SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for libdwarf0-0.11.0-kf.2.1.x86_64.rpm :

* Sun Aug 18 2024 Dirk Müller - update to 0.11.0:
* Identifies git fix id now for ossfuzz 70721 DW202407-010
* Correcting use-after-free with a specific corrupted DWARF section.
* This simplfies getting correct cooked addresses for entries from .debug_ranges
* The new code about .debug_ranges had small leaks when the library was told not to record or clean-up most memory allocations. Shown by -fsanitize.
* Fixed a mistake in examplev, .debug_ranges
* Added new argument to print_ranges_list_to_extra() so it can print both raw and cooked values.
* Now calulates the cooked value of .debug_ranges and prints both raw and cooked values.
* New date, some Dwarf_Ranges doc has been updated in libdwarf.
* Added clarifying comment paragraphs about Dwarf_Ranges
* Final on the rnglists ossfuzz issues so far.
* ossfuzz 70246 DW202407-002 fixed.
* Removing esb_append_printf() which is the last use of
*sprintf()
* ossfuzz 70244 fixed DW202407-001
* Removing esb_append_printf() as it is no longer necessary.
* Added blank line after d= semantic version
* Fixed trailing whitespace and indents.
* Refine the information on rnglists base with
* cc_rnglists_base_via_at (similar to loclists)
* Added cc_loclists_base_via_at and
* Due to the addition of dwarf_get_locdesc_entry_e() we revise the version for the next release to be
* Issue #247, github libdwarf-code.
* Fix indents and eliminate trailing whitespace.
* Corrected the gitfixid as there was a use-after-free in new-today code, now fixed.
* Fixing a nasty double free that was caused a few minutes ago.
* New oss fuzz 69639 and 69641 are fixed. Here identfied as DW202406-001 and DW202406-002
* Remove debug printf (was #if 0 ... #endif) Fixed DW202406-001 ossfuzz 69639 and DW202406-002 ossfuzz 69641
* Implemented spelling change ld_kind to ld_lkind
* In dwarf_formref() we correct the reading of DW_FORM_loclistx and DW_FORM_rnglistx to read a uleb. Been wrong since 2022 at least.. Another spot reading these had it right all along.
* Renamed ll_kind to ll_lkind as it names a DW_LKIND value
* Renamed ld_kind to ld_lkind as it names a DW_LKIND value
* Revises the dwarfdump reporting of debug_loclists to clarify the dwarf 5 debug_loclists structure content.
* The --print-raw-loclists option is more useful now.
* Revises the dwarfdump reporting of debug_rnglists to clarify the dwarf 5 debug_rnglists structure content.
* The --print-raw-rnglists option is more useful now.
* In certain error cases the revised rnglists code was failing to dwarf_dealloc_error() where
* Updated the output format of --print-raw-loclists to be more useful and to essentially match the rnglists version.
* Separated out part of loclists data structs to be a better match with dwarf_rnglists.h
* Corrected calculations related to rnglists array of offsets (were calling entries address size when they are offset size).
* Removed some lines related to merging skeleton and split, they were wrong. debug_rnglists and debug_rnglists.dwo
* Initialize the three new fields in Dwarf_Debug_s used for DWARF5 GNU extension .debug_addr printing.
* Renaming DW_DLE_PE_SECTION_SIZE_ERROR to DW_DLE_PE_SECTION_SIZE_HEURISTIC_FAIL so any failure of the three such tests are clearly reported. Should never happen.
* A heuristic sanity check on section VirtualSize was too concervative at s00MB, a PE object file had a section over 200MB in size.
* Adding release xz name
* Wed May 29 2024 Dominique Leuenberger - Update to version 0.9.2: + Fixed four vulnerabilities that could crash the library (segmentation violation etc) reading specific corruptions to DWARF. DW202402-001, DW202402-002,DW202402-003, and DW202403-001. Now the library returns an error code for those. Corrected a dwarf.h misspelling of DW_CFA_hi_user.
* Tue Jan 30 2024 Dirk Müller - update to 0.9.1:
* \"--disable-decompression\" tells the build to compile libdwarf and dwarfdump with no reference to the zlib or zstd libraries.
* Latest DW_LANG names now present.- build with zstd support
* Thu Dec 28 2023 Dirk Müller - update to 0.9.0:
* Added support for reading Apple MacOS universal binaries.
* Added callers access to certain fields from object files (for all three supported object formats), and
* added the --print-machine-arch option to dwarfdump to show the fields.
* Three functions were added to the API, see the Changes section of the latest documentation or in libdwarf.pdf in the release. No functions were deleted or had their meaning changed.
* Vulnerabilities found by fuzzing were fixed.
* See https://www.prevanders.net/dwarfbug.html for vulnerability details.
* Sat Nov 18 2023 Dirk Müller - update to 0.8.0:
* The release fixes many vulnerabilities from corrupt DWARF and/or corrupt Elf. Two new functions are added for DWARF Frame access to get the correct sign of an argument (the pre-existing functions remain in place and working avoiding any need for recompilation or relinking of user code).
* Mon May 29 2023 Dirk Müller - update to 0.7.0:
* The release fixes more than 50 vulnerabilities from corrupt DWARF and/or corrupt Elf.
* Elf section counts can exceed 16 bits (on linux see man 5 elf) so some function prototype members of struct Dwarf_Obj_Access_Methods_a_s changed. Specifically, om_get_section_info() om_load_section(), and om_relocate_a_section() now pass section indexes as Dwarf_Unsigned instead of Dwarf_Half.
* Two functions have been removed from libdwarf.h and the library: dwarf_dnames_abbrev_by_code() and dwarf_dnames_abbrev_form_by_index().
* dwarf_dnames_abbrev_by_code() is slow and pointless. Use either dwarf_dnames_name() or dwarf_dnames_abbrevtable() instead, depending on what you want to accomplish.
* dwarf_dnames_abbrev_form_by_index() is not needed, was difficult to call due to argument list requirements, and never worked.
* Mon Feb 27 2023 Dirk Müller - update to 0.6.0: Fixes for Denial Of Service (possible libdwarf crash):
* The dealloc required for dwarf_offset_list() was incorrect, possibly leading to a crash.
* The function prototype for dwarf_dietype_offset() changed so it can work correctly on DWARF4 objects.
* A memory leak from dwarf_load_loclists() has been fixed.
* The function dwarf_get_pubtypes() changed, Dwarf_Type no longer exists, correcting a library design mistake made in 1993. The function applied to DWARF3 and DWARF4 objects.
* The set of functions using Dwarf_Type are gone, use Dwarf_Global instead. An object with DW_FORM_strx3 (DWARF5) could result in the library either crashing or returning an inappropriate error. DW_FORM_strx3 is now handled
* https://newreleases.io/github/davea42/libdwarf-code?version=v0.6.0
* Fri Dec 02 2022 Dirk Müller - update to 0.5.0:
* libdwarf-0.5.0 improves library performance reading DWARF DIEs by several percent (with no change in API).
* It adds functions allowing acess to the .debug_addr section independent of other sections. dwarfdump has a new option to show that section.
* Corrects the handling of some aspects of reading the .debug_names section.
* Enhances dwarf_get_globals() to return all globals that .debug_pubnames and .debug_names refer to (no change in the API except adding a function to return the DW_TAG of any globals derived from .debug_names)
* Mon Oct 03 2022 Dirk Müller - update to 0.4.2:
* memory leak fixes
* How to deal with a dwarf_init
*() call that fails (DW_DLV_ERROR) in a simple way is finally documented in libdwarf.pdf and in the on-line html.
* Fri Jul 15 2022 Dirk Müller - update to 0.4.1 (bsc#1200899, CVE-2022-34299):
* Two places where a carefully corrupted object file could result in libdwarf crashing a caller due to referencing memory outside the intended read area have been fixed (DW202205-001 and DW202206-001). One related to DW_FORM_ref_sig8, the other to the .debug_pubnames section.
* The library now accepts DW_AT_entry_pc in a CU DIE as a base address when DW_AT_low_pc is missing (an extension used by a current compiler).
* Added function dwarf_suppress_debuglink_crc() to allow callers to turn off doing a CRC calculation reading GNU debuglink data (saves time for library users accessing near-identical builds).- drop fix-CVE-2022-32200.patch (upstream)
* Tue Jun 07 2022 Dirk Müller - add fix-CVE-2022-32200.patch (bsc#1200291, CVE-2022-32200)
* Wed Apr 27 2022 Jan Engelhardt - Resolve rpmlint report \"libdwarf1.x86_64: E: shlib-policy-name-error SONAME: libdwarf.so.0, expected package suffix: 0\"
* Sun Apr 24 2022 Dirk Müller - update to 0.4.0:
* Removed the unused Dwarf_Error argument from dwarf_return_empty_pubnames() as the function can only return DW_DLV_OK. dwarf_xu_header_free() renamed to dwarf_dealloc_xu_header(). dwarf_gdbindex_free() renamed to dwarf_dealloc_gdbindex(). dwarf_loc_head_c_dealloc renamed to dwarf_dealloc_loc_head_c().
* dwarf_get_location_op_value_d() renamed to dwarf_get_location_op_value_c(), and 3 pointless arguments removed. The dwarf_get_location_op_value_d version and the three arguments were added for DWARF5 in libdwarf20210528 but the change was a mistake. Now reverted to the previous version.
* The .debug_names section interfaces have changed. Added dwarf_dnames_offsets() to provide details of facts useful in problems reading the section. dwarf_dnames_name() now does work and the interface was changed to make it easier to use.
* Mon Feb 21 2022 Dirk Müller - replace symlink by directory with hardlinks (bsc#1196198)
* Sun Feb 13 2022 Dirk Müller - update to 0.3.3:
* Release fixes a n assign offset = offset;
* Fixes a bug in LEB value reading of some values in the very rare case the compiler has emitted padding in the LEB
* Has improvements in detecting corrupt object files (Elf, MachO, and PE) and one new function that is only significant for those using an LLVM feature for Heterogenous Debugging. Passes Coverity Scan with zero issues.- drop libdwarf-gcc11.patch, libdwarf-gcc11-fixup.patch: upstream
* Wed Jun 16 2021 Fridrich Strba - Added patch:
* libdwarf-gcc11-fixup.patch + fix missing return and double define mistake in the upstream patch
* Tue Jun 15 2021 Dirk Müller - libdwarf-gcc11.patch: refresh with upstream patch
* Tue Jun 15 2021 Fridrich Strba - Added patch:
* libdwarf-gcc11.patch + skip correctly DW_FORM_implicit_const in _dwarf_formudata_internal (bsc#1187336)
* Fri Jun 11 2021 Fridrich Strba - update to 20210528: corrects libdwarf\'s handling of DWARF5 line table header DW_LNCT entries. Dwarfdump now prints DW_OP_bra and DW_OP_skip correctly and correctly validates the target of these operators. adds summary information on attribute/form-class uses and attribute/forms use to the existing option -ku summary on tags and attributes. Dwarfdump verifies many attribute references are usable and prints a little from the target DIE, including with DW_FORM_ref_sig8 references. Now dwarf.h shows many more extensions (added by compiler developers) to the TAGs and ATtributes defines. Alongide releases is a pdf, libdwarf2.1xl.pdf (xl.pdf as it is extra-large), that is the same as the latest libdwarf2.1.pdf but with the table-of-contents at the front, not the back, of the pdf. Created an experiment, it is around 15MB so seemed too large to place it in the release or to do multiple versions. Later updates will just replace it on prevanders.net.
* Wed Apr 21 2021 Wolfgang Frisch - Hardening: link as PIE (bsc#1185057).
* Fri Jan 29 2021 Dirk Müller - update to 20201201: dwarfdump now prints DWARF expression operators each on its own line. This makes viewing DWARF expressions much nicer given the increased use of much longer expressions. Those expression operators that reference DIES are now followed, verified, and the target DW_TAG and DW_AT_name are printed. A new dwarfdump.conf command \'option:\' lets one specify option: --format-expr-ops-joined in case you want the old style DWARF expression operators-on-one-line. Where the DWARF DIE children nest > nine-deep dwarfdump switches from indentation by spaces to a nest-level number.
* Mon Oct 26 2020 Dirk Mueller - update to 20201020:
* Fix various read and write outside bounds found via fuzzing
* Fri Sep 04 2020 Dirk Mueller - move libdwarf headers back to the old location
* Wed Sep 02 2020 Dirk Mueller - update to 20200825 (bsc#1142609, CVE-2019-14249) libdwarf now reads .debug_gnu_pubtypes & pubnames (non-standard but gcc creates them in DWARF5) via a small number of new functions and dwarfdump --print-debug-gnu prints both sections. Verifying the .debug_info offsets is not yet done. Dwarfdump now dumps DWARF5 .debug_rnglists and .debug_loclists. To handle DWARF5 there are a small number of new functions. All existing functions are still supported, but to read DWARF5 some small changes are required. In libdwarf see libdwarf2.1.pdf and also see dwarfdump now takes much less malloc() to work, as measured by valgrind --tool=massif and massif-visualizer. A dwarfdump run that did 2.2Gib of malloc/free before the changes now does 1.4GiB. libdwarf and dwarfdump now support DWARF5 .debug_rnglists. The new interfaces are documented in libdwarf/libdwarf2.1.pdf. The new option to dwarfdump is \"--print-raw-rnglists\". The code (dwarfdump/libdwarf), regressiontests, and readelfobj directories and all their tests are known to work on Linux(Ubuntu on x86_64 and i686), FreeBSD, MacOS Catalina (with Apple Command Line Tools), and IBM s390 (Big Endian!) running Ubuntu Linux. On Windows-MinGW the full regression tests have not been tested, but \'make check\' works for dwarfdump/libdwarf (the current dwarfdump make check actually does run dwarfdump and checks that dwarfdump basically works). Now a --disable-libelf configure/build of libdwarf/dwarfdump can read elf, mach-o DSYM, and PE executable/dll object files. Such a build will not need or use libelf or elf.h . The dwarfdump options that display Elf section headers or relocation record data are not available in a - -disable-libelf build. Nor is dwarfdump\'s support of reading archive files available in a --disable-libelf build. This libdwarf detects corrupt Elf object files much sooner than before, but does not explain what the corruption really is. Use GNU readelf (or readelfobj, a project on sourceforge) to get more detail about the problems found. See https://www.prevanders.net/dwarf.html for the git clone command for readelfobj. With --disable-libelf the --enable-dwarfgen option does not work: the dwarfgen build will fail. For building on machines without a usable elf.h or libelf but possibly with a libelf.h visible, --disable-libelf ensures the build won\'t use libelf or elf.h anywhere. - lz will be done if zlib.h is visible, independent of libelf, libelf.h, and elf.h If one has a standard Bourne shell (sh) available (such as sh on MacOS and sh in MinGW on Windows) one may be able to build libdwarf and dwarfdump natively and they can read Mach-o dSYM and PE object files to access DWARF information. This has NOT been tested under MacOS, so will likely fail on MacOS. No elf.h, libelf.h or zlib.h should be present. For example, the following is known to work under MinGW and this general plan applies to all builds including all builds with elf.h and libelf: mkdir test cd test [#](copy the source tree into test, if from git [#]the name of the top level will likely be \'code\') cd code The pre-build dwarf_names.[hc] and the tag related files are now part of the standard build so there is no longer any two-stage aspect of the build. The build simply compiles files in the distribution. If you use git to access the source be sure to sh scripts/FIX-CONFIGURE-TIMES to adjust the file timestamps as having timestamps in the right relationships is vital and git does not maintain timestamps. The script is always safe to run. It takes about 30 seconds. The complicated process of building certain .c and .h files has been relegated to the few people updating files libdwarf/libdwarf.h.in, libdwarf/dwarf_errmsg_list.h, dwarfdump/tag_attr_ext.list,dwarfdump/tag_attr.list, dwarfdump/tag_tree_ext.list, and dwarfdump/tag_tree.list. For everyone else the build is simply compiling the .c and .h files in the distribution. Simpler. sh scripts/buildstandardsource.sh creates these files. dwarfdump can now dump mach-o (MacOS) dSYM dwarf. All the usual libdwarf interfaces work. A new libdwarf initialization call dwarf_init_path() may be convenient for you to use.
* Fri Aug 02 2019 Martin Liška - Use FAT LTO objects in order to provide proper static library.
* Thu Feb 22 2018 p.drouandAATTgmail.com- Update to version 20180129 + Fixes libdwarf/dwarfdump vulnerabilities related to detecting corrupt DWARF and includes other small improvements- Changes from version 20170709 + Fixes a libdwarf vulnerability- Changes from version 20170416 + Begins to support the DWARF5 .debug_names section and other DWARF5 changes. (not tested, no test cases yet available). + Now supports DWARF5 split dwarf sensibly. The few new function interfaces can be ignored by those not needing split dwarf support. + The tools can now be built with cmake (the default build is still with configure)
* Mon Jan 02 2017 dmuellerAATTsuse.com- add missing splitrequires- revert rpm groups messup
* Mon Jan 02 2017 jengelhAATTinai.de- Fixup RPM groups and summaries. Drop redundant PreReq.- Put static in separate package.
* Mon Jan 02 2017 dmuellerAATTsuse.com- update to 20161124 (bsc#1012823, bsc#1001133, CVE-2016-9480, CVE-2016-7410, CVE-2016-7511, CVE-2016-5028, CVE-2016-5029, CVE-2016-5030, CVE-2016-5031, CVE-2016-5032, CVE-2016-5033, CVE-2016-5034, CVE-2016-5035, CVE-2016-5036, CVE-2016-5037, CVE-2016-5038, CVE-2016-5039, CVE-2016-5040, CVE-2016-5041, CVE-2016-5042, CVE-2016-5043, CVE-2016-5044 ):
* removes libdwarf-fix-parallel-build.diff- use shared library policy, main package removed and libdwarf1 added
* Wed Jan 21 2015 matzAATTsuse.com- Add libdwarf-fix-parallel-build.diff.
* Mon Jan 19 2015 matzAATTsuse.com- Update to new upstream release 20150115:
* New checking options added to dwarfdump (-ku -kuf -kD -kG -O file=).
* Deal better with internal errors (invalid ELF files/DWARF sections or out of memory) (fixes boo#911839).
* Remove dwarfdump2: it had no advantages over dwarfdump anymore.
* Thu Oct 23 2014 idonmezAATTsuse.com- Package COPYING and related license files.
* Wed Oct 15 2014 jengelhAATTinai.de- Update to new upstream release 20140805
* A mistake in handling DW_OP_GNU_const_type could lead to a libdwarf coredump at times.
* Added AARCH64 relocation support.
* Adds GNU-specific DW_FORM codes so recent gcc objects can be read usefully.
* Adds new functions to libdwarf for new DWARF reference types.
* Libdwarf now follows the DWARF2 standard properly in reading DW_FORM_ref_addr.
* Source incompatibility for users of producer code: dwarf_producer_init() now has a new interface and a sensible way to select the output ABI/ISA for relocation numbers. Part of preparation to emit DWARF3,4,5.
* The reader code now handles DebugFission, called Split Dwarf objects in the draft DWARF5 standard.
* The reader now can get the content of .gdbindex and .debug_cu_index and .debug_tu_index sections and dwarfdump -I can print them. Support is incomplete for the cu,tu sections: They exist in a .dwp object (GNU Debug Fission, to be in DWARF5) which is not yet properly handled.- Enable parallel build and remove ancient specfile tags and sections
  
ICM