Update to 1.71.1.

Security fix for CVE-2023-38497
This commit is contained in:
Josh Stone 2023-08-07 14:57:21 -07:00
parent 8cfe070190
commit cd2d5f3610
7 changed files with 52 additions and 295 deletions

1
.gitignore vendored
View File

@ -421,3 +421,4 @@
/rustc-1.70.0-src.tar.xz /rustc-1.70.0-src.tar.xz
/wasi-libc-wasi-sdk-20.tar.gz /wasi-libc-wasi-sdk-20.tar.gz
/rustc-1.71.0-src.tar.xz /rustc-1.71.0-src.tar.xz
/rustc-1.71.1-src.tar.xz

View File

@ -1,60 +0,0 @@
From 9204a8359201271fd7b1c625d6f29ddd095a419d Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Mon, 10 Jul 2023 13:48:49 -0700
Subject: [PATCH] Revert "Fix `x test lint-docs` when download-rustc is
enabled"
This reverts commit abf9cbcb69e485b56776112bc587f6166e7ac5c9.
---
src/tools/lint-docs/src/groups.rs | 3 +--
src/tools/lint-docs/src/lib.rs | 9 ---------
2 files changed, 1 insertion(+), 11 deletions(-)
diff --git a/src/tools/lint-docs/src/groups.rs b/src/tools/lint-docs/src/groups.rs
index b11fb287cf4d..2a923a61b0a7 100644
--- a/src/tools/lint-docs/src/groups.rs
+++ b/src/tools/lint-docs/src/groups.rs
@@ -39,12 +39,11 @@ pub(crate) fn generate_group_docs(&self, lints: &[Lint]) -> Result<(), Box<dyn E
fn collect_groups(&self) -> Result<LintGroups, Box<dyn Error>> {
let mut result = BTreeMap::new();
let mut cmd = Command::new(self.rustc_path);
- cmd.env_remove("LD_LIBRARY_PATH");
cmd.arg("-Whelp");
let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?;
if !output.status.success() {
return Err(format!(
- "failed to collect lint info: failed to run {cmd:?}: {:?}\n--- stderr\n{}--- stdout\n{}\n",
+ "failed to collect lint info: {:?}\n--- stderr\n{}--- stdout\n{}\n",
output.status,
std::str::from_utf8(&output.stderr).unwrap(),
std::str::from_utf8(&output.stdout).unwrap(),
diff --git a/src/tools/lint-docs/src/lib.rs b/src/tools/lint-docs/src/lib.rs
index fe29b9abda39..034c6aa0708e 100644
--- a/src/tools/lint-docs/src/lib.rs
+++ b/src/tools/lint-docs/src/lib.rs
@@ -403,12 +403,6 @@ fn generate_lint_output(
fs::write(&tempfile, source)
.map_err(|e| format!("failed to write {}: {}", tempfile.display(), e))?;
let mut cmd = Command::new(self.rustc_path);
- // NOTE: bootstrap sets `LD_LIBRARY_PATH` for building lint-docs itself.
- // Unfortunately, lint-docs is a bootstrap tool while rustc is built from source,
- // and sometimes the paths conflict. In particular, when using `download-rustc`,
- // the LLVM versions can differ between `ci-llvm` and `ci-rustc-sysroot`.
- // Unset LD_LIBRARY_PATH here so it doesn't interfere with running the compiler.
- cmd.env_remove("LD_LIBRARY_PATH");
if options.contains(&"edition2015") {
cmd.arg("--edition=2015");
} else {
@@ -421,9 +415,6 @@ fn generate_lint_output(
}
cmd.arg("lint_example.rs");
cmd.current_dir(tempdir.path());
- if self.verbose {
- eprintln!("running: {cmd:?}");
- }
let output = cmd.output().map_err(|e| format!("failed to run command {:?}\n{}", cmd, e))?;
let stderr = std::str::from_utf8(&output.stderr).unwrap();
let msgs = stderr
--
2.41.0

View File

@ -1,31 +0,0 @@
From cea2e61a03773ce28fd57b7338c4ae4d947650ca Mon Sep 17 00:00:00 2001
From: Josh Stone <jistone@redhat.com>
Date: Mon, 10 Jul 2023 15:52:55 -0700
Subject: [PATCH] Revert "fix: :bug: etc/bash_complettion -> src/etc/... to
avoid copy error"
This reverts commit 08ce68b6a6bad360e9c3611ad60cf6598401f878.
---
src/bootstrap/dist.rs | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/src/bootstrap/dist.rs b/src/bootstrap/dist.rs
index b49845386da1..9cead7adc8c3 100644
--- a/src/bootstrap/dist.rs
+++ b/src/bootstrap/dist.rs
@@ -1071,11 +1071,7 @@ fn run(self, builder: &Builder<'_>) -> Option<GeneratedTarball> {
tarball.add_file(&cargo, "bin", 0o755);
tarball.add_file(etc.join("_cargo"), "share/zsh/site-functions", 0o644);
- tarball.add_renamed_file(
- etc.join("cargo.bashcomp.sh"),
- "src/etc/bash_completion.d",
- "cargo",
- );
+ tarball.add_renamed_file(etc.join("cargo.bashcomp.sh"), "etc/bash_completion.d", "cargo");
tarball.add_dir(etc.join("man"), "share/man/man1");
tarball.add_legal_and_readme_to("share/doc/cargo");
--
2.41.0

View File

@ -1,185 +0,0 @@
From abb7c31ab038f38e33057062ae8b66b4e3cd699c Mon Sep 17 00:00:00 2001
From: Guillaume Gomez <guillaume1.gomez@gmail.com>
Date: Thu, 15 Jun 2023 22:04:55 +0200
Subject: [PATCH] Rollup merge of #112517 - fee1-dead-contrib:sus-op-no-borrow,
r=compiler-errors
`suspicious_double_ref_op`: don't lint on `.borrow()`
closes #112489
(cherry picked from commit db7d8374c1b6f1e2e8297f43e6a2cbffeff21882)
---
compiler/rustc_lint/messages.ftl | 12 ++--
compiler/rustc_lint/src/lints.rs | 12 ++--
compiler/rustc_lint/src/noop_method_call.rs | 62 +++++++++++----------
tests/ui/lint/issue-112489.rs | 17 ++++++
4 files changed, 64 insertions(+), 39 deletions(-)
create mode 100644 tests/ui/lint/issue-112489.rs
diff --git a/compiler/rustc_lint/messages.ftl b/compiler/rustc_lint/messages.ftl
index d34a3afcba53..0fa67cdb391f 100644
--- a/compiler/rustc_lint/messages.ftl
+++ b/compiler/rustc_lint/messages.ftl
@@ -463,13 +463,11 @@ lint_requested_level = requested on the command line with `{$level} {$lint_name}
lint_supertrait_as_deref_target = `{$t}` implements `Deref` with supertrait `{$target_principal}` as target
.label = target type is set here
-lint_suspicious_double_ref_op =
- using `.{$call}()` on a double reference, which returns `{$ty}` instead of {$op ->
- *[should_not_happen] [{$op}]
- [deref] dereferencing
- [borrow] borrowing
- [clone] cloning
- } the inner type
+lint_suspicious_double_ref_clone =
+ using `.clone()` on a double reference, which returns `{$ty}` instead of cloning the inner type
+
+lint_suspicious_double_ref_deref =
+ using `.deref()` on a double reference, which returns `{$ty}` instead of dereferencing the inner type
lint_trivial_untranslatable_diag = diagnostic with static strings only
diff --git a/compiler/rustc_lint/src/lints.rs b/compiler/rustc_lint/src/lints.rs
index de1c2be28757..d96723a68eb6 100644
--- a/compiler/rustc_lint/src/lints.rs
+++ b/compiler/rustc_lint/src/lints.rs
@@ -1188,11 +1188,15 @@ pub struct NoopMethodCallDiag<'a> {
}
#[derive(LintDiagnostic)]
-#[diag(lint_suspicious_double_ref_op)]
-pub struct SuspiciousDoubleRefDiag<'a> {
- pub call: Symbol,
+#[diag(lint_suspicious_double_ref_deref)]
+pub struct SuspiciousDoubleRefDerefDiag<'a> {
+ pub ty: Ty<'a>,
+}
+
+#[derive(LintDiagnostic)]
+#[diag(lint_suspicious_double_ref_clone)]
+pub struct SuspiciousDoubleRefCloneDiag<'a> {
pub ty: Ty<'a>,
- pub op: &'static str,
}
// pass_by_value.rs
diff --git a/compiler/rustc_lint/src/noop_method_call.rs b/compiler/rustc_lint/src/noop_method_call.rs
index d054966459d8..d56c35bb677a 100644
--- a/compiler/rustc_lint/src/noop_method_call.rs
+++ b/compiler/rustc_lint/src/noop_method_call.rs
@@ -1,5 +1,7 @@
use crate::context::LintContext;
-use crate::lints::{NoopMethodCallDiag, SuspiciousDoubleRefDiag};
+use crate::lints::{
+ NoopMethodCallDiag, SuspiciousDoubleRefCloneDiag, SuspiciousDoubleRefDerefDiag,
+};
use crate::LateContext;
use crate::LateLintPass;
use rustc_hir::def::DefKind;
@@ -76,22 +78,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
// We only care about method calls corresponding to the `Clone`, `Deref` and `Borrow`
// traits and ignore any other method call.
- let did = match cx.typeck_results().type_dependent_def(expr.hir_id) {
- // Verify we are dealing with a method/associated function.
- Some((DefKind::AssocFn, did)) => match cx.tcx.trait_of_item(did) {
- // Check that we're dealing with a trait method for one of the traits we care about.
- Some(trait_id)
- if matches!(
- cx.tcx.get_diagnostic_name(trait_id),
- Some(sym::Borrow | sym::Clone | sym::Deref)
- ) =>
- {
- did
- }
- _ => return,
- },
- _ => return,
+
+ let Some((DefKind::AssocFn, did)) =
+ cx.typeck_results().type_dependent_def(expr.hir_id)
+ else {
+ return;
+ };
+
+ let Some(trait_id) = cx.tcx.trait_of_item(did) else { return };
+
+ if !matches!(
+ cx.tcx.get_diagnostic_name(trait_id),
+ Some(sym::Borrow | sym::Clone | sym::Deref)
+ ) {
+ return;
};
+
let substs = cx
.tcx
.normalize_erasing_regions(cx.param_env, cx.typeck_results().node_substs(expr.hir_id));
@@ -102,13 +104,6 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
// (Re)check that it implements the noop diagnostic.
let Some(name) = cx.tcx.get_diagnostic_name(i.def_id()) else { return };
- let op = match name {
- sym::noop_method_borrow => "borrow",
- sym::noop_method_clone => "clone",
- sym::noop_method_deref => "deref",
- _ => return,
- };
-
let receiver_ty = cx.typeck_results().expr_ty(receiver);
let expr_ty = cx.typeck_results().expr_ty_adjusted(expr);
let arg_adjustments = cx.typeck_results().expr_adjustments(receiver);
@@ -129,11 +124,22 @@ fn check_expr(&mut self, cx: &LateContext<'tcx>, expr: &'tcx Expr<'_>) {
NoopMethodCallDiag { method: call.ident.name, receiver_ty, label: span },
);
} else {
- cx.emit_spanned_lint(
- SUSPICIOUS_DOUBLE_REF_OP,
- span,
- SuspiciousDoubleRefDiag { call: call.ident.name, ty: expr_ty, op },
- )
+ match name {
+ // If `type_of(x) == T` and `x.borrow()` is used to get `&T`,
+ // then that should be allowed
+ sym::noop_method_borrow => return,
+ sym::noop_method_clone => cx.emit_spanned_lint(
+ SUSPICIOUS_DOUBLE_REF_OP,
+ span,
+ SuspiciousDoubleRefCloneDiag { ty: expr_ty },
+ ),
+ sym::noop_method_deref => cx.emit_spanned_lint(
+ SUSPICIOUS_DOUBLE_REF_OP,
+ span,
+ SuspiciousDoubleRefDerefDiag { ty: expr_ty },
+ ),
+ _ => return,
+ }
}
}
}
diff --git a/tests/ui/lint/issue-112489.rs b/tests/ui/lint/issue-112489.rs
new file mode 100644
index 000000000000..559edf0e4f23
--- /dev/null
+++ b/tests/ui/lint/issue-112489.rs
@@ -0,0 +1,17 @@
+// check-pass
+use std::borrow::Borrow;
+
+struct S;
+
+trait T: Sized {
+ fn foo(self) {}
+}
+
+impl T for S {}
+impl T for &S {}
+
+fn main() {
+ let s = S;
+ s.borrow().foo();
+ s.foo();
+}
--
2.41.0

View File

@ -0,0 +1,36 @@
From a627c8f54cab6880dc7d36c55092a94c6f750a6e Mon Sep 17 00:00:00 2001
From: Ariadne Conill <ariadne@dereferenced.org>
Date: Thu, 3 Aug 2023 15:05:40 -0700
Subject: [PATCH] bootstrap: config: fix version comparison bug
Rust requires a previous version of Rust to build, such as the current version, or the
previous version. However, the version comparison logic did not take patch releases
into consideration when doing the version comparison for the current branch, e.g.
Rust 1.71.1 could not be built by Rust 1.71.0 because it is neither an exact version
match, or the previous version.
Adjust the version comparison logic to tolerate mismatches in the patch version.
Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
(cherry picked from commit 31a81a08786826cc6e832bd0b49fb8b934e29648)
---
src/bootstrap/config.rs | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/bootstrap/config.rs b/src/bootstrap/config.rs
index e192cda9a9a7..2b5d0b94e968 100644
--- a/src/bootstrap/config.rs
+++ b/src/bootstrap/config.rs
@@ -1805,7 +1805,8 @@ pub fn check_build_rustc_version(&self) {
.unwrap();
if !(source_version == rustc_version
|| (source_version.major == rustc_version.major
- && source_version.minor == rustc_version.minor + 1))
+ && (source_version.minor == rustc_version.minor
+ || source_version.minor == rustc_version.minor + 1)))
{
let prev_version = format!("{}.{}.x", source_version.major, source_version.minor - 1);
eprintln!(
--
2.41.0

View File

@ -83,8 +83,8 @@
%endif %endif
Name: rust Name: rust
Version: 1.71.0 Version: 1.71.1
Release: 3%{?dist} Release: 1%{?dist}
Summary: The Rust Programming Language Summary: The Rust Programming Language
License: (ASL 2.0 or MIT) and (BSD and MIT) License: (ASL 2.0 or MIT) and (BSD and MIT)
# ^ written as: (rust itself) and (bundled libraries) # ^ written as: (rust itself) and (bundled libraries)
@ -110,21 +110,12 @@ Patch2: rustc-1.70.0-rust-gdb-substitute-path.patch
# TODO: upstream this ability into the actual build configuration # TODO: upstream this ability into the actual build configuration
Patch3: 0001-Let-environment-variables-override-some-default-CPUs.patch Patch3: 0001-Let-environment-variables-override-some-default-CPUs.patch
# Restore LD_LIBRARY_PATH when running lint-docs
# https://github.com/rust-lang/rust/pull/110521#issuecomment-1629705099
Patch4: 0001-Revert-Fix-x-test-lint-docs-when-download-rustc-is-e.patch
# Restore the bash completion path
# https://github.com/rust-lang/rust/pull/110906#issuecomment-1629832675
Patch5: 0001-Revert-fix-bug-etc-bash_complettion-src-etc-.-to-avo.patch
# (c9s) rhbz2225471: relax the suspicious_double_ref_op lint
# https://github.com/rust-lang/rust/pull/112517
Patch6: 0001-Rollup-merge-of-112517-fee1-dead-contrib-sus-op-no-b.patch
# Enable the profiler runtime for native hosts # Enable the profiler runtime for native hosts
# https://github.com/rust-lang/rust/pull/114069 # https://github.com/rust-lang/rust/pull/114069
Patch7: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch Patch4: 0001-Allow-using-external-builds-of-the-compiler-rt-profi.patch
# https://github.com/rust-lang/rust/pull/114440
Patch5: 0001-bootstrap-config-fix-version-comparison-bug.patch
### RHEL-specific patches below ### ### RHEL-specific patches below ###
@ -600,8 +591,6 @@ test -f '%{local_rust_root}/bin/rustc'
%patch -P3 -p1 %patch -P3 -p1
%patch -P4 -p1 %patch -P4 -p1
%patch -P5 -p1 %patch -P5 -p1
%patch -P6 -p1
%patch -P7 -p1
%if %with disabled_libssh2 %if %with disabled_libssh2
%patch -P100 -p1 %patch -P100 -p1
@ -915,7 +904,10 @@ done
# The results are not stable on koji, so mask errors and just log it. # The results are not stable on koji, so mask errors and just log it.
# Some of the larger test artifacts are manually cleaned to save space. # Some of the larger test artifacts are manually cleaned to save space.
%{__python3} ./x.py test --no-fail-fast || :
# Bootstrap is excluded because it's not something we ship, and a lot of its
# tests are geared toward the upstream CI environment.
%{__python3} ./x.py test --no-fail-fast --exclude src/bootstrap || :
rm -rf "./build/%{rust_triple}/test/" rm -rf "./build/%{rust_triple}/test/"
%{__python3} ./x.py test --no-fail-fast cargo || : %{__python3} ./x.py test --no-fail-fast cargo || :
@ -1081,6 +1073,10 @@ end}
%changelog %changelog
* Mon Aug 07 2023 Josh Stone <jistone@redhat.com> - 1.71.1-1
- Update to 1.71.1.
- Security fix for CVE-2023-38497
* Tue Jul 25 2023 Josh Stone <jistone@redhat.com> - 1.71.0-3 * Tue Jul 25 2023 Josh Stone <jistone@redhat.com> - 1.71.0-3
- Relax the suspicious_double_ref_op lint - Relax the suspicious_double_ref_op lint
- Enable the profiler runtime for native hosts - Enable the profiler runtime for native hosts

View File

@ -1,2 +1,2 @@
SHA512 (rustc-1.71.0-src.tar.xz) = 2c93bafdd248563765a285add48ca77c1e4bad4d5431675ae6a5cdee4cfe7a41e6bcc880a489ca1069a307fd9a005f2d5f8e230dfc95b4a69152b4f9ca49ac44 SHA512 (rustc-1.71.1-src.tar.xz) = fd0e5a16bdbeb539184513583089e55f681cb772810df357b6b1464853f7022ac02edab3dd155b2262ed0047e2a25dea3808dd078dcdfce9d399384465009db4
SHA512 (wasi-libc-wasi-sdk-20.tar.gz) = e264240dc7dbcf6398c8ca09bc108298f4a8aa955af22de5a3015fbcde81cb09dd83cd48349090082d5de0e8a3dbcf746c7b14657c67657b3f2f1ab28bb9cf05 SHA512 (wasi-libc-wasi-sdk-20.tar.gz) = e264240dc7dbcf6398c8ca09bc108298f4a8aa955af22de5a3015fbcde81cb09dd83cd48349090082d5de0e8a3dbcf746c7b14657c67657b3f2f1ab28bb9cf05