diff options
author | Armin Kuster <akuster@mvista.com> | 2018-08-06 15:29:00 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-08-15 10:22:45 +0100 |
commit | bc5c5f19b6333c768282f1358a9041c285af3779 (patch) | |
tree | 2cdc592519cf5008218d8d79d07eb12f627e30a3 /meta/recipes-devtools/binutils | |
parent | b38088da6a8685d934c772fe864d16e952c0c0b9 (diff) | |
download | poky-bc5c5f19b6333c768282f1358a9041c285af3779.tar.gz |
binutls: Security fix for CVE-2017-14939
Affects: <= 2.29.1
(From OE-Core rev: 03fb0028d76d18bac48b333f743ce27e21324d59)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.29.1.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch | 56 |
2 files changed, 57 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index c7c755fcb3..4abfbbf76b 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc | |||
@@ -42,6 +42,7 @@ SRC_URI = "\ | |||
42 | file://CVE-2017-14933_p2.patch \ | 42 | file://CVE-2017-14933_p2.patch \ |
43 | file://CVE-2017-14934.patch \ | 43 | file://CVE-2017-14934.patch \ |
44 | file://CVE-2017-14938.patch \ | 44 | file://CVE-2017-14938.patch \ |
45 | file://CVE-2017-14939.patch \ | ||
45 | " | 46 | " |
46 | S = "${WORKDIR}/git" | 47 | S = "${WORKDIR}/git" |
47 | 48 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch new file mode 100644 index 0000000000..d1e4c3e609 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14939.patch | |||
@@ -0,0 +1,56 @@ | |||
1 | From 515f23e63c0074ab531bc954f84ca40c6281a724 Mon Sep 17 00:00:00 2001 | ||
2 | From: Alan Modra <amodra@gmail.com> | ||
3 | Date: Sun, 24 Sep 2017 14:36:16 +0930 | ||
4 | Subject: [PATCH] PR22169, heap-based buffer overflow in read_1_byte | ||
5 | |||
6 | The .debug_line header length field doesn't include the length field | ||
7 | itself, ie. it's the size of the rest of .debug_line. | ||
8 | |||
9 | PR 22169 | ||
10 | * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. | ||
11 | |||
12 | Upstream-Status: Backport | ||
13 | Affects: <= 2.29.1 | ||
14 | CVE: CVE-2017-14939 | ||
15 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
16 | |||
17 | --- | ||
18 | bfd/ChangeLog | 5 +++++ | ||
19 | bfd/dwarf2.c | 7 ++++--- | ||
20 | 2 files changed, 9 insertions(+), 3 deletions(-) | ||
21 | |||
22 | Index: git/bfd/dwarf2.c | ||
23 | =================================================================== | ||
24 | --- git.orig/bfd/dwarf2.c | ||
25 | +++ git/bfd/dwarf2.c | ||
26 | @@ -2084,12 +2084,13 @@ decode_line_info (struct comp_unit *unit | ||
27 | offset_size = 8; | ||
28 | } | ||
29 | |||
30 | - if (unit->line_offset + lh.total_length > stash->dwarf_line_size) | ||
31 | + if (lh.total_length > (size_t) (line_end - line_ptr)) | ||
32 | { | ||
33 | _bfd_error_handler | ||
34 | /* xgettext: c-format */ | ||
35 | - (_("Dwarf Error: Line info data is bigger (%#Lx) than the space remaining in the section (%#Lx)"), | ||
36 | - lh.total_length, stash->dwarf_line_size - unit->line_offset); | ||
37 | + (_("Dwarf Error: Line info data is bigger (%#Lx)" | ||
38 | + " than the space remaining in the section (%#lx)"), | ||
39 | + lh.total_length, (unsigned long) (line_end - line_ptr)); | ||
40 | bfd_set_error (bfd_error_bad_value); | ||
41 | return NULL; | ||
42 | } | ||
43 | Index: git/bfd/ChangeLog | ||
44 | =================================================================== | ||
45 | --- git.orig/bfd/ChangeLog | ||
46 | +++ git/bfd/ChangeLog | ||
47 | @@ -1,4 +1,9 @@ | ||
48 | 2017-09-24 Alan Modra <amodra@gmail.com> | ||
49 | + | ||
50 | + PR 22169 | ||
51 | + * dwarf2.c (decode_line_info): Correct .debug_line unit_length check. | ||
52 | + | ||
53 | +2017-09-24 Alan Modra <amodra@gmail.com> | ||
54 | |||
55 | PR 22166 | ||
56 | * elf.c (_bfd_elf_slurp_version_tables): Test sh_info on | ||