From 325b33079e394a5669637657da423cb9ef2cc6c3 Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Tue, 8 Aug 2023 14:41:54 -0700 Subject: [PATCH] Update to 1.71.1. Security fix for CVE-2023-38497 Resolves: rhbz#2228138 --- .gitignore | 1 + ...t-lint-docs-when-download-rustc-is-e.patch | 60 ------ ...tc-bash_complettion-src-etc-.-to-avo.patch | 31 --- ...112517-fee1-dead-contrib-sus-op-no-b.patch | 185 ------------------ ...ap-config-fix-version-comparison-bug.patch | 36 ++++ rust.spec | 36 ++-- sources | 2 +- 7 files changed, 56 insertions(+), 295 deletions(-) delete mode 100644 0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch delete mode 100644 0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch delete mode 100644 0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch create mode 100644 0001-bootstrap-config-fix-version-comparison-bug.patch diff --git a/.gitignore b/.gitignore index 8882610..96a2d76 100644 --- a/.gitignore +++ b/.gitignore @@ -9,3 +9,4 @@ SOURCES/wasi-libc-wasi-sdk-17.tar.gz /rustc-1.70.0-src.tar.xz /wasi-libc-wasi-sdk-20.tar.gz /rustc-1.71.0-src.tar.xz +/rustc-1.71.1-src.tar.xz diff --git a/0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch b/0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch deleted file mode 100644 index 50518c6..0000000 --- a/0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 9204a8359201271fd7b1c625d6f29ddd095a419d Mon Sep 17 00:00:00 2001 -From: Josh Stone -Date: Mon, 10 Jul 2023 13:48:49 -0700 -Subject: [PATCH] Revert "Fix `x test lint-docs` when download-rustc is - enabled" - -This reverts commit abf9cbcb69e485b56776112bc587f6166e7ac5c9. ---- - src/tools/lint-docs/src/groups.rs | 3 +-- - src/tools/lint-docs/src/lib.rs | 9 --------- - 2 files changed, 1 insertion(+), 11 deletions(-) - -diff --git a/src/tools/lint-docs/src/groups.rs b/src/tools/lint-docs/src/groups.rs -index b11fb287cf4d..2a923a61b0a7 100644 ---- a/src/tools/lint-docs/src/groups.rs -+++ b/src/tools/lint-docs/src/groups.rs -@@ -39,12 +39,11 @@ pub(crate) fn generate_group_docs(&self, lints: &[Lint]) -> Result<(), Box Result> { - let mut result = BTreeMap::new(); - let mut cmd = Command::new(self.rustc_path); -- cmd.env_remove("LD_LIBRARY_PATH"); - cmd.arg("-Whelp"); - let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?; - if !output.status.success() { - return Err(format!( -- "failed to collect lint info: failed to run {cmd:?}: {:?}\n--- stderr\n{}--- stdout\n{}\n", -+ "failed to collect lint info: {:?}\n--- stderr\n{}--- stdout\n{}\n", - output.status, - std::str::from_utf8(&output.stderr).unwrap(), - std::str::from_utf8(&output.stdout).unwrap(), -diff --git a/src/tools/lint-docs/src/lib.rs b/src/tools/lint-docs/src/lib.rs -index fe29b9abda39..034c6aa0708e 100644 ---- a/src/tools/lint-docs/src/lib.rs -+++ b/src/tools/lint-docs/src/lib.rs -@@ -403,12 +403,6 @@ fn generate_lint_output( - fs::write(&tempfile, source) - .map_err(|e| format!("failed to write {}: {}", tempfile.display(), e))?; - let mut cmd = Command::new(self.rustc_path); -- // NOTE: bootstrap sets `LD_LIBRARY_PATH` for building lint-docs itself. -- // Unfortunately, lint-docs is a bootstrap tool while rustc is built from source, -- // and sometimes the paths conflict. In particular, when using `download-rustc`, -- // the LLVM versions can differ between `ci-llvm` and `ci-rustc-sysroot`. -- // Unset LD_LIBRARY_PATH here so it doesn't interfere with running the compiler. -- cmd.env_remove("LD_LIBRARY_PATH"); - if options.contains(&"edition2015") { - cmd.arg("--edition=2015"); - } else { -@@ -421,9 +415,6 @@ fn generate_lint_output( - } - cmd.arg("lint_example.rs"); - cmd.current_dir(tempdir.path()); -- if self.verbose { -- eprintln!("running: {cmd:?}"); -- } - let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?; - let stderr = std::str::from_utf8(&output.stderr).unwrap(); - let msgs = stderr --- -2.41.0 - diff --git a/0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch b/0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch deleted file mode 100644 index a326207..0000000 --- a/0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch +++ /dev/null @@ -1,31 +0,0 @@ -From cea2e61a03773ce28fd57b7338c4ae4d947650ca Mon Sep 17 00:00:00 2001 -From: Josh Stone -Date: Mon, 10 Jul 2023 15:52:55 -0700 -Subject: [PATCH] Revert "fix: :bug: etc/bash_complettion -> src/etc/... to - avoid copy error" - -This reverts commit 08ce68b6a6bad360e9c3611ad60cf6598401f878. ---- - src/bootstrap/dist.rs | 6 +----- - 1 file changed, 1 insertion(+), 5 deletions(-) - -diff --git a/src/bootstrap/dist.rs b/src/bootstrap/dist.rs -index b49845386da1..9cead7adc8c3 100644 ---- a/src/bootstrap/dist.rs -+++ b/src/bootstrap/dist.rs -@@ -1071,11 +1071,7 @@ fn run(self, builder: &Builder<'_>) -> Option { - - tarball.add_file(&cargo, "bin", 0o755); - tarball.add_file(etc.join("_cargo"), "share/zsh/site-functions", 0o644); -- tarball.add_renamed_file( -- etc.join("cargo.bashcomp.sh"), -- "src/etc/bash_completion.d", -- "cargo", -- ); -+ tarball.add_renamed_file(etc.join("cargo.bashcomp.sh"), "etc/bash_completion.d", "cargo"); - tarball.add_dir(etc.join("man"), "share/man/man1"); - tarball.add_legal_and_readme_to("share/doc/cargo"); - --- -2.41.0 - diff --git a/0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch b/0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch deleted file mode 100644 index 8f8c544..0000000 --- a/0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch +++ /dev/null @@ -1,185 +0,0 @@ -From abb7c31ab038f38e33057062ae8b66b4e3cd699c Mon Sep 17 00:00:00 2001 -From: Guillaume Gomez -Date: Thu, 15 Jun 2023 22:04:55 +0200 -Subject: [PATCH] Rollup merge of #112517 - fee1-dead-contrib:sus-op-no-borrow, - r=compiler-errors - -`suspicious_double_ref_op`: don't lint on `.borrow()` - -closes #112489 - -(cherry picked from commit db7d8374c1b6f1e2e8297f43e6a2cbffeff21882) ---- - compiler/rustc_lint/messages.ftl | 12 ++-- - compiler/rustc_lint/src/lints.rs | 12 ++-- - compiler/rustc_lint/src/noop_method_call.rs | 62 +++++++++++---------- - tests/ui/lint/issue-112489.rs | 17 ++++++ - 4 files changed, 64 insertions(+), 39 deletions(-) - create mode 100644 tests/ui/lint/issue-112489.rs - -diff --git a/compiler/rustc_lint/messages.ftl b/compiler/rustc_lint/messages.ftl -index d34a3afcba53..0fa67cdb391f 100644 ---- a/compiler/rustc_lint/messages.ftl -+++ b/compiler/rustc_lint/messages.ftl -@@ -463,13 +463,11 @@ lint_requested_level = requested on the command line with `{$level} {$lint_name} - lint_supertrait_as_deref_target = `{$t}` implements `Deref` with supertrait `{$target_principal}` as target - .label = target type is set here - --lint_suspicious_double_ref_op = -- using `.{$call}()` on a double reference, which returns `{$ty}` instead of {$op -> -- *[should_not_happen] [{$op}] -- [deref] dereferencing -- [borrow] borrowing -- [clone] cloning -- } the inner type -+lint_suspicious_double_ref_clone = -+ using `.clone()` on a double reference, which returns `{$ty}` instead of cloning the inner type -+ -+lint_suspicious_double_ref_deref = -+ using `.deref()` on a double reference, which returns `{$ty}` instead of dereferencing the inner type - - lint_trivial_untranslatable_diag = diagnostic with static strings only - -diff --git a/compiler/rustc_lint/src/lints.rs b/compiler/rustc_lint/src/lints.rs -index de1c2be28757..d96723a68eb6 100644 ---- a/compiler/rustc_lint/src/lints.rs -+++ b/compiler/rustc_lint/src/lints.rs -@@ -1188,11 +1188,15 @@ pub struct NoopMethodCallDiag<'a> { - } - - #[derive(LintDiagnostic)] --#[diag(lint_suspicious_double_ref_op)] --pub struct SuspiciousDoubleRefDiag<'a> { -- pub call: Symbol, -+#[diag(lint_suspicious_double_ref_deref)] -+pub struct SuspiciousDoubleRefDerefDiag<'a> { -+ pub ty: Ty<'a>, -+} -+ -+#[derive(LintDiagnostic)] -+#[diag(lint_suspicious_double_ref_clone)] -+pub struct SuspiciousDoubleRefCloneDiag<'a> { - pub ty: Ty<'a>, -- pub op: &'static str, - } - - // pass_by_value.rs -diff --git a/compiler/rustc_lint/src/noop_method_call.rs b/compiler/rustc_lint/src/noop_method_call.rs -index d054966459d8..d56c35bb677a 100644 ---- a/compiler/rustc_lint/src/noop_method_call.rs -+++ b/compiler/rustc_lint/src/noop_method_call.rs -@@ -1,5 +1,7 @@ - use crate::context::LintContext; --use crate::lints::{NoopMethodCallDiag, SuspiciousDoubleRefDiag}; -+use crate::lints::{ -+ NoopMethodCallDiag, SuspiciousDoubleRefCloneDiag, SuspiciousDoubleRefDerefDiag, -+}; - use crate::LateContext; - use crate::LateLintPass; - use rustc_hir::def::DefKind; -@@ -76,22 +78,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) { - - // We only care about method calls corresponding to the `Clone`, `Deref` and `Borrow` - // traits and ignore any other method call. -- let did = match cx.typeck_results().type_dependent_def(expr.hir_id) { -- // Verify we are dealing with a method/associated function. -- Some((DefKind::AssocFn, did)) => match cx.tcx.trait_of_item(did) { -- // Check that we're dealing with a trait method for one of the traits we care about. -- Some(trait_id) -- if matches!( -- cx.tcx.get_diagnostic_name(trait_id), -- Some(sym::Borrow | sym::Clone | sym::Deref) -- ) => -- { -- did -- } -- _ => return, -- }, -- _ => return, -+ -+ let Some((DefKind::AssocFn, did)) = -+ cx.typeck_results().type_dependent_def(expr.hir_id) -+ else { -+ return; -+ }; -+ -+ let Some(trait_id) = cx.tcx.trait_of_item(did) else { return }; -+ -+ if !matches!( -+ cx.tcx.get_diagnostic_name(trait_id), -+ Some(sym::Borrow | sym::Clone | sym::Deref) -+ ) { -+ return; - }; -+ - let substs = cx - .tcx - .normalize_erasing_regions(cx.param_env, cx.typeck_results().node_substs(expr.hir_id)); -@@ -102,13 +104,6 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) { - // (Re)check that it implements the noop diagnostic. - let Some(name) = cx.tcx.get_diagnostic_name(i.def_id()) else { return }; - -- let op = match name { -- sym::noop_method_borrow => "borrow", -- sym::noop_method_clone => "clone", -- sym::noop_method_deref => "deref", -- _ => return, -- }; -- - let receiver_ty = cx.typeck_results().expr_ty(receiver); - let expr_ty = cx.typeck_results().expr_ty_adjusted(expr); - let arg_adjustments = cx.typeck_results().expr_adjustments(receiver); -@@ -129,11 +124,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) { - NoopMethodCallDiag { method: call.ident.name, receiver_ty, label: span }, - ); - } else { -- cx.emit_spanned_lint( -- SUSPICIOUS_DOUBLE_REF_OP, -- span, -- SuspiciousDoubleRefDiag { call: call.ident.name, ty: expr_ty, op }, -- ) -+ match name { -+ // If `type_of(x) == T` and `x.borrow()` is used to get `&T`, -+ // then that should be allowed -+ sym::noop_method_borrow => return, -+ sym::noop_method_clone => cx.emit_spanned_lint( -+ SUSPICIOUS_DOUBLE_REF_OP, -+ span, -+ SuspiciousDoubleRefCloneDiag { ty: expr_ty }, -+ ), -+ sym::noop_method_deref => cx.emit_spanned_lint( -+ SUSPICIOUS_DOUBLE_REF_OP, -+ span, -+ SuspiciousDoubleRefDerefDiag { ty: expr_ty }, -+ ), -+ _ => return, -+ } - } - } - } -diff --git a/tests/ui/lint/issue-112489.rs b/tests/ui/lint/issue-112489.rs -new file mode 100644 -index 000000000000..559edf0e4f23 ---- /dev/null -+++ b/tests/ui/lint/issue-112489.rs -@@ -0,0 +1,17 @@ -+// check-pass -+use std::borrow::Borrow; -+ -+struct S; -+ -+trait T: Sized { -+ fn foo(self) {} -+} -+ -+impl T for S {} -+impl T for &S {} -+ -+fn main() { -+ let s = S; -+ s.borrow().foo(); -+ s.foo(); -+} --- -2.41.0 - diff --git a/0001-bootstrap-config-fix-version-comparison-bug.patch b/0001-bootstrap-config-fix-version-comparison-bug.patch new file mode 100644 index 0000000..f0c4e55 --- /dev/null +++ b/0001-bootstrap-config-fix-version-comparison-bug.patch @@ -0,0 +1,36 @@ +From a627c8f54cab6880dc7d36c55092a94c6f750a6e Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Thu, 3 Aug 2023 15:05:40 -0700 +Subject: [PATCH] bootstrap: config: fix version comparison bug + +Rust requires a previous version of Rust to build, such as the current version, or the +previous version. However, the version comparison logic did not take patch releases +into consideration when doing the version comparison for the current branch, e.g. +Rust 1.71.1 could not be built by Rust 1.71.0 because it is neither an exact version +match, or the previous version. + +Adjust the version comparison logic to tolerate mismatches in the patch version. + +Signed-off-by: Ariadne Conill +(cherry picked from commit 31a81a08786826cc6e832bd0b49fb8b934e29648) +--- + src/bootstrap/config.rs | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/src/bootstrap/config.rs b/src/bootstrap/config.rs +index e192cda9a9a7..2b5d0b94e968 100644 +--- a/src/bootstrap/config.rs ++++ b/src/bootstrap/config.rs +@@ -1805,7 +1805,8 @@ pub fn check_build_rustc_version(&self) { + .unwrap(); + if !(source_version == rustc_version + || (source_version.major == rustc_version.major +- && source_version.minor == rustc_version.minor + 1)) ++ && (source_version.minor == rustc_version.minor ++ || source_version.minor == rustc_version.minor + 1))) + { + let prev_version = format!("{}.{}.x", source_version.major, source_version.minor - 1); + eprintln!( +-- +2.41.0 + diff --git a/rust.spec b/rust.spec index 0427d2d..a6c5c42 100644 --- a/rust.spec +++ b/rust.spec @@ -87,8 +87,8 @@ %endif Name: rust -Version: 1.71.0 -Release: 2%{?dist} +Version: 1.71.1 +Release: 1%{?dist} Summary: The Rust Programming Language License: (ASL 2.0 or MIT) and (BSD and MIT) # ^ written as: (rust itself) and (bundled libraries) @@ -114,21 +114,12 @@ Patch2: rustc-1.70.0-rust-gdb-substitute-path.patch # TODO: upstream this ability into the actual build configuration Patch3: 0001-Let-environment-variables-override-some-default-CPUs.patch -# Restore LD_LIBRARY_PATH when running lint-docs -# https://github.com/rust-lang/rust/pull/110521#issuecomment-1629705099 -Patch4: 0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch - -# Restore the bash completion path -# https://github.com/rust-lang/rust/pull/110906#issuecomment-1629832675 -Patch5: 0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch - -# (c9s) rhbz2225471: relax the suspicious_double_ref_op lint -# https://github.com/rust-lang/rust/pull/112517 -Patch6: 0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch - # Enable the profiler runtime for native hosts # https://github.com/rust-lang/rust/pull/114069 -Patch7: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch +Patch4: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch + +# https://github.com/rust-lang/rust/pull/114440 +Patch5: 0001-bootstrap-config-fix-version-comparison-bug.patch ### RHEL-specific patches below ### @@ -343,8 +334,10 @@ find '%{buildroot}%{rustlibdir}'/wasm*/lib -type f -regex '.*\\.\\(a\\|rlib\\)' %{nil} %endif +%if 0%{?fedora} || 0%{?rhel} >= 8 # For profiler_builtins BuildRequires: compiler-rt +%endif # This component was removed as of Rust 1.69.0. # https://github.com/rust-lang/rust/pull/101841 @@ -605,8 +598,6 @@ test -f '%{local_rust_root}/bin/rustc' %patch -P3 -p1 %patch -P4 -p1 %patch -P5 -p1 -%patch -P6 -p1 -%patch -P7 -p1 %if %with disabled_libssh2 %patch -P100 -p1 @@ -762,9 +753,11 @@ end} end} %endif +%if 0%{?fedora} || 0%{?rhel} >= 8 # The exact profiler path is version dependent, and uses LLVM-specific # arch names in the filename, but this find is good enough for now... PROFILER=$(find %{_libdir}/clang -type f -name 'libclang_rt.profile-*.a') +%endif %configure --disable-option-checking \ --libdir=%{common_libdir} \ @@ -920,7 +913,10 @@ done # The results are not stable on koji, so mask errors and just log it. # Some of the larger test artifacts are manually cleaned to save space. -timeout -v 90m %{__python3} ./x.py test --no-fail-fast || : + +# Bootstrap is excluded because it's not something we ship, and a lot of its +# tests are geared toward the upstream CI environment. +timeout -v 90m %{__python3} ./x.py test --no-fail-fast --exclude src/bootstrap || : rm -rf "./build/%{rust_triple}/test/" timeout -v 30m %{__python3} ./x.py test --no-fail-fast cargo || : @@ -1086,6 +1082,10 @@ end} %changelog +* Tue Aug 08 2023 Josh Stone - 1.71.1-1 +- Update to 1.71.1. +- Security fix for CVE-2023-38497 + * Wed Jul 26 2023 Josh Stone - 1.71.0-2 - Relax the suspicious_double_ref_op lint (rhbz2225471) - Enable the profiler runtime for native hosts (rhbz2213875) diff --git a/sources b/sources index 622ee4f..8a2c328 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (rustc-1.71.0-src.tar.xz) = 2c93bafdd248563765a285add48ca77c1e4bad4d5431675ae6a5cdee4cfe7a41e6bcc880a489ca1069a307fd9a005f2d5f8e230dfc95b4a69152b4f9ca49ac44 +SHA512 (rustc-1.71.1-src.tar.xz) = fd0e5a16bdbeb539184513583089e55f681cb772810df357b6b1464853f7022ac02edab3dd155b2262ed0047e2a25dea3808dd078dcdfce9d399384465009db4 SHA512 (wasi-libc-wasi-sdk-20.tar.gz) = e264240dc7dbcf6398c8ca09bc108298f4a8aa955af22de5a3015fbcde81cb09dd83cd48349090082d5de0e8a3dbcf746c7b14657c67657b3f2f1ab28bb9cf05