diff options
author | Armin Kuster <akuster@mvista.com> | 2017-06-21 08:07:20 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:10:07 +0000 |
commit | a69088e788f7149d98d1f50ae8de2fbe1bc01411 (patch) | |
tree | a1341cd7b57b92abdee534047f1e71f6faac2383 /meta/recipes-devtools/binutils | |
parent | bd7388283bfff81073b0c780566999228ba66ef8 (diff) | |
download | poky-a69088e788f7149d98d1f50ae8de2fbe1bc01411.tar.gz |
binutis: Security fix CVE-2017-7614
Source: binutils-gbd.git
MR: 71732
Type: Security Fix
Disposition: Backport from https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b814a36d3440de95f2ac6eaa4fc7935c322ea456
ChangeID: 44d3f2d902013f6e8faf485bf736106a11603e16
Description:
minor change to get changelog to apply
Affects: binutils < 2.28
(From OE-Core rev: 72dc7aa95afb64bc9ff070e5c2b372d2db6ac5c6)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Reviewed-by Jeremy Puhlman <jpuhlman@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-7614.patch | 105 |
2 files changed, 106 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index 0936d974d4..22f02e9349 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc | |||
@@ -45,6 +45,7 @@ SRC_URI = "\ | |||
45 | file://CVE-2017-6969_2.patch \ | 45 | file://CVE-2017-6969_2.patch \ |
46 | file://CVE-2017-7209.patch \ | 46 | file://CVE-2017-7209.patch \ |
47 | file://CVE-2017-7210.patch \ | 47 | file://CVE-2017-7210.patch \ |
48 | file://CVE-2017-7614.patch \ | ||
48 | " | 49 | " |
49 | S = "${WORKDIR}/git" | 50 | S = "${WORKDIR}/git" |
50 | 51 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7614.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7614.patch new file mode 100644 index 0000000000..0fb32b3e26 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7614.patch | |||
@@ -0,0 +1,105 @@ | |||
1 | From ad32986fdf9da1c8748e47b8b45100398223dba8 Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Clifton <nickc@redhat.com> | ||
3 | Date: Tue, 4 Apr 2017 11:23:36 +0100 | ||
4 | Subject: [PATCH] Fix null pointer dereferences when using a link built with | ||
5 | clang. | ||
6 | |||
7 | PR binutils/21342 | ||
8 | * elflink.c (_bfd_elf_define_linkage_sym): Prevent null pointer | ||
9 | dereference. | ||
10 | (bfd_elf_final_link): Only initialize the extended symbol index | ||
11 | section if there are extended symbol tables to list. | ||
12 | |||
13 | Upstream-Status: Backport | ||
14 | https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ad32986fdf9da1c8748e47b8b45100398223dba8 | ||
15 | |||
16 | CVE: CVE-2017-7614 | ||
17 | |||
18 | Singed-off-by: Armin Kuster <akuster@mvista.com> | ||
19 | |||
20 | --- | ||
21 | bfd/elflink.c | 35 +++++++++++++++++++++-------------- | ||
22 | 2 files changed, 29 insertions(+), 14 deletions(-) | ||
23 | |||
24 | Index: git/bfd/elflink.c | ||
25 | =================================================================== | ||
26 | --- git.orig/bfd/elflink.c | ||
27 | +++ git/bfd/elflink.c | ||
28 | @@ -118,15 +118,18 @@ _bfd_elf_define_linkage_sym (bfd *abfd, | ||
29 | defined in shared libraries can't be overridden, because we | ||
30 | lose the link to the bfd which is via the symbol section. */ | ||
31 | h->root.type = bfd_link_hash_new; | ||
32 | + bh = &h->root; | ||
33 | } | ||
34 | + else | ||
35 | + bh = NULL; | ||
36 | |||
37 | - bh = &h->root; | ||
38 | bed = get_elf_backend_data (abfd); | ||
39 | if (!_bfd_generic_link_add_one_symbol (info, abfd, name, BSF_GLOBAL, | ||
40 | sec, 0, NULL, FALSE, bed->collect, | ||
41 | &bh)) | ||
42 | return NULL; | ||
43 | h = (struct elf_link_hash_entry *) bh; | ||
44 | + BFD_ASSERT (h != NULL); | ||
45 | h->def_regular = 1; | ||
46 | h->non_elf = 0; | ||
47 | h->root.linker_def = 1; | ||
48 | @@ -11789,24 +11792,28 @@ bfd_elf_final_link (bfd *abfd, struct bf | ||
49 | { | ||
50 | /* Finish up and write out the symbol string table (.strtab) | ||
51 | section. */ | ||
52 | - Elf_Internal_Shdr *symstrtab_hdr; | ||
53 | + Elf_Internal_Shdr *symstrtab_hdr = NULL; | ||
54 | file_ptr off = symtab_hdr->sh_offset + symtab_hdr->sh_size; | ||
55 | |||
56 | - symtab_shndx_hdr = & elf_symtab_shndx_list (abfd)->hdr; | ||
57 | - if (symtab_shndx_hdr != NULL && symtab_shndx_hdr->sh_name != 0) | ||
58 | + if (elf_symtab_shndx_list (abfd)) | ||
59 | { | ||
60 | - symtab_shndx_hdr->sh_type = SHT_SYMTAB_SHNDX; | ||
61 | - symtab_shndx_hdr->sh_entsize = sizeof (Elf_External_Sym_Shndx); | ||
62 | - symtab_shndx_hdr->sh_addralign = sizeof (Elf_External_Sym_Shndx); | ||
63 | - amt = bfd_get_symcount (abfd) * sizeof (Elf_External_Sym_Shndx); | ||
64 | - symtab_shndx_hdr->sh_size = amt; | ||
65 | + symtab_shndx_hdr = & elf_symtab_shndx_list (abfd)->hdr; | ||
66 | |||
67 | - off = _bfd_elf_assign_file_position_for_section (symtab_shndx_hdr, | ||
68 | - off, TRUE); | ||
69 | + if (symtab_shndx_hdr != NULL && symtab_shndx_hdr->sh_name != 0) | ||
70 | + { | ||
71 | + symtab_shndx_hdr->sh_type = SHT_SYMTAB_SHNDX; | ||
72 | + symtab_shndx_hdr->sh_entsize = sizeof (Elf_External_Sym_Shndx); | ||
73 | + symtab_shndx_hdr->sh_addralign = sizeof (Elf_External_Sym_Shndx); | ||
74 | + amt = bfd_get_symcount (abfd) * sizeof (Elf_External_Sym_Shndx); | ||
75 | + symtab_shndx_hdr->sh_size = amt; | ||
76 | |||
77 | - if (bfd_seek (abfd, symtab_shndx_hdr->sh_offset, SEEK_SET) != 0 | ||
78 | - || (bfd_bwrite (flinfo.symshndxbuf, amt, abfd) != amt)) | ||
79 | - return FALSE; | ||
80 | + off = _bfd_elf_assign_file_position_for_section (symtab_shndx_hdr, | ||
81 | + off, TRUE); | ||
82 | + | ||
83 | + if (bfd_seek (abfd, symtab_shndx_hdr->sh_offset, SEEK_SET) != 0 | ||
84 | + || (bfd_bwrite (flinfo.symshndxbuf, amt, abfd) != amt)) | ||
85 | + return FALSE; | ||
86 | + } | ||
87 | } | ||
88 | |||
89 | symstrtab_hdr = &elf_tdata (abfd)->strtab_hdr; | ||
90 | Index: git/bfd/ChangeLog | ||
91 | =================================================================== | ||
92 | --- git.orig/bfd/ChangeLog | ||
93 | +++ git/bfd/ChangeLog | ||
94 | @@ -1,3 +1,11 @@ | ||
95 | +2017-04-04 Nick Clifton <nickc@redhat.com> | ||
96 | + | ||
97 | + PR binutils/21342 | ||
98 | + * elflink.c (_bfd_elf_define_linkage_sym): Prevent null pointer | ||
99 | + dereference. | ||
100 | + (bfd_elf_final_link): Only initialize the extended symbol index | ||
101 | + section if there are extended symbol tables to list. | ||
102 | + | ||
103 | 2016-08-02 Nick Clifton <nickc@redhat.com> | ||
104 | |||
105 | PR ld/17739 | ||