diff options
Diffstat (limited to 'meta/recipes-core/glibc/glibc')
-rw-r--r-- | meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch b/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch new file mode 100644 index 0000000000..f9b9fa50d9 --- /dev/null +++ b/meta/recipes-core/glibc/glibc/CVE-2016-6323.patch | |||
@@ -0,0 +1,39 @@ | |||
1 | glibc-2.24: Fix CVE-2016-6323 | ||
2 | |||
3 | [No upstream tracking] -- https://sourceware.org/bugzilla/show_bug.cgi?id=20435 | ||
4 | |||
5 | arm: mark __startcontext as .cantunwind, GNU | ||
6 | |||
7 | Glibc bug where the makecontext function would create | ||
8 | an execution context which is incompatible with the unwinder, | ||
9 | causing it to hang when the generation of a backtrace is attempted. | ||
10 | |||
11 | Upstream-Status: Backport [https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=9e2ff6c9cc54c0b4402b8d49e4abe7000fde7617] | ||
12 | CVE: CVE-2016-6323 | ||
13 | Signed-off-by: Andrej Valek <andrej.valek@siemens.com> | ||
14 | Signed-off-by: Pascal Bach <pascal.bach@siemens.com> | ||
15 | |||
16 | diff --git a/sysdeps/unix/sysv/linux/arm/setcontext.S b/sysdeps/unix/sysv/linux/arm/setcontext.S | ||
17 | index 603e508..d1f168f 100644 | ||
18 | --- a/sysdeps/unix/sysv/linux/arm/setcontext.S | ||
19 | +++ b/sysdeps/unix/sysv/linux/arm/setcontext.S | ||
20 | @@ -86,12 +86,19 @@ weak_alias(__setcontext, setcontext) | ||
21 | |||
22 | /* Called when a makecontext() context returns. Start the | ||
23 | context in R4 or fall through to exit(). */ | ||
24 | + /* Unwind descriptors are looked up based on PC - 2, so we have to | ||
25 | + make sure to mark the instruction preceding the __startcontext | ||
26 | + label as .cantunwind. */ | ||
27 | + .fnstart | ||
28 | + .cantunwind | ||
29 | + nop | ||
30 | ENTRY(__startcontext) | ||
31 | movs r0, r4 | ||
32 | bne PLTJMP(__setcontext) | ||
33 | |||
34 | @ New context was 0 - exit | ||
35 | b PLTJMP(HIDDEN_JUMPTARGET(exit)) | ||
36 | + .fnend | ||
37 | END(__startcontext) | ||
38 | |||
39 | #ifdef PIC | ||