diff options
author | Armin Kuster <akuster@mvista.com> | 2018-08-06 13:15:23 -0700 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-08-15 10:22:44 +0100 |
commit | 1ce31b2a81445995c6d170e42174aa829b82f4c5 (patch) | |
tree | 88cf45e2622582033346dd871a0c8422b4202a3c /meta | |
parent | 407c64a876f8ad5ee6e0ebd8dcc8a81368e6e9c0 (diff) | |
download | poky-1ce31b2a81445995c6d170e42174aa829b82f4c5.tar.gz |
binutils: Security fix CVE-2017-12967
affects: <= 2.29.1
[v2]
Fix patch header typo
Rename 2017-12967 to 2017-17124
(From OE-Core rev: 732f051ff9b0103774d670d8c4971315cbb83a68)
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.29.1.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch | 47 |
2 files changed, 48 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.29.1.inc b/meta/recipes-devtools/binutils/binutils-2.29.1.inc index b29b75a5d6..692828575e 100644 --- a/meta/recipes-devtools/binutils/binutils-2.29.1.inc +++ b/meta/recipes-devtools/binutils/binutils-2.29.1.inc | |||
@@ -35,6 +35,7 @@ SRC_URI = "\ | |||
35 | file://0013-fix-the-incorrect-assembling-for-ppc-wait-mnemonic.patch \ | 35 | file://0013-fix-the-incorrect-assembling-for-ppc-wait-mnemonic.patch \ |
36 | file://0014-Detect-64-bit-MIPS-targets.patch \ | 36 | file://0014-Detect-64-bit-MIPS-targets.patch \ |
37 | file://0015-sync-with-OE-libtool-changes.patch \ | 37 | file://0015-sync-with-OE-libtool-changes.patch \ |
38 | file://CVE-2017-17124.patch \ | ||
38 | " | 39 | " |
39 | S = "${WORKDIR}/git" | 40 | S = "${WORKDIR}/git" |
40 | 41 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch new file mode 100644 index 0000000000..16f0768d95 --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-17124.patch | |||
@@ -0,0 +1,47 @@ | |||
1 | From b0029dce6867de1a2828293177b0e030d2f0f03c Mon Sep 17 00:00:00 2001 | ||
2 | From: Nick Clifton <nickc@redhat.com> | ||
3 | Date: Tue, 28 Nov 2017 18:00:29 +0000 | ||
4 | Subject: [PATCH] Prevent a memory exhaustion problem when trying to read in | ||
5 | strings from a COFF binary with a corrupt string table size. | ||
6 | |||
7 | PR 22507 | ||
8 | * coffgen.c (_bfd_coff_read_string_table): Check for an excessive | ||
9 | size of the external string table. | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | Affects binutls <= 2.29.1 | ||
13 | CVE: CVE-2017-17124 | ||
14 | Signed-off-by: Armin Kuster <akuster@mvista.com> | ||
15 | |||
16 | --- | ||
17 | bfd/ChangeLog | 6 ++++++ | ||
18 | bfd/coffgen.c | 4 ++-- | ||
19 | 2 files changed, 8 insertions(+), 2 deletions(-) | ||
20 | |||
21 | Index: git/bfd/coffgen.c | ||
22 | =================================================================== | ||
23 | --- git.orig/bfd/coffgen.c | ||
24 | +++ git/bfd/coffgen.c | ||
25 | @@ -1709,7 +1709,7 @@ _bfd_coff_read_string_table (bfd *abfd) | ||
26 | #endif | ||
27 | } | ||
28 | |||
29 | - if (strsize < STRING_SIZE_SIZE) | ||
30 | + if (strsize < STRING_SIZE_SIZE || strsize > bfd_get_file_size (abfd)) | ||
31 | { | ||
32 | _bfd_error_handler | ||
33 | /* xgettext: c-format */ | ||
34 | Index: git/bfd/ChangeLog | ||
35 | =================================================================== | ||
36 | --- git.orig/bfd/ChangeLog | ||
37 | +++ git/bfd/ChangeLog | ||
38 | @@ -1,3 +1,9 @@ | ||
39 | +2017-11-28 Nick Clifton <nickc@redhat.com> | ||
40 | + | ||
41 | + PR 22507 | ||
42 | + * coffgen.c (_bfd_coff_read_string_table): Check for an excessive | ||
43 | + size of the external string table. | ||
44 | + | ||
45 | 2018-03-28 Eric Botcazou <ebotcazou@adacore.com> | ||
46 | |||
47 | PR ld/22972 | ||