diff options
| author | Hongxu Jia <hongxu.jia@windriver.com> | 2014-11-14 17:29:03 +0800 |
|---|---|---|
| committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2014-11-25 13:03:28 +0000 |
| commit | 2e13f27e38a7e366e8ce12bd22aa072a7bf89068 (patch) | |
| tree | 2bc963b4bf5cd06b47e9475fb1ecf21306abc929 /meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch | |
| parent | fa234ef4e0855bfcd0411c6039d941c59d421b36 (diff) | |
| download | poky-2e13f27e38a7e366e8ce12bd22aa072a7bf89068.tar.gz | |
elfutils: upgrade to 0.160
- Upgrade elfutils to 0.160
- Move 0.148 patches from elfutils to elfutils-0.148
- Drop 0.158 patches that got from debain, so far debian
doesn't provide patches for 0.160 (the latest is 0.159)
- Move fixheadercheck.patch from 0.159 to 0.160
- We choose to use 0.159 patches from debian for the current 0.160
which located in elfutils-0.160
1) Rebase the following patches from 0.159 to 0.160
hppa_backend.diff
arm_backend.diff
mips_backend.diff
m68k_backend.diff
arm_func_value.patch
arm_unwind_ret_mask.patch
2) Rebase redhat-portability.diff according to
commit 52a6d20519870103134166d91e22d21fd736195d
Author: Roxana Ciobanu <roxana.ciobanu@intel.com>
Date: Tue Jul 1 17:17:00 2014 +0300
elfutils/elfutils-native: Fix patching generated files
3) Drop the following patches which have already beem merged to 0.160
arm_unsupported.patch
arm_syscall.patch
unaligned.patch
aarch64-run-native-test-fix.patch
(From OE-Core rev: 74b191022494fc1d357c1f05dbce38c986bed365)
Signed-off-by: Hongxu Jia <hongxu.jia@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch')
| -rw-r--r-- | meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch | 35 |
1 files changed, 0 insertions, 35 deletions
diff --git a/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch b/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch deleted file mode 100644 index 6c44314589..0000000000 --- a/meta/recipes-devtools/elfutils/elfutils-0.158/CVE-2014-0172.patch +++ /dev/null | |||
| @@ -1,35 +0,0 @@ | |||
| 1 | From 7f1eec317db79627b473c5b149a22a1b20d1f68f Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Mark Wielaard <mjw@redhat.com> | ||
| 3 | Date: Wed, 9 Apr 2014 11:33:23 +0200 | ||
| 4 | Subject: [PATCH] CVE-2014-0172 Check for overflow before calling malloc to | ||
| 5 | uncompress data. | ||
| 6 | |||
| 7 | https://bugzilla.redhat.com/show_bug.cgi?id=1085663 | ||
| 8 | |||
| 9 | Reported-by: Florian Weimer <fweimer@redhat.com> | ||
| 10 | Signed-off-by: Mark Wielaard <mjw@redhat.com> | ||
| 11 | |||
| 12 | Index: elfutils-0.158/libdw/dwarf_begin_elf.c | ||
| 13 | =================================================================== | ||
| 14 | --- elfutils-0.158.orig/libdw/dwarf_begin_elf.c 2014-05-01 17:10:01.928213292 +0000 | ||
| 15 | +++ elfutils-0.158/libdw/dwarf_begin_elf.c 2014-05-01 17:10:01.924213375 +0000 | ||
| 16 | @@ -1,5 +1,5 @@ | ||
| 17 | /* Create descriptor from ELF descriptor for processing file. | ||
| 18 | - Copyright (C) 2002-2011 Red Hat, Inc. | ||
| 19 | + Copyright (C) 2002-2011, 2014 Red Hat, Inc. | ||
| 20 | This file is part of elfutils. | ||
| 21 | Written by Ulrich Drepper <drepper@redhat.com>, 2002. | ||
| 22 | |||
| 23 | @@ -289,6 +289,12 @@ | ||
| 24 | memcpy (&size, data->d_buf + 4, sizeof size); | ||
| 25 | size = be64toh (size); | ||
| 26 | |||
| 27 | + /* Check for unsigned overflow so malloc always allocated | ||
| 28 | + enough memory for both the Elf_Data header and the | ||
| 29 | + uncompressed section data. */ | ||
| 30 | + if (unlikely (sizeof (Elf_Data) + size < size)) | ||
| 31 | + break; | ||
| 32 | + | ||
| 33 | Elf_Data *zdata = malloc (sizeof (Elf_Data) + size); | ||
| 34 | if (unlikely (zdata == NULL)) | ||
| 35 | break; | ||