busybox: Fix format string security issues

Don't pass potentially unknown strings as first argument to printf-like functions. This fixes the build with toolchain security options (-Werror=format-string) enabled. Signed-off-by: Bernhard Rosenkränzer <bernhard.rosenkraenzer.ext@huawei.com>

busybox: Fix format string security issues
Don't pass potentially unknown strings as first argument to printf-like functions. This fixes the build with toolchain security options (-Werror=format-string) enabled. Signed-off-by: Bernhard Rosenkränzer <bernhard.rosenkraenzer.ext@huawei.com>
3341d636 · Bernhard Rosenkränzer · d7f48fd0 · 3341d636 · 3341d636 · 3341d636
Commit 3341d636 authored 3 years ago by Bernhard Rosenkränzer
--- a/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch
+++ b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch
+From bernhard.rosenkraenzer.ext@huawei.com Thu Sep  2 12:30:04 2021
+From: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Date: Thu,  2 Sep 2021 12:30:04 +0100
+Subject: [PATCH] Fix -Wformat-string warnings
+
+Make sure we don't pass potentially dangerous strings to printf-like functions.
+This fixes building in OPTIMIZE_FOR=security mode (-Werror=format-string).
+
+Signed-off-by: Bernhard Rosenkraenzer <bernhard.rosenkraenzer.ext@huawei.com>
+Upstream-Status: Pending
+
+diff -up busybox-1.31.1/archival/libarchive/decompress_gunzip.c.omv~ busybox-1.31.1/archival/libarchive/decompress_gunzip.c
+--- busybox-1.31.1/archival/libarchive/decompress_gunzip.c.omv~	2021-09-02 11:08:42.987268111 +0200
+++ busybox-1.31.1/archival/libarchive/decompress_gunzip.c	2021-09-02 11:08:48.491282095 +0200
+@@ -1022,7 +1022,7 @@ inflate_unzip_internal(STATE_PARAM trans
+ 	error_msg = "corrupted data";
+ 	if (setjmp(error_jmp)) {
+ 		/* Error from deep inside zip machinery */
+-		bb_error_msg(error_msg);
+		bb_error_msg("%s", error_msg);
+ 		n = -1;
+ 		goto ret;
+ 	}
+diff -up busybox-1.31.1/libbb/fflush_stdout_and_exit.c.omv~ busybox-1.31.1/libbb/fflush_stdout_and_exit.c
+--- busybox-1.31.1/libbb/fflush_stdout_and_exit.c.omv~	2021-09-02 11:10:03.489471808 +0200
+++ busybox-1.31.1/libbb/fflush_stdout_and_exit.c	2021-09-02 11:10:11.948493100 +0200
+@@ -15,7 +15,7 @@ void FAST_FUNC fflush_stdout_and_exit(in
+ {
+ 	xfunc_error_retval = retval;
+ 	if (fflush(stdout))
+-		bb_perror_msg_and_die(bb_msg_standard_output);
+		bb_perror_msg_and_die("%s", bb_msg_standard_output);
+ 	/* In case we are in NOFORK applet. Do not exit() directly,
+ 	 * but use xfunc_die() */
+ 	xfunc_die();
+diff -up busybox-1.31.1/libbb/xfuncs_printf.c.omv~ busybox-1.31.1/libbb/xfuncs_printf.c
+--- busybox-1.31.1/libbb/xfuncs_printf.c.omv~	2021-09-02 11:13:01.210916054 +0200
+++ busybox-1.31.1/libbb/xfuncs_printf.c	2021-09-02 11:13:13.371946229 +0200
+@@ -27,7 +27,7 @@
+ 
+ void FAST_FUNC bb_die_memory_exhausted(void)
+ {
+-	bb_error_msg_and_die(bb_msg_memory_exhausted);
+	bb_error_msg_and_die("%s", bb_msg_memory_exhausted);
+ }
+ 
+ #ifndef DMALLOC
+@@ -40,7 +40,7 @@ void* FAST_FUNC malloc_or_warn(size_t si
+ {
+ 	void *ptr = malloc(size);
+ 	if (ptr == NULL && size != 0)
+-		bb_error_msg(bb_msg_memory_exhausted);
+		bb_error_msg("%s", bb_msg_memory_exhausted);
+ 	return ptr;
+ }
+ 
+diff -up busybox-1.31.1/networking/ping.c.omv~ busybox-1.31.1/networking/ping.c
+--- busybox-1.31.1/networking/ping.c.omv~	2021-09-02 11:06:55.945994276 +0200
+++ busybox-1.31.1/networking/ping.c	2021-09-02 11:07:14.816042825 +0200
+@@ -184,8 +184,8 @@ create_icmp_socket(void)
+ 		sock = socket(AF_INET, SOCK_RAW, 1); /* 1 == ICMP */
+ 	if (sock < 0) {
+ 		if (errno == EPERM)
+-			bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+-		bb_perror_msg_and_die(bb_msg_can_not_create_raw_socket);
+			bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+		bb_perror_msg_and_die("%s", bb_msg_can_not_create_raw_socket);
+ 	}
+ 
+ 	xmove_fd(sock, pingsock);
+diff -up busybox-1.31.1/networking/traceroute.c.omv~ busybox-1.31.1/networking/traceroute.c
+--- busybox-1.31.1/networking/traceroute.c.omv~	2021-09-02 11:06:32.367933433 +0200
+++ busybox-1.31.1/networking/traceroute.c	2021-09-02 11:06:48.343974681 +0200
+@@ -875,7 +875,7 @@ common_traceroute_main(int op, char **ar
+ 		 * probe (e.g., on a multi-homed host).
+ 		 */
+ 		if (getuid() != 0)
+-			bb_error_msg_and_die(bb_msg_you_must_be_root);
+			bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ 	}
+ 	if (op & OPT_WAITTIME)
+ 		waittime = xatou_range(waittime_str, 1, 24 * 60 * 60);
+diff -up busybox-1.31.1/shell/ash.c.omv~ busybox-1.31.1/shell/ash.c
+--- busybox-1.31.1/shell/ash.c.omv~	2021-09-02 11:15:04.255220263 +0200
+++ busybox-1.31.1/shell/ash.c	2021-09-02 11:15:54.587344068 +0200
+@@ -4223,7 +4223,7 @@ sprint_status48(char *s, int status, int
+ 		}
+ 		st &= 0x7f;
+ //TODO: use bbox's get_signame? strsignal adds ~600 bytes to text+rodata
+-		col = fmtstr(s, 32, strsignal(st));
+		col = fmtstr(s, 32, "%s", strsignal(st));
+ 		if (WCOREDUMP(status)) {
+ 			strcpy(s + col, " (core dumped)");
+ 			col += sizeof(" (core dumped)")-1;
+diff -up busybox-1.31.1/loginutils/addgroup.c.omv~ busybox-1.31.1/loginutils/addgroup.c
+--- busybox-1.31.1/loginutils/addgroup.c.omv~	2021-09-02 17:52:53.644854060 +0200
+++ busybox-1.31.1/loginutils/addgroup.c	2021-09-02 17:53:07.412923202 +0200
+@@ -149,7 +149,7 @@ int addgroup_main(int argc UNUSED_PARAM,
+ 
+ 	/* need to be root */
+ 	if (geteuid()) {
+-		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+		bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ 	}
+ 	/* Syntax:
+ 	 *  addgroup group
+diff -up busybox-1.31.1/loginutils/adduser.c.omv~ busybox-1.31.1/loginutils/adduser.c
+--- busybox-1.31.1/loginutils/adduser.c.omv~	2021-09-02 17:50:27.751128814 +0200
+++ busybox-1.31.1/loginutils/adduser.c	2021-09-02 17:50:34.763163329 +0200
+@@ -193,7 +193,7 @@ int adduser_main(int argc UNUSED_PARAM,
+ 
+ 	/* got root? */
+ 	if (geteuid()) {
+-		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+		bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ 	}
+ 
+ 	pw.pw_gecos = (char *)"Linux User,,,";
+diff -up busybox-1.31.1/loginutils/deluser.c.omv~ busybox-1.31.1/loginutils/deluser.c
+--- busybox-1.31.1/loginutils/deluser.c.omv~	2021-09-02 17:44:26.398416096 +0200
+++ busybox-1.31.1/loginutils/deluser.c	2021-09-02 17:44:47.114509906 +0200
+@@ -76,7 +76,7 @@ int deluser_main(int argc, char **argv)
+ #endif
+ 
+ 	if (geteuid() != 0)
+-		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+		bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ 
+ 	name = argv[1];
+ 	member = NULL;
+diff -up busybox-1.31.1/networking/udhcp/arpping.c.omv~ busybox-1.31.1/networking/udhcp/arpping.c
+--- busybox-1.31.1/networking/udhcp/arpping.c.omv~	2021-09-02 17:59:15.301802783 +0200
+++ busybox-1.31.1/networking/udhcp/arpping.c	2021-09-02 17:59:24.787851883 +0200
+@@ -53,7 +53,7 @@ int FAST_FUNC arpping(uint32_t test_nip,
+ 
+ 	s = socket(PF_PACKET, SOCK_PACKET, htons(ETH_P_ARP));
+ 	if (s == -1) {
+-		bb_perror_msg(bb_msg_can_not_create_raw_socket);
+		bb_perror_msg("%s", bb_msg_can_not_create_raw_socket);
+ 		return -1;
+ 	}
+ 
+diff -up busybox-1.31.1/util-linux/mount.c.omv~ busybox-1.31.1/util-linux/mount.c
+--- busybox-1.31.1/util-linux/mount.c.omv~	2021-09-02 17:54:39.676389182 +0200
+++ busybox-1.31.1/util-linux/mount.c	2021-09-02 17:55:53.673765879 +0200
+@@ -745,7 +745,7 @@ static int mount_it_now(struct mntent *m
+ 	// Abort entirely if permission denied.
+ 
+ 	if (rc && errno == EPERM)
+-		bb_error_msg_and_die(bb_msg_perm_denied_are_you_root);
+		bb_error_msg_and_die("%s", bb_msg_perm_denied_are_you_root);
+ 
+ 	// If the mount was successful, and we're maintaining an old-style
+ 	// mtab file by hand, add the new entry to it now.
+@@ -2113,7 +2113,7 @@ static int singlemount(struct mntent *mp
+ 			);
+ 			if (loopfd < 0) {
+ 				if (errno == EPERM || errno == EACCES)
+-					bb_error_msg(bb_msg_perm_denied_are_you_root);
+					bb_error_msg("%s", bb_msg_perm_denied_are_you_root);
+ 				else
+ 					bb_perror_msg("can't setup loop device");
+ 				return errno;
+@@ -2321,7 +2321,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ 		// argument when we get it.
+ 		if (argv[1]) {
+ 			if (nonroot)
+-				bb_error_msg_and_die(bb_msg_you_must_be_root);
+				bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ 			mtpair->mnt_fsname = argv[0];
+ 			mtpair->mnt_dir = argv[1];
+ 			mtpair->mnt_type = fstype;
+@@ -2338,7 +2338,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ 
+ 	cmdopt_flags = parse_mount_options(cmdopts, NULL);
+ 	if (nonroot && (cmdopt_flags & ~MS_SILENT)) // Non-root users cannot specify flags
+-		bb_error_msg_and_die(bb_msg_you_must_be_root);
+		bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ 
+ 	// If we have a shared subtree flag, don't worry about fstab or mtab.
+ 	if (ENABLE_FEATURE_MOUNT_FLAGS
+@@ -2403,7 +2403,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ 			// No, mount -a won't mount anything,
+ 			// even user mounts, for mere humans
+ 			if (nonroot)
+-				bb_error_msg_and_die(bb_msg_you_must_be_root);
+				bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ 
+ 			// Does type match? (NULL matches always)
+ 			if (!fstype_matches(mtcur->mnt_type, fstype))
+@@ -2483,7 +2483,7 @@ int mount_main(int argc UNUSED_PARAM, ch
+ 			// fstab must have "users" or "user"
+ 			l = parse_mount_options(mtcur->mnt_opts, NULL);
+ 			if (!(l & MOUNT_USERS))
+-				bb_error_msg_and_die(bb_msg_you_must_be_root);
+				bb_error_msg_and_die("%s", bb_msg_you_must_be_root);
+ 		}
+ 
+ 		//util-linux-2.12 does not do this check.
--- a/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch.license
+++ b/meta-ohos-core/recipes-core/busybox/busybox/busybox-1.31.1-Wformat-security.patch.license
+# SPDX-FileCopyrightText: Huawei Inc.
+# SPDX-License-Identifier: Apache-2.0
--- a/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend
+++ b/meta-ohos-core/recipes-core/busybox/busybox_%.bbappend
@@ -3,4 +3,5 @@
 # SPDX-License-Identifier: Apache-2.0

 FILESEXTRAPATHS_prepend := "${THISDIR}/${PN}:"
-SRC_URI += "file://allscenarios.cfg"
+SRC_URI += "file://busybox-1.31.1-Wformat-security.patch \
+	file://allscenarios.cfg"