diff options
| author | Ross Burton <ross.burton@arm.com> | 2023-06-05 17:24:13 +0100 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2023-06-06 07:41:42 +0100 |
| commit | 5131819228bb9968a64b52afb6461681d1090b5c (patch) | |
| tree | b1d94b78885b16ef7072cab63158b6c86fb0202d /meta/recipes-devtools/binutils | |
| parent | 83d458d9583c80c810526570220abb1f071df0b4 (diff) | |
| download | poky-5131819228bb9968a64b52afb6461681d1090b5c.tar.gz | |
binutils: fix CVE-2023-1972
Backport a patch from upstream to fix CVE-2023-1972.
(From OE-Core rev: 10d63933e3a30bfac2f6cec896460c22e04baadd)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/binutils')
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.40.inc | 1 | ||||
| -rw-r--r-- | meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch | 43 |
2 files changed, 44 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.40.inc b/meta/recipes-devtools/binutils/binutils-2.40.inc index 84dbf5f730..dea68ee6fc 100644 --- a/meta/recipes-devtools/binutils/binutils-2.40.inc +++ b/meta/recipes-devtools/binutils/binutils-2.40.inc | |||
| @@ -35,5 +35,6 @@ SRC_URI = "\ | |||
| 35 | file://0015-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ | 35 | file://0015-Remove-duplicate-pe-dll.o-entry-deom-targ_extra_ofil.patch \ |
| 36 | file://0016-CVE-2023-25586.patch \ | 36 | file://0016-CVE-2023-25586.patch \ |
| 37 | file://fix-time64.patch \ | 37 | file://fix-time64.patch \ |
| 38 | file://0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch \ | ||
| 38 | " | 39 | " |
| 39 | S = "${WORKDIR}/git" | 40 | S = "${WORKDIR}/git" |
diff --git a/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch b/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch new file mode 100644 index 0000000000..31157cacd2 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/0001-Fix-an-illegal-memory-access-when-an-accessing-a-zer.patch | |||
| @@ -0,0 +1,43 @@ | |||
| 1 | From c22d38baefc5a7a1e1f5cdc9dbb556b1f0ec5c57 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Nick Clifton <nickc@redhat.com> | ||
| 3 | Date: Thu, 30 Mar 2023 10:10:09 +0100 | ||
| 4 | Subject: [PATCH] Fix an illegal memory access when an accessing a | ||
| 5 | zer0-lengthverdef table. | ||
| 6 | |||
| 7 | PR 30285 | ||
| 8 | * elf.c (_bfd_elf_slurp_version_tables): Fail if no version definitions are allocated. | ||
| 9 | |||
| 10 | CVE: CVE-2023-1972 | ||
| 11 | Upstream-Status: Backport | ||
| 12 | Signed-off-by: Ross Burton <ross.burton@arm.com> | ||
| 13 | --- | ||
| 14 | bfd/ChangeLog | 6 ++++++ | ||
| 15 | bfd/elf.c | 5 +++++ | ||
| 16 | 2 files changed, 11 insertions(+) | ||
| 17 | |||
| 18 | diff --git a/bfd/elf.c b/bfd/elf.c | ||
| 19 | index 027d0143735..185028cbd97 100644 | ||
| 20 | --- a/bfd/elf.c | ||
| 21 | +++ b/bfd/elf.c | ||
| 22 | @@ -9030,6 +9030,9 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver) | ||
| 23 | bfd_set_error (bfd_error_file_too_big); | ||
| 24 | goto error_return_verdef; | ||
| 25 | } | ||
| 26 | + | ||
| 27 | + if (amt == 0) | ||
| 28 | + goto error_return_verdef; | ||
| 29 | elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); | ||
| 30 | if (elf_tdata (abfd)->verdef == NULL) | ||
| 31 | goto error_return_verdef; | ||
| 32 | @@ -9133,6 +9136,8 @@ _bfd_elf_slurp_version_tables (bfd *abfd, bool default_imported_symver) | ||
| 33 | bfd_set_error (bfd_error_file_too_big); | ||
| 34 | goto error_return; | ||
| 35 | } | ||
| 36 | + if (amt == 0) | ||
| 37 | + goto error_return; | ||
| 38 | elf_tdata (abfd)->verdef = (Elf_Internal_Verdef *) bfd_zalloc (abfd, amt); | ||
| 39 | if (elf_tdata (abfd)->verdef == NULL) | ||
| 40 | goto error_return; | ||
| 41 | -- | ||
| 42 | 2.34.1 | ||
| 43 | |||