diff options
author | Armin Kuster <akuster808@gmail.com> | 2017-11-26 12:13:20 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2017-12-11 22:02:58 +0000 |
commit | a24b585342a351d56f817ca5e41554b2038b6015 (patch) | |
tree | 983f03406338c777b424220140bb35a067e6a15a | |
parent | e1092451684ec675af2206d6089b7bdaabe6e20f (diff) | |
download | poky-a24b585342a351d56f817ca5e41554b2038b6015.tar.gz |
binutls: Security fix CVE-2017-8395
Affects: <= 2.28
(From OE-Core rev: b6c2ce1cd3907f5c6f5dcff0afb971d000e7c9bc)
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.28.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch | 72 |
2 files changed, 73 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.28.inc b/meta/recipes-devtools/binutils/binutils-2.28.inc index 8334a4c270..8c91f4c920 100644 --- a/meta/recipes-devtools/binutils/binutils-2.28.inc +++ b/meta/recipes-devtools/binutils/binutils-2.28.inc | |||
@@ -47,6 +47,7 @@ SRC_URI = "\ | |||
47 | file://CVE-2017-7614.patch \ | 47 | file://CVE-2017-7614.patch \ |
48 | file://CVE-2017-8393.patch \ | 48 | file://CVE-2017-8393.patch \ |
49 | file://CVE-2017-8394.patch \ | 49 | file://CVE-2017-8394.patch \ |
50 | file://CVE-2017-8395.patch \ | ||
50 | " | 51 | " |
51 | S = "${WORKDIR}/git" | 52 | S = "${WORKDIR}/git" |
52 | 53 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch new file mode 100644 index 0000000000..0a9bce3372 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch | |||
@@ -0,0 +1,72 @@ | |||
1 | From e63d123268f23a4cbc45ee55fb6dbc7d84729da3 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Clifton <nickc@redhat.com> | ||
3 | Date: Wed, 26 Apr 2017 13:07:49 +0100 | ||
4 | Subject: [PATCH] Fix seg-fault attempting to compress a debug section in a | ||
5 | corrupt binary. | ||
6 | |||
7 | PR binutils/21431 | ||
8 | * compress.c (bfd_init_section_compress_status): Check the return | ||
9 | value from bfd_malloc. | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | CVE: CVE-2017-8395 | ||
13 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
14 | |||
15 | --- | ||
16 | bfd/ChangeLog | 6 ++++++ | ||
17 | bfd/compress.c | 19 +++++++++---------- | ||
18 | 2 files changed, 15 insertions(+), 10 deletions(-) | ||
19 | |||
20 | Index: git/bfd/compress.c | ||
21 | =================================================================== | ||
22 | --- git.orig/bfd/compress.c | ||
23 | +++ git/bfd/compress.c | ||
24 | @@ -542,7 +542,6 @@ bfd_init_section_compress_status (bfd *a | ||
25 | { | ||
26 | bfd_size_type uncompressed_size; | ||
27 | bfd_byte *uncompressed_buffer; | ||
28 | - bfd_boolean ret; | ||
29 | |||
30 | /* Error if not opened for read. */ | ||
31 | if (abfd->direction != read_direction | ||
32 | @@ -558,18 +557,18 @@ bfd_init_section_compress_status (bfd *a | ||
33 | /* Read in the full section contents and compress it. */ | ||
34 | uncompressed_size = sec->size; | ||
35 | uncompressed_buffer = (bfd_byte *) bfd_malloc (uncompressed_size); | ||
36 | + /* PR 21431 */ | ||
37 | + if (uncompressed_buffer == NULL) | ||
38 | + return FALSE; | ||
39 | + | ||
40 | if (!bfd_get_section_contents (abfd, sec, uncompressed_buffer, | ||
41 | 0, uncompressed_size)) | ||
42 | - ret = FALSE; | ||
43 | - else | ||
44 | - { | ||
45 | - uncompressed_size = bfd_compress_section_contents (abfd, sec, | ||
46 | - uncompressed_buffer, | ||
47 | - uncompressed_size); | ||
48 | - ret = uncompressed_size != 0; | ||
49 | - } | ||
50 | + return FALSE; | ||
51 | |||
52 | - return ret; | ||
53 | + uncompressed_size = bfd_compress_section_contents (abfd, sec, | ||
54 | + uncompressed_buffer, | ||
55 | + uncompressed_size); | ||
56 | + return uncompressed_size != 0; | ||
57 | } | ||
58 | |||
59 | /* | ||
60 | Index: git/bfd/ChangeLog | ||
61 | =================================================================== | ||
62 | --- git.orig/bfd/ChangeLog | ||
63 | +++ git/bfd/ChangeLog | ||
64 | @@ -1,3 +1,8 @@ | ||
65 | +2017-04-26 Nick Clifton <nickc@redhat.com> | ||
66 | + | ||
67 | + PR binutils/21431 | ||
68 | + * compress.c (bfd_init_section_compress_status): Check the return | ||
69 | + value from bfd_malloc. | ||
70 | |||
71 | 2017-04-23 Alan Modra <amodra@gmail.com> | ||
72 | PR 21414 | ||