Disable tests which are enabled by default in debug mode since bump to
version 2.0.0 in commit 2a3edc5e00 and
e84f12fc5e
as they will raise the following build failure if cmocka is built before
libyang:
In file included from /home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/stdint.h:20,
from /home/buildroot/autobuild/instance-0/output-1/host/opt/ext-toolchain/lib/gcc/riscv64-buildroot-linux-musl/10.3.0/include/stdint.h:9,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/src/libyang.h:18,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/utests.h:30,
from /home/buildroot/autobuild/instance-0/output-1/build/libyang-2.0.112/tests/utests/extensions/test_yangdata.c:15:
/home/buildroot/autobuild/instance-0/output-1/host/riscv64-buildroot-linux-musl/sysroot/usr/include/bits/alltypes.h:53:24: error: conflicting types for 'uintptr_t'
53 | typedef unsigned _Addr uintptr_t;
| ^~~~~~~~~
Fixes:
- http://autobuild.buildroot.org/results/7ae21fbb28b1a69183c5d8ed87cf5f5cbf055026
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Fixes the following security issues:
- CVE-2021-28902: In function read_yin_container() in libyang <= v1.0.225,
it doesn't check whether the value of retval->ext[r] is NULL. In some
cases, it can be NULL, which leads to the operation of
retval->ext[r]->flags that results in a crash.
- CVE-2021-28903: A stack overflow in libyang <= v1.0.225 can cause a denial
of service through function lyxml_parse_mem(). lyxml_parse_elem()
function will be called recursively, which will consume stack space and
lead to crash.
- CVE-2021-28904: In function ext_get_plugin() in libyang <= v1.0.225, it
doesn't check whether the value of revision is NULL. If revision is NULL,
the operation of strcmp(revision, ext_plugins[u].revision) will lead to a
crash.
- CVE-2021-28905: In function lys_node_free() in libyang <= v1.0.225, it
asserts that the value of node->module can't be NULL. But in some cases,
node->module can be null, which triggers a reachable assertion (CWE-617).
- CVE-2021-28906: In function read_yin_leaf() in libyang <= v1.0.225, it
doesn't check whether the value of retval->ext[r] is NULL. In some cases,
it can be NULL, which leads to the operation of retval->ext[r]->flags that
results in a crash.
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This option is required by frr package, so enable it by default as there
is no size difference with or without this option enabled.
Signed-off-by: Vadim Kochan <vadim4j@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
In order for the libyang version to match what is given by
release-monitoring.org, the 'v' prefix should be encoded in
LIBYANG_SITE and not LIBYANG_VERSION.
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
LibYANG processes YIN and YANG files. It's a dependency of sysrepo
which is a dependency of Netopeer, a NETCONF/YANG server.
Signed-off-by: Heiko Thiery <heiko.thiery@kontron.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
