diff options
author | Armin Kuster <akuster808@gmail.com> | 2019-08-31 14:15:49 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-09-03 09:55:50 +0100 |
commit | b8ce258f15d793a29dd19d81a662e2ecefd8d202 (patch) | |
tree | 33b3477943674ef793cc5affa1df8e46630ace29 | |
parent | 6b3e91fe1a854c84d698e00f306f3ed8de56b1da (diff) | |
download | poky-b8ce258f15d793a29dd19d81a662e2ecefd8d202.tar.gz |
gcc-9.2: Security fix for CVE-2019-14250
Affects: <= 9.2
(From OE-Core rev: af761de211ecdcb358c6412f9e7e3398b7525cf2)
Signed-off-by: Armin Kuster <Akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
-rw-r--r-- | meta/recipes-devtools/gcc/gcc-9.2.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch | 44 |
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-9.2.inc b/meta/recipes-devtools/gcc/gcc-9.2.inc index 1c3e200dab..01d3bf0f32 100644 --- a/meta/recipes-devtools/gcc/gcc-9.2.inc +++ b/meta/recipes-devtools/gcc/gcc-9.2.inc | |||
@@ -64,6 +64,7 @@ SRC_URI = "\ | |||
64 | file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \ | 64 | file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \ |
65 | file://0035-Fix-for-testsuite-failure.patch \ | 65 | file://0035-Fix-for-testsuite-failure.patch \ |
66 | file://0036-Re-introduce-spe-commandline-options.patch \ | 66 | file://0036-Re-introduce-spe-commandline-options.patch \ |
67 | file://CVE-2019-14250.patch \ | ||
67 | " | 68 | " |
68 | S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" | 69 | S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" |
69 | SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78" | 70 | SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78" |
diff --git a/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch new file mode 100644 index 0000000000..65ea34558a --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch | |||
@@ -0,0 +1,44 @@ | |||
1 | From 517b211a3d78366ca8d5929f580e8ca72fd2c004 Mon Sep 17 00:00:00 2001 | ||
2 | From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4> | ||
3 | Date: Thu, 25 Jul 2019 10:46:54 +0000 | ||
4 | Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de> | ||
5 | |||
6 | PR lto/90924 | ||
7 | Backport from mainline | ||
8 | 2019-07-12 Ren Kimura <rkx1209dev@gmail.com> | ||
9 | |||
10 | * simple-object-elf.c (simple_object_elf_match): Check zero value | ||
11 | shstrndx. | ||
12 | |||
13 | |||
14 | git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-9-branch@273793 138bc75d-0d04-0410-961f-82ee72b054a4 | ||
15 | |||
16 | Upstream-Status: Backport | ||
17 | Affectes: < 9.2 | ||
18 | CVE: CVE-2019-14250 | ||
19 | Dropped changelog | ||
20 | Signed-off-by: Armin Kuster <Akustre@mvista.com> | ||
21 | |||
22 | --- | ||
23 | libiberty/simple-object-elf.c | 8 ++++++++ | ||
24 | 2 files changed, 17 insertions(+) | ||
25 | |||
26 | Index: gcc-9.2.0/libiberty/simple-object-elf.c | ||
27 | =================================================================== | ||
28 | --- gcc-9.2.0.orig/libiberty/simple-object-elf.c | ||
29 | +++ gcc-9.2.0/libiberty/simple-object-elf.c | ||
30 | @@ -557,6 +557,14 @@ simple_object_elf_match (unsigned char h | ||
31 | return NULL; | ||
32 | } | ||
33 | |||
34 | + if (eor->shstrndx == 0) | ||
35 | + { | ||
36 | + *errmsg = "invalid ELF shstrndx == 0"; | ||
37 | + *err = 0; | ||
38 | + XDELETE (eor); | ||
39 | + return NULL; | ||
40 | + } | ||
41 | + | ||
42 | return (void *) eor; | ||
43 | } | ||
44 | |||