diff options
| author | Armin Kuster <akuster@mvista.com> | 2019-08-31 08:40:01 -0700 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-10-08 22:52:28 +0100 |
| commit | 09d46e91317a9f03d4057b8a3f0dc6d0926817a6 (patch) | |
| tree | cedef4cc16e6ff629693524eafe34da53d907959 | |
| parent | 0f7e6681a825105150a367d94b73f36040a2b9c9 (diff) | |
| download | poky-09d46e91317a9f03d4057b8a3f0dc6d0926817a6.tar.gz | |
gcc: Security fix for CVE-2019-14250
Source: gcc.org
MR: 99120
Type: Security Fix
Disposition: Backport from https://gcc.gnu.org/viewcvs?rev=273794&root=gcc&view=rev
ChangeID: 28ab763c18f1543607181cd9657f45f7752b6fcb
Description:
Affects < 9.2
(From OE-Core rev: 79205966072bb6179d96b3af5aabc521da83e841)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
| -rw-r--r-- | meta/recipes-devtools/gcc/gcc-8.2.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch | 44 |
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-8.2.inc b/meta/recipes-devtools/gcc/gcc-8.2.inc index 866a77558b..bd95ccda09 100644 --- a/meta/recipes-devtools/gcc/gcc-8.2.inc +++ b/meta/recipes-devtools/gcc/gcc-8.2.inc | |||
| @@ -73,6 +73,7 @@ SRC_URI = "\ | |||
| 73 | ${BACKPORTS} \ | 73 | ${BACKPORTS} \ |
| 74 | " | 74 | " |
| 75 | BACKPORTS = "\ | 75 | BACKPORTS = "\ |
| 76 | file://CVE-2019-14250.patch \ | ||
| 76 | " | 77 | " |
| 77 | SRC_URI[md5sum] = "4ab282f414676496483b3e1793d07862" | 78 | SRC_URI[md5sum] = "4ab282f414676496483b3e1793d07862" |
| 78 | SRC_URI[sha256sum] = "196c3c04ba2613f893283977e6011b2345d1cd1af9abeac58e916b1aab3e0080" | 79 | SRC_URI[sha256sum] = "196c3c04ba2613f893283977e6011b2345d1cd1af9abeac58e916b1aab3e0080" |
diff --git a/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch b/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch new file mode 100644 index 0000000000..e327684e16 --- /dev/null +++ b/meta/recipes-devtools/gcc/gcc-8.2/CVE-2019-14250.patch | |||
| @@ -0,0 +1,44 @@ | |||
| 1 | From a4f1b58eb48b349a5f353bc69c30be553506d33b Mon Sep 17 00:00:00 2001 | ||
| 2 | From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4> | ||
| 3 | Date: Thu, 25 Jul 2019 10:48:26 +0000 | ||
| 4 | Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de> | ||
| 5 | |||
| 6 | PR lto/90924 | ||
| 7 | Backport from mainline | ||
| 8 | 2019-07-12 Ren Kimura <rkx1209dev@gmail.com> | ||
| 9 | |||
| 10 | * simple-object-elf.c (simple_object_elf_match): Check zero value | ||
| 11 | shstrndx. | ||
| 12 | |||
| 13 | |||
| 14 | git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-8-branch@273794 138bc75d-0d04-0410-961f-82ee72b054a4 | ||
| 15 | |||
| 16 | Upstream-Status: Backport | ||
| 17 | Affectes: < 9.2 | ||
| 18 | CVE: CVE-2019-14250 | ||
| 19 | Dropped changelog | ||
| 20 | Signed-off-by: Armin Kuster <Akustre@mvista.com> | ||
| 21 | |||
| 22 | --- | ||
| 23 | libiberty/simple-object-elf.c | 8 ++++++++ | ||
| 24 | 2 files changed, 17 insertions(+) | ||
| 25 | |||
| 26 | Index: gcc-8.2.0/libiberty/simple-object-elf.c | ||
| 27 | =================================================================== | ||
| 28 | --- gcc-8.2.0.orig/libiberty/simple-object-elf.c | ||
| 29 | +++ gcc-8.2.0/libiberty/simple-object-elf.c | ||
| 30 | @@ -549,6 +549,14 @@ simple_object_elf_match (unsigned char h | ||
| 31 | return NULL; | ||
| 32 | } | ||
| 33 | |||
| 34 | + if (eor->shstrndx == 0) | ||
| 35 | + { | ||
| 36 | + *errmsg = "invalid ELF shstrndx == 0"; | ||
| 37 | + *err = 0; | ||
| 38 | + XDELETE (eor); | ||
| 39 | + return NULL; | ||
| 40 | + } | ||
| 41 | + | ||
| 42 | return (void *) eor; | ||
| 43 | } | ||
| 44 | |||