diff options
author | Anuj Mittal <anuj.mittal@intel.com> | 2019-07-25 12:02:56 +0800 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2019-09-30 16:44:41 +0100 |
commit | 552d3d8e1f14345216ed8addcf923be7772187f3 (patch) | |
tree | 850f02966d4612bbf9e74111d24ba7e13cd928c4 /meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch | |
parent | 6d2e12e79211b31cdf5ea824fb9a8be54ba9a9eb (diff) | |
download | poky-552d3d8e1f14345216ed8addcf923be7772187f3.tar.gz |
binutils: fix CVE-2019-12972 CVE-2019-9071
(From OE-Core rev: 093f0914f261a27d58ecba9c1e9d3b78a35af012)
(From OE-Core rev: 9422bf471953c8e548a369574d960791ceb28a24)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch | 51 |
1 files changed, 51 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch b/meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch new file mode 100644 index 0000000000..07d1d65467 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2019-12972.patch | |||
@@ -0,0 +1,51 @@ | |||
1 | From 30bcc01478433a1cb05b36dc5c4beef7d2c89b5b Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Modra <amodra@gmail.com> | ||
3 | Date: Fri, 21 Jun 2019 11:51:38 +0930 | ||
4 | Subject: [PATCH] PR24689, string table corruption | ||
5 | |||
6 | The testcase in the PR had a e_shstrndx section of type SHT_GROUP. | ||
7 | hdr->contents were initialized by setup_group rather than being read | ||
8 | from the file, thus last byte was not zero and string dereference ran | ||
9 | off the end of the buffer. | ||
10 | |||
11 | PR 24689 | ||
12 | * elfcode.h (elf_object_p): Check type of e_shstrndx section. | ||
13 | |||
14 | Upstream-Status: Backport | ||
15 | CVE: CVE-2019-12972 | ||
16 | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> | ||
17 | --- | ||
18 | bfd/ChangeLog | 5 +++++ | ||
19 | bfd/elfcode.h | 3 ++- | ||
20 | 2 files changed, 7 insertions(+), 1 deletion(-) | ||
21 | |||
22 | diff --git a/bfd/ChangeLog b/bfd/ChangeLog | ||
23 | index 91f09e6346..e66fb40a2c 100644 | ||
24 | --- a/bfd/ChangeLog | ||
25 | +++ b/bfd/ChangeLog | ||
26 | @@ -1,3 +1,8 @@ | ||
27 | +2019-06-21 Alan Modra <amodra@gmail.com> | ||
28 | + | ||
29 | + PR 24689 | ||
30 | + * elfcode.h (elf_object_p): Check type of e_shstrndx section. | ||
31 | + | ||
32 | 2019-02-20 Alan Modra <amodra@gmail.com> | ||
33 | |||
34 | PR 24236 | ||
35 | diff --git a/bfd/elfcode.h b/bfd/elfcode.h | ||
36 | index ec5ea766de..a35a629087 100644 | ||
37 | --- a/bfd/elfcode.h | ||
38 | +++ b/bfd/elfcode.h | ||
39 | @@ -755,7 +755,8 @@ elf_object_p (bfd *abfd) | ||
40 | /* A further sanity check. */ | ||
41 | if (i_ehdrp->e_shnum != 0) | ||
42 | { | ||
43 | - if (i_ehdrp->e_shstrndx >= elf_numsections (abfd)) | ||
44 | + if (i_ehdrp->e_shstrndx >= elf_numsections (abfd) | ||
45 | + || i_shdrp[i_ehdrp->e_shstrndx].sh_type != SHT_STRTAB) | ||
46 | { | ||
47 | /* PR 2257: | ||
48 | We used to just goto got_wrong_format_error here | ||
49 | -- | ||
50 | 2.20.1 | ||
51 | |||