unblock request: mono 2.6.7-5
Dear release team,
please unblock mono 2.6.7-5 for testing migration. -5 contains 3
important fixes over -4:
* a regression of tailcalls which broke F#
* CVE-2010-4254 (+3 changes for the regressions of it)
* a crash that could happen when upgrading from lenny with exhausted
/dev/shm.
The test suite has shown no regression over -4 on any architecture, see:
https://buildd.debian.org/pkg.cgi?pkg=mono
With the pending release I guess the days for migration should be
lowered to something less than 5 days.
Attached you can find the debdiff of it.
--
Regards,
Mirco 'meebey' Bauer
PGP-Key ID: 0xEEF946C8
FOSS Developer meebey@meebey.net http://www.meebey.net/
PEAR Developer meebey@php.net http://pear.php.net/
Debian Developer meebey@debian.org http://www.debian.org/
diff -u mono-2.6.7/mono/mini/mini-amd64.h mono-2.6.7/mono/mini/mini-amd64.h
--- mono-2.6.7/mono/mini/mini-amd64.h
+++ mono-2.6.7/mono/mini/mini-amd64.h
@@ -379,4 +379,6 @@
#define MONO_ARCH_HAVE_SETUP_RESUME_FROM_SIGNAL_HANDLER_CTX 1
+#define MONO_ARCH_USE_OP_TAIL_CALL(caller_sig, callee_sig) mono_metadata_signature_equal ((caller_sig), (callee_sig))
+
/* Used for optimization, not complete */
#define MONO_ARCH_IS_OP_MEMBASE(opcode) ((opcode) == OP_X86_PUSH_MEMBASE)
diff -u mono-2.6.7/mono/metadata/reflection.c mono-2.6.7/mono/metadata/reflection.c
--- mono-2.6.7/mono/metadata/reflection.c
+++ mono-2.6.7/mono/metadata/reflection.c
@@ -10183,6 +10183,9 @@
mono_g_hash_table_insert (image->generic_def_objects, imethod, rmethod);
mono_loader_unlock ();
}
+
+ if (!mono_verifier_is_method_valid_generic_instantiation (inflated))
+ mono_raise_exception (mono_get_exception_argument ("typeArguments", "Invalid generic arguments"));
return mono_method_get_object (mono_object_domain (rmethod), inflated, NULL);
}
diff -u mono-2.6.7/mono/metadata/class.c mono-2.6.7/mono/metadata/class.c
--- mono-2.6.7/mono/metadata/class.c
+++ mono-2.6.7/mono/metadata/class.c
@@ -4529,6 +4529,9 @@
setup_interface_offsets (class, 0);
}
+ if (class->generic_class && !mono_verifier_class_is_valid_generic_instantiation (class))
+ mono_class_set_failure (class, MONO_EXCEPTION_TYPE_LOAD, g_strdup ("Invalid generic instantiation"));
+
goto leave;
leave:
diff -u mono-2.6.7/debian/changelog mono-2.6.7/debian/changelog
--- mono-2.6.7/debian/changelog
+++ mono-2.6.7/debian/changelog
@@ -1,3 +1,22 @@
+mono (2.6.7-5) unstable; urgency=low
+
+ [ Zoltan Varga ]
+ * [7453b31] Fix a merge problem which broke tailcalls and F# support.
+ (closes: #607465)
+
+ [ Rodrigo Kumpera ]
+ * [e32c3aa] Check generic instantions for constraint violations.
+ (CVE-2010-4254, closes: #608288)
+ * [7905343] Fix corlib testsuite crash.
+ * [6eb9cab] Handle invalid instantiation of generic methods.
+ * [fbba0ca] Disable generic instance verification is security is off.
+
+ [ Mirco Bauer ]
+ * [ec09641] Disable the use of shared memory to make Mono reliable
+ even when /dev/shm gets exhausted. (closes: #587948)
+
+ -- Mirco Bauer <meebey@debian.org> Sun, 09 Jan 2011 19:38:15 +0100
+
mono (2.6.7-4) unstable; urgency=high
[ Mirco Bauer ]
diff -u mono-2.6.7/debian/rules mono-2.6.7/debian/rules
--- mono-2.6.7/debian/rules
+++ mono-2.6.7/debian/rules
@@ -83,7 +83,8 @@
--with-libgdiplus=installed --with-x=yes \
--with-profile4=no \
--with-moonlight=no \
- --enable-quiet-build=no
+ --enable-quiet-build=no \
+ --disable-shared-handles
# Mono's build system doesn't like -j > 1
MAKE_FLAGS += -j1
only in patch2:
unchanged:
--- mono-2.6.7.orig/mono/metadata/icall.c
+++ mono-2.6.7/mono/metadata/icall.c
@@ -67,6 +67,7 @@
#include <mono/metadata/security-core-clr.h>
#include <mono/metadata/mono-perfcounters.h>
#include <mono/metadata/mono-debug.h>
+#include <mono/metadata/verify-internals.h>
#include <mono/io-layer/io-layer.h>
#include <mono/utils/strtod.h>
#include <mono/utils/monobitset.h>
@@ -2432,6 +2433,7 @@
static MonoReflectionType*
ves_icall_Type_MakeGenericType (MonoReflectionType *type, MonoArray *type_array)
{
+ MonoClass *class;
MonoType *geninst, **types;
int i, count;
@@ -2450,6 +2452,12 @@
if (!geninst)
return NULL;
+ class = mono_class_from_mono_type (geninst);
+
+ /*we might inflate to the GTD*/
+ if (class->generic_class && !mono_verifier_class_is_valid_generic_instantiation (class))
+ mono_raise_exception (mono_get_exception_argument ("method", "Invalid generic arguments"));
+
return mono_type_get_object (mono_object_domain (type), geninst);
}
only in patch2:
unchanged:
--- mono-2.6.7.orig/mono/metadata/verify.c
+++ mono-2.6.7/mono/metadata/verify.c
@@ -6483,6 +6483,25 @@
return FALSE;
return TRUE;
}
+
+gboolean
+mono_verifier_class_is_valid_generic_instantiation (MonoClass *class)
+{
+ if (!mono_verifier_is_enabled_for_class (class))
+ return TRUE;
+ return mono_class_is_valid_generic_instantiation (NULL, class);
+}
+
+gboolean
+mono_verifier_is_method_valid_generic_instantiation (MonoMethod *method)
+{
+ if (!method->is_inflated)
+ return TRUE;
+ if (!mono_verifier_is_enabled_for_method (method))
+ return TRUE;
+ return mono_method_is_valid_generic_instantiation (NULL, method);
+}
+
#else
gboolean
@@ -6554,4 +6573,19 @@
/* The verifier was disabled at compile time */
return NULL;
}
+
+gboolean
+mono_verifier_class_is_valid_generic_instantiation (MonoClass *class)
+{
+ return TRUE;
+}
+
+gboolean
+mono_verifier_is_method_valid_generic_instantiation (MonoMethod *method)
+{
+ return TRUE;
+}
+
+
+
#endif
only in patch2:
unchanged:
--- mono-2.6.7.orig/mono/metadata/verify-internals.h
+++ mono-2.6.7/mono/metadata/verify-internals.h
@@ -21,6 +21,8 @@
gboolean mono_verifier_is_method_full_trust (MonoMethod *method) MONO_INTERNAL;
gboolean mono_verifier_is_class_full_trust (MonoClass *klass) MONO_INTERNAL;
+gboolean mono_verifier_class_is_valid_generic_instantiation (MonoClass *class) MONO_INTERNAL;
+gboolean mono_verifier_is_method_valid_generic_instantiation (MonoMethod *method) MONO_INTERNAL;
gboolean mono_verifier_verify_class (MonoClass *klass) MONO_INTERNAL;
Reply to: