File

@ -1,60 +0,0 @@
From 9204a8359201271fd7b1c625d6f29ddd095a419d Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Mon, 10 Jul 2023 13:48:49 -0700
Subject: [PATCH] Revert "Fix `x test lint-docs` when download-rustc is
enabled"
This reverts commit abf9cbcb69e485b56776112bc587f6166e7ac5c9.
---
src/tools/lint-docs/src/groups.rs | 3 +--
src/tools/lint-docs/src/lib.rs | 9 ---------
2 files changed, 1 insertion(+), 11 deletions(-)
diff --git a/src/tools/lint-docs/src/groups.rs b/src/tools/lint-docs/src/groups.rs
index b11fb287cf4d..2a923a61b0a7 100644
--- a/src/tools/lint-docs/src/groups.rs
+++ b/src/tools/lint-docs/src/groups.rs
@@ -39,12 +39,11 @@ pub(crate) fn generate_group_docs(&self, lints: &[Lint]) -> Result<(), Box<dyn E
fn collect_groups(&self) -> Result<LintGroups, Box<dyn Error>> {
let mut result = BTreeMap::new();
let mut cmd = Command::new(self.rustc_path);
- cmd.env_remove("LD_LIBRARY_PATH");
cmd.arg("-Whelp");
let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?;
if !output.status.success() {
return Err(format!(
- "failed to collect lint info: failed to run {cmd:?}: {:?}\n--- stderr\n{}--- stdout\n{}\n",
+ "failed to collect lint info: {:?}\n--- stderr\n{}--- stdout\n{}\n",
output.status,
std::str::from_utf8(&output.stderr).unwrap(),
std::str::from_utf8(&output.stdout).unwrap(),
diff --git a/src/tools/lint-docs/src/lib.rs b/src/tools/lint-docs/src/lib.rs
index fe29b9abda39..034c6aa0708e 100644
--- a/src/tools/lint-docs/src/lib.rs
+++ b/src/tools/lint-docs/src/lib.rs
@@ -403,12 +403,6 @@ fn generate_lint_output(
fs::write(&tempfile, source)
.map_err(|e| format!("failed to write {}: {}", tempfile.display(), e))?;
let mut cmd = Command::new(self.rustc_path);
- // NOTE: bootstrap sets `LD_LIBRARY_PATH` for building lint-docs itself.
- // Unfortunately, lint-docs is a bootstrap tool while rustc is built from source,
- // and sometimes the paths conflict. In particular, when using `download-rustc`,
- // the LLVM versions can differ between `ci-llvm` and `ci-rustc-sysroot`.
- // Unset LD_LIBRARY_PATH here so it doesn't interfere with running the compiler.
- cmd.env_remove("LD_LIBRARY_PATH");
if options.contains(&"edition2015") {
cmd.arg("--edition=2015");
} else {
@@ -421,9 +415,6 @@ fn generate_lint_output(
}
cmd.arg("lint_example.rs");
cmd.current_dir(tempdir.path());
- if self.verbose {
- eprintln!("running: {cmd:?}");
- }
let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?;
let stderr = std::str::from_utf8(&output.stderr).unwrap();
let msgs = stderr
--
2.41.0

View File

@ -1,31 +0,0 @@
From cea2e61a03773ce28fd57b7338c4ae4d947650ca Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Mon, 10 Jul 2023 15:52:55 -0700
Subject: [PATCH] Revert "fix: :bug: etc/bash_complettion -> src/etc/... to
avoid copy error"
This reverts commit 08ce68b6a6bad360e9c3611ad60cf6598401f878.
---
src/bootstrap/dist.rs | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/src/bootstrap/dist.rs b/src/bootstrap/dist.rs
index b49845386da1..9cead7adc8c3 100644
--- a/src/bootstrap/dist.rs
+++ b/src/bootstrap/dist.rs
@@ -1071,11 +1071,7 @@ fn run(self, builder: &Builder<'_>) -> Option<GeneratedTarball> {
tarball.add_file(&cargo, "bin", 0o755);
tarball.add_file(etc.join("_cargo"), "share/zsh/site-functions", 0o644);
- tarball.add_renamed_file(
- etc.join("cargo.bashcomp.sh"),
- "src/etc/bash_completion.d",
- "cargo",
- );
+ tarball.add_renamed_file(etc.join("cargo.bashcomp.sh"), "etc/bash_completion.d", "cargo");
tarball.add_dir(etc.join("man"), "share/man/man1");
tarball.add_legal_and_readme_to("share/doc/cargo");
--
2.41.0

View File

@ -1,185 +0,0 @@
From abb7c31ab038f38e33057062ae8b66b4e3cd699c Mon Sep 17 00:00:00 2001
From: Guillaume Gomez <guillaume1.gomez@gmail.com>
Date: Thu, 15 Jun 2023 22:04:55 +0200
Subject: [PATCH] Rollup merge of #112517 - fee1-dead-contrib:sus-op-no-borrow,
r=compiler-errors
`suspicious_double_ref_op`: don't lint on `.borrow()`
closes #112489
(cherry picked from commit db7d8374c1b6f1e2e8297f43e6a2cbffeff21882)
---
compiler/rustc_lint/messages.ftl | 12 ++--
compiler/rustc_lint/src/lints.rs | 12 ++--
compiler/rustc_lint/src/noop_method_call.rs | 62 +++++++++++----------
tests/ui/lint/issue-112489.rs | 17 ++++++
4 files changed, 64 insertions(+), 39 deletions(-)
create mode 100644 tests/ui/lint/issue-112489.rs
diff --git a/compiler/rustc_lint/messages.ftl b/compiler/rustc_lint/messages.ftl
index d34a3afcba53..0fa67cdb391f 100644
--- a/compiler/rustc_lint/messages.ftl
+++ b/compiler/rustc_lint/messages.ftl
@@ -463,13 +463,11 @@ lint_requested_level = requested on the command line with `{$level} {$lint_name}
lint_supertrait_as_deref_target = `{$t}` implements `Deref` with supertrait `{$target_principal}` as target
.label = target type is set here
-lint_suspicious_double_ref_op =
- using `.{$call}()` on a double reference, which returns `{$ty}` instead of {$op ->
- *[should_not_happen] [{$op}]
- [deref] dereferencing
- [borrow] borrowing
- [clone] cloning
- } the inner type
+lint_suspicious_double_ref_clone =
+ using `.clone()` on a double reference, which returns `{$ty}` instead of cloning the inner type
+
+lint_suspicious_double_ref_deref =
+ using `.deref()` on a double reference, which returns `{$ty}` instead of dereferencing the inner type
lint_trivial_untranslatable_diag = diagnostic with static strings only
diff --git a/compiler/rustc_lint/src/lints.rs b/compiler/rustc_lint/src/lints.rs
index de1c2be28757..d96723a68eb6 100644
--- a/compiler/rustc_lint/src/lints.rs
+++ b/compiler/rustc_lint/src/lints.rs
@@ -1188,11 +1188,15 @@ pub struct NoopMethodCallDiag<'a> {
}
#[derive(LintDiagnostic)]
-#[diag(lint_suspicious_double_ref_op)]
-pub struct SuspiciousDoubleRefDiag<'a> {
- pub call: Symbol,
+#[diag(lint_suspicious_double_ref_deref)]
+pub struct SuspiciousDoubleRefDerefDiag<'a> {
+ pub ty: Ty<'a>,
+}
+
+#[derive(LintDiagnostic)]
+#[diag(lint_suspicious_double_ref_clone)]
+pub struct SuspiciousDoubleRefCloneDiag<'a> {
pub ty: Ty<'a>,
- pub op: &'static str,
}
// pass_by_value.rs
diff --git a/compiler/rustc_lint/src/noop_method_call.rs b/compiler/rustc_lint/src/noop_method_call.rs
index d054966459d8..d56c35bb677a 100644
--- a/compiler/rustc_lint/src/noop_method_call.rs
+++ b/compiler/rustc_lint/src/noop_method_call.rs
@@ -1,5 +1,7 @@
use crate::context::LintContext;
-use crate::lints::{NoopMethodCallDiag, SuspiciousDoubleRefDiag};
+use crate::lints::{
+ NoopMethodCallDiag, SuspiciousDoubleRefCloneDiag, SuspiciousDoubleRefDerefDiag,
+};
use crate::LateContext;
use crate::LateLintPass;
use rustc_hir::def::DefKind;
@@ -76,22 +78,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
// We only care about method calls corresponding to the `Clone`, `Deref` and `Borrow`
// traits and ignore any other method call.
- let did = match cx.typeck_results().type_dependent_def(expr.hir_id) {
- // Verify we are dealing with a method/associated function.
- Some((DefKind::AssocFn, did)) => match cx.tcx.trait_of_item(did) {
- // Check that we're dealing with a trait method for one of the traits we care about.
- Some(trait_id)
- if matches!(
- cx.tcx.get_diagnostic_name(trait_id),
- Some(sym::Borrow | sym::Clone | sym::Deref)
- ) =>
- {
- did
- }
- _ => return,
- },
- _ => return,
+
+ let Some((DefKind::AssocFn, did)) =
+ cx.typeck_results().type_dependent_def(expr.hir_id)
+ else {
+ return;
+ };
+
+ let Some(trait_id) = cx.tcx.trait_of_item(did) else { return };
+
+ if !matches!(
+ cx.tcx.get_diagnostic_name(trait_id),
+ Some(sym::Borrow | sym::Clone | sym::Deref)
+ ) {
+ return;
};
+
let substs = cx
.tcx
.normalize_erasing_regions(cx.param_env, cx.typeck_results().node_substs(expr.hir_id));
@@ -102,13 +104,6 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
// (Re)check that it implements the noop diagnostic.
let Some(name) = cx.tcx.get_diagnostic_name(i.def_id()) else { return };
- let op = match name {
- sym::noop_method_borrow => "borrow",
- sym::noop_method_clone => "clone",
- sym::noop_method_deref => "deref",
- _ => return,
- };
-
let receiver_ty = cx.typeck_results().expr_ty(receiver);
let expr_ty = cx.typeck_results().expr_ty_adjusted(expr);
let arg_adjustments = cx.typeck_results().expr_adjustments(receiver);
@@ -129,11 +124,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
NoopMethodCallDiag { method: call.ident.name, receiver_ty, label: span },
);
} else {
- cx.emit_spanned_lint(
- SUSPICIOUS_DOUBLE_REF_OP,
- span,
- SuspiciousDoubleRefDiag { call: call.ident.name, ty: expr_ty, op },
- )
+ match name {
+ // If `type_of(x) == T` and `x.borrow()` is used to get `&T`,
+ // then that should be allowed
+ sym::noop_method_borrow => return,
+ sym::noop_method_clone => cx.emit_spanned_lint(
+ SUSPICIOUS_DOUBLE_REF_OP,
+ span,
+ SuspiciousDoubleRefCloneDiag { ty: expr_ty },
+ ),
+ sym::noop_method_deref => cx.emit_spanned_lint(
+ SUSPICIOUS_DOUBLE_REF_OP,
+ span,
+ SuspiciousDoubleRefDerefDiag { ty: expr_ty },
+ ),
+ _ => return,
+ }
}
}
}
diff --git a/tests/ui/lint/issue-112489.rs b/tests/ui/lint/issue-112489.rs
new file mode 100644
index 000000000000..559edf0e4f23
--- /dev/null
+++ b/tests/ui/lint/issue-112489.rs
@@ -0,0 +1,17 @@
+// check-pass
+use std::borrow::Borrow;
+
+struct S;
+
+trait T: Sized {
+ fn foo(self) {}
+}
+
+impl T for S {}
+impl T for &S {}
+
+fn main() {
+ let s = S;
+ s.borrow().foo();
+ s.foo();
+}
--
2.41.0

View File

@ -0,0 +1,36 @@
From a627c8f54cab6880dc7d36c55092a94c6f750a6e Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Thu, 3 Aug 2023 15:05:40 -0700
Subject: [PATCH] bootstrap: config: fix version comparison bug
Rust requires a previous version of Rust to build, such as the current version, or the
previous version. However, the version comparison logic did not take patch releases
into consideration when doing the version comparison for the current branch, e.g.
Rust 1.71.1 could not be built by Rust 1.71.0 because it is neither an exact version
match, or the previous version.
Adjust the version comparison logic to tolerate mismatches in the patch version.
Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
(cherry picked from commit 31a81a08786826cc6e832bd0b49fb8b934e29648)
---
src/bootstrap/config.rs | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/bootstrap/config.rs b/src/bootstrap/config.rs
index e192cda9a9a7..2b5d0b94e968 100644
--- a/src/bootstrap/config.rs
+++ b/src/bootstrap/config.rs
@@ -1805,7 +1805,8 @@ pub fn check_build_rustc_version(&self) {
.unwrap();
if !(source_version == rustc_version
|| (source_version.major == rustc_version.major
- && source_version.minor == rustc_version.minor + 1))
+ && (source_version.minor == rustc_version.minor
+ || source_version.minor == rustc_version.minor + 1)))
{
let prev_version = format!("{}.{}.x", source_version.major, source_version.minor - 1);
eprintln!(
--
2.41.0

View File

@ -87,8 +87,8 @@
%endif
Name: rust
Version: 1.71.0
Release: 2%{?dist}
Version: 1.71.1
Release: 1%{?dist}
Summary: The Rust Programming Language
License: (ASL 2.0 or MIT) and (BSD and MIT)
# ^ written as: (rust itself) and (bundled libraries)
@ -114,21 +114,12 @@ Patch2: rustc-1.70.0-rust-gdb-substitute-path.patch
# TODO: upstream this ability into the actual build configuration
Patch3: 0001-Let-environment-variables-override-some-default-CPUs.patch
# Restore LD_LIBRARY_PATH when running lint-docs
# https://github.com/rust-lang/rust/pull/110521#issuecomment-1629705099
Patch4: 0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch
# Restore the bash completion path
# https://github.com/rust-lang/rust/pull/110906#issuecomment-1629832675
Patch5: 0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch
# (c9s) rhbz2225471: relax the suspicious_double_ref_op lint
# https://github.com/rust-lang/rust/pull/112517
Patch6: 0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch
# Enable the profiler runtime for native hosts
# https://github.com/rust-lang/rust/pull/114069
Patch7: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch
Patch4: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch
# https://github.com/rust-lang/rust/pull/114440
Patch5: 0001-bootstrap-config-fix-version-comparison-bug.patch
### RHEL-specific patches below ###
@ -343,8 +334,10 @@ find '%{buildroot}%{rustlibdir}'/wasm*/lib -type f -regex '.*\\.\\(a\\|rlib\\)'
%{nil}
%endif
%if 0%{?fedora} || 0%{?rhel} >= 8
# For profiler_builtins
BuildRequires: compiler-rt
%endif
# This component was removed as of Rust 1.69.0.
# https://github.com/rust-lang/rust/pull/101841
@ -605,8 +598,6 @@ test -f '%{local_rust_root}/bin/rustc'
%patch -P3 -p1
%patch -P4 -p1
%patch -P5 -p1
%patch -P6 -p1
%patch -P7 -p1
%if %with disabled_libssh2
%patch -P100 -p1
@ -762,9 +753,11 @@ end}
end}
%endif
%if 0%{?fedora} || 0%{?rhel} >= 8
# The exact profiler path is version dependent, and uses LLVM-specific
# arch names in the filename, but this find is good enough for now...
PROFILER=$(find %{_libdir}/clang -type f -name 'libclang_rt.profile-*.a')
%endif
%configure --disable-option-checking \
--libdir=%{common_libdir} \
@ -920,7 +913,10 @@ done
# The results are not stable on koji, so mask errors and just log it.
# Some of the larger test artifacts are manually cleaned to save space.
timeout -v 90m %{__python3} ./x.py test --no-fail-fast || :
# Bootstrap is excluded because it's not something we ship, and a lot of its
# tests are geared toward the upstream CI environment.
timeout -v 90m %{__python3} ./x.py test --no-fail-fast --exclude src/bootstrap || :
rm -rf "./build/%{rust_triple}/test/"
timeout -v 30m %{__python3} ./x.py test --no-fail-fast cargo || :
@ -1086,6 +1082,10 @@ end}
%changelog
* Tue Aug 08 2023 Josh Stone <jistone@redhat.com> - 1.71.1-1
- Update to 1.71.1.
- Security fix for CVE-2023-38497
* Wed Jul 26 2023 Josh Stone <jistone@redhat.com> - 1.71.0-2
- Relax the suspicious_double_ref_op lint (rhbz2225471)
- Enable the profiler runtime for native hosts (rhbz2213875)

View File

@ -1,2 +1,2 @@
SHA512 (rustc-1.71.0-src.tar.xz) = 2c93bafdd248563765a285add48ca77c1e4bad4d5431675ae6a5cdee4cfe7a41e6bcc880a489ca1069a307fd9a005f2d5f8e230dfc95b4a69152b4f9ca49ac44
SHA512 (rustc-1.71.1-src.tar.xz) = fd0e5a16bdbeb539184513583089e55f681cb772810df357b6b1464853f7022ac02edab3dd155b2262ed0047e2a25dea3808dd078dcdfce9d399384465009db4
SHA512 (wasi-libc-wasi-sdk-20.tar.gz) = e264240dc7dbcf6398c8ca09bc108298f4a8aa955af22de5a3015fbcde81cb09dd83cd48349090082d5de0e8a3dbcf746c7b14657c67657b3f2f1ab28bb9cf05