diff options
author | Zhixiong Chi <zhixiong.chi@windriver.com> | 2018-11-05 22:43:41 -0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-11-09 15:27:34 +0000 |
commit | b9feb4e46b8a45910ba7002a431b137454f05909 (patch) | |
tree | 848704e39a8476b03fb3a6515462b0c835ca3248 /meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch | |
parent | 0814e48a0812a739ac59b76a4592465b718b5030 (diff) | |
download | poky-b9feb4e46b8a45910ba7002a431b137454f05909.tar.gz |
binutils: fix four CVE issues
Backport the CVE patches from the binutils upstream.
(From OE-Core rev: 84bb9c0514ecbd7c31935c22062b18b4aaefbef1)
Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch b/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch new file mode 100644 index 0000000000..d6c7067715 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2018-18605.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From ab419ddbb2cdd17ca83618990f2cacf904ce1d61 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Modra <amodra@gmail.com> | ||
3 | Date: Tue, 23 Oct 2018 18:29:24 +1030 | ||
4 | Subject: [PATCH] PR23804, buffer overflow in sec_merge_hash_lookup | ||
5 | |||
6 | PR 23804 | ||
7 | * merge.c (_bfd_add_merge_section): Don't attempt to merge | ||
8 | sections where size is not a multiple of entsize. | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | CVE: CVE-2018-18605 | ||
12 | Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com> | ||
13 | --- | ||
14 | bfd/ChangeLog | 6 ++++++ | ||
15 | bfd/merge.c | 3 +++ | ||
16 | 2 files changed, 9 insertions(+) | ||
17 | |||
18 | diff --git a/bfd/ChangeLog b/bfd/ChangeLog | ||
19 | index 31ff3d6..da423b1 100644 | ||
20 | --- a/bfd/ChangeLog | ||
21 | +++ b/bfd/ChangeLog | ||
22 | @@ -1,3 +1,9 @@ | ||
23 | +2018-10-23 Alan Modra <amodra@gmail.com> | ||
24 | + | ||
25 | + PR 23804 | ||
26 | + * merge.c (_bfd_add_merge_section): Don't attempt to merge | ||
27 | + sections where size is not a multiple of entsize. | ||
28 | + | ||
29 | 2018-10-13 Alan Modra <amodra@gmail.com> | ||
30 | |||
31 | PR 23770 | ||
32 | diff --git a/bfd/merge.c b/bfd/merge.c | ||
33 | index 7904552..5e3bba0 100644 | ||
34 | --- a/bfd/merge.c | ||
35 | +++ b/bfd/merge.c | ||
36 | @@ -376,6 +376,9 @@ _bfd_add_merge_section (bfd *abfd, void **psinfo, asection *sec, | ||
37 | || sec->entsize == 0) | ||
38 | return TRUE; | ||
39 | |||
40 | + if (sec->size % sec->entsize != 0) | ||
41 | + return TRUE; | ||
42 | + | ||
43 | if ((sec->flags & SEC_RELOC) != 0) | ||
44 | { | ||
45 | /* We aren't prepared to handle relocations in merged sections. */ | ||
46 | -- | ||
47 | 2.9.3 | ||