summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools
diff options
context:
space:
mode:
authorLi xin <lixin.fnst@cn.fujitsu.com>2015-01-22 14:41:20 +0800
committerRichard Purdie <richard.purdie@linuxfoundation.org>2015-02-11 17:40:10 +0000
commit17b4994c5f8e68abf476a0d295c3d250c11b4599 (patch)
treebccf7a8394ec58c906d0be06a9425fcd68c93a2b /meta/recipes-devtools
parentd97f1c2697e92f6ae5910edd82b7379423eb250f (diff)
downloadpoky-17b4994c5f8e68abf476a0d295c3d250c11b4599.tar.gz
elfutils_0.148.bb: CVE-2014-9447 fix
Reference: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9447 (From OE-Core rev: c992868a989926eac6c4b78a6bb9729bce54f2ed) (From OE-Core rev: 1f0f66620ab6969620a1858ed2f57b6262a81ef9) Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta/recipes-devtools')
-rw-r--r--meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch36
-rw-r--r--meta/recipes-devtools/elfutils/elfutils_0.148.bb23
2 files changed, 48 insertions, 11 deletions
diff --git a/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch b/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch
new file mode 100644
index 0000000000..84e8ddcca7
--- /dev/null
+++ b/meta/recipes-devtools/elfutils/elfutils-0.148/elf_begin.c-CVE-2014-9447-fix.patch
@@ -0,0 +1,36 @@
1From 323ca04a0c9189544075c19b49da67f6443a8950 Mon Sep 17 00:00:00 2001
2From: Li xin <lixin.fnst@cn.fujitsu.com>
3Date: Wed, 21 Jan 2015 09:33:38 +0900
4Subject: [PATCH] elf_begin.c: CVE-2014-9447 fix
5
6this patch is from:
7 https://git.fedorahosted.org/cgit/elfutils.git/commit/?id=147018e729e7c22eeabf15b82d26e4bf68a0d18e
8
9Upstream-Status: Backport
10
11Signed-off-by: Li Xin <lixin.fnst@cn.fujitsu.com>
12---
13 libelf/elf_begin.c | 7 ++-----
14 1 file changed, 2 insertions(+), 5 deletions(-)
15
16diff --git a/libelf/elf_begin.c b/libelf/elf_begin.c
17index e46add3..e83ba35 100644
18--- a/libelf/elf_begin.c
19+++ b/libelf/elf_begin.c
20@@ -736,11 +736,8 @@ read_long_names (Elf *elf)
21 break;
22
23 /* NUL-terminate the string. */
24- *runp = '\0';
25-
26- /* Skip the NUL byte and the \012. */
27- runp += 2;
28-
29+ *runp++ = '\0';
30+
31 /* A sanity check. Somebody might have generated invalid
32 archive. */
33 if (runp >= newp + len)
34--
351.8.4.2
36
diff --git a/meta/recipes-devtools/elfutils/elfutils_0.148.bb b/meta/recipes-devtools/elfutils/elfutils_0.148.bb
index ab956390b3..5e75f129a4 100644
--- a/meta/recipes-devtools/elfutils/elfutils_0.148.bb
+++ b/meta/recipes-devtools/elfutils/elfutils_0.148.bb
@@ -8,7 +8,7 @@ DEPENDS = "libtool bzip2 zlib virtual/libintl"
8 8
9PR = "r11" 9PR = "r11"
10 10
11SRC_URI = "https://fedorahosted.org/releases/e/l/elfutils/elfutils-${PV}.tar.bz2" 11SRC_URI = "https://fedorahosted.org/releases/e/l/${PN}/${BP}.tar.bz2"
12 12
13SRC_URI[md5sum] = "a0bed1130135f17ad27533b0034dba8d" 13SRC_URI[md5sum] = "a0bed1130135f17ad27533b0034dba8d"
14SRC_URI[sha256sum] = "8aebfa4a745db21cf5429c9541fe482729b62efc7e53e9110151b4169fe887da" 14SRC_URI[sha256sum] = "8aebfa4a745db21cf5429c9541fe482729b62efc7e53e9110151b4169fe887da"
@@ -25,14 +25,15 @@ SRC_URI += "\
25 file://m68k_backend.diff \ 25 file://m68k_backend.diff \
26 file://testsuite-ignore-elflint.diff \ 26 file://testsuite-ignore-elflint.diff \
27 file://elf_additions.diff \ 27 file://elf_additions.diff \
28 file://elfutils-fsize.patch \ 28 file://elfutils-fsize.patch \
29 file://remove-unused.patch \ 29 file://remove-unused.patch \
30 file://mempcpy.patch \ 30 file://mempcpy.patch \
31 file://fix_for_gcc-4.7.patch \ 31 file://fix_for_gcc-4.7.patch \
32 file://dso-link-change.patch \ 32 file://dso-link-change.patch \
33 file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \ 33 file://nm-Fix-size-passed-to-snprintf-for-invalid-sh_name-case.patch \
34 file://elfutils-ar-c-fix-num-passed-to-memset.patch \ 34 file://elfutils-ar-c-fix-num-passed-to-memset.patch \
35 file://Fix_elf_cvt_gunhash.patch \ 35 file://Fix_elf_cvt_gunhash.patch \
36 file://elf_begin.c-CVE-2014-9447-fix.patch \
36" 37"
37# Only apply when building uclibc based target recipe 38# Only apply when building uclibc based target recipe
38SRC_URI_append_libc-uclibc = " file://uclibc-support.patch" 39SRC_URI_append_libc-uclibc = " file://uclibc-support.patch"
@@ -52,9 +53,9 @@ EXTRA_OECONF_append_class-native = " --without-bzlib"
52EXTRA_OECONF_append_libc-uclibc = " --enable-uclibc" 53EXTRA_OECONF_append_libc-uclibc = " --enable-uclibc"
53 54
54do_configure_prepend() { 55do_configure_prepend() {
55 sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am 56 sed -i '/^i386_dis.h:/,+4 {/.*/d}' ${S}/libcpu/Makefile.am
56 57
57 cp ${WORKDIR}/*dis.h ${S}/libcpu 58 cp ${WORKDIR}/*dis.h ${S}/libcpu
58} 59}
59 60
60# we can not build complete elfutils when using uclibc 61# we can not build complete elfutils when using uclibc