binutils: Fix CVE-2022-47007

(From OE-Core rev: 3f335913bbbabf48db1749d197c3bfaac9fb7236) Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Deepthi Hemraj <Deepthi.Hemraj@windriver.com> 2023-11-21 03:51:13 -0800
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2023-11-23 12:46:42 +0000
commit: b7f0164393a2612d741eb9df89e5a3ddda632e75 (patch)
tree: 7eea81a2320cb501c121230aa77a4797f38fc270
parent: 97170cf8ea1b5ff509c78b85a1c9f1039e8895bf (diff)
download: poky-b7f0164393a2612d741eb9df89e5a3ddda632e75.tar.gz
2 files changed, 36 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.41.inc b/meta/recipes-devtools/binutils/binutils-2.41.inc
index b4934c02a8..bba87abba2 100644
--- a/meta/recipes-devtools/binutils/binutils-2.41.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.41.inc
@@ -34,5 +34,6 @@ SRC_URI = "\
     file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \
     file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \
     file://0015-gprofng-Fix-build-with-64bit-file-offset-on-32bit-ma.patch \
+     file://0016-CVE-2022-47007.patch \
 "
 S  = "${WORKDIR}/git"
diff --git a/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch b/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch
new file mode 100644
index 0000000000..75ad6ad3ba
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch
@@ -0,0 +1,35 @@
+From: Alan Modra <amodra@gmail.com>
+Date: Thu, 16 Jun 2022 23:30:41 +0000 (+0930)
+Subject: PR29254, memory leak in stab_demangle_v3_arg
+X-Git-Tag: binutils-2_39~237
+X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb
+PR29254, memory leak in stab_demangle_v3_arg
+        PR 29254
+        * stabs.c (stab_demangle_v3_arg): Free dt on failure path.
+Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb]
+CVE: CVE-2022-47007
+Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
+---
+diff --git a/binutils/stabs.c b/binutils/stabs.c
+index 2b5241637c1..796ff85b86a 100644
+--- a/binutils/stabs.c
+++ b/binutils/stabs.c
+@@ -5467,7 +5467,10 @@ stab_demangle_v3_arg (void *dhandle, struct stab_handle *info,
+                                          dc->u.s_binary.right,
+                                          &varargs);
+        if (pargs == NULL)
+-         return NULL;
+         {
+           free (dt);
+           return NULL;
+         }
+ 
+        return debug_make_function_type (dhandle, dt, pargs, varargs);
+       }
author	Deepthi Hemraj <Deepthi.Hemraj@windriver.com>	2023-11-21 03:51:13 -0800
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2023-11-23 12:46:42 +0000
commit	b7f0164393a2612d741eb9df89e5a3ddda632e75 (patch)
tree	7eea81a2320cb501c121230aa77a4797f38fc270
parent	97170cf8ea1b5ff509c78b85a1c9f1039e8895bf (diff)
download	poky-b7f0164393a2612d741eb9df89e5a3ddda632e75.tar.gz

diff --git a/meta/recipes-devtools/binutils/binutils-2.41.inc b/meta/recipes-devtools/binutils/binutils-2.41.inc index b4934c02a8..bba87abba2 100644 --- a/meta/recipes-devtools/binutils/binutils-2.41.inc +++ b/meta/recipes-devtools/binutils/binutils-2.41.inc
@@ -34,5 +34,6 @@ SRC_URI = "\
34	file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \	34	file://0013-Define-alignof-using-_Alignof-when-using-C11-or-newe.patch \
35	file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \	35	file://0014-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \
36	file://0015-gprofng-Fix-build-with-64bit-file-offset-on-32bit-ma.patch \	36	file://0015-gprofng-Fix-build-with-64bit-file-offset-on-32bit-ma.patch \
		37	file://0016-CVE-2022-47007.patch \
37	"	38	"
38	S = "${WORKDIR}/git"	39	S = "${WORKDIR}/git"


diff --git a/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch b/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch new file mode 100644 index 0000000000..75ad6ad3ba --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0016-CVE-2022-47007.patch
@@ -0,0 +1,35 @@
		1	From: Alan Modra <amodra@gmail.com>
		2	Date: Thu, 16 Jun 2022 23:30:41 +0000 (+0930)
		3	Subject: PR29254, memory leak in stab_demangle_v3_arg
		4	X-Git-Tag: binutils-2_39~237
		5	X-Git-Url: https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb
		6
		7	PR29254, memory leak in stab_demangle_v3_arg
		8
		9	PR 29254
		10	* stabs.c (stab_demangle_v3_arg): Free dt on failure path.
		11
		12	Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff_plain;h=0ebc886149c22aceaf8ed74267821a59ca9d03eb]
		13
		14	CVE: CVE-2022-47007
		15
		16	Signed-off-by: Deepthi Hemraj <Deepthi.Hemraj@windriver.com>
		17
		18	---
		19
		20	diff --git a/binutils/stabs.c b/binutils/stabs.c
		21	index 2b5241637c1..796ff85b86a 100644
		22	--- a/binutils/stabs.c
		23	+++ b/binutils/stabs.c
		24	@@ -5467,7 +5467,10 @@ stab_demangle_v3_arg (void dhandle, struct stab_handle info,
		25	dc->u.s_binary.right,
		26	&varargs);
		27	if (pargs == NULL)
		28	- return NULL;
		29	+ {
		30	+ free (dt);
		31	+ return NULL;
		32	+ }
		33
		34	return debug_make_function_type (dhandle, dt, pargs, varargs);
		35	}