diff --git a/meta-networking/recipes-connectivity/samba/samba/0001-lib-replace-Implement-memset_explicit.patch b/meta-networking/recipes-connectivity/samba/samba/0001-lib-replace-Implement-memset_explicit.patch new file mode 100644 index 0000000000..331d7eae87 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0001-lib-replace-Implement-memset_explicit.patch @@ -0,0 +1,91 @@ +From fba2c1dfb3b1f474a78e2613f150a9efc6d9b6c2 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider +Date: Thu, 16 Oct 2025 11:06:56 +0200 +Subject: [PATCH 1/4] lib:replace: Implement memset_explicit() + +The memset_s() implementation is a bit obscure, as it requires a +constraint handler to be set up. You don't really find any +implmentations out there. + +With C23 memset_explicit() was added and this has been implemented +for glibc 2.43 and also in FreeBSD. + +See https://sourceware.org/bugzilla/show_bug.cgi?id=32378 +See https://reviews.freebsd.org/D47286 + +Upstream-Status: Backport [https://gitlab.com/samba-team/samba/-/commit/ef08be24e9114b4477cc2b3f7a28a816ec66802c] +Signed-off-by: Andreas Schneider +Reviewed-by: Douglas Bagnall +Signed-off-by: Khem Raj +--- + lib/replace/README | 1 + + lib/replace/replace.c | 13 +++++++++++++ + lib/replace/replace.h | 5 +++++ + lib/replace/wscript | 2 +- + 4 files changed, 20 insertions(+), 1 deletion(-) + +diff --git a/lib/replace/README b/lib/replace/README +index 6612eab..bb9d008 100644 +--- a/lib/replace/README ++++ b/lib/replace/README +@@ -73,6 +73,7 @@ symlink + realpath + poll + setproctitle ++memset_explicit + memset_s + + Types: +diff --git a/lib/replace/replace.c b/lib/replace/replace.c +index 68829f2..8615899 100644 +--- a/lib/replace/replace.c ++++ b/lib/replace/replace.c +@@ -952,6 +952,19 @@ void rep_setproctitle_init(int argc, char *argv[], char *envp[]) + } + #endif + ++#ifndef HAVE_MEMSET_EXPLICIT ++void *rep_memset_explicit(void *block, int c, size_t size) ++{ ++ void *ptr = memset(block, c, size); ++#ifdef HAVE_GCC_VOLATILE_MEMORY_PROTECTION ++ /* See http://llvm.org/bugs/show_bug.cgi?id=15495 */ ++ __asm__ volatile("" : : "g"(block) : "memory"); ++#endif /* HAVE_GCC_VOLATILE_MEMORY_PROTECTION */ ++ ++ return ptr; ++} ++#endif ++ + #ifndef HAVE_MEMSET_S + # ifndef RSIZE_MAX + # define RSIZE_MAX (SIZE_MAX >> 1) +diff --git a/lib/replace/replace.h b/lib/replace/replace.h +index 25e6e14..1a8336d 100644 +--- a/lib/replace/replace.h ++++ b/lib/replace/replace.h +@@ -994,6 +994,11 @@ void rep_setproctitle(const char *fmt, ...) PRINTF_ATTRIBUTE(1, 2); + void rep_setproctitle_init(int argc, char *argv[], char *envp[]); + #endif + ++#ifndef HAVE_MEMSET_EXPLICIT ++#define memset_explicit rep_memset_explicit ++void *rep_memset_explicit(void *block, int c, size_t size); ++#endif ++ + #ifndef HAVE_MEMSET_S + #define memset_s rep_memset_s + int rep_memset_s(void *dest, size_t destsz, int ch, size_t count); +diff --git a/lib/replace/wscript b/lib/replace/wscript +index a22ae59..574740a 100644 +--- a/lib/replace/wscript ++++ b/lib/replace/wscript +@@ -881,7 +881,7 @@ REPLACEMENT_FUNCTIONS = { + 'utime', 'utimes', 'dup2', 'chown', 'link', 'readlink', + 'symlink', 'lchown', 'realpath', 'memmem', 'vdprintf', + 'dprintf', 'get_current_dir_name', 'copy_file_range', +- 'strerror_r', 'clock_gettime', 'memset_s'], ++ 'strerror_r', 'clock_gettime', 'memset_explicit', 'memset_s'], + 'timegm.c': ['timegm'], + # Note: C99_VSNPRINTF is not a function, but a special condition + # for replacement diff --git a/meta-networking/recipes-connectivity/samba/samba/0002-lib-replace-Add-test-for-memset_explicit.patch b/meta-networking/recipes-connectivity/samba/samba/0002-lib-replace-Add-test-for-memset_explicit.patch new file mode 100644 index 0000000000..33e29533e9 --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0002-lib-replace-Add-test-for-memset_explicit.patch @@ -0,0 +1,154 @@ +From ac2ee18b081483430b42c2cf35e423634aebbeb8 Mon Sep 17 00:00:00 2001 +From: Douglas Bagnall +Date: Thu, 30 Oct 2025 16:01:36 +0100 +Subject: [PATCH 2/4] lib:replace: Add test for memset_explicit() + +Upstream-Status: Backport [https://gitlab.com/samba-team/samba/-/commit/2b17c9816d4373eba365de803eec10435ea038d4] +Signed-off-by: Douglas Bagnall +Reviewed-by: Andreas Schneider +Signed-off-by: Khem Raj +--- + lib/replace/tests/test_memset_explicit.c | 99 ++++++++++++++++++++++++ + lib/replace/wscript | 5 ++ + selftest/tests.py | 6 ++ + 3 files changed, 110 insertions(+) + create mode 100644 lib/replace/tests/test_memset_explicit.c + +diff --git a/lib/replace/tests/test_memset_explicit.c b/lib/replace/tests/test_memset_explicit.c +new file mode 100644 +index 0000000..4e56d7a +--- /dev/null ++++ b/lib/replace/tests/test_memset_explicit.c +@@ -0,0 +1,99 @@ ++#include ++#include ++#include ++#include ++#include ++ ++#include "lib/replace/replace.h" ++ ++ ++/* ++ * To check that a memset_explicit string is being memset when it ++ * appears unused, we meed to be sneaky in our check -- otherwise the ++ * check counts as a use. ++ * ++ * We are sneaky by using a function that seens to take an int ++ * argument which is really a pointer, and we hide that it is a ++ * pointer by masking it. ++ * ++ * For these tests we don't use talloc because the talloc magic gets ++ * in the way a little bit. ++ */ ++ ++#define MASK 0x12345678 ++ ++__attribute__((noinline)) ++static void check_memset_explicit(intmax_t p, const char *expected, size_t len) ++{ ++ size_t i; ++ char *secret = (char *) (p ^ MASK); ++ for (i = 0; i < len; i++) { ++ assert_int_equal(secret[i], expected[i]); ++ } ++} ++ ++ ++__attribute__((noinline)) ++static char *get_secret(off_t offset) ++{ ++ char * secret = malloc(7 + offset); ++ memset(secret, 0, 7 + offset); ++ memcpy(secret + offset, "secret", 7); ++ /* avoiding *this* being elided */ ++ print_message("secret is '%s'\n", secret); ++ asm(""); ++ return secret; ++} ++ ++ ++static void test_memset_explicit(void ** state) ++{ ++ uintptr_t p; ++ char zeros[7] = {0}; ++ char *secret = get_secret(0); ++ p = ((uintptr_t)secret) ^ MASK; ++ memset_explicit(secret, 'o', 3); ++ check_memset_explicit(p, "oooret", 7); ++ memset_explicit(secret, 0, 7); ++ check_memset_explicit(p, zeros, 7); ++ free(secret); ++} ++ ++static void test_memset_explicit_double_alloc(void ** state) ++{ ++ size_t i, found; ++ uintptr_t p, q; ++ char *secret = get_secret(20); ++ p = (uintptr_t)secret ^ MASK; ++ memset_explicit(secret, 'x', 23); ++ free(secret); ++ /* ++ * Now we malloc the same size again, and hope we got the ++ * block we just freed. ++ */ ++ found = 0; ++ for (i = 0; i < 1000; i++) { ++ secret = malloc(27); ++ q = (uintptr_t)secret ^ MASK; ++ if (q == p) { ++ q = (uintptr_t)(secret + 20) ^ MASK; ++ check_memset_explicit(q, "xxxret", 7); ++ found ++; ++ } ++ free(secret); ++ } ++ print_message("found freed pointer %zu/1000 times \n", ++ found); ++} ++ ++int main(void) ++{ ++ const struct CMUnitTest tests[] = { ++ cmocka_unit_test(test_memset_explicit), ++ cmocka_unit_test(test_memset_explicit_double_alloc), ++ }; ++ if (! isatty(1)) { ++ cmocka_set_message_output(CM_OUTPUT_SUBUNIT); ++ } ++ return cmocka_run_group_tests(tests, NULL, NULL); ++} +diff --git a/lib/replace/wscript b/lib/replace/wscript +index 574740a..9acebd3 100644 +--- a/lib/replace/wscript ++++ b/lib/replace/wscript +@@ -964,6 +964,11 @@ def build(bld): + deps='replace replace-test', + install=False) + ++ bld.SAMBA_BINARY('test_memset_explicit', ++ source='tests/test_memset_explicit.c', ++ deps='cmocka replace', ++ for_selftest=True) ++ + # build replacements for stdint.h and stdbool.h if needed + bld.SAMBA_GENERATOR('replace_stdint_h', + rule='cp ${SRC} ${TGT}', +diff --git a/selftest/tests.py b/selftest/tests.py +index deb3c0b..3131905 100644 +--- a/selftest/tests.py ++++ b/selftest/tests.py +@@ -414,6 +414,12 @@ plantestsuite("samba.unittests.smb1cli_session", "none", + plantestsuite("samba.unittests.smb_util_translate", "none", + [os.path.join(bindir(), "default/libcli/smb/test_util_translate")]) + ++plantestsuite( ++ "samba.unittests.memset_explicit", ++ "none", ++ [os.path.join(bindir(), "default/lib/replace/test_memset_explicit")], ++) ++ + plantestsuite("samba.unittests.talloc_keep_secret", "none", + [os.path.join(bindir(), "default/lib/util/test_talloc_keep_secret")]) + diff --git a/meta-networking/recipes-connectivity/samba/samba/0003-Replace-memset_s-with-memset_explicit.patch b/meta-networking/recipes-connectivity/samba/samba/0003-Replace-memset_s-with-memset_explicit.patch new file mode 100644 index 0000000000..a96cd062cd --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0003-Replace-memset_s-with-memset_explicit.patch @@ -0,0 +1,308 @@ +From 8174382fe7a278309fc98b6e11ff99b6f41a8719 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider +Date: Thu, 16 Oct 2025 11:19:51 +0200 +Subject: [PATCH 3/4] Replace memset_s() with memset_explicit() + +Upstream-Status: Backport [https://gitlab.com/samba-team/samba/-/commit/3e81b73a050e511c658afc786478431ceef175ee] +Signed-off-by: Andreas Schneider +Reviewed-by: Douglas Bagnall +Signed-off-by: Khem Raj +--- + lib/replace/replace.h | 18 +++++++++--------- + lib/util/memory.h | 16 +++++++++------- + lib/util/tests/test_talloc_keep_secret.c | 19 ++++++++----------- + 3 files changed, 26 insertions(+), 27 deletions(-) + +--- a/lib/replace/replace.h ++++ b/lib/replace/replace.h +@@ -815,50 +815,50 @@ typedef unsigned long long ptrdiff_t ; + /** + * Zero a structure. + */ +-#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) ++#define ZERO_STRUCT(x) memset_explicit((char *)&(x), 0, sizeof(x)) + + /** + * Zero a structure given a pointer to the structure. + */ + #define ZERO_STRUCTP(x) do { \ + if ((x) != NULL) { \ +- memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))); \ ++ memset_explicit((char *)(x), 0, sizeof(*(x))); \ + } \ + } while(0) + + /** + * Zero a structure given a pointer to the structure - no zero check + */ +-#define ZERO_STRUCTPN(x) memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))) ++#define ZERO_STRUCTPN(x) memset_explicit((char *)(x), 0, sizeof(*(x))) + + /** + * Zero an array - note that sizeof(array) must work - ie. it must not be a + * pointer + */ +-#define ZERO_ARRAY(x) memset_s((char *)(x), sizeof(x), 0, sizeof(x)) ++#define ZERO_ARRAY(x) memset_explicit((char *)(x), 0, sizeof(x)) + + /** + * Zero a given len of an array + */ +-#define ZERO_ARRAY_LEN(x, l) memset_s((char *)(x), (l), 0, (l)) ++#define ZERO_ARRAY_LEN(x, l) memset_explicit((char *)(x), 0, (l)) + + /** + * Explicitly zero data from memory. This is guaranteed to be not optimized + * away. + */ +-#define BURN_DATA(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) ++#define BURN_DATA(x) memset_explicit((char *)&(x), 0, sizeof(x)) + + /** + * Explicitly zero data from memory. This is guaranteed to be not optimized + * away. + */ +-#define BURN_DATA_SIZE(x, s) memset_s((char *)&(x), (s), 0, (s)) ++#define BURN_DATA_SIZE(x, s) memset_explicit((char *)&(x), 0, (s)) + + /** + * Explicitly zero data from memory. This is guaranteed to be not optimized + * away. + */ +-#define BURN_PTR_SIZE(x, s) memset_s((x), (s), 0, (s)) ++#define BURN_PTR_SIZE(x, s) memset_explicit((x), 0, (s)) + + /** + * Explicitly zero data in string. This is guaranteed to be not optimized +@@ -867,7 +867,7 @@ typedef unsigned long long ptrdiff_t ; + #define BURN_STR(x) do { \ + if ((x) != NULL) { \ + size_t s = strlen(x); \ +- memset_s((x), s, 0, s); \ ++ memset_explicit((x), 0, s); \ + } \ + } while(0) + +--- a/lib/util/memory.h ++++ b/lib/util/memory.h +@@ -40,7 +40,7 @@ + #define BURN_FREE_STR(x) do { \ + if ((x) != NULL) { \ + size_t s = strlen(x); \ +- memset_s((x), s, 0, s); \ ++ memset_explicit((x), 0, s); \ + free(x); (x) = NULL; \ + } \ + } while(0) +@@ -53,7 +53,7 @@ + **/ + #define BURN_FREE(x, s) do { \ + if ((x) != NULL) { \ +- memset_s((x), (s), 0, (s)); \ ++ memset_explicit((x), 0, (s)); \ + free(x); (x) = NULL; \ + } \ + } while(0) +@@ -78,7 +78,7 @@ + * Zero a structure. + */ + #ifndef ZERO_STRUCT +-#define ZERO_STRUCT(x) memset_s((char *)&(x), sizeof(x), 0, sizeof(x)) ++#define ZERO_STRUCT(x) memset_explicit((char *)&(x), 0, sizeof(x)) + #endif + + /** +@@ -87,7 +87,7 @@ + #ifndef ZERO_STRUCTP + #define ZERO_STRUCTP(x) do { \ + if ((x) != NULL) { \ +- memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))); \ ++ memset_explicit((char *)(x), 0, sizeof(*(x))); \ + } \ + } while(0) + #endif +@@ -96,7 +96,7 @@ + * Zero a structure given a pointer to the structure - no zero check. + */ + #ifndef ZERO_STRUCTPN +-#define ZERO_STRUCTPN(x) memset_s((char *)(x), sizeof(*(x)), 0, sizeof(*(x))) ++#define ZERO_STRUCTPN(x) memset_explicit((char *)(x), 0, sizeof(*(x))) + #endif + + /** +@@ -104,13 +104,15 @@ + * pointer. + */ + #ifndef ZERO_ARRAY +-#define ZERO_ARRAY(x) memset_s((char *)(x), sizeof(x), 0, sizeof(x)) ++#define ZERO_ARRAY(x) memset_explicit((char *)(x), 0, sizeof(x)) + #endif + + /** + * Zero a given len of an array + */ +-#define ZERO_ARRAY_LEN(x, l) memset_s((char *)(x), (l), 0, (l)) ++#ifndef ZERO_ARRAY_LEN ++#define ZERO_ARRAY_LEN(x, l) memset_explicit((char *)(x), 0, (l)) ++#endif + + /** + * Work out how many elements there are in a static array +--- a/lib/util/tests/test_talloc_keep_secret.c ++++ b/lib/util/tests/test_talloc_keep_secret.c +@@ -8,12 +8,11 @@ + #include + #include "lib/util/talloc_keep_secret.h" + +-int rep_memset_s(void *dest, size_t destsz, int ch, size_t count); ++int rep_memset_explicit(void *dest, int ch, size_t count); + +-int rep_memset_s(void *dest, size_t destsz, int ch, size_t count) ++int rep_memset_explicit(void *dest, int ch, size_t count) + { + check_expected_ptr(dest); +- check_expected(destsz); + check_expected(ch); + check_expected(count); + +@@ -44,10 +43,9 @@ static void test_talloc_keep_secret(void + ptr1_size = talloc_get_size(ptr1); + assert_int_equal(ptr1_size, strlen(ptr1) + 1); + +- expect_string(rep_memset_s, dest, "secret"); +- expect_value(rep_memset_s, destsz, strlen(ptr1) + 1); +- expect_value(rep_memset_s, ch, (int)'\0'); +- expect_value(rep_memset_s, count, strlen(ptr1) + 1); ++ expect_string(rep_memset_explicit, dest, "secret"); ++ expect_value(rep_memset_explicit, ch, (int)'\0'); ++ expect_value(rep_memset_explicit, count, strlen(ptr1) + 1); + + talloc_free(ptr1); + +@@ -73,10 +71,9 @@ static void test_talloc_keep_secret_vali + assert_non_null(password); + talloc_keep_secret(password); + +- expect_string(rep_memset_s, dest, "secret"); +- expect_value(rep_memset_s, destsz, strlen(password) + 1); +- expect_value(rep_memset_s, ch, (int)'\0'); +- expect_value(rep_memset_s, count, strlen(password) + 1); ++ expect_string(rep_memset_explicit, dest, "secret"); ++ expect_value(rep_memset_explicit, ch, (int)'\0'); ++ expect_value(rep_memset_explicit, count, strlen(password) + 1); + + talloc_free(mem_ctx); + } +--- a/lib/cmdline/cmdline.c ++++ b/lib/cmdline/cmdline.c +@@ -358,7 +358,7 @@ bool samba_cmdline_burn(int argc, char * + p += ulen; + } + +- memset_s(p, strlen(p), '\0', strlen(p)); ++ memset_explicit(p, '\0', strlen(p)); + burnt = true; + } + } +--- a/lib/util/data_blob.c ++++ b/lib/util/data_blob.c +@@ -1,19 +1,19 @@ +-/* ++/* + Unix SMB/CIFS implementation. + Easy management of byte-length data + Copyright (C) Andrew Tridgell 2001 + Copyright (C) Andrew Bartlett 2001 +- ++ + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. +- ++ + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. +- ++ + You should have received a copy of the GNU General Public License + along with this program. If not, see . + */ +@@ -67,7 +67,7 @@ _PUBLIC_ DATA_BLOB data_blob_talloc_name + } + + /** +- construct a zero data blob, using supplied TALLOC_CTX. ++ construct a zero data blob, using supplied TALLOC_CTX. + use this sparingly as it initialises data - better to initialise + yourself if you want specific data in the blob + **/ +@@ -95,7 +95,7 @@ clear a DATA_BLOB's contents + _PUBLIC_ void data_blob_clear(DATA_BLOB *d) + { + if (d->data) { +- memset_s(d->data, d->length, 0, d->length); ++ memset_explicit(d->data, 0, d->length); + } + } + +@@ -219,7 +219,7 @@ _PUBLIC_ DATA_BLOB data_blob_string_cons + } + + /** +- * Create a new data blob from const data ++ * Create a new data blob from const data + */ + + _PUBLIC_ DATA_BLOB data_blob_const(const void *p, size_t length) +@@ -266,7 +266,7 @@ _PUBLIC_ bool data_blob_append(TALLOC_CT + if ((const uint8_t *)p + length < (const uint8_t *)p) { + return false; + } +- ++ + if (!data_blob_realloc(mem_ctx, blob, new_len)) { + return false; + } +--- a/lib/util/talloc_keep_secret.c ++++ b/lib/util/talloc_keep_secret.c +@@ -22,27 +22,13 @@ + + static int talloc_keep_secret_destructor(void *ptr) + { +- int ret; + size_t size = talloc_get_size(ptr); + + if (unlikely(size == 0)) { + return 0; + } + +- ret = memset_s(ptr, size, 0, size); +- if (unlikely(ret != 0)) { +- char *msg = NULL; +- int ret2; +- ret2 = asprintf(&msg, +- "talloc_keep_secret_destructor: memset_s() failed: %s", +- strerror(ret)); +- if (ret2 != -1) { +- smb_panic(msg); +- } else { +- smb_panic("talloc_keep_secret_destructor: memset_s() failed"); +- } +- } +- ++ memset_explicit(ptr, 0, size); + return 0; + } + +--- a/librpc/ndr/util.c ++++ b/librpc/ndr/util.c +@@ -32,5 +32,5 @@ _PUBLIC_ void ndr_print_sockaddr_storage + + _PUBLIC_ void ndr_zero_memory(void *ptr, size_t len) + { +- memset_s(ptr, len, 0, len); ++ memset_explicit(ptr, 0, len); + } diff --git a/meta-networking/recipes-connectivity/samba/samba/0004-lib-replace-Remove-memset_s.patch b/meta-networking/recipes-connectivity/samba/samba/0004-lib-replace-Remove-memset_s.patch new file mode 100644 index 0000000000..409c36da7c --- /dev/null +++ b/meta-networking/recipes-connectivity/samba/samba/0004-lib-replace-Remove-memset_s.patch @@ -0,0 +1,345 @@ +From 06b9291b4a351c5d3a40f6c80ee11713840b1039 Mon Sep 17 00:00:00 2001 +From: Andreas Schneider +Date: Thu, 16 Oct 2025 11:22:46 +0200 +Subject: [PATCH 4/4] lib:replace: Remove memset_s() + +Upstream-Status: Backport [https://gitlab.com/samba-team/samba/-/commit/f3b380b8a3866286244725903287211cf54a4e74] +Signed-off-by: Andreas Schneider +Reviewed-by: Douglas Bagnall + +Autobuild-User(master): Andreas Schneider +Autobuild-Date(master): Tue Nov 11 14:51:45 UTC 2025 on atb-devel-224 + +Signed-off-by: Khem Raj +--- + lib/replace/README | 1 - + lib/replace/replace.c | 87 ++++++++----------------- + lib/replace/replace.h | 5 -- + lib/replace/wscript | 2 +- + third_party/heimdal_build/roken.h | 4 -- + third_party/heimdal_build/wscript_build | 5 ++ + 6 files changed, 34 insertions(+), 70 deletions(-) + +diff --git a/lib/replace/README b/lib/replace/README +index bb9d008..d8431e7 100644 +--- a/lib/replace/README ++++ b/lib/replace/README +@@ -74,7 +74,6 @@ realpath + poll + setproctitle + memset_explicit +-memset_s + + Types: + bool +diff --git a/lib/replace/replace.c b/lib/replace/replace.c +index 8615899..a419837 100644 +--- a/lib/replace/replace.c ++++ b/lib/replace/replace.c +@@ -1,4 +1,4 @@ +-/* ++/* + Unix SMB/CIFS implementation. + replacement routines for broken systems + Copyright (C) Andrew Tridgell 1992-1998 +@@ -8,7 +8,7 @@ + ** NOTE! The following LGPL license applies to the replace + ** library. This does NOT imply that all of Samba is released + ** under the LGPL +- ++ + This library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either +@@ -91,7 +91,7 @@ size_t rep_strlcpy(char *d, const char *s, size_t bufsize) + #endif + + #ifndef HAVE_STRLCAT +-/* like strncat but does not 0 fill the buffer and always null ++/* like strncat but does not 0 fill the buffer and always null + terminates. bufsize is the length of the buffer, which should + be one more than the maximum resulting string length */ + size_t rep_strlcat(char *d, const char *s, size_t bufsize) +@@ -116,7 +116,7 @@ size_t rep_strlcat(char *d, const char *s, size_t bufsize) + + #ifndef HAVE_MKTIME + /******************************************************************* +-a mktime() replacement for those who don't have it - contributed by ++a mktime() replacement for those who don't have it - contributed by + C.A. Lademann + Corrections by richard.kettlewell@kewill.com + ********************************************************************/ +@@ -137,7 +137,7 @@ time_t rep_mktime(struct tm *t) + return((time_t)-1); + + n = t->tm_year + 1900 - 1; +- epoch = (t->tm_year - 70) * YEAR + ++ epoch = (t->tm_year - 70) * YEAR + + ((n / 4 - n / 100 + n / 400) - (1969 / 4 - 1969 / 100 + 1969 / 400)) * DAY; + + y = t->tm_year + 1900; +@@ -147,7 +147,7 @@ time_t rep_mktime(struct tm *t) + epoch += mon [m] * DAY; + if(m == 1 && y % 4 == 0 && (y % 100 != 0 || y % 400 == 0)) + epoch += DAY; +- ++ + if(++m > 11) { + m = 0; + y++; +@@ -156,7 +156,7 @@ time_t rep_mktime(struct tm *t) + + epoch += (t->tm_mday - 1) * DAY; + epoch += t->tm_hour * HOUR + t->tm_min * MINUTE + t->tm_sec; +- ++ + if((u = localtime(&epoch)) != NULL) { + t->tm_sec = u->tm_sec; + t->tm_min = u->tm_min; +@@ -176,7 +176,7 @@ time_t rep_mktime(struct tm *t) + + #ifndef HAVE_INITGROUPS + /**************************************************************************** +- some systems don't have an initgroups call ++ some systems don't have an initgroups call + ****************************************************************************/ + int rep_initgroups(char *name, gid_t id) + { +@@ -194,7 +194,7 @@ int rep_initgroups(char *name, gid_t id) + int i,j; + struct group *g; + char *gr; +- ++ + if((grouplst = malloc(sizeof(gid_t) * max_gr)) == NULL) { + errno = ENOMEM; + return -1; +@@ -250,9 +250,9 @@ void *rep_memmove(void *dest,const void *src,int size) + + if (d < s) { + /* we can forward copy */ +- if (s-d >= sizeof(int) && +- !(s%sizeof(int)) && +- !(d%sizeof(int)) && ++ if (s-d >= sizeof(int) && ++ !(s%sizeof(int)) && ++ !(d%sizeof(int)) && + !(size%sizeof(int))) { + /* do it all as words */ + int *idest = (int *)dest; +@@ -267,9 +267,9 @@ void *rep_memmove(void *dest,const void *src,int size) + } + } else { + /* must backward copy */ +- if (d-s >= sizeof(int) && +- !(s%sizeof(int)) && +- !(d%sizeof(int)) && ++ if (d-s >= sizeof(int) && ++ !(s%sizeof(int)) && ++ !(d%sizeof(int)) && + !(size%sizeof(int))) { + /* do it all as words */ + int *idest = (int *)dest; +@@ -281,7 +281,7 @@ void *rep_memmove(void *dest,const void *src,int size) + char *cdest = (char *)dest; + char *csrc = (char *)src; + for (i=size-1;i>=0;i--) cdest[i] = csrc[i]; +- } ++ } + } + return(dest); + } +@@ -334,16 +334,16 @@ void rep_vsyslog (int facility_priority, const char *format, va_list arglist) + size_t rep_strnlen(const char *s, size_t max) + { + size_t len; +- ++ + for (len = 0; len < max; len++) { + if (s[len] == '\0') { + break; + } + } +- return len; ++ return len; + } + #endif +- ++ + #ifndef HAVE_STRNDUP + /** + Some platforms don't have strndup. +@@ -351,7 +351,7 @@ void rep_vsyslog (int facility_priority, const char *format, va_list arglist) + char *rep_strndup(const char *s, size_t n) + { + char *ret; +- ++ + n = strnlen(s, n); + ret = malloc(n+1); + if (!ret) +@@ -407,7 +407,7 @@ int rep_chroot(const char *dname) + + /***************************************************************** + Possibly replace mkstemp if it is broken. +-*****************************************************************/ ++*****************************************************************/ + + #ifndef HAVE_SECURE_MKSTEMP + int rep_mkstemp(char *template) +@@ -425,7 +425,7 @@ int rep_mkstemp(char *template) + char *rep_mkdtemp(char *template) + { + char *dname; +- ++ + if ((dname = mktemp(template))) { + if (mkdir(dname, 0700) >= 0) { + return dname; +@@ -532,7 +532,7 @@ long long int rep_strtoll(const char *str, char **endptr, int base) + { + #ifdef HAVE_STRTOQ + return strtoq(str, endptr, base); +-#elif defined(HAVE___STRTOLL) ++#elif defined(HAVE___STRTOLL) + return __strtoll(str, endptr, base); + #elif SIZEOF_LONG == SIZEOF_LONG_LONG + return (long long int) strtol(str, endptr, base); +@@ -568,7 +568,7 @@ unsigned long long int rep_strtoull(const char *str, char **endptr, int base) + { + #ifdef HAVE_STRTOUQ + return strtouq(str, endptr, base); +-#elif defined(HAVE___STRTOULL) ++#elif defined(HAVE___STRTOULL) + return __strtoull(str, endptr, base); + #elif SIZEOF_LONG == SIZEOF_LONG_LONG + return (unsigned long long int) strtoul(str, endptr, base); +@@ -599,7 +599,7 @@ unsigned long long int rep_strtoull(const char *str, char **endptr, int base) + #endif /* HAVE_STRTOULL */ + + #ifndef HAVE_SETENV +-int rep_setenv(const char *name, const char *value, int overwrite) ++int rep_setenv(const char *name, const char *value, int overwrite) + { + char *p; + size_t l1, l2; +@@ -644,10 +644,10 @@ int rep_unsetenv(const char *name) + for (i=0;environ[i];i++) /* noop */ ; + + count=i; +- ++ + for (i=0;idd_fd) +diff --git a/third_party/heimdal_build/wscript_build b/third_party/heimdal_build/wscript_build +index 8aea52b..1988535 100644 +--- a/third_party/heimdal_build/wscript_build ++++ b/third_party/heimdal_build/wscript_build +@@ -366,6 +366,11 @@ if not bld.CONFIG_SET('USING_SYSTEM_ROKEN'): + lib/roken/getuserinfo.c + ''' + ++ if not bld.CONFIG_SET('HAVE_MEMSET_S'): ++ ROKEN_SOURCE += ''' ++ lib/roken/memset_s.c ++ ''' ++ + HEIMDAL_LIBRARY('roken', + ROKEN_SOURCE, + includes='../heimdal/lib/roken ../heimdal/include ../heimdal_build/include', diff --git a/meta-networking/recipes-connectivity/samba/samba_4.19.9.bb b/meta-networking/recipes-connectivity/samba/samba_4.19.9.bb index ae88705668..3ed1d46754 100644 --- a/meta-networking/recipes-connectivity/samba/samba_4.19.9.bb +++ b/meta-networking/recipes-connectivity/samba/samba_4.19.9.bb @@ -25,6 +25,10 @@ SRC_URI = "${SAMBA_MIRROR}/stable/samba-${PV}.tar.gz \ file://0006-smbtorture-skip-test-case-tfork_cmd_send.patch \ file://0007-Deleted-settiong-of-python-to-fix-the-install-confli.patch \ file://9aa5c43315d83c19514251a11c4fba5a137f2821.patch \ + file://0001-lib-replace-Implement-memset_explicit.patch \ + file://0002-lib-replace-Add-test-for-memset_explicit.patch \ + file://0003-Replace-memset_s-with-memset_explicit.patch \ + file://0004-lib-replace-Remove-memset_s.patch \ " SRC_URI:append:libc-musl = " \