* [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
@ 2023-10-03 15:04 Jake Garver via groups.io
2023-10-23 4:27 ` Nhi Pham via groups.io
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Jake Garver via groups.io @ 2023-10-03 15:04 UTC (permalink / raw)
To: devel; +Cc: jian.j.wang, gaoliming, Jake Garver
Ignore old style declaration warnings in oniguruma/src/st.c. This was
already ignored for MSFT, but newer versions of clang complain as well.
Signed-off-by: Jake Garver <jake@nvidia.com>
---
.../Universal/RegularExpressionDxe/RegularExpressionDxe.inf | 1 +
1 file changed, 1 insertion(+)
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
index 84489c2942..0092531a67 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
@@ -102,6 +102,7 @@
# Oniguruma: old style declaration in st.c
MSFT:*_*_*_CC_FLAGS = /wd4131
+ GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
# Oniguruma: 'type cast' : truncation from 'OnigUChar *' to 'unsigned int'
MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
--
2.34.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109284): https://edk2.groups.io/g/devel/message/109284
Mute This Topic: https://groups.io/mt/101735690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply related [flat|nested] 7+ messages in thread
* Re: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
2023-10-03 15:04 [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error Jake Garver via groups.io
@ 2023-10-23 4:27 ` Nhi Pham via groups.io
[not found] ` <1790A21286FB1538.11247@groups.io>
2023-11-05 11:32 ` Laszlo Ersek
2 siblings, 0 replies; 7+ messages in thread
From: Nhi Pham via groups.io @ 2023-10-23 4:27 UTC (permalink / raw)
To: devel, jake; +Cc: jian.j.wang, gaoliming
This looks good to me. I also build-tested this patch.
Reviewed-by: Nhi Pham <nhi@os.amperecomputing.com>
Tested-by: Nhi Pham <nhi@os.amperecomputing.com>
On 10/3/2023 10:04 PM, Jake Garver via groups.io wrote:
> Ignore old style declaration warnings in oniguruma/src/st.c. This was
> already ignored for MSFT, but newer versions of clang complain as well.
>
> Signed-off-by: Jake Garver <jake@nvidia.com>
> ---
> .../Universal/RegularExpressionDxe/RegularExpressionDxe.inf | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> index 84489c2942..0092531a67 100644
> --- a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> +++ b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> @@ -102,6 +102,7 @@
>
> # Oniguruma: old style declaration in st.c
> MSFT:*_*_*_CC_FLAGS = /wd4131
> + GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
>
> # Oniguruma: 'type cast' : truncation from 'OnigUChar *' to 'unsigned int'
> MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#109886): https://edk2.groups.io/g/devel/message/109886
Mute This Topic: https://groups.io/mt/101735690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
[not found] ` <1790A21286FB1538.11247@groups.io>
@ 2023-11-05 7:09 ` Nhi Pham via groups.io
2023-11-06 0:59 ` 回复: " gaoliming via groups.io
0 siblings, 1 reply; 7+ messages in thread
From: Nhi Pham via groups.io @ 2023-11-05 7:09 UTC (permalink / raw)
To: devel, jake; +Cc: jian.j.wang, gaoliming
Hi Liming,
Could you please help review and get this patch merged within the next
edk2-stable tag?
Thanks,
Nhi
On 10/23/2023 11:27 AM, Nhi Pham via groups.io wrote:
> This looks good to me. I also build-tested this patch.
>
> Reviewed-by: Nhi Pham <nhi@os.amperecomputing.com>
> Tested-by: Nhi Pham <nhi@os.amperecomputing.com>
>
> On 10/3/2023 10:04 PM, Jake Garver via groups.io wrote:
>> Ignore old style declaration warnings in oniguruma/src/st.c. This was
>> already ignored for MSFT, but newer versions of clang complain as well.
>>
>> Signed-off-by: Jake Garver <jake@nvidia.com>
>> ---
>> .../Universal/RegularExpressionDxe/RegularExpressionDxe.inf | 1 +
>> 1 file changed, 1 insertion(+)
>>
>> diff --git
>> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
>> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
>> index 84489c2942..0092531a67 100644
>> ---
>> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
>> +++
>> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
>> @@ -102,6 +102,7 @@
>> # Oniguruma: old style declaration in st.c
>> MSFT:*_*_*_CC_FLAGS = /wd4131
>> + GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
>> # Oniguruma: 'type cast' : truncation from 'OnigUChar *' to
>> 'unsigned int'
>> MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
>
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110677): https://edk2.groups.io/g/devel/message/110677
Mute This Topic: https://groups.io/mt/101735690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
2023-10-03 15:04 [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error Jake Garver via groups.io
2023-10-23 4:27 ` Nhi Pham via groups.io
[not found] ` <1790A21286FB1538.11247@groups.io>
@ 2023-11-05 11:32 ` Laszlo Ersek
2023-11-06 0:59 ` 回复: " gaoliming via groups.io
2 siblings, 1 reply; 7+ messages in thread
From: Laszlo Ersek @ 2023-11-05 11:32 UTC (permalink / raw)
To: devel, jake; +Cc: jian.j.wang, gaoliming
On 10/3/23 17:04, Jake Garver via groups.io wrote:
> Ignore old style declaration warnings in oniguruma/src/st.c. This was
> already ignored for MSFT, but newer versions of clang complain as well.
>
> Signed-off-by: Jake Garver <jake@nvidia.com>
> ---
> .../Universal/RegularExpressionDxe/RegularExpressionDxe.inf | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> index 84489c2942..0092531a67 100644
> --- a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> +++ b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> @@ -102,6 +102,7 @@
>
> # Oniguruma: old style declaration in st.c
> MSFT:*_*_*_CC_FLAGS = /wd4131
> + GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
>
> # Oniguruma: 'type cast' : truncation from 'OnigUChar *' to 'unsigned int'
> MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
Our checkout of oniguruma is at tag "v6.9.4_mark1", from February 2020.
The latest upstream oniguruma release is "v6.9.9", dated 10 October 2023.
I totally randomly looked at the commit history. We are missing fixes
that the oniguruma project has received in response to fuzzing and
CodeQL static analysis. Fixes for use-after-free
(25535521ba2ea1aa74a1f65fc4a8ba55b0030719), undefined-shift fixes (too
many to list here, just search the history for "undefined-shift"),
various memory leak fixes, null pointer dereference fixes, and so on.
In particular, commit
<https://github.com/kkos/oniguruma/commit/0e766952e8fec7b8d516ce4f52f95e53b09ca4de>
is called "escape compile time warnings by clang 14.0", so that patch
(from August 2023) may solve the direct issue.
I propose that we should upgrade our oniguruma checkout to "v6.9.9", and
resolve any fallout from the update.
OVMF does not include RegularExpressionDxe, so I'm not attracted to take
this on myself. Can the users / owners of those platforms that do
include RegularExpressionDxe research the update to "v6.9.9"? I think
this should be worth your while; the recent oniguruma commit history
suggests that "v6.9.4_mark1" may contain quite a few known security bugs.
Note that, in general, a primary use case for regex engines is *input
validation*, before further parsing happens. It's not great if the
engine used for input validation contains known security bugs itself.
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110681): https://edk2.groups.io/g/devel/message/110681
Mute This Topic: https://groups.io/mt/101735690/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
* 回复: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
2023-11-05 11:32 ` Laszlo Ersek
@ 2023-11-06 0:59 ` gaoliming via groups.io
2023-11-07 12:04 ` Laszlo Ersek
0 siblings, 1 reply; 7+ messages in thread
From: gaoliming via groups.io @ 2023-11-06 0:59 UTC (permalink / raw)
To: devel, lersek, jake; +Cc: jian.j.wang
Laszlo:
I agree your suggestion. We can submit a new request to update oniguruma to the latest version.
This patch avoids the warning on the current version. I think this change is OK. I would like to merge this fix first.
Thanks
Liming
> -----邮件原件-----
> 发件人: devel@edk2.groups.io <devel@edk2.groups.io> 代表 Laszlo Ersek
> 发送时间: 2023年11月5日 19:33
> 收件人: devel@edk2.groups.io; jake@nvidia.com
> 抄送: jian.j.wang@intel.com; gaoliming@byosoft.com.cn
> 主题: Re: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix
> clang error
>
> On 10/3/23 17:04, Jake Garver via groups.io wrote:
> > Ignore old style declaration warnings in oniguruma/src/st.c. This was
> > already ignored for MSFT, but newer versions of clang complain as well.
> >
> > Signed-off-by: Jake Garver <jake@nvidia.com>
> > ---
> > .../Universal/RegularExpressionDxe/RegularExpressionDxe.inf | 1 +
> > 1 file changed, 1 insertion(+)
> >
> > diff --git
> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> > index 84489c2942..0092531a67 100644
> > ---
> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> > +++
> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> > @@ -102,6 +102,7 @@
> >
> > # Oniguruma: old style declaration in st.c
> > MSFT:*_*_*_CC_FLAGS = /wd4131
> > + GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
> >
> > # Oniguruma: 'type cast' : truncation from 'OnigUChar *' to 'unsigned
> int'
> > MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
>
> Our checkout of oniguruma is at tag "v6.9.4_mark1", from February 2020.
>
> The latest upstream oniguruma release is "v6.9.9", dated 10 October 2023.
>
> I totally randomly looked at the commit history. We are missing fixes
> that the oniguruma project has received in response to fuzzing and
> CodeQL static analysis. Fixes for use-after-free
> (25535521ba2ea1aa74a1f65fc4a8ba55b0030719), undefined-shift fixes (too
> many to list here, just search the history for "undefined-shift"),
> various memory leak fixes, null pointer dereference fixes, and so on.
>
> In particular, commit
> <https://github.com/kkos/oniguruma/commit/0e766952e8fec7b8d516ce4f52
> f95e53b09ca4de>
> is called "escape compile time warnings by clang 14.0", so that patch
> (from August 2023) may solve the direct issue.
>
> I propose that we should upgrade our oniguruma checkout to "v6.9.9", and
> resolve any fallout from the update.
>
> OVMF does not include RegularExpressionDxe, so I'm not attracted to take
> this on myself. Can the users / owners of those platforms that do
> include RegularExpressionDxe research the update to "v6.9.9"? I think
> this should be worth your while; the recent oniguruma commit history
> suggests that "v6.9.4_mark1" may contain quite a few known security bugs.
>
> Note that, in general, a primary use case for regex engines is *input
> validation*, before further parsing happens. It's not great if the
> engine used for input validation contains known security bugs itself.
>
> Laszlo
>
>
>
>
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110688): https://edk2.groups.io/g/devel/message/110688
Mute This Topic: https://groups.io/mt/102412008/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
* 回复: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
2023-11-05 7:09 ` Nhi Pham via groups.io
@ 2023-11-06 0:59 ` gaoliming via groups.io
0 siblings, 0 replies; 7+ messages in thread
From: gaoliming via groups.io @ 2023-11-06 0:59 UTC (permalink / raw)
To: 'Nhi Pham', devel, jake; +Cc: jian.j.wang
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
> -----邮件原件-----
> 发件人: Nhi Pham <nhi@os.amperecomputing.com>
> 发送时间: 2023年11月5日 15:09
> 收件人: devel@edk2.groups.io; jake@nvidia.com
> 抄送: jian.j.wang@intel.com; gaoliming@byosoft.com.cn
> 主题: Re: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix
> clang error
>
> Hi Liming,
>
> Could you please help review and get this patch merged within the next
> edk2-stable tag?
>
> Thanks,
> Nhi
>
> On 10/23/2023 11:27 AM, Nhi Pham via groups.io wrote:
> > This looks good to me. I also build-tested this patch.
> >
> > Reviewed-by: Nhi Pham <nhi@os.amperecomputing.com>
> > Tested-by: Nhi Pham <nhi@os.amperecomputing.com>
> >
> > On 10/3/2023 10:04 PM, Jake Garver via groups.io wrote:
> >> Ignore old style declaration warnings in oniguruma/src/st.c. This was
> >> already ignored for MSFT, but newer versions of clang complain as well.
> >>
> >> Signed-off-by: Jake Garver <jake@nvidia.com>
> >> ---
> >> .../Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> | 1 +
> >> 1 file changed, 1 insertion(+)
> >>
> >> diff --git
> >>
> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> >>
> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> >> index 84489c2942..0092531a67 100644
> >> ---
> >>
> a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> >> +++
> >>
> b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.inf
> >> @@ -102,6 +102,7 @@
> >> # Oniguruma: old style declaration in st.c
> >> MSFT:*_*_*_CC_FLAGS = /wd4131
> >> + GCC:*_*_*_CC_FLAGS = -Wno-deprecated-non-prototype
> >> # Oniguruma: 'type cast' : truncation from 'OnigUChar *' to
> >> 'unsigned int'
> >> MSFT:*_*_*_CC_FLAGS = /wd4305 /wd4306
> >
> >
> >
> >
> >
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110689): https://edk2.groups.io/g/devel/message/110689
Mute This Topic: https://groups.io/mt/102412041/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: 回复: [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error
2023-11-06 0:59 ` 回复: " gaoliming via groups.io
@ 2023-11-07 12:04 ` Laszlo Ersek
0 siblings, 0 replies; 7+ messages in thread
From: Laszlo Ersek @ 2023-11-07 12:04 UTC (permalink / raw)
To: gaoliming, devel, jake; +Cc: jian.j.wang
On 11/6/23 01:59, gaoliming wrote:
> Laszlo:
> I agree your suggestion. We can submit a new request to update oniguruma to the latest version.
>
> This patch avoids the warning on the current version. I think this change is OK. I would like to merge this fix first.
OK.
Filed this BZ:
update oniguruma to 6.9.9
https://bugzilla.tianocore.org/show_bug.cgi?id=4592
Laszlo
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#110846): https://edk2.groups.io/g/devel/message/110846
Mute This Topic: https://groups.io/mt/102412008/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2023-11-07 12:05 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-10-03 15:04 [edk2-devel] [PATCH] MdeModulePkg/RegularExpressinoDxe: Fix clang error Jake Garver via groups.io
2023-10-23 4:27 ` Nhi Pham via groups.io
[not found] ` <1790A21286FB1538.11247@groups.io>
2023-11-05 7:09 ` Nhi Pham via groups.io
2023-11-06 0:59 ` 回复: " gaoliming via groups.io
2023-11-05 11:32 ` Laszlo Ersek
2023-11-06 0:59 ` 回复: " gaoliming via groups.io
2023-11-07 12:04 ` Laszlo Ersek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox