diff options
| author | bors <bors@rust-lang.org> | 2025-02-17 18:17:27 +0000 |
|---|---|---|
| committer | bors <bors@rust-lang.org> | 2025-02-17 18:17:27 +0000 |
| commit | 4d91de4e48198da2e33413efdcd9cd2cc0c46688 (patch) | |
| tree | 42a5f1d2824e32a8a1804e03d7b68f274d875823 /src/ci/docker | |
| parent | 461de7492e5354419cf27fe94b6aa235b4121927 (diff) | |
| parent | 86193fa8a04bcbdeee9917c2a2d1e2ea7054c0a6 (diff) | |
| download | rust-1.85.0.tar.gz rust-1.85.0.zip | |
Auto merge of #137181 - cuviper:stable-next, r=cuviper 1.85.0
Prepare Rust 1.85.0 stable release This includes a relnotes sync and a few last-minute backports: - change `literal_string_with_formatting_args` lint category to nursery #136982 - Update the reference for reverted `extended_varargs_abi_support` #136934 - fix musl's CVE-2025-26519 #137127 r? cuviper
Diffstat (limited to 'src/ci/docker')
| -rw-r--r-- | src/ci/docker/scripts/musl.sh | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/src/ci/docker/scripts/musl.sh b/src/ci/docker/scripts/musl.sh index ece8e6c15c0..9878bec6fbe 100644 --- a/src/ci/docker/scripts/musl.sh +++ b/src/ci/docker/scripts/musl.sh @@ -30,6 +30,47 @@ MUSL=musl-1.2.3 # may have been downloaded in a previous run if [ ! -d $MUSL ]; then curl https://www.musl-libc.org/releases/$MUSL.tar.gz | tar xzf - + + # Apply patches for CVE-2025-26519. At the time of adding these patches no release containing them + # has been published by the musl project, so we just apply them directly on top of the version we + # were distributing already. The patches should be removed once we upgrade to musl >= 1.2.6. + # + # Advisory: https://www.openwall.com/lists/musl/2025/02/13/1 + # + # Patches applied: + # - https://www.openwall.com/lists/musl/2025/02/13/1/1 + # - https://www.openwall.com/lists/musl/2025/02/13/1/2 + # + # ignore-tidy-tab + # ignore-tidy-linelength + patch -p1 -d $MUSL <<EOF +--- a/src/locale/iconv.c ++++ b/src/locale/iconv.c +@@ -502,7 +502,7 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri + if (c >= 93 || d >= 94) { + c += (0xa1-0x81); + d += 0xa1; +- if (c >= 93 || c>=0xc6-0x81 && d>0x52) ++ if (c > 0xc6-0x81 || c==0xc6-0x81 && d>0x52) + goto ilseq; + if (d-'A'<26) d = d-'A'; + else if (d-'a'<26) d = d-'a'+26; +EOF + patch -p1 -d $MUSL <<EOF +--- a/src/locale/iconv.c ++++ b/src/locale/iconv.c +@@ -545,6 +545,10 @@ size_t iconv(iconv_t cd, char **restrict in, size_t *restrict inb, char **restri + if (*outb < k) goto toobig; + memcpy(*out, tmp, k); + } else k = wctomb_utf8(*out, c); ++ /* This failure condition should be unreachable, but ++ * is included to prevent decoder bugs from translating ++ * into advancement outside the output buffer range. */ ++ if (k>4) goto ilseq; + *out += k; + *outb -= k; + break; +EOF fi cd $MUSL |