diff options
| author | Armin Kuster <akuster@mvista.com> | 2018-08-06 18:53:37 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-08-15 10:22:45 +0100 |
| commit | 9e7dc232e714189a8dc1233bd8c956891c79e5eb (patch) | |
| tree | 2ca12c3e915764c47be9140c115e02620169e095 | |
| parent | 00a04d8d8bfd99f23bbe51c956a542452cd8c70b (diff) | |
| download | poky-9e7dc232e714189a8dc1233bd8c956891c79e5eb.tar.gz | |
binutls: Security fix for CVE-2017-15023
affects: <= 2.29.1
(From OE-Core rev: 755fd4e68af4cdafc482c02b7822cc06215da4fb)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.29.1.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch | 52 |
2 files changed, 53 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index 191d8e1255..caff121b75 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc | |||
| @@ -46,6 +46,7 @@ SRC_URI = "\ | |||
| 46 | file://CVE-2017-14940.patch \ | 46 | file://CVE-2017-14940.patch \ |
| 47 | file://CVE-2017-15021.patch \ | 47 | file://CVE-2017-15021.patch \ |
| 48 | file://CVE-2017-15022.patch \ | 48 | file://CVE-2017-15022.patch \ |
| 49 | file://CVE-2017-15023.patch \ | ||
| 49 | " | 50 | " |
| 50 | S = "${WORKDIR}/git" | 51 | S = "${WORKDIR}/git" |
| 51 | 52 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch new file mode 100644 index 0000000000..9439b7b55f --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-15023.patch | |||
| @@ -0,0 +1,52 @@ | |||
| 1 | From c361faae8d964db951b7100cada4dcdc983df1bf Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Alan Modra <amodra@gmail.com> | ||
| 3 | Date: Mon, 25 Sep 2017 19:03:46 +0930 | ||
| 4 | Subject: [PATCH] PR22200, DWARF5 .debug_line sanity check | ||
| 5 | |||
| 6 | The format_count entry can't be zero unless the count is also zero. | ||
| 7 | |||
| 8 | PR 22200 | ||
| 9 | * dwarf2.c (read_formatted_entries): Error on format_count zero. | ||
| 10 | |||
| 11 | Upstream-Status: Backport | ||
| 12 | Affects: <= 2.29.1 | ||
| 13 | CVE: CVE-2017-15023 | ||
| 14 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
| 15 | |||
| 16 | --- | ||
| 17 | bfd/ChangeLog | 5 +++++ | ||
| 18 | bfd/dwarf2.c | 7 +++++++ | ||
| 19 | 2 files changed, 12 insertions(+) | ||
| 20 | |||
| 21 | Index: git/bfd/dwarf2.c | ||
| 22 | =================================================================== | ||
| 23 | --- git.orig/bfd/dwarf2.c | ||
| 24 | +++ git/bfd/dwarf2.c | ||
| 25 | @@ -1934,6 +1934,13 @@ read_formatted_entries (struct comp_unit | ||
| 26 | data_count = _bfd_safe_read_leb128 (abfd, buf, &bytes_read, FALSE, buf_end); | ||
| 27 | buf += bytes_read; | ||
| 28 | |||
| 29 | + if (format_count == 0 && data_count != 0) | ||
| 30 | + { | ||
| 31 | + _bfd_error_handler (_("Dwarf Error: Zero format count.")); | ||
| 32 | + bfd_set_error (bfd_error_bad_value); | ||
| 33 | + return FALSE; | ||
| 34 | + } | ||
| 35 | + | ||
| 36 | /* PR 22210. Paranoia check. Don't bother running the loop | ||
| 37 | if we know that we are going to run out of buffer. */ | ||
| 38 | if (data_count > (bfd_vma) (buf_end - buf)) | ||
| 39 | Index: git/bfd/ChangeLog | ||
| 40 | =================================================================== | ||
| 41 | --- git.orig/bfd/ChangeLog | ||
| 42 | +++ git/bfd/ChangeLog | ||
| 43 | @@ -1,4 +1,9 @@ | ||
| 44 | 2017-09-25 Alan Modra <amodra@gmail.com> | ||
| 45 | + | ||
| 46 | + PR 22200 | ||
| 47 | + * dwarf2.c (read_formatted_entries): Error on format_count zero. | ||
| 48 | + | ||
| 49 | +2017-09-25 Alan Modra <amodra@gmail.com> | ||
| 50 | |||
| 51 | PR 22201 | ||
| 52 | * dwarf2.c (scan_unit_for_symbols): Ignore DW_AT_name unless it | ||