diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-21 20:35:41 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:10:09 +0000 |
commit | e7f53f5fe5f5977c2f5fe206052e8c6d0b3bd1a2 (patch) | |
tree | 1a0a44389b788f97b3e49fd9753610616f6b526c /meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch | |
parent | ab884ff9a788aa9f1f844407e4cb1dac419447e5 (diff) | |
download | poky-e7f53f5fe5f5977c2f5fe206052e8c6d0b3bd1a2.tar.gz |
binutils: CVE-2017-9955
Source: binutils-gdb.git
MR: 73893
Type: Security Fix
Disposition: Backport from 'binutils-gdb.git/master' branch
ChangeID: 94c3ef8c1fa2e84e84ad76fb45307848d98817c8
Description:
PR 21665 : Fixed multiple heap based buffer overflow
Affects: <= 2.28
Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: a36978f0dd372ec836f63942f965652ca3716e3f)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch | 44 |
1 files changed, 44 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch new file mode 100644 index 0000000000..c8741b13ca --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9955_3.patch | |||
@@ -0,0 +1,44 @@ | |||
1 | commit 1f473e3d0ad285195934e6a077c7ed32afe66437 | ||
2 | Author: H.J. Lu <hjl.tools@gmail.com> | ||
3 | Date: Mon Jun 26 15:47:16 2017 -0700 | ||
4 | |||
5 | Add a missing line to _bfd_generic_get_section_contents_in_window | ||
6 | |||
7 | PR binutils/21665 | ||
8 | * libbfd.c (_bfd_generic_get_section_contents_in_window): Add | ||
9 | a missing line. | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | |||
13 | CVE: CVE-2017-9955 | ||
14 | Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> | ||
15 | |||
16 | Index: git/bfd/libbfd.c | ||
17 | =================================================================== | ||
18 | --- git.orig/bfd/libbfd.c 2017-09-21 17:57:11.424955516 +0530 | ||
19 | +++ git/bfd/libbfd.c 2017-09-21 17:58:57.000000000 +0530 | ||
20 | @@ -867,6 +867,7 @@ | ||
21 | else | ||
22 | sz = section->size; | ||
23 | filesz = bfd_get_file_size (abfd); | ||
24 | + if (filesz < 0) | ||
25 | { | ||
26 | /* This should never happen. */ | ||
27 | abort (); | ||
28 | Index: git/bfd/ChangeLog | ||
29 | =================================================================== | ||
30 | --- git.orig/bfd/ChangeLog 2017-09-21 17:57:11.424955516 +0530 | ||
31 | +++ git/bfd/ChangeLog 2017-09-21 18:01:32.258884464 +0530 | ||
32 | @@ -14,6 +14,12 @@ | ||
33 | 2017-06-26 H.J. Lu <hongjiu.lu@intel.com> | ||
34 | |||
35 | PR binutils/21665 | ||
36 | + * libbfd.c (_bfd_generic_get_section_contents_in_window): Add | ||
37 | + a missing line. | ||
38 | + | ||
39 | +2017-06-26 H.J. Lu <hongjiu.lu@intel.com> | ||
40 | + | ||
41 | + PR binutils/21665 | ||
42 | * compress.c (bfd_get_full_section_contents): Don't check the | ||
43 | file size here. | ||
44 | * libbfd.c (_bfd_generic_get_section_contents): Check for and | ||