diff options
author | Thiruvadi Rajaraman <trajaraman@mvista.com> | 2017-09-21 19:17:24 +0530 |
---|---|---|
committer | Richard Purdie <richard.purdie@linuxfoundation.org> | 2018-01-07 17:10:08 +0000 |
commit | bf0d750159d671626ca0b2d605c951010a54e6c7 (patch) | |
tree | fc7106c1ddfe34b658a949a3a926b97fcf7fc872 /meta | |
parent | 30c6b863474ddf7381f4559bf6221a3931026bbb (diff) | |
download | poky-bf0d750159d671626ca0b2d605c951010a54e6c7.tar.gz |
binutils: CVE-2017-9747
Source: binutils-gdb.git
MR: 74036
Type: Security Fix
Disposition: Backport from binutils-2_29
ChangeID: b25bffca0b51e9c13ba752534b64bd28a147a135
Description:
Fix address violation parsing a corrupt ieee binary.
PR binutils/21581
(ieee_archive_p): Use a static buffer to avoid compiler bugs.
Affects: <= 2.28
Author: Nick Clifton <nickc@redhat.com>
(From OE-Core rev: c12bb8d25b9af2df8cbff0a457c2d049efdf49d9)
Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com>
Reviewed-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Diffstat (limited to 'meta')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils-2.27.inc | 1 | ||||
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-9747.patch | 40 |
2 files changed, 41 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils-2.27.inc b/meta/recipes-devtools/binutils/binutils-2.27.inc index cb745b13ba..24d4d5999e 100644 --- a/meta/recipes-devtools/binutils/binutils-2.27.inc +++ b/meta/recipes-devtools/binutils/binutils-2.27.inc | |||
@@ -82,6 +82,7 @@ SRC_URI = "\ | |||
82 | file://CVE-2017-9749.patch \ | 82 | file://CVE-2017-9749.patch \ |
83 | file://CVE-2017-9746.patch \ | 83 | file://CVE-2017-9746.patch \ |
84 | file://CVE-2017-9748.patch \ | 84 | file://CVE-2017-9748.patch \ |
85 | file://CVE-2017-9747.patch \ | ||
85 | " | 86 | " |
86 | S = "${WORKDIR}/git" | 87 | S = "${WORKDIR}/git" |
87 | 88 | ||
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-9747.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-9747.patch new file mode 100644 index 0000000000..ee663b816e --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-9747.patch | |||
@@ -0,0 +1,40 @@ | |||
1 | commit 62b76e4b6e0b4cb5b3e0053d1de4097b32577049 | ||
2 | Author: Nick Clifton <nickc@redhat.com> | ||
3 | Date: Thu Jun 15 13:08:47 2017 +0100 | ||
4 | |||
5 | Fix address violation parsing a corrupt ieee binary. | ||
6 | |||
7 | PR binutils/21581 | ||
8 | (ieee_archive_p): Use a static buffer to avoid compiler bugs. | ||
9 | |||
10 | Upstream-Status: Backport | ||
11 | |||
12 | CVE: CVE-2017-9747 | ||
13 | Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> | ||
14 | |||
15 | Index: git/bfd/ieee.c | ||
16 | =================================================================== | ||
17 | --- git.orig/bfd/ieee.c 2017-09-21 14:37:12.152903139 +0530 | ||
18 | +++ git/bfd/ieee.c 2017-09-21 14:37:12.208903477 +0530 | ||
19 | @@ -1353,7 +1353,7 @@ | ||
20 | { | ||
21 | char *library; | ||
22 | unsigned int i; | ||
23 | - unsigned char buffer[512]; | ||
24 | + static unsigned char buffer[512]; | ||
25 | file_ptr buffer_offset = 0; | ||
26 | ieee_ar_data_type *save = abfd->tdata.ieee_ar_data; | ||
27 | ieee_ar_data_type *ieee; | ||
28 | Index: git/bfd/ChangeLog | ||
29 | =================================================================== | ||
30 | --- git.orig/bfd/ChangeLog 2017-09-21 14:37:12.152903139 +0530 | ||
31 | +++ git/bfd/ChangeLog 2017-09-21 14:45:57.020150977 +0530 | ||
32 | @@ -78,6 +78,8 @@ | ||
33 | PR binutils/21582 | ||
34 | * ieee.c (ieee_object_p): Use a static buffer to avoid compiler | ||
35 | bugs. | ||
36 | + PR binutils/21581 | ||
37 | + (ieee_archive_p): Likewise. | ||
38 | |||
39 | 2017-04-29 Alan Modra <amodra@gmail.com> | ||
40 | |||