From 9969dcb3768e45f9ff45b7e91226ac756662e154 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Wed, 15 Mar 2023 21:09:25 +0300 Subject: [PATCH] import usbredir-0.12.0-3.el9 --- .gitignore | 1 + .usbredir.metadata | 1 + ...er-Fix-unserialize-on-pristine-check.patch | 193 +++++++++++++++ ...reset-parser-s-fields-on-unserialize.patch | 63 +++++ SPECS/usbredir.spec | 223 ++++++++++++++++++ 5 files changed, 481 insertions(+) create mode 100644 .gitignore create mode 100644 .usbredir.metadata create mode 100644 SOURCES/0001-usbredirparser-Fix-unserialize-on-pristine-check.patch create mode 100644 SOURCES/0002-usbredirparser-reset-parser-s-fields-on-unserialize.patch create mode 100644 SPECS/usbredir.spec diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..460e10a --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +SOURCES/usbredir-0.12.0.tar.xz diff --git a/.usbredir.metadata b/.usbredir.metadata new file mode 100644 index 0000000..2bfab34 --- /dev/null +++ b/.usbredir.metadata @@ -0,0 +1 @@ +70940f6dc409b3bdb9ee98f24690c438f1ae999e SOURCES/usbredir-0.12.0.tar.xz diff --git a/SOURCES/0001-usbredirparser-Fix-unserialize-on-pristine-check.patch b/SOURCES/0001-usbredirparser-Fix-unserialize-on-pristine-check.patch new file mode 100644 index 0000000..9d21c34 --- /dev/null +++ b/SOURCES/0001-usbredirparser-Fix-unserialize-on-pristine-check.patch @@ -0,0 +1,193 @@ +From 6bf41a231b445ac5190c32e281b698b1ee5379b4 Mon Sep 17 00:00:00 2001 +From: Victor Toso +Date: Fri, 24 Jun 2022 23:29:08 +0200 +Subject: [PATCH 1/2] usbredirparser: Fix unserialize on pristine check +Content-type: text/plain + +As mentioned in the bug below, the user is trying to migrate QEMU and +it is failing on the unserialization of usbredirparser at the target +host. The user does not have USB attached to the VM at all. + +I've added a test that shows that serialization is currently broken. +It fails at the 'pristine' check in usbredirparser_unserialize(). + +This check was added with e37d86c "Skip empty write buffers when +unserializing parser" and restricted further with 186c4c7 "Avoid +memory leak from ill-formatted serialization data" + +The issue here is that usbredirparser's initialization sets some +fields and thus it isn't guaranteed to be pristine. + +The parser's basic data is: + + | write_buf_count ... : 1 + | write_buf ........ : 0xbc03e0 + | write_buf_total_size: 80 + | data ............. : (nil) + | header_read: ...... : 0 + | type_header_read .. : 0 + | data_read: ........ : 0 + +The current fix is to to ignore write_buf checks as, again, they are +not guaranteed to be pristine. usbredirparser library should properly +overwrite them when unserializing the data and if there were pending +buffers, they should be freed. + +Related: https://bugzilla.redhat.com/show_bug.cgi?id=2096008 + +Signed-off-by: Victor Toso +--- + tests/meson.build | 1 + + tests/serializer.c | 113 ++++++++++++++++++++++++++++++++ + usbredirparser/usbredirparser.c | 4 +- + 3 files changed, 115 insertions(+), 3 deletions(-) + create mode 100644 tests/serializer.c + +diff --git a/tests/meson.build b/tests/meson.build +index 0d4397b..2a179c9 100644 +--- a/tests/meson.build ++++ b/tests/meson.build +@@ -1,5 +1,6 @@ + tests = [ + 'filter', ++ 'serializer', + ] + + deps = dependency('glib-2.0') +diff --git a/tests/serializer.c b/tests/serializer.c +new file mode 100644 +index 0000000..4bd669e +--- /dev/null ++++ b/tests/serializer.c +@@ -0,0 +1,113 @@ ++/* ++ * Copyright 2022 Red Hat, Inc. ++ * ++ * This library is free software; you can redistribute it and/or ++ * modify it under the terms of the GNU Lesser General Public ++ * License as published by the Free Software Foundation; either ++ * version 2.1 of the License, or (at your option) any later version. ++ * ++ * This library is distributed in the hope that it will be useful, ++ * but WITHOUT ANY WARRANTY; without even the implied warranty of ++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU ++ * Lesser General Public License for more details. ++ * ++ * You should have received a copy of the GNU Lesser General Public ++ * License along with this library; if not, see . ++*/ ++#include "config.h" ++ ++#define G_LOG_DOMAIN "serializer" ++#define G_LOG_USE_STRUCTURED ++ ++#include "usbredirparser.h" ++ ++#include ++#include ++#include ++#include ++ ++ ++static void ++log_cb(void *priv, int level, const char *msg) ++{ ++ GLogLevelFlags glog_level; ++ ++ switch(level) { ++ case usbredirparser_error: ++ glog_level = G_LOG_LEVEL_ERROR; ++ break; ++ case usbredirparser_warning: ++ glog_level = G_LOG_LEVEL_WARNING; ++ break; ++ case usbredirparser_info: ++ glog_level = G_LOG_LEVEL_INFO; ++ break; ++ case usbredirparser_debug: ++ case usbredirparser_debug_data: ++ glog_level = G_LOG_LEVEL_DEBUG; ++ break; ++ default: ++ g_warn_if_reached(); ++ return; ++ } ++ g_log_structured(G_LOG_DOMAIN, glog_level, "MESSAGE", msg); ++} ++ ++static struct usbredirparser * ++get_usbredirparser(void) ++{ ++ struct usbredirparser *parser = usbredirparser_create(); ++ g_assert_nonnull(parser); ++ ++ uint32_t caps[USB_REDIR_CAPS_SIZE] = { 0, }; ++ /* Typical caps set by usbredirhost */ ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_connect_device_version); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_filter); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_device_disconnect_ack); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_ep_info_max_packet_size); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_64bits_ids); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_32bits_bulk_length); ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_bulk_receiving); ++#if LIBUSBX_API_VERSION >= 0x01000103 ++ usbredirparser_caps_set_cap(caps, usb_redir_cap_bulk_streams); ++#endif ++ int parser_flags = usbredirparser_fl_usb_host; ++ ++ parser->log_func = log_cb; ++ usbredirparser_init(parser, ++ PACKAGE_STRING, ++ caps, ++ USB_REDIR_CAPS_SIZE, ++ parser_flags); ++ return parser; ++} ++ ++static void ++simple (gconstpointer user_data) ++{ ++ uint8_t *state = NULL; ++ int ret, len = -1; ++ ++ struct usbredirparser *source = get_usbredirparser(); ++ ret = usbredirparser_serialize(source, &state, &len); ++ g_assert_cmpint(ret, ==, 0); ++ ++ struct usbredirparser *target = get_usbredirparser(); ++ ret = usbredirparser_unserialize(target, state, len); ++ g_assert_cmpint(ret, ==, 0); ++ ++ g_clear_pointer(&state, free); ++ usbredirparser_destroy(source); ++ usbredirparser_destroy(target); ++} ++ ++int ++main(int argc, char **argv) ++{ ++ setlocale(LC_ALL, ""); ++ g_test_init(&argc, &argv, NULL); ++ ++ g_test_add_data_func("/serializer/serialize-and-unserialize", NULL, simple); ++ ++ return g_test_run(); ++} +diff --git a/usbredirparser/usbredirparser.c b/usbredirparser/usbredirparser.c +index cd1136b..a5dd0e7 100644 +--- a/usbredirparser/usbredirparser.c ++++ b/usbredirparser/usbredirparser.c +@@ -1816,9 +1816,7 @@ int usbredirparser_unserialize(struct usbredirparser *parser_pub, + return -1; + } + +- if (!(parser->write_buf_count == 0 && parser->write_buf == NULL && +- parser->write_buf_total_size == 0 && +- parser->data == NULL && parser->header_read == 0 && ++ if (!(parser->data == NULL && parser->header_read == 0 && + parser->type_header_read == 0 && parser->data_read == 0)) { + ERROR("unserialization must use a pristine parser"); + usbredirparser_assert_invariants(parser); +-- +2.37.1 + diff --git a/SOURCES/0002-usbredirparser-reset-parser-s-fields-on-unserialize.patch b/SOURCES/0002-usbredirparser-reset-parser-s-fields-on-unserialize.patch new file mode 100644 index 0000000..c46aa22 --- /dev/null +++ b/SOURCES/0002-usbredirparser-reset-parser-s-fields-on-unserialize.patch @@ -0,0 +1,63 @@ +From b93c4cae1aebda786a478677d6364308e4579ade Mon Sep 17 00:00:00 2001 +From: Victor Toso +Date: Sat, 25 Jun 2022 00:29:12 +0200 +Subject: [PATCH 2/2] usbredirparser: reset parser's fields on unserialize +Content-type: text/plain + +This is a followup from previous commit and fixes the following leak. + + | 104 (24 direct, 80 indirect) bytes in 1 blocks are definitely lost in loss record 15 of 19 + | at 0x484A464: calloc (vg_replace_malloc.c:1328) + | by 0x485A238: usbredirparser_queue (usbredirparser.c:1235) + | by 0x485A571: usbredirparser_init (usbredirparser.c:227) + | by 0x40130B: get_usbredirparser (serializer.c:77) + | by 0x401379: simple (serializer.c:95) + | by 0x48FA3DD: ??? (in /usr/lib64/libglib-2.0.so.0.7200.2) + | by 0x48FA144: ??? (in /usr/lib64/libglib-2.0.so.0.7200.2) + | by 0x48FA8E1: g_test_run_suite (in /usr/lib64/libglib-2.0.so.0.7200.2) + | by 0x48FA94C: g_test_run (in /usr/lib64/libglib-2.0.so.0.7200.2) + | by 0x401161: main (serializer.c:112) + | + | LEAK SUMMARY: + | definitely lost: 24 bytes in 1 blocks + | indirectly lost: 80 bytes in 1 blocks + | possibly lost: 0 bytes in 0 blocks + | still reachable: 25,500 bytes in 17 blocks + | suppressed: 0 bytes in 0 blocks + | Reachable blocks (those to which a pointer was found) are not shown. + | To see them, rerun with: --leak-check=full --show-leak-kinds=all + +Signed-off-by: Victor Toso +--- + usbredirparser/usbredirparser.c | 15 +++++++++++++++ + 1 file changed, 15 insertions(+) + +diff --git a/usbredirparser/usbredirparser.c b/usbredirparser/usbredirparser.c +index a5dd0e7..9bfc27c 100644 +--- a/usbredirparser/usbredirparser.c ++++ b/usbredirparser/usbredirparser.c +@@ -1823,6 +1823,21 @@ int usbredirparser_unserialize(struct usbredirparser *parser_pub, + return -1; + } + ++ { ++ /* We need to reset parser's state to receive unserialized ++ * data. */ ++ struct usbredirparser_buf *wbuf = parser->write_buf; ++ while (wbuf) { ++ struct usbredirparser_buf *next_wbuf = wbuf->next; ++ free(wbuf->buf); ++ free(wbuf); ++ wbuf = next_wbuf; ++ } ++ parser->write_buf = NULL; ++ parser->write_buf_count = 0; ++ parser->write_buf_total_size = 0; ++ } ++ + if (unserialize_int(parser, &state, &remain, &i, "length")) { + usbredirparser_assert_invariants(parser); + return -1; +-- +2.37.1 + diff --git a/SPECS/usbredir.spec b/SPECS/usbredir.spec new file mode 100644 index 0000000..468f3f7 --- /dev/null +++ b/SPECS/usbredir.spec @@ -0,0 +1,223 @@ +Name: usbredir +Version: 0.12.0 +Release: 3%{?dist} +Summary: USB network redirection protocol libraries +License: LGPLv2+ +URL: https://spice-space.org/usbredir.html +Source0: http://spice-space.org/download/%{name}/%{name}-%{version}.tar.xz +Patch0001: 0001-usbredirparser-Fix-unserialize-on-pristine-check.patch +Patch0002: 0002-usbredirparser-reset-parser-s-fields-on-unserialize.patch +BuildRequires: gcc +BuildRequires: glib2-devel +BuildRequires: libusb1-devel >= 1.0.9 +BuildRequires: git-core +BuildRequires: meson + +%description +The usbredir libraries allow USB devices to be used on remote and/or virtual +hosts over TCP. The following libraries are provided: + +usbredirparser: +A library containing the parser for the usbredir protocol + +usbredirhost: +A library implementing the USB host side of a usbredir connection. +All that an application wishing to implement a USB host needs to do is: +* Provide a libusb device handle for the device +* Provide write and read callbacks for the actual transport of usbredir data +* Monitor for usbredir and libusb read/write events and call their handlers + + +%package devel +Summary: Development files for %{name} +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description devel +The %{name}-devel package contains libraries and header files for +developing applications that use %{name}. + + +%package server +Summary: Simple USB host TCP server +License: GPLv2+ +Requires: %{name}%{?_isa} = %{version}-%{release} + +%description server +A simple USB host TCP server, using libusbredirhost. + + +%prep +%autosetup -S git_am + + +%build +%meson \ + -Dgit_werror=disabled \ + -Dtools=enabled \ + -Dfuzzing=disabled + +%meson_build + +%install +%meson_install + + +%ldconfig_scriptlets + + +%files +%{!?_licensedir:%global license %%doc} +%license COPYING.LIB +%{_libdir}/libusbredir*.so.* + +%files devel +%doc docs/usb-redirection-protocol.md docs/multi-thread.md ChangeLog.md TODO +%{_includedir}/usbredir*.h +%{_libdir}/libusbredir*.so +%{_libdir}/pkgconfig/libusbredir*.pc + +%files server +%{!?_licensedir:%global license %%doc} +%license COPYING +%{_bindir}/usbredirect +%{_sbindir}/usbredirserver +%{_mandir}/man1/usbredirect.1* +%{_mandir}/man1/usbredirserver.1* + + +%changelog +* Wed Mar 15 2023 MSVSphere Packaging Team - 0.12.0-3 +- Rebuilt for MSVSphere 9.1. + +* Thu Jul 28 2022 Victor Toso - 0.12.0-3 +- Fix unserialization (migration regression) + Related: rhbz#2111368 + +* Wed Jan 19 2022 Victor Toso - 0.12.0-2 +- Fix gating process + Related: rhbz#2020215 + +* Mon Nov 15 2021 Victor Toso - 0.12.0-1 +- Rebase to latest upstream: 0.12.0 + Related: rhbz#2020215 + +* Wed Sep 15 2021 Victor Toso - 0.8.0-9 +- Avoid use-after-free in serialization + Related: rhbz#1992873 + +* Tue Aug 10 2021 Mohan Boddu - 0.8.0-8 +- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags + Related: rhbz#1991688 + +* Fri Apr 16 2021 Mohan Boddu - 0.8.0-7 +- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 + +* Wed Jan 27 2021 Fedora Release Engineering - 0.8.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Wed Jul 29 2020 Fedora Release Engineering - 0.8.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Fri Jan 31 2020 Fedora Release Engineering - 0.8.0-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sat Jul 27 2019 Fedora Release Engineering - 0.8.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Sun Feb 03 2019 Fedora Release Engineering - 0.8.0-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Tue Aug 07 2018 Victor Toso - 0.8.0-1 +- Update to 0.8.0 + +* Sat Jul 14 2018 Fedora Release Engineering - 0.7.1-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Fri Feb 09 2018 Fedora Release Engineering - 0.7.1-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Mon Feb 05 2018 Igor Gnatenko - 0.7.1-6 +- Switch to %%ldconfig_scriptlets + +* Thu Aug 03 2017 Fedora Release Engineering - 0.7.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Thu Jul 27 2017 Fedora Release Engineering - 0.7.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Sat Feb 11 2017 Fedora Release Engineering - 0.7.1-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Feb 05 2016 Fedora Release Engineering - 0.7.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Nov 02 2015 Fabiano FidĂȘncio 0.7.1-1 +- Update to upstream 0.7.1 release + +* Tue Jun 16 2015 Peter Robinson 0.7-4 +- Use %%license + +* Mon Aug 18 2014 Fedora Release Engineering - 0.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Sun Jun 08 2014 Fedora Release Engineering - 0.7-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Wed May 21 2014 Hans de Goede - 0.7-1 +- Update to upstream 0.7 release + +* Tue Sep 10 2013 Hans de Goede - 0.6-5 +- Use the new libusb autodetach kernel driver functionality +- Fix a usbredirparser bug which causes tcp/ip redir to not work (rhbz#1005015) + +* Sun Aug 04 2013 Fedora Release Engineering - 0.6-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Mon May 13 2013 Hans de Goede - 0.6-3 +- Fix usbredirserver not listening for ipv6 connections (rhbz#957470) +- Fix a few (harmless) coverity warnings + +* Fri Feb 15 2013 Fedora Release Engineering - 0.6-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Dec 13 2012 Hans de Goede - 0.6-1 +- Update to upstream 0.6 release + +* Tue Sep 25 2012 Hans de Goede - 0.5.2-1 +- Update to upstream 0.5.2 release + +* Wed Sep 19 2012 Hans de Goede - 0.5.1-1 +- Update to upstream 0.5.1 release + +* Fri Sep 7 2012 Hans de Goede - 0.5-1 +- Update to upstream 0.5 release + +* Mon Jul 30 2012 Hans de Goede - 0.4.3-3 +- Add 2 fixes from upstream fixing issues with some bulk devices (rhbz#842358) + +* Sun Jul 22 2012 Fedora Release Engineering - 0.4.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon Apr 2 2012 Hans de Goede - 0.4.3-1 +- Update to upstream 0.4.3 release + +* Tue Mar 6 2012 Hans de Goede - 0.4.2-1 +- Update to upstream 0.4.2 release + +* Sat Feb 25 2012 Hans de Goede - 0.4.1-1 +- Update to upstream 0.4.1 release + +* Thu Feb 23 2012 Hans de Goede - 0.4-1 +- Update to upstream 0.4 release + +* Thu Jan 12 2012 Hans de Goede - 0.3.3-1 +- Update to upstream 0.3.3 release + +* Tue Jan 3 2012 Hans de Goede 0.3.2-1 +- Update to upstream 0.3.2 release + +* Wed Aug 24 2011 Hans de Goede 0.3.1-1 +- Update to upstream 0.3.1 release + +* Thu Jul 14 2011 Hans de Goede 0.3-1 +- Initial Fedora package