1 files changed, 37 insertions, 0 deletions
diff --git a/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch b/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch
new file mode 100644
index 0000000..deba45f
--- /dev/null
+++ b/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch
@@ -0,0 +1,37 @@
+From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
+From: Li xin <lixin.fnst@cn.fujitsu.com>
+Date: Wed, 21 Jan 2015 09:33:38 +0900
+Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
+this patch is from:
+ https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
+Upstream-Status: Backport
+CVE: CVE-2014-9447
+Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
+---
+ libelf/elf_begin.c | 7 ++-----
+ 1 file changed, 2 insertions(+), 5 deletions(-)
+diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
+index e46add3..e83ba35 100644
+--- a/libelf/elf_begin.c
+++ b/libelf/elf_begin.c
+@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
+            break;
+ 
+          /* NUL-terminate the string.  */
+-         *runp = '\0';
+-
+-         /* Skip the NUL byte and the \012.  */
+-         runp += 2;
+-
+         *runp++ = '\0';
+ 
+          /* A sanity check.  Somebody might have generated invalid
+             archive.  */
+          if (runp >= newp + len)
+-- 
+1.8.4.2

diff --git a/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch b/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch new file mode 100644 index 0000000..deba45f --- /dev/null +++ b/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch
@@ -0,0 +1,37 @@
	1	From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
	2	From: Li xin <lixin.fnst@cn.fujitsu.com>
	3	Date: Wed, 21 Jan 2015 09:33:38 +0900
	4	Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
	5
	6	this patch is from:
	7	https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
	8
	9	Upstream-Status: Backport
	10	CVE: CVE-2014-9447
	11
	12	Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
	13	---
	14	libelf/elf_begin.c \| 7 ++-----
	15	1 file changed, 2 insertions(+), 5 deletions(-)
	16
	17	diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
	18	index e46add3..e83ba35 100644
	19	--- a/libelf/elf_begin.c
	20	+++ b/libelf/elf_begin.c
	21	@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
	22	break;
	23
	24	/* NUL-terminate the string. */
	25	- *runp = '\0';
	26	-
	27	- /* Skip the NUL byte and the \012. */
	28	- runp += 2;
	29	-
	30	+ *runp++ = '\0';
	31	+
	32	/* A sanity check. Somebody might have generated invalid
	33	archive. */
	34	if (runp >= newp + len)
	35	--
	36	1.8.4.2
	37