diff options
| author | Virendra Thakur <virendrak@kpit.com> | 2023-12-22 12:40:41 +0530 |
|---|---|---|
| committer | Steve Sakoman <steve@sakoman.com> | 2023-12-29 05:29:14 -1000 |
| commit | 0aa12e491969eac7050b6b2c6665a3fdbc070c3d (patch) | |
| tree | 000047927b0dfdd2185bd1f56366d6203532c67b /meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch | |
| parent | 3433d043c7ecd8368400be5dcc3a9705b237dd57 (diff) | |
| download | poky-0aa12e491969eac7050b6b2c6665a3fdbc070c3d.tar.gz | |
binutils: fix multiple cve
Fix below CVE's
CVE-2022-47007
CVE-2022-47008
CVE-2022-47010
CVE-2022-47011
CVE-2022-48063
CVE-2022-47695
(From OE-Core rev: 873163936937a583278e3cd97c6226935f2faa0c)
Signed-off-by: Virendra Thakur <virendrak@kpit.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch')
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch | 57 |
1 files changed, 57 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch b/meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch new file mode 100644 index 0000000000..101a4cdb4e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2022-47695.patch | |||
| @@ -0,0 +1,57 @@ | |||
| 1 | From 3d3af4ba39e892b1c544d667ca241846bc3df386 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Alan Modra <amodra@gmail.com> | ||
| 3 | Date: Sun, 4 Dec 2022 22:15:40 +1030 | ||
| 4 | Subject: [PATCH] PR29846, segmentation fault in objdump.c compare_symbols | ||
| 5 | |||
| 6 | Fixes a fuzzed object file problem where plt relocs were manipulated | ||
| 7 | in such a way that two synthetic symbols were generated at the same | ||
| 8 | plt location. Won't occur in real object files. | ||
| 9 | |||
| 10 | PR 29846 | ||
| 11 | PR 20337 | ||
| 12 | * objdump.c (compare_symbols): Test symbol flags to exclude | ||
| 13 | section and synthetic symbols before attempting to check flavour. | ||
| 14 | Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=3d3af4ba39e892b1c544d667ca241846bc3df386] | ||
| 15 | CVE: CVE-2022-47695 | ||
| 16 | Signed-off-by: Virendra Thakur <virendrak@kpit.com> | ||
| 17 | Comment: Patch refreshed based on codebase. | ||
| 18 | --- | ||
| 19 | binutils/objdump.c | 23 ++++++++++------------- | ||
| 20 | 1 file changed, 10 insertions(+), 13 deletions(-) | ||
| 21 | |||
| 22 | diff --git a/binutils/objdump.c b/binutils/objdump.c | ||
| 23 | index e8481b2d928..d95c8b68bf0 100644 | ||
| 24 | --- a/binutils/objdump.c | ||
| 25 | +++ b/binutils/objdump.c | ||
| 26 | @@ -935,20 +935,17 @@ | ||
| 27 | return 1; | ||
| 28 | } | ||
| 29 | |||
| 30 | - if (bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour | ||
| 31 | + /* Sort larger size ELF symbols before smaller. See PR20337. */ | ||
| 32 | + bfd_vma asz = 0; | ||
| 33 | + if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 | ||
| 34 | + && bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour) | ||
| 35 | + asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; | ||
| 36 | + bfd_vma bsz = 0; | ||
| 37 | + if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 | ||
| 38 | && bfd_get_flavour (bfd_asymbol_bfd (b)) == bfd_target_elf_flavour) | ||
| 39 | - { | ||
| 40 | - bfd_vma asz, bsz; | ||
| 41 | - | ||
| 42 | - asz = 0; | ||
| 43 | - if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) | ||
| 44 | - asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size; | ||
| 45 | - bsz = 0; | ||
| 46 | - if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) | ||
| 47 | - bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; | ||
| 48 | - if (asz != bsz) | ||
| 49 | - return asz > bsz ? -1 : 1; | ||
| 50 | - } | ||
| 51 | + bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size; | ||
| 52 | + if (asz != bsz) | ||
| 53 | + return asz > bsz ? -1 : 1; | ||
| 54 | |||
| 55 | /* Symbols that start with '.' might be section names, so sort them | ||
| 56 | after symbols that don't start with '.'. */ | ||
| 57 | |||