diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-21 19:32:24 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:10:08 +0000 |
commit | 1e97a1e6619a2fcb11b77eb117a79edeb552d66c (patch) | |
tree | 9c123d080eee5354247a4b46b3a066be21f28bac /meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch | |
parent | 5f6bb8fe3d884e8f272f3aca2486d0f68e384977 (diff) | |
download | poky-1e97a1e6619a2fcb11b77eb117a79edeb552d66c.tar.gz |
binutils: CVE-2017-9755
Source: binutils-gdb.git
MR: 73932
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: 49ad5f3244cd51ee6714c1b60cc1c3f84d7de7c8
Description:
i386-dis: Add 2 tests with invalid bnd register
PR binutils/21594
* testsuite/gas/i386/mpx.s: Add 2 tests with invalid bnd
register.
* testsuite/gas/i386/x86-64-mpx.s: Likewise.
* testsuite/gas/i386/mpx.d: Updated.
* testsuite/gas/i386/x86-64-mpx.d: Likewise.
i386-dis: Check valid bnd register
Since there are only 4 bnd registers, return "(bad)" for register
number > 3.
PR binutils/21594
* i386-dis.c (OP_E_register): Check valid bnd register.
(OP_G): Likewise.
Affects: <= 2.28
Author: H.J. Lu <hjl.tools@gmail.com>
(From OE-Core rev: 98b66508f8b382f047d12df430b6e812a9336ab9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch | 60 |
1 files changed, 60 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch new file mode 100644 index 0000000000..3ad32189b1 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9755_1.patch | |||
@@ -0,0 +1,60 @@ | |||
1 | commit 0d96e4df4812c3bad77c229dfef47a9bc115ac12 | ||
2 | Author: H.J. Lu <hjl.tools@gmail.com> | ||
3 | Date: Thu Jun 15 06:40:17 2017 -0700 | ||
4 | |||
5 | i386-dis: Check valid bnd register | ||
6 | |||
7 | Since there are only 4 bnd registers, return "(bad)" for register | ||
8 | number > 3. | ||
9 | |||
10 | PR binutils/21594 | ||
11 | * i386-dis.c (OP_E_register): Check valid bnd register. | ||
12 | (OP_G): Likewise. | ||
13 | |||
14 | Upstream-Status: Backport | ||
15 | |||
16 | CVE: CVE-2017-9755 | ||
17 | Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> | ||
18 | |||
19 | Index: git/opcodes/i386-dis.c | ||
20 | =================================================================== | ||
21 | --- git.orig/opcodes/i386-dis.c 2017-09-21 15:38:46.907182525 +0530 | ||
22 | +++ git/opcodes/i386-dis.c 2017-09-21 15:38:54.703174976 +0530 | ||
23 | @@ -15211,6 +15211,11 @@ | ||
24 | names = address_mode == mode_64bit ? names64 : names32; | ||
25 | break; | ||
26 | case bnd_mode: | ||
27 | + if (reg > 0x3) | ||
28 | + { | ||
29 | + oappend ("(bad)"); | ||
30 | + return; | ||
31 | + } | ||
32 | names = names_bnd; | ||
33 | break; | ||
34 | case indir_v_mode: | ||
35 | @@ -15751,6 +15756,11 @@ | ||
36 | oappend (names64[modrm.reg + add]); | ||
37 | break; | ||
38 | case bnd_mode: | ||
39 | + if (modrm.reg > 0x3) | ||
40 | + { | ||
41 | + oappend ("(bad)"); | ||
42 | + return; | ||
43 | + } | ||
44 | oappend (names_bnd[modrm.reg]); | ||
45 | break; | ||
46 | case v_mode: | ||
47 | Index: git/opcodes/ChangeLog | ||
48 | =================================================================== | ||
49 | --- git.orig/opcodes/ChangeLog 2017-09-21 15:38:54.531175122 +0530 | ||
50 | +++ git/opcodes/ChangeLog 2017-09-21 15:45:32.264491166 +0530 | ||
51 | @@ -1,3 +1,9 @@ | ||
52 | +2017-06-15 H.J. Lu <hongjiu.lu@intel.com> | ||
53 | + | ||
54 | + PR binutils/21594 | ||
55 | + * i386-dis.c (OP_E_register): Check valid bnd register. | ||
56 | + (OP_G): Likewise. | ||
57 | + | ||
58 | 2017-06-15 Nick Clifton <nickc@redhat.com> | ||
59 | |||
60 | PR binutils/21586 | ||