From 89279d87c5d3e0ea330be1f927e3f3bc59dbc2a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C3=81LI=20G=C3=A1bor=20J=C3=A1nos?= Date: Thu, 3 Aug 2023 10:10:44 +0200 Subject: Update to Linux 6.1 and Alpine 3.18 - Update base-layout to 3.4.3 - Update busybox to 1.36.1 - Update iptables to 1.8.9 - Update linux-lts to 6.1.53 - Update to openrc to 0.48 - Update rtl8821ce to snapshot of 20230915 - Replace rtwB88 with a third-party driver - Update rtw89 to snapshot of 20230913 - Import wpa_supplicant fixes from Arch Linux --- ...ault-to-sbin-nologin-as-shell-for-system-.patch | 23 - ...-ash-add-built-in-BB_ASH_VERSION-variable.patch | 82 ---- ...defined-warnings-when-building-with-utmps.patch | 93 ---- ...dd-support-for-ignore-devno-like-GNU-cpio.patch | 88 ---- ...ddr2str-ensure-only-printable-characters-.patch | 40 -- ...1-modinfo-add-k-option-for-kernel-version.patch | 140 ------ ...eck-ELF-header-before-calling-finit_modul.patch | 149 ++++++ ...ck-ELF-header-before-calling-finit_module.patch | 152 ------ ...nstall-applet-to-sbin-instead-of-usr-sbin.patch | 27 -- ...support-for-matching-against-UID-and-RUID.patch | 138 ------ .../0001-properly-fix-wget-https-support.patch | 69 --- ...1-rev-correct-output-for-long-input-lines.patch | 91 ---- ...-sed-check-errors-writing-file-with-sed-i.patch | 66 --- ...ault-to-sbin-nologin-as-shell-for-system-.patch | 26 ++ ...support-for-renumber-inodes-like-GNU-cpio.patch | 129 ------ ...sck-resolve-LABEL-.-UUID-.-spec-to-device.patch | 56 --- ...nitize-all-printed-strings-with-printable.patch | 68 --- ...-ash-add-built-in-BB_ASH_VERSION-variable.patch | 85 ++++ aports/busybox/0003-ash-exec-busybox.static.patch | 22 - ...edefined-warnings-when-buiding-with-utmps.patch | 108 +++++ .../0004-app-location-for-cpio-vi-and-lspci.patch | 51 -- ...ddr2str-ensure-only-printable-characters-.patch | 40 ++ ...-udhcpc-set-default-discover-retries-to-5.patch | 55 --- ...6-modinfo-add-k-option-for-kernel-version.patch | 140 ++++++ ...ng-make-ping-work-without-root-privileges.patch | 206 --------- .../0007-fbsplash-support-console-switching.patch | 179 -------- ...nstall-applet-to-sbin-instead-of-usr-sbin.patch | 31 ++ ...pport-image-and-bar-alignment-and-positio.patch | 176 ------- ...support-for-matching-against-UID-and-RUID.patch | 138 ++++++ ...upport-generating-kmod-binary-index-files.patch | 507 -------------------- .../0009-properly-fix-wget-https-support.patch | 72 +++ ...for-not-following-symlinks-when-recursing.patch | 56 --- ...-sed-check-errors-writing-file-with-sed-i.patch | 63 +++ ...sck-resolve-LABEL-.-UUID-.-spec-to-device.patch | 59 +++ ...nitize-all-printed-strings-with-printable.patch | 67 +++ ...012-udhcpc-Don-t-background-if-n-is-given.patch | 96 ---- aports/busybox/0013-ash-exec-busybox.static.patch | 25 + .../0013-ash-fix-unsafe-use-of-mempcpy.patch | 32 -- .../0014-app-location-for-cpio-vi-and-lspci.patch | 55 +++ ...e-after-free-in-bash-pattern-substitution.patch | 81 ---- ...se-memcpy-with-overlapping-memory-regions.patch | 34 -- ...-udhcpc-set-default-discover-retries-to-5.patch | 59 +++ ...ead-past-end-of-var-in-subvareval-for-bas.patch | 88 ---- ...ng-make-ping-work-without-root-privileges.patch | 209 +++++++++ ...17-ash-Fix-use-after-free-on-idx-variable.patch | 94 ---- .../0017-fbsplash-support-console-switching.patch | 182 ++++++++ .../0018-ash-fix-ifs-cleanup-on-error-paths.patch | 91 ---- ...pport-image-and-bar-alignment-and-positio.patch | 180 ++++++++ ...upport-generating-kmod-binary-index-files.patch | 511 +++++++++++++++++++++ ...for-not-following-symlinks-when-recursing.patch | 60 +++ ...021-udhcpc-Don-t-background-if-n-is-given.patch | 100 ++++ .../busybox/0023-tests-fix-tarball-creation.patch | 29 ++ ...doesn-t-seem-to-recognize-UTC0-as-a-timez.patch | 40 ++ ...disable-HW-acceleration-for-MD5-SHA1-on-x.patch | 46 ++ .../0026-lineedit-Handle-SIGWINCH-gracefully.patch | 61 +++ ...ement-O-option-to-unmount-by-mount-option.patch | 195 ++++++++ ...e-after-free-in-bash-pattern-substitution.patch | 34 ++ ...-after-realloc-CVE-2021-42380-closes-1560.patch | 82 ++++ ...void-segfault-on-0-0-0-09J-.-Closes-15216.patch | 80 ++++ aports/busybox/APKBUILD | 140 +++--- aports/busybox/CVE-2022-30065.patch | 63 --- aports/busybox/acpid.initd | 5 +- aports/busybox/config | 15 +- aports/busybox/crond.initd | 5 +- aports/busybox/default.script | 2 +- aports/busybox/syslog.initd | 5 +- aports/busybox/udhcpd.initd | 9 +- 67 files changed, 3023 insertions(+), 3177 deletions(-) delete mode 100644 aports/busybox/0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch delete mode 100644 aports/busybox/0001-ash-add-built-in-BB_ASH_VERSION-variable.patch delete mode 100644 aports/busybox/0001-avoid-redefined-warnings-when-building-with-utmps.patch delete mode 100644 aports/busybox/0001-cpio-add-support-for-ignore-devno-like-GNU-cpio.patch delete mode 100644 aports/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch delete mode 100644 aports/busybox/0001-modinfo-add-k-option-for-kernel-version.patch create mode 100644 aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_modul.patch delete mode 100644 aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_module.patch delete mode 100644 aports/busybox/0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch delete mode 100644 aports/busybox/0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch delete mode 100644 aports/busybox/0001-properly-fix-wget-https-support.patch delete mode 100644 aports/busybox/0001-rev-correct-output-for-long-input-lines.patch delete mode 100644 aports/busybox/0001-sed-check-errors-writing-file-with-sed-i.patch create mode 100644 aports/busybox/0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch delete mode 100644 aports/busybox/0002-cpio-add-support-for-renumber-inodes-like-GNU-cpio.patch delete mode 100644 aports/busybox/0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch delete mode 100644 aports/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch create mode 100644 aports/busybox/0003-ash-add-built-in-BB_ASH_VERSION-variable.patch delete mode 100644 aports/busybox/0003-ash-exec-busybox.static.patch create mode 100644 aports/busybox/0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch delete mode 100644 aports/busybox/0004-app-location-for-cpio-vi-and-lspci.patch create mode 100644 aports/busybox/0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch delete mode 100644 aports/busybox/0005-udhcpc-set-default-discover-retries-to-5.patch create mode 100644 aports/busybox/0006-modinfo-add-k-option-for-kernel-version.patch delete mode 100644 aports/busybox/0006-ping-make-ping-work-without-root-privileges.patch delete mode 100644 aports/busybox/0007-fbsplash-support-console-switching.patch create mode 100644 aports/busybox/0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch delete mode 100644 aports/busybox/0008-fbsplash-support-image-and-bar-alignment-and-positio.patch create mode 100644 aports/busybox/0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch delete mode 100644 aports/busybox/0009-depmod-support-generating-kmod-binary-index-files.patch create mode 100644 aports/busybox/0009-properly-fix-wget-https-support.patch delete mode 100644 aports/busybox/0010-Add-flag-for-not-following-symlinks-when-recursing.patch create mode 100644 aports/busybox/0010-sed-check-errors-writing-file-with-sed-i.patch create mode 100644 aports/busybox/0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch create mode 100644 aports/busybox/0012-nslookup-sanitize-all-printed-strings-with-printable.patch delete mode 100644 aports/busybox/0012-udhcpc-Don-t-background-if-n-is-given.patch create mode 100644 aports/busybox/0013-ash-exec-busybox.static.patch delete mode 100644 aports/busybox/0013-ash-fix-unsafe-use-of-mempcpy.patch create mode 100644 aports/busybox/0014-app-location-for-cpio-vi-and-lspci.patch delete mode 100644 aports/busybox/0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch delete mode 100644 aports/busybox/0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch create mode 100644 aports/busybox/0015-udhcpc-set-default-discover-retries-to-5.patch delete mode 100644 aports/busybox/0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch create mode 100644 aports/busybox/0016-ping-make-ping-work-without-root-privileges.patch delete mode 100644 aports/busybox/0017-ash-Fix-use-after-free-on-idx-variable.patch create mode 100644 aports/busybox/0017-fbsplash-support-console-switching.patch delete mode 100644 aports/busybox/0018-ash-fix-ifs-cleanup-on-error-paths.patch create mode 100644 aports/busybox/0018-fbsplash-support-image-and-bar-alignment-and-positio.patch create mode 100644 aports/busybox/0019-depmod-support-generating-kmod-binary-index-files.patch create mode 100644 aports/busybox/0020-Add-flag-for-not-following-symlinks-when-recursing.patch create mode 100644 aports/busybox/0021-udhcpc-Don-t-background-if-n-is-given.patch create mode 100644 aports/busybox/0023-tests-fix-tarball-creation.patch create mode 100644 aports/busybox/0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch create mode 100644 aports/busybox/0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch create mode 100644 aports/busybox/0026-lineedit-Handle-SIGWINCH-gracefully.patch create mode 100644 aports/busybox/0027-umount-Implement-O-option-to-unmount-by-mount-option.patch create mode 100644 aports/busybox/0028-ash-use-after-free-in-bash-pattern-substitution.patch create mode 100644 aports/busybox/0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch create mode 100644 aports/busybox/0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch delete mode 100644 aports/busybox/CVE-2022-30065.patch (limited to 'aports/busybox') diff --git a/aports/busybox/0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch b/aports/busybox/0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch deleted file mode 100644 index 47f9f9a..0000000 --- a/aports/busybox/0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch +++ /dev/null @@ -1,23 +0,0 @@ -From eceebc4fbf064ca04d0f0a639c8a7c600190170f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Sun, 13 Jan 2019 19:07:16 +0100 -Subject: [PATCH] adduser: default to /sbin/nologin as shell for system - accounts - ---- - loginutils/adduser.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/loginutils/adduser.c b/loginutils/adduser.c -index b2b5be5b3..9326a9795 100644 ---- a/loginutils/adduser.c -+++ b/loginutils/adduser.c -@@ -235,7 +235,7 @@ int adduser_main(int argc UNUSED_PARAM, char **argv) - usegroup = "nogroup"; - } - if (!(opts & OPT_SHELL)) { -- pw.pw_shell = (char *) "/bin/false"; -+ pw.pw_shell = (char *) "/sbin/nologin"; - } - } - pw.pw_gid = usegroup ? xgroup2gid(usegroup) : -1; /* exits on failure */ diff --git a/aports/busybox/0001-ash-add-built-in-BB_ASH_VERSION-variable.patch b/aports/busybox/0001-ash-add-built-in-BB_ASH_VERSION-variable.patch deleted file mode 100644 index d8f5ea0..0000000 --- a/aports/busybox/0001-ash-add-built-in-BB_ASH_VERSION-variable.patch +++ /dev/null @@ -1,82 +0,0 @@ -From df5fffa062ebc46bd13d65c84a4abca6ae1c614d Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Wed, 10 Mar 2021 23:38:57 -0700 -Subject: [PATCH] ash: add built-in $BB_ASH_VERSION variable - -This is helpful for detecting if the shell is busybox ash or not, -which is necessary for enabling ash-specific features in /etc/profile -and Alpine's default $ENV. - -https://gitlab.alpinelinux.org/alpine/aports/-/issues/12398 outlines -the rationale for detecting what shell is running in /etc/profile and -similar. - -function old new delta -.rodata 77899 77925 +26 -varinit_data 360 384 +24 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 2/0 up/down: 50/0) Total: 50 bytes - -Signed-off-by: Ariadne Conill ---- - shell/ash.c | 28 ++++++++++++++++++++-------- - 1 file changed, 20 insertions(+), 8 deletions(-) - -diff --git a/shell/ash.c b/shell/ash.c -index 827643808..5f8f41ee9 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -153,6 +153,14 @@ - //config: you to run the specified command or builtin, - //config: even when there is a function with the same name. - //config: -+//config:config ASH_VERSION_VAR -+//config: bool "declare $BB_ASH_VERSION variable" -+//config: default y -+//config: depends on SHELL_ASH -+//config: help -+//config: Enable support for declaring the $BB_ASH_VERSION variable, -+//config: which is set as the busybox version. -+//config: - //config:endif # ash options - - //applet:IF_ASH(APPLET(ash, BB_DIR_BIN, BB_SUID_DROP)) -@@ -2138,6 +2146,9 @@ static const struct { - { VSTRFIXED|VTEXTFIXED , "PS1=$ " , NULL }, - { VSTRFIXED|VTEXTFIXED , "PS2=> " , NULL }, - { VSTRFIXED|VTEXTFIXED , "PS4=+ " , NULL }, -+#if ENABLE_ASH_VERSION_VAR -+ { VSTRFIXED|VTEXTFIXED , "BB_ASH_VERSION=" BB_VER, NULL }, -+#endif - #if ENABLE_ASH_GETOPTS - { VSTRFIXED|VTEXTFIXED , defoptindvar, getoptsreset }, - #endif -@@ -2197,19 +2208,20 @@ extern struct globals_var *BB_GLOBAL_CONST ash_ptr_to_globals_var; - #define vps1 varinit[VAR_OFFSET1 + 2] - #define vps2 varinit[VAR_OFFSET1 + 3] - #define vps4 varinit[VAR_OFFSET1 + 4] -+#define VAR_OFFSET2 (VAR_OFFSET1 + ENABLE_ASH_VERSION_VAR) - #if ENABLE_ASH_GETOPTS --# define voptind varinit[VAR_OFFSET1 + 5] -+# define voptind varinit[VAR_OFFSET2 + 5] - #endif --#define VAR_OFFSET2 (VAR_OFFSET1 + ENABLE_ASH_GETOPTS) --#define vlineno varinit[VAR_OFFSET2 + 5] --#define vfuncname varinit[VAR_OFFSET2 + 6] -+#define VAR_OFFSET3 (VAR_OFFSET2 + ENABLE_ASH_GETOPTS) -+#define vlineno varinit[VAR_OFFSET3 + 5] -+#define vfuncname varinit[VAR_OFFSET3 + 6] - #if ENABLE_ASH_RANDOM_SUPPORT --# define vrandom varinit[VAR_OFFSET2 + 7] -+# define vrandom varinit[VAR_OFFSET3 + 7] - #endif --#define VAR_OFFSET3 (VAR_OFFSET2 + ENABLE_ASH_RANDOM_SUPPORT) -+#define VAR_OFFSET4 (VAR_OFFSET2 + ENABLE_ASH_RANDOM_SUPPORT) - #if BASH_EPOCH_VARS --# define vepochs varinit[VAR_OFFSET3 + 7] --# define vepochr varinit[VAR_OFFSET3 + 8] -+# define vepochs varinit[VAR_OFFSET4 + 7] -+# define vepochr varinit[VAR_OFFSET4 + 8] - #endif - #define INIT_G_var() do { \ - unsigned i; \ diff --git a/aports/busybox/0001-avoid-redefined-warnings-when-building-with-utmps.patch b/aports/busybox/0001-avoid-redefined-warnings-when-building-with-utmps.patch deleted file mode 100644 index 1ce06f8..0000000 --- a/aports/busybox/0001-avoid-redefined-warnings-when-building-with-utmps.patch +++ /dev/null @@ -1,93 +0,0 @@ -From 711de34e8fa42bd9ec704cc922db937edada84d8 Mon Sep 17 00:00:00 2001 -From: Laurent Bercot -Date: Fri, 22 Jul 2022 01:35:14 +0200 -Subject: [PATCH] Avoid redefined warnings when buiding with utmps - -Do not use _PATH_UTMP or _PATH_WTMP, and do not touch -the files directly. ---- - include/libbb.h | 8 +++----- - libbb/messages.c | 4 ++-- - libbb/utmp.c | 8 ++++---- - util-linux/last_fancy.c | 2 +- - 4 files changed, 10 insertions(+), 12 deletions(-) - -diff --git a/include/libbb.h b/include/libbb.h -index abbc9ac59..405108b17 100644 ---- a/include/libbb.h -+++ b/include/libbb.h -@@ -107,14 +107,12 @@ - # define _PATH_UTMPX _PATH_UTMP - # else - # if !defined(__FreeBSD__) --# include -+# include -+# define _CORRECT_PATH_UTMPX "/run/utmps/utmp" -+# define _CORRECT_PATH_WTMP "/var/log/wtmp" - # else - # define _PATH_UTMPX "/var/run/utx.active" - # endif --# include --# if defined _PATH_UTMP && !defined _PATH_UTMPX --# define _PATH_UTMPX _PATH_UTMP --# endif - # endif - #endif - #if ENABLE_LOCALE_SUPPORT -diff --git a/libbb/messages.c b/libbb/messages.c -index 6914d5701..689dd0c6d 100644 ---- a/libbb/messages.c -+++ b/libbb/messages.c -@@ -42,8 +42,8 @@ const int const_int_0 = 0; - #if ENABLE_FEATURE_WTMP - /* This is usually something like "/var/adm/wtmp" or "/var/log/wtmp" */ - const char bb_path_wtmp_file[] ALIGN1 = --# if defined _PATH_WTMP -- _PATH_WTMP; -+# if defined _CORRECT_PATH_WTMP -+ _CORRECT_PATH_WTMP; - # elif defined WTMP_FILE - WTMP_FILE; - # else -diff --git a/libbb/utmp.c b/libbb/utmp.c -index bd07670db..463ee1317 100644 ---- a/libbb/utmp.c -+++ b/libbb/utmp.c -@@ -45,8 +45,8 @@ void FAST_FUNC write_new_utmp(pid_t pid, int new_type, const char *tty_name, con - tty_name += 3; - strncpy(id, tty_name, width); - -- touch(_PATH_UTMPX); -- //utmpxname(_PATH_UTMPX); -+ //touch(_CORRECT_PATH_UTMPX); -+ //utmpxname(_CORRECT_PATH_UTMPX); - setutxent(); - /* Append new one (hopefully, unless we collide on ut_id) */ - pututxline(&utent); -@@ -67,8 +67,8 @@ void FAST_FUNC update_utmp(pid_t pid, int new_type, const char *tty_name, const - struct utmpx utent; - struct utmpx *utp; - -- touch(_PATH_UTMPX); -- //utmpxname(_PATH_UTMPX); -+ //touch(_CORRECT_PATH_UTMPX); -+ //utmpxname(_CORRECT_PATH_UTMPX); - setutxent(); - - /* Did init/getty/telnetd/sshd/... create an entry for us? -diff --git a/util-linux/last_fancy.c b/util-linux/last_fancy.c -index 648236229..aa7a62bbe 100644 ---- a/util-linux/last_fancy.c -+++ b/util-linux/last_fancy.c -@@ -159,7 +159,7 @@ int last_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; - int last_main(int argc UNUSED_PARAM, char **argv) - { - struct utmpx ut; -- const char *filename = _PATH_WTMP; -+ const char *filename = _CORRECT_PATH_WTMP; - llist_t *zlist; - off_t pos; - time_t start_time; --- -2.37.1 - diff --git a/aports/busybox/0001-cpio-add-support-for-ignore-devno-like-GNU-cpio.patch b/aports/busybox/0001-cpio-add-support-for-ignore-devno-like-GNU-cpio.patch deleted file mode 100644 index a9b0b8f..0000000 --- a/aports/busybox/0001-cpio-add-support-for-ignore-devno-like-GNU-cpio.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 808d176a4da607ed3187d58605d089b373694ba2 Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Mon, 28 Jun 2021 07:09:25 -0600 -Subject: [PATCH 1/2] cpio: add support for --ignore-devno like GNU cpio - -The --ignore-devno option is used to set device numbers to (0, 0). -This can be useful in verifying whether a CPIO archive is reproducible. - -function old new delta -cpio_o 922 961 +39 -.rodata 78407 78422 +15 -bbconfig_config_bz2 6161 6167 +6 -packed_usage 25770 25764 -6 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 3/1 up/down: 60/-6) Total: 54 bytes - -Signed-off-by: Ariadne Conill ---- - archival/cpio.c | 20 ++++++++++++++++++++ - 1 file changed, 20 insertions(+) - -diff --git a/archival/cpio.c b/archival/cpio.c -index d84f6937d..4d386d38d 100644 ---- a/archival/cpio.c -+++ b/archival/cpio.c -@@ -38,6 +38,13 @@ - //config: depends on FEATURE_CPIO_O - //config: help - //config: Passthrough mode. Rarely used. -+//config: -+//config:config FEATURE_CPIO_IGNORE_DEVNO -+//config: bool "Support --ignore-devno like GNU cpio" -+//config: default y -+//config: depends on FEATURE_CPIO_O && LONG_OPTS -+//config: help -+//config: Optionally ignore device numbers when creating archives. - - //applet:IF_CPIO(APPLET(cpio, BB_DIR_BIN, BB_SUID_DROP)) - -@@ -75,6 +82,9 @@ - //usage: "\n -R USER[:GRP] Set owner of created files" - //usage: "\n -L Dereference symlinks" - //usage: "\n -0 Input is separated by NULs" -+//usage: IF_FEATURE_CPIO_IGNORE_DEVNO( -+//usage: "\n --ignore-devno" -+//usage: ) - - /* GNU cpio 2.9 --help (abridged): - -@@ -162,11 +172,13 @@ enum { - IF_FEATURE_CPIO_P(OPTBIT_PASSTHROUGH,) - IF_LONG_OPTS( OPTBIT_QUIET ,) - IF_LONG_OPTS( OPTBIT_2STDOUT ,) -+ IF_FEATURE_CPIO_IGNORE_DEVNO(OPTBIT_IGNORE_DEVNO,) - OPT_CREATE = IF_FEATURE_CPIO_O((1 << OPTBIT_CREATE )) + 0, - OPT_FORMAT = IF_FEATURE_CPIO_O((1 << OPTBIT_FORMAT )) + 0, - OPT_PASSTHROUGH = IF_FEATURE_CPIO_P((1 << OPTBIT_PASSTHROUGH)) + 0, - OPT_QUIET = IF_LONG_OPTS( (1 << OPTBIT_QUIET )) + 0, - OPT_2STDOUT = IF_LONG_OPTS( (1 << OPTBIT_2STDOUT )) + 0, -+ OPT_IGNORE_DEVNO = IF_FEATURE_CPIO_IGNORE_DEVNO((1 << OPTBIT_IGNORE_DEVNO)) + 0, - }; - - #define OPTION_STR "it0uvdmLF:R:" -@@ -304,6 +316,11 @@ static NOINLINE int cpio_o(void) - } - } - -+#if ENABLE_FEATURE_CPIO_IGNORE_DEVNO -+ if (option_mask32 & OPT_IGNORE_DEVNO) -+ st.st_dev = st.st_rdev = 0; -+#endif -+ - bytes += printf("070701" - "%08X%08X%08X%08X%08X%08X%08X" - "%08X%08X%08X%08X" /* GNU cpio uses uppercase hex */ -@@ -379,6 +396,9 @@ int cpio_main(int argc UNUSED_PARAM, char **argv) - "null\0" No_argument "0" - "quiet\0" No_argument "\xff" - "to-stdout\0" No_argument "\xfe" -+#if ENABLE_FEATURE_CPIO_IGNORE_DEVNO -+ "ignore-devno\0" No_argument "\xfd" -+#endif - ; - #endif - --- -2.32.0 - diff --git a/aports/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/aports/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch deleted file mode 100644 index 1d1716e..0000000 --- a/aports/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 0c8da1bead8ffaf270b4b723ead2c517371405d7 Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Sun, 3 Apr 2022 12:14:33 +0000 -Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are - returned for the hostname part - -CVE: Pending -Upstream-Status: Pending -Signed-off-by: Ariadne Conill ---- - libbb/xconnect.c | 5 +++-- - 1 file changed, 3 insertions(+), 2 deletions(-) - -diff --git a/libbb/xconnect.c b/libbb/xconnect.c -index 0e0b247b8..02c061e67 100644 ---- a/libbb/xconnect.c -+++ b/libbb/xconnect.c -@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) - ); - if (rc) - return NULL; -+ /* ensure host contains only printable characters */ - if (flags & IGNORE_PORT) -- return xstrdup(host); -+ return xstrdup(printable_string(host)); - #if ENABLE_FEATURE_IPV6 - if (sa->sa_family == AF_INET6) { - if (strchr(host, ':')) /* heh, it's not a resolved hostname */ -@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) - #endif - /* For now we don't support anything else, so it has to be INET */ - /*if (sa->sa_family == AF_INET)*/ -- return xasprintf("%s:%s", host, serv); -+ return xasprintf("%s:%s", printable_string(host), serv); - /*return xstrdup(host);*/ - } - --- -2.35.1 - diff --git a/aports/busybox/0001-modinfo-add-k-option-for-kernel-version.patch b/aports/busybox/0001-modinfo-add-k-option-for-kernel-version.patch deleted file mode 100644 index f1bf02f..0000000 --- a/aports/busybox/0001-modinfo-add-k-option-for-kernel-version.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 8fed81a74070cb42e1dff1a8c2382bd123385e22 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Thu, 28 Apr 2022 16:03:16 +0200 -Subject: [PATCH] modinfo: add -k option for kernel version - -It is useful to be able to specify kernel version when generating -initramfs and similar for a kernel version that might not be the running -one. - -bloatcheck on x86_64: - -function old new delta -packed_usage 26193 26218 +25 -modinfo_main 391 414 +23 -.rodata 80296 80298 +2 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 3/0 up/down: 50/0) Total: 50 -bytes - text data bss dec hex filename - 834606 14124 2008 850738 cfb32 busybox_old - 834657 14124 2008 850789 cfb65 busybox_unstripped - -Signed-off-by: Natanael Copa ---- - modutils/modinfo.c | 30 ++++++++++++++++++------------ - 1 file changed, 18 insertions(+), 12 deletions(-) - -diff --git a/modutils/modinfo.c b/modutils/modinfo.c -index 0a86c3296..53bc02880 100644 ---- a/modutils/modinfo.c -+++ b/modutils/modinfo.c -@@ -38,17 +38,18 @@ static const char *const shortcuts[] ALIGN_PTR = { - - enum { - OPT_0 = (1 << 0), /* \0 as separator */ -- OPT_F = (1 << 1), /* field name */ -+ OPT_k = (1 << 1), /* kernel version */ -+ OPT_F = (1 << 2), /* field name */ - /* first bits are for -nadlp options, the rest are for - * fields not selectable with "shortcut" options - */ -- OPT_n = (1 << 2), -- OPT_TAGS = ((1 << ARRAY_SIZE(shortcuts)) - 1) << 2, -+ OPT_n = (1 << 3), -+ OPT_TAGS = ((1 << ARRAY_SIZE(shortcuts)) - 1) << 3, - }; - - static void display(const char *data, const char *pattern) - { -- int flag = option_mask32 >> 1; /* shift out -0 bit */ -+ int flag = option_mask32 >> 2; /* shift out -0 and -k bits */ - if (flag & (flag-1)) { - /* more than one field to show: print "FIELD:" pfx */ - int n = printf("%s:", pattern); -@@ -82,7 +83,8 @@ static void modinfo(const char *path, const char *version, - } - } - -- for (j = 1; (1< +Date: Sun, 3 Jan 2021 16:00:14 +0000 +Subject: [PATCH] modutils: check ELF header before calling finit_module() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +finit_module() and init_module() system calls have clear specification +to only accept valid ELF image. + +Although we try finit_module() on compressed modules to let the kernel +determine if it's an ELF image, but it's not ideal, especially when +newer kernel will complain when some invalid files/memory is passed in. + +Treat the kernel better by just doing a very basic ELF header check +before calling finit_module(). + +Signed-off-by: Qu Wenruo +--- + modutils/modprobe-small.c | 33 ++++++++++++++++++++++++++++++++- + modutils/modutils.c | 37 ++++++++++++++++++++++++++++++++++++- + 2 files changed, 68 insertions(+), 2 deletions(-) + +diff --git a/modutils/modprobe-small.c b/modutils/modprobe-small.c +index b61651621..4763e0811 100644 +--- a/modutils/modprobe-small.c ++++ b/modutils/modprobe-small.c +@@ -24,6 +24,7 @@ + //kbuild:lib-$(CONFIG_MODPROBE_SMALL) += modprobe-small.o + + #include "libbb.h" ++#include /* for ELF header magic */ + /* After libbb.h, since it needs sys/types.h on some systems */ + #include /* uname() */ + #include +@@ -249,6 +250,33 @@ static const char *moderror(int err) + } + } + ++#ifdef __NR_finit_module ++/* ++ * Return: ++ * 0 on success, ++ * <0 for error. ++ * ++ * finit_module()/init_module() only accepts ELF format. ++ * Do basic ELF check to avoid calling finit_module() with compressed module. ++ */ ++static int check_elf_header(int fd) ++{ ++ unsigned char buf[EI_NIDENT]; ++ int ret; ++ ++ ret = pread(fd, buf, sizeof(buf), 0); ++ if (ret < sizeof(buf)) ++ return -EIO; ++ if (buf[EI_MAG0] != ELFMAG0 || ++ buf[EI_MAG1] != ELFMAG1 || ++ buf[EI_MAG2] != ELFMAG2 || ++ buf[EI_MAG3] != ELFMAG3) ++ return -EINVAL; ++ /* Other more comprehensive check will be done inside kernel */ ++ return 0; ++} ++#endif ++ + static int load_module(const char *fname, const char *options) + { + #if 1 +@@ -272,7 +300,10 @@ static int load_module(const char *fname, const char *options) + { + int fd = open(fname, O_RDONLY | O_CLOEXEC); + if (fd >= 0) { +- r = finit_module(fd, options, 0) != 0; ++ if (!check_elf_header(fd)) ++ r = finit_module(fd, options, 0) != 0; ++ else ++ r = 1; + close(fd); + } + } +diff --git a/modutils/modutils.c b/modutils/modutils.c +index f7ad5e805..037d609e4 100644 +--- a/modutils/modutils.c ++++ b/modutils/modutils.c +@@ -7,6 +7,7 @@ + */ + #include "modutils.h" + ++#include + #include + + #define init_module(mod, len, opts) syscall(__NR_init_module, mod, len, opts) +@@ -186,6 +187,33 @@ void* FAST_FUNC try_to_mmap_module(const char *filename, size_t *image_size_p) + } + #endif + ++#ifdef __NR_finit_module ++/* ++ * Return: ++ * 0 on success, ++ * <0 for error. ++ * ++ * finit_module()/init_module() only accepts ELF format. ++ * Do basic ELF check to avoid calling finit_module() with compressed module. ++ */ ++static int check_elf_header(int fd) ++{ ++ unsigned char buf[EI_NIDENT]; ++ int ret; ++ ++ ret = pread(fd, buf, sizeof(buf), 0); ++ if (ret < sizeof(buf)) ++ return -EIO; ++ if (buf[EI_MAG0] != ELFMAG0 || ++ buf[EI_MAG1] != ELFMAG1 || ++ buf[EI_MAG2] != ELFMAG2 || ++ buf[EI_MAG3] != ELFMAG3) ++ return -EINVAL; ++ /* Other more comprehensive check will be done inside kernel */ ++ return 0; ++} ++#endif ++ + /* Return: + * 0 on success, + * -errno on open/read error, +@@ -212,12 +240,19 @@ int FAST_FUNC bb_init_module(const char *filename, const char *options) + * to only allow loading of modules off of secure storage (like a read- + * only rootfs) which needs the finit_module call. If it fails, we fall + * back to normal module loading to support compressed modules. ++ * ++ * Note that finit_module()/init_module() only accept ELF image, do ++ * basic check before calling finit_module() to avoid kernel ++ * complaining. + */ + # ifdef __NR_finit_module + { + int fd = open(filename, O_RDONLY | O_CLOEXEC); + if (fd >= 0) { +- rc = finit_module(fd, options, 0) != 0; ++ if (!check_elf_header(fd)) ++ rc = finit_module(fd, options, 0) != 0; ++ else ++ rc = 1; + close(fd); + if (rc == 0) + return rc; diff --git a/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_module.patch b/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_module.patch deleted file mode 100644 index 813010e..0000000 --- a/aports/busybox/0001-modutils-check-ELF-header-before-calling-finit_module.patch +++ /dev/null @@ -1,152 +0,0 @@ -Patch-Source: http://lists.busybox.net/pipermail/busybox/2021-January/088398.html -Patch-Source: http://lists.busybox.net/pipermail/busybox/2021-January/088399.html -See-Also: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13427 - -The purpose of this patch is to remove confusing error messages -"Module has invalid ELF structures" produced by kernel when loading gzip -compressed kernel modules using busybox modprobe. --- -From: Qu Wenruo -Date: Sun, 03 Jan 2021 04:10:52 +0000 -Subject: [PATCH v2] modutils: check ELF header before calling finit_module() - -finit_module() and init_module() system calls have clear specification -to only accept valid ELF image. - -Although we try finit_module() on compressed modules to let the kernel -determine if it's an ELF image, but it's not ideal, especially when -newer kernel will complain when some invalid files/memory is passed in. - -Treat the kernel better by just doing a very basic ELF header check -before calling finit_module(). - -Signed-off-by: Qu Wenruo - -diff --git a/modutils/modutils.c b/modutils/modutils.c -index f7ad5e8058fe..037d609e42df 100644 ---- a/modutils/modutils.c -+++ b/modutils/modutils.c -@@ -7,6 +7,7 @@ - */ - #include "modutils.h" - -+#include - #include - - #define init_module(mod, len, opts) syscall(__NR_init_module, mod, len, opts) -@@ -186,6 +187,33 @@ void* FAST_FUNC try_to_mmap_module(const char *filename, size_t *image_size_p) - } - #endif - -+#ifdef __NR_finit_module -+/* -+ * Return: -+ * 0 on success, -+ * <0 for error. -+ * -+ * finit_module()/init_module() only accepts ELF format. -+ * Do basic ELF check to avoid calling finit_module() with compressed module. -+ */ -+static int check_elf_header(int fd) -+{ -+ unsigned char buf[EI_NIDENT]; -+ int ret; -+ -+ ret = pread(fd, buf, sizeof(buf), 0); -+ if (ret < sizeof(buf)) -+ return -EIO; -+ if (buf[EI_MAG0] != ELFMAG0 || -+ buf[EI_MAG1] != ELFMAG1 || -+ buf[EI_MAG2] != ELFMAG2 || -+ buf[EI_MAG3] != ELFMAG3) -+ return -EINVAL; -+ /* Other more comprehensive check will be done inside kernel */ -+ return 0; -+} -+#endif -+ - /* Return: - * 0 on success, - * -errno on open/read error, -@@ -212,12 +240,19 @@ int FAST_FUNC bb_init_module(const char *filename, const char *options) - * to only allow loading of modules off of secure storage (like a read- - * only rootfs) which needs the finit_module call. If it fails, we fall - * back to normal module loading to support compressed modules. -+ * -+ * Note that finit_module()/init_module() only accept ELF image, do -+ * basic check before calling finit_module() to avoid kernel -+ * complaining. - */ - # ifdef __NR_finit_module - { - int fd = open(filename, O_RDONLY | O_CLOEXEC); - if (fd >= 0) { -- rc = finit_module(fd, options, 0) != 0; -+ if (!check_elf_header(fd)) -+ rc = finit_module(fd, options, 0) != 0; -+ else -+ rc = 1; - close(fd); - if (rc == 0) - return rc; - -diff --git a/modutils/modprobe-small.c b/modutils/modprobe-small.c -index db44a2ed0ab5..d2cd6a64c1d0 100644 ---- a/modutils/modprobe-small.c -+++ b/modutils/modprobe-small.c -@@ -24,6 +24,7 @@ - //kbuild:lib-$(CONFIG_MODPROBE_SMALL) += modprobe-small.o - - #include "libbb.h" -+#include /* for ELF header magic */ - /* After libbb.h, since it needs sys/types.h on some systems */ - #include /* uname() */ - #include -@@ -249,6 +250,33 @@ static const char *moderror(int err) - } - } - -+#ifdef __NR_finit_module -+/* -+ * Return: -+ * 0 on success, -+ * <0 for error. -+ * -+ * finit_module()/init_module() only accepts ELF format. -+ * Do basic ELF check to avoid calling finit_module() with compressed module. -+ */ -+static int check_elf_header(int fd) -+{ -+ unsigned char buf[EI_NIDENT]; -+ int ret; -+ -+ ret = pread(fd, buf, sizeof(buf), 0); -+ if (ret < sizeof(buf)) -+ return -EIO; -+ if (buf[EI_MAG0] != ELFMAG0 || -+ buf[EI_MAG1] != ELFMAG1 || -+ buf[EI_MAG2] != ELFMAG2 || -+ buf[EI_MAG3] != ELFMAG3) -+ return -EINVAL; -+ /* Other more comprehensive check will be done inside kernel */ -+ return 0; -+} -+#endif -+ - static int load_module(const char *fname, const char *options) - { - #if 1 -@@ -272,7 +300,10 @@ static int load_module(const char *fname, const char *options) - { - int fd = open(fname, O_RDONLY | O_CLOEXEC); - if (fd >= 0) { -- r = finit_module(fd, options, 0) != 0; -+ if (!check_elf_header(fd)) -+ r = finit_module(fd, options, 0) != 0; -+ else -+ r = 1; - close(fd); - } - } --- -2.29.2 diff --git a/aports/busybox/0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch b/aports/busybox/0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch deleted file mode 100644 index 0cc4db9..0000000 --- a/aports/busybox/0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch +++ /dev/null @@ -1,27 +0,0 @@ -From fa5c4b2e60a98944863097b448960d0744916b1f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Wed, 13 Feb 2019 22:32:44 +0100 -Subject: [PATCH] nologin: Install applet to /sbin instead of /usr/sbin - -This is required to retain compatibility with our old custom nologin -applet written in C which was also installed to /sbin. - -Compatibility with the old path is required because login shell paths -are hardcoded in /etc/passwd. ---- - util-linux/nologin.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/util-linux/nologin.c b/util-linux/nologin.c -index 5e5e42305..b03470ac6 100644 ---- a/util-linux/nologin.c -+++ b/util-linux/nologin.c -@@ -19,7 +19,7 @@ - //config: If you know these will be available externally you can - //config: disable this option. - --//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_USR_SBIN, BB_SUID_DROP, nologin)) -+//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_SBIN, BB_SUID_DROP, nologin)) - - //usage:#define nologin_trivial_usage - //usage: "" diff --git a/aports/busybox/0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch b/aports/busybox/0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch deleted file mode 100644 index 7abfb09..0000000 --- a/aports/busybox/0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch +++ /dev/null @@ -1,138 +0,0 @@ -From 648255c510f9a3f668651842b58798f07ad4c64a Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Mon, 22 Nov 2021 18:33:02 -0600 -Subject: [PATCH] pgrep: add support for matching against UID and RUID - -This is standard functionality on every other pgrep implementation I -found, namely the ones in Illumos, FreeBSD, Linux procps, and macOS. - -Additionally, real world scripts like pipewire-session are dependent -on it being present. - -function old new delta -pgrep_main 818 1007 +189 -packed_usage 26001 26032 +31 -.rodata 78544 78548 +4 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 3/0 up/down: 224/0) Total: 224 bytes - -Signed-off-by: Ariadne Conill ---- - procps/pgrep.c | 37 +++++++++++++++++++++++++++++++++---- - 1 file changed, 33 insertions(+), 4 deletions(-) - -diff --git a/procps/pgrep.c b/procps/pgrep.c -index 6d25c247e..6a12ac23b 100644 ---- a/procps/pgrep.c -+++ b/procps/pgrep.c -@@ -42,6 +42,8 @@ - //usage: "\n -x Match whole name (not substring)" - //usage: "\n -s Match session ID (0 for current)" - //usage: "\n -P Match parent process ID" -+//usage: "\n -u EUID Match against effective UID" -+//usage: "\n -U UID Match against UID" - //usage: - //usage:#define pkill_trivial_usage - //usage: "[-l|-SIGNAL] [-xfvno] [-s SID|-P PPID|PATTERN]" -@@ -55,6 +57,8 @@ - //usage: "\n -v Negate the match" - //usage: "\n -n Signal the newest process only" - //usage: "\n -o Signal the oldest process only" -+//usage: "\n -u EUID Match against effective UID" -+//usage: "\n -U UID Match against UID" - - #include "libbb.h" - #include "xregex.h" -@@ -64,7 +68,7 @@ - #define pkill (ENABLE_PKILL && (!ENABLE_PGREP || applet_name[1] == 'k')) - - enum { -- /* "vlafxons:+P:+" */ -+ /* "vlafxonu:U:s:+P:+" */ - OPTBIT_V = 0, /* must be first, we need OPT_INVERT = 0/1 */ - OPTBIT_L, - OPTBIT_A, -@@ -72,6 +76,8 @@ enum { - OPTBIT_X, - OPTBIT_O, - OPTBIT_N, -+ OPTBIT_U, -+ OPTBIT_UL, - OPTBIT_S, - OPTBIT_P, - }; -@@ -85,6 +91,8 @@ enum { - #define OPT_LAST (opt & (1 << OPTBIT_N)) - #define OPT_SID (opt & (1 << OPTBIT_S)) - #define OPT_PPID (opt & (1 << OPTBIT_P)) -+#define OPT_EUID (opt & (1 << OPTBIT_UL)) -+#define OPT_RUID (opt & (1 << OPTBIT_U)) - - static void act(unsigned pid, char *cmd, int signo) - { -@@ -105,7 +113,8 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) - unsigned opt; - int scan_mask; - int matched_pid; -- int sid2match, ppid2match; -+ int sid2match, ppid2match, uid2match, euid2match; -+ char *uid_arg = NULL, *euid_arg = NULL; - char *cmd_last; - procps_status_t *proc; - /* These are initialized to 0 */ -@@ -131,7 +140,9 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) - /* Parse remaining options */ - ppid2match = -1; - sid2match = -1; -- opt = getopt32(argv, "vlafxons:+P:+", &sid2match, &ppid2match); -+ uid2match = -1; -+ euid2match = -1; -+ opt = getopt32(argv, "vlafxonu:U:s:+P:+", &euid_arg, &uid_arg, &sid2match, &ppid2match); - argv += optind; - - if (pkill && OPT_LIST) { /* -l: print the whole signal list */ -@@ -147,8 +158,18 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) - if (OPT_FULL) - scan_mask |= PSSCAN_ARGVN; - -+ if (euid_arg) { -+ scan_mask |= PSSCAN_UIDGID; -+ euid2match = get_ug_id(euid_arg, xuname2uid); -+ } -+ -+ if (uid_arg) { -+ scan_mask |= PSSCAN_RUIDGID; -+ uid2match = get_ug_id(uid_arg, xuname2uid); -+ } -+ - /* One pattern is required, if no -s and no -P */ -- if ((sid2match & ppid2match) < 0 && (!argv[0] || argv[1])) -+ if ((sid2match & ppid2match) < 0 && uid2match < 0 && euid2match < 0 && (!argv[0] || argv[1])) - bb_show_usage(); - - if (argv[0]) -@@ -170,6 +191,10 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) - continue; - if (sid2match >= 0 && sid2match != proc->sid) - continue; -+ if (euid2match >= 0 && euid2match != proc->uid) -+ continue; -+ if (uid2match >= 0 && uid2match != proc->ruid) -+ continue; - } - - cmdlen = -1; -@@ -202,6 +227,10 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) - goto got_it; - if (sid2match >= 0 && sid2match != proc->sid) - goto got_it; -+ if (euid2match >= 0 && euid2match != proc->uid) -+ goto got_it; -+ if (uid2match >= 0 && uid2match != proc->ruid) -+ goto got_it; - } - - match = !argv[0]; /* if no PATTERN, then it's a match, else... */ --- -2.34.0 - diff --git a/aports/busybox/0001-properly-fix-wget-https-support.patch b/aports/busybox/0001-properly-fix-wget-https-support.patch deleted file mode 100644 index 7e59be7..0000000 --- a/aports/busybox/0001-properly-fix-wget-https-support.patch +++ /dev/null @@ -1,69 +0,0 @@ -From ad8843a3df89aabfa6ebae841de32f22a48c2166 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Wed, 30 May 2018 09:52:20 +0000 -Subject: [PATCH] properly fix wget https support - -See: https://git.alpinelinux.org/cgit/aports/commit/?id=1d0560a9b6b5597b191e5aff69a31c2fe0aba273 ---- - networking/wget.c | 21 ++++++++++++--------- - 1 file changed, 12 insertions(+), 9 deletions(-) - -diff --git a/networking/wget.c b/networking/wget.c -index 6a9604421..96dd4c403 100644 ---- a/networking/wget.c -+++ b/networking/wget.c -@@ -57,7 +57,6 @@ - //config: bool "Support HTTPS using internal TLS code" - //config: default y - //config: depends on WGET --//config: select TLS - //config: help - //config: wget will use internal TLS code to connect to https:// URLs. - //config: It also enables FTPS support, but it's not well tested yet. -@@ -760,10 +759,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) - int pid; - char *servername, *p; - -- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) { -- option_mask32 |= WGET_OPT_NO_CHECK_CERT; -- bb_simple_error_msg("note: TLS certificate validation not implemented"); -- } -+ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT)) -+ bb_simple_error_msg_and_die("note: TLS certificate validation not implemented"); - - servername = xstrdup(host); - p = strrchr(servername, ':'); -@@ -780,14 +777,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) - close(sp[0]); - xmove_fd(sp[1], 0); - xdup2(0, 1); -- if (BB_MMU) { -+ if (BB_MMU && ENABLE_TLS && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) { - tls_state_t *tls = new_tls_state(); - tls->ifd = tls->ofd = network_fd; - tls_handshake(tls, servername); - tls_run_copy_loop(tls, flags); - exit(0); - } else { -- char *argv[6]; -+ char *argv[7], **a; - - xmove_fd(network_fd, 3); - argv[0] = (char*)"ssl_client"; -@@ -795,8 +792,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) - //TODO: if (!is_ip_address(servername))... - argv[2] = (char*)"-n"; - argv[3] = servername; -- argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL); -- argv[5] = NULL; -+ -+ a = &argv[4]; -+ if (flags & TLSLOOP_EXIT_ON_LOCAL_EOF) -+ *a++ = (char*)"-e"; -+ if (!ENABLE_SSL_CLIENT && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) -+ *a++= (char*)"-I"; -+ *a = NULL; -+ - BB_EXECVP(argv[0], argv); - bb_perror_msg_and_die("can't execute '%s'", argv[0]); - } diff --git a/aports/busybox/0001-rev-correct-output-for-long-input-lines.patch b/aports/busybox/0001-rev-correct-output-for-long-input-lines.patch deleted file mode 100644 index ba40a2f..0000000 --- a/aports/busybox/0001-rev-correct-output-for-long-input-lines.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 4357569fdc7bc482dea0ef0bff57a70e7f06523c Mon Sep 17 00:00:00 2001 -From: Ron Yorston -Date: Sat, 21 Aug 2021 09:36:27 +0100 -Subject: rev: correct output for long input lines - -The input buffer is initialised to a reasonable size and extended -if necessary. When this happened the offset into the buffer wasn't -reset to zero so subsequent lines were appended to the long line. - -Fix this and add some tests. - -function old new delta -rev_main 377 368 -9 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 0/1 up/down: 0/-9) Total: -9 bytes - -Signed-off-by: Ron Yorston -Signed-off-by: Denys Vlasenko ---- - testsuite/rev.tests | 46 ++++++++++++++++++++++++++++++++++++++++++++++ - util-linux/rev.c | 1 + - 2 files changed, 47 insertions(+) - create mode 100755 testsuite/rev.tests - -diff --git a/testsuite/rev.tests b/testsuite/rev.tests -new file mode 100755 -index 000000000..dd65dcd3b ---- /dev/null -+++ b/testsuite/rev.tests -@@ -0,0 +1,46 @@ -+#!/bin/sh -+# Copyright 2021 by Ron Yorston -+# Licensed under GPLv2, see file LICENSE in this source tree. -+ -+. ./testing.sh -+ -+# testing "test name" "commands" "expected result" "file input" "stdin" -+ -+testing "rev works" \ -+ "rev input" \ -+"\ -+1 enil -+ -+3 enil -+" \ -+ "line 1\n\nline 3\n" \ -+ "" -+ -+testing "rev file with missing newline" \ -+ "rev input" \ -+"\ -+1 enil -+ -+3 enil" \ -+ "line 1\n\nline 3" \ -+ "" -+ -+testing "rev file with NUL character" \ -+ "rev input" \ -+"\ -+nil -+3 enil -+" \ -+ "lin\000e 1\n\nline 3\n" \ -+ "" -+ -+testing "rev file with long line" \ -+ "rev input" \ -+"\ -++--------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+--------------- -+cba -+" \ -+ "---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+---------------+--------------+\nabc\n" \ -+ "" -+ -+exit $FAILCOUNT -diff --git a/util-linux/rev.c b/util-linux/rev.c -index d439b4da8..63b005c67 100644 ---- a/util-linux/rev.c -+++ b/util-linux/rev.c -@@ -109,6 +109,7 @@ int rev_main(int argc UNUSED_PARAM, char **argv) - strrev(buf, strlen(buf)); - #endif - fputs_stdout(buf); -+ pos = 0; - } - fclose(fp); - } while (*argv); --- -cgit v1.2.3 - diff --git a/aports/busybox/0001-sed-check-errors-writing-file-with-sed-i.patch b/aports/busybox/0001-sed-check-errors-writing-file-with-sed-i.patch deleted file mode 100644 index 90a5115..0000000 --- a/aports/busybox/0001-sed-check-errors-writing-file-with-sed-i.patch +++ /dev/null @@ -1,66 +0,0 @@ -From b99395ebf70eadb248da0ecf913eea0236eceea1 Mon Sep 17 00:00:00 2001 -From: Dominique Martinet -Date: Wed, 16 Nov 2022 11:52:29 +0900 -Subject: [PATCH] sed: check errors writing file with sed -i - -sed would currently not error if write failed when modifying a file. - -This can be reproduced with the following 'script': -$ sudo mount -t tmpfs tmpfs -o size=1M /tmp/m -$ sudo chmod 777 /tmp/m -$ echo foo > /tmp/m/foo -$ dd if=/dev/zero of=/tmp/m/fill bs=4k -dd: error writing '/tmp/m/fill': No space left on device -256+0 records in -255+0 records out -1044480 bytes (1.0 MB, 1020 KiB) copied, 0.00234567 s, 445 MB/s -$ busybox sed -i -e 's/.*/bar/' /tmp/m/foo -$ echo $? -0 -$ cat /tmp/m/foo - - -new behaviour: -$ echo foo > /tmp/m/foo -$ ./busybox sed -i -e 's/.*/bar/' /tmp/m/foo -sed: write error -$ echo $? -4 -$ cat /tmp/m/foo -foo - -function old new delta -sed_main 754 801 +47 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 1/0 up/down: 47/0) Total: 47 bytes - text data bss dec hex filename - 66957 2398 1552 70907 114fb busybox_old - 67004 2398 1552 70954 1152a busybox_unstripped - -Signed-off-by: Dominique Martinet ---- -Upstream patch: -http://lists.busybox.net/pipermail/busybox/2022-November/089967.html - - editors/sed.c | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/editors/sed.c b/editors/sed.c -index 32a4b61f6d4c..be709eef3a9c 100644 ---- a/editors/sed.c -+++ b/editors/sed.c -@@ -1639,6 +1639,11 @@ int sed_main(int argc UNUSED_PARAM, char **argv) - fchown(nonstdoutfd, statbuf.st_uid, statbuf.st_gid); - - process_files(); -+ fflush(G.nonstdout); -+ if (ferror(G.nonstdout)) { -+ xfunc_error_retval = 4; /* It's what gnu sed exits with... */ -+ bb_simple_error_msg_and_die(bb_msg_write_error); -+ } - fclose(G.nonstdout); - G.nonstdout = stdout; - --- -2.35.1 - diff --git a/aports/busybox/0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch b/aports/busybox/0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch new file mode 100644 index 0000000..040db3b --- /dev/null +++ b/aports/busybox/0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch @@ -0,0 +1,26 @@ +From b99ef11a68832b2141926c229dd25ea600107ed1 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Sun, 13 Jan 2019 19:07:16 +0100 +Subject: [PATCH] adduser: default to /sbin/nologin as shell for system + accounts +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + loginutils/adduser.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/loginutils/adduser.c b/loginutils/adduser.c +index d3c795afa..7ce29fa04 100644 +--- a/loginutils/adduser.c ++++ b/loginutils/adduser.c +@@ -235,7 +235,7 @@ int adduser_main(int argc UNUSED_PARAM, char **argv) + usegroup = "nogroup"; + } + if (!(opts & OPT_SHELL)) { +- pw.pw_shell = (char *) "/bin/false"; ++ pw.pw_shell = (char *) "/sbin/nologin"; + } + } + pw.pw_gid = usegroup ? xgroup2gid(usegroup) : -1; /* exits on failure */ diff --git a/aports/busybox/0002-cpio-add-support-for-renumber-inodes-like-GNU-cpio.patch b/aports/busybox/0002-cpio-add-support-for-renumber-inodes-like-GNU-cpio.patch deleted file mode 100644 index 9febb66..0000000 --- a/aports/busybox/0002-cpio-add-support-for-renumber-inodes-like-GNU-cpio.patch +++ /dev/null @@ -1,129 +0,0 @@ -From 67240ede641cdda29ef74a373bc9f5aa8a18f4e8 Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Mon, 28 Jun 2021 08:23:09 -0600 -Subject: [PATCH 2/2] cpio: add support for --renumber-inodes like GNU cpio - -The --renumber-inodes option renumbers the inodes starting from 1, -so that the sequence of inodes is always stable. This helps with -reproducibility. - -function old new delta -cpio_o 961 1045 +84 -.rodata 78422 78440 +18 -bbconfig_config_bz2 6168 6164 -4 -packed_usage 25764 25756 -8 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 2/2 up/down: 102/-12) Total: 90 bytes - -Signed-off-by: Ariadne Conill ---- - archival/cpio.c | 32 ++++++++++++++++++++++++++++++++ - 1 file changed, 32 insertions(+) - -diff --git a/archival/cpio.c b/archival/cpio.c -index 4d386d38d..14f0b5b84 100644 ---- a/archival/cpio.c -+++ b/archival/cpio.c -@@ -45,6 +45,13 @@ - //config: depends on FEATURE_CPIO_O && LONG_OPTS - //config: help - //config: Optionally ignore device numbers when creating archives. -+//config: -+//config:config FEATURE_CPIO_RENUMBER_INODES -+//config: bool "Support --renumber-inodes like GNU cpio" -+//config: default y -+//config: depends on FEATURE_CPIO_O && LONG_OPTS -+//config: help -+//config: Optionally renumber inodes when creating archives. - - //applet:IF_CPIO(APPLET(cpio, BB_DIR_BIN, BB_SUID_DROP)) - -@@ -85,6 +92,9 @@ - //usage: IF_FEATURE_CPIO_IGNORE_DEVNO( - //usage: "\n --ignore-devno" - //usage: ) -+//usage: IF_FEATURE_CPIO_RENUMBER_INODES( -+//usage: "\n --renumber-inodes" -+//usage: ) - - /* GNU cpio 2.9 --help (abridged): - -@@ -173,18 +183,21 @@ enum { - IF_LONG_OPTS( OPTBIT_QUIET ,) - IF_LONG_OPTS( OPTBIT_2STDOUT ,) - IF_FEATURE_CPIO_IGNORE_DEVNO(OPTBIT_IGNORE_DEVNO,) -+ IF_FEATURE_CPIO_RENUMBER_INODES(OPTBIT_RENUMBER_INODES,) - OPT_CREATE = IF_FEATURE_CPIO_O((1 << OPTBIT_CREATE )) + 0, - OPT_FORMAT = IF_FEATURE_CPIO_O((1 << OPTBIT_FORMAT )) + 0, - OPT_PASSTHROUGH = IF_FEATURE_CPIO_P((1 << OPTBIT_PASSTHROUGH)) + 0, - OPT_QUIET = IF_LONG_OPTS( (1 << OPTBIT_QUIET )) + 0, - OPT_2STDOUT = IF_LONG_OPTS( (1 << OPTBIT_2STDOUT )) + 0, - OPT_IGNORE_DEVNO = IF_FEATURE_CPIO_IGNORE_DEVNO((1 << OPTBIT_IGNORE_DEVNO)) + 0, -+ OPT_RENUMBER_INODES = IF_FEATURE_CPIO_RENUMBER_INODES((1 << OPTBIT_RENUMBER_INODES)) + 0, - }; - - #define OPTION_STR "it0uvdmLF:R:" - - struct globals { - struct bb_uidgid_t owner_ugid; -+ ino_t next_inode; - } FIX_ALIASING; - #define G (*(struct globals*)bb_common_bufsiz1) - void BUG_cpio_globals_too_big(void); -@@ -218,6 +231,9 @@ static NOINLINE int cpio_o(void) - struct inodes_s *next; - struct name_s *names; - struct stat st; -+#if ENABLE_FEATURE_CPIO_RENUMBER_INODES -+ ino_t mapped_inode; -+#endif - }; - - struct inodes_s *links = NULL; -@@ -272,6 +288,10 @@ static NOINLINE int cpio_o(void) - l = xzalloc(sizeof(*l)); - l->st = st; - l->next = links; -+#if ENABLE_FEATURE_CPIO_RENUMBER_INODES -+ if (option_mask32 & OPT_RENUMBER_INODES) -+ l->mapped_inode = ++G.next_inode; -+#endif - links = l; - break; - } -@@ -290,6 +310,11 @@ static NOINLINE int cpio_o(void) - free(line); - continue; - } -+#if ENABLE_FEATURE_CPIO_RENUMBER_INODES -+ else if (option_mask32 & OPT_RENUMBER_INODES) { -+ st.st_ino = ++G.next_inode; -+ } -+#endif - } else { /* line == NULL: EOF */ - next_link: - if (links) { -@@ -297,6 +322,10 @@ static NOINLINE int cpio_o(void) - st = links->st; - name = links->names->name; - links->names = links->names->next; -+#if ENABLE_FEATURE_CPIO_RENUMBER_INODES -+ if (links->mapped_inode) -+ st.st_ino = links->mapped_inode; -+#endif - /* GNU cpio is reported to emit file data - * only for the last instance. Mimic that. */ - if (links->names == NULL) -@@ -398,6 +427,9 @@ int cpio_main(int argc UNUSED_PARAM, char **argv) - "to-stdout\0" No_argument "\xfe" - #if ENABLE_FEATURE_CPIO_IGNORE_DEVNO - "ignore-devno\0" No_argument "\xfd" -+#endif -+#if ENABLE_FEATURE_CPIO_RENUMBER_INODES -+ "renumber-inodes\0" No_argument "\xfc" - #endif - ; - #endif --- -2.32.0 - diff --git a/aports/busybox/0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch b/aports/busybox/0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch deleted file mode 100644 index fd2503e..0000000 --- a/aports/busybox/0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 2e673aac06d661038001286fd389d1b45c511c66 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Tue, 28 Nov 2017 13:23:17 +0100 -Subject: [PATCH] fsck: resolve LABEL=.../UUID=... spec to device - ---- - e2fsprogs/fsck.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/e2fsprogs/fsck.c b/e2fsprogs/fsck.c -index f5aa3dbe4..e2edc9747 100644 ---- a/e2fsprogs/fsck.c -+++ b/e2fsprogs/fsck.c -@@ -60,6 +60,7 @@ - //usage: "\n -t TYPE List of filesystem types to check" - - #include "libbb.h" -+#include "volume_id.h" - #include "common_bufsiz.h" - - /* "progress indicator" code is somewhat buggy and ext[23] specific. -@@ -524,12 +525,13 @@ static int wait_many(int flags) - * Execute a particular fsck program, and link it into the list of - * child processes we are waiting for. - */ --static void execute(const char *type, const char *device, -+static void execute(const char *type, const char *spec, - const char *mntpt /*, int interactive */) - { - int i; - struct fsck_instance *inst; - pid_t pid; -+ char *device = (char *)spec; - - G.args[0] = xasprintf("fsck.%s", type); - -@@ -544,7 +546,8 @@ static void execute(const char *type, const char *device, - } - #endif - -- G.args[G.num_args - 2] = (char*)device; -+ resolve_mount_spec(&device); -+ G.args[G.num_args - 2] = device; - /* G.args[G.num_args - 1] = NULL; - already is */ - - if (G.verbose || G.noexecute) { -@@ -973,9 +976,6 @@ int fsck_main(int argc UNUSED_PARAM, char **argv) - - /* "/dev/blk" or "/path" or "UUID=xxx" or "LABEL=xxx" */ - if ((arg[0] == '/' && !opts_for_fsck) || strchr(arg, '=')) { --// FIXME: must check that arg is a blkdev, or resolve --// "/path", "UUID=xxx" or "LABEL=xxx" into block device name --// ("UUID=xxx"/"LABEL=xxx" can probably shifted to fsck.auto duties) - devices = xrealloc_vector(devices, 2, num_devices); - devices[num_devices++] = arg; - continue; diff --git a/aports/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/aports/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch deleted file mode 100644 index 01c45c9..0000000 --- a/aports/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch +++ /dev/null @@ -1,68 +0,0 @@ -From 812b407e545b70b16cf32aade135b5c32eaf674f Mon Sep 17 00:00:00 2001 -From: Ariadne Conill -Date: Sun, 3 Apr 2022 12:16:45 +0000 -Subject: [PATCH 2/2] nslookup: sanitize all printed strings with - printable_string - -Otherwise, terminal sequences can be injected, which enables various terminal injection -attacks from DNS results. - -CVE: Pending -Upstream-Status: Pending -Signed-off-by: Ariadne Conill ---- - networking/nslookup.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -diff --git a/networking/nslookup.c b/networking/nslookup.c -index 6da97baf4..4bdcde1b8 100644 ---- a/networking/nslookup.c -+++ b/networking/nslookup.c -@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) - //printf("Unable to uncompress domain: %s\n", strerror(errno)); - return -1; - } -- printf(format, ns_rr_name(rr), dname); -+ printf(format, ns_rr_name(rr), printable_string(dname)); - break; - - case ns_t_mx: -@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) - //printf("Cannot uncompress MX domain: %s\n", strerror(errno)); - return -1; - } -- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname); -+ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname)); - break; - - case ns_t_txt: -@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) - if (n > 0) { - memset(dname, 0, sizeof(dname)); - memcpy(dname, ns_rr_rdata(rr) + 1, n); -- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname); -+ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname)); - } - break; - -@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) - } - - printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr), -- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname); -+ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname)); - break; - - case ns_t_soa: -@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) - return -1; - } - -- printf("\tmail addr = %s\n", dname); -+ printf("\tmail addr = %s\n", printable_string(dname)); - cp += n; - - printf("\tserial = %lu\n", ns_get32(cp)); --- -2.35.1 - diff --git a/aports/busybox/0003-ash-add-built-in-BB_ASH_VERSION-variable.patch b/aports/busybox/0003-ash-add-built-in-BB_ASH_VERSION-variable.patch new file mode 100644 index 0000000..1803194 --- /dev/null +++ b/aports/busybox/0003-ash-add-built-in-BB_ASH_VERSION-variable.patch @@ -0,0 +1,85 @@ +From 53b13dbc8312dfa4326751f063437894c5e5a43d Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Wed, 10 Mar 2021 23:38:57 -0700 +Subject: [PATCH] ash: add built-in $BB_ASH_VERSION variable +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is helpful for detecting if the shell is busybox ash or not, +which is necessary for enabling ash-specific features in /etc/profile +and Alpine's default $ENV. + +https://gitlab.alpinelinux.org/alpine/aports/-/issues/12398 outlines +the rationale for detecting what shell is running in /etc/profile and +similar. + +function old new delta +.rodata 77899 77925 +26 +varinit_data 360 384 +24 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 2/0 up/down: 50/0) Total: 50 bytes + +Signed-off-by: Ariadne Conill +--- + shell/ash.c | 28 ++++++++++++++++++++-------- + 1 file changed, 20 insertions(+), 8 deletions(-) + +diff --git a/shell/ash.c b/shell/ash.c +index 18ccc1329..cb38582fc 100644 +--- a/shell/ash.c ++++ b/shell/ash.c +@@ -158,6 +158,14 @@ + //config: you to run the specified command or builtin, + //config: even when there is a function with the same name. + //config: ++//config:config ASH_VERSION_VAR ++//config: bool "declare $BB_ASH_VERSION variable" ++//config: default y ++//config: depends on SHELL_ASH ++//config: help ++//config: Enable support for declaring the $BB_ASH_VERSION variable, ++//config: which is set as the busybox version. ++//config: + //config:endif # ash options + + //applet:IF_ASH(APPLET(ash, BB_DIR_BIN, BB_SUID_DROP)) +@@ -2142,6 +2150,9 @@ static const struct { + { VSTRFIXED|VTEXTFIXED , "PS1=$ " , NULL }, + { VSTRFIXED|VTEXTFIXED , "PS2=> " , NULL }, + { VSTRFIXED|VTEXTFIXED , "PS4=+ " , NULL }, ++#if ENABLE_ASH_VERSION_VAR ++ { VSTRFIXED|VTEXTFIXED , "BB_ASH_VERSION=" BB_VER, NULL }, ++#endif + #if ENABLE_ASH_GETOPTS + { VSTRFIXED|VTEXTFIXED , defoptindvar, getoptsreset }, + #endif +@@ -2201,19 +2212,20 @@ extern struct globals_var *BB_GLOBAL_CONST ash_ptr_to_globals_var; + #define vps1 varinit[VAR_OFFSET1 + 2] + #define vps2 varinit[VAR_OFFSET1 + 3] + #define vps4 varinit[VAR_OFFSET1 + 4] ++#define VAR_OFFSET2 (VAR_OFFSET1 + ENABLE_ASH_VERSION_VAR) + #if ENABLE_ASH_GETOPTS +-# define voptind varinit[VAR_OFFSET1 + 5] ++# define voptind varinit[VAR_OFFSET2 + 5] + #endif +-#define VAR_OFFSET2 (VAR_OFFSET1 + ENABLE_ASH_GETOPTS) +-#define vlineno varinit[VAR_OFFSET2 + 5] +-#define vfuncname varinit[VAR_OFFSET2 + 6] ++#define VAR_OFFSET3 (VAR_OFFSET2 + ENABLE_ASH_GETOPTS) ++#define vlineno varinit[VAR_OFFSET3 + 5] ++#define vfuncname varinit[VAR_OFFSET3 + 6] + #if ENABLE_ASH_RANDOM_SUPPORT +-# define vrandom varinit[VAR_OFFSET2 + 7] ++# define vrandom varinit[VAR_OFFSET3 + 7] + #endif +-#define VAR_OFFSET3 (VAR_OFFSET2 + ENABLE_ASH_RANDOM_SUPPORT) ++#define VAR_OFFSET4 (VAR_OFFSET2 + ENABLE_ASH_RANDOM_SUPPORT) + #if BASH_EPOCH_VARS +-# define vepochs varinit[VAR_OFFSET3 + 7] +-# define vepochr varinit[VAR_OFFSET3 + 8] ++# define vepochs varinit[VAR_OFFSET4 + 7] ++# define vepochr varinit[VAR_OFFSET4 + 8] + #endif + #define INIT_G_var() do { \ + unsigned i; \ diff --git a/aports/busybox/0003-ash-exec-busybox.static.patch b/aports/busybox/0003-ash-exec-busybox.static.patch deleted file mode 100644 index 8247e35..0000000 --- a/aports/busybox/0003-ash-exec-busybox.static.patch +++ /dev/null @@ -1,22 +0,0 @@ -From d06a13f4cd81aeda9b02d4da90ef2b941899d6c5 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Thu, 4 Aug 2016 11:03:07 +0200 -Subject: [PATCH] ash: exec busybox.static - ---- - shell/ash.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/shell/ash.c b/shell/ash.c -index 051cc671f..73470eab2 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7991,6 +7991,8 @@ tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char **argv, c - } - /* re-exec ourselves with the new arguments */ - execve(bb_busybox_exec_path, argv, envp); -+ execve("/bin/busybox.static",argv,envp); -+ execve("/bin/busybox",argv,envp); - /* If they called chroot or otherwise made the binary no longer - * executable, fall through */ - } diff --git a/aports/busybox/0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch b/aports/busybox/0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch new file mode 100644 index 0000000..b0f2b45 --- /dev/null +++ b/aports/busybox/0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch @@ -0,0 +1,108 @@ +From a7f1a174c2f5fd4ee7e130e08dfc79abc65e8a5e Mon Sep 17 00:00:00 2001 +From: Laurent Bercot +Date: Fri, 22 Jul 2022 08:34:50 +0200 +Subject: [PATCH] Avoid redefined warnings when buiding with utmps +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Do not use _PATH_UTMP or _PATH_WTMP, and do not touch +the files directly. + +--- + include/libbb.h | 8 +++----- + libbb/messages.c | 4 ++-- + libbb/utmp.c | 10 ++++++---- + util-linux/last_fancy.c | 2 +- + 4 files changed, 12 insertions(+), 12 deletions(-) + +diff --git a/include/libbb.h b/include/libbb.h +index cca33a177..2b72e7ac4 100644 +--- a/include/libbb.h ++++ b/include/libbb.h +@@ -107,14 +107,12 @@ + # define _PATH_UTMPX _PATH_UTMP + # else + # if !defined(__FreeBSD__) +-# include ++# include ++# define _CORRECT_PATH_UTMPX "/run/utmps/utmp" ++# define _CORRECT_PATH_WTMP "/var/log/wtmp" + # else + # define _PATH_UTMPX "/var/run/utx.active" + # endif +-# include +-# if defined _PATH_UTMP && !defined _PATH_UTMPX +-# define _PATH_UTMPX _PATH_UTMP +-# endif + # endif + #endif + #if ENABLE_LOCALE_SUPPORT +diff --git a/libbb/messages.c b/libbb/messages.c +index 6914d5701..689dd0c6d 100644 +--- a/libbb/messages.c ++++ b/libbb/messages.c +@@ -42,8 +42,8 @@ const int const_int_0 = 0; + #if ENABLE_FEATURE_WTMP + /* This is usually something like "/var/adm/wtmp" or "/var/log/wtmp" */ + const char bb_path_wtmp_file[] ALIGN1 = +-# if defined _PATH_WTMP +- _PATH_WTMP; ++# if defined _CORRECT_PATH_WTMP ++ _CORRECT_PATH_WTMP; + # elif defined WTMP_FILE + WTMP_FILE; + # else +diff --git a/libbb/utmp.c b/libbb/utmp.c +index bd07670db..0a2ef2c8e 100644 +--- a/libbb/utmp.c ++++ b/libbb/utmp.c +@@ -8,11 +8,13 @@ + */ + #include "libbb.h" + ++#if 0 + static void touch(const char *filename) + { + if (access(filename, R_OK | W_OK) == -1) + close(open(filename, O_WRONLY | O_CREAT, 0664)); + } ++#endif + + void FAST_FUNC write_new_utmp(pid_t pid, int new_type, const char *tty_name, const char *username, const char *hostname) + { +@@ -45,8 +47,8 @@ void FAST_FUNC write_new_utmp(pid_t pid, int new_type, const char *tty_name, con + tty_name += 3; + strncpy(id, tty_name, width); + +- touch(_PATH_UTMPX); +- //utmpxname(_PATH_UTMPX); ++ //touch(_CORRECT_PATH_UTMPX); ++ //utmpxname(_CORRECT_PATH_UTMPX); + setutxent(); + /* Append new one (hopefully, unless we collide on ut_id) */ + pututxline(&utent); +@@ -67,8 +69,8 @@ void FAST_FUNC update_utmp(pid_t pid, int new_type, const char *tty_name, const + struct utmpx utent; + struct utmpx *utp; + +- touch(_PATH_UTMPX); +- //utmpxname(_PATH_UTMPX); ++ //touch(_CORRECT_PATH_UTMPX); ++ //utmpxname(_CORRECT_PATH_UTMPX); + setutxent(); + + /* Did init/getty/telnetd/sshd/... create an entry for us? +diff --git a/util-linux/last_fancy.c b/util-linux/last_fancy.c +index 648236229..aa7a62bbe 100644 +--- a/util-linux/last_fancy.c ++++ b/util-linux/last_fancy.c +@@ -159,7 +159,7 @@ int last_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; + int last_main(int argc UNUSED_PARAM, char **argv) + { + struct utmpx ut; +- const char *filename = _PATH_WTMP; ++ const char *filename = _CORRECT_PATH_WTMP; + llist_t *zlist; + off_t pos; + time_t start_time; diff --git a/aports/busybox/0004-app-location-for-cpio-vi-and-lspci.patch b/aports/busybox/0004-app-location-for-cpio-vi-and-lspci.patch deleted file mode 100644 index 2ca4bcd..0000000 --- a/aports/busybox/0004-app-location-for-cpio-vi-and-lspci.patch +++ /dev/null @@ -1,51 +0,0 @@ -From 97d4a0ffc6f58813fd91e5728d474b984f29b9a6 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Tue, 27 Dec 2016 20:46:59 +0100 -Subject: [PATCH] app location for cpio, vi and lspci - -Adjust location to where alpine linux installs them ---- - archival/cpio.c | 2 +- - editors/vi.c | 2 +- - util-linux/lspci.c | 2 +- - 3 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/archival/cpio.c b/archival/cpio.c -index 7149782d7..ee80efd9f 100644 ---- a/archival/cpio.c -+++ b/archival/cpio.c -@@ -53,7 +53,7 @@ - //config: help - //config: Optionally renumber inodes when creating archives. - --//applet:IF_CPIO(APPLET(cpio, BB_DIR_BIN, BB_SUID_DROP)) -+//applet:IF_CPIO(APPLET(cpio, BB_DIR_USR_BIN, BB_SUID_DROP)) - - //kbuild:lib-$(CONFIG_CPIO) += cpio.o - -diff --git a/editors/vi.c b/editors/vi.c -index 3dbe5b471..b29c16098 100644 ---- a/editors/vi.c -+++ b/editors/vi.c -@@ -176,7 +176,7 @@ - //config: Enable more verbose reporting of the results of yank, change, - //config: delete, undo and substitution commands. - --//applet:IF_VI(APPLET(vi, BB_DIR_BIN, BB_SUID_DROP)) -+//applet:IF_VI(APPLET(vi, BB_DIR_USR_BIN, BB_SUID_DROP)) - - //kbuild:lib-$(CONFIG_VI) += vi.o - -diff --git a/util-linux/lspci.c b/util-linux/lspci.c -index c22cbcc1e..70a623650 100644 ---- a/util-linux/lspci.c -+++ b/util-linux/lspci.c -@@ -15,7 +15,7 @@ - //config: - //config: This version uses sysfs (/sys/bus/pci/devices) only. - --//applet:IF_LSPCI(APPLET_NOEXEC(lspci, lspci, BB_DIR_USR_BIN, BB_SUID_DROP, lspci)) -+//applet:IF_LSPCI(APPLET_NOEXEC(lspci, lspci, BB_DIR_USR_SBIN, BB_SUID_DROP, lspci)) - - //kbuild:lib-$(CONFIG_LSPCI) += lspci.o - diff --git a/aports/busybox/0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/aports/busybox/0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch new file mode 100644 index 0000000..95616c7 --- /dev/null +++ b/aports/busybox/0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -0,0 +1,40 @@ +From 6a678ab440ec8c0d21843569182eeb452c289a58 Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Sun, 3 Apr 2022 18:13:37 +0000 +Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are + returned for the hostname part +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CVE: Pending +Upstream-Status: Pending +Signed-off-by: Ariadne Conill +--- + libbb/xconnect.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libbb/xconnect.c b/libbb/xconnect.c +index 0e0b247b8..02c061e67 100644 +--- a/libbb/xconnect.c ++++ b/libbb/xconnect.c +@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + ); + if (rc) + return NULL; ++ /* ensure host contains only printable characters */ + if (flags & IGNORE_PORT) +- return xstrdup(host); ++ return xstrdup(printable_string(host)); + #if ENABLE_FEATURE_IPV6 + if (sa->sa_family == AF_INET6) { + if (strchr(host, ':')) /* heh, it's not a resolved hostname */ +@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + #endif + /* For now we don't support anything else, so it has to be INET */ + /*if (sa->sa_family == AF_INET)*/ +- return xasprintf("%s:%s", host, serv); ++ return xasprintf("%s:%s", printable_string(host), serv); + /*return xstrdup(host);*/ + } + diff --git a/aports/busybox/0005-udhcpc-set-default-discover-retries-to-5.patch b/aports/busybox/0005-udhcpc-set-default-discover-retries-to-5.patch deleted file mode 100644 index ea15834..0000000 --- a/aports/busybox/0005-udhcpc-set-default-discover-retries-to-5.patch +++ /dev/null @@ -1,55 +0,0 @@ -From 7f626404022bb69cd314e2eea33a721d75cc933d Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Thu, 4 Aug 2016 12:46:55 +0200 -Subject: [PATCH] udhcpc: set default discover retries to 5 - -Some slower nics needs more attempts to get a lease ---- - networking/udhcp/d6_dhcpc.c | 4 ++-- - networking/udhcp/dhcpc.c | 4 ++-- - 2 files changed, 4 insertions(+), 4 deletions(-) - -diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_dhcpc.c -index 8d11a7539..794441953 100644 ---- a/networking/udhcp/d6_dhcpc.c -+++ b/networking/udhcp/d6_dhcpc.c -@@ -1135,7 +1135,7 @@ static void client_background(void) - //usage: "\n -s PROG Run PROG at DHCP events (default "CONFIG_UDHCPC_DEFAULT_SCRIPT")" - //usage: "\n -B Request broadcast replies" - //usage: "\n -t N Send up to N discover packets" --//usage: "\n -T SEC Pause between packets (default 3)" -+//usage: "\n -T SEC Pause between packets (default 5)" - //usage: "\n -A SEC Wait if lease is not obtained (default 20)" - //usage: USE_FOR_MMU( - //usage: "\n -b Background if lease is not obtained" -@@ -1180,7 +1180,7 @@ int udhcpc6_main(int argc UNUSED_PARAM, char **argv) - llist_t *list_x = NULL; - int tryagain_timeout = 20; - int discover_timeout = 3; -- int discover_retries = 3; -+ int discover_retries = 5; - struct in6_addr srv6_buf; - struct in6_addr ipv6_buf; - struct in6_addr *requested_ipv6; -diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c -index 331f13a8c..0c1b58d7c 100644 ---- a/networking/udhcp/dhcpc.c -+++ b/networking/udhcp/dhcpc.c -@@ -1173,7 +1173,7 @@ static void client_background(void) - //usage: "\n -p FILE Create pidfile" - //usage: "\n -B Request broadcast replies" - //usage: "\n -t N Send up to N discover packets (default 3)" --//usage: "\n -T SEC Pause between packets (default 3)" -+//usage: "\n -T SEC Pause between packets (default 5)" - //usage: "\n -A SEC Wait if lease is not obtained (default 20)" - //usage: USE_FOR_MMU( - //usage: "\n -b Background if lease is not obtained" -@@ -1217,7 +1217,7 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv) - llist_t *list_x = NULL; - int tryagain_timeout = 20; - int discover_timeout = 3; -- int discover_retries = 3; -+ int discover_retries = 5; - uint32_t server_id = server_id; /* for compiler */ - uint32_t requested_ip = 0; - int packet_num; diff --git a/aports/busybox/0006-modinfo-add-k-option-for-kernel-version.patch b/aports/busybox/0006-modinfo-add-k-option-for-kernel-version.patch new file mode 100644 index 0000000..51144d4 --- /dev/null +++ b/aports/busybox/0006-modinfo-add-k-option-for-kernel-version.patch @@ -0,0 +1,140 @@ +From 592cc544acebfb1179bf91083870a235f72f2f64 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Thu, 28 Apr 2022 23:04:01 +0200 +Subject: [PATCH] modinfo: add -k option for kernel version +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +It is useful to be able to specify kernel version when generating +initramfs and similar for a kernel version that might not be the running +one. + +bloatcheck on x86_64: + +function old new delta +packed_usage 26193 26218 +25 +modinfo_main 391 414 +23 +.rodata 80296 80298 +2 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 3/0 up/down: 50/0) Total: 50 +bytes + text data bss dec hex filename + 834606 14124 2008 850738 cfb32 busybox_old + 834657 14124 2008 850789 cfb65 busybox_unstripped + +Signed-off-by: Natanael Copa +--- + modutils/modinfo.c | 30 ++++++++++++++++++------------ + 1 file changed, 18 insertions(+), 12 deletions(-) + +diff --git a/modutils/modinfo.c b/modutils/modinfo.c +index 0a86c3296..53bc02880 100644 +--- a/modutils/modinfo.c ++++ b/modutils/modinfo.c +@@ -38,17 +38,18 @@ static const char *const shortcuts[] ALIGN_PTR = { + + enum { + OPT_0 = (1 << 0), /* \0 as separator */ +- OPT_F = (1 << 1), /* field name */ ++ OPT_k = (1 << 1), /* kernel version */ ++ OPT_F = (1 << 2), /* field name */ + /* first bits are for -nadlp options, the rest are for + * fields not selectable with "shortcut" options + */ +- OPT_n = (1 << 2), +- OPT_TAGS = ((1 << ARRAY_SIZE(shortcuts)) - 1) << 2, ++ OPT_n = (1 << 3), ++ OPT_TAGS = ((1 << ARRAY_SIZE(shortcuts)) - 1) << 3, + }; + + static void display(const char *data, const char *pattern) + { +- int flag = option_mask32 >> 1; /* shift out -0 bit */ ++ int flag = option_mask32 >> 2; /* shift out -0 and -k bits */ + if (flag & (flag-1)) { + /* more than one field to show: print "FIELD:" pfx */ + int n = printf("%s:", pattern); +@@ -82,7 +83,8 @@ static void modinfo(const char *path, const char *version, + } + } + +- for (j = 1; (1< -Date: Tue, 29 Mar 2016 18:59:22 +0200 -Subject: [PATCH] ping: make ping work without root privileges - ---- - networking/ping.c | 115 +++++++++++++++++++++++++++++++++++++--------- - 1 file changed, 94 insertions(+), 21 deletions(-) - -diff --git a/networking/ping.c b/networking/ping.c -index c4a15e06e..a2dccb57f 100644 ---- a/networking/ping.c -+++ b/networking/ping.c -@@ -170,6 +170,7 @@ enum { - pingsock = 0, - }; - -+static int using_dgram; - static void - #if ENABLE_PING6 - create_icmp_socket(len_and_sockaddr *lsa) -@@ -186,9 +187,23 @@ create_icmp_socket(void) - #endif - sock = socket(AF_INET, SOCK_RAW, 1); /* 1 == ICMP */ - if (sock < 0) { -- if (errno == EPERM) -- bb_simple_error_msg_and_die(bb_msg_perm_denied_are_you_root); -- bb_simple_perror_msg_and_die(bb_msg_can_not_create_raw_socket); -+ if (errno != EPERM) -+ bb_simple_perror_msg_and_die(bb_msg_can_not_create_raw_socket); -+#if defined(__linux__) || defined(__APPLE__) -+ /* We don't have root privileges. Try SOCK_DGRAM instead. -+ * Linux needs net.ipv4.ping_group_range for this to work. -+ * MacOSX allows ICMP_ECHO, ICMP_TSTAMP or ICMP_MASKREQ -+ */ -+#if ENABLE_PING6 -+ if (lsa->u.sa.sa_family == AF_INET6) -+ sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_ICMPV6); -+ else -+#endif -+ sock = socket(AF_INET, SOCK_DGRAM, 1); /* 1 == ICMP */ -+ if (sock < 0) -+#endif -+ bb_simple_error_msg_and_die(bb_msg_perm_denied_are_you_root); -+ using_dgram = 1; - } - - xmove_fd(sock, pingsock); -@@ -241,10 +256,12 @@ static void ping4(len_and_sockaddr *lsa) - bb_simple_perror_msg("recvfrom"); - continue; - } -- if (c >= 76) { /* ip + icmp */ -- struct iphdr *iphdr = (struct iphdr *) G.packet; -+ if (c >= 76 || using_dgram && (c == 64)) { /* ip + icmp */ -+ if(!using_dgram) { -+ struct iphdr *iphdr = (struct iphdr *) G.packet; - -- pkt = (struct icmp *) (G.packet + (iphdr->ihl << 2)); /* skip ip hdr */ -+ pkt = (struct icmp *) (G.packet + (iphdr->ihl << 2)); /* skip ip hdr */ -+ } else pkt = (struct icmp *) G.packet; - if (pkt->icmp_id != G.myid) - continue; /* not our ping */ - if (pkt->icmp_type == ICMP_ECHOREPLY) -@@ -653,19 +670,21 @@ static void unpack_tail(int sz, uint32_t *tp, - } - static int unpack4(char *buf, int sz, struct sockaddr_in *from) - { -- struct icmp *icmppkt; - struct iphdr *iphdr; -+ struct icmp *icmppkt; - int hlen; - - /* discard if too short */ - if (sz < (datalen + ICMP_MINLEN)) - return 0; -+ if(!using_dgram) { -+ /* check IP header */ -+ iphdr = (struct iphdr *) buf; -+ hlen = iphdr->ihl << 2; -+ sz -= hlen; -+ icmppkt = (struct icmp *) (buf + hlen); -+ } else icmppkt = (struct icmp *) buf; - -- /* check IP header */ -- iphdr = (struct iphdr *) buf; -- hlen = iphdr->ihl << 2; -- sz -= hlen; -- icmppkt = (struct icmp *) (buf + hlen); - if (icmppkt->icmp_id != myid) - return 0; /* not our ping */ - -@@ -677,7 +696,7 @@ static int unpack4(char *buf, int sz, struct sockaddr_in *from) - tp = (uint32_t *) icmppkt->icmp_data; - unpack_tail(sz, tp, - inet_ntoa(*(struct in_addr *) &from->sin_addr.s_addr), -- recv_seq, iphdr->ttl); -+ recv_seq, using_dgram ? 42 : iphdr->ttl); - return 1; - } - if (icmppkt->icmp_type != ICMP_ECHO) { -@@ -727,11 +746,31 @@ static void ping4(len_and_sockaddr *lsa) - int sockopt; - - pingaddr.sin = lsa->u.sin; -- if (source_lsa) { -+ if (source_lsa && !using_dgram) { - if (setsockopt(pingsock, IPPROTO_IP, IP_MULTICAST_IF, - &source_lsa->u.sa, source_lsa->len)) - bb_simple_error_msg_and_die("can't set multicast source interface"); - xbind(pingsock, &source_lsa->u.sa, source_lsa->len); -+ } else if(using_dgram) { -+ struct sockaddr_in sa; -+ socklen_t sl; -+ -+ sa.sin_family = AF_INET; -+ sa.sin_port = 0; -+ sa.sin_addr.s_addr = source_lsa ? -+ source_lsa->u.sin.sin_addr.s_addr : 0; -+ sl = sizeof(sa); -+ -+ if (bind(pingsock, (struct sockaddr *) &sa, sl) == -1) { -+ perror("bind"); -+ exit(2); -+ } -+ -+ if (getsockname(pingsock, (struct sockaddr *) &sa, &sl) == -1) { -+ perror("getsockname"); -+ exit(2); -+ } -+ myid = sa.sin_port; - } - - /* enable broadcast pings */ -@@ -748,6 +787,15 @@ static void ping4(len_and_sockaddr *lsa) - setsockopt_int(pingsock, IPPROTO_IP, IP_MULTICAST_TTL, opt_ttl); - } - -+ if(using_dgram) { -+ int hold = 65536; -+ if (setsockopt(pingsock, SOL_IP, IP_RECVTTL, (char *)&hold, sizeof(hold))) -+ perror("WARNING: setsockopt(IP_RECVTTL)"); -+ if (setsockopt(pingsock, SOL_IP, IP_RETOPTS, (char *)&hold, sizeof(hold))) -+ perror("WARNING: setsockopt(IP_RETOPTS)"); -+ -+ } -+ - signal(SIGINT, print_stats_and_exit); - - /* start the ping's going ... */ -@@ -785,10 +833,33 @@ static void ping6(len_and_sockaddr *lsa) - char control_buf[CMSG_SPACE(36)]; - - pingaddr.sin6 = lsa->u.sin6; -- if (source_lsa) -+ if (source_lsa && !using_dgram) - xbind(pingsock, &source_lsa->u.sa, source_lsa->len); -+ else if(using_dgram) { -+ struct sockaddr_in6 sa = {0}; -+ socklen_t sl; -+ -+ sa.sin6_family = AF_INET6; -+ sa.sin6_port = 0; -+ if(source_lsa) { -+ memcpy(&sa.sin6_addr, &source_lsa->u.sin6.sin6_addr, sizeof(struct in6_addr)); -+ } -+ sl = sizeof(sa); -+ -+ if (bind(pingsock, (struct sockaddr *) &sa, sl) == -1) { -+ perror("bind"); -+ exit(2); -+ } -+ -+ if (getsockname(pingsock, (struct sockaddr *) &sa, &sl) == -1) { -+ perror("getsockname"); -+ exit(2); -+ } -+ myid = sa.sin6_port; -+ } - - #ifdef ICMP6_FILTER -+ if(!using_dgram) - { - struct icmp6_filter filt; - if (!(option_mask32 & OPT_VERBOSE)) { -@@ -934,12 +1005,14 @@ static int common_ping_main(int opt, char **argv) - interval = INT_MAX/1000000; - G.interval_us = interval * 1000000; - -- myid = (uint16_t) getpid(); -- /* we can use native-endian ident, but other Unix ping/traceroute -- * utils use *big-endian pid*, and e.g. traceroute on our machine may be -- * *not* from busybox, idents may collide. Follow the convention: -- */ -- myid = htons(myid); -+ if (!using_dgram) { -+ myid = (uint16_t) getpid(); -+ /* we can use native-endian ident, but other Unix ping/traceroute -+ * utils use *big-endian pid*, and e.g. traceroute on our machine may be -+ * *not* from busybox, idents may collide. Follow the convention: -+ */ -+ myid = htons(myid); -+ } - hostname = argv[optind]; - #if ENABLE_PING6 - { diff --git a/aports/busybox/0007-fbsplash-support-console-switching.patch b/aports/busybox/0007-fbsplash-support-console-switching.patch deleted file mode 100644 index 8d19505..0000000 --- a/aports/busybox/0007-fbsplash-support-console-switching.patch +++ /dev/null @@ -1,179 +0,0 @@ -From 8fb815ec846d9ac64c89ac21cededc17f0b804c3 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= -Date: Mon, 24 Sep 2012 07:58:29 +0300 -Subject: [PATCH] fbsplash: support console switching - ---- - miscutils/fbsplash.c | 82 ++++++++++++++++++++++++++++++++++++++++---- - 1 file changed, 75 insertions(+), 7 deletions(-) - -diff --git a/miscutils/fbsplash.c b/miscutils/fbsplash.c -index bc3c61055..1c206ef53 100644 ---- a/miscutils/fbsplash.c -+++ b/miscutils/fbsplash.c -@@ -47,7 +47,7 @@ - //kbuild:lib-$(CONFIG_FBSPLASH) += fbsplash.o - - //usage:#define fbsplash_trivial_usage --//usage: "-s IMGFILE [-c] [-d DEV] [-i INIFILE] [-f CMD]" -+//usage: "-s IMGFILE [-c] [-d DEV] [-i INIFILE] [-f CMD] [-T tty]" - //usage:#define fbsplash_full_usage "\n\n" - //usage: " -s Image" - //usage: "\n -c Hide cursor" -@@ -57,11 +57,17 @@ - //usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP" - //usage: "\n -f Control pipe (else exit after drawing image)" - //usage: "\n commands: 'NN' (% for progress bar) or 'exit'" -+//usage: "\n -T Switch to TTY to hide all console messages" - - #include "libbb.h" - #include "common_bufsiz.h" - #include - -+#include -+#include -+#include -+#include -+ - /* If you want logging messages on /tmp/fbsplash.log... */ - #define DEBUG 0 - -@@ -75,6 +81,8 @@ struct globals { - unsigned char *addr; // pointer to framebuffer memory - unsigned ns[9]; // n-parameters - const char *image_filename; -+ int silent_tty, fd_tty_s; -+ bool do_not_draw; - struct fb_var_screeninfo scr_var; - struct fb_fix_screeninfo scr_fix; - unsigned bytes_per_pixel; -@@ -488,6 +496,11 @@ static void init(const char *cfg_filename) - config_close(parser); - } - -+static void sighandler(int sig) -+{ -+ ioctl(G.fd_tty_s, VT_RELDISP, sig == SIGUSR1 ? 1 : 2); -+ G.do_not_draw = (sig != SIGUSR2); -+} - - int fbsplash_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; - int fbsplash_main(int argc UNUSED_PARAM, char **argv) -@@ -497,6 +510,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - char *num_buf; - unsigned num; - bool bCursorOff; -+ int fd_tty0, active_vt; -+ struct vt_stat vtstat; -+ struct vt_mode vt; - - INIT_G(); - -@@ -504,8 +520,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - fb_device = "/dev/fb0"; - cfg_filename = NULL; - fifo_filename = NULL; -- bCursorOff = 1 & getopt32(argv, "cs:d:i:f:", -- &G.image_filename, &fb_device, &cfg_filename, &fifo_filename); -+ bCursorOff = 1 & getopt32(argv, "cs:d:i:f:T:+", -+ &G.image_filename, &fb_device, &cfg_filename, &fifo_filename, -+ &G.silent_tty); - - // parse configuration file - if (cfg_filename) -@@ -515,11 +532,43 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - if (!G.image_filename) - bb_show_usage(); - -+ fd_tty0 = get_console_fd_or_die(); -+ if (G.silent_tty) { -+ char buf[16]; -+ -+ /* Initialize TTY */ -+ bb_signals((1LL << SIGUSR1) | (1LL << SIGUSR2), sighandler); -+ snprintf(buf, sizeof(buf), "/dev/tty%d", G.silent_tty); -+ G.fd_tty_s = xopen(buf, O_RDWR | O_NOCTTY); -+ -+ /* Activate TTY */ -+ xioctl(fd_tty0, VT_GETSTATE, &vtstat); -+ active_vt = vtstat.v_active; -+ console_make_active(fd_tty0, G.silent_tty); -+ -+ /* Get notifications on console changes */ -+ vt.mode = VT_PROCESS; -+ vt.waitv = 0; -+ vt.relsig = SIGUSR1; -+ vt.acqsig = SIGUSR2; -+ ioctl(G.fd_tty_s, VT_SETMODE, &vt); -+ -+ /* Redirect all kernel messages to tty1 so that they don't get -+ * printed over our silent splash image. And clear it. */ -+ buf[0] = TIOCL_SETKMSGREDIRECT; -+ buf[1] = 1; -+ ioctl(G.fd_tty_s, TIOCLINUX, buf); -+ full_write(G.fd_tty_s, "\e[H\e[2J" "\e[?17;0c", 7+8); -+ ioctl(G.fd_tty_s, KDSETMODE, KD_GRAPHICS); -+ } else { -+ G.fd_tty_s = STDOUT_FILENO; -+ } -+ - fb_open(fb_device); - - if (fifo_filename && bCursorOff) { - // hide cursor (BEFORE any fb ops) -- full_write(STDOUT_FILENO, ESC"[?25l", 6); -+ full_write(G.fd_tty_s, ESC"[?25l", 6); - } - - fb_drawimage(); -@@ -527,6 +576,7 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - if (!fifo_filename) - return EXIT_SUCCESS; - -+ sig_block(SIGUSR1); - fp = xfopen_stdin(fifo_filename); - if (fp != stdin) { - // For named pipes, we want to support this: -@@ -542,8 +592,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - // and become an additional writer :) - open(fifo_filename, O_WRONLY); // errors are ignored - } -- - fb_drawprogressbar(0); -+ sig_unblock(SIGUSR1); -+ - // Block on read, waiting for some input. - // Use of style I/O allows to correctly - // handle a case when we have many buffered lines -@@ -558,12 +609,29 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) - #if DEBUG - DEBUG_MESSAGE(itoa(num)); - #endif -- fb_drawprogressbar(num); -+ sig_block(SIGUSR1); -+ if (!G.do_not_draw) -+ fb_drawprogressbar(num); -+ sig_unblock(SIGUSR1); - } - free(num_buf); - } - -- if (bCursorOff) // restore cursor -+ if (G.silent_tty) { -+ usleep(100*1000); -+ -+ ioctl(G.fd_tty_s, VT_RELDISP, 1); -+ ioctl(G.fd_tty_s, KDSETMODE, KD_TEXT); -+ vt.mode = VT_AUTO; -+ vt.waitv = 0; -+ ioctl(G.fd_tty_s, VT_SETMODE, &vt); -+ close(G.fd_tty_s); -+ -+ xioctl(fd_tty0, VT_GETSTATE, &vtstat); -+ if (vtstat.v_active == G.silent_tty) -+ console_make_active(fd_tty0, active_vt); -+ ioctl(fd_tty0, VT_DISALLOCATE, (void *)(ptrdiff_t)G.silent_tty); -+ } else if (bCursorOff) // restore cursor - full_write(STDOUT_FILENO, ESC"[?25h", 6); - - return EXIT_SUCCESS; diff --git a/aports/busybox/0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch b/aports/busybox/0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch new file mode 100644 index 0000000..5fbcacc --- /dev/null +++ b/aports/busybox/0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch @@ -0,0 +1,31 @@ +From 9d796b508575b2e1673512d4103e6049af189bc6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Wed, 13 Feb 2019 18:41:43 +0100 +Subject: [PATCH] nologin: Install applet to /sbin instead of /usr/sbin +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is required to retain compatibility with our old custom nologin +applet written in C which was also installed to /sbin. + +Compatibility with the old path is required because login shell paths +are hardcoded in /etc/passwd. + +--- + util-linux/nologin.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/util-linux/nologin.c b/util-linux/nologin.c +index 5a8b047a5..d3b6fe77e 100644 +--- a/util-linux/nologin.c ++++ b/util-linux/nologin.c +@@ -19,7 +19,7 @@ + //config: If you know these will be available externally you can + //config: disable this option. + +-//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_USR_SBIN, BB_SUID_DROP, nologin)) ++//applet:IF_NOLOGIN(APPLET_SCRIPTED(nologin, scripted, BB_DIR_SBIN, BB_SUID_DROP, nologin)) + + //usage:#define nologin_trivial_usage + //usage: "" diff --git a/aports/busybox/0008-fbsplash-support-image-and-bar-alignment-and-positio.patch b/aports/busybox/0008-fbsplash-support-image-and-bar-alignment-and-positio.patch deleted file mode 100644 index ab3421e..0000000 --- a/aports/busybox/0008-fbsplash-support-image-and-bar-alignment-and-positio.patch +++ /dev/null @@ -1,176 +0,0 @@ -From cc005e48ebd831199789d9dfb1a9307e743ecdaa Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= -Date: Fri, 21 Nov 2014 16:06:34 +0200 -Subject: [PATCH] fbsplash: support image and bar alignment and positioning - -Needed to center a splash screen image in the initramfs. ---- - miscutils/fbsplash.c | 93 ++++++++++++++++++++++++++++++++------------ - 1 file changed, 69 insertions(+), 24 deletions(-) - -diff --git a/miscutils/fbsplash.c b/miscutils/fbsplash.c -index 1c206ef53..500e04fcc 100644 ---- a/miscutils/fbsplash.c -+++ b/miscutils/fbsplash.c -@@ -54,7 +54,7 @@ - //usage: "\n -d Framebuffer device (default /dev/fb0)" - //usage: "\n -i Config file (var=value):" - //usage: "\n BAR_LEFT,BAR_TOP,BAR_WIDTH,BAR_HEIGHT" --//usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP" -+//usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP,IMG_ALIGN" - //usage: "\n -f Control pipe (else exit after drawing image)" - //usage: "\n commands: 'NN' (% for progress bar) or 'exit'" - //usage: "\n -T Switch to TTY to hide all console messages" -@@ -73,13 +73,39 @@ - - #define ESC "\033" - -+enum { -+ bar_width, -+ bar_height, -+ bar_posx, -+ bar_posy, -+ bar_colr, -+ bar_colg, -+ bar_colb, -+ nimg_posx, -+ nimg_posy, -+ nimg_align, -+ num_ns_opts, -+ debug = num_ns_opts, -+}; -+ -+#define nbar_width ns[bar_width] -+#define nbar_height ns[bar_height] -+#define nbar_posx ns[bar_posx] -+#define nbar_posy ns[bar_posy] -+#define nbar_colr ns[bar_colr] -+#define nbar_colg ns[bar_colg] -+#define nbar_colb ns[bar_colb] -+#define img_posx ns[nimg_posx] -+#define img_posy ns[nimg_posy] -+#define img_align ns[nimg_align] -+ - struct globals { - #if DEBUG - bool bdebug_messages; // enable/disable logging - FILE *logfile_fd; // log file - #endif - unsigned char *addr; // pointer to framebuffer memory -- unsigned ns[9]; // n-parameters -+ unsigned ns[num_ns_opts]; // n-parameters - const char *image_filename; - int silent_tty, fd_tty_s; - bool do_not_draw; -@@ -96,16 +122,6 @@ struct globals { - SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \ - } while (0) - --#define nbar_width ns[0] // progress bar width --#define nbar_height ns[1] // progress bar height --#define nbar_posx ns[2] // progress bar horizontal position --#define nbar_posy ns[3] // progress bar vertical position --#define nbar_colr ns[4] // progress bar color red component --#define nbar_colg ns[5] // progress bar color green component --#define nbar_colb ns[6] // progress bar color blue component --#define img_posx ns[7] // image horizontal position --#define img_posy ns[8] // image vertical position -- - #if DEBUG - #define DEBUG_MESSAGE(strMessage, args...) \ - if (G.bdebug_messages) { \ -@@ -386,7 +402,7 @@ static void fb_drawimage(void) - FILE *theme_file; - char *read_ptr; - unsigned char *pixline; -- unsigned i, j, width, height, line_size; -+ int i, j, width, height, line_size, xoffs, yoffs, xstart; - - if (LONE_DASH(G.image_filename)) { - theme_file = stdin; -@@ -436,18 +452,39 @@ static void fb_drawimage(void) - line_size = width*3; - pixline = xmalloc(line_size); - -- if ((width + G.img_posx) > G.scr_var.xres) -- width = G.scr_var.xres - G.img_posx; -- if ((height + G.img_posy) > G.scr_var.yres) -- height = G.scr_var.yres - G.img_posy; -- for (j = 0; j < height; j++) { -+ xoffs = G.img_posx; -+ switch (G.img_align % 3) { -+ case 1: xoffs += (G.scr_var.xres - width) / 2; break; -+ case 2: xoffs += G.scr_var.xres - width; break; -+ } -+ xstart = 0; -+ if (xoffs < 0) { -+ xstart = -xoffs; -+ xoffs = 0; -+ } -+ if ((width + xoffs) > G.scr_var.xres) -+ width = G.scr_var.xres - xoffs; -+ -+ yoffs = G.img_posy; -+ switch (G.img_align / 3) { -+ case 1: yoffs += (G.scr_var.yres - height) / 2; break; -+ case 2: yoffs += G.scr_var.yres - height; break; -+ } -+ if ((height + yoffs) > G.scr_var.yres) -+ height = G.scr_var.yres - yoffs; -+ -+ for (j = 0; j < height; j++, yoffs++) { - unsigned char *pixel; - unsigned char *src; - - if (fread(pixline, 1, line_size, theme_file) != line_size) - bb_error_msg_and_die("bad PPM file '%s'", G.image_filename); -- pixel = pixline; -- src = G.addr + (G.img_posy + j) * G.scr_fix.line_length + G.img_posx * G.bytes_per_pixel; -+ -+ if (yoffs < 0) -+ continue; -+ -+ pixel = pixline + xstart * 3; -+ src = G.addr + yoffs * G.scr_fix.line_length + xoffs * G.bytes_per_pixel; - for (i = 0; i < width; i++) { - unsigned thispix = fb_pixel_value(pixel[0], pixel[1], pixel[2]); - fb_write_pixel(src, thispix); -@@ -466,11 +503,15 @@ static void fb_drawimage(void) - */ - static void init(const char *cfg_filename) - { -+ static const char align_names[] ALIGN1 = -+ "LT\0" "CT\0" "RT\0" -+ "LM\0" "CM\0" "RM\0" -+ "LB\0" "CB\0" "RB\0"; - static const char param_names[] ALIGN1 = - "BAR_WIDTH\0" "BAR_HEIGHT\0" - "BAR_LEFT\0" "BAR_TOP\0" - "BAR_R\0" "BAR_G\0" "BAR_B\0" -- "IMG_LEFT\0" "IMG_TOP\0" -+ "IMG_LEFT\0" "IMG_TOP\0" "IMG_ALIGN\0" - #if DEBUG - "DEBUG\0" - #endif -@@ -479,14 +520,18 @@ static void init(const char *cfg_filename) - parser_t *parser = config_open2(cfg_filename, xfopen_stdin); - while (config_read(parser, token, 2, 2, "#=", - (PARSE_NORMAL | PARSE_MIN_DIE) & ~(PARSE_TRIM | PARSE_COLLAPSE))) { -- unsigned val = xatoi_positive(token[1]); -+ unsigned val; - int i = index_in_strings(param_names, token[0]); - if (i < 0) - bb_error_msg_and_die("syntax error: %s", token[0]); -- if (i >= 0 && i < 9) -+ if (i == nimg_align) -+ val = index_in_strings(align_names, token[1]); -+ else -+ val = xatoi_positive(token[1]); -+ if (i < num_ns_opts) - G.ns[i] = val; - #if DEBUG -- if (i == 9) { -+ if (i == debug) { - G.bdebug_messages = val; - if (G.bdebug_messages) - G.logfile_fd = xfopen_for_write("/tmp/fbsplash.log"); diff --git a/aports/busybox/0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch b/aports/busybox/0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch new file mode 100644 index 0000000..1655042 --- /dev/null +++ b/aports/busybox/0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch @@ -0,0 +1,138 @@ +From 513d186f420176c3a1be8843fee6a42cbd57cb35 Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Mon, 22 Nov 2021 11:06:05 -0600 +Subject: [PATCH] pgrep: add support for matching against UID and RUID +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This is standard functionality on every other pgrep implementation I +found, namely the ones in Illumos, FreeBSD, Linux procps, and macOS. + +Additionally, real world scripts like pipewire-session are dependent +on it being present. + +function old new delta +pgrep_main 818 1007 +189 +packed_usage 26001 26032 +31 +.rodata 78544 78548 +4 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 3/0 up/down: 224/0) Total: 224 bytes + +Signed-off-by: Ariadne Conill +--- + procps/pgrep.c | 37 +++++++++++++++++++++++++++++++++---- + 1 file changed, 33 insertions(+), 4 deletions(-) + +diff --git a/procps/pgrep.c b/procps/pgrep.c +index 82e00322f..c1f7208f5 100644 +--- a/procps/pgrep.c ++++ b/procps/pgrep.c +@@ -42,6 +42,8 @@ + //usage: "\n -x Match whole name (not substring)" + //usage: "\n -s Match session ID (0 for current)" + //usage: "\n -P Match parent process ID" ++//usage: "\n -u EUID Match against effective UID" ++//usage: "\n -U UID Match against UID" + //usage: + //usage:#define pkill_trivial_usage + //usage: "[-l|-SIGNAL] [-xfvnoe] [-s SID|-P PPID|PATTERN]" +@@ -56,6 +58,8 @@ + //usage: "\n -n Signal the newest process only" + //usage: "\n -o Signal the oldest process only" + //usage: "\n -e Display name and PID of the process being killed" ++//usage: "\n -u EUID Match against effective UID" ++//usage: "\n -U UID Match against UID" + + #include "libbb.h" + #include "xregex.h" +@@ -65,7 +69,7 @@ + #define pkill (ENABLE_PKILL && (!ENABLE_PGREP || applet_name[1] == 'k')) + + enum { +- /* "vlafxones:+P:+" */ ++ /* "vlafxoneu:U:s:+P:+" */ + OPTBIT_V = 0, /* must be first, we need OPT_INVERT = 0/1 */ + OPTBIT_L, + OPTBIT_A, +@@ -74,6 +78,8 @@ enum { + OPTBIT_O, + OPTBIT_N, + OPTBIT_E, /* should be pkill-only, do we care? */ ++ OPTBIT_U, ++ OPTBIT_UL, + OPTBIT_S, + OPTBIT_P, + }; +@@ -88,6 +94,8 @@ enum { + #define OPT_ECHO (opt & (1 << OPTBIT_E)) + #define OPT_SID (opt & (1 << OPTBIT_S)) + #define OPT_PPID (opt & (1 << OPTBIT_P)) ++#define OPT_EUID (opt & (1 << OPTBIT_UL)) ++#define OPT_RUID (opt & (1 << OPTBIT_U)) + + static void act(unsigned pid, char *cmd, int signo) + { +@@ -112,7 +120,8 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) + unsigned opt; + int scan_mask; + int matched_pid; +- int sid2match, ppid2match; ++ int sid2match, ppid2match, uid2match, euid2match; ++ char *uid_arg = NULL, *euid_arg = NULL; + char *cmd_last; + procps_status_t *proc; + /* These are initialized to 0 */ +@@ -138,7 +147,9 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) + /* Parse remaining options */ + ppid2match = -1; + sid2match = -1; +- opt = getopt32(argv, "vlafxones:+P:+", &sid2match, &ppid2match); ++ uid2match = -1; ++ euid2match = -1; ++ opt = getopt32(argv, "vlafxoneu:U:s:+P:+", &euid_arg, &uid_arg, &sid2match, &ppid2match); + argv += optind; + + if (pkill && OPT_LIST) { /* -l: print the whole signal list */ +@@ -154,8 +165,18 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) + if (OPT_FULL) + scan_mask |= PSSCAN_ARGVN; + ++ if (euid_arg) { ++ scan_mask |= PSSCAN_UIDGID; ++ euid2match = get_ug_id(euid_arg, xuname2uid); ++ } ++ ++ if (uid_arg) { ++ scan_mask |= PSSCAN_RUIDGID; ++ uid2match = get_ug_id(uid_arg, xuname2uid); ++ } ++ + /* One pattern is required, if no -s and no -P */ +- if ((sid2match & ppid2match) < 0 && (!argv[0] || argv[1])) ++ if ((sid2match & ppid2match) < 0 && uid2match < 0 && euid2match < 0 && (!argv[0] || argv[1])) + bb_show_usage(); + + if (argv[0]) +@@ -177,6 +198,10 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) + continue; + if (sid2match >= 0 && sid2match != proc->sid) + continue; ++ if (euid2match >= 0 && euid2match != proc->uid) ++ continue; ++ if (uid2match >= 0 && uid2match != proc->ruid) ++ continue; + } + + cmdlen = -1; +@@ -209,6 +234,10 @@ int pgrep_main(int argc UNUSED_PARAM, char **argv) + goto got_it; + if (sid2match >= 0 && sid2match != proc->sid) + goto got_it; ++ if (euid2match >= 0 && euid2match != proc->uid) ++ goto got_it; ++ if (uid2match >= 0 && uid2match != proc->ruid) ++ goto got_it; + } + + match = !argv[0]; /* if no PATTERN, then it's a match, else... */ diff --git a/aports/busybox/0009-depmod-support-generating-kmod-binary-index-files.patch b/aports/busybox/0009-depmod-support-generating-kmod-binary-index-files.patch deleted file mode 100644 index 9f697a5..0000000 --- a/aports/busybox/0009-depmod-support-generating-kmod-binary-index-files.patch +++ /dev/null @@ -1,507 +0,0 @@ -From 8d76137506e9c65404280694e56d9a7629d58280 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Timo=20Ter=C3=A4s?= -Date: Sun, 25 Oct 2015 22:21:41 +0200 -Subject: [PATCH] depmod: support generating kmod binary index files - -This allows to use busybox depmod, and run daemons using libkmod (or -even kmod modprobe if needed). - -About +1500 bytes when enabled. This patch merges some depmod code -paths, so when this is disabled it shrinks the code size a little bit. ---- - modutils/Config.src | 9 ++ - modutils/depmod.c | 281 ++++++++++++++++++++++++++++++++++++-------- - modutils/modprobe.c | 15 --- - modutils/modutils.c | 31 +++++ - modutils/modutils.h | 16 +++ - 5 files changed, 286 insertions(+), 66 deletions(-) - -diff --git a/modutils/Config.src b/modutils/Config.src -index 188296814..7a4c037ad 100644 ---- a/modutils/Config.src -+++ b/modutils/Config.src -@@ -152,6 +152,15 @@ config FEATURE_MODUTILS_ALIAS - - Say Y if unsure. - -+config FEATURE_MODUTILS_BIN -+ bool "Support for the kmod .bin file format" -+ default n -+ depends on DEPMOD && !MODPROBE_SMALL -+ help -+ Generate kmod compatible binary index files for .dep, .alias, -+ .symbols and .builtin files. Allows mixing use of busybox -+ modutils and kmod (binaries and library). -+ - config FEATURE_MODUTILS_SYMBOLS - bool "Support module.symbols file" - default y -diff --git a/modutils/depmod.c b/modutils/depmod.c -index b5244fc60..26e223753 100644 ---- a/modutils/depmod.c -+++ b/modutils/depmod.c -@@ -2,7 +2,7 @@ - /* - * depmod - generate modules.dep - * Copyright (c) 2008 Bernhard Reutner-Fischer -- * Copyrihgt (c) 2008 Timo Teras -+ * Copyrihgt (c) 2008-2015 Timo Teras - * Copyright (c) 2008 Vladimir Dronnikov - * - * Licensed under GPLv2 or later, see file LICENSE in this source tree. -@@ -26,6 +26,24 @@ - #include "modutils.h" - #include /* uname() */ - -+#define INDEX_MINCHAR 32 -+#define INDEX_MAXCHAR 128 -+ -+typedef struct index_node { -+ char *prefix; -+ llist_t *values; -+ struct index_node *children[INDEX_MAXCHAR-INDEX_MINCHAR]; -+} index_node; -+ -+struct globals { -+ module_db db; -+ index_node *root_node; -+} FIX_ALIASING; -+#define G (*ptr_to_globals) -+#define INIT_G() do { \ -+ SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \ -+} while (0) -+ - /* - * Theory of operation: - * - iterate over all modules and record their full path -@@ -53,18 +71,12 @@ static int FAST_FUNC parse_module(const char *fname, struct stat *sb UNUSED_PARA - - for (ptr = image; ptr < image + len - 10; ptr++) { - if (is_prefixed_with(ptr, "depends=")) { -- char *u; -- - ptr += 8; -- for (u = ptr; *u; u++) -- if (*u == '-') -- *u = '_'; -- ptr += string_to_llist(ptr, &e->deps, ","); -+ string_to_llist(replace_underscores(ptr), &e->deps, ","); - } else if (ENABLE_FEATURE_MODUTILS_ALIAS - && is_prefixed_with(ptr, "alias=") - ) { -- llist_add_to(&e->aliases, xstrdup(ptr + 6)); -- ptr += strlen(ptr); -+ llist_add_to(&e->aliases, replace_underscores(xstrdup(ptr + 6))); - } else if (ENABLE_FEATURE_MODUTILS_SYMBOLS - && is_prefixed_with(ptr, "__ksymtab_") - ) { -@@ -74,9 +86,10 @@ static int FAST_FUNC parse_module(const char *fname, struct stat *sb UNUSED_PARA - ) { - continue; - } -- llist_add_to(&e->symbols, xstrdup(ptr)); -- ptr += strlen(ptr); -- } -+ llist_add_to(&e->symbols, xasprintf("symbol:%s", ptr)); -+ } else -+ continue; -+ ptr += strlen(ptr); - } - free(image); - -@@ -108,12 +121,6 @@ static void order_dep_list(module_db *modules, module_entry *start, llist_t *add - } - } - --static void xfreopen_write(const char *file, FILE *f) --{ -- if (freopen(file, "w", f) == NULL) -- bb_perror_msg_and_die("can't open '%s'", file); --} -- - //usage:#if !ENABLE_MODPROBE_SMALL - //usage:#define depmod_trivial_usage "[-n] [-b BASE] [VERSION] [MODFILES]..." - //usage:#define depmod_full_usage "\n\n" -@@ -167,6 +174,169 @@ enum { - OPT_C = (1 << 9), /* -C,--config etc_modules_conf: ignored */ - }; - -+/* Support for the mod binary index generation */ -+ -+static void index_init(const char *filename) -+{ -+ if (ENABLE_FEATURE_MODUTILS_BIN) { -+ index_node *n; -+ -+ n = xzalloc(sizeof(index_node)); -+ n->prefix = xstrdup(""); -+ G.root_node = n; -+ } -+ -+ if (filename && !(option_mask32 & OPT_n)) { -+ if (freopen(filename, "w", stdout) == NULL) -+ bb_perror_msg_and_die("can't open '%s'", filename); -+ } -+} -+ -+static void index_add(const char *key, char *value, const char *prefix) -+{ -+ if (prefix && *prefix) -+ printf("%s%s %s\n", prefix, key, value); -+ else if (prefix) -+ printf("%s\n", value); -+ -+ if (ENABLE_FEATURE_MODUTILS_BIN) { -+ index_node *cur = G.root_node, *n; -+ unsigned i = 0, j, ch; -+ -+ while (1) { -+ /* Ensure node->prefix is a prefix of &str[i]. -+ * If it is not already, then we must split node. */ -+ for (j = 0; cur->prefix[j]; j++) { -+ ch = cur->prefix[j]; -+ if (ch != key[i+j]) { -+ /* New child is copy of node with prefix[j+1..N] */ -+ n = xzalloc(sizeof(index_node)); -+ n->prefix = xstrdup(&cur->prefix[j+1]); -+ n->values = cur->values; -+ memcpy(n->children, cur->children, sizeof(n->children)); -+ -+ /* Parent has prefix[0..j], child at prefix[j] */ -+ cur->prefix[j] = '\0'; -+ cur->values = NULL; -+ memset(cur->children, 0, sizeof(cur->children)); -+ cur->children[ch-INDEX_MINCHAR] = n; -+ break; -+ } -+ } -+ i += j; -+ -+ ch = key[i]; -+ if (ch == 0) -+ break; -+ -+ if (ch < INDEX_MINCHAR || ch >= INDEX_MAXCHAR) -+ bb_simple_error_msg_and_die("bad module name"); -+ -+ ch -= INDEX_MINCHAR; -+ if (!cur->children[ch]) { -+ n = xzalloc(sizeof(index_node)); -+ cur->children[ch] = n; -+ n->prefix = xstrdup(&key[i+1]); -+ cur = n; -+ break; -+ } -+ -+ /* Descend into child node and continue */ -+ cur = cur->children[ch]; -+ i++; -+ } -+ -+ llist_add_to(&cur->values, value); -+ } -+} -+ -+static uint32_t index_write_node(FILE *out, index_node *n, void (*freeit)(void *data)) -+{ -+ uint32_t child_offs[INDEX_MAXCHAR-INDEX_MINCHAR]; -+ uint32_t offset; -+ uint8_t first = 255, last = 0; -+ unsigned i; -+ -+ for (i = 0; i < INDEX_MAXCHAR-INDEX_MINCHAR; i++) { -+ child_offs[i] = 0; -+ if (!n->children[i]) -+ continue; -+ child_offs[i] = index_write_node(out, n->children[i], freeit); -+ if (first > INDEX_MAXCHAR) -+ first = i; -+ last = i; -+ } -+ -+ offset = ftell(out); -+ -+ if (n->prefix[0]) { -+ fputs(n->prefix, out); -+ fputc('\0', out); -+ offset |= INDEX_NODE_PREFIX; -+ } -+ -+ if (first < INDEX_MAXCHAR) { -+ fputc(first + INDEX_MINCHAR, out); -+ fputc(last + INDEX_MINCHAR, out); -+ fwrite(child_offs + first, sizeof(uint32_t), last - first + 1, out); -+ offset |= INDEX_NODE_CHILDS; -+ } -+ -+ if (n->values) { -+ const llist_t *v; -+ unsigned int cnt; -+ uint32_t u; -+ -+ n->values = llist_rev(n->values); -+ for (v = n->values, cnt = 0; v != NULL; v = v->link, cnt++); -+ u = htonl(cnt); -+ fwrite(&u, sizeof(u), 1, out); -+ for (v = n->values, cnt = 0; v != NULL; v = v->link, cnt++) { -+ u = htonl(cnt); -+ fwrite(&u, sizeof(u), 1, out); -+ fputs(v->data, out); -+ fputc('\0', out); -+ } -+ offset |= INDEX_NODE_VALUES; -+ } -+ -+ llist_free(n->values, freeit); -+ free(n->prefix); -+ free(n); -+ -+ return htonl(offset); -+} -+ -+static void index_dump(const char *filename, int deps_file) -+{ -+ if (ENABLE_FEATURE_MODUTILS_BIN) { -+ FILE *out; -+ uint32_t header[3] = { -+ htonl(INDEX_MAGIC), -+ htonl(INDEX_VERSION), -+ }; -+ -+ if (option_mask32 & OPT_n) -+ filename = "/dev/null"; -+ else -+ filename = xasprintf("tmp.%s.bin", filename); -+ -+ out = xfopen_for_write(filename); -+ fwrite(header, sizeof(uint32_t), 3, out); -+ header[2] = index_write_node(out, G.root_node, deps_file ? free : 0); -+ rewind(out); -+ G.root_node = NULL; -+ fwrite(header, sizeof(uint32_t), 3, out); -+ if (fclose(out)) { -+ remove(filename); -+ bb_simple_error_msg_and_die(bb_msg_write_error); -+ } -+ /* .bin files are mmap'ed; not renaming it may crash -+ * long standing daemon using libkmod */ -+ rename_or_warn(filename, filename + 4); -+ } -+} -+ - int depmod_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; - int depmod_main(int argc UNUSED_PARAM, char **argv) - { -@@ -178,6 +348,8 @@ int depmod_main(int argc UNUSED_PARAM, char **argv) - unsigned i; - int tmp; - -+ INIT_G(); -+ - getopt32(argv, "aAb:eF:nruqC:", &moddir_base, NULL, NULL); - argv += optind; - -@@ -210,53 +382,60 @@ int depmod_main(int argc UNUSED_PARAM, char **argv) - } - - /* Generate dependency and alias files */ -- if (!(option_mask32 & OPT_n)) -- xfreopen_write(CONFIG_DEFAULT_DEPMOD_FILE, stdout); -- -+ index_init(CONFIG_DEFAULT_DEPMOD_FILE); - moddb_foreach_module(&modules, m, i) { -- printf("%s:", m->name); -- -+ char *buf = xasprintf("%s:", m->name); - order_dep_list(&modules, m, m->deps); -+ - while (m->dnext != m) { - dep = m->dnext; -- printf(" %s", dep->name); -- -+ buf = gather_options_str(buf, dep->name); - /* unlink current entry */ - dep->dnext->dprev = dep->dprev; - dep->dprev->dnext = dep->dnext; - dep->dnext = dep->dprev = dep; - } -- bb_putchar('\n'); -+ index_add(m->modname, buf, ""); - } -- --#if ENABLE_FEATURE_MODUTILS_ALIAS -- if (!(option_mask32 & OPT_n)) -- xfreopen_write("modules.alias", stdout); -- moddb_foreach_module(&modules, m, i) { -- while (m->aliases) { -- /* -- * Last word used to be a basename -- * (filename with path and .ko.* stripped) -- * at the time of module-init-tools 3.4. -- * kmod v.12 uses module name, i.e., s/-/_/g. -- */ -- printf("alias %s %s\n", -- (char*)llist_pop(&m->aliases), -- m->modname); -+ index_dump(CONFIG_DEFAULT_DEPMOD_FILE, 1); -+ -+ if (ENABLE_FEATURE_MODUTILS_ALIAS) { -+ index_init("modules.alias"); -+ moddb_foreach_module(&modules, m, i) { -+ while (m->aliases) { -+ /* -+ * Last word used to be a basename -+ * (filename with path and .ko.* stripped) -+ * at the time of module-init-tools 3.4. -+ * kmod v.12 uses module name, i.e., s/-/_/g. -+ */ -+ index_add((char*)llist_pop(&m->aliases), m->modname, "alias "); -+ } - } -+ index_dump("modules.alias", 0); - } --#endif --#if ENABLE_FEATURE_MODUTILS_SYMBOLS -- if (!(option_mask32 & OPT_n)) -- xfreopen_write("modules.symbols", stdout); -- moddb_foreach_module(&modules, m, i) { -- while (m->symbols) { -- printf("alias symbol:%s %s\n", -- (char*)llist_pop(&m->symbols), -- m->modname); -+ if (ENABLE_FEATURE_MODUTILS_SYMBOLS) { -+ index_init("modules.symbols"); -+ moddb_foreach_module(&modules, m, i) { -+ while (m->symbols) { -+ index_add((char*)llist_pop(&m->symbols), m->modname, "alias "); -+ } -+ } -+ index_dump("modules.symbols", 0); -+ } -+ if (ENABLE_FEATURE_MODUTILS_BIN) { -+ char line[PATH_MAX], modname[MODULE_NAME_LEN]; -+ FILE *in; -+ -+ index_init(NULL); -+ in = xfopen_for_read("modules.builtin"); -+ while (fgets(line, sizeof(line), in) != NULL) { -+ filename2modname(line, modname); -+ index_add(modname, (char *) "", 0); - } -+ fclose(in); -+ index_dump("modules.builtin", 0); - } --#endif - - if (ENABLE_FEATURE_CLEAN_UP) - moddb_free(&modules); -diff --git a/modutils/modprobe.c b/modutils/modprobe.c -index 0a372a049..20a60c1a6 100644 ---- a/modutils/modprobe.c -+++ b/modutils/modprobe.c -@@ -192,21 +192,6 @@ struct globals { - - static int read_config(const char *path); - --static char *gather_options_str(char *opts, const char *append) --{ -- /* Speed-optimized. We call gather_options_str many times. */ -- if (append) { -- if (opts == NULL) { -- opts = xstrdup(append); -- } else { -- int optlen = strlen(opts); -- opts = xrealloc(opts, optlen + strlen(append) + 2); -- sprintf(opts + optlen, " %s", append); -- } -- } -- return opts; --} -- - static struct module_entry *get_or_add_modentry(const char *module) - { - return moddb_get_or_create(&G.db, module); -diff --git a/modutils/modutils.c b/modutils/modutils.c -index 6f7cd9721..257089af4 100644 ---- a/modutils/modutils.c -+++ b/modutils/modutils.c -@@ -66,6 +66,21 @@ void FAST_FUNC moddb_free(module_db *db) - } - } - -+char * FAST_FUNC gather_options_str(char *opts, const char *append) -+{ -+ /* Speed-optimized. We call gather_options_str many times. */ -+ if (append) { -+ if (opts == NULL) { -+ opts = xstrdup(append); -+ } else { -+ int optlen = strlen(opts); -+ opts = xrealloc(opts, optlen + strlen(append) + 2); -+ sprintf(opts + optlen, " %s", append); -+ } -+ } -+ return opts; -+} -+ - void FAST_FUNC replace(char *s, char what, char with) - { - while (*s) { -@@ -75,6 +90,22 @@ void FAST_FUNC replace(char *s, char what, char with) - } - } - -+char* FAST_FUNC replace_underscores(char *s) -+{ -+ int i; -+ for (i = 0; s[i]; i++) { -+ switch (s[i]) { -+ case '-': -+ s[i] = '_'; -+ break; -+ case '[': -+ i += strcspn(&s[i], "]"); -+ break; -+ } -+ } -+ return s; -+} -+ - int FAST_FUNC string_to_llist(char *string, llist_t **llist, const char *delim) - { - char *tok; -diff --git a/modutils/modutils.h b/modutils/modutils.h -index 4a702e97c..73e816028 100644 ---- a/modutils/modutils.h -+++ b/modutils/modutils.h -@@ -18,6 +18,20 @@ PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN - #define MODULE_NAME_LEN 256 - #define MODULE_HASH_SIZE 256 - -+/* .bin index format definitions */ -+#define INDEX_MAGIC 0xB007F457 -+#define INDEX_VERSION_MAJOR 0x0002 -+#define INDEX_VERSION_MINOR 0x0001 -+#define INDEX_VERSION ((INDEX_VERSION_MAJOR<<16)|INDEX_VERSION_MINOR) -+ -+enum node_offset { -+ INDEX_NODE_FLAGS = 0xF0000000, /* Flags in high nibble */ -+ INDEX_NODE_PREFIX = 0x80000000, -+ INDEX_NODE_VALUES = 0x40000000, -+ INDEX_NODE_CHILDS = 0x20000000, -+ INDEX_NODE_MASK = 0x0FFFFFFF, /* Offset value */ -+}; -+ - typedef struct module_entry { - struct module_entry *next; - char *name, *modname; -@@ -47,7 +61,9 @@ module_entry *moddb_get(module_db *db, const char *s) FAST_FUNC; - module_entry *moddb_get_or_create(module_db *db, const char *s) FAST_FUNC; - void moddb_free(module_db *db) FAST_FUNC; - -+char *gather_options_str(char *opts, const char *append) FAST_FUNC; - void replace(char *s, char what, char with) FAST_FUNC; -+char *replace_underscores(char *s) FAST_FUNC; - int string_to_llist(char *string, llist_t **llist, const char *delim) FAST_FUNC; - char *filename2modname(const char *filename, char *modname) FAST_FUNC; - #if ENABLE_FEATURE_CMDLINE_MODULE_OPTIONS diff --git a/aports/busybox/0009-properly-fix-wget-https-support.patch b/aports/busybox/0009-properly-fix-wget-https-support.patch new file mode 100644 index 0000000..9feff7c --- /dev/null +++ b/aports/busybox/0009-properly-fix-wget-https-support.patch @@ -0,0 +1,72 @@ +From a93754ca66630221d10d1307b9cd165bed63d68e Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Wed, 30 May 2018 09:40:33 +0000 +Subject: [PATCH] properly fix wget https support +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +See: https://git.alpinelinux.org/cgit/aports/commit/?id=1d0560a9b6b5597b191e5aff69a31c2fe0aba273 +--- + networking/wget.c | 21 ++++++++++++--------- + 1 file changed, 12 insertions(+), 9 deletions(-) + +diff --git a/networking/wget.c b/networking/wget.c +index 9ec0e67b9..66959058c 100644 +--- a/networking/wget.c ++++ b/networking/wget.c +@@ -57,7 +57,6 @@ + //config: bool "Support HTTPS using internal TLS code" + //config: default y + //config: depends on WGET +-//config: select TLS + //config: help + //config: wget will use internal TLS code to connect to https:// URLs. + //config: It also enables FTPS support, but it's not well tested yet. +@@ -772,10 +771,8 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) + int pid; + char *servername, *p; + +- if (!(option_mask32 & WGET_OPT_NO_CHECK_CERT)) { +- option_mask32 |= WGET_OPT_NO_CHECK_CERT; +- bb_simple_error_msg("note: TLS certificate validation not implemented"); +- } ++ if (ENABLE_SSL_CLIENT && !(option_mask32 & WGET_OPT_NO_CHECK_CERT)) ++ bb_simple_error_msg_and_die("note: TLS certificate validation not implemented"); + + servername = xstrdup(host); + p = strrchr(servername, ':'); +@@ -792,14 +789,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) + close(sp[0]); + xmove_fd(sp[1], 0); + xdup2(0, 1); +- if (BB_MMU) { ++ if (BB_MMU && ENABLE_TLS && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) { + tls_state_t *tls = new_tls_state(); + tls->ifd = tls->ofd = network_fd; + tls_handshake(tls, servername); + tls_run_copy_loop(tls, flags); + exit(0); + } else { +- char *argv[6]; ++ char *argv[7], **a; + + xmove_fd(network_fd, 3); + argv[0] = (char*)"ssl_client"; +@@ -807,8 +804,14 @@ static void spawn_ssl_client(const char *host, int network_fd, int flags) + //TODO: if (!is_ip_address(servername))... + argv[2] = (char*)"-n"; + argv[3] = servername; +- argv[4] = (flags & TLSLOOP_EXIT_ON_LOCAL_EOF ? (char*)"-e" : NULL); +- argv[5] = NULL; ++ ++ a = &argv[4]; ++ if (flags & TLSLOOP_EXIT_ON_LOCAL_EOF) ++ *a++ = (char*)"-e"; ++ if (!ENABLE_SSL_CLIENT && (option_mask32 & WGET_OPT_NO_CHECK_CERT)) ++ *a++= (char*)"-I"; ++ *a = NULL; ++ + BB_EXECVP(argv[0], argv); + bb_perror_msg_and_die("can't execute '%s'", argv[0]); + } diff --git a/aports/busybox/0010-Add-flag-for-not-following-symlinks-when-recursing.patch b/aports/busybox/0010-Add-flag-for-not-following-symlinks-when-recursing.patch deleted file mode 100644 index e647d8d..0000000 --- a/aports/busybox/0010-Add-flag-for-not-following-symlinks-when-recursing.patch +++ /dev/null @@ -1,56 +0,0 @@ -From 03293c16e509501ce7ec952900413138475f125d Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Fri, 25 Jul 2014 15:28:33 +0200 -Subject: [PATCH] Add flag for not following symlinks when recursing - -function old new delta -.rodata 7934 7967 +33 -diff_longopts 253 270 +17 -packed_usage 1704 1720 +16 -diff_main 1665 1662 -3 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 3/1 up/down: 66/-3) Total: 63 bytes ---- - editors/diff.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/editors/diff.c b/editors/diff.c -index 280091756..42a36e2d4 100644 ---- a/editors/diff.c -+++ b/editors/diff.c -@@ -113,6 +113,9 @@ - //usage: "\n -N Treat absent files as empty" - //usage: "\n -q Output only whether files differ" - //usage: "\n -r Recurse" -+//usage: IF_LONG_OPTS( -+//usage: "\n --no-dereference Don't follow symlinks" -+//usage: ) - //usage: "\n -S Start with FILE when comparing directories" - //usage: "\n -T Make tabs line up by prefixing a tab when necessary" - //usage: "\n -s Report when two files are the same" -@@ -154,6 +157,7 @@ enum { /* Commandline flags */ - FLAG_p, /* not implemented */ - FLAG_B, - FLAG_E, /* not implemented */ -+ FLAG_no_deref, - }; - #define FLAG(x) (1 << FLAG_##x) - -@@ -867,7 +871,8 @@ static void diffdir(char *p[2], const char *s_start) - * Using list.len to specify its length, - * add_to_dirlist will remove it. */ - list[i].len = strlen(p[i]); -- recursive_action(p[i], ACTION_RECURSE | ACTION_FOLLOWLINKS, -+ recursive_action(p[i], ACTION_RECURSE | -+ ((option_mask32 & FLAG(no_deref)) ? 0 : ACTION_FOLLOWLINKS), - add_to_dirlist, skip_dir, &list[i]); - /* Sort dl alphabetically. - * GNU diff does this ignoring any number of trailing dots. -@@ -964,6 +969,7 @@ static const char diff_longopts[] ALIGN1 = - "report-identical-files\0" No_argument "s" - "starting-file\0" Required_argument "S" - "minimal\0" No_argument "d" -+ "no-dereference\0" No_argument "\xff" - ; - # define GETOPT32 getopt32long - # define LONGOPTS ,diff_longopts diff --git a/aports/busybox/0010-sed-check-errors-writing-file-with-sed-i.patch b/aports/busybox/0010-sed-check-errors-writing-file-with-sed-i.patch new file mode 100644 index 0000000..f1cc0a8 --- /dev/null +++ b/aports/busybox/0010-sed-check-errors-writing-file-with-sed-i.patch @@ -0,0 +1,63 @@ +From 97e305025e987e77da488133ded31c1e81a0282b Mon Sep 17 00:00:00 2001 +From: Dominique Martinet +Date: Wed, 16 Nov 2022 07:08:13 +0900 +Subject: [PATCH] sed: check errors writing file with sed -i +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +sed would currently not error if write failed when modifying a file. + +This can be reproduced with the following 'script': +$ sudo mount -t tmpfs tmpfs -o size=1M /tmp/m +$ sudo chmod 777 /tmp/m +$ echo foo > /tmp/m/foo +$ dd if=/dev/zero of=/tmp/m/fill bs=4k +dd: error writing '/tmp/m/fill': No space left on device +256+0 records in +255+0 records out +1044480 bytes (1.0 MB, 1020 KiB) copied, 0.00234567 s, 445 MB/s +$ busybox sed -i -e 's/.*/bar/' /tmp/m/foo +$ echo $? +0 +$ cat /tmp/m/foo + + +new behaviour: +$ echo foo > /tmp/m/foo +$ ./busybox sed -i -e 's/.*/bar/' /tmp/m/foo +sed: write error +$ echo $? +4 +$ cat /tmp/m/foo +foo + +function old new delta +sed_main 754 801 +47 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 1/0 up/down: 47/0) Total: 47 bytes + text data bss dec hex filename + 66957 2398 1552 70907 114fb busybox_old + 67004 2398 1552 70954 1152a busybox_unstripped + +Signed-off-by: Dominique Martinet +--- + editors/sed.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/editors/sed.c b/editors/sed.c +index 00dde60be..6179c5e80 100644 +--- a/editors/sed.c ++++ b/editors/sed.c +@@ -1648,6 +1648,11 @@ int sed_main(int argc UNUSED_PARAM, char **argv) + fchown(nonstdoutfd, statbuf.st_uid, statbuf.st_gid); + + process_files(); ++ fflush(G.nonstdout); ++ if (ferror(G.nonstdout)) { ++ xfunc_error_retval = 4; /* It's what gnu sed exits with... */ ++ bb_simple_error_msg_and_die(bb_msg_write_error); ++ } + fclose(G.nonstdout); + G.nonstdout = stdout; + diff --git a/aports/busybox/0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch b/aports/busybox/0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch new file mode 100644 index 0000000..fe1a003 --- /dev/null +++ b/aports/busybox/0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch @@ -0,0 +1,59 @@ +From df153459261ed2683ebb7ab766eaee6b741426ae Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Tue, 28 Nov 2017 16:30:23 +0100 +Subject: [PATCH] fsck: resolve LABEL=.../UUID=... spec to device +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + e2fsprogs/fsck.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/e2fsprogs/fsck.c b/e2fsprogs/fsck.c +index 028f8a803..7a0921979 100644 +--- a/e2fsprogs/fsck.c ++++ b/e2fsprogs/fsck.c +@@ -60,6 +60,7 @@ + //usage: "\n -t TYPE List of filesystem types to check" + + #include "libbb.h" ++#include "volume_id.h" + #include "common_bufsiz.h" + + /* "progress indicator" code is somewhat buggy and ext[23] specific. +@@ -524,12 +525,13 @@ static int wait_many(int flags) + * Execute a particular fsck program, and link it into the list of + * child processes we are waiting for. + */ +-static void execute(const char *type, const char *device, ++static void execute(const char *type, const char *spec, + const char *mntpt /*, int interactive */) + { + int i; + struct fsck_instance *inst; + pid_t pid; ++ char *device = (char *)spec; + + G.args[0] = xasprintf("fsck.%s", type); + +@@ -544,7 +546,8 @@ static void execute(const char *type, const char *device, + } + #endif + +- G.args[G.num_args - 2] = (char*)device; ++ resolve_mount_spec(&device); ++ G.args[G.num_args - 2] = device; + /* G.args[G.num_args - 1] = NULL; - already is */ + + if (G.verbose || G.noexecute) { +@@ -973,9 +976,6 @@ int fsck_main(int argc UNUSED_PARAM, char **argv) + + /* "/dev/blk" or "/path" or "UUID=xxx" or "LABEL=xxx" */ + if ((arg[0] == '/' && !opts_for_fsck) || strchr(arg, '=')) { +-// FIXME: must check that arg is a blkdev, or resolve +-// "/path", "UUID=xxx" or "LABEL=xxx" into block device name +-// ("UUID=xxx"/"LABEL=xxx" can probably shifted to fsck.auto duties) + devices = xrealloc_vector(devices, 2, num_devices); + devices[num_devices++] = arg; + continue; diff --git a/aports/busybox/0012-nslookup-sanitize-all-printed-strings-with-printable.patch b/aports/busybox/0012-nslookup-sanitize-all-printed-strings-with-printable.patch new file mode 100644 index 0000000..63d72fe --- /dev/null +++ b/aports/busybox/0012-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -0,0 +1,67 @@ +From 2365aa9b62dd703cd279b94ede25ebb274cfe723 Mon Sep 17 00:00:00 2001 +From: Ariadne Conill +Date: Sun, 3 Apr 2022 20:44:51 +0000 +Subject: [PATCH] nslookup: sanitize all printed strings with printable_string +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Otherwise, terminal sequences can be injected, which enables various terminal injection +attacks from DNS results. + +CVE: Pending +Upstream-Status: Pending +Signed-off-by: Ariadne Conill +--- + networking/nslookup.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/networking/nslookup.c b/networking/nslookup.c +index 6da97baf4..4bdcde1b8 100644 +--- a/networking/nslookup.c ++++ b/networking/nslookup.c +@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } +- printf(format, ns_rr_name(rr), dname); ++ printf(format, ns_rr_name(rr), printable_string(dname)); + break; + + case ns_t_mx: +@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Cannot uncompress MX domain: %s\n", strerror(errno)); + return -1; + } +- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname); ++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname)); + break; + + case ns_t_txt: +@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + if (n > 0) { + memset(dname, 0, sizeof(dname)); + memcpy(dname, ns_rr_rdata(rr) + 1, n); +- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname); ++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname)); + } + break; + +@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + } + + printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr), +- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname); ++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname)); + break; + + case ns_t_soa: +@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + return -1; + } + +- printf("\tmail addr = %s\n", dname); ++ printf("\tmail addr = %s\n", printable_string(dname)); + cp += n; + + printf("\tserial = %lu\n", ns_get32(cp)); diff --git a/aports/busybox/0012-udhcpc-Don-t-background-if-n-is-given.patch b/aports/busybox/0012-udhcpc-Don-t-background-if-n-is-given.patch deleted file mode 100644 index 523768b..0000000 --- a/aports/busybox/0012-udhcpc-Don-t-background-if-n-is-given.patch +++ /dev/null @@ -1,96 +0,0 @@ -From 0cd01228c1e4173683637c4e582448656b26c05f Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Thu, 6 Jul 2017 11:40:14 +0200 -Subject: [PATCH] udhcpc: Don't background if -n is given - -we need add -b to our udhcpc options to prevent boot forever if there are no -dhcp server. We also need a way for users to disable this behavior by making -it possible to set -n option at runtime. - -Since busybox 1.31.0 -b takes precedence over -n [0]. However, since we -enable -b instead of -n by default (through our busyboxconfig) this is -not desired, this commit therefore also reverts the upstream patch -introducing this change. - -See also: https://bugs.busybox.net/11691 - -[0]: https://git.busybox.net/busybox/commit/?id=87e216294af9eec39c0c1d553555f8a98c15db38 ---- - networking/udhcp/d6_dhcpc.c | 20 +++++++------------- - networking/udhcp/dhcpc.c | 20 +++++++------------- - 2 files changed, 14 insertions(+), 26 deletions(-) - -diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_dhcpc.c -index 8d11a7539..0284a0fd8 100644 ---- a/networking/udhcp/d6_dhcpc.c -+++ b/networking/udhcp/d6_dhcpc.c -@@ -1401,25 +1401,19 @@ int udhcpc6_main(int argc UNUSED_PARAM, char **argv) - leasefail: - change_listen_mode(LISTEN_NONE); - d6_run_script_no_option("leasefail"); -+ if (opt & OPT_n) { /* abort if no lease */ -+ bb_simple_info_msg("no lease, failing"); -+ retval = 1; -+ goto ret; -+ } - #if BB_MMU /* -b is not supported on NOMMU */ - if (opt & OPT_b) { /* background if no lease */ - bb_simple_info_msg("no lease, forking to background"); - client_background(); - /* do not background again! */ -- opt = ((opt & ~(OPT_b|OPT_n)) | OPT_f); -- /* ^^^ also disables -n (-b takes priority over -n): -- * ifup's default udhcpc options are -R -n, -- * and users want to be able to add -b -- * (in a config file) to make it background -- * _and not exit_. -- */ -- } else --#endif -- if (opt & OPT_n) { /* abort if no lease */ -- bb_simple_info_msg("no lease, failing"); -- retval = 1; -- goto ret; -+ opt = ((opt & ~OPT_b) | OPT_f); - } -+#endif - /* Wait before trying again */ - timeout = tryagain_timeout; - packet_num = 0; -diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c -index bbf95caca..8e034ac8a 100644 ---- a/networking/udhcp/dhcpc.c -+++ b/networking/udhcp/dhcpc.c -@@ -1456,25 +1456,19 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv) - leasefail: - change_listen_mode(LISTEN_NONE); - d4_run_script(NULL, "leasefail"); -+ if (opt & OPT_n) { /* abort if no lease */ -+ bb_simple_info_msg("no lease, failing"); -+ retval = 1; -+ goto ret; -+ } - #if BB_MMU /* -b is not supported on NOMMU */ - if (opt & OPT_b) { /* background if no lease */ - bb_simple_info_msg("no lease, forking to background"); - client_background(); - /* do not background again! */ -- opt = ((opt & ~(OPT_b|OPT_n)) | OPT_f); -- /* ^^^ also disables -n (-b takes priority over -n): -- * ifup's default udhcpc options are -R -n, -- * and users want to be able to add -b -- * (in a config file) to make it background -- * _and not exit_. -- */ -- } else --#endif -- if (opt & OPT_n) { /* abort if no lease */ -- bb_simple_info_msg("no lease, failing"); -- retval = 1; -- goto ret; -+ opt = ((opt & ~OPT_b) | OPT_f); - } -+#endif - /* Wait before trying again */ - timeout = tryagain_timeout; - packet_num = 0; diff --git a/aports/busybox/0013-ash-exec-busybox.static.patch b/aports/busybox/0013-ash-exec-busybox.static.patch new file mode 100644 index 0000000..0458530 --- /dev/null +++ b/aports/busybox/0013-ash-exec-busybox.static.patch @@ -0,0 +1,25 @@ +From 69002bff6372fa6f7463271face3b3ead13aee4f Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Thu, 4 Aug 2016 02:09:48 +0200 +Subject: [PATCH] ash: exec busybox.static +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + shell/ash.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/shell/ash.c b/shell/ash.c +index cb38582fc..55ee4f56a 100644 +--- a/shell/ash.c ++++ b/shell/ash.c +@@ -8278,6 +8278,8 @@ tryexec(IF_FEATURE_SH_STANDALONE(int applet_no,) const char *cmd, char **argv, c + } + /* re-exec ourselves with the new arguments */ + execve(bb_busybox_exec_path, argv, envp); ++ execve("/bin/busybox.static",argv,envp); ++ execve("/bin/busybox",argv,envp); + /* If they called chroot or otherwise made the binary no longer + * executable, fall through */ + } diff --git a/aports/busybox/0013-ash-fix-unsafe-use-of-mempcpy.patch b/aports/busybox/0013-ash-fix-unsafe-use-of-mempcpy.patch deleted file mode 100644 index 944fd38..0000000 --- a/aports/busybox/0013-ash-fix-unsafe-use-of-mempcpy.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 7750b5a25a8cf9081b7c248687c876d0068e85bb Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Tue, 1 Mar 2022 09:56:54 +0100 -Subject: [PATCH] ash: fix unsafe use of mempcpy - -function old new delta -subevalvar 1549 1557 +8 - -Signed-off-by: Denys Vlasenko ---- - shell/ash.c | 8 +++++++- - 1 file changed, 7 insertions(+), 1 deletion(-) - -diff --git a/shell/ash.c b/shell/ash.c -index 54335c5dd..44ec2eafd 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7191,7 +7191,13 @@ subevalvar(char *start, char *str, int strloc, - len = orig_len - pos; - - if (!quotes) { -- loc = mempcpy(startp, startp + pos, len); -+ /* want: loc = mempcpy(startp, startp + pos, len) -+ * but it does not allow overlapping arguments */ -+ loc = startp; -+ while (--len >= 0) { -+ *loc = loc[pos]; -+ loc++; -+ } - } else { - for (vstr = startp; pos != 0; pos--) { - if ((unsigned char)*vstr == CTLESC) diff --git a/aports/busybox/0014-app-location-for-cpio-vi-and-lspci.patch b/aports/busybox/0014-app-location-for-cpio-vi-and-lspci.patch new file mode 100644 index 0000000..768462f --- /dev/null +++ b/aports/busybox/0014-app-location-for-cpio-vi-and-lspci.patch @@ -0,0 +1,55 @@ +From 42739bd6e55d90a9435ba76ea4bf7fbd49a68862 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Tue, 27 Dec 2016 19:38:39 +0100 +Subject: [PATCH] app location for cpio, vi and lspci +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Adjust location to where alpine linux installs them + +--- + archival/cpio.c | 2 +- + editors/vi.c | 2 +- + util-linux/lspci.c | 2 +- + 3 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/archival/cpio.c b/archival/cpio.c +index 7149782d7..ee80efd9f 100644 +--- a/archival/cpio.c ++++ b/archival/cpio.c +@@ -53,7 +53,7 @@ + //config: help + //config: Optionally renumber inodes when creating archives. + +-//applet:IF_CPIO(APPLET(cpio, BB_DIR_BIN, BB_SUID_DROP)) ++//applet:IF_CPIO(APPLET(cpio, BB_DIR_USR_BIN, BB_SUID_DROP)) + + //kbuild:lib-$(CONFIG_CPIO) += cpio.o + +diff --git a/editors/vi.c b/editors/vi.c +index 2645afe87..70c594353 100644 +--- a/editors/vi.c ++++ b/editors/vi.c +@@ -176,7 +176,7 @@ + //config: Enable more verbose reporting of the results of yank, change, + //config: delete, undo and substitution commands. + +-//applet:IF_VI(APPLET(vi, BB_DIR_BIN, BB_SUID_DROP)) ++//applet:IF_VI(APPLET(vi, BB_DIR_USR_BIN, BB_SUID_DROP)) + + //kbuild:lib-$(CONFIG_VI) += vi.o + +diff --git a/util-linux/lspci.c b/util-linux/lspci.c +index c22cbcc1e..70a623650 100644 +--- a/util-linux/lspci.c ++++ b/util-linux/lspci.c +@@ -15,7 +15,7 @@ + //config: + //config: This version uses sysfs (/sys/bus/pci/devices) only. + +-//applet:IF_LSPCI(APPLET_NOEXEC(lspci, lspci, BB_DIR_USR_BIN, BB_SUID_DROP, lspci)) ++//applet:IF_LSPCI(APPLET_NOEXEC(lspci, lspci, BB_DIR_USR_SBIN, BB_SUID_DROP, lspci)) + + //kbuild:lib-$(CONFIG_LSPCI) += lspci.o + diff --git a/aports/busybox/0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch b/aports/busybox/0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch deleted file mode 100644 index 6ff2b82..0000000 --- a/aports/busybox/0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch +++ /dev/null @@ -1,81 +0,0 @@ -From 103728181bfd9a60537166d036e5baca7b67cc1f Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Sat, 29 Jan 2022 06:11:12 +0100 -Subject: [PATCH] ash: fix use-after-free in bash pattern substitution -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -At Alpine Linux downstream, we were made aware of a segmentation fault -occurring during string replacement in BusyBox ash [0]. Further -debugging revealed that the segmentation fault occurs due to a -use-after-free in BusyBox's bash pattern substitution implementation. -Specially, the problem is that the repl variable (pointing to the -replacement string) points to a value in the stack string. However, when -accessing the repl pointer in Line 7350 it is possible that the stack -has been moved since the last repl assignment due to the STPUTC -invocations in Line 7317 and 7321 (since STPUTC may grow the stack via -realloc(3)). - -For this reason, the code in Line 7350 may access an unmapped memory -region and therefore causes a segmentation fault if prior STPUTC -invocations moved the stack via realloc(3). The valgrind output -for this edge case looks as follows: - - Invalid read of size 1 - at 0x15D8DD: subevalvar (ash.c:7350) - by 0x15DC43: evalvar (ash.c:7666) - by 0x15B717: argstr (ash.c:6893) - by 0x15BAEC: expandarg (ash.c:8090) - by 0x15F4CC: evalcommand (ash.c:10429) - by 0x15B26C: evaltree (ash.c:9365) - by 0x15E4FC: cmdloop (ash.c:13569) - by 0x15FD8B: ash_main (ash.c:14748) - by 0x115BF2: run_applet_no_and_exit (appletlib.c:967) - by 0x115F16: run_applet_and_exit (appletlib.c:986) - by 0x115EF9: busybox_main (appletlib.c:917) - by 0x115EF9: run_applet_and_exit (appletlib.c:979) - by 0x115F8F: main (appletlib.c:1126) - Address 0x48b8646 is 2,054 bytes inside a block of size 4,776 free'd - at 0x48A6FC9: realloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) - by 0x116E86: xrealloc (xfuncs_printf.c:61) - by 0x1565DB: growstackblock (ash.c:1736) - by 0x156EF7: growstackstr (ash.c:1775) - by 0x156F1A: _STPUTC (ash.c:1816) - by 0x15D843: subevalvar (ash.c:7317) - by 0x15DC43: evalvar (ash.c:7666) - by 0x15B717: argstr (ash.c:6893) - by 0x15BAEC: expandarg (ash.c:8090) - by 0x15F4CC: evalcommand (ash.c:10429) - by 0x15B26C: evaltree (ash.c:9365) - by 0x15E4FC: cmdloop (ash.c:13569) - -A testcase for reproducing this edge case is provided in the downstream -bug report [1]. This commit fixes the issue by reconstructing the repl -pointer relative to stackblock() via strloc and slash_pos. - -[0]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13469 -[1]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13469#note_210530 - -Signed-off-by: Sören Tempel ---- - shell/ash.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/shell/ash.c b/shell/ash.c -index 55df54bd0..24f9a8270 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7346,6 +7346,12 @@ subevalvar(char *start, char *str, int strloc, - idx = loc; - } - -+ // The STPUTC invocations above may resize and move the -+ // stack via realloc(3). Since repl is a pointer into the -+ // stack, we need to reconstruct it relative to stackblock(). -+ if (slash_pos >= 0) -+ repl = (char *)stackblock() + strloc + slash_pos + 1; -+ - //bb_error_msg("repl:'%s'", repl); - for (loc = (char*)repl; *loc; loc++) { - char *restart_detect = stackblock(); diff --git a/aports/busybox/0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch b/aports/busybox/0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch deleted file mode 100644 index 5697a55..0000000 --- a/aports/busybox/0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 65bb493f2475368161431ed72816fd0c61e479b1 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Tue, 8 Feb 2022 09:29:21 +0100 -Subject: [PATCH] ed: don't use memcpy with overlapping memory regions - -The memcpy invocations in the subCommand function, modified by this -commit, previously used memcpy with overlapping memory regions. This is -undefined behavior. On Alpine Linux, it causes BusyBox ed to crash since -we compile BusyBox with -D_FORTIFY_SOURCE=2 and our fortify-headers -implementation catches this source of undefined behavior [0]. The issue -can only be triggered if the replacement string is the same size or -shorter than the old string. - -Looking at the code, it seems to me that a memmove(3) is what was -actually intended here, this commit modifies the code accordingly. - -[0]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13504 ---- - editors/ed.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/editors/ed.c b/editors/ed.c -index 209ce9942..4a84f7433 100644 ---- a/editors/ed.c -+++ b/editors/ed.c -@@ -720,7 +720,7 @@ static void subCommand(const char *cmd, int num1, int num2) - if (deltaLen <= 0) { - memcpy(&lp->data[offset], newStr, newLen); - if (deltaLen) { -- memcpy(&lp->data[offset + newLen], -+ memmove(&lp->data[offset + newLen], - &lp->data[offset + oldLen], - lp->len - offset - oldLen); - diff --git a/aports/busybox/0015-udhcpc-set-default-discover-retries-to-5.patch b/aports/busybox/0015-udhcpc-set-default-discover-retries-to-5.patch new file mode 100644 index 0000000..7dd08dd --- /dev/null +++ b/aports/busybox/0015-udhcpc-set-default-discover-retries-to-5.patch @@ -0,0 +1,59 @@ +From 050863f09d1ea42cedd8935580cf570032fed339 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Thu, 4 Aug 2016 13:17:00 +0200 +Subject: [PATCH] udhcpc: set default discover retries to 5 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Some slower nics needs more attempts to get a lease + +--- + networking/udhcp/d6_dhcpc.c | 4 ++-- + networking/udhcp/dhcpc.c | 4 ++-- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_dhcpc.c +index cdd06188e..3d0ec98f9 100644 +--- a/networking/udhcp/d6_dhcpc.c ++++ b/networking/udhcp/d6_dhcpc.c +@@ -1137,7 +1137,7 @@ static void client_background(void) + //usage: "\n -s PROG Run PROG at DHCP events (default "CONFIG_UDHCPC6_DEFAULT_SCRIPT")" + //usage: "\n -B Request broadcast replies" + //usage: "\n -t N Send up to N discover packets" +-//usage: "\n -T SEC Pause between packets (default 3)" ++//usage: "\n -T SEC Pause between packets (default 5)" + //usage: "\n -A SEC Wait if lease is not obtained (default 20)" + //usage: USE_FOR_MMU( + //usage: "\n -b Background if lease is not obtained" +@@ -1182,7 +1182,7 @@ int udhcpc6_main(int argc UNUSED_PARAM, char **argv) + llist_t *list_x = NULL; + int tryagain_timeout = 20; + int discover_timeout = 3; +- int discover_retries = 3; ++ int discover_retries = 5; + struct in6_addr srv6_buf; + struct in6_addr ipv6_buf; + struct in6_addr *requested_ipv6; +diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c +index c757fb37c..424d6dade 100644 +--- a/networking/udhcp/dhcpc.c ++++ b/networking/udhcp/dhcpc.c +@@ -1173,7 +1173,7 @@ static void client_background(void) + //usage: "\n -p FILE Create pidfile" + //usage: "\n -B Request broadcast replies" + //usage: "\n -t N Send up to N discover packets (default 3)" +-//usage: "\n -T SEC Pause between packets (default 3)" ++//usage: "\n -T SEC Pause between packets (default 5)" + //usage: "\n -A SEC Wait if lease is not obtained (default 20)" + //usage: USE_FOR_MMU( + //usage: "\n -b Background if lease is not obtained" +@@ -1217,7 +1217,7 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv) + llist_t *list_x = NULL; + int tryagain_timeout = 20; + int discover_timeout = 3; +- int discover_retries = 3; ++ int discover_retries = 5; + uint32_t server_id = server_id; /* for compiler */ + uint32_t requested_ip = 0; + int packet_num; diff --git a/aports/busybox/0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch b/aports/busybox/0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch deleted file mode 100644 index 3527fa5..0000000 --- a/aports/busybox/0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch +++ /dev/null @@ -1,88 +0,0 @@ -From fa52ac9781f479de8ab4d8526276244c0a0471f4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Mon, 28 Feb 2022 08:36:50 +0100 -Subject: [PATCH] ash: don't read past end of var in subvareval for bash - substitutions -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Without this patch, BusyBox handles bash pattern substitutions without -a terminating '/' character incorrectly. - -Consider the following shell script: - - _bootstrapver=5.0.211-r0 - _referencesdir="/usr/${_bootstrapver/-*}/Sources" - echo $_referencesdir - -This should output `/usr/5.0.211/Sources`. However, without this patch -it instead outputs `/usr/5.0.211Sources`. This is due to the fact that -BusyBox expects the bash pattern substitutions to always be terminated -with a '/' (at least in this part of subvareval) and thus reads passed -the substitution itself and consumes the '/' character which is part of -the literal string. If there is no '/' after the substitution then -BusyBox might perform an out-of-bounds read under certain circumstances. - -When replacing the bash pattern substitution with `${_bootstrapver/-*/}`, -or with this patch applied, ash outputs the correct value. - -Signed-off-by: Sören Tempel -Signed-off-by: Denys Vlasenko ---- - shell/ash.c | 4 ++++ - shell/ash_test/ash-vars/var_bash_repl_unterminated.right | 1 + - shell/ash_test/ash-vars/var_bash_repl_unterminated.tests | 2 ++ - shell/hush_test/hush-vars/var_bash_repl_unterminated.right | 1 + - shell/hush_test/hush-vars/var_bash_repl_unterminated.tests | 2 ++ - 5 files changed, 10 insertions(+) - create mode 100644 shell/ash_test/ash-vars/var_bash_repl_unterminated.right - create mode 100755 shell/ash_test/ash-vars/var_bash_repl_unterminated.tests - create mode 100644 shell/hush_test/hush-vars/var_bash_repl_unterminated.right - create mode 100755 shell/hush_test/hush-vars/var_bash_repl_unterminated.tests - -diff --git a/shell/ash.c b/shell/ash.c -index adb0f223a..54335c5dd 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7081,6 +7081,10 @@ subevalvar(char *start, char *str, int strloc, - *repl = '\0'; - break; - } -+ if ((unsigned char)*repl == CTLENDVAR) { /* ${v/pattern} (no trailing /, no repl) */ -+ repl = NULL; -+ break; -+ } - /* Handle escaped slashes, e.g. "${v/\//_}" (they are CTLESC'ed by this point) */ - if ((unsigned char)*repl == CTLESC && repl[1]) - repl++; -diff --git a/shell/ash_test/ash-vars/var_bash_repl_unterminated.right b/shell/ash_test/ash-vars/var_bash_repl_unterminated.right -new file mode 100644 -index 000000000..5bff3a6fa ---- /dev/null -+++ b/shell/ash_test/ash-vars/var_bash_repl_unterminated.right -@@ -0,0 +1 @@ -+b/d -diff --git a/shell/ash_test/ash-vars/var_bash_repl_unterminated.tests b/shell/ash_test/ash-vars/var_bash_repl_unterminated.tests -new file mode 100755 -index 000000000..c9513343d ---- /dev/null -+++ b/shell/ash_test/ash-vars/var_bash_repl_unterminated.tests -@@ -0,0 +1,2 @@ -+a=b-c -+echo ${a/-*}/d -diff --git a/shell/hush_test/hush-vars/var_bash_repl_unterminated.right b/shell/hush_test/hush-vars/var_bash_repl_unterminated.right -new file mode 100644 -index 000000000..5bff3a6fa ---- /dev/null -+++ b/shell/hush_test/hush-vars/var_bash_repl_unterminated.right -@@ -0,0 +1 @@ -+b/d -diff --git a/shell/hush_test/hush-vars/var_bash_repl_unterminated.tests b/shell/hush_test/hush-vars/var_bash_repl_unterminated.tests -new file mode 100755 -index 000000000..c9513343d ---- /dev/null -+++ b/shell/hush_test/hush-vars/var_bash_repl_unterminated.tests -@@ -0,0 +1,2 @@ -+a=b-c -+echo ${a/-*}/d diff --git a/aports/busybox/0016-ping-make-ping-work-without-root-privileges.patch b/aports/busybox/0016-ping-make-ping-work-without-root-privileges.patch new file mode 100644 index 0000000..661f046 --- /dev/null +++ b/aports/busybox/0016-ping-make-ping-work-without-root-privileges.patch @@ -0,0 +1,209 @@ +From 19c6c34fb6318605e58a9b209cf742d559c0d467 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Tue, 29 Mar 2016 09:23:08 +0200 +Subject: [PATCH] ping: make ping work without root privileges +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + networking/ping.c | 115 +++++++++++++++++++++++++++++++++++++--------- + 1 file changed, 94 insertions(+), 21 deletions(-) + +diff --git a/networking/ping.c b/networking/ping.c +index 9805695a1..5e4488abd 100644 +--- a/networking/ping.c ++++ b/networking/ping.c +@@ -208,6 +208,7 @@ enum { + pingsock = 0, + }; + ++static int using_dgram; + static void + #if ENABLE_PING6 + create_icmp_socket(len_and_sockaddr *lsa) +@@ -224,9 +225,23 @@ create_icmp_socket(void) + #endif + sock = socket(AF_INET, SOCK_RAW, 1); /* 1 == ICMP */ + if (sock < 0) { +- if (errno == EPERM) +- bb_simple_error_msg_and_die(bb_msg_perm_denied_are_you_root); +- bb_simple_perror_msg_and_die(bb_msg_can_not_create_raw_socket); ++ if (errno != EPERM) ++ bb_simple_perror_msg_and_die(bb_msg_can_not_create_raw_socket); ++#if defined(__linux__) || defined(__APPLE__) ++ /* We don't have root privileges. Try SOCK_DGRAM instead. ++ * Linux needs net.ipv4.ping_group_range for this to work. ++ * MacOSX allows ICMP_ECHO, ICMP_TSTAMP or ICMP_MASKREQ ++ */ ++#if ENABLE_PING6 ++ if (lsa->u.sa.sa_family == AF_INET6) ++ sock = socket(AF_INET6, SOCK_DGRAM, IPPROTO_ICMPV6); ++ else ++#endif ++ sock = socket(AF_INET, SOCK_DGRAM, 1); /* 1 == ICMP */ ++ if (sock < 0) ++#endif ++ bb_simple_error_msg_and_die(bb_msg_perm_denied_are_you_root); ++ using_dgram = 1; + } + + xmove_fd(sock, pingsock); +@@ -279,10 +294,12 @@ static void ping4(len_and_sockaddr *lsa) + bb_simple_perror_msg("recvfrom"); + continue; + } +- if (c >= 76) { /* ip + icmp */ +- struct iphdr *iphdr = (struct iphdr *) G.packet; ++ if (c >= 76 || using_dgram && (c == 64)) { /* ip + icmp */ ++ if(!using_dgram) { ++ struct iphdr *iphdr = (struct iphdr *) G.packet; + +- pkt = (struct icmp *) (G.packet + (iphdr->ihl << 2)); /* skip ip hdr */ ++ pkt = (struct icmp *) (G.packet + (iphdr->ihl << 2)); /* skip ip hdr */ ++ } else pkt = (struct icmp *) G.packet; + if (pkt->icmp_id != G.myid) + continue; /* not our ping */ + if (pkt->icmp_type == ICMP_ECHOREPLY) +@@ -691,19 +708,21 @@ static void unpack_tail(int sz, uint32_t *tp, + } + static int unpack4(char *buf, int sz, struct sockaddr_in *from) + { +- struct icmp *icmppkt; + struct iphdr *iphdr; ++ struct icmp *icmppkt; + int hlen; + + /* discard if too short */ + if (sz < (datalen + ICMP_MINLEN)) + return 0; ++ if(!using_dgram) { ++ /* check IP header */ ++ iphdr = (struct iphdr *) buf; ++ hlen = iphdr->ihl << 2; ++ sz -= hlen; ++ icmppkt = (struct icmp *) (buf + hlen); ++ } else icmppkt = (struct icmp *) buf; + +- /* check IP header */ +- iphdr = (struct iphdr *) buf; +- hlen = iphdr->ihl << 2; +- sz -= hlen; +- icmppkt = (struct icmp *) (buf + hlen); + if (icmppkt->icmp_id != myid) + return 0; /* not our ping */ + +@@ -715,7 +734,7 @@ static int unpack4(char *buf, int sz, struct sockaddr_in *from) + tp = (uint32_t *) icmppkt->icmp_data; + unpack_tail(sz, tp, + inet_ntoa(*(struct in_addr *) &from->sin_addr.s_addr), +- recv_seq, iphdr->ttl); ++ recv_seq, using_dgram ? 42 : iphdr->ttl); + return 1; + } + if (icmppkt->icmp_type != ICMP_ECHO) { +@@ -765,11 +784,31 @@ static void ping4(len_and_sockaddr *lsa) + int sockopt; + + pingaddr.sin = lsa->u.sin; +- if (source_lsa) { ++ if (source_lsa && !using_dgram) { + if (setsockopt(pingsock, IPPROTO_IP, IP_MULTICAST_IF, + &source_lsa->u.sa, source_lsa->len)) + bb_simple_error_msg_and_die("can't set multicast source interface"); + xbind(pingsock, &source_lsa->u.sa, source_lsa->len); ++ } else if(using_dgram) { ++ struct sockaddr_in sa; ++ socklen_t sl; ++ ++ sa.sin_family = AF_INET; ++ sa.sin_port = 0; ++ sa.sin_addr.s_addr = source_lsa ? ++ source_lsa->u.sin.sin_addr.s_addr : 0; ++ sl = sizeof(sa); ++ ++ if (bind(pingsock, (struct sockaddr *) &sa, sl) == -1) { ++ perror("bind"); ++ exit(2); ++ } ++ ++ if (getsockname(pingsock, (struct sockaddr *) &sa, &sl) == -1) { ++ perror("getsockname"); ++ exit(2); ++ } ++ myid = sa.sin_port; + } + + /* enable broadcast pings */ +@@ -786,6 +825,15 @@ static void ping4(len_and_sockaddr *lsa) + setsockopt_int(pingsock, IPPROTO_IP, IP_MULTICAST_TTL, opt_ttl); + } + ++ if(using_dgram) { ++ int hold = 65536; ++ if (setsockopt(pingsock, SOL_IP, IP_RECVTTL, (char *)&hold, sizeof(hold))) ++ perror("WARNING: setsockopt(IP_RECVTTL)"); ++ if (setsockopt(pingsock, SOL_IP, IP_RETOPTS, (char *)&hold, sizeof(hold))) ++ perror("WARNING: setsockopt(IP_RETOPTS)"); ++ ++ } ++ + signal(SIGINT, print_stats_and_exit); + + /* start the ping's going ... */ +@@ -823,10 +871,33 @@ static void ping6(len_and_sockaddr *lsa) + char control_buf[CMSG_SPACE(36)]; + + pingaddr.sin6 = lsa->u.sin6; +- if (source_lsa) ++ if (source_lsa && !using_dgram) + xbind(pingsock, &source_lsa->u.sa, source_lsa->len); ++ else if(using_dgram) { ++ struct sockaddr_in6 sa = {0}; ++ socklen_t sl; ++ ++ sa.sin6_family = AF_INET6; ++ sa.sin6_port = 0; ++ if(source_lsa) { ++ memcpy(&sa.sin6_addr, &source_lsa->u.sin6.sin6_addr, sizeof(struct in6_addr)); ++ } ++ sl = sizeof(sa); ++ ++ if (bind(pingsock, (struct sockaddr *) &sa, sl) == -1) { ++ perror("bind"); ++ exit(2); ++ } ++ ++ if (getsockname(pingsock, (struct sockaddr *) &sa, &sl) == -1) { ++ perror("getsockname"); ++ exit(2); ++ } ++ myid = sa.sin6_port; ++ } + + #ifdef ICMP6_FILTER ++ if(!using_dgram) + { + struct icmp6_filter filt; + if (!(option_mask32 & OPT_VERBOSE)) { +@@ -972,12 +1043,14 @@ static int common_ping_main(int opt, char **argv) + interval = INT_MAX/1000000; + G.interval_us = interval * 1000000; + +- myid = (uint16_t) getpid(); +- /* we can use native-endian ident, but other Unix ping/traceroute +- * utils use *big-endian pid*, and e.g. traceroute on our machine may be +- * *not* from busybox, idents may collide. Follow the convention: +- */ +- myid = htons(myid); ++ if (!using_dgram) { ++ myid = (uint16_t) getpid(); ++ /* we can use native-endian ident, but other Unix ping/traceroute ++ * utils use *big-endian pid*, and e.g. traceroute on our machine may be ++ * *not* from busybox, idents may collide. Follow the convention: ++ */ ++ myid = htons(myid); ++ } + hostname = argv[optind]; + #if ENABLE_PING6 + { diff --git a/aports/busybox/0017-ash-Fix-use-after-free-on-idx-variable.patch b/aports/busybox/0017-ash-Fix-use-after-free-on-idx-variable.patch deleted file mode 100644 index 22a2578..0000000 --- a/aports/busybox/0017-ash-Fix-use-after-free-on-idx-variable.patch +++ /dev/null @@ -1,94 +0,0 @@ -From 3813e89e3622b034b0e51acae496493a717555cc Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?S=C3=B6ren=20Tempel?= -Date: Wed, 1 Jun 2022 11:51:40 +0200 -Subject: [PATCH] ash: Fix use-after-free on idx variable - -Consider the following code from ash.c: - - STPUTC(*idx, expdest); - if (quotes && (unsigned char)*idx == CTLESC) { - -The idx variable points to a value in the stack string (as managed -by STPUTC). STPUTC may resize this stack string via realloc(3). If -this happens, the idx pointer needs to be updated. Otherwise, -dereferencing idx may result in a use-after free. - -The valgrind output for this edge case looks as follows: - - Invalid read of size 1 - at 0x113AD7: subevalvar (ash.c:7326) - by 0x112EC7: evalvar (ash.c:7674) - by 0x113219: argstr (ash.c:6891) - by 0x113D10: expandarg (ash.c:8098) - by 0x118989: evalcommand (ash.c:10377) - by 0x116744: evaltree (ash.c:9373) - by 0x1170DC: cmdloop (ash.c:13577) - by 0x1191E4: ash_main (ash.c:14756) - by 0x10CB3B: run_applet_no_and_exit (appletlib.c:967) - by 0x10CBCA: run_applet_and_exit (appletlib.c:986) - by 0x10CBCA: main (appletlib.c:1126) - Address 0x48b4099 is 857 bytes inside a block of size 2,736 free'd - at 0x48A6FC9: realloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) - by 0x125B03: xrealloc (xfuncs_printf.c:61) - by 0x10F9D2: growstackblock (ash.c:1736) - by 0x10FA4E: growstackstr (ash.c:1775) - by 0x10FA71: _STPUTC (ash.c:1816) - by 0x113A94: subevalvar (ash.c:7325) - by 0x112EC7: evalvar (ash.c:7674) - by 0x113219: argstr (ash.c:6891) - by 0x113D10: expandarg (ash.c:8098) - by 0x118989: evalcommand (ash.c:10377) - by 0x116744: evaltree (ash.c:9373) - by 0x1170DC: cmdloop (ash.c:13577) - Block was alloc'd at - at 0x48A26D5: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) - by 0x125AE9: xmalloc (xfuncs_printf.c:50) - by 0x10ED56: stalloc (ash.c:1622) - by 0x10F9FF: growstackblock (ash.c:1746) - by 0x10FB2A: growstackto (ash.c:1783) - by 0x10FB47: makestrspace (ash.c:1795) - by 0x10FDE7: memtodest (ash.c:6390) - by 0x10FE91: strtodest (ash.c:6417) - by 0x112CC5: varvalue (ash.c:7558) - by 0x112D80: evalvar (ash.c:7603) - by 0x113219: argstr (ash.c:6891) - by 0x113D10: expandarg (ash.c:8098) - -This patch fixes this issue by updating the pointers again via -the restart label if STPUTC re-sized the stack. This issue -has been reported to us at Alpine Linux downstream. - -Also: Move the second realloc-check inside the if statement -that follows so it isn't done twice if the condition evaluates -to false. - -See also: - -* https://gitlab.alpinelinux.org/alpine/aports/-/issues/13900 -* http://lists.busybox.net/pipermail/busybox/2022-April/089655.html ---- - shell/ash.c | 6 ++++-- - 1 file changed, 4 insertions(+), 2 deletions(-) - -diff --git a/shell/ash.c b/shell/ash.c -index ef4a47afe..cbc50eefe 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7323,13 +7323,15 @@ subevalvar(char *start, char *str, int strloc, - if (idx >= end) - break; - STPUTC(*idx, expdest); -+ if (stackblock() != restart_detect) -+ goto restart; - if (quotes && (unsigned char)*idx == CTLESC) { - idx++; - len++; - STPUTC(*idx, expdest); -+ if (stackblock() != restart_detect) -+ goto restart; - } -- if (stackblock() != restart_detect) -- goto restart; - idx++; - len++; - rmesc++; diff --git a/aports/busybox/0017-fbsplash-support-console-switching.patch b/aports/busybox/0017-fbsplash-support-console-switching.patch new file mode 100644 index 0000000..d5ec3f8 --- /dev/null +++ b/aports/busybox/0017-fbsplash-support-console-switching.patch @@ -0,0 +1,182 @@ +From 7a5d2b057b1aad464500073f15fa7547d2738ecf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= +Date: Mon, 24 Sep 2012 06:42:10 +0300 +Subject: [PATCH] fbsplash: support console switching +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +--- + miscutils/fbsplash.c | 82 ++++++++++++++++++++++++++++++++++++++++---- + 1 file changed, 75 insertions(+), 7 deletions(-) + +diff --git a/miscutils/fbsplash.c b/miscutils/fbsplash.c +index 2934d8eb7..ae257e8bc 100644 +--- a/miscutils/fbsplash.c ++++ b/miscutils/fbsplash.c +@@ -46,7 +46,7 @@ + //kbuild:lib-$(CONFIG_FBSPLASH) += fbsplash.o + + //usage:#define fbsplash_trivial_usage +-//usage: "-s IMGFILE [-c] [-d DEV] [-i INIFILE] [-f CMD]" ++//usage: "-s IMGFILE [-c] [-d DEV] [-i INIFILE] [-f CMD] [-T tty]" + //usage:#define fbsplash_full_usage "\n\n" + //usage: " -s Image" + //usage: "\n -c Hide cursor" +@@ -56,11 +56,17 @@ + //usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP" + //usage: "\n -f Control pipe (else exit after drawing image)" + //usage: "\n commands: 'NN' (% for progress bar) or 'exit'" ++//usage: "\n -T Switch to TTY to hide all console messages" + + #include "libbb.h" + #include "common_bufsiz.h" + #include + ++#include ++#include ++#include ++#include ++ + /* If you want logging messages on /tmp/fbsplash.log... */ + #define DEBUG 0 + +@@ -74,6 +80,8 @@ struct globals { + unsigned char *addr; // pointer to framebuffer memory + unsigned ns[9]; // n-parameters + const char *image_filename; ++ int silent_tty, fd_tty_s; ++ bool do_not_draw; + struct fb_var_screeninfo scr_var; + struct fb_fix_screeninfo scr_fix; + unsigned bytes_per_pixel; +@@ -487,6 +495,11 @@ static void init(const char *cfg_filename) + config_close(parser); + } + ++static void sighandler(int sig) ++{ ++ ioctl(G.fd_tty_s, VT_RELDISP, sig == SIGUSR1 ? 1 : 2); ++ G.do_not_draw = (sig != SIGUSR2); ++} + + int fbsplash_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; + int fbsplash_main(int argc UNUSED_PARAM, char **argv) +@@ -496,6 +509,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + char *num_buf; + unsigned num; + bool bCursorOff; ++ int fd_tty0, active_vt; ++ struct vt_stat vtstat; ++ struct vt_mode vt; + + INIT_G(); + +@@ -503,8 +519,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + fb_device = "/dev/fb0"; + cfg_filename = NULL; + fifo_filename = NULL; +- bCursorOff = 1 & getopt32(argv, "cs:d:i:f:", +- &G.image_filename, &fb_device, &cfg_filename, &fifo_filename); ++ bCursorOff = 1 & getopt32(argv, "cs:d:i:f:T:+", ++ &G.image_filename, &fb_device, &cfg_filename, &fifo_filename, ++ &G.silent_tty); + + // parse configuration file + if (cfg_filename) +@@ -514,11 +531,43 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + if (!G.image_filename) + bb_show_usage(); + ++ fd_tty0 = get_console_fd_or_die(); ++ if (G.silent_tty) { ++ char buf[16]; ++ ++ /* Initialize TTY */ ++ bb_signals((1LL << SIGUSR1) | (1LL << SIGUSR2), sighandler); ++ snprintf(buf, sizeof(buf), "/dev/tty%d", G.silent_tty); ++ G.fd_tty_s = xopen(buf, O_RDWR | O_NOCTTY); ++ ++ /* Activate TTY */ ++ xioctl(fd_tty0, VT_GETSTATE, &vtstat); ++ active_vt = vtstat.v_active; ++ console_make_active(fd_tty0, G.silent_tty); ++ ++ /* Get notifications on console changes */ ++ vt.mode = VT_PROCESS; ++ vt.waitv = 0; ++ vt.relsig = SIGUSR1; ++ vt.acqsig = SIGUSR2; ++ ioctl(G.fd_tty_s, VT_SETMODE, &vt); ++ ++ /* Redirect all kernel messages to tty1 so that they don't get ++ * printed over our silent splash image. And clear it. */ ++ buf[0] = TIOCL_SETKMSGREDIRECT; ++ buf[1] = 1; ++ ioctl(G.fd_tty_s, TIOCLINUX, buf); ++ full_write(G.fd_tty_s, "\e[H\e[2J" "\e[?17;0c", 7+8); ++ ioctl(G.fd_tty_s, KDSETMODE, KD_GRAPHICS); ++ } else { ++ G.fd_tty_s = STDOUT_FILENO; ++ } ++ + fb_open(fb_device); + + if (fifo_filename && bCursorOff) { + // hide cursor (BEFORE any fb ops) +- full_write(STDOUT_FILENO, ESC"[?25l", 6); ++ full_write(G.fd_tty_s, ESC"[?25l", 6); + } + + fb_drawimage(); +@@ -526,6 +575,7 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + if (!fifo_filename) + return EXIT_SUCCESS; + ++ sig_block(SIGUSR1); + fp = xfopen_stdin(fifo_filename); + if (fp != stdin) { + // For named pipes, we want to support this: +@@ -541,8 +591,9 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + // and become an additional writer :) + open(fifo_filename, O_WRONLY); // errors are ignored + } +- + fb_drawprogressbar(0); ++ sig_unblock(SIGUSR1); ++ + // Block on read, waiting for some input. + // Use of style I/O allows to correctly + // handle a case when we have many buffered lines +@@ -557,12 +608,29 @@ int fbsplash_main(int argc UNUSED_PARAM, char **argv) + #if DEBUG + DEBUG_MESSAGE(itoa(num)); + #endif +- fb_drawprogressbar(num); ++ sig_block(SIGUSR1); ++ if (!G.do_not_draw) ++ fb_drawprogressbar(num); ++ sig_unblock(SIGUSR1); + } + free(num_buf); + } + +- if (bCursorOff) // restore cursor ++ if (G.silent_tty) { ++ usleep(100*1000); ++ ++ ioctl(G.fd_tty_s, VT_RELDISP, 1); ++ ioctl(G.fd_tty_s, KDSETMODE, KD_TEXT); ++ vt.mode = VT_AUTO; ++ vt.waitv = 0; ++ ioctl(G.fd_tty_s, VT_SETMODE, &vt); ++ close(G.fd_tty_s); ++ ++ xioctl(fd_tty0, VT_GETSTATE, &vtstat); ++ if (vtstat.v_active == G.silent_tty) ++ console_make_active(fd_tty0, active_vt); ++ ioctl(fd_tty0, VT_DISALLOCATE, (void *)(ptrdiff_t)G.silent_tty); ++ } else if (bCursorOff) // restore cursor + full_write(STDOUT_FILENO, ESC"[?25h", 6); + + return EXIT_SUCCESS; diff --git a/aports/busybox/0018-ash-fix-ifs-cleanup-on-error-paths.patch b/aports/busybox/0018-ash-fix-ifs-cleanup-on-error-paths.patch deleted file mode 100644 index c09bc84..0000000 --- a/aports/busybox/0018-ash-fix-ifs-cleanup-on-error-paths.patch +++ /dev/null @@ -1,91 +0,0 @@ -From 1c5455284234e894dfb6086bf7f3e9a6d5d9611f Mon Sep 17 00:00:00 2001 -From: Denys Vlasenko -Date: Tue, 2 Aug 2022 11:13:44 +0200 -Subject: [PATCH] ash: fix ifs cleanup on error paths - -Patch by Alex Gorinson - -function old new delta -evalvar 477 495 +18 -varvalue 603 618 +15 -subevalvar 1557 1572 +15 ------------------------------------------------------------------------------- -(add/remove: 0/0 grow/shrink: 3/0 up/down: 48/0) Total: 48 bytes - -Signed-off-by: Denys Vlasenko ---- - shell/ash.c | 2 ++ - shell/ash_test/ash-heredoc/heredoc_and_cmd.right | 2 ++ - shell/ash_test/ash-heredoc/heredoc_and_cmd.tests | 8 ++++++++ - shell/hush_test/hush-heredoc/heredoc_and_cmd.right | 2 ++ - shell/hush_test/hush-heredoc/heredoc_and_cmd.tests | 8 ++++++++ - 5 files changed, 22 insertions(+) - create mode 100644 shell/ash_test/ash-heredoc/heredoc_and_cmd.right - create mode 100755 shell/ash_test/ash-heredoc/heredoc_and_cmd.tests - create mode 100644 shell/hush_test/hush-heredoc/heredoc_and_cmd.right - create mode 100755 shell/hush_test/hush-heredoc/heredoc_and_cmd.tests - -diff --git a/shell/ash.c b/shell/ash.c -index d29de37b7..c731a333b 100644 ---- a/shell/ash.c -+++ b/shell/ash.c -@@ -7028,6 +7028,7 @@ varunset(const char *end, const char *var, const char *umsg, int varflags) - msg = umsg; - } - } -+ ifsfree(); - ash_msg_and_raise_error("%.*s: %s%s", (int)(end - var - 1), var, msg, tail); - } - -@@ -7453,6 +7454,7 @@ varvalue(char *name, int varflags, int flags, int quoted) - if (discard) - return -1; - -+ ifsfree(); - raise_error_syntax("bad substitution"); - } - -diff --git a/shell/ash_test/ash-heredoc/heredoc_and_cmd.right b/shell/ash_test/ash-heredoc/heredoc_and_cmd.right -new file mode 100644 -index 000000000..25ae70561 ---- /dev/null -+++ b/shell/ash_test/ash-heredoc/heredoc_and_cmd.right -@@ -0,0 +1,2 @@ -+./heredoc_and_cmd.tests: line 4: D: AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA -+Y -diff --git a/shell/ash_test/ash-heredoc/heredoc_and_cmd.tests b/shell/ash_test/ash-heredoc/heredoc_and_cmd.tests -new file mode 100755 -index 000000000..197542de7 ---- /dev/null -+++ b/shell/ash_test/ash-heredoc/heredoc_and_cmd.tests -@@ -0,0 +1,8 @@ -+# The bug was only happening with < +Date: Fri, 21 Nov 2014 15:15:43 +0200 +Subject: [PATCH] fbsplash: support image and bar alignment and positioning +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Needed to center a splash screen image in the initramfs. + +--- + miscutils/fbsplash.c | 93 ++++++++++++++++++++++++++++++++------------ + 1 file changed, 69 insertions(+), 24 deletions(-) + +diff --git a/miscutils/fbsplash.c b/miscutils/fbsplash.c +index ae257e8bc..2c6413157 100644 +--- a/miscutils/fbsplash.c ++++ b/miscutils/fbsplash.c +@@ -53,7 +53,7 @@ + //usage: "\n -d Framebuffer device (default /dev/fb0)" + //usage: "\n -i Config file (var=value):" + //usage: "\n BAR_LEFT,BAR_TOP,BAR_WIDTH,BAR_HEIGHT" +-//usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP" ++//usage: "\n BAR_R,BAR_G,BAR_B,IMG_LEFT,IMG_TOP,IMG_ALIGN" + //usage: "\n -f Control pipe (else exit after drawing image)" + //usage: "\n commands: 'NN' (% for progress bar) or 'exit'" + //usage: "\n -T Switch to TTY to hide all console messages" +@@ -72,13 +72,39 @@ + + #define ESC "\033" + ++enum { ++ bar_width, ++ bar_height, ++ bar_posx, ++ bar_posy, ++ bar_colr, ++ bar_colg, ++ bar_colb, ++ nimg_posx, ++ nimg_posy, ++ nimg_align, ++ num_ns_opts, ++ debug = num_ns_opts, ++}; ++ ++#define nbar_width ns[bar_width] ++#define nbar_height ns[bar_height] ++#define nbar_posx ns[bar_posx] ++#define nbar_posy ns[bar_posy] ++#define nbar_colr ns[bar_colr] ++#define nbar_colg ns[bar_colg] ++#define nbar_colb ns[bar_colb] ++#define img_posx ns[nimg_posx] ++#define img_posy ns[nimg_posy] ++#define img_align ns[nimg_align] ++ + struct globals { + #if DEBUG + bool bdebug_messages; // enable/disable logging + FILE *logfile_fd; // log file + #endif + unsigned char *addr; // pointer to framebuffer memory +- unsigned ns[9]; // n-parameters ++ unsigned ns[num_ns_opts]; // n-parameters + const char *image_filename; + int silent_tty, fd_tty_s; + bool do_not_draw; +@@ -95,16 +121,6 @@ struct globals { + SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \ + } while (0) + +-#define nbar_width ns[0] // progress bar width +-#define nbar_height ns[1] // progress bar height +-#define nbar_posx ns[2] // progress bar horizontal position +-#define nbar_posy ns[3] // progress bar vertical position +-#define nbar_colr ns[4] // progress bar color red component +-#define nbar_colg ns[5] // progress bar color green component +-#define nbar_colb ns[6] // progress bar color blue component +-#define img_posx ns[7] // image horizontal position +-#define img_posy ns[8] // image vertical position +- + #if DEBUG + #define DEBUG_MESSAGE(strMessage, args...) \ + if (G.bdebug_messages) { \ +@@ -385,7 +401,7 @@ static void fb_drawimage(void) + FILE *theme_file; + char *read_ptr; + unsigned char *pixline; +- unsigned i, j, width, height, line_size; ++ int i, j, width, height, line_size, xoffs, yoffs, xstart; + + if (LONE_DASH(G.image_filename)) { + theme_file = stdin; +@@ -435,18 +451,39 @@ static void fb_drawimage(void) + line_size = width*3; + pixline = xmalloc(line_size); + +- if ((width + G.img_posx) > G.scr_var.xres) +- width = G.scr_var.xres - G.img_posx; +- if ((height + G.img_posy) > G.scr_var.yres) +- height = G.scr_var.yres - G.img_posy; +- for (j = 0; j < height; j++) { ++ xoffs = G.img_posx; ++ switch (G.img_align % 3) { ++ case 1: xoffs += (G.scr_var.xres - width) / 2; break; ++ case 2: xoffs += G.scr_var.xres - width; break; ++ } ++ xstart = 0; ++ if (xoffs < 0) { ++ xstart = -xoffs; ++ xoffs = 0; ++ } ++ if ((width + xoffs) > G.scr_var.xres) ++ width = G.scr_var.xres - xoffs; ++ ++ yoffs = G.img_posy; ++ switch (G.img_align / 3) { ++ case 1: yoffs += (G.scr_var.yres - height) / 2; break; ++ case 2: yoffs += G.scr_var.yres - height; break; ++ } ++ if ((height + yoffs) > G.scr_var.yres) ++ height = G.scr_var.yres - yoffs; ++ ++ for (j = 0; j < height; j++, yoffs++) { + unsigned char *pixel; + unsigned char *src; + + if (fread(pixline, 1, line_size, theme_file) != line_size) + bb_error_msg_and_die("bad PPM file '%s'", G.image_filename); +- pixel = pixline; +- src = G.addr + (G.img_posy + j) * G.scr_fix.line_length + G.img_posx * G.bytes_per_pixel; ++ ++ if (yoffs < 0) ++ continue; ++ ++ pixel = pixline + xstart * 3; ++ src = G.addr + yoffs * G.scr_fix.line_length + xoffs * G.bytes_per_pixel; + for (i = 0; i < width; i++) { + unsigned thispix = fb_pixel_value(pixel[0], pixel[1], pixel[2]); + fb_write_pixel(src, thispix); +@@ -465,11 +502,15 @@ static void fb_drawimage(void) + */ + static void init(const char *cfg_filename) + { ++ static const char align_names[] ALIGN1 = ++ "LT\0" "CT\0" "RT\0" ++ "LM\0" "CM\0" "RM\0" ++ "LB\0" "CB\0" "RB\0"; + static const char param_names[] ALIGN1 = + "BAR_WIDTH\0" "BAR_HEIGHT\0" + "BAR_LEFT\0" "BAR_TOP\0" + "BAR_R\0" "BAR_G\0" "BAR_B\0" +- "IMG_LEFT\0" "IMG_TOP\0" ++ "IMG_LEFT\0" "IMG_TOP\0" "IMG_ALIGN\0" + #if DEBUG + "DEBUG\0" + #endif +@@ -478,14 +519,18 @@ static void init(const char *cfg_filename) + parser_t *parser = config_open2(cfg_filename, xfopen_stdin); + while (config_read(parser, token, 2, 2, "#=", + (PARSE_NORMAL | PARSE_MIN_DIE) & ~(PARSE_TRIM | PARSE_COLLAPSE))) { +- unsigned val = xatoi_positive(token[1]); ++ unsigned val; + int i = index_in_strings(param_names, token[0]); + if (i < 0) + bb_error_msg_and_die("syntax error: %s", token[0]); +- if (i >= 0 && i < 9) ++ if (i == nimg_align) ++ val = index_in_strings(align_names, token[1]); ++ else ++ val = xatoi_positive(token[1]); ++ if (i < num_ns_opts) + G.ns[i] = val; + #if DEBUG +- if (i == 9) { ++ if (i == debug) { + G.bdebug_messages = val; + if (G.bdebug_messages) + G.logfile_fd = xfopen_for_write("/tmp/fbsplash.log"); diff --git a/aports/busybox/0019-depmod-support-generating-kmod-binary-index-files.patch b/aports/busybox/0019-depmod-support-generating-kmod-binary-index-files.patch new file mode 100644 index 0000000..62481f6 --- /dev/null +++ b/aports/busybox/0019-depmod-support-generating-kmod-binary-index-files.patch @@ -0,0 +1,511 @@ +From 4eb6d6b1f36e9bf976549f3071beb1192e11c4ca Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Timo=20Ter=C3=A4s?= +Date: Sun, 25 Oct 2015 12:33:58 +0200 +Subject: [PATCH] depmod: support generating kmod binary index files +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This allows to use busybox depmod, and run daemons using libkmod (or +even kmod modprobe if needed). + +About +1500 bytes when enabled. This patch merges some depmod code +paths, so when this is disabled it shrinks the code size a little bit. + +--- + modutils/Config.src | 9 ++ + modutils/depmod.c | 281 ++++++++++++++++++++++++++++++++++++-------- + modutils/modprobe.c | 15 --- + modutils/modutils.c | 31 +++++ + modutils/modutils.h | 16 +++ + 5 files changed, 286 insertions(+), 66 deletions(-) + +diff --git a/modutils/Config.src b/modutils/Config.src +index 188296814..7a4c037ad 100644 +--- a/modutils/Config.src ++++ b/modutils/Config.src +@@ -152,6 +152,15 @@ config FEATURE_MODUTILS_ALIAS + + Say Y if unsure. + ++config FEATURE_MODUTILS_BIN ++ bool "Support for the kmod .bin file format" ++ default n ++ depends on DEPMOD && !MODPROBE_SMALL ++ help ++ Generate kmod compatible binary index files for .dep, .alias, ++ .symbols and .builtin files. Allows mixing use of busybox ++ modutils and kmod (binaries and library). ++ + config FEATURE_MODUTILS_SYMBOLS + bool "Support module.symbols file" + default y +diff --git a/modutils/depmod.c b/modutils/depmod.c +index bb42bbefe..9b034db0a 100644 +--- a/modutils/depmod.c ++++ b/modutils/depmod.c +@@ -2,7 +2,7 @@ + /* + * depmod - generate modules.dep + * Copyright (c) 2008 Bernhard Reutner-Fischer +- * Copyrihgt (c) 2008 Timo Teras ++ * Copyrihgt (c) 2008-2015 Timo Teras + * Copyright (c) 2008 Vladimir Dronnikov + * + * Licensed under GPLv2 or later, see file LICENSE in this source tree. +@@ -25,6 +25,24 @@ + #include "modutils.h" + #include /* uname() */ + ++#define INDEX_MINCHAR 32 ++#define INDEX_MAXCHAR 128 ++ ++typedef struct index_node { ++ char *prefix; ++ llist_t *values; ++ struct index_node *children[INDEX_MAXCHAR-INDEX_MINCHAR]; ++} index_node; ++ ++struct globals { ++ module_db db; ++ index_node *root_node; ++} FIX_ALIASING; ++#define G (*ptr_to_globals) ++#define INIT_G() do { \ ++ SET_PTR_TO_GLOBALS(xzalloc(sizeof(G))); \ ++} while (0) ++ + /* + * Theory of operation: + * - iterate over all modules and record their full path +@@ -53,18 +71,12 @@ static int FAST_FUNC parse_module(struct recursive_state *state, + + for (ptr = image; ptr < image + len - 10; ptr++) { + if (is_prefixed_with(ptr, "depends=")) { +- char *u; +- + ptr += 8; +- for (u = ptr; *u; u++) +- if (*u == '-') +- *u = '_'; +- ptr += string_to_llist(ptr, &e->deps, ","); ++ string_to_llist(replace_underscores(ptr), &e->deps, ","); + } else if (ENABLE_FEATURE_MODUTILS_ALIAS + && is_prefixed_with(ptr, "alias=") + ) { +- llist_add_to(&e->aliases, xstrdup(ptr + 6)); +- ptr += strlen(ptr); ++ llist_add_to(&e->aliases, replace_underscores(xstrdup(ptr + 6))); + } else if (ENABLE_FEATURE_MODUTILS_SYMBOLS + && is_prefixed_with(ptr, "__ksymtab_") + ) { +@@ -74,9 +86,10 @@ static int FAST_FUNC parse_module(struct recursive_state *state, + ) { + continue; + } +- llist_add_to(&e->symbols, xstrdup(ptr)); +- ptr += strlen(ptr); +- } ++ llist_add_to(&e->symbols, xasprintf("symbol:%s", ptr)); ++ } else ++ continue; ++ ptr += strlen(ptr); + } + free(image); + +@@ -108,12 +121,6 @@ static void order_dep_list(module_db *modules, module_entry *start, llist_t *add + } + } + +-static void xfreopen_write(const char *file, FILE *f) +-{ +- if (freopen(file, "w", f) == NULL) +- bb_perror_msg_and_die("can't open '%s'", file); +-} +- + //usage:#if !ENABLE_MODPROBE_SMALL + //usage:#define depmod_trivial_usage "[-n] [-b BASE] [VERSION] [MODFILES]..." + //usage:#define depmod_full_usage "\n\n" +@@ -167,6 +174,169 @@ enum { + OPT_C = (1 << 9), /* -C,--config etc_modules_conf: ignored */ + }; + ++/* Support for the mod binary index generation */ ++ ++static void index_init(const char *filename) ++{ ++ if (ENABLE_FEATURE_MODUTILS_BIN) { ++ index_node *n; ++ ++ n = xzalloc(sizeof(index_node)); ++ n->prefix = xstrdup(""); ++ G.root_node = n; ++ } ++ ++ if (filename && !(option_mask32 & OPT_n)) { ++ if (freopen(filename, "w", stdout) == NULL) ++ bb_perror_msg_and_die("can't open '%s'", filename); ++ } ++} ++ ++static void index_add(const char *key, char *value, const char *prefix) ++{ ++ if (prefix && *prefix) ++ printf("%s%s %s\n", prefix, key, value); ++ else if (prefix) ++ printf("%s\n", value); ++ ++ if (ENABLE_FEATURE_MODUTILS_BIN) { ++ index_node *cur = G.root_node, *n; ++ unsigned i = 0, j, ch; ++ ++ while (1) { ++ /* Ensure node->prefix is a prefix of &str[i]. ++ * If it is not already, then we must split node. */ ++ for (j = 0; cur->prefix[j]; j++) { ++ ch = cur->prefix[j]; ++ if (ch != key[i+j]) { ++ /* New child is copy of node with prefix[j+1..N] */ ++ n = xzalloc(sizeof(index_node)); ++ n->prefix = xstrdup(&cur->prefix[j+1]); ++ n->values = cur->values; ++ memcpy(n->children, cur->children, sizeof(n->children)); ++ ++ /* Parent has prefix[0..j], child at prefix[j] */ ++ cur->prefix[j] = '\0'; ++ cur->values = NULL; ++ memset(cur->children, 0, sizeof(cur->children)); ++ cur->children[ch-INDEX_MINCHAR] = n; ++ break; ++ } ++ } ++ i += j; ++ ++ ch = key[i]; ++ if (ch == 0) ++ break; ++ ++ if (ch < INDEX_MINCHAR || ch >= INDEX_MAXCHAR) ++ bb_simple_error_msg_and_die("bad module name"); ++ ++ ch -= INDEX_MINCHAR; ++ if (!cur->children[ch]) { ++ n = xzalloc(sizeof(index_node)); ++ cur->children[ch] = n; ++ n->prefix = xstrdup(&key[i+1]); ++ cur = n; ++ break; ++ } ++ ++ /* Descend into child node and continue */ ++ cur = cur->children[ch]; ++ i++; ++ } ++ ++ llist_add_to(&cur->values, value); ++ } ++} ++ ++static uint32_t index_write_node(FILE *out, index_node *n, void (*freeit)(void *data)) ++{ ++ uint32_t child_offs[INDEX_MAXCHAR-INDEX_MINCHAR]; ++ uint32_t offset; ++ uint8_t first = 255, last = 0; ++ unsigned i; ++ ++ for (i = 0; i < INDEX_MAXCHAR-INDEX_MINCHAR; i++) { ++ child_offs[i] = 0; ++ if (!n->children[i]) ++ continue; ++ child_offs[i] = index_write_node(out, n->children[i], freeit); ++ if (first > INDEX_MAXCHAR) ++ first = i; ++ last = i; ++ } ++ ++ offset = ftell(out); ++ ++ if (n->prefix[0]) { ++ fputs(n->prefix, out); ++ fputc('\0', out); ++ offset |= INDEX_NODE_PREFIX; ++ } ++ ++ if (first < INDEX_MAXCHAR) { ++ fputc(first + INDEX_MINCHAR, out); ++ fputc(last + INDEX_MINCHAR, out); ++ fwrite(child_offs + first, sizeof(uint32_t), last - first + 1, out); ++ offset |= INDEX_NODE_CHILDS; ++ } ++ ++ if (n->values) { ++ const llist_t *v; ++ unsigned int cnt; ++ uint32_t u; ++ ++ n->values = llist_rev(n->values); ++ for (v = n->values, cnt = 0; v != NULL; v = v->link, cnt++); ++ u = htonl(cnt); ++ fwrite(&u, sizeof(u), 1, out); ++ for (v = n->values, cnt = 0; v != NULL; v = v->link, cnt++) { ++ u = htonl(cnt); ++ fwrite(&u, sizeof(u), 1, out); ++ fputs(v->data, out); ++ fputc('\0', out); ++ } ++ offset |= INDEX_NODE_VALUES; ++ } ++ ++ llist_free(n->values, freeit); ++ free(n->prefix); ++ free(n); ++ ++ return htonl(offset); ++} ++ ++static void index_dump(const char *filename, int deps_file) ++{ ++ if (ENABLE_FEATURE_MODUTILS_BIN) { ++ FILE *out; ++ uint32_t header[3] = { ++ htonl(INDEX_MAGIC), ++ htonl(INDEX_VERSION), ++ }; ++ ++ if (option_mask32 & OPT_n) ++ filename = "/dev/null"; ++ else ++ filename = xasprintf("tmp.%s.bin", filename); ++ ++ out = xfopen_for_write(filename); ++ fwrite(header, sizeof(uint32_t), 3, out); ++ header[2] = index_write_node(out, G.root_node, deps_file ? free : 0); ++ rewind(out); ++ G.root_node = NULL; ++ fwrite(header, sizeof(uint32_t), 3, out); ++ if (fclose(out)) { ++ remove(filename); ++ bb_simple_error_msg_and_die(bb_msg_write_error); ++ } ++ /* .bin files are mmap'ed; not renaming it may crash ++ * long standing daemon using libkmod */ ++ rename_or_warn(filename, filename + 4); ++ } ++} ++ + int depmod_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; + int depmod_main(int argc UNUSED_PARAM, char **argv) + { +@@ -178,6 +348,8 @@ int depmod_main(int argc UNUSED_PARAM, char **argv) + unsigned i; + int tmp; + ++ INIT_G(); ++ + getopt32(argv, "aAb:eF:nruqC:", &moddir_base, NULL, NULL); + argv += optind; + +@@ -211,53 +383,60 @@ int depmod_main(int argc UNUSED_PARAM, char **argv) + } + + /* Generate dependency and alias files */ +- if (!(option_mask32 & OPT_n)) +- xfreopen_write(CONFIG_DEFAULT_DEPMOD_FILE, stdout); +- ++ index_init(CONFIG_DEFAULT_DEPMOD_FILE); + moddb_foreach_module(&modules, m, i) { +- printf("%s:", m->name); +- ++ char *buf = xasprintf("%s:", m->name); + order_dep_list(&modules, m, m->deps); ++ + while (m->dnext != m) { + dep = m->dnext; +- printf(" %s", dep->name); +- ++ buf = gather_options_str(buf, dep->name); + /* unlink current entry */ + dep->dnext->dprev = dep->dprev; + dep->dprev->dnext = dep->dnext; + dep->dnext = dep->dprev = dep; + } +- bb_putchar('\n'); ++ index_add(m->modname, buf, ""); + } +- +-#if ENABLE_FEATURE_MODUTILS_ALIAS +- if (!(option_mask32 & OPT_n)) +- xfreopen_write("modules.alias", stdout); +- moddb_foreach_module(&modules, m, i) { +- while (m->aliases) { +- /* +- * Last word used to be a basename +- * (filename with path and .ko.* stripped) +- * at the time of module-init-tools 3.4. +- * kmod v.12 uses module name, i.e., s/-/_/g. +- */ +- printf("alias %s %s\n", +- (char*)llist_pop(&m->aliases), +- m->modname); ++ index_dump(CONFIG_DEFAULT_DEPMOD_FILE, 1); ++ ++ if (ENABLE_FEATURE_MODUTILS_ALIAS) { ++ index_init("modules.alias"); ++ moddb_foreach_module(&modules, m, i) { ++ while (m->aliases) { ++ /* ++ * Last word used to be a basename ++ * (filename with path and .ko.* stripped) ++ * at the time of module-init-tools 3.4. ++ * kmod v.12 uses module name, i.e., s/-/_/g. ++ */ ++ index_add((char*)llist_pop(&m->aliases), m->modname, "alias "); ++ } + } ++ index_dump("modules.alias", 0); + } +-#endif +-#if ENABLE_FEATURE_MODUTILS_SYMBOLS +- if (!(option_mask32 & OPT_n)) +- xfreopen_write("modules.symbols", stdout); +- moddb_foreach_module(&modules, m, i) { +- while (m->symbols) { +- printf("alias symbol:%s %s\n", +- (char*)llist_pop(&m->symbols), +- m->modname); ++ if (ENABLE_FEATURE_MODUTILS_SYMBOLS) { ++ index_init("modules.symbols"); ++ moddb_foreach_module(&modules, m, i) { ++ while (m->symbols) { ++ index_add((char*)llist_pop(&m->symbols), m->modname, "alias "); ++ } ++ } ++ index_dump("modules.symbols", 0); ++ } ++ if (ENABLE_FEATURE_MODUTILS_BIN) { ++ char line[PATH_MAX], modname[MODULE_NAME_LEN]; ++ FILE *in; ++ ++ index_init(NULL); ++ in = xfopen_for_read("modules.builtin"); ++ while (fgets(line, sizeof(line), in) != NULL) { ++ filename2modname(line, modname); ++ index_add(modname, (char *) "", 0); + } ++ fclose(in); ++ index_dump("modules.builtin", 0); + } +-#endif + + if (ENABLE_FEATURE_CLEAN_UP) + moddb_free(&modules); +diff --git a/modutils/modprobe.c b/modutils/modprobe.c +index 235706fd5..604d9e6b5 100644 +--- a/modutils/modprobe.c ++++ b/modutils/modprobe.c +@@ -191,21 +191,6 @@ struct globals { + + static int read_config(const char *path); + +-static char *gather_options_str(char *opts, const char *append) +-{ +- /* Speed-optimized. We call gather_options_str many times. */ +- if (append) { +- if (opts == NULL) { +- opts = xstrdup(append); +- } else { +- int optlen = strlen(opts); +- opts = xrealloc(opts, optlen + strlen(append) + 2); +- sprintf(opts + optlen, " %s", append); +- } +- } +- return opts; +-} +- + static struct module_entry *get_or_add_modentry(const char *module) + { + return moddb_get_or_create(&G.db, module); +diff --git a/modutils/modutils.c b/modutils/modutils.c +index 037d609e4..502ad5422 100644 +--- a/modutils/modutils.c ++++ b/modutils/modutils.c +@@ -67,6 +67,21 @@ void FAST_FUNC moddb_free(module_db *db) + } + } + ++char * FAST_FUNC gather_options_str(char *opts, const char *append) ++{ ++ /* Speed-optimized. We call gather_options_str many times. */ ++ if (append) { ++ if (opts == NULL) { ++ opts = xstrdup(append); ++ } else { ++ int optlen = strlen(opts); ++ opts = xrealloc(opts, optlen + strlen(append) + 2); ++ sprintf(opts + optlen, " %s", append); ++ } ++ } ++ return opts; ++} ++ + void FAST_FUNC replace(char *s, char what, char with) + { + while (*s) { +@@ -76,6 +91,22 @@ void FAST_FUNC replace(char *s, char what, char with) + } + } + ++char* FAST_FUNC replace_underscores(char *s) ++{ ++ int i; ++ for (i = 0; s[i]; i++) { ++ switch (s[i]) { ++ case '-': ++ s[i] = '_'; ++ break; ++ case '[': ++ i += strcspn(&s[i], "]"); ++ break; ++ } ++ } ++ return s; ++} ++ + int FAST_FUNC string_to_llist(char *string, llist_t **llist, const char *delim) + { + char *tok; +diff --git a/modutils/modutils.h b/modutils/modutils.h +index 4a702e97c..73e816028 100644 +--- a/modutils/modutils.h ++++ b/modutils/modutils.h +@@ -18,6 +18,20 @@ PUSH_AND_SET_FUNCTION_VISIBILITY_TO_HIDDEN + #define MODULE_NAME_LEN 256 + #define MODULE_HASH_SIZE 256 + ++/* .bin index format definitions */ ++#define INDEX_MAGIC 0xB007F457 ++#define INDEX_VERSION_MAJOR 0x0002 ++#define INDEX_VERSION_MINOR 0x0001 ++#define INDEX_VERSION ((INDEX_VERSION_MAJOR<<16)|INDEX_VERSION_MINOR) ++ ++enum node_offset { ++ INDEX_NODE_FLAGS = 0xF0000000, /* Flags in high nibble */ ++ INDEX_NODE_PREFIX = 0x80000000, ++ INDEX_NODE_VALUES = 0x40000000, ++ INDEX_NODE_CHILDS = 0x20000000, ++ INDEX_NODE_MASK = 0x0FFFFFFF, /* Offset value */ ++}; ++ + typedef struct module_entry { + struct module_entry *next; + char *name, *modname; +@@ -47,7 +61,9 @@ module_entry *moddb_get(module_db *db, const char *s) FAST_FUNC; + module_entry *moddb_get_or_create(module_db *db, const char *s) FAST_FUNC; + void moddb_free(module_db *db) FAST_FUNC; + ++char *gather_options_str(char *opts, const char *append) FAST_FUNC; + void replace(char *s, char what, char with) FAST_FUNC; ++char *replace_underscores(char *s) FAST_FUNC; + int string_to_llist(char *string, llist_t **llist, const char *delim) FAST_FUNC; + char *filename2modname(const char *filename, char *modname) FAST_FUNC; + #if ENABLE_FEATURE_CMDLINE_MODULE_OPTIONS diff --git a/aports/busybox/0020-Add-flag-for-not-following-symlinks-when-recursing.patch b/aports/busybox/0020-Add-flag-for-not-following-symlinks-when-recursing.patch new file mode 100644 index 0000000..44a3492 --- /dev/null +++ b/aports/busybox/0020-Add-flag-for-not-following-symlinks-when-recursing.patch @@ -0,0 +1,60 @@ +From 333b48438e3001cddbc902bd6f5fc7eb116997ca Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Fri, 25 Jul 2014 02:10:50 +0200 +Subject: [PATCH] Add flag for not following symlinks when recursing +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +function old new delta +.rodata 7934 7967 +33 +diff_longopts 253 270 +17 +packed_usage 1704 1720 +16 +diff_main 1665 1662 -3 +------------------------------------------------------------------------------ +(add/remove: 0/0 grow/shrink: 3/1 up/down: 66/-3) Total: 63 bytes + +--- + editors/diff.c | 8 +++++++- + 1 file changed, 7 insertions(+), 1 deletion(-) + +diff --git a/editors/diff.c b/editors/diff.c +index 1adc4cbc7..f7c0f5250 100644 +--- a/editors/diff.c ++++ b/editors/diff.c +@@ -113,6 +113,9 @@ + //usage: "\n -N Treat absent files as empty" + //usage: "\n -q Output only whether files differ" + //usage: "\n -r Recurse" ++//usage: IF_LONG_OPTS( ++//usage: "\n --no-dereference Don't follow symlinks" ++//usage: ) + //usage: "\n -S Start with FILE when comparing directories" + //usage: "\n -T Make tabs line up by prefixing a tab when necessary" + //usage: "\n -s Report when two files are the same" +@@ -154,6 +157,7 @@ enum { /* Commandline flags */ + FLAG_p, /* not implemented */ + FLAG_B, + FLAG_E, /* not implemented */ ++ FLAG_no_deref, + }; + #define FLAG(x) (1 << FLAG_##x) + +@@ -867,7 +871,8 @@ static void diffdir(char *p[2], const char *s_start) + * Using list.len to specify its length, + * add_to_dirlist will remove it. */ + list[i].len = strlen(p[i]); +- recursive_action(p[i], ACTION_RECURSE | ACTION_FOLLOWLINKS, ++ recursive_action(p[i], ACTION_RECURSE | ++ ((option_mask32 & FLAG(no_deref)) ? 0 : ACTION_FOLLOWLINKS), + add_to_dirlist, skip_dir, &list[i]); + /* Sort dl alphabetically. + * GNU diff does this ignoring any number of trailing dots. +@@ -964,6 +969,7 @@ static const char diff_longopts[] ALIGN1 = + "report-identical-files\0" No_argument "s" + "starting-file\0" Required_argument "S" + "minimal\0" No_argument "d" ++ "no-dereference\0" No_argument "\xff" + ; + # define GETOPT32 getopt32long + # define LONGOPTS ,diff_longopts diff --git a/aports/busybox/0021-udhcpc-Don-t-background-if-n-is-given.patch b/aports/busybox/0021-udhcpc-Don-t-background-if-n-is-given.patch new file mode 100644 index 0000000..9ce7adf --- /dev/null +++ b/aports/busybox/0021-udhcpc-Don-t-background-if-n-is-given.patch @@ -0,0 +1,100 @@ +From b6a7520ce7c77f14f61794e6a84c865042a31db3 Mon Sep 17 00:00:00 2001 +From: Natanael Copa +Date: Thu, 6 Jul 2017 07:05:15 +0200 +Subject: [PATCH] udhcpc: Don't background if -n is given +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +we need add -b to our udhcpc options to prevent boot forever if there are no +dhcp server. We also need a way for users to disable this behavior by making +it possible to set -n option at runtime. + +Since busybox 1.31.0 -b takes precedence over -n [0]. However, since we +enable -b instead of -n by default (through our busyboxconfig) this is +not desired, this commit therefore also reverts the upstream patch +introducing this change. + +See also: https://bugs.busybox.net/11691 + +[0]: https://git.busybox.net/busybox/commit/?id=87e216294af9eec39c0c1d553555f8a98c15db38 + +--- + networking/udhcp/d6_dhcpc.c | 20 +++++++------------- + networking/udhcp/dhcpc.c | 20 +++++++------------- + 2 files changed, 14 insertions(+), 26 deletions(-) + +diff --git a/networking/udhcp/d6_dhcpc.c b/networking/udhcp/d6_dhcpc.c +index 3d0ec98f9..cc3afa921 100644 +--- a/networking/udhcp/d6_dhcpc.c ++++ b/networking/udhcp/d6_dhcpc.c +@@ -1403,25 +1403,19 @@ int udhcpc6_main(int argc UNUSED_PARAM, char **argv) + leasefail: + change_listen_mode(LISTEN_NONE); + d6_run_script_no_option("leasefail"); ++ if (opt & OPT_n) { /* abort if no lease */ ++ bb_simple_info_msg("no lease, failing"); ++ retval = 1; ++ goto ret; ++ } + #if BB_MMU /* -b is not supported on NOMMU */ + if (opt & OPT_b) { /* background if no lease */ + bb_simple_info_msg("no lease, forking to background"); + client_background(); + /* do not background again! */ +- opt = ((opt & ~(OPT_b|OPT_n)) | OPT_f); +- /* ^^^ also disables -n (-b takes priority over -n): +- * ifup's default udhcpc options are -R -n, +- * and users want to be able to add -b +- * (in a config file) to make it background +- * _and not exit_. +- */ +- } else +-#endif +- if (opt & OPT_n) { /* abort if no lease */ +- bb_simple_info_msg("no lease, failing"); +- retval = 1; +- goto ret; ++ opt = ((opt & ~OPT_b) | OPT_f); + } ++#endif + /* Wait before trying again */ + timeout = tryagain_timeout; + packet_num = 0; +diff --git a/networking/udhcp/dhcpc.c b/networking/udhcp/dhcpc.c +index 424d6dade..06ad59fe5 100644 +--- a/networking/udhcp/dhcpc.c ++++ b/networking/udhcp/dhcpc.c +@@ -1456,25 +1456,19 @@ int udhcpc_main(int argc UNUSED_PARAM, char **argv) + leasefail: + change_listen_mode(LISTEN_NONE); + d4_run_script(NULL, "leasefail"); ++ if (opt & OPT_n) { /* abort if no lease */ ++ bb_simple_info_msg("no lease, failing"); ++ retval = 1; ++ goto ret; ++ } + #if BB_MMU /* -b is not supported on NOMMU */ + if (opt & OPT_b) { /* background if no lease */ + bb_simple_info_msg("no lease, forking to background"); + client_background(); + /* do not background again! */ +- opt = ((opt & ~(OPT_b|OPT_n)) | OPT_f); +- /* ^^^ also disables -n (-b takes priority over -n): +- * ifup's default udhcpc options are -R -n, +- * and users want to be able to add -b +- * (in a config file) to make it background +- * _and not exit_. +- */ +- } else +-#endif +- if (opt & OPT_n) { /* abort if no lease */ +- bb_simple_info_msg("no lease, failing"); +- retval = 1; +- goto ret; ++ opt = ((opt & ~OPT_b) | OPT_f); + } ++#endif + /* Wait before trying again */ + timeout = tryagain_timeout; + packet_num = 0; diff --git a/aports/busybox/0023-tests-fix-tarball-creation.patch b/aports/busybox/0023-tests-fix-tarball-creation.patch new file mode 100644 index 0000000..e4221e7 --- /dev/null +++ b/aports/busybox/0023-tests-fix-tarball-creation.patch @@ -0,0 +1,29 @@ +From 9448774028839a834a554384a7c64e89fd9c3486 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Wed, 4 Jan 2023 08:30:41 +0100 +Subject: [PATCH] tests: fix tarball creation +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Without this patch, the chmod 644 invocation takes away the executable +bit from the input_dir directory, thus preventing the chmod of the files +within the input_dir directory (due to lack of x-bit). + +--- + testsuite/tar.tests | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/testsuite/tar.tests b/testsuite/tar.tests +index 0f2e89112..18e571af3 100755 +--- a/testsuite/tar.tests ++++ b/testsuite/tar.tests +@@ -67,7 +67,7 @@ testing "tar hardlinks and repeated files" '\ + ln input_hard1 input_hard2 + mkdir input_dir + >input_dir/file +-chmod -R 644 * ++for f in *; do [ "$f" = "input_dir" ] || chmod -R 644 "$f"; done + chmod 755 input_dir + tar cf test.tar input input_dir/ input_hard1 input_hard2 input_hard1 input_dir/ input + tar tvf test.tar | sed "s/.*[0-9] input/input/" diff --git a/aports/busybox/0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch b/aports/busybox/0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch new file mode 100644 index 0000000..de2cb36 --- /dev/null +++ b/aports/busybox/0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch @@ -0,0 +1,40 @@ +From 707d69bf1e7a5f2e29309239d599933350cbfd59 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Wed, 4 Jan 2023 08:04:07 +0100 +Subject: [PATCH] tests: musl doesn't seem to recognize UTC0 as a timezone +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +UTC works though. + +TODO: Figure out if musl /should/ regonize UTC0. +--- + testsuite/date/date-timezone | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/testsuite/date/date-timezone b/testsuite/date/date-timezone +index 8628aa1d7..720ce4f26 100644 +--- a/testsuite/date/date-timezone ++++ b/testsuite/date/date-timezone +@@ -1,17 +1,17 @@ + # FEATURE: CONFIG_FEATURE_TIMEZONE + + # 'Z' is UTC +-dt=$(TZ=UTC0 busybox date -d '1999-1-2 3:4:5Z') ++dt=$(TZ=UTC busybox date -d '1999-1-2 3:4:5Z') + dt=$(echo "$dt" | cut -b1-19) + test x"$dt" = x"Sat Jan 2 03:04:05" + + # '+0600' is six hours ahead of UTC +-dt=$(TZ=UTC0 busybox date -d '1999-1-2 3:4:5 +0600') ++dt=$(TZ=UTC busybox date -d '1999-1-2 3:4:5 +0600') + dt=$(echo "$dt" | cut -b1-19) + test x"$dt" = x"Fri Jan 1 21:04:05" + + # '-0600' is six hours behind UTC +-dt=$(TZ=UTC0 busybox date -d '1999-1-2 3:4:5 -0600') ++dt=$(TZ=UTC busybox date -d '1999-1-2 3:4:5 -0600') + dt=$(echo "$dt" | cut -b1-19) + test x"$dt" = x"Sat Jan 2 09:04:05" + diff --git a/aports/busybox/0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch b/aports/busybox/0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch new file mode 100644 index 0000000..a3030da --- /dev/null +++ b/aports/busybox/0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch @@ -0,0 +1,46 @@ +From 3ead51e53687e94a51beb793661363df27b00814 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Thu, 5 Jan 2023 15:47:55 +0100 +Subject: [PATCH] Hackfix to disable HW acceleration for MD5/SHA1 on x86 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This causes a direct segfault with musl libc. + +See: http://lists.busybox.net/pipermail/busybox/2023-January/090078.html +--- + libbb/hash_md5_sha.c | 6 +++--- + 2 files changed, 3 insertions(+), 5 deletions(-) + +diff --git a/libbb/hash_md5_sha.c b/libbb/hash_md5_sha.c +index 880ffab01..a006422ab 100644 +--- a/libbb/hash_md5_sha.c ++++ b/libbb/hash_md5_sha.c +@@ -14,7 +14,7 @@ + #define NEED_SHA512 (ENABLE_SHA512SUM || ENABLE_USE_BB_CRYPT_SHA) + + #if ENABLE_SHA1_HWACCEL || ENABLE_SHA256_HWACCEL +-# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) ++# if defined(__GNUC__) && defined(__x86_64__) + static void cpuid(unsigned *eax, unsigned *ebx, unsigned *ecx, unsigned *edx) + { + asm ("cpuid" +@@ -1173,7 +1173,7 @@ void FAST_FUNC sha1_begin(sha1_ctx_t *ctx) + ctx->total64 = 0; + ctx->process_block = sha1_process_block64; + #if ENABLE_SHA1_HWACCEL +-# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) ++# if defined(__GNUC__) && defined(__x86_64__) + { + if (!shaNI) { + unsigned eax = 7, ebx = ebx, ecx = 0, edx = edx; +@@ -1227,7 +1227,7 @@ void FAST_FUNC sha256_begin(sha256_ctx_t *ctx) + /*ctx->total64 = 0; - done by prepending two 32-bit zeros to init256 */ + ctx->process_block = sha256_process_block64; + #if ENABLE_SHA256_HWACCEL +-# if defined(__GNUC__) && (defined(__i386__) || defined(__x86_64__)) ++# if defined(__GNUC__) && defined(__x86_64__) + { + if (!shaNI) { + unsigned eax = 7, ebx = ebx, ecx = 0, edx = edx; diff --git a/aports/busybox/0026-lineedit-Handle-SIGWINCH-gracefully.patch b/aports/busybox/0026-lineedit-Handle-SIGWINCH-gracefully.patch new file mode 100644 index 0000000..43f48b1 --- /dev/null +++ b/aports/busybox/0026-lineedit-Handle-SIGWINCH-gracefully.patch @@ -0,0 +1,61 @@ +From 63bb934c9e48d3ba1dc7f8001d423ea84b9a00c2 Mon Sep 17 00:00:00 2001 +From: Marian Buschsieweke +Date: Thu, 19 Jan 2023 17:18:18 +0100 +Subject: [PATCH] lineedit: Handle SIGWINCH gracefully + +Since 1.16.0 a resize of the terminal emulator resulted in ash printing +a new command line. This fixes the issue by retrying read_key() in +lineedit_read_key() on SIGWINCH, rendering reception of SIGWINCH +transparent to callers of read_line_input(). + +Fixes https://bugs.busybox.net/show_bug.cgi?id=15256 +--- + libbb/lineedit.c | 11 +++++++++-- + 1 file changed, 9 insertions(+), 2 deletions(-) + +diff --git a/libbb/lineedit.c b/libbb/lineedit.c +index d6b2e76ff..a47d9e508 100644 +--- a/libbb/lineedit.c ++++ b/libbb/lineedit.c +@@ -2149,7 +2149,7 @@ static void cmdedit_setwidth(void) + redraw((new_y >= cmdedit_y ? new_y : cmdedit_y), command_len - cursor); + } + +-static void win_changed(int nsig UNUSED_PARAM) ++static void win_changed(int nsig) + { + if (S.ok_to_redraw) { + /* We are in read_key(), safe to redraw immediately */ +@@ -2157,6 +2157,7 @@ static void win_changed(int nsig UNUSED_PARAM) + cmdedit_setwidth(); + fflush_all(); + errno = sv_errno; ++ bb_got_signal = nsig; + } else { + /* Signal main loop that redraw is necessary */ + S.SIGWINCH_count++; +@@ -2186,7 +2187,9 @@ static int lineedit_read_key(char *read_key_buffer, int timeout) + * Note: read_key sets errno to 0 on success. + */ + for (;;) { +- if ((state->flags & LI_INTERRUPTIBLE) && bb_got_signal) { ++ if ((state->flags & LI_INTERRUPTIBLE) && bb_got_signal ++ && (bb_got_signal != SIGWINCH) ++ ) { + errno = EINTR; + return -1; + } +@@ -2197,6 +2200,10 @@ static int lineedit_read_key(char *read_key_buffer, int timeout) + IF_FEATURE_EDITING_WINCH(S.ok_to_redraw = 0;) + if (errno != EINTR) + break; ++ if (bb_got_signal == SIGWINCH) { ++ bb_got_signal = 0; ++ continue; ++ } + if (state->flags & LI_INTERRUPTIBLE) { + /* LI_INTERRUPTIBLE bails out on EINTR, + * but nothing really guarantees that bb_got_signal +-- +2.39.1 + diff --git a/aports/busybox/0027-umount-Implement-O-option-to-unmount-by-mount-option.patch b/aports/busybox/0027-umount-Implement-O-option-to-unmount-by-mount-option.patch new file mode 100644 index 0000000..2b330e5 --- /dev/null +++ b/aports/busybox/0027-umount-Implement-O-option-to-unmount-by-mount-option.patch @@ -0,0 +1,195 @@ +From 7ea459b570760f8e836d05e58422dbd3a7d1b016 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?S=C3=B6ren=20Tempel?= +Date: Sun, 19 Jun 2022 17:49:41 +0200 +Subject: [PATCH] umount: Implement -O option to unmount by mount options +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This commit adds an implementation of the umount -O option, as provided +by util-linux's mount(8) implementation, to BusyBox. Similar to -t, the +option is intended to be used in conjunction with -a thereby allowing +users to filter which file systems are unmounted by mount options. +Multiple options can be specified with -O, all of which need to match. +Each option can be prefixed with `no` to indicate that no action should +be taken for a mount point with this mount option. The "no" prefix +interpretation can be disabled using the "+" prefix. + +At Alpine, this feature is often requested by users as the OpenRC +netmount service uses `umount -a -O _netdev` to amount all network +file systems [1] [2]. + +This implementation is functionally equivalent to the util-linux +implementation with the exception that it implements no special handling +for `key="value"` mount options to keep the implementation simple. +Therefore, filesystems mounted with options like `foo="bar"` won't +be matched by `umount -a -O foo`. + +[1]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/9923 +[2]: https://gitlab.alpinelinux.org/alpine/aports/-/issues/13789 + +Signed-off-by: Sören Tempel +Signed-off-by: Sören Tempel +--- + include/libbb.h | 1 + + libbb/Kbuild.src | 1 + + libbb/match_fsopts.c | 69 ++++++++++++++++++++++++++++++++++++++++++++ + util-linux/umount.c | 10 +++++-- + 4 files changed, 78 insertions(+), 3 deletions(-) + create mode 100644 libbb/match_fsopts.c + +diff --git a/include/libbb.h b/include/libbb.h +index cca33a177..ad41adec8 100644 +--- a/include/libbb.h ++++ b/include/libbb.h +@@ -1586,6 +1586,7 @@ const struct hwtype *get_hwntype(int type) FAST_FUNC; + + + extern int fstype_matches(const char *fstype, const char *comma_list) FAST_FUNC; ++extern int fsopts_matches(const char *opts_list, const char *reqopts_list) FAST_FUNC; + #ifdef HAVE_MNTENT_H + extern struct mntent *find_mount_point(const char *name, int subdir_too) FAST_FUNC; + #endif +diff --git a/libbb/Kbuild.src b/libbb/Kbuild.src +index 653025e56..4bb8260b9 100644 +--- a/libbb/Kbuild.src ++++ b/libbb/Kbuild.src +@@ -120,6 +120,7 @@ lib-y += xrealloc_vector.o + + lib-$(CONFIG_MOUNT) += match_fstype.o + lib-$(CONFIG_UMOUNT) += match_fstype.o ++lib-$(CONFIG_UMOUNT) += match_fsopts.o + + lib-$(CONFIG_FEATURE_UTMP) += utmp.o + +diff --git a/libbb/match_fsopts.c b/libbb/match_fsopts.c +new file mode 100644 +index 000000000..b1cc85c3c +--- /dev/null ++++ b/libbb/match_fsopts.c +@@ -0,0 +1,69 @@ ++/* vi: set sw=4 ts=4: */ ++/* ++ * Match fsopts for use in mount unmount -O. ++ * ++ * Returns 1 for a match, otherwise 0. ++ * ++ * Licensed under GPLv2 or later, see file LICENSE in this source tree. ++ */ ++ ++#include "libbb.h" ++ ++static int fsopt_matches(const char *opts_list, const char *opt, size_t optlen) ++{ ++ int match = 1; ++ ++ if (optlen >= 2 && opt[0] == 'n' && opt[1] == 'o') { ++ match--; ++ opt += 2; optlen -= 2; ++ } ++ ++ /* The alone "no" is an error, all matching ends with False. */ ++ if (optlen == 0) ++ return 0; ++ ++ /* The "no" prefix interpretation can be disabled by the "+" prefix. */ ++ if (match && optlen > 1 && *opt == '+') { ++ opt++; optlen--; ++ } ++ ++ while (1) { ++ if (strncmp(opts_list, opt, optlen) == 0) { ++ const char *after_opt = opts_list + optlen; ++ if (*after_opt == '\0' || *after_opt == ',') ++ return match; ++ } ++ ++ opts_list = strchr(opts_list, ','); ++ if (!opts_list) ++ break; ++ opts_list++; ++ } ++ ++ return !match; ++} ++ ++/* This function implements the mnt_match_options function from libmount. */ ++int FAST_FUNC fsopts_matches(const char *opts_list, const char *reqopts_list) ++{ ++ if (!reqopts_list) ++ return 1; /* no options requested, match anything */ ++ ++ while (1) { ++ size_t len; ++ const char *comma = strchr(reqopts_list, ','); ++ if (!comma) ++ len = strlen(reqopts_list); ++ else ++ len = comma - reqopts_list; ++ ++ if (len && !fsopt_matches(opts_list, reqopts_list, len)) ++ return 0; ++ ++ if (!comma) ++ break; ++ reqopts_list = ++comma; ++ } ++ ++ return 1; ++} +diff --git a/util-linux/umount.c b/util-linux/umount.c +index 23da32868..7a54cafb0 100644 +--- a/util-linux/umount.c ++++ b/util-linux/umount.c +@@ -41,7 +41,7 @@ + //kbuild:lib-$(CONFIG_UMOUNT) += umount.o + + //usage:#define umount_trivial_usage +-//usage: "[-rlf"IF_FEATURE_MTAB_SUPPORT("m")IF_FEATURE_MOUNT_LOOP("d")IF_FEATURE_UMOUNT_ALL("a")"] [-t FSTYPE] FILESYSTEM|DIRECTORY" ++//usage: "[-rlf"IF_FEATURE_MTAB_SUPPORT("m")IF_FEATURE_MOUNT_LOOP("d")IF_FEATURE_UMOUNT_ALL("a")"] [-t FSTYPE] [-O FSOPT] FILESYSTEM|DIRECTORY" + //usage:#define umount_full_usage "\n\n" + //usage: "Unmount filesystems\n" + //usage: IF_FEATURE_UMOUNT_ALL( +@@ -57,6 +57,7 @@ + //usage: "\n -d Free loop device if it has been used" + //usage: ) + //usage: "\n -t FSTYPE[,...] Unmount only these filesystem type(s)" ++//usage: "\n -O FSOPT[,...] Unmount only filesystem mounted with the given options" + //usage: + //usage:#define umount_example_usage + //usage: "$ umount /dev/hdc1\n" +@@ -82,7 +83,7 @@ static struct mntent *getmntent_r(FILE* stream, struct mntent* result, + #endif + + /* ignored: -c -v -i */ +-#define OPTION_STRING "fldnrat:" "cvi" ++#define OPTION_STRING "fldnrat:O:" "cvi" + #define OPT_FORCE (1 << 0) // Same as MNT_FORCE + #define OPT_LAZY (1 << 1) // Same as MNT_DETACH + #define OPT_FREELOOP (1 << 2) +@@ -96,6 +97,7 @@ int umount_main(int argc UNUSED_PARAM, char **argv) + int doForce; + struct mntent me; + FILE *fp; ++ char *opts = NULL; + char *fstype = NULL; + int status = EXIT_SUCCESS; + unsigned opt; +@@ -105,7 +107,7 @@ int umount_main(int argc UNUSED_PARAM, char **argv) + struct mtab_list *next; + } *mtl, *m; + +- opt = getopt32(argv, OPTION_STRING, &fstype); ++ opt = getopt32(argv, OPTION_STRING, &fstype, &opts); + //argc -= optind; + argv += optind; + +@@ -133,6 +135,8 @@ int umount_main(int argc UNUSED_PARAM, char **argv) + /* Match fstype (fstype==NULL matches always) */ + if (!fstype_matches(me.mnt_type, fstype)) + continue; ++ if (!fsopts_matches(me.mnt_opts, opts)) ++ continue; + m = xzalloc(sizeof(*m)); + m->next = mtl; + m->device = xstrdup(me.mnt_fsname); diff --git a/aports/busybox/0028-ash-use-after-free-in-bash-pattern-substitution.patch b/aports/busybox/0028-ash-use-after-free-in-bash-pattern-substitution.patch new file mode 100644 index 0000000..a8c13e4 --- /dev/null +++ b/aports/busybox/0028-ash-use-after-free-in-bash-pattern-substitution.patch @@ -0,0 +1,34 @@ +From 3e83699ce23400d75c7ddaa7ebfdec015177caa7 Mon Sep 17 00:00:00 2001 +From: Karsten Sperling +Date: Thu, 18 May 2023 16:47:49 +0200 +Subject: [PATCH] ash: use-after-free in bash pattern substitution +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Commit daa66ed6 fixed a number of use-after-free bugs in bash pattern +substitution, however one "unguarded" STPUTC remained, which is fixed here. + +function old new delta +subevalvar 1564 1576 +12 + +Signed-off-by: Karsten Sperling +Signed-off-by: Denys Vlasenko +Signed-off-by: Sören Tempel +--- + shell/ash.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/shell/ash.c b/shell/ash.c +index d2c5c5d50..51b627fcc 100644 +--- a/shell/ash.c ++++ b/shell/ash.c +@@ -7370,6 +7370,8 @@ subevalvar(char *start, char *str, int strloc, + char *restart_detect = stackblock(); + if (quotes && *loc == '\\') { + STPUTC(CTLESC, expdest); ++ if (stackblock() != restart_detect) ++ goto restart; + len++; + } + STPUTC(*loc, expdest); diff --git a/aports/busybox/0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch b/aports/busybox/0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch new file mode 100644 index 0000000..e49bff4 --- /dev/null +++ b/aports/busybox/0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch @@ -0,0 +1,82 @@ +From 5b1deb2b98a0513b101c600e856d64edd9d47a2e Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Fri, 26 May 2023 18:52:52 +0200 +Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Signed-off-by: Denys Vlasenko +--- + editors/awk.c | 26 ++++++++++++++++----- + 2 files changed, 75 insertions(+), 6 deletions(-) + +diff --git a/editors/awk.c b/editors/awk.c +index 728ee8685..2af823808 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -555,7 +555,7 @@ struct globals { + const char *g_progname; + int g_lineno; + int nfields; +- int maxfields; /* used in fsrealloc() only */ ++ unsigned maxfields; + var *Fields; + char *g_pos; + char g_saved_ch; +@@ -1931,9 +1931,9 @@ static void fsrealloc(int size) + { + int i, newsize; + +- if (size >= maxfields) { +- /* Sanity cap, easier than catering for overflows */ +- if (size > 0xffffff) ++ if ((unsigned)size >= maxfields) { ++ /* Sanity cap, easier than catering for over/underflows */ ++ if ((unsigned)size > 0xffffff) + bb_die_memory_exhausted(); + + i = maxfields; +@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res) + uint32_t opinfo; + int opn; + node *op1; ++ var *old_Fields_ptr; + + opinfo = op->info; + opn = (opinfo & OPNMASK); +@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res) + debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn); + + /* execute inevitable things */ ++ old_Fields_ptr = NULL; + if (opinfo & OF_RES1) { + if ((opinfo & OF_REQUIRED) && !op1) + syntax_error(EMSG_TOO_FEW_ARGS); + L.v = evaluate(op1, TMPVAR0); ++ /* Does L.v point to $n variable? */ ++ if ((size_t)(L.v - Fields) < maxfields) { ++ /* yes, remember where Fields[] is */ ++ old_Fields_ptr = Fields; ++ } + if (opinfo & OF_STR1) { + L.s = getvar_s(L.v); + debug_printf_eval("L.s:'%s'\n", L.s); +@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res) + */ + if (opinfo & OF_RES2) { + R.v = evaluate(op->r.n, TMPVAR1); +- //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? +- //L.v = NULL; ++ /* Seen in $5=$$5=$0: ++ * Evaluation of R.v ($$5=$0 expression) ++ * made L.v ($5) invalid. It's detected here. ++ */ ++ if (old_Fields_ptr) { ++ //if (old_Fields_ptr != Fields) ++ // debug_printf_eval("L.v moved\n"); ++ L.v += Fields - old_Fields_ptr; ++ } + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); + debug_printf_eval("R.s:'%s'\n", R.s); diff --git a/aports/busybox/0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch b/aports/busybox/0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch new file mode 100644 index 0000000..4017548 --- /dev/null +++ b/aports/busybox/0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch @@ -0,0 +1,80 @@ +From f69ade3845f9c1cc8cf47251d5f3ba41aab2ce21 Mon Sep 17 00:00:00 2001 +From: Denys Vlasenko +Date: Mon, 12 Jun 2023 16:51:43 +0200 +Subject: [PATCH] shell: avoid segfault on ${0::0/0~09J}. Closes 15216 +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +function old new delta +evaluate_string 1011 1053 +42 + +Signed-off-by: Denys Vlasenko +--- + shell/math.c | 39 +++++++++++++++++++++++++++++++++++---- + 1 file changed, 35 insertions(+), 4 deletions(-) + +diff --git a/shell/math.c b/shell/math.c +index 76d22c9bd..727c29467 100644 +--- a/shell/math.c ++++ b/shell/math.c +@@ -577,6 +577,28 @@ static arith_t strto_arith_t(const char *nptr, char **endptr) + # endif + #endif + ++//TODO: much better estimation than expr_len/2? Such as: ++//static unsigned estimate_nums_and_names(const char *expr) ++//{ ++// unsigned count = 0; ++// while (*(expr = skip_whitespace(expr)) != '\0') { ++// const char *p; ++// if (isdigit(*expr)) { ++// while (isdigit(*++expr)) ++// continue; ++// count++; ++// continue; ++// } ++// p = endofname(expr); ++// if (p != expr) { ++// expr = p; ++// count++; ++// continue; ++// } ++// } ++// return count; ++//} ++ + static arith_t + evaluate_string(arith_state_t *math_state, const char *expr) + { +@@ -584,10 +606,12 @@ evaluate_string(arith_state_t *math_state, const char *expr) + const char *errmsg; + const char *start_expr = expr = skip_whitespace(expr); + unsigned expr_len = strlen(expr) + 2; +- /* Stack of integers */ +- /* The proof that there can be no more than strlen(startbuf)/2+1 +- * integers in any given correct or incorrect expression +- * is left as an exercise to the reader. */ ++ /* Stack of integers/names */ ++ /* There can be no more than strlen(startbuf)/2+1 ++ * integers/names in any given correct or incorrect expression. ++ * (modulo "09v09v09v09v09v" case, ++ * but we have code to detect that early) ++ */ + var_or_num_t *const numstack = alloca((expr_len / 2) * sizeof(numstack[0])); + var_or_num_t *numstackptr = numstack; + /* Stack of operator tokens */ +@@ -652,6 +676,13 @@ evaluate_string(arith_state_t *math_state, const char *expr) + numstackptr->var = NULL; + errno = 0; + numstackptr->val = strto_arith_t(expr, (char**) &expr); ++ /* A number can't be followed by another number, or a variable name. ++ * We'd catch this later anyway, but this would require numstack[] ++ * to be twice as deep to handle strings where _every_ char is ++ * a new number or name. Example: 09v09v09v09v09v09v09v09v09v ++ */ ++ if (isalnum(*expr) || *expr == '_') ++ goto err; + //bb_error_msg("val:%lld", numstackptr->val); + if (errno) + numstackptr->val = 0; /* bash compat */ diff --git a/aports/busybox/APKBUILD b/aports/busybox/APKBUILD index 35ead0b..40e77d6 100644 --- a/aports/busybox/APKBUILD +++ b/aports/busybox/APKBUILD @@ -1,7 +1,7 @@ # Maintainer: Gabor Pali pkgname=busybox -pkgver=1.35.0 -pkgrel=4 # base: 29 +pkgver=1.36.1 +pkgrel=0 # base: 2 pkgdesc="Size optimized toolbox of many common UNIX utilities" url="https://busybox.net/" arch="all" @@ -12,8 +12,7 @@ makedepends_host="linux-headers openssl-dev>3" # skalibs-static is needed for utmps-static [ -z "$BOOTSTRAP" ] && makedepends_host="$makedepends_host utmps-dev utmps-static skalibs-static" makedepends="$makedepends_build $makedepends_host" -checkdepends= -provides="/bin/sh" +checkdepends="zip" install= subpackages= options="!check" @@ -26,38 +25,36 @@ _openrc_files="acpid.initd _mdev_openrc_files="mdev.initd" source="https://busybox.net/downloads/busybox-$pkgver.tar.bz2 - 0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch - 0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch - 0001-properly-fix-wget-https-support.patch - 0001-modutils-check-ELF-header-before-calling-finit_module.patch - 0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch - 0003-ash-exec-busybox.static.patch - 0004-app-location-for-cpio-vi-and-lspci.patch - 0005-udhcpc-set-default-discover-retries-to-5.patch - 0006-ping-make-ping-work-without-root-privileges.patch - 0007-fbsplash-support-console-switching.patch - 0008-fbsplash-support-image-and-bar-alignment-and-positio.patch - 0009-depmod-support-generating-kmod-binary-index-files.patch - 0010-Add-flag-for-not-following-symlinks-when-recursing.patch - 0012-udhcpc-Don-t-background-if-n-is-given.patch - 0013-ash-fix-unsafe-use-of-mempcpy.patch - 0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch - 0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch - 0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch - 0017-ash-Fix-use-after-free-on-idx-variable.patch - 0018-ash-fix-ifs-cleanup-on-error-paths.patch - - 0001-ash-add-built-in-BB_ASH_VERSION-variable.patch - - 0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch - - 0001-avoid-redefined-warnings-when-building-with-utmps.patch - - 0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch - 0002-nslookup-sanitize-all-printed-strings-with-printable.patch - 0001-modinfo-add-k-option-for-kernel-version.patch - CVE-2022-30065.patch - 0001-sed-check-errors-writing-file-with-sed-i.patch + 0001-modutils-check-ELF-header-before-calling-finit_modul.patch + 0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch + 0003-ash-add-built-in-BB_ASH_VERSION-variable.patch + 0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch + 0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch + 0006-modinfo-add-k-option-for-kernel-version.patch + 0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch + 0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch + 0009-properly-fix-wget-https-support.patch + 0010-sed-check-errors-writing-file-with-sed-i.patch + 0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch + 0012-nslookup-sanitize-all-printed-strings-with-printable.patch + 0013-ash-exec-busybox.static.patch + 0014-app-location-for-cpio-vi-and-lspci.patch + 0015-udhcpc-set-default-discover-retries-to-5.patch + 0016-ping-make-ping-work-without-root-privileges.patch + 0017-fbsplash-support-console-switching.patch + 0018-fbsplash-support-image-and-bar-alignment-and-positio.patch + 0019-depmod-support-generating-kmod-binary-index-files.patch + 0020-Add-flag-for-not-following-symlinks-when-recursing.patch + 0021-udhcpc-Don-t-background-if-n-is-given.patch + + 0023-tests-fix-tarball-creation.patch + 0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch + 0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch + 0026-lineedit-Handle-SIGWINCH-gracefully.patch + 0027-umount-Implement-O-option-to-unmount-by-mount-option.patch + 0028-ash-use-after-free-in-bash-pattern-substitution.patch + 0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch + 0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch acpid.logrotate config @@ -189,45 +186,46 @@ EOF } sha512sums=" -62b2e718b6669271380445ed6db249618d777a4e8d5e6d879fa39ffee43887b6a2e93ceef874c615c565ad492deb772b03a19b7475c403202741579fb151e16a busybox-1.35.0.tar.bz2 -ead3403578c071c2216de17ab0543984c1f1509c12c062f03af49141547c3ea21356f3e8f0f0695550f05a41a1379dd73fc3cc18dcd78addbb411f247351e353 0001-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch -a2787a3ecaf6746dadef62166e8ee6ecaa166147e5ad8b917c5838536057c875bab5f9cf40c3e05eba74d575484ac662929ac3799d58432d3a99ac46f364f302 0001-adduser-default-to-sbin-nologin-as-shell-for-system-.patch -1efe1c4894ae983fed5ac848125f8603f157b9d91c952c53f4192b48d3e50967e05559851148397b583f34fb02d480393547904b4635e4248248be567ab268ea 0001-properly-fix-wget-https-support.patch -0cac9b944928500293e366b42e03211d4159d05b622da60664825e5ee87c9bf6d5a8ea5e794584713f7464efb4cdc431e02f439c717b7e62b1864a228bc8cbac 0001-modutils-check-ELF-header-before-calling-finit_module.patch -d8694293edc8cd55cecafeb902f03c01af318e13966f399365cf792b840793891ac086bb67ef83e7a5a2e01b246497a6c6511cb6a856834f6672dee4bca76896 0002-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch -8c34dd5ce9a6e84279fa6494cbae0b254778976f341af1d0ccc2a3afb405fb22d374e9623ea83d1500da77c7463db2ed5218d2c9f49350a21114bd0bb17fd87d 0003-ash-exec-busybox.static.patch -f9745497abd4d04621f089c62d9f2104c30d54f342125f597292253f2974d385c5f4a46e7d87a5d1b641b11b34ba5221183dd5dad1e3bbe74a787fb8d6a994b7 0004-app-location-for-cpio-vi-and-lspci.patch -f12916e70f7cc1ef4f6d85d09b9a496a52a494e6318029fdce9a9c812ab5c7b2a046c33b66834127bf809f243c91a53c3c5e27efca026a96fe6b03421de26e60 0005-udhcpc-set-default-discover-retries-to-5.patch -89215c328a46afc686c458a133dd88dcda817586df60eb041a694715e73dc78a297fc0f9a92e8ee7d0a39ce7f6053a6b8e38f3ee078ff90ed13fac2608510105 0006-ping-make-ping-work-without-root-privileges.patch -7873b98c676a92faea61511d50c1efac1220354d20afd53de19e2c8f1472559cb333b9dd4e0d6432616d8c5f59885f1503c448c86a912e8031c9bfed628c2db1 0007-fbsplash-support-console-switching.patch -2c56906dac70dea6276e4c573707cb06c4c8b53defcd33b1e5a28f928e7dafe905a52ce40571de430e4af7e00a75ecc0f249d2fec02da5f3d9edd4e904919a35 0008-fbsplash-support-image-and-bar-alignment-and-positio.patch -df02adb3e3cd3349cc8d070911e3392164cb2e30bd72cae7ceaa974b2db6f958fdcedf809abc7b4bee37c729a4d20abf127f615b0e238a667d572137abe6a79e 0009-depmod-support-generating-kmod-binary-index-files.patch -ecbe5c890d966f09280c7eb534109f785c68e292765f17ed7ff62fcc61d20f61443c4155add0a1ebfb67ce8564e104c1aa22a8ef0400e119b0bca2bca3671f2d 0010-Add-flag-for-not-following-symlinks-when-recursing.patch -3ae5ecf3ea66c8d98762432026806fdb67b13a28075c6a3cb6e811a34ef89c2f0ed651946003aaad97fb4b7f74d132af3c394c114b7a72e1d20b319b739c5a6e 0012-udhcpc-Don-t-background-if-n-is-given.patch -6b1ebc6da26c355a63c166f4c8d1774e7a9c5456ec76b773395a2158cb4848cf245fa5553843666c0a46f4c97d03e08815abae777f2b80bbb69d916618f94761 0013-ash-fix-unsafe-use-of-mempcpy.patch -3eb7609054fa8e03d7e366f7debc5cb0630ff65d521a91be84803bdef3854f81e29d26a9567c501a121e94a55d3a3477894e774508f80def775f2ecc812805e7 0014-ash-fix-use-after-free-in-bash-pattern-substitution.patch -0040800382a6e3adcc6a8094b821488c7e297fc80304afba23a4fca43b7b26ac699378dfbd930ebbf9985336b3e431301f7ca93e2d041a071902a48740d263ef 0015-ed-don-t-use-memcpy-with-overlapping-memory-regions.patch -4c95dc4bf6aff9018bfb52b400f6d8375a1d22493b44ea516cb12dba6556f12797a3cba55768d2e59ff57c0f3247ec1ff95edb8f17561f3d37ec18d83ca47eb0 0016-ash-don-t-read-past-end-of-var-in-subvareval-for-bas.patch -ccdf098fb15eaa316708181469a1193d6eec7067131e7b7645e0219bf03cfd07f4f79e8f62c1e560f6146dcc38186a29bdee08aaa39f290e11d020b8f07d2f65 0017-ash-Fix-use-after-free-on-idx-variable.patch -3abdbd25f1f0daa24b0aabe92880c28dc2d3b59eb29fad357dfaf2b78bb895466bbf4495e2185370d9219d65b22e65e525769e369e50fb1fdfd71b5229a4f429 0018-ash-fix-ifs-cleanup-on-error-paths.patch -6d100fe44da2b97c2cbdda253d0504b487212d195144d9315cddbe8c51d18fae3745701923b170b40e35f54b592f94f02cadbffd9cb716661c12a7f1da022763 0001-ash-add-built-in-BB_ASH_VERSION-variable.patch -e33dbc27d77c4636f4852d5d5216ef60a9a4343484e4559e391c13c813bf65c782b889914eff2e1f038d74cf02cb0d23824ebbb1044b5f8c86260d5a1bbc4e4d 0001-pgrep-add-support-for-matching-against-UID-and-RUID.patch -7608fbb9deddc9268ba53bc5b762a00fa16744d595f6f8a2f5a857339e754ea0c3da084a1e48269c8281553e9171d2bb29b8530fbe85e6a934f97c3cfcdbe31b 0001-avoid-redefined-warnings-when-building-with-utmps.patch -b52050678e79e4da856956906d07fcb620cbf35f2ef6b5a8ee3b8d244ea63b4b98eef505451184d5b4937740d91eef154ed748c30d329ac485be51b37626f251 0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch -ead4ad65d270d8659e1898fa16f76b6cbcf567d8aba238eacccda3764edb4362240d9359d6389873bedc126d405f805fc6dfce653a7181618ebcc67c94bd08d2 0002-nslookup-sanitize-all-printed-strings-with-printable.patch -4f6ddd59d6096943f617b0938fca428114190b8b37732d6783faab291451a2c30c452ed39299db22d1d9679d007022f87d43e93b38a4f6ced64a8659e9233773 0001-modinfo-add-k-option-for-kernel-version.patch -22e2fa8f7a6105fd9990f93b71c235980fd4eab62269939a0e3a920fe517ee4f913c6bd0148a554b67fe01d1660bf0fd76a80e9dcac290b4b8b2c304ef6080a9 CVE-2022-30065.patch -d1a2fcbf9de623531953e7ad869e41e896aa79a0917983e6f0d20ddf7393e11220dda8be93c796b7abbf34006d8f03e871a6ab293988267df5aadb74cbd8aeb1 0001-sed-check-errors-writing-file-with-sed-i.patch +8c0c754c9ae04b5e6b23596283a7d3a4ef96225fe179f92d6f6a99c69c0caa95b1aa56c267f52d7c807f6cc69e1f0b7dd29a8ac624098f601738f8c0c57980d4 busybox-1.36.1.tar.bz2 +17249174b24ba77b6138d640eee4eebcda567a86656623122d8b31044a762ea472096c406d70ba1a1f79450236fa259d4f46c363fa25db6cc4d44950e7a4b223 0001-modutils-check-ELF-header-before-calling-finit_modul.patch +7ebb1ab462083564d2ace3e5719464326b91a40cfcf6117de4b393d3f01ed7acd37a583725323dce4220e255ba742428e0160072a90e4d566b4d7053d1f4a37f 0002-adduser-default-to-sbin-nologin-as-shell-for-system-.patch +f7caad3ef18db7de6deff0fb7b7a7e82fff613d4245f334b56a11e982c40ebcfc6160c235e49d0b4fa7d39b58c0e4924e14473a3770a66d1ef7d4df379b6d858 0003-ash-add-built-in-BB_ASH_VERSION-variable.patch +383cbc2f2f644dc34678d145ea27696a7fa7f46b8952a3448de78d516cb0452872abbc37cb3dcf2b6725c6f7675b972554404b462dec377a8e61c3b73c1cd890 0004-Avoid-redefined-warnings-when-buiding-with-utmps.patch +ce30a642e6804827ef4f7e453d162747143a52dc905950998e996d84767d19548bbbd51bd25530575670c5942137f6926e3cb6f8668e7410569d695bb4165170 0005-libbb-sockaddr2str-ensure-only-printable-characters-.patch +fa0c2f58e5bb8f646bc8451ce00375d860ded228fb7ec4ed61e3920e41990822be1fcdd8cdf9c0342318ba263516a71a837549a9bf52875b1ba652fbc7c54f92 0006-modinfo-add-k-option-for-kernel-version.patch +7313809f283d68521308f7178f6d6e458ee5c826f4c50f40a4595c7a71042d0fe83d938ad2af08e95cbfbc7c0c690fb6c2b2578c2f3e41055bf06bc5cc22d2f2 0007-nologin-Install-applet-to-sbin-instead-of-usr-sbin.patch +24b57ec15205a006310096c63829c8e09820aa8a816a9652bbf9f90efc3e6d28893be1d917deac9793121cd9cca811773272776ead121cc30e9e77cbe904cbcd 0008-pgrep-add-support-for-matching-against-UID-and-RUID.patch +63dae6bf0adb2def1436bed2bcd6ea889bbf666799a8282345e6a4bbf2b567732456fdb20439df870ead5bf242ce2b403170075429b951c5fdf53c134c9e9ef3 0009-properly-fix-wget-https-support.patch +7fea95c4d686b4f5cc5d86b3f5e0df246767b2f86349d36a9596c05af10e7d616edaee2597bcbe96c73b8d307ca6286d276308dce52b881085e67eaaa2b23542 0010-sed-check-errors-writing-file-with-sed-i.patch +2ddf584e1e960a45675e08f6bd4e61a80251bed0fe76ad968b79f4a15d0da89039a3ca62ee6f9605c56ca7e86d8c5696e8ec235acb90bed0998073fef1a4b2dd 0011-fsck-resolve-LABEL-.-UUID-.-spec-to-device.patch +05b00a98c2d5a2cab89bb6b6b80a39cea5fc2f5ea27589d39232fb2f8b85e2fca78cef84f55de202702274c1c7f7802dd04497a212834ae931297767a9186dc9 0012-nslookup-sanitize-all-printed-strings-with-printable.patch +85d85dcf1fc9c54ed7cbb7ffac36971b6d0a1024e7b6df7fcdccb7e3832bf6b1fa0b0d2e2b7990d0154b752af35a9e8b9b815e244226a9d190c56bf09e9094eb 0013-ash-exec-busybox.static.patch +42a61fa7ad5eeb757f1985331d10ac3a9977aeed8add0eff16aba3da20be0b0e19ed4b9544b6efa75c31d481af5353d7a9707750f5dcb99975f40591bed49a03 0014-app-location-for-cpio-vi-and-lspci.patch +a4a440645f1e8be9b1a92d8611190425e339049cf3e21e837f41b348796b3bb81c4369846d837359e7fbc74a32c34cea7e6924d77ca0865550c84f47fd73a1de 0015-udhcpc-set-default-discover-retries-to-5.patch +c1c522487cde86f73efb4800f610d54674d3fa381a0266598cf6c1b002b2b18be9011014b26d5d5ab82c22f6a9eaa920f32cfbb956790880497ff4316c26a64d 0016-ping-make-ping-work-without-root-privileges.patch +a9f7dd37b2722265089b39d24d47e9c4911ff1e31f9dd1c3d5ba49bca7656f3fd2b42dcfd2f837ba5ae6b850dd1b02bb6af9a97a3980fe098daf1c20fb2a4630 0017-fbsplash-support-console-switching.patch +5653c818400c38966726adf1c99b603f6f760179a291c13b5320b79e0ef63d1ad9251b276d6eed68a6b8c95bfabd95eccce9d73edbc2ea888b994d6a02763050 0018-fbsplash-support-image-and-bar-alignment-and-positio.patch +ce4316e44148562addc1f5839166ca9314ee6f26dae218617c287791a8d9239e374f993688a9299e24c9a237e4c21e481a0b35baa4e8b123ce9e2b23d065001c 0019-depmod-support-generating-kmod-binary-index-files.patch +80c426dc2ea6cafa359a078a4a283735db0b3611a6c953ee7b7b2ec00c41a1263b61085c37447fcc50a01c229db93fa8fa675b8c995040eb31e9ed6f3723a0cf 0020-Add-flag-for-not-following-symlinks-when-recursing.patch +22c1d3233b210b8a334f31101eb6ff15d276eaef009758cff57a642b660ebe38114d7f3c8055113f12d6620acc8a8f0a2fe51dbede9100cd3d0eb5cdd2d01e39 0021-udhcpc-Don-t-background-if-n-is-given.patch +923c29b050f456210fbb06d72c77f53eff2179757e8595a8e9cd1ad3f1d4d300c525bec88de3170fa16dbe6a0ea498cdf01ab5a20a289af913ca05b27abab27d 0023-tests-fix-tarball-creation.patch +192fe9b535b3ae4cfbd8455d642e9c73b134ddbdf9265b3ebd1a185122bbb1064cf2c1f01840a8cf35d0665969846ff7168c215fdce96b46b031d73c16f7622f 0024-tests-musl-doesn-t-seem-to-recognize-UTC0-as-a-timez.patch +0a0e4c425879d8250b4dee925dc9feb2595ed68b1fdb5c22e78f3452e46dc17c882ea47f119c2308915f4105b69e5c6f38156131bee1fe9ba0ff684bfd10a049 0025-Hackfix-to-disable-HW-acceleration-for-MD5-SHA1-on-x.patch +09358ed36d6c13a50119a9d96898fdc2d3e6ca089659780604425ae3d32960a17c3083de81a131b1cf9a9a2b449e40a8ed6af3a8b916247571ebc41765ab365b 0026-lineedit-Handle-SIGWINCH-gracefully.patch +e3670ab567818a42593698546dcdabaa447c10682261c128901b4390eb2bf2dbea9e84f8f2dcdd6d67c82bf93bb1eed14406e5a8dd723b4670d1995b6100651f 0027-umount-Implement-O-option-to-unmount-by-mount-option.patch +d3bd84c42487de573c0c5165a847fd233ddcd4d53a61b1e03c30a46b6dba3993e741f12daf167b8347fb7a420b188f4027582f16e92dc822eb3293804dfc62f8 0028-ash-use-after-free-in-bash-pattern-substitution.patch +5f8c1a848f28aff2b28085950c561e1a51dfcea043da455e3daf9b960025dd8789ecfe43370553cb727d4ec239aa23c42e3ae5f6ef1cd5768d69c80c31b8f39e 0029-awk-fix-use-after-realloc-CVE-2021-42380-closes-1560.patch +28748a431718f270b2d0023d09f059e6a32501afb9fd243c4b127fec28bc9312ffb7fdcc1563544a2cb29bed66383ecfea7957d557f7b21402ec3bdb6938004f 0030-shell-avoid-segfault-on-0-0-0-09J-.-Closes-15216.patch aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1 acpid.logrotate -3265cb4489feae24b253ddeee2f74814b96017027d80dfeb5ba324a3a938faef445ce148e9efc7ec1f5898346254abcfc9627924ee348514be3c9697dc473baf config -e063599f412df919b75584fee9501925418ef21689232792e9d61178f4e34a65c3cff8a3b1b4cf3e5be61efea2065cc303db35c53ec07b361d3a65e888247544 default.script -dd548670114a92404b8e35fb915fdbe5994498b05b0a418583271c3dd72fb7800950e42c095c902a014eb198c046b8a346d43dccd8e7a158048ae33767c572ed acpid.initd +b1e13a736eaf8a621b648d97c2526fe72215a5bfb13277a58c7d631bcee08cbcea20dd3d11ea8a97e545ec137adc41bd75f5f6dcbcfae96934fe6b3d14c94b46 config +6c1d25c733fd9ac6ba7d3c7f474c836fbfd41d8f1753ec9c21c08d57cd6249023a0b16f81da4d2ec5d56d14509f7ba1fffadf691504f0670f90017aaf1ed564b default.script +fcb532233fd7ba8cad302d037b88cff00ee8b96b37c90b34fc823479208cf7cdda48818c972ce2c4703b7283fd58e99ba8a724818f884f3b09eaa7e2d6ffad21 acpid.initd 34c6f3197064bb91619b899b28a201bd4d920b18bded3845440b2cb36dc6f16cabf447c96878349b16e46c30184cbe48bac00a01c5f7cf1be038c0b7136064c5 crond.confd -c9d0fb0f8cc27d661d3b4e58c56eb598ca368890576e18ffffd42efdf68ba35537656be9be319b2e2818aa0152d3ca8611bece2433512fbfcd4eed7988765549 crond.initd +f3a104095c659eef79925e8df850cdac499f6c7756fb9647088a24b98dc72f37413c3869da6113bcc578c2178c1c2e5ab8d31a50ad2e472c06aaf408e8924d6a crond.initd 23ef7f32447f239b617d5ae221b024c7b47ca4faa9a27f80a4a6a473fd148cb4339a728fee3bb55ce67d531a141ec07c66dca533138652058d3a6a936b68d3c7 defaults.initd bf8173ee33a5d2b61cbdbc1b070e599a17a21e5433a0d8aa9beef71e4ac831304076af8e7e58dc594cdee61562329793afdc57af91e5496bf5fffb9b734a3d9c syslog.confd -acfd45bda4526ab551a30faec1742ad1569aa85e0d315959c3e3a3d6a693f94c74efeb57a00b8791524651e8a61d3f7ea3e3e08a4b0291ec46309f594ee8124c syslog.initd +a13a6add6f7fb10a3a2563391b6f8b68161249147e9f50e6d857c5689123f6d974368ce4f13b8d93312fa38d05f604d67c4c976d8a7eef301af50a3a6ad50c23 syslog.initd 2947b23728d3ad6839f660fee11fc4c86d0d1a3fc450ceff85480932b0699e7b7293eb7258cf0e957542ed3c7a4416376ebb284992e6682aede61f48069b1043 udhcpd.confd -1d4574ec7cc6d7e9952bb50b4fcb10a910868688da03a25aede492835313c686247bde1faa17f50243d61a93bfc1d8fa54cf821d7be908581e365b0f1b6a5588 udhcpd.initd +4a8d1e924284fca730a262fedc3cb76b4f4689a6c650b0c5544b65eeab6cfd9e8eb91f448d9ebbba6efbb056695428c1b26e5eaeb7233bae090676d1789954cc udhcpd.initd 6ce0b2a8fe69cc7ea657c5b9076aba51c8f0beeaafa4a887d8673bcc9f9cf8ee40f4b07d2d901ec7a1a1e4f29c150c496559559e803595d0bd487dec56b530a2 mdev.initd " diff --git a/aports/busybox/CVE-2022-30065.patch b/aports/busybox/CVE-2022-30065.patch deleted file mode 100644 index 4a9cd67..0000000 --- a/aports/busybox/CVE-2022-30065.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 3c284dcb726ff6599d3b87fb366fb04411cf5595 Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Fri, 17 Jun 2022 09:52:11 +0000 -Subject: [PATCH 1/2] awk: fix use after free (CVE-2022-30065) - -fixes https://bugs.busybox.net/show_bug.cgi?id=14781 - -Signed-off-by: Natanael Copa ---- - editors/awk.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/editors/awk.c b/editors/awk.c -index 079d0bde5..728ee8685 100644 ---- a/editors/awk.c -+++ b/editors/awk.c -@@ -3128,6 +3128,9 @@ static var *evaluate(node *op, var *res) - - case XC( OC_MOVE ): - debug_printf_eval("MOVE\n"); -+ /* make sure that we never return a temp var */ -+ if (L.v == TMPVAR0) -+ L.v = res; - /* if source is a temporary string, jusk relink it to dest */ - if (R.v == TMPVAR1 - && !(R.v->type & VF_NUMBER) --- -2.36.1 - - -From 30c8f8e69230ef27f116a2c10ca2e4a6cc343dad Mon Sep 17 00:00:00 2001 -From: Natanael Copa -Date: Thu, 16 Jun 2022 21:54:48 +0200 -Subject: [PATCH 2/2] awk: add tests for CVE-2022-30065 - -Signed-off-by: Natanael Copa ---- - testsuite/awk.tests | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/testsuite/awk.tests b/testsuite/awk.tests -index 93e25d8c1..6c3a03c37 100755 ---- a/testsuite/awk.tests -+++ b/testsuite/awk.tests -@@ -479,4 +479,15 @@ testing 'awk backslash+newline eaten with no trace' \ - "Hello world\n" \ - '' '' - -+testing 'awk use-after-free (CVE-2022-30065)' \ -+ "awk '\$3i\$3in\$9=\$r||\$9=i6/6-9f'" \ -+ "" \ -+ "" \ -+ "" -+ -+testing 'awk assign while test' \ -+ "awk '\$1==\$1=\"foo\" {print \$1}'" \ -+ "foo\n" \ -+ "" \ -+ "foo" - exit $FAILCOUNT --- -2.36.1 - diff --git a/aports/busybox/acpid.initd b/aports/busybox/acpid.initd index 2e73b77..ec31833 100644 --- a/aports/busybox/acpid.initd +++ b/aports/busybox/acpid.initd @@ -2,8 +2,9 @@ name="busybox acpid" command="/sbin/acpid" -command_args="$ACPID_OPTS" -pidfile="/var/run/acpid.pid" +command_args="$ACPID_OPTS -f" +pidfile="/run/acpid.pid" +command_background=true start_stop_daemon_args="-g wheel -k 027" depend() { diff --git a/aports/busybox/config b/aports/busybox/config index 953b502..efab056 100644 --- a/aports/busybox/config +++ b/aports/busybox/config @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit -# Busybox version: 1.35.0 -# Sat Jun 25 18:59:59 2022 +# Busybox version: 1.36.1 +# Sat Jul 29 21:11:24 2023 # CONFIG_HAVE_DOT_CONFIG=y @@ -93,6 +93,9 @@ CONFIG_FEATURE_BUFFERS_USE_MALLOC=y # CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set CONFIG_PASSWORD_MINLEN=6 CONFIG_MD5_SMALL=1 +CONFIG_SHA1_SMALL=3 +CONFIG_SHA1_HWACCEL=y +CONFIG_SHA256_HWACCEL=y CONFIG_SHA3_SMALL=1 CONFIG_FEATURE_NON_POSIX_CP=y # CONFIG_FEATURE_VERBOSE_CP_MESSAGE is not set @@ -123,6 +126,9 @@ CONFIG_LAST_SUPPORTED_WCHAR=767 # CONFIG_UNICODE_BIDI_SUPPORT is not set # CONFIG_UNICODE_NEUTRAL_TABLE is not set # CONFIG_UNICODE_PRESERVE_BROKEN is not set +# CONFIG_LOOP_CONFIGURE is not set +# CONFIG_NO_LOOP_CONFIGURE is not set +CONFIG_TRY_LOOP_CONFIGURE=y # # Applets @@ -338,6 +344,7 @@ CONFIG_FEATURE_TR_CLASSES=y CONFIG_FEATURE_TR_EQUIV=y CONFIG_TRUE=y CONFIG_TRUNCATE=y +CONFIG_TSORT=y CONFIG_TTY=y CONFIG_UNAME=y CONFIG_UNAME_OSNAME="GNU/Linux" @@ -828,10 +835,12 @@ CONFIG_FEATURE_LESS_ENV=y CONFIG_RFKILL=y CONFIG_RUNLEVEL=y # CONFIG_RX is not set +CONFIG_SEEDRNG=y # CONFIG_SETFATTR is not set # CONFIG_SETSERIAL is not set # CONFIG_STRINGS is not set CONFIG_TIME=y +CONFIG_TREE=y # CONFIG_TS is not set # CONFIG_TTYSIZE is not set # CONFIG_UBIATTACH is not set @@ -1004,6 +1013,7 @@ CONFIG_UDHCPC=y CONFIG_FEATURE_UDHCPC_ARPING=y CONFIG_FEATURE_UDHCPC_SANITIZEOPT=y CONFIG_UDHCPC_DEFAULT_SCRIPT="/usr/share/udhcpc/default.script" +CONFIG_UDHCPC6_DEFAULT_SCRIPT="/usr/share/udhcpc/default6.script" CONFIG_UDHCPC6=y CONFIG_FEATURE_UDHCPC6_RFC3646=y CONFIG_FEATURE_UDHCPC6_RFC4704=y @@ -1138,6 +1148,7 @@ CONFIG_ASH_MAIL=y CONFIG_ASH_ECHO=y CONFIG_ASH_PRINTF=y CONFIG_ASH_TEST=y +CONFIG_ASH_SLEEP=y CONFIG_ASH_HELP=y CONFIG_ASH_GETOPTS=y CONFIG_ASH_CMDCMD=y diff --git a/aports/busybox/crond.initd b/aports/busybox/crond.initd index afaf384..87febb1 100644 --- a/aports/busybox/crond.initd +++ b/aports/busybox/crond.initd @@ -2,8 +2,9 @@ name="busybox $SVCNAME" command="/usr/sbin/$SVCNAME" -pidfile="/var/run/$SVCNAME.pid" -command_args="$CRON_OPTS" +pidfile="/run/$SVCNAME.pid" +command_args="$CRON_OPTS -f" +command_background=true depend() { need localmount diff --git a/aports/busybox/default.script b/aports/busybox/default.script index a00a303..cbc4179 100644 --- a/aports/busybox/default.script +++ b/aports/busybox/default.script @@ -117,7 +117,7 @@ resolvconf() { echo "nameserver $i" >> "$RESOLV_CONF.$$" done chmod a+r "$RESOLV_CONF.$$" - mv "$RESOLV_CONF.$$" "$RESOLV_CONF" + mv -f "$RESOLV_CONF.$$" "$RESOLV_CONF" } udhcpd_conf() { diff --git a/aports/busybox/syslog.initd b/aports/busybox/syslog.initd index 629d868..3b20345 100644 --- a/aports/busybox/syslog.initd +++ b/aports/busybox/syslog.initd @@ -4,8 +4,9 @@ description="Message logging system" name="busybox syslog" command="/sbin/syslogd" -command_args="${SYSLOGD_OPTS}" -pidfile="/var/run/syslogd.pid" +command_args="${SYSLOGD_OPTS} -n" +pidfile="/run/syslogd.pid" +command_background=true start_stop_daemon_args="-g wheel -k 027" depend() { diff --git a/aports/busybox/udhcpd.initd b/aports/busybox/udhcpd.initd index 02c7620..e4dabd5 100644 --- a/aports/busybox/udhcpd.initd +++ b/aports/busybox/udhcpd.initd @@ -1,9 +1,10 @@ #!/sbin/openrc-run -name="busybox $SVCNAME" -command="/usr/sbin/$SVCNAME" -command_args="$UDHCPD_OPTS " -pidfile="/var/run/$SVCNAME.pid" +name="busybox $RC_SVCNAME" +command="/usr/sbin/$RC_SVCNAME" +command_args="$UDHCPD_OPTS -f" +pidfile="/run/$SVCNAME.pid" +command_background=true depend() { need net -- cgit v1.2.3