summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/gcc
diff options
context:
space:
mode:
authorArmin Kuster <akuster808@gmail.com>2019-08-31 14:15:49 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2019-09-03 09:55:50 +0100
commitb8ce258f15d793a29dd19d81a662e2ecefd8d202 (patch)
tree33b3477943674ef793cc5affa1df8e46630ace29 /meta/recipes-devtools/gcc
parent6b3e91fe1a854c84d698e00f306f3ed8de56b1da (diff)
downloadpoky-b8ce258f15d793a29dd19d81a662e2ecefd8d202.tar.gz
gcc-9.2: Security fix for CVE-2019-14250
Affects: <= 9.2 (From OE-Core rev: af761de211ecdcb358c6412f9e7e3398b7525cf2) Signed-off-by: Armin Kuster <Akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools/gcc')
-rw-r--r--meta/recipes-devtools/gcc/gcc-9.2.inc1
-rw-r--r--meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch44
2 files changed, 45 insertions, 0 deletions
diff --git a/meta/recipes-devtools/gcc/gcc-9.2.inc b/meta/recipes-devtools/gcc/gcc-9.2.inc
index 1c3e200dab..01d3bf0f32 100644
--- a/meta/recipes-devtools/gcc/gcc-9.2.inc
+++ b/meta/recipes-devtools/gcc/gcc-9.2.inc
@@ -64,6 +64,7 @@ SRC_URI = "\
64 file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \ 64 file://0034-fix-segmentation-fault-in-precompiled-header-generat.patch \
65 file://0035-Fix-for-testsuite-failure.patch \ 65 file://0035-Fix-for-testsuite-failure.patch \
66 file://0036-Re-introduce-spe-commandline-options.patch \ 66 file://0036-Re-introduce-spe-commandline-options.patch \
67 file://CVE-2019-14250.patch \
67" 68"
68S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}" 69S = "${TMPDIR}/work-shared/gcc-${PV}-${PR}/gcc-${PV}"
69SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78" 70SRC_URI[md5sum] = "3818ad8600447f05349098232c2ddc78"
diff --git a/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch
new file mode 100644
index 0000000000..65ea34558a
--- /dev/null
+++ b/meta/recipes-devtools/gcc/gcc-9.2/CVE-2019-14250.patch
@@ -0,0 +1,44 @@
1From 517b211a3d78366ca8d5929f580e8ca72fd2c004 Mon Sep 17 00:00:00 2001
2From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4>
3Date: Thu, 25 Jul 2019 10:46:54 +0000
4Subject: [PATCH] 2019-07-25 Richard Biener <rguenther@suse.de>
5
6 PR lto/90924
7 Backport from mainline
8 2019-07-12 Ren Kimura <rkx1209dev@gmail.com>
9
10 * simple-object-elf.c (simple_object_elf_match): Check zero value
11 shstrndx.
12
13
14git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-9-branch@273793 138bc75d-0d04-0410-961f-82ee72b054a4
15
16Upstream-Status: Backport
17Affectes: < 9.2
18CVE: CVE-2019-14250
19Dropped changelog
20Signed-off-by: Armin Kuster <Akustre@mvista.com>
21
22---
23 libiberty/simple-object-elf.c | 8 ++++++++
24 2 files changed, 17 insertions(+)
25
26Index: gcc-9.2.0/libiberty/simple-object-elf.c
27===================================================================
28--- gcc-9.2.0.orig/libiberty/simple-object-elf.c
29+++ gcc-9.2.0/libiberty/simple-object-elf.c
30@@ -557,6 +557,14 @@ simple_object_elf_match (unsigned char h
31 return NULL;
32 }
33
34+ if (eor->shstrndx == 0)
35+ {
36+ *errmsg = "invalid ELF shstrndx == 0";
37+ *err = 0;
38+ XDELETE (eor);
39+ return NULL;
40+ }
41+
42 return (void *) eor;
43 }
44