packages/flatbuffers
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

upgrade 2.0.0 to fix CVE-2020-35864

Browse Source
This commit is contained in:
starlet_dx 2021-08-17 10:37:00 +08:00
parent 936b4c9a14
commit 2ce6ea5728
6 changed files with 7 additions and 250 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

156
0001-generate-gcc-pragmas-to-ignore-Wclass-memaccess.patch
View File

@ -1,156 +0,0 @@
From c80316a3efc9244af035e1ebfe2b4df15d691c96 Mon Sep 17 00:00:00 2001
From: Sergey Avseyev <sergey.avseyev@gmail.com>
Date: Thu, 10 Jan 2019 07:37:09 +0300
Subject: [PATCH] generate gcc pragmas to ignore -Wclass-memaccess
---
samples/monster_generated.h | 7 +++++++
src/idl_gen_cpp.cpp | 7 +++++++
tests/monster_test_generated.h | 21 +++++++++++++++++++
.../namespace_test1_generated.h | 7 +++++++
tests/union_vector/union_vector_generated.h | 14 +++++++++++++
5 files changed, 56 insertions(+)
diff --git a/samples/monster_generated.h b/samples/monster_generated.h
index 5ac4be3..ae1fd04 100644
--- a/samples/monster_generated.h
+++ b/samples/monster_generated.h
@@ -164,7 +164,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(4) Vec3 FLATBUFFERS_FINAL_CLASS {
public:
Vec3() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(Vec3));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
Vec3(float _x, float _y, float _z)
: x_(flatbuffers::EndianScalar(_x)),
diff --git a/src/idl_gen_cpp.cpp b/src/idl_gen_cpp.cpp
index a0abfdd..8d35673 100644
--- a/src/idl_gen_cpp.cpp
+++ b/src/idl_gen_cpp.cpp
@@ -2585,7 +2585,14 @@ class CppGenerator : public BaseGenerator {
// Generate a default constructor.
code_ += " {{STRUCT_NAME}}() {";
+ code_ += "#if defined(__GNUC__)";
+ code_ += "#pragma GCC diagnostic push";
+ code_ += "#pragma GCC diagnostic ignored \"-Wclass-memaccess\"";
+ code_ += "#endif";
code_ += " memset(this, 0, sizeof({{STRUCT_NAME}}));";
+ code_ += "#if defined(__GNUC__)";
+ code_ += "#pragma GCC diagnostic pop";
+ code_ += "#endif";
code_ += " }";
// Generate a constructor that takes all fields as arguments.
diff --git a/tests/monster_test_generated.h b/tests/monster_test_generated.h
index 0f5e252..4b0aa9f 100644
--- a/tests/monster_test_generated.h
+++ b/tests/monster_test_generated.h
@@ -269,7 +269,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(2) Test FLATBUFFERS_FINAL_CLASS {
public:
Test() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(Test));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
Test(int16_t _a, int8_t _b)
: a_(flatbuffers::EndianScalar(_a)),
@@ -312,7 +319,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(16) Vec3 FLATBUFFERS_FINAL_CLASS {
public:
Vec3() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(Vec3));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
Vec3(float _x, float _y, float _z, double _test1, Color _test2, const Test &_test3)
: x_(flatbuffers::EndianScalar(_x)),
@@ -384,7 +398,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(4) Ability FLATBUFFERS_FINAL_CLASS {
public:
Ability() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(Ability));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
Ability(uint32_t _id, uint32_t _distance)
: id_(flatbuffers::EndianScalar(_id)),
diff --git a/tests/namespace_test/namespace_test1_generated.h b/tests/namespace_test/namespace_test1_generated.h
index d82a577..a7637bc 100644
--- a/tests/namespace_test/namespace_test1_generated.h
+++ b/tests/namespace_test/namespace_test1_generated.h
@@ -56,7 +56,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(4) StructInNestedNS FLATBUFFERS_FINAL_CLASS
public:
StructInNestedNS() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(StructInNestedNS));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
StructInNestedNS(int32_t _a, int32_t _b)
: a_(flatbuffers::EndianScalar(_a)),
diff --git a/tests/union_vector/union_vector_generated.h b/tests/union_vector/union_vector_generated.h
index c5b2250..57d208e 100644
--- a/tests/union_vector/union_vector_generated.h
+++ b/tests/union_vector/union_vector_generated.h
@@ -188,7 +188,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(4) Rapunzel FLATBUFFERS_FINAL_CLASS {
public:
Rapunzel() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(Rapunzel));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
Rapunzel(int32_t _hair_length)
: hair_length_(flatbuffers::EndianScalar(_hair_length)) {
@@ -213,7 +220,14 @@ FLATBUFFERS_MANUALLY_ALIGNED_STRUCT(4) BookReader FLATBUFFERS_FINAL_CLASS {
public:
BookReader() {
+#if defined(__GNUC__)
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wclass-memaccess"
+#endif
memset(this, 0, sizeof(BookReader));
+#if defined(__GNUC__)
+#pragma GCC diagnostic pop
+#endif
}
BookReader(int32_t _books_read)
: books_read_(flatbuffers::EndianScalar(_books_read)) {
--
2.20.1

53
Handle-git-program-or-.git-folder-absence.patch
View File

@ -1,53 +0,0 @@
From 7e4124d6e6ccafb267f80f3e57e3780913d5cbe5 Mon Sep 17 00:00:00 2001
From: Dmitry Volosnykh <dmitry.volosnykh@gmail.com>
Date: Mon, 4 May 2020 23:23:41 +0300
Subject: [PATCH] Handle git program or .git folder absence (#5878)
Assume version is 0.0.0.0 in such cases.
---
CMake/Version.cmake | 37 +++++++++++++++++++++++++++----------
1 file changed, 27 insertions(+), 10 deletions(-)
diff --git a/CMake/Version.cmake b/CMake/Version.cmake
index db6613b840..0bed50f6e2 100644
--- a/CMake/Version.cmake
+++ b/CMake/Version.cmake
@@ -1,11 +1,28 @@
+set(VERSION_MAJOR 1)
+set(VERSION_MINOR 10)
+set(VERSION_PATCH 0)
+set(VERSION_COMMIT 0)
+
find_program(GIT git)
-execute_process(
- COMMAND ${GIT} describe
- WORKING_DIRECTORY ${CMAKE_CURRENT_SOURCE_DIR}
- OUTPUT_VARIABLE GIT_DESCRIBE_DIRTY
- OUTPUT_STRIP_TRAILING_WHITESPACE
-)
-string(REGEX REPLACE "^v([0-9]+)\\..*" "\\1" VERSION_MAJOR "${GIT_DESCRIBE_DIRTY}")
-string(REGEX REPLACE "^v[0-9]+\\.([0-9]+).*" "\\1" VERSION_MINOR "${GIT_DESCRIBE_DIRTY}")
-string(REGEX REPLACE "^v[0-9]+\\.[0-9]+\\.([0-9]+).*" "\\1" VERSION_PATCH "${GIT_DESCRIBE_DIRTY}")
-string(REGEX REPLACE "^v[0-9]+\\.[0-9]+\\.[0-9]+\\-([0-9]+).*" "\\1" VERSION_COMMIT "${GIT_DESCRIBE_DIRTY}")
+if(GIT)
+ execute_process(
+ COMMAND ${GIT} describe
+ WORKING_DIRECTORY ${CMAKE_SOURCE_DIR}
+ OUTPUT_VARIABLE GIT_DESCRIBE_DIRTY
+ OUTPUT_STRIP_TRAILING_WHITESPACE
+ RESULT_VARIABLE GIT_DESCRIBE_RESULT
+ )
+
+ if(GIT_DESCRIBE_RESULT EQUAL 0)
+ string(REGEX REPLACE "^v([0-9]+)\\..*" "\\1" VERSION_MAJOR "${GIT_DESCRIBE_DIRTY}")
+ string(REGEX REPLACE "^v[0-9]+\\.([0-9]+).*" "\\1" VERSION_MINOR "${GIT_DESCRIBE_DIRTY}")
+ string(REGEX REPLACE "^v[0-9]+\\.[0-9]+\\.([0-9]+).*" "\\1" VERSION_PATCH "${GIT_DESCRIBE_DIRTY}")
+ string(REGEX REPLACE "^v[0-9]+\\.[0-9]+\\.[0-9]+\\-([0-9]+).*" "\\1" VERSION_COMMIT "${GIT_DESCRIBE_DIRTY}")
+ else()
+ message(WARNING "git describe failed with exit code: ${GIT_DESCRIBE_RESULT}")
+ endif()
+else()
+ message(WARNING "git is not found")
+endif()
+
+message("Proceeding with version: ${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_PATCH}.${VERSION_COMMIT}")

34
fix-compilation-failed.patch
View File

@ -1,34 +0,0 @@
diff -Nur a/include/flatbuffers/base.h b/include/flatbuffers/base.h
--- a/include/flatbuffers/base.h 2018-10-04 03:48:47.000000000 +0800
+++ b/include/flatbuffers/base.h 2021-08-02 19:48:18.468933100 +0800
@@ -266,13 +266,30 @@
return EndianScalar(*reinterpret_cast<const T *>(p));
}
+#if defined(__GNUC__) && !defined(__clang__)
+ #define FLATBUFFERS_GCC (__GNUC__ * 10000 + __GNUC_MINOR__ * 100 + __GNUC_PATCHLEVEL__)
+#else
+ #define FLATBUFFERS_GCC 0
+#endif
+
+// See https://github.com/google/flatbuffers/issues/5950
+#if (FLATBUFFERS_GCC >= 100000) && (FLATBUFFERS_GCC < 110000)
+ #pragma GCC diagnostic push
+ #pragma GCC diagnostic ignored "-Wstringop-overflow"
+#endif
+
template<typename T> void WriteScalar(void *p, T t) {
*reinterpret_cast<T *>(p) = EndianScalar(t);
}
+#if (FLATBUFFERS_GCC >= 100000) && (FLATBUFFERS_GCC < 110000)
+ #pragma GCC diagnostic pop
+#endif
+
// Computes how many bytes you'd have to pad to be able to write an
// "scalar_size" scalar if the buffer had grown to "buf_size" (downwards in
// memory).
+
inline size_t PaddingBytes(size_t buf_size, size_t scalar_size) {
return ((~buf_size) + 1) & (scalar_size - 1);
}

BIN
flatbuffers-1.10.0.tar.gz
View File

Binary file not shown.

14
flatbuffers.spec
View File

@ -4,19 +4,15 @@
%bcond_without tests
%endif
Name: flatbuffers
Version: 1.10.0
Release: 2
Version: 2.0.0
Release: 1
Summary: Memory efficient serialization library
License: Apache-2.0
URL: https://github.com/google/flatbuffers
Source0: https://github.com/google/flatbuffers/archive/v%{version}/%{name}-%{version}.tar.gz
Source0: https://github.com/google/flatbuffers/archive/refs/tags/v%{version}.tar.gz
Source1: flatc.1
Source2: flatbuffers.7
Patch0: 0001-generate-gcc-pragmas-to-ignore-Wclass-memaccess.patch
Patch1: Handle-git-program-or-.git-folder-absence.patch
Patch2: fix-compilation-failed.patch
BuildRequires: gcc-c++ cmake >= 2.8.9
Provides: bundled(grpc)
%description
@ -70,9 +66,13 @@ make test
%{_includedir}/flatbuffers
%{_libdir}/libflatbuffers.so
%{_mandir}/man7/flatbuffers.7*
%{_libdir}/pkgconfig/flatbuffers.pc
%{_libdir}/cmake/flatbuffers/*.cmake
%changelog
* Tue Aug 17 2021 yaoxin <yaoxin30@huawei.com> - 2.0.0-1
- Upgrade 2.0.0 to fix CVE-2020-35864
* Mon Aug 2 2021 Haiwei Li <lihaiwei8@huawei.com> - 1.10.0-2
- Fix complication failed due to gcc upgrade

BIN
v2.0.0.tar.gz Normal file
View File

Binary file not shown.