-
Notifications
You must be signed in to change notification settings - Fork 12.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[stable] Fix CVE 2022 21658 and prepare 1.58.1 #93110
[stable] Fix CVE 2022 21658 and prepare 1.58.1 #93110
Conversation
Prior to PR rust-lang#91205, checking for errors in the overall obligation would check checking the `ParamEnv`, due to an incorrect `super_visit_with` impl. With this bug fixed, we will now bail out of impl candidate assembly if the `ParamEnv` contains any error types. In practice, this appears to be overly conservative - when an error occurs early in compilation, we end up giving up early for some predicates that we could have successfully evaluated without overflow. By only checking for errors in the predicate itself, we avoid causing additional spurious 'type annotations needed' errors after a 'real' error has already occurred. With this PR, the diagnostic changes caused by PR rust-lang#91205 are reverted.
@bors r+ p=1000 rollup=never |
📌 Commit 1e17daf has been approved by |
⌛ Testing commit 1e17daf with merge 141c792fcb22e7b5e2e37ec143a68518b2e9c48a... |
This comment has been minimized.
This comment has been minimized.
💔 Test failed - checks-actions |
cc @hkratz, something went wrong during the rebase :( |
@bors r+ p=1000 rollup=never |
📌 Commit cb88166 has been approved by |
⌛ Testing commit cb88166 with merge 2486f951e3e7b4ec9048593c82664b7353d1814d... |
@bors r+ p=1000 rollup=never Improved the Fuchsia fix and fixed a compiler error in REDOX. |
📌 Commit 1c63ec4 has been approved by |
@bors treeclosed- |
☀️ Test successful - checks-actions |
…roalbini [stable] Prepare 1.58.1 artifacts rust-lang#93110 added all the changes needed for the 1.58.1 release, but didn't bump the version number. This PR bumps the version number to produce the 1.58.1 stable artifacts. r? `@ghost`
let child = child?; | ||
match is_dir(&child) { | ||
Some(true) => { | ||
remove_dir_all_recursive(Some(fd), Path::new(&child.file_name()))?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This seems like a breaking change since it lacks loop detection? A sufficiently deep directory tree should return ELOOP or ENAMETOOLONG, but the kernel can't do that for us if we're using openat
. Instead of returning an error it would result stack overflow panics.
I already had a PR open for openat-based remove_dir_all (#88731) that does loop detection.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There should be no loops. Bind mounts on Linux and directory hardlinks (available for Macos only) are not allowed to loop and we are not descending into symlinked dirs because we open them with openat(..., O_NOFOLLOW)
.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I thought I have managed to introduce loops with bind mounts or overlayfs in the past. But let me check again.
And FUSE might be another option.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Anyway, I have filed #93129 let's continue discussion there.
…on-number, r=Mark-Simulacrum Add script to prevent point releases with same number as existing ones This will hopefully prevent what happened today with rust-lang#93110 and rust-lang#93121, where we built point release artifacts without changing version numbers, thus requiring another PR to change the version number. r? `@Mark-Simulacrum`
…on-number, r=Mark-Simulacrum Add script to prevent point releases with same number as existing ones This will hopefully prevent what happened today with rust-lang#93110 and rust-lang#93121, where we built point release artifacts without changing version numbers, thus requiring another PR to change the version number. r? `@Mark-Simulacrum`
…crum [beta] Clippy: Handle implicit named arguments in `useless_format` Closes rust-lang#92938 This backports a Clippy fix to beta, that was already backported for 1.58.1 in rust-lang#93110
Followup to #93071. Includes the fix for CVE-2022-21658.
r? @ghost
cc @rust-lang/release @rust-lang/security