binutils: CVE-2017-8396

Source: git://sourceware.org/git/binutils-gdb.git
MR: 74101
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: db47540066f83529439566f8621d6e35fe86b77c
Description:

buffer overflow in perform_relocation

The existing reloc offset range tests didn't catch small negative
offsets less than the size of the reloc field.

PR 21432
 * reloc.c (reloc_offset_in_range): New function.
   (bfd_perform_relocation, bfd_install_relocation): Use it.
   (_bfd_final_link_relocate): Likewise.

Affects: <= 2.29
Author: Alan Modra <amodra@gmail.com>
(From OE-Core rev: e5aa4adaddbae184bbbb1c42f79c1deba931c72a)

Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 1 insertions, 0 deletions

diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc
index 23aac6bd5e..014655f7df 100644
--- a/meta/recipes-devtools/binutils/binutils-2.27.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.27.inc
@@ -71,6 +71,7 @@ SRC_URI = "\
      file://CVE-2017-8395.patch \
      file://CVE-2017-8397.patch \
      file://CVE-2017-7300.patch \
+     file://CVE-2017-8396.patch \
 "
 S  = "${WORKDIR}/git"