summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
diff options
context:
space:
mode:
authorArmin Kuster <akuster@mvista.com>2018-08-06 13:56:36 -0700
committerRichard Purdie <richard.purdie@linuxfoundation.org>2018-08-15 10:22:44 +0100
commit4ad8bd4a60da3a09f7bd68855b2fa56ed07713be (patch)
tree38f489ba3ecb834cbe03f6104fa304b5ef9dced9 /meta/recipes-devtools
parent701eecc7d3f021da4ba191c26f8840619a9c11ae (diff)
downloadpoky-4ad8bd4a60da3a09f7bd68855b2fa56ed07713be.tar.gz
binutls: Security fix CVE-2017-14932
(From OE-Core rev: 56d6acf145cc7550377588ca3c654d6f86143dfe) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r--meta/recipes-devtools/binutils/binutils-2.29.1.inc1
-rw-r--r--meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch46
2 files changed, 47 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
index 9e02325662..76c5c439cb 100644
--- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc
+++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc
@@ -37,6 +37,7 @@ SRC_URI = "\
37 file://0015-sync-with-OE-libtool-changes.patch \ 37 file://0015-sync-with-OE-libtool-changes.patch \
38 file://CVE-2017-17124.patch \ 38 file://CVE-2017-17124.patch \
39 file://CVE-2017-14930.patch \ 39 file://CVE-2017-14930.patch \
40 file://CVE-2017-14932.patch \
40" 41"
41S = "${WORKDIR}/git" 42S = "${WORKDIR}/git"
42 43
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch
new file mode 100644
index 0000000000..a436031dc2
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-14932.patch
@@ -0,0 +1,46 @@
1From e338894dc2e603683bed2172e8e9f25b29051005 Mon Sep 17 00:00:00 2001
2From: Alan Modra <amodra@gmail.com>
3Date: Tue, 26 Sep 2017 09:32:18 +0930
4Subject: [PATCH] PR22204, Lack of DW_LNE_end_sequence causes "infinite" loop
5
6 PR 22204
7 * dwarf2.c (decode_line_info): Ensure line_ptr stays within
8 bounds in inner loop.
9
10Upstream-Status: Backport
11Affects: <= 2.29.1
12CVE: CVE-2017-14932
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15---
16 bfd/ChangeLog | 6 ++++++
17 bfd/dwarf2.c | 2 +-
18 2 files changed, 7 insertions(+), 1 deletion(-)
19
20Index: git/bfd/dwarf2.c
21===================================================================
22--- git.orig/bfd/dwarf2.c
23+++ git/bfd/dwarf2.c
24@@ -2269,7 +2269,7 @@ decode_line_info (struct comp_unit *unit
25 bfd_vma high_pc = 0;
26
27 /* Decode the table. */
28- while (! end_sequence)
29+ while (!end_sequence && line_ptr < line_end)
30 {
31 op_code = read_1_byte (abfd, line_ptr, line_end);
32 line_ptr += 1;
33Index: git/bfd/ChangeLog
34===================================================================
35--- git.orig/bfd/ChangeLog
36+++ git/bfd/ChangeLog
37@@ -1,3 +1,9 @@
38+2017-09-26 Alan Modra <amodra@gmail.com>
39+
40+ PR 22204
41+ * dwarf2.c (decode_line_info): Ensure line_ptr stays within
42+ bounds in inner loop.
43+
44 2017-09-24 Alan Modra <amodra@gmail.com>
45
46 PR 22191