On Fri, Oct 16, 2020 at 04:40:00AM +0800, Ley Foon Tan wrote:
On Fri, Jul 17, 2020 at 9:29 PM Tom Rini trini@konsulko.com wrote:
On Wed, Jun 24, 2020 at 04:34:03PM +0800, Ley Foon Tan wrote:
From: Chin Liang See chin.liang.see@intel.com
This fixes CVE-2016-9841. Changes integrated from [1], with changes make for Uboot code base.
An old inffast.c optimization turns out to not be optimal anymore with modern compilers, and furthermore was not compliant with the C standard, for which decrementing a pointer before its allocated memory is undefined. Per the recommendation of a security audit of the zlib code by Trail of Bits and TrustInSoft, in support of the Mozilla Foundation, this "optimization" was removed, in order to avoid the possibility of undefined behavior.
Signed-off-by: Mark Adler madler@alumni.caltech.edu Signed-off-by: Chin Liang See chin.liang.see@intel.com Signed-off-by: Ley Foon Tan ley.foon.tan@intel.com
This breaks the following tests on sandbox: FAILED test/py/tests/test_efi_fit.py::test_efi_fit_launch - u_boot_spawn.Timeout FAILED test/py/tests/test_fit.py::test_fit - OSError: [Errno 5] Input/output error
Hi Tom
I have tried to run the sandtest, but it failed in different test cases. I am run this command "./test/py/test.py --bd sandbox --build". Error log at bottom of email.
Found that https://gitlab.denx.de/u-boot/u-boot/-/blob/master/lib/zlib/zlib.h always "#undef POSTINC", it is mean that U-boot can only support pre-increment? I have tried changing "#undef POSTINC" to "define POSTINC" and without this patch, the test failed at the same location. So, the failure is not caused by this patch. Note, this patch mainly changes to support post-increment only.
Any suggestion to fix this?
I'm not sure why the tests fail for you to start with. They all pass inn the CI environment as well as locally. I would start by seeing how your environment differs from those.