diff options
Diffstat (limited to 'meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch')
-rw-r--r-- | meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch | 72 |
1 files changed, 72 insertions, 0 deletions
diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch b/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch new file mode 100644 index 0000000000..42793e133b --- /dev/null +++ b/meta/recipes-devtools/binutils/binutils/CVE-2017-8395.patch | |||
@@ -0,0 +1,72 @@ | |||
1 | commit e63d123268f23a4cbc45ee55fb6dbc7d84729da3 | ||
2 | Author: Nick Clifton <nickc@redhat.com> | ||
3 | Date: Wed Apr 26 13:07:49 2017 +0100 | ||
4 | |||
5 | Fix seg-fault attempting to compress a debug section in a corrupt binary. | ||
6 | |||
7 | PR binutils/21431 | ||
8 | * compress.c (bfd_init_section_compress_status): Check the return | ||
9 | value from bfd_malloc. | ||
10 | |||
11 | Upstream-Status: Backport | ||
12 | |||
13 | CVE: CVE-2017-8395 | ||
14 | Signed-off-by: Thiruvadi Rajaraman <trajaraman@mvista.com> | ||
15 | |||
16 | Index: git/bfd/compress.c | ||
17 | =================================================================== | ||
18 | --- git.orig/bfd/compress.c 2017-09-04 17:55:00.546577566 +0530 | ||
19 | +++ git/bfd/compress.c 2017-09-04 17:55:10.770664577 +0530 | ||
20 | @@ -534,7 +534,6 @@ | ||
21 | { | ||
22 | bfd_size_type uncompressed_size; | ||
23 | bfd_byte *uncompressed_buffer; | ||
24 | - bfd_boolean ret; | ||
25 | |||
26 | /* Error if not opened for read. */ | ||
27 | if (abfd->direction != read_direction | ||
28 | @@ -550,18 +549,18 @@ | ||
29 | /* Read in the full section contents and compress it. */ | ||
30 | uncompressed_size = sec->size; | ||
31 | uncompressed_buffer = (bfd_byte *) bfd_malloc (uncompressed_size); | ||
32 | + /* PR 21431 */ | ||
33 | + if (uncompressed_buffer == NULL) | ||
34 | + return FALSE; | ||
35 | + | ||
36 | if (!bfd_get_section_contents (abfd, sec, uncompressed_buffer, | ||
37 | 0, uncompressed_size)) | ||
38 | - ret = FALSE; | ||
39 | - else | ||
40 | - { | ||
41 | - uncompressed_size = bfd_compress_section_contents (abfd, sec, | ||
42 | - uncompressed_buffer, | ||
43 | - uncompressed_size); | ||
44 | - ret = uncompressed_size != 0; | ||
45 | - } | ||
46 | + return FALSE; | ||
47 | |||
48 | - return ret; | ||
49 | + uncompressed_size = bfd_compress_section_contents (abfd, sec, | ||
50 | + uncompressed_buffer, | ||
51 | + uncompressed_size); | ||
52 | + return uncompressed_size != 0; | ||
53 | } | ||
54 | |||
55 | /* | ||
56 | Index: git/bfd/ChangeLog | ||
57 | =================================================================== | ||
58 | --- git.orig/bfd/ChangeLog 2017-09-04 17:55:10.714664101 +0530 | ||
59 | +++ git/bfd/ChangeLog 2017-09-04 17:56:40.991431847 +0530 | ||
60 | @@ -73,6 +73,12 @@ | ||
61 | (evax_bfd_print_egsd): Check for an overlarge record length. | ||
62 | (evax_bfd_print_etir): Likewise. | ||
63 | |||
64 | +2017-04-26 Nick Clifton <nickc@redhat.com> | ||
65 | + | ||
66 | + PR binutils/21431 | ||
67 | + * compress.c (bfd_init_section_compress_status): Check the return | ||
68 | + value from bfd_malloc. | ||
69 | + | ||
70 | 2017-04-25 Maciej W. Rozycki <macro@imgtec.com> | ||
71 | |||
72 | * readelf.c (process_mips_specific): Remove error reporting from | ||