binutils: several security fixes

CVE-2014-8484
CVE-2014-8485
CVE-2014-8501
CVE-2014-8502
CVE-2014-8503
CVE-2014-8504
CVE-2014-8737

and one supporting patch.

[Yocto # 7084]

(From OE-Core rev: 859fb4d9ec6974be9ce755e4ffefd9b199f3604c)

(From OE-Core rev: d2b2d8c9ce3ef16ab053bd19a5705b01402b76ba)

(From OE-Core rev: 2343cdb81ddef875dc3d52b07565b4ce9b3a14a4)

Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 67 insertions, 0 deletions

diff --git a/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch b/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch
new file mode 100644
index 0000000000..e789499477
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/binutils_CVE-2014-8484.patch
@@ -0,0 +1,67 @@
+Upstream-Status: Backport
+
+CVE-2014-8484 fix.
+
+[YOCTO #7084]
+
+Signed-off-by: Armin Kuster <akuster808@gmail.com>
+
+From bd25671c6f202c4a5108883caa2adb24ff6f361f Mon Sep 17 00:00:00 2001
+From: Alan Modra <amodra@gmail.com>
+Date: Fri, 29 Aug 2014 10:36:29 +0930
+Subject: [PATCH] Report an error for S-records with less than the miniumum
+ size
+
+        * srec.c (srec_scan): Revert last change.  Report an error for
+        S-records with less than the miniumum byte count.
+---
+ bfd/ChangeLog |  5 +++++
+ bfd/srec.c    | 18 +++++++++++++++---
+ 2 files changed, 20 insertions(+), 3 deletions(-)
+
+Index: binutils-2.24/bfd/srec.c
+===================================================================
+--- binutils-2.24.orig/bfd/srec.c
++++ binutils-2.24/bfd/srec.c
+@@ -455,7 +455,7 @@ srec_scan (bfd *abfd)
+          {
+            file_ptr pos;
+            char hdr[3];
+-           unsigned int bytes;
++           unsigned int bytes, min_bytes;
+            bfd_vma address;
+            bfd_byte *data;
+            unsigned char check_sum;
+@@ -478,6 +478,19 @@ srec_scan (bfd *abfd)
+              }
+ 
+            check_sum = bytes = HEX (hdr + 1);
++           min_bytes = 3;
++           if (hdr[0] == '2' || hdr[0] == '8')
++             min_bytes = 4;
++           else if (hdr[0] == '3' || hdr[0] == '7')
++             min_bytes = 5;
++           if (bytes < min_bytes)
++             {
++               (*_bfd_error_handler) (_("%B:%d: byte count %d too small\n"),
++                                      abfd, lineno, bytes);
++               bfd_set_error (bfd_error_bad_value);
++               goto error_return;
++             }
++
+            if (bytes * 2 > bufsize)
+              {
+                if (buf != NULL)
+Index: binutils-2.24/bfd/ChangeLog
+===================================================================
+--- binutils-2.24.orig/bfd/ChangeLog
++++ binutils-2.24/bfd/ChangeLog
+@@ -1,3 +1,8 @@
++2014-08-29  Alan Modra  <amodra@gmail.com>
++
++       * srec.c (srec_scan): Revert last change.  Report an error for
++       S-records with less than the miniumum byte count.
++
+ 2013-12-02  Tristan Gingold  <gingold@adacore.com>
+ 
+        * configure.in: Bump version to 2.24