diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-08-23 14:06:58 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:10:07 +0000 |
commit | 7296c9fbd6cbf871f163cf3cb55d5ef2415e588d (patch) | |
tree | 1b00b40cdd338fb600d2e9a0d4e2b5bec7c08a3e /meta/recipes-devtools | |
parent | 34041f58fd277edf1f2bd2db7f90a238d48275fc (diff) | |
download | poky-7296c9fbd6cbf871f163cf3cb55d5ef2415e588d.tar.gz |
binutils: CVE-2017-7226
Source: git://sourceware.org/git/binutils-gdb.git
MR: 74283
Type: Security Fix
Disposition: Backport from binutils_v2_28
ChangeID: 82097a4b98d3d576e1b1bfb7ac9ae17fd153c909
Description:
Use strnlen to avoid running over the end of the string buffer.
Affects: <= 2.28
(From OE-Core rev: abc9e4eebafac084bee054954bd93288cd1d0a8c)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch | 42 |
2 files changed, 43 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index 3f8a5fe19c..3c29f660cd 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc | |||
@@ -52,6 +52,7 @@ SRC_URI = "\ | |||
52 | file://CVE-2017-9040_and_9042.patch \ | 52 | file://CVE-2017-9040_and_9042.patch \ |
53 | file://CVE-2017-9041_1.patch \ | 53 | file://CVE-2017-9041_1.patch \ |
54 | file://CVE-2017-9041_2.patch \ | 54 | file://CVE-2017-9041_2.patch \ |
55 | file://CVE-2017-7226.patch \ | ||
55 | " | 56 | " |
56 | S = "${WORKDIR}/git" | 57 | S = "${WORKDIR}/git" |
57 | 58 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch new file mode 100644 index 0000000000..7525f34324 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-7226.patch | |||
@@ -0,0 +1,42 @@ | |||
1 | Fix seg-fault in the binutils utilities when reading a corrupt input file. | ||
2 | |||
3 | PR binutils/20905 | ||
4 | * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over | ||
5 | the end of the string buffer. | ||
6 | |||
7 | Upstream-Status: Backport | ||
8 | |||
9 | CVE: CVE-2017-7226 | ||
10 | Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> | ||
11 | |||
12 | Index: git/bfd/ChangeLog | ||
13 | =================================================================== | ||
14 | --- git.orig/bfd/ChangeLog 2017-08-23 13:59:16.868424171 +0530 | ||
15 | +++ git/bfd/ChangeLog 2017-08-23 14:03:22.683013823 +0530 | ||
16 | @@ -39,6 +39,12 @@ | ||
17 | (bfd_elf_final_link): Only initialize the extended symbol index | ||
18 | section if there are extended symbol tables to list. | ||
19 | |||
20 | +2016-12-05 Nick Clifton <nickc@redhat.com> | ||
21 | + | ||
22 | + PR binutils/20905 | ||
23 | + * peicode.h (pe_ILF_object_p): Use strnlen to avoid running over | ||
24 | + the end of the string buffer. | ||
25 | + | ||
26 | 2016-08-02 Nick Clifton <nickc@redhat.com> | ||
27 | |||
28 | PR ld/17739 | ||
29 | Index: git/bfd/peicode.h | ||
30 | =================================================================== | ||
31 | --- git.orig/bfd/peicode.h 2017-08-23 13:59:06.948319100 +0530 | ||
32 | +++ git/bfd/peicode.h 2017-08-23 13:59:16.920424722 +0530 | ||
33 | @@ -1264,7 +1264,8 @@ | ||
34 | } | ||
35 | |||
36 | symbol_name = (char *) ptr; | ||
37 | - source_dll = symbol_name + strlen (symbol_name) + 1; | ||
38 | + /* See PR 20905 for an example of where the strnlen is necessary. */ | ||
39 | + source_dll = symbol_name + strnlen (symbol_name, size - 1) + 1; | ||
40 | |||
41 | /* Verify that the strings are null terminated. */ | ||
42 | if (ptr[size - 1] != 0 | ||